Hi Ola,
On Friday, 23 December 2016 23:56:45 CET Ola Lundqvist wrote:
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of apache2:
> https://security-tracker.debian.org/tracker/CVE-2016-8743
>
> Would you like to take care of this yourse
On Tuesday, 17 January 2017 11:59:17 CET Antoine Beaupré wrote:
> I would need people to start testing the package at this point, not
> necessarily in production considering how big the change is, but your
> comfort level will vary with the severity and complexity of services. :)
There is a separa
On Thursday, 19 January 2017 20:47:15 CET Stefan Fritsch wrote:
> On Tuesday, 17 January 2017 11:59:17 CET Antoine Beaupré wrote:
> > I would need people to start testing the package at this point, not
> > necessarily in production considering how big the change is, but your
> &g
On Monday, 23 January 2017 14:38:51 CET Antoine Beaupré wrote:
> By the way, would it be possible to enable the test suite in the package
> build, since we have the code ready to go there anyways? Or in
> autopkgtest?
I have hacked something ugly into the package and an autopkgtest for running
th
anuary 2017 17:03:55 CET Antoine Beaupré wrote:
> On 2017-01-23 15:14:30, Antoine Beaupré wrote:
> > On 2017-01-22 11:25:08, Stefan Fritsch wrote:
> >> Test Summary Report
> >> ---
> >> t/apache/chunkinput.t (Wstat: 0 Tes
On Monday, 20 February 2017 15:27:23 CET Antoine Beaupré wrote:
> > Probably a good idea is to put the packages somewhere and ask for testers
> > on secur...@lists.debian.org.
>
> security@lists.d.o is not a list, as far as i know. there's
> debian-security@lists.d.o, but I never posted there...
Hi,
On Thursday, 23 February 2017 19:14:59 CET Jonas Meurer wrote:
> All right, then we should go for the update. Antoine, do you take care
> of it?
Great work and sorry that I did not have time to help you more.
In case it helps: For stable, I have suggested this text for the DSA to the
secur
Hi Raphael,
On Tuesday, 20 June 2017 16:38:12 CEST Raphael Hertzog wrote:
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of apache2:
> https://security-tracker.debian.org/tracker/CVE-2017-3167
> https://security-tracker.debian.org/track
Hi Raphael,
On Saturday, 15 July 2017 11:52:49 CEST Raphael Hertzog wrote:
> Hello Stefan,
>
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of apache2:
> https://security-tracker.debian.org/tracker/CVE-2017-9788
>
> Would you like to
On Monday, 17 July 2017 16:57:00 CEST Roberto C. Sánchez wrote:
> I did the deb7u9 update of apache2 and I was not aware of the regression
> either. I wonder if it makes sense for bugs above a certain severity
> affecting versions of a package which are security uploads to show up in
> the securit
Hi Antoine,
On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote:
> As I mentioned in the #858373 bug report, I started looking at fixing
> the regression introduced by the 2.2.22-13+deb7u8 upload, part of
> DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured
> to han
On Thursday, 14 September 2017 09:28:24 CEST Chris Lamb wrote:
> Would you like to take care of this yourself?
No, I lack the time and don't maintain mp3gain anymore, anyway.
Cheers,
Stefan
Hi Markus,
On Friday, 3 November 2017 22:40:02 CET Markus Koschany wrote:
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of apr and apr-util:
> https://security-tracker.debian.org/tracker/source-package/apr
> https://security-tracker.de
us clients, upstream servers or faulty
> modules. [Stefan Fritsch, Eric Covener, Yann Ylavic]
Yes, that's the relevant part of the changelog.
The bug in mod_userdir has not been fixed but it has been made unexploitable
by sanitizing outgoing headers. Somewhat late, upstream has decided that
14 matches
Mail list logo
