Bug#588426: linux-image-2.6.32-5-amd64: fail to boot in a kvm virtual machine

Affects i686 as well. Ciao, Sheldon. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#459848: nvidia-kernel-source: module-assistant still doesn't build 169.07-2

found 367976 169.07-2 found 459761 169.07-2 thanks module-assistant still can't build 169.07-2, because the name of the tarball installed is nvidia-kernel.tar.bz2 instead of nvidia-kernel-source.tar.bz2. I haven't marked this bug found in 169.07-2 because the changelog makes it obvious that the u

Bug#429177: CVE-2007-3227 only fixed in 1.2.5

On Monday 22 October 2007 14:32:15 you wrote: > Huh? Who said this? We have 1.2.4 but we ship an extra patch > which is not included in 1.2.4 to fix this so I don't see > the point. I wasn't aware of the additional patch you included. Thanks, Sheldon. signature.asc Description: This is a digita

Bug#429177: CVE-2007-3227 only fixed in 1.2.5

5505 which states: "The rails core team has released ruby on rails 1.2.5 to address a potential XSS exploit with our json serialization. The CVE Identifier for this problem is CVE-2007-3227" In other words, I don't think rails-1.2.4 fully addressed the issue. Ciao, Sheldon. -- Sh

Bug#429177: CVE-2007-3227 only fixed in 1.2.5

The good news is, upstream seems to have taken disclosure complaints to heart, and is now posting security advisories to the rubyonrails-security Google Group: The bad news is, it looks like CVE-2007-3227 is only fixed properly in rails-1.2.5: http://groups.google.com/group/rubyonrails-secur

Bug#429177: rails-1.2.4 released

It's possible that no backporting is required for sid, because rails-1.2.4 has been released: http://weblog.rubyonrails.com/2007/10/5/rails-1-2-4-maintenance-release So that would leave etch the only target, and I'm not even sure if rails-1.1.6 had json support. So that just leaves lenny, and

Bug#439062: Broken Build-Depends in asterisk_1.4.11~dfsg-1

The new asterisk_1.4.11~dfsg-1 source package fails to backport in an Etch chroot because of a broken Build-Depends. The control file declares dependency on libpri-dev (>= 1.4) But it requires libpri-dev (>= 1.4.1) This is because 1.4.1 provides bristuffed/libpri.h, which is

Bug#426910: #426910 Crash and data loss after applying filters

I don't think this bug should block kdepim-3.5.7's inclusion in testing, because it does not represent a regression from 3.5.5. The original submitter claimed that this problem did not occur in kmail-1.9.5 (kdepin-3.5.4), but upstream confirms that the bug was present as early as kmail-1.9.4 (