Hi Enrico, regarding the content of d/changelog only. I think it is good and can be uploaded.
I am not sure, whether the mention "CVE-2021-3566" in d/changelog will be parsed and this CVE will unintentionally be closed again in the security database. Please double-check when you generate DLA. Best regards Anton Am Mi., 4. Mai 2022 um 11:48 Uhr schrieb Enrico Zini <enr...@enricozini.org>: > > Hello, > > in the Developers's reference[1] it says, in boldface, that security > updates should be built with "urgency=high". > > In ffmpeg's changelog[2] however, everything is urgency=medium. > > The LTS/Development wiki page does not mention urgency values. > > Should I: > > * assume previous ffmpeg uploads used the dch default and start > using urgency=high as requested in the devref, > * assume that LTS uploads don't have the same urgency as non-LTS > security uploads, keep urgency=medium, and update LTS/Development > accordingly > * other? > > > [1] > https://www.debian.org/doc/manuals/developers-reference/pkgs.html#preparing-packages-to-address-security-issues > [2] > https://salsa.debian.org/lts-team/packages/ffmpeg/-/blob/debian/stretch/debian/changelog > [3] https://wiki.debian.org/LTS/Development > > Enrico > > -- > GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini <enr...@enricozini.org>