[Bug 804647] Re: vdeterm does not restore terminal when it returns in error
I have tested the fix in -proposed for precise. Package version: 2.2.3-3ubuntu1 Fix confirmed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/804647 Title: vdeterm does not restore terminal when it returns in error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vde2/+bug/804647/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1269977] [NEW] package tex-common 3.15 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1
Public bug reported: Happened during upgrade from ubuntu 13.04 to 13.10. ProblemType: Package DistroRelease: Ubuntu 13.10 Package: tex-common 3.15 Uname: Linux 3.10.17-031017-generic x86_64 ApportVersion: 2.9.2-0ubuntu8.5 Architecture: amd64 Date: Thu Jan 16 23:38:58 2014 DuplicateSignature: package:tex-common:3.15:ErrorMessage: subprocess installed post-installation script returned error exit status 1 ErrorMessage: ErrorMessage: subprocess installed post-installation script returned error exit status 1 InstallationDate: Installed on 2010-04-23 (1364 days ago) InstallationMedia: Kubuntu 10.04 Lucid Lynx - Release Candidate amd64 (20100419.1) MarkForUpload: True PackageArchitecture: all SourcePackage: tex-common Title: package tex-common 3.15 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1 UpgradeStatus: Upgraded to saucy on 2014-01-16 (0 days ago) ** Affects: tex-common (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-package need-duplicate-check saucy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1269977 Title: package tex-common 3.15 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tex-common/+bug/1269977/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1269980] [NEW] package python-gi 3.8.0-2 failed to install/upgrade: ErrorMessage: subprocess new pre-removal script returned error exit status 1
Public bug reported: Happened during upgrade from Ubuntu 13.04 to 13.10 ProblemType: Package DistroRelease: Ubuntu 13.10 Package: python-gi 3.8.0-2 Uname: Linux 3.10.17-031017-generic x86_64 ApportVersion: 2.9.2-0ubuntu8.5 Architecture: amd64 Date: Thu Jan 16 23:46:59 2014 ErrorMessage: ErrorMessage: subprocess new pre-removal script returned error exit status 1 InstallationDate: Installed on 2010-04-23 (1364 days ago) InstallationMedia: Kubuntu 10.04 Lucid Lynx - Release Candidate amd64 (20100419.1) MarkForUpload: True SourcePackage: pygobject Title: package python-gi 3.8.0-2 failed to install/upgrade: ErrorMessage: subprocess new pre-removal script returned error exit status 1 UpgradeStatus: Upgraded to saucy on 2014-01-16 (0 days ago) ** Affects: pygobject (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-package saucy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1269980 Title: package python-gi 3.8.0-2 failed to install/upgrade: ErrorMessage: subprocess new pre-removal script returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pygobject/+bug/1269980/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1094722] Re: Raring: regression: fan keeps spinning at full speed after suspend
Sadly, the problem is not fixed on a HP ProBook 5310m with the v3.10-rc5-raring kernel. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1094722 Title: Raring: regression: fan keeps spinning at full speed after suspend To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1094722/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1094722] Re: Raring: regression: fan keeps spinning at full speed after suspend
@Joseph: Upgrading to kernel 3.9.0 (#28 [0]) does not help on a HP ProBook 5310m. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1094722 Title: Raring: regression: fan keeps spinning at full speed after suspend To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1094722/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 967712] Re: soffice.bin assert failure: *** glibc detected *** /usr/lib/libreoffice/program/soffice.bin: double free or corruption (!prev): 0x00000000020d1980 ***
** Visibility changed to: Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/967712 Title: soffice.bin assert failure: *** glibc detected *** /usr/lib/libreoffice/program/soffice.bin: double free or corruption (!prev): 0x020d1980 *** To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/967712/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] [NEW] Upgrade 11.10 to 12.04 failed on gconf2
Public bug reported: Upgrade fails with: subprocess installed post-installation script returned error exit status 250 This is the error from apt-term.log Setting up gconf2 (3.2.5-0ubuntu1) ... (gconftool-2:9066): GConf-CRITICAL **: No such file `/usr/lib/x86_64 -linux-gnu/gconf/2/libgconfbackend-xml.so' (gconftool-2:9066): GConf-WARNING **: Failed to load source xml:readwrite:/var/lib/gconf/defaults: Failed: Couldn't locate backend module for `xml:readwrite:/var/lib/gconf/defaults' ** GConf:ERROR:gconftool.c:969:main: assertion failed: (err == NULL) dpkg: error processing gconf2 (--configure): subprocess installed post-installation script returned error exit status 250 ** Affects: update-manager (Ubuntu) Importance: Undecided Status: New ** Tags: dist-upgrade ** Tags added: dist-upgrade -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] Re: Upgrade 11.10 to 12.04 failed on gconf2
** Attachment added: apt-term.log https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+attachment/2921002/+files/apt-term.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] Re: Upgrade 11.10 to 12.04 failed on gconf2
** Attachment added: apt.log https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+attachment/2921003/+files/apt.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] Re: Upgrade 11.10 to 12.04 failed on gconf2
** Attachment added: main.log https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+attachment/2921005/+files/main.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] Re: Upgrade 11.10 to 12.04 failed on gconf2
** Attachment added: term.log https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+attachment/2921006/+files/term.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] Re: Upgrade 11.10 to 12.04 failed on gconf2
** Attachment added: history.log https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+attachment/2921004/+files/history.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 962854] Re: Upgrade 11.10 to 12.04 failed on gconf2
The problem seems to be with gconf-service and multiarch. gconf-service:amd64 and gconf-service:i386 can't be installed alongside - and for some reason the gconf-service:i386 was installed first (it is a x86_64 system). The files that gconf2 looks for is only available in gconf-service:amd64. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/962854 Title: Upgrade 11.10 to 12.04 failed on gconf2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/962854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 691068] Re: SRU tracking bug for KDE 4.4.5/8 update in Lucid
Have been running the PPA version months ago; and upgraded to the proposed version more than a week ago. Everything have been working perfectly with both. -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdegraphics in ubuntu. https://bugs.launchpad.net/bugs/691068 Title: SRU tracking bug for KDE 4.4.5/8 update in Lucid -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 604892] Re: Please merge kdesvn 1.5.3-2 from debian unstable(main)
I experienced the same a while ago, that was why I skipped over merging... if you can figure out why it FTBFS'es that would be good. -- Please merge kdesvn 1.5.3-2 from debian unstable(main) https://bugs.launchpad.net/bugs/604892 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 605011] Re: Please merge offlineimap 6.2.0.2 (universe) from Debian unstable (main)
** Changed in: offlineimap (Ubuntu) Status: Confirmed = In Progress ** Changed in: offlineimap (Ubuntu) Assignee: Ryan Kavanagh (ryanakca) = Andreas Wenning (andreas-wenning) -- Please merge offlineimap 6.2.0.2 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/605011 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 605011] Re: Please merge offlineimap 6.2.0.2 (universe) from Debian unstable (main)
Uploaded! Thanks for your contribution to Ubuntu. For future reference; no need to mention the maintainer mangling in the changelog. ** Changed in: offlineimap (Ubuntu) Status: In Progress = Fix Committed ** Changed in: offlineimap (Ubuntu) Assignee: Andreas Wenning (andreas-wenning) = (unassigned) -- Please merge offlineimap 6.2.0.2 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/605011 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603740] Re: [CVE-2010-1190] Data leakage vulnerability in thumb.php
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-1190 ** Visibility changed to: Public ** Also affects: mediawiki (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: mediawiki (Ubuntu Jaunty) Importance: Undecided Status: New ** Also affects: mediawiki (Ubuntu Karmic) Importance: Undecided Status: New ** Changed in: mediawiki (Ubuntu) Status: New = Fix Released -- [CVE-2010-1190] Data leakage vulnerability in thumb.php https://bugs.launchpad.net/bugs/603740 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603740] Re: [CVE-2010-1190] Data leakage vulnerability in thumb.php
Already prepared debdiffs for hardy, jaunty and karmic fixing this. All has been tested in .chroots to verify the fix. First follows for karmic. ** Patch added: mediawiki_1.15.0-1.1ubuntu0.4.debdiff http://launchpadlibrarian.net/51645793/mediawiki_1.15.0-1.1ubuntu0.4.debdiff -- [CVE-2010-1190] Data leakage vulnerability in thumb.php https://bugs.launchpad.net/bugs/603740 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603740] Re: [CVE-2010-1190] Data leakage vulnerability in thumb.php
For jaunty. -- [CVE-2010-1190] Data leakage vulnerability in thumb.php https://bugs.launchpad.net/bugs/603740 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603740] Re: [CVE-2010-1190] Data leakage vulnerability in thumb.php
** Patch added: mediawiki_1.13.3-1ubuntu2.4.debdiff http://launchpadlibrarian.net/51645811/mediawiki_1.13.3-1ubuntu2.4.debdiff -- [CVE-2010-1190] Data leakage vulnerability in thumb.php https://bugs.launchpad.net/bugs/603740 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603740] Re: [CVE-2010-1190] Data leakage vulnerability in thumb.php
And lastly for hardy. ** Patch added: mediawiki_1.11.2-2ubuntu0.7.debdiff http://launchpadlibrarian.net/51645821/mediawiki_1.11.2-2ubuntu0.7.debdiff ** Changed in: mediawiki (Ubuntu Karmic) Status: New = Confirmed ** Changed in: mediawiki (Ubuntu Hardy) Status: New = Confirmed ** Changed in: mediawiki (Ubuntu Jaunty) Status: New = Confirmed -- [CVE-2010-1190] Data leakage vulnerability in thumb.php https://bugs.launchpad.net/bugs/603740 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 601702] Re: CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC
Patches prepared for lucid, karmic and jaunty. All have been tested in a chroot of the release to which they are prepared for. Debdiff for lucid ** Patch added: kvirc_4.0.0~svn3900+rc2-1ubuntu0.1.debdiff http://launchpadlibrarian.net/51407463/kvirc_4.0.0%7Esvn3900%2Brc2-1ubuntu0.1.debdiff -- CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC https://bugs.launchpad.net/bugs/601702 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 601702] Re: CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC
Debdiff for karmic ** Patch added: kvirc_4.0.0~svn3240-1ubuntu0.1.debdiff http://launchpadlibrarian.net/51407511/kvirc_4.0.0%7Esvn3240-1ubuntu0.1.debdiff -- CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC https://bugs.launchpad.net/bugs/601702 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 601702] Re: CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC
And debdiff for jaunty ** Patch added: kvirc_4.0.0~svn3039-0ubuntu2.1.debdiff http://launchpadlibrarian.net/51407516/kvirc_4.0.0%7Esvn3039-0ubuntu2.1.debdiff ** Changed in: kvirc (Ubuntu Lucid) Status: In Progress = Confirmed ** Changed in: kvirc (Ubuntu Jaunty) Status: In Progress = Confirmed ** Changed in: kvirc (Ubuntu Karmic) Status: In Progress = Confirmed -- CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC https://bugs.launchpad.net/bugs/601702 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 577595] Re: huge list of dependencies for Kile
This is the list of recommends for kile: Recommends: asymptote, context, dblatex, dvipdfmx, dvipng, ghostscript, imagemagick, kbibtex | pybliographer | gbib | jabref, konqueror | firefox, latex2html, lilypond, okular | evince | gv, psutils, tex4ht, texlive-metapost, texlive-xetex, zip This is the list of installed packages that can be influenced from kile. As I see it these in general makes sense to have as recommends; but maybe some of them should be demoted to suggests? Any of these that seems unreasonable to have as recommends? All other -doc packages ttf fonts and more, are not recommends or depends of kile, but are further down the dependency-list. All those needs to be fixed individually in the other packages. -- huge list of dependencies for Kile https://bugs.launchpad.net/bugs/577595 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 601702] [NEW] CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC
*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: kvirc From the Debian advisory http://www.debian.org/security/2010/dsa-2065 : Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack. Already fixed in 4.0.0~rc3 in maverick. ** Affects: kvirc (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2451 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2452 -- CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC https://bugs.launchpad.net/bugs/601702 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 601702] Re: CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC
** Also affects: kvirc (Ubuntu Jaunty) Importance: Undecided Status: New ** Also affects: kvirc (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: kvirc (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: kvirc (Ubuntu Maverick) Importance: Undecided Status: New ** Changed in: kvirc (Ubuntu Maverick) Status: New = Fix Released ** Changed in: kvirc (Ubuntu Lucid) Status: New = In Progress ** Changed in: kvirc (Ubuntu Karmic) Status: New = In Progress ** Changed in: kvirc (Ubuntu Jaunty) Status: New = In Progress -- CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC https://bugs.launchpad.net/bugs/601702 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 600104] [NEW] Sync mediawiki 1:1.15.4-2 (universe) from Debian unstable (main)
Public bug reported: Please sync mediawiki 1:1.15.4-2 (universe) from Debian unstable (main) Changelog entries since current maverick version 1:1.15.4-1: mediawiki (1:1.15.4-2) unstable; urgency=low [ Thorsten Glaser ] * debian/control: add Vcs-SVN and Vcs-Browser [ Jonathan Wiltshire ] * debian/source/format: Switch to source format 3.0 (quilt) * debian/rules: Drop CDBS quilt logic * debian_specific_config.patch: Don't just redefine MW_INSTALL_PATH, remove the original definition (LP: #406358) * debian/README.source: document use of quilt and format 3.0 (quilt) * New patch backup_documentation.patch improves documentation of maintenance/dumpBackup.php (closes: #572355) * Standards version 3.9.0 (no changes) -- Jonathan Wiltshire deb...@jwiltshire.org.uk Tue, 29 Jun 2010 14:20:35 +0100 ** Affects: mediawiki (Ubuntu) Importance: Wishlist Status: Confirmed ** Changed in: mediawiki (Ubuntu) Importance: Undecided = Wishlist ** Changed in: mediawiki (Ubuntu) Status: New = Confirmed -- Sync mediawiki 1:1.15.4-2 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/600104 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 528686] Re: Please merge apt-watch 0.3.2-14 (universe) from Debian testing (main)
There is changes in debian/rules in the debian-ubuntu diff, which is not described in remaining changes. Can you fix that up and upload a new diff? Thanks! -- Please merge apt-watch 0.3.2-14 (universe) from Debian testing (main) https://bugs.launchpad.net/bugs/528686 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 596900] Re: Please merge libphidgets 0.3.8-3.2 (universe) from Debian unstable (main)
Uploaded. Thanks for your contribution to Ubuntu. -- Please merge libphidgets 0.3.8-3.2 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/596900 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 598077] [NEW] CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: squirrelmail Description from http://squirrelmail.org/security/issue/2010-06-21 A vulnerability was reported in the SquirrelMail Mail Fetch plugin, wherein (when the plugin is activated by the administrator) a user is allowed to specify (without restriction) any port number for their external POP account settings. While the intention is to allow users to access POP3 servers using non-standard ports, this also allows malicious users to effectively port-scan any server through their SquirrelMail service (especially note that when a SquirrelMail server resides on a network behind a firewall, it may allow the user to explore the network topography (DNS scan) and services available (port scan) on the inside of (behind) that firewall). As this vulnerability is only exploitable post-authentication, and better more specific port scanning tools are freely available, we consider this vulnerability to be of very low severity. It has been fixed by restricting the allowable POP port numbers (with an administrator configuration override available). ** Affects: squirrelmail (Ubuntu) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Lucid) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Maverick) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Hardy) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Jaunty) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Karmic) Importance: Undecided Status: In Progress ** Visibility changed to: Public ** Changed in: squirrelmail (Ubuntu) Status: New = In Progress ** Also affects: squirrelmail (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Jaunty) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Maverick) Importance: Undecided Status: In Progress ** Changed in: squirrelmail (Ubuntu Lucid) Status: New = In Progress ** Changed in: squirrelmail (Ubuntu Jaunty) Status: New = In Progress ** Changed in: squirrelmail (Ubuntu Hardy) Status: New = In Progress ** Changed in: squirrelmail (Ubuntu Karmic) Status: New = In Progress -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
Here comes a debdiff for lucid. Package tested and works in a chroot. ** Patch added: squirrelmail_1.4.20-1ubuntu0.1.debdiff http://launchpadlibrarian.net/50849565/squirrelmail_1.4.20-1ubuntu0.1.debdiff ** Changed in: squirrelmail (Ubuntu Lucid) Status: In Progress = Confirmed -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
And a debdiff for karmic. Tested likewise. ** Patch added: squirrelmail_1.4.19-1ubuntu0.2.debdiff http://launchpadlibrarian.net/50849625/squirrelmail_1.4.19-1ubuntu0.2.debdiff -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
** Changed in: squirrelmail (Ubuntu Karmic) Status: In Progress = Confirmed -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
Debdiff for jaunty. Tested as well. ** Patch added: squirrelmail_1.4.15-4ubuntu0.4.debdiff http://launchpadlibrarian.net/50849951/squirrelmail_1.4.15-4ubuntu0.4.debdiff ** Changed in: squirrelmail (Ubuntu Jaunty) Status: In Progress = Confirmed -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
And lastly, here is one for hardy. Also tested in a hardy chroot. ** Patch added: squirrelmail_1.4.13-2ubuntu1.6.debdiff http://launchpadlibrarian.net/50850016/squirrelmail_1.4.13-2ubuntu1.6.debdiff ** Changed in: squirrelmail (Ubuntu Hardy) Status: In Progress = Confirmed -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 400636] Re: Mediawiki commented out in /etc/mediawiki/apache after install
It is not for the package maintainer to meddle with the server configuration in that way. Currently mediawiki puts a symlink /etc/apache2/conf.d/mediawiki.conf - /etc/mediawiki/apache.conf and then has the line enabling mediawiki commented out; alternatively the package should have the line commented in, and instead refrain from doing the symlink and instruct the user to do that in the documentation. Which approach is better is a matter of taste, and we don't want to deviate from Debian in this regard. So this should be changed there if it should be changed at all. But in short; having it commented out is intentional. ** Changed in: mediawiki (Ubuntu) Status: New = Won't Fix -- Mediawiki commented out in /etc/mediawiki/apache after install https://bugs.launchpad.net/bugs/400636 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 597220] [NEW] Sync mediawiki 1:1.15.4-1 (universe) from Debian unstable (main)
Public bug reported: Please sync mediawiki 1:1.15.4-1 (universe) from Debian unstable (main) Explanation of the Ubuntu delta and why it can be dropped: The Ubuntu package simply contains the upstream security fixes as included in the 1.15.2/3/4 package. Changelog entries since current maverick version 1:1.15.1-1ubuntu3: mediawiki (1:1.15.4-1) unstable; urgency=high [ Jonathan Wiltshire ] * New upstream security release (closes: #585918). * CVE-2010-1647: Fix a cross-site scripting (XSS) vulnerability which allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) strings that are processed as script by Internet Explorer. * CVE-2010-1648: Fix a cross-site request forgery (CSRF) vulnerability in the login interface which allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form. [ Romain Beauxis ] * Put debian's package version in declared version. Should help sysadmins to keep track of installed versions, in particular with regard to security updates. * Added Jonathan Wiltshire to uploaders. * Do not clan math dir if it does not exist (for instance when running clean from SVN). -- Romain Beauxis to...@rastageeks.org Mon, 21 Jun 2010 23:41:29 +0200 mediawiki (1:1.15.3-1) unstable; urgency=high * New upstream release. * Fixes security issue: MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with $wgAllowUserJs = true in LocalSettings.php, then the attacker can proceed to mount a phishing-style attack against the victim to obtain their password. -- Romain Beauxis to...@rastageeks.org Fri, 16 Apr 2010 14:44:09 -0500 mediawiki (1:1.15.2-1) unstable; urgency=high * New upstream release. * Fixes security issue: Two security issues were discovered: A CSS validation issue was discovered which allows editors to display external images in wiki pages. This is a privacy concern on public wikis, since a malicious user may link to an image on a server they control, which would allow that attacker to gather IP addresses and other information from users of the public wiki. All sites running publicly-editable MediaWiki installations are advised to upgrade. All versions of MediaWiki (prior to this one) are affected. A data leakage vulnerability was discovered in thumb.php which affects wikis which restrict access to private files using img_auth.php, or some similar scheme. All versions of MediaWiki since 1.5 are affected. * Updated standards. * Removed section about upgrading from mediawiki1.x packages in README.Debian since they do not exist in any supported distribution anymore. * Switched php5-gd and imagemagick in Suggests. Closes: #542008 * Backported patch from revision 51083 to fix a bug with invalid titles. Closes: #537134 * Backported patch from revision 61090 to add a unique guid per RSS feed element. Closes: #383130 * Refreshed patches. -- Romain Beauxis to...@rastageeks.org Mon, 15 Mar 2010 11:41:07 -0500 ** Affects: mediawiki (Ubuntu) Importance: Wishlist Status: Confirmed ** Changed in: mediawiki (Ubuntu) Importance: Undecided = Wishlist ** Changed in: mediawiki (Ubuntu) Status: New = Confirmed -- Sync mediawiki 1:1.15.4-1 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/597220 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 585647] Re: [i965gm] X crash: i830_uxa_prepare_access: bo map failed
Tried upgrading to the mainline kernel as pointed out in comment #4, but I still have crashes happening. -- [i965gm] X crash: i830_uxa_prepare_access: bo map failed https://bugs.launchpad.net/bugs/585647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 585647] Re: [i965gm] X crash: i830_uxa_prepare_access: bo map failed
Oh well, it crashed a few times anyway. At least it seems more stable with the newer driver, but far from perfect. -- [i965gm] X crash: i830_uxa_prepare_access: bo map failed https://bugs.launchpad.net/bugs/585647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 365770] Re: Screensaver starts while playing a Video with Kaffeine (missing build-dependency on libxtst-dev)
Fix confirmed. After installing the version from jaunty-proposed, the screensaver will no longer start, while kaffeine is playing (when it stops playing, the screensaver will then start after the desired time). -- Screensaver starts while playing a Video with Kaffeine (missing build-dependency on libxtst-dev) https://bugs.launchpad.net/bugs/365770 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 387043] Re: osmgpsmap python bindings placed in site-packages rather than dist-packages
Fix confirmed. After installing the package from jaunty proposed, the test-script shows a map (instead of simply giving a module not found error). -- osmgpsmap python bindings placed in site-packages rather than dist-packages https://bugs.launchpad.net/bugs/387043 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 588709] Re: KPackageKit depends on kdebase-workspace-bin uneccessarily
Fix confirmed. When using proposed and trying to install kate (on a fresh ubuntu-desktop) the number of packages to install is lower (drops from 108 to 82). Installing kpackagekit on the same machine with proposed enabled, and can confirm that it still works. -- KPackageKit depends on kdebase-workspace-bin uneccessarily https://bugs.launchpad.net/bugs/588709 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kpackagekit in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 519049] Re: xauth generate with large timeout triggers assertion
Tested in Kubuntu. After installing the version from proposed, running the command no longer crashes X. -- xauth generate with large timeout triggers assertion https://bugs.launchpad.net/bugs/519049 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 589811] Re: My email address is in Xorg.0.log so users email me directly for support
Fix confirmed. After installing the version in lucid-proposed the e-mail is replaced with a support notice; no references to a ubuntu.com e-mail could be found in the log then. -- My email address is in Xorg.0.log so users email me directly for support https://bugs.launchpad.net/bugs/589811 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 227837] Re: [Hardy] overzealous masquerading affects vm to vm traffic
Tested this on a fresh hardy server. I can confirm that the fix works. Created two kqemu-accelerated instances in libvirt. Without the version from proposed packages between the two instances are routed through the host; with the version from proposed, they are now send directly. Tested pinging both the host and external sites from the instances, and can confirm that this also still works as expected. -- [Hardy] overzealous masquerading affects vm to vm traffic https://bugs.launchpad.net/bugs/227837 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 583735] Re: Akonadi self-test comes up if startup takes too long
Tested this in a not-so-fast VM. After installing the version from lucid-proposed the akonadi self-test window now doesn't pop-up as it did the first few times i tested with the old version. -- Akonadi self-test comes up if startup takes too long https://bugs.launchpad.net/bugs/583735 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdepimlibs in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 588723] Re: kubuntu-desktop / kubuntu-netbook / ubuntu-netbook should Depends ttf-liberation due to poor font fallback otherwise
Tested this on a fresh install of Kubuntu (desktop). Upgrading kubuntu- desktop to the version from lucid-poposed installs ttf-liberation (and no other installs/removals happen). -- kubuntu-desktop / kubuntu-netbook / ubuntu-netbook should Depends ttf-liberation due to poor font fallback otherwise https://bugs.launchpad.net/bugs/588723 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kubuntu-meta in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 588723] Re: kubuntu-desktop / kubuntu-netbook / ubuntu-netbook should Depends ttf-liberation due to poor font fallback otherwise
More testing on the kubuntu-desktop: without proposed/ttf-liberation: 24 pages with proposed/ttf-liberation: 25 pages on windows/word 2007: 25 pages Fix confirmed. -- kubuntu-desktop / kubuntu-netbook / ubuntu-netbook should Depends ttf-liberation due to poor font fallback otherwise https://bugs.launchpad.net/bugs/588723 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 227837] Re: [Hardy] overzealous masquerading affects vm to vm traffic
Tested this on a fresh hardy server. I can confirm that the fix works. Created two kqemu-accelerated instances in libvirt. Without the version from proposed packages between the two instances are routed through the host; with the version from proposed, they are now send directly. Tested pinging both the host and external sites from the instances, and can confirm that this also still works as expected. -- [Hardy] overzealous masquerading affects vm to vm traffic https://bugs.launchpad.net/bugs/227837 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 582251] Re: debug1: Remote: No xauth program; cannot forward with spoofing.
Tested in fresh ubuntu-server install (with the openssh-server task). After installing the version from lucid-proposed an .Xauthority file is now created and the DISPLAY variable is now set. -- debug1: Remote: No xauth program; cannot forward with spoofing. https://bugs.launchpad.net/bugs/582251 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 585647] Re: [i965gm] X crash: i830_uxa_prepare_access: bo map failed
I had the same problem in lucid. Looks to be a video driver issue though. Tried updating to the xserver-xorg-video-intel driver from the x-updates PPA and after doing this I haven't had any crashes happen on me. apt-cache policy xserver-xorg-video-intel xserver-xorg-video-intel: Installed: 2:2.11.0-1ubuntu1~xup Candidate: 2:2.11.0-1ubuntu1~xup Version table: *** 2:2.11.0-1ubuntu1~xup 0 410 http://ppa.launchpad.net/ubuntu-x-swat/x-updates/ubuntu/ lucid/main Packages 100 /var/lib/dpkg/status 2:2.9.1-3ubuntu5 0 500 http://dk.archive.ubuntu.com/ubuntu/ lucid/main Packages -- [i965gm] X crash: i830_uxa_prepare_access: bo map failed https://bugs.launchpad.net/bugs/585647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 582251] Re: debug1: Remote: No xauth program; cannot forward with spoofing.
Tested in fresh ubuntu-server install (with the openssh-server task). After installing the version from lucid-proposed an .Xauthority file is now created and the DISPLAY variable is now set. -- debug1: Remote: No xauth program; cannot forward with spoofing. https://bugs.launchpad.net/bugs/582251 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
Looks like they will become CVE-2010-1647 and CVE-2010-1648 according to http://security-tracker.debian.org/tracker/source-package/mediawiki if you want to mark them in the cve-tracker. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-1647 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-1648 -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 584360] Re: Sync mediawiki 1:1.15.3-1 (universe) from Debian unstable (main)
New version 1.15.4 has been released upstream (security release). We'll need to wait for this. ** Changed in: mediawiki (Ubuntu) Status: Confirmed = Invalid -- Sync mediawiki 1:1.15.3-1 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/584360 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
Debdiff fixing this for lucid. ** Patch added: mediawiki_1.15.1-1ubuntu2.1.debdiff http://launchpadlibrarian.net/49409916/mediawiki_1.15.1-1ubuntu2.1.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
Debdiff fixing this for karmic. ** Patch added: mediawiki_1.15.0-1.1ubuntu0.3.debdiff http://launchpadlibrarian.net/49409953/mediawiki_1.15.0-1.1ubuntu0.3.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
Debdiff fixing this for jaunty. ** Patch added: mediawiki_1.13.3-1ubuntu2.3.debdiff http://launchpadlibrarian.net/49409997/mediawiki_1.13.3-1ubuntu2.3.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
Debdiff fixing this for hardy. ** Patch added: mediawiki_1.11.2-2ubuntu0.6.debdiff http://launchpadlibrarian.net/49410019/mediawiki_1.11.2-2ubuntu0.6.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
All of the have above have been successfully tested in the relevant release in a chroot. ** Changed in: mediawiki (Ubuntu Hardy) Status: In Progress = Confirmed ** Changed in: mediawiki (Ubuntu Lucid) Status: In Progress = Confirmed ** Changed in: mediawiki (Ubuntu Karmic) Status: In Progress = Confirmed ** Changed in: mediawiki (Ubuntu Jaunty) Status: In Progress = Confirmed -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released
** Visibility changed to: Public -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 581379] Re: jockey-kde still uses kdesudo on startup
Confirmed; after updating to the version in lucid-proposed it no longer shows a kdesudo popup on start. I don't have any hardware in need of proprietary drivers so can't test that thoroughly if it works as expected, but it at least starts fine. -- jockey-kde still uses kdesudo on startup https://bugs.launchpad.net/bugs/581379 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 571329] Re: No translation for xsane in lucid
Changing to fix committed as it is still only in -proposed. ** Changed in: xsane (Ubuntu Lucid) Status: Fix Released = Fix Committed -- No translation for xsane in lucid https://bugs.launchpad.net/bugs/571329 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 350902] Re: [ubuntu 8.10] kio_imap4 hangs
I've been running with the proposed package since it was added to the archive and haven't noticed any problems, neither any hangs like described. -- [ubuntu 8.10] kio_imap4 hangs https://bugs.launchpad.net/bugs/350902 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdepimlibs in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 573591] Re: Uploads greater than 64 kilobytes corrupted when using Apache mod_fcgid
** Also affects: libapache2-mod-fcgid (Ubuntu Lucid) Importance: Undecided Status: New -- Uploads greater than 64 kilobytes corrupted when using Apache mod_fcgid https://bugs.launchpad.net/bugs/573591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 573591] Re: Uploads greater than 64 kilobytes corrupted when using Apache mod_fcgid
Uploaded to the lucid-proposed queue; awaiting ubuntu-sru approval. -- Uploads greater than 64 kilobytes corrupted when using Apache mod_fcgid https://bugs.launchpad.net/bugs/573591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 584360] [NEW] Sync mediawiki 1:1.15.3-1 (universe) from Debian unstable (main)
Public bug reported: Please sync mediawiki 1:1.15.3-1 (universe) from Debian unstable (main) Explanation of the Ubuntu delta and why it can be dropped: The Ubuntu package contains the upstream security fixes as included in the 1.15.2/3 package; only added manually to be sure only to get the security fixes after lucid feature freeze. Changelog entries since current maverick version 1:1.15.1-1ubuntu2: mediawiki (1:1.15.3-1) unstable; urgency=high * New upstream release. * Fixes security issue: MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with $wgAllowUserJs = true in LocalSettings.php, then the attacker can proceed to mount a phishing-style attack against the victim to obtain their password. -- Romain Beauxis to...@rastageeks.org Fri, 16 Apr 2010 14:44:09 -0500 mediawiki (1:1.15.2-1) unstable; urgency=high * New upstream release. * Fixes security issue: Two security issues were discovered: A CSS validation issue was discovered which allows editors to display external images in wiki pages. This is a privacy concern on public wikis, since a malicious user may link to an image on a server they control, which would allow that attacker to gather IP addresses and other information from users of the public wiki. All sites running publicly-editable MediaWiki installations are advised to upgrade. All versions of MediaWiki (prior to this one) are affected. A data leakage vulnerability was discovered in thumb.php which affects wikis which restrict access to private files using img_auth.php, or some similar scheme. All versions of MediaWiki since 1.5 are affected. * Updated standards. * Removed section about upgrading from mediawiki1.x packages in README.Debian since they do not exist in any supported distribution anymore. * Switched php5-gd and imagemagick in Suggests. Closes: #542008 * Backported patch from revision 51083 to fix a bug with invalid titles. Closes: #537134 * Backported patch from revision 61090 to add a unique guid per RSS feed element. Closes: #383130 * Refreshed patches. -- Romain Beauxis to...@rastageeks.org Mon, 15 Mar 2010 11:41:07 -0500 ** Affects: mediawiki (Ubuntu) Importance: Wishlist Status: Confirmed ** Changed in: mediawiki (Ubuntu) Importance: Undecided = Wishlist ** Changed in: mediawiki (Ubuntu) Status: New = Confirmed -- Sync mediawiki 1:1.15.3-1 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/584360 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 580401] Re: *.kilepr file association missing
** Changed in: kile (Ubuntu) Status: New = In Progress ** Changed in: kile (Ubuntu) Assignee: (unassigned) = Andreas Wenning (andreas-wenning) -- *.kilepr file association missing https://bugs.launchpad.net/bugs/580401 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 580401] Re: *.kilepr file association missing
Fixed for maverick in the new version just merged from debian. ** Changed in: kile (Ubuntu) Status: In Progress = Fix Released -- *.kilepr file association missing https://bugs.launchpad.net/bugs/580401 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 577822] Re: mediawiki don't allow %ab as page name, but allow %ft or %a
Which version of ubuntu/mediawiki is this in? ** Changed in: mediawiki (Ubuntu) Status: New = Incomplete -- mediawiki don't allow %ab as page name, but allow %ft or %a https://bugs.launchpad.net/bugs/577822 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 577595] Re: huge list of dependencies for Kile
I like to keep the dependencies in sync to what debian does, to not deviate too much. Maybe some of them should be moved to suggests, like lilypond, but it is on the line of being relevant enough to have as recommends. The reason some of the -doc packages are installed, is not because they are kile recommends, but because eg. lilypond recommends lilypond-doc (same for the others); so all those should be changed in those respective packages. The possibility to install without recommends is made for exactly the use-case you describe. But feel free to report bugs against the packages recommending -doc. ** Changed in: kile (Ubuntu) Status: New = Incomplete -- huge list of dependencies for Kile https://bugs.launchpad.net/bugs/577595 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 574203] Re: Please sync 3.2.4-4 from Debian unstable
As we were already in sync with debian the new version has naturally been auto-synced... closing this. ** Changed in: octave3.2 (Ubuntu) Status: New = Invalid -- Please sync 3.2.4-4 from Debian unstable https://bugs.launchpad.net/bugs/574203 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 573732] Re: basket dosent decrypt basket gpgme wrong password
You can download the deb here from launchpad: https://launchpad.net/ubuntu/+source/basket/1.0.3.1-0ubuntu3 Click on the build for the correct architecture and there is a link to the .deb. -- basket dosent decrypt basket gpgme wrong password https://bugs.launchpad.net/bugs/573732 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 573732] Re: basket dosent decrypt basket gpgme wrong password
Try to see if this should work? 1. Downgrade to 1.0.3 2. Remove password protection 3. Upgrade to 2.0 beta1 4. Add password protection again ** Changed in: basket (Ubuntu) Status: New = Incomplete -- basket dosent decrypt basket gpgme wrong password https://bugs.launchpad.net/bugs/573732 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 540584] Re: oxford_en.bst file missing from texlive-latex-extra package
And invoice.sty is also missing in lucid, but was present in karmic. -- oxford_en.bst file missing from texlive-latex-extra package https://bugs.launchpad.net/bugs/540584 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 523883] Re: word wrap faulty: cursor jumps forward on new line
Thanks for reporting this bug! This is most likely a bug in the katepart (from kdelibs) then, which both kate and kile uses for the editing window. Your bug seems to be a problem with the KDE program itself, and not with our KDE packages. While we appreciate your issue, it would be better if it was tracked at https://bugs.kde.org, so that the KDE developers can deal with this speedily and have direct communication with you as the reporter for more effective debugging. Thanks! ** Also affects: kde4libs (Ubuntu) Importance: Undecided Status: New ** Changed in: kile (Ubuntu) Status: Incomplete = Invalid ** Changed in: kde4libs (Ubuntu) Status: New = Invalid -- word wrap faulty: cursor jumps forward on new line https://bugs.launchpad.net/bugs/523883 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kde4libs in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 523883] Re: word wrap faulty: cursor jumps forward on new line
It looks to be https://bugs.kde.org/show_bug.cgi?id=168534 which is not marked as resolved. The other two is marked as duplicates of https://bugs.kde.org/show_bug.cgi?id=168534 (the KDE bugzilla will treat finding a duplicate as a resolution, hence they are marked as resolved; you will then need to look at the duplicate bug to determine the real status, in this instance new). -- word wrap faulty: cursor jumps forward on new line https://bugs.launchpad.net/bugs/523883 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kde4libs in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 523883] Re: word wrap faulty: cursor jumps forward on new line
Does the same happen if you use kate with static word wrap? ** Changed in: kile (Ubuntu) Status: New = Incomplete -- word wrap faulty: cursor jumps forward on new line https://bugs.launchpad.net/bugs/523883 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 565262] Re: the hotkeys are always in qwerty
Thanks for reporting this bug! Your bug seems to be a problem with the KDE program itself, and not with our KDE packages. While we appreciate your issue, it would be better if it was tracked at https://bugs.kde.org, so that the KDE developers can deal with this speedily and have direct communication with you as the reporter for more effective debugging. Thanks! ** Changed in: kile (Ubuntu) Status: Incomplete = Invalid ** Changed in: kile (Ubuntu) Assignee: Andreas Wenning (andreas-wenning) = (unassigned) -- the hotkeys are always in qwerty https://bugs.launchpad.net/bugs/565262 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 348662] Re: Kile consequently forgets some shortcuts on close
Please test with the version from the upcoming lucid lynx release. Alternatively a backported version is available in my PPA. Also try after removing the preferences as per above. Does it still fail in beta4 after removing the preferences? ** Changed in: kile (Ubuntu) Status: Confirmed = Incomplete -- Kile consequently forgets some shortcuts on close https://bugs.launchpad.net/bugs/348662 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 565262] Re: the hotkeys are always in qwerty
Try to install kate or any other KDE program; is it the same there? -- the hotkeys are always in qwerty https://bugs.launchpad.net/bugs/565262 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 565262] Re: the hotkeys are always in qwerty
Which version of kile are you using? And on which release of (k)ubuntu? ** Changed in: kile (Ubuntu) Status: New = Incomplete ** Changed in: kile (Ubuntu) Assignee: (unassigned) = Andreas Wenning (andreas-wenning) -- the hotkeys are always in qwerty https://bugs.launchpad.net/bugs/565262 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 564393] Re: Merge wordpress (universe) 2.9.2-1 from Debian testing
Bugfix only release! Thanks for the hint; uploaded. ** Changed in: wordpress (Ubuntu) Status: Confirmed = Fix Committed ** Changed in: wordpress (Ubuntu) Assignee: (unassigned) = Andreas Wenning (andreas-wenning) -- Merge wordpress (universe) 2.9.2-1 from Debian testing https://bugs.launchpad.net/bugs/564393 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 564497] Re: Octave is not able to handle complex numbers in all cases
Same behavior on lucid, karmic and lenny. You should do: a = (1:10) + i*(1:10) then it works. ** Changed in: octave3.2 (Ubuntu) Status: New = Invalid -- Octave is not able to handle complex numbers in all cases https://bugs.launchpad.net/bugs/564497 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 544849] Re: Basket password problem - fixed in beta 1
Try to see if this should work? 1. Downgrade to 1.0.3 2. Remove password protection 3. Upgrade to 2.0 beta1 4. Add password protection again -- Basket password problem - fixed in beta 1 https://bugs.launchpad.net/bugs/544849 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 559068] [NEW] kile beta4 released
. r1112260 | mludwig | 2010-04-07 20:07:35 +0200 (Wed, 07 Apr 2010) | 2 lines Add and install beta 4 splash screen. r1112263 | mludwig | 2010-04-07 20:12:16 +0200 (Wed, 07 Apr 2010) | 2 lines Raise version to 2.1 beta 4 (2.0.85). ** Affects: kile (Ubuntu) Importance: Undecided Assignee: Andreas Wenning (andreas-wenning) Status: In Progress -- kile beta4 released https://bugs.launchpad.net/bugs/559068 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 559068] Re: kile beta4 released
** Changed in: kile (Ubuntu) Status: New = In Progress ** Changed in: kile (Ubuntu) Assignee: (unassigned) = Andreas Wenning (andreas-wenning) -- kile beta4 released https://bugs.launchpad.net/bugs/559068 You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kile in ubuntu. -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 557159] [NEW] 1.15.3 security release: CSRF login vulnerability
*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: mediawiki == From the security announcement == MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with $wgAllowUserJs = true in LocalSettings.php, then the attacker can proceed to mount a phishing-style attack against the victim to obtain their password. Even without user scripting, this attack is a potential nuisance, and so all public wikis should be upgraded if possible. Our fix includes a breaking change to the API login action. Any clients using it will need to be updated. We apologise for making such a disruptive change in a minor release, but we feel that security is paramount. For more details see https://bugzilla.wikimedia.org/show_bug.cgi?id=23076 ** Affects: mediawiki (Ubuntu) Importance: Undecided Assignee: Andreas Wenning (andreas-wenning) Status: In Progress ** Visibility changed to: Public -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
** Changed in: mediawiki (Ubuntu) Status: New = In Progress ** Changed in: mediawiki (Ubuntu) Assignee: (unassigned) = Andreas Wenning (andreas-wenning) -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
Debdiff for karmic. Had been tested in a chroot; test primarily focused on the login capability, as that is the one the patch touches. ** Also affects: mediawiki (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: mediawiki (Ubuntu Intrepid) Importance: Undecided Status: New ** Also affects: mediawiki (Ubuntu Lucid) Importance: Undecided Assignee: Andreas Wenning (andreas-wenning) Status: In Progress ** Also affects: mediawiki (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: mediawiki (Ubuntu Jaunty) Importance: Undecided Status: New ** Attachment added: mediawiki_1.15.0-1.1ubuntu0.2.debdiff http://launchpadlibrarian.net/43337042/mediawiki_1.15.0-1.1ubuntu0.2.debdiff -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
Debdiff for jaunty. Had been tested in a chroot; test primarily focused on the login capability, as that is the one the patch touches. ** Attachment added: mediawiki_1.13.3-1ubuntu2.2.debdiff http://launchpadlibrarian.net/43337116/mediawiki_1.13.3-1ubuntu2.2.debdiff -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
Debdiff for intrepid. Had been tested in a chroot; test primarily focused on the login capability, as that is the one the patch touches. ** Attachment added: mediawiki_1.12.0-2ubuntu0.5.debdiff http://launchpadlibrarian.net/43337184/mediawiki_1.12.0-2ubuntu0.5.debdiff -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
Debdiff for hardy. Had been tested in a chroot; test primarily focused on the login capability, as that is the one the patch touches. ** Attachment added: mediawiki_1.11.2-2ubuntu0.5.debdiff http://launchpadlibrarian.net/43337521/mediawiki_1.11.2-2ubuntu0.5.debdiff -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
** Changed in: mediawiki (Ubuntu Karmic) Status: New = Confirmed ** Changed in: mediawiki (Ubuntu Jaunty) Status: New = Confirmed ** Changed in: mediawiki (Ubuntu Intrepid) Status: New = Confirmed ** Changed in: mediawiki (Ubuntu Hardy) Status: New = Confirmed -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 557159] Re: 1.15.3 security release: CSRF login vulnerability
** Changed in: mediawiki (Ubuntu Lucid) Status: In Progress = Fix Committed -- 1.15.3 security release: CSRF login vulnerability https://bugs.launchpad.net/bugs/557159 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 550158] Re: move, copy and past notes no more works in ubuntu lucid
** Bug watch added: KDE Bug Tracking System #232767 http://bugs.kde.org/show_bug.cgi?id=232767 ** Also affects: basket via http://bugs.kde.org/show_bug.cgi?id=232767 Importance: Unknown Status: Unknown -- move, copy and past notes no more works in ubuntu lucid https://bugs.launchpad.net/bugs/550158 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 544849] Re: Basket password problem - fixed in beta 1
commit 167f379e75b28be993bc06350f49ca2492fb7ac6 Author: Matt Rogers ma...@kde.org Date: Sat Mar 20 20:57:18 2010 -0500 Fix crash when grouping notes. Fix a crash when grouping notes that was caused by one of my other changes that initialized the note's height to -1. There is a MIN_HEIGHT value in the Note class, so use that instead. commit 2918dea5d3ea19a71134b8358cb27ea60b8d344d Author: Matt Rogers ma...@kde.org Date: Sat Mar 20 20:50:57 2010 -0500 shorten some long lines There were several long lines in the initialization list of the Note class, so I reformatted so it fit within 110 columns. commit 7a03668448ac2ff5f7cd03e270aa24671704c5f6 Author: Matt Rogers ma...@kde.org Date: Sat Mar 20 14:41:22 2010 -0500 Reenable the compile time checks for GPG GPG encryption of baskets seems to work just fine here (at least in my minimal testing of it) so I see no reason to leave it disabled. commit 96601a99b4a752ab33fda718bca4cb4c2e5cd1a5 Author: Kelvie Wong kel...@ieee.org Date: Mon Mar 8 10:47:07 2010 -0800 Use ifdefs instead of comments, and add a #warning and some comments This is for the systray problems. commit c0522af7b2808cc0620d48cbda7f57f4eca17e18 Author: Kelvie Wong kel...@ieee.org Date: Mon Mar 8 10:44:51 2010 -0800 Revert Re-enable GPG. This reverts commit 5c2e64c376da75df5dd22e25b8add432c6a95c3d. commit 8b543911c478b854de1692d88c6b4acb03e80df3 Author: Kelvie Wong kel...@ieee.org Date: Mon Mar 8 10:44:14 2010 -0800 Whitespace changes Remove trailing whitespace, and fix mixed tabs/spaces commit e87b76e1069e5f16971171467c042156808aced2 Merge: 355e777 a737829 Author: Kelvie Wong kel...@ieee.org Date: Mon Mar 8 10:36:14 2010 -0800 Merge remote branch 'rm/master' * rm/master: Fix passive popup problem that broke screen grab. Temporarily disable deletion tracking. Fix a memory access bug. onety-three's patch for session restore bug. Fix 'spacer' is not a widget warning. Make KPassivePopup creation consistent. Fix insignificant typo in a comment. Fix some broken icons. Re-enable GPG. Fix minimize bug. Fix big note scrolling bug. Fix handle selection bug. commit a737829078b63a1421ec8f95583536d2be021ead Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Sat Mar 6 23:33:42 2010 -0500 Fix passive popup problem that broke screen grab. Thanks to Jon Mease for pointing out that the problem was an incorrect cast of a QSystemTrayIcon* to a QWidget*. commit 69afc21ff8b11414a81d6eba873282d7313fc158 Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Sat Mar 6 22:11:02 2010 -0500 Temporarily disable deletion tracking. This works around a bug in KDirWatch (bug #229634) by ignoring delete signals for now. Really, we should figure out why KDirWatch thinks that file is being deleted and compensate for it commit 252ea3510cdb66f77062d752d0451cbf2432acbb Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Thu Mar 4 11:53:51 2010 -0500 Fix a memory access bug. If you had the editor open when closing basket, you got a crash, because the destructor tried to save the note, but the note had already been deleted by a previous destructor Not good. Adding an explicit delete of m_baskets fixes this issue and potentially fixes several memory leaks, too! commit eb583ecfac011f213010e2b4bad27cfa389348e5 Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Thu Mar 4 11:52:26 2010 -0500 onety-three's patch for session restore bug. Thanks, Frank! commit eea36ad3f0e681e739b3a394a1f12f2c978e86a4 Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Thu Mar 4 00:03:52 2010 -0500 Fix 'spacer' is not a widget warning. At some point 'spacer' became 'VerticalSpacer' in designer, I guess. I just deleted the old one and added a new one in the exact same place. commit 5929cc24a202ee4006502042c934ae7d1211462f Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Wed Mar 3 23:47:10 2010 -0500 Make KPassivePopup creation consistent. Does this fix the crash that Nicholas Sushkin was seeing? commit b11aacef8cfc35031a40e4179e1a9019b767dbaf Author: Dr. Robert Marmorstein rob...@narnia.homeunix.com Date: Sun Jan 31 22:03:34 2010 -0500 Fix insignificant typo in a comment. Why not? commit 355e77755283d8f0002aa9ff52fa450fc5bc9497 Merge: 726f819 8ee2ea2 Author: Kelvie Wong kel...@ieee.org Date: Thu Jan 28 21:10:49 2010 -0800 Merge commit 'refs/merge-requests/2' of git://gitorious.org/basket/basket * git://gitorious.org/basket/basket: Updated Deb-package control file. Updated package copyright information. Added script for generating Debian packages (thanks to the Arora project). commit
[Bug 550158] Re: move, copy and past notes no more works in ubuntu lucid
** Changed in: basket (Ubuntu) Status: New = Confirmed -- move, copy and past notes no more works in ubuntu lucid https://bugs.launchpad.net/bugs/550158 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 544849] Re: Basket password problem -
Please test the new version of basket that I just uploaded to my PPA (looks like the buildds are a bit behind, so estimates build time is in 10 hours): https://launchpad.net/~andreas-wenning/+archive/ppa Does it work there? ** Changed in: basket (Ubuntu) Status: New = Incomplete ** Changed in: basket (Ubuntu) Assignee: (unassigned) = Andreas Wenning (andreas-wenning) -- Basket password problem - https://bugs.launchpad.net/bugs/544849 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
