:: Re: [DNG] bluez and CVE-2017-100025…
Página Principal
Delete this message
Reply to this message
Autor: Lars Noodén
Data:  
Para: dng@lists.dyne.org
Assunto: Re: [DNG] bluez and CVE-2017-1000251 + CVE-2017-1000250 ?
On 09/14/2017 01:02 PM, Florian Zieboll wrote:
[snip]
> If not (as in this case) you can stick to the Debian security advisory,
> which states that you should get the "+deb9u1" version before
> connecting that dongle again.


Thanks. Should I add a Debian repository to get the +deb9u1 version?
I've been searching around on and off the Devuan site and not finding
any hint.

Here's what I have in my main soures.list file:

$ sed '/^$/d; /^#/d; /^deb-src/d;' /etc/apt/sources.list
deb http://fi.mirror.devuan.org/merged/ ascii main non-free contrib
deb http://fi.mirror.devuan.org/merged/ ascii-security main contrib non-free
deb http://fi.mirror.devuan.org/merged/ ascii-updates main contrib non-free
deb http://fi.mirror.devuan.org/merged/ ascii-backports main contrib
non-free
deb http://packages.devuan.org/merged ascii main contrib non-free

> Regarding packages modified for Devuan, I'd have a look at the
> package's "Activity" tab at https://git.devuan.org/devuan-packages/

[snip]

Ok. bluez is not on that list there.

/Lars