Dear LTS team, I am still preparing an update for amd64-microcode for Jessie to fix CVE-2017-5715. Security team marked this issue as no-dsa for Stretch [1], it can be fixed through next point release.
For Jessie I am not able to use now the package version 3.20181128.1~deb8u1, because it is higher than the current Stretch version 3.20160316.3, so upgrade would not be possible in the meantime. Thus I'm asking for an advice: * May I set the version number for this update as 2.20160316.1+really3.20181128.1~deb8u1? After the next Stretch point release I can reupload it with the version number 3.20181128.1~deb8u1. Or there are better alternatives? * Package is non-free, should the amd64 and i386 binary packages both be uploaded? [1] https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c9dda4132363fd5b169a3aad5fec48a4e4d2f72 Thank you Anton
signature.asc
Description: OpenPGP digital signature
