Hi,
Graham Cobb writes:
> The new checks at mount time cause mount times for large filesystems to be
> much
> longer. My roughly 10TB filesystem now takes over 90 seconds to mount.
>
I'm curious how "aged" the fs is, (largest generation from btrfs subvol
list), how many subvolumes, if qgroups
Control: severity -1 normal
Justification: New upstream releases requests are normal level bugs
https://www.debian.org/Bugs/Developer#severities
Dear Martin-Éric,
Martin-Éric Racine writes:
> Package: openshot-qt
> Version: 2.5.1+dfsg1-1
> Severity: important
>
> Upon startup, OpenShot tells
Hi Vagrant!
Vagrant Cascadian writes:
> Source: jackd2
> Severity: normal
> Tags: patch
> User: reproducible-bui...@lists.alioth.debian.org
> Usertags: timestamps locale
> X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
>
> The manpages may contain a locale-translated month name, as
package release.debian.org
tags 1035059 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: dpdk
Version:
package release.debian.org
tags 1034713 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: php-guzzlehttp-psr7
package release.debian.org
tags 1035105 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: distro-info-data
Version:
package release.debian.org
tags 1034736 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: pev
Version: 0.81-3+deb11u1
package release.debian.org
tags 1034714 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: php-nyholm-psr7
Version:
Control: severity -1 important
Control: tag -1 moreinfo
Justification: Package is not unusable for everyone. See the following
for further info: https://www.debian.org/Bugs/Developer#severities
Reply follows inline:
Eric Valette writes:
> Using dolphin for network, you can select gdrive but
# resending because the BTS bounced this email due to then-archived
# state of this bug. It won't bounce now, because it's been unarchived.
unarchive 892377
reopen 892377
retitle 892377 RFP: company-irony -- C, C++ and Objective-C completion tooltips
for emacs.
submitter 892377 !
thanks
Dear
Paul Gevers writes:
> Hi Nicholas,
>
> On 23-04-2023 00:06, Nicholas D Steeves wrote:
>> unblock irony-mode/1.5.0-5
>
> llvm-toolchain-15 isn't expected to change and migration in it's current
> for is not accepted. Please upload your changes to tpu, with only a new
>
Cyril Brulebois writes:
> Nicholas D Steeves (2023-04-25):
>> I had added this block in error. Llvm-15-toolchain/1:15.0.6-4, which is
>> in bookworm, fulfills the requirements for irony-mode/1.5.0-5.
>
> Not really, with such dependency:
>
> libclang
Hi Alf,
Alf writes:
> On Sun, 23 Apr 2023 12:49:19 +0200 Alf wrote:
> Further investigating the configuration also led to a solution for the higher
> CPU load:
>
> SMPlayer seems not to evaluate my $HOME/.config/mpv/mpv.conf where I have
> hardware accelleration enabled.
> I now have set it
James Addison writes:
> On Sun, 23 Apr 2023 at 00:28, Nicholas D Steeves wrote:
>> The way always screen for this type of thing is using the
>> "elpa-git-timemachine" Emacs package
>
> That sounds like a nice feature integration. I worry that I might be
>
Control: unblock 1034733 by 1032887
I had added this block in error. Llvm-15-toolchain/1:15.0.6-4, which is
in bookworm, fulfills the requirements for irony-mode/1.5.0-5.
Thanks,
Nicholas
signature.asc
Description: PGP signature
package release.debian.org
tags 1029976 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libzen
Version:
Control: tags -1 + confirmed
On Sat, 2023-04-22 at 22:52 -0300, David da Silva Polverari wrote:
> Package: release.debian.org
> Severity: important
>
As noted (and already fixed) "normal" was the correct choice here.
> A buffer overflow vulnerability exists in Pev 0.81 via the pe_exports
>
[CVE-2023-29197]
> filed as #1034597. The security team reviewed this bug filed
> with a non-RC severity, so I assume they don’t expect to release
> a DSA for it (as for the other php-guzzlehttp-psr7 issue),
> anyway the team is X-D-Cc.
>
Please go ahead.
Regards,
Adam
ecurity team filed those bugs with a non-RC severity, so
> I assume they don’t expect to release a DSA for it (as for the
> previous main issue), anyway the team is X-D-Cc.
>
The Security Tracker agrees. Please go ahead.
Regards,
Adam
On Sat, 2023-04-22 at 21:31 -0300, David da Silva Polverari wrote:
> Closing this bug, as it was opened the wrong way. I will open it
> again
> with the proper metadata.
>
This is a little confusing. So far as I can see, the only difference is
that you made the second report "severity:
Hi Sylvestre,
>>
>> On 2023-03-13 14:27:52 +0100, Sylvestre Ledru wrote:
[snip]
>> The debdiff includes:
>> The debdiff includes:
>>
>> llvm-toolchain-15-15.0.7/build/CMakeCache.txt
>> | 3215
>>
Hi James,
James Addison writes:
>
> Thanks, Nicholas!
>
You're welcome! Also, yes, your hypothesis about DVB support being lost
when the Debian packages adapted to upstream's waf-to-meson change was
correct. The way always screen for this type of thing is using the
"elpa-git-timemachine"
Dear Thomas and Alf,
Thank you for confirming that this fix for DVB support works as it
should.
Thomas, if you have a few minutes of free time, would you please review
the rest of this email, and consider verifying whether or not
mpv_0.35.1-4 introduces a regression in smplayer? I hypothesise
.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock irony-mode/1.5.0-5
diff -Nru irony-mode-1.5.0/debian/changelog irony-mode-1.5.0/debian/changelog
--- irony-mode-1.5.0/debian
package release.debian.org
tags 1034455 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: mariadb-10.5
Version:
package release.debian.org
tags 1034548 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: glibc
Version:
package release.debian.org
tags 1034454 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: galera-3
Version:
On Fri, 2023-04-21 at 12:08 +0300, Adrian Bunk wrote:
> On Tue, Mar 14, 2023 at 02:04:19PM -0700, Sean Whitton wrote:
> > Version: 1:28.2+1-11
> >
> > Hello,
> >
> > On Sun 26 Feb 2023 at 09:41PM +02, Adrian Bunk wrote:
> >
> > > While I suspect they are the same, there is no proof that this
>
Control: tags -1 + confirmed
On Thu, 2023-04-20 at 22:10 -0700, Otto Kekäläinen wrote:
> Control: tags -1 -moreinfo
>
> Updated message to be specific about the change in proposed-updates
> only, i.e. 1:10.5.19-0+deb11u1 -> 1:10.5.19-0+deb11u2
>
> Changelog:
>
> mariadb-10.5
unlikely, but this needs to be tested for the unblock request).
Thanks,
Nicholas
Nicholas D Steeves writes:
> Dear Alf and James,
>
> I agree that DVB support is important, and I just uploaded mpv_0.35.1-4
> (to sid/unstable). That release will close this bug, but please test
&g
package release.debian.org
tags 1034493 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libpod
Version:
package release.debian.org
tags 1034264 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: nvidia-modprobe
Version:
package release.debian.org
tags 1034578 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: tzdata
Version:
package release.debian.org
tags 1034103 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
package release.debian.org
tags 1034001 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
Dear Alf and James,
I agree that DVB support is important, and I just uploaded mpv_0.35.1-4
(to sid/unstable). That release will close this bug, but please test
this it ASAP and confirm that it works with your DVB hardware.
Yes, I know it might take a day to become available...sorry about that.
) and
today (0.35.1-4).
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock mpv/0.32.0-4
diffstat for mpv-0.35.1 mpv-0.35.1
changelog |9 +
rules |3 ++-
2
Control: tags -1 + confirmed d-i
On Tue, 2023-04-18 at 00:06 +0200, Aurelien Jarno wrote:
> There are multiple fixes in this upload, all coming from the upstream
> stable branch:
> - Multiple crashes or memory leak in printf-family functions
> - Overflow fix in the AVX2 implementatio
Control: tags -1 + moreinfo
On Tue, 2023-02-07 at 12:14 +0100, Mike Gabriel wrote:
> after upload of libvncserver: 0.9.13+dfsg-2+deb11u1 our users spotted
> a
> regression in performance of x11vnc. The solutions for the reporting
> users were:
>
> (1) downgrade to libvncserver 0.9.13+dfsg-2
>
Control: tags -1 + confirmed
On Sat, 2023-04-15 at 14:38 -0700, Otto Kekäläinen wrote:
> galera-3 (25.3.37-0+deb11u1) bullseye; urgency=medium
>
> * New upstream version 25.3.37. Includes multiple bug fixes, see
>
>
Control: tags -1 + confirmed
On Sun, 2023-01-29 at 18:24 +, Thorsten Alteholz wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bulleye
> User: release.debian@packages.debian.org
> Usertags: pu
>
>
> The attached debdiff for libzen fixes CVE-2020-36646 in Bullseye.
>
Control: tags -1 + moreinfo
On Sat, 2023-04-15 at 14:40 -0700, Otto Kekäläinen wrote:
> I propose that the latest version of MariaDB 10.5.19 be included in
> the upcoming stable release update of Debian. Package ready at
> https://salsa.debian.org/mariadb-team/mariadb-10.5/-/commits/bullseye
>
package release.debian.org
tags 1034096 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: nvidia-graphics-drivers
package release.debian.org
tags 1033759 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: duktape
Version:
On Sun, 2022-11-06 at 23:18 +0100, Jochen Sprickerhof wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: rm
>
As Paul said, this was missing the "bullseye" tag. It should also
really be one bug per source package to be removed, with
Control: tags -1 + confirmed
On Tue, 2023-04-11 at 22:42 +0200, Andreas Beckmann wrote:
> along with the nvidia-graphics-drivers* packages, I'd like to upgrade
> nvidia-modprobe to a new upstream release this time, too.
> It's unusual that nvidia-modprobe sees any updates (besides the
> version
>
Control: tags -1 + confirmed
On Thu, 2023-04-06 at 10:33 +0200, Andreas Beckmann wrote:
> I'd like to update nvidia-graphics-drivers-tesla-450 in bullseye to a
> new upstream release fixing a few CVEs.
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Sun, 2023-04-09 at 04:35 +0200, Andreas Beckmann wrote:
> I'd like to update nvidia-graphics-drivers-tesla-470 to a new
> upstream
> version fixing a few CVEs.
>
Please go ahead.
Regards,
Adam
package release.debian.org
tags 1034246 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: usb.ids
Version:
package release.debian.org
tags 1034198 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
package release.debian.org
tags 1026945 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: guix
Version:
package release.debian.org
tags 1032237 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: zfs-linux
Version:
Package: wnpp
Severity: wishlist
Owner: "Bradford D. Boyle"
X-Debbugs-Cc: debian-de...@lists.debian.org, bradford.d.bo...@gmail.com
* Package name: pgvector
Version : 0.4.1
Upstream Contact: Andrew Kane
* URL : https://github.com/pgvector/pgvector
Hi James,
James Abernathy writes:
> I reran an install but this time when I remounted the @ and @home
> subvolumes I only used the default, compress=zstd, and subvol= options.
>
Thank you.
> This time it worked. After booting successfully, I edited fstab to add in
> noatime and it still
package release.debian.org
tags 1034039 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libpod
Version:
package release.debian.org
tags 1034039 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libpod
Version:
package release.debian.org
tags 1033770 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: apache2
Version:
package release.debian.org
tags 1025654 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: x4d-icons
Version:
package release.debian.org
tags 1033993 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: unbound
Version:
+deb11u2
Explanation: fix information leak issue [CVE-2022-4415], denial of service
issue [CVE-2022-3821]; ata_id: fix getting Response Code from SCSI Sense Data;
logind: fix getting property OnExternalPower via D-Bus; fix crash in
systemd-machined
package release.debian.org
tags 1033506 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libreoffice
Version:
package release.debian.org
tags 1032921 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: node-webpack
Version:
package release.debian.org
tags 1032134 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: node-cookiejar
Version:
package release.debian.org
tags 1030598 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: lemonldap-ng
Version:
package release.debian.org
tags 1031948 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libgit2
Version:
package release.debian.org
tags 1031410 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: postgis
Version:
package release.debian.org
tags 1025703 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libexplain
Version:
package release.debian.org
tags 1033578 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: joblib
Version:
package release.debian.org
tags 1033160 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: flatpak
Version:
package release.debian.org
tags 1031926 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: gtk+3.0
Version:
package release.debian.org
tags 1031630 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: containerd
Version:
package release.debian.org
tags 1031109 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: crun
Version:
package release.debian.org
tags 1027258 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
package release.debian.org
tags 1027257 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
On Thu, 2023-04-06 at 19:46 -0400, Reinhard Tartler wrote:
> This code change picks up code changes in golang-github-containers-
> psgo
> and golang-github-containers-storage to fix CVE-2022-1227. This is
> reported
> as 1020907. This addresses a priviledge escalation issue when using
> 'podman
On Sun, 2023-03-26 at 07:35 +0200, Paul Gevers wrote:
> Hi Otto,
>
> On 26-03-2023 06:48, Otto Kekäläinen wrote:
> > Based on
> > https://packages.debian.org/search?keywords=mariadb-server=names=all=all
> > this 10.5.19-0+deb11u1 is still pending and a stable update of
> > Debian
> > 11
Control: tags -1 -moreinfo +confirmed
On Sun, 2023-04-02 at 01:14 +0200, Santiago Vila wrote:
> El 1/4/23 a las 21:58, Adam D. Barratt escribió:
> > Have you confirmed via a binary debdiff that there are no changes
> > to
> > the resulting packages?
>
> The package c
Control: tags -1 + confirmed
On Sun, 2023-04-02 at 07:08 +0400, Yadd wrote:
> Control: tags -1 - confirmed
>
> On 4/1/23 22:47, Moritz Mühlenhoff wrote:
> > Am Sat, Apr 01, 2023 at 08:32:55AM +0400 schrieb Yadd:
[...]
> > >
apache2 silently reenable apache2-doc.conf despite having been
> > >
Control: tags -1 + confirmed
On Sun, 2023-04-02 at 10:53 +0800, Aron Xu wrote:
> Control: tags -1 - moreinfo
>
> On Sun, Apr 2, 2023 at 3:10 AM Adam D. Barratt <
> a...@adam-barratt.org.uk> wrote:
> > Control: tags -1 + moreinfo
> >
> > On Thu, 2023-03-02 at
On Sat, 2023-04-01 at 19:04 -0400, Reinhard Tartler wrote:
>
> On 4/1/23 3:51 PM, Adam D. Barratt wrote:
> > Control: tags -1 + moreinfo
> >
> > Apologies for the delay in getting back to you on this.
> >
> > On Wed, 2022-12-28 at 22:26 -0500, Reinhard Tart
Paul Gevers writes:
> Source: flycheck
> Version: 32~git.20200527.9c435db3-3
> Severity: serious
[snip]
> Traceback (most recent call last):
>spy-on(buffer-file-name :and-return-value "test-buffer-name")
>buttercup--spy-on-and-call-replacement(buffer-file-name (lambda
> ( arg...
>
Control: tags -1 + confirmed d-i
On Thu, 2022-12-22 at 12:13 +, Luca Boccassi wrote:
> We'd like to upload several bug fixes, including security fixes, for
> systemd to bullseye.
> The fixes come from the upstream stable branches which are covered by
> CI and confirmed
Control: tags -1 + confirmed
On Wed, 2022-12-07 at 19:37 +0100, Santiago Vila wrote:
> I'd like to make this QA upload to fix FTBFS bug #997222 in
> bullseye,
> plus allow compilation with kernels slightly newer than the one in
> bullseye (for example bullseye-backports).
>
> The two patches
Control: tags -1 + moreinfo
On Tue, 2022-12-06 at 23:47 +0100, Santiago Vila wrote:
> I'd like to fix FTBFS bug #991067 in stable using the attached
> debdiff
> (not uploaded yet).
>
Apologies for the delay in getting back to you on this.
> The way the FTBFS is fixed is the same I used in
Control: tags -1 + moreinfo
Apologies for the delay in getting back to you on this.
On Wed, 2022-12-28 at 22:26 -0500, Reinhard Tartler wrote:
> In order to fix CVE-2022-1227, an update to golang-github-containers-
> psgo
> is needed, more specifically,
>
Control: tags -1 + moreinfo
On Wed, 2022-12-28 at 22:40 -0500, Reinhard Tartler wrote:
> Backport for CVE-2022-1227, taken from
> https://github.com/containers/psgo/pull/92
>
> This prevents an exploit when running 'podman top'
>
Apologies for the delay in getting back to you regarding this.
Control: tags -1 + moreinfo
On Wed, 2023-01-18 at 15:13 +0100, Andreas Rönnquist wrote:
> The clutter library is buggy, to the extent that geeqie might crash
> if
> not ran without it. This fix simply removes the libchamplain
> dependency
> (which in it's turn depends on clutter). This makes it
Control: tags -1 + confirmed
On Wed, 2023-03-29 at 16:26 +0400, Yadd wrote:
> lemonldap-ng is vulnarable to a second factor bypass when used with
> an
> "AuthBasic handler" (generally used for non-browser apps).
>
[...]
> I didn't pushed yet the already accepted patch for deb11u3
> (#1030598).
>
Control: tags -1 + confirmed
On Sat, 2023-02-11 at 19:03 +0100, Reinhard Tartler wrote:
> conmon 2.0.25 contains a bug where the container will hang when there
> is lots of terminal output. You can easily reproduce like so:
>
> podman run -it --rm debian:latest
> find /
>
Please go ahead;
Control: tags -1 + confirmed
On Sun, 2023-02-19 at 22:56 +0800, Shengjing Zhu wrote:
> Backport patches for 2 CVE:
>
> * CVE-2023-25153: OCI image importer memory exhaustion
> * CVE-2023-25173: Supplementary groups are not set up properly
>
Please go ahead; sorry for the delay.
Regards,
Adam
Control: tags -1 + confirmed
On Thu, 2023-02-16 at 19:38 +0100, Bas Couwenberg wrote:
> As reported in #1031392, postgis 3.1.1 has an important issue with
> polar
> stereographic projections which was resolved in 3.1.2.
>
> [ Impact ]
> Unusable coordinates from transformations.
>
Please go
Control: tags -1 + confirmed
On Sun, 2023-02-12 at 00:06 +0200, Faidon Liambotis wrote:
> A no-dsa security vulnerability, CVE-2022-27650:
> https://security-tracker.debian.org/tracker/CVE-2022-27650
>
> [ Impact ]
> Copying from the CVE:
>
> "A flaw was found in crun where containers were
Control: tags -1 + confirmed
On Sat, 2023-02-25 at 12:05 +, Simon McVittie wrote:
> User request via #1020937: make it possible to run GTK 3 apps in
> native
> Wayland on some proprietary GLES-only graphics drivers (Raspberry Pi
> video core, iMX/Vivante).
>
Please go ahead, sorry for the
Control: tags -1 + confirmed
On Wed, 2023-02-22 at 13:48 -0500, Daniel Kahn Gillmor wrote:
> Please consider an update to publicsuffix in debian bullseye.
>
> This package reflects the state of the network, and keeping it
> current
> is useful for all the packages that depend on it.
>
Please
Control: tags -1 + confirmed
On Sat, 2023-02-25 at 21:16 +0100, Tobias Frost wrote:
> After fixing CVE-2023-22742 for LTS and ELTS, I'd like to see
> this CVE also fixed in stable, for consistency.
>
> The CVE is an inproper ssh certificate validation vulnerabilty,
> which allows
Control: tags -1 + confirmed
On Tue, 2023-02-28 at 18:00 +0400, Yadd wrote:
> node-cookiejar is vulnerable to ReDoS (CVE-2022-25901).
>
Please go ahead.
Regards,
Adam
Control: tags -1 + moreinfo
On Thu, 2023-03-02 at 15:33 +0800, Aron Xu wrote:
> I would like to apply a few patches to address some stability issues
> in the
> zfs-linux package in bullseye. All the patches are cherry-picked from
> upstream
>
> 2.0.x and 2.1.x stable branches.
>
+This change
Control: tags -1 + confirmed
On Fri, 2023-03-03 at 08:57 +, Bastien Roucariès wrote:
> CVE-2022-21222/CVE-2021-33587 The package css-what before 2.1.3 are
> vulnerable
> to Regular Expression Denial of Service (ReDoS) due to the usage of
> insecure
> regular expression in the re_attr variable
Control: tags -1 + confirmed
On Sat, 2023-03-18 at 16:20 +, Simon McVittie wrote:
> CVE-2023-28101: A malicious Flatpak app could prevent the flatpak(1)
> CLI
> from displaying its permissions as intended, by having crafted
> permissions
> or other metadata containing terminal escape
Control: tags -1 + confirmed
On Tue, 2023-03-14 at 08:01 +0400, Yadd wrote:
> node-webpack is vulnerable to cross-realm object access
> (#1032904, CVE-2023-28154)
>
Please go ahead.
Regards,
Adam
901 - 1000 of 15970 matches
Mail list logo
