Hi Brian, hi Antoine,
On Wed, May 18, 2016 at 11:36:21AM +1000, Brian May wrote:
> Brian May writes:
>
> > However I don't see them in the archives. I can try resending...
>
> I resent the DLAs. I suspect I might have used the wrong GPG key for
> signing.
Thanks a lot to both for the follow-up
Brian May writes:
> However I don't see them in the archives. I can try resending...
I resent the DLAs. I suspect I might have used the wrong GPG key for
signing.
Apologies.
--
Brian May
Markus Koschany writes:
> Don't forget to use Inline-PGP for signing the e-mails. :)
Yes, did that.
Oh wait, maybe I signed with the wrong key. My old key, not my new
one. Ooops.
Apologies for that, will resend the DLAs.
--
Brian May
Am 18.05.2016 um 00:22 schrieb Brian May:
> Antoine Beaupré writes:
>
>> Indeed, sorry I missed that. Then let me rephrase:
>>
>> Brian, do you still intend to send that DLA? :)
>
> I did. My emails appears to have gone missing somewhere along the way
> :-(
>
Don't forget to use Inline-PGP for
Antoine Beaupré writes:
> It's hard to tell without redoing the exact same process you did
> yourself. :p
Ok, I will go ahead. Will pay particular attention this time, see if my
email goes missing again.
--
Brian May
Antoine Beaupré writes:
> Indeed, sorry I missed that. Then let me rephrase:
>
> Brian, do you still intend to send that DLA? :)
I did. My emails appears to have gone missing somewhere along the way
:-(
--
Brian May
Antoine Beaupré writes:
> I do believe you are correct: some DLAs are definitely missing. I wrote
> about libidn in <871t50elvf@angela.anarcat.ath.cx>, the uploader was
> Brian May (in CC).
I sent DLAs for both libidn and librsvg:
libidn: 20160516070110.ga26...@prune.linuxpenguins.xyz
librs
On 2016-05-17 13:42:47, Salvatore Bonaccorso wrote:
> Hi LTS team,
>
> If I do not miss something, there were updates for src:xen,
> src:libidn, and src:librsvg via security.d.o but without DLA. The last
> two with entries in the DLA/list file already. Could you please send
> those? It might confus
On 2016-05-17 12:31:27, Markus Koschany wrote:
> [dropping Rene from CC because he is subscribed to debian-java]
>
> Am 17.05.2016 um 17:56 schrieb Antoine Beaupré:
>> On 2016-04-25 06:34:53, Markus Koschany wrote:
> [...]
>>> We don't intend to remove OpenJDK 6 but it will receive no further
>>> s
On 2016-05-17 14:01:24, Thorsten Alteholz wrote:
> Hi Antoine,
>
> On Tue, 17 May 2016, Antoine Beaupré wrote:
>> Both are what seem to be serious enough DOS attacks, and are not marked
>> no-dsa or anything. You are still assigned the package in dla-needed.txt
>> so for now I'll assume you will co
On 2016-05-17 15:21:16, Guido Günther wrote:
> On Tue, May 17, 2016 at 12:13:29PM -0400, Antoine Beaupré wrote:
>> On 2016-05-13 09:00:59, Antoine Beaupré wrote:
>> > So if we're going to do this painful work, might as well maintain some
>> > qemu interface in wheezy as well. I am not sure I see wh
On Tue, May 17, 2016 at 12:13:29PM -0400, Antoine Beaupré wrote:
> On 2016-05-13 09:00:59, Antoine Beaupré wrote:
> > So if we're going to do this painful work, might as well maintain some
> > qemu interface in wheezy as well. I am not sure I see what additional
> > cost this would bring: although
Hi Antoine,
On Tue, May 17, 2016 at 10:57:49AM -0400, Antoine Beaupré wrote:
> On 2016-05-16 12:39:44, Guido Günther wrote:
> > Hi Antoine,
> > On Thu, Apr 07, 2016 at 05:18:21PM -0400, Antoine Beaupré wrote:
> >> On 2016-04-07 16:44:07, Antoine Beaupré wrote:
> >> >> The patches by itself look goo
Hi Antoine,
On Tue, 17 May 2016, Antoine Beaupré wrote:
Both are what seem to be serious enough DOS attacks, and are not marked
no-dsa or anything. You are still assigned the package in dla-needed.txt
so for now I'll assume you will complete the work, but please do update
the status correctly ne
Hi LTS team,
If I do not miss something, there were updates for src:xen,
src:libidn, and src:librsvg via security.d.o but without DLA. The last
two with entries in the DLA/list file already. Could you please send
those? It might confuse people seeing the update but no advisory.
Thanks in advance,
[dropping Rene from CC because he is subscribed to debian-java]
Am 17.05.2016 um 17:56 schrieb Antoine Beaupré:
> On 2016-04-25 06:34:53, Markus Koschany wrote:
[...]
>> We don't intend to remove OpenJDK 6 but it will receive no further
>> security updates.
>
> .. starting from june?
Starting fr
On 2016-05-13 09:00:59, Antoine Beaupré wrote:
> So if we're going to do this painful work, might as well maintain some
> qemu interface in wheezy as well. I am not sure I see what additional
> cost this would bring: although the attack surface is larger on qemu and
> Xen uses only some parts of th
On 2016-04-25 06:34:53, Markus Koschany wrote:
> Am 25.04.2016 um 12:23 schrieb Rene Engelhard:
>> Hi,
>>
>> On Mon, Apr 25, 2016 at 12:17:52PM +0200, Markus Koschany wrote:
>>> we are mainly concerned about runtime issues with OpenJDK 7. Libreoffice
>>> declares dependencies on default-jre | open
[should have changed that topic earlier!]
On 2016-05-17 11:31:06, Markus Koschany wrote:
> Am 17.05.2016 um 16:49 schrieb Antoine Beaupré:
>> On 2016-05-17 07:42:52, Santiago Ruano Rincón wrote:
>>> Thanks for triaging this. But, don't forget to update
>>> https://anonscm.debian.org/cgit/collab-ma
On 2016-05-17 11:24:29, Markus Koschany wrote:
> Am 17.05.2016 um 16:59 schrieb Antoine Beaupré:
>> Reducing CCs.
>>
>> On 2016-05-14 04:19:50, Brian May wrote:
>>> Antoine Beaupré writes:
>>>
I reviewed the patch quickly, nothing strikes me as completely wrong,
but I am not currently i
Am 17.05.2016 um 16:49 schrieb Antoine Beaupré:
> On 2016-05-17 07:42:52, Santiago Ruano Rincón wrote:
>> Thanks for triaging this. But, don't forget to update
>> https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/tree/security-support-ended.deb7
>> when needed.
>
> Actually,
On 2016-04-24 13:56:06, Thorsten Alteholz wrote:
> Hi everybody,
>
> I uploaded version 1.8.13.1~dfsg1-3+deb7u4 of asterisk to:
> https://people.debian.org/~alteholz/packages/wheezy-lts/asterisk/amd64/
> https://people.debian.org/~alteholz/packages/wheezy-lts/asterisk/i386/
>
> Please give it a
Am 17.05.2016 um 16:59 schrieb Antoine Beaupré:
> Reducing CCs.
>
> On 2016-05-14 04:19:50, Brian May wrote:
>> Antoine Beaupré writes:
>>
>>> I reviewed the patch quickly, nothing strikes me as completely wrong,
>>> but I am not currently in a position to test the patchset.
>>
>> Unless there ar
Reducing CCs.
On 2016-05-14 04:19:50, Brian May wrote:
> Antoine Beaupré writes:
>
>> I reviewed the patch quickly, nothing strikes me as completely wrong,
>> but I am not currently in a position to test the patchset.
>
> Unless there are any objections I plan on rechecking this and uploading
> t
On 2016-05-16 12:39:44, Guido Günther wrote:
> Hi Antoine,
> On Thu, Apr 07, 2016 at 05:18:21PM -0400, Antoine Beaupré wrote:
>> On 2016-04-07 16:44:07, Antoine Beaupré wrote:
>> >> The patches by itself look good to me.
>> >
>> > Alright, I'll rebuild with the tests/ directory, we'll see how that
On 2016-05-16 19:13:28, Brian May wrote:
> Brian May writes:
>
>> Any objections by anybody if I upload Antoine Beaupré's packages to
>> Debian, this Monday morning at Melbourne timezone?
>
> Done.
>
> Next step, the DLA. I went through the changelog and remove entries that
> are already marked as
On 2016-05-17 07:42:52, Santiago Ruano Rincón wrote:
> Thanks for triaging this. But, don't forget to update
> https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/tree/security-support-ended.deb7
> when needed.
Actually, before we do that: did we actually agree that we would n
Hi Chris,
El 15/05/16 a las 12:32, Chris Lamb escribió:
> Author: lamby
> Date: 2016-05-15 12:32:30 + (Sun, 15 May 2016)
> New Revision: 41743
>
> Modified:
>data/CVE/list
> Log:
> Triage mediawiki for Wheezy LTS
>
> Modified: data/CVE/list
> =
Hi,
El 17/05/16 a las 18:06, Vincent McIntyre escribió:
> Hi,
>
> this still appears to be broken. Should I just be patient,
> or is there some further action that needs to be taken?
>
> Kind regards
> Vince
Please, be patient. I have filled a bug report [1] and an upload is
pending, but we are
Hi,
this still appears to be broken. Should I just be patient,
or is there some further action that needs to be taken?
Kind regards
Vince
% apt-cache policy debian-security-support
debian-security-support:
Installed: 2015.04.04~deb7u1
Candidate: 2016.05.09+nmu1~deb7u1
Version table:
2
30 matches
Mail list logo
