Package: chicken
Severity: grave
Tags: security
This was assigned CVE-2014-3776:
http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg1.html
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Package: libapache2-mod-wsgi
Version: 3.3-4
Severity: critical
Tags: security
Justification: root security hole
Dear Maintainer,
as far as I can tell, CVE-2014-0240 affects the stable package of
mod-wsgi. The
patch provided by the mod-wsgi team applies wih fuzzing to the source
shipped
by
Package: miniupnpc
Severity: grave
Tags: security
Justification: user security hole
A CVE assignment is pending. The fix is here:
https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
Cheers,
Moritz
--
To UNSUBSCRIBE, email to
Processing commands for cont...@bugs.debian.org:
close 748910 3.5-1
Bug #748910 [libapache2-mod-wsgi] CVE-2014-0240: Possibility of local privilege
escalation when using daemon, mode
Marked as fixed in versions mod-wsgi/3.5-1.
Bug #748910 [libapache2-mod-wsgi] CVE-2014-0240: Possibility of
Processing commands for cont...@bugs.debian.org:
found 748910 3.3-2
Bug #748910 {Done: Thijs Kinkhorst th...@debian.org} [libapache2-mod-wsgi]
CVE-2014-0240: Possibility of local privilege escalation when using daemon, mode
Marked as found in versions mod-wsgi/3.3-2.
thanks
Stopping processing
Processing commands for cont...@bugs.debian.org:
#gnustep-make (2.6.6-1) UNRELEASED; urgency=low
#
# * New upstream release:
#- Fixes FTBFS with make 4.0 (Closes: #747028).
#
limit source gnustep-make
Limiting to bugs with field 'source' containing at least one of 'gnustep-make'
Limit
Package: postgrey
Version: 1.34-1.1
Severity: grave
Tags: patch
Justification: renders package unusable
Dear Maintainer,
A fresh install of postgrey on two Wheezy machines fails to start. Much like
was the case in debian bug #722136, starting the postgrey daemon on the
command
line reveals the
Your message dated Thu, 22 May 2014 09:27:48 +
with message-id e1wnphw-0005jh...@franck.debian.org
and subject line Bug#748761: fixed in gutenprint 5.2.10~pre2-2
has caused the Debian Bug report #748761,
regarding printer-driver-gutenprint: Cups doesn't print because
rastertogutenprint.5.2 is
Package: libjSSC-java
Version: 2.6.0-2
Severity: grave
Tags: patch
Justification: renders package unusable
Dear Maintainer,
When using the shared library libjSSC-java.so I get an error message
about the unresolved symbol _Znwm.
This symbol is related to the C++ new operator and is defined in
(forgot to CC the bug report...)
Hello Gstreamer Maintainers!
I am currently investigating bug #748848 and would like to hear your
opinion about that issue.
Byzanz build-depends on libgstreamer-plugins-base1.0-dev and
libgstreamer1.0-dev. Thus libgstreamer-plugins-base1.0-0 (=
1.0.0) and
Processing commands for cont...@bugs.debian.org:
tags 747758 + pending
Bug #747758 [nvidia-graphics-drivers-legacy-96xx] [INTL:es] Spanish debconf
template translation for nvidia-graphics-drivers-legacy-96xx
Added tag(s) pending.
tags 746704 + patch
Bug #746704
On Sat, May 17, 2014 at 02:30:00PM +0200, Johannes Schauer wrote:
Package: liferea
Version: 1.10.8-1
Severity: grave
Justification: renders package unusable
Hi,
steps to reproduce:
I didn't use a chroot but installed liferea in my own system and I
can't reproduce the bug, everything
On Thu, May 15, 2014 at 15:31:07 +0200, Julien Cristau wrote:
Control: tags -1 confirmed upstream fixed-upstream
On Mon, May 12, 2014 at 19:01:43 +0200, Jeremy P. wrote:
Package: hgview
Version: 1.8.0-1
Severity: grave
Justification: renders package unusable
jeremyp@sky[~] cd
On 2014-05-22 09:57, Eric Sesterhenn wrote:
Package: libapache2-mod-wsgi
Version: 3.3-4
Severity: critical
Tags: security
Justification: root security hole
Dear Maintainer,
as far as I can tell, CVE-2014-0240 affects the stable package of
mod-wsgi. The
patch provided by the mod-wsgi team
On 22/05/14 13:48, Alberto Garcia wrote:
On Sat, May 17, 2014 at 02:30:00PM +0200, Johannes Schauer wrote:
Package: liferea
Version: 1.10.8-1
Severity: grave
Justification: renders package unusable
Hi,
steps to reproduce:
I didn't use a chroot but installed liferea in my own system
Processing control commands:
affects -1 owncloud
Bug #748941 [mediawiki-classes] mediawiki-classes: fails to install, trying to
overwrite other packages files
Added indication that 748941 affects owncloud
--
748941: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=748941
Debian Bug Tracking
On Thu, 22 May 2014, Holger Levsen wrote:
Preparing to unpack .../mediawiki-classes_1%3a1.19.15+dfsg-2_all.deb ...
Unpacking mediawiki-classes (1:1.19.15+dfsg-2) ...
dpkg: error processing archive /var/cache/apt/archives/mediawiki-
classes_1%3a1.19.15+dfsg-2_all.deb (--unpack):
Hi,
Quoting Emilio Pozuelo Monfort (2014-05-22 14:32:02)
On 22/05/14 13:48, Alberto Garcia wrote:
On Sat, May 17, 2014 at 02:30:00PM +0200, Johannes Schauer wrote:
Package: liferea
Version: 1.10.8-1
Severity: grave
Justification: renders package unusable
Hi,
steps to
On Thu, May 22, 2014 at 02:56:47PM +0200, Johannes Schauer wrote:
David Smith mentioned that he could only reproduce the error if he
hadnt installed a regular DE (such as icewm).
That's useful information, thanks!
Berto
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
Processing commands for cont...@bugs.debian.org:
tags 748728 + sid jessie
Bug #748728 [libuser,id-utils] id-utils and libuser: error when trying to
install together
Added tag(s) sid and jessie.
tags 745516 + sid jessie
Bug #745516 [photoprint] Please migrate to lcms2
Added tag(s) sid and
Processing commands for cont...@bugs.debian.org:
tags 748827 + fixed-upstream
Bug #748827 [src:torque] torque: CVE-2014-0749
Added tag(s) fixed-upstream.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
748827:
Control: tag 743141 wontfix
On 20/05/14 13:45, Debian Bug Tracking System wrote:
retitle 743141 kfreebsd-9: triple fault on execve from 64-bit thread to 32-bit
process
Tentatively tagging 743141 wontfix as kfreebsd-9 is planned for removal.
But, AFAIK, it can't be removed yet as latest D-I
Processing control commands:
tag 743141 wontfix
Bug #743141 [kfreebsd-9] kfreebsd-9: triple fault on execve from 64-bit thread
to 32-bit process
Added tag(s) wontfix.
--
743141: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743141
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Processing commands for cont...@bugs.debian.org:
severity 748537 minor
Bug #748537 [packagekit] packagekit: Current packagekit version breaks jhbuild
on usage of GetTid()
Severity set to 'minor' from 'serious'
--
Stopping processing here.
Please contact me if you need assistance.
--
748537:
Robert Millan r...@debian.org (2014-05-22):
Control: tag 743141 wontfix
On 20/05/14 13:45, Debian Bug Tracking System wrote:
retitle 743141 kfreebsd-9: triple fault on execve from 64-bit thread to
32-bit process
Tentatively tagging 743141 wontfix as kfreebsd-9 is planned for removal.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Until next patched lxsession maintainer upload one may use systemd power
management for unprivileged users.
Systemd platform is default in debian nowadays and consolekit is not actively
maintained in favour of systemd-logind. [1]
It will also
Your message dated Thu, 22 May 2014 15:34:36 +
with message-id e1wnv0u-00063s...@franck.debian.org
and subject line Bug#747955: fixed in ccbuild 2.0.6-2.1
has caused the Debian Bug report #747955,
regarding FTBFS: grep -nH isatty does not find any match
to be marked as done.
This means that
Package: blktap-dkms
Version: 2.0.93-0.2
Severity: serious
Justification: fails to build from source (but built successfully in the past)
The build fails on 3.14 kernel with the following error:
/var/lib/dkms/blktap/2.0.93/build/ring.c: In function
‘blktap_ring_make_tr_request’:
Your message dated Thu, 22 May 2014 16:34:40 +
with message-id e1wnvx2-0007ho...@franck.debian.org
and subject line Bug#748744: fixed in kfreebsd-10 10.0-6
has caused the Debian Bug report #748744,
regarding kfreebsd-10: triple fault on execve from 64-bit thread to 32-bit
process
to be marked
Markus Koschany dixit:
Although byzanz depends on libgstreamer-plugins-base1.0-0 another
related package, gstreamer1.0-plugins-base, is not automatically
installed. I am not sure yet why libgstreamer-plugins-base1.0-0 does not
Oh, okay. I had suspected a missing dependency, but not for it
to be
Package: vlc
Version: 2.1.4-1+b1
Severity: serious
Justification: unnkown
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
vlc crashes: here is the result of vlc -:
*
vlc -vvv
VLC media player 2.1.4
Control: severity -1 important
Control: tag -1 + moreinfo
On 2014-05-22 20:09:30, Eric Streit wrote:
Package: vlc
Version: 2.1.4-1+b1
Severity: serious
Justification: unnkown
Well, then don't use serious.
Dear Maintainer,
*** Reporter, please consider answering these questions, where
Processing control commands:
severity -1 important
Bug #748971 [vlc] vlc crashes when trying to open preferences or trying to
display the playing list
Severity set to 'important' from 'serious'
tag -1 + moreinfo
Bug #748971 [vlc] vlc crashes when trying to open preferences or trying to
Processing commands for cont...@bugs.debian.org:
#linux (3.14.4-2) UNRELEASED; urgency=medium
#
# * [x86] ACPICA: Tables: Fix invalid pointer accesses in
#acpi_tb_parse_root_table(). (Closes: #748574)
# * [arm64] Initial kernel configuration and packaging (Closes: #745349).
#
limit
Control: reassign -1 fpc
This is not a bug in view3dscene but rather a bug in FPC. Indeed if cge
is compiled using -Ur flag that this does not happen. However here the
-Ur flag does not have a real meaning as sources are missing.
After analyzing more the issue it looks like the CRC stored for
Processing control commands:
reassign -1 fpc
Bug #748789 [view3dscene] view3dscene: FTBFS Can't find unit CastleStringUtils
used by CastleUtils
Bug reassigned from package 'view3dscene' to 'fpc'.
No longer marked as found in versions view3dscene/3.13.0-2.
Ignoring request to alter fixed
Hey,
It would be really nice to have this fixed: chromium can't be
installed on x86, and it's been a couple weeks now.
Cheers,
Charles
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Your message dated Thu, 22 May 2014 19:38:53 +
with message-id e1wnypj-0002hp...@franck.debian.org
and subject line Bug#748367: fixed in visp 2.8.0-5.1
has caused the Debian Bug report #748367,
regarding visp: FTBFS with libav10
to be marked as done.
This means that you claim that the problem
Package: policykit-1
Version: 0.112-2
Severity: serious
Hello,
Lintian is now complaining that policykit-1 package is calling adduser
without setting a home directory. This is even a policy violation.
What I'm proposing is to re-add the /var/lib/polkit-1/ directory create
the user with this
Package: system-config-printer
Version: 1.3.7-4
Severity: grave
Tags: upstream
Justification: renders package unusable
Dear Maintainer,
*** Please consider answering these questions, where appropriate ***
* What led up to the situation?
While adding my USB printer Canon MP160, it finds the
Package: libcatalyst-view-component-subinclude-perl
Version: 0.10-1
Severity: serious
Usertags: goto-cc
During a rebuild of all packages in a clean sid chroot (and cowbuilder+pbuilder)
the build failed with the following error.
[...]
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e
Processing commands for cont...@bugs.debian.org:
severity 748991 serious
Bug #748991 [libcgi-application-plugin-authentication-perl] FTBFS: test suite
fails (non-determinism?)
Severity set to 'serious' from 'normal'
thanks
Stopping processing here.
Please contact me if you need assistance.
--
My apologies, I had forgotten to actually attach the build log.
Best,
Michael
libcatalyst-view-component-subinclude-perl-build-log.txt.gz
Description: application/gunzip
pgp6JKaeNiKjS.pgp
Description: PGP signature
Your message dated Thu, 22 May 2014 21:21:11 +
with message-id e1wnaqj-0006yr...@franck.debian.org
and subject line Bug#747666: fixed in opensmtpd 5.4.2p1-1
has caused the Debian Bug report #747666,
regarding Redefined macro messages scrolling by when compiling exhaust console
backlog
to be
Your message dated Thu, 22 May 2014 21:20:22 +
with message-id e1wnapw-0006ml...@franck.debian.org
and subject line Bug#747789: fixed in jitsi 2.4.4997-1.2
has caused the Debian Bug report #747789,
regarding jitsi: FTBFS: error: package org.json.simple does not exist
to be marked as done.
Your message dated Thu, 22 May 2014 21:21:12 +
with message-id e1wnaqk-0006yx...@franck.debian.org
and subject line Bug#748513: fixed in opensmtpd 5.4.2p1-1
has caused the Debian Bug report #748513,
regarding opensmtpd: OpenSSL version mismatch strikes again
to be marked as done.
This means
Your message dated Thu, 22 May 2014 21:21:12 +
with message-id e1wnaqk-0006yx...@franck.debian.org
and subject line Bug#748513: fixed in opensmtpd 5.4.2p1-1
has caused the Debian Bug report #748513,
regarding opensmtpd: Opensmtpd does not start
to be marked as done.
This means that you claim
Package: libgd-perl
Version: 2.50-1
Severity: serious
Justification: Makes unrelated package FTBFS
The following fails, which is the reason why
libcgi-application-plugin-captcha-perl FTBFS:
# apt-get -f -s install libdata-random-perl libgd-securityimage-perl
Reading package lists... Done
Package: libcatalyst-modules-perl
Version: 47
Severity: serious
Usertags: goto-cc
During a rebuild of all packages in a clean sid chroot (and cowbuilder+pbuilder)
the build failed with the following error.
[...]
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e test_harness(0,
'inc',
Package: libaunit
Version: 1.03-8
Severity: serious
Usertags: goto-cc
During a rebuild of all Debian packages in a clean sid chroot (using cowbuilder
and pbuilder) the build failed with the following error.
[...]
- Attempting to parse the build-deps
- Considering build-dep dpkg-dev (= 1.16.1)
tag 747500 patch
thanks
Hi,
Gilles Filippini a écrit , Le 09/05/2014 13:58:
Package: libopencv2.4-java
Version: 2.4.8+dfsg1-2
Severity: grave
Justification: renders package unusable
Hi,
The symbolic links for the jar files in /usr/share/java are broken because
of a wrong version
Package: libflorist
Version: 2011-2
Severity: serious
Usertags: goto-cc
During a rebuild of all Debian packages in a clean sid chroot (using cowbuilder
and pbuilder) the build failed with the following error.
[...]
W: no hooks of type D found -- ignoring
- Attempting to parse the build-deps
-
Processing commands for cont...@bugs.debian.org:
tag 747500 patch
Bug #747500 [libopencv2.4-java] libopencv2.4-java: Broken symlink for
/usr/share/java/opencv.jar
Added tag(s) patch.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
747500:
On Thu, May 22, 2014 at 02:56:47PM +0200, Johannes Schauer wrote:
David Smith mentioned that he could only reproduce the error if he
hadnt installed a regular DE (such as icewm).
Ok, I could reproduce this inside a chroot, but the problem disappears
if I mount the /proc filesystem.
Can you
Source: adios
Version: 1.6.0-5
Severity: serious
Justification: fails to build from source (but built successfully in the past)
Builds of adios in minimal environments (as on the autobuilders) have
been failing when trying to build the Python 2 extension:
-- Found PythonLibs:
Source: eso-midas
Version: 13.09pl1.2+dfsg-1
Severity: serious
Justification: fails to build from source
Automated builds of eso-midas have been failing:
/«BUILDDIR»/eso-midas-13.09pl1.2+dfsg/13SEP/system/unix//inmidas -j @
compile.all
mkdir: cannot create directory
Processing commands for cont...@bugs.debian.org:
severity 747286 important
Bug #747286 {Done: Camm Maguire c...@debian.org} [acl2] acl2: not buildable
on buildds on some architectures
Severity set to 'important' from 'serious'
thanks
Stopping processing here.
Please contact me if you need
On 23/05/14 00:51, Alberto Garcia wrote:
On Thu, May 22, 2014 at 02:56:47PM +0200, Johannes Schauer wrote:
David Smith mentioned that he could only reproduce the error if he
hadnt installed a regular DE (such as icewm).
Ok, I could reproduce this inside a chroot, but the problem disappears
Source: telepathy-logger-qt
Version: 0.8.0-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)
Builds of telepathy logger for nearly all architectures (except amd64
and sparc) failed because the generated symbols weren't as expected.
Could you please
Package: src:linux
Version: 3.14.4-1
Severity: critical
Justification: breaks the whole system
initrd images generated under kernel 3.14.4-1 fail to load sd_mod
automatically, which renders the system unbootable. I'm not sure
precisely what is going wrong, but the phenomenon is common to both
Package: numptyphysics
Version: 0.2+svn157-0.2
Severity: serious
Hi. When finishing any level (clicking next in the dialog box), the
application corrupts its memory and freezes. This is very consistent. I
get something like this:
dima@shorty:~$ numptyphysics
loaded image
Source: keystone
Severity: grave
Tags: security upstream
Hi Thomas,
the following vulnerability was published for keystone.
CVE-2014-0204[0]:
Keystone user and group id mismatch
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities Exposures) id in your
62 matches
Mail list logo