Processing commands for cont...@bugs.debian.org:
> tags 704625 patch
Bug #704625 [modsecurity-apache] modsecurity-apache: CVE-2013-1915: Vulnerable
to XXE attacks
Added tag(s) patch.
> tags 704625 pending
Bug #704625 [modsecurity-apache] modsecurity-apache: CVE-2013-1915: Vulnerable
to XXE attac
Hi,
I installed mod_security with the patch I backported, made sure the
module was loaded by Apache, and tested to query "http://localhost";,
then I could see the "It works!" default Debian Apache page.
So, I'd say: so far so good, Apache doesn't crash.
Salvatore, could you tell how you find out
Your message dated Sat, 06 Apr 2013 06:32:56 +
with message-id
and subject line Bug#680484: fixed in scotch 5.1.12b.dfsg-1.2
has caused the Debian Bug report #680484,
regarding gmap and scotch: error when trying to install together
to be marked as done.
This means that you claim that the prob
Hi,
I have done the work of backporting the upstream patch which Salvatore
Bonaccorso pointed at. The patch is attached to this email.
Please note that I have *not* tested this patch, I just applied manually
(because otherwise it would fail) what I could find upstream, and
checked that the packag
Package: scalasca,dvb-apps
Version: scalasca/1.4.2-1
Version: dvb-apps/1.1.1+rev1483-2
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite
Date: 2013-04-06
Architecture: amd64
Distribution: sid
Hi,
automatic installation tests of packages that share a file and at the
same ti
Package: live-image-all,live-images
Version: live-image-all/4.0~a11-1
Version: live-images/4.0~a12-1
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite
Date: 2013-04-06
Architecture: amd64
Distribution: sid
Hi,
automatic installation tests of packages that share a file and
Hi,
On Fri, Apr 05, 2013 at 03:14:15PM +0100, Jonathan Wiltshire wrote:
>
> Thanks - it would help to ping this bug when it uploaded too please.
Hereby pinging the bug, package uploaded, debdiff attached to this mail.
> I'm sure you realised but s/uploads/updates/ in your quoted mail
> above (o
On Wed 2013-03-27 15:46:59 -0400, Daniel Kahn Gillmor wrote:
> On Fri 2013-03-15 01:08:00 -0400, Daniel Kahn Gillmor wrote:
>
>> Ugh, this is a bad result, but i don't think the bug is in 0.8.1 -- the
>> crashing bug is in the earlier version (0.8-2), and one of the changes
>> in 0.8.1 is to impro
Your message dated Sat, 06 Apr 2013 01:00:07 +
with message-id
and subject line Bug#699885: fixed in bouncycastle 1.48+dfsg-1
has caused the Debian Bug report #699885,
regarding TLS timing attack in bouncycastle (Lucky 13)
to be marked as done.
This means that you claim that the problem has b
Your message dated Fri, 05 Apr 2013 22:17:40 +
with message-id
and subject line Bug#704267: fixed in libdr-tarantool-perl 0.15-1+deb70u1
has caused the Debian Bug report #704267,
regarding libdr-tarantool-perl: FTBFS on i386 Wheezy (but not amd64): test
failure: t/050-async-client.t
to be mar
Processing commands for cont...@bugs.debian.org:
> tags 704267 + pending
Bug #704267 [src:libdr-tarantool-perl] libdr-tarantool-perl: FTBFS on i386
Wheezy (but not amd64): test failure: t/050-async-client.t
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need as
tags 704267 + pending
thanks
Dear maintainer,
I've prepared an NMU for libdr-tarantool-perl (versioned as 0.15-1+deb70u1) and
uploaded it to t-p-u. See also #704772.
Regards.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
diff -N
Processing commands for cont...@bugs.debian.org:
> found 704749 0.9.7.9~exp2
Bug #704749 [apt] apt: Needs to Replace manpages-it due to new Italian man pages
Marked as found in versions apt/0.9.7.9~exp2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
704749: http
Processing commands for cont...@bugs.debian.org:
> found 0.9.7.9~exp2
Unknown command or malformed arguments to command.
> notfound 704749 0.9.7.8~exp1
Bug #704749 [apt] apt: Needs to Replace manpages-it due to new Italian man pages
No longer marked as found in versions apt/0.9.7.8~exp1.
> thanks
Your message dated Fri, 05 Apr 2013 20:48:08 +
with message-id
and subject line Bug#704544: fixed in nova 2012.1.1-17
has caused the Debian Bug report #704544,
regarding nova-common: fails to install: sed: can't read /etc/default/nova: No
such file or directory
to be marked as done.
This mea
On 03/29/2013 03:41 PM, John Paul Adrian Glaubitz wrote:
> On 03/29/2013 03:38 PM, Christoph Egger wrote:
>> Because in unstable/wheezy python depends on python2.7 not python2.6. if
>> you depend on python you can assume /usr/bin/python but not either of
>> python2.6 and python2.7
>
> Ah, you're r
Source: langford
Version: 0.0.20130221-2
Severity: serious
Justification: fails to build from source
For some reason, langford's debian.tar.gz includes prebuilt amd64
binaries of langford_util and langford_adc_util, and I see that
debian/source/include-binaries permits two others. I strongly susp
On Fri, Apr 05, 2013 at 07:12:39PM +0200, Andreas Tille wrote:
> One remaining question: What about
>
>
> http://anonscm.debian.org/gitweb/?p=debian-science/packages/scotch.git;a=blob;f=debian/patches/format-security.patch
>
> Should I include this or not? Otherwise I can confirm that I sep
Processing commands for cont...@bugs.debian.org:
> user debian-secur...@lists.debian.org
Setting user to debian-secur...@lists.debian.org (was car...@debian.org).
> usertags 704775 + tracked
There were no usertags set.
Usertags are now: tracked.
> tags 704775 + security
Bug #704775 [krb5-kdc] krb5
The patch is now available in the pkg-k5-afs/debian.git repository on
alioth.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: krb5-kdc
Version: 1.10.1+dfsg-4+nmu1
Severity: serious
Upstream has patched against CVE-2013-1416; Debian should as well.
By sending an unusual but valid TGS-REQ, an authenticated remote attacker
can cause the KDC process to crash by dereferencing a null pointer.
Only krb5 releases 1
Hi
On Fri, Apr 05, 2013 at 03:14:15PM +0100, Jonathan Wiltshire wrote:
> >>No, we won't add hardening at this stage.
> >
> >OK, so if I do not hear anything from Christophe if he wants to
> >prepare
> >the tpu upload I will do so at latest next Monday (hopefully
> >earlier).
> >
> >Thanks for your
Package: libarchive
Version: 3.0.1b-1
Severity: serious
Note: this bug report is a continuation of discussions in the unblock
bug for libarchive (
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704080 ).
my personal guess is that there's probably nothing s390x-specific to it,
it's probably
Your message dated Fri, 05 Apr 2013 16:47:42 +
with message-id
and subject line Bug#704205: fixed in git-annex 4.20130405
has caused the Debian Bug report #704205,
regarding git-annex: FTBFS: tries to write to $HOME
to be marked as done.
This means that you claim that the problem has been dea
2013/4/2 Thorsten Glaser
> On Thu, 28 Mar 2013, Filipus Klutiero wrote:
>
> > There's a very simple solution to that which would solve even more
> > problems. Unfortunately, it requires a larger change.
>
> Well, let’s just not do that right now.
>
> The upgrade to 1.19 was on very short notice a
Hi Michael,
I do appreciate your time to look at these fpc bugs, but they were filed
by the currently most active maintainer of the package. I therefore
believe, rather than just closing the bug, you could ask Abou for more
clarification if his explanation is somewhat short.
@Abou, don't hesitate
Control: fixed -1 1:1.12.13-12+squeeze1
On Sun, 2013-03-31 at 14:15:33 +, Thorsten Glaser wrote:
> Adam D. Barratt dixit:
> > I don't think you can (in either case). You can mark a bug as found / fixed
> > in
> > a binary version, but the BTS will translate that to the corresponding
> > sour
Processing control commands:
> fixed -1 1:1.12.13-12+squeeze1
Bug #659861 [cvs] cvs contains /usr/share/info/dir.gz
Bug #664872 [cvs] cvs: Excess dir.gz file in /usr/share/info
Marked as fixed in versions cvs/1:1.12.13-12+squeeze1.
Marked as fixed in versions cvs/1:1.12.13-12+squeeze1.
--
659861
On 2013-04-04 20:40, Andreas Tille wrote:
Hi,
On Thu, Apr 04, 2013 at 07:43:11PM +0200, Julien Cristau wrote:
On Thu, Apr 4, 2013 at 08:33:00 +0200, Andreas Tille wrote:
> I have no idea how hard the handling of testing-proposed-uploads
might
> be for the release team. So I could imagine an
Processing commands for cont...@bugs.debian.org:
> block 698698 by 704755
Bug #698698 [volview] volview does not start because of a missing symbol
698698 was not blocked by any bugs.
698698 was not blocking any bugs.
Added blocking bug(s) of 698698: 704755
> thanks
Stopping processing here.
Pleas
Processing control commands:
> tags 674447 + patch
Bug #674447 [haproxy] CVE-2012-2942
Ignoring request to alter tags of bug #674447 to the same tags previously set
> tags 704611 + patch
Bug #704611 [src:haproxy] haproxy: CVE-2013-1912: crash on TCP content
inspection rules
Ignoring request to al
Control: tags 674447 + patch
Control: tags 704611 + patch
Attached is a possible debdiff for these two (but not yet tested).
TODO remain:
- is #674447 considered to be RC or should we downgrade ad it needs a
extra tuning of tune.bufsize
- In case of an upload, will the Release Team also acce
Processing control commands:
> tags 674447 + patch
Bug #674447 [haproxy] CVE-2012-2942
Added tag(s) patch.
> tags 704611 + patch
Bug #704611 [src:haproxy] haproxy: CVE-2013-1912: crash on TCP content
inspection rules
Added tag(s) patch.
--
674447: http://bugs.debian.org/cgi-bin/bugreport.cgi?bu
Hi Tzafrir
On Fri, Mar 29, 2013 at 06:53:31AM +0100, Salvatore Bonaccorso wrote:
> Hi Tzafrir
>
> On Thu, Mar 28, 2013 at 09:37:30AM +0200, Tzafrir Cohen wrote:
> > On Thu, Mar 28, 2013 at 06:23:32AM +0100, Salvatore Bonaccorso wrote:
> > > Package: asterisk
> > > Severity: grave
> > > Tags: secu
Processing commands for cont...@bugs.debian.org:
> severity 698698 serious
Bug #698698 [volview] volview does not start because of a missing symbol
Severity set to 'serious' from 'important'
> severity 659105 wishlist
Bug #659105 [volview] volview: Use libctn-dev
Severity set to 'wishlist' from 'n
Processing commands for cont...@bugs.debian.org:
> # release tags not required when appropriate versions already set
> tag 704742 - experimental
Bug #704742 [src:shishi] shishi: FTBFS on s390x and ppc64: quilt is not working
because of debian/patches/series missing
Removed tag(s) experimental.
>
On Fri, Apr 5, 2013 at 4:11 AM, Henri Salo wrote:
> Is there something that I could help to get this bug fixed and closed? Please
> contact me in case you want any help.
Hi Henri,
The bug is already fixed in jenkins/1.480.2+dfsg-1~exp1. It was not
feasiable to backport the fix to the version ava
Processing commands for cont...@bugs.debian.org:
> reassign 704748 src:tasksel
Bug #704748 [src:task-gnome-desktop] task-gnome-desktop: uninstallable on
kfreebsd-*
Warning: Unknown package 'src:task-gnome-desktop'
Bug reassigned from package 'src:task-gnome-desktop' to 'src:tasksel'.
No longer ma
Processing control commands:
> clone -1 -2
Bug #704723 [manpages-it] manpages-it: do not include application pages
Bug 704723 cloned as bug 704749
> reassign -2 apt 0.9.7.8~exp1
Bug #704749 [manpages-it] manpages-it: do not include application pages
Bug reassigned from package 'manpages-it' to 'ap
Source: task-gnome-desktop
Version: 3.14+nmu1
Severity: serious
Tags: d-i pending
Package has a Depends on network-manager-gnome which cannot be satisfied
on kfreebsd-amd64.
Package has a Depends on network-manager-gnome which cannot be satisfied
on kfreebsd-i386.
On 25/02/13 06:19, Christian PER
Package: pbuilder
Version: 0.215
Severity: critical
Justification: breaks unrelated software
I’ve just did the following:
① get https://www.mirbsd.org/cvs.cgi/contrib/hosted/tg/deb/pbuilderrc?rev=1.34
and install that file as /etc/pbuilderrc
② edit the MIRROR_wheezy line to use a local mirror
③
Processing commands for cont...@bugs.debian.org:
> found 704547 313.18-1
Bug #704547 {Done: Andreas Beckmann } [nvidia-glx]
CVE-2013-0131: NVIDIA UNIX GPU Driver ARGB Cursor Buffer Overflow in
"NoScanout" Mode.
Bug #704567 {Done: Andreas Beckmann } [nvidia-glx]
CVE-2013-0131: NVIDIA UNIX GPU Dr
Source: shishi
Version: 1.0.2-1
Severity: serious
Tags: patch experimental
Justification: FTBFS on s390x and ppc64 (64-bit big endian ports)
Because of debian/patches/series missing,
although "3.0 (quilt)" is designated in debian/source/format,
quilt is not working normally.
So, as a result, bug
Package: waagent
Version: 1.2-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package fails to remove.
>From the attached log (scroll to the bottom...):
Removing waagent ...
postrm called with unknown argument `remove'
Processing commands for cont...@bugs.debian.org:
> severity 704484 serious
Bug #704484 [proftpd-dfsg] Upgrading from Squeeze to Wheezy breaks proftpd
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
704484: http://bugs.debian
Thanks for reporting the bug.
I regenerated the symbol file and updated the package to use pkg-kde-tools:
https://github.com/thomas-moulard/visp-deb/commit/9ff6c202e03d4ae92fa676a4395fdb04d4742f0c
Please note that an upstream version has been released in the meantime
so this will be fixed in 2.7.
On Mon, 2013-04-01 at 01:27 +, Debian Bug Tracking System wrote:
> I upgraded squeeze->wheezy with fp-compiler in a clean chroot,
> and it
> worked fine. Closing the bug since there is far too little
> information here to do anything.
>
> Please
Hello,
Is there something that I could help to get this bug fixed and closed? Please
contact me in case you want any help.
---
Henri Salo
signature.asc
Description: Digital signature
48 matches
Mail list logo
