he packages a test and looks just fine (no regression noticed so
far + intenteded change work just fine).
Tested:
- both openssl+gnutls
- for both
- stretch (lts)
- jessie (elts)
- Taking the published packages from normal lts/etls repos
Thank you for both the lts/etls work :)
Cheers,
Stefan
On Thu, Sep 09, 2021 at 06:33:28PM +0200, Sylvain Beucler wrote:
> Hello Stefan,
>
> Thanks for bringing this up, indeed it's worth fixing.
> I can reproduce the issue on jessie and stretch (starting 2021-10-01), but
> not on buster/oldstable.
>
> I'll further lo
oiding this bug but breaking
compatibility with old Android. That can server as a workaround for this issue
on case by ase. But as this is on the 'other side' (each certificate) not
really a global fix.
Regards,
Stefan Hühner
p.s. Please CC me on replies, i am not on the list
us clients, upstream servers or faulty
> modules. [Stefan Fritsch, Eric Covener, Yann Ylavic]
Yes, that's the relevant part of the changelog.
The bug in mod_userdir has not been fixed but it has been made unexploitable
by sanitizing outgoing headers. Somewhat late, upstream has decided that
re important than hidepid. But on a server this
behaviour, without a warning, might cause a headache.
In Stretch hidepid=2 works without any issues.
Best regards,
Stefan Benter
PS: Thanks a lot for your effort! I really did not expect you to be so
fast in backporting KPTI.
s://security-tracker.debian.org/tracker/source-package/apr-util
>
> Would you like to take care of this yourself?
No, I won't have time for wheezy. Note that both issues are of rather low
severity. But go ahead if you wish.
Cheers,
Stefan
On Thursday, 14 September 2017 09:28:24 CEST Chris Lamb wrote:
> Would you like to take care of this yourself?
No, I lack the time and don't maintain mp3gain anymore, anyway.
Cheers,
Stefan
well. If the issue is not a regression, you should
simply release the patch that you have. The fix for the error document seems
rather invasive:
https://svn.apache.org/r1683808
Cheers,
Stefan
7;t know how a reasonable automatic notification could look like. Probably
it has to be up to the maintainer to forward such bug reports.
Cheers,
Stefan
Hi Raphael,
On Saturday, 15 July 2017 11:52:49 CEST Raphael Hertzog wrote:
> Hello Stefan,
>
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of apache2:
> https://security-tracker.debian.org/tracker/CVE-2017-9788
>
&
oo.
Arno hasn't been active for some time. Please do take care of it.
Note that it seems the last DLSA introduced a regression. It would be nice if
you could fix that, too:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858373
Cheers,
Stefan
pprotocoloptions
Cheers,
Stefan
On Monday, 20 February 2017 15:27:23 CET Antoine Beaupré wrote:
> > Probably a good idea is to put the packages somewhere and ask for testers
> > on secur...@lists.debian.org.
>
> security@lists.d.o is not a list, as far as i know. there's
> debian-security@lists.d.o, but I never posted there...
anuary 2017 17:03:55 CET Antoine Beaupré wrote:
> On 2017-01-23 15:14:30, Antoine Beaupré wrote:
> > On 2017-01-22 11:25:08, Stefan Fritsch wrote:
> >> Test Summary Report
> >> ---
> >> t/apache/chunkinput.t (Wstat: 0 Tes
x27;t find it in the package so I gave up...
About the rest of your mails, I have not comments, yet. I have been away last
week. I hope I will find some time in the next few days.
Cheers,
Stefan
On Thursday, 19 January 2017 20:47:15 CET Stefan Fritsch wrote:
> On Tuesday, 17 January 2017 11:59:17 CET Antoine Beaupré wrote:
> > I would need people to start testing the package at this point, not
> > necessarily in production considering how big the change is, but your
> &g
here is a separate test suite available, though it needs some tweaks to make
it run with the Debian config layout. I will try to find some time coming week-
end to run it against the wheezy package with and without your changes.
Cheers,
Stefan
ted to 2.2 in a
separate 2.2.x-merge-http-strict branch [1]. But it has not landed in the
2.2.x branch, yet.
I will share with you any insights I get from backporting the changes to
jessie. But it is somewhat unlikely that I will have time to do the backport
to wheezy myself.
Cheers,
St
owncloud, looks good.
Stefan
Hi,
I installed some packages [1] and smoke tested with owncloud, no problems so
far.
I used the webclient, davdroid on android and a windows owncloud client to test.
HTH
Stefan
[1] libapache2-mod-php5_5.4.45-0+deb7u4_i386.deb
php-pear_5.4.45-0+deb7u4_all.deb
php5_5.4.45-0
BE, email to debian-lts-announce-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: https://lists.debian.org/53c4d6b7.30...@debian.org
>
--
Stefan Gundel
Senior Systems Engineer
NETWAYS Managed Services GmbH | Deuts
21 matches
Mail list logo
