© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I am not sure how wise it is to make a release that is supported for 5 years and does not contain the fix for CVE-2009-3555 (unless you mean to add it later). Clients may change their behaviour and refuse to connect to insecure servers at some time in the future.
The "improved protection for vulnerable clients" I mentiond in my first post is already in 2.2.14-5, so just ignore that.
The postrm hook is not urgent but may be required for the update to the next LTS release. Maybe it would be enough to add it later in a point release.
Disclaimer: I don't know much about the Ubuntu release process.