Control: fixed -1 1.9.17p2-5 On Fri, Apr 03, 2026 at 11:35:09AM +0200, Marc Haber wrote: > On Fri, Apr 03, 2026 at 07:45:18AM +0200, Salvatore Bonaccorso wrote: > > FWIW, MITRE assigned a CVE for this issue, CVE-2026-35535, makes it > > easier trackable across as well distros. > > I will mention that in the changelogs for the respective trixie and bookworm > uploads. I guess that retro-editing the changelog for the version in > unstable and forky is not a good idea, how would you address this?
That really depends on your preference for packaging. For instance in the kernel team we do not retrospectively touch already released changelog entries. Other team do ammend it and just add the CVE identifier in a old entry on a next unstable upload and say something like ammending an older entry. But IMHO at this point it is not really needed. We have all the metadata updated (both in the BTS and in the security-tracker). Regards, Salvatore
