Re: DLA needed for tryton-server and tryton-proteus

On 10/03/2022 09:24, Mathias Behrle wrote: Hi team, there are two CVEs for tryton-server and tryton-proteus: https://security-tracker.debian.org/tracker/CVE-2022-26661 https://security-tracker.debian.org/tracker/CVE-2022-26662 I have prepared fixes at

[SECURITY] [DLA 2930-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2930-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 01, 2022

[SECURITY] [DLA 2926-1] zsh security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2926-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 18, 2022

Re: bug in glibc package

Hi Alex, On 03/03/2022 22:08, Alex King wrote: In Debian 9 Stretch, I am seeing this bug (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987266). This means that when I try to use a kernel with a revision later than 254 i get an error, e.g. I'm trying to use a 4.14.264 kernel. It seems

[SECURITY] [DLA 2922-1] pgbouncer security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2922-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 14, 2022

(E)LTS report for January

Hi, During the month of January I worked on the following tasks for stretch LTS: - thunderbird 91 ESR update - thunderbird armhf failure - clamav security update - gdal security update - firefox-esr security update - thunderbird security update - pillow security update - openjdk-8 security

[SECURITY] [DLA 2921-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2921-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 14, 2022

Re: libspring-java support

Hi, On 03/12/2021 23:50, Markus Koschany wrote: Hi Sylvain, Am Freitag, dem 03.12.2021 um 14:28 +0100 schrieb Sylvain Beucler: Hi, This year I worked on libspring-java twice for LTS In both case upstream provided limited information for the CVEs, and for 5 of them we're unable to determine

[SECURITY] [DLA 2970-1] qemu security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2970-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 04, 2022

[SECURITY] [DLA 2960-1] apache2 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2960-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 22, 2022

[SECURITY] [DLA 2961-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2961-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 22, 2022

Re: [Git][security-tracker-team/security-tracker][master] Reserve DLA-2936-1 for libgit2

On 11/03/2022 14:22, Utkarsh Gupta wrote: Hi Emilio, On Fri, Mar 11, 2022 at 4:56 AM Emilio Pozuelo Monfort wrote: Friendly ping about this update. I see the DLA was reserved but I haven't seen the package uploaded yet (and thus the announcement sent out). Is there any blocker with the update

[SECURITY] [DLA 2964-1] libdatetime-timezone-perl new upstream version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2964-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 29, 2022

[SECURITY] [DLA 2963-1] tzdata new upstream version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2963-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 29, 2022

[SECURITY] [DLA 2915-1] connman security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2915-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 09, 2022

[SECURITY] [DLA 2916-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2916-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 09, 2022

[SECURITY] [DLA 2917-1] openjdk-8 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2917-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 10, 2022

[SECURITY] [DLA 2893-1] pillow security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2893-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 23, 2022

[SECURITY] [DLA 2898-1] nss security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2898-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 25, 2022

[SECURITY] [DLA 2971-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2971-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 07, 2022

[SECURITY] [DLA 2978-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2978-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 11, 2022

[SECURITY] [DLA 3554-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3554-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 05, 2023

[SECURITY] [DLA 3568-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3568-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 16, 2023

[SECURITY] [DLA 3569-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3569-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 17, 2023

[SECURITY] [DLA 3553-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3553-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 01, 2023

[SECURITY] [DLA 3632-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3632-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 27, 2023

[SECURITY] [DLA 3636-1] openjdk-11 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3636-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 29, 2023

[SECURITY] [DLA 3637-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3637-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 29, 2023

Re: Accepted libyang 0.16.105+really1.0-0+deb10u1 (source) into oldoldstable

Hi, On 19/09/2023 19:00, Debian FTP Masters wrote: Format: 1.8 Date: Tue, 19 Sep 2023 18:39:19 CEST Source: libyang Architecture: source Version: 0.16.105+really1.0-0+deb10u1 Distribution: buster-security Urgency: high Maintainer: David Lamparter Changed-By: Markus Koschany Checksums-Sha1:

[SECURITY] [DLA 3570-1] libwebp security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3570-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 18, 2023

[SECURITY] [DLA 3587-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3587-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 29, 2023

[SECURITY] [DLA 3591-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3591-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 30, 2023

[SECURITY] [DLA 3598-1] libvpx security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3598-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 01, 2023

Re: Accepted libyang 0.16.105+really1.0-0+deb10u1 (source) into oldoldstable

Hi, On 20/09/2023 15:22, Markus Koschany wrote: Hello, Am Mittwoch, dem 20.09.2023 um 10:17 +0200 schrieb Emilio Pozuelo Monfort: I'm unsure about the version here. I see buster/bullseye have: libyang    | 0.16.105-1+deb10u1 | oldoldstable   | source libyang    | 1.0.225-1.1

Re: samba status update

Hi Lee, On 22/08/2023 13:10, Lee Garrett wrote: == (samba) functional test framework == In the context of the July 2023 Windows update that broke samba running as a AD DC [3] it became

[SECURITY] [DLA 3571-1] openjdk-11 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3571-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 19, 2023

[SECURITY] [DLA 3602-1] libx11 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3602-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 05, 2023

[SECURITY] [DLA 3603-1] libxpm security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3603-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 05, 2023

Re: Accepted libyang 0.16.105+really1.0-0+deb10u1 (source) into oldoldstable

On 27/09/2023 13:58, Markus Koschany wrote: Let me know if you want me to take care of the above. Feel free to take care of it. Done, libyang 1.0.225 uploaded and built, and frr rebuilt against it. I tested various upgrades and it all seems fine. Cheers, Emilio

[SECURITY] [DLA 3601-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3601-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 05, 2023

[SECURITY] [DLA 3628-1] dbus security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3628-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 23, 2023

[SECURITY] [DLA 3613-1] curl security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3613-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 11, 2023

Re: [DLA-3007-1] imagemagick security update incomplete

On 16/05/2022 11:04, Philipp Hahn wrote: Hello Andreas, The upload of https://packages.debian.org/source/stretch/imagemagick (8:6.9.7.4+dfsg-11+deb9u14) seems to be incomplete: It only includes the architecture-independant files and files for arm64,armel,armhf, but *not* i386,amd64; see

[SECURITY] [DLA 3006-1] openjdk-8 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3006-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 14, 2022

[SECURITY] [DLA 3020-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3020-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 23, 2022

[SECURITY] [DLA 3021-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3021-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 24, 2022

Re: RFR: openscad update

On 23/06/2022 17:01, Helmut Grohne wrote: Hi, I've been looking into updating openscad in buster to fix CVE-2022-0496 and CVE-2022-0497. They're already fixed in bullseye and later. They are input sanitization issues and CVE-2022-0496 needed a little porting of the patch. I verified that the

EOL of stretch

Hi, stretch will go EOL today. Thus please refrain from doing any further uploads to it. buster will remain in the hands of the security team until August (exact date TBD). This list will be notified when it has moved into the LTS team and triaging and uploading is open again. Cheers,

[SECURITY] [DLA 3064-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3064-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 30, 2022

Closing stretch-security

Dear ftpmasters, Given stretch has now reached LTS EOL[1], can you close it for further uploads? Thanks, Emilio [1] https://lists.debian.org/debian-lts-announce/2020/07/msg3.html

[SECURITY] [DLA 3067-1] Debian 9 Long Term Support reaching end-of-life

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3067-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 01, 2022

Re: ntp warnings with tzdata leap-seconds file

On 27/06/2022 16:33, Marc SCHAEFER wrote: On another subject, I still get the ntp warnings even after updating tzdata, and restarting ntpd manually, also with buster: Jun 27 16:31:40 virtual ntpd[17024]: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): will expire in less than one

Re: [Git][security-tracker-team/security-tracker][master] 8 commits: Wrote a script to bulk add EOL entries for LTS buster.

Hi Ola, On 11/07/2022 23:24, Ola Lundqvist (@opal) wrote: Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker Commits: 55001d9c by Ola Lundqvist at 2022-07-11T23:23:41+02:00 Wrote a script to bulk add EOL entries for LTS buster. - - - - - b4c0adda by Ola

[SECURITY] [DLA 3051-1] tzdata new timezone database

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3051-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 15, 2022

[SECURITY] [DLA 3041-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3041-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2022

[SECURITY] [DLA 3040-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3040-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2022

[SECURITY] [DLA 3042-1] clamav security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3042-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2022

Re: buster & ntpd leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): will expire in less than 19 days

I will take a look at this and coordinate with the maintainer. Cheers, Emilio El jue, 9 jun 2022 12:22, Marc SCHAEFER escribió: > On Thu, Jun 09, 2022 at 09:49:31AM +, Schmidt, Bernhard wrote: > > /usr/share/zoneinfo/leap-seconds.list is provided by the tzdata > > package. That one would

Re: [Git][security-tracker-team/security-tracker][master] 8 commits: Wrote a script to bulk add EOL entries for LTS buster.

Hi, On 12/07/2022 13:51, Ola Lundqvist wrote: Hi Emilio Sorry for this. I used the lts-cve-triage.py script and noticed a ton of things to do. Heh. Salvatore predicted that that script would suggest triaging buster, and this would happen. I thought my emails would be enough, but as usual he

[SECURITY] [DLA 2992-1] openvpn security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2992-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 03, 2022

Re: Lintian errors on ffmpeg

On 04/05/2022 09:58, Neil Williams wrote: On Wed, 4 May 2022 09:43:06 +0200 Enrico Zini wrote: Hello, I'm working at a LTS release of ffmpeg, and the CI is failing with Lintian errors that weren't present in the previous version: Is the version of lintian in this Salsa CI environment

[SECURITY] [DLA 2994-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2994-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 05, 2022

[SECURITY] [DLA 3076-1] freecad security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3076-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 18, 2022

Re: [SECURITY] [DLA 3077-1] ruby-tzinfo security update

Hi Chris, On 18/08/2022 19:46, Chris Lamb wrote: - Debian LTS Advisory DLA-3077-1debian-lts@lists.debian.org https://www.debian.org/lts/security/ Chris Lamb August 18, 2022

[SECURITY] [DLA 3121-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3121-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 26, 2022

[SECURITY] [DLA 3124-1] webkit2gtk security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3124-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 28, 2022

Re: What do do with bullseye minor issues?

On 28/09/2022 23:54, Ola Lundqvist wrote: Hi Sylvain Took me a month to get down here in the email backlog. I think your reasoning makes sense. I have added the following to the LTS/Development page. "If a CVE has been fixed in Debian Stable it should, in general, be fixed in LTS as well, or

Re: Bug#1021648: buster-pu: package node-xmldom/0.1.27+ds-1+deb10u1

Hi Yadd, On 12/10/2022 18:38, Salvatore Bonaccorso wrote: +node-xmldom (0.1.27+ds-1+deb10u1) buster; urgency=medium + + * Team upload + * Fix prototype pollution (Closes: #1021618, CVE-2022-37616) + + -- Yadd Wed, 12 Oct 2022 10:07:56 +0200 Thanks for preparing this. I wonder if a fix for

[SECURITY] [DLA 3154-1] node-xmldom security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3154-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 18, 2022

Re: Bug#1021648: buster-pu: package node-xmldom/0.1.27+ds-1+deb10u1

On 18/10/2022 10:23, Yadd wrote: On 18/10/2022 09:28, Emilio Pozuelo Monfort wrote: Hi Yadd, On 12/10/2022 18:38, Salvatore Bonaccorso wrote: +node-xmldom (0.1.27+ds-1+deb10u1) buster; urgency=medium + +  * Team upload +  * Fix prototype pollution (Closes: #1021618, CVE-2022-37616

[SECURITY] [DLA 3156-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3156-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 20, 2022

[SECURITY] [DLA 3159-1] libbluray bugfix update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3159-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 25, 2022

[SECURITY] [DLA 3158-1] wkhtmltopdf security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3158-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 24, 2022

[SECURITY] [DLA 3161-1] tzdata new timezone database

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3161-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 26, 2022

[SECURITY] [DLA 3162-1] libdatetime-timezone-perl new timezone database

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3162-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 26, 2022

[SECURITY] [DLA 3170-1] thunderbird security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3170-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 30, 2022

Re: Please push to salsa.debian.org/mariadb-team/mariadb-10.3

On 22/10/2022 01:32, Otto Kekäläinen wrote: Hi Emilio! Please try pushing now. I don't see any of your commits on https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster yet. Pushed now. Sorry for the delay. I had the commits ready, but the deb10u1 commit didn't match what I had

[SECURITY] [DLA 3115-1] e17 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3115-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 19, 2022

[SECURITY] [DLA 3116-1] mako security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3116-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 21, 2022

[SECURITY] [DLA 3103-1] zlib security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3103-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 12, 2022

Re: [SECURITY] [DLA 3107-1] sqlite3 security update

Hi, On 13/09/2022 16:25, Chris Lamb wrote: - Debian LTS Advisory DLA-3107-1debian-lts@lists.debian.org https://www.debian.org/lts/security/ Chris Lamb September 13, 2022

Re: Updating OpenStack compute (aka src:nova) in Buster

Hi Thomas, On 11/09/2022 12:50, Thomas Goirand wrote: Hi, In the OpenStack team git, there are updates for nova 2:18.1.0-6+deb10u1 (CVE-2019-14433/ OSSA-2019-003). Can someone pick it up and upload it to Buster? It was never accepted in Buster due to the difficulties communicating with the

Re: Bug#961654: buster-pu: package bzip2/1.0.6-9.2~deb10u1

Hi Chris, On 14/09/2022 05:48, Chris Frey wrote: On the other hand, the fix has been known since 2019 and looks like a prime problem for an LTS newbie volunteer like me. I have created the fix based on the Debian/bzip2 repo, the fix is in the debian/buster branch. git clone

Re: Bug#961654: buster-pu: package bzip2/1.0.6-9.2~deb10u1

On 13/09/2022 16:46, Sylvain Beucler wrote: Hi, IIUC this is about fixing 2 non-security bugs, that were introduced prior to buster's initial release. I personally don't think this fits the LTS project scope. Maybe other LTS members will have a different opinion. We've had bugfix updates

[SECURITY] [DLA 3110-1] glib2.0 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3110-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 15, 2022

[SECURITY] [DLA 3118-1] unzip security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3118-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 22, 2022

[SECURITY] [DLA 3112-1] bzip2 bugfix update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3112-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 16, 2022

Re: Bug#961654: buster-pu: package bzip2/1.0.6-9.2~deb10u1

Hi Santiago, On 15/09/2022 09:52, Emilio Pozuelo Monfort wrote: On 14/09/2022 15:42, Santiago R.R. wrote: El 14/09/22 a las 13:58, Emilio Pozuelo Monfort escribió: On 13/09/2022 16:46, Sylvain Beucler wrote: Hi, IIUC this is about fixing 2 non-security bugs, that were introduced prior

[SECURITY] [DLA 3114-1] mariadb-10.3 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3114-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 16, 2022

[SECURITY] [DLA 3109-1] nova security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3109-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 15, 2022

Re: Bug#961654: buster-pu: package bzip2/1.0.6-9.2~deb10u1

On 14/09/2022 15:42, Santiago R.R. wrote: El 14/09/22 a las 13:58, Emilio Pozuelo Monfort escribió: On 13/09/2022 16:46, Sylvain Beucler wrote: Hi, IIUC this is about fixing 2 non-security bugs, that were introduced prior to buster's initial release. I personally don't think this fits

[SECURITY] [DLA 3101-1] libxslt security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3101-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 09, 2022

[SECURITY] [DLA 3136-1] barbican security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3136-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 04, 2022

[SECURITY] [DLA 3144-1] connman security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3144-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 10, 2022

[SECURITY] [DLA 3142-1] dbus security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3142-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 10, 2022

Re: [SECURITY] [DLA 3140-1] libpgjava security update

Hi Onny, On 10/10/2022 10:01, Onny van den Boom wrote: Best, Is it possible to change the subscription of gysb...@hippoline.nl in helpd...@hippoline.nl? You can subscribe or unsubscribe by filling the form in https://lists.debian.org/debian-lts-announce/ Note that you will get a

[SECURITY] [DLA 3134-1] tzdata new timezone database

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3134-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 03, 2022

[SECURITY] [DLA 3135-1] libdatetime-timezone-perl new timezone database

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3135-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 03, 2022

Re: Please push to salsa.debian.org/mariadb-team/mariadb-10.3

On 26/09/2022 05:39, Otto Kekäläinen wrote: Hello Emilio! I see you uploaded: https://tracker.debian.org/news/1362643/accepted-mariadb-103-110336-0deb10u1-source-into-oldstable/ I don't see the commits at https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster - please push there

[SECURITY] [DLA 3114-2] mariadb-10.3 regression update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-3114-2debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 30, 2022

<    3   4   5   6   7   8   9   10   >