Bug#846389: plasma-workspace: random plasmashell freezes
Hi, yesterday before we open a bug in package xserver-xorg-core about plasmashell freezes ... https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850940 Regards! Guido
Processed: affects 848936, affects 832351, user debian...@lists.debian.org, usertagging 848936
Processing commands for cont...@bugs.debian.org: > affects 848936 = Bug #848936 [sddm] init-system-helpers: purging gdm3/lightdm/sddm/xdm leaves dangling /etc/systemd/system/display-manager.service symlink Removed indication that 848936 affects gdm3, sddm, lightdm, and xdm > affects 832351 = Bug #832351 [xdm] init-system-helpers: purging gdm3/lightdm/sddm/xdm leaves dangling /etc/systemd/system/display-manager.service symlink Removed indication that 832351 affects gdm3, lightdm, xdm, and sddm > user debian...@lists.debian.org Setting user to debian...@lists.debian.org (was a...@debian.org). > usertags 848936 piuparts There were no usertags set. Usertags are now: piuparts. > thanks Stopping processing here. Please contact me if you need assistance. -- 832351: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832351 848936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848936 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Still Failing: chroot-installation_jessie_install_kde_upgrade_to_stretch_aptdpkg_first/135
See https://jenkins.debian.net/job/chroot-installation_jessie_install_kde_upgrade_to_stretch_aptdpkg_first/135//console or just https://jenkins.debian.net/job/chroot-installation_jessie_install_kde_upgrade_to_stretch_aptdpkg_first/135/ for more information.
Still Failing: chroot-installation_jessie_install_kde-full_upgrade_to_stretch_aptdpkg_first/135
See https://jenkins.debian.net/job/chroot-installation_jessie_install_kde-full_upgrade_to_stretch_aptdpkg_first/135//console or just https://jenkins.debian.net/job/chroot-installation_jessie_install_kde-full_upgrade_to_stretch_aptdpkg_first/135/ for more information.
Processing of kopete_16.08.1-3_amd64.changes
kopete_16.08.1-3_amd64.changes uploaded successfully to localhost along with the files: kopete_16.08.1-3.dsc kopete_16.08.1-3.debian.tar.xz kopete-dbgsym_16.08.1-3_amd64.deb kopete_16.08.1-3_amd64.buildinfo kopete_16.08.1-3_amd64.deb libkopete-dev_16.08.1-3_amd64.deb libkopete4-dbgsym_16.08.1-3_amd64.deb libkopete4_16.08.1-3_amd64.deb Greetings, Your Debian queue daemon (running on host usper.debian.org)
Bug#827048: marked as done (kopete+otr send messages unencrypted without notice)
Your message dated Fri, 13 Jan 2017 15:06:28 +
with message-id
and subject line Bug#827048: fixed in kopete 4:16.08.1-3
has caused the Debian Bug report #827048,
regarding kopete+otr send messages unencrypted without notice
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
827048: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827048
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Subject: kopete+otr send messages unencrypted without notice
Package: kopete
Version: 4:4.14.1-2
Justification: user security hole
Severity: grave
Tags: security upstream
Dear Maintainer,
Using kopete with OTR plugin lead to messages sent unencrypted without notice.
(I discovered this after sending sensitive credentials while helping some
people remotely...)
After checking that OTR encryption was working ("private session started"
notice), I was helping people remotely while feeling secure. After a first
restart of the other end computer, I saw a notification saying that OTR session
was refreshed (which is normal$
Later on, I detected that, in fact, the people at the other end were getting
all my messages unencrypted... despite of the notification I got on my end.
First detection was done with "Opportunistic" policy on both sides. Then I
tested again with a full restart at both ends + "Always" policy for OTR plugin.
Same result: when the other end restarts and I keep my session opened, I get
the "OTR session refreshed"$
Several accounts credentials were sent in clear, among which for a root account.
When I pay attention for the "OTR session refreshed" message, and especially
when "Always" policy is used on both sides, I would expect to be alerted that
some internal issue canceled the encryption, no matters what's the reason.
The notifications are not reliable, and we're talking about a secure messaging
system here (OTR)... This forced me to uninstall kopete, since I cannot rely on
it for secure messaging.
Remarks:
- Two bugs already mention this in the bug tracking of kopete at
https://bugs.kde.org/show_bug.cgi?id=274099 and
https://bugs.kde.org/show_bug.cgi?id=362535
- While the kopete team cannot solve this (old) issue, I cannot believe debian
can go on propagating this dangerous thing and the heavy security consequences
to the community, among which are key journalists.
- Until it is fixed, the OTR plugin should be disabled for kopete, or the
kopete UI should at least alert about its experimental support status in red
uppercases.
Thanks a lot in advance for any action, to disable it or fix it!
-- System Information:
Debian Release: 8.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages kopete depends on:
ii kde-runtime 4:4.14.2-2
ii kdepim-runtime 4:4.14.2-3
ii libc6 2.19-18+deb8u4
ii libexpat1 2.1.0-6+deb8u3
ii libgadu31:1.12.0-5
ii libgif4 4.1.6-11+deb8u1
ii libglib2.0-02.42.1-1+b1
ii libidn111.29-1+deb8u1
ii libjasper1 1.900.1-debian1-2.4+deb8u1
ii libkabc44:4.14.2-2+b1
ii libkcmutils44:4.14.2-5
ii libkde3support4 4:4.14.2-5
ii libkdecore5 4:4.14.2-5
ii libkdeui5 4:4.14.2-5
ii libkdnssd4 4:4.14.2-5
ii libkemoticons4 4:4.14.2-5
ii libkhtml5 4:4.14.2-5
ii libkio5 4:4.14.2-5
ii libkmime4 4:4.14.2-2+b1
ii libknewstuff2-4 4:4.14.2-5
ii libknotifyconfig4 4:4.14.2-5
ii libkopete4 4:4.14.1-2
ii libkparts4 4:4.14.2-5
ii libkpimidentities4 4:4.14.2-2+b1
ii libmeanwhile1 1.0.2-5
ii libmediastreamer-base3 3.6.1-2.4+b1
ii libmsn0.3 4.2-2
ii libortp93.6.1-2.4+b1
ii libotr5 4.1.0-2+deb8u1
ii libphonon4 4:4.8.0-4
ii libqca2 2.0.3-6
ii libqimageblitz4 1:0.0.6-4
ii libqt4-dbus 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii libqt4-network 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii libqt4-qt3support 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii libqt4-sql 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii libqt4-xml 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii libqtcore4
kopete_16.08.1-3_amd64.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 13 Jan 2017 09:00:46 -0500 Source: kopete Binary: libkopete4 kopete libkopete-dev Architecture: source amd64 Version: 4:16.08.1-3 Distribution: unstable Urgency: medium Maintainer: Debian/Kubuntu Qt/KDE Maintainers Changed-By: Scott Kitterman Description: kopete - instant messaging and chat application libkopete-dev - development files for the Kopete instant messaging and chat appli libkopete4 - main Kopete library Closes: 827048 Changes: kopete (4:16.08.1-3) unstable; urgency=medium . * Team upload. * Add debian/patches/fix_otr.patch from upstream to resolve issue with unencrypted messages being sent without notice (Closes: #827048) Checksums-Sha1: 19b0d50d847804a6c7efbf0ac519f7eb8e39f2e2 2916 kopete_16.08.1-3.dsc d847aa9e7529bf7cdb0b14ed2864308afeb337ee 58192 kopete_16.08.1-3.debian.tar.xz 105a7d90bbfa6a902049a07dfc4c6e160faac328 61048834 kopete-dbgsym_16.08.1-3_amd64.deb 795205ad4be6634e82e4577909431d44522c5d30 16650 kopete_16.08.1-3_amd64.buildinfo 952451586b3c75e9f1918c97f6206e9b9c8a832a 6753472 kopete_16.08.1-3_amd64.deb 60958bbe1a85349e8a3051bf242011669f95f4e5 124342 libkopete-dev_16.08.1-3_amd64.deb 58f7f1c1766142be695d21e27e4deb3ca9dfff25 6067840 libkopete4-dbgsym_16.08.1-3_amd64.deb 08bcc13608eec581591493815caa9cd773bbb770 414162 libkopete4_16.08.1-3_amd64.deb Checksums-Sha256: f784bbdd2f9d6b4502fee6d26bedd5558193c8d7a09d233c34b5477b1d5f86ab 2916 kopete_16.08.1-3.dsc 1c5b2eb91d5cbed8a08eeabe106f5a2e064b28ebba05e9994abe9239f26c3e08 58192 kopete_16.08.1-3.debian.tar.xz 8d48de7b52cd3890745126e539cb2f2d1e2b51b03d9f05f40a97f6c5814f7a43 61048834 kopete-dbgsym_16.08.1-3_amd64.deb fbacd49604c46f8d991ce317e6c5329f3411b36ddde9e72b6c77c39150859d7f 16650 kopete_16.08.1-3_amd64.buildinfo 8def94b2cde9295aab462a2231b5856ca853b3f90e3f240f221c453132fe27fd 6753472 kopete_16.08.1-3_amd64.deb 5d9091884bdf77b2ea2ccb242b7d1fac9b2925bd8adf5b4f67a11c7e2e425756 124342 libkopete-dev_16.08.1-3_amd64.deb 2c04947cb519dddef3c9324e6742f55d981bff0d72aaa3653616d6d9f1f67a46 6067840 libkopete4-dbgsym_16.08.1-3_amd64.deb 1fbe1b9ffee055a453fe012fd378537126e3f791d621ae4514282710fdc4a75e 414162 libkopete4_16.08.1-3_amd64.deb Files: 58f46329570276922cf2b7f7f5f5a6be 2916 kde optional kopete_16.08.1-3.dsc 3177eb696b2dfdf9a937068dfee85215 58192 kde optional kopete_16.08.1-3.debian.tar.xz e1e2949aaeb2fe61e18dd7265516ab7f 61048834 debug extra kopete-dbgsym_16.08.1-3_amd64.deb 031de9eb270fa49617c3faf9d666b82a 16650 kde optional kopete_16.08.1-3_amd64.buildinfo 0e86e471c969582138f96980251768f8 6753472 net optional kopete_16.08.1-3_amd64.deb 5de6aef1ea5fb6abb37f48ff79746207 124342 libdevel optional libkopete-dev_16.08.1-3_amd64.deb c32cb52b8fba424f66bb6daeea4d8415 6067840 debug extra libkopete4-dbgsym_16.08.1-3_amd64.deb 3d339520fb3e35b329d97fe122c06edd 414162 libs optional libkopete4_16.08.1-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJYeOO/AAoJEHjX3vua1ZrxWcMQAIV4vUW6RboeuSWU41Af6HF9 3tdAuXxszeiJ8ATe5graxdjcGRE9J72I5pVI8tDvSB6pjCQpydnKL/j6xGMwBPhT A3dqyghmDFJt3Rs+bFWuE7Xmbzgt9vLlw6CkLL69oUGbrE5KMKv+Xppg1T6rHnga swJIuUtYz4vWz9ukTizbOA09uMVzNBzXawe/InrEiu2ZxN/xPqafyY/gC/rfojk+ nNR0NwhBZ+YZypYd9+PrG7z5Ax4MbweryG2AP5V7cvZdBJmXVPt32BG8D6s0cPsS 1UKlVQQi64kw9we6Vz2HdQs7waS5sQDO4doYRTluQ4rZEL3HZamrD9LcdskRGdyd x+iDAdy7pxSTyCWdgEKmEz+xttTj1+YSk925lbwtGyefSLSCHEb/r2VccfIlaCg8 ArjZA3wn18oSMw0kCVDa2R3Xbt+MJBhpRV1ldd1ZVJ3smrisuORp71/yaFjPOoDE 2SepSBgDybr1CQfG2B8a7IlJBv1Tb/17L4AjGvm/bav8WXzQdA4WhFB32ZZJf9q1 Wd5l5z2ifuEonsMPjD4t+3VNl5QlBRLhVkRpLVV279qcAKqhACYyLonoC9XkjPbb ApknXodOmQopumD2Da0iHPM6aDrAcMrEueOStg5BpNmgiyg4RU63l0BkTqiPZRSt x+SOa0NBQ122KITkiPRL =C35G -END PGP SIGNATURE- Thank you for your contribution to Debian.
=Предлагаем информацию = kfilerepl...@packages.debian.org
Добрый день, коллеги! Готовы предоставить информацию для компаний нефтегазового сектора: Platts European Marketscan - Ежедневный обзор европейского рынка нефтепродуктов публикует цены на все основные нефтепродукты на европейских и азиатских рынках, которые также используются для расчета стоимости наличных поставок. Platts Crude Oil Marketwire- Ежедневный обзор рынка сырой нефти публикует цены на спотовую нефть сорта Брент, по цене которой рассчитывается текущая стоимость до 75% всей остальной нефти в мире. Platts LPGaswire - Ежедневный отчёт по рынкам СПГ/СПГ Platts Dirty Tankerwire- Ежедневный отчет по рынку "грязных" танкеров Russian domestic market- Ежедневный обзор российского рынка нефтепродуктов Platts Europe And Americas Petrochemical Scan - Еженедельный обзор рынка нефтехимии ARGUS International LPG- Ежедневный отчёт по рынкам LPG Аргус Сжиженный газ и конденсат- Еженедельный отчёт Argus Рынок нефти России - Ежедневный отчёт по рынкам Argus Экспорт нефти России - Еженедельный отчёт Если интересует образец информации - пишите запрос, отправим файл Информация отправляется от 8-30 до 12-00 по Московскому времени Варианты оплаты и стоимость - оговариваются Купим информацию от Platts и Аргус или можем предложить Вам обмен Вашей информации на наши котировки Просим прощения, если Вас не заинтересовала эта информация 13.01.2017 19:56:45 ld
Processed: Bug is also in stretch
Processing commands for cont...@bugs.debian.org: > found 850874 4:16.08.2-1 Bug #850874 [src:ark] ark: CVE-2017-5330: Unintended execution of scripts and executable files Marked as found in versions ark/4:16.08.2-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 850874: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850874 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
