On 10/10/16 11:25, Didier Raboud wrote:
> Re-sending differently, as somehow my MUA messed this sending in some weird
> way.
Hi,
You probably wanted to send this to team@security or debian-security@ ?
If you want this to go through stable (pu) rather than stable-security, please
file a pu bug against release.debian.org.
Cheers,
Emilio
> -------- Original Message --------
> Subject: Bug#839226: [PATCH] cups : SSL is vulnerable to POODLE [Jessie]
> Date: 2016-10-10 10:13
> From: Didier 'OdyX' Raboud <o...@debian.org>
> To: 839...@bugs.debian.org, debian-release@lists.debian.org
> Cc: Frederic Bonnard <fre...@linux.vnet.ibm.com>
>
> Hi again,
> (dropping debian-lts from the loop, as this'd be for stable)
>
> Le samedi, 1 octobre 2016, 06.34:28 h CEST Moritz Mühlenhoff a écrit :
>> > Have we removed protocols' support in {old,}stable before?.
>>
>> We have done that on a case-by-case basis via point updates in the past,
>> seems also fine here.
>
> Here come:
> - patch;
> str4476-disable-sslv3-and-rc4-by-default.patch
> - git commit series;
> 0001-Disable-SSLv3-and-RC4-by-default-to-address-POODLE-v.patch
> 0002-Refresh-patches.patch
> 0003-cups-1.7.5-11-deb8u2-Debian-release.patch
> - and debdiff
> cups_1.7.5-11+deb8u2.debdiff
>
> Can I upload to jessie-security ?
>
