Hello Mathieu,

Two things about your debdiff that I would suggest before this is uploaded:
 1. Please set the priority to medium in the changelog to match the CVE 
priority, and I'm not sure the references to the other releases are needed, 
this can be dealt with in the DEP-3 header (see below).
 2. Adding a DEP-3 header helps parse your patch in a machine-readable format, 
please update your patch to use it: http://dep.debian.net/deps/dep3/

Lastly, in order to properly do the triaging on the tracker[1], could
you please tell us if Zesty and Artful are applicable, or if it is fixed
in Xenial and on, and also which upstream release it was fixed in?

After the above is taken care of, it should be good to upload, unless
anyone else has feedback. Thank you for your contribution to Ubuntu and
your willingness to get this fixed!

[1] https://people.canonical.com/~ubuntu-
security/cve/2015/CVE-2015-3206.html

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1716429

Title:
  pykerberos for trusty does not include CVE-2015-3206 fix

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pykerberos/+bug/1716429/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to