Wheezy update of libphp-adodb?

2016-09-08 Thread Balint Reczey
Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of libphp-adodb: https://security-tracker.debian.org/tracker/CVE-2016-4855 https://security-tracker.debian.org/tracker/TEMP-000-B85664 Would you like to take

Wheezy update of libarchive?

2016-09-08 Thread Balint Reczey
Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of libarchive: https://security-tracker.debian.org/tracker/CVE-2016-7166 Would you like to take care of this yourself? If yes, please follow the workflow we have

Re: Wheezy update of inspircd?

2016-09-08 Thread Guillaume Delacour
Hello, Le 07/09/2016 à 00:00, Balint Reczey a écrit : > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of inspircd: > https://security-tracker.debian.org/tracker/CVE-2016-7142 > > Would you like to take

Re: Wheezy update of icu?

2016-09-08 Thread Raphael Hertzog
On Thu, 08 Sep 2016, Moritz Muehlenhoff wrote: > And please add that to the checklist/onboarding process of new people working > on Freexian/LTS. I have put myself a note to review the internal documentation to ensure we have something about this. It would be good to have something in the wiki

Re: Wheezy update of inspircd?

2016-09-08 Thread Chris Lamb
Ben Hutchings wrote: > > I had an interesting conversation with the inspircd maintainers > > recently, over IRC: they are basically saying that 2.0.5 is full of > > security holes, and they do not bother with issuing CVEs, so it's really > > hard to tell what version if affected by what. > >

Re: Wheezy update of icu?

2016-09-08 Thread Moritz Muehlenhoff
On Thu, Sep 08, 2016 at 06:45:28AM -0400, Roberto C. Sánchez wrote: > On Thu, Sep 08, 2016 at 07:29:55AM +0200, Guido Günther wrote: > > > > If you find useful information on e.g. howto reproduce the bug or about > > the proper upstream fix use > > > >NOTE: > > > > See e.g. this entry from

Re: Wheezy update of icu?

2016-09-08 Thread Roberto C . Sánchez
On Thu, Sep 08, 2016 at 07:29:55AM +0200, Guido Günther wrote: > > If you find useful information on e.g. howto reproduce the bug or about > the proper upstream fix use > >NOTE: > > See e.g. this entry from the top of the current data/CVE/list: > > > CVE-2016-7155 [scsi: pvscsi: OOB read

Re: matrixssl

2016-09-08 Thread Brian May
Ben Hutchings writes: > This should be done by updating the debian-security-support package. > I'm not sure whether there's any need to batch changes there. > Unfortunately it looks like it has to be updated in jessie before > wheezy due to its date-based versioning. > >