Hi, I've just uploaded an nmu fixing this issue. See attached patch.
Best wishes,
Mike
mcrypt.patch
Description: Binary data
control: tag -1 patch
Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see
attached patch.
Best wishes,
Mike
customerrormessage.patch
Description: Binary data
control: tag -1 patch
Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see
attached patch.
Best wishes,
Mike
javamorph.patch
Description: Binary data
On Fri, Nov 2, 2012 at 10:11 AM, gustavo panizzo wrote:
hello, i've prepared an updated version of slapd package which fix
the bug #665199
Hi, I've just reviewed this, and it looks reasonable. However, the
changelog note is not really descriptive enough:
* Fix a bug while upgrading from
Hi, I've uploaded an nmu fixing this issue. Please see attached
patch, which might not be that meaningful since its just removing
files from the upstream tarball.
Best wishes,
Mike
python.patch
Description: Binary data
package: pyepl
version: 1.1.0-3
severity: serious
The pyepl packages are empty when built with gcc 4.7,
code/hardware/eeg/pulse/parallel.h needs #include unistd.h
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
control: tag -1 patch
Hi, I've uploaded an nmu fixing these issues to delayed/5. Please see
attached patch.
Best wishes,
Mike
pyepl.patch
Description: Binary data
On Sat, Nov 3, 2012 at 1:19 AM, Yaroslav Halchenko wrote:
although patch should also take care about Hurd to be complete if would
build there nicely... or better just remove that conditioning
Hurd isn't a release architecture, so it isn't urgent and probably
wouldn't be appreciated by the
package: software-center
version: 5.1.2debian3
severity: grave
Here is the output from software-center when the synaptic package is
not installed:
$ software-center
[...]
Traceback (most recent call last):
File /usr/bin/software-center, line 133, in module
app =
control: tag -1 patch
Hi, I've uploaded an nmu fixing these issues to delayed/5. Please see
attached patch.
Best wishes,
Mike
software-center.patch
Description: Binary data
What is needed to comply with policy is moving isdnactivecards from
Recommends
to Suggests. Please consider. You can still upload and then request
unblock bug report filed to Package: release.debian.org.
I already know them because of #682135 and I had tried to update the
package since
Hi, I've uploaded an nmu fixing this issue to delayed/2. Please see
attached patch.
Best wishes,
Mike
flexbackup.patch
Description: Binary data
Hi, I've uploaded an nmu fixing this issue to delayed/2. Please see
attached patch.
Best wishes,
Mike
ncurses.patch
Description: Binary data
Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see
attached patch.
Best wishes,
Mike
libapp.patch
Description: Binary data
Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see
attached patch.
Best wishes,
Mike
excel.patch
Description: Binary data
Hi, I've uploaded an nmu fixing this issue to delayed/5. Please see
attached patch.
Best wishes,
Mike
pdf.patch
Description: Binary data
On Tue, Oct 30, 2012 at 6:18 PM, Joachim Wiedorn wrote:
And now I have the same question as weeks before: is it important enough
to ask again the release team about permission for an updated package? I
think only this item is not worth enough for an updated package. But on
the other side it is
I think that the current status may badly affect the usual use of
some applications like Emacs. The fact that there are, AFAIK, no
workarounds (except by not using dash, e.g. by changing the /bin/sh
symlink) makes me think that it should still be a RC bug.
Would you mind if this were
control: severity -1 important
ii libavcodec537:0.10.3-dmo1
ii libavutil51 7:1.0-dmo2
Hi,
You have very strange libav packages installed, which do not exist in
the debian archive. Please try installing libav 6:0.8.4-1 and
retesting.
Thanks,
Mike
On Sun, Oct 28, 2012 at 6:28 PM, Cyril Brulebois wrote:
Michael Gilbert mgilb...@debian.org (25/10/2012):
I've uploaded an nmu fixing this issue to delayed/7. The extra time
is in case you want to do a maintainer upload instead. See attached
patch.
The changelog entry really should be more
control: tag -1 patch
Hi, I've uploaded an nmu fixing this issue. Please see attached patch.
Best wishes,
Mike
libproxy.patch
Description: Binary data
control: severity -1 normal
From an up-to-date Wheezy, /usr/bin/pdf2ps takes a long time of 100% CPU, but
succeeds in creating a 3.6 M PS file out of this small PDF.
One particular file that happens to take a while to convert is not a
severe enough issue to justify rc status.
Best wishes,
control: severity -1 normal
Setting severity to normal until we get an idea on what this is actually about.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi,
I've uploaded an nmu fixing this issue to delayed/2. See attached
patch, which is kind of unclear since the primary change was removing
the binary files from the upstream tarball and that doesn't show well
in the diff.
Best wishes,
Mike
atanks.patch
Description: Binary data
control: tag -1 patch
Hi,
I've uploaded an nmu fixing this issue to delayed/7. The extra time
is in case you want to do a maintainer upload instead. See attached
patch.
Best wishes,
Mike
tasksel.patch
Description: Binary data
Maybe some information about the disk layout helps, too:
/dev/sda is the only disk installed.
/dev/sda1 /boot ext4
/dev/sda2 encrypted physical volume for lvm2:
/dev/mapper/pv00physical volume
/dev/mapper/vg00-root / filesystem
On Thu, Oct 25, 2012 at 6:21 PM, Jesse Smith wrote:
Before applying patches for bug 691107 please keep in mind a new version
of Atanks will probably be out this weekend which will address the
Options menu issue. Even with the patch some testers are still reporting
problems and we want to get
control: severity -1 important
These defaults are really bad.
I had this happen to a machine running DRBD yesterday:
block drbd0: PingAck did not arrive in time.
block drbd0: peer( Secondary - Unknown ) conn( Connected - NetworkFailure )
pdsk( UpToDate - DUnknown )
block drbd0: asender
control: severity -1 wishlist
Please upload to experimental forcing build against hdf5 lib in experimental
(1.8.9)
otherwise h5py is not usable with libhdf5 from experimental:
Making other packages work in conjunction with experimental versions
is a wishlist item. If you need packages to
control: severity -1 wishlist
It appears that this bug is triggered by attempting to overwrite an
existing NetCDF file. We had previously created an output file of the
same name with `ncks`, and nccopy appeared to overwrite it correctly,
but instead left us with a mangled file, which should
control: notfound -1 9.20120909
control: severity -1 important
Commit closing 683557
http://anonscm.debian.org/gitweb/?p=debhelper/debhelper.git;a=commitdiff;h=00250d8cd20a37be362850d3ed8a652b0768455f
introduces one more bug: default python is not called because
/usr/lib/python/distutils/
Hi,
I've uploaded an nmu fixing this issue to delayed/2. Please see attached patch.
Best wishes,
Mike
infiniband.patch
Description: Binary data
control: reopen -1
the references point to Oracle products, not OpenJDK.
Oracle java is effectively openjdk, so there is every reason to
believe these issues affect it. It may take some research to track it
all down, but that's how it goes with security problems. It's never
easy. Sorry.
On Mon, Oct 15, 2012 at 11:52 PM, Matthew Grant wrote:
Thanks for that: Bit of a situation brewing for bind9 re #690569 (failure to
resolve dnssec-validated wildcards - major non-compliance to RFC etc) and
#690142 (this CVE)
Would appreciate your advice on how to proceed please. Note: Will
control: tag -1 patch
Hi, I've attached a proposed patch that moves the state file to /var/lib.
Best wishes,
Mike
bind.patch
Description: Binary data
control: retitle -1 CVE-2012-2248: build system paths used in -DCLIENT_PATH
On Mon, Oct 15, 2012 at 5:31 AM, Michael Stapelberg wrote:
All hooks in /etc/dhcp/dhclient-enter-hooks.d, such as samba when the
samba package is installed, are called with a PATH environment variable
containing this:
On Mon, Oct 15, 2012 at 3:01 PM, Michael Gilbert wrote:
control: retitle -1 CVE-2012-2248: build system paths used in -DCLIENT_PATH
On Mon, Oct 15, 2012 at 5:31 AM, Michael Stapelberg wrote:
All hooks in /etc/dhcp/dhclient-enter-hooks.d, such as samba when the
samba package is installed
I've uploaded an nmu to delayed/2 fixing this issue. See attached
patch diffed against testing and includes the multiarch conversion as
well.
Best wishes,
Mike
openjpeg.patch
Description: Binary data
Hi, I've canceled this nmu. There were a lot of Makefile and other
files unrelated to the security fix that got included vs -4.2. Also,
an nmu requirement is to attach the full diff to the bug report to
help the maintainer out later.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to
I see processes such as:
grub-mount /dev/mapper/vg1-SomeLogicalVolume /var/lib/os-prober/mount
Can you all see if you have anything in common with these vg
partitions? Also, can you analyze the output from manually running
the seemingly hanging process?
# grub-mount /dev/mapper/vgwhatever
control: tag -1 patch
Hi,
I've uploaded an nmu fixing this issue to delayed/5. Please let me
know if I should delay longer. See attached patch.
Best wishes,
Mike
sasl.patch
Description: Binary data
control: tag -1 patch
Hi, I've uploaded an nmu fixing this issue to delayed/10. I pulled
the patch unchanged directly from Ubuntu, so it should be ok, but I
want to give you sufficient time for review or to do a maintainer
upload. See attached.
Best wishes,
Mike
grub2.patch
Description:
control: reassign -1 grub-common
control: forcemerge 684574 -1
So, there seems to be a problem with video when I load EFI and grub all from
the harddisk, but it works when I load grub from the supergrub CD.
This seems like the EFI video modules issue.
Best wishes,
Mike
--
To UNSUBSCRIBE,
On Sun, Oct 14, 2012 at 5:29 AM, Ondřej Surý wrote:
Please revert, this will only break everything around and we don't
really want transition sasl right now.
The only thing which broke was openldap due some really deep internal
library symbols, which are not used anywhere else, and it's
control: severity -1 important
The 2.8-3+b3 binnmu solved the breakage problem originally reported.
An abi bump is still useful, but since there is no longer breakage,
this is no longer release-critical.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
control: severity -1 important
Section Device
Identifier Card0
Driver fglrx
BusID PCI:1:0:0
EndSection
Section Device
Identifier Card1
Driver intel
BusID PCI:0:2:0
EndSection
Would you mind trying an xorg conf with this
On Tue, Oct 9, 2012 at 1:55 AM, David Paleino wrote:
What would you like me to do about the deferred nmu?
Please cancel it.
I'll discuss the issue again with $someone (still don't know who, but
there is no bug to me).
Canceled. You can probably just close this bug with whatever version
On Mon, Oct 8, 2012 at 11:16 AM, David Paleino wrote:
On Sun, 7 Oct 2012 17:37:02 -0400, Michael Gilbert wrote:
control: tag -1 patch
Hi,
I've just uploaded an nmu to delayed/5 fixing this. Please review the
attached patch and let me know if it is an appropriate solution. I
can cancel
control: severity -1 normal
I also have this with my normal music. This affects everyone who uses
pulseaudio (and yes, this will be the default in wheezy) and therefore
makes this package unsuitable for release. There is also a fix
available - so i don't have problems to make this an RC bug.
control: severity -1 important
On Fri, Oct 5, 2012 at 11:57 PM, Christoph Egger wrote:
tags 688904 + pending
thanks
Dear maintainer,
I've prepared an NMU for dkms (versioned as 2.2.0.3-1.2) and
uploaded it to DELAYED/3. Please feel free to tell me if I
should delay it longer.
This is not
control: severity -1 important
On Thu, Oct 4, 2012 at 8:37 PM, Jens Stimpfle wrote:
To reiterate again, the current wheezy xpdf package is in a terribly
defunct state, possibly imposing severe security problems and should
under no circumstances be included into the stable release.
No it
control: tag -1 patch
Hi,
I've just uploaded an nmu to delayed/5 fixing this. Please review the
attached patch and let me know if it is an appropriate solution. I
can cancel or delay the nmu as needed.
Best wishes,
Mike
wicd.patch
Description: Binary data
control: severity -1 normal
Downgrading severity since this is a very uncommon use case, and
doesn't should not be viewed as critical for the wheezy release.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
control: severity -1 important
Sadly, some packages that provide the gstreamer0.10-audiosink virtual
package do not satisfy the need for a mixer control.
Which gstreamer0.10-audiosink providers cause this problem? The bug
should be reassigned to those specific package(s).
Downgrading
control: severity -1 important
This does not need to be release critical since everything works fine
in a pure testing environment.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
control:severity -1 important
This doesn't qualify as grave. It seems like the wrong fs type was used.
best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
control: retitle -1 nouveau needs patches backported from 3.4 to
support GTX 550 Ti cards
control: severity -1 important
On Sun, Sep 23, 2012 at 8:59 PM, Dick Thomas wrote:
hiya, Michael
sorry for taking so long to get back to you
I tried the 3.5 kernel and it works perfectly with the gfx
On Sat, Sep 22, 2012 at 1:04 AM, Dick Thomas wrote:
still a noob to debian so daren't do that yet as I don't want to get flamed
but thank you for the suggestions :)
Flaming is somewhat less prevalent in debian nowadays, so please try
to not worry about that.
Would you mind at least trying the
On Sat, Sep 22, 2012 at 2:31 PM, Jonathan Nieder wrote:
Hi Michael,
Michael Gilbert wrote:
Bug #612918 involves a violation of the FHS (using a file in /etc as a
state file), thus violating debian policy. Apparently there was going
to be some involved upstream work to correct the problem
Can you try adding nouveau.tv_disable=1 to your kernel command line?
As suggested by:
https://bugzilla.kernel.org/show_bug.cgi?id=42869
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
control: severity -1 important
This bug seems fairly nebulous, and only affects one person, so there
is no reason for it to be release critical. I use xfce with the
netload plugin all the time, and don't get kernel panics.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to
control: severity -1 important
No moreinfo recieved from the submitter in three months, and he was
the only one running in to the problem. With no more info to go on,
nothing can be done at this point.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with
On Wed, Sep 19, 2012 at 9:42 AM, Dick Thomas wrote:
Hello, Mike
Sadly that didn't work still stopped displaying stuff at populating /dev/
but I can hear it loading in the background (sound card popping etc)
adding nomodeset does work but then I don't know if it still using nouveau
or not as
On Fri, Sep 14, 2012 at 7:46 PM, Raphael Geissert wrote:
* Incorrect version numbering. For Wheezy the +debNuX schema will be used.
I wasn't aware that this was the new rule. I was using the
following, which seemed like it had already been updated for wheezy
On Sun, Sep 9, 2012 at 6:52 PM, David Prévot wrote:
tags 686174 + patch
tags 686174 + pending
thanks
Dear maintainer,
I've prepared an NMU for isc-dhcp (versioned as 4.2.4-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
It is not good practice
control: severity -1 important
On Sat, Jul 14, 2012 at 11:31 AM, Hilko Bengen wrote:
DB Fahrplaninformation[1], the offline timetable information tool for
Deutsche Bahn, does not correctly display times and dates in the main
search dialog, which makes using the program almost impossible. This
Hi, I've uploaded an nmu fixing this issue, based on the above patch.
See attached for nmu debdiff.
Best wishes,
Mike
sane-backends.patch
Description: Binary data
severity 679827 important
thanks
Only affects chromium on linux 3.5 or greater. Wheezy will ship with
linux 3.2, so downgrading to non-rc severity.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
severity 679536 important
thanks
Hi, I'm setting this to important since it only affects experimental,
which doesn't actually get released.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Sun, Jul 1, 2012 at 3:55 AM, Aron Xu wrote:
On Jul 1, 2012 5:24 AM, Michael Gilbert mgilb...@debian.org wrote:
I'm still investigating the problem and more details about it are
welcomed, please don't NMU for either unstable or stable.
Why? This kind of statement requires some kind
I'm still investigating the problem and more details about it are
welcomed, please don't NMU for either unstable or stable.
Why? This kind of statement requires some kind of justification (such
as the proposed commit is incomplete or wrong or something like that).
Otherwise, why slow down
On Thu, Jun 28, 2012 at 3:48 AM, Jakub Moc rote:
Dear maintainer, is this some sort of poor joke, or what is going on
here?
No.
After the latest update to 1.5.6-1, installing wine-unstable
results in installing two dummy, empty and absolutely useless packages
on amd64.
$ dpkg -L
On Fri, Jun 8, 2012 at 6:17 PM, Philipp Kern wrote:
On Sat, Jun 09, 2012 at 04:36:40AM +0800, Aron Xu wrote:
Does this mean M-A:same packages should be prevented from being
binNMUed, but only source upload can be accepted?
You cannot deprive the Release Team of this tool. Also multiarch bugs
On Thu, Jun 14, 2012 at 12:40 PM, Cyril Brulebois wrote:
Michael Gilbert mgilb...@debian.org (14/06/2012):
package (version) sid; urgency=low
* Binary-only non-maintainer upload; no source changes.
-- Debian Release Team debian-rele...@lists.debian.org Tue, 05 Jun
2012 16:33:05 +
package: guake
version: 0.4.3-1
severity: serious
Hi, guake fails to run when the python-xdg is not installed:
$ guake
Traceback (most recent call last):
File /usr/bin/guake, line 35, in module
from xdg.DesktopEntry import DesktopEntry
ImportError: No module named xdg.DesktopEntry
--
On Thu, Jun 14, 2012 at 1:07 PM, Julien Cristau jcris...@debian.org wrote:
On Thu, Jun 14, 2012 at 12:25:42 -0400, Michael Gilbert wrote:
Wouldn't the ideal solution be non-architecture-specific changelogs?
No, that would be very much non-ideal. One should be able to schedule
binNMUs
On Thu, Jun 14, 2012 at 3:43 PM, Philipp Kern wrote:
On Thu, Jun 14, 2012 at 01:59:25PM -0400, Michael Gilbert wrote:
I did not suggest that. Anyway, maybe this will be a bit clearer.
Let's say an existing package is at version +b1 on amd64, and it needs
to get a binnmu, then a +b2 package
package: kfreebsd-8
version: 8.1+dfsg-8+squeeze2
severity: grave
tag: security
A security advisory for freebsd has been issued, cve-2012-0217. All
of the debian kfreebsd packages are affected. Please see:
http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
--
To UNSUBSCRIBE,
package: kfreebsd-9
version: 9.0-3
severity: grave
tag: security
A security advisory for freebsd has been issued, cve-2012-0217. All
of the debian kfreebsd packages are affected. Please see:
http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
--
To UNSUBSCRIBE, email to
package: kfreebsd-10
version: 10.0~svn234760-1
severity: grave
tag: security
A security advisory for freebsd has been issued, cve-2012-0217. All
of the debian kfreebsd packages are affected. Please see:
http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
--
To UNSUBSCRIBE,
severity 643967 important
tag 643967 -security
thanks
This problem should not be considered a security issue. Anyone
utilizing prelink should be aware of the fact that it changes
binaries, and there is the possibility that those changes aren't
reversible; leading to differing checksums in tools
On Sun, Jun 10, 2012 at 4:33 PM, Milan Kocian wrote:
hi,
That is because the package has been multiarched. In other words,
the i386 packages now satisfy the amd64 dependencies.
'dpkg --add-architecture i386' is the right trick :-). Many thanks for hint.
btw. Is it possible to run 64bit
2012/6/9 Michael Hatzold
Hi, thanks for your attention.
To me it seems the problem isn't solved although all relevant packages are
available, though not installable:
apt-get update apt-get dist-upgrade fails [1]
apt-get -f install fails [2]
apt-get install libwine libwine-alsa libwine-bin
On Sat, Jun 9, 2012 at 10:08 AM, Stephen Kitt wrote:
Hi,
On Sat, Jun 09, 2012 at 10:52:43AM +0200, Stefano Zacchiroli wrote:
On Sat, Jun 09, 2012 at 03:37:10AM -0400, Michael Gilbert wrote:
I don't see amd64 packages in pool. The latest package version I see in
pool
is wine-bin_1.4
severity 674604 important
thanks
hurd is an unofficial port, and doesn't have an official release, so
this issue should not be treated as release critical.
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Wed, May 23, 2012 at 1:30 PM, Moritz Muehlenhoff wrote:
Package: libxml2
Version: 2.7.8.dfsg-9
Severity: grave
Tags: security
A DSA is in preparation. Fix:
http://git.gnome.org/browse/libxml2/commit/?id=d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
I've just uploaded the attached patch as a
Hi,
I've just uploaded an NMU fixing this issue to DELAYED/5. See attached debdiff.
Best wishes,
Mike
wine-gecko.debdiff
Description: Binary data
I've just uploaded a fix for this to DELAYED/2, see attached debdiff.
Best wishes,
Mike
libvorbis.patch
Description: Binary data
package: libvorbisidec
severity: grave
version: 1.0.2+svn16259-2
tag: security
libvorbisidec shares a large majority of its code with libvorbis.
There have been quite a few security issues fixed in libvorbis over
the past few years that have subsequently gone unfixed here. These
include:
Hi Michael,
I think you know very well that xpdf is in very bad shape now.
I actually disagree with that. The package is in mostly fine shape
with one (albeit annoying) significant bug.
I am not much technical help to resolve this very bad state of xpdf
package now. But just tagging this
I had binutils-gold packages installed and this was the reason that kernel
module failed to build on my machine.
Could you please send us the build log?
We can just add a build-conflict to prevent people shooting themselves
in the foot with this.
MIke
--
To UNSUBSCRIBE, email to
reopen 658264
severity 658264 important
tag 658264 help
retitle 658264 possible memory corruption in GlobalParams
thanks
and xpdf.xx:159 is exactly the forementioned problematic:
globalParams = new GlobalParams(cfgFileName);
I have now invested \approx 6h in this report and am 100% sure it
.
+ * Build-depend on gcc-multilib (closes: bug #650654).
+ * Fix statically-linked-binary wine-preloader lintian override.
+
+ -- Michael Gilbert michael.s.gilb...@gmail.com Sun, 01 Jan 2012 13:01:50 -0500
+
wine (1.0.1-3.4) unstable; urgency=low
* Non-maintainer upload.
diff -u wine-1.0.1
--- libxml2-2.7.8.dfsg/debian/changelog
+++ libxml2-2.7.8.dfsg/debian/changelog
@@ -1,3 +1,10 @@
+libxml2 (2.7.8.dfsg-6.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix CVE-2011-3919: buffer overflow in parser.c (closes: #656377).
+
+ -- Michael Gilbert michael.s.gilb
package: xorg-server
version: 2:1.11.3.901-1
severity: critical
tag: security
A commit introduced in the xorg 1.11 seems to have introduced a key
combination capable of killing all screen locker programs; thus
allowing unauthorized local access to a system. See:
Temporary solution:
http://openwall.com/lists/oss-security/2012/01/19/7
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
.dfsg/debian/changelog
--- bind9-9.8.1.dfsg/debian/changelog
+++ bind9-9.8.1.dfsg/debian/changelog
@@ -1,3 +1,10 @@
+bind9 (1:9.8.1.dfsg-1.1gilbert1) unstable; urgency=low
+
+ * Build and Install files needed by isc-dhcp.
+ * Clean up all automatically generated files.
+
+ -- Michael Gilbert
: #645760).
+
+ -- Michael Gilbert michael.s.gilb...@gmail.com Mon, 16 Jan 2012 11:47:37 -0500
+
isc-dhcp (4.2.2-2) unstable; urgency=low
* debian/rules: use dpkg-buildflags to set CFLAGS, and export CFLAGS (closes:
only in patch2:
unchanged:
--- isc-dhcp-4.2.2.orig/Makefile.in
+++ isc-dhcp-4.2.2
severity 579136 serious
thanks
Hi, I've just tested this, and that site now causes a segfault. So,
it may be a fix was attempted at this, but not done quite right?
Anyway, a remotely triggerable segfault is rather not good, so I'm
raising the severity.
--
To UNSUBSCRIBE, email to
Package: libav
Version: 4:0.7.3-2
Severity: serious
Tags: security
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for libav.
CVE-2011-3892[0]:
| Double free vulnerability in the Theora decoder in Google Chrome
| before 15.0.874.120 allows remote attackers to cause a
501 - 600 of 1088 matches
Mail list logo