Bug#564148: kstars: bad time zone bounds checking
Package: kstars Version: 4:3.5.9-2 Severity: minor Hello, when starting kstars I get lots of errors in the terminal: ... QTime::setHMS Invalid time -12:00:00.000 QTime::setHMS Invalid time -12:00:00.000 ExtDateTime::fromString: Parameter out of range ExtDateTime::fromString: Parameter out of range QTime::setHMS Invalid time -12:00:00.000 QTime::setHMS Invalid time -12:00:00.000 QTime::setHMS Invalid time -12:00:00.000 ... My time zone is NZST, which is GMT-12. you can try this at home with: TZ='Pacific/Auckland'; export TZ kstars thanks, Hamish -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core) Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages kstars depends on: ii indi 4:3.5.9-2 Instrument Neutral Distributed Int ii kdeedu-data 4:3.5.9-2 shared data for KDE educational ap ii kdelibs4c2a 4:3.5.10.dfsg.1-0lenny3 core libraries and binaries for al ii kstars-data 4:3.5.9-2 data files for KStars desktop plan ii libc62.7-18 GNU C Library: Shared libraries ii libgcc1 1:4.3.2-1.1 GCC support library ii libkdeedu3 4:3.5.9-2 library for use with KDE education ii libqt3-mt3:3.3.8b-5+b1 Qt GUI Library (Threaded runtime v ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3 ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime kstars recommends no packages. Versions of packages kstars suggests: pn kdeedu-doc-html(no description available) pn khelpcenter(no description available) ii konqueror 4:3.5.9.dfsg.1-6 KDE's advanced file manager, web b -- no debconf information -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564148: kstars: bad time zone bounds checking
> My time zone is NZST, which is GMT-12. I lie. We are GMT+12. I've tried it on another Lenny machine (this time amd64) and I still get errors printed to the terminal: ExtDateTime::fromString: Parameter out of range ExtDateTime::fromString: Parameter out of range The LT: time/date stamp in the top-left of the star canvas appears correctly. none the less, GMT-12 is a valid TZ. http://en.wikipedia.org/wiki/UTC-12 regards, Hamish -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#750141: libqt4-xml: vulnerable to billion laughs attack
Package: libqt4-xml
Severity: serious
Tags: security
Justification: security
Qt 4.8.6 has a fix for a denial of service attack due to XML entity
expansion ("billion laughs attack"). This fix doesn't seem to be in the
wheezy packages yet.
http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
Ubuntu patched their 4.8.4;
https://bugs.launchpad.net/ubuntu/+source/qt4-x11/+bug/1259577
Hamish
-- System Information:
Debian Release: 7.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13-0.bpo.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/20140602011905.1285.27539.report...@quokka.cloud.net.au
Bug#750141: libqt4-xml: vulnerable to billion laughs attack
On 09/06/14 15:17, Salvatore Bonaccorso wrote:
Hi,
On Sun, Jun 01, 2014 at 11:30:15PM -0300, Lisandro Damián Nicanor Pérez Meyer
wrote:
tag 750141 moreinfo
thanks
On Monday 02 June 2014 11:19:05 Hamish Moffatt wrote:
Package: libqt4-xml
Severity: serious
Tags: security
Justification: security
Qt 4.8.6 has a fix for a denial of service attack due to XML entity
expansion ("billion laughs attack"). This fix doesn't seem to be in the
wheezy packages yet.
http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
Ubuntu patched their 4.8.4;
https://bugs.launchpad.net/ubuntu/+source/qt4-x11/+bug/1259577
Hi Hamish! I patched Qt4 for jessie at that time but IIRC (I might be mixing
CVEs here) when I asked someone from the security team over IRC (or maybe by
mail, I don't remember now) they told me it wasn't too important to get an
update in stable.
Yep, perl mail It was on 2013-12-06, where Moritz had written:
Hi Lisandro,
this doesn't warrant a DSA. It can be fixed through a point update, though
or we can line it up for a future QT DSA.
Cheers,
Moritz
For the BTS, I think this was fixed in 4:4.8.5+git192-g085f851+dfsg-1.
Hi. OK I guess I can understand it not being too important to update
stable; while there are quite a lot of rdepends for libqt4-xml I don't
see many daemons among them. Depends on whether libqt4-xml is just being
used for config or whether to decode wire protocols, ie those apps could
be vulnerable to remote denial of service. mumble-server is one daemon I
notice..
Thanks
Hamish
--
To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5395941a.60...@cloud.net.au
Bug#792470: libqt5sql5: please package ibase driver
Package: libqt5sql5 Version: 5.3.2+dfsg-4+deb8u1 Severity: normal Please package the ibase driver. It's in Debian's Qt4 packaging, so this is a regression. Further, there's code in debian/rules to build it (if libqt5sql5-sqlite was in debian/control), and the source package actually depends on firebird-dev anyway. Hamish -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libqt5sql5 depends on: ii libc6 2.19-18 ii libqt5core5a 5.3.2+dfsg-4+deb8u1 ii libstdc++6 4.9.2-10 ii multiarch-support 2.19-18 Versions of packages libqt5sql5 recommends: ii libqt5sql5-sqlite 5.3.2+dfsg-4+deb8u1 libqt5sql5 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150715050938.19732.274.report...@quokka.cloud.net.au
Re: Bug#475547: okular is a pdf-viewer
reassign 475547 okular retitle 475547 okular: please Provide: pdf-viewer thanks On Thu, Apr 17, 2008 at 08:14:39AM -0400, CSights wrote: > Hi Hamish, > > > Debian does not have a pdf-viewer package. > > > > Maybe you are suggesting that okular should Provide: pdf-viewer? > > Yes, I guess that is what I am suggesting. :) "pdf-viewer" shows up as > a > virtual package in aptitude. I guess the bug should be assigned to okular? > (I don't know how virtual packages are created.) > > Thanks for your redirection, Hi C, Virtual packages are created by all of the relevant packages Providing them. I'll reassign this bug report to okular and ask it to Provide: pdf-viewer. Thanks for your suggestion. Hamish -- Hamish Moffatt VK3SB <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Qt ABI change - "undefined symbol: _ZN13QWindowsStyleC1Ev"?
Hi, (M-F-T hopefully set correctly as I'm not subscribed.) qsstv (from the qsstv package) fails to start on both amd64 and i386, with the error qsstv: symbol lookup error: qsstv: undefined symbol: _ZN13QWindowsStyleC1Ev This seems to be a Qt symbol. Recompiling the qsstv package fixes it, but it looks like something changed that isn't reflected in the dependencies. Any suggestions? Thanks, Hamish -- Hamish Moffatt VK3SB <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
