Bug#514807: Regression in libgnutls security update
Florian Weimer
fw at deneb.enyo.de
Wed Feb 25 19:29:47 UTC 2009
* Andreas Metzler:
> I have been watching this play out since other people participating in
> this thread are more knowledgable than me. From what I have read I
> also think this might the right thing to do. Do you intend to push
> this through security or proposed updates?
I've uploaded changed packages to the security queue, but only
containing Simon's patch, without any documentation updates. We still
lack a fair number of builds for etch, so it's still time to do
something about the documentation. It's less an issue for etch
because I doubt that there is a 1.4.4 version with different behavior,
but I see that updated documentation would make sense for the lenny
version. If you want me to go ahead with the security errata, we can
still provide updated documentation via stable-proposed-updates.
I've got no particular opinion on the behavior for squeeze yet. If we
can implement a more appropriate API (or even just a system-wide
configuration option), this would be fine.
More information about the Pkg-gnutls-maint
mailing list