On Wed, May 4, 2022 12:03, Moritz Muehlenhoff wrote:
> Hi Enrico,
>
>> in the Developers's reference[1] it says, in boldface, that security
>> updates should be built with "urgency=high".
>
> This is incorrect advice and I have idea where it came from. The urgency
> is completely irrelevant for any
On Tue, May 28, 2019 16:01, Chris Lamb wrote:
> Mike Gabriel wrote:
>
>> The Debian LTS team would like to fix the security issues which are
>> currently open in the Jessie version of simplesamlphp:
>
> Which CVE is/was this for? I am just looking at:
>
> https://security-tracker.debian.org/track
Hi,
On Wed, February 7, 2018 06:02, Abhijith PA wrote:
> I prepared a LTS security update for mailman. Debdiff is attached.
> link:
> https://mentors.debian.net/debian/pool/main/m/mailman/mailman_2.1.15-1+deb7u3.dsc
Looks good to me.
Cheers,
Thijs
On Fri, January 12, 2018 10:24, Raphael Hertzog wrote:
> Hi,
>
> On Tue, 09 Jan 2018, Brian May wrote:
>> Raphael Hertzog writes:
>>
>> > I think this mail went through the cracks as we haven't received a
>> reply
>> > from you so far. Can you let us know the status and whether we can
>> help to
>
Hi Raphael,
On Wed, August 30, 2017 16:26, Raphael Hertzog wrote:
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of simplesamlphp:
> https://security-tracker.debian.org/tracker/source-package/simplesamlphp
>
> Would you like to take car
On Thu, September 15, 2016 07:53, Thijs Kinkhorst wrote:
> Hi Ola,
>
> On Wed, September 14, 2016 23:39, Ola Lundqvist wrote:
>> I have prepared a security update of phpmyadmin for wheezy.
>
> Thank you for your work.
> I plan to have all these issues reviewed o
Hi Ola,
On Wed, September 14, 2016 23:39, Ola Lundqvist wrote:
> I have prepared a security update of phpmyadmin for wheezy.
Thank you for your work.
I plan to have all these issues reviewed on Saturday at the latest.
Cheers,
Thijs
On Thu, September 1, 2016 21:06, Chris Lamb wrote:
> Hi Thijs,
>
>> > the Debian LTS team would like to fix the security issues which are
>> > currently open in the Wheezy version of mailman:
>> > https://security-tracker.debian.org/tracker/CVE-2016-6893
>>
>> I'll look into it and will let you kno
Hi Ben,
On Sat, August 27, 2016 02:29, b...@decadent.org.uk wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of mailman:
> https://security-tracker.debian.org/tracker/CVE-2016-6893
I'll look into it a
On Sat, February 27, 2016 22:38, Thorsten Alteholz wrote:
> Hi everybody,
>
> I uploaded version 5.3.3.1-7+squeeze29 of php5 to:
> https://people.debian.org/~alteholz/packages/squeeze-lts/php5/amd64/
> https://people.debian.org/~alteholz/packages/squeeze-lts/php5/i386/
>
> Please give it a try
On Tue, January 19, 2016 17:56, Santiago Ruano Rincón wrote:
> Moreover, squeeze lts has been advertised to end next February, the 6th
> to be precise. At the same time, the security team would support wheezy
> until April 26th 2016, which is the Jessie release date + 1 year. What
> do you think if
On Wed, April 15, 2015 23:10, Markus Koschany wrote:
> Hi,
>
> I have prepared a debdiff for commons-httpclient that addresses three
> CVEs namely CVE-2012-5783, CVE-2012-6153 and CVE-2014-3577. The
> differences between the versions in wheezy, jessie and sid are minor
> since we use the same upstr
On Tue, February 24, 2015 16:54, Raphael Hertzog wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of phpmyadmin:
> https://security-tracker.debian.org/tracker/CVE-2014-8958
> https://security-tracker.d
On Tue, February 3, 2015 19:57, Isidor Zeuner wrote:
>> From jessie and on I'd recommend "needrestart", which automatically runs
>> after an APT run, prompts nicely about the services to restart and then
>> actually does that. Very user-friendly.
>
> Sounds interesting. Can it also run in an unatte
On Fri, January 30, 2015 11:05, Jan Wagner wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi Isidor,
>
> Am 30.01.15 um 07:15 schrieb Isidor Zeuner:
>> However, I wondered if it wouldn't be appropriate to have the
>> upgrade restart the services which link to libc6? Otherwise,
>> ru
On Wed, January 28, 2015 11:29, Lucas Nussbaum wrote:
> Yes, I was wondering how we could improve on the current status for the
> handling of medium/high-severity issues, and I'm interested in the
> Debian security team's opinion about that.
>
> Should the Debian LTS team apply to join the linux-di
On Sun, November 23, 2014 19:37, Thorsten Alteholz wrote:
> I uploaded version 5.3.3-7+squeeze23 of php5 to:
> https://people.debian.org/~alteholz/packages/squeeze-lts/php5/amd64/
>
> Please give it a try and tell me about any problems you met
No problems found in my setup.
Thijs
--
To UNSU
On Tue, October 28, 2014 22:57, Thorsten Alteholz wrote:
> Hi,
>
> new packages for libxml2 can be found at [1].
>
> Can you please test them and give some feedback whether they are ready for
> upload?
>From looking at the diff they seem fine. It also installs ok but I do not
have any serious xml
On Wed, October 15, 2014 14:22, Raphael Hertzog wrote:
> Hello,
>
> I have prepared a new upload of apache2 to fix CVE-2014-3581 and
> CVE-2013-5704 in squeeze-lts. The debdiff is attached and I have put amd64
> package for test online. Grab them with dget
> https://people.debian.org/~hertzog/packa
On Tue, October 14, 2014 09:07, Jan Wagner wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Am 13.10.14 15:04, schrieb Raphael Hertzog:
>> On Mon, 13 Oct 2014, Raphael Hertzog wrote:
>>> BTW, Michael responded to me:
Indeed, this looks like a bug in the patch, sorry for that. I
>
On Fri, July 11, 2014 10:51, Thomas Goirand wrote:
> On 07/11/2014 02:55 PM, Thijs Kinkhorst wrote:
>> I was wondering if there's interest for the ia32-libs package to be
>> maintained in squeeze-lts.
> Well, having it up-to-date is good,
With "is good", you mean
On Wed, September 3, 2014 13:31, Alexander Wirt wrote:
>> Desired situation:
>>
>> Subject: [SECURITY] [DSA 3017-1] php-cas security update
>> Subject: [SECURITY] [DLA 43-1] eglibc security update
> Done, but untested. Please test this as soon as possible.
Works as designed, thank you!
Thijs
Package: lists.debian.org
Severity: wishlist
Hi,
Can you please configure the debian-lts-announce list so it has a subject
prefix "[SECURITY] ", in the same way that debian-security-announce has?
Current difference between d-s-a and d-l-a:
Subject: [SECURITY] [DSA 3017-1] php-cas security upda
Op maandag 1 september 2014 19:19:26 schreef Thorsten Alteholz:
> On Thu, 28 Aug 2014, Jan Ingvoldstad wrote:
> > Is an eglibc update for the privilege escalation attack forthcoming?
>
> I uploaded packages to [1]. Maybe someone can give them a try before I
> upload them to the archive.
I have g
On Wed, August 6, 2014 10:20, Holger Levsen wrote:
> Hi Florian,
>
> On Dienstag, 5. August 2014, Florian Weimer wrote:
>> > Having the oldstable tracker working would be really useful to pick
>> > packages to work on...
>> There's some code that assumes that oldstable has a security archive,
>> wh
All,
I was wondering if there's interest for the ia32-libs package to be
maintained in squeeze-lts.
The ia32-libs package contains 32 bit versions of various libraries which
can be installed on amd64, so you can run 32 bit applications that do not
have a 64 bit equivalent on your 64 bit system. I
On Wed, June 11, 2014 09:14, Salvatore Bonaccorso wrote:
> Before I release the package, if somebody has a further dovecot
> instance running under squeeze there are prepared packages for amd64
> under:
>
> http://people.debian.org/~carnil/tmp/dovecot/
Confirmed that it would without problems in o
On Mon, June 2, 2014 09:59, Moritz Muehlenhoff wrote:
> Everyone who wants to participate should request write access to that
> repo, as documented here:
> https://security-tracker.debian.org/tracker/data/report
Note that all DD's should already be able to commit to this repository
without request
28 matches
Mail list logo
