Hi Paul, and others, On Mon, Sep 12, 2022 at 10:21:12PM +0200, Paul Gevers wrote: > Hi, > > On 02-09-2022 14:35, Ervin Hegedüs wrote: > > *We need to know if we could add this patch to the existing packages > > (3.3 in both Debian 10 and Debian 11) without CVE or not.* > > Well, Debian 10 got it's last official point release last Saturday, so we're > not considering that anymore. For the current stable (Debian 11), we don't > need CVE's for updates, just a good justification of all the changes > (assuming the justifications are in line with our stable release policy).
thank you for your answer. I think this is a good news. > > If you have any idea, what is the easiest way to add these features to > > the existing Debian releases, please let me know. > > Link [1] already has the procedure lined out. I'm not a stable release > manager, but new features are normally not acceptable, so if you believe > they fix important (or more, see [2] for definition of severity) issues, be > verbose in explaining the issue their fixing and how they fix it. thank you for the explanation. We are going to prepare the new packages. a.
