Source: jemalloc
Version: 5.2.1-2
Severity: serious
Justification: policy 4.9 violation
X-Debbugs-Cc: Vineet Gupta
jemalloc's build attempts to retrieve docbookx.dtd from the network
during build. There can be three outcomes:
1. Network is unavailable. A warning is printed. See e.g.
https://b
Your message dated Sat, 27 Mar 2021 02:22:18 +
with message-id
and subject line Bug#985529: fixed in magma 2.5.4+ds-3
has caused the Debian Bug report #985529,
regarding libmagma-dev: broken symlinks: /usr/lib/libmagma{,_sparse}.so ->
libmagma{,_sparse}.so.2
to be marked as done.
This means
Processing commands for cont...@bugs.debian.org:
> fixed 985962 4.0.0~0.0svn1879217-1
Bug #985962 [src:spamassassin] spamassassin: CVE-2020-1946: arbitrary code
execution via malicious rule configuration files
Marked as fixed in versions spamassassin/4.0.0~0.0svn1879217-1.
> thanks
Stopping proce
Your message dated Fri, 26 Mar 2021 23:48:37 +
with message-id
and subject line Bug#983404: fixed in scipy 1.6.2-1
has caused the Debian Bug report #983404,
regarding python3-scipy: scipy 1.6.1 changed API for sparse (COO) matrices
to be marked as done.
This means that you claim that the prob
Processing control commands:
> severity -1 serious
Bug #978674 [python3-build] python3-build: Fails to work unless pip is installed
Severity set to 'serious' from 'normal'
> tags -1 + help
Bug #978674 [python3-build] python3-build: Fails to work unless pip is installed
Added tag(s) help.
--
9786
Control: tag -1 pending
Hello,
Bug #983404 in python-scipy reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/packages/scipy/-/commit/5acfe43c748bc487f
Processing control commands:
> tag -1 pending
Bug #983404 [python3-scipy] python3-scipy: scipy 1.6.1 changed API for sparse
(COO) matrices
Added tag(s) pending.
--
983404: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983404
Debian Bug Tracking System
Contact ow...@bugs.debian.org with prob
Processing commands for cont...@bugs.debian.org:
> fixed 985962 3.4.5~pre1-1
Bug #985962 [src:spamassassin] spamassassin: CVE-2020-1946: arbitrary code
execution via malicious rule configuration files
Marked as fixed in versions spamassassin/3.4.5~pre1-1.
> thanks
Stopping processing here.
Pleas
Processing commands for cont...@bugs.debian.org:
> found 985962 3.4.2-1
Bug #985962 [src:spamassassin] spamassassin: CVE-2020-1946: arbitrary code
execution via malicious rule configuration files
Marked as found in versions spamassassin/3.4.2-1.
> thanks
Stopping processing here.
Please contact
Processing commands for cont...@bugs.debian.org:
> retitle 985962 spamassassin: CVE-2020-1946: arbitrary code execution via
> malicious rule configuration files
Bug #985962 [src:spamassassin] spamassassin: arbitrary code execution via
malicious rule configuration files
Changed Bug title to 'spam
Processing commands for cont...@bugs.debian.org:
> tags 985963 + pending
Bug #985963 [src:debuerreotype] debuerreotype: uses debian-archive-keyring in
autopkgtests without real dependency
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
98596
tags 985963 + pending
thanks
On Fri, 26 Mar 2021 at 15:45, Gianfranco Costamagna
wrote:
> Hello, looks like the debian/tests/stretch is using the keyring but the
> package has only a recommends on that dependency.
> This makes the autopkgtest fail when apt is configured with
> --no-install-reco
Source: debuerreotype
Version: 0.10-2
Severity: serious
Justification: breaks autopkgtests when recommended packages are not installed
by default
tags: patch
Hello, looks like the debian/tests/stretch is using the keyring but the package
has only a recommends on that dependency.
This makes the
Processing commands for cont...@bugs.debian.org:
> found 985864 1:14.0.0-1
Bug #985864 [trove-common] trove-common: fails to install: install: cannot stat
'/usr/share/trove-common/trove-guestagent.conf': No such file or directory
Marked as found in versions openstack-trove/1:14.0.0-1.
> found 669
Source: spamassassin
Version: 3.4.2-1+deb10u2
Severity: grave
Tags: security patch upstream
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
CVE-2020-1946
Quoting from https://www.openwall.com/lists/oss-security/2021/03/24/3 :
In Apache SpamAssassin before 3.4.5, maliciou
I'm dropping the bug submitter from CC because I believe the discussion is no
longer relevant for him.
Am Freitag, den 26.03.2021, 21:08 +0100 schrieb wf...@niif.hu:
> Markus Koschany writes:
[...]
> > Yes, exactly. There should be a versioned dependency on
> > pacemaker-cli-utils.
>
> What kind
Your message dated Fri, 26 Mar 2021 21:03:36 +
with message-id
and subject line Bug#985858: fixed in rust-sniffglue 0.11.1-6
has caused the Debian Bug report #985858,
regarding Fails to start with seccomp violation (eventfd2)
to be marked as done.
This means that you claim that the problem ha
Your message dated Fri, 26 Mar 2021 20:48:27 +
with message-id
and subject line Bug#985927: fixed in uif 1.1.9-3
has caused the Debian Bug report #985927,
regarding uif: fails to start since iptables have been relocated to /usr/sbin/
to be marked as done.
This means that you claim that the pr
Processing commands for cont...@bugs.debian.org:
> tags 985947 + confirmed upstream
Bug #985947 [varnish-modules] CVE-2021-28543
Added tag(s) confirmed.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
985947: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98594
Processing commands for cont...@bugs.debian.org:
> reassign 985910 ibus-clutter
Bug #985910 [libclutter-imcontext-0.1-bin] libclutter-imcontext-0.1-bin:
post-installation script subprocess - error exit status 1
Bug reassigned from package 'libclutter-imcontext-0.1-bin' to 'ibus-clutter'.
No longe
Processing commands for cont...@bugs.debian.org:
> forcemerge 985453 985910
Bug #985453 [ibus-clutter] ibus-clutter: fails to upgrade from 'buster':
insufficient dependencies
Unable to merge bugs because:
package of #985910 is 'libclutter-imcontext-0.1-bin' not 'ibus-clutter'
Failed to forcibly m
Markus Koschany writes:
> Am Freitag, den 26.03.2021, 16:37 +0100 schrieb wf...@niif.hu:
>
>> Thorsten Rehm writes:
>>
>>> In my opinion the crmsh package should be more strict with the
>>> pacemaker-cli-utils package
>>
>> Sorry for not looking into this sooner. What do you mean by being
>>
Hi
The correct debdiff is attached.
Regards,
Salvatore
diff -Nru ldb-2.2.0/debian/changelog ldb-2.2.0/debian/changelog
--- ldb-2.2.0/debian/changelog 2020-11-18 20:33:02.0 +0100
+++ ldb-2.2.0/debian/changelog 2021-03-26 19:52:18.0 +0100
@@ -1,3 +1,17 @@
+ldb (2:2.2.0-3.1) unstab
Processing control commands:
> tags 985935 + patch
Bug #985935 [src:ldb] ldb: CVE-2021-20277
Ignoring request to alter tags of bug #985935 to the same tags previously set
> tags 985935 + pending
Bug #985935 [src:ldb] ldb: CVE-2021-20277
Ignoring request to alter tags of bug #985935 to the same tag
Processing control commands:
> tags 985935 + patch
Bug #985935 [src:ldb] ldb: CVE-2021-20277
Added tag(s) patch.
> tags 985935 + pending
Bug #985935 [src:ldb] ldb: CVE-2021-20277
Added tag(s) pending.
> tags 985936 + patch
Bug #985936 [src:ldb] ldb: CVE-2020-27840
Added tag(s) patch.
> tags 985936
Control: tags 985935 + patch
Control: tags 985935 + pending
Control: tags 985936 + patch
Control: tags 985936 + pending
Hi Mathieu and Debian Samba maintainers,
I've prepared an NMU for ldb (versioned as 2:2.2.0-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it l
hey,
if you don't mind please go ahead.
Thank you!
Processing commands for cont...@bugs.debian.org:
> tags 985947 + upstream
Bug #985947 [varnish-modules] CVE-2021-28543
Added tag(s) upstream.
> found 985947 varnish-modules
Bug #985947 [varnish-modules] CVE-2021-28543
There is no source info for the package 'varnish-modules' at version
'varnish-m
On Fri, Mar 26, 2021 at 04:14:14AM +0100, Matija Nalis wrote:
> After all, we still have several "reiserfs" named packages in Debian
> main, and one should well argue that Hans Reiser actions were much bigger
> atrocity than RMS-based one.
thank you for that input!
> Perhaps check-dfsg-status mi
Hi Andreas,
Sorry for not responding sooner, some mail forwarding problem
intervened. Looks like there's another serious problem with the
security upload breaking the buster upgrade path, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981088. I haven't
asked the Security Team yet, but if
Hi,
I upgraded snapd from the stable channel today. It does seem as if more
confinement is now activated because of an error I am now getting with
bitcoin-core. The error is Error: Unable to open settings file
/home/user/.bitcoin/settings.json.tmp for writing. I checked the
permissions with the sn
Hello Feri,
Am Freitag, den 26.03.2021, 16:37 +0100 schrieb wf...@niif.hu:
> Control: reassign -1 libpe-status10 1.1.24-0+deb9u1
> Control: severity -1 serious
>
> Thorsten Rehm writes:
>
> > In my opinion the crmsh package should be more strict with the
> > pacemaker-cli-utils package
>
> Sor
Package: libubootenv-tool
Version: 0.3-1
Severity: grave
Hello,
there are compatibility problems with RAUC and the libubootenv-tool package.
RAUC requires the fw_setenv and fw_printenv utilites to interact with the
u-boot-environment. After Installing the libubootenv-tool package to get
fw_prin
Package: varnish-modules
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
https://varnish-cache.org/security/VSV6.html
Patch:
https://github.com/varnish/varnish-modules/commit/2c120e576ebb73bc247790184702ba58dc0afc39
Cheers,
Moritz
Processing control commands:
> reassign -1 libpe-status10 1.1.24-0+deb9u1
Bug #981088 [pacemaker] pacemaker: crm shell can't be executed due to a library
error
Bug reassigned from package 'pacemaker' to 'libpe-status10'.
No longer marked as found in versions 1.1.24-0+deb9u1.
Ignoring request to a
Control: forwarded -1 https://github.com/libcgroup/libcgroup/issues/12
Control: tags -1 + upstream
On Tue, 28 Apr 2020 15:22:35 +0900 Ryutaroh Matsumoto
wrote:
> Package: cgroup-tools
> Version: 0.41-10
> Severity: normal
> Tags: wontfix
> User: pkg-systemd-maintain...@lists.alioth.debian.org
>
Processing control commands:
> forwarded -1 https://github.com/libcgroup/libcgroup/issues/12
Bug #959022 [cgroup-tools] cgroup-tools: does not work in cgroup2 / unified
hierarchy
Set Bug forwarded-to-address to
'https://github.com/libcgroup/libcgroup/issues/12'.
> tags -1 + upstream
Bug #959022
Package: uif
Version: 1.1.9-2
Severity: grave
The uif script fails to load on systems with still separate /(s)bin
and /usr/(s)bin folders.
The iptables executables have recently beem moved from /sbin/ to
/usr/sbin/. The uif init script and the uif Perl script both have
those /sbin/ locati
Processing commands for cont...@bugs.debian.org:
> found 985935 2:1.5.1+really1.4.6-3
Bug #985935 [src:ldb] ldb: CVE-2021-20277
Marked as found in versions ldb/2:1.5.1+really1.4.6-3.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
985935: https://bugs.debian.org/c
Processing commands for cont...@bugs.debian.org:
> found 985936 2:1.5.1+really1.4.6-3
Bug #985936 [src:ldb] ldb: CVE-2020-27840
Marked as found in versions ldb/2:1.5.1+really1.4.6-3.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
985936: https://bugs.debian.org/c
Source: ldb
Version: 2:2.2.0-3
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14595
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for ldb.
CVE-2020-27840[0]:
|
Source: ldb
Version: 2:2.2.0-3
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14655
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for ldb.
CVE-2021-20277[0]:
|
Package: openstack-trove
Version: 1:13.0.0-1
Severity: serious
Hi,
I never really tried Trove myself, and therefore, I would prefer if it was not
part of Bullseye. It will still be available from the unofficial repository
of OpenStack (osbpo.debian.net, accessible with extrepo).
Cheers,
Thomas
Hi Andreas,
On 2021-03-25 09:39, Andreas Beckmann wrote:
> On 24/03/2021 22.59, Andrius Merkys wrote:
>> However, I am not sure how to proceed next. In principle I could tinker
>> with maintscripts, but I am not sure how to instruct piuparts to pick my
>> .deb instead of what is already present in
Your message dated Fri, 26 Mar 2021 10:04:02 +
with message-id
and subject line Bug#985879: fixed in xdmf 3.0+git20190531-7
has caused the Debian Bug report #985879,
regarding libxdmf3: broken symlink
/usr/lib/x86_64-linux-gnu/xdmf/serial/libXdmfUtils.so.3 ->
../serialMPI@/libXdmfUtils.so.3.
Processing commands for cont...@bugs.debian.org:
> user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was a...@debian.org).
> unarchive 918165
Bug #918165 {Done: Christoph Goehre }
[xul-ext-quotecolors] Broken with Thunderbird 60
Unarchived Bug 918165
> usertags 918165 pi
46 matches
Mail list logo
