Control: tags -1 confirmed Simon McVittie: > Package: release.debian.org > Severity: normal > User: release.debian....@packages.debian.org > Usertags: unblock > > Please unblock package dbus. This new upstream release fixes a couple > of symlink attacks in rare code paths, which could be argued to be > security vulnerabilities by someone sufficiently pedantic (I'm going > to raise this with the security team, but I suspect they will not > consider it worth doing a stable update). > > I would like to track the dbus-1.10 branch in stretch-as-stable, > as I have for dbus-1.8 in jessie. I am an upstream dbus maintainer, > and I plan to continue to produce minimal upstream stable releases. > > I plan to release dbus 1.12.0 at some point in the near future (during > or soon after the stretch freeze), at which point 1.10.x will go from > "bug fixes only" to "security fixes only". > > unblock dbus/1.10.16-1 > > Thanks, > S > > [...]
Looks good to me, but needs an ACK from KiBi due to its udebs. Thanks, ~Niels
