Hi Moritz, sorry for my late reply; I wanted to confer with Thijs on this first, because we were in contact on this earlier already and also I wanted to act before replying.
On Sun, Dec 09, 2007 at 11:31:47PM +0100, Moritz Muehlenhoff wrote: > We're swamped in email. I understand that. Sorry if my mail sounded different than that. > mantis has certainly improved. Yes. > However, mantis is still in Sarge and we haven't heard anything from you > when you fixed later vulnerabilities in sid. Did none of these affect > Sarge's mantis? I didn't knew that I'd need to come to you, because security tracker is saying that mantis/oldstable is vulnerable and that is true :-). However: In the meanwhile I understood that I should/could have been more pro-active. But while I understand that mantis in Sarge needs fixing, I don't see a direct relation between it and mantis as it is in sid, given the fact that all known vulnerabilties are fixed in sid. To come to the sarge version: You might have seen that I'm in progress fixing it, together with Thijs. So given the current situation could the security team please consider supporting mantis in the upcoming release of lenny? Best Regards, Patrick -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
