Bug#1104010: redis: CVE-2025-21605

patch, even to the version in experimental. I will ask upstream whether they plan to fix earlier versions themselves, otherwise I will spend more time trying to work out how to backport this. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1099682: python-django: CVE-2025-26699

https://www.cve.org/CVERecord?id=CVE-2025-26699 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1095329: bfs: FTBFS: failing tests

forwarded 1095329 https://github.com/tavianator/bfs/issues/152 thanks I've forwarded this upstream here: https://github.com/tavianator/bfs/issues/152 I can reproduce this locally. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1093140: python-django: CVE-2024-56374

.org/tracker/CVE-2024-56374 https://www.cve.org/CVERecord?id=CVE-2024-56374 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1092429: lastpass-cli: FTBFS: dh_auto_test: error: make -j8 test returned exit code 2

I cannot reproduce the failed tests outside of a full Debian package build — if I go into the build directory after the build failure, the tests then pass (!). Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1091247: redisearch: FTBFS on armhf: numeric_index.c:469:45: error: initialization of ‘size_t (*)(const void *)’ {aka ‘unsigned int (*)(const void *)’} from incompatible pointer type ‘long unsigne

t; days ago) rebuilds. Thanks for the report. I am considering simply removing this package (see #1091247). Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1082636: src:diffoscope: unsatisfied build dependency in testing: procyon-decompiler

tags 1082636 + pending thanks Fixed in Git, pending upload: https://salsa.debian.org/reproducible-builds/diffoscope/commit/a0f77fa26dc8cecbabff60cb265c08ace56077e0 debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Regards, -- ,''`. : :' :

Bug#1078883: diffoscope: FTBFS: failing tests

nd proposed both for inclusion in the next stable point release, the status of which can be tracked via #1079689. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1078883: diffoscope: FTBFS: failing tests

n.org/reproducible-builds/diffoscope/commit/9c7e817c79f19e67e56d564b55b728a54a35423b [3] https://salsa.debian.org/reproducible-builds/diffoscope/-/merge_requests/140/diffs -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1078944: diffoscope fails to build from source and fails to run in debian sid/unstable (#389)

I just committed which also refs commit c1aa6259cd1954182a02ede393c3540dcda33a11 Author: Chris Lamb Date: Sun Aug 18 18:22:31 2024 +0100 Also catch RuntimeError when importing PyPDF so that PyPDF or, crucially, its transitive dependencies do not cause diffoscope to tr

Bug#1078074: python-django: CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005

://www.djangoproject.com/weblog/2024/aug/06/security-releases/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1077808: jquery: FTBFS on amd64/unstable: Error: Cannot find module '/usr/lib/nodejs/requirejs/r.js'

the (first) FTBFS is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- jquery.3.3.1~dfsg-3.unstable.amd64.log.txt.gz Description: Binary data

Bug#1076069: python-django: CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614

ards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1070965: rtorrent: does not start due to soname update

Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1071063: screenkey: malformed debian/changelog

rnings by, for instance, dh_installchangelogs, dpkg-gencontrol, dpkg-genchanges, etc. :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1070416: src:diffoscope: unsatisfied build dependency in testing: aapt

it, not impossible that it might return to testing without further intervention on our part..? Otherwise, we can very cleanly remove this build dependency, even keeping the .arsc file support in diffoscope itself. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1066938: Fwd: Bug#1066938: libfiu: FTBFS on arm{el,hf}: /tmp/cc54dEva.s:726: Error: symbol `open64' is already defined

tils <https://www.spinics.net/lists/linux-media/msg230147.html> etc. Does this spark anything worth trying? :-) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1066938: Fwd: Bug#1066938: libfiu: FTBFS on arm{el,hf}: /tmp/cc54dEva.s:726: Error: symbol `open64' is already defined

next release of Debian. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1066938: Fwd: Bug#1066938: libfiu: FTBFS on arm{el,hf}: /tmp/cc54dEva.s:726: Error: symbol `open64' is already defined

Dear Alberto, Hope this finds you well. Any quick/immediate ideas on what might be behind this build failure? Note that this is on ARM architectures rather than amd64 — I often misread and conflate them at speed. :) Oh, and I can't reproduce this on amd64 locally, at least, so I don't think it is,

Bug#1060316: redis: CVE-2023-41056

time some time to update. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-41056 https://www.cve.org/CVERecord?id=CVE-2023-41056 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1054777: Fwd: Bug#1054777: libfiu: FTBFS: dh_auto_test: error: make -j8 test V=1 LC_ALL=C returned exit code 2

well. That would have the added advantage of "clearing out" the other patch we had to apply re. Link-Time Optimisation. Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1054777: Fwd: Bug#1054777: libfiu: FTBFS: dh_auto_test: error: make -j8 test V=1 LC_ALL=C returned exit code 2

Hey Alberto, Hope all is well with you. Just wondering if you received the below re. a recently-filed bug report against libfiu. I can reproduce it locally if that helps. Best wishes, Chris - Original message - From: Lucas Nussbaum To: sub...@bugs.debian.org Subject: Bug#1054777: li

Bug#1051226: python-django: CVE-2023-41164

ttps://security-tracker.debian.org/tracker/CVE-2023-41164 https://www.cve.org/CVERecord?id=CVE-2023-41164 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1050973: lastpass-cli: Please update to 1.3.5 upstream to fix certificate error

tags 1050973 + pending thanks Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1040225: python-django: CVE-2023-36053

ntry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-36053 https://www.cve.org/CVERecord?id=CVE-2023-36053 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1037178: puppet does not sync files anymore after recent ruby2.5 security upload

No, please go ahead and do both: my availability is spotty for the next 18 hours. :) (on mobile) Utkarsh Gupta wrote: > Hi Chris, > > On Wed, Jun 7, 2023 at 9:01 PM Chris Lamb wrote: >> I see your 2.5.5-3+deb10u6 update on the debian/buster branch which >> fixes the b

Bug#1037178: puppet does not sync files anymore after recent ruby2.5 security upload

t. Although you mentioned you were going to wait a bit more, I'm just 100%-checking you aren't waiting on anything from me to upload that? Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1035467: python-django: CVE-2023-31047

multiple files. — <https://www.djangoproject.com/weblog/2023/may/03/security-releases/> Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1034128: memcached breaks cachelib autopkgtest: TimeoutError

: https://cachelib.readthedocs.io/en/stable/changes/ * A similar-looking report on cachelib's Issue Page: https://github.com/pallets-eco/cachelib/issues/39 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1030600: redis breaks python-fakeredis autopkgtest: Connection refused

keredis.) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1031290: python-django: CVE-2023-24580 (denial-of-service vulnerability in file uploads)

2023-24580 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1030600: redis breaks python-fakeredis autopkgtest: Connection refused

cts are more interconnected that one might initially believe. * Here are the release notes for Redis, showing the difference between 7.0.7 in testing and 7.0.8 in unstable: https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES Regards, -- ,''`. : :' : C

Bug#1030251: marked as pending in python-django

Control: tag -1 pending Hello, Bug #1030251 in python-django reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/python-django/-/commit/58abeb1

Bug#1030251: python-django: CVE-2023-23969 Potential denial-of-service via Accept-Language headers

tps://security-tracker.debian.org/tracker/CVE-2023-23969 https://www.cve.org/CVERecord?id=CVE-2023-23969 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1029066: diffoscope: FTBFS if no internet is available (using internet connection during build)

Hi all, > […] As Mattia writes on the Salsa bug [0], I now don't think this is a network issue. In other words, the package FTBFS regardless of whether you have network access or not. To make debugging this easier, I've split out the inline Python code in c341b63a [1], and simply running the new

Bug#1026520: reprotest: FTBFS: AttributeError: module 're' has no attribute 'sre_parse'

reassign 1026520 python-rstr merge 1026569 1026520 affects 1026520 diffoscope thanks Lucas Nussbaum wrote: > During a rebuild of all packages in sid, your package failed to build > on amd64. Quite so. However, I think the problem is elsewhere: >> File "/usr/lib/python3/dist-packages/rstr/xege

Bug#999259: leave: please make the build reproducible

h and build-indep. (Closes: #999259) * Remove a "debian/changelog~" editor backup file. The full debdiff is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- diffstat for lea

Bug#999219: xcolmix: reproducible-builds: Embedded build path in /usr/bin/xcolmix

The full debdiff is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- diffstat for xcolmix-1.07 xcolmix-1.07 changelog | 12 rules |5 - 2 files changed, 16 insertions(+),

Bug#998978: mailto: please make the build reproducible

build reproducible by adding "-n" to the gzip(1) invocation. (Closes: #777413) The full debdiff is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- diffstat for mailto_1.3.2-3

Bug#1017556: src:redis: fails to migrate to testing for too long: autopkgtest regressions

-redis was fixed in #1014102 Perhaps jobs just need to be resubmitted? I see that the version numbers on: https://qa.debian.org/excuses.php?package=redis ... refer to the unfixed versions; for example, python-fakeredis (version 1.6.1-1) was fixed in 1.7.1-1. Regards, -- ,''

Bug#1017556: src:redis: fails to migrate to testing for too long: autopkgtest regressions

ts/2 > https://salsa.debian.org/python-team/packages/python-fakeredis/-/merge_requests/3 Uploading now. :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1016090: python-django breaks lots of autopkgtests

Raphael Hertzog wrote: > As such, as much as I hate it, I think than only (a) is realistic. Yeah. :/ Okay, I'll upload 3.3.14 shortly. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1016090: python-django breaks lots of autopkgtests

14 LTS version in Debian unstable. b) Wait for the 4.x stream to become designated LTS. I believe this should happen with version 4.2, due for release in about 6 or 7 months: https://www.djangoproject.com/download/ Best wishes, -- ,''`. : :' : C

Bug#1014541: python-django: CVE-2022-34265

022-34265 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1013615: hiredis: FTBFS: 2 TESTS FAILED ***

>> #54 Does not return a reply when the command times out: FAILED I suspect that the root cause here is that Redis 7.x is now in unstable (vs. 6.x). // Chris

Bug#1013348: test_elf.py fails with binutils in unstable

Salsa CI pipeline, and I'll upload it tomorrow. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1013172: redis: Failed at step EXEC spawning /usr/bin/redis-server: Permission denied

eck-rdb. Hm! That is an interesting hypothesis, but I can't seem to reproduce this problem locally. I'm using systemd 251.2-5, you? Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1011187: redis: FTBFS: killed due to inactivity

Sebastian Ramacher wrote: > E: Build killed with signal TERM after 150 minutes of inactivity > [..] Hm, I requested a giveback using the automated service and it seems to build properly... this time. Regards, -- ,''`. : :' : Chris Lamb `. `'

Bug#1009677: python-django: CVE-2022-28346

For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-28346 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1006999: python-plac: Non-determinstically FTBFS on amd64/unstable due to timing in tests

rds, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- python-plac.1.3.4-1.unstable.amd64.log.txt.gz Description: Binary data

Bug#1005787: redis: CVE-2022-0543

unembargoed. [0] https://security-tracker.debian.org/tracker/CVE-2022-0543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0543 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1004752: python-django: CVE-2022-22818 CVE-2022-23833

tps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#1004464: python-django FTBFS: FAIL: test_custom_fields (inspectdb.tests.InspectDBTestCase)

ing so many versions. I've just uploaded a fix; it was a SQLite compatibility issue. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1004464: marked as pending in python-django

Control: tag -1 pending Hello, Bug #1004464 in python-django reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/python-django/-/commit/8080a59

Bug#1004464: marked as pending in python-django

Control: tag -1 pending Hello, Bug #1004464 in python-django reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/python-django/-/commit/875f902

Bug#1004464: python-django FTBFS: FAIL: test_custom_fields (inspectdb.tests.InspectDBTestCase)

1309500&raw=0 ... refers to a different version: 2:3.2.11. It's not a problem at all — am only mentioning it explicitly in case you have a bug in a script (or similar) that might need updating. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1003113: python-django: CVE-2021-45115, CVE-2021-45116 & CVE-2021-45452

e next round of more serious Django issues? That works for me. I think I've reflected that in data/CVE/list in this commit: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09807490bc5924c02b11adb4f85ed9467f50efcf Regards, -- ,''`. : :'

Bug#1003113: python-django: CVE-2021-45115, CVE-2021-45116 & CVE-2021-45452

resolution logic, that will not call methods, nor allow > indexing on dictionaries. > > * CVE-2021-45452: Potential directory-traversal via Storage.save() [2] > > Storage.save() allowed directory-traversal if directly passed > suitably crafted file names. -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#1003113: python-django: CVE-2021-45115, CVE-2021-45116 & CVE-2021-45452

/security-tracker.debian.org/tracker/CVE-2021-45452 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45452 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#996995: dh-python: Unable to parse debian/control

tags 996995 + patch severity 996995 serious thanks Patch attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- diff --git a/dhpython/debhelper.py b/dhpython/debhelper.py index 7308bbe..55b91c0 1

Bug#993651: lintian: "Profile debian/main references unknown checks" when run from Debian package

(0x564511daa230), undef, ARRAY(0x5645120b1938), 1) called at /usr/bin/lintian line 502 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#982122: redis: experimental package OOMs s390x buildds

it. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#982122: redis: experimental package OOMs s390x buildds

houghts on this. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#982122: redis: experimental package OOMs s390x buildds

very issue. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

Jochen Sprickerhof wrote: > I have no idea about Redis/Fakeredis, adding Ondřej as he did all the > uploads, lately. Hey Ondřej, any input here? Otherwise, not sure what to suggest... Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#991476: redis: insane amount of memory used by the testsuite on s390x

mby/pkg-redis/commit/98b2cbd5085cd1d526ac9f30cb205ebcf8d8e38a Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

Chris Lamb wrote: > Sure thing -- I've forwarded this upstream here: > > https://github.com/redis/redis/issues/9273 Okay, so the latest reply there suggests that this is (now) the expected and behaviour of Redis going forward. I still don't quite grasp what it is that f

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

this upstream here: https://github.com/redis/redis/issues/9273 As you can see, your testcase was very useful in putting together this bug report. Thanks! Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#991476: redis: insane amount of memory used by the testsuite on s390x

that's exposing this issue, but being able to pin it down would be the ideal next step, especially as the testsuite is so large (and there were quite a few changes). Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

Could the fakeredis maintainer chime in perhaps? Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

dis.) However, why the slight change to security-related overflow handling in bitfield fields *on i386 systems* should result in this failure eludes me... :/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#991403: mtools: mcopy fails on arm*, breaks d-i builds

upstreams versions. Alas, this upload was an attempt to address a different regression (which shouldn't have been introduced/uploaded to begin with... ultimately, just underscoring the entire purpose of freezes.) Lesson learned. Regards, -- ,''`. : :' : Chris

Bug#991375: redis: CVE-2021-32761

sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-32761 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32761 Regards, -- ,''`. : :

Bug#989245: python3-django needs to depends on libjs-jquery, not only recommend this package

hanks for your reply and for closing the bug. And, circling back to my remarks above about not being overly wedded to rules, I am very happy to re-explore this in the future if it comes up repeatedly for others. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#989394: python-django: CVE-2021-33203 & CVE-2021-33571

ities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: https://www.djangoproject.com/weblog/2021/jun/02/security-releases/ Regards, -- ,''`. : :' : Chris Lamb `. `

Bug#989351: redis: CVE-2021-32625

) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-32625 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#989245: python3-django needs to depends on libjs-jquery, not only recommend this package

would it not make more sense to specify libjs-query as a Depends on your package instead? Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#988136: python-django: CVE-2021-32052

ity please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: https://www.djangoproject.com/weblog/2021/may/06/security-releases/ Regards, -- ,''`. : :' : Chris Lamb `. `&#x

Bug#988053: python-django: CVE-2021-31542

.com/weblog/2021/may/04/security-releases/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#988045: redis: CVE-2021-29477 & CVE-2021-29478

name=CVE-2021-29477 [1] https://security-tracker.debian.org/tracker/CVE-2021-29478 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29478 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#986447: python-django: CVE-2021-28658

ntry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-28658 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658 [1] https://www.djangoproject.com/weblog/2021/apr/06/security-releases/ Regards, -- ,''`. : :'

Bug#983090: python-django: CVE-2021-23336

Hi, > > ACK. Have filed #983526 for this purpose. > > Can you please add as well the fixes for the other open issues? This was done on Feb 26th: https://bugs.debian.org/983526#22 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#983446: redis: CVE-2021-21309

with the next DSA seems fine to me. Sure thing. I've filed this as #983527. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#983090: python-django: CVE-2021-23336

hink this should rather go via s-p-u. ACK. Have filed #983526 for this purpose. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#983446: redis: CVE-2021-21309

Chris Lamb wrote: > Package: redis > Version: 3:3.2.6-3+deb9u3 [..] > CVE-2021-21309: > https://groups.google.com/g/redis-db/c/fV7cI3GSgoQ/m/ocwV-MlzAgAJ Security team, would you like an upload to stretch-security or should this go via s-p-u? I mention that option specifically as the

Bug#983446: redis: CVE-2021-21309

ards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#983090: python-django: CVE-2021-23336

Chris Lamb wrote: > The following vulnerability was published for python-django. […] > > Django is vulnerable because it embeds parse_qsl: > > https://www.djangoproject.com/weblog/2021/feb/19/security-releases/ Security team, let me know if you would like an update for st

Bug#983090: python-django: CVE-2021-23336

For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-23336 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#982122: redis: experimental package OOMs s390x buildds

ff1c96b49222ac9463b 6.2-rc1 6.2-rc2 6.2-rc3 Not sure if previous s390x builds were failing, which might be another route to fixing this. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#982122: redis: experimental package OOMs s390x buildds

ith upstream. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#981562: python-django: CVE-2021-3281

2021-3281 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3281 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#979843: python-django: autopkgtest regression in testing: 'image/vnd.mozilla.apng' != 'image/png'

Hi Paul, > sorry, I missed the follow up somehow. Mea culpa Oh, not at all! Thank you for working on the autopkgtest stuff and handling all the replies from these RC bugs. Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#979843: python-django: autopkgtest regression in testing: 'image/vnd.mozilla.apng' != 'image/png'

for the reference. Closing this bug... Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#979843: python-django: autopkgtest regression in testing: 'image/vnd.mozilla.apng' != 'image/png'

orrect result. Has another mimetype- related package been updated recently? I can't seem to locate one. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#978263: marked as pending in python-django

Control: tag -1 pending Hello, Bug #978263 in python-django reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/python-django/-/commit/f9148319

Bug#975372: minidlna: "rm: cannot remove '/var/log/minidlna': Is a directory" on purge

e minidlna (--purge): installed minidlna package post-removal script subprocess returned error exit status 1 Errors were encountered while processing: minidlna E: Sub-process /usr/bin/dpkg returned an error code (1) Patch attached. Regards, -- ,''`. :

Bug#972519: black and #972519

Hi Diane, > Think it would be reasonable for me to to push this patch and make a > new team release? Ah, I had not noticed it had dropped out of testing. Yes, please go ahead. Kind regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#972518: marked as pending in diffoscope

Control: tag -1 pending Hello, Bug #972518 in diffoscope reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/reproducible-builds/diffoscope/-/commit/0be160534f11500

Bug#971418: jhbuild: Missing dependency on python3-distuils

regarding the reliability of said mechanism. -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-

Bug#971418: jhbuild: Missing dependency on python3-distuils

r apparatus is not working as expected). Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-diff --git a/debian/control b/debian/control index e7a8882..7d18b97 100644 --- a/debian/control +++ b/debian/control @@ -22,7 +22,8 @@ Package: jhbuild A

  1   2   3   4   5   6   7   8   9   10   >