Re: Wheezy update of tor?

On Tue, 18 Oct 2016, Chris Lamb wrote: > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of tor: > https://security-tracker.debian.org/tracker/source-package/tor > > Would you like to take care of this

Accepted quagga 0.99.22.4-1+wheezy3+deb7u1 (source amd64 all) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 18 Oct 2016 14:02:41 +0200 Source: quagga Binary: quagga quagga-dbg quagga-doc Architecture: source amd64 all Version: 0.99.22.4-1+wheezy3+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Christian Hammers

[SECURITY] [DLA 662-1] quagga security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: quagga Version: 0.99.22.4-1+wheezy3+deb7u1 CVE ID : CVE-2016-1245 Debian Bug : 841162 It was discovered that there was stack overrun in IPv6 RA receive code in quagga, a BGP/OSPF/RIP routing daemon. The buffer

Accepted libxrender 1:0.9.7-1+deb7u3 (source amd64) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 18 Oct 2016 15:17:15 +0200 Source: libxrender Binary: libxrender1 libxrender1-udeb libxrender1-dbg libxrender-dev Architecture: source amd64 Version: 1:0.9.7-1+deb7u3 Distribution: wheezy-security Urgency: high Maintainer:

[SECURITY] [DLA 664-1] libxrender security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libxrender Version: 1:0.9.7-1+deb7u3 CVE ID : CVE-2016-7949 CVE-2016-7950 Debian Bug : 840443 Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries

Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u6 (source amd64) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 18 Oct 2016 19:07:47 +0200 Source: libgd2 Binary: libgd-tools libgd2-xpm-dev libgd2-noxpm-dev libgd2-xpm libgd2-noxpm Architecture: source amd64 Version: 2.0.36~rc1~dfsg-6.1+deb7u6 Distribution: wheezy-security Urgency: high

[SECURITY] [DLA 663-1] tor security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: tor Version: 0.2.4.27-2 It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service,

[SECURITY] [DLA 665-1] libgd2 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libgd2 Version: 2.0.36~rc1~dfsg-6.1+deb7u6 CVE ID : CVE-2016-6911 CVE-2016-8670 CVE-2016-6911 invalid read in gdImageCreateFromTiffPtr() (most of the code is not present in the Wheezy version)

Wheezy update of guile-2.0?

Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of guile-2.0: https://security-tracker.debian.org/tracker/source-package/guile-2.0 Would you like to take care of this yourself? If yes, please follow the workflow

Re: Wheezy update of guile-2.0?

Chris Lamb writes: > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of guile-2.0: > https://security-tracker.debian.org/tracker/source-package/guile-2.0 > > Would you like to take care of

Accepted guile-2.0 2.0.5+1-3+deb7u2 (source amd64 all) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 19 Oct 2016 00:28:05 +0200 Source: guile-2.0 Binary: guile-2.0 guile-2.0-dev guile-2.0-doc guile-2.0-libs Architecture: source amd64 all Version: 2.0.5+1-3+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Rob

[SECURITY] [DLA 666-1] guile-2.0 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: guile-2.0 Version: 2.0.5+1-3+deb7u1 CVE ID : CVE-2016-8605 CVE-2016-8606 Debian Bug : 840555 840556 Several vulnerabilities were discovered in GNU Guile, an implementation of the Scheme programming language.