On Fri 2023-03-03 21:01:58 +0100, Salvatore Bonaccorso wrote:
> DSA 5368-1 is released with your update. Thank you!
>
> On a related note: I saw the 4.10-1 upload, but wouldn't it have been
> better to make first 4.9-2 move to bookworm? Can you get in touch with
> the release team so that the fix
Hi Daniel,
On Fri, Mar 03, 2023 at 09:31:26AM -0500, Daniel Kahn Gillmor wrote:
> On Thu 2023-03-02 17:34:10 -0500, Daniel Kahn Gillmor wrote:
> > yep, works for me, thanks. I'll do that later this evening or tomorrow
> > morning.
>
> This has been uploaded now, thanks for bearing with me.
DSA
On Thu 2023-03-02 17:34:10 -0500, Daniel Kahn Gillmor wrote:
> yep, works for me, thanks. I'll do that later this evening or tomorrow
> morning.
This has been uploaded now, thanks for bearing with me.
--dkg
signature.asc
Description: PGP signature
On Thu 2023-03-02 19:51:17 +0100, Salvatore Bonaccorso wrote:
> Hi,
>
> On Thu, Mar 02, 2023 at 08:54:04AM -0500, Daniel Kahn Gillmor wrote:
>> On Thu 2023-03-02 07:52:55 +0100, Salvatore Bonaccorso wrote:
>> >> I have rejected the current package so we can re-use the version later
>> >> one, when
Hi,
On Thu, Mar 02, 2023 at 08:54:04AM -0500, Daniel Kahn Gillmor wrote:
> On Thu 2023-03-02 07:52:55 +0100, Salvatore Bonaccorso wrote:
> >> I have rejected the current package so we can re-use the version later
> >> one, when this is fixed.
> >
> > Cofnirmed it was renamed in v4.4 upstream. I
On Thu 2023-03-02 07:52:55 +0100, Salvatore Bonaccorso wrote:
>> I have rejected the current package so we can re-use the version later
>> one, when this is fixed.
>
> Cofnirmed it was renamed in v4.4 upstream. I have put a comment on
> upstream issue about backports to older versions.
Gah sorry
On Wed 2023-03-01 20:35:22 +0100, Salvatore Bonaccorso wrote:
> Looks good to me, please do upload.
uploaded, tagged in git, and pushed to salsa.
please let me know if you see anything else that needs doing.
--dkg
signature.asc
Description: PGP signature
Hi Daniel,
On Thu, Mar 02, 2023 at 05:01:59AM +0100, Salvatore Bonaccorso wrote:
> Daniel,
>
> On Wed, Mar 01, 2023 at 08:35:22PM +0100, Salvatore Bonaccorso wrote:
> > Daniel,
> >
> > On Wed, Mar 01, 2023 at 01:18:11PM -0500, Daniel Kahn Gillmor wrote:
> > > On Wed 2023-03-01 12:52:58 +0100,
Daniel,
On Wed, Mar 01, 2023 at 08:35:22PM +0100, Salvatore Bonaccorso wrote:
> Daniel,
>
> On Wed, Mar 01, 2023 at 01:18:11PM -0500, Daniel Kahn Gillmor wrote:
> > On Wed 2023-03-01 12:52:58 +0100, Salvatore Bonaccorso wrote:
> > > Yes it does thank you. So even tough that's a bit a borderline
Daniel,
On Wed, Mar 01, 2023 at 01:18:11PM -0500, Daniel Kahn Gillmor wrote:
> On Wed 2023-03-01 12:52:58 +0100, Salvatore Bonaccorso wrote:
> > Yes it does thank you. So even tough that's a bit a borderline case
> > (mean with it as with the vpn service case, where you have
> > authennticated
On Wed 2023-03-01 12:52:58 +0100, Salvatore Bonaccorso wrote:
> Yes it does thank you. So even tough that's a bit a borderline case
> (mean with it as with the vpn service case, where you have
> authennticated users, but you might not entirely trust the entities)
> let's release a DSA for it. Can
Hi Daniel,
On Fri, Feb 24, 2023 at 01:35:46PM -0500, Daniel Kahn Gillmor wrote:
> On Thu 2023-02-23 15:03:21 +0100, Salvatore Bonaccorso wrote:
> > Can you confirm on the following point: Is my understanding from the
> > upstream issue discussion correct, that this requires an authenticated
> >
Yes, the denial of service can only be triggered after the user has been
authenticated.
On Thu 2023-02-23 15:03:21 +0100, Salvatore Bonaccorso wrote:
> Can you confirm on the following point: Is my understanding from the
> upstream issue discussion correct, that this requires an authenticated
> peer
I'm afraid i'm taking cagney's word for it there, i haven't followed the
C far
Hi Daniel,
[CC added for team@s.d.o]
On Wed, Feb 22, 2023 at 07:54:47PM -0500, Daniel Kahn Gillmor wrote:
> Package: libreswan 4.9-1
> Control: found -1 4.3-1+deb11u1
> Control: found -1 4.7-1
> Control: fixed -1 4.9-2
> Control: forwarded -1 https://github.com/libreswan/libreswan/issues/954
>
Package: libreswan 4.9-1
Control: found -1 4.3-1+deb11u1
Control: found -1 4.7-1
Control: fixed -1 4.9-2
Control: forwarded -1 https://github.com/libreswan/libreswan/issues/954
Control: tags -1 + security patch fixed-upstream
There is a remotely-triggerable crash in libreswan, known as
16 matches
Mail list logo