On Sun, 2023-10-01 at 18:37 +0100, Adam D. Barratt wrote:
> wb nmu 10 gitit haskell-hakyll . ANY . unstable . -m "Rebuild to
> clear version space for rebuilds in stable; see #1042058"
> wb nmu 6 gitit haskell-hakyll . ANY . bookworm . -m "Rebuild against
> new pando
On Sun, 2023-10-01 at 19:57 +0300, Adrian Bunk wrote:
> On Tue, Jul 25, 2023 at 11:39:38PM +0200, Guilhem Moulin wrote:
> > ...
> > The Security Team decided not to issue a DSA for that CVE, but it's
> > now fixed in
> > buster-security (2.2.1-3+deb10u1) as well as sid (2.17.1.1-2), so
> > it
[Please CC me on replies and keep discussion on d-release regardless of
how you received the mail]
Hi,
SRM is considering using an ed25519 GPG key for bookworm. Does anyone
see any issues with that?
We've tested merging signatures from a (different) ed25519 key and an
RSA key using dak's
Hi,
On Tue, 2021-08-31 at 19:50 +0530, Utkarsh Gupta wrote:
> Hi Christoph,
>
> On Tue, Aug 31, 2021 at 7:34 PM Christoph Berg
> wrote:
> > I just pushed the changes to the security-tracker git and mailed
> > -lts-announce.
> >
> > If you could update the website, that would be nice.
>
>
Hi,
I noticed that postgresql-9.6 got uploaded to stretch-lts late last
week, but there doesn't appear to have been a DLA issued for it yet.
Is that already in progress?
Thanks,
Adam
Hi,
On Wed, 2020-10-21 at 11:27 +0300, Otto Kekäläinen wrote:
> I just realized Emilio represents the LTS team and he already took
> care of this.
On a related note, according to
https://mariadb.com/kb/en/mariadb-server/ , support for MariaDB 10.1
ended in October.
Assuming that's still
On Mon, 2020-07-06 at 13:25 +0530, Pirate Praveen wrote:
> Just like gitlab was removed from stable, rails can also get removed
> from stable if no one steps up to maintain it. I'm happy with rails
> in just unstable for my use cases. A package can be supported only
> when people are willing to
Hi,
The next - and final - point release for "stretch" (9.13) is scheduled
for Saturday, July 18th. Processing of new uploads into stretch-
proposed-updates will be frozen during the preceding weekend.
Regards,
Adam
Hi,
stretch transitions from oldstable-with-security-support to LTS support
on Saturday July 4th. As usual, we should aim for the final point
release to be soon after that, most likely pulling in any remaining
updates from security.d.o that are still in oldstable-new.
I think Saturday July 11th
On Mon, 2020-05-25 at 00:13 +1000, Hugh McMaster wrote:
> Hi Adam,
>
> On Thu, 21 May 2020 at 19:34, Adam D. Barratt wrote:
> > On Thu, 2020-05-21 at 09:30 +, Mike Gabriel wrote:
> > > Sorry for the delay. I have uploaded +deb9u2 and +deb10u2 of
> > > libexif
On Thu, 2020-05-21 at 09:30 +, Mike Gabriel wrote:
> Sorry for the delay. I have uploaded +deb9u2 and +deb10u2 of
> libexif
> now. I will write the SRU acceptance request bugs this afternoon.
>
There's already #961019 and #961020...
Regards,
Adam
On Mon, 2020-05-18 at 11:40 -0400, Roberto C. Sánchez wrote:
> On Mon, May 18, 2020 at 04:21:42PM +0100, Adam D. Barratt wrote:
> > On Thu, 2020-05-14 at 06:55 +0200, Mike Gabriel wrote:
> > > The Debian LTS team would like to fix the security issues which
> > &g
On Thu, 2020-05-14 at 06:55 +0200, Mike Gabriel wrote:
> The Debian LTS team would like to fix the security issues which are
> currently open in the Jessie version of exim4:
> https://security-tracker.debian.org/tracker/CVE-2020-12783
>
It looks like there was an LTS upload on Saturday night,
On Thu, 2020-02-20 at 17:43 +, Ben Hutchings wrote:
> On Thu, 2020-02-20 at 17:09 +, Holger Levsen wrote:
> [...]
> > sec-master doesn't send mail to the bts. So currently one has to
> > close bugs manually. Or maybe we can change the archive software to
> > do something else.
> >
> > as
Hi,
On 2020-01-07 04:10, robe...@debian.org wrote:
git (1:2.1.4-2.1+deb8u8) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* Apply patches addressing the security issues CVE-2019-1348,
CVE-2019-1349, CVE-2019-1352, CVE-2019-1353, and CVE-2019-1387.
.
On 2019-12-10 06:47, Brian May wrote:
Apparently the fix for ibus creates a regression in glibc that must get
fixed also:
https://gitlab.gnome.org/GNOME/glib/merge_requests/1176
However this patch patches GIO in glibc, and it looks like glibc in
Jessie (2.19-18+deb8u10) doesn't have this
On 2019-09-17 14:24, Roberto C. Sánchez wrote:
On Tue, Sep 17, 2019 at 07:18:54AM +0200, Pascal Hambourg wrote:
Le 16/09/2019 à 22:34, Roberto C. Sánchez a écrit :
> Package: python2.7
> Version: 2.7.9-2+deb8u5
The i386 build failed.
I just tried a local build and it
On 2019-08-19 20:54, Moritz Mühlenhoff wrote:
On Mon, Aug 19, 2019 at 02:27:09PM +0200, Hugo Lefeuvre wrote:
Hi,
I just had a look at xymon's vulnerabilities in jessie, stretch and
buster.
Upstream claims some of these issues to be exploitable, among others
the XSS
vulnerability. I plan
On Fri, 2019-03-29 at 11:13 +0100, Pierre Fourès wrote:
> The way I understand it, but I asked for clarification and
> confirmation in my previous message [1], is that all « updates » goes
> into -proposed-updates/, but the one who need to be quickly applied
> into the distribution (but aren't
On 2019-03-27 11:50, Matus UHLAR - fantomas wrote:
On 27.03.19 11:20, Bernie Elbourn wrote:
If it is possible to wiz up a blank jessie-updates this will save me
visiting a bunch of systems throwing apt errors in next few days.
I wonder if it wasn't blank already. All of its contents was
On Thu, 2018-07-19 at 18:23 +0100, Adam D. Barratt wrote:
> On Thu, 2018-07-19 at 18:42 +0200, Christoph Martin wrote:
> > tags 860064 +stretch
> > tags 860064 +jessie
> > thanks
> >
> > Am 01.07.2018 um 15:38 schrieb Adam D. Barratt:
> > > On Sun, 20
On Thu, 2018-07-19 at 18:42 +0200, Christoph Martin wrote:
> tags 860064 +stretch
> tags 860064 +jessie
> thanks
>
> Am 01.07.2018 um 15:38 schrieb Adam D. Barratt:
> > On Sun, 2018-07-01 at 11:38 +, Martin, Christoph wrote:
> > > dns-root-data had an
Control: tags -1 + wontfix
On Sun, 2018-06-10 at 20:33 -0500, Michael Shuler wrote:
> On 06/08/2018 03:37 PM, Adam D. Barratt wrote:
> >
> > Ping? We're a week away from the final chance to get an update into
> > jessie-as-oldstable before it becomes jessie-lts.
>
Control: tags -1 + moreinfo
On Mon, 2017-10-23 at 08:59 -0400, Antoine Beaupré wrote:
> On 2017-07-19 11:35:56, Michael Shuler wrote:
...
> > I spent a few sessions over the past few days getting the mozilla
> > bundle
> > 2.14 committed to all the suite branches wheezy and newer. I have
> > some
On 2018-05-04 8:20, Raphael Hertzog wrote:
Hello Marc,
On Thu, 03 May 2018, Marc SCHAEFER wrote:
Probably that a downgrade of the clamav suite would solve the problem;
however
there is something wrong in the coherency between wheezy LTS and
jessie, don't
you think?
A newer version is
On Wed, 2017-10-11 at 22:41 +0200, Tobias Köck wrote:
> Hi Adam,
>
> I have found it in the documentation. Thank's for your advice.
Predictably, I only received this after sending a reply to your
previous mail.
Hopefully it will be useful for anyone having similar queries in
future.
Regards,
On Wed, 2017-10-11 at 22:36 +0200, Tobias Köck wrote:
> Hi Adam,
> > They appear to be entirely missing
> > security.debian.org, which is a) quite important and b) where the
> > LTS
> > suites are hosted.
>
> No of course they are there, too. Thanks for asking.
> Is the the security apt source
On Wed, 2017-10-11 at 20:10 +, Holger Levsen wrote:
> On Wed, Oct 11, 2017 at 10:05:14PM +0200, Tobias Köck wrote:
> > does that mean if I don't touch the sources.list with
> >
> > deb http://deb.debian.org/debian/ jessie main
> > deb-src http://deb.debian.org/debian/ jessie main
> >
> > deb
On 2017-07-09 23:18, Chris Lamb wrote:
Hi -lts,
This is probably obvious to someone else, but I am rather confused by
this rejection from security-master.
[...]
The upload includes 'phpldapadmin_1.2.2-5+deb7u1_amd64.changes' whose
filename includes the architecture name amd64, but does not
On 2016-08-08 10:52, Ola Lundqvist wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: mongodb
Version: 2.0.6-1+deb7u1
wheezy already has 2.0.6-1.1, which is a higher version.
Regards,
Adam
On Wed, 2016-05-04 at 18:51 +0100, Ben Hutchings wrote:
> As I understand it, packages are never moved directly from oldstable-
> security to archive.debian.org. Normally they are copied to oldstable
> in a final point release, and then moved to archive.debian.org. In
> this case, there was a
On Mon, 2016-02-22 at 18:42 +0100, Guido Günther wrote:
> Hi Adam,
> On Sat, Feb 20, 2016 at 02:27:27PM +, Adam D. Barratt wrote:
[...]
> > If so then we need to consider how the transition works in the short
> > term. For example, the final point release of oldstable occurs
[apologies to anyone who's ended up with three copies of this; the
original got eaten due to a misconfiguration on my side - please only
reply to this copy]
Hi,
As I understand it, the plan is for wheezy-lts to re-use
security.d.o:wheezy/updates directly, rather than a separate suite on
On Thu, 2015-11-26 at 13:07 -0500, Antoine Beaupré wrote:
> On 2015-11-26 12:41:38, Raphael Hertzog wrote:
> > I don't see any "Accepted" mail in
> > https://lists.debian.org/debian-lts-changes/2015/11/threads.html and they
> > tend to appear rather shortly after the upload.
> >
> > So I guess
On Thu, 2015-11-26 at 16:59 -0500, Antoine Beaupré wrote:
> On 2015-11-26 13:07:42, Antoine Beaupré wrote:
> > On 2015-11-26 12:41:38, Raphael Hertzog wrote:
> >> Hi,
> >>
> >> On Thu, 26 Nov 2015, Antoine Beaupré wrote:
> >>> Somehow i still built the package with the (harmless) fix... I wonder
>
On 2015-08-07 16:56, golinux wrote:
Unbelievable. You deleted - IOW censored - my comments and others in
this kernel failure question to this list.
https://lists.debian.org/debian-lts/2014/12/msg00035.html
I'm confused. That link shows two posts from you in that thread, which
is exactly
On Wed, 2015-07-01 at 23:35 +0200, Mats Erik Andersson wrote:
Wednesday den 1 July 2015 klockan 21:26 skrev Thorsten Alteholz detta:
Hi Mats,
from my point of view it would be great to have this patch
in oldoldstable as well.
I did not understand that oldoldstable and squeeze-lts are
On Sun, 2014-11-23 at 19:43 +0100, Holger Levsen wrote:
oh, btw: jessie has -2, sid -3, with changes unsuitable for wheezy and
targeted at jessie. this needs an unblock request to let -3 migrate to jessie
and have the binaries removed from sid first... anybody doing this?
It needs more than
On Sun, 2014-11-23 at 21:03 +0100, Holger Levsen wrote:
Hi Adam,
On Sonntag, 23. November 2014, Adam D. Barratt wrote:
On Sun, 2014-11-23 at 19:43 +0100, Holger Levsen wrote:
oh, btw: jessie has -2, sid -3, with changes unsuitable for wheezy and
targeted at jessie. this needs
+o-p-u, until a point release). There
are never packages in squeeze-updates which are not also in
squeeze+o-p-u.
this is what I wanted to know and what I hoped for...
I think I have already asked about that some time ago.
On 08.10.14 13:32, Adam D. Barratt wrote:
It's also explained
On 2014-10-08 17:35, Adam D. Barratt wrote:
Hi,
On 2014-10-08 17:23, Holger Levsen wrote:
On Mittwoch, 8. Oktober 2014, Adam D. Barratt wrote:
The real question is if there are different packages in squeeze and
squeeze-proposed-updates, to which one are security patches applied
and
[...]
do
On 2014-10-04 11:30, Matus UHLAR - fantomas wrote:
What about squeeze-updates (formerly volatile)?
Are they still needed?
Are security fixes applied to packages in squeeze or squeeze-updates?
That question doesn't make sense. squeeze-updates is a strict subset of
squeeze (technically
On Thu, 2014-06-05 at 19:39 +0200, Christoph Biedl wrote:
Matus UHLAR - fantomas wrote...
which sources I should keep in sources.list?
[...]
- main squeeze
- updates (formerly volatile)
These two should not see any further updates, but see above.
main squeeze will, once - there'll be
On 2014-05-29 15:22, Bret Austen wrote:
It does not appear that this package (check-support-status) is in
deb http://http.debian.net/debian [1] squeeze-lts main contrib
non-free
There is no check-support-status package. The script of that name is
in the debian-security-support package.
On Wed, 2014-05-28 at 03:53 +0800, Bret Busby wrote:
I followed the procedure specified at
https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list
[...]
When I ran apt-get update and then apt-get upgrade (I usual use the
update applet in the taskbar, to check for
45 matches
Mail list logo
