Bug#927932: bind9: CVE-2018-5743: Limiting simultaneous TCP clients is ineffective

I’ll have a patch for platforms without atomic support for you. -- Ondřej Surý > On 25 Apr 2019, at 08:49, Bernhard Schmidt wrote: > > Package: src:bind9 > Severity: grave > Tags: security, upstream > > CVE: CVE-2018-5743 > Document version:2.0 > Posting date:24 Ap

Bug#927934: bind9: CVE-2018-5743: Limiting simultaneous TCP clients is ineffective

Source: bind9 Version: 1:9.11.5.P4+dfsg-3 Severity: grave Tags: security upstream Justification: user security hole Control: clone -1 -2 Control: reassign -2 src:bind 1:9.13.3-1 Control: retitle -2 bind: CVE-2018-5743: Limiting simultaneous TCP clients is ineffective Control: found -1 1:9.11.6+dfs

Bug#927808: gmsh: FTBFS in buster (c++: error: unrecognized command line option '-Wint-to-void-pointer-cast')

This could all be fixed in master (where we have Gmsh 4.3.0). Should perhaps be uploaded soon. On Wed, Apr 24, 2019 at 8:33 PM Juhani Numminen wrote: > > Control: retitle -1 gmsh: FTBFS in buster > ("/usr/include/occt/Standard_Version.hxx" cannot be read) > > > Hi, > > I believe the relevant err

Bug#926043: CVE-2019-0816

On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote: > Hi Thomas, > > On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote: >> severity 926043 important >> thanks >> >> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote: >>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote: O

Bug#927933: icu: Please update to deal with Japanese new era "Reiwa"

Package: icu Tags: fixed-upstream, l10n Hi, As http://site.icu-project.org/home, upstream says > These maintenance updates for past ICU versions include support for new > Japanese era Reiwa (令和) However, it also seems to include other changes (in 63.2) > $ diff -urN /tmp/icu-63.1 icu|wc -l

Bug#927931: bind: CVE-2019-6467: An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c

Source: bind Version: 1:9.13.3-1 Severity: grave Tags: security upstream Justification: user security hole Hi See https://kb.isc.org/docs/cve-2019-6467 (only affecting bind versions in experimental). Regards, Salvatore

Bug#927932: bind9: CVE-2018-5743: Limiting simultaneous TCP clients is ineffective

Package: src:bind9 Severity: grave Tags: security, upstream CVE: CVE-2018-5743 Document version:2.0 Posting date:24 April 2019 Program impacted:BIND Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9

Bug#927930: [mecab-ipadic] lack of Japan's new era

Package: mecab-ipadic Version: 2.7.0-20070801+main-2 Severity: important We need the new entry of Japanese emperical era name. Similar issue had reported to mozc: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927030 The patch is there: https://salsa.debian.org/nlp-ja-team/mecab-ipadic/blob/r

Bug#927929: [anthy] lack of Japan's new era

Package: anthy Version: 1:0.3-8 Severity: important We need the new entry of Japanese emperical era name. Similar issue had reported to mozc: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927030 The patch is there: https://salsa.debian.org/debian/anthy/blob/reiwa/debian/patches/0002-new-Japan

Bug#926043: CVE-2019-0816

On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote: > Hi Thomas, > > On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote: >> severity 926043 important >> thanks >> >> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote: >>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote: O

Bug#927928: unblock: scoop/0.7.1.1-3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package scoop * QA upload. * Replace deprecated Sphinx module pngmath with imgmath Closes: #924838 * Ignore test result (attempt to access remote host) * Secure U

Bug#927456: irrlicht makefile does not honor CFLAGS (was: irrlicht makefiles does not honors CFLAGS and CXXFLAGS, so neither hardening)

Control: retitle -1 irrlicht makefile does not honor CFLAGS Control: severity -1 minor On Fri, 19 Apr 2019 23:33:53 -0400 PICCORO McKAY Lenz wrote: > in Makefile line 84 we have a non override CFLAG set as: > > irrlicht-1.8.4.0/source/Irrlicht/Makefile > > CFLAGS := -O3 -fexpensive-optimizat

Bug#927927: --with-fortran-interfaces=1 and --useThreads=0 deprecated

Package: libpetsc-real3.11 Version: 3.11.0+dfsg1-1exp1 The --with-fortran-interfaces=1 and --useThreads=0 are no longer valid options for configure. configure --help does not show them and removing them causes no issues on my ubuntu PPA https://launchpad.net/~mardie/+archive/ubuntu/damask/+package

Bug#927925: lepton: CVE-2018-20820

Source: lepton Version: 1.2.1+20170405-3 Severity: important Forwarded: https://github.com/dropbox/lepton/issues/111 Hi, The following vulnerability was published for lepton. CVE-2018-20820[0]: | read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to | cause a denial-of-service (ap

Bug#927926: packer: please package packer 1.4.0

Package: packer Version: 1.3.4+dfsg-4 Severity: wishlist Dear Maintainer, Thank you for packaging packer. Can you please update the Debian package for the upstream 1.4.0 release? https://www.hashicorp.com/blog/announcing-packer-v-1-4-0 Thank you, Corey

Bug#927924: new upstream (4.0)

Package: qemu Severity: wishlist Hi, qemu 4 has been released with significant improvements, it would be nice if you could upload it to experimental. Regards, Daniel

Bug#927919: sway: FTBFS, pkg-config gets variable for scdoc incorrect

Control: reassign -1 scdoc 1.9.4-1 Control: affects -1 + sway Severity: serious On Thu, Apr 25, 2019 at 03:07:14AM +, Linda Lapinlampi wrote: > Dear Maintainer, > > My attempt to build Salsa VCS checkout with `dpkg-buildpackage -us -uc` > will fail there: > > ``` > Dependency scdoc found: YE

Bug#927923: unhtml FTCBFS: Uses the build architecture compiler

Source: unhtml Version: 2.3.9-4 Severity: normal Tags: patch User:helm...@debian.org Usertags: rebootstrap Hi, unhtml fails to cross build from source, because it uses the build architecture compiler. Using "dh_auto_build" instead of "$(MAKE)" can solve this problem. Please consider applying the

Bug#927922: SSL error: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol

Package: w3m Version: 0.5.3-37 Lynx, chromium work fine. $ w3m https://branch.taipower.com.tw/content/Messagess/Contents.aspx?SiteID=564732602442427467&MmmID=564732602561157543&MSID=564734220745242356 SSL error: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol -- Syste

Bug#927919: sway: FTBFS, pkg-config gets variable for scdoc incorrect

Control: notfound -1 1.0~rc3-1 On Thu, Apr 25, 2019 at 03:07:14AM +, Linda Lapinlampi wrote: > ``` > Dependency scdoc found: YES 1.9.4 > Called `/usr/bin/pkg-config --variable=scdoc scdoc` -> 0 > /usr/local/bin/scdoc > Got pkgconfig variable scdoc : /usr/local/bin/scdoc > Program /usr/local/bi

Bug#903635: This is RC; breaks unrelated software

Looks like a fix was proposed at: https://github.com/docker/libnetwork/pull/2339/files However this fix didn't receive any feedback from upstream so far, and I'm not familiar with the docker codebase myself. So I'm a bit reluctant to import this patch. And on the other hand, after a quick look the

Bug#927921: Modeset: Invalid argument. No GUI.

Package: src:linux Version: 4.19.28-2 Severity: important Dear maintainer, I have two kernels installed: 4.19.0-2 and 4.19.0-4 (both amd64 from buster). The described problems happen only when 4.19.0-4 is booted. Basically, any (Xorg) GUI start fails, and /var/log/Xorg.0.log contains eg. this

Bug#927920: Plymouth 0.9.4-1.1 Prevents Login Under Kernel 4.19.0-4 on ASUS ET2322

Package: plymouth Version: 0.9.4-1.1 Severity: important Dear Maintainer, On 04/17/2019, package desktop-base was to be upgraded from 10.0.0 to 10.0.2, also requiring the installation of package plymouth 0.9.4-1.1. Upon rebooting my computer, I got a few ACPI errors, which I always get, and the

Bug#919231: Salt-master unable to access directories

On Wed, Apr 24, 2019 at 7:13 AM Michael Biebl wrote: > Hi Felipe > > On Wed, 3 Apr 2019 15:29:44 -0300 Felipe Sateler > wrote: > > Unfortunately the fix seems to have been merged with some other > > refactorings and the diff is not as small[1]. I'll try to check if some > of > > the patches are

Bug#927919: sway: FTBFS, pkg-config gets variable for scdoc incorrect

Source: sway Version: 1.0-1 Severity: important Tags: experimental, ftbfs, upstream Dear Maintainer, My attempt to build Salsa VCS checkout with `dpkg-buildpackage -us -uc` will fail there: ``` Dependency scdoc found: YES 1.9.4 Called `/usr/bin/pkg-config --variable=scdoc scdoc` -> 0 /usr/local/

Bug#927918: sway: ambiguous version dependency on wlroots

Source: sway Version: 1.0-1 Severity: normal Tags: upstream Dear Maintainer, debian/control has Build-Depends on libwlroots-dev (>= 0.5). Upstream's release notes for tag 1.0 says the release depends on wlroots 0.5. meson.build depends on wlroots_version = '>=0.4.1'. meson.build also remains at >

Bug#927917: firmware-atheros: missing ath10k/QCA9377/hw1.0/firmware-6.bin

Package: firmware-atheros Version: 20190114-1 Severity: normal Tags: patch While installing a Samgung laptop using the Buster RC1 Debian Installer, the installer kept asking for ath10k/QCA9377/hw1.0/firmware-6.bin. I inspected the firmware-atheros*.deb in the firmware partition that I prepared in

Bug#927915: sway: build-adep has no version >= 0.48.0 on meson

Source: sway Version: 1.0-1 Severity: normal Tags: stretch, jessie Control: notfound -1 1.0~beta.2-3 Control: found -1 1.0~rc1-1 Dear Maintainer, meson.build declares project(meson_version: '>=0.48.0') in the source, but debian/control file omits this version number from Build-Depends. Please con

Bug#924445: pulseaudio crashes randomly, no diagnostic on terminal, possibly associated with Wesnoth

Unfortunately there will never be a coredump because it's not crashing in any usual sense. It just stops. joshua@nova:~ϟ gdb pulseaudio GNU gdb (Debian 8.2.1-2) 8.2.1 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later Thi

Bug#926935: arpack: FTBFS (does not honor parallel=n in DEB_BUILD_OPTIONS)

Hello, > The safe/conservative thing to do would be to use 1 job for the test suite. IMHO the use of nproc it's a good option, because this way we will be closer to the original idea of upstream. signature.asc Description: OpenPGP digital signature

Bug#927914: gblic: deal with Japanese new era "令和 (Reiwa)"

package: glibc tags: l10n, patch Hi, To deal with Japanese new era "令和 (Reiwa)" (from 1st May), please add attached patch that is taken from upstream(*) It should be applied to stretch as well. (*) https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=7423da211d1490d9fc76c2f0ce4

Bug#924253: [Pkg-privacy-maintainers] Bug#924253: mat2: Please update backport provided via stretch-backports

Hi u, Thanks for your fast reply, and sorry for the delay on my side: On 19-04-16 13:35:18, Ulrike Uhlig wrote: > I don't think there is a policy issue with uploading this backport > yourself (so no toe-stepping involved), but by uploading that backport > you commit to keep it alive during the li

Bug#919058: itstool maintainer's help needed

Hi Mike, I've just noticed this bug report: https://github.com/mate-desktop/mate-applets/issues/388 It's been closed, so apparently the problem can be worked around by manipulating the XML. Of course, itstool still needs to be fixed. So far, there is no response on either the RedHat bug or on t

Bug#925464: new upstream release (1.3rc1)

Update on the bug: Chris Knadle: [..] > I doubt this package is going to get accepted by the Release Team, because > upload after the freeze is meant for only small targeted fixes. I'll make the > request to see if it's possible, but I expect that the chances of this being > accepted to be very l

Bug#927913: Second chromium kills the first one, and we see "Restore pages?"

Package: chromium Version: 74.0.3729.108-1 Severity: important $ chromium & $ sleep 22 $ chromium & The second one kills the first one, and we see "Restore pages?"

Bug#927912: unblock: gcalcli/4.0.4-2 (pre-approval)

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Howdy, Pending approval, I'm uploading a version of gcalcli which contains an upstream patch to fix the reliance on the Google shortening service. If a user invokes one of the subcommands

Bug#927911: systemd: Does not expand %h identifier in ExecStart

Package: systemd Version: 241-3 Severity: important Hi it seems that the documentation of systemd is incorrect, or incomplete, as it states that suffix. In the unit file itself, the instance parameter may be referred to using "%i" and other specifiers, see below. (man pag

Bug#897993: random black flickering

On Mon, 7 May 2018 12:15:37 +0200 =?UTF-8?Q?Michel_D=c3=a4nzer?= wrote: > On 2018-05-05 04:20 PM, Eduard Bloch wrote: > > Package: xserver-xorg-video-amdgpu > > Version: 18.0.1-1 > > Severity: normal > > > > Hello, > > > > my card (cheaper version of Rx560) has been working quite well for months.

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Michael Biebl, le jeu. 25 avril 2019 01:02:44 +0200, a ecrit: > Am 25.04.19 um 00:54 schrieb Samuel Thibault: > > Michael Biebl, le jeu. 25 avril 2019 00:27:58 +0200, a ecrit: > > >> Keep in mind that I only proposed to change policykit-1 to linux-any. > >> The libpolkit-*-dev packages would still

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Am 25.04.19 um 00:54 schrieb Samuel Thibault: > Michael Biebl, le jeu. 25 avril 2019 00:27:58 +0200, a ecrit: >> Keep in mind that I only proposed to change policykit-1 to linux-any. >> The libpolkit-*-dev packages would still be any. > > Ah! I thought you meant the whole source package... sour

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Michael Biebl, le jeu. 25 avril 2019 00:27:58 +0200, a ecrit: > Am 25.04.19 um 00:06 schrieb Samuel Thibault: > > Michael Biebl, le mer. 24 avril 2019 23:44:57 +0200, a ecrit: > >> It's quite simple really: If policykit-1 is not functional on !linux, > >> there should be no policykit-1 package on !

Bug#927879: ca-certificates should not hardcode QuoVadis certificate authorities in /etc/ca-certificates.conf

On 4/24/19 5:22 PM, Soppy bear wrote: 1. This is a Debian problem because the end user should be able to use TLS without having to import/use certificates without any practical use for normal operations. Users *can* configure the ca-certificate package and set CA trust for each and every CA,

Bug#918535: Any action?

Hi; is anything in progress about this update? Should I go figure out how to do an NMU?

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Am 25.04.19 um 00:06 schrieb Samuel Thibault: > Michael Biebl, le mer. 24 avril 2019 23:44:57 +0200, a ecrit: >> It's quite simple really: If policykit-1 is not functional on !linux, >> there should be no policykit-1 package on !linux. > > That's a principle I can understand, yes. But then the pr

Bug#927879: ca-certificates should not hardcode QuoVadis certificate authorities in /etc/ca-certificates.conf

omg... i cant believe u just closed that ticket... :u pls let me explain. 1. This is a Debian problem because the end user should be able to use TLS without having to import/use certificates without any practical use for normal operations. 2. I have removed Firefox from my systems permanently

Bug#914109: xscreensaver-data: looks for image files to display even though it is told not to

To be clear: my intention is to ignore this trivial problem.

Bug#499795: SSL Fax - HylaFAX+ 7.0.0

With the HylaFAX+ 7.0.0 release earlier this month there is now another significant feature missing from the Debian HylaFAX package. Debian users who wish to use SSL Fax or any of the other myriad fax features features found in HylaFAX+ that have been listed here before continue to be forced to ei

Bug#927910: screenfetch: error printed if /proc/fb doesn't exist

Package: screenfetch Version: 3.8.0-8 Severity: minor Dear Maintainer, I am running Debian Buster on my Fujitsu Q703 aka. QNap TS-221, details of which you can find below. I installed screenfetch via apt and ran the command, and it printed out a warning before the actual output: awk: cannot

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Michael Biebl, le mer. 24 avril 2019 23:44:57 +0200, a ecrit: > It's quite simple really: If policykit-1 is not functional on !linux, > there should be no policykit-1 package on !linux. That's a principle I can understand, yes. But then the principle meets the rest of what Debian is: a clench of

Bug#927767: e2fsck: Needs to clear *all* MMP flags in one pass

On Tue, Apr 23, 2019 at 03:49:50PM -0400, Theodore Ts'o wrote: > > If this is not satisfactory for you then you shouldn't be using > MMP, and need to be doing something else, like solving this problem at > the hypervisor layer. I'd love to be able to offer something better, > but I'd also lik

Bug#924523: unblock: plinth/19.2

On 24/04/19 3:30 am, Sam Hartman wrote: >> "Sunil" == Sunil Mohan Adapa writes: > > Sunil> On 23/04/19 3:44 am, Ivo De Decker wrote: > >> Hi, > > > Sunil> However, there were still issues that we felt needed fixing > Sunil> for a stable release. Some of these fixes are worka

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Am 24.04.19 um 23:37 schrieb Samuel Thibault: > Michael Biebl, le mer. 24 avril 2019 22:56:11 +0200, a ecrit: >> Am 24.04.19 um 22:31 schrieb Samuel Thibault: >>> Michael Biebl, le mer. 24 avril 2019 22:21:03 +0200, a ecrit: Am 24.04.19 um 21:58 schrieb Samuel Thibault: > Michael Biebl, le

Bug#914109: xscreensaver-data: looks for image files to display even though it is told not to

>> From a user point of view, if I say that you should not look for image >> files to display, you should just not do that. This is a bug in >> Xscreensaver. There is no good reason why it should give an error. > >With your settings, the only option is to change the failure mode from >"print an e

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Michael Biebl, le mer. 24 avril 2019 22:56:11 +0200, a ecrit: > Am 24.04.19 um 22:31 schrieb Samuel Thibault: > > Michael Biebl, le mer. 24 avril 2019 22:21:03 +0200, a ecrit: > >> Am 24.04.19 um 21:58 schrieb Samuel Thibault: > >>> Michael Biebl, le mer. 24 avril 2019 21:40:04 +0200, a ecrit: > >>

Bug#927827: Bug#927747: [Pkg-samba-maint] Bug#927747: bind9_dlz backend is entirely broken in Debian

Control: found -1 1:9.11.5.P4+dfsg-1 Control: tags -1 + pending On Tue, Apr 23, 2019 at 10:24:54PM +0200, Mathieu Parent wrote: > +/var/lib/samba/bind-dns/** rwk, > > But we may do better with something like this (to be tested and improved): > >/var/lib/samba/private/dns.keytab r, >/var

Bug#927909: ITP: golang-github-gcla-deep -- Golang deep variable equality test that returns human-readable differences

Package: wnpp Severity: wishlist Owner: Dawid Dziurla * Package name: golang-github-gcla-deep Version : 1.0.2-1 Upstream Author : Graham Clark, Daniel Nichter * URL : https://github.com/gcla/deep * License : Expat Programming Lang: Go Description : Gola

Bug#926935: arpack: FTBFS (does not honor parallel=n in DEB_BUILD_OPTIONS)

Le mer. 24 avr. 2019 à 17:02, Santiago Vila a écrit : > On Wed, Apr 24, 2019 at 04:47:16PM +0200, Sylvestre Ledru wrote: > > Le 24/04/2019 à 16:45, Santiago Vila a écrit : > > > On Wed, Apr 24, 2019 at 04:24:59PM +0200, ghisv...@gmail.com wrote: > > > > Anyone objecting on applying Santiago's pat

Bug#927908: xpdf: Italic text is shown as a regular one

Package: xpdf Version: 3.04-13 Severity: normal This can be fixed by adding the following to the ~/.xpdrc file fontFile Times-Italic /usr/share/fonts/type1/gsfonts/n021023l.pfb fontFile Times-Roman /usr/share/fonts/type1/gsfonts/n021003l.pfb N.B. The URL for new versions is wrong. A new

Bug#927886: Reassign bug 927886

Control: reassign -1 src:librsvg Control: found -1 2.44.10-2 Control: forwarded -1 https://gitlab.gnome.org/GNOME/librsvg/issues/395 Control: severity -1 important Control: affects -1 deepin-image-viewer Control: tags -1 + fixed-upstream X-Debbugs-CC: libr...@packages.debian.org jbi...@debian.org

Bug#926958: Proposed security upload for FreeRADIUS

Am 24.04.19 um 21:23 schrieb Salvatore Bonaccorso: Hi Salvatore, >> I've gained access to the FreeRADIUS salsa repo and have pushed a new >> debian/stretch branch containing last years security upload and the >> cherry-picked fixes for #926958 >> >> It applies and builds cleanly, I'm currently wa

Bug#927886:

Should be a librsvg bug that was fixed in 2.44.11. Ref: https://gitlab.gnome.org/GNOME/librsvg/issues/395 -- Regards, Felix Yan signature.asc Description: OpenPGP digital signature

Bug#927907: flatpak directories are not in the search path set by the XDG_DATA_DIRS

Package: flatpak Version: 1.2.4-1 Severity: normal Dear Maintainer, I tried to `flatpak --user update` and I got this message. I think flatpak should be added by default to the XDG_DATA_DIRS env. I think flatpak is a very nice piece of technology. ```sh ▶ flatpak --user update Note that the di

Bug#927901: unblock: lucene-solr/3.6.2+dfsg-19

Control: tags -1 moreinfo Markus Koschany: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package lucene-solr > > I made a mistake when I installed solr-permissions.conf into the wrong > /etc/systemd/system/

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Am 24.04.19 um 22:31 schrieb Samuel Thibault: > Michael Biebl, le mer. 24 avril 2019 22:21:03 +0200, a ecrit: >> Am 24.04.19 um 21:58 schrieb Samuel Thibault: >>> Michael Biebl, le mer. 24 avril 2019 21:40:04 +0200, a ecrit: Am 24.04.19 um 21:24 schrieb Samuel Thibault: > consolekit has be

Bug#927906: CVE-2019-8354 CVE-2019-8355 CVE-2019-8356 CVE-2019-8357

Source: sox Severity: grave Tags: security Please see these links for descriptions and patches: https://security-tracker.debian.org/tracker/CVE-2019-8354 https://security-tracker.debian.org/tracker/CVE-2019-8355 https://security-tracker.debian.org/tracker/CVE-2019-8356 https://security-tracker.deb

Bug#927905: lxqt-qtplugin try to load the wrong version of libfm-qt

Package: lxqt-qtplugin Version: 0.14.1~1-gc122cbd-1 Severity: important Tags: patch Dear Maintainer, lxqt-qtplugin try to load libfm-qt.so which is strictly a dev symlink - the right choice would be libfm-qt.so.6. This brings up the poor Qt file dialog instead of the LXQt one when opening a fil

Bug#927904: claws-mail: filtering option does not work as excepted

Package: claws-mail Version: 3.17.1-1~bpo9+1 Severity: normal Dear Maintainer, I am using Claws-Mail with a POP account with two differents computers, with a setup in order to have sent mail on both computers. The first computer runs Debian, the second OpenIndiana (with Claws-Mail 3.16). When I

Bug#927892: grub-ieee1275-bin: Please add bootinfo.txt for sparc and sparc64

On 24/04/2019 21:30, Frank Scheiner wrote: > On 4/24/19 22:07, John Paul Adrian Glaubitz wrote: >> On 4/24/19 9:46 PM, Mark Cave-Ayland wrote: >>> For reference the CHRP bootinfo.txt isn't a configuration file, but is >>> actually >>> parsed by CHRP-compliant open firmwares directly - SPARC firmw

Bug#927852: Acknowledgement (xwayland: GNOME Shell crashes after connecting ThinkPad Thunderbolt 3 Dock Gen 2 via Thunderbolt to a Lenovo T470)

Am Mittwoch, den 24.04.2019, 17:05 +0200 schrieb Michel Dänzer: > On 2019-04-24 4:25 p.m., - wrote: > > This seems to be a serious bug, because now GNOME Shell also has > > crashed when disconnecting the thunderbolt device. > > Does it still happen with xwayland 2:1.20.4-1 from sid? If yes: > >

Bug#926218: range-v3: FTBFS with gcc 8.3

On Wed, 3 Apr 2019 10:18:35 +0200 Santiago Vila wrote: > On Tue, Apr 02, 2019 at 10:57:39PM +0300, Коля Гурьев wrote: > > Control: forwarded -1 https://github.com/ericniebler/range-v3/issues/856 > > Hi. I believe this one (failure with GCC 9) could be a bit closer: > > https://github.com/ericniebl

Bug#927892: grub-ieee1275-bin: Please add bootinfo.txt for sparc and sparc64

On 24/04/2019 18:26, John Paul Adrian Glaubitz wrote: > Source: grub2 > Version: 2.02+dfsg1-17 > Severity: normal > User: debian-sp...@lists.debian.org > Usertags: sparc64 > > Hello! > > I have started working on switching the bootloader for debian-installer from > silo to grub-ieee1275 on sparc

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Michael Biebl, le mer. 24 avril 2019 22:21:03 +0200, a ecrit: > Am 24.04.19 um 21:58 schrieb Samuel Thibault: > > Michael Biebl, le mer. 24 avril 2019 21:40:04 +0200, a ecrit: > >> Am 24.04.19 um 21:24 schrieb Samuel Thibault: > >>> consolekit has been removed, please drop the dependency from the >

Bug#927892: grub-ieee1275-bin: Please add bootinfo.txt for sparc and sparc64

On 4/24/19 22:07, John Paul Adrian Glaubitz wrote: > On 4/24/19 9:46 PM, Mark Cave-Ayland wrote: >> For reference the CHRP bootinfo.txt isn't a configuration file, but is >> actually >> parsed by CHRP-compliant open firmwares directly - SPARC firmwares, including >> OpenBIOS don't support them. Ca

Bug#927903: wavpack: CVE-2019-11498: Uninitialized Read in WavpackSetConfiguration64()

Source: wavpack Version: 5.1.0-5 Severity: important Tags: security upstream Forwarded: https://github.com/dbry/WavPack/issues/67 Hi, The following vulnerability was published for wavpack. CVE-2019-11498[0]: | WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack | through 5.1.0 h

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Am 24.04.19 um 21:58 schrieb Samuel Thibault: > Michael Biebl, le mer. 24 avril 2019 21:40:04 +0200, a ecrit: >> Am 24.04.19 um 21:24 schrieb Samuel Thibault: >>> consolekit has been removed, please drop the dependency from the >>> policykit-1 package, as the attached patch does. >> >> I guess we s

Bug#927461: [Pkg-openssl-devel] Bug#927461: release-notes: Document how to handle openssls new defaults

Hi Sebastian, On 24-04-2019 22:00, Sebastian Andrzej Siewior wrote: > On 2019-04-21 16:52:30 [+0200], Paul Gevers wrote: [...] > The system default is valid for package that links against libssl1.1. > Some packages (like wpa_supplicant) override the limit so they may use > TLSv1 even if it is di

Bug#927902: unblock: blender/2.79.b+dfsg0-7

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package blender At the end of March, on Blender Bug Tracker a serious issue was reported where all distributions based on Debian package 2.79.b+dfsg0-6 were affected by a cat

Bug#927901: unblock: lucene-solr/3.6.2+dfsg-19

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package lucene-solr I made a mistake when I installed solr-permissions.conf into the wrong /etc/systemd/system/ directory. This makes solr unusable because tomcat can't write

Bug#927892: grub-ieee1275-bin: Please add bootinfo.txt for sparc and sparc64

On 4/24/19 9:46 PM, Mark Cave-Ayland wrote: > For reference the CHRP bootinfo.txt isn't a configuration file, but is > actually > parsed by CHRP-compliant open firmwares directly - SPARC firmwares, including > OpenBIOS don't support them. Can you explain why grub on SPARC is trying to > access >

Bug#926043: CVE-2019-0816

Hi Thomas, On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote: > severity 926043 important > thanks > > On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote: > > On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote: > > > On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand w

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Michael Biebl, le mer. 24 avril 2019 21:40:04 +0200, a ecrit: > Am 24.04.19 um 21:24 schrieb Samuel Thibault: > > consolekit has been removed, please drop the dependency from the > > policykit-1 package, as the attached patch does. > > I guess we should make policykit-1 linux-any, given that we do

Bug#927461: [Pkg-openssl-devel] Bug#927461: release-notes: Document how to handle openssls new defaults

On 2019-04-21 16:52:30 [+0200], Paul Gevers wrote: > Hi Kurt, Christoph, Sebastian, others, Hi Paul, > Could somebody of the openssl team propose a text that can be added to > the release-notes about the new defaults? I am not asking for package > specific text (although that is welcome of course)

Bug#914068: freelan FTBFS with boost 1.67

On Wed, 24 Apr 2019 14:42:24 +0100 Dimitri John Ledkov wrote: > > Possibly solved by > https://github.com/freelan-developers/freelan/commit/573a2d38feafec1256ab97b712e963278e4b3fb0.patch > ? > Actually a bit more than that: 573a2d38feafec1256ab97b712e963278e4b3fb0 89627112f66979b5918f7c4d8b7dd63

Bug#927900: qemu-system-x86_64 crashes when using GStreamer

Package: qemu-system-x86 Version: 1:3.1+dfsg-7 Severity: normal Dear Maintainer, To reproduce: * Create a VM using Spice. * Tell QEmu to stream all videos by using virsh to add the streaming mode setting like so: * Start the VM and play a video in the guest. For instance

Bug#927899: ITP: cage -- A Wayland kiosk

Package: wnpp Severity: wishlist Owner: Birger Schacht * Package name: cage Version : 0.1 Upstream Author : Jente Hidskes * URL : https://www.hjdskes.nl/projects/cage/ * License : MIT Programming Lang: C Description : A Wayland kiosk Cage is a kiosk co

Bug#927896: [Pkg-utopia-maintainers] Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Hi Am 24.04.19 um 21:24 schrieb Samuel Thibault: > Package: policykit-1 > Version: 0.105-25 > Severity: important > > Hello, > > consolekit has been removed, please drop the dependency from the > policykit-1 package, as the attached patch does. I guess we should make policykit-1 linux-any, give

Bug#926326: elpa-elpy: configuration issues

Hi Nicholas, On Sun, 14 Apr 2019, Nicholas D Steeves wrote: Dear Faheem, Thank you for filing an excellent bug report that includes all relevant information. Reply follows in-line, but please take care to reply to the appropriate sub-bugs that will be momentarily created: https://bugs.debia

Bug#924609: Ports of CVE patches from Debian LTS for libsdl1.2

Hi Kari, On Wed, Apr 24, 2019 at 07:15:44PM +0300, Kari Pahula wrote: > Hi. > > I've ported the CVE patches from Debian LTS for libsdl1.2 in unstable. First thanks for working on the issues! I have not reviewed your patches, but just a remark. Never just forward-port a patchset from an older su

Bug#927789: [pre-upload-approval] unblock: x2gobroker/0.0.4.1-1

Control: tags -1 - moreinfo Hi Niels, On Mi 24 Apr 2019 20:21:00 CEST, Niels Thykier wrote: Control: tags -1 moreinfo confirmed Mike Gabriel: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package x2gobroker [...]

Bug#927898: ITP: rsendmail -- safer sendmail command to send email without passwords, over SSH

Package: wnpp Severity: wishlist Owner: Antoine Beaupre * Package name: rsendmail Version : 1.0.1 Upstream Author : Antoine Beaupré * URL : https://gitlab.com/anarcat/rsendmail/ * License : AGPLv3 Programming Lang: Python Description : safer sendmail c

Bug#927897: ITP: golang-github-gcla-gowid -- Compositional widgets for terminal user interfaces, inspired by urwid

Package: wnpp Severity: wishlist Owner: Dawid Dziurla * Package name: golang-github-gcla-gowid Version : 1.0.0-1 Upstream Author : Graham Clark * URL : https://github.com/gcla/gowid * License : Expat Programming Lang: Go Description : Compositional widg

Bug#926958: Proposed security upload for FreeRADIUS

Hi Berni, On Wed, Apr 24, 2019 at 05:42:31PM +0200, Bernhard Schmidt wrote: > Hi, > > I've gained access to the FreeRADIUS salsa repo and have pushed a new > debian/stretch branch containing last years security upload and the > cherry-picked fixes for #926958 > > It applies and builds cleanly, I

Bug#903635: This is RC; breaks unrelated software

severity 903635 critical thanks Justification: "makes unrelated software on the system (or the whole system) break" Installing docker.io changed my FORWARD chain policy to DROP, breaking networking for unrelated virsh-based VMs that I had installed on the machine at the time. This matches exact

Bug#927896: policykit-1: Please drop consolekit dependency on !linux

Package: policykit-1 Version: 0.105-25 Severity: important Hello, consolekit has been removed, please drop the dependency from the policykit-1 package, as the attached patch does. Samuel -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500

Bug#927895: ITP: golang-github-go-test-deep -- Golang deep variable equality test that returns human-readable differences

Package: wnpp Severity: wishlist Owner: Dawid Dziurla * Package name: golang-github-go-test-deep Version : 1.0.1-1 Upstream Author : Daniel Nichter * URL : https://github.com/go-test/deep * License : Expat Programming Lang: Go Description : Golang deep

Bug#924616: RFT and RFC: Updates for evolution{,-data-server}

Hi Jonas, On Mi 24 Apr 2019 12:56:18 CEST, Jonas Meurer wrote: Jonas Meurer: With evolution-data-server, the situation is slightly more complicated. I'm still debugging issues with the patches[5] that are supposed to fix the "[GPG] Mails that are not encrypted look encrypted" issue. [5] http

Bug#927894: ITP: golang-github-guptarohit-asciigraph -- Make lightweight ASCII line graph in CLI apps with no other dependencies

Package: wnpp Severity: wishlist Owner: Dawid Dziurla * Package name: golang-github-guptarohit-asciigraph Version : 0.4.1-1 Upstream Author : Rohit Gupta * URL : https://github.com/guptarohit/asciigraph * License : BSD-3-clause Programming Lang: Go Descript

Bug#914109: xscreensaver-data: looks for image files to display even though it is told not to

> From a user point of view, if I say that you should not look for image > files to display, you should just not do that. This is a bug in > Xscreensaver. There is no good reason why it should give an error. With your settings, the only option is to change the failure mode from "print an error

Bug#927822: libhighlight-perl: provide API to map shebangs and extensions to language

On 24.04.19 19:29, Eric Wong wrote: David Bremner wrote: Is there an appropriate underlying highlight C++ api? libhighlight-perl is really just a thin wrapper on that. AFAIK, not yet, but the CLI does it internally. So this wishlist item would also include providing the API for C++ users, t

Bug#927893: mesa: please enable lima and panfrost drivers

Source: mesa Version: 19.0.2-1 Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Upstream and added two new drivers recently: panfrost and lima. Please enable those. Probably only for armhf and arm64, but not sure. - Jonas -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw

  1   2   3   >