Package: kanboard
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for kanboard.
CVE-2024-54001[0]:
| Kanboard is project management software that focuses on the Kanban
| methodology. HTML can be injected and stored
Package: gh
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for gh.
CVE-2024-54132[0]:
| The GitHub CLI is GitHub’s official command line tool. A security
| vulnerability has been identified in GitHub CLI that coul
Package: pypy3
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for pypy3.
CVE-2024-9287[0]:
| A vulnerability has been found in the CPython `venv` module and CLI
| where path names provided when creating a virtual
Package: golang-github-containers-buildah
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for
golang-github-containers-buildah.
CVE-2024-9676[0]:
| A vulnerability was found in Podman, Buildah, and CRI-O. A symli
Package: python-multipart
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for python-multipart.
CVE-2024-53981[0]:
| python-multipart is a streaming multipart parser for Python. When
| parsing form data, python-mu
Package: golang-github-gin-contrib-cors
X-Debbugs-CC: t...@security.debian.org
Severity: important upstream
Tags: security
Forwarded: https://github.com/gin-contrib/cors/pull/106
Hi,
The following vulnerability was published for
golang-github-gin-contrib-cors.
CVE-2019-25211[0]:
| parseWildca
Package: qemu
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Forwarded: https://bugzilla.redhat.com/show_bug.cgi?id=2295760
Hi,
The following vulnerability was published for qemu.
CVE-2024-6505[0]:
| A flaw was found in the virtio-net device in QEMU. When ena
Package: golang-github-hashicorp-go-getter
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for
golang-github-hashicorp-go-getter.
CVE-2024-6257[0]:
| HashiCorp’s go-getter library can be coerced into executing Git
| updat
Package: kanboard
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for kanboard.
CVE-2024-36399[0]:
| Kanboard is project management software that focuses on the Kanban
| methodology. The vuln is in
| app/Controller/ProjectPermi
Package: netplan.io
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for netplan.io.
CVE-2022-4968[0]:
| netplan leaks the private key of wireguard to local users. A
| security fix will be released soon.
If you fix the vulnera
Package: libgrokj2k1
Severity: normal
Hi,
I noticed that the upstream repository has been cleaned and old commits
are not available anymore. Also all older releases have been removed
from GitHub.
An upstream issue has been created about this [1] but has been closed
without much further infor
Source: tomcat9
Version: 9.0.70-2
Severity: normal
Hi,
in #926338 the home directory for the tomcat user has been set (from /) to
/var/lib/tomcat, however this directory is not created during install.
As the home directory is indeed needed in some cases as described in #926338,
it would be nice t
Package: bash-completion
Version: 1:2.11-6
Severity: minor
Hi,
completion for the ssh command offers PubkeyAcceptedKeyTypes as an option,
which has been renamed to PubkeyAcceptedAlgorithms in openssh 8.5
(https://www.openssh.com/txt/release-8.5), which makes this relevant starting
from bookworm.
Package: thunderbird
Version: 1:45.8.0-2
Severity: normal
Hi,
thunderbird fails to start after the migration. The AppArmor profile
does not
allow access to $HOME/.icedove. This prohibits thunderbird to start as it is
unable to use .parentlock:
[Sat Mar 25 20:01:33 2017] audit: type=1400 audit(14
Package: network-manager-iodine
Version: 1.2.0-1
Severity: normal
Tags: upstream
Hi Guido,
as discussed at FOSDEM the plugin is able to connect, but afterwards the
connection is unusable and gets killed after a minute:
** Message: iodine started with pid 26383
** Message: Enter password:
** Mess
Hi,
Am 27.01.2017 um 11:28 schrieb Raphael Hertzog:
> On Thu, 26 Jan 2017, Raphael Hertzog wrote:
>> This code thus assumes that the list ok known tags only contains a single
>> tag per unique fip->field_bit and this is no no longer the case with
>> the patches we added:
>> - CVE-2014-8128-5-fixed
Package: libtiff4
Version: 3.9.6-11+deb7u2
Severity: normal
On a wheezy system with libtiff4-3.9.6-11 the following works without a
problem:
mogrify -compress JPEG sample.tif
and adds JPEG compression to the formerly uncompressed sample.tif.
After upgrading to 3.9.6-11+deb7u1 or 3.9.6-11+deb7u2
Source: imlib2
Severity: normal
Tags: security upstream
Hi,
the following vulnerability was published for imlib2.
CVE-2016-4024[0,1]:
integer overflow resulting in insufficient heap allocation
The upstream fix can be found at [2]
If you fix the vulnerability please also make sure to include th
Package: hplip
Severity: normal
Tags: security
Hi,
the following vulnerability was published for hplip.
CVE-2015-0839[0]:
hp-plugin binary driver verification
It appears this has been fixed in upstream version 3.15.7 where the
short key id has been replaced by a long one in validation.py
If yo
Package: d-push
Severity: minor
Tags: patch
Hi,
new upstream homepage can be found at http://z-push.org/
Cheers
Matthias
diff --git a/debian/control b/debian/control
index 8f7d9c4..4d291c7 100644
--- a/debian/control
+++ b/debian/control
@@ -4,7 +4,7 @@ Priority: extra
Maintainer: Wolfram Quest
Package: d-push
Severity: wishlist
Hi,
a new version up Z-Push has been release today:
http://z-push.org/z-push-2-2-1-released/
Cheers
Matthias
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: src:linux
Version: 3.2.60-1+deb7u1
Severity: important
Hi,
after the update for DSA-2971-1 yesterday, X is starting using the vesa as the
intel module could not be loaded.
Cheers
Matthias
-- Package-specific info:
** Version:
Linux version 3.2.0-4-amd64 (debian-ker...@lists.debian.or
version scheme changes from three digits to two or something.
Cheers,
Matthias
>From a3fd17ec2d7c6d33eb5454b9b892be798d0fd2b1 Mon Sep 17 00:00:00 2001
From: Matthias Geerdsen
Date: Thu, 19 Jan 2012 21:43:38 +0100
Subject: [PATCH] add watch file
---
debian/watch |6 ++
1 files changed
Package: d-push
Severity: wishlist
Hi Wolfi,
it would be nice to have z-push 1.5.6, which was released 2011-12-08.
Thanks,
Matthias
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: libgempc410
Version: 1.0.6-1
Severity: important
Hi,
the generated /etc/reader.conf.d/libGemPC410 has a wrong LIBPATH entry:
LIBPATH /usr/lib/pcsc/drivers/serial/libGemPC410.so.1.0.5
which should be:
LIBPATH /usr/lib/pcsc/drivers/serial/libGemPC410.so.1.0.6
Regards,
Tags: patch
Hi,
attached is a patch for the interfaces(5) man page which fixes the wrong URL
(#534149) and the wrong filename for network-interfaces.gz (#521215).
Regards,
Matthias
--- interfaces.5.pre 2010-09-16 15:21:30.0 +0200
+++ interfaces.5.pre 2010-09-16 15:22:32.0 +0200
@
Hi,
I attached a simple template for cyrus.conf, which allows
enabling/disabling imap(s)/pop3(s)/sieve services in cyrus. I made a
trivial change to the Conf.pm module to trigger a kolab-cyrus restart, when
cyrus.conf has been modified. This could also be achieved by a RUNONCHANGE
statement in the
27 matches
Mail list logo
