Adam D. Barratt wrote:
On Tuesday, November 29, 2005 2:27 PM, Wolfram Schlich [EMAIL PROTECTED]
wrote:
Package: security.debian.org
/debian-non-US/ can only be found on one of the three
security.debian.org mirror servers:
[...]
Is that by design?!
There's no reason at all why any
Package: knemo
Version: current
Severity: minor
- Description: Network interfaces monitor for KDEs systray
+ Description: Network interfaces monitor for KDE's systray
or
+ Description: Network interfaces monitor for the KDE systray
An genetive 's' in English requires an apostrophe
Regards,
Jeroen van Wolffelaar wrote:
retitle 341241 RM: partimage-doc/sarge -- RoM; Useless without partimage
itself
tags 341241 sarge
thanks
No reason for a removal, there are other packages that some people
consider useless as well, and we don't remove them either.
On Tue, Nov 29, 2005 at
Adam D. Barratt wrote:
On Wed, 2003-11-26 at 10:08 +0200, Oskar Pearson wrote:
Package: security.debian.org
Hi there
I used to mirror security.debian.org via rsync, but since the
recent security compromise, the config appears to have changed.
It seems that rsync is no longer
Joey Hess wrote:
Mikko Rapeli wrote:
Joey Hess wrote:
Yes, the installation-report package owns the logs post sarge. In sarge,
purging base-config will remove the logs, but users may not want to do
that.
Great, but may I propose that base-config adopts installation logs in
sarge?
Mikko Rapeli wrote:
On Thu, Dec 01, 2005 at 03:32:45AM +0200, Mikko Rapeli wrote:
fakeroot combined with dpkg-source uses original source package permissions.
If the original source has insecure permissions on files and/or directories
dpkg-source -x should override them with umask, but:
Package: hypermail
Version: 2.1.8-1
hmrc(4) says:
antispam_at = string
Set this to 1 make hypermail use something like _at_ instead
of the RFC 2822 @ address separator.
However, this option needs to be set to the string that should be
used instead of the @
Package: mpd
Version: 0.11.5-5.1
I'm asked:
on boot. Note that is not necessary to run mpd as a system service
I assume that this should read that it's not necessary.
Regards,
Joey
--
Life is too short to run proprietary software. -- Bdale Garbee
--
To UNSUBSCRIBE, email to
Nico Golde wrote:
Package: screen
Version: 4.0.2-4.1
Severity: wishlist
Tags: patch
Hi,
screen isn't able to handle ~/ if you want to load a
configuration file via source in the command line.
I hate this because it is short and good :)
However, I attached a patch which fixes this.
Please
Nico Golde wrote:
Nico Golde wrote:
Package: screen
Version: 4.0.2-4.1
Severity: wishlist
Tags: patch
Hi,
screen isn't able to handle ~/ if you want to load a
configuration file via source in the command line.
I hate this because it is short and good :)
However, I
Package: gv
Version: 1:3.6.1-10
Something is very wrong here:
[..]
gv: unrecognized option `--grayscale'
Usage: gv [OPTION]... [FILE]
PostScript and PDF viewer.
--monochrome display document using only black and white
--grayscaledisplay document without colors
Jutta Wrage wrote:
Am 09.01.2006 um 15:09 schrieb Eduardo Trapani:
The attached list of locales was not right. Even though eo_EO is not
supported by glibc, it was being used by the esperanto pages.
looks like adding a line
eo_EO.UTF-8 UTF-8
Generating now.
Regards,
Joey
Martin Pitt wrote:
I still think that the current sid version is broken: it does nothing
to fix this vulnerability for similar cases (JAVA_TOOL_OPTIONS,
PYTHONHOME, RUBYLIB, etc. pp) in existing installations and upgrades
from stable, and for new installations it disables environment passing
Hi Alexis!
Alexis Sukrieh wrote:
* Martin Schulze ([EMAIL PROTECTED]) disait :
Do you happen to know about the package in woody?
Well, I don't know. Where can I grab woody's source packages?
a) what about woody
As soon as I know where to fetch woody's sources, I will tell you.
I
Martin Schulze wrote:
Alexis Sukrieh wrote:
* Martin Schulze ([EMAIL PROTECTED]) disait :
Do you happen to know about the package in woody?
Btw. this issue has been assigned CVE-2005-4534, so please add it to the
changelog if you prepare a fixed package for woody as well.
Regards
/JBIG2Stream.cc, debian/patches/patch-CVE-2005-3191]
+
+ -- Martin Schulze [EMAIL PROTECTED] Thu, 15 Dec 2005 17:02:52 +0100
+
+tetex-bin (2.0.2-30sarge3) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team
+ * Added more precautionary checks by Martin Pitt
+
+ -- Martin Schulze
Gunnar Wolf wrote:
Hi,
The bug is indeed important, even if it is not easily exploitable, and
the fix is trivial. I am pushing it to the security team so they can
apply it to the version in Sarge as well.
Please use CVE-2005-4536 for this problem.
Are you in contact with upstream?
; urgency=high
+
+ * Non-maintainer upload by the Security Team
+ * Adjusted the former patch
+ * Applied missing bits found by Ludwig Nussel
+
+ -- Martin Schulze [EMAIL PROTECTED] Fri, 9 Dec 2005 11:25:16 +0100
+
+tetex-bin (2.0.2-30sarge1) stable-security; urgency=high
+
+ * Non-maintainer upload
Package: curl
Severity: important
Tags: security woody sarge etch sid
Found: 7.9.5-1
found: 7.13.2-2
found: 7.15.1-1
http://www.hardened-php.net/advisory_242005.109.html
Stefan Esser discovered several off-by-one errors in libcurl, a
multi-protocol file transfer library, that allows local users
Frank Küster wrote:
Hi Joey,
Martin Schulze [EMAIL PROTECTED] wrote:
The original patch was not sufficient. I'm attaching the entire and the
incremental patch. Please apply the incremental patch to the version in
sid as well.
Did you see Martin Pitt's enhanced patch - do both
Domenico Andreoli wrote:
http://www.hardened-php.net/advisory_242005.109.html
Stefan Esser discovered several off-by-one errors in libcurl, a
multi-protocol file transfer library, that allows local users to
trigger a buffer overflow and cause a denial of service or bypass PHP
security
Moritz Muehlenhoff wrote:
Package: ethereal
Version: 0.10.13-1
Severity: important
Tags: security
Justification: user security hole
Another security problem has been discovered in Ethereal. This time it's
a buffer overflow in the OSPF dissector. Please see
Hi Frank!
Frank Küster wrote:
I looked at both, and it seems that Martin's does more. I'm speaking of
the patch attached to
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342292;msg=136
It introduces limits.h and does the same we did for the xpdf patches at
the beginning of the year,
Martin Pitt wrote:
After discovering that the same flawed multiplication is also present
in upstream's other two patches, I decided to completely rework the
patch.
I attach the debdiff with separated out changelog. Florian, maybe you
can peer-review the patch?
Martin and
Moritz Muehlenhoff wrote:
Package: sudo
Severity: important
Tags: security
Quoting from http://www.sudo.ws/sudo/alerts/perl_env.html :
| The PERL5LIB and PERLLIB environment variables can be used to provide a
list of
| directories in which to look for perl library files before the system
Martin Schulze wrote:
It's been fixed upstream in 1.6.8p12.
This is true, but it becomes rediculous.
Finally allocated some time to develop a minimal patch.
The attached patch only uses the variables listed in env_check to
be passed to the setuid environment. This will preserve language
Martin Schulze wrote:
Martin Schulze wrote:
It's been fixed upstream in 1.6.8p12.
This is true, but it becomes rediculous.
Finally allocated some time to develop a minimal patch.
The attached patch only uses the variables listed in env_check to
be passed to the setuid environment
Hi Michael,
now that /etc/host.conf is obsoleted it may be worth to add a
reference to /etc/nsswitch.conf to gethostbyname(3). This is
Debian Bug#308397.
Index: man3/gethostbyname.3
===
RCS file:
Hi Michael,
you may also want to add a reference to resolver(5) in resolver(3).
Index: man3/resolver.3
===
RCS file: /var/cvs/debian/manpages/man3/resolver.3,v
retrieving revision 1.2
diff -u -p -r1.2 resolver.3
--- man3/resolver.3
Justin Pryzby wrote:
Is there anything I can do to convince you to add the reference?
Yes, free the files.
Regards,
Joey
--
We all know Linux is great... it does infinite loops in 5 seconds.
-- Linus Torvalds
Please always Cc to me when replying to me on the lists.
--
To
You didn't mention CVE-2005-3417. Is the version in sarge not vulnerable
to it? Or did you miss it? Or did you just didn't document this?
Regards,
Joey
--
Open source is important from a technical angle. -- Linus Torvalds
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
Thijs Kinkhorst wrote:
On Mon, 2005-12-19 at 08:49 +0100, Martin Schulze wrote:
You didn't mention CVE-2005-3417. Is the version in sarge not vulnerable
to it? Or did you miss it? Or did you just didn't document this?
This has been fixed but indeed isn't documented in the changelog
Matthias Andree wrote:
are you using multidrop mode? If so, please test if the attached patch
fixes the bug. It is an untested backport from 6.3.1-rc1.
If you are not using multidrop mode, please provide your configuration
details (passwords masked!) and a stack backtrace.
Thanks a lot
Loic Minier wrote:
On Wed, Oct 26, 2005, Martin Schulze wrote:
Indeed, they're missing. Your source package is in the archive, though,
and looks good.
There's something wrong, still no buildd logs appear for libgnomeprint.
Would you please have a look at wanna-build?
Hmm, that's
Moritz Muehlenhoff wrote:
Package: openvpn
Severity: grave
Tags: security
Justification: user security hole
A format string vulnerability has been found in openvpn's option parsing
code, which indirectly may be exploited remotely as well. Please see
Steve Langasek wrote:
On Tue, Nov 08, 2005 at 10:15:26PM -0500, Charles Fry wrote:
Version 6.4-1.1 of awstats was uploaded to unstable in response to
CVE-2005-1527. However, it was never uploaded to stable-security, even
though version 6.4.1 is the current stable version of awstats.
Jonas Smedegaard wrote:
Jonas Smedegaard wrote:
A package has now been uploaded to
ftp://security.debian.org/pub/SecurityUploadQueue
Hope it is correctly understood that when a firt-timer on
security-debian-org source needs to be incuded.
In general this was correct...
Steve Kemp wrote:
On Wed, Nov 09, 2005 at 04:42:08AM -0800, Charles Stevenson wrote:
Due to a bug in the environment variable substitution code it is
possible to inject environment variables such as LD_PRELOAD and gain a
root shell.
Confirmed.
Joey we'll need an ID for it.
Jonas Smedegaard wrote:
A package has now been uploaded to
ftp://security.debian.org/pub/SecurityUploadQueue
Hope it is correctly understood that when a firt-timer on
security-debian-org source needs to be incuded.
In general this was correct... However, what's this part in the
diff:
only
Thomas Zeitlhofer wrote:
- Forwarded message from Clint Adams [EMAIL PROTECTED] -
From: Clint Adams [EMAIL PROTECTED]
Subject: Re: Bug#153036: reintroduced by last security update
To: Thomas Zeitlhofer [EMAIL PROTECTED], [EMAIL PROTECTED]
Date: Mon, 31 Oct 2005 13:21:28 -0500
It
Steve Kemp wrote:
Due to a bug in the environment variable substitution code it is
possible to inject environment variables such as LD_PRELOAD and gain a
root shell.
Charles Stevenson discovered that osh, the operator's shell for
executing defined programs in a privileged environment, does
Moritz Muehlenhoff wrote:
Martin Schulze wrote:
Due to a bug in the environment variable substitution code it is
possible to inject environment variables such as LD_PRELOAD and gain a
root shell.
Confirmed.
Joey we'll need an ID for it.
Please use CVE-2005-3344
Thomas Zeitlhofer wrote:
It seems that this bug has been reintroduced with the last security
update for sarge (cpio 2.5-1.3 on i386).
You might have to take that up with the security team.
It has never been fixed for cpio 2.5-1 according to the changelog,
so the bug cannot be
Jeroen van Wolffelaar wrote:
On Tue, Dec 20, 2005 at 06:54:18AM +0100, Martin Schulze wrote:
Thijs Kinkhorst wrote:
On Mon, 2005-12-19 at 06:53 +0100, Martin Schulze wrote:
Thanks. Could somebody explain the issues that were fixed which have no
security relevance? From
Matthias Andree wrote:
Martin Schulze wrote:
The patch does not apply though, since xfree() is unknown in version 6.2.5.
I assume that the xfree only frees the memory when it is not NULL and sets
the variable to NULL again, so the attached patch should do the same and
apply
Moritz Muehlenhoff wrote:
Martin Schulze wrote:
The attached patch only uses the variables listed in env_check to
be passed to the setuid environment. This will preserve language
settings by default, but nothing more.
What do people think about this?
The patch itself looks fine
/dissectors/packet-ospf.c, CVE-2005-3651]
+
+ -- Martin Schulze [EMAIL PROTECTED] Sat, 10 Dec 2005 15:03:54 +0100
+
ethereal (0.10.10-2sarge3) stable-security; urgency=high
* Security fixes for sarge:
only in patch2:
unchanged:
--- ethereal-0.10.10.orig/epan/dissectors/packet-ospf.c
+++ ethereal
Alexis Sukrieh wrote:
Hi,
I'm the maintainer of the backup manager package.
There are currently one security issue in our sarge package (0.5.7-7sarge1).
I made a package with the patch submitted against the bug #329387 which
closes the issue.
Umh... I don't have a CVE name to share
Moritz Muehlenhoff wrote:
Martin Schulze wrote:
Moritz Muehlenhoff wrote:
Package: ethereal
Version: 0.10.13-1
Severity: important
Tags: security
Justification: user security hole
Another security problem has been discovered in Ethereal. This time it's
a buffer overflow
Bdale Garbee wrote:
On Thu, 2005-12-22 at 09:15 +0100, Martin Schulze wrote:
It's a box of pandora. You can hardly hit all variables.
Bdale, what's your opinion?
One of the workarounds suggested by upstream in the p12 release
announcement is:
Alternately, the administrator
Package: gifsicle
Version: current
Severity: minor
- Description: Tool for manipulationg GIF images
+ Description: Tool for manipulating GIF images
Regards,
Joey
--
It's time to close the windows.
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to
Sven Mueller wrote:
I created a fixed package (actually two: one for sid/etch and one for
sarge), available at https://mail.incase.de/spampd/sarge-security/
respectively at https://mail.incase.de/spampd/sid/ (until my sponsor
finds the time to upload the latter to sid). Personally, I'm
Could somebody explain the security implication for me?
being able to write arbitrary strings into valid records without
overwriting any other data in utmp/wtmp can hardly be classified
as a security vulnerability.
(Apart from that, I'm only slightly annoyed as I had to learn about
this via
Arthur Korn wrote:
Hi
1.19-1 source and binary packages work on stable, and the
differences to 1.18.4-2 are all local bugfixes, so I figure it
doesn't make any sense to separate bugfixes from bugfixes for a
special security fix for stable. Well, we could split out
Since the diff between
Moritz Muehlenhoff wrote:
1.19-1 source and binary packages work on stable, and the
differences to 1.18.4-2 are all local bugfixes, so I figure it
doesn't make any sense to separate bugfixes from bugfixes for a
special security fix for stable. Well, we could split out
storeBackupSync,
severity 329156 normal
thanks dude
Loïc Minier wrote:
Hi,
On Fri, Oct 07, 2005, Martin Schulze wrote:
Could somebody explain the security implication for me?
You can record in the utmp/wtmp logs something which is wrong, for
example that an user is currently connected
Moritz Muehlenhoff wrote:
Sounds correct, my manpage says:
-h, --no-dereference
affect each symbolic link instead of any referenced file (useful only on
systems that can change the ownership of a symlink)
However, I think that this hunk is missing for CAN-2005-3148:
diff -Naur
Loïc Minier wrote:
Hi,
On Fri, Oct 07, 2005, Martin Schulze wrote:
severity 329156 normal
thanks dude
You didn't Cc: control, I've bounced it to control.
I usually use Bcc for that, so that group replies don't annoy
our control dude. :)
Ok, so unless somebody proves us
==
Candidate: CAN-2005-3178
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3178
Reference: BUGTRAQ:20051005 xloadimage buffer overflow.
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraqm=112862493918840w=2
Buffer overflow in
Jeroen van Wolffelaar wrote:
tags 318286 sarge
thanks
On Thu, Jul 14, 2005 at 05:36:34PM +0300, Joey Hess wrote:
oftpd is vulnerable to anothere security hole. This time a crafted FTP
USER command can cause a crash. Since a buffer overflow is involved,
it's possible that this can be
Ola Lundqvist wrote:
Hello
On Wed, Oct 05, 2005 at 01:17:37PM -0400, Mike O'Connor wrote:
Package: horde3
Version: 3.0.5-1
Severity: critical
Tags: security
Justification: root security hole
As part of the installation procedure in README.Debian, you are told to
configure
Ola Lundqvist wrote:
I also would recommend that a password be required do use the
Administration interface.
The administration thing will be kept there as it do not have any write
permission to any of the configuration files.
Or do you have a good suggestion on how to
Sven Mueller wrote:
Hence, it's rather one mail falls through or something. Doesn't sound
security-relevant to me.
Well, it's more of an indirect DoS. The mails are rejected with an SMTP
temporary failure code according to my quick test. This means that those
mails fill up the sending
Loic Minier wrote:
Hi,
I'm willing to do a stable-proposed-updates upload of
libgnomeprint2.2-0 to address #334450. It is an important usability
bug, but I know that important bugs can not always be addressed in
stable. Joey: please check the severity of #334450 and the length
Loic Minier wrote:
Hi,
On Tue, Oct 25, 2005, Martin Schulze wrote:
If I understand the problem correctly, for some reason libgnomeprint does
not use the proper lpr command. However, the patch does not implicate
the execution location.
Actually, the problem is not the PATH
Loic Minier wrote:
On Tue, Oct 25, 2005, Martin Schulze wrote:
Please upload a fixed package based on the patch you attached.
Uploaded. Attached are the relevant interdiff and debdiff.
I'm afraid the huge debdiff exposes that:
- the Uploaders were updated with the latest version
Loic Minier wrote:
On Tue, Oct 25, 2005, Martin Schulze wrote:
BOTH PARTS ARE VERY EASY TO AVOID.
cp patch foo/debian/patches
dch -i / emacs debian/changelog
fine.
I'm sorry, but please reupload with only the patch you provided in the
last mail, the onliner.
That should be followed
Loic Minier wrote:
Hi,
On Tue, Oct 25, 2005, Martin Schulze wrote:
That should be followed by dpkg-source -b, of course.
Ok, I didn't knew about that, and it offered a shorter debdiff at the
end indeed. I did:
That looks a lot better. There's one more thing, though, you'll
Loic Minier wrote:
On Wed, Oct 26, 2005, Martin Schulze wrote:
That looks a lot better. There's one more thing, though, you'll have to
do before you can upload: bump up the version number since you had already
uploaded the other package with the large diff. After that, it should be
fine
Moritz Muehlenhoff wrote:
Thijs Kinkhorst wrote:
Another security problem has been found in mantis. Insufficient
input sanitising of the t_core_path parameter may be exploited to perform
arbitrary file inclusion. Please see
http://secunia.com/secunia_research/2005-46/advisory/ for
Package: irssi-text
Version: 8.9-3.1
Severity: wishlist
Tags: upstream
Moin,
I'd like to issue two feature requests. With all the comfort irssi
provides, I even found two items that would make me even more
comfortable with this irc client.
1. Configure colors per channel/window
Currently
found 335843 1.58-2
thanks
There seems to be a bug in the prerm script:
Preparing to replace libxml-libxml-perl 1.58-1 (using
.../libxml-libxml-perl_1.58-2_i386.deb) ...
/var/lib/dpkg/info/libxml-libxml-perl.prerm: line 10: [: missing `]'
/var/lib/dpkg/info/libxml-libxml-perl.prerm: line 10:
Package: gspot
Version: current
Severity: minor
- Description: gspot: A GNOME applet to query the Net
+ Description: A GNOME applet to query the network
No need to repeat the package name in the short description of said
package.
Regards,
Joey
--
Life is too short to run proprietary
This one is CAN-2005-3257.
Regards,
Joey
--
Never trust an operating system you don't have source for!
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Mark Brown wrote:
The enclosed bug was filed by Leafnode upstream. I believe this patch
contains the relevant fix:
Err, could you explain the security implication?
Regards,
Joey
--
No question is too silly to ask, but, of course, some are too silly
to answer. -- Perl book
Nico Golde wrote:
Hi,
* Loic Minier [EMAIL PROTECTED] [2005-11-14 17:28]:
tags 336096 + patch pending
thanks
Hi,
On Sat, Oct 29, 2005, Nico Golde wrote:
i will provide a security update asap.
It has been two weeks, unless you object, and if the security team
Florian Ragwitz wrote:
On Tue, Nov 15, 2005 at 11:24:32AM +0100, Bastian Blank wrote:
On Tue, Nov 15, 2005 at 01:45:54AM +0100, Florian Ragwitz wrote:
I'm aware of the unportability of parrot and working on it.
Unfortunately I don't have a s390 machine where I can log into
currently.
Piotr Roszatycki wrote:
Dnia Wednesday 16 of November 2005 13:17, Martin Schulze napisa?:
Vuln 1:
Full Path Disclosures in the following files:
Vuln 2:
Http Response Splitting in libraries/header_http.inc.php
Do you know if this is the same vulnerability as the first one above
Hi!
Steve Langasek wrote:
I've tracked this bug in centericq down to a failure to deal with short
packets (or packets declaring their own length to be zero). The attached
patch fixes this segfault, by stopping without further processing of the
packet when its length is determined to be zero.
Ola Lundqvist wrote:
I assume that this applies to the sarge version as well.
It seems so.
I'm not sure this should be considered grave as this only can occur
when a fatal error occur.
Better be save than sorry, also error pages can be referenced.
I'm not even sure that this is possible to
Stefan Hornburg wrote:
pam_tally allow logins even after the pre-defined threshold is exceeded;
and pam_tally counter continues to increase upon successful login
following a failed login
How is this a bug in courier-imap-ssl?
It is, courier-authdaemon didn't call pam_acct_mgmt. Does
Thijs Kinkhorst wrote:
On Thu, 2005-10-27 at 15:49 +0200, Moritz Muehlenhoff wrote:
All affect Sarge.
I've prepared updated packages for sarge. My updated package for sid is
still pending with my sponsor Luk Claes. The updated packages for sarge
are available here:
David Härdeman wrote:
I am still seeing this problem in the version of courier included in
sarge. Courier seems to happily ignore the result of the pam check and
continue anyway (when using the pam_tally module).
I would suggest that this warrants the security tag and a security
update
Horms wrote:
On Fri, Oct 28, 2005 at 01:56:19PM +0200, Dagfinn Ilmari Mannsaaker wrote:
Package: heartbeat
Version: 1.2.3-9sarge3
Severity: normal
The 'hacluster' system user is added without the --system flag, thus
placing it in the normal user range.
Policy 9.2.2. says:
Loic Minier wrote:
Sorry for the delay. You can grab the proposed fixes in:
http://people.dooz.org/~lool/debian/gtk-gdk-cves.tgz (87M)
MD5: 56148df50af6e28beaca57e4fa3bf6cc
Thanks a lot! Packages are building already.
I found the vulnerability matrix by Moritz Muehlenhoff
Loic Minier wrote:
On Mon, Nov 21, 2005, Martin Schulze wrote:
I found the vulnerability matrix by Moritz Muehlenhoff useful:
Woody gtk2 Woody gdk-pixbuf Sarge gtk2 Sarge
gdk-pixbuf
CVE-2005-29751170 2841170 284
CVE-2005
Ola Lundqvist wrote:
Is there any CVE number or similar that I can refer this to?
Please use
==
Name: CVE-2005-3759
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759
Reference: MLIST:[horde-announce] 20051122
Finn-Arne Johansen wrote:
Package: gosa
Version: 2.5.6-2
Severity: critical
Tags: security
Justification: root security hole
The documentation in gosa tells the admin to install gosa.conf under
/etc/gosa/gosa.conf, and to make it readable by the group www-data.
In this configuration
Package: gnome-lokkit
- Forwarded message from Bill Ries-Knight [EMAIL PROTECTED] -
Date: Fri, 15 Dec 2006 08:55:27 -0800
From: Bill Ries-Knight [EMAIL PROTECTED]
To: debian-www@lists.debian.org
Subject: bad link
X-Folder: debian-www@lists.debian.org
on this page:
Package: ca-certificates
Version: 20050804
Severity: important
Upon upgrade of this package it seems that all symlinks to certificates
in /etc/ssl/certs are removed. However, recreated are only those to
certificates provided by this package. (or all symlinks to certs not
from this package are
Package: gdrae
Version: current
Severity: minor
- Description: A Real Academia Espanola dictinoary interface
+ Description: Real Academia Espanola dictionary interface
Regards,
Joey
--
GNU does not eliminate all the world's problems, only some of them.
Package: obexfs
Version: current
Severity: minor
- Description: Mount filesystem of ObexFTP capabable devices
+ Description: Mount filesystem of ObexFTP capable devices
Regards,
Joey
--
GNU does not eliminate all the world's problems, only some of them.
Package: queuegraph
Version: 1.1.0-1
Severity: wishlist
Since this package is somewhat derived from mailgraph it would be nice
if the titles would be displayed similarily. The attached fix does this.
Regards,
Joey
--
GNU does not eliminate all the world's problems, only some of them.
Andrew Lee wrote:
Dear Joey and Tetralet,
I found this in the prepared upload:
Description: Extremely fast and lightweight file manager for the X
Window System
- According to developers-reference 6.2.2, it says the synopsis shoud
not starts with a capital letter.
Ugh! Stupid! Stupid!
Roger Leigh wrote:
When a program using a UTF-8 locale logs a UTF-8 string using syslog(3),
syslog mangles the string. For example:
Jun 23 21:34:24 hardknott schroot[10687]: [sid chroot]
rleigh\u\206\222rleigh Running login shell: /bin/bash
[sid chroot] rleigh???rleigh Running login
Package: debianutils
Version: 2.17.1
Severity: wishlist
Tags: patch
Please apply the attached patch to the next upload. It fixes a
documentation gap since -m/-g/-u implies -t so that new files
are indeed created.
Regards,
Joey
--
There are lies, statistics and benchmarks.
Please
Package: debtags
Version: 1.6.2
There is a space missing:
impromtu!joey(pts/0):~ debtags help search
[..]
-i, --invertinvert the match, selecting non-matching items
[..]
---
Here are two spaces missing:
impromtu!joey(pts/0):~
Package: libgtk2-perl
Version: 1.140-1
Severity: wishlist
The documentation for Gtk2::Entry (using perldoc) lacks a reference to the
signal 'changed' emitted whenever something happened inside an Entry widget.
Please add it.
Regards,
Joey
--
A mathematician is a machine for converting
dann frazier wrote:
On Mon, Nov 13, 2006 at 12:22:59PM -0800, Steve Langasek wrote:
Yes, because this is a kernel security bug. The smbmount patch was
entertained pre-sarge only as a stopgap due to the proximity to release; the
right place to fix this is still in the kernel (upstream as
tags 392002 pending
tags 392002 upstream
thanks
Yuri Kozlov wrote:
A file with russian program translation is attached.
Thanks, it'll be released together with 0.2.
Regards,
Joey
--
All language designers are arrogant. Goes with the territory...
-- Larry Wall
Please always
1 - 100 of 524 matches
Mail list logo