Bug#1031542: dbeacon: XSS Vulnerability in matrix.pl

Package: dbeacon Version: 0.4.0-2+b2 Severity: important Tags: patch upstream Dear Maintainer, the included CGI script /usr/share/dbeacon/matrix.pl is vulnerable to XSS attacks as it does not do proper input validation. A patch that mitigates the problem is included. Cheers, Raoul -- System

Bug#968367: sogo: please include active sync support

Package: sogo Version: 4.3.2-1 Severity: wishlist Dear Maintainer, currently the active sync support ist not included in the Debian version of sogo. Unfortunately there are a still a lot of clients preferring active sync over carddav/caldav. Would it be possible to include active sync support

Bug#908010: fwbuilder: xml parser error when trying to open old revision

Package: fwbuilder Version: 5.3.7-3 Severity: normal Dear Maintainer, * What led up to the situation? We have UTF8 characters in the fwbuilder database file. Trying to load an old revision of the database results in error "Error parsing XML from file [...] Input is not proper

Bug#873957: postfix: multiple instances not handled correctly by systemd

Package: postfix Version: 3.2.2-1 Severity: normal Tags: patch Dear Maintainer, * What led up to the situation? trying to use multiple instances as stated in README.Debian. * What exactly did you do (or not do) that was effective (or ineffective)? systemctl enable

Bug#868768: marked as done (RFS: iperf3/3.2-1)

reopen 868768 thanks

Bug#868768: RFS: iperf3/3.2-1

d: * new upstream version * enabled SCTP support (Closes: #858944) * enabled OpenSSL support * bumped standards version to 4.0.0 Regards, Raoul Gunnar Borenius

Bug#860492: mgen-doc: please drop recommends on dhelp, which is RC-buggy and not going into Stretch

Hallo Paul, On Mon, Apr 17, 2017 at 09:32:48PM +0200, Paul Gevers wrote: > Package: mgen-doc > Version: 5.02.b+dfsg1-2 > Severity: important > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > While going through RC bugs of packages maintained by QA, I noticed that > mgen-doc

Bug#826230: conserver: Please compile with GSSAPI support

Source: conserver Severity: wishlist Dear Maintainer, it would be great to be able to use GSSAPI authentication when connecting to the conserver server. Thanks for considering adding the support in your build. Cheers, Raoul -- System Information: Debian Release: stretch/sid APT prefers

Bug#778527: ITP: libfile-mktemp-perl -- Make temporary filename from template

Package: wnpp Severity: wishlist Owner: Raoul Gunnar Borenius boren...@dfn.de * Package name: libfile-mktemp-perl Version : 1.0.6 Upstream Author : Travis Gummels tra...@gummels.com * URL : https://metacpan.org/release/File-MkTemp/ * License : public-domain

Bug#762603: dbeacon: should not run as root

Package: dbeacon Version: 0.3.9.3-2 Severity: wishlist Dear Maintainer, attached is a patch that fixes two things for me: - make dbeacon run as user '_dbeacon' instead of 'root' for security reasons - introduce a way to specify command line options to the deamons when running multiple

Bug#753894: ITP: i2util -- Internet2 utility library and tools

Package: wnpp Severity: wishlist Owner: Raoul Gunnar Borenius boren...@dfn.de * Package name: i2util Version : 1.2 Upstream Author : Aaron Brown aa...@internet2.edu * URL : http://software.internet2.edu/ * License : Apache License, Version 2.0 Programming

Bug#739330: nslcd: aging information in service shadow incorrectly initialized

Package: nslcd Version: 0.9.2-1 Severity: important Dear Maintainer, 'getent shadow' seems to return 2^32-1 instead of empty values int the aging information fields: root@sid-amd64-dev:~# getent shadow user1:*:4294967295:4294967295:4294967295:4294967295:4294967295:4294967295:0

Bug#729888: kpasswd: missing error message when new passwords do not match

Package: heimdal-clients Version: 1.6~git20120403+dfsg1-4 Severity: normal Dear Maintainer, when using kpasswd to change the password it gives no error message when the two new passwords do not match: user@sid-amd64:~$ kpasswd user@REALM's Password: current password New password: something

Bug#714152: checksecurity: warning when using find with option -ignore_readdir_race

Package: checksecurity Version: 2.0.14 Severity: normal Dear Maintainer, the check-setuid plugin triggers the follwoing warning message from find: find: warning: you have specified the -ignore_readdir_race option after a non-option argument (, but options are not positional

Bug#712680: libkrb5-26-heimdal: hprop broken after upgrade to wheezy

Package: libkrb5-26-heimdal Version: 1.4.0~git20100726.dfsg.1-2+squeeze1 Severity: important Dear Maintainer, after Upgrade from Sqeeze to Wheezy hprop stopped working when using it to transfer the database to slaves: root@master:~# hprop SLAVE hprop: krb5_get_init_creds: Failed to find

Bug#662849: ITP: bwctl -- bandwidth test controller

Package: wnpp Severity: wishlist Owner: Raoul Gunnar Borenius boren...@dfn.de * Package name: bwctl Version : 1.3 Upstream Author : Jeff Boote bo...@internet2.edu, Aaron Brown aa...@internet2.edu * URL : http://www.internet2.edu/performance/bwctl/ * License

Bug#658245: postinst should not change /etc/inetd.conf on upgrades

Package: swat Version: 2:3.5.6~dfsg-3squeeze6 Severity: normal I have the following custom inetd.conf setup for swat (to make it listen only on localhost): #off# swatstream tcp nowait.400 root/usr/sbin/tcpd /usr/sbin/swat localhost:swat stream tcp

Bug#647237: check-mk-config-nagios3: wrong path to check-mk files in /etc/nagios3

Package: check-mk-config-nagios3 Version: 1.1.10-2 Severity: normal * 'check_mk_templates.cfg' is wrongly installed in /etc/nagios3/objects/, should be in /etc/nagios3/conf.d/check_mk/ * when running 'check-mk -R' check_mk_objects.cfg is written to /etc/nagios3/conf.d/ but should also be in