Package: parted
Version: 1.6.25.1-1
Severity: grave
I overwrote a USB disk with shred, created an EFI GPT disk label
and two partitions with parted, used the partitions, shredded the
second of them again, made a new file system there, and copied
data to it. The next time I reconnected the disk,
Here is a recipe for reproducing the bug.
[EMAIL PROTECTED]:/var/tmp/kalle$ yes | dd bs=1k count=1k of=part
1024+0 records in
1024+0 records out
1048576 bytes (1,0 MB) copied, 0,094344 seconds, 11,1 MB/s
[EMAIL PROTECTED]:/var/tmp/kalle$ /sbin/parted part
GNU Parted 1.6.25.1
Copyright (C) 1998 -
tags 318508 + patch
quit
Daniel Schepler [EMAIL PROTECTED] writes:
From my build log (reproduced using pbuilder in an i386 chroot):
Also reproduced on AMD Duron running Debian i386.
Unfortunately, since this is in build-tree/db2 instead of
build-tree/db-2.7.7, I can't figure out how to get
package elinks
forwarded 399188 http://bugzilla.elinks.cz/show_bug.cgi?id=841
quit
Stefan Fritsch [EMAIL PROTECTED] writes:
A vulnerability has been found in elinks:
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed
allows remote attackers to execute arbitrary code via
package parted
found 349718 1.7.0-1
found 349718 1.7.1-1.1
quit
Otavio Salvador [EMAIL PROTECTED] writes:
Please, can you try to reproduce the bug in last version?
The GPT disklabels generated by 1.7.0-1 and 1.7.1-1.1 are
identical to what 1.6.25.1-1 incorrectly produced, except
the random
Steinar H. Gunderson [EMAIL PROTECTED] writes:
The attached patch moves the backup partition table one sector further out;
based on your analysis I'm fairly sure this is the right thing to do, but I
have zero experience with both parted code and GPT partitions, so I'd
appreciate if somebody
3b3b3712e96c7115d44f180758b71ee95aa43b59
parent a2c7af990b11e1772b9f3e26c372213aa0fb8b03
author Kalle Olavi Niemitalo [EMAIL PROTECTED] Sat, 09 Feb 2008 00:24:45 +0200
committer Kalle Olavi Niemitalo [EMAIL PROTECTED] Sat, 09 Feb 2008 00:24:45
+0200
NEWS|1 +
src/osdep/generic.h |2 +-
2 files
Kalle Olavi Niemitalo [EMAIL PROTECTED] writes:
There has been a similar warning in src/network/ssl/socket.c, at
the gnutls_transport_set_ptr call. That could also be silenced
with an extra cast, but this would in principle also require
changing the code that converts the pointer back
Olavi Niemitalo [EMAIL PROTECTED] Sun, 10 Feb 2008 11:20:33 +0200
committer Kalle Olavi Niemitalo [EMAIL PROTECTED] Sun, 10 Feb 2008 11:30:27
+0200
src/cache/cache.c |8 +---
src/cache/dialogs.c |8
src/dialogs/document.c |5 +++--
src/osdep/types.h
Frank Lichtenheld [EMAIL PROTECTED] writes:
| [CC] src/main/event.o
| cc1: warnings being treated as errors
| /build/buildd/elinks-0.12~20080127/src/main/event.c: In function
'unregister_event_hook':
| /build/buildd/elinks-0.12~20080127/src/util/math.h:36: error: assuming
signed
Julien Cristau [EMAIL PROTECTED] writes:
elinks (0.11.1-1.4) unstable; urgency=high
.
* Non-maintainer security upload.
* Don't look for gettext message catalogs in ../po/ (closes: #417789).
Thanks, Arnaud Giersch! Reference: CVE-2007-2027.
A less paranoid fix has been checked
Arnaud Giersch [EMAIL PROTECTED] writes:
I don't believe that this patch really solves the security issue. An
user may still be vulnerable if he wants to run his freshly compiled
(but not installed now) elinks. This user would typically run it as
/path/to/elinks/src/elinks. If his cwd is
http://repo.or.cz/w/elinks/miciah.git?a=shortlog;h=refs/heads/miciah/heartbeat
has a patch for this, using SIGVTALRM instead of SIGALRM
(which is not how the ecmascript.max_exec_time is documented
but should catch runaway scripts all the same).
I haven't tested it.
pgpHSHmaskgxp.pgp
Description:
Peter Fritzsche peter.fritzs...@gmx.de writes:
[LINK] src/elinks
/usr/bin/ld: lib.o: in function
setup_safeguard:spidermonkey.c(.text+0x52858): error: undefined reference to
'JS_SetBranchCallback'
This looks like a duplicate of Debian bug 551238,
where the same error occurred without
lam...@debian.org writes:
There was an error while trying to autobuild your package:
[...]
lib.o: In function `setup_safeguard':
spidermonkey.c:(.text+0xca082): undefined reference to `JS_SetBranchCallback'
This too looks like a duplicate of #551238.
pgpaYfoRMvvJp.pgp
Description: PGP
Package: kq-data
Version: 0.99.cvs20070319-1.1
Severity: serious
According to these posts to the kqlives-main mailing list in 2002-2004
http://sourceforge.net/mailarchive/message.php?msg_name=000901c2d8ac%2483171de0%248692fea9%40computer
(Re: [Kqlives-main] TT -- TroyD merge)
Kalle Olavi Niemitalo k...@iki.fi writes:
Even if the demoscene musicians who made these files are happy to
let people copy them, it still does not mean modifying them is
allowed, as Debian would require for packages in main.
Apparently, at least some of them can be distributed unmodified
package elinks
tags 529821 + fixed-upstream
quit
These bugs have been fixed in today's upstream ELinks 0.12pre4.
* Debian build bug 529821: Use ``pkg-config gnutls'' instead of
``libgnutls-config'', which is not included in GNUTLS 2.7.x.
You can no longer specify the location of GNUTLS using
We discussed this in IRC on 2009-07-18.
I think the plan was something like:
* Don't add threads.
* Use SIGALRM for both JS_TriggerOperationCallback and the
select() race, with the same signal handler function.
* Add a global variable that lists the scripts being evaluated.
Each element of
Gustavo Noronha Silva k...@debian.org writes:
While trying to build elinks on an i386 chroot (building also Arch:
all binaries) I got the following error:
make[1]: Entering directory
`/build/buildd-elinks_0.12~pre3-2-i386-to3MRQ/elinks-0.12~pre3/build-main/doc'
[CONF2DOC]
The kq and kq-data packages were removed from Debian because of
the unlicensed music: http://bugs.debian.org/575739
Meanwhile, the upstream KQ developers are tracking the music
licenses in their wiki. So far, the composer of aa_arofl.xm has
granted permission to distribute that file but not to
Dominique Dumont domi.dum...@free.fr writes:
I'll put back SSL support for Pan in Debian unstable once the problematic
code
is relicensed or re-written.
It looks like the license of GNUTLS 3.1.x may eventually be
changed from LGPLv3+ back to LGPLv2.1+. If that succeeds,
I believe it would
Dominique Dumont d...@debian.org writes:
Le jeudi 21 février 2013 23:12:28, vous avez écrit :
It looks like the license of GNUTLS 3.1.x may eventually be
changed from LGPLv3+ back to LGPLv2.1+. If that succeeds,
I believe it would solve the incompatibility with Pan.
David Prévot taf...@debian.org writes:
+ [ Kalle Olavi Niemitalo ]
+ * Temporarily allow scripts with recent iceweasel
+(Closes: #797043)
Those functions in noscriptService.js are used not only for
setting up the menu (from which the user could temporarily
whitelist sites), but also
David Prévot writes in Bug#797079:
> Uploaded (with the improved changelog and metadata suggested by Kalle),
> thanks.
I installed xul-ext-noscript 2.6.8.19-1~deb7u2 from
wheezy-proposed-updates, and it works OK.
However, I see the patch now has the following line:
Origin:
This message applies to gnumach 2:1.7+git20160809-2.
The following files are not used by "dpkg-buildpackage -uc -b
-nc", i.e. their atimes do not change during this binary-arch
build, and the build succeeds even if they are removed.
./ChangeLog.0
./ChangeLog.00
./DEVELOPMENT
./ddb/db_mp.h
Samuel Thibault writes:
> It is really non-technical work, a matter of using the check-copyright
> script to check that the various licences are referenced in
> debian/copyright (there is no hard need to reference files exactly,
> the only minimal need is knowing which
Samuel Thibault writes:
> But storeio can be used as an intermediate between the two.
"storeio --store-type=part 1:device:hd0" apparently supports
file_get_storage_info and reports the partition boundaries there,
so the I/O would not have to go through the storeio
My inventory of the licenses in gnumach 2:1.7+git20160809-2 is not
yet complete. I'm seeing two kinds of license violations so far.
University of Utah advertising clause vs. GNU GPL
-
Several files have a license notice like this:
> Copyright (c)
Package: hurd
Version: 1:0.8.git20160826-1
Severity: serious
File: /hurd/ext2fs.static
The ext2fs translator contains GPLv2-only code copied from Linux,
but it is linked (through libstore) with libparted, which is
GPLv3-or-later since 2007. This combination violates at least
one of the licenses.
Robert Luberda writes:
> According to GNU gettext documentation[1]: "The variable LANGUAGE is
> ignored if the locale is set to ‘C’."
That exception was added on 2001-01-03, for glibc 2.2.1.
In glibc 2.2, LANGUAGE used to override LC_ALL=C.
In Python 2.0 (released on
31 matches
Mail list logo