Processing commands for cont...@bugs.debian.org:
> found 988732 6.2.0-1
Bug #988732 {Done: Paul Gevers } [libphp-phpmailer]
CVE-2020-36326
Marked as found in versions libphp-phpmailer/6.2.0-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
988732:
Hi Paul,
On Di 18 Mai 2021 20:49:55 CEST, Paul Gevers wrote:
Hi Mike,
On 18-05-2021 07:38, Mike Gabriel wrote:
Would it be a viable solution for now to not run autopkgtests on
ppcel64? I really don't have a clue why this issue comes up only on
ppcel64.
If you think this failure is not
Package: repo
Followup-For: Bug #855846
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Seems Replicant project might be on to something that might help get
this package back in main: https://redmine.replicant.us/issues/2213
- Jonas
- -- System Information:
Debian Release: 11.0
APT prefers
Processing control commands:
> tag -1 pending
Bug #988735 [src:pglogical] pglogical: CVE-2021-3515
Added tag(s) pending.
--
988735: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988735
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #988735 in pglogical reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Source: vtk-dicom
Version: 0.8.12-1+b2
Severity: serious
Tags: patch
Greetings,
While looking up the unrelated bug #988643, I noticed that the
package triggered an autodep8 python3 autopkgtest failure:
autopkgtest [21:45:13]: test autodep8-python3: set -e ; for py in
$(py3versions -d
Your message dated Tue, 18 May 2021 21:18:34 +
with message-id
and subject line Bug#988732: fixed in libphp-phpmailer 6.2.0-2
has caused the Debian Bug report #988732,
regarding CVE-2020-36326
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
On 2021-05-18 22:14:32 +0200, Andreas Beckmann wrote:
> Package: libsidplayfp6
> Version: 2.1.2-1
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: piuparts
>
> Hi,
>
> during a test with piuparts I noticed your package fails to upgrade from
> 'sid' to 'experimental'.
> It
On 18/05/2021 21.38, Paul Gevers wrote:
On 08-04-2021 19:33, Julien Cristau wrote:
I've started to look at it, I'm afraid building up context on this
stuff to understand what it's doing is going to take a while...
Just a friendly ping. Did you get anywhere with this yet?
Just an additional
Package: libsidplayfp6
Version: 2.1.2-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package fails to upgrade from
'sid' to 'experimental'.
It installed fine in 'sid', then the upgrade to 'experimental' fails
because it
Control: tags -1 moreinfo unreproducible
X-Debbugs-CC: d.fil...@web.de, poming...@gmail.com
It works perfectly here (under Xorg with KDE). Even running:
LANG=zh_TW.UTF8 LC_CTYPE=zh_TW.UTF8 LC_ALL=zh_TW.UTF8 \
LANGUAGE=zh_TW:zh audacity
does not produce the behaviour you describe. If
Processing control commands:
> tags -1 moreinfo unreproducible
Bug #988632 [audacity] audacity: The main drawing area (sound wave) do not
refresh
Added tag(s) moreinfo and unreproducible.
--
988632: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988632
Debian Bug Tracking System
Contact
Processing commands for cont...@bugs.debian.org:
> severity 972146 grave
Bug #972146 [mono-runtime-common]
/usr/share/applications/mono-runtime-common.desktop: should not handle MIME
type by executing arbitrary code
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Processing control commands:
> severity -1 grave
Bug #988737 [src:libx11] libx11: CVE-2021-31535: Missing request length checks
Severity set to 'grave' from 'important'
--
988737: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988737
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Hi Julien,
On 08-04-2021 19:33, Julien Cristau wrote:
> I've started to look at it, I'm afraid building up context on this
> stuff to understand what it's doing is going to take a while...
Just a friendly ping. Did you get anywhere with this yet?
Paul
> Cheers,
> Julien
>
> On Tue, Apr 06,
* Julien Puydt [2021-05-18 17:47]:
Upstream manages to ship version with no error because they ship
hundreds of deps to an exact version for which they fitted the
testsuite to pass. We ship those deps as separate packages, because
they're actually not sagemath-specific [look at the list, it's
Package: eyed3
Version: 0.8.10-1.1
Severity: serious
Justification: fails to work
X-Debbugs-Cc: t...@mirbsd.de
$ eyeD3 -P display -p %a% *.mp3
eyed3.plugins:WARNING: Plugin '('lastfm.py',
'/usr/lib/python3/dist-packages/eyed3/plugins')' requires packages that are not
installed: cannot import
Processing control commands:
> clone -1 -2
Bug #988727 [389-ds-base] CVE-2021-3514 CVE-2021-3480
Bug 988727 cloned as bug 988736
> retitle -1 389-ds-base: CVE-2021-3514
Bug #988727 [389-ds-base] CVE-2021-3514 CVE-2021-3480
Changed Bug title to '389-ds-base: CVE-2021-3514' from 'CVE-2021-3514
Control: clone -1 -2
Control: retitle -1 389-ds-base: CVE-2021-3514
Control: reassign -2 src:slapi-nis 0.56.5-1
Control: retitle -2 slapi-nis: CVE-2021-3480
Hi,
On Tue, May 18, 2021 at 08:30:52PM +0200, Moritz Muehlenhoff wrote:
> Package: 389-ds-base
> Severity: grave
> Tags: security
>
Source: pglogical
Version: 2.3.3-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for pglogical, please lower
the severity if you strongly disagree.
CVE-2021-3515[0]:
Processing commands for cont...@bugs.debian.org:
> severity 988240 grave
Bug #988240 [src:openexr] openexr: CVE-2021-23169
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
988240:
Processing commands for cont...@bugs.debian.org:
> severity 985574 grave
Bug #985574 {Done: Moritz Mühlenhoff } [src:pygments]
pygments: CVE-2021-27291
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
985574:
Hi Mike,
On 18-05-2021 07:38, Mike Gabriel wrote:
> Would it be a viable solution for now to not run autopkgtests on
> ppcel64? I really don't have a clue why this issue comes up only on
> ppcel64.
If you think this failure is not representative for the package behavior
on ppc64el, it is.
Package: libphp-phpmailer
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
Please see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36326
Patches:
https://github.com/PHPMailer/PHPMailer/commit/26f2848d3bbb57add5f34a467a1e3b2f9ce5cd2a
(v6.4.1)
Source: rust-hyper
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2021-21299:
https://github.com/hyperium/hyper/security/advisories/GHSA-6hfq-h8hq-87mf
https://rustsec.org/advisories/RUSTSEC-2021-0020.html
Cheers,
Moritz
On Tue, May 18, 2021 at 06:47:38PM +0200, Christoph Berg wrote:
> Can you share the apt command and output that led to this removal?
One more observation: Bullseye's gdal-data 3.2.1+dfsg-1 defines a
Breaks: libgdal20 (< 2.5.0~), but the libgdal20 in Buster is 2.4.0,
and postgresql-11-postgis-2.5
Package: 389-ds-base
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2021-3514:
https://github.com/389ds/389-ds-base/issues/4711
CVE-2021-3480:
https://bugzilla.redhat.com/show_bug.cgi?id=1944640
Sorry for the late reply, got backlogged in my inbox.
Am Mon, Apr 12, 2021 at 11:18:16AM +0100 schrieb Ximin Luo:
> It looks like these CVEs affect all versions up to 1.52 (which is not yet
> released).
>
> Do you have links to patches fixing these bugs that can be backported to
> 1.48? We've
Processing control commands:
> reassign -1 hdf5 1.10.5+repack-1~exp6
Bug #988722 [postgresql-common] postgresql-common: Upgrading cluster with
postgis does not migrate tables using postgis
Bug reassigned from package 'postgresql-common' to 'hdf5'.
No longer marked as found in versions
Control: reassign -1 hdf5 1.10.5+repack-1~exp6
On Tue, May 18, 2021 at 07:48:08PM +0200, Dennis Filder wrote:
> X-Debbugs-CC: d.fil...@web.de
>
> On Tue, May 18, 2021 at 06:47:38PM +0200, Christoph Berg wrote:
>
> > Can you share the apt command and output that led to this removal?
>
> I
Processing commands for cont...@bugs.debian.org:
> severity 988089 grave
Bug #988089 [mariadb-server] mariadb-server: MariaDB uninstalled on
dist-upgrade Debian 10 -> 11
Severity set to 'grave' from 'normal'
> reassign 988089 galera-4
Bug #988089 [mariadb-server] mariadb-server: MariaDB
X-Debbugs-CC: d.fil...@web.de
On Tue, May 18, 2021 at 06:47:38PM +0200, Christoph Berg wrote:
> Can you share the apt command and output that led to this removal?
I attached the output from "apt full-upgrade" until the "Do you want
to continue?"
Having gimp-gmic (recommended by
Processing commands for cont...@bugs.debian.org:
> forcemerge 988036 965075
Bug #988036 [postfixadmin] Multiple errors that make the package unusable
Bug #965075 {Done: Christoph Martin } [postfixadmin]
postfixadmin: wrong alias in postfixadmin conf-available for apache2
'reopen' may be
Processing commands for cont...@bugs.debian.org:
> tags 988722 - bullseye
Bug #988722 [postgresql-common] postgresql-common: Upgrading cluster with
postgis does not migrate tables using postgis
Removed tag(s) bullseye.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Re: Dennis Filder
> During an upgrade from Buster to Bullseye I also had to upgrade a
> cluster from postgresql 11 to 13. The cluster had the postgis
> extension enabled (postgis 2.5.1) and one table with columns of types
> from postgis. My typescript tells me that during "apt full-upgrade"
>
Processing commands for cont...@bugs.debian.org:
> unarchive 855846
Bug #855846 {Done: Hans-Christoph Steiner } [repo] repo: requires
software outside of the distribution to function
Unarchived Bug 855846
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
855846:
Package: postgresql-common
Architecture: amd64
Version: 225
Severity: serious
Justification: Potential data loss (lower at your discretion)
Tags: bullseye
X-Debbugs-CC: d.fil...@web.de
During an upgrade from Buster to Bullseye I also had to upgrade a
cluster from postgresql 11 to 13. The cluster
Your message dated Tue, 18 May 2021 15:48:27 +
with message-id
and subject line Bug#988712: fixed in masakari 10.0.0-2
has caused the Debian Bug report #988712,
regarding python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr'
to be marked as done.
This means that you claim
Hi,
Le mardi 18 mai 2021 à 15:31 +0200, Jochen Sprickerhof a écrit :
>
> * Julien Puydt [2021-05-18 07:56]:
> > 1) Upstream itself uses the testsuite in the sense of "shouldn't
> > have
> > too many failing tests", and it still allows to detect when a build
> > is
> > utterly broken, so we
Your message dated Tue, 18 May 2021 15:33:30 +
with message-id
and subject line Bug#988712: fixed in masakari 11.0.0-2
has caused the Debian Bug report #988712,
regarding python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr'
to be marked as done.
This means that you claim
Dear Maintainer,
I tested mpirun from openmpi-bin 4.1.0-9 and I no longer have the
problem.
Thank you,
--
| Nicolas Perrin Grid'5000 Administrator |
| nicolas.per...@inria.fr INRIA / RESIST |
On Sun, 16 May 2021 07:25:51 +0100 Alastair McKinstry <
mckins...@debian.org>
Source: mysql-8.0
Version: 8.0.23
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for April 2021 lists CVEs affecting MySQL 8.0
that are fixed in 8.0.25
CVE list:
CVE-2020-1971 CVE-2021-2144 CVE-2021-2146 CVE-2021-2160
CVE-2021-2162 CVE-2021-2164
Package: lxml
Version: 4.6.3-1
Severity: serious
Hi,
your package triggers a non-overridable lintian autoreject tag, i.e.
if the package would be reuploaded today without changes, it would be
automatically rejected by ftp-master.
Package: platformio
Version: 4.3.4-1
Severity: grave
Dear Maintainer,
Upstream changed paths for the framework manifest files in recent
releases and did not maintain backward compatibility links resulting
in 4.3.4 no longer being able to install the frameworks.
For example this happens when I
Package: atmel-firmware
Version: 1.3-4
Severity: serious
Hi,
your package triggers a non-overridable lintian autoreject tag, i.e.
if the package would be reuploaded today without changes, it would be
automatically rejected by ftp-master.
Package: pipemeter
Version: 1.1.5-1
Severity: serious
Hi,
your package triggers a non-overridable lintian autoreject tag, i.e.
if the package would be reuploaded today without changes, it would be
automatically rejected by ftp-master.
https://lintian.debian.org/tags/FSSTND-dir-in-usr
Package: python3-masakari
Version: 10.0.0-1
Severity: serious
Hi,
your package triggers a non-overridable lintian autoreject tag, i.e.
if the package would be reuploaded today without changes, it would be
automatically rejected by ftp-master.
https://lintian.debian.org/tags/FSSTND-dir-in-usr
Package: multitail
Version: 6.5.0-2
Severity: serious
Hi,
multitail triggers the lintian autoreject tag 'FSSTND-dir-in-usr',
i.e. if the package would be reuploaded today without changes, it would
be automatically rejected by ftp-master.
https://lintian.debian.org/tags/FSSTND-dir-in-usr
E
Processing control commands:
> tag -1 pending
Bug #987332 {Done: Dave Hibberd } [aprx] aprx automatically
starts up with really bad default config
Added tag(s) pending.
--
987332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987332
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Control: tag -1 pending
Hi,
This is with release team for unblock review
DH
--
Hibby
MM0RFN
Source: qthid-fcd-controller
Version: 4.1-5
Severity: serious
Hi,
src:qthid-fcd-controller triggers the lintian autoreject tag 'bogus-mail-host',
i.e. if the package would be reuploaded today without changes, it would
be automatically rejected by ftp-master.
Hi Julien,
* Julien Puydt [2021-05-18 07:56]:
1) Upstream itself uses the testsuite in the sense of "shouldn't have
too many failing tests", and it still allows to detect when a build is
utterly broken, so we shouldn't disable it.
Debian doesn't necessarily need to do the same as upstream
Processing control commands:
> tags -1 + patch
Bug #987536 [src:imv] imv FTBFS without internet access
Added tag(s) patch.
--
987536: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987536
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + patch
On 2021/04/25 12:22 PM, Adrian Bunk wrote:
> The Ubuntu patch seems to contain a fix/workaround.
As Adrian stated, the ubuntu patch fixes the issue.
Please find attached the patch to apply (Credit to Logan Rosen
)
I intend to NMU in a couple of days if the bug is still
Your message dated Tue, 18 May 2021 11:33:36 +
with message-id
and subject line Bug#982424: fixed in python-louvain 0.0+20181013git3fc1f575-2
has caused the Debian Bug report #982424,
regarding python3-louvain: The package name should match the import module name
"community"
to be marked as
Your message dated Tue, 18 May 2021 11:33:36 +
with message-id
and subject line Bug#913377: fixed in python-louvain 0.0+20181013git3fc1f575-2
has caused the Debian Bug report #913377,
regarding python-louvain: FTBFS (No module named 'networkx')
to be marked as done.
This means that you claim
Hi Paul,
On Mo 17 Mai 2021 20:56:52 CEST, Paul Gevers wrote:
Control: reopen -1
Hi Mike,
On 17-05-2021 12:57, Mike Gabriel wrote:
Can you do your autopkgtest magic with upcoming dbus-test-runner
16.10.0~bzr100+repack1-5~exp2 once more?
Sure thing. Sadly, if fails 6/20:
This is from the cloned bug but belongs here.
Am 18.05.21 um 08:31 schrieb Heinrich Schuchardt:
The original problem report showed the following situation was hit:
common/malloc_simple.c:29:
log_err("alloc space exhausted\n");
You cannot expect normal system behavior when reaching this
Am 18.05.21 um 03:27 schrieb Vagrant Cascadian:
On 2021-05-07, Vagrant Cascadian wrote:
On 2021-04-16, Bastian Germann wrote:
I figured out my problem is caused by
https://github.com/u-boot/u-boot/commit/f3866909e35074ea6f50226d40487a180de1132f.
The
boot_efi_bootmgr will run and read a bad
Hi
oh, and no, the fix for #881725 does not actually help, thanks to this
bug.
It keeps the systemd-private-* dir around, but everything inside is
gone.
Joerg
Processing commands for cont...@bugs.debian.org:
> # not meant to be used in this way
> tags 988632 - newcomer
Bug #988632 [audacity] audacity: The main drawing area (sound wave) do not
refresh
Removed tag(s) newcomer.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Processing commands for cont...@bugs.debian.org:
> severity 636459 grave
Bug #636459 [tmpreaper] tmpreaper: protect on directory fails. Invalid process
order.
Severity set to 'grave' from 'normal'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
636459:
Your message dated Tue, 18 May 2021 07:33:36 +
with message-id
and subject line Bug#988550: fixed in r-cran-ggvis 0.4.7+dfsg-2
has caused the Debian Bug report #988550,
regarding r-cran-ggvis: broken symlink:
/usr/lib/R/site-library/ggvis/www/lib/lodash/lodash.min.js ->
Re: To 988290-submit...@bugs.debian.org
> Control: tag -1 pending
Still pending.
Christoph
The original problem report showed the following situation was hit:
common/malloc_simple.c:29:
log_err("alloc space exhausted\n");
You cannot expect normal system behavior when reaching this situation.
The available space for simple malloc is defined by:
CONFIG_SPL_SYS_MALLOC_F_LEN=0x2000
Hi,
Le lundi 17 mai 2021 à 15:20 +0200, Jochen Sprickerhof a écrit :
> Hi Julien,
>
> * Julien Puydt [2021-05-17 09:01]:
> > I tried to create a testing sbuild and compile sagemath 9.2-2 with
> > it,
> > and it worked so unless I made a mistake in my setup, something
> > made
> > that bug go
66 matches
Mail list logo
