q
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
q
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I agree with Tim Uckden's comments - we don't need bleeding edge, but we
also don't need
some-obscure-whizzo-package-on-104-obsolete-hardware-architectures.deb
holding up basic things like Apache, PHP, Perl, Mod_Perl, MySQL etc.
We would be over the moon to have a mini-stable that only contain
On Wed, May 08, 2002 at 10:58:38PM +0200, Wichert Akkerman wrote:
> Previously Raymond Wood wrote:
> >but I would really like to see either:
> > a) woody receiving security patches as soon as sid and potato;
> > or
> > b) no woody.
>
> >From a security viewpoint b) is the only option, and
09 May 2002 01:30
To: debian-security@lists.debian.org
Subject: Re: possible hole in mozilla et al
At 15:38 2002-05-08 -0600, Tim Uckun wrote:
>The situation right now is that for production you run an ancient
system
>or cross your fingers, hold your breath and run unstable.
Coming from
On Thu, 2002-05-09 at 01:22, Tim Uckun wrote:
> I am not arguing for any change in the policies for determining what is
> stable and what is not. My feeling is (and I admit I haven't done any
> studies) that stable gets delayed sometimes due to obscure packages having
> bugs or obscure platform
Coming from a corporate environment I hardly feel that stable is ancient.
With most commercial operating systems the quality control seems so poor
it takes a few years before we feel comfortable moving to a new release.
But with Debian I can point to the unstable-testing-stable system and my
At 15:38 2002-05-08 -0600, Tim Uckun wrote:
The situation right now is that for production you run an ancient system
or cross your fingers, hold your breath and run unstable.
Coming from a corporate environment I hardly feel that stable is ancient.
With most commercial operating systems the qu
At 10:58 PM 5/8/2002 +0200, Wichert Akkerman wrote:
Previously Raymond Wood wrote:
>but I would really like to see either:
> a) woody receiving security patches as soon as sid and potato;
> or
> b) no woody.
From a security viewpoint b) is the only option, and we have always said
so.
W
Previously Raymond Wood wrote:
>but I would really like to see either:
> a) woody receiving security patches as soon as sid and potato;
> or
> b) no woody.
>From a security viewpoint b) is the only option, and we have always said
so.
Wichert.
--
__
This bug has been fixed in Mozilla upstream and will be included in the
1.0 release. You can dig in Bugtraq for more info.
-nicole
At 15:26 on May 8, Robert Millan combined all the right letters to say:
>
> Hi,
>
> Just noticed this advisory, stating a remote vulnerability
> in mozilla:
>
>
On Wed, May 08, 2002 at 02:51:51PM -0400, Noah L. Meyerhans imagined:
> On Wed, May 08, 2002 at 03:26:46PM +0200, Robert Millan wrote:
> > http://sec.greymagic.com/adv/gm001-ns/
> >
> > It claims to affect 0.9.7+ but on 1.0 all it does is
> > crashing my browser.
> That bug was fixed in the vers
On Wed, May 08, 2002 at 03:26:46PM +0200, Robert Millan wrote:
> http://sec.greymagic.com/adv/gm001-ns/
>
> It claims to affect 0.9.7+ but on 1.0 all it does
> is crashing my browser.
That bug was fixed in the version of mozilla from sid, but *not* woody.
Woody appears vulnerable and had probably
Hi,
Just noticed this advisory, stating a remote vulnerability
in mozilla:
http://sec.greymagic.com/adv/gm001-ns/
It claims to affect 0.9.7+ but on 1.0 all it does
is crashing my browser.
Please CC to contact me, not subscribed.
--
Robert Millan
"5 years from now everyone will be running
fr
14 matches
Mail list logo
