Bug#699888: new nss packages fixing cve-2013-1620
Yves-Alexis Perez
corsac at debian.org
Fri Mar 15 16:50:08 UTC 2013
On jeu., 2013-03-14 at 22:48 -0400, Michael Gilbert wrote:
> Hi,
>
> I've prepared new nss packages fixing the "lucky 13" issue:
> http://people.debian.org/~mgilbert
>
> For the mozilla team, this is a new upstream, so would you be ok with
> it uploaded as an nmu, or would you like to upload?
>
> For the security team, these fixes are so large that I think a
> backport is likely impossible. Should (can) we attempt to convince
> the release team to jump from 3.13.6 to 3.14.3 in testing, or is that
> crazy at this point in the freeze? If not, then what?
>
Manually adding Mike in the loop because of the broken BTS.
--
Yves-Alexis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20130315/af43d81f/attachment.pgp>
More information about the pkg-mozilla-maintainers
mailing list