lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20140527144340.GA3015@pisco.westfalen.local>
Date: Tue, 27 May 2014 16:43:41 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2938-1                   security@...ian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
May 27, 2014                           http://www.debian.org/security/faq
- -------------------------------------------------------------------------

The initial organisation and setup of Squeeze LTS has now happened and 
it is ready for taking over security support once the standard security 
support ends at the end of the month:


Information for users
=====================

Support for Squeeze LTS will end five years after the release of Squeeze, 
i.e. until the 6th of February 2016.

You need to enable the apt sources for squeeze-lts manually. 
Information on how to do this can be found at
https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list

You should also subscribe to the new annoucement mailing list for 
security updates for squeeze-lts:
https://lists.debian.org/debian-lts-announce/

A few packages are not covered by the Squeeze LTS support. These can be
detected with the new tool debian-security-support. Information on how
to run it can be found here:
https://wiki.debian.org/LTS/Development#Check_for_unsupported_packages

If debian-security-support detects an unsupported package which is 
critical to you, please get in touch with debian-lts@...ts.debian.org
(see below).

squeeze-backports will continue to be supported for the lifetime of 
Squeeze LTS.



Information for Debian maintainers
==================================

First of all, Debian package maintainers are not expected to work on 
updates of their packages for squeeze-lts. Package updates for 
squeeze-lts will be handled by the Debian LTS team.

However, if you _are_ interested in doing so (and the maintainer always
knows best on a package), you're certainly welcome to do so; everyone
in the Debian.org and Debian maintainers key ring can upload to the 
squeeze-lts suite. Information on how to upload a fixed package can 
be found at https://wiki.debian.org/LTS/Development#Upload_Packages



Mailing lists
=============

The whole coordination of the Debian LTS effort is handled through the
debian-lts mailing list: https://lists.debian.org/debian-lts/

Please subscribe or follow us via GMANE (gmane.linux.debian.devel.lts)

Aside from the debian-lts-announce list, there's also a list for 
following all uploads in debian-lts: 
https://lists.debian.org/debian-lts-changes/



Security Tracker
================

All information on the status of vulnerabilities (e.g. if the version in 
squeeze-lts happens to be unaffected while wheezy is affected) will be 
tracked in the Debian Security Tracker:  

http://security-tracker.debian.org

If you happen to spot an error in the data, please see 
https://security-tracker.debian.org/tracker/data/report


Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJThKRGAAoJEBDCk7bDfE42iCIQALY7814rCMM4ctvKLFbrFQy6
eYUBXob1PHKaYwf3ISZOAIVwqsFszvDfeLjI7gt0PN0HC6jpc5ephxbZDvk3jdVU
+VNEnrTd8StHE/M+Cj2lC6Mh27h8jn1FeS1rVMbG1CYNa9wo6BiR5pENKPeuLG3M
M54rrOCwtNQHFhbNrQ4m+RiOrQI62fTqGg1e0RXvBqXAdj4kc0dL9B9W4WUwhhtq
yaxjJVtk5847fSn3DuQbi/SbumTuiOb7BUMWixfUAM9IMODVn/I8TNKTcsAZAmY7
3Vz8LXjYV43/zkw69t8G8lEjkXovv+H4mrvShbtEAojCjL9WS5DCZViyiFNrDxu9
KK9EkbYEuTHv8Evgd42RPHwjt5Kw8KXwOr4LRX856Ti0gQj4rDQrDAM4L3hyXXFc
Gdhqa7VXSXX4TIS0zrrXkSZhG77zDvmQJibAtivMUafvU9BKx8Cc7tmJ5lxje6Sn
TbGrM62Pgou7F7AlLGl96cOijT8afEm+U2YUdtNgnqR3Z7kUWOhVDi217nwZk61z
Au7NwGmALtzbqlKArsWKK4JNKgUE1HrdgPGvKcsCFN5PlXK45u5HiQxH8jVjURIc
QV/VjqXE3OK3wOkx5XKeUNxKO9RlHxqKbI12PxhsR6yiBbZjMwN+PV2XlvOZ6in3
n0jz78yJ4H8u+R7milPO
=EG+m
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ