Re: various security issues in VNC related packages

Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpGQAfxMU9Yt.pgp Description

Re: various security issues in VNC related packages

series, if not). My plan is to go over VNC related packages over the next couple of days and also propose .debdiffs for stretch versions. Thanks, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976

various security issues in VNC related packages

e above. light+love Mike [1] https://www.openwall.com/lists/oss-security/2018/12/10/5 [2] https://bugs.debian.org/943833 -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG

Addressing FreeRDP security issues in Debian jessie (and stretch)

ways to go? If so, please share yours. The FreeRDP v1.1 backporting work (8-10 hours) would have to be outsourced to ThinCast in Austria (where most FreeRDP upstream devs work these days). Looking forward to your ideas and comments, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleck

Re: working for wheezy-security until wheezy-lts starts

On Di 01 Mär 2016 08:44:08 CET, Guido Günther wrote: On Tue, Mar 01, 2016 at 07:15:28AM +, Mike Gabriel wrote: [..snip..] >>Issues that are unfixed in wheezy but fixed in squeeze: >>* aptdaemon-> CVE-2015-1323 >>* cakephp -> TEMP-0

Re: working for wheezy-security until wheezy-lts starts

9639 CVE-2014-9640 CVE-2015-6749 """ I think these would be adressed via stable point release updates in wheezy/jessie rather than going via the security team. Yeah, if at all. I just listed them for completeness sake. Mike -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpXUhlzyhpw2.pgp Description: Digitale PGP-Signatur

working for wheezy-security until wheezy-lts starts

g workflow can be very similar to what we are used to. For the interim phase until the 26th of April 2016, however, we need to run a modified approach. Request for feedback and comments... (I have some concrete proposals in mind, but I want to check, if these issues have already been solv

Bug#812325: amavisd-new fails recognizing viruses on non-English systems if the AV scanner writes localized messages to stdout

port LANG; export LC_ALL; LANG=C; LC_ALL=C $ /usr/local/sbin/amavisd """ Please consider applying this change (launch amavisd with LANG=C) to amavisd-new in Debian testing/stretch and also possibly via security.debian.org in older releases of Debian. (Feedback from the

CVE-2012-5560 (mate-settings-daemon): not an issue with any package version in Debian

-settings-daemon/pull/22 [2] https://security-tracker.debian.org/tracker/source-package/mate-settings-daemon -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https