Hi, On Sun, Oct 21, 2018 at 11:21:36AM +0000, Georg Faerber wrote: > Hi, > > On 18-10-21 12:05:31, Moritz Mühlenhoff wrote: > > That's all bugfixes related to enabling Enigmail and nothing in their > > is itself security-related, so I think that's something for the point > > update, not security.debian.org > > That's quite unfortunate to hear, and I don't share this opinion (even > if this doesn't count in this case, I guess), for reasons outlined in > the initial mail by dkg of this bug report in the "fixing enigmail" > section. > > As of now, enigmail, which people use to secure their communication, is > broken, therefore, IMHO, fixing it would be indeed a security fix. > > I spoke to quite some "end users" during the last weeks about this and > heard the problems they've run into; personally, to not further delay > this, I would very much appreciate if this could be handled via > security.d.o.
Some packages can be 'fast-tracked' from proposed-updates before a point release though still via the 'stable-updates' mechanism[1]. It was announced back in [2], and might be an option here if the SRM can be convinced it is needed (a.k.a if Adam gives it's okay here). [1] https://wiki.debian.org/StableUpdates [2] https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html Regards, Salvatore
