On 01/05/13 11:14, Christoph Egger wrote: > [...] As it is too late for wheezy r0 it seems we'll > need to go through either security or stable-updates for wheezy
Yes, we need to fix it in sid anyway. I think this (in kfreebsd-9) merits a DSA and the fix made available via security.d.o as soon as possible after release, for users who install wheezy r0. Then it would automatically enter the proposed-updates queue for r1. For kfreebsd-8, the vulnerable code is present but not normally enabled, so we may want to address it in wheezy with a stable update only. For squeeze, I think the 8.1 kernel also has the vulnerable code, but NFS wasn't even supported in that release. Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
