Control: close #1063369
Hi,
Marc Haber schrieb am 07.02.2024 15:08 (GMT +01:00):
> On Tue, Feb 06, 2024 at 10:22:35PM +0100, Timo Sigurdsson wrote:
>> Package: aide
>> Version: 0.18.3-1+deb12u2
>
> Just for the record: Changing this in bookworm won't happen.
>
>&g
Package: aide
Version: 0.18.3-1+deb12u2
Severity: normal
Dear Maintainers,
since Debian Bookworm, aide refuses to send emails by default if s-nail is not
installed. The documentation (README.Debian.gz in aide-common) falsely claims
that /usr/lib/sendmail requires suid and that this affects
Dear maintainers,
could you please also backport the fix for this issue to the current stable
distribution via the proposed-updates channel? The next point release for
bookworm is scheduled for October 7. I really hope the fix for this annoying
issue makes it into the next point release.
Hi,
Salvatore Bonaccorso schrieb am 12.09.2023 21:13 (GMT +02:00):
> Hi Timo,
>
> On Tue, Sep 12, 2023 at 01:39:59PM +0200, Timo Sigurdsson wrote:
>> Hi Pablo,
>>
>> Pablo Neira Ayuso schrieb am 12.09.2023 00:57 (GMT +02:00):
>>
>> > Hi Timo,
>
Hi,
Florian Westphal schrieb am 12.09.2023 12:27 (GMT +02:00):
> Linux regression tracking (Thorsten Leemhuis)
> wrote:
>> On 12.09.23 00:57, Pablo Neira Ayuso wrote:
>> > Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
>> > kernel check that rejects adding rules to bound
Hi Pablo,
Pablo Neira Ayuso schrieb am 12.09.2023 00:57 (GMT +02:00):
> Hi Timo,
>
> On Mon, Sep 11, 2023 at 11:37:50PM +0200, Timo Sigurdsson wrote:
>> Hi,
>>
>> recently, Debian updated their stable kernel from 6.1.38 to 6.1.52
>> which broke nftables rule
Hi,
recently, Debian updated their stable kernel from 6.1.38 to 6.1.52 which broke
nftables ruleset loading on one of my machines with lots of "Operation not
supported" errors. I've reported this to the Debian project (see link below)
and Salvatore Bonaccorso and I identified "netfilter:
Hi Salvatore,
Salvatore Bonaccorso schrieb am 11.09.2023 22:20 (GMT +02:00):
> Bisected the issue:
>
> $ git bisect log
> git bisect start
> # status: waiting for both good and bad commits
> # good: [61fd484b2cf6bc8022e8e5ea6f693a9991740ac2] Linux 6.1.38
> git bisect good
Hi,
Salvatore Bonaccorso schrieb am 10.09.2023 12:21 (GMT +02:00):
> Would it be possible to provide a minimal set of rules triggering the
> issue? Can you reproduce the issue with the official build?
So, I did some more testing on a different machine running the official build.
My findings so
Package: linux
Version: 6.1.52-1
Severity: grave
Dear Maintainers,
linux-image-6.1.0-12-amd64 causes a serious regression in nftables. After
upgrading one of my machines, nftables fails to start - leaving the system
without an active firewall.
Doing
`nft -cf /etc/nftables.conf'
throws many
tags 1038243 confirmed patch fixed-upstream
thanks
I can confirm this bug. I also stumbled over this after upgrading a machine
from Bullseye to Bookworm. I can also confirm that the upstream fix (commit
d7e77611) [1] on top of the unbound package currently found in Debian Bookworm,
1.17.1-2,
Package: logwatch
Version: 7.5.5-1
Severity: important
Dear Maintainer,
I recently discovered that logwatch did not report a systemd service
(snapper-timeline.service) that failed repeatedly on my system. Looking through
the script
/usr/share/logwatch/scripts/services/systemd
I determined that
Hi,
I've encountered this bug on several machines after upgrading to the latest
stable release (bullseye). Could you please backport this fix to bullseye so it
can be fixed in a point release? Thank you!
Regards,
Timo
Hi again,
RDS schrieb am 18.10.2021 18:42 (GMT +02:00):
> Doing the dishes just now, I thought of a possible relatively simple and
> "reasonable" tinyproxy-only deterministic solution:
>
> Add a Boolean key-pair to tinyproxy's config, call it something like
> 'letHostManageStops', setting it to
P.S. Somehow the bug tracker was lost in conversation, so adding it back.
Hi,
thanks for taking the time to reply on this old issue. Let me respond to a
couple of your remarks and statements:
RDS schrieb am 18.10.2021 18:03 (GMT +02:00):
> [...}
> At some point in my convo with Mike I said I
Package: tinyproxy
Version: 1.10.0-5
Severity: normal
Dear Maintainer,
after installing tinyproxy for the first time on Debian 11.1 (bullseye), I
looked at the defaults or environment file /etc/default/tinyproxy. It contains
the following comment:
> # If running under systemd, please make sure
Package: tinyproxy
Version: 1.10.0-5
Severity: important
Dear Maintainer,
I installed tinyproxy on an up-to-date Debian 11.1 (bullseye) installation. I'm
seeing the issue that was reported in bug #968322 and later claimed to be fixed
in version 1.10.0-5 (which I run) both with the default
Hi,
I was also unpleasently surprised that rsnapshot is not in Bullseye and there's
no mention of it in the release notes either. I don't how the process or rules
in Debian are for such a case, but please find a way to either reintroduce
rsnapshot into the stable distribution or at least
Source: u-boot
Package: u-boot-sunxi
Version: 2021.01+dfsg-5
Severity: wishlist
Hi,
the current u-boot-packages (at least up to 2021.07+dfsg-1 in experimental)
lack btrfs support which makes it impossible to boot from a btrfs partition –
even though u-boot itself has btrfs support, it's just
Package: gpg-agent
Version: 2.2.27-2
I can confirm this issue. It still occurs on the newly released stable
distribution (bullseye).
Linking /usr/lib/gnupg/scdaemon to /usr/bin/false works around the issue, but
since I don't know whether that could have unwanted sideeffects, I'd very much
Hi,
just a heads up, the proposed update to clamav that will probably reach stable
this weekend, introduces a regression. clamdscan segfaults when called with the
options --fdpass and --multiscan and if you have the ExcludePath option set in
your clamd.conf.
I submitted a bug report about 6
Sorry, I just saw that I mangled the option names in the subject. It should
have been:
Regression: clamdscan segfaults with --fdpass --multiscan and ExcludePath in
clamd.conf
Thanks!
Package: clamav
Version: 0.103.2+dfsg-0+deb10u1
Severity: important
Dear Maintainer,
since the latest upgrade to 0.103.2+dfsg-0+deb10u1 clamdscan segfaults
immediately when called with both --fdpass and --multiscan and when the
ExcludePath option is used in clamd.conf. Ubuntu was hit by the same
the cronjob is run.
Please note, that this patch only applies cleanly if my patch sent for bug
#883263 is applied first. But technically it's not required as it's just the
context that is different.
Regards,
Timo>From 36864b49b56b20198ee01f302ebdedd3e15c9d58 Mon Sep 17 00:00:00 2001
From: T
.
Regards,
Timo
>From 16966e16c7d79148dbe8676b38ff24f050b3 Mon Sep 17 00:00:00 2001
From: Timo Sigurdsson
Date: Fri, 17 Apr 2020 19:05:33 +0200
Subject: [PATCH] Fix Debian etckeeper bug #883263.
---
cron.daily/etckeeper | 5 +
1 file changed, 5 insertions(+)
diff --git a/cron.da
Hi,
please don't mix up the these two etckeeper bugs:
#883263: Please don't start both cron job and systemd.timer
#884824: etckeeper: daily autocommit is run even though
AVOID_DAILY_AUTOCOMMITS=1
They may exhibit the same symptoms in a specific configuration, but they are
seperate issues. Luca
Hi Sascha,
Sascha Steinbiss schrieb am 22.03.2020 15:49 (GMT +01:00):
> Hi Timo,
>
> [...]
>> I would appreciate if you could consider adding this patch to the suricata
>> package in the current stable release (buster) as the inabilitiy to drop root
>> privileges may have severe security
:
ii python 2.7.16-1
pn snort-rules-default
pn suricata-oinkmaster
Versions of packages suricata suggests:
pn libtcmalloc-minimal4
-- no debconf information>From 987c80cb4222e605fc98debd40694fbea49f3173 Mon Sep 17 00:00:00 2001
From: Timo Sigurdsson
Date: Tue, 11 Feb 2
Package: dhcpcd5
Version: 7.1.0-1
Severity: serious
Tags: security upstream fixed-upstream
Dear Maintainer,
another week - another bug ;) Upstream released version 7.2.2 of dhcpcd5 fixing
another potential security issue in DHCPv6. All versions currently supported in
Debian (jessie, stretch,
Package: dhcpcd5
Version: any
Severity: serious
Dear Maintainer,
upstream released a new version of dhcpcd5 fixing three security issues. All
versions currently found in Debian (jessie, stretch, buster, sid) are
vulnerable to at least two of these issues, according to the announcement on
Package: unbound
Version: 1.9.0-2
Severity: normal
Dear Maintainer,
after upgrading unbound from 1.8.1-1 to 1.9.0-2, I noticed that reloading
unbound via systemctl (or unbound-control reload) does not work anymore.
Unbound complains that remote-control is not enabled. I looked at the changes
Package: needrestart
Version: 2.11-3+deb9u1
Severity: normal
Dear Maintainer,
please consider blacklisting networking.service in needrestart.conf similar to
NetworkManager or other networking related services.
After the upgrade to the stable point release 9.8 which included updates to
libc, I
Hi Cyril,
Cyril Brulebois schrieb am 18.02.2019 17:09:
> Based on this suggestion and Julien's suggested patch on IRC a couple
> hours ago, I've tested the attached patch successfully (as in: from a
> busy loop in qemu-system-arm to the “expected” kernel panic, as
> discussed in another
Hi,
On Mon, 18 Feb 2019 11:28:10 +, Neil Williams wrote:
> Is it feasible to have a script in devscripts or similar which maps the
> version of the kernel *Candidate* to KernelCI URLs for the same
> version?
>
> Can we correlate Debian kernel versions to something like
>
Hi,
Cyril Brulebois schrieb am 17.02.2019 19:38:
> Hi folks,
>
> Jürgen Löb (2019-02-16):
>> Package: linux-image-4.9.0-8-armmp-lpae
>> Version: 4.9.144-3
>> Severity: serious
>>
>> Updated my Lamobo R1 board with apt update;apt upgrade
>>
>> After the update uboot is struck at "Starting
Hi,
I've also been hit by this bug on two systems (both are Lemaker Bananapi). The
first system upgraded the kernel via unattended-upgrades and failed to come up
after reboot. I don't have a serial cable, but I did hook up the board to a
HDMI display. U-Boot loads the kernel, dtb and initramfs
Hi,
I would like to chime in here and second the request of exposing the systemd
notify socket inside the chroot.
However, I believe the patch is not fully correct. With the proposed patch,
mounting of the notify socket is done unter the condition that $CHROOT_DIR and
$UNBOUND_BASE_DIR are
Hi,
thanks for addressing this bug.
But will this fix be backported to stable? I haven't seen an update in the
proposed-updates queue yet. However, given that this issue affects the core
functionality of the package, I'm inclined to think that a backport to stable
is warranted.
Kind regards,
Package: irqbalance
Version: 1.1.0-2.3
Severity: important
Dear Maintainer,
I noticed that irqbalance in Debian Stretch does not correctly balance
interrupts across CPU cores in the defualt configuration, i.e. the first CPU
core is ignored. This is due to a bug in the parsing of CPU masks that
Dear Fumiyasu,
> Have you tried systemd-networkd-wait-online.service(8)
Not really. I tried it briefly yesterday and the unit fails as it requires
networkd.service which is not by default enabled in Debian Stretch. So, that
doesn't help unless I migrate to networkd which I'm reluctant to do at
FYI, I also filed a bug report upstream since the same code is found in the
current upstream git master branch as well:
https://bugs.isc.org/Public/Bug/Display.html?id=45874
Package: isc-dhcp-client
Version: 4.3.5-3
Severity: normal
Dear Maintainer,
I noticed that dhclient-script does not honor the executability flag of
either /etc/dhcp/dhclient-{enter,exit}-hooks or files inside the directories
/etc/dhcp/dhclient-{enter,exit}-hooks.d/ and will execute even
Package: samba
Version: 2:4.5.8+dfsg-2+deb9u1+b1
Severity: normal
Dear Maintainer,
I noticed that adding the smb.conf options
interfaces = lo enp2s0
bind to interfaces only = yes
renders samba unusable.
What happens is that smbd is being started too early (before my ethernet
interface
43 matches
Mail list logo
