On Fri, 15 May 2009 20:15:49 +0200, Andreas Metzler wrote: > On 2009-05-15 "Michael S. Gilbert" <michael.s.gilb...@gmail.com> wrote: > > On Tue, 12 May 2009 00:03:05 +0000, Debian Bug Tracking System wrote: > > > This is an automatic notification regarding your Bug report > > > which was filed against the gnutls26 package: > > > > > > #528281: gnutls26: CVE-2009-1417 certificate expiration vulnerability > > > does it make sense to close this bug since etch/lenny are still > > vulnerable? from my perspective, it is better to keep the bug open so > > that it stays on the maintainer's radar. > > We have version tracking. It is marked fixed in 2.6.6-1. > cu andreas
yes, i agree that this is useful, but should a message be sent to xxxxxx-d...@bugs.debian.org before all affected versions are fixed? i don't consider a bug as being done until all versions are fixed. mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org