On 28/01/2021 22:59, Robbi Nespu wrote:
Hello everyone,
I am curious something (as per title). I not sure whether to ask here
or on devel mail list.
Yesterday on OFTC #debian, some guy ask about unfix CVE-2020-25681 to
CVE-2020-25687 for dnsmasq[1] package on stable release.
I not using dnsmasq but I curious how and will it be backport to
stable on cases like this?
Stable = 2.80-1 (vulnerable)
Testing = 2.83-1 (fix)
Unstable = 2.84-1 (fix)
There is 2 revision gap between stable and testing, do the security
team will apply the fixes on 2.80-1 or will update the package rev up
to 2.83-1?
1. https://security-tracker.debian.org/tracker/source-package/dnsmasq
As a general rule, fixes are backported to the current version in stable.
If it's simply not possible or very costly, it might happen that a new
version is introduced, but this is rare.
--
Programmers do it bit by bit.
Eduardo M KALINOWSKI
edua...@kalinowski.com.br
