On Mon, 5 Nov 2018 at 21:52, J Doe <gene...@nativemethods.com> wrote:
> Hello, > > Is this the appropriate list to make a request for an update to a package > for Bionic 18.04.1 LTS server ? The update in question is SpamAssassin > 3.4.2 which fixes 4 CVE’s [1] and was released on 2018-09-16. > > Thank you, > > - J > As a bystander, not involved with packaging, I can still provide a quick response here while waiting for a more official word from proper maintainers so you can get on with your day with some of the information required :-) The standard method of covering security fixes in software shipped within `main` in Ubuntu, we don't usually bump the version. Instead we backport _just_ the security fixes to the version that is already in the repository. For maintainers, spamassassin is in `main` on at least 18.04, so I think it should be subject to security coverage. Dan.
-- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam