Re: Coordinating uploads with identical tarballs

Hi, On Mon, Aug 01, 2016 at 09:35:34PM +0200, Emilio Pozuelo Monfort wrote: > On 01/08/16 21:29, Moritz Mühlenhoff wrote: > > Hi, > > when making uploads with an identical tarball in lts and stable-security > > you really need to coordinate with t...@security.debian.org! Due to dak's > > crappy

Re: Bug#832908: mongodb: CVE-2016-6494: world-readable .dbshell history file: LTS update and upgrade handling

Hi again I just realize that we need to change back the umask after the file is created. I'll update the patch tomorrow and send one that I know works. // Ola On Tue, Aug 2, 2016 at 12:13 AM, Ola Lundqvist wrote: > Hi all > > I have prepared a preliminary patch for wheezy. I

Re: Bug#832908: mongodb: CVE-2016-6494: world-readable .dbshell history file: LTS update and upgrade handling

Hi all I have prepared a preliminary patch for wheezy. I have not yet been able to test it fully (it is building right now). It looks like attached. You may need to modify it for later versions. Please comment. The principles should be ok even if I may have made some stupid copy+paste mistake.

Re: Redis not uploaded and timely security announcements

> Ahh, I wasn't going mad after all: > > 14:30 < carnil> lamby ftr, due to some dak problems your redis upload > is stuck in unchecked, ansgar will look into it tonight > > 14:31 < carnil> so please be pantient, should be processed as soon > the dak problem is solved on

Accepted redis 2:2.4.14-1+deb7u1 (source amd64) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 01 Aug 2016 11:32:06 -0400 Source: redis Binary: redis-server Architecture: source amd64 Version: 2:2.4.14-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Chris Lamb Changed-By: Chris Lamb

Re: Icedtea plugin

On 01.08.2016 23:01, Emilio Pozuelo Monfort wrote: > On 31/07/16 19:41, Roberto C. Sánchez wrote: >> On Sun, Jul 31, 2016 at 07:34:28PM +0200, Emilio Pozuelo Monfort wrote: >>> Hi, >>> >>> Currently, icedtea-plugin depends on icedtea-6-plugin, i.e. Java6. Given >>> openjdk-6 is unsupported, we

Re: Redis not uploaded and timely security announcements

Chris Lamb wrote: > > DLA-577-1 has been issued two days ago but redis hasn't been uploaded > > yet. Chris could you investigate please? > > Very odd; I distinctly remember uploading this as my machine was > aggressively firewalled (internet cafe!) so I had to route it through > another host.

Re: Icedtea plugin

On 31/07/16 19:41, Roberto C. Sánchez wrote: > On Sun, Jul 31, 2016 at 07:34:28PM +0200, Emilio Pozuelo Monfort wrote: >> Hi, >> >> Currently, icedtea-plugin depends on icedtea-6-plugin, i.e. Java6. Given >> openjdk-6 is unsupported, we should change it to depend on icedtea-7-plugin >> instead.

Re: Coordinating uploads with identical tarballs

On 01/08/16 21:29, Moritz Mühlenhoff wrote: > Hi, > when making uploads with an identical tarball in lts and stable-security > you really need to coordinate with t...@security.debian.org! Due to dak's > crappy orig tarball handling only of the uploads can be made with the > tarball included and if

Coordinating uploads with identical tarballs

Hi, when making uploads with an identical tarball in lts and stable-security you really need to coordinate with t...@security.debian.org! Due to dak's crappy orig tarball handling only of the uploads can be made with the tarball included and if you race to the upload without coordination you're

Wheezy and jessie updates of lighttpd

Hi, El 29/07/16 a las 09:54, Krzysztof Krzyżaniak escribió: > > > W dniu czw 28 lip, 2016 o 22∶36 użytkownik Thorsten Alteholz > napisał: > > Hello dear maintainer(s), the Debian LTS team would like to fix the > security issues which are currently open in the

Re: Wheezy update of python-django?

Brian May writes: > In any case I am looking at doing this now, will start off without > git. If there is any demand I can move things across (including prior > revisions) to git later. Attached is my current patch. It only includes changes to debian/*. Still needs more work.

[SECURITY] [REGRESSION] [DLA -] graphite2 regression update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: graphite2 Version: 1.3.6-1~deb7u2 The previous upload of graphite2 (on 2016-04-26) included a .shlib file which did not match the shipped shared libraries preventing packages build-depending on graphite2 libraries to build.

Re: Wheezy update of python-django?

Lucas Kanashiro writes: > My bad, I checked out the repo and I saw that the mentioned branch is > debian/wheezy :) Not sure if this means you were looking at this or not... Also note that the debian/wheezy branch in git is not up-to-date. In any case I am looking at

Re: Redis not uploaded and timely security announcements

Hi Markus, 2016-08-01 10:35 GMT+02:00 Markus Koschany : > Hi all, > > DLA-577-1 has been issued two days ago but redis hasn't been uploaded > yet. Chris could you investigate please? > > I also noticed that sometimes the delay between the upload and actual > security announcement