Accepted gosa 2.6.11-3+squeeze3 (source all) into squeeze-lts

2014-12-18 Thread Mike Gabriel
gosa-plugin-uw-imap gosa-plugin-webdav Architecture: source all Version: 2.6.11-3+squeeze3 Distribution: squeeze-lts Urgency: medium Maintainer: Debian Edu Packaging Team debian-edu-pkg-t...@lists.alioth.debian.org Changed-By: Mike Gabriel sunwea...@debian.org Description: gosa - Web Based

Re: Request for review: xorg-server 2:1.7.7-18+deb6u2 (CVE-2015-0255)

2015-04-22 Thread Mike Gabriel
Hi again... On Mi 22 Apr 2015 14:31:40 CEST, Mike Gabriel wrote: Debdiff is attached to this mail. The .dsc file can be obtained via [1]. and here comes the missing .debdiff... Mike -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8

Request for review xdg-utils 1.0.2+cvs20100307-2+deb6u1

2015-04-22 Thread Mike Gabriel
. The .dsc file (source package) can be obtained from [1]. Thanks! Mike [1] http://packages.it-zukunft-schule.de/debian/pool/main/x/xdg-utils/xdg-utils_1.0.2+cvs20100307-2+deb6u1.dsc -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF

Request for review: xorg-server 2:1.7.7-18+deb6u2 (CVE-2015-0255)

2015-04-22 Thread Mike Gabriel
some feedback, Mike [1] http://packages.it-zukunft-schule.de/debian/pool/main/x/xorg-server/xorg-server_1.7.7-18+deb6u2.dsc -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org

Bug#784214: allow manual override for the regression DLA/DSA Id

2015-05-04 Thread Mike Gabriel
Package: security-tracker Severity: wishlist Tags: patch Hi, attached is a patch that adds manual DLA/DSA id override support if an upload tackles a regression already announce via an earlier DSA/DLA. Current use case / example: xorg-server ver+deb6u1 (DLA-120-1) fixed CVE-2014-8092

Accepted xorg-server 2:1.7.7-18+deb6u3 (source all amd64) into squeeze-lts

2015-05-01 Thread Mike Gabriel
: source all amd64 Version: 2:1.7.7-18+deb6u3 Distribution: squeeze-lts Urgency: medium Maintainer: Debian X Strike Force debia...@lists.debian.org Changed-By: Mike Gabriel sunwea...@debian.org Description: xdmx - distributed multihead X server xdmx-tools - Distributed Multihead X tools xnest

Accepted xorg-server 2:1.7.7-18+deb6u2 (source all amd64) into squeeze-lts

2015-04-30 Thread Mike Gabriel
: source all amd64 Version: 2:1.7.7-18+deb6u2 Distribution: squeeze-lts Urgency: high Maintainer: Debian X Strike Force debia...@lists.debian.org Changed-By: Mike Gabriel sunwea...@debian.org Description: xdmx - distributed multihead X server xdmx-tools - Distributed Multihead X tools xnest

Re: Accepted fuse 2.8.4-1.1+deb6u1 (source amd64) into squeeze-lts

2015-06-06 Thread Mike Gabriel
Hi László, On Fr 05 Jun 2015 21:03:03 CEST, László Böszörményi (GCS) wrote: Hi all, On Thu, Jun 4, 2015 at 11:18 AM, Mike Gabriel mike.gabr...@das-netzwerkteam.de wrote: On Mi 03 Jun 2015 16:12:19 CEST, Holger Levsen wrote: On Dienstag, 2. Juni 2015, Laszlo Boszormenyi wrote: Source

Re: Accepted fuse 2.8.4-1.1+deb6u1 (source amd64) into squeeze-lts

2015-06-04 Thread Mike Gabriel
, Holger Let me know if you need a hand with this. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel

Security update of libxml2 in Debian squeeze-lts

2015-06-04 Thread Mike Gabriel
-- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb diff -u libxml2-2.7.8.dfsg

Accepted wordpress 3.6.1+dfsg-1~deb6u6 (source all) into squeeze-lts

2015-06-01 Thread Mike Gabriel
Changed-By: Mike Gabriel sunwea...@debian.org Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files Closes: 770425 783347 783554 Changes: wordpress (3.6.1+dfsg-1~deb6u6) squeeze-lts; urgency=medium . [ Mike Gabriel ] * Non-maintainer upload

Re: squeeze update of fuse?

2015-06-01 Thread Mike Gabriel
Hi Laszlo, - Original message - On Mon, Jun 1, 2015 at 3:36 PM, Mike Gabriel mike.gabr...@das-netzwerkteam.de wrote: On  Mo 01 Jun 2015 11:44:27 CEST, László Böszörményi (GCS) wrote: I consider this my fault - I had the assumption that Thorsten will or already did this. As he

Re: squeeze update of fuse?

2015-05-30 Thread Mike Gabriel
is great!!!). Regards, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb

Re: Debian squeeze LTS, a last release

2015-05-30 Thread Mike Gabriel
that the Debian project is so well documented, because asking all the relevant questions would be more time consuming than reading good documentation.] Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr

bin/genDLA proposal: auto-commit requested DLA numbers (was: Re: [SECURITY] [DLA 265-1] unattended-upgrades security update)

2015-07-03 Thread Mike Gabriel
Hi all, On Fr 03 Jul 2015 13:49:29 CEST, Mike Gabriel wrote: Can this svn commit for the DLA number not be done within bin/genDLA ? Well... Actually it could. Good point. Let me get some feedback from the security team as genDLA is a symlink to genDSA which is the main tool used

Re: bin/genDLA proposal: auto-commit requested DLA numbers (was: Re: [SECURITY] [DLA 265-1] unattended-upgrades security update)

2015-07-03 Thread Mike Gabriel
Hi Raphael, On Fr 03 Jul 2015 21:19:14 CEST, Raphael Hertzog wrote: On Fri, 03 Jul 2015, Mike Gabriel wrote: I just discussed this with Moritz Mühlenhoff on #debian-security. His request is to leave all genDSA specific stuff in the genD{S,L}A script untouched. What about the attached patch

Re: bin/genDLA proposal: auto-commit requested DLA numbers (was: Re: [SECURITY] [DLA 265-1] unattended-upgrades security update)

2015-07-05 Thread Mike Gabriel
HI Raphael, On Sa 04 Jul 2015 08:25:27 CEST, Raphael Hertzog wrote: Hi, On Sat, 04 Jul 2015, Mike Gabriel wrote: It displays a colorful warning and offers to commit only the modified file (if you use svn, if you use git-svn like me, you're on your own). Why not also commit the changes

Accepted pykerberos 1.1+svn4895-1+deb6u1 (source amd64) into squeeze-lts

2015-07-03 Thread Mike Gabriel
-maintain...@lists.alioth.debian.org Changed-By: Mike Gabriel sunwea...@debian.org Description: python-kerberos - A GSSAPI interface module for Python Changes: pykerberos (1.1+svn4895-1+deb6u1) squeeze-lts; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * Add KDC

Re: [SECURITY] [DLA 265-1] unattended-upgrades security update

2015-07-03 Thread Mike Gabriel
Hi Holger, On Fr 03 Jul 2015 12:48:06 CEST, Holger Levsen wrote: Hi, On Freitag, 3. Juli 2015, Mike Gabriel wrote: The only way I can think of in terms of making this more fool proof, I guess, is by rejecting mails to debian-lts-announce if o a used DLA has not been reserved via

Re: [SECURITY] [DLA 265-1] unattended-upgrades security update

2015-07-03 Thread Mike Gabriel
-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpD6YCUlUBhe.pgp Description: Digitale PGP

Re: libxml2 in squeeze-lts: remove or activate patch files in debian/patches

2015-07-03 Thread Mike Gabriel
somewhere? Or is it documented in the Debian policy? Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy

Re: [SECURITY] [DLA 265-1] unattended-upgrades security update

2015-07-03 Thread Mike Gabriel
On Fr 03 Jul 2015 13:08:25 CEST, Christian Mack wrote: Hello Am 03.07.2015 um 13:03 schrieb Mike Gabriel: Hi Holger, On Fr 03 Jul 2015 12:48:06 CEST, Holger Levsen wrote: Hi, On Freitag, 3. Juli 2015, Mike Gabriel wrote: The only way I can think of in terms of making this more fool

Re: Bug#793616: marked as done (openssh: CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices)

2015-08-20 Thread Mike Gabriel
-up advisory. -- Colin Watson                                      Thanks for feedback, I put the above on my radar and will check and follow-up when I have returned from VAC. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976148 GnuPG Key ID 0x25771B13

Accepted libxml2 2.7.8.dfsg-2+squeeze12 (source amd64 all) into squeeze-lts

2015-06-30 Thread Mike Gabriel
: squeeze-lts Urgency: medium Maintainer: Debian XML/SGML Group debian-xml-sgml-p...@lists.alioth.debian.org Changed-By: Mike Gabriel sunwea...@debian.org Description: libxml2- GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME

debdiff for CVE-2015-3206 (pykerberos)

2015-06-30 Thread Mike Gabriel
/pykerberos/commit/02d13860b25fab58e739f0e000bed0067b7c6f9c [2] https://security-tracker.debian.org/tracker/CVE-2015-3206 -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

Re: squeeze update of remind?

2015-08-07 Thread Mike Gabriel
of the update. Have been a CVE number assigned already? Ana ooopss... Sorry! Only found/read this mail now. I have just uploaded a fix for the above issue to squeeze-lts. Hope that was ok. Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID

Accepted remind 03.01.05-2+deb6u1 (source amd64) into squeeze-lts

2015-08-07 Thread Mike Gabriel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 07 Aug 2015 12:59:10 +0200 Source: remind Binary: remind tkremind Architecture: source amd64 Version: 03.01.05-2+deb6u1 Distribution: squeeze-lts Urgency: medium Maintainer: Kurt B. Kaiser k...@shore.net Changed-By: Mike

[SECURITY] [DLA 289-1] remind security update

2015-08-07 Thread Mike Gabriel
provided. -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net signature.asc Description: Digital signature

Re: squeeze update of remind?

2015-08-07 Thread Mike Gabriel
Dear Ana, - Original message - On Fri, Aug 07, 2015 at 11:17:57AM +, Mike Gabriel wrote: Hi Ana, On  Mi 29 Jul 2015 23:13:39 CEST, Ana Guerrero Lopez wrote: On Wed, Jul 29, 2015 at 04:45:37PM +0200, Santiago Ruano Rincón wrote: Hello dear maintainer(s

CVE-2015-5352: openSSH in squeeze not affected(?)

2015-07-16 Thread Mike Gabriel
mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgp7D8FunZ8Um.pgp Description: Digitale PGP-Signatur

Re: VirtualBox support in squeeze LTS

2015-09-07 Thread Mike Gabriel
on the wiki, "virtualbox-ose (Mike Gabriel)" so please Mike, can you get the packaging and followup with the upload? You can dget them easily from DoM, or ask me to put them everywhere else I don't know that LTS stuff enough to learn it and do things correctly. I would appreciate to

Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet

2015-09-29 Thread Mike Gabriel
Hi Raphael, On Di 29 Sep 2015 13:55:06 CEST, Raphael Hertzog wrote: On Tue, 29 Sep 2015, Mike Gabriel wrote: Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (i.e., when triaging the latest security issue in that package)? Ye

Accepted virtualbox-ose 3.2.28-dfsg-1+squeeze1 (source amd64 all) into squeeze-lts

2015-09-29 Thread Mike Gabriel
-guest-x11 virtualbox-ose-guest-utils virtualbox-ose-fuse Architecture: source amd64 all Version: 3.2.28-dfsg-1+squeeze1 Distribution: squeeze-lts Urgency: medium Maintainer: Debian Virtualbox Team <pkg-virtualbox-de...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@d

Accepted vorbis-tools 1.4.0-1+deb6u1 (source amd64) into squeeze-lts

2015-09-29 Thread Mike Gabriel
pkg-xiph-ma...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@debian.org> Description: vorbis-tools - several Ogg Vorbis tools vorbis-tools-dbg - several Ogg Vorbis tools (debug files) Closes: 771363 776086 797461 Changes: vorbis-tools (1.4.0-1+deb6u1) squeeze-lts; ur

Re: [SECURITY] [DLA 317-1] vorbis-tools security update

2015-09-29 Thread Mike Gabriel
HI Raphael, On Di 29 Sep 2015 11:45:19 CEST, Raphael Hertzog wrote: Hello Mike, On Tue, 29 Sep 2015, Mike Gabriel wrote: Package: vorbis-tools Version: 1.4.0-1+deb6u1 This package seems to have never been uploaded to squeeze-lts... You are supposed to wait until you get

libemail-address-perl, no "squeeze update of ..." mail sent, yet

2015-09-29 Thread Mike Gabriel
ke -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgptW_0f7VawL.pgp Description

Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet

2015-09-29 Thread Mike Gabriel
Hi again, On Di 29 Sep 2015 15:06:23 CEST, Mike Gabriel wrote: Hi Raphael, On Di 29 Sep 2015 13:55:06 CEST, Raphael Hertzog wrote: On Tue, 29 Sep 2015, Mike Gabriel wrote: Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (

Re: libemail-address-perl, no "squeeze update of ..." mail sent, yet

2015-09-29 Thread Mike Gabriel
Hi again, On Di 29 Sep 2015 15:06:23 CEST, Mike Gabriel wrote: Hi Raphael, On Di 29 Sep 2015 13:55:06 CEST, Raphael Hertzog wrote: On Tue, 29 Sep 2015, Mike Gabriel wrote: Is there a reason that no "squeeze update of ..." mail has been sent for libemail-address-perl, yet, (

[SECURITY] [DLA 288-2] openssh regression update

2015-09-29 Thread Mike Gabriel
) systems are recommended to upgrade OpenSSH to 1:5.5p1-6+squeeze7. [1] https://lists.debian.org/debian-lts-announce/2015/08/msg1.html -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea

Accepted libemail-address-perl 1.889-2+deb6u2 (source all) into squeeze-lts

2015-09-29 Thread Mike Gabriel
ain...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@debian.org> Description: libemail-address-perl - RFC 2822 Address Parsing and Creation Changes: libemail-address-perl (1.889-2+deb6u2) squeeze-lts; urgency=medium . * Non-maintainer upload by the Debian LTS Te

Re: Marking TEMP-* issues as resolved

2015-09-29 Thread Mike Gabriel
at change (or such)? The commit directly after the above mail seems to be rev36841, but that only contains references to upstream fixes, not a reference from data/CVE/list to a DLA in data/DLA/list. Just curious and eager to learn more about the workflow of Debian security and LTS, Mike

Re: squeeze update of wordpress?

2015-09-30 Thread Mike Gabriel
on fixing wordpress in squeeze-lts now. Regards, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das

[SECURITY] [DLA 321-1] wordpress security update

2015-09-30 Thread Mike Gabriel
lists. -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net signature.asc Description: Digital signature

[SECURITY] [DLA 323-1] fuseiso security update

2015-10-01 Thread Mike Gabriel
running the fuseiso executable. This issue was discovered by Florian Weimer of Red Hat Product Security Team. The issue got resolved by checking the resulting length of an absolute path name and by bailing out if the platform's PATH_MAX value gets exceeded. -- mike gabriel

[SECURITY] [DLA 322-1] commons-httpclient security update

2015-10-01 Thread Mike Gabriel
by the SSL initialization code in commons-httpclient. This upload fixes this issue by respecting the configured SO_TIMEOUT during SSL handshakes with the server. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1259892 -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148

Re: squeeze update of fuseiso?

2015-10-01 Thread Mike Gabriel
the reproducer ISO images at hand. Greets, Mike [1] https://bugzilla.redhat.com/show_bug.cgi?id=862211 [2] https://bugzilla.redhat.com/show_bug.cgi?id=861358 -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das

Accepted fuseiso 20070708-2+deb6u1 (source amd64) into squeeze-lts

2015-10-01 Thread Mike Gabriel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 01 Oct 2015 05:52:08 +0200 Source: fuseiso Binary: fuseiso Architecture: source amd64 Version: 20070708-2+deb6u1 Distribution: squeeze-lts Urgency: medium Maintainer: David Paleino <da...@debian.org> Changed-By: Mike G

Accepted commons-httpclient 3.1-9+deb6u2 (source all) into squeeze-lts

2015-09-30 Thread Mike Gabriel
: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@debian.org> Description: libcommons-httpclient-java - A Java(TM) library for creating HTTP clients libcommons-httpclient-java-doc - Documentation for libcommons-httpclient-java Cl

Re: squeeze update of vorbis-tools?

2015-09-21 Thread Mike Gabriel
update of vorbis-tools during this week. light+love, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel

Accepted libvncserver 0.9.7-2+deb6u2 (source amd64) into squeeze-lts

2016-01-04 Thread Mike Gabriel
QA Group <packa...@qa.debian.org> Changed-By: Mike Gabriel <sunwea...@debian.org> Description: libvncserver-dev - API to write one's own vnc server - development files libvncserver0 - API to write one's own vnc server libvncserver0-dbg - debugging symbols for libvncserver linu

[SECURITY] [DLA 380-1] libvncserver security update

2016-01-04 Thread Mike Gabriel
ver/commit/804335f9d296440bb708ca844f5d89b58b50b0c6 -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net signature.asc Description: Digital signature

Re: squeeze update of tiff?

2016-01-04 Thread Mike Gabriel
ZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40das-netzwerkteam.de pgp_42zjuAAts.pgp De

Re: Security update of Gosa

2016-06-21 Thread Mike Gabriel
. Greets, Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpidsAkHdQ2g.pgp Description: Digitale PGP-Signatur

squeeze update of openssh?

2016-01-15 Thread Mike Gabriel
and/or test the updated package before it gets released. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS team might start working on this update at any point in time. You can verify whether someone is registered on this update in this file: https

Re: squeeze update of openssh?

2016-01-15 Thread Mike Gabriel
ted by one of those TEMP issues, the other one (X11 SECURITY / ssh -X issue) should get fixed IMHO. Greets, Mike -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, h

Re: isc-dhcp-server in squeeze-lst broken after update

2016-01-18 Thread Mike Gabriel
dback on the provided .debdiff is welcome. I will rebuild my chroots, test removing again the CFLAGS export in debian/rules and test the resulting packages once more. /me sighs and deeply apologizes, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148

Re: isc-dhcp-server in squeeze-lst broken after update

2016-01-17 Thread Mike Gabriel
out and addressed with next upload first. I will upload +squeeze10 with attached .debdiff later today. Any feedback on the provided .debdiff is welcome. Thanks+Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.g

Re: isc-dhcp-server in squeeze-lst broken after update

2016-01-18 Thread Mike Gabriel
sc-dhcp.pkg/isc-dhcp_4.1.1-P1-15+squeeze9_4.1.1-P1-15+squeeze10.debdiff -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/mailxc

Re: isc-dhcp-server in squeeze-lst broken after update

2016-01-18 Thread Mike Gabriel
Hi Ben, On Mo 18 Jan 2016 12:47:51 CET, Ben Hutchings wrote: On Mon, 2016-01-18 at 05:08 +, Mike Gabriel wrote: Hi Ben, hi all, On  So 17 Jan 2016 23:42:19 CET, Ben Hutchings wrote: > On Sun, 2016-01-17 at 13:10 +0100, Olivier Dousse wrote: > > Hi Mike, > > > >

Accepted isc-dhcp 4.1.1-P1-15+squeeze10 (source amd64 all) into squeeze-lts

2016-01-18 Thread Mike Gabriel
-dbg dhcp3-server dhcp3-client dhcp3-relay dhcp3-common dhcp3-dev Architecture: source amd64 all Version: 4.1.1-P1-15+squeeze10 Distribution: squeeze-lts Urgency: medium Maintainer: Debian ISC DHCP maintainers <pkg-dhcp-de...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@d

[SECURITY] [DLA 385-1] isc-dhcp security update

2016-01-14 Thread Mike Gabriel
are affected. We recommend that you upgrade your isc-dhcp packages to version 4.1.1-P1-15+squeeze9 (Debian squeeze LTS). -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http

[SECURITY] [DLA 385-2] isc-dhcp regression update

2016-01-18 Thread Mike Gabriel
] https://bugs.debian.org/811402 -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net signature.asc Description: Digital signature

Accepted isc-dhcp 4.1.1-P1-15+squeeze9 (source amd64 all) into squeeze-lts

2016-01-14 Thread Mike Gabriel
-dbg dhcp3-server dhcp3-client dhcp3-relay dhcp3-common dhcp3-dev Architecture: source amd64 all Version: 4.1.1-P1-15+squeeze9 Distribution: squeeze-lts Urgency: medium Maintainer: Debian ISC DHCP maintainers <pkg-dhcp-de...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@d

Re: triaging CVE-2016-1503+1504

2016-01-25 Thread Mike Gabriel
actions: try exploit, ask upstream, second opinion. did you contact upstream about that alread? I don't want to bother them again. Cheers, -- Guido No, I haven't contacted upstream, yet. Nor have I tried the exploit on dhcpcd in Debian squeeze(-lts). Greets, Mike -- mike gabriel aka sunweaver

Accepted gosa 2.6.11-3+squeeze5 (source all) into squeeze-lts

2016-01-31 Thread Mike Gabriel
gosa-plugin-uw-imap gosa-plugin-webdav Architecture: source all Version: 2.6.11-3+squeeze5 Distribution: squeeze-lts Urgency: medium Maintainer: Debian Edu Packaging Team <debian-edu-pkg-t...@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunwea...@debian.org> Description: gosa

Accepted lxc 0.7.2-1+deb6u1 (source amd64) into squeeze-lts

2016-02-29 Thread Mike Gabriel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 04 Dec 2015 16:17:06 +0100 Source: lxc Binary: lxc Architecture: source amd64 Version: 0.7.2-1+deb6u1 Distribution: squeeze-lts Urgency: medium Maintainer: Guido Trotter <ultrot...@debian.org> Changed-By: Mike Gabriel &

[SECURITY] [DLA 442-1] lxc security update

2016-02-29 Thread Mike Gabriel
() function that prevents lxc from doing mounts onto symbolic links. -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net signature.asc Description

working for wheezy-security until wheezy-lts starts

2016-02-29 Thread Mike Gabriel
g workflow can be very similar to what we are used to. For the interim phase until the 26th of April 2016, however, we need to run a modified approach. Request for feedback and comments... (I have some concrete proposals in mind, but I want to check, if these issues have already been solv

Re: working for wheezy-security until wheezy-lts starts

2016-02-29 Thread Mike Gabriel
VE-2015-6749 """ I think these would be adressed via stable point release updates in wheezy/jessie rather than going via the security team. Yeah, if at all. I just listed them for completeness sake. Mike -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpilfX2MIOoU.pgp Description: Digitale PGP-Signatur

maintainer feedback on CVE-2014-8350 (smarty3)

2016-02-29 Thread Mike Gabriel
://github.com/smarty-php/smarty/commit/279bdbd3521cd717cae6a3ba48f1c3c6823f439d.patch -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das

Re: working for wheezy-security until wheezy-lts starts

2016-03-01 Thread Mike Gabriel
On Di 01 Mär 2016 08:44:08 CET, Guido Günther wrote: On Tue, Mar 01, 2016 at 07:15:28AM +, Mike Gabriel wrote: [..snip..] >>Issues that are unfixed in wheezy but fixed in squeeze: >>* aptdaemon-> CVE-2015-1323 >>* cakephp -> TEMP-0

Re: Wheezy update of freerdp?

2017-07-30 Thread Mike Gabriel
Koschany, on behalf of the Debian LTS team. I'd appreciate, if the the wheezy LTS team could handle the security upload of freerdp(v1). Thanks! Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A

Re: Wheezy update of smarty3?

2018-01-07 Thread Mike Gabriel
will take over fixing the open CVE for smarty3 on wheezy during the week in the course of getting the other versions fixed, too. Ping me again in a week, if no upload has occurred. Thanks, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49

Re: Wheezy update of smarty3?

2018-01-14 Thread mike . gabriel
Hi Chris, On Sunday, January 14, 2018, Chris Lamb wrote: > Hey Mike, > > > I will take over fixing the open CVE for smarty3 on wheezy during the > > week in the course of getting the other versions fixed, too. > > > > Ping me again in a week, if no upload has occurred. > > Hey, how are you

Re: Wheezy update of smarty3?

2018-01-18 Thread Mike Gabriel
code gets executed. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpSmcO

Accepted smarty3 3.1.10-2+deb7u3 (source all) into oldoldstable

2018-01-30 Thread Mike Gabriel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 30 Jan 2018 17:52:14 +0100 Source: smarty3 Binary: smarty3 Architecture: source all Version: 3.1.10-2+deb7u3 Distribution: wheezy-security Urgency: medium Maintainer: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> C

Getting phpldapadmin (CVE-2018-12869) fixed

2018-07-31 Thread Mike Gabriel
it up until then, I will continue my work that I already started today. The other open issue for phpldapadmin (no-dsa, actually) CVE-2017-11107 is easy to fix (Ubuntu has a patch for it). Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148

Re: Jessie update of network-manager-vpnc?

2018-07-31 Thread Mike Gabriel
Hi Michael, On Sa 21 Jul 2018 01:22:50 CEST, Michael Biebl wrote: Am 21.07.2018 um 00:13 schrieb Mike Gabriel: Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of network-manager-vpnc: https://security

[SECURITY] [DLA 1454-1] network-manager-vpnc security update

2018-07-31 Thread Mike Gabriel
eb8u1. We recommend that you upgrade your network-manager-vpnc packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer

Re: Getting phpldapadmin (CVE-2018-12869) fixed

2018-08-16 Thread Mike Gabriel
Hi Brian, On Do 16 Aug 2018 09:15:11 CEST, Brian May wrote: Mike Gabriel writes: Unfortunately, I can only continue working on this when back from vacation (13th Aug). I will remove my name from the package in dla-needed.txt and if noone else has picked it up until then, I will continue my

Jessie update of libxml2?

2018-07-20 Thread Mike Gabriel
us know whether you would like to review and/or test the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of libxml2 updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf

Accepted gosa 2.7.4+reloaded2-1+deb8u3 (source all) into oldstable

2018-07-20 Thread Mike Gabriel
+reloaded2-1+deb8u3 Distribution: jessie-security Urgency: medium Maintainer: Debian Edu Packaging Team Changed-By: Mike Gabriel Description: gosa - Web Based LDAP Administration Program gosa-desktop - Desktop integration for GOsa² gosa-dev - GOsa² development utilities gosa-help-de

[SECURITY] [DLA 1436-1] gosa security update

2018-07-20 Thread Mike Gabriel
essie", this problem has been fixed in version 2.7.4+reloaded2-1+deb8u3. We recommend that you upgrade your gosa packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Jessie update of network-manager-vpnc?

2018-07-20 Thread Mike Gabriel
and/or test the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of network-manager-vpnc updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS

Re: Jessie update of mutt?

2018-07-21 Thread Mike Gabriel
HI Antonio, On Sa 21 Jul 2018 06:41:21 CEST, Antonio Radici wrote: On Thu, Jul 19, 2018 at 04:06:06PM +0200, Mike Gabriel wrote: Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of mutt: https://security

Re: Jessie update of network-manager-vpnc?

2018-07-22 Thread Mike Gabriel
Hi Michael, On Saturday, July 21, 2018, Michael Biebl wrote: > Am 21.07.2018 um 00:13 schrieb Mike Gabriel: > > Dear maintainer(s), > > > > The Debian LTS team would like to fix the security issues which are > > currently open in the Jessie version of network-manager

Jessie update of vim-syntastic?

2018-07-19 Thread Mike Gabriel
the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of vim-syntastic updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS

Jessie update of clamav?

2018-07-19 Thread Mike Gabriel
know whether you would like to review and/or test the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of clamav updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf

Jessie update of phpldapadmin?

2018-07-19 Thread Mike Gabriel
the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of phpldapadmin updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS

Jessie update of resiprocate?

2018-07-19 Thread Mike Gabriel
the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of resiprocate updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS team

Jessie update of twig?

2018-07-19 Thread Mike Gabriel
the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of twig updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS team has already

Jessie update of mutt?

2018-07-19 Thread Mike Gabriel
the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of mutt updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS team might

Jessie update of sam2p?

2018-07-19 Thread Mike Gabriel
know whether you would like to review and/or test the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of sam2p updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf

Jessie update of ruby-zip?

2018-07-19 Thread Mike Gabriel
the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of ruby-zip updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS team

Re: Jessie update of phpldapadmin?

2018-07-19 Thread Mike Gabriel
Hi Fabio, On Do 19 Jul 2018 16:34:36 CEST, Fabio Tranchitella wrote: Dear Mike, On 19/07/2018 16:25, Mike Gabriel wrote: Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of phpldapadmin: https://security

Re: Jessie update of clamav?

2018-07-19 Thread Mike Gabriel
Hi all, On Do 19 Jul 2018 21:18:13 CEST, Sebastian Andrzej Siewior wrote: On 2018-07-19 17:06:30 [+0200], Mike Gabriel wrote: The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of clamav: https://security-tracker.debian.org/tracker/CVE

[SECURITY] [DLA 1483-1] 389-ds-base security update

2018-08-30 Thread Mike Gabriel
in version 1.3.3.5-4+deb8u2. We recommend that you upgrade your 389-ds-base packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian

Accepted 389-ds-base 1.3.3.5-4+deb8u2 (source all amd64) into oldstable

2018-08-30 Thread Mike Gabriel
-security Urgency: medium Maintainer: Debian 389ds Team Changed-By: Mike Gabriel Description: 389-ds - 389 Directory Server suite - metapackage 389-ds-base - 389 Directory Server suite - server 389-ds-base-dbg - 389 Directory Server suite - server debugging symbols 389-ds-base-dev - 389

[SECURITY] [DLA 1488-1] spice security update

2018-08-31 Thread Mike Gabriel
n be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net signature.asc Description: PGP signature

Accepted spice 0.12.5-1+deb8u6 (source amd64) into oldstable

2018-08-31 Thread Mike Gabriel
Maintainer: Liang Guo Changed-By: Mike Gabriel Description: libspice-server-dev - Header files and development documentation for spice-server libspice-server1 - Implements the server side of the SPICE protocol libspice-server1-dbg - Debugging symbols for libspice-server1 spice-client - Implements

  1   2   >