Re: Wheezy update of libtomcrypt?

To: Michael Stapelberg <stapelberg@debian.org>
Cc: Thorsten Alteholz <debian@alteholz.de>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: Wheezy update of libtomcrypt?
From: Bálint Réczey <balint@balintreczey.hu>
Date: Wed, 7 Sep 2016 00:21:28 +0200
Message-id: <[🔎] CAK0Odpzks42APz3JUqrux9fhyRSUmtLOJx3xDmgf6Jk65fhGmw@mail.gmail.com>
Reply-to: balint@balintreczey.hu
In-reply-to: <[🔎] CANnVG6k4QJ7+F+H+cpHWnam_d9umyUO=xxyqPrgyoAtFtG+sKg@mail.gmail.com>
References: <[🔎] alpine.DEB.2.02.1609041737570.30295@jupiter.server.alteholz.net> <[🔎] CANnVG6k4QJ7+F+H+cpHWnam_d9umyUO=xxyqPrgyoAtFtG+sKg@mail.gmail.com>

Hi Michael,

2016-09-04 17:51 GMT+02:00 Michael Stapelberg <stapelberg@debian.org>:
> Thanks for your work on LTS.
>
> Time does not permit me to do any of this work myself.
>
> Please go ahead and make any changes as you see fit, there’s no need for my
> review.

Thank you for your quick answer.

I (on behalf of the LTS Team since I'm responsible for frontdesk now) take your
answer as covering all future security updates for releases in LTS period
thus we won't contact you for each CVE.

If you happen to change your mind please just send the LTS Team an email
stating that.

Cheers,
Balint

>
> On Sun, Sep 4, 2016 at 5:38 PM, Thorsten Alteholz <debian@alteholz.de>
> wrote:
>>
>> Hello Michael,
>>
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Wheezy version of libtomcrypt:
>> https://security-tracker.debian.org/tracker/CVE-2016-6129
>>
>> Would you like to take care of this yourself?
>>
>> If yes, please follow the workflow we have defined here:
>> https://wiki.debian.org/LTS/Development
>>
>> If that workflow is a burden to you, feel free to just prepare an
>> updated source package and send it to debian-lts@lists.debian.org
>> (via a debdiff, or with an URL pointing to the source package,
>> or even with a pointer to your packaging repository), and the members
>> of the LTS team will take care of the rest. Indicate clearly whether you
>> have tested the updated package or not.
>>
>> If you don't want to take care of this update, it's not a problem, we
>> will do our best with your package. Just let us know whether you would
>> like to review and/or test the updated package before it gets released.
>>
>> Thank you very much.
>>
>> Thorsten Alteholz,
>>   on behalf of the Debian LTS team.
>>
>> PS: A member of the LTS team might start working on this update at
>> any point in time. You can verify whether someone is registered
>> on this update in this file:
>>
>> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
>>
>>
>
>
>
> --
> Best regards,
> Michael

Reply to:

Follow-Ups:
- Re: Wheezy update of libtomcrypt?
  - From: Jonas Meurer <jonas@freesources.org>
- Re: Wheezy update of libtomcrypt?
  - From: Guido Günther <agx@sigxcpu.org>

References:
- Wheezy update of libtomcrypt?
  - From: Thorsten Alteholz <debian@alteholz.de>
- Re: Wheezy update of libtomcrypt?
  - From: Michael Stapelberg <stapelberg@debian.org>

Prev by Date: updates to find-work
Next by Date: Re: Wheezy update of libtomcrypt?
Previous by thread: Re: Wheezy update of libtomcrypt?
Next by thread: Re: Wheezy update of libtomcrypt?
Index(es):
- Date
- Thread