[pkg-lighttpd] Bug#474951: Bug#474951: Is a fix for etch planned?
Philipp Kern
pkern at debian.org
Tue Apr 15 06:49:10 UTC 2008
On Tue, Apr 15, 2008 at 08:39:03AM +0200, Pierre Habouzit wrote:
> Dear security team, you broke lighttpd badly with your last upload,
> because you use a broken patch to fix the last CVE on it. Please update
> the patch, using e.g. the one in the unstable version instead. You've
> broken lighttpd for almost 10 days, it's quite unacceptable to have a
> lighttpd in _stable_ in that state.
>
> Dear SRM team: would an upload to s-p-u be accepted if the security
> team still doesn't react ?
As the current lighttpd distributed through security is utterly broken
if you have SSL activated, of course I would accept an update through
s-p-u. But I would be deeply disappointed about this is handled, too.
Kind regards,
Philipp Kern
--
.''`. Philipp Kern Debian Developer
: :' : http://philkern.de Debian Release Assistant
`. `' xmpp:phil at 0x539.de
`- finger pkern/key at db.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-lighttpd-maintainers/attachments/20080415/a6be6fc0/attachment-0001.pgp
More information about the pkg-lighttpd-maintainers
mailing list