On Wed, 2010-09-15 at 14:11 +0000, Artur Rona wrote: > Is not easier to upload a stricte patch to fix this security issue? We > can sync new upstream release in next development cycle from Debian. >
Easier for whom? The hard part has been figuring out how to re-enable test suite (and make it pass without disabling tests) and it still had to be done - it has been disabled by Debian maintainer because of failures and running test suite at build-time has been one of requirements made during MIR process. I don't think we have to check a full delta between 1.2.1 and 1.2.3 releases as both are bug fix only. Django developers do a lot of work to ensure that the concurrent releases are compatible and that's what the tests are for anyway. -- Sent from Ubuntu -- Update python-django to 1.2.3 version to fix an XSS vulnerability https://bugs.launchpad.net/bugs/636482 You received this bug notification because you are a member of Registry Administrators, which is the registrant for Debian. _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : [email protected] Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
