Micah Anderson wrote:
According to debian-devel-announce@lists.debian.org message posted by Steve Langasek on Mon, 2 Aug 2004 00:11:55: Aug. 8: Official security support for sarge begins Anyone have any updates on this? Is it happening, is it delayed, what can we do to help? micah
From DWN [http://www.debian.org/News/weekly/2004/32/]: Investigating Sarge Security. Joey Hess [4]looked through every [5]security advisory issued in 2004 and checked to see if the security hole was fixed in sarge as well. Security holes not fixed yet in sarge include those in [6]libpng, [7]libpng3, [8]php4, [9]netkit-telnet-ssl, [10]pavuk, [11]www-sql, [12]lha, [13]log2mail, [14]hsftp, [15]trr19, and [16]slocate. The other 1.5 years worth of security advisories back to the release of woody would probably take several more days to check. [17]Investigation of security advisories from 2003 revealed that security updates for [18]tomcat4 and [19]gtksee are missing in sarge. 4. http://lists.debian.org/debian-release/2004/08/msg00144.html 5. http://www.debian.org/security/ 6. http://packages.debian.org/libpng 7. http://packages.debian.org/libpng3 8. http://packages.debian.org/php4 9. http://packages.debian.org/netkit-telnet-ssl 10. http://packages.debian.org/pavuk 11. http://packages.debian.org/www-sql 12. http://packages.debian.org/lha 13. http://packages.debian.org/log2mail 14. http://packages.debian.org/hsftp 15. http://packages.debian.org/trr19 16. http://packages.debian.org/slocate 17. http://lists.debian.org/debian-release/2004/08/msg00168.html 18. http://packages.debian.org/tomcat4 19. http://packages.debian.org/gtksee -- Felipe Massia Pereira