Source: python-srp
Version: 1.0.4-1
Severity: serious
Control: block 797926 by -1
Hi,
It seems you have a hardcoded dependency on libssl1.0.0. The
package has been renamed to libssl1.0.2 and you now depend on both
of them. Please remove the hardcoded dependency.
Kurt
Source: sslsplit
Version: 0.4.11+dfsg-1
Severity: serious
Control: block 797926 by -1
Hi,
The SSLv3 method has been disabled in Debian so your package now
fails to build. You have this code:
#ifdef SSL_OP_NO_SSLv3
if (!strcmp(optarg, "ssl3")) {
opts->sslmethod =
Hi,
So the code looks like:
if (0 == strcmp("sslv23", protocol))
{
verb ("V: using SSLv23_client_method()");
ctx = SSL_CTX_new(SSLv23_client_method());
} else if (0 == strcmp("sslv3", protocol))
{
verb ("V: using SSLv3_client_method()");
ctx =
Hi,
So you currently have:
static const SSL_METHOD *
ssl_select_method(const char *uhp)
{
const SSL_METHOD *method;
char*cp;
cp = ssl_method_string(uhp);
if (cp != NULL) {
if (equal(cp, "ssl3"))
method =
Source: sflphone
Severity: grave
Tags: security
I just saw this in the code:
SSL_CTX_set_cipher_list(ctx, "ALL");
This enables ciphers you don't want, it might include those that
don't provide authentication or encryption.
Kurt
Hi,
I see various things like:
typedef enum pj_ssl_sock_proto
{
PJ_SSL_SOCK_PROTO_DEFAULT, /**< Default protocol of backend. */
PJ_SSL_SOCK_PROTO_TLS1, /**< TLSv1.0 protocol. */
PJ_SSL_SOCK_PROTO_SSL3, /**< SSLv3.0 protocol. */
Hi,
So looking at the code your currently have:
method=((!protocol || !*protocol)
? NULL:
strcmp(protocol, "SSL3") == 0
? SSLv3_method():
strcmp(protocol, "SSL23") == 0
? SSLv23_method():
Hi,
So you have code like this for both client and server:
static int worker_set_client_method(worker_t * worker, const char
*sslstr) {
int is_ssl = 0;
ssl_wconf_t *config = ssl_get_worker_config(worker);
if (strcasecmp(sslstr, "SSL") == 0) {
is_ssl = 1;
config->meth =
Source: kannel-sqlbox
Version: 0.7.2-3
Severity: serious
Control: block 797926 by -1
Hi,
You have a build-depedency on kannel-dev (<< 1.4.4), but the
current version in unstable is 1.4.4-1+b1.
Kurt
Source: galera-3
Version: 25.3.12-3
Severity: serious
Control: block 797926 by -1
Hi,
Your package FTBFS on s390x. It's unclear to me what the error
is. For a full log see:
https://buildd.debian.org/status/fetch.php?pkg=galera-3=s390x=25.3.12-3=1447450818
Kurt
Source: kumofs
Version: 0.4.13-6.1
Severity: serious
Control: block 797926 by -1
Hi,
Your package is failing to build on ppc64el with the following
error:
cluster.cc: In member function 'void
rpc::cluster_transport::init_message(rpc::msgobj, rpc::auto_zone)':
cluster.cc:134:1: error:
Source: swi-prolog
Version: 7.2.0-2
Severity: serious
Control: block 797926 by -1
Hi,
Your package is failing to build with the following error on
ppc64el:
JUNIT=/usr/share/java/junit.jar JAVA=java JAVA_PRELOAD= ./test-java.sh
Welcome to SWI-Prolog (Multi-threaded, 64 bits, Version 7.2.0)
Source: trafficserver
Version: 6.0.0-2
Severity: serious
Control: block 797926 by -1
Hi,
Your package is failing to build on ppc64el. It looks like this
is the error:
configure:25484: cc -c -g -O2 -fPIE -fstack-protector-strong -Wformat
-Werror=format-security -O3 -std=gnu99 -pipe -Wall
Source: transgui
Version: 5.0.1-2
Severity: serious
Control: block 797926 by -1
Hi,
Your package seems to have a dependency on libssl1.0.0. It has
just been renamed to libssl1.0.2. After a rebuild you still
depend on libss1.0.0.
It seems the library is loaded using:
Source: zorp
Version: 3.9.5-7
Severity: serious
Control: block 797926 by -1
Hi,
The SSLv3 methods in the openssl package have been removed and as
a result your package can't be build anymore.
The code looks like:
if (strcmp(self->ssl_opts.ssl_method[side]->str, "SSLv23") == 0)
{
if
Source: medusa
Version: 2.1.1-1
Severity: serious
Control: block 797926 by -1
Hi,
SSLv3 support has been removed in Debian and as a result your
package now fails to build. The code looks like this:
/* The SSL context can support SSLv2, SSLv3, or both. The default is to use
whatever
the
reopen 804336
thanks
>* Add patch to fix build error after SSLv3 deprication (Closes: #804336)
This does not fix the bug that was reported, it just fixes the
reason it was found.
You actually build-depend on boost that provides that library. I
see no good excuse for not using the version
On Thu, Nov 12, 2015 at 09:35:26PM +0200, Otto Kekäläinen wrote:
> Hello!
>
> I can see the failing builds at
> https://buildd.debian.org/status/package.php?p=galera-3
>
> But where can I find the sources for the uploads about version
> 25.3.12-2+b1 and +b2 ?
> Or do these numbers simply stand
On Mon, Nov 09, 2015 at 09:36:46PM +, Chris Knadle wrote:
> Kurt Roeckx:
> > On Mon, Nov 09, 2015 at 07:58:30PM +, Chris Knadle wrote:
> >>
> >> Everybody dealing with the mumble bug agrees that SSL should be initialized
> >> before making SSL calls -- t
On Mon, Nov 09, 2015 at 07:58:30PM +, Chris Knadle wrote:
>
> Everybody dealing with the mumble bug agrees that SSL should be initialized
> before making SSL calls -- the reason I opened #804487 is to try to figure
> out /what/ caused mumble_1.2.10-2+b1 to break, when mumble_1.2.10-2 works.
>
On Sun, Nov 08, 2015 at 10:26:42PM +, Chris Knadle wrote:
> Package: openssl
> Version: 1.0.2d-3
> Severity: serious
>
> Greetings.
>
> I'm marking this bug as 'serious' because the upgrade to 1.0.2d-3 seems to
> have broken mumble, though it's unclear why that would be.
>
> After a binNMU
Source: httperf
Version: 0.9.0-2
Severity: serious
Control: block 797926 by -1
Hi,
You have this code in httperf.c:
/* for some strange reason, SSLv23_client_method () doesn't work here */
ssl_ctx = SSL_CTX_new (SSLv3_client_method ());
SSLv3 has been removed in unstable. Please
Source: gsoap
Version: 2.8.22-1
Severity: serious
Control: block 797926 by -1
Hi,
Your package is failing to build on mips and mipsel with the
following error:
make[5]: Entering directory '/«PKGBUILDDIR»/gsoap/wsdl'
../../gsoap/src/soapcpp2 -SC -pwsdl -I. -I../../gsoap/import ./wsdl.h
soapcpp2:
On Sun, Nov 08, 2015 at 09:33:03PM +, Thomas Calderon wrote:
> Hello Kurt,
>
> Do you know if the ocaml SSL library has changed or been removed has a
> consequence of your cleanup?
> That could explain why the configure script does not find it any longer.
I'm not sure what the ocaml ssl
Source: imapfilter
Version: 1:2.6.2-1
Severity: serious
Control: block 797926 by -1
Hi,
In imapfilter.c you set things up like this:
ssl3ctx = SSL_CTX_new(SSLv3_client_method());
ssl23ctx = SSL_CTX_new(SSLv23_client_method());
tls1ctx = SSL_CTX_new(TLSv1_client_method());
Package: cl-plus-ssl
Version: 20150608-1
Severity: serious
Control: block -1 by 797926
Hi,
libssl1.0.0 has been renamed to libssl1.0.2 and you seem to have a
hardcoded dependency on it. I assume you actually need this
dependency. Can you change it to libssl1.0.2?
Kurt
Source: caml-crush
Version: 1.0.6-1
Severity: serious
Control: block 797926 by -1
Hi,
Your package is failing to build with the following error:
configure:4778: Using OCaml RPC over ssl for server side ...
configure:4782: checking OCaml package ssl
configure:4789: error: not found
Kurt
Source: galera-3
Version: 25.3.12-2
Severity: serious
Control: block 797926 by -1
Hi,
It seems that the asio is an embedded copy of the one provided by
boost. You seem build-depend on boost, but the embedded code
seems to be used instead.
Boost was just fixed for #803881, but your package is
On Sat, Nov 07, 2015 at 02:36:38PM +0100, Johnny Willemsen wrote:
> Hi,
>
> Please create a pull request for the necessary changes, ACE is hosted
> upstream at https://github.com/DOCGroup/ATCD/.
https://github.com/DOCGroup/ATCD/pull/156
Kurt
Source: ace
Version: 6.3.2+dfsg-1
Severity: serious
Control: block 797926 by -1
Ace has various code that can use functions like
SSLv3_client_method(). For SSL2 you currently already do
use OPENSSL_NO_SSL2. Please also use OPENSSL_NO_SSL3 to remove
support for the SSLv3 methods.
It seems that
Source: cone
Version: 0.89-1
Severity: serious
Control: block 797926 by -1
Hi,
./tcpd/libcouriertls.c has this piece of code:
ctx=SSL_CTX_new(protocol && strcmp(protocol, "SSL3") == 0
? SSLv3_method():
protocol && strcmp(protocol, "SSL23")
On Fri, Nov 06, 2015 at 05:48:32PM +0100, gregor herrmann wrote:
> On Tue, 03 Nov 2015 22:35:10 +0100, Kurt Roeckx wrote:
>
> > On Tue, Nov 03, 2015 at 10:33:21PM +0100, Kurt Roeckx wrote:
> > > On Tue, Nov 03, 2015 at 09:56:36PM +0100, gregor herrmann wrote:
>
&
On Fri, Nov 06, 2015 at 09:22:04PM +0200, Niko Tyni wrote:
> On Fri, Nov 06, 2015 at 05:48:32PM +0100, gregor herrmann wrote:
>
> > I have to admit that I'm still not completely sure if/how this
> > affects us packaging-wise. My current understanding is, that the
> > library would allow to set
Source: ruby2.2
Severity: serious
Hi,
I've removed the SSLv3_* methods in OpenSSL and as result ruby is
now failing to build. I opened a ticket about this upstream some
time ago, and you should be able to find a patch for it there:
https://bugs.ruby-lang.org/issues/11376
Kurt
Package: apf
Severity: serious
Tags: security
Hi,
Looking at your package I saw this:
if (SSL_CTX_set_cipher_list(ctx, "ALL:@STRENGTH") == 0) {
This enabled all ciphersuites, including those that don't provide
any authentication or encryption. This is ussually not what you
want. You
Source: attic
Version: 0.13-1
Severity: serious
Hi,
The package seems to have a fixed dependency on libssl1.0.0. It's
been renamed to libssl1.0.2 and you now have a dependency on both.
Please remove the dependency on libssl1.0.0.
Kurt
Source: libcrypt-ssleay-perl
Version: 0.58-1
Severity: serious
Hi,
Your package has code in SSLeay.xs that does:
if(ssl_version == 23) {
ctx = SSL_CTX_new(SSLv23_client_method());
}
else if(ssl_version == 3) {
ctx =
Source: libnet-tclink-perl
Version: 3.4.0-7
Severity: serious
Hi,
Your package does this in tclink.c:
c->meth = SSLv3_client_method();
Please call SSLv23_client_method() instead. The SSLv3_* methods
only supports SSLv3 while the SSLv23_* is the only that supports
multiple
On Tue, Nov 03, 2015 at 10:33:21PM +0100, Kurt Roeckx wrote:
> On Tue, Nov 03, 2015 at 09:56:36PM +0100, gregor herrmann wrote:
> > On Tue, 03 Nov 2015 20:50:43 +0100, Kurt Roeckx wrote:
> >
> > > You really only ever want to use SSLv23_client_method() since th
On Tue, Nov 03, 2015 at 09:56:36PM +0100, gregor herrmann wrote:
> On Tue, 03 Nov 2015 20:50:43 +0100, Kurt Roeckx wrote:
>
> > You really only ever want to use SSLv23_client_method() since that
> > is the only one that supports multiple versions. I suggest you
> >
Source: dnsval
Version: 2.0-2
Severity: serious
Hi,
Version 2.0 has this line in dane_check.c:
const SSL_METHOD *meth = SSLv3_client_method();
On the other hand, the 2.1 version has:
const SSL_METHOD *meth = SSLv23_client_method();
(It also explicitly disables SSLv2 and SSLv3, but that
Source: apf
Severity: serious
Hi,
Your package uses this in afserver.c
method = SSLv3_server_method();
And this in afclient.c:
method = SSLv3_client_method();
Please change those to use SSLv23_server_method() and
SSLv23_client_method() instead. The SSLv3_* methods only
supports
Source: boost1.58
Severity: serious
Hi,
The SSLv3 methods have now been removed from OpenSSL. Please use
a patch like in #621402 but then using OPENSSL_NO_SSL3_METHOD.
Please let me know if you need any help.
Kurt
On Thu, Oct 22, 2015 at 01:40:06AM +0200, Tristan Seligmann wrote:
> Package: ntp
> Version: 1:4.2.8p4+dfsg-1
> Severity: grave
> Justification: renders package unusable
>
> As per subject. This may well be a duplicate of #793745, however:
>
> - I am using the default ntp.conf shipped with the
On Thu, Oct 15, 2015 at 09:54:16PM +0530, shirish ? wrote:
> Dear Kurt,
>
> Any news from ftp-masters ? Did you ping them recently ? Or we going
> to wait out the stretch cycle, we are already near alpha 4 and there
> hasn't been any possibility of testing jitsi as libjitsi is stuck in
> new.
Package: frama-c
Version: 20150201+sodium+dfsg-1
Severity: serious
Hi,
During upgrade I get:
Preparing to unpack .../frama-c_20150201+sodium+dfsg-1_amd64.deb ...
Unpacking frama-c (20150201+sodium+dfsg-1) over (20140301+neon+dfsg-3+b1) ...
dpkg: error processing archive
On Fri, Aug 14, 2015 at 11:36:25AM +0200, intrigeri wrote:
Hi,
intrigeri wrote (26 May 2015 09:06:57 GMT) :
Dererk wrote (23 May 2015 12:45:16 GMT) :
What would you say about importing ntp apparmor's hardening profile into
ntp package?
This carries a little bit of work, trivial in my
On Sun, Aug 02, 2015 at 03:22:27PM -0400, sacrificial-spam-addr...@horizon.com
wrote:
Since I run a pool server, I have a customized config. That means that
I have the pool servers commented out, and the comment on the rlimit
command says it's not needed in that case, so I left it out of my
On Thu, Jul 30, 2015 at 08:26:43AM +0100, Christophe Wolfhugel wrote:
I would conclude that something somewhere makes the getpw*
call fail when rlimit memlock 0 is not used.
As I understand, the default should change in one of the next
upstream versions. It causes all kind of weird behaviour
On Tue, Jul 28, 2015 at 02:41:12PM +0200, Christophe Wolfhugel wrote:
I do agree there must be something else which broke the
getpw call or the libc somehow. On another machine I also
have compat for nsswitch.conf and it worked.
Do you use the default ntp.conf as shipped in the latest package?
On Sun, Jul 26, 2015 at 07:34:10PM -0600, Bob Proulx wrote:
Jul 26 19:23:54 hysteria ntpd[15301]: Cannot find user ID 109
$ grep 109 /etc/passwd
ntp:x:109:116::/home/ntp:/bin/false
$ grep 116 /etc/group
ntp:x:116:
The call to getpwuid() failed. So I think there is something
On Wed, Jun 24, 2015 at 10:24:31PM +0200, Vincent Legoll wrote:
Hello,
Some time ago (I'll say about a month ago) my wifi stopped working, as
I had not time to investigate back then, I used eth0 instead.
Now that I'm willing to investigate that issue, I stumbled upon this
bug report which
libjitsi is still in NEW. You will have to wait for that.
Kurt
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: openssl
Version: 1.0.2b-1
Severity: serious
The HMAC_CTX structure added a new field at the end increasing
it's size. This can break applications that allocate it on the
stack.
It looks like at least OpenSSH 4.7 through 6.5 on 32 bit platforms
are affected.
Kurt
--
To UNSUBSCRIBE,
On Mon, Jun 01, 2015 at 04:14:32PM +0100, Dominic Hargreaves wrote:
Buildd admins: please can the amd64 build of perl 5.22.0~rc2-2 be
given-back to see if it lands on a working host?
Given back.
Kurt
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of
On Sun, May 24, 2015 at 06:42:03AM +0200, Christoph Anton Mitterer wrote:
What's the status here?
It's been sitting in the new queue for at leats 7 months.
Kurt
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Sat, May 09, 2015 at 03:10:24PM +0200, Vincent Lefevre wrote:
This bug is signaled by apt-listbugs:
serious bugs of openssl (1.0.1k-3 - 1.0.2a-1) Outstanding
b1 - #781094 - curl: relocation error on starting
Merged with: 768476 768522 769023 770278 770605 771169 771993 781929
On Sat, May 09, 2015 at 03:57:29PM +0200, Vincent Lefevre wrote:
No, all those packages that had an issue with it still need to be
fixed. They need to get reassigned to all affected packages.
Yes, this is already done, at least for curl. But this bug here
is against openssl. Shouldn't it
tag 768476 - sid
thanks
On Mon, May 04, 2015 at 06:53:39AM +, Gianfranco Costamagna wrote:
What is the rationale for this?
I see in the changelog:
* Temporary enable SSLv3 methods again, but they will go away.
so if the changelog is correct, sid is *not* affected.
It's not.
On Mon, May 04, 2015 at 04:32:29PM +0200, Christoph Anton Mitterer wrote:
On Mon, 2015-05-04 at 09:34 +0200, Kurt Roeckx wrote:
so if the changelog is correct, sid is *not* affected.
It's not.
Uhm... I thought 1.0.2a-1 (sid) is higher than 1.0.2~beta3-1
(experimental)... and I haven't
On Thu, Apr 23, 2015 at 05:31:56PM +, Jacob Appelbaum wrote:
Could you detail which host you're using to fetch the time? I suspect
that it clearly is one that randomizes the time field (makes sense,
many do now, including the default one). Also it looks like tlsdate
failed closed many
Package: tlsdate
Version: 0.0.12-2
Severity: grave
Hi,
I found this in my syslog today:
Apr 23 16:09:23 intrepid tlsdated[3408]: [event:action_run_tlsdate] requested
re-run of tlsdate while tlsdate is running
Apr 23 16:09:23 intrepid tlsdated[3408]: [event:action_tlsdate_status] invalid
time
On Sun, Apr 05, 2015 at 07:25:06AM +0530, shirish ? wrote:
Hi all,
I read almost all of the bugs which are merged with this. But couldn't
find a single one in which the bug had been forwarded to OpenSSL BTS.
This is not an upstream OpenSSL problem.
Can somebody explain with some more
On Mon, Mar 09, 2015 at 09:23:22AM +0100, Michael Biebl wrote:
Not sure.
When you run systemctl disable NetworkManager.service, did it remove the
/etc/systemd/system/dbus-org.freedesktop.NetworkManager.service symlink?
It shows:
# systemctl disable network-manager
Synchronizing state for
On Thu, Feb 19, 2015 at 07:35:16AM +0100, Kurt Roeckx wrote:
I assume something else restarts it, but I have no idea what. Is
there some way to debug this so I can reassign it?
I had to go and stop dbus to be able to get my network up. I
tried disabling network-manager but even that doesn't
On Mon, Mar 09, 2015 at 09:13:31AM +0100, Michael Biebl wrote:
Am 19.02.2015 um 07:35 schrieb Kurt Roeckx:
severity 760998 serious
thanks
At this point I'm unable to stop network manager and keep it
stopped. Now I have 0.9.10.0-6.
The log file shows:
NetworkManager[15359]: info
On Tue, Feb 24, 2015 at 04:46:36PM +0800, ??? Dan Jacobson wrote:
All I know is on Debian curl is unusable,
Stop using the version from experimental.
Kurt
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Sun, Feb 22, 2015 at 01:49:16AM +0100, Florian Schlichting wrote:
On Fri, Feb 20, 2015 at 10:50:20PM +0100, Kurt Roeckx wrote:
On Fri, Feb 20, 2015 at 10:08:48PM +0100, Florian Schlichting wrote:
| RC4 3880.5871
| RC4 Only 3712 0.7918
On Sun, Feb 22, 2015 at 08:45:40PM +0100, Louis van Belle wrote:
With TLS it should be no problem to have those weak ciphers in the list
I dont agree with this..
I'm not sure why you don't agree. Care to explain why you think
this is a problem?
Due to weak crypters avaible and programs (
On Sat, Feb 21, 2015 at 08:52:59AM +0100, Vincent Bernat wrote:
? 20 février 2015 22:50 +0100, Kurt Roeckx k...@roeckx.be :
Please note that RC4 in the default configuration should never be
negiotated by modern clients and servers. The problem is
administrators who think they know
On Sat, Feb 21, 2015 at 05:27:42PM +0100, Vincent Bernat wrote:
? 21 février 2015 13:29 +0100, Kurt Roeckx k...@roeckx.be :
The defaults are good enough, as long as you don't really care
about PFS because IE doesn't have those at the top of it's list.
If you just change it to prefer
On Sat, Feb 21, 2015 at 06:22:40PM +0100, Vincent Bernat wrote:
? 21 février 2015 17:50 +0100, Kurt Roeckx k...@roeckx.be :
Do you know what the minimum changes requirements are to get an
A(+)?
I'm guessing it requires at least this in wheezy:
- SSLProtocol all -SSLv3
On Sat, Feb 21, 2015 at 12:38:01PM +0100, Vincent Bernat wrote:
? 21 février 2015 10:49 +0100, Kurt Roeckx k...@roeckx.be :
Please note that RC4 in the default configuration should never be
negiotated by modern clients and servers. The problem is
administrators who think they know
On Fri, Feb 20, 2015 at 10:08:48PM +0100, Florian Schlichting wrote:
On Fri, Feb 20, 2015 at 06:25:44PM +0100, Kurt Roeckx wrote:
On Fri, Feb 20, 2015 at 06:10:59PM +0100, Florian Schlichting wrote:
What servers, and what clients are we talking about here?
You might want to look
On Fri, Feb 20, 2015 at 06:10:59PM +0100, Florian Schlichting wrote:
Hi Kurt,
To protect our users and comply with adopted Internet standards, openssl
in Debian should no longer include RC4 ciphers in the DEFAULT list of
ciphers, neither in Jessie nor supported stable / oldstable
On Thu, Feb 19, 2015 at 10:38:14AM +0100, Florian Schlichting wrote:
Package: openssl
Version: 1.0.1e-2+deb7u14
Severity: serious
Tags: security
Newly released RFC 7465 [0] describes RC4 as being on the verge of
becoming practically exploitable and consequently mandates that both
servers
On Sun, Feb 15, 2015 at 09:19:29PM +0100, Tomasz Buchert wrote:
On 14/02/15 10:44, Kurt Roeckx wrote:
Package: apt-transport-https
Version: 1.0.9.6
Severity: serious
Hi,
When I try to download something over https apt just segfaults:
https[7809]: segfault at 69 ip 7f523b8cbb03
Package: apt-transport-https
Version: 1.0.9.6
Severity: serious
Hi,
When I try to download something over https apt just segfaults:
https[7809]: segfault at 69 ip 7f523b8cbb03 sp 7fff432589e0 error 4 in
https[7f523b8c+12000]
Kurt
--
To UNSUBSCRIBE, email to
On Sat, Jan 17, 2015 at 04:59:10PM +0200, MiloMak wrote:
On Thu, 27 Nov 2014 11:52:58 +0100 Alessandro Ghedini gh...@debian.org
wrote:
Control: reassign -1 openssl
Control: forcemerge 768476 -1
On gio, nov 27, 2014 at 11:34:30 +0100, Salvo Tomaselli wrote:
Package: curl
Version:
reopen 768681
severity 768681 important
thanks
On Wed, Dec 17, 2014 at 08:02:30AM +0100, Paul Gevers wrote:
On 16-12-14 22:53, Kurt Roeckx wrote:
Which upstream?
I meant openssl, as I thought William was referring to that.
Upsteam openssl is saying that this is intentional behaviour
On Tue, Dec 16, 2014 at 10:15:51PM +0100, Paul Gevers wrote:
Control: tags -1 patch
Hi William
On Sun, 16 Nov 2014 18:28:05 +0100 William Bonnet will...@wbonnet.net
wrote:
If it is double-checked with upstream, then this bug report
should be reassigned to openssl package.
I'll do
On Wed, Dec 10, 2014 at 10:59:20PM +0100, Yves-Alexis Perez wrote:
[WB-team: we have an issue with the unbound amd64 build for DSA 3097-1,
so I'm adding you to the loop, see below]
On mer., 2014-12-10 at 16:46 -0500, Robert Edmonds wrote:
Yves-Alexis Perez wrote:
Thanks. Although it
On Tue, Dec 02, 2014 at 11:02:27AM +0100, Thomas Prokosch wrote:
I have just tried running smartctl with the updated binutils version
2.24.90.20141201-1, however the bug is still there.
$ smartctl -a /dev/sda
Inconsistency detected by ld.so: dl-version.c: 224: _dl_check_map_versions:
On Sun, Nov 16, 2014 at 12:31:53PM +0500, Andrey Rahmatullin wrote:
The problems are caused by disabled SSLv3. See also
https://bugs.launchpad.net/u1db/+bug/1383475
I was able to build the package with the following patch:
--- u1db-13.10.orig/u1db/tests/test_https.py
+++
On Sun, Nov 16, 2014 at 06:28:05PM +0100, William Bonnet wrote:
NodeJs is expecting to have this test to fail, which is ok, but it is
also checking for the failure reason. Since the EVPerr is not called
before returning the computed zero value, openssl return an undefined
failure reason.
On Fri, Nov 07, 2014 at 05:38:20PM +0100, Michael Moravec wrote:
Package: openssl
Version: 1.0.2~beta3-1
Severity: grave
Justification: renders package unusable
Dear maintainer,
after upgrading openssl to 1.0.2~beta3-1, packages depending on libssl.so
stopped working, with the following
Package: netpbm
Version: 2:10.0-15.1
Severity: serious
Hi,
I'm getting:
Preparing to unpack .../netpbm_2%3a10.0-15.1+b1_i386.deb ...
Unpacking netpbm (2:10.0-15.1+b1) over (2:10.0-15+b3) ...
dpkg: error processing archive
/var/cache/apt/archives/netpbm_2%3a10.0-15.1+b1_i386.deb (--unpack):
On Sat, Oct 25, 2014 at 06:44:50PM +0200, intrigeri wrote:
Hi Kurt,
Kurt Roeckx wrote (09 Sep 2014 19:01:53 GMT) :
gdm isn't giving me any option to log in anymore.
Is it still the case with gdm3 3.14.1-1 (from sid)?
3.14.1-1 is still has the same problem.
Kurt
--
To UNSUBSCRIBE
Package: emacs23
Severity: serious
Tags: security
Hi,
It has come to my attention that Gnus is using s_client to set up
SSL connections to retrieve email. Please stop using that.
s_client is a debug tool, it does not set up a secure connection,
it ignores all errors and just continues. It also
On Sun, Oct 19, 2014 at 07:38:50PM +0200, Laurent Bigonville wrote:
Hello,
Version: 3.12.2-2.1
Did you try to update all the GNOME stack? unstable currently has gdm
3.14.
Could you also please add the dependencies list with the version? I
think we are missing a strict versioned
On Sun, Sep 07, 2014 at 02:16:03PM +0200, Andreas Metzler wrote:
Package: libgnutls26
Version: 2.12.23-17
Severity: serious
GnuTLS 2.12 should not be shipped in jessie, let's make sure it does
not accidentally re-enter testing after its removal (which is not yet
scheduled).
Can you
Package: php-sasl
Version: 0.1.0-3
Severity: serious
Hi,
php-sasl's upload on arm64 is being rejected because it's missing
a mandatory field. I'm not sure which one it is, but I think it's
Description.
I get:
$ dpkg -I php5-sasl_0.1.0-3_arm64.deb
new debian package, version 2.0.
size 10824
On Thu, Sep 04, 2014 at 04:21:42PM -0400, Scott Kitterman wrote:
On Thursday, September 04, 2014 18:48:18 Kurt Roeckx wrote:
Package: opendmarc
Version: 1.2.0+dfsg-1
Seveirty: grave
Tags: security
Hi,
My opendmarc started segfaulting 2 days ago:
[7521900.795653] opendmarc[5088
On Sat, Aug 30, 2014 at 08:10:41PM +0200, Philipp Kern wrote:
On Sat, Aug 30, 2014 at 03:34:32PM +0200, Gilles Filippini wrote:
insighttoolkit4 repeatedly FTBFS on amd64 [1] because of ENOSPC. A
manual build on porterbox barriere.debian.org reported a need of ~44GB
while it failed on buildd
On Mon, Aug 11, 2014 at 02:40:03PM +0300, Damyan Ivanov wrote:
-=| Damyan Ivanov, 11.08.2014 11:36:54 +0300 |=-
I've prepared an NMU for openbabel (versioned as 2.3.2+dfsg-1.3) and
uploaded it to unstable.
This failed to build on brahms/amd64 [1] with an IEC:
[100%] Building CXX object
On Wed, Jul 23, 2014 at 11:58:29AM +0100, Colin Watson wrote:
On Tue, Jul 22, 2014 at 06:56:55PM +0200, Kurt Roeckx wrote:
On Tue, Jul 22, 2014 at 11:03:07AM +0200, Cyril Brulebois wrote:
Colin Watson cjwat...@debian.org (2014-07-22):
On Tue, Jul 22, 2014 at 04:09:32AM +0200, Cyril
On Tue, Jul 22, 2014 at 11:03:07AM +0200, Cyril Brulebois wrote:
Colin Watson cjwat...@debian.org (2014-07-22):
On Tue, Jul 22, 2014 at 04:09:32AM +0200, Cyril Brulebois wrote:
your package no longer builds on i386 due to some test failures:
| FAIL: test-ffs
| FAIL: test-ffsl
This
On Fri, Jun 27, 2014 at 08:05:41PM +0200, Andreas Metzler wrote:
On 2014-06-26 Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jun 26, 2014 at 07:58:04PM +0200, Andreas Metzler wrote:
[...]
indeed an important difference comes up when comparing
gnutls-cli -p 443 gnutls.notary.icsi.berkeley.edu
On Thu, Jun 26, 2014 at 07:58:04PM +0200, Andreas Metzler wrote:
On 2014-06-25 Kurt Roeckx k...@roeckx.be wrote:
Package: lynx-cur, libgnutls26
Severity: serious
Tags: security
Hi,
There is a test site for checking the gnutls bug:
https://gnutls.notary.icsi.berkeley.edu/
I can
Package: lynx-cur, libgnutls26
Severity: serious
Tags: security
Hi,
There is a test site for checking the gnutls bug:
https://gnutls.notary.icsi.berkeley.edu/
I can connect to it and get the message:
If you see this without getting a certificate error you are
vulnerable against the GnuTLS
201 - 300 of 2539 matches
Mail list logo
