The following CVEs are fixed by 5.7.16:
CVE-2016-5584 CVE-2016-6304 CVE-2016-6662 CVE-2016-7440
--
Lars
On 10/18/2016 10:24 AM, Norvald H. Ryeng wrote:
Source: mysql-5.7
Version: 5.7.15-1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for October 2016 w
Your message dated Wed, 19 Oct 2016 06:50:23 +
with message-id
and subject line Bug#838414: fixed in gpick 0.2.5+git20161017-1
has caused the Debian Bug report #838414,
regarding gpick: colors.txt is non-free
to be marked as done.
This means that you claim that the problem has been dealt with
Hi,
This might be an error in the CPU announcement (they sometimes get
corrections after the initial announcement). I'll try to track down
someone who's worked on this fix and ask.
--
Lars
On 10/19/2016 08:21 AM, Salvatore Bonaccorso wrote:
Hi Lars, hi Norvald,
On Wed, Oct 19, 2016 at 08:0
Package: libcork15,libcork16
Version: libcork15/0.15.0+ds-6
Version: libcork16/0.15.0+ds-7
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite
Date: 2016-10-19
Architecture: amd64
Distribution: sid
Hi,
automatic installation tests of packages that share a file and at the
sam
Hi Lars, hi Norvald,
On Wed, Oct 19, 2016 at 08:03:00AM +0200, Lars Tangvald wrote:
> The following CVEs are fixed in 5.5.53:
> CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
The listing of CVE-2016-6662 is confusing here. This should actually
already be addressed in 5.5.52, cf.
http://legalhackers.co
Hmm (again) ... Maybe file /usr/share/sendmail/sendmail needs updating
also? It is almost identical to /etc/init.d/sendmail, and in file
/etc/cron.daily/sendmail I notice the lines:
...
#--
# Every so often, give sendmail
The following CVEs are fixed in 5.5.53:
CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
On 10/17/2016 10:05 AM, Norvald H. Ryeng wrote:
Source: mysql-5.5
Version: 5.5.52-0+deb8u1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for October 2016 will be released
The following CVEs are noted as fixed since 5.6.30:
CVE-2016-3492 CVE-2016-5507 CVE-2016-5584 CVE-2016-5609
CVE-2016-5612 CVE-2016-5616 CVE-2016-5617 CVE-2016-5626
CVE-2016-5627 CVE-2016-5629 CVE-2016-5630 CVE-2016-6304
CVE-2016-6662 CVE-2016-7440 CVE-2016-8283 CVE-2016-8284
--
Lars
On 10/17/201
Your message dated Wed, 19 Oct 2016 05:12:41 +
with message-id
and subject line Bug#840679: fixed in lxqt-l10n 0.11.0-19-g717bd7e-3
has caused the Debian Bug report #840679,
regarding {qterminal, libfm-qt, liblxqt}-l10n: fails to upgrade from 'sid' -
trying to overwrite /usr/share/*/translati
Hmm... you may also need to (once) do:
chown smmsp /var/run/sendmail/stampdir/reload
when adopting my patch.
Cheers, Paul
Package: sendmail
Version: 8.14.4-8+deb8u1
Severity: grave
Tags: patch security
Justification: user security hole
Supposing that due to some bug in sendmail, we were able to execute
commands as group smmsp, then that might be leveraged to cause root
to create any (empty) file.
The directory /var
This should fix it, but I'll let you guys close the bug whenever kid3 is
successfully rebuilt. I appologize for the trouble!
Cheers,
Matteo
--
Accepted:
Format: 1.8
Date: Tue, 18 Oct 2016 16:46:19 -0400
Source: taglib
Binary: libtag1v5 libtag1v5-vanilla libtag1-dev libtag1-doc libtag
Your message dated Tue, 18 Oct 2016 22:51:42 +
with message-id
and subject line Bug#840825: fixed in taglib 1.11+dfsg.1-0.3
has caused the Debian Bug report #840825,
regarding libtag1-dev: missing header files
to be marked as done.
This means that you claim that the problem has been dealt wit
Your message dated Tue, 18 Oct 2016 22:49:05 +
with message-id
and subject line Bug#839299: fixed in quark-sphinx-theme 0.4.0-1
has caused the Debian Bug report #839299,
regarding quark-sphinx-theme: FTBFS: dh_auto_test: pybuild --test -i
python{version} -p 3.5 returned exit code 13
to be mar
Your message dated Tue, 18 Oct 2016 22:48:59 +
with message-id
and subject line Bug#841162: fixed in quagga 1.0.20160315-3
has caused the Debian Bug report #841162,
regarding quagga: CVE-2016-1245: zebra: stack overrun in IPv6 RA receive code
to be marked as done.
This means that you claim th
Your message dated Tue, 18 Oct 2016 22:35:46 +
with message-id
and subject line Bug#838516: fixed in k3d 0.8.0.6-1
has caused the Debian Bug report #838516,
regarding FTBFS: conflicts between build dependencies
to be marked as done.
This means that you claim that the problem has been dealt wi
Your message dated Tue, 18 Oct 2016 22:20:09 +
with message-id
and subject line Bug#755583: fixed in autoradio 2.8.5-1
has caused the Debian Bug report #755583,
regarding autoradio: Please ensure it works with Django 1.7
to be marked as done.
This means that you claim that the problem has bee
Your message dated Tue, 18 Oct 2016 22:21:32 +
with message-id
and subject line Bug#800937: fixed in fcml 1.1.3-1
has caused the Debian Bug report #800937,
regarding fcml ftbfs on armel
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the ca
As suggested in https://github.com/amule-project/amule/issues/77, I rebuilt
the source packages libcrypto++-5.6.3, wxwidgets3.0-3.0.2+dfsg and
amule-2.3.2 and the resulting aMule deb runs fine here.
Regards,
Bram Senders
Processing commands for cont...@bugs.debian.org:
> owner 839299 !
Bug #839299 [src:quark-sphinx-theme] quark-sphinx-theme: FTBFS: dh_auto_test:
pybuild --test -i python{version} -p 3.5 returned exit code 13
Owner recorded as Felix Krull .
>
End of message, stopping processing here.
Please conta
owner 839299 !
Your message dated Tue, 18 Oct 2016 19:52:43 +
with message-id <20161018195243.uyh6m4f6lojtg...@jelmer.uk>
and subject line Fixed in curent unstable
has caused the Debian Bug report #820794,
regarding smbclient: "cli_list: Error: unable to parse name from info level
260" with Windows 10 shares
Processing commands for cont...@bugs.debian.org:
> fixed 820794 2:4.4.6+dfsg-1
Bug #820794 [smbclient] smbclient: "cli_list: Error: unable to parse name from
info level 260" with Windows 10 shares
Marked as fixed in versions samba/2:4.4.6+dfsg-1.
> fixed 820794 2:4.2.14+dfsg-0+deb8u1
Bug #820794
Processing commands for cont...@bugs.debian.org:
> tags 800937 + pending
Bug #800937 [src:fcml] fcml ftbfs on armel
Added tag(s) pending.
> tags 841191 + pending
Bug #841191 [fcml] fcml: FTBFS on i386 and mips64el: fcml_internal_check
segfaults
Added tag(s) pending.
> thanks
Stopping processing h
Hi Daniel,
On Tue, 18 Oct 2016 12:24:23 +, Daniel Knezevic
wrote:
> The reason of segmentation fault is a missing NULL in fcml_stf_test_case
> fctl_ti_symbols. With attached patch I was able to build ocaml-ctype
> successfully for i386 and mips64el.
Thank you so very much, this has been weig
Your message dated Tue, 18 Oct 2016 18:46:56 +
with message-id
and subject line Bug#821986: fixed in gle 3.1.0-7.2
has caused the Debian Bug report #821986,
regarding gle: Build arch:all+arch:any but is missing build-{arch,indep} targets
to be marked as done.
This means that you claim that th
Processing commands for cont...@bugs.debian.org:
> severity 771790 grave
Bug #771790 [dirty.js] dirty.js 0.9.6 doesn't work properly with recent nodejs
Severity set to 'grave' from 'normal'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
771790: http://bugs.debian
Processing commands for cont...@bugs.debian.org:
> found 840347 0.2.5-1
Bug #840347 [src:libtirpc] CVE-2016-4429
Ignoring request to alter found versions of bug #840347 to the same values
previously set
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
840347: http
Your message dated Tue, 18 Oct 2016 17:31:55 +
with message-id
and subject line Bug#831153: fixed in openjdk-8-jre-dcevm 8u92-1
has caused the Debian Bug report #831153,
regarding openjdk-8-jre-dcevm: FTBFS with GCC 6: os.hpp:28:30: fatal error:
jvmtifiles/jvmti.h: No such file or directory
t
Your message dated Tue, 18 Oct 2016 17:30:13 +
with message-id
and subject line Bug#840971: fixed in metaphlan2-data 2.6.0+ds-2
has caused the Debian Bug report #840971,
regarding metaphlan2-data: Does not remove generated files
to be marked as done.
This means that you claim that the problem
Your message dated Tue, 18 Oct 2016 17:30:17 +
with message-id
and subject line Bug#817584: fixed in midge 0.2.41-2.1
has caused the Debian Bug report #817584,
regarding midge: Removal of debhelper compat 4
to be marked as done.
This means that you claim that the problem has been dealt with.
Package: openjdk-8-jre-jamvm
Version: 8u102-b14.1-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
Using JamVM causes the following exception to be thrown running the most
simplest programs from "Hello World" to the Java compiler:
Error: A JNI error has occurred, please
Your message dated Tue, 18 Oct 2016 17:19:37 +
with message-id
and subject line Bug#817392: fixed in clex 3.15-1.1
has caused the Debian Bug report #817392,
regarding clex: Removal of debhelper compat 4
to be marked as done.
This means that you claim that the problem has been dealt with.
If t
Package: fritzing
Version: 0.9.2b+dfsg-4
Severity: grave
Tags: patch
Justification: causes non-serious data loss
Dear Maintainer,
Very annoying bug was found in 0.9.2b. You can have a look here:
https://github.com/fritzing/fritzing-app/issues/3115
This bug causes data loss after some hours of work
Processing control commands:
> severity -1 grave
Bug #841224 [mediatomb] MediaTomb Multiple Remote Vulnerabilities
Severity set to 'grave' from 'critical'
> tags -1 security
Bug #841224 [mediatomb] MediaTomb Multiple Remote Vulnerabilities
Added tag(s) security.
> retitle -1 mediatomb: libupnp vul
Control: severity -1 grave
Control: tags -1 security
Control: retitle -1 mediatomb: libupnp vulnerabilities CVE-2012-5958,
CVE-2012-5959, CVE-2012-5960, CVE-2016-6255
Control: found -1 0.12.1-4
On 18/10/16 17:17, Brian Martin wrote:
> Package: mediatomb
> Version: 0.12.1-47
This version does not
Package: mediatomb
Version: 0.12.1-47
Severity: critical
This was discovered on Ubuntu and reported to them. Ubuntu replied that
the package is inherited from Debian "which means it isn't supported by
the Ubuntu Security Team." We notified secur...@debian.org who suggested
we open a ticket. If an
On Tue, 18 Oct 2016, Andreas Henriksson wrote:
>* Drop obsolete transitional package (Closes: #841098)
Care to explain?
On 18.10.2016 15:02, Santiago Vila wrote:
> Package: src:libhibernate3-java
> Version: 3.6.10.Final-5
> Severity: serious
>
> Dear maintainer:
>
> I tried to build this package in stretch with "dpkg-buildpackage -A"
> (which is what the "Arch: all" autobuilder would do to build it)
> but it faile
On Tue, Oct 18, 2016 at 04:47:08PM +0200, Michael Biebl wrote:
> Builds fine on the buildds
>
> https://buildd.debian.org/status/package.php?p=libgda5
>
> Would be great if you can find out how your build environment differs
> from the official buildd setup.
I don't think there are real differe
On Tue, 18 Oct 2016, Antonio Ospite wrote:
> However I could reproduce the issue from "make doc-stage-1" with just
> this file:
>
> ---
> \version "2.19.50"
>
> \sourcefilename "measure-counter.ly"
>
> \relative c' {
> \startM
Processing control commands:
> tags 817444 + patch
Bug #817444 [src:echolot] echolot: Removal of debhelper compat 4
Added tag(s) patch.
> tags 817444 + pending
Bug #817444 [src:echolot] echolot: Removal of debhelper compat 4
Added tag(s) pending.
--
817444: http://bugs.debian.org/cgi-bin/bugrepo
Control: tags 817444 + patch
Control: tags 817444 + pending
Dear maintainer,
I've prepared an NMU for echolot (versioned as 2.1.9-1.1) and
uploaded it to DELAYED/10. Please feel free to tell me if I
should delay it longer.
Regards.
only in patch2:
unchanged:
--- echolot-2.1.9.orig/debian/changel
Control: tags + moreinfo unreproducible
Am 18.10.2016 um 16:29 schrieb Santiago Vila:
> found 811068 5.2.4-2
> thanks
>
>> ../../test-driver: line 107: 77018 Aborted "$@" > $log_file
>> 2>&1
>> FAIL: check_vcnc
>
> Sorry for the reopening but I can still reproduce this in stretc
Your message dated Tue, 18 Oct 2016 14:34:47 +
with message-id
and subject line Bug#840346: fixed in qjoypad 4.1.0-2
has caused the Debian Bug report #840346,
regarding qjoypad: FTBFS: install: cannot create regular file
'/usr/bin/qjoypad': Permission denied
to be marked as done.
This means
Your message dated Tue, 18 Oct 2016 14:37:42 +
with message-id
and subject line Bug#841098: fixed in rygel 0.32.1-1
has caused the Debian Bug report #841098,
regarding rygel: FTBFS (rygel-media-engine-test fails)
to be marked as done.
This means that you claim that the problem has been dealt
Your message dated Tue, 18 Oct 2016 14:34:37 +
with message-id
and subject line Bug#841079: fixed in python-pyftpdlib 1.5.1-2
has caused the Debian Bug report #841079,
regarding python-pyftpdlib: FTBFS (make install fails)
to be marked as done.
This means that you claim that the problem has b
Your message dated Tue, 18 Oct 2016 14:34:00 +
with message-id
and subject line Bug#838738: fixed in print-manager 4:16.08.2-1
has caused the Debian Bug report #838738,
regarding print-manager: FTBFS: KCupsRequest.cpp:284:75: error: 'cupsGetPPD2'
was not declared in this scope
to be marked as
Processing commands for cont...@bugs.debian.org:
> found 811068 5.2.4-2
Bug #811068 {Done: Andreas Henriksson } [libgda5] FTBFS:
FAIL: check_vcnc: ../../test-driver: line 107: 77018 Aborted
There is no source info for the package 'libgda5' at version '5.2.4-2' with
architecture ''
Unable to make
Package: src:monkeysphere
Version: 0.40-2
Severity: serious
Dear maintainer:
I tried to build this package in stretch with "dpkg-buildpackage -A"
(which is what the "Arch: all" autobuilder would do to build it)
but it failed:
--
Your message dated Tue, 18 Oct 2016 14:03:49 +
with message-id
and subject line Bug#831090: fixed in krfb 4:16.08.2-1
has caused the Debian Bug report #831090,
regarding krfb: FTBFS with GCC 6: stl_algobase.h:265:56: error: macro "max"
passed 3 arguments, but takes just 2
to be marked as done
Your message dated Tue, 18 Oct 2016 13:22:31 +
with message-id
and subject line Bug#841124: fixed in elfutils 0.166-2.2
has caused the Debian Bug report #841124,
regarding FTBFS on amd64
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the c
Your message dated Tue, 18 Oct 2016 13:22:42 +
with message-id
and subject line Bug#840165: fixed in fcl 0.5.0-5
has caused the Debian Bug report #840165,
regarding fcl builds on amd64 with -march=native breaking compatibility with
other CPU types
to be marked as done.
This means that you cl
Package: src:libhibernate3-java
Version: 3.6.10.Final-5
Severity: serious
Dear maintainer:
I tried to build this package in stretch with "dpkg-buildpackage -A"
(which is what the "Arch: all" autobuilder would do to build it)
but it failed:
Processing commands for cont...@bugs.debian.org:
> severity 840674 grave
Bug #840674 [amule] Amule crashes in Testing
Severity set to 'grave' from 'normal'
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
840674: http://bugs.debian.org/cgi-bin/bugreport.cg
On Tue, Oct 18, 2016 at 12:49:32PM +0200, Emmanuel Bourg wrote:
> Thank you very much for the patch Adrian, I confirm it works. I'll
> upload a new version soon.
>
> What is the recommended way to depend on GCC? Should the package depend
> on g++ (>= 4:6), or should it depend on gcc-6 with a build
On Tue, 11 Oct 2016 15:09:57 -0700
Don Armstrong wrote:
> On Mon, 10 Oct 2016, Antonio Ospite wrote:
> > I tried compiling lilypond with guile-2.0 from Debian unstable, and
> > building the binaries works, and some simple input file worked too.
>
> Yes, but it fails for more complicated input fil
Thank you very much for the patch Adrian, I confirm it works. I'll
upload a new version soon.
What is the recommended way to depend on GCC? Should the package depend
on g++ (>= 4:6), or should it depend on gcc-6 with a build adjusted to
use it?
Emmanuel Bourg
Source: batmon.app
Version: 0.7-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org
Dear Maintainer,
batmon.app fails to build from source in unstable/amd64:
[…
Am 17.10.2016 um 23:03 schrieb Aurelien Jarno:
> Package: kid3
> Version: 3.4.2-1
> Severity: serious
>
> kid3 fails to build from source on all architectures with the following
> error:
>
> | /«PKGBUILDDIR»/src/plugins/taglibmetadata/taglibfile.cpp:119:26: fatal
> error: chapterframe.h: No such f
On 10/18/2016 09:36 AM, James Clarke wrote:
> I've prepared an NMU for elfutils (versioned as 0.166-2.2). The diff
> is attached to this message.
Since this is a serious bug in an important package, I uploaded the NMU
right away, but just made the line-breaking in the changelog a bit
saner.
Pleas
Processing commands for cont...@bugs.debian.org:
> fixed 790274 1.4.0-1
Bug #790274 [src:python-pyftpdlib] python-pyftpdlib: FTBFS: Failure in
test_on_incomplete_file_sent
Marked as fixed in versions python-pyftpdlib/1.4.0-1.
> thanks
Stopping processing here.
Please contact me if you need assis
fixed 790274 1.4.0-1
thanks
Presumably the bug is not present in >= 1.4.0-1 anymore.
Probably the bug needs fixing in Jessie.
Btw, I will try to backport 1.5.1-n to Jessie, because I need py3 support.
Source: mysql-5.7
Version: 5.7.15-1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for October 2016 will be released on
Tuesday, October 18. According to the pre-release announcement [1], it
will contain information about CVEs fixed in MySQL 5.7.16.
Source: quagga
Version: 0.99.23.1-1
Severity: grave
Tags: security upstream patch
Hi,
the following vulnerability was published for quagga.
CVE-2016-1245[0]:
zebra: stack overrun in IPv6 RA receive code
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilitie
Control: tags 841124 + patch
Dear maintainer,
I've prepared an NMU for elfutils (versioned as 0.166-2.2). The diff
is attached to this message.
Regards,
James
diff -Nru elfutils-0.166/debian/changelog elfutils-0.166/debian/changelog
--- elfutils-0.166/debian/changelog 2016-10-07 15:16:12.000
Processing control commands:
> tags 841124 + patch
Bug #841124 [src:elfutils] FTBFS on amd64
Ignoring request to alter tags of bug #841124 to the same tags previously set
--
841124: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841124
Debian Bug Tracking System
Contact ow...@bugs.debian.org w
67 matches
Mail list logo
