Brian May writes:
> Attached is my latest debdiff patch, only includes changes to debian/*.
I just uploaded this to wheezy-security. Not 100% certain my upload will
get accepted yet, my first attempt failed due to timeout error.
Do I need to publish a DLA for this? If so what should I say? It i
On Mon, 08 Aug 2016, Emilio Pozuelo Monfort wrote:
> > Shall we mark gcc-4.8 as unsupported in wheezy, explaining that its only
> > purpose is to enable build of other packages?
>
> That would make sense.
>
> I'll see if I can take a look at this.
The problematic part is likely libstdc++. I woul
Free Ekanayaka writes:
> I had a quick look at the code too (both in wheezy and jessie), but I
> couldn't find the offending bits. Perhaps it'd be good to put together a
> small web server and see what happens when you pass the 'Proxy'
> header.
So I created the following code:
=== cut ===
from
Hi,
On Mon, Aug 08, 2016 at 05:59:36PM +1000, Brian May wrote:
> Brian May writes:
>
> > Attached is my latest debdiff patch, only includes changes to debian/*.
>
> I just uploaded this to wheezy-security. Not 100% certain my upload will
> get accepted yet, my first attempt failed due to timeou
Hi,
Just a quick comment on:
On Mon, Aug 08, 2016 at 06:29:30PM +1000, Brian May wrote:
> I am inclined to say that no version of twisted, by itself, has this
> vulnerability. However like I said earlier it is possible that
> applications that use twisted have this vulnerability.
Looking at the
On Mon, Aug 08, 2016 at 05:59:36PM +1000, Brian May wrote:
> Do I need to publish a DLA for this?
yes. for every change in debian LTS there should be a DLA.
> If so what should I say? It isn't
> fixing any known security issues that weren't already fixed...
so why did you upload then? :) that re
Hi all
I have now prepared a build of nettle for wheezy, based on the patch that
Magnus prepared for me (thanks a lot for that!). You can find the debdiff
here:
http://apt.inguza.net/wheezy-security/nettle/nettle.debdiff
You can find the prepared packages here:
http://apt.inguza.net/wheezy-securi
Hi Kurt
As a member of the LTS team I have started to look into a ntp security
update of CVE-2016-4953 mentioned here:
https://security-tracker.debian.org/tracker/source-package/ntp
I see that you have prepared security updates for Debian wheezy in the past
so I would like to check with you if yo
On Mon, Aug 08, 2016 at 01:12:28PM +0200, Ola Lundqvist wrote:
> Hi Kurt
>
> As a member of the LTS team I have started to look into a ntp security
> update of CVE-2016-4953 mentioned here:
> https://security-tracker.debian.org/tracker/source-package/ntp
>
> I see that you have prepared security
Hi Kurt
Thanks a lot for a quick and good answer. Will mark it as unaffected in
wheezy too then.
Best regards
// Ola
On Mon, Aug 8, 2016 at 6:30 PM, Kurt Roeckx wrote:
> On Mon, Aug 08, 2016 at 01:12:28PM +0200, Ola Lundqvist wrote:
> > Hi Kurt
> >
> > As a member of the LTS team I have start
Hi libical developers, libical maintainer and LTS team
As part of the Debian Long Term Security team I have started to look
into a few possible security related vulnerabilities.
More details are available here:
https://security-tracker.debian.org/tracker/source-package/libical
My problem is that
Hi Chris
First thanks for impoving find-work. The additions have been good,
except for one thing.
I have Debian stable on my workstation and the latest find-work update
make it spit out the following:
ola@tigereye:~/git/debian-lts$ ./find-work
Traceback (most recent call last):
File "./find-wor
On Mon, 2016-08-08 at 11:52 +0200, Ola Lundqvist wrote:
> Package: mongodb
> Version: 2.0.6-1+deb7u1
> CVE ID : CVE-2016-6494
> Debian Bug : 832908, 833087
>
> Two security related problems have been found in the mongodb
> package, related to logging.
>
> CVE-2016-6494
> ola@tigereye:~/git/debian-lts$ ./find-work
> Traceback (most recent call last):
> File "./find-work", line 3, in
> import requests
>
I think I'm missing some bit of your traceback/testcase here?
> 8056874b90d35883fd3a1747b911d935367edda3
Guessing from this, I think you had locale issue
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of openssh:
https://security-tracker.debian.org/tracker/CVE-2016-6515
Would you like to take care of this yourself?
If yes, please follow the workflow we have define
15 matches
Mail list logo