Jessie update of gpac?

2019-02-10 Thread Ola Lundqvist
Dear maintainers, The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of gpac: https://security-tracker.debian.org/tracker/CVE-2018-20760 https://security-tracker.debian.org/tracker/CVE-2018-20761

Re: Bug#921663: Please add python-certbot update to jessie-backports

2019-02-10 Thread Holger Levsen
Hi Ola & Brad, thank you for your quick feedback! On Sat, Feb 09, 2019 at 09:27:53PM +0100, Ola Lundqvist wrote: > Here is a little more extensive list of dependencies: > > python-certbot (of course as it is the one providing certbot) > python3-acme (>= 0.26.0~) - not in jessie, available in

Re: Bug#921663: Please add python-certbot update to jessie-backports

2019-02-10 Thread Ola Lundqvist
Hi Yes I have also been thinking that it would be possible to provide them in a separate repository. Best regards // Ola On Sun, 10 Feb 2019 at 15:40, Holger Levsen wrote: > Hi Ola & Brad, > > thank you for your quick feedback! > > On Sat, Feb 09, 2019 at 09:27:53PM +0100, Ola Lundqvist

Re: Alternative triage script

2019-02-10 Thread Ola Lundqvist
Hi Salvatore Thank you for reporting this to the correct place. We can remove the script when this is resolved. // Ola On Sun, 10 Feb 2019 at 17:30, Salvatore Bonaccorso wrote: > Hi, > > On Sun, Feb 10, 2019 at 05:02:32PM +0100, Ola Lundqvist wrote: > > Hi all > > > > The last few days the

Alternative triage script

2019-02-10 Thread Ola Lundqvist
Hi all The last few days the tracker json data 8 [1] seems to be not working. For the extended LTS I wrote an auto end of life script that fetch data directly from the website (that seems to be in sync) and based on that I could continue to triage the vulnerabilities. If other people stumble on

Re: Alternative triage script

2019-02-10 Thread Salvatore Bonaccorso
Hi, On Sun, Feb 10, 2019 at 05:02:32PM +0100, Ola Lundqvist wrote: > Hi all > > The last few days the tracker json data 8 [1] seems to be not working. For > the extended LTS I wrote an auto end of life script that fetch data > directly from the website (that seems to be in sync) and based on

Jessie update of libsdl1.2 and libsdl2?

2019-02-10 Thread Ola Lundqvist
Dear maintainers, The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of libsdl1.2 and libsdl2: https://security-tracker.debian.org/tracker/CVE-2019-7572 https://security-tracker.debian.org/tracker/CVE-2019-7573

tiff

2019-02-10 Thread Brian May
Hello, Attached is my proposed patch for tiff in Jessie. Regards -- Brian May diff -Nru tiff-4.0.3/debian/changelog tiff-4.0.3/debian/changelog --- tiff-4.0.3/debian/changelog 2018-10-28 22:03:02.0 +1100 +++ tiff-4.0.3/debian/changelog 2019-02-08 14:52:01.0 +1100 @@ -1,3 +1,22

Re: tiff

2019-02-10 Thread Hugo Lefeuvre
Hi, > Attached is my proposed patch for tiff in Jessie. I will be able to test the upload with my usual set of test files tomorrow if necessary. > +From d0a842c5dbad2609aed43c701a12ed12461d3405 Mon Sep 17 00:00:00 2001 > +From: Hugo Lefeuvre > +Date: Wed, 21 Nov 2018 18:50:34 +0100 > +Subject:

Re: tiff

2019-02-10 Thread Ola Lundqvist
Hi Brian I made a brief look and I have nothing to complain about. // Ola On Sun, 10 Feb 2019 at 21:55, Brian May wrote: > Hello, > > Attached is my proposed patch for tiff in Jessie. > > Regards > -- > Brian May > -- --- Inguza Technology AB --- MSc in Information Technology /

Re: [SECURITY] [DSA 4371-1] apt security update

2019-02-10 Thread Steve McIntyre
On Fri, Feb 08, 2019 at 11:23:54AM +0100, Emilio Pozuelo Monfort wrote: > >I have done an automated install (ncurses frontend, installing GNOME) using the >netinst/amd64 image, with an LVM encrypted volume. I have also tested the CD1 >media, using the graphical installer, doing an SSH server