CVE-2018-1000873: TODO: check, could affect any of the src-jackson* packages
CVE-2018-20096: TODO: check
CVE-2018-20097: TODO: check
CVE-2018-20098: TODO: check
CVE-2019-2422: RESERVED
CVE-2019-2426: RESERVED
CVE-2019-5010: RESERVED
--
The output might be a bit terse, but the above ids are
On Tue, 15 Jan 2019 12:06:10 +0100
Florian Weimer wrote:
> > I've read systemd's vulnerability article [1] and then I have
> > a question, do we have any plan to enable "-fstack-clash-protection"
> > by default? I cannot find any discussion about it.
>
> There's a bug report requesting a
Hello Sven,
$gbp buildpackage --git-pbuilder --git-dist=stretch
>
> on branch debian/master fails with
>
> [...]
> The following packages have unmet dependencies:
> pbuilder-satisfydepends-dummy : Depends: debhelper (>= 12) but it is
> not going to be installed
> Unable to resolve dependencies!
Hello,
The same situation is with libssl1.1/libssl1.0 [1].
I would recommend to follow its way, to avoid pitfalls:
src:libewf/20140606-7, stripped-down:
- libewf2-dev
- libewf2
src:libewf3/20171104-2, new package for unstable:
- libewf-dev (Conflicts: libewf2-dev, without Replaces)
- libewf3
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello Samuel,
On Monday, 14.01.2019, 21:08 + Samuel Henrique wrote:
> Hello Sven,
>
> 1. prepare a 2.0.3-1~bpo9+1. This would only require DH level to be
> > rolled back to 11.
> >
>
> I'm lost here, why do we need to roll back to DH 11?
I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4367-2 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
January 15, 2019
Hello,
Aleksey Kravchenko and I have been working on updating libewf to from
20140608 to 20171104 to, among other things, gain Python3 bindings.
Unfortunately, there are a few incompatible API/ABI changes which are
correctly marked by a SONAME bump from 2 to 3. This in turn would
normally require
* Hideki Yamane:
> I've read systemd's vulnerability article [1] and then I have
> a question, do we have any plan to enable "-fstack-clash-protection"
> by default? I cannot find any discussion about it.
There's a bug report requesting a build flags change:
8 matches
Mail list logo