[Antoine Beaupré]
> Normally, the gen-DLA thing does the right thing, if i remember
> correctly. Just commit the results and you're done.
Salvatore Bonaccorso approached me on IRC and wondered when the DLA
would show up. Earlier in this thread I was given the impression that
someone with more exp
Dear owl337 team,
thanks for looking at pspp and finding the security problems
https://security-tracker.debian.org/tracker/CVE-2017-10791
and
https://security-tracker.debian.org/tracker/CVE-2017-10792
in pspp! Your reports are quite detailed. Could you describe how you found the
problems, i.e
On 2017-07-03 00:50:45, Petter Reinholdtsen wrote:
> [Petter Reinholdtsen]
>> Thank you. I'm building and testing in wheezy at the moment, and will
>> upload when I am done. I would be very happy if someone else took the
>> bookkeeping.
>
> I'm not quite sure if the CVE tracker should be updated
[Petter Reinholdtsen]
> Thank you. I'm building and testing in wheezy at the moment, and will
> upload when I am done. I would be very happy if someone else took the
> bookkeeping.
I'm not quite sure if the CVE tracker should be updated like this for
LTS entries or not. Perhaps someone who know
Hi Gianfranco,
Here you go. Build and runtime tested.
Cheers,
Roger
On 2 July 2017 at 20:00, Gianfranco Costamagna wrote:
> Hello Thorsten,
>
>>I hope you don't mind that I added both of you to data/dla-needed.txt for
>>the Wheezy update of mosquitto for CVE-2017-9868.
>>
>
> Roger, do you wa
[Thorsten Alteholz]
> yes, any LTS upload needs a DLA after the package arrives in the
> archive. The security tracker contains a script (bin/gen-DLA) that
> creates a template for such a DLA, you just have to fill in some
> description. If you don't want to do this, don't hesitate to inform
> the
Hello Thorsten,
>I hope you don't mind that I added both of you to data/dla-needed.txt for
>the Wheezy update of mosquitto for CVE-2017-9868.
>
Roger, do you want to provide debdiffs?
thanks
G.
Hi Petter,
On Sun, 2 Jul 2017, Petter Reinholdtsen wrote:
Should this update be announced on the announcement list? Does it need
a DLA? The security team tagged it no-dsa. I can build, test and
upload, but am unsure abount the announcing part.
yes, any LTS upload needs a DLA after the packa
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of libtorrent-rasterbar:
https://security-tracker.debian.org/tracker/CVE-2017-9847
Would you like to take care of this yourself?
If yes, please follow the workflow we hav
Hi,
I hope you don't mind that I added both of you to data/dla-needed.txt for
the Wheezy update of mosquitto for CVE-2017-9868.
Thanks!
Thorsten
Hi Alberto,
On Sun, 2 Jul 2017, Alberto Gonzalez Iniesta wrote:
Those bugs didn't affect the 2.2 series of OpenVPN.
Only CVE-2017-7520 applied to 2.2.x.
ah, great, thanks for the info. So I marked both as not-affected for
Wheezy in the security tracker.
Thorsten
On Sun, Jul 02, 2017 at 04:34:13PM +0200, Thorsten Alteholz wrote:
> Hi Alberto,
>
> the next batch of CVEs for openvpn is coming:
> CVE-2017-7508
> CVE-2017-7521
>
> Do you want to prepare the Wheezy version again?
>
> Thorsten
>
Hi Thorsten,
Those bugs didn't affect the 2.2 series of Op
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of nasm:
https://security-tracker.debian.org/tracker/CVE-2017-10686
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined here:
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of pspp:
https://security-tracker.debian.org/tracker/CVE-2017-10791
https://security-tracker.debian.org/tracker/CVE-2017-10792
Would you like to take care of this yourself
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of rkhunter:
https://security-tracker.debian.org/tracker/CVE-2017-7480
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined he
Hi Alberto,
the next batch of CVEs for openvpn is coming:
CVE-2017-7508
CVE-2017-7521
Do you want to prepare the Wheezy version again?
Thorsten
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of mpg123:
https://security-tracker.debian.org/tracker/CVE-2017-10683
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined her
Hi Alessio,
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of libmtp:
https://security-tracker.debian.org/tracker/CVE-2017-9831
https://security-tracker.debian.org/tracker/CVE-2017-9832
Would you like to take care of this yourself?
If ye
Hi. I got tired of CVE-2015-6749 showing up on
https://udd.debian.org/dmd.cgi?email1=pere%40debian.org > and
would like to provide an update for oldoldstable/Wheezy to fix the old
security issue. Alexander Wirt suggested I follow the procedure on
https://wiki.debian.org/LTS/Development >, but I
19 matches
Mail list logo
