Hi, On Fri, 30 Sep 2016, Gianfranco Costamagna wrote: > > The real question is: is this upload ACKed by the LTS team? I don't > > have a hold on LTS workflow, and in my thoughts I believe uploads have > > to be ACKed, pretty much like regular security uploads, and stable > > uploads? > > can we please have an ack/nack about this VLC security update?
Everything relevant was already said: vlc is unsupported so we basically don't care. That said any upload should come with its DLA announce mail and there you should explain that this is a one-off contribution on an otherwise unsupported package and that it doesn't mean that the package is supported. There are two other unfixed CVE so the package remains vulnerable in general: https://security-tracker.debian.org/tracker/source-package/vlc Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/