hi,
we might want to add the Squeeze LTS sources for 1.0.1,
to get e.g. this security fix.
anonym, and anyone else wanting to help with the RM duty, you'll
definitely want to subscribe to the debian-lts-announce list.
Package : gnutls26
Version : 2.8.6-1+squeeze4
CVE ID : CVE-2014-3466
Joonas Kuorilehto discovered that GNU TLS performed insufficient
validation of session IDs during TLS/SSL handshakes. A malicious
server could use this to execute arbitrary code or perform denial
or service.
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
