Nico Golde wrote: > Hi, > * Gunnar Wolf <gw...@gwolf.org> [2009-03-13 23:47]: > [...] >>> This is Debian bug #449544. >>> >>> Unfortunately the vulnerability described above is not important enough >>> to get it fixed via regular security update in Debian oldstable. It does >>> not warrant a DSA. >>> >>> However it would be nice if this could get fixed via a regular point >>> update[1]. >>> Please contact the release team for this. >> Nico brought this point to our (pkg-perl's) attention - After some >> discussion in the pkg-perl IRC channel, we found that the intermediate >> releases between the version shipped in Etch (1.30) and the one where >> this bug was fixed (1.38) were all reliability-related [1], and appear >> to be not too broad. So, even if we could just pick up the required >> changeset to make a specific 1.30-2+etch1 upload, it would be better >> just to upload 1.38 to Etch instead - Please tell us what to do. > > Looking at the changelog it looks indeed like it would be a > good idea to ship 1.38. Would that be a problem for the > release team?
It depends on the diff. Cheers Luk -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
