Security Information / 2014 / Security Information -- DSA-2938-1

Debian Security Advisory

DSA-2938-1 -- Availability of LTS support for Debian 6.0 / squeeze

Date Reported:

27 May 2014

Affected Packages:

Vulnerable:

No

Security database references:

No other external database security references currently available.

More information:

The initial organisation and setup of Squeeze LTS has now happened and it is ready for taking over security support once the standard security support ends at the end of the month:

Information for users

Support for Squeeze LTS will end five years after the release of Squeeze, i.e. until the 6th of February 2016.

You need to enable the apt sources for squeeze-lts manually. Information on how to do this can be found at https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list

You should also subscribe to the new annoucement mailing list for security updates for squeeze-lts: https://lists.debian.org/debian-lts-announce/

A few packages are not covered by the Squeeze LTS support. These can be detected with the new tool debian-security-support. Information on how to run it can be found here: https://wiki.debian.org/LTS/Development#Check_for_unsupported_packages

If debian-security-support detects an unsupported package which is critical to you, please get in touch with debian-lts@lists.debian.org (see below).

squeeze-backports will continue to be supported for the lifetime of Squeeze LTS.

Information for Debian maintainers

First of all, Debian package maintainers are not expected to work on updates of their packages for squeeze-lts. Package updates for squeeze-lts will be handled by the Debian LTS team.

However, if you are interested in doing so (and the maintainer always knows best on a package), you're certainly welcome to do so; everyone in the Debian.org and Debian maintainers key ring can upload to the squeeze-lts suite. Information on how to upload a fixed package can be found at https://wiki.debian.org/LTS/Development#Upload_Packages

Mailing lists

The whole coordination of the Debian LTS effort is handled through the debian-lts mailing list: https://lists.debian.org/debian-lts/

Please subscribe or follow us via GMANE (gmane.linux.debian.devel.lts)

Aside from the debian-lts-announce list, there's also a list for following all uploads in debian-lts: https://lists.debian.org/debian-lts-changes/

Security Tracker

All information on the status of vulnerabilities (e.g. if the version in squeeze-lts happens to be unaffected while wheezy is affected) will be tracked in the Debian Security Tracker:

https://security-tracker.debian.org

If you happen to spot an error in the data, please see https://security-tracker.debian.org/tracker/data/report