Accepted systemd 44-11+deb7u5 (source amd64) into oldstable

2016-10-17 Thread Brian May
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 07 Oct 2016 17:40:21 +1100 Source: systemd Binary: systemd systemd-sysv libpam-systemd systemd-gui libsystemd-login0 libsystemd-login-dev libsystemd-daemon0 libsystemd-daemon-dev libsystemd-journal0 libsystemd-journal-dev

Re: inline gpg signatures from mutt

2016-10-17 Thread Salvatore Bonaccorso
Hi Brian, On Tue, Oct 18, 2016 at 08:02:53AM +1100, Brian May wrote: > Salvatore Bonaccorso writes: > > > Btw, if you have a correctly configured local MTA, then maybe you can > > just do the same as we do for DSA's: > > > >

Accepted libxrandr 2:1.3.2-2+deb7u2 (source amd64) into oldstable

2016-10-17 Thread Hugo Lefeuvre
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 17 Oct 2016 13:35:45 +0200 Source: libxrandr Binary: libxrandr2 libxrandr2-dbg libxrandr-dev Architecture: source amd64 Version: 2:1.3.2-2+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Debian X Strike Force

Re: Wheezy update of icedove?

2016-10-17 Thread Guido G√ľnther
Hi, On Mon, Oct 17, 2016 at 02:07:31PM +0100, Chris Lamb wrote: > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of icedove: > https://security-tracker.debian.org/tracker/source-package/icedove > > Would

[SECURITY] [DLA 660-1] libxrandr security update

2016-10-17 Thread Hugo Lefeuvre
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libxrandr Version: 2:1.3.2-2+deb7u2 CVE ID : CVE-2016-7947 CVE-2016-7948 Debian Bug : 840441 Insufficient validation of data from the X server in libxrandr before v1.5.0 can cause out of boundary memory writes

Accepted libarchive 3.0.4-3+wheezy5 (source amd64) into oldstable

2016-10-17 Thread Jonas Meurer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 17 Oct 2016 21:36:24 +0200 Source: libarchive Binary: libarchive-dev libarchive12 bsdtar bsdcpio Architecture: source amd64 Version: 3.0.4-3+wheezy5 Distribution: wheezy-security Urgency: high Maintainer: Debian Libarchive

[SECURITY] [DLA 661-1] libarchive security update

2016-10-17 Thread Jonas Meurer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: libarchive Version: 3.0.4-3+wheezy5 CVE ID : CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 Debian Bug : 840934 840935 840936 Agostino Sarubbo of Gentoo discovered several security vulnerabilities in libarchive, a

Re: inline gpg signatures from mutt

2016-10-17 Thread Brian May
Salvatore Bonaccorso writes: > Btw, if you have a correctly configured local MTA, then maybe you can > just do the same as we do for DSA's: > > https://wiki.debian.org/DebianSecurity/AdvisoryCreation/SecFull#Sending_out_the_announcement_to_debian-security-announce > > write