Bug#939866: mariadb-server-10.1: replication hangs in state "Slave_IO_Running: Preparing" after upgrade from 10.1.38 to 10.1.41

Hello, We confirm this serious bug. After upgrading from 10.1.38-0+deb9u1 to 10.1.41-0+deb9u1, replication is completely broken. For the moment we `apt-mark old` mariadb package with 10.1.38-0+deb9u1 version on all our servers. Regards, -- Grégory Colpart - CEO Evolix - Clé OpenPGP :

Bug#921030: Fails to import the ansible module since its migration to Python 3

Hi Samuel, On Sun, Feb 24, 2019 at 03:25:26AM +, Samuel Henrique wrote: > I'm working on this: https://salsa.debian.org/debian/ansible-lint > I think i'm close to an upload now, there's only some problems with .js > sources. I review your patches and all is right, in particular your removal

Bug#598582: [pkg-horde] Bug#598582: horde3: Four security issues in Horde

Hello, On Wed, Nov 03, 2010 at 07:58:25PM +0100, Mehdi Dogguy wrote: On 0, Gregory Colpart r...@evolix.fr wrote: For horde3, I prepare the patches for Lenny and Squeeze/Sid. They are on http://git.debian.org/?p=pkg-horde/horde3.git;a=summary I'm waiting comments from upstream before

Bug#598582: [pkg-horde] Bug#598582: horde3: Four security issues in Horde

prepare the patches for Lenny and Squeeze/Sid. They are on http://git.debian.org/?p=pkg-horde/horde3.git;a=summary I'm waiting comments from upstream before uploading. Regards, -- Gregory Colpart r...@evolix.fr GnuPG:4096R/B8612B5D Evolix - Informatique et Logiciels Libres http://www.evolix.fr

Bug#595313: nagvis: unable to read input file /etc/dbconfig-common/ndoutils-mysql.conf

available) nagvis suggests no packages. -- no debconf information -- Gregory Colpart r...@evolix.fr GnuPG:4096R/B8612B5D Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble

Bug#585165: [pkg-horde] Bug#585165: CVE-2010-1916: Security issue in Xinha

Hi, On Thu, Jul 15, 2010 at 02:51:07PM +0200, Alexander Reichle-Schmehl wrote: * Gregory Colpart r...@evolix.fr [100622 01:48]: [..] Please check if your code copy is affected and update the internal copy. I think code copy of xinha in Horde is not affected because there is no PHP code

Bug#585165: [pkg-horde] Bug#585165: CVE-2010-1916: Security issue in Xinha

http://xinha.webfactional.com/ticket/1518 Please check if your code copy is affected and update the internal copy. I think code copy of xinha in Horde is not affected because there is no PHP code from Xinha on it. Majority of Xinha plugins are not present. Regards, -- Gregory Colpart r

Bug#548231: [pppoeconf] menu item fails unless launched as root

or menu package on your system, pppoeconf warn you to become root and exit. If you have a better suggestion, don't hesitate. Perhaps add gksu support if it's installed... For example, on line 42: --8-- +elif which gksu /dev/null; then + exec gksu $0 $@ || exit 1 --8-- Regards, -- Gregory

Bug#551127: unsatisfiable Depends: pear (= 5.2.0-8)

: Depends should: * have php-pear, probably versionned (See dependencies in package.xml) Note we have PEAR 1.4.11 in php-pear etch package (version 5.2.0-8*), and if could be a good idea to use (= 5.2.0-8) if possible to make backport easier. Regards, -- Gregory Colpart r...@evolix.fr

Bug#547318: [pkg-horde] Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver

building/uploading. Ok great. So far the diff looks good to me. Feel free to upload to security master (and additionally you might drop me a mail so I don't miss it). Thanks for your work! Patch reviewed by upstream, package buildedtested and uploaded. Regards, -- Gregory Colpart r

Bug#547318: [pkg-horde] Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver

://git.debian.org/?p=pkg-horde/horde3.git;a=commitdiff;h=0a71866537d0bd896fda156ba83be746483714a4 Now, I'm waiting upstream advice before building/uploading. Regards, -- Gregory Colpart r...@evolix.fr GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr

Bug#547318: [pkg-horde] Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver

=a3873329efa3ed5797678626638afbb2bb4f48d0 Now I'm testing package and preparing upload for sid. Regards, -- Gregory Colpart r...@evolix.fr GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject

Bug#528927: [pkg-horde] Bug#528927: horde3 should depend on php-mdb2

. Workaround: install php-mdb2 package... ! I downgrade the severity of the bug, because Horde could work without database. Then php-mdb2 should be in Recommends and not in Depends. Regards, -- Gregory Colpart r...@evolix.fr GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http

Bug#515892: [pkg-horde] Bug#515892: horde3: Nothing works after upgrading from 3.1.3-4etch4 to 3.2.2+debian0-2

viewable online Outch. Could you open separate bug report for them? Or even open bug reports directly in upstream BTS (bugs.horde.org)? Regards, -- Gregory Colpart r...@evolix.fr GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email

Bug#495554: [pkg-horde] Bug#495554: imp4: It can be use to inject email thought Imp

that log into the systen to send email. but besides the spammers are abusing the system. Thanks for your report. Are you sure spammers don't use a stolen login/password? Are you sure mails are really sent? Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix

Bug#495554: [pkg-horde] Bug#495554: Bug#495554: imp4: It can be use to inject email thought Imp

. Could you try to track him in horde's logs? Could you also give the version of your horde3 package? [*]http://marc.info/?l=hordem=120119991901767w=2 Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr

Bug#424810: not fixed

) Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#470640: [pkg-horde] Bug#470640: intent to NMU

pending this bug (our ARCH repository doesn't tag BTS automatically). For unstable, I have a new upstream package ready (I will ask sponsoring for it in few minutes). For Etch and Sarge, I will prepare patched packages if needed during this week-end. Regards, -- Gregory Colpart [EMAIL PROTECTED

Bug#470640: Fixed horde3 packages

package. 8-- Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#470640: Fixed horde3 packages

problem[*] which apply for a lot of horde packages. I/We will fix them ASAP. [*]http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/2008-February/002067.html Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr

Bug#464058: [horde-vendor] Bug#464058: turba access checking issue

-- Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#464058: [horde-vendor] Bug#464058: turba access checking issue

://gcolpart.evolix.net/debian/turba2/turba2_2.1.3-1_2.1.3-1etch1.diff - Patch for Turba 2.0.2 (Debian oldstable): http://gcolpart.evolix.net/debian/turba2/turba2_2.0.2-1_2.0.2-1sarge1.diff Note: FYI, Debian security team requested CVE id for this security issue. Regards, -- Gregory Colpart [EMAIL

Bug#464058: [horde-vendor] Bug#464058: turba access checking issue

requested CVE id for this security issue. We got the report from you, so unless you created one I don't think there is one. Or do you mean that they started the process of creating one from CVE? Yes, they started the process of creating one. We're waiting it. Regards, -- Gregory Colpart

Bug#442970: scalable-cyrfonts: FTBFS: make[1]: *** [convert] Error 1

in attachment a patch as small and as non-disruptive as it can be :) [*]http://fontforge.sourceforge.net/scripting.html Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ --- rules.ori 2008-02-12 23:22:10.0 +0100

Bug#464058: turba access checking issue

from Peter, original bug submitter. If not, I will test your patch, but probably not before thursday. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED

Bug#464058: turba access checking issue

from one address book to a contact list in another address book? If not then users should also no longer be able to add contacts to contact lists from other address books. Could you give more details (sources.php, etc.) on this problem ? Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG

Bug#445406: [pkg-horde] Bug#445406: login to horde3 fails due to wrong cookie path

+++ conf.php 2007-10-05 15:56:30.0 +0200 There is no conf.php file in horde3 package. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe

Bug#431590: Patch for #431590

tags 431590 +patch thanks [Debian BSP, September 29/30th] Hello, Here is a patch to verify if deluser/delgroup is installed during postrm. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ diff -u newpki-server

Bug#431584: Correct patch for #431584

[Debian BSP, September 29/30th] Hello, Here is a correct patch to verify if userdel is installed during postrm. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ diff -u ldapdns-2.06/debian/rules ldapdns-2.06

Bug#427418: NMU patch for #427418

tags 427418 +patch thanks [Debian BSP, September 28/29th] Hello, I think upstream needs rename all icons in rubrica-*.png Here is a NMU-patch for renaming 'contacts.png' icon, which fixes this RC-bug. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et

Bug#431523: NMU patch for #431523

tags 431523 +patch thanks [Debian BSP, September 28/29th] Hello, Here is a NMU patch to verify if ucf is installed during postrm. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ diff -u nagios-1.4/debian

Bug#434045: [pkg-horde] Bug#434045: security-bug informations for horde3 package

Hello, Here is a little ping to know if you intent to fix this security issue[*] opened since july 2007. [*] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434045 Regards, On Sun, Jul 22, 2007 at 09:06:48AM +0200, Gregory Colpart wrote: Hello, The package horde3 has XSS vulnerability

Bug#443899: php-pear: CVE-2007-2519: PEAR installer arbitrary code execution vulnerability

overwrite crucial system files if the PEAR Installer is running as a privileged user. Vendor advisory: http://pear.php.net/advisory-20070507.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2519 I attach a patch backported by Ubuntu for this security issue. Regards, -- Gregory

Bug#438001: amavisd-new: Impossible to install

#430028). Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#438001: amavisd-new: Impossible to install

$.*socket ./ ./25-amavis_helpers:$unix_socketname = ''; ./20-debian_defaults:$inet_socket_port = ''; /etc/amavis/conf.d$ sudo /etc/init.d/amavis start Starting amavisd: No listen sockets or ports specified (failed). /etc/amavis/conf.d$ ---8--- Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D

Bug#431853: depends on non-essential package adduser in postrm

this bug. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ --- amavisd-new.postrm.orig 2007-08-11 16:02:00.0 +0200 +++ amavisd-new.postrm 2007-08-11 15:59:10.0 +0200 @@ -18,6 +18,36 @@ # for details

Bug#434045: security-bug informations for horde3 package

3.1.3-4etch1. For the unstable distribution (sid) this problem has been fixed in version 3.1.4-1. We recommend that you upgrade your horde3 package. 8-- Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels

Bug#434045: [pkg-horde] Bug#434045: horde3: Cross-site scripting (XSS) vulnerability

code of all pages. Then we could imagine a lot of attacks, for example a fake login/password form... I am working on updated packages and warning security team. Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr

Bug#411479: and with nfs?

Hi, I have same problem here with deleting lock file and nfs:/home. My strange workaround is: % mv ~/.mozilla ~/foo % mv ~/foo ~/.mozilla Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE

Bug#411479: and with nfs?

On Thu, Apr 26, 2007 at 09:28:03PM +0200, Gregory Colpart wrote: Hi, I have same problem here with deleting lock file and nfs:/home. My strange workaround is: % mv ~/.mozilla ~/foo % mv ~/foo ~/.mozilla Oops, sorry, I'm confused. The problem was presence of '.parent.lock' file. I knew

Bug#420098: tla-buildpackage: change module name tla_support to vcs_support

import util +from vcs_support import util from tbppy import versions, extcmd, tbpconfig util.verbose = 1 Regards, -- Gregory COLPART GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- System Information: Debian Release: lenny/sid APT prefers unstable

Bug#375077: udevd: nss_ldap: failed to bind to LDAP server - boot fails

is hacky patch for postinst : if [ -x /etc/init.d/libnss-ldap ]; then update-rc.d -f libnss-ldap remove /dev/null update-rc.d libnss-ldap start 03 S . start 01 0 6 . stop 01 2 3 4 5 . /dev/null || exit $? fi Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix

Bug#358317: tla-buildpackage: Needs adapting to new tla-load-dirs libraries

printhelp(): print Usage: @@ -42,6 +43,8 @@ if len(sys.argv) 4: syntax() +commandver.setscm(tla) + progname, ARCHIVENAME, ARCHIVELOC, WCLOC = sys.argv CONFIGVER = %s/configs--head--1.0 % ARCHIVENAME if os.path.exists(ARCHIVELOC): Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG

Bug#382291: load-dirs-common: Using 'tla -v' instead of 'tla -V' in svk test

) File /usr/lib/python2.3/site-packages/tla_support/commandver.py, line 137, in cmd gettlasyntax() File /usr/lib/python2.3/site-packages/tla_support/commandver.py, line 69, in gettlasyntax elif util.getstdoutsafeexec(tlacmd, ['-v'])[0].find('This is svk') != -1: Regards, -- Gregory

Bug#364068: [pkg-horde] Bug#364068: imp4: Fails to display any message

On Sat, May 06, 2006 at 01:44:23AM +0300, Mikko Visa wrote: I'll try imp 4.1, any idea when it comes to testing? Seems to be in unstable already. It is now: http://packages.qa.debian.org/i/imp4/news/20060506T210819Z.html Regards -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E

Bug#323350: #323350: egroupware: Another XMLRPC vulnerability

.dfsg.patch 84f23e68ad3cdecabcefb63edf13405b Thanks, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]