zoneminder CVEs

To: debian-lts@lists.debian.org
Subject: zoneminder CVEs
From: Guido Günther <agx@sigxcpu.org>
Date: Sun, 5 Feb 2017 19:55:27 +0100
Message-id: <[🔎] 20170205185527.dheldwj3rbhi6a5u@bogon.m.sigxcpu.org>
Mail-followup-to: Guido Günther <agx@sigxcpu.org>, debian-lts@lists.debian.org

Hi,
zoneminder has multiple CVEs open and it does not look pretty:

    http://seclists.org/bugtraq/2017/Feb/5

I think we have no choice but to end security support (or mark the
issues as no-dsa and move the package ot limited security support like
only run in trusted environments).
Cheers,
 -- Guido

Reply to:

Follow-Ups:
- Re: zoneminder CVEs
  - From: Markus Koschany <apo@debian.org>

Prev by Date: Re: [PATCH] lts-cve-triage: Allow to ignore unsupported packages
Next by Date: Re: testing and review requested for Wheezy update of apache2
Previous by thread: Re: [debian-security-support PATCH] Drop support for kfreebsd-*
Next by thread: Re: zoneminder CVEs
Index(es):
- Date
- Thread