Bug#359797: etch 1+1/2 fix needed?

2008-06-05 Thread bgrpt
Version: 1.0.18-5 My last report was not correct. It's still's not working with newer kernels and changed libsane.rules: This version is working on etch with original debian-kernel. Only newer kernels will fail because of deprecated USB class devices. (the complete /dev/bus/usb directory is mis

Bug#359797: Problem exist with newer kernels?

2008-06-05 Thread bgrpt
reopen 359797 thanks Package: libsane Version: 1.0.18-5 With kernel version 2.6.25.4 (and earlier?) I need to replace in /etc/udev/libsane.rules ACTION!="add", GOTO="libsane_rules_end" SUBSYSTEM!="usb_device", GOTO="libsane_rules_end" with: ACTION!="add", GOTO="libsane_rules_end" SUBSYSTEM!="

Bug#483199: 9.0.124.0 Not Vulnerable?

2008-05-29 Thread bgrpt
http://www.securityfocus.com/bid/29386/discuss tells the following: NOTE: Further research indicates that this vulnerability is the same issue described in BID 28695 (Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability), so this BID is being retired. And http://www.security

Bug#462622: [sun-java5] Remove from etch/non-free due to security problems

2008-01-26 Thread bgrpt
Source: sun-java5 Version: 1.5.0-10-3 java with it's browser plugin runtime is a widely used software package which has no support by the security team and not enough support from the package maintainers / release team. There are serious remote vulns. unfixed in etch which which are rated by the

Bug#454966: security.debian.org not in sync [data and protocol]

2007-12-08 Thread bgrpt
Package: security.debian.org From time to time 128.31.0.36 is out of sync. (eg. time between DSA-1420 and DSA-1421) But also protocol problems exist using a caching algorithm. Neither the "Last-modified:", nor the ETag used for caching information in HTTP/1.1 [1,2,3] is in sync on all three serv

Bug#369433: Security Servers not in sync

2007-12-06 Thread bgrpt
> So, please either try the new version and see how you get on, or provide > more detail. security.debian.org currently consists of 3 IPs 128.31.0.36 212.211.132.32 212.211.132.250 If you telnet to every IP on port 80 and try GET /debian-security/dists/etch/updates/ you'll see from time to time (

Bug#369433: Security Servers not in sync

2007-12-06 Thread bgrpt
The problem is that security-servers are not in sync and Release / Release.gpg are fetched from different servers. 128.31.0.36 lists dates of 14:00 sth. 212.211.132.(32|250) list 19:00 sth. Temp fix: Insert into /etc/hosts 212.211.132.32 security.debian.org -- To UNSUBSCRIBE, email to [