mercurial update ready for testing

2018-03-27 Thread Antoine Beaupré
Hi, I have uploaded a test version of the Mercurial package in the usual location: https://people.debian.org/~anarcat/debian/wheezy-lts/ The main reason for the update is to fix this: https://security-tracker.debian.org/tracker/CVE-2018-1000132 But there's also a fix to a regression

Accepted firefox-esr 52.7.3esr-1~deb7u1 (source amd64 all) into oldoldstable

2018-03-27 Thread Emilio Pozuelo Monfort
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 27 Mar 2018 17:52:49 +0200 Source: firefox-esr Binary: firefox-esr iceweasel firefox-esr-dbg iceweasel-dbg firefox-esr-dev iceweasel-dev firefox-esr-l10n-all iceweasel-l10n-all firefox-esr-l10n-ach iceweasel-l10n-ach

[SECURITY] [DLA 1320-1] samba security update

2018-03-27 Thread Holger Levsen
Package: samba Version: 3.6.6-6+deb7u16 CVE ID : CVE-2018-1050 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-1050 It

Re: "highly critical" DRUPAL-PSA-2018-001

2018-03-27 Thread Markus Koschany
Am 27.03.2018 um 21:12 schrieb Adrian Zaugg: > > Dear LTS Team > > The Drupal Security Team announced a patch for Drupal 7 and 8 for March, > 28th. The security hole is classified as "highly critical" [1]. They > state that "because exploits might be developed within hours or days" > one should

Accepted samba 2:3.6.6-6+deb7u16 (source amd64 all) into oldoldstable

2018-03-27 Thread Holger Levsen
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 27 Mar 2018 20:40:41 + Source: samba Binary: samba samba-common-bin samba-common samba-tools smbclient swat samba-doc samba-doc-pdf libpam-smbpass libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind

[SECURITY] [DLA 1321-1] firefox-esr security update

2018-03-27 Thread Emilio Pozuelo Monfort
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: firefox-esr Version: 52.7.3esr-1~deb7u1 CVE ID : CVE-2018-5148 Jesse Schwartzentruber discovered a use-after-free vulnerability in Firefox, which could be exploited to trigger an application crash or arbitrary code

"highly critical" DRUPAL-PSA-2018-001

2018-03-27 Thread Adrian Zaugg
Dear LTS Team The Drupal Security Team announced a patch for Drupal 7 and 8 for March, 28th. The security hole is classified as "highly critical" [1]. They state that "because exploits might be developed within hours or days" one should update on March 28th 2018 between 18:00 - 19:30 UTC. I

Re: March Report

2018-03-27 Thread Brian May
Brian May writes: > In March I had 10 hours allocated, and I used all 10 hours on the > following tasks: In March I was given another 5.75 hours in addition to the 10 hours in my previous report, and I used 5.75001 hours on: * Following up on various bits from previous