Package: www.debian.org
Severity: serious
The header of the security page explains Debian's consideration of
security issues and mentions an average security issues response time
under 48 hours.
I am certainly not the first person to notice this, but I have seen
nothing about this issue since mon
Processing commands for [EMAIL PROTECTED]:
> tags 339007 + patch
Bug#339007: php4-mapscript: php_mapscript.so is into incorrect directory
There were no tags set.
Tags added: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrat
tags 339007 + patch
thanks
I've attached a patch to fix the php4-mapscript bug (which has the
potential to affect php5-mapscript too). It installs to the correct
directory and adds the correct ${misc:Depends} for the right phpapi
virtual package. It *does not* modify php.ini like the maintainer
sc
On Sat, Nov 19, 2005 at 03:51:54AM +0100, Frans Pop wrote:
> I'm seeing the same problem on my Sparc Ultra10. Switching to dhcp3-client
> solved the issue.
> Removal of the package might not be such a good idea as Debian-Installer
> uses the dhcp-client-udeb. I've not yet checked if the udeb has
I'm seeing the same problem on my Sparc Ultra10. Switching to dhcp3-client
solved the issue.
Removal of the package might not be such a good idea as Debian-Installer
uses the dhcp-client-udeb. I've not yet checked if the udeb has the same
problems on sparc.
pgpj9M3nFzGdl.pgp
Description: PGP
Processing commands for [EMAIL PROTECTED]:
> severity 339793 important
Bug#339793: sed: In-place editing (-i flag) drops EA (ACLs and user-defined)
Severity set to `important'.
> tags 339793 -security
Bug#339793: sed: In-place editing (-i flag) drops EA (ACLs and user-defined)
Tags were: security
severity 339793 important
tags 339793 -security
thanks
On Fri, Nov 18, 2005 at 10:01:31PM +0100, Pierre THIERRY wrote:
> When doing in-place editing, sed creates a new file without copying ACLs
> and user-defined EA. It's not only a loss of maybe precious data
> (user-defined EA) but a security ho
Package: cl-sql-mysql
Version: 3.4.6-1
Severity: serious
Hi,
I get the following error trying to load cl-sql-mysql with sbcl (and something
similar with cmucl):
;
/var/cache/common-lisp-controller/edenny/sbcl/clsql-mysql/db-mysql/mysql-loader.fasl
written
; compilation finished in 0:00:01
WAR
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.9.8
> # old lib only in oldstable
> severity 339802 important
Bug#339802: libmimelib1c2: Fails to install packege with apt
Severity set to `important'.
>
End of message, stopping processin
Package: arj
Version: 3.10.22-1
Severity: grave
Justification: renders package unusable
arj archives are failed to be unpacked under debian-amd64:
===cut===
ARJ32 v 3.10, Copyright (c) 1998-2004, ARJ Software Russia. [06 Aug 2005]
Processing archive: p333.arj
Archive created: 2005-11-17 07:39:34
Package: apt-howto
Version: 2.0.0-1
Severity: serious
Hi,
building the package apt-howto in a clean sid build environment
(with pbuilder) on i386 results in:
=
[...]
bin/fixtxt ca apt-howto.ca.txt
debiandoc2text -l $(ec
> There was an error while trying to autobuild your package...
Sorry I missed that. Looking at the ioctl.h's I see that I can't just drop
the test. Those defines will work for S390 but not for Alpha (at least).
I'll have review all the ioctl.h's and put in a bunch of #ifdefs. May take
a couple
On Friday 18 November 2005 04:33 pm, Alexandre Touret wrote:
> Unpacking libmimelib1c2 (from .../libmimelib1c2_4%3a3.4.2-2_i386.deb) ...
> dpkg: error processing
> /var/cache/apt/archives/libmimelib1c2_4%3a3.4.2-2_i386.deb (--unpack):
> trying to overwrite `/usr/lib/libmimelib.so.1.0.1', which is a
Package: php4-pear-log
Followup-For: Bug #331418
Hi all,
I personally contacted [0] the upstream author, Jon, with no response at this
moment.
I am going to wait a bit longer in order to give the time to manage the
situation and eventual mail queue.
Sorry for delay. This blocks the upload of ne
Processing commands for [EMAIL PROTECTED]:
> forwarded 339419 Maxim Koshelev
Bug#339419: d4x crashes in strlen () from /lib64/libc.so.6
Noted your statement that Bug has been forwarded to Maxim Koshelev.
>
End of message, stopping processing here.
Please contact me if you need assistance.
Debia
Processing commands for [EMAIL PROTECTED]:
> severity 339804 normal
Bug#339804: udev: links for intel-8x0 not crated in /dev
Severity set to `normal'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian Bug
severity 339804 normal
thanks
On Nov 18, Michael Rasmussen <[EMAIL PROTECTED]> wrote:
> The sound card in properly identified and loaded when the system is
> booting but since the links in /dev and /dev/snd is not created the
> sound card cannot be used. Running alsaconf solves the problem since
Your message dated Fri, 18 Nov 2005 13:47:09 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#338529: fixed in common-lisp-controller 4.26
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case
Processing commands for [EMAIL PROTECTED]:
> forworded 339419 Maxim Koshelev
Unknown command or malformed arguments to command.
> tags 339419 confirmed
Bug#339419: d4x crashes in strlen () from /lib64/libc.so.6
There were no tags set.
Tags added: confirmed
>
End of message, stopping processing h
Processing commands for [EMAIL PROTECTED]:
> clone 338879 -1
Bug#338879: cdbs: FTBFS: DVI file can't be opened
Bug 338879 cloned as bug 339806.
> reassign -1 db2latex-xsl
Bug#339806: cdbs: FTBFS: DVI file can't be opened
Bug reassigned from package `cdbs' to `db2latex-xsl'.
> tags -1 + upstream
clone 338879 -1
reassign -1 db2latex-xsl
tags -1 + upstream
block 338879 by -1
thanks
Coin,
Thanks you very much Frank for your explanation. I missed your recent
reply and conclude db2latex-xsl was buggy too after reading #321942 and
looking at the generated tex file.
Hope your nice reply woul
Package: udev
Version: 0.074-3
Severity: grave
Justification: renders package unusable
The sound card in properly identified and loaded when the system is
booting but since the links in /dev and /dev/snd is not created the
sound card cannot be used. Running alsaconf solves the problem since the
li
Package: libmimelib1c2
Version: 3.4.2-2
Severity: grave
Justification: renders package unusable
When I try to install with apt I have the following error
$LANG=C sudo apt-get -f install
Reading package lists... Done
Building dependency tree... Done
Correcting dependencies... Done
The following ex
Package: sed
Version: 4.1.2-8
Severity: grave
Tags: security
Justification: user security hole
When doing in-place editing, sed creates a new file without copying ACLs
and user-defined EA. It's not only a loss of maybe precious data
(user-defined EA) but a security hole, because dropping the ACLs
Processing commands for [EMAIL PROTECTED]:
> tags 328707 patch
Bug#328707: kernel-source-2.4.27: Compile fails
There were no tags set.
Tags added: patch
>
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator,
Processing commands for [EMAIL PROTECTED]:
> severity 339642 important
Bug#339642: libglib2.0-0 depends on libglib2.0-udeb
Severity set to `important'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian Bu
Processing commands for [EMAIL PROTECTED]:
> severity 339642 serious
Bug#339642: libglib2.0-0 depends on libglib2.0-udeb
Severity set to `serious'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian Bugs d
Cai Qian wrote:
To reproduce:
1) open http://www.filefactory.com/get/f.php?f=26f737dbc373854c4a38ac77 in a
browser
2) wait 15 sec
3) click at "Click here to continue to the download page."
4) wait another 15 sec
5) find a link to ftp under "FileFactory FTP -- Click here to download"
6) try to do
Hi,
I can confirm that joeyh's patch (which is in the BTS) does work for me in an
unstable chroot of today.
So I would be real happy about 2.4.27-12 upload, which would also fix the bugs
#324591 / #334631 (FTBFS: Missing build-dependency on gcc-3.3 ) which are
marked as pending.
That would b
Package: asterisk-sounds-main
Version: 1:1.0.9.dfsg-6
Severity: serious
Preparing to replace asterisk-sounds-main 1:1.0.9.dfsg-6 (using
.../asterisk-sounds-main_1%3a1.2.0.dfsg-1_all.deb) ...
Unpacking replacement asterisk-sounds-main ...
dpkg: error processing
/var/cache/apt/archives/asterisk-so
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.9.8
> severity 338592 normal
Bug#338592: moodle: SQL injection vulnerability
Severity set to `normal'.
>
End of message, stopping processing here.
Please contact me if you need assistance.
Hi,
From: Max Alekseyev <[EMAIL PROTECTED]>
Subject: Re: Bug#339419: d4x crashes in strlen () from /lib64/libc.so.6
Date: Fri, 18 Nov 2005 11:37:58 -0800
> To reproduce:
> 1) open http://www.filefactory.com/get/f.php?f=26f737dbc373854c4a38ac77 in a
> browser
> 2) wait 15 sec
> 3) click at "Click
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.9.8
> reassign 338529 common-lisp-controller
Bug#338529: mcvs: FTBFS: dangling symlink /usr/lib/clisp/base/lispinit.mem
Bug reassigned from package `clisp' to `common-lisp-controller'.
>
En
On Wednesday 16 November 2005 21:37, Roland Stigge wrote:
> > Is the clisp package configured? This should not happen if the package is
> > configured.
>
> Without the build dependencies configured, pbuilder wouldn't even try to
> compile the package. Did you try?
I think I have found the problem.
Cai Qian wrote:
d4x on attempt to process a link like
ftp://a5:[EMAIL
PROTECTED]/e/edbf5d055412df097e9ab4a16a886361/AB_091__E_.part05.rar
Please note that this particular link is already expired (i.e., login is incorrect and d4x survives).
To get a fresh one, open http://www.filefactory.com/g
On Friday, 18 November 2005 15:32, Martin Dougiamas wrote:
> These are all fixed in 1.5.3.
>
> Well, to be exact about the SQL injection we found it was almost impossible
> to fix completely so we now just recommend correct PHP settings to overcome
> that problem. It turns out that the particular
Your message dated Fri, 18 Nov 2005 11:17:31 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#339715: openafs-modules-source: build fails in
sysincludes.h (redefinition)
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been deal
Package: tkdiff
Version: 1:4.0.2-3
Severity: grave
I'm sad to report that tkdiff still seems broken. This is on a diff of a
subversion file.
Error in startup script: can't read "errorCode": no such variable
while executing
"error "Failed creating temporary file: $errorCode""
(procedure "t
On Fri, Nov 18, 2005 at 02:33:14AM -0800, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> #337155: zope3-sandbox doesn't start,
> which was filed against the zope-common package.
>
> It has been closed by one of the developers, namely
> Fabio Tranc
Your message dated Fri, 18 Nov 2005 10:17:08 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#326385: fixed in bc 1.06-19
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your re
tags 338920 + patch
thanks,
Jason Hoover @ 2005-11-13 (Sunday), 15:26 (-0500)
> Migrationtools leaves insecure temporary files containing information from
> /etc/shadow.
Attached is a patch that calls mktemp at appropriate places. I took the
liberty to change the variable names used from TMPDIR
Processing commands for [EMAIL PROTECTED]:
> tags 338920 + patch
Bug#338920: migrationtools: Insecure handling of temporary files
Tags were: security
Tags added: patch
> thanks,
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(adminis
On Fri, Nov 18, 2005 at 08:02:24PM +1100, Hamish Moffatt wrote:
> On Tue, Nov 15, 2005 at 07:57:24AM +0100, Matthias Klose wrote:
> > Package: tqsllib
> > Severity: important
> > Please do not take any action before reading
> > http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html
>
Your message dated Fri, 18 Nov 2005 09:47:04 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#339686: fixed in adduser 3.79
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Fri, 18 Nov 2005 09:47:28 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#339074: fixed in linux-ftpd-ssl 0.17.18+0.3-5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.9.8
> severity 339568 grave
Bug#339568: initramfs-tools: incompatibility with udev 0.74 (0.72.2 and beyond)
Severity set to `grave'.
>
End of message, stopping processing here.
Please cont
tags #339686 patch confirmed pending
severity #339686 serious
# this is an rc bug in the maintainer's opinion.
thanks
On Thu, Nov 17, 2005 at 03:10:08PM -0800, Matt Zimmerman wrote:
> Many chroot environments don't use shadow passwords, and adduser seems to
> fail in those enviroments now.
It f
On Fri, Nov 18, 2005 at 09:47:54AM -0500, Antoine Beaupre wrote:
> > I've read that page; the issue is that I don't see any description of a
> > method of *causing* a $GLOBALS overwrite that doesn't fall into the category
> > of "stupid variable handling".
> The advisory[1] tells us that PHP 4.3
Package: rox
Version: 2.3-1
Severity: serious
There was an error while trying to autobuild your package:
> Automatic build of rox_2.3-1 on debian-31 by sbuild/s390 69
[...]
> ** Using build dependencies supplied by package:
> Build-Depends: libgtk2.0-dev (>= 2.0.1), libxml2-dev, debhelper (>= 4.0
Package: asterisk
Version: 1:1.2.0.dfsg-1
Severity: serious
There was an error while trying to autobuild your package:
> Automatic build of asterisk_1:1.2.0.dfsg-1 on debian01 by sbuild/s390 69
[...]
> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>= 4.0.4), sed (>=
ndeclared (first use in this
> function)
> rtc_linux.c:1049: error: 'CHRONY_IOC_TYPEBITS' undeclared (first use in this
> function)
> rtc_linux.c:1049: error: 'CHRONY_IOC_SIZEBITS' undeclared (first use in this
> function)
> make[1]: *** [rtc_linux.o] Error
Processing commands for [EMAIL PROTECTED]:
> tags #339686 patch confirmed pending
Bug#339686: Fails where shadow passwords are disabled
Tags were: patch
Tags added: patch, confirmed, pending
> severity #339686 serious
Bug#339686: Fails where shadow passwords are disabled
Severity set to `serious'
also sprach Nico Golde <[EMAIL PROTECTED]> [2005.11.18.1723 +0100]:
> Since I am only using it a few weeks this will not make
> sense to me. But is an NMU ok for you so the package in
> unstable is at least not broken anymore?
It makes more sense than leaving it to me, who does not use it
anymor
Hi,
* martin f krafft <[EMAIL PROTECTED]> [2005-11-18 17:16]:
> also sprach Nico Golde <[EMAIL PROTECTED]> [2005.11.18.1644 +0100]:
> > Since this bug is some days old,easy to fix and Martin seems
> > to be on vacation, is it ok for you if I NMU the package?
>
> I do not use libunit++ anymore, so
Your message dated Fri, 18 Nov 2005 08:02:15 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#326456: fixed in libmasonx-request-withapachesession-perl
0.30-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If
also sprach Nico Golde <[EMAIL PROTECTED]> [2005.11.18.1644 +0100]:
> Since this bug is some days old,easy to fix and Martin seems
> to be on vacation, is it ok for you if I NMU the package?
I do not use libunit++ anymore, so you are free to adopt it.
--
.''`. martin f. krafft <[EMAIL PROT
Your message dated Fri, 18 Nov 2005 07:47:08 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#339703: fixed in gcc-2.95 2.95.4.ds15-24
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it i
Processing commands for [EMAIL PROTECTED]:
> clone 339691 -1
Bug#339691: vacation does not wait for its sendmail child
Bug 339691 cloned as bug 339749.
> reassign -1 maildrop
Bug#339749: vacation does not wait for its sendmail child
Bug reassigned from package `vacation' to `maildrop'.
> retitle
Processing commands for [EMAIL PROTECTED]:
> tag 339187 + patch
Bug#339187: library package needs to be renamed (libstdc++ allocator change)
There were no tags set.
Tags added: patch
> tag 339187 + pending
Bug#339187: library package needs to be renamed (libstdc++ allocator change)
Tags were: pat
Processing commands for [EMAIL PROTECTED]:
> severity 339720 normal
Bug#339720: never call debian/control rule and build this file during the build
Severity set to `normal'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(ad
severity 339720 normal
thanks
Ironically enough, because this is CDBS itself doing this, which means there
is no build-dependency on an external tool that results in altering the
contents of debian/control, the regeneration of the control file is
absolutely idempotent; and because the regeneration
clone 339691 -1
reassign -1 maildrop
retitle -1 maildrop: kills processes it shouldn't
severity 339691 normal
thanks
On Fri, Nov 18, 2005 at 10:44:26AM +0100, Vlada Macek wrote:
> [At 18.11.2005 08:23, Steve Langasek kindly sent the following quotation.]
> > On Fri, Nov 18, 2005 at 01:17:43AM +01
tag 339187 + patch
tag 339187 + pending
thanks
Hi Ryuichi!
On Thu, Nov 17, 2005 at 03:21:32AM +0100, Matthias Klose wrote:
> Compiler versions g++-4.0_4.0.2-4 and g++-3.4_3.4.4-10 are now in the
> archive. The renaming of the library packages can now start. You can
> upload the packages even be
Since this bug is some days old,easy to fix and Martin seems
to be on vacation, is it ok for you if I NMU the package?
Regards Nico
--
Nico Golde - JAB: [EMAIL PROTECTED] | GPG: 0x73647CFF
http://www.ngolde.de | http://www.muttng.org | http://grml.org
Forget about that mouse with 3/4/5 buttons -
# Fixed in r246 by kink
tag 339700 + pending
thanks
These bugs are fixed in revision 246 by kink
Log message:
* Move database schemas to /usr/share/phpbb2/schemas, because
phpbb2-conf-mysql depends on them being present (Closes: #339700).
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
severity 339007 grave
thanks
On Fri, Nov 18, 2005 at 09:05:08AM +0100, Petter Reinholdtsen wrote:
> > I get this error because php_mapscript.so is into /usr/lib/php4/20020429:
> > Warning: dl(): Unable to load dynamic library
> > '/usr/lib/php4/20050606/php_mapscript.so' -
> > /usr/lib/php4/2005
Processing commands for [EMAIL PROTECTED]:
> severity 339742 important
Bug#339742: Gnome start from gdm hangs while initializing gnome-panel.
Severity set to `important'.
> tag 339742 moreinfo unreproducible
Bug#339742: Gnome start from gdm hangs while initializing gnome-panel.
There were no tags
Processing commands for [EMAIL PROTECTED]:
> severity 339007 grave
Bug#339007: php4-mapscript: php_mapscript.so is into incorrect directory
Severity set to `grave'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrat
Processing commands for [EMAIL PROTECTED]:
> # Fixed in r246 by kink
> tag 339700 + pending
Bug#339700: database schemas should not be in /usr/share/doc
There were no tags set.
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking s
Hi,
From: Max <[EMAIL PROTECTED]>
Subject: Bug#339419: d4x crashes in strlen () from /lib64/libc.so.6
Date: Tue, 15 Nov 2005 22:15:11 -0800
> Package: d4x
> Version: 2.5.6-2
> Severity: grave
> Justification: renders package unusable
>
> d4x on attempt to process a link like
> ftp://a5:[EMAIL
>
These are all fixed in 1.5.3.
Well, to be exact about the SQL injection we found it was almost impossible
to fix completely so we now just recommend correct PHP settings to overcome
that problem. It turns out that the particular settings that allowed
the SQL
injection were actually quite rare.
On Thu Nov 17, 2005 at 11:15:05PM -0800, Steve Langasek wrote:
> On Thu, Nov 17, 2005 at 07:38:18PM -0500, Antoine Beaupre wrote:
> > Package: php4
> > Version: 4:4.3.10-16
> > Followup-For: Bug #336645
>
> > http://www.hardened-php.net/index.76.html
>
> > This page explains why the so-called 'gl
Package: gnome-panel
Version: 2.10.2-1
Severity: grave
Justification: renders package unusable
I just upgraded from stable to testing.
While starting Gnome from gdm, Gnome hangs while initializing gnome-panel.
Error message in ~/.xsession-errors:
gnome-panel: symbol lookup error: gnome-panel: un
Your message dated Fri, 18 Nov 2005 05:02:08 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#339622: fixed in fluidsynth 1.0.6-4
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now
Python 2.3.5
Is it pretty painless to upgrade? Or can I send you any other debug
information that would be helpful?
-Kevin
On Fri, 2005-11-18 at 11:24 +0100, Clément Stenac wrote:
> Hello,
>
> I cannot currently test this bug with python-2.3 due to #339718.
> (gdesklets does not start at all,
Selon Bastian Blank <[EMAIL PROTECTED]>:
> Package: ace
> Version: 5.4.7-5
> Severity: serious
>
> There was an error while trying to autobuild your package:
>
> > Automatic build of ace_5.4.7-5 on debian01 by sbuild/s390 69
> [...]
> > g++-3.4 -W -Wall -Wpointer-arith -O3 -pipe -D_REENTRANT
> -
Please revert the mips optimisation part of this NMU, the compiler
bug it worked around is fixed in gcc-4.0 4.0.2-4.
Thiemo
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Nov 18, Vlada Macek <[EMAIL PROTECTED]> wrote:
> I don't know whether the package maintainer is viable (there is at least
> one other serious bug for vacation), but I plead for fixing this bug. It
I plan to finish my pending vacation update, some day.
But people should really stop using autores
Your message dated Fri, 18 Nov 2005 11:34:56 +0100
with message-id <[EMAIL PROTECTED]>
and subject line insight: #286446 has been fixed
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your re
Hello,
I cannot currently test this bug with python-2.3 due to #339718.
(gdesklets does not start at all, even earlier in the process).
However, with python 2.4, everything works correctly for me.
Could you tell me which python version you are using (python -V)?
Thanks,
--
Clément
There have been CVE assignment for these issues:
CVE-2005-3488:
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial
of service (long loop and server hang) via a negative numplayers value that
bypasses a signed check in ServerConnectHandler.cpp.
CVE-2005-3487:
Multiple bu
Package: insight
Version: 6.3.50+cvs.2005.11.16-1
Severity: serious
Tags: patch
When building 'insight' in a clean 'unstable' chroot,
I get the following error:
WARNING: `makeinfo' is missing on your system. You should only need it if
you modified a `.texi' or `.texinfo' file, or any ot
Il giorno mar, 15/11/2005 alle 09.37 +0100, Andreas Tille ha scritto:
> Package: zope-common
> Version: 0.5.13
> Severity: grave
> Justification: renders package unusable
Hi Andreas,
could you please check it the new zope-common package (which I'm
uploading now, and which will be available soon
On Thu, Nov 17, 2005 at 01:35:00PM -0800, Steve Langasek wrote:
>
> I've prepared an NMU to fix both of these release critical bugs. Please
> find the patch attached.
>
> The NMU will be uploaded to the DELAYED/5-day queue on gluck; if you believe
> this NMU is insufficient for some reason, plea
Package: rox-filer
Version: 2.3-1
Severity: grave
Justification: causes non-serious data loss
On upgrade from 2.2.0-3 to 2.3-1, I lost most of my pinboard icons (the
only one left is the Home one). All I had was a message telling me the
choices directory had changed, and another telling it cou
Package: cdbs
Version: 0.4.32
Severity: serious
Hi
It should never be possible to call a target named debian/control ,
which will build a control file during the build. But this is possible
with cdbs, because the target has the name of a file which exists and then
the rules will call this target.
Package: gdesklets
Version: 0.35.2-3
Severity: grave
Justification: renders package unusable
gdesklets does not start with python 2.3 (even on pristine unstable
chroot).
It remains forever on "Connecting to daemon [] "until timeout.
This is due to the fact that the pytho
[At 18.11.2005 08:23, Steve Langasek kindly sent the following quotation.]
> On Fri, Nov 18, 2005 at 01:17:43AM +0100, Vlada Macek wrote:
>
>> Vacation does not wait for its sendmail child to die in any way and
>> exits!
>
>> Therefore accurate vacation parent (such as maildrop MDA) wipes
>> forke
Sorry, I've been to hasty:
The redirection vulnerability in jumpto.php is CVE-2005-3649 and
the SQL injection vulnerabilities are CVE-2005-3648.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
This has been assigned CVE-2005-3648, please mention it in the changelog
when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hamish Moffatt writes:
> On Tue, Nov 15, 2005 at 07:57:24AM +0100, Matthias Klose wrote:
> > Package: tqsllib
> > Severity: important
> >
> > Please do not take any action before reading
> > http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html
> >
> > This bug report is filed again
On Tue, Nov 15, 2005 at 07:57:24AM +0100, Matthias Klose wrote:
> Package: tqsllib
> Severity: important
>
> Please do not take any action before reading
> http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html
>
> This bug report is filed against the source package which builds
> a
Processing commands for [EMAIL PROTECTED]:
> tags 339703 + pending
Bug#339703: gcc-2.95: ftbfs [sparc] 1 out of 1 hunk FAILED -- saving rejects to
file include/obstack.h.r
There were no tags set.
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
D
Package: openafs-modules-source
Version: 1.3.81-3sarge1
Severity: serious
Tags: patch
Justification: no longer builds from source
Here's the compile error:
/usr/src/modules/openafs/src/afs/sysincludes.h:79: error: redefinition of
'struct coda_inode_info'
/usr/src/modules/openafs/src/afs/
Joerg Jaspert <[EMAIL PROTECTED]> writes:
> - Your package was held back since it was requested to ease a move of
> whatever packages to testing. I cant see right now a unblock request in
> my mail folders (but that may be because Im @work, so may be unable to
> find it, limited access to my mailb
Hi
Steve asked for a little comment here, so here it goes:
- Your package was held back since it was requested to ease a move of
whatever packages to testing. I cant see right now a unblock request in
my mail folders (but that may be because Im @work, so may be unable to
find it, limited access t
Processing commands for [EMAIL PROTECTED]:
> severity 339007 important
Bug#339007: php4-mapscript: php_mapscript.so is into incorrect directory
Severity set to `important'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(adm
severity 339007 important
thanks
> I get this error because php_mapscript.so is into /usr/lib/php4/20020429:
>
> Warning: dl(): Unable to load dynamic library
> '/usr/lib/php4/20050606/php_mapscript.so' -
> /usr/lib/php4/20050606/php_mapscript.so: cannot open shared object file
>
> I have corre
Processing commands for [EMAIL PROTECTED]:
> tags 326382 patch
Bug#326382: please rebuild with libreadline5-dev as build dependency
There were no tags set.
Tags added: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(ad
[ unrelated maintainer who just found this behavior trying to test another
package entirely ]
I don't believe the /proc/pid/exe symlink contents will change; the (deleted)
convention is lsof's, AFAIK.
Although the argument made in Bug#256790 is plausible, matching the exact
executable doesn't s
1 - 100 of 101 matches
Mail list logo
