Hi Luca,
On Mon, 12 Jun 2023 15:33:45 +0100 Luca Boccassi wrote:
> Dear Release Team,
>
> We would like to upload the latest stable point release of systemd 252
> to bookworm-p-u. Stable release branches are maintained upstream with
> the intention of providing bug fixes only and no
On 23.11.22 21:48, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Sun, 2022-10-30 at 10:31 +0100, Felix Geyer wrote:
Fixing the no-dsa tagged CVE-2021-42260
[ Impact ]
DoS vulnerability
Please go ahead.
Uploaded, thanks!
Felix
@@
+tinyxml (2.6.2-4+deb11u1) bullseye; urgency=medium
+
+ * Import fix for CVE-2021-42260.
+- Add CVE-2021-42260.patch
+
+ -- Felix Geyer Thu, 20 Oct 2022 16:32:51 +0200
+
tinyxml (2.6.2-4) unstable; urgency=medium
[ Helmut Grohne ]
diff -Nru tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch
of
+containers (Closes: #989490)
+ * Explicitly pass the containerd socket path to dockerd to make sure it
+doesn't start containerd on its own.
+
+ -- Felix Geyer Mon, 30 May 2022 20:34:49 +0200
+
docker.io (20.10.5+dfsg1-1+deb11u1) bullseye; urgency=medium
* Backport patches for CVE-2021-41089
On 03.12.21 17:40, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Thu, 2021-11-25 at 19:29 +0100, Felix Geyer wrote:
On Sun, 10 Oct 2021 14:34:30 +0200 Felix Geyer
wrote:
libseccomp 2.5.1 only knows about syscall up to Linux 5.8.
The proposed changes add the syscalls up to Linux 5.14
On Sun, 10 Oct 2021 14:34:30 +0200 Felix Geyer wrote:
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
libseccomp 2.5.1 only knows about syscall up to Linux 5.8.
The proposed changes add the syscalls up to Linux
; urgency=medium
+
+ * Add support for syscalls up to Linux 5.14.
+
+ -- Felix Geyer Sun, 10 Oct 2021 13:35:59 +0200
+
libseccomp (2.5.1-1) unstable; urgency=medium
* New upstream release.
diff -Nru libseccomp-2.5.1/debian/patches/series
libseccomp-2.5.1/debian/patches/series
--- libseccomp
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
util-linux doesn't know about the new capabilities from Linux 5.9 yet, e.g.:
% setpriv --bounding-set -all echo test
setpriv: libcap-ng is too old for "all" caps
The problem is not
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
util-linux doesn't know about the new capabilities from Linux 5.8 yet, e.g.:
% setpriv --bounding-set -all echo test
setpriv: libcap-ng is too old for "all" caps
The problem is not
Hi Julien,
On 03.12.18 08:16, Julien Cristau wrote:
Looks fine to upload, go ahead.
Thanks, uploaded.
Cheers,
Felix
On 01.11.18 21:24, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2018-09-09 at 00:15 +0200, Felix Geyer wrote:
>> libseccomp in stretch doesn't support some Linux 4.9 syscalls and
>> statx so whitelisting/blacklisting them is not possible.
>>
>
loc and pkey_free
+ * Add support for the statx syscall.
+
+ -- Felix Geyer Sat, 08 Sep 2018 21:34:13 +0200
+
libseccomp (2.3.1-2.1) unstable; urgency=medium
[ Martin Pitt ]
diff -Nru libseccomp-2.3.1/debian/patches/29-syscalls-linux4.9.patch
libseccomp-2.3.1/debian/patches/29-syscalls-linux
Hi Bas,
On 24.04.2018 15:08, Bas Couwenberg wrote:
> Hi Felix,
>
> Thanks for caring about icinga2.
>
> Please help maintain the package withing the Nagios team.
>
> On 2018-04-24 14:59, Felix Geyer wrote:
>> I'd like to upload this fix to stretch, debdiff is atta
@@
+icinga2 (2.6.0-2+deb9u1) stretch; urgency=medium
+
+ * Fix timestamps being stored as local time in PostgreSQL.
+
+ -- Felix Geyer <felix.ge...@credativ.de> Mon, 23 Apr 2018 15:47:44 +0200
+
icinga2 (2.6.0-2) unstable; urgency=medium
* [e0f34e4] Add patch 41_ido_m
On 23.02.2018 18:30, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Tue, 2018-02-06 at 13:45 +0100, Felix Geyer wrote:
>> I'd like to fix bug #889040 in stretch:
>>
>> * Fix backups failing with "No Volume name given".
>> - Backport
/changelog 2018-02-02 10:58:25.0 +0100
@@ -1,3 +1,11 @@
+bareos (16.2.4-3+deb9u2) stretch; urgency=medium
+
+ * Fix backups failing with "No Volume name given". (Closes: #889040)
+- Backport upstream commit: Don't return empty volname if volume is on
+ unwanted vol
On 08.08.2017 22:00, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Tue, 2017-08-08 at 07:52 +0200, Felix Geyer wrote:
>> Control: tags -1 - moreinfo
>>
>> On Mon, 31 Jul 2017 00:24:41 +0200 Felix Geyer <fge...@debian.org> wrote:
>>> U
On 08.08.2017 21:47, Adam D. Barratt wrote:
>> So far as I can tell, the logrotate issues also affects the package in
>> unstable - is that correct?
>
> It looks like that was resolved in a subsequent upload.
>
> Please go ahead.
Uploaded, thanks!
Felix
Control: tags -1 - moreinfo
On Mon, 31 Jul 2017 00:24:41 +0200 Felix Geyer <fge...@debian.org> wrote:
> Uh, you are right of course. Not sure how I missed that. Thanks for checking!
> I've just upload 16.2.6-3 with those changes to unstable.
>
> While looking further
On 30.07.2017 23:41, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On Sun, 2017-07-30 at 21:41 +0200, Felix Geyer wrote:
>> I'd like to fix three bugs in bareos for stretch:
>>
>> * Fix permissions of bareos-dir logrotate config on upgrade. (Closes:
ade. (Closes:
#864926)
+ * Remove duplicate config check call in the init script.
+- Avoids (harmless) warning when /etc/bareos/bareos-dir.conf doesn't exist.
+ * Fix file corruption when using SHA1 signature. (Closes: #869608)
+ * Add autopkgtest for SHA1 signature.
+
+ -- Felix Geyer
On Sun, 30 Jul 2017 21:37:20 +0200 Felix Geyer <fge...@debian.org> wrote:
> debdiff is attached.
Now for real.
Felix
diff --git a/debian/bareos-director.postinst b/debian/bareos-director.postinst
index 3fa2b4d7..4c92a068 100644
--- a/debian/bareos-director.postinst
+++ b/debi
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I'd like to fix two bugs in bareos for jessie:
* Fix permissions of bareos-dir logrotate config. (Closes: #864926)
Causes logrotate to not work because the config was
Hi KiBi,
On 02.07.2017 23:25, Cyril Brulebois wrote:
> Control: tag -1 confirmed
>
> Hi Felix,
>
> Felix Geyer <fge...@debian.org> (2017-06-29):
>> I'd like to fix CVE-2012-6706 in stretch, see #865461 for details.
>> debdiff is attached.
>
> This looks
Hi KiBi,
On 02.07.2017 23:27, Cyril Brulebois wrote:
> Control: tag -1 confirmed
>
> Hi,
>
> Felix Geyer <fge...@debian.org> (2017-06-29):
>> I'd like to fix CVE-2012-6706 in jessie, see #865461 for details.
>> debdiff is attached.
>>
>> The same
+
+ * Add bound checks for VMSF_DELTA, VMSF_RGB and VMSF_AUDIO paramters.
+- Backported from 5.5.5
+- CVE-2012-6706
+- Closes #865461
+
+ -- Felix Geyer <fge...@debian.org> Thu, 22 Jun 2017 20:47:18 +0200
+
unrar-nonfree (1:5.2.7-0.1) unstable; urgency=high
* Non-main
, VMSF_RGB and VMSF_AUDIO paramters.
+- Backported from 5.5.5
+- CVE-2012-6706
+- Closes #865461
+
+ -- Felix Geyer <fge...@debian.org> Wed, 28 Jun 2017 00:10:20 +0200
+
unrar-nonfree (1:5.3.2-1) unstable; urgency=medium
* New upstream release (Closes: #759586)
diff -Nru unrar-n
+
+ * Fix Makefile install-data-hook dependency. (Closes: #859712)
+- Add install-ordering.diff, thanks to Adrian Bunk.
+
+ -- Felix Geyer <fge...@debian.org> Sun, 09 Apr 2017 18:27:14 +0200
+
vnstat (1.15-1) unstable; urgency=medium
* New upstream release.
diff -Nru vnstat-1.15/
On Sun, 05 Jun 2016 15:56:35 +0100 "Adam D. Barratt"
wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2016-06-05 at 15:56 +0200, Pierre Schweitzer wrote:
> > A security issue was found in quassel-core (CVE-2016-4414), allowing an
> > unauthenticated remote client to
FindOpenSSL module to detect OpenSSL 1.0.1t. (Closes: #826656)
+- Add FindOpenSSL-fix-detection-of-OpenSSL-1.0.2.patch
+- Add FindOpenSSL-Tolerate-tabs-in-header-while-parsing-ve.patch
+
+ -- Felix Geyer <fge...@debian.org> Tue, 07 Jun 2016 16:50:32 +0200
+
cmake (3.0.2-1) un
upstream commits in d/patches/fix-tls-backend-initalization
+ * Add autopkgtests for TLS.
+ * Add breaks-testbed to all tests.
+ * Fix TLS negotiation for passive filedaemons.
+- Backport upstream commit in d/patches/fix-tls-passive-fds
+
+ -- Felix Geyer <fge...@debian.org> Sat, 09 Ap
On 21.08.2015 16:40, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Tue, 2015-04-28 at 22:06 +0200, Felix Geyer wrote:
unrar-nonfree is affected by a symlink directory traversal vulnerability,
see bug #774171.
Please go ahead; apologies for the delay.
Thanks, uploaded.
Felix
On 04.08.2015 22:10, Jonathan Wiltshire wrote:
On Tue, Aug 04, 2015 at 09:55:10PM +0200, Felix Geyer wrote:
tinyxml needs a transition.
I've prepared the necessary changes in git:
https://anonscm.debian.org/cgit/collab-maint/tinyxml.git/commit/?id=205f0e56f40d85d55b25c38c3c7bbc16ecfd2769
Let
:45.0 +0200
@@ -1,3 +1,10 @@
+unrar-nonfree (1:4.1.4-1+deb7u1) wheezy; urgency=medium
+
+ * Fix a symlink directory traversal vulnerability (Closes: #774171)
+- Add debian/patches/fix-dir-traversal
+
+ -- Felix Geyer fge...@debian.org Tue, 28 Apr 2015 21:38:08 +0200
+
unrar-nonfree (1
) unstable; urgency=high
+
+ * Fix a server crash that is remotely exploitable. (Closes: #770514)
+- Add fixed_a_server_crash.patch, cherry picked from 0.6.3.
+
+ -- Felix Geyer fge...@debian.org Sun, 23 Nov 2014 16:45:28 +0100
+
teeworlds (0.6.2+dfsg-1) unstable; urgency=low
* New upstream
On 01.04.2014 22:44, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Fri, 2014-03-14 at 08:28 +0100, Felix Geyer wrote:
The quassel package in wheezy is affected by CVE-2013-6404:
clients can access backlogs belonging to other users.
The security team has classified it as a minor
/debian/changelog 2014-03-09 13:42:01.0 +0100
@@ -1,3 +1,10 @@
+quassel (0.8.0-1+deb7u1) wheezy; urgency=medium
+
+ * Fix CVE-2013-6404: clients can access backlogs belonging to other users
+- Backport upstream commit in CVE-2013-6404.patch
+
+ -- Felix Geyer fge...@debian.org Sun, 09
On 11.03.2014 23:16, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Sat, 2014-03-08 at 20:25 +0100, Felix Geyer wrote:
There is another minor security issue in ruby-passenger concerning
insecure usage of temp files.
CVE-2014-1831 and CVE-2014-1832 have been assigned for this issue
-2014-1832.patch
+
+ -- Felix Geyer fge...@debian.org Sat, 08 Mar 2014 19:42:03 +0100
+
ruby-passenger (3.0.13debian-1+deb7u1) wheezy; urgency=low
* Fix CVE-2013-2119 and CVE-2013-4136: insecure tmp files usage.
diff -Nru ruby-passenger-3.0.13debian/debian/patches/CVE-2014-1831.patch ruby
Control: retitle -1 nmu: gammaray_2.0.0-1
On 2014-02-07 08:28, Felix Geyer wrote:
Please schedule a binNMU for gammaray:
nmu gammaray_1.3.0-1 . amd64 . -m Rebuild against Qt 5.2.
Sorry, obviously 2.0.0-1 should be rebuilt, not 1.3.0-1:
nmu gammaray_2.0.0-1 . amd64 . -m Rebuild against Qt
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
gammaray was sitting in NEW for a while so on amd64 it's still
built against Qt 5.2 (depends on libqt5core5 and qtbase-abi-5-1-0).
Please schedule a binNMU for gammaray:
nmu
On 29.10.2013 21:15, Adam D. Barratt wrote:
Control: tags -1 + pending
On Tue, 2013-10-22 at 21:19 +0100, Adam D. Barratt wrote:
On Mon, 2013-10-14 at 23:35 +0200, Felix Geyer wrote:
There are two minor security issues in ruby-passenger:
CVE-2013-2119 and CVE-2013-4136: insecure tmp files
+0200
@@ -1,3 +1,11 @@
+ruby-passenger (3.0.13debian-1+deb7u1) wheezy; urgency=low
+
+ * Fix CVE-2013-2119 and CVE-2013-4136: insecure tmp files usage.
+(Closes: #710351, #717176)
+- Backport upstream commits in CVE-2013-2119.patch and CVE-2013-4136.patch
+
+ -- Felix Geyer fge...@debian.org
Here's a config for the transition tracker:
is_affected = .build-depends ~
/kde(base)?-workspace-dev|libkipi-dev|libkdcraw-dev|libkexiv2-dev|okular-dev|libkdegames-dev|libmarble-dev|okteta-dev/;
is_good = .depends ~
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
libsdl2 has been accepted into unstable so we want to get
libsdl-1.3 (experimental) removed.
Unfortunately blender built against libsdl-1.3 because libsdl-1.3-dev
provided libsdl-dev (which
+security fix.
+
+ -- Felix Geyer debfx-...@fobos.de Fri, 18 Jan 2013 19:00:28 +0100
+
kbuild (1:0.1.9998svn2543+dfsg-0.1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru kbuild-0.1.9998svn2543+dfsg/debian/patches/08_no_o3_optimization.diff kbuild-0.1.9998svn2543+dfsg/debian/patches
+
+ * Team upload.
+ * Build tm_posix.cpp on kFreeBSD and Hurd to fix a crash because of an
+undefined symbol. (Closes: #683933)
+- Add posix_rt_nonlinux.diff
+
+ -- Felix Geyer fge...@debian.org Tue, 07 Aug 2012 11:33:13 +0200
+
qtcreator (2.5.0-1) unstable; urgency=low
* New upstream
to Build-Depends so the build system doesn't try to
+download manpages/docbook.xsl from the internet. (Closes: #683174)
+
+ -- Felix Geyer fge...@debian.org Tue, 07 Aug 2012 15:25:14 +0200
+
python-ethtool (0.7-1) unstable; urgency=low
* Packaging for Debian main (Closes: #549323).
diff -Nru
On 24.05.2011 16:16, Mehdi Dogguy wrote:
Ok. You can go ahead with the upload. Can you file appropriate bug reports
(with severity set as serious) against aqsis and sofa-framework as well?
(with a patch when available).
Concerning aqsis, I'll most probably remove it from testing if not fixed
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
I'd like to upload tinyxml 2.6.2.
Upstream doesn't really care about API or ABI stability so I've settled
for SONAME = upstream version.
These packages are affected:
aqsis
blobby
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Seems like virtualbox-ose 4.0.4-dfsg-2 hasn't been built in a clean
environment on amd64 so it picked up unneeded python dependencies.
nmu virtualbox-ose_4.0.4-dfsg-2 . amd64 . -m Rebuild
On 16.01.2011 22:12, Julien Cristau wrote:
On Sun, Jan 16, 2011 at 16:19:11 -0400, David Bremner wrote:
Hi Felix;
Please discuss with the release team (in CC) whether your upload is OK
for squeeze. If they approve it I (or someone else) can sponsor the NMU.
Release team: diffstat is big
52 matches
Mail list logo