* Paul Gear: > If we're going to have another crack at it, then, what track should we > take? Reopen the bug as Florian suggested,
According to a recent discussion on -devel, this bug is still open. The BTS web is a bit confusing. > email the security team, just keep pestering Joey? IMHO, the first step would be to convince the shorewall maintainer that a security update for stable needed. [*] Then someone needs to prepare an update (preferably the maintainer or someone else who is familiar with the software). This is slightly complicated by the unfortunate fact that the patch in the errate of 2.2.5 does not apply cleanly to the 2.2.3 version. > I didn't mean to stir up so much crap about this problem. I just want > to see both Debian and Shorewall succeed, and it seems to me that there > are some organisational problems with Debian when it comes to security. > I want to make sure that we (the upstream team and the maintainer) are > not the cause of them. Yes, and this is a relatively simple issue and is a good testing ground. [*] In the meantime, I've seen upstream's reaction to this bug, and it makes clear that this is not a mere documentation issue. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
