On 01/05/13 11:14, Christoph Egger wrote: > [...] As it is too late for wheezy r0 it seems we'll > need to go through either security or stable-updates for wheezy
Yes, we need to fix it in sid anyway. I think this (in kfreebsd-9) merits a DSA and the fix made available via security.d.o as soon as possible after release, for users who install wheezy r0. Then it would automatically enter the proposed-updates queue for r1. For kfreebsd-8, the vulnerable code is present but not normally enabled, so we may want to address it in wheezy with a stable update only. For squeeze, I think the 8.1 kernel also has the vulnerable code, but NFS wasn't even supported in that release. Regards, -- Steven Chamberlain [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
