Processing commands for cont...@bugs.debian.org:
> retitle 1103396 mysql-connector-python: CVE-2025-30714
Bug #1103396 {Done: Daniel Leidert }
[src:mysql-connector-python] rmysql-connector-python: CVE-2025-30714
Changed Bug title to 'mysql-connector-python: CVE-2025-30714' from
'rmysql-connector
Your message dated Mon, 02 Jun 2025 00:19:03 +
with message-id
and subject line Bug#1103396: fixed in mysql-connector-python 9.3.0-1
has caused the Debian Bug report #1103396,
regarding rmysql-connector-python: CVE-2025-30714
to be marked as done.
This means that you claim that the problem ha
Processing control commands:
> tag -1 pending
Bug #1103396 [src:mysql-connector-python] rmysql-connector-python:
CVE-2025-30714
Added tag(s) pending.
--
1103396: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103396
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #1103396 in mysql-connector-python reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/packages/mysql-connector-pytho
Processing commands for cont...@bugs.debian.org:
> reopen 1012859
Bug #1012859 {Done: Holger Wansing }
[installation-reports] installation-reports: Ethernet firmware module failure -
no LAN / internet access during or after install
Bug reopened
Ignoring request to alter fixed versions of bug #10
reopen 1012859
thanks
Leslie, please retain me in CC for your replies.
Holger Wansing writes:
> Leslie Rhorer wrote:
>> OK, I went ahead and did a fresh install of Bookworm and the 10G NIC works.
>
Yes, that's the "crippled system". The above quote is truncated, and
there is a second server
Control: tags 1065949 + patch
Control: tags 1065949 + pending
Dear maintainer,
I've prepared an NMU for keynav (versioned as 0.20180421~git6505bd0d-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should cancel it.
Regards.
diffstat for keynav-0.20180421~git6505bd0d keynav-0
Processing control commands:
> tags 1065949 + patch
Bug #1065949 [src:keynav] keynav: FTBFS on arm{el,hf}: error: implicit
declaration of function ‘asprintf’; did you mean ‘vsprintf’?
[-Werror=implicit-function-declaration]
Added tag(s) patch.
> tags 1065949 + pending
Bug #1065949 [src:keynav] k
On Thu, 22 May 2025 20:46:34 +0200 Sebastian Ramacher
wrote:
> Control: severity -1 serious
Hi Sebastian,
I'm a bit surprised about the timing of the removal, is this the final
call about the severity from Release Team?
What is the default replacement for the client? and for the server?
I look
Your message dated Sun, 01 Jun 2025 22:34:13 +
with message-id
and subject line Bug#1094409: fixed in golang-github-notaryproject-notation
1.2.0-5
has caused the Debian Bug report #1094409,
regarding golang-github-notaryproject-notation-go: CVE-2024-56138
to be marked as done.
This means tha
What do you expect me to do?
Debian only allows source upload, so whatever is in unstable will be used
for compile.
On Sat, 31 May 2025, 18:01 Chris Hofstädtler, wrote:
> Source: mongo-c-driver
> Version: 1.30.4-1
> Severity: serious
> Control: affects -1 src:syslog-ng
> X-Debbugs-CC: syslog...
On Wed, 07 May 2025 20:30:00 + Martin wrote:
> On 2025-05-07 16:29, Pirate Praveen wrote:
> > On Tue, 06 May 2025 21:54:57 + Martin wrote:
> >> 3. But even then the chown in postinst happens *before* the group and
> >>user are created. No idea how to fix that.
> >>
> > May be we can e
Your message dated Sun, 01 Jun 2025 20:52:20 +
with message-id
and subject line Bug#1099238: fixed in helm 4.0.3-1
has caused the Debian Bug report #1099238,
regarding helm: FTBFS: helm-command.el:23:11: Error: Wrong type argument
to be marked as done.
This means that you claim that the probl
This mail will bump the autoremoval date a bit into the future,
but please note that due to the current hard freeze status, removal from
trixie will likely be permanent if it is going through.
A upload to fix #1100891 was done.
But for this to help a unblock request needs to be filed (and granted)
Package: cross-gcc-dev
Version: 249
Severity: serious
Justification: should it be included in trixie?
User: helm...@debian.org
Usertags: rebootstrap
X-Debbugs-Cc: debian-cr...@lists.debian.org
Hi,
cross-gcc-dev is in a sorry state. To be honest, it is fair to say that
I broke it. How? With lots o
Your message dated Sun, 01 Jun 2025 21:35:43 +0200
with message-id
and subject line Re: #1012859installation-reports: Ethernet firmware module
failure - no LAN / internet access during or after install
has caused the Debian Bug report #1012859,
regarding installation-reports: Ethernet firmware mo
Hi,
On Sun, Jun 01, 2025 at 08:14:24PM +0200, Paride Legovini wrote:
> On 2025-05-28 23.34, Salvatore Bonaccorso wrote:
> > The following vulnerabilities were published for isc-kea.
> >
> [...]
> >
> > While at least CVE-2025-32801 is a nonissue in Debian context as the
> > daemon does not as ro
Processing commands for cont...@bugs.debian.org:
> retitle 1107082 RM: netdata -- ROM; RoQA; turned proprietary
Bug #1107082 [ftp.debian.org] RM: netdata -- turned proprietary [RoM;RoQA]
Changed Bug title to 'RM: netdata -- ROM; RoQA; turned proprietary' from 'RM:
netdata -- turned proprietary [R
On 2025-05-28 23.34, Salvatore Bonaccorso wrote:
> The following vulnerabilities were published for isc-kea.
>
[...]
>
> While at least CVE-2025-32801 is a nonissue in Debian context as the
> daemon does not as root, cf. the detailed writeup at [3], it might be
> still a good idea to have isc-kea
Your message dated Sun, 01 Jun 2025 17:58:22 +
with message-id
and subject line Bug#1106720: Removed package(s) from unstable
has caused the Debian Bug report #1066762,
regarding pypdf2: FTBFS: make[1]: *** [debian/rules:35: override_dh_auto_test]
Error 1
to be marked as done.
This means tha
Your message dated Sun, 01 Jun 2025 17:57:14 +
with message-id
and subject line Bug#1106882: Removed package(s) from unstable
has caused the Debian Bug report #1104180,
regarding inform: FTBFS arch:all
to be marked as done.
This means that you claim that the problem has been dealt with.
If th
Your message dated Sun, 01 Jun 2025 17:58:22 +
with message-id
and subject line Bug#1106720: Removed package(s) from unstable
has caused the Debian Bug report #1061162,
regarding pypdf2: Do not release with Trixie
to be marked as done.
This means that you claim that the problem has been dealt
retitle 1107082 RM: netdata -- turned proprietary [RoM;RoQA]
reassign 1107082 ftp.debian.org
thanks
Hi Chris,
On 6/1/25 13:24, Chris Hofstaedtler wrote:
I'm proposing to remove netdata from Debian (unstable), due to the
licensing concerns mentioned in #1106233 (Orphan bug). I understand
these t
Processing commands for cont...@bugs.debian.org:
> retitle 1107082 RM: netdata -- turned proprietary [RoM;RoQA]
Bug #1107082 [src:netdata] netdata: propose to remove
Changed Bug title to 'RM: netdata -- turned proprietary [RoM;RoQA]' from
'netdata: propose to remove'.
> reassign 1107082 ftp.debia
Your message dated Sun, 01 Jun 2025 17:49:07 +
with message-id
and subject line Bug#1073046: fixed in cups 2.4.10-3
has caused the Debian Bug report #1073046,
regarding FTBFS with huge file number limit due to testsuite timeouts
to be marked as done.
This means that you claim that the problem
Processing commands for cont...@bugs.debian.org:
> # seems like this is a major problem then?
> severity 1074591 serious
Bug #1074591 [acct] /etc/cron.monthly/acct uses `last` which has been removed
from util-linux
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.
Please
Your message dated Sun, 01 Jun 2025 12:48:59 +
with message-id
and subject line Bug#1106793: fixed in balboa 2.0.0+ds-7
has caused the Debian Bug report #1106793,
regarding balboa: statically linked against glibc without a Built-Using: field
to be marked as done.
This means that you claim tha
Your message dated Sun, 01 Jun 2025 12:49:50 +
with message-id
and subject line Bug#1094409: fixed in golang-github-notaryproject-notation-go
1.2.1-5
has caused the Debian Bug report #1094409,
regarding golang-github-notaryproject-notation-go: CVE-2024-56138
to be marked as done.
This means
Your message dated Sun, 01 Jun 2025 12:08:14 +
with message-id
and subject line Bug#1103005: fixed in zurl 1.12.0-2
has caused the Debian Bug report #1103005,
regarding zurl: FTBFS in testing/arm64: dh_auto_test: error: make -j1 check
"TESTSUITEFLAGS=-j1 --verbose" VERBOSE=1 returned exit cod
Hi,
On 2025-06-01 12:04, Sascha Steinbiss wrote:
> Hi,
>
> first of all thanks for noticing and raising this!
>
> > > > The balboa package provides /usr/bin/balboa-backend-console which is
> > > > statically linked against glibc.
> > > >
> > > > glibc is mostly using a LGPL license which requir
Hello,
On Sun 01 Jun 2025 at 02:54am -07, Xiyue Deng wrote:
> Sean Whitton writes:
>
>> Hello,
>>
>> On Sun 01 Jun 2025 at 01:44am -07, Xiyue Deng wrote:
>>
>>> BTW, I have pushed a few more improvements to the branch, and would like
>>> you to take a look and see if it's ready. TIA!
>>
>> It l
Source: netdata
Version: 2.0.3+dfsg-5
Severity: serious
Hi,
I'm proposing to remove netdata from Debian (unstable), due to the
licensing concerns mentioned in #1106233 (Orphan bug). I understand
these to mean that src:netdata is mostly useless in Debian. Even
users with a commercial netdata li
On Sat, May 31, 2025 at 04:49:25PM -0400, Roberto C. Sánchez wrote:
> Then, it seems, on 2025-05-18, the hard freeze was announced. But in
> past release cycles the implementation of a new stage of the freeze
> would only apply to packages uploaded *after* that stage of the freeze
> had been entere
Your message dated Sun, 01 Jun 2025 10:49:35 +
with message-id
and subject line Bug#1106432: fixed in openrgb 0.9+git20250413+ds-2
has caused the Debian Bug report #1106432,
regarding openrgb: FTBFS: undefined reference to
`hueplusplus::Group::Group(int...
to be marked as done.
This means th
Processing control commands:
> severity -1 important
Bug #1106356 [webext-plasma-browser-integration]
webext-plasma-browser-integration: plasma-browser-integration uses 100% CPU as
soon as YouTube is opened
Severity set to 'important' from 'grave'
--
1106356: https://bugs.debian.org/cgi-bin/bu
Hi,
first of all thanks for noticing and raising this!
The balboa package provides /usr/bin/balboa-backend-console which is
statically linked against glibc.
glibc is mostly using a LGPL license which requires that the full source
code of the incorporating binary package be made available. Acco
Your message dated Sun, 01 Jun 2025 10:04:45 +
with message-id
and subject line Bug#1107073: fixed in roundcube 1.6.11+dfsg-1
has caused the Debian Bug report #1107073,
regarding roundcube: Post-Auth RCE via PHP Object Deserialization
to be marked as done.
This means that you claim that the p
On Sun, 01 Jun 2025 at 11:10:05 +0200, Guilhem Moulin wrote:
> Roundcube webmail upstream has recently released 1.6.10 [0]
Meant 1.6.11 (and 1.5.10).
--
Guilhem.
signature.asc
Description: PGP signature
Sean Whitton writes:
> Hello,
>
> On Sun 01 Jun 2025 at 01:44am -07, Xiyue Deng wrote:
>
>> BTW, I have pushed a few more improvements to the branch, and would like
>> you to take a look and see if it's ready. TIA!
>
> It looks good (though do close the orphaning bug)
Ah indeed. I've updated t
control: severity -1 important
Hi,
Le vendredi 23 mai 2025, 13:15:03 heure d’été d’Europe centrale Pedro Ribeiro a
écrit :
> Package: webext-plasma-browser-integration
> Version: 6.3.4-1
> Severity: grave
I’m lowering the severity since the issue is not widely reported and must be
due to some
Hello,
On Sun 01 Jun 2025 at 01:44am -07, Xiyue Deng wrote:
> BTW, I have pushed a few more improvements to the branch, and would like
> you to take a look and see if it's ready. TIA!
It looks good (though do close the orphaning bug) but I'm concerned
about importing a new upstream version. Th
Processing control commands:
> found -1 1.6.5+dfsg-1+deb12u4
Bug #1107073 [src:roundcube] roundcube: Post-Auth RCE via PHP Object
Deserialization
Marked as found in versions roundcube/1.6.5+dfsg-1+deb12u4.
> found -1 1.4.15+dfsg.1-1+deb11u4
Bug #1107073 [src:roundcube] roundcube: Post-Auth RCE vi
Source: roundcube
Version: 1.6.10+dfsg-2
Severity: grave
Control: found -1 1.6.5+dfsg-1+deb12u4
Control: found -1 1.4.15+dfsg.1-1+deb11u4
Tags: security upstream
Justification: user security hole
Roundcube webmail upstream has recently released 1.6.10 [0] which fixes
the following vulnerability:
Sean Whitton writes:
> Hello,
>
> On Fri 30 May 2025 at 01:50am -07, Xiyue Deng wrote:
>
>> Ah I see, then yeah. (Though I would expect FTP masters to be more
>> focused on the release, plus emacs-wfnames probably won't have a sponsor
>> before Trixie :P)
>
> They've nothing to do before the actu
44 matches
Mail list logo
