Re: [Pkg-openssl-devel] squeeze update of openssl?

[Kurt Roeckx <kurt@roeckx.be>]

On Mon, Jun 15, 2015 at 01:13:32PM +0200, Jan Wagner wrote:
> Hi there,
> 
> Am 12.06.15 um 18:49 schrieb Guido Günther:
> > the Debian LTS team would like to fix the security issues which
> > are currently open in the Squeeze version of openssl: 
> > https://security-tracker.debian.org/tracker/CVE-2014-8176 
> > https://security-tracker.debian.org/tracker/CVE-2015-1789 
> > https://security-tracker.debian.org/tracker/CVE-2015-1790 
> > https://security-tracker.debian.org/tracker/CVE-2015-1791 
> > https://security-tracker.debian.org/tracker/CVE-2015-1792 
> > https://security-tracker.debian.org/tracker/CVE-2015-4000
> > 
> > I have left CVE-2015-4000 in the list since I'm unsure what we
> > should do about it in squeeze. Any feedback on this would be very
> > welcome.
> [...]
> > If you don't want to take care of this update, it's not a problem,
> > we will do our best with your package. Just let us know whether you
> > would like to review and/or test the updated package before it gets
> > released.
> 
> did I oversee anything and is there something happening there?

I didn't have time for squeeze yet.  It will probably be something
for wednesday.


Kurt