Package: josm
Version: 0.0.svn18570+dfsg-1~bpo11+1
Severity: normal
X-Debbugs-Cc: alt.people.davidcal...@gmail.com
Dear Maintainer,
I use ImproveWay a lot because when I map a highway in OpenStreetMap
I want the curves to be as smooth as possible. I also downloaded
pt_assistant because it seemed
Package: mpv
Version: 0.34.1-1+b5
Severity: wishlist
X-Debbugs-Cc: jobbautis...@protonmail.com
Dear Maintainer,
sndio support was removed @ commit b6707c9b according to your GitLab, the reason
being that it's no longer supported upstream at the time. Upstream has added
back sndio support to
Control: reassign -1 texlive-latex-base
On 29.07.22 Lucas Nussbaum (lu...@debian.org) wrote:
Hi,
this happened due to a change in doc package. Reassign to
texlive-latex-base for now, will close shortly.
Hilmar
> During a rebuild of all packages in sid, your package failed to build
> on amd64.
Control: retitle -1 [ROM] racon: Please remove for 32 bit architectures (armel,
armhf, i386, mipsel, hppa, m68k, powerpc, sh4, x32)
Control: reassign -1 ftp.debian.org
Hi ftpmasters,
we have to chose option 3 mentioned below - asking for removal of
32 bit architectures.
Kind regards and thanks
Control: tags -1 + confirmed
On Sun, 2022-09-11 at 15:13 +0200, Yadd wrote:
> lemonldap-ng before version 2.0.15 has an issue that may maintain
> a session active on a Lemonldap::NG's handler if user has a
> continuous
> activity on this handler after session expiration or deletion
>
Control: tags -1 + confirmed
On Sat, 2022-10-08 at 11:30 +0200, Aurelien Jarno wrote:
> The glibc/2.31-13+deb11u4 update introduced a regression (bug
> #1019855) on some early Intel Haswell processors which expose the
> AVX2 instructions, but lack the BMI2 instructions. On such systems
> the
Control: tags -1 + confirmed
On Wed, 2022-10-12 at 09:14 +0200, Yadd wrote:
> node-xmldom is vulnerable to prototype pollution
>
>
Please go ahead.
Regards,
Adam
Control: tags 1021446 pending
Frans Spiesschaert wrote...
> Please add it to your next package revision.
Thanks, now queued up.
Christoph
signature.asc
Description: PGP signature
Cyril Brulebois (2022-10-12):
> With the upcoming golang-github-zclconf-go-cty update, its
> golang-github-zclconf-go-cty-dev will stop covering the missing
> (Build-|)Depends, as it will shift from […]-go-textseg-dev to
> […]-go-textseg-v13-dev, making both nomad and nomad-driver-podman FTBFS.
Hi,
Christoph Berg wrote:
> Re: Axel Beckert
> > I wonder if we should generally ignore negative values here (might
> > hide some "wrong time" issues, but then again they should reported by
> > another check) or just accept tiny negative values?
>
> The check was introduced in 2013 by
Hi Dirk!
Le dimanche 21 août 2022 à 09:17 -0500, Dirk Eddelbuettel a écrit :
> That is a problem, and it is somewhat know. ESS used to release every six or
> so months, now we are many years behind with no official release. Your best
> bet may be to install directly from melpa and removing the
Source: graphicsmagick
Version: 1.4+really1.3.38-1
Severity: serious
Control: close -1 1.4+really1.3.38+hg16739-1
Tags: sid bookworm ftbfs
User: release.debian@packages.debian.org
Usertags: out-of-sync
Dear maintainer(s),
The Release Team considers packages that are out-of-sync between
Package: postgresql
Version: 15+244
Severity: minor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On previous upgrades to postgresql to a new major versions, you'd always
get a prompt and instructions how to upgrade the database cluster to the
new postgresql version. I did not get that with
Package: dcfldd
Version: 1.7-3
Severity: important
Tags: upstream
Control: forwarded -1
https://github.com/resurrecting-open-source-projects/dcfldd/issues/11
The following command fails on s390x:
dcfldd if=test.txt hash=md5,sha1,sha256,sha384,sha512 2>&1 | grep -C 20
Control: tags 1020108 patch
Martin Quinson wrote...
> Thanks for any help that could be provided.
Greetings from the Karlsruhe BSP.
As mentioned earlier, the build failure is a result of grep's new
warning messages. Digging closer I realized the current quote_bre()
function can no longer used
Control: tags 1016599 + patch
Control: tags 1016599 + pending
Dear maintainer,
I've prepared an NMU for mayavi2 (versioned as 4.8.0-1.1) and uploaded
it to DELAYED/15. Please feel free to tell me if I should cancel it.
cu
Adrian
diff -Nru mayavi2-4.8.0/debian/changelog
Source: redmine
Version: 5.0.2-2
Severity: serious
PostgreSQL 15 restricts the CREATE privilege on the default "public"
schema in each database to the database owner; previous all users were
allowed to create new objects.
redmine needs updating for this; one workaround for the testsuite
would be
Control: tags 1020011 + patch
Control: tags 1020011 + pending
Dear maintainer,
I've prepared an NMU for ukui-biometric-manager (versioned as 1.0.3-1.1)
and uploaded it to DELAYED/14. Please feel free to tell me if I should
cancel it.
cu
Adrian
diff -Nru
Hi László,
On 14-10-2022 21:33, László Böszörményi (GCS) wrote:
Your package src:graphicsmagick has been trying to migrate
for 61 days [2].
It's 'only' 37 days, but that's long enough even.
Hmm, [1] says your package was accepted on 14 August 2022; no sure where
that weird count in the
Hi again,
Axel Beckert wrote:
> And just for the record: This only happens on some of my hosts. I have
> several hosts (also with a lot of elpa plugins, but probably still not
> as many as on the host where it happens reproducibly) where the
> upgrade from 27.x to 28.x worked fine on the first
Control: tags 1021780 confirmed
Emanuele Rocca wrote...
> The example does not work as is, it needs "type=file" too.
Oops. It seems this has been around since its introduction back
in 2006 without being noticed.
Christoph
signature.asc
Description: PGP signature
Control: forwarded 1014936 https://github.com/Kozea/WeasyPrint/issues/1741
On Wed 2022-10-12 16:57:29 -0400, Scott Kitterman wrote:
> On Thu, 14 Jul 2022 16:19:58 -0400 Daniel Kahn Gillmor
> wrote:
>> Hi there! I'm glad that there's a weasyprint(1) manpage, but the
>> contents of the manual
-- Forwarded message -
De: Serge E. Hallyn
Date: vie, 14 oct 2022 a las 17:56
Subject: Re: [Pkg-shadow-devel] Bug#1021745: passwd: /etc/passwd was edited
with the wrong shell path
To: Najib Bakari
Cc: Serge E. Hallyn
On Fri, Oct 14, 2022 at 05:34:09PM +0200, Najib Bakari
Cyril Brulebois (2022-10-12):
> nomad is shipping an embedded copy of hashicorp/hcl/v2, and doesn't
> list all packages it requires to build. For the time being, this is
> hidden by golang-github-zclconf-go-cty-dev, which in turn pulls the
> required golang-github-apparentlymart-go-textseg-dev
Hello Thomas, I hope you're well,
Not meaning to rush you, just a heads up in case it was missed (since
it's automated):
4.7.2-3 migrated to testing, we should be good to get 4.9.1 on sid.
The experimental excuses page is not showing any regressions, which
means it will probably migrate to
Salut Seb,
On 14 October 2022 at 20:10, Sébastien Villemot wrote:
| Hi Dirk!
|
| Le dimanche 21 août 2022 à 09:17 -0500, Dirk Eddelbuettel a écrit :
| > That is a problem, and it is somewhat know. ESS used to release every six
or
| > so months, now we are many years behind with no official
> It doesn’t directly address the topic of endianess, but it does say
> the following:
>
> "The .bdic files are always UTF-8 internally, and the convert_dict
> tool converts things appropriately when it runs.”
>
> I must admit that the topic of endianess goes a bit beyond my
> expertise, but my
Source: dlt-viewer
Severity: normal
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
The date is embedded in various .pdf files:
Re: To Debian Bug Tracking System
> redmine needs updating for this; one workaround for the testsuite
> would be to "grant create on schema public to public;" to revert to
> the old default.
It's not the testsuite failing; it's already the postinst failing to
install redmine.
Christoph
OK, here is the detailed version of steps to reproduce:
1. Install apache2, apache2-suexec-pristine and libapache2-mpm-itk packages.
2. Disable mpm_event and enable cgid, mpm_prefork and suexec modules.
3. Configure two sites on Apache2.
3-1. For the first one, enable SuexecUserGroup.
On Fri, Oct 14, 2022 at 03:37:29PM +0200, Marco d'Itri wrote:
> On Oct 14, Vincent Lefevre wrote:
>
> > > This is obviously convenient on Guillem's part, but we have to optimize
> > > systems by default for the general case and not just for dpkg -i.
> > This dpkg FAQ says that this is not
Source: commons-text
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for commons-text.
CVE-2022-42889[0]:
| Apache Commons Text performs variable interpolation, allowing
| properties to be dynamically evaluated and expanded.
Am Thu, Oct 13, 2022 at 09:36:09PM +0200 schrieb Markus Koschany:
> Hi,
>
> I just had a go at this issue and I discovered that libxalan2-java in Debian
> is
> not affected but rather bcel.
>
> https://tracker.debian.org/pkg/bcel
>
> The fixing commit in OpenJDK addresses the same code which
Package: wnpp
Severity: wishlist
Subject: ITP: savvy -- conversion tool for SAV file format
Package: wnpp
Owner: Andreas Tille
Severity: wishlist
* Package name: savvy
Version : 2.1.0
Upstream Author : xx-20yy FIXME
* URL : https://github.com/statgen/savvy
* License
Hi Paul, Marti,
On Fri, Oct 14, 2022 at 9:09 PM Paul Gevers wrote:
> The Release Team considers packages that are out-of-sync between testing
> and unstable for more than 60 days as having a Release Critical bug in
> testing [1]. Your package src:graphicsmagick has been trying to migrate
> for
Source: vart
Severity: normal
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
The build time is embedded in various binaries:
Package: libipc-run-perl
Version: 20220807.0-1
I've noticed that IPC::Run::run() sometimes takes significantly more
time than the child process itself. For example:
$ time -p perl -MIPC::Run=run -e "run('sleep 0.7')"
real 1.18
user 0.03
sys 0.01
This is how it looks under strace:
Re: Axel Beckert
> I wonder if we should generally ignore negative values here (might
> hide some "wrong time" issues, but then again they should reported by
> another check) or just accept tiny negative values?
The check was introduced in 2013 by 8fca9ab199:
-} elsif ($last_update >= 1.5) {
+}
Control: close -1
X-Debbugs-Cc: ael
On Thu, Oct 13, 2022 at 07:35:25PM +0100, ael wrote:
> It does seem to leave some error handling attention if it dumps core
> on a simple configuration error. I guess that is for upstream.
It's not actually a coredump, but a fatal error message that is
On Friday, October 14, 2022 3:54:53 AM MST Roland Rosenfeld wrote:
> - Where should the bdic files be placed?
> 1) /usr/share/hunspell-bdic
I like this option because it would eliminate the need to wait to find out if
Chromium can use the files before deciding where to put them.
On a separate
Control: tags -1 + bookworm sid
As bullseye is not affected as it will never upgrade to glibc
2.34, I'm setting release tags to exclude this bug from stable
and allow the bug to be archived.
Cheers
Timo
--
⢀⣴⠾⠻⢶⣦⠀ ╭╮
⣾⠁⢠⠒⠀⣿⡁ │ Timo
FYI:
Chromium includes an embedded copy of the hunspell library, which
they've forked to ignore dic/aff files and instead use bdic files. The
patch and google additions can be found here:
https://sources.debian.org/src/chromium/106.0.5249.119-1/third_party/hunspell/google.patch/
On Fri, Oct 14 2022 at 12:54:53 PM +0200, Roland Rosenfeld
wrote:
Hi,
let me try to summarize where we stand and what options and open
questions we have.
I see the following options to package the bdic-Files (seems not all
of them were already mentioned before):
a) Bundle the bdic files
reassign 1012871 src:qt6-multimedia
forwarded 1012871 https://bugreports.qt.io/browse/QTBUG-104226
thanks
The issue is on the way Qt locates the devices + how it handles gst
classes. The fix ought to be there with 6.4.1.
--
Lisandro Damián Nicanor Pérez Meyer
https://perezmeyer.com.ar/
Package: wnpp
Owner: Dirk Eddelbuettel
Severity: wishlist
* Package name: r-cran-rcppspdlog
Version : 0.0.8
Upstream Author : Dirk Eddelbuettel
* URL or Web page : https://eddelbuettel.github.io/rcppspdlog/
* License : GPL (>= 2)
Description : R package for spdlog
user debian-rele...@lists.debian.org
usertags -1 + bsp-2022-10-de-karlsruhe
thankyou
Hi,
the attached patch imported from the upstream repository fixes the FTBFS.
Kind regards,
Reiner
From bdca5c7fe4d6f3a23287f62e0be044bef3de1974 Mon Sep 17 00:00:00 2001
From: Reiner Herrmann
Date: Fri, 14
This is Google’s page describing the .bdic format:
https://sites.google.com/a/chromium.org/dev/developers/how-tos/editing-the-spell-checking-dictionaries[1]
It doesn’t directly address the topic of endianess, but it does say the
following:
"The .bdic files are always UTF-8 internally, and the
Source: golang-golang-x-text
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for golang-golang-x-text.
CVE-2022-32149[0]:
| An attacker may cause a denial of service by crafting an Accept-
| Language header which
Source: nss
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for nss.
CVE-2022-3479[0]:
| A vulnerability found in nss. By this security vulnerability, nss
| client auth crash without a user certificate in the database and
Hi,
On 2022-10-14 11:58, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sat, 2022-10-08 at 11:30 +0200, Aurelien Jarno wrote:
> > The glibc/2.31-13+deb11u4 update introduced a regression (bug
> > #1019855) on some early Intel Haswell processors which expose the
> > AVX2
Source: vart
Severity: normal
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: buildpath
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
The buildid for various binaries differs when built from a different
build path:
On Fri, Oct 14, 2022 at 02:58:17PM -0400, Andres Salomon wrote:
> In my opinion, chromium's (, or QT's, or whoever's) bdic support should be
> merged upstream into hunspell, and hunspell should be shipping bdic files in
> /usr/share/hunspell alongside the .aff and .dic files. I don't know how
>
Package: groff-base
Version: 1.22.4-6
Severity: normal
Dear Maintainer,
The weird spacing on Pqs when compared to ()s has always bugged me,
but now it's bugged me so hard I decided to look.
You may have noticed that, for example,
(ibid)
is rendered differently from
.Pq ibid
It's very
On 2022-10-14 07:07, Martin wrote:
> * License : (under investigation)
Will probably BSD-3-clause.
Check https://github.com/rnpgp/py-rnp/issues/6 for updates.
> Description : Intent to Package [ITP]
That should have said "Python bindings for librnp".
Source: cross-toolchain-base-mipsen
Version: 20
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
several ld.so.1 variants are shipped by two packages that are not
conflicting with each other:
libc6-mips32-mips64-cross=2.35-3cross1
libc6-mips64-cross=2.35-3cross1
Control: found -1 1:28.2+1-1
Hi Sean,
Sean Whitton wrote:
> On Sun 21 Aug 2022 at 02:46PM +02, Axel Beckert wrote:
> > Version: 1:28.1+1-2
[…]
> > upgrading emacs respectively emacs-gtk from 27.1 to 28.1 causes an
> > endless fork loops during package configuration time:
>
> Are you able to
On Fri, Oct 14, 2022 at 12:18:26AM +0200, Najib B wrote:
> Package: passwd
> Version: 1:4.12.3+dfsg1-1
> Severity: important
> X-Debbugs-Cc: najibbak...@gmail.com
>
> Dear Maintainer,
>
> I have just noticed this issue on chsh that I would like to report to you,
> including a solution that I
Package: apt
Version: 2.4.8
Severity: important
Dear Maintainer,
While working building images using debos[1] with Apertis [2] I noticed strange
behaviors with apt. After debugging the issue, I found what I understand is a
bug and submitted a MR to try to fix it.
On Fri, 2022-10-14 at 11:53 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2022-10-02 at 19:38 +0200, Timo Röhling wrote:
> > The update fixes two vulnerabilities with low priority, i.e.
> > the security team has decided not to issue a DSA.
> >
> > [ Impact ]
> >
On 2022-10-14 12:44:25 +0200, Marco d'Itri wrote:
> On Oct 14, Vincent Lefevre wrote:
> > > This is not "the Debian FAQ" but "the DPKG FAQ", which has been known to
> > > recommend awful things in the past.
> > But it is still considered in the present times by the dpkg developers.
> > Bug
* Adam D. Barratt [2022-10-14 12:53]:
On Fri, 2022-10-14 at 11:53 +0100, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Sun, 2022-10-02 at 19:38 +0200, Timo Röhling wrote:
> The update fixes two vulnerabilities with low priority, i.e.
> the security team has decided not to issue a
On Fri, 2022-10-14 at 13:58 +0200, Timo Röhling wrote:
> * Adam D. Barratt [2022-10-14 12:53]:
> > On Fri, 2022-10-14 at 11:53 +0100, Adam D. Barratt wrote:
> > > Control: tags -1 + confirmed
> > >
> > > On Sun, 2022-10-02 at 19:38 +0200, Timo Röhling wrote:
> > > > The update fixes two
* Adam D. Barratt [2022-10-14 13:04]:
Assuming the diff would be similar to that initially proposed, you can
simply prepare and upload 1.0.0+dfsg-1+deb11u1 and we can sort things
out from there.
It is, so I uploaded the correct version now.
Sorry for the screw-up, I should have noticed that
Package: libconfig-model-dpkg-perl
Version: 2.164
Severity: normal
The docs for Config::Model::Dpkg::Copyright list dthis example for
tweaking:
! Files:'*' Copyright=~s/\s*".*//
Pasting this example into debian/fix.scanned.copyright makes cme update
dpkg-copyright fail with:
Note:
On Oct 14, Vincent Lefevre wrote:
> > This is obviously convenient on Guillem's part, but we have to optimize
> > systems by default for the general case and not just for dpkg -i.
> This dpkg FAQ says that this is not beneficial for just dpkg,
> but also "for any application in the system".
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: debian-p...@lists.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I've uploaded libdatetime-timezone-perl/1:2.47-1+2022e to bullseye,
with the changes
tags 1021766 unreproducible
thanks
Hi madduck,
>Wanting to replace xscreensaver with something better, I took a look
>at xidle. Unfortunately, the simple call
>
>```
>xidle -program /usr/bin/xsecurelock -timeout 5
>```
>
>doesn't cause `xsecurelock` to be spawned after 5 seconds. According
I
Control: owner -1 b...@debian.org
There has been no progress for a year.
I have pushed the package to https://salsa.debian.org/debian/sqlitecpp and will
upload it today.
Control: tag -1 + confirmed
Hi Christoph,
Christoph Berg wrote:
> Apparently when apt update and the check are running at the same time,
> the following can happen:
[…]
> yellow Last apt update: -0.0 day(s) ago
Confirmed. I've seen this, too. I suspect that this actually a tiny
negative value
Followup-For: Bug #1016014
The translated manpages are no longer installed since
85021c6ae7026f99f3a07d63df2646a88c6cc476, but debian/links still creates
the symlinks to them. You only need to keep the first three lines there.
Andreas
Package: schroot
Version: 1.6.13-3
Severity: minor
Hi,
the config file /etc/schroot/schroot.conf ships the following
example of file-based chroot:
#[lenny-file]
#description=Debian lenny (oldstable)
#file=/srv/chroot/lenny.tar.gz
#location=/lenny
#groups=sbuild
The example does not work as is,
Package: libconfig-model-dpkg-perl
Version: 2.164
Severity: normal
Hello,
the docs refer to "debian/fix.copyright" while the filemname used is
fix.scanned.copyright.
cu Andreas
Package: hobbit-plugins
Version: 20201127
Severity: normal
Apparently when apt update and the check are running at the same time,
the following can happen:
Fri Oct 14 15:18:01 2022 - apt NOT ok
Debian GNU/Linux 11 (bullseye)
green Pinned/held packages not installed from apt repositories (2):
Package: autopkgtest
Version: 5.26
Severity: minor
The program autopkgtest-build-qemu needs a few packages to be installed in
order to work properly. However, such packages are not listed as dependencies
of autopkgtest given that they are qemu-specific, and qemu is only one of the
backends
I did a build using the patch from [1] which solved the issue for me.
The modified source and a bookworm/amd64 build can be found using:
-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-✂-
Types: deb
URIs: https://debian.sur5r.net/ceph
Suites: bookworm
Components: main
Signed-By:
Upstream libcamera now properly sets soname version and bumps it for ABI
changes.
Relevant commits in upstream:
utils: Provide a release script
https://git.libcamera.org/libcamera/libcamera.git/commit/?id=fc46d091231e22f47e2056fb854ddf4a999d606a
utils: semver: Add version helper
> On 14. 10. 2022, at 13:13, Shintaro Sakahara wrote:
>
> I created a small example using Docker and put on GitHub so that everyone
> could
> easily reproduce this problem.
Hi,
could you please actually describe the problem into the bugreport? While having
a reproducer is certainly nice,
Package: libreoffice-draw
Version: 1:7.4.2-1
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello!
The desktop file for Linux (/usr/share/applications/libreoffice-draw.desktop)
inside the Debian package 'libreoffice-draw.deb' contains the category
'Graphics twice. See
severity 1021778 minor
thanks
Hi.
Am 14.10.22 um 15:30 schrieb Joerg Schiermeier, Bielefeld/Germany:
can't be ;-)
Severity: normal
No, minor.
The desktop file for Linux
(/usr/share/applications/libreoffice-draw.desktop) inside the Debian
package 'libreoffice-draw.deb' contains the
Control: reassign -1 xkb-data
Control: tags -1 fixed-upstream
This is a bug in 'xkb-data'. It was fixed upstream[1] in version 2.28
[1]
https://github.com/freedesktop/xkeyboard-config/commit/1a31bc681de9560276627b5b3fe20b2dcdbbcf6c
Package: logcheck-database
Version: 1.3.24
Followup-For: Bug #1020827
X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer,
same here, I've patched it locally and just wanted to supply the patch.
Hmm, I've just noticed, there actually already seems to be one. I send
this nonetheless.
--
Package: ftp.debian.org
Please remove python-opcua unstable and testing.
Upstream (https://github.com/FreeOpcUa/python-opcua) says:
> The library is deprecated.
> Please switch to opcua-asyncio
There are no reverse dependencies.
Source: osmo-sgsn
Version: 1.9.0+dfsg1-2
Severity: serious
Hello, as already seen in #1010578 this package suffers of a similar issue when
systemd is in build environment.
Can you please also apply the patch on this package?
I can trigger an rb build to show the failure there too if needed.
Control: tags -1 + confirmed
On Fri, 2022-09-16 at 10:46 +0200, Yadd wrote:
> dojo is vulnerable to prototype pollution (#1014785, CVE-2021-23450)
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Fri, 2022-09-23 at 22:59 +, Thorsten Alteholz wrote:
> The attached debdiff for mod-wsgi fixes CVE-2022-2255 in Bullseye.
> This
> CVE has been marked as no-dsa by the security team.
>
Please go ahead.
Regards,
Adam
Package: wnpp
Owner: deba...@debian.org
Severity: wishlist
* Package name: py-rnp
Version : 0.1.0
Upstream Author : Daniel Wyatt
* URL or Web page : https://github.com/rnpgp/py-rnp
* License : (under investigation)
Description : Intent to Package [ITP]
Python
i'm pretty sure that the corruption issues leading to the
nodelalloc option were considered largely remedied by the
"auto_da_alloc" capability introduced (and enabled by default)
in 2.6.30? how would nodelalloc equal the performance of
delalloc? nodelalloc was all about reliability for programs
Control: tags -1 wontfix
On 2022-09-20 09:35:33 +, Job Bautista wrote:
> Package: ffmpeg
> Version: 7:5.1.1-2
> Severity: wishlist
> X-Debbugs-Cc: jobbautis...@protonmail.com
>
> Dear Maintainer,
>
> Starting in 5.0.1-1, you've disabled sndio support, with the rationale that
> OpenAL will
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: amul.s...@fisglobal.com,
debian-med-packag...@lists.alioth.debian.org
Hi,
as per upstream fis-gtm dropped support for i386. Thus please remove the
package for i386 from Debian.
Thank you for your work as ftpmaster
Andreas.
Source: osmo-hlr
Version: 1.5.0+dfsg1-2
Severity: serious
Hello, as already seen in #1010578 this package suffers of a similar issue when
systemd is in build environment.
Can you please also apply the patch on this package?
I can trigger an rb build to show the failure there too if needed.
Source: libosmo-sccp
Version: 1.6.0+dfsg1-2
Severity: serious
Hello, as already seen in #1010578 this package suffers of a similar issue when
systemd is in build environment.
Can you please also apply the patch on this package?
I can trigger an rb build to show the failure there too if
package release.debian.org
tags 1021172 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: x2gothinclient
Version:
package release.debian.org
tags 1021186 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: debmirror
Version:
package release.debian.org
tags 1021214 = bullseye pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian bullseye.
Thanks for your contribution!
Upload details
==
Package: libconfuse
Version:
Package: xidle
Version: 20200802
Severity: important
Wanting to replace xscreensaver with something better, I took a look
at xidle. Unfortunately, the simple call
```
xidle -program /usr/bin/xsecurelock -timeout 5
```
doesn't cause `xsecurelock` to be spawned after 5 seconds. According
to
Source: npm
Version: 8.5.5~ds1-1~bpo11+1
Severity: normal
Dear Maintainer,
Upgrading node-cacache creates conflict with npm due to node-cacache
package that says:
Breaks: npm (<< 8.6~)
Many thanks,
Patrice
-- System Information:
Debian Release: 11.5
APT prefers stable-updates
APT policy:
Package: apache2
Version: 2.4.54-1~deb11u1
Severity: important
Dear Maintainer,
I recently upgraded my server from Debian 10 to 11 and encountered a problem
where apache2 responded 500 Internal Server Error and then the process exited
when a URL to a type-map, which referenced CGI script as
Source: osmo-ggsn
Version: 1.9.0-2
Severity: serious
Hello, as already seen in #1010578 this package suffers of a similar issue when
systemd is in build environment.
Can you please also apply the patch on this package?
I can trigger an rb build to show the failure there too if needed.
Thanks!
Source: osmo-bsc
Version: 1.9.0-2
Severity: serious
Hello, as already seen in #1010578 this package suffers of a similar issue when
systemd is in build environment.
Can you please also apply the patch on this package?
I can trigger an rb build to show the failure there too if needed.
Thanks!
Package: ftp.debian.org
Please remove the nvptx-tools binaries on mipsel and mips64el, llvm-15 is not
available on these platforms.
1 - 100 of 134 matches
Mail list logo