Package: libmodule-signature-perl
Version: 0.63-1+squeeze2
CVE ID : CVE-2015-3406 CVE-2015-3407 CVE-2015-3408 CVE-2015-3409
Debian Bug : 783451
John Lightsey discovered multiple vulnerabilities in Module::Signature,
a Perl module to manipulate CPAN SIGNATURE files. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 01 Jul 2015 12:20:06 +0200
Source: libmodule-signature-perl
Binary: libmodule-signature-perl
Architecture: source all
Version: 0.63-1+squeeze2
Distribution: squeeze-lts
Urgency: medium
Maintainer: Debian Perl Group
Package: ruby1.9.1
Version: 1.9.2.0-2+deb6u5
CVE ID : CVE-2012-5371 CVE-2013-0269
Debian Bug : 693024 700471
Two vulnerabilities were identified in the Ruby language interpreter,
version 1.9.1.
CVE-2012-5371
Jean-Philippe Aumasson identified that Ruby computed
Hi Mats,
On Tue, 30 Jun 2015, Mats Erik Andersson wrote:
The corresponding debdiff is attached. Please inform
me how approach this matter.
from my point of view it would be great to have this patch in oldoldstable
as well. Some special infos about uploading can be found in [1]. In regard
to
Wednesday den 1 July 2015 klockan 21:26 skrev Thorsten Alteholz detta:
Hi Mats,
from my point of view it would be great to have this patch
in oldoldstable as well.
I did not understand that oldoldstable and squeeze-lts are
two separate distributions.
Some special infos about uploading can
On Mon, Jun 29, 2015 at 10:53:41PM +0200, Raphael Hertzog wrote:
Hi,
On Fri, 26 Jun 2015, Guido Günther wrote:
With lots of packages in dla-needed.txt it's easier to focus on CVEs of
packages that are not being worked on at all.
Looks fine to me.
for pkg in
On Wed, 2015-07-01 at 23:35 +0200, Mats Erik Andersson wrote:
Wednesday den 1 July 2015 klockan 21:26 skrev Thorsten Alteholz detta:
Hi Mats,
from my point of view it would be great to have this patch
in oldoldstable as well.
I did not understand that oldoldstable and squeeze-lts are
On Tue, Jun 30, 2015 at 09:14:14PM +, Mike Gabriel wrote:
Hi Guido,
I just saw that you are co-maintainer of pykerberos. I realized after I had
already put my name behind the package name in dla-needed.txt.
As you are also on the LTS team, do you want to continue with uploading the