Control: tags -1 confirmed moreinfo


On Fri, Mar 22, 2019 at 12:11:29AM +0100, Bernhard Schmidt wrote:
> The other option would be to only backport the fix for CVE-2019-8936 and 
> upload
> -4.
> While processing this I discovered three small commits sitting in the master
> branch that had not been uploaded yet. They could be backed out if you want 
> to.
> They fix important Bug#772790, normal Bug#764546 and remove a leftover from 
> the
> locking that used to be in place to prevent a race between ntpd and the 
> ntpdate
> ifupdown hooks. The ifupdown hooks have been removed since September, so the
> locking is not necessary anymore.
> Please tell me what you want me to upload
> a) 1:4.2.8p13+dfsg-1 currently in experimental (as -2)
> b) 1:4.2.8p13+dfsg-1 currently in experimental (as -2), but with some/all not
>    previously uploaded changes to debian/ dropped
> c) 1:4.2.8p12+dfsg-4 containing only the CVE fix
> d) 1:4.2.8p12+dfsg-4 containing the CVE fix and some/all not previously 
> uploaded
>    changes to debian/

Both option c or d sound ok. Options a and b really don't sound like something
we should do at this point.

So please go ahead with the 1:4.2.8p12+dfsg-4 upload and remove the moreinfo
tag from this bug once the package is in unstable.



Reply via email to