Bug#917177: RM: mpb [armel] guile-2.2 is not available on armel

Package: ftp.debian.org Affects: src:mpb guile-2.2 doesn't build on armel currently. Therefore, please remove mpb from armel, as this depends on libctl which depends on guile-2.2. See https://bugs.debian.org/883778 for more details about the guile armel issue. Thanks! Thorsten

Bug#917178: RM: libctl [armel] guile-2.2 is not available on armel

Package: ftp.debian.org Affects: src:libctl guile-2.2 doesn't build on armel currently. Therefore, please remove libctl from armel. See https://bugs.debian.org/883778 for more details about the guile armel issue. Thanks! Thorsten

Bug#916711: only GPL-3

Package: smbmap Version: 1.0.5+git20180508-1 Severity: serious thanks Dear Maintainer, according to smbmap-master/LICENSE, the license of this software is only GPL-3. Please adapt your debian/copyright accordingly. Thanks! Thorsten

Bug#915933: missing license in debian/copyright

Package: twms Version: 0.06y-2 Severity: serious User: alteh...@debian.org Usertags: ftp X-Debbugs-CC: ftpmas...@ftp-master.debian.org thanks Dear Maintainer, please add the missing licenses of: twms-0.06y/twms/twms.conf twms-0.06y/index.py to your debian/copyright. Thanks! Thorsten

Bug#915176: gnulib

just for the record: an explanation is given in: https://lists.gnu.org/r/bug-gnulib/2018-03/msg0.html patch 1/2 is: https://github.com/coreutils/gnulib/commit/4af4a4a71827c0bc5e0ec67af23edef4f15cee8e#diff-f595736fa3d73037e87e907a6ae5ec07 patch 2/2 is: https://github.com/coreutils/gnulib

Bug#867362: patches for RC bugs

pid files in postrm +(Closes: #867362) + + -- Thorsten Alteholz Mon, 12 Nov 2018 19:00:00 +0100 + isc-dhcp (4.3.5-4) unstable; urgency=medium * Acknowledge and apply the non-maintainer upload. diff -Nru isc-dhcp-4.3.5/debian/isc-dhcp-server.postrm isc-dhcp-4.3.5/debian/isc-dhcp

Bug#907336: disable ghostscript

Hi Bastien, If security team thinks it a good idéal why not. But we lost pdf convention... I don't think that the security team prefers a solution, but they do want to handle this the same in every release. Maybe a debconf question ? Yes, that is a good idea. Thorsten

Bug#912044: pbuilder config

Hi Daniel, thanks for your report. Can you please be a bit more verbose on how your pbuilder and chroot is configured? At the moment I am not able to reproduce the failure. Thanks! Thorsten

Bug#912159: stretch-pu: package libmspack/0.5-1+deb9u3

CAB block input buffer, which is too small +for the maximal Quantum block, prevents an out-of-bounds write. + * CVE-2018-18585 (Closes: #911637) +Blank filenames (having length zero or their 1st or 2nd byte is +null) should be rejected. + + -- Thorsten Alteholz Fri, 26 Oct 2018 19:0

Bug#907336: disable ghostscript

Hi, is there any plan to do the suggested disabling of ghostscript? I wonder whether this should be done as well in other releases when CVE-2018-18025 will be fixed. Thorsten

Bug#906201: duktape: Please consider using a 'real' make target & clarify no debugging comment

Hi Chris, On Wed, 15 Aug 2018, Chris Lamb wrote: I just ACCEPTed duktape from NEW but was wondering if: thanks a lot for accepting the package ... cat debian/duktape.pc.in|sed "s/#TRIPLE#/$(DEB_HOST_MULTIARCH)/g" > debian/duktape.pc … might be better written as a 'real' Make target? ...

Bug#903669: lintian -- false positive on using-first-person-in-description

Hi Chris, On Thu, 12 Jul 2018, Chris Lamb wrote: The description of pyicloud contains the name of a software called "Find My iPhone". I think this is a case for an override rather than a change in Lintian as it will never be able to reliably know that this is a false positive without aintainin

Bug#903669: lintian -- false positive on using-first-person-in-description

Package: lintian Version: 2.5.84 Severity: normal The description of pyicloud contains the name of a software called "Find My iPhone". So in this case "My" is not a using-first-person-in-description ... Thorsten

Bug#901545: siggen: ignores config files

Hi Jacek, On Thu, 14 Jun 2018, Jacek Sobczak wrote: The siggen set of programs ignore (do not read?) config files /etc/siggen.conf, $HOME/.siggen.conf, ./.siggen.conf. hmm, no it does try to read those files. Maybe the documentation is not the best. Did you try to use only lowercase characte

Bug#900070: dateutils: please use upstream binary names

On Fri, 25 May 2018, Phil Morrell wrote: In [v0.3.3], upstream changed e.g. dgrep -> dategrep as such, the default configuration no longer conflicts with e.g. debian-goodies (846074). As far as I can tell from [packages.debian.org] there would be no conflicts if we removed the ugly "dateutils.d

Bug#898845: RM: openggsn -- RoM; upstream replaced software by osmo-ggsn

Package: ftp.debian.org Severity: normal openggsn is replaced by osmo-ggsn now Thorsten

Bug#898721: lintian -- maybe false positive on description-starts-with-package-name

Package: lintian Version: 2.5.82~bpo9+1 Severity: normal I am not sure whether this is a good english expression, but if so, this is a false positive: Description: base58 encode/decode: command-line interface lintian check for base58_1.0.0-1_all.deb N: 'base58 encode/decode' is a

Bug#897278: [Debian-mobcom-maintainers] Bug#897278: libosmocodec0: circular dependency with libosmocore9, libosmogsm8

Hi Bill, On Tue, 1 May 2018, Bill Allombert wrote: There is a circular dependency between libosmocodec0, libosmocore9 and libosmogsm8: libosmocodec0 :Depends: libosmocore9 (>= 0.10.2) libosmocore9:Depends: libosmocodec0 (>= 0.9.6), libosmogsm8 (>= 0.10.2) libosmogsm8 :Depends: libosm

Bug#898572: wrong term in debian/copyright

Package: keepass2-plugin-keepasshttp Version: XXX Severity: serious thanks As the license of this software is just GPL-3, please remove the term "or (at your option) any later version." from your debian/copyright. Thanks! Thorsten

Bug#897915: lintian -- False positive on orphaned-package-not-maintained-in-debian-infrastructure

Package: lintian Version: 2.5.82~bpo9+1 Severity: normal git.dgit.debian.org seems to be within *.debian.org, so this looks like a false positive ... lintian check for python-ofxhome_0.3.3-2.dsc W: python-ofxhome source: orphaned-package-not-maintained-in-debian-infrastructure vcs-

Bug#896705: [uscan] problem with creating orig.tar from git tag

Package: devscripts Version: 2.18.1 Severity: normal Hi, uscan in version 2.18.1 is no longer able to create a new orig.tar from a tag in a git repository. At the end are the results from version 2.17.12, which is doing fine. Thorsten debian@devel:~/devscript-bug$ LANG=C dpkg -l devscrip

Bug#895841: lintian -- False positive on spelling-error-in-binary

Package: lintian Version: 2.5.80 Severity: normal For osmo-trx 0.2.0 I get: I: osmo-trx: spelling-error-in-binary usr/bin/osmo-trx wIH with But there is no wIH in the source: debian@devel:~/move-to-salsa/mobcom/osmo-trx/osmo-trx-0.2.0$ grep -R wIH debian@devel:~/move-to-salsa/mobcom/osmo-tr

Bug#895758: lintian -- when is a patch a patch (HG)

Hi Chris, On Sun, 15 Apr 2018, Chris Lamb wrote: I could have sworn that already not all files in the patch/ directory trigger such a message. But as I understand you right now, this is not the case yet. So I am fine with it ... Sorry, I don't understand what you mean here. :) Can you rephras

Bug#895758: lintian -- when is a patch a patch (HG)

Hi Chris, On Sun, 15 Apr 2018, Chris Lamb wrote: This might be a language thing but I would not know what "patch back" would mean out of context. Indeed, even when I am pretty sure what you are trying to achieve (temporarily ignore a patch?) yes, thats what I wanted. I could have sworn that a

Bug#895758: lintian -- when is a patch a patch (HG)

Package: lintian Version: 2.5.80 Severity: wishlist My outreachy mentee renamed an old patch to: 02_set_version_explicitly.patch_back lintian complained about that with: W: libosmo-sccp source: patch-file-present-but-not-mentioned-in-series 02_set_version_explicitly.patch_back I would like

Bug#894751: license missing

Package: libbpp-core Version: 2.4.0-1 Severity: serious thanks Dear Maintainer, as the CeCILL license is not part of /usr/share/common-licenses/, please add the full license text to your debian/copyright Thanks! Thorsten

Bug#597710: does this problem still exist

Hi Denis, While browsing through older bugs of apcupsd I wonder whether you still have this problem with a recent version of apcupsd? Thanks! Thorsten

Bug#812941: does this problem still exist?

Hi Trent, while browsing through older bugs of apcupsd I wonder whether you still have the reported problem. Do you still have problems with the uninterruptable sleep of apcupsd? Thorsten

Bug#609009: apcupsd: please add logcheck rules to the packages

Hi Radek, while browsing through the old bug reports of apcupsd, I wonder whether you already created a file that you want to share? Thanks! Thorsten

Bug#884425: apcupsd start immediately after apt install

Hi, I am not sure that the startup behaviour of the daemon should depend on the maintainer scripts executed during installation. Wouldn't it be better to let the admin decide and configure it? In this case something like: # echo -e '#!/bin/bash\nexit 101' > /usr/sbin/policy-rc.d # chmod +

Bug#893156: Request to reset src:mariadb-10.1 to previous known working state in Debian testing/unstable archives

Hi Otto, On Mon, 19 Mar 2018, Otto Kekäläinen wrote: This will result in wide spread breakage when apt starts to upgrade all previous 10.1, 10.2 and 10.3 installs into this 1:10.1 version as I explained in my first mail. I tried my best to be very elaborate in the first mail. maybe I am missin

Bug#892769: apcupsd: Exclusionary language in configuration files

Hi Autumn, On Mon, 12 Mar 2018, Autumn Mahoney wrote: I know the language is inherited from upstream Yes, please file an upstream bug for this. Thanks! Thorsten

Bug#600932: does this problem still exist?

Hi Harri, while browsing through older bugs of apcupsd I wonder whether you still have the reported problem. Do you still have problems with the serial baudrate? Thorsten

Bug#890944: new packages should not receive emails before email alias is created

Hi everybody, On Mon, 5 Mar 2018, Luca Falavigna wrote: OK. Can you please indicate which header is used to reference the source package when sending mails to dispatch@tracker.d.o? does [1] make sense for this? Thorsten [1] https://salsa.debian.org/ftp-team/dak/merge_requests/9

Bug#857191: jabberd2: service file uses deprecated BindTo=

This has been fixed upstream ... Thorsten

Bug#891988: missing entry in debian/copyright

Package: gtimelog Version: 0.11-4 Severity: serious thanks Dear Maintainer, please add the missing licenses of: gtimelog-0.11/src/gtimelog/help/C/* to debian/copyright. Thanks! Thorsten

Bug#891794: lintian -- False positive on spelling-error-in-binary

Package: lintian Version: 2.5.67 Severity: normal A soon to be available package gives: I: osmocom-analog: spelling-error-in-binary usr/bin/amps Rouge Rogue This is a false positive as it comes from: osmocom-analog-0.0.1/src/amps/stations.c: { 85, 0, "Baton Rouge",

Bug#890943: lintian -- False positive on license-problem-non-free-img-lenna

Package: lintian Version: 2.5.67 Severity: normal According to the maintainer of libplacebo this is false positive. md5sum :0ea16a2c4b94f0c1a83d11278655ac9f ./libplacebo-0.4.0/demos/lena.jpg sha1sum :14045bb11fbccdfa9a522cf74ced9385f02307d8 ./libplacebo-0.4.0/demos/lena.jpg sha256sum:89516

Bug#890944: new packages should not receive emails before email alias is created

Package: tracker.debian.org Severity: normal After a package has been accepted from NEW, the first email arrives before the email alias is created on picconi and thus the email won't reach interested people ... Thorsten Date: Tue, 20 Feb 2018 12:00:13 + From: Mail Delivery System To

Bug#889620: missing entry in debian/copyright

Package: jupyter-core Version: 4.4.0 Severity: serious thanks Hi, please add the missing licenses of: jupyter_core-4.4.0/jupyter_core/utils/shutil_which.py to debian/copyright. Thanks! Thorsten

Bug#889618: entry in debian/copyright missing

Package: flask-login Version: 0.4.0-2 Severity: serious thanks Hi one of our trainees looked at your package and found that a whole directory in the source (docs/_themes) is copyrighted by Armin Ronacher and licensed with a 3-clause BSD license. This whole information is missing from the copy

Bug#889154: maintainer-script-should-not-use-service, long description

Package: lintian Version: 2.5.72 Severity: wishlist Please extend the long description of maintainer-script-should-not-use-service Especially it is not clear what to do in case a package changes the config of another package and would like to reload the config during installation. For example

Bug#788111: dateutils: Problems with input and output formats

Hi Andrew, in your first example you use %y. According to the man page this is: %y The year without a century (range 00 to 99) So with "2015" at the beginning of the date, there are really two digits too much and the error is correct. The %d-problem seems to be fixed in the latest version no

Bug#775186: dateutils.dconv: ywd.c:474: __make_ywd_c: Assertion `w != DT_MIRACLEDAY' failed

Hi Jakub, though it might not be nice to just exit the program, the given assert is a wanted one, as the code says: assert(w != DT_MIRACLEDAY); So I would not say that this is a bug but intended behaviour ... Thorsten

Bug#888978: developers-reference: 5.6.5 queued logfile

On Thu, 1 Feb 2018, Guillem Jover wrote: diff --git a/common.ent b/common.ent index 1bbed6a..561af11 100644 --- a/common.ent +++ b/common.ent @@ -48,6 +48,7 @@ + I think using ssh.upload.debian.org here would be the more correct fix? Oh, yes, you are right. Thorsten

Bug#888978: developers-reference: 5.6.5 queued logfile

Package: developers-reference Version: 3.4.19 Severity: normal Tags: patch Hi, in paragraph 5.6.5 you recommend to login to ssh.debian.org to find the logfile for queued. This seems to be no longer true. Nevertheless the logfiles can be found on usper. Thorstendiff --git a/common.ent b/com

Bug#887110: Debian Testing Cannot be installed on Macchiatobin

Hi Cyril, On Sun, 14 Jan 2018, Cyril Brulebois wrote: Any chance you could check what happens with daily builds? https://d-i.debian.org/daily-images/amd64/ ok, I tested mini.iso built on 20180114 and 20171231. The installer started, I could configure the network and everything seems to be fi

Bug#887110: Debian Testing Cannot be installed on Macchiatobin

Package: debian-installer Version: debian-testing-arm64-netinst.iso dated 2018-13-01 226492416 I am trying to use the netinst iso on an USB stick to install Debian on a recent Macchiatobin (ref 1.3) via serial line. After starting the default installation, some prints appeared: (...) Loadin

Bug#885867: RM: mpb [mipsel] -- ROM; test suite does not work

Package: ftp.debian.org Severity: normal As the test suite does not work anymore on mipsel, the package should be removed from that architecture.

Bug#855494: SVN to Git migration status

Hi everybody, On Fri, 1 Dec 2017, Andreas Tille wrote: * I never liked the split of one upstream source into lots of SVN checkouts in different source packages. Those who are working on that set of packages need to do stupid repeated work for no good reason and I really regret

Bug#827580: u-boot-exynos: boot_targets env default not set to boot correctly on Odroid XU3

Hi, I just encountered the same bug now. Switiching mmc0 and mmc1 just makes it impossible to boot from the other device, doesn't it? Wouldn't it be better to introduce two package u-boot-exynos-sd and u-boot-exynos-emmc instead? Thorsten

Bug#878209: apcupsd: please provide a split package without X11 deps

Hi Daniel, On Tue, 17 Oct 2017, Daniel Schaal wrote: Attached is a patch to split the gui from the main package into apcupsd-gui. It also installs the desktop file and pixmaps for gapcmon. thanks a lot for the patch, I will upload the new package soon. Thorsten

Bug#611082: does this problem still exist?

On Sun, 8 Oct 2017, PICCORO McKAY Lenz wrote: i only have the squeeze version working, the stupid "upgrade" policy to "more modern" does not make sense to me until this king of manteneance That is the reason why I am asking. As upstream did some changes in the usb part, I would like to kno

Bug#775800: does this problem still exist?

Hi Thomas, while browsing through older bugs of apcupsd I wonder whether your bug report is still valid. Do you still have problems with missing kernel modules? Did you try to load them manually? Best regards Thorsten

Bug#611082: does this problem still exist?

Hi everybody, while browsing through older bugs of apcupsd I wonder whether your bug report is still valid. Do you still have problems with the APC Back-UPS CS 500? Best regards Thorsten

Bug#684696: does this problem still exist?

Hi Yoric, while browsing through older bugs of apcupsd I wonder whether your bug report is still valid. Do you still have problems with your USV during power failure? Best regards Thorsten

Bug#544924: does this problem still exist?

Hi Justin, while browsing through older bugs of apcupsd I wonder whether your bug report is still valid. Do you still have problems with apcupsd together with your printer? Best regards Thorsten

Bug#789594: does this problem still exist?

Hi Nigel, while browsing through older bugs of apcupsd I wonder whether this bug report is still valid. Do you still have problems with apcaccess contacting your apcupsd? Thorsten

Bug#752195: does this problem still exist?

Hi, while browsing through older bugs of apcupsd I wonder whether your bug report is still valid. Do you still have problems with your Eaton 3s? Thorsten

Bug#723548: smstools link with -L/usr/lib

Hi, according to newer build logs[1] this package seems to build on mips64el now. So can this bug be closed? Thorsten [1] https://buildd.debian.org/status/package.php?p=smstools&suite=sid

Bug#859731: libb64-dev: relocation R_X86_64_32S against `.rodata.str1.8' can not be used

Hi Jens, On Thu, 7 Sep 2017, Jens Rapp wrote: I tried this first but it didn't work. Finally, I downloaded libb64 source and built it with -fPIC. With this I could compile my software, too. hmm, this is strange. According to the build logs[1] the shared libs of this package are already build

Bug#859731: libb64-dev: relocation R_X86_64_32S against `.rodata.str1.8' can not be used

Hi Jens, the linker error suggests to compile your software with -fPIC. Did you try to do this? Thorsten

Bug#818968: Long live Oysttyer

Hi Thijs, On Tue, 29 Aug 2017, Thijs Kinkhorst wrote: Do you think it would be useful if oysttyer would also provide a transitional package ttytter, or should we remove ttytter wholesale now? as you need to authorize oysttyer with twitter again, it is not just a drop in replacement. So I woul

Bug#840490: ptpd should run as a daemon as soon as it is installed

Hi Joachim, most of the packages on my computer having a file in /etc/default also have such a daemon option. From my point of view this makes sense, as it is much better to first configure a software properly before using it with maybe a bad default configuration. So this seems to be the norm

Bug#873323: lintian -- False positives on copyright-year-in-future

Package: lintian Version: 2.5.52 Severity: normal The license of package oysttyer contains an example, which gives a false positive for "copyright-year-in-future": * If you choose to create and distribute a derivative work based on this package, your derivative work must clearly mak

Bug#818968: Long live Oysttyer

Hi, I just wanted to tell everybody that oysttyer just entered unstable. Thorsten

Bug#872473: node-xmpp outdated

Package: node-xmpp Version: 0.3.2-3 Severity: normal User: alteh...@debian.org thanks The Homepage:[1] leads to an almost empty page. The github repository URL[2] in debian/copyright is redirected to a different project[3], where the README says: "xmpp.js is a rewrite of node-xmpp" Further,

Bug#862548: ITP: t923con -- reading data from weather stations based on Hideki ones

Package: wnpp Severity: wishlist Owner: Thorsten Alteholz * Package name: t923con Version : 0.6.1 Upstream Author : Mark Teel * URL : http://te923.fukz.org/ * License : BSD2 Programming Lang: C Description : reading data from weather stations based

Bug#659620: radlib in Debian

Hi everybody, I just uploaded radlib to Debian, so it can be used as a dependency for wview. Btw. is there anybody still actively working on wview? Thorsten

Bug#857822: runcircos-gui_0.0+20160403-1_amd64.changes REJECTED

Hi Andreas, On Mon, 27 Mar 2017, Andreas Tille wrote: Files: * Copyright: 2014-2016 Arun Narayanankutty License: GPL-3+ ^^ this does not match ... Files: debian/* Copyright: 2017 Andreas Tille License: GPL-3+ License: GPL-3+ runcircos-gui is free software: you can redistri

Bug#857342: attachement

Hi, do you mind testing the new package with upstream fixes? It is available at: https://people.debian.org/~alteholz/packages/wheezy-lts/tnef/amd64/ Thorsten

Bug#857342: attachement

Hi, do you mind if upstream uses your winmail.dat to create a test for the tnef test suite? Thorsten

Bug#856187: (no subject)

Hi Fabrice, On Mon, 27 Feb 2017, Fabrice Dagorn wrote: here is a patch for your 2.8-2 package fixing this bug. Sorry for #856198, I thought it would help. thanks for the patch, but I am afraid you forgot the fix in utils.cpp, didn't you? Thorsten

Bug#856198: RFS: entropybroker/2.9-0.1 [RC] [NMU]

On Sun, 26 Feb 2017, Gianfranco Costamagna wrote: I am looking for a sponsor for my package "entropybroker" This is rather strange. BTW since Thorsten is the maintainer, and he is active, an NMU for a bug opened some hours ago would be *totally* unappropriate. Indeed, it is also the wron

Bug#856142: ghostscript: CVE-2017-6196

Package: ghostscript Severity: important Tags: security Hi, the following vulnerability was published for ghostscript. CVE-2017-6196[0]: | Multiple use-after-free vulnerabilities in the gx_image_enum_begin | function in base/gxipixel.c in Ghostscript before | ecceafe3abba2714ef9b432035fe0739d9b

Bug#856127: web2py: CVE-2016-4806 CVE-2016-4807 CVE-2016-4808

Package: web2py Severity: important Tags: security Hi, the following vulnerabilities were published for web2py. CVE-2016-4806[0]: | Web2py versions 2.14.5 and below was affected by Local File Inclusion | vulnerability, which allows a malicious intended user to read/access | web server sensitive

Bug#856063: CVE-2017-6197

Package: radare2 Severity: important Tags: security Hi, the following vulnerability was published for radare2. CVE-2017-6197[0]: | The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 | allow remote attackers to cause a denial of service (NULL pointer | dereference and application

Bug#855524: ITP: pyicloud - module to allow interaction with iCloud webservices

Package: wnpp Severity: wishlist * Package name: pyicloud Version : 0.9.1 Upstream Author : Peter Evans * URL : https://github.com/picklepete/pyicloud * License : Expat Programming Lang: python Description : module to allow interaction with iCloud webse

Bug#498657: bottlerocket + udev

Hi, I don't know whether you still use bottlerocket, but do you have any idea what might be the correct udev rule? Is the one mentioned in [1] sufficient? Isn't there any prod_id or whatever available from the hardware to narrow the rule a bit? Thorsten [1] https://bugs.debian.org/cgi-bi

Bug#855152: ITP: npd6 - IPv6 neighbor proxy daemon

Package: wnpp Severity: wishlist * Package name: npd6 Version : 1.1.0-1 Upstream Author : Sean Groarke * URL : https://github.com/npd6/npd6 * License : GPL-3+ Programming Lang: C Description : IPv6 neighbor proxy daemon npd6 is a daemon which listens

Bug#853880: ITP: openoverlayrouter -- deploy programmable overlay networks

Package: wnpp Severity: wishlist * Package name: openoverlayrouter Version : 1.1.1+ds1-1 Upstream Author : Albert López * URL : https://github.com/OpenOverlayRouter/oor * License : Apache-2 Programming Lang: C Description : deploy programmable overlay n

Bug#850762: fixed in setserial 2.17-50

Control: severity -1 important Ok, as we have a new bug now, I am setting the severity accordingly. On Sat, 28 Jan 2017, Andreas Henriksson wrote: Circumventing the required *-rc.d policy layers like this is a serious policy violation. (9.3.3) No, it is a "should"-clause and according to 1.1

Bug#853241: kf5-messagelib: CVE-2016-7967 CVE-2016-7968

Package: kf5-messagelib Severity: important Tags: security Hi, the following vulnerabilities were published for kf5-messagelib. CVE-2016-7967[0]: | KMail since version 5.3.0 used a QWebEngine based viewer that had | JavaScript enabled. Since the generated html is executed in the local | file se

Bug#853240: runc: CVE-2016-8867

Package: runc Severity: important Tags: security Hi, the following vulnerability was published for runc. CVE-2016-8867[0]: | Docker Engine 1.12.2 enabled ambient capabilities with misconfigured | capability policies. This allowed malicious images to bypass user | permissions to access files wit

Bug#849867: xen-create-image: default config file contains bad values

On Tue, 3 Jan 2017, Axel Beckert wrote: Also, I conjecture that Thorsten's initramfs's may be much larger than Axel's. Ah, including initramfs. Ok, with the generic (and not hw-specific) initramfs, 128 MB might indeed be too little. I created an image with just the default parameters and wa

Bug#849867: xen-create-image: default config file contains bad values

On Tue, 3 Jan 2017, Ian Jackson wrote: I looked at the the installation manual and it says 112Mb for the installler. That's unchanged from jessie and probably hasn't been updated for stretch. Thorsten, if that figure is wrong, you may want to file a bug against the manual. The code has a de

Bug#849867: xen-create-image: default config file contains bad values

Package: xen-tools Version: 4.6.2 Severity: normal Hi Axel, the file ./etc/xen-tools.conf of the source package, which will be installed at /etc/xen-tools.conf, contains a default value of 128M for the size of memory. This is no longer sufficient for current kernels in Stretch and should be

Bug#847062: openzwave: MinOZW search for configuration in a weird path

tags 847062 wontfix thanks Hi Xav, On Mon, 5 Dec 2016, Xavier Bestel wrote: At start MinOZW displays : "Error, Cannot find a path to the configuration files at ../../../config/, Using /etc/openzwave/ instead..." It seems like there's some remnants of when it'"s used in its dev directory. I th

Bug#846923: mpb: FTBFS on mipsel - hanging on autconf test for BLAS zdotc

On Sat, 10 Dec 2016, Gilles Filippini wrote: Will you upload the binary packages for mipsel then? Sure, do I have to consider something? I have never done a binary only upload. I would add an entry in debian/changelog for +b6, do dpkg-buildpackage -B and upload the resulting changes file

Bug#846923: mpb: FTBFS on mipsel - hanging on autconf test for BLAS zdotc

severity 846923 normal tags 846923 help thanks On Sun, 4 Dec 2016, Gilles Filippini wrote: I tested the build on porter box eller.debian.org with the very same result. I am afraid you have been to impatient here: (sid_mipsel-dchroot)alteholz@eller:~/mpb-1.5$ time dpkg-buildpackage (...) dpkg-g

Bug#847062: openzwave: MinOZW search for configuration in a weird path

I opened an upstream issue [1]. Thorsten [1] https://github.com/OpenZWave/open-zwave/issues/1061

Bug#846254: compile error with gcc-6

Package: googletest Version: 1.8.0-3 Severity: serious thanks Hi, building the alljoyn packages (alljoyn-core-1504, alljoyn-core-1509, alljoyn-core-1604) with googletest and gcc-6 gives the following compile error. I guess the "#include " jusst needs to be replaced by "#include " for gcc-6 no

Bug#837556: Information needed on LORENE?

Hi Thibaut, On Wed, 16 Nov 2016, Thibaut Paumard wrote: I see that LORENE has been in the NEW queue for two months now sorry that it took so long, but the package is marked for accept now. Thorsten

Bug#842982: lua-sec update prevents ssl connections with prosody

Package: lua-sec Version: 0.6-1 Severity: serious thanks Hi Enrico, after an "apt-get dist-upgrade" today on a Stretch system, which among others installed lua-sec 0.6-1, prosody was no longer able to accept ssl connections. All connections came from (unknown)@(unknown) and were rejected. A

Bug#840352: non-free license of debian/*

Package: clod Version: 1.0.1-1 Severity: serious User: alteh...@debian.org Usertags: ftp X-Debbugs-CC: ftpmas...@ftp-master.debian.org thanks Hi Daniel, while looking at you debian/copyright again, the license of debian/* only allows to distribute the files without royalties (not with or without

Bug#824155: IoTivity

Hi Philippe, I am trying to start a new debian-iot team within Debian. Up to know the libcoap package and some packages of the Alljoyn Framework are part of it. As the latter also uses scons, I have some experience with it, albeit I am far from being an expert. So if you want to join the team

Bug#839801: Browserified javascript and DFSG source

Hi, On Wed, 5 Oct 2016, Pirate Praveen wrote: So I request ftp masters, 1. To make an official ruling on this issue. isn't #830986 rather close to such a statement? What else do you need? 2. If this is considered RC, give an exception to stretch release ... This is something for the rele

Bug#835851: add MIPS r6 support in dak

If I may put my two cents in, as far as I know DSA is responsible for installing new packages. So if dpkg 1.18.5 is in jessie-backports, the biggest hurdle would have been taken ... Thorsten

Bug#839051: wheezy-specific bind9 issue

Hi Florian, On Wed, 28 Sep 2016, Florian Weimer wrote: While trying to write a reproducer for CVE-2016-2776, I discovered that the 1:9.8.4.dfsg.P1-6+nmu2+deb7u10 version in wheezy would crash, while unpatched jessie and upstream would not:

Bug#791965: fixed in openzwave 1.5+ds-1

Hi Justin, On Tue, 4 Oct 2016, Justin Hammond wrote: is it possible to upstream any changes to the openzwave github project? yes, sure, but I still want to wait a bit until I can upload the package to Debian-main and the QA-Jobs are happy ... Thorsten

<    1   2   3   4   5   6   7   8   9   >