On 06/07/18 09:36, Emilio Pozuelo Monfort wrote:
> On 05/07/18 12:45, Abhijith PA wrote:
>>
>>
>> On Friday 22 June 2018 04:33 PM, Emilio Pozuelo Monfort wrote:
>>> Ah, nice! Your work looks very useful. My old work was for wheezy, so it
>>> only
>>> addressed one CVE (CVE-2017-18264). Since your
On 05/07/18 12:45, Abhijith PA wrote:
>
>
> On Friday 22 June 2018 04:33 PM, Emilio Pozuelo Monfort wrote:
>> Ah, nice! Your work looks very useful. My old work was for wheezy, so it only
>> addressed one CVE (CVE-2017-18264). Since your work is on jessie (which is
>> on a
>> newer version) and
On Friday 22 June 2018 04:33 PM, Emilio Pozuelo Monfort wrote:
> Ah, nice! Your work looks very useful. My old work was for wheezy, so it only
> addressed one CVE (CVE-2017-18264). Since your work is on jessie (which is on
> a
> newer version) and fixes many more issues, I'll let you handle it.
On Friday 22 June 2018 04:33 PM, Emilio Pozuelo Monfort wrote:
> Ah, nice! Your work looks very useful. My old work was for wheezy, so it only
> addressed one CVE (CVE-2017-18264). Since your work is on jessie (which is on
> a
> newer version) and fixes many more issues, I'll let you handle it.
Hi!
On 22/06/18 12:17, Abhijith PA wrote:
> Hello Emilio. :)
>
> On Thursday 31 May 2018 03:30 AM, Emilio Pozuelo Monfort wrote:
>
>>> phpmyadmin (Emilio Pozuelo)
>>
>> I couldn't reproduce this in wheezy or jessie, though the PHP prerequisite is
>> there. I asked Michal if he had some more deta
Hello Emilio. :)
On Thursday 31 May 2018 03:30 AM, Emilio Pozuelo Monfort wrote:
>> phpmyadmin (Emilio Pozuelo)
>
> I couldn't reproduce this in wheezy or jessie, though the PHP prerequisite is
> there. I asked Michal if he had some more details, still waiting for a reply.
Any news on phpmyadmi
Antoine,
On Thu, May 31, 2018 at 02:05:38PM -0400, Antoine Beaupré wrote:
[...]
> 6. update the security tracker on when jessie becomes EOL (carnil)
FTR, this has been done. In case you think I missed something please
let me know (preferably directly CCing me on reply).
Regards,
Salvatore
On Wed, 2018-05-30 at 11:51 -0400, Antoine Beaupré wrote:
> So wheezy is EOL starting from tomorrow, as will probably be announced
> then.
>
> This brings the question of whatever happens to the pending work in
> dla-needed.txt, which is probably at an all time lowest size. Here's the
> whole thin
On Thu, May 31, 2018 at 02:05:38PM -0400, Antoine Beaupré wrote:
> It seems to me git should also be patched considering the severity, but
> I haven't looked at how complex the patch is.
I took a brief look and it didnt look easy, 20 or so patches, touching
many files, and the code has changed qui
On 2018-05-31 19:28:59, Chris Lamb wrote:
> Antoine,
>
>> Ah, then it might be relevant to push such a change. Should we add this
>> to dla-needed.txt?
>
> Please do so that it does not get lost. :)
>
> I would suggest adding a note indicating that its inclusion is not
> necessarily to imply an upl
Antoine,
> Ah, then it might be relevant to push such a change. Should we add this
> to dla-needed.txt?
Please do so that it does not get lost. :)
I would suggest adding a note indicating that its inclusion is not
necessarily to imply an upload is necessary, more that a brief check
is required f
On 2018-05-31 19:20:40, Chris Lamb wrote:
> Hi Antoine,
>
>> >
>> > I remember uploading (or helping to upload?) a version that removed
>> > the StartCom certs, but a quick glance a couple of days ago suggested
>> > that we were missing a handful of newer, although somewhat less
>> > serious, CAs.
Hi Antoine,
> >
> > I remember uploading (or helping to upload?) a version that removed
> > the StartCom certs, but a quick glance a couple of days ago suggested
> > that we were missing a handful of newer, although somewhat less
> > serious, CAs.
>
> I would say that could easily be punted to EL
On 2018-05-31 19:05:02, Chris Lamb wrote:
> Hi Antoine et al.,
>
>> > (Hm, would it make sense to update/sync ca-certificates just before we
>> > EOL wheezy?)
>>
>> I'm not sure. I lost track of what happened with that the last time -
>> I remember working on trying to coordinate an update for som
On 2018-05-30 20:21:38, Salvatore Bonaccorso wrote:
> On Wed, May 30, 2018 at 07:42:02PM +0200, Markus Koschany wrote:
>> Hi,
>>
>> [...]
>> >>From what I understand, the next steps here are:
>> >
>> > 1. send the announcement (tomorrow, markus?)
>>
>> I will send the announcement on 01.06. aro
Hi Antoine et al.,
> > (Hm, would it make sense to update/sync ca-certificates just before we
> > EOL wheezy?)
>
> I'm not sure. I lost track of what happened with that the last time -
> I remember working on trying to coordinate an update for some CAs
> removals last time, and I don't know what
On 2018-05-30 17:36:16, Chris Lamb wrote:
> Hi Antoine,
>
>> So wheezy is EOL starting from tomorrow, as will probably be announced
>> then.
>
> (Hm, would it make sense to update/sync ca-certificates just before we
> EOL wheezy?)
I'm not sure. I lost track of what happened with that the last time
Hi,
As for my work:
> lame (Hugo Lefeuvre)
> NOTE: 20180529: Tested patch ready for upload. Waiting for feedback from
> the security team.
> NOTE: See https://lists.debian.org/debian-lts/2018/05/msg00081.html
As said, I'm waiting for the security team to review the patch. It will
most likel
On 30/05/18 17:51, Antoine Beaupré wrote:
> So wheezy is EOL starting from tomorrow, as will probably be announced
> then.
>
> This brings the question of whatever happens to the pending work in
> dla-needed.txt, which is probably at an all time lowest size. Here's the
> whole thing, for the recor
Hi Antoine
On Wed, May 30, 2018 at 11:51:02AM -0400, Antoine Beaupré wrote:
> I'm a little surprised there's no change in tooling necessary: we don't
> need to change triage scripts or dla-needed or anything else? I don't
> quite remember how we handled the squeeze/wheezy update, but I was
> assum
On Wed, May 30, 2018 at 07:42:02PM +0200, Markus Koschany wrote:
> Hi,
>
> [...]
> >>From what I understand, the next steps here are:
> >
> > 1. send the announcement (tomorrow, markus?)
>
> I will send the announcement on 01.06. around 10-14 UTC.
>
> > 2. ensure the infrastructure team is re
Hi,
[...]
>>From what I understand, the next steps here are:
>
> 1. send the announcement (tomorrow, markus?)
I will send the announcement on 01.06. around 10-14 UTC.
> 2. ensure the infrastructure team is ready for the new LTS
> 3. contact the FTP team to give LTS users 4 weeks grace period
On Wed, May 30, 2018 at 11:51:02AM -0400, Antoine Beaupré wrote:
> tiff (Holger Levsen)
> tiff3 (Holger Levsen)
working on it.
--
cheers,
Holger
signature.asc
Description: PGP signature
Hi Antoine,
> So wheezy is EOL starting from tomorrow, as will probably be announced
> then.
(Hm, would it make sense to update/sync ca-certificates just before we
EOL wheezy?)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Hello.
On Wednesday 30 May 2018 09:21 PM, Antoine Beaupré wrote:
> So wheezy is EOL starting from tomorrow, as will probably be announced
> then.
>
> This brings the question of whatever happens to the pending work in
> dla-needed.txt, which is probably at an all time lowest size. Here's the
> wh
So wheezy is EOL starting from tomorrow, as will probably be announced
then.
This brings the question of whatever happens to the pending work in
dla-needed.txt, which is probably at an all time lowest size. Here's the
whole thing, for the record:
--
enigmail (Abhijith PA)
--
firefox-esr (Emilio P
26 matches
Mail list logo
