Package: mongo-cxx-driver
Severity: serious
Justification: keep package out of testing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
This package should not enter testing.
- -- System Information:
Debian Release: 10.10
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (
Package: musl
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
The following vulnerability was published for musl.
CVE-2020-28928[0]:
wcsnrtombs destination buffer overflow
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabi
close 849428 1.15.1+dfsg-2
thanks
Philip Ross wrote:
> 2010/1/3 Roberto C. Sanchez :
>> Upstream had indicated an intention to separate out the actual timezone
>> data (for systems, like Windows, that do not include a system-wide
>> standard timezone database, like is included in libc). However, I have
>
Chanoch (Ken) Bloom wrote:
> This bug (to remove embedded timezone information from ruby-tzinfo)
> hasn't been touched in a while. The bug is still release-critical, and
> is now in testing also. (And ActiveSupport depends on ruby-tzinfo).
> Has there been any progress on fixing it?
>
> --Ken
>
package sasl2-bin
severity 563006 important
fixed 563006 2.1.23.dfsg1-5
merge 562895 563006
thanks
This was already reported (as #562895) and closed within a few hours by
a new version (2.1.23.dfsg1-5).
Regards,
-Roberto
Achim Schaefer wrote:
> Package: sasl2-bin
> Version: 2.1.23.dfsg1-4
> Sev
package sasl2-bin
severity 558014 minor
thanks
Since it has been nearly a month and there is no additional evidence to
indicate that the buggy behavior actually originates within the
sasl2-bin package, I am lowering the severity. If evidence to the
contrary can be produced, the severity can be ra
Richard A Nelson wrote:
> Package: libsasl2-modules-gssapi-heimdal
> Version: 2.1.23.dfsg1-3
> Severity: critical
> Justification: breaks unrelated software
>
> My /var/log/auth.log are now (that libpam-heimdal has been upgrade)
> filled with this:
> 05:28:37 ultima-thule slapd[4238]: SASL [
Package: xiphos
Version: 3.1.1-2
Severity: serious
Justification: Renders package unusable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
When trying to install xiphos in sid today, I got this:
The following packages have unmet dependencies:
xiphos: Depends: libgtkhtml-editor0 (< 3.27) but 3.28
Even if the Debian package was unaffected (the changelog is dated more
than a week ago), it is still worthwhile to upgrade to 2.1.2 to fix this
vulnerability:
http://trac.wordpress.org/ticket/3879
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http
On Wed, Dec 06, 2006 at 07:24:22PM +0100, Andreas Metzler wrote:
> On 2006-12-06 "Roberto C. Sanchez" <[EMAIL PROTECTED]> wrote:
>
> > Just realize that such an approach effectively prevents backporting
> > after the release of Etch.
> [...]
>
> etch
s still much higher than the RMs wanted (160 in the last mail
I saw, IIRC). So, we may yet have a window in which to work.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
with this.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
ame problem with kdebase and I caught it
there. I've just had a bad run of prematurely filing bugs. Sorry for
the noise.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
that's a bug
> in cyrus-sasl2 only...
>
OK. That was my mistake then. I thought that we still had symbol
versioning in there, which both you and Fabian have clarified that we do
not. I apologize for the confusion.
Regards,
-Roberto
--
Roberto C. Sanchez
http://peopl
Package: sylpheed-claws-gtk2-extra-plugins
Version: 2.5.0~rc3-1
Severity: serious
This package now fails to build with the new 0.47-1 version of libetpan.
Please see the attached build log for details.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http
Package: sendmail
Version: 8.13.8-2
Severity: serious
During build, sendmail fails to find libldap. Please see the attached
build log for details.
Note, this happened with a test version of cyrus-sasl2 which had ldap
support disabled.
Regards,
-Roberto
--
Roberto C. Sanchez
http
Package: sylpheed-claws-gtk2
Vesion: 2.5.5-1
Severity: serious
This package now fails to build with the new 0.47-1 version of libetpan.
Please see the attached build log for details.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
Package: etpan-ng
Version: 0.7.1-3
Severity: serious
This package failed to build in a Sid pbuilder. Basically, today a new
version of libetpan was uploaded. Now, etpan-ng fails to buid against
the new version.
Please see the attached build log for details.
Regards,
-Roberto
--
Roberto C
On Sun, Oct 15, 2006 at 04:59:26AM -0400, Roberto C. Sanchez wrote:
> On Sat, Oct 14, 2006 at 11:54:44PM -0300, Henrique de Moraes Holschuh wrote:
> > On Sat, 14 Oct 2006, Roberto C. Sanchez wrote:
> > > * Fixed load_config to search for the config file in all directories
&
On Sat, Oct 14, 2006 at 11:54:44PM -0300, Henrique de Moraes Holschuh wrote:
> On Sat, 14 Oct 2006, Roberto C. Sanchez wrote:
> > * Fixed load_config to search for the config file in all directories
> > (bug # 2796). Changed the default search path to be
> > /usr
ories
(bug # 2796). Changed the default search path to be
/usr/lib/sasl2:/etc/sasl2
Is this sufficient for our needs?
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
/cgi-bin/bugreport.cgi?bug=211156
If someone could review it and (hopefully) include it upstream, we would
really appreciate it.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
This has been taken care of in the svn repo. I am going to try and
devote as much time as possible over the next week to this. If I can
get some more help, I think that the new version can be ready for Etch.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http
I asked on #debian-devel and the consensus is that what the htdig
package did was wrong. It should not have removed the /var/www symlink
and recreated the directory empty. This is in fact a serious bug.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www
removed stuff from /var/www, which I suspect it did not. If
it did not, please close the bug report. If it did, then good catch.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
p with the defaults of
the upstream confguration.
Regards,
-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
Package: rpmstrap
Version: 0.5.2-2
Severity: serious
Justification: Policy 9.1.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to the FHS [0], architecture independent data must reside in
/usr/share. Since rpmstrat is a collection of shell script snippets,
/usr/lib is the wrong place f
Package: dvipdfmx
Version: 1:20050831-1
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It appears that the latest version of this package chokes on remove:
http://lists.debian.org/debian-user/2006/08/msg02787.html
This behavior was probably introduced when the fix for #355650 w
so that every python-foo
package will depend on pythonX.Y-foo (= version) for the X.Y default
python version. This would prevent this bug from occurring again.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~roberto
diff -ur eyed3-0.6.10.old/debian/changelog eyed3-0.6.10/debian
tags 364264 + patch
thanks
I have attached a patch that fixes this bug.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~roberto
diff -ur directvnc-0.7.5.old/debian/changelog directvnc-0.7.5/debian/changelog
--- directvnc-0.7.5.old/debian/changelog2006-05-13 17:54:25.251128443
tags 364629 + patch
thanks
I have attached a patch that fixes this bug.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~roberto
diff -ur xosview-1.8.2.old/config/configure.in xosview-1.8.2/config/configure.in
--- xosview-1.8.2.old/config/configure.in 2006-05-13 16:25
the package for upload.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~roberto
pgpkLpEvILD4O.pgp
Description: PGP signature
On Tue, Aug 30, 2005 at 10:16:27PM -0700, Greg KH wrote:
> On Tue, Aug 30, 2005 at 08:23:02PM -0400, Roberto C. Sanchez wrote:
> > >
> > I also don't understand why the gcc version is an issue. I mean, you
> > can compile a library with one version of gcc and li
the past by staying
on the bleeding edge. I know that I am only one data point, but I am
sure that I am not the only one.
> Option a) doesn't seem particularly sensible to me, btw, because the
> "risk" is near certain...
>
Incidentally, is it possible to
irst upgrading the
kernel and risk breakage; or b) upgrade the kernel twice. Once before
and once after. I suppose that it is possible to build the new kernel
inside of a chroot (or sbuild or pbuilder) if kernel-package is being
used.
I am simply pointing out that there is a potential issu
default version of gcc that is in Etch.
However, if you have to compile your own kernel, do you upgrade kernel,
dist-upgrade and then recompile with the new gcc?
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~roberto
pgp5wTbDALf0m.pgp
Description: PGP signature
On Thu, May 26, 2005 at 11:39:26AM +0200, Patrick Cornelißen wrote:
> Roberto C. Sanchez schrieb:
>
> > pacakge releaseforge
> typo? :-)
>
I am this close -> <- from swapping the `a' and `k' keys on my keyboard
:-)
-Roberto
--
Roberto C. Sanchez
h
> I started the -2 release as user and as root, I don't know if
> releaseforge remembers the user, but i have in /root and in my home no
> .releaseforge directories and in /etc seems to be not releaseforge
> config either.
>
> I have no clue why it tries to write in
accidentally wiped the ~/.gnupg from before the restore, but I
will try to duplicate it this afternoon and report back. In short,
any use of gnupg, at least through enigmail, to verify a mail
message completely locked t-bird.
> Please be more verbose in your bug reports.
>
Sorry :-)
-Rober
qt-tools 3.13 and 3.14.1.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~sanchezr
signature.asc
Description: OpenPGP digital signature
was this close, -> <-, to whipping up a -src
package that just included the source and a script to crank out a .deb
from it.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~sanchezr
signature.asc
Description: OpenPGP digital signature
Quoting Paul Slootman <[EMAIL PROTECTED]>:
Could you give http://www.xs4all.nl/~wurtel/rsync_2.6.4-6_i386.deb
a try? That has the fix for the log file thing in it. I think this is
the quickest way of seeing whather that is the problem :-)
Yes. That fixed it quite nicely.
-Roberto
--
Rob
Quoting Paul Slootman <[EMAIL PROTECTED]>:
On Tue 10 May 2005, Roberto C. Sanchez wrote:
>>
>>>I'm guessing this is related to #307923. Please add a line
>>>log file = /var/log/rsyncd.log
>>>to the top of /etc/rsyncd.conf, and try it again. At least,
Paul Slootman wrote:
> On Tue 10 May 2005, Roberto C. Sanchez wrote:
>
>
>>Paul Slootman wrote:
>>
>>>I'm guessing this is related to #307923. Please add a line
>>>log file = /var/log/rsyncd.log
>>>to the top of /etc/rsyncd.conf, and try it a
Paul Slootman wrote:
> On Tue 10 May 2005, Roberto C. Sanchez wrote:
>
>
>>Package: rsync
>>Version: 2.6.4-5
>>Severity: critical
>>
>>I am filing this bug as critical for 2 reasons: 1) the package in
>>question breaks the systemimager-server packag
stemimager/mounted_filesystems from 127.0.0.1.
getimage: Have you run "prepareclient" on 127.0.0.1?
If you see the message "unrecognised option" above, check
http://systemimager.org/download/ to be sure that you are running
Reverting to 2.6.4-2 causes normal behavior to re
47 matches
Mail list logo
