Processing commands for cont...@bugs.debian.org:
> retitle 768485 dpkg: CVE-2014-8625: format string vulnerability
Bug #768485 [dpkg] dpkg: format string vulnerability
Changed Bug title to 'dpkg: CVE-2014-8625: format string vulnerability' from
'dpkg: format string vulnerability'
> thanks
Stoppin
Processing control commands:
> found -1 1.16.2
Bug #768485 [dpkg] dpkg: format string vulnerability
Marked as found in versions dpkg/1.16.2.
--
768485: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768485
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRI
Control: found -1 1.16.2
Hi!
On Fri, 2014-11-07 at 19:42:29 +0100, Jakub Wilk wrote:
> Package: dpkg
> Version: 1.17.21
> Tags: security
> # dpkg --dry-run -i printfvuln.deb
> dpkg: warning: parsing file '/tmp/dpkg.bgGIF3/control' near line 3 package
> 'printfvuln':
> '%42$d' is not a valid ar
Hello Guillem, All,
First of all thanks to everyone for the efforts to fix these problems. It seems
we've now got fixes in place both in (c)debootstrap and base-passwd, so
hopefully we're fine for the next few releases... :-)
On Fri, Nov 07, 2014 at 17:38:06 +0100, Guillem Jover wrote:
> On Fri,
Package: dpkg
Version: 1.17.21
Tags: security
# dpkg --dry-run -i printfvuln.deb
dpkg: warning: parsing file '/tmp/dpkg.bgGIF3/control' near line 3 package
'printfvuln':
'%42$d' is not a valid architecture name: must start with an alphanumeric
*** invalid %N$ use detected ***
Aborted
This was
Hi!
On Fri, 2014-11-07 at 08:30:39 +, Michael Tautschnig wrote:
> On Fri, Nov 07, 2014 at 8:34:49 +0100, Guillem Jover wrote:
> > Control: severity -1 serious
> > Control: retitle -1 dpkg: Correct fix breaks bogus assumptions in old
> > debootstrap
>
> I'd say the bug title ought to be "Cor
On Thu, Nov 06, 2014 at 02:06:07PM +, Michael Tautschnig wrote:
> At least Santiago's and my opinion diverge on whether base-passwd is presently
> in line with policy on 3.8 Essential packages. Therefore the route from here
> appears to hinge on interpreting policy in one of two ways: my point
Processing control commands:
> reassign -1 dpkg
Bug #768466 [php-htmlpurifier] php-htmlpurifier: fails to install
Bug reassigned from package 'php-htmlpurifier' to 'dpkg'.
No longer marked as found in versions php-htmlpurifier/4.6.0-1.
Ignoring request to alter fixed versions of bug #768466 to the
Santiago Vila (2014-11-07):
> On Fri, 7 Nov 2014, Michael Tautschnig wrote:
>
> > To stick with Santiago's earlier wording, we are now shooting the next
> > messenger (this time dpkg, after first working hard against base-files).
>
> Indeed. I would not like to see dpkg as the next "victim" of t
On Fri, 7 Nov 2014, Michael Tautschnig wrote:
> To stick with Santiago's earlier wording, we are now shooting the next
> messenger (this time dpkg, after first working hard against base-files).
Indeed. I would not like to see dpkg as the next "victim" of this problem.
Being able to bootstrap jes
On Fri, 07 Nov 2014, Guillem Jover wrote:
> I'm going to revert the commit above (only in 1.17.x, it will be kept
> in 1.18.x), because it is very minimal, just reintroduces again an
> unnecessary package queue stage, and such regression is acceptable if
> it makes buggy bootstrappers work again. B
Guillem, KiBi,
(It may be worthwhile taking a moment to read the bug logs of #766459 and
#767999.)
On Fri, Nov 07, 2014 at 8:34:49 +0100, Guillem Jover wrote:
> Control: severity -1 serious
> Control: retitle -1 dpkg: Correct fix breaks bogus assumptions in old
> debootstrap
>
I'd say the bug
Hi,
On Fri, Nov 07, 2014 at 1:02:18 +0100, Adam Borowski wrote:
> On Thu, Nov 06, 2014 at 10:32:34PM +, Michael Tautschnig wrote:
> > > I tested your patch when debootstrapping from squeeze, it did work.
> > > Should
> > > I test some more scenarios (cdebootstrap? 2-phase cross-arch deboot
13 matches
Mail list logo