On 5/31/2019 11:04 PM, Luca Filipozzi wrote:
> Before you ask: an insecure hypervisor is an insecure buildd.
Are we then looking more closely at AMD-based machines given that those
had less problems around speculative attacks?
Kind regards
Philipp Kern
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 13:30:35 +0800
Source: dolfin
Architecture: source
Version: 2018.1.0.post1-18
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Team
Changed-By: Drew Parsons
Changes:
dolfin (2018.1.0.post1-18)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 31 May 2019 23:19:49 -0700
Source: rust-clap
Architecture: source
Version: 2.33.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By: Ximin Luo
Changes:
rust-clap (2.33.0-2) unstable;
On Sat, 01 Jun 2019 11:04:28 -0700, Russ Allbery wrote:
> It's worth noting here that xscreensaver has an IMO serious security
> vulnerability (unless maybe this has been fixed?): because it doesn't
> integrate properly with the desktop, it doesn't hide desktop
> notifications.
I can't
Hi Russ, all,
On 19-06-01 11:04:28, Russ Allbery wrote:
> I did some research on that a while back and ended up not filing a bug
> about it because it looked relatively pointless. It appeared to be a
> deep design choice on both sides, and not something anyone was likely
> to solve, so I just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 22:27:18 +0200
Source: golang-github-alecthomas-chroma
Architecture: source
Version: 0.6.3+really0.6.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Dr. Tobias Quathamer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 22:46:03 +0200
Source: golang-github-pelletier-go-toml
Architecture: source
Version: 1.4.0+really1.2.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Dr. Tobias
On May 29 2019, Sam Hartman wrote:
> I'm certainly going to look at dck-buildpackage now, because what he
> describes is a workflow I'd like to be using within Debian.
>
> For some projects I want to ignore orig tarballs as much as I can. I'm
> happy with native packages, or 3.0 quilt with
Hey Adam
On 2019/06/01 18:29, Adam Borowski wrote:
> At the time of the xscreensaver debacle, there was no sane alternative
> (candidates depended on 80% of GNOME, offered no feedback nor discoverable
> controls to the user, etc). There _is_ a wonderful alternative now:
> xfce4-screensaver,
Adam Borowski writes:
> But, the culprit is light-locker. In general, it's in such a buggy
> state that I believe it shouldn't be in the distribution at all, much
> less a default of any kind. After it replaced xscreensaver[1] as the
> xfce's dependency, I went into some pretty heated
At 2019-06-01T09:04:39+0200, Philipp Kern wrote:
> Are we then looking more closely at AMD-based machines given that
> those had less problems around speculative attacks?
To borrow a phrase from Christopher Hitchens, this comment gives a
hostage to fortune.
My team at work closely follows (and
On Sat, Jun 01, 2019 at 11:06:42AM +0200, Andreas Tille wrote:
> > This appears to be a bug in light-locker specifically, which is the
> > default screen lock program with XFCE with lightdm. See, for instance:
> >
> > https://github.com/the-cavalry/light-locker/issues/114
> >
> > Switching to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 17:44:00 +0200
Source: debian-security-support
Architecture: source
Version: 2019.06.01
Distribution: unstable
Urgency: medium
Maintainer: Holger Levsen
Changed-By: Holger Levsen
Closes: 929384 929401 929404
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 17:49:27 +0200
Source: debian-edu-doc
Architecture: source
Version: 2.10.17
Distribution: unstable
Urgency: medium
Maintainer: Debian Edu Developers
Changed-By: Holger Levsen
Closes: 926971
Changes:
On Sat, Jun 01, 2019 at 06:29:31PM +0200, Adam Borowski wrote:
> Using unstable myself, I'm not sure what to recommend for Buster.
https://tracker.debian.org/pkg/physlock
signature.asc
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 17:05:46 +
Source: rust-ctrlc
Architecture: source
Version: 3.1.2-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By: Paride Legovini
Changes:
rust-ctrlc (3.1.2-1)
gregor herrmann writes:
> I can't reproduce this in a quick test:
> Terminal 1: sleep 5 ; notify-send foo
> Terminal 2: xscreensaver-command -lock
> No "foo" notification pops up over the screensaver image.
> (This is with awesome, maybe the story is different for desktop
> environments.)
> > Switching to another greeter from the default gtk-greeter appears to help
> > according to that bug, which may mean that the bug is actually in
> > lightdm-gtk-greeter. There doesn't appear to be a Debian bug for this; it
> > might be a good idea to open one against light-locker (or, if you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 09:51:42 +0200
Source: node-terser
Architecture: source
Version: 3.14.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Jonas Smedegaard
Closes: 929815
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 16:44:34 +0800
Source: python-meshio
Architecture: source
Version: 2.3.9-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers
Changed-By: Drew Parsons
Changes:
python-meshio (2.3.9-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 30 May 2019 19:20:23 +0200
Source: rspamd
Architecture: source
Version: 1.9.4-1
Distribution: experimental
Urgency: medium
Maintainer: Sebastien Badia
Changed-By: Sebastien Badia
Closes: 918027 929134
Changes:
rspamd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 11:43:39 +0200
Source: libreoffice
Architecture: source
Version: 1:6.3.0~beta1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian LibreOffice Maintainers
Changed-By: Rene Engelhard
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 15:17:16 +0200
Source: libevdev
Binary: libevdev-dev libevdev-doc libevdev2 libevdev2-udeb libevdev-tools
Architecture: source
Version: 1.6.901+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Stephen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 09:36:32 -0400
Source: liblo
Architecture: source
Version: 0.30-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Felipe Sateler
Changes:
liblo (0.30-1)
Hi Russ,
On Fri, May 31, 2019 at 06:32:52PM -0700, Russ Allbery wrote:
> (This probably belonged on debian-user, but since I have background on
> this specific problem and already did the research.)
While this seems to be a problem for debian-user its very sensible that
the issue was raised here
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 14:09:02 +0200
Source: units
Binary: units
Architecture: source
Version: 2.19-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Stephen Kitt
Changed-By: Stephen Kitt
Description:
units -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 12:44:41 -0300
Source: webcamoid
Binary: akqml akqml-dbgsym libavkys-dev libavkys8 libavkys8-dbgsym webcamoid
webcamoid-data webcamoid-dbgsym webcamoid-plugins webcamoid-plugins-dbgsym
Architecture: source amd64
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 02 Jun 2019 13:13:13 +0900
Source: firefox
Architecture: source
Version: 67.0-4
Distribution: unstable
Urgency: medium
Maintainer: Maintainers of Mozilla-related packages
Changed-By: Mike Hommey
Closes: 929846
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2019 17:56:05 -0400
Source: libheif
Architecture: source
Version: 1.3.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Reinhard Tartler
Closes: 928210
Changes:
libheif
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 02 Jun 2019 00:29:03 +0200
Binary: speech-dispatcher-baratinoo speech-dispatcher-baratinoo-dbgsym
speech-dispatcher-ibmtts speech-dispatcher-ibmtts-dbgsym speech-dispatcher-kali
speech-dispatcher-kali-dbgsym
On Sat, Jun 01, 2019 at 06:16:58AM +0530, Raj Kiran Grandhi wrote:
>
> In a fresh install of Buster with XFCE desktop, locking the screen
> blanks the monitor and the monitor enters a power save state. After
> that, neither moving the mouse nor typing on the keyboard would turn
> the monitor back
On Tue, May 28, 2019 at 06:43:55PM +0200, Dan wrote:
>
> The ZFS developers proposed the Linux developers to rewrite the whole
> ZFS code and use GPL, but surprisingly the linux developers didn't
> accept. See below:
> https://github.com/zfsonlinux/zfs/issues/8314
I've read the thread, and there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Jun 2019 23:09:21 +0200
Source: golang-github-spf13-viper
Architecture: source
Version: 1.3.2+really1.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Dr. Tobias Quathamer
"G. Branden Robinson" writes:
> My two cents[4] is that DSA should make its purchasing and hardware
> solicitation decisions with the architectural security issue fairly far
> down the priority list. It saddens me to say that, but this new class
> of exploits, what van Schaik et al. call
Georg Faerber writes:
> On 19-06-01 11:04:28, Russ Allbery wrote:
>> I did some research on that a while back and ended up not filing a bug
>> about it because it looked relatively pointless. It appeared to be a
>> deep design choice on both sides, and not something anyone was likely
>> to
Nikolaus Rath writes ("Re: Survey: git packaging practices / repository
format"):
> On May 29 2019, Sam Hartman wrote:
> > The thing his approach really seems to have going for it is that he
> > gives up on the debian history fast forwarding and instead rebases a lot
> > for a cleaner history.
>
On Tue, May 28, 2019 at 04:51:10PM +0100, Ian Jackson wrote:
>
> Modified Direct changes git merge
> upstream files,to upstream files (.dsc: 1.0-with-diff or
> plus debian/*. single-debian-patch)
> Maybe d/patches, depending.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 02 Jun 2019 12:42:20 +0900
Source: nss
Architecture: source
Version: 2:3.44+really3.42.1-1
Distribution: unstable
Urgency: medium
Maintainer: Maintainers of Mozilla-related packages
Changed-By: Mike Hommey
Changes:
nss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 02 Jun 2019 13:06:26 +0900
Source: nss
Architecture: source
Version: 2:3.44.0-1
Distribution: experimental
Urgency: medium
Maintainer: Maintainers of Mozilla-related packages
Changed-By: Mike Hommey
Changes:
nss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 02 Jun 2019 07:13:19 +0200
Source: josm
Binary: josm josm-l10n
Architecture: source all
Version: 0.0.svn15150+dfsg-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian GIS Project
Changed-By: Bas Couwenberg
40 matches
Mail list logo