Package: ruby-activerecord-3.2
Severity: grave
Tags: security
Justification: user security hole
Please see http://www.openwall.com/lists/oss-security/2013/01/08/13
"rails" from stable should not be affected, but please double-check.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bu
Your message dated Wed, 09 Jan 2013 06:48:03 +
with message-id
and subject line Bug#694483: fixed in libav 6:9.1-1
has caused the Debian Bug report #694483,
regarding CVEs: CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361
to be marked as done.
This means that you claim that the problem
Processing control commands:
> fixed -1 uim-mozc/1.6.1187.102-1~exp2
Bug #688233 {Done: HIGUCHI Daisuke (VDR dai) } [uim-utils]
/usr/bin/uim-module-manager: modifies conffiles (policy 10.7.3):
/etc/uim/installed-modules.scm, /etc/uim/loader.scm
The source uim-mozc and version 1.6.1187.102-1~exp2
Control: fixed -1 uim-mozc/1.6.1187.102-1~exp2
--
Regards,
dai
GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E
signature.asc
Description: Digital signature
Package: ftp.debian.org
Severity: serious
Hello,
This package wasn't meant to be uploaded to Debian.
It was my mistake and I would like to be removed since it doesn't meet
the basic packaging standards (Description not in english, missing ITP,
etc).
It lays in NEW yet, so this should be removed a
Hi,
I'm working in backporting a fix for this issue to this version of
Jenkins. It doesn't too hard to do it but I had not tested properly
the patch I got.
If everything goes well I'll attach a debdiff to this bug report very soon.
Cheers,
--
Miguel Landaeta, miguel at miguel.cc
secure email w
Will renaming the package mean renaming the actual library as well for
Lintian to be happy?
The ecere-dev package also provides /usr/lib/i386-linux-gnu/libec.so
On Tue, Jan 8, 2013 at 6:44 PM, Dmitrijs Ledkovs wrote:
> On 8 January 2013 19:11, Ansgar Burchardt wrote:
> > Control: severity -1
Your message dated Tue, 08 Jan 2013 23:47:53 +
with message-id
and subject line Bug#676485: fixed in glib2.0 2.33.12+really2.32.4-4
has caused the Debian Bug report #676485,
regarding squeeze->wheezy dist-upgrade Could not perform immediate
configuration on 'default-jre'
to be marked as done.
Your message dated Tue, 08 Jan 2013 23:47:53 +
with message-id
and subject line Bug#696389: fixed in glib2.0 2.33.12+really2.32.4-4
has caused the Debian Bug report #696389,
regarding libglib2.0-0: harmful postrm actions for M-A: same package: rm -f
/usr/lib/.../modules/giomodule.cache
/usr/
On 8 January 2013 19:11, Ansgar Burchardt wrote:
> Control: severity -1 serious
>
> Dmitrijs Ledkovs writes:
>> ecere-sdk and eclib packages both have binary package libec0.
>
> Two packages building the same binary is certainly a RC bug.
>
>> Both are "Library for modular symbols and elliptic cu
Your message dated Tue, 08 Jan 2013 23:02:04 +
with message-id
and subject line Bug#696483: fixed in zendframework 1.10.6-1squeeze2
has caused the Debian Bug report #696483,
regarding zendframework: CVE-2012-5657
to be marked as done.
This means that you claim that the problem has been dealt
Your message dated Tue, 08 Jan 2013 23:02:04 +
with message-id
and subject line Bug#627121: fixed in gzip 1.3.12-9+squeeze1
has caused the Debian Bug report #627121,
regarding file-roller gives a data-crc error on a good tarball
to be marked as done.
This means that you claim that the problem
Your message dated Tue, 08 Jan 2013 23:02:04 +
with message-id
and subject line Bug#627121: fixed in gzip 1.3.12-9+squeeze1
has caused the Debian Bug report #627121,
regarding gzip - Overlapping memory areas in memcpy
to be marked as done.
This means that you claim that the problem has been d
On 07.01.2013 10:39, Fabian Greffrath wrote:
> ii libglib2.0-0 2.34.3-1
Since you are using glib2.0 from experimental, which version of gtk+3.0
are you using?
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signat
Your message dated Tue, 08 Jan 2013 22:02:03 +
with message-id
and subject line Bug#694052: fixed in magpierss 0.72-8+squeeze2
has caused the Debian Bug report #694052,
regarding libphp-magpierss, magpierss: fails to upgrade from 'lenny' - trying
to overwrite /usr/share/php/magpierss/scripts/
Processing commands for cont...@bugs.debian.org:
> tags 697677 + sid
Bug #697677 {Done: Chris Lamb } [mtpfs] mtpfs: Missing
fuse-utils dependency
Added tag(s) sid.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
697677: http://bugs.debian.org/cgi-bin/bugreport.cg
Processing control commands:
> tags 694052 pending
Bug #694052 [libphp-magpierss,magpierss] libphp-magpierss, magpierss: fails to
upgrade from 'lenny' - trying to overwrite
/usr/share/php/magpierss/scripts/simple_smarty.php
Ignoring request to alter tags of bug #694052 to the same tags previousl
08.01.2013 23:41, Salvatore Bonaccorso kirjoitti:
> Hi Timo
>
> On Tue, Jan 08, 2013 at 05:42:19PM +0200, Timo Aaltonen wrote:
>> On 08.01.2013 10:32, Salvatore Bonaccorso wrote:
>>> Hi Timo
>>>
>>> On Tue, Jan 08, 2013 at 09:54:12AM +0200, Timo Aaltonen wrote:
On 07.01.2013 22:52, Salvatore
Control: tags 694052 pending
On 2013-01-08 17:09, Marcelo Jorge Vieira wrote:
> Hi Niels,
>
> On Sun, 2013-01-06 at 23:15 +0100, Niels Thykier wrote:
>> Looks good; please let us know when you have uploaded it.
>
> Uploaded!
>
>
> Cheers,
>
Flagged for acceptance, thanks.
~Niels
--
To UN
Processing control commands:
> tags 694052 pending
Bug #694052 [libphp-magpierss,magpierss] libphp-magpierss, magpierss: fails to
upgrade from 'lenny' - trying to overwrite
/usr/share/php/magpierss/scripts/simple_smarty.php
Added tag(s) pending.
--
694052: http://bugs.debian.org/cgi-bin/bugrep
Processing commands for cont...@bugs.debian.org:
> notfound 697499 php-horde-mail/2.0.3-1
Bug #697499 {Done: Mathieu Parent } [php-horde-mail] FTBFS:
pkg-php-tools (>= 1) not available in unstable
No longer marked as found in versions php-horde-mail/2.0.3-1.
> notfound 697498 php-horde-test/2.1.0
Hi Timo
On Tue, Jan 08, 2013 at 05:42:19PM +0200, Timo Aaltonen wrote:
> On 08.01.2013 10:32, Salvatore Bonaccorso wrote:
> >Hi Timo
> >
> >On Tue, Jan 08, 2013 at 09:54:12AM +0200, Timo Aaltonen wrote:
> >>On 07.01.2013 22:52, Salvatore Bonaccorso wrote:
> >>>Hi
> >>>
> >>>@Timo: Not to put any p
Package: rails
Version: 2:2.3.14.2
Severity: grave
Tags: security
http://www.openwall.com/lists/oss-security/2013/01/08/14
https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
"""
Multiple vulnerabilities in parameter parsing in Action Pack
There are multiple weak
Processing control commands:
> reopen -1
Bug #697221 {Done: Evgeni Golov } [motion] motion: No longer
has support for mysql
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked a
Control: reopen -1
On Sat, Jan 5, 2013 at 19:37:25 +0100, Evgeni Golov wrote:
> tags 697221 + pending
> thanks
>
> Dear maintainer,
>
> I've prepared an NMU for motion (versioned as 3.2.12-3.3) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Rega
Source: python-django-registration
Version: 0.8-1
Severity: serious
Justification: fails to build from source
If python3-sphinx is installed, but python-sphinx is not,
python-django-registration FTBFS:
| cd docs && /usr/bin/make html
| make[2]: Entering directory
`/build/python-django-registra
Processing control commands:
> severity 697586 serious
Bug #697586 [libpango1.0-0] libpango1.0-0: Segfaults and takes Evolution with it
Severity set to 'serious' from 'important'
--
697586: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697586
Debian Bug Tracking System
Contact ow...@bugs.debi
Package: libxcrypt
Version: 1:2.4-1.1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the
past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu raring ubuntu-patch
Dear Maintainer,
This patch fixes an Ubuntu ftbfs for libxcrypt.
Due t
For whatever reason, "Library for modular symbols and elliptic curves over
Q" was not in experimental, but it is in unstable.
And Ecere's libec0 is in experimental.
Will Ecere have to rename libec?
Regards,
-Jerome
On Tue, Jan 8, 2013 at 2:11 PM, Ansgar Burchardt wrote:
> Control: severity -
Processing control commands:
> severity -1 serious
Bug #697697 [ecere-sdk, eclib] ecere-sdk: binary package conflict with eclib
Severity set to 'serious' from 'important'
--
697697: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697697
Debian Bug Tracking System
Contact ow...@bugs.debian.org w
Quoting Noel David Torres Taño (env...@rolamasao.org):
> I'll be happy to provide an updated package with the latest translations and
> pointed to non-free (altough I'm not yet convinced the data are not free) but
> I'll need a sponsor.
/me raises hand.
signature.asc
Description: Digital si
On Tue, Jan 08, 2013 at 07:52:25AM +, Dominic Hargreaves wrote:
> Package: movabletype-opensource
> Version: 4.3.8+dfsg-0+squeeze2
> Severity: grave
> Justification: remote command execution
> Tags: security patch
>
> - Forwarded message from Takeshi Nick Osanai -
>
> Date: Tue, 8 Ja
Processing commands for cont...@bugs.debian.org:
> #movabletype-opensource (4.3.8+dfsg-0+squeeze3) UNRELEASED; urgency=low
> #
> # * Include patch fixing remote execution and SQL injection
> #vulnerability in mt-upgrade.cgi (closes: #697666)
> #
> limit source movabletype-opensource
Limiting
On Tue, Jan 08, 2013 at 02:45:59AM +0200, Tzafrir Cohen wrote:
> Hi,
>
> On Wed, Jan 02, 2013 at 10:56:43PM +0100, Salvatore Bonaccorso wrote:
> > Package: asterisk
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SH
On Sábado, 29 de diciembre de 2012 18:28:20 Christian PERRIER wrote:
> retitle 681654 kstars-data-extra-tycho2: should be moved to non-free
> thanks
>
> After reading this bug log, I'm convinced that the only remaining
> issue is the failure to comply with DFSG #6.
>
> As a consequence, the solut
Package: ustr
Version: 1.0.4-3
Severity: serious
Tags: sid wheezy patch
the configury is broken with glibc headers moved to the multiarch location,
resulting in a wrong value for HAVE_STDINT. I didn't check for other brokenness.
A patch is included in
http://launchpadlibrarian.net/127920247/ustr_1
Your message dated Tue, 08 Jan 2013 16:17:43 +
with message-id
and subject line Bug#679966: fixed in ksh 93u+20120801-1
has caused the Debian Bug report #679966,
regarding ksh: cd builtin is broken in various ways
to be marked as done.
This means that you claim that the problem has been dealt
Your message dated Tue, 08 Jan 2013 16:17:43 +
with message-id
and subject line Bug#679966: fixed in ksh 93u+20120801-1
has caused the Debian Bug report #679966,
regarding ksh: cd builtin is broken in various ways
to be marked as done.
This means that you claim that the problem has been dealt
Hi Niels,
On Sun, 2013-01-06 at 23:15 +0100, Niels Thykier wrote:
> Looks good; please let us know when you have uploaded it.
Uploaded!
Cheers,
--
Marcelo Jorge Vieira
xmpp:me...@jabber-br.org
http://metaldot.alucinados.com
signature.asc
Description: This is a digitally signed message part
On 08.01.2013 10:32, Salvatore Bonaccorso wrote:
Hi Timo
On Tue, Jan 08, 2013 at 09:54:12AM +0200, Timo Aaltonen wrote:
On 07.01.2013 22:52, Salvatore Bonaccorso wrote:
Hi
@Timo: Not to put any pressure or so. In case you are short of time I
can prepare a NMU for this and upload.
That would
Your message dated Tue, 08 Jan 2013 15:17:34 +
with message-id
and subject line Bug#697677: fixed in mtpfs 1.1-3
has caused the Debian Bug report #697677,
regarding mtpfs: Missing fuse-utils dependency
to be marked as done.
This means that you claim that the problem has been dealt with.
If th
Hi Chris,
I'm writing you on the behalf of the Debian Med team which has included
the EMBOSS suite into official Debian distribution. The EMBOSS suite
does contain some files of the OBO Relation Ontology. I failed to find
any licensing or contact information at
http://obofoundry.org/ro/
but
Hello Victoria,
I'm writing you on the behalf of the Debian Med team which has included
the EMBOSS suite into official Debian distribution. The EMBOSS suite
does contain some files of the Pathway ontology and the site
http://www.obofoundry.org/cgi-bin/detail.cgi?id=pathway
lists you as conta
Your message dated Tue, 08 Jan 2013 12:17:36 +
with message-id
and subject line Bug#679799: fixed in rbbr 0.6.0-6
has caused the Debian Bug report #679799,
regarding rbbr: calls ruby1.9.1 but depends on ruby1.8
to be marked as done.
This means that you claim that the problem has been dealt wi
Your message dated Tue, 08 Jan 2013 12:17:36 +
with message-id
and subject line Bug#681217: fixed in rbbr 0.6.0-6
has caused the Debian Bug report #681217,
regarding rbbr: does not start
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the c
Quoting Julien Cristau (2013-01-07 23:54:36)
> On Mon, Jan 7, 2013 at 20:23:26 +0100, Jonas Smedegaard wrote:
>
> > Sorry if I was unclear earlier: I am talking about postinst too:
> > postinst calls a2ensite calls perl loads modules.
> >
> > Since those modules are not yet configured, postinst
On Tue, Jan 08, 2013 at 09:04:30AM +0100, Ivo De Decker wrote:
> > On i386, I tried the build several times with pbuilder, and it succeeds
> > every
> > time. This was on an amd64 kernel. Both buildd failures were on biber. Maybe
> > it should be tried on another buildd?
>
> A wew try on biber fa
Package: mtpfs
Severity: grave
Justification: renders package unusable
Dear Maintainer,
The current version of mtpfs depends on fuse-utils which is not exist in the
current sid repository.
The `fusermount` binary in sid now resides in `fuse` package.
-- System Information:
Debian Release: 7.0
On Sun, Dec 30, 2012 at 12:14:51PM +0100, intrigeri wrote:
> Helmut, Jayes: can you please confirm that this bug is fixed in mpd
> 0.17.1-1, that's currently available in Debian unstable?
I cannot reproduce the issue on Debian sid/amd64 running mpd 0.17.1-1.
Thanks for sorting this out.
Helmut
Hi Timo
On Tue, Jan 08, 2013 at 09:54:12AM +0200, Timo Aaltonen wrote:
> On 07.01.2013 22:52, Salvatore Bonaccorso wrote:
> >Hi
> >
> >@Timo: Not to put any pressure or so. In case you are short of time I
> >can prepare a NMU for this and upload.
>
> That would be fine, or I can push the change t
On 08.01.2013 09:23, Michael Biebl wrote:
> A test dist-upgrade (squeeze → wheezy) of a KDE desktop fails as
> kde-style-oxygen tries to overwrite
> /usr/lib/kde4/kstyle_oxygen_config.so, which is shipped in
> kdebase-runtime in squeeze.
>
See http://packages.debian.org/squeeze/amd64/kdebase-run
Package: kde-style-oxygen
Version: 4:4.8.4-5
Severity: serious
A test dist-upgrade (squeeze → wheezy) of a KDE desktop fails as
kde-style-oxygen tries to overwrite
/usr/lib/kde4/kstyle_oxygen_config.so, which is shipped in
kdebase-runtime in squeeze.
Either the existing Breaks/Replaces against
Your message dated Tue, 8 Jan 2013 09:04:30 +0100
with message-id <20130108080428.ga26...@ugent.be>
and subject line Re: Shouldn't builds just be reattempted for python-2.6?
has caused the Debian Bug report #695770,
regarding python2.6 2.6.8-1: FTBFS on i386 mips sparc
to be marked as done.
This m
53 matches
Mail list logo
