On Tue, Jun 24, 2014 at 11:26:43AM +0200, Philipp Kern wrote:
[..snip..]
> [1] I'm aware that certain libraries do restart services affected by the
> upgrade, but there's no generic framework for this.
whatmaps[A] hooks into the apt pipeline for that and looks for shared
objects coming in via secu
On 2014-06-23 17:33, Christoph Anton Mitterer wrote:
Well I just think that most of the time, our Security Team does some
very great job (if not hiding away issues o.O) and fixes are available
in Debian very shortly after a fix is available.
These guys put a lot effort into that, but their quick
* Adam D. Barratt , 2014-06-23, 14:24:
* Christoph Anton Mitterer , 2014-06-22, 04:34:
There are a few mechanisms to mitigate downgrade attacks within
the archive:
* Valid-Until fields in the Release files;
I still think the time spans are far too long here...
For the record, the validity pe
For the interested:
On Mon, 2014-06-23 at 14:42 +0200, Jakub Wilk wrote:
> "reportbug ftp.debian.org" for unstable and experimental;
#752450
smime.p7s
Description: S/MIME cryptographic signature
On Mon, 2014-06-23 at 14:42 +0200, Jakub Wilk wrote:
> For the record, the validity periods currently are:
>
> unstable, experimental: 7 days
> testing: 7 days
>
> wheezy: no limit
> wheezy(-proposed)-updates: 7 days
> wheezy/updates at security.d.o: 10 days
> wheezy-backports: 7 days
>
> squee
On 2014-06-23 13:42, Jakub Wilk wrote:
* Christoph Anton Mitterer , 2014-06-22, 04:34:
There are a few mechanisms to mitigate downgrade attacks within the
archive:
* Valid-Until fields in the Release files;
I still think the time spans are far too long here...
For the record, the validity pe
* Christoph Anton Mitterer , 2014-06-22, 04:34:
There are a few mechanisms to mitigate downgrade attacks within the
archive:
* Valid-Until fields in the Release files;
I still think the time spans are far too long here...
For the record, the validity periods currently are:
unstable, experime
7 matches
Mail list logo
