instruction will halt emulation.
[1] http://www.debian.org/security/2007/dsa-1284
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424070
Jamie Strandboge
diff -u kvm-66+dfsg/debian/changelog kvm-66+dfsg/debian/changelog
diff -u kvm-66+dfsg/debian/patches/series kvm-66+dfsg/debian/patches/series
Package: vorbis-tools
Version: 1.2.0-1.1
Severity: grave
Tags: patch security
Justification: user security hole
User: [EMAIL PROTECTED]
Usertags: origin-ubuntu hardy ubuntu-patch
vorbis-tools contains embedded speex code, and although vorbis-tools is linked
to libspeex, it compiles the vulnerable
Package: vim
Version: 1:7.1.314-2
Severity: grave
Tags: security
Justification: user security hole
Forwarding the following, which was just pointed out to me:
http://www.rdancer.org/vulnerablevim.html
http://www.reddit.com/r/programming/info/6ng40/comments/
--
To UNSUBSCRIBE, email to [EMAIL
These should all be fixed now according to:
http://groups.google.com/group/vim_dev/tree/browse_frm/month/2008-06/6d7899eac89aa333?rnum=131_done=%2Fgroup%2Fvim_dev%2Fbrowse_frm%2Fmonth%2F2008-06%3F#doc_9bb6550f4f955f04
Also, 7.1.314 is supposedly mostly not affected, but I did find these commits:
/openvpn/+bug/230197
Jamie Strandboge
diff -u openvpn-2.1~rc7/init.c openvpn-2.1~rc7/init.c
--- openvpn-2.1~rc7/init.c
+++ openvpn-2.1~rc7/init.c
@@ -1430,6 +1430,7 @@
do_init_crypto_tls_c1 (struct context *c)
{
const struct options *options = c-options;
+ SSL *ssl;
if (!c-c1.ks.ssl_ctx
/trac/boost/changeset/42745
+
+ -- Jamie Strandboge [EMAIL PROTECTED] Tue, 15 Jan 2008 18:22:26 +
+
boost (1.34.1-2.2) unstable; urgency=low
* Non-maintainer upload.
only in patch2:
unchanged:
--- boost-1.34.1.orig/boost/regex/v4/basic_regex_parser.hpp
+++ boost-1.34.1/boost/regex/v4
Package: sudo
Version: 1.7.2p1-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lucid ubuntu-patch
In Ubuntu, we've applied the attached patch to achieve the following:
* SECURITY UPDATE: properly verify path for the 'sudoedit' pseudo-command
in
Package: jabberd2
Version: 2.2.8-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lucid ubuntu-patch
In Ubuntu, we've applied the attached patch to achieve the following:
* debian.control: Build-Depends on libgcrypt11-dev to fix FTBFS
(LP: #538126)
Package: xmlrpc-c
Version: 1.06.27-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch
In Ubuntu, we've applied the attached patch to achieve the following:
* SECURITY UPDATE: fix DoS via malformed XML
-
Package: ntp
Version: 1:4.2.4p6+dfsg-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch
In Ubuntu, we've applied the attached patch to achieve the following:
* SECURITY UPDATE: fix DoS with mode 7 (MODE_PRIVATE) packets
-
at 1.16.07-1 from experimental and not 1.06.27-1 from
unstable?
Jamie
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
Package: mediatomb
Version: 0.12.0~svn2018-6
Severity: grave
Tags: security
Justification: user security hole
This bug was reported to Ubuntu via Launchpad:
https://launchpad.net/bugs/569763
From the upstream documentation:
at http://mediatomb.cc/pages/documentation#id2856362:
The server has an
Package: cron
Version: 3.0pl1-105
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu jaunty ubuntu-patch
Hi,
I was reviewing a list of old bugs in the Ubuntu bug tracker, and came across:
Package: apt
Version: 0.7.20.2
Severity: grave
Tags: security patch
Justification: user security hole
The following is also being sent to oss-secur...@lists.openwall.com for
a CVE request.
Summary
---
Systems in certain timezones with automatic updates enabled won't be
upgraded on the first
Package: opensc
Version: 0.11.13-1
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: specially crafted
Package: backuppc
Version: 3.2.1-1
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: XSS in CGI/View.pm
FYI, this now has a CVE (CVE-2011-4103) amd looks to be fixed in
0.2.2-2:
python-django-piston (0.2.2-2) unstable; urgency=low
[ Michael Ziegler ]
* Bump Standards Version to 3.9.2.
* Remove reference to /usr/share/common-licenses/BSD and strip trailing
whitespace in copyright.
* Fix
://bugs.launchpad.net/ubuntu/+source/ufw/+bug/947224
and fixed in 0.31. I will be preparing an upload for Debian soon.
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
Package: honeyd
Version: 1.5c-8
Followup-For: Bug #632484
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch
*** /tmp/tmpNjoEKf
In Ubuntu, the attached patch was applied to achieve the following:
[ Steve Langasek ]
* configure.in: Fix wrong attempt to use
to /bin/dash
--- oprofile-0.9.6.orig/debian/patches/0005-add-back-error_if_not_basename.patch
+++ oprofile-0.9.6/debian/patches/0005-add-back-error_if_not_basename.patch
@@ -0,0 +1,19 @@
+Author: Jamie Strandboge ja...@canonical.com
+Description: add back error_if_not_basename() which was removed
Package: t1lib
Version: 5.1.2-3.4
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch
Dear Maintainer,
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: fix
Package: libxml2
Version: 2.7.8.dfsg-5.1
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch
Dear Maintainer,
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY
Package: libnss3-1d
Version: 3.12.8-1+squeeze6
Severity: grave
Tags: security
Justification: user security hole
-- System Information:
Debian Release: 6.0.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Versions of packages libnss3-1d depends on:
ii libc6
Package: raptor
Version: 1.4.21-7
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch
Dear Maintainer,
While 1.4.21-7 claims to fix CVE-2012-0037, it does not because
debian/patches/series was not
Package: backuppc
Version: 3.2.1-2
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch
Dear Maintainer,
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: XSS
-06 16:15:25.0 -0500
@@ -0,0 +1,18 @@
+Author: Jamie Strandboge ja...@canonical.com
+Description: require SSL certificate validation by default by using
+ CERT_REQUIRED and using the system /etc/ssl/certs/ca-certificates.crt
+Bug-Ubuntu: https://launchpad.net/bugs/1047054
+
+Index: python
FYI,
Ubuntu fixed this here:
http://www.ubuntu.com/usn/usn-1911-1/
Attached is the debdiff used for Ubuntu 12.04 LTS, which is based on Debian's
2.2+git20110628-2.
--
Jamie Strandboge http://www.ubuntu.com/
diff -Nru lcms2-2.2+git20110628/debian/changelog
lcms2-2.2
Thanks for the bug and I'll get this fixed in the next upload. Note that in the
normal upgrade case, python-ufw will not be pulled in as part of the upgrade
because ufw itself does not depend on it so it doesn't get pulled in as part of
the upgrade (which is why I've not seen this bug before
Package: openjdk-6
Version: 6b30-1.13.1-1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch
Dear Maintainer,
In preparing security updates for older releases
/amd64/ufw_0.34-1.build1.log.gz
Huh, this worked in a sid schroot and in the Ubuntu sync to wily. I'll take a
look and get this fixed up. Thanks for the report!
--
Jamie Strandboge http://www.ubuntu.com/
signature.asc
Description: OpenPGP digital signature
pn python3:any
> ii ucf3.0035
>
> ufw recommends no packages.
>
> Versions of packages ufw suggests:
> ii rsyslog 8.16.0-1
>
> -- debconf information excluded
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
e if I
> should delay it longer.
>
> Regards.
Thanks! This looks good to me.
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
On Sun, 2017-01-08 at 07:39 -0600, Jamie Strandboge wrote:
> On Thu, 2016-12-29 at 09:10 +, Chris Lamb wrote:
> > Command '--dry-run allow ssh/udp' exited with '1', but expected '0'
> > ** FAIL **
FYI, this is now fixed in trunk and this will be fixed in 0.35-3 which w
hon3.6 (3.6.5~rc1-2) unstable; urgency=medium
>
> * python3.6: Drop dependency on python3-distutils.
> ...
> -- Matthias Klose <d...@debian.org> Tue, 20 Mar 2018 14:29:58 +0800
Thanks for reporting this issue. I've prepared 0.35-6 to address this
issue and it should be
On Thu, 01 Nov 2018, Karlheinz Geyer wrote:
> Hi Jamie,
> thx vm for ur reply...
>
> Jamie Strandboge [01.11.2018 13.34.36 -0500]:
>
> > What is the output of:
> >
> > $ sudo /usr/share/ufw/check-requirements
>
> # /usr/share/ufw/check-requirement
What is the output of:
$ sudo /usr/share/ufw/check-requirements
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: PGP signature
rrent upstream mechanisms have proved 'ok enough'.
I'll speculate and say this probably has something to do with the fact that the
@{XDG_*_DIR} variables aren't widely used in system-shipped policy and what is
left is sysadmin created policy and if the sysadmin is writing the policy, the
man page is likely consulted.
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: PGP signature
e 10.2018112800
> ii python33.7.2-1
> ii ucf3.0038+nmu1
>
> ufw recommends no packages.
>
> Versions of packages ufw suggests:
> ii rsyslog 8.40.0-1+b1
>
> -- debconf information:
> ufw/existing_configuration:
> ufw/allow_known_ports:
> ufw/enable: false
> ufw/allow_custom_ports:
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: PGP signature
On Fri, 06 Dec 2019, Antonio Terceiro wrote:
> Package: ufw
> Version: 0.36-1
> Severity: grave
> Justification: renders package unusable
>
> This started since the latest upgrade of iptables (1.8.4). Reverting to
> 1.8.3 (testing) makes it work again.
>
> This is the contents of the journal
d to build
> on amd64.
Thanks for the report! Yes, this is known and the fix queued. I was
recently approved for Debian Maintainer and will do this as soon as I'm
given upload permissions (key added, in process of getting someone to
run dcut for me).
--
Jamie Strandboge | http://www.canonical.com
On Wed, 26 Feb 2020, Jamie Strandboge wrote:
> Thanks for the report! Yes, this is known and the fix queued. I was
> recently approved for Debian Maintainer and will do this as soon as I'm
> given upload permissions (key added, in process of getting someone to
> run dcut for me).
I u
On Tue, 03 Sep 2019, Jamie Strandboge wrote:
> On Fri, 30 Aug 2019, Matthias Klose wrote:
>
> > Package: src:ufw
> > Version: 0.36-1
> > Severity: normal
> > Tags: sid bullseye
> > User: debian-pyt...@lists.debian.org
> > Usertags: py2removal
>
&
On Tue, 21 Jan 2020, Paul Aurich wrote:
> Package: ufw
> Version: 0.36-1
> Severity: grave
> Justification: renders package unusable
>
> ufw fails to start with iptables 1.8.4-2, even after #946289 is fixed.
> Downgrading to iptables 1.8.3-2 fixes this. iptables-restore
> (iptables-nft-restore)
On Wed, 22 Jan 2020, Jamie Strandboge wrote:
> There are two cases (outlined in the upstream bug) that is causing ufw
> trouble when using iptables-nft-restore with stdin:
I forgot to mention, pkg-netfilter-team, ufw 0.36-2 adds (among other
things) autopkgtest tests that will hopefully u
On Fri, 13 Dec 2019, Jamie Strandboge wrote:
> I can confirm this. It looks like iptables-restore and iptables6-restore
> in 1.8.4 has broken -n behavior with the nft varieties.
This is https://bugzilla.netfilter.org/show_bug.cgi?id=1394
--
Email: ja...@strandboge.com
IRC: jdstrand
45 matches
Mail list logo