Dear Mentors,

I hope this email finds you well.

I'm writing to seek your guidance on backporting a fix for CVE-2021-45463
to the Bullseye release. I've successfully developed a fixed version of
gegl for Bullseye, but I'm facing a roadblock due to the age of the
Bullseye release.

According to the LTS team's FAQ, backporting for a given release is
typically closed after three years. As Bullseye's initial stable release occurred over three years ago, I am concerned that backporting the fix may
not be possible.

I would be grateful if you could confirm my understanding of the
backporting policy in this specific case.

Thank you for your time and consideration.

Sincerely,
Fukui

<div dir="ltr"><div>Dear Mentors,<br><br>I hope this email finds you well.<br></div><div><br></div><div>I&#39;m writing to seek your guidance on backporting a fix for CVE-2021-45463 to the Bullseye release. I&#39;ve successfully developed a fixed version
of gegl for Bullseye, but I&#39;m facing a roadblock due to the age of the Bullseye release.<br></div><div><br></div>According to the LTS team&#39;s FAQ, backporting for a given release is typically closed after three years. As Bullseye&#39;s initial
stable release occurred over three years ago, I am concerned that backporting the fix may not be possible.<br><br>I would be grateful if you could confirm my understanding of the backporting policy in this specific case.<br><br>Thank you for your time
and consideration.<br><br>Sincerely,<br>Fukui<br></div>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, Oct 27, 2024 at 07:42:46PM +0900, Daichi Fukui wrote:

I'm writing to seek your guidance on backporting a fix for CVE-2021-45463
to the Bullseye release. I've successfully developed a fixed version of
gegl for Bullseye, but I'm facing a roadblock due to the age of the
Bullseye release.

According to the LTS team's FAQ, backporting for a given release is
typically closed after three years. As Bullseye's initial stable release occurred over three years ago, I am concerned that backporting the fix may not be possible.

It's unclear what are you trying to do but it looks like you want to make
a backport. Backports to bullseye indeed don't make sense anymore, but
also security problems should be fixed via the security repo, not via the backports one, and if it's too minor to deserve an LTS update then I
wouldn't do anything about it at all. Did you contact (or consider
contacting) the LTS team about making an LTS update instead?


--
WBR, wRAR

-----BEGIN PGP SIGNATURE-----

iQJhBAABCgBLFiEEolIP6gqGcKZh3YxVM2L3AxpJkuEFAmceJn4tFIAAAAAAFQAP cGthLWFkZHJlc3NAZ251cGcub3Jnd3JhckBkZWJpYW4ub3JnAAoJEDNi9wMaSZLh TCUP/jU55TqHZgR2zvkKkfD1G/v8xROSZ7ZF7zAbKMYRcNkoXDNJ8QhkfxSMGP4H H9u7LaqmEUj45uKGJocS7MNCmOi9wi4jqwe9yKj6sHWpd8GV9RZDlGCVsM0qdsUc fTvTkjj/Ci4F2qd7lcfvzcte9syHURBrAbsZ7YXdFzuivdGWHTDzj+qbdqX3E9WS SuD80MDzyarVbe0CNnl8belXEYqCzdJXJVt8mxbSlZ4Ii/Nugn/EzSmAX3ctmGE4 N1edH20E0VVIg59cfcK2eR2fSHgY9I+Uzis42twn1teSKoJydAZxgQFK+emEQ60D fvhyeRq3aYuhA/OW+vXHxMdIGkMcyXiU8XqNTITRSrMibxOyH4hhcuiacXB0/QTm wT+5kNh8K+Ndzg8jSGDPG/MsAU+w607GoTSY0awOKSakk2Er+dzW+F3S6LQwdNJe zGbRcLXbWf8T3/5zi2emnQJD3kHxZBVEkNHdtLDwt3vclV6vo2EaTik/mzoJujG1 TDDLB5zJJt8LaeiJjvYQhBh65w9BeNvfL4dVQ7kHKIkMtqVZDHj6bJEeak7fp0DF tUoP0k94DNPM68P/Jsdv0Ew+nbcOa80/uYCJMDlPr+H4yV1qPjcmV8+An+FqcLmx KNSVAlUhxibnpt3hjM+m3inmmnHZ+lkuNd3bdaPNwS0fFaG/
=SI0e
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)