[DRE-maint] ruby-fog_1.42.0-3_source.changes REJECTED
ruby-fog_1.42.0-3.dsc: Invalid size hash for ruby-fog_1.42.0.orig.tar.gz: According to the control file the size hash should be 568399, but ruby-fog_1.42.0.orig.tar.gz has 586693. If you did not include ruby-fog_1.42.0.orig.tar.gz in your upload, a different version might already be known to the archive software. === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Processing of ruby-fog-google_1.3.3-2_source.changes
ruby-fog-google_1.3.3-2_source.changes uploaded successfully to localhost along with the files: ruby-fog-google_1.3.3-2.dsc ruby-fog-google_1.3.3-2.debian.tar.xz ruby-fog-google_1.3.3-2_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Processing of ruby-fog_1.42.0-3_source.changes
ruby-fog_1.42.0-3_source.changes uploaded successfully to localhost along with the files: ruby-fog_1.42.0-3.dsc ruby-fog_1.42.0-3.debian.tar.xz ruby-fog_1.42.0-3_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] gitlab_10.7.5+dfsg-2_source.changes ACCEPTED into experimental
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 03 Jun 2018 20:54:56 +0530 Source: gitlab Binary: gitlab Architecture: source Version: 10.7.5+dfsg-2 Distribution: experimental Urgency: medium Maintainer: Debian Ruby Extras Maintainers Changed-By: Pirate Praveen Description: gitlab - git powered software platform to collaborate on code (non-omnibus Changes: gitlab (10.7.5+dfsg-2) experimental; urgency=medium . * Bump minimum version of gitlab-workhorse to 4.1.0 Checksums-Sha1: acf980bd730f5fdc1a9b1cbfb7553724b1071180 2481 gitlab_10.7.5+dfsg-2.dsc c7433b657056812d526240e406dce92f9e43d226 62936 gitlab_10.7.5+dfsg-2.debian.tar.xz 5efda80450f2388add90d8003be6d933a468d52f 6230 gitlab_10.7.5+dfsg-2_source.buildinfo Checksums-Sha256: 7f29f501c2a8d5d8b7f2f7a14b8a56072b3b9b62226fc420eb983faf38786fcb 2481 gitlab_10.7.5+dfsg-2.dsc b2175da21de1af924ac67c1f362662148ba29c436f195ff3672b9d7eb12c25f5 62936 gitlab_10.7.5+dfsg-2.debian.tar.xz 260a35f7670aaeb46aca23dcb6c64b07eeabc67ffbb42057793aea2e5bbd4232 6230 gitlab_10.7.5+dfsg-2_source.buildinfo Files: 90f2b5234d2cd5b7a21d72ecc129079c 2481 contrib/net optional gitlab_10.7.5+dfsg-2.dsc 3f4c6848daafbe362eaa9e4e166db430 62936 contrib/net optional gitlab_10.7.5+dfsg-2.debian.tar.xz 11a09c17af92faddfd3832f239a59fe0 6230 contrib/net optional gitlab_10.7.5+dfsg-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsUCHEACgkQzh+cZ0US wiqo3Q//f+3zcAa05A7LM7uXFhecCGRu0rsrPrC1YM2XRxYibk5DqHoUTSdd7R4/ dS5D1Ji0m4Mos/37brTlJ7Eu2SRwvBx7QsHdCcpkOrB8QFOacxvm9kJhp9ImGXgS Nx06ZFSgO8SGfgLPu/olETtDUITiz1mNSj3v37tXfLuOC4860n0ba2kdDCl64qdJ agdWdkG7FBNy0dGRBsx13fsKNJldzqsX9QR16J2MTUhrU+ylfQh2Nw0YTWldMldr 1mtlzTRWexLSJyGR9aq/3f8XpUXkzzz+24FOLcPhOBdKky1eC9H5EY5YxTFCuET6 u2ZQWxsrl2X3S6T9+prINQBx9+f0yAhPgn65GWVktwGrZg+9sXIKC3IC8n8p8Ffd O0AXuLQjJQTh+PrQoyz8recwuy2Ql9p1N5bMk7w2dwF26U9zIY8sFfzJwf/40i4W wV3Br6PJzrWZydydA//nbMQ40v6xzBhsZFi62hbIkeF1un2gXbR3SyU/xwvMrEYq 9JFp+tn+stOwpxMptLLCYGafzVaO2b4PdZ8WDvH/yDYJUjsCTosDchlnM97BsUah UzfNIRVoqWsCjz+l+Ndk2vk0Igsrkt5LGE06jQNMqv0fo093J4S7EYjaF8IJHigL Hsr3DhfyRWy8Unw1ljNElxr8Ufcn/Ecsp6Rkzjd1evEwB0dSf/A= =5gHC -END PGP SIGNATURE- Thank you for your contribution to Debian. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#900522: marked as done (gitlab: Security Release: 10.8.2, 10.7.5, and 10.6.6)
Your message dated Sun, 03 Jun 2018 15:04:49 + with message-id and subject line Bug#900522: fixed in gitlab 10.7.5+dfsg-1 has caused the Debian Bug report #900522, regarding gitlab: Security Release: 10.8.2, 10.7.5, and 10.6.6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 900522: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900522 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gitlab Version: 10.6.5+dfsg-2 Severity: grave Tags: security upstream Justification: user security hole Control: found -1 10.7.3+dfsg-1 Hi There was a new gitlab security update, as per https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ (Unfortunately, there are no CVE assigned yet, which would ease the tracking in any case). Regards, Salvatore --- End Message --- --- Begin Message --- Source: gitlab Source-Version: 10.7.5+dfsg-1 We believe that the bug you reported is fixed in the latest version of gitlab, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 900...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pirate Praveen (supplier of updated gitlab package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 03 Jun 2018 19:54:01 +0530 Source: gitlab Binary: gitlab Architecture: source Version: 10.7.5+dfsg-1 Distribution: experimental Urgency: medium Maintainer: Debian Ruby Extras Maintainers Changed-By: Pirate Praveen Description: gitlab - git powered software platform to collaborate on code (non-omnibus Closes: 900522 Changes: gitlab (10.7.5+dfsg-1) experimental; urgency=medium . * New upstream version 10.7.5+dfsg (Closes: #900522) Checksums-Sha1: ef6cb1592e6b08999be3e3ae49fe83d146f78469 2481 gitlab_10.7.5+dfsg-1.dsc 4332e462c567ebd8c6aee1c7faafc7a93cf435d2 44558720 gitlab_10.7.5+dfsg.orig.tar.xz dba190d3a0de853b2c891547d8fe3dc87642b2c0 62860 gitlab_10.7.5+dfsg-1.debian.tar.xz 6c386cfae416905d8f8d0a4be860ae3902528646 6230 gitlab_10.7.5+dfsg-1_source.buildinfo Checksums-Sha256: 6fd5ec4cf3cbf8ddce095d204aa4d21c888402b5de3951802995aac49a95cfcf 2481 gitlab_10.7.5+dfsg-1.dsc 0cb3822bed81ef9751cfa43e249c6cb4f0a8efbd538b1691518513b16e713ec6 44558720 gitlab_10.7.5+dfsg.orig.tar.xz 062c9273fd77a5befbf0e4093730564b36556d858f2f786f25482487f0ab38dc 62860 gitlab_10.7.5+dfsg-1.debian.tar.xz 163bf119f1eb8c4a0de9ab6e46f5d3795b6fc853c474ced11107f3aea0fd5fec 6230 gitlab_10.7.5+dfsg-1_source.buildinfo Files: b135fd6430411620197592c5f6e43ca7 2481 contrib/net optional gitlab_10.7.5+dfsg-1.dsc a1238231aebb48caaf9ec87fff4fcc58 44558720 contrib/net optional gitlab_10.7.5+dfsg.orig.tar.xz a6d3570911c8fef38bc5f29164ba5bad 62860 contrib/net optional gitlab_10.7.5+dfsg-1.debian.tar.xz 7745da284f6cd1fd8b8ee2c2543e8339 6230 contrib/net optional gitlab_10.7.5+dfsg-1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsUABwACgkQzh+cZ0US wirZcQ//ZZrbJmr7EXGEbkTtuaArSi8AHnnuEv2sDqhMbjSJSNtpnqonC5sU6UHT tpRr7wzgDEZPQ865Xeo+eMk3rLKwksIErzr1uc+hmjZTqHYWOrUVwVoTgv47Wc81 50eQwpcTzOrpndWya0nFdSmU8l3e4h6270p2fk1Mt4MKlLdCpbVfsW3BtIbolYwm MOfO8x/ib77jbgK0FsdWVjD6DLYwlO/HFWXVISYsOuhfF6LqNEdq/F+/EZfSA7pl qHHkoQ0crPl9QWWHY1nuC8rK/t6hmIelOAp/N7r2/iMYVz6shYwe4ERdd+Vt7+zi 4j7xCZtT3hvMpbelgCTCZFC0nmhCFr6CAjp0VCQd/nKFlusZ7hQTURWAuyn956Mg zcZwaO2IBLtDqgcnoPI7QTa6cdWjiB31weOPixLKafvsIrh1nTglur0bktA7+a45 uzGcg6LGQ5x7ufRCex7mogj42QNGqEQbNryYskMrlYtosfR4XYVDAqGyNn4Iygx1 TdzRy8eqEUlTsBXPE9jdl16DF5Wh7cTj2Al1jBUK8Fh7F/2kWwoIWuQP0JmTNnD2 Swe4RED4eZGCfeJnkjy8CeU0Tj6EDHhi7Ocez7vkh4zdkg4TKLNxgGYn8sF+8G3f ZS88LjuH6XOl6+x87OMErxkT2HatJIh3TL0RlIvb9XQa4L/wPBA= =nLop -END PGP SIGNATURE End Message --- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#900283: marked as done (Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch)
Your message dated Sun, 03 Jun 2018 11:02:59 +
with message-id
and subject line Bug#900283: fixed in redmine 3.3.1-4+deb9u2
has caused the Debian Bug report #900283,
regarding Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
900283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900283
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: redmine
Version: 3.3.1-4+deb9u1
Dear Maintainers,
on Thu, 12 Apr 2018 11:33:06 -0300 Debian published a security update for
Redmine in version 3.3.1.
This security update includes patch CVE-2017-15569.
https://sources.debian.org/patches/redmine/3.3.1-4+deb9u1/CVE-2017-15569.patch/
I write to report a bug with this patch. Custom fields with multiple values
will not be put to a table correctly.
The way I found out was:
Create a tracker, that utilizes a custom field of type list or user and has
multiple values allowed.
Create an issue, that has more then one value in that custom field. E.g. two
users.
If I then do a query on my project, I get a HTTP-error 500 response and see the
following in my logs:
-->8--
Completed 500 Internal Server Error in 442ms (ActiveRecord: 84.3ms)
ActionView::Template::Error (undefined local variable or method `item' for
#<#:0x007f128233ed70>):
28: <% end %>
29: ">
30: <%= check_box_tag("ids[]", issue.id,
false, :id => nil) %>
31: <% query.inline_columns.each do |column| %>
32: <%= content_tag('td', column_content(column, issue), :class =>
column.css_classes) %>
33: <% end %>
34:
app/helpers/queries_helper.rb:132:in `block in column_content'
app/helpers/queries_helper.rb:132:in `collect'
--8<--
Changing the word "item" to "issue" resolves this problem.
I'm using Debian 4.9.88-1 (2018-04-29) x86_64 GNU/Linux with kernel
4.9.0-6-amd64 and libc6 2.24-11+deb9u3.
Please contact us if you have any further questions or would like to have more
information.
Kind regards
Frank Hebold
--
Frank Hebold
Auszubildender zum Fachinformatiker (IHK)
HiperScan GmbH
Weißeritzstr. 3
01067 Dresden
Germany
phone +49 351 212 496 20
fax +49 351 212 496 99
mailto: frank.heb...@hiperscan.com
www.hiperscan.com
www.apo-ident.de
HiperScan GmbH, Dresden
commercial register number HRB 24683
local court Dresden
CEOs: Dr. Alexander Wolter, Michael Thoma
--- End Message ---
--- Begin Message ---
Source: redmine
Source-Version: 3.3.1-4+deb9u2
We believe that the bug you reported is fixed in the latest version of
redmine, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 900...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso (supplier of updated redmine package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 03 Jun 2018 08:07:59 +0200
Source: redmine
Binary: redmine redmine-mysql redmine-pgsql redmine-sqlite
Architecture: source
Version: 3.3.1-4+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Antonio Terceiro
Changed-By: Salvatore Bonaccorso
Closes: 900283
Description:
redmine- flexible project management web application
redmine-mysql - metapackage providing MySQL dependencies for Redmine
redmine-pgsql - metapackage providing PostgreSQL dependencies for Redmine
redmine-sqlite - metapackage providing sqlite dependencies for Redmine
Changes:
redmine (3.3.1-4+deb9u2) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix backport of CVE-2017-15569 patch.
Rename one occurence of 'item' back to 'issue' as the renaming change
was introduced upstream in 3.4.0.
Thanks to Frank Hebold (Closes: #900283)
Checksums-Sha1:
0dc66dfe62bbd967d435902aa93ef2666f34d72f 2952 redmine_3.3.1-4+deb9u2.dsc
ac85005e8df16ecb9493fd93b43c7d78e145d591 248892
redmine_3.3.1-4+deb9u2.debian.tar.xz
Checksums-Sha256:
[DRE-maint] Processed: limit source to redmine, tagging 900283
Processing commands for cont...@bugs.debian.org: > limit source redmine Limiting to bugs with field 'source' containing at least one of 'redmine' Limit currently set to 'source':'redmine' > tags 900283 + pending Bug #900283 [redmine] Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 900283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
