Bug#485413: same problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: apache2.2-common Version: 2.2.9-10+lenny6 Severity: critical Justification: breaks the whole system *** Please type your report below this line *** Same problem here with lenny fully updated. I tried unloading modules like python, deflate,

Bug#528528: 1.4.19

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Does the debian security update include the fix of squirrelmail 1.4.19? The security fix to map_yp_alias in 1.4.18 turned out to be incomplete. We also experienced some regressions in the updated filter plugin. Both are addressed in this new release

Bug#598743: hypermail: XSS vulnerability

Package: hypermail Version: 2.2.0.dfsg-2 Severity: grave Tags: security Justification: user security hole Hypermail has a cross-site scripting vulnerability in the way it indexes mails. Eg: send a mail with this From address: iframe src=//debian.org em...@debian.org All the pages indexing this

Bug#319268: insecure

For anybody who falls on this bug, PHP MUST BE disabled where hypermail outputs its files, or i guess someone can hack you by sending php files to the list and you will host those backdoors..! This bug is invalid and it highlights a dangerous config. -- To UNSUBSCRIBE, email to

Bug#520067: hypermail does not delete attachments when delete_level = 0.

Package: hypermail Version: 2.2.0.dfsg-2 Severity: normal hypermail does not delete attachment of mails that have been filtered out with filter_require (and probably other filter_ options) when delete_level = 0. -- System Information: Debian Release: 5.0 APT prefers stable APT policy: (500,

Bug#509170: segfault

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think i got the same: Program received signal SIGSEGV, Segmentation fault. 0xb7ed9c1c in memcpy () from /lib/i686/cmov/libc.so.6 (gdb) bt #0 0xb7ed9c1c in memcpy () from /lib/i686/cmov/libc.so.6 #1 0xb7fc8bf6 in inflate () from /usr/lib/libz.so.1

Bug#520353: clamav-milter ignores whitelist file

Package: clamav-milter Version: 0.94.dfsg.2-1 Severity: normal clamav-milter ignores my whitelist file. Here's my /etc/default/clamav-milter file: # Default options: 2 children max and scan outgoing and local messages OPTIONS= --whitelist-file=/etc/clamav/whitelist.txt --max-children=2 -ol #

Bug#319268: insecure

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Jan, This is more a configuration problem: all these modules (php, python or whatever) should be disabled where hypermail ouputs its files, as if someone sends a mail with a .php file as attachment (or for another module), it will be hosted as-is

Bug#621830: Race condition makes sudo hang forever

Package: sudo Version: 1.7.4p4-2.squeeze.2 Severity: normal A race condition exists in sudo which makes it hang forever and leave zombie processes, patch+technical details here: http://blog.famzah.net/2010/11/01/sudo-hangs-and-leaves-the-executed-program-as-zombie/ Looks like other people than

Bug#621830: Patch isn't ok for me

Sorry i tried to apply the patch and that did not fix the issue! But installing sudo 1.7.6rc3 from upstream fixed the problem for me.. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#624845: mhonarc: Charset issue

://bugs.launchpad.net/launchpad/+bug/647232 Regards, Kevin Fernandez -- System Information: Debian Release: 6.0.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32.39-grsec (SMP w/8 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap

Bug#624845: Fixed in testing..

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Seems to be fixed in mhonarc 2.6.18 shipped with debian testing. Installed v2.6.18 in stable and everything is ok! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk3Ah+MACgkQwt4vS/saKMIDxwCeN7pXy6xRbs4ikj01lK+ar9ps

Bug#620258: php5-memcache delete() broken

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I can confirm this bug, i had to deal with it on 2 different servers.. Any hope to have it fixed? This breaks a big part of the application.. Thank you -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux)

Bug#499191: Gave up?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I know this is old, does it mean it won't change? I wanted to do exactly the same than Alexander, this is in my opinion a huge security feature. Eg: i wanted to avoid the use of a wrapper and call directly php-cgi with the right environment variable

Bug#765473: dovecot patch

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Here is the patch by Timo Sirainen: http://dovecot.org/pipermail/dovecot/attachments/20141014/0c46af0d/attachment.obj And his message: http://www.dovecot.org/pipermail/dovecot/2014-October/098244.html Best, Kevin -BEGIN PGP SIGNATURE-