On Sat, Apr 20, 2019 at 01:39:36PM +0200, Guillem Jover wrote:
> Source: curl
> Source-Version: 7.64.0-2
> Severity: serious
> Control: affects -1 rtorrent
>
> Hi!
Hello,
> I've started noticing rtorrent busy-looping at some points after
> finishing a torrent. stracing and gdb'ing the process it
On Sat, Feb 24, 2018 at 12:50:41PM +, Alessandro Ghedini wrote:
> On Wed, Feb 21, 2018 at 11:14:24AM -0800, Steve Langasek wrote:
> > Hi again,
> >
> > On Tue, Feb 20, 2018 at 06:16:34PM -0800, Steve Langasek wrote:
> > > So, despite Julien's valid objectio
On Wed, Feb 21, 2018 at 11:14:24AM -0800, Steve Langasek wrote:
> Hi again,
>
> On Tue, Feb 20, 2018 at 06:16:34PM -0800, Steve Langasek wrote:
> > So, despite Julien's valid objection that core library conflicts cause
> > dist-upgrades to be more brittle, I think the right answer here is:
>
> >
On Sun, Dec 17, 2017 at 11:16:29PM +0200, Adrian Bunk wrote:
> On Fri, Dec 08, 2017 at 05:44:55PM +0100, Ondřej Surý wrote:
> > Hi,
> >
> > just innocent bystander here with an observation:
> >
> > These two options:
> >
> > a)
> > > I do agree it's the correct solution though, and it would be a
On Sat, Dec 02, 2017 at 06:09:39PM +0100, Julien Cristau wrote:
> On Thu, Nov 23, 2017 at 15:49:26 +, Ian Jackson wrote:
> > Reasons I am aware that it *might* be a bad idea are:
> >
> > 1. libcurl exposes parts of the openssl ABI, via
> >CURLOPT_SSL_CTX_FUNCTION, and this would be an impl
On Thu, Nov 23, 2017 at 07:10:51PM +, Ian Jackson wrote:
> Adrian Bunk writes ("Re: Proposed (lib)curl switch to openssl 1.1"):
> > What I suggest above would be a transition that should be coordinated
> > with the release team like other transitions.
>
> I'm not 100% opposed to doing this as
On Tue, Nov 22, 2016 at 09:06:05AM +, Debian Bug Tracking System wrote:
> iptables (1.6.0+snapshot20161117-3) unstable; urgency=medium
> .
>* [21fdc57] libxtables12: breaks and replaces libxtables11 (Closes:
> #845278)
This isn't actually fixed, "<<" doesn't mean what you think it m
Package: node-grunt-cli
Version: 1.2.0-1
Severity: grave
Justification: renders package unusable
Hello,
when trying to install the package I get:
The following packages have unmet dependencies:
node-grunt-cli : Depends: node-findup-sync (>= 0.3.0) but 0.1.3-1 is to be
installed
E: Unable
ream, encoding=encoding)
> AttributeError: 'file' object has no attribute 'readable'
> gpg: Signature made Sat 03 Sep 2016 12:33:10 BST
> gpg:using RSA key 6F0CCBE021624728
> gpg:issuer "gh...@debian.org"
> gpg: Good signature
> [..]
>
> The full build log (including tcpdump output) is attached.
Possible patch attached, could you please test it?
Thanks
From dcb559a161960ff387d2b1552ec4c81b54db4554 Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini
Date: Sun, 28 Aug 2016 14:45:15 +0100
Subject: [PATCH 1/2] D
On Mon, Aug 31, 2015 at 10:53:21am +0200, Ondřej Surý wrote:
> Hi security team and Thomas,
>
> I propose following patch for libval14 in stable:
>
> Index: validator/libval/val_dane.c
> ===
> --- validator/libval/val_dane.c (revisio
On Tue, Aug 18, 2015 at 01:32:19pm +0200, Vincent Lefevre wrote:
> Package: lynx-cur
> Version: 2.8.9dev6-3
> Severity: serious
> Tags: security
>
> If I run
>
> lynx https://www.vinc17.net:4434/
>
> I get
>
> SSL error:The certificate is NOT trusted. The certificate chain is revoked.
> -
Control: found -1 opensaml2/2.4.3-4
Control: fixed -1 opensaml2/2.4.3-4+deb7u1
Control: fixed -1 opensaml2/2.5.3-2+deb8u1
On Fri, Aug 07, 2015 at 12:36:18pm +0200, Sergio Gelato wrote:
> Package: opensaml2
> Version: 2.5.3-2
> Severity: serious
> Tags: security
>
> The upstream security advisory
On dom, giu 07, 2015 at 01:44:36 +0200, Vincent Lefevre wrote:
> On 2015-06-07 11:40:56 +0200, Alessandro Ghedini wrote:
> > I can't reproduce any of this. Can you please run the command above
> > with the "-v" option and post the output?
>
> xvii:~> curl
On dom, giu 07, 2015 at 12:21:15 +0200, Vincent Lefevre wrote:
> Control: retitle -1 no longer works with https - breaks bti and curl
>
> On 2015-06-07 00:16:15 +0200, Vincent Lefevre wrote:
> > After the upgrade to libcurl3-gnutls 7.42.1-2+b1, bti no longer works
> > at all. For instance:
> [...]
On Sat, May 16, 2015 at 03:43:37PM +0200, Alessandro Ghedini wrote:
> On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
> > On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
> > > On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
> &g
On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
> On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
> > On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
> > > Version: 6:11.3-1
> > >
> > > On 2015-05-14 20:41:15,
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
> Version: 6:11.3-1
>
> On 2015-05-14 20:41:15, Arne Wichmann wrote:
> > Package: libavcodec56
> > Version: 6:11.3-2
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > Hi, as far as I can see thi
On Sun, May 10, 2015 at 09:12:43PM +0100, Steven Chamberlain wrote:
> Dear Security Team,
>
> This bug was reopened because the original fix from upstream was found
> to be incomplete.
>
> Please may I upload to wheezy-security with the attached debdiff,
> replacing the CVE-2015-1414 patch with t
On Wed, Apr 29, 2015 at 03:28:40PM +0200, Andreas Cadhalpun wrote:
> Hi Alessandro,
>
> On 29.04.2015 14:58, Alessandro Ghedini wrote:
> > On mer, apr 29, 2015 at 02:29:43 +0200, Bálint Réczey wrote:
> >>> Since there are concerns on shipping both libav and ffmpeg,
On mer, apr 29, 2015 at 02:29:43 +0200, Bálint Réczey wrote:
> > Since there are concerns on shipping both libav and ffmpeg, we won't allow
> > ffmpeg unless it is chosen to be the default and there is a clear transition
> > plan, so that we can switch from one to the other. Only then will the bloc
On sab, apr 25, 2015 at 02:16:52 +0200, Fabian Greffrath wrote:
> Control: tags -1 + help
>
> Hi Sebastian,
>
> Am Freitag, den 24.04.2015, 21:27 +0200 schrieb Sebastian Ramacher:
> > | - _ZN4FLAC7Decoder4File13read_callbackEPhPm@Base 1.3.0
> > | + _ZN4FLAC7Decoder4File13read_callbackEPhPj@Base
Hi Joachim,
> Raphael Hertzog wrote on 2015-04-10 21:33:
>
> > If that workflow is a burden to you, feel free to just prepare an
> > updated source package and send it to debian-...@lists.debian.org
> > (via a debdiff, or with an URL pointing to the the source package,
> > or even with a pointer
Control: tags -1 fixed-upstream patch
On gio, feb 12, 2015 at 11:30:41 +0100, Moritz Muehlenhoff wrote:
> Source: libarchive
> Severity: grave
> Tags: security
>
> Hi,
> please see http://www.openwall.com/lists/oss-security/2015/01/16/7
> for details.
This was fixed upstream, see [0].
Cheers
[
On Sun, Nov 30, 2014 at 07:17:46PM +0100, gregor herrmann wrote:
> On Sun, 30 Nov 2014 17:36:04 +0100, Alessandro Ghedini wrote:
>
> > On dom, nov 30, 2014 at 03:06:55 +0100, Tobias Frost wrote:
> > > Am Sonntag, den 30.11.2014, 00:21 -0800 schrieb Tom Lee:
>
>
On dom, nov 30, 2014 at 03:06:55 +0100, Tobias Frost wrote:
> Am Sonntag, den 30.11.2014, 00:21 -0800 schrieb Tom Lee:
> > Alrighty, talking this over with Alessandro he made the case that we
> > should keep tests that don't rely on external network connections. See
> > e.g. https://bugs.debian.org
Control: reassign -1 openssl
Control: forcemerge 768476 -1
On gio, nov 27, 2014 at 11:34:30 +0100, Salvo Tomaselli wrote:
> Package: curl
> Version: 7.38.0-3
> Severity: grave
> Justification: renders package unusable
>
> Dear Maintainer,
>
> curl won't start
>
> curl: relocation error: /usr/li
On ven, ago 29, 2014 at 11:17:18 +0200, Dominique Dumont wrote:
>
> Ack. I'm going to relax the vesrioned dependency on nqp. I don't think that a
> strict dependency is necessary.
Actually, it is. rakudo needs to use at runtime the specific nqp build used to
build rakudo itself. If you update th
Control: reassing -1 liblilv-dev
Control: retitle -1 liblilv-dev: error: redefinition of 'struct Lilv::UI' in
C++ header
Control: tags -1 pending
Control: affects -1 ecasound
On dom, mag 11, 2014 at 02:09:28 +0200, Christian Hofstaedtler wrote:
> Source: ecasound
> Version: 2.9.1-4
> Severity: se
Control: tags -1 confirmed fixed-upstream pending
On dom, apr 27, 2014 at 02:49:41 +0200, David Suárez wrote:
> Source: perlbrew
> Version: 0.66-1
> Severity: serious
> Tags: jessie sid
> User: debian...@lists.debian.org
> Usertags: qa-ftbfs-20140426 qa-ftbfs
> Justification: FTBFS on amd64
>
> H
On gio, apr 10, 2014 at 12:47:39 +0200, Moritz Muehlenhoff wrote:
> On Thu, Apr 10, 2014 at 12:01:03PM +0200, Alessandro Ghedini wrote:
> > On mer, mar 26, 2014 at 06:50:41 +0100, Salvatore Bonaccorso wrote:
> > > Package: curl
> > > Version: 7.21.0-1
> > >
dress wildcard matches as per CVE-2014-0139
+ http://curl.haxx.se/docs/adv_20140326B.html
+ * Set urgency=high accordingly
+
+ -- Alessandro Ghedini Wed, 09 Apr 2014 19:47:38 +0200
+
curl (7.21.0-2.1+squeeze7) squeeze-security; urgency=high
* Fix re-use of wrong HTTP NTLM connection as
On Sun, Mar 30, 2014 at 08:36:13PM +0200, Joachim Breitner wrote:
> Dear Alessandro,
>
>
> Am Sonntag, den 30.03.2014, 18:46 +0200 schrieb David Suárez:
> > Source: haskell-zeromq3-haskell
> > Version: 0.4-1
> > Severity: serious
> > Tags: jessie sid
> > User: debian...@lists.debian.org
> > Usert
On Thu, Mar 13, 2014 at 10:42:23PM -0400, Daniel Kahn Gillmor wrote:
> On 03/13/2014 09:44 PM, Clint Adams wrote:
> > On Fri, Mar 14, 2014 at 01:11:16AM +0100, Alessandro Ghedini wrote:
> >> Well, nope. libgnutls28 still links against libgmp10 which is still LGPL3+.
>
On gio, mar 13, 2014 at 10:54:10 +, Clint Adams wrote:
> Package: libcurl4-gnutls-dev
> Version: 7.35.0-1
> Severity: critical
> Control: block 741557 by -1
>
> On Thu, Mar 13, 2014 at 06:25:14PM -0400, Daniel Kahn Gillmor wrote:
> > I agree with the suggestion that libcurl3-gnutls (or libcurl
On lun, gen 27, 2014 at 08:48:10 +0200, Damyan Ivanov wrote:
> -=| Alessandro Ghedini, 26.01.2014 13:51:58 +0100 |=-
> > > The trace ends with:
> > >
> > > ->8--
> > > [...]
> > > --
On Sat, Jan 25, 2014 at 05:55:29PM +0200, Damyan Ivanov wrote:
> Control: clone -1 -2
> Control: reassign -2 libecasoundc1/2.9.1-1
> Control: retitle -2 libecasoundc1: int-cmd-list command fails on mips
> Control: block -1 by -2
>
> Dear ecasound maintainers,
>
> It appears there is a problem wit
On mar, gen 07, 2014 at 09:10:35 +0100, Julian Taylor wrote:
> On 07.01.2014 21:02, Aaron M. Ucko wrote:
> > Source: pyzmq
> > Version: 14.0.1-1
> > Severity: serious
> > Justification: fails to build from source (but built successfully in the
> > past)
> >
> > The s390x build of pyzmq failed wit
On lun, dic 30, 2013 at 03:22:38 +0100, Aurelien Jarno wrote:
> Package: mpv
> Version: 0.3.0-1
> Severity: serious
> Tags: upstream patch
> Justification: fails to build from source (but built successfully in the past)
>
> mpv fails to build from source on mips/mipsel/powerpc/sparc with the
> fol
Control: severity -1 normal
On mar, nov 05, 2013 at 09:08:30 +0100, Peter Allin wrote:
> Package: valgrind
> Version: 1:3.7.0-6
> Severity: grave
> Justification: renders package unusable
>
> Dear Maintainer,
>
> When I try to run Valgrind it refuses to run, and exits with an error
> message abo
Control: tags -1 pending
On Wed, Aug 21, 2013 at 03:36:25PM +0200, Julien Cristau wrote:
> Source: valgrind
> Version: 1:3.8.1-4
> Severity: serious
> Justification: fails to build from source (but built successfully in the past)
>
> Hi,
>
> Debian's armel port targets armv5. valgrind uses -mar
s build system that can't handle multi-arch
include paths.
I prepared a patch (see attached) which seems to fix the problem... but it's
kinda ugly. Allison, can you please have a look at it?
Cheers
--
perl -E '$_=q;$/= @{[@_]};and s;\S+;;eg;say~~reverse'
From 4dd2897db56197b2287
On gio, ago 22, 2013 at 11:08:47 +0300, Riku Voipio wrote:
> Hi,
Hi,
sorry for the delay.
> With multiarch it should be be possible to install armhf version of
> valgrind on armel systems with ARMv7. I don't think keeping armel
> version of valgrind is strictly neccesary anymore.
Is this actual
On Wed, Aug 21, 2013 at 03:36:25PM +0200, Julien Cristau wrote:
> Source: valgrind
> Version: 1:3.8.1-4
> Severity: serious
> Justification: fails to build from source (but built successfully in the past)
>
> Hi,
>
> Debian's armel port targets armv5. valgrind uses -march=armv7-a, which
> breaks
Package: libavcodec54
Version: 6:9.6-1
Severity: grave
Justification: renders package unusable
Hi,
when trying to install libavcodec54 from experimental:
> The following packages have unmet dependencies:
> libavcodec54 : Depends: libx264-129 which is a virtual package.
This causes e.g. mplayer
severity 704841 important
severity 704842 important
kthxbye
On sab, apr 06, 2013 at 06:47:26 +0200, Picca Frédéric-Emmanuel wrote:
> Package: zeromq3
> Severity: serious
>
> Hello, it seems that zeromq3 failt to build due to the test suite.
Hi,
I just uploaded a new version that makes these fai
tags 707438 pending
kthxbye
On gio, mag 09, 2013 at 10:18:58 +0200, Lucas Nussbaum wrote:
> Source: valgrind
> Version: 1:3.8.1-2
> Severity: serious
> Tags: jessie sid
> User: debian...@lists.debian.org
> Usertags: qa-ftbfs-20130509 qa-ftbfs
> Justification: FTBFS on amd64
>
> Hi,
>
> During a
On sab, apr 13, 2013 at 11:17:06 +0200, Salvatore Bonaccorso wrote:
> Hi
>
> In case somebody wondered why this was not uploaded as recommended by
> the dev-ref for NMU to a delayed queue: Alessandro asked if somone
> else can handle the uploads for CVE-213-1944.
Hi Salvatore,
thank you very muc
tags 72 patch
kthxbye
On Thu, Feb 7, 2013 at 9:33 AM, Moritz Muehlenhoff wrote:
> Package: curl
> Severity: grave
> Tags: security
> Justification: user security hole
>
> http://curl.haxx.se/docs/adv_20130206.html
>
> Remember we're in freeze, so please upload only the minimal security fix.
Package: falconpl
Severity: serious
Tags: security
Hi,
I recently discovered that falconpl is using the libcurl API in a way that may
not be what the original author intended. In particular I'm referring to the
fact that the CURLOPT_SSL_VERIFYHOST option is treated as it was a boolean value
while
On Tue, Dec 04, 2012 at 10:45:45PM +0100, Moritz Muehlenhoff wrote:
> On Mon, Dec 03, 2012 at 12:00:18PM +0100, Alessandro Ghedini wrote:
> > I opened a ticket upstream but it doesn't appear to be fixed. It's not
> > clear if
> > Debian is affected though: the CVE
On Wed, Dec 05, 2012 at 03:13:16PM +0100, Salvatore Bonaccorso wrote:
> Control: reassign 675895 icu 4.8.1.1-7
> Control: fixed 675895 4.8.1.1-8
> Control: affects 675895 + parrot
>
> Hi Alessandro and Jay
>
> On Tue, Jun 05, 2012 at 02:22:07PM -0400, Jay Berkenbilt wrote:
&
On Mon, Dec 03, 2012 at 12:00:18PM +0100, Alessandro Ghedini wrote:
> On Mon, Dec 03, 2012 at 08:22:47AM +0100, Moritz Muehlenhoff wrote:
> > I'm not sure if/when this was fixed upstream, so better contact upstream.
>
> the CVE was published 6 days after the 1.1.0 release
A
forwarded 694999 http://code.google.com/p/cityhash/issues/detail?id=10
kthxbye
On Mon, Dec 03, 2012 at 08:22:47AM +0100, Moritz Muehlenhoff wrote:
> Package: cityhash
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
Hi,
> please see http://cve.mitre.org/cgi-bin/cve
On dom, dic 02, 2012 at 01:04:47 -0800, Chip Salzenberg wrote:
> CityHash 1.1 is not the same algorithm as 1.0! Upgrading from 1.0.3 to 1.1
> breaks any code that uses it.
>
> I think cityhash11 and cityhash103 should be separate binary packages
> entirely.
>
> At the very least, the shlib versi
notfixed 689177 icu/4.8.1.1-8
kthxbye
Wrong bug number, sorry for the noise.
signature.asc
Description: Digital signature
On dom, nov 11, 2012 at 11:50:26 +0100, intrigeri wrote:
> Did this happen?
I don't think so. Though, given the new failures in 4.6.0-1, I wanted to try to
get some more information about it from the porterbox and try what happens with
the new upstream version before contacting the ia64 people. Bu
On 09/29, Jonathan "Duke" Leto wrote:
> Howdy Julien,
>
> Thanks for the bug report! We have seen something like this from the
> debian build machines before, but previous reporters could not
> reproduce it when compiling by hand. It seems to only happen on ia64
> and looks like some kind of memor
On Mon, Sep 17, 2012 at 07:49:43PM +0200, gregor herrmann wrote:
> > From liboauth 0.9.4-3 changelog:
> >
> > * Sync from Ubuntu:
> > [ Mathieu Trudel-Lapierre ]
> >* debian/control: liboauth-dev really needs libcurl4-nss-dev, not
> > libcurl4-gnutls-dev (nss is required in
On Mon, Sep 17, 2012 at 05:30:44PM +0200, gregor herrmann wrote:
> On Sun, 16 Sep 2012 20:19:56 +0200, Alessandro Ghedini wrote:
>
> Ciao Alessandro,
>
> thanks alot for taking the time to shed some light here!
No problem
> > > Directly depending on libcurl3* packages
On Sun, Sep 16, 2012 at 07:41:57PM +0200, Alessandro Ghedini wrote:
> On Sun, Sep 16, 2012 at 04:17:36PM +0200, gregor herrmann wrote:
> > When I extend the patch I indeed get the expected Depends for
> > liboauth0 [0]. But also:
> >
> > dpkg-shlibdeps: warning: symbol
On Sun, Sep 16, 2012 at 04:17:36PM +0200, gregor herrmann wrote:
> When I extend the patch I indeed get the expected Depends for
> liboauth0 [0]. But also:
>
> dpkg-shlibdeps: warning: symbol curl_slist_free_all used by
> debian/liboauth0/usr/lib/x86_64-linux-gnu/liboauth.so.0.8.1 found in none o
On Wed, Jul 04, 2012 at 09:40:51PM +0200, Julien Cristau wrote:
> On Wed, Jul 4, 2012 at 10:58:30 +0200, Alessandro Ghedini wrote:
>
> > On Sat, May 12, 2012 at 07:26:17PM +0200, Enrico Tassi wrote:
> > > Package: luajit
> > > Version: 2.0.0~beta9+dfsg-2
&g
On Sat, May 12, 2012 at 07:26:17PM +0200, Enrico Tassi wrote:
> Package: luajit
> Version: 2.0.0~beta9+dfsg-2
> Severity: grave
> Tags: upstream
>
> In accordance with the upstream, luajit will not be part of weezy, but rather
> be made available via backports.
Sooo, how is ulatencyd affected? It
On Fri, Jun 29, 2012 at 06:31:52AM +0400, Dmitry E. Oboukhov wrote:
> found 679447 6.070-1+b1
> thanks
>
>
> > I can't reproduce crashes in 6.070-1+b1 :)
>
> sorry for mistake. 6.070-1+b1 crashes, too
Still, I can't reproduce it. The example code you provided doesn't segfault
(with $n <= 10
On Thu, Jun 28, 2012 at 10:51:28PM +0400, Dmitry E. Oboukhov wrote:
> Package: libcoro-perl
> Severity: grave
> Version: 6.080
What version is that supposed to be? I suppose 6.080-2, and yes, it was a
mistake. Everything should be fixed in 6.080-3. Would you mind testing it just
to be sure? (you c
tags 675895 confirmed
kthxbye
[ CC-ing icu's maintainer ]
On Mon, Jun 04, 2012 at 02:59:22AM +0200, Samuel Thibault wrote:
> Hello,
Hi,
> parrot currently FTBFS in sid:
>
> /usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/Scrt1.o: In
> function `_start':
> (.text+0x20): undefined r
forwarded 668692 https://github.com/perl6/nqp/issues/28
tags 668692 confirmed upstream
kthxbye
On Fri, Apr 13, 2012 at 09:48:01PM -0400, Aaron M. Ucko wrote:
> Source: nqp
> Version: 0.1~2012.01-1
> Severity: serious
> Justification: fails to build from source
>
> Builds of nqp on 32-bit architec
On Mon, Apr 02, 2012 at 11:45:12AM +0100, Klaus Ethgen wrote:
> Am Mo den 2. Apr 2012 um 10:58 schrieb Alessandro Ghedini:
> > tags 666885 moreinfo
> > kthxbye
> >
> > On Mon, Apr 02, 2012 at 08:04:06AM +0100, Klaus Ethgen wrote:
> > > Package: libcurl3-gnutl
tags 666885 moreinfo
kthxbye
On Mon, Apr 02, 2012 at 08:04:06AM +0100, Klaus Ethgen wrote:
> Package: libcurl3-gnutls
> Version: 7.21.0-2.1+squeeze2
> Severity: serious
> Tags: squeeze
>
> The curent security update has a nontrusted signature. So there is no
> evidence that this package is safe.
On Sat, Mar 31, 2012 at 07:12:36PM +0200, Florian Weimer wrote:
> * Alessandro Ghedini:
>
> >> Anyway, you can upload to security-master when ready. You must build
> >> the package with specifying the -sa flag, on a squeeze system.
> >
> > Ok, thank you.
&
On Wed, Mar 28, 2012 at 10:51:53PM +0200, Florian Weimer wrote:
> * Alessandro Ghedini:
>
> >> We should fix this through stable-security. Please send a debdiff once
> >> the fix has been testing in unstable for a few days.
> >
> > Attached is the debdiff
On Sun, Feb 12, 2012 at 08:23:02PM +0100, Moritz Mühlenhoff wrote:
> On Sat, Feb 11, 2012 at 02:04:01PM +0100, Alessandro Ghedini wrote:
> > On Fri, Feb 10, 2012 at 08:23:24PM +0100, Kurt Roeckx wrote:
> > > On Fri, Feb 10, 2012 at 10:15:44AM +0100, Alessandro Ghedini wrote:
>
On Sat, Mar 24, 2012 at 12:45:18PM +0100, Salvatore Bonaccorso wrote:
>
> Hi Alessandro
>
> On Wed, Mar 21, 2012 at 11:39:20PM +0100, Alessandro Ghedini wrote:
> > On Wed, Mar 21, 2012 at 11:19:47PM +0100, Alessandro Ghedini wrote:
> > > On Wed, Mar 21, 2012 at
On Fri, Mar 23, 2012 at 07:02:34PM +0100, Kurt Roeckx wrote:
> On Fri, Mar 23, 2012 at 06:38:40PM +0100, Alessandro Ghedini wrote:
> > Hi Kurt,
> >
> > curl 7.25.0 was released yesterday and I'm now working on updating the
> > Debian package. A problem come up th
Hi Kurt,
curl 7.25.0 was released yesterday and I'm now working on updating the
Debian package. A problem come up though with the --ssl-enable-beast
new option of curl (which should fix the bug that you have reported)
and the new version of openssl. If I build curl against the current
version 1.0.
On Wed, Mar 21, 2012 at 11:19:47PM +0100, Alessandro Ghedini wrote:
> On Wed, Mar 21, 2012 at 10:26:37PM +0100, Salvatore Bonaccorso wrote:
> > On Wed, Mar 21, 2012 at 09:02:54PM +0100, Salvatore Bonaccorso wrote:
> > > > t/dhe.t
> > > > Fa
On Wed, Mar 21, 2012 at 10:26:37PM +0100, Salvatore Bonaccorso wrote:
> On Wed, Mar 21, 2012 at 09:02:54PM +0100, Salvatore Bonaccorso wrote:
> > > t/dhe.t
> > > Failed 2/3 subtests
>
> In fact this one does not fail in a wheezy build with 1.42-1+b1.
>
> Okay to reassign this t
tags 664056 pending
kthxbye
On Sat, Mar 17, 2012 at 02:19:39PM +0100, Salvatore Bonaccorso wrote:
> Hi Alessandro
>
> On Sat, Mar 17, 2012 at 12:02:01PM +0100, Alessandro Ghedini wrote:
> > On Fri, Mar 16, 2012 at 09:39:11PM +0100, Salvatore Bonaccorso wrote:
> > > Hi
>
On Fri, Mar 16, 2012 at 09:39:11PM +0100, Salvatore Bonaccorso wrote:
> Hi
>
> Okay, so I did this, unpacked the source, builded, clean, build and it
> succeeds. Build log is attached.
Does this mean that we are ok without the override? If yes I'll remove it
ASAP.
Cheers
--
perl -E'$_=q;$/= @{
forwarded 664056 https://rt.cpan.org/Public/Bug/Display.html?id=75505
kthxbye
On Fri, Mar 16, 2012 at 12:09:32AM +0100, Florian Schlichting wrote:
> reassign 664056 libxml-libxml-perl 1.93+dfsg-1
> retitle 664056 libxml-libxml-perl (<= 1.93+dfsg-1) has issues overloading !=
> on XML::LibXML::Elem
tags 661566 confirmed
kthxbye
On Mon, Feb 27, 2012 at 06:57:13PM -0800, Ivan Kohler wrote:
> Package: libnet-ssleay-perl
> Version: 1.45-1
> Severity: important
>
> Apache segfaults when this module is included in a mod_perl application and
> mod_ssl is enabled. I am using the prefork MPM.
>
>
On Thu, Mar 01, 2012 at 11:17:40PM +0100, Salvatore Bonaccorso wrote:
> Hi wb-team!
>
> libtokyocabinet-perl had a build failure on mipsel [1].
>
> [1] http://bugs.debian.org/649060
>
> Bug [2] was now fixed in src:tokyocabinet, which caused already there
> the bus error failure. Could you thus
On Fri, Feb 10, 2012 at 08:23:24PM +0100, Kurt Roeckx wrote:
> On Fri, Feb 10, 2012 at 10:15:44AM +0100, Alessandro Ghedini wrote:
> > On Sat, Feb 04, 2012 at 10:45:59PM +0100, Kurt Roeckx wrote:
> > > Having SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS disabled by default
> > >
tags 658276 fixed-upstream
kthxbye
On Sat, Feb 04, 2012 at 10:45:59PM +0100, Kurt Roeckx wrote:
> On Sat, Feb 04, 2012 at 10:11:31PM +0100, Alessandro Ghedini wrote:
> >
> > AFAIU, the problem is that the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option is
> > meant to keep co
retitle 658276 libcurl3: No more compatible with older SSL implementations
forwarded 658276 http://curl.haxx.se/mail/lib-2012-02/0001.html
kthxbye
On Wed, Feb 01, 2012 at 07:27:06PM +0100, Kurt Roeckx wrote:
> Package: libcurl3
> Version: 7.21.0-2.1+squeeze1, 7.24.0-1
> Severity: grave
>
> Hi,
H
On Sun, Dec 11, 2011 at 07:19:09PM +0100, Luk Claes wrote:
> On 12/11/2011 06:46 PM, Alessandro Ghedini wrote:
> > On Sun, Dec 11, 2011 at 05:07:43PM +0100, Luk Claes wrote:
> >> Hmm, shouldn't we use symbol files so dependencies only get bumped when
> >> there a
On Sun, Dec 11, 2011 at 05:07:43PM +0100, Luk Claes wrote:
> On 12/11/2011 04:53 PM, Alessandro Ghedini wrote:
> > On Sat, Dec 10, 2011 at 06:30:17PM +0100, Alessandro Ghedini wrote:
> >> For reasons I do not know the shlibs version of the libcurl3 package was
> >&g
tags 651619 pending
kthxbye
On Sat, Dec 10, 2011 at 06:30:17PM +0100, Alessandro Ghedini wrote:
> For reasons I do not know the shlibs version of the libcurl3 package was
> overridden by one of the previous maintainers of the package and hasn't
> been updated for long. I will
On Sat, Dec 10, 2011 at 11:06:56AM -0500, Sam Hartman wrote:
> package: curl
> severity: grave
> version: 7.23.1-2
>
> curl: relocation error: curl: symbol curl_dostrdup, version CURL_OPENSSL_3
> not d
> efined in file libcurl.so.4 with link time reference
>
>
> I hav
tags 650800 pending
kthxbye
On Sat, Dec 03, 2011 at 11:08:44AM +0100, Jakub Wilk wrote:
> Source: hiredis
> Version: 0.10.1-3
> Severity: serious
> Justification: fails to build from source
> User: debian-m...@lists.debian.org
> Usertags: mipsel
>
> hiredis FTBFS on mipsel:
> | ALL TESTS PASSED
>
tags 650498 pending
kthxbye
On Wed, Nov 30, 2011 at 10:16:04AM +0100, Vincent Lefevre wrote:
> Package: libcurl3-nss
> Version: 7.23.1-1
> Severity: grave
> Justification: renders package unusable
>
> bti 031-4 depends on libcurl3-nss (>= 7.16.2-1) and was working with it,
> but after the upgrade
Package: beets
Version: 1.0~b10+dfsg-1
Severity: grave
Justification: renders package unusable
Hi,
running beet I always get:
% beet
Traceback (most recent call last):
File "/usr/bin/beet", line 5, in
from pkg_resources import load_entry_point
ImportError: No module named pkg_re
On Wed, Nov 16, 2011 at 09:36:33PM +0100, Salvatore Bonaccorso wrote:
> Hi
>
> With the last build attempt (rebuild for the perl 5.12 to 5.14
> transition) the build went fine [1].
>
> [1]
> https://buildd.debian.org/status/logs.php?pkg=libaudio-ecasound-perl&arch=mips
>
> Maybe we can lower t
tags 642662 pending
kthxbye
On Sat, Sep 24, 2011 at 04:44:30PM +0200, berta...@ptitcanardnoir.org wrote:
> Hi,
Hi,
> During a rebuild of all packages in sid, your package failed to build on
> amd64.
>
> Relevant part:
> > g++ src/faust-dsp-standalone.cpp -O3 -mtune=native -march=native
> > -mf
Hi,
sorry for the late reply, I've been on holiday for the past couple of weeks.
On Sun, Jul 17, 2011 at 06:52:30PM +0200, Christoph Egger wrote:
> Your package failed to build on the kfreebsd-* buildds:
>
> #44 Can handle nested multi bulk replies: PASSED
> #45 Returns I/O error when the connec
On Wed, Jul 13, 2011 at 03:33:39PM +0200, Salvatore Bonaccorso wrote:
> starman FTBFS due to test failures:
Weird, it builds fine here (sid pbuilder on amd64).
Could you please try the version on SVN (0.2013-1)? It should have
relaxed the t/harakiri.t test, maybe fixing the problem (I didn't
exp
Arnaud,
I think libxcb-atom1-dev would be better replaced by libxcb-util0-dev,
which completely replaces libxcb-atom1-dev, instead of libxcb1-dev, am I
wrong?
Anyway, is there any news on the NMU? Please note that the bug makes many
of the binary packages built from this version of pulseaudio,
On Thu, May 19, 2011 at 11:54:32AM +0200, gregor herrmann wrote:
> On Thu, 19 May 2011 11:43:00 +0200, Alessandro Ghedini wrote:
>
> > > The reason seems to bit a re-organization of the ecasound soure
> > > package:
> > > http://packages.qa.debian.org/e/ec
On Wed, May 18, 2011 at 11:50:18PM +0200, gregor herrmann wrote:
> On Wed, 18 May 2011 22:54:45 +0200, Salvatore Bonaccorso wrote:
>
> > libaudio-ecasound-perl FTBFS in unstable due to:
>
> Builds for me in cowbuilder but only because it sorts out the
> dependencies somehow:
>
> The following pa
1 - 100 of 102 matches
Mail list logo
