[Pkg-sass-devel] Bug#921952: Bug#921952: Don't include in buster without proper commitment to update in stable
Jonas Smedegaard
dr at jones.dk
Tue Apr 16 15:51:52 BST 2019
control: severity -1 important
Quoting Aljoscha Lautenbach (2019-04-09 23:03:06)
> during the BSP in Gothenburg last weekend I discussed with Jonas how I
> could help to put libsass back on track regarding its security status.
> We agreed that the best move is to start with triaging the existing
> Debian bugs and by identifying the CVE status in upstream's issue
> tracker. [0]
@Aljoscha: Thanks for your initial work and - more so - for committing
to help generally looking after these security issues in libsaass.
Due to the expansion of the libsass team with Aljoscha, I am lowering
severity of this bugreport.
If the security team or others disagree, then please elaborate what you
consider is needed.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-sass-devel/attachments/20190416/98dde39f/attachment.sig>
More information about the pkg-sass-devel
mailing list