On 2016-03-21 Matthew Vernon wrote:
> On 16/03/16 16:41, Andreas Metzler wrote:
>> So, this is documented behavior, pulling an enhancement for the issue
>> from upstream.
> It's also not what is done in the version in testing - 4.86.2-2 is happy
> with add_environment (and no
On 16/03/16 16:41, Andreas Metzler wrote:
> So, this is documented behavior, pulling an enhancement for the issue
> from upstream.
It's also not what is done in the version in testing - 4.86.2-2 is happy
with add_environment (and no keep_environment set), which is consistent
with the upstream
On 2016-03-16 Ben Hutchings wrote:
> On Wed, 2016-03-16 at 19:39 +0100, Andreas Metzler wrote:
[...]
>> * Otoh if you are running a custom configuration you will get
>> the warning exactly as upstream has intended and you will need to
>> decide whether you need to modify
On 2016-03-16 Ben Hutchings wrote:
> Control: severity -1 serious
> Control: tag -1 moreinfo
> Upgrading severity. I consider this release-critical because a package
> should never:
> 1. Send spurious error messages from its cron job
> 2. Recommend changing the
On Wed, Mar 16, 2016 at 09:55:21AM +, Matthew Vernon wrote:
> This is clearly not the correct behaviour, and I'm getting a lot of
> cron mail :-(
>
> [FTAOD, this is not the same as #817244 - that was a testing system,
> and setting add_environment there had the desired result]
In my case
Control: severity -1 important
Control: retitle -1 NEWS doesn't clearly explain config changes needed for
CVE-2016-1531
On Wed, 2016-03-16 at 19:39 +0100, Andreas Metzler wrote:
> On 2016-03-16 Ben Hutchings wrote:
> >
> > Control: severity -1 serious
> > Control: tag -1
Control: severity -1 serious
Control: tag -1 moreinfo
Upgrading severity. I consider this release-critical because a package
should never:
1. Send spurious error messages from its cron job
2. Recommend changing the configuration in a way that would undo a
security fix
Ben.
--
Ben Hutchings
On Wed, 2016-03-16 at 17:41 +0100, Andreas Metzler wrote:
[...]
> exim4 (4.84.2-1)'s says this in
>
> a) debian/changelog
> * Add macros MAIN_KEEP_ENVIRONMENT and MAIN_ADD_ENVIRONMENT to set the new
> options. Set "keep_environment =" by default to avoid a runtime warning.
> Bump
On 2016-03-16 Matthew Vernon wrote:
> Package: exim4-base
> Version: 4.84.2-1
> Severity: important
> Hi,
> I upgraded my jessie systems to 4.84.2-1 and added an add_environment
> setting thus:
> add_environment = <; PATH=/bin:/usr/bin
> The upstream advisory says:
> "If both
Package: exim4-base
Version: 4.84.2-1
Severity: important
Hi,
I upgraded my jessie systems to 4.84.2-1 and added an add_environment
setting thus:
add_environment = <; PATH=/bin:/usr/bin
The upstream advisory says:
"If both options are not used in the configuration, Exim issues a
warning on
10 matches
Mail list logo