Re: Wheezy update of wireshark?

To: Chris Lamb <lamby@debian.org>
Cc: Debian LTS <debian-lts@lists.debian.org>
Subject: Re: Wheezy update of wireshark?
From: Bálint Réczey <balint@balintreczey.hu>
Date: Sat, 18 Feb 2017 01:22:19 +0100
Message-id: <[🔎] CAK0OdpzpVpivjevSWJSeXwD5=6KdfFZ4vhTo2CioEOTS-vYEWw@mail.gmail.com>
Reply-to: balint@balintreczey.hu
In-reply-to: <[🔎] 1487359925.90047.884596176.38F2940F@webmail.messagingengine.com>
References: <[🔎] 1487359925.90047.884596176.38F2940F@webmail.messagingengine.com>

Hi All,

Thank you for the upload, but I would have happily handled the CVE
since I have already prepared
other CVE-s for the next batch in the packaging repository.

I saw the email on my phone but I expected longer timeout for waiting
for my response.
There is also debian/README.Debian.security in the source which says
that only code injection vulnerabilities are fixed very quickly.

Were there any reason for handling the last CVE very quickly? I can
catch up with the changes in Jessie.

Cheers,
Balint

2017-02-17 20:32 GMT+01:00 Chris Lamb <lamby@debian.org>:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of wireshark:
> https://security-tracker.debian.org/tracker/source-package/wireshark
>
> Would you like to take care of this yourself?
>
> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
>
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
>
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
>
> You can also opt-out from receiving future similar emails in your
> answer and then the LTS Team will take care of wireshark updates
> for the LTS releases.
>
> Thank you very much.
>
> Chris Lamb,
>   on behalf of the Debian LTS team.
>
> PS: A member of the LTS team might start working on this update at
> any point in time. You can verify whether someone is registered
> on this update in this file:
> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
>
>
> Regards,
>
> --
>       ,''`.
>      : :'  :     Chris Lamb
>      `. `'`      lamby@debian.org / chris-lamb.co.uk
>        `-

Reply to:

Follow-Ups:
- Re: Wheezy update of wireshark?
  - From: Moritz Mühlenhoff <jmm@inutil.org>

References:
- Wheezy update of wireshark?
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Wheezy update of wireshark?
Next by Date: Re: Wheezy update of wireshark?
Previous by thread: Wheezy update of wireshark?
Next by thread: Re: Wheezy update of wireshark?
Index(es):
- Date
- Thread