Package: linux-image-3.2.0-4-orion5x
Severity: critical
Tags: d-i upstream
Justification: breaks the whole system
Dear Maintainer,
I've got an old D-Link DNS-323 NAS box that I've been using for ARM
development for a number of years (Thanks, guys, for supporting it).
Anyway, I upgraded from Stabl
Processing commands for cont...@bugs.debian.org:
> reassign 699656 src:linux
Bug #699656 [general] general: System freezes while using multimedia via DRI
[Intel 82865G chip] on kernels above 3.2.0-3-686-pae
Bug reassigned from package 'general' to 'src:linux'.
Ignoring request to alter found vers
reassign 699656 src:linux
forcemerge 693083 699656
thanks
Quoting marc (marc_sm...@gmx.com):
> I already reported this bug for the previous version of kernel [bug report
> #693083], but the problem is still unsolved.++
Hello,
As #693083 is still opened, I fail to see why you're opening yet
anot
Followup-For: Bug #699197
Control: tag -1 patch
Hi,
I'm attaching a patch that fixes the two RC issues:
* missing Breaks/Replaces libpolyorb1-dev
* cleaning up the diversion properly
I'm now going to ask the RT for their opinion about this patch.
The patched packages pass the piuparts tests tha
Processing control commands:
> tag -1 patch
Bug #699197 [libpolyorb2-dev] libpolyorb2-dev: fails to upgrade from 'squeeze'
- trying to overwrite /usr/bin/iac
Added tag(s) patch.
--
699197: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699197
Debian Bug Tracking System
Contact ow...@bugs.debi
Your message dated Sun, 03 Feb 2013 05:42:35 +0100
with message-id <510deabb.8080...@debian.org>
and subject line Re: tiff: Incorrect /usr/share/doc symlink to doc transition
has caused the Debian Bug report #698745,
regarding tiff: Incorrect /usr/share/doc symlink to doc transition
to be marked as
Followup-For: Bug #685469
Control: tag -1 patch
Hi,
I'm attaching my sugggested patch to fix this problem. The fixup should
only be performed by ekg2.postinst - ekg2-core should have nothing to do
as everything is fine within this package.
Successfully tested in piuparts tests:
sid install, p
Processing control commands:
> tag -1 patch
Bug #685469 [ekg2] ekg2: missing copyright file
Added tag(s) patch.
--
685469: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685469
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-r
On Sat, Feb 2, 2013 at 9:20 PM, Ian Zimmerman wrote:
> On Sat, 2 Feb 2013 17:57:56 -0500
> Michael Gilbert wrote:
>
> Michael> So, the issue with the bind embed is that even though the
> Michael> entire thing is built, only a very small part is actually used
> Michael> by dhcp. I don't really hav
On Sat, 2 Feb 2013 17:57:56 -0500
Michael Gilbert wrote:
Michael> So, the issue with the bind embed is that even though the
Michael> entire thing is built, only a very small part is actually used
Michael> by dhcp. I don't really have the time to look into whether the
Michael> vulnerable bind cod
On Tue, Jan 29, 2013 at 05:38:36PM +0200, Henri Salo wrote:
> Mr. Bob Nomnomnom from Torland reported a denial of service security
> vulnerability in ircd-hybrid. Function hostmask.c:try_parse_v4_netmask() is
> using strtoul to parse masks. Documentation says strtoul can parse "-number"
> as
> wel
Package: general
Severity: critical
Justification: breaks the whole system
Dear developers,
Almost everytime [it happens randomly] I try to see some video content via DRI
[VLC/XBMC, etc] on kernels with version higher than 3.2.0-3-686-pae the whole
system freeze [screen goes black, system is unre
Your message dated Sun, 03 Feb 2013 01:02:34 +
with message-id
and subject line Bug#699267: fixed in ircd-hybrid 1:7.2.2.dfsg.2-10
has caused the Debian Bug report #699267,
regarding ircd-hybrid: CVE-2013-0238 Denial of service vulnerability in
hostmask.c:try_parse_v4_netmask()
to be marked a
Processing commands for cont...@bugs.debian.org:
> severity 699267 grave
Bug #699267 {Done: Dominic Hargreaves } [ircd-hybrid]
ircd-hybrid: CVE-2013-0238 Denial of service vulnerability in
hostmask.c:try_parse_v4_netmask()
Severity set to 'grave' from 'important'
> thanks
Stopping processing her
Hi Jari,
>Further, the *.ps file contains comment which effectively
> makes it non-free for distribution:
>
> % Copyright (c) 1985,1987 Adobe Systems Incorporated. All Rights
> Reserved.
don't be misled by this header -- if you look inside the postscript file,
you'll see that this is for one
For me, this bug (if it's one bug we're talking about) was caused, or
exposed, by a recent dist-upgrade to testing. I have a Motorola Xoom
that I mount on my Debian wheezy box with:
mtpfs -o allow_other /media/android
(run as root). This has worked with no problems since I got the Xoom
about a
Processing control commands:
> tag -1 patch
Bug #699589 [lsb] lsb ftbfs in wheezy, testsuite problems.
Ignoring request to alter tags of bug #699589 to the same tags previously set
--
699589: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699589
Debian Bug Tracking System
Contact ow...@bugs.de
Processing control commands:
> tag -1 patch
Bug #699589 [lsb] lsb ftbfs in wheezy, testsuite problems.
Added tag(s) patch.
--
699589: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699589
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debia
control: tag -1 patch
> Attempting to build lsb in a wheezy amd64 chroot I get
>
> PYTHONPATH=. python3.2 test/test_initdutils.py -vv
> Traceback (most recent call last):
> File "test/test_initdutils.py", line 4, in
>import initdutils as iu
> File "/lsb-4.1+Debian8/initdutils.py", line 18
>
There has been some further discussion and suggestions on how this could be
handled in the short term and also in the longer term in the following thread:
http://lists.freedesktop.org/archives/openicc/2013q1/004907.html
--
Stuart Prescotthttp://www.nanonanonano.net/ stu...@nanonanonano.n
Processing control commands:
> severity -1 serious
Bug #698597 [isc-dhcp] isc-dhcp: CVE-2012-1667 patch (for Wheezy)
Severity set to 'serious' from 'normal'
--
698597: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698597
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Processing commands for cont...@bugs.debian.org:
> clone 699649 -1
Bug #699649 [libboost-locale1.49-dev] Boost.Locale library security flaw
Bug 699649 cloned as bug 699650
> reassign -1 libboost-locale1.50-dev
Bug #699650 [libboost-locale1.49-dev] Boost.Locale library security flaw
Bug reassigned
Package: libboost-locale1.49-dev
Version: 1.49.0-3.1
Severity: grave
Tags: security
Boost has issued a security notice:
http://www.boost.org/users/news/boost_locale_security_notice.html
Boost versions from 1.48.0 to 1.52.0 are affected. A patch is provided:
http://cppcms.com/files/locale/boost_lo
On Sat, Feb 2, 2013 at 7:21 AM, Dominic Hargreaves wrote:
> There is no requirement that precompiled binaries must not be included
> in source packages, only that they are rebuilt. The build system for
> this package rebuilds, and overwrites
>
> examples/storage/swfstore.swf
> examples/swfstore/swf
Package: proftpd-mod-geoip
Version: 1.3.5~rc1-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package deletes a file it has
shipped.
debsums reports modification of the following files,
from the attached log (scroll to the bo
Processing control commands:
> reassign -1 eglibc
Bug #699593 [login] login: wrong egid
Bug reassigned from package 'login' to 'eglibc'.
No longer marked as found in versions shadow/1:4.1.5.1-1.
Ignoring request to alter fixed versions of bug #699593 to the same values
previously set
> forcemerge
control: reassign -1 eglibc
control: forcemerge 698102 -1
control: tag -1 -security
On Sat, Feb 2, 2013 at 3:53 AM, Michael Tsang wrote:
> Debian GNU/kFreeBSD logs me with a wrong egid. I did the following steps:
>
> 1. Install a new copy of Debian GNU/kFreeBSD
> 2. Configure the system to use LDA
Followup-For: Bug #699644
diff -Nru glpi-0.83.31/debian/changelog glpi-0.83.31/debian/changelog
--- glpi-0.83.31/debian/changelog 2013-01-25 11:37:11.0 +0100
+++ glpi-0.83.31/debian/changelog 2013-02-02 22:04:32.0 +0100
@@ -1,3 +1,11 @@
+glpi (0.83.31-2.1) UNRELEASED; urgency=low
+
Package: glpi
Version: 0.83.31-2
Severity: serious
Tags: patch
Justification: probably breaks functionality
Hi,
please do not forget that dpkg intentionally does not replace
directories with symlinks (or vice versa), so the security fix in -2
will probably break glpi on upgrades since /usr/share/
Your message dated Sat, 2 Feb 2013 21:49:39 +0100
with message-id <201302022150.13749.panfa...@gmail.com>
and subject line Closing bug
has caused the Debian Bug report #699380,
regarding virtuoso-opensource: remove armhf from mono archs
to be marked as done.
This means that you claim that the prob
Processing commands for cont...@bugs.debian.org:
> fixed 699380 6.1.4+dfsg1-5
Bug #699380 [src:virtuoso-opensource] virtuoso-opensource: remove armhf from
mono archs
Marked as fixed in versions virtuoso-opensource/6.1.4+dfsg1-5.
> thanks
Stopping processing here.
Please contact me if you need as
Hello,
I enclose the Xorg.0.log of the nvidia driver run. This was done by:
Uncommenting
blacklist nouveau
in /etc/modprobe.d/nvidia-kernel-common.conf
Commenting
#blaclist nvidia
in /etc/modprobe/blacklist.conf (I had to create this file)
using the previously provided /etc/X11/xorg.conf (as
Processing commands for cont...@bugs.debian.org:
> tags 694340 - patch
Bug #694340 [libgconf2-4] libgconf2-4: libgconf built with the dbus backend
requires dbus-glib to be initialized with threading
Removed tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance
Petter Reinholdtsen writes:
> [Scott Howard]
>> So I'm back to being stumped, the files it can't find are the
>> location that is being passed. The location is correct. It can be
>> built in pbuilder but failing on the buildds.
>
> The problem can not be reproduced when building manually. Many ha
Hi,
I'm not at all about to prove to you, I just point out
that there is official letter
http://mailman.coin3d.org/pipermail/coin-discuss/2011-November/018377.html
after that code is move to bitbucket - which is mentioned in letter.
the bitbucket page has https://bitbucket.org/Coin3D/coin/wiki
Followup-For: Bug #691439
Hi,
I'm appending the new template for these missing-copyright bugs, it has
some suggestions how to fix the maintainer scripts.
Andreas
Hi,
a test with piuparts revealed that your package misses the copyright
file after an upgrade from squeeze to wheezy, which is a vi
On Sat, 2013-02-02 at 21:48 +0400, Sergey Kurdakov wrote:
> > Do you have a pointer to a statement that earlier versions are covered
> > by the relicensing?
>
> the code cover which is put under BSD is since ver 3.1.2
>
> https://bitbucket.org/Coin3D/coin/overview
That page mentions nothing abou
Processing control commands:
> severity -1 normal
Bug #699419 [src:snappy] snappy: FTBFS because it insists on doing benchmarks
despite nocheck/nobench DEB_BUILD_OTPS
Severity set to 'normal' from 'serious'
--
699419: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699419
Debian Bug Tracking S
Control: severity -1 normal
On Thu, Jan 31, 2013 at 10:37:54 +0100, Thorsten Glaser wrote:
> Source: snappy
> Version: 1.0.5-2
> Severity: serious
> Justification: fails to build from source (but built successfully in the past)
>
Once again, please stop filing m68k bugs at RC severity.
Cheers,
Source: jsdoc-toolkit
Version: 2.4.0+dfsg-5
Severity: serious
The maintainer address bounces.
Also the changelog entry is wrong: no "Closes: #684012" was added unless
one counts the one for the current upload (which does not make sense to
add).
Ansgar
Mail Delivery System writes:
> This messag
Hi
> Do you have a pointer to a statement that earlier versions are covered
> by the relicensing?
the code cover which is put under BSD is since ver 3.1.2
https://bitbucket.org/Coin3D/coin/overview
so the code is re licensed back since version 3.1.2
Regards
Sergey
On Sat, Feb 2, 2013 at 9:42
On Sat, 2013-02-02 at 20:58 +0400, Sergey Kurdakov wrote:
> it is quite a long time that coin3D was re-licensed to BSD, so no
> problems to link with opencascade
>
> http://mailman.coin3d.org/pipermail/coin-discuss/2011-November/018377.html
> https://bitbucket.org/Coin3D/coin/wiki/Home
The coin3
Hi,
it is quite a long time that coin3D was re-licensed to BSD, so no problems
to link with opencascade
http://mailman.coin3d.org/pipermail/coin-discuss/2011-November/018377.html
https://bitbucket.org/Coin3D/coin/wiki/Home
Regards
Sergey
Processing commands for cont...@bugs.debian.org:
> tags 692434 + patch
Bug #692434 [yui] CVE-2012-5883, CVE-2012-5882, CVE-2012-5881 - YUI 2.x
security issue regarding embedded SWF files
Bug #693608 [yui] CVE-2012-5883, CVE-2012-5882, CVE-2012-5881 - YUI 2.x
security issue regarding embedded SWF
tags 692434 + patch
tags 692434 + pending
thanks
Dear maintainer,
I've prepared an NMU for yui (versioned as 2.9.0-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer or cancel it.
Regards,
Dominic.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
P
On Fri, Feb 01, 2013 at 10:09:34PM +, Jonathan Wiltshire wrote:
> On Sun, Jan 20, 2013 at 08:49:26PM +0100, Moritz Mühlenhoff wrote:
> > On Fri, Jan 11, 2013 at 03:56:25PM +, Jonathan Wiltshire wrote:
> > > Control: found -1 3.2.1-2
> > >
> > > On 2013-01-11 13:50, Moritz Muehlenhoff wrote
Your message dated Sat, 02 Feb 2013 14:48:13 +
with message-id
and subject line Bug#690006: fixed in fluidsynth 1.1.6-2
has caused the Debian Bug report #690006,
regarding fluidsynth: FTBFS
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not th
Hi,
Dominic Hargreaves wrote (02 Feb 2013 13:19:21 GMT) :
> As the release team aren't too happy about the size of the 0.9 debdiff,
> what do you think about my suggestion - are these the right commits
> to fix the RC bugs in question (one of them needs rebasing/porting; the
> other appears to be
FYI. Originally sent to wrong bug number. Sorry about lack of
responsiveness this week I'm a bit ill
Alastair
Original Message
Subject:Re: License issues with code in xgks
Date: Mon, 28 Jan 2013 15:20:31 +0100
From: Steven Pemberton
Organisation: CWI
To: Ste
Package: latd
Version: 1.30
Severity: critical
Tags: security
-- System Information:
Debian Release: 7.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTY
On Thu, Jan 31, 2013 at 10:37:54AM +0100, Thorsten Glaser wrote:
> Source: snappy
> Version: 1.0.5-2
> Severity: serious
> Justification: fails to build from source (but built successfully in the past)
What platform is this? I've never changed the behavior here, so RC on the
grounds of regression
Package: freewnn-cserver,freewnn-jserver,freewnn-kserver
Version: 1.1.1~a021+cvs20120618-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package t
Your message dated Sat, 2 Feb 2013 13:27:20 +
with message-id <20130202132720.gf5...@urchin.earth.li>
and subject line Fixed in squeeze security upload in October
has caused the Debian Bug report #691485,
regarding Security vulnerabilities in RT
to be marked as done.
This means that you claim
Package: php-zeroc-ice
Version: 3.5~beta1-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.
>Fr
On Sat, Feb 02, 2013 at 01:12:16PM +, Dominic Hargreaves wrote:
> Hi Daniel,
>
> These three RC bugs are still present in wheezy although they were
> fixed in sid in July.
>
> Am I right in thinking that #682518 and #677565 are actually the
> same issue, and that they are fixed by upstream co
Hi Daniel,
These three RC bugs are still present in wheezy although they were
fixed in sid in July.
Am I right in thinking that #682518 and #677565 are actually the
same issue, and that they are fixed by upstream commits?
7f8a57a1ebc8f5b4d63acbd8f7104c85f7dc0a19 Make msva's primary listening da
Source: gosa
Version: 2.7.4-4
Severity: serious
Justification: failure to install/purge
gosa Depends: apache2 | lighttpd | httpd
Calls to things like "invoke-rc.d apache2 reload" in gosa postinst/postrm are
guarded by a check for /etc/apache2/conf.d. However, this directory can be
created by vari
Package: buddycloud-server
Version: 0.3.5-2
Severity: grave
Justification: renders package unusable
# /usr/bin/nodejs -- /usr/share/buddycloud-server/main.js --config config.js
/usr/share/buddycloud-server/main.js:26
if (fs.existsSync(defaultConfigFile)) {
^
TypeError: Object # has no
Processing commands for cont...@bugs.debian.org:
> unarchive 694641
Bug #694641 {Done: Markus Frosch } [icinga-web] yui:
CVE-2012-5475 - YUI 2.x security issue regarding embedded SWF files
Unarchived Bug 694641
> retitle 694641 icinga-web - CVE-2012-5883 CVE-2012-5882 CVE-2012-5881 in
> embedded
Processing commands for cont...@bugs.debian.org:
> # Bug cloned for those
> affects 692434 - icinga-web glpi
Bug #692434 [yui] yui: CVE-2012-5475 - YUI 2.x security issue regarding
embedded SWF files
Removed indication that 692434 affects icinga-web and glpi
> # Duplicate
> merge 692434 693608
Bu
# Bug cloned for those
affects 692434 - icinga-web glpi
# Duplicate
merge 692434 693608
retitle 692434 CVE-2012-5883, CVE-2012-5882, CVE-2012-5881 - YUI 2.x security
issue regarding embedded SWF files
thanks
These two bugs are the same (reference:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=
Package: xymon
Version: 4.3.7-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.
>From the attac
Processing commands for cont...@bugs.debian.org:
> merge 692434 693608
Bug #692434 [yui] yui: CVE-2012-5475 - YUI 2.x security issue regarding
embedded SWF files
Unable to merge bugs because:
affects of #693608 is '' not 'icinga-web,glpi'
Failed to merge 692434: Did not alter merged bugs
merge 692434 693608
retitle 692434 CVE-2012-5883, CVE-2012-5882, CVE-2012-5881 - YUI 2.x security
issue regarding embedded SWF files
thanks
These two bugs are the same (reference:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5883
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-20
On Sat, Nov 24, 2012 at 02:43:02PM +0100, Jonas Smedegaard wrote:
> Quoting Maximiliano Curia (2012-11-24 13:49:30)
> > I'm not sure how to build [SWF] files, and the list of md5sums in the
> > yuilibrary page suggests that it's not expected that users build those.
> > The build process of yui dele
On Sun, Nov 04, 2012 at 08:57:32PM -0500, Michael Gilbert wrote:
> control: reopen -1
>
> > * Several of the .swf files are now built from source and the rest have
> >been removed from the package. (Closes: #591199)
>
> This seems to be incorrect about 2.9.0-1. The following pre-built swf
On Mon, Jan 28, 2013 at 11:57:50AM +, Alastair McKinstry wrote:
> Ok, I am contacting the original author of this code, to see if he
> is willing to make a change. The code was written in 1990 or so,
> and he may not have been aware of the consequences of his actions.
Ping?
> Annoying that th
Processing control commands:
> tag -1 - pending
Bug #694376 [dovecot-common] dovecot-core: missing Breaks+Replaces: mailavenger
(<< 0.8.1-4)
Removed tag(s) pending.
> tag -1 - sid wheezy
Bug #694376 [dovecot-common] dovecot-core: missing Breaks+Replaces: mailavenger
(<< 0.8.1-4)
Removed tag(s) s
Control: tag -1 - pending
Control: tag -1 - sid wheezy
# appropriate versions already set
On Mon, Jan 21, 2013 at 04:33:47PM -0500, Jaldhar H. Vyas wrote:
> On Sun, 20 Jan 2013, Jonathan Wiltshire wrote:
>
> >tags 694376 + pending
> >thanks
> >
> >Dear maintainer,
> >
> >I've prepared an NMU for
Processing commands for cont...@bugs.debian.org:
> package general apt
Limiting to bugs with field 'package' containing at least one of 'general',
'apt'
Limit currently set to 'package':'general', 'apt'
> reassign 699475
Unknown command or malformed arguments to command.
> severity 699475 normal
Processing commands for cont...@bugs.debian.org:
> tags 696210 + moreinfo
Bug #696210 [minitube] no video, only audio
Added tag(s) moreinfo.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
696210: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696210
Debian Bug
Processing commands for cont...@bugs.debian.org:
> found 681573 10.12.0+dfsg-2
Bug #681573 [chef-solr] chef-solr: fails to install if policy-rc.d forbids to
start services
Marked as found in versions chef-solr/10.12.0+dfsg-2.
> found 688682 wheezy/None
Bug #688682 {Done: Laszlo Kajan } [dma] dma:
Your message dated Sat, 02 Feb 2013 10:32:30 +
with message-id
and subject line Bug#699503: fixed in notify-sharp 0.4.0~r3032-6
has caused the Debian Bug report #699503,
regarding libnotify0.4-cil: can lead to application crash
to be marked as done.
This means that you claim that the problem
Processing commands for cont...@bugs.debian.org:
> reassign 699382 syslinux-themes-debian
Bug #699382 [extlinux] extlinux fail to boot (error loading ldlinux.c32)
Bug reassigned from package 'extlinux' to 'syslinux-themes-debian'.
No longer marked as found in versions syslinux/2:5.00+dfsg-1.
Ignor
Package: login
Version: 1:4.1.5.1-1
Severity: grave
Tags: security
Justification: user security hole
Dear Maintainer,
Debian GNU/kFreeBSD logs me with a wrong egid. I did the following steps:
1. Install a new copy of Debian GNU/kFreeBSD
2. Configure the system to use LDAP authentication
3. Add a
75 matches
Mail list logo
