Brian,
> Not sure I understand this comment from dla-needed.txt:
Sorry, I did not see your comment until now.
> The patch - good version at [..] doesn't touch the files noted
> above.
The patch adds a call to make_tempfile (or similar) which uses
utility functions from these aforementioned file
Hi,
On Wed, 11 Apr 2018, Antoine Beaupré wrote:
> 1. removing the package from dla-needed.txt
> 2. adding the package as unsupported in debian-security-support
> 3. (do we send end-of-life announcements to debian-lts-announce when we
> do that?)
It's easy to mark packages as unsupported and t
On 2018-04-12 10:17:25, Raphael Hertzog wrote:
> Hi,
>
> On Wed, 11 Apr 2018, Antoine Beaupré wrote:
>> 1. removing the package from dla-needed.txt
>> 2. adding the package as unsupported in debian-security-support
>> 3. (do we send end-of-life announcements to debian-lts-announce when we
>> do
Hi
I thought I did. Maybe I forgot to push my changes.
Thanks for resolving it.
// Ola
On 11 April 2018 at 22:18, Antoine Beaupré wrote:
> On 2018-04-10 14:33:28, Ola Lundqvist wrote:
> > Hi Salvatore
> >
> > Great. Thanks. Then we do not need to do anything more to libgcrypt. I'll
> > remove
Hi
Yes I forgot to push my changes. Thanks for handling it for me.
// Ola
On 12 April 2018 at 14:14, Ola Lundqvist wrote:
> Hi
>
> I thought I did. Maybe I forgot to push my changes.
>
> Thanks for resolving it.
>
> // Ola
>
> On 11 April 2018 at 22:18, Antoine Beaupré
> wrote:
>
>> On 2018-0
Hi
Isn't the main question whether postponed for LTS is relevant? Either it
should be ignored or fixed.
The trigger should be that if main Security team has marked something as
posponed it should be listed in the wheezy todo list until it is marked as
ignored.
If we decide to ignore it then it s
On Thu, Apr 12, 2018 at 03:44:36PM +0200, Ola Lundqvist wrote:
> I do not think we really have the possibility to postpone issues in LTS,
> right?
Why would you not?
Hi
On Thu, Apr 12, 2018 at 03:44:36PM +0200, Ola Lundqvist wrote:
> I do not think we really have the possibility to postpone issues in LTS,
> right?
Sure, it is possible it's not different as for the security team. Say
src:a has issue CVE-2018-12345, this not warrant an immediate DLA, but
it's i
On Tue, 2018-04-03 at 05:52 -0400, Roberto C. Sánchez wrote:
> On Mon, Apr 02, 2018 at 01:45:40AM +0100, Ben Hutchings wrote:
> >
> > I would suggest looking at how non-default compiler versions are built
> > in other suites.
> >
> > Ben.
> >
>
> Hi Ben,
>
> Could you provide some more specifi
On Thu, 2018-04-12 at 17:00 +0100, Ben Hutchings wrote:
> On Tue, 2018-04-03 at 05:52 -0400, Roberto C. Sánchez wrote:
> > On Mon, Apr 02, 2018 at 01:45:40AM +0100, Ben Hutchings wrote:
> > >
> > > I would suggest looking at how non-default compiler versions are built
> > > in other suites.
> > >
Hi
Now I understand better. I thought postponed was used for updates in next
point release. Now I understand the difference. In this case I think it
would be good if it is more visible in the security tracker so people who
update the package next time will not ignore it.
Best regards
// Ola
On
Hi,
I've done a small update of the qemu packages to fix a rather serious
vulnerability:
https://security-tracker.debian.org/tracker/CVE-2018-7550
The fix is pretty trivial but I figured I would share it here because I
do not have a very good way of testing this directly here.
As usual, the sig
[Trimmed the cc list]
On Thu, 2018-04-12 at 18:39 +0100, Ben Hutchings wrote:
> On Thu, 2018-04-12 at 17:00 +0100, Ben Hutchings wrote:
[...]
> > I didn't know how it worked, only that it does work. Anyway, I've
> > looked now and I think you need to apply the following patch:
> >
> > --- gcc-4.
13 matches
Mail list logo