24.01.2017 10:42, Ola Lundqvist wrote:
> CVE-2016-9602
this is about 9pfs. In wheezy, this is hardly used by anyone,
as it is very slow and quite unstable. But yes, it migth be a
real security issue.
However, the patch for this issue isn't upstream yet, it is
only seen in the redhat bugtracker. I
24.01.2017 00:10, Ola Lundqvist wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of qemu:
> https://security-tracker.debian.org/tracker/source-package/qemu
>
> Some of the issues may be minor but at l
CVE-2016-9602
On 24 January 2017 at 08:38, Michael Tokarev wrote:
> 24.01.2017 00:10, Ola Lundqvist wrote:
>> Hello dear maintainer(s),
>>
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Wheezy version of qemu:
>> https://security-tracker.debian.org
On Mon, Jan 23, 2017 at 03:06:31PM -0500, Antoine Beaupré wrote:
> On 2017-01-23 20:46:28, Guido Günther wrote:
> > On Mon, Jan 23, 2017 at 07:22:30PM +, Holger Levsen wrote:
> >> On Mon, Jan 23, 2017 at 02:01:41PM -0500, Antoine Beaupré wrote:
> >> > regarding ci... i am not sure how useful th
On 2017-01-23 15:14:30, Antoine Beaupré wrote:
> On 2017-01-22 11:25:08, Stefan Fritsch wrote:
>> Test Summary Report
>> ---
>> t/apache/chunkinput.t (Wstat: 0 Tests: 37 Failed: 1)
>>Failed test: 3
>> t/apache/contentlength.t (Wstat: 0 Tests: 24 Failed:
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu-kvm:
https://security-tracker.debian.org/tracker/source-package/qemu-kvm
The problematic CVE is:
CVE-2016-9602
The other ones may be minor so further triag
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu:
https://security-tracker.debian.org/tracker/source-package/qemu
Some of the issues may be minor but at least one of them require a DLA.
Would you like to ta
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of mcollective:
https://security-tracker.debian.org/tracker/CVE-2016-2788
Would you like to take care of this yourself?
If yes, please follow the workflow we have de
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of glassfish:
https://security-tracker.debian.org/tracker/source-package/glassfish
Some of the issues lack further information but at least one of them
require a DLA.
On 2017-01-22 11:25:08, Stefan Fritsch wrote:
> Test Summary Report
> ---
> t/apache/chunkinput.t (Wstat: 0 Tests: 37 Failed: 1)
>Failed test: 3
> t/apache/contentlength.t (Wstat: 0 Tests: 24 Failed: 8)
>Failed tests: 2, 4, 14, 16, 18, 20, 22, 24
>
On 2017-01-23 20:46:28, Guido Günther wrote:
> On Mon, Jan 23, 2017 at 07:22:30PM +, Holger Levsen wrote:
>> On Mon, Jan 23, 2017 at 02:01:41PM -0500, Antoine Beaupré wrote:
>> > regarding ci... i am not sure how useful that would be for me. right
>> > now, i just run a wheezy VM inside qemu an
On Monday, January 23, 2017 02:38:51 PM Antoine Beaupré wrote:
> On 2017-01-22 11:25:08, Stefan Fritsch wrote:
> > On Thursday, 19 January 2017 20:47:15 CET Stefan Fritsch wrote:
> >> On Tuesday, 17 January 2017 11:59:17 CET Antoine Beaupré wrote:
...
> > For jessie, I am not that far, yet. So I do
On Mon, Jan 23, 2017 at 07:22:30PM +, Holger Levsen wrote:
> On Mon, Jan 23, 2017 at 02:01:41PM -0500, Antoine Beaupré wrote:
> > regarding ci... i am not sure how useful that would be for me. right
> > now, i just run a wheezy VM inside qemu and install stuff by hand in
> > there. since i need
On Mon, Jan 23, 2017 at 06:41:25PM +0100, Bálint Réczey wrote:
> Hi,
>
> I have just patched ratt to allow automatic rebuilding of reverse
> build dependencies in distributions other than unstable:
> https://github.com/Debian/ratt/pull/8
>
> Sbuild running on jessie (building for wheezy) still em
On Mon, Jan 23, 2017 at 02:01:41PM -0500, Antoine Beaupré wrote:
> On 2017-01-23 18:41:25, Bálint Réczey wrote:
> [ratt: cool! though i am not sure when i should use that...?]
>
> > The other tool I would love to use for LTS work is a private
> > https://ci.debian.net/ installation for running aut
On 2017-01-22 11:25:08, Stefan Fritsch wrote:
> On Thursday, 19 January 2017 20:47:15 CET Stefan Fritsch wrote:
>> On Tuesday, 17 January 2017 11:59:17 CET Antoine Beaupré wrote:
>> > I would need people to start testing the package at this point, not
>> > necessarily in production considering how
On Mon, Jan 23, 2017 at 02:01:41PM -0500, Antoine Beaupré wrote:
> regarding ci... i am not sure how useful that would be for me. right
> now, i just run a wheezy VM inside qemu and install stuff by hand in
> there. since i need a clean VM every time, setting up the whole CI env
> would seem to be
On 2017-01-23 18:41:25, Bálint Réczey wrote:
[ratt: cool! though i am not sure when i should use that...?]
> The other tool I would love to use for LTS work is a private
> https://ci.debian.net/ installation for running autopkgtests or
> reverse dependencies.
>
> To make it happen I'm thinking abo
Hi,
I have just patched ratt to allow automatic rebuilding of reverse
build dependencies in distributions other than unstable:
https://github.com/Debian/ratt/pull/8
Sbuild running on jessie (building for wheezy) still emits errors like:
...
dpkg-deb: error: failed to read archive
`libming1_0.4.4-
Hi,
I have prepared the update for Wheezy using the upstream patches I wrote
and I also enabled hardening to make exploiting the remaining
vulnerabilities harder.
I know it is more than the usual minimal patches for fixing CVEs but in
case of ming's codebase enabling hardening is worth the risk o
20 matches
Mail list logo