Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update

To: Chris Lamb <lamby@debian.org>, "Dr. Tobias Quathamer" <toddy@debian.org>, pkg-golang-devel@lists.alioth.debian.org, debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Mon, 11 Feb 2019 09:28:47 +0100
Message-id: <[🔎] d3303d26-b10b-5ec5-6c4e-8c88ccf308c2@debian.org>
In-reply-to: <[🔎] 1549873480.2443213.1655316832.1771B62E@webmail.messagingengine.com>
References: <1549487846.1383386.1652418456.3E7F3504@webmail.messagingengine.com> <[🔎] 87sgx0czxg.fsf@curie.anarc.at> <[🔎] 1549492932.1416963.1652472560.7AF26085@webmail.messagingengine.com> <[🔎] 20190206232434.kkewmke2k4nvzchc@layer-acht.org> <[🔎] 20190208080249.GA1565@eldamar.local> <[🔎] 20190208112430.asu5lh3alyb7ze43@layer-acht.org> <[🔎] 1549639248.842811.1653755776.05F5FF4D@webmail.messagingengine.com> <[🔎] af840525-22d9-63c8-a227-bd9273042ef6@debian.org> <[🔎] 1549643465.1570497.1653807240.011EC3B6@webmail.messagingengine.com> <[🔎] 7af43752-2b38-e494-5063-e0fb6a14b247@debian.org> <[🔎] 039422b7-31fa-e1f4-88ca-dae6ac153026@debian.org> <[🔎] 1549873480.2443213.1655316832.1771B62E@webmail.messagingengine.com>

On 11/02/2019 09:24, Chris Lamb wrote:
> Hi Tobias,
> 
>> The remaining packages on the list maybe need a rebuild for jessie:
>>
>> aptly
>> direnv
>> golang-bindata
>> golang-gogoprotobuf
>> golang-goprotobuf
>> heartbleeder
>> kxd
>> ngrok
>> obfs4proxy
>> pt-websocket
>> slt
> 
> Great stuff — thanks for this. LTS team, just as a sanity check;
> uploading each of these with "dpkg-buildpackage -S […]" should be
> sufficient, right?

Erm, why -S ? You need a source+binary upload, as usual.

Also, can't we reduce this list further? Are all those packages using the crypto
module? Or is there no easy way to determine that?

Emilio

Reply to:

Follow-Ups:
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: Michael Hudson-Doyle <michael.hudson@canonical.com>
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: Chris Lamb <lamby@debian.org>

References:
- Re: [SECURITY] [DLA 1664-1] golang security update
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: [SECURITY] [DLA 1664-1] golang security update
  - From: Chris Lamb <lamby@debian.org>
- Re: [SECURITY] [DLA 1664-1] golang security update
  - From: Holger Levsen <holger@layer-acht.org>
- Re: [SECURITY] [DLA 1664-1] golang security update
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: [SECURITY] [DLA 1664-1] golang security update
  - From: Holger Levsen <holger@layer-acht.org>
- Re: [SECURITY] [DLA 1664-1] golang security update
  - From: Chris Lamb <lamby@debian.org>
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: "Dr. Tobias Quathamer" <toddy@debian.org>
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: Chris Lamb <lamby@debian.org>
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: "Dr. Tobias Quathamer" <toddy@debian.org>
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: "Dr. Tobias Quathamer" <toddy@debian.org>
- Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
Next by Date: Re: PHP 5.6.40 on Jessie
Previous by thread: Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
Next by thread: Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
Index(es):
- Date
- Thread