On Tue, 2017-09-12 at 23:04 +0200, Guillaume Delacour wrote: > > Le 12/09/2017 à 22:55, Adam D. Barratt a écrit : > > On Tue, 2017-09-12 at 22:52 +0200, Guillaume Delacour wrote: > > > Le 30/08/2017 à 21:58, Adam D. Barratt a écrit : > > > > Control: tags -1 + confirmed > > > > > > > > On Wed, 2017-08-30 at 21:33 +0200, [email protected] wrote: > > > > > The attached patch fix CVE-2017-9951 which has been not fixed > > > > > via > > > > > a DSA, > > > > > as discussed with Salvatore Bonaccorso: https://bugs.debian.o > > > > > rg/8 > > > > > 68701. > > > > > > > > +memcached (1.4.33-1+deb9u1) stretch; urgency=high > > > > + > > > > + * Non-maintainer upload by the Security Team. > > > > > > > > So far as I can tell, you're not a member of the Security Team, > > > > so > > > > this > > > > is incorrect. > > > > > > Sure, please find attached the fixed debdiff, as i'm not a member > > > of > > > the > > > security team. I've also changed the distribution from stretch to > > > stretch-security. > > > > Why? "stretch-security" is an appropriate distribution to use for > > uploads to the security archive, in which case you should be > > talking to > > the Security Team, not us. Assuming you're still proposing an > > update > > via proposed-updates and a point release, "stretch" was correct. > > Indeed, absolutely right. Updated version attached. >
Please go ahead. Regards, Adam
