Bug#788546: Mr Neil Trotter

Eine Spende von 1 Million Britische Pfund zu Ihnen in gutem Glauben

Bug#861738: [scr329614] podofo - 0.9.5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > [Suggested description] > The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in > base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote > attackers to cause a denial of service (heap-based buffer over-read) > or

Bug#448059: Uses hard-coded ANSI color codes

Control: tags -1 + wontfix It has past about ten years. No one had complained about the hardcoded ANSI color. Besides, a terminal emulator which is able to support Chinese characters are likely to support ANSI color codes too. I have no intention on fixing this, hence marking this bug as

Bug#861871: luajit 2.1.0 beta3 available

Package: luajit Version: 2.1.0~beta2+dfsg-3 Severity: wishlist As shown at https://github.com/LuaJIT/LuaJIT/releases , the beta3 version is available now. Please consider to update the package.

Bug#861870: gitlab: CVE-2017-8778

Source: gitlab Version: 8.13.11+dfsg1-3 Severity: grave Tags: upstream security Forwarded: https://gitlab.com/gitlab-org/gitlab-ce/issues/27471 Hi, the following vulnerability was published for gitlab. Please note I was not able to verfy that affects back 8.13.11, and the merge request has

Bug#861869: Missing keyboard-key-*.svg icons

Also reported here: https://bugzilla.gnome.org/show_bug.cgi?id=782198 -- Gunnar Hjalmarsson https://launchpad.net/~gunnarhj

Bug#861868: installation script /usr/lib/emacsen-common/packages/install/ilisp not idempotent

Package: ilisp Version: 5.12.0+cvs.2004.12.26-23 Severity: normal Tags: patch The installation script at /usr/lib/emacsen-common/packages/install/ilisp contains 'ln -s' (lacking the -f option) which means it fails to be idempotent. To demonstrate, suppose the package failed to install (see

Bug#861869: Missing keyboard-key-*.svg icons

Package: gnome-user-guide Version: 3.22.0-1 Forwarding the Ubuntu bug . This page: https://help.gnome.org/users/gnome-help/stable/keyboard-shortcuts-set.html links to a bunch of keyboard-key-*.svg icons which don't exist. The icons are not present in the

Bug#850072: ilisp: Fail to install into emacs25

I also experienced this bug, although the sympoms are slightly different: pwd /usr/share/emacs25/site-lisp/ilisp cat path.el (setq load-path (cons "." load-path) byte-compile-warnings nil) (load "ilisp-mak.el") sudo emacs25 -q -batch -l

Bug#850072: ilisp: Fail to install into emacs25

severity 850072 important tags 850072 + patch thanks To justify the "important" severity: the package fails to install if emacs25 is also installed. The problem is trivially fixable, patch attached. -- ...Adam Di Carlo...... ---

Bug#861781: www.debian.org: updating Debian memberships in other organisations information

On Fri, 2017-05-05 at 09:38 +0800, Raphael Hertzog wrote: > On Thu, 04 May 2017, Paul Wise wrote: > > Reconfirm the involvement of these representatives: > > SchoolForge (representatives: Ben Armstrong*, Raphaël Hertzog) > > You can drop me as representative here. Since Ben is retired from

Bug#755202: network-manager: keeps creating and using new connection "eth0" that does not work

PS: a very crude workaround for this: # cat /etc/default/NetworkManager if [ -z "$(ip -4 addr list dev eth0)" ] && [ -n "$(ip -6 addr list dev eth0)" ] then ip link set down dev eth0 ip addr flush dev eth0 fi signature.asc Description: OpenPGP digital signature

Bug#755202: network-manager: keeps creating and using new connection "eth0" that does not work

Hi folks, here are some more insights into this mystery: My "victim" box: - kvm-guest: jessie, task-xfce-desktop, sysvinit instead of systemd - running with -net nic,model=rtl8139 -net tap - connected to br0 of the kvm host which also contains the host's eth0 - the guest's

Bug#861838: About the LDAP *server* we are connecting to....

Does gnutls-cli have the same problem? apt-get install gnutls-bin gnutls-cli -p 636 ldi.s.uw.edu --x509cafile=/etc/ssl/certs/ca-certificates.crt

Bug#861867: unblock: debsums/2.2.1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package debsums 2.2.1. It mitigates an issue with false positives in piuparts. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689508#67 and the following comments.

Bug#833193: RFS: chapel/1.15-1 [ITP]

Dear Lumin, On Thu, May 04, 2017 at 02:06:10PM +, Lumin wrote: > I quickly went through the packaging, and had some comments about it: Thank you for your input. I agree with all of it except: > * debian/changelog: > currently Debian is still in the deep freeze stage, I'd recommend > you

Bug#861866: debian-live: Please add brltty

Package: debian-live Severity: normal Hello, To make the debian live CD accessible not only via speech, but also via braille, it is enough to simply include the brltty package, which would only take 8MB more. Thanks, Samuel -- System Information: Debian Release: 9.0 APT prefers testing APT

Bug#861840: thunderbird: gmail authentication broken

Looks like this is the same bug https://bugzilla.mozilla.org/show_bug.cgi?id=1359297 (contains patches, marked resolved) I am experiencing this bug after changing google password. thunderbird package version 1:45.8.0-3 (debian 9) -- Eliot

Bug#861865: libtiff5: regression - new warning: Invalid tag "Predictor"

Package: libtiff5 Version: 4.0.3-12.3+deb8u3 Severity: normal Dear Maintainer, As of today, we are getting this warning: Invalid tag "Predictor" (not supported by codec). (_TIFFVGetField) * What led up to the situation? The upgrade of libtiff5:amd from libtiff5:4.0.3-12.3+deb8u2 to

Bug#861864: grdesktop: No clean way to pass custom rdesktop options

Package: grdesktop Version: 0.23+d040330-3+b1 Severity: wishlist Tags: upstream It would be great if grdesktop could provide a clean interface for passing rdesktop options that aren't in grdesktop's standard repertoire. (FWIW, I'm specifically interested in -r scard.) I've found that I could

Bug#860976: linux: [arm64] Enable support for Rockchip systems

On 2017-04-22, Vagrant Cascadian wrote: > Please add the following options to enable Rockchip support on arm64. > > Tested on a firefly-rk3399 using linux 4.11.0-rc7 to boot stretch > debian-installer. Updated patch, tested with 4.11.0-trunk: diff --git a/debian/config/arm64/config

Bug#849754: RFS: guerillabackup/0.0.0-1

Hi Andreas, It took me quite a while to address all your remarks... Andreas Henriksson wrote: > Hello halfdog, > > Thanks for your interest in debian packaging > > On Fri, Dec 30, 2016 at 03:16:55PM +, halfdog wrote: > > Package: sponsorship-requests > > Severity: normal > > > > Dear

Bug#813764: linux-source-3.16: "Dazed and confused, but trying to continue" on X10SDV-TLN4F while using perf top

I can reproduce this bug on Intel Broadwell processors by running "perf top" and another cpu intensive process like "stress -c 8". Within 5 minutes, the kernel reports an unexpected NMI: [2005170.748842] Uhhuh. NMI received for unknown reason 01 on CPU 70. [2005170.748882] Do you have a

Bug#861863: override: stegosuite:graphics/optional

Package: ftp.debian.org Severity: normal Hi, please change the override of stegosuite to graphics/optional. The prior suite was java and although the program is written in Java, it is a steganography tool and should be part of the graphics suite. See Debian bug 829258 for more information.

Bug#861862: ITP: chess.app -- Chess for GNUstep

Package: wnpp Severity: wishlist * Package name: chess.app Version : 2.8 Upstream Author : NeXT Computer, Apple Software, Gregory Casamento, Riccardo Mottola * URL : https://github.com/gnustep/gap/tree/master/ported-apps/Games/Chess * License : AS-IS without

Bug#859912: open-infrastructure-locales-c.utf-8: provides the locales and locales-all packages, but not their functionality

reopen 859912 thanks On Sun, Apr 09, 2017 at 12:53:40PM +0200, Daniel Baumann wrote: > severity 859912 normal > thanks > > > Hi, > > thanks for your report. > > On 04/09/17 10:12, Sven Joachim wrote: > > Your package has a 'Provides' for locales and locales-all but without > > actually

Bug#851551:

They fixed it in these two versions: http://www.paramiko.org/changelog.html#1.17.4 http://www.paramiko.org/changelog.html#1.18.2 I would like so much to see this fixed, how I could help?

Bug#861861: telegram-desktop: use locale setting

Package: telegram-desktop Version: 1.0.29-1 Severity: normal Dear Maintainer, the UI has a setting to pick the locale, but really it should just read whatever locale the session is using and apply that, if the translation is available, rather than having me manually do that. Best -- System

Bug#861860: unblock: apt/1.4.2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package apt This is the second much talked about timer change. Basically, in an effort to reduce the load on the mirrors while keeping upgrades running at a predictable

Bug#823120: [pkg-ntp-maintainers] Bug#823120: Bug#823120: not fixed in the released version

On Thu, May 04, 2017 at 09:45:42PM +0200, Bernhard Schmidt wrote: > On Wed, May 03, 2017 at 09:51:27AM +0200, Christian Ehrhardt wrote: > > Hi, > > > I was checking 1:4.2.8p10+dfsg-1 that should have fixed this. > > No, 1:4.2.8p10+dfsg-1+exp1 (in experimental) should have fixed this, it > has

Bug#861824: ledger -f sample.dat org does not print org mode output

Hi, Sorry, typical PEBKAC. I did not understand that I had to press tab after loading that table, and I was more confused by the Manual part where I was told to write journals into an Org mode file. Thanks for your help. regards Hans On 04.05.2017 20:05, David Bremner wrote: > Hans

Bug#830482: [Pkg-clamav-devel] Bug#830482: Fresh installation causes freshclam to to fail

On 2017-04-02 23:27:38 [-0700], T. Joseph Carter wrote: > ​​I don't know if I will hit upon the issue in this bug or not, but I'll > offer what I've just found in case it may be useful: > > I found freshclam to fail freshly installed with the error message > indicated in this bug. Here is my

Bug#861637: sassphp: src:sassphp explicitly creates a php7.0 binary package

Yes, correct. Also you can kill the warnings and $(mkdir should be $(shell mkdir I need to fix that in tideways package... Ondřej On 4 May 2017 21:00:21 Nish Aravamudan wrote: On 04.05.2017 [10:40:50 +0200], Ondřej Surý wrote: Source: sassphp Followup-For:

Bug#861859: reportbug doesn't know the existence of psuedopackage 'manpages.debian.org' please correct it.

Package: reportbug Version: 7.1.6 Severity: normal Dear Maintainer, Please see the below reportbug instance - [$] reportbug manpages.debian.org --severity=normal [1:09:30] *** Welcome to reportbug. Use ? for help at prompts. *** Note:

Bug#861858: cacti fails to create symlinks when upgrading from jessie to stretch

Package: cacti Version: 0.8.8h+ds1-8 Severity: important -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cacti version 0.8.8h+ds1-8 replaced the embedded jstree JavaScript with a dependency on the (new) libjs-jquery-jstree package. Instead of having the files in its own directory tree it now

Bug#861824: ledger -f sample.dat org does not print org mode output

Hans Freitag writes: > Package: ledger > Version: 3.1.2~pre1+g3a00e1c+dfsg1-2+b1 > Severity: normal > > Dear Maintainer, > > Accourding to the manual i should geht some orgmode styled output when using > *.org instead I am getting this: > > zem@samsung1:~$ ledger -f

Bug#861857: chromium: when posting an inaccessible file as part of a form submission chromium claims the remote site is not accessible

Package: chromium Version: 58.0.3029.81-1 Severity: normal Hello, I tried to attach a log file as part of a bugzilla bug report form and the log file is not accessible from my user account. The result is chromium claims that form post url is inaccessible while in fact the submitted local file is

Bug#861856: oping: CSV output uses locale decimal separator

Package: oping Version: 1.9.0-1+b1 Severity: normal When running noping -O foo.csv 127.0.0.1, I get file output like: 1493922621,709,"127.0.0.1",11,28 This is somewhat unfortunate, since it's not really comma separated values any more. (My locale has «,» as its decimal separator.) -- System

Bug#861180: shc: infinite loop does not work properly

Control: severity 861180 normal 2017-05-04 16:30 GMT-03:00 Tong Sun : > Hi Eriberto, Hi, > Do you still want to mark the Severity: as grave > after Jörg Sommer has explained in > https://github.com/neurobin/shc/issues/23#issuecomment-299035820 > that there is a

Bug#823120: [pkg-ntp-maintainers] Bug#823120: not fixed in the released version

On Wed, May 03, 2017 at 09:51:27AM +0200, Christian Ehrhardt wrote: Hi, > I was checking 1:4.2.8p10+dfsg-1 that should have fixed this. No, 1:4.2.8p10+dfsg-1+exp1 (in experimental) should have fixed this, it has not landed in sid yet (due to being in deep freeze etc) > > But still: > # apt-get

Bug#861838: About the LDAP *server* we are connecting to....

The LDAP server we are connecting to is openldap 2.4.40 and sasl 2.1.26 provided by CentOS7 All the centos 7 clients work perfectly connecting to it

Bug#861840:

Here you can see the OAuth attempt fail -1804604608[96cfdd80]: try to log in -1804604608[96cfdd80]: IMAP auth: server caps 0xc080c1625, pref 0x8, failed 0x0, avail caps 0x8 -1804604608[96cfdd80]: (GSSAPI = 0x100, CRAM = 0x2, NTLM = 0x10, MSN = 0x20, PLAIN = 0x1000,

Bug#861180: shc: infinite loop does not work properly

Hi Eriberto, Do you *still* want to mark the Severity: as grave after *Jörg Sommer *has explained in https://github.com/neurobin/ shc/issues/23#issuecomment-299035820 that there is a workaround? Marking Severity: as grave will make shc 3.8.9b-1 for* autoremoval from testing on **2017-05-24*

Bug#861855: php7.0-fpm: Uses kill without depending on procps

Package: php7.0-fpm Version: 7.0.16-3 Severity: serious Justification: Policy 3.5 /lib/systemd/system/php7.0-fpm.service contains: ``` ExecReload=/bin/kill -USR2 $MAINPID ``` procps is not Essential.

Bug#861854: cups: AS400 cups-lpd submitted multi-copy jobs stalling

Package: cups Version: 1.7.5-11+deb8u1 Severity: normal Dear Maintainer, I'm facing the issue reported in 2007 in bug #410760 Any spool file sent to a debian host using cups-ldp with multiple copies result in the following : the printer prints the first copy only then stalls. The status of the

Bug#861853: cacti defaults to the wrong rrdtool (and the current rrdtool version isn't even available)

Package: cacti Version: 0.8.8h+ds1-9 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 After a fresh install of cacti, the rrdtool version recorded is 1.0.x. This should have been 1.6.x (which isn't available) and failing that at least the highest available version. - -- System

Bug#861637: sassphp: src:sassphp explicitly creates a php7.0 binary package

On 04.05.2017 [10:40:50 +0200], Ondřej Surý wrote: > Source: sassphp > Followup-For: Bug #861637 > > Rhonda, > > like in the attached patch. > > Sorry for not having a better documentation, but I am extremely bad at > documenting my own work. (Would be happy to accept any patches that > makes

Bug#849769: [mipsel]: string.sub sometimes returns incorrect slice

On Sat, Jan 14, 2017 at 02:55:22PM -0500, James McCoy wrote: > On Fri, Dec 30, 2016 at 02:25:27PM -0500, James McCoy wrote: > > Neovim's test suite was periodically failing on mipsel and after looking > > into it, it turns out that luajit sometimes incorrectly handles > > str:sub(i, j). > > This

Bug#861443: ora2pg: please make the build reproducible

Control: tags -1 fixed-upstream On Thu, 04 May 2017 17:35:00 + Niels Thykier wrote: > Control: tags -1 moreinfo > > [...] > > Hi Chris, > > I suspect your patch is wrong because the original code is wrong as well. > > $$ in postgres SQL is (often?) used to delimit the

Bug#861637: sassphp: src:sassphp explicitly creates a php7.0 binary package

On Thu, May 4, 2017 at 11:40 AM, Ondřej Surý wrote: > That's: > > PECL_SOURCE=$(filter-out debian $(DIR_TARGETS),$(wildcard *)) +$(foreach > ver,$(DH_PHP_VERSIONS),$(eval PECL_SOURCE_$(ver) := $(PECL_SOURCE))) > > So something else must be going on there. I have successfully

Bug#861838: [Pkg-openldap-devel] Bug#861838: more information

Control: reassign -1 libldap-2.4-2 2.4.40+dfsg-1 Control: tag -1 moreinfo Hi Matthew, Thanks for the report, and for this additional info. Sounds like you've found a bug, maybe in libldap, maybe in GnuTLS. What's your LDAP server running? I haven't seen anything like this personally. Not

Bug#861637: sassphp: src:sassphp explicitly creates a php7.0 binary package

That's: PECL_SOURCE=$(filter-out debian $(DIR_TARGETS),$(wildcard *)) +$(foreach ver,$(DH_PHP_VERSIONS),$(eval PECL_SOURCE_$(ver) := $(PECL_SOURCE))) So something else must be going on there. I have successfully built sass for coinstallable php 5.6, 7.0 and 7.1. Cheers, Ondřej On 4 May

Bug#861838: more information

ldapsearch and ldapwhoami return "Can't contact LDAP server (-1)" on higher debug level (-d2) , it looks like there is a tls_read want/got mismatch. Debug output below. This is also broken in debian 8 but same commands work properly in Debian 7 and the tls_read want/got mismatch does not

Bug#861849: kopanocore: d/p/OpenSSL-Make-SSLv2-conditional.patch has obvious logic bug

Hello Nishanth, On Thu, May 04, 2017 at 10:53:01AM -0700, Nishanth Aravamudan wrote: > The d/p/OpenSSL-Make-SSLv2-conditional.patch appears to be logiclly > buggy: > > In the case that SSL_TXT_SSLV2 is true, the 'else if' blocks have no > contents and result in syntax errors. > > As Ubuntu

Bug#861851: munin-plugins-core: netstat plugin does not report active connections

Package: munin-plugins-core Version: 2.0.33-1 Severity: normal Tags: patch Dear Maintainer, the netstat plugin does not report active connections because the awk filter (line 106) searches for 'active connections ope' while the output of 'netstat -s' (for the current net-tools version

Bug#861850: request: please add a keyboard shortcut to pause the game

Package: gnome-nibbles Version: 1:3.22.2.2-1 Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear Maintainer, When playing this game, my hands are on the keyboard. However, when I would like to pause the game, I have to take my hands off the keyboard, to move the mouse

Bug#861849: kopanocore: d/p/OpenSSL-Make-SSLv2-conditional.patch has obvious logic bug

Package: kopanocore Severity: normal Dear Maintainer, The d/p/OpenSSL-Make-SSLv2-conditional.patch appears to be logiclly buggy: In the case that SSL_TXT_SSLV2 is true, the 'else if' blocks have no contents and result in syntax errors. As Ubuntu has not yet migrated OpenSSL versions, and

Bug#861848: unblock: golang-github-cznic-fileutil/0.0~git20150708.0.1c9c88f-2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package golang-github-cznic-fileutil The package has an FTBFS bug on 32 bit architectures, which is fixed with this upload. unblock

Bug#730621: Still an issue

This is still happening with Debian testing, when trying to install Mathematica. Creating /usr/share/desktop-directories by hand fixed the problem. Thanks, Dominic.

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 06:19:07PM +0100, Ian Jackson wrote: > > I need to check the armhf build, since there are conflicts there. I > > don't think I can conveniently test the armhf version. > >

Bug#861443: ora2pg: please make the build reproducible

Control: tags -1 moreinfo On Sat, 29 Apr 2017 09:08:22 +0100 Chris Lamb wrote: > Source: ora2pg > Version: 18.0-1 > Severity: wishlist > Tags: patch > User: reproducible-bui...@lists.alioth.debian.org > Usertags: randomness > X-Debbugs-Cc:

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

On Thu, May 04, 2017 at 06:19:07PM +0100, Ian Jackson wrote: > Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, > XSA-213, XSA-214"): > > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > > > Should I put jessie-security in the debian/changelog and dgit

Bug#861536: runit-init: Cannot reboot or shutdown after installing (or removing) the package.

Hi Matthew! > I ran `apt install runit-init` and then attempted to reboot with > `/sbin/reboot`, `/sbin/poweroff`, `init 0` & `init 6`, all to no > effect; no error messages were returned and the exit status of all of > the commands was zero. This happens because the computer is still running

Bug#861847: mouse and keyboard freeze - virtio/spice/windows

Package: qemu-system-x86 Version: 1:2.1+dfsg-12+deb8u6 Environment: Host debian and windows guest Virtio drivers Spice package 64 bits Description: scrolling (with a scroll wheel mouse) down and up during a long time (ten minutes more or less) a long file (7.5Gb, 315 pages, Adobe Acrobat

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > > Should I put jessie-security in the debian/changelog and dgit push it > > (ie, from many people's pov, dput it) ? > > Yes, the

Bug#861846: bash-completion: autoclean is misspelled

Package: apt Version: 1.4.1 Severity: minor Dear Maintainer, In the section of the apt Bash completion file that completes command-specific options, "autoclean" is misspelled as "autocleean". This prevents autoclean's command-specific options from being completed. The attached patch fixes this.

Bug#861845: src:python-argh: pytest minimum version missing in build-depends

Package: src:python-argh Version: 0.26.2-1 Severity: normal Dear Maintainer, I was attempting a local backport of the testing version of python-argh to jessie and it failed to build with the following error: Traceback (most recent call last): File "setup.py", line 114, in 'Topic ::

Bug#861812: ITP: node-evp-bytestokey -- secure key derivation algorithm from openssl

Bastien ROUCARIES : > * Package name: node-evp-bytestokey > > EVP_BytesToKey() derives a key and IV from various parameters. type > is the cipher to derive the key and IV for. md is the message digest > to use. The salt parameter is used as a salt in the

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, > XSA-213, XSA-214"): > > On Thu, May 04, 2017 at 05:06:07PM +0100, Ian Jackson wrote: > > > I have fixed these in stretch but the jessie package remains

Bug#861844: unblock: xrdp/0.9.1-9

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Please unblock package xrdp This package updates the security fix in 0.9.1-8, which turned out to be incomplete. diff -Nru

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 05:06:07PM +0100, Ian Jackson wrote: > > I have fixed these in stretch but the jessie package remains unfixed. > > I think I may be able to find some backports somewhere.

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

On Thu, May 04, 2017 at 05:06:07PM +0100, Ian Jackson wrote: > Ian Jackson writes ("64bit PV guest breakout [XSA-213]"): > > Source: xen > > Version: 4.4.1-9 > > Severity: important > > Tags: security upstream fixed-upstream > > > > See > > https://xenbits.xen.org/xsa/advisory-213.html > > Ian

Bug#861843: unblock: (pre-approval) hplip/3.16.11+repack0-3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I plan to upload hplip with a simple fix for #861731 (UnicodeDecodeError on some filenames) that has apparently been committed upstream. This is the changelog entry: > [ Gaurav Sood ] >

Bug#861842: snort 2.9.7 is EOL upstream

Source: snort Version: 2.9.7.0-5 Severity: grave Justification: renders package unusable Dear maintainer, The version of snort in Debian testing/sid has reached EOL in March [0], making it difficult to provide security updates or rule updates over the lifecycle of stretch. Since no newer

Bug#861840: thunderbird: gmail authentication broken

Hello Christopher, On Thu, May 04, 2017 at 08:15:59AM -0800, Christopher Howard wrote: > Subject: thunderbird: gmail authentication broken > Package: thunderbird > Severity: important > > Dear Maintainer, > > When attempting to authenticate a google email account, i get stuck at > the google

Bug#861637: sassphp: src:sassphp explicitly creates a php7.0 binary package

Hi Ondřej, It appears that this patch assumes a normal PECL extension and I'm not sure sass is one? The build eventually fails with: cp -a undefined build-7.1 cp: cannot stat 'undefined': No such file or directory /usr/share/dh-php/pkg-pecl.mk:60: recipe for target 'configure-7.1-stamp' failed

Bug#861841: kmail depends on gnupg2, a deprecated package

Package: kmail Version: 4:16.04.3-3 Severity: normal Dear Maintainer, kmail depends on gnupg2 which is a dummy transitional package. It should should depend on gnupg and possibly allow gnupg2 as an alternative. -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (990,

Bug#861840: thunderbird: gmail authentication broken

Subject: thunderbird: gmail authentication broken Package: thunderbird Severity: important Dear Maintainer, When attempting to authenticate a google email account, i get stuck at the google sign-in page. It requests the email account but the Next button and More options buttons do not work. This

Bug#861838: ldap-utils: ldapsearch and ldapwhoami cannot connect to ldaps server

Package: ldap-utils Version: 2.4.40+dfsg-1+deb8u2 Severity: normal Dear Maintainer, On a fresh install of Debian 8, I cannot get ldapsearch or ldapwhoami to connect to an LDAPS server. There appears to be some TLS happening, and a connections is made, but then it fails without any useful

Bug#861839: firefox: Where is firefox 53 ?

Package: firefox Severity: important Dear Maintainers, Since april 20th, the firefox package is stuck at version 52 (precisely 53.0.is.52.0.2-1) in Sid. Usually each versions are well packaged 1 or 2 days after the official release but for this one, it is still on 52. Seeing the changelog, I

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

Ian Jackson writes ("64bit PV guest breakout [XSA-213]"): > Source: xen > Version: 4.4.1-9 > Severity: important > Tags: security upstream fixed-upstream > > See > https://xenbits.xen.org/xsa/advisory-213.html Ian Jackson writes ("grant transfer allows PV guest to elevate privileges

Bug#861837: libxen, libxen-dev: install libxenvchan library

Source: xen Version: 4.4.1-9+deb8u3 Severity: wishlist Hi, Qubes-OS related software requires libxenvchan from xen [0]. AFAIU, it is built by default (as found in buildd.d.o), but the Debian package doesn't install it. Could you please include it? [0]

Bug#861789: Please provide database.target as a synchronization point for applications providing databases and needing databases

How will a database.target solve anything in those not so uncommon setups: - database is remote or - one database needs another to start? Please consider: if you end up with a solution that only works for 90% of installations - fails on 10% - is that actually solving your problem? C.

Bug#843021: wiki page

As this is a complex package, I have created a dedicated page in the wiki: https://wiki.debian.org/Javascript/Nodejs/Tasks/yarn

Bug#858539: ca-certificates: Contains untrusted StartCom and WoSign certificates

severity 858539 serious thanks We should not release stretch with these certificates; not only would it be embarrassing to do so given that they have ceased to work in modern browsers for some time, we are also simply putting our users at risk. Whilst there will be more CA screwups in the

Bug#860444: seems to be fine now

odd it's marked as reproducible at 2017-04-23 16:26 UTC this issue can be probably closed, though I'll be keeping an eye on it to make sure it doesn't fail again.

Bug#861834: libtirpc: CVE-2017-8779

Control: clone -1 -2 Control: reassign -2 src:ntirpc 1.4.3-3 Control: retitle -2 ntirpc: CVE-2017-8779 On Thu, May 04, 2017 at 05:01:11PM +0200, Salvatore Bonaccorso wrote: > Source: libtirpc > Version: 0.2.5-1 > Severity: grave > Tags: security upstream patch > Justification: user security hole

Bug#850327: W: APT had planned for dpkg to do more than it reported back (3 vs 7).

On Thu, May 04, 2017 at 10:59:54PM +0800, 積丹尼 Dan Jacobson wrote: > All I know is now apt says "APT had planned for dpkg to do more than it > reported back (3 vs 7)." which is a separate issue... If that's what you're reporting, then surely this is a bug in apt or dpkg rather than in

Bug#850327: W: APT had planned for dpkg to do more than it reported back (3 vs 7).

All I know is now apt says "APT had planned for dpkg to do more than it reported back (3 vs 7)." which is a separate issue...

Bug#861834: libtirpc: CVE-2017-8779

Source: libtirpc Version: 0.2.5-1 Severity: grave Tags: security upstream patch Justification: user security hole Control: clone -1 -2 Control: reassign -2 src:rpcbind Control: found -2 0.2.1-6 Hi, the following vulnerability was published for libtirpc. CVE-2017-8779[0]: | rpcbind through

Bug#861822: suricata: feature wishes for suricata

On Thu, 04 May 2017 13:20:49 +0200 "Hans-J. Ullrich" wrote: > Package: suricata > Version: 3.2.1-1 > Severity: wishlist > > Dear Maintainer, > > first, please apologize, as I am new to suricata. Before I used snort, but I believe, suricata is now more modern. > > As this is

Bug#861832: RFS: golang-github-serenize-snaker/0.0~git20170425.0.1c7f653-1 [ITP]

Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "golang-github-serenize-snaker" * Package name: golang-github-serenize-snaker Version : 0.0~git20170425.0.1c7f653-1 Upstream Author : Serenize UG

Bug#861831: RFS: golang-github-viki-org-dnscache/0.0~git20130720.0.c70c1f2-1 [ITP]

Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "golang-github-viki-org-dnscache" * Package name: golang-github-viki-org-dnscache Version : 0.0~git20130720.0.c70c1f2-1 Upstream Author : Viki Inc.

Bug#850327: W: APT had planned for dpkg to do more than it reported back (3 vs 7).

Hi, On Fri, Jan 06, 2017 at 06:35:41AM +0800, 積丹尼 Dan Jacobson wrote: > If one has mysql disabled. (Why have it running 24 a day?!?!) Isn't this a duplicate of bug 843959 that you already filed yourself a couple of months earlier? Is there any reason I shouldn't mark it as a duplicate? Robie

Bug#850327: still broken

found 850327 5.7.18-1 thanks Setting up mysql-server-5.7 (5.7.18-1) ... mysql_upgrade: Got error: 2002: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) while connecting to the MySQL server Upgrade process encountered error and will not continue. mysql_upgrade

Bug#861486: julia: FTBFS on mips64el (segmentation fault)

Possibly related to bug #684344 in libopenblas-base: please install OpenMP version.

Bug#861251: telegram-desktop: please unset QT_QPA_PLATFORMTHEME

Hi Maintainer Have you had a chance to look at this yet? I have received a report from a Xubuntu user that this patch works there. Regards Graham

Bug#833193: RFS: chapel/1.15-1 [ITP]

Hello guys, I quickly went through the packaging, and had some comments about it: (I didn't carefully read your previous discussion and I have no permission to upload) * debian/changelog: currently Debian is still in the deep freeze stage, I'd recommend you upload to experimental first.

Bug#835260: recommends non existing package

control: tags -1 patch fixed-upstream > rhash (and librhash0) recommends libssl1.0.0. It has a list of > libcrypto.so.XX names and tries to load a few crypto algos from > libcrypto at runtime via dlopen() if it can fine the library. With > libssl1.0.0 gone this does not work anymore. The 1.0.2

Bug#810029: librhash-dev: Additional ';' in #defined symbols in rhash.h

control: tags -1 patch fixed-upstream > #define rhash_set_openssl_mask(mask) rhash_transmit(RMSG_SET_OPENSSL_MASK, > NULL, mask, 0); > #define rhash_get_openssl_mask() rhash_transmit(RMSG_GET_OPENSSL_MASK, NULL, > 0, 0); > this is already fixed upstream in v1.3.4 and this commit

  1   2   >