Your message dated Wed, 07 Jul 2021 21:33:52 +
with message-id
and subject line Bug#990791: fixed in ruby-addressable 2.7.0-2
has caused the Debian Bug report #990791,
regarding ruby-addressable: CVE-2021-32740
to be marked as done.
This means that you claim that the problem has been dealt
On Wed, Jul 07, 2021 at 03:35:48PM +0200, Raphael Hertzog wrote:
> The simplest fix is thus to let nss migrate into bullseye.
The simplest fix is a binNMU of firefox-esr because the issue was fixed
in NSS, but since there's going to be a security update for firefox-esr
next week, I didn't ask for
Processing commands for cont...@bugs.debian.org:
> # I fail to spot how to properly tell the bts that this bug only lives
> # in backports
> tag 989799 bullseye-ignore
Bug #989799 {Done: Hideki Yamane } [manpages-l10n]
psmisc: Undeclared file conflict with manpages-de from buster-backports
Added
On Wed, 7 Jul 2021 15:35:48 +0200 Raphael Hertzog
wrote:
Control: severity -1 serious
Control: found -1 firefox-esr/78.11.0esr-1
Control: tag -1 + bullseye
Hello,
it looks like this issue resurfaced again and it happens in bullseye
right now (with firefox-esr 78.11.0esr-1 and libnss3
On 07/07/2021 18.18, Otto Kekäläinen wrote:
Galera 3 works with MariaDB 10.1-10.3. Galera 4 works with MariaDB
10.4-10.6.
Galera 4 has new API, thus does not work with MariaDB 10.3.
Thanks for clarifying. That was not obvious since the filename of the
plugin library did not change. And
Processing commands for cont...@bugs.debian.org:
> tags 990791 + upstream
Bug #990791 [src:ruby-addressable] ruby-addressable: CVE-2021-32740
Added tag(s) upstream.
> found 990791 2.7.0-1
Bug #990791 [src:ruby-addressable] ruby-addressable: CVE-2021-32740
Marked as found in versions
Your message dated Wed, 07 Jul 2021 17:18:27 +
with message-id
and subject line Bug#990758: fixed in freedombox 21.4.3
has caused the Debian Bug report #990758,
regarding freedombox: please add Breaks: fuse (<< 3) and Depends: fuse3 (>= 3)
to be marked as done.
This means that you claim that
>
> Some general understanding question: Would mariadb-server-10.5 work with
> galera-3, too? (with only the Depends being relaxed to 'Depends:
> galera-4 | galera-3, ...', without recompilation or similar actions)
> (Bonus question: would mariadb-server-10.3/buster work with
> galera-4/bullseye
On Wed, 27 Jan 2021 23:18:24 +0100 Andreas Beckmann
wrote:
> ruby-uglifier/experimental recently started to FTBFS, probably after
some
> build-dependency was updated:
I think switching to ruby-terser is a good idea (gitlab and diaspora
moved already). This should be a drop in replacement
Source: redmine
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for redmine.
CVE-2021-31863[0]:
| Insufficient input validation in the Git repository integration of
| Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x
Source: ruby-addressable
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for ruby-addressable.
CVE-2021-32740[0]:
| Addressable is an alternative implementation to the URI implementation
| that is part of Ruby's standard
Your message dated Wed, 07 Jul 2021 15:03:27 +
with message-id
and subject line Bug#990780: fixed in jabref 3.8.2+ds-15
has caused the Debian Bug report #990780,
regarding jabref fails to start
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
Processing control commands:
> tag -1 pending
Bug #990780 [jabref] jabref fails to start
Added tag(s) pending.
--
990780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990780
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #990780 in jabref reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
On 07/07/2021 15.37, Andreas Beckmann wrote:
you can find a 990708 branch in both repositories
The galera-4 upgrade job failed, but I'd expect that to succeed once the
mariadb-server-10.5 change is in as well.
BTW, the following apt option might be helpful for debugging upgrade
issues in
Processing control commands:
> clone -1 -2
Bug #990412 [libpam-yubico] libpam-ubico does not use multiarch paths
Bug #979973 [libpam-yubico] libpam-ubico does not use multiarch paths
Failed to clone 990412: Bug is marked as being merged with others. Use an
existing clone.
> retitle -2 mis-merge
control: clone -1 -2
control: retitle -2 mis-merge in patches prevents reading /lib/security
control: reassign -2 pam
control: found -2 1.4.0-1
control: severity -2 important
control: severity -1 serious
Steve said that it was not an intentional change to prevent finding pam
modules in
Processing control commands:
> severity -1 serious
Bug #31 [firefox-esr] [firefox-esr] NS_ERROR_NET_INADEQUATE_SECURITY for
https sites - libnss3 dependency
Severity set to 'serious' from 'normal'
> found -1 firefox-esr/78.11.0esr-1
Bug #31 [firefox-esr] [firefox-esr]
On 06/07/2021 01.25, Otto Kekäläinen wrote:
Thanks Andreas for testing potential changes!
So far this looks good, I see no more cases of default-mysql-server
being held at the buster version (and thus mariadb-server-10.3 instead
of mariadb-server-10.5 being installed).
If you file them as
> "Steve" == Steve Langasek writes:
Steve> For the record, I did not intentionally drop those lines,
Steve> this was a matter of a mis-merge.
Okay, if it was a miss-merge, let's see if we can fix.
I'm reasonably busy this morning but will try to prepare something later
today based
Your message dated Wed, 07 Jul 2021 13:18:24 +
with message-id
and subject line Bug#987601: fixed in davmail 5.5.1.3299-5
has caused the Debian Bug report #987601,
regarding openjdk-11-jre-headless: libawt_xawt.so still listed as part of this
package instead of openjdk-11-jre
to be marked as
Processing control commands:
> tag -1 pending
Bug #990708 [mariadb-server-10.5,galera-4] mariadb-server-10.5: upgrade
problems due to galera-3 -> galera-4 switch
Added tag(s) pending.
--
990708: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990708
Debian Bug Tracking System
Contact
Control: tag -1 pending
Hello,
Bug #990708 in galera-4 reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Processing commands for cont...@bugs.debian.org:
> reassign 990708 mariadb-server-10.5,galera-4
Bug #990708 [mariadb-server-10.5] mariadb-server-10.5: upgrade problems due to
galera-3 -> galera-4 switch
Bug reassigned from package 'mariadb-server-10.5' to
'mariadb-server-10.5,galera-4'.
No
Hi,
> My current policy was to Suggest: deps required by the ui components.
> This enables server users to skip those. I think I'll add default-jre
> as a Suggest: for the mean time
Moving on with the above solution.
Thanks, and sorry for the misinterpretation of bug severity values.
Alex
Processing commands for cont...@bugs.debian.org:
> retitle 990765 sshfs: please add Breaks: fuse (<< 3)
Bug #990765 {Done: Andreas Beckmann } [sshfs] sshfs: please
add Breaks: fuse (<< 2)
Changed Bug title to 'sshfs: please add Breaks: fuse (<< 3)' from 'sshfs:
please add Breaks: fuse (<< 2)'.
Processing commands for cont...@bugs.debian.org:
> fixed 983637 3.1.1-1
Bug #983637 {Done: Guido Günther } [tracker-miners]
tracker-extract: Add newfstat() to syscall list
There is no source info for the package 'tracker-miners' at version '3.1.1-1'
with architecture ''
Unable to make a source
Processing commands for cont...@bugs.debian.org:
> severity 990746 serious
Bug #990746 [thawab] /usr/bin/thawab-gtk: thawab fails to start.
Severity set to 'serious' from 'important'
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
990746:
Processing control commands:
> severity -1 serious
Bug #987601 [src:davmail] openjdk-11-jre-headless: libawt_xawt.so still listed
as part of this package instead of openjdk-11-jre
Severity set to 'serious' from 'normal'
--
987601: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987601
Debian
Package: jabref
Version: 3.8.2+ds-14
Severity: serious
Tags: sid bullseye
$ jabref
Exception in thread "main" java.lang.UnsatisfiedLinkError: Can't load library:
/usr/lib/jvm/java-11-openjdk-amd64/lib/libawt_xawt.so
at java.base/java.lang.ClassLoader.loadLibrary(ClassLoader.java:2630)
Your message dated Wed, 07 Jul 2021 07:18:25 +
with message-id
and subject line Bug#990749: fixed in linuxptp 3.1-2.1
has caused the Debian Bug report #990749,
regarding linuxptp: CVE-2021-3571
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
Your message dated Wed, 07 Jul 2021 07:18:25 +
with message-id
and subject line Bug#990748: fixed in linuxptp 3.1-2.1
has caused the Debian Bug report #990748,
regarding linuxptp: CVE-2021-3570
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
Dear maintainer,
I've prepared an NMU for linuxptp (versioned as 3.1-2.1). The diff
is attached to this message. Given the time for the bullseye release I
went ahead without delay, hope this was fine with you.
Regards,
Salvatore
diff -Nru linuxptp-3.1/debian/changelog
On 07 juin 2021 09:17, Andreas Beckmann wrote:
> On 06/06/2021 12.44, Christian Marillat wrote:
>> As requested in your previous e-mail (tesla-450) 450.119.04
>
> Thanks, then I'll try to get that unblocked.
>
> Did you have a chance to test 460.84, yet? The (usually sparse)
> upstream changelog
34 matches
Mail list logo