Am Thu, Sep 29, 2022 at 11:03:57AM +0200 schrieb Moritz Muehlenhoff:
> On Thu, Sep 29, 2022 at 09:09:29AM +0200, Emilio Pozuelo Monfort wrote:
> > On 28/09/2022 23:54, Ola Lundqvist wrote:
> > > Hi Sylvain
> > >
> > > Took me a month to get down here in the email backlog. I think your
> > > reasoning makes sense.
> > > I have added the following to the LTS/Development page.
> > >
> > > "If a CVE has been fixed in Debian Stable it should, in general, be fixed
> > > in LTS as well, or marked as ignored. It does not make sense to have such
> > > CVEs marked as postponed or no-dsa since either the Debian Security team
> > > or
> > > the maintainer have decided that it was worth fixing."
> > > Please update that page if you think I was unclear or wrong.
> >
> > I don't think that's correct. Say for example:
>
> FWIW, I'm planning to add a proposal to
> https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/23 but haven't
> found the time yet, maybe this week not sure.
And just did that.
Cheers,
Moritz
