Your message dated Wed, 07 Jul 2021 21:33:52 +
with message-id
and subject line Bug#990791: fixed in ruby-addressable 2.7.0-2
has caused the Debian Bug report #990791,
regarding ruby-addressable: CVE-2021-32740
to be marked as done.
This means that you claim that the problem has been dealt wi
On Wed, Jul 07, 2021 at 03:35:48PM +0200, Raphael Hertzog wrote:
> The simplest fix is thus to let nss migrate into bullseye.
The simplest fix is a binNMU of firefox-esr because the issue was fixed
in NSS, but since there's going to be a security update for firefox-esr
next week, I didn't ask for
Processing commands for cont...@bugs.debian.org:
> # I fail to spot how to properly tell the bts that this bug only lives
> # in backports
> tag 989799 bullseye-ignore
Bug #989799 {Done: Hideki Yamane } [manpages-l10n]
psmisc: Undeclared file conflict with manpages-de from buster-backports
Added
On Wed, 7 Jul 2021 15:35:48 +0200 Raphael Hertzog
wrote:
Control: severity -1 serious
Control: found -1 firefox-esr/78.11.0esr-1
Control: tag -1 + bullseye
Hello,
it looks like this issue resurfaced again and it happens in bullseye
right now (with firefox-esr 78.11.0esr-1 and libnss3 2:3.61-1)
On 07/07/2021 18.18, Otto Kekäläinen wrote:
Galera 3 works with MariaDB 10.1-10.3. Galera 4 works with MariaDB
10.4-10.6.
Galera 4 has new API, thus does not work with MariaDB 10.3.
Thanks for clarifying. That was not obvious since the filename of the
plugin library did not change. And anoth
Processing commands for cont...@bugs.debian.org:
> tags 990791 + upstream
Bug #990791 [src:ruby-addressable] ruby-addressable: CVE-2021-32740
Added tag(s) upstream.
> found 990791 2.7.0-1
Bug #990791 [src:ruby-addressable] ruby-addressable: CVE-2021-32740
Marked as found in versions ruby-addressab
Your message dated Wed, 07 Jul 2021 17:18:27 +
with message-id
and subject line Bug#990758: fixed in freedombox 21.4.3
has caused the Debian Bug report #990758,
regarding freedombox: please add Breaks: fuse (<< 3) and Depends: fuse3 (>= 3)
to be marked as done.
This means that you claim that
>
> Some general understanding question: Would mariadb-server-10.5 work with
> galera-3, too? (with only the Depends being relaxed to 'Depends:
> galera-4 | galera-3, ...', without recompilation or similar actions)
> (Bonus question: would mariadb-server-10.3/buster work with
> galera-4/bullseye wi
On Wed, 27 Jan 2021 23:18:24 +0100 Andreas Beckmann
wrote:
> ruby-uglifier/experimental recently started to FTBFS, probably after
some
> build-dependency was updated:
I think switching to ruby-terser is a good idea (gitlab and diaspora
moved already). This should be a drop in replacement (mov
Source: redmine
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for redmine.
CVE-2021-31863[0]:
| Insufficient input validation in the Git repository integration of
| Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before
Source: ruby-addressable
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for ruby-addressable.
CVE-2021-32740[0]:
| Addressable is an alternative implementation to the URI implementation
| that is part of Ruby's standard library
Your message dated Wed, 07 Jul 2021 15:03:27 +
with message-id
and subject line Bug#990780: fixed in jabref 3.8.2+ds-15
has caused the Debian Bug report #990780,
regarding jabref fails to start
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is no
Processing control commands:
> tag -1 pending
Bug #990780 [jabref] jabref fails to start
Added tag(s) pending.
--
990780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990780
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #990780 in jabref reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/java-team/jabref/-/commit/a5cd0e60aa196cb7a42cd5d206c746288
On 07/07/2021 15.37, Andreas Beckmann wrote:
you can find a 990708 branch in both repositories
The galera-4 upgrade job failed, but I'd expect that to succeed once the
mariadb-server-10.5 change is in as well.
BTW, the following apt option might be helpful for debugging upgrade
issues in yo
Processing control commands:
> clone -1 -2
Bug #990412 [libpam-yubico] libpam-ubico does not use multiarch paths
Bug #979973 [libpam-yubico] libpam-ubico does not use multiarch paths
Failed to clone 990412: Bug is marked as being merged with others. Use an
existing clone.
> retitle -2 mis-merge
control: clone -1 -2
control: retitle -2 mis-merge in patches prevents reading /lib/security
control: reassign -2 pam
control: found -2 1.4.0-1
control: severity -2 important
control: severity -1 serious
Steve said that it was not an intentional change to prevent finding pam
modules in /lib/securi
Processing control commands:
> severity -1 serious
Bug #31 [firefox-esr] [firefox-esr] NS_ERROR_NET_INADEQUATE_SECURITY for
https sites - libnss3 dependency
Severity set to 'serious' from 'normal'
> found -1 firefox-esr/78.11.0esr-1
Bug #31 [firefox-esr] [firefox-esr] NS_ERROR_NET_INADEQU
On 06/07/2021 01.25, Otto Kekäläinen wrote:
Thanks Andreas for testing potential changes!
So far this looks good, I see no more cases of default-mysql-server
being held at the buster version (and thus mariadb-server-10.3 instead
of mariadb-server-10.5 being installed).
If you file them as
> "Steve" == Steve Langasek writes:
Steve> For the record, I did not intentionally drop those lines,
Steve> this was a matter of a mis-merge.
Okay, if it was a miss-merge, let's see if we can fix.
I'm reasonably busy this morning but will try to prepare something later
today based on
Your message dated Wed, 07 Jul 2021 13:18:24 +
with message-id
and subject line Bug#987601: fixed in davmail 5.5.1.3299-5
has caused the Debian Bug report #987601,
regarding openjdk-11-jre-headless: libawt_xawt.so still listed as part of this
package instead of openjdk-11-jre
to be marked as
Processing control commands:
> tag -1 pending
Bug #990708 [mariadb-server-10.5,galera-4] mariadb-server-10.5: upgrade
problems due to galera-3 -> galera-4 switch
Added tag(s) pending.
--
990708: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990708
Debian Bug Tracking System
Contact ow...@bu
Control: tag -1 pending
Hello,
Bug #990708 in galera-4 reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/mariadb-team/galera-4/-/commit/12a63ae541f3ec7db84efd69b8
Processing commands for cont...@bugs.debian.org:
> reassign 990708 mariadb-server-10.5,galera-4
Bug #990708 [mariadb-server-10.5] mariadb-server-10.5: upgrade problems due to
galera-3 -> galera-4 switch
Bug reassigned from package 'mariadb-server-10.5' to
'mariadb-server-10.5,galera-4'.
No longe
Hi,
> My current policy was to Suggest: deps required by the ui components.
> This enables server users to skip those. I think I'll add default-jre
> as a Suggest: for the mean time
Moving on with the above solution.
Thanks, and sorry for the misinterpretation of bug severity values.
Alex
Processing commands for cont...@bugs.debian.org:
> retitle 990765 sshfs: please add Breaks: fuse (<< 3)
Bug #990765 {Done: Andreas Beckmann } [sshfs] sshfs: please
add Breaks: fuse (<< 2)
Changed Bug title to 'sshfs: please add Breaks: fuse (<< 3)' from 'sshfs:
please add Breaks: fuse (<< 2)'.
>
Processing commands for cont...@bugs.debian.org:
> fixed 983637 3.1.1-1
Bug #983637 {Done: Guido Günther } [tracker-miners]
tracker-extract: Add newfstat() to syscall list
There is no source info for the package 'tracker-miners' at version '3.1.1-1'
with architecture ''
Unable to make a source v
Processing commands for cont...@bugs.debian.org:
> severity 990746 serious
Bug #990746 [thawab] /usr/bin/thawab-gtk: thawab fails to start.
Severity set to 'serious' from 'important'
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
990746: https://bugs.deb
Processing control commands:
> severity -1 serious
Bug #987601 [src:davmail] openjdk-11-jre-headless: libawt_xawt.so still listed
as part of this package instead of openjdk-11-jre
Severity set to 'serious' from 'normal'
--
987601: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987601
Debian
Package: jabref
Version: 3.8.2+ds-14
Severity: serious
Tags: sid bullseye
$ jabref
Exception in thread "main" java.lang.UnsatisfiedLinkError: Can't load library:
/usr/lib/jvm/java-11-openjdk-amd64/lib/libawt_xawt.so
at java.base/java.lang.ClassLoader.loadLibrary(ClassLoader.java:2630)
Your message dated Wed, 07 Jul 2021 07:18:25 +
with message-id
and subject line Bug#990749: fixed in linuxptp 3.1-2.1
has caused the Debian Bug report #990749,
regarding linuxptp: CVE-2021-3571
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is no
Your message dated Wed, 07 Jul 2021 07:18:25 +
with message-id
and subject line Bug#990748: fixed in linuxptp 3.1-2.1
has caused the Debian Bug report #990748,
regarding linuxptp: CVE-2021-3570
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is no
Dear maintainer,
I've prepared an NMU for linuxptp (versioned as 3.1-2.1). The diff
is attached to this message. Given the time for the bullseye release I
went ahead without delay, hope this was fine with you.
Regards,
Salvatore
diff -Nru linuxptp-3.1/debian/changelog linuxptp-3.1/debian/changelo
33 matches
Mail list logo
