Hi Ola,
On 26/05/21 01:45 PM, Ola Lundqvist wrote:
>Hi fellow LTS contributors
>
>I have checked this CVE and my conclusions are as follows.
>The CVE actually cover five different problems. I guess CVEs should not
>do that, but it did anyway.
>
>Quote from upstream:
>
>
Hi Sven,
> there is a (very) minor security flaw in the radsecproxy package.
>
> I have prepared updated packages, available via
> https://mentors.debian.net/debian/pool/main/r/radsecproxy/radsecproxy_1.6.8-1+deb9u1.dsc
> for you.
Thanks for preparing a package and, at a quick glance, I would be
Hi Sven,
> > Thanks for preparing a package and, at a quick glance, I would be
> > happy to upload it. Just to 100% check though: you are not in a
> > position to upload it, create and publish a DLA, update the website,
> > etc.? (Just avoiding duplicate work.)
> No, I am just a sponsored
Hello Sven, Chris,
On Thu, May 27, 2021 at 4:22 PM Sven Hartge wrote:
> > I'll ultimately leave it up to whoever is on LTS frontdesk duty this
> > week, but I suspect we will do the same too. Happy to do the actual
> > upload if FD believes the vulnerability does warrant an update, mind
> > you.
On 27.05.21 11:18, Chris Lamb wrote:
Hi Sven,
there is a (very) minor security flaw in the radsecproxy package.
I have prepared updated packages, available via
https://mentors.debian.net/debian/pool/main/r/radsecproxy/radsecproxy_1.6.8-1+deb9u1.dsc
for you.
Thanks for preparing a package
On 27.05.21 12:08, Chris Lamb wrote:
I'll ultimately leave it up to whoever is on LTS frontdesk duty this
week, but I suspect we will do the same too. Happy to do the actual
upload if FD believes the vulnerability does warrant an update, mind
you. (Thanks either way, of course.)
Absolutely
On 27.05.21 15:51, Utkarsh Gupta wrote:
On Thu, May 27, 2021 at 4:22 PM Sven Hartge wrote:
I'll ultimately leave it up to whoever is on LTS frontdesk duty this
week, but I suspect we will do the same too. Happy to do the actual
upload if FD believes the vulnerability does warrant an update,
Hi LTS Team,
there is a (very) minor security flaw in the radsecproxy package.
I have prepared updated packages, available via
https://mentors.debian.net/debian/pool/main/r/radsecproxy/radsecproxy_1.6.8-1+deb9u1.dsc
for you.
Thanks for your continued and valued work!
Grüße,
Sven.
--
