Hi,
As discussed with the SpamAssassin (SA) maintainer, we are following
upstream's advice of upgrading to the latest 3.4.2 release in jessie.
There's a stable update pending in stretch (#912198) which served as a
basis for this upload. I've kept to the strict minimal set of changes
but also
On Mon, 2018-10-29 at 15:56 +0100, Peter Dreuw wrote:
> Am 26.10.18 um 14:48 schrieb Ben Hutchings:
> > On Thu, 2018-10-25 at 11:32 +0200, Peter Dreuw wrote:
> > > Am 25.10.18 um 10:08 schrieb Peter Dreuw:
> > > may one point to make it clear, tho it might be obvious to most of you:
> > >
> > >
thanks for this thinking and testing and analysis, anarcat!
On Tue 2018-10-30 11:46:35 -0400, Antoine Beaupré wrote:
> The result will be that users will run an outdated version (if they
> don't notice the package's removed or the announcement)
the version of enigmail in debian jessie i believe
Package: gnutls28
Version: 3.3.30-0+deb8u1
CVE ID : CVE-2018-10844 CVE-2018-10845 CVE-2018-10846
A set of vulnerabilities was discovered in GnuTLS which allowed
attackers to do plain text recovery on TLS connections with certain
cipher types.
CVE-2018-10844
It was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 30 Oct 2018 10:26:33 -0400
Source: gnutls28
Binary: libgnutls28-dev libgnutls-deb0-28 libgnutls28-dbg gnutls-bin gnutls-doc
guile-gnutls libgnutlsxx28 libgnutls-openssl27
Architecture: source amd64 all
Version:
Hi,
In the last month, I have work with dkg (in CC) to see how to
(ultimately) deal with the end of life of Firefox and Thunderbird ESR as
we know them in jessie. He has been hard at work updating GnuPG in
stable (#910398) so that Enigmail works with that older version of GnuPG
without