Re: Documenting installer issues for jessie LTS

2018-11-10 Thread Laura Arjona Reina
El 10/11/18 a las 22:55, Laura Arjona Reina escribió: > > For the website, I have created the merge request with a proposal: > > https://salsa.debian.org/webmaster-team/webwml/merge_requests/40 > > (I'm attaching the diff too). > Sorry, I forgot the attachment. Kind regards -- Laura Arjona

Re: Documenting installer issues for jessie LTS

2018-11-10 Thread Holger Levsen
Hi, thanks for your work on documenting how to install jessie these days! On Sat, Nov 10, 2018 at 10:23:45PM +, Ben Hutchings wrote: > I assume this is going to appear at > . That seems > a fairly prominent place, though the errata ar

Re: Documenting installer issues for jessie LTS

2018-11-10 Thread Ben Hutchings
On Sat, 2018-11-10 at 22:55 +0100, Laura Arjona Reina wrote: > Hello all > > El 9/11/18 a las 2:50, Ben Hutchings escribió: > > I recently discovered a bug in the installer (#908711). During > > installation with network sources enabled, security update are normally > > installed. However, this

Re: Documenting installer issues for jessie LTS

2018-11-10 Thread Laura Arjona Reina
Hello all El 9/11/18 a las 2:50, Ben Hutchings escribió: > I recently discovered a bug in the installer (#908711). During > installation with network sources enabled, security update are normally > installed. However, this didn't include updates that depend on a new > binary package, due to a ke

Re: tiff / CVE-2018-18661

2018-11-10 Thread Ola Lundqvist
Hi Brian To me it looks like you have been able to reproduce the problem. You clearly get different results with and without the patch indicating that you have in fact triggered the problem. I do not see that you have run the program using a debugger, so are you sure that you did not end up in a c

Bug#913426: lists.debian.org: DLAs 1532 until 1541 missing from https://lists.debian.org/debian-lts-announce/2018/10/threads.html

2018-11-10 Thread Holger Levsen
Package: lists.debian.org Severity: normal x-debbugs-cc: debian-lts@lists.debian.org Hi, subject says it all: lists.debian.org: DLAs 1532 until 1541 are missing from https://lists.debian.org/debian-lts-announce/2018/10/threads.html DLA 1539-1 for samba had message-id <20181008223641.r27z3ey453m

Re: CVE ID missed in DLA, squid3

2018-11-10 Thread Abhijith PA
On 10 November 2018 7:39:07 PM IST, Holger Levsen wrote: >On Sat, Nov 10, 2018 at 06:08:38PM +0530, Abhijith PA wrote: >> What we should do when we miss to specify a CVE ID in a DLA/DSA ? > >I'd say definitly update DLA/list and CVE/list in security-tracker.git OK >> Can we >> just normally i

Re: CVE ID missed in DLA, squid3

2018-11-10 Thread Abhijith PA
On 10 November 2018 7:40:02 PM IST, Markus Koschany wrote: >Hi, > >Am 10.11.18 um 13:38 schrieb Abhijith PA: >> Hello. >> >> >> What we should do when we miss to specify a CVE ID in a DLA/DSA ? Can >we >> just normally insert in next advisory release.? For eg: DLA-478-1[1] >> released for squ

Re: CVE ID missed in DLA, squid3

2018-11-10 Thread Markus Koschany
Hi, Am 10.11.18 um 13:38 schrieb Abhijith PA: > Hello. > > > What we should do when we miss to specify a CVE ID in a DLA/DSA ? Can we > just normally insert in next advisory release.? For eg: DLA-478-1[1] > released for squid3 on 16 May 2016 missed to mention 'CVE-2016-3948'. You can add the m

Re: CVE ID missed in DLA, squid3

2018-11-10 Thread Holger Levsen
On Sat, Nov 10, 2018 at 06:08:38PM +0530, Abhijith PA wrote: > What we should do when we miss to specify a CVE ID in a DLA/DSA ? I'd say definitly update DLA/list and CVE/list in security-tracker.git > Can we > just normally insert in next advisory release.? For eg: DLA-478-1[1] > released for sq

CVE ID missed in DLA, squid3

2018-11-10 Thread Abhijith PA
Hello. What we should do when we miss to specify a CVE ID in a DLA/DSA ? Can we just normally insert in next advisory release.? For eg: DLA-478-1[1] released for squid3 on 16 May 2016 missed to mention 'CVE-2016-3948'. --abhijith [1] - https://lists.debian.org/debian-lts-announce/2016/05/msg00