Hi Roberto,
I agree with Utkarsh basically. Fixing over 100 (or even over 20)
issues through patches drastically increases chances to make a
mistake. Backporting newer version also has downsides.
I would propose to declare it as EOL.
Best regards
Anton
Am Do., 14. Apr. 2022 um 17:22 Uhr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2974-1debian-...@lists.debian.org
https://www.debian.org/lts/security/Thorsten Alteholz
April 10, 2022
Hello,
[looping in the Security team as this involves buster and in general,
their opinion would be very helpful!]
On Thu, Apr 14, 2022 at 8:52 PM Roberto C. Sánchez wrote:
> Open security issues:
>
> bookworm: 4
> bullseye: 100
> buster: 124
> stretch: 126
Holy smokes! CRAZY!
Let me take a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 14 Apr 2022 16:31:41 +0100
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Built-For-Profiles: nocheck
Architecture: source all
Version: 1:1.10.7-2+deb9u16
Distribution:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian LTS Advisory DLA-2982-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
April 14, 2022
Hello everyone,
I've been working on gpac vulnerabilities. The situation has reached a
point where it seemed wise to seek some input from other folks in the
LTS community before continuing. With this message I am specifically
seeking to start a discussion about the best way forward.
First,
