Hi, Holger Levsen wrote (10 Aug 2014 10:42:37 GMT) : >> (Maybe some of the torbrowser-launcher package maintainers should read >> that low-volume list?)
> seems like an idea, but is this really the recommended way to learn about new > tbb releases? It's the best way I'm aware of to learn about it in advance, or at least between the release and the corresponding blog post (which generally takes a few hours, and up to a few days, iirc). > Also, I'm wondering why the 6 weeks cycle was broken and how often this > happens... > An explaination for this cannot be found in that qa-mail neither :/ It reads: * Update Tor to 0.2.4.23 [...] * Update OpenSSL to 1.0.1i I personally read "DSA-2998-1 and DSA-2993-1" between these lines, but I do realize that indeed, the message could be a little bit more verbose. E.g. it could point to the relevant CVE and friends. Ask the TBB team? :) Cheers, -- intrigeri -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
