-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.0533
          Announcement of long term support for Debian oldstable
                               17 April 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Debian GNU/Linux 6.0
Publisher:         Debian
Operating System:  Debian GNU/Linux 6

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-2907

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2907-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
April 16, 2014                         http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

This is an advance notice that regular security support for Debian
GNU/Linux 6.0  (code name "squeeze") will be terminated on the 31st of
May.

However, we're happy to announce that security support for squeeze is
going to be extended until February 2016, i.e. five years after the 
initial release. This effort is driven by various interested parties /
companies which require longer security support. See the "LTS" section 
of https://lists.debian.org/debian-devel-announce/2014/03/msg00004.html
for the initial announcement.

The details are currently being sorted out and a more detailed 
announcement will be made soon.

Brief advance FAQ (but you should really wait for the more detailed 
announcement):

Q: What's the difference between regular security support and the LTS 
   support?
A: squeeze-lts is only going to support i386 and amd64. If you're
   running a different architecture you need to upgrade to Debian 7 
   (wheezy). Also there are going to be a few packages which will not
   be supported in squeeze-lts (e.g. a few web-based applications
   which cannot be supported for five years). There will be a tool to 
   detect such unsupported packages.

Q: Does this mean that Debian 7 (wheezy) and/or Debian 8 (jessie) will 
   have five years security support as well?
A: Likely, we'll see how squeeze-lts turns out. If there's sufficient 
   support it will be continued for later releases as well. Also, see 
   below.

Q: Is additional help needed?
A: Absolutely. squeeze-lts is not handled by the Debian security team, 
   but by a separate group of volunteers and companies interested in 
   making it a success (with some overlap in people involved). So, if
   you're a company using Debian and seeing a benefit in security 
   support for five years, get in touch with team@security.debian.org
   and we'll see how you can help (if you e.g. don't have the manpower /
   know how but are willing to contribute, we can point you to a list
   of Debian consultants)

Mailing list: debian-security-announce@lists.debian.org


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTTq40AAoJEBDCk7bDfE42irUP/07ESI2s3WobVwt6CWtLxgac
HdM11boSnqDJgoG6IV4hoOWgmeUluxQu+VH/e55k6etWN8tC4rYBgkDsOfRBLros
9S9XesreaJ7rS4RbGZSRwCqVMNPpMBCHcBIFchwMcSwjcVyBeNrfcfm6blBVkpY2
2t6ml6ar3au9mAS1WqhktAKfQY9YlrvXPnzNL2/fkW6U6hCPeqOPOa4glm0ZbXgA
qkkOZZ52anaz70FA5ZWsCnpktz8mwrnfKuoH3gDmLTo6cnuWBH0ZxB3kvKAnY9rn
2QWE0EUBYi/ch26E8RkQ4W8xHC+KTMdVnfsKyd8ggHBdaQBuQwSuqxCT75KLhjOd
9WWzlnI4UK0Q4M3SYoOqTtwC7ImBeIamDZ+bhOapDjzfA6Z1RovqZ2q5DkpxMStf
L95paG8lbgvggBZ6X+1hTBNxbhae4DLLsrXjCBSqk1DtiiWL/ukAsAKCJ6ufzX8f
2fTYBilb6o51wQTp+0fUuTRJkBv/jgp/PlaWLOaPDmlqFxmYTRr0HrLjaDuj4J7s
F8m6AS9Nw3lEzYo5g65xg0/xvq5hBa/A6zM+x7cn/21llOmPvY5VbWlcO5ywAYh7
151een6x4tWTSd7bLdvrxCiQWSYNnUnfFJcJz3v7kqPtRq4GnLyKzvpNtaOjzrx8
1OawvgPyZEqBBsb0sw11
=OwPu
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU09bVxLndAQH1ShLAQIDrw//SvOTulNmDouMmUTcJkCNqTg4Svra0tLE
WFpPS6GUVzVQpnS8MutkzDoTX5l8rZBVcgXgqkP3SYqNBP9WE56y6Eq8qdkJA7LI
NBHyJ+GmTeqTFm6h0ln5pWn7cTQffiAp/tNgrIUJMlzVfjpw6yQks7mxBqZYB5CJ
Vbix6TDxxTVdTwkk1kD9JtjXszLRsM5wq2RyWVXQXws65OuJea8VwsFmUfBtRCpV
+Q41blpZMqFT6twuj+gMX7cHdCXVN/TWPjz0blwMeKhbZjtYttNidRANg2SDjduH
FbytMoNnACIs/XLUvY4GLhtgMV67qeSj+ELVISpJWDo1Q4RkLB4vKDaht6ClOLEt
TKM9MKAc7nQEPGyHc+/ZxGoYx7arrunUuswc/YeMcrHW/Enr/DFoHkYDKMpeQr8Z
pZrW5dJiLAAmA0Yh32R9SiUZIaZjuM4kkUw7e+lDv+kj7Lc5+yvS5FqgV3gT1PHm
cGLoBZI1i1wFGC7Edf8ag/rzlSSh8F3MTtgoq5zmSa7B78YHjVeWaORMVTzPi6jy
5EaUvnoRUEYFjXb4lwgsCvUP9nfudVkOushpt4raQMMOgh8iG9+k/WCI+ZXc7UPA
21eu1e5BFpyo4wyOK4ekXAMUfT4NI2SJokP5NYGQ4ROrAd+10sCvUDD+yF+3CvxI
9V1dPKlUHgM=
=VOau
-----END PGP SIGNATURE-----