Package: wnpp
Severity: wishlist
Owner: Alessandro Ghedini
* Package name: honggfuzz
Version : 1.9
Upstream Author : Robert Swiecki
* URL : https://github.com/google/honggfuzz
* License : Apache 2.0
Programming Lang: C
Description : security oriented
Package: kcov
Severity: important
Hello,
The kcov package appears to not be maintained anymore (several RC bugs, very old
upstream version, ...) so I intend to take over its maintainance as per the
package salvaging procedure outlined in the Developer's Reference [0].
Please let me know if you
Control: forwarded -1 https://github.com/curl/curl/pull/4111
Control: tags -1 pending
On Wed, Apr 03, 2019 at 09:48:15PM +, Bjarni Ingi Gislason wrote:
> Package: curl
> Version: 7.64.0-2
> Severity: normal
> Tags: patch
>
> Dear Maintainer,
>
>* What led up to the situation?
>
>
On Sat, Apr 20, 2019 at 01:39:36PM +0200, Guillem Jover wrote:
> Source: curl
> Source-Version: 7.64.0-2
> Severity: serious
> Control: affects -1 rtorrent
>
> Hi!
Hello,
> I've started noticing rtorrent busy-looping at some points after
> finishing a torrent. stracing and gdb'ing the process
:05.0 +
+++ curl-7.64.0/debian/changelog 2019-03-07 20:02:35.0 +
@@ -1,3 +1,9 @@
+curl (7.64.0-2) unstable; urgency=medium
+
+ * Fix infinite loop when fetching URLs with unreachable IPv6 (Closes: #922554)
+
+ -- Alessandro Ghedini Thu, 07 Mar 2019 20:02:35 +
+
curl
forwarded -1 https://github.com/curl/curl/pull/3528
kthxbye
On Tue, Feb 05, 2019 at 01:58:50PM -0400, David Bremner wrote:
> Package: curl
> Version: 7.63.0-1
> Severity: normal
>
> Seen on #zsh / arch, verified also present in Debian; presumably an upstream
> bug.
>
> ╭─ rocinante:~
> ╰─%
On Sun, Dec 09, 2018 at 04:28:00PM -0500, Boyuan Yang wrote:
> X-Debbugs-CC: gh...@debian.org
>
> Hi Alessandro,
Hello,
> On Thu, 08 Jun 2017 18:38:55 +0200 "W. Martin Borgert" <
> deba...@debian.org> wrote:
> > Package: xclip
> > Version: 0.12+svn84-4
> > Severity: wishlist
> >
> > Upstream
On Wed, Nov 28, 2018 at 07:19:25PM +, Witold Baryluk wrote:
> Package: curl
> Version: 1.1.1a-1
> Severity: important
>
>
> Hi,
>
> I discovered that during test with curl, that curl in Debian doesn't support
> TLSv1.3.
It works for me:
% curl --tlsv1.3 -vso /dev/null
On Thu, Nov 01, 2018 at 08:01:24PM +, Luca Boccassi wrote:
> Control: tags -1 patch
>
> On Tue, 12 Apr 2016 17:11:45 +1200 Jeremy Kuek com> wrote:
> > Package: libcurl3
> > Version: 7.38.0-4+deb8u3
> > Severity: wishlist
> >
> > Dear Maintainer,
> >
> > My system has 2 network interfaces,
On Thu, Sep 20, 2018 at 09:09:39PM +0200, Jean Baptiste Favre wrote:
> Source: jansson
> Severity: wishlist
>
> Dear Maintainer,
>
> Next release of trafficserver provides a plugin depending on jansson.
> Currently, jansson seems to be built staticaly:
>
> checking jansson.h usability... yes
>
Package: wnpp
Severity: normal
I intend to orphan the hsetroot package since I don't use thi myself anymore.
You can find the sources on salsa:
https://salsa.debian.org/debian/hsetroot
The package description is:
hsetroot is a tool which allows you to compose wallpapers ("root pixmaps")
for
On Wed, Jul 18, 2018 at 05:47:58PM +0200, Ansgar Burchardt wrote:
> Hi,
>
> I can confirm that the patch referenced at [1] seems to fix the problem
> (upstream commit 64aa729bfae71561505a40c12755bd6b55bb3061).
>
> I'll try to prepare a NMU for valgrind; maybe already this evening if I
> have
On Thu, Jun 28, 2018 at 09:55:01PM -0300, Adilson dos Santos Dantas wrote:
> Package: upower
> Version: 0.99.8-1
> Severity: important
>
> Dear Maintainer,
>
> After upgrading upower to 0.99.8-1, my KDE power saving settings stops
> working.
> There is no reaction when I unplug and plug back my
On Mon, May 28, 2018 at 01:09:14PM +0200, Emilio Pozuelo Monfort wrote:
> Control: tags -1 - confirmed
>
> On 23/05/18 13:07, Emilio Pozuelo Monfort wrote:
> > On 23/04/18 20:38, Emilio Pozuelo Monfort wrote:
> >> On 01/03/18 22:31, Alessandro Ghedini wrote:
> >
On Thu, Mar 01, 2018 at 09:31:20PM +, Alessandro Ghedini wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: transition
>
> Hello,
>
> I'd like to request a transition for curl in order to unblock the mi
On Sat, Feb 24, 2018 at 12:50:41PM +, Alessandro Ghedini wrote:
> On Wed, Feb 21, 2018 at 11:14:24AM -0800, Steve Langasek wrote:
> > Hi again,
> >
> > On Tue, Feb 20, 2018 at 06:16:34PM -0800, Steve Langasek wrote:
> > > So, despite Julien's valid objection tha
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hello,
I'd like to request a transition for curl in order to unblock the migration
to OpenSSL 1.1 (#871056). This is necessary due to the fact that the curl ABI
exposes a structure
Control: owner -1 !
Since there hasn't been an update in over a year, I'm going to reassign this
ticket to myself. I already uploaded the initial version to NEW. For those
interested, here is the salsa repo:
https://salsa.debian.org/debian/universal-ctags
Btw, I'm open to co-maintaining this
On Wed, Feb 21, 2018 at 11:14:24AM -0800, Steve Langasek wrote:
> Hi again,
>
> On Tue, Feb 20, 2018 at 06:16:34PM -0800, Steve Langasek wrote:
> > So, despite Julien's valid objection that core library conflicts cause
> > dist-upgrades to be more brittle, I think the right answer here is:
>
> >
Package: wnpp
Severity: normal
I intend to orphan the xcompmgr package since I do not use it anymore.
The package description is:
xcompmgr is the standard composition manager for the X Composite extension,
which allows clients to modify what is drawn to the screen before it
happens. This
On Sun, Dec 17, 2017 at 11:16:29PM +0200, Adrian Bunk wrote:
> On Fri, Dec 08, 2017 at 05:44:55PM +0100, Ondřej Surý wrote:
> > Hi,
> >
> > just innocent bystander here with an observation:
> >
> > These two options:
> >
> > a)
> > > I do agree it's the correct solution though, and it would be
On Sat, Dec 02, 2017 at 06:09:39PM +0100, Julien Cristau wrote:
> On Thu, Nov 23, 2017 at 15:49:26 +, Ian Jackson wrote:
> > Reasons I am aware that it *might* be a bad idea are:
> >
> > 1. libcurl exposes parts of the openssl ABI, via
> >CURLOPT_SSL_CTX_FUNCTION, and this would be an
On Thu, Nov 23, 2017 at 07:10:51PM +, Ian Jackson wrote:
> Adrian Bunk writes ("Re: Proposed (lib)curl switch to openssl 1.1"):
> > What I suggest above would be a transition that should be coordinated
> > with the release team like other transitions.
>
> I'm not 100% opposed to doing this as
Package: wnpp
Severity: normal
I don't quite have the time or interest to continue maintaining this, so I
request an adopter for the imlib2 package.
The package description is:
Imlib2 is a library that does image file loading and saving as well as
rendering, manipulation, arbitrary polygon
Package: wnpp
Severity: wishlist
Owner: Alessandro Ghedini <gh...@debian.org>
* Package name: pulsemixer
Version : 1.3.0
Upstream Author : George Filipkin <botebote...@gmail.com>
* URL : https://github.com/GeorgeFilipkin/pulsemixer
* License : MIT
On Sat, Sep 09, 2017 at 04:11:59PM +0100, Wookey wrote:
> Package: curl
> Version: 7.52.1-5
> Severity: normal
> Tags: patch
>
> curl needs dh-exec to build, because curl.install is
> #!/usr/bin/dh-exec
> usr/bin/curl
> usr/share/zsh/*
Don't know where this comes from, but that's not the
On Sun, Aug 20, 2017 at 11:01:28AM -0400, John David Anglin wrote:
> Package: curl
> Version: 7.52.1-5
> Followup-For: Bug #872502
>
> Dear Maintainer,
>
> See buildd log here:
> https://buildd.debian.org/status/fetch.php?pkg=curl=hppa=7.55.0-1=1503192493=0
>
> "|| defined(__hppa__)" needs to
On Sun, Mar 12, 2017 at 02:11:48PM +, Alessandro Ghedini wrote:
> On Fri, Mar 03, 2017 at 09:41:03AM +0100, lcf wrote:
> > Package: curl
> > Version: 7.52.1-3
> > Severity: important
> >
> > Dear Maintainer,
> >
> > When establishing https conn
On Fri, Mar 03, 2017 at 09:41:03AM +0100, lcf wrote:
> Package: curl
> Version: 7.52.1-3
> Severity: important
>
> Dear Maintainer,
>
> When establishing https connection X.509 certificates using md5RSA should be
> rejected and connection should be terminated.
>
> curl 7.52.1 can do that, when
On Tue, Nov 22, 2016 at 09:06:05AM +, Debian Bug Tracking System wrote:
> iptables (1.6.0+snapshot20161117-3) unstable; urgency=medium
> .
>* [21fdc57] libxtables12: breaks and replaces libxtables11 (Closes:
> #845278)
This isn't actually fixed, "<<" doesn't mean what you think it
Package: node-grunt-cli
Version: 1.2.0-1
Severity: grave
Justification: renders package unusable
Hello,
when trying to install the package I get:
The following packages have unmet dependencies:
node-grunt-cli : Depends: node-findup-sync (>= 0.3.0) but 0.1.3-1 is to be
installed
E:
On Sun, Oct 02, 2016 at 07:31:17PM +0200, Guido Günther wrote:
> On Sun, Oct 02, 2016 at 11:42:49AM +0100, Alessandro Ghedini wrote:
> > Package: git-buildpackage
> > Version: 0.8.4
> > Severity: normal
> >
> > Hello,
> >
> > I have the following
Package: git-buildpackage
Version: 0.8.4
Severity: normal
Hello,
I have the following values in my gbp.conf:
[DEFAULT]
...
export-dir = ~/devel/debian/build-area
tarball-dir = ~/devel/debian/build-area
However when building a package I now get:
% gbp buildpackage
AttributeError: 'file' object has no attribute 'readable'
> gpg: Signature made Sat 03 Sep 2016 12:33:10 BST
> gpg: using RSA key 6F0CCBE021624728
> gpg:issuer "gh...@debian.org"
> gpg: Good signature from "Alessandro Ghedini <alessan.
> [..]
>
> The full build log (including tcpdump output) is attached.
Possible patch attached, could you please test it?
Thanks
From dcb559a161960ff387d2b1552ec4c81b54db4554 Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini <alessan...@ghedini.me>
Date: Sun, 28 Aug 2016 14:45:15 +01
On Tue, Aug 02, 2016 at 06:52:39PM +0100, Alessandro Ghedini wrote:
> and when building the keyrings from the git repository it appears four times:
>
> % gpg2 --no-default-keyring --keyring output/keyrings/debian-keyring.gpg
> --list-keys gh...@debian.org
> pub rsa4096/AFA51B
rsa4096/AFA51BD6CDE573CB 2010-10-29 [SC]
uid [ unknown] Alessandro Ghedini <alessan...@ghedini.me>
uid [ unknown] Alessandro Ghedini <alex...@cpan.org>
uid [ unknown] Alessandro Ghedini <gh...@debian.org>
sub rsa4096/386B706D9A7B
On Wed, Jul 06, 2016 at 11:15:44am +0200, gustavo panizzo wrote:
> > * I think the examples/ directory should be included in the package but
> >installed as examples files. See dh_installexamples(1) for more
> > information,
> >but basically you'd need to create an *.examples file under
On Mon, Jul 04, 2016 at 09:52:50AM +0200, gustavo panizzo wrote:
> On Mon, Jul 04, 2016 at 12:57:47AM +0100, Alessandro Ghedini wrote:
> >
> > Any news about this? I'd be interested in using such package :)
> >
> > Cheers
>
> Packaging is ready waiting
Hello,
On Mon, Dec 28, 2015 at 02:04:06pm +0800, gustavo panizzo wrote:
> Package: wnpp
> Severity: wishlist
> Owner: gustavo panizzo
>
> * Package name: golang-github-docopt-docopt-go
> Version : 0.6.1
> Upstream Author : Keith Batten
> * URL :
On Sat, Apr 09, 2016 at 10:03:08am +, Mateusz Łukasik wrote:
> tag 816973 pending
> thanks
>
> Hello,
>
> Bug #816973 reported by you has been fixed in the Git repository. You can
> see the changelog below, and you can check the diff of the fix at:
>
>
On Fri, Oct 23, 2015 at 03:25:53PM +0200, Mathieu Malaterre wrote:
> Package: valgrind
> Version: 1:3.11.0-1
> Tags: upstream
>
> Seems like gcc 5 is doing something funky
> (/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21):
>
> ==3674==
> ==3674== HEAP SUMMARY:
> ==3674== in use at exit:
On Fri, Oct 23, 2015 at 05:06:17PM +1100, Sylvain BERTRAND wrote:
> Package: mpv
> Version: 0.6.2-2
>
> mpv fill memory while playing a vp9/opus/webm video file.
> totem is fine, it seems mpv is fine while playing an avc/aac/mp4 video file.
It's probably a ffmpeg issue, but could you upload
On Fri, Jan 08, 2016 at 01:31:48PM +1100, Martin Schwenke wrote:
> Package: valgrind
> Version: 1:3.11.0-1
> Severity: important
>
> When I run valgrind against anything, I see warnings like this:
>
> $ valgrind -q /bin/echo
> --14923-- WARNING: Serious error when reading debug info
> --14923--
On Sun, Jan 03, 2016 at 05:30:58PM +0800, Tianming Xie wrote:
> Package: mpv
> Version: 0.14.0-1
> Severity: normal
>
> Dear Maintainer,
>
> After upgraded to the current version, mpv can never load external ASS
> subtitle
> file any more, neither a subtitle file located beside the
On Fri, Dec 04, 2015 at 05:52:36PM +0100, gregor herrmann wrote:
> On Wed, 02 Dec 2015 17:20:31 +0100, Sylvestre Ledru wrote:
>
> > >> Does this make sense? (Adding Alessandro as well as both upstream and
> > >> DD.)
> > > That's even better, indeed! Sylvestre can better comment on the approach,
On Thu, Oct 29, 2015 at 07:52:23pm +, luca wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear release team,
>
> We would like to update libvdpau in jessie to address a segmentation fault in
> a
>
On Tue, Oct 06, 2015 at 05:14:15PM +0100, Luca Boccassi wrote:
> On Tue, 2015-10-06 at 14:18 +0200, Svante Signell wrote:
> >
> > Currently czmq is not available for GNU/Hurd due to an unsupported OS
> > error and a build dependency on zeromq3.
> >
> > zeromq3 FTBFS due to an unsupported OS
Control: tags - fixed-upstream
On Sun, Sep 27, 2015 at 11:08:14am -0500, Herminio Hernandez Jr. wrote:
> I tried with both option and video playback was extremely slow and out of sync
> with the audio. Below is the output I got.
So, even with --hwdec=no mpv decides to fallback to vo=sdl and the
On Wed, Sep 30, 2015 at 01:00:55pm +0200, Tomasz Buchert wrote:
> Package: curl
> Version: 7.44.0-2
> Severity: normal
>
> Hi,
> curl --http2 does not work for me.
Works fine here with e.g. https://www.google.com, https://http2.golang.org and
https://http2.cloudflare.com.
> I have nghttpx
On Wed, Sep 30, 2015 at 10:05:09PM +0200, Tomasz Buchert wrote:
> On 30/09/15 21:31, Alessandro Ghedini wrote:
> > On Wed, Sep 30, 2015 at 01:00:55pm +0200, Tomasz Buchert wrote:
> > > Package: curl
> > > Version: 7.44.0-2
> > > Severity: normal
> > >
On Sat, Sep 26, 2015 at 05:18:01pm -0500, Herminio Hernandez Jr wrote:
> Package: mpv
> Version: 0.11.0-1
> Severity: normal
>
> Dear Maintainer,
>
> I am can no longer play videos on mplayer with the --vo x11 option. I am
> running Sid on PowerPC and the video card I have crashes when I have
On Fri, Sep 25, 2015 at 11:45:09am +0200, Raphaël Hertzog wrote:
> Package: valgrind
> Version: 1:3.10.1-4
> Severity: wishlist
> User: de...@kali.org
> Usertags: origin-kali
>
> Hello,
>
> I just noticed[1] that there's a new upstream version of valgrind:
>
Control: tags -1 fixed-upstream
On Thu, Sep 10, 2015 at 03:29:57pm +0200, Andre Naujoks wrote:
> Hi.
>
> Sorry for the noise. I just noticed, that this fix is already in the
> upstream svn. Not yet released though.
>
> I don't know how something like this is handled, so .. - again - sorry
>
On Thu, Sep 10, 2015 at 08:05:22am +0200, Daniel Stenberg wrote:
> Seeing that nghttp2 was just updated in Sid to 1.3.0, is there a chance now
> for curl to get HTTP/2 enabled?
Uploaded curl 7.44.0-2 just now, with HTTP/2 support enabled
Chers
signature.asc
Description: Digital signature
On Sat, Sep 05, 2015 at 12:55:43PM +0100, Luca Boccassi wrote:
> On Thu, 2015-09-03 at 14:49 +0200, Alessandro Ghedini wrote:
> > Source: libvdpau
> > Severity: important
> > Tags: security, fixed-upstream
> >
> > Hi,
> >
> > the followin
Source: libvdpau
Severity: important
Tags: security, fixed-upstream
Hi,
the following vulnerabilities were published for libvdpau.
CVE-2015-5198[0]:
incorrect check for security transition
CVE-2015-5199[1]:
directory traversal in dlopen
CVE-2015-5200[2]:
vulnerability in trace functionality
Control: forwarded -1
https://release.debian.org/transitions/html/auto-ecasound.html
On Mon, Aug 24, 2015 at 10:25:46am +0100, Simon McVittie wrote:
On Wed, 19 Aug 2015 at 10:17:19 +0100, Simon McVittie wrote:
In the case of ecasound, the C++ dependencies don't seem to have been
flagged for
On Sun, Aug 23, 2015 at 05:32:18PM +0200, Julien Cristau wrote:
On Fri, Nov 21, 2014 at 16:02:15 +0100, Alessandro Ghedini wrote:
diff --git a/debian/patches/22_systemd_service.diff
b/debian/patches/22_systemd_service.diff
new file mode 100644
index 000..3d8161d
--- /dev/null
Control: block -1 by 784666
On Fri, Aug 21, 2015 at 10:59:41am +0200, Arnout Engelen wrote:
Package: curl
Version: 7.44.0-1
Severity: normal
Dear Maintainer,
When making a request with '--http2', I get the error message
curl: (1) Unsupported protocol.
Unfortunately the version of the
On Tue, Aug 18, 2015 at 01:32:19pm +0200, Vincent Lefevre wrote:
Package: lynx-cur
Version: 2.8.9dev6-3
Severity: serious
Tags: security
If I run
lynx https://www.vinc17.net:4434/
I get
SSL error:The certificate is NOT trusted. The certificate chain is revoked.
-Continue?
On Sat, Aug 15, 2015 at 05:00:29PM +0200, Marcel Partap wrote:
Package: libasound2-plugin-equal
Version: 0.6-6
Severity: wishlist
The main reasons being that
a) it is a hidden gem that should not hide in the dark (libs section)
b) it easily gets removed accidently by marking all packages
On Sat, Aug 08, 2015 at 09:25:01pm +0200, Bastien ROUCARIES wrote:
Dear security team
I am looking for a sponsor for my package imagemagick about a
security fix and I am waiting for your green light.. Fixing #770009
help buildd but is not a security fix (but nevertheless it will help
the
Control: found -1 opensaml2/2.4.3-4
Control: fixed -1 opensaml2/2.4.3-4+deb7u1
Control: fixed -1 opensaml2/2.5.3-2+deb8u1
On Fri, Aug 07, 2015 at 12:36:18pm +0200, Sergio Gelato wrote:
Package: opensaml2
Version: 2.5.3-2
Severity: serious
Tags: security
The upstream security advisory for
reopen 791026
user release.debian@packages.debian.org
usertag 791026 + transition
block 791026 by 790756
reassign 791026 release.debian.org
kthxbye
On Fri, Jul 03, 2015 at 01:09:43pm +, Matthias Klose wrote:
Package: src:ecasound
Version: 2.9.1-5
Severity: important
Tags: sid stretch
On mer, lug 01, 2015 at 01:17:10 +, Franz Schrober wrote:
Package: curl
Version: 7.43.0-1
Severity: normal
Hi Franz,
sorry for the delay, I seem to have missed the report when you submitted it...
sid seems to be changed from curl-openssl to curl-gnutls. As result client
certificates
On Thu, Jul 30, 2015 at 08:24:34PM +0100, Luca Boccassi wrote:
On Thu, 2015-07-30 at 16:58 +0200, Alessandro Ghedini wrote:
* The -dev package should just be named libczmq-dev (i.e. without the
version),
this way next time the project bumps the SONAME it'll be easier to do
file
vulnerability
It has been closed by Alessandro Ghedini gh...@debian.org.
Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Alessandro Ghedini
gh
On Thu, Jul 23, 2015 at 03:58:55AM +0100, Luca Boccassi wrote:
owner 630761 luca.bocca...@gmail.com
thanks
Note that you need to CC cont...@bugs.debian.org for this to work, or you can
use the Control pseudo-header.
Hello,
Hi,
I took the liberty of upgrading the repository on Alioth [1] to
Control: tags -1 fixed-upstream
On Mon, Jun 29, 2015 at 06:01:04pm +0200, Guillem Jover wrote:
Package: mpv
Version: 0.9.2-1+ffmpeg
Severity: normal
Hi!
[ First of all, thanks for providing a ffmpeg version of the package,
there's quite some media that does not play correctly with
Source: tidy
Version: 20091223cvs-1.2
Severity: important
Tags: security upstream patch
Hi,
the following vulnerabilities were published for tidy.
CVE-2015-5522[0]:
AddressSanitizer: heap-buffer-overflow WRITE of size 1
CVE-2015-5523[1]:
small file can lead to a 4 Gb allocation; potential DoS
Control: forwarded -1 https://github.com/mpv-player/mpv/issues/2110
Sorry for the delay.
On mer, lug 01, 2015 at 10:35:13 +0200, Andreas Cadhalpun wrote:
Hi Guillem,
On 30.06.2015 23:14, Andreas Cadhalpun wrote:
On 30.06.2015 21:40, Guillem Jover wrote:
Perhaps, but the comment at
Control: tags -1 pending
On mer, giu 24, 2015 at 12:24:57 -0300, Juan Picca wrote:
Package: jansson
Version: 2.7-3
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
Hi!
While working on the reproducible builds effort [1], we have
On Thu, Jun 18, 2015 at 09:17:40PM +0200, Daniele Tricoli wrote:
On Wednesday 17 June 2015 22:49:24 Moritz Mühlenhoff wrote:
Any feedback from your sponsor?
Sorry I was a bit busy so I finalized the package only now. :(
Already sent an RFS and Piotr is usually very fast, so it should be
Control: reassign -1 libnettle4
Control: forcemerge 787620 -1
On Wed, Jun 10, 2015 at 03:31:13PM +0200, nfb wrote:
Package: mpv
Version: 0.9.2-1
Severity: important
Hi,
after today's upgrade which installed libnettle6 as dependency, i get
segmentation fault running mpv.
Here is the gdb
On lun, giu 08, 2015 at 03:29:02 +0200, Raphael Hertzog wrote:
On Mon, 08 Jun 2015, Alessandro Ghedini wrote:
On lun, giu 08, 2015 at 02:36:17 +0200, Raphael Hertzog wrote:
Dear members of the security team,
Craig told me (cf message below) that you refused new upstream releases
On lun, giu 08, 2015 at 02:36:17 +0200, Raphael Hertzog wrote:
Dear members of the security team,
Craig told me (cf message below) that you refused new upstream releases of
Wordpress to fix security issues in stable/oldstable. Since we already did
that in the past with Yves-Alexis Perez,
On Mon, Jun 08, 2015 at 03:10:53PM +0200, Alessandro Ghedini wrote:
On lun, giu 08, 2015 at 02:36:17 +0200, Raphael Hertzog wrote:
Dear members of the security team,
Craig told me (cf message below) that you refused new upstream releases of
Wordpress to fix security issues in stable
On dom, giu 07, 2015 at 01:44:36 +0200, Vincent Lefevre wrote:
On 2015-06-07 11:40:56 +0200, Alessandro Ghedini wrote:
I can't reproduce any of this. Can you please run the command above
with the -v option and post the output?
xvii:~ curl -v https://www.vinc17.net/
* Trying
On dom, giu 07, 2015 at 12:21:15 +0200, Vincent Lefevre wrote:
Control: retitle -1 no longer works with https - breaks bti and curl
On 2015-06-07 00:16:15 +0200, Vincent Lefevre wrote:
After the upgrade to libcurl3-gnutls 7.42.1-2+b1, bti no longer works
at all. For instance:
[...]
It
Control: reassign -1 openssl
Control: forcemerge 768476 -1
Control: affects -1 + libcurl3
On gio, giu 04, 2015 at 11:52:27 +0100, Peter T. Breuer wrote:
Versions of packages libcurl3:i386 depends on:
ii libc6 2.19-18
ii libcomerr21.42.12-1.1
ii libgssapi-krb5-2
On lun, mag 25, 2015 at 01:46:47 +0200, Bálint Réczey wrote:
Hi Alessandro,
2015-05-24 12:50 GMT+02:00 Alessandro Ghedini gh...@debian.org:
Source: ffmpeg
Version: 7:2.6.3-1+b1
Severity: wishlist
Hello,
I was looking at the various dependencies of the -ffmpeg packages
Source: ffmpeg
Version: 7:2.6.3-1+b1
Severity: wishlist
Hello,
I was looking at the various dependencies of the -ffmpeg packages, and it seems
to me some of them are a bit superfluous. For example:
- Do we really need 2 different MP3 encoders (libmp3lame and libshine)?
- Given the libmp3lame
On sab, mag 23, 2015 at 02:15:05 +0300, Yuriy M. Kaminskiy wrote:
Package: mpv
Version: 0.6.2-2
Severity: normal
Dear Maintainer,
$ mpv --vo=opengl-old:force-pbo=yes any-video.avi
[...]
AO: [alsa] 48000Hz stereo 2ch float
VO: [opengl-old] 1280x720 = 1280x720 yuv420p
mpv:
Control: tags -1 fixed-upstream
On Fri, May 22, 2015 at 10:29:16PM +1000, Dmitry Smirnov wrote:
Package: curl
Version: 7.42.1-2
Severity: normal
X-Debbugs-CC: arno.schnei...@hs-augsburg.de
Command
curl https://moodle.hs-augsburg.de/
returns the following error:
curl:
On sab, mag 23, 2015 at 03:02:17 +0300, Yuriy M. Kaminskiy wrote:
Package: mpv
Version: 0.6.2-2
Severity: normal
Dear Maintainer,
mpv --vo=opengl-old fails to render OSD (draws empty rectangles instead)
when sub-option rectangle is 1 (it is set to 1 by default on some
video-cards [with
On Sat, May 16, 2015 at 03:43:37PM +0200, Alessandro Ghedini wrote:
On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
Version: 6:11.3-1
On 2015
On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
Version: 6:11.3-1
On 2015-05-14 20:41:15, Arne Wichmann wrote:
Package: libavcodec56
Control: retitle -1 nghttp2: new upstream release v1.0.0
On Thu, May 07, 2015 at 06:08:47PM +0200, Alessandro Ghedini wrote:
Source: nghttp2
Version: 0.6.7-1
Severity: wishlist
Hello,
upstream has released several new upstream versions, would it be possible to
update the Debian package
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
Version: 6:11.3-1
On 2015-05-14 20:41:15, Arne Wichmann wrote:
Package: libavcodec56
Version: 6:11.3-2
Severity: grave
Tags: security
Justification: user security hole
Hi, as far as I can see this has not yet
On Sun, May 10, 2015 at 09:12:43PM +0100, Steven Chamberlain wrote:
Dear Security Team,
This bug was reopened because the original fix from upstream was found
to be incomplete.
Please may I upload to wheezy-security with the attached debdiff,
replacing the CVE-2015-1414 patch with the new
Source: nghttp2
Version: 0.6.7-1
Severity: wishlist
Hello,
upstream has released several new upstream versions, would it be possible to
update the Debian package?
Thanks
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1,
Control: tags -1 wontfix
On mar, mag 05, 2015 at 01:23:46 +0200, Vincent Lefevre wrote:
On 2015-05-04 19:57:25 +0200, Alessandro Ghedini wrote:
On lun, mag 04, 2015 at 12:28:02 +0200, Vincent Lefevre wrote:
OK, if I understand, it just supports OCSP stapling, not plain OCSP.
So, why
On Mon, May 04, 2015 at 09:09:04AM +0200, Mike Gabriel wrote:
Package: security-tracker
Severity: wishlist
Tags: patch
Hi,
attached is a patch that adds manual DLA/DSA id override support if an
upload tackles a regression already announce via an earlier DSA/DLA.
Current use case /
On Mon, May 04, 2015 at 03:15:19AM +0200, Vincent Lefevre wrote:
Control: retitle -1 curl should check certificate revocation status by default
On 2014-04-26 13:19:35 +0200, Alessandro Ghedini wrote:
TL;DR: let's do OCSP instead of downloading CRLs. It would still
need someone to actually
On lun, mag 04, 2015 at 12:28:02 +0200, Vincent Lefevre wrote:
On 2015-05-04 10:57:36 +0200, Alessandro Ghedini wrote:
--cert-status only checks for the status_request TLS extension which is not
supported by most servers (which means curl will fail by default on most
requests). So no, curl
Control: tags -1 pending
On Mon, May 04, 2015 at 07:53:23PM +0200, Jérémy Bobbio wrote:
Source: mpv
Version: 0.9.1-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
Hi!
While working on the “reproducible builds” effort [1], we have
On Sat, May 02, 2015 at 12:48:22PM +0200, Alessandro Ghedini wrote:
Package: apt
Version: 1.0.9.9
Severity: normal
Hello,
it seems that the changelog command of apt-get is broken:
% apt-get changelog debhelper
Err Changelog per debhelper
(http://packages.debian.org/changelogs
Package: apt
Version: 1.0.9.9
Severity: normal
Hello,
it seems that the changelog command of apt-get is broken:
% apt-get changelog debhelper
Err Changelog per debhelper
(http://packages.debian.org/changelogs/pool/main/d/debhelper/debhelper_9.20150501/changelog)
404 Not Found
Err
Control: tags -1 pending
On mer, apr 29, 2015 at 09:56:51 +0200, Mathieu Malaterre wrote:
Package: valgrind
Version: 1:3.10.0-4
Severity: normal
Dear Maintainer,
It feels like there is a missing suppression for openmp on valgring+openmp
(jessie amd64). Steps:
$ cat t.c
int main()
1 - 100 of 756 matches
Mail list logo