Bug#1011758: marked as done (smarty3: CVE-2022-29221 - template authors can inject php code by choosing malicious filenames)

Your message dated Mon, 30 May 2022 06:50:05 + with message-id and subject line Bug#1011758: fixed in smarty3 3.1.45-1 has caused the Debian Bug report #1011758, regarding smarty3: CVE-2022-29221 - template authors can inject php code by choosing malicious filenames to be marked as done. Thi

Bug#1012077: linuxinfo FTBFS on riscv64

Hello Alan, On Sun, May 29, 2022 at 02:45:29PM -0400, Alan Beadle wrote: > Package: linuxinfo > Version: 3.3.3-1 > Severity: serious > Tags: ftbfs patch upstream > Justification: fails to build from source > X-Debbugs-Cc: ab.bea...@gmail.com > > Dear Maintainer, > > linuxinfo currently fails to b

Processed: Bug#1011794 marked as pending in node-jsdom

Processing control commands: > tag -1 pending Bug #1011794 [src:node-jsdom] node-jsdom: FTBFS: tests fail Added tag(s) pending. -- 1011794: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011794 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems

Bug#1011794: marked as pending in node-jsdom

Control: tag -1 pending Hello, Bug #1011794 in node-jsdom reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-jsdom/-/commit/ec62560e4e89524bd3ef576736

Processed: fixed 1005189 in 2.4.0-2, closing 1005189

Processing commands for cont...@bugs.debian.org: > fixed 1005189 2.4.0-2 Bug #1005189 [src:gcolor3] gcolor3: FTBFS libportal/portal-gtk3.h: No such file or directory Marked as fixed in versions gcolor3/2.4.0-2. > close 1005189 2.4.0-2 Bug #1005189 [src:gcolor3] gcolor3: FTBFS libportal/portal-gtk

Bug#1012021: [Pkg-javascript-devel] Bug#1012021: unreproducible here

Il 29/05/22 21:34, Pirate Praveen ha scritto: On തി, മേയ് 30 2022 at 12:56:53 രാവിലെ +05:30:00 +05:30:00, Pirate Praveen wrote: On ഞാ, മേയ് 29 2022 at 09:34:45 രാവിലെ +02:00:00 +02:00:00, Paolo Greppi wrote: Hi Andreas! thanks for your report. To try to reproduce it, I set ... Finally the

Bug#1012083: quickfix FTBFS on riscv64

Source: quickfix Version: 1.15.1+dfsg-4 Severity: serious Tags: ftbfs patch upstream Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: ab.bea...@gmail.com Dear Maintainer, Currently, quickfix fails to build on riscv64. The problem occues due to the inclu

Processed: Fixed package already in unstable

Processing commands for cont...@bugs.debian.org: > fixed #1012060 8.15.0-2 Bug #1012060 [src:coq, src:coq-bignums] coq breaks coq-bignums autopkgtest: Compiled library Bignums.BigN.BigN makes inconsistent assumptions over library Coq.Init.Ltac The source 'coq' and version '8.15.0-2' do not appea

Processed: Fixed already

Processing commands for cont...@bugs.debian.org: > fixed #1012061 3.2.0-3 Bug #1012061 [src:coq, src:coquelicot] coq breaks coquelicot autopkgtest: Compiled library Coquelicot.Rcomplements makes inconsistent assumptions over library Coq.Init.Ltac The source 'coq' and version '3.2.0-3' do not app

Processed: add forwarded info

Processing commands for cont...@bugs.debian.org: > forwarded 1003502 https://github.com/digitalbazaar/jsonld.js/issues/485 Bug #1003502 [src:node-jsonld] node-jsonld: FTBFS with webpack 5: Invalid configuration object Set Bug forwarded-to-address to 'https://github.com/digitalbazaar/jsonld.js/is

Bug#965762: marked as done (opusfile: Removal of obsolete debhelper compat 5 and 6 in bookworm)

Your message dated Sun, 29 May 2022 19:49:07 + with message-id and subject line Bug#965762: fixed in opusfile 0.12-1~exp1 has caused the Debian Bug report #965762, regarding opusfile: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that

Processed: severity of 1011758 is grave

Processing commands for cont...@bugs.debian.org: > # was fixed in bullseye-security but not in unstable > severity 1011758 grave Bug #1011758 [src:smarty3] smarty3: CVE-2022-29221 - template authors can inject php code by choosing malicious filenames Severity set to 'grave' from 'important' > tha

Bug#1012077: linuxinfo FTBFS on riscv64

Package: linuxinfo Version: 3.3.3-1 Severity: serious Tags: ftbfs patch upstream Justification: fails to build from source X-Debbugs-Cc: ab.bea...@gmail.com Dear Maintainer, linuxinfo currently fails to build on riscv64 due to this architecture not being supported by upstream. I am attaching a pa

Bug#1010619: marked as done (rsyslog: CVE-2022-24903: Potential heap buffer overflow in TCP syslog server (receiver) components)

Your message dated Sun, 29 May 2022 18:32:39 + with message-id and subject line Bug#1010619: fixed in rsyslog 8.1901.0-1+deb10u2 has caused the Debian Bug report #1010619, regarding rsyslog: CVE-2022-24903: Potential heap buffer overflow in TCP syslog server (receiver) components to be marked

Bug#953530: marked as done (samba-common-bin: post-install fails with "lock directory /run/samba does not exist")

Your message dated Sun, 29 May 2022 18:02:22 + with message-id and subject line Bug#953530: fixed in samba 2:4.13.13+dfsg-1~deb11u4 has caused the Debian Bug report #953530, regarding samba-common-bin: post-install fails with "lock directory /run/samba does not exist" to be marked as done. T

Bug#1010837: marked as done (CVE-2022-30333 (unrar file write vulnerability) patch not yet available for Debian 10 packages)

Your message dated Sun, 29 May 2022 18:02:23 + with message-id and subject line Bug#1010837: fixed in unrar-nonfree 1:6.0.3-1+deb11u1 has caused the Debian Bug report #1010837, regarding CVE-2022-30333 (unrar file write vulnerability) patch not yet available for Debian 10 packages to be marke

Bug#1005642: marked as done (possible gross file corruption due to windows client cache poisoning)

Your message dated Sun, 29 May 2022 18:02:22 + with message-id and subject line Bug#1005642: fixed in samba 2:4.13.13+dfsg-1~deb11u4 has caused the Debian Bug report #1005642, regarding possible gross file corruption due to windows client cache poisoning to be marked as done. This means that

Bug#1010619: marked as done (rsyslog: CVE-2022-24903: Potential heap buffer overflow in TCP syslog server (receiver) components)

Your message dated Sun, 29 May 2022 18:02:08 + with message-id and subject line Bug#1010619: fixed in rsyslog 8.2102.0-2+deb11u1 has caused the Debian Bug report #1010619, regarding rsyslog: CVE-2022-24903: Potential heap buffer overflow in TCP syslog server (receiver) components to be marked

Bug#1004691: marked as done (samba: CVE-2021-43566)

Your message dated Sun, 29 May 2022 18:02:22 + with message-id and subject line Bug#1004691: fixed in samba 2:4.13.13+dfsg-1~deb11u4 has caused the Debian Bug report #1004691, regarding samba: CVE-2021-43566 to be marked as done. This means that you claim that the problem has been dealt with.

Bug#1009733: src:exempi: fails to migrate to testing for too long: FTBFS on armel and armhf

Hi, On Sat, 16 Apr 2022 00:21:46 +0200 Michael Biebl wrote: Dear arm porters, > can you please take a look at this? Ping from the Release Team. This package is a key package (so the RC bug can't be "fixed" by removal from testing). Am 15.04.22 um 21:19 schrieb Paul Gevers: > Source: exe

Processed: coq breaks coquelicot autopkgtest: Compiled library Coquelicot.Rcomplements makes inconsistent assumptions over library Coq.Init.Ltac

Processing control commands: > found -1 coq/8.15.1+dfsg-2 Bug #1012061 [src:coq, src:coquelicot] coq breaks coquelicot autopkgtest: Compiled library Coquelicot.Rcomplements makes inconsistent assumptions over library Coq.Init.Ltac Marked as found in versions coq/8.15.1+dfsg-2. > found -1 coqueli

Bug#1012061: coq breaks coquelicot autopkgtest: Compiled library Coquelicot.Rcomplements makes inconsistent assumptions over library Coq.Init.Ltac

Source: coq, coquelicot Control: found -1 coq/8.15.1+dfsg-2 Control: found -1 coquelicot/3.2.0-2 Severity: serious Tags: sid bookworm User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of coq the autopkgtest of coquelicot fails in testing whe

Bug#997435: marked as done (jupyter-sphinx-theme: FTBFS: error in jupyter-sphinx-theme setup command: use_2to3 is invalid.)

Your message dated Sun, 29 May 2022 15:33:52 + with message-id and subject line Bug#997435: fixed in jupyter-sphinx-theme 0.0.6+ds1-11 has caused the Debian Bug report #997435, regarding jupyter-sphinx-theme: FTBFS: error in jupyter-sphinx-theme setup command: use_2to3 is invalid. to be marke

Processed: coq breaks coq-bignums autopkgtest: Compiled library Bignums.BigN.BigN makes inconsistent assumptions over library Coq.Init.Ltac

Processing control commands: > found -1 coq/8.15.1+dfsg-2 Bug #1012060 [src:coq, src:coq-bignums] coq breaks coq-bignums autopkgtest: Compiled library Bignums.BigN.BigN makes inconsistent assumptions over library Coq.Init.Ltac Marked as found in versions coq/8.15.1+dfsg-2. > found -1 coq-bignums

Bug#1012060: coq breaks coq-bignums autopkgtest: Compiled library Bignums.BigN.BigN makes inconsistent assumptions over library Coq.Init.Ltac

Source: coq, coq-bignums Control: found -1 coq/8.15.1+dfsg-2 Control: found -1 coq-bignums/8.15.0-1 Severity: serious Tags: sid bookworm User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of coq the autopkgtest of coq-bignums fails in testing

Bug#1012059: bind9: autopkgtest regression on amd64 and armhf: connection refused

Source: bind9 Version: 1:9.18.3-1 Severity: serious User: debian...@lists.debian.org Usertags: regression Dear maintainer(s), With a recent upload of bind9 the autopkgtest of bind9 fails in testing on amd64 and armhf when that autopkgtest is run with the binary packages of bind9 from unstable.

Bug#1011146: upgrade-system is marked for autoremoval from testing

Hi all, As other dev/maintainers, I got a the autoremoval notification for package resource-agents-paf, which has nothing to do with nvidia things. Maybe what maintainers should do might be clarified here? Should we just sit & wait for the next notification about the false positive bug being fixe

Bug#1012017: marked as pending in librsvg

Control: tag -1 pending Hello, Bug #1012017 in librsvg reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/gnome-team/librsvg/-/commit/7bb4b0b3a7fe699ddc068190b

Processed: Bug#1012017 marked as pending in librsvg

Processing control commands: > tag -1 pending Bug #1012017 [src:librsvg] librsvg: fails to clean after successful build Added tag(s) pending. -- 1012017: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012017 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems

Bug#1011603: FTBFS with systemd v251 in dh_auto_test

On Wed, 25 May 2022 10:34:15 +0200 Michael Biebl wrote: Source: bolt Version: 0.9.2-1 Severity: serious bolt currently FTBFS during dh_auto_test and also fails its autopktest. This is due to a change in systemd v251. See https://github.com/systemd/systemd/issues/23499 where this is being disc

Processed: Re: Bug#1005873: marked as done (gbp 0.9.26 will break dgit --gbp)

Processing commands for cont...@bugs.debian.org: > fixed 1012024 0.9.25 Bug #1012024 [git-buildpackage] Please declare Breaks: dgit (<< 9.16~) Marked as fixed in versions git-buildpackage/0.9.25. > End of message, stopping processing here. Please contact me if you need assistance. -- 1012024: ht

Bug#1011913: marked as done (haskell-devscripts: DEB_ENABLE_TESTS ignored)

Your message dated Sun, 29 May 2022 09:20:47 + with message-id and subject line Bug#1011913: fixed in haskell-swish 0.10.2.0-1 has caused the Debian Bug report #1011913, regarding haskell-devscripts: DEB_ENABLE_TESTS ignored to be marked as done. This means that you claim that the problem has

Bug#1003190: marked as done (tcpslice: CVE-2021-41043: use-after-free in extract_slice())

Your message dated Sun, 29 May 2022 08:35:32 + with message-id and subject line Bug#1003190: fixed in tcpslice 1.5-1 has caused the Debian Bug report #1003190, regarding tcpslice: CVE-2021-41043: use-after-free in extract_slice() to be marked as done. This means that you claim that the proble

Processed: Re: Bug#1011913: haskell-swish: FTBFS: make: *** [/usr/share/cdbs/1/class/hlibrary.mk:153: build-ghc-stamp] Error 25

Processing control commands: > reassign -1 haskell-swish Bug #1011913 [haskell-devscripts] haskell-devscripts: DEB_ENABLE_TESTS ignored Bug reassigned from package 'haskell-devscripts' to 'haskell-swish'. Ignoring request to alter found versions of bug #1011913 to the same values previously set I

Bug#1011913: haskell-swish: FTBFS: make: *** [/usr/share/cdbs/1/class/hlibrary.mk:153: build-ghc-stamp] Error 25

Control: reassign -1 haskell-swish Control: tag -1 pending Quoting Scott Talbert (2022-05-29 03:48:43) > On Sat, 28 May 2022, Jonas Smedegaard wrote: > > > Control: reassign -1 haskell-devscripts > > Control: retitle -1 haskell-devscripts: DEB_ENABLE_TESTS ignored > > Control: affects -1 haskell-

Bug#1012021: unreproducible here

Hi Andreas! thanks for your report. To try to reproduce it, I set up multiarch for docker (https://github.com/multiarch/qemu-user-static) then: docker run --rm -it arm64v8/debian:unstable bash apt update apt upgrade apt install curl yarnpkg curl -o package.json https://salsa

Bug#1011971: marked as done (libmobi: CVE-2022-1533 CVE-2022-1534 CVE-2022-1907 CVE-2022-1908)

Your message dated Sun, 29 May 2022 09:29:01 +0200 with message-id and subject line ftpmas...@ftp-master.debian.org: Accepted libmobi 0.11+dfsg-1 (source) into unstable has caused the Debian Bug report #1011971, regarding libmobi: CVE-2022-1533 CVE-2022-1534 CVE-2022-1907 CVE-2022-1908 to be mark