On Friday 08 August 2014 20:29:44 Pascal Hambourg wrote:
> Hello,
>
> Raphael Geissert a écrit :
> > Package: python2.6
> > Version: 2.6.6-8+deb6u2
>
> AFAICS, this update is not available for i386, whereas the more recent
> openssl update is. Is this expected ?
No, the build app
Hello,
Raphael Geissert a écrit :
> Package: python2.6
> Version: 2.6.6-8+deb6u2
AFAICS, this update is not available for i386, whereas the more recent
openssl update is. Is this expected ?
--
To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org
with a subject of "unsub
On Fri, Aug 8, 2014 at 11:16 AM, Holger Levsen wrote:
> But then, this target (copied from update-backports(-*) is never called, just
> like update-backports. doc/security-team.d.o/security_tracker only mentions
> the update-stable target...
>
> So there must be something missing here.
You'll want
Hi,
On Mittwoch, 6. August 2014, Michael Gilbert wrote:
> > svn://anonscm.debian.org/svn/secure-testing
> > (as listed on the bottom of the security-tracker pages)
>
> In particular the Makefile, which fetches and parses the package archive
> data.
$ svn diff
Index: Makefile
On 08/07/2014 08:21 PM, Thorsten Alteholz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: nspr
Version: 4.8.6-1+squeeze2
CVE ID : CVE-2014-1545
Abhiskek Arya discovered an out of bounds write in the cvt_t() function
of the NetScape Portable Runtime Library
On 08/07/2014 07:00 PM, Holger Levsen wrote:
Package: reportbug
Version: 4.12.6+deb6u1
CVE ID : CVE-2014-0479
Fix CVE-2014-0479: Arbitrary code execution in compare_versions.
A man-in-the-middle attacker could put shell metacharacters in the
version number, causing execut
On Fri, Aug 08, 2014 at 11:29:34AM +0100, Ian Jackson wrote:
> Moritz Mühlenhoff writes ("Re: Security support for adns in squeeze-lts"):
> > On Thu, Aug 07, 2014 at 03:04:29PM +0100, Ian Jackson wrote:
> > > I'm upstream for adns and I am keen to support it. I'm not aware of
> > > any security pr
Hi,
Wordpress has had some security updates on 3.9.2 I have backported
these changesets to the wheezy and now to squeeze. Attached is the
debdiff for review.
- Craig
--
Craig Small (@smallsees) http://enc.com.au/ csmall at : enc.com.au
Debian GNU/Linux http://www.debian.org/
Moritz Mühlenhoff writes ("Re: Security support for adns in squeeze-lts"):
> On Thu, Aug 07, 2014 at 03:04:29PM +0100, Ian Jackson wrote:
> > I'm upstream for adns and I am keen to support it. I'm not aware of
> > any security problems with it.
>
> It's not in the "support ended", but rather in t
Hi Vincent,
thanks for your feedback!
On Freitag, 8. August 2014, Vincent Bernat wrote:
> >>plugins will use /var/lib/munin-node/plugin-state/$uid/$some_file now
> >>- please report plugins that are still using
> >>/var/lib/munin/plugin-state/ - as those might pose a security risk!
>
❦ 7 août 2014 16:52 +0200, Frank Baalbergen :
> On 08/07/2014 04:48 PM, Holger Levsen wrote:
>> * plugins: use runtime $ENV{MUNIN_PLUGSTATE}. So all properly written
>>plugins will use /var/lib/munin-node/plugin-state/$uid/$some_file now -
>>please report plugins that are still using /
11 matches
Mail list logo
