Re: Security team plans for the squeeze cycle

On Sun, 13 Sep 2009 11:12:42 +0200 Petter Reinholdtsen wrote: > [Moritz Muehlenhoff] > > if Debian wants to continue to provide security support for testing > > the the time between releases. > > I believe it is a very god idea to provide security support for > testing also in the time between re

RFS: xscreensaver spu

Hello, I'm looking for a sponsor for an spu update for an xscreensaver security issue in lenny.  Debdiff is attached. The package can be found on mentors.debian.net: - URL: http://mentors.debian.net/debian/pool/main/x/xscreensaver - Source repository: deb-src http://mentors.debian.net/debian unst

RFS: sponsor for poppler stable point release

Hi, A new lenny release is coming soon and there are some open security issues in poppler that I have fixed. Attached is the debdiff of the changes. The package can be found on mentors.debian.net: - URL: http://mentors.debian.net/debian/pool/main/p/poppler - Source repository: deb-src http://men

CVE-2008-2009 as candidate for spu/ospu

CVE-2008-2009 looks like a good candidate for an spu/ospu. Patches were added to the unstable packages to harden against attacks similar to this. It would be useful to have these patches in the stable releases to provide added protection for users. See bug report [1] and mailing list discussion [2