[SECURITY] [DLA 264-1] libmodule-signature-perl security update

Package: libmodule-signature-perl Version: 0.63-1+squeeze2 CVE ID : CVE-2015-3406 CVE-2015-3407 CVE-2015-3408 CVE-2015-3409 Debian Bug : 783451 John Lightsey discovered multiple vulnerabilities in Module::Signature, a Perl module to manipulate CPAN SIGNATURE files. The

Accepted libmodule-signature-perl 0.63-1+squeeze2 (source all) into squeeze-lts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 01 Jul 2015 12:20:06 +0200 Source: libmodule-signature-perl Binary: libmodule-signature-perl Architecture: source all Version: 0.63-1+squeeze2 Distribution: squeeze-lts Urgency: medium Maintainer: Debian Perl Group

[SECURITY] [DLA 263-1] ruby1.9.1 security update

Package: ruby1.9.1 Version: 1.9.2.0-2+deb6u5 CVE ID : CVE-2012-5371 CVE-2013-0269 Debian Bug : 693024 700471 Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1. CVE-2012-5371 Jean-Philippe Aumasson identified that Ruby computed

Re: squeeze-pu: package ftpd-ssl/0.17.32+0.3-1+deb6u1

Hi Mats, On Tue, 30 Jun 2015, Mats Erik Andersson wrote: The corresponding debdiff is attached. Please inform me how approach this matter. from my point of view it would be great to have this patch in oldoldstable as well. Some special infos about uploading can be found in [1]. In regard to

Re: squeeze-pu: package ftpd-ssl/0.17.32+0.3-1+deb6u1

Wednesday den 1 July 2015 klockan 21:26 skrev Thorsten Alteholz detta: Hi Mats, from my point of view it would be great to have this patch in oldoldstable as well. I did not understand that oldoldstable and squeeze-lts are two separate distributions. Some special infos about uploading can

Re: [PATCH] lts-cve-triage: allow to skip packages already in dla-needed.txt

On Mon, Jun 29, 2015 at 10:53:41PM +0200, Raphael Hertzog wrote: Hi, On Fri, 26 Jun 2015, Guido Günther wrote: With lots of packages in dla-needed.txt it's easier to focus on CVEs of packages that are not being worked on at all. Looks fine to me. for pkg in

Re: squeeze-pu: package ftpd-ssl/0.17.32+0.3-1+deb6u1

On Wed, 2015-07-01 at 23:35 +0200, Mats Erik Andersson wrote: Wednesday den 1 July 2015 klockan 21:26 skrev Thorsten Alteholz detta: Hi Mats, from my point of view it would be great to have this patch in oldoldstable as well. I did not understand that oldoldstable and squeeze-lts are

Re: debdiff for CVE-2015-3206 (pykerberos)

On Tue, Jun 30, 2015 at 09:14:14PM +, Mike Gabriel wrote: Hi Guido, I just saw that you are co-maintainer of pykerberos. I realized after I had already put my name behind the package name in dla-needed.txt. As you are also on the LTS team, do you want to continue with uploading the