[Secure-testing-team] Re: Bug#335997: flyspray: Multiple XSS
vulnerabilities
Steve Langasek
vorlon at debian.org
Tue Dec 20 06:13:21 UTC 2005
On Tue, Dec 20, 2005 at 12:42:40AM +0100, Pierre Habouzit wrote:
> Le Lun 19 Décembre 2005 22:15, Steve Langasek a écrit :
> > On Mon, Dec 19, 2005 at 04:47:50PM +0100, Pierre Habouzit wrote:
> > > > > Moreover the current version has some problems that I'd not
> > > > > like to see enter testing at all.
> > > > Current testing has an RC security bug. If those issues you
> > > > mention are also RC, I suggest you document them in the BTS,
> > > > since I didn't find any other RC issues in the tracker. If they
> > > > are not, this version should progress in order to fix the RC
> > > > security bug in testing that's absent in unstable.
> > > you are right on the full line, and I just did an upload of what I
> > > should have done way earlier and that was almost ready on my
> > > computer.
> > > thise one fixes a lot of bugs and use the update that upstream
> > > released a few day after I fixed the RC bug in a hurry.
> > > -6 is the package that will fix all that should be, and it'll enter
> > > etch in 10 days from now.
> > If this fixes a release critical security bug, *why* are we treating
> > it with urgency=low?
> I already did an upload with urgency low, either you can force it to be
> high, or I can reupload, as you want.
Ok, urgency bumped.
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20051219/4d68c9a2/attachment.pgp
More information about the Secure-testing-team
mailing list