On 2018-12-11 22:15, Moritz Mühlenhoff wrote:
On Tue, Dec 11, 2018 at 04:42:17PM +, Mike Gabriel wrote:
From my understanding the potential remote code executions that are
mentioned in the CVE descriptions are triggered by a malign server and the
code executions then happen on the client
Hi.
On Tuesday 11 December 2018 12:59 PM, Chris Lamb wrote:
> Hi Salvatore.
>
>> While preparing an update for libphp-phpmailer I noticed in the
>> patch/diff for DLA-1591-1 for libphp-phpmailer the following:
>
> Thanks for flagging. I will try and take a look at this over the next
> few days
On Tue, Dec 11, 2018 at 04:42:17PM +, Mike Gabriel wrote:
> From my understanding the potential remote code executions that are
> mentioned in the CVE descriptions are triggered by a malign server and the
> code executions then happen on the client side.
Thanks for background.
Security
Gah. Forgot to fix the CC here as well, sorry for the noise.
On 2018-12-11 10:05:53, Antoine Beaupré wrote:
> On 2018-12-10 17:44:51, Mike Gabriel wrote:
>> Hi,
>>
>> I'd like to discuss the possible pathways for getting FreeRDP fixed in
>> Debian jessie LTS (and Debian stretch, too).
>>
>>
Hi Moritz,
On Mo 10 Dez 2018 22:30:34 CET, Moritz Mühlenhoff wrote:
On Mon, Dec 10, 2018 at 05:44:51PM +, Mike Gabriel wrote:
Hi,
I'd like to discuss the possible pathways for getting FreeRDP fixed in
Debian jessie LTS (and Debian stretch, too).
debian-security@ldo is not the proper
On 2018-11-20 15:30:21, Holger Levsen wrote:
> On Mon, Nov 19, 2018 at 07:07:26PM -0500, Antoine Beaupré wrote:
>> The process broke down a while back, and reasons don't matter. We need
>> to figure out how to fix this.
>>
>> So I opened #859122 to import the missing DLAs and I've made good
>>
On 2018-12-10 17:44:51, Mike Gabriel wrote:
> Hi,
>
> I'd like to discuss the possible pathways for getting FreeRDP fixed in
> Debian jessie LTS (and Debian stretch, too).
>
> Last week I talked to Bernhard Miklautz (one of the FreeRDP upsteam
> maintainers and the actual packager of FreeRDPv2
