In contrast to Patrick Matthäi's bug report, iceweasel 2.0.0.4-0etch1
does crash on my Debian 4.0 (etch) x86 host when I tried to view that
.svg file.
Package: reprepro
Version: 2.2.1-1
Severity: normal
In the manual-page
(http://alioth.debian.org/plugins/scmcvs/cvsweb.php/~checkout~/mirrorer/docs/manual.html?rev=HEAD;content-type=text%2Fhtml;cvsroot=mirrorer)
there is the example for conf/distributions. There are two lines
(Updates and
Package: apt
Version: 0.7.2
Severity: critical
File: /usr/bin/apt-get
[EMAIL PROTECTED]:~# apt-get update
Get:1 http://security.debian.org testing/updates Release.gpg [189B]
Ign http://security.debian.org testing/updates/main Translation-en_US
Get:2 http://www.debian-multimedia.org sid
Rise up !
This is just amazing and I feel I need to share this
with you... www.enlargeplus.net
Yours Sincerely,
Frank,
www.enlargeplus.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Sat, Jun 16, 2007 at 01:18:46AM +0200, Vincent Lefevre wrote:
On 2007-06-15 20:56:32 +0200, Bastian Blank wrote:
I can't reproduce this with both client and server with 2.6.18-4.
Please provide more informations about the setup.
I don't know about the server.
So you can't even say if
Hi,
Don't know what status of this, but let me comment.
On Thu, Mar 08, 2007 at 07:43:20AM +0900, Junichi Uekawa wrote:
[]
The problem was that
close(0);
open(filename,XXX);
does not return file descriptor 0.
Debugging.
Can it be bypassing of the exit status of the int
severity 429025 normal
tags 429025 wontfix
thanks
[Eddy Petrisor]
It is impossible to install libsvn-dev and libgnome-dev at the same
time on the same system due to the fact that they depend on diffrent
versions of libdb-dev.
Actually libsvn-dev doesn't depend on libdb*-dev anyway, only
Package: mecab
Version: 0.95-1
Tags: security
Severity: grave
It's been reported that version 0.96 fixes a security bug. I can't
read Japanese, so the release notes in the package aren't useful for
me.
Would you please investigate what the security fixes are, and if they
are significant enough
reassign 425832 pbuilder
Bug#425832: synaptic: /var/cache/apt/archives deleted during upgrade
Bug reassigned from package `synaptic' to `pbuilder'.
So, what's the bug again?
regards,
junichi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
On Sat, Jun 16, 2007 at 01:38:00AM +0200, Jonas Meurer wrote:
Hey David,
Do you have an easy fix for bug #428725?
It's a config error, this line in crypttab:
root /dev/vg0/c_root ...
Should be:
root /dev/mapper/vg0-c_root ...
Then regenerate the initramfs and it should work automagically.
Package: expat
Severity: wishlist
Version 2.0.0 of expat is available from upstream at
http://expat.sourceforge.net as of Jan 11... 2006. It's really about
time it was updated.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500,
Package: libxml-parser-perl
Version: 2.34-4.2
Severity: minor
The current watchfile incorrectly classifies the '.' of the extension
.tar.gz as part of the version. The following patch corrects this:
--- libxml-parser-perl-2.34/debian/watch
+++ libxml-parser-perl-2.34/debian/watch
@@ -2 +2 @@
Package: rails
Version: 1.2.3-2
Severity: grave
Tags: security upstream
An XSS vulnerability in code that uses to_json has been disclosed:
http://dev.rubyonrails.org/ticket/8371
Please mention the name CVE-2007-3227 in the changelog when fixing
this bug. Do you think that an upgrade for the
On Tue, Jun 12, 2007 at 11:07:31AM +0200, Tim Stoop wrote:
Op 6-jun-2007, om 15:58 heeft Marc Haber het volgende geschreven:
That's bad. I don't see any good way except excluding the entire mask:
!/var/lib/amavis/tmp/amavis-[0-9]{8}T[0-9]{6}-[0-9]{5}$
reassign 428926 libstdc++6-4.1-dev
thanks
This looks, to me, like something broke in libstdc++. Consider this
small test case.
[EMAIL PROTECTED] t-locale.cc
#include clocale
#include iostream
using namespace std;
class my_numpunct : public numpunctchar
{
public:
explicit my_numpunct
I'm running Ubuntu 7.04 (without having broken things by installing
software manually or trying random things), and the new option line in
/etc/modprobe.d/kqemu actually breaks the creation of /dev/kqemu.
I've tried deleting the line, leaving it as major=0, and deleting the
file, and /dev/kqemu
clone #420547 -1
retitle -1 issues with whirlpool hash on sparc64
reassign -1 mhash
block #420547 with -1
thanks
On Mon, Apr 23, 2007 at 08:26:03AM +0200, Andreas Tille wrote:
# aideinit
Overwrite existing /var/lib/aide/aide.db.new [Yn]?
Running aide --init...
Caught SIGBUS/SEGV. Exiting
Package: libphp-phpmailer
Severity: grave
Tags: security upstream
A remote shell command injection vulnerability has been reported:
https://sourceforge.net/tracker/index.php?func=detailaid=1734811group_id=26031atid=385707
A stable security update is necessary for this bug.
Please mention the
Package: wnpp
Severity: normal
Description: A simple text-based CD player
Workbone is a simple, curses-based CD player that is controlled by
the num-lock keys. The cdtool package can be used to determine the
contents of a CD before playing it.
The package appears to be abandoned upstream and
package aide
user [EMAIL PROTECTED]
usertags #425499 close-20070630
thanks
On Tue, May 22, 2007 at 06:24:33PM +0200, Marc Haber wrote:
On Mon, May 21, 2007 at 11:03:59PM -0700, root wrote:
Aide takes ~5 hours to complete a database initialization or when it
runs it's cron.daily script.
Am Freitag, 15. Juni 2007 12:06 schrieb Per Olofsson:
Hi,
On 2007-06-15 Laurent Bonnaud wrote:
since I upgraded this system with Qt 4.3 from experimental, lyx does
not
work any longer. It opens its main window but is not able to draw it:
$ lyx
QWidget::repaint: Recursive repaint
hi
we need a copy of the MPEG file that is causing prbls
please put it somewhere on the web and send me the URL
a.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: gnutls-bin
Version: 1.6.3-1
Severity: normal
File: /usr/bin/gnutls-cli
Hi,
$ gnutls-cli -p 25 -s smtp.hispeed.ch
Resolving 'smtp.hispeed.ch'...
Connecting to '213.46.255.24:25'...
- Simple Client Mode:
220 smtp.hispeed.ch ESMTP server (InterMail vM.7.08.02.00
201-2186-121-20061213)
Package: dpkg-dev
Version: 1.14.4
Severity: minor
dpkg-source(1) states:
See dpkg-substvars(5) for a discussion of output substitution.
However, there is no dpkg-substvars(5). This should refer to deb-substvars(5).
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT
Package: update-manager
Version: 0.59.20-1
Severity: serious
Tags: experimental
Heya,
| Automatic build of update-manager_0.59.20-1 on anakreon.ftwca.de by
sbuild/powerpc 98-farm
| Build started at 20070616-0040
Package: ocaml
Version: 3.10.0-1
Severity: serious
Tags: experimental
Heya,
Your package failed to build on one of my autobuilders:
| Automatic build of ocaml_3.10.0-1 on anakreon.ftwca.de by sbuild/powerpc
98-farm
| Build started at 20070615-1821
|
Hi!
Thanks for the strace ! It seems that there's a shell (bash) problem, but I
cannot tell why.
echo -e \'\\057home\' should write /home but you get 057home instead so the
'cd' fails
The relevant strace lines are:
write(4, cd , 4)
write(4, \`echo -e \'\\057home\'`\, 22) = 22
write(4, \n, 1)
Package: poco
Version: 1.3.0-1
Severity: serious
Tags: experimental
Heya,
Your package failed to build on one of my autobuilders:
| Automatic build of poco_1.3.0-1 on anakreon.ftwca.de by sbuild/powerpc 98-farm
| Build started at 20070615-2018
|
hello,
[ please keep bug report on cc, not a private discussion .. ]
On Fri, 15 Jun 2007, Joerg Platte wrote:
Am Freitag, 15. Juni 2007 schrieben Sie:
Hi,
you are the first to have such an error,
Oh, I had this error on two boxes.
please share more about your setup,
what are your
On Sat, 16 Jun 2007, Marc Haber wrote:
hmmm i certainly know that cryptoroot works with initramfs-tools.
It works with the way that d-i uses, with an encrypted PV. My setup
uses an encrypted LV.
afaik you can set up an encrypted partition on top of an lvm2 LV in d-i.
as this has been
Package: root-system
Version: 5.15.07-4
Severity: serious
Tags: experimental
Heya,
Your package failed to build on one of my autobuilders:
| Automatic build of root-system_5.15.07-4 on anakreon.ftwca.de by
sbuild/powerpc 98-farm
| Build started at 20070616-0724
Hallo,
wengophone crashes all the time. After some seconds it is other. The
console gives just the messagese I send You with. Wengophone is not
useabel for me.
Thanks for Your work.
Greetings,
Torsten
--
wengophone
Description: Binary data
Hallo,
wengophone crashes all the time. After some seconds it is other. The
console gives just the messagese I send You with. Wengophone is not
useabel for me.
Thanks for Your work.
Greetings,
Torsten
--
wengophone
Description: Binary data
Le jeudi 14 juin 2007 à 08:14 -0600, Chris Dos a écrit :
Package: gdm
Version: 2.18.2-1
Severity: important
--- Please enter the report below this line. ---
It seems the GDM does not get it's PATH statement from /etc/profile, or pull
the PATH
statement from .bash_profile when a WM is
Package: libnss-pgsql
Version: 1.4.0-1
Severity: serious
Tags: experimental
Heya,
Your package failed to build on one of my autobuilders:
| Automatic build of libnss-pgsql_1.4.0-1 on anakreon.ftwca.de by
sbuild/powerpc 98-farm
| Build started at 20070616-0832
Le vendredi 15 juin 2007 à 23:35 +0300, Sami Liedes a écrit :
Package: eog
Version: 2.18.2-1
Severity: normal
Hi,
I have a path like ~/pics/kesätapaaminen_2006/, where the 'ä' is a
latin 1/9 character. EOG breaks with it.
[EMAIL PROTECTED]
This is expected. You should use UTF8
Package: kino
Version: 1.0.0-1
Severity: serious
Tags: experimental
Heya,
Your package failed to build on one of my autobuilders:
| Automatic build of kino_1.0.0-1 on anakreon.ftwca.de by sbuild/powerpc 98-farm
| Build started at 20070616-0828
Package: speex
Version: 1.2~beta2-1
Severity: serious
Tags: experimental
Heya,
Your package failed to build on one of my autobuilders:
| Automatic build of speex_1.2~beta2-1 on anakreon.ftwca.de by sbuild/powerpc
98-farm
| Build started at 20070616-0707
Package: moodle
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: flyspray
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: knowledgeroot
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: owl-dms
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: ipplan
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: flyspray
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: glpi
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
Package: libncurses5-dev
Version: 5.6-3
Severity: minor
There should be no period after Alessandro Rubini's gpm server
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-686 (SMP w/1 CPU core)
Package: wordpress
Severity: grave
Tags: security
A security bug has been discovered in PHPMailer:
| PHPMailer 1.7, when configured to use sendmail, allows remote
| attackers to execute arbitrary shell commands via shell metacharacters
| in the SendmailSend function in class.phpmailer.php
...are available here:
http://alzental-castle.de/~rd/SL/
Regards,
Rainer
--
Rainer Dorsch
Lärchenstr. 6
D-72135 Dettenhausen
07157-734133
email: [EMAIL PROTECTED]
jabber: [EMAIL PROTECTED]
GPG Fingerprint: 5966 C54C 2B3C 42CC 1F4F 8F59 E3A8 C538 7519 141E
Full GPG key: http://pgp.mit.edu/
Frank Küster wrote:
Upstream now offers version 2.6. :-)
greetings from debconf7/edi; i'll update as soon as i find some time :)
--
Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: [EMAIL PROTECTED]
Internet:
Package: mail-notification
Tags: security
It's been reported that when you disable SSL at build-time, the user
is not told that connections are unencrypted:
| Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses
| unencrypted connections for accounts configured with SSL/TLS,
Package: phpwiki
Tags: security
Severity: important
| lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the
| configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow
| remote attackers to bypass authentication via an empty password, which
| causes ldap_bind to return true when
severity 429056 normal
tags 429056 +moreinfo +unreproducible
thanks
mateusz wrote:
Package is outdated.
define 'outdated'.
When I try to run wink I get segmentation fault.
besides, i do not have any problems on sid/i386; please include *at
least* a strace log.
--
Address:Daniel
Hi Keith,
About 18 months ago, you reported a bug to the Debian BTS regarding a
crash of the nv driver in nv_xaa.c. Did you reproduce this problem
recently? With Xorg/Etch? With latest xserver-xorg-video-nv in unstable?
If not, I will close this bug in the next weeks.
Thanks,
Brice
--
To
also sprach Thorsten Glaser [EMAIL PROTECTED] [2007.06.16.0013 +0100]:
wouldn't it be possible to at least make the en_US.UTF-8 locale forcibly
generated, so that it can't be deselected by dpkg-reconfigure locales?
Why en_US? Why not en_GB?
If this one isn't installed, many apps break when I
Hi,
About a year ago, you reported a bug to the Debian BTS regarding the X
server crashing because of a missing symbol in the MGA driver
(MGAGetBOARDHANDLESize). Did you reproduce this problem recently? With
Xorg/Etch? With latest xserver-xorg-core and xserver-xorg-video-mga in
unstable? If not,
Hi,
I also just reproduced this problem (just in case you can't reproduce, I
can help).
bye,
Roland
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: icedove
Version: 2.0.0.0-4
Severity: normal
Hi,
Certificate list is empty (ca-certificates-20070303 installed).
Regards,
Laurent
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
On Fri, Jun 15, 2007 at 11:13:29PM +, Thorsten Glaser [EMAIL PROTECTED]
wrote:
Hi,
wouldn't it be possible to at least make the en_US.UTF-8 locale forcibly
generated, so that it can't be deselected by dpkg-reconfigure locales?
If this one isn't installed, many apps break when I ssh
Package: knowledgeroot
Severity: grave
Tags: security
Your package seems to contain a copy of FCKEditor, which has been
affected by several security issues:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=FCKEditor
Please make sure that these vulnerabilities have been fixed in your
copy, both
Package: linda
Version: 0.3.25
Severity: important
Tags: patch
The change introduced in 0.3.25 triggers the following exception:
[EMAIL PROTECTED]:~/src$ linda ktorrent_2.1.4.dfsg.1-2_amd64.changes
heck LibraryCheck failed. Exception TypeError thrown (expected string or
buffer).
[EMAIL
Hi Jerome,
About a year ago, you reported a bug to the Debian BTS regarding a
corrupted display on a MGA G200 board. Did you manage to find out why
this corrupted display disappeared when installing another woody and
upgrading to etch? Any difference in the xorg.conf config file of both
Package: jspwiki
Severity: grave
Tags: security
Your package seems to contain a copy of FCKEditor, which has been
affected by several security issues:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=FCKEditor
Please make sure that these vulnerabilities have been fixed in your
copy, both in
Package: moinmoin-common
Severity: grave
Tags: security
Your package seems to contain a copy of FCKEditor, which has been
affected by several security issues:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=FCKEditor
Please make sure that these vulnerabilities have been fixed in your
copy, both
Package: karrigell-doc
Severity: grave
Tags: security
Your package seems to contain a copy of FCKEditor, which has been
affected by several security issues:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=FCKEditor
Please make sure that these vulnerabilities have been fixed in your
copy, both
forcemerge 427899 429181
severity 427899 grave
stop
On Sat, Jun 16, 2007, Marc 'HE' Brockschmidt wrote:
It looks like you are missing a python-dev build-dep here.
The fix is in SVN:
update-manager (0.59.20-2) experimental; urgency=low
* debian/control:
- build-dep on python-dev 2.4
Package: wget
Version: 1.10.2-2
Severity: normal
--- Please enter the report below this line. ---
This bug was originally reported in ubuntu as bug
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/95929
[EMAIL PROTECTED]:~$ echo $no_proxy
Package: iec16022
Version: 0.2-1
Severity: important
Underscores are not encoded correctly in the barcode at all times. If the
underscore is the 4th or later character in the input, it will be encoded
a carret char (^). Here are a few test cases:
$ iec16022 -c 'te_st' -f png | \
convert
Package: wget
Version: 1.10.2-2
Severity: normal
--- Please enter the report below this line. ---
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.21-1-686
Debian Release: lenny/sid
500 testing security.debian.org
500 testing
Package: egroupware
Tags: security
Severity: grave
The release notes mention security fixes in those versions. Please
find out what the fixes are and, if necessary, backport them to
stable. Thanks!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
Package: ktorrent
Severity: grave
Tags: security
Your package seems to embed a copy of wz_tooltip, for which a security
bug has been reported:
| Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka
| wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and
| other packages,
Package: egroupware-core
Severity: grave
Tags: security
Your package seems to embed a copy of wz_tooltip, for which a security
bug has been reported:
| Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka
| wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and
| other
Package: galeon
Tags: security
An UI spoofing vulnerability has been disclosed in Opera, which also
seems to affect Galeon:
| Visual truncation vulnerability in Galeon 2.0.1 allows remote
| attackers to spoof the address bar and possibly conduct phishing
| attacks via a long hostname, which is
Package: gallery
Severity: grave
Tags: security
Your package seems to embed a copy of wz_tooltip, for which a security
bug has been reported:
| Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka
| wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and
| other packages, has
retitle 428073 [CVE-2007-3140] remote SQL injection vulnerability in xmlrpc.php
thanks
Pleae mention the name in the changelog when fixing this bug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi Marc,
Thanks for the report.
On (16/06/07 10:44), Marc Haber wrote:
*** Starting TLS handshake
*** Fatal error: A record packet with illegal version was received.
*** Handshake has failed
Segmentation fault
$
The record packet with illegal version was received sounds familiar
and
On Wed, Jun 13, 2007 at 05:23:57PM +0200, Marco d'Itri wrote:
On Nov 22, Ludovic RESLINGER [EMAIL PROTECTED] wrote:
Yes, I will add this dependency in next upload.
This bug was already reported as #387942.
You replied with this more than six months ago, can you upload a fixed
package? Do
Package: dtc-common
Severity: grave
Tags: security
Your package seems to embed a copy of wz_tooltip, for which a security
bug has been reported:
| Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka
| wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and
| other packages,
Package: gnumed-client
Version: 0.2.6.3
Severity: minor
- desktop file says /usr/share/gnumed/bitmaps/gnumed.xpm
- package has /usr/share/pixmaps/gnumed.xpm
The effect ist that GNUmed doesn't have a default icon anymore.
Karsten
-- System Information:
Debian Release: lenny/sid
APT prefers
Hi,
What's the status of this bug about xserver-xorg no longer checking for
/var/lib/xfree86/xorg.conf.md5sum ? David closed a similar one #331690
in 1:7.0.11. But Justin tried to reopen/merge/marked as found in later
releases and found a BTS problem (#365352). Is the bug actually gone
now? Do we
Hi Jason,
I'm intending to package plexus-velocity for the Debian distribution,
but noticed that the source files do not have any license information
within them.
Would it be possible to fix it? Can I help in any way?
Thanks,
Paul
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
Hi,
About a year ago, you reported a bug to the Debian BTS regarding a crash
of the X server on a Sis board. Did you reproduce this problem recently?
With Xorg/Etch? With latest xserver-xorg-core and xserver-xorg-video-sis
driver?
If not, I will close this bug in the next weeks.
Thanks,
Brice
On Sat, Jun 16, 2007 at 10:22:07AM +0200, maximilian attems wrote:
On Sat, 16 Jun 2007, Marc Haber wrote:
hmmm i certainly know that cryptoroot works with initramfs-tools.
It works with the way that d-i uses, with an encrypted PV. My setup
uses an encrypted LV.
afaik you can set up
Package: w3m
Severity: grave
Tags: security
| Format string vulnerability in the inputAnswer function in file.c in
| w3m before 0.5.2 allows remote attackers to cause a denial of
| service (application crash) and possibly execute arbitrary code via
| format string specifiers in the CN field in an
Package: docbook-xsl
Version: 1.72.0.dfsg.1-1
Severity: normal
Hi,
with the attached example XML file, I encountered the following:
$ xsltproc -o eldoc.xml --stringparam wordml.template
/usr/share/xml/docbook/stylesheet/nwalsh/roundtrip/template.xml
Package: reportbug-ng
Version: 0.2007.06.13
Severity: normal
*** Please type your report below this line ***
unlike reportbug which has a reportbug.conf file
in /etc/reportbug.conf reportbug-ng doesn't have it
which makes it difficult for the user to tweak for
his purpose. For e.g. I don't want
maybe this mail from the pkg-xen-devel list might be of interest for
this bug...
HTH,
Henning
Original Message
Subject:[Pkg-xen-devel] libvirt package
Date: Mon, 28 May 2007 20:43:56 -0300
From: Marco Sinhoreli [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Hello
Package: pidgin
Version: 1:2.0.0+dfsg.1-3ubuntu2
Severity: wishlist
*** Please type your report below this line ***
Upgrade available at
http://downloads.sourceforge.net/pidgin/pidgin-2.0.2.tar.bz2
-- System Information:
Debian Release: lenny/sid
APT prefers gutsy-updates
APT policy: (500,
Package: zvbi
Tags: security
Severity: grave
A security bug has been reported in zvbi:
| Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the
| zvbi-ntsc-cc tool in Zapping VBI Library (ZVBI) before 0.2.25 allows
| attackers to cause a denial of service (application crash) and
|
Package: kicad
Version: 0.0.20070525-1
Severity: normal
No man pages provided for the binaries in kicad package.
Raising this bug myself so it is logged and tracked publically as it is a Debian
policy violation.
Richard.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
Package: icedove
Version: 2.0.0.0-4
Followup-For: Bug #426413
Hi,
When you go to account settings - junk settings, the Trust junk
mail headers set by: list box is empty. I noticed this behaviour on a
fresh new profile with icedove 2.0.0.0-4.
Regards,
Laurent
-- System Information:
Debian
Package: cacti
Tags: security
Two (apparently) related post-authentication DoS bugs have been
disclosed in cacti:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3113
(I'm not sure if those warrant a security update for stable.)
Package: cook
Version: 2.26-1
according to
http://www.auug.org.au/pipermail/cook-users/2007-June/000332.html cook
2.28 has been released now.
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.21-1-686
Debian Release: lenny/sid
500 testing security.debian.org
* Michael Prokop [EMAIL PROTECTED] [20070501 10:15]:
[...]
Any chance to get an answer?
regards,
-mika-
signature.asc
Description: Digital signature
close 429221 0.2.25-1
thanks
* Christian Marillat:
I don't know what zvbi-ntsc-cc does, so this might not be a security
issue after all. Please investigate. Thanks!
This is only a candidate. This CVE isn't confirmed.
Yeah, but the only way this bug will be confirmed, ever, is for Debian
retitle 429225 [CVE-2007-3099, CVE-2007-3100] local DoS vulnerabilities
thanks
Actually, there are two distinct vulnerabilities:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719
(The description of CVE-2007-3099 is incorrect re the remote attack
vector; I've already told MITRE about
package reprepro
tag 429172 + pending
thanks
* Hanno 'Rince' Wagner [EMAIL PROTECTED] [070616 08:34]:
In the manual-page [...]
there is the example for conf/distributions. There are two lines
(Updates and Logfile) which are not recognised by reprepro:
Thanks for finding this. (It's always
reopen 429280 1.2.106-2.dfsg-3
thanks
There is no egroupware in stable.
Oops, but the version in unstable is still vulnerable AFAICT.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: open-iscsi
Tags: security
A minor DoS vulnerability has been discovered in open-iscsi:
| usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before
| 2.0-865 uses a semaphore with insecure permissions
| (world-writable/world-readable) for managing log messages using shared
|
tags 428992 upstream
stop
short irclog snippet:
20:03:14 siretart _ds_: Flameeyes: are you already aware of
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428992?
20:05:08 @Flameeyes more or less
20:29:42 siretart Flameeyes: now you are ;)
20:30:06 @Flameeyes siretart, well, the problem is
I'll upload a new upstream version to unstable today with a fix for
CVS-2007-3100 included.
I also prepared a fix for etch.
greetings
philipp
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
1 - 100 of 376 matches
Mail list logo
