Bug#915050: (gitlab) Re: Bug#915050: Keep out of testing

On Tue, 18 Dec 2018, Pirate Praveen wrote: > [adding -devel to cc] > > On 12/3/18 8:11 PM, Dominik George wrote: > >> well, Debian is using gitlab!!! so this sentence has no sense. The > >> problem here > >> is that is a complex software that depends of a lot of pieces and it's > >> not > >>

Bug#914898: debootstrap, stretch-backports: Please disabled merged /usr by default

On Wed, 28 Nov 2018, Ian Jackson wrote: > Package: debootstrap > Version: debootstrap/1.0.110~bpo9+1 > Severity: serious > > In #914208 Simon McVittie writes: > > [merge-/usr] is now the default in stretch-backports' debootstrap > > As discussed on debian-devel, however, binary packages built

Bug#817641: Bug#906637: RM: pytone -- ROM; RC-buggy; Unmaintained; Upstream dead

merge 906598 906637 thanks On Sat, 18 Aug 2018, Boyuan Yang wrote: > Package: ftp.debian.org > Severity: normal > X-Debbugs-CC: formo...@debian.org > > Dear FTP Masters, > > As per the statement from package pytone's maintainer [1], please > remove package pytone from unstable archive. > >

Bug#817641: pytone: Removal of debhelper compat 4

On Sat, 18 Aug 2018, Boyuan Yang wrote: Hi, > It seems that this package (pytone) maintained by you hasn't receive > any maintainer upload since 2007 (!). I'm wondering if you still have > time to deal with its RC bugs and upload new versions, or it might > better to submit RFA bugs /

Bug#701200: ferm

On Fri, 04 Aug 2017, Adam McKenna wrote: > Alright I guess I'll have to take this to debian-security then, this may > even warrant a CVE I completly disagree, but lets see what -security says. Alex

Bug#701200: ferm

On Fri, 04 Aug 2017, Adam McKenna wrote: > That makes no sense, if that's the case then why is a default ruleset > provided for ipv4 but not ipv6? > > More and more systems are running ipv6 these days and ferm users may not > even know their systems are exposed in this way. Thats why I fixed it,

Bug#701200: ferm

fixed 701200 2.4-1 thanks On Fri, 04 Aug 2017, Adam McKenna wrote: > tag 701200 security > > This is not just a bug, this is a gaping security hole. The default > configuration is wide open on ipv6. > > Please add, at a minimum, the following default rules for ipv6: This was fixed in unstable

Bug#863802: severity of 863802 is wishlist

severity 863802 wishlist thanks As discussed, I don't this is a bug.

Bug#863802: systemd unit breaks ferm in some setups in jessie->stretch upgrade

On Wed, 31 May 2017, Moritz Muehlenhoff wrote: > Package: ferm > Version: 2.3-2 > Severity: grave > > Ferm is broken in stretch for any rule set which contains resolve() > statements. > (There might be others relying on network, didn't check). This got introduced > in 2.3-2, which now uses a

Bug#847311: amavisd-new: After the last Debian update Amavis does not read data type float from Mysql DB correctly. All fields are "0".

On Sun, 12 Feb 2017, Brian May wrote: > Henrique de Moraes Holschuh writes: > > > I don't know. I never use mysql (or any DB, really) with amavisd-new, > > and I have no idea why it would fetch 0 instead of the proper float > > value from mysql, or how to fix it :-( > > Same

Bug#831965: Status of asciidoc upload?

On Mon, 19 Dec 2016, Raphael Hertzog wrote: > Hi Joseph, > > On Mon, 19 Dec 2016, Joseph Herlant wrote: > > @Alexander, @Fredrik, if you don't have time, do you mind if I ask to > > Vincent or Raphael if they can have a look and maybe review the > > package changed that happened since last

Bug#831965: Status of asciidoc upload?

On Mon, 19 Dec 2016, Joseph Herlant wrote: > Hi, > > @Alexander, @Fredrik, if you don't have time, do you mind if I ask to > Vincent or Raphael if they can have a look and maybe review the > package changed that happened since last upload in 2014? I am currently very very busy and won't have

Bug#831965: Status of asciidoc upload?

On Sun, 04 Dec 2016, Alexander Wirt wrote: > > > Am 04.12.2016 um 14:16 schrieb Dr. Tobias Quathamer: > > Am 02.12.2016 um 17:54 schrieb Joseph Herlant: > > > Hi Tobias, > > > > > > Currently the permissions on the pkg-asciidoc group in alioth seems &

Bug#831965: Status of asciidoc upload?

and wasn't able to figure out why. Only Fredrik Steen and Alexander Wirt have admin access and I'm the only other member. I've not been able to get in touch with them in a while. Maybe you'll have more luck. Maybe we should have this package moved to collab-maint or python maintainers team to make

Bug#822004: [Pkg-nagios-devel] Bug#822004: nagios3: Build arch:all+arch:any but is missing build-{arch, indep} targets

On Fri, 29 Jul 2016, Santiago Vila wrote: > tags 822004 + patch > thanks > > I also recommend switching to dh, but in the meantime, the attached > patch should work. We probably will remove nagios3 from debian soon, as it is a dead end. Thanks Alex

Bug#830955: keepalived: Segfault - keepalived doesn't work without CONFIG_IP_VS

severity 830955 normal merge 830955 544700 thanks On Wed, 13 Jul 2016, Mathieu Ruellan wrote: > Package: keepalived > Version: 1.2.20-1 > Severity: critical > Justification: causes serious data loss > > Dear Maintainer, > > Could you please update the keepalived to fix this issue? > > >

Bug#810506: Upload of linux-grsec to jessie-backports?

On Sat, 16 Apr 2016, Yves-Alexis Perez wrote: > On mar., 2016-03-22 at 13:30 +0100, Yves-Alexis Perez wrote: > > On mar., 2016-03-22 at 13:22 +0100, Alexander Wirt wrote: > > > > > > You - or better more than one person - promise to support this kernel for >

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Tue, 29 Mar 2016, Felipe Sateler wrote: > On 29 March 2016 at 08:24, Alexander Wirt <formo...@debian.org> wrote: > > On Tue, 29 Mar 2016, Felipe Sateler wrote: > > > >> On 29 Mar 2016 08:10, "Alexander Wirt" <formo...@debian.org> wrote: > >

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Tue, 29 Mar 2016, Felipe Sateler wrote: > On 29 Mar 2016 08:10, "Alexander Wirt" <formo...@debian.org> wrote: > > > > On Tue, 29 Mar 2016, Felipe Sateler wrote: > > > > > On 29 March 2016 at 04:11, Alexander Wirt <formo...@debian.org> wrot

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Tue, 29 Mar 2016, Felipe Sateler wrote: > On 29 March 2016 at 04:11, Alexander Wirt <formo...@debian.org> wrote: > > On Mon, 28 Mar 2016, Felipe Sateler wrote: > > > >> On 5 March 2016 at 19:54, Sam Morris <s...@robots.org.uk> wrote: > &

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Tue, 29 Mar 2016, Felipe Sateler wrote: > On 29 March 2016 at 04:11, Alexander Wirt <formo...@debian.org> wrote: > > On Mon, 28 Mar 2016, Felipe Sateler wrote: > > > >> On 5 March 2016 at 19:54, Sam Morris <s...@robots.org.uk> wrote: > &

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Tue, 29 Mar 2016, Felipe Sateler wrote: > On 29 Mar 2016 04:03, "Felix Geyer" wrote: > > > > Hi Felipe, > > > > On Mon, 28 Mar 2016 20:56:48 -0300 Felipe Sateler > wrote: > > > I have uploaded an nmu. I have made the unit call out to the init > > >

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Tue, 29 Mar 2016, Felix Geyer wrote: > Hi Felipe, > > On Mon, 28 Mar 2016 20:56:48 -0300 Felipe Sateler wrote: > > I have uploaded an nmu. I have made the unit call out to the init > > script, because it does more work than simply invoking ferm. > > > > Please find

Bug#796611: ferm causes a unit ordering cycle that breaks booting

On Mon, 28 Mar 2016, Felipe Sateler wrote: > On 5 March 2016 at 19:54, Sam Morris wrote: > > severity 796611 grave > > thanks > > > > This is currently causing my system to boot without networking. I am > > increasing the severity since other (rather important!) packages are

Bug#810506: Upload of linux-grsec to jessie-backports?

On Tue, 22 Mar 2016, Yves-Alexis Perez wrote: Hi, > On mar., 2016-03-22 at 11:57 +0100, Alexander Wirt wrote: > > On Tue, 22 Mar 2016, Julien Cristau wrote: > > > It won't be in testing if it's not suitable for stable.  That would > > > defeat the purpose of t

Bug#807019: tracking bin-num - broken unison due to binnmu upload

On Tue, 29 Dec 2015, Alexandre Rossi wrote: > Hi, > > >> The change done in unison 2.48 to overcome this looks pretty big... I'm > >> not sure I'll be able/willing to provide a unison2.40.102 any more. > >> Moreover, this package was created to provide compatibility with > >> previous Debian

Bug#796322: visolate: Does not start

Package: visolate Version: 2.1.6~svn8+dfsg1-2 Severity: grave Justification: renders package unusable Hi, I am not able to start visolate without hacking the LD_LIBRARY_PATH. formorer@smithers ~ % visolate Exception in thread main

Bug#649106: syncid 'fix' breaks state sync in init script completely

On Fri, 13 Mar 2015, Hans van Kranenburg wrote: On 03/13/2015 10:53 AM, Alexander Wirt wrote: I am pretty sure I tested it somehow, however I don't use ipvsadm in daemon mode as I think it is pretty useless without a manager. I use keepalived to set the rules and do health checking

Bug#774917: severity of 774917 is minor

severity 774917 minor thanks Hi, as already stated in the bug we are not able to support every database version that ever was in stable. Therefore I will downgrade this bug to minor. If you are doing upgrade tests from squeeze to jessie, you should also upgrade the database. Alex -- To

Bug#775252: [Pkg-nagios-devel] Bug#775252: icinga-web-config-icinga2-ido-mysql, icinga-web-config-icinga2-ido-pgsql: fails to install: icinga2-enable-feature: command not found

On Tue, 13 Jan 2015, Andreas Beckmann wrote: Hi, Package: icinga-web-config-icinga2-ido-mysql,icinga-web-config-icinga2-ido-pgsql Version: 1.11.2+dfsg1-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package

Bug#774917: [Pkg-nagios-devel] Bug#774917: icinga-idoutils: fails to upgrade squeeze - wheezy - jessie: ERROR: syntax error at or near EXISTS LINE 1: ALTER TABLE icinga_comments DROP CONSTRAINT IF

On Sat, 10 Jan 2015, Andrey Rahmatullin wrote: On Fri, Jan 09, 2015 at 03:39:51AM +0100, Andreas Beckmann wrote: error encountered processing /usr/share/dbconfig-common/data/icinga-idoutils/upgrade/pgsql/1.10.1-1: ERROR: syntax error at or near EXISTS LINE 1: ALTER TABLE

Bug#768287: libnetfilter-log{-dev, 1-dbg}: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

On Sun, 16 Nov 2014, Jean-Michel Nirgal Vourgère wrote: Control: tags -1 pending Dear maintainer, I've prepared an NMU for libnetfilter-log (versioned as 1.0.1-1.1) and got its upload sponsored to DELAYED/5. Please feel free to tell me if it should delay it longer. Great, thanks I

Bug#767633: nsca-ng: depends on libsystemd-dev, which is unavailable on kfreebsd

On Sat, 01 Nov 2014, Ivo De Decker wrote: package: nsca-ng severity: serious version: 1.4-1 Hi, The latest upload of nsca-ng build-depends on libsystemd-dev, which is unavailable on kfreebsd. The kfreebsd binaries from the old version prevent migration to testing. Yai, I'll remove

Bug#749581: [Pkg-nagios-devel] Bug#749581: icinga-idoutils: fails to upgrade from jessie

severity 749581 minor thanks On Wed, 28 May 2014, Holger Levsen wrote: Package: icinga-idoutils Version: 1.11.3-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from jessie. It installed

Bug#745272: [Pkg-nagios-devel] Bug#745272: Exploited by botnet

On Wed, 30 Apr 2014, Jan Lühr wrote: Hello, there some reports, that these issue is exploited by a bonnet. Please consider pushing security updates. As said this is considered a feature by upstream. And to be honest, people that are so stupid to allow dont_blame_nrpe +

Bug#745272: [Pkg-nagios-devel] Bug#745272: Bug#745272: NRPE - Nagios Remote Plugin Executor = 2.15 Remote CommandExecution, POC released

On Sun, 20 Apr 2014, Markus Manzke wrote: hi alex There is a good reason we don't recommend using arguments... Alex yes, i know; thats why a similar bug is unfixed in squeeze for a year or so now, although reported just a followup: http://seclists.org/oss-sec/2014/q2/155 upstream

Bug#745272: [Pkg-nagios-devel] Bug#745272: NRPE - Nagios Remote Plugin Executor = 2.15 Remote CommandExecution, POC released

On Sun, 20 Apr 2014, Markus Manzke wrote: Package: nagios-nrpe-server Severity: critical Tags: security NRPE fails to check input when a newline-character is issued POC has been released and works on debian 7, no CVE assigned yet http://seclists.org/fulldisclosure/2014/Apr/240

Bug#736309: libnetfilter-queue serious bug, #736309

On Fri, 11 Apr 2014, Pierre Chifflier wrote: Hi Alexandr, Bug #736309: libnetfilter-queue-{dev, dbg}: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE is marked as serious, and is causing several packages (in my cast, suricata and nfqueue-bindings) to be scheduled for

Bug#728245: severity of 728245 is important

severity 728245 important thanks Hi, as there are some problems to reproduce this bug in normal environments I decided to downgrade that bug. Currently it prevents testing migration which means that a few important security fixes won't get fixed in testing. If someone disagrees, please speak

Bug#728245: icinga-cgi: fails to install: subprocess installed post-installation script returned error exit status 1

On Sun, 10 Nov 2013, Andreas Beckmann wrote: Followup-For: Bug #728245 Control: found -1 1.10.1-1 Hi, the problem is still reproducible. Note that this requires the installation of icinga with --install-recommends to show up, icinga-cgi itself works fine, but in combination with all the

Bug#728245: icinga-cgi: fails to install: subprocess installed post-installation script returned error exit status 1

On Sun, 16 Feb 2014, Andreas Beckmann wrote: On 2014-02-16 14:09, Alexander Wirt wrote: I did several installation with fresh vms and I wasn't able to reproduce the problem. piuparts runs the installation with DEBIAN_FRONTEND=noninteractive and stdin = /dev/null I rebuilt icinga

Bug#736727: [Pkg-nagios-devel] Bug#736727: Bug#736727: Bug#736727: [src:icinga] Sourceless file

On Tue, 11 Feb 2014, Michael Friedrich wrote: On 26.01.2014 16:04, Michael Friedrich wrote: On 26.01.2014 14:45, bastien ROUCARIES wrote: Package: src:icinga Version:1.10.2-1 Severity: serious User: debian...@lists.debian.org Usertags: source-contains-prebuilt-javascript-object

Bug#736727: [Pkg-nagios-devel] Bug#736727: Bug#736727: [src:icinga] Sourceless file

On Mon, 27 Jan 2014, Markus Frosch wrote: Hi, I could not found the source of: icinga 1.10.2-1 (source) html/jquery-ui-addon/jquery.ui.timepicker-addon.min.js html/js/jquery-1.8.0.min.js These files are not used in packaging, the features are supplied by proper dependencies

Bug#709850: nagios3-cgi: postinst uses /usr/share/doc content (Policy 12.3)

fixed #709850 3.4.1-4 thanks On Sun, 26 May 2013, Andreas Beckmann wrote: Package: nagios3-cgi Version: 3.4.1-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, a test with piuparts revealed that your package uses files from /usr/share/doc in its maintainer

Bug#714290: [Pkg-nagios-devel] Bug#714290: package does not ship any documentation

severity 714290 important thanks On Thu, 27 Jun 2013, Raf Czlonka wrote: Package: nagios3-doc Version: 3.4.1-4 Severity: grave Hi, After installing the package I get an error message: Error in `/usr/share/doc-base/nagios3', line 9: all `Format' sections are invalid. This is due

Bug#707388: conntrack: diff for NMU version 1:1.2.1-1.1

was working on the new upstream version which fixes that FTBFS, I am now finished and a fixed version will get into unstable soon. Thanks for your work Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ

Bug#710356: [Pkg-nagios-devel] Bug#710356: [nagios3-core] No scheduled downtime retention

On Thu, 30 May 2013, Cedric Jeanneret wrote: Control tag -1 +confirmed Hello Didier, hello Nagios maintainers, The provided package works as expected, the status are really kept *and* applied after a reload or restart. Thanks a lot for the quick support :). wow, you guys are fast.

Bug#705377: nsca-ng-server: fails to install: postinst fails, but silently

tag 705377 + confirmed pending thanks On Sun, 14 Apr 2013, Andreas Beckmann wrote: Package: nsca-ng-server Version: 0.3-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition

Bug#688140: file-rc: File-rc doesn't restore rcX.d dirs at remove, breaks sysv-rc installation.

On Sat, 23 Mar 2013, Roger Leigh wrote: On Thu, Mar 21, 2013 at 01:26:30PM +, Roger Leigh wrote: On Thu, Mar 21, 2013 at 06:50:51AM +0100, Alexander Wirt wrote: On Wed, 20 Mar 2013, Roger Leigh wrote: Alexander, is this approach OK with you? If you're happy with what

Bug#688140: file-rc: File-rc doesn't restore rcX.d dirs at remove, breaks sysv-rc installation.

On Wed, 20 Mar 2013, Michael Stapelberg wrote: Hi, at this point I cannot spend any more time on this bug report. Given that the bug report is without maintainer reply since more than half a year, and there are merely 160 people voting for it via popcon, I wonder if we should just drop

Bug#688140: file-rc: File-rc doesn't restore rcX.d dirs at remove, breaks sysv-rc installation.

On Wed, 20 Mar 2013, Roger Leigh wrote: On Wed, Mar 20, 2013 at 05:04:57PM +0100, Michael Stapelberg wrote: at this point I cannot spend any more time on this bug report. I've tested your patch, and it appears to work correctly in all the cases I've tried. I've updated it slightly

Bug#701227: [Pkg-nagios-devel] Bug#701227: nagios-nrpe: CVE-2013-1362: allows the passing of $() as command arguments to execute shell commands

Salvatore Bonaccorso schrieb am Sunday, den 03. March 2013: Control: tags -1 + patch Hi Alex On Sat, Feb 23, 2013 at 01:19:14PM +0100, Alexander Wirt wrote: On Sat, 23 Feb 2013, Salvatore Bonaccorso wrote: On Sat, Feb 23, 2013 at 08:33:20AM +0100, Salvatore Bonaccorso wrote

Bug#699744: [Pkg-nagios-devel] Bug#699744: nagios3-cgi: prompting due to modified conffiles which were not modified by the user: /etc/nagios3/stylesheets/outages.css

On Fri, 01 Mar 2013, Russ Allbery wrote: Based on the bug discussion, I believe this bug against nagios3-cgi should be closed. The problem is with the dpkg database, and it doesn't sound like there's anything the package needs to (or should do) to deal with that issue; it's fixed by either

Bug#547092: [Pkg-nagios-devel] Bug#547092: Bug#547092: Bug#547092: Bug#547092: nrpe ssl security problem

On Sat, 23 Feb 2013, Salvatore Bonaccorso wrote: Hi Alex, Hi Thijs I was looking trough the bugs for nagios-nrpe, and noticed #547092 where there was an upload to address it, but the bug was not closed. I wondered if this was intentional, als the original issue is only addressed by

Bug#701227: [Pkg-nagios-devel] Bug#701227: nagios-nrpe: CVE-2013-1362: allows the passing of $() as command arguments to execute shell commands

On Sat, 23 Feb 2013, Salvatore Bonaccorso wrote: On Sat, Feb 23, 2013 at 08:33:20AM +0100, Salvatore Bonaccorso wrote: In the debian package we have explicitly --enable-command-args so the Debian packages looks affected. But needs to be explicitly enabled in /etc/nagios/nrpe.cfg, should

Bug#547092: [Pkg-nagios-devel] Bug#547092: Bug#547092: Bug#547092: nrpe ssl security problem

On Sun, 10 Feb 2013, Thijs Kinkhorst wrote: Hi Alex, All agreed... but would you consider to add some big warnings about that fact? :) Thats something for the release notes or readme.debian. Feel free to send a patch. I do not believe the issue should mean that NRPE is so

Bug#547092: [Pkg-nagios-devel] Bug#547092: Bug#547092: Bug#547092: nrpe ssl security problem

On Sun, 10 Feb 2013, Thijs Kinkhorst wrote: Hi Alex, All agreed... but would you consider to add some big warnings about that fact? :) Thats something for the release notes or readme.debian. Feel free to send a patch. I do not believe the issue should mean that NRPE is so

Bug#547092: [Pkg-nagios-devel] Bug#547092: Bug#547092: nrpe ssl security problem

On Fri, 08 Feb 2013, Christoph Anton Mitterer wrote: On Fri, 2013-02-08 at 00:26 +0100, Alexander Wirt wrote: In fact nothing is new here and security wouldn't change much with different keys. The implementation ist just broken. But if you have an idea to improve it, feel free to send

Bug#547092: [Pkg-nagios-devel] Bug#547092: nrpe ssl security problem

On Thu, 07 Feb 2013, Matt Taggart wrote: As pointed out in a previous message to the bug, #547092 nagios-nrpe-server: Insecure 'SSL' option, key identical for all debian systems is severity grave due to the security problem it introduces in the service (but not critical since the problem is

Bug#698137: destroys icinga.cfg on postinst when it's a symlink

On Wed, 06 Feb 2013, Michael Stapelberg wrote: On Mon, 14 Jan 2013 12:02:35 +0100 Peter Palfrader wea...@debian.org wrote: so the postinst does effectively sed $file $file, and we all know that this doesn't work and results in $file being empty at the end. I can reproduce this issue.

Bug#697930: [Pkg-nagios-devel] Bug#697930: Bug#697930: Bug#697930: nagios3: CVE-2012-6096

On Sat, 26 Jan 2013, Julien Cristau wrote: On Tue, Jan 22, 2013 at 16:49:25 +0100, Alexander Wirt wrote: You can go ahead for icinga (I already attached the patch). I'll see about a patch for nagios later in the evening. Any luck with a nagios patch? Yeah, I compared the icinga

Bug#689016: nagios-nrpe-server: /etc/init.d/nagios-nrpe-server stop, does not stops the daemon

tag 689016 unreproducible moreinfo thanks On Fri, 28 Sep 2012, wforumw wrote: Package: nagios-nrpe-server Version: 2.13-1 Severity: normal /etc/init.d/nagios-nrpe-server stop - does not stop the daemon. You need to kill it manually and then start the daemon again. I have several servers

Bug#697930: [Pkg-nagios-devel] Bug#697930: Bug#697930: nagios3: CVE-2012-6096

On Tue, 22 Jan 2013, Jonathan Wiltshire wrote: On 2013-01-20 19:54, Alexander Wirt wrote: On Sun, 20 Jan 2013, Moritz Mühlenhoff wrote: On Fri, Jan 11, 2013 at 03:56:25PM +, Jonathan Wiltshire wrote: Control: found -1 3.2.1-2 On 2013-01-11 13:50, Moritz Muehlenhoff wrote: Package

Bug#697930: [Pkg-nagios-devel] Bug#697930: nagios3: CVE-2012-6096

On Sun, 20 Jan 2013, Moritz Mühlenhoff wrote: On Fri, Jan 11, 2013 at 03:56:25PM +, Jonathan Wiltshire wrote: Control: found -1 3.2.1-2 On 2013-01-11 13:50, Moritz Muehlenhoff wrote: Package: nagios3 Severity: grave Tags: security Justification: user security hole This

Bug#697931: [Pkg-nagios-devel] Bug#697931: icinga: CVE-2012-6096

tag 697931 patch thanks Alexander Wirt schrieb am Saturday, den 12. January 2013: On Fri, 11 Jan 2013, Moritz Muehlenhoff wrote: Package: icinga Severity: grave Tags: security Justification: user security hole This was assigned CVE-2012-6096: http://archives.neohapsis.com

Bug#697930: [Pkg-nagios-devel] Bug#697930: nagios3: CVE-2012-6096

On Fri, 11 Jan 2013, Jonathan Wiltshire wrote: Control: found -1 3.2.1-2 On 2013-01-11 13:50, Moritz Muehlenhoff wrote: Package: nagios3 Severity: grave Tags: security Justification: user security hole This was assigned CVE-2012-6096:

Bug#697931: icinga: CVE-2012-6096

On Fri, 11 Jan 2013, Moritz Muehlenhoff wrote: Package: icinga Severity: grave Tags: security Justification: user security hole This was assigned CVE-2012-6096: http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html Fix:

Bug#670373: [Pkg-nagios-devel] Bug#670373: *something* needs to be done about the client

and to take over nrpe. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#685457: [Pkg-nagios-devel] Bug#685457: Proposed fix for munin

On Wed, 02 Jan 2013, Hilko Bengen wrote: severity 685457 grave thank you As described above, this bug has the effect of breaking working installations, which in my opinion makes the package [...] unusable or mostly so. Don't play severity pingpong with me. Its not your choice. This is not

Bug#691850: libcatalyst-view-excel-template-plus-perl: FTBFS

Michael Gilbert schrieb am Tuesday, den 30. October 2012: Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see attached patch. Please revert this upload, I want to do it on my own. Alex -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of

Bug#691855: libcatalyst-view-pdf-reuse-perl: Package FTBFS

Michael Gilbert schrieb am Tuesday, den 30. October 2012: Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see attached patch. Please revert this upload, I want to do this on my own. Alex -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of

Bug#684994: [File-rc-users] Bug#684994: ifup: fails to open statefile, does not bring up the network

On Sun, 19 Aug 2012, Thorsten Glaser wrote: tags 684994 - unreproducible severity 684994 grave thanks Alexander Wirt dixit: What let you think this is file-rc bug? I wasn't able to reproduce this problem on a fresh sid box. Neither with a dhcp nor a static network configuration

Bug#684994: [File-rc-users] Bug#684994: ifup: fails to open statefile, does not bring up the network

Thorsten Glaser schrieb am Sunday, den 19. August 2012: Alexander Wirt dixit: So this looks like a missing Depends (insserv is Prio: optional) and thus is a grave bug. After manually installing it (of *course* it was not installed previously, because file-rc allowed getting rid

Bug#684994: ifup: fails to open statefile, does not bring up the network

network configuration. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#684863: conntrackd: Conntrackd fails to start. No dedicated link detected.

reassign 684863 libnfnetlink0 thanks On Tue, 14 Aug 2012, Arturo Borrero wrote: Package: conntrackd Version: 1:1.2.1-1 Severity: grave Tags: upstream Justification: renders package unusable Triying to start conntrackd in daemon mode result on this: [Thu Aug 9 14:14:23 2012]

Bug#683320: [Pkg-nagios-devel] Bug#683320: CVE-2012-3441: insecure permissions in DB creation scripts

On Mon, 30 Jul 2012, Yves-Alexis Perez wrote: Source: icinga Severity: grave Tags: security Justification: user security hole Hi, DB creation scripts shipped in icinga-idoutils are insecure (they grant privileges for all users). See https://bugzilla.novell.com/show_bug.cgi?id=767319

Bug#679889: [Pkg-mpd-maintainers] Bug#679889: mpd: MPD 0.17 + MAD decoder = noise only with MP3s

Helmut Grohne schrieb am Monday, den 16. July 2012: Control: severity 679889 serious On Sat, Jul 14, 2012 at 10:24:36PM +0200, Alexander Wirt wrote: On Sat, 14 Jul 2012, Max Kellermann wrote: This is caused by a bug in the software volume code. Fix is in the MPD git repository

Bug#667664: a fix for this

On Sat, 23 Jun 2012, Russell Coker wrote: Bug #667664 is due to the latest versions of the libpcre3 library setting reg.re_nsub to an extremely large value and dansguardian trying to allocate memory for that many records and having malloc fail. I've attached a patch for dansguardian which

Bug#675536: [Pkg-nagios-devel] Bug#675536: icinga-idoutils: fails to upgrade from squeeze: ERROR: language plpgsql does not exist

On Sat, 02 Jun 2012, Andreas Beckmann wrote: Package: icinga-idoutils Version: 1.7.0-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'squeeze'. It installed fine in 'squeeze', then

Bug#675277: icinga-idoutils: fails to install, remove, and install again

tags 675277 moreinfo thanks On Wed, 30 May 2012, Andreas Beckmann wrote: Hi, Package: icinga-idoutils Version: 1.7.0-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install, remove (but not

Bug#675277: [Pkg-nagios-devel] Bug#675277: icinga-idoutils: fails to install, remove, and install again

On Fri, 01 Jun 2012, Alexander Wirt wrote: tags 675277 moreinfo thanks On Wed, 30 May 2012, Andreas Beckmann wrote: Hi, Package: icinga-idoutils Version: 1.7.0-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I

Bug#674937: [Pkg-nagios-devel] Bug#674937: check-mk-multisite: .postinst broken

On Thu, 31 May 2012, Andreas Beckmann wrote: Package: check-mk-multisite Followup-For: Bug #674937 Hi, chown: cannot access `/etc/check_mk/conf.d': No such file or directory thats a duplicate of http://bugs.debian.org/649316 and can be fixed by updating the backport of

Bug#675046: [Pkg-nagios-devel] Bug#675046: icinga-core: retention.dat / sync.dat move seems to be not handled

tag 675046 normal thanks On Tue, 29 May 2012, Christoph Anton Mitterer wrote: severity 675046 grave stop On Tue, 2012-05-29 at 20:58 +0200, Michael Friedrich wrote: i would raise severity as such a change without copying the old retained data will cause possible regression. done. I

Bug#626281: pid file has wrong permissions

Jonathan Wiltshire schrieb am Sunday, den 18. March 2012: Hi Alex, On Wed, Dec 21, 2011 at 10:00:13PM +0100, Alexander Wirt wrote: Jonathan Wiltshire schrieb am Wednesday, den 21. December 2011: Please prepare a minimal-changes upload targetting each of these suites, and submit

Bug#626281: pid file has wrong permissions

Jonathan Wiltshire schrieb am Sunday, den 18. March 2012: Hi Alex, On Wed, Dec 21, 2011 at 10:00:13PM +0100, Alexander Wirt wrote: Jonathan Wiltshire schrieb am Wednesday, den 21. December 2011: Please prepare a minimal-changes upload targetting each of these suites, and submit

Bug#655791: ipvsadm: FTBFS: ipvsadm.c:395: undefined reference to `poptGetContext'

tag 655791 pending thanks Lucas Nussbaum schrieb am Saturday, den 14. January 2012: Source: ipvsadm Version: 1:1.25.clean-1 Severity: serious Tags: wheezy sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20120112 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of

Bug#626281: pid file has wrong permissions

Jonathan Wiltshire schrieb am Wednesday, den 21. December 2011: Dear maintainer, Recently you fixed one or more security problems and as a result you closed this bug. These problems were not serious enough for a Debian Security Advisory, so they are now on my radar for fixing in the

Bug#626281: What about squeeze?

Henrik Christian Grove schrieb am Friday, den 09. December 2011: This is a security problem present in squeeze, shouldn't we get a security update? The security team already said that this problem does not warant a security update. So I will try to get it into next stable update. Alex --

Bug#649778: configure problems

Vincent Bernat schrieb am Thursday, den 24. November 2011: OoO En ce milieu de nuit étoilée du jeudi 24 novembre 2011, vers 03:55, je disais: CCFLAGS=-Idebian/include CPPFLAGS=-Idebian/include dpkg-buildpackage -b But I do not know what is the best way to incorporate this in the

Bug#626281: [Keepalived-devel] Security problem in keepalived's pid handling/daemonize code

Moritz Mühlenhoff schrieb am Monday, den 07. November 2011: On Tue, May 10, 2011 at 09:21:32PM +0200, Vincent Bernat wrote: OoO Lors de la soirée naissante du mardi 10 mai 2011, vers 17:15, Alexander Wirt formo...@debian.org disait : Readwrite permissions to the pidfile

Bug#642790: [Pkg-nagios-devel] Bug#642790: nagios-nrpe: FTBFS: configure: error: Cannot find ssl libraries

tag 642790 pending thanks Mònica Ramírez Arceda schrieb am Saturday, den 24. September 2011: Source: nagios-nrpe Version: 2.12-4 Severity: serious Tags: wheezy sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20110923 qa-ftbfs Justification: FTBFS on amd64 Hi, During a

Bug#630357: [Pkg-nagios-devel] Bug#630357: nagios-nrpe: some files are installed into /etc/nagios/ instead of /etc/nagios3/

tags 630357 moreinfo unreproducible thanks Andreas B. Mundt schrieb am Monday, den 13. June 2011: Package: nagios-nrpe Severity: grave Justification: renders package unusable User: debian-...@lists.debian.org Usertags: debian-edu Hi, nagios-nrpe-plugin and nagios-nrpe-server drop

Bug#629127: [Pkg-nagios-devel] Bug#629127: several XSS issues

Thijs Kinkhorst schrieb am Friday, den 03. June 2011: Package: nagios3 Severity: serious Tags: security Hi, Two XSS issues have been reported for Nagios and Icinga: CVE-2011-2179: http://tracker.nagios.org/view.php?id=224 CVE-2011-1523: http://tracker.nagios.org/view.php?id=207

Bug#626281: Security problem in keepalived's pid handling/daemonize code

/daemon.c and keepalived/vrrp/vrrp_daemon.c. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#626281: [Keepalived-devel] Security problem in keepalived's pid handling/daemonize code

Alexander Wirt schrieb am Dienstag, den 10. Mai 2011: tag 626281 upstream thanks Hi, today I got a bugreport about a security problem in keepalived. It seems that keepalived daemonize code explicitly sets umask(0) which leads to interesting results: -rw-rw-rw- 1 root root 6

Bug#626281: Security problem in keepalived's pid handling/daemonize code

Vincent Bernat schrieb am Tuesday, den 10. May 2011: OoO Vers la fin de l'après-midi du mardi 10 mai 2011, vers 16:52, Alexander Wirt formo...@debian.org disait : today I got a bugreport about a security problem in keepalived. It seems that keepalived daemonize code explicitly

Bug#616410: conntrack: generall FTBFS on all architectures

://buildd.debian.org/fetch.cgi?pkg=conntrackarch=sparcver=1%3A1.0.0-1stamp=1299194858file=logas=raw Funny. It seems I forgot to upload libnetfilter-conntrack. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A signature.asc Description: Digital signature

Bug#616410: conntrack: generall FTBFS on all architectures

=conntrackarch=sparcver=1%3A1.0.0-1stamp=1299194858file=logas=raw Ah, in fact I didn't. I just missed to adapt the versioned build-depend. libnetfilter_conntrack 0.9.1 isn't build on all architectures yet. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A

Bug#609762: amavisd-milter: Init script changes owner of current directory to 'amavis'

as it leaves amavis user without a working milter. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#589130: SPAM, Re: Bug#589130: keepalived: Upgrade to 1.2 breaks package

in a future. I think that a lot of users will be appreciated, not only me. :-) You are right, I'm working on it. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject

  1   2   >