Accepted firefox-esr 60.8.0esr-1~deb8u1 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 23 Jul 2019 12:04:43 +0200 Source: firefox-esr Binary: firefox-esr iceweasel firefox-esr-dbg iceweasel-dbg firefox-esr-l10n-all iceweasel-l10n-all firefox-esr-l10n-ach iceweasel-l10n-ach firefox-esr-l10n-af iceweasel-l10n-af firefox-esr-l10n-an iceweasel-l10n-an firefox-esr-l10n-ar iceweasel-l10n-ar firefox-esr-l10n-as iceweasel-l10n-as firefox-esr-l10n-ast iceweasel-l10n-ast firefox-esr-l10n-az iceweasel-l10n-az firefox-esr-l10n-be iceweasel-l10n-be firefox-esr-l10n-bg iceweasel-l10n-bg firefox-esr-l10n-bn-bd iceweasel-l10n-bn-bd firefox-esr-l10n-bn-in iceweasel-l10n-bn-in firefox-esr-l10n-br iceweasel-l10n-br firefox-esr-l10n-bs iceweasel-l10n-bs firefox-esr-l10n-ca iceweasel-l10n-ca firefox-esr-l10n-cak iceweasel-l10n-cak firefox-esr-l10n-cs iceweasel-l10n-cs firefox-esr-l10n-cy iceweasel-l10n-cy firefox-esr-l10n-da iceweasel-l10n-da firefox-esr-l10n-de iceweasel-l10n-de firefox-esr-l10n-dsb iceweasel-l10n-dsb firefox-esr-l10n-el iceweasel-l10n-el firefox-esr-l10n-en-gb iceweasel-l10n-en-gb firefox-esr-l10n-en-za iceweasel-l10n-en-za firefox-esr-l10n-eo iceweasel-l10n-eo firefox-esr-l10n-es-ar iceweasel-l10n-es-ar firefox-esr-l10n-es-cl iceweasel-l10n-es-cl firefox-esr-l10n-es-es iceweasel-l10n-es-es firefox-esr-l10n-es-mx iceweasel-l10n-es-mx firefox-esr-l10n-et iceweasel-l10n-et firefox-esr-l10n-eu iceweasel-l10n-eu firefox-esr-l10n-fa iceweasel-l10n-fa firefox-esr-l10n-ff iceweasel-l10n-ff firefox-esr-l10n-fi iceweasel-l10n-fi firefox-esr-l10n-fr iceweasel-l10n-fr firefox-esr-l10n-fy-nl iceweasel-l10n-fy-nl firefox-esr-l10n-ga-ie iceweasel-l10n-ga-ie firefox-esr-l10n-gd iceweasel-l10n-gd firefox-esr-l10n-gl iceweasel-l10n-gl firefox-esr-l10n-gn iceweasel-l10n-gn firefox-esr-l10n-gu-in iceweasel-l10n-gu-in firefox-esr-l10n-he iceweasel-l10n-he firefox-esr-l10n-hi-in iceweasel-l10n-hi-in firefox-esr-l10n-hr iceweasel-l10n-hr firefox-esr-l10n-hsb iceweasel-l10n-hsb firefox-esr-l10n-hu iceweasel-l10n-hu firefox-esr-l10n-hy-am iceweasel-l10n-hy-am firefox-esr-l10n-ia iceweasel-l10n-ia firefox-esr-l10n-id iceweasel-l10n-id firefox-esr-l10n-is iceweasel-l10n-is firefox-esr-l10n-it iceweasel-l10n-it firefox-esr-l10n-ja iceweasel-l10n-ja firefox-esr-l10n-ka iceweasel-l10n-ka firefox-esr-l10n-kab iceweasel-l10n-kab firefox-esr-l10n-kk iceweasel-l10n-kk firefox-esr-l10n-km iceweasel-l10n-km firefox-esr-l10n-kn iceweasel-l10n-kn firefox-esr-l10n-ko iceweasel-l10n-ko firefox-esr-l10n-lij iceweasel-l10n-lij firefox-esr-l10n-lt iceweasel-l10n-lt firefox-esr-l10n-lv iceweasel-l10n-lv firefox-esr-l10n-mai iceweasel-l10n-mai firefox-esr-l10n-mk iceweasel-l10n-mk firefox-esr-l10n-ml iceweasel-l10n-ml firefox-esr-l10n-mr iceweasel-l10n-mr firefox-esr-l10n-ms iceweasel-l10n-ms firefox-esr-l10n-my iceweasel-l10n-my firefox-esr-l10n-nb-no iceweasel-l10n-nb-no firefox-esr-l10n-ne-np iceweasel-l10n-ne-np firefox-esr-l10n-nl iceweasel-l10n-nl firefox-esr-l10n-nn-no iceweasel-l10n-nn-no firefox-esr-l10n-oc iceweasel-l10n-oc firefox-esr-l10n-or iceweasel-l10n-or firefox-esr-l10n-pa-in iceweasel-l10n-pa-in firefox-esr-l10n-pl iceweasel-l10n-pl firefox-esr-l10n-pt-br iceweasel-l10n-pt-br firefox-esr-l10n-pt-pt iceweasel-l10n-pt-pt firefox-esr-l10n-rm iceweasel-l10n-rm firefox-esr-l10n-ro iceweasel-l10n-ro firefox-esr-l10n-ru iceweasel-l10n-ru firefox-esr-l10n-si iceweasel-l10n-si firefox-esr-l10n-sk iceweasel-l10n-sk firefox-esr-l10n-sl iceweasel-l10n-sl firefox-esr-l10n-son iceweasel-l10n-son firefox-esr-l10n-sq iceweasel-l10n-sq firefox-esr-l10n-sr iceweasel-l10n-sr firefox-esr-l10n-sv-se iceweasel-l10n-sv-se firefox-esr-l10n-ta iceweasel-l10n-ta firefox-esr-l10n-te iceweasel-l10n-te firefox-esr-l10n-th iceweasel-l10n-th firefox-esr-l10n-tr iceweasel-l10n-tr firefox-esr-l10n-uk iceweasel-l10n-uk firefox-esr-l10n-ur iceweasel-l10n-ur firefox-esr-l10n-uz iceweasel-l10n-uz firefox-esr-l10n-vi iceweasel-l10n-vi firefox-esr-l10n-xh iceweasel-l10n-xh firefox-esr-l10n-zh-cn iceweasel-l10n-zh-cn firefox-esr-l10n-zh-tw iceweasel-l10n-zh-tw Architecture: source amd64 all Version: 60.8.0esr-1~deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Maintainers of Mozilla-related packages Changed-By: Emilio Pozuelo Monfort Description: firefox-esr - Mozilla Firefox web browser - Extended Support Release (ESR) firefox-esr-dbg - Debugging symbols for Firefox ESR firefox-esr-l10n-ach - Acoli language package for Firefox ESR firefox-esr-l10n-af - Afrikaans language package for Firefox ESR firefox-esr-l10n-all - All language packages for Firefox ESR (meta) firefox-esr-l10n-an - Aragonese language package for Firefox ESR firefox-esr-l10n-ar - Arabic language package for Firefox ESR firefox-esr-l10n-as - Assamese language package for Firefox ESR firefox-esr-l10n-ast - Asturian language package for Firefox ESR firefox-esr-l10n-az - Azerbaijani language package for Firefox ESR firefox-esr-l10n-be -
Upload good practices
Hi, I added a couple mementos at https://wiki.debian.org/LTS/Development about building and testing security uploads. Let me know if this can be improved :) Copy/paste: - pbuilder usage: # Init (note: jessie->jessie buggy https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806377) sudo pbuilder --create --basetgz /var/cache/pbuilder/base-jessie.tgz \ --distribution jessie \ --othermirror 'deb http://security.debian.org/ jessie/updates main contrib' sudo pbuilder --update --basetgz /var/cache/pbuilder/base-jessie.tgz # Rebuild source and binary packages from Jessie (in extracted source) pdebuild --use-pdebuild-internal --buildresult .. -- --basetgz /var/cache/pbuilder/base-jessie.tgz # Rebuild binary packages from Jessie sudo pbuilder --build --basetgz /var/cache/pbuilder/base-jessie.tgz --debbuildopts '-sa' package+deb8u1.dsc sudo pbuilder --build --basetgz /var/cache/pbuilder/base-jessie.tgz package+deb8u2.dsc - testing: # check for common packaging issues in last build # from extracted source after build, jessie host (only check new errors) lintian -i # inspect source changes debdiff package+deb8u3.dsc package+deb8u4.dsc # inspect binary changes debdiff --from deb8u3/*.deb --to deb8u4/*.deb # test package upgrade sudo piuparts -d jessie \ --extra-repo='deb http://security.debian.org/ jessie/updates main contrib' \ -l piuparts-package.log \ -I :etc/buggy-dep \ package+deb8u4_amd64.changes \ | grep -P '(INFO|ERROR):' Cheers! Sylvain
[SECURITY] [DLA 1868-1] squirrelmail security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: squirrelmail Version: 2:1.4.23~svn20120406-2+deb8u4 CVE ID : CVE-2019-12970 A XSS vulnerability was discovered in SquirrelMail. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mails can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element. For Debian 8 "Jessie", this problem has been fixed in version 2:1.4.23~svn20120406-2+deb8u4. We recommend that you upgrade your squirrelmail packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl1C4F8ACgkQj/HLbo2J BZ/kBggAmwy9ffidiiylbERfzs/mMJS+5vQvAN3UomC30ZyHSXkQp1gWFxxWmAUG bEyP7tvjqvRZRy69Ltmn1YIDrL7Vp5/Ub4ese6Jq3KO905mwjaA67Yy5EizQNluf CITss1tlGTIq9ip1khYWomFmv25gwDpwyKVP/LCR4gtdTlCsAeq7sdAgGpkJG/Rv ZSkS4USD6vnNJuyVDwERGYTYdo2A795DlRB/OI9mV4kwtOl0Xxpl/z0X0I/3USP5 sOZNW1w022/J4pwcoqR7hFsU5f2nNu04YdxUfAs7uh0qBoAJxxcGJNHBhjMUqlt7 GJJYlyZw1XfvVU5n5ToQCTsFMLqe5w== =RxBX -END PGP SIGNATURE-
LTS/ELTS Report for July 2019
For July I spent 8 hours on the following LTS tasks: - libspring-java: final package/advisory preparation - nss: CVE-2019-11719, CVE-2019-11727, CVE-2019-11729, package/advisory preparation - squid3: multiple vulnerabilities I also spent 5.75 hours on the following ELTS tasks: - nss: CVE-2019-11719, CVE-2019-11727, CVE-2019-11729, package/advisory - libsdl1.2: CVE-2019-13616, CVE-2019-13626, reproduced/verified both CVEs - exim4: CVE-2019-13917, verified that wheezy version was not affected Regards, -Roberto -- Roberto C. Sánchez
Accepted thunderbird 1:60.8.0-1~deb8u1 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 23 Jul 2019 12:10:04 +0200 Source: thunderbird Binary: thunderbird thunderbird-dbg lightning calendar-google-provider thunderbird-l10n-all thunderbird-l10n-ar thunderbird-l10n-ast thunderbird-l10n-be thunderbird-l10n-bg thunderbird-l10n-br thunderbird-l10n-ca thunderbird-l10n-cs thunderbird-l10n-cy thunderbird-l10n-da thunderbird-l10n-de thunderbird-l10n-dsb thunderbird-l10n-el thunderbird-l10n-en-gb thunderbird-l10n-es-ar thunderbird-l10n-es-es thunderbird-l10n-et thunderbird-l10n-eu thunderbird-l10n-fi thunderbird-l10n-fr thunderbird-l10n-fy-nl thunderbird-l10n-ga-ie thunderbird-l10n-gd thunderbird-l10n-gl thunderbird-l10n-he thunderbird-l10n-hr thunderbird-l10n-hsb thunderbird-l10n-hu thunderbird-l10n-hy-am thunderbird-l10n-id thunderbird-l10n-is thunderbird-l10n-it thunderbird-l10n-ja thunderbird-l10n-kab thunderbird-l10n-kk thunderbird-l10n-ko thunderbird-l10n-lt thunderbird-l10n-ms thunderbird-l10n-nb-no thunderbird-l10n-nl thunderbird-l10n-nn-no thunderbird-l10n-pl thunderbird-l10n-pt-br thunderbird-l10n-pt-pt thunderbird-l10n-rm thunderbird-l10n-ro thunderbird-l10n-ru thunderbird-l10n-si thunderbird-l10n-sk thunderbird-l10n-sl thunderbird-l10n-sq thunderbird-l10n-sr thunderbird-l10n-sv-se thunderbird-l10n-tr thunderbird-l10n-uk thunderbird-l10n-vi thunderbird-l10n-zh-cn thunderbird-l10n-zh-tw lightning-l10n-ar lightning-l10n-ast lightning-l10n-be lightning-l10n-bg lightning-l10n-br lightning-l10n-ca lightning-l10n-cs lightning-l10n-cy lightning-l10n-da lightning-l10n-de lightning-l10n-dsb lightning-l10n-el lightning-l10n-es-ar lightning-l10n-es-es lightning-l10n-en-gb lightning-l10n-et lightning-l10n-eu lightning-l10n-fi lightning-l10n-fr lightning-l10n-fy-nl lightning-l10n-ga-ie lightning-l10n-gd lightning-l10n-gl lightning-l10n-he lightning-l10n-hr lightning-l10n-hsb lightning-l10n-hu lightning-l10n-hy-am lightning-l10n-id lightning-l10n-is lightning-l10n-it lightning-l10n-ja lightning-l10n-kab lightning-l10n-kk lightning-l10n-ko lightning-l10n-ms lightning-l10n-lt lightning-l10n-nb-no lightning-l10n-nl lightning-l10n-nn-no lightning-l10n-pl lightning-l10n-pt-br lightning-l10n-pt-pt lightning-l10n-rm lightning-l10n-ro lightning-l10n-ru lightning-l10n-si lightning-l10n-sk lightning-l10n-sl lightning-l10n-sr lightning-l10n-sq lightning-l10n-sv-se lightning-l10n-tr lightning-l10n-uk lightning-l10n-vi lightning-l10n-zh-cn lightning-l10n-zh-tw icedove icedove-dbg iceowl-extension icedove-l10n-all icedove-l10n-ar icedove-l10n-ast icedove-l10n-be icedove-l10n-bg icedove-l10n-br icedove-l10n-ca icedove-l10n-cs icedove-l10n-da icedove-l10n-de icedove-l10n-dsb icedove-l10n-el icedove-l10n-en-gb icedove-l10n-es-ar icedove-l10n-es-es icedove-l10n-et icedove-l10n-eu icedove-l10n-fi icedove-l10n-fr icedove-l10n-fy-nl icedove-l10n-ga-ie icedove-l10n-gd icedove-l10n-gl icedove-l10n-he icedove-l10n-hr icedove-l10n-hsb icedove-l10n-hu icedove-l10n-hy-am icedove-l10n-id icedove-l10n-is icedove-l10n-it icedove-l10n-ja icedove-l10n-kab icedove-l10n-ko icedove-l10n-lt icedove-l10n-nb-no icedove-l10n-nl icedove-l10n-nn-no icedove-l10n-pl icedove-l10n-pt-br icedove-l10n-pt-pt icedove-l10n-rm icedove-l10n-ro icedove-l10n-ru icedove-l10n-si icedove-l10n-sk icedove-l10n-sl icedove-l10n-sq icedove-l10n-sr icedove-l10n-sv-se icedove-l10n-tr icedove-l10n-uk icedove-l10n-vi icedove-l10n-zh-cn icedove-l10n-zh-tw iceowl-l10n-ar iceowl-l10n-ast iceowl-l10n-be iceowl-l10n-bg iceowl-l10n-br iceowl-l10n-ca iceowl-l10n-cs iceowl-l10n-cy iceowl-l10n-da iceowl-l10n-de iceowl-l10n-dsb iceowl-l10n-el iceowl-l10n-en-gb iceowl-l10n-es-ar iceowl-l10n-es-es iceowl-l10n-et iceowl-l10n-eu iceowl-l10n-fi iceowl-l10n-fr iceowl-l10n-fy-nl iceowl-l10n-ga-ie iceowl-l10n-gd iceowl-l10n-gl iceowl-l10n-he iceowl-l10n-hr iceowl-l10n-hsb iceowl-l10n-hu iceowl-l10n-hy-am iceowl-l10n-id iceowl-l10n-is iceowl-l10n-it iceowl-l10n-ja iceowl-l10n-kab iceowl-l10n-ko iceowl-l10n-lt iceowl-l10n-nb-no iceowl-l10n-nl iceowl-l10n-nn-no iceowl-l10n-pl iceowl-l10n-pt-br iceowl-l10n-pt-pt iceowl-l10n-rm iceowl-l10n-ro iceowl-l10n-ru iceowl-l10n-si iceowl-l10n-sk iceowl-l10n-sl iceowl-l10n-sq iceowl-l10n-sr iceowl-l10n-sv-se iceowl-l10n-tr iceowl-l10n-uk iceowl-l10n-vi iceowl-l10n-zh-cn iceowl-l10n-zh-tw Architecture: source amd64 all Version: 1:60.8.0-1~deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Carsten Schoenert Changed-By: Emilio Pozuelo Monfort Description: calendar-google-provider - Google Calendar support for lightning icedove- mail/news client with RSS and integrated spam filter support icedove-dbg - Debug Symbols for Icedove icedove-l10n-all - All language packages for Icedove (meta) - Transitional package icedove-l10n-ar - Arabic language package for Icedove - Transitional package icedove-l10n-ast - Asturian language package for Icedove - Transitional package icedove-l10n-be - Belarusian