Dear maintainer(s),
The Debian LTS team recently reviewed the security issue(s) affecting your
package in Wheezy:
https://security-tracker.debian.org/tracker/CVE-2017-9038
https://security-tracker.debian.org/tracker/CVE-2017-9039
https://security-tracker.debian.org/tracker/CVE-2017-9040
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of postgresql-9.1:
https://security-tracker.debian.org/tracker/CVE-2017-7484
https://security-tracker.debian.org/tracker/CVE-2017-7486
Would you like to take care of this
Dear maintainer(s),
The Debian LTS team recently reviewed the security issue(s) affecting your
package in Wheezy:
https://security-tracker.debian.org/tracker/CVE-2017-9052
https://security-tracker.debian.org/tracker/CVE-2017-9053
https://security-tracker.debian.org/tracker/CVE-2017-9054
Hi Guilhem,
On Sat, 20 May 2017, Guilhem Moulin wrote:
I did check that public key authentication is still working under
2012.55-1.3+deb7u2 (I didn't make any other check though).
thanks a lot for that fix, I just uploaded your new version to
wheezy-security. Later I will also send the DLA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 May 2017 20:49:16 +0200
Source: dropbear
Binary: dropbear
Architecture: source amd64
Version: 2012.55-1.3+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Gerrit Pape
Changed-By: Guilhem
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of miniupnpc:
https://security-tracker.debian.org/tracker/CVE-2017-8798
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of puppet:
https://security-tracker.debian.org/tracker/CVE-2017-2295
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of lintian:
https://security-tracker.debian.org/tracker/CVE-2017-8829
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: dropbear
Version: 2012.55-1.3+deb7u2
CVE ID : CVE-2017-9079
A vulnerability was found in Dropbear, a lightweight SSH2 server
and client.
CVE-2017-9079
Jann Horn discovered a local information leak in parsing
Hi Christoph,
CVE-2017-7486 and CVE-2017-7484 are marked as "not-affected" for
postgresql-9.1 in Jessie.
Can you please confirm that the same package in Wheezy is not affected as
well?
Do you also have an idea whether CVE-2017-7484 affects postgresql-8.4 in
Wheezy?
Thanks!
Thorsten
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of mupdf:
https://security-tracker.debian.org/tracker/CVE-2016-8728
https://security-tracker.debian.org/tracker/CVE-2016-8729
Would you like to take care of this yourself?
Hi Thorsten
I had a look into this and I'm not sure both statements are correct for Jessie.
For CVE-2017-7486 I think the information in Jessie is wrong. The
patched code is definitely there in wheezy at least. But maybe it is
not triggered for some reason.
For CVE-2017-7484 the code do not
12 matches
Mail list logo