(resent after subscribing with proper return path mail address) Hi, In Debian, its security update policy prohibits any new feature added with security updates.
There are needs for updating 4.32.0 and 4.20.0 for the MITM security issues. CVE-2014-7273 CVE-2014-7274 CVE-2014-7275 I for one as being its maintainer in Debian see it theoretically possible but am scared to make mistakes when dropping non-security fix changes. https://bugs.debian.org/766670 Someone suggested "Maybe you can ask upstream if they are willing to point you the correct set of commits?". Can someone tell me such answer? I will be happy to get either "Yes" or "No" as the answer. Regards, Osamu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
