On 2016-04-13 21:36:49 [+0100], Adam D. Barratt wrote: > Assuming that we went ahead with upstream updates to Jessie (and future > supported stable distributions), I'm presuming that the preferred > workflow would be similar to other packages for which we ship upstream > stable trees - via the security archive for issues that merit a DSA, > with lesser severity issues being updated via p-u and thus pushed out to > users as part of a point release. Does that make sense to everyone?
Sounds good. > (Does anyone have alternative suggestions?) Not really. This path would get things like #774882 ("openssl: fail to verify some sites when 1024bit root CAs removed") fixed for the next p-u and this looks like a good thing. > Regards, > > Adam Sebastian