On Mon, Jul 07, 2003 at 12:48:49PM -0500, Branden Robinson wrote: > On Sun, Jul 06, 2003 at 01:47:07PM -0400, Remi Lefebvre wrote: > > Changes: > > atftp (0.6.2) unstable; urgency=low > > . > > * Fixed local and remote buffer overflow (Closes: #196304)
> In the future, please upload security fixes with urgency=high. I'm assuming this is only appropriate if the vulnerability affects testing? Since the main impact of setting the 'urgency' field is affecting propagation time into testing, it doesn't seem appropriate to give higher priority to a package which only suffered from a vulnerability in the unstable version. -- Steve Langasek postmodern programmer
pgpFsdnuHE67Y.pgp
Description: PGP signature
