Your message dated Tue, 18 Sep 2012 07:48:32 +0200
with message-id <20120918054832.ga12...@inutil.org>
and subject line Re: OptiPNG Palette Reduction Use-After-Free Vulnerability
has caused the Debian Bug report #687998,
regarding OptiPNG Palette Reduction Use-After-Free Vulnerability
to be marked
Does this issue have CVE-identifier?
- Henri Salo
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Does this issue have CVE-identifier?
- Henri Salo
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: monkey
Version: 0.9.3-1
Severity: grave
Tags: security
Justification: user security hole
The Monkey webserver retains RUID/RGID root so that it can regain root as
needed to perform privileged operations. Unfortunately, monkey does not drop
RUID/RGID root before executing CGI scripts. This
Package: monkey
Version: 0.9.3-1
Severity: grave
Tags: security
Justification: user security hole
Monkey webserver fails to drop supplemental groups when lowering privileges.
This allows any local user on the system to read any fine that root's
supplemental
groups can access. Monkey does perform a
Package: optipng
Severity: grave
Tags: security patch
The following vulnerability has been reported against optipng.
http://seclists.org/oss-sec/2012/q3/499
It's fixed in 0.7.3. The link include a patch too.
Cheers, luciano
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
w
Hello, Maintainer,
A NMU has been uploaded to DELAYED/3, please find the debdiff attached.
Please note the binary file changes are not representable, and dgetting
the source might be the best way to re-introduce the changes.
Thank you, Mika!
--
.''`. Paul Tagliamonte
: :' : Proud Debian Dev
On Sun, Sep 16, 2012 at 01:39:06PM +0200, Kai Lüke wrote:
> As far as I can see, the problem was not solved upstream:
> https://live.gnome.org/gksu
> http://anonscm.debian.org/gitweb/?p=users/kov/gksu-polkit.git;a=summary
>
> So either one is stepping in for a patch or it's ignored...(?) maybe won
Your message dated Mon, 17 Sep 2012 22:15:13 +
with message-id
and subject line Bug#687718: Removed package(s) from unstable
has caused the Debian Bug report #687718,
regarding RM: blockade -- non distributable
to be marked as done.
This means that you claim that the problem has been dealt wi
Your message dated Mon, 17 Sep 2012 22:15:18 +
with message-id
and subject line Bug#687718: Removed package(s) from unstable
has caused the Debian Bug report #685660,
regarding blockade: missing permission to redistribute
to be marked as done.
This means that you claim that the problem has be
Your message dated Mon, 17 Sep 2012 22:15:47 +
with message-id
and subject line Bug#687790: Removed package(s) from unstable
has caused the Debian Bug report #676093,
regarding libzoom-ruby: FTBFS: make: /usr/bin/ruby1.8: Command not found
to be marked as done.
This means that you claim that
Your message dated Mon, 17 Sep 2012 22:13:17 +
with message-id
and subject line Bug#687910: Removed package(s) from unstable
has caused the Debian Bug report #679428,
regarding vfdata-morisawa5 is not installable
to be marked as done.
This means that you claim that the problem has been dealt
Processing commands for cont...@bugs.debian.org:
> severity 631295 important
Bug #631295 [gvfs-backends] gvfs-backends: gvfsd-gphoto2 handles large
image/video files very badly
Severity set to 'important' from 'critical'
> thanks
Stopping processing here.
Please contact me if you need assistance
severity 631295 important
thanks
On 17.09.2012 21:27, Rolf Leggewie wrote:
> severity 631295 critical
> thanks
>
> I'm setting this to critical as given sufficiently large files the bug
> has the potential to crash other processes on the system or at least
> severely slow them down. One can easi
Your message dated Mon, 17 Sep 2012 22:05:25 +
with message-id
and subject line Bug#687727: Removed package(s) from unstable
has caused the Debian Bug report #687727,
regarding RM: jampal -- non distributable
to be marked as done.
This means that you claim that the problem has been dealt with
Your message dated Mon, 17 Sep 2012 22:05:28 +
with message-id
and subject line Bug#687727: Removed package(s) from unstable
has caused the Debian Bug report #685839,
regarding jampal: contains material without permission to redistribute
to be marked as done.
This means that you claim that th
I have been so busy at my day job I have been negligent of the IET code base.
The bug was fixed in HEAD and not ported to 1.4.20 branch?
If we release 1.4.20.3 you can probably push that through as an update as it's
bug-fix only?
Otherwise what you propose is less-stable that an official bug re
Hello Arne / Ross,
This debian bug, 687925, is release critical for the OpenStack suite.
OpenStack uses iscsitarget as its storage sub-module.
As is explained in this bug report, the ietd daemon does not seem to be
releasing the sparse files that it exposes to the initiator, even after
the initia
Processing commands for cont...@bugs.debian.org:
> retitle 687954 elmer: non-free files in source tarball
Bug #687954 [elmer] elmer: non-free files in souce tarball
Changed Bug title to 'elmer: non-free files in source tarball' from 'elmer:
non-free files in souce tarball'
> thanks
Stopping proce
On Mon, 17 Sep 2012 22:27:24 +0200, Alessandro Ghedini wrote:
> > So this should be libcurl4-*-dev (and not -nss-) for the HTTPS
> > communication, and libnss3-dev for the OAuth hash things, right? (And
> > the fix for #646485 would have been to just add libnss3-dev, and not
> > to switch the curl
Your message dated Mon, 17 Sep 2012 21:01:54 +
with message-id
and subject line Bug#678558: fixed in tortoisehg 2.4-2
has caused the Debian Bug report #678558,
regarding tortoisehg-nautilus does not start on new installations
to be marked as done.
This means that you claim that the problem ha
Processing commands for cont...@bugs.debian.org:
> found 687835 microcode.ctl/1.18~0+nmu1
Bug #687835 {Done: Henrique de Moraes Holschuh }
[microcode.ctl] microcode.ctl: missing changelog entries for 1.17-13.1 and
1.17-13.2
The source microcode.ctl and version 1.18~0+nmu1 do not appear to match
Processing commands for cont...@bugs.debian.org:
> notfound 687835 1.18~0+nmu1
Bug #687835 {Done: Henrique de Moraes Holschuh }
[microcode.ctl] microcode.ctl: missing changelog entries for 1.17-13.1 and
1.17-13.2
Ignoring request to alter found versions of bug #687835 to the same values
previou
On Monday 17 September 2012 06:27:04 Hideki Yamane wrote:
> Hi,
>
> Iceweasel is updated since you've reported this bug.
> Is it still reproducible now?
Hi.
The error is still there ...
I get bus errors or - more often - segmentation faults.
Testet today with iceweasel 10.0.7esr2 after dist-u
On Mon, Sep 17, 2012 at 07:49:43PM +0200, gregor herrmann wrote:
> > From liboauth 0.9.4-3 changelog:
> >
> > * Sync from Ubuntu:
> > [ Mathieu Trudel-Lapierre ]
> >* debian/control: liboauth-dev really needs libcurl4-nss-dev, not
> > libcurl4-gnutls-dev (nss is required in
Processing commands for cont...@bugs.debian.org:
> severity 683834 serious
Bug #683834 [vim-puppet] vim-puppet: puppet is "unavailable" in vim-addons
(missing source files)
Severity set to 'serious' from 'important'
> tags 683834 + patch
Bug #683834 [vim-puppet] vim-puppet: puppet is "unavailable
Processing commands for cont...@bugs.debian.org:
> severity 631295 critical
Bug #631295 [gvfs-backends] gvfs-backends: gvfsd-gphoto2 handles large
image/video files very badly
Severity set to 'critical' from 'important'
>
End of message, stopping processing here.
Please contact me if you need as
On 09/17/2012 07:41 PM, Ritesh Raj Sarraf wrote:
> On Monday 17 September 2012 10:28 PM, Ritesh Raj Sarraf wrote:
>> On Monday 17 September 2012 08:41 PM, Loic Dachary wrote:
The proposed NMU was based on the assumption that it would be easier to
fix the release critical bug first and
>
Your message dated Mon, 17 Sep 2012 20:08:28 +0200
with message-id <5057671c.2050...@debian.org>
and subject line Fixed by libbcprov-java 1.44+dfsg-3.1 upload
has caused the Debian Bug report #684841,
regarding wagon2: FTBFS: missing org.bouncycastle:bcprov:jar:debian
to be marked as done.
This me
Your message dated Mon, 17 Sep 2012 20:08:28 +0200
with message-id <5057671c.2050...@debian.org>
and subject line Fixed by libbcprov-java 1.44+dfsg-3.1 upload
has caused the Debian Bug report #684826,
regarding jenkins: FTBFS: missing org.bouncycastle:bcprov:jar:debian
to be marked as done.
This m
Your message dated Mon, 17 Sep 2012 20:08:28 +0200
with message-id <5057671c.2050...@debian.org>
and subject line Fixed by libbcprov-java 1.44+dfsg-3.1 upload
has caused the Debian Bug report #684829,
regarding jenkins-ssh-cli-auth: FTBFS: missing
org.bouncycastle:bcprov:jar:debian
to be marked as
Your message dated Mon, 17 Sep 2012 20:08:28 +0200
with message-id <5057671c.2050...@debian.org>
and subject line Fixed by libbcprov-java 1.44+dfsg-3.1 upload
has caused the Debian Bug report #684815,
regarding jenkins-instance-identity: FTBFS: missing
org.bouncycastle:bcprov:jar:debian
to be mark
Processing control commands:
> severity 650138 serious
Bug #650138 [liboauth0] liboauth0: doesn't work with NSS libcurl flavour
Ignoring request to change severity of Bug 650138 to the same value.
> retitle 650138 liboauth0: doesn't work with NSS libcurl flavour
Bug #650138 [liboauth0] liboauth0:
Processing control commands:
> severity 650138 serious
Bug #650138 [liboauth0] bti doesn't work with identi.ca and liboauth0 0.9.4-3+b1
Severity set to 'serious' from 'important'
> retitle 650138 liboauth0: doesn't work with NSS libcurl flavour
Bug #650138 [liboauth0] bti doesn't work with identi.
Control: severity 650138 serious
Control: retitle 650138 liboauth0: doesn't work with NSS libcurl flavour
Control: tag 650138 + patch
Control: tag 639565 + patch
On Mon, 17 Sep 2012 19:19:57 +0200, Alessandro Ghedini wrote:
> > thanks alot for taking the time to shed some light here!
> No problem
Processing commands for cont...@bugs.debian.org:
> found 680433 1.28-2
Bug #680433 {Done: Mathieu Malaterre } [src:gassst] gassst:
Uses -msse2 -mssse3
Marked as found in versions gassst/1.28-2; no longer marked as fixed in
versions gassst/1.28-2 and reopened.
> thanks
Stopping processing here.
On Monday 17 September 2012 10:28 PM, Ritesh Raj Sarraf wrote:
> On Monday 17 September 2012 08:41 PM, Loic Dachary wrote:
>> > The proposed NMU was based on the assumption that it would be easier to
>> > fix the release critical bug first and
>> > then advocate for other changes:
>> >
> Agreed.
found 680433 1.28-2
thanks
reopening, as mentioned previously sse2/3 is not always available on
i386, same with sse3 and amd64.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
On Mon, Sep 17, 2012 at 05:30:44PM +0200, gregor herrmann wrote:
> On Sun, 16 Sep 2012 20:19:56 +0200, Alessandro Ghedini wrote:
>
> Ciao Alessandro,
>
> thanks alot for taking the time to shed some light here!
No problem
> > > Directly depending on libcurl3* packages is of no use: either the
On Monday 17 September 2012 08:41 PM, Loic Dachary wrote:
> The proposed NMU was based on the assumption that it would be easier to fix
> the release critical bug first and
> then advocate for other changes:
>
Agreed. Just that the other bug, that the one in experimental fixes, is
related to a k
Processing commands for cont...@bugs.debian.org:
> tags 687957 + pending
Bug #687957 [autoconf-dickey] autoconf-dickey: missing dependency on mawk
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
687957: http://bugs.debian.org/cgi-bin/bugrepor
Package: osm2pgsql
Version: 0.80.0+r27899-1+b1
Severity: grave
The osm2pgsql version packaged in testing does not support 64-bit node ids.
However, predictions using linear interpolation indicate that 64-bit node id
support will become necessary February 2013 at latest, therefore most likely
be
Processing commands for cont...@bugs.debian.org:
> tags 687857 + patch
Bug #687857 [libatm1-dev] libatm1-dev: copyright file missing after upgrade
(policy 12.5)
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
687857: http://bugs.debian.org/cgi
tags 687857 + patch
thanks
I've prepared an NMU patch for linux-atm (versioned as 1:2.5.1-1.5).
It seems that the postinst for libatm1-dev wrongly refered to
/usr/share/doc/atm-tools, so like the postinst for atm-tools itself.
I have not yet done any further action but can upload the NMU.
Regard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Here is the patch, rebased against 1.4.20.2-11
Cheers
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlBXRdEACgkQ8dLMyEl6F20q4wCgll9G1Vcrgc8254LumI2gk
On Mon, 17 Sep 2012 08:42:10 +0200, Helmut Grohne wrote:
> > #681194 is fixed now, so a b-d on debhelper (>= 9.20120830) and a
> > sourceful upload should fix this, right?
> This is technically correct. However it does not solve all of the
> problems. xml2rfc is just one of the affected packages.
Processing control commands:
> tag -1 + patch
Bug #684433 [gdal-bin] gdal-bin: FTBFS when ruby1.9.1 installed
Ignoring request to alter tags of bug #684433 to the same tags previously set
--
684433: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684433
Debian Bug Tracking System
Contact ow...@
Control: tag -1 + patch
On Mon, 17 Sep 2012 00:59:38 +0200, Cédric Boutillier wrote:
> The approach used in Gregor's patch is the same as the one I would have
> used. Forcing building using Ruby 1.8 is the best approach, I believe,
> as adding a Build-Conflicts with ruby1.9.1 would prevent people
Processing control commands:
> tag -1 + patch
Bug #684433 [gdal-bin] gdal-bin: FTBFS when ruby1.9.1 installed
Added tag(s) patch.
--
684433: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684433
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email t
On Sun, 16 Sep 2012 20:19:56 +0200, Alessandro Ghedini wrote:
Ciao Alessandro,
thanks alot for taking the time to shed some light here!
> > > So not linking to any curl lib doesn't look right ...
> > That could be done, as long as all the applications linking directly or
> > indirectly to liboau
On 09/17/2012 03:49 PM, Ritesh Raj Sarraf wrote:
> On Monday 17 September 2012 03:09 PM, Loic Dachary wrote:
>> Dear maintainer,
>>
>> I've prepared an NMU for iscsitarget (versioned as 1.4.20.2-10.1) and
>> uploaded it to DELAYED/3. Please feel free to tell me if I should delay it
>> longer.
>>
>
On 17/09/2012 15:49, Ritesh Raj Sarraf wrote:
Given the freeze, I am not hopeful of it getting in for Wheezy.
Doesn't look so awful to not be unblocked. Why do you think the
contrary? (It still needs to be acked by -boot folks though)
--
Mehdi Dogguy
--
To UNSUBSCRIBE, email to debian-bugs-r
Hi David
On Sun, Sep 16, 2012 at 05:20:00PM -0300, David Bremner wrote:
> Salvatore Bonaccorso writes:
>
> >
> > I was going trough some current RC bugs open for wheezy and noticed
> > #687404 (I'm not the maintainer).
>
> Isn't this the same as the #682636? Several of us tried and failed to
>
Package: autoconf-dickey
Version: 2.52+20101002-1
Severity: serious
<-- snip -->
$ autoconf-dickey
/usr/bin/autoconf-dickey: line 121: mawk: command not found
autoconf-dickey: the regex engine of mawk is too broken to be used
autoconf-dickey: you might want to install GNU AWK
$ dpkg -l | grep
On Monday 17 September 2012 03:09 PM, Loic Dachary wrote:
> Dear maintainer,
>
> I've prepared an NMU for iscsitarget (versioned as 1.4.20.2-10.1) and
> uploaded it to DELAYED/3. Please feel free to tell me if I should delay it
> longer.
>
> I'll take care of the unblock request.
Can you rebase i
Attached is the diff fix for this bug.
Thomas
diff --git a/debian/changelog b/debian/changelog
index cbc8543..37519fa 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+keystone (2012.1.1-7) unstable; urgency=low
+
+ * Fixes band handling (eg: policy violation) of keystone.co
Package: elmer
Version: 5.5.0.svn.4499.dfsg-1
Severity: serious
Justification: Policy 2.2.1
X-Debbugs-Cc: debian-rele...@lists.debian.org
Hi,
This bug affects both versions of elmerfem in Debian archive:
5.5.0.svn.4499.dfsg-1 and 6.1.0.svn.5396.dfsg-5.2.
During updating file debian/copyright [1
Package: ffgtk
Version: 0.8.1-2
Severity: grave
It seems that ffgtk does not start anymore, but I don't really know
why. It just fails with:
shm_open(/CAPI20_shared_memory.v0110, ...) failed - Bad address
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy:
Processing commands for cont...@bugs.debian.org:
> severity 645656 serious
Bug #645656 [gnome-core] gnome-core: please re-soften the network-manager-gnome
dependency
Severity set to 'serious' from 'minor'
> unblock 685746 by 645656
Bug #685746 [debian-policy] debian-policy Consider clarifying the
Processing commands for cont...@bugs.debian.org:
> block 687949 by 218995
Bug #687949 [debian-cd] sort_deps does not track package versions
687949 was not blocked by any bugs.
687949 was not blocking any bugs.
Added blocking bug(s) of 687949: 218995
> severity 218995 important
Bug #218995 [apt] /u
Processing commands for cont...@bugs.debian.org:
> severity 687885 normal
Bug #687885 [opendnssec] opendnssec: copyright file missing after upgrade
(policy 12.5)
Severity set to 'normal' from 'serious'
> tag 687885 +moreinfo
Bug #687885 [opendnssec] opendnssec: copyright file missing after upgrad
severity 687885 normal
tag 687885 +moreinfo
thank you
This is empty meta-package which symlinks it's docs to
opendnssec-common (like many other packages).
I see a no bug here.
O.
On Sun, Sep 16, 2012 at 8:19 PM, Bart Martens wrote:
> Package: opendnssec
> Version: 1:1.3.9-1
> Severity: serious
Package: debian-cd
Version: 3.1.10
Severity: serious
It seems we've had a bug designed into debian-cd ever since it
started. The dependency sorting code in tools/sort_deps does not track
versions of packages when considering if dependencies are met. For a
long time, this has seemingly worked OK. H
Processing control commands:
> found -1 wims/4.03a-7
Bug #687947 [wims] wims: modifies shipped files:
/var/lib/wims/public_html/gifs/*, /var/lib/wims/public_html/themes/*
Marked as found in versions wims/4.03a-7.
--
687947: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687947
Debian Bug Trac
Package: wims
Version: 4.04-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 wims/4.03a-7
Hi,
during a test with piuparts I noticed your package modifies the files it
ships. While this is explicitly forbidden for conffiles (cf. Policy
10.7.3), I think the
Package: mason
Version: 1.0.0-12.2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 mason/1.0.0-12.2
Hi,
during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy/ch-fi
Processing control commands:
> found -1 mason/1.0.0-12.2
Bug #687944 [mason] mason: modifies conffiles (policy 10.7.3): /etc/masonrc
Marked as found in versions mason/1.0.0-12.2; no longer marked as found in
versions mason/1.0.0-12.2.
--
687944: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
Package: gnarwl
Version: 3.6.dfsg-6.1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 gnarwl/3.6.dfsg-6.1
Hi,
during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy
Processing control commands:
> found -1 gnarwl/3.6.dfsg-6.1
Bug #687943 [gnarwl] gnarwl: modifies conffiles (policy 10.7.3): /etc/gnarwl.cfg
The source gnarwl and version 3.6.dfsg-6.1 do not appear to match any binary
packages
Marked as found in versions gnarwl/3.6.dfsg-6.1.
--
687943: http://b
Processing control commands:
> found -1 fprobe-ulog/1.1-7.2
Bug #687942 [fprobe-ulog] fprobe-ulog: modifies conffiles (policy 10.7.3):
/etc/default/fprobe-ulog
Marked as found in versions fprobe-ulog/1.1-7.2; no longer marked as found in
versions fprobe-ulog/1.1-7.2.
--
687942: http://bugs.deb
Package: fprobe-ulog
Version: 1.1-7.2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 fprobe-ulog/1.1-7.2
Hi,
during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy
Hi, thank you!
You can test new version of packages for squeeze:
http://pkg-bacula.alioth.debian.org/tmp/5.0.2-2.2+squeeze1/
For Security Team members - please, review new packages.
Debdiff with current squeeze version in attach. Can i upload this
packages?
В Mon, 17 Sep 2012 09:40:03 +0200
M
On Mon, Sep 17, 2012 at 12:57:06PM +0200, Jiri Kosina wrote:
> On Wed, 12 Sep 2012, Nestor Lopez Casado wrote:
>
> > Take a look at this thread ... where a patch was published ...
> >
> > https://bugs.launchpad.net/ubuntu/+bug/958174
> >
> > Your issue may come from the same problem.
> >
> > I
tags 687925 + patch
tags 687925 + pending
Dear maintainer,
I've prepared an NMU for iscsitarget (versioned as 1.4.20.2-10.1) and
uploaded it to DELAYED/3. Please feel free to tell me if I should delay it
longer.
I'll take care of the unblock request.
Regards.
diff -Nru iscsitarget-1.4.20.2/
Processing commands for cont...@bugs.debian.org:
> reassign 687637 openvas-plugins-dfsg 20100705-4
Bug #687637 [openvas-client-dfsg] openvas-client-dfsg: FTBFS on all arches but
i386
Warning: Unknown package 'openvas-client-dfsg'
Bug reassigned from package 'openvas-client-dfsg' to 'openvas-plugi
Processing commands for cont...@bugs.debian.org:
> found 687931 1.900.1-13
Bug #687931 [libjasper-runtime] #3 0x77b9565a in jas_image_readcmpt2 ()
from /usr/lib/libjasper.so.1
Marked as found in versions jasper/1.900.1-13.
> thanks
Stopping processing here.
Please contact me if you need
On 2012-09-17 09:29, Helmut Grohne wrote:
> This should be a case unique to xml2rfc, because it was the only package
> that did not use dh_installcatalogs but used update-catalog in squeeze.
> I would rather not update debhelper for one single package again, but
> fix this in xml2rfc directly.
Ag
Le Sep 10, 2012 à 9:01 PM, Adam D. Barratt a écrit :
> On Wed, 2012-08-15 at 13:46 +0100, Adam D. Barratt wrote:
>> On 15.08.2012 10:47, Jeremy Lainé wrote:
>>> I have uploaded a new revision of ocfs2-tools to unstable which fixes
>>> bug #682517
>>> (inability to launch the ocfs2console GUI):
>
Package: iscsitarget
Severity: critical
Dear Maintainer,
* When deploying OpenStack ( package nova-volume specifically ) as
instructed in http://wiki.debian.org/OpenStackHowto, it created
iscsi sessions to access LVM disks.
* I was unable to delete the nova volumes because the in
Package: moodle
Severity: grave
Tags: security
Justification: user security hole
Please see http://moodle.org/security/ for details:
MSA-12-0055: Web service access token issue
MSA-12-0054: Course reset permission issue
MSA-12-0053: Blog file access issue
MSA-12-0052: Course topics permission iss
Package: bacula
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-4430:
https://secunia.com/advisories/50535/
Upstream fix:
http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905
Cheers,
Moritz
--
To UNSU
This issue is also being tracked on Sprezzabugs,
the SprezzOS bug tracker:
https://www.sprezzatech.com/bugs/show_bug.cgi?id=358
--
nick black -- http://www.sprezzatech.com -- unix/hpc consulting
"if you want to make an apple pie from scratch,
you must first invent a universe."
--
To UNSUBS
A diff (ignoring whitespace) of the builtin-path_id.c in Debian's 175 and the
upstream 182 is attached. The following looks possibly relevant:
@@ -322,19 +317,6 @@
goto out;
}
-/*
- * We do not support the ATA transport class, it creates
duplicated link
-
I think this commit is somehow related to that problem:
commit 14216561e164671ce147458653b1fea06a4ada1e
Author: James Bottomley
Date: Wed Jul 25 23:55:55 2012 +0400
[SCSI] Fix 'Device not ready' issue on mpt2sas
This is a particularly nasty SCSI ATA Translation Layer (SATL) problem.
Hi,
I asked one Debian maintainer to adopt this kanjipad package and
she is interested in that.
If we'll do this, is it ok to just change Maintainer field to new one?
--
Hideki Yamane
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Tro
OK, yeah, the issue is that while the P-record for /sys/block/* entries has
sufficient information to discriminate between devices, it's not all making
its way into the ID_PATH variable off which the /dev/disks/by-path entry
is constructed.
I've got two devices in my virtual machine:
P: /devices/
On Fri, Sep 14, 2012 at 01:43:31PM +0200, Andreas Beckmann wrote:
> Control: found 681194 debhelper/9.20120830
> Countrol: found 680291 xml2rfc/1.36-4
>
> Hi Helmut,
>
> we missed one case:
>
> If the package contained neither conffiles nor a postrm script (example:
> xml2rfc in squeeze/non-free
Hi Gregor,
I took a bit longer to respond, but I have not forgotten about this
issue.
On Fri, Aug 31, 2012 at 05:44:07PM +0200, gregor herrmann wrote:
> On Wed, 29 Aug 2012 22:17:13 +0200, Helmut Grohne wrote:
>
> > > Helmut, I took the liberty to put you in CC as you probably have some
> > > hi
Your message dated Mon, 17 Sep 2012 07:17:51 +
with message-id
and subject line Bug#682517: fixed in ocfs2-tools 1.6.4-1+deb7u1
has caused the Debian Bug report #682517,
regarding ocfs2console: DeprecationWarning at start prevent usage
to be marked as done.
This means that you claim that the
More info on this:
I've tracked it back to at least ID_PATH/ID_PATH_TAG using udevadm. By
the time those
two variables are assigned, different devices are already colliding.
I think I'll be able to work out the problem just tracking down source
with this info.
--
nick black -- http://www.sprezz
90 matches
Mail list logo
