Hi Moritz
On Wed, 19 May 2021 at 22:52, Moritz Muehlenhoff wrote:
> On Wed, May 19, 2021 at 08:59:16PM +0200, Ola Lundqvist wrote:
> > In any case, thank you for your help. Now I know that there are no such
> > plans and you would not object to the LTS team doing an update on
> > stable/buster.
Hi,
(why) isn't Ben handling the firmware-nonfree LTS updates like he does for
src:linux? He's also among the maintainers of both packages in the first place
:)
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP:
On Wed, May 19, 2021 at 08:59:16PM +0200, Ola Lundqvist wrote:
> In any case, thank you for your help. Now I know that there are no such
> plans and you would not object to the LTS team doing an update on
> stable/buster. This was exactly what I wanted to know.
*sigh*, ofc you should _not_ look
On Wed, May 19, 2021 at 08:59:16PM +0200, Ola Lundqvist wrote:
> To my knowledge there is no information in the security tracker whether
> there are plans to update the package or not and whether you would object
> to an upload. Just because it is marked as no-dsa does not mean that the
> package
Hi Lynoure, all
Lynoure, thank you for your help. I have got the answers I need. Much
appreciated!
Moritz, Lyonoure, for the future, is there any way I could have improved
the questions in my initial email? I have re-read the CVEs quite a bit now
and I do not see how I could have formulated
On 19/05/2021 09:38, Moritz Muehlenhoff wrote:
Ola Lundqvist wrote:
I only briefly looked at the CVEs.
If you haven't even looked the issues properly don't waste other people's time.
Seems things got a bit prickly here, so I'm seeing if I can do some
coordinating to make things a bit
Ola Lundqvist wrote:
> I only briefly looked at the CVEs.
If you haven't even looked the issues properly don't waste other people's time.
Hi Moritz
I only briefly looked at the CVEs. I relied on that front-desk had
considered that the package needs to be fixed.
This means that we need to fix both the kernel and the firmware-nonfree
packages to fix the problems.
The question remains however, do you think these are important enough
On Mon, May 17, 2021 at 11:54:05AM +0200, Ola Lundqvist wrote:
> Hi firmware-nonfree maintainers
>
> I have a question from an LTS perspective about the possible security
> updates we have for the firmware-nonfree package.
>
> You can find them here:
>
Hi firmware-nonfree maintainers
I have a question from an LTS perspective about the possible security
updates we have for the firmware-nonfree package.
You can find them here:
https://security-tracker.debian.org/tracker/source-package/firmware-nonfree
I can see that all the related CVEs are
Hello,
On Mon, May 17, 2021 at 1:00 PM Ola Lundqvist wrote:
> firmware-nonfree
> NOTE: 20201207: wait for the update in buster and backport that (Emilio)
>
> The problem here is that will likely not happen due to the following note in
> the security tracker on all the connected CVEs:
>
Hi fellow LTS contributors
I noticed that firmware-nonfree has the following note in the
dla-needed.txt file.
firmware-nonfree
NOTE: 20201207: wait for the update in buster and backport that (Emilio)
The problem here is that will likely not happen due to the following note
in the security
On Mon, 2019-03-25 at 17:20 +, Ben Hutchings wrote:
> On Tue, 2019-03-05 at 22:00 +, Ben Hutchings wrote:
> > On Fri, 2019-03-01 at 14:05 +0100, Emilio Pozuelo Monfort wrote:
> [...]
> > > (It
> > > may be unlikely for old suites to have users with new hardware, however
> > > it's
> > >
On Tue, 2019-03-26 at 17:51 +0100, Emilio Pozuelo Monfort wrote:
> On 25/03/2019 18:20, Ben Hutchings wrote:
> > On Tue, 2019-03-05 at 22:00 +, Ben Hutchings wrote:
> > > On Fri, 2019-03-01 at 14:05 +0100, Emilio Pozuelo Monfort wrote:
> > [...]
> > > > (It
> > > > may be unlikely for old
On 25/03/2019 18:20, Ben Hutchings wrote:
> On Tue, 2019-03-05 at 22:00 +, Ben Hutchings wrote:
>> On Fri, 2019-03-01 at 14:05 +0100, Emilio Pozuelo Monfort wrote:
> [...]
>>> (It
>>> may be unlikely for old suites to have users with new hardware, however it's
>>> possible and users that don't
On Tue, 2019-03-05 at 22:00 +, Ben Hutchings wrote:
> On Fri, 2019-03-01 at 14:05 +0100, Emilio Pozuelo Monfort wrote:
[...]
> > (It
> > may be unlikely for old suites to have users with new hardware, however it's
> > possible and users that don't have it will be unaffected by the new
> >
Hi Ben, thanks for the review.
On 05/03/2019 23:00, Ben Hutchings wrote:
> On Fri, 2019-03-01 at 14:05 +0100, Emilio Pozuelo Monfort wrote:
>> Hi Ben,
>>
>> I have prepared an update for CVE-2018-5383/firmware-nonfree by backporting
>> the
>> fixed firmware from the upstream repo that I could
On Fri, 2019-03-01 at 14:05 +0100, Emilio Pozuelo Monfort wrote:
> Hi Ben,
>
> I have prepared an update for CVE-2018-5383/firmware-nonfree by backporting
> the
> fixed firmware from the upstream repo that I could find. See my two commits
> in:
>
>
Hi Ben,
I have prepared an update for CVE-2018-5383/firmware-nonfree by backporting the
fixed firmware from the upstream repo that I could find. See my two commits in:
https://salsa.debian.org/pochu/firmware-nonfree/commits/jessie-security
I built the packages and compared one of the
19 matches
Mail list logo
