st as a closing note to anyone out of the loop, Curl project is also
working on the official patch here:
https://github.com/curl/curl/pull/16205
Regards,
--
Harry Sintonen
Package: curl
Version: 7.88.1-10+deb12u8
Severity: important
Tags: patch upstream
Curl package is currently in breach of "secure by default" Debian policy.
When I launch curl without ~/.ssh/known_host file curl will connect to any host
without
any host identity validation, rather than refusing t
Package: src:linux
Version: 5.14.6-2
Severity: normal
Tags: upstream
Dear Maintainer,
There are periodic buffer overflows from this kernel at ethtool_get_rxnfc.
The bug is discussed here: https://lkml.org/lkml/2021/9/18/385
-- Package-specific info:
** Version:
Linux version 5.14.0-1-amd64 (debi
Package: zfs-dkms
Version: 0.8.1-3
Severity: important
Tags: patch
Dear Maintainer,
The module fails to build against 5.2.0-2-amd64 due to use of GPL-only symbol:
"
Building modules, stage 2.
MODPOST 8 modules
FATAL: modpost: GPL-incompatible module zfs.ko uses GPL-only symbol
'alternatives_
Package: aeskeyfind
Version: 1:1.0-4
Severity: important
Tags: upstream patch
Dear Maintainer,
aeskeyfind has a bug where it fails to process a file larger than 4GB properly.
Instead it will process only filesize & 0x. Sign confusion in entropy
function can also lead to a crash when proce
On Tue, 26 Feb 2019, Colin Watson wrote:
On Wed, Feb 13, 2019 at 10:36:34AM +0200, Harry Sintonen wrote:
The recent openssh upstream fix to "check in scp client that filenames sent
during
remote->local directory copies satisfy the wildcard specified by the user" (*)
had an unf
Package: openssh-client
Version: 1:7.4p1-10+deb9u5
Severity: normal
Dear Maintainer,
The recent openssh upstream fix to "check in scp client that filenames sent
during
remote->local directory copies satisfy the wildcard specified by the user" (*)
had an unfortunate
side effect of breaking a leg
Package: sslsniff
Version: 0.8-8+b1
Severity: important
Tags: patch
Dear Maintainer,
sslsniff incorrectly uses case sensitive comparisons when parsing HTTP headers,
for example "Accept-Encoding", "Connection", "Keep-Alive" etc. Servers can and
do
send headers with different capitalization (for
Hello,
Here's a fix for the crash:
https://sintonen.fi/temp/0002-64bit-ptr-fix.diff
Due to missing "alloc" prototype introduction the alloc function was
assumed to return "int", resulting in upper 32bit of the pointer returned
to be cut off. The patch adds #include "alloc.h" to locations ne
It *IS* backported already and we *WILL* upload it as an update to
Stable. But since this is not a critical issue [1] and since uploads to
Stable are extremely sensitive it may well be we wait for another issue
we need to fix in Stable as well.
[1] it is a browser issue in reality, no really.
I
On Thu, 2 Feb 2012, Jakub Wilk wrote:
* Harry Sintonen , 2012-01-31, 01:42:
-D_FORTIFY_SOURCE=2 was enabled in package version 1.8.3p1-3. See:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655417
This makes current sid package (1.8.3p1-3) safe.
Maybe. Maybe not. There are known ways of
A full-disclosure user reported issue in sudo. Please verify:
http://seclists.org/fulldisclosure/2012/Jan/590 I hope the version
information is correct in this bug-report.
-D_FORTIFY_SOURCE=2 was enabled in package version 1.8.3p1-3. See:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655417
This is possibly due to: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523735
If so, the workaround is to build initrd manually (/usr/sbin/mkinitramfs)
and editing the bootloader config by hand. The problem here is that any
autogeneration of the config file will overwrite those manual change
I was getting this particular crash with +nssearch (dnsutils
1:9.5.0.dfsg.P2-5.1) so I decided to look deeper. I was able to find that
the crash was in dighost.c:send_done() ISC_LIST_DEQUEUE call. Next I added
some extra debug just before it:
for (b = ISC_LIST_HEAD(sevent->bufferlist);
Package: kernel-package
Version: 11.003
Followup-For: Bug #501699
The bug is still present in kernel-package 11.003.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26 (SMP w/1 CPU core)
Locale: [
Package: midentd
Version: 2.3.1-4
Severity: normal
When port pair is not in use for any connection, it seems midentd spews
some errors to the stream before reporting the status. This is mostly
harmless as clients are supposed to ignore wrong input. However, it'd
still be nice to work as per the
Package: samba
Version: 3.0.27-1
Severity: important
The following crash occurs each time I try to list contents of the samba
mount by using custom smbfs:
[2007/11/18 22:21:52, 0] smbd/server.c:main(944)
smbd version 3.0.27 started.
Copyright Andrew Tridgell and the Samba Team 1992-2007
[200
error exit status 1
Errors were encountered while processing: screen
E: Sub-process /usr/bin/dpkg returned an error code (1)
But /tmp/.screen already is a valid screen socket directory, with
existing live sessions.
Perhaps this is #443768 fix gone awry?
Regards,
Harry Sintonen <[EMAIL P
The same bug is still in 1.3.34-3 it seems. Postinstall fails with RC 10.
Todd's workaround (adding the quotes to db_set lines in
/usr/share/apache/postinst.common) made it installable for me.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'un
Package: console-common
Version: 0.7.60
Severity: important
Setting up console-common (0.7.60) ...
Looking for keymap to install:
Can't call method "i" on an undefined value at
/usr/share/console/getkmapchoice.pl line 234, line 5.
Looking at line 234 shows:
my_warn "Family not found ($fam
Package: python-gendoc
Version: 0.73-10.1
Severity: grave
Justification: renders package unusable
When upgrading to 0.73-10.1 the post-installation script fails with the
following error:
Setting up python-gendoc (0.73-10.1) ...
python: can't open file '/usr/lib/python/compileall.py'
dpkg: error
Package: idle-python2.3
Version: 2.3.5-12
Severity: grave
Upgrading the package to 2.3.5-12 fails with the following error:
Setting up idle-python2.3 (2.3.5-12) ...
/var/lib/dpkg/info/idle-python2.3.postinst: line 9: register-python:
command not found
dpkg: error processing idle-python2.3 (--con
Package: reportbug
Version: 3.21
Severity: grave
Upgrading reportbug to 3.21 fails with the following error:
Setting up reportbug (3.21) ...
Compiling /usr/share/reportbug/reportbug_submit.py ...
File "/usr/share/reportbug/reportbug_submit.py", line 354
while failed != True:
^
SyntaxEr
Naturally as soon as you post the bug you find it's already covered
elsewhere. 358997 at least...
Regards,
Harry Sintonen <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
vmlinuz_support_install,
while arch/powerpc/boot/Makefile doesn't). This results in deb without
the needed files (in /usr/lib/...) for mkvmlinuz to succeed.
My guess is that arch=ppc -> arch=powerpc transition isn't quite complete
yet.
Regards,
Harry Sintonen <[EMAIL PROTECTED]&
Package: python2.4
Version: 2.4.2-2
Severity: important
Unpacking replacement python2.4 ...
dpkg: error processing
/var/cache/apt/archives/python2.4_2.4.2+2.4.3c1-1_powerpc.
deb (--unpack): trying to overwrite `/usr/lib/python2.4/lib-dynload/pwd.so',
which is also in package python2.4-minimal
d
Package: ircii
Version: 20051015-1
Severity: normal
Doing /set -irc_encoding command makes ircii segfault. Also set
-display_encoding and set -input_encoding nukes.
I built a unstripped deb package and used the binary with gdb:
/set -irc_encoding
Program received signal SIGSEGV, Segmentation fa
Package: slib
Version: 3a2-1
Severity: important
Setting up slib (3a2-1) ...
ERROR: Unbound variable: with-load-pathname
dpkg: error processing slib (--configure):
subprocess post-installation script returned error exit status 2
Errors were encountered while processing:
slib
-- System Informati
Package: spamassassin
Version: 3.1.0a-1
Severity: normal
For every mail processed I got the following error in syslog:
Oct 10 17:53:53 peg1 spamd[28937]: Can't locate Mail/SPF/Query.pm in @INC (@INC
contains: lib ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.7
/usr/local/share/perl/
29 matches
Mail list logo
