Hello Charlie, Charlie Brady [2015-02-22 13:03 -0500]: > Wouldn't it be wise to at least amend the changelog entry so that going > forward it isn't incorrect?
Unfortunately that requires a full upload, build, test, and another security update. I'm not sure it's worth that effort, but we should surely adjust the USN text. > How does this privilege leak not affect Debian? It does, but the upload you referenced was for Ubuntu 10.04 LTS. Christopher now said that apparently he just happened to make the same mistake for apt.postgresql.org, but that's still not "Debian". > I agree the patch is risky - I had a look at backporting it myself, > and it's non-trivial. I wonder if someone familiar with the code > will assist. I'd just ignore this for -8.4. It's really not that big of an issue IMHO, it has been EOL upstream for a fair while, and Ubuntu 10.04 LTS is going end-of-life in just two months. Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org