Hi Roberto Others may have a different opinion but I do not see a big problem with that. Make a regular DLA with a note that it also contained a regression fix. Alternatively we issue two DLAs referring to the same software version. I do not know which approach is the best, but I think both work.
Cheers // Ola On Tue, 15 Dec 2020 at 02:16, Roberto C. Sánchez <robe...@debian.org> wrote: > I am curious if there is a policy or best practice for how to handle a > package update containing both a regression fix and also a fix for a new > vulnerability. > > If such a thing is not advisable or permissible, then is it best to > handle the regression as one update and then follow-up with the new > vulnerability fix as a subsequent update? > > Regards, > > -Roberto > > -- > Roberto C. Sánchez > > -- --- Inguza Technology AB --- MSc in Information Technology ---- | o...@inguza.com o...@debian.org | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | ---------------------------------------------------------------
