Source: asterisk
Version: 1:16.15.1~dfsg-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for asterisk, filling as RC
but this might not be warranted, if you feel otherwise please
downgrade. I made it su
https://lore.kernel.org/linux-mips/20210220061635.9976-1-yunqiang...@cipunited.com/T/#u
This patch for kernel can fix this problem.
Let's wait for the reply of kernel upstream community.
Bastian Blank 于2021年2月11日周四 下午2:57写道:
>
> Moin
>
> On Thu, Feb 11, 2021 at 10:15:02AM +0800, YunQiang Su wrot
Your message dated Sat, 20 Feb 2021 04:03:26 +
with message-id
and subject line Bug#982868: fixed in dpkg-cross 2.6.16
has caused the Debian Bug report #982868,
regarding dpkg-cross generates erronous conflicts on like
libc6-amd64:x32-i386-cross
to be marked as done.
This means that you clai
On Fri, Feb 19, 2021, 22:33 Michael R. Crusoe wrote:
> On Thu, 11 Feb 2021 22:54:54 + peter green
> wrote:
> > Package: openms
> > Version: 2.6.0+cleaned1-2
> > Severity: serious
> >
> > openms build-depends on seqan-dev which was built by the sequan source
> > package, which was removed fro
Processing control commands:
> reopen -1 !
Bug #983144 {Done: Markus Koschany } [unknown-horizons]
unknown-horizons: Crash with unexpected keyword argument 'encoding'
Bug reopened
Changed Bug submitter to 'Phil Morrell ' from 'Steffen
Langenbach '.
Ignoring request to alter fixed versions of bug
Control: reopen -1 !
Control: notforwarded -1
Control: tags -1 -a11y
thanks
I guess clone wasn't the right thing to do, and unfortunate crossing of
streams with Markus didn't help. This is the upstream fixing commit:
https://github.com/unknown-horizons/unknown-horizons/commit/7f6f613826aef9810999
Processing control commands:
> tags -1 +patch
Bug #978657 {Done: Markus Koschany } [python3-fife]
unknown-horizons: Crash on startup with xml AttributeError "no attribute
'getchildren'"
Added tag(s) patch.
> clone -1 -2
Bug #978657 {Done: Markus Koschany } [python3-fife]
unknown-horizons: Crash
Control: tags -1 +patch
Control: clone -1 -2
Control: retitle -2 unknown-horizons: Crash with unexpected keyword argument
'encoding'
Control: reassign -2 unknown-horizons
thanks
I can confirm that this has been fixed upstream:
https://github.com/fifengine/fifengine/commit/cf295fd98a8fba080f6305c
Your message dated Sat, 20 Feb 2021 00:33:28 +
with message-id
and subject line Bug#978657: fixed in fife 0.4.2-3
has caused the Debian Bug report #978657,
regarding unknown-horizons: Crash on startup with xml AttributeError "no
attribute 'getchildren'"
to be marked as done.
This means that
After a bit more thinking it probably makes more sense to assign this bug to
wine-development, as this is a wine-development update that broke dxvk.
Severity should probably be adjusted too, as this does not make
wine-development unusable but still breaks dxvk, a related package.
But I am not s
Package: dxvk
Version: 1.7.3+ds1-1
Severity: grave
Justification: renders package unusable
Trying to apply dxvk patches on a clean WINE prefix fails with the
following output:
installing dxvk-wine64-development in the wine prefix...
[1/2] Creating override for dxgi
The operation compl
On Thu, 11 Feb 2021 22:54:54 + peter green wrote:
> Package: openms
> Version: 2.6.0+cleaned1-2
> Severity: serious
>
> openms build-depends on seqan-dev which was built by the sequan source
> package, which was removed from unstable and testing recently. The person
> requesting the removal st
Hi Filippo,
this is extremely unfortunate. However, I guess the alternative would
have been to keep some RC buggy seqan-dev which would not have helped
openms as well. I tried the same as Peter and replaced the
Build-Depends seqan-dev by libseqan2-dev.
I can confirm the observation from Peter a
Hello,
On Fri, Feb 19, 2021 at 10:45:41AM +0100, Sven Mueller wrote:
> Package: xapp
> Version: 2.0.6-1
> Severity: serious
>
> xapps-common is tagged as architecture:all, but the generated
> xapp-sn-watcher.desktop included in it depends on the architecture it was
> built on.
[...]
> 1) Move the
Your message dated Fri, 19 Feb 2021 20:17:57 +
with message-id
and subject line Bug#982833: fixed in manpages-l10n 4.9.1-7
has caused the Debian Bug report #982833,
regarding man2html,man2html-base,manpages-it: manpage conflicts: man2html.1,
hman.1
to be marked as done.
This means that you c
Hi Utkarsh,
On Fri, Feb 19, 2021 at 10:44:08PM +0530, Utkarsh Gupta wrote:
> Hi Axel, Salvatore,
>
> On Fri, Feb 19, 2021 at 2:44 PM Axel Beckert wrote:
> > No issue popped up so far during production use on Stretch and Buster.
> > I'd say, we can publish these in good conscience.
>
> Perfect,
Processing commands for cont...@bugs.debian.org:
> affects 980202 src:gscan2pdf
Bug #980202 [imagemagick] FTBFS: gscan2pdf tests fail
Added indication that 980202 affects src:gscan2pdf
> merge 981798 980202
Bug #981798 [imagemagick] imagemagick breaks gscan2pdf autopkgtest: expected
format change
Control: tags -1 upstream
Control: forwarded -1 assafgor...@gmail.com
Control: severity -1 important
Hi Assaf,
as you can read in a recent bug report in Debian[1] datamash fails for
some architectures (namely the Debian release architectures armel, armhf
and mipsel) its build time test in some pa
Processing control commands:
> tags -1 upstream
Bug #982869 [src:datamash] datamash FTBFS on !x86 32bit: FAIL:
tests/decorate-errors
Added tag(s) upstream.
> forwarded -1 assafgor...@gmail.com
Bug #982869 [src:datamash] datamash FTBFS on !x86 32bit: FAIL:
tests/decorate-errors
Set Bug forwarded-
Processing commands for cont...@bugs.debian.org:
> found 949519 1.8.29-1
Bug #949519 [sudo-ldap] sudo-ldap: Fails to connect to LDAP :
"ldap_sasl_bind_s(): Can't contact LDAP server"
Marked as found in versions sudo/1.8.29-1.
> thanks
Stopping processing here.
Please contact me if you need assis
Processing commands for cont...@bugs.debian.org:
> tag 980202 - ftbfs
Bug #980202 [imagemagick] FTBFS: gscan2pdf tests fail
Removed tag(s) ftbfs.
> reassign 981798 imagemagick 8:6.9.11.60+dfsg-1
Bug #981798 [src:imagemagick] imagemagick breaks gscan2pdf autopkgtest:
expected format changed
Bug re
Your message dated Fri, 19 Feb 2021 19:19:15 +
with message-id
and subject line Bug#957271: fixed in gfpoken 1-3
has caused the Debian Bug report #957271,
regarding gfpoken: ftbfs with GCC-10
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not
Processing commands for cont...@bugs.debian.org:
> affects 983117 dxvk
Bug #983117 [wine-development] dxvk: failure to apply on a clean prefix, due to
a symlink creation issue
Added indication that 983117 affects dxvk
> thanks
Stopping processing here.
Please contact me if you need assistance.
-
Processing commands for cont...@bugs.debian.org:
> tag 983017 + patch
Bug #983017 [src:9base] 9base: flaky autopkgtest on i386: stack smashing
detected
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
983017: https://bugs.debian.org/cgi-bin/bug
Processing commands for cont...@bugs.debian.org:
> reassign 983117 wine-development 5.6-1
Bug #983117 [dxvk] dxvk: failure to apply on a clean prefix, due to a symlink
creation issue
Bug reassigned from package 'dxvk' to 'wine-development'.
No longer marked as found in versions dxvk/1.7.3+ds1-1.
Control: tag -1 + moreinfo bullseye sid
If you cannot switch to console with Ctrl-Alt-F2 then this is a strong
indicator that the bug is in the kernel, probably nouveau.
If you can reproduce this reliably it would help a lot if you could
provide the output of these commands after the bug has happ
Processing control commands:
> tag -1 + moreinfo bullseye sid
Bug #983034 [plasma-workspace-wayland] plasma-workspace-wayland: hanging in
ksplashqml
Added tag(s) sid, bullseye, and moreinfo.
--
983034: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983034
Debian Bug Tracking System
Contact o
Processing control commands:
> tag -1 + patch
Bug #982713 [src:minexpert2] minexpert2: FTBFS: [ERROR] LazyFont - Failed to
read font file
/usr/share/texlive/texmf-dist/fonts/opentype/public/stix2-otf/STIX2Math.otf
java.io.FileNotFoundException:
/usr/share/texlive/texmf-dist/fonts/opentype/publ
Control: tag -1 + patch
The attached patch should fix this, but I haven't tried it myself.
Also consider Build-Depends-Indep: or Build-Depends:
texlive-fonts-extra (>= 2020.20210202-1) if you use it.
Regards,
Dennis.
massxpert-982725-stix2paths.patch.gz
Description: application/gzip
Control: tag -1 + patch
The attached patch should fix this, but I haven't tried it myself.
Also consider Build-Depends-Indep: or Build-Depends:
texlive-fonts-extra (>= 2020.20210202-1) if you use it.
Regards,
Dennis.
minexpert2-982713-stix2paths.patch.gz
Description: application/gzip
Processing control commands:
> tag -1 + patch
Bug #982718 [src:msxpertsuite] msxpertsuite: FTBFS: [ERROR] LazyFont - Failed
to read font file
/usr/share/texlive/texmf-dist/fonts/opentype/public/stix2-otf/STIX2Math.otf
java.io.FileNotFoundException:
/usr/share/texlive/texmf-dist/fonts/opentype/
Processing control commands:
> tag -1 + patch
Bug #982725 [src:massxpert] massxpert: FTBFS: [ERROR] LazyFont - Failed to read
font file
/usr/share/texlive/texmf-dist/fonts/opentype/public/stix2-otf/STIX2Math.otf
java.io.FileNotFoundException:
/usr/share/texlive/texmf-dist/fonts/opentype/public
Control: tag -1 + patch
The attached patch should fix this, but I haven't tried it myself.
Also consider Build-Depends-Indep: or Build-Depends:
texlive-fonts-extra (>= 2020.20210202-1) if you use it.
Regards,
Dennis.
msxpertsuite-982718-stix2paths.patch.gz
Description: application/gzip
Package: src:linux
Version: 5.10.13-1
Severity: critical
Justification: breaks the whole system
X-Debbugs-Cc: herpaikor...@protonmail.com
Dear Maintainer,
After upgrading to Bullseye, the system became unbootable with the new kernel
(5.10.0-3). The initramfs starts loading but the system goes bl
Control: tag -1 pending
Hello,
Bug #983092 in xapp reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/cinnamon-team/xapp/-/commit/92e10371cac3c34fd42e3fdaf99f91d79
Processing control commands:
> tag -1 pending
Bug #983092 [xapp] xapps-common:all is not properly arch-independent
Added tag(s) pending.
--
983092: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983092
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Hi Axel, Salvatore,
On Fri, Feb 19, 2021 at 2:44 PM Axel Beckert wrote:
> No issue popped up so far during production use on Stretch and Buster.
> I'd say, we can publish these in good conscience.
Perfect, thanks for all your work on this! \o/
I've uploaded to stretch-security (& pushed the comm
Hi Axel,
Sorry for the late reply, I was a bit occupied with my school homework.
On Wed, Feb 17, 2021 at 8:59 AM Axel Beckert wrote:
> > So I created one with the latest dsc (4.2.1-3+deb8u1) and added 2
> > commits on top of it.
>
> Thanks for the effort, but this seems to have a separate git ro
Your message dated Fri, 19 Feb 2021 16:21:55 +
with message-id
and subject line Bug#957987: fixed in xmakemol 5.16-10
has caused the Debian Bug report #957987,
regarding xmakemol: ftbfs with GCC-10
to be marked as done.
This means that you claim that the problem has been dealt with.
If this i
Hello,
Due to freeze, I can upload the patch on this bug right now, and maybe we can
upload your changes in git to unstable once the current one goes in testing?
I'm doing some git work to polish the packaging, I'll try to rebase your
changes and push later today
G.
Your message dated Fri, 19 Feb 2021 15:18:41 +
with message-id
and subject line Bug#983089: fixed in hydrogen 1.0.1-3
has caused the Debian Bug report #983089,
regarding hydrogen: missing Breaks+Replaces
to be marked as done.
This means that you claim that the problem has been dealt with.
If
Hi Michael,
I am currently working on hardening some servers for a customer and
the customer asked for a portscan detection tool on their machine.
I have used scanlogd in the (very) past and have today returned to
scanlogd in Debian. It seems the packages is in some not-quite-right
state
Your message dated Fri, 19 Feb 2021 15:03:32 +
with message-id
and subject line Bug#982696: fixed in drm-info 2.2.0-2
has caused the Debian Bug report #982696,
regarding drm-info: FTBFS: tables.c:247:2: error: duplicate case value
to be marked as done.
This means that you claim that the probl
Hi Jorg and the security team,
Please find attached debdiff for the upload in buster-security.
Salvatore, would you accept such upload?
Cheers,
Thomas Goirand (zigo)
diff -Nru ipmitool-1.8.18/debian/changelog ipmitool-1.8.18/debian/changelog
--- ipmitool-1.8.18/debian/changelog2018-08-05 12:
Your message dated Fri, 19 Feb 2021 14:33:58 +
with message-id
and subject line Bug#980638: fixed in unattended-upgrades 2.8
has caused the Debian Bug report #980638,
regarding unattended-upgrades: FTBFS: AssertionError: False is not true : Can
not find 'Removing unused kernel packages: linux
Your message dated Fri, 19 Feb 2021 14:33:48 +
with message-id
and subject line Bug#982171: fixed in psi4 1:1.3.2+dfsg-1
has caused the Debian Bug report #982171,
regarding libint breaks psi4 autopkgtest: 'str' object is not callable; perhaps
you missed a comma?
to be marked as done.
This me
Your message dated Fri, 19 Feb 2021 14:21:53 +
with message-id
and subject line Bug#980935: fixed in pyzo 4.4.3-1.3
has caused the Debian Bug report #980935,
regarding pyzo: Crash at startup with python3.9
to be marked as done.
This means that you claim that the problem has been dealt with.
I
Hi Jörg,
I had a quick look at the patches and resulting code base. Without
looking a lot, it all looks like easy to understand supplementary
checks, and I didn't see anything that would break the code without also
breaking building. I may be wrong but it feels kind of safe to upload.
Also, we're
Your message dated Fri, 19 Feb 2021 13:33:49 +
with message-id
and subject line Bug#980846: fixed in kodi 2:19.0+dfsg1-1
has caused the Debian Bug report #980846,
regarding kodi-addons-dev-common: missing Breaks+Replaces: kodi-addons-dev (<<
2:19.0~rc1+git20210119.8c761c4+dfsg1-2)
to be marke
Your message dated Fri, 19 Feb 2021 13:34:02 +
with message-id
and subject line Bug#960153: fixed in openjdk-11 11.0.11+3-2
has caused the Debian Bug report #960153,
regarding C2 compiler gets SIGILL/ILL_ILLOPC
to be marked as done.
This means that you claim that the problem has been dealt wi
Your message dated Fri, 19 Feb 2021 12:49:00 +
with message-id
and subject line Bug#983018: fixed in qttools-opensource-src 5.15.2-4
has caused the Debian Bug report #983018,
regarding qdbus: Needs package downgrade from Buster to Bullseye (missing epoch
in transitional package)
to be marked
Processing commands for cont...@bugs.debian.org:
> found 983090 2:2.2.18-1
Bug #983090 {Done: Chris Lamb } [python-django]
python-django: CVE-2021-23336
There is no source info for the package 'python-django' at version '2:2.2.18-1'
with architecture ''
Unable to make a source version for versio
Processing commands for cont...@bugs.debian.org:
> clone 983018 -2
Bug #983018 [qdbus] qdbus: Needs package downgrade from Buster to Bullseye
(missing epoch in transitional package)
Bug 983018 cloned as bug 983103
> reassign -2 ftp.debian.org
Bug #983103 [qdbus] qdbus: Needs package downgrade fro
Source: ceres-solver
Version: 1.14.0-13
Severity: serious
Tags: ftbfs
ceres-solver fails to build from source in unstable. A build ends with:
| rm debian/tmp/usr/share/doc/ceres/html/_static/js/html5shiv-printshiv.min.js
| rm: cannot remove
'debian/tmp/usr/share/doc/ceres/html/_static/js/html5sh
Processing commands for cont...@bugs.debian.org:
> severity 982275 wishlist
Bug #982275 [src:debianutils] debianutils: add-shell depends on non-essential
package
Severity set to 'wishlist' from 'serious'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
982275: htt
Hi Didier,
On Mon, 15 Feb 2021 08:45:26 +0100 Didier 'OdyX' Raboud
wrote:
> It'll be updated to be marked "found" in the latest version, and "notfound"
> in any version allowed to migrate.
I think it's a tiny bit better to use "fixed" for the version that's
allowed to migrate. "notfound" is just
clone -1 -2
reassign -2 ftp.debian.org
retitle -2 dak: version checks for binaries not enforced when binary changes
from any to all
severity -2 normal
tags -2 - pending
Hi,
On Thu, Feb 18, 2021 at 09:08:46AM +0100, Axel Beckert wrote:
> Hi,
>
> on one system I wondered why qdbus is still on Qt4
Processing commands for cont...@bugs.debian.org:
> block 980836 by 982740
Bug #980836 [pulseaudio] pulseaudio: Internal speakers and microphone not
automatically selected when headset is unplugged from jack
980836 was not blocked by any bugs.
980836 was not blocking any bugs.
Added blocking bug(s
Your message dated Fri, 19 Feb 2021 10:03:34 +
with message-id
and subject line Bug#983090: fixed in python-django 2:3.2~alpha1-2
has caused the Debian Bug report #983090,
regarding python-django: CVE-2021-23336
to be marked as done.
This means that you claim that the problem has been dealt w
Your message dated Fri, 19 Feb 2021 09:48:39 +
with message-id
and subject line Bug#960153: fixed in openjdk-11 11.0.11+3-1
has caused the Debian Bug report #960153,
regarding C2 compiler gets SIGILL/ILL_ILLOPC
to be marked as done.
This means that you claim that the problem has been dealt wi
Package: xapp
Version: 2.0.6-1
Severity: serious
xapps-common is tagged as architecture:all, but the generated
xapp-sn-watcher.desktop included in it depends on the architecture it was
built on.
By accident, we rebuilt the arch:all packages from xapp on i386, while our
main architecture is amd64.
Source: xapian-core
Version: 1.4.18-2
Severity: serious
Tags: ftbfs patch
https://buildd.debian.org/status/fetch.php?pkg=xapian-core&arch=i386&ver=1.4.18-2&stamp=1613459435&raw=0
...
1 of 4 tests failed
Please report to https://xapian.org/bugs
Your message dated Fri, 19 Feb 2021 09:33:34 +
with message-id
and subject line Bug#983090: fixed in python-django 2:2.2.19-1
has caused the Debian Bug report #983090,
regarding python-django: CVE-2021-23336
to be marked as done.
This means that you claim that the problem has been dealt with.
Chris Lamb wrote:
> The following vulnerability was published for python-django.
[…]
>
> Django is vulnerable because it embeds parse_qsl:
>
> https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
Security team, let me know if you would like an update for stable.
Regards,
--
Package: python-django
Version: 1:1.10.7-2+deb9u10
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for python-django.
CVE-2021-23336[0]:
| The package python/cpython from 0 and before 3.6.13, from 3.7.0 and
| before 3.7.10, from
Hi Utkarsh,
Utkarsh Gupta wrote:
> On Tue, Feb 16, 2021 at 11:12 PM Axel Beckert wrote:
> > I'm running these patches (as in git) now for about 1.5 days on
> > Stretch and Buster in production. I'd say if I don't find any
> > regression until Wednesday evening (i.e. in 1 day), feel free to
> > fi
Hi Tony,
On Thu, 2021-02-18 at 07:16 -0800, tony mancill wrote:
> > Tags: ftbfs
> > Justification: fails to build from source (but built successfully
> > in the past)
>
> Hi Ritesh,
>
> It seems that a local sbuild in a clean chroot doesn't set the
> environment the same way that reproducible-bu
Source: hydrogen
Version: 1.0.1-2
Severity: serious
hydrogen fails to upgrade from buster to bullseye:
| Unpacking hydrogen (1.0.1-2) over (0.9.7-6) ...
| dpkg: error processing archive
/tmp/apt-dpkg-install-FM0qG7/00-hydrogen_1.0.1-2_amd64.deb (--unpack):
| trying to overwrite '/usr/share/man/m
Processing control commands:
> forwarded -1
Unknown command or malformed arguments to command.
> retitle -1 C2 compiler gets SIGILL/ILL_ILLOPC
Bug #960153 [openjdk-11-jre-headless] ca-certificates-java: Failed to install
ca-certificates-java on Beagle Bone Black
Changed Bug title to 'C2 compiler
Control: forwarded -1
https://mail.openjdk.java.net/pipermail/aarch32-port-dev/2021-February/001672.html
Control: retitle -1 C2 compiler gets SIGILL/ILL_ILLOPC
Control: tags -1 + moreinfo
Please could you recheck with openjdk-17-jre-headless or openjdk-16-jre-headless
from testing/unstable? I don'
On 15/12/2020 21:34, Jesse Smith wrote:
On 2020-12-15 5:04 p.m., Trek wrote:
On Tue, 15 Dec 2020 12:45:40 -0400
Jesse Smith wrote:
I gave the patch a test run and, while I like what it does in theory,
in practise I'm running into trouble with it. When I use the attached
patch and then run "ma
Your message dated Fri, 19 Feb 2021 08:48:34 +
with message-id
and subject line Bug#983027: fixed in r-bioc-mutationalpatterns 3.0.1+dfsg-2
has caused the Debian Bug report #983027,
regarding r-bioc-mutationalpatterns: autopkgtest regression in testing: no
package called ‘BSgenome.Hsapiens.UC
72 matches
Mail list logo
