Processing commands for cont...@bugs.debian.org:
> unarchive 908497
Bug #908497 {Done: Jonas Smedegaard } [src:khal] khal FTBFS with
python-dateutil 2.7.3-1
Unarchived Bug 908497
> notfixed 908497 1:0.9.10-0.1
Bug #908497 {Done: Jonas Smedegaard } [src:khal] khal FTBFS with
python-dateutil 2.7.3
Your message dated Sun, 21 Apr 2019 06:33:20 +
with message-id
and subject line Bug#917742: fixed in ca-cacert 2019.0411-1
has caused the Debian Bug report #917742,
regarding ca-cacert: FTBFS: tests failed
to be marked as done.
This means that you claim that the problem has been dealt with.
I
Processing commands for cont...@bugs.debian.org:
> reassign 927676 javatools
Bug #927676 [src:android-platform-build] android-platform-build: FTBFS randomly
(jh_build returned exit code 123)
Bug reassigned from package 'src:android-platform-build' to 'javatools'.
No longer marked as found in vers
Processing commands for cont...@bugs.debian.org:
> close 927674 4.9-1
Bug #927674 [src:mercurial] CVE-2019-3902
Marked as fixed in versions mercurial/4.9-1.
Bug #927674 [src:mercurial] CVE-2019-3902
Marked Bug as done
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
close 927674 4.9-1
thanks
Processing commands for cont...@bugs.debian.org:
> tags 927674 + upstream fixed-upstream
Bug #927674 {Done: Salvatore Bonaccorso } [src:mercurial]
CVE-2019-3902
Added tag(s) fixed-upstream and upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
927674: http
Processing commands for cont...@bugs.debian.org:
> tags 927671 + upstream
Bug #927671 [node-ws] CVE-2016-10542
Added tag(s) upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
927671: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927671
Debian Bug Tracki
Processing commands for cont...@bugs.debian.org:
> found 927671 1.1.0+ds1.e6ddaae4-4
Bug #927671 [node-ws] CVE-2016-10542
Marked as found in versions node-ws/1.1.0+ds1.e6ddaae4-4.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
927671: https://bugs.debian.org/cgi-
Processing commands for cont...@bugs.debian.org:
> found 927671 1.1.0+ds1.e6ddaae4-3
Bug #927671 [node-ws] CVE-2016-10542
Marked as found in versions node-ws/1.1.0+ds1.e6ddaae4-3.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
927671: https://bugs.debian.org/cgi-
Processing commands for cont...@bugs.debian.org:
> forwarded 927671 https://github.com/nodejs/node/issues/7388
Bug #927671 [node-ws] CVE-2016-10542
Set Bug forwarded-to-address to 'https://github.com/nodejs/node/issues/7388'.
> thanks
Stopping processing here.
Please contact me if you need assist
On 2019-04-20 Magnus Holmgren wrote:
> tisdag 16 april 2019 kl. 18:46:56 CEST skrev du:
[...]
> > I have just uploaded exim 4.92-6 to exoerimental which /should/
> > work with sa-exim, allowing you to debug properly.
> Thanks. So far I haven't managed to reproduce the problem of the malformed
>
On Sat, 2019-04-20 at 09:22 +0200, Santiago Vila wrote:
> I'm adding "affect base-files" so that people see this bug in the BTS
> page for base-files and nobody thinks the problem is in base-files,
> but just for that.
Well at least with this it does *not* show up in apt-listbugs and
prevent peopl
Package: xpra
Version: 2.5.1+dfsg1-1
Severity: serious
$ xpra attach :33
xpra main error:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/xpra/scripts/main.py", line 87, in
main
options, args = do_parse_cmdline(cmdline, defaults)
File "/usr/lib/python3/dist-pa
Package: src:android-platform-build
Version: 1:8.1.0+r23-2
Severity: serious
Tags: ftbfs
Dear maintainer:
I tried to build this package in buster but it failed:
[...]
debian/rules build-indep
dh build-indep --with
Source: mercurial
Version: 4.8.2-1
Severity: grave
Tags: security
See https://www.mercurial-scm.org/wiki/WhatsNew from 4.9:
This was assigned CVE-2019-3902:
It was possible to use symlinks and subrepositories to defeat Mercurial's
path-checking
logic and write files outside a repository. This ha
Processing commands for cont...@bugs.debian.org:
> severity 911795 grave
Bug #911795 [src:golang-golang-x-net-dev] CVE-2018-17846 / CVE-2018-17847 /
CVE-2018-17848
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
911795: ht
Processing commands for cont...@bugs.debian.org:
> severity 916902 grave
Bug #916902 [src:pspp] pspp: CVE-2018-20230
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
916902: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
Your message dated Sat, 20 Apr 2019 22:17:09 +
with message-id
and subject line Bug#926350: fixed in python-django-casclient 1.2.0-2+deb9u1
has caused the Debian Bug report #926350,
regarding CAS middleware incompatible with Django >= 1.10
to be marked as done.
This means that you claim that
Your message dated Sat, 20 Apr 2019 22:17:09 +
with message-id
and subject line Bug#896317: fixed in python-django-casclient 1.2.0-2+deb9u1
has caused the Debian Bug report #896317,
regarding python-django-casclient: cas fails to import
to be marked as done.
This means that you claim that the
Your message dated Sat, 20 Apr 2019 22:17:09 +
with message-id
and subject line Bug#896404: fixed in python-django-casclient 1.2.0-2+deb9u1
has caused the Debian Bug report #896404,
regarding python3-django-casclient: cas fails to import
to be marked as done.
This means that you claim that th
Control: tags -1 + moreinfo
On Sun, 20 Jan 2019 at 08:55:23 -0800, Josh Triplett wrote:
> I disable suspend on lid close, but I *always* need the screen to lock
> when I close the lid.
This seems like an inherently "unstable" pattern: whatever the precise
design/meaning of this "tweak" might have
Processing control commands:
> tags -1 + moreinfo
Bug #919914 [gnome-settings-daemon] gnome-tweaks now equates "don't suspend on
lid close" with "don't lock on lid close" (security issue)
Added tag(s) moreinfo.
--
919914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919914
Debian Bug Track
Package: node-ws
Severity: grave
Tags: security
Please see
https://nodesecurity.io/advisories/120
https://github.com/nodejs/node/issues/7388
Cheers,
Moritz
Your message dated Sat, 20 Apr 2019 21:47:09 +
with message-id
and subject line Bug#924520: fixed in rails 2:4.2.7.1-1+deb9u1
has caused the Debian Bug report #924520,
regarding rails: CVE-2019-5418 CVE-2019-5419
to be marked as done.
This means that you claim that the problem has been dealt
On Sat, Apr 20, 2019 at 11:40:07PM +0200, Mattia Rizzolo wrote:
> Control: reassign distro-info-data 0.39
> Control: affects -1 dput-ng
>
> On Sat, Apr 20, 2019 at 08:59:34AM +, Santiago Vila wrote:
> > Package: src:dput-ng
> > Version: 1.24
> > Severity: serious
> > Tags: ftbfs
> >
> > Dear
Processing control commands:
> reassign distro-info-data 0.39
Unknown command or malformed arguments to command.
> affects -1 dput-ng
Bug #927467 [src:dput-ng] dput-ng: FTBFS (failing tests)
Added indication that 927467 affects dput-ng
--
927467: https://bugs.debian.org/cgi-bin/bugreport.cgi?bu
Processing control commands:
> reassign distro-info-data 0.39
Unknown command or malformed arguments to command.
> affects -1 dput-ng
Bug #927467 [src:dput-ng] dput-ng: FTBFS (failing tests)
Ignoring request to set affects of bug 927467 to the same value previously set
--
927467: https://bugs.d
Control: reassign distro-info-data 0.39
Control: affects -1 dput-ng
On Sat, Apr 20, 2019 at 08:59:34AM +, Santiago Vila wrote:
> Package: src:dput-ng
> Version: 1.24
> Severity: serious
> Tags: ftbfs
>
> Dear maintainer:
>
> I tried to build this package in buster but it failed:
This is bec
Processing commands for cont...@bugs.debian.org:
> severity 926958 grave
Bug #926958 [src:freeradius] freeradius: VU#871675: Authentication bypass in
EAP-PWD (CVE-2019-11234 CVE-2019-11235)
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need
Processing commands for cont...@bugs.debian.org:
> severity 925939 grave
Bug #925939 [src:jupyter-notebook] jupyter-notebook: CVE-2019-10255: open
redirect vulnerability
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
9259
tisdag 16 april 2019 kl. 18:46:56 CEST skrev du:
> On 2019-04-15 Magnus Holmgren wrote:
> > So it seems that everything should work unless spool_wireformat=true
> > *and* SARewriteBody: 1. How do I detect in sa-exim whether wire format
> > is used for a given body file though?
>
> -spool_file_wir
Source: atftp
Version: 0.7.git20120829-3
Severity: grave
Tags: patch security upstream
Hi,
The following vulnerabilities were published for atftp.
CVE-2019-11365[0]:
| An issue was discovered in atftpd in atftp 0.7.1. A remote attacker
| may send a crafted packet triggering a stack-based buffer
Package: sopel
Version: 6.6.2-1
Severity: grave
Sopel, in stable and testing right now, cannot provide a "help" to its
users. It makes it really hard to use (hence the "grave" severity). I'm
also marking this as grave because upstream keeps on churning out
"patch" releases (according to semver) th
> So your choice --- we can either reassign this bug back to fastboot or
> android-sdk-platforms-tools, or I can downgrade the severity of this
> bug for e2fsprogs down to wishlist[1]. Let me know how you want to
> handle this.
I would say downgrade it for the moment. We can deal with it after Bu
Processing commands for cont...@bugs.debian.org:
> unarchive 923928
Bug #923928 {Done: Niels Thykier } [release.debian.org]
unblock: daps/3.0.0-3
Unarchived Bug 923928
> block 924843 by 923928
Bug #924843 [src:msxpertsuite] msxpertsuite: FTBFS: MassSpectrum.cpp:50:10:
fatal error: pwiz/data/msda
Processing commands for cont...@bugs.debian.org:
> found 924843 5.7.3-1
Bug #924843 [src:msxpertsuite] msxpertsuite: FTBFS: MassSpectrum.cpp:50:10:
fatal error: pwiz/data/msdata/MSDataFile.hpp: No such file or directory
Ignoring request to alter found versions of bug #924843 to the same values
p
Package: xpra
Version: 2.5+dfsg1-1
Severity: grave
--- Please enter the report below this line. ---
Thanks for packaging the new xpra release! It does not start, because
LOCAL_MODIFICATIONS in /usr/lib/python3/dist-packages/xpra/src_info.py
is a string, but /usr/lib/python3/dist-packages/xpra/vers
Source: curl
Source-Version: 7.64.0-2
Severity: serious
Control: affects -1 rtorrent
Hi!
I've started noticing rtorrent busy-looping at some points after
finishing a torrent. stracing and gdb'ing the process it was doing
that in its main loop, spamming on gettimeofday() and epoll_wait().
Checkin
Processing control commands:
> affects -1 rtorrent
Bug #927471 [src:curl] curl: Regression that fails to exhaust socket data
Added indication that 927471 affects rtorrent
--
927471: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927471
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Processing commands for cont...@bugs.debian.org:
> severity 925178 serious
Bug #925178 {Done: Utkarsh Gupta } [ruby-globalid]
rails breaks ruby-globalid autopkgtest: Errno::ENOENT: No such file or
directory @ rb_sysopen
Severity set to 'serious' from 'important'
> tags 925178 + ftbfs
Bug #925178
Hi kibi,
On Mon, 15 Apr 2019 at 23:24:19 +0200, Cyril Brulebois wrote:
> I'm also immensely grateful for all the security-related work Matthew
> Garrett puts everywhere he goes, but I'm not sure that MR qualifies as
> “requested by d-i [0]” as you mentioned in [2].
Just to state that publicly: no
Package: src:dput-ng
Version: 1.24
Severity: serious
Tags: ftbfs
Dear maintainer:
I tried to build this package in buster but it failed:
[...]
debian/rules binary-indep
dh binary-indep --with bash-completion,python
Processing commands for cont...@bugs.debian.org:
> severity 927450 serious
Bug #927450 [debian-security-support] debian-security-support should know that
the next stable is Debian 10
Bug #927459 [debian-security-support] The package "debian-security-support"
prevents the update, installation or
Processing commands for cont...@bugs.debian.org:
> severity 927450 grave
Bug #927450 [debian-security-support] debian-security-support should know that
the next stable is Debian 10
Severity set to 'grave' from 'critical'
> severity 927459 grave
Bug #927459 [debian-security-support] The package "d
reassign 927450 debian-security-support
retitle 927450 debian-security-support should know that the next stable is
Debian 10
affects 927450 base-files
thanks
On Sat, Apr 20, 2019 at 04:01:05AM +0200, Christoph Anton Mitterer wrote:
> Yeah it's definitely that strange hardcoded part in:
> /usr/bin
Processing commands for cont...@bugs.debian.org:
> reassign 927450 debian-security-support
Bug #927450 [base-files] base-files: breaks debian-security-support, which then
breaks package installations
Bug reassigned from package 'base-files' to 'debian-security-support'.
No longer marked as found
46 matches
Mail list logo
