Bug#1070345: kodi-data: Symlink for Roboto font is still for hinted version

Package: kodi-data Version: 2:20.5+dfsg-2 Severity: minor Dear Maintainer, Following #922950, the dependency was updated from fonts-roboto-hinted to fonts-roboto-unhinted. However, the symlink using it was not updated accordingly: % ls -la

Bug#1021031: wordpress: Should wordpress depend on libjs-jquery instead of bundling jQuery?

inclined to go stir the pot again with upstream. -- Christer Mjellem Strand System Administrator

Bug#1021031: wordpress: Should wordpress depend on libjs-jquery instead of bundling jQuery?

Package: wordpress Version: 6.0.2+dfsg1-1 Severity: wishlist Dear Maintainer, While I'm sure this has been discussed in the past, and upstream probably has opinions on the topic, the fact is that the WordPress package in testing now bundles jQuery 3.6.0, while the libjs-jquery package in testing

Bug#1021030: phpsysinfo: phpSysInfo vulnerable to multiple CVEs in bundled jQuery lib

Package: phpsysinfo Version: 3.2.5-3 Severity: important Dear Maintainer, The version of phpSysInfo shipped in Debian is very old, and in turn bundles a very old version of jQuery (1.12.4). Rather than upgrade to a recent jQuery - which would allow for using libjs-jquery instead - upstream has

Bug#1013433: grepcidr: New and improved fork available

Package: grepcidr Version: 2.0-2 Severity: normal Dear Maintainer, The currently packaged version of grepcidr no longer appears to see active development. There is a fork available at , which seems to be maintained, and in my personal experience, is

Bug#999568: wordpress: WordPress package should not ship separate root store

ner. That said, is there a point to shipping the WordPress root store in the package if it isn't used? Or if one does need to be present in that location, shouldn't it rather point to the system root store somehow (such as a symlink)? -- Christer Mjellem Strand System Administrator pgpozGQ7fkDlu.

Bug#999568: wordpress: WordPress package should not ship separate root store

Package: wordpress Version: 5.8.1+dfsg1-1 Severity: normal Dear Maintainer, It seems this package includes a WordPress-provided root store, which like Debian's is based on Mozilla, but which includes a workaround for an issue from six years ago concerning 1024-bit roots

Bug#992302: wordpress: WordPress 5.8 available

Package: wordpress Version: 5.7.1+dfsg1-2 Severity: wishlist Dear Maintainer, First: congrats on Bullseye! WordPress 5.8 (Tatum) was released on July 20, nearly a month ago. It contains at least one XSS fix ((), as well as a host of other

Bug#985239: rspamd should depend on publicsuffix

Package: rspamd Version: 2.7-1~bpo10+1 Severity: normal Dear Maintainer, rspamd is currently shipping its own bundled copy of the public suffix list (see publicsuffix.org), as /usr/share/rspamd/effective_tld_names.dat. It should instead depend on the publicsuffix package, where this list is

Bug#984985: wordpress: WordPress 5.7 available

Package: wordpress Version: 5.6.1+dfsg1-1 Severity: normal Dear Maintainer, WordPress 5.7 has been released. Appreciate if you're able to update the package at your earliest convenience. TIA -- System Information: Debian Release: 10.8 APT

Bug#970732: btrfsmaintenance: New upstream version available

Package: btrfsmaintenance Version: 0.4.2-1 Severity: wishlist Dear Maintainer, Version 0.5 was released on 2020-07-30. Please consider updating this package when possible. Thanks. -- System Information: Debian Release: 10.5 APT prefers stable APT policy: (900, 'stable'), (500, 'testing')

Bug#970731: btrfsmaintenance: Update description: CFQ is no longer Debian's default scheduler

Package: btrfsmaintenance Version: 0.4.2-1 Severity: minor Dear Maintainer, The description for this package mentions that "CFQ is Debian's default block scheduler." At least as of buster, I don't believe this is true anymore: # cat /sys/block/sd*/queue/scheduler [mq-deadline] none

Bug#962820: hashcash: Newer version available

Package: hashcash Version: 1.21-2 Severity: wishlist Dear Maintainer, A newer version, 1.22, has been available for 14(!) years at time of writing. A pre-release of 1.23 was also released in 2011, but given its age, I think this should be considered for packaging. Upstream continues to live at

Bug#962502: libowfat0: Newer version available

Package: libowfat0 Version: 0.30-2 Severity: wishlist Dear Maintainer, The current version in Debian is from 2015, and newer versions have since been released. As or writing, the latest version is 0.32, released 2018-10-02. Please consider packaging the newer version. Thank you. -- System

Bug#961472: libmail-dkim-perl: dkimproxy-sign breaks RFC with hardcoded deprecated signing algo

my $debug_canonicalization; my $binary; my $help; I still think the patch should be applied, though (even with its mis-spelled name..), as it at least updates the default to a sane and RFC-conformant level. Cheers -- Christer Mjellem Strand System Administrator pgpDILXEDpD4O.pgp Description: PGP signature

Bug#961472: libmail-dkim-perl: dkimproxy-sign breaks RFC with hardcoded deprecated signing algo

Package: libmail-dkim-perl Version: 0.54-1 Severity: normal Dear Maintainer, This package ships with /usr/bin/dkimproxy-sign, from dkim-proxy, which is hardcoded to use rsa-sha1 for signing. Beyond being generally weak, SHA-1 is now explicitly banned for DKIM use by RFC 8301: "Due to the

Bug#929021: spectre-meltdown-checker: New upstream version 0.41 checks for Fallout, RIDL and ZombieLoad

Package: spectre-meltdown-checker Version: 0.40-1~bpo9+1 Severity: important Tags: upstream Dear Maintainer, A new version was released today, 0.41, which checks for the new slew of CPU vulnerabilities now made public. I assume packaging this single file script is trivial, and hope that the

Bug#920275: ezmlm-idx: New upstream version/maintainer/repo

Package: ezmlm-idx Version: 7.1.1-1~exp0.1 Severity: normal Dear Future Maintainer, This package has a new upstream maintainer (Bruce Guenter), a new upstream home (), and a new upstream repo on GitHub (). The latest version is

Bug#916878: qpsmtpd: Newer upstream version available (0.96)

Package: qpsmtpd Version: 0.94-2 Severity: wishlist Hello, The version currently in Debian is now four years old. Two new versions have been released since, which include several desirable fixes: Please consider upgrading the package to

Bug#813697: wordpress: New version available: 4.4.2

Package: wordpress Version: 4.4.1+dfsg-1 Severity: important Dear Maintainer, Version 4.4.2 was released two days ago, with the following security fixes: * #36435 HTTP: 0.1.2.3 is not a valid IP. * #36444 Better validation of the URL used in HTTP redirects. Please consider packaging and

Bug#783347: wordpress: New critical security release available: 4.1.2

Package: wordpress Version: 4.1+dfsg-1 Severity: important Dear Maintainer, Version 4.1.2 was released on April 21st, tagged as a critical security release, and containing several security-related fixes, including an important XSS fix. As far as I can tell, this release is not available in

Bug#779227: libssl1.0.0: Add patch for supporting ChaCha20/Poly1305 algorithms

Source: libssl1.0.0 Version: 1.0.2-1 Severity: wishlist Dear Maintainer, Please consider applying CloudFlare's patch by Vlad Krasnov for supporting djb's ChaCha20 and Poly1305 algorithms. https://github.com/cloudflare/sslconfig/blob/master/patches/openssl__chacha20_poly1305_cf.patch Details

Bug#779246: libssl1.0.0: Support for RC4 should be dropped

Source: libssl1.0.0 Version: 1.0.1k-1 Severity: wishlist Dear Maintainer, As of the publication of RFC 7465 this month, support for RC4 is now formally prohibited. Section 2 explicitly states: o TLS clients MUST NOT include RC4 cipher suites in the ClientHello message. o TLS

Bug#445842: gd failure

Unless I am mistaken, this bug makes rmagic entirely unusable in squeeze. FWIW I think #545084 already has that effect. -- -==- -=- -==- Christer Mjellem Strand yitzhaq System administrator ICQ: 9557698 GSM: +47 922 000 12

Bug#585040: mime-support: Please add video/webm

Package: mime-support Version: 3.48-1 Severity: wishlist Please consider adding video/webm .webm to mime.types. URL:http://www.webmproject.org/code/specs/container/#naming I can't see that Google has reserved a separate extension for audio-only WebM files, which I presume means one has to

Bug#578392: mime-support: Please add text/x-sfv

Package: mime-support Version: 3.48-1 Severity: wishlist Please consider adding the following to mime.types, to help identify Simple File Verification files: text/x-sfv sfv URL:http://en.wikipedia.org/wiki/Simple_file_verification Thanks. -- System

Bug#572218: gallery2 should depend on libjs-yui

Package: gallery2 Version: 2.3.1.dfsg-1 Severity: normal The gallery2 package bundles a number of scripts from the YUI library in /usr/share/gallery2/lib/yui/ The version bundled with gallery2 is old (2007), and the scripts in question are all available in the libjs-yui package. Rather than

Bug#545084: rmagic fails with recent versions of libconfig-inifiles-perl

Package: rmagic Version: 2.21-4 Severity: important rmagic will not run with the version of libconfig-inifiles-perl currently in testing (2.49-1). betty - ~ # rmagic rmagic-test.ini Use of uninitialized value $_[0] in substitution (s///) at /usr/share/perl/5.10/File/Basename.pm line 341.

Bug#482611: grub: Outdated ramdisk info in README.Debian

Package: grub Version: 0.97-38 Severity: minor README.Debian claims the following: Be warned if your initrd image is larger than 4MB it is bigger than the default ramdisk size and you will need to use a kernel command line option like the following: ramdisk_size=16384 IINM, this is no longer

Bug#427971: More detailed info

Package: wnpp Followup-For: Bug #427971 To flesh out the info about this superior MUA a little bit: * Package name: mulberry Version : 4.0.8 Upstream Author : Cyrus Daboo [EMAIL PROTECTED] * URL : http://trac.mulberrymail.com/mulberry/wiki/opensource * License

Bug#419441: phpbb2: Automatically deleting oldest sessions when session table is full

Package: phpbb2 Version: 2.0.21-6 Severity: important When using phpbb2 with MySQL, it is generally recommended that the session table be type HEAP to reduce disk activity and increase performance. This however has the disadvantage of eventually filling up the session table, making it

Bug#343233: Multiple boards still broken

explicitly defined can have rather unfortunate consequences. The HTTP_HOST workaround does work, but as has also previously been noted, is far from ideal. Hope this is to some help, and merry christmas to whoever reads this. -- -==- -=- -==- Christer Mjellem

Bug#391775: Vote for remove

anymore because of the freeze. As I said, fully understandable. But I hope it can be looked into again after release. Thanks again for your fine packaging work, and have a Merry Christmas. -- -==- -=- -==- Christer Mjellem Strand yitzhaq

Bug#335424: pyzor: Issue still present

, and if there's anything more you want me to check, I'll try to take slightly less time than I did now. :) Thanks! -- -==- -=- -==- Christer Mjellem Strand yitzhaq Systems Administrator www.yitzhaq.net GSM +47 922 000 12

Bug#355784: pure-ftpd: fchmod(2) failure causes two close(2) calls on the same fd

! -- -==- -=- -==- Christer Mjellem Strand yitzhaq Systems Administrator www.yitzhaq.net GSM +47 922 000 12 www.countzero.no -==- -=- -==- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#355784: pure-ftpd: fchmod(2) failure causes two close(2) calls on the same fd

Package: pure-ftpd Severity: important Since upstream still hasn't applied it after 1.5 years, please consider applying this patch to the Debian package. Currently failed chmods are reported as Bad file descriptor' instead of i.e. 'Operation not permitted'. See

Bug#335424: pyzor: Issue still present

Package: pyzor Version: 1:0.4.0+cvs20030201-6 Followup-For: Bug #335424 I'm still getting the same error messages even after upgrading: Wed Jan 25 12:48:57 2006 [1420] info: spamd: processing message [EMAIL PROTECTED] for [EMAIL PROTECTED]:8 9 Wed Jan 25 12:48:58 2006 [1420] error: internal

Bug#347838: dovecot-imapd: Compiling with Vpopmail support

Package: dovecot-imapd Version: 1.0.alpha5-1 Severity: wishlist Please consider building with Vpopmail support (--with-vpopmail) Thanks. - y -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh

Bug#341991: phpbb2-conf-mysql: Gziped SQL schemas are expected, but they're not gziped

upload a fix tomorrow, and will deal with Sarge too then. Great, thanks for dealing with this so quickly. -- -==- -=- -==- Christer Mjellem Strand yitzhaq Systems Administrator www.yitzhaq.net GSM +47 922 000 12

Bug#341991: phpbb2-conf-mysql: Gziped SQL schemas are expected, but they're not gziped

Package: phpbb2-conf-mysql Version: 2.0.18-1 Severity: important After the SQL schemas were moved away from the doc dir, an upgrade results in the following error message: zcat: /usr/share/phpbb2/schemas/mysql_schema.sql.gz: No such file or directory indicating that the schemas are expected to

Bug#340653: wordpress: Admin interface redirects to incorrect subdomain

! -- -==- -=- -==- Christer Mjellem Strand yitzhaq Systems Administrator www.yitzhaq.net GSM +47 922 000 12 www.countzero.no -==- -=- -==- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL

Bug#340653: wordpress: Admin interface redirects to incorrect subdomain

Package: wordpress Version: 1.5.2-2 Severity: normal I don't know for sure whether this is an upstream bug or simply has to do with Debian's way of handling multiple blogs within the same domain, but with different subdomains. Picture the following setup in /etc/wordpress:

Bug#296037: RFP: magic-smtpd -- magic-smtpd is a drop in replacement for qmail-smtpd, and supports valid user checking to reduce server loads as well as many different rule checks.

Package: wnpp Severity: wishlist * Package name: magic-smtpd Version : 0.8.3-rc2 Upstream Author : LinuxMagic Inc. [EMAIL PROTECTED] * URL : http://www.linuxmagic.com/opensource/magicmail/magic-smtpd/ * License : LinuxMagic FreeSouce License Description