On Fri, Jul 7, 2017 at 2:01 AM, Antoine Beaupré wrote:
> For what it's worth, my opinion is that we should attempt to synchronize
> certdata.txt (and blacklist.txt, for that matter) across all suites (but
> not other changes to the packaging). This would remove another decision
> point in our infr
Hi everyone,
In looking at fixing #858539 (blocking WoSign and StartCom, in CC) for
wheezy, I noticed the issue was also pending in jessie. Furthermore, the
idea originally raised by pabs[1] was to also update the packages for
the latest changes in certdata.txt in wheezy, including the ISRG Root
f
unsubscribe
2017-07-06 11:05 GMT+01:00 Chris Lamb :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Package: radare2
> Version: 0.9-3+deb7u3
> CVE ID : CVE-2017-10929
> Debian Bug : #867369
>
> It was discovered that there was a heap-based buffer overflow in ra
Hi,
during June I worked 9 of the allocated 9 hours on LTS. During this time
I did the following:
- Spent the second half of a week with LTS frontdesk duties.
- Prepared a new debian-security-support package for wheezy, stretch and
sid. The jessie update is prepared and pending review.
- qemu-kv
