Bug#584653: CVE-2010-2055

On Fri, Dec 10, 2010 at 09:37:56PM -0500, Michael Gilbert wrote: On Fri, Dec 10, 2010 at 8:18 PM, Jonas Smedegaard wrote: On Fri, Dec 10, 2010 at 05:35:57PM -0500, Michael Gilbert wrote: On Fri, 10 Dec 2010 23:19:19 +0100, Jonas Smedegaard wrote: Seems you are interested, then.  Great! Yes

Bug#606714: marked as done (olpc-kbdshim: doesn't work on upstream kernels)

Your message dated Fri, 10 Dec 2010 19:45:53 -0800 with message-id <20101210194553.2277e...@queued.net> and subject line Re: olpc-kbdshim: doesn't work on upstream kernels has caused the Debian Bug report #606714, regarding olpc-kbdshim: doesn't work on upstream kernels to be marked as done. This

Bug#606714: olpc-kbdshim: doesn't work on upstream kernels

Package: olpc-kbdshim Version: 12-2 Severity: grave Justification: makes package unusable on target systems olpc-kbdshim's init script has a check to ensure that it's run only on OLPC hardware. It checks for /ofw/model; /ofw is where the device-tree is mounted on OLPC kernels. I've been working

Bug#584653: CVE-2010-2055

On Fri, Dec 10, 2010 at 8:18 PM, Jonas Smedegaard wrote: > On Fri, Dec 10, 2010 at 05:35:57PM -0500, Michael Gilbert wrote: >> >> On Fri, 10 Dec 2010 23:19:19 +0100, Jonas Smedegaard wrote: >>> >>> Seems you are interested, then.  Great! >> >> Yes. >> >>> You probably requested to join the ghostscr

Bug#604925: marked as done (Squeeze krb5 fails to work with Open Directory KDC tickets)

Your message dated Sat, 11 Dec 2010 01:32:24 + with message-id and subject line Bug#604925: fixed in krb5 1.9+dfsg~beta2-1 has caused the Debian Bug report #604925, regarding Squeeze krb5 fails to work with Open Directory KDC tickets to be marked as done. This means that you claim that the pr

Bug#584653: CVE-2010-2055

On Fri, Dec 10, 2010 at 05:35:57PM -0500, Michael Gilbert wrote: On Fri, 10 Dec 2010 23:19:19 +0100, Jonas Smedegaard wrote: Seems you are interested, then. Great! Yes. You probably requested to join the ghostscript project. Confusingly that's not relevant: ghostscript git is hosted in the

Bug#606696: python-poker-stats: package purge (after dependencies removal) fails

Package: python-poker-stats Version: 1.7.7-3 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > -- Removing all dependencies: OK > Reading package lists... > Buil

Bug#606695: python-poker-prizes: package purge (after dependencies removal) fails

Package: python-poker-prizes Version: 1.7.7-3 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > -- Removing all dependencies: OK > Reading package lists... > Bui

Bug#606694: ipppd: installation fails

Package: ipppd Version: 1:3.9.20060704+dfsg.2-4 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > Reading package lists... > Building dependency tree... > Readin

Bug#606693: isdnvboxserver: installation fails

Package: isdnvboxserver Version: 1:3.9.20060704+dfsg.2-4 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > Reading package lists... > Building dependency tree...

Bug#606692: ibod: installation fails

Package: ibod Version: 1.5.0-4 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > Reading package lists... > Building dependency tree... > Reading state informati

Bug#606691: slurm-llnl-slurmdbd: package purge (after dependencies removal) fails

Package: slurm-llnl-slurmdbd Version: 2.1.11-1squeeze1 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > -- Removing all dependencies: OK > Reading package lists

Bug#606690: poker-web: package purge (after dependencies removal) fails

Package: poker-web Version: 1.7.7-3 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > -- Removing all dependencies: OK > Reading package lists... > Building depe

Bug#606689: axiom-tex: package purge (after dependencies removal) fails

Package: axiom-tex Version: 20100701-1 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > -- Removing all dependencies: OK > Reading package lists... > Building d

Bug#606688: scuttle: package purge (after dependencies removal) fails

Package: scuttle Version: 0.7.4-5 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > -- Removing all dependencies: OK > Reading package lists... > Building depend

Bug#600374: marked as done (mokomaze: uses non-free, possibly non-distributable icons)

Your message dated Fri, 10 Dec 2010 22:47:06 + with message-id and subject line Bug#600374: fixed in mokomaze 0.5.5+git8+dfsg0-0.1 has caused the Debian Bug report #600374, regarding mokomaze: uses non-free, possibly non-distributable icons to be marked as done. This means that you claim that

Bug#584653: CVE-2010-2055

On Fri, 10 Dec 2010 23:19:19 +0100, Jonas Smedegaard wrote: > Seems you are interested, then. Great! Yes. > You probably requested to join the ghostscript project. Confusingly > that's not relevant: ghostscript git is hosted in the collab-maint > project. Please request membership of that (

Bug#606311: Acknowledgement (movabletype-opensource: Unspecified XSS and SQL injection vulnerabilities fixed in 4.35)

On Wed, Dec 08, 2010 at 11:15:24PM +, Dominic Hargreaves wrote: > On Wed, Dec 08, 2010 at 07:51:50PM +, Dominic Hargreaves wrote: > > > The changes can be summarised roughly as follows: > > > > lib/MT/App/Search.pm| 22 +- > > > > Input checking > >

Bug#606685: evince segfaults in ppdFindChoice () from /usr/lib/libcups.so.2

Package: evince Version: 2.22.2-4~lenny1 Severity: grave Justification: renders package unusable Hello, evince segfaults when trying to print PDF files on a network printer. It looks to be related to this bug report on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/660731 Printing a

Bug#606283: marked as done (Please drop ladcca support)

Your message dated Fri, 10 Dec 2010 22:17:35 + with message-id and subject line Bug#606283: fixed in muse 0.8.1a-7.1 has caused the Debian Bug report #606283, regarding Please drop ladcca support to be marked as done. This means that you claim that the problem has been dealt with. If this is

Bug#584653: CVE-2010-2055

On Fri, Dec 10, 2010 at 04:05:09PM -0500, Michael Gilbert wrote: On Fri, 10 Dec 2010 21:24:57 +0100, Jonas Smedegaard wrote: [snip] >On Thu, Dec 09, 2010 at 10:48:46PM -0500, Michael Gilbert wrote: >> I've isolated and applied the patches needed to fix CVE-2010-2055 >> in ghostscript. See att

Bug#606283: muse: diff for NMU version 0.8.1a-7.1

Hi Daniel! On 12/10/2010 09:47 PM, Daniel Kobras wrote: > > Am 10.12.2010 um 21:26 schrieb Mehdi Dogguy: > >> I've prepared an NMU for muse (versioned as 0.8.1a-7.1) and >> uploaded it to DELAYED/2. Please feel free to tell me if I >> should delay it longer. > > Thanks for preparing the NMU. Th

Bug#605784: nagios-statd-server: test with python2.5 sucessful

Hi Vladislav, Thanks for your debugging work. I'll upload a new package soon, with your recommendations. Jason On Sat, Dec 11, 2010 at 3:13 AM, Vladislav Kurz wrote: > Package: nagios-statd-server > Version: 3.12-1 > Followup-For: Bug #605784 > > > Hello, > > i have tested nagios-statd witch py

Bug#584653: CVE-2010-2055

On Fri, 10 Dec 2010 21:24:57 +0100, Jonas Smedegaard wrote: > On Fri, Dec 10, 2010 at 07:45:18PM +0100, Moritz Muehlenhoff wrote: > >On Thu, Dec 09, 2010 at 10:48:46PM -0500, Michael Gilbert wrote: > >> I've isolated and applied the patches needed to fix CVE-2010-2055 in > >> ghostscript. See atta

Bug#606658: marked as done (Depends on gdm which is not present on kfreebsd-*)

Your message dated Fri, 10 Dec 2010 20:47:28 + with message-id and subject line Bug#606658: fixed in fast-user-switch-applet 2.24.0-5 has caused the Debian Bug report #606658, regarding Depends on gdm which is not present on kfreebsd-* to be marked as done. This means that you claim that the

Bug#606283: muse: diff for NMU version 0.8.1a-7.1

Hi Mehdi! Am 10.12.2010 um 21:26 schrieb Mehdi Dogguy: I've prepared an NMU for muse (versioned as 0.8.1a-7.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Thanks for preparing the NMU. There's no need for a longer delay. Feel free to upload to the ar

Processed: muse: diff for NMU version 0.8.1a-7.1

Processing commands for cont...@bugs.debian.org: > tags 606283 + pending Bug #606283 [muse] Please drop ladcca support Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 606283: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606283 Debian Bug

Bug#606283: muse: diff for NMU version 0.8.1a-7.1

tags 606283 + pending thanks Dear maintainer, I've prepared an NMU for muse (versioned as 0.8.1a-7.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. -- Mehdi Dogguy diff -u muse-0.8.1a/debian/changelog muse-0.8.1a/debian/changelog --- muse-0.8.1

Bug#584653: CVE-2010-2055

On Fri, Dec 10, 2010 at 07:45:18PM +0100, Moritz Muehlenhoff wrote: On Thu, Dec 09, 2010 at 10:48:46PM -0500, Michael Gilbert wrote: I've isolated and applied the patches needed to fix CVE-2010-2055 in ghostscript. See attached debdiff. Would anyone be so kind to sponsor this? The package is

Bug#605157: marked as done (calendarserver: Use of PYTHONPATH env var in an insecure way)

Your message dated Fri, 10 Dec 2010 19:47:08 + with message-id and subject line Bug#605166: fixed in calendarserver 2.4.dfsg-2.1 has caused the Debian Bug report #605166, regarding calendarserver: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim tha

Bug#605166: marked as done (calendarserver: Use of PYTHONPATH env var in an insecure way)

Your message dated Fri, 10 Dec 2010 19:47:08 + with message-id and subject line Bug#605166: fixed in calendarserver 2.4.dfsg-2.1 has caused the Debian Bug report #605166, regarding calendarserver: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim tha

Bug#605166: marked as done (calendarserver: Use of PYTHONPATH env var in an insecure way)

Your message dated Fri, 10 Dec 2010 19:47:08 + with message-id and subject line Bug#605157: fixed in calendarserver 2.4.dfsg-2.1 has caused the Debian Bug report #605157, regarding calendarserver: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim tha

Bug#605157: marked as done (calendarserver: Use of PYTHONPATH env var in an insecure way)

Your message dated Fri, 10 Dec 2010 19:47:08 + with message-id and subject line Bug#605157: fixed in calendarserver 2.4.dfsg-2.1 has caused the Debian Bug report #605157, regarding calendarserver: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim tha

Bug#605157: calendarserver: Use of PYTHONPATH env var in an insecure way

* Dmitrijs Ledkovs , 2010-12-10, 01:25: I have tested this by running calendarserver with & without new patch and I can add/retrieve calendar events over the network using thunderbird-lightning. The new patch looks good. I'll upload Dmitrijs' NMU shortly (with s/urgency=low/urgency=high/). -

Processed: notfixed 596842 in 0.3.3-1

Processing commands for cont...@bugs.debian.org: > # actually this is the proper approach. same found and fixed version will be > seen as affecting. binNMU versions aren't seen by BTS, only source versions > are. thus claiming it's a non-bug by no fixed version is the only sensible > approach >

Processed: notfixed 586838 in mgltools-geomutils/1.5.4.cvs.20090603-1

Processing commands for cont...@bugs.debian.org: > notfixed 586838 mgltools-geomutils/1.5.4.cvs.20090603-1 Bug #586838 {Done: Tim Retout } [mgltools-geomutils] mgltools-geomutils: depends on python (<< 2.6) Bug No longer marked as fixed in versions mgltools-geomutils/1.5.4.cvs.20090603-1. > than

Processed: notfixed 596842 in ocaml-gettext/0.3.3-1

Processing commands for cont...@bugs.debian.org: > notfixed 596842 ocaml-gettext/0.3.3-1 Bug #596842 {Done: Ralf Treinen } [libgettext-ocaml-dev] libgettext-ocaml-dev not installable in sid Bug No longer marked as fixed in versions ocaml-gettext/0.3.3-1. > thanks Stopping processing here. Please

Bug#584653: CVE-2010-2055

On Fri, 10 Dec 2010 19:45:18 +0100, Moritz Muehlenhoff wrote: > On Thu, Dec 09, 2010 at 10:48:46PM -0500, Michael Gilbert wrote: > > I've isolated and applied the patches needed to fix CVE-2010-2055 in > > ghostscript. See attached debdiff. > > > > Would anyone be so kind to sponsor this? The pa

Bug#584653: CVE-2010-2055

On Thu, Dec 09, 2010 at 10:48:46PM -0500, Michael Gilbert wrote: > I've isolated and applied the patches needed to fix CVE-2010-2055 in > ghostscript. See attached debdiff. > > Would anyone be so kind to sponsor this? The package is at: > http://mentors.debian.net/debian/pool/main/g/ghostscript/

Processed: fixed 586838 in mgltools-geomutils/1.5.4.cvs.20090603-1

Processing commands for cont...@bugs.debian.org: > fixed 586838 mgltools-geomutils/1.5.4.cvs.20090603-1 Bug #586838 {Done: Tim Retout } [mgltools-geomutils] mgltools-geomutils: depends on python (<< 2.6) Bug Marked as fixed in versions mgltools-geomutils/1.5.4.cvs.20090603-1. > thanks Stopping pr

Processed: notfixed 586838 in 1.5.4.cvs.20090603-1+b1

Processing commands for cont...@bugs.debian.org: > notfixed 586838 1.5.4.cvs.20090603-1+b1 Bug #586838 {Done: Tim Retout } [mgltools-geomutils] mgltools-geomutils: depends on python (<< 2.6) Bug No longer marked as fixed in versions 1.5.4.cvs.20090603-1+b1. > thanks Stopping processing here. Ple

Processed: notfixed 596842 in 0.3.3-1+b4

Processing commands for cont...@bugs.debian.org: > notfixed 596842 0.3.3-1+b4 Bug #596842 {Done: Ralf Treinen } [libgettext-ocaml-dev] libgettext-ocaml-dev not installable in sid Bug No longer marked as fixed in versions 0.3.3-1+b4. > thanks Stopping processing here. Please contact me if you nee

Processed: bug 606527 is forwarded to http://bugs.exim.org/show_bug.cgi?id=1044

Processing commands for cont...@bugs.debian.org: > forwarded 606527 http://bugs.exim.org/show_bug.cgi?id=1044 Bug #606527 [exim4] root upgrade vulnerability in exim4 (CVE-2010-4345) Set Bug forwarded-to-address to 'http://bugs.exim.org/show_bug.cgi?id=1044'. > thanks Stopping processing here. Ple

Processed: tagging 606527

Processing commands for cont...@bugs.debian.org: > tags 606527 + sid Bug #606527 [exim4] root upgrade vulnerability in exim4 (CVE-2010-4345) Added tag(s) sid. > thanks Stopping processing here. Please contact me if you need assistance. -- 606527: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=

Bug#606527: root upgrade vulnerability in exim4

> (although sadly I can't see how to get it to render in a fixed-width > font). http://bugs.exim.org/show_bug.cgi?id=1044 -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation -- To UNSUBSCRIBE, e

Bug#606238: [Pkg-kde-extras] Bug#606238: OBJECTION

Hello, On penktadienis 10 Gruodis 2010 19:07:32 Peter Hombach wrote: > I object to the "just upgrade to squeeze and be silent" approach. > Squeeze is not the stable distribution yet, and one should not be forced > to go to testing. > > If k3b version 2 is sufficiently stable, why isn't it part of

Bug#606527: Use the source

> And in particular there is a candidate patch at > > > > (although sadly I can't see how to get it to render in a fixed-width font). Check the source to that page; remove a few tags and replace some & entiti

Bug#606238: OBJECTION

I object to the "just upgrade to squeeze and be silent" approach. Squeeze is not the stable distribution yet, and one should not be forced to go to testing. If k3b version 2 is sufficiently stable, why isn't it part of the backports? I kindly ask to take bug reports more seriously. Peter Homb

Processed: hylafax: diff for NMU version 2:6.0.5-4.1

Processing commands for cont...@bugs.debian.org: > tags 603429 + pending Bug #603429 [hylafax-server] hylafax-server: prompting due to modified conffiles which where not modified by the user Added tag(s) pending. > tags 604221 + pending Bug #604221 [hylafax-server] hylafax-server: installation fa

Bug#604221: hylafax: diff for NMU version 2:6.0.5-4.1

tags 603429 + pending tags 604221 + pending thanks Dear maintainer, I've prepared an NMU for hylafax (versioned as 2:6.0.5-4.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. -- .''`. http://info.comodo.priv.at/ -- GPG key IDs: 0x8649AA06, 0x

Bug#605784: nagios-statd-server: test with python2.5 sucessful

Package: nagios-statd-server Version: 3.12-1 Followup-For: Bug #605784 Hello, i have tested nagios-statd witch python2.4 and python2.5. With both of them it works fine, for couple of days without problem. When running with python2.6, problems arise cca 1 hour after start. Suggested fix: Change

Bug#605866: marked as done (php-http-request needs a Pre-Depends: php-pear (>= 5.3) to upgrade to Squeeze)

Your message dated Fri, 10 Dec 2010 16:17:06 + with message-id and subject line Bug#605866: fixed in php-http-request 1.4.4-3 has caused the Debian Bug report #605866, regarding php-http-request needs a Pre-Depends: php-pear (>= 5.3) to upgrade to Squeeze to be marked as done. This means tha

Bug#444770: Bug#604215: libpam-rsa: installation fails

On Thu, Dec 09, 2010 at 09:14:02PM +0100, Julien Cristau wrote: > On Thu, Dec 9, 2010 at 19:37:07 +0100, Agustin Martin wrote: > > > Finally had time to put into this NMU. I am attaching yet another diff with > > my last version. pam_rsa.conf file is not touched if exists in normal > > upgrades,

Bug#606658: Depends on gdm which is not present on kfreebsd-*

Package: fast-user-switch-applet Version: 2.24.0-4 Severity: serious Hi, fast-user-switch-applet depends on gdm which is no longer availables on kfreebsd-* architectures. Please adjust your Architecture field to not build the package on kfreebsd-* anymore by using: Architecture: linux-a

Bug#545625: closed by Peter Van Eynde (Bug#545625: fixed in ecl 9.8.4-2)

Hi Peter & co! * Debian Bug Tracking System [090925 01:00]: > Source-Version: 9.8.4-2 [..] >* Force the configure script to use ginstall-info, (Closes: #545625) Are you aware, that this rc bug is still open in testing? It was fixed in 9.8.4-2, but testing still has 9.8.4-1: $ rmadison ecl

Bug#606657: wordpress: Privilege escalation in posting rights fixed in 3.0.3

Package: wordpress Version: 3.0.2-1 Severity: grave Tags: security Justification: user security hole Another week, another security fix in wordpress. >From : "Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allo

Processed: Re: Bug#606589: xen-linux-system-2.6.32-5-xen-amd64 doesn't upgrade from xen-linux-system-2.6.26-2-xen-amd64

Processing commands for cont...@bugs.debian.org: > severity 606589 important Bug #606589 [xen-linux-system-2.6.32-5-xen-amd64] xen-linux-system-2.6.32-5-xen-amd64 doesn't upgrade from xen-linux-system-2.6.26-2-xen-amd64 Severity set to 'important' from 'serious' > reassign 606589 xen-hypervisor

Bug#606589: xen-linux-system-2.6.32-5-xen-amd64 doesn't upgrade from xen-linux-system-2.6.26-2-xen-amd64

severity 606589 important reassign 606589 xen-hypervisor-4.0-amd64 merge 606590 606589 thanks At the core this is the same issue as 606590. I think a single report is enough to allow this to be fixed in the relevant place, if the kernel ends up being the place to fix then the bug can be reassigned

Bug#606603: marked as done (sbox-dtc: postinst failure (wrong file in /etc/logrotate.d/))

Your message dated Fri, 10 Dec 2010 15:32:17 + with message-id and subject line Bug#606603: fixed in sbox-dtc 1.11.2-4 has caused the Debian Bug report #606603, regarding sbox-dtc: postinst failure (wrong file in /etc/logrotate.d/) to be marked as done. This means that you claim that the prob

Bug#606612: marked as done (exim4: Exploitable memory corruption vulnerability (CVE-2010-4344))

Your message dated Fri, 10 Dec 2010 16:31:11 +0100 with message-id <20101210153111.gi2...@patate.is-a-geek.org> and subject line Re: Bug#606612: exim4: Exploitable memory corruption vulnerability has caused the Debian Bug report #606612, regarding exim4: Exploitable memory corruption vulnerability

Bug#605504: release team advice: chocolate-doom lock-up / OOD libsdl-mixer

Hi! * Jon Dowland [101208 23:36]: > I uploaded an updated sdl-mixer1.2 package to experimental > earlier on. I will re-upload to unstable in 1 or 2 days, > if nobody shouts. When you've done so, please also reassign this bug to the sdl-mixer1.2 package (probalby the version currently in testin

Bug#606603: sbox-dtc: postinst failure (wrong file in /etc/logrotate.d/)

On 12/10/2010 05:13 PM, Laurent Bonnaud wrote: > Package: sbox-dtc > Version: 1.11.2-3 > Severity: grave > > > Hi, > > here is the problem: > > Setting up sbox-dtc (1.11.2-3) ... > Group dtcgrp already exists: skiping creation! > User dtc already exists: skiping creation! > sed: can't read /etc

Bug#606640: src:atlas: FTBFS on alpha, armel, ia64, mips, powerpc, s390

Le vendredi 10 décembre 2010 à 15:31 +0100, Alexander Reichle-Schmehl a écrit : > Package: src:atlas > Version: 3.8.3-29 > Severity: serious > Justification: no longer builds from source > I'm not really sure, if it is the same bug for all archs, but from what > I've seen, something is wrong in th

Bug#606498: okular: Broken dep with LibQTSvg.so

Hello, This error is most likely being caused by the prescence of a third-party copy of the Qt library. (Most likely installed by the Nessus security scanner) Alteratively, it could also perhaps be a local copy without the qt-copy patches installed to /usr/share/local or somesuch. The output o

Bug#606645: marked as done (binutils-multiarch: uninstallable - ld.bfd conflict with binutils)

Your message dated Fri, 10 Dec 2010 15:56:04 +0100 with message-id <4d023f84.4070...@debian.org> and subject line Re: Bug#606645: binutils-multiarch: uninstallable - ld.bfd conflict with binutils has caused the Debian Bug report #606645, regarding binutils-multiarch: uninstallable - ld.bfd conflic

Bug#603429: hylafax-server: prompting due to modified conffiles which where not modified by the user

On Fri, 10 Dec 2010 15:13:19 +0100, Giuseppe Sacco wrote: > the patch seems good to me. Please, only correct a small typo in > changelog, where you wrote where instead of were. He, nice catch (that was directly from the BTS). Fixed locally. > P.S. Thanks for working on hylafax package Your wel

Bug#606050: marked as done (perf (GPLv2-only) linked with libbfd (GPLv3-only), so undistributable)

Your message dated Fri, 10 Dec 2010 14:49:20 + with message-id and subject line Bug#606050: fixed in linux-2.6 2.6.32-29 has caused the Debian Bug report #606050, regarding perf (GPLv2-only) linked with libbfd (GPLv3-only), so undistributable to be marked as done. This means that you claim th

Bug#461644: marked as done (linux-image-2.6.18-5-xen-686: Exporting an lvm-on-md LV to Xen as a disk results in kernel errors and corrupt filesystems)

Your message dated Fri, 10 Dec 2010 14:49:19 + with message-id and subject line Bug#604457: fixed in linux-2.6 2.6.32-29 has caused the Debian Bug report #604457, regarding linux-image-2.6.18-5-xen-686: Exporting an lvm-on-md LV to Xen as a disk results in kernel errors and corrupt filesystem

Bug#604457: marked as done (linux-image-2.6.26-2-xen-686: Raid10 exporting LV to xen results in error "can't convert block across chunks or bigger than 64k")

Your message dated Fri, 10 Dec 2010 14:49:19 + with message-id and subject line Bug#604457: fixed in linux-2.6 2.6.32-29 has caused the Debian Bug report #604457, regarding linux-image-2.6.26-2-xen-686: Raid10 exporting LV to xen results in error "can't convert block across chunks or bigger t

Bug#606645: binutils-multiarch: uninstallable - ld.bfd conflict with binutils

Package: binutils-multiarch Version: 2.21-1 Severity: grave Justification: renders package unusable Attempting to install binutils-multiarch 2.21-1 results in the following error: dpkg: error processing /var/cache/apt/archives/binutils-multiarch_2.21-1_i386.deb (--unpack): trying to overwrite `

Processed: merge

Processing commands for cont...@bugs.debian.org: > reassign 605370 src:atlas 3.8.3-29 Bug #605370 [atlas] atlas: FTBFS on alpha, armel, ia64, mips, powerpc and s390 Bug reassigned from package 'atlas' to 'src:atlas'. Bug No longer marked as found in versions 3.8.3-29. Bug #605370 [src:atlas] atlas

Processed: notfound 599303 in 0.8.1-4.1

Processing commands for cont...@bugs.debian.org: > notfound 599303 0.8.1-4.1 Bug #599303 {Done: "Didier 'OdyX' Raboud" } [ktoon] ktoon: KToon crashes with Signal 11 Bug No longer marked as found in versions ktoon/0.8.1-4.1. > End of message, stopping processing here. Please contact me if you nee

Bug#603429: hylafax-server: prompting due to modified conffiles which where not modified by the user

Hi Gregor, the patch seems good to me. Please, only correct a small typo in changelog, where you wrote where instead of were. Bye, Giuseppe P.S. Thanks for working on hylafax package -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Bug#545414: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users

On Fri, 2010-12-10 at 11:42 +0800, David Adam wrote: > libnss-ldapd should be used to replace libnss-ldap on squeeze upgrades. I > am still a touch wary of libnss-ldapd, only in that adding the daemon > introduces an additional point of failure, but have been running it on > our Ubuntu and squee

Bug#606640: src:atlas: FTBFS on alpha, armel, ia64, mips, powerpc, s390

Package: src:atlas Version: 3.8.3-29 Severity: serious Justification: no longer builds from source Hi! Your package fails to build from source on the architecures alpha, armel, ia64, mips, powerpc and s390: https://buildd.debian.org/fetch.cgi?pkg=atlas;ver=3.8.3-29;arch=alpha;stamp=1290598328 h

Processed: Restore original severity for remote compromise

Processing commands for cont...@bugs.debian.org: > # This was changed in the merge which was then reversed > severity 606612 critical Bug #606612 [exim4] exim4: Exploitable memory corruption vulnerability (CVE-2010-4344) Severity set to 'critical' from 'grave' > thanks Stopping processing here.

Bug#606527: root upgrade vulnerability in exim4

On Thu, Dec 09, 2010 at 11:23:19PM +0100, Konrad Rosenbaum wrote: > The /usr/sbin/exim4 executable can be abused to upgrade from Debian-exim to > root in case of another vulnerability in exim that creates a shell (there > currently seems to be one). > > The exim config allows constructs like ${r

Processed: fixed 601989 in 0.0.10-1.1

Processing commands for cont...@bugs.debian.org: > fixed 601989 0.0.10-1.1 Bug #601989 {Done: Luca Falavigna } [vanessa-logger] libvanessa-adt-dev: file conflict when upgrading from lenny There is no source info for the package 'vanessa-logger' at version '0.0.10-1.1' with architecture '' Unable

Processed: Bug is still marked as affecting libvanessa-adt-dev

Processing commands for cont...@bugs.debian.org: > reassign 601989 vanessa-logger 0.0.10-1 Bug #601989 {Done: Luca Falavigna } [libvanessa-adt-dev] libvanessa-adt-dev: file conflict when upgrading from lenny Bug reassigned from package 'libvanessa-adt-dev' to 'vanessa-logger'. Bug No longer marke

Bug#606520: linux-tools-2.6.36: /usr/bin/perf_2.6.36 links against openssl but copyright lists only GPLv2 without exceptions

On Fri, 2010-12-10 at 09:08 +0200, Timo Juhani Lindfors wrote: > Ben Hutchings writes: > > I have no idea what the upstream developers intended, they seem a bit > > clueless about distribution. I only just realised that they try to use > > libbfd (GPLv3, incompatible) even though perf can get the

Bug#601989: Bug is still marked as affecting libvanessa-adt-dev

reassign vanessa-logger 0.0.10-1 thanks As the bug was filled against libvanessa-adt-dev (src:src:vanessa-adt) but fixed with an upload src:vanessa-logger, the bts thinks it sill affects libvanessa-adt-dev. Reassinging it to vanessa-logger should solve that issue. Best Regards, Alexander -

Processed: merging the logrotate bugs

Processing commands for cont...@bugs.debian.org: > package logrotate Limiting to bugs with field 'package' containing at least one of 'logrotate' Limit currently set to 'package':'logrotate' > forcemerge 388608 606595 606596 606597 606598 606599 606601 606602 606608 > 606609 Bug#388608: logrotat

Processed: tagging 604983, tagging 606537, tagging 605311

Processing commands for cont...@bugs.debian.org: > tags 604983 + pending Bug #604983 [youtube-dl] youtube-dl: Manpage needs updating for new options Added tag(s) pending. > tags 606537 + pending Bug #606537 [youtube-dl] youtube-dl: new upstream version Added tag(s) pending. > tags 605311 + pending

Processed (with 5 errors): yawn, not funny

Processing commands for cont...@bugs.debian.org: > reassign #606595 logrotate Bug #606595 [bacula-common] bacula-common: affected by privilege escalation vulnerability in logrotate Bug reassigned from package 'bacula-common' to 'logrotate'. Bug No longer marked as found in versions bacula/2.4.4-1

Bug#605536: marked as pending

tag 605536 pending thanks Hello, Bug #605536 reported by you has been fixed in the Git repository. You can see the changelog below, and you can check the diff of the fix at: http://git.debian.org/?p=dpkg/dpkg.git;a=commitdiff;h=a766f50 --- commit a766f501f6da46aca070c315e6429e163d188202 Aut

Processed: Re: [Python-apps-team] Bug#606410: ocrfeeder: does not start after fresh install

Processing commands for cont...@bugs.debian.org: > reassign 606410 python-minimal Bug #606410 [ocrfeeder] ocrfeeder: does not start after fresh install Bug reassigned from package 'ocrfeeder' to 'python-minimal'. Bug No longer marked as found in versions ocrfeeder/0.6.6+dfsg1-1. > forcemerge 58934

Processed: Bug#605536 marked as pending

Processing commands for cont...@bugs.debian.org: > tag 605536 pending Bug #605536 [dpkg] dpkg: ^C during package install results in broken symlinks Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 605536: http://bugs.debian.org/cgi-bin/bugrepo

Processed: tagging 606612

Processing commands for cont...@bugs.debian.org: > tags 606612 - squeeze Bug #606612 [exim4] exim4: Exploitable memory corruption vulnerability (CVE-2010-4344) Removed tag(s) squeeze. > thanks Stopping processing here. Please contact me if you need assistance. -- 606612: http://bugs.debian.org/

Bug#606527: Bug#606612: Acknowledgement (exim4: Exploitable memory corruption vulnerability)

On Fri, Dec 10, 2010 at 11:19:24 +, Dominic Hargreaves wrote: > Julien, I just wanted to point out that there are two separate issues > here, and only one of them has been fixed in newer versions. #606527 > relating to the root upgrade is AFAIK still an issue. > Yeah sorry about that. I thin

Processed: Re: [Debian-olpc-devel] Processed: non installable is serious

Processing commands for cont...@bugs.debian.org: > severity 606558 normal Bug #606558 [sugar-calculate-activity] sugar-calculate-activity: needs to be updated for sugar/sucrose-0.88 Severity set to 'normal' from 'serious' > thanks Stopping processing here. Please contact me if you need assistan

Processed: limit package to exim4, unmerging 606612, notfixed 606527 in 4.70-1 ...

Processing commands for cont...@bugs.debian.org: > # undoing my mess. sorry for the noise > limit package exim4 Limiting to bugs with field 'package' containing at least one of 'exim4' Limit currently set to 'package':'exim4' > unmerge 606612 Bug#606612: exim4: Exploitable memory corruption vuln

Bug#606527: Bug#606612: Acknowledgement (exim4: Exploitable memory corruption vulnerability)

Julien, I just wanted to point out that there are two separate issues here, and only one of them has been fixed in newer versions. #606527 relating to the root upgrade is AFAIK still an issue. Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (key

Processed: forcibly merging 606527 606612

Processing commands for cont...@bugs.debian.org: > forcemerge 606527 606612 Bug#606527: root upgrade vulnerability in exim4 Bug#606612: exim4: Exploitable memory corruption vulnerability Forcibly Merged 606527 606612. > thanks Stopping processing here. Please contact me if you need assistance. -

Processed: plus all the maintainers wasting their time looking at their package

Processing commands for cont...@bugs.debian.org: > forcemerge #388608 #606541 #606543 #606544 #606545 #606547 #606548 #606549 Bug#388608: logrotate: Creation of files has race condition that could allow unintended file access Bug#606541: zabbix-server-mysql: affected by privilege escalation vulne

Processed: forcibly merging 606527 606612

Processing commands for cont...@bugs.debian.org: > forcemerge 606527 606612 Bug#606527: root upgrade vulnerability in exim4 Bug#606612: exim4: Exploitable memory corruption vulnerability Forcibly Merged 606527 606612. > thanks Stopping processing here. Please contact me if you need assistance. -

Processed: fixed 606612 in 4.70-1

Processing commands for cont...@bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.10.35lenny7 > fixed 606612 4.70-1 Bug #606612 [exim4] exim4: Exploitable memory corruption vulnerability Bug Marked as fixed in versions exim4/4.70-1. > End of message, stopping proces

Processed: reassign 606600 to logrotate, forcibly merging 388608 606600

Processing commands for cont...@bugs.debian.org: > reassign 606600 logrotate Bug #606600 [pyicqt] pyicqt: affected by privilege escalation vulnerability in logrotate Bug reassigned from package 'pyicqt' to 'logrotate'. Bug No longer marked as found in versions pyicqt/0.8.1.3-2. > forcemerge 38860

Bug#606612: exim4: Exploitable memory corruption vulnerability

Package: exim4 Version: 4.69-9 Severity: critical Tags: security Justification: root security hole There is a discussion on exim-dev[0] relating to an incident of root-level compromise owing to a couple of bugs. The first (the remote attack) appears[1] to be related to a bug already fixed in mainl

Processed (with 5 errors): garbage cleanup, waste of time, 2nd try

Processing commands for cont...@bugs.debian.org: > reassign #388608 logrotate Bug #388608 {Done: Paul Martin } [logrotate] logrotate: Creation of files has race condition that could allow unintended file access Ignoring request to reassign bug #388608 to the same package > reassign #606541 logrot

Bug#606541: garbage cleanup, waste of time, 2nd try

reassign #388608 logrotate reassign #606541 logrotate reassign #606543 logrotate reassign #606544 logrotate reassign #606545 logrotate reassign #606547 logrotate reassign #606548 logrotate reassign #606549 logrotate reassign #606551 logrotate reassign #606552 logrotate reassign #606553 lo

  1   2   >