Bug#967953: Package not installable in sid due to missing dependencies python-argcomplete and python-ipaddr

Package: ifupdown2 Version: 1.2.7-1 Severity: grave The package ifupdown2 currently cannot be installed on systems running sid as the two of its dependencies, python-argcomplete and python-ipaddr, are no longer present in sid. The suggested packages python-gvgen and python-mako also no

Bug#893497: buffer overflow in column(1)

00:00:00 2001 From: Julian Brost Date: Sun, 1 Sep 2019 21:48:27 +0200 Subject: [PATCH] column_maxline.diff: use correct size for buffer By using a hard-coded shift left by one, the patch implicitly assumed that sizeof(wchar_t) == 2, but this is not always the case and the buffer may be too small

Bug#399002: libpam-krb5: allow TGT verification by non-root processes

On 12.06.2016 00:09, Russ Allbery wrote: > Maybe I should take a step back and ask what security issue are you trying > to address with this patch? Maybe that would help me understand why you > think a setuid binary is superior. I admit that, these days, I usually > just let Kerberos not

Bug#399002: libpam-krb5: allow TGT verification by non-root processes

On Fri, 10 Jun 2016 13:11:41 -0700 Russ Allbery wrote: > Simon Ruderich writes: > > > Any objections against using it as setgid instead of setuid? This > > would work fine as well and prevent serious privilege escalation. > > If you

Bug#805477: closed by Martin Pitt <mp...@debian.org> (Bug#805477: fixed in systemd 230-1)

On 23.05.2016 12:33, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the systemd package: > > #805477: systemd: Leak of scope units slowing down "systemctl > list-unit-files" and delaying logins > > It has been closed by

Bug#805477: systemd: Leak of scope units slowing down "systemctl list-unit-files" and delaying logins

On 18.11.2015 21:27, Felipe Sateler wrote: > Maybe this is related to a debian-specific patch[1]? Julian, could you > try with this patch removed? > > > [1] > http://sources.debian.net/src/systemd/227-3/debian/patches/Revert-core-one-step-back-again-for-nspawn-we-actual.patch I've built

Bug#798391: systemd: RuntimeDirectory= creates directory with wrong group

Package: systemd Version: 215-17+deb8u2 Severity: normal Dear Maintainer, if you create to system groups on the system (suppose we call them 'group0' and 'group1') and a user 'some-user' with the primary group group0 and now create a service file that makes use of User=, Group= and

Bug#741483: apticron: uses --allow-unauthenticated by default

Package: apticron Version: 1.1.55 Severity: normal Dear Maintainer, I noticed that apticron uses --allow-unauthenticated by default. I can't see a reason for this as on a normal system, all packages should be authenticated. In my opinion this option shouldn't be used by default as this at least

Bug#724746: tntnet: Default configuration exports whole filesystem via HTTP

Package: tntnet Version: 2.1-2 Severity: grave Dear Maintainer, the default configuration of the tntnet package contains this line: MapUrl ^/(.*)$ static@tntnet /$1 This causes the whole filesystem to be exported via HTTP, thus allowing all files readable by the user www-data on the whole