Re: Wheezy update of openafs?

To: Thorsten Alteholz <debian@alteholz.de>
Cc: Anders Kaseorg <andersk@mit.edu>, debian-lts@lists.debian.org
Subject: Re: Wheezy update of openafs?
From: Benjamin Kaduk <kaduk@mit.edu>
Date: Sun, 10 Dec 2017 16:12:40 -0600
Message-id: <[🔎] 20171210221239.GR39477@kduck.kaduk.org>
In-reply-to: <[🔎] alpine.DEB.2.02.1712101947590.13531@jupiter.server.alteholz.net>
References: <[🔎] alpine.DEB.2.02.1712101947590.13531@jupiter.server.alteholz.net>

Hi Thorsten,

On Sun, Dec 10, 2017 at 07:49:33PM +0100, Thorsten Alteholz wrote:
> Hi Benjamin and Anders,
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of openafs:
> https://security-tracker.debian.org/tracker/source-package/openafs
> 
> Would you like to take care of this yourself?

Thanks for checking in, but history and the size of my todo list
indicate that I will not be able to take care of this myself.

That said, the patch should cherry-pick/backport quite easily, as
the code in question should not have really changed between wheezy
and jessie.  (I also think there are some non-security issues known
with the version in wheezy that probably make it unsuitable for use
in many sites, but I suppose that should not keep us from providing
updates.)

-Ben

> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
> 
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
> 
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
> 
> You can also opt-out from receiving future similar emails in your
> answer and then the LTS Team will take care of openafs updates
> for the LTS releases.
> 
> Thank you very much.
> 
> Thorsten Alteholz,
>    on behalf of the Debian LTS team.
> 
> PS: A member of the LTS team might start working on this update at
> any point in time. You can verify whether someone is registered
> on this update in this file:
> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
> 
>

Reply to:

References:
- Wheezy update of openafs?
  - From: Thorsten Alteholz <debian@alteholz.de>

Prev by Date: Re: November Report
Next by Date: Re: CVE-2017-9935 / tiff
Previous by thread: Wheezy update of openafs?
Next by thread: Wheezy update of erlang?
Index(es):
- Date
- Thread