Re: nsis CVE-2023-37378

Hi, On 08/07/2023 10:04, Sean Whitton wrote: On Sat 08 Jul 2023 at 09:14am +02, Salvatore Bonaccorso wrote: Just noticed the suffix for the version for the buster-security / LTS upload was +deb9u1, was this intentional? This should have been +deb10u1. It wasn't. Thank you for pointing out

Accepted fusiondirectory 1.2.3-4+deb10u2 (source) into oldoldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 08 Jul 2023 13:03:19 +0200 Source: fusiondirectory Architecture: source Version: 1.2.3-4+deb10u2 Distribution: buster-security Urgency: medium Maintainer: FusionDirectory Packagers Changed-By: Tobias Frost Changes:

[SECURITY] [DLA 3487-1] fusiondirectory security update and rebuild for php-cas

- Debian LTS Advisory DLA-3487-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Abhijith PA Tobias Frost

[SECURITY] [DLA 3486-1] ocsinventory-server update for php-cas

- Debian LTS Advisory DLA-3486-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Tobias Frost July 08, 2023 https://wiki.debian.org/LTS

[SECURITY] [DLA 3485-1] php-cas security update

- Debian LTS Advisory DLA-3485-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Tobias Frost July 08, 2023 https://wiki.debian.org/LTS

Accepted thunderbird 1:102.13.0-1~deb10u1 (source) into oldoldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 08 Jul 2023 13:16:28 +0200 Source: thunderbird Architecture: source Version: 1:102.13.0-1~deb10u1 Distribution: buster-security Urgency: medium Maintainer: Carsten Schoenert Changed-By: Carsten Schoenert Closes: 971790

Accepted ocsinventory-server 2.5+dfsg1-1+deb10u1 (source) into oldoldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 08 Jul 2023 13:04:03 +0200 Source: ocsinventory-server Architecture: source Version: 2.5+dfsg1-1+deb10u1 Distribution: buster-security Urgency: medium Maintainer: Debian Perl Group Changed-By: Tobias Frost Changes:

Accepted php-cas 1.3.6-1+deb10u1 (source) into oldoldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 08 Jul 2023 13:48:07 +0200 Source: php-cas Architecture: source Version: 1.3.6-1+deb10u1 Distribution: buster-security Urgency: medium Maintainer: Xavier Guimard Changed-By: Tobias Frost Closes: 1023571 Changes: php-cas

Re: nsis CVE-2023-37378

Hello, On Sat 08 Jul 2023 at 09:14am +02, Salvatore Bonaccorso wrote: > Just noticed the suffix for the version for the buster-security / LTS > upload was +deb9u1, was this intentional? This should have been > +deb10u1. It wasn't. Thank you for pointing out the mistake. -- Sean Whitton

Re: nsis CVE-2023-37378

Hi Sean, On Fri, Jul 07, 2023 at 01:07:57PM +0100, Sean Whitton wrote: > Hello, > > On Fri 07 Jul 2023 at 12:23pm +02, Sylvain Beucler wrote: > > > Hello Sean, > > > > I had a quick test with my: > > http://git.savannah.gnu.org/cgit/freedink.git/tree/nsis > > which is kinda old but does call