Search This Blog

Tuesday, May 27, 2014

[SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2938-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
May 27, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

The initial organisation and setup of Squeeze LTS has now happened and
it is ready for taking over security support once the standard security
support ends at the end of the month:


Information for users
=====================

Support for Squeeze LTS will end five years after the release of Squeeze,
i.e. until the 6th of February 2016.

You need to enable the apt sources for squeeze-lts manually.
Information on how to do this can be found at
https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list

You should also subscribe to the new annoucement mailing list for
security updates for squeeze-lts:
https://lists.debian.org/debian-lts-announce/

A few packages are not covered by the Squeeze LTS support. These can be
detected with the new tool debian-security-support. Information on how
to run it can be found here:
https://wiki.debian.org/LTS/Development#Check_for_unsupported_packages

If debian-security-support detects an unsupported package which is
critical to you, please get in touch with debian-lts@lists.debian.org
(see below).

squeeze-backports will continue to be supported for the lifetime of
Squeeze LTS.



Information for Debian maintainers
==================================

First of all, Debian package maintainers are not expected to work on
updates of their packages for squeeze-lts. Package updates for
squeeze-lts will be handled by the Debian LTS team.

However, if you _are_ interested in doing so (and the maintainer always
knows best on a package), you're certainly welcome to do so; everyone
in the Debian.org and Debian maintainers key ring can upload to the
squeeze-lts suite. Information on how to upload a fixed package can
be found at https://wiki.debian.org/LTS/Development#Upload_Packages



Mailing lists
=============

The whole coordination of the Debian LTS effort is handled through the
debian-lts mailing list: https://lists.debian.org/debian-lts/

Please subscribe or follow us via GMANE (gmane.linux.debian.devel.lts)

Aside from the debian-lts-announce list, there's also a list for
following all uploads in debian-lts:
https://lists.debian.org/debian-lts-changes/



Security Tracker
================

All information on the status of vulnerabilities (e.g. if the version in
squeeze-lts happens to be unaffected while wheezy is affected) will be
tracked in the Debian Security Tracker:

http://security-tracker.debian.org

If you happen to spot an error in the data, please see
https://security-tracker.debian.org/tracker/data/report


Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJThKRGAAoJEBDCk7bDfE42iCIQALY7814rCMM4ctvKLFbrFQy6
eYUBXob1PHKaYwf3ISZOAIVwqsFszvDfeLjI7gt0PN0HC6jpc5ephxbZDvk3jdVU
+VNEnrTd8StHE/M+Cj2lC6Mh27h8jn1FeS1rVMbG1CYNa9wo6BiR5pENKPeuLG3M
M54rrOCwtNQHFhbNrQ4m+RiOrQI62fTqGg1e0RXvBqXAdj4kc0dL9B9W4WUwhhtq
yaxjJVtk5847fSn3DuQbi/SbumTuiOb7BUMWixfUAM9IMODVn/I8TNKTcsAZAmY7
3Vz8LXjYV43/zkw69t8G8lEjkXovv+H4mrvShbtEAojCjL9WS5DCZViyiFNrDxu9
KK9EkbYEuTHv8Evgd42RPHwjt5Kw8KXwOr4LRX856Ti0gQj4rDQrDAM4L3hyXXFc
Gdhqa7VXSXX4TIS0zrrXkSZhG77zDvmQJibAtivMUafvU9BKx8Cc7tmJ5lxje6Sn
TbGrM62Pgou7F7AlLGl96cOijT8afEm+U2YUdtNgnqR3Z7kUWOhVDi217nwZk61z
Au7NwGmALtzbqlKArsWKK4JNKgUE1HrdgPGvKcsCFN5PlXK45u5HiQxH8jVjURIc
QV/VjqXE3OK3wOkx5XKeUNxKO9RlHxqKbI12PxhsR6yiBbZjMwN+PV2XlvOZ6in3
n0jz78yJ4H8u+R7milPO
=EG+m
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: https://lists.debian.org/20140527144340.GA3015@pisco.westfalen.local

No comments: