On Mon, Jan 26, 2015 at 04:49:27AM +0100, Cyril Brulebois wrote:
> Michael Gilbert <mgilb...@debian.org> (2015-01-25):
> > control: tag -1 patch, pending
> >
> > Hi,
> >
> > I uploaded an nmu fixing this issue to delayed/15. Please let me know
> > if I can shorten or if you want to do a maintainer upload instead.
> > See proposed patch attached.
>
> NACK, it won't make it into testing this way.
>
> See <20150106090747.gc27...@ugent.be> and mails before that.
>
> Haven't had a chance to upload what I proposed, but I can look at
> including your changes on top of mine, somewhen today. (It was
> basically waiting on the d-i release, which happened earlier.)
I'm slightly confused here. Is 1:1.22.0-9+deb8u1 different from
the upload you mentioned above?
jessie has CVE-2014-4607 fixed, but not CVE-2014-9645 (which isn't
terribly severe and which could be tagged no-dsa if no further
busybox upload is planned for jessie).
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150302152813.gc1...@inutil.org
