sawfish_1.3+cvs20060518-1_i386.changes ACCEPTED
Accepted: sawfish-lisp-source_1.3+cvs20060518-1_all.deb to pool/main/s/sawfish/sawfish-lisp-source_1.3+cvs20060518-1_all.deb sawfish_1.3+cvs20060518-1.diff.gz to pool/main/s/sawfish/sawfish_1.3+cvs20060518-1.diff.gz sawfish_1.3+cvs20060518-1.dsc to pool/main/s/sawfish/sawfish_1.3+cvs20060518-1.dsc sawfish_1.3+cvs20060518-1_i386.deb to pool/main/s/sawfish/sawfish_1.3+cvs20060518-1_i386.deb sawfish_1.3+cvs20060518.orig.tar.gz to pool/main/s/sawfish/sawfish_1.3+cvs20060518.orig.tar.gz Announcing to debian-devel-changes@lists.debian.org Closing bugs: 367322 Thank you for your contribution to Debian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processing of sawfish_1.3+cvs20060518-1_i386.changes
sawfish_1.3+cvs20060518-1_i386.changes uploaded successfully to localhost along with the files: sawfish_1.3+cvs20060518-1.dsc sawfish_1.3+cvs20060518.orig.tar.gz sawfish_1.3+cvs20060518-1.diff.gz sawfish-lisp-source_1.3+cvs20060518-1_all.deb sawfish_1.3+cvs20060518-1_i386.deb Greetings, Your Debian queue daemon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#373717: libbusiness-onlinepayment-tclink-perl: should depend on libbusiness-onlinepayment-perl
Package: libbusiness-onlinepayment-tclink-perl Version: 1.03-1 Severity: normal Dear myself, Depends: ... , libbusiness-onlinepayment-perl -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.4.27-2-386 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages libbusiness-onlinepayment-tclink-perl depends on: ii libnet-tclink-perl 3.4.0-2 Perl interface to the TrustCommerc ii perl 5.8.4-8sarge4 Larry Wall's Practical Extraction -- no debconf information -- _ivan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: forwarding to correct bug [EMAIL PROTECTED]: Re: Bug#369726: xcircuit 3.6.24-1 unusable on amd64]
Processing commands for [EMAIL PROTECTED]: > tags 369276 -patch Bug#369276: Settings --> Skin Downloader --> Crash Tags were: patch Tags removed: patch > tags 369726 patch Bug#369726: xcircuit 3.6.24-1 unusable on amd64 There were no tags set. Tags added: patch > stop Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#373672: libjpeg-mmx: CVE-2006-3005: memory exhaustion
On Wed, Jun 14, 2006 at 05:53:45PM -0500, Alec Berryman wrote: > Package: libjpeg-mmx > Severity: important > Tags: security patch > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > CVE-2006-3005: "The JPEG library in media-libs/jpeg before 6b-r7 on > Gentoo Linux is built without the -maxmem feature, which could allow > context-dependent attackers to cause a denial of service (memory > exhaustion) via a crafted JPEG file that exceeds the intended memory > limits." > > Although the CVE is Gentoo-specific, Debian's libjpeg-mmx is not built > with --maxmem enabled, making it vulnerable. I have attached a trivial > patch to enable --maxmem to the same limit used in libjpeg62. The > Gentoo bug report mentioned in the CVE [1] contains a more elaborate > patch [2] that limits the maximum amount of allocatable memory to 95% of > physical memory. I believe the second patch is the better solution - > libjpeg62 sets maxmem to 1024MB, and that doesn't help much when mem + > swap is less than 1024 (the sample exploit image attached to the Gentoo > bug starts my computer thrashing). > > Neither the Woody nor the Sarge version build with --maxmem and are > vulnerable. I don't see the point. There are valid use cases, where very large files are required and if an admin encounters problems with users handling overly large pictures she can apply site-specific resource limits. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
pythoncard_0.8.1-5_i386.changes ACCEPTED
Accepted: python-pythoncard_0.8.1-5_all.deb to pool/main/p/pythoncard/python-pythoncard_0.8.1-5_all.deb python2.3-pythoncard_0.8.1-5_all.deb to pool/main/p/pythoncard/python2.3-pythoncard_0.8.1-5_all.deb pythoncard-doc_0.8.1-5_all.deb to pool/main/p/pythoncard/pythoncard-doc_0.8.1-5_all.deb pythoncard-tools_0.8.1-5_all.deb to pool/main/p/pythoncard/pythoncard-tools_0.8.1-5_all.deb pythoncard_0.8.1-5.diff.gz to pool/main/p/pythoncard/pythoncard_0.8.1-5.diff.gz pythoncard_0.8.1-5.dsc to pool/main/p/pythoncard/pythoncard_0.8.1-5.dsc pythoncard_0.8.1-5_all.deb to pool/main/p/pythoncard/pythoncard_0.8.1-5_all.deb Announcing to debian-devel-changes@lists.debian.org Thank you for your contribution to Debian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processing of pythoncard_0.8.1-5_i386.changes
pythoncard_0.8.1-5_i386.changes uploaded successfully to localhost along with the files: pythoncard_0.8.1-5.dsc pythoncard_0.8.1-5.diff.gz pythoncard_0.8.1-5_all.deb pythoncard-tools_0.8.1-5_all.deb pythoncard-doc_0.8.1-5_all.deb python-pythoncard_0.8.1-5_all.deb python2.3-pythoncard_0.8.1-5_all.deb Greetings, Your Debian queue daemon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
