Bug#907585: Backport also needs fixing

found 907585 20180518-1~bpo9+1 thanks firmware-cavium_20180518-1~bpo9+1_all.deb is still in the package pool and contains the offending binary.

Bug#846374: debsecan: Debsecan cannot access https://security-tracker.debian.org/tracker/debsecan/*/1

* Berke Durak: > Debsecan stopped working. It fails as it is trying to access > >https://security-tracker.debian.org/tracker/debsecan/release/1/GENERIC > > or /sid, /jessie, etc. > > It displays the following error: > > % debsecan > error: while downloading > https://security-tracke

Bug#904808: libcap-ng0: libcap-ng's use of pthread_atfork causes segfaults

The problem here is the weak declaration: $ eu-readelf --symbols=.dynsym /lib64/libcap-ng.so.0.0.0 | grep pthread_atfork 28: 0 NOTYPE WEAK DEFAULTUNDEF pthread_atfork In the Fedora 29 build, the constructor looks like this: Dump of assembler code for function init

Bug#857909: [libc6-dev] getpid() in child process created using clone(CLONE_VM) returns parent's pid

* John Paul Adrian Glaubitz: > I would suggest filing a bug report to glibc upstream or posting on > their mailing list to ask for feedback. Upstream has since removed the PID cache:

Bug#975219: [Debichem-devel] Bug#975219: elkcode: FTBFS: internal compiler error: in lookup_field_for_decl, at tree-nested.c:288

* Lucas Nussbaum: > Hi Michael, > > On 22/11/20 at 15:32 +0100, Michael Banck wrote: >> Hi Lucas, >> >> That looks like an ICE, shouldn't that be filed with gfortran? > > Usually my logic is: if there's only one similar failure, I file a bug > against the affected package, rather than against the

Bug#993162: libc6: i386 (Geode LX): latest push to Bookwork produces multiple sig ILL

* Aurelien Jarno: > I have been looking at the corresponding instruction, this is: > > 2ed0 <__cpu_indicator_init@GCC_4.8.0>: > 2ed0: f3 0f 1e fb endbr32 > > This is an Intel CET instruction, and it seems your CPU doesn't support > executing it. Anyway this shows that the

Bug#998156: contains non-DFSG-free files

* Henry Cejtin: > As far as I know, the ckit stuff is just included because it needed > some tweaks to work under MLton. > I don't think that any of "our" stuff depends on it. I think mlnffigen needs ckit.

Bug#998156: contains non-DFSG-free files

* Henry Cejtin: > (I assume you meant ml-nlffigen.) ml-nlffigen is part of SML/NJ, not > part of MLton. /usr/bin/mlnlffigen is part of mlton-tools. I believe the code generation requirements are different for MLton and SML/NJ.

Bug#924712: crypt() not available _XOPEN_SOURCE is defined

* Laurent Bigonville: > Package: libc6-dev > Version: 2.28-8 > Severity: serious > > Hi, > > The crypt.3 manpage, state that _XOPEN_SOURCE should be define for > crypt() to be available. > > But it looks that it's currently the opposite, if _XOPEN_SOURCE is > defined, the function cannot be found.

Bug#924712: crypt() not available _XOPEN_SOURCE is defined

* Laurent Bigonville: > Le 19/03/19 à 19:43, Florian Weimer a écrit : >> * Laurent Bigonville: >> >>> Package: libc6-dev >>> Version: 2.28-8 >>> Severity: serious >>> >>> Hi, >>> >>> The crypt.3 manpage, state that

Bug#924891: glibc: FTBFS: /<>/build-tree/amd64-libc/conform/UNIX98/ndbm.h/scratch/ndbm.h-test.c:1:10: fatal error: ndbm.h: No such file or directory

> About the archive rebuild: The rebuild was done on EC2 VM instances from > Amazon Web Services, using a clean, minimal and up-to-date chroot. Every > failed build was retried once to eliminate random failures. I believe the actual test failure is tst-pkey. Presumably, this rebuild was performed

Bug#924891: glibc: FTBFS: /<>/build-tree/amd64-libc/conform/UNIX98/ndbm.h/scratch/ndbm.h-test.c:1:10: fatal error: ndbm.h: No such file or directory

* Lucas Nussbaum: > On 26/03/19 at 23:10 +0100, Aurelien Jarno wrote: >> On 2019-03-22 17:30, Florian Weimer wrote: >> > > About the archive rebuild: The rebuild was done on EC2 VM instances from >> > > Amazon Web Services, using a clean, minimal and up-to-date

Bug#924891: glibc: FTBFS: /<>/build-tree/amd64-libc/conform/UNIX98/ndbm.h/scratch/ndbm.h-test.c:1:10: fatal error: ndbm.h: No such file or directory

retitle 924891 glibc: misc/tst-pkey fails due to cleared PKRU register after signal in amd64 32-bit compat mode thanks * Lucas Nussbaum: > On 27/03/19 at 08:48 +0100, Florian Weimer wrote: >> > If that's useful, I can easily provide access to an AWS VM to debug this >> &

Bug#924712: crypt() not available _XOPEN_SOURCE is defined

* Francesco Poli: > Hello everyone, > I am sorry to ask, but... I cannot understand what's the status of > [this bug report]. > > [this bug report]: > > A serious bug for libc6-dev without any apparent activity since last > March? Sure there must have been some hi

Bug#964815: it looks like dprof2calltree cannot be distributed with a GPL-2 work

* Nicholas D. Steeves: > Hi, > > Adrian Bunk writes: > >> On Fri, Jul 10, 2020 at 07:48:31PM -0400, Nicholas D Steeves wrote: >> >>> it would still not be DFSG-free, because it >>> fails the "desert island test" for snail mail. Were OmniTI Computer >>> Consulting would accept email, it would als

Bug#954715: glibc: FTBFS: tests failed: signal/tst-minsigstksz-1 signal/tst-minsigstksz-2

* Lucas Nussbaum: > Source: glibc > Version: 2.30-2 > Severity: serious > Justification: FTBFS on amd64 > Tags: bullseye sid ftbfs > Usertags: ftbfs-20200322 ftbfs-bullseye > > Hi, > > During a rebuild of all packages in sid, your package failed to build > on amd64. >> FAIL: signal/tst-minsigstks

Bug#838960: denial of service with crafted id3v2 tags in all mpg123 versions since 0.60

* Thomas Orgis: > Am Tue, 27 Sep 2016 10:27:04 +0100 > schrieb James Cowgill : > >> Does this have a CVE ID? If not it should get one. > > I wondered about that. At the moment I just acted on the bug report and > pushed the fix. I have to personal experience with the CVE procedure. > In the past,

Bug#839010: bind9: CVE-2016-2776: Assertion failure in query processing

Package: bind9 Version: 1:9.10.3.dfsg.P4-10.1 Tags: security Severity: grave ISC has released a security alert at Relevant information from this report follows: CVE: CVE-2016-2776 Document Version: 2.0 Posting date: 2016-09

Bug#839051: bind9: Unfixed crasher bug in wheezy LTS

Package: bind9 Version: 1:9.8.4.dfsg.P1-6+nmu2+deb7u10 Tags: security wheezy Severity: grave The wheezy LTS version of bind9 has an additional crasher bug. It may be due to an incomplete backport of the fix for CVE-2015-5477. I'm attaching the reproducer. Upstream BIND without the fix for CVE-2

Bug#839260: ghostscript: various sandbox bypasses

Package: ghostscript Version: 9.19~dfsg-3 Tags: security Severity: grave Tavis Ormandy has reported several sandbox bypasses on the oss-security mailing list. (also see follow-ups) Filed upstream as:

Bug#832824: haskell-src-exts: reporting a bug at GHC for linker error. build fail on mips64el

* Clint Adams: > Can you explain what GHC might be doing wrong? Did binutils get > stricter about something? What is R_MIPS_GOT_DISP? Are the GOT > constraints the same on mips64el as they are on mipsel? I suppose so, because the instruction encoding is quite similar. According to the binutil

Bug#839317: [pkg-golang-devel] Bug#839317: golang-1.7: FTBFS: tests failed

* Lucas Nussbaum: >> --- FAIL: TestLoadFixed (0.00s) >> time_test.go:943: Now().In(loc).Zone() = "-01", -3600, want >> "GMT+1", -3600 Is this due to a tzdata change?

Bug#368159: FYI: GNUnet in stable not affected

notfound 368159 0.6.6b-4 thanks * Daniel Baumann: > Arnaud Kyheng and Christian Grothoff found out, that GNUnet in the > current stable are not affected by CVE-2006-2413. Thanks, marking as such. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [

Bug#370644: update-grub exits with non-zero exit status

Package: grub Version: 0.97-10 Severity: grave Some invocations of update-grub's write_kernel_entry lack the full list of parameters, which cause the "shift" call in the subprogram to fail. As "set -e" has been enabled, the whole script is terminated at that point. -- To UNSUBSCRIBE, email to

Bug#370644: #370644 update-grub exits with non-zero exit status

* Goswin von Brederlow: > could you please give some examples where it breaks and ay why it is > grubs fault that it gets called with the wrong number of arguments. Note that "it" = write_kernel_entry. The bug is triggered on a system where memtest86 is installed and /boot is on separate partiti

Bug#365680: [CVE-2006-2148] cgiirc: buffer overflow in client.c not fixed in sid

* Stefan Fritsch: > the fix has not been uploaded to unstable yet, but the BTS claims [1] > that it is resolved. Is this a bug in the version tracking of the > BTS? > > http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=cgiirc In fact, the sarge version should propagate to etch and sid. I don't

Bug#347221: NMU patch

intainer upload + * CVE-2006-0083: Apply patch to fix format string issue +in logging code. Closes: #347221. + + -- Florian Weimer <[EMAIL PROTECTED]> Mon, 23 Jan 2006 13:49:46 +0100 + smstools (1.16-1) unstable; urgency=low * New upstream release diff --git a/src/logging.c b/src/lo

Bug#349528: various unfixed security bugs

Package: elog Version: 2.6.0beta2+r1716-1 Tags: security upstream fixed-upstream Severity: grave First a little version cross-reference, based on the src/elog{,d}.c files. Debian CVS (elogd.c)Subversion 2.6.0beta2+r1716-1 1.717* r1445 2.5.7+r1558-3 1.558 +

Bug#344029: Patch to fix this security bug

* Don Armstrong: > Attached is the patch for the NMU that I am preparing; I will upload > it to a delay queue sometime tomorrow (assuming it checks out when > I've had more sleep.) What has happened to the NMU? Shall I upload your patch? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a su

Bug#349528: various unfixed security bugs

from upstream's Subversion repository: + "Fixed crashes with very long (revisions) attributes" + + -- Florian Weimer <[EMAIL PROTECTED]> Mon, 23 Jan 2006 15:56:37 +0100 + elog (2.5.7+r1558-3) testing-proposed-updates; urgency=high * Security update. Backport the fix

Bug#349528: various unfixed security bugs

* Recai Oktaş: >> I'm not sure if it is worth the effort, until we have all other issues >> sorted out. > > Agreed. I would be glad if you add yourself in "Uploaders" field. > You're totally free to make any upload. Uhm, I don't use elog myself and have zero interest in that package beyond that

Bug#349528: Security bugs in elog

* Stefan Ritt: >> - If host names are resolved, no forward lookup is performed to >> verify the PTR RR. (This does not affect the sarge version >> because it unconditionally uses addresses, not host names.) > > Can you specify what you mean by that exactly? If I read the code correctly

Bug#349528: Security bugs in elog

* Stefan Ritt: > Florian Weimer wrote: >> address you started with. Since DNS is quite dynamic, it's also a >> good idea to include IP address information in the log file in all >> cases, even if a proper host name was found in DNS. > > So I put the IP address

Bug#349528: Security bugs in elog

* Recai Oktaş: > * Recai Oktaş [2006-01-25 09:34:15+0200] > Florian: If you haven't any objections, I'll upload to stable-security You need to coordinate this with the stable-security team. If you could upload a new upstream version to unstable, this would be fine, though. So far, the patch for

Bug#349985: various unfixed security bugs

Package: libphp-adodb Tags: security Severity: grave The package seems to contain at least the following vulnerabilities:

Bug#349793: apache-common: Cross-site scripting (XSS) vulnerability in the mod_imap module

* Stephen Gran: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 Uhm, hasn't this been fixed in apache 1.3.34-2 (bug #343466) and apache2 2.0.55-4 (bug #343467)? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#350020: realpath()-related buffer overflow in rpc.mountd [CVE-2006-0043]

Package: nfs-user-server Severity: critical Tags: security >From SuSE Security Announcement SUSE-SA:2006:005: An remotely exploitable problem exists in the rpc.mountd service in the user space NFS server package "nfs-server". Insufficient buffer space supplied to the realpath() function

Bug#350274: Buffer overflow in symlink handling

Package: git-core Severity: grave Tags: security A buffer overflow bug has been discovered in GIT. Upstream version 1.1.5 fixes it, too. Author: Junio C Hamano <[EMAIL PROTECTED]> 2006-01-27 23:44:07 Committer: Junio C Hamano <[EMAIL PROTECTED]> 2006-01-27 23:44:07 Parent: e921fb82cf6fb4a5f138

Bug#352182: Crash in the

Package: libtasn1-2 Version: 0.2.17-1 Severity: grave Tags: security A crash in the DER decoder of GnuTLS has been disclosed. From: Simon Josefsson <[EMAIL PROTECTED]> Subject: GnuTLS 1.2.10 - Security release Newsgroups: gnu.announce To: [EMAIL PROTECTED], help-gnutls@gnu.org, info-gnu@gnu.org D

Bug#238245: Proposed plan (and license) for the webpage relicensing

* Javier Fernández-Sanguino Peña: > Copyright 1997-2006 Software in the Public Interest, Inc. All rights reserved. Is this correct? Have all contributors assigned copyright to SPI? >2. Redistributions in compiled form (transformed to other DTDs, converted >to HTML, PDF, PostScript, RTF

Bug#352182: Crash in the ASN.1 DER decoder. Fixed?

found 352182 1:0.2.17-2 thanks * Javier Serrano Polo: > This bug is fixed in version 0.3.1, but package has been reverted to > 0.2.17. Should this bug remain closed? Probably not. Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL P

Bug#365940: Files for a Quagga DSA (RIPD unauthenticated route injection)

* Christian Hammers: > Attached you will find a diff that can be used to make a DSA for the > recent Quagga security bug. Your proposal does not mention the behavior change which was alluded to by upstream. Is this intentional? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "

Bug#365464: proftpd: net ACLs are buggy

* Francesco Paolo Lovergine: >> Refusing IPv6 subnets doesn't qualify as a fix for this issue IMHO, >> but at least it'll fix the hole in the meantime. I wonder how this >> code can end up in a stable release. > I'm not an IPv6 expert but AFAIK IPv4 CIDR notation is simply a non > sense in 128bit

Bug#365464: proftpd: net ACLs are buggy

* Francesco Paolo Lovergine: >> According to my notes (I'm offline at the moment), RFC 3513 specifies >> a syntax for IPv6 prefixes. The syntax is similar to IPv4 prefixes: >> >> 0123:4567:89ab:cdef:0123:4567:89ab:cde0/124 >> > > Which is completely different from the ipv4 cidr indeed. Huh?

Bug#367647: Missing library dependency

Package: sqlite3 Version: 3.3.5-0.2 Severity: grave The sqlite3 package lacks a dependency on libsqlite3-0. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#368645: CVE-2006-2313, CVE-2006-2314: encoding conflicts

Package: postgresql Version: 7.4.7-6sarge1 Tags: security Severity: grave A couple of PostgreSQL issues have been disclosed today: My analysis so far: * CVE-2006-2313 High impact (because UTF-8 is affected and widely used). Fix is straightforward

Bug#340282: [CVE-2005-1790] DoS against Mozilla-based browsers

Package: mozilla-browser Version: 1.7.12-1 Severity: grave Tags: security An exploit for CVE-2005-1790, a bug originally classified as IE-only, causes Mozilla-based browsers to crash. See the proof of concept exploit (for IE) at: The

Bug#340283: [CVE-2005-1790] DoS against Mozilla-based browsers

Package: mozilla-firefox Version: 1.0.7-1 Severity: grave Tags: security An exploit for CVE-2005-1790, a bug originally classified as IE-only, causes Mozilla-based browsers to crash. See the proof of concept exploit (for IE) at: The

Bug#332259: webmin possible remote root exploit -> problem also applies to spampd

* Sven Mueller: > http://www.dyadsecurity.com/webmin-0001.html > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341394 > > If this is considered a possible remote root compromise, the spampd bug > I reported a while ago to [EMAIL PROTECTED] (see also bug > #332259) is also a possible remote comp

Bug#335881: numerix: FTBFS: Segfaults in tests

* Michel Quercia: > like this ? > > -- ># corps de boucle à dérouler. taille du code = 24 octets ># entrer avec eax = edx = 1er chiffre de a, CF = 0 > #undef BODY > #define BODY(x,y,z) \ > adcl

Bug#335881: numerix: FTBFS: Segfaults in tests

* Michel Quercia: > I don't know how to make a patch. Is this ok ? It is. > --- 985,991 > #define BODY(x,y,z) \ > adcl x(%ebx,%ecx,4), %eax; \ > !/* movl y(%esi,%ecx,4), %edx */ .byte 0x8B, 0x54, 0x8E, y; \ > movl %eax, x(%edi,%ecx,4); \ > !/* ad

Bug#335881: numerix: FTBFS: Segfaults in tests

tag 335881 patch thanks * Michel Quercia: > Florian Weimer a écrit : > >>You must also byte-code the final movl instruction, I'm afraid: >> >> > Sorry. Attached is the new diff file (with respect to the original 0.21 > source). Thanks a lot. I can con

Bug#342292: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

* Frank Küster: > It also seems that there are some buffer overflows in 3.00 that do not > have any tests, e.g. in XRef.cc, line 391 after patch-CAN-2004-0888 has > been applied. Or is such a check > > if (newSize < 0) { > goto err1; > } > > enough to detect an integer overflow,

Bug#342550: firefox: Javascript, history.dat & DoS

* Steve Kemp: >> My ff does not crashed, but it ate really much cpu-time when I tested >> slightly modified version of javascript. > > Not a security issue, "just" a DOS attack. > > Mozilla.org do not regard DOS attacks as security issues, so we cannot > either. Even if the browser cannot

Bug#342292: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

* Frank Küster: > Would > > if (nTiles >= INT_MAX / sizeof(JPXTile) { > error(getPos(), "Bad tile count in JPX SIZ marker segment"); > return gFalse; > > be okay? It might still be a DoS issue, I think. Allocating arbitrary amounts of memory upon user request is usually a bad

Bug#332902: Accepted numerix 0.21-2 (source i386 all)

* Mike Furr: > So I reassigned 332902 to binutils and merged them. IMO, adding that > option to all of OCaml is a bad idea based on the notes in the gcc manpage: > Only use these options when there are significant benefits from > doing so. When you specify these options, the assembler

Bug#342292: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

* Frank Küster: > The function that is called in *tetex-bin* is not gmallocn, but gmalloc > - it's based on xpdf 3.00, not 3.01, and this is the very reason why I > need to check for an overflow in nTiles * sizeof(JPXTile). Sure, I wanted to explain why this is not sufficient. It should be equiv

Bug#342550: firefox: Javascript, history.dat & DoS

* Mike Hommey: >> Even if the browser cannot be restarted after the attack has been >> carried out? The impact of this bug is slightly different from other >> crash bugs. > > Are you sure the firefox process was not still running ? That would > explain the browser not being able to restart... Ac

Bug#342292: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

* Martin Pitt: > - For invalid (big) positive values of nObjs which, when multiplied with nObjs > overflow an int, we have two cases: But neither ISO C nor GNU C make any promises regarding this case. Overflow is undefined, period. You can pass -fwrapv to gcc if you want modulo arithmetic for

Bug#342292: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

* Martin Pitt: > Hi Florian! > > Florian Weimer [2005-12-09 11:53 +0100]: >> * Martin Pitt: >> >> > - For invalid (big) positive values of nObjs which, when multiplied with >> > nObjs >> > overflow an int, we have two cases: >> >>

Bug#342704: ocaml: FTBFS on hppa: "Error: Field out of range [-262144..262143] (-267528)."

* Julien Cristau: > ocaml FTBFS on hppa with the following error (from the build log): > ../../ocamlcompopt.sh -warn-error Ay -I ../camlp4 -I ../boot -c -impl > pa_o_fast.ppo > [...] > /tmp/camlasm6f9a2e.s: Assembler messages: > /tmp/camlasm6f9a2e.s:97621: Error: Field out of range [-262144..2621

Bug#342704: ocaml: FTBFS on hppa: "Error: Field out of range [-262144..262143] (-267528)."

* Florian Weimer: > This looks indeed like a GAS bug (or a miscompilation of GAS). The > branch target is only a few hundred instructions away, so it should be > reachable using a BL instruction. I was wrong, this is not a real GAS bug. (See the binutils list for a discussion.) T

Bug#342704: Disable HPPA native code compiler

Upstream has responded; they won't fix this, and they no longer maintain the native code compiler on HPPA. I susgest to disable it in the Debian package. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#343503: [CVE-2005-4048] avcodec_default_get_buffer heap overflow

Package: gst-ffmpeg Tags: security Severity: grave The package embeds a local copy of libavcodec, which is vulnerable to CVE-2005-4048: http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 http://mplayerhq.hu/pipermail/ffmpeg-cvslog/2005-December/000979.html Please check if it is necessa

Bug#335997: flyspray: Multiple XSS vulnerabilities

* Thijs Kinkhorst: > For the testing (etch) and unstable distribution (sid) this problem has > been fixed in version 0.9.8-5. > close 335997 0.9.8-4 -4 or -5? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#358754: [CVE-2005-2922] Invalid chunk size heap overflow vulnerability

Package: helix-player Version: 1.0.6-3 Severity: grave Tags: security A new vulnerability in helix-player has been disclosed. From: labs-no-reply <[EMAIL PROTECTED]> Subject: [VulnWatch] iDefense Security Advisory 03.23.06: RealNetworks RealPlayer and Helix Player Invalid Chunk Size Heap Overfl

Bug#359042: [CVE-2006-1354] EAP-MSCHAPv2 vulnerability

Package: freeradius Severity: grave Tags: security A new security issue has been discovered in freeradius: 2006.03.20 v1.0.5, and v1.1.0 - A validation issue exists with the EAP-MSCHAPv2 module in all versions from 1.0.0 (where the module first appeared) to 1.1.0. Insufficient input validatio

Bug#362001: [security] Insecure semaphore permissions

* Steve Langasek: > A DoS does not normally qualify as a severity: grave security bug. Why the sudden change in policy? So far, only user-initiated denial-of-service conditions (e.g. editor crashes when opening certain files) were not considered grave bugs. -- To UNSUBSCRIBE, email to [EMAIL

Bug#359042: How do you feel about an NMU?

* Steve Langasek: > FWIW, I'm not convinced this bug warrants grave severity anyway; unless the > crasher bug allows arbitrary code execution as well, it doesn't seem like > this is really a big issue given that the radius clients shouldn't normally > be under the control of an attacker? Nowadays

Bug#361024: note on "2.4 is deprecated"

* Joey Hess: > - Debian's userland has *always* supported at least the previous major >kernel version, and most often the previous two, or sometimes I >think, three major kernel versions. This isn't a real argument, IMHO, because upstream no longer releases major kernel versions. OTOH,

Bug#352202: CVE-2006-0635: Incorrect parsing of sizeof() may introduce integer overflows

* Romain Francoise: > Update about this bug: I notified upstream about it two weeks ago but > nobody seemed to care; the project is pretty much dead upstream. Do we really want to release software which is dead upstream? > That being said, I'm not sure that the issue is RC anyway, the problem >

Bug#356478: Contains non-free documentation

Package: drscheme Version: 301-12 Severity: serious At least part of the documentation is non-free. Distribution of derivative works is not permitted: | Permission to make digital/hard copies and/or distribute this | documentation for any purpose is hereby granted without fee, | provided that th

Bug#375677: Bug marked as not found in version 1.9.33-0.1.0

equal to 1.9.33-0.1.0. Filipus, did you intend to set a "pending" tag instead? 1.9.33-0.1.0 does net yet exist in the archive. -- Florian Weimer<[EMAIL PROTECTED]> BFK edv-consulting GmbH http://www.bfk.de/ Durlacher Allee 47tel: +49-721-96201-1 D

Bug#377423: linux-image-2.6.16-2-em64t-p4-smp: Fails to find boot device (AHCI ICH7 Family)

reopen 377423 thanks * Bastian Blank: > On Sat, Jul 08, 2006 at 04:10:53PM -0400, Andrew Nady wrote: >> The kernel randomly swaps the /dev/sda to /dev/sde device and back on >> boot-up. >> The confusion occurs when the kernel spontaneously >> assigns /dev/sda, /dev/sdb, /dev/sdc and /dev/sdd to

Bug#378324: local root hole (race condition in /proc)

* Robert Millan: > The linux-2.6 packages in unstable are not affected (since they > don't include a.out support). That's not correct, the vulnerability is present even if a.out support is disabled. It's only one published exploit that requires a.out support. -- To UNSUBSCRIBE, email to [EMAI

Bug#316321: Restarting the server may be required

Reloading Apache 1.3 did not apply all configuration changes in all cases. Has this changed in version 2? If not, it's necessary to restart the server (probably using "apachectl graceful", but still). -- Florian Weimer<[EMAIL PROTECTED]> BFK edv-consu

Bug#336137: Version 6.4-1.1 (4-Sept-2005) does not exist in stable (CAN-2005-152)

retitle 334833 CVE-2005-1527 still not fixed in stable branch retitle 336137 CVE-2005-1527 still not fixed in stable branch severity 334833 grave found 334833 6.4.1 merge 336137 334833 thanks * FX: > Version 6.4-1.1 which fixed CAN-2005-152 on Sept 4, 2005 is still not > available in the stable

Bug#46709: Bug status

Is this security bug still open, after more than six years? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#336582: New round of security issues

Package: phpbb2 Tags: security Severity: grave A new round of security issues in phpBB has been disclosed. | After these weaknesses were found and disclosed to the vendor | nearly 80 days ago, several problems with unitialised variables | were discovered that allow XSS, SQL injection and even r

Bug#335817: [EMAIL PROTECTED]: Bug#335817: wordpress: SECURITY : Contains an insecure version of class.snoopy]

* Florian Weimer: > * Kai Hendry: > >> On 2005-10-26T00:40-0700 Matt Mullenweg wrote: >>> >I need a Wordpress release with the updated "Snoopy version 1.2.1. ASAP. >>> Could you confirm this affects WP? We use an older version of Snoopy >>> that

Bug#336645: PHP 4.4.1 fixes security bugs

Package: php4 Tags: security Severity: grave The Hardened-PHP project has disclosed several security vulnerabilites:

Bug#336654: PHP 5.0.5 fixes security bugs

Package: php5 Tags: security Severity: grave The Hardened-PHP project has disclosed several security vulnerabilites:

Bug#336645: PHP 4.4.1 fixes security bugs

* Florian Weimer: > <http://www.hardened-php.net/advisory_182005.77.html> This appears to be a variant of CVE-2002-1954, although public information is scarce at this stage. See the discussion on full-disclosure and various other places. -- To UNSUBSCRIBE, email to [EMAIL PROTECTE

Bug#336654: Acknowledgement (PHP 5.0.5 fixes security bugs)

retitle 336654 PHP 5.0.5 contains unfixed security bugs thanks Unfortunately, PHP 5.0.5 is the old version, and a new one hasn't been released today, even though the reported bugs apply to PHP 5. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EM

Bug#336645: PHP 4.4.1 fixes security bugs

* Steve Langasek: > However, in reading over the description of the vulnerabilities, I don't > really see any grounds for regarding these as grave securty bugs. The most > severe of these problems, 202005.79, only has a significant impact when > register_globals is set in the PHP environment -- a

Bug#307299: TWiki.cfg

Could you show us your TWiki.cfg file, please? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#336719: Can you reproduce this on 4.5.3-4?

* Hilko Bengen: > db_query uses sprintf to replace placeholder expressions if passed > more than one argument and it seems to me that using %s does the same > thing as PHP's string expansion as in 4.5.3. What about SQL injection? Doesn't db_query protect against it, while PHP's string expansion

Bug#336719: Can you reproduce this on 4.5.3-4?

* Hilko Bengen: > Do you have any idea how the $key parameter to sess_destroy > (includes/session.inc) is generated? It seems as if drupal uses the value generated by PHP, which would mean that it's not exploitable for SQL injection, but I'm not sure. -- To UNSUBSCRIBE, email to [EMAIL PROTECT

Bug#335881: Bug cause

This bug is caused by a change in GAS which makes it prefer shorter instruction sequences: 80580c1: 8d 14 52lea(%edx,%edx,2),%edx 80580c4: 8d ac 95 17 00 00 00lea0x17(%ebp,%edx,4),%ebp 80580cb: 89 c2 mov%eax,%edx 80580cd:

Bug#335881: Patch

> The first few instruction bundles are not 12 bytes long, as required, > but 11 bytes, with catastrophic consequences. I will see what can be > done about this. Technically, this is not a GAS bug. Below is a first attempt at a patch. It doesn't pass the test suite (but debian/rules doesn't det

Bug#345604: ConTeXt documentation is non-free

Package: tetex-doc Version: 3.0-11 Severity: serious The license is clearly non-free: | All rights reserved. No part of this publication may be reproduced, | stored in a retrieval system, or transmitted in any form or by any | means, electronic, mechanical, photocopying, recording or otherwise, |

Bug#345238: Shell command injection in delegate code (via file names)

retitle 345238 [CVE-2005-4601] Shell command injection in delegate code (via file names) thanks This issue has been assigned CVE-2005-4601. Please mention this identifier in the changelog when fixing this bug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Tro

Bug#345238: Shell command injection in delegate code (via file names)

* Daniel Kobras: > tag 345238 + patch > thanks > > On Fri, Dec 30, 2005 at 02:19:27PM +0100, Florian Weimer wrote: >> With some user interaction, this is exploitable through Gnus and >> Thunderbird. I think this warrants increasing the severity to >> "grav

Bug#346197: [CVE-2005-4560] Wine is vulnerable to SetAbortProc WMF bug

Package: wine Version: 0.9-1 Severity: grave Tags: security H D Moore mentioned that Wine contains vulnerable code similar to Microsoft Windows: The fix seems to be to remove that case label. -- To UNSUBSCRIBE, email

Bug#345604: ConTeXt documentation is non-free

* Ralf Stubner: >> | All rights reserved. No part of this publication may be reproduced, >> | stored in a retrieval system, or transmitted in any form or by any >> | means, electronic, mechanical, photocopying, recording or otherwise, >> | without prior written permission of the publisher. > > (fr

Bug#346354: distribution of this package is likely a GPL violation

Package: max-db Version: 7.5.00.19-1 Severity: serious The HTML documentation has apparently been generated by a tool called "SAP Html Export": This means that these HTML documents are not "the preferred form of the work for making modifications", and do not qualify as source code under the GPL

Bug#346572: [mipsel] Depends on ocaml-nox-3.08.3 which cannot be installed.

>> > The following packages have unmet dependencies: >> > ocaml: Depends: ocaml-nox-3.08.3 >> > E: Broken packages > > I get this from my mirror regularly. It occurs because the > package index is downloaded first .. but the packages come later. No, this has to be something else, I'm afaraid.

Bug#346572: [mipsel] Depends on ocaml-nox-3.08.3 which cannot be installed.

* Paul Richards: > Attempting to install 'ocaml' on current debian stable fails due to > broken packages. > The following packages have unmet dependencies: > ocaml: Depends: ocaml-nox-3.08.3 > E: Broken packages What does "apt-get install ocaml-nox" print, or "apt-get install ocaml-nox-3.08

Bug#347221: smstools: Format string attack in logging code

* Steve Kemp: > A DSA has just been released for smstools due to an insecure > usage of syslog in the logging code. Please mention the CVE name CVE-2006-0083 in the changelog when fixing this bug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contac

Bug#345604: ConTeXt documentation is non-free

* Frank Küster: > Florian, are you on a general search for non-free docs, and looking at > more files in tetex-doc? Then please also send a Debbugs-Cc to > [EMAIL PROTECTED] ("Woeful copyright file"). I'm aware of that bug report, but think of it as a separate matter (especially the tex.web stat

  1   2   3   4   5   >