On 8/26/21 10:42 PM, Santiago Ruano Rincón wrote: > El 26/08/21 a las 14:45, Jakub Ružička escribió: >>> - Includes fix for CVE-2021-40083 (Closes: #991463) >> I've used this magic syntax found throughout the changelog and it closed >> the bug upon experimental upload, which isn't what I expected. Please >> reopen as needed, I'm not yet familiar with handling bugs wrt different >> Debian branches. >> > Why would you like to reopen the bug? The BTS knows it is still to be > fixed in unstable. Take a look at the image at the top right of the bug > report page: > https://bugs.debian.org/cgi-bin/version.cgi?absolute=0;found=knot-resolver%2F5.3.1-1;info=1;fixed=knot-resolver%2F5.4.1-1;collapse=1;package=knot-resolver Aha! I didn't notice that all-important image at all, thanks. So BTS is as smart as I hoped 🥳
Please disregard my prior confusion. > >> Regardless, experimental knot-resolver-5.4.1-1 built against >> experimental knot-3.1.1-3 so I'll try to proceed with the transition >> which should fix the bug for sid. > Awesome, thanks! My pleasure! I've opened transition bug #993027 > >> After that I plan to cherry-pick the fix for next bullseye-point release. > Did you have any feedback from the security team? Yes, that I should fix the issue with the next (first) bullseye-point release after it's been fixed in unstable. As the sid fix is in progress, I'll prepare the bullseye release (at debian/bullseye Salsa branch I think) and follow instructions at https://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable 📦, Jakub
OpenPGP_signature
Description: OpenPGP digital signature
