Re: How to deal with wireshark CVE affecting Squeeze

To: Bálint Réczey <balint@balintreczey.hu>
Cc: debian-lts@lists.debian.org
Subject: Re: How to deal with wireshark CVE affecting Squeeze
From: Raphael Hertzog <hertzog@debian.org>
Date: Tue, 21 Apr 2015 15:58:02 +0200
Message-id: <[🔎] 20150421135802.GA6701@home.ouaza.com>
Mail-followup-to: Raphael Hertzog <hertzog@debian.org>, Bálint Réczey <balint@balintreczey.hu>, debian-lts@lists.debian.org
In-reply-to: <[🔎] CAK0OdpzS3gOByEZhEqV1NyN57SB_64pbX+HL+CaG2BrUszJ5Qg@mail.gmail.com>
References: <[🔎] 20150410215944.GA22236@home.ouaza.com> <[🔎] CAK0OdpxFv+4dX4eC1ZrBQnVr+nwpBjsXFUTreTp+HZBvC+OK=Q@mail.gmail.com> <[🔎] 1428795530.29665.32.camel@decadent.org.uk> <[🔎] 20150412071430.GB8577@home.ouaza.com> <[🔎] CAK0OdpyxhhU2M=5Tm4R5yxHzCfd9iQyOWpdDtVOcjrYdA8S3uw@mail.gmail.com> <[🔎] 20150412183605.GA8699@home.ouaza.com> <[🔎] CAK0OdpzS3gOByEZhEqV1NyN57SB_64pbX+HL+CaG2BrUszJ5Qg@mail.gmail.com>

Hi Balint,

On Tue, 14 Apr 2015, Bálint Réczey wrote:
> I have prepared the DLA and uploaded the fixed package but it ended up in NEW.
> Dear FTP Masters, please accept it.

FTR the package has been accepted on the same day. However I have not seen
DLA-198-1 on debian-lts-announce@l.d.o (did your forget to sign it?).

I just noticed that the DLA data had two small mistakes:
- it said version 1.2.11-6+squeeze15 instead of 1.8.2-5wheezy15~deb6u1
- CVE-2015-0562 was missing from the list of fixed CVE

I fixed both of those in the security tracker, you might want
to fix them in your announce before sending it to
debian-lts-announce@l.d.o.

> I would like to wait with that, since there was a lot of back and
> forth changes already. :-)

Sure, as long as you don't forget about it. :)

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Reply to:

Follow-Ups:
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>

References:
- How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>

Prev by Date: Re: squeeze update of subversion?
Next by Date: Re: How to deal with wireshark CVE affecting Squeeze
Previous by thread: Re: How to deal with wireshark CVE affecting Squeeze
Next by thread: Re: How to deal with wireshark CVE affecting Squeeze
Index(es):
- Date
- Thread