control: tags -1 moreinfo
Hi Christian,
On 31-05-2023 20:05, Christian Kastner wrote:
I'm willing to do what it takes to get this fixed in testing, but I'm
not sure which solution, if any, is agreeable to the RT:
(6) Alternatives?
Please upload hipsparse to tpu (targeting bookworm in the c
control: tags -1 moreinfo
On 24-05-2023 18:44, Martin-Éric Racine wrote:
1) Ensure build from source on recent autoconf.
What does this mean? Does it now FTBFS? (I checked on reproducible
builds, but that doesn't seem to be the case).
Without an extremely good reason I'm currently not seein
Hi Wouter,
On Wed, May 31, 2023 at 12:18:00PM +0200, Wouter Verhelst wrote:
> I don't think it is. All packages that do things at early boot have
> complicatd requirements; nbd isn't the only one. It's just the first one
> you hear about.
Thank you for not giving up here.
> > and that debvm may
Hello (again),
On Wed, May 31, 2023 at 03:26:23PM -0700, Greg wrote:
[...]
> RUN DEBIAN_FRONTEND=noninteractive apt-get -y update && \
> apt-get install -yq --no-install-recommends msmtp-mta s-nail htop dialog
> less paxctl sudo
I didn't noticed it in the first place but you also have to set
Hello Greg,
On Wed, May 31, 2023 at 03:26:23PM -0700, Greg wrote:
[...]
> Regarding your commit here:
> https://salsa.debian.org/kolter/msmtp/-/commit/7633ea472e24bf3be003396a2e4567d101f8cf53
>
> This has added a TUI when installing the `msmtp-mta` package that
> appears even on non-interactive
[Pijgn]
> OpenSnitch in Debian is currently incompatible with (some?) kernel space
> network tools such as wireguard and NFS. These are entirely unusable so
> long as the opensnitchd service is running.
I use opensnitch with NFS on Debian Bookworm, and have not noticed it is
making NFS unusable.
Hi Ryan,
On Wed, May 31, 2023 at 04:34:31PM -0700, Ryan Tandy wrote:
> Hi, thanks for the report. If I've understood the issue correctly (DoS/crash
> if malloc fails), it does not look too urgent.
Correct, agreed.
> Although the fixes look safe enough, I think we could wait until after
> bookwor
On 5/31/23 23:30, Salvatore Bonaccorso wrote:
Hi Yadd,
On Wed, May 31, 2023 at 03:13:06PM +0400, Yadd wrote:
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: jquer...@packages.debian.org
Control: affects -1 + src
Hi,
* Nick Hastings [230530 16:01]:
>
> * Mario Limonciello [230530 13:00]:
> > As you're actually loading nouveau, can you please try nouveau.runpm=0 on
> > the kernel command line?
>
> I'm not intentionally loading it. This machine also has intel graphics
> which is what I prefer. Checking
Hi, thanks for the report. If I've understood the issue correctly
(DoS/crash if malloc fails), it does not look too urgent.
Although the fixes look safe enough, I think we could wait until after
bookworm is released, and fix this in unstable first and in a point
release later. Does that sound
Source: libopenmpt
Version: 0.7.0-1
Severity: serious
Tags: experimental
libopenmpt 0.7.0-1 in experimental has failing autopkgtests because of
errors emitted because of a deprecation warning.
pattern-dump-c.c: In function ‘main’:
pattern-dump-c.c:25:13: warning: ‘openmpt_stream_get_file_callback
Package: opensnitch
Version: 1.5.8.1-1+b2
Severity: wishlist
Tags: upstream
Dear Maintainer,
OpenSnitch in Debian is currently incompatible with (some?) kernel space
network tools such as wireguard and NFS. These are entirely unusable so
long as the opensnitchd service is running. An eBPF modul
Package: prometheus-smokeping-prober
Version: 0.4.1-2+b5
Severity: normal
Tags: patch
X-Debbugs-Cc: tim_woot...@yahoo.com
Dear Maintainer,
Please include an /etc/init.d script as is provided with other prometheus
exporters
-- System Information:
Debian Release: 11.7
APT prefers stable-updates
Package: msmtp-mta
Version: 1.8.6-1
Severity: important
Dear Maintainer,
Regarding your commit here:
https://salsa.debian.org/kolter/msmtp/-/commit/7633ea472e24bf3be003396a2e4567d101f8cf53
This has added a TUI when installing the `msmtp-mta` package that appears even
on non-interactive termina
On 31 May 2023 at 15:18, David Fifield wrote:
| Package: r-cran-htmltable
| Severity: minor
| X-Debbugs-Cc: da...@bamsoftware.com
|
| The package homepage https://cran.r-project.org/package=htmltable
| leads to a 404 error page. The link
| https://cran.r-project.org/package=htmlTable works (note
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: forensics-ex...@packages.debian.org
Control: affects -1 + src:forensics-extra
Please unblock package forensics-extra
[ Reason ]
forensics-extra (like forensics-all) is a metap
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: forensics-...@packages.debian.org
Control: affects -1 + src:forensics-all
Please unblock package forensics-all.
[ Reason ]
forensics-all (like forensics-extra) is a metapackag
Package: r-cran-htmltable
Severity: minor
X-Debbugs-Cc: da...@bamsoftware.com
The package homepage https://cran.r-project.org/package=htmltable
leads to a 404 error page. The link
https://cran.r-project.org/package=htmlTable works (note
capitalization).
-- System Information:
Debian Release: 11.
hi,
I fixed it with commit 2cfa35ceef551708481626732a4d98734e7a0f22.
also fixed size calculation so it will properly report progress
and estimate time when copy/move from the clipboard.
try it again?
P! Vladi.
--
Vladi Belperchinov-Shabanski
http://cade.noxrun.com
pgp/gpg key 6F35B2
Dear Maintainer,
after installing the 'nvidia-alternative' package, selecting
' /usr/lib/nvidia/current ' instead of the previous selectected option
( /usr/lib/nvidia/tesla ) and rebooting solved the issue, recovering:
- gtk desktop app
- startup custom configuration with nvidia-settings o
Note that this patch fixes a Debian policy violation (
https://www.debian.org/doc/debian-policy/ch-source.html) which should
qualify this as a "serious" severity bug where:
"For packages in the main archive, required targets must not attempt
network access, except, via the loopback interface, to s
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi!
Please unblock packages crowdsec, crowdsec-custom-bouncer, and
crowdsec-firewall-bouncer.
I'm filing a single unblock request since all three packages are
entangled, and Paul suggested
Source: imagemagick
Version: 8:6.9.11.60+dfsg-1.6
Severity: important
Tags: security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/6341
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for imagemagick.
CVE-2023-34151[0]:
On 31/05/2023 20.52, MA wrote:
* What was the outcome of this action? ==> No expected changes and the
driver for my Ethernet still shows as r8168 in lspci -k command
* What outcome did you expect instead?==> i expected the installed driver
to be removed and reload the kernel built in dr
Package: emacs
Version: 28.2+1
Tags: patch
Hi, we've noticed that some of the emacs tests currently open remote
sockets during a Debian build. Builders and build servers don't always
provide full network access and this can cause false failures during build.
I've attached a patch to disable these
Hi Yadd,
On Wed, May 31, 2023 at 03:13:06PM +0400, Yadd wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: release.debian@packages.debian.org
> Usertags: pu
> X-Debbugs-Cc: jquer...@packages.debian.org
> Control: affects -1 + src:jqueryui
>
> [ Reason ]
> jqueryu
Hi Vladi.
Seems to me new features work fine. But looks like I have found another issue.
When I add files to the clipboard - indicator shows that there are 0
files in the clipboard. Please check screenshot attached
On Tue, May 30, 2023 at 12:53:11AM +0300, Vladi Belperchinov-Shabanski wrote:
Source: openldap
Version: 2.5.13+dfsg-5
Severity: important
Tags: security upstream
Forwarded: https://bugs.openldap.org/show_bug.cgi?id=9904
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: fixed -1 2.6.4+dfsg-1~exp1
Hi,
The following vulnerability was published for openldap.
CVE
Package: wnpp
Severity: wishlist
Owner: Matthias Geiger
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-r...@lists.debian.org,
debian-gtk-gn...@lists.debian.org, matthias.geiger1...@tutanota.de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: gir-rust-code-generator
Ver
Source: jquery-minicolors
Source-Version: 2.3.5+dfsg-4
- Forwarded message from Debian FTP Masters
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 31 May 2023 16:44:37 +0400
Source: jquery-minicolors
Architecture: source
Version: 2.3.5+dfsg-4
Distribution: unst
Package: r8168-dkms
Followup-For: Bug #1036992
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?===> I installed r8168-dkms by accident. To
revert it i purged the same package to reload my original driver package(r
Package: libpam-sss
Version: 2.8.2-4
Severity: normal
File: /lib/x86_64-linux-gnu/security/pam_sss.so
Dear Maintainer,
* What led up to the situation?
using kerberos, AD/DC, sssd and its pam module
* What exactly did you do (or not do) that was effective (or
ineffective)?
ki
Package: r8168-dkms
Severity: minor
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
*
On 31/05/2023 16:43, georgesk wrote:
Dear Alexis,
I packaged furo for debian in order to be able to keep maintaining the
package sympy, which depends on it.
However sympy's documentation is rather big. Creating a minimal sphinx
tree with sphinx-quickstart is not enough to trigger the bug which
Control: tags -1 d-i
Hi kibi,
Can you have a look at this onblock request? It's blocked on your
block-udeb.
Paul
On 30-05-2023 22:52, Sebastian Andrzej Siewior wrote:
control: retitle -1 unblock: openssl/3.0.9-1
On 2023-05-30 22:16:53 [+0200], To sub...@bugs.debian.org wrote:
Please unbl
On 2023-05-31 19:28, Adam D. Barratt wrote:
> In the versions in testing, both packages only built for amd64. In
> unstable, they have also built for arm64. Migrating the arm64 hipsparse
> binaries from unstable therefore requires migrating a version of
> rocsparse with arm64 binaries.
Oh, that's
On Mon, 2023-05-29 at 13:15 +0200, Guido Günther wrote:
> [ Other info ]
> I apologize for being late here, I simply missed that the version
> is outdated. I could have backported the patch but just using the
> upstream version (which didn't bring any other features) seemed more
> reasonable here
On Wed, 31 May 2023 at 16:38, Cyril Brulebois wrote:
>
> Control: severity -1 wishlist
>
> James Addison (2023-05-31):
> > After the changes made to address bug #924301 (mountpoints for ext[n]
> > filesystems that have insufficient free blocks are not automatically
> > checked for faults), I thin
On Wed, 2023-05-31 at 19:09 +0200, Christian Kastner wrote:
> I can't see why rocsparse 5.3.0+dfsg-3 would
> block
> hipsparse? The Depends and Build-Depends aren't versioned.
In the versions in testing, both packages only built for amd64. In
unstable, they have also built for arm64. Migrating the
Hi Graham,
On 2023-05-31 08:58, Graham Inggs wrote:
> Hi Christian
>
> On Sun, 28 May 2023 at 18:48, Christian Kastner wrote:
>> unblock hipsparse/5.3.3+dfsg-2
>
> The debdiff looks good to me, however the migration of
> hipsparse/5.3.3+dfsg-2 appears to be blocked by rocsparse/5.3.0+dfsg-3
> [
Source: grub-common
Severity: normal
X-Debbugs-Cc: nmschu...@gmail.com
On an UEFI system with LUKS2/argon2 encrypted root (/), LUKS1/PBKDF encrypted
boot (/boot) (and/via GRUB early crypto),
if desktop-base is installed (providing GRUB [emerald] theme),
mkconfig/05_debian_theme will cause GRUB t
Done. New release is up on GitHub.
https://github.com/metlov/cycle
With the best regards,
Konstantin.
Quoting Andreas Tille :
Am Wed, May 31, 2023 at 05:35:46PM +0300 schrieb Konstantin L. Metlov:
Thank you for reporting this bug !
It is already fixed by the commit
Package: wnpp
Severity: wishlist
Owner: YOKOTA Hiroshi
X-Debbugs-Cc: debian-de...@lists.debian.org, yokota.h...@gmail.com
* Package name: 7zip-rar
Version : 22.01
Upstream Contact: Igor Pavlov
* URL : https://www.7-zip.org/
* License : unRAR License
Programmi
Emanuele Rocca, le mer. 31 mai 2023 17:29:31 +0200, a ecrit:
> > 1. Why is aarch64 special here?
> > 2. Where does that difference come from?
>
> According to Jessica Clarke this is due to busybox using vt102:
> https://society.oftrolls.com/@jrtc27@mastodon.social/110459684352427882
Is it not
Control: severity -1 wishlist
James Addison (2023-05-31):
> After the changes made to address bug #924301 (mountpoints for ext[n]
> filesystems that have insufficient free blocks are not automatically
> checked for faults), I think that this bug could be considered more
> serious.
How do you fig
Hi,
On Tue, May 30, 2023 at 09:08:45PM +0200, Cyril Brulebois wrote:
> Philip Hands (2023-05-30):
> > Apparently, this MR fixes the problem:
> >
> > https://salsa.debian.org/installer-team/rootskel/-/merge_requests/8
> >
> > Although this does prompt the question of why aarch64 has TERM set t
Hi,
thank you for your bug report.
You are telling that when you "Decode from webcam", two webcams with the
same name and identification are listed in a select widget.
Have you more than one physical webcam?
Please can you install another application using webcams, for example
"cheese" and te
Am Wed, May 31, 2023 at 05:35:46PM +0300 schrieb Konstantin L. Metlov:
> Thank you for reporting this bug !
>
> It is already fixed by the commit
>
> https://github.com/metlov/cycle/commit/e86d72ec1a2a05c46ccde2f607f142cef7dbabb2
>
> I should, probably, make a new bugfix release.
A bugfix relea
On Wed, May 31, 2023 at 10:42 AM Gianfranco Costamagna
wrote:
> On Wed, 31 May 2023 08:46:05 + Alberto Garcia wrote:
> > Control: forwarded -1 https://bugs.webkit.org/show_bug.cgi?id=256917
> > Control: tags -1 patch fixed-upstream pending
> >
> > On Tue, May 30, 2023 at 02:23:31PM +0200, Joh
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: tho...@fiasko-nw.net
Please unblock package needrestart
[ Reason ]
In the past I have used the wrong version number, to remove a leftover config
file.
Also this update should
Dear Alexis,
I packaged furo for debian in order to be able to keep maintaining the
package sympy, which depends on it.
However sympy's documentation is rather big. Creating a minimal sphinx
tree with sphinx-quickstart is not enough to trigger the bug which you
are reporting.
Please can you shar
Thank you for reporting this bug !
It is already fixed by the commit
https://github.com/metlov/cycle/commit/e86d72ec1a2a05c46ccde2f607f142cef7dbabb2
I should, probably, make a new bugfix release. Or, alternatively, the
package can be patched with the last few cherry picked git commits.
All
Package: debian-installer
Followup-For: Bug #651280
X-Debbugs-Cc: debian-b...@lists.debian.org, skirpic...@gmail.com
Control: severity -1 serious
After the changes made to address bug #924301 (mountpoints for ext[n]
filesystems that have insufficient free blocks are not automatically checked
for f
On Wed, 31 May 2023 08:46:05 + Alberto Garcia wrote:
Control: forwarded -1 https://bugs.webkit.org/show_bug.cgi?id=256917
Control: tags -1 patch fixed-upstream pending
On Tue, May 30, 2023 at 02:23:31PM +0200, John Paul Adrian Glaubitz wrote:
> webkit2gtk currently FTBFS on multiple archite
Control: tags -1 + patch
I discovered a few issues with the first edition of the patch. A
working patch is now commited to the git repository on salsa.
This was the working patch:
diff --git a/debian/rules b/debian/rules
index 0354bcb8..c8681dc5 100755
--- a/debian/rules
+++ b/debian/rules
@@ -
Hello Bill,
thank you for your quick reply.
Il giorno mer, 31/05/2023 alle 09.13 -0400, Bill Blough ha scritto:
> If I understand your report correctly, this sounds like expected
> behavior - the program will lock itself in order to protect your
> passwords.
[...]
I am sorry I did not explain it
Hi,
I've faced same problem on a fresh Bookworm live system (mariadb-server
1:10.11.2-1).
As a workaround I've mounted /var/lib/mysql as a ext4 filesystem.
FYI: It works fine on Bullseye.
Kind regards,
--
Antoni Villalonga
https://friki.cat/
Package: cycle
Version: 0.3.2-2
Hello,
steps to reproduce:
- run the program
- fill infos (name and password)
- validate
The program crashes with this output on a terminal:
~
$ cycle
/usr/bin/cycle:35: DeprecationWarning: Use setlocale(), getencoding()
and getlocale() instead
dl = loca
Control: severity -1 important
Control: reassign -1 src:nautilus 43.2-1
Control: tags -1 bookworm
I am bumping the severity because of the multiple crash fixes and
other important bugfixes.
Thank you,
Jeremy Bícha
On Fri, May 5, 2023 at 12:33 AM Andrew Ruthven wrote:
> If the eject package isn't installed, when you try to eject a USB device
> (I didn't test anything else), then Nautilus is unable to eject the device
> and throws up an error like:
>
> Error ejecting /dev/sda: Error spawning command-line `eje
Package: libeccodes-data
Version: 2.30.0-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package fails to upgrade from
'sid' to 'experimental'.
It installed fine in 'sid', then the upgrade to 'experimental' fails.
>From the a
On 31.05.2023 15:33, Markus Koschany wrote:
Hi Markus,
Thanks for your help and explanations Max. I am going to release an updated
version for Buster soon. Apparently I somehow missed the
io_kpse_check_permissions function despite following the "Patching older
versions" paragraph.
The buster b
Package: libboost-json1.81-dev
Version: 1.81.0-5
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink:
0m41.1s ERROR: FAIL: Broken symlinks:
/usr/lib/x86_64-linux-gnu/libboost_json.so ->
Hi,
If I understand your report correctly, this sounds like expected
behavior - the program will lock itself in order to protect your
passwords.
You can change this behavior by going to Manage->Options->Security and
then toggling the settings that relate to "Lock password database".
Please let m
Thanks for your help and explanations Max. I am going to release an updated
version for Buster soon. Apparently I somehow missed the
io_kpse_check_permissions function despite following the "Patching older
versions" paragraph.
Best,
Markus
signature.asc
Description: This is a digitally signed
Control: clone -1 -2
Control: reassign -2 crowdsec-firewall-bouncer 0.0.25-2
Control: retitle -2 crowdsec-firewall-bouncer: fails to install with
--install-recommends: open /etc/crowdsec/config.yaml: no such file or directory
Andreas Beckmann (2023-05-31):
> You just got lucky in the configurati
On 31.05.2023 09:23, Max Chernoff wrote:
Hello Max,
To fix this, there are 3 options (pick 1):
1. Cherry-pick *both* 5650c067 and b8b71a25
2. Follow the instructions in [5]
3. Apply the appropriate patch from [6]
Option (3) will the easiest, but it will only work if your LuaTeX
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I would like to upload a new version of workflow (0.10.5-2) which fixes
two bugs in the package that are currently marking it for autoremoval. I
have just up
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package packagekit.
[ Reason ]
Three things fixed:
* A tiny memory leak has been addressed
* The daemon package now recommends the tools package again, this was
changed late
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package debspawn.
[ Reason ]
Packaging of the 0.6.2 bugfix release which contains three changes only:
* Fixes issue where users could not build packages against
NotAutomatic
Package: prosody-modules
Version: 0.0~hg20230223.556bf57d6417+dfsg-1~bpo11+1
Severity: wishlist
Hello,
I would like to propose the inclusion of mod_net_proxy.
In case prosody cannot be deployed on a host directly facing the internet,
mod_net_proxy comes in very handy and it works very well.
Tha
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: jquery-minicol...@packages.debian.org
Control: affects -1 + src:jquery-minicolors
Please unblock package jquery-minicolors
[ Reason ]
jquery-minicolor is vulnerable to a cross
Am Mittwoch, dem 31.05.2023 um 14:41 +0200 schrieb Andreas Beckmann:
> On 31/05/2023 14.26, Markus Koschany wrote:
> > Hello Andreas,
> >
> > Neither fig2dev or transfig are supported in jessie-elts anymore. I
> > appreciate
> > the report though. Since Stretch is no longer supported by Debian I b
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package appstream.
[ Reason ]
Backports a few fixes from the 0.16.2 release:
* Fixes two crashes that can happen when the tool is fed invalid or
unexpected input
* Correctl
On 31/05/2023 14.26, Markus Koschany wrote:
Hello Andreas,
Neither fig2dev or transfig are supported in jessie-elts anymore. I appreciate
the report though. Since Stretch is no longer supported by Debian I believe
this issue is no longer actionable by the maintainer.
Is fig2dev supported in st
Hello Andreas,
Neither fig2dev or transfig are supported in jessie-elts anymore. I appreciate
the report though. Since Stretch is no longer supported by Debian I believe
this issue is no longer actionable by the maintainer.
Regards,
Markus
signature.asc
Description: This is a digitally signed
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: node-und...@packages.debian.org
Control: affects -1 + src:node-undici
[ Reason ]
node-undici is vulnerable to:
* CVE-2023-23936: "Host" HTTP header isn't protected a
Le 31/05/2023 à 13:15, Stefan Eissing a écrit :
Hi Bastien,
I was finally able to reproduce here what looks like the crashes you see with
mod_proxy_http2 (notice the careful wording). And I fixed it in
https://github.com/icing/mod_h2/releases/tag/v2.0.18
Looking forward to hear how it fares o
Hey folks.
This bug is affecting the gobuster package that I maintain.
I've tested golang-github-pin-tftp locally and everything looks perfect.
It looks like a false positive on the Build.
If anyone can see this by July 1st, it will be important that these
packages are not automatically removed
Hi Bastien,
I was finally able to reproduce here what looks like the crashes you see with
mod_proxy_http2 (notice the careful wording). And I fixed it in
https://github.com/icing/mod_h2/releases/tag/v2.0.18
Looking forward to hear how it fares on your system.
Kind Regards,
Stefan
> Am 24.05.2
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: jquer...@packages.debian.org
Control: affects -1 + src:jqueryui
[ Reason ]
jqueryui is potentially vulnerable to cross-site scripting
(CVE-2022-31160)
[ Impact ]
Low
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gr...@packages.debian.org
Control: affects -1 + src:grunt
[ Reason ]
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition
leading to arbitrary fi
On Wed, 31 May 2023 at 11:18, Helmut Grohne wrote:
>
> Hi,
>
> On Tue, May 30, 2023 at 11:53:00AM +0200, Helmut Grohne wrote:
> > In effect, this bug report is an instance of a bug class. I am in the
> > process of quantifying its effects, but I do not have useful numbers at
> > this time. As an i
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: node-url-pa...@packages.debian.org
Control: affects -1 + src:node-url-parse
[ Reason ]
node-url-parse is vulnerable to authorization bypass through
user-controlled ke
On Mon, May 29, 2023 at 08:12:54PM +0200, Helmut Grohne wrote:
> Control: clone -1 -2
> Control: retitle -2 debvm's autopkgtests should be marked as flaky
> Control: submitter -2 !
> Control: severity -2 important
>
> Hi Wouter,
>
> On Mon, May 29, 2023 at 02:28:08PM +0200, Wouter Verhelst wrote:
Source: hw-detect
Followup-For: Bug #1030519
X-Debbugs-Cc: a.dalm2...@googlemail.com
Hi Alexander,
I've been reviewing your patch and would like to suggest extracting the
following changes from it to consider and apply individually:
1. Supporting firmware filenames that contain spaces.
2. R
On Mon, May 29, 2023 at 08:22:06PM +0200, Helmut Grohne wrote:
> Hi Wouter,
>
> On Mon, May 29, 2023 at 02:20:09PM +0200, Wouter Verhelst wrote:
> > I am exploring the possibility to write an autopkgtest for the initramfs
> > stuff that I wrote for nbd-client.
>
> Please see my other mail regardi
Hi,
Encountering the same issue, I can confirm it still persists in RC4.
However, digging a bit deeper with the error I found on dmesg: "x86/PAT:
bterm:260: map pfn expected mapping type uncached-minus for ..., got
write-combining", I found this workaround:
Disabling paravirtualization in virtualb
Hi,
On Tue, May 30, 2023 at 11:53:00AM +0200, Helmut Grohne wrote:
> In effect, this bug report is an instance of a bug class. I am in the
> process of quantifying its effects, but I do not have useful numbers at
> this time. As an initial gauge, I think it is about 2000 binary packages
> that shi
Package: wnpp
Severity: normal
The bashdb utility looks useful for interactively debugging bash scripts, but
currently lacks a maintainer. It was previously included in Debian and was
removed[1] in Y2017.
[1] - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870992
Followup-For: Bug #1035543
On Wed, 31 May 2023 09:55:13 +0100, James wrote:
> On Fri, 05 May 2023 11:04:29 +0200, Andreas wrote:
> > If I install systemd into the bullseye chroot and upgrade that to
> > bookworm, both systemd and e2fsprogs are still installed, but
> > /etc/systemd/system/multi-
Dear Maintainer,
I have prepared a first MR which passes the salsa pipeline:
https://salsa.debian.org/jfmt/lintian/-/pipelines/531335
and implements a possible solution for the reported Bug #1036674
Feedback is very welcome
Kind regards
Janek Filus
notfound 1036967 1:3.2.7a-5
notfound 1036967 1:3.2.8-3
notfound 1036967 1:3.2.8b-3
thanks
On Wed, 31 May 2023, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package fails to upgrade from
> 'jessie-elts'.
> It installed fine in 'jessie-elts', then the upgrade to 'stretch-elt
Package: abiword
Version: 3.0.4~dfsg-3
Severity: normal
X-Debbugs-Cc: py4...@teom.net
Dear Maintainer,
* What led up to the situation?
Because of the arbitrary removal of Type 1 font support in LibreOffice 5.3+
I have been looking for an alternative word processor which retains
sup
Hi Ian,
On Sat, Feb 04, 2023 at 05:31:11PM +, Ian Jackson wrote:
> Package: git-buildpackage
> Version: 0.9.30
> Severity: normal
> File: /usr/lib/python3/dist-packages/gbp/scripts/supercommand.py
>
> Steps to reproduce:
>
>dget
> https://deb.debian.org/debian/pool/main/p/python-coverage
Followup-For: Bug #1035543
On Fri, 05 May 2023 11:04:29 +0200, Andreas wrote:
> If I install systemd into the bullseye chroot and upgrade that to
> bookworm, both systemd and e2fsprogs are still installed, but
> /etc/systemd/system/multi-user.target.wants/e2scrub_reap.service
> does *NOT* get c
Control: forwarded -1 https://bugs.webkit.org/show_bug.cgi?id=256917
Control: tags -1 patch fixed-upstream pending
On Tue, May 30, 2023 at 02:23:31PM +0200, John Paul Adrian Glaubitz wrote:
> webkit2gtk currently FTBFS on multiple architectures since it tries
> to build Bubblewrap support code des
Package: passwordsafe
Version: 1.16.0+dfsg-4
Severity: normal
Dear Maintainer,
after running pwsafe, it select the default keystore, prompts for the
password and displays the keystore content in the GUI. After some time the
window automatically disappear but I may get it back using Alt-Tab key.
On
On Tue, May 30, 2023 at 03:31:36PM -0700, Brian Vaughan wrote:
> That rgrep didn't find anything.
>
> Executing 'spyder' from the command line while in an empty directory still
> got the same 'pylsp_black' warning.
Oh, this is so bizarre! Let's try a sledge-hammer approach
Assuming that you
Package: 0ad
Version: 0.0.26-3
Severity: normal
X-Debbugs-Cc: mariamarutun...@gmail.com
Dear Maintainer,
The project mbedtsl which is used in 0ad project (path
0ad/build/premake/premake5/contrib/mbedtls) contains vulnerability
(CVE-2019-16910, CVE-2017-14032).
The vulnerability is fixed in newe
1 - 100 of 106 matches
Mail list logo
