Re: Wheezy update of samba?

2016-12-19 22:21 GMT+01:00 Ola Lundqvist : > Hello dear maintainer(s), Hello, > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of samba: > https://security-tracker.debian.org/tracker/CVE-2016-2125 > > Would you like to

Re: Wheezy update of samba?

We will. Thank you for this information. Sent from a phone Den 29 dec 2016 10:29 skrev "Mathieu Parent" : > 2016-12-19 22:21 GMT+01:00 Ola Lundqvist : > > Hello dear maintainer(s), > > Hello, > > > the Debian LTS team would like to fix the security issues

Re: Call for advice regarding curl CVE-2016-9586

Hi, 2016-12-28 11:59 GMT+01:00 Ola Lundqvist : > Thank you. > > It was added to dla-needed.txt one or two days ago. I'm in the process of uploading the fixed packaga. For the record curl_mprintf() is formatting floating point values in a buggy way in Wheezy's version and I have

Re: Wheezy update of maradns?

Hi > 2016-11-22 12:05 GMT+01:00 Dariusz Dwornikowski : > > I surely would like help with these CVSs. > > For the record the CVEs got rejected thus the LTS Team won't work on them. > > Yes. I saw that discussion. I will package the release of mara soon. > > > > On 21 November

Re: Wheezy update of maradns?

Hi Dariusz, 2016-11-22 12:05 GMT+01:00 Dariusz Dwornikowski : > I surely would like help with these CVSs. For the record the CVEs got rejected thus the LTS Team won't work on them. Cheers, Balint > > On 21 November 2016 at 23:18, Ola Lundqvist wrote: >> >>

Re: Wheezy update of maradns?

Hi Ola, 2016-12-29 18:43 GMT+01:00 Ola Lundqvist : > Hi > > Do this mean that we should not make a new wheezy release due to this? I > guess so. Yes, IMO. I have already removed maradns from DLA queue. Cheers, Balint > > / Ola > > Sent from a phone > > Den 29 dec 2016

Re: Wheezy update of maradns?

Hi Do this mean that we should not make a new wheezy release due to this? I guess so. / Ola Sent from a phone Den 29 dec 2016 18:36 skrev "Dariusz Dwornikowski" : > Hi > > >> 2016-11-22 12:05 GMT+01:00 Dariusz Dwornikowski : >> > I surely would like help

Re: Wheezy update of hplip for CVE-2015-0839

Hi Didier Some comments on the debdiff. The release name for wheezy is wheezy-security, not stable-security (nor oldstable-security). Apart from that I think the change looks fine to me. Will you send out the DLA regarding this or do you want me to do that? Please have a look here to see the

Re: Wheezy update of imagemagick?

Hi Emilio Just wanted you to know that I removed imagemagick from dla-needed.txt now. You are welcome to double-check that these issues were really fixed. Best regards // Ola On 29 December 2016 at 22:41, Ola Lundqvist wrote: > Hi > > Thank you. I have updated the security

Re: Wheezy update of imagemagick?

Hi Thank you. I have updated the security tracker with this information. // Ola On 28 December 2016 at 23:08, Roberto C. Sánchez wrote: > Hi Ola, > > The issues CVE-2016-8677 and CVE-2016-9559 were fixed by Antione when he > uploaded that latest imagemagick update to LTS.

Re: Wheezy update of apache2?

Hi Stefan I think it is a wise move to wait with the update until it has got some more testing. I'm not very surprised that it is invasive. This is also the reason I sent a little note that extra care should be taken on this new configuration option. I should have mentioned that it could be an

Re: Wheezy update of imagemagick?

Hi again Emilio Sorry for the spam. A new CVE just arrived. I'll add back imagemagick for you to check CVE-2016-10062 instead. Best regards // Ola On 29 December 2016 at 22:43, Ola Lundqvist wrote: > Hi Emilio > > Just wanted you to know that I removed imagemagick from

Wheezy update of libphp-swiftmailer?

Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of libphp-swiftmailer: https://security-tracker.debian.org/tracker/CVE-2016-10074 Would you like to take care of this yourself? If yes, please follow the workflow