DSA candidates

2019-01-14 Thread Security Tracker
otrs2 -- agg/stable -- cairo/stable -- exiv2/stable -- freerdp/stable -- gnutls28/stable -- icingaweb2/stable -- jackson-databind/stable -- jupyter-notebook/stable -- libcaca/stable -- libpng1.6/stable -- libraw/stable -- libsolv/stable -- libthrift-java/stable -- mate-screensaver/stable --

External check

2019-01-14 Thread Security Tracker
CVE-2018-1000873: TODO: check, could affect any of the src-jackson* packages CVE-2018-14662: RESERVED CVE-2018-16846: RESERVED CVE-2018-20096: TODO: check CVE-2018-20097: TODO: check CVE-2018-20098: TODO: check -- The output might be a bit terse, but the above ids are known elsewhere, check

"-fstack-clash-protection" option

2019-01-14 Thread Hideki Yamane
Hi, I've read systemd's vulnerability article [1] and then I have a question, do we have any plan to enable "-fstack-clash-protection" by default? I cannot find any discussion about it. [1] https://www.zdnet.com/article/new-linux-systemd-security-holes-uncovered/ -- Hideki Yamane

[SECURITY] [DSA 4369-1] xen security update

2019-01-14 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4369-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019

[SECURITY] [DSA 4368-1] zeromq3 security update

2019-01-14 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4368-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019

Re: arno-iptables-firewall 2.0.3-1~rc4

2019-01-14 Thread Samuel Henrique
Hello Sven, 1. prepare a 2.0.3-1~bpo9+1. This would only require DH level to be > rolled back to 11. > I'm lost here, why do we need to roll back to DH 11? > 2. prepare a 2.0.1.f-2 from 2.0.1.f-1.1 patched for Bug #824684. This > could be a minimal change leaving all the older packaging flaws

Re: arno-iptables-firewall 2.0.3-1~rc4

2019-01-14 Thread Sven Geuer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, regarding the statement > Now it starts on system boot. and the question > Is it an idea to upload this new package to stretch-backports? I see two ways to go: 1. prepare a 2.0.3-1~bpo9+1. This would only require DH level to be

Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]

2019-01-14 Thread Sven Geuer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thanks a lot for uploading, Samuel! On Sunday, 13.01.2019, 23:36 + Samuel Henrique wrote: > Hello Everyone, > > Finally got some free time to review the package, I think everything > is ok, > I just did some little changes on d/copyright. > >

Re: arno-iptables-firewall 2.0.3-1~rc4

2019-01-14 Thread Sven Geuer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Martin, thank you for testing and reporting. Regards, Sven On Saturday, 12.01.2019, 18:54 +0100 Odd Martin Baanrud wrote: > Hello, > > Upgrading to the latest version of arno-iptables-firewall worked > fine. > Now it starts on system boot.

Re: Request for review/upload of gpart 1:0.3-6

2019-01-14 Thread Eriberto
Em dom, 13 de jan de 2019 às 21:44, Samuel Henrique escreveu: > > Hello Aleksey, > >> I've prepared gpart 1:0.3-6 package [1] with minimal changes: >> * Import upstream patches to fix division by zero (Closes: #848881). >> * Bump std-version to 4.3.0. >> * Add upstream metadata. >> >>

ITP: libfsapfs -- APFS access library and utilities

2019-01-14 Thread Hilko Bengen
Package: wnpp Owner: Hilko Bengen Severity: wishlist * Package name: libfsapfs Version : 20181215 Upstream Author : Joachim Metz * URL or Web page : https://github.com/libyal/libfsapfs * License : LGPL-3.0+ Description : APFS access library and utilities This is an