External check

2016-09-18 Thread Raphael Geissert 
CVE-2016-7046: RESERVED
--
The output might be a bit terse, but the above ids are known elsewhere,
check the references in the tracker. The second part indicates the status
of that id in the tracker at the moment the script was run.

Re: [SECURITY] [DSA 3666-1] mysql-5.5 security update

2016-09-18 Thread Hideki Yamane 
Hi,

On Fri, 16 Sep 2016 10:27:56 +0200
Salvatore Bonaccorso  wrote:
> > - Is it intentional to not provide build log for jessie-security?
> >  or can we check build log for security updates?
> 
> Builds can be done in advance, for embargoed issues. Thus logs should
> not be public. But yes, that could defintively be an improvement that
> logs can be published *after* a DSA ist released. If you can help
> wanna-build team on that matther I'm sure help would be appreciated.
> Nobody worked on that part so far.
> 
> > - Why there's no info in tracker about 5.5.52-0+deb8u1 upload?
> 
> The tracker afaict just rcords the upload to ftp-master. Thus, there
> will be a news entry only when the package is accepted into
> proposed-updates (unless I'm wrong on that).

 Okay, now it's clear for me, thanks!

 And NOKUBI Takatsugu says it maybe not sufficient to fix non-x86 archs.
 for this issue. see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837984
 I'm not sure whether it's true or not, but can you give a look into it,
 please?


-- 
Regards,

 Hideki Yamane henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane