Hi Mike, On Monday 21 February 2011 18:23:52 Michael Gilbert wrote: > I've prepared a package for the new stable upstream webkit 1.2 branch > [0]. That branch now only contains security fixes. Would it be OK to > push this new upstream version as a DSA for squeeze?
Thanks. I think conceptually this is a good idea, I do have some practical issues with the current package: - The version number 1.2.7-1 won't work for stable since this is higher than testing/unstable. In the past this would be propagated automatically to the latter ones but I think that hasn't worked for many years now. The best way forward depends a bit on the plan for sid: * If you want upload 1.2.7-1 there,you can upload 1.2.6-2+1.2.7-1 (or something like 1.2.7-0+squeeze1 when wheezy has 1.2.7-1) to squeeze. * If you want to upload 1.3 there, we can accept 1.2.7-1 in squeeze as soon as 1.3 is in testing. - The changelog doesn't seem to mention any CVE id's. - You add yourself as maintainer and DM-uploader even though you don't have that position in unstable. Is this agreed upon with the current maintenance team? Cheers, Thijs
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
