On Thu, Sep 14, 2017 at 08:53:02AM -0000, Launchpad Bug Tracker wrote: > You have been subscribed to a public bug by Jeremy Bicha (jbicha): > > Please sync libsoup2.4 2.60.0-1 (main) from Debian unstable (main) > > Explanation of FeatureFreeze exception: > > libsoup follows the GNOME release cycle and we're shipping the rest of > GNOME 3.26. > > Also, libsoup is a security sensitive package. (And 2.59.90.1 fixes > CVE-2017-2885). I think it's (slightly) easier for the Security Team to > backport security fixes for newer releases. > > https://git.gnome.org/browse/libsoup/tree/NEWS > > https://git.gnome.org/browse/libsoup/log/
I'm reasonably in favour of this - and it seems from NEWS that the new feature you're requesting an exception for is new API which in itself is not a risky new feature. But, since you've asked... this is a fairly core package on the desktop; how much have you tested it? Seems there's at least one regression mentioned in the intermediate releases. Cheers, -- Iain Lane [ i...@orangesquash.org.uk ] Debian Developer [ la...@debian.org ] Ubuntu Developer [ la...@ubuntu.com ] ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-2885 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1717216 Title: FFe: Sync libsoup2.4 2.60.0-1 (main) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup2.4/+bug/1717216/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
