Source: phabricator
Version: 0~git20141101-1
Severity: serious
Justification: Policy §9.1.4
Dear Maintainer,
The daemon initscript does not create /run/phabricator and as a result
the daemons do not start on boot until the directory is created
manually:
Daemon:[2015-01-20 11:22:48]
On Sat, 17 Jan 2015 12:12:31 + Jonathan Wiltshire j...@debian.org
wrote:
Hi,
...
Unfortunatley this isn't suitable for including in Jessie. Could you
prepare an upload that only fixes this bug, and not the other changes like
hardening for nginx?
Thank you for your advice.
Ok, I'll
Hi!
Can you give me pointers where those bugreports exist? Do you have
first hand experience that it's not working correctly?
I made netboot images onto my USB sticks and they worked.
This exchange is sadly pretty common when it comes to unetbootin and we see
this frequently in #debian.
Package: tomcat7
Version: 7.0.56-1~bpo70+2
Severity: grave
Tags: d-i
Justification: renders package unusable
Dear Maintainer,
https://issues.apache.org/bugzilla/show_bug.cgi?id=57445 no longer occurs if
in /usr/share/java
eclipse-ecj.jar symlinks to eclipse-ecj-4.4.jar
Regards
Ralf
See
Hi Ralf,
Thank you for the report. Could you install the libecj-java/3.10.1-1
package from the wheezy-backports and try again please? It contains the
version 4.4 used by Tomcat upstream and is likely to fix this issue.
Emmanuel Bourg
--
To UNSUBSCRIBE, email to
Severity: serious
Justification: GSM modem support will not work out-of-the-box with
non-systemd setups
Hi,
I see a similar issue about ModemManager not coming up by default via
network-manager.
The reason is simple (after staring at mm and nm from jessie and
wheezy for a while):
o
Processing commands for cont...@bugs.debian.org:
severity #770871 serious
Bug #770871 [modemmanager] modemmanager: ModemManager does not start
automatically
Severity set to 'serious' from 'important'
thanks
Stopping processing here.
Please contact me if you need assistance.
--
770871:
On Wed, 2014-12-17 13:11:32 +, Jurica Stanojkovic wrote:
Package: tbb
Version: 4.2~20140122-4
Severity: serious
Tags: sid + patch
Justification: FTBFS
User: debian-m...@lists.debian.org
Usertags: mips-patch
Hello,
Package tbb_4.2~20140122-4 FTBFS on mips and mipsel.
Mips platform
Package: base
Severity: serious
Justification: Policy 9.11
Dear Maintainer,
I initially reported this problem on the debian-user list (17 Dec 2014). Here
follow the description of the problem that I described:
I'm running Debian testing (jessie) on an HP EliteBook 840 G1 laptop.
Everything goes
Simon Horman ho...@verge.net.au writes:
On Mon, Jan 19, 2015 at 09:26:36AM +0900, Christian Balzer wrote:
Meanwhile, here in what it what we tenuously call reality one can observe
the following things:
1. Pacemaker broken in Jessie for more than 2 months now.
2. Silence on this bug for
Am 20.01.2015 um 14:50 schrieb Michael Biebl:
I'd rather have NM use a runtime check for systemd (sd_booted()).
All the code still seems to be there [1], it just needs to be changed to
use a runtime check instead of compile time.
I'm inclined to re-assign this to NM.
I hope we can get
On Mon, Jan 19, 2015 at 07:42:37AM +0900, Mike Hommey wrote:
On Sun, Jan 18, 2015 at 11:37:28AM +, Steve McIntyre wrote:
The ENOSPC handling has been bad in the past, but it's not clear that
was the cause of your original bug. :-/ *Now* it's a very bad state to
be in, and may cause other
I'd also like to know how to get involved on that.
I currently see two possibilities:
a) address the important, release critical bugs.
However, ideally would need someone of the old maintainers/uploaders
(added as CC) to sponsor that.
b) See if a quick backport will be possible after the
On 20 January 2015 at 10:51, Aníbal Monsalve Salazar ani...@debian.org wrote:
Hello Steven,
Hi Aníbal,
At IMGtech.com, we would like to support this patch for tbb.
If you prefer, I could sponsor a new Debian version of tbb including
Jurica's patch.
Taking a look at this patch, I would
Control: reassign -1 doomsday
I once helped to get the package back up into shape in order to
provide another alternative engine (besides prboom-plus) that was able
to run freedoom. This was around the time when vavoom became unusable
and was eventually removed from Debian.
Meanwhile,
Processing control commands:
reassign -1 doomsday
Bug #775830 [src:deng] deng: has no human maintainer anymore
Bug reassigned from package 'src:deng' to 'doomsday'.
No longer marked as found in versions deng/1.10.4-2.
Ignoring request to alter fixed versions of bug #775830 to the same values
tags: -1 + moreinfo help
Am 20.01.2015 um 11:42 schrieb Mike Gabriel:
Severity: serious
Justification: GSM modem support will not work out-of-the-box with
non-systemd setups
Hi,
I see a similar issue about ModemManager not coming up by default via
network-manager.
The reason is
Source: deng
Version: 1.10.4-2
Severity: serious
Justification: Policy 5.6.3
Hi all,
I once helped to get the package back up into shape in order to
provide another alternative engine (besides prboom-plus) that was able
to run freedoom. This was around the time when vavoom became unusable
and
Package: moodle
Severity: grave
Tags: security
Justification: user security hole
The current Moodle package in the archive is affected by multiple security
issues:
Cheers,
Moritz
https://security-tracker.debian.org/tracker/CVE-2015-0218
On Wed, Nov 19, 2014 at 11:17:43PM +0100, Moritz Muehlenhoff wrote:
Source: cyassl
Severity: grave
Tags: security
Please see https://marc.info/?l=oss-securitym=139779940032403w=2
In addition there are five issues fixed in the local copy in MySQL.
Please check with upstream, in which cyassl
Processing commands for cont...@bugs.debian.org:
submitter 759691 !
Bug #759691 [src:ck] ck: file ck_hclh is not cleaned by debian/rules clean
Changed Bug submitter to 'James Cowgill james...@cowgill.org.uk' from 'James
Cowgill james.cowg...@imgtec.com'
submitter 770457 !
Bug #770457 {Done:
Package: node-serve-static
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see https://nodesecurity.io/advisories/serve-static-open-redirect
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe.
Your message dated Tue, 20 Jan 2015 16:30:43 +
with message-id e1ydbht-0003kk...@franck.debian.org
and subject line Bug#775672: Removed package(s) from unstable
has caused the Debian Bug report #774366,
regarding ploader: Fails to log in with Can't locate object method ParseDate
via package
Processing commands for cont...@bugs.debian.org:
found 775843 1.6.4-1
Bug #775843 [node-serve-static] node-serve-static: CVE-2015-1164
Marked as found in versions node-serve-static/1.6.4-1.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
775843:
Hi,
Michael Gilbert wrote:
I prepared a patch fixing resolvconf's bashisms. Please test.
I've just tested this patch on the machine where I initially run into
this issue.
I can confirm that dhclient-script no more throws errors with
Michael's patch and /etc/resolv.conf respectively its
tag #775638 + confirmed
clone #775638 -1
reassign -1 geoip-bin
retitle -1 geoip-generator produces faulty v6/city database
severity -1 grave
found -1 1.6.2-3
thanks
Hi
Am 18.01.2015 um 05:21 schrieb Debian Bug Tracking System:
Processing commands for cont...@bugs.debian.org:
reassign 775638
Processing commands for cont...@bugs.debian.org:
tag #775638 + confirmed
Bug #775638 [geoip-database] IPv6 database is corrupt
Added tag(s) confirmed.
clone #775638 -1
Bug #775638 [geoip-database] IPv6 database is corrupt
Bug 775638 cloned as bug 775851
reassign -1 geoip-bin
Bug #775851
Source: timblserver
Version: 1.7-4
Severity: serious
Tags: sid
Hi,
timblserver FTBFS in unstable (but not in testing) on amd64 with the
following error:
/bin/bash ../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I. -I..
-I../include -D_FORTIFY_SOURCE=2 -g -O2
Control: severity -1 important
On Tue, 20 Jan 2015 15:03:12 +0100 Fabian Greffrath
fabian+deb...@greffrath.com wrote:
Source: deng
Version: 1.10.4-2
Severity: serious
Justification: Policy 5.6.3
Hi all,
I once helped to get the package back up into shape in order to
provide another
Processing commands for cont...@bugs.debian.org:
# #759841 has a better title than #705026, so steal it :)
retitle 705026 minbar: FTBFS: ld: minbar-main.o: undefined reference to
symbol 'sincos@@GLIBC_2.2.5'
Bug #705026 [minbar] minbar: fails to build, underlinked against libm
Changed Bug
On Mon, 05 Jan 2015 20:57:05 +0100 Christian Kastner deb...@kvr.at wrote:
If this second PAM session via systemd-user is indeed intended to be
merely a background thing, them common-session-noninteractive should be
the way to go anyway. But I'm not familiar enough with systemd to make
that
Hello,
came across launchpad bug #1360241 [1] which discusses the same error.
There it comes from ubuntu-ui-toolkit tests.
There they did revert their mesa package to depend on llvm-3.4 instead
of llvm-3.5.
So did I and recompiled mesa to use llvm-3.4 (see attached patch).
And with these
On Mon, 19 Jan 2015 11:45:28 +0100
Matthias Klose d...@debian.org wrote:
reopen 769797
found 769797 4.9.1-4
thanks
On 01/18/2015 11:51 AM, Debian Bug Tracking System wrote:
Your message dated Sun, 18 Jan 2015 10:46:31 +
with message-id 20150118104631.13a3ecaf@sylvester.codehelp
Your message dated Tue, 20 Jan 2015 15:19:06 +
with message-id e1ydaaa-00031b...@franck.debian.org
and subject line Bug#774854: fixed in fex 20150120-1
has caused the Debian Bug report #774854,
regarding fex: fails to install: subprocess installed post-installation script
returned error exit
Your message dated Tue, 20 Jan 2015 15:19:06 +
with message-id e1ydaaa-00031x...@franck.debian.org
and subject line Bug#773751: fixed in fex 20150120-1
has caused the Debian Bug report #773751,
regarding race condition between fur and fex_cleanup
to be marked as done.
This means that you
Processing control commands:
severity -1 important
Bug #775830 [doomsday] deng: has no human maintainer anymore
Severity set to 'important' from 'serious'
--
775830: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775830
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Thanks Patrick. One note - just like the v6 issue, the gdnsd test suite
is detecting a genuine problem in the city DB. It is something wrong with
the city DB creation tools that's causing it (i.e. not just an issue with
the gdnsd tests). I just haven't finished tracking down exactly what the
peter green wrote:
I have just prepared a patch against wheezy's openjdk-6 to disable the
timebomb code. I have attatched this patch which I am currently in the
process of testing.
I have tested that my patch results in succesful builds of openjdk-6 and
openjdk-7 in raspbian wheezy.
On Sat, 17 Jan 2015, Ben Hutchings wrote:
chown() and write() should clear all privilege attributes on
a file - setuid, setgid, setcap and any other extended
privilege attributes.
However, any attributes beyond setuid and setgid are managed by the
LSM and not directly by the filesystem, so
Hi!
On Tue, Jan 20, 2015 at 09:47:26PM +0100, Yves-Alexis Perez wrote:
CVEs should follow soon. Also, I guess Wheezy and Jessie are affected too, so
a
DSA might be needed.
They were assigned now:
http://www.openwall.com/lists/oss-security/2015/01/20/11
Regards,
Salvatore
--
To
On Tue, Jan 20, 2015 at 01:44:37PM +, Steve McIntyre wrote:
On Mon, Jan 19, 2015 at 07:42:37AM +0900, Mike Hommey wrote:
On Sun, Jan 18, 2015 at 11:37:28AM +, Steve McIntyre wrote:
The ENOSPC handling has been bad in the past, but it's not clear that
was the cause of your original
Your message dated Tue, 20 Jan 2015 21:17:12 +
with message-id e1ydgai-0002rq...@franck.debian.org
and subject line Bug#773085: fixed in xdg-utils 1.1.0~rc1+git20111210-6+deb7u2
has caused the Debian Bug report #773085,
regarding xdg-utils: CVE-2014-9622: command injection vulnerability
to be
Your message dated Tue, 20 Jan 2015 21:17:07 +
with message-id e1ydgad-0002qa...@franck.debian.org
and subject line Bug#775167: fixed in privoxy 3.0.19-2+deb7u1
has caused the Debian Bug report #775167,
regarding privoxy: CVE-2015-1030 CVE-2015-1031
to be marked as done.
This means that you
On 1/20/2015 3:17 PM, James Morris wrote:
On Sat, 17 Jan 2015, Ben Hutchings wrote:
chown() and write() should clear all privilege attributes on
a file - setuid, setgid, setcap and any other extended
privilege attributes.
However, any attributes beyond setuid and setgid are managed by the
Your message dated Tue, 20 Jan 2015 21:17:06 +
with message-id e1ydgac-0002pq...@franck.debian.org
and subject line Bug#768095: fixed in openvswitch 1.4.2+git20120612-9.1~deb7u1.1
has caused the Debian Bug report #768095,
regarding openvswitch-datapath-dkms fails to build on Debian 7.7
On 2015-01-10 15:05, Holger Levsen wrote:
This seems to be an udevadm 'bug' instead, it can't handle unreachable
/proc/cmdline . Is there any policy that a package should install
while /proc is unavailable?
packages may be in non working state, but I'd argue that installation itself
must
On Wed, Jan 21, 2015 at 06:55:05AM +0900, Mike Hommey wrote:
On Tue, Jan 20, 2015 at 01:44:37PM +, Steve McIntyre wrote:
The automatic setup of grub-install calling efibootmgr won't be
touching the grub entry at all - it's set up to only play with
debian entries. So that should be safe.
Processing control commands:
found -1 1.05-4
Bug #774862 {Done: gregor herrmann gre...@debian.org} [ciderwebmail]
ciderwebmail: unhandled symlink to directory conversion:
/usr/share/ciderwebmail/root/static/images/mimeicons
Marked as found in versions ciderwebmail/1.05-4; no longer marked as
Followup-For: Bug #774862
Control: found -1 1.05-4
The .maintscript needs a small fix to actually work as intended:
vvv
-symlink_to_dir /usr/share/ciderwebmail/root/static/images/mimeicons
Package: moodle
Followup-For: Bug #754565
Hi,
This bug has been open for a while, with no response. Files that forbid
modification are not DFSG-free, so you will need to remove
lib/tcpdf/include/sRGB.icc from the moodle package.
However, note that the file that you want is in the non-free
I had the same problem in Gentoo linux.
I am by no means a network expert.
I had this warning in NM log.
warn error in connection
/etc/NetworkManager/system-connections/.keep_net-misc_networkmanager-0:
invalid connection: connection.type: property is missing
So I removed the the following
Package: gnome-session
Version: 3.14.0-2
Severity: grave
Tags: upstream
Justification: renders package unusable
Dear Maintainer,
* What led up to the situation?
I upgraded all packages with apt-get upgrade.
after the upgrade, when starting gdm, everything seems fine, but
Source: mysql-5.5
Version: 5.5.23-2
Severity: grave
Tags: security upstream patch fixed-upstream
Hi
As usual at this time of the year, there was a new Oracle Patch Update
including updates for MySQL, see:
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
Your message dated Wed, 21 Jan 2015 06:03:39 +
with message-id e1ydoob-0004my...@franck.debian.org
and subject line Bug#775276: fixed in condor 8.2.3~dfsg.1-6
has caused the Debian Bug report #775276,
regarding condor: CVE-2014-8126
to be marked as done.
This means that you claim that the
Faidon Liambotis parav...@debian.org writes:
On Debian systems (i.e. on $::operatingsystem == debian), the default
provider is debian; this is a separate provider that inherits the
init provider but overrides a few methods to add invoke-rc.d support.
The systemd provider, on the other hand,
Your message dated Wed, 21 Jan 2015 05:48:22 +
with message-id e1ydo9o-0002mh...@franck.debian.org
and subject line Bug#775699: fixed in gaviotatb 0.4-2
has caused the Debian Bug report #775699,
regarding libgaviotatb-dev is broken: undefined reference to `z_uncompress'
to be marked as done.
Source: mariadb-10.0
Version: 10.0.15-3
Severity: grave
Tags: security
Hi MariaDB maintainers!
As you might have seen there is a new Oracle Patch Update including
updates for MySQL 5.5. I'm filling this bug to just have it
double-checked as mariadb.com does not list yet new versions afaics:
Package: systemd
Version: 215-9
Severity: serious
Tags: upstream confirmed patch
Michael points out a regression in 215-9 wrt. handling init scripts
with a .sh suffix. This is closely related, but not identical to
#775404, so let's track it as a separate bug.
I posted a fix with a test case to
Package: virtualbox
Severity: grave
Tags: security
Justification: user security hole
No specific details available yet:
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a
On 01/21/2015 12:53 PM, Moritz Muehlenhoff wrote:
Package: virtualbox
Severity: grave
Tags: security
Justification: user security hole
No specific details available yet:
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Cheers,
Moritz
The following
Here's a cosmetically evolved patch which I'll commit and release
shortly. Thanks!
--
Thomas
diff --git a/etc/dhcp/dhclient-enter-hooks.d/resolvconf b/etc/dhcp/dhclient-enter-hooks.d/resolvconf
index 529504b..cf61615 100644
--- a/etc/dhcp/dhclient-enter-hooks.d/resolvconf
+++
Source: vlc
Version: 2.1.5-1
Severity: grave
Tags: security
Justification: user security hole
Hi,
multiple vulnerabilities were reported against vlc 2.1.5. The complete
mail is at http://seclists.org/oss-sec/2015/q1/187 but at least the
following vulnerabilities are fixed in vlc master branch:
On 2015-01-20 19:28, Felipe Sateler wrote:
For reference, the inclusion of common-session is a local debian
patch[1]. The original file referenced system-auth, which apparently
debian does not use.
[1]
63 matches
Mail list logo