Bug#988208: CVE-2021-32062
Salvatore Bonaccorso
carnil at debian.org
Sat May 15 06:33:50 BST 2021
Hi,
On Sat, May 15, 2021 at 06:58:30AM +0200, Sebastiaan Couwenberg wrote:
> Control: severity -1 important
>
> Since the issue is not severe enough for a DSA, it shouldn't also
> trigger testing autoremoval.
Actually the severity of a bug (RC or not) is orthogonal to the
decision if something warrants a DSA or not (and so can be batched
with other updates together in a point release). You will find many
grave issues which did not warrant a DSA, and even vice versa.
An less than RC bug which got a DSA is usually though raised to RC to
ensure there is not regression to testing/unstable in case it is yet
unfixed in the upper suite.
Regards,
Salvatore
More information about the Pkg-grass-devel
mailing list