Re: How to deal with wireshark CVE affecting Squeeze

To: Raphael Hertzog <hertzog@debian.org>, Bálint Réczey <balint@balintreczey.hu>, debian-lts@lists.debian.org
Subject: Re: How to deal with wireshark CVE affecting Squeeze
From: Bálint Réczey <balint@balintreczey.hu>
Date: Tue, 21 Apr 2015 16:32:37 +0200
Message-id: <[🔎] CAK0OdpwJrhbRq=AXA295hvwNKmbPwskDiAHsGENb0+0ZAGUrQQ@mail.gmail.com>
Reply-to: balint@balintreczey.hu
In-reply-to: <[🔎] 20150421135802.GA6701@home.ouaza.com>
References: <[🔎] 20150410215944.GA22236@home.ouaza.com> <[🔎] CAK0OdpxFv+4dX4eC1ZrBQnVr+nwpBjsXFUTreTp+HZBvC+OK=Q@mail.gmail.com> <[🔎] 1428795530.29665.32.camel@decadent.org.uk> <[🔎] 20150412071430.GB8577@home.ouaza.com> <[🔎] CAK0OdpyxhhU2M=5Tm4R5yxHzCfd9iQyOWpdDtVOcjrYdA8S3uw@mail.gmail.com> <[🔎] 20150412183605.GA8699@home.ouaza.com> <[🔎] CAK0OdpzS3gOByEZhEqV1NyN57SB_64pbX+HL+CaG2BrUszJ5Qg@mail.gmail.com> <[🔎] 20150421135802.GA6701@home.ouaza.com>

Hi Raphael,

2015-04-21 15:58 GMT+02:00 Raphael Hertzog <hertzog@debian.org>:
> Hi Balint,
>
> On Tue, 14 Apr 2015, Bálint Réczey wrote:
>> I have prepared the DLA and uploaded the fixed package but it ended up in NEW.
>> Dear FTP Masters, please accept it.
>
> FTR the package has been accepted on the same day. However I have not seen
> DLA-198-1 on debian-lts-announce@l.d.o (did your forget to sign it?).
I tried sending it several times even after subscirbing the list but
they did not go throught.
I have sent you now the DLA privately, please tell me if there is
something wrong with it.

>
> I just noticed that the DLA data had two small mistakes:
> - it said version 1.2.11-6+squeeze15 instead of 1.8.2-5wheezy15~deb6u1
> - CVE-2015-0562 was missing from the list of fixed CVE
Thanks!

>
> I fixed both of those in the security tracker, you might want
> to fix them in your announce before sending it to
> debian-lts-announce@l.d.o.
>
>> I would like to wait with that, since there was a lot of back and
>> forth changes already. :-)
>
> Sure, as long as you don't forget about it. :)
No, I kept it on my TODO list.

Cheers,
Balint

Reply to:

Follow-Ups:
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>

References:
- How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: How to deal with wireshark CVE affecting Squeeze
  - From: Raphael Hertzog <hertzog@debian.org>

Prev by Date: Re: How to deal with wireshark CVE affecting Squeeze
Next by Date: Updating dpkg in squeeze-lts
Previous by thread: Re: How to deal with wireshark CVE affecting Squeeze
Next by thread: Re: How to deal with wireshark CVE affecting Squeeze
Index(es):
- Date
- Thread