[SECURITY] [DLA 1835-2] python3.4 regression update

2019-06-25 Thread Roberto C . Sánchez
Package: python3.4 Version: 3.4.2-1+deb8u4 CVE ID : CVE-2019-9740 CVE-2019-9947 Debian Bug : 931044 The update issued as DLA-1835-1 caused a regression in the http.client library in Python 3.4 which was broken by the patch intended to fix CVE-2019-9740 and

Accepted python3.4 3.4.2-1+deb8u4 (source all amd64) into oldstable

2019-06-25 Thread Roberto C. Sanchez
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 25 Jun 2019 06:39:19 -0400 Source: python3.4 Binary: python3.4 python3.4-venv libpython3.4-stdlib python3.4-minimal libpython3.4-minimal libpython3.4 python3.4-examples python3.4-dev libpython3.4-dev libpython3.4-testsuite

Accepted rdesktop 1.8.6-0+deb8u1 (source amd64) into oldstable

2019-06-25 Thread Jonas Meurer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 25 Jun 2019 12:22:28 +0200 Source: rdesktop Binary: rdesktop Architecture: source amd64 Version: 1.8.6-0+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Jonas Meurer

Re: Availability of SACKS fix for Linux 4.9.x in Jessie

2019-06-25 Thread Moritz Muehlenhoff
On Tue, Jun 25, 2019 at 01:33:48PM +0200, Thomas Goirand wrote: > Hi Ben and everyone else, > > Is $subject plan, and what's the ETA? ETA: -7 days: https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html Cheers, Moritz

[SECURITY] [DLA 1837-1] rdesktop security update

2019-06-25 Thread Jonas Meurer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: rdesktop Version: 1.8.6-0+deb8u1 Debian Bug : 930387 Several security vulnerabilities were discovered in the rdesktop RDP client, which could result in buffer overflows and execution of arbitrary code. For Debian 8

Availability of SACKS fix for Linux 4.9.x in Jessie

2019-06-25 Thread Thomas Goirand
Hi Ben and everyone else, Is $subject plan, and what's the ETA? Thanks in advance for your reply, Cheers, Thomas Goirand (zigo)

Re: [DLA 1835-1] python3.4 security update breaks upgrade (SyntaxError: invalid syntax)

2019-06-25 Thread Roberto C . Sánchez
On Tue, Jun 25, 2019 at 09:47:28AM +0100, Chris Lamb wrote: > Hi Bas et al., > > > Setting up python3.4 (3.4.2-1+deb8u3) ... > > File "/usr/lib/python3.4/http/client.py", line 1014 > > raise InvalidURL(f"URL can't contain control characters. {url!r} " > >

[SECURITY] [DLA 1836-1] thunderbird security update

2019-06-25 Thread Emilio Pozuelo Monfort
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: thunderbird Version: 1:60.7.2-1~deb8u1 CVE ID : CVE-2019-11707 CVE-2019-11708 Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are

Re: [DLA 1835-1] python3.4 security update breaks upgrade (SyntaxError: invalid syntax)

2019-06-25 Thread Chris Lamb
Hi Bas et al., > Setting up python3.4 (3.4.2-1+deb8u3) ... > File "/usr/lib/python3.4/http/client.py", line 1014 > raise InvalidURL(f"URL can't contain control characters. {url!r} " > ^ > SyntaxError: invalid

[DLA 1835-1] python3.4 security update breaks upgrade (SyntaxError: invalid syntax)

2019-06-25 Thread Bas Couwenberg
The python3.4 upgrade failed: Setting up python3.4 (3.4.2-1+deb8u3) ... File "/usr/lib/python3.4/http/client.py", line 1014 raise InvalidURL(f"URL can't contain control characters. {url!r} " ^ SyntaxError: invalid