On 23 August 2017 at 14:56, Alexander V. Lukyanov wrote:
> On Fri, Aug 18, 2017 at 12:39:00PM +0200, Raphael Geissert wrote:
>> Do you plan to make a new release with the fixes? or should I grab the
>> patches from github?
>
> 1.16.5 has been released.
Awesome, thanks.
Alexander,
Do you plan to make a new release with the fixes? or should I grab the
patches from github?
I'd like to fix this some time soon to get le back in testing.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Hi,
As discussed via IRC, this could be a case of
https://bugs.debian.org/838920 in unattended-upgrades.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
> testing when it shouldn't have. This is the first time it happens for us.
Doesn't that sound like there's a missing dependency, somewhere?
It sounds like a person using a testing-unstable mix would also be affected.
/me who also got hit by it
--
Raphael Geissert
ttps://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
directly, perhaps picked up?, do not have a proper
versioned dependency on libmpeg2-4.
One such package is gstreamer1.0-plugins-ugly, though there might be others.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
-referencing.
Thanks in advance.
[1]http://article.gmane.org/gmane.comp.security.oss.general/15382
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Troubl
Control: tag -1 patch
Attached patch should do it.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.netIndex: gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca
===
--- gnunet-0.10.1-2/src/gns/gnunet-gns
Control: severity -1 minor
Hi,
Please ignore the part of "sourced script with arguments", as it is a false
positive in this case. Apologies.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.
) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or grea
quot;GET_TIME_OF_DAY" -a "${i:0:5}" != "PAPI_" -a
> "${i:0:2}" != "P_" ]; then
> possible bashism in ./usr/bin/tauex line 281 (${foo:3[:1]}):
> if [ "$c" != "GET_TIME_OF_DAY" -a "${c:0:2}" != "P_" ]; then
Not using bash (or a Debian Policy compliant shell interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
detect.sh line 108 (let ...):
> let mediasize_=mediasize/1048576
> possible bashism in ./usr/bin/simpleburn-detect.sh line 109 (let ...):
> let mediacapacity_=mediacapacity/1048576
> possible bashism in ./usr/bin/simpleburn-detect.sh line 125 (should be 'b
=
> a&
and the script, and determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
nd determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email
ash (or a Debian Policy compliant shell interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
w
e (r), or quit (q)? " activity
Not using bash (or a Debian Policy compliant shell interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above
's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
"
> possible bashism in ./usr/bin/git-remote-gcrypt line 463 (setvar 'foo'
> 'bar' should be eval 'foo="'"$bar"'"'):
> setvar "$2" "$signers_"
> possible bashism in ./usr/bin/git-remote-gcrypt l
or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for je
fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
leep only takes one
> integer):
> sleep 0.02
Not using bash (or a Debian Policy compliant shell interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
l interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
what the proper severity of the bug is, and adjust it a
t the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
ot;$openldap" == "yes" ]; then
> possible bashism in ./usr/sbin/monitor line 141 (should be 'b = a'):
> if [ "$protocol" == "LDAPI" ] || [ "$protocol" == "" ]; then
> possible bashism in ./usr/sbin/monitor line 142 (should be 'b = a'):
> if [ "$(id -u)" == "0" ] && [ "$autobind" == "on" ]; then
> possible bashism in ./usr/sbin/monitor line 143 (should be 'b = a'):
> if [ "$error" == "yes" ]; then
> possible bashism in ./usr/sbin/monitor line 148 (should be 'b = a'):
> if [ "$error" == "yes" ]; then
> possible bashism in ./usr/sbin/monitor line 160 (should be 'b = a'):
> if [ "$protocol" == "LDAP" ] || [ "$protocol" == "" ]; then
> possible bashism in ./usr/sbin/monitor line 161 (should be 'b = a'):
> if [ "$error" == "yes" ]; then
> possible bashism in ./usr/sbin/monitor line 164 (should be 'b = a'):
> if [ "$openldap" == "yes" ]; then
> possible bashism in ./usr/sbin/start-dirsrv line 67 (should be 'b = a'):
> if [ -d "/lib/systemd/system" ] && [ "$(id -u)" == "0" ];then
> possible bashism in ./etc/init.d/dirsrv line 121 (sleep only takes one
> integer):
> sleep 0.5
Not using bash (or a Debian Policy compliant shell interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
rry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
egards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
ery once and then to sponsor
the package.
Will be filing the removal request later today.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
system
> libraries get pointed to the _wrong_ time.h.
Ah! That explains! The missing declaration of time_t was puzzling me.
Thanks, I will take a look at the other bugs to get the package back in
shape.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To
t is not a bug, it is a missing feature.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
and restart applications as soon as possible."
[emphasis is mine]
We did mention it.
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
change and upload to security-master.d.o. Can you do
that?
Thanks.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
irmation or that doesn't require a special
parameter to connect to any server for which it can not verify the validity
of the certificate should be fixed. Don't hesitate to file a bug report
against those tools.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - ge
,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
a warning message and list the full path, while
>> libtar should simply print it as 'empty-file'.
>
> Yes, an odd number of ".." will yield the desired result, but the even ".."s
> will be missed.
Ah, yes, indeed. Nice catch.
Cheers,
--
Raphael Gei
the while loop right after the if. Attached test
case contains an entry called ../../../empty-file
tar tf should print a warning message and list the full path, while
libtar should simply print it as 'empty-file'.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
triple-double-dot.tar
Description: Unix tar archive
write to memory outside the allocated buffer.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
match. Built against 1000105f, you have 10001060
That's openssh. If there's anything else that's breaking your DM or
something else then it might be another bug in a different package,
but not in openssl.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
-
wn bug in openssh. Merging.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi again,
Found another case where it didn't work as expected. Updated,
attached, patch should do it.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Index: librsvg-2.26.3/rsvg-image.c
===
--- li
Control: tag 732144 patch
Attached patch should correctly handle URIs and non-URIs.
I've tested it with a few applications using relative and absolute
paths, and URIs.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Index: librsvg-2.26.3/rsvg-im
& Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4420
http://security-tracker.debian.org/tracker/CVE-2013-4420
Attached is a proposed patch that makes libtar work similarly to tar.
Cheers,
--
Raphael Geissert - De
Hi,
There are also some other issues that are specific to 1.5.1 (or at
least they do not affect 1.3):
CVE-2013-6053: information leaks
CVE-2013-6887: DoS
All the patches will be available as soon as I forward to oss-sec the
messages I sent to the distros list.
Cheers,
--
Raphael Geissert
sive] Error 1
make[2]: Leaving directory `/tmp/buildd/gtk+3.0-3.4.2/debian/build/shared'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/tmp/buildd/gtk+3.0-3.4.2/debian/build/shared'
make: *** [debian/stamp-makefile-build/shared] Error 2
dpkg-buildpackage: error: debian/rules bui
nformation so it's correctly tracked
> as fixed in later versions. I'll coordinate with SRM for uploading a fix
> to stable. Are you available to test a tentatively fixed package before
> upload?
The change is trivial, but sure.
Cheers,
--
Raphael Geissert - Debian Developer
www.d
and is
command-line and output-compatible with pwgen.
Basically changing everything under the hood without letting others know.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of &qu
Control: tag -1 patch
Control: found -1 3.10.6-2
Hi,
Could you also please prepare fixed packages targeting old/stable for a DSA?
Once prepared please send the debdiff to team@security.d.o to
coordinate their upload and release.
Thanks in advance,
--
Raphael Geissert - Debian Developer
Control: tags -1 + patch
Hi,
Attached patch applies to eglibc 2.11 and 2.13 (squeeze and wheezy).
It is the same as upstream, but with a fixed context.
Tested on both releases.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
CVE-2013-4332.patch
Description
CC'ing ftpmasters so that they can comment and act if necessary.
[1]http://ftp-master.metadata.debian.org/changelogs/main/d/dieharder/unstable_copyright
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.d
bug. You might raise the severity once we have
>> released and the transition is planned with release team.
>
> In the mean time libav9 was uploaded, could you please look into a fix?
I had completely forgotten about this bug *sigh*
Will try to give it a shot this week unless some
that ugprades from squeeze to wheezy to
jessie are possible), targeting the $codename-security archives with a
symbolic urgency of "high" and send the debdiffs to team@security.d.o
prior to their upload to the security archive.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Dev
know what you think.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi,
On 14 August 2013 16:17, Raphael Geissert wrote:
> Looking at your fix in c4d4e0478, I'd look into fixing it in a way
> that doesn't imply that integers overflow, as that's undefined
> behavior and can be optimised away by compilers. None of the
> instructions ca
m whether this is in fact a
regression.
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
39
You could check if that is the issue by modifying
transaction/report.rb's initialize to @report_format = 3.
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of
ers don't overflow.
Wouldn't it be better to just set a limit to j that is checked while
calculating the amount of memory that is needed, and that is lower
enough than INT_MAX that performing one more iteration won't overflow
it?
Cheers,
--
Raphael Geissert - Debian Developer
www.deb
Hi Stig, Chris,
Stig: Have you been able to check the report?
I haven't taken a proper look at it, but I think there's at least one
extra field that doesn't correspond to the format version.
On 31 July 2013 17:43, Chris Boot wrote:
> On 25/06/13 17:36, Raphael Geissert wr
On 2 August 2013 12:29, Raphael Geissert wrote:
> I strongly believe this to be the problem with the plugin
> initialisation, fixed with c140757221.
Oh, and if that's the cause then, this is a bug in the strongswan package, so:
reassign 692606 strongswan-nm
affects 692606 netw
perl half broken.
Anyway, reverting the severity. Sorry about that.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
://bugzilla.redhat.com/show_bug.cgi?id=954054
Please adjust the affected versions in the BTS as needed.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian
On 21 June 2013 17:07, Raphael Geissert wrote:
> As promised via IRC, attached patch is a version that actually works.
And now a patch to be applied on top of it to restore the
compatibility of the reports.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Hi,
Upstream provided me with the following gist against 2.6.18 that fixes
this vulnerability:
https://gist.github.com/stahnma/d7598b49a4abc07845b9
Haven't checked how much backporting is needed.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
-
I provided when submitting the bug report.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
i-bin/bugreport.cgi?bug=710353#17
Could you please prepare fixed packages for stable, to be included in
point releases?
Thanks.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "u
i-bin/bugreport.cgi?bug=710353#17
Could you please prepare fixed packages for oldstable and stable, to
be included in point releases?
Thanks.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subje
ecurity team were involved in analyzing the code
> and a reference to this bug.
Feel free to add a security notice upstream, but the
README.Debian.security file is to state that the Debian security team
is going to provide limited support.
As such, it should be kept in Debian.
Cheers,
--
Raphael Ge
reviewing
the code, implement standard web security measures and make sure the
expected use and its requirements are considered also by upstream and
continued during the following releases.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian
-5529
Since there's also another issue affecting firebird, this less severe
issue could be fixed in the same DSA.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "uns
fixed via a SPU, however.
As such, please add a README.Debian.security file briefly mentioning
the limited security support, effective for the version in wheezy and
newer.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to
Hi,
Am I missing something, or with the recent changes this bug can be closed
now? (i.e. security build queues and buildds are all setup.)
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with
Hi,
The issue can easily be reproduced on an x86_64 system running squeeze
with the public reproducer.
Valgrind also shows the issue (but beware of the time and memory it takes).
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian
.org/cgi-bin/cvename.cgi?name=CVE-2012-5667
http://security-tracker.debian.org/tracker/CVE-2012-5667
Please adjust the affected versions in the BTS as needed.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-
shell interpreter which
doesn't provide such an extra feature) as /bin/sh is likely to lead to
errors or unexpected behaviours.
You can find hints about how to fix bashisms at:
https://wiki.ubuntu.com/DashAsBinSh
Thank you,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
n find hints about how to fix bashisms at:
https://wiki.ubuntu.com/DashAsBinSh
Thank you,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
/dev/null
>
>possible bashism in ./usr/bin/refdb-restore line 183 (should be >word
>2>&1):
>tar -xzf ${archive} ${notefile} &> /dev/null
>
>possible bashism in ./usr/bin/refdb-restore line 187 (should be >word
>2>&1):
>
On Thursday 13 September 2012 04:17:03 Philipp Kern wrote:
> On Tue, Sep 11, 2012 at 03:24:32PM -0500, Raphael Geissert wrote:
> > This is just to keep a record of things that need to be done before the
> > release:
> > * Add security queues for armhf
> > * Ad
tags 660488 + patch
thanks
Dear maintainer,
I've prepared an NMU for miredo (versioned as 1.2.3-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards.
Raphael Geissert
diff -Nru miredo-1.2.3/debian/changelog miredo-1.2.3/debian/changelog
--- m
o lead to
errors or unexpected behaviours.
You can find hints about how to fix bashisms at:
https://wiki.ubuntu.com/DashAsBinSh
Thank you,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
ion errors.
Seems like you should 'use 5.014' and/or have a versioned Depends on
perl-base.
Cheers,
Raphael Geissert
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Versions of packages tasksel
Source: icinga-web
Version: 1.7.1-4
Severity: serious
Hi,
lib/phing/classes/phing/tasks/ext/jsmin/JsMin.php includes the
following license clause that makes it non-free:
> The Software shall be used for Good, not Evil.
Cheers,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-r
Package: jsxgraph
Version: 0.83+svn1872~dfsg-3
Severity: serious
Hi,
tools/jsmin.py includes the following license clause that makes it
non-free:
> The Software shall be used for Good, not Evil.
Cheers,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.
Hi again,
On Friday 14 September 2012 18:46:48 Raphael Geissert wrote:
> * Uploads must be coordinated and ACKed by the security team. Unless I'm
> missing something, it didn't happen this way.
I've been pointed out that you talked to Nico about it. Please accept my
apo
be used.
* The testing-security queue is not functional. Any security update for
wheezy, during its freeze, must go through testing-proposed-updates if it
can't go through sid.
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to
archive
* Work with the buildd people to give them access to sec's incoming
Thanks.
Cheers,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
I'm going
to file a similar bug against ftp-master.d.o for that.
Cheers,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
http://security-tracker.debian.org/tracker/CVE-2012-3549
Please adjust the affected versions in the BTS as needed.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubsc
2011-5129
Please adjust the affected versions in the BTS as needed.
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
One day later than expected...
On Tuesday 21 August 2012 10:56:06 Raphael Geissert wrote:
> If you do consider those cases, then Breaks should probably be used
> instead. Recommends is not enough even for the scenario where this bug
> was reproduced: grml - recommends are disabled b
ested a squeeze->wheezy upgrade with Breaks, though. Will try to
get around it today so that I can report back...
> Same case if s/he prefers to disable installation of recommends.
> And with this back to the initial topic: Adding a recommends, okay?
... because I don't think Reco
ot noticing it before. Somehow I knew I should have bumped the
redirection code :-/
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
ould really be no
application/x-httpd-* entry in mime.types.
Perhaps .php and others should be added back as text/x-php and a NEWS entry
added.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
On Sunday 13 May 2012 11:26:19 Steve McIntyre wrote:
> On Thu, May 06, 2010 at 12:06:03PM -0500, Raphael Geissert wrote:
> >Please remember that kfreebsd-i386 and kfreebsd-amd64 are now release
> >architectures and failure to build on those is considered release
> >critical
Hi,
Thanks for the patch and the NMU. As a minor nitpick you should
probably consider giving the patch file a more descriptive name, like
"missing-unistdh.patch" :)
Anyway, it's not worth another upload just to change that.
Cheers,
--
Raphael Geissert - Debian Developer
reopen 663206
thanks
Hi,
Upgrading dpkg does workaround the bug, but it is an unintentional side
effect.
Maintainer scripts must have a shebang as per section 6.1 of policy.
(thanks to James McCoy for finding the proper reference :)
Cheers,
--
Raphael Geissert - Debian Developer
#x27;purge'). You may want to file a bug on
> apt about this.
I purged apt. APT's postrm runs rm -rf on /var/cache/apt and /var/lib/apt.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
e creating package cache
E: error performing command 'install'
# cupt update
E: unable to open file '//var/lib/apt/extended_states': No such file or
directory
E: error while parsing extended states
E: error while creating package cache
E: error performing command 'update'
Package: csound
Severity: grave
Tags: security
Hi,
Two vulnerabilities have been found in csound. Please refer to the
following page for more information:
http://secunia.com/secunia_research/2012-3/
Regards,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
re (haven't tried at all) the reasoning looks correct.
For the next version I've already had to fiddle with auto* and run autoreconf,
so I'll see how that plays with multiarch.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, em
to remove
them from lenny, squeeze, and sid.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
t was meant to be handled by the extensions manager, but
that's another story...
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
1 - 100 of 454 matches
Mail list logo
