Dear all,
On Fr 31 Aug 2018 23:30:53 CEST, Mike Gabriel wrote:
Package: spice
Version: 0.12.5-1+deb8u6
CVE ID : CVE-2018-10873
Debian Bug : #906315
A vulnerability was discovered in SPICE before version 0.14.1 where the
generated code used for demarshalling messag
Package: security-tracker
Severity: wishlist
X-Debbugs-Cc: debian-lts@lists.debian.org
Hi,
when working for the LTS team, I regularly need to download source
packages from the LTS version of Debian. My development machine
normally runs a newer Debian version, having deb-src URLs for Debian
On 2018-08-31 16:18:39, Antoine Beaupré wrote:
> On 2018-08-31 21:30:14, Ola Lundqvist wrote:
>> Hi Antoine
>>
>> Thank you for the input this is valuable. I have some comments below.
>>
>> On Fri, 31 Aug 2018 at 21:03, Antoine Beaupré
>> wrote:
>>>
>>> On 2018-08-31 13:29:29, Ola Lundqvist wrote
On 2018-08-31 21:30:14, Ola Lundqvist wrote:
> Hi Antoine
>
> Thank you for the input this is valuable. I have some comments below.
>
> On Fri, 31 Aug 2018 at 21:03, Antoine Beaupré wrote:
>>
>> On 2018-08-31 13:29:29, Ola Lundqvist wrote:
>> > Hi all LTS contributors
>> >
>> > My question is whet
On 2018-08-29 12:24:30, Brian May wrote:
> Antoine Beaupré writes:
>
>> Brian, are you sure you're getting those failures in jessie? Which
>> architecture? Here my tests were done in a VirtualBox VM using an up to
>> date Debian jessie amd64 box.
>
> My tests were done in a schroot. Not sure if I
On 2018-08-29 12:23:54, Brian May wrote:
> Antoine Beaupré writes:
>
>> On 2018-08-08 17:35:52, Brian May wrote:
>>> If I got this right, we cannot use $(xyz) unless the value of xyz is
>>> trusted. Otherwise executing $(xyz) can result in the execution of code
>>> if xyz is something like "". Thi
Hi Antoine
Thank you for the input this is valuable. I have some comments below.
On Fri, 31 Aug 2018 at 21:03, Antoine Beaupré wrote:
>
> On 2018-08-31 13:29:29, Ola Lundqvist wrote:
> > Hi all LTS contributors
> >
> > My question is whether removing default ciphers and introducing new
> > optio
On 2018-08-31 13:29:29, Ola Lundqvist wrote:
> Hi all LTS contributors
>
> My question is whether removing default ciphers and introducing new
> options is acceptable so late in the release cyckle. My assumption is
> no, but let me know if you have another opinion. More details below.
A priori, I
On 2018-08-31 19:42:15, Abhijith PA wrote:
> Hello Matus
>
> On Friday 31 August 2018 05:25 PM, Matus UHLAR - fantomas wrote:
>> Hello,
>>
>> the debian bug 775720 for squirrelmail was closed by debian maintainer
>> because squirrelmail was removed from archive.
>>
>> However, there were security
( Sorry for the duplicate, forgot to add )
Hello Matus
On Friday 31 August 2018 05:25 PM, Matus UHLAR - fantomas wrote:
> Hello,
>
> the debian bug 775720 for squirrelmail was closed by debian maintainer
> because squirrelmail was removed from archive.
>
> However, there were security 3 updat
Hello Matus
On Friday 31 August 2018 05:25 PM, Matus UHLAR - fantomas wrote:
> Hello,
>
> the debian bug 775720 for squirrelmail was closed by debian maintainer
> because squirrelmail was removed from archive.
>
> However, there were security 3 updates to squirrelmail since, and I've had
> to fi
Hello,
the debian bug 775720 for squirrelmail was closed by debian maintainer
because squirrelmail was removed from archive.
However, there were security 3 updates to squirrelmail since, and I've had
to fix the same bug (apply the same patch) 3 times after each update.
Does it sound logical to
Hi all LTS contributors
My question is whether removing default ciphers and introducing new
options is acceptable so late in the release cyckle. My assumption is
no, but let me know if you have another opinion. More details below.
If you have seen my email to ELTS then you may read faster. It is
13 matches
Mail list logo
