On Sat, Jan 05, 2013 at 04:44:48PM +, Dominic Hargreaves wrote:
Strangely, when I try and reproduce with a vanilla 5.14.3 build, I
get:
$ ./perl -e 'print xx(2**31)'
$ echo $?
0
which seems wrong in a different way...
FWIW, I can reproduce it with an unpatched 5.14.3 on current sid
On Thu, Jan 10, 2013 at 09:26:37PM +0100, Thomas Girard wrote:
Since my GPG key has expired, I will not be able to upload this in a
timely fashion, so you can consider this email as a call for NMU.
For info, you can simply change the expiration date...
Neil
--
To UNSUBSCRIBE, email to
Ping,
any news regarding this RC bug? If no one volunteers, I'd be happy to
make an NMU. As for the testing of this bug, I cannot readily verify
the fix since the test utility for Connman - test-connman - is not
part of Debian.
However, since the patch was provided by upstream, I assume that the
Package: plexus-cipher
Version: 1.5-3
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
When building on a fast machine i get:
Running org.sonatype.plexus.components.cipher.PBECipherTest
+K09MzMSG00HwGTNaRzYDsUqhiabft0kDLpG1hGpezo=
Package: nagios3
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-6096:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
Fix:
http://nagios.svn.sourceforge.net/viewvc/nagios?view=revisionrevision=2547
Cheers,
Moritz
--
Package: icinga
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-6096:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
Fix:
http://nagios.svn.sourceforge.net/viewvc/nagios?view=revisionrevision=2547
Cheers,
Moritz
--
On Fri, Jul 27, 2012 at 02:51:20PM +, Debian Bug Tracking System wrote:
This is an automatic notification regarding your Bug report
which was filed against the owncloud package:
#681138: owncloud: setup sets wrong db entrys which prevent using cal/carddav
It has been closed by Thomas
On 18:55 Thu 10 Jan , Michael Biebl wrote:
On 10.01.2013 18:25, Vasudev Kamath wrote:
Package: libgtk-3-bin
Version: 3.4.2-5
Severity: serious
When trying to upgrade from 3.4.2-4 to 3.4.2-5 I get following error and
aptitude aborts
Adding 'diversion of
Package: condor
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerability was published for condor.
CVE-2012-5390[0]:
Possible privilege escalation
This is mentioned on the stable release series notes[1] as
Hi
I have submitted this as grave severity, but could you double check if
this is actually a problem for condor in Debian?
[1]:
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
Regards,
Salvatore
--
To UNSUBSCRIBE, email to
Because of this bug i updated to 3.6.1-1 from experimental - it didn't
help.
Regards
Karsten
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
is: /home/ghantoos/.tsung/log/20130111-1011
^C
BREAK: (a)bort (c)ontinue (p)roc info (i)nfo (l)oaded
(v)ersion (k)ill (D)b-tables (d)istribution
Can you please provide you xml file for further investigation?
In the meantime, I will be downgrading the severity to Important.
Cheers,
Ignace M
Processing commands for cont...@bugs.debian.org:
severity 697795 important
Bug #697795 [tsung] tsung crashes: Kernel pid terminated
Severity set to 'important' from 'grave'
tags 697795 = moreinfo unreproducible
Bug #697795 [tsung] tsung crashes: Kernel pid terminated
Added tag(s) unreproducible
Processing control commands:
found -1 3.2.1-2
Bug #697930 [nagios3] nagios3: CVE-2012-6096
Marked as found in versions nagios3/3.2.1-2.
--
697930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697930
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE,
Control: found -1 3.2.1-2
On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
Package: nagios3
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-6096:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
Fix:
On Jan 11, 2013, at 8:45 AM, Salvatore Bonaccorso car...@debian.org wrote:
Hi
I have submitted this as grave severity, but could you double check if
this is actually a problem for condor in Debian?
[1]:
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
On Sun, 16 Dec 2012, Jérémy Lal wrote:
I am working on a fix.
Any news?
In the meantime, I tried to recover myself: look into
/etc/redmine/default/database.yml what was used as
password, connect as postgres to the DB and ALTER ROLE
and set the redmine user’s password to that.
Doesn’t work ☹
Your message dated Fri, 11 Jan 2013 17:15:50 +0100
with message-id 2013061550.GA17037@elende
and subject line Re: [htcondor-debian] Bug#697936: condor: CVE-2012-5390:
possible privilege escalation
has caused the Debian Bug report #697936,
regarding condor: CVE-2012-5390: possible privilege
Hi,
Though I'm currently not using md, I have done so in the past, and it
has always worked well for me. I saw this bug report and thought that
I might try to reproduce it. Here's what I did:
1. retrieved debian-5010-i386-netinst.iso from
Processing commands for cont...@bugs.debian.org:
found 697895 0.9.13-2
Bug #697895 [libextlib-ruby] Update libextlib-ruby / ruby-extlib for
vulnerabilities (Re: CVE-2013-0156)
Marked as found in versions libextlib-ruby/0.9.13-2.
severity 697895 grave
Bug #697895 [libextlib-ruby] Update
Your message dated Fri, 11 Jan 2013 17:32:38 +
with message-id e1ttit8-6w...@franck.debian.org
and subject line Bug#697186: fixed in ding-libs 0.1.3-2
has caused the Debian Bug report #697186,
regarding Missing dependency on libcollection-dev
to be marked as done.
This means that you
Hello Raymond,
On Thu, Dec 13, 2012 at 01:45:35PM -0500, Raymond S Brand wrote:
Carsten,
I'm still using the (current) one from Debian Squeeze, and every
time there is a security update I have to remove those libraries
again to get it to work.
why not trying to use a version from Backports
Processing commands for cont...@bugs.debian.org:
notfound 659994 icedove/10.0.3-2
Bug #659994 [icedove] [regression] icedove: symbol lookup error:
[...]/libdbusservice.so: undefined symbol: NS_Alloc
Bug #660736 [icedove] Subject: icedove deads on undefined symbol
Bug #691985 [icedove] icedove:
tags 681227 + patch
block 651720 by 681227
# kFreeBSD bugfix couldn't enter wheezy yet due to regressions
thanks
Hi,
On 07/01/13 19:56, Wouter Verhelst wrote:
What to do with the workaround added by Wouter in grub-installer/1.84?
The workaround tried to eliminate the possibility of invalid
Processing commands for cont...@bugs.debian.org:
tags 681227 + patch
Bug #681227 [grub-installer] does not validate free-form input
Added tag(s) patch.
block 651720 by 681227
Bug #651720 {Done: Wouter Verhelst wou...@debian.org} [src:grub-installer]
new ZFS install on / fails if /boot isn't
On 09/01/13 21:54, Michael Biebl wrote:
On 09.01.2013 22:29, Simon McVittie wrote:
As far as I can work out, bumping libgstreamer0.10-0's shlibs
would only help to achieve this if we additionally NMU a bunch of
packages to rebuild them against the new libgstreamer0.10-0 so
they get a
tags 685061 + pending
thanks
Dear maintainer,
I've prepared an NMU for gfs2-utils (versioned as 3.1.3-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
p.s.: I know this package is only available in unstable, so one might
argue why the NMU is done. But
Processing commands for cont...@bugs.debian.org:
tags 685061 + pending
Bug #685061 [gfs2-utils] gfs2-utils: fails to install due to incorrect
dependencies in init.d LSB header
Added tag(s) pending.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
685061:
tags 697870 + pending
thanks
Dear maintainer,
I've prepared an NMU for redhat-cluster (versioned as 3.1.8-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
Note: I know that #697870 is not yet older than 7 days. If you want to
do an upload yourself or I
Processing commands for cont...@bugs.debian.org:
tags 697870 + pending
Bug #697870 [redhat-cluster-suite] redhat-cluster-suite: Fails to install due
to removed clvm package
Added tag(s) pending.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
697870:
On 11/01/2013 17:12, Thorsten Glaser wrote:
On Sun, 16 Dec 2012, Jérémy Lal wrote:
I am working on a fix.
Any news?
I'll try to make config script use the first generated
password if a second database user name is the same as a first
one. But i'm not sure i can even read the first
Hi
Attached the upstream commits applied to the unstable version and
generated debdiff. But this creates too some additional files in one
of the binary packages created:
ruby-extlib:
[The following lists of changes regard files as different if they have
different names, permissions or owners.]
Processing commands for cont...@bugs.debian.org:
tags 697895 + patch
Bug #697895 [libextlib-ruby] Update libextlib-ruby / ruby-extlib for
vulnerabilities (Re: CVE-2013-0156)
Added tag(s) patch.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
697895:
Hi
(resending this as I missed the bugreport)
On Fri, Jan 11, 2013 at 12:06:54AM +, Joshua Timberman wrote:
Package: libextlib-ruby
Version: 0.9.13-2
Severity: grave
Tags: security
Dan Kubb, upstream maintainer of the extlib RubyGem recently updated it to
resolve security issues
Your message dated Fri, 11 Jan 2013 21:32:37 +
with message-id e1ttmdn-0006lz...@franck.debian.org
and subject line Bug#697895: fixed in ruby-extlib 0.9.15-3
has caused the Debian Bug report #697895,
regarding Update libextlib-ruby / ruby-extlib for vulnerabilities (Re:
CVE-2013-0156)
to be
Processing commands for cont...@bugs.debian.org:
tags 697931 + patch
Bug #697931 [icinga] icinga: CVE-2012-6096
Added tag(s) patch.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
697931: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697931
Debian Bug Tracking
Processing commands for cont...@bugs.debian.org:
tags 697930 + patch
Bug #697930 [nagios3] nagios3: CVE-2012-6096
Added tag(s) patch.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
697930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697930
Debian Bug
Your message dated Fri, 11 Jan 2013 22:47:39 +
with message-id e1ttnnz-0001iq...@franck.debian.org
and subject line Bug#697580: fixed in connman 1.0-1.1
has caused the Debian Bug report #697580,
regarding connman: CVE-2012-6459
to be marked as done.
This means that you claim that the problem
Processing commands for cont...@bugs.debian.org:
user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was deb...@abeckmann.de).
usertags 697085 piuparts
There were no usertags set.
Usertags are now: piuparts.
found 697085 1.3.0+dfsg-1~exp3
Bug #697085 [qemu-system]
On Tue, Jan 08, 2013 at 06:49:56PM +0100, Moritz Mühlenhoff wrote:
On Tue, Jan 08, 2013 at 02:45:59AM +0200, Tzafrir Cohen wrote:
Hi,
On Wed, Jan 02, 2013 at 10:56:43PM +0100, Salvatore Bonaccorso wrote:
Package: asterisk
Severity: grave
Tags: security
Justification: user
Your message dated Fri, 11 Jan 2013 18:03:10 -0600
with message-id 20130112000310.gb...@gwolf.org
and subject line Re: [drupal7] SA-CORE-2012-004 - Drupal core - Multiple
vulnerabilities in Drupal 6 7
has caused the Debian Bug report #696342,
regarding [drupal7] SA-CORE-2012-004 - Drupal core -
Your message dated Sat, 12 Jan 2013 00:18:28 +
with message-id e1ttons-00034j...@franck.debian.org
and subject line Bug#692871: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #692871,
regarding mysql-server-5.5: error in SQL syntax in postinst
to be marked as done.
This
Your message dated Sat, 12 Jan 2013 00:18:28 +
with message-id e1ttons-00034j...@franck.debian.org
and subject line Bug#692871: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #692871,
regarding mysql-server-5.5: Regression in privileges of mysql debian-sys-maint
user
to be
Your message dated Sat, 12 Jan 2013 00:18:28 +
with message-id e1ttons-00034n...@franck.debian.org
and subject line Bug#695001: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #695001,
regarding mysql-5.5: New MySQL issues
to be marked as done.
This means that you claim that
Your message dated Sat, 12 Jan 2013 00:17:39 +
with message-id e1tton5-0002df...@franck.debian.org
and subject line Bug#697714: fixed in libxcrypt 1:2.4-3
has caused the Debian Bug report #697714,
regarding libxcrypt: fix ftbfs due to deprecated libc locking macros
to be marked as done.
This
Quoting Steven Chamberlain (ste...@pyro.eu.org):
Patch for this actually just a diff limited to ./grub-installer from:
$ git revert a070f516 99389d59 926cee22
Agreed from my side. I guess we now just need Cyril's ACK to apply in
git and probably buildunless something else is needed in
46 matches
Mail list logo