Bug confirmed for me, as signified by the warning: key not found when
running. Please update.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Your message dated Sat, 24 Jan 2015 17:18:23 +
with message-id e1yf4ln-00031n...@franck.debian.org
and subject line Bug#775873: fixed in patch 2.7.3-1
has caused the Debian Bug report #775873,
regarding patch: directory traversal via file rename
to be marked as done.
This means that you claim
Your message dated Sat, 24 Jan 2015 21:20:20 +
with message-id e1yf87w-0006ii...@franck.debian.org
and subject line Bug#776135: fixed in wireshark 1.12.1+g01b65bf-3
has caused the Debian Bug report #776135,
regarding wireshark: Multiple security issues in 1.12.3 and prior versions
to be marked
Your message dated Sat, 24 Jan 2015 21:20:20 +
with message-id e1yf87w-0006io...@franck.debian.org
and subject line Bug#776136: fixed in wireshark 1.12.1+g01b65bf-3
has caused the Debian Bug report #776136,
regarding wireshark: Crashes when filter string is edited on Broadway
to be marked as
Your message dated Sat, 24 Jan 2015 21:18:46 +
with message-id e1yf86q-0005wn...@franck.debian.org
and subject line Bug#776075: fixed in ats2-lang 0.1.8-1
has caused the Debian Bug report #776075,
regarding ats2-lang: FTBFS on most architectures
to be marked as done.
This means that you claim
Le Sat, 24 Jan 2015 11:33:23 +,
Neil Williams codeh...@debian.org a écrit :
That doesn't seem to be part of the original bug which was for a clean
install of nut-client.
If you think this second issue is RC, then a new bug could be opened
but that depends on whether this affects the
Axel Beckert a...@debian.org writes:
emacs23 has been removed from Unstable like three months ago. So IMHO
its non-free components are useless to keep in Debian and especially
useless to release with Jessie.
Filing as RC-level bug against the package to hear some other opinions,
especially
Your message dated Sat, 24 Jan 2015 18:33:22 +
with message-id e1yf5wm-0003ov...@franck.debian.org
and subject line Bug#775635: fixed in chiark-tcl 1.1.3
has caused the Debian Bug report #775635,
regarding chiark-tcl: FTBFS in jessie: build-dependency not installable:
tcl8.4-dev
to be marked
Seems to need to be merged to
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730405
From: ow...@bugs.debian.org
To: bouchereric0...@hotmail.com
Subject: Bug#776159: Acknowledgement (freeorion: Keyboard seems to be
undetected, not responding to key entered.)
Date: Sat, 24 Jan 2015
Processing commands for cont...@bugs.debian.org:
forwarded 745835
http://lists.nongnu.org/archive/html/lynx-dev/2015-01/msg00029.html
Bug #745835 [lynx-cur] lynx-cur: certificate revocation is not checked
Bug #776073 [lynx-cur] lynx-cur: can connect to site with expired certificate
Set Bug
severity 776159 normal
reassign 776159 libois-1.3.0
forcemerge 776159 730405
thanks
On 24.01.2015 19:42, Eric Boucher wrote:
Package: freeorion
Version: 0.4.4-2+b1
Severity: grave
Justification: renders package unusable
Dear Maintainer,
*** Reporter, please consider answering these
Processing commands for cont...@bugs.debian.org:
severity 776159 normal
Bug #776159 [freeorion] freeorion: Keyboard seems to be undetected, not
responding to key entered.
Severity set to 'normal' from 'grave'
reassign 776159 libois-1.3.0
Bug #776159 [freeorion] freeorion: Keyboard seems to be
Your message dated Sat, 24 Jan 2015 22:48:25 +
with message-id e1yf9vb-0001xk...@franck.debian.org
and subject line Bug#775418: fixed in pcmanfm 1.2.3-1.1
has caused the Debian Bug report #775418,
regarding pcmanfm-dbg: copyright file missing after upgrade (policy 12.5)
to be marked as done.
Control: reassign -1 ftp.debian.org
Control: retitle -1 RM: emacs23-common-non-dfsg -- RoM: obsolete; superseeded
by emacs24-common-non-dfsg
Control: severity -1 normal
Hi Rob,
thanks for the prompt answer!
Rob Browning wrote:
Axel Beckert a...@debian.org writes:
emacs23 has been removed
Processing control commands:
reassign -1 ftp.debian.org
Bug #776113 [emacs23-common-non-dfsg] emacs23-common-non-dfsg: Useless without
emacs23
Bug reassigned from package 'emacs23-common-non-dfsg' to 'ftp.debian.org'.
No longer marked as found in versions emacs23-non-dfsg/23.4+1-1.
Ignoring
Niko Tyni writes (Bug#774844: xfonts-traditional: fails to upgrade from
'wheezy': Can't locate File/Find.pm in @INC):
In that case the dependency on perl would be direct, but the script would
fail in exactly the same way when a newer perl-modules is unpacked -
because Time::Piece needs
Your message dated Sat, 24 Jan 2015 19:18:38 +
with message-id e1yf6ea-0008uk...@franck.debian.org
and subject line Bug#775682: fixed in websvn 2.3.1-1+deb6u1
has caused the Debian Bug report #775682,
regarding websvn: CVE-2013-6892: arbitrary file access when downloads enabled
for users with
On Mon, Oct 27, 2014 at 11:55 AM, Rémi Denis-Courmont wrote:
Le lundi 27 octobre 2014, 15:20:37 Raphael Hertzog a écrit :
On Fri, 07 Mar 2014, Frank Heckenbach wrote:
The merge-hook script overwrites /etc/resolv.conf when
/sbin/resolvconf is not installed, thereby erasing additional
Okay, I sorted it out. The reason the city DB was corrupted is
because we were putting so many locations into the location file that
we were overflowing the addressable places to put them. The Maxmind
format uses 3 bytes to store offsets, so when we exceed offset
0xFF our offsets wrap around
Source: tiff
Version: 4.0.3-12
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
the following vulnerabilities were published for tiff.
CVE-2014-8127[0]:
various out-of-bound reads
CVE-2014-8128[1]:
various out-of-bounds write
CVE-2014-8129[2]:
various out-of-bound
Control: reassign 776063 apt
Control: severity 771428 critical
Control: forcemerge 771428 776063
Control: affects 771428 dbus
On Fri, 23 Jan 2015 at 19:04:33 +0100, Guillem Jover wrote:
I think this one should be merged with the other dbus+triggers+apt
bugs.
Merging it, using the higher of the
Processing control commands:
reassign 776063 apt
Bug #776063 [dbus] dbus fails to upgrade rendering entire apt unusable
Bug reassigned from package 'dbus' to 'apt'.
No longer marked as found in versions dbus/1.8.12-1.
Ignoring request to alter fixed versions of bug #776063 to the same values
Your message dated Sun, 25 Jan 2015 01:35:50 +
with message-id e1yfc7c-0003oo...@franck.debian.org
and subject line Bug#770008: fixed in icedove 31.4.0-2
has caused the Debian Bug report #770008,
regarding calendar-google-provider: Can no longer connect to Google calendars
to be marked as
Processing control commands:
severity -1 serious
Bug #775894 [libqt4-ruby1.8] libqt4-ruby1.8: leaves diversion after upgrade
from from lenny - squeeze - wheezy - jessie
Bug #692956 [libqt4-ruby1.8] libqt4-ruby1.8: leaves diversion after upgrade
from squeeze
Severity set to 'serious' from
Processing commands for cont...@bugs.debian.org:
user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was a...@debian.org).
usertags 755876 piuparts
There were no usertags set.
Usertags are now: piuparts.
tags 719104 + pending
Bug #719104 [topgit] Please remove me from
On Sunday, January 25, 2015 01:20:01 Andreas Beckmann wrote:
Followup-For: Bug #775894
Control: severity -1 serious
Hi,
after the upgrade sequence lenny - squeeze - wheezy - jessie the
situation of rbqtapi is as follows:
# l /usr/bin/rbqt*
lrwxrwxrwx 1 root root7 May 18 2014
Your message dated Sun, 25 Jan 2015 00:18:36 +0100
with message-id 54c4284c.5060...@debian.org
and subject line Re: openjdk-7: FTBFS: java.lang.RuntimeException: time is more
than 10 years from present: 110453040
has caused the Debian Bug report #775044,
regarding openjdk-7: FTBFS:
Niko Tyni writes (Re: Bug#774844: xfonts-traditional: fails to upgrade from
'wheezy': Can't locate File/Find.pm in @INC):
reassign 774844 perl 5.20.1-4
thanks
...
Fine by me, I'm not arguing against that. Clearly it's time to
stop/postpone the discussion about theoretical wider effects and do
Processing commands for cont...@bugs.debian.org:
tags 776063 - moreinfo
Bug #776063 [apt] dbus fails to upgrade rendering entire apt unusable
Bug #771428 [apt] apt tries to configure dbus before libdbus-1-3, fails to
upgrade
Bug #774124 [apt] apt tries to configure dbus before libdbus, fails to
Thank you for the patch, I hope it works and fixes the problem.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: freeorion
Version: 0.4.4-2+b1
Severity: grave
Justification: renders package unusable
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
Simply start the game.
* What exactly did you do (or not do) that
Niko Tyni writes (Re: new pre-dependency: perl{,-base,-modules} - dpkg (=
1.17.17)):
On Mon, Jan 19, 2015 at 11:15:04AM +0100, Guillem Jover wrote:
I've not looked into the details yet, but just to comment that there's
been talk about possibly reverting that fix, because in some error
reassign 774844 perl 5.20.1-4
thanks
On Sat, Jan 24, 2015 at 06:39:02PM +, Ian Jackson wrote:
It would be better if dpkg would avoid configuring (or invoking
trigger processing for) A when A-B-C and C is not configured, but B
is. That's not a practical solution for jessie.
I still
Processing commands for cont...@bugs.debian.org:
reassign 774844 perl 5.20.1-4
Bug #774844 [xfonts-traditional] xfonts-traditional: fails to upgrade from
'wheezy': Can't locate File/Find.pm in @INC
Bug reassigned from package 'xfonts-traditional' to 'perl'.
No longer marked as found in versions
Followup-For: Bug #774872
Hi Bernd,
can we get this fixed for /etc/default/gpsd from lenny, too?
Tested patch attached. Somewhere on the upgrade patch
jessie-squeeze-wheezy the config file gets modified, so I added both
md5sums.
Andreas
From a5b4b78059cff72a63a3ed21aa662c89bbae8801 Mon Sep 17
Control: retitle -1 linux-image-3.16.0-4-686-pae: chown removes
security.capability xattr on other users' files (CVE-2015-1350)
Hi,
In http://www.openwall.com/lists/oss-security/2015/01/24/5 there was
a CVE assignment for this issue, CVE-2015-1350.
Regards,
Salvatore
--
To UNSUBSCRIBE, email
Processing control commands:
retitle -1 linux-image-3.16.0-4-686-pae: chown removes security.capability
xattr on other users' files (CVE-2015-1350)
Bug #770492 [src:linux] linux-image-3.16.0-4-686-pae: chown removes
security.capability xattr on other users' files
Changed Bug title to
Hi Michael,
That means, depending on the timing, anacron-resume.service might be
triggered just before suspend not on resume, and it's not guaranteed
that anacron has finished before systemd-sleep is called.
I don't think the patch was intended this way?
thanks for the analysis. Is there
Processing commands for cont...@bugs.debian.org:
severity 775175 normal
Bug #775175 [congruity] congruity: Unable to login with mhgui or executing
EZHex Files because of changes in the MyHarmony website.
Severity set to 'normal' from 'grave'
thanks
Stopping processing here.
Please contact me
Control: retitle -1 patch: directory traversal via file rename
Hi Jonathan,
On Thu, Jan 22, 2015 at 09:56:20PM +, Jonathan Wiltshire wrote:
On Thu, Jan 22, 2015 at 09:49:39PM +, Jonathan Wiltshire wrote:
This issue was assigned CVE-2015-1196. If you upload fixed packages, please
Processing control commands:
retitle -1 patch: directory traversal via file rename
Bug #775873 [patch] patch: CVE-2015-1196 directory traversal via file rename
Changed Bug title to 'patch: directory traversal via file rename' from 'patch:
CVE-2015-1196 directory traversal via file rename'
--
Processing commands for cont...@bugs.debian.org:
# support for git-style patches introduced in 2.7.
found 775873 2.7.1-1
Bug #775873 [patch] patch: directory traversal via file rename
Marked as found in versions patch/2.7.1-1.
thanks
Stopping processing here.
Please contact me if you need
On Sat, Jan 24, 2015 at 11:04 AM, Salvatore Bonaccorso
car...@debian.org wrote:
On Sat, Jan 24, 2015 at 10:50:11AM +0100, Salvatore Bonaccorso wrote:
and the directory traversal via file rename does not seem to have a
CVE yet? (retitling back this subject just to avoid confusion).
I have
Processing commands for cont...@bugs.debian.org:
severity 728365 serious
Bug #728365 [rhn-client-tools] python-rhn: Running rhn_reg fails with a
TypeError exception.
Severity set to 'serious' from 'normal'
thanks
Stopping processing here.
Please contact me if you need assistance.
--
728365:
Your message dated Sat, 24 Jan 2015 09:20:23 +
with message-id e1yewtd-0004pb...@franck.debian.org
and subject line Bug#728365: fixed in rhn-client-tools 1.8.26-4
has caused the Debian Bug report #728365,
regarding python-rhn: Running rhn_reg fails with a TypeError exception.
to be marked as
Hi,
On Sat, Jan 24, 2015 at 10:50:11AM +0100, Salvatore Bonaccorso wrote:
Control: retitle -1 patch: directory traversal via file rename
Hi Jonathan,
On Thu, Jan 22, 2015 at 09:56:20PM +, Jonathan Wiltshire wrote:
On Thu, Jan 22, 2015 at 09:49:39PM +, Jonathan Wiltshire wrote:
❦ 24 janvier 2015 18:50 +1100, Craig Small csm...@debian.org :
I'm not sure if you are able to, but if you could apply the
attached patch to see if the test works now that would be
great.
make
make test (fails)
apply patch
make
make test (works)
Yes, the patch makes the tests pass.
--
Hi!
On Sat, Jan 24, 2015 at 11:17:03AM +0100, László Böszörményi (GCS) wrote:
On Sat, Jan 24, 2015 at 11:04 AM, Salvatore Bonaccorso
car...@debian.org wrote:
On Sat, Jan 24, 2015 at 10:50:11AM +0100, Salvatore Bonaccorso wrote:
and the directory traversal via file rename does not seem to
Axel Beckert a...@debian.org writes:
And when we're at it: A similar issue showed up with notmuch-emacs. I
though found no obvious changelog entry in notmuch's changelog
either. The latest changelog entry talks about Emacs 24.4 related bug
fixes, so maybe Breaks: notmuch-emacs ( 0.18.2-1~)
Package: wireshark
Severity: serious
Tags: fixed-upstream pending
From https://code.wireshark.org/review/#/c/6494/ :
The Broadway GDK backend does never sets event-string. This results in
a crash when filter_string_te_key_pressed_cb tries to read its
contents.Since the documentation marks
Package: sudo
Version: 1.8.10p3-1
Severity: serious
Hi,
actually I only wanted to check whether sudo-ldap/wheezy leaving the
obsolete conffile /etc/init.d/sudo after upgrades to jessie could cause
problems. (Does not look like this, but you could consider using
dpkg-maintscript-helper
Processing commands for cont...@bugs.debian.org:
limit source lintian
Limiting to bugs with field 'source' containing at least one of 'lintian'
Limit currently set to 'source':'lintian'
tags 775467 + pending
Bug #775467 [lintian] Elaborate info for
Processing commands for cont...@bugs.debian.org:
merge 745835 776073
Bug #745835 [lynx-cur] lynx-cur: certificate revocation is not checked
Bug #776073 [lynx-cur] lynx-cur: can connect to site with expired certificate
Marked as found in versions lynx-cur/2.8.8pre5-1.
Added tag(s) jessie-ignore.
Package: wireshark
Severity: serious
Tags: security fixed-upstream pending
Please see release notes:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
Cheers,
Balint
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Processing commands for cont...@bugs.debian.org:
user debian-secur...@lists.debian.org
Setting user to debian-secur...@lists.debian.org (was car...@debian.org).
usertags 776135 + tracked
There were no usertags set.
Usertags are now: tracked.
tags 776135 + upstream
Bug #776135 [wireshark]
Processing commands for cont...@bugs.debian.org:
tags 776113 + sid jessie
Bug #776113 [emacs23-common-non-dfsg] emacs23-common-non-dfsg: Useless without
emacs23
Added tag(s) sid and jessie.
tags 775062 + sid jessie
Bug #775062 {Done: Neil Williams codeh...@debian.org} [grok] grok doesn't
grok
On Wed, 21 Jan 2015 23:55:03 +0100
Laurent Bigonville bi...@debian.org wrote:
On Sat, 17 Jan 2015 11:14:32 + Neil Williams
li...@codehelp.co.uk wrote:
Dear maintainer,
Hello,
I've prepared an NMU for nut (versioned as 2.7.2-1.1), taking
Martin's third option of porting the
Package: libglib2.0-cil
Severity: serious
[this is a shortened version of my original report that was eaten by
reportbug which deserves a critical bugreport for the data loss]
Since a change in glib warnings are printed to STDERR for /each/
g_source_remove call if the item wasn't in the list.
Hi,
Axel Beckert wrote:
Axel Beckert wrote:
Axel Beckert wrote:
I've pushed a prelimiary NMU to the git branch nmu:
https://anonscm.debian.org/cgit/collab-maint/debsums.git/log/?h=nmu
I intend to upload that one as NMU to DELAYED/2 after some testing.
Will post a full debdiff
tags 776145 + patch
thanks
On Sat, Jan 24, 2015 at 2:41 PM, Mirco Bauer mee...@debian.org wrote:
...
[this is a shortened version of my original report that was eaten by
reportbug which deserves a critical bugreport for the data loss]
...
[nevermind: I have found the initial report in
Processing commands for cont...@bugs.debian.org:
tags 776145 + patch
Bug #776145 [libglib2.0-cil] GLib-CRITICAL spam on STDERR
Added tag(s) patch.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
776145: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776145
Hi,
I've NMU'ed websvn for this security issue with attached debdiff.
Cheers,
Thijs
websvn_nmudiff.debdiff
Description: Binary data
Your message dated Sat, 24 Jan 2015 13:33:23 +
with message-id e1yf0q3-0002ua...@franck.debian.org
and subject line Bug#775682: fixed in websvn 2.3.3-1.2
has caused the Debian Bug report #775682,
regarding websvn: CVE-2013-6892: arbitrary file access when downloads enabled
for users with
63 matches
Mail list logo
