Re: [SECURITY] [DSA 3053-1] openssl security update
On Sat, 2014-10-18 at 23:59 +0100, Jonathan Wiltshire wrote:
> On 2014-10-18 22:08, Julian Gilbey wrote:
> > On Thu, Oct 16, 2014 at 05:48:24PM +0200, Thijs Kinkhorst wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> -
> >> -------------------------------------------------------------------------
> >> Debian Security Advisory DSA-3053-1
> >> security@debian.org
> >> http://www.debian.org/security/ Thijs
> >> Kinkhorst
> >> October 16, 2014
> >> http://www.debian.org/security/faq
> >> -
> >> -------------------------------------------------------------------------
> >>
> >> Package : openssl
> >> CVE ID : CVE-2014-3513 CVE-2014-3566 CVE-2014-3567
> >> CVE-2014-3568
> >> [...]
> >
> > Now that the jessie release is well underway, is it possible either to
> > request unblocks for security uploads or to begin to support a
> > jessie/testing suite in security.debian.org?
>
> Technically nothing is blocked yet (except udebs), but yes of course
> security fixes are a reasonable justification for an unblock request,
> when that time does come.
>
> A Jessie security archive is up to the security team and FTP masters.
>
> --
> Jonathan Wiltshire jmw@debian.org
> Debian Developer http://people.debian.org/~jmw
>
> 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
>
> <directhex> i have six years of solaris sysadmin experience, from
> 8->10. i am well qualified to say it is made from bonghits
> layered on top of bonghits
>
>
I always thought that both Stable and Testing were supported by the
security team.
deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib
non-free
Not sure what is in there, but they are active.
Reply to: