[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: eglibc update for GHOST CVE-2015-0235

Hello Sébastien,

On Tue, 27 Jan 2015, Sebastien Dupas wrote:
> Due to the announce of the GHOST security flaw, we need to update our
> systems using Debian squeeze.
> Do you plan to release the security update of the eglibc and related
> packages?

Of course we do! That said the current LTS team doesn't have access
to embargoed information and thus nobody prepared the update in advance.
The issue popped up on our radar only yesterday and it takes
a bit of time until someone takes it over.

In this case, Holger Levsen took care of it during the night:

The fixed version is 2.11.3-4+deb6u4, the amd64 package is already
available and the i386 build daemon just caught up. The next mirror
pulse should have it too.

The announce has not yet been sent to debian-lts-announce however.
Holger will probably do it once he wakes up.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Reply to: