<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)">great thanks <br></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><img src="http://i923.photobucket.com/albums/ad79/candive/7d381ea0-1702-43dc-9185-0070677b1956_zpse48e93e2.png"><img src="http://i923.photobucket.com/albums/ad79/candive/PoweredbyLinuxEDITED_zps5856465c.jpg"><br></div></div></div>
<br><div class="gmail_quote">On 3 July 2016 at 12:57, Andrew Howlett <span dir="ltr"><<a href="mailto:andrew@howlett.net" target="_blank">andrew@howlett.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="background-color:rgb(255,255,255);line-height:initial" lang="en-US">                                                                                      <div style="width:100%;font-size:initial;font-family:Calibri,'Slate Pro',sans-serif,sans-serif;color:rgb(31,73,125);text-align:initial;background-color:rgb(255,255,255)">It's ok. Part of the mechanism ubuntu uses when copying packages from debian archive. Usually to fix a security related bug in an ubuntu package when the ubuntu package maintainer is slow to respond to the problem. More details:</div><div style="width:100%;font-size:initial;font-family:Calibri,'Slate Pro',sans-serif,sans-serif;color:rgb(31,73,125);text-align:initial;background-color:rgb(255,255,255)"><br></div><div style="width:100%;font-size:initial;font-family:Calibri,'Slate Pro',sans-serif,sans-serif;color:rgb(31,73,125);text-align:initial;background-color:rgb(255,255,255)"><br></div><h3 style="font-size:16px;line-height:24px;margin:0px 0px 8px;color:rgb(51,51,51);font-family:'Ubuntu Beta',UbuntuBeta,Ubuntu,'Bitstream Vera Sans','DejaVu Sans',Tahoma,sans-serif">Syncs</h3><span style="color:rgb(51,51,51);font-family:'Ubuntu Beta',UbuntuBeta,Ubuntu,'Bitstream Vera Sans','DejaVu Sans',Tahoma,sans-serif;font-size:13px;line-height:19px"></span><p style="font-size:13px;margin:0px 0px 1em;color:rgb(51,51,51);font-family:'Ubuntu Beta',UbuntuBeta,Ubuntu,'Bitstream Vera Sans','DejaVu Sans',Tahoma,sans-serif;line-height:19px">For community-supported packages, it's possible to perfrom a fake sync from the Debian security archive if the version in Ubuntu is the same as the base version in Debian. Eg, if package <tt></tt><tt>foo</tt><tt></tt> in Ubuntu 8.04 LTS is at version <tt></tt><tt>1.0-2</tt><tt></tt>, package <tt></tt><tt>foo</tt><tt></tt>in Debian Lenny also has version <tt></tt><tt>1.0-2</tt><tt></tt>, and the DSA for Debian uses <tt></tt><tt>1.0-2+lenny1</tt><tt></tt>, this package is suitable for syncing into Ubuntu using a<tt></tt><tt>fake sync</tt><tt></tt>. Basically, this is a no change rebuild using the version <tt></tt><tt><Debian DSA version>build0.<ubuntu release version>.1</tt><tt></tt>. Eg, for the above package, the new version in Ubuntu is <tt></tt><tt>1.0-2+lenny1build0.8.04.1</tt><tt></tt>. To ensure smooth upgrades from one Ubuntu release to another, you must be careful about versioning. ‎</p>                                                                                                                                     <div style="width:100%;font-size:initial;font-family:Calibri,'Slate Pro',sans-serif,sans-serif;color:rgb(31,73,125);text-align:initial;background-color:rgb(255,255,255)"><br></div>                                                                                                                                                                                                   <div style="font-size:initial;font-family:Calibri,'Slate Pro',sans-serif,sans-serif;color:rgb(31,73,125);text-align:initial;background-color:rgb(255,255,255)">Sent from my phone.</div>                                                                                                                                                                                  <table style="background-color:white;border-spacing:0px" width="100%"> <tbody><tr><td colspan="2" style="font-size:initial;text-align:initial;background-color:rgb(255,255,255)">                           <div style="border-style:solid none none;border-top-color:rgb(181,196,223);border-top-width:1pt;padding:3pt 0in 0in;font-family:Tahoma,'BB Alpha Sans','Slate Pro';font-size:10pt">  <div><b>From: </b>LP</div><div><b>Sent: </b>Sunday, July 3, 2016 10:33 AM</div><div><b>To: </b>Bruce-Grey Linux Users Group; The Canadian Ubuntu Users Community</div><div><b>Reply To: </b>Bruce-Grey Linux Users Group</div><div><b>Subject: </b>[Bglug] Update "*fake" question</div></div></td></tr></tbody></table><div><div class="h5"><div style="border-style:solid none none;border-top-color:rgb(186,188,209);border-top-width:1pt;font-size:initial;text-align:initial;background-color:rgb(255,255,255)"></div><br><div><div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)">Hi all,</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)">My System:<br>-Version-<br>Kernel        : Linux 3.19.0-32-generic (x86_64)<br>Compiled        : #37~14.04.1-Ubuntu SMP Thu Oct 22 09:41:40 UTC 2015<br>C Library        : Unknown<br>Default C Compiler        : GNU C Compiler version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3) <br>Distribution        : Linux Mint 17.3 Rosa<br>-Current Session-<br>Computer Name        : tb<br>User Name        : tb (TB)<br>Home Directory        : /home/tb<br>Desktop Environment        : LXDE<br>-Misc-<br>Uptime        : 7 minutes<br>Load Average        : 0.12, 0.31, 0.21<br>...........................................................................................................<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)"><i><b><u>is this a legit update and why is it marked "*fake"</u></b></i><br><br>"p7zip (9.20.1~dfsg.1-4+deb7u2build0.14.04.1) trusty-security; urgency=medium<br><br> <i><b><u> * fake sync from Debian</u></b></i><br><br> -- Tyler Hicks <<a href="mailto:tyhicks@canonical.com" target="_blank">tyhicks@canonical.com</a>>  Fri, 01 Jul 2016 13:34:07 -0500<br><br>p7zip (9.20.1~dfsg.1-4+deb7u2) wheezy-security; urgency=high<br><br>  * Non-maintainer upload by the LTS team.<br>  * Fix the heap buffer overflow in UDF handler (CVS-2016-2335) using patches<br>    from <a href="https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/" target="_blank">https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/</a><br>    (closes: #824160).<br><br> -- Brian May <<a href="mailto:bam@debian.org" target="_blank">bam@debian.org</a>>  Tue, 07 Jun 2016 08:07:49 +1000<br><br>p7zip (9.20.1~dfsg.1-4+deb7u1) wheezy-security; urgency=medium<br><br>  * Non-maintainer upload.<br>  * Delay creation of symlinks to prevent arbitrary file writes (CVE-2015-1038)<br>    (Closes: #774660) "<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)">Thank you<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)">LP<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:rgb(0,0,255)"><br clear="all"></div><div><div data-smartmail="gmail_signature"><div dir="ltr"><img><img><br></div></div></div>
</div>
<br></div></div></div></div>

<br>_______________________________________________<br>
Group mailing list<br>
<a href="mailto:Group@bglug.ca">Group@bglug.ca</a><br>
<a href="http://bglug.ca/mailman/listinfo/group_bglug.ca" rel="noreferrer" target="_blank">http://bglug.ca/mailman/listinfo/group_bglug.ca</a><br>
<br></blockquote></div><br></div>