On Fri, Nov 07, 2008 at 09:14:43PM +0100, Moritz Muehlenhoff wrote:
> Is this still reproducable with current 2.6.28-rcX kernels? If so,
Are those somewhere on http://kernel-archive.buildserver.net/ ?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Conta
Package: balazar3-2d
Version: 0.1-2
Severity: grave
Justification: renders package unusable
On running balazar3 I get the following output:
* Balazar 3 * Balazar 3 lives in /usr/share/games
* Balazar 3 * (Psyco not found; if you are using an x86 processor, installing
psyco can speed up Balazar 3
Your message dated Sat, 08 Nov 2008 02:17:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504000: fixed in chrony 1.23-4
has caused the Debian Bug report #504000,
regarding chrony: init script hangs forever breaks upgrade
to be marked as done.
This means that you claim that the
Processing commands for [EMAIL PROTECTED]:
> # Assumed; submitter had 2.6.24.3 which was never packaged in Debian
> found 504926 2.6.24-5
Bug#504926: linux-2.6: read() of /dev/rtc hangs on some systems
Bug marked as found in version 2.6.24-5.
>
End of message, stopping processing here.
Please co
Processing commands for [EMAIL PROTECTED]:
> clone 504000 -1
Bug#504000: chrony: init script hangs forever breaks upgrade
Bug 504000 cloned as bug 504926.
> reassign -1 linux-2.6
Bug#504926: chrony: init script hangs forever breaks upgrade
Bug reassigned from package `chrony' to `linux-2.6'.
> r
I think this is the same as
http://bugzilla.kernel.org/show_bug.cgi?id=11978
https://bugs.gentoo.org/show_bug.cgi?id=245927
--
Olivier Crête
[EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
On 8-11-2008 0:09, Andrea De Iacovo wrote:
> 6. we can try to prepare a workaround while we wait an officile fix from
> upstream: maybe I could implement a function to check out if dangerous
> cookies are present and stop any other operation until those cookies are
> not removed.
>
There is an
2008/11/7 Andrea De Iacovo <[EMAIL PROTECTED]>:
> Il giorno ven, 07/11/2008 alle 15.36 -0600, Raphael Geissert ha scritto:
>>
>> You can also set cookies via javascript code, e.g.
>> document.cookie = "GLOBALS=1;domain=.domain.tld";
>
> ok that's true.
>
> So let's see what we have:
> 1. $_REQUEST
Your message dated Fri, 07 Nov 2008 23:17:05 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#501253: fixed in apt 0.7.18
has caused the Debian Bug report #501253,
regarding apt-utils: Please do not link againd libdb4.4
to be marked as done.
This means that you claim that the proble
Your message dated Fri, 07 Nov 2008 23:17:05 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504181: fixed in apt 0.7.18
has caused the Debian Bug report #504181,
regarding apt_0.7.17~exp4 (ia64/experimental): FTBFS: doc/apt-cache.8: No such
file or directory
to be marked as done.
Il giorno ven, 07/11/2008 alle 15.36 -0600, Raphael Geissert ha scritto:
> 2008/11/7 Andrea De Iacovo <[EMAIL PROTECTED]>:
> >> Hi,
> >>
> >> It is not just about the DoS (because as I demonstrated, there are
> >> other possible attacks).
> >> The whole point is that wordpress' (ab)use of $_REQUEST
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> tags 503798 + pending
Bug#503798: libjboss-serialization-java: java bytecode / java runtime version
mismatch
Tags were: patch
Tags added: pending
>
End of message, stopping process
Your message dated Fri, 07 Nov 2008 22:47:22 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504657: fixed in gstm 1.2-6
has caused the Debian Bug report #504657,
regarding gstm: implicit pointer conversions
to be marked as done.
This means that you claim that the problem has been
Your message dated Fri, 07 Nov 2008 22:47:17 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#503775: fixed in glassfish 1:2ur2-b04-2
has caused the Debian Bug report #503775,
regarding glassfish: java bytecode / java runtime version mismatch
to be marked as done.
This means that yo
Your message dated Fri, 07 Nov 2008 22:47:12 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#503775: fixed in glassfish 2+b58g-3lenny1
has caused the Debian Bug report #503775,
regarding glassfish: java bytecode / java runtime version mismatch
to be marked as done.
This means that
Hi,
actually, this bug is a bit different from what you've written.
opensync-plugin-moto is written in python, having a private library
motosync which is installed to /usr/lib/opensync/python-plugins.
As this dir is not in the default python path, the follwoing code in
mototool gets executed (the
> Hi,
>
> 2008/11/7 Thijs Kinkhorst <[EMAIL PROTECTED]>:
> > Hi,
> >
> > I don't think this is a grave security issue. It is only a DoS for one
> > client
> > application, which requires another vulnerability to be present, can be
>
> It is not just about the DoS (because as I demonstrated, ther
Christophe Mutricy <[EMAIL PROTECTED]> writes:
> One solution is to not install the .la
Find an NMU for this solution attached.
If I can help you with that, I can upload this as NMU.
diff -u libggi-2.2.2/debian/changelog libggi-2.2.2/debian/changelog
--- libggi-2.2.2/debian/changelog
+++ libggi
2008/11/7 Andrea De Iacovo <[EMAIL PROTECTED]>:
>> Hi,
>>
>> It is not just about the DoS (because as I demonstrated, there are
>> other possible attacks).
>> The whole point is that wordpress' (ab)use of $_REQUEST is leading to
>> more and more possible attacks (as I also demonstrated by showing h
On Mon, Jun 09, 2008 at 06:13:57PM +, Clint Adams wrote:
> severity 453259 grave
> quit
>
> Raising severity since lenny will likely ship with a default kernel
> that causes this.
Is this still reproducable with current 2.6.28-rcX kernels? If so,
could you file a bug at bugzilla.kernel.org?
Package: nagios3
Severity: grave
Tags: security patch
Hi,
The following SA (Secunia Advisory) id was published for Nagios.
SA32610[1]:
> Andreas Ericsson has discovered a vulnerability in Nagios, which can be
> exploited by malicious people to conduct cross-site request forgery
> attacks.
>
> Th
2008/11/7 Andrea De Iacovo <[EMAIL PROTECTED]>:
>> Package: wordpress
>> Version: 2.0.7-1
>> Severity: grave
>> Tags: security
>>
>> Hi,
>>
>> Due to the completely incorrect usage of $_REQUEST almost all over the place
>> wordpress is subject to delayed attacks via cookies.
>>
>> The attack can be
Hi,
2008/11/7 Thijs Kinkhorst <[EMAIL PROTECTED]>:
> Hi,
>
> I don't think this is a grave security issue. It is only a DoS for one client
> application, which requires another vulnerability to be present, can be
It is not just about the DoS (because as I demonstrated, there are
other possible at
Your message dated Fri, 07 Nov 2008 19:17:11 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#495098: fixed in nvidia-graphics-drivers-legacy-71xx
71.86.07-1
has caused the Debian Bug report #495098,
regarding nvidia-kernel-legacy-71xx-source: kernel module fails to build with
curr
tags 504852 moreinfo
severity 504852 important
thanks
Hello,
penktadienis 07 Lapkritis 2008, Alexandre LISSY rašė:
> Severity: critical
> Justification: breaks unrelated software
Yeah, sure. Numerous users (including me) have been using it successfully for
months already. So this bug is hardly c
Processing commands for [EMAIL PROTECTED]:
> tags 504852 moreinfo
Bug#504852: libtag1c2a 1.5-3 makes Amarok segfault at startup.
There were no tags set.
Tags added: moreinfo
> severity 504852 important
Bug#504852: libtag1c2a 1.5-3 makes Amarok segfault at startup.
Severity set to `important' from
Your message dated Fri, 07 Nov 2008 18:47:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#500336: fixed in grub 0.97-47lenny1
has caused the Debian Bug report #500336,
regarding grub - Misguides Xen images
to be marked as done.
This means that you claim that the problem has been
Package: libggi2-dev
Version: 1:2.2.2-2
Severity: grave
Justification: renders package unusable
Hello,
libggi2-dev install /usr/lib/libggi.la and in this file
the "dependency_libs" is ' -L/usr/lib /usr/lib/libaa.la -lslang -lm -lncurses
-lvga -lvgagl -lXxf86dga -lXxf86vm -lXext /usr/lib/libgii.
Your message dated Fri, 07 Nov 2008 18:47:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#501306: fixed in grub 0.97-47lenny1
has caused the Debian Bug report #501306,
regarding update-grub fails silently with wrong device.map
to be marked as done.
This means that you claim that
I am running intrepid ibex server on an amd 3500+ on epox 9nda3+ with
ATI x800 AIW and new corsair ram (1024mb) that has been stress tested.
No other issues for a week then last night system-backend-tools broke.
Same experience as everyone else. I stopped the service using:
/etc/init.d/syst
Your message dated Fri, 07 Nov 2008 18:47:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#501306: fixed in grub 0.97-47lenny1
has caused the Debian Bug report #501306,
regarding update-grub silently fails when device.map is not up to date
to be marked as done.
This means that yo
On 2008-11-07 Frank Lichtenheld <[EMAIL PROTECTED]> wrote:
> Package: libtasn1-3
> Version: 1.5-2
> Severity: serious
> Hi,
> your package failed to build from source. The problem seems to be pretty
> architecture specific, as all other builds succeeded so far.
[...]
> | ASN1TREE: ./pkix.asn
>
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.9.26
> tags 500336 pending
Bug#500336: grub - Misguides Xen images
Tags were: patch
Tags added: pending
>
End of message, stopping processing here.
Please contact me if you need assistance
On Thu, Oct 30, 2008 at 06:50:10PM +0100, Raphael Hertzog wrote:
>
> Why are we trying to guess the future here ? We want something working for
> lenny now and we'll fix that for squeeze when it has been merged upstream.
>
> [...]
>
> I propose to not use Thomas patch but to remove the code that
Your message dated Fri, 07 Nov 2008 18:02:05 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#503771: fixed in coco-java 20081001-3
has caused the Debian Bug report #503771,
regarding coco-java: java bytecode / java runtime version mismatch
to be marked as done.
This means that you
Package: opensync-plugin-moto
Version: 0.22-1
Severity: grave
Justification: renders package unusable
The package must have libopensync0-dev installed, otherwise it will only
print:
Error: couldn't locate OpenSync library directory
-- System Information:
Debian Release: lenny/sid
APT prefers te
* Mika Hanhijärvi [Fri, 07 Nov 2008 14:49:40 +0200]:
> Package: sbackup
> Version: 0.10.5
> I can't reproduce this bug.
> I use Debian Lenny with latest updates and I just made a small test
> backup. I did not have any problem backupping data using sbackup. Backup
> Now! button, worked just fin
Your message dated Fri, 07 Nov 2008 17:17:30 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504659: fixed in tasksel 2.77
has caused the Debian Bug report #504659,
regarding tasksel: Gnome pushes File and DNS server and language tasks off CD1
to be marked as done.
This means that
Your message dated Fri, 07 Nov 2008 17:17:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#501597: fixed in bzr-gtk 0.95.0+bzr622-1
has caused the Debian Bug report #501597,
regarding [bzr-gtk] nautilus-bzr.py is configured to be placed in the wrong
directory
to be marked as done
* Thomas Schweitzer [Mon, 03 Nov 2008 09:53:24 +0100]:
Hello, Thomas.
> Seems if there was no volunteer for maintaining the UiGUI Debian
> packaging. So I will try to do that myself, since I am the developer of
> UiGUI.
> Can anyone tell me what is needed for submitting the new package?
>
* Eddy Petrișor [Fri, 07 Nov 2008 14:10:41 +0200]:
> Hello,
> The package universalindentgui is currently in RFA state and has a bug
> that prevents its usage by default.
> The program relies on a temporary location which should be, in theory,
> a directory "$TMPDIR/UniversalIndentGUI", but the
* Ryan Niebur [Thu, 06 Nov 2008 21:09:06 -0800]:
> Hi!
> I would like you to consider a freeze exception for an RC bug fix in
> gstm. The version fixing the bug has not yet been uploaded, so the
> debdiff is attached (there are extra non-RC changes due to the fact
> that a new version has already
Package: libtag1c2a
Version: 1.5-3
Severity: critical
Justification: breaks unrelated software
The libtag1c2a present in lenny/sid (1.5-3) makes amarok segfault at startup.
Installing amarok-dbg, and running
it in gdb reveals that it segfault in /usr/lib/libtag.so.1.
So, I tried and installed l
On Fri, Nov 07, 2008 at 09:26:23PM +1030, Ron wrote:
> On Sun, May 25, 2008 at 07:32:18PM +0200, Dirk Griesbach wrote:
>> On Mon, May 26, 2008 at 12:42:02AM +0930, Ron wrote:
>>> does sound like a new regression. Can you please confirm if this
>>> behaviour
>>> is present or absent with the 0.7.9.
Your message dated Fri, 07 Nov 2008 16:17:06 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#503315: fixed in swfdec-mozilla 0.6.0-5
has caused the Debian Bug report #503315,
regarding iceweasel: Iceweasel shutdowns and triggers bug reporter
to be marked as done.
This means that yo
Package: libmono-system-data1.0-cil
Version: 1.9.1+dfsg-3
Severity: serious
The Microsoft SQL Client (System.Data.SqlClient) part of the System.Data
library, has a serious regression when running on the CLI 1.1 profile.
This is caused by a patch introduced in version 1.9.1+dfsg-3 that fixes
conne
Your message dated Fri, 07 Nov 2008 13:47:21 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#492970: fixed in nfs-utils 1:1.1.4-1
has caused the Debian Bug report #492970,
regarding nfs-common 1:1.1.3-1 client disallows access to files/directories
where it should allow access
to be
Your message dated Fri, 07 Nov 2008 13:47:21 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#492970: fixed in nfs-utils 1:1.1.4-1
has caused the Debian Bug report #492970,
regarding nfs-common 1:1.1.3-1 client disallows access to files/directories
where it should allow access
to be
Hi,
A new package version including the provided patch is available on [1]
for uploading. This is an NMU, but of course, the package maintainer
is allowed to convert it to a normal upload if he is hanging around
;-)
[1] http://mentors.debian.net/debian/pool/main/p/pywbxml
dget
http://mento
Your message dated Fri, 07 Nov 2008 13:17:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504795: fixed in pywbxml 0.1-2
has caused the Debian Bug report #504795,
regarding python-wbxml unusable due to WBXMLParseError
to be marked as done.
This means that you claim that the prob
Package: sbackup
Version: 0.10.5
I can't reproduce this bug.
I use Debian Lenny with latest updates and I just made a small test
backup. I did not have any problem backupping data using sbackup. Backup
Now! button, worked just fine and backup was made as expected.
-- System Information:
Debian
Yes, the bug i report is the same you mention.
The real severity of the bug (that otherwise should have been a wish list
item) is that the versions i download from openofficeorg behave
differently than the ones you get from debian site, and a file that have
expected results from one does not ha
Your message dated Fri, 07 Nov 2008 11:47:08 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504149: fixed in virtualbox-ose 1.6.6-dfsg-3
has caused the Debian Bug report #504149,
regarding virtualbox-ose: symlink vulnerability due to bad /tmp handling
to be marked as done.
This me
On Friday 07 November 2008, Frans Pop wrote:
> There's another risk with having such a large key requirement for the
> task: that the gnome-desktop task will eat up all space on CD1 but will
> still not be installable because the dependencies of the key packages
> overflow to CD2.
And that's not e
Processing commands for [EMAIL PROTECTED]:
> tags 504659 + patch
Bug#504659: tasksel: Gnome pushes File and DNS server and language tasks off CD1
There were no tags set.
Tags added: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system adm
tags 504659 + patch
thanks
On Thursday 06 November 2008, Josselin Mouette wrote:
> > I would therefore suggest to change the following packages from
> > Depends to Recommends in gnome-d-e:
> > - gnome-user-guide (16MB download size!)
>
> WTF? Dropping the core user documentation?
Where exactly do
E-mail([EMAIL PROTECTED]) for the claims of £1,350.000 pounds in the
Irish-Promo claims Requirement: Name, Occupation, Address, Tel:
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi Dirk,
Can you confirm if this is present or not in the 0.8.1.6-1 package?
Thanks,
Ron
On Sun, May 25, 2008 at 07:32:18PM +0200, Dirk Griesbach wrote:
> On Mon, May 26, 2008 at 12:42:02AM +0930, Ron wrote:
> > does sound like a new regression. Can you please confirm if this behaviour
> > is
Your message dated Fri, 07 Nov 2008 10:17:09 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#496071: fixed in glpi 0.71.2-2
has caused the Debian Bug report #496071,
regarding glpi: domxml-php4-php5.php is not DFSG-free
to be marked as done.
This means that you claim that the probl
Your message dated Fri, 07 Nov 2008 10:17:06 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#496071: fixed in glpi 0.70.2-2
has caused the Debian Bug report #496071,
regarding glpi: domxml-php4-php5.php is not DFSG-free
to be marked as done.
This means that you claim that the probl
Your message dated Fri, 07 Nov 2008 09:47:05 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504700: fixed in mailman 1:2.1.11-4
has caused the Debian Bug report #504700,
regarding does not rotate logfile /var/log/mailman/mischief
to be marked as done.
This means that you claim tha
E-mail([EMAIL PROTECTED]) for the claims of £1,350.000 pounds in the
Irish-Promo claims Requirement: Name, Occupation, Address, Tel:
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
E-mail([EMAIL PROTECTED]) for the claims of £1,350.000 pounds in the
Irish-Promo claims Requirement: Name, Occupation, Address, Tel
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: python-wbxml
Version: 0.1-1
Severity: grave
Tags: patch
Justification: renders package unusable
Currently python-wbxml is unusable, all calls to pywbxml cause an exception
because WBXMLParseError is not a subclass of BaseException:
>>> d = file("syncml-014.xml").read()
>>> pywbxml.xml2wb
Processing commands for [EMAIL PROTECTED]:
> notfound 496069 1.6.3-2
Bug#496069: moodle: domxml-php4-php5.php is not DFSG-free
Bug no longer marked as found in version 1.6.3-2.
(By the way, this Bug is currently marked as done.)
> thanks
Stopping processing here.
Please contact me if you need as
Hi Olivier,
On 2008-11-07 at 09:23:04, Olivier Berger wrote:
> It seems that the discussions have been succesfull, as the lib seems to be
> licensed under LGPL now.
>
You're right, the upstream author has relicensed under the LGPL, so this
problem is now resolved. So for the Moodle package, I've
Your message dated Fri, 7 Nov 2008 09:58:51 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#504725: gfontview should depend on libgif4, not on the
transitional package libungif4g
has caused the Debian Bug report #504725,
regarding gfontview should depend on libgif4, not on the
Your message dated Fri, 07 Nov 2008 09:47:59 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#504722: libcairo2: incompatibilities with libpangocairo
has caused the Debian Bug report #504722,
regarding libcairo2: incompatibilities with libpangocairo
to be marked as done.
This me
* Chris Lamb [Wed, 05 Nov 2008 22:30:45 +]:
> Mark Purcell wrote:
> > > I have prepared and uploaded it *3* times, both to the SSH queue on
> > > ravel and via FTP; every time the upload simply disappears.
> > Thats a bit weird ;-(
> Fourth time lucky - this time the upload was ACCEPTED.
>
> Package: wordpress
> Version: 2.0.7-1
> Severity: grave
> Tags: security
>
> Hi,
>
> Due to the completely incorrect usage of $_REQUEST almost all over the place
> wordpress is subject to delayed attacks via cookies.
>
> The attack can be performed as long as there is some way to inject a coo
Hi,
I don't think this is a grave security issue. It is only a DoS for one client
application, which requires another vulnerability to be present, can be
easily resolved by deleting the relevant cookies, and does no other harm. As
there are many ways to DoS (web)applications and the impact is s
On Wed, Nov 05, 2008 at 03:57:01PM +1300, Francois Marier wrote:
> FYI, I am currently following this up with the upstream developer.
>
> Francois
>
Hi.
It seems that the discussions have been succesfull, as the lib seems to be
licensed under LGPL now.
Do you have more details ?
Best regards
Processing commands for [EMAIL PROTECTED]:
> severity 495098 grave
Bug#495098: nvidia-kernel-legacy-71xx-source: kernel module fails to build with
current kernel
Severity set to `grave' from `normal'
> tags 495098 fixed-upstream
Bug#495098: nvidia-kernel-legacy-71xx-source: kernel module fails t
73 matches
Mail list logo
