Hi Bastien,
On Di 01 Okt 2024 19:48:02 CEST, Bastien Roucariès wrote:
Le mardi 1 octobre 2024, 17:02:40 UTC Sylvain Beucler a écrit :
Hello Mike,
On 12/08/2024 18:40, Santiago Ruano Rincón wrote:
> El 12/08/24 a las 00:27, Mike Gabriel escribió:
>> On So 11 Aug 2024 12:57:23 CES
list. Really sorry
for the noise)
El 31/05/22 a las 05:42, Mike Gabriel escribió:
> Hi Moritz, Salvatore, Sylvain,
>
> On Mo 30 Mai 2022 20:04:14 CEST, Moritz Mühlenhoff wrote:
>
> > Am Sun, May 29, 2022 at 09:36:43AM +0200 schrieb Salvatore Bonaccorso:
> > > While this is
update round (which is already overdue).
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail
Hi all,
On Sa 21 Mai 2022 10:25:35 CEST, Sylvain Beucler wrote:
Hi all,
On 12/05/2022 08:35, Mike Gabriel wrote:
On Tue, May 10, 2022 at 12:31:46PM +0200, Sylvain Beucler wrote:
On 08/05/2022 21:17, Salvatore Bonaccorso wrote:
Now, php-horde-editor is the only rdepends of ckeditor3.
IMHO
them how
doable a ckeditor4 (or later) would be.
> > Inputs, Ideas?
>
> This sounds sensible to me, but since I'm no Horde expert I'm adding Mike
> and Juri in Cc so they can provide their thoughts on a way forward.
Please also note, that Horde still needs love regarding the PHP8
transition. I have this on my radar and will get this resolved over the
summer. Currently, due to paid work, my system shows ENOTIME for this.
Thanks for bringing up this topic,
Mike
--
DAS-NETZWERKTEAM
Mike Gabriel, Herweg 7, 24357 Fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x9AF46B3025771B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
signature.asc
Description: PGP signature
address a possible regression in CVE-2020-8164/CVE-2020-8165.
Cheers!
Sylvain
thanks for Cc:ing me! Will take a look into issues tackled above.
Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520
On Mo 29 Jun 2020 12:07:31 CEST, Holger Levsen wrote:
- DLA 2230-1 (reserved by Mike Gabriel)
Ouch. Here it is:
https://salsa.debian.org/webmaster-team/webwml/-/merge_requests/504
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17
Hi again,
On Mo 01 Jun 2020 12:55:02 CEST, Mike Gabriel wrote:
* CVE-fix freerdp2 in buster
for the record... the first round of CVE fixes has just been uploaded
to buster:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961978
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und
-> impacts: remmina (ship buster's / stretch-backports version)
Please send your thoughts and feedback on this!
Thanks+Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
l
rsion. I will also submit bugs for Stretch and Buster.
Thanks,
Hugh
I'll take a look tonight (or tomorrow).
Thanks for working on the updates.
Mike
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27
GnuPG Fingerprint: 9BFB AEE8 6C0A
Hi Hugh,
On Di 19 Mai 2020 13:24:45 CEST, Hugh McMaster wrote:
Hi Mike,
On Tue, 19 May 2020 at 00:37, Mike Gabriel wrote:
On Mo 18 Mai 2020 16:14:39 CEST, Hugh McMaster wrote:
> [...]
> In many ways, the debdiff for Jessie is the same for Stretch. The
> Developers Reference
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net
pgpLw78UHtHn8.pgp
Description: Digitale PGP-Signatur
HI Hugh,
On Mo 18 Mai 2020 06:22:32 CEST, Mike Gabriel wrote:
Hi Hugh,
On So 17 Mai 2020 10:30:30 CEST, Hugh McMaster wrote:
Hi Mike and LTS team,
On Thu, 14 May 2020 at 15:42, Mike Gabriel wrote:
The Debian LTS team would like to fix the security issues which are
currently open in the
Hi Hugh,
On So 17 Mai 2020 10:30:30 CEST, Hugh McMaster wrote:
Hi Mike and LTS team,
On Thu, 14 May 2020 at 15:42, Mike Gabriel wrote:
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of libexif:
https://security-tracker.debian.org
Dear Hugh,
On So 17 Mai 2020 10:30:30 CEST, Hugh McMaster wrote:
Hi Mike and LTS team,
On Thu, 14 May 2020 at 15:42, Mike Gabriel wrote:
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of libexif:
https://security-tracker.debian.org
Hi Luca,
On Do 14 Mai 2020 20:18:53 CEST, Luca Boccassi wrote:
On Thu, 2020-05-14 at 13:32 +, Mike Gabriel wrote:
Hi Luca,
On Do 14 Mai 2020 11:52:22 CEST, Luca Boccassi wrote:
> On Thu, 2020-05-14 at 08:03 +0200, Mike Gabriel wrote:
> > Dear maintainer(s),
> > [.
Hi Luca,
On Do 14 Mai 2020 11:52:22 CEST, Luca Boccassi wrote:
On Thu, 2020-05-14 at 08:03 +0200, Mike Gabriel wrote:
Dear maintainer(s),
[...]
If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of openconnect updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of th
er to your packaging repository), and the members of the LTS team
will take care of the rest. However please make sure to submit a tested
package.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG F
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libexif updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS
nd/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of graphicsmagick updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of log4net updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS
this update, please let us know. We
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka sunweaver (Debian Developer
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of exim4 updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS team m
Hi Russ,
Am Mittwoch, 1. April 2020 schrieb Russ Allbery:
> Mike Gabriel writes:
> > On Di 31 Mär 2020 10:28:42 CEST, Mike Gabriel wrote:
>
> >> PS: A member of the LTS team might start working on this update at
> >> any point in time. You can verify whether some
Hi Russ, hi Sam,
On Di 31 Mär 2020 10:28:42 CEST, Mike Gabriel wrote:
PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://salsa.debian.org/security-tracker-team/security-tracker
review and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libpam-krb5 updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A
Hi Salvatore, hi Noah,
On Sa 01 Feb 2020 14:01:36 CET, Salvatore Bonaccorso wrote:
Hi Mike,
On Fri, Jan 31, 2020 at 10:01:05PM +, Mike Gabriel wrote:
Hi Ola, Noah,
On Fr 31 Jan 2020 20:32:01 CET, Ola Lundqvist wrote:
> Hi
>
> Spamassassin (and a few other packages) are
HI Matus,
On Fr 31 Jan 2020 17:16:53 CET, Matus UHLAR - fantomas wrote:
On 31.01.20 14:31, Mike Gabriel wrote:
Hi Noah, dear LTS contributors,
Helo guys,
I am about to look into CVE-2020-1930 and CVE-2020-1931 reported
against spamassassin.
The issues have been fixed in 3.4.4~rc1
oduce some major backwards compatibility
issue.
// Ola
Looking into a 3.4.4-1 backported to jessie (i.e. 3.4.4.-1~deb8u3)
right now...
Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 197
\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
pgp
Hi Utkarsh,
On Di 14 Jan 2020 22:50:30 CET, Utkarsh Gupta wrote:
Hi Mike,
On 14/01/20 2:00 pm, Mike Gabriel wrote:
please send over the announcement text, I'll handle the signed mail to
d-lts-announce later today.
Many thanks for doing so.
Attached is the DLA-2060 for phpmyadmin an
I shall send the DLAs here in sometime. Requesting for someone
to announce the update on my behalf :)
Best,
Utkarsh
please send over the announcement text, I'll handle the signed mail to
d-lts-announce later today.
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförd
ts content and sending it via GMail.
Whilst I BCCed myself, I do get a "Good signature from Utkarsh Gupta
" on Thunderbird.
Am I missing something?
Maybe use a mail client like Mutt or Thunderbird providing native GPG
support on top of your gmail account?
Mike
--
DAS-NETZWERKTEAM
c\o
Hi,
On Sa 21 Dez 2019 21:43:43 CET, Salvatore Bonaccorso wrote:
Hi Mike,
On Sat, Dec 21, 2019 at 05:47:25PM +, Mike Gabriel wrote:
Hi again,
On Sa 21 Dez 2019 18:36:09 CET, Mike Gabriel wrote:
> Hi again,
>
> On Sa 21 Dez 2019 17:27:15 CET, Mike Gabriel wrote:
>
Hi,
On Sa 21 Dez 2019 15:42:08 CET, Abhijith PA wrote:
Hi Markus and Mike
On 21/12/19 3:26 am, Mike Gabriel wrote:
On Fr 20 Dez 2019 15:35:01 CET, Markus Koschany wrote:
Nethack is a game and I believe it should be added to our end-of-life
list.
+1 from me.
Mike
I claimed it in
Hi again,
On Sa 21 Dez 2019 18:36:09 CET, Mike Gabriel wrote:
Hi again,
On Sa 21 Dez 2019 17:27:15 CET, Mike Gabriel wrote:
Hi all,
the recent libssh fix for CVE-2019-14889 causes a regresion in X2Go Client:
```
Connection failed. Couldn't create remote file
~/.x2go/ssh/key.X
Hi again,
On Sa 21 Dez 2019 17:27:15 CET, Mike Gabriel wrote:
Hi all,
the recent libssh fix for CVE-2019-14889 causes a regresion in X2Go Client:
```
Connection failed. Couldn't create remote file
~/.x2go/ssh/key.X18947 - SCP: Warning: status code 1 received:
scp: ~/.x2go/ssh: No
Hi Roberto,
On Fr 20 Dez 2019 16:36:05 CET, Roberto C. Sánchez wrote:
On Fri, Dec 20, 2019 at 01:06:39PM +0100, Mike Gabriel wrote:
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of cyrus-sasl2:
https://security
fix to be applied against X2Go Client (in
jessie/stretch/buster/unstable):
https://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=ce559d1
Thanks,
Mike
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27
GnuPG Fingerprint: 9BFB AEE8 6C0A
Hi Roland,
On Fr 20 Dez 2019 13:46:08 CET, Roland Rosenfeld wrote:
Hi Mike!
On Fr, 20 Dez 2019, Mike Gabriel wrote:
The Debian LTS team recently reviewed the security issue(s) affecting your
package in Jessie:
https://security-tracker.debian.org/tracker/CVE-2019-19797
We decided that a
On Fr 20 Dez 2019 15:35:01 CET, Markus Koschany wrote:
Hi Mike,
Am 20.12.19 um 13:33 schrieb Mike Gabriel:
The Debian LTS team recently reviewed the security issue(s) affecting your
package in Jessie:
https://security-tracker.debian.org/tracker/CVE-2019-19905
We decided that a member of the
team
will take care of the rest. However please make sure to submit a tested
package.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of ruby-rack updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of th
team
will take care of the rest. However please make sure to submit a tested
package.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of cyrus-sasl2 updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of th
answer and then the LTS Team will take care of proftpd-dfsg updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this
iew and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libjackson-json-java updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS te
. Just let us know whether you would
like to review and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of asterisk updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
Hi Holger,
On Fr 29 Nov 2019 13:46:23 CET, Holger Levsen wrote:
Hi Mike, Utkarsh,
On Fri, Nov 29, 2019 at 12:24:34PM +, Mike Gabriel wrote:
Sorry for the delay. Looking into it right now.
Mike (with LTS frontdesk hat on)
thanks a lot for this and the uploads, Mike! Utkarsh has pinged
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
pgpCEl1eXdxAi.pgp
Description: Digitale PGP
(Stretch,) Buster, Bullseye, and Sid to the
maintainer. CCed #944150.
Best,
Utkarsh
---
[1]:
https://mentors.debian.net/debian/pool/main/3/389-ds-base/389-ds-base_1.3.3.5-4+deb8u7.dsc
Upload to security-master now.
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
pdates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://salsa.debian.org/security-tr
t was automatically removed from dla-needed.txt when I reserved
DLA-1996-1 but Mike readded it. It can be safely removed.
Regards,
Markus
Sorry for the race time condition...
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckern
Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
pgpxyb857Ut1V.pgp
Description
series, if not).
My plan is to go over VNC related packages over the next couple of
days and also propose .debdiffs for stretch versions.
Thanks,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976
e above.
light+love
Mike
[1] https://www.openwall.com/lists/oss-security/2018/12/10/5
[2] https://bugs.debian.org/943833
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG
Hi Holger,
Am Montag, 7. Oktober 2019 schrieb Holger Levsen:
> Hi Mike,
>
> On Sun, Oct 06, 2019 at 10:14:23PM +0000, Mike Gabriel wrote:
> > I tried another time, like described by Ben (a new DLA-1942-2), but the mail
> > still has not arrived on the list.
>
> I&#x
HI Holger,
On So 06 Okt 2019 19:12:22 CEST, Holger Levsen wrote:
Hi Mike,
On Sun, Oct 06, 2019 at 02:43:01PM +, Mike Gabriel wrote:
This is a follow-up to DLA-1942-1.
this mail didnt make it to lts-announce...
I tried another time, like described by Ben (a new DLA-1942-2), but
the
On Di 01 Okt 2019 01:44:30 CEST, Mike Gabriel wrote:
Package: phpbb3
Version: 3.0.12-5+deb8u4
CVE ID : CVE-2019-16993
In phpBB, includes/acp/acp_bbcodes.php had improper verification of a
CSRF token on the BBCode page in the Administration Control Panel. An
actual
be
declared that CVE-2019-13376 is in fact already fixed by +deb8u4
* furthermore, I referenced CVE-2019-13776 in the announcement,
rather than CVE-2019-13376 (typo, g...)
Correct?
Thanks for spotting this!
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mik
Hi,
On Di 17 Sep 2019 17:38:03 CEST, Mike Gabriel wrote:
What I did:
1. Setup a fresh 389-ds instance using jessie's original version
(see http://snapshot.debian.org/package/389-ds-base/1.3.3.5-4/)
2. Upgrade to +deb8u4, test login, LDAP queries, etc.
-> worked
3. Upgrade to +deb8
Hi Jan,
On Thu, 12 Sep 2019 09:38:13 +0200 Jan Kowalsky
wrote:
> Hi Mike,
> hi Hugo,
>
>
> Am 11.09.19 um 14:04 schrieb Mike Gabriel:
> > Hi Hugo,
> >
> > sorry for the late reply on this urgent matter.
> >
> > On So 08 Sep 2019 10:46:26 CEST, Hug
stuff (the patch was about indefinite
SSL connection hangs).
Let me know, if you need help looking into this (due to e.g. time
constraints or what not on your side).
Greets,
Mike
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27
GnuPG
Hi Sylvain,
On Mo 09 Sep 2019 21:37:31 CEST, Sylvain Beucler wrote:
I can make myself available on Friday 10AM, that sounds good.
Good. Stencilled into my calendar now.
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340
after 10am (CEST) and get to work
on this together. Is that a plan? Let me know, if you are available
then.
Thanks,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8
because upstream feedback is required. CVE-2019-14981 is
postponed until something more severe needs fixing.
IMHO, CVE-2019-13308 and CVE-2019-13391 are a good reason for keeping
imagemagick in dla-needed.txt and also keeping it claimed by the
person who sent out the requests for feedback to
to/for your issue.
I will check bug presence in unstable's dovecot and file a bug report
against dovecot later today / tomorrow.
Thanks+Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520)
Hi Lee,
thanks for reply.
On Sa 31 Aug 2019 16:22:38 CEST, Lee Garrett wrote:
Hi Mike!
(please don't CC Michael, he is not active on the ansible package
anymore and asked to be removed from uploaders.)
On 30/08/2019 12:09, Mike Gabriel wrote:
The Debian LTS team recently reviewe
13-12~deb8u7.debdiff
[3] http://snapshot.debian.org/package/dovecot/1%3A2.2.13-12%7Edeb8u6/#binpkgs
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint:
Hi,
Am Freitag, 30. August 2019 schrieb Salvatore Bonaccorso:
> hi Mike,
>
> On Fri, Aug 30, 2019 at 03:22:23PM +0200, Salvatore Bonaccorso wrote:
> > Hi Mike,
> >
> > On Fri, Aug 30, 2019 at 11:25:16AM +, Mike Gabriel wrote:
> > > However, to add
re for
jessie LTS, would it be appropriate to tag them as ignored in
data/CVE/list?
Otherwise they pop up again and again in lts-cve-triage.py.
Thanks,
Mike
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27
GnuPG Fingerprint: 9BFB
On Fr 30 Aug 2019 15:22:23 CEST, Salvatore Bonaccorso wrote:
Hi Mike,
On Fri, Aug 30, 2019 at 11:25:16AM +, Mike Gabriel wrote:
However, to address CVE-2019-5477 it should also be associated to the
rexical src:pkg in stretch and later. @security-team: can you please update
data/CVE/list
Hi Sylvain,
On Fr 30 Aug 2019 11:13:14 UTC, Sylvain Beucler wrote:
Hi,
On 30/08/2019 10:28, Mike Gabriel wrote:
Hi Sylvain, hi all,
On Fr 08 Mär 2019 11:03:49 CET, Sylvain Beucler wrote:
Hi,
On 04/03/2019 17:37, Sylvain Beucler wrote:
On 04/03/2019 16:55, Markus Koschany wrote:
Am
ith an URL pointing to the source package, or even with a
pointer to your packaging repository), and the members of the LTS team
will take care of the rest. However please make sure to submit a tested
package.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of ruby-nokogiri updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member
review and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libcommons-compress-java updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libgcrypt20 updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of th
Mike
[1]
https://github.com/sparklemotion/nokogiri/commit/5d30128343573a9428c86efc758ba2c66e9f12dc
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint:
he updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of irssi updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS team m
of the LTS team
will take care of the rest. However please make sure to submit a tested
package.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4
tory), and the members of the LTS team
will take care of the rest. However please make sure to submit a tested
package.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
--
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG Fingerprint: 9BFB AEE8
accordingly, unless people contradict.
Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577
LTS
package upload candidates. And I really love the idea of a review
workflow for package uploads.
And, open question: Would such a workflow be an option for the
security team's workflow, too?
Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabrie
Hi,
On Mi 26 Jun 2019 14:55:46 CEST, Sylvain Beucler wrote:
Hi Mike,
On Mon, Jun 24, 2019 at 08:28:11AM +, Mike Gabriel wrote:
On Di 18 Jun 2019 22:47:44 CEST, Sylvain Beucler wrote:
> Package: glib2.0
> Version: 2.42.1-1+deb8u1
> CVE ID : CVE-2
Hi,
On Mi 26 Jun 2019 14:55:46 CEST, Sylvain Beucler wrote:
Hi Mike,
On Mon, Jun 24, 2019 at 08:28:11AM +, Mike Gabriel wrote:
On Di 18 Jun 2019 22:47:44 CEST, Sylvain Beucler wrote:
> Package: glib2.0
> Version: 2.42.1-1+deb8u1
> CVE ID : CVE-2
e
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-net
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net
pgpCaKfls6qSi.pgp
Description: Digitale PGP-Signatur
Hi again,
On Mi 29 Mai 2019 12:16:56 CEST, Mike Gabriel wrote:
[...]
I will remove the package from dla-needed.txt again for now.
I just saw that Chris Lamb already did that earlier.
Mike
--
mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4354
HI Thijs,
On Di 28 Mai 2019 18:17:39 CEST, Thijs Kinkhorst wrote:
On Tue, May 28, 2019 16:01, Chris Lamb wrote:
Mike Gabriel wrote:
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of simplesamlphp:
Which CVE is/was this for? I am
r test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of mupdf updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS
ing-java updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://salsa.debian.org/s
iew and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of miniupnpd updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS team.
PS: A member
to review and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of simplesamlphp updates
for the LTS releases.
Thank you very much.
Mike Gabriel,
on behalf of the Debian LTS te
Hi,
On Friday, 26 April 2019, Klimov, Evgeny wrote:
> Hello Mike, and a good day to you.
>
> Our project uses Debian (Jessie so far) as the platform, and since
> yesterday’s rebuilds with the updated systemd packages (systemd
> 215-17+deb8u12), our working directories created via tmpfiles are a
Hi,
On Do 25 Apr 2019 09:55:43 CEST, Sedat Dilek wrote:
On Thu, Apr 25, 2019 at 9:51 AM Mike Gabriel wrote:
Hi Sedat,
(Cc:-ing debian-lts mailing list)
On Do 25 Apr 2019 09:07:40 CEST, Sedat Dilek wrote:
> Hi,
>
> we have upgraded systemd on some of our Debian/jessie systems:
Hi Sedat,
On Do 25 Apr 2019 09:55:43 CEST, Sedat Dilek wrote:
On Thu, Apr 25, 2019 at 9:51 AM Mike Gabriel wrote:
Hi Sedat,
(Cc:-ing debian-lts mailing list)
On Do 25 Apr 2019 09:07:40 CEST, Sedat Dilek wrote:
> Hi,
>
> we have upgraded systemd on some of our Debian/jessi
,3 +1,12 @@
+systemd (215-17+deb8u12) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the LTS team.
+ * CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are
+hardlinked, unless protected_hardlinks sysctl is on.
+ * CVE-2019-3842: pam-systemd: use secure_getenv() rat
d only care about "signature spoofing". This means that
evolution-data-server is unaffected and only evolution needs to be fixed.
Your choice of priority sounds good to me.
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler str. 17, 24340 Ecke
1 - 100 of 201 matches
Mail list logo
