Package: calibre
Version: 0.7.44+dfsg-1
Severity: critical
Tags: sid
After the last python-sip updates calibre cannot start anymore.
Trying to run it from the terminal gives:
Traceback (most recent call last):
File /usr/bin/calibre, line 19, in module
sys.exit(main())
File
2010/6/15 David Paleino da...@debian.org
On Mon, 14 Jun 2010 17:51:38 +0200, Andrea De Iacovo wrote:
Package: gthumb
Version: 3:2.11.3-2
Severity: important
Tags: sid
Hi.
Ciao Andrea,
Ciao!
When trying to import images from a usb camera gthumb segfaults without
completing
and select a bunch of images
5. Click on import button
6. Watch gthumb die.
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (900, 'unstable'), (600, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2
Package: chromium-browser
Version: 5.0.375.29~r46008-1
Severity: normal
Tags: experimental
Everytime chromium starts it asks the user to become the default browser
even if it already is.
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT
(no automount, no wireless connection and so on). Restarting dbus
makes the system functional again. As for now the only solution seems to
downgrade to dbus 1.2.20 in lenny. Regards. Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (900, 'unstable
popup and the
system results widely unusable (no automount, no wireless connectivity and so
on).
Restarting dbus makes gdm fully functional again.
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (900, 'unstable'), (600
I can confirm this too: the problem seems to be solved with the package you
provided.
Cheers.
Andrea De Iacovo
Il giorno , Michael Biebl bi...@debian.org ha scritto:
Hi everyone
@Julien, Brad: I think your particular issue is a different bug then Sam
reported in #471565. It looks
What about the status of the package? Still license problems?
Thank you.
Andrea De Iacovo
appear in the plugin list and, obviously, does not
work anymore.
Copying the files in the right directory makes the plugin work again.
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (900, 'unstable'), (600, 'experimental
-administration and from
the
update-notifier icon) just a gray window will appear without any control
button on it.
For update-manager to work again I have to killall update-manager
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (900
the apply button I obtain this:
** (polkit-gnome-authorization:4166): WARNING **: Caught error: Method
ObtainAuthorization with signature suu on interface
org.freedesktop.PolicyKit.AuthenticationAgent doesn't exist
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT
No sound theme installed.
There is not a sound theme installable in sid, I think. There's a ITP for
freedesktop-sound-theme but it's still open due to some license issue.
Regards.
Andrea De Iacovo
for reporting this.
Cheers.
Andrea De Iacovo
The problem seems to be solved. Maybe it was just an error in translation
package.
I think the bug can be closed.
Regards.
Andrea De Iacovo
Package: synaptic
Version: 0.62.7
Severity: important
If you search a package name/description clicking on the search button
and then try to install a package, the following errors happen:
1. Synaptics complains about packages not being authenticated
(while they actually _are_ authenticated)
.
Regards.
Andrea De Iacovo
What if you comment both the OPT3 line and the LIBGL_ALWAYS_INDIRECT
line? Does it solve the performance issue for you?
Slightly better this way. Almost as smooth as before the upgrade.
Regards.
Andrea De Iacovo
.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.29.4 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin
2009/6/1 Josselin Mouette j...@debian.org
Le lundi 01 juin 2009 à 09:57 +0200, Andrea De Iacovo a écrit :
After upgrade to 2.6.1-5 gnome cannot start. After login
the screen stays black and only the mouse cursor can be seen
and moved.
This happens both trying to start compiz
2009/6/1 Josselin Mouette j...@debian.org
Le lundi 01 juin 2009 à 10:48 +0200, Andrea De Iacovo a écrit :
Process list is attached and yes: removing compiz solves the problem
Why are there two sets of compiz binaries running? Are you doing
anything special to start it?
That list
2009/6/1 Josselin Mouette j...@debian.org
Le lundi 01 juin 2009 à 11:20 +0200, Andrea De Iacovo a écrit :
Why are there two sets of compiz binaries running? Are you
doing
anything special to start it?
That list of processes has been gathered after starting gnome
2009/6/1 Josselin Mouette j...@debian.org
Le lundi 01 juin 2009 à 12:57 +0200, Andrea De Iacovo a écrit :
compiz.desktop file and the list of running processes you asked for
are attached.
All necessary processes are started correctly, so it looks like compiz
does not like the way
Package: empathy
Version: 2.26.1-1
Severity: normal
Even if they are enabled in preferences dialogue, sound notifications are not
reproduced by empathy.
Regards.
Andrea De Iacovo
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable
tags 519798 + lenny
thanks
IMO, this results in the current stable wordpress package unusable in
production settings, as users cannot reset their passwords.
Actually, I think, this is not really making users unable to reset
their password: they should just copy the malformed url directly into
://packages.debian.org/squeeze/all/wordpress/filelist)
shows up for empty directories.
That's because the whole directories are symbolically linked to the ones
in /usr/share/tinymce/www/plugins/*
Could you, please, try to backup your database and reinstall the whole package?
Thank you very much.
Regards.
Andrea De
Hello.
Could you be more precise? Which files were missing?
Thank you for reporting.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Package: libdeskbar-tracker
Version: 0.6.90-3
Severity: normal
After the last update tracker live search plugin for deskbar does not
show any search result. The standard tracker search plugin (not live)
still works perfectly
-- System Information:
Debian Release: squeeze/sid
APT prefers
Package: tinymce
Version: 3.2.0.2-0.1
Severity: normal
Hello.
Is it possible to update tinymce, at least in experimental, to version
3.2.1.1? I cannot upload my new wordpress package because of this
dependance.
Thank you very much for your work.
Regards.
Andrea De Iacovo
-- System
The bug is going to be solved with the next release.
Thank you for reporting.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Hi Andrea.
At the end of November, you said that the package in experimental would
be upgraded in the next days. Is there anything holding back the
upload where I could help?
Sorry. Just had personal issues.
I'm back and working again now but thank you for your help
Regards
Andrea
--
Package: wordpress
Severity: important
A new security issue has been found in wordpress, please see
this link for some references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5695
Thank you for reporting.
I'll check this out as soon as possibile.
Cheers.
Andrea
Andrea, you are the maintainer, it's up to you to downgrade the bug if you
really believe that the severity is over-inflated.
Ok, thanks.
Andrea, how did it progress with upstream ?
I opened a ticket in their bug tracking system. I'm waiting for
feedbacks.
Cheers.
Andrea
signature.asc
New package ready.
http://www.firstbit.net/debian
Could you or Thijs (I'm ccing him) upload it?
Thanks a lot
Cheers.
Andrea
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
days.
Thank you for reporting.
Cheers.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
.
I'll have the new package ready for tomorrow.
Thank you again.
Cheers.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
you're right. I'm going to check the patch and then try to
introduce it with the next release.
Thank you very much for your help.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Package: typo3-src-4.2
Version: 4.2.3-1
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for typo3-src-4.2.
Upstream says [1] it's not going to fix the issue because the
extension's maintainer is rewriting the files from scratch. So they
Package: typo3-src-4.0
Version: 4.0.2+debian-5
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for typo3-src-4.0.
Upstream says [1] it's not going to fix the issue because the
extension's maintainer is rewriting the files from scratch. So
2008/11/7 Andrea De Iacovo [EMAIL PROTECTED]:
Il giorno ven, 07/11/2008 alle 15.36 -0600, Raphael Geissert ha scritto:
You can also set cookies via javascript code, e.g.
scriptdocument.cookie = GLOBALS=1;domain=.domain.tld; /script
ok that's true.
So let's see what we have:
1
are
really important so I don't think I should do something without the help
of upstream developers.
As soon as the CVE gets confirmed I'll file a bug upstream asking to
modify wordpress to use $_GET $_POST and $_COOKIES.
Thank you very much for reporting this.
Cheers.
Andrea De Iacovo
Hi,
2008/11/7 Thijs Kinkhorst [EMAIL PROTECTED]:
Hi,
I don't think this is a grave security issue. It is only a DoS for one
client
application, which requires another vulnerability to be present, can be
It is not just about the DoS (because as I demonstrated, there are
other
Il giorno ven, 07/11/2008 alle 15.36 -0600, Raphael Geissert ha scritto:
2008/11/7 Andrea De Iacovo [EMAIL PROTECTED]:
Hi,
It is not just about the DoS (because as I demonstrated, there are
other possible attacks).
The whole point is that wordpress' (ab)use of $_REQUEST is leading
Ok I made the new package. Now wordpress depends on libphp-snoopy and so
also CVE-2008-4796 should be considered fixed.
I'm going to ask my sponsor to upload the package as soon as possibile
Thank you very much.
Cheers.
Andrea
signature.asc
Description: Questa è una parte del messaggio
tags 504416 +fixed-in-experimental
merge 490977 504416
thanks
Package: wordpress
Version: 2.5.1-8
Severity: important
Hi,
the debian wordpress package is outdated and should be moved to the latest
upstream version for security reasons.
Fixed in experimental.
Cheers.
Andrea De Iacovo
to make wordpress
depend on all those libraries instead of shipping embedded copies.
First of all I'll try to eliminate libraries with known and published
CVEs so to have a package with no security problems.
Thank you very much for your help.
Cheers.
Andrea De Iacovo.
signature.asc
Description
tags 443948 + patch
thanks
Hi Marcelo, hi Andrea,
attached is a debdiff for a NMU for this bug. It's untested, as I don't
have any wordpress installations here, but should work :)
Can someone please test?
Marcelo, will you ask for a freeze unblock for snoopy because of the
security
hi Evgeni , hi Andrea,
the new upstream version of libphp-snoopy is in sid;
and I have already sent message to unblock the package
Great!
Wordpress will depend on it in the next days.
Cheers.
Andrea
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
with debian.
As for now I'm pushing down the severity of the bug and tagging it as
unreproducible.
If you agree I will close the bug because it does not apply to wordpress in
debian.
Thank you very much for reporting this.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una
subject says it all, my NMU of tinymce is now in unstable, so please
update wordpress now.
Yesterday I made the package and sent it to Thijs (my sponsor) so
Wordpress is going to be updloaded in a few hours/days (as soon as my
sponsor uploads it).
Thank you very much for your NMU.
Cheers.
]
The package itself is available via dget at [2] as source or at [3] as a
binary arch-all package.
regards,
Sven
Great! Thank you very much.
I'll upload wordpress as soon as tinymce hits sid.
Regards.
Andrea De Iacovo
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
the wordpress official guide to make the flash uploader work
properly [1].
Thank you for reporting.
Regards.
Andrea De Iacovo
[1]: http://wordpress.org/support/topic/164999
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
to find a better way to look for the correct
configuration file: maybe reading a local list of authorized config
files?
Thank you for reporting.
Cheers.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Hi.
You're absolutely right.
I'll fix this with the next release.
Thank you for reporting.
Cheers.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4106
http://security-tracker.debian.net/tracker/CVE-2008-4106
I prepared a new package and now I'm waiting for my sponsor to upload
it.
Thank you for reporting.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del
severity 497216 grave
thanks
As you noticed the bug is due to an erroneous use of the admin_url()
function.
I'll fix the bug as soon as possible; in the meanwhile use version
2.5.1-5 from lenny please.
Thank you very much for reporting and sorry for the bad upgrade.
Regards.
Andrea De Iacovo
severity 497216 grave
thanks
As you noticed the bug is due to an erroneous use of the admin_url()
function.
I'll fix the bug as soon as possible; in the meanwhile use version
2.5.1-5 from lenny please.
Thank you very much for reporting and sorry for the bad upgrade.
Regards.
Andrea De Iacovo
very soon.
Thank you again.
Cheers.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Hi
I've made a new wordpress package [1] to fix cve-2008-3747. Could you
please upload it?
[1]: http://mentors.debian.net/debian/pool/main/w/wordpress
Thank you very much.
Cheers
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
'prefers'
libapache2-mod-php5
I think you're right.
I'll fix the bug with the next package release.
Thank you for reporting.
Cheers
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
'prefers'
libapache2-mod-php5
I think you're right.
I'll fix the bug with the next package release.
Thank you for reporting.
Cheers
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Tilo,as I've said, I'm still waiting for Tinymce update...
Hope to provide the package as soon as possible.
Bye,
Andrea
2008/8/19 Tilo Levante [EMAIL PROTECTED]
Hello Andrea,
is there any progress with the new version?
Can I be of any help (i.e. testing the package)?
Greetings
tilo
trying to solve your problem.
Thank you for reporting.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
retitle 485149 ITP: playonlinux -- a front-end for wine
thanks
Ok so it's official: I'll package playonlinux for Debian.
Regards.
Andrea
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Andrea De Iacovo
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hello
I checked to program but I think it's way too complex for me to maintain
it. Eclipse SDK is really full af features but I don't know it well
enough to maintain this package.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
I'm analizing the software in order to package it.
I'll try to make the package as soon as possible.
Regards
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Package: emesene
Version: 1.0-dist-3
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello.
emesene becomes very slow or eveng hangs when trying to send files to
a contact. The bigger the file the slower the program.
Thank you.
Cheers
Andrea
- -- System Information:
Debian
the unrestricted upload functionality
mentioning this change in the NEWS file.
I've been a little busy this days but I think I'll provide the new
package within the weekend.
Thank you again.
Regards.
Andrea De Iacovo
signature.asc
Description: Questa è una parte del messaggio firmata digitalmente
Hello.
I'm going to check the software to see if I can package it. It I think it's
Debian compliant I'll take care of it.
Thank you for reporting.
Andrea De Iacovo
and reinstalling the package?
Let me no if your issue gets solved.
Thank you for reporting.
Cheers
Andrea De Iacovo
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIHZYpMXahCK22/rwRAmVRAJ40g7Cs8qXJdzukIPqei0TosP2COACeMRJI
x7sBV11HkbMJUnnlEeQmOLQ=
=2466
-END PGP SIGNATURE
We really need an update for tinymce in sid.
Latest packages depend on newest versions of tinymce (at least 3.0.7).
Thank you.
Cheers
Andrea De Iacovo
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIGznEMXahCK22/rwRAgzDAJ9IqR0sZY3AMtF7zKnzCfNl02C2rwCfUZKI
you.
Cheers
Andrea De Iacovo
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIGz7SMXahCK22/rwRAkqTAJ4vCI3KnbiezJsshsyQY8xDfaaazACfbtyz
vvIeONGMp1KfSiYbGrc7mYs=
=GLRd
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
fixed 478257 2.5.1-2
thanks
It was a problem with tinymce. Wordpress requires a modified version
of tinymce so I dropped out Depends: tinymce and restored the
wordpress' version.
Thank you for reporting.
Regards
Andrea
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
tags 463332 + wontfix
thanks
I'm tagging this as wontfix; we have the upgrade procedure well
described in the readme.html file and I don't think we should modify
the database before the user has a valid backup.
Thank you for reporting.
Regards.
Andrea
--
To UNSUBSCRIBE, email to [EMAIL
The CVE got fixed in 2.5.1
I made a package for sid. Could you please upload it? I'm desperatly
looking for a sponsor.
You can find it here: http://mentors.debian.net/debian/pool/main/w/wordpress/
Thank you.
Kind regards
Andrea
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The bug was completely fixed in 2.5.0 (that is already in sid).
I'll close the bug with the next package upload.
Andrea De Iacovo
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIBi9VMXahCK22/rwRArkCAJ4s0RGfo6nYMD/RmJFVqZ
I'd like to adopt the wordpress package.
Maybe we could talk about that?
Andrea De Iacovo
78 matches
Mail list logo