On Sun, Sep 30, 2007 at 01:54:12AM +0200, Nico Golde wrote:
I intend to NMU this bug on behalf of the testing security
team.
Next time, please leave the maintainers more than 12 hours to respond
when you NMU for a bug that's open for less than three days. It also
helps to drop the maintainers
On Sat, Sep 29, 2007 at 11:42:12PM +0200, Nico Golde wrote:
just wanted to let you know that for imagemagick there are
patches on:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444267#17
Maybe they help you as well.
Thanks. I'm co-maintaining imagemagick as well so have already been
aware
retitle 444266 CVE-2007-4985, CVE-2007-4986, CVE-2007-4988 multiple
vulnerabilities
thanks
Hi!
I've removed CVE-2007-4987 from the bug title, as it only applies to
imagemagick, but not to graphicsmagick. Graphicsmagick upstream is
already working on fixes for the other vulnerabilities.
Hi!
On Sun, Sep 23, 2007 at 04:48:42PM +0200, David Bremner wrote:
I have some 16 bit png images written by digikam (using digikam compiled
from svn and libpng version 1.2.15beta5). Graphicsmagick (including
convert and display) fails to read these properly; in fact identify
thinks they
Hi!
On Wed, Jul 18, 2007 at 11:50:14PM +0200, Julian Andres Klode wrote:
I would to have SSE enabled in mpg123 (without it is slower than
mplayer). (simply add --with-cpu=sse to the specific configure call)
Same for MMX (--with-cpu=mmx)
I suggest to also add a mpg123-full package containing
close 50110 0.67-1
thanks
On Tue, Sep 18, 2007 at 09:02:22PM -0400, Cédric Augonnet wrote:
This quick and dirty patch seems to allow inserting some delay of n
seconds between songs in case the user gives either -D n or --delay
n in argument.
Argh! I've actually applied the (slightly modified)
Dear release team!
An intermittent upload of liblash2 (0.5.3-1) contained an incorrect
soname. This error was fixed in 0.5.3-2, but glashctl and muse had been
rebuilt in the meantime and picked up a bogus dependency on
liblash.so.1. A simple rebuild should get things straight. Could you
please
On Sat, Aug 25, 2007 at 09:53:50AM +0200, Daniel Baumann wrote:
traceroute as of version 2.0.8~rc1-1 is providing a traceroute-nanog
binary, now using Debian alternatives. traceroute-nanog needs to switch
as well. Please make sure using a priority higher than 100.
Okay. You need to conflict
Hi!
On Wed, Aug 22, 2007 at 12:30:40AM -0400, Ethan Glasser-Camp wrote:
It seems as though muse is linked against liblash.so.1, though the
liblash2 package only provides liblash.so.2. Below are the commands I
used to come to this conclusion; if I'm grievously mistaken, please
let me know.
on startup when running on (some) 64bit architectures.
+Closes: #428055
+
+ -- Daniel Kobras [EMAIL PROTECTED] Wed, 13 Jun 2007 20:25:40 +
+
gs-gpl (8.56.dfsg.1-1) unstable; urgency=low
* New upstream release.
diff -Nru
/tmp/2lgRlemIdw/gs-gpl-8.56.dfsg.1/debian/patches
tag 428055 + patch
thanks
The segfaults during startup on ia64 are due to a bug in Debian-specific
patch 06_libpaper_support.dpatch: Due to a missing declaration, the
pointer returned by libpaper's systempapername() in
imainarg.c::gs_main_init_with_args() gets truncated, and gs segfaults a
few
Moi!
On Mon, Jun 11, 2007 at 10:39:12PM +0200, Andreas Barth wrote:
Actually, the original bug has been fixed in libxt-dev.
(Curiously enough, S/390 still lists the current build as failed,
referring to the same old bug, but providing no buildd log. Puzzled.)
However, build on ia64 revealed
Moi!
On Sun, Jun 10, 2007 at 07:28:02AM +0200, Andreas Barth wrote:
I uploaded an NMU of your package.
Please see this as help to get the package into a releaseable condition.
No need to emphasize which I'd never doubt anyway...
diff -ur dx-4.4.0~/debian/changelog dx-4.4.0/debian/changelog
reassign 421494 libmagick9
close 421494 7:6.2.4.5.dfsg1-1
merge 420353 421494
thanks
On Sun, Apr 29, 2007 at 07:08:12PM +0200, Christian Marillat wrote:
This package is uninstallable because libjasper-1.701-1 has been
removed and replaced by libjasper1.
Messed up the merge of this report
Moi!
On Wed, Apr 25, 2007 at 01:02:13PM -0400, Daniel Schepler wrote:
OK, here's another update to the NMU, including a fix for a brown paper bag
bug which would have made Magick-config completely unusable.
Which probably wouldn't have been that bad as we ought to deprecate
Magick-config in
clone 414370 -1
retitle -1 graphicsmagick: Heap overflow in GrayscalePseudoClassImage()
on 64bit archs.
severity -1 grave
tag -1 + security
tag -1 + pending
clone 414370 -2
retitle -2 graphicsmagick: Double free() when calling MagickReallocMemory()
with zero size.
severity -2 important
tag -2 +
severity 416096 important
thanks
On Sun, Mar 25, 2007 at 11:30:23PM +0200, Moritz Muehlenhoff wrote:
I disagree about the severity. The code history of graphicksmagick/
imagemagick makes it fairly obvious that they are both unsuitable
for processing images from untrusted sources. An afternoon
On Sun, Mar 25, 2007 at 07:03:35PM +0300, Sami Liedes wrote:
Hmm, sorry, but I don't see any patch attached?
Oops. Next try.
Regards,
Daniel.
--- a/coders/viff.c Wed Mar 21 21:20:05 2007 +0100
+++ b/coders/viff.c Wed Mar 21 23:49:56 2007 +0200
@@ -332,6 +332,8 @@ static Image
On Thu, Mar 08, 2007 at 07:58:54AM +0100, Mike Hommey wrote:
On Thu, Mar 08, 2007 at 01:28:13PM +0900, VDR dai (deb) [EMAIL PROTECTED]
wrote:
iceweasel 2.0.0.2+dfsg-4 failed to build using
graphicsmagick-imagemagick-compat
instead of imagemagick.
Great, that means
clone 414370 -1
retitle -1 graphicsmagick: Heap corruption in VIFF coder.
severity -1 grave
tags -1 + security
thanks
On Sun, Mar 11, 2007 at 03:53:05PM +0200, Sami Liedes wrote:
$ gm identify samples/segv.viff
*** glibc detected *** double free or corruption (fasttop):
0x00533970 ***
Päivää!
On Sat, Mar 17, 2007 at 01:16:54AM +0200, Sami Liedes wrote:
Hmm, ok. Perhaps some of these bugs (or at least the equivalent
#412945 which contains some of the same problems that were severity
grave on graphicsmagick but for imagemagick) should be severity grave
so the release manager
On Mon, Mar 19, 2007 at 09:00:01PM +0100, Kurt Roeckx wrote:
I was wondering what gm identify would do on a canon raw (.cr2) image.
The effect I get is:
gm[19264]: segfault at 0004 rip 2b30b10df5b0 rsp
7a18f668 error 4
Segmentation fault (core dumped)
(...)
Anyway,
On Tue, Mar 13, 2007 at 01:01:26AM +0200, Sami Liedes wrote:
I confirm I have all these bugs with graphicsmagick 1.1.7-13, with the
exception of this one:
$ gm convert samples2/segv.ras out.jpg
Segmentation fault
which exits with the error Improper image header.
I'm aware that -13
On Sat, Mar 10, 2007 at 03:10:17PM +0200, Sami Liedes wrote:
On Thu, Mar 08, 2007 at 10:59:33PM +0100, Daniel Kobras wrote:
Simply out-of-bounds read access due to insufficient validation of input
file. No severe security implications, patch attached. Hopefully I've
covered all cases
tag 413032 + patch
thanks
On Mon, Mar 05, 2007 at 09:13:34AM +0200, Sami Liedes wrote:
Another SEGV in PCX coder in new imagemagick and graphicsmagick even
with #413034-pcx_* applied.
Another crash, but no severe security problem. Patch attached.
Daniel.
--- a/coders/pcx.c Sat Mar 10
tag 414058 + patch
tag 414059 + patch
thanks
On Mon, Mar 05, 2007 at 09:23:04AM +0200, Sami Liedes wrote:
Another SEGV in PICT coder in both imagemagicks and graphicsmagick
even with #413036-pict_segfault_fix applied.
Crash on out-of-bounds read, not exploitable. Patch attached.
Daniel.
---
tag 414047 + patch
thanks
On Mon, Mar 05, 2007 at 09:08:41AM +0200, Sami Liedes wrote:
Here's another .cur that segfaults the ICON coder in imagemagick (both
old and new) and graphicsmagick even with #413032-icon_segfault_fix
applied.
NULL pointer dereference due to a simple typo in an
On Sat, Mar 10, 2007 at 01:38:38AM +0200, Sami Liedes wrote:
On Thu, Mar 08, 2007 at 10:59:33PM +0100, Daniel Kobras wrote:
--- a/coders/sun.c Thu Mar 08 21:13:15 2007 +0100
+++ b/coders/sun.c Thu Mar 08 22:51:13 2007 +0100
After applying this patch, some tests fail at least on amd64
tag 414057 + patch
thanks
On Mon, Mar 05, 2007 at 09:08:41AM +0200, Sami Liedes wrote:
Here's another .cur that segfaults the ICON coder in imagemagick (both
old and new) and graphicsmagick even with #413032-icon_segfault_fix
applied.
NULL pointer dereference due to a simple typo in an
Hi!
My apologies for the previous message to this bug. I typoed the bug
number. Please ignore.
Sorry,
Daniel.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
tag -2 + patch
tag -2 + security
thanks
On Thu, Mar 01, 2007 at 09:01:48PM +0100, Daniel Kobras wrote:
On Thu, Mar 01, 2007 at 05:37:39AM +0200, Sami Liedes wrote:
The attached files all crash imagemagick (eg. XXXtojpg $filename) on
amd64, some with SEGV, some with glibc detected heap
tag 413039 + patch
thanks
On Thu, Mar 01, 2007 at 09:01:48PM +0100, Daniel Kobras wrote:
sun:
broken.sun ... Segmentation fault
Simply out-of-bounds read access due to insufficient validation of input
file. No severe security implications, patch attached. Hopefully I've
covered all
reassign 413033 libjasper-1.701-1
retitle 413033 jasper: Heap corruption on malformed image input.
severity 413033 grave
tag 413033 + security
thanks
Hi Roland!
On Thu, Mar 01, 2007 at 09:01:48PM +0100, Daniel Kobras wrote:
On Thu, Mar 01, 2007 at 05:37:39AM +0200, Sami Liedes wrote
reassign 413033 libjasper-1.701-1
reassign 413041 libjasper-1.701-1
retitle 413033 jasper: Segfault on malformed image input.
retitle 413041 jasper: Heap corruption on malformed image input.
severity 413041 grave
tag 413041 + security
thanks
Hm, so it helps to remember a) to Bcc to [EMAIL
On Mon, Mar 05, 2007 at 08:06:50AM +0200, Sami Liedes wrote:
Funny, I had missed all these because I thought the submitter would
get mail sent to [EMAIL PROTECTED] Apparently not so for cloned bugs? Well,
I'll subscribe to them. :)
Sorry, I've dropped you from the Cc list intentionally on the
Hi!
On Tue, Feb 27, 2007 at 03:40:59PM -0600, John Goerzen wrote:
but I am happy to collaborate with you both. It looks like you both
have implemehted mq support, which I haven't. On the other hand, I
have implemented importing of .dsc files as well as orig.tar.gz files,
and work with
tag 413032 + patch
thanks
Similar problem and fix as with BMP (cf. #413031). No grave security
implications, either.
Daniel.
--- a/coders/icon.c Sat Mar 03 01:43:46 2007 +0100
+++ b/coders/icon.c Sun Mar 04 19:13:28 2007 +0100
@@ -196,7 +196,8 @@ static Image *ReadIconImage(const ImageI
Hi!
On Sun, Mar 04, 2007 at 01:40:55PM -0600, [EMAIL PROTECTED] wrote:
All these do something nasty on imagemagick 6.3.3
We have most of these issues fixed in ImageMagick 6.3.3-1 Beta, available
sometime tommorrow. As we mentioned, the JP2 issues occur in the JP2
library so a bug report
retitle 413034 graphicsmagick: Heap overflow in PCX coder.
tag 413034 + security
tag 413034 + patch
severity 413034 grave
thanks
The testcases uncovered two separate problems here. The first one is a
missing error check on SeekBlob(), similar to #413031 and #413032,
allowing for a potential DoS.
[Cc list trimmed.]
On Sun, Mar 04, 2007 at 02:51:33PM -0600, [EMAIL PROTECTED] wrote:
Thanks for the PNG patch. We'll get your other patches in ImageMagick
6.3.3-1 Beta as well.
Thanks. One note on your fix of the PCX heap overflow: From my reading
of the code, the correct allocation of the
retitle 413036 graphicsmagick: Heap overflow in PICT coder.
severity 413036 grave
tags 413036 + patch
tags 413036 + security
thanks
Rectangular coordinates are read from the input file, and used to
calculate the numbers of rows and columns to read in. Due to missing
validation of input
tag 413031 + patch
thanks
This is an integer overflow due to insufficient error checks, allowing
to read from a bogus location in memory. Not a critical hole, just a
DoS, as far as I can tell. The attached patch fixes the segfault with the
provided testcase. Adding a bit more robustness to
tag 413035 + patch
thanks
Simple NULL pointer dereference due to missing check. Might be
considered a DoS, but no grave security implications. Patch fixes the
segfault with the supplied testcase. (If you don't error out but handle
the NULL pointer gracefully, the testfile causes gm to allocate
tag 413037 + patch
thanks
Missing boundary checks allow a read from memory to exceed array
boundaries. DoS, but no severe security implications as far as I can
see. The attached patch is similar in spirit to a patch by imagemagick
upstream, and fixes the segfault with the supplied testcase.
Moi!
On Wed, Feb 28, 2007 at 07:44:03PM +0900, Kobayashi Noritada wrote:
Also, I must mention that I succeeded in packaging 4.4.0-1 only
porting the debian directory from 4.2.0-1; this bug can be closed
easily. :-)
Unfortunately, I don't think so. Packaging's not the problem here,
actually,
Moi!
On Wed, Feb 28, 2007 at 06:40:54PM +0900, Kobayashi Noritada wrote:
OpenDX 4.4.4, which is much newer than 4.4.0 in Debian, is available
in the upstream.
Could you please update the package if you have time?
I'm aware of the new upstream releases already but would rather avoid
uploading
clone 412945 -1
reassign -1 graphicsmagick
retitle -1 graphicsmagick: Segfault in BMP coder.
severity -1 important
clone 412945 -2
reassign -2 graphicsmagick
retitle -2 [AMD64][IA64] graphicsmagick: Segfault in ICON coder.
severity -2 important
clone 412945 -3
reassign -3 graphicsmagick
retitle -3
; urgency=high
+
+ * Non-maintainer upload.
+ * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456.
+Avoid bogus second read in macro call. Patch thanks to Vladimir
+Nadvornik. (CVE-2007-0770)
+
+ -- Daniel Kobras [EMAIL PROTECTED] Sat, 10 Feb 2007 15:56:18 +0100
On Thu, Jan 18, 2007 at 10:48:01PM +0100, Jens Seidel wrote:
cdrecord was forked to wodim. That's why my fancy cdrecord man page
translation should probably be available as wodim's as well. Other
languages (manpages-*) and forks are probably affected as well.
Agreed, thanks. I'll add the
Moi!
I'd like to keep the ability to upload etch-targetted fixes through
unstable during the freeze, and clearly the changelog of 0.62/0.63 is
too large to think about pushing it into etch. Therefore, a new upstream
version will only make unstable once etch is released. If there's enough
demand,
found 406291 0.90-1
severity 406291 important
thanks
On Wed, Jan 10, 2007 at 01:26:59AM -0500, Alec Robertson wrote:
Would it be possible to configure kino with --enable-quicktime? This
enables grabbing and processing dv files in a quicktime container, which
is commonly used for Cinelerra
On Sun, Jan 07, 2007 at 03:47:56PM +0100, Michael Schmitz wrote:
To be honest, I haven't used kino for a while - I had worked out a crude
endianness fix for video, that got corrected by someone even, and dropped
the matter when the ffmpeg packages were available. It was too slow to be
useable.
On Mon, Dec 25, 2006 at 01:50:57PM +0100, Steinar H. Gunderson wrote:
NEF support is currently completely broken, since delegates.xml
specifies the -3 flag to dcraw. Just remove the -3 flag and it's working
again.
Simply removing the -3 flag should be the correct fix for
graphicsmagick, but
.
+ * debian/rules: binary-arch target does not need to build and install
+anything.
+
+ -- Daniel Kobras [EMAIL PROTECTED] Sun, 24 Dec 2006 16:34:21 +0100
+
aub (2.2) unstable; urgency=low
* New version with many new features and fixex.
diff -Nru /tmp/RGz6kHiDPk/aub-2.2/debian/control
page. Closes: #403995
+
+ -- Daniel Kobras [EMAIL PROTECTED] Sun, 24 Dec 2006 15:59:34 +0100
+
webmagick (2.02-8.2) unstable; urgency=high
* Non-maintainer upload.
diff -u webmagick-2.02/debian/rules webmagick-2.02/debian/rules
--- webmagick-2.02/debian/rules
+++ webmagick-2.02/debian/rules
On Wed, Dec 13, 2006 at 12:48:11AM +0100, Daniel Kobras wrote:
On Tue, Dec 12, 2006 at 11:15:24PM +0100, Kurt Roeckx wrote:
What is the status of this bug?
It seems libpng was fixed, but it's now still failing to build
and needs the patch.
I'm currently preparing an NMU and will try
On Tue, Dec 12, 2006 at 11:15:24PM +0100, Kurt Roeckx wrote:
What is the status of this bug?
It seems libpng was fixed, but it's now still failing to build
and needs the patch.
I'm currently preparing an NMU and will try to get it uploaded tomorrow.
(Plus an upload of graphicsmagick that
On Sun, Dec 03, 2006 at 10:07:50AM +1100, Aníbal Monsalve Salazar wrote:
On Fri, Dec 01, 2006 at 07:57:34PM -0500, Glenn Randers-Pehrson wrote:
Right, it has the same code as libpng-1.2.12 in configure.ac:
# Config files, substituting as above
AC_CONFIG_FILES([Makefile
On Fri, Dec 01, 2006 at 08:46:00PM +1100, Anibal Monsalve Salazar wrote:
I built libpng_1.2.14-0_amd64 and then I tried to build
imagemagick_6.2.4.5.dfsg1-0.12_amd64 and it failed:
Sorry, apart from the problem with libpng, there's also a bug in
imagemagick. You need to apply the patch from
On Fri, Dec 01, 2006 at 07:36:03AM -0500, Glenn Randers-Pehrson wrote:
If you are speaking of the png_ptr - ping and the
png_access_version_number()
errors, those are already checked in to upstream ImageMagick. If it's
something
else, please let me know.
No, that's exactly the patch I'm
Package: imagemagick
Version: 7:6.2.4.5.dfsg1-0.12
Severity: serious
Tags: patch
Justification: no longer builds from source
Recent libpng actived MMX optimisations on amd64, it seems, and a
previously uncompiled code snippet in coders/png.c is now alive. It's
example code from libpng's man page,
Package: libpng12-dev
Version: 1.2.13-4
Severity: grave
Justification: breaks build-depending packages
Functions png_get_asm_flags(), png_set_asm_flags(), and possible some
more are part of libpng's API, but are missing from libpng's list of
exported symbols on amd64. I've checked that it's
On Fri, Dec 01, 2006 at 09:28:23AM +1100, Aníbal Monsalve Salazar wrote:
-checking if assembler code in pnggccrd.c can be compiled... no
+checking if assembler code in pnggccrd.c can be compiled... yes
The configure script cannot compile assembler code in pnggccrd.c on
amd64, whereas on i386
-maintainer upload.
+ * debian/control: Add build dependency on libxt-dev and pkg-config to
+make dependency list deterministic.
+ * debian/control: libmagick9-dev depends on libxt-dev.
+
+ -- Daniel Kobras [EMAIL PROTECTED] Wed, 29 Nov 2006 17:19:02 +0100
+
imagemagick (7:6.2.4.5.dfsg1-0.11
Package: php-imagick
Followup-For: Bug #400786
This bug is caused by a missing build-dependency on libxt-dev in
imagemagick (and subsequently a missing dependency in the -dev package).
The ia64 buildd happened to have libxt-dev installed when building the
previous imagemagick upload and thus
send a
note to you directly. The bug has been closed in the meantime:
noflushd (2.7.5-3) unstable; urgency=medium
(...)
* debian/po/vi.po: Added Vietnamese debconf translation. Closes: #316191
(...)
-- Daniel Kobras [EMAIL PROTECTED] Thu, 16 Nov 2006 15:26:46 +0100
Regards,
Daniel
On Thu, Nov 16, 2006 at 11:04:23AM +0200, Udi Meiri wrote:
I did a couple more backtraces and got different results (after
detaching and reattaching):
Thanks Heiko and Udi for the traces! They seem to indicate that
noflushd's main loop is iterated with a zero sleep timeout. I don't see
how this
tag 398480 + pending
thanks
On Tue, Nov 14, 2006 at 01:34:57AM +0100, Santiago Vila wrote:
On a powerpc with Linux 2.6 and oss-compat installed, mpg123 (i.e. mpg123-oss)
outputs just noise. Seems like a bytesex problem.
Ugh, right. The changes in 0.60 erroneously reactivated some dead,
On Thu, Nov 09, 2006 at 08:49:53AM +0200, Udi Meiri wrote:
I get this too every week or so, after a daily script that spins
up /dev/hda runs (noflushd has already spun it back down when it
happens). /dev/sda is not ever spun down (not supposed to be).
Hm, this doesn't seem to happen on my test
On Thu, Nov 09, 2006 at 04:41:15PM +0530, R.Ramkumar wrote:
The current compat package pulls in c, c++, and perl dev packages of
graphicsmagick all at once. Not only are the sizes of the c/c++
packages substantial, but they carry along a train of dev package
dependencies for the corresponding
Package: vrms
Version: 1.12
Severity: normal
The most recent upload of vrms added a low-priority debconf note,
telling the user that vrms will run as a cron job. As discussed eg.
starting from http://lists.debian.org/debian-devel/2006/09/msg00438.html
and in the debconf documentation, this is
Package: vrms
Version: 1.12
Severity: wishlist
Tags: patch
Recent mpg123 now ships with a free license and should be removed from
vrms's reasons list. Patch attached.
Regards,
Daniel.
diff -Nru vrms-1.12/reasons/vrms vrms-1.12.1/reasons/vrms
--- vrms-1.12/reasons/vrms 2006-11-03
On Tue, Oct 31, 2006 at 11:11:25AM -0600, Richard Laager wrote:
Regarding one of our web servers, a co-worker of mine filed an internal
bug with this text:
ImageMagick fonts don't get properly configured -- this seems like it
may be a package bug to me, though I'm not sure.
Basically
On Wed, Oct 25, 2006 at 07:35:13PM +0300, Mika Tiainen wrote:
According to http://buildd.debian.org/pkg.cgi?pkg=mpg123 it's marked as
Not-For-Us, however 0.61-2 builds and works just fine.
I've asked the amd64 buildd maintainers yesterday to remove mpg123 from
Not-For-Us, so hopefully this is
failures as fatal
+errors for now.
+ * debian/rules: At configure time, change X11 search paths to X11R7
+locations.
+ * debian/rules: Remove duplicate of license file from imagemagick
+package.
+
+ -- Daniel Kobras [EMAIL PROTECTED] Mon, 23 Oct 2006 20:52:25 +0200
+
imagemagick (7
On Mon, Oct 16, 2006 at 10:41:25AM +0200, Martin Pitt wrote:
Daniel Kobras [2006-08-18 19:02 +0200]:
--- imagemagick-6.2.4.5.dfsg1.orig/coders/sgi.c
+++ imagemagick-6.2.4.5.dfsg1/coders/sgi.c
@@ -171,13 +171,13 @@
q=pixels;
if (bytes_per_pixel == 2)
{
- for (i=0; i
severity 317083 important
thanks
On Fri, Oct 13, 2006 at 06:58:40PM +0800, Alan Tam wrote:
The perlmagick package should Provide a package that matches the
normal Debian Perl library naming, i.e, libimage-magick-perl.
This violates debian policy 11.9 Perl programs and modules [1] since
it
tag 315792 + pending
thanks
On Tue, Oct 10, 2006 at 05:35:46AM -0700, Jiggly Puff wrote:
If this is true, it isn't a minor bug. This bug claims that the
documentation in the config file is saying the exact opposite of the
truth. Documentation bugs do not get any more serious.
It's minor
severity 391669 wishlist
thanks
On Sun, Oct 08, 2006 at 01:46:16AM +0200, Adrian Bunk wrote:
Since etch will only ship with kernel 2.6 I'd even question whether it
makes sense to ship an extra package with OSS support at all.
OSS offers all the features mpg123 needs. Not having to load the OSS
Moi!
On Tue, Oct 03, 2006 at 11:09:00PM +0200, Petr Salinger wrote:
the current version fails to build on GNU/kFreeBSD.
It needs changes to configure.ac/configure and also
to debian packaging.
Please apply attached patch and regenerate configure.
It would also be nice if you can ask
On Sun, Sep 24, 2006 at 02:10:32PM +0200, Heiko Weinen wrote:
This bug is not reproducible here. At random times, noflushd starts
eating up all free cpu-cycles and remains to do so until it is restarted
by hand or killed. No Log-Messages or similar stuff get recorded.
I think it is possible,
On Fri, Aug 25, 2006 at 11:20:42AM +0200, Jakub Wilk wrote:
$ gm convert -geometry 100x100 xc:white tmp.gif
$ perl -MGraphics::Magick -e '$_ = new Graphics::Magick(); $_-Read(file =
\*STDIN);' tmp.gif
Segmentation fault
I haven't found a proper fix for the bug yet. If you need a quick
tag 383314 + patch
thanks
On Wed, Aug 16, 2006 at 05:20:01PM +0200, Daniel Kobras wrote:
On Wed, Aug 16, 2006 at 03:51:15PM +0200, Martin Pitt wrote:
http://www.overflow.pl/adv/imsgiheap.txt reported a buffer overflow in
the SGI parser (demo exploit linked in the report).
This has been
found 383314 6:6.0.6.2-2.6
thanks
On Fri, Aug 18, 2006 at 07:02:01PM +0200, Daniel Kobras wrote:
On Wed, Aug 16, 2006 at 05:20:01PM +0200, Daniel Kobras wrote:
On Wed, Aug 16, 2006 at 03:51:15PM +0200, Martin Pitt wrote:
http://www.overflow.pl/adv/imsgiheap.txt reported a buffer overflow
tags 383314 - patch
clone 383314 -1
reassign -1 graphicsmagick
retitle -1 libgraphicsmagick1: Buffer overflow in SGI parser [CVE-2006-4144]
thanks
On Wed, Aug 16, 2006 at 03:51:15PM +0200, Martin Pitt wrote:
http://www.overflow.pl/adv/imsgiheap.txt reported a buffer overflow in
the SGI parser
On Tue, Jul 25, 2006 at 12:46:30PM +1000, Brendan O'Dea wrote:
Ryan believes that the problem with MIPS is a kernel issue, and was
planning to upgrade the kernel on the buildds soonish.
As far as hppa goes, perl-5.8.8-5 successfully autobuilt on bld-3, then
-6 failed on the same machine.
Package: manpages-dev
Version: 2.34-1
Severity: normal
Tags: patch
It's bad enough that we got hacked through a security hole, so at least
let's not go on pretending it was a feature.
Regards,
Daniel.
--- prctl.2.orig2006-07-14 18:47:20.0 +0200
+++ prctl.2 2006-07-14
On Mon, Jul 10, 2006 at 02:52:29PM +0200, Christian Marillat wrote:
0.9.0 has been released 05.06.2006
and uploaded to Debian a week ago, on 02.07.2006.
Regards,
Daniel.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: liblash-dev
Version: 0.5.1-1
Severity: normal
LASH's pkg-config support file lash-1.0.pc contains
Libs: -Wl,--rpath -Wl,${libdir} -L${libdir} -llash -lpthread -luuid
This is mildly useful as long as liblash is installed in a non-standard
location, but doesn't make sense for the Debian
Package: libfluidsynth-dev
Version: 1.0.6-4
Severity: grave
Justification: causes build failures in dependent packages
The .la file in libfluidsynth-dev includes dependencies on
/usr/lib/libladcca.la, /usr/lib/libjack.la, and /usr/lib/libasound.la,
but the respective packages providing these .la
On Thu, Jun 29, 2006 at 12:55:48AM +0100, Antony Gelberg wrote:
This bug has been open 77 days without an ack as yet. Do you have any
idea when 0.8.1 (released in March this year) might get into sid?
Expect an upload this week.
Daniel.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
Package: pxe
Version: 1.4.2-3
Severity: grave
Justification: breaks system upgrades
The pxe daemon fails to start when there still is a stray pid file in
/var/run. Incidentially, it also fails to remove the pid file when
stopped. In combination, pxe is unusable after an upgrade until the old
pid
Following up on my own report, the bug is caused by 03-gcc4.dpatch which
moves pidfile creation in front of the switch to user 'nobody', meaning
that the pidfile can actually be created in /var/run. Upon termination,
the daemon lacks capabilities to remove the pidfile, though. The most
elegant way
reassign 376081 xserver-xorg
merge 376081 363371
thanks
On Fri, Jun 30, 2006 at 09:34:20AM +0200, Florian Lohoff wrote:
it seems the bug #261634 has come back with the current version:
[EMAIL PROTECTED]:~$ display image002.jpg
display: unable to load font
tag 375377 + pending
thanks
On Sun, Jun 25, 2006 at 08:09:31PM +0200, Petr Salinger wrote:
Can you please elaborate why this patch is necessary? configure either
#undefs the macro or #defines it to 1, so #if and #ifdef should behave
identically.
Unfortunately configure does not work in the
On Tue, Jun 27, 2006 at 05:04:20PM +0200, Alexander Koch wrote:
this might look like #261634 but that one is from ages back
and he uses imagemacgick 5:xxx. I use the latest verion, and
I have to admit I am clueless as to where (perfectly possible)
something is wrong here. This happened after
On Sun, Jun 25, 2006 at 06:34:13PM +0200, Petr Salinger wrote:
Additional source tweak is bellow.
It would also be nice if you can ask upstream
to include this change.
Can you please elaborate why this patch is necessary? configure either
#undefs the macro or #defines it to 1, so #if and
Hi Sam!
Will's patch included below (or anything similar that adds the ability
to tweak realtime settings) is quite central to many multimedia
applications. For one of my packages, it determines the default
configuration I intend to ship with etch. So could you please comment
whether you think
On Tue, Jun 20, 2006 at 07:23:06PM +0200, Claus Fischer wrote:
In other words, while logging on disk spinup is desirable
(to find out the number and pattern of disk spinup from the
log files), logging the spindown is highly undesirable since
it triggers disk activity ...
Have you tuned your
reassign 363371 xserver-xorg
thanks
On Sun, Jun 18, 2006 at 10:42:16PM -0400, Mike Edwards wrote:
Interesting. Looks like xorg.conf still has the old paths in it:
FontPath /usr/X11R6/lib/X11/fonts/misc/
FontPath /usr/X11R6/lib/X11/fonts/Speedo/
FontPath
101 - 200 of 367 matches
Mail list logo
