[PKG-Openstack-devel] Wheezy update of rabbitmq-server?

Ola Lundqvist ola at inguza.com
Fri Dec 30 22:16:13 UTC 2016 

Hi

I forgot to mention that I do not have proof that this is a
vulnerability also in the version in wheezy. The advisory mentions
that 3.x branch is affected. It do not mention 2.x. However I do not
see a reason why it should not be vulnerable. So I'll leave that to
the one investigating how to fix this.

Best regards

// Ola

On 30 December 2016 at 23:04, Ola Lundqvist <ola at inguza.com> wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of rabbitmq-server:
> https://security-tracker.debian.org/tracker/CVE-2016-9877
>
> Would you like to take care of this yourself?
>
> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
>
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts at lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
>
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
>
> You can also opt-out from receiving future similar emails in your
> answer and then the LTS Team will take care of rabbitmq-server updates
> for the LTS releases.
>
> Thank you very much.
>
> Ola Lundqvist,
>   on behalf of the Debian LTS team.
>
> PS: A member of the LTS team might start working on this update at
> any point in time. You can verify whether someone is registered
> on this update in this file:
> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
>



-- 
 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola at inguza.com                    Folkebogatan 26            \
|  opal at debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---------------------------------------------------------------

More information about the Openstack-devel mailing list