> > > > ACK. (Reading the upstreams' homepage, you should definitly go for the > > latest version. The latest upstream fixes a local DoS. > > As a side, please add all CVE-# which closes the new version into the > > changelog, please follow the procedure as in [1])) > > Thank you, I will do it.
Ok the last time I responded I lied that I understood :). I just want to confirm, when I release I will close CVE bugs I found here [1] ? Correct ? But they do not have a corresponding bugs.d.o bug, so I just do: Closes CVE-foo-bar in a changelog, as written in your link ? > > > > > You should also to file a bug against maradns to document that the > > current version has secuirty problemss with the CVE's > > http://maradns.samiam.org/security.html has the list. > > Ok. I can see that they are documented there. Or I miss something. Number 19 is the CVE-None that is fixed in the most current version. Or again I did not understand. [1] https://security-tracker.debian.org/tracker/source-package/maradns -- Pozdrawiam, Dariusz Dwornikowski, Assistant Institute of Computing Science, PoznaĆ University of Technology www.cs.put.poznan.pl/ddwornikowski/ room 2.7.2 BTiCW | tel. +48 61 665 29 41 -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140218201218.gb19...@blackstar.cs.put.poznan.pl
