[Secure-testing-team] Another syntax addition: <removed>
Florian Weimer
fw at deneb.enyo.de
Tue Oct 4 18:52:35 UTC 2005
* Joey Hess:
> Moritz Muehlenhoff wrote:
>> consider the following case: Package foo has a bug, the bug affects stable
>> or oldstable, but the fix for sid/testing consists in the removal of foo
>> or it has already been removed for other reasons.
>> <not-affected> doesn't fit, because older releases of Debian _are_ affected,
>> while the issue is no longer relevant for testing/sid. The solution is
>> a new "solution state" <removed>. Please adapt external scripts for this
>> new token; it'll be used soon. (bidwatcher, libsafe)
>
> IMHO the correct thing to do is to mark it as unfixed. Then if it
> somehow re-enters testing later from sid, we will see it and go make
> sure the new version is fixed.
For the record, I agree.
Moritz, I don't understand which problem you are trying to solve. If
the package is not present in testing, it's not vulnerable.
More information about the Secure-testing-team
mailing list