Hello everybody,
I have had enquiries of LTS sponsors about the status of spectre/meltdown
mitigations in Debian. I tried to answer but even for me as an insider who
knows the ins and outs of Debian rather well, it's really difficult for me
to be able to answer.
IMO we should really try to mainta
Hi Brian
Do you think we can be considered as "product owner"? Maybe we can try
to request access anyway.
Best regards
// Ola
On 7 February 2018 at 22:43, Brian May wrote:
> CVE-2018-5709 points to
> https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
>
Hi Brian,
On Thu, Feb 08, 2018 at 07:00:06AM +0100, Salvatore Bonaccorso wrote:
> Hi Brian
>
> On Thu, Feb 08, 2018 at 08:20:22AM +1100, Brian May wrote:
> > Hello,
> >
> > According to the upstream bug report:
> > https://github.com/dlitz/pycrypto/issues/253
> >
> > "This bug is prevalent. It
On Thu, Feb 08, 2018 at 07:35:13PM +0100, Ola Lundqvist wrote:
> Hi Brian
>
> Do you think we can be considered as "product owner"? Maybe we can try
> to request access anyway.
These are both known to upstream and under investigation/patch
development, simply wait for them to make an announcement
Here is my attempt to fix this for wheezy, based on the upstream patch
which had to be applied manually. Only problem applying the patch was I
changed the function back to number.getRandomRange because
Integer.random_range is unavailable. Plus they both appear to do the
same thing anyway.
diff -N
