Bug#1055772: hoteldruid: CVE-2023-47164

Source: hoteldruid Version: 3.0.5-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for hoteldruid. CVE-2023-47164[0]: | Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier | allows a

Processed: severity of 1055768 is minor, tagging 1055768, closing 1055768

Processing commands for cont...@bugs.debian.org: > severity 1055768 minor Bug #1055768 [systemd] systemd is shit Severity set to 'minor' from 'critical' > tags 1055768 = Bug #1055768 [systemd] systemd is shit Removed tag(s) upstream and security. > close 1055768 Bug #1055768 [systemd] systemd is

Processed: Bug#1054810 marked as pending in gaupol

Processing control commands: > tag -1 pending Bug #1054810 [src:gaupol] gaupol: FTBFS: mv: cannot stat '/<>/debian/gaupol/usr/bin/gaupol': No such file or directory Added tag(s) pending. -- 1054810: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054810 Debian Bug Tracking System Contact

Bug#1054810: marked as pending in gaupol

Control: tag -1 pending Hello, Bug #1054810 in gaupol reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at:

Bug#1055228: plplot: FTBFS on armhf (test segfault)

* Rafael Laboissière [2023-11-09 17:11]: [snip] There may be a programming error in x09f.f90 or this may be a problem with gfortran on armhf. My knowledge of Fortran is almost non existent and I will need the help of experts, in order to fix the issue. Regarding this issue, I filed a bug

Bug#1052803: golang-github-gosexy-gettext: FTBFS: dh_auto_test: error: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 8 github.com/gosexy/gettext returned exit code 1

I have uploaded a fix for this as a NMU to the DELAYED/10 queue. A diff of the changes is attached. Mathias diff --git a/debian/changelog b/debian/changelog index ef627bd..3c5bb15 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +golang-github-gosexy-gettext

Bug#1055758: opensmtpd: OpenSMTPD release in stable (bookworm) is useless due to #1037359

Package: opensmtpd Version: 6.8.0p2-4+b4 Severity: grave Justification: renders package unusable X-Debbugs-Cc: mikeonthecompu...@gmail.com Dear Maintainer, Due to the bug mentioned in the subject (#1037359), OpenSMTPD fails to utilize TLS certificates with OpenSSL >= 3.0.0. As such, the program

Bug#1055050: marked as done (FTBFS against openturns/1.21.1-2 currently in experimental)

Your message dated Fri, 10 Nov 2023 16:35:01 + with message-id and subject line Bug#1055050: fixed in persalys 15.0+ds-3 has caused the Debian Bug report #1055050, regarding FTBFS against openturns/1.21.1-2 currently in experimental to be marked as done. This means that you claim that the

Bug#1043161: i2p: CVE-2023-36325

Hi again, Just for the sake of clarity: below I suggested a path to removal but I want to make it clear I don't intend to undertake such action, disrespecting the maintainer. Debian processes have to be respected. Best, -- Pierre Le 10/11/2023 à 10:05, Pierre Gruet a écrit : Hi Salvatore,

Processed: Raising severity

Processing control commands: > severity -1 serious Bug #1055050 [src:persalys] FTBFS against openturns/1.21.1-2 currently in experimental Severity set to 'serious' from 'important' -- 1055050: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055050 Debian Bug Tracking System Contact

Bug#1055679: marked as done (nvchecker and python3-nvchecker have an undeclared file conflict on 56 files)

Your message dated Fri, 10 Nov 2023 13:37:09 + with message-id and subject line Bug#1055679: fixed in python-nvchecker 2.12-2 has caused the Debian Bug report #1055679, regarding nvchecker and python3-nvchecker have an undeclared file conflict on 56 files to be marked as done. This means

Bug#1055680: marked as done (libpython3.12-stdlib has an undeclared file conflict)

Your message dated Fri, 10 Nov 2023 11:50:16 + with message-id and subject line Bug#1055680: fixed in python3.12 3.12.0-4 has caused the Debian Bug report #1055680, regarding libpython3.12-stdlib has an undeclared file conflict to be marked as done. This means that you claim that the problem

Processed: Re: Bug#1055392: wasmedge: autopkgtest regression: 'cstdint' file not found

Processing control commands: > affects 1052002 - wasmedge Bug #1052002 [clang-16] C++ compilation for wasm32-wasi broken due to missing include paths Bug #1055392 [clang-16] wasmedge: autopkgtest regression: 'cstdint' file not found Removed indication that 1052002 affects wasmedge Removed

Bug#1055392: wasmedge: autopkgtest regression: 'cstdint' file not found

Control: affects 1052002 - wasmedge Control: affects 1052002 + src:wasmedge On Thu, Nov 09, 2023 at 09:52:04AM +0100, Paul Gevers wrote: > > Hi Paul, > > Thank you for your report. This is caused #1052002, which I had marked > > as affects: wasmedge previously. > > Sorry for not checking that,

Bug#1054691: marked as done (pyferret: FTBFS: ld: cannot find -lpyferret: No such file or directory)

Your message dated Fri, 10 Nov 2023 11:20:20 + with message-id and subject line Bug#1054691: fixed in pyferret 7.6.5-4 has caused the Debian Bug report #1054691, regarding pyferret: FTBFS: ld: cannot find -lpyferret: No such file or directory to be marked as done. This means that you claim

Processed: Bug #1042693 forwarded to upstream issue

Processing commands for cont...@bugs.debian.org: > forwarded 1042693 https://github.com/celery/django-celery-results/issues/412 Bug #1042693 [src:python-django-celery-results] python-django-celery-results: FTBFS with Sphinx 7.1, docutils 0.20: make[1]: *** [debian/rules:14:

Bug#1055510: Best way to coordinate this fix

Hi Francois, On Thu, Nov 09, 2023 at 10:27:51PM -0800, Francois Marier wrote: > I've just uploaded to experimental. If there are any tests you can easily > run there, please do so. Thank you. The package built and dumat has imported it. I locally forked its analysis database pretending that

Processed: Bug #1042586 forwarded to upstream issue

Processing commands for cont...@bugs.debian.org: > forwarded 1042586 > https://github.com/marshmallow-code/flask-marshmallow/issues/275 Bug #1042586 [src:python-flask-marshmallow] python-flask-marshmallow: FTBFS with Sphinx 7.1, docutils 0.20: make[1]: *** [debian/rules:19:

Processed: found 1055729 in 2.11.0-1

Processing commands for cont...@bugs.debian.org: > found 1055729 2.11.0-1 Bug #1055729 [faad2] FTBFS: faad2 fails to build on i386, blocking DSA fix transition There is no source info for the package 'faad2' at version '2.11.0-1' with architecture '' Unable to make a source version for version

Bug#1055729: FTBFS: faad2 fails to build on i386, blocking DSA fix transition

Severity: serious Package: faad2 Tags: patch upstream security fixed-upstream Please apply upstream fix https://github.com/knik0/faad2/commit/1001f9576cbb29242671c489cd861de61cfe08e2?diff=unified Kind regards, Sven

Bug#1043161: i2p: CVE-2023-36325

Hi Salvatore, I am doing some QA overseeeing, I am not the maintainer of i2p. I NMUed it one year and a half ago, nothing has happened since then. On Sun, 06 Aug 2023 21:26:51 +0200 Salvatore Bonaccorso wrote: > Source: i2p > Version: 0.9.48-1.1 > Tags: security upstream > Justification:

Bug#1055698: py-ubjson ftbfs with Python 3.12 (test failures)

Package: src:py-ubjson Version: 0.16.1-2 Severity: serious Tags: sid trixie User: debian-pyt...@lists.debian.org Usertags: python3.12 py-ubjson ftbfs with Python 3.12 (test failures): == FAIL: test_recursion