On Sun, Sep 25, 2005 at 11:22:11PM +0100, Edd Dumbill wrote: > On Sun, 2005-09-25 at 18:06 -0400, William Ballard wrote: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323365 > > > > Why is this grave security bugfix not in Sarge security updates, more > > than a month later? I know there's a "good reason," but in my few years > > of using Debian I have always run unstable. > > It is, version 2.15-1.1, you just missed it. > > We don't upload new upstream versions to stable to fix security holes. > Where we can we just backport the fix. This is so as not to cause > knock-on problems introduced in new versions. > > In the case of bluez-utils, this is exactly what was done -- see > http://packages.debian.org/stable/admin/bluez-utils > http://packages.debian.org/changelogs/pool/main/b/bluez-utils/bluez-utils_2.15-1.1/changelog > > I would not have closed the bug if the fix hadn't gone in.
Ah, I see. I read the bug report and saw the note which said it was "closed in 2.19.1", and then I stopped processing. The bug report didn't mention anything about also being fixed in 2.15-1 did it? I think I need to install apt-listchanges as well as apt-listbugs. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
