Re: [SECURITY] [DLA 1865-1] sdl-image1.2 security update

2019-07-27 Thread Hugo Lefeuvre
> I don't think it's explicitly documented; I inferred it from these > rules: > > 1. Corrections should be sent to the same recipients as the original > incorrect information. > 2. All messages sent to debian-lts-announce about package updates > should be numbered DLAs. > 3. DLAs that are related

Re: [SECURITY] [DLA 1865-1] sdl-image1.2 security update

2019-07-27 Thread Ben Hutchings
On Sat, 2019-07-27 at 18:30 -0300, Hugo Lefeuvre wrote: > Hi Ben, > > > > > For Debian 8 "Jessie", these problems have been fixed in version > > > > 1.2.12-5+deb9u2. > > > > > > Typo: version number is 1.2.12-5+deb8u2, not 1.2.12-5+deb9u2. > > > > The proper way to make such a correction is to

Re: [SECURITY] [DLA 1865-1] sdl-image1.2 security update

2019-07-27 Thread Hugo Lefeuvre
Hi Ben, > > > For Debian 8 "Jessie", these problems have been fixed in version > > > 1.2.12-5+deb9u2. > > > > Typo: version number is 1.2.12-5+deb8u2, not 1.2.12-5+deb9u2. > > The proper way to make such a correction is to issue a -2 advisory with > the correct information and a note about what

Re: [SECURITY] [DLA 1865-1] sdl-image1.2 security update

2019-07-27 Thread Ben Hutchings
On Sat, 2019-07-27 at 16:04 -0300, Hugo Lefeuvre wrote: > On Sat, Jul 27, 2019 at 03:30:14PM -0300, Hugo Lefeuvre wrote: > > Package: sdl-image1.2 > > Version: 1.2.12-5+deb9u2 > > CVE ID : CVE-2018-3977 CVE-2019-5051 CVE-2019-5052 CVE-2019-7635 > >

Re: [SECURITY] [DLA 1865-1] sdl-image1.2 security update

2019-07-27 Thread Hugo Lefeuvre
On Sat, Jul 27, 2019 at 03:30:14PM -0300, Hugo Lefeuvre wrote: > Package: sdl-image1.2 > Version: 1.2.12-5+deb9u2 > CVE ID : CVE-2018-3977 CVE-2019-5051 CVE-2019-5052 CVE-2019-7635 > CVE-2019-12216 CVE-2019-12217 CVE-2019-12218 CVE-2019-12219 >

On tomcat FTBFS.

2019-07-27 Thread Abhijith PA
Hi, I don't think the link you gave on commit [fe932dd39d] is the reason for FTBFS. I tried building on a VM that matches the certificate date and it was successful. I also tried disabling all ssl related tests and was fine. While doing these all I found TestSendFile test is the culprit. In

Accepted sdl-image1.2 1.2.12-5+deb8u2 (source amd64) into oldoldstable

2019-07-27 Thread Hugo Lefeuvre
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 23 Jul 2019 11:25:46 -0300 Source: sdl-image1.2 Binary: libsdl-image1.2 libsdl-image1.2-dbg libsdl-image1.2-dev Architecture: source amd64 Version: 1.2.12-5+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian

Re: MariaDB uploaders: Please use Salsa and Salsa-CI

2019-07-27 Thread Sylvain Beucler
Hi, On 25/07/2019 22:03, Otto Kekäläinen wrote: > Hello Emilio and anybody else who might at some point upload MariaDB > to jessie-security or stretch-security! > > Please use as the starting point the latest version in the MariaDB > team Salsa repos > - mariadb-10.0 branch 'jessie' > -