Your message dated Sat, 09 Mar 2013 09:04:37 +
with message-id e1uefhl-mn...@franck.debian.org
and subject line Bug#701227: fixed in nagios-nrpe 2.13-3
has caused the Debian Bug report #701227,
regarding nagios-nrpe: CVE-2013-1362: allows the passing of $() as command
arguments to execute
On Fri, Mar 08, 2013 at 11:35:18PM +0100, Christian Britz wrote:
Package: pidgin-audacious
Version: 2.0.0-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
when I try to activate the Pidgin-Audacious plugin in pidgin nothing happens.
When I click on Plugin
On Saturday 09 March 2013, Steinar H. Gunderson wrote:
However, my long-term plan is definitely to build
mpm-itk out-of-tree and a separate source package; if the Debian
Apache maintainers want to include the patches needed, I think
this would make the lives easier for all of us :-)
Yes.
Processing commands for cont...@bugs.debian.org:
tags 702609 + pending
Bug #702609 [pidgin-audacious] pidgin-audacious: Not able to activate
Added tag(s) pending.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
702609:
Package: src:krb5
Version: 1.10.1+dfsg-4
Severity: serious
Tags: security
Dear kerberos maintainers,
I noticed that your recent upload of 1.10.1+dfsg-4 fixed CVE-2013-1415,
but it does not say anything about CVE-2012-1016. Those two
vulnerabilities were fixed in the same upstream release 1.10.4.
Processing commands for cont...@bugs.debian.org:
retitle 702453 missing Replaces/Breaks: gir1.0-clutter-1.0
Bug #702453 [gir1.2-cogl-1.0] update from squeeze to wheezy breaks because of
broken dependencies
Changed Bug title to 'missing Replaces/Breaks: gir1.0-clutter-1.0' from 'update
from
Hi Tim,
thanks for the backtrace!
On Mon, Jan 07, 2013 at 05:54:41PM +, Tim Chadburn wrote:
[..snip..]
Thread 1 (Thread 0xb70d5730 (LWP 6100)):
#0 0xb7fe2424 in __kernel_vsyscall ()
#1 0xb7db9781 in *__GI_raise (sig=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2 0xb7dbcbb2 in
Processing commands for cont...@bugs.debian.org:
tag 659994 -security
Bug #659994 [icedove] [regression] icedove: symbol lookup error:
[...]/libdbusservice.so: undefined symbol: NS_Alloc
Bug #660736 [icedove] Subject: icedove deads on undefined symbol
Bug #691985 [icedove] icedove: aborts on
Processing commands for cont...@bugs.debian.org:
merge 659994 659301
Bug #659994 [icedove] [regression] icedove: symbol lookup error:
[...]/libdbusservice.so: undefined symbol: NS_Alloc
Bug #660736 [icedove] Subject: icedove deads on undefined symbol
Bug #691985 [icedove] icedove: aborts on
On Tue, Feb 21, 2012 at 07:46:04PM +0100, Christoph Goehre wrote:
Hi Ansgar,
On Mi, Feb 15, 2012 at 05:34:45 +0100, Ansgar Burchardt wrote:
since the last security update for icedove, the program does not
start on several computers here. Instead the following error
message is displayed:
Your message dated Sat, 09 Mar 2013 12:48:07 +
with message-id e1uejc3-zh...@franck.debian.org
and subject line Bug#701792: fixed in zeroc-ice 3.4.2-8.2
has caused the Debian Bug report #701792,
regarding PHP extension installed to wrong directory
to be marked as done.
This means that you
Processing control commands:
tags -1 + patch
Bug #702526 [src:ruby1.8] ruby1.8: CVE-2013-1821: entity expansion DoS
vulnerability in REXML
Ignoring request to alter tags of bug #702526 to the same tags previously set
--
702526: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702526
Debian
Control: tags -1 + patch
Hi
Attached is a proposed debdiff, based also on the changes done for
ruby1.9.1. But there is one thing which might be sorted out first:
The binary debdiff shows:
cut-cut-cut-cut-cut-cut-
ri1.8:
[The following lists of
Package: matlab-support
Version: 0.0.18
Severity: serious
in a clean testing chroot:
Setting up matlab-support (0.0.18) ...
No matlab found and maybe running in non-interactive mode. No way out --
failing...
dpkg: error processing matlab-support (--configure):
subprocess installed
Control: tags -1 + patch
Le samedi 09 mars 2013 à 14:18 +0100, Julian Taylor a écrit :
Package: matlab-support
Version: 0.0.18
Severity: serious
in a clean testing chroot:
Setting up matlab-support (0.0.18) ...
No matlab found and maybe running in non-interactive mode. No way out --
Processing control commands:
tags -1 + patch
Bug #702637 [matlab-support] matlab-support: fails to install in clean chroot
Added tag(s) patch.
--
702637: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702637
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To
notfound 642750 src:linux/3.5.5-1~experimental.1
notfixed 642750 linux-image-3.0.0-2-mckinley/3.0.0-5
notfixed 642750 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1
fixed 642750 3.2.35-2
thanks
The problem with GDB does no longer occur with Kernel 3.2.35-2. I
don't have a clue why.
Processing commands for cont...@bugs.debian.org:
notfound 642750 src:linux/3.5.5-1~experimental.1
Unknown command or malformed arguments to command.
notfixed 642750 linux-image-3.0.0-2-mckinley/3.0.0-5
Bug #642750 {Done: Michael Gilbert mgilb...@debian.org} [src:webkit]
epiphany-browser:
Package: cil
Version: 0.07.00-4
Severity: serious
Justification: FTBFS
Usertags: goto-cc
The package fails to build as no test can be run:
Test Summary Report
---
t/00_files.t (Wstat: 512 Tests: 0 Failed: 0)
Non-zero exit status: 2
Parse errors: No plan found in TAP output
But should it exit nicely if no matlab is present???
Absent matlab == matlab cannot be supported == error in my vision of
how things should be handled in this package. Having it installed
without error should provide some guarantee that Matlab is present so
that dependent packages could rely on
On Sat, 09 Mar 2013, Julian Taylor wrote:
also it has dozens of upgrade and installation failures in ubuntu,
probably not relevant for Debian, but it sheds a bad light on the
quality of the package.
in Ubuntu...
Meanwhile, this package in Debian has only following bugs:
Status
2
On 09.03.2013 15:19, Yaroslav Halchenko wrote:
But should it exit nicely if no matlab is present???
Absent matlab == matlab cannot be supported == error in my vision of
how things should be handled in this package. Having it installed
without error should provide some guarantee that Matlab
I'm sorry. Wrong bug number.
Please, ignore my message.
Stephan
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processing commands for cont...@bugs.debian.org:
notfixed 642750 3.2.35-2
Bug #642750 {Done: Michael Gilbert mgilb...@debian.org} [src:webkit]
epiphany-browser: *HIGHLY* unstable on ia64 (IA-64/IPF/Itanium) platform
The source 'webkit' and version '3.2.35-2' do not appear to match any binary
notfound 691576 src:linux/3.5.5-1~experimental.1
notfixed 691576 linux-image-3.0.0-2-mckinley/3.0.0-5
notfixed 691576 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1
fixed 691576 3.2.35-2
thanks
The problem with GDB does no longer occur with Kernel 3.2.35-2. I
don't have a clue why.
Processing commands for cont...@bugs.debian.org:
notfound 691576 src:linux/3.5.5-1~experimental.1
Unknown command or malformed arguments to command.
notfixed 691576 linux-image-3.0.0-2-mckinley/3.0.0-5
Bug #691576 [src:linux] GDB stops with sigtrap at 0 address on ia64 wheezy
The source
Hi,
On request of openssl upstream I've put a version of the package
online which is staticly linked against the openssl libraries
and has debug info.
There seem to be various people who run into this problem, but
we seem to be unable to reproduce it on any of our systems.
It's available from:
Your message dated Sat, 09 Mar 2013 14:47:44 +
with message-id e1uel3o-pt...@franck.debian.org
and subject line Bug#702609: fixed in pidgin-audacious 2.0.0-3
has caused the Debian Bug report #702609,
regarding pidgin-audacious: Not able to activate
to be marked as done.
This means that
Processing commands for cont...@bugs.debian.org:
forcemerge 702374 702653
Bug #702374 [postfix] postfix: get message Relay Access Denied, when using SASL
Bug #702653 [postfix] new upstream version broke relay_clientcerts
Severity set to 'grave' from 'important'
Merged 702374 702653
thanks
Your message dated Sat, 09 Mar 2013 16:11:19 +
with message-id 1362845479.3768.495.ca...@deadeye.wl.decadent.org.uk
and subject line Re: Bug#691576: GDB stops with sigtrap at 0 address on ia64
wheezy
has caused the Debian Bug report #691576,
regarding GDB stops with sigtrap at 0 address on
Package: matlab-support
Version: 0.0.18
Severity: serious
when you use the readline frontend the matlab-support package
installation gets stuck in an uninterruptable question loop asking for
the location of matlab:
DEBIAN_FRONTEND=readline
apt-get install matlab-support
Location of MATLAB
On Wednesday 06 March 2013, Cédric Boutillier wrote:
I adapted the patch from upstream and applied it to the version of
libopenid-ruby currently in squeeze.
Attached is the debdiff with a possible 2.1.8debian/1+squeeze1
targetting squeeze if accepted by the security team.
Thanks for your
On Fri, Mar 08, 2013 at 07:39:32 +0100, Yves-Alexis Perez wrote:
I've built a package including the patch pointed by Josselin. Could
someone test it and report back as I don't have an http-based
syncevolution setup.
Hi,
I already prepared a -2 version with several fixes, including the
Yes it would be great to have bugs fixed in Debian too, especially if they get
reported on Debian systems... as for this particular one I consider it a
feature :-)
Keep us updated on what you figure out
--
Sent from a phone which beats iPhone.
--
To UNSUBSCRIBE, email to
On 2013-03-08 22:25:46, Antoine Beaupré wrote:
I really wonder what to do at this point. I can certainly upload the 2.0
version to experimental to allow people to test this more thoroughly
(but then again, it's just once C file, easy enough to test). But I
don't feel those bugs are serious
Processing control commands:
tags -1 + moreinfo
Bug #702658 [matlab-support] matlab-support: uninteruptable prompt on
installation with readline
Added tag(s) moreinfo.
--
702658: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702658
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Control: tags -1 + moreinfo
Hi,
On Sat, Mar 9, 2013 at 5:32 PM, Julian Taylor jtaylor.deb...@googlemail.com
wrote:
entering an empty string does not cancel the prompt.
Other frontends are probably ok, they offer a cancel option.
I can't replicate this. I installed the package, the prompt
On Sat, 09 Mar 2013, Julian Taylor wrote:
DEBIAN_FRONTEND=readline
apt-get install matlab-support
Location of MATLAB installation(s): ...
entering an empty string does not cancel the prompt.
Other frontends are probably ok, they offer a cancel option.
and now I started to wonder on what is
On Sat, 09 Mar 2013, Michael Hanke wrote:
entering an empty string does not cancel the prompt.
Other frontends are probably ok, they offer a cancel option.
I can't replicate this. I installed the package, the prompt comes up, I
press Ctrl-C and I am back at the prompt.
yeah
Hi,
On Sat, Mar 9, 2013 at 2:57 PM, Sébastien Villemot sebast...@debian.orgwrote:
The attached patch allows the package to install nicely even if MATLAB
is not present. Otherwise people who install the package by accident end
up with a dpkg error.
Julian: please confirm that it fixes the
On 09.03.2013 18:26, Michael Hanke wrote:
Hi,
I see the problem, but I am not convinced this change is the solution.
Installing this package is pointless without Matlab, it should not be
pulled in as a dependency unless
a package gets installed that requires matlab.
If we make this
On 09.03.2013 18:21, Yaroslav Halchenko wrote:
On Sat, 09 Mar 2013, Michael Hanke wrote:
entering an empty string does not cancel the prompt.
Other frontends are probably ok, they offer a cancel option.
I can't replicate this. I installed the package, the prompt comes up, I
On Sat, 09 Mar 2013, Julian Taylor wrote:
yeah -- as I just wrote, Ctrl-C works on the main machine but is of no
effect in chroot (tried on our neurohydra in nd+wheezy chroot)
we have a few reports in ubuntu of uninteruptable prompts:
On Sat, 2013-03-09 at 18:45 +0100, Julian Taylor wrote:
A problem with failing the installation if matlab is missing is that it
prevents migration from Ubuntus proposed repository to the main one.
Migration requires that it installs and does also not make other
packages uninstallable.
E.g.
On 09.03.2013 19:10, Adam D. Barratt wrote:
On Sat, 2013-03-09 at 18:45 +0100, Julian Taylor wrote:
A problem with failing the installation if matlab is missing is that it
prevents migration from Ubuntus proposed repository to the main one.
Migration requires that it installs and does also not
Hi Tzafrir!
Are there news on this?
I have noticed that in the svn repository for asterisk there is
already:
asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high
* Patches backported from Asterisk 1.8.19.1 (Closes: #697230):
- Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to
Am 09.03.2013 19:10 schrieb Adam D. Barratt a...@adam-barratt.org.uk:
On Sat, 2013-03-09 at 18:45 +0100, Julian Taylor wrote:
A problem with failing the installation if matlab is missing is that it
prevents migration from Ubuntus proposed repository to the main one.
Migration requires that
Hi,
sorry for the delay but attached is the diff for the stable update. This
addrsses #701649 (CVE-2013-1766) as well as #699224 (kind of
CVE-2013-0170). Is this enough for the security team to issue the DSA?
Let me know if I can help further.
Cheers,
-- Guido
diff --git a/debian/README.Debian
On Wed, 2013-03-06 at 22:31 +0100, Michael Biebl wrote:
I think something like this should do:
if [ $1 = upgrade ] dpkg --compare-versions $2 lt 3.3.5-3; then
..
fi
Done.
On Thu, 2013-03-07 at 15:53 +0100, Gergely Nagy wrote:
I checked just now, and some things were picked from the
Processing control commands:
tags -1 - patch
Bug #702637 [matlab-support] matlab-support: fails to install in clean chroot
Removed tag(s) patch.
--
702637: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702637
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To
Control: tags -1 - patch
Le samedi 09 mars 2013 à 18:26 +0100, Michael Hanke a écrit :
On Sat, Mar 9, 2013 at 2:57 PM, Sébastien Villemot
sebast...@debian.org wrote:
The attached patch allows the package to install nicely even
if MATLAB
is not present. Otherwise
Package: typo3
Version: 4.3.9+dfsg1-1+squeeze7
Severity: grave
Tags: security, upstream
Hi,
It has been discovered that TYPO3 Core is susceptible to SQL Injection
and Open Redirection.
Here is the relevant information:
Processing commands for cont...@bugs.debian.org:
reassign 702669 typo3-src
Bug #702669 [typo3] TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection
in TYPO3 Core
Bug reassigned from package 'typo3' to 'typo3-src'.
No longer marked as found in versions typo3-src/4.3.9+dfsg1-1+squeeze7.
❦ 3 mars 2013 00:28 CET, Holger Levsen hol...@layer-acht.org :
Here is my proposition:
http://anonscm.debian.org/gitweb/?p=pkg-roundcube/roundcube.git;a=commitd
iff;h=15f5a10444c9d4c8bf7b3e83a82dd6f9e2a4b384
seems right, yes, but it misses a pointer to instructions how to upgrade to a
Processing commands for cont...@bugs.debian.org:
severity 657898 serious
Bug #657898 [bugzilla3] bugzilla3: Minor updates should not require package to
be reconfigured
Severity set to 'serious' from 'important'
stop
Stopping processing here.
Please contact me if you need assistance.
--
On 09/03/13 22:43, Carlos Alberto Lopez Perez wrote:
It has been discovered that TYPO3 Core is susceptible to SQL Injection
and Open Redirection.
Here is the relevant information:
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
A CVE number was
Processing commands for cont...@bugs.debian.org:
found 702669 4.3.9+dfsg1-1+squeeze7
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
Processing commands for cont...@bugs.debian.org:
found 702669 4.3.9+dfsg1-1+squeeze7
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
Processing commands for cont...@bugs.debian.org:
# only applies to version in experimental, hence can't be of RC severity
severity 699611 important
Bug #699611 [xymon] xymon: fails to install: chown: invalid user: 'xymon:xymon'
Severity set to 'important' from 'serious'
thanks
Stopping
Package: fritzing
Version: 0.7.10b-1
Severity: serious
Tags: patch upstream
Justification: fails to build from source (but built successfully in the past)
On arm*, qreal != double. See the attached patch for a fix. Also, already
sent upstream. See:
Sebastian Ramacher dixit:
Anyway, signals intermixed with ncurses is very much out of my comfort
zone. Maybe Thorsten (CCed) can provide additional input on those issues.
Sorry, no, no practical experience either way, but it did raise
all alarm bells here while reading it.
bye,
//mirabilos
--
On Sun, Mar 3, 2013 at 8:42 AM, gregor herrmann gre...@debian.org wrote:
On Sat, 02 Mar 2013 19:12:32 -0500, Andres Mejia wrote:
I just rebuilt bsaf on my machine that has the DISPLAY environment variable
set and
In a chroot or in the normal environment?
The normal environment.
on a sid
Processing commands for cont...@bugs.debian.org:
severity 690152 important
Bug #690152 [src:bsaf] bsaf: FTBFS: Test
org.jdesktop.application.TaskMonitorTest failed
Severity set to 'important' from 'serious'
tags 690152 unreproducible
Bug #690152 [src:bsaf] bsaf: FTBFS: Test
Hi Felix,
Felix Geyer wrote (02 Mar 2013 18:53:25 GMT) :
I'm not the initial author of KeePassX 0.4. I only took over
maintenance at some point
Thanks for maintaining it!
so I don't know for sure where all icons come from.
Though I've gone through all of the icons.
You simply rock, much
64 matches
Mail list logo