Hi Sorry for the late response.
On Sun, 9 Sep 2007 10:03:58 am [EMAIL PROTECTED] wrote: > This automatic mail gives an overview over security issues that were > recently fixed in Debian Testing. The majority of fixed packages migrates > to testing from unstable. If this would take too long, fixed packages are > uploaded to the testing-security repository instead. It can also happen > that vulnerable packages are removed from Debian testing. I would just add a short comment here: In case the package got removed, we encourage the admin to remove the package as well or take other measures. > Migrated from unstable: > ======================= > konversation 1.0.1-4: > CVE-2007-4400: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400 > http://bugs.debian.org/439837 > > tar 1.18-2: > CVE-2007-4131: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 > http://bugs.debian.org/439335 > > zoph 0.7.0.2-2: > CVE-2007-3905: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3905 > http://bugs.debian.org/435711 > > > > How to update: > -------------- > Make sure the line > > deb http://security.debian.org lenny/updates main contrib non-free I would also add the normal line for ftp.debian.org here (maybe without contrib and non-free). This again makes sure that the people have both in and get the packages fixes from migration. I was talking to nion last night and we were unsure about the following. The DTSA announcements always included some nice additional information and I would guess that sysadmins appreciate these information in the announcement. Therefore, we were wondering, if we should continue sending out DTSA announcements for uploads to testing-security, in addition to this mail. Of course, if there are strong objections, we will leave it out. Cheers Steffen
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
