Comment 5 for bug 35528

Revision history for this message
Luis Villa (luis-villa) wrote :

Hrm. Let me clarify the terminology a bit, then:

* dapper-backports: something that I as a dapper user assume is optional to subscribe to, and which if subscribed to, gives me new features, etc.
* dapper-security: something that I as a dapper user assume is effectively mandatory to subscribe to, and which if subscribed to, gives me *all necessary* security fixes.

If I understand these correctly, this hole requires that a fixed version go in dapper-*security*; any upload of a new version to dapper-backports is just a nicety and not mandatory.

So what I should be doing, if I understand the two channels correctly, and if the bug is severe enough, is to add a dapper-security task to this bug. Is that correct?