I've uploaded a new version of linux to:
https://people.debian.org/~benh/packages/jessie-security/
which I believe will fix this regression (bug #925919). Please let me
know whether it works for you.
I only included the amd64 linux-image package and sources there, but
can add i386 linux-image
Processing commands for cont...@bugs.debian.org:
> tags 925919 + patch
Bug #925919 [src:linux] linux-image-amd64: linux-image-3.16.0-8-amd64 -
unpredictable reboots / kernel panics?
Bug #925918 [src:linux] linux-image-amd64: linux-image-3.16.0-8-amd64 -
unpredictable reboots / kernel panics?
Hello,
On Sat, Jan 26, 2019 at 03:19:08AM +0100, أحمد المحمودي wrote:
> On Tue, Jan 15, 2019 at 11:39:18PM -0500, Steve Tell wrote:
> > I just got a version working with guile-2.2, although its off on a side
> > development branch in my sourceforge tree at the moment:
> >
> let's apply the policy buster and
> revisit one year before bullseye, maybe there's a more friendly fork by then
> which
> Debian can adopt.
yesterday the package got removed from testing; i'm not going to seek
to reintroduce it
--
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at
Hi Salvatore,
> The following vulnerability was published for gpsd, not competely sure
> on severity and on if the referenced upstream commit is enough.
> Ideally though the fix seems ideal to go to buster.
I've tried to get more information out of Upstream, but did not get a
reply yet. So I'll
Processing commands for cont...@bugs.debian.org:
> outlook 925473 I expect to have something ready for review by the principal
> maintainer after this weekend
Outlook replaced with message bug 925473 message
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
close -1
thx
Helmut Grohne writes:
> Package: cross-gcc-dev
> Version: 226
> Severity: serious
> Tags: patch
Hi Helmut. I had pushed updates that fixed this days ago, but apparently
there were issues with my key, so the upload was silently ignored. If
you build from source, you should get a
Processing commands for cont...@bugs.debian.org:
> found 925986 1.7.26-1
Bug #925986 [jruby] CVE-2018-173
Marked as found in versions jruby/1.7.26-1.
> fixed 925986 1.7.26-1+deb9u1
Bug #925986 [jruby] CVE-2018-173
Marked as fixed in versions jruby/1.7.26-1+deb9u1.
> thanks
Stopping
Processing commands for cont...@bugs.debian.org:
> found 925986 9.1.17.0-2
Bug #925986 [jruby] CVE-2018-173
Marked as found in versions jruby/9.1.17.0-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
925986:
Processing commands for cont...@bugs.debian.org:
> tags 925987 + upstream
Bug #925987 [jruby] CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323
CVE-2019-8324 CVE-2019-8325
Added tag(s) upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
925987:
Processing commands for cont...@bugs.debian.org:
> found 925987 9.1.17.0-2
Bug #925987 [jruby] CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323
CVE-2019-8324 CVE-2019-8325
Marked as found in versions jruby/9.1.17.0-2.
> thanks
Stopping processing here.
Please contact me if you need
Package: jruby
Severity: grave
Tags: security
jruby embeds a version of rubygems, so it's affected by
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems
Cheers,
Moritz
Package: jruby
Severity: grave
Tags: security
CVE-2018-173 is not fixed in the rubygems bundled in jruby,
https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
https://github.com/rubygems/rubygems/commit/1b931fc03b819b9a0214be3eaca844ef534175e2
The other 2018
Processing control commands:
> tags -1 buster-ignore
Bug #864423 [dmraid] Software RAID is not activated at boot time
Added tag(s) buster-ignore.
--
864423: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864423
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 buster-ignore
Hi,
On Thu, Jun 08, 2017 at 03:04:16PM +0200, Christoph Pleger wrote:
> dmraid in jessie currently does not activate my software raid. As the
> boot/root partition is on the raid, my machine does not boot.
>
> The reason is that in
Package: busybox-udeb
Version: 1:1.30.1-1
Severity: serious
Justification: breaks d-i features
(Maintainers cc'd explicitly.)
Hi,
With the upgrade to the 1.30.x series, a bunch of patches were reworked,
and some were dropped. This includes:
debian/patches/temp-deb-installer-hack.patch
On Thu, Mar 28, 2019 at 07:29:07PM -0400, Sandro Tosi wrote:
> Hello Moritz,
> could you please reply to the points made below? thanks!
Sorry, missed your reply.
> > what kind of security support do Debian provide to the mysql server
> > packages?
None at all, they're only in unstable for that
Control: reassign -1 ruby-websocket-parser
Control: retitle -1 ruby-websocket-parser: hijacks namespace from ruby-websocket
Control: found -1 1.0.0-1
On Tue, Jul 10, 2018 at 10:13:32AM +0200, Andreas Beckmann wrote:
> Package: ruby-websocket-parser,ruby-websocket
> Severity: serious
> User:
Processing control commands:
> reassign -1 ruby-websocket-parser
Bug #903448 [ruby-websocket] ruby-websocket-parser,ruby-websocket: error when
trying to install together
Bug reassigned from package 'ruby-websocket' to 'ruby-websocket-parser'.
No longer marked as found in versions
Processing control commands:
> tags -1 + patch
Bug #924311 [miredo] miredo: Fails to stop with sysvinit: start-stop-daemon:
matching only on non-root pidfile /var/run/miredo.pid is insecure
Added tag(s) patch.
--
924311: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924311
Debian Bug
Samuel Thibault, le ven. 29 mars 2019 17:21:51 +0100, a ecrit:
> Thanks for it! I'll fix that for Buster. Unfortunately the next upgrade
> will again have the issue, since it's the prerm script which stops
> espeakup. But the upgrade after that (or a reinstall) should be fine.
Could you try to
Control: tags -1 + patch
> The usual fix seems to be to also specify the binary to be stopped with
> IIRC the --exec option.
This is done in the attached (untested) patch.
Is there an easier way to test it, than with a virtual machine? (My
system has systemd.)
Cheers,
--
Stéphane
commit
Your message dated Fri, 29 Mar 2019 17:57:58 +0100
with message-id <2bfaa3bf855d1acd562f574b894c9367f3eb8163.ca...@debian.org>
and subject line Re: Bug#925948: xfce4-power-manager: Display power management
blanking cannot unblank
has caused the Debian Bug report #925948,
regarding
Your message dated Fri, 29 Mar 2019 17:34:35 +0100
with message-id <8c48a180-b98e-47eb-ec20-a73c6f3c4...@debian.org>
and subject line libjs-select2.js has been restored
has caused the Debian Bug report #920577,
regarding ocsinventory-server: depends on no longer available libjs-select2.js
to be
Your message dated Fri, 29 Mar 2019 16:34:58 +
with message-id
and subject line Bug#925973: fixed in espeakup 1:0.80-14
has caused the Debian Bug report #925973,
regarding espeakup: restart daemon after upgrade
to be marked as done.
This means that you claim that the problem has been dealt
Control: tags 924966 + patch
Control: tags 924966 + pending
Dear maintainer,
I've prepared an NMU for pdns (versioned as 4.1.6-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
There is a corresponding merge request at
Processing control commands:
> tags 924966 + patch
Bug #924966 [src:pdns] pdns: CVE-2019-3871: Insufficient validation in the HTTP
remote backend
Added tag(s) patch.
> tags 924966 + pending
Bug #924966 [src:pdns] pdns: CVE-2019-3871: Insufficient validation in the HTTP
remote backend
Added
Processing commands for cont...@bugs.debian.org:
> retitle 925973 espeakup: restart daemon after upgrade
Bug #925973 [espeakup] Linux 9 stretch What to do about reviving speakup?
Changed Bug title to 'espeakup: restart daemon after upgrade' from 'Linux 9
stretch What to do about reviving
Package: espeakup
Version: 1:0.71-27
Severity: grave
Kirk Reiser, le ven. 29 mars 2019 11:34:54 -0400, a ecrit:
> In the current espeakup installation on debian sid at least, The
> currently running espeakup is killed off long before the newly
> installed espeakup is started leaving the person
On Thu, Mar 28, 2019 at 01:49:51PM +0100, Markus Koschany wrote:
Hello Francesco,
I intend to upgrade proftpd in Jessie to fix the memory leaks and
another unrelated issue. I think it would be best to backport the
version in testing. If you agree, I could also update proftpd in stable.
Please
Package: src:groonga
Version: 9.0.1-1
Severity: serious
Justification: Policy 3.3
Dear Maintainer,
Debian Policy (3.3) requires a working maintainer email address, which groonga
does not currently have:
This message was created automatically by mail delivery software.
A message that you sent
Hi all,
I've managed to reproduce this locally, but haven't sat down to properly look
at a solution.
As it's an RC bug, it 's worth sorting soon so we're not holding anything up -
has anyone got a suggestion of where to start?
Cheers,
DH
--
Hibby
d...@vehibberd.com
MM3ZRZ
On Tue, 12
My name is Maryam Bahlooq from Abu Dhabi. My contact with you is for an
important discussion. Please reply me through (bahlooqmar...@gmail.com) for
further details.
Package: src:linux
Version: 4.19.28-2
Severity: critical
Justification: breaks the whole system
-- Package-specific info:
** Version:
Linux version 4.19.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version
8.3.0 (Debian 8.3.0-2)) #1 SMP Debian 4.19.28-2 (2019-03-15)
** Command line:
Same here.
An easy way to reproduce is to execute a binary on a NFS partition.
With wget (size < 500k) it's OK. With w3m (size 1.4M) always a crash.
It seems to be a memory management problem.
Your message dated Fri, 29 Mar 2019 13:50:10 +
with message-id
and subject line Bug#925945: fixed in zzz-to-char 0.1.3-2
has caused the Debian Bug report #925945,
regarding elpa-zzz-to-char: Prompts for text to zap to/up to then gives an
Unexpected Style error
to be marked as done.
This
Processing commands for cont...@bugs.debian.org:
> severity 925945 serious
Bug #925945 [elpa-zzz-to-char] elpa-zzz-to-char: Prompts for text to zap to/up
to then gives an Unexpected Style error
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.
Please contact me if
Processing commands for cont...@bugs.debian.org:
> found 925959 2:9.4.6-1770165-8
Bug #925959 {Done: Bernd Zeimetz } [src:open-vm-tools]
open-vm-tools: insecure handling of /tmp/VMwareDnD
Marked as found in versions open-vm-tools/2:9.4.6-1770165-8.
> thanks
Stopping processing here.
Please
Processing commands for cont...@bugs.debian.org:
> found 925959 2:10.1.5-5055683-4+deb9u1
Bug #925959 {Done: Bernd Zeimetz } [src:open-vm-tools]
open-vm-tools: insecure handling of /tmp/VMwareDnD
Marked as found in versions open-vm-tools/2:10.1.5-5055683-4+deb9u1.
> thanks
Stopping processing
Your message dated Fri, 29 Mar 2019 12:04:56 +
with message-id
and subject line Bug#925959: fixed in open-vm-tools 2:10.3.10-1
has caused the Debian Bug report #925959,
regarding open-vm-tools: insecure handling of /tmp/VMwareDnD
to be marked as done.
This means that you claim that the
Source: open-vm-tools
Version: 2:9.4.6-1770165-1
Severity: critical
Tags: security upstream
Upstream released 10.3.10, which contains a fix for a long standing
security issue:
commit e88f91b00a715b79255de6576506d80ecfdb064c
Author: Oliver Kurth
Date: Tue Jan 29 14:03:19 2019 -0800
Fix
Le vendredi 29 mars 2019 à 01:23 -0400, Borden Rhodes a écrit :
> On Sun, 24 Mar 2019 17:47:38 +0100 =?ISO-8859-1?Q?S=E9bastien?=
> Villemot wrote:
> > The main reason is lack of manpower (a lot of work in the
> > Javascript
> > packages need to happen first).
>
> Thank you for the explanation.
Your message dated Fri, 29 Mar 2019 11:09:34 +0100
with message-id <20190329100933.gb15...@nighthawk.caipicrew.dd-dns.de>
and subject line Re: [Debichem-devel] Bug#924813: bagel: FTBFS: mpicxx.h:22:4:
error: #error 'Please use the same version of GCC and g++ for compiling MPICH
and user MPI
Package: fstransform
Version: 0.9.3-2
Severity: critical
Tags: upstream
Justification: causes serious data loss
Dear Maintainer,
approximately 1.5 years ago I have discovered a reproducible case
of filesystem corruption by fstransform, and reported it upstream:
Your message dated Fri, 29 Mar 2019 11:09:34 +0100
with message-id <20190329100933.gb15...@nighthawk.caipicrew.dd-dns.de>
and subject line Re: [Debichem-devel] Bug#924813: bagel: FTBFS: mpicxx.h:22:4:
error: #error 'Please use the same version of GCC and g++ for compiling MPICH
and user MPI
Your message dated Fri, 29 Mar 2019 11:09:34 +0100
with message-id <20190329100933.gb15...@nighthawk.caipicrew.dd-dns.de>
and subject line Re: [Debichem-devel] Bug#924813: bagel: FTBFS: mpicxx.h:22:4:
error: #error 'Please use the same version of GCC and g++ for compiling MPICH
and user MPI
Processing commands for cont...@bugs.debian.org:
> found 924965 1.7.0-1
Bug #924965 [src:libssh2] libssh2: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857
CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862
CVE-2019-3863
Ignoring request to alter found versions of bug #924965 to the
Same here, I have just one machine running jessie, FWIW it seems that
what triggers the problem is an rsync connection from another host.
Unfortunately nothing gets logged (the last message in syslog is the
rsync connection) and nothing on the console.
The (virtual) machine is totally
48 matches
Mail list logo