On 1/23/19 7:00 AM, Abhijith PA wrote:
>
> Hi.
>
> My sbuild setup fails to build packages in jessie.
>
> W: Failed to fetch
> gzip:/var/lib/apt/lists/partial/_build_pdns-recursor-mVttBC_resolver-NUo8FV_apt%5farchive_._Sources.gz
> Invalid file format
>
> E: Some index files failed to
Hi.
My sbuild setup fails to build packages in jessie.
W: Failed to fetch
gzip:/var/lib/apt/lists/partial/_build_pdns-recursor-mVttBC_resolver-NUo8FV_apt%5farchive_._Sources.gz
Invalid file format
E: Some index files failed to download. They have been ignored, or old
ones used instead.
E:
Package: systemd
Version: 215-17+deb8u9
CVE ID : CVE-2018-16864 CVE-2018-16865
Debian Bug : 918841 918848
Multiple vulnerabilities were found in the journald component of
systemd which can lead to a crash or code execution.
CVE-2018-16864
An allocation of memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 22 Jan 2019 15:30:45 -0500
Source: systemd
Binary: systemd systemd-sysv libpam-systemd libsystemd0 libsystemd-dev
libsystemd-login0 libsystemd-login-dev libsystemd-daemon0 libsystemd-daemon-dev
libsystemd-journal0
On Tue 2019-01-22 14:44:50 -0500, Antoine Beaupré wrote:
> I'm not sure we should remove *both* enigmail and thunderbird from
> jessie. I understand there are problems with the a.m.o version, but then
> that's somewhat outside of scope of LTS. It would seem rather unfair for
> users of thunderbird
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 22 Jan 2019 20:46:50 +0100
Source: libjpeg-turbo
Binary: libjpeg-dev libjpeg62-turbo-dev libjpeg62-turbo libjpeg62-turbo-dbg
libturbojpeg1 libturbojpeg1-dbg libturbojpeg1-dev libjpeg-turbo-progs
libjpeg-turbo-progs-dbg
On Tue, Jan 22, 2019 at 02:44:50PM -0500, Antoine Beaupré wrote:
>
> I'm not sure we should remove *both* enigmail and thunderbird from
> jessie. I understand there are problems with the a.m.o version, but then
[..]
> Right now I'm leaning towards completely dropping support from Enigmail
> in
On 2018-12-20 14:30:49, Daniel Kahn Gillmor wrote:
> fwiw, i agree with jmm that encouraging users to upgrade to stable is
> the best outcome here. The question is, what are we doing to the folks
> who (for whatever reason) can't make that switch.
>
> On Thu 2018-12-20 17:01:30 +0100, Moritz
Ben Hutchings wrote:
> This presumably needs to be fixed for jessie LTS as well, and I see
> Chris Lamb has claimed it.
I took the "claim" here so that there was definitely someone in the
LTS team who would ensure everything was followed-through, which
seems like it has happened. I've since
Would it be best practice to disable HTTP connections for apt and is
the latter even possible?
Thank you
On Tue, Jan 22, 2019 at 9:55 AM Julian Andres Klode wrote:
>
> Package: apt
> Version: 1.0.9.8.5
> CVE ID : CVE-2019-3462
> Debian Bug :
>
> (amended to refer to
jasongutow...@westat.com
On Tue, Jan 22, 2019 at 9:55 AM Julian Andres Klode wrote:
>
> Package: apt
> Version: 1.0.9.8.5
> CVE ID : CVE-2019-3462
> Debian Bug :
>
> (amended to refer to jessie in the sources.list entry below, instead of
> stable)
>
> Max Justicz
Package: apt
Version: 1.0.9.8.5
CVE ID : CVE-2019-3462
Debian Bug :
(amended to refer to jessie in the sources.list entry below, instead of
stable)
Max Justicz discovered a vulnerability in APT, the high level package manager.
The code handling HTTP redirects in the
On Tue, 22 Jan 2019, Julian Andres Klode wrote:
> > jessie/updates! Using stable/updates will break the system
> > and keep back apt!
>
> Sorry, I missed that bit while updating the email from the DSA :(
Don't worry, this happens, we're all humans, but please
send an updated announcement
On Tue, Jan 22, 2019 at 03:49:22PM +0100, Thorsten Glaser wrote:
> On Tue, 22 Jan 2019, Julian Andres Klode wrote:
>
> > This is known to break some proxies when used against security.debian.org.
> > If
> > that happens, people can switch their security APT source to use:
> >
> > deb
On Tue, 22 Jan 2019, Julian Andres Klode wrote:
> This is known to break some proxies when used against security.debian.org. If
> that happens, people can switch their security APT source to use:
>
> deb http://cdn-fastly.deb.debian.org/debian-security stable/updates main
jessie/updates! Using
On Tue, Jan 22, 2019 at 01:44:12PM +, Ben Hutchings wrote:
> On Tue, 2019-01-22 at 13:17 +0100, Yves-Alexis Perez wrote:
> > -
> > Debian Security Advisory DSA-4371-1 secur...@debian.org
> >
On Tue, Jan 22, 2019 at 01:44:12PM +, Ben Hutchings wrote:
>On Tue, 2019-01-22 at 13:17 +0100, Yves-Alexis Perez wrote:
>> -
>> Debian Security Advisory DSA-4371-1 secur...@debian.org
>>
On Tue, 2019-01-22 at 13:17 +0100, Yves-Alexis Perez wrote:
> -
> Debian Security Advisory DSA-4371-1 secur...@debian.org
> https://www.debian.org/security/Yves-Alexis Perez
> January
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 22 Jan 2019 13:15:57 +0100
Source: apt
Binary: apt libapt-pkg4.12 libapt-inst1.5 apt-doc libapt-pkg-dev libapt-pkg-doc
apt-utils apt-transport-https
Architecture: source all amd64
Version: 1.0.9.8.5
Distribution:
19 matches
Mail list logo