AW: Shellshock: Has CVE-2014-7186 and CVE-2014-7187 been addressed for debian
Sorry, but I don't get it why the package update should be in oldstable...
It's clear that squeeze is not supported anymore and the important packages will get security updates via squeeze-LTS (other security team than stable sec team)
So where is the problem to add squeeze LTS in apt/sources.list ?
Why to update a package in a repository which is out of date?
> -----Ursprüngliche Nachricht-----
> Von: Andrew McGlashan [mailto:andrew.mcglashan@affinityvision.com.au]
> Gesendet: Samstag, 27. September 2014 22:33
> An: debian-security@lists.debian.org
> Betreff: Re: Shellshock: Has CVE-2014-7186 and CVE-2014-7187 been
> addressed for debian
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 28/09/2014 4:29 AM, Martin Holub wrote:
> > Please according to the Security Tracker [1,2] booth are fixed in
> > stable and oldstable.
>
> NOT QUITE ..... fixed in stable [wheezy]
> and "oldstable-LTS" [squeeze-lts] ....
>
>
> BUT NOT oldstable [squeeze] it is NOT fixed,
> nor is it still supported. :(
>
> Cheers
> A.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
>
> iF4EAREIAAYFAlQnHwcACgkQqBZry7fv4vvwvwEAvyOLseQFtGPpRVgKACCMJ
> Lz0
> TDB8s+yhSRm1B6hF7N8A/2EtYBzUYE27bOiJPy5Wd9v2hf6K1iZNBnhnOhp8gp
> S6
> =CYzm
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> Archive: [🔎] 54271F09.8010109@affinityvision.com.au">https://lists.debian.org/[🔎] 54271F09.8010109@affinityvision.com.au
Reply to: