Sorry, but I don't get it why the package update should be in oldstable... It's clear that squeeze is not supported anymore and the important packages will get security updates via squeeze-LTS (other security team than stable sec team) So where is the problem to add squeeze LTS in apt/sources.list ?
Why to update a package in a repository which is out of date? > -----Ursprüngliche Nachricht----- > Von: Andrew McGlashan [mailto:andrew.mcglas...@affinityvision.com.au] > Gesendet: Samstag, 27. September 2014 22:33 > An: debian-security@lists.debian.org > Betreff: Re: Shellshock: Has CVE-2014-7186 and CVE-2014-7187 been > addressed for debian > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 28/09/2014 4:29 AM, Martin Holub wrote: > > Please according to the Security Tracker [1,2] booth are fixed in > > stable and oldstable. > > NOT QUITE ..... fixed in stable [wheezy] > and "oldstable-LTS" [squeeze-lts] .... > > > BUT NOT oldstable [squeeze] it is NOT fixed, > nor is it still supported. :( > > Cheers > A. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (MingW32) > > iF4EAREIAAYFAlQnHwcACgkQqBZry7fv4vvwvwEAvyOLseQFtGPpRVgKACCMJ > Lz0 > TDB8s+yhSRm1B6hF7N8A/2EtYBzUYE27bOiJPy5Wd9v2hf6K1iZNBnhnOhp8gp > S6 > =CYzm > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: https://lists.debian.org/54271f09.8010...@affinityvision.com.au
