[Pkg-openssl-devel] squeeze update of openssl?
Guido Günther
agx at sigxcpu.org
Fri Jun 12 16:49:54 UTC 2015
Hello dear maintainers,
the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of openssl:
https://security-tracker.debian.org/tracker/CVE-2014-8176
https://security-tracker.debian.org/tracker/CVE-2015-1789
https://security-tracker.debian.org/tracker/CVE-2015-1790
https://security-tracker.debian.org/tracker/CVE-2015-1791
https://security-tracker.debian.org/tracker/CVE-2015-1792
https://security-tracker.debian.org/tracker/CVE-2015-4000
I have left CVE-2015-4000 in the list since I'm unsure what we should
do about it in squeeze. Any feedback on this would be very welcome.
Would you like to take care of this yourself? We are still understaffed so
any help is always highly appreciated.
If yes, please follow the workflow we have defined here:
http://wiki.debian.org/LTS/Development
If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts at lists.debian.org
(via a debdiff, or with an URL pointing to the the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.
If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.
Thank you very much.
Guido Günther,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
More information about the Pkg-openssl-devel
mailing list