Hi,
On Wed, Dec 16, 2015 at 02:58:08PM -0700, Troy Heber wrote:
> On 12/16/15 18:44, Guido Günther wrote:
> >
> > It doesn't segfault but I added this note to dla-needed (so I remember
> > why I think it's affected):
> >
> > dwarfutils
> > NOTE: exploit does not crash dwarfutils but _dwarf_get_
On Wed, Dec 16, 2015 at 3:22 PM, Raphael Hertzog wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of bind9:
> https://security-tracker.debian.org/tracker/CVE-2015-8000
As mentioned before, please go a
Hi,
On Wed, 16 Dec 2015, Troy Heber wrote:
> First, from a policy perspective, I would argue that since there is no
> security issue it does not make sense to provide an extremely minor
> fix to an LTS package.
Ack. I updated the security tracker to mark this issue as not affecting
squeeze.
Than
On Wed, Dec 16, 2015 at 10:43:30PM +0100, Raphael Hertzog wrote:
> the Debian LTS team recently reviewed the security issue(s) affecting your
> package in Squeeze:
> https://security-tracker.debian.org/tracker/CVE-2015-1336
>
> We decided that we would not prepare a squeeze security update because
On 12/16/15 18:44, Guido Günther wrote:
>
> It doesn't segfault but I added this note to dla-needed (so I remember
> why I think it's affected):
>
> dwarfutils
> NOTE: exploit does not crash dwarfutils but _dwarf_get_abbrev_for_code
> lacks the check
>
> I do think it would be good to add the
Hello Jelmer,
the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of samba:
https://security-tracker.debian.org/tracker/CVE-2015-5252
https://security-tracker.debian.org/tracker/CVE-2015-5296
https://security-tracker.debian.org/tracker/CVE-2015
Hello Colin,
the Debian LTS team recently reviewed the security issue(s) affecting your
package in Squeeze:
https://security-tracker.debian.org/tracker/CVE-2015-1336
We decided that we would not prepare a squeeze security update because
I don't see how this could be exploited by anyone... an unpr
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of bind9:
https://security-tracker.debian.org/tracker/CVE-2015-8000
This issue has already been fixed in other stable releases
and I'm attaching the debdiff of the w
Hi Chris,
On 15-12-15 15:11, Chris Lamb wrote:
>>> Just to clarify what's needed here - are you part of Debian LTS?
>>
>> What a difficult question to answer straight. Yes and no. Yes, I lurk on
>> this e-mail list, yes, I have the intention to take care of "my" own
>> packages as said multiple ti
Hi Troy,
On Tue, Dec 15, 2015 at 12:18:28PM -0700, Troy Heber wrote:
> On 12/11/15 11:21, Guido Günther wrote:
>
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Squeeze version of dwarfutils:
> > https://security-tracker.debian.org/tracker/CVE-201
Hi,
Op Wed, Dec 16, 2015 at 12:19:36PM +0100 schreef Holger Levsen:
> Hi Santiago,
>
> On Mittwoch, 16. Dezember 2015, Santiago Ruano Rincón wrote:
> > mysql-client and mysql-server are empty packages that depends on the
> > actual client and server packages. We needed to bump them, or to be mor
Hi Santiago,
On Mittwoch, 16. Dezember 2015, Santiago Ruano Rincón wrote:
> mysql-client and mysql-server are empty packages that depends on the
> actual client and server packages. We needed to bump them, or to be more
> precise, to not drop them from the mysql-5.5 source package, so they can
> d
Hi Holger,
El 16/12/15 a las 11:51, Holger Levsen escribió:
> Hi,
>
> thanks again for your work on this update! As you know I've witnessed how it
> was prepared, yet I'm confused. I'll tell you why/how…
>
> On Mittwoch, 16. Dezember 2015, Santiago Ruano Rincón wrote:
> > Please note that a dis
Hi,
thanks again for your work on this update! As you know I've witnessed how it
was prepared, yet I'm confused. I'll tell you why/how…
On Mittwoch, 16. Dezember 2015, Santiago Ruano Rincón wrote:
> Please note that a dist-upgrade will not consider these MySQL 5.5
> packages automatically, so us
14 matches
Mail list logo
