On Fri, Apr 07, 2017 at 02:48:50PM +0200, Benjamin Drung wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian....@packages.debian.org
> Usertags: unblock
>
> Please unblock package salt
>
> 2016.11.2 is a bug-fix release for the 2016.11 series. It contains
> security fixes for CVE-2017-5192 and CVE-2017-5200.
So what's the plan for stretch-security? Are the salt maintainers commiting
to preparing security updates for it's lifetime? If not (as it happened for
jessie), stable is better off without it.
Cheers,
Moritz
