I have received a very simple patch from the upstream developers
(perhaps) fixing just a minor issue regarding one of the several
reported security issues.

I'm giving up here trying to get a security patch. There are way too
many changes across the versions and upstream doesn't have resources to
figure out the exact patches and backport them to 1.8.2. So (@security
team) what do we do? Live with it? Maintain a backport? Drop the
package? I'm screwed…

…Christoph



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to