Hi Roberto
Others may have a different opinion but I do not see a big problem with
that.
Make a regular DLA with a note that it also contained a regression fix.
Alternatively we issue two DLAs referring to the same software version.
I do not know which approach is the best, but I think both work.
Cheers
// Ola
On Tue, 15 Dec 2020 at 02:16, Roberto C. Sánchez wrote:
> I am curious if there is a policy or best practice for how to handle a
> package update containing both a regression fix and also a fix for a new
> vulnerability.
>
> If such a thing is not advisable or permissible, then is it best to
> handle the regression as one update and then follow-up with the new
> vulnerability fix as a subsequent update?
>
> Regards,
>
> -Roberto
>
> --
> Roberto C. Sánchez
>
>
--
--- Inguza Technology AB --- MSc in Information Technology
| o...@inguza.como...@debian.org|
| http://inguza.com/Mobile: +46 (0)70-332 1551 |
---
