xenomai is marked for autoremoval from testing

2017-05-15 Thread Debian testing autoremoval watch
xenomai 2.6.4+dfsg-1 is marked for autoremoval from testing on 2017-06-15 It (build-)depends on packages with these RC bugs: 848066: kernel-package: build fails due to missing Documentation/Changes with kernel 4.9.0+ 849357: kernel-package: make-kpkg kernel_headers fails for linux 4.10-rc1;

Bug#862708: overread of heap-data in TNEFDefaultHandler by a missing null byte

2017-05-15 Thread bingosxs
Package: libytnef0 Version: 1.9.2-1 Severity: normal Tags: security Hi, We find the following code may cause over-read of buffer and leak extra bytes to the output. The reason is that the data char array is user controlled value and not guaranteed to end with a '\0' byte. So it

Bug#862707: Heap-buffer overrun: write extra bytes in TNEFFillMapi

2017-05-15 Thread bingosxs
Package: libytnef Version: 1.9.2-1 Severity: normal Tags: security Hi, We discover a buffer over-write problem in the T::NEFFillMapi functiion. The root cause of this problem is zero-byte allocation problem. in lib/ytnef.c:485 mp->data = calloc(mp->count, sizeof(variableLength));

cppunit1.13_1.13.2-3_amd64.changes is NEW

2017-05-15 Thread Debian FTP Masters
binary:libcppunit1.13-dev is NEW. binary:libcppunit1.13-dev is NEW. source:cppunit1.13 is NEW. Your package has been put into the NEW queue, which requires manual action from the ftpteam to process. The upload was otherwise valid (it had a good OpenPGP signature and file hashes are valid), so

Processing of cppunit1.13_1.13.2-3_amd64.changes

2017-05-15 Thread Debian FTP Masters
cppunit1.13_1.13.2-3_amd64.changes uploaded successfully to localhost along with the files: cppunit1.13_1.13.2-3.dsc cppunit1.13_1.13.2.orig.tar.gz cppunit1.13_1.13.2-3.debian.tar.xz cppunit1.13_1.13.2-3_amd64.buildinfo libcppunit-1.13-0v5_1.13.2-3_amd64.deb

cppunit1.13_1.13.2-3_amd64.changes REJECTED

2017-05-15 Thread Debian FTP Masters
libcppunit1.13-dev_1.13.2-3_amd64.deb: trying to install to new, but could not find source binary:libcppunit1.13-dev is NEW. === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns.

Processing of cppunit1.13_1.13.2-3_amd64.changes

2017-05-15 Thread Debian FTP Masters
cppunit1.13_1.13.2-3_amd64.changes uploaded successfully to localhost along with the files: cppunit1.13_1.13.2-3_amd64.buildinfo libcppunit-1.13-0v5_1.13.2-3_amd64.deb libcppunit1.13-dev_1.13.2-3_amd64.deb Greetings, Your Debian queue daemon (running on host usper.debian.org)

Processed: block 862696 with 862135 862134 862133 862132 862131 862130 862129 862128 862127 862126 862125

2017-05-15 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > block 862696 with 862135 862134 862133 862132 862131 862130 862129 862128 > 862127 862126 862125 Bug #862696 [release.debian.org] transition: cppunit 862696 was not blocked by any bugs. 862696 was not blocking any bugs. Added blocking bug(s) of

Bug#858178: uuidcdef: buffer overflow

2017-05-15 Thread Chris West
tags 858178 + patch thanks This is correctly diagnosing a buffer which is to small. The length of data written to the buffer is always constant, (20 bytes more than the length of the buffer), and not under user control, so there is probably not a security problem here. A patch, to increase the