Hi,
* Francesco Poli (wintermute) invernom...@paranoici.org [2011-11-16 22:21]:
Package: security-tracker
Severity: normal
Hello,
it seems to me that the tracker page [1] for DSA-2346-1 [2]
lacks the reference to CVE-2011-4130.
Please update the tracker data.
Thanks for your time!
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.
pgpCoS9GiwUMV.pgp
Description: PGP signature
#SecurityUploadQueue
Kind regards and thanks for contacting us!
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.
pgpDqDxHyVC29.pgp
Description: PGP signature
Hi,
* Francesco Poli invernom...@paranoici.org [2011-06-11 19:10]:
DSA-2258-1 [1] is about CVE-2011-1926, but the DSA tracker page [2]
refers to CVE-2011-2194.
[...]
Thanks fixed, cp error. CVE-2011-2194 was the previous DSA.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n
be updated?
Could you please clarify?
Fixed, thanks.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.
pgp3La8OEIXTC.pgp
Description: PGP signature
at the issue and it's indeed windows
only. The entry in the security tracker will stay but it will be marked as
not-affected.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.
pgpQy6yuzXxS2.pgp
Hi,
* Nico Golde n...@ngolde.de [2010-11-15 19:37]:
* Benjamin Drung bdr...@ubuntu.com [2010-11-15 15:25]:
There is one security bug filed against vlc that affects only Windows
[1]. How do I get this bug removed from the list?
http://security-tracker.debian.org/tracker/TEMP-0595686
.
[...]
Already done, thanks for the notice though!
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.
pgpCdJ6Yd9ePO.pgp
Description: PGP signature
Hi,
* Yves-Alexis Perez cor...@debian.org [2010-01-13 11:12]:
I just noticed two CVE which apply to Xfce packages in etch are set
against the wrong package. Attached diff should fix that.
Thanks fixed!
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
, still I wonder why you
need to implement undiscussed (excuse me if I missed this) tracker features
and Thijs is blindly committing them. This is not how we should work in my
opinion.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all
Hi,
* Nico Golde n...@ngolde.de [2010-01-03 22:58]:
* Michael Gilbert michael.s.gilb...@gmail.com [2010-01-03 19:20]:
If someone can push the latest updates, I think I've solved the
problem with the latest commit.
I updated the tracker svn because I think your fix looks good
in oldstable, that's why the tracker shows it as open. If you look
at http://security-tracker.debian.org/tracker/status/release/unstable you will
see it doesn't show up there.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text
. While we have people who report
bugs we lack of people who fix bugs :)
So the honest answer is, I don't know.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.
pgpeJugckpxFk.pgp
/non-free completely and mark
these issues as NFU or we need to introduce a tag for
unsupported packages (Florian what do you think?).
Opinions?
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13
the vulnerabilities in parts which logically fit
in the same category I think it makes more sense to split
them instead of reporting one huge grave bug.
I don't think there's a general answer for this.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
Hi,
* Richard Hartmann [EMAIL PROTECTED] [2008-12-08 09:54]:
On Mon, Dec 8, 2008 at 09:32, Nico Golde [EMAIL PROTECTED] wrote:
I think your imagination of the process is way to easy,
it's more than reading and directly editing the tracker, the
same process like the one for new CVE ids apply
tracker. please update the tracker to include this
issue.
It's already been there for a couple of hours. It's CVE-2008-5314.
Michael, note that you already have access to the tracker
svn.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security
in the tracker. If you plan
to work on security in Debian please let me know so we can
integrate you in the team.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpVmq9RjTQpJ.pgp
Description
this one if i am permitted to commit
to svn. thanks.
Fixed, 1:7.1.314-3+lenny1 vs 1:71.314-3+lenny1
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpjlbHGNF8pC.pgp
Description: PGP
didn't catch this one?
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpSKQ6tXseW5.pgp
Description: PGP signature
might be off here, so if you are sure go ahead and revert it.
I disagree, as I already wrote in the bug report 1:3.0-12
includes all security fixes and I don't think we should
track issues in corner case use cases as they might pop out
way later than the issue was fixed.
Cheers
Nico
--
Nico
Hi Gerfried,
* Gerfried Fuchs [EMAIL PROTECTED] [2008-08-04 22:11]:
* Nico Golde [EMAIL PROTECTED] [2008-08-04 21:01:18 CEST]:
* Thijs Kinkhorst [EMAIL PROTECTED] [2008-08-04 20:16]:
We have the following options:
- Keep the current feed.
It works. But, it's only updated a few times
no net connection
available.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpiREsLXvgKm.pgp
Description: PGP signature
cupsys:
[...]
Mhm, maybe the reason is that cupsys was not yet removed
from unstable and currently cupsys and cups are installable
in unstable?
kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13
.
Is this a security-tracker internal inconsistency?
[...]
The source package name was missing from the sarge tag in
our DSA file. Fixed this in svn. Thanks alot for reporting!
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all
Hi Florian,
* Florian Weimer [EMAIL PROTECTED] [2008-01-17 09:05]:
* Nico Golde:
Author: jmm-guest
Date: 2008-01-16 17:57:08 + (Wed, 16 Jan 2008)
New Revision: 7942
Modified:
data/CVE/list
Log:
maxdb is in the archive, marked as unfixed for now, didn't check further
because it says SAP maxdb
and also the advisory is linking the SAP homepage as vendor
site while the description of the maxdb package in debian
references a mysql.com site. That's why I marked this as
NFU.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG
27 matches
Mail list logo