Thanks Reiner for the debdiff. I noticed that upstream provides Long Term Support versions: 0.9.38.x, which is the same branch in Xenial. According to the SRU policy, new upstream micro releases could be pushed as updates if they introduce only bug fixes, especially for Ubuntu LTS releases. https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases
If you find that it is more beneficial and it is easier for you to push the whole micro release instead of cherry picking fixes, go for it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1655136 Title: Multiple CVEs in xenial To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firejail/+bug/1655136/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
