On Thu, Nov 14, 2019 at 05:19:03PM +, Holger Levsen wrote:
>
> And then it would be ideal to upload the package to unstable and then
> file a SRM bug to update the package in stretch, in addition to
> uploading to jessie. (Probably this should also result in a DLA, not
> 100% sure though.
On Fri, Nov 15, 2019 at 08:42:59PM +, Holger Levsen wrote:
> On Thu, Nov 14, 2019 at 01:51:46PM -0500, Roberto C. Sánchez wrote:
> > > I had not yet seen this message so I already submitted a MR. Should I
> > > close that and make a direct commit?
>
> I believe you did this now, but in any
On Fri, Nov 15, 2019 at 05:15:14PM +1100, Brian May wrote:
> In an attempt to complete this TODO item from the wiki:
> https://wiki.debian.org/LTS/TODO#automatically_strip_no-dsa_tags_by_gen-DLA
[...]
> Any comments or suggestions?
nice work & many thanks for searching for work also in the LTS
On Thu, Nov 14, 2019 at 01:51:46PM -0500, Roberto C. Sánchez wrote:
> > I had not yet seen this message so I already submitted a MR. Should I
> > close that and make a direct commit?
I believe you did this now, but in any case: yes, please.
> - Any feedback on this proposed DLA text?
a.) very
Package: postgresql-common
Version: 165+deb8u4
CVE ID : CVE-2019-3466
Rich Mirch discovered that the pg_ctlcluster script didn't drop
privileges when creating socket/statistics temporary directories, which
could result in local privilege escalation.
For the oldoldstable
مُرسل من هاتف Huawei الخاص بي
Package: postgresql-common
Version: 165+deb8u4
CVE ID : CVE-2019-3466
Rich Mirch discovered that the pg_ctlcluster script didn't drop
privileges when creating socket/statistics temporary directories, which
could result in local privilege escalation.
For the oldoldstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: mesa
Version: 10.3.2-1+deb8u2
CVE ID : CVE-2019-5068
Debian Bug : 944298
Tim Brown discovered a shared memory permissions vulnerability in the
Mesa 3D graphics library. Some Mesa X11 drivers use shared-memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 14 Nov 2019 17:49:36 +0100
Source: mesa
Binary: libgl1-mesa-swx11 libgl1-mesa-swx11-dbg libgl1-mesa-swx11-i686
libgl1-mesa-swx11-dev libxatracker2 libxatracker2-dbg libxatracker-dev libgbm1
libgbm1-dbg libgbm-dev
On Fri, Nov 15, 2019 at 02:56:31PM +0100, Emilio Pozuelo Monfort wrote:
> On 14/11/2019 19:51, Roberto C. Sánchez wrote:
>
> > - Any feedback on this proposed DLA text?
> >
> > Package: debian-security-support
> > Version: 2019.11.15~deb8u1
> >
> >
> > debian-security-support,
On 14/11/2019 19:51, Roberto C. Sánchez wrote:
> On Thu, Nov 14, 2019 at 01:31:27PM -0500, Roberto C. Sánchez wrote:
>> On Thu, Nov 14, 2019 at 05:19:03PM +, Holger Levsen wrote:
>>> On Wed, Nov 13, 2019 at 08:24:55AM -0500, Roberto C. Sánchez wrote:
> We usually mark affected CVE as in
Hi
I think the text looks good. Not exactly as previous updates but since it
is the only change I think it is better to change the default template in
the way you did it.
Best regards
// Ola
On Thu, 14 Nov 2019 at 19:52, Roberto C. Sánchez wrote:
> On Thu, Nov 14, 2019 at 01:31:27PM -0500,
12 matches
Mail list logo
