Source: zoneminder
Severity: grave
Tags: security
Justification: user security hole
Hi
The following arbitrary command execution vulnerability was disclosed
for zoneminder:
http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/
Regards,
Sa
Processing commands for cont...@bugs.debian.org:
> notforwarded 368297
Bug #368297 [libldap-2.4-2] sudo-ldap failes when you change uri to ldaps
Bug #545414 [libldap-2.4-2] sudo-ldap: sudo fails with "sudo:
setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
Bug #566351 [libldap
Processing commands for cont...@bugs.debian.org:
> reassign 368297 libldap-2.4-2 2.4.31-1
Bug #368297 [libldap-2.4] sudo-ldap failes when you change uri to ldaps
Bug #545414 [libldap-2.4] sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID,
user_uid): Operation not permitted" for ldap users
Bug #
Hi!
I have been digging on this issue and I found the ultimate cause of this
problem.
When sudo/su/passwd/ on
a system configured with PAM/LDAPs it chains into libldap, which uses
GnuTLS/libgcrypt to manage the TLS channel.
The problem is that when OpenLDAP calls gnutls_global_init(), this
f
close 698822 2:1.4.1-2~bpo60+1
thanks
#698822 ("Enigmail is incompatible with Icedove 10.0.12"
(10.0.12-1~bpo60+1) - at least after upgrading") appears to be a bug
report about version conflicts within backports.debian.org.
I've uploaded 2:1.4.1-2~bpo60+1 to backports.debian.org, and verified
t
Processing commands for cont...@bugs.debian.org:
> close 698822 2:1.4.1-2~bpo60+1
Bug #698822 [enigmail] [enigmail] "Enigmail is incompatible with Icedove
10.0.12" (10.0.12-1~bpo60+1) - at least after upgrading
There is no source info for the package 'enigmail' at version
'2:1.4.1-2~bpo60+1' wit
Hi Dominique,
2012/8/16, Andrey Gursky :
> There is a new upstream version:
> http://www.kitware.com/news/home/browse/VTK?2012_05_16&VTK+5.10+Now+Available
>
> Citation: ...In addition to new and updated classes, support for new
> compilers, such as Visual Studio 2011 and Clang, was added, along w
Processing commands for cont...@bugs.debian.org:
> reassign 368297 libldap-2.4 2.4.31-1
Bug #368297 [libgcrypt11] sudo-ldap failes when you change uri to ldaps
Bug #545414 [libgcrypt11] sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID,
user_uid): Operation not permitted" for ldap users
Bug #56
reassign 368297 libldap-2.4 2.4.31-1
thanks
Hi!
I have been digging on this issue and I found the ultimate cause of this
problem.
When sudo/su/passwd/ on
a system configured with PAM/LDAPs it chains into libldap, which uses
GnuTLS/libgcrypt to manage the TLS channel.
The problem is that when
* Jakub Wilk , 2013-01-24, 23:48:
from gi.repository import Gtk
import _gtk
The last line should read:
from import _gtk
Third time lucky:
from gtk import _gtk
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
On Thu, 24 Jan 2013 15:12:38 +0200 jari wrote:
> Hi Neil,
>
> Would you have any ideas for the *.ps file?
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698846
>
I'm sorry, but I don't understand the question. Maybe you could use more
words?
NeilBrown
signature.asc
Description: PGP sig
Processing control commands:
> tags -1 + patch
Bug #698737 [src:owncloud] owncloud: Multiple XSS vulnerabilities
(oC-SA-2013-001)
Added tag(s) patch.
--
698737: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698737
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To
* Samuel Bronson , 2013-01-04, 16:20:
from gi.repository import Gtk
import _gtk
The last line should read:
from import _gtk
This bug should be reassigned somewhere else, but I haven't decided
where yet. Anyway, here are some ideas how to fix (or "fix") it:
1) Make pydoc more robust. It cou
Your message dated Thu, 24 Jan 2013 22:03:00 +
with message-id
and subject line Bug#663009: fixed in sysvinit 2.88dsf-38
has caused the Debian Bug report #663009,
regarding sysvinit: (chroot) .init: timeout opening/writing control channel
/run/initctl
to be marked as done.
This means that yo
> > > grappa:~# debsums --changed
> > > /usr/share/doc/libtiff-tools/README
> > > /usr/share/doc/libtiff-tools/TODO
> > > /usr/share/doc/libtiff-tools/changelog.Debian.gz
> > > /usr/share/doc/libtiff-tools/changelog.gz
> >
> > This one seems clearish, a previous version of libtiff-tools used to
>
Processing commands for cont...@bugs.debian.org:
> # upgrade problem
> severity 691180 serious
Bug #691180 [connman] connman: Connman won't run due to missing libxtables.so.7
Severity set to 'serious' from 'grave'
>
End of message, stopping processing here.
Please contact me if you need assistanc
Processing commands for cont...@bugs.debian.org:
> forwarded 697974 https://issues.apache.org/jira/browse/AXIS2C-1619
Bug #697974 [axis2c] axis2c: CVE-2012-6107: Does not verify that the server
hostname matches a domain name in the subject's CN or subjectAltName field of
the x.509 certificate
Se
Processing control commands:
> reopen -1
Bug #698827 {Done: Abou Al Montacir } [src:lazarus]
src:lazarus: builds binaries not listed in d/control
Bug #698828 {Done: Abou Al Montacir } [src:lazarus]
src:lazarus: regenerates debian/control during build
'reopen' may be inappropriate when a bug has
Control: reopen -1
On Thu, 2013-01-24 at 22:05 +0100, Abou Al Montacir wrote:
> Sorry bu I did not understand why this is a serious issue, can you please
> clarify this?
> > but additional binaries were included in the upload:
> control file is indeed modified upon build, based on control.in entr
Processing control commands:
> reopen -1
Bug #698827 [src:lazarus] src:lazarus: builds binaries not listed in d/control
Bug #698828 [src:lazarus] src:lazarus: regenerates debian/control during build
Bug 698827 is not marked as done; doing nothing.
--
698827: http://bugs.debian.org/cgi-bin/bugrep
Control: reopen -1
Control: notfixed -1 0.9.30.4-4
Abou Al Montacir writes:
> fixed 698827 0.9.30.4-4
That's wrong. The merged bug is *not* fixed in that version.
> On Thu, 2013-01-24 at 08:55 +0100, Ansgar Burchardt wrote:
>> Severity: serious
>> Justification: 1
>
> Sorry bu I did not understa
Adam D. Barratt wrote:
> On 24.01.2013 09:22, Jonathan Nieder wrote:
>> Fixing this properly would presumably require an iptables update in
>> testing (either bumping shlibs or, better, backporting the
>> introduction of a separate libxtables9 package from sid) followed by a
>> binnmu.
>
> Introdu
On Thu, 2013-01-24 at 15:05 -0500, Theodore Ts'o wrote:
> I'd be eager and delighted to fix this bug as a part of pushing out
> e2fsprogs 1.42.7, but I'd like to get a ruling from the release team
> that this is something they would support. Whether the justification
> is this particular symlink b
Your message dated Thu, 24 Jan 2013 22:05:40 +0100
with message-id <1359061540.22057.7.ca...@no.domain.at.all>
and subject line Re: Bug#698827: src:lazarus: builds binaries not listed in
d/control
has caused the Debian Bug report #698827,
regarding src:lazarus: regenerates debian/control during bu
Your message dated Thu, 24 Jan 2013 22:05:40 +0100
with message-id <1359061540.22057.7.ca...@no.domain.at.all>
and subject line Re: Bug#698827: src:lazarus: builds binaries not listed in
d/control
has caused the Debian Bug report #698827,
regarding src:lazarus: builds binaries not listed in d/cont
Processing commands for cont...@bugs.debian.org:
> fixed 698827 0.9.30.4-4
Bug #698827 [src:lazarus] src:lazarus: builds binaries not listed in d/control
Bug #698828 [src:lazarus] src:lazarus: regenerates debian/control during build
Marked as fixed in versions lazarus/0.9.30.4-4.
Marked as fixed i
fixed 698827 0.9.30.4-4
thanks
On Thu, 2013-01-24 at 08:55 +0100, Ansgar Burchardt wrote:
> Package: src:lazarus
> Version: 0.9.30.4-1.1
This was already fixed in 0.9.30.4-4 which is in sid since few days
> Severity: serious
> Justification: 1
Sorry bu I did not understand why this is a seriou
Processing commands for cont...@bugs.debian.org:
> merge 698828 698827
Bug #698828 [src:lazarus] src:lazarus: regenerates debian/control during build
Bug #698828 [src:lazarus] src:lazarus: regenerates debian/control during build
Marked as found in versions lazarus/0.9.30.4-1.1.
Bug #698827 [src:la
On Thu, Jan 24, 2013 at 08:41:38PM +0100, Guillem Jover wrote:
> [ Sven, thanks for the investigation on e2fsck-static! ]
>
> Please see the bug log for further details and logs, it's a split of a
> conglomerate bug, but the gist of it (should) be quoted below.
>
> I've still set the severity to
Processing commands for cont...@bugs.debian.org:
> tag 689016 unreproducible moreinfo
Bug #689016 [nagios-nrpe-server] nagios-nrpe-server:
/etc/init.d/nagios-nrpe-server stop, does not stops the daemon
Added tag(s) unreproducible and moreinfo.
> thanks
Stopping processing here.
Please contact me
tag 689016 unreproducible moreinfo
thanks
On Fri, 28 Sep 2012, wforumw wrote:
> Package: nagios-nrpe-server
> Version: 2.13-1
> Severity: normal
>
> /etc/init.d/nagios-nrpe-server stop - does not stop the daemon.
> You need to kill it manually and then start the daemon again.
> I have several se
Processing commands for cont...@bugs.debian.org:
> severity 696844 important
Bug #696844 [src:pmw] pmw: FTBFS due to pointer, integer and sign bit confusion
(argh!)
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
696844:
Processing control commands:
> severity -1 serious
Bug #698745 [dpkg] dpkg breaks other packages during installation of a package
Severity set to 'serious' from 'grave'
> clone -1 -2
Bug #698745 [dpkg] dpkg breaks other packages during installation of a package
Bug 698745 cloned as bug 698879
> re
Control: severity -1 serious
Control: clone -1 -2
Control: reassign -1 src:tiff
Control: retitle -1 tiff: Incorrect /usr/share/doc symlink to doc transition
Control: found -1 3.8.2-7
Control: reassign -2 src:e2fsprogs
Control: retitle -2 e2fsprogs: Unhandled /usr/share/doc symlink to doc
transitio
On Wed, 2013-01-23 at 20:45:36 +0100, Sven Joachim wrote:
> On 2013-01-23 19:58 +0100, Christian PERRIER wrote:
> > Quoting Guillem Jover (guil...@debian.org):
> >> I'll check this further and most probably reassign to the other
> >> packages.
> >
> > And probably lower the bug severity, as IMHO, "
On 24.01.2013 20:30, Moritz Muehlenhoff wrote:
Package: sssd
Severity: grave
Tags: security
Hi,
multiple security issues have been discovered in sssd. Please see the Red Hat
bugzilla entries for details and patches:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0219
https://bugzilla.redh
Package: sssd
Severity: grave
Tags: security
Hi,
multiple security issues have been discovered in sssd. Please see the Red Hat
bugzilla entries for details and patches:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0219
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0220
Cheers,
Processing commands for cont...@bugs.debian.org:
> severity 689016 serious
Bug #689016 [nagios-nrpe-server] nagios-nrpe-server:
/etc/init.d/nagios-nrpe-server stop, does not stops the daemon
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.
Please contact me if you need
Note the note at the top of the web page - OBO_REL is deprecated.
The new relation ontology is here:
http://code.google.com/p/obo-relations/
• Code license
• New BSD License
•
• Content license
• Creative Commons 3.0 BY
If you need to distribute the legacy one by all means do it, it should be CC
Hi,
2013/1/24 Andreas Tille :
> I'm sorry to say that I became immediately uninterested when I noticed
> that the package became a candidate for removal from Wheezy. I'm not
> using the package and I just wanted to help speeding up the release.
> So I will definitely not take over.
>
> Sorry for
Hi Romain,
I'm sorry to say that I became immediately uninterested when I noticed
that the package became a candidate for removal from Wheezy. I'm not
using the package and I just wanted to help speeding up the release.
So I will definitely not take over.
Sorry for not beeing really helpful
2013/1/24 Andreas Tille :
> Hi,
Hi Andreas,
> I wonder whether it would help if I would just dh_python2-ify (switching
> from cdbs to dh) to solve this problem. I do not feel prepared to fix the
> issue in cdbs but I did some dh based Python packages - so feel free to
> ping me if this is accept
Processing commands for cont...@bugs.debian.org:
> reassign 698740 gnome-panel 3.4.2.1-3
Bug #698740 [gnome-applets] gnome-applets: Force-Quit applet freezes/crashes,
refuses to recognize mouse clicks or escape key
Bug reassigned from package 'gnome-applets' to 'gnome-panel'.
No longer marked as
Hello,
It's interesting to note that the package is building fine in Ubuntu on
i386.
Cheers
Laurent Bigonville
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Another status update: Just pinged all those authors that did not yet
responded since the last status update
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694908#97
Kind regards
Andreas.
--
http://fam-tille.de
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
Package: sponsorship-requests
Severity: important
Control: tags 698635 + patch pending
Dear mentors,
I am looking for a sponsor for my NMU of package "gosa". The upload
would fix RC bug #698635.
Package name: gosa
Version : 2.7.4-4.1
Section : web
It builds those binary p
Processing control commands:
> tags 698635 + patch pending
Bug #698635 [gosa] gosa: package configuration calls a2enmod even if apache is
not installed
Ignoring request to alter tags of bug #698635 to the same tags previously set
--
698635: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=69863
Processing control commands:
> tags 698635 + patch pending
Bug #698635 [gosa] gosa: package configuration calls a2enmod even if apache is
not installed
Added tag(s) pending and patch.
--
698635: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698635
698853: http://bugs.debian.org/cgi-bin/bugre
Hello Karen,
I hope you are fine and got my last mail. In case you might need some
time for negotiating these licensing issues it would be really great to
give us some confirmation that you are working on this. Any response
from your side (or somebody else in charge for Sequence Ontology) will
b
Hello Victoria,
I hope you are fine and got my last mail. In case you might need some
time for negotiating these licensing issues it would be really great to
give us some confirmation that you are working on this. Any response
from your side (or somebody else in charge for Pathway ontology) will
Hi Chris,
I hope you are fine and got my last mail. In case you might need some
time for negotiating these licensing issues it would be really great to
give us some confirmation that you are working on this. Any response
from your side (or somebody else in charge for OBO Relation Ontology)
will
Hello Michelle,
I hope you are fine and got my last mail. In case you might need some
time for negotiating these licensing issues it would be really great to
give us some confirmation that you are working on this. Any response
from your side (or somebody else in charge for Evidence codes) will b
Hi,
I wonder whether it would help if I would just dh_python2-ify (switching
from cdbs to dh) to solve this problem. I do not feel prepared to fix the
issue in cdbs but I did some dh based Python packages - so feel free to
ping me if this is accepted.
On the other hand popcon seems to show
h
The suggested solution of using libnss-ldap/libpam-ldapd is not a solution
for this problem, since libnss-ldap/libpam-ldapd does not provide nested
groups.
Regards,
Martijn van Brummelen
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble?
Unfortunately I find that even with the patch, the VirtualBox modules will not
compile when built with upstream Linux 3.6.11 and 3.7.4 from the linux-stable
Git tree. They build fine against upstream 3.5.7.
...
kmk[3]: Entering directory `/home/cknadle/src/LinuxDev/linux-3.6.11'
LD /hom
Your message dated Thu, 24 Jan 2013 13:32:28 +
with message-id
and subject line Bug#698129: fixed in unionfs-fuse 0.24-2.2
has caused the Debian Bug report #698129,
regarding unionfs-fuse: Depends on fuse-utils; uninstallable in sid
to be marked as done.
This means that you claim that the pro
Processing commands for cont...@bugs.debian.org:
> forwarded 698846 Neil Brown
Bug #698846 [src:wiggle] non-DFSG document in source tarball
Set Bug forwarded-to-address to 'Neil Brown '.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
698846: http://bugs.debian.o
Hi Neil,
Would you have any ideas for the *.ps file?
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698846
Thanks,
Jari
- Forwarded message from Robert Ransom -
| Date: Thu, 24 Jan 2013 04:51:37 -0800
| Subject: Bug#698846: non-DFSG document in source tarball
|
| Source: wiggle
| Ve
Source: wiggle
Version: 0.8-2
Severity: serious
DOC/diff.ps in wiggle_0.8.orig.tar.gz (also present as a Git blob in
the .git/ directory) is not provided in its preferred form for
modification, and is also not clearly redistributable.
DOC/diff.ps is also present in wiggle_0.6.orig.tar.gz .
--
On 1/24/13, intrig...@debian.org wrote:
> I see that Felix Geyer added this information to the COPYING file in
> upstream 2.x rewrite Git repository [2], so if the icon files are the
> same as in the 0.4 series, then the fix should be pretty easy.
None of the icon files present in the 0.4.3 tarb
On 24/01/2013 10:42, Thorsten Glaser wrote:
> rake aborted!
> Please install the pgsql adapter: `gem install activerecord-pgsql-adapter`
> (cannot load such file -- active_record/connection_adapters/pgsql_adapter)
Cloning and reopening.
The bug fixed at #695774 was also serious enough to be fixe
Processing commands for cont...@bugs.debian.org:
> clone 695774 -1
Bug #695774 {Done: Jérémy Lal } [redmine] redmine: fails to
upgrade, says something about a pgsql_adapter
Bug 695774 cloned as bug 698837
> reopen -1
Bug #698837 {Done: Jérémy Lal } [redmine] redmine: fails to
upgrade, says somet
On 24.01.2013 09:22, Jonathan Nieder wrote:
John Paul Adrian Glaubitz wrote:
close 691180
thanks
Hi,
there have been new uploads of connman both into testing and
unstable,
the issue has been resolved as the package has been rebuilt in both
cases.
[...]
In wheezy, there is instead an unver
Hi Antoine,
Antoine Beaupré wrote (18 Dec 2012 05:36:43 GMT) :
> So I guess this may be moved to the gstreamer backend package, [...]
Can you please try to reproduce the minitube side of the bug (#696210)
after upgrading the binary packages built from gst-plugins-bad0 to the
version in sid, that
Hi.
On Mon, Jan 21, 2013 at 09:47:52PM +0100, Ondřej Surý wrote:
> Hi,
>
> I have pulled Stephan's patch and the one from referenced bug. Could
> you please confirm that this fixes the issue (5.4.4-12),
Thanks alot.
I've just tested with 5.4.4-12 from unstable, and it seems to fix the issue : I
Hi.
Ondřej Surý writes:
> There's a slight problem and that is I can't reproduce the problem
> with 5.4.4-11 in amd64 wheezy chroot neither with mediawiki package
> nor the vanilla mediawiki 1.20.2, so I cannot confirm if the 5.4.4-12
> fixed the error or not.
>
> Could one of the affected peopl
Hello Andreas, hello everybody,
On Wed, 23 Jan 2013 08:55:54 +0100, Andreas Tille wrote:
> [..]
before continuing, please check #698341.
There have been developments, and I asked for comments about two possible
uploads. I'm waiting for comments by the RT on what to do.
Kindly,
David
--
. ''`
On Tue, 22 Jan 2013, Debian Bug Tracking System wrote:
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Jérémy Lal
> by
> replying to this email.
Hm.
I set debconf priority to low, added sid to sources.list
and upgraded
Package: keepassx
Version: 0.4.3-2
Severity: serious
X-Debbugs-Cc: tails-...@boum.org
Hi,
Robert Ransom discovered [1] that some icons shipped with keepassx are
missing license and copyright information. Quoting him:
"The icons in share/keepassx/icons/ appear to be from the Oxygen
theme, and
Processing commands for cont...@bugs.debian.org:
> tags 691180 - sid experimental
Bug #691180 [connman] connman: Connman won't run due to missing libxtables.so.7
Removed tag(s) sid and experimental.
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
691180:
Processing commands for cont...@bugs.debian.org:
> found 691180 connman/1.0-1.1+wheezy1
Bug #691180 {Done: John Paul Adrian Glaubitz }
[connman] connman: Connman won't run due to missing libxtables.so.7
Marked as found in versions connman/1.0-1.1+wheezy1 and reopened.
> fixed 691180 connman/1.0-1
found 691180 connman/1.0-1.1+wheezy1
fixed 691180 connman/1.0-1.2
quit
Hi Adrian,
John Paul Adrian Glaubitz wrote:
> close 691180
> thanks
>
> Hi,
>
> there have been new uploads of connman both into testing and unstable,
> the issue has been resolved as the package has been rebuilt in both
> ca
Control: tags 681701 + pending
Control: tags 698042 + pending
Dear Maintainer,
I uploaded to DELAYED/2 a NMU of python-visual fixing this bug. Please
find the debdiff attached. Don't hesitate to tell me if I should delay
the upload longer.
Cheers,
--
.''`.Sébastien Villemot
: :' :Debi
Processing control commands:
> tags 681701 + pending
Bug #681701 [python-visual] invalid Vcs-Git tag
Added tag(s) pending.
> tags 698042 + pending
Bug #698042 [python-visual] python-visual: needs rebuild because of
python-numpy ABI change and must add corresponding versioned dependency
Added tag(
Processing control commands:
> tags 681701 + pending
Bug #681701 [python-visual] invalid Vcs-Git tag
Ignoring request to alter tags of bug #681701 to the same tags previously set
> tags 698042 + pending
Bug #698042 [python-visual] python-visual: needs rebuild because of
python-numpy ABI change an
Package: src:lazarus
Severity: serious
In at least version 0.9.30.4-1.1 and 0.9.30.4-4 debian/rules has a target
debian-files that is called during binary builds that will regenerate
debian/control.
I expect this to be the reason for the problem reported in #698827.
Ansgar
--
To UNSUBSCRIBE,
Package: src:lazarus
Version: 0.9.30.4-1.1
Severity: serious
Justification: 1
The .dsc says
Source: lazarus
Binary: lazarus, lazarus-src, lazarus-ide, lazarus-ide-gtk2, lazarus-ide-qt4,
lcl, lcl-utils, lcl-units, lcl-nogui, lcl-gtk2, lcl-qt4, lazarus-doc
Architecture: all i386 powerpc spar
77 matches
Mail list logo
