Processing commands for [EMAIL PROTECTED]:
> tag 507624 + pending
Bug#507624: clamav: recursive stack overflow in jpeg parsing code
Tags were: fixed-upstream security
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system admi
tag 507624 + pending
thanks
A patch for this bug has been prepared and is sitting in our git repo, ready to
get uploaded once we get approval.
Best,
Michael
pgp6EBLX0hUef.pgp
Description: PGP signature
Package: libghc6-happs-server-dev
Version: 0.9.2.1-3
Severity: grave
Justification: renders package unusable
Now that unstable's libghc6-hslogger-dev is updated, the happs packages
are uninstallable. Quoting dselect:
libghc6-happs-util-dev depends on libghc6-hslogger-dev (<< 1.0.5.0+)
libg
> The fix is in trunk/libclamav/special.c in th clamav svn. Look at the
> diff
> between revs 4291 and 4483.
>
> ___
> Pkg-clamav-devel mailing list
> [EMAIL PROTECTED]
> http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel
>
I guess there
Processing commands for [EMAIL PROTECTED]:
> notfound 507624 0.94.dfsg.2-1
Bug#507624: clamav: recursive stack overflow in jpeg parsing code
Bug no longer marked as found in version 0.94.dfsg.2-1.
> fixed 507624 0.94.dfsg.2-1
Bug#507624: clamav: recursive stack overflow in jpeg parsing code
Bug m
On Thu, 2008-11-27 at 09:35 +0100, Michal Čihař wrote:
> I installed helpdeco to decompress some help files, but all I get from
> it on amd64 is:
>
> $ helpdeco bcb5tool.hlp
> ./bcb5tool.hlp isn't a valid WinHelp file !
I plan to fix this by making a new upstream release of helpdeco and
includi
The fix is in trunk/libclamav/special.c in th clamav svn. Look at the diff
between revs 4291 and 4483.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Your message dated Wed, 03 Dec 2008 02:47:05 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507590: fixed in drupal5 5.12-2
has caused the Debian Bug report #507590,
regarding drupal5.12-1: Dependency problem: libjs-query
to be marked as done.
This means that you claim that the pr
Processing commands for [EMAIL PROTECTED]:
> tag 507624 fixed-upstream
Bug#507624: clamav: recursive stack overflow in jpeg parsing code
Tags were: security
Tags added: fixed-upstream
> found 0.90.1dfsg-4etch15
Unknown command or malformed arguments to command.
> found 0.94.dfsg-1
Unknown comman
tag 507624 fixed-upstream
found 0.90.1dfsg-4etch15
found 0.94.dfsg-1
found 0.94.dfsg.2-1
thank you
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processing commands for [EMAIL PROTECTED]:
> found 507624 0.90.1dfsg-4etch15
Bug#507624: clamav: recursive stack overflow in jpeg parsing code
Bug marked as found in version 0.90.1dfsg-4etch15.
> found 507624 0.94.dfsg-1
Bug#507624: clamav: recursive stack overflow in jpeg parsing code
Bug marked
Package: clamav
Version: 0.90.1dfsg-4etch15 , 0.94.dfsg-1 , 0.94.dfsg.2-1
Severity: grave
Tags: security
Justification: user security hole
ubuntu recently issued a security notice for clamav [1] that fixes a
recursive stack overflow problem in the jpeg parsing code. there is no CVE
id at this poi
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507592: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507592,
regarding libpam-mount segfaults on i386
to be marked as done.
This means that you claim that the probl
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507257: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507257,
regarding expand_home() segfaults on
to be marked as done.
This means that you claim that the problem
Your message dated Wed, 3 Dec 2008 00:52:28 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#507453: qt4-x11: webkit example FTBFS
has caused the Debian Bug report #507453,
regarding qt4-x11: webkit example FTBFS
to be marked as done.
This means that you claim that the problem h
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507199: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507199,
regarding expand_home() segfaults on
to be marked as done.
This means that you claim that the problem
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507592: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507592,
regarding expand_home() segfaults on
to be marked as done.
This means that you claim that the problem
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507257: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507257,
regarding libpam-mount: segfault after upgrade to 0.44-1+lenny2
to be marked as done.
This means that y
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507194: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507194,
regarding libpam-mount: segfault after upgrade to 0.44-1+lenny2
to be marked as done.
This means that y
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507592: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507592,
regarding libpam-mount: segfault after upgrade to 0.44-1+lenny2
to be marked as done.
This means that y
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507194: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507194,
regarding expand_home() segfaults on
to be marked as done.
This means that you claim that the problem
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507592: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507592,
regarding libpam-mount: segfault at login for users with crypted volume, so for
them NO LOGIN POSSIBLE
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507194: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507194,
regarding libpam-mount segfaults on i386
to be marked as done.
This means that you claim that the probl
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507257: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507257,
regarding libpam-mount segfaults on i386
to be marked as done.
This means that you claim that the probl
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507199: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507199,
regarding libpam-mount: segfault after upgrade to 0.44-1+lenny2
to be marked as done.
This means that y
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507199: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507199,
regarding libpam-mount segfaults on i386
to be marked as done.
This means that you claim that the probl
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507257: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507257,
regarding libpam-mount: segfault at login for users with crypted volume, so for
them NO LOGIN POSSIBLE
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507199: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507199,
regarding libpam-mount: segfault at login for users with crypted volume, so for
them NO LOGIN POSSIBLE
Your message dated Tue, 02 Dec 2008 23:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507194: fixed in libpam-mount 0.44-1+lenny3
has caused the Debian Bug report #507194,
regarding libpam-mount: segfault at login for users with crypted volume, so for
them NO LOGIN POSSIBLE
Dear release team,
bug #507003 is about a conffile in /etc that says "DO NOT EDIT OR REMOVE
THIS FILE" and should better reside in /var. It has correctly been
tagged as serious by Steve Langasek as this is against the policy (see
bug report for more details).
The recent past has shown that even
On Tue, 02 Dec 2008, Matthew Johnson wrote:
> However, you are absolutely right that while the init script faffs
> around a lot with the file, it doesn't actually pass it to anything.
> However, with my patch it would end up in the initramfs in the right
> place.
Just working in the initrd would
On Tue Dec 02 23:47, Peter Palfrader wrote:
> On Tue, 02 Dec 2008, Matthew Johnson wrote:
>
> > On Tue Dec 02 22:04, Peter Palfrader wrote:
> > > On Sun, 30 Nov 2008, Matthew Johnson wrote:
> > >
> > > > Hi, I have what I think is a patch which will move it to
> > > > /var/lib/open-iscsi/initiato
On Tue, 02 Dec 2008, Matthew Johnson wrote:
> On Tue Dec 02 22:04, Peter Palfrader wrote:
> > On Sun, 30 Nov 2008, Matthew Johnson wrote:
> >
> > > Hi, I have what I think is a patch which will move it to
> > > /var/lib/open-iscsi/initiatorname.iscsi (attached). I could NMU it (and
> > > I have a
Install de debug packages for libgtk, libglib, libgconf and similar,
both the mm (C++) and usual C versions, example:
ii libglib2.0-0-dbg 2.18.2-0ubuntu2
The GLib libraries and debugging symbols
ii libgtk2.0-0-dbg 2.14.4-0ubuntu1
The GTK+ librar
On Tuesday 02 December 2008, Frans Pop wrote:
> Someone who can actually write in C please check the code and let me
> know if anything can be removed or is missing. I may well have added
> unneeded includes for example and I have no idea what the original
> sprintf statements were supposed to do.
On Tue Dec 02 22:04, Peter Palfrader wrote:
> On Sun, 30 Nov 2008, Matthew Johnson wrote:
>
> > Hi, I have what I think is a patch which will move it to
> > /var/lib/open-iscsi/initiatorname.iscsi (attached). I could NMU it (and
> > I have a source package prepared), but I'd like some confirmation
Processing commands for [EMAIL PROTECTED]:
> tags 504721 patch
Bug#504721: Console broken on debian-installer on Sparc LDOM
There were no tags set.
Tags added: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administra
tags 504721 patch
thanks
On Wednesday 26 November 2008, Jérémy Bobbio wrote:
> > So, the problem is that reopen-console gives preference to the value
> > in 'console handover' line, which is incorrect on sparc (refers to a
> > real terminal console even if one is connecting through serial). If
> >
On Sun, 30 Nov 2008, Matthew Johnson wrote:
> Hi, I have what I think is a patch which will move it to
> /var/lib/open-iscsi/initiatorname.iscsi (attached). I could NMU it (and
> I have a source package prepared), but I'd like some confirmation (I
> don't have appropriate hardware) that it DTRT fi
Processing commands for [EMAIL PROTECTED]:
> forcemerge 507194 507592
Bug#507194: libpam-mount: segfault after upgrade to 0.44-1+lenny2
Bug#507592: expand_home() segfaults on
Bug#507199: libpam-mount: segfault at login for users with crypted volume, so
for them NO LOGIN POSSIBLE
Bug#507257: libp
Package: libpam-mount
Version: 0.44-1+lenny2
Severity: grave
libpam-mount in lenny segfaults on trying to expand home directories
in user="" attributes.
I don't have the backtrace at hand (it's kind of hard to write mail
when your $HOME cannot be mounted ;), but the problem is as follows:
expand
Package: drupal5
Version: 5.12-1
Severity: grave
Justification: renders package unusable
The package drupal5.12-1 (unstable) cannot install because dependency
libjs-query does not exist. I checked that it should be libjs-jquery.
-- System Information:
Debian Release: 4.0
APT prefers stable
A
Hi,
I plan to upload the relevant packages to fix those bugs during the next days,
starting now. As discussed some time ago I will also add myself to uploaders
in the uploads.
#485233 [S|+| ] [sugar-calculate-activity] activity is installed in the wrong
place and thus not found
#507326 [S|+|
Package: amaya
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for amaya.
CVE-2008-5282[0]:
| Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1
| allow remote attackers to execute arbi
On Tue, Nov 25, 2008 at 07:08:10AM +0100, Christian Perrier wrote:
> Quoting Deng Xiyue ([EMAIL PROTECTED]):
> > Followup-For: Bug #501253
[..]
> > Now apt-utils 0.7.19 brings back libdb4.4 again, at least on i386.
> > Hope it's just a unclean build environment. If it is the case, it'll
> > be gre
/usr/share/yocto-reader/feedread.html links to some compiled Google
code:
http://www.google.com/jsapi?key=ABQINKNUZ1d_R2qvgZ
_jpzKFKBT2yXp_ZAY8_ufC3CFXhHIE1NvwkxTitlqvQ1wYezL084RhjNaPkSXCpQ">
We need to provide source code for that, too, because it does not fall
under the System Librarie
Package: yocto-reader
Version: 0.9.3
Severity: serious
The HTML documents contained in the package do not include a download
link to the Debian-modified sources, which are the Corresponding
Source for this modification of yocto-reader. This means that
directly after installation, the user is not
Hi Filippo,
> thanks for the confirmation, is there an upload planned given the trivial
> nature
> of the fix?
There is one more upload planned (this fix and a language update).
Thanks,
Jochen
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [E
On Tue, Dec 02, 2008 at 06:33:40PM +0100, Ferenc Wagner wrote:
> found 505237 5.4.1~dfsg-11
> thanks
>
> Hi,
>
> yes, apparently this bug is present in Lenny,too . On a clean install:
>
> [EMAIL PROTECTED]:~# aptitude install snmpd
> [...]
> Setting up snmpd (5.4.1~dfsg-11) ...
> Starting netwo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ferenc Wagner schrieb:
> found 505237 5.4.1~dfsg-11
> thanks
>
> Hi,
>
> yes, apparently this bug is present in Lenny,too . On a clean install:
>
> [EMAIL PROTECTED]:~# aptitude install snmpd
> [...]
> Setting up snmpd (5.4.1~dfsg-11) ...
> Startin
Processing commands for [EMAIL PROTECTED]:
> found 505237 5.4.1~dfsg-11
Bug#505237: /etc/init.d/snmpd start reports error if already running
Bug marked as found in version 5.4.1~dfsg-11.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system admi
found 505237 5.4.1~dfsg-11
thanks
Hi,
yes, apparently this bug is present in Lenny,too . On a clean install:
[EMAIL PROTECTED]:~# aptitude install snmpd
[...]
Setting up snmpd (5.4.1~dfsg-11) ...
Starting network management services: snmpd.
[...]
[EMAIL PROTECTED]:~# ps $(pgrep snmpd)
PID TTY
Package: xbattbar-acpi
Version: 1.1.0-1
Severity: serious
Hi Francesco,
your dependency libconfig has gone missing (see #499259).
It is too obsolete to be released with and your package is the only
user. Please see #499259 for offers to help you port to other libraries.
Kind regards
T.
--
Thom
Your message dated Tue, 02 Dec 2008 16:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#483318: fixed in crip 3.7-4
has caused the Debian Bug report #483318,
regarding crip: FTBFS: applying patch 30dont_overwrite_files to ./ ... failed.
to be marked as done.
This means that yo
Your message dated Tue, 02 Dec 2008 16:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#483318: fixed in crip 3.7-4
has caused the Debian Bug report #483318,
regarding crip: path in dpatch patch walks outside build directory
to be marked as done.
This means that you claim that
Your message dated Tue, 02 Dec 2008 16:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#482990: fixed in crip 3.7-4
has caused the Debian Bug report #482990,
regarding crip: path in dpatch patch walks outside build directory
to be marked as done.
This means that you claim that
Your message dated Tue, 02 Dec 2008 16:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#482990: fixed in crip 3.7-4
has caused the Debian Bug report #482990,
regarding crip: FTBFS: applying patch 30dont_overwrite_files to ./ ... failed.
to be marked as done.
This means that yo
severity 507564 important
retitle 507564 [intel 945GM] compiz causes the whole computer to hang
tag 507564 moreinfo
kthxbye
On Tue, Dec 2, 2008 at 15:43:47 +0100, Jean-Louis Biasini wrote:
> Package: compiz
> Version: 0.7.6-7
> Severity: grave
>
This is unlikely to be a compiz bug. I'm not rea
Processing commands for [EMAIL PROTECTED]:
> severity 507564 important
Bug#507564: [compiz] Compiz cause the whole computer to hang
Severity set to `important' from `grave'
> retitle 507564 [intel 945GM] compiz causes the whole computer to hang
Bug#507564: [compiz] Compiz cause the whole computer
Rob M. Hagopian wrote:
> elm:~# /etc/init.d/network-manager restart
> Restarting network connection manager: NetworkManager.
> elm:~# ifconfig
> eth0 Link encap:Ethernet HWaddr 00:01:c0:03:7b:5a
> inet addr:10.240.0.50 Bcast:10.240.0.255 Mask:255.255.255.0
> inet6 addr:
Package: compiz
Version: 0.7.6-7
Severity: grave
--- Please enter the report below this line. ---
Dear Debian developpers,
This is very odd and occurs since nearly two mouth. Sometime compiz crash the
whole computer just after being launch. It occurs always at the start of an
effect like scale,
Here's the data you requested; I'm sorry it doesn't seem to be of much help
(the data in syslog seems to have aged out).
One thing that may have had an impact - drive space was very low during the
upgrade and could have conceivably been completely used up at the time.
-Rob
elm:~# cat /etc/netw
Package: rst2pdf
Version: 0.9-1
Severity: grave
Trying to run rst2pdf bails out with:
__
Traceback (most recent call last):
File "/usr/bin/rst2pdf", line 5, in
from pkg_resources import load_entry_point
ImportError: No module named pkg_resources
~
Package: hibernate
Version: 1.99-1
Severity: grave
Tags: security
Justification: user security hole
hi,
i just noticed that for some reason the X session is not locked after a
successfull resume which cause a serious security problem in my opinion.
yours
albert
-- Package-specific info:
--- conf
Your message dated Tue, 02 Dec 2008 12:32:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#506631: fixed in enigmail 2:0.95.0+1-4
has caused the Debian Bug report #506631,
regarding enigmail: Enigmail can't decrypt after upgrade from etch to lenny
to be marked as done.
This means
On Tue, Dec 02, 2008 at 01:17:34PM +0100, martin f krafft wrote:
> Well, ideally, I would not need to use MToolkit, which would make
> this bug something I couldn't care less about. But since XToolkit is
> broken wrt ICCCM, I have to.
or, you could use one of the workarounds mentioned.
> So this
I have:
Linux debian-stable.local 2.6.24-etchnhalf.1-alpha-generic #1 Tue Oct 14
08:54:49 UTC 2008 alpha GNU/Linux
now squid just dies with no log entries
Randy
Package: bugzilla3
Version: 3.2.0.0~rc2-1
Severity: serious
Hi,
I was trying to install bugzilla3 on my system, in order to test an
authentication module that I need to write. However, it utterly failed
the first few times I tried it:
- I want postgresql, not mysql. While the package's dependenc
On Tue, Dec 02, 2008 at 12:42:56PM +0100, martin f krafft wrote:
> > The bugreport you forwarded mentioned that the bug is specific to
> > E17 window manager, rather than new Xorg in general. Which windows
> > manager were you using, and did you try others?
> This happens with awesome and fluxbox.
also sprach Riku Voipio <[EMAIL PROTECTED]> [2008.12.02.1311 +0100]:
> Makes work. Even using Xephyr without a window manager
> at all makes jabref start just fine. I think this bug has
> inflated severity..
Maybe.
> > Anyway, the segfault with MToolkit stays. :(
>
> I doubt there is much point
also sprach Riku Voipio <[EMAIL PROTECTED]> [2008.12.02.1214 +0100]:
> While I can reproduce that Mtoolkit will cause segv on amd64, I can
> use jabref (and other java GUI apps) just fine with sun-java6-jre_6-10-2
> from lenny, without setting AWT_TOOLKIT to anything.
If I do that, the jabref wind
> This seems to happen across a wide range of applications, and
> MToolkit is needed to make Java show any UI items with newer Xorg.
While I can reproduce that Mtoolkit will cause segv on amd64, I can
use jabref (and other java GUI apps) just fine with sun-java6-jre_6-10-2
from lenny, without sett
Processing commands for [EMAIL PROTECTED]:
> # The FTBFS occurs only when LUA_CPATH is set by the user to point to an old
> version of the library
> severity 507408 important
Bug#507408: liblua5.1-posix-dev: fails to build from source
Severity set to `important' from `serious'
>
End of message,
73 matches
Mail list logo
