Re: [Debian-ha-maintainers] Wheezy update of pacemaker?

To: Thorsten Alteholz <debian@alteholz.de>
Cc: debian-lts@lists.debian.org, Debian HA Maintainers <debian-ha-maintainers@lists.alioth.debian.org>
Subject: Re: [Debian-ha-maintainers] Wheezy update of pacemaker?
From: wferi@niif.hu (Ferenc Wágner)
Date: Fri, 07 Oct 2016 17:12:14 +0200
Message-id: <[🔎] 8737k8urap.fsf@lant.ki.iif.hu>
In-reply-to: <[🔎] 87ponklz2h.fsf@lant.ki.iif.hu> ("Ferenc Wágner"'s message of "Sat, 01 Oct 2016 20:11:02 +0200")
References: <[🔎] alpine.DEB.2.02.1610011746320.16288@jupiter.server.alteholz.net> <[🔎] 87ponklz2h.fsf@lant.ki.iif.hu>

wferi@niif.hu (Ferenc Wágner) writes:

> Thorsten Alteholz <debian@alteholz.de> writes:
>
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Wheezy version of pacemaker:
>> https://security-tracker.debian.org/tracker/CVE-2016-7797
>
> I don't see how this affects 1.1.7 (the wheezy version of Pacemaker).
> The linked bug report describes a DoS against remote nodes, but remote
> nodes were introduced in 1.1.10 only, by 1debe12.  The code fixed by the
> linked commit (5ec24a26) was introduced even later, in 1.1.12, by
> 87f4091.

I got it unset in the security tracker.
-- 
Feri

Reply to:

References:
- Wheezy update of pacemaker?
  - From: Thorsten Alteholz <debian@alteholz.de>
- Re: Wheezy update of pacemaker?
  - From: wferi@niif.hu (Ferenc Wágner)

Prev by Date: Re: systemd CVE-2016-7796
Next by Date: Re: Wheezy update for qemu ?
Previous by thread: Re: Wheezy update of pacemaker?
Next by thread: Re: Security update of firefox-esr for Wheezy
Index(es):
- Date
- Thread