On Wed, 3 Feb 2016 00:22:14 +0100 Guillem Jover wrote:
> | For packages in the main archive, no required targets may attempt
> | network access outside the current machine.
I don't think this is quite enough, packages should only be allowed to
access file/network resources that were created by
On 7 September 2016 at 12:15, Robert Haist wrote:
> Package: suricata
> Version: 3.1.1-4
>
> It might be a security improvement to let suricata run with non-root
> privileges and a special permission for the provided capture modes. Running
> as root might be a problem if a
On 7 September 2016 at 12:10, Robert Haist wrote:
> Package: suricata
> Version: 3.1.1-2~bpo8+1
>
> The backport package should be updated to the latest stable if possible
> (3.1.1-4 at time of writing).
>
Hi,
upstream just released suricata 3.1.2 [0].
Is it Ok if we wait
Control: forwarded -1 https://github.com/neutrinolabs/xrdp/issues/421
On Mittwoch, 7. September 2016 12:11:31 CEST Dominik George wrote:
> Hang on… this is cool:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=145088=yes
> […]
And another one:
Package: suricata
Version: 3.1.1-4
It might be a security improvement to let suricata run with non-root privileges
and a special permission for the provided capture modes. Running as root might
be a problem if a protocol parser or some other input-dependant code is
exploitable.
Robert Haist
Package: suricata
Version: 3.1.1-2~bpo8+1
The backport package should be updated to the latest stable if possible
(3.1.1-4 at time of writing).
Robert Haist
2BC8 3F55 A400 7468 864C 680E 1B7C C8D4 D4E9 14AA
Hang on… this is cool:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=145088=yes
Date: Mon, 29 Apr 2002 20:33:49 -0300
Package: libsnmp4.2
Version: 4.2.4-2
Severity: important
The new libwrap stuff for agentX simply does not work.
Apr 29 16:33:22 khazad-dum ucd-snmp[13833]: AgentX
Hi,
OK, I can actually reproduce the issue - but only on jessie, not on sid (it's
also i386 vs. amd64, maybe).
Reading code and discussing with upstream now.
-nik
--
PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296
Dominik George · Mobil: +49-1520-1981389
Teckids e.V. ·
Source: assaultcube
Version: 1.1.0.4+dfsg2-1.1
Severity: serious
Justification: fails to build from source (but built successfully in the past)
Hi,
assaultcube FTBFS since the switch to GCC 6 (which defaults to -std=c++14) was
made:
[...]
g++ -O3 -fomit-frame-pointer -g -Wall -fsigned-char
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for my package "opengm"
* Package name: opengm
Version : 2.3.6+20160905-1
Upstream Author : The OpenGM developers
* URL : http://hci.iwr.uni-heidelberg.de/opengm2/
* License
ress and 127.0.0.1 to show up, they don't.
> can you actually reproduce the issue?
This is a (commented) tail -f over both logs. It does change a bit for
reconnections but in principle it's always the same.
# try to connect from 192.168.0.35
==> xrdp.log <==
[20160907-11:46:58] [INFO ] A connection rec
Package: u-boot
Version: 2016.09~rc2+dfsg1-1
Severity: normal
I installed u-boot and u-boot-tools from the Debian experimental repo --
versions 2016.09~rc2+dfsg1-1
I installed the new u-boot using the procedure in
/usr/share/doc/u-boot/README.Debian
The newly installed u-boot loaded and
Package: asterisk
Version: 1:13.10.0~dfsg-1
Severity: normal
In the packaging of asterisk, it seems that the rest-api directory
(which should be located in /usr/share/asterisk/rest-api/) has been
accidentially omitted. This breaks the functionality of the ARI
module, if enabled, leading to the
Package: ftp.debian.org
Severity: normal
pocl currently FTBFS on mips64el and right now nobody seems to have time to
investigate this further ...
Andreas
2016-09-07 9:30 GMT+02:00 Adam D. Barratt :
> Thanks for caring about fixing this in jessie.
>
> In order to okay an upload, however, we'd need to see a source debdiff for
> the proposed package, built and tested on a jessie system.
Sure.
Before:
dpkg -l | grep kamailio
Hi Andreas,
> thanks to Sascha's help I finalised rapmap, ITPed #836914 and uploaded.
You’re welcome. I was going to finish it yesterday but I since I couldn’t find
a explicit copyright statement I raised
https://github.com/COMBINE-lab/RapMap/issues/31. It looks like I could also
have just
On 09/07/2016 11:11 AM, Karsten Malcher wrote:
>> > This is an automatic notification regarding your Bug report
>> > which was filed against the pure-ftpd-common package:
>> >
>> > #782353: Security hole in server version 1.0.36
>> >
>> > It has been closed by Stefan Hornburg (Racke)
Hi,
somewhere along the chain of build-depends a dependency on erlang-crypto
must have been removed.
Listing it explicitly fixes this.
I wouldn't be surprised if more Erlang packages have a bug like this now.
Regards,
--
.''`. Philipp Huebner
: :' : pgp fp: 6719
Hello,
Chris Lamb wrote:
> Just to clarify, you mean you are the upstream author of this package
> (who is subscribed to the Debian bugs - yay!) not the Debian
> maintainer?
Yes, I am the author of this package and yes I am subscribed here to
cope directly with bugs in my code
Hello Stefan,
why do you believe that this bug is fixed?
My report to the developers seems to be ignored and i can't read anything about
fixes of security holes !?
https://www.pureftpd.org/project/pure-ftpd/news
Regards
Karsten
Am 05.09.2016 um 15:21 schrieb Debian Bug Tracking System:
>
Package: nemo
Version: 3.0.6-1
Severity: normal
Dear Maintainer,
if nemo is running on my Debian stretch, Cinnamon 3.0.7-System, it raises
thousands of .xsession-errors on my system:
(nemo:2218): Gtk-WARNING **: Allocating size to GtkGrid 0xe49420 without
calling
Hello,
I've installed a test machine and everything looks good so far. Thank
you all who were involved in fixing this bug.
Regards
hmw
On 09/07/2016 10:02 AM, Guilhem Moulin wrote:
>
> managesieve is the only plugin of the roundcube-plugins package
> depending of managesieve, hence I don't think adding managesieve's
> dependencies to the package's Depends is appropriate. That being said,
> the relation between each plugin and
pspell is not used in any of the plugins, instead its used in roundcube-core.
roundcube-core:
/usr/share/roundcube/installer/config.php
/usr/share/roundcube/program/include/rcmail_install.php
/usr/share/roundcube/program/lib/Roundcube/rcube_spellcheck_pspell.php
On 07.09.2016 10:52, Cesare Tirabassi wrote:
> Package: mesa
> Version: 12.0.2-1
> Severity: wishlist
>
> Now that llvm 3.9 and kernel 4.7 are in sid, there should be no show stopper
> to
> have mesa built using llvm-3.9 (and therefore enabling OpenGL 4.3+ for drivers
> that supports it).
Tags: patch
The changes Santiago Vila suggested do fix the FTBFS. However, it will
build all arch-dependent files (except the packages) anyway. Fixing that
would need further diving into the build system.
The attached patch makes the suggested changes. It applies against
3.3.5+dfsg-1 and
I never got such error when using dsa, does the example is still running ?
Did you try :
netstat -ntap | grep LISTEN
In order to see what's is running and may collide with the bank example.
But if the example from the web page is running I think you have achieved a
working polyorb package as far
Package: gnome-software
Version: 3.20.2-2
Severity: important
Dear Maintainer,
It is now impossible to start gnome-software. It seems that there is a
missmatch between GS and the plugins.
All packages come from official repository, no compile or Ubuntu packages.
I'm running it on cinnamon.
Source: curl
Version: 7.50.1-1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for curl.
CVE-2016-7141[0]:
Incorrect reuse of client certificates
A patch is attached to [1].
If you fix the vulnerability please also make sure to include the
CVE
Hi,
thanks to Sascha's help I finalised rapmap, ITPed #836914 and uploaded.
Kind regards
Andreas.
--
http://fam-tille.de
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: forwarded -1
https://release.debian.org/transitions/html/auto-openmpi.html
It sadly seems to be the season of uncoordinated transitions, with some
maintainers not learning for
Note that the crash occurs not for all the cable network, but only in
certain one, but I cannot understand how to reproduce it. However, I can
reproduce another crash, if I open:
Network -> Cable -> Add profile... -> IPv4
set Manual address, and add something like "192.168.0.1" to address and
On Fri, Sep 02, 2016 at 06:41:49PM -0400, Harlan Lieberman-Berg wrote:
> Hi Andrey,
>
> This should only happen if you used the standalone plugin the first
> time, rather than the apache plugin.
>
> What does it have for installer and authenticator in
> /etc/letsencrypt/renewal/.conf?
Yeah, I
Quoting Dominique Dumont (2016-09-06 13:45:15)
> String::Copyright fails to extract copyright from the following
> statement (from Jira::Client::Automated):
>
>
> This software is copyright (c) 2016 by Polyvore, Inc.
>
> This is free software; you can redistribute it and/or modify it under
>
Package: open-vm-tools-dkms
Version: 2:10.0.7-3227872-4.1
Severity: important
Dear Maintainer,
* What led up to the situation?
The usual dance when a kernel upgrade happens: a kernel module fails to
compile. Build log is attached.
Hilmar
-- System Information:
Debian Release: stretch/sid
severity 836887 important
thanks
Hi,
On Tue, Sep 06, 2016 at 10:33:15PM +0200, Jon Boden wrote:
> libreoffice is uninstallable on kfreebsd-any because it contains a
> Depends/Conflicts loop:
Only the metapackage from your description, but yeah.
> * libreoffice depends on
On Wed, Sep 07, 2016 at 04:47:15AM +0200, Markus Koschany wrote:
> I disagree with your bug severity. The build does not fail in a clean
> cowbuilder environment. I'm attaching my build log as proof.
The build log is just a proof that the build succeeded, but *not* a proof
that the environment
Package: alarm-clock-applet
Version: 0.3.4-1
Severity: normal
Getting zillions of these, four or five lines per second:
Sep 7 04:01:00 tucano clock-applet[18167]: gtk_widget_size_allocate(): attempt
to underallocate toplevel GtkPlug 0x5599201d96e0. Allocation is 150x27, but
minimum required
Control: priority -1 normal
Control: title-1 roundcube-plugins: the dependencies of each plugin should
be reflected in the package's Suggests/Recommends/Depends
Hi Jan,
On Wed, 07 Sep 2016 at 08:28:21 +0200, Jan Gerber wrote:
> the managesieve plugin depends on php-net-sieve to work.
>
Control: tags -1 pending
On Wed, Sep 7, 2016 at 3:44 PM, Zhong Jianxin wrote:
> Package: libopencc2
> Version: 1.0.4-1
> Followup-For: Bug #836395
>
> Adding the following lines to debian/libopencc2.install should fix the
> problem:
>
> usr/share/opencc/*.json
>
Dear Debian OCaml Maintainers,
do you by chance know any nicer solution for fixing plplot's FTBFS
than by dropping /usr/lib/ocaml/plcairo/ which is suddenly no more
build since somewhen between 8nd (last NMU) and 28th of August 2016
(bug report about FTBFS)?
If so I'd cancel or reschedule that
tags 835472 patch
thanks
The patch
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=835472;filename=demandimport.py.patch;msg=35
seems to work and is supported by
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835472#40
Please apply, thanks in advance!
Package: wnpp
Severity: wishlist
Owner: Andreas Tille
* Package name: rapmap
Version : 0.3.0
Upstream Author : COMputational BIology and Network Evolution lab
* URL : https://github.com/COMBINE-lab/RapMap
* License : GPL
Programming Lang: C
On Wed, Sep 07, 2016 at 04:47:15AM +0200, Markus Koschany wrote:
> You should rather work towards defining a common build environment
> standard in Debian [...]
You must be joking. There is already a "common build environment standard",
and it's called the set of build essential packages, of
Package: mesa
Version: 12.0.2-1
Severity: wishlist
Now that llvm 3.9 and kernel 4.7 are in sid, there should be no show stopper to
have mesa built using llvm-3.9 (and therefore enabling OpenGL 4.3+ for drivers
that supports it).
-- System Information:
Debian Release: stretch/sid
APT prefers
Package: debian-edu-config
Tags: squeeze
User: debian-...@lists.debian.org
Usertags: debian-edu
> on 02.09.2016 um 13:16 schrieb Holger Levsen:
>
> what still surprises me, is why the cache had wrong info at all, as a
> packages checksum *never* changes… and why it was correct for
> sha512sums,
Control: tags -1 + moreinfo
On 2016-09-07 8:14, Victor Seva wrote:
kamailio in jessie has a bug described at #833973 that makes impossible
to use TLS with kamailio without downgrading openssl.
The issue was reported by me [0] to upstream and a fix was merged [1]
I would like to push this fix
Package: libopencc2
Version: 1.0.4-1
Followup-For: Bug #836395
Adding the following lines to debian/libopencc2.install should fix the
problem:
usr/share/opencc/*.json
usr/share/opencc/*.ocd
I believe the *.ocd files are arch dependent, they should be included in
the libopencc2 package.
[Stephen Kitt]
> That's a useful suggestion, thanks. After working on it a little, it seems to
> me the easiest solution is to make these flags the default in ld (and add
> "no-..." options to disable them). I've prepared a patch, it will be in the
> next upload of binutils-mingw-w64 (soon since
Package: wine-development
Version: 1.9.18-1
Severity: normal
File: /usr/bin/winecfg-development
Running winecfg-development just made my machine unusable.
Excerpts of my "ps fax" output:
5836 ?Ts 0:00 C:\windows\system32\explorer.exe /desktop
5843 ?Ts 0:00
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
kamailio in jessie has a bug described at #833973 that makes impossible
to use TLS with kamailio without downgrading openssl.
The issue was reported by me [0] to upstream and a fix
Control: reassign -1 binutils-mingw-w64
Control: tag -1 + pending
Hi Petter,
On Fri, 02 Sep 2016 09:43:28 +0200, Petter Reinholdtsen
wrote:
> The Windows binaries generated by mingw are less secure to run on
> Windows than they could have been, and less secure than the
fixed 83397 4.4.2-1
I haven't been able to reproduce this issue either with a clean pbuilder
environment. For some reason gnupg was installed by default in the
environment, but maybe this changed recently?
Emmanuel Bourg
Hello Jörg,
On Wed, Sep 7, 2016 at 4:05 PM, Jörg Frings-Fürst
wrote:
Hello Chritopher,
thank you for spending your time helping to make Debian better with
this bug report.
Using an absolute path isn't system conform, breaks the library search
and does a lot of
forwarded 83397 https://github.com/kamailio/kamailio/issues/662
2016-08-11 2:07 GMT+02:00 Ben Sartor :
> Package: kamailio-tls-modules
> Version: 4.2.0-2+deb8u1
> Severity: normal
>
> --- Please enter the report below this line. ---
> Hi,
>
> recently I noticed kamailio does not
Package: roundcube-plugins
Version: 1.2.1+dfsg.1-2
Severity: important
Dear Maintainer,
the managesieve plugin depends on php-net-sieve to work.
Without php-net-sieve installed managesieve plugin will
die with a 500 error.
roundcube-plugins should depend on php-net-sieve
-- System Information:
Package: chromium
Version: 53.0.2785.92-2
Followup-For: Bug #833501
Hi,
i confirm a similar behaviour occurs on my system, which has HDMI screen, when
i start chromium with
chromium --force-device-scale-factor=1.8
or when including a file containing
export GDK_DPI_SCALE=0.5
export
Hi,
>Hi,
>is this still the case? I believe this got fixed a while ago, if it's not the
>case let us know!
For me it is still case in mutt version 1.5.23-3.
Thanks,
Marco
Hi,
we have two related problems here:
1) At http://www.lyx.org/trac/changeset/f496ec373bafa/lyxgit we changed
the font style from "Regular" to "LyX" to work around a qt shortcoming.
This is probably the reason why cmr10.ttf is not used any longer to
display the superscript 3. Note that the
On Wed, Sep 07, 2016 at 05:53:14AM +, Antonio Radici wrote:
> Control: tag -1 +moreinfo
>
> On Tue, Sep 10, 2013 at 11:09:00AM +0200, Joris Mooij wrote:
> > Package: mutt
> > Version: 1.5.21-6.3
> > Severity: normal
> >
> > Dear Maintainer,
> >
> > When fetching big messages (typically, 1MB
Hello Chritopher,
thank you for spending your time helping to make Debian better with
this bug report.
Using an absolute path isn't system conform, breaks the library search
and does a lot of work on changes.
So your patch can't use.
CU
Jörg
--
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB
Control: tag -1 +unreproducible
Closing this bug as no info was provided and we also believe that it is not
reproducible in 1.7.0-1
301 - 363 of 363 matches
Mail list logo