|
521.
|
|
|
Build your package and verify that it compiles without error and without any added compiler warnings
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:99
|
|
522.
|
|
|
Upgrade to the new version of the package from the previous version
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:101
|
|
523.
|
|
|
Test that the new package fixes the vulnerability and does not introduce any regressions
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:102
|
|
524.
|
|
|
Submit your work via a Launchpad merge proposal and file a Launchpad bug being sure to mark the bug as a security bug and to subscribe ``ubuntu-security-sponsors``
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:104
|
|
525.
|
|
|
If the security vulnerability is not yet public then do not file a merge proposal and ensure you mark the bug as private.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:108
|
|
526.
|
|
|
The filed bug should include a Test Case, i.e. a comment which clearly shows how to recreate the bug by running the old version then how to ensure the bug no longer exists in the new version.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:111
|
|
527.
|
|
|
The bug report should also confirm that the issue is fixed in Ubuntu versions newer than the one with the proposed fix (in the above example newer than Precise). If the issue is not fixed in newer Ubuntu versions you should prepare updates for those versions too.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:115
|
|
528.
|
|
|
Stable Release Updates
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:122
|
|
529.
|
|
|
We also allow updates to releases where a package has a high impact bug such as a severe regression from a previous release or a bug which could cause data loss. Due to the potential for such updates to themselves introduce bugs we only allow this where the change can be easily understood and verified.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:124
|
|
530.
|
|
|
The process for Stable Release Updates is just the same as the process for security bugs except you should subscribe ``ubuntu-sru`` to the bug.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../ubuntu-packaging-guide/security-and-stable-release-updates.rst:129
|