On Mon, Jan 26, 2015 at 01:41:54PM +0100, Kilian Krause wrote:
> Hi Moritz,
>
> On Mon, Jan 26, 2015 at 12:28:00PM +0100, Moritz Mühlenhoff wrote:
> > On Mon, Dec 22, 2014 at 10:33:50PM +0100, Kilian Krause wrote:
> > > Package: fex
> > > Version: 20140917-1
> > > Severity: serious
> > > Tags: security patch upstream pending confirmed jessie
> > >
> > >
> > > As upstream has released a new version of the fex package which closes a
> > > security issue and there is no CVE assigned, we'll use this bug to track
> > > the issue.
> >
> > Hi,
> > what is the plan for unstable? You can either ask for an unblock with
> > the release team (if the diff between testing an sid is small) or
> > fix these in a targeted upload for testing-proposed-updates.
>
> Unstable already has a fixed version. Just jessie still hasn't as of now.
> The backports should also be updated once the new version is in jessie.
>
> I'm currently waiting a bit before asking for an unblock to make sure the
> package is really fit enough to go in and nobody is complaining. As the
> update has been reviewed quite a bit before this release, it probably is
> ready to go in as is.
Ok, sounds good to me.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
