Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet
Hi Raphael, On Di 29 Sep 2015 13:55:06 CEST, Raphael Hertzog wrote: On Tue, 29 Sep 2015, Mike Gabriel wrote: Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (i.e., when triaging the latest security issue in that package)? Yes, the fix is so easy that sending the above mail would take more time than fixing the package and the package is part of the Perl team which is rather happy when we do the work and push our update in their git repository (I believe all DD have write access to their git repositories). ok. Thanks for the answer. Will continue with fixing libemail-address-perl, then. Best, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpmJJQxRI81T.pgp Description: Digitale PGP-Signatur
Re: flightgear upload for squeeze
Hi, On Tue, 29 Sep 2015, Chris Lamb wrote: > Here's my proposed debdiff for the flightgear update in squeeze: > > https://gist.githubusercontent.com/lamby/0021615a8e1d4b7b260e/raw/4b38276c3a982f98208d6752ed492b0050ae5a5d/%253Cstdin%253E We prefer attached debdiff so that we can review just by replying. I can't really comment on the fix and I assume that it has been tested in some way (at least to ensure that the game still works). +flightgear (1.9.1-1.1+deb6u11) squeeze-lts; urgency=high + + * Fix "TEMP-0780712-D0DD02: permissive file access allowed from nasal" +by backporting fix and additional routines from jessie. + + -- Chris LambMon, 28 Sep 2015 21:24:41 +0200 The TEMP-* identifiers are not meant to be referenced as they are supposed to be temporary... in this case, the "-0780712-" means that there's a Debian bug to track this: #780712 and you should just reference that bug. For packages without a proper patch system, we usually don't add a patch system but we might still keep a copy of the patch added in debian/patches/ for historical purpose. Apart from those details, the update looks good. Feel free to upload the fixed package, draft a DLA, wait the ACCEPTED mail, send the DLA (with a GPG signed mail to debian-lts-announce). Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Accepted vorbis-tools 1.4.0-1+deb6u1 (source amd64) into squeeze-lts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 29 Sep 2015 10:30:16 +0200 Source: vorbis-tools Binary: vorbis-tools vorbis-tools-dbg Architecture: source amd64 Version: 1.4.0-1+deb6u1 Distribution: squeeze-lts Urgency: medium Maintainer: Debian Xiph.org MaintainersChanged-By: Mike Gabriel Description: vorbis-tools - several Ogg Vorbis tools vorbis-tools-dbg - several Ogg Vorbis tools (debug files) Closes: 771363 776086 797461 Changes: vorbis-tools (1.4.0-1+deb6u1) squeeze-lts; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * debian/patches: + Add 0009-Fix-oggenc-crash-on-closing-raw-input-files.patch. Fix crash on closing raw input. (CVE-2014-9640). (Closes: #771363). + Add 0015-Fix-Large-alloca-on-bad-AIFF-input-CVE-2015-6749.patch. Fix buffer overflow on bad AIFF input (CVE-2015-6749). (Closes: #797461). + Add 0016-Validate-channel-count-in-audio-header.patch. Prevent out-of-bounds memory access (CVE-2014-9638, CVE-2014-9639). (Closes: #776086). + Update no_debian_subdir.diff to avoid patch fuzziness. Checksums-Sha1: 7cb404aeedfe1b16c6d58b4f21e6446367ad 2071 vorbis-tools_1.4.0-1+deb6u1.dsc b012c9e2807e9078be4e4686baefd202672e9475 8486 vorbis-tools_1.4.0-1+deb6u1.diff.gz caacea79542df425afcc1d226eec0cf91687173b 291050 vorbis-tools_1.4.0-1+deb6u1_amd64.deb 2e7c516293aba0d5510ad2930673914747e1f1e1 189468 vorbis-tools-dbg_1.4.0-1+deb6u1_amd64.deb Checksums-Sha256: 9167034e9ba8d9383962e23f460761039eeba8559373af876d975f7f15a87b26 2071 vorbis-tools_1.4.0-1+deb6u1.dsc e9a739b20f400b794d6f4c017975ffb926eb8b058de770827616c610cb70a406 8486 vorbis-tools_1.4.0-1+deb6u1.diff.gz ee9b096e6df4be59dfba318964809c26fd83689a2048c551f5508d7927e712fe 291050 vorbis-tools_1.4.0-1+deb6u1_amd64.deb 2685b31884f681d54e3a2eb6a9bd13d86ed6c6f4a3e5f600c000cb59bc785625 189468 vorbis-tools-dbg_1.4.0-1+deb6u1_amd64.deb Files: af5c613487ac9174be65d081605119ea 2071 sound optional vorbis-tools_1.4.0-1+deb6u1.dsc ca9db9ff3763732cf74ece50d503b659 8486 sound optional vorbis-tools_1.4.0-1+deb6u1.diff.gz 35ac2bcece570cd6cf101a86b8621973 291050 sound optional vorbis-tools_1.4.0-1+deb6u1_amd64.deb 5357007da15fdd60cb93d66627baaba1 189468 debug extra vorbis-tools-dbg_1.4.0-1+deb6u1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJWClEnAAoJEJr0azAldxsxaJAP/2cGgnoey6QRi/fZLeDd3c+z U8l1xTmK/ZnI4UnHY2hnv4oKR/Em2Kl8CLcS+25+FlEp51TMXyXVMslVlF97aCt+ VwGhTvjGAD6s0RvcP0WRvaqPLqUuwK0ijdgsFMSq4piHrHkcgY9fHmZlFEPsmkNW eO9Pc/rUsIFCO+Q7FNHfL8wARGrlgSSF/JLr2WeVsvlyjK72HZxxaVY1ilt2BAQT nEWbd6MXZRODMSh8ULy2y2hVd3/MUf+fB+KtuUAiHanScn3N/mQW3UG6J/1as5LL mFLJ/9XTsNecFGziZfBOIiaOscjUTWJHhj2p4Om6osLWviBY1q0iSrRm9oY/I4iR I1DX3LNvAyG26BKCSS9RVC2J0Ea5es1QkZ1Tu5Mp/lncCKmJMwIRPMga1JxW7DbR x38MrUNq/5tzsfI+2BZTSF3Xv0143A7UMP2KgF4oFyL9Oxiaf4SY/zeNtn+3e9/f cCfJ0zsbX9MwA+6ZbB+QQm6TTINkjGMHuMOBb+0Uz6SKwDLLJa3BvMhoS0KJ299D Gi6KPLGBzyZjWOLDDXhIswM5ZSOom2XWAiAUPB2TxA5e0VusW53G/Yu9HpojOCoG 79XSJcfJFRsqZT7Ispd8sOxPtgBIbQMS1ouCux/8q5J4WXIUEUwMiXkuH00kyoEn nlbT6hPGmDf6/Kbu4IF4 =3QrS -END PGP SIGNATURE-
Re: [SECURITY] [DLA 317-1] vorbis-tools security update
HI Raphael, On Di 29 Sep 2015 11:45:19 CEST, Raphael Hertzog wrote: Hello Mike, On Tue, 29 Sep 2015, Mike Gabriel wrote: Package: vorbis-tools Version: 1.4.0-1+deb6u1 This package seems to have never been uploaded to squeeze-lts... You are supposed to wait until you get an ACCEPTED mail before sending out the announce. Did you get this mail? At least I don't see anything in https://lists.debian.org/debian-lts-changes/2015/09/threads.html Please correct that ASAP. Cheers, I received the ACCEPTED mail the same moment I received the above mail. Indeed, I was too fast with the DLA announcement. Sorry. Mike -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpxj9BStoRF4.pgp Description: Digitale PGP-Signatur
libemail-address-perl, no "squeeze update of ..." mail sent, yet
Hi all, I just took over updating libemail-address-perl in squeeze-lts via secure-testing SVN repo. Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (i.e., when triaging the latest security issue in that package)? Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgptW_0f7VawL.pgp Description: Digitale PGP-Signatur
flightgear upload for squeeze
Hi, Here's my proposed debdiff for the flightgear update in squeeze: https://gist.githubusercontent.com/lamby/0021615a8e1d4b7b260e/raw/4b38276c3a982f98208d6752ed492b0050ae5a5d/%253Cstdin%253E It's a little more convoluted than I would prefer as I needed to backport a handful of utilities and headers in order that the backported itself patch applied with minimal mangling. (Part of training, hence the low-priority package.) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Re: [SECURITY] [DLA 317-1] vorbis-tools security update
Hello Mike, On Tue, 29 Sep 2015, Mike Gabriel wrote: > Package: vorbis-tools > Version: 1.4.0-1+deb6u1 This package seems to have never been uploaded to squeeze-lts... You are supposed to wait until you get an ACCEPTED mail before sending out the announce. Did you get this mail? At least I don't see anything in https://lists.debian.org/debian-lts-changes/2015/09/threads.html Please correct that ASAP. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Offering mysql-5.5 as an option in squeeze-lts
Hello, currently we are shipping mysql-5.1 which is no longer supported upstream and which might have multiple unfixed vulnerabilities (Oracle doesn't disclose enough details to either verify it or fix them). We should really offer squeeze users to switch to a supported version of mysql and that would be version 5.5. Who would like to drive this forward? As a first step, I would suggest that we backport 5.5.44-0+deb7u1 for squeeze and we drop the unversioned packages: libmysqld-pic, libmysqld-dev, libmysqlclient-dev, mysql-common, mysql-server, mysql-client. The goal is to not rebuild applications, they would continue to use the old libmysqlclient16 but would connect to the 5.5 server. For mysql-common, it might be necessary to build it from mysql-5.5 but we should ensure it also works with mysql-5.1... And then we perform some test upgrades, and some application tests, and try to smooth the rough edges. When we're happy we send out a DLA indicating that mysql-5.1 is EOL but that they can switch to mysql-5.5 if they desire (although it requires a manual upgrade). What do you think ? Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet
On Tue, 29 Sep 2015, Mike Gabriel wrote: > Is there a reason that no "squeeze update of ..." mail has been sent for > libemail-address-perl, yet, (i.e., when triaging the latest security issue > in that package)? Yes, the fix is so easy that sending the above mail would take more time than fixing the package and the package is part of the Perl team which is rather happy when we do the work and push our update in their git repository (I believe all DD have write access to their git repositories). Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet
Hi again, On Di 29 Sep 2015 15:06:23 CEST, Mike Gabriel wrote: Hi Raphael, On Di 29 Sep 2015 13:55:06 CEST, Raphael Hertzog wrote: On Tue, 29 Sep 2015, Mike Gabriel wrote: Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (i.e., when triaging the latest security issue in that package)? Yes, the fix is so easy that sending the above mail would take more time than fixing the package and the package is part of the Perl team which is rather happy when we do the work and push our update in their git repository (I believe all DD have write access to their git repositories). ok. Thanks for the answer. Will continue with fixing libemail-address-perl, then. Best, Mike another question about this simple fix-up (SORRY)... As it seems the issue is only referenced via a TEMP-* ID [1] in the Debian Security Tracker. Furthermore, no bug is referenced there [1], either. And... the issue is already fixed in testing/unstable. Shall I file a new bug with exact affected versions (as found in jessie, wheezy, squeeze-lts) and attach it to the TEMP-* security tracker ID and then reference that new bug in my squeeze-lts upload? Thanks for input, Mike [1] https://security-tracker.debian.org/tracker/TEMP-000-F41FA7 -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpOnyJgi_sN2.pgp Description: Digitale PGP-Signatur
Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet
Hi again, On Di 29 Sep 2015 15:06:23 CEST, Mike Gabriel wrote: Hi Raphael, On Di 29 Sep 2015 13:55:06 CEST, Raphael Hertzog wrote: On Tue, 29 Sep 2015, Mike Gabriel wrote: Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (i.e., when triaging the latest security issue in that package)? Yes, the fix is so easy that sending the above mail would take more time than fixing the package and the package is part of the Perl team which is rather happy when we do the work and push our update in their git repository (I believe all DD have write access to their git repositories). ok. Thanks for the answer. Will continue with fixing libemail-address-perl, then. Best, Mike another question about this simple fix-up (SORRY)... As it seems the issue is only referenced via a TEMP-* ID [1] in the Debian Security Tracker. Furthermore, no bug is referenced there [1], either. And... the issue is already fixed in testing/unstable. Shall I file a new bug with exact affected versions (as found in jessie, wheezy, squeeze-lts) and attach it to the TEMP-* security tracker ID and then reference that new bug in my squeeze-lts upload? Thanks for input, Mike [1] https://security-tracker.debian.org/tracker/TEMP-000-F41FA7 -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpSnmK_kM4Gj.pgp Description: Digitale PGP-Signatur
Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet
On Tue, 29 Sep 2015, Mike Gabriel wrote: > another question about this simple fix-up (SORRY)... > > As it seems the issue is only referenced via a TEMP-* ID [1] in the Debian > Security Tracker. Furthermore, no bug is referenced there [1], either. > And... the issue is already fixed in testing/unstable. Then you don't put any reference in the changelog except maybe a clear description and the upstream commit ? But you pay attention to this to properly mark the entry as solved in the security tracker: https://lists.debian.org/debian-lts/2015/09/msg00058.html > Shall I file a new bug with exact affected versions (as found in jessie, > wheezy, squeeze-lts) and attach it to the TEMP-* security tracker ID and > then reference that new bug in my squeeze-lts upload? I don't think that it's required. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Re: Marking TEMP-* issues as resolved
Hi Mike, On Wed, Sep 30, 2015 at 04:19:09AM +, Mike Gabriel wrote: > Hi Guido, > > On So 27 Sep 2015 17:03:51 CEST, Guido Günther wrote: > > >Hi, > >On Sun, Sep 27, 2015 at 10:42:20AM +0200, Salvatore Bonaccorso wrote: > >>Hi Gudio, > >> > >>On Sun, Sep 27, 2015 at 10:17:14AM +0200, Guido Günther wrote: > >>> Hi, > >>> > >>> for the glibc update I'm preparing three issues that don't have a CVE > >>> assigned yet so they can't be marked as resolved via the entry in > >>> data/DLA/list. Is the correct way to tag these by just adding: > >>> > >>> [squeeze] - eglibc 2.11.3-4+deb6u7 > >>> > >>> to the entries in data/CVE/list after the upload? > >> > >>yes, but please as well ad a note so that once the CVE is assigned, > >>the entry is moved to the correct data/{DSA,DLA}/list. > >> > >>Something like (no rule, but makes it easier to update once CVE > >>assigned): > >> > >>> NOTE: Added workaround entry for DSA--1/DLA-XXX-1 until CVE > >>> assigned. > > > >Done. Thanks! > > -- Guido > > I just tried to learn from the above discussion and add that work-around > note for libemail-address-perl (which I did now via rev36901). > > However, I could not find any work-around note for eglibc in the > data/CVE/list, not in the file itself nor in the commit history. > > Is it possible that you forgot to actually commit that change (or such)? The > commit directly after the above mail seems to be rev36841, but that only > contains references to upstream fixes, not a reference from data/CVE/list to > a DLA in data/DLA/list. Have a look at revision 36863 It adds [squeeze] - eglibc 2.11.3-4+deb6u7 NOTE: Added workaround entry for DLA-316-1 until CVE assigned. (and removed previous [squeeze] - eglibc (Reason) lines for the same CVE entry). HTH, Regards, Salvatore
Accepted libemail-address-perl 1.889-2+deb6u2 (source all) into squeeze-lts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 29 Sep 2015 17:13:43 +0200 Source: libemail-address-perl Binary: libemail-address-perl Architecture: source all Version: 1.889-2+deb6u2 Distribution: squeeze-lts Urgency: medium Maintainer: Debian Perl GroupChanged-By: Mike Gabriel Description: libemail-address-perl - RFC 2822 Address Parsing and Creation Changes: libemail-address-perl (1.889-2+deb6u2) squeeze-lts; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * Set default depth of parsing nestable comments to 1. This prevents possible DoS attack in software which uses Email::Address for parsing string input to list of email addresses. * Patch file provided for reference/documentation as debian/patches/0001_nested-comments-default-to-1-level.patch, also referencing the original upstream commit. Checksums-Sha1: b7e43c94c5fbdf7eebf6495d9d2006ef12c099cb 2127 libemail-address-perl_1.889-2+deb6u2.dsc 1eab1c1566b0c25dea3d845d1e7952f236b7cfff 4018 libemail-address-perl_1.889-2+deb6u2.diff.gz 2926a102dc8e34a9c75c129e78a73b645476eba0 27252 libemail-address-perl_1.889-2+deb6u2_all.deb Checksums-Sha256: 0b88f1ad54f1835f12a157c651a2a41cae76a7012c8c58343871782454ee11e6 2127 libemail-address-perl_1.889-2+deb6u2.dsc 092a199055839ecf4792e01fa54fcf586b3e87cdcc0549d93040427b3f2a6440 4018 libemail-address-perl_1.889-2+deb6u2.diff.gz 3138af97c455c2027ca0051f2601b4c026f63636051e99f920c1bc5c09d58b85 27252 libemail-address-perl_1.889-2+deb6u2_all.deb Files: 7dcd70f4a7c957ef3997d4e89666a591 2127 perl optional libemail-address-perl_1.889-2+deb6u2.dsc bfb05312c60704a19330c014ff17bb28 4018 perl optional libemail-address-perl_1.889-2+deb6u2.diff.gz b628c89564f56dde98dcfce443fd89e4 27252 perl optional libemail-address-perl_1.889-2+deb6u2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJWC1q0AAoJEJr0azAldxsxWqIP/05amo+i+mMoTZCxOOx/eZI2 UnMOrLu8xWxTYqo/7RBR6lYa00Wgxw/Yp466YkwLgV6ZifWm/Y9LQYuY0w4VjR1L 3GoHMOBZPpEbcEIe5hk7KLeV/YhapPLLpQja7+1uKQUst58FmQMZ0AfksMlX0yHR Dw0obWm+9cPBCXjPqjmmQboQzdm0tGZFXzFAXRfT2wI25kcJeWw8IhzAVxMTrxfz 5nqeDcfwQDToBjU0n4TSN1zoJO/UC+RWIYkaQo8njTl/3/N0Atiwl5sW2ZSD8JdE Nrk5N0w5tatXMQlSRu/l2m3IZEkXnw1aJRlGjL3J2+OzC8gdfFXbzuL2r7mVmyqU 18YTMOHPwtiHqP8iRgg0gkYYj6q7n9EvZALZ5WZZUSzFvONsz6Roq/XKrid3lqPR Ww94Mm10x3gbJ1yo7Yk5yWy/8irD0fsuoZRjhewxxEnQj6cQSgXz5RGMry4Ix67Z vbJ8Jd48eK36SLn9VXF5/UF3t45BIxxj3EIIY1CNQlhQRu01a4jf0d73tKb6sfeD iuIO0F4xHlVx9A3gcyaxvf9WiY4QUWBg/sgS2/PS2WrtkwCoU1spHQkt4ucWBx2s zwtEOaeZurqibNsfAT0QPQczkhMkvxF9Ir97P8+fR7ixgPHGiFk1ZTbiJ/5BefPe eG/EgIBCG7wlhnBuko7U =pa5T -END PGP SIGNATURE-
Re: Marking TEMP-* issues as resolved
Hi Guido, On So 27 Sep 2015 17:03:51 CEST, Guido Günther wrote: Hi, On Sun, Sep 27, 2015 at 10:42:20AM +0200, Salvatore Bonaccorso wrote: Hi Gudio, On Sun, Sep 27, 2015 at 10:17:14AM +0200, Guido Günther wrote: > Hi, > > for the glibc update I'm preparing three issues that don't have a CVE > assigned yet so they can't be marked as resolved via the entry in > data/DLA/list. Is the correct way to tag these by just adding: > > [squeeze] - eglibc 2.11.3-4+deb6u7 > > to the entries in data/CVE/list after the upload? yes, but please as well ad a note so that once the CVE is assigned, the entry is moved to the correct data/{DSA,DLA}/list. Something like (no rule, but makes it easier to update once CVE assigned): > NOTE: Added workaround entry for DSA--1/DLA-XXX-1 until CVE > assigned. Done. Thanks! -- Guido I just tried to learn from the above discussion and add that work-around note for libemail-address-perl (which I did now via rev36901). However, I could not find any work-around note for eglibc in the data/CVE/list, not in the file itself nor in the commit history. Is it possible that you forgot to actually commit that change (or such)? The commit directly after the above mail seems to be rev36841, but that only contains references to upstream fixes, not a reference from data/CVE/list to a DLA in data/DLA/list. Just curious and eager to learn more about the workflow of Debian security and LTS, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgptakRsUo9yk.pgp Description: Digitale PGP-Signatur