On 2016-12-05 22:36:39 [+0100], László Böszörményi (GCS) wrote:
> Hi Sebastian,
Hi László,
> On Mon, Dec 5, 2016 at 10:20 PM, Sebastian Andrzej Siewior
> > Okay. What do we do here? Any idea Laszlo?
> > I could try to cherry-pick the three patches into the currect 2.0 but I
>
On 2016-10-09 11:38:37 [+0300], Török Edwin wrote:
> Dear Maintainer,
>
> Patches to build with both OpenSSL 1.0.x, and 1.1.0 are available in the
> upstream git repository:
> https://gitweb.skylable.com/gitweb/?p=sx.git;a=commitdiff;h=5acd940e97aa1f2bd1b3fdd41f4c98a5783fcb44
> https://gitweb.sky
On 2016-12-03 12:14:38 [+0100], Stefan Fritsch wrote:
> On Friday, 2 December 2016 00:16:24 CET Sebastian Andrzej Siewior wrote:
> > is there a reason for gridsite not to go for 3.0 (or backport the
> > change) and libssl-dev? Apache stays 1.0 but does not expose anything
> >
On 2016-11-02 22:13:04 [+0100], Andreas Henriksson wrote:
> Hello!
Hi,
>
> I've sent a PR to upstream that fixes building against OpenSSL 1.1.0.
> Same patch should apply cleanly to the packaged version.
could you please address the review comments and update your pull
request?
> Regards,
> And
On 2016-11-15 20:22:10 [+0100], Stefan Fritsch wrote:
> Hi again,
Hi,
> On Saturday, 12 November 2016 07:51:40 CET Stefan Fritsch wrote:
> > If these two packages cannot transition to openssl 1.1.0 before apache2
> > does, I suggest that you build with openssl 1.0.2 explicitly and then
> > downgra
.0. I actually spent more time writing this email than
the patch. And I would like to avoid switching B-D now and looking at it
again after the release.
> cu
> Adrian
Sebastian
>From dc21aa1a25fa59e3e667cff8487f971dd74a3d0a Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: W
On 2016-11-26 11:31:49 [+0200], Adrian Bunk wrote:
> Package: libtspi-dev
> Version: 0.3.14+fixed1-1
> Severity: serious
> Control: block 827061 by -1
>
> libtspi-dev must not force OpenSSL 1.1 on packages that
> are not ready for 1.1
>
> At least opencryptoki (#828465) and tpm-tools (#828577)
>
On 2016-11-28 16:49:35 [+0200], Adrian Bunk wrote:
> Package: polygraph
> Version: 4.3.2-4
> Severity: serious
> Tags: patch
> Control: block 827061 by -1
>
> ...
> checking for CRYPTO_lock in -lcrypto... no
> checking for CRYPTO_add_lock in -lcrypto... no
> ...
>
> Not a perfect solution but an
.
Should I NMU it?
Sebastian
From: Sebastian Andrzej Siewior
Date: Tue, 29 Nov 2016 21:10:31 +0100
Subject: [PATCH] cherry-pick patches for OpenSSL 1.1.0 support and TCP_NODELAY
Signed-off-by: Sebastian Andrzej Siewior
---
debian/changelog| 9 ++
On 2016-11-28 23:31:38 [+0200], Adrian Bunk wrote:
> Control: retitle -1 gnubiff: FTBFS due to missing #include
> Control: tags -1 patch fixed-upstream
> Control: unblock 827061 by -1
>
> I've confirmed that gnubiff builds fine with OpenSSL 1.1
>
> The attached patch cherry-picks the missing cst
control: reopen -1
control: severity -1 important
On 2016-11-22 17:06:05 [+], Debian Bug Tracking System wrote:
>* Build-depend on libssl1.0-dev, upgrade to 1.1 requires v3.0 upstream
> release. Closes: #835811
please keep this bug open and close once it builds against openssl
1.1.0.
On 2016-11-18 15:22:07 [+0100], Benjamin Drung wrote:
> Instead of forcing salt to use OpenSSL 1.0, let's try to make it work
> with OpenSSL 1.1. Adjusting the initialization to work with OpenSSL 1.1
> was quite easy. I forwarded the patch upstream to
> https://github.com/saltstack/salt/pull/37772
control: tags -1 patch fixed-upstream
On 2016-07-24 12:01:29 [+0200], Oswald Buddenhagen wrote:
> fixed in git on isync_1_2_branch.
Upstream fixed it
https://sourceforge.net/p/isync/isync/ci/41308e481466b91813f6765a0c92ad83fd9d1ab2/
In their 1.2 release branch which is available in exper
SSL_no_config
the problem is that salt/rsax931.py loads the library manually and
expects certain symbols which are no longer available in OpenSSL 1.1.0.
And it loads the first libcrypto it finds plus has no dependency on
openssl.
Sebastian
>From 67676f782796071a793ec1908de50c7b86e9fbee Mon Sep 17
Control: tags -1 - patch
On 2016-11-10 12:31:00 [+0200], Adrian Bunk wrote:
>
> Not a perfect solution but sufficient for stretch is the following
> change to use OpenSSL 1.0.2:
>
> --- debian/control.old2016-11-10 10:20:58.0 +
> +++ debian/control2016-11-10 10:21:32.000
On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote:
> Yay, this looks good!
So upstream came up with the patch attached after I forwaded mine. Can
you please confirm whether this works or not?
> Cheers,
> gregor
Sebastian
diff --git a/src/prototypes.h b/src/prototypes.h
index c196f92..86f4631
On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote:
> Control: tag -1 + patch
>
> On Mon, 14 Nov 2016 22:07:12 +0100, Sebastian Andrzej Siewior wrote:
>
> > On 2016-11-14 00:17:31 [+0100], gregor herrmann wrote:
> > > Thanks, but nope, still the same:
> > Wh
On 2016-11-14 00:17:31 [+0100], gregor herrmann wrote:
> Thanks, but nope, still the same:
What about this one?
Sebastian
>From b436cd6527a2a32bd94b67ff10363e45a2f52430 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Mon, 14 Nov 2016 21:03:24 +
Subject: [PATCH] t
On 2016-11-11 16:05:05 [+0100], gregor herrmann wrote:
> As soon as fetchnews connects, stunnel4 segfaults.
I tried your config against a http server and mail server with no luck.
> The messages in the syslog:
> Nov 11 15:53:55 jadzia stunnel: LOG2[2]: Double free attempt:
> ptr=0x7f6340010430 a
Source: libesmtp
Version: 1.0.6-4
Severity: serious
Control: block 827061 by -1
OpenSSL 1.1.0 has been released. During a rebuild of all packages using
OpenSSL this package succeeded to build but it should have failed. That is why
this bug is coming so late. The build simply deactivated TLS suppor
On 2016-11-10 12:10:41 [+0100], Ondřej Surý wrote:
> Sebastian,
Hi Ondřej,
> thanks for the patch. The 0.13~svn685-7 version in unstable includes
> your patch,
> and I would really appreciate if someone could test whether
> dnssec-trigger now
> works.
I managed to get around to test it. So the i
On 2016-11-10 12:10:04 [+0200], Adrian Bunk wrote:
> On Thu, Sep 01, 2016 at 09:55:46PM +0200, Sebastian Andrzej Siewior wrote:
> > control: forwarded -1 https://github.com/rbsec/sslscan/issues/108
>
> Sebastian, Marvin, what is the status regarding getting this patch that
> wa
rks? I am confident
but don't time todo it myself just now.
Sebastian
>From 05cd529e19d317b8bcc69f7d883873a27195b904 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Mon, 7 Nov 2016 20:59:11 +
Subject: [PATCH] dnssec-trigger: openssl 1.1.0 fixup
- SSL_OP_NO_SSLv2 / SSLv2 has
On 2016-11-03 23:39:32 [+0100], László Böszörményi (GCS) wrote:
> OK, it remained the same then. May you try the work in progress
> update[1]? I'm off for sleeping. :-/
yup, worked.
> Thanks,
> Laszlo/GCS
Sebastian
On 2016-11-03 22:02:23 [+0100], László Böszörményi (GCS) wrote:
> On Thu, Nov 3, 2016 at 8:48 PM, Sebastian Andrzej Siewior
> wrote:
> > On 2016-11-03 07:45:16 [+0100], Andreas Henriksson wrote:
> > fetchmail builds against openssl 1.1.0. So we are good here.
> > fetchmail
control: retitle: -1 fetchmail: FTBFS if building in parallel
On 2016-11-03 07:45:16 [+0100], Andreas Henriksson wrote:
> Hello Kurt Roeckx.
Hi,
> The failure in this build log didn't look like it was really openssl related.
> I've tried rebuilding the package which succeded for me.
>
> Could yo
On 2016-11-01 17:41:27 [-0400], Sam Hartman wrote:
> Hi.
Hi,
> I'm sorry I didn't get a chance to respond to your other mail.
> upstream has dealt with moonshot-gss-eap and moonshot-ui and I plan to
> address the bugs there with a new upstream version.
You could point that out in the relevant bug
someone
that can test it and is using it. So far it seems only alpine does [0].
[0]
http://sources.debian.net/src/alpine/2.20%2Bdfsg1-2/web/src/alpined.d/alpined.c/?hl=10831#L10831
> Kurt
Sebastian
>From b45c2495fffd431a4eee359c24a0b292c87bc33c Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej
control: tags -1 fixed-upstream
control: forwarded -1 https://github.com/libevent/libevent/pull/397
my understaning is that an updated version of this patch has been merged
upstream. That is
https://github.com/libevent/libevent/commit/3e9e0a0d46e4508e8782ec3787c6d86bab63046d
Sebastian
Attempted/moonshot-gss-eap_0.9.5-1_amd64-20160529-1451
this builds now. Do you have anything to verify?
> Kurt
Sebastian
>From 50b12a010649c57ca7080cc728c8088abf53f73e Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Tue, 1 Nov 2016 20:41:46 +
Subject: [PATCH] moonshot-gss-e
control: tags -1 patch
On 2016-06-26 12:24:29 [+0200], Kurt Roeckx wrote:
> OpenSSL 1.1.0 is about to released. During a rebuild of all packages using
> OpenSSL this package fail to build. A log of that build can be found at:
> https://breakpoint.cc/openssl-1.1-rebuild-2016-05-29/Attempted/trous
control: forwarded -1 https://github.com/OpenSC/pkcs11-helper/pull/7
control: tags -1 patch
On 2016-06-26 12:23:44 [+0200], Kurt Roeckx wrote:
> OpenSSL 1.1.0 is about to released. During a rebuild of all packages using
> OpenSSL this package fail to build. A log of that build can be found at:
>
On 2016-06-26 12:21:14 [+0200], Kurt Roeckx wrote:
> Source: cargo
> Version: 0.9.0-1
> Severity: important
> Control: block 827061 by -1
>
> Hi,
>
> OpenSSL 1.1.0 is about to released. During a rebuild of all packages using
> OpenSSL this package fail to build. A log of that build can be found
On 2016-10-29 14:15:30 [-0700], Noah Meyerhans wrote:
> Control: tags -1 - patch + upstream
> Control: forwarded -1 https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7361
>
> Unfortunately, this patch breaks compatibility with OpenSSL < 1.1.0, as
> the CRYPTO_zalloc function does not exist there.
On 2016-10-29 23:26:49 [+0200], Kurt Roeckx wrote:
> On Sat, Oct 29, 2016 at 10:32:34PM +0200, Sebastian Andrzej Siewior wrote:
> > One thing that confuses me: Why has none
> > of the libraries a dependency on libssl?
>
> From what I understand they use dlopen() and
On 2016-08-30 12:40:12 [+0200], Gert Wollny wrote:
>
> Am Dienstag, den 30.08.2016, 08:51 +0200 schrieb Kurt Roeckx:
> > On Tue, Jun 28, 2016 at 09:53:20PM +0200, Gert Wollny wrote:
> > >
> > > Thanks for the review.
> > Can I ask what the current state of this is?
>
> IIRC the last patch appli
control: tags -1 patch fixed-upstream
control: forwarded -1 https://rt.cpan.org/Public/Bug/Display.html?id=118344
Crypt-SMIME-0.18 has the fix
Sebastian
Control: tags - patch
builds. Further testing is welcome.
Sebastian
>From f6afa6be81eae0b149ad18a0642c67e75b148c69 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Thu, 27 Oct 2016 19:43:15 +
Subject: [PATCH] opendkim: port to openssl 1.1.0
In configure.ac AC_SEARCH_L
On 2016-10-05 20:06:13 [+0200], Emilio Pozuelo Monfort wrote:
> configure: Using external LLVM
> checking for supported LLVM version... no (3.8.1)
> configure: error: LLVM < 3.7 required, but "3.8.1"(381) found
> configure: error: Failed to configure LLVM, and LLVM was explicitly requested
it is n
Package: gsoap
Version: 2.8.35-2
Severity: serious
The package FTBFS with -j16:
| make[5]: Entering directory '/<>/gsoap/src'
| /bin/bash ../../ylwrap soapcpp2_yacc.y y.tab.c soapcpp2_yacc.c y.tab.h `echo
soapcpp2_yacc.c | sed -e s/cc$/hh/ -e s/cpp$/hpp/ -e s/cxx$/hxx / -e
s/c++$/h++/ -e s/c$/h/
On 2016-09-04 21:37:45 [+0300], Stefanos Sofroniou wrote:
> Weird...I have the same problem with 52.0.2743.116-2 and it happened a few
> minutes ago when I tried to open multiple tabs at once.
>
> I'm using Debian testing 64-bit, fully updated.
Fully updated unstable and it works again after goin
On 2016-08-22 13:15:19 [+0200], Bernd Zeimetz wrote:
> Hi,
Hi,
> if a package from backports depends on the libssl version from backports,
> the openssl package won't be upgraded, resulting in
>
> /usr/bin/openssl: /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0: version
> `OPENSSL_1.0.1s' not found
On 2016-08-08 17:50:38 [+0200], Carsten Schoenert wrote:
> Hello Andrzej,
Hi Carsten,
> we will try, I was already thinking of that.
> The problem at the end is this all is only a workaround in my eyes. The
> source is lacking some fixups for getting compiled with gcc-6 without
> regressions.
I d
On 2016-08-08 12:06:24 [+1200], jfp wrote:
> Thread 1 "icedove" received signal SIGSEGV, Segmentation fault.
> 0x73e007a1 in js::jit::SnapshotIterator::numAllocations
> (this=0x7ffeb560) at ./mozilla/js/src/jit/JitFrames.cpp:2159
> 2159 ./mozilla/js/src/jit/JitFrames.cpp: No such file
On 2015-02-22 11:44:37 [+0100], Kurt Roeckx wrote:
> Even with RC4 enabled on both sides, it does provide something
> secure that doesn't use RC4 as long as you don't don't touch the
> defaults. And I've seen many applications that screw up the
> defaults.
As of openssl in experimental we don't h
retitle 825863 RM: percona-xtradb-cluster-galera-2.x -- RoQA; NPOASR; FTBFS;
RC-buggy; unmaintained; low popcon
severity 825863 normal
reassign 825863 ftp.debian.org
thanks
Dear FTP-Master,
please remove percona-xtradb-cluster-galera-2.x from unstable. It is
RC-buggy and FTBFS (not to mention t
On 2016-06-05 13:27:08 [+0200], Hans van Kranenburg wrote:
> Hi Maintainer,
Hi,
> The version in the main Debian Stable archive (so not in the additional
> jessie-updates) has the option AllowSupplementaryGroups removed (see
> #822444), which prevents the program from starting when this option is
On 2016-05-30 21:40:17 [+], Mattia Rizzolo wrote:
> Hello everybody!
Hi,
> Is anybody working on this?
> We would like to proceed with the complete RM of the old libssl1.0.0
> library, and this package is one of the very few left.
A side note: if we apply the patch then it builds against curr
On 2015-11-14 14:10:27 [+0100], Kurt Roeckx wrote:
> You should change the call from SSLv3_client_method() to
> SSLv23_client_method().
>
> The SSLv3_* call only talks SSLv3 while the SSLv23_* call is the
> only one supporting multiple protocol version.
>
> I suggest you also get that fixed in th
On 2016-05-16 19:33:58 [+0200], Kurt Roeckx wrote:
> I'm guessing there is some ABI breakage between the 2 versions.
So now learnt how to use/ read abipkgdiff properly:
| in unqualified underlying type 'struct cl_engine' at others.h:250:1:
|type size changed from 8640 to 8704 bits
|1 dat
On 2016-05-16 17:32:55 [+0200], Kurt Roeckx wrote:
> Received signal: wake up
> ClamAV update process started at Mon May 16 15:52:55 2016
> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder:
> amishhammer)
> Downloading daily-21555.cdiff [100%]
> Downloading daily-21556.cdif
On 2015-11-14 21:50:33 [+0100], Kurt Roeckx wrote:
> The SSLv3 methods in the openssl package have been removed and as
> a result your package can't be build anymore.
SZALAY, do you plan to look at this?
The 3.9.5 release is from 2012, there is 3.9.8 from 2014 and v6.0.7 from
2015. Would it make s
On 2015-10-30 15:56:38 [+0100], Emilio Pozuelo Monfort wrote:
> This is a friendly ping wrt the libstdc++ ABI transition. Your package is
> listed
> as needing a transition but has seen no action. It'd be good to get things
> going
> so we can finish the transition soon.
Mike, this package didn'
On 2016-05-10 18:19:02 [-0400], Scott Howard wrote:
> I agree with this assessment. I'll raise the issue upstream. It's
> non-free, so not too high on my priority list (and not much I can do
> on my own anyways...)
Could you please open a RM bug against ftp-master? There is no need to
keep this in
On 2016-05-10 00:14:48 [+0200], Sebastian Andrzej Siewior wrote:
> Redistributing may be allowed due to the chapter in debian/copyright. It
> is not the latest [1] available document which might be "recent" and the
> license seems to have change a little, too.
My bad. Tha
On 2016-04-22 00:19:58 [+0200], Andreas Beckmann wrote:
> Since the only API/ABI difference between libssl1.0.0 and libssl1.0.2 is
> the removal of some symbols, you could try the following:
…
| $ readelf -a bin/eagle|grep -i SSLv3
|09aa3640 00019607 R_386_JUMP_SLOT SSLv3_client_meth
control: tags -1 patch
On 2015-11-11 12:47:33 [-0800], Steve Langasek wrote:
> The utopia-documents package fails to build in unstable, now that swig has
> been updated to version 3.0.7:
The two patches attached will let build again. However due to #812823 I
don't think it makes sense to apply th
On 2016-01-26 18:38:23 [-0500], Douglas Calvert wrote:
> gdb followus:
>
> #0 0x7fc100d95795 in QMetaObject::className() const () from
> /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
with QT's dbg package I get
#0 QtPrivate::RefCount::deref (this=0x74430f00) at
../../include/QtCore/../..
alera-2.x (1:2.11.2675-1.3) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Depend on libasio-dev to avoid build failure on internal asio copy
+(Closes: #804138).
+ * Replace _BSD_SOURCE with _DEFAULT_SOURCE to avoid a warning with -Werror
+
+ -- Sebastian Andrzej Siewior Wed, 04 May 2
_*
function as suggested by Kurt.
Sebastian
>From b1afb00818c8d269c52d4b914e62fd5a9985df69 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Wed, 27 Apr 2016 21:10:03 +0200
Subject: [PATCH] Drop explicit support SSLv3 and TLSv1
There is no addedd value in using only SSLv3 or TLSv1. With current openssl
impleme
On 2015-03-15 06:42:08 [+0100], Salvatore Bonaccorso wrote:
> On Tue, Feb 17, 2015 at 10:07:06AM +, Patrick Coleman wrote:
> > * Remote null pointer dereference
> > A remote user can cause a null pointer dereference by sending a
> > malformed Authorization: header.
> > http://patrick.ld.net.au/
e for certpatch. Patch by Erwan Prioul (Closes: #749354).
+
+ -- Sebastian Andrzej Siewior Wed, 20 Apr 2016 21:40:11 +0200
+
isakmpd (20041012-7.2) unstable; urgency=low
* Non-maintainer upload.
diff -Nru isakmpd-20041012/debian/patches/08_gnumakefile.patch isakmpd-20041012/debian/pa
loses: #804606).
+
+ -- Sebastian Andrzej Siewior Wed, 20 Apr 2016 21:00:04 +0200
+
httest (2.4.8-1) unstable; urgency=low
* New upstream release
diff -Nru httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch
--- httest-2.4.8/d
control: severity -1 normal
On 2014-07-13 05:31:36 [+0200], Cyril Brulebois wrote:
> Source: polygraph
> Version: 4.3.2-1.2
> Severity: serious
> Justification: FTBFS
>
> Hi,
Hi,
I change the severity to normal because kfreebsd is not a release
architecture and as such it is no longer serious.
On 2015-11-16 08:19:36 [-0700], Alex Rousskov wrote:
> On 11/14/2015 09:02 AM, Alex Rousskov wrote:
>
> > If we can provide a small better fix, we will. If a better fix requires
> > too many unrelated changes to this Polygraph version, we will provide a
> > patch that disables SSLv3 (until a recen
Hi,
The patch looks simple. Any reason why I should not use it and NMU it isakmpd?
It would make isakmpd build again and we would have one libssl1.0.0 user less.
Sebastian
control: tags -1 +fixed-upstream
On 2015-11-08 19:01:29 [+], Chris West (Faux) wrote:
> make[1]: *** [override_dh_auto_install] Error 2
missing SSLv3. According to [0] the issue has been addressed upstream:
|25 Dec 2015 9.0.304 Dev.15
|§ Changes to makefile for building on Red Hat Linux EL6
ebian/changelog
@@ -1,3 +1,10 @@
+sslscan (1.8.2-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Make it build without SSLv3 (Closes: #804616)
+
+ -- Sebastian Andrzej Siewior Sat, 05 Mar 2016 21:17:46 +0100
+
sslscan (1.8.2-2) unstable; urgency=low
* debian/control:
diff --
Control: reassign -1 linux 3.16.7-ckt9-3~deb8u1
Control: retitle -1 sky2 NIC driver freezes the system (Marvell 0x436B /
88E8071)
I hereby reassing the bug to the linux package since it has nothing to
do with openssh. Based on the last feedback from the submitter he
replaced the NIC and the probl
On 2016-01-29 21:44:45 [+0100], SkyFish wrote:
> > I wouldn't hurt to use real name if you attemt communicate with real
> people.
>
> You are right, I'm Andrey :)
Hi,
> > Does the system respond to ping?
>
> After the system freezes it doesn't respond to anything
>
> > Does the syslog log fi
On 2015-06-09 22:26:38 [+0200], SkyFish wrote:
I wouldn't hurt to use real name if you attemt communicate with real
people.
> Any help would be greatly appreciated!
Do you have the problem or has it been it been solved in the meantime?
If not. I don't think the ssh package has anything to do wi
Package: esajpip
Version: 0.1~bzr33-2
Severity: serious
Your package FTBFS during the GCC5 transition [0]. It has Build-Depends
"libprocps3-dev | libprocps-dev," which can not be satisfied because
none of this packages exist in unstable anymore.
Please use libprocps4-dev instead.
[0] https://buil
On 2015-08-06 13:42:29 [+0200], Sylvestre Ledru wrote:
> > | Makefile:107: recipe for target 'check-local' failed
> >
> > on AMD64. One step further I guess.
> Do you have the actual errors?
not anymore. I built it yesterday and copied the build-log away. The
remaining part is gone but I could re
On 2015-03-25 23:57:21 [+0100], Roderich Schupp wrote:
> Build stops with:
>
I tried 3.5.2-1 with gcc version 5.2.1 20150730 (Debian 5.2.1-14). Patch
Patch #1 should fix the FTBFS.
Patch #2 should workaround the part where it tries to use gcc-5.2 which is
not available as package or binary.
The bu
Package: libsane-common
Version: 1.0.24-10
Severity: serious
dist-upgrade did this:
|Preparing to unpack .../libsane-common_1.0.24-10_all.deb ...
|/var/lib/dpkg/tmp.ci/preinst: line 9: rm_conffile: command not found
|dpkg: error processing archive
/var/cache/apt/archives/libsane-common_1.0.24-10_
On 2015-04-29 23:03:49 [+0200], Andreas Cadhalpun wrote:
> Hi Sebastian,
Hi Andreas,
> >> The options
> >>LocalSocket /var/run/clamav/clamd.ctl.change
> >>LocalSocketGroup nobody
> >>LocalSocketMode 600
same options
> I just pushed a fix for this.
> It seems to work as intended, but
fixed 783726 0.98.6+dfsg-2
thanks
On 2015-04-29 16:12:42 [+0200], Mounaam wrote:
> Package: clamav-daemon
> Version: 0.98.6+dfsg-1
> Severity: grave
> Justification: renders package unusable
>
> Problem:
> typo in line 626: $DEBCONFILE used instead of $DEBCONFFILE (double F)
fixed, please check
Package: clamav-daemon
Version: 0.98.6+dfsg-1
Severity: serious
The options
LocalSocket /var/run/clamav/clamd.ctl.change
LocalSocketGroup nobody
LocalSocketMode 600
in clamd.conf are not considered when used via systemd. It seems that
/lib/systemd/system/clamav-da
control: severtiy -1 important
On 2015-02-08 20:31:48 [+0100], Ulrich Schmidt wrote:
> Severity: grave
> Justification: renders package unusable
I changed it to important. It does not render the package unusable for
everyone. Also, if affected then the bogus line can be removed and the
package is
0.5alpha has been just released [0] with this issue fixed. If you
package that one you get rid of all currently known bugs :)
[0] http://www.cabextract.org.uk/libmspack/libmspack-0.5alpha.tar.gz
Sebastian
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "un
m d78acf012a47fb4e868a87ef738a947ad3aa7ea3 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Sun, 18 Jan 2015 22:47:45 +0100
Subject: [PATCH] mspack/chmd: check p > end also after we left
Jakub's AFL produced a case where "p" reads the name_len just just at the
On Thu, Jan 15, 2015 at 10:13:27AM +0100, Ulrich Schmidt wrote:
> Package: clamav-freshclam
> Version: 0.98.5+dfsg-3
> Severity: grave
> Tags: newcomer
Why newcommer?
> Justification: renders package unusable
Not unter normal circumstances. Atleast I hope so :)
> Hi.
>
> I did a fresh Jessie ins
* Sebastian Andrzej Siewior | 2015-01-07 13:13:57 [+0100]:
>* Jakub Wilk | 2015-01-06 21:18:30 [+0100]:
>>Two sample CHM files that trigger segfaults, which are caused by the
>>overflows, are also attached.
>>
>>This bug does affect ClamAV.
>
>How do you trigge
* Jakub Wilk | 2015-01-06 21:18:30 [+0100]:
>Two sample CHM files that trigger segfaults, which are caused by the
>overflows, are also attached.
>
>This bug does affect ClamAV.
How do you trigger this? I tried both files with "cabextract -t",
clamdscan, clamscan and chmd_md5. None of those segfau
meone has unattended-upgrades running, how does
he get clamd restarted after a libmspack update?
>From a0449d2079c4ba5822e6567ad7094c10108f16cd Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Tue, 23 Dec 2014 21:20:43 +0100
Subject: libmspack: qtmd: fix frame_end overflow
Debian
epo.
>From 9041fefc0d48aa3c307baa20c5cc4b7eceafe616 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Mon, 22 Dec 2014 22:10:47 +0100
Subject: [PATCH] make frame_end off_t
Debian bts #773041, #772891 contains a report of a .cab file which
causes an endless loop.
Eric Sharkey diagnosed the problem as frame_en
* Marc Dequènes (duck) | 2014-12-22 02:52:02 [+0100]:
>Coin,
>
>On 2014-12-21 22:16, Sebastian Andrzej Siewior wrote:
>>On 2014-12-20 12:12:13 [+0100], Andreas Cadhalpun wrote:
>>>As it shows that clamd hangs in libmspack, I think this is bug #773041
>>>[1].
>
On 2014-12-20 12:12:13 [+0100], Andreas Cadhalpun wrote:
> As it shows that clamd hangs in libmspack, I think this is bug #773041 [1].
> A possible fix is mentioned in [2]. We'll have to include it in the
> libmspack copy embedded in clamav, which is used in wheezy.
Oh great. So for clamav we have
Package: libclamunrar
Version: 0.96.4-1
Severity: serious
Tags: security pending
The debian security tracker references a problem ("clamav: double-free
error libclamunrar_iface/unrar_iface.c") which it learned from
http://www.openwall.com/lists/oss-security/2013/11/29/6
This got marked as fixed in
severity 769384 serious
tags 769384 + pending
thanks.
On 2014-11-13 05:23:09 [-0800], Jesse Molina wrote:
> Sorry, I opened this bug when I was tired. My apologies for the lack of
> detail.
No problem, it all worked out :)
> I did a global upgrade, which is how I ended up in that situation.
> lib
On 2014-11-13 01:16:25 [-0700], Jesse Molina wrote:
> Severity: grave
I would downgrade it to important. Scott?
> Fails on start. I imagine this wasn't tested?
You imagine wrong. But this case in particular wasn't.
> Setting up clamav-freshclam (0.98.5~rc1+dfsg-3) ...
> [] Starting ClamAV vir
On 2014-08-05 16:14:12 [-0400], Jon Bernard wrote:
> This may also work as well:
>
> diff --git a/configure.ac b/configure.ac
> index 80eba33..248044e 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -50,6 +50,17 @@ AC_C_INLINE
> AC_TYPE_PID_T
> AC_TYPE_SIZE_T
>
does not build KFreeBSD
due to missing HOST_NAME_MAX.
The test suite passed.
Signed-off-by: Sebastian Andrzej Siewior
---
tests/lib/Makefile.am | 3 +-
tests/lib/test_ctf_writer.c | 10 --
tests/lib/xgethostname.c| 76 +
tests/lib
tags 751336 + patch upstream fixed-upstream
thanks.
On 2014-06-11 22:29:48 [+0200], Julien Cristau wrote:
> See the build log at
> https://buildd.debian.org/status/fetch.php?pkg=babeltrace&arch=armel&ver=1.2.1-2&stamp=1395846913
>
> There's also a build failure on sparc which may or may not be re
eless.
This affects the "plugname = 'clamav'" method of the package.
Sebastian
>From 75bf67fe1568ffcbb488f4e7026883b39dd1a3eb Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Wed, 2 Jul 2014 22:06:30 +0200
Subject: [PATCH] update dansguardian
Signed-off-b
ve set the severity to grave since havp can't be used without clamav.
Sebastian
>From 45b1edab07d76fc331c4dc0a47d8ecc3a5438a27 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Wed, 2 Jul 2014 21:12:37 +0200
Subject: [PATCH] update to current (0.94.4) clamav
As of 0.94.4 ve
* Guido Günther | 2014-06-26 21:54:40 [+0200]:
>Already in VCS as 9321997cddf7bb5b030d6328d9db67eb4f5830f6 since May.
>Cheers,
It seems to be part of the experimental branch which also has new v1.2.5
in it. Please add the Closes tag to finally close the bug :)
> -- Guido
Sebastian
--
To UNSUB
On 2014-05-17 15:09:00 [+0200], Guido Günther wrote:
> which dependency are you still seeing?
> -- Guido
I think he meant:
>From b19ba46d6a9c3b67a8a70457ed1970924bb97489 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior
Date: Thu, 26 Jun 2014 20:08:04 +0200
Subject: [PATCH] dr
tags 748180 + upstream
forwarded 748180
https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;mbox=yes;bug=748180
thanks
On 2014-05-15 14:19:10 [+0200], Sebastian Andrzej Siewior wrote:
> Yesterday I tried to bring the in-tree llvm-back and build it. The build
> failed, too. The log is ava
On 2014-05-15 11:54:23 [+0800], Paul Wise wrote:
> 99%: Checks: 960, Failures: 1, Errors: 1
> check_bytecode.c:136:F:arithmetic:test_bswap_jit:0: Invalid return value from
> bytecode run, expected: beef, have: dead1
>
> check_bytecode.c:111:E:arithmetic:test_inflate_int:0: (after this point)
> R
301 - 400 of 494 matches
Mail list logo
