On Fri, Sep 23, 2016 at 07:57:45PM +0200, Bálint Réczey wrote: > Hi, > > 2016-09-20 23:43 GMT+02:00 Chris Lamb <[email protected]>: > > Hello dear maintainer(s), > > > > the Debian LTS team would like to fix the security issues which are > > currently open in the Wheezy version of firefox-esr: > > https://security-tracker.debian.org/tracker/source-package/firefox-esr > > > > Would you like to take care of this yourself? > > > > If yes, please follow the workflow we have defined here: > > https://wiki.debian.org/LTS/Development > > > > If that workflow is a burden to you, feel free to just prepare an > > updated source package and send it to [email protected] > > (via a debdiff, or with an URL pointing to the source package, > > or even with a pointer to your packaging repository), and the members > > of the LTS team will take care of the rest. Indicate clearly whether you > > have tested the updated package or not. > > > > If you don't want to take care of this update, it's not a problem, we > > will do our best with your package. Just let us know whether you would > > like to review and/or test the updated package before it gets released. > > > > You can also opt-out from receiving future similar emails in your > > answer and then the LTS Team will take care of firefox-esr updates > > for the LTS releases. (In case we don't get any answer for months, > > we may also take it as an opt-out, too.) > > I think Mike would like the LTS Team to prepare the future updates: > > On Thu, Aug 04, 2016 at 06:32:14PM +0900, Mike Hommey wrote: > > On Thu, Aug 04, 2016 at 11:04:47AM +0200, Markus Koschany wrote: > > > Hello Mike, > > > > > > Thank you for preparing the security update of firefox-esr. I have just > > > sent a security announcement for your update in Wheezy to the > > > debian-lts-announce mailing list. If you want to take care of this next > > > time, please follow our guidelines which we have outlined at [1]. If > > > this is a burden for you, no problem, we will do our best and take care > > > of the rest. In this case we would like to ask you to send a short > > > reminder to debian-lts, so that we can prepare the announcement in a > > > timely manner. > > > > Heh, I hadn't realized that wasn't handled by standard DSAs, sorry about > > that. That these updates go through the same security-master doesn't > > help making it obvious they are different. > > > > Anyways, I'd rather not have more work to do, so if can send > > announcements, that works for me. Or you can deal with the backport > > from back to back. > ... > > I have added firefox-esr to lts-do-not-call and started preparing the update.
Thanks. Mike
