Package: virtualbox-ose
Version: 1.6.6-dfsg-2
Severity: serious
Tags: security
By creating a symlink /tmp/.vbox-$USER-ipc/lock an attacker can
overwrite any file owned by any user who starts virtualbox. Starting and
then exiting virtualbox is enough to trigger this, you don't need to
start any
Package: snmpd
Severity: grave
Tags: security, patch
Justification: user security hole
Hi
The following announcement has been released by net-snmp upstream:
SECURITY ISSUE: A bug in the getbulk handling code could let anyone
with even minimal access crash the agent. If you have open access
to
Your message dated Sat, 01 Nov 2008 06:47:08 +
with message-id [EMAIL PROTECTED]
and subject line Bug#502707: fixed in ttf-tiresias 0.1-1.1
has caused the Debian Bug report #502707,
regarding ttf-{atarismall,beteckna,goudybookletter,okolaks,radisnoir,tiresias
}: installation fails: needs to
Your message dated Sat, 01 Nov 2008 06:47:06 +
with message-id [EMAIL PROTECTED]
and subject line Bug#502707: fixed in ttf-okolaks 0.5-2.1
has caused the Debian Bug report #502707,
regarding ttf-{atarismall,beteckna,goudybookletter,okolaks,radisnoir,tiresias
}: installation fails: needs to
Your message dated Sat, 01 Nov 2008 07:17:03 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503791: fixed in javassist 1:3.8.1-2
has caused the Debian Bug report #503791,
regarding javassist: java bytecode / java runtime version mismatch
to be marked as done.
This means that you
Your message dated Sat, 01 Nov 2008 07:17:05 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503788: fixed in libcobra-java 0.98.2-2
has caused the Debian Bug report #503788,
regarding libcobra-java: java bytecode / java runtime version mismatch
to be marked as done.
This means that
Your message dated Sat, 01 Nov 2008 07:02:07 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503800: fixed in libgdata-java 1.20.0+dak1-2
has caused the Debian Bug report #503800,
regarding libgdata-java: java bytecode / java runtime version mismatch
to be marked as done.
This means
(sorry for messages in French but you'll get the point)
[EMAIL PROTECTED]:~ apt-get install sbcl
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
Les paquets supplémentaires suivants seront installés :
binfmt-support cl-asdf
Your message dated Sat, 01 Nov 2008 07:32:03 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503783: fixed in libcodemodel-java 2.0-3
has caused the Debian Bug report #503783,
regarding libcodemodel-java: java bytecode / java runtime version mismatch
to be marked as done.
This means
Ryan, a few days ago you pointed
http://mentors.debian.net/debian/pool/main/l/libnagios-object-perl/libnagios-object-perl_0.14-2.dsc
in this bug report but there's nothing there.
Has someone already attempted to sponsor that package?
--
signature.asc
Description: Digital signature
Your message dated Sat, 01 Nov 2008 07:32:05 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503799: fixed in libhamcrest-java 1.1-2
has caused the Debian Bug report #503799,
regarding libhamcrest-java: java bytecode / java runtime version mismatch
to be marked as done.
This means
As the bug submitter said, this bug only happens when kdebluetooth is
used with KDE4.
As KDE4 packages are not and will not be in lenny, I suspect that this
bug should be tagged lenny-ignore.
CC'ing the release team...
--
signature.asc
Description: Digital signature
On Sat, Nov 01, 2008 at 08:46:43AM +0100, Christian Perrier wrote:
Ryan, a few days ago you pointed
http://mentors.debian.net/debian/pool/main/l/libnagios-object-perl/libnagios-object-perl_0.14-2.dsc
in this bug report but there's nothing there.
Has someone already attempted to sponsor that
Quoting Ryan Niebur ([EMAIL PROTECTED]):
On Sat, Nov 01, 2008 at 08:46:43AM +0100, Christian Perrier wrote:
Ryan, a few days ago you pointed
http://mentors.debian.net/debian/pool/main/l/libnagios-object-perl/libnagios-object-perl_0.14-2.dsc
in this bug report but there's nothing there.
On Thu, Oct 16, 2008 at 09:54:05PM +0200, Aurelien Jarno wrote:
On Thu, Oct 16, 2008 at 07:20:35PM +0200, Frank Lichtenheld wrote:
Note that the list of regressions differ by architecture, but it
is probably not useful at this point to make a separate bug for
each of them, right?
Yes, they
Christian Perrier wrote:
As the bug submitter said, this bug only happens when kdebluetooth is
used with KDE4.
As KDE4 packages are not and will not be in lenny, I suspect that this
bug should be tagged lenny-ignore.
CC'ing the release team...
Tagging it sid should be enough. It's not
Processing commands for [EMAIL PROTECTED]:
tags 504109 + sid
Bug#504109: [kdebluetooth] protocol not supported bluetooth error trying...
There were no tags set.
Tags added: sid
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system
Your message dated Sat, 1 Nov 2008 11:12:48 +0100
with message-id [EMAIL PROTECTED]
and subject line Closing this bug in lenny
has caused the Debian Bug report #494340,
regarding fslview: FTBFS in lenny: CMake errors
to be marked as done.
This means that you claim that the problem has been dealt
On Fri, Oct 31, 2008 at 03:52:31PM +0100, Andreas Barth wrote:
1. Currently, the submitter claims that the bug is serious, the
maintainer don't think so, and there is no decision by the release team
yet. So the current state of the bug isn't serious, but important.
ie, the views (on serious
Quoting Luk Claes ([EMAIL PROTECTED]):
Christian Perrier wrote:
As the bug submitter said, this bug only happens when kdebluetooth is
used with KDE4.
As KDE4 packages are not and will not be in lenny, I suspect that this
bug should be tagged lenny-ignore.
CC'ing the release
Processing commands for [EMAIL PROTECTED]:
severity 504109 wishlist
Bug#504109: [kdebluetooth] protocol not supported bluetooth error trying...
Severity set to `wishlist' from `grave'
retitle 504109 please provide a kde4 version of kdebluetooth
Bug#504109: [kdebluetooth] protocol not supported
Hi,
as far as i see there was no security reason to remove this package.
The only other reason i could see is that there would be no possible
upgrade path from 1.2.x to 1.4.x. Maybe someone can explain me?
I think lenny without ocfs2 support at all is worse than having an
outdated (but at least
I have 965 board and card
[EMAIL PROTECTED]:~$ lspci | grep -i vga
00:02.0 VGA compatible controller: Intel Corporation Mobile
GM965/GL960 Integrated Graphics Controller (rev 0c)
I never had problems with font rendering, right now I'm using
xserver-xorg-video-intel (2:2.3.2-2+lenny5) and I've
Package: libphp-snoopy
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libphp-snoopy.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier
Package: ampache
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for ampache.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows remote
Package: mahara
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for mahara.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows remote
Package: pixelpost
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for pixelpost.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows
severity 504109 wishlist
retitle 504109 please provide a kde4 version of kdebluetooth
thanks
On Saturday 01 November 2008 11:25:42 Christian Perrier wrote:
No, from the submitter's information, this is not a bug in lenny.
and from KDE point of view, it is not a bug as such.
/Sune
--
I'm not
Package: mediamate
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for mediamate.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows
Mark Purcell wrote:
On Friday 19 September 2008 15:56:05 Stephen Kitt wrote:
Thanks for the patch and the info, the next upload will fix both issues. It
won't happen in the next few days though
Stephen,
Any progress on your upload to resolve this RC bug against lenny?
I can't reproduce
Package: opendb
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for opendb.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows remote
Hi Bruno,
* Bruno De Fraine [EMAIL PROTECTED] [2008-10-29 18:43]:
[...]
Nico, do you think this would be sufficient to rule out the vulnerability?
I didn't get this message because you didn't CC me.
I just had a look at the applied patch and I think this is
sufficient.
You didn't fix
Processing commands for [EMAIL PROTECTED]:
found 503118 0.8.6.h-4
Bug#503118: vlc: CVE-2008-4686 integer overflow in ty parsing
Bug marked as found in version 0.8.6.h-4.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: apt
Version: 0.7.17~exp4
Severity: serious
On Sat, Nov 01, 2008 at 06:38:46AM -0600, Buildd user wrote:
Automatic build of apt_0.7.17~exp4 on zx6000 by sbuild/ia64 98-farm
Build started at 20081101-0631
Hi Charlie
Thanks for the bug report.
I have addressed this issue in ampache-3.4.3-1 which is currently on
m.d.n [1] awaiting sponsoring.
With Lenny so close to release I am contacting my usual sponsor for
guidance on which would be the best solution for this bug:
a. use supplied patch,
Hi Steve,
any reason this hasn't yet been uploaded?
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpmw15c6RZ7D.pgp
Description: PGP signature
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4796
http://security-tracker.debian.net/tracker/CVE-2008-4796
[1] http://klecker.debian.org/~white/libphp-snoopy/CVE-2008-4796.patch
Steffen,
Thanks for the bug report.
I
Hi,
attached is a ported version of the patch for 0.8.6.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -Nurad vlc-0.8.6.h.orig/modules/demux/ty.c vlc-0.8.6.h/modules/demux/ty.c
Source: hf
Severity: grave
Tags: security
- Forwarded message from Steve Kemp [EMAIL PROTECTED] -
From: Steve Kemp [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: [Secure-testing-team] hf -
Processing commands for [EMAIL PROTECTED]:
# Automatically generated email from bts, devscripts version 2.10.35
retitle 504182 hf: CVE-2008-2378 insecure system call leading to local root
Bug#504182: [EMAIL PROTECTED]: [Secure-testing-team] hf - CVE-2008-2378 - local
root exploit]
Changed Bug
Hi Nico,
I'm just waiting for a sponsor upload. I have uploaded the fix into
ubuntu 8.10
Steve
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi Josh,
* Josh Triplett [EMAIL PROTECTED] [2008-11-01 04:16]:
Package: htop
Version: 0.7-1
Severity: grave
Tags: security
Justification: user security hole
htop does not filter non-printable characters in process names. Test
case:
echo -e '#!/bin/sh\nwhile :;do :;done' $(echo -ne
Processing commands for [EMAIL PROTECTED]:
# Automatically generated email from bts, devscripts version 2.10.35
severity 504149 grave
Bug#504149: virtualbox-ose: symlink vulnerability due to bad /tmp handling
Severity set to `grave' from `serious'
End of message, stopping processing here.
Hi Steve,
* Steve Stalcup [EMAIL PROTECTED] [2008-11-01 14:55]:
I'm just waiting for a sponsor upload. I have uploaded the fix into ubuntu
8.10
I can sponsor the upload if you want.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons,
On Sat, Nov 1, 2008 at 1:36 PM, Nico Golde [EMAIL PROTECTED] wrote:
Hi Bruno,
* Bruno De Fraine [EMAIL PROTECTED] [2008-10-29 18:43]:
[...]
Nico, do you think this would be sufficient to rule out the vulnerability?
I didn't get this message because you didn't CC me.
I just had a look at the
* Moritz Muehlenhoff | 2008-11-01 12:42:30 [+0100]:
Mark Purcell wrote:
On Friday 19 September 2008 15:56:05 Stephen Kitt wrote:
Thanks for the patch and the info, the next upload will fix both issues. It
won't happen in the next few days though
Stephen,
Any progress on your upload to
severity 504099 important
thanks
Hi,
On Fri, Oct 31, 2008 at 09:45:57PM +0900, Osamu Aoki wrote:
It may cause data loss due to wrong imprssion this software gives and
freitend user may do funny thing. data loss is grave bug
You use the verb may, hence you have no valid claim of a security
Your message dated Sat, 01 Nov 2008 14:50:16 +
with message-id [EMAIL PROTECTED]
and subject line re: imagej: java bytecode / java runtime version mismatch
has caused the Debian Bug report #503777,
regarding imagej: java bytecode / java runtime version mismatch
to be marked as done.
This
Hi Ludovic,
* Ludovic Rousseau [EMAIL PROTECTED] [2008-11-01 15:55]:
On Sat, Nov 1, 2008 at 1:36 PM, Nico Golde [EMAIL PROTECTED] wrote:
Hi Bruno,
* Bruno De Fraine [EMAIL PROTECTED] [2008-10-29 18:43]:
[...]
Nico, do you think this would be sufficient to rule out the vulnerability?
I
Processing commands for [EMAIL PROTECTED]:
severity 504099 important
Bug#504099: gnu-fdisk: fails to display GPT partition properly
Severity set to `important' from `grave'
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
This version won't help. First of all, I strongly doubt that the release team
would accept such intrusive changes for lenny. Second, the file should just
be removed and a dependency added against libphp-snoopy. Of course you will
have to check that it still works correctly. Keep in mind
Processing commands for [EMAIL PROTECTED]:
clone 503645 -1
Bug#503645: jhead: CVE-2008-4640, CVE-2008-4641 command injection via filename
and insecure file handling
Bug 503645 cloned as bug 504194.
reopen -1
Bug#504194: jhead: CVE-2008-4640, CVE-2008-4641 command injection via filename
and
clone 503645 -1
reopen -1
retitle -1 CVE-2008-4640: insecure file handling
thank
Nico Golde a écrit :
Hi Ludovic,
* Ludovic Rousseau [EMAIL PROTECTED] [2008-11-01 15:55]:
On Sat, Nov 1, 2008 at 1:36 PM, Nico Golde [EMAIL PROTECTED] wrote:
Hi Bruno,
* Bruno De Fraine [EMAIL PROTECTED]
Hi Paul
Any reason why you didn't upload your NMU yet?
Cheers
Luk
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Your message dated Sat, 01 Nov 2008 16:02:03 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503789: fixed in libxstream-java 1.3-4
has caused the Debian Bug report #503789,
regarding libxstream-java: java bytecode / java runtime version mismatch
to be marked as done.
This means
Your message dated Sat, 01 Nov 2008 16:17:04 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503786: fixed in libjgroups-java 2.6.3.GA+dfsg1-2
has caused the Debian Bug report #503786,
regarding libjgroups-java: java bytecode / java runtime version mismatch
to be marked as done.
Processing commands for [EMAIL PROTECTED]:
package apt
Ignoring bugs not assigned to: apt
severity 504006 important
Bug#504006: Bug still not closed
Bug#400768: apt: Returns E: Wow, you exceeded the number of versions this APT
is capable of
Bug#466643: please increase number of package names
Hi,
On Wed, 2008-10-29 at 21:25:50 +0100, Moritz Muehlenhoff wrote:
Kurt Roeckx wrote:
Package: lockvc
Version: 4.0.5-6
Severity: serious
It seems that lockvc sometimes segfaults on me. It's not doing it all
time, but atleast once a week.
If there was a backtrace I might try to fix
Package: recite
Version: 1.0-8
Severity: grave
Tags: security
Justification: renders package unusable
When running recite ok, me and two other fairly random lenny users
get a segmentation violation. Also a fairly random sid user reported
this problem.
(Fairly random here means people on an irc
On Sat, 2008-11-01 at 17:07 +0100, Luk Claes wrote:
Any reason why you didn't upload your NMU yet?
As I wrote to debian-release, I'm not hugely familiar with debconf and
maintainer scripts, so I was hoping the release team wouldn't mind
reviewing and ACKing the patch.
--
bye,
pabs
On Sat, Nov 01, 2008 at 06:29:10PM +0200, Guillem Jover wrote:
Hi,
On Wed, 2008-10-29 at 21:25:50 +0100, Moritz Muehlenhoff wrote:
Kurt Roeckx wrote:
Package: lockvc
Version: 4.0.5-6
Severity: serious
It seems that lockvc sometimes segfaults on me. It's not doing it all
Paul Wise wrote:
On Sat, 2008-11-01 at 17:07 +0100, Luk Claes wrote:
Any reason why you didn't upload your NMU yet?
As I wrote to debian-release, I'm not hugely familiar with debconf and
maintainer scripts, so I was hoping the release team wouldn't mind
reviewing and ACKing the patch.
Processing commands for [EMAIL PROTECTED]:
found 504194 2.84-1
Bug#504194: CVE-2008-4640: insecure file handling
Bug marked as found in version 2.84-1.
found 503645 2.84-1
Bug#503645: jhead: CVE-2008-4640, CVE-2008-4641 command injection via filename
and insecure file handling
Bug marked as
severity 504194 important
thank
On Sat, Nov 1, 2008 at 4:36 PM, Ludovic Rousseau
[EMAIL PROTECTED] wrote:
Nico Golde a écrit :
Hi Ludovic,
* Ludovic Rousseau [EMAIL PROTECTED] [2008-11-01 15:55]:
If I understand correctly it will just delete
files with names derived from existing files. I
Processing commands for [EMAIL PROTECTED]:
severity 504194 important
Bug#504194: CVE-2008-4640: insecure file handling
Severity set to `important' from `grave'
thank
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator,
Your message dated Sat, 01 Nov 2008 17:32:03 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503804: fixed in tinylaf 1.3.8-4
has caused the Debian Bug report #503804,
regarding tinylaf: java bytecode / java runtime version mismatch
to be marked as done.
This means that you claim
Package: gkrellm
Version: 2.3.2-1
Severity: grave
Justification: renders package unusable
The gkrellm packaging is not installing /usr/include/gkrellm2/log.h which
is used by /usr/include/gkrellm2/gkrellm.h. This is causing some, if not
all of the gkrellm-* packages to FTBFS.
Regards,
Bradley
Package: fasianoptions
Version: 270.74-1
Severity: serious
Hi,
Your package is failing to build with the following error:
Loading required package: fOptions
Error in loadNamespace(name) : there is no package called 'fImport'
Error in as.environment(pos) :
no item called newtable on the search
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[sent again, to all this time!]
On Sat, Nov 01, 2008 at 04:45:03PM +, Dominic Hargreaves wrote:
severity 504082 grave
thanks
On Fri, Oct 31, 2008 at 12:13:11PM +0100, Jonas Smedegaard wrote:
On Fri, Oct 31, 2008 at 12:44:00PM +0200, Timo
Your message dated Sat, 01 Nov 2008 18:17:03 +
with message-id [EMAIL PROTECTED]
and subject line Bug#504168: fixed in libphp-snoopy 1.2.4-1
has caused the Debian Bug report #504168,
regarding CVE-2008-4796: missing input sanitising
to be marked as done.
This means that you claim that the
Package: mscore
Version: 0.9.3+dfsg-1
Severity: serious
Hi,
Your package is failing to build with the following error:
Loading required package: fArma
Error in loadNamespace(name) : there is no package called 'fImport'
Error in as.environment(pos) :
no item called newtable on the search list
tags 504082 -patch
thanks
On Sat, Nov 01, 2008 at 04:45:03PM +, Dominic Hargreaves wrote:
On Fri, Oct 31, 2008 at 12:13:11PM +0100, Jonas Smedegaard wrote:
On Fri, Oct 31, 2008 at 12:44:00PM +0200, Timo Sirainen wrote:
On Oct 31, 2008, at 11:53 AM, Jonas Smedegaard wrote:
I experienced
Processing commands for [EMAIL PROTECTED]:
tags 504082 -patch
Bug#504082: dovecot: assertion failures on amd64 suspected to be from being
built using broken flex
Tags were: patch
Tags removed: patch
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug
reassign 504215 fnonlinear 270.74-1
retitle 504215 fnonlinear: FTBFS: there is no package called 'fImport'
thanks
Ooops, wrong package.
Kurt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Sat, Nov 1, 2008 at 6:23 PM, Kurt Roeckx [EMAIL PROTECTED] wrote:
Your package is failing to build with the following error:
Loading required package: fArma
Error in loadNamespace(name) : there is no package called 'fImport'
I do not believe the fault to lie with mscore, here, as the
On 1 November 2008 at 18:56, Kurt Roeckx wrote:
| Package: fasianoptions
| Version: 270.74-1
| Severity: serious
|
| Hi,
|
| Your package is failing to build with the following error:
| Loading required package: fOptions
| Error in loadNamespace(name) : there is no package called 'fImport'
|
On Sat, Nov 01, 2008 at 06:36:23PM +, Toby Smithe wrote:
On Sat, Nov 1, 2008 at 6:23 PM, Kurt Roeckx [EMAIL PROTECTED] wrote:
Your package is failing to build with the following error:
Loading required package: fArma
Error in loadNamespace(name) : there is no package called 'fImport'
Steffen Joeris wrote:
the following CVE (Common Vulnerabilities Exposures) id was
published for mediamate.
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows remote attackers to execute arbitrary commands via
| shell metacharacters in
On Sat, Nov 01, 2008 at 01:43:52PM -0500, Dirk Eddelbuettel wrote:
On 1 November 2008 at 18:56, Kurt Roeckx wrote:
| Package: fasianoptions
| Version: 270.74-1
| Severity: serious
|
| Hi,
|
| Your package is failing to build with the following error:
| Loading required package:
On 1 November 2008 at 19:52, Kurt Roeckx wrote:
| On Sat, Nov 01, 2008 at 01:43:52PM -0500, Dirk Eddelbuettel wrote:
|
| On 1 November 2008 at 18:56, Kurt Roeckx wrote:
| | Package: fasianoptions
| | Version: 270.74-1
| | Severity: serious
| |
| | Hi,
| |
| | Your package is failing
Your message dated Sat, 01 Nov 2008 19:02:02 +
with message-id [EMAIL PROTECTED]
and subject line Bug#504210: fixed in fasianoptions 270.74-2
has caused the Debian Bug report #504210,
regarding fasianoptions: FTBFS: there is no package called 'fImport'
to be marked as done.
This means that
Your message dated Sat, 01 Nov 2008 19:17:02 +
with message-id [EMAIL PROTECTED]
and subject line Bug#504215: fixed in fnonlinear 270.74-2
has caused the Debian Bug report #504215,
regarding fnonlinear: FTBFS: there is no package called 'fImport'
to be marked as done.
This means that you
On Sat, 2008-11-01 at 19:28 +0100, Jonas Smedegaard wrote:
Attached is a corruption discovered this morning, and my hand-crafted
corection that pleased offlineimap. They are gzipped simply to convince
mutt that they shouldn't be treated as ascii (I am not familar with
educating mutt
Hi Timo,
On Sat, Nov 01, 2008 at 09:32:30PM +0200, Timo Sirainen wrote:
On Sat, 2008-11-01 at 19:28 +0100, Jonas Smedegaard wrote:
Attached is a corruption discovered this morning, and my hand-crafted
corection that pleased offlineimap. They are gzipped simply to
convince mutt that they
Package: libavcodec-dev, libavformat-dev
Version: 3:0.svn20080925-1
Severity: grave
Hi,
libavcodec-dev and libavformat-dev miss some dependencies.
libavcodec's pkg-config file says:
Requires.private: libraw1394 theora vorbisenc libavutil = 49.10.0
libavformat's pkg-config file says:
Submitter and Luigi, is your problem caused by portmap?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Steffen,
I have placed ampache-3.4.1-2 up on m.d.n. for your review and upload.
http://mentors.debian.net/debian/pool/main/a/ampache
With this upload I have made the package dependent on
- libphp-snoopy - to correct bug #504169
- libjs-prototype - this is also a duplicate copy of code,
I tested this issue on my Debian Etch machine with gimp version 2.2.
There is the same GTK theme installed and there is no such bug with
gimp's crashing.
Maybe there is bug in some of GTK libraries?
P.S. I use theme based on candido gtk engine from http://candido.berlios.de/
--
To
Nope, the crash was pretty clearly in the engine. I'm sure gimp 2.4 uses
newer features of GTK, which the theme could have problems with. I
haven't received any other reports of a crash under these circumstances.
Sergey I. Sharybin wrote:
I tested this issue on my Debian Etch machine with gimp
Your message dated Sat, 01 Nov 2008 21:32:16 +
with message-id [EMAIL PROTECTED]
and subject line Bug#504209: fixed in gkrellm 2.3.2-2
has caused the Debian Bug report #504209,
regarding gkrellm: Missing log.h
to be marked as done.
This means that you claim that the problem has been dealt
Your message dated Sat, 01 Nov 2008 21:32:30 +
with message-id [EMAIL PROTECTED]
and subject line Bug#503900: fixed in libnagios-object-perl 0.14-2
has caused the Debian Bug report #503900,
regarding libnagios-object-perl doesn't work with Nagios 3
to be marked as done.
This means that you
On Sat, Nov 01, 2008 at 10:11:56PM +1100, Steffen Joeris wrote:
Package: mahara
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for mahara.
CVE-2008-4796[0]:
| The _httpsrequest function
Processing commands for [EMAIL PROTECTED]:
package mahara
Ignoring bugs not assigned to: mahara
tags 504170 confirmed
Bug#504170: CVE-2008-4796: missing input sanitising in Snoopy.class.php
Tags were: patch security
Tags added: confirmed
stop
Stopping processing here.
Please contact me if
Your message dated Sat, 1 Nov 2008 18:56:35 -0400
with message-id [EMAIL PROTECTED]
and subject line Re: Bug#478105: seperate issue?
has caused the Debian Bug report #478105,
regarding funguloids: crashes on startup
to be marked as done.
This means that you claim that the problem has been dealt
Your message dated Sat, 01 Nov 2008 23:02:04 +
with message-id [EMAIL PROTECTED]
and subject line Bug#504161: fixed in openmpi 1.2.8-2
has caused the Debian Bug report #504161,
regarding libopenmpi-dev: Package cannot be installed
to be marked as done.
This means that you claim that the
Jamin W. Collins wrote:
Steffen Joeris wrote:
The extracted patch for Snoopy.class.php can be found here[1]. However
it would be much appreciated (and it is a release goal anyway), if
you could just depend on libphp-snoopy, instead of duplicating the code.
(Maybe you need to change some
Filipus Klutiero ha scritto:
Submitter and Luigi, is your problem caused by portmap?
Yes, it is (I can only speak for myself, obviously).
I simply disabled portmap from automatic execution and my laptop cleanly
unmounts the partitions during shutdown.
Strangely enough, portmap terminates
The build process for the tzdata package involves running zic
(included in libc6) on a collection of text source files downloaded
from upstream, and included in the tzdata source package (but not the
binary package). This creates the binary files in /usr/share/zoneinfo
libtzinfo-ruby has a script
Package: openchange
Version: 1.0~svn842-1
Severity: serious
Hi,
your package failed to build from source. Since the error occours in a
samba4 header, the bug might actually be located there, feel free to
reassign or clone the bug in this case.
| Automatic build of openchange_1.0~svn842-1 on
Package: wordpress
Severity: grave
Version: 2.5.1-8
Tags: security, patch
Hi,
The following CVE (Common Vulnerabilities Exposures) id was published for
snoopy, which affects the embedded copy shipped in wordpress[0].
CVE-2008-4796[1]:
The _httpsrequest function (Snoopy/Snoopy.class.php) in
1 - 100 of 117 matches
Mail list logo