package release.debian.org
tags 1034713 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: php-guzzlehttp-psr7
package release.debian.org
tags 1035105 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: distro-info-data
Version:
package release.debian.org
tags 1034736 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: pev
Version: 0.81-3+deb11u1
package release.debian.org
tags 1034714 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: php-nyholm-psr7
Version:
I used "Guided - use entire disk and set up encrypted LVM"
On April 25, 2023 12:55:27 PM CDT, Pascal Hambourg
wrote:
>Hello,
>
>On 25/04/2023 at 01:29, Adam wrote:
>>
>> I installed from a thumb drive, to another thumb drive, on a computer
>> that had an
t and muacrypt actually have the same main developer. With the
last active development in 2019, it doesn't really qualify as a new
project ¯\_(ツ)_/¯
> Thanks!
So that is the current status. Patches are welcome. Or even feel free to
take over the package.
Regard,
Adam
P.S. CC-ing holger as the main devel
On Thu, Apr 27, 2023 at 04:58:46PM +0200, Emanuele Rocca wrote:
>
> the btrfs-progs udeb currently includes only /bin/btrfs and /bin/mkfs.btrfs.
>
> Please add /sbin/fsck.btrfs as well so that it can be included in the
> initramfs
> generated by the debian installer. Patch attached.
That file
Package: installation-reports
Severity: normal
X-Debbugs-Cc: a...@hax0rbana.org
(Please provide enough information to help the Debian
maintainers evaluate the report efficiently - e.g., by filling
in the sections below.)
Boot method: USB
Image version: Bullseye
Date: 04/23/2023
Machine: Home
Is there any process I can initiate to get the upstream versions into
Debian while the package maintainer (nicoo) is away?
It's been 9 months since I submitted the merge request to go from 1.1.0
to 1.1.1. I'd like to do more to help, but I'm not sure how to proceed.
-- Adam Hacker
package release.debian.org
tags 1029976 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libzen
Version:
I know this is the wrong way to do it, but d-i pkgsel/run_tasksel boolean false
in my preseed.cfg was the easiest way for me to fix it.
Just the d-i netcfg/choose_interface select auto problem to go now.
This is possibly the wrong thread for it, IMO there needs to be a simple way to
copy the
code assumes that
> exp->NumberOfFunctions is greater than ordinal at each iteration.
> This
> can lead to arbitrary code execution.
>
Please go ahead.
Regards,
Adam
[CVE-2023-29197]
> filed as #1034597. The security team reviewed this bug filed
> with a non-RC severity, so I assume they don’t expect to release
> a DSA for it (as for the other php-guzzlehttp-psr7 issue),
> anyway the team is X-D-Cc.
>
Please go ahead.
Regards,
Adam
ecurity team filed those bugs with a non-RC severity, so
> I assume they don’t expect to release a DSA for it (as for the
> previous main issue), anyway the team is X-D-Cc.
>
The Security Tracker agrees. Please go ahead.
Regards,
Adam
Package: installation-reports
Severity: minor
X-Debbugs-Cc: deb...@voltagex.org
(Please provide enough information to help the Debian
maintainers evaluate the report efficiently - e.g., by filling
in the sections below.)
Boot method: USB
Image version: debian-bookworm-DI-rc1-amd64-netinst.iso +
verity: important".
That could have been changed without opening a new report, but in any
case "normal" was correct.
Regards,
Adam
package release.debian.org
tags 1034455 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: mariadb-10.5
Version:
package release.debian.org
tags 1034548 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: glibc
Version:
package release.debian.org
tags 1034454 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: galera-3
Version:
load today (or early tomorrow)?
>
With my DSA hat on, I'm not aware of it having been confirmed to fix
the issue on bullseye. I'm happy to test an updated package in the
meantime. (FWIW the update isn't in p-u currently because of this
issue.)
Regards,
Adam
; mariadb-10.5 (1:10.5.19-0+deb11u2) bullseye; urgency=medium
>
> * Add patch to revert upstream libmariadb API change (Closes:
> #1033654)
>
Thanks.
Please go ahead, bearing in mind that the window for 11.7 closes during
this weekend.
Regards,
Adam
On Wed, 19 Apr 2023, at 05:58, Roland Clobus wrote:
> Hello Adam,
>
> I've seen some issues on openQA which run on AMD hardware, but I
> personally only have Intel processors, so I cannot reproduce such
> issues. [1]
>
> Can you confirm that the microcode is active?
>
package release.debian.org
tags 1034493 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libpod
Version:
package release.debian.org
tags 1034264 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: nvidia-modprobe
Version:
package release.debian.org
tags 1034578 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: tzdata
Version:
package release.debian.org
tags 1034103 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
package release.debian.org
tags 1034001 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
n of wcsnlen
>
Please go ahead.
Regards,
Adam
ibvncserver/-/blob/debian/bullseye/updates/debian/patches/0003-rfb-increase-update-buf-size.patch
Given that this is apparently an ABI break, and libvncserver has
several other reverse (build-)dependencies in stable, how confident are
you that x11vnc is the only affected package?
Regards,
Adam
github.com/codership/galera/issues/313
> ).
>
Please go ahead.
Regards,
Adam
E-2020-36646 in Bullseye.
>
This got missed for a while due to the typoed suite tag (since fixed).
Please go ahead.
Regards,
Adam
b11u2?
(Note that this request never made it to debian-release, most likely
due to the large size of the re-included diff from the earlier
request.)
Regards,
Adam
package release.debian.org
tags 1034096 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: nvidia-graphics-drivers
package release.debian.org
tags 1033759 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: duktape
Version:
4) and no longer works as reported in [1] and I
> tested
> myself.
>
> Please also remove it's downstream dependencies, i.e. pantalaimon and
> weechat-matrix.
>
For reference the chain also includes matrix-mirage.
Regards,
Adam
> version
> bump) in the older release branches when the corresponding driver
> package gets updated, so in order not to have an nvidia-modprobe that
> unneccessarily deviates from upstream behavior, lets update that,
> too.
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Thu, 2023-04-06 at 10:33 +0200, Andreas Beckmann wrote:
> I'd like to update nvidia-graphics-drivers-tesla-450 in bullseye to a
> new upstream release fixing a few CVEs.
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Sun, 2023-04-09 at 04:35 +0200, Andreas Beckmann wrote:
> I'd like to update nvidia-graphics-drivers-tesla-470 to a new
> upstream
> version fixing a few CVEs.
>
Please go ahead.
Regards,
Adam
package release.debian.org
tags 1034246 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: usb.ids
Version:
package release.debian.org
tags 1034198 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
package release.debian.org
tags 1026945 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: guix
Version:
package release.debian.org
tags 1032237 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: zfs-linux
Version:
package release.debian.org
tags 1034039 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libpod
Version:
package release.debian.org
tags 1034039 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libpod
Version:
package release.debian.org
tags 1033770 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: apache2
Version:
package release.debian.org
tags 1025654 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: x4d-icons
Version:
package release.debian.org
tags 1033993 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: unbound
Version:
package release.debian.org
tags 1026845 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: systemd
Version:
package release.debian.org
tags 1033506 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libreoffice
Version:
package release.debian.org
tags 1032921 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: node-webpack
Version:
package release.debian.org
tags 1032134 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: node-cookiejar
Version:
package release.debian.org
tags 1030598 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: lemonldap-ng
Version:
package release.debian.org
tags 1031948 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libgit2
Version:
package release.debian.org
tags 1031410 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: postgis
Version:
package release.debian.org
tags 1025703 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libexplain
Version:
package release.debian.org
tags 1033578 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: joblib
Version:
package release.debian.org
tags 1033160 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: flatpak
Version:
package release.debian.org
tags 1031926 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: gtk+3.0
Version:
package release.debian.org
tags 1031630 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: containerd
Version:
package release.debian.org
tags 1031109 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: crun
Version:
package release.debian.org
tags 1027258 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
package release.debian.org
tags 1027257 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package:
t this point, either I can reject the current upload, and you can then
re-upload a fixed +deb11u1 or (possibly easier all around) you can
upload +deb11u2 as an incremental change on top of +deb11u1 which
simply fixes the dependency version.
Regards,
Adam
I'm pretty sure it's better to
> file a new bug for that request than updating this bug (it's part of
> the workflow).
Yes, I have a preference for a second bug once the first upload has
been accepted and the second request is not fixing a regression from
the first. It makes some parts of our tracking simpler.
Regards,
Adam
Control: tags -1 -moreinfo +confirmed
On Sun, 2023-04-02 at 01:14 +0200, Santiago Vila wrote:
> El 1/4/23 a las 21:58, Adam D. Barratt escribió:
> > Have you confirmed via a binary debdiff that there are no changes
> > to
> > the resulting packages?
>
> The package c
conf despite having been
> > > disabled
> > > (#1018718)
> >
> > If we update Apache in Bullseye, how about also adding patches for
> > #1033408 and #1033284?
> >
[...]
> here is the new debdiff
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Sun, 2023-04-02 at 10:53 +0800, Aron Xu wrote:
> Control: tags -1 - moreinfo
>
> On Sun, Apr 2, 2023 at 3:10 AM Adam D. Barratt <
> a...@adam-barratt.org.uk> wrote:
> > Control: tags -1 + moreinfo
> >
> > On Thu, 2023-03-02 at
On Sat, 2023-04-01 at 19:04 -0400, Reinhard Tartler wrote:
>
> On 4/1/23 3:51 PM, Adam D. Barratt wrote:
> > Control: tags -1 + moreinfo
> >
> > Apologies for the delay in getting back to you on this.
> >
> > On Wed, 2022-12-28 at 22:26 -0500, Reinhard Tart
by reporters.
>
Please go ahead; sorry for the delay.
Regards,
Adam
t; The two patches are taken verbatim from bookworm/sid, where this was
> fixed one year ago.
>
Please go ahead; sorry for the delay.
Regards,
Adam
compatibility
> level. I am well aware that this should not be done lightly and
> without a good reason.
>
Have you confirmed via a binary debdiff that there are no changes to
the resulting packages?
Regards,
Adam
e's upload history, the version
should rather be 1.24.8+dfsg1-1+deb11u1.
Regards,
Adam
g-any,
+ golang-github-containers-storage-dev (>= 1.24.8+dfsg1-2~deb11u1),
Similarly I'd expect this to be 1.24.8+dfsg1-1+deb11u1, as I can only
see one upload of 1.24.8+dfsg1 ever having been made to Debian.
Regards,
Adam
? If so, why does it
depend on it to begin with?
Looking at the diff, I think the change is actually the removal of a
/build/ dependency, not a runtime one? If so, it would be good if that
were slightly clearly in the changelog.
Regards,
Adam
fusing.
Please go ahead.
Regards,
Adam
Please go ahead; sorry for the delay.
Regards,
Adam
Control: tags -1 + confirmed
On Sun, 2023-02-19 at 22:56 +0800, Shengjing Zhu wrote:
> Backport patches for 2 CVE:
>
> * CVE-2023-25153: OCI image importer memory exhaustion
> * CVE-2023-25173: Supplementary groups are not set up properly
>
Please go ahead; sorry for the delay.
Regards,
Adam
ons.
>
Please go ahead.
Regards,
Adam
programs with inheritable file capabilities to elevate
> those capabilities to the permitted set when execve(2) runs."
>
Please go ahead; sorry for the delay.
Regards,
Adam
go ahead, sorry for the delay.
Regards,
Adam
it.
>
Please go ahead; sorry for the delay.
Regards,
Adam
hich allows man-in-the-middle attacks.
>
+libgit2 (1.1.0+dfsg.1-4+deb11u1) bullseye-security; urgency=high
That wants to just be "bullseye".
+ This is a backport of the upstream fix to the Debian stretch version.
Presumably that comment could also do with an update.
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Tue, 2023-02-28 at 18:00 +0400, Yadd wrote:
> node-cookiejar is vulnerable to ReDoS (CVE-2022-25901).
>
Please go ahead.
Regards,
Adam
.
>
+This change reworks the zfs_file_[get|put] interface to not rely
+on the file descriptor but instead pass the zfs_file_t pointer around.
I'm assuming that nothing outside of zfs-linux depends on the signature
of the affected functions?
Regards,
Adam
e_attr variable of index.js. The
> exploitation of
> this vulnerability could be triggered via the parse function.
>
+node-css-what (4.0.0-3+deb11u1) bullseye-security; urgency=medium
The distribution needs to simply be "bullseye" for a stable upload.
With that change, please go ahead.
Regards,
Adam
fixes
> backported from 1.12.x and 1.14.x for:
> - temporary directories not being cleaned up if an upgrade is
> cancelled,
> in particular if it's blocked by parental controls (libmalcontent);
> - the `flatpak history` command, which didn't previously work in
> bullseye;
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Tue, 2023-03-14 at 08:01 +0400, Yadd wrote:
> node-webpack is vulnerable to cross-realm object access
> (#1032904, CVE-2023-28154)
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Fri, 2023-03-31 at 22:28 +, Thorsten Alteholz wrote:
> The attached debdiff for duktape fixes CVE-2021-46322 in Bullseye.
>
Please go ahead.
Regards,
Adam
restricted to fairly basic
> arithmetic expressions. Using it in another way was not intended.
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Sun, 2023-03-26 at 14:23 +0200, Rene Engelhard wrote:
> This fixes "CVE-2022-38745. Empty entry in Java class path risks
> arbitrary code execution" just disclosed by Apache OpenOffice.
>
Please go ahead.
Regards,
Adam
’s a Policy violation
>
Please go ahead.
Regards,
Adam
update for all users of the package in stable
as it's purely a documentation issue.
Regards,
Adam
package release.debian.org
tags 1033669 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libdatetime-timezone-perl
package release.debian.org
tags 1033157 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: debian-archive-keyring
package release.debian.org
tags 1033079 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: intel-microcode
Version:
computer.
Regards, Adam.
On March 25, 2023 2:55:39 PM GMT+01:00, Andreas Tille wrote:
>Hi,
>
>as you can read in the bug log, there was an upload of a new version of
>tiledb a couple of hours before it has migrated to testing. Thus the
>package remains affected by a testing re
package release.debian.org
tags 1030113 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: openvswitch
Version:
package release.debian.org
tags 1033412 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libdatetime-timezone-perl
Control: severity -1 normal
(I intended to avoid having to argue by implementing specific objective
tests that valgrind has to meet to be declared available, but I did not
manage to get that done. Thus, arguing...)
On Sat, Oct 22, 2022 at 12:12:40PM +0300, Adrian Bunk wrote:
> Package:
On Tue, Mar 21, 2023 at 01:13:35AM +, sun min wrote:
> I am looking for a sponsor for my package "zstd-jni-java":
> Changes since the last upload:
>
> zstd-jni-java (1.5.4-2+ds-1) unstable; urgency=medium
+
+ * Team upload.
+ * New upstream release.
+ * Update debian/libzstd-jni1.symbols.
801 - 900 of 20053 matches
Mail list logo
