[ CC'ing team@security so that they know nothing supported is affected by
it. ]
Hi,
apparently Apache knew it since October 2015, tested with "current" LibreOffices
but they said they didn't test with old, so didn't inform LO *at all* until
this came up last Thursday again confirming that old
unsubscribe
This email and any accompanying attachments are confidential. If you received
this email by mistake, please delete
it from your system. Any review, disclosure, copying, distribution, or use of
the email by others is strictly prohibited.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 03 Aug 2016 01:47:54 +0200
Source: libsys-syslog-perl
Binary: libsys-syslog-perl
Architecture: source amd64
Version: 0.29-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Perl Group
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 03 Aug 2016 22:59:23 +0200
Source: collectd
Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev
libcollectdclient-dev libcollectdclient0
Architecture: source i386 all
Version: 5.1.0-3+deb7u2
Distribution:
Am 03.08.2016 um 18:47 schrieb Markus Koschany:
> On 03.08.2016 18:18, Jonas Meurer wrote:
> [...]
>> Please find changes file and debdiff for libsys-syslog-perl
>> 0.29-1+deb7u1 attached to this mail. This is going to be my first upload
>> on behalf of the LTS team, so a quick review by more
This month I was allocated 14.70 hours to work on Debian-LTS. I spent 13h doing
the following:
- Pushed the update for cacti. Investigated regression, waiting for upstream to
comment.
- Prepared and uploaded update for tardiff
- Investigated gdk-pixbuf vulnerability: wheezy not affected (jessie
> The patch looks good to me
Same here.
Regards,
--
Chris Lamb
chris-lamb.co.uk / @lolamby
Dear LTS team,
Am 03.08.2016 um 01:15 schrieb Jonas Meurer:
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of libsys-syslog-perl:
> https://security-tracker.debian.org/tracker/CVE-2016-1238
> [...]
>
> PPS: Dominic Hargreaves of the
Hi again,
On Fri, Jul 29, 2016 at 09:43:39AM -0300, Lucas Kanashiro wrote:
> On 07/28/2016 05:55 PM, Lucas Kanashiro wrote:
> > On 07/28/2016 05:02 PM, Sebastian Harl wrote:
> >> Thanks. I updated dla-needed.
> >>
> >> The fixed packages are ready for upload now. Please find the full
> >> debdiff
On Mon, 01 Aug 2016, Brian May wrote:
> In any case I am looking at doing this now, will start off without
> git. If there is any demand I can move things across (including prior
> revisions) to git later.
Yes, please.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS:
Hello,
I have a version of python-django 1.4.22 for wheezy-security available
for testing at:
https://people.debian.org/~bam/debian/pool/main/p/python-django/
Patch is basically the same as before, except I now include
CVE-2016-2513.diff and removed all the unused patches.
Regards
--
Brian
On 02.08.2016 19:16, Chris Lamb wrote:
> Chris Lamb wrote:
>
>>> DLA-577-1 has been issued two days ago but redis hasn't been uploaded
>>> yet.
> [..]
>> Could these checks be automated instead of relying on a diligent
>> front-desk..?)
>
> I've pushed such a script as
Package: lighttpd
Version: 1.4.31-4+deb7u5
CVE ID : CVE-2016-1000212
Debian Bug : 832571
Dominic Scheirlinck and Scott Geary of Vend reported an insecure
behaviour in the lighttpd web server. Lighttpd assigned Proxy header
values from client requests to internal
13 matches
Mail list logo
