On Tue, 10 Feb 2015 17:47:01 +0100 Holger Wansing
wrote:
> This is getting confusing:
> In https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777439#35 you wrote,
> that you have done a shell-only install (no desktop environment).
> Now you write, that you have kde and network-manager installed.
>
Package: wss4j
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0226
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0227
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.deb
Processing control commands:
> severity -1 important
Bug #35 [systemd] systemd: Disk corruption on reboot initiated through
systemd
Severity set to 'important' from 'grave'
--
35: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=35
Debian Bug Tracking System
Contact ow...@bugs.debia
control: severity -1 important
Am 12.02.2015 um 04:28 schrieb Michael Biebl:
>> I could reproduce this issue with three machines that are virtualized
>> > with qemu-kvm. On the other hand, I did not see this issue with two
>> > physical machines. All of these are running the above version of
>> >
I realized that these crashes correlated absolutely with me changing my
xorg.conf to switch to a different Intel 2D graphics driver. I don't think
Intel is supporting that graphics driver again, so this bug can probably be
safely closed.
It is still odd that it was crashing.
Thanks,
Matt
control: tags -1 moreinfo unreproducible
Am 12.02.2015 um 03:19 schrieb Peter Colberg:
> Package: systemd
> Version: 215-11
> Severity: grave
> Justification: causes non-serious data loss
>
> Dear Maintainer,
>
> After upgrading to jessie from wheezy, I noticed that some of the
> system logs exp
Processing control commands:
> tags -1 moreinfo unreproducible
Bug #35 [systemd] systemd: Disk corruption on reboot initiated through
systemd
Added tag(s) unreproducible and moreinfo.
--
35: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=35
Debian Bug Tracking System
Contact ow...
Processing commands for cont...@bugs.debian.org:
> tags 06 + security
Bug #06 [nut-monitor] nut-monitor: insecure storage of password
Added tag(s) security.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
06: http://bugs.debian.org/cgi-bin/bugreport.cg
Control: tag -1 pending
Control: severity -1 normal
On Wed, Feb 11, 2015 at 07:03:59PM +, Ben Hutchings wrote:
>Package: debian-cd
>Version: 3.1.13
>Severity: serious
>
>As the 486 kernel flavour was renamed to 586, linux-image-586 needs to
>be included on CD#1 and so should linux-headers-586.
Processing control commands:
> tag -1 pending
Bug #12 [debian-cd] i386 kernel list out of date
Added tag(s) pending.
> severity -1 normal
Bug #12 [debian-cd] i386 kernel list out of date
Severity set to 'normal' from 'serious'
--
12: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=7
Package: systemd
Version: 215-11
Severity: grave
Justification: causes non-serious data loss
Dear Maintainer,
After upgrading to jessie from wheezy, I noticed that some of the
system logs experience corruption when rebooting the system.
After rebooting the system using the command ‘reboot’ or ‘s
Your message dated Wed, 11 Feb 2015 23:48:54 +
with message-id
and subject line Bug#777641: fixed in pypy 2.5.0+dfsg-2
has caused the Debian Bug report #777641,
regarding pypy-lib-testsuite: fails to install: pypy-lib-testsuite.postinst:
pypycompile: not found
to be marked as done.
This mean
This change is causing issues in debootstrap:
from: debootstrap/debootstrap.log
dpkg: version 2.7.8-3 of libpython-stdlib:armhf already installed, skipping
dpkg: regarding .../python_2.7.8-3_armhf.deb containing python,
pre-dependency problem:
python pre-depends on python-minimal (= 2.7.8-3)
p
Processing commands for cont...@bugs.debian.org:
> severity 769155 grave
Bug #769155 [kde-workspace-bin] kde-workspace-bin: laptop does not go to sleep
when critical battery level is reached
Severity set to 'grave' from 'normal'
> thanks
Stopping processing here.
Please contact me if you need as
Processing control commands:
> found -1 5.5.4-2
Bug #777184 [ltsp-client-core] ltsp-client: insserv: script ltsp-client-setup:
service ltsp-client-setup already provided!
Marked as found in versions ltsp/5.5.4-2.
> found -1 5.4.2-6+deb7u1
Bug #777184 [ltsp-client-core] ltsp-client: insserv: scrip
Control: found -1 5.5.4-2
Control: found -1 5.4.2-6+deb7u1
On 2015-02-10, Andreas Beckmann wrote:
> On 2015-02-09 10:26, Vagrant Cascadian wrote:
>> The lenny and squeeze versions shipped /etc/init.d/ltsp-client-setup
>> (and /etc/default/ltsp-client-setup), but is no longer used by ltsp, and
>> c
Package: xdg-utils
Version: 1.1.0~rc1+git20111210-7.3
Severity: grave
Tags: security patch
Justification: user security hole
Hi,
there is a long-standing issue with xdg-open on debian -- it parses all files
it is trying to open. This is easily exploitable. Requirements are similar as
in last RC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 11/02/15 21:56, Simon McVittie wrote:
> On 11/02/15 21:26, Simon Kelley wrote:
>> Thanks, that looks good, but I think that probably the default
>> --enable-dbus should go as well. It's only there for the previous
>> use with systemd's dbus met
Your message dated Wed, 11 Feb 2015 22:00:09 +
with message-id
and subject line Bug#776489: fixed in shinken 2.0.3-4
has caused the Debian Bug report #776489,
regarding shinken: no smooth upgrade from wheezy: the old packages are kept
installed
to be marked as done.
This means that you claim
On 11/02/15 21:26, Simon Kelley wrote:
> Thanks, that looks good, but I think that probably the default
> --enable-dbus should go as well. It's only there for the previous use
> with systemd's dbus method. DBus is not enabled by default when
> dnsmasq is started by sysvinit.
I wondered about this,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/02/15 09:17, Simon McVittie wrote:
> On Mon, 09 Feb 2015 at 16:33:31 +, Simon McVittie wrote:
>> If I was the maintainer, I'd go for option 2, Type=forking, which
>> makes the systemd unit work even more like the init script does
>> now -
Processing commands for cont...@bugs.debian.org:
> notfound 722075 eglibc/2.13-38+deb7u7
Bug #722075 {Done: Aurelien Jarno } [libc6] libc6:
getaddrinfo() sends DNS queries to random file descriptors (CVE-2013-7423)
No longer marked as found in versions eglibc/2.13-38+deb7u7.
> thanks
Stopping pro
Package: nut-monitor
Version: 2.7.2-1.1
Followup-For: Bug #06
Thinking this through a bit more, it's not sufficient to just fix the
permissions on the file. The user should be notified if they have
passwords stored insecurely and warned to change them, as they should
be considered compromised.
Control: notfound -1 eglibc 2.13-38+deb7u7
Control: fixed -1 eglibc/2.13-38+deb7u5
On 2015-01-29 23:53, Ben Hutchings wrote:
> Control: retitle -1 libc6: getaddrinfo() sends DNS queries to random file
> descriptors (CVE-2013-7423)
> Control: forwarded -1 https://sourceware.org/bugzilla/show_bug.c
Processing control commands:
> notfound -1 eglibc 2.13-38+deb7u7
Unknown command or malformed arguments to command.
> fixed -1 eglibc/2.13-38+deb7u5
Bug #722075 {Done: Aurelien Jarno } [libc6] libc6:
getaddrinfo() sends DNS queries to random file descriptors (CVE-2013-7423)
Marked as fixed in ve
I just verified that the emacs backport (and thus presumeably the emacs
24 from jessie) can be installed on top of the wheezy versions of
org-mode and notmuch-emacs (either seperately). Byte compilation of apel
does indeed fail with the backports version of emacs.
d
--
To UNSUBSCRIBE, email to
Processing commands for cont...@bugs.debian.org:
> fixed 777545 1.6.8-1+deb7u6
Bug #777545 {Done: Simon McVittie } [dbus] CVE-2015-0245:
denial of service in dbus >= 1.4
There is no source info for the package 'dbus' at version '1.6.8-1+deb7u6' with
architecture ''
Unable to make a source versio
git://github.com/cgmanager/cgmanager should have a complete fix for this
bug. I want to test in several scenarios before pushing a package with
those changes. Anyone who wants to test for themselves can build the
package with the last two patches from the git tree pushed.
After further testing I
Package: nut-monitor
Version: 2.7.2-1.1
Followup-For: Bug #06
I have bumped the severity to critical, as this introduces a security
hole on the system. The password is stored world-readable by default
and only mildly obfuscated (base64, not crypted as I had assumed,
though even if it had been
Processing commands for cont...@bugs.debian.org:
> severity 06 critical
Bug #06 [nut-monitor] nut-monitor: insecure storage of password
Severity set to 'critical' from 'normal'
> # Justification: introduces security hole on the system
>
End of message, stopping processing here.
Please con
Package: debian-cd
Version: 3.1.13
Severity: serious
As the 486 kernel flavour was renamed to 586, linux-image-586 needs to
be included on CD#1 and so should linux-headers-586.
There is an option to exclude the 486 flavour, and I wasn't sure
whether this should cover 586 as well or whether it sho
On 02/02/15 at 07:42 +0100, Daniel Beyer wrote:
> Hi Lucas,
>
> we struggled a bit fixing FTBFS #775625, since neither David nor me were
> able to reproduce it on our local setups. We took a wild guess for
> symfony 2.3.21+dfsg-3 and increased a timeout in one test, which solves
> the problem (at
Your message dated Wed, 11 Feb 2015 15:19:27 +
with message-id
and subject line Bug#777674: fixed in direwolf 1.1-2
has caused the Debian Bug report #777674,
regarding direwolf: fails to upgrade from 'testing' - trying to overwrite
/usr/share/direwolf/symbolsX.txt
to be marked as done.
This
Processing commands for cont...@bugs.debian.org:
> severity 770628 grave
Bug #770628 [deluged] deluged: Starting daemon has no effect
Severity set to 'grave' from 'critical'
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
770628: http://bugs.debian.org/cg
Processing commands for cont...@bugs.debian.org:
> found 750030 5.5.42-1
Bug #750030 [mysql-server-5.5] mysql-server-5.5: unowned files after purge
(policy 6.8, 10.8): /etc/apparmor.d/local/usr.sbin.mysqld
Marked as found in versions mysql-5.5/5.5.42-1.
> tags 777580 + sid
Bug #777580 [python-cla
Package: direwolf
Version: 1.1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package fails to upgrade from
'testing'.
It installed fine in 'testing', then the upgrade to 'sid' fails
because it tries to overwrite other packag
Processing commands for cont...@bugs.debian.org:
> severity 770628 critical
Bug #770628 [deluged] deluged: Starting daemon has no effect
Severity set to 'critical' from 'normal'
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
770628: http://bugs.debian.or
Le Tue, 10 Feb 2015 23:05:01 +0100,
Julien Cristau a écrit :
> On Tue, Feb 10, 2015 at 00:21:53 +0100, Laurent Bigonville wrote:
[...]
> >
> > What would be the opinion of the RT about this change?
> >
> We (or at least I) prefer to see proposed changes in the mail to
> having to look them up.
Package: salt-common
Version: 2014.1.13+ds-2
Severity: grave
Justification: renders package unusable
salt-common contains the salt-call binary which is useful in itself, but it
needs to depend on python-msgpack or otherwise salt-call will fail to run. You
can reproduce it in a minimal chroot by ru
Processing commands for cont...@bugs.debian.org:
> tags 777613 + pending
Bug #777613 [systemd] systemctl enable/disable does not handle alias symlinks
if there is a corresponding sysv script
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
77
Processing commands for cont...@bugs.debian.org:
> retitle 777613 systemctl enable/disable does not handle alias symlinks if
> there is a corresponding sysv script
Bug #777613 [systemd] systemctl enable/disable does not handle .service symlinks
Changed Bug title to 'systemctl enable/disable does
41 matches
Mail list logo
