Re: xen_4.1.6.1-1+deb7u2.dsc

Hi Guido On Fri, Jul 29, 2016 at 01:13:33PM +0200, Guido Günther wrote: > * the complete removal of tools/ioemu-qemu-xen - guess this was unused > anyway since quiet some time, right? I have no idea and found not one reference to that folder. > * there are some XSA related patches in

Re: Wheezy update of collectd?

On 07/28/2016 05:55 PM, Lucas Kanashiro wrote: > On 07/28/2016 05:02 PM, Sebastian Harl wrote: >> Thanks. I updated dla-needed. >> >> The fixed packages are ready for upload now. Please find the full >> debdiff (source and binary) attached to this email. Note that the >> (seemingly) added

Re: Wheezy update of lighttpd?

W dniu czw 28 lip, 2016 o 22∶36 użytkownik Thorsten Alteholz napisał: Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of lighttpd:

Re: Wheezy update of collectd?

On Fri, Jul 29, 2016 at 09:43:39AM -0300, Lucas Kanashiro wrote: > On 07/28/2016 05:55 PM, Lucas Kanashiro wrote: > > On 07/28/2016 05:02 PM, Sebastian Harl wrote: > >> Thanks. I updated dla-needed. > >> > >> The fixed packages are ready for upload now. Please find the full > >> debdiff (source

Accepted xmlrpc-epi 0.54.2-1+deb7u1 (source amd64) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 29 Jul 2016 19:03:02 +0200 Source: xmlrpc-epi Binary: libxmlrpc-epi-dev libxmlrpc-epi0 libxmlrpc-epi0-dbg Architecture: source amd64 Version: 0.54.2-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Robin

Accepted collectd 5.1.0-3+deb7u1 (source amd64 all) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 28 Jul 2016 20:52:12 +0200 Source: collectd Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev libcollectdclient-dev libcollectdclient0 Architecture: source amd64 all Version: 5.1.0-3+deb7u1 Distribution:

[SECURITY] [DLA 570-1] kde4libs security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: kde4libs Version: 4:4.8.4-4+deb7u2 CVE ID : CVE-2016-6232 Debian Bug : 832620 It was possible to trick kde4libs's KArchiveDirectory::copyTo() function to extract files to arbitrary system locations from a

Re: xen_4.1.6.1-1+deb7u2.dsc

Hi, while I'm glad that the xen upload will finally happen soon… On Fri, Jul 29, 2016 at 01:26:22PM +0200, Bastian Blank wrote: > > If Brian has no objections feel free to upload, Please let me know once > > done so I can then release the DLA (in case you don't want to handle it > > youself). >

Re: xen_4.1.6.1-1+deb7u2.dsc

On Fri, Jul 29, 2016 at 10:56:28PM +, Holger Levsen wrote: > while I'm glad that the xen upload will finally happen soon… oh, the joys of catching up on mails and reading not all mail before replying… in other words: thanks for the upload, Waldi! (+sorry for assuming the worst.) -- cheers,

Re: CVE-2016-2313 fix wrong

On 28/07/16 14:59, Matus UHLAR - fantomas wrote: >> On 28/07/16 13:35, Matus UHLAR - fantomas wrote: >>> i believe the fix for CVE-2016-2313 in >>> CVE-2016-2313-authentication-bypass.patch is invalid. > > On 28.07.16 14:26, Emilio Pozuelo Monfort wrote: >> Thanks for the report. I'll look at it