On Sun, 2011-02-20 at 22:50 -0300, Marcelo Jorge Vieira wrote: > Hi Jonathan, > > On Sat, 2011-02-19 at 22:14 +0000, Jonathan Wiltshire wrote: > > > > Please arrange to backport your fix and liase with the release team for > > permission to upload. I will happily assist you if the patch is > > straightforward and you need help or lack time. [...] > > with his security hat on: > > > I uploaded magpierss backport package to oldstable-proposed-updates, > only to fix the bug CVE-2011-0740
<with SRM hat on> The request in Jonathan's mail was that you liaise with us, not simply to upload. In this case the diff looks okay and I'll approve it for oldstable-proposed-updates later, but please bear in mind that this might not always be the case and the "liaise and get permission" step is there for a reason. > but can I use the magpierss package > from wheezy to backport it to squeeze? It's the same source with just > little changes. Those "little changes" include switching to the "3.0 (quilt)" source format, removing a package entirely and moving to a more minimal debian/rules file. Sorry, but none of those are appropriate for a stable update. If the diff for squeeze is the same as the diff for lenny then that should be okay, but a mail to -release would still be appreciated. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
