Hi Markus,
On Wed, 20 Jul 2016, Markus Koschany wrote:
> Feel free to work on everything you like. Fixing CVE-2014-9587 together
> with CVE-2016-4069 isn't strictly required but you could probably reuse
> some of your work if you try to tackle these issue. In any case the
> whole CSRF complex requ
Hi Hugo,
2016-09-04 13:25 GMT+02:00 Hugo Lefeuvre :
>> Yes, qemu is supported (and there has was lots of file renaming after
>> the Wheezy version). If you handle qemu please look at qemu-kvm as well
>> (they're the same version).
>
> Thanks for the hint.
I took the liberty of claiming qemu-kvm f
Hi Balint,
> I took the liberty of claiming qemu-kvm for you in dla-needed.txt.
Thanks !
> There are also new issues reported today for qemu.
I've had a quick look at them, but I'd like to fix CVE-2016-7116 firstly.
In fact, reproducing this issue turned out to be a bit more difficult than
wha
Hi Alessandro,
2015-04-27 14:12 GMT+02:00 Alessandro Ghedini :
> On ven, apr 24, 2015 at 11:26:22 +0200, Raphael Hertzog wrote:
>> Hello Alessandro,
>
> Hi, and sorry for the delay.
>
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Squeeze version of
Ben Hutchings writes:
> So let's add it to the unsupported packages list.
Sounds like a good idea. Not sure we really should be supporting
encryption libraries that only support SSLv3.
How do we add packages to the unsupported list? Is this something I can
do?
--
Brian May
Brian May writes:
> How do we add packages to the unsupported list? Is this something I can
> do?
Possibly somebody has already done this, I see it is listed as
in data/CVE/list.
--
Brian May
Ola Lundqvist writes:
> I had the same issue a month ago. It solved itself after a few days
> when new issues were found.
Now only two packages on the unassigned list:
The following packages are used by our customers (by order of decreasing
importance, more hours means more important):
* open
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of inspircd:
https://security-tracker.debian.org/tracker/CVE-2016-7142
Would you like to take care of this yourself?
If yes, please follow the workflow we have defin
Hello,
Do we have any sort of handle formal updates to find-work?
If not, does anybody have any objections if I were to commit the
following change? It adds a --unassigned command line option that only
lists packages that are not taken by anybody.
Regards
=== cut ===
diff --git a/find-work b/fi
Hi Michael,
2016-09-04 17:51 GMT+02:00 Michael Stapelberg :
> Thanks for your work on LTS.
>
> Time does not permit me to do any of this work myself.
>
> Please go ahead and make any changes as you see fit, there’s no need for my
> review.
Thank you for your quick answer.
I (on behalf of the LTS
Hi Bálint,
Am 07.09.2016 um 00:21 schrieb Bálint Réczey:
> 2016-09-04 17:51 GMT+02:00 Michael Stapelberg :
>> Thanks for your work on LTS.
>>
>> Time does not permit me to do any of this work myself.
>>
>> Please go ahead and make any changes as you see fit, there’s no need for my
>> review.
>
>
On 07/09/16 00:01, Brian May wrote:
> Hello,
>
> Do we have any sort of handle formal updates to find-work?
>
> If not, does anybody have any objections if I were to commit the
> following change? It adds a --unassigned command line option that only
> lists packages that are not taken by anybody.
Hi Thorsten,
2016-05-18 22:08 GMT+02:00 Thorsten Alteholz :
> Hi Antoine,
>
> On Tue, 17 May 2016, Antoine Beaupré wrote:
>>
>> Those issues should have been fixed in the same upload,
>
>
> ah, ok, I think this is the problem. In case you know that fixing an issue
> takes a longer time than usual,
On Wed, 2016-09-07 at 07:43 +1000, Brian May wrote:
> > Brian May writes:
>
> >
> > How do we add packages to the unsupported list? Is this something I can
> > do?
>
> Possibly somebody has already done this, I see it is listed as
> in data/CVE/list.
No, that only means it was removed from un
On Wed, 2016-09-07 at 07:38 +1000, Brian May wrote:
> > Ben Hutchings writes:
>
> >
> > So let's add it to the unsupported packages list.
>
> Sounds like a good idea. Not sure we really should be supporting
> encryption libraries that only support SSLv3.
>
> How do we add packages to the unsup
Hi Roberto,
2016-08-17 15:29 GMT+02:00 Roberto C. Sánchez :
> On Sun, Jul 24, 2016 at 04:26:20PM -0400, Roberto C. Sánchez wrote:
>> FYI, I did the last LTS update of ICU earlier this month, so I think I
>> will be able to easily prepare another update. I went ahead and claimed
>> it in dla-neede
Hi Balint,
On Wed, Sep 07, 2016 at 03:12:46AM +0200, Bálint Réczey wrote:
> Hi Roberto,
>
> I think there is no need wait more (wearing my frontdesk hat).
> There are fixes in upstream's repository:
> http://bugs.icu-project.org/trac/log/icu/trunk/source/common/uloc.cpp
>
I actually sent my Augu
I am a bit surprised to see this - are ircd packages sponsored now?
There's a similar issue in Charybdis and I deliberately marked it as
unsupported in LTS because, AFAIK, no customer expressed the need to
support those yet.
I'd be glad to see if we can update charybdis in Wheezy as well, but to
b
Hi Bálint,
On Wed, Sep 07, 2016 at 12:21:28AM +0200, Bálint Réczey wrote:
> Hi Michael,
>
> 2016-09-04 17:51 GMT+02:00 Michael Stapelberg :
> > Thanks for your work on LTS.
> >
> > Time does not permit me to do any of this work myself.
> >
> > Please go ahead and make any changes as you see fit, t
19 matches
Mail list logo
