Re: Working with gbp and older releases
> >
> > ACK. (Reading the upstreams' homepage, you should definitly go for the
> > latest version. The latest upstream fixes a local DoS.
> > As a side, please add all CVE-# which closes the new version into the
> > changelog, please follow the procedure as in [1]))
>
> Thank you, I will do it.
Ok the last time I responded I lied that I understood :). I just want
to confirm, when I release I will close CVE bugs I found here [1] ?
Correct ? But they do not have a corresponding bugs.d.o bug, so I just
do: Closes CVE-foo-bar in a changelog, as written in your link ?
>
> >
> > You should also to file a bug against maradns to document that the
> > current version has secuirty problemss with the CVE's
> > http://maradns.samiam.org/security.html has the list.
>
> Ok.
I can see that they are documented there. Or I miss something. Number
19 is the CVE-None that is fixed in the most current version. Or again
I did not understand.
[1] https://security-tracker.debian.org/tracker/source-package/maradns
--
Pozdrawiam,
Dariusz Dwornikowski, Assistant
Institute of Computing Science, Poznań University of Technology
www.cs.put.poznan.pl/ddwornikowski/
room 2.7.2 BTiCW | tel. +48 61 665 29 41
Reply to: