[Pkg-postgresql-public] squeeze update of postgresql-8.4?
Christoph Berg
myon at debian.org
Thu Oct 8 20:59:29 UTC 2015
Re: Santiago Ruano Rincón 2015-10-08 <20151008161110.GA2567 at nomada>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of postgresql-8.4:
> https://security-tracker.debian.org/tracker/CVE-2015-5288
> https://security-tracker.debian.org/tracker/CVE-2015-5289
8.4 is only affected by -5288, but I think it's a minor issue for
which I don't plan a DSA even for wheezy, but only through
oldstable-pu.
What will happen though is that we (credativ) will be releasing a new
LTS version of the 8.4 branch which will get included in squeeze-lts,
so this issue will still get fixed in squeeze-lts.
> Would you like to take care of this yourself? We are still understaffed so
> any help is always highly appreciated.
>
> If yes, please follow the workflow we have defined here:
> http://wiki.debian.org/LTS/Development
>
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts at lists.debian.org
> (via a debdiff, or with an URL pointing to the the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
>
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
Thanks for the boilerplate - you might have noticed that we indeed
took care of this package in the past :)
> PS: A member of the LTS team might start working on this update at
> any point in time. You can verify whether someone is registered
> on this update in this file:
> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
I've updated CVE/list, not sure if you want to have the above noted in
dla-needed.txt as well.
Christoph
--
cb at df7cb.de | http://www.df7cb.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-postgresql-public/attachments/20151008/936c4f02/attachment-0001.sig>
More information about the Pkg-postgresql-public
mailing list