> On 2014-01-08 7:51, Sebastiaan Couwenberg wrote:
>> Control: tags -1 security
>> As reported by Salvatore Bonaccorso in #734565, there is now a CVE for
>> the security issue in question.
>> Can I get a Go/No Go for uploading the proposed changes in the debdiff?
> You proposed the changes four days ago, including relatively large
> diffs; please give people time to review / process them rather than
> chasing so quickly.
Sorry if my question was seen as chasing the Release Team. I'm not trying
to pressure the RT.
My question was triggered by the bug filed today now that the CVE is
> As a side note, the diffs were sufficiently large that neither of your
> bug reports reached the debian-release list, so several people may not
> have seen them yet.
I was afraid the debdiffs might be a bit too large. So I think the wise
thing to do is to prepare security uploads which only fix the CVE issue if
possible, and leave the other security and stability fixes for a later
(old)stable-update if the complete upstream stable release is considered
Pkg-grass-devel mailing list