Re: Wheezy update of tcpdump?

Hi, On Thu, Sep 14, 2017 at 02:24:19PM +0200, Guido Günther wrote: > This gives a 404 and the Vcs-Git doesn't have it either. Can you git > push your changes? I can then test it on a live wheezy system and to > the upload and DLA. Reuploaded and pushed, thanks, -- Romain Francoise

Re: [SECURITY] [DLA 1096-1] wordpress-shibboleth security update

Hi Dominic, > I haven't been able to test this update yet against an installed > system, could you confirm what testing has been done for wheezy? I installed the package etc. and double-checked the esc_url method was added in the resulting binary. I then checked that esc_url method did the right

Re: Wheezy update of tcpdump?

Hi Romain, On Sun, Sep 10, 2017 at 04:12:34PM +0200, Romain Francoise wrote: > Hi, > > On Fri, Sep 08, 2017 at 08:50:40PM +0200, Ola Lundqvist wrote: > > If that workflow is a burden to you, feel free to just prepare an > > updated source package and send it to debian-lts@lists.debian.org > >

Re: [SECURITY] [DLA 1096-1] wordpress-shibboleth security update

On Thu, Sep 14, 2017 at 10:39:14AM +0100, Dominic Hargreaves wrote: > On Wed, Sep 13, 2017 at 06:51:10PM +0100, Chris Lamb wrote: > > Package: wordpress-shibboleth > > Version: 1.4-2+deb7u1 > > CVE ID : CVE-2017-14313 > > Debian Bug : #874416 > > > > It was discovered

Re: [SECURITY] [DLA 1096-1] wordpress-shibboleth security update

On Wed, Sep 13, 2017 at 06:51:10PM +0100, Chris Lamb wrote: > Package: wordpress-shibboleth > Version: 1.4-2+deb7u1 > CVE ID : CVE-2017-14313 > Debian Bug : #874416 > > It was discovered that there was a an XSS vulnerability in the login form of > the "Shibboleth"

Wheezy update of trafficserver?

Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of trafficserver: https://security-tracker.debian.org/tracker/source-package/trafficserver Would you like to take care of this yourself? If yes, please follow the

Wheezy update of mp3gain?

Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of mp3gain: https://security-tracker.debian.org/tracker/source-package/mp3gain Would you like to take care of this yourself? If yes, please follow the workflow we have

Call for testing: upcoming xen security update

Hi, credativ prepared a new Xen update to fix several CVEs. It would be great if you could give it some more testing: https://korte.credativ.com/~fge/xen/ Cheers, -- Guido

Re: CVE-2017-14103 / graphicsmagick

Brian May writes: > read(3, "", 4096) = 0 > read(3, "", 4096) = 0 > read(3, "", 4096) = 0 > read(3, "", 4096) = 0 > read(3, "", 4096) = 0 > read(3, "", 4096)