Package: kmail
Version: 4:3.5.9-5
Severity: grave
Justification: causes non-serious data loss
Identical to bug 158978 in Launchpad, see
https://bugs.launchpad.net/kdepim/+bug/158978 for additional information and
reports from
other users. The bug was also reported to affect Kmail 1.12.1 in KDE
Hi Michael
Thanks for the report. I will look at this. I hardly think that expat
is included in any important functions at least. But I'll check.
Best regards,
// Ola
On Sat, Dec 12, 2009 at 10:57:56PM -0500, Michael Gilbert wrote:
> package: vnc4
> severity: serious
> tags: security
>
> Hi,
>
On Sun, Dec 13, 2009 at 12:25:38AM -0500, Michael Gilbert wrote:
> On Sun, 13 Dec 2009 15:46:53 +1030 Ron wrote:
>
> >
> > Hi,
> >
> > 2.6 should be ok for this. wx does indeed bundle a bunch of embedded
> > source, but the debian binary packages avoid using it where possible,
> > and expat is
Hi,
Unlike 2.6, wx2.4 does indeed seem to be affected by this.
Its exposure seems to be limited to the libwx_gtk_xrc-2.4 lib
in the libwxgtk2.4-1-contrib binary package.
Since xrc is a "resource compiler", used to supply random junk
that is provided with an app, for the app, without actually
emb
On Sun, Dec 13, 2009 at 11:11 AM, Michael Gilbert
wrote:
> The optimal solution is to make use of the system expat in case of
> future issues.
>
Absolutely. But that is too much of a rewrite for now :)
--
Siddhesh Poyarekar
http://siddhesh.in
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
On Sun, Dec 13, 2009 at 11:06 AM, Siddhesh Poyarekar
wrote:
> On Sun, Dec 13, 2009 at 9:20 AM, Michael Gilbert
> wrote:
>> CVE-2009-3560[0]:
>> | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,
>> | as used in the XML-Twig module for Perl, allows context-dependent
>> | attack
Your message dated Sun, 13 Dec 2009 00:42:29 -0500
with message-id <20091213004229.4b88b4dc.michael.s.gilb...@gmail.com>
and subject line close
has caused the Debian Bug report #537104,
regarding iceweasel: critical 0-day remote shellcode injection
to be marked as done.
This means that you claim t
On Sun, 13 Dec 2009 11:06:13 +0530 Siddhesh Poyarekar wrote:
> On Sun, Dec 13, 2009 at 9:20 AM, Michael Gilbert
> wrote:
> > CVE-2009-3560[0]:
> > | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,
> > | as used in the XML-Twig module for Perl, allows context-dependent
> > | a
On Sun, Dec 13, 2009 at 9:20 AM, Michael Gilbert
wrote:
> CVE-2009-3560[0]:
> | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,
> | as used in the XML-Twig module for Perl, allows context-dependent
> | attackers to cause a denial of service (application crash) via an XML
> | d
Your message dated Sun, 13 Dec 2009 15:46:53 +1030
with message-id <20091213051653.gr23...@audi.shelbyville.oz>
and subject line Re: Bug#560916: CVE-2009-3560 and CVE-2009-3720
denial-of-services
has caused the Debian Bug report #560916,
regarding CVE-2009-3560 and CVE-2009-3720 denial-of-services
On Sun, 13 Dec 2009 15:46:53 +1030 Ron wrote:
>
> Hi,
>
> 2.6 should be ok for this. wx does indeed bundle a bunch of embedded
> source, but the debian binary packages avoid using it where possible,
> and expat is indeed being sourced from the system in 2.6.
>
> If you grep the buildd logs you
Your message dated Sun, 13 Dec 2009 05:11:00 +
with message-id
and subject line Bug#560722: fixed in python-apptools 3.3.0-2
has caused the Debian Bug report #560722,
regarding python-apptools: install failed: can't find jquery.js
to be marked as done.
This means that you claim that the probl
Your message dated Sun, 13 Dec 2009 00:00:12 -0500
with message-id <2009121312.ba2e34dc.michael.s.gilb...@gmail.com>
and subject line done
has caused the Debian Bug report #560944,
regarding CVE-2009-3560 and CVE-2009-3720 denial-of-services
to be marked as done.
This means that you claim that
Processing commands for cont...@bugs.debian.org:
> tag 560722 + pending
Bug #560722 [python-apptools] python-apptools: install failed: can't find
jquery.js
Added tag(s) pending.
> tag 560725 + pending
Bug #560725 [python-apptools] ImportError: No module named configobj
Added tag(s) pending.
> tha
Totem plays .avi again and no orange balls anywhere.
OK to close. :)
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
On Sat, Dec 12, 2009 at 10:07 PM, Hugh McDonald wrote:
> iptables verson 1.4.5-1 for amd64 ignores the address mask on
> source address arguments. "-s 192.168.1.0/24" is treated as
> "-s 192.168.1.0/0" both as reported by "iptables -L -n -v" and as
> seen in firewall logs. Version 1.4.4-2 funct
package: smart
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many package
package: vtk
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
Your message dated Sat, 12 Dec 2009 23:19:46 -0500
with message-id <20091212231946.a6ebb889.michael.s.gilb...@gmail.com>
and subject line done
has caused the Debian Bug report #560947,
regarding CVE-2009-3560 and CVE-2009-3720 denial-of-services
to be marked as done.
This means that you claim that
Your message dated Sat, 12 Dec 2009 23:21:34 -0500
with message-id <20091212232134.2d43f887.michael.s.gilb...@gmail.com>
and subject line new bug submitted with correct cve number
has caused the Debian Bug report #551939,
regarding python-xml: CVE-2009-2625
to be marked as done.
This means that yo
Processing commands for cont...@bugs.debian.org:
> reassign 560941 wbxml2
Bug #560941 [wbxml] CVE-2009-3560 and CVE-2009-3720 denial-of-services
Warning: Unknown package 'wbxml'
Bug reassigned from package 'wbxml' to 'wbxml2'.
> thanks
Stopping processing here.
Please contact me if you need assis
Your message dated Sat, 12 Dec 2009 23:07:07 -0500
with message-id <20091212230707.8046ceab.michael.s.gilb...@gmail.com>
and subject line done
has caused the Debian Bug report #560923,
regarding CVE-2009-3560 and CVE-2009-3720 denial-of-services
to be marked as done.
This means that you claim that
package: coin3
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many package
package: apache2
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packa
package: sitecopy
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pack
package: ghostscript
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many p
package: xmlrpc-c
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pack
package: tla
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
package: vnc4
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
package: gdcm
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
package: iceape
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packag
package: kompozer
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pack
package: libparagui1.1
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many
package: iceweasel
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pac
package: texlive-bin
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many p
package: xotcl
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many package
package: poco
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
package: insighttoolkit
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so man
package: paraview
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pack
package: xulrunner
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pac
package: cmake
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many package
package: vxl
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
package: python-xml
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pa
package: swish-e
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packa
package: simgear
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packa
package: wbxml
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many package
package: grmonitor
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pac
package: cadaver
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packa
package: matanza
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packa
package: celementtree
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many
package: udunits
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packa
package: audacity
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pack
package: apr-util
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pack
package: wxwidget2.8
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many p
package: ayttm
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many package
package: cableswig
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pac
package: tdom
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many packages
package: wxwindows2.4
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many
package: wxwidgets2.6
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many
package: python-4suite
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many
package: python2.5
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pac
package: python2.4
severity: serious
tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for expat. I have determined that this package embeds a
vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
a mass bug filing (due to so many pac
Your message dated Sun, 13 Dec 2009 03:33:33 +
with message-id
and subject line Bug#560869: fixed in javatools 0.26
has caused the Debian Bug report #560869,
regarding FTBFS: failures in jh_manifest
to be marked as done.
This means that you claim that the problem has been dealt with.
If this
Package: iptables
Version: 1.4.4-2
Severity: critical
Justification: breaks unrelated software
iptables verson 1.4.5-1 for amd64 ignores the address mask on
source address arguments. "-s 192.168.1.0/24" is treated as
"-s 192.168.1.0/0" both as reported by "iptables -L -n -v" and as
seen in firewa
Hi,
There are updated fim files (1.2) on :
ftp://ftp-master.debian.org:/pub/UploadQueue/fim_0.3-beta-prerelease-1.2.diff.gz
ftp://ftp-master.debian.org:/pub/UploadQueue/fim_0.3-beta-prerelease-1.2.dsc
ftp://ftp-master.debian.org:/pub/UploadQueue/fim_0.3-beta-prerelease-1.2_i386.deb
I hope this was
Package: openjdk-6
Version: 6b16-1.6.1-2
Severity: grave
Tags: security
Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were
published for openjdk-6. I have not had the time to check any of this
since there are just way too many issues. Please check whether openjdk
is vulnerable
On Sat, 12 Dec 2009 21:06:30 -0500 John Belmonte wrote:
> On closer investigation It turns out that Debian xmlsec1 is not
> affected by CVE-2009-3736 since we don't enable dynamic crypto module
> loading (--enable-crypto_dl).
my mistake. i realize now that the upstream release completely removed
Processing commands for cont...@bugs.debian.org:
> close 559831
Bug#559831: CVE-2009-3736 local privilege escalation
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug closed, send any further explanations to Michael Gilbert
> stop
Stopping processing here.
Please con
Package: viewvc
Version: 1.0.9-1
Severity: serious
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for viewvc.
CVE-2009-3618[0]:
| Cross-site scripting (XSS) vulnerability in viewvc.py in ViewVC 1.0
| before 1.0.9 and 1.1 before 1.1.2 allows remote att
Your message dated Sat, 12 Dec 2009 20:08:49 -0600
with message-id <19236.19633.802466.590...@ron.nulle.part>
and subject line Re: Bug#560534: rquantlib: FTBFS: bermudan.cpp:114: error:
invalid use of incomplete type 'struct
QuantLib::Null
> >'
has caused the Debian Bug report #560534,
regarding
close 559831
stop
On Sat, Dec 12, 2009 at 6:52 PM, Michael Gilbert
wrote:
> i don't think that this has been resolved since there are no depends on
> libtool in your control file.
On closer investigation It turns out that Debian xmlsec1 is not
affected by CVE-2009-3736 since we don't enable dyna
reassign 560869 javahelper
tag 560869 pending
thanks
On Sat Dec 12 23:24, Cyril Brulebois wrote:
> Package: libmatthew-java
> Version: 0.7.2-2
> Severity: serious
> Justification: FTBFS
This is a bug in javahelper, I've just fixed it in git and I'll upload
(yet another) new version. Should just n
Processing commands for cont...@bugs.debian.org:
> reassign 560869 javahelper
Bug #560869 [libmatthew-java] FTBFS: failures in jh_manifest
Bug reassigned from package 'libmatthew-java' to 'javahelper'.
Bug No longer marked as found in versions 0.7.2-2.
> tag 560869 pending
Bug #560869 [javahelper]
package: expat
version: 1.95.8-3.4
Severity: serious
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xpat.
CVE-2009-3560[0]:
| The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,
| as used in the XML-Twig module for Perl, allows cont
Your message dated Sat, 12 Dec 2009 20:37:14 -0500
with message-id <5ba963fc-e787-11de-9b6a-001cc0cda...@msgid.mathom.us>
and subject line Re: Bug#560898: coreutils: insecure temp file usage
has caused the Debian Bug report #560898,
regarding coreutils: insecure temp file usage
to be marked as done
Your message dated Sun, 13 Dec 2009 01:33:12 +
with message-id
and subject line Bug#552215: fixed in stressapptest 1.0.1-2
has caused the Debian Bug report #552215,
regarding FTBFS: Error: unrecognized opcode `mfence'
to be marked as done.
This means that you claim that the problem has been d
package: coreutils
version: 8.0-2
severity: serious
tags: security
hi, it has been disclosed that coreutils uses temp files in an insecure
way [0]. note that etch and lenny are also affected.
[0] http://www.openwall.com/lists/oss-security/2009/12/08/4
--
To UNSUBSCRIBE, email to debian-bugs-
On Sun, Dec 13, 2009 at 01:20:03AM +0100, Hilmar Preusse wrote:
> On 13.12.09 Kurt Roeckx (k...@roeckx.be) wrote:
>
> Hi,
>
> > fmtutil-sys failed. Output has been stored in
> > /tmp/fmtutil.LHrpVsJ9
> > Please include this file if you report a bug.
> >
> Please do so.
Here it is.
Kurt
fmtu
reopen 559803
thanks
On Mon, 07 Dec 2009 22:04:02 +0100 Andreas Tscharner wrote:
> Package: cvsnt
> Severity: grave
> Tags: security
> Version: 2.5.04.3236-1
>
>
> > The following CVE (Common Vulnerabilities & Exposures) id was
> > published for libtool. I have determined that this package emb
package: gnome-screensaver
version: 2.28.0-1+b1
severity: serious
tags: security
hi, ubuntu has issued a usn for gnome-screensaver [0]. it is not clear
whether this is an ubuntu-specfic problem or not. please check and
close the bug if that is the case. thank you.
mike
[0] http://www.ubuntu.c
Your message dated Sun, 13 Dec 2009 00:46:58 +
with message-id <1260665218.4532.603.ca...@localhost>
and subject line Re: Bug#560511: ion3: FTBFS: dock.c:36:34: error:
X11/extensions/shape.h: No such file or directory
has caused the Debian Bug report #560511,
regarding ion3: FTBFS: dock.c:36:3
Your message dated Sun, 13 Dec 2009 00:47:40 +
with message-id
and subject line Bug#533977: fixed in zzuf 0.12.svn20091212-1
has caused the Debian Bug report #533977,
regarding zzuf: FTBFS: tests failed
to be marked as done.
This means that you claim that the problem has been dealt with.
If t
Processing commands for cont...@bugs.debian.org:
> # Added build-dependency on libxext-dev in preparation for Xorg 7.2
> fixed 560511 20070506-1
Bug #560511 [src:ion3] ion3: FTBFS: dock.c:36:34: error:
X11/extensions/shape.h: No such file or directory
Bug Marked as fixed in versions ion3/20070506
On Sun, 6 Dec 2009 21:19:50 -0800 Steve Langasek wrote:
> On Mon, Dec 07, 2009 at 12:04:18AM -0500, Michael Gilbert wrote:
> > Package: unixodbc
> > Severity: grave
> > Tags: security
>
> > The following CVE (Common Vulnerabilities & Exposures) id was
> > published for libtool. I have determined
On Mon, 7 Dec 2009 10:18:13 +0100 (CET) Patrick Matthäi wrote:
> Hi,
>
> this is already fixed, also in the Lenny release, look here:
>
> http://packages.debian.org/changelogs/pool/main/s/sbnc/current/changelog#versionversion1.2-8
>
> So I am closing.
make sure you are using --without-included
On Mon, 7 Dec 2009 19:04:16 +0100 Josip Rodin wrote:
> On Mon, Dec 07, 2009 at 11:04:38AM -0500, Michael Gilbert wrote:
> > On Mon, 7 Dec 2009 09:16:57 +0100, Josip Rodin wrote:
> > > unless this code somehow inexplicalby crept in, there's no bug.
> >
> > please check your linking process, so tha
On 13.12.09 Kurt Roeckx (k...@roeckx.be) wrote:
Hi,
> fmtutil-sys failed. Output has been stored in
> /tmp/fmtutil.LHrpVsJ9
> Please include this file if you report a bug.
>
Please do so.
H.
--
sigmentation fault
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a su
Hallo Johann Felix,
I can confirm, setting LANG=C makes pdftk work fine here, too. So it really
seems related to the LANG evironment.
Thanks for your good work!
Johannes
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact lis
Your message dated Sun, 13 Dec 2009 00:04:21 +
with message-id
and subject line Bug#546776: fixed in trac-bzr 0.2+bzr83-1
has caused the Debian Bug report #546776,
regarding Viewing revisions does not work with non-ancient versions of Bazaar
to be marked as done.
This means that you claim tha
Processing commands for cont...@bugs.debian.org:
> found 559833
Bug #559833 [imagemagick] CVE-2009-3736 local privilege escalation
Ignoring request to alter fixed versions of bug #559833 to the same values
previously set
>
End of message, stopping processing here.
Please contact me if you need a
Processing commands for cont...@bugs.debian.org:
> found 559833 7:6.2.4.5.dfsg1-0.14
Bug #559833 [imagemagick] CVE-2009-3736 local privilege escalation
Bug Marked as found in versions imagemagick/7:6.2.4.5.dfsg1-0.14.
> found 559833 7:6.3.7.9.dfsg2-1~lenny3
Bug #559833 [imagemagick] CVE-2009-3736
Your message dated Sat, 12 Dec 2009 23:50:16 +
with message-id
and subject line Bug#523853: fixed in nvidia-graphics-drivers-legacy-96xx
96.43.14-1
has caused the Debian Bug report #523853,
regarding nvidia-glx-legacy-96xx: conflicts with the xorg stack, causing
uninstall
to be marked as don
Package: texlive-base
Version: 2009-4
Severity: serious
Doing an upgrade today resulted in:
Setting up texlive-base (2009-4) ...
Running mktexlsr. This may take some time... done.
Building format(s) --all --cnffile
/etc/texmf/fmt.d/10texlive-base.cnf.
This may take some time...
fmtutil-sys
Your message dated Sat, 12 Dec 2009 23:50:16 +
with message-id
and subject line Bug#560013: fixed in nvidia-graphics-drivers-legacy-96xx
96.43.14-1
has caused the Debian Bug report #560013,
regarding nvidia-glx-legacy-96xx: conflicts with xserver
to be marked as done.
This means that you cla
reopen 559831
thanks
On Wed, 09 Dec 2009 04:21:04 + Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the xmlsec1 package:
>
> #559831: CVE-2009-3736 local privilege escalation
i don't think that this has been resolved
Processing commands for cont...@bugs.debian.org:
> reopen 559831
Bug #559831 {Done: jbelmo...@debian.org (John V. Belmonte)} [xmlsec1]
CVE-2009-3736 local privilege escalation
'reopen' may be inappropriate when a bug has been closed with a version;
you may need to use 'found' to remove fixed vers
Your message dated Sat, 12 Dec 2009 23:50:16 +
with message-id
and subject line Bug#523806: fixed in nvidia-graphics-drivers-legacy-96xx
96.43.14-1
has caused the Debian Bug report #523806,
regarding nvidia-kernel-legacy-96xx: Conflicts with new xserver-xorg-core
to be marked as done.
This m
Your message dated Sat, 12 Dec 2009 23:50:16 +
with message-id
and subject line Bug#547463: fixed in nvidia-graphics-drivers-legacy-96xx
96.43.14-1
has caused the Debian Bug report #547463,
regarding nvidia-glx-legacy-96xx: cannot install because of conflicts with
current X.org and Linux ker
Processing commands for cont...@bugs.debian.org:
> block 560238 with 560137 560056
Bug #560238 [netbase] netbase: new setting breaks RFC compliant software
Was not blocked by any bugs.
Added blocking bug(s) of 560238: 560137, 560056, and 560142
>
End of message, stopping processing here.
Please c
On Dec 13, Martin Roll wrote:
> a similar problem now appears in sun-java6-plugin (6-17-1).
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560056
--
ciao,
Marco
signature.asc
Description: Digital signature
1 - 100 of 209 matches
Mail list logo
