!
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
Igalia - Free Software Engineeringhttp://www.igalia.com
~~~
commit ec02b476e5037b22e5f3060a6703f8a93770eb11
Author: Carlos Alberto
.
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
Igalia - Free Software Engineeringhttp://www.igalia.com
~~~
signature.asc
Description: OpenPGP digital
On 27/02/12 15:43, Michael Schmitt wrote:
Am 27.02.2012 13:07, schrieb Carlos Alberto Lopez Perez:
I can confirm this.
After the upgrade to cups=1.5.2-5 my printer Brother DCP-8065DN
BR-Script3 prints blank sheets.
I had workarounded this downgrading the package::
sudo apt-get install
Please use CVE-2012-0801 for this issue.
--
--
-- Kurt Seifried / Red Hat Security Response Team
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
Igalia - Free Software Engineering
Package: dma
Severity: grave
Justification: violates section-3.4.1 of rfc2822, therefore could make
unrelated software on the system to break or cause data loss (missing/bounced
e-mails)
DMA should append the system mailname (/etc/mailname), or the system hostname
when the mailname is not
Package: gajim
Version: 0.15-1.1
Severity: grave
Tags: security, upstream
Forwarded: https://trac.gajim.org/ticket/7252
Gajim does not seem to properly handle invalid/broken/expired
certificates. The _ssl_verify_callback function in tls_nb.py is called
by OpenSSL for every certificate in the
3
3
3
3
3
Needless to say that this only happens on Debian/KFreeBSD.
Neither on Debian/Linux nor in Debian/Hurd this behavior is reproducible.
Regards!
--
~~~
Carlos Alberto Lopez Perez http
On 18/07/12 19:37, intrigeri wrote:
Hi,
Carlos Alberto Lopez Perez wrote (05 Jul 2012 22:39:11 GMT) :
I don't think that the current version (1:1.1-3) should go into Wheezy
because of this issues. Perhaps (1:1.1-4) if the release team give an
exception could be the only chance of having
On 18/07/12 20:06, intrigeri wrote:
Carlos Alberto Lopez Perez wrote (18 Jul 2012 17:45:08 GMT) :
I have the new version ready on mentors.
Cool!
I will let you know when I get the OK from the release-team to the
unblock request.
Sure.
Seems that the release-team is not willing
On 21/07/12 02:51, intrigeri wrote:
I had a look at the debdiff. To be honest, I don't feel competent to
evaluate the gnutls/gcrypt patches myself, so I'd rather not upload
this into Debian unless I'm convinced upstream will integrate these
patches, or they are reviewed by a knowledgeable
On 21/07/12 04:32, intrigeri wrote:
hi,
Carlos Alberto Lopez Perez wrote (21 Jul 2012 02:08:33 GMT) :
This patches were already reviewed by upstream [1] and will be
committed to the aircrack-ng repository ASAP.
Looks good! :)
There are minor differences (in changes to src/Makefile
On 27/07/12 17:17, Hector Oron wrote:
Hello,
On Thu, Jul 19, 2012 at 06:56:03PM +0200, Carlos Alberto Lopez Perez wrote:
So, I would like to upload this new version [2] to unstable, but I need
a sponsor since Paul is on holidays.
Will you be willing to sponsor it or should I fill a RFS
Package: shoes
Version: 0.r396-5.2
Severity: grave
Justification: makes the package in question unusable
Hello,
I cannot make shoes work. No matter what command switch option I try
(man shoes), it always complains with: no such file to load -- rubygems
$ shoes -h
no such file to load --
On 28/07/12 00:13, Carlos Alberto Lopez Perez wrote:
* Removed patch 013-workaround-681113-kfreebsd.diff (not longer needed
since bug #681113 was fixed)
^^^
Seems that #681113 was fixed, but the build machines are running an
older version of eglibc, so the build broke on the kfreebsd
On 12/07/12 02:49, Adam Borowski wrote:
Could you please elaborate what exactly is the problem with compiz 0.8?
It works well; I use it at home (currently with xfce) and the only problem is
remembered window positions being wrong on startup.
At least the situation is worlds better than the
Hi!
When I was using gnome3 some months ago this bug annoyed me more than a
couple of times, I was able to work-around it by making the annoying
whale window to be a normal desktop window, so when it pop-ups you can
move it to a corner with the mouse and save your data before logging out.
To
Package: dma
Version: 0.0.2010.06.17-13
Severity: grave
Justification: makes unrelated software on the system break
dma is not able to handle the cc field (and possibly neither the
to: and bcc: fields) when multiple address are specified (comma
separated) on such field.
Take, for example the
.
Regards!
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
Igalia - Free Software Engineeringhttp://www.igalia.com
Not sure if #682308 is a duplicate of this bug, but I believe that this
is the case.
I was able to solve this issue by applying the third workaround on #682308
http://bugs.debian.org/682308
Regards!
signature.asc
Description: OpenPGP digital signature
On 03/11/12 17:46, Andreas Metzler wrote:
On 2012-10-24 Joerg Jaspert jo...@debian.org wrote:
[...]
Maybe the rebuild without gcrypt is a solution. I don't know, I have
no idea what other functionality then might be missing.
Hello,
It is not possible currently for Debian to use nettle
On 23/01/13 19:04, Andreas Metzler wrote:
On 2013-01-23 Carlos Alberto Lopez Perez clo...@igalia.com wrote:
severity 658896 serious
thanks
justification: Breaks unrelated software. It renders sudo unusable on
systems with LDAP/PAM
[...]
What fixed the issue was applying the patch
On 23/01/13 19:30, Carlos Alberto Lopez Perez wrote:
On 23/01/13 19:04, Andreas Metzler wrote:
On 2013-01-23 Carlos Alberto Lopez Perez clo...@igalia.com wrote:
severity 658896 serious
thanks
justification: Breaks unrelated software. It renders sudo unusable on
systems with LDAP/PAM
On 23/01/13 19:48, Andreas Metzler wrote:
On 2013-01-23 Carlos Alberto Lopez Perez clo...@igalia.com wrote:
On 23/01/13 19:04, Andreas Metzler wrote:
On 2013-01-23 Carlos Alberto Lopez Perez clo...@igalia.com wrote:
..]
I'm attaching the debdiff. I rebuilt libgcrypt11 with the attached
+1,14 @@
+openldap (2.4.31-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+
+ [ Carlos Alberto Lopez Perez ]
+ * debian/patches/fix-dropping-privileges-by-libgcrypt-secmem.diff:
+Ensure that we don't use secure memory when libgcrypt is initialized.
+Avoids dropping privileges
On 25/01/13 03:00, Howard Chu wrote:
Hi!
I have been digging on this issue and I found the ultimate cause of this
problem.
When sudo/su/passwd/insert-any-setuid-program-that-calls-getpwent() on
a system configured with PAM/LDAPs it chains into libldap, which uses
GnuTLS/libgcrypt to
reassign 658739 libldap-2.4-2 2.4.31-1
forcemerge 368297 658739
thanks
This bug is the same than #368297 and others.
I have attached a very small patch for openldap that solves the issue
for Wheezy.
It's here: http://bugs.debian.org/658896#104
signature.asc
Description: OpenPGP digital
On 28/04/13 02:50, micah wrote:
I will happily sign for that. However I would like to migrate the
package scm from svn to git. I have not experience packaging with svn
and learning to do that now will be a backwards step IMHO.
As I mentioned on IRC, I think that is a fantastic idea.
If
On 01/05/13 17:32, micah wrote:
Carlos Alberto Lopez Perez clo...@igalia.com writes:
On 28/04/13 02:50, micah wrote:
I will happily sign for that. However I would like to migrate the
package scm from svn to git. I have not experience packaging with svn
and learning to do that now
Package: checkinstall
Severity: grave
Version: 1.6.2-3
Justification: Renders the package unusable.
On a Debian/kFreeBSD AMD64 machine running sid,
checkinstall aborts with illegal instruction when
trying to build a package.
# checkinstall --install=no
checkinstall 1.6.2, Copyright 2009 Felipe
Package: typo3
Version: 4.3.9+dfsg1-1+squeeze7
Severity: grave
Tags: security, upstream
Hi,
It has been discovered that TYPO3 Core is susceptible to SQL Injection
and Open Redirection.
Here is the relevant information:
On 09/03/13 22:43, Carlos Alberto Lopez Perez wrote:
It has been discovered that TYPO3 Core is susceptible to SQL Injection
and Open Redirection.
Here is the relevant information:
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
A CVE number
reopen 702669
thanks
I'm reopening it because the fix was only uploaded to unstable (as far
as I can see).
signature.asc
Description: OpenPGP digital signature
On 10/03/13 23:43, Adam D. Barratt wrote:
Please don't do that; you just marked the bug as no longer fixed in
unstable.
The BTS is quite capable of tracking the status of the bug across
multiple suites. Having it closed with appropriate versions as soon as
any of them is fixed is the
On 03/04/13 16:09, Jack Bates wrote:
Hi, here is a blog post about this issue:
http://jdbates.blogspot.ca/2013/04/its-crazy-how-much-time-and-effort-one.html
Really very interesting stuff. Thanks for sharing
Now I'm convinced that the right fix for this is to revert upstream
On 18/04/13 20:24, Adam D. Barratt wrote:
On Thu, 2013-04-18 at 18:58 +0200, Werner Koch wrote:
On Tue, 16 Apr 2013 20:37, a...@adam-barratt.org.uk said:
libgcrypt maintainers - any thoughts on this?
Did anything change since my comments from 2010?
OpenLDAP needs to get it right and it
On 19/04/13 10:22, Werner Koch wrote:
On Fri, 19 Apr 2013 02:52, mgilb...@debian.org said:
1.a) Patch libgcrypt to revert commit
d769529a71ccda4e833f919f3c5693d25b005ff0
Urgs. That is a short sighted fix.
That seems to be the solution the rest of the open source community is
On 19/04/13 19:25, Julien Cristau wrote:
On Fri, Apr 19, 2013 at 19:07:02 +0200, Werner Koch wrote:
What about my suggestion on how to solve the problem?
If that solution is to have sudo itself call into libgcrypt, that
doesn't sound like a solution at all. sudo doesn't know how libldap
On 19/04/13 10:22, Werner Koch wrote:
While we are in the business of refreshing our URL memories, let me
follow up with:
http://thread.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/2198
Florian Weimer comes to the same conclusion regarding the PAM
architecture but also asked why
On 19/04/13 20:56, Werner Koch wrote:
Having said this, I don't see a reason why not to put the
responsibilities in the hands of the suid program authors. They anyway
wake up every night due to a nightmare telling them to check this and
that and - oh - I am using a library I didn't checked
On 20/04/13 00:08, Werner Koch wrote:
At least, I think that you should consider adding a new flag to
libgcrypt that allows the application/library developer to complete
disable the dropping privileges feature. Perhaps something like:
That was my suggesttion. Shall we go for that?
I
On 20/04/13 02:04, Werner Koch wrote:
On Sat, 20 Apr 2013 01:35, clo...@igalia.com said:
I think it would be a good idea to add this feature to libgcrypt.
See attached patch against master. It is not tested, though. You may
backport it to 1.5 and use it like this:
#if
On 20/04/13 20:18, Carlos Alberto Lopez Perez wrote:
So, we have the following chain of successes:
^ events
sudo/passwd/su/etc - libpam ---(if system==PAM/LDAP)-- libpam-ldap -
libldap ---(if URI==ldaps://)-- gnutls - libgcrypt
signature.asc
On 25/04/13 20:23, micah wrote:
Hi Carlos,
Carlos Alberto Lopez Perez clo...@igalia.com writes:
So please: update the package to a newer upstream version.
util-vserver was removed from wheezy as was the kernel support. It is
not surprising that this version doesn't work, it only
On 26/04/13 16:38, micah wrote:
Carlos Alberto Lopez Perez clo...@igalia.com writes:
I don't think this is an appropriate approach to deal with this problem.
I rather would ask you to remove the package util-vserver from Debian
sid completely than to have it in a broken state.
Well
Hi Micah!
As we discussed some months ago, I would like to take care of the
package util-vserver.
I have migrated the repository to git [1], and I have prepared a new
upload that fixes the this bug (#648160) as also #605473 and #586510
This new upload sets me as the new maintainer of the
On 26/08/13 17:51, micah wrote:
Hi Carlos!
A quick reply because I do not have very much time. I wanted to let you
know that I am happy to have a look and sponsor it, but I wont have time
until first week of Sept.
Sorry I can't do it quicker, but I will!
micah
No problem. There is no
This is a me-too report.
I have just upgraded from 1.0.3-1 to 1.1.1-1 of libvirt-bin and when
I tried to start a VM from virt-manager I got the following error:
Error starting domain: internal error: Missing '/' separator in cgroup mount ''
Traceback (most recent call last):
File
And again...
$ sudo apt-get install linux-headers-3.9-1-amd64
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
On 26/08/13 22:03, Carlos Alberto Lopez Perez wrote:
On 26/08/13 17:51, micah wrote:
Hi Carlos!
A quick reply because I do not have very much time. I wanted to let you
know that I am happy to have a look and sponsor it, but I wont have time
until first week of Sept.
Sorry I can't do
On 24/04/12 17:25, Thorsten Glaser wrote:
Hi all,
this bug has been brought to my attention by my boss today.
If I understand the situation correctly, the problem is:
• OpenLDAP links against GnuTLS (gnutls26)
• gnutls26 links against gcrypt, which has the bug
• gnutls28 links against
On 12/02/14 22:58, Arthur Marsh wrote:
Florian Schlichting wrote, on 13/02/14 07:48:
Hi Arthur, Carlos,
the issue you reportied looks a lot like
https://github.com/the-tcpdump-group/libpcap/issues/333 or
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733747, which was
fixed in
found 726661 1:6.4p1-2
thanks
Hi,
Current version on testing is also affected.
I hit this bug after upgrading a machine. After rebooting it I was unable to
login again.
On /var/log/auth.log was the following error:
sshd[10480]: error: PAM: pam_open_session(): Cannot make/remove an entry for
On 13/02/14 22:19, Colin Watson wrote:
On Thu, Feb 13, 2014 at 08:14:15PM +0100, Carlos Alberto Lopez Perez wrote:
I hit this bug after upgrading a machine. After rebooting it I was
unable to login again.
Unfortunately I haven't successfully reproduced this yet ...
On /var/log/auth.log
On 10/05/14 05:26, Josh Triplett wrote:
If the maintainers of the packages involved have done their jobs well
(and they have), upgrading should be an entirely smooth process. Much
like upgrading to a new version of the Linux kernel or a new bootloader,
you won't actually get the new version
Package: ttf-root-installer
Version: 5.34.19+dfsg-1.1
Severity: grave
Hi, when upgrading my system ttf-root-installer
broke the upgrade because its configure script failed.
I tried to purge it completely and install it again,
unfortunately it broke again:
$ sudo apt-get install
Seems on the past there were also problems with this file served via
ftp. https://bugs.launchpad.net/ubuntu/+source/root-system/+bug/349860
signature.asc
Description: OpenPGP digital signature
Hi,
Just installed tribler on debian testing, and I'm running it without
problems.
So far I didn't hit the bug that is reported here.
signature.asc
Description: OpenPGP digital signature
On 16/01/15 01:12, Sebastian Ramacher wrote:
Control: tags 774163 + patch
Control: tags 774163 + pending
Dear maintainer,
I've prepared an NMU for root-system (versioned as 5.34.19+dfsg-1.2) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Cheers
Are you using dm-crypt?
Then this may be related to another bug that appeared on 4.0. See:
http://thread.gmane.org/gmane.linux.kernel/1942014
The following issue on RH's tracker is also related:
https://bugzilla.redhat.com/show_bug.cgi?id=1223332
I can confirm that last bug (dm-crypt). I
Hi,
Thanks for this patch.
I was having trouble (crashes with the NVIDIA proprietary driver) on a
Debian system with an i7-5775C and libc6=2.19-18+deb8u1 (stable)
I tried first to update the Intel microcode with the "unreleased" 0x13
microcode version but it didn't disabled the TSX-NI
On 23/10/15 22:10, Henrique de Moraes Holschuh wrote:
> On Fri, Oct 23, 2015, at 11:13, Carlos Alberto Lopez Perez wrote:
>> I was having trouble (crashes with the NVIDIA proprietary driver) on a
>> Debian system with an i7-5775C and libc6=2.19-18+deb8u1 (stable)
>
> Thi
On 26/10/15 20:13, Carlos Alberto Lopez Perez wrote:
> On 23/10/15 22:10, Henrique de Moraes Holschuh wrote:
>> On Fri, Oct 23, 2015, at 11:13, Carlos Alberto Lopez Perez wrote:
>>> I was having trouble (crashes with the NVIDIA proprietary driver) on a
>>> Debian system
On 09/08/16 16:35, Petter Reinholdtsen wrote:
> [ Antonio Russo 2016-07-11 ]
>> Sorry, there is no 0.6.5.8 release. The fix does exist in the master branch,
>> however. (bc77ba7: OpenZFS 6513 - partially filled holes lose birth time)
>
> As far as I can see from
Package: apache2
Version: 2.4.23-3
Severity: grave
On a new fresh created Debian Sid ADM64 chroot, installing apache2 is not
possible:
$ sudo apt-get install -y apache2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were
Package: libpam-ldap
Version: 186-3
Severity: grave
libpam-ldap 184-8.7 (Jessie) installed a config file on
/usr/share/pam-configs/ldap
telling pam-auth-update how it should re-configure the files on /etc/pam.d when
the
command pam-auth-update is executed (that the package libpam-ldap executes
On 11/06/2020 18:34, Michael Borg wrote:
> Yep I know but I cannot tell all my customers to run this workaround, some
> of our users are not experienced at all The only thing I see here is
> that I need to provide a hotfix ourselves. We cannot wait for days... You
> are saying we cannot make
Source: libayatana-appindicator
Severity: serious
Version: 0.5.92-1
Version: 0.5.93-1
The package of libayatana-appindicator on Debian is not building from the
right orig tarball as indicated on the package version.
Both package versions on Debian 12 and testing (versions 0.5.92-1 and
67 matches
Mail list logo
