Source: gstreamer0.10-plugins-good
Severity: grave
Version: 0.10.8-4
Tags: security
Hi,
The following SA (Secunia Advisory) id was published for interchange.
SA33650[1]:
> Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins,
> which can potentially be exploited by malicious
Your message dated Sat, 24 Jan 2009 01:47:06 +
with message-id
and subject line Bug#512513: fixed in refcard 5.0.5-1
has caused the Debian Bug report #512513,
regarding refcard: FTBFS in lenny:
/usr/share/texmf-texlive/tex/xelatex/fontspec/fontspec.sty: File `lmodern.sty'
not found.
to be m
Sorry for the delay, I was busy all the time. I upgraded the bug to serious
and uploaded a new package to mentors. Once it is in unstable I will write a
mail to the release team.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Cont
Your message dated Fri, 23 Jan 2009 22:32:10 +
with message-id
and subject line Bug#511032: fixed in libhaml-ruby 2.0.7-1
has caused the Debian Bug report #511032,
regarding libhaml-ruby1.8: trying to overwrite `/usr/bin/sass', which is also
in package sufary
to be marked as done.
This mean
Your message dated Fri, 23 Jan 2009 22:32:07 +
with message-id
and subject line Bug#512771: fixed in dmraid 1.0.0.rc14-7
has caused the Debian Bug report #512771,
regarding dmraid must not call udevadm trigger --action=add
to be marked as done.
This means that you claim that the problem has
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> tags 512486 + patch
Bug#512486: wordtrans-qt: uncompressed man page (although with .gz suffix)
There were no tags set.
Tags added: patch
>
End of message, stopping proce
Processing commands for cont...@bugs.debian.org:
> reassign 512637 gmetad
Bug#512637: ganglia-monitor-core: CVE-2009-0241,CVE-2009-0242 multiple security
issues
Bug reassigned from package `ganglia-monitor-core' to `gmetad'.
> severity 512365 critical
Bug#512365: gmetad: stack based buffer overf
Hi,
On Fri, 23 Jan 2009 02:43:32 +0100 Javier Fernandez-Sanguino wrote:
> 2009/1/22 Evgeni Golov :
> > I'll prepare an NMU, making the package binNMU-able, and hoping the new
> > build will have correctly gziped manpages.
>
> Go ahead an NMU but please forward first a proposed patch to this bug
Processing commands for cont...@bugs.debian.org:
> tags 511641 + pending
Bug#511641: xrdp: CVE-2008-590[2-4] arbitrary code execution
Tags were: patch security
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrat
Your message dated Fri, 23 Jan 2009 20:47:31 +
with message-id
and subject line Bug#511893: fixed in ucf 3.0012
has caused the Debian Bug report #511893,
regarding ucf stores diff (of private files) in debconf (world readable)
to be marked as done.
This means that you claim that the problem
Your message dated Fri, 23 Jan 2009 19:17:03 +
with message-id
and subject line Bug#512771: fixed in dmraid 1.0.0.rc15-1~exp5
has caused the Debian Bug report #512771,
regarding dmraid must not call udevadm trigger --action=add
to be marked as done.
This means that you claim that the problem
Processing commands for cont...@bugs.debian.org:
> #rm testing/unstable version that this bug was afaict incorrectly
> attributed to
Unknown command or malformed arguments to command.
> notfound 512739 4.4.2-4
Bug#512739: python-qt4: Python-qt4 4.4.3 on experimental will not install
Bug no longer
Hi all, I'm afraid it's more complicated...
I discovered this problem today as well when upgrading kernel to:
2.6.24-etchnhalf.1-686.
Building from nvidia-kernel-source 1.0.8776-4 didn't work. I also
tried a later nvidia-kernel-source. Not the 173.14.09-5 one,
unfortunately I don't remember the e
Package: grub-pc
Version: 1.96+20080724-14
Severity: grave
hey,
After a recent upgrade, my laptop became unbootable. I don't have
local access to the machine rigth now, so unfortunately the preboot
information will have to come from memory.
According to dpkg.log, the upgrade was this one:
2009-
tags 511893 +pending
thanks
Hi,
The following change has been committed for this bug by
Joey Hess on Fri, 23 Jan 2009 11:19:38 -0600.
The fix will be in the next upload.
=
reset diff question after use so contents ar
Processing commands for cont...@bugs.debian.org:
> tags 511893 +pending
Bug#511893: ucf stores diff (of private files) in debconf (world readable)
Tags were: pending security
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking sys
Processing commands for cont...@bugs.debian.org:
> tags 511893 +pending
Bug#511893: ucf stores diff (of private files) in debconf (world readable)
Tags were: security
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system admi
tags 511893 +pending
thanks
Hi,
The following change has been committed for this bug by
Joey Hess on Fri, 23 Jan 2009 11:14:12 -0600.
The fix will be in the next upload.
=
reset diff question after use so contents ar
Your message dated Fri, 23 Jan 2009 16:47:03 +
with message-id
and subject line Bug#292231: fixed in hasciicam 1.0-1
has caused the Debian Bug report #292231,
regarding [NONFREE-DOC:GFDL1.1] making the entire manpage invariant is not
consistent with the DFSG
to be marked as done.
This means
Processing commands for cont...@bugs.debian.org:
> reassign 511893 ucf
Bug#511893: ucf stores diff (of private files) in debconf (world readable)
Bug reassigned from package `debconf' to `ucf'.
>
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug trac
Package: clamav
Version: 0.94.dfsg.2-1
Severity: serious
The clamav package, released under a "GPLv2 only" license, links against
libgmp, released under a "LGPLv3 or later" license.
According to the FSF:
http://gplv3.fsf.org/dd3-faq
this license combination is not allowed.
--
To UNSUBSCRIBE,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Once upon a time I created etoken-pro-support to enable the use of
Aladdin eTokens on Debian by repackaging their drivers in a Debianized way.
As noted in the bug, the drivers can no longer be obtained from their
original location, and the newer
Your message dated Fri, 23 Jan 2009 14:47:16 +
with message-id
and subject line Bug#512608: fixed in typo3-src 4.2.4-1
has caused the Debian Bug report #512608,
regarding [SA33617] Typo3 Multiple Vulnerabilities
to be marked as done.
This means that you claim that the problem has been dealt
Package: dmraid
Version: 1.0.0.rc14-6
Severity: grave
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(Originally reported against dkms on ubuntu, LP #320200)
dmraid must not call udevadm trigger --action=add in postinst.
This will have utterly dire consequences for the installed machine.
Major bu
Your message dated Fri, 23 Jan 2009 13:47:04 +
with message-id
and subject line Bug#512750: fixed in request-tracker3.6 3.6.7-5
has caused the Debian Bug report #512750,
regarding request-tracker3.6: SQLite is unsupported, documentation needed
to be marked as done.
This means that you claim
Hi,
@@ -381,6 +380,9 @@
if (!q) q=pathend;
len = q-p;
+ element = malloc(len + 1);
Are you sure that this can't overflow?
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-ro
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> # overflated severity
> severity 512742 important
Bug#512742: linux-image-2.6.26-1-amd64: Allows forced module loading and
unloading
Severity set to `important' from `gr
# Automatically generated email from bts, devscripts version 2.10.35lenny1
# overflated severity
severity 512742 important
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Your message dated Fri, 23 Jan 2009 11:47:11 +
with message-id
and subject line Bug#512728: fixed in tor 0.2.0.33-1
has caused the Debian Bug report #512728,
regarding [SA33635] Tor Unspecified Memory Corruption Vulnerability
to be marked as done.
This means that you claim that the problem h
Your message dated Fri, 23 Jan 2009 12:02:05 +
with message-id
and subject line Bug#512654: fixed in kvm 83+dfsg-1
has caused the Debian Bug report #512654,
regarding [kvm] Security patch for CVE-2008-0928 causes serious regression
to be marked as done.
This means that you claim that the pro
Package: request-tracker3.6
Version: 3.6.7-4
Severity: serious
Justification: maintainer's opinion
By default 'apt-get install request-tracker3.6' will pull in
rt3.6-db-sqlite as the first choice, and users opting for automatic
database management (dbconfig-common) will get an SQLite installation
Processing commands for cont...@bugs.debian.org:
> found 512739 4.4.4-3
Bug#512739: python-qt4: Python-qt4 4.4.3 on experimental will not install
Bug marked as found in version 4.4.4-3.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system admin
Am Freitag, den 23.01.2009, 11:19 +0200 schrieb David Baron:
> Package: python-qt4
> Version: 4.4.2-4
> Severity: grave
> Justification: renders package unusable
>
> Because some newer python program required 4.4.3, tried to install this off
> experimental. The package will not install, error retu
Processing commands for cont...@bugs.debian.org:
> close 512728 0.2.1.11-alpha-1
Bug#512728: [SA33635] Tor Unspecified Memory Corruption Vulnerability
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 0.2.1.11-alpha-1, send any further explanat
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> found 512728 0.2.0.32-1
Bug#512728: [SA33635] Tor Unspecified Memory Corruption Vulnerability
Bug marked as found in version 0.2.0.32-1.
>
End of message, stopping proce
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> found 512728 0.2.1.10-alpha-1
Bug#512728: [SA33635] Tor Unspecified Memory Corruption Vulnerability
Bug marked as found in version 0.2.1.10-alpha-1.
>
End of message, st
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> notfound 512728 0.2.1.11-alpha-1
Bug#512728: [SA33635] Tor Unspecified Memory Corruption Vulnerability
Bug no longer marked as found in version 0.2.1.11-alpha-1.
>
End o
Package: linux-image-2.6.26-1-amd64
Version: 2.6.26-13
Severity: grave
Justification: renders package unusable
Obtained VirtualBox deb from repository at its own website. On install
the install script pulled the kernel modules straight out of the kernel
and crashed the whole machine. Already have
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> found 512728 0.2.1.11-alpha-1
Bug#512728: [SA33635] Tor Unspecified Memory Corruption Vulnerability
Bug marked as found in version 0.2.1.11-alpha-1 and reopened.
>
End o
Now with patch :-)
Mike
sparc-new-label.dpatch
Description: Binary data
Your message dated Fri, 23 Jan 2009 11:23:08 +0100 (CET)
with message-id <20090123102308.87bc4162...@intrepid.palfrader.org>
and subject line fixed in experimental
has caused the Debian Bug report #512728,
regarding [SA33635] Tor Unspecified Memory Corruption Vulnerability
to be marked as done.
T
Processing commands for cont...@bugs.debian.org:
> tags 511698 - sid
Bug#511698: update-menus fails with unknown error
Tags were: sid
Tags removed: sid
> tags 511698 experimental
Bug#511698: update-menus fails with unknown error
There were no tags set.
Tags added: experimental
> quit
Stopping pr
Your message dated Fri, 23 Jan 2009 09:47:08 +
with message-id
and subject line Bug#512310: fixed in nautilus-python 0.4.3-3.1
has caused the Debian Bug report #512310,
regarding python-nautilus: scripts in ~/.nautilus/python-extensions/ failed to
be executed
to be marked as done.
This mean
Your message dated Fri, 23 Jan 2009 09:47:08 +
with message-id
and subject line Bug#512394: fixed in nautilus-python 0.4.3-3.1
has caused the Debian Bug report #512394,
regarding python-nautilus: nautilus freezes/crashes when extension calls
file.get_vfs_file_info()
to be marked as done.
Th
Package: parted
Architecture: i386
Version: 1.8.8.git.2008.03.24-11.1
Severity: grave
Tags: patch
I was exposed to this bug while trying to do a second install of
Debian into an LDOM, but its not the only way to trigger it...
Parted currently has a bug where if you try to install to more than
one
Package: python-qt4
Version: 4.4.2-4
Severity: grave
Justification: renders package unusable
Because some newer python program required 4.4.3, tried to install this off
experimental. The package will not install, error returned during unpack.
Trying a --force-all install using dpkg showed that th
reassign 512651 mysql-server
found 512651 5.0.32-7etch1
notfound 512651 5.0.32
close 512651 5.0.67-1
forwarded 512651 http://bugs.mysql.com/bug.php?id=30290
thanks
Hi,
Ralf Hauser wrote:
> We use mysql on an encrypted partition (LUKS) and see the error roughly
> once a month and this causes the
Processing commands for cont...@bugs.debian.org:
> reassign 512651 mysql-server
Bug#512651: mysql: corrupt tables - error msg "Got error 134 from storage
engine"
Bug reassigned from package `mysql-server' to `mysql-server'.
> found 512651 5.0.32-7etch1
Bug#512651: mysql: corrupt tables - error m
Hi,
does this bug really affect Lenny? Everything seems to work well here.
If Lenny is not affected, please tag it accordingly.
Thanks,
Bernd
--
Bernd Zeimetz Debian GNU/Linux Developer
GPG Fingerprint: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79
--
To UNSU
Processing commands for cont...@bugs.debian.org:
> # Automatically generated email from bts, devscripts version 2.9.26etch1
> severity 512651 important
Bug#512651: mysql: corrupt tables - error msg "Got error 134 from storage
engine"
Severity set to `important' from `critical'
>
End of message,
Severity: important
Thanks
Am Donnerstag, den 22.01.2009, 16:58 +0100 schrieb Ralf Hauser:
> [9 Aug 2008 8:32] Valeriy Kravchuk recommends to use newer version,
> 5.0.67 to fix it as per http://bugs.mysql.com/bug.php?id=30290
According to his comment, there are two potential bugs which could cau
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm still on 1.96+20081201-1, and the issue went away. I installed a new
kernel, after which grub refused to even show the menu, printing
something about "free map error" or similar just after "Welcome to Grub".
After running "grub-install /sda" it st
Processing commands for cont...@bugs.debian.org:
> reassign 512651 mysql-server
Bug#512651: mysql: corrupt tables - error msg "Got error 134 from storage
engine"
Warning: Unknown package 'mysql'
Bug reassigned from package `mysql' to `mysql-server'.
> --
Stopping processing here.
Please contact
On Thu, Jan 22, 2009 at 10:01:13PM +, Stu Teasdale wrote:
>
> "I can see that the patch was adjusted several times and the current
> version still has the code that sends the entire tree, could that
> somehow be used for a DoS attack?"
sending the entire tree through the network is also tri
Your message dated Fri, 23 Jan 2009 08:54:27 +0100
with message-id
has caused the report #512616,
regarding [openmpi] missing symbols?
to be marked as having been forwarded to the upstream software
author(s) Dirk Eddelbuettel
(NB: If you are a system administrator and have no idea what this
m
55 matches
Mail list logo
