Hi,
Last month I've gone through most of the CVEs affecting qemu in the
past years and investigated whether they were likely to affect the
wheezy version of Xen. For that I have considered that any
vulnerability affecting the embedded version of Qemu was also
affecting Xen, which is, according to
On 2016-12-27 16:56:06, Roberto C. Sánchez wrote:
> Have you tried actually using the imagemagick collab-maint repository?
I did, and failed. :)
Point taken.
A.
--
Le péché est né avant la vertu, comme le moteur avant le frein.
- Jean-Paul Sartre
On Tue, Dec 27, 2016 at 04:38:59PM -0500, Antoine Beaupré wrote:
> On 2016-12-26 18:55:31, Roberto C. Sánchez wrote:
> > All,
> >
> > I recently saw that php5, squid, and squid3 have LTS-specific
> > repositories on git.debian.org. Since imagemagick appears to have a
> > large volume of issues for
On 2016-12-26 18:55:31, Roberto C. Sánchez wrote:
> All,
>
> I recently saw that php5, squid, and squid3 have LTS-specific
> repositories on git.debian.org. Since imagemagick appears to have a
> large volume of issues for the LTS team to address and at least once we
> have had to effect a hand-off
On 2016-12-23 17:54:11, Ola Lundqvist wrote:
> Hi
>
> I have looked into CVE-2016-9586 affecting curl.
> What I'm trying to figure out is whether it is worth the effort to fix
> it or not.
>
> More info here:
> https://curl.haxx.se/docs/adv_20161221A.html
>
> 1) There are no known exploits -> minor
On 2016-12-24 09:19:10, Jonas Meurer wrote:
[...]
> I don't think it's worth the effort.
>
> I added an entry to NEWS in 3.4.1-5~bpo7+2 that recommends to downgrade
> nagios3 on wheezy installations to 3.4.1-3+deb7u3 from wheezy-security:
>
> nagios3 (3.4.1-5~bpo7+2.1) wheezy-security; urgency=me
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of python-crypto:
https://security-tracker.debian.org/tracker/CVE-2013-7459
Would you like to take care of this yourself?
If yes, please follow the workflow we have
Dear LTS Team,
I'd like to get CVE-2015-0839 fixed in wheezy, it's a no-DSA issue, and
security team members suggested to get it fixed in stable and oldstable.
This bug is a simple 'fetching gpg key from keyservers with a short
keyid' problem, and upstream's fix is to use the full fingerprint.
T
