Hello Michael,
you are still listed in dla-needed.txt as the owner of Gosa. Apparently
you already prepared a debdiff and sent it to the security team but it
was never released. Would it be possible to share it with us? Or can you
confirm that the following patches from Jessie will resolve this is
Hi Markus,
On Mon, Jun 20, 2016 at 12:43:02PM +0200, Markus Koschany wrote:
> Hello Roberto,
>
> > As far as upstream feedback, I presume I should post my updated patches
> > to either ticket 12020 or 12276. Would that be the best approach?
>
> Yes, that would be a good approach indeed.
>
> >
Hello Roberto,
On 17.06.2016 18:48, Roberto C. Sánchez wrote:
> (This message is directed to Antoine as he gave me the initial feedback,
> but I welcome comments and suggestions from anyone).
>
> Hi Antoine,
>
> Thanks for the feedback on this a few weeks ago. I've been quite busy
> but I don't
On 20.06.2016 10:56, Brian May wrote:
> Brian May writes:
>
>> Markus Koschany writes:
>>
>>> I just had a closer look at the vulnerabilities. I have marked
>>> CVE-2016-5103, CVE-2015-2181 and CVE-2015-2180 as not-affected because
>>> the vulnerable code is not present in this version. There is
Brian May writes:
> Markus Koschany writes:
>
>> I just had a closer look at the vulnerabilities. I have marked
>> CVE-2016-5103, CVE-2015-2181 and CVE-2015-2180 as not-affected because
>> the vulnerable code is not present in this version. There is no upstream
>> fix available for CVE-2016-4086