[Secure-testing-team] squeeze webkit security update
Thijs Kinkhorst
thijs at debian.org
Mon Feb 21 17:42:31 UTC 2011
Hi Mike,
On Monday 21 February 2011 18:23:52 Michael Gilbert wrote:
> I've prepared a package for the new stable upstream webkit 1.2 branch
> [0]. That branch now only contains security fixes. Would it be OK to
> push this new upstream version as a DSA for squeeze?
Thanks. I think conceptually this is a good idea, I do have some practical
issues with the current package:
- The version number 1.2.7-1 won't work for stable since this is higher than
testing/unstable. In the past this would be propagated automatically to the
latter ones but I think that hasn't worked for many years now. The best way
forward depends a bit on the plan for sid:
* If you want upload 1.2.7-1 there,you can upload 1.2.6-2+1.2.7-1 (or
something like 1.2.7-0+squeeze1 when wheezy has 1.2.7-1) to squeeze.
* If you want to upload 1.3 there, we can accept 1.2.7-1 in squeeze as soon as
1.3 is in testing.
- The changelog doesn't seem to mention any CVE id's.
- You add yourself as maintainer and DM-uploader even though you don't have
that position in unstable. Is this agreed upon with the current maintenance
team?
Cheers,
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20110221/71566258/attachment.pgp>
More information about the Secure-testing-team
mailing list