On Mon, Aug 22, 2005 at 08:11:27PM +0200, Zoran Dzelajlija wrote: > Hi, any word of a sarge release to cover CAN-2005-1921 and, to kill two > flies, the new XML_RPC bug CAN-2005-2498? I've applied Ubuntu's > patches for both to a local build without much hassle...
If you can provide me a direct URL for the Ubuntu security patches, I can probably find time to roll an update for the security team if Adam's busy. > Also, is there some user-friendly documentation aobut the new BTS > features (found vs. tagging for sarge)? No, there doesn't seem to be any user-friendly documentation yet, just the information that was posted to debian-devel-announce. :) > Should this bug be reopened until sarge gets a fix for these > vulnerabilities? It should not be reopened. It should be tagged "sarge", as I'm told the suite tags will have an impact on archival of bugs. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
