Just noticed that mediawiki hit the announcement list thank you!
The peasants rejoice! :-)
- Chris
On Mon, Nov 20, 2023 at 09:20:37AM +0100, Guilhem Moulin wrote:
> Hi,
>
> On Sat, 18 Nov 2023 at 03:39:33 -0500, Chris Frey wrote:
> > I noticed that MediaWiki has suffered fro
I noticed that MediaWiki has suffered from the following CVE's for
a while:
CVE-2023-45363
CVE-2023-45362
CVE-2023-45360
Is the work-in-progress available via git somewhere?
Is there something I can do to help?
Thanks,
- Chris
On Wed, Sep 20, 2023 at 02:35:30PM -0300, Santiago Ruano Rincón wrote:
> I kept the original From, tagged the Origin as backport, and kept your
> name as Author.
> Hope that makes sense for you.
>
> Thanks a lot for your work!
I saw it percolate through the updates today. Thanks very much!
-
On Sun, Sep 17, 2023 at 08:34:57PM +0300, Santiago Ruano Rincón wrote:
> Chris, thanks for preparing the patches. Much appreciated. I have a
> question though: Why are you placing those two patches in
> debian-specific, and not in upstream/? They come from the upstream repo.
I only put them there
.patch
new file mode 100644
index 000..33f5cb5
--- /dev/null
+++ b/debian/patches/debian-specific/Check-for-NULL-userhdrs.patch
@@ -0,0 +1,56 @@
+From: Chris Frey
+Date: Fri, 15 Sep 2023 08:41:00 -0400
+Subject: Check for NULL userhdrs.
+Bug-Debian: https://bugs.debian.org/1051563
+Bug-Debian-Secur
On Sun, Sep 03, 2023 at 01:34:07AM +0530, Utkarsh Gupta wrote:
> Hey,
>
> On Fri, Sep 1, 2023 at 5:49 AM Chris Frey wrote:
> > I see firefox esr 102.15.x has been released on bullseye.
> >
> > Do I dare hope that buster will be blessed with a similar update?
>
I see firefox esr 102.15.x has been released on bullseye.
Do I dare hope that buster will be blessed with a similar update?
Thanks!
- Chris
On Tue, Aug 08, 2023 at 12:24:17PM +0200, Emilio Pozuelo Monfort wrote:
> Hi Chris,
>
> On 07/08/2023 23:57, Chris Frey wrote:
> > I
On Fri, Aug 25, 2023 at 07:02:07AM -0400, Roberto C. Sánchez wrote:
> To claim that "because this bug affects me, it *must* be
> fixed, even when it does not meet the criteria for a normal security bug
> and when the maintainer thinks there is a risk of breaking working
> configurations for other
On Tue, Aug 08, 2023 at 11:10:11AM -0400, Roberto C. Sánchez wrote:
> Emilio probably meant that the choices were:
>
> - delay the buster update to do a bunch of toolchain updates (could take
> quite a long time)
> - grab the latest 102.x.x from git, which wouldn't be quite as quick as
> a
On Tue, Aug 08, 2023 at 12:24:17PM +0200, Emilio Pozuelo Monfort wrote:
> Given that the package is no longer in sid, I had a little trouble preparing
> the backport from the git repository. That's sorted now, and the update
> should go out today or tomorrow, once testing on my part has been done.
I noticed firefox security updates for 102.14.x have been released for
bullseye and bookworm, but not for buster (still on 102.13.x)
Anything that an outsider can do to help with that?
Thanks,
- Chris
On Fri, Jun 09, 2023 at 05:51:20PM +0200, Andreas Beckmann wrote:
> PS: due to popular demand, I keep applying patches to the (long EoL) 340
> series in sid for supporting building against the latest kernels
Thanks for that, btw, as I still have that old hardware. The official
drivers have
On Fri, May 19, 2023 at 08:45:23PM +0200, Sylvain Beucler wrote:
> On 05/05/2023 05:14, Chris Frey wrote:
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035537
>
> At first glance, it looks like this could lead to data corruption, and hence
> warrant a 'grave' s
I'd like to give a gentle nudge to the following bug, which affects
both Bullseye and Buster:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035537
If it can be fixed in LTS, that would be great.
Thanks!
- Chris
I recently tried getting the latest FreeDOS running in qemu. I had a rough
time getting it going, with the drives being rather unreliable,
both C: and the cdrom. Even general reboot behaviour was not consistent.
I tracked it down to seabios, from this post:
On Wed, Sep 14, 2022 at 01:54:40PM +0200, Emilio Pozuelo Monfort wrote:
> Your top-commit looks very similar to the one from Santiago on [1]. I'd
> rather use that to give him credit as he proposed the fix first (plus using
> CPPFLAGS seems more correct for this flag). In addition to that, the
On the other hand, the fix has been known since 2019 and looks like a
prime problem for an LTS newbie volunteer like me.
I have created the fix based on the Debian/bzip2 repo, the fix is in
the debian/buster branch.
git clone http://digon.foursquare.net/debian-buster-bzip2/.git
I have
My apologies, this is incorrect. This is PEBKAC error. Sorry for the noise!
- Chris
On Thu, Aug 04, 2016 at 04:05:06PM -0400, Chris Frey wrote:
> Hi,
>
> I noticed in the recent security updates that mysql-client-5.5 and
> mysql-server-5.5 have a new dependenc
When I recently upgraded, there was a bug in the script, I think.
I didn't spend a lot of time debugging it, since uninstall/reinstall
fix it.
Below is what happened, from the command line.
- Chris
root@oldoldvictory:~# apt-get upgrade
Reading package lists... Done
Building dependency tree
19 matches
Mail list logo
