> > What would be next? Is this the kind of bug for which you will prepare > > a DSA (security), or is stable-pu and oldstable-pu enough? > > Once the fix is in unstable, this can safely go via the next buster. > and stretch point release. Can you contact the stable release managers > for it?
Ok, will do. I asked because this CVE is in the headlines now (I've seen it in slashdot and reddit, for example). Thanks.
