Re: [pkg-ntp-maintainers] Wheezy update of ntp?

Hi Kurt

Yes I guess they were published today.

It is very good if you can fix this also for oldstable. I guess if a new upstream version is acceptable for stable it should be acceptable for oldstable as well.

Unless you know of any obvious negative impact of course.

If you release the same revision as for stable I guess you should change a few of the ones I marked with no-dsa as well.

Thank you

// Ola

On 21 November 2016 at 23:32, Kurt Roeckx <kurt@roeckx.be> wrote:

On Mon, Nov 21, 2016 at 11:13:13PM +0100, Ola Lundqvist wrote:
> Hello dear maintainer(s),
>
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of ntp:
> https://security-tracker.debian.org/tracker/CVE-2016-7426
> https://security-tracker.debian.org/tracker/CVE-2016-7427
> https://security-tracker.debian.org/tracker/CVE-2016-7428
> https://security-tracker.debian.org/tracker/CVE-2016-7434
> https://security-tracker.debian.org/tracker/CVE-2016-9310
> https://security-tracker.debian.org/tracker/CVE-2016-9311
> https://security-tracker.debian.org/tracker/CVE-2016-9312

You mean those that were published today?

> Would you like to take care of this yourself?

If I fix them for stable, I'll also fix them for oldstable. It's
the same upstream version, the patches are identical.

But I just have a new tarball, and diffstat shows:
187 files changed, 8094 insertions(+), 4295 deletions(-)

And bitkeeper and the git don't have any of the patches.
(Even if they did, it would be non-obvious which commits you need,
they are really good like that.)

Kurt

--- Inguza Technology AB --- MSc in Information Technology ----

/ ola@inguza.com Folkebogatan 26 \

| opal@debian.org 654 68 KARLSTAD |

| http://inguza.com/ Mobile: +46 (0)70-332 1551 |

\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /

---------------------------------------------------------------