On Fri, May 06, 2022 at 09:46:24AM +0100, Neil Williams wrote:
> Source: google-oauth-client-java
> Version: 1.28.0-2
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
>
> The following vulnerability was published for google-oauth-client-java.
>
> CVE-2021-22573[0]:
Processing commands for cont...@bugs.debian.org:
> owner 1010657 !
Bug #1010657 [src:google-oauth-client-java] google-oauth-client-java:
CVE-2021-22573 - IdTokenVerifier does not verify the signature of ID Token
Owner recorded as tony mancill .
> thanks
Stopping processing here.
Please contact
Your message dated Tue, 10 May 2022 03:49:07 +
with message-id
and subject line Bug#999316: fixed in xgammon 0.99.1128-6
has caused the Debian Bug report #999316,
regarding xgammon: missing required debian/rules targets build-arch and/or
build-indep
to be marked as done.
This means that you
Your message dated Tue, 10 May 2022 02:36:26 +
with message-id
and subject line Bug#998964: fixed in sgml-base-doc 1.99.3
has caused the Debian Bug report #998964,
regarding sgml-base-doc: missing required debian/rules targets build-arch
and/or build-indep
to be marked as done.
This means
Upstream's changelog says in v4.2.0:
"prepared for openssl v3 compatibility, for main function and GENCRYPTO"
So please import that or a later version.
As of 2022/04/28 there is a new version 8.050.0 of the r8168 driver
available from Realtek. It compiles and works with 5.17 of Linux.
Your message dated Mon, 09 May 2022 20:34:18 +
with message-id
and subject line Bug#999225: fixed in cl-getopt 1.2.0-3.2
has caused the Debian Bug report #999225,
regarding cl-getopt: missing required debian/rules targets build-arch and/or
build-indep
to be marked as done.
This means that
Hi,
[...]
9/5/2022 -- 14:20:21 - -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] -
Complete IP space negated. Rule address range is NIL. Probably have a !any or
an address range that supplies a NULL address range
This seems to indicate that in the rule below, the expression
Processing commands for cont...@bugs.debian.org:
> #
> severity 1006588 serious
Bug #1006588 [src:tboot] tboot: FTBFS with OpenSSL 3.0
Severity set to 'serious' from 'important'
> severity 1006519 serious
Bug #1006519 [src:openvpn] openvpn: FTBFS with OpenSSL 3.0
Severity set to 'serious' from
Package: suricata
Version: 1:6.0.5-2
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: tmcconnell...@gmail.com
Dear Maintainer,
What led up to the situation?
Followed the instructions from suricata.readthedocs.io to add rules for the IDS
What exactly did you do (or not do)
Your message dated Mon, 09 May 2022 18:49:51 +
with message-id
and subject line Bug#1010742: fixed in xonsh 0.12.4+dfsg-1
has caused the Debian Bug report #1010742,
regarding xonsh: 0.12.2+dfsg-2 package doesn't install if python3.9 is installed
to be marked as done.
This means that you
Control: tag -1 pending
Hello,
Bug #1010742 in xonsh reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Processing control commands:
> tag -1 pending
Bug #1010742 [xonsh] xonsh: 0.12.2+dfsg-2 package doesn't install if python3.9
is installed
Added tag(s) pending.
--
1010742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010742
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Your message dated Mon, 09 May 2022 18:18:56 +
with message-id
and subject line Bug#965454: fixed in chise-base 0.3.0-2.2
has caused the Debian Bug report #965454,
regarding chise-base: Removal of obsolete debhelper compat 5 and 6 in bookworm
to be marked as done.
This means that you claim
Looks like it's a change in paramiko triggering this, that needs work
in libcloud (and possibly others) to restore compatibility.
See these upstream issues:
https://github.com/paramiko/paramiko/issues/1961
https://github.com/apache/libcloud/pull/1685
pgpw47yOkEWex.pgp
Description: OpenPGP
Your message dated Mon, 09 May 2022 15:20:45 +
with message-id
and subject line Bug#1010619: fixed in rsyslog 8.2204.1-1
has caused the Debian Bug report #1010619,
regarding rsyslog: CVE-2022-24903: Potential heap buffer overflow in TCP syslog
server (receiver) components
to be marked as
Processing commands for cont...@bugs.debian.org:
> # Fails to install or upgrade → RC severity
> severity 1010742 serious
Bug #1010742 [xonsh] xonsh: 0.12.2+dfsg-2 package doesn't install if python3.9
is installed
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.
Processing control commands:
> severity -1 serious
Bug #1010578 [osmo-mgw] osmo-mgw: FTBFS if systemd is in build environment
Severity set to 'serious' from 'normal'
--
1010578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010578
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Package: slurm-wlm
Version: 20.11.7+really20.11.4-2
Followup-For: Bug #1010632
This bug is is also present in the package version released in bullseye and
fixed in upstream version 20.11.9.
bullseye should definitely receive this update.
-- System Information:
Debian Release: 11.3
APT
Package: shiboken2
Version: 5.15.2-2+b2
Severity: grave
shiboken2 cannot currently be used to build any package due to #1008849.
I'm reporting this again as a grave bug, since while #1008849 might be
intended to address the underlying issue, it's important to note that
the _current_ package is
Your message dated Mon, 09 May 2022 07:19:00 +
with message-id
and subject line Bug#1006816: fixed in python-anyio 3.5.0-4
has caused the Debian Bug report #1006816,
regarding python-anyio: FTBFS in Ubuntu and local pbuilder (ipv6?)
to be marked as done.
This means that you claim that the
note: 8.2204.1 is 8..2204.0 with just the fix cherry-picked. No other changes.
Rainer
El sáb, 7 may 2022 a las 14:48, Salvatore Bonaccorso
() escribió:
>
> Hi Michael,
>
> [looping in the sec-team for completeness]
>
> On Thu, May 05, 2022 at 10:19:38PM +0200, Michael Biebl wrote:
> > Am
Processing control commands:
> tag -1 pending
Bug #1006816 [src:python-anyio] python-anyio: FTBFS in Ubuntu and local
pbuilder (ipv6?)
Added tag(s) pending.
--
1006816: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006816
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Control: tag -1 pending
Hello,
Bug #1006816 in python-anyio reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
24 matches
Mail list logo