On 07/02/2017 01:26 AM, Sven Joachim wrote:
On 2017-07-02 09:34 +0200, Pascal Hambourg wrote:
Le 01/07/2017 � 23:19, Sven Joachim a �crit :
On 2017-07-01 16:36 -0400, Perry E. Metzger wrote:
Am I correct in interpreting this:
https://security-tracker.debian.org/tracker/CVE-2017-9445
as meaning a fix to it still isn't in sid, and therefore is not
yet in the process of percolating down to stretch?
That seems to be correct.
Huh ? Do *stable* security updates have to go through sid ?
No. However, as there will be no upload by the security team, the
maintainers will have to provide an update via proposed-updates, and the
release team usually demands that the bug is fixed in unstable first.
Cheers,
Sven
Most people do not subscribe to proposed-updates and this is a
definitely a security problem and should be taken care of ASAP.
Why can't security upload it?
How was this problem created in the first place?
--
Jimmy Johnson
Debian Stretch - KDE Plasma 5.8.6 - Intel G3220 - EXT4 at sda11
Registered Linux User #380263
