Bug#910279: ITP: optimesh -- Mesh optimization, mesh smoothing.

> Description : Mesh optimization, mesh smoothing. > > Several mesh smoothing/optimization methods with one simple interface. > optimesh > - is fast, > - preserves submeshes, > - only works for triangular meshes (for now; upvote this issue if you're > interested in tetrahedral

Bug#865105: gitlab: leaves stale systemd service symlinks after purge

Your bug report is correct, but it is really just a more specific example of the problem already reported in #863960: https://bugs.debian.org/863960 Steve -- https://steve.fi/

Bug#890816: ITP: autovpn -- Connect to a VPN in a country of your choice

On Mon Feb 19, 2018 at 12:44:40 +0100, Michael Meskes wrote: > > * It relies upon the external VPNGate.net site/service. If this > > goes away in the lifetime of a stable Debian release users will > > be screwed. > > That is actually a good point. I wonder if using a local copy might

Bug#890816: ITP: autovpn -- Connect to a VPN in a country of your choice

> Version : 0.0~git20170129.72dd7f6-1 > Upstream Author : Adhityaa C > * URL : https://github.com/adtac/autovpn .. > autovpn is a tool to automatically connect you to a random VPN > in a country of your choice. It uses openvpn to connect you to a

Bug#883075: ITP: memleax -- debug a running process for memoy leaks without recompiling or restarting

> Description : debug a running process for memoy leaks without > recompiling or restarting Typo: "memory", not "memoy". > Memleax debugs a program for memory leaks by attaching to a running process, > similarly to how gdb's does. It then hooks into the target process's > invocation of

Bug#873292: facter: Bogus output received with interface named 'master'.

Package: facter Version: 2.4.6-1 Severity: minor Dear Maintainer, Since upgrading a virtual-machine host from jessie to stretch I started seeing this email every hour, when puppet ran: To: root From: root(Cron Daemon) Cc: Subject: Cron /usr/bin/puppet agent

Bug#854585: Acknowledgement (evilvte: Allows executing (unexpected) commands via mouse-clicks)

Tags: patch One approach at solving this problem would be to stop highlighting the URL at the first "'" character. This matches what gnome-terminal, and others, do already even though I don't believe this character _should_ be escaped. This can be achieved by updating the regexp: deagol

Bug#854585: evilvte: Allows executing (unexpected) commands via mouse-clicks

Package: evilvte Version: 0.5.1-1 Severity: important Tags: security Dear Maintainer, Although a terminal is designed to execute commands it is unexpected that clicking on hyperlinks would execute arbitrary code, and unfortunately that is trivially possible. Consider the following hyperlink:

Bug#843120: ITP: freight -- easy-to-understand shell script to handle APT repositories

On Fri Nov 04, 2016 at 02:10:56 +0100, Nicolas Braud-Santoni wrote: > Description : easy-to-understand shell script to handle APT repositories > freight is an easy-to-use and to understand shell script for > building packages and keeping them in an up-to-date and signed > reporitory.

Bug#820373: w3m: SEGFAULT on bogus HTML

> Fixed, thank you. > > - > https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=5a159af05d8556a3f9f8f1a42d8fc153ffbc9694 > I confirm that fixes the problem. Thanks once more for your prompt attention. > Welcome to add more info, so that I'll confirm the problems are > really

Bug#820373: w3m: SEGFAULT on bogus HTML

Package: w3m Version: 0.5.3-19 Severity: important Tags: security Dear Maintainer, Please find attached a pair of files, each of these cause w3m to segfault when run as follows: cat $file | w3m -dump The crash is a segfault, which is probably not exploitable but may be to somebody who puts

Bug#820162: w3m: SEGFAULT on bogus HTML

On Thu Apr 07, 2016 at 06:51:52 +0900, Tatsuya Kinoshita wrote: > > Confirmed, thank you. > > Fixed in the development repo. > > - > https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=7bb2a4671503c41d63989dcef9ef54dea0c73b43 > > Will be fixed in the next upload for unstable.

Bug#820162: w3m: SEGFAULT on bogus HTML

Package: w3m Version: 0.5.3-19 Severity: important Tags: security Dear Maintainer, Please find attached a tarball which contains two files, a generated one, and one which has been reduced to the smallest possible test-case. Each of those files causes w3m to segfault when run as follows: cat

Bug#816277: gawk: Invalid program crashes the parser

Package: gawk Version: 1:4.1.1+dfsg-1 Severity: important Dear Maintainer, The following wonderful program causes an immediate segfault in the parse-process of gawk: for (i = ) in foo bar baz For example: shelob ~ $ cat t.gawk for (i = ) in foo bar baz shelob

Bug#816271: gawk: It should not be possible to segfault gawk

Package: gawk Version: 1:4.1.1+dfsg-1 Severity: important Dear Maintainer, While I appreciate that passing untrusted code to gawk is not a common thing to do, I do not believe that it should be possible to trigger a segfault though. The following "program" will crash gawk though: $ echo

Bug#810883: catdoc: Invalid memory access and segfaulting

On Wed Jan 13, 2016 at 18:08:44 -0300, Martín Ferrari wrote: > > When running under valgrind we see that an attempt is made to access > > an invalid pointer: > > This is a known issue (#679877), it was fixed when I took over this > package, and it has already reached testing. Having the fixed

Bug#810883: catdoc: Invalid memory access and segfaulting

> Fair enough. In any case, I am going to upload to backports as soon as > the version in sid stabilises. Great. > Well, I think a DSA would be too much for a tool like this :) Specially > since there has not been any PoC to show a real security issue. I won't try to force it, but I'd

Bug#810883: catdoc: Invalid memory access and segfaulting

Package: catdoc Version: 0.94.4-1.1 Severity: important Tags: security Dear Maintainer, The attached word document will cause catdoc to crash when executed: catdoc x.doc When running under valgrind we see that an attempt is made to access an invalid pointer: ==6875== Invalid read of

Bug#809252: node-cli: insecure use of temporary files

Package: node-cli Version: 0.4.4~20120516-1 Severity: critical Tags: security Dear Maintainer, The `node-cli` library makes insecure use of the following two temporary files: lock_file = '/tmp/' + cli.app + '.pid', log_file = '/tmp/' + cli.app + '.log'; These allow overwriting

Bug#808730: stalin: Insecure use of temporary files

Package: stalin Version: 0.11-5 Severity: critical Tags: security When `stalin` launches it attempts to detect its environment via the following code in /usr/lib/stalin/QobiScheme.sc: (system "uname -m >/tmp/QobiScheme.tmp") ... (system "rm -f /tmp/QobiScheme.tmp")) This is a

Bug#801530: openssh-client: Segfault on malformed keys - possible security impact

The following patch seems to me to be a reasonable stab at fixing the NULL pointer dereference. Tested on Debian Jessie (amd64), against keys of type: * dsa * ecdsa * ed25519 * rsa * rsa1 On a valid key it shows the fingerprint. On my bogus sample it shows: line

Bug#801530: openssh-client: Segfault on malformed keys - possible security impact

I'm almost embarrassed to say that I submitted the wrong reproducer in my original bug report. The previous key does trigger the fault, but it is needlessly complex. The attachment to this mail should be considered a saner example, as it still triggers the crash, but it is is

Bug#801530: openssh-client: Segfault on malformed keys - possible security impact)

> .. and the exciting-looking address is apparently a typical load address > for the ssh binary. Yes. It was in the ascii-range, which made me more optimistic. (I'm too used to using AAA..AAA as input and seeing 0x41. 0x55 looks close enough to be plausible.) Steve --

Bug#801530: openssh-client: Segfault on malformed keys - possible security impact

Package: openssh-client Version: 1:6.7p1-5 Severity: important Tags: security Dear Maintainer, I believe that the sanest way to generate an SSH fingerprint, for display to users, etc, is via executing: ssh-keygen -l -f path/to/public.key This is the rationale behind the following

Bug#772473: Acknowledgement (xbindkeys-config: Insecure use of temporary files)

Sorry for the slow reply, I wasn't Cc'd so I didn't see your reply. Did you request a CVE for it already? No, I did not. make me believe that the trust boundaries are not crossed here, thus I suppose it will be tracked as a secuirity hardening issue, and not a flaw. What do you

Bug#772473: xbindkeys-config: Insecure use of temporary files

Package: xbindkeys-config Version: 0.1.3-2 Severity: important Tags: security If you use this program and view generated file the current output will be saved to the file /tmp/xbindkeysrc-tmp. This allows the corruption of any file the user has permission to write to. Later this predictable

Bug#765697: ITP: libtest-tabs-perl -- check the presence of tabs in your project

On Fri Oct 17, 2014 at 14:38:07 +0200, Jonas Smedegaard wrote: Test::Tabs scans your project/distribution for any perl files (scripts, modules, etc) for the presence of tabs. . Needed for some uses of Dist::Inkt. Will be maintained in the Perl team. Looks like a simple/small module,

Bug#765697: ITP: libtest-tabs-perl -- check the presence of tabs in your project

On Fri Oct 17, 2014 at 15:38:02 +0200, Jonas Smedegaard wrote: Not sure what it is you suggest: Seems to me like they have _opposite_ scopes :-) You're right, I'm clearly mistaken/wrong and not being helpful. Sorry for the noise. Steve -- -- To UNSUBSCRIBE, email to

Bug#761828: fotoxx: Software packaged for Debian should not phone home

Package: fotoxx Version: 14.07.1-1 Severity: normal Dear Maintainer, The version of fotoxx available to Jessie, version 14.07.1-1, contains code which runs at startup to: * Phone home. * Attempt to update itself. Phoning home, no matter how benignly, without explicit consent from the user is

Bug#761879: fotoxx: Insecure use of temporary files

Package: fotoxx Version: 11.11.1-1.1 Severity: important Tags: security (Irrelevent) Printing Issues All three versions of fotoxx packaged for Debian (squeeze, wheezy, and jessie) make insecure use of a temporary file when printing in the function `wprintp` in

Bug#756565: CVE

On Tue Sep 09, 2014 at 12:52:38 +0300, Henri Salo wrote: Have you requested CVE already? If you want I can verify this issue and create the request. I have not, the lack of update to the bug report made it slip my mind. If you'd like to confirm the issues, which shouldn't be hard, and

Bug#756600: xcfa: Insecure use of temporary files, subject to race conditions

Package: xcfa Version: 4.3.1-1 Severity: important Tags: security xcfa contains several insecure uses of temporary files. For example the file src/get_info.c has code to test that curl is present, in the function GetInfo_wget which essentially runs: wget --user-agent=\Mozilla 22.0\

Bug#756565: lives: Numerous insecure temporary files used in smogrify

Package: lives Version: 1.6.2 Severity: important Tags: security lives contains a perl script, smogrify, which is what does a lot of the work. I don't want to point out line-by-line all the issues in the smogrify script, but please consider significantly overhauling it. There are numerous

Bug#756566: libxml-dt-perl: Insecure use of temporary files

Package: libxml-dt-perl Version: 0.62-1 Severity: important Tags: security The libxml-dt-perl package installs the script /usr/bin/mkxmltype which blindly overwrites the contents of the file: /tmp/_xml_$$ (Where '$$' corresponds to the PID of the process.) This is insecure and can

Bug#754899: rawstudio: Insecure use of temporary file.

Package: rawstudio Version: 2.0-1.1 Severity: important Dear Maintainer, The function rs_filter_graph located in file ./librawstudio/rs-filter.c contains the following code: g_string_append_printf(str, }\n); g_file_set_contents(/tmp/rs-filter-graph, str-str, str-len, NULL);

Bug#749846: trafficserver: Insecure command execution and use of temporary filenames.

On Mon Jun 02, 2014 at 10:23:23 +0100, Steven Chamberlain wrote: http://sources.debian.net/src/trafficserver/3.0.5-1/mgmt/tools/SysAPI.cc NOWARN_UNUSED_RETURN(system(/bin/mv -f /tmp/shadow /etc/shadow)); Won't that reset the shadow file's ownership to root:root? If default umask is

Bug#749846: trafficserver: Insecure command execution and use of temporary filenames.

Package: trafficserver Version: 3.0.5-1 Severity: important Tags: security Dear Maintainer, The binary `/usr/bin/traffic_shell` contains the following strings, which should be sufficient to explain the issue: /bin/mv -f /tmp/shadow /etc/shadow /bin/sort /tmp/zonetab.tmp /tmp/zonetab

Bug#748766: scheme48: Insecure use of temporary file for communication.

Package: scheme48 Version: 1.8+dfsg-1 Severity: important Tags: security The function `scheme48-send-definition` in cmuscheme48.el blindly overwrites the file /tmp/s48lose.tmp prior to sending it to the inferior scheme process. This action will blindly overwrite files the user has permission to

Bug#747100: bug#17428: Bug#747100: emacs23: Insecure use of temporary files in included lisp libraries/packages

These issues have now had several CVE identifiers associated with them, for future tracking: http://www.openwall.com/lists/oss-security/2014/03/14/5 Steve -- http://www.steve.org.uk/

Bug#747100: bug#17428: Bug#747100: emacs23: Insecure use of temporary files in included lisp libraries/packages

Clearly I'm an idiot, the correct link is this: http://www.openwall.com/lists/oss-security/2014/05/07/7 Steve -- http://www.steve.org.uk/

Bug#747100: emacs23: Insecure use of temporary files in included lisp libraries/packages

Package: emacs23 Version: 23.4+1-4 Severity: important There are several tempfile-vulnerabilities present in the Emacs Lisp bundled and distributed with the emacs23 package. Here are four brief pointers to unsafe code: lisp/gnus/gnus-fun.el: In the function `gnus-grab-cam-face` the file

Bug#741953: libreadline6: Insecure use of temporary files - in _rl_trace

Package: libreadline6 Version: 6.2+dfsg-0.1 Severity: important Tags: security Dear Maintainer, I noticed that GNU Readline version 6.x makes insecure use of files when outputting debugging information via the _rl_trace function. The details were reported here:

Bug#741370: pen: security issues with pen

CVE-2014-2387 has been allocated for the two hardcoded/insecure uses of temporary files. (/tmp/webfile.html, and /tmp/penctl.cgi.) Steve -- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#741627: insecure temporary file usage in apt-extracttemplates

Package: apt Version: 0.9.7.9+deb7u1 Severity: important Tags: security When installing/upgrading packages via `apt-get` a child process is invoked against the downloaded .deb-file to extract any templates which might be contained in that package. For example I was recently upgrading my

Bug#741370: pen: security issues with pen

[Apologies for bouncing your mails. Fixed now.] The core issue being that it is possible to run pen with remote control from untrusted hosts (or any host), should the administrator so desire. Agreed. I did think of limiting the control-socket to 127.0.0.1:XX but that a) reduces

Bug#741370: pen: security issues with pen

On Thu Mar 13, 2014 at 14:46:37 +0100, Ulric Eriksson wrote: The control socket and the configuration file use the exact same syntax by design. I see that is currently the case, yes.. If it is impossible or impractical to limit access to the socket, the same level of control over a

Bug#741370: pen: security issues with pen

Package: pen Version: 0.18.0-1 Severity: minor Tags: security There are four issues to report here; 1. Predictable filename in pen itself. 2. Insecure temporary filename in the contributed CGI script. 3. File overwrite / disclosure issues in pen. 4. Information disclosure. Predictable

Bug#733505: rush: Allows reading arbitrary files

Package: rush Version: 1.7+dfsg-1 Severity: important From the package description: GNU Rush is a restricted shell designed for sites providing only limited access to resources for remote users. Much like sudo the shell allows a configuration file to limit the commands the user(s)

Bug#730189: ruby1.8: CVE-2013-4164

The patches seem to work successfully for me: * The test-suite that runs at compile-time still passes. * The reproducer stops segfaulting. The reproducer I'm using is: -- #!/usr/bin/ruby1.8 require 'json' JSON.parse([1.+1*30+]) -- Steve -- http://www.steve.org.uk/

Bug#291844: gtetrinet: have key for send special to self

I knocked up a patch to do this, bound to 's' by default. If there is interest I'm happy to report it here, I'm only resisting because this is an 8 year old bug and my patch doesn't use quilt. Steve -- http://www.steve.org.uk/

Bug#291844: Info received (gtetrinet: have key for send special to self)

Drop the file attached into ./debian/patches/special-to-self.diff, and add it to debian/patches/series. et voila. Steve -- Index: gtetrinet-0.7.11/src/config.c === --- gtetrinet-0.7.11.orig/src/config.c 2013-09-26

Bug#714421: fabric: No fabric package in wheezy?

I found the jessie package compiled cleanly under wheezy and made it available here: http://packages.steve.org.uk/fabric/ While I don't necessarily expect you to trust a random repository on the internet you can easily get the source(s) and rebuild locally. Steve --

Bug#700219: mpc: Playlist numbering is off-by-one

Package: mpc Version: 0.19-2 Severity: normal *** Please type your report below this line *** I regularly use (via a local emacs mode) the formatting optiona available in the playlist-display to choose my next song. This example will make it clear: * I'm trying to dump all songs in the

Bug#692489: omega-rpg: fails to drop group(games) privileges

Package: omega-rpg Version: 1:0.90-pa9-15 Severity: normal Usertags: security omega-rpg is installed setgid(games). There are two cases where it doesn't drop group(games) privileges: * When creating the help file omega.doc * When writing save-games Loading the game, and pressing S

Bug#692490: greed: Insecure use of lockfile in /tmp allows file truncation

Package: greed Version: 3.4-2 Severity: normal Usertags: security *** Please type your report below this line *** The setgid(games) binary greed makes insecure use of the file /tmp/Greed.lock - allow arbitrary files that are writeable to the games user. By itself this is not a grave concern,

Bug#675503: summain: Misc. typos in the manpage.

Package: summain Version: 0.13-1 Severity: minor *** Please type your report below this line *** Please find below a diff fixing a couple of typos in the manpage. -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable')

Bug#651896: Acknowledgement (njam: Insecure usage of environmental variable)

Simple patch: --- src/njam.cpp-orig 2011-12-13 17:06:04.0 + +++ src/njam.cpp2011-12-13 17:07:08.0 + @@ -339,7 +339,7 @@ sprintf(linux_sdl_driver, x11\0); char *driver_name = getenv(SDL_VIDEODRIVER); if (driver_name) - sprintf(linux_sdl_driver,

Bug#651896: njam: Insecure usage of environmental variable

Package: njam Version: 1.25-5 Justification: user security hole Severity: grave Tags: security *** Please type your report below this line *** The setgid(games) binary /usr/games/njam makes insecure use of the environmental variable SDL_VIDEODRIVER. This potentially allows the execution of

Bug#635617: nanourl: SQL Injection flaw in URL lookup

Package: nanourl Version: 0.1-7.1 Severity: important *** Please type your report below this line *** The lookup of destination URLs uses unescaped parameters from the query string, making a classic SQL Injection security hole. In real terms this package is not security critical, has a low

Bug#629003: fabric is prone to file-overwrite security issue(s).

Package: fabric Version: 0.9.1-1 Justification: causes serious data loss Severity: important Tags: security *** Please type your report below this line *** Fabric includes two modules which are marked as contrib, and are included in the main package. These two modules both suffer from the same

Bug#615292: chronicle: Issues with rendering UTF-8 characters)

On Sun Feb 27, 2011 at 15:50:28 +0100, Kai Wasserb??ch wrote: another side effect of this bug is a broken RSS feed, Indeed. If it is broken it will be broken globally. I've been careful to open all files in a way which seemed to be clean - but could you please try the patch below and let

Bug#615292: chronicle: Issues with rendering UTF-8 characters)

On Sun Feb 27, 2011 at 16:16:48 +0100, Kai Wasserb??ch wrote: Steve Kemp schrieb am 27.02.2011 16:01: I've been careful to open all files in a way which seemed to be clean - but could you please try the patch below and let me know if it helps? sadly not, I'm still getting

Bug#612671: A security issue was recently discovered in cgiirc.

Subject: A security issue was recently discovered in cgiirc. Package: cgiirc Version: Security issue in CGI::IRC Severity: important *** Please type your report below this line *** Michael Brooks (Sitewatch) discovered a reflective XSS flaw in CGI:IRC. Mozilla have assigned CVE-2011-0050 for

Bug#610352: security.debian.org: Recent change of advisory subject unhelpful

On Wed Jan 19, 2011 at 07:27:43 +0100, Thijs Kinkhorst wrote: For the old one I see what package is affected whereas for the new one I cannot. Could you please return to the old subject line? I think this is a good point. Maybe not return to the old subject per se, but moving the

Bug#596212: python-coverage: use externally-packaged jQuery libraries

On Thu Sep 09, 2010 at 20:49:27 +1000, Ben Finney wrote: I've followed the instructions in the README.Debian for ???libjs-jquery??? to use it from HTML files generated by ???python-coverage???, but without success. Right, I think your specific use-case is non-standard and doesn't really

Bug#580817: chronicle: List of tagged entries show up in reverse order

On Sat May 08, 2010 at 18:02:25 -0400, Felipe Sateler wrote: When looking at a /tags/something/, posts are sorted in ascending chronological order (older entries first). This should be the other way around. Please consider using the --recent-tags-first command-line argument, or adding that

Bug#564829: How to turn off all APT security checking?

On Sun Feb 07, 2010 at 00:47:10 +0800, jida...@jidanni.org wrote: I can't take it any more, day after day various incomplete apt-get updates, e.g., bug 564829 and Bug#553533: Seeing BADSIG 9AA38DCD55BE302B frequently. What apt-get -o option can I use to turn off all this security or whatever

Bug#566106: Fails to run filter

On Mon Jan 25, 2010 at 14:10:18 +0100, Guido G?nther wrote: $ perl test.pl 1. Open a pipe, normally group motd 2. Open a pipe, set the mode group motd 3. Open a handle. group motd 4. Open a handle. binmode group motd 5. Last

Bug#566714: ITP: xen-tools -- Tools to manage Xen virtual servers

On Sun Jan 24, 2010 at 19:25:07 +0100, Axel Beckert wrote: I know that upstream stopped development since Steve doesn't use xen-tools (nor xen) anymore. FWIW I support this ITP. I will be happy to give away the code - such that this fork becomes official, and all existing references to

Bug#566106: Fails to run filter

On Thu Jan 21, 2010 at 11:08:39 +0100, Guido G??nther wrote: Failed to run filter: No such file or directory at /usr/bin/chronicle line 2000. # Run the command, reading stdout. # -open( FILTER, $cmd|;utf8 ) or +open( FILTER, $cmd| ) or This will work, but means that

Bug#555272: jquery: embeds prototype.js

The package does include a copy of the prototype library, but it is only used to run the integrated test-suite and is thus not a concern. It is not included in the binary package, just there for a maintainer who wants to fiddle with the package. Steve -- Debian GNU/Linux System

Bug#565358: redis-server: Please consider adding command line completion to redis-cli

Package: redis-server Version: 2:1.2.0-1 Severity: wishlist Tags: +patch *** Please type your report below this line *** It would be useful to add a simple bash completion script to this package to ease use - as the manpage doesn't list options. Sample script attached below which you're

Bug#524772: Looks like this can be closed

Now that we're on 0.83 it looks like this bug may be closed ..? Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact

Bug#562623: Closing as directed

[Closing as directed] Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#562684: ITP: libtext-vimcolor-perl -- syntax color text in HTML or XML using Vim

Package: wnpp Owner: Steve Kemp s...@debian.org Severity: wishlist *** Please type your report below this line *** * Package name: libtext-vimcolor-perl Version : 0.11 Upstream Author : Geoff Richards q...@laxan.com * URL : http://search.cpan.org/dist/Text-VimColor

Bug#561667: RM: xen-tools -- ROM; obsolete, unsupported.

Package: ftp.debian.org Severity: normal *** Please type your report below this line *** Please remove from unstable. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#561666: RM: xen-shell -- ROM; Obsolete - not supported

Package: ftp.debian.org Severity: normal *** Please type your report below this line *** Please remove from unstable release. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#553945: ttylog: Doesn't test length of device.

Package: ttylog Version: 0.1.c-1 Severity: normal *** Please type your report below this line *** The script uses strcpy to copy the specified device name into a fixed buffer. This program isn't a security-sensitive one so the issue is minor, but the bug should be fixed: s...@gold:$

Bug#553948: winkeydaemon: Symlink attack allows creation of arbitrary files

Package: winkeydaemon Version: 1.0.1-3 Justification: user security hole Severity: grave Tags: security *** Please type your report below this line *** This is probably not a hugely exploitable issue, but reporting regardless: winkeydaemon.pl: if (-d /tmp/.winkey) { # ok, no action

Bug#524772: Finish supporting prefork

0.81-1 included prefork, which was usable via editing the init.d script, but couldn't be selected through debconf, because prefork didn't as of 0.81 support listening on multiple interfaces, and hence would have broken some deployed setups. The current release is 0.83, and the changelog

Bug#548684: oping allows reading arbitrary files upon the local system - security issue

Package: oping Version: 1.3.2-1 Justification: user security hole Severity: grave Tags: security *** Please type your report below this line *** oping is setuid root and one of the command line arguments allows a configuration file to be specified. This file is read and *reported* to the

Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds

On Fri Sep 18, 2009 at 13:38:39 +0200, Arnaud Fontaine wrote: I have prepared yesterday a package for Lenny including this patch. At the moment, I'm waiting for a reply from the debian-security team. Great. Don't forget etch to. Thank you very much for the patch and bug report. Did

Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds

On Fri Sep 18, 2009 at 14:06:44 +0200, Arnaud Fontaine wrote: No I didn't, I could not find this discussion, could you please point it me out? As soon as all these issues will have been addressed, I will prepare a package (debian-security team: please do not upload the package for

Bug#546178: Updated patch

The patch doesn't account for case variations, so it shold be updated: + +for i in xrange (len (attrs)): +k,v = attrs[i] +if (( k == src ) or ( k == href ) ) and (v.lower().find(javascript: ) -1 ): +del attrs[i] + return attrs Steve --

Bug#546179: planet-venus: [CVE-2009-2937] - Insufficient escaping of input feeds

Subject: planet-venus: [CVE-2009-2937] - Insufficient escaping of input feeds Package: planet-venus Justification: user security hole Severity: grave Tags: security *** Please type your report below this line *** The planet feed aggregator attempts to remove malicious content from user-submitted

Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds

Subject: planet: [CVE-2009-2937] - Insufficient escaping of input feeds Package: planet Justification: user security hole Severity: grave Tags: security *** Please type your report below this line *** The planet feed aggregator attempts to remove malicious content from user-submitted feeds. It

Bug#545198: Use of uninitialized value

On Sat Sep 05, 2009 at 18:41:36 +0200, Guido G??nther wrote: $ chronicle Use of uninitialized value $site in concatenation (.) or string at /usr/bin/chronicle line 1613. Use of uninitialized value $site in concatenation (.) or string at /usr/bin/chronicle line 1638. at me.

Bug#535481: offlineimap: Error at installation time

Package: offlineimap Version: 6.1.0 Severity: important The upgrade today resulted in this: Setting up libgail-common (2.16.4-1) ... Setting up gtk2-engines-pixbuf (2.16.4-1) ... Setting up libgtk2.0-bin (2.16.4-1) ... Setting up offlineimap (6.1.0) ... Setting up python-gdbm (2.5.2-1.1) ...

Bug#531456: ITP: libmoose-policy-perl -- module to specify your project-wide or even company-wide Moose meta-policy

On Mon Jun 01, 2009 at 19:19:28 +0200, Salvatore Bonaccorso wrote: This is still an release of this module and it should not be considered to be complete by any means. It is very basic implemenation at this point and will implementation would fix that typo. Steve -- Managed Anti-Spam

Bug#530615: ITP: libfile-temp-perl -- return name and handle of a temporary file safely

On Tue May 26, 2009 at 08:11:06 -0300, Brian Cassidy wrote: * Package name: libfile-temp-perl Version : 0.21 Upstream Author : Tim Jenness tjenn...@cpan.org * URL : http://search.cpan.org/dist/File-Temp/ * License : Artistic | GPL-1+ Programming Lang:

Bug#526228: fixed in jquery 1.3.3-1

On Wed May 20, 2009 at 11:56:25 +0200, Steve Langasek wrote: [ Steve Kemp ] * Re-upload with orig.tar.gz file present, unfortunately this means bumping the release number, but that is a small price to pay. (Closes: #526228) Hrm - shouldn't have been. The archive

Bug#526047: [namecheck]: pod documentation formating

On Wed Apr 29, 2009 at 17:00:21 +0100, Adam D. Barratt wrote: The patch looks fine to me; thanks. As we're not upstream for the script, I've BCCed the original author to make him aware of the patch, and in case he has any issues / comments with it. Thanks for the notification, the patch

Bug#519339: ITP: tmux -- an alternative to screen, licensed under 3-BSD

On Thu Mar 12, 2009 at 22:37:41 +0100, Karl Ferdinand Ebert wrote: - a more usable status line syntax, with the ability to display the first line of output of a specific command; That is also possible in GNU Screen. - a cleaner, modern, easily extended, BSD-licensed codebase. That

Bug#518122: Security issue in mantis

Package: mantis Severity: grave Tags: security Version: 1.1.6+dfsg-2 There's a security issue in the mantis version in lenny, at least, which allows registered users to run commands on the server. Details here: http://secunia.com/advisories/32314/ Patch here:

Bug#518122: Acknowledgement (Security issue in mantis)

Looks like I filed this too soon - the bug is fixed in Lenny's package already. Steve -- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#515762: ITP: libjs-jqueryui -- jQuery UI provides abstractions for low-level interaction and animation, advanced effects and high-level, themeable widgets, built on top of the jQuery JavaScript Li

On Tue Feb 17, 2009 at 11:36:11 -0300, Walter Cruz wrote: * Package name: libjs-jqueryui Version : 1.5.3 Upstream Author : Paul Bakaus paul.bak...@gmail.com * URL : http://jqueryui.com/ * License : GPL, MIT/X Programming Lang: JavaScript Description

Bug#515762: ITP: libjs-jqueryui -- jQuery UI provides abstractions for low-level interaction and animation, advanced effects and high-level, themeable widgets, built on top of the jQuery JavaScript Li

On Tue Feb 17, 2009 at 11:52:10 -0300, Walter Cruz wrote: a. renamed to be libjs-jquery-ui Should I fill another ITP? I think there's no need, just rename the package prior to the upload. I don't think people would get too pedantic if you were changing the name to fit in with

Bug#493719: Confirming 493719

On Wed Jan 21, 2009 at 14:22:37 +, brian m. carlson wrote: Brian are you able to test the package uploaded to experimental, version 1.5.19-1? Yes. Great, thanks! That has had a couple of minor IMAP changes relating to handling NULL pointers, and I'd be curious to know if these

Bug#493719: Confirming 493719

Brian are you able to test the package uploaded to experimental, version 1.5.19-1? That has had a couple of minor IMAP changes relating to handling NULL pointers, and I'd be curious to know if these changes fix the bug.. Steve -- http://www.steve.org.uk/ -- To UNSUBSCRIBE, email to

Bug#509581: $sendmail option unconditionally and wrongly uses --

The patch below might prevent this from happening. s...@gold:~/git/mutt/mutt-1.5.19$ diffs --- sendlib.c-orig 2009-01-20 22:57:28.0 + +++ sendlib.c 2009-01-20 22:57:57.0 + @@ -2206,7 +2206,11 @@ args = add_option (args, argslen, argsmax, -R); args =

  1   2   3   4   5   >