Hi,
is there a special reason why the updates are not published through the
"security" repositories of Debian Stretch/Jessie?
- on Debian 7, the update is in "wheezy" (via security)
- on Debian 8, the update is in "jessie-updates"
- on Debian 9, the update is in "stretch-updates"
With regard of the severity of the bug, I can't understand this release
strategy. Or am I just too impatient?
Many "sources.list" files do not contain the "-updates" repository, for
example unmodified Xen instances created with "xen-create-image".
So I suggest to push this update also into debian-security.
Thanks for your efforts & best regards
-Klaus
