Bug#759772: Allow format strings to require fixed width for optional arguments

Package: aptitude Version: 0.6.11-1 Severity: minor Let's assume the following format string for package lists: %c%a%M%S %?i %p# %Z %10D %10I %4r %20v %20V %t Now configure some packages with explicit preferences along the lines of: $ cat /etc/apt/preferences Package: linux-image-*

Bug#759771: Allow to align sizes/size differences used in format strings

Package: aptitude Version: 0.6.11-1 Severity: minor Let's assume I was using something along the lines of %c%a%M%S %?i %p# %Z %10D %10I %4r %20v %20V %t for the display format of package lists. Now this looks much better than the default but due to the lack of aligning numbers of the include

Bug#759769: aptitude: Installed Size diff reported wrong for packages larger 2GiB if installed

Package: aptitude Version: 0.6.11-1 Severity: minor Tags: lfs When installing a package that will require more than two GiB on disk if installed this change of required disk space is reported incorrectly. To reproduce have a look at the linux-image-*-dbg packages that require more than 2GiB on am

Bug#757858: ejabberd: Upgrade from 2.1.x to 14.05 causes inconsistent conf of Mnesia db in /etc/default/ejabberd

Package: ejabberd Version: 14.05-1~experimental2 Severity: grave Hi folks, when upgrading from 2.1.x to 14.05 the configuration of the Mnesia database is not properly updated. While older versions used ejabberd@$(hostname) for the EJABBERD_NODE it is ejabberd@localhost for the most recent one. Th

Bug#751737: Package overwrites files from libssh2-php

libssh2-php and upgrade works more smoothly. Kind regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (750, 'experimental'), (700, 'unstable'), (500, 'oldstable'

Bug#748495: closed by Daniel Baumann (reply to daniel.baum...@progress-technologies.net) (Re: Missing required dependencies)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Daniel, Am 21.05.2014 12:55, schrieb Daniel Baumann: > On 05/19/2014 09:40 AM, Benny Baumann wrote: >> Even then you should make sure you are recommending the correct >> version (python3 >= 3.3) which currently is not the cas

Bug#748495: closed by Daniel Baumann (reply to daniel.baum...@progress-technologies.net) (Re: Missing required dependencies)

package unuseable for many people - despite this only appearing in one sub-command. Kind regards, Benny Baumann -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJTebVpAAoJEPHTXLno4S6t4soP/RyyKSxgAWnt0FrDsn7wPl2T FdtoDUi1x9lVVAxgH51a8sjE5x5P+oiHLU2m82Hvs+JMpuzuJZ0uWkLO

Bug#745418: Bug#748495: Acknowledgement (Missing required dependencies)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, The issue seems to go away when python3.3 or newer is installed. Thus having python3 (>= 3.3) as a dependency (and not only recommendation) should fix those issues. Kind regards, Benny Baumann. -BEGIN PGP SIGNATURE- Version: GnuPG

Bug#748495: Missing required dependencies

Even after pulling those additional dependencies I run into [1]. Kind regards, Benny Baumann [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745418 -- System Information: Debian Release: wheezy/stable APT prefers stable APT policy: (900, 'stable'), (800, 'testing

Bug#747667: Provide builds for AMD64 and i386 plattforms

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Ryan, Am 16.05.2014 08:51, schrieb Ryan Kavanagh: > tags 747667 + moreinfo > fixed 747667 opensmtpd/5.3.3p1-1 > thanks > > Hi Benny, > > On Sat, May 10, 2014 at 11:10:05PM +0200, Benny Baumann wrote: >> Successfully

Bug#747453: Arbitrary key size limitations causing hard-to-diagnose problems when establishing a connection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Florian, Am 10.05.2014 22:42, schrieb Florian Weimer: > * Benny Baumann: > >> As stated in the initial report you MUST never place arbitrary >> limits on the size of cryptographic keys which is this bug is doing >

Bug#747675: Missing fallback handling when session layer connections (e.g. SSL) fail

part of a STARTTLS session could successfully be performed. Thus ejabberd should ensure that proper fallback is performed when encrypted connections to yet unknown hosts fail and ensure reasonable diagnostics are returned in the logfile to debug such issues. Kind regards, Benny Baumann P.S.: By c

Bug#747673: Horrid default cipher settings without option to adjust them to sane values

configuration can be configured to use strong cryptography, using non-broken primitives and does so by default. Kind regards, Benny Baumann P.S.: By courtesy of #747453. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, '

Bug#747667: Provide builds for AMD64 and i386 plattforms

Package: opensmtpd Severity: wishlist Successfully build this package locally and would like to see an official upload in the repositories. Kind regards, Benny Baumann. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, '

Bug#747666: Redefined macro messages scrolling by when compiling exhaust console backlog

regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (750, 'experimental'), (700, 'unstable'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.13-

Bug#747453: Arbitrary key size limitations causing hard-to-diagnose problems when establishing a connection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 tags 747453 + security thanks Hi Kurt, Am 09.05.2014 18:51, schrieb Kurt Roeckx: > On Fri, May 09, 2014 at 09:08:37AM +0200, Benny Baumann wrote: >> Hi Kurt, >> >> Am 09.05.2014 08:42, schrieb Kurt Roeckx: >>> On F

Bug#747470: [Pkg-openssl-devel] Bug#747470: openssl s_client refuses to be silent

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Kurt, Am 09.05.2014 18:17, schrieb Kurt Roeckx: > On Fri, May 09, 2014 at 08:12:58AM +0200, Benny Baumann wrote: >> Howto reproduce: >> openssl s_client -connect host.example.com:443 -quiet >> >> Expected be

Bug#747453: Arbitrary key size limitations causing hard-to-diagnose problems when establishing a connection

Furthermore: RSA 8192 corresponds to roughly AES192 thus 8192 bit is still quite conservative if you do not want your certificate or key exchange be the weakest link. Thus to get back to your statement: 1. Yes, you SHOULD argue this is a security hole 2. Yes, there is reason to use such large keys. > Kurt Kind regards, Benny Baumann signature.asc Description: OpenPGP digital signature

Bug#747472: s_client: Failure to connect to IPv6-only hosts

=openssl_s_client_s_server_with_ipv6.diff;att=1;bug=589520 Would be nice if our tools could be upgraded to something more recent than the stone-aged versions we are distributing ATM. Kind regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing&#x

Bug#747471: libnss: Arbitrary key size limitation for client certificate authenticaton causing out-of-memory error

than 4096 bit for RSA or similarly for DSA and ECDSA. Kind regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (750, 'experimental'), (700, 'unstable'), (500,

Bug#747470: openssl s_client refuses to be silent

reproduce: openssl s_client -connect host.example.com:443 -quiet Expected behaviour: netcat with crypto and no output on stderr Actual behaviour: netcat with crypto and certificate verification messages spammed into stderr Kind regards, Benny Baumann -- System Information: Debian Release

Bug#747469: openssl s_client -starttls hangs on XMPP s2s connections

on of why it doesn't continue. Kind regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (750, 'experimental'), (700, 'unstable'), (500, 'oldstable') A

Bug#747453: Arbitrary key size limitations causing hard-to-diagnose problems when establishing a connection

are to be expected in casually-paranoid setups. Please apply both patches ASAP and forward them to be included upstream. Kind regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (750, &#x

Bug#741674: Include DNS Dampening to mitigate effects of DDoS using DNS Amplification

Hi, Am 19.03.2014 20:43, schrieb Florian Weimer: > * Benny Baumann: > >> The attached patch ports the original patch by Lutz Donnerhacke to >> apply on the latest package version from Git. >> >> Please include in Debian and convince upstream to follow if >> p

Bug#741913: Display progress of backup process in post-install script

Package: sks Version: 1.1.4-2.1+b1 Severity: wishlist As copying several gigabytes of key database files can take a while it would be nice to have the post-install script display some information on the progress of the DB backup and upgrade operation. Without this additional information it looks

Bug#741912: File /var/lib/sks/berkeley_db.active missing after initial install

Package: sks Version: 1.1.4-2.1+b1 Severity: important When sks is initially installed the file /var/lib/sks/berkeley_db.active which should hold information on the current Berkeley DB version of the key database is missing thus causing any follow-up attempt to configure the package to fail after

Bug#702489: Install dependency linux-kbuild-3.8 nowhere to be found

Package: linux-headers-3.8-trunk-amd64 Severity: grave Try installing the linux-headers-3.8-trunk-all package which fails due to this unmet dependency. Please build it properly as creation of custom kernel modules isn't possible otherwise. Regards, BenBE. -- System Information: Debian Release: 7

Bug#698554: Crash when parts of a file unreadable

Package: rtorrent Version: 0.9.2-1 Severity: important Tags: lfs When a section of a file, which is part of a running torrent, cannot be read I get a SIGBUS error. When session storage is active and rtorrent tries to rehash files on next start of the program this makes rtorrent automatically cr

Bug#671690: is it still the case that libgamin0 makes courier non-functional

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I can confirm this. Haven't noticed any issues recently with the current versions. Regards, BenBE. Am 07.01.2013 20:24, schrieb gregor herrmann: > On Tue, 01 Jan 2013 14:48:02 -0500, Yaroslav Halchenko wrote: > >> I haven't heard any bad report

Bug#685323: Re: Bug#685324: Local File Inclusion Vulnerability in contrib script

Dear Steven, Am 20.08.2012 05:12, schrieb Steven Chamberlain: > tags 685324 + moreinfo unreproducible > tags 685323 + moreinfo unreproducible > merge 685324 685323 > severity 685326 wishlist > merge 685326 584251 > thanks > > Hi, > > Were these reports of security issues supposed to be genuine? Ye

Bug#685326: Anchient version in stable and testing although update to more recent version requested for ages.

Package: php-geshi Version: 1.0.8.4-1 Severity: serious Tags: upstream Despite being asked for about two years ago this package hasn't been updated by the responsible maintainers. Also direct contact to the maintainers at several points in time and occasions achieved no response which would lead

Bug#685324: Local File Inclusion Vulnerability in contrib script

Package: php-geshi Version: 1.0.8.4-1 Severity: serious Tags: security upstream GeSHi 1.0.8.11 closes a local file inclusion vulnerability present in one of the contrib scripts provided in the GeSHi distribution. The bug has been present for at least 1.0.8.4 (and maybe even longer). Please upgrad

Bug#685323: Non-persistent XSS vulnerability in contrib script

Package: php-geshi Version: 1.0.8.4-1 Severity: serious Tags: security upstream GeSHi 1.0.8.11 closes non-persistent XSS vulnerability in a contrib script provided in the GeSHi distribution. The vulnerability can be triggered by an attacker using a specially crafted URL when calling a vulnerable

Bug#671690: libgamin0 breaks courier-imap/courier-imap-ssl (Sudden termination of connection)

Package: libgamin0 Version: 0.1.10-4 Severity: critical Justification: breaks unrelated software Dear Maintainer, * What led up to the situation? I've been running a Courier IMAP and POP3 server on my system for quite some time which worked just fine except for some mail clients reporting "f

Bug#670566: arduino-mk: Unable to include non-system libraries

Package: arduino-mk Version: 0.8-1 Severity: important When building larger projects using this script you cannot provide a subdirectory of your current sketch which holds additional libraries. This is recommended to be available since usually normal users don't have write permissions in the /usr

Bug#670565: arduino-mk: Makefile hardcodes include line of non-existent header file into PDE files

Package: arduino-mk Version: 0.8-1 Severity: grave Justification: renders package unusable When compiling a custom project using the Arduino.mk file of this package you automatically get a line #include at the beginning of the internally compiled file of your project. As this file is no longer

Bug#670564: arduino-mk: Hardcoded path violating FHS

Package: arduino-mk Version: 0.8-1 Severity: grave Justification: renders package unusable In the included file /usr/share/arduino/ard-parse-boards script, line 12, there's a hardcoded path to some weird MacOSX application directory which is guaranteed to not exist on any sane Debian system by FHS

Bug#642357: Alternative mis-behaviour

I was working on my Apache configuration wondering why I got plaintext when accessing my server via IPv4, but properly encrypted traffic on IPv6. After experimenting a bit, creating some more VHosts with mod_gnutls on different IPv4 addresses I found that those additional IPv4 addresses worked pro

Bug#584251: php-geshi: Upstream release 1.0.8.8

Package: php-geshi Severity: wishlist Please update the php-geshi package to the upstream GeSHi release version 1.0.8.8. -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-xen-amd64 (SMP w/2 CPU cor

Bug#556922: Console resize freezes mc causing system crash/hang

Am 01.12.2009 22:18, schrieb Iustin Pop: > On Wed, Nov 18, 2009 at 11:54:31AM +0100, Benny Baumann wrote: > >> Package: mc >> Version: 2:4.6.2~git20080311-4 >> Severity: critical >> Justification: breaks the whole system >> >> When running mc inside a

Bug#557127: python-profiler: Profiler modules should be executable from command line

Package: python-profiler Version: 2.5.2-1 Severity: minor The python modules /usr/lib/python/profiler.py and /usr/lib/pstats.py should be made executable from the command line to ease their use in scripts. ATM they are marked non-executable but can be passed to the Python interpreter as is as exe

Bug#557126: mcedit should be default editor within mc

Package: mc Version: 2:4.6.2~git20080311-4 Severity: minor When installing mc the internal editor mcedit should be made the default editor within mcedit or at least an option to do so should be offered when installing. Another option would be to split mc and mcedit into two separate packages whil

Bug#556922: Console resize freezes mc causing system crash/hang

Package: mc Version: 2:4.6.2~git20080311-4 Severity: critical Justification: breaks the whole system When running mc inside a screen session via SSH mc crashes as soon as you resize the window in which mc is displayed. When this error occures mc freezes and allocates memory in an endless loop in t

Bug#523060: libapache2-mod-gnutls: Missing dependencies?

Package: libapache2-mod-gnutls Version: 0.5.2-1 Severity: normal I have the exact same problem with this package too since I did the following upgrades recently: [INSTALLIEREN, ABHÄNGIGKEITEN] libaprutil1-dbd-mysql [INSTALLIEREN, ABHÄNGIGKEITEN] libaprutil1-ldap [INSTALLIEREN, ABHÄNGIGKEITEN] lib

Bug#520769: php-geshi: Updated upstream 1.0.8.3 available

Package: php-geshi Version: 1.0.8.1-1 Severity: normal An much more current version (1.0.8.3) than the one included with Debian is available upstream. This updated upstream version should be included with the distribution. Regards, B. Baumann -- System Information: Debian Release: squeeze/sid

Bug#520719: pcre3: Stack Overflow with repeating Look-Aheads

Package: pcre3 Severity: important When running a regular expression where a look-ahead is used to tell two possible paths apart and this choice is done in a repeating group you will get a stack overflow if the string you are matching is long enough. More information can be found at: https://b

Bug#478354: php-geshi: Major bug with symbol highlighting breaks source output

Package: php-geshi Version: 1.0.7.21-1 Severity: important Short after release of 1.0.7.21 there has been reports about highlighting of symbol characters (which was introduced in this version) has a major bug causing additional characters being inserted after certain symbols like ; and |. Ha