Control: tags -1 moreinfo
Hello,
On Sun, 5 Sep 2021 03:36:44 +0200 (CEST) joyfulma...@tutanota.com wrote:
> Package: freeorion
> Version: 0.4.10.2-1
> Severity: normal
>
> Dear Maintainer,
>
> * What led up to the situation?
> In the unstable version, starting a game with AI fails to
Hi,
Am Donnerstag, dem 02.09.2021 um 22:29 +0100 schrieb Adam D. Barratt:
> On Sat, 2021-08-28 at 22:52 +0200, Markus Koschany wrote:
> > Fixing CVE-2021-36773 in Buster and updating various filter lists.
> >
>
> The changelog appears to include a conflict marker:
>
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: a...@debian.org
[ Reason ]
Fixing CVE-2021-36773 in Bullseye and updating various filter lists.
[ Impact ]
CVE-2021-36773 would be unfixed.
[ Tests ]
I have
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: a...@debian.org
[ Reason ]
Fixing CVE-2021-36773 in Buster and updating various filter lists.
[ Impact ]
CVE-2021-36773 would be unfixed.
[ Tests ]
I have tested
ut not further above (thus "limited" path traversal), if the calling code
+would use the result to construct a path value.
+
+ -- Markus Koschany Fri, 20 Aug 2021 22:25:28 +0200
+
commons-io (2.6-2) unstable; urgency=medium
* Team upload.
diff -Nru commons-io-2.6/debian/patches
by the XMPParser. By using a
+specially-crafted argument, an attacker could exploit this vulnerability to
+cause the underlying server to make arbitrary GET requests.
+(Closes: #984949)
+
+ -- Markus Koschany Mon, 02 Aug 2021 07:48:42 +0200
+
xmlgraphics-commons (2.4-1) unstable
exploit this vulnerability to
+cause the underlying server to make arbitrary GET requests.
+(Closes: #984949)
+
+ -- Markus Koschany Wed, 04 Aug 2021 13:31:34 +0200
+
xmlgraphics-commons (2.3-1) unstable; urgency=medium
* Team upload.
diff -Nru xmlgraphics-commons-2.3/debian/patches/CVE
On Wed, 28 Jul 2021 17:44:49 +0200 Salvatore Bonaccorso
wrote:
> Hi,
>
> The following vulnerability was published for apache-directory-server.
>
> CVE-2021-33900[0]:
Hi Salvatore,
are you sure CVE-2021-33900 corresponds to apache-directory-server as well? To
me it seems the vulnerability
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org
Please unblock package jetty9
[ Reason ]
jetty9 in Bullseye is vulnerable to CVE-2021-34429.
https://bugs.debian.org/991188
[ Tests ]
I have backported all
Control: owner -1 !
Hi,
Am Freitag, dem 16.07.2021 um 21:16 +0200 schrieb Salvatore Bonaccorso:
> Source: jetty9
> Version: 9.4.39-2
> Severity: grave
> Tags: security upstream
> X-Debbugs-Cc: car...@debian.org, Debian Security Team
>
>
> Hi,
>
> The following vulnerability was published for
Hello,
we have a dedicated bug report for this problem, please keep
990...@bugs.debian.org in CC.
Am Freitag, dem 16.07.2021 um 14:34 +1000 schrieb GumballForAPenny:
> Hi all,
>
> (I am a user and contributor of SuperTuxKart, not any staff member of
> the project.)
>
> It has recently come
to David Harte for the report and Ingo Brückl for the patch.
+
+ -- Markus Koschany Tue, 13 Jul 2021 14:02:25 +0200
+
xarchiver (1:0.5.4.17-1) unstable; urgency=medium
* New upstream version 0.5.4.17.
diff -Nru xarchiver-0.5.4.17/debian/patches/debian-bug-990906.patch
xarchiver-0.5.4.17/debian
Control: tags -1 pending
Am Dienstag, dem 13.07.2021 um 13:41 +0200 schrieb Ingo Brückl:
> Hi,
>
> I believe that the bug you reported is fixed in the current master of
> xarchiver:
>
> https://github.com/ib/xarchiver/commit/949854e9a74489d8d977aac7a8428ecadd526ff1
Confirmed. Thanks for the
Hi Ingo,
I have received a bug report from David Harte (Debian bug #990906) and I can
reproduce the behavior.
https://bugs.debian.org/990906
It makes no difference if the linked directory is on a ntfs or ext4 file system
though. If you follow all steps and open the archive with xarchiver and
.qtopengl
+
+ -- Markus Koschany Sun, 04 Jul 2021 08:50:03 +0200
+
debian-games (3.3) unstable; urgency=medium
* arcade: Remove fofix from Suggests.
@@ -15,7 +33,7 @@
- board: kgames
- rpg: openmw
- rpg: openmw-cs
-- arcarde: pinball-table-gnu
+- arcade: pinball-table-gnu
. This can result in an
+application used on a shared computer being left logged in.
+
+Thanks to Salvatore Bonaccorso for the report. (Closes: #98, #990578)
+
+ -- Markus Koschany Sat, 03 Jul 2021 19:09:58 +0200
+
jetty9 (9.4.39-1) unstable; urgency=high
* New upstream release
Control: severity -1 normal
Hello,
On Sat, 1 May 2021 17:14:57 + (UTC) Alexis PM
wrote:
> Package: sweethome3d
> Version: 6.1.2+dfsg-2
> Severity: grave
> Justification: package unusable
>
> Widespread GUI drawing errors (entire sections of the window appear black
when interacting with
Hi Philip,
thank you for the reminder and the debdiff. Indeed I wanted to fix this issue
in Buster too but it seems I forgot to do it. I have requested a buster-pu
(#987719) and already uploaded the package.
Cheers,
Markus
signature.asc
Description: This is a digitally signed message part
-7+deb10u1) buster; urgency=medium
+
+ [ Phil Wyett ]
+ * Add fix segfault at startup patch.
+- 944431-avoid-no-return-statement-in-function-returning-non-void.patch
+ Thanks to Bernhard Übelacker . (Closes: #944431)
+
+ -- Markus Koschany Wed, 28 Apr 2021 13:14:06 +0200
+
berusky2
Control: tags -1 -moreinfo
On Mon, 26 Apr 2021 15:42:34 +0200 Graham Inggs wrote:
[...]
> > The full diff is attached. May I upload it to unstable?
>
> Please go ahead and upload, and remove the moreinfo tag once the new
> version is available in unstable.
Hi,
I have just uploaded mgba for
Hi,
I'm just investigating the current open RC bugs for the debian-java maintained
packages. You have marked #976477 and #977979 in jruby as pending. Could you
clarify why there hasn't been an upload yet? There also seems to be another RC
bug, #972230. Do you have any suggestions how we can
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: openrefine-opencsv
Version : 2.4
Upstream Author : Bytecode Pty Ltd, Kyle Miller
* URL : https
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: httpcomponents-client5
Version : 5.0.3
Upstream Author : The Apache Software Foundation
* URL : https
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: httpcomponents-core5
Version : 5.0.3
Upstream Author : The Apache Software Foundation
* URL : https
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libsweble-common-java
Version : 3.0.8
Upstream Author : The Open Source Research Group
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libsweble-wikitext-java
Version : 3.1.9
Upstream Author : The Open Source Research Group
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libxtc-rats-java
Version : 1.15.0
Upstream Author : Robert Grimm, New York University, Princeton University
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: maven-jflex-plugin
Version : 1.7.0
Upstream Author : Gerwin Klein, Steve Rowe, Régis Décamps
* URL
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
* Package name: librdfa-java
Version : 1.0.0~BETA1
Upstream Author : The University of Bristol
* URL : https://github.com/iteggmbh/java-rdfa
* License : BSD-3-clause
Programming Lang: Java
Description
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org
Dear release team,
[ Reason ]
Please unblock the sauerbraten content package for the cube2 engine in
testing. The current version of sauerbraten in testing
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libodfdom-java
Version : 0.9.0~RC2
Upstream Author : The Document Foundation
* URL : https
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libsecondstring-java
Version : 0.1
Upstream Author : 2003 Carnegie Mellon University
* URL : https
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: openrefine-vicino
Version : 1.2
Upstream Author : 2006-2010 Massachusetts Institute of Technology and
Contributors
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: openrefine-arithcode
Version : 1.2
Upstream Author : Bob Carpenter
* URL : https://github.com/bob
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libmarc4j-java
Version : 2.9.1
Upstream Author : Robert Haschart, Bas Peters, Bill Dueber, et.al.
* URL
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: openrefine-butterfly
Version : 1.1.1
Upstream Author : Stefano Mazzocchi
* URL : https://github.com
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: libdexx-java
Version : 0.7
Upstream Author : Andrew O'Malley
* URL : https://github.com/andrewoma/dexx
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: liblessen-java
Version : 1.0
Upstream Author : David Huynh
* URL : https://search.maven.org/artifact
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, a...@debian.org
* Package name: apache-jena
Version : 3.17.0
Upstream Author : Apache Software Foundation
* URL : https://jena.apache.org
* License : Apache
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org,
a...@debian.org
* Package name: openrefine
Version : 3.5
Upstream Author : OpenRefine contributors
* URL : https://openrefine.org
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
X-Debbugs-Cc: debian-de...@lists.debian.org, 938...@bugs.debian.org,
debian-j...@lists.debian.org, a...@debian.org
* Package name: libthrift-java
Version : 0.13.0
Upstream Author : Apache Software Foundation
* URL
Hi tony,
Am Sonntag, den 04.04.2021, 21:05 -0700 schrieb tony mancill:
> On Sat, Mar 27, 2021 at 07:54:11PM +0100, Salvatore Bonaccorso wrote:
> > Source: libpdfbox2-java
> > Version: 2.0.22-1
> > Severity: important
> > Tags: security upstream
> > Forwarded:
I'm dropping the bug submitter from CC because I believe the discussion is no
longer relevant for him.
Am Freitag, den 26.03.2021, 21:08 +0100 schrieb wf...@niif.hu:
> Markus Koschany writes:
[...]
> > Yes, exactly. There should be a versioned dependency on
> > pacemaker-cli-u
Hello Feri,
Am Freitag, den 26.03.2021, 16:37 +0100 schrieb wf...@niif.hu:
> Control: reassign -1 libpe-status10 1.1.24-0+deb9u1
> Control: severity -1 serious
>
> Thorsten Rehm writes:
>
> > In my opinion the crmsh package should be more strict with the
> > pacemaker-cli-utils package
>
>
Am Montag, den 22.03.2021, 07:55 +0200 schrieb Andrius Merkys:
> Control: severity 985604 important
> Control: tags 985604 + confirmed
>
> Hello,
>
> On 2021-03-20 18:05, Антон Скрипка wrote:
> > When export to SVG:
> >
> > Java 3D: implicit antialiasing enabled
> >
Am Freitag, den 12.03.2021, 11:48 +0700 schrieb Judit Foglszinger:
> Hi,
>
> wanted to play solarwolf tonight and stumbled over #984673 ;)
> So just did what you said in the bug report and replaced isAlive with
> is_alive,
> what made it work for me.
> Not sure, if the patch is actually useful
and xcf2pnm binaries of
+xcftools. An integer overflow can occur while walking through tiles that
+could be exploited to corrupt memory and execute arbitrary code. In order
+to trigger this vulnerability, a victim would need to open a specially
+crafted XCF file.
+
+ -- Markus Koschany
Package: solarwolf
Version: 1.5+dfsg1-2
Severity: grave
X-Debbugs-Cc: a...@debian.org
solarwolf fails to start because of an AttributeError: Thread object
has no attribute isAlive. The funtion was removed in Python 3.9. The
new one appears to be is_alive(). I try to prepare a patch for
solarwolf
Package: oneisenough
Version: 0.40-5
Severity: grave
X-Debbugs-Cc: a...@debian.org
oneisenough fails to start because the function time.clock() has been
removed in Python 3.8. I believe time.process_time() is the new
equivalent but I have not tested the patch yet.
Markus
-- System
Control: severity -1 normal
Am Dienstag, den 02.03.2021, 01:32 +0200 schrieb Adrian Bunk:
[...]
> > I would really like to understand what the current drawback is for our
> > users.
> > If you could provide the build flags with march=native and march=x86-64 and
> > then prove that march=x86-64
Control: severity -1 normal
Am Dienstag, den 02.03.2021, 01:02 +0200 schrieb Adrian Bunk:
> On Mon, Mar 01, 2021 at 11:39:00PM +0100, Markus Koschany wrote:
> > Am Montag, den 01.03.2021, 23:53 +0200 schrieb Adrian Bunk:
> > > Source: spring
> > > Version: 105.0.1+dfs
Am Montag, den 01.03.2021, 23:53 +0200 schrieb Adrian Bunk:
> Source: spring
> Version: 105.0.1+dfsg-1
> Severity: serious
> Tags: patch
>
> spring builds with -march=native on amd64, which makes spring
> only work on machines compatible with whatever buildd built it.
What Policy violation
Control: tags 800983 pending
Control: tags 982001 pending
On second thought, let's fix this now.
signature.asc
Description: This is a digitally signed message part
Control: reopen 800983 982001
I'm reopening bug 800983 and 982001 because they were not properly fixed. I let
the current version in unstable migrate to testing and then I fix those
remaining issues.
Markus
signature.asc
Description: This is a digitally signed message part
Hello security team, hello Hugo, I hope you are doing well!
I have just uploaded a NMU for xcftools fixing CVE-2019-5086 and CVE-2019-5087.
The new patch also addresses the 32 bit portability issues. The basic idea
behind it is to limit possible values of width and height (which can only be
Control: tags -1 wontfix
Hello,
thanks for the report. There is no plan to continue support for the Python
bindings of unbound in Stretch. The official support ended last year. See also
DSA-4694-1. [1]
We have resumed support a few weeks ago but only for the unbound server itself,
as well as
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: a...@debian.org
Dear ftp team,
please remove fretsonfire from Debian. The package is rc-buggy and
unmaintained. [1]
I have raised this issue on the debian-devel-games mailing list [2]
and nobody objected against the removal.
Regards,
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: a...@debian.org
Dear ftp team,
please remove kiki-the-nano-bot from Debian. The package is rc-buggy and
unmaintained. [1]
I have raised this issue on the debian-devel-games mailing list [2]
and nobody objected against the removal.
Regards,
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: a...@debian.org
Dear ftp team,
please remove jugglemaster from Debian. The package is rc-buggy and
unmaintained. [1]
I have raised this issue on the debian-devel-games mailing list [2]
and nobody objected against the removal.
Regards,
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: a...@debian.org
Dear ftp team,
please remove adanaxisgpl from Debian. The package is rc-buggy and
unmaintained. [1]
I have raised this issue on the debian-devel-games mailing list [2]
and nobody objected against the removal.
Regards,
Am Donnerstag, den 18.02.2021, 11:40 +0200 schrieb Andrei POPESCU:
[...]
> Hello,
>
> This appears to be the case. A side effect of this is that unless dealt
> with manually these bugs will just linger in the BTS.
>
> https://bugs.debian.org/cgi-bin/pkgreport.cgi?maint=
>
> Please either close
Am Mittwoch, den 17.02.2021, 15:21 -0500 schrieb Robert Edmonds:
> Markus Koschany wrote:
[...]
> > Please feel free to reassign and/or adjust the bug report as necessary.
>
> I get the following error message from the BTS. Do I need to do
> "reassign 982671 unbound1.9&quo
Hello,
Am Mittwoch, den 17.02.2021, 14:09 -0500 schrieb Robert Edmonds:
> Hi,
>
> #982671 / #982672 is incorrectly reported against the python-unbound
> package. It should instead be against the unbound binary package because
> this functionality is in the unbound daemon.
Please feel free to
Hi,
Am Mittwoch, den 17.02.2021, 12:43 -0500 schrieb Robert Edmonds:
[...]
> Hi,
>
> It looks like #982671 / #982672 was assigned by the BTS to src:unbound
> rather than src:unbound1.9. I attempted to re-assign the bug to
> src:unbound1.9 with notfound/found but I don't think that worked since I
Control: owner -1 !
Hi Salvatore,
Am Freitag, den 12.02.2021, 07:42 +0100 schrieb Salvatore Bonaccorso:
> Source: netty
> Version: 1:4.1.48-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: car...@debian.org, Debian Security Team <
> t...@security.debian.org>
> Control: found -1
Hi Salvatore,
Am Mittwoch, den 10.02.2021, 22:03 +0100 schrieb Salvatore Bonaccorso:
[...]
>
> I'm not fully in favor to have all the (build-)rdeps forced out of
> Debian, that would likely not be a benefit as seems unfair to the
> castle-game-engine, game-data-packager and neurodebian packages,
Hello Salvatore,
Am Mittwoch, den 10.02.2021, 06:30 +0100 schrieb Salvatore Bonaccorso:
[...]
> Question back on this.
>
> Is it confirmed that it fixes both CVE-2019-5086 (TALOS-2019-0878,
> https://github.com/j-jorge/xcftools/issues/12) and CVE-2019-5087
> (TALOS-2019-0879,
this vulnerability, a victim would need to open a specially
+crafted XCF file.
+
+ -- Markus Koschany Tue, 9 Feb 2021 23:15:22 +0100
+
xcftools (1.0.7-6) unstable; urgency=medium
* Team upload (collab-maint)
diff -Nru xcftools-1.0.7/debian/patches/CVE-2019-5086-and-CVE-2019-5087.patch xcftools
Hey,
Am Mittwoch, den 03.02.2021, 12:23 +0100 schrieb Bret Curtis:
> Package: bullet
> Severity: normal
>
> Dear Maintainer,
>
> Multhreaded bullet has been available since 2014, yet is still not packaged.
> Since bullet already ships with single and double precision packages, it
> seems not
Hello,
On Sun, 22 Mar 2020 07:41:37 +0100 treaki wrote:
[...]
> Please add all avaivable command line options to the man page, i found out
following by guessing:
[...]
I have added the missing command line options to the man page. You can also
find more information at
Am Freitag, den 29.01.2021, 14:25 +0200 schrieb Modestas:
> The bug is still not fixed as I tried updating LMDE3 to LMDE4 based on debian
> 9 to 10.
The bug was fixed eight months ago. Without more information, nobody can
investigate your problem.
Regards,
Markus Koschany
signatu
Hello Thorsten,
Am Donnerstag, den 28.01.2021, 14:52 +0100 schrieb Thorsten Rehm:
> Hi Markus,
>
> thank you for your reply.
> I've installed a fresh Debian Stretch and I think I know why I had
> such a problem. I believe it's a dependency problem, but I let you
> decide, if this is the case.
>
Hello,
On Tue, 26 Jan 2021 08:24:19 +0100 Thorsten Rehm
wrote:
> Package: pacemaker
> Version: 1.1.24-0+deb9u1
> Severity: normal
>
> Dear Maintainer,
>
> thank you for the effort and the update.
> Unfortunately there are still some problems with the updated version.
>
> I've just updated the
Control: severity -1 normal
Hello,
Am Sonntag, den 24.01.2021, 13:22 +0100 schrieb Mattia Rizzolo:
[...]
> As announced in https://lists.debian.org/debian-qa/2020/11/msg00011.html
> we don't plan to remove public-udd-mirror.xvm.mit within less than a
> year.
>
> I'm filing this bug as RC, as I
I have pushed my preliminary work for 0.24 to the experimental branch of
https://salsa.debian.org/games-team/rrootage
The sources are targeted for the Windows platform and I had to rebase the
patches. There are still some issues with the path to /usr/share/games/rrootage
because upstream
Hi Moritz,
Am Freitag, den 22.01.2021, 21:03 +0100 schrieb Moritz Muehlenhoff:
> Source: jackson-databind
> Severity: important
> X-Debbugs-Cc: car...@debian.org, a...@debian.org
>
> Starting with 2.10 (and thus in Bullseye) upstream makes safe default
> typing required, the absense is no longer
Hi,
thanks for the patch. I have pushed your changes to
https://salsa.debian.org/games-team/snowballz/-/tree/experimental
However I can't build the package as is. The build system seems to require
python-distutils instead of pybuild and all the dependencies haven't been
updated yet.
Regards,
Hello,
Am Samstag, den 16.01.2021, 14:13 -0300 schrieb Caleb Marshall:
[...]
> Hello Markus,
> Last October I tried to port snowballz to python 3. I have it mostly
> working except for the GUI, which flickers when I move the mouse. If you
> could advise me on where to send a tar or diff I could
Package: teg
Version: 0.12.0-1
Severity: serious
teg 0.12.0-1 FTBFS on several architectures. We are aware of the
problem which has been reported upstream.
https://github.com/wfx/teg/issues/25
Hi,
Am Donnerstag, den 31.12.2020, 10:36 +0200 schrieb Marko Lindqvist:
> Package: freeciv
> Version: 2.6.2.1-2
> Tags: Security
>
> Freeciv server has a buffer overflow vulnerability, if it reads
> tailored score log file.
> Score log functionality is not enabled by default, and it's rarely
Hello,
I have prepared a new security update of pacemaker, the latest version in the
1.1.x series. The update will fix CVE-2018-16877, CVE-2018-16878 and CVE-2020-
25654. I would appreciate it if you could test this version before it is
uploaded to stretch-security again. You can find all Debian
Hi,
as previously announced on debian-devel-games [1] I intend to request the
removal of this source or binary package from Debian at the end of January
2021. If you are interested in fixing this bug, please let me know in time to
avoid the removal from Debian.
Markus
[1]
Control: severity -1 normal
The package is arch:all and builds fine on amd64 but FTBFS on other supported
architectures. Apparently one or two arch-dependent tests fail which is the
root cause of this failure. I'm downgrading the severity to normal as discussed
on the debian-java list. This is
On Wed, 9 Dec 2020 09:41:34 +0100 Lucas Nussbaum wrote:
> Source: service-wrapper-java
> Version: 3.5.30-1
> Severity: serious
> Justification: FTBFS on ppc64el
> Tags: bullseye sid ftbfs
> Usertags: ftbfs-20201209 ftbfs-bullseye ftbfs-ppc64el
>
> Hi,
>
> During a rebuild of all packages in
Control: severity -1 normal
I'm lowering the severity to normal as discussed on the debian-java mailing
list. The package builds fine on amd64 but it appears a test fails on ppc64el.
Markus
signature.asc
Description: This is a digitally signed message part
Control: block 941480 by -1
Hi,
On Thu, 5 Sep 2019 18:30:33 +0300 mer...@debian.org wrote:
> control: tags -1 + patch
>
> Hello,
>
> Please find attached a patch to build libthrift-java.
>
> Best wishes,
> Andrius
What is the status of this bug report? I also need libthrift-java for
Control: severity -1 normal
Hello,
The package builds fine on amd64. I don't think it is correct to use severity
serious in this case because ufoai-maps is an arch:all package. The same is
true for Java packages. If we want to make this a release goal (making arch all
packages buildable on all
Hello,
zsh 5.3.1-4+deb9u4 was sucessfully uploaded to stretch-security thirteen hours
ago but it still remains in status "uploaded" for all supported architectures
except arch all. Who can "install" the packages into the archive or is another
upload necessary?
Regards,
Markus
signature.asc
Thanks for the patch Asheesh!
signature.asc
Description: This is a digitally signed message part
Am Sonntag, den 22.11.2020, 18:37 + schrieb Adam D. Barratt:
[...]
> Assuming that's the only required change, please go ahead.
Thanks. Reverting the debhelper bump to 12 was the only packaging change. I
have uploaded ublock-origin 1.30.0 a few minutes ago.
Regards,
Markus
signature.asc
Hi,
Am Samstag, den 21.11.2020, 18:45 +0100 schrieb Xavier Guimard:
> Package: wabt
> Version: 1.0.20-1
> Severity: important
> X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
>
> Hi,
>
> wabt.js upstream repository is a minified file built from wabt. This
> package is a reverse
Am Donnerstag, den 19.11.2020, 12:01 +0200 schrieb Marko Lindqvist:
> On Thu, 19 Nov 2020 at 11:50, Marko Lindqvist wrote:
> > Upstream fix: https://www.hostedredmine.com/issues/868060, upstream
> > 2.6.2.1 release with the fix included coming soon (likely 28.11)
>
> In case you decide not to
Control: tags -1 moreinfo
signature.asc
Description: This is a digitally signed message part
Control: severity -1 normal
Am Montag, den 16.11.2020, 09:22 -0300 schrieb Alejandro Taboada:
> Hi Markus,
>
> Sorry for the delay. With this patch works when is applied only to 1 node.
> The services restart and the arm resources are up.
> The problem appears again when I install the patch on a
Am Freitag, den 13.11.2020, 23:13 -0300 schrieb Alejandro Taboada:
> Hello Markus,
>
> It doesn’t work. The output log is quite different. I throws a timeout and
> just at the end the “unprivileged client crmd”.
> See attached log.
I'm sorry but I uploaded an older version that missed a do_reply
Am Donnerstag, den 12.11.2020, 15:50 -0300 schrieb Alejandro Taboada:
> Hi !
>
> Just tested v1.1 and the issue persists. The problem is quiet local
> connection when using with corosync
Hello,
I believe I have found and fixed the problem. The refactored code in lrmd.c
caused the regression.
Hi,
Am Donnerstag, den 12.11.2020, 18:21 +0100 schrieb Pallai Roland:
> Hi Markus,
>
> The problem is still the same here:
Thanks for your debug log. I have looked at every line of code again and
compared the original upstream patch from here
Thanks for reporting. This is a permission problem. I assume your clients are
local and not remote and you don't use the tls_backend. I have prepared another
update that should grant the local hacluser clients the necessary privileges.
You can download the source and binary files from
Control: forwarded -1 https://github.com/torakiki/pdfsam/issues/431
signature.asc
Description: This is a digitally signed message part
+++ guacamole-server-0.9.9/debian/patches/CVE-2020-9497-and-CVE-2020-9498.patch
2020-11-06 22:44:56.0 +0100
@@ -0,0 +1,355 @@
+From: Markus Koschany
+Date: Tue, 3 Nov 2020 13:45:20 +0100
+Subject: CVE-2020-9497 and CVE-2020-9498
+
+Bug-Debian: https://bugs.debian.org/964195
+Origin:
https
301 - 400 of 3519 matches
Mail list logo
