ding.)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
eb7u3 & 0.8.15-5+deb7u4. They should apply cleanly to the 'wheezy'
branch of git://git.deb.at/pkg/irssi.git.
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
From cd3e047c59d3fe8c679efc4f648f0b85d09d7744 Mon Sep 17 00:00:00 2
occur due to another NULL pointer dereference.
For Debian 7 "Wheezy", these issues have been fixed in irssi version
0.8.15-5+deb7u5.
We recommend that you upgrade your irssi packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
libcupsppdc1-dev cups-bsd cups-common
cups-ppdc cups-dbg cupsddk
Architecture: source all amd64
Version: 1.5.3-5+deb7u7
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Printing Team <debian-print...@lists.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Descrip
to the CUPS daemon in conjunction with DNS
rebinding.
This was caused by a whitelisted "localhost.localdomain" entry.
For Debian 7 "Wheezy", this issue has been fixed in cups version
1.5.3-5+deb7u7.
We recommend that you upgrade your cups packages.
Regards,
- --
,''`.
old off for whateverreason. :)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of awstats updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
whether you would
like to review and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libhibernate-validator-java
updates
for the LTS releases.
Thank you very much.
Chris Lamb
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of exiv2 updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
-cpp-dev poppler-utils poppler-dbg
Architecture: source amd64
Version: 0.18.4-6+deb7u5
Distribution: wheezy-security
Urgency: high
Maintainer: Loic Minier <l...@dooz.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
gir1.2-poppler-0.18 - GObject introspection data for
libmagick++-dev perlmagick
Architecture: source amd64 all
Version: 8:6.7.7.10-5+deb7u21
Distribution: wheezy-security
Urgency: high
Maintainer: ImageMagick Packaging Team
<pkg-gmagick-im-t...@lists.alioth.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
imagema
-
crafted TIFF file.
For Debian 7 "Wheezy", this issue has been fixed in imagemagick
version 8:6.7.7.10-5+deb7u21.
We recommend that you upgrade your imagemagick packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-
have your
permission to take your assignment over? I will naturally be more
diligent in this regard in the future.
(Note that the testsuite also requires an update which is not evident in
upstream's patch.)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org
quot;.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
e backend.
For Debian 8 "Jessie", these issues have been fixed in php-horde-image
version 2.1.0-4+deb8u1.
We recommend that you upgrade your php-horde-image packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb
Chris Lamb wrote:
> > I've prepared security update for policykit. Debdiff is attached.
> […]
> > Please review and upload.
>
> Will do so. Have reserved DLA-1448-1 for this purpose.
Uploaded:
https://lists.debian.org/debian-lts-announce/2018/07/msg00042.html
I added
Hi Abhijith,
> I've prepared security update for policykit. Debdiff is attached.
[…]
> Please review and upload.
Will do so. Have reserved DLA-1448-1 for this purpose.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
policies and
privileges.
For Debian 8 "Jessie", this issue has been fixed in policykit-1 version
0.105-15~deb8u3.
We recommend that you upgrade your policykit-1 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
her or
otherwise push the adoption of the fix outside of LTS given my patch/
efforts were applied upstream without attribution.)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 06 Aug 2018 14:43:24 +0800
Source: cgit
Binary: cgit
Architecture: source amd64
Version: 0.10.2.git2.0.1-3+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Alexander Wirt
Changed-By: Chris Lamb
Description
iscussion at-hand.
If you believe the documentation is lacking the above, please could you
update the wiki? The mailing list is, for hopefully obvious reasons, a
sub-optimal place to document this in a canonical fashion.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@d
LA to check for eventual regressions. We're doing
> the same for DSAs.
Do you have any systematic process (or even tooling) for this out of
interest?
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
here was ensuring that it was
added and assigned in dla-needed.txt so that nobody else would start
work on it in the interim (ie. doing the first two steps outlined above
yourself).
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
egards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ing DLA number
Whilst there may be problems with the workflow or tooling, could you
please use this opportunity to update the documentation?
I suffer from a "curse of knowledge" in that the process is almost
second-nature to me now so I don't know what a newcomer doesn't know.
Regard
Hi Markus & Bertrand,
> > I'll prepare source package this week-end, but if it's fine with you
> > I'll let you take care of the LTS workflow as I am a bit busy these days.
>
> Thanks for your reply. It seems Chris Lamb is interested in fixing those
> issues. I will le
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of dojo updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start
grade your libextractor packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluCpsMACgkQHpU+J9Qx
HlhwQQ/7BJ/MbTr9F4zWumr0slSv7Cy6jb4SUt7DoksTfyERdQwqVv
is branch so
i can take it from here.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Chris Lamb wrote:
> > I've just prepared an update for jessie-security (see [1]). Please tell
> > me how if you want the full source package and how I should send it.
> […]
> > [1] https://salsa.debian.org/debian/libextractor/tree/jessie
>
> Ooh, nice work. I've ma
Dear Raphael,
> > Maybe gen-DLA could check and warn if there is no dla-needed.txt entry?
>
> +1
Implemented in:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d55d75ec0d37712970b3559edaaad50a8e8851e6
Regards,
--
,''`.
: :' :
designed to help locate
and load cursors for the X Window System.
For Debian 8 "Jessie", this issue has been fixed in libxcursor version
1:1.1.14-1+deb8u2.
We recommend that you upgrade your libxcursor packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `
: Debian X Strike Force
Changed-By: Chris Lamb
Description:
libxcursor-dev - X cursor management library (development files)
libxcursor1 - X cursor management library
libxcursor1-dbg - X cursor management library (unstripped)
libxcursor1-udeb - X cursor management library (udeb)
Closes: 906012
exists
on a target server.
For Debian 8 "Jessie", this issue has been fixed in openssh version
1:6.7p1-5+deb8u5.
We recommend that you upgrade your openssh packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
(CVE-2018-14056)
For Debian 8 "Jessie", these issues have been fixed in znc version
1.4-2+deb8u1.
We recommend that you upgrade your znc packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-By: Chris Lamb
Description:
znc- advanced modular IRC bouncer
znc-dbg- advanced modular IRC bouncer (debugging symbols)
znc-dev- advanced modular IRC bouncer (development headers)
znc-perl - advanced modular IRC bouncer (Perl extension)
znc-python - advanced modular IRC
volution-data-server packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAltYC6MACgkQHpU+J9Qx
HliOqA/+NcP9dzBck3aynMmcZK3gvNrIzcr55oHICzd7
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluIET4ACgkQHpU+J9Qx
HlgweA/8CQFKxZreVcFWefRLu+dsifiXhTl8FL5CPTxFGWW4synrffXBwHBziZzv
lLtq9D2sTZMKFzj1R3
f it was already there I believe we should let it be.)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ly-crafted
input file could lead to a heap-based buffer overflow.
For Debian 8 "Jessie", this issue has been fixed in lcms2 version
2.6-3+deb8u2.
We recommend that you upgrade your lcms2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
information, please see:
<https://curl.haxx.se/docs/CVE-2018-14618.html>
For Debian 8 "Jessie", this issue has been fixed in curl version
7.38.0-4+deb8u12.
We recommend that you upgrade your curl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
+deb8u12
Distribution: jessie-security
Urgency: high
Maintainer: Alessandro Ghedini
Changed-By: Chris Lamb
Description:
curl - command line tool for transferring data with URL syntax
libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour)
libcurl3-dbg - debugging symbols
; upload that to jessie [..]
>
> I'm a bit reluctant to do this, as I've never done this before
You have misread what I wrote. I am not asking you to do that locally
or otherwise. I am asking why we (LTS) don't apply that commit and
upload it to jessie.
> Hm, I don't think so. Should
otherwise should be
trusted.
For Debian 8 "Jessie", these issues have been fixed in ca-certificates
version 20141019+deb8u4.
We recommend that you upgrade your ca-certificates packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
sting that we upgrade src:glib-json
from 1.0.2 → 1.0.4? Why don't we just cherry-pick the aforementioned
patch and apply it to 1.0.2? :)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
d 1.0.4.
(Does this issue have a bug in the Debian BTS?)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
file on the filesystem via
a $HOME/.face icon file (as the cinnamon-settings-users.py GUI runs
as root).
For Debian 8 "Jessie", this issue has been fixed in cinnamon version
2.2.16-5+deb8u1.
We recommend that you upgrade your cinnamon packages.
Regards,
- --
,''`.
: :' :
Changed-By: Chris Lamb
Description:
cinnamon - Innovative and comfortable desktop
cinnamon-common - Innovative and comfortable desktop (Common data files)
cinnamon-dbg - Innovative and comfortable desktop (Debugging symbols)
Closes: 903201
Changes:
cinnamon (2.2.16-5+deb8u1) jessie-security
y-sprockets packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAltHH8cACgkQHpU+J9Qx
HlgwoRAAsUimgKPa3g0/nHuYyX+T/J/qnmbtNTHb2fuO
-By: Chris Lamb
Description:
ruby-sprockets - Rack-based asset packaging system
Closes: 901913
Changes:
ruby-sprockets (2.12.3-1+deb8u1) jessie-security; urgency=high
.
* CVE-2018-3760: Do not respond to http requests asking for a `file://`.
(Closes: #901913)
Checksums-Sha1
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
exploited a signedness
confusion leading to an infinite loop.
For Debian 7 "Wheezy", this issue has been fixed in libgd2 version
2.0.36~rc1~dfsg-6.1+deb7u11.
We recommend that you upgrade your libgd2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 19 Jan 2018 15:22:37 +1100
Source: rsync
Binary: rsync
Architecture: source amd64
Version: 3.0.9-4+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Paul Slootman <p...@debian.org>
Changed-By: Chris La
Maintainer: GD team <pkg-gd-de...@lists.alioth.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libgd-tools - GD command line tools and example code
libgd2-noxpm - GD Graphics Library version 2 (without XPM support)
libgd2-noxpm-dev - GD Graphics Library version 2
wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Hi Abhijith,
> I prepared an update[1] for zsh. Debdiff attached along with the mail.
> It would be great if you do some testing.
Works for me... :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ou upgrade your vips packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqlbGkACgkQHpU+J9Qx
HlhlZg/+JARD0ct7/CwIsXKXI61vTZQUDcH843W4TWoTu9fyQgU4BA
Berkenbilt <q...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libvips-dev - image processing system good for very large images (dev)
libvips-doc - image processing system good for very large images (doc)
libvips-tools - image processing system good for very
commit/b0cd5ed5b282af6bd7739edb55f3448cb2b3a188
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
release DLA.
I'll upload zsh 4.3.17-1+deb7u1 now and — to save delays — announce the
DLA too. :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
d in zsh version
4.3.17-1+deb7u1.
We recommend that you upgrade your zsh packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqivesACgkQHpU+J9Q
Chris Lamb wrote:
> I'll upload zsh 4.3.17-1+deb7u1 now and — to save delays — announce the
> DLA too. :)
Uploaded and announced as DLA-1304-1. Thank you. :)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
to review and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of graphicsmagick updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS
rse, avoid
any potential missed call sites inside ldap-account-manager itself or
anything that happened to call into it or use it as a library somehow.
Thank you for checking. :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
but this descended into far too much code
to be aesthetically pleasing or safe.
(As I noted -- mostly to myself, alas -- we could potentially use a
less-safe version to essentially avoid pulling in many changes, if
any.)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'`
recommend that you upgrade your gunicorn packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlrcTnUACg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 22 Apr 2018 10:49:38 +0200
Source: gunicorn
Binary: gunicorn
Architecture: source all
Version: 0.14.5-3+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Chris Lamb <la...@debian.org>
Changed-By: Chris La
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 16 Apr 2018 08:33:40 +0100
Source: patch
Binary: patch
Architecture: source amd64
Version: 2.6.1-3+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Christoph Berg <m...@debian.org>
Changed-By: Chris La
/bangpatch/
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlrUhW0ACgkQHpU+J9Qx
HliTjBAAgoZLoN+0FvkHzq+UqaKYHW+Y1Ybi5cFNC63BZiqn8gXyO3E2NeFiixv2
90J4
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Java Maintainers
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
liblucene3-contrib-java - Full-text search engine library for Java(TM)
liblucene3-java - Full-text search en
information in a
network.
For Debian 7 "Wheezy", this issue has been fixed in net-snmp version
5.7.2.1+dfsg-1+deb8u1.
We recommend that you upgrade your net-snmp packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-
for CVE-2018-7051 is missing.
Very strange as there's an entry in debian/series. Regardless, I have
addressed this in DLA-1318-1 / irssi 0.8.15-5+deb7u6.
Thank you for the report Matus and thanks to Ben for looking into it.
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'`
i packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlq5FzUACgkQHpU+J9Qx
Hlh3PA/+LEFvUexjDjy+9+M0lHU7dpuQFhX9eNMoTuIpCcC/W1ccAO
ould — in addition — like to take the same underlying
issue in rubygems and jruby as well?
If not, no problem, and I will handle all three cases ASAP. Just let
me know.
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
other packages in dla-needed.txt? :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
7 "Wheezy", this issue has been fixed in beep version
1.3-3+deb7u1.
We recommend that you upgrade your beep packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 03 Apr 2018 07:40:15 +0100
Source: beep
Binary: beep beep-udeb
Architecture: source amd64
Version: 1.3-3+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Gerfried Fuchs <rho...@debian.org>
Changed-By: Chri
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of firebird2.5 updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
Hi Brian,
I assume that the get_rdn function cannot universally return with
"htmlspecialchars" applied?
+ * Non-maintainer upload by the LTS.
^
Missing "team" ? :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'`
d that you upgrade your adminer packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqzx4IACgkQHpU+J9Qx
Hlgqhg/+KfM5/8OKDv99f0F7z
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 20 Mar 2018 22:40:06 -0400
Source: adminer
Binary: adminer
Architecture: source all
Version: 3.3.3-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Medhamsh V <m...@medhamsh.org>
Changed-By: Chris La
for Java applications.
For Debian 7 "Wheezy", this issue has been fixed in libjgraphx-java version
1.4.1.0-3+deb7u1.
We recommend that you upgrade your libjgraphx-java packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-
9.html
Thank you!
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
lang packages. The Debian LTS team
would like to thank Abhijith PA for preparing this update.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqS3
ome non-determinism
filesystem ordering, rather than a diagnosis that needs knocking down..)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ttps://sources.debian.org/src/disorderfs/0.5.3-2/disorderfs.1.txt/#L86-L114
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ich is very strange to me.
(My gut tells me that this is non-deterministic filesystem ordering..)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Distribution: jessie-security
Urgency: high
Maintainer: Debian Java Maintainers
Changed-By: Chris Lamb
Description:
libfontbox-java - Java font library
libfontbox-java-doc - Java font library (Documentation)
libjempbox-java - XMP Compatible Java Library
libjempbox-java-doc - XMP Compatible Java
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 19 Oct 2018 10:51:00 -0400
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.32-1+deb8u13
Distribution: jessie-security
Urgency: high
Maintainer: Luigi Gangitano
Changed-By: Chris Lamb
Description:
drupal7
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libssh updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
Distribution: jessie-security
Urgency: high
Maintainer: Kartik Mistry
Changed-By: Chris Lamb
Description:
nginx - small, powerful, scalable web/proxy server
nginx-common - small, powerful, scalable web/proxy server - common files
nginx-doc - small, powerful, scalable web/proxy server
hat you upgrade your ansible packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlvpYiQACgkQHpU+J9Qx
HlhDWg/9Hz82c1ALOa5RRkaZbAOV0057vaxTQdpH3VjV
cker-team/security-tracker/commit/dcf1955fa11984475d68b0a10205337d6d88969f
If it helps, it was last updated as part of DLA-1372-1.
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
e has been fixed in nginx version
1.6.2-5+deb8u6.
We recommend that you upgrade your nginx packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBO
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluzRa4ACgkQHpU+J9Qx
Hlj3Lw//elj08ME+zL/RCQyXhiYpQPl1PHyyhWEkm89NVfSBmPV2fY1UNy
strongswan-charon strongswan-ike
strongswan-nm strongswan-ikev1 strongswan-ikev2 charon-cmd
Built-For-Profiles: nocheck
Architecture: source all amd64
Version: 5.2.1-6+deb8u8
Distribution: jessie-security
Urgency: high
Maintainer: strongSwan Maintainers
Changed-By: Chris Lamb
Description:
charon-cmd
Changed-By: Chris Lamb
Description:
adplug-utils - free AdLib sound library (utils)
libadplug-2.2.1-0 - free AdLib sound library
libadplug-dev - free AdLib sound library (development)
Changes:
adplug (2.2.1+dfsg3-0.1+deb8u1) jessie-security; urgency=high
.
* CVE-2018-17825: Fix a potential
Chris Lamb wrote:
> > I've prepared security update for dojo. Please review and
> > upload. Debdiff is attached. Its a trivial patch to escape quotes.
>
> Will review and upload. I have reserved DLA-1492-1 for this
> purpose.
Uploaded and
8 "Jessie", this issue has been fixed in dojo version
1.10.2+dfsg-1+deb8u1 by Abhijith PA.
We recommend that you upgrade your dojo packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
401 - 500 of 927 matches
Mail list logo