Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of libphp-adodb:
https://security-tracker.debian.org/tracker/CVE-2016-4855
https://security-tracker.debian.org/tracker/TEMP-000-B85664
Would you like to take
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of libarchive:
https://security-tracker.debian.org/tracker/CVE-2016-7166
Would you like to take care of this yourself?
If yes, please follow the workflow we have
Hello,
Le 07/09/2016 à 00:00, Balint Reczey a écrit :
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of inspircd:
> https://security-tracker.debian.org/tracker/CVE-2016-7142
>
> Would you like to take
On Thu, 08 Sep 2016, Moritz Muehlenhoff wrote:
> And please add that to the checklist/onboarding process of new people working
> on Freexian/LTS.
I have put myself a note to review the internal documentation to ensure we
have something about this. It would be good to have something in the wiki
Ben Hutchings wrote:
> > I had an interesting conversation with the inspircd maintainers
> > recently, over IRC: they are basically saying that 2.0.5 is full of
> > security holes, and they do not bother with issuing CVEs, so it's really
> > hard to tell what version if affected by what.
>
>
On Thu, Sep 08, 2016 at 06:45:28AM -0400, Roberto C. Sánchez wrote:
> On Thu, Sep 08, 2016 at 07:29:55AM +0200, Guido Günther wrote:
> >
> > If you find useful information on e.g. howto reproduce the bug or about
> > the proper upstream fix use
> >
> >NOTE:
> >
> > See e.g. this entry from
On Thu, Sep 08, 2016 at 07:29:55AM +0200, Guido Günther wrote:
>
> If you find useful information on e.g. howto reproduce the bug or about
> the proper upstream fix use
>
>NOTE:
>
> See e.g. this entry from the top of the current data/CVE/list:
>
>
> CVE-2016-7155 [scsi: pvscsi: OOB read
Ben Hutchings writes:
> This should be done by updating the debian-security-support package.
> I'm not sure whether there's any need to batch changes there.
> Unfortunately it looks like it has to be updated in jessie before
> wheezy due to its date-based versioning.
>
>