Control: tags -1 - moreinfo
Control: retitle -1 unblock: acorn/8.0.5+ds+~cs19.19.27-3
Le 15/06/2021 à 20:59, Paul Gevers a écrit :
> Control: tag -1 moreinfo
>
> Hi Yadd,
>
> On Thu, 20 May 2021 11:29:15 +0200 Paul Gevers wrote:
>> Control: tag -1 confirmed moreinfo
>&
d.apache.org/security/vulnerabilities_24.html#CVE-2021-31618
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
> Salvatore
Hi all,
I can't import the whole patch for Bullseye since it is written for
2.4.47. I think the best solution is to import the w
Le 08/06/2021 à 07:58, Yadd a écrit :
> Le 07/06/2021 à 17:34, Salvatore Bonaccorso a écrit :
>> Source: apache2
>> Version: 2.4.47-1
>> Severity: grave
>> Tags: security upstream
>> Justification: user security hole
>> X-Debbugs-Cc: car...@debian.
Le 08/06/2021 à 08:25, Yadd a écrit :
> Le 08/06/2021 à 07:58, Yadd a écrit :
>> Le 07/06/2021 à 17:34, Salvatore Bonaccorso a écrit :
>>> Source: apache2
>>> Version: 2.4.47-1
>>> Severity: grave
>>> Tags: security upstream
>>> Justification:
Le 10/06/2021 à 14:07, Moritz Muehlenhoff a écrit :
> On Thu, Jun 10, 2021 at 02:02:05PM +0200, Yadd wrote:
>> Le 10/06/2021 à 12:16, Yadd a écrit :
>>> Le 10/06/2021 à 11:51, Yadd a écrit :
>>>> Hi,
>>>>
>>>> Hopefully there is an ava
Le 10/06/2021 à 17:31, Yadd a écrit :
> Le 10/06/2021 à 14:07, Moritz Muehlenhoff a écrit :
>> On Thu, Jun 10, 2021 at 02:02:05PM +0200, Yadd wrote:
>>> Le 10/06/2021 à 12:16, Yadd a écrit :
>>>> Le 10/06/2021 à 11:51, Yadd a écrit :
>>>>> Hi,
>>&
89562, CVE-2021-31618)
+
+ -- Yadd Thu, 10 Jun 2021 11:57:38 +0200
+
apache2 (2.4.46-4) unstable; urgency=medium
* Ignore other random another test failures (Closes: #979664)
diff --git a/debian/patches/CVE-2021-31618.patch
b/debian/patches/CVE-2021-31618.patch
new file mode 100644
inde
Control: retitle -1 unblock: apache2/2.4.46-6
Le 10/06/2021 à 12:21, Yadd a écrit :
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: secur...@debian.org
>
> Please unblock package
big.
Cheers,
Yadd
unblock apache2/2.4.48-2
diff --git a/debian/apache2-data.lintian-overrides
b/debian/apache2-data.lintian-overrides
index 902735d7..fa617892 100644
--- a/debian/apache2-data.lintian-overrides
+++ b/debian/apache2-data.lintian-overrides
@@ -1 +1,5 @@
debian-changelog-file
Control: tags -1 - moreinfo
Control: retitle -1 unblock: apache2/2.4.48-3
Le 20/06/2021 à 16:35, Sebastian Ramacher a écrit :
> Control: tags -1 moreinfo
>
> On 2021-06-19 18:13:16 +0200, Yadd wrote:
>> Package: release.debian.org
>> Severity: normal
&g
Le 08/06/2021 à 10:51, Yadd a écrit :
> Le 08/06/2021 à 08:25, Yadd a écrit :
>> Le 08/06/2021 à 07:58, Yadd a écrit :
>>> Le 07/06/2021 à 17:34, Salvatore Bonaccorso a écrit :
>>>> Source: apache2
>>>> Version: 2.4.47-1
>>>> Severity: grave
ium XSS vulnerability
[ Tests ]
Upstream doesn't provide any test for this package
[ Risks ]
No risk, patch is trivial
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Y
in testing
[ Other ]
Patch includes debian/watch update due to GitHub changes
Cheers,
Yadd (from hospital)
unblock node-got/11.8.1+~cs53.13.17-2
diff --git a/debian/changelog b/debian/changelog
index b70fffc..c1ca5b3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-got
,
Yadd (from hospital)
unblock pkg-js-tools/0.9.65
diff --git a/debian/changelog b/debian/changelog
index 9647851..def7239 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+pkg-js-tools (0.9.65) unstable; urgency=medium
+
+ * Force package.json install even if removed
] attach debdiff against the package in testing
[ Other info ]
This patch also:
* update GitHub tags regex in debian/watch
* mark autopkgtest with 'needs-internet' (which was missing)
Cheers,
Yadd (still from hospital ;-))
unblock node-millstone/0.6.19-4
diff --git a/debian/changelog b/debian
t; n; i++) {
ret += " "
}
return ret + "";
}
var Color = three.Color
var time = Date.now();
new Color(build_blank(5))
var time_cost = Date.now() - time;
console.log(time_cost+" ms")
Result is 1945 ms so three.js seems not vulnerable, at least in Buster
Cheers,
Yadd
Le 05/05/2021 à 20:00, Adrian Bunk a écrit :
> Source: node-require-from-string
> Version: 2.0.1-1
> Severity: serious
> Tags: ftbfs
> Control: close -1 2.0.2-1
>
> https://tests.reproducible-builds.org/debian/rb-pkg/buster/amd64/node-require-from-string.html
>
> ...
>debian/rules
Le 14/05/2021 à 14:21, Jonas Smedegaard a écrit :
> Quoting Pirate Praveen (2021-05-14 13:46:28)
>> terser-webpack-plugin needs terser at least version 4.8. Is there any
>> known blockers I can help with?
>
> Thanks for asking.
>
> Draft package in git fails like this:
>
> cd dist &&
Le 15/05/2021 à 05:02, Yadd a écrit :
> Le 14/05/2021 à 14:21, Jonas Smedegaard a écrit :
>> Quoting Pirate Praveen (2021-05-14 13:46:28)
>>> terser-webpack-plugin needs terser at least version 4.8. Is there any
>>> known blockers I can help with?
>>
>>
Le 15/05/2021 à 05:13, Yadd a écrit :
> Le 15/05/2021 à 05:02, Yadd a écrit :
>> Le 14/05/2021 à 14:21, Jonas Smedegaard a écrit :
>>> Quoting Pirate Praveen (2021-05-14 13:46:28)
>>>> terser-webpack-plugin needs terser at least version 4.8. Is there any
Le 15/05/2021 à 20:18, Pirate Praveen a écrit :
> Package: pkg-js-tools
> Version: 0.9.65
> Severity: wishlist
>
> Example module @toast-ui/editor
>
> Read lerna.json and install these similar to entries in
> debian/nodejs/components
>
> {
> "packages": ["apps/*", "plugins/*", "libs/*"],
>
Hi,
I prepared an update for Buster (branch = buster). Please review
Cheers,
Yadd
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd (from hospital ;-))
unblock cyrus-imapd/3.2.6-2
diff --git a/debian/changelog b/debian/changelog
index bc383a9c..150929df 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3
]
No risk, just a transitional package
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other ]
acorn is in NEW queue since March 30th 2021
Cheers,
Yadd
unblock acorn/8.0.5+ds
in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock libbusiness-us-usps-webtools-perl/1.125-1
diff --git a/Changes b/Changes
index ad21fdc..0134ec1 100644
--- a/Changes
+++ b/Changes
@@ -1,5 +1,21 @@
Revision
server.
[ Impact ]
Medium vulnerability
[ Tests ]
No change in test
[ Risks ]
No risk, patch is trivial
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock node
] the issue is verified as fixed in unstable
[ Changes ]
Just replace:
split(/, */)
by
split(',').map(s => s.trim())
[ Other info ]
I adapted patch from 7.4.2 to 1.1.0
Cheers,
Yadd
-32640)
+
+ -- Yadd Wed, 26 May 2021 12:33:11 +0200
+
node-ws (1.1.0+ds1.e6ddaae4-5) unstable; urgency=medium
* Add upstream/metadata
diff --git a/debian/patches/CVE-2021-32640.patch
b/debian/patches/CVE-2021-32640.patch
new file mode 100644
index 000..fd4c9dc
--- /dev/null
+++ b/debian
d I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
API change
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 3a65ac0..964b422 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +
Le 29/05/2021 à 16:04, Adam D. Barratt a écrit :
> Control: tags -1 + confirmed
>
> On Sat, 2021-05-22 at 12:26 +0200, Yadd wrote:
>> [ Reason ]
>> USPS is sending notices that HTTP access will be turned off shortly,
>> in favor of HTTPS.
>>
>> Give
the package in testing
Sorry for this error...
Cheers,
Yadd
unblock node-cpr/3.0.1-4
diff --git a/debian/changelog b/debian/changelog
index b0e6caf..338ddf1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-cpr (3.0.1-4) unstable; urgency=medium
+
+ * Team upload
/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock node-got/11.8.1+~cs53.13.17-3
-BEGIN PGP SIGNATURE-
iQJEBAEBCgAuFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAmC0tMwQHHlhZGRAZGVi
aWFuLm9yZwAKCRD210ynyZnu6TKiD
[ Tests ]
No change in tests, passed
[ Risks ]
Patch is trivial, no risk IMO
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock node-color-string/1.5.4-2
diff --git
Le 09/07/2021 à 13:12, Stadtsholte, Ingo a écrit :
> Package: apache2
>
> Version: 2.4.38-3+deb10u4
>
>
>
> After minor updating my Apache Installation to the above Version,
> AuthType in Directory directive only affects to DirectoryIndex, not to
> all other files/subdirectories
>
>
>
>
Hi Juergen,
could you take a look at
https://github.com/cyrusimap/cyrus-imapd/issues/3545 ?
Cheers,
Yadd
Hi,
to help us to resolve this issue, could you take a look at this comment?
https://github.com/cyrusimap/cyrus-imapd/issues/3240#issuecomment-877913241
Cheers,
Yadd
Package: wnpp
Severity: wishlist
Owner: Yadd
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: libtest-exports-perl
Version : 1
Upstream Author : Ben Morrow
* URL : https://metacpan.org/release/Test-Exports
* License : BSD-2-Clause
Programming
Le 09/07/2021 à 05:04, Thorsten Glaser a écrit :
> Thanks Adam for the analysis!
>
>> To stop the mails from logrotate, could you please change back:
>> - invoke-rc.d apache2 reload
>> + invoke-rc.d apache2 reload > /dev/null 2>&1
>>
>> otherwise, people running Bullseye will
Le 9 juillet 2021 19:32:21 GMT+02:00, "Jérémy Lal" a écrit :
>Le ven. 9 juil. 2021 à 15:39, Gianfranco Costamagna <
>locutusofb...@debian.org> a écrit :
>
>> Source: node-millstone
>> Version: 0.6.19-4
>> Severity: serious
>>
>> Hello, for some reasons the autopkgtest is now failing due to:
>>
Cheers,
Yadd
unblock node-millstone/0.6.19-5
diff --git a/debian/changelog b/debian/changelog
index 772caee..48a07e5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-millstone (0.6.19-5) unstable; urgency=medium
+
+ * Team upload
+ * Disable another test (Closes
Package: wnpp
Severity: wishlist
Owner: Yadd
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: libreadonly-tiny-perl
Version : 4
Upstream Author : Ben Morrow
* URL : https://metacpan.org/release/Readonly-Tiny
* License : BSD-2-Clause
Programming
Control fixed -1 4.16.3+~cs5.4.72-2
Le 29/04/2021 à 20:38, Salvatore Bonaccorso a écrit :
> Source: node-browserslist
> Version: 4.16.3+~cs5.4.72-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: car...@debian.org, Debian Security Team
>
>
> Hi,
>
> The following vulnerability
the package in testing
Cheers,
Yadd
unblock node-browserslist/4.16.3+~cs5.4.72-2
diff --git a/debian/changelog b/debian/changelog
index ee4d58f..f53ddc3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+node-browserslist (4.16.3+~cs5.4.72-2) unstable; urgency=medium
Package: hplip
Version: 3.21.2+dfsg1-2
Severity: grave
Justification: renders package unusable
hplip is broken as reported by hp-check (see below). This renders
package unusable.
Cheers,
Yadd
-- Package-specific info:
Saving output in log file: /home/xavier/dev/lemonldap/ui/manager/hp-check.log
od to me, thanks! Could you also ignore these warnings in a
debain/lintian-overrides? It looks like false positive
Cheers,
Yadd
W: node-lightgallery: privacy-breach-generic
usr/share/nodejs/lightgallery/dist/js/lg-video.min.min.js []
(//www.dailymotion.com/embed/video/'+t.dailymotion[1]+d+')
W: node-lightga
Le 23/04/2021 à 20:52, Brian Potkin a écrit :
> severity 987420 minor
> thanks
>
>
> On Fri 23 Apr 2021 at 18:30:41 +0200, Yadd wrote:
>
> Thank you for your report, Yadd.
>
> What is your printer model?
Hi,
it's a HP Envy 4500. It worked until last testing upda
Le 23/04/2021 à 19:03, Jonas Smedegaard a écrit :
> Quoting Yadd (2021-04-23 17:47:23)
>> Control: tags -1 + pending
>>
>> Le 23/04/2021 à 09:44, Daniel Ring a écrit :
>>> Hello Xavier,
>>>
>>> It looks like the build process was minifying th
Le 29/04/2021 à 10:32, Yadd a écrit :
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
>
> Please unblock package node-postcss
>
>
debdiff against the package in testing
Cheers,
Yadd
unblock node-postcss/8.2.1+~cs5.3.23-7
diff --git a/debian/changelog b/debian/changelog
index f7ffc04..a66396e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-postcss (8.2.1+~cs5.3.23-7) unstable; urgency=medium
Le 29/04/2021 à 10:50, Yadd a écrit :
> Le 29/04/2021 à 10:32, Yadd a écrit :
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>> X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
] the issue is verified as fixed in unstable
[ Changes ]
Test wanted 8 successful checks. The patch requires only 7, so allows
one failure (function not launched probably due to a nodejs change)
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index e08c7c7..4c026c2 100644
--- a/debian
node-redis (3.0.2+~cs5.18.1-3) UNRELEASED; urgency=medium
+
+ * Fix GitHub tags regex
+ * Uploaders: remove Leo Iannacone, thanks for your work!
+ * Fix potential ReDoS (Closes: CVE-2021-29469)
+
+ -- Yadd Sun, 25 Apr 2021 13:54:43 +0200
+
node-redis (3.0.2+~cs5.18.1-2) unstable; urgency=me
Control: tags -1 + moreinfo
Hi,
I'm unable to reproduce this issue, with and without ctype=nodejs
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
Regex update
Cheers,
Yadd
diff --git a/debian/changelog b/debian
ckports for Bullseye
* maybe Debian backports for Buster (buster-backports-sloppy)
Cheers,
Yadd
Package: liblemonldap-ng-portal-perl
Version: 2.0.0+ds-1
Severity: normal
Upstream bug: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2459
"After complete install, captcha does not work. First, I have tons of warnings
and after digging into the code, my conclusions are very
]
shortcutMatch regex is cut in two piece:
- a more simple regexp
- a distinc change to remove .git suffix
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index b4038a0..f8baeef 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-hosted-git-info (2.7.1-1+deb10u1
Control: reopen -1
Control: tags -1 - moreinfo
Control: retitle -1 unblock: pinball/0.3.20201218-3
Hi,
Philippe added an autopkgtest to pinball. Since this game has no reverse
dependencies (except its pinball tables [2]), I think it is not risky to
unblock it.
Debian Package Tracker[1]
unblock asked: https://bugs.debian.org/985488
Control: tags -1 - moreinfo
Le 28/03/2021 à 22:24, Paul Gevers a écrit :
> Control: tags -1 moreinfo
>
> Hi,
>
> On 25-03-2021 15:04, Yadd wrote:
>> Philippe added an autopkgtest to pinball.
>
> The autopkgtest doesn't test the installed binaries substan
Control: tags -1 - moreinfo
Le 31/03/2021 à 09:52, Sebastian Ramacher a écrit :
> Control: tags -1 moreinfo
>
> On 2021-03-30 22:49:43, Yadd wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usert
gt; [ Checklist ]
>> [X] all changes are documented in the d/changelog
>> [X] I reviewed all changes and I approve them
>> [X] attach debdiff against the package in testing
>>
>> Cheers,
>> Yadd
>>
>> unblock node-d3-dsv/1.1.1-4
>
>&g
changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other ]
I downgrade autopkgtest to "superficial" since nothing was really tested
(just a node "require"). That's why I'm filing thi
information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2021-23358
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358
> [1] https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984
>
> Regards,
> Salvatore
Hi,
here is a debdiff for buster inc
dependencies
* Remove useless debian/webpack.config.js
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock node-d3-dsv/1.1.1-4
diff --git a/debian/changelog b/debian
Le 15/03/2021 à 19:42, Andreas Beckmann a écrit :
> On 15/03/2021 14.00, Yadd wrote:
>> Le 15/03/2021 à 13:49, Yadd a écrit :
>>> Le 15/03/2021 à 13:30, Andreas Beckmann a écrit :
>>>> Package: chai
>>>> Version: 4.2.0+ds+~4.2.14-3
>
>>> the
Le 15/03/2021 à 13:30, Andreas Beckmann a écrit :
> Package: chai
> Version: 4.2.0+ds+~4.2.14-3
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: piuparts
>
> Hi,
>
> an upgrade test with piuparts revealed that your package installs files
> over existing symlinks and possibly
Le 15/03/2021 à 13:49, Yadd a écrit :
> Le 15/03/2021 à 13:30, Andreas Beckmann a écrit :
>> Package: chai
>> Version: 4.2.0+ds+~4.2.14-3
>> Severity: serious
>> User: debian...@lists.debian.org
>> Usertags: piuparts
>>
>> Hi,
>>
>> an upgra
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: r...@users.sf.net
Please unblock package pinball
[ Reason ]
pinball has a RC bug due to a bad build dependency to libstdc++
[ Impact ]
Unusable for Bullseye
[ Tests ]
Le 10/03/2021 à 11:14, Thomas Goirand a écrit :
> Since Praveen says he wants to replace the package *after* bullseye,
> it's probably fine to downgrade this bug to "Important" and not have it
> as an RC bug before the release. Therefore, downgrading it.
>
> Cheers,
>
> Thomas Goirand (zigo)
diff --git a/debian/changelog b/debian/changelog
index d89bef9..4d8dcd6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+pinball (0.3.20201218-2) unstable; urgency=medium
+
+ * d/control: Update preferred libstdc++ version (Closes: #985440)
+ * d/control: Update standards
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
node-xmlhttprequest-ssl is an unmaintained fork of node-xmlhttprequest,
useless and unmaintained in Debian. I think it should be removed from
Debian.
I filed a RC bug to remove it from Bullseye
Package: node-xmlhttprequest-ssl
Severity: serious
node-xmlhttprequest-ssl is an unmaintained fork of node-xmlhttprequest.
It should be removed from Bullseye
Le 03/03/2021 à 09:31, Andreas Beckmann a écrit :
> On 03/03/2021 07.37, Yadd wrote:
>> OK for Breaks, but why "Replaces" ? cyrus-common still exists, or is
>> there something I didn't understand?
>
> Look at it the other way around:
>
> You are tak
Le 03/03/2021 à 07:35, Andreas Beckmann a écrit :
> On 03/03/2021 07.32, Yadd wrote:
>> cyrus-imapd depends on `cyrus-common (= ${binary:Version})`, should I
>
> That only defines the configuration order.
>
>> move it to Pre-Depends ?
>
> No, just add the B+R to b
Le 02/03/2021 à 21:36, Andreas Beckmann a écrit :
> Package: cyrus-imapd
> Version: 3.2.5-2
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: piuparts
>
> Hi,
>
> during a test with piuparts I noticed your package fails to upgrade from
> 'buster'.
> It installed fine in
Le 08/03/2021 à 15:19, Vivek K J a écrit :
> Is there any workaround for this bug?
> I've got same bug while trying to pack another npm module... Any help
> will be appreciable...
> --
> Greetings,
>
> Vivek K J
> vive...@tchncs.de
> www.vivekkj.me
Try with debian/nodejs/extcopies instead of
to
+node-types-estree and node-types-node (Closes: #979762, #979775, #985702)
+
+ -- Yadd Mon, 22 Mar 2021 12:45:55 +0100
+
node-rollup-pluginutils (4.1.0+~2.8.2-2) unstable; urgency=medium
* Team upload
diff --git a/debian/control b/debian/control
index 6f6f43d..c5ab2ea 100644
& autopkgtest still works
[ Risks ]
No risk
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock node-core-js/3.8.2-2
diff --git a/debian/changelog b/debian/chang
would also have the benefit that people could use APACHE_CONFDIR
> in their configs if they want to make paths relative to it, where the
> directive doens't use non-absolute paths per default relative to
> ServerRoot.
Hi,
could you propose a patch?
Cheers,
Yadd
] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
More checks for given arguments
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index e49c409..e55d497 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11
inst the package in testing
[ Other info ]
Patch is trivial, just a regex update
Cheers,
Yadd
unblock node-glob-parent/5.1.1+~5.1.0-2
diff --git a/debian/changelog b/debian/changelog
index 3e6f1d0..e60f126 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-glob-parent (5.1.1+~5.1
adapted to 3.1.0
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 74d0753..46486a7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-glob-parent (3.1.0-1+deb10u1) unstable; urgency=medium
+
+ * Team upload
+ * Fix ReDoS (Closes: CVE-2020-28469
ting
Cheers,
Yadd
unblock node-handlebars/4.7.6+~4.1.0-2
diff --git a/debian/changelog b/debian/changelog
index 675dba0..215d5a2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-handlebars (3:4.7.6+~4.1.0-2) unstable; urgency=medium
+
+ * Team upload
+ * Fix remote
de-postcss/8.2.1+~cs5.3.23-6
diff --git a/debian/changelog b/debian/changelog
index 9dba3f7..f7ffc04 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-postcss (8.2.1+~cs5.3.23-6) unstable; urgency=medium
+
+ * Team upload
+ * Fix ReDoS vulnerability (Closes: CVE-2021-23368)
+
be fixed by running `sudo apt install node-chokidar`.
Hi,
I think this is not a required dependency. The question for JS-Team is:
add node-chokidar in recommended or suggested dependencies? Of course,
description should explain the need of chokidar.
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index d4aae875..407f7c48 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+dojo (1.14.2+dfsg1-1+deb10u3) buster; urgency=medium
+
+ * Team upload
+ * Fix cross-site-scripting vulnerability (Closes: #97, CVE-2020-4051)
+
+ --
Le 14/04/2021 à 08:06, Andrius Merkys a écrit :
> Package: dh-make-perl
> Version: 0.116
> Severity: wishlist
>
> CPAN's default bugtracker is rt.cpan.org. Therefore, it would be nice to
> have Bug-Database and Bug-Submit fields of debian/upstream/metadata
> auto-filled in with appropriate
Hi,
for the record, I removed build dependency to
node-uglifyjs-webpack-plugin from chai (src:node-chai). The browser
package is no more minified but this is not important: libjs-chai has no
reverse dependency.
Cheers,
Xavier
Hi,
node-lightgallery won't be part of Bullseye. I propose to remove it from
Debian. Its place is perhaps in non-free section but not here under JS
Team umbrella in main section.
Cheers,
Xavier
> This bug is definitely still open. I ran into the same exact issue
> today.
Hi,
did you find this issue in versions 3.2.x or only in 3.0.x ?
Cheers,
Xavier
> Package: liblemonldap-ng-portal-perl
> Version: 2.0.0+ds-1
> Severity: normal
>
> Upstream bug:
> https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2459
>
> "After complete install, captcha does not work. First, I have tons
>of warnings and after digging into the code, my
Le 21/04/2021 à 17:23, Pirate Praveen a écrit :
> On Wed, 21 Apr 2021 15:48:14 +0200 Yadd wrote:
>> Hi,
>>
>> `pretty=describe` uses the result of `git describe`. You got a
>> "4.17.4.20" because this is the last tag on the branch you tried to
>> clone.
Package: wnpp
Severity: wishlist
Owner: Yadd
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-javascript-de...@lists.alioth.debian.org
* Package name: node-minipass
Version : 3.1.3
Upstream Author : npm, Inc. and Contributors
* URL : https://github.com/isaacs
Le 16/08/2021 à 21:55, Salvatore Bonaccorso a écrit :
> Source: ckeditor
> Version: 4.16.0+dfsg-2
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: car...@debian.org, Debian Security Team
>
> Control: found -1 4.11.1+dfsg-1
>
> Hi,
>
> The following vulnerability was published
]
Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 2331e3e..355b51a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+apr (1.7.0-6+deb11u1) bullseye; urgency=medium
+
+ * Team upload
+
+ [ Salvatore Bonaccorso ]
+ * Out-of-bounds array dereference
Control: tags -1 + confirmed
Le 27/08/2021 à 15:04, Enrico Zini a écrit :
> Package: libjs-popper.js
> Version: 1.16.1+ds-3
> Severity: serious
>
> Hello,
>
> the assets of libjs-popper.js do not appear under /usr/share/javascript.
> The only thing that is packaged there is `popper.js` as an
Le 27/08/2021 à 15:44, Yadd a écrit :
> Control: tags -1 + confirmed
>
> Le 27/08/2021 à 15:04, Enrico Zini a écrit :
>> Package: libjs-popper.js
>> Version: 1.16.1+ds-3
>> Severity: serious
>>
>> Hello,
>>
>> the assets of libjs-popper.js do
Hi,
could you try using "heads/Beta" instead of "refs/heads/Beta" ?
Package: node-ansi-escapes
Version: 5.0.0-1
Severity: serious
New node-ansi-escapes is now a ES module. This breaks terminal-link
which is embedded in node-jest-debbundle
1 - 100 of 812 matches
Mail list logo