Well, for security issues that are remotely exploitable I'd say yes. If
someone prepares fixed packages or requests backports (just open a
dapper-backports task on this bug) the bug can be closed.
--
security hole in 2.0.2/2.0.3
https://launchpad.net/bugs/35528
--
ubuntu-bugs mailing list
ubunt
> So what I should be doing, if I understand the two channels correctly,
> and if the bug is severe enough, is to add a dapper-security task to
> this bug. Is that correct?
Actually, I would not consider this bug 'fix released' without a fix in
all supported distros. But since the package is in un
> I don't know what Dapper's security policy is, so I can't be specific,
> but wouldn't a potential remote exploit pretty much automatically
> qualify for a backport?
A backport requires that the source package builds without modification
on dapper. If that's not the case, a fixed package will ne
