Hi,
On 01/23/2018 10:32 PM, Markus Koschany wrote:
Am 23.01.2018 um 11:41 schrieb Lars Tangvald:
Hi,
On 01/22/2018 04:35 PM, Markus Koschany wrote:
[...]
I also think it makes sense to take a smaller step and upgrade from 5.5
to 5.6. Are there any known issues with 5.6 or can you share any
Hi Brian
On Thu, Feb 08, 2018 at 08:20:22AM +1100, Brian May wrote:
> Hello,
>
> According to the upstream bug report:
> https://github.com/dlitz/pycrypto/issues/253
>
> "This bug is prevalent. It exists in PyCryptodome and libgcrypt (if used
> directly to encrypt messages)."
>
> Anyone know wh
On Sat, Feb 03, 2018 at 05:17:01PM +0100, Salvatore Bonaccorso wrote:
>
> The bug was about CVE-2017-3137, it's never a good idea to mix up
> things ;-).
This is true. However, it appears that Ondrej Zary's comment to #860225
on 2017-09-02 is in fact related to CVE-2017-3139. Since one of the
b
CVE-2018-5709 points to
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
CVE-2018-5710 points to
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)
Both these pages have the same text: "We have removed a
Hello,
According to the upstream bug report:
https://github.com/dlitz/pycrypto/issues/253
"This bug is prevalent. It exists in PyCryptodome and libgcrypt (if used
directly to encrypt messages)."
Anyone know what the connection is between these python libraries and
libgcrypt? Should libgcrypt be
Abhijith PA writes:
>> Do you have any objections to marking python2.6 and python2.7 as no-DSA
>> in wheezy too?
>
> No, I don't have any objection. :)
> I tried to reproduce this CVE with the given POC from upstream bug
> report. But 8 out of 10 I didn't see any. As security team already
> marke
On Wed, 7 Feb 2018, Brian May wrote:
Abhijith PA writes:
On Wednesday 07 February 2018 12:38 PM, Brian May wrote:
Markus Koschany writes:
+krb5
+ NOTE: lts-do-not-call
+--
What does lts-do-not-call mean?
See security-tracker/data/packages/lts-do-not-call .
krb5 doesn't appear to
Package: postgresql-9.1
Version: 9.1.24lts2-0+deb7u2
CVE ID : CVE-2018-1053
A vulnerabilities has been found in the PostgreSQL database system:
CVE-2018-1053
Tom Lane discovered that pg_upgrade, a tool used to upgrade
PostgreSQL database clusters, creates temporar
Hi,
January 2018 was my 17th month as a payed Debian LTS contributor.
I was allocated 18.25 hours. I have spent all of them doing the following
tasks:
* Continue my libav work:
- Continue to investigate libav CVE-2015-8216: Probably affected, but
I am still unable to take final conclusions
Hi,
On Wed, February 7, 2018 06:02, Abhijith PA wrote:
> I prepared a LTS security update for mailman. Debdiff is attached.
> link:
> https://mentors.debian.net/debian/pool/main/m/mailman/mailman_2.1.15-1+deb7u3.dsc
Looks good to me.
Cheers,
Thijs
10 matches
Mail list logo
