Roberto C Sánchez wrote:
>> Unfortunately the vulnerability described above is not important enough
>> to get it fixed via regular security update in Debian stable. It does
>> not warrant a DSA.
>>=20
>> However it would be nice if this could get fixed via a regular point upda=
> te[1].
>
> Just curious, but what is the rationale behind this?
Some security issues don't warrant the significant overhead of creating a
DSA (both for the Security Team and the admin installing the security
updates), but they can still be included for the regular point updates,
since
- The admin needs to install the point update anyway
- The update receives more testing in advance
- The maintainer provides the update and not the Security Team
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
