hi,
today I unclaimed
for LTS:
- bluez (Emilio)
- glibc (Mike Gabriel)
- qtbase-opensource-src (Mike Gabriel)
- squid3 (Markus Koschany)
and nothing for eLTS.
These DLAs have been reserved but not yet been published on www.debian.org:
- DLA 2160-1 (by Thorsten Alteholz)
- DLA 2157-1 (by Tho
Hello all,
I'd like to ask for some feedback on the situation of CVE-2020-10938
which affects graphicsmagick. I have include both the LTS list and the
security team in the 'To' field as the vulnerability affects all
versions of graphicsmagick and it makes sense that the same approach
regarding th
Hi Roberto,
> I am in favor of including both changes, but I am not certain about
> whether it is better to mention both in the changelog and advisories or
> whether it is better to only mention CVE-2020-10938. I lean slightly
> toward mentioning both CVE-2020-10938 and the thread safety issue, b
On Mon, Mar 30, 2020 at 04:29:13PM +0100, Chris Lamb wrote:
> Hi Roberto,
>
> > I am in favor of including both changes, but I am not certain about
> > whether it is better to mention both in the changelog and advisories or
> > whether it is better to only mention CVE-2020-10938. I lean slightly
Hi,
just to add a minor point on what Sylvain has said here:
On Fri, Mar 20, 2020 at 10:33:24PM +0100, Sylvain Beucler wrote:
> Any DD can directly update Jessie following:
> https://wiki.debian.org/LTS/Development
> with no additional privileges (that's what postgresql's maintainer does).
>
> Y
