Re: Santiago Ruano Rincón 2015-10-08 <20151008161110.GA2567@nomada> > the Debian LTS team would like to fix the security issues which are > currently open in the Squeeze version of postgresql-8.4: > https://security-tracker.debian.org/tracker/CVE-2015-5288 > https://security-tracker.debian.org/tracker/CVE-2015-5289
8.4 is only affected by -5288, but I think it's a minor issue for which I don't plan a DSA even for wheezy, but only through oldstable-pu. What will happen though is that we (credativ) will be releasing a new LTS version of the 8.4 branch which will get included in squeeze-lts, so this issue will still get fixed in squeeze-lts. > Would you like to take care of this yourself? We are still understaffed so > any help is always highly appreciated. > > If yes, please follow the workflow we have defined here: > http://wiki.debian.org/LTS/Development > > If that workflow is a burden to you, feel free to just prepare an > updated source package and send it to debian-...@lists.debian.org > (via a debdiff, or with an URL pointing to the the source package, > or even with a pointer to your packaging repository), and the members > of the LTS team will take care of the rest. Indicate clearly whether you > have tested the updated package or not. > > If you don't want to take care of this update, it's not a problem, we > will do our best with your package. Just let us know whether you would > like to review and/or test the updated package before it gets released. Thanks for the boilerplate - you might have noticed that we indeed took care of this package in the past :) > PS: A member of the LTS team might start working on this update at > any point in time. You can verify whether someone is registered > on this update in this file: > https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup I've updated CVE/list, not sure if you want to have the above noted in dla-needed.txt as well. Christoph -- c...@df7cb.de | http://www.df7cb.de/
signature.asc
Description: Digital signature
_______________________________________________ Pkg-postgresql-public mailing list Pkg-postgresql-public@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-postgresql-public