Hi,
despam@shakotay:~$ clamdscan /usr/share/clamav-testfiles/*
clamdscan-test-output.NEW
despam@shakotay:~$ diff clamdscan-test-output clamdscan-test-output.NEW
8c8
/usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND
---
Hello,
thank you for looking into it.
On Sat, May 30, 2015 at 12:45:23PM +0200, Andreas Cadhalpun wrote:
This is really strange...
After some more debug, the problem preexisted for other archivers,
it just had one more added. See the OKs in the test script
attached to the bug report.
Could
Hello,
root@reliand:/home/schaefer# /usr/sbin/update-flashplugin-nonfree --status
Flash Player version installed on this system : 11.2.202.616
[---]
Flash Player version available on upstream site: 11.2.202.621
[ ... ]
Happens even if you
On Mon, Feb 08, 2016 at 09:23:35AM +0100, Matus UHLAR - fantomas wrote:
> after updating libc6 to 2.11.3-4+deb6u9 we have notices all apache servers
> with mod_php loaded to crash after reload, with message:
I don't really use PHP often myself, but on a legacy system, I can observe:
fs1-new:~#
Hello,
I am under the impression that most mirrors, in the world, have
emptied their squeeze-lts mirror. If yes, where can the files
be found ?
Thank you.
Hello,
RT 4.0 will also reach EOL on February 15, 2017.
http://lists.bestpractical.com/pipermail/rt-announce/2016-September/000293.html
Will the LTS team support it, provide an upgrade path, or drop it?
Even wheezy-backports has a 4.0.x
Thank you :)
Hello,
On Fri, May 04, 2018 at 09:20:54AM +0200, Raphael Hertzog wrote:
> it's sitting in jessie-proposed-updates and will only be in the main
> repository after the next (final?) point release.
Ah, yes, of course. Didn't think of that!
> In the mean time you can add jessie-proposed-updates to
Hello,
I just upgraded a wheezy-LTS machine to jessie.
I see the following:
- libclamav7 is version 0.99.2+dfsg-0+deb8u2 in jessie
(see
https://packages.debian.org/search?keywords=libclamav7=names=oldstable=all)
- libclamav7 is version 0.99.4+dfsg-1+deb7u1 in wheezy-security
On Sat, Jan 27, 2018 at 05:34:00PM -0500, Roberto C. Sánchez wrote:
> I am curious as to what others might think of including an additional
As a "LTS user", I am supporting this. BTW your update(*) passed my test,
where previous releases didn't (see
Hello,
On Sun, Dec 01, 2019 at 09:04:07AM +0100, Marc SCHAEFER wrote:
> the latest asterisk updates, with some documented changes in chan_sip,
> has an issue for me (i386):
Thank you for fixing this, however I have experimented my first asterisk
crash in so many years that I preferred to
Hello,
the latest asterisk updates, with some documented changes in chan_sip,
has an issue for me (i386):
[Dec 1 08:33:44] WARNING[5039]: loader.c:439 load_dynamic_module: Error
loading module 'chan_sip.so': /usr/lib/asterisk/modules/chan_sip.so: undefined
symbol: ast_format_cap_count
[Dec 1
Hello,
42,43c42,43
< /usr/share/clamav-testfiles/clam-v2.rar: Clamav.Test.File-6 FOUND
< /usr/share/clamav-testfiles/clam-v3.rar: Clamav.Test.File-6 FOUND
---
> /usr/share/clamav-testfiles/clam-v2.rar: OK
> /usr/share/clamav-testfiles/clam-v3.rar: OK
49c49
< Infected files: 41
---
> Infected
On Sun, Jun 06, 2021 at 08:38:17PM +0200, Anton Gladky wrote:
> Multiple security issues have been discovered in libwebp
I always liked the idea of putting what a package really is used for / does in
the security advisories.
Something like:
Lossy compression of digital photographic images
Hello,
I use an Acer One AO1-132-C8P1 quite frequently, see here [1]
It worked very well, since the -16 kernel update. This create frequent
hangs, sometimes starting at the *dm login window.
Reverting to -15 works around the problem.
I have not yet planned to upgrade to buster on this, but I
On Tue, Jul 06, 2021 at 01:33:52PM +0200, Marc SCHAEFER wrote:
> It worked very well, since the -16 kernel update. This create frequent
until.
-16 fails
-15 works.
On Sat, Oct 02, 2021 at 01:45:33PM +0200, Anton Gladky wrote:
> Package: plib
> Version: 1.8.5-7+deb9u1
> CVE ID : CVE-2021-38714
>
> One security issue has been discovered in plib.
Yes, what is the purpose of this library? This helps planning upgrades.
Other advisories
Hello,
On Fri, Aug 25, 2023 at 01:41:36PM +0200, Christopher Huhn wrote:
> Given that will give you an updated package in Bullseye you'd still have to
> change your code to change the GDBM_PREREAD behaviour.
Do you mean that something changed in bookworm that will create a problem for
my
Hello,
Thank you for your answers.
In short: the work-around that I mentionned in the bug report is in place, and
it works for me. The problem is "solved" for me and it does not look that any
further effort to fix it in bullseye will work.
Long version:
Although it seems that ALL users of that
Hello,
On Tue, Aug 29, 2023 at 05:25:01AM +, Nitin Singh wrote:
> I am using debian10 base distribution along with linux-kernel 4.19.x.
> I wanted to test my application along with linux kernel version-6.1.x
> .
> I know that it is not supported officially not work>, but is it possible to
Hello,
AFAIK is bullseye not yet LTS-handled.
Will LTS fixes important bugs, or only security fixes?
I reported this:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043023
I have a local work-around (keep the buster version), and the maintainer also
proposed another local work-around.
Hello,
On Mon, Jun 27, 2022 at 04:01:46PM +0200, Enrico Zini wrote:
> Alternatively, is it worth reaching out to those who have sox installed
> to figure out what they are using it for, and reassess those
> vulnerabilities based on the kind of exposure that sox is actually
> having?
I am for
Hello,
On Tue, Jun 28, 2022 at 01:24:38PM +0200, Emilio Pozuelo Monfort wrote:
> On 27/06/2022 16:33, Marc SCHAEFER wrote:
> > On another subject, I still get the ntp warnings even after updating tzdata,
> > and restarting ntpd manually, also with buster:
> >
> > J
On Thu, Jun 09, 2022 at 09:49:31AM +, Schmidt, Bernhard wrote:
> /usr/share/zoneinfo/leap-seconds.list is provided by the tzdata
> package. That one would need to be updated in Buster.
Thank you, forgot to verify that.
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012191
And there is
Hello,
buster is not yet handled by LTS, but it will be soon AFAIK.
Jun 9 09:10:02 virtual ntpd[20743]: leapsecond file
('/usr/share/zoneinfo/leap-seconds.list'): will expire in less than 19 days
Could you look into it, or should I still report a bug against
buster's ntpd?
Thank you.
Hello,
I would like to test (mainly on buster), but so far I have not found the
time to do so.
When do you intend to release this:
> I have prepared two security updates of Asterisk, a Private Branch Exchange,
> one for Bullseye and one for Buster. The update will address 27 CVE in Buster
> and
On Tue, Oct 25, 2022 at 05:11:58PM +0200, Markus Koschany wrote:
> I can wait a few days more but wanted to release at the end of the month at
> the
> latest.
So, I won't be able to test in that time frame, release :)
signature.asc
Description: PGP signature
Hello,
CERT-FR considers three new Apache2 vulnerabilities to be of concern [1].
These are:
CVE-2022-37436 [2]
CVE-2022-36760 [3]
CVE-2006-20001 [4]
The first one will modify how clients may apply some security headers if a
malicious backend triggers this bug (some headers will be in the
Hello,
On Thu, Mar 30, 2023 at 09:16:41AM +0200, Badr BENZERKANE wrote:
> For a task to do it, I need to install a light operating system for our
> industrial computer and as I searched on the Internet I based it on Debian
> 10.13 netinst because I want a version without desktop environment and I
28 matches
Mail list logo
