Hi Jochen, On Wed, Jan 10, 2018 at 05:29:37PM +0100, Jochen Sprickerhof wrote: > * Chris Lamb <la...@debian.org> [2018-01-10 21:25]: > > Assuming you mean a DLA (!), yes please do so. If you are unsure of > > the process, I can go ahead and handle that and the changes to the > > security-tracker - it can be a little fiddly. :) > > Done. > > > You would also remove the entry in data/dla-needed.txt > > bin/gen-DLA did that already (I think). > > The only missing thing from my side is CVE-2014-0350 where wheezy is still > listed as vulnerable on > > https://security-tracker.debian.org/tracker/source-package/poco
yes, if you fixed along as well CVE-2014-0350 but missed it in the initial passing to bin/gen-* then you can add the CVE manually to data/DLA/list to the respective entry (done so just a second ago). Regards, Salvatore
