On Wed, Nov 25, 2020 at 08:55:35AM -0800, tony mancill wrote:
> On Wed, Nov 25, 2020 at 09:26:13AM +0100, Moritz Muehlenhoff wrote:
> > On Tue, Nov 24, 2020 at 03:05:26PM -0800, tony mancill wrote:
> > > Hello Matthias, Tiago, and other members of the OpenJDK team,
> > &g
On Tue, Nov 24, 2020 at 03:05:26PM -0800, tony mancill wrote:
> Hello Matthias, Tiago, and other members of the OpenJDK team,
>
> Thank you for the recent uploads of 11.0.9.1 [1]. Given that it
> addresses JDK-8250861 [2] (which is serious, although I'm unsure as to
> whether it is DSA-worthy) an
On Wed, Nov 18, 2020 at 12:20:37PM +0100, Matthias Klose wrote:
> [removed the Python 2 bits]
>
> On 11/17/20 11:08 PM, Moritz Muehlenhoff wrote:
> > Package: debian-security-support
> > Severity: normal
> > X-Debbugs-Cc: d...@debian.org, t...@security.debian.or
On Mon, Mar 25, 2019 at 02:53:03PM +0100, Emmanuel Bourg wrote:
> Hi Thorsten,
>
> Le 25/03/2019 à 14:17, Thorsten Glaser a écrit :
>
> > Please don’t, tomcat9 has no sysvinit script, and you did
> > not like any of my suggestions for it.
>
> I don't mind if tomcat8 is released with Buster, but
On Fri, Feb 03, 2017 at 10:06:19AM +0100, Sebastiaan Couwenberg wrote:
> Fixed versions:
>
> * jessie: 0~svn95-1+deb8u1
> * wheezy: 0~svn95-1+deb7u1
>
> Are these changes OK for upload to security-master?
Thanks. Please upload.
Cheers,
Moritz
On Mon, Aug 15, 2016 at 06:42:31PM +0200, Markus Koschany wrote:
> On 15.08.2016 18:31, Emmanuel Bourg wrote:
> > On 08/15/2016 06:19 PM, Markus Koschany wrote:
> >
> >> This is the exact same change as currently in Stretch. This in an
> >> improvement and has no negative effect.
> >
> > This cha
On Mon, Jun 20, 2016 at 06:48:58PM +0200, Markus Koschany wrote:
> Hello,
>
> I am thinking about to upgrade mysql-connector-java to the latest stable
> version in Wheezy and Jessie to address
>
> https://security-tracker.debian.org/tracker/CVE-2015-2575
>
> As usual Oracle does not provide conc
On Mon, May 30, 2016 at 08:42:52AM +0200, Emmanuel Bourg wrote:
> Le 30/05/2016 à 01:24, Markus Koschany a écrit :
>
> > OK, then let's update the third line to
> >
> > chown -Rh $TOMCAT8_USER:$TOMCAT8_GROUP /etc/tomcat8/Catalina
> > /var/lib/tomcat8/webapps /var/lib/tomcat8/lib
>
> I don't feel
On Wed, Nov 26, 2014 at 12:40:37PM +0100, Emmanuel Bourg wrote:
> I've been investigating this issue as well. I contacted an upstream
> developer and it seems the actual fix for this issue is unknown. The
> version 3.2.0 was just reported as not vulnerable by the security
> researched who discovere
On Thu, Oct 02, 2014 at 12:34:12PM +0200, Markus Koschany wrote:
> On 02.10.2014 08:39, Salvatore Bonaccorso wrote:
> > Hi Markus
> >
> > As mentioned in [1,2] we do not use anymore the RT queues (a change from
> > DSA to disable them completely is pending).
> >
> > [1] https://wiki.debian.org/r
On Sun, Jun 01, 2014 at 01:23:01PM -0700, tony mancill wrote:
> In addition to libservlet2.5-java, I think we should have some sense of
> how tomcat6 and tomcat7 users will be affected by having tomcat8-only
> available in jessie. That is, are there incompatibilities or changes in
> behavior peopl
On Sat, Nov 03, 2012 at 10:23:18PM +0900, Charles Plessy wrote:
> Le Fri, Nov 02, 2012 at 07:43:19AM +0100, Thomas Koch a écrit :
> > Charles Plessy:
> > >
> > > In particular I do not know if the best resolution for this bug is to
> > > upgrade to 2.5.0 or to patch, so I am reluctant to take acti
Package: openjdk-6
Severity: serious
Upstream support for Java 6 ends in November:
http://www.oracle.com/technetwork/java/javase/eol-135779.html
As such, we should not include it in Wheezy and fix up the
rdepends to use openjdk-7 instead.
Especially, since openjdk is quite a burden to update ev
On Mon, Apr 05, 2010 at 12:52:39PM +0200, Michael Tautschnig wrote:
> [...]
>
> >
> > I would proceed in this way:
> > bsh: add bsh-src binary creation
> > jedit:
> > - remove Debian bsh sources (added to the rejected package [2])
> > - add bsh-src as builddep
>
> I think if you do a versioned b
14 matches
Mail list logo
