On Mon, Mar 04, 2019 at 07:07:30PM +0100, Sylvain Beucler wrote:
>
> I haven't touched Symfony in a while, but I can contribute a few bits:
>
> - The symfony installer is not packaged in Debian
> https://github.com/symfony/symfony-installer
> I tried to run an old version from git but couldn't fi
Hi,
On 02/03/2019 18:46, Roberto C. Sánchez wrote:
> I have prepared an update to symfony (version 2.3.21+dfsg-4+deb8u4)
> which is need of testing. I intend to upload in one week's time if I do
> not receive any reports of problems. Read on for details if you are in
> a position to help with te
Hi,
On 04/03/2019 16:55, Markus Koschany wrote:
> Am 04.03.19 um 16:33 schrieb Sylvain Beucler:
> [...]
>> I see this as a strong signal that we should not attempt to backport the
>> fix, and go with a (minor).
>>
>> Alternatively we could upgrade nettle (libnettle4->libnettle6) which
>> doesn't
Am 04.03.19 um 16:33 schrieb Sylvain Beucler:
[...]
> I see this as a strong signal that we should not attempt to backport the
> fix, and go with a (minor).
>
> Alternatively we could upgrade nettle (libnettle4->libnettle6) which
> doesn't break gnutls28's test suite, though it's likely to introd
Hi,
I'm working on CVE-2018-16868/CVE-2018-16869, a side-channel attack that
affects gnutls and nettle, disclosed 2018-12, tagged low/local.
Unlike what I read in data/CVE/list, I understand that the nettle fix is
not just a new function - it's a rewrite of the RSA functions,
completemented by a
Hi Chris!
Chris Lamb dijo [Mon, Mar 04, 2019 at 03:22:35AM -0500]:
> Dear maintainer(s),
>
> The Debian LTS team would like to fix the security issues which are
> currently open in the Jessie version of drupal7:
> https://security-tracker.debian.org/tracker/source-package/drupal7
>
> Would you l
On Monday 04 March 2019 03:55 PM, Holger Levsen wrote:
> hi,
>
> the following recent DLAs are missing on www.debian.org currently:
..
> Feb 20 Abhijith PA [DLA 1685-1] drupal7 security update
..
pushed. Waiting for changes to take place.
--abhijith
Hi.
On Monday 25 February 2019 05:39 PM, Holger Levsen wrote:
> hi,
>
> I've just unclaimed some packages where the last documented activity on
> these packages was more than two weeks ago:
..
> libraw (Abhijith PA)
..
Last month was quite busy with life.
I see that libraw is claimed by Thorst
Am 04.03.19 um 13:35 schrieb Holger Levsen:
> On Mon, Mar 04, 2019 at 01:22:27PM +0100, Markus Koschany wrote:
>> but I don't really
>> think that this is an efficient way. I doubt this is the workflow of the
>> security team.
>
> the most efficient way is surely if you were to apply to become
On Mon, Mar 04, 2019 at 01:22:27PM +0100, Markus Koschany wrote:
>
>
>Am 04.03.19 um 13:13 schrieb Holger Levsen:
>> Hi Markus,
>>
>> On Mon, Mar 04, 2019 at 01:06:07PM +0100, Markus Koschany wrote:
the following recent DLAs are missing on www.debian.org currently:
>>> I can't push to the web
On Mon, Mar 04, 2019 at 01:22:27PM +0100, Markus Koschany wrote:
> Holger, I did read
> https://wiki.debian.org/LTS/Development#Publishing_updates_on_the_website
I expected that...
> but I have no permission to push to
> https://salsa.debian.org/webmaster-team/webwml
> Someone has to grant all of
> Holger, I did read
>
> https://wiki.debian.org/LTS/Development#Publishing_updates_on_the_website
>
> but I have no permission to push to
>
> https://salsa.debian.org/webmaster-team/webwml
>
> Someone has to grant all of us write permissions.
>
> If you want to create merge requests, then it
Am 04.03.19 um 13:13 schrieb Holger Levsen:
> Hi Markus,
>
> On Mon, Mar 04, 2019 at 01:06:07PM +0100, Markus Koschany wrote:
>>> the following recent DLAs are missing on www.debian.org currently:
>> I can't push to the webmaster-team repository.
>> GitLab: You are not allowed to push code to th
Hi Markus,
On Mon, Mar 04, 2019 at 01:06:07PM +0100, Markus Koschany wrote:
> > the following recent DLAs are missing on www.debian.org currently:
> I can't push to the webmaster-team repository.
> GitLab: You are not allowed to push code to this project.
did you read the URL I linked?
if yes, a
Hi,
Am 04.03.19 um 11:25 schrieb Holger Levsen:
> hi,
>
> the following recent DLAs are missing on www.debian.org currently:
I can't push to the webmaster-team repository.
GitLab: You are not allowed to push code to this project.
signature.asc
Description: OpenPGP digital signature
hi,
the following recent DLAs are missing on www.debian.org currently:
Mar 02 Markus Koschany [DLA 1702-1] advancecomp security update
Mar 01 Markus Koschany [DLA 1701-1] openssl security update
Mar 01 Markus Koschany [DLA 1696-1] ceph security update
Feb 28 Thorsten Alteholz
Hi,
today there were no packages with more than 2 weeks of inactivity, yay!
--
tschau,
Holger
---
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F0
Hours worked:
8 hours
Work done:
DLA-1687-1 sox CVE-2014-8145
DLA-1698-1 file CVE-2019-8905 CVE-2019-8907
As part of this also marked that the vulnerable code for CVE-2019-8904
and CVE-2019-8906 was added after the versions in jessie and stretch.
DLA-1699-1 ldb CVE-2019-3824
cu
Adrian
--
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of systemd:
https://security-tracker.debian.org/tracker/source-package/systemd
Would you like to take care of this yourself?
If yes, please follow the workflow we have def
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of drupal7:
https://security-tracker.debian.org/tracker/source-package/drupal7
Would you like to take care of this yourself?
If yes, please follow the workflow we have def
20 matches
Mail list logo
