On Fri, 2009-05-15 at 15:02 -0400, Michael S. Gilbert wrote:
> On Fri, 15 May 2009 20:50:47 +0200, Nico Golde wrote:
> > Hi,
> > * Michael S. Gilbert <michael.s.gilb...@gmail.com> [2009-05-15 19:45]:
> > > On Tue, 12 May 2009 00:03:05 +0000, Debian Bug Tracking System wrote:
> > > > This is an automatic notification regarding your Bug report
> > > > which was filed against the gnutls26 package:
> > > >
> > > > #528281: gnutls26: CVE-2009-1417 certificate expiration vulnerability
> > >
> > > does it make sense to close this bug since etch/lenny are still
> > > vulnerable? from my perspective, it is better to keep the bug open so
> > > that it stays on the maintainer's radar.
> >
> > You are aware of the fact that our BTS knows about versions?
>
> yes, but closing the bug moves it down to the resolved section of the
> bug pages, which makes it much more likely to be mistakenly overlooked.
In the default BTS view, yes; but that default view reflects the current
state of the package in unstable. If bugs that need fixing in
{old,}stable are getting overlooked, then that's something we need to
address. Not correctly marking the bug as fixed in unstable is not the
way to do so.
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
