Hi Daniel
I get these message - see below, is this something I need to pass on or
can I be removed from the list, means nothing to me I'm afraid.
Andrea
-Original Message-
From: Salvatore Bonaccorso [mailto:car...@debian.org]
Sent: 23 September 2014 17:18
To:
On Wed, Sep 24, 2014 at 4:25 PM, Andrea Whitney wrote:
I get these message - see below, is this something I need to pass on or
can I be removed from the list, means nothing to me I'm afraid.
I recommend you unsubscribe and have your sysadmin subscribe instead.
Each of you need to enter your
Hi,
The next point release for wheezy (7.7) is scheduled for Saturday,
October 18th. Stable NEW will be frozen during the preceding weekend.
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Hi, is there a bash upgrade for squeeze to address below cve?
https://www.debian.org/security/2014/dsa-3032
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
Hi,
On Wed, September 24, 2014 21:43, Darko Gavrilovic wrote:
Hi, is there a bash upgrade for squeeze to address below cve?
https://www.debian.org/security/2014/dsa-3032
Updates to squeeze-lts are announced on the debian-lts-announce list.
There you will find that this bug has indeed been
On Wed, Sep 24, 2014 at 03:43:42PM -0400, Darko Gavrilovic wrote:
Hi, is there a bash upgrade for squeeze to address below cve?
https://www.debian.org/security/2014/dsa-3032
There is already a squeeze lts security announcement but my
mirrors do not yet have the update.
So it should be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/24/2014 09:43 PM, Darko Gavrilovic wrote:
Hi, is there a bash upgrade for squeeze to address below cve?
https://www.debian.org/security/2014/dsa-3032
Squeeze is not supported anymore, tho there are still updates
available for squeeze-lts
Yes, this is the perfect thing for our website
Love you
Me
Sent from my iPhone
On Sep 24, 2014, at 8:30 PM, Yves-Alexis Perez cor...@debian.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian
Daniel Kahn Gillmor wrote:
Thanks for the discussion, Hans.
On 09/19/2014 02:47 PM, Hans-Christoph Steiner wrote:
Packages should not be accepted into any official repo, sid included, without
some verification builds. A .deb should remain unchanged once it is accepted
into any official
On 2014-09-24 23:05, Hans-Christoph Steiner wrote:
* the signature files sign the package contents, not the hash of
whole .deb file (i.e. control.tar.gz and data.tar.gz).
So preinst and friends would not be signed? Sounds dangerous to me.
--
To UNSUBSCRIBE, email to
W. Martin Borgert wrote:
On 2014-09-24 23:05, Hans-Christoph Steiner wrote:
* the signature files sign the package contents, not the hash of
whole .deb file (i.e. control.tar.gz and data.tar.gz).
So preinst and friends would not be signed? Sounds dangerous to me.
All package contents
CVE-2014-0170: RESERVED
--
The output might be a bit terse, but the above ids are known elsewhere,
check the references in the tracker. The second part indicates the status
of that id in the tracker at the moment the script was run.
--
To UNSUBSCRIBE, email to
Hi,
On Dienstag, 23. September 2014, Michael Gilbert wrote:
There is a page that lists candidates for DTSA (Debian Testing
Security Announcements), which aren't actually done anymore
I can remove it, if it's really not used at all anymore.
, but
something like that would be very useful for
Hi all,
On Wed, Sep 24, 2014 at 02:37:00PM +0200, Holger Levsen wrote:
[...]
Then the separate text files could go away, and we can just use
no-dsa in the CVE list to keep those pages up to date.
you mean those dsa-needed.txt and dla-needed.txt files?
We could. But right now we also use
Processing commands for cont...@bugs.debian.org:
user www.debian@packages.debian.org
Setting user to www.debian@packages.debian.org (was taf...@debian.org).
forcemerge 762254 751403
Bug #762254 [www.debian.org] explain LTS on the www.d.o website
Bug #751403 [www.debian.org]
15 matches
Mail list logo