[Pkg-salt-team] Bug#985085: plan to lower Severity
Damien Norris
damien at cantrusthosting.coop
Tue Apr 13 17:01:36 BST 2021
Hi Moritz, thank you for your help with getting #985085 closed.
> the general procedure for security updates can
> be found at https://www.debian.org/doc/manuals/developers-reference/pkgs.html#preparing-packages-to-address-security-issues
FYI I believe we're close to having all these requirements done for both
buster and stretch!
Upstream provided backported security patches for these 10 CVE's for
both stable/oldsable versions (2018.3 and 2016.11) and I have both of
these working as Debian package builds now.
I'm testing in my prod environment this week, plus there's explicit
testing that can be cone against the CVE's (especially the bad one,
CVE-2020-28243) that should be done.
But then it should be ready for review and hopefully upload on both
fronts, within the next week hopefully.
--
damienvancouver
More information about the pkg-salt-team
mailing list