After discussions with the affected security teams (debian and ubuntu),
postfix 2.6.5.3 was uploaded to sid, with the presumption that I would
contact -release to get the fix for my ancient screwup into the next
point release.
* SECURITY-UPDATE: correct permissions on /var/spool/postfix/pid
- adjust /var/spool/postfix/pid directory to be owned by root, not
postfix.
- CVE-2009-2930
If there is a desire to go from 2.3.8 to 2.3.19 for etch, or 2.5.5 to
2.5.9 for lenny, I'm open to that as well. Wietse tends to be very
pedantic about what he adds in point releases. At the same time, I
doubt that there is any critical need to do so.
thoughts?
lamont
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
