Martin Schulze <[EMAIL PROTECTED]> writes: > Olaf Meeuwissen wrote: > > Olaf Meeuwissen <[EMAIL PROTECTED]> (that's me!) writes: > > > > > Dear .debs, > > > > > > I recently wanted to apply security updates to a machine I'd installed > > > from woody pre6 CDs, hardened and upgraded to woody proper. [...] > > > > > > Before applying the upgrades I checked whether there was a DSA for the > > > packages that were going to be upgraded. Surprise, there were several > > > that did not (seem to) have a corresponding DSA. > > > > > > Question: Is that normal and OK? > > Yes. During the deep freeze of woody the security infrastructure was > implemented. Security updates were added to woody before it was released > without issuing a DSA for each and every package.
As mentioned in another mail to the debian-security list, this is true for the fetchmail-ssl package, but *not* for the kdenetwork packages. The security upgrades are not the packages that were in woody when it got released. -- Olaf Meeuwissen EPSON KOWA Corporation, ECS GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90 LPIC-2 -- I hack, therefore I am -- BOFH -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
