Re: Summary of the LTS BoF held during DebConf

2016-01-28 Thread Moritz Muehlenhoff
On Thu, Jan 28, 2016 at 05:24:13AM +0100, Thijs Kinkhorst wrote: > On Tue, January 19, 2016 17:56, Santiago Ruano Rincón wrote: > > Moreover, squeeze lts has been advertised to end next February, the 6th > > to be precise. At the same time, the security team would support wheezy > > until April

Re: squeeze update of prosody?

2016-01-28 Thread Sergei Golovan
Hi Guido, On Thu, Jan 28, 2016 at 11:04 PM, Guido Günther wrote: > Hello dear maintainer, > > the Debian LTS team would like to fix the security issues which are > currently open in the Squeeze version of prosody: > https://security-tracker.debian.org/tracker/CVE-2016-0756 > >

Re: Summary of the LTS BoF held during DebConf

2016-01-28 Thread Markus Koschany
Am 28.01.2016 um 20:05 schrieb Moritz Mühlenhoff: > On Thu, Jan 28, 2016 at 08:02:47PM +0100, Markus Koschany wrote: >> In my opinion OpenJDK 7 should be an adequate replacement for OpenJDK 6 >> and I can't think of any serious regressions since all Java packages >> have proven to work with both

Re: Looking for issues affecting wheezy but fixed in squeeze

2016-01-28 Thread Antoine Beaupré
On 2016-01-23 08:22:22, Guido Günther wrote: > Hi, > > now that Wheezy LTS is approaching I wondered what would be the best > places to help out fixing issues in Wheezy so that upgrading from > Squeeze to Wheezy would not introduce new security issues. > > Therefore I added

Re: squeeze update of chrony?

2016-01-28 Thread Vincent Blut
On Thu, Jan 28, 2016 at 09:23:01PM +0100, Guido Günther wrote: Hello dear maintainers, Hello Guido, the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of chrony: https://security-tracker.debian.org/tracker/CVE-2016-1567 Would you like

Re: imagemagick

2016-01-28 Thread Raphael Hertzog
On Wed, 27 Jan 2016, Thorsten Alteholz wrote: > On Tue, 26 Jan 2016, Brian May wrote: > >Just wondered why imagemagick was marked in data/dla-needed.txt? > > at least someone found these issues so remarkable that an entry in our CVE > list exists. This is not a proper answer. Not all CVE get

Re: Wheezy time

2016-01-28 Thread Antoine Beaupré
I am also a little confused by this now: when does squeeze support officially starts, and when do we start hammering at wheezy-lts? a. -- We are discreet sheep; we wait to see how the drove is going, and then go with the drove. - Mark Twain

Re: Looking for issues affecting wheezy but fixed in squeeze

2016-01-28 Thread Moritz Mühlenhoff
On Sat, Jan 23, 2016 at 02:22:22PM +0100, Guido Günther wrote: > Hi, > > now that Wheezy LTS is approaching I wondered what would be the best > places to help out fixing issues in Wheezy so that upgrading from > Squeeze to Wheezy would not introduce new security issues. > > Therefore I added