Need help with asterisk?
Bernhard Schmidt
berni at debian.org
Tue Oct 11 08:35:38 UTC 2016
On Sat, Oct 08, 2016 at 09:21:47PM +0200, Bernhard Schmidt wrote:
> > Best would be if you can try look into squashing security-related bugs
> > in stable and oldstable. Or I could could prepare that and you can take
> > the dialogue with the release team to get permission for releasing it.
>
> I'll have a look at the one open security issue in stable, maybe I can
> wrap something up that fixes AST-2016-007. Never dealt with the security
> team either.
I'm in contact with the security team and we should have a DSA pretty
soon. The only question now is how to deal with the git repo. The jessie
branch
(https://anonscm.debian.org/cgit/pkg-voip/asterisk.git/log/?h=jessie)
has unreleased changes that won't be eligible for security.
How should I deal with this?
- revert the patches in the jessie branch and put the security patches
on top
- add a jessie-security branch
- force-push the jessie branch to an older commit
I think the last option would break everyones clone, so that's a no-go.
I'm leaning to option #1. Any opinion?
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20161011/e1cd7027/attachment.sig>
More information about the Pkg-voip-maintainers
mailing list