On 2019-04-23 22:16, Aurelien Jarno wrote:
> Source: linux
> Version: 4.19.28-2
> Severity: important
>
> After upgrading hartmann.debian.org (an armhf buildd using an Armada XP
> GP board) from buster to stretch, the ethernet device is not working
More precisely the board is a "Marvell Armada
Package: systemd-sysv
Version: 215-17+deb8u12
Severity: important
Dear Maintainer,
Today I did an an apt-get update / upgrade on Jessie for these packages
Get:9 http://security.debian.org/ jessie/updates/main libsystemd0 amd64
215-17+deb8u12 [90.4 kB]
Get:10 http://security.debian.org/
Package: python-rdkit
Severity: important
Dear maintainer,
there should be a module pyAvalonTools in module Avalon,
as it is imported also at several places in the module itself.
Thank you
Fulvio
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500,
Hi mika,
great, thanks for the info! Didn't think of checking the mailing list in
addition to open bugs... Well, I guess such a quickly resolved bug
report is great for statistics at least.
Cheers,
flosch
On 4/25/19 1:37 PM, Michael Prokop wrote:
* Florian Schmidt [Thu Apr 25, 2019 at
hi,
We are still using the old package not protected from the vulnerability, any
idea when sftp on jessie will work again ?
Is there anything i can do to help it ?
regards,
Ghislain.
Control: clone -1 -2
Control: reassign -2 src:mate-utils
Control: retitle -2 gsearchtool: flawed msgstr in help/pt.po
Control: severity -2 grave
Hi,
On Thu, 25 Apr 2019 02:03:01 +0200 Lars Skovlund
wrote:
> Hi Mike,
>
> I've just noticed this bug report:
>
>
Package: konqueror
Version: 4:18.12.0-1
Severity: normal
Dear Maintainer,
when opening konqueror, it works fine with local files and ftp links.
But it exites when opening http://, https://, ftps:// links.
-- System Information:
Debian Release: 10.0
APT prefers
Control: tags -1 + moreinfo
Le 22/04/2019 à 07:38, Xavier a écrit :
> Le 21/04/2019 à 22:33, Moritz Muehlenhoff a écrit :
>> Package: node-braces
>> Severity: important
>> Tags: security
>>
>> Please see https://snyk.io/vuln/npm:braces:20180219
>>
>> Patch:
>>
On Tue, 12 Mar 2019 19:33:18 -0700 Joshua wrote:
> Package: pulseaudio
> Version: 12.2-4
> Severity: important
>
> Dear Maintainer,
>
>* What led up to the situation?
>
> Youtoube sound not playing
>
>* What exactly did you do (or not do) that was effective (or
> ineffective)?
>
* Florian Schmidt [Thu Apr 25, 2019 at 01:29:45PM +0200]:
> Package: systemd
> Version: 215-17+deb8u12
> Severity: important
> it seems the recent security update led to systemd ignoring the user and
> group columns in tmpfiles.d files. This immediately leads to postgresql
> in the current
Some solutions have been suggested in downstream issue:
https://github.com/facebook/rocksdb/issues/5223
As I focus on the packaging level bugs in MariaDB in Debian, I hope
somebody else who knows more about FreeBSD and malloc libraries would
produce a patch and test it...
Package: systemd
Version: 215-17+deb8u12
Severity: important
Dear Maintainer,
it seems the recent security update led to systemd ignoring the user and
group columns in tmpfiles.d files. This immediately leads to postgresql
in the current oldstable version (postgresql-9.4 9.4.21-0+deb8u1,
Package: wnpp
The current maintainer of fwlogwatch, J.S.Junior ,
is apparently not active anymore. Therefore, I orphan this package now.
Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.
If you want to be
Package: wnpp
The current maintainer of mini-httpd, J.S.Junior ,
is apparently not active anymore. Therefore, I orphan this package now.
Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.
If you want to be
Package: wnpp
The current maintainer of openresolv, J.S.Junior ,
is apparently not active anymore. Therefore, I orphan this package now.
Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.
If you want to be
Package: duply
Version: 1.11.3-1
Severity: normal
Dear Maintainer,
On a freshly installed stretch server, on first run, when using ssh, duply
(or a dependency) fails if file known_hosts doesn't exist.
I expected duply to create the file if it's missing.
A simple work around is to connect using
Am 25.04.19 um 12:24 schrieb Norbert Preining:
> Hi
>
>> From v228
>> https://github.com/systemd/systemd/blob/master/NEWS#L3926
>
>> From v209
>> https://github.com/systemd/systemd/blob/master/NEWS#L6855
>
> Ok, but the documentation o freedesktop.org and the man pages do not
> mention that,
Hi Jonas
[Adding security team alias, as debian-lts is not followed
automatically]
On Wed, Apr 24, 2019 at 11:08:44AM +0200, Jonas Meurer wrote:
> Hello,
>
> The last days, I spent quite some hours on backporting and debugging
> patches for CVE-2018-15587 (Signature Spoofing in PGP encrypted
On 4/25/19 12:49 PM, Thomas Goirand wrote:
> Hi,
>
> Please fine attached to this message the *CORRECT* debdiff to fix it.
> I've uploaded it to DELAYED/7 (after dcuting the wrong package...). Let
> me know if you think it's still wrong and I should still dcut it...
>
LGTM
Hi,
Please fine attached to this message the *CORRECT* debdiff to fix it.
I've uploaded it to DELAYED/7 (after dcuting the wrong package...). Let
me know if you think it's still wrong and I should still dcut it...
Cheers,
Thomas Goirand (zigo)
diff -Nru ipset-6.38/debian/changelog
Control: retitle 900984 w3m: SSL error: wrong signature type
Control: retitle -1 w3m: SSL error: unsupported protocol
Thanks,
--
Tatsuya Kinoshita
Package: xwayland
Version: 2:1.20.3-1
Severity: important
Dear Maintainer,
I'm using Debian testing (buster) and face random crashes when using OpenGL
apps. Those occur often after only a few minutes.
The display freezes (keeping the picture of the last rendered frame) and I have
no choice than
Hi
> From v228
> https://github.com/systemd/systemd/blob/master/NEWS#L3926
> From v209
> https://github.com/systemd/systemd/blob/master/NEWS#L6855
Ok, but the documentation o freedesktop.org and the man pages do not
mention that, and in fact mention the contrary ...
Nobody is supposed to wade
Control: severity 900984 wishlist
Control: severity -1 wishlist
On April 25, 2019 at 11:47AM +0800, jidanni (at jidanni.org) wrote:
> Lynx, chromium work fine.
> $ w3m
> https://branch.taipower.com.tw/content/Messagess/Contents.aspx?SiteID=564732602442427467=564732602561157543=564734220745242356
Woops, I'm fixing the bad changelog entry (ie: dcut, rebuild and
reupload). Sorry for this.
Cheers,
Thomas Goirand (zigo)
Am 25.04.19 um 11:33 schrieb Michael Biebl:
> Am 25.04.19 um 11:28 schrieb Michael Biebl:
>> Thanks. So with the above, what you should get is that %h is resolved to
>> /root, as you run that service as a system service. Or is %h not
>> expanded at all?
>
> Actually, I think systemd resolves %h
On 4/25/19 11:44 AM, Thomas Goirand wrote:
> Hi,
>
> I've uploaded the fix to DELAYED/7. Debdiff attached.
> Let me know if I should dcut rm the upload.
>
> Cheers,
>
LGTM
Hi,
I've uploaded the fix to DELAYED/7. Debdiff attached.
Let me know if I should dcut rm the upload.
Cheers,
Thomas Goirand (zigo)
diff -Nru ipset-6.38/debian/changelog ipset-6.38/debian/changelog
--- ipset-6.38/debian/changelog 2018-09-01 19:28:18.0 +0200
+++
Dear Maintainer,
the following patch fixes the problem for me, tested locally.
Please consider applying it.
Cheers,
Chris
--- audit-2.8.4.orig/bindings/swig/src/auditswig.i
+++ audit-2.8.4/bindings/swig/src/auditswig.i
@@ -41,6 +41,6 @@ typedef unsigned __u32;
typedef unsigned uid_t;
%include
Hi,
On Sat, 20 Apr 2019 at 08:15, Salvatore Bonaccorso wrote:
> Hi
>
> From [1]
>
> > EAP-pwd message reassembly issue with unexpected fragment
> >
> > Published: April 18, 2019
> > Latest version available from: https://w1.fi/security/2019-5/
Thanks for filing the bug. I was aware of this
Hi,
On Thu, 25 Apr 2019 14:44:08 +0530
Gaurav Mishra wrote:
> Thanks for the support. I have created public repository just for the
> purpose of Debian packaging on salsa.debian.org.
>
> Here is the link: https://salsa.debian.org/fossology-team/fossology
Thanks, I'll ask to join to it, and
Am 25.04.19 um 11:28 schrieb Michael Biebl:
> Thanks. So with the above, what you should get is that %h is resolved to
> /root, as you run that service as a system service. Or is %h not
> expanded at all?
Actually, I think systemd resolves %h for PID 1 to '/'. Would need to
double check though.
Am 25.04.19 um 11:09 schrieb Norbert Preining:
> Hi Michael,
>
> On Thu, 25 Apr 2019, Michael Biebl wrote:
>> Looks like a duplicate of
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868269
>
> Indeed. Interesting that systemd changed the behaviour but it is not
> documented ... (well ...
Package: python-audit
Version: 1:2.8.4-2
Severity: grave
Tags: upstream
Justification: renders package unusable
Dear Maintainer,
The following operations fail due to a SWIG-related type error:
```
% sudo python
Python 2.7.16 (default, Apr 6 2019, 01:42:57)
[GCC 8.3.0] on linux2
Type "help",
Hello Hideki,
Thanks for the support. I have created public repository just for the
purpose of Debian packaging on salsa.debian.org.
Here is the link: https://salsa.debian.org/fossology-team/fossology
Thanks and regards,
Gaurav Mishra
On Thu, 25 Apr 2019 at 14:33, Hideki Yamane wrote:
> Hi,
Hey, sorry for the lack of engagement on my part. I've been
travelling and on family holidays. I won't be back to the machine
that had the problem until July, but I've made a note to
specifically verify this bug fix then.
Thanks a lot — as always — for your fast turnaround!
--
.''`. martin
Hello,
I have updated the dependencies and made them specific to Debian Stretch.
I have also tested the same using pbuilder.
Can you please check again?
With best regards,
Gaurav Mishra
-Original Message-
From: Adam Borowski
Sent: 15 April 2019 13:00
To: Mishra, Gaurav (IOT DS AA DTS
Hello,
Thank you for contacting the Good Food Foundation! This email address is no
longer active. Please
contact us at conn...@goodfoodfdn.org and update your records to reflect the
change.
All the best,
The Good Food Foundation Team
Package: tripwire
Version: 2.4.3.1-2+b4
Severity: normal
Tags: newcomer
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
Daily tripwire emails reported modifications of log files. Of course log files
are modified.
Closer look at
Hi Michael,
On Thu, 25 Apr 2019, Michael Biebl wrote:
> Looks like a duplicate of
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868269
Indeed. Interesting that systemd changed the behaviour but it is not
documented ... (well ... we know).
> Can you attach the full .service file please.
Additional information:
How to reproduce (on Debian Stretch):
sudo apt update
sudo apt install libopenscap8
wget https://www.debian.org/security/oval/oval-definitions-stretch.xml
oscap oval eval oval-definitions-stretch.xml
this produces the error:
OpenSCAP Error: Schema file not found when
Package: wnpp
Severity: wishlist
* Package name: prometheus-ipmi-exporter
Version : 11f380924f70eb6469bb2fb18de1fb70d6dc0477
Upstream Author : SoundCloud Ltd., Conrad Hoffmann, Björn Rabenstein,
Jarred Trainor, René Treffer, Yuyin Yang
* URL :
Hi,
On Mon, 18 Mar 2019 12:09:39 +0530
Gaurav Mishra wrote:
> Thank you for the pointers. I will follow it and create a RFS following the
> same.
Just curious, is there any public repository for the packaging?
If not, I'll create it on salsa.debian.org.
--
Hideki Yamane
Source: libxmlada
Version: 18-3
Severity: serious
Justification: Policy 4.2
unicode-data 12.0.0 is now in unstable/testing (Buster).
libxmlada FTBFS with this:
raised SYSTEM.ASSERTIONS.ASSERT_FAILURE : file name too long:
Egyptian_Hieroglyph_Format_Controls
make[1]: *** [debian/rules:83:
Am 25.04.19 um 01:55 schrieb Norbert Preining:
> Package: systemd
> Version: 241-3
> Severity: important
>
> Hi
>
> it seems that the documentation of systemd is incorrect, or incomplete,
> as it states that
> suffix. In the unit file itself, the instance parameter may be referred
> to
Source: node-unicode-data
Version: 0~20181101+gitaddfb440-1
Severity: serious
Justification: Policy 4.2
node-unicode-data FTBFS with unicode-data 12.0.0 and needs to be updated.
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture:
Source: gucharmap
Version: 1:11.0.3-2
Severity: serious
Justification: Policy 4.2
unicode-data 12.0.0 is now in unstable/testing (Buster).
gucharmap FTBFS with this;
In file included from gucharmap-unicode-info.c:33:
unicode-versions.h:331:21: error: ‘GUCHARMAP_UNICODE_VERSION_12_0’ undeclared
On 2019-04-25 1:35 a.m., Eduard Bloch wrote:
> On Mon, 7 May 2018 12:15:37 +0200 =?UTF-8?Q?Michel_D=c3=a4nzer?=
> wrote:
>> On 2018-05-05 04:20 PM, Eduard Bloch wrote:
>>> Package: xserver-xorg-video-amdgpu
>>> Version: 18.0.1-1
>>> Severity: normal
>>>
>>> Hello,
>>>
>>> my card (cheaper
On 2019-04-25 9:16 a.m., - wrote:
> This morning I applied all available updates, did a reboot, waited ~10
> sec and then connected the dock. Monitor arrangement was fine and GNOME
> Shell did not crash.
> But this time Chromium was not responding correctly (e.g. right click
> to open a folder
Source: utf8proc
Version: 2.2.0-1
Severity: serious
Justification: Policy 4.2
unicode-data 12.0.0 is now in unstable/testing (Buster).
utf8proc 2.2.0-1 FTBFS with this; it needs updating to 2.3.0.
It is expected that unicoode-data will be updated to 12.1.* (probably
12.1.0~pre1-1) for Buster to
Package: libqt5core5a
Version: 5.11.3+dfsg1-1
Severity: important
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear Maintainer,
Applications rely on libQt5Core.so.5, e.g. paraview or qml, does not
start with following error:
$ paraview
/usr/lib/paraview/paraview: error while loading shared
Source: 389-ds-base
Version: 1.4.0.22-1
Severity: important
Tags: security upstream
Forwarded: https://pagure.io/389-ds-base/issue/50329
Control: found -1 1.4.0.21-1
Hi,
The following vulnerability was published for 389-ds-base.
CVE-2019-3883[0]:
| In 389-ds-base up to version 1.4.1.2, requests
Source: openscap
Version: 1.2.9-1+b2
Severity: normal
The schema used to generate the Debian OVAL files was updated last
week[0], to take advantage of the new debian_evr_string datatype in OVAL
schema version 5.11.1.
Because of this, the version of openscap in stretch can't parse them
anymore.
Package: sponsorship-requests
Severity: wishlist
Dear mentors,
I am looking for a sponsor for my package "scdoc"
* Package name : scdoc
Version : 1.9.4-2
Upstream Author : Drew DeVault
* Url : https://git.sr.ht/~sircmpwn/scdoc
* Licenses : MIT
Source: c3p0
Version: 0.9.1.2-10
Severity: important
Tags: security upstream
Control: found -1 0.9.1.2-9+deb9u1
Control: found -1 0.9.1.2-9
Hi,
The following vulnerability was published for c3p0.
CVE-2019-5427[0]:
| c3p0 version 0.9.5.4 may be exploited by a billion laughs attack
| when
Caddy just got a 1.0.0 release.
What is the progress of packaging?
I’ll have a patch for platforms without atomic support for you.
--
Ondřej Surý
> On 25 Apr 2019, at 08:49, Bernhard Schmidt wrote:
>
> Package: src:bind9
> Severity: grave
> Tags: security, upstream
>
> CVE: CVE-2018-5743
> Document version:2.0
> Posting date:24
Source: bind9
Version: 1:9.11.5.P4+dfsg-3
Severity: grave
Tags: security upstream
Justification: user security hole
Control: clone -1 -2
Control: reassign -2 src:bind 1:9.13.3-1
Control: retitle -2 bind: CVE-2018-5743: Limiting simultaneous TCP clients is
ineffective
Control: found -1
This could all be fixed in master (where we have Gmsh 4.3.0). Should
perhaps be uploaded soon.
On Wed, Apr 24, 2019 at 8:33 PM Juhani Numminen
wrote:
>
> Control: retitle -1 gmsh: FTBFS in buster
> ("/usr/include/occt/Standard_Version.hxx" cannot be read)
>
>
> Hi,
>
> I believe the relevant
Package: icu
Tags: fixed-upstream, l10n
Hi,
As http://site.icu-project.org/home, upstream says
> These maintenance updates for past ICU versions include support for new
> Japanese era Reiwa (令和)
However, it also seems to include other changes (in 63.2)
> $ diff -urN /tmp/icu-63.1 icu|wc
On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote:
> Hi Thomas,
>
> On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
>> severity 926043 important
>> thanks
>>
>> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
>>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
Source: bind
Version: 1:9.13.3-1
Severity: grave
Tags: security upstream
Justification: user security hole
Hi
See https://kb.isc.org/docs/cve-2019-6467 (only affecting bind
versions in experimental).
Regards,
Salvatore
Package: src:bind9
Severity: grave
Tags: security, upstream
CVE: CVE-2018-5743
Document version:2.0
Posting date:24 April 2019
Program impacted:BIND
Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6,
9.12.0 -> 9.12.4, 9.14.0. BIND
Package: mecab-ipadic
Version: 2.7.0-20070801+main-2
Severity: important
We need the new entry of Japanese emperical era name.
Similar issue had reported to mozc:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927030
The patch is there:
Package: anthy
Version: 1:0.3-8
Severity: important
We need the new entry of Japanese emperical era name.
Similar issue had reported to mozc:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927030
The patch is there:
On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote:
> Hi Thomas,
>
> On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
>> severity 926043 important
>> thanks
>>
>> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
>>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package scoop
* QA upload.
* Replace deprecated Sphinx module pngmath with imgmath
Closes: #924838
* Ignore test result (attempt to access remote host)
* Secure
Control: retitle -1 irrlicht makefile does not honor CFLAGS
Control: severity -1 minor
On Fri, 19 Apr 2019 23:33:53 -0400 PICCORO McKAY Lenz
wrote:
> in Makefile line 84 we have a non override CFLAG set as:
>
> irrlicht-1.8.4.0/source/Irrlicht/Makefile
>
> CFLAGS := -O3
Package: libpetsc-real3.11
Version: 3.11.0+dfsg1-1exp1
The --with-fortran-interfaces=1 and --useThreads=0 are no longer valid
options for configure. configure --help does not show them and removing
them causes no issues on my ubuntu PPA
101 - 169 of 169 matches
Mail list logo