Hi Christian, On Fr 15 Mär 2019 15:11:11 CET, Christian Kastner wrote:
Hi Mike, On 2019-03-15 14:52, Mike Gabriel wrote:Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of cron: https://security-tracker.debian.org/tracker/CVE-2019-9704 https://security-tracker.debian.org/tracker/CVE-2019-9705 https://security-tracker.debian.org/tracker/CVE-2019-9706 https://security-tracker.debian.org/tracker/CVE-2017-9525 For Debian stretch, these issues have been marked as <no-dsa>. However, for Debian LTS, we would like to get those issues resolved. Would you like to take care of this yourself?I had planned to prepare fixes for jessie and stretch, but in discussion with the security team, it was considered to wait until these fixes migrate to buster before we fix stable and oldstable. If you'd rather not wait, I can prepare fixes earlier, but not before Sunday -- I should probably make Tuesday.
Ok. Please send a .debdiff for jessie to this list (and directly to me, too, so I don't miss it).
I'll handle the upload and processing and also backport your changes to wheezy ELTS then.
Thanks for the quick response, Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunweaver@debian.org, http://sunweavers.net
Attachment:
pgpXDx_dAwi0E.pgp
Description: Digitale PGP-Signatur