/changelog
--- ettercap-0.7.3/debian/changelog
+++ ettercap-0.7.3/debian/changelog
@@ -1,3 +1,11 @@
+ettercap (1:0.7.3-2.1+squeeze2) squeeze-lts; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix CVE-2014-9380 and CVE-2014-9381 using patch file from
+Gianfranco Costamagna in Bug#773416 Mes#20
+
+
/23/2014 9:21 PM, Thorsten Alteholz wrote:
Hi CongNT,
On Tue, 23 Dec 2014, Nguyen Cong wrote:
I have created .deb file for ettercap package.
great, thanks alot.
Since I'm not DD or DM so I attached debdiff file for review
as mentioned in LTS/Development wiki page.
Could anyone please ch
Hello Raphael Hertzog,
I propose to let Nguyen Cong take care of fixing this so that he can
learn about quilt and have some easy entry into contributing to the LTS
team. Nguyen, feel free to get some inspiration from Gianfranco's more
verbose changelog message though. :)
Great. I r
11 @@
+ettercap (1:0.7.3-2.1+squeeze2) squeeze-lts; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix CVE-2014-9380 and CVE-2014-9381 using patch file from
+Gianfranco Costamagna in Bug#773416 Mes#20
+
+ -- Nguyen Cong Tue, 23 Dec 2014 09:44:32 +0700
+
ettercap (1:0.7.3-2.1+squeez
Dec 2014, Nguyen Cong wrote:
I have created .deb file for ettercap package.
great, thanks alot.
Since I'm not DD or DM so I attached debdiff file for review
as mentioned in LTS/Development wiki page.
Could anyone please check it and tell me if any comments?
After a first glimpse it seems
nding and repairing these issues.
+
+ -- Nguyen Cong Tue, 23 Dec 2014
09:44:32 +0700
+
ettercap (1:0.7.3-2.1+squeeze1) stable; urgency=high
* Quilt patch for CVE-2013-0722, a stack-based buffer overflow when
diff -u ettercap-0.7.3/debian/patches/series
ettercap-0.7.3/debian/patches/series
network packet
+See:
+http://tracker.firebirdsql.org/browse/CORE-4630
+Patch take from upstream:
+http://sourceforge.net/p/firebird/code/60331
+
+ -- Nguyen Cong Sat, 27 Dec 2014 10:38:33
+0700
+
firebird2.1 (2.1.3.18185-0.ds1-11+squeeze1) stable-security; urgency=high
* Apply
Hi all,
I would like to take care of package unrtf.
Because I can not add my name on dla-needed.txt file yet so
I have to send email here.
Sorry for this inconvenience.
Thanks and best regards
Cong
--
=
Nguyen The Cong (Mr)
Sof
Hi all,
I would like to send debdiff file of unrtf package for reviewing.
Because the previous upload of unrtf modify source code directly,
so I did the same.
Could anyone please review it and give me some comment.
Thanks and best regards
CongNT
On 07/01/2015 08:51, Nguyen Cong wrote:
Hi all
2015 18:50, Salvatore Bonaccorso wrote:
Hi,
On Wed, Jan 07, 2015 at 08:51:11AM +0700, Nguyen Cong wrote:
I would like to take care of package unrtf.
Because I can not add my name on dla-needed.txt file yet so
I have to send email here.
Sorry for this inconvenience.
According to the alioth project
Hi Thorsten,
the previous release had the version number 0.19.3-1.1, so you should
not use 0.19.3-1.2...
Oops, stupid mistake. I fixed it.
Could you please check it.
Thanks and best regards
Cong
On 10/01/2015 23:44, Thorsten Alteholz wrote:
Hi Cong,
On Wed, 7 Jan 2015, Nguyen Cong wrote
, Raphael Hertzog wrote:
Hello Nguyen,
On Thu, 08 Jan 2015, Nguyen Cong wrote:
It's because of my company proxy, so I'm fixing it now.
But is it a must for me to use dla-needed.txt to take a package.
Yes, we use that file to avoid duplicating the work. You must add yourself
there before s
+
+ -- Nguyen Cong Mon, 12 Jan 2015 10:09:24 +0700
+
curl (7.21.0-2.1+squeeze10) squeeze-lts; urgency=high
* Non-maintainer upload by the Squeeze LTS Team.
diff -Nru curl-7.21.0/debian/patches/CVE-2014-8150.patch curl-7.21.0/debian/patches/CVE-2014-8150.patch
--- curl-7.21.0/debian/patches/CVE-2014
: 7b21c4eabf1f3946d3f63cce1319c490caab8ecf
+
+ -- Nguyen Cong Tue, 13 Jan 2015 16:00:14 +0700
+
libevent (1.4.13-stable-1) unstable; urgency=low
* New upstream release
only in patch2:
unchanged:
--- libevent-1.4.13-stable.orig/buffer.c
+++ libevent-1.4.13-stable/buffer.c
@@ -143,7 +143,8 @@
va_list aq;
/* make
/changelog
+++ libvncserver-0.9.7/debian/changelog
@@ -1,3 +1,11 @@
+libvncserver (0.9.7-2+deb6u1) squeeze-lts; urgency=low
+
+ * Non-maintainer upload.
+ * Fix several security issues as in CVE-2014-6051, CVE-2014-6052
+CVE-2014-6053, CVE-2014-6054 and CVE-2014-6055
+
+ -- Nguyen Cong Fri, 16
uffer overflow if s_first_meta_bg is too big
+as reported in CVE-2015-0247.
+Refer to upstream commit:
+https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
+
+ -- Nguyen Cong Mon, 09 Feb 2015 15:07:42
+0700
+
e2fsprogs (1.41.12-4stable1) stable; urgency
check it again.
Thanks and best regards
CongNT
On 10/02/2015 03:38, Raphael Geissert wrote:
Hi,
On Monday 09 February 2015 15:44:46 Nguyen Cong wrote:
Hi all,
I would like to send debdiff file of e2fsprogs package for reviewing.
Could anyone please review it and give me some comments.
Without
+
+ * Non-maintainer upload by the Debian LTS team
+ * Fix malformed elf file causes access to uninitialized memory
+as reported in CVE-2014-9653.
+
+ -- Nguyen Cong Fri, 13 Feb 2015 11:42:50
+0700
+
file (5.04-5+squeeze9) squeeze-lts; urgency=high
* Fix several security issues, Closes
contact me beforehand
about this.
Sorry about this, this will be done in my next contribution.
And many thanks to Raphael Hertzog for your consideration.
Thanks and best regards
Cong
On 2/16/2015 5:03 PM, Raphael Hertzog wrote:
Hello Christoph,
On Sun, 15 Feb 2015, Christoph Biedl wrote:
Nguyen
Hi,
So if you want to help with CVE triaging, you're welcome!
How can I join this work as well. I already member of Alioth project.
Is there anything else I have to do like register or something like that?
Thanks and best regards
Cong
On 24/02/2015 18:07, Raphael Hertzog wrote:
Hello,
one pa
because of
+uninitialized socket. This fix problem reported in
+CVE-2014-3640.
+Refer to:
+
https://github.com/qemu/qemu/commit/01f7cecf0037997cb0e58ec0d56bf9b5a6f7cb2a
+
+ -- Nguyen Cong Mon, 23 Mar 2015 13:25:32
+0700
+
qemu (0.12.5+dfsg-3squeeze4) squeeze-security; urgency=high
ay, this update fell through the cracks. Don't hesitate
to ping us when we don't respond in a timely fashion.
On Mon, 19 Jan 2015, Nguyen Cong wrote:
I would like to send debdiff of libvncserver package for reviewing.
Could any one please review it and give me some comments.
The
22 matches
Mail list logo
