...@lists.alioth.debian.org
Changed-By: Scott Kitterman freex...@kitterman.com
Description:
jruby - 100% pure-Java implementation of Ruby
Changes:
jruby (1.5.1-1+deb6u1) squeeze-lts; urgency=medium
.
* Add debian/patches 0008-CVE-2011-4838.patch and 0009-CVE-2012-5370.patch
to resolve the respective CVEs
Package: clamav
Version: 0.98.7+dfsg-0+deb6u1
CVE ID : CVE-2014-9328 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463
CVE-2015-2170 CVE-2015-2221 CVE-2015- CVE-2015-2668
Upstream published version 0.98.7. This update updates sqeeze-lts to the
latest upstream
hanged-By: Scott Kitterman <sc...@kitterman.com>
Description:
screen - terminal multiplexor with VT100/ANSI terminal emulation
Closes: 797624
Changes:
screen (4.0.3-14+deb6u1) squeeze-lts; urgency=high
.
* Fix stack overflow due to too deep recursion (CVE-2015-6806). (Closes:
hanged-By: Scott Kitterman <sc...@kitterman.com>
Description:
libphp-snoopy - Snoopy is a PHP class that simulates a web browser
Closes: 778634
Changes:
libphp-snoopy (2.0.0-1~deb6u1) squeeze-lts; urgency=high
.
* Upload to squeeze-lts
.
libphp-snoopy (2.0.0-1) unstable; urgency=high
On December 9, 2015 3:09:23 AM EST, Raphael Hertzog <hert...@debian.org> wrote:
>On Tue, 08 Dec 2015, Scott Kitterman wrote:
>> On December 8, 2015 5:25:05 PM EST, "Santiago Ruano Rincón"
><santiag...@riseup.net> wrote:
>> >Is anyone against upload
On December 9, 2015 2:51:47 PM EST, Raphael Hertzog wrote:
>On Wed, 09 Dec 2015, Santiago Ruano Rincón wrote:
>> https://titanpad.com/zPncgYnP05
>
>I made a few changes.
>
>> This DLA includes information about the already uploaded packages to
>> solve incompatibility issues.
On December 10, 2015 3:27:14 AM EST, "Santiago Ruano Rincón"
<santiag...@riseup.net> wrote:
>El 09/12/15 a las 19:18, Scott Kitterman escribió:
>> On December 9, 2015 2:51:47 PM EST, Raphael Hertzog
><hert...@debian.org> wrote:
>...
>> >What'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libphp-snoopy
Version: 2.0.0-1~deb6u1
CVE ID : CVE-2008-7313 CVE-2014-5008
Debian Bug : 778634
It was discovered that missing input sanitizing in Snoopy, a PHP class that
simulates a web browser may result in
On December 1, 2015 9:18:52 AM EST, Ben Hutchings <b...@decadent.org.uk> wrote:
>On Tue, 2015-12-01 at 08:39 -0500, Scott Kitterman wrote:
>> I checked this yesterday and the offending code isn't present in the
>1.4
>> versions of srtp.
>
>Only because the range ch
I checked this yesterday and the offending code isn't present in the 1.4
versions of srtp.
Scott K
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: dansguardian
Version: 2.10.1.1-3+deb6u1
Debian Bug : 813894
As described in DLA-437-1, clamav has been updated to the most recent upstream
version, 0.99. Due to a soname change in libclamav, packages depending on
On Wednesday, March 02, 2016 02:09:28 PM Markus Koschany wrote:
> Am 01.03.2016 um 15:45 schrieb Scott Kitterman:
> > I understand that the plan is not to create a separate package suite for
> > Wheezy as was done for Squeeze and to upload to wheezy-security instead.
> >
On Monday, April 25, 2016 02:07:01 AM Luca Filipozzi wrote:
> On Sun, Apr 24, 2016 at 09:55:10AM +0200, Raphael Hertzog wrote:
> > Do you have some concrete suggestions?
>
> Decrease the separation by moving the funds management into Debian proper
> (via a TO like SPI) and move to a bounty model
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: clamav
Version: 0.99.2+dfsg-0+deb7u2
DLA 546-1 was incorrectly released before updated clamav packages were
available and there were subsequent issues with the acceptance of the package
(which have since been corrected).
On Sunday, July 10, 2016 06:46:52 PM Markus Koschany wrote:
> On 10.07.2016 08:29, Bjoern Nyjorden wrote:
> > Hi there,
> >
> > Are you able to advise as to when this update will be available?
> >
> > Looking forward to your feedback.
>
> Hello Bjoern,
>
> please ignore the DLA announcement
I'm going to take care of it.
Scott K
On July 3, 2016 9:04:48 AM EDT, Sebastian Andrzej Siewior
wrote:
>On 2016-06-30 09:36:18 [+0300], Klaipedaville on Google wrote:
>> Hello there,
>Hi,
>
>> It’s been almost half a year since I’ve been getting this "Clamav is
it again, please (as per my previous
>[old] message down-below)? Is Clamav not available in packages any more
>at all? Many thanks!
>
>Regards,
>Dennis
>
>P.S. It looks like this "issue" is 'an every July come back occurrence'
>isn't it? :)
>
>
>From
Conveniently, upstream just released 0.99.4 that addresses this and some other
issues. I'd suggest you let us get that into stable/oldstable first.
Scott K
On March 1, 2018 10:07:53 PM UTC, Sebastian Andrzej Siewior
wrote:
>On 2018-02-28 16:47:47 [-0500], Antoine
Comments inline.
On Sunday, March 31, 2019 09:37:46 PM Ola Lundqvist wrote:
> Hi
>
> I missed to include the clamav maintainers. Sorry about that.
>
> // Ola
>
> On Sun, 31 Mar 2019 at 21:21, Ola Lundqvist wrote:
> > Dear maintainers, LTS team and Debian Secutiry team
> >
> > I have started
; // Ola
>
> On Sun, 31 Mar 2019 at 22:35, Scott Kitterman wrote:
> > Comments inline.
> >
> > On Sunday, March 31, 2019 09:37:46 PM Ola Lundqvist wrote:
> > > Hi
> > >
> > > I missed to include the clamav maintainers. Sorry about that.
hey are delared private so it should be ok.
> > But you never know.
> >
> > It would be helpful if you can help me judge if any of the above means
> > backwards incompatibility.
> >
> > I'm most worried about the following:
> > - Socket change
> &
an test that the package installs properly but I'm not sure I can
> regression test it properly myself.
>
> Anyone who knows how to regression test it properly?
>
> Best regards
>
> // Ola
>
> On Mon, 15 Apr 2019 at 23:16, Scott Kitterman wrote:
> > That sounds like
22 matches
Mail list logo