this report
by making an upload addressing the outstanding issues. Even then, please
consider looking for co-maintainers.
I'm going to orphan the package if there's no response within two-three weeks.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
signature.asc
to experimental,
after addressing Julien's comments.) The preinst script needs more changes for
a successful move of /bin/sh from bash and dash to only dash.
That's already on my debcamp/debconf schedule.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
) are not in that repository, yet.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/sudoers
/etc/sudoers.new
mv -f /etc/sudoers.new /etc/sudoers
chmod 0440 /etc/sudoers
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
Could you also please investigate the following and tell us what your plans
are regarding it?
https://bugzilla.redhat.com/show_bug.cgi?id=608644#c10
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
the
security archive.)
For further information see:
[1]https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject
by then.
There's no known patch at the moment and an exploit is linked by the advisory.
[1]http://aluigi.altervista.org/adv/qtsslame-adv.txt
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
-adv.txt
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On Thursday 27 May 2010 03:08:58 Andreas Barth wrote:
* Raphael Geissert (geiss...@debian.org) [100527 06:47]:
Those bugs are policy violations and make those packages FTBFS when using
dash from testing or experimental, or posh.
Tag them squeeze-ignore if you want, but their severity
it; usually bash.
And as you can read on the bug report you mention, the fact that dash
expands backslashes in its echo built-in is not a bug and won't be
fixed.
The difficult part of the switch is not fixing the bashisms, but
educating people about them.
Cheers,
--
Raphael Geissert - Debian Developer
On 27 May 2010 11:53, Andreas Barth a...@not.so.argh.org wrote:
* Raphael Geissert (geiss...@debian.org) [100527 18:47]:
The difficult part of the switch is not fixing the bashisms, but
educating people about them.
It might actually be nice to write up an summary of what happened,
why, what
packages FTBFS when using dash
from testing or experimental, or posh.
Tag them squeeze-ignore if you want, but their severity is 'serious.'
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
-process it. I.e.
only review results if there's no goal-dash br already filed against
the package.)
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
the following
bashism:
possible bashism in ./configure line 9189 (should be 'b = a'):
if test $FT_BIN == no ; then
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe
On 25 May 2010 10:38, Raphael Geissert geiss...@debian.org wrote:
On 18 May 2010 07:33, Gerrit Pape p...@smarden.org wrote:
if test $FRIBIDI_PKG_CONFIG = yes -o ${FRIBIDI_CONFIG: -3} = .pc ;
then
^
I don't think dash 0.5.5.1-3
in the next
two-three weeks.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
a dedicated team it shouldn't be worse than its current state.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
. Please be aware that dash is now the default /bin/sh.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
If you still don't know how to fix the bashisms don't hesitate to reply to
this email, or tag the bug as 'help'.
Thank you,
Raphael Geissert
--
To UNSUBSCRIBE
'.
Thank you,
Raphael Geissert
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
the package.
Thanks in advance.
P.S. failure to respond in a reasonable amount of time (two weeks) would mean
you are no longer interested and that I should go ahead and orphan it.
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian
critical.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
exit status 2
You can find the logs of the two attempts to build it at:
https://buildd.debian.org/build.php?pkg=ncpfsarch=ia64ver=2.2.6-7
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
and that we should ask the ftp-masters to move it to the non-
fatal list of tags?
Gerrit, I'm going to publish my repository with changes addressing the dpkg-
divert issues somewhere. Will follow up on that on the other thread.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org
On 28 April 2010 21:13, Russ Allbery r...@debian.org wrote:
Raphael Geissert atom...@gmail.com writes:
I think it is fair to say that it is ok to remove a local diversion if
the user is saying that she/he wants dash to be /bin/sh. Not doing so
would even leave the diversion and debconf db
close 577734
thanks
On 14 April 2010 10:36, Thijs Kinkhorst th...@debian.org wrote:
On woansdei 14 April 2010, Raphael Geissert wrote:
Since there's apparently not much progress by others to fix their packages
so that php 5.3.2 can finally migrate, I'm filing a dummy RC bug that I'm
going
Source: php5
Version: 5.3.1-5
Severity: serious
Since there's apparently not much progress by others to fix their packages so
that php 5.3.2 can finally migrate, I'm filing a dummy RC bug that I'm going to
mark as fixed by 5.3.2.
Nobody wants to release squeeze with 5.3.1.
Cheers,
--
Raphael
has 8 gb real and 4
gb swap and the OOM killer has been invoked several times already.
I'm sure that you yourself can see that your report is vague and
useless without any further information. What about talking a bit
about the setup, the extensions, the scripts, etc?
Cheers,
--
Raphael
Hi,
I've prepared and uploaded a 0-day NMU to fix this bug.
Attached is the diff of the changes.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
diff -urpN php-ssh2-0.11.0-2.orig/debian/changelog php-ssh2-0.11.0-2/debian/changelog
--- php-ssh2-0.11.0-2.orig/debian
Hi,
Have you considered contacting the copyright owners to get their agreement to
add an exception? maybe it is going to be easier to add an exception than re-
licensing all the xapian code.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE
On 23 February 2010 19:53, Olly Betts o...@survex.com wrote:
On Tue, Feb 23, 2010 at 02:26:24PM -0600, Raphael Geissert wrote:
Have you considered contacting the copyright owners to get their agreement to
add an exception? maybe it is going to be easier to add an exception than re-
licensing
tag 523073 pending
thanks
Date: Fri Feb 5 14:15:08 2010 -0600
Author: Raphael Geissert geiss...@debian.org
Commit ID: 5d5b63e91c2f930c860c32e57ca1e543f9bbd34f
Commit URL:
http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=5d5b63e91c2f930c860c32e57ca1e543f9bbd34f
Patch URL:
http
tag 570111 pending
thanks
Date: Thu Feb 18 19:28:56 2010 -0600
Author: Raphael Geissert geiss...@debian.org
Commit ID: 289af4a9b50a75c2ac027bad7d26bfbc4471dc8a
Commit URL:
http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=289af4a9b50a75c2ac027bad7d26bfbc4471dc8a
Patch URL:
http
to be broken. There's people (me) actively working
on the transition.
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
:45:28.0 -0500
+++ APC-3.0.19/php_apc.c2010-02-10 00:13:02.0 -0600
@@ -955,7 +955,6 @@
#ifdef ZEND_ENGINE_2
/* {{{ arginfo */
-static
ZEND_BEGIN_ARG_INFO(php_apc_fetch_arginfo, 0)
ZEND_ARG_INFO(0, key)
ZEND_ARG_INFO(1, success)
Cheers,
--
Raphael Geissert
*'
but argument is of type 'const unsigned char *' make[1]: *** [ssh2.lo]
Error 1
make[1]: Leaving directory `/tmp/buildd/php-ssh2-0.11.0/build-php5'
make: *** [build-stamp] Error 2
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc
/imlib.c:114:
error: 'third_arg_force_ref' undeclared here (not in a function)
There are some other warnings about deprecated functions.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
.
If that works then it means it is ispell-specific, otherwise it might
be a gnome/gtk-specific issue.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On 7 February 2010 13:02, Svante Signell s...@kth.se wrote:
On Sun, 2010-02-07 at 19:49 +0100, Raphael Geissert wrote:
On 7 February 2010 03:30, Svante Signell s...@kth.se wrote:
Strange, since the 1.4.2-3.4 works and 1.4.2-3.5 don't.
...
Looks like you only have ispell dictionaries, could
tag 523073 pending
thanks
Date: Tue Aug 11 13:08:10 2009 -0500
Author: Raphael Geissert geiss...@debian.org
Commit ID: baa0d12b3cd539b40d33398acd2b8886eef97040
Commit URL:
http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=baa0d12b3cd539b40d33398acd2b8886eef97040
Patch URL:
http
Hi,
Attached is the patch of my NMU.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
diff -u enchant-1.4.2/debian/changelog enchant-1.4.2/debian/changelog
--- enchant-1.4.2/debian/changelog
+++ enchant-1.4.2/debian/changelog
@@ -1,3 +1,11 @@
+enchant (1.4.2-3.6
to
the -dev package.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi,
I plan to release a DSA fixing this issue with the attached patch.
Please upload a new version to sid containing the fix.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Fix CVE-2009-1629: weak session id generation
Use a cookie with a strong random name
Hi Julien,
On 6 February 2010 01:19, Julien Valroff jul...@kirya.net wrote:
Hi Raphael,
Le samedi 06 février 2010 à 01:04 -0600, Raphael Geissert a écrit :
Hi,
I plan to release a DSA fixing this issue with the attached patch.
Please upload a new version to sid containing the fix.
I'll
Hi,
I've uploaded a NMU. Attached is the diff.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
diff -urpN enchant-1.4.2-3.4.orig/debian/changelog enchant-1.4.2-3.4/debian/changelog
--- enchant-1.4.2-3.4.orig/debian/changelog 2010-01-29 17:20:19.0 -0600
tag 566292 patch
thanks
Hi,
I've uploaded a NMU making the attached changes.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
diff -urpN redland-bindings-1.0.10.1-1.orig/debian/changelog redland-bindings-1.0.10.1-1/debian/changelog
--- redland-bindings-1.0.10.1-1
tag 566285 patch
thanks
Hi,
Attached patch should do it. Please fix this bug ASAP.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
diff -urpN zeroc-ice-3.3.1-10.orig/debian/control zeroc-ice-3.3.1-10/debian/control
--- zeroc-ice-3.3.1-10.orig
Depends: libc6 (= 2.3.6-6~), [...], phpapi-20060613+lfs, ucf
and so on. The change is exactly what I said on my original email, just make
debian/rules generate a substvar that will lead to the binary package depend
on phpapi-$(php-config5 --phpapi .)
Regards,
--
Raphael Geissert - Debian Developer
three days, say it NOW.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
three days, say it NOW.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
days, say it NOW.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
days, say it NOW.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
than three days, say it NOW.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
than three days, say it NOW.
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
2010/1/22 Cyril Brulebois k...@debian.org:
tag 566289 pending
thanks
Raphael Geissert geiss...@debian.org (22/01/2010):
P.S. if this bug isn't fixed by one of the current BSPs I plan to
fix it in the following days via a 1-day delay NMU. If you intend
to fix it, in less than three days
2010/1/22 Rene Engelhard r...@debian.org:
[ disclaimer: I am not the maintainer of enchant ]
Hi,
On Tue, Jan 19, 2010 at 02:18:57PM -0600, Raphael Geissert wrote:
While trying to build a package that uses enchant but does not
directly use glib I noticed that libenchant-dev is only depending
Package: libenchant-dev
Version: 1.4.2-3.4
Severity: serious
Hi,
While trying to build a package that uses enchant but does not
directly use glib I noticed that libenchant-dev is only depending on
libenchant1c2a and not on for example libglib2.0-dev (and possibly
others).
Cheers,
--
Raphael
Hi Josselin,
2010/1/6 Josselin Mouette j...@debian.org:
Version: 2.28.0-2
notfound 560895 2.14.3-3
thanks
Le mardi 05 janvier 2010 à 18:13 -0600, Raphael Geissert a écrit :
The issue seems to affect etch, lenny and squeeze/sid.
A patch is available at:
http://git.gnome.org/browse/gnome
and prepare a fix for stable via SPU.
The bug is explained on gnome's bugzilla bug report linked by the commit.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
Source: spring
Severity: serious
Version: 0.80.5.2-1
Hi,
Spring embeds a zillion of libraries and other code but only documents a few
of them.
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
status
The complete log of the failed build can be found at:
https://buildd.debian.org/fetch.cgi?pkg=popplerarch=armelver=0.12.2-2.1stamp=1261688694file=logas=raw
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
'/nonexistent/.dpkg.cfg' for
reading: Permission denied
dpkg: warning: failed to open configuration file '/nonexistent/.dpkg.cfg' for
reading: Permission denied
make: *** [common-binary-predeb-arch] Error 1
8---8
Cheers,
--
Raphael Geissert - Debian
of function 'vx_page_fault' make[6]: ***
[mm/memory.o] Error 1
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/proc.c:70: error: (Each undeclared
identifier is reported only once
/build/buildd-linux-2.6_2.6.32-3-s390-7O5pHW/linux-2.6-2.6.32/debian/build/
source_s390_vserver/kernel/vserver/proc.c:70: error: for each function it
appears in.)
make[7]: *** [kernel/vserver/proc.o] Error 1
Cheers,
--
Raphael
that at least one custom smiley is
defined.
The vulnerability is confirmed in version 2.6.4. Other versions may also be
affected.
If you fix this vulnerability please include the CVE id when one is assigned.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Hi Francois et al,
Do you have any plans to fix these issues? what about an old/stable security
upload?
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
post about the issue).
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: kcheckgmail
Version: 0.5.7.7-1
Severity: serious
Tags: pending
Placeholder bug. Fixed package will be uploaded soon.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
this
vulnerability in the stable and oldstable releases.
For further information see:
http://www.exploit-db.com/exploits/10338
http://secunia.com/advisories/37607/
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
to prepare an
updated package, do you still plan to work on one?
Maybe another upload could be prepared addressing the most severe
issues and declaring the EOL of security support.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian
Hi Laszlo,
It's been more than two weeks and there doesn't seem to be any, at least
public, reaction to this issue which is preventing the migration of the
security bug fixes. What's the status?
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
tag 555945 pending
thanks
Date: Sat Nov 21 11:54:27 2009 -0600
Author: Raphael Geissert geiss...@debian.org
Commit ID: 1707ade0606372744606418a59feb41c6f64fc75
Commit URL:
http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=1707ade0606372744606418a59feb41c6f64fc75
Patch URL:
http
/CVE-2009-3895
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/commit/?id=0e440cb6d4d6ee029667363d244aff61b154c33c
For further information see:
[0] http://secunia.com/secunia_research/2009-43/
http://security-tracker.debian.org/tracker/CVE-2009-3909
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE
is to install the *real*
package, not the transitional one. That is, install readahead-fedora
or upgrade from readahead, but don't install readahead.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
, if they
are assigned before the issues are fixed.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
2009/10/29 Faidon Liambotis parav...@debian.org:
Raphael Geissert wrote:
A vulnerability has been reported in asterisk that allows a device to make
calls on networks intended to be prohibited as defined by the deny
and permit lines in sip.conf.
The original advisory can be found at:
http
Hi,
2009/10/29 Faidon Liambotis parav...@debian.org:
Raphael Geissert wrote:
Yes, the versions in testing and unstable (at least those that were
there before I reported it) were both affected. May I suggest you to
reply to the email in the future whenever you don't think it affects a
version
,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/CVE-2009-3627
[1]http://github.com/gisle/html-parser/commit/b9aae1e43eb2c8e989510187cff0ba3e996f9a4c
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
http://security-tracker.debian.org/tracker/CVE-2009-3546
Cheers,
--
Raphael Geissert - Debian Developer
Hi Noèl,
Has there been any progress on this issue? or should I consider preparing an
NMU?
This RC bug is blocking the migration of the fix for CVE-2009-3490 to testing.
Thanks,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc
,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
step.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
2009/10/10 Florian Weimer f...@deneb.enyo.de:
* Raphael Geissert:
Cc'ing the stable security team as I would some input from them. As
mentioned by Florian on IRC there's a bug on some browsers that
could let other websites predict the sequence of Math.random(). On
unstable the cryptojs
/init.d/,
/etc/rc*.d, or /lib/init I don't see any obvious command that could
fail under normal circumstances, at first glance.
Once this bug is fixed I'd recommend you to upgrade to the version in sid.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Hi,
On Friday 09 October 2009 08:35:36 Soeren Sonnenburg wrote:
On Fri, 2009-10-09 at 08:18 -0500, Raphael Geissert wrote:
Could you please modify the 'set -e' line and make it a 'set -xe' and
dpkg --configure --pending?
Attached.
Thanks
I guess it has something to do with the code
.
Seems like the migration of initserv (backup files) cause files to be
not found...
Do you mean insserv?
Could you also please provide the output of ls -lR /etc/rcS.d?
I will fix it in readahead-fedora by limiting the directory recursion, but
this case is strange.
Cheers,
--
Raphael Geissert
() attacks), but that can't be
done on neither stable nor oldstable.
And FWIW, I think that a larger and more random sid is better than the week
and poor currently being generated.
The patch needs some testing (mostly on the per-user sessions limit part),
though.
Cheers,
--
Raphael Geissert
as the package does have a soft dependency on the package needed by
the extra script.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
provide backtraces.
Regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi everyone,
Could you please test the 5.2.11 packages and check whether it keeps
segfaulting or not?
Thanks in advance.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject
the exact test conditions I used to test the symlink
attack, though, as I did it in a rush.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Hi,
[Please keep the bug CCed]
On Wednesday 16 September 2009 01:56:02 Federico Giménez Nieto wrote:
Hi Raphael,
2009/9/15 Raphael Geissert geiss...@debian.org
tag 546164 - patch
severity 546164 grave
retitle 546164 pear download directory is inherited from the build
thanks
Hi
++ Fixes bug where the arch: all package is not included in .changes
+
+ -- Raphael Geissert geiss...@debian.org Tue, 08 Sep 2009 18:37:35 -0500
+
strongswan (4.3.2-1) unstable; urgency=HIGH
Urgency high because of security issue and FTBFS.
diff -u strongswan-4.3.2/debian/rules strongswan-4.3.2
/subversion/bindings/swig/ruby/test/test_info.rb:29:in
`test_info'
219 tests, 1489 assertions, 1 failures, 1 errors
The full build log can be found at
https://buildd.debian.org/fetch.cgi?pkg=subversionver=1.6.5dfsg-1arch=powerpcstamp=1250968748file=log
Cheers,
--
Raphael Geissert - Debian
of the reasons why I preferred to implement my fix the way I
did it.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
it.
Well, I'm obviously biased, but I really prefer the pos() version as
it mimics exactly what the regex engine does.
And its bugs, as demonstrated above :)
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
201 - 300 of 450 matches
Mail list logo