Hi
I'll let the person doing the update judge whether the patch is
premature or not. Generally I do not think we need to wait for
upstream.
Best regards
// Ola
On 24 January 2017 at 08:57, Michael Tokarev wrote:
> 24.01.2017 10:42, Ola Lundqvist wrote:
>> CVE-2016-9602
>
> this is about 9pfs.
On Tue, Jan 24, 2017 at 10:57:11AM +0300, Michael Tokarev wrote:
> 24.01.2017 10:42, Ola Lundqvist wrote:
> > CVE-2016-9602
>
> this is about 9pfs. In wheezy, this is hardly used by anyone,
> as it is very slow and quite unstable. But yes, it migth be a
> real security issue.
Just as a datapoint:
24.01.2017 10:42, Ola Lundqvist wrote:
> CVE-2016-9602
this is about 9pfs. In wheezy, this is hardly used by anyone,
as it is very slow and quite unstable. But yes, it migth be a
real security issue.
However, the patch for this issue isn't upstream yet, it is
only seen in the redhat bugtracker. I
24.01.2017 00:10, Ola Lundqvist wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of qemu:
> https://security-tracker.debian.org/tracker/source-package/qemu
>
> Some of the issues may be minor but at l
CVE-2016-9602
On 24 January 2017 at 08:38, Michael Tokarev wrote:
> 24.01.2017 00:10, Ola Lundqvist wrote:
>> Hello dear maintainer(s),
>>
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Wheezy version of qemu:
>> https://security-tracker.debian.org
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu-kvm:
https://security-tracker.debian.org/tracker/source-package/qemu-kvm
The problematic CVE is:
CVE-2016-9602
The other ones may be minor so further triag
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu:
https://security-tracker.debian.org/tracker/source-package/qemu
Some of the issues may be minor but at least one of them require a DLA.
Would you like to ta
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu:
https://security-tracker.debian.org/tracker/source-package/qemu
Would you like to take care of this yourself?
If yes, please follow the workflow we have def
Hello dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu:
https://security-tracker.debian.org/tracker/CVE-2016-8667
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined h
On Mon, 2016-06-13 at 20:28 +0300, Michael Tokarev wrote:
> 13.06.2016 19:55, Ben Hutchings wrote:
> > On Mon, 2016-06-13 at 18:23 +0300, Michael Tokarev wrote:
> > > 06.06.2016 04:37, Ben Hutchings wrote:
> > > > Hello dear maintainer(s),
> > > >
> > > > the Debian LTS team would like to fix the
13.06.2016 19:55, Ben Hutchings wrote:
> On Mon, 2016-06-13 at 18:23 +0300, Michael Tokarev wrote:
>> 06.06.2016 04:37, Ben Hutchings wrote:
>>> Hello dear maintainer(s),
>>>
>>> the Debian LTS team would like to fix the security issues which are
>>> currently open in the Wheezy version of qemu:
>>
On Mon, 2016-06-13 at 18:23 +0300, Michael Tokarev wrote:
> 06.06.2016 04:37, Ben Hutchings wrote:
> > Hello dear maintainer(s),
> >
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Wheezy version of qemu:
> > https://security-tracker.debian.org/tra
06.06.2016 04:37, Ben Hutchings wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of qemu:
> https://security-tracker.debian.org/tracker/CVE-2016-3710
> https://security-tracker.debian.org/tracker/CVE-2
On Wed, Jun 08, 2016 at 02:32:55PM +0200, Raphael Hertzog wrote:
> Hi,
>
> On Tue, 07 Jun 2016, Guido Günther wrote:
> > I'm not happy with this either. We could try to support it on a best
> > effor basis if this helps anything. I assume most people are running not
> > with mostly trusted guests.
Hi,
On Tue, 07 Jun 2016, Guido Günther wrote:
> I'm not happy with this either. We could try to support it on a best
> effor basis if this helps anything. I assume most people are running not
> with mostly trusted guests.
So we got answers from the sponsors with qemu/qemu-kvm listed and most of
t
Hi Raphael,
On Tue, Jun 07, 2016 at 10:16:38AM +0200, Raphael Hertzog wrote:
> On Tue, 07 Jun 2016, Guido Günther wrote:
> > I do agree it should not have been EOLed yet but given the feedback to
> >
> > https://lists.debian.org/debian-lts/2016/04/msg2.html
> >
> > I'll EOL qemu/qemu-kvm
On Tue, 07 Jun 2016, Guido Günther wrote:
> I do agree it should not have been EOLed yet but given the feedback to
>
> https://lists.debian.org/debian-lts/2016/04/msg2.html
>
> I'll EOL qemu/qemu-kvm by the end of the week by adding it to
> security-support-ended and sending a short annou
Hi,
On Mon, Jun 06, 2016 at 11:19:52PM +0100, Ben Hutchings wrote:
> On Mon, 2016-06-06 at 22:33 +0200, Ola Lundqvist wrote:
> > Hi Ben
> >
> > I can see the following note:
> > [wheezy] - qemu (Not supported in Wheezy LTS)
> > [wheezy] - qemu-kvm (Not supported in Wheezy LTS)
> >
> > Don't thi
On Mon, 2016-06-06 at 22:33 +0200, Ola Lundqvist wrote:
> Hi Ben
>
> I can see the following note:
> [wheezy] - qemu (Not supported in Wheezy LTS)
> [wheezy] - qemu-kvm (Not supported in Wheezy LTS)
>
> Don't this mean that we should not update this package?
There has been discussion of droppi
Hi Ben
I can see the following note:
[wheezy] - qemu (Not supported in Wheezy LTS)
[wheezy] - qemu-kvm (Not supported in Wheezy LTS)
Don't this mean that we should not update this package?
Cheers
// Ola
On Mon, Jun 6, 2016 at 3:37 AM, Ben Hutchings wrote:
> Hello dear maintainer(s),
>
> th
Hi Ben
I can see the following note:
[wheezy] - qemu (Not supported in Wheezy LTS)
[wheezy] - qemu-kvm (Not supported in Wheezy LTS)
Don't this mean that we should not update this package?
Cheers
// Ola
On Mon, Jun 6, 2016 at 3:37 AM, Ben Hutchings wrote:
> Hello dear maintainer(s),
>
> th
06.06.2016 04:37, Ben Hutchings wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of qemu:
> https://security-tracker.debian.org/tracker/CVE-2016-3710
> https://security-tracker.debian.org/tracker/CVE-2
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu-kvm:
https://security-tracker.debian.org/tracker/CVE-2015-8666
https://security-tracker.debian.org/tracker/CVE-2016-3710
https://security-tracker.debian.org/tr
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of qemu:
https://security-tracker.debian.org/tracker/CVE-2016-3710
https://security-tracker.debian.org/tracker/CVE-2016-3712
https://security-tracker.debian.org/tracke
24 matches
Mail list logo