Source: lirc
Version: 0.10.1-6.3
Tags: patch
lirc passes --enable-silent-rules to configure. Doing so makes debugging
build failures hard, it breaks build log scanning for compiler flags and
it is discouraged by the Debian policy. Please build verbosely by
default. If you happen to prefer the less
On Fri, 2021-05-21 at 08:27 +0200, Tomaž Šolc wrote:
> Should I wait with this package until Bullseye is released?
Yes, or upload to experimental now and unstable after the release.
> If you think it makes more sense, I can simply drop it from the binary
> package.
I think it makes sense to lea
On Wed, Apr 28, 2021 at 09:00:47AM +0200, Uwe Kleine-König wrote:
> Package: webext-foxyproxy
> Version: 7.5.1+dfsg-1
> Severity: normal
>
> Hello,
>
> occationally (I didn't find the trigger yet) a subprocess of firefox
> occupies one complete cpu. There is no functional problem, all seems to
>
Package: plantuml
Version: 1:1.2018.13+ds-1
Tags: patch
In https://github.com/arkivverket/noark5-tjenestegrensesnitt-standard/issues/272 >
there is a discussion on running plantuml in a docker image without
installing a lot of X11 related packages. I tracked this down to the
dependency in plant
Hi all,
> Preparing to unpack .../370-webext-browserpass_3.7.2-1+b1_amd64.deb ...
> Unpacking webext-browserpass (3.7.2-1+b1) over (2.0.22-2) ...
> dpkg: error processing archive
> /tmp/apt-dpkg-install-VKYulC/370-webext-browserpass_3.7.2-1+b1_amd64.deb
> (--unpack):
>unable to open
>
Control: tags -1 + patch
I was just pointed at this issue , didn't realize the compatibility with Python
3.9.
I updated to the current upstream version, which seems to work fine with 3.9.
Packaging proposal at
https://launchpad.net/ubuntu/+source/python-pipx/0.16.2.1-0ubuntu3
This also drops th
Am 21.05.21 um 07:35 schrieb UN-pi:
Maybe a helpful idea/reason/solution for the problem?
A website in German:
https://debianforum.de/forum/viewtopic.php?f=32&t=180761&hilit=syslog
Similar symptoms, different cause afaics.
OpenPGP_signature
Description: OpenPGP digital signature
Source: lintian-brush
Version: 0.99
Severity: serious
Tags: ftbfs
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: needs-update
Hi Maintainer
Sometime between 2021-03-30 and 2021-04-06, lintian-brush's
autopkgtests started to fail in testing [1]. I've copied wh
Control: reassign -1 fwupd-amd64-signed
Control: forcemerge 973715 -1
On Wed, May 19, 2021 at 04:08:43PM -0400, Robbie Harwood (frozencemetery) wrote:
> Package: fwupd
> Version: 1.5.7-3
> Severity: normal
> X-Debbugs-Cc: rharw...@club.cc.cmu.edu
>
> Dear Maintainer,
>
> It's not currently poss
Hi,
On Sun 02 May 2021 09:06:49 GMT, Salvatore Bonaccorso wrote:
> Hi,
>
> On Mon, Sep 04, 2017 at 03:01:26PM +0200, Raphael Hertzog wrote:
> > Control: reopen -1
> > Control: notfixed -1 4.10.0-1~exp1
> > Control: found -1 4.12.6-1
> >
> > On Fri, 25 Aug 2017, Raphael Hertzog wrote:
> > > I ver
Package: lintian
Version: 2.104.0
Severity: normal
Dear Maintainer,
Running lintian from bullseye on udebs (which do not need to have a
Standards-Version header) results in lintian throwing an error. e.g.:
E: partman-basicmethods source: required-field debian/control@source
Standards-Version
On 21. 05. 21 03:17, Paul Wise wrote:
> * At this point in the freeze, the release team asks for folks to
>upload new upstream releases and other changes not targeted at
>bullseye to be uploaded to experimental instead of unstable.
> - https://release.debian.org/bullseye/freeze_policy.h
found 96 4.7.1-1
thanks
Hi,
Thanks for bringing this to my attention.
> I'm slightly confused about the available information about the
> affected version. From the code it looks to me that 4.7.1 as in stable
> would be affected as well, but upstream is claiming 4.7.8 is affected
> to 4.8.0.
Hi Michael,
Michael Meskes wrote:
> I'm with Daniel on this one as I cannot reproduce it either:
>
> Preparing to unpack .../webext-browserpass_3.7.2-1+b1_amd64.deb ...
> Unpacking webext-browserpass (3.7.2-1+b1) over (2.0.22-2) ...
Indeed. Using a clean Sid chroot, installing webext-browserpass
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Please unblock package darktable
[ Reason ]
Upload -3 fixes a piuparts error from some dangling symlinks.
[ Impact ]
As far as I can tell
Hi Philip,
On Fri, May 21, 2021 at 3:24 AM Philip Hands wrote:
>
> Running lintian from bullseye on udebs (which do not need to have a
> Standards-Version header)
Thanks for the well-researched bug report! Lintian did not complain
about a missing field in a udeb. It was missing from the correspo
Dear Ryan,
Curious that you do not consider this a bug: similar things were fixed
in other terminal emulators like xterm, so people could "safely" view
(i.e. cat or grep) any files, e.g. root perusing syslog.
Looking at the further message on FullDisclosure:
https://seclists.org/fulldisclosure/
Package: automysqlbackup
Version: 2.6+debian.4-3
Severity: normal
Tags: patch
Combining the COMP=bzip2 and COMPDIRECT=yes arguments results in gzip
compressed database dumps being created, but with ".bz2" file suffixes.
I've created a patch which fixes this, and also adds support for pigz,
zstd,
Package: automysqlbackup
Version: 2.6+debian.4-3
Severity: minor
Tags: patch
I've attached a patch which corrects many spelling, grammar and other
typos in comments and docs.
I didn't correct errors in the changelog section.
This patch applies on top of the compression enhancement and bugfix
pat
Source: pg-partman
Version: 4.4.1-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for pg-partman.
CVE-2021-33204[0]:
| In the pg_partman (aka PG Partition Manager) extension before 4.5.1
| for PostgreS
Source: flask-caching
Version: 1.10.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/sh4nks/flask-caching/pull/209
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for flask-caching.
CVE-2021-33026[0]:
| The Flask-C
Package: wnpp
Severity: wishlist
Subject: ITP: r-cran-tidytext -- GNU R text mining using 'dplyr', 'ggplot2',
and other tidy tools
Package: wnpp
Owner: Andreas Tille
Severity: wishlist
* Package name: r-cran-tidytext
Version : 0.3.1
Upstream Author : Gabriela De Queiroz,
* URL
Package: wnpp
Severity: wishlist
Owner: Thomas Goirand
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: glance-tempest-plugin
Version : 0.1.0
Upstream Author : OpenDev Foundation
* URL : https://opendev.org/openstack/glance-tempest-plugin
* License
Package: wnpp
Severity: wishlist
Owner: Thomas Goirand
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: trove-tempest-plugin
Version : 1.2.0
Upstream Author : OpenDev Foundation
* URL : https://opendev.org/openstack/trove-tempest-plugin
* License :
Package: wnpp
Owner: Andrius Merkys
Severity: wishlist
* Package name: golang-github-skeema-mybase
Version : 1.0.13
Upstream Author : Skeema LLC
* URL : https://github.com/skeema/mybase
* License : Apache-2.0
Programming Lang: Golang
Description : CLI f
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: jlsan...@protonmail.com
Please unblock package flent
[ Reason ]
Fixes bug #987656, by updating Recommends to include python3-qtpy.
[ Impact ]
Without this change, users who r
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package python-openstackclient
This version adds python3-cloudkittyclient as build-dependency,
meaning that when python-openstackclient/5.4.0-4 generates its
bash-completion
Control: tags -1 +pending
Hello Mike, and thanks for your patch-provided bugreport.
Le mercredi, 19 mai 2021, 12.33:10 h CEST Mike Gabriel a écrit :
> With CUPS on buster and bullseye I see these messages in /var/log/syslog:
>
> May 19 12:26:12 server03 kernel: [4563725.605605] audit: type=1400
Hi
Really strange. Tried again now.
// Ola
On Mon, 17 May 2021 at 10:09, Chris Lamb wrote:
> Hi,
>
> > It is still not in the archives?
> > I wonder what I do wrong then...
>
> No, I'm afraid not. :)
>
>
> Regards,
>
> --
> ,''`.
> : :' : Chris Lamb
> `. `'` la...@deb
Dear Ryan,
I just wrote:
Curious that you do not consider this a bug: similar things were fixed
in other terminal emulators like xterm, so people could "safely" view
(i.e. cat or grep) any files, e.g. root perusing syslog.
I guess I should have given examples or references. Some that come
package release.debian.org
tags 988454 = buster pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian buster.
Thanks for your contribution!
Upload details
==
Package: ruby-websocket-extensions
Version
package release.debian.org
tags 988314 = buster pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian buster.
Thanks for your contribution!
Upload details
==
Package: uim
Version: 1.8.8-4+deb10u5
Exp
package release.debian.org
tags 988455 = buster pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian buster.
Thanks for your contribution!
Upload details
==
Package: velocity
Version: 1.7-5+deb10u1
Le vendredi, 21 mai 2021, 16.26:12 h CEST Mike Gabriel a écrit :
> Basically, why not? It clutters syslog. It probably won't have
> functional consequences, but still...
Well. At this point of the freeze, I'd rather not burden the release team with
such a non-"critical, grave, or serious" bug.
h
Package: ca-certificates
Version: 20210119
Severity: minor
While creating a custom deb package for an internal CA I noticed that the
included ca-certificates-local is not Lintian clean.
In particular:
* It uses the deprecated Priority: extra
(priority-extra-is-replaced-by-priority-optional)
* I
package release.debian.org
tags 988508 = buster pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian buster.
Thanks for your contribution!
Upload details
==
Package: gnutls28
Version: 3.6.7-4+deb10u7
package release.debian.org
tags 987731 = buster pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian buster.
Thanks for your contribution!
Upload details
==
Package: openvpn
Version: 2.4.7-1+deb10u1
Hello Simon,
Just slightly pinging this to get your attention.
There's a bug on Launchpad as well, which got an interesting comment
from one of the user who debgugged this further:
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1778073.
Hoping that'd help. Thanks!
- u
On Sun, May 16, 2021 at 02:55:32PM -0600, Mike Markley wrote:
> Package: sponsorship-requests
> Severity: normal
>
> I'm seeking assistance uploading a new version of the ScrollZ IRC client
> to unstable that addresses an outstanding CVE:
> https://security-tracker.debian.org/tracker/CVE-2021-293
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: r...@debian.org
Please unblock package rxvt-unicode
Disables the ESC G Q escape sequence, which could cause the command '0'
to be executed. This addresses:
https://security-t
UEFI Secure Boot is disabled. The machine is a Macbook8,3 converted to a pure
Linux box, however. So, the EFI firmware might be damaged. Thank you for the
clarification.
In order to disable the (not properly supported) discrete graphics card, I
need to execute the mentioned outb commands. Indee
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Scott Kitterman , Michael Hudson-Doyle
Please unblock package pyyaml
pyyaml (5.3.1-4) unstable; urgency=medium
* Team upload.
[ Debian Janitor ]
* Apply multi-arch h
Dear Paul,
I just uploaded rxvt-unicode 9.22-11, which includes a backported patch
from 9.26 disabling this escape sequence.
Best wishes,
Ryan
Package: grass-doc
Version: 7.8.5-1
Severity: normal
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
>From the attached log (scroll to the bottom...):
7m47.0s ERROR: FAIL: Broken symlinks:
/usr/sha
control: tags -1 -moreinfo
On Thu, May 20, 2021 at 4:57 AM Paul Gevers wrote:
>
> Control: tags -1 moreinfo
>
> Hi Ryan,
>
> On 06-05-2021 07:33, Ryan Tandy wrote:
> > #988119: the daemon creates its pid and status files with mode 666,
> > start-stop-daemon doesn't like that and refuses to stop t
Package: jverein
Version: 2.8.18+git20200921.6212a59+dfsg-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
>From the attached log (scroll to the bottom...):
1m38.1s ERROR: FAIL: Br
Control: tags -1 pending
On 5/21/21 6:27 PM, Andreas Beckmann wrote:
> Is grass-doc missing a dependency on libjs-jquery ?
Yes, and it's fixed in git.
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
Package: freezer-api-doc
Version:
Severity: normal
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
>From the attached log (scroll to the bottom...):
0m39.3s ERROR: FAIL: Broken symlinks:
/usr/shar
Hello! Thank you for pointing out these CVEs.
I investigated deeper into the issues and reviewed the code as of
0.1+dfsg-1 version of the package. Luckily, most of these issues are not
related to rlottie as currently packaged in Debian.
Below are some of my notes. They do not imply 100% guarantee
Control: forwarded -1 https://rt.cpan.org/Ticket/Display.html?id=136486
On Wed, 19 May 2021 10:09:54 +1000, dc...@prosentient.com.au wrote:
> The Debian package requires that libyaml-perl or libyaml-syck-perl be
> installed, but it is possible to use this package without either of those
> YAML mo
Hi,
Le 5/20/21 à 6:44 AM, Mihai Moldovan a écrit :
* On 5/19/21 1:46 PM, Andreas Beckmann wrote:
Package: python3-hawkey-doc
Version: 0.55.2-6
[...]
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
[...]
Is python3-hawkey-doc missing a Depends/Recommends/S
Package: lintian-brush
Version: 0.104
Severity: normal
See https://salsa.debian.org/postgresql/psqlodbc/-/merge_requests/1:
deb-scrub-obsolete should not strip commas.
This happens because it drops dependencies first at the moment and then
removes any empty elements in the list. It should just d
Package: lintian-brush
Version: 0.104
Severity: normal
See
https://salsa.debian.org/pkg-netfilter-team/pkg-nftables/-/merge_requests/5#note_239505
When dropping versioned dependencies for packages that are essential (and were
so in upgrade-release), then drop the entire dependency.
-- System I
Package: xfonts-wqy
Version: 1.0.0~rc1-7
Why do I see the same character for both
U+629B, U+62CB ?
$ unicode -v U+629B U+62CB |grep -i strokes
kTotalStrokes: 7
kTotalStrokes: 8
For both I only see the latter (8).
Package: gftp-gtk,gftp-text
Version: 2.7.0b-1
Severity: normal
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
>From the attached log (scroll to the bottom...):
5m17.8s ERROR: FAIL: Broken symlinks:
Hi OdyX,
On Fr 21 Mai 2021 15:59:04 CEST, Didier 'OdyX' Raboud wrote:
Control: tags -1 +pending
Hello Mike, and thanks for your patch-provided bugreport.
Le mercredi, 19 mai 2021, 12.33:10 h CEST Mike Gabriel a écrit :
With CUPS on buster and bullseye I see these messages in /var/log/syslog
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: a...@debian.org
Hello Stable release team,
I would like to update mqtt-client in buster for fixing CVE-2019-0222.
It is fixed in stretch, bullseye and sid. Right now
Package: micro-evtd
Version: 3.4-4
Severity: normal
While testing the recent micro-evtd changes I noticed that this problem
still happens in buster and bullseye. After some hours or days of
uptime, the box sometimes beeps and runs the fan, for no apparent
reason. Sometimes it beeps once, other
Hi eloy (2021.05.08_05:58:59_-0400)
> There's updated package released in salsa.debian.org
> https://salsa.debian.org/debian/whipper/-/tree/debian/0.9.0-7 but I
> have problems with uploading it into ftp debian.org. Until I resolve
> problems with uploading someone can take build from there and upl
Hi OdyX,
On Fr 21 Mai 2021 16:45:46 CEST, Didier 'OdyX' Raboud wrote:
Le vendredi, 21 mai 2021, 16.26:12 h CEST Mike Gabriel a écrit :
Basically, why not? It clutters syslog. It probably won't have
functional consequences, but still...
Well. At this point of the freeze, I'd rather not burde
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for the orphaned package "distorm3":
* Package name: distorm3
Version : 3.5.2b-1
Upstream Author : Gil Dabah
* URL : https://github.com/gdabah/distorm
* License : BSD
Package: chromium
Version: 90.0.4430.212-1
Followup-For: Bug #954824
Control: tags -1 patch
Hi,
The patch from Riccardo Magliocchetti works, the 'rtc_pipewire_version=0.3'
is no longer needed. Building chromium with this does not add any extra
build depends, since the library is loaded via ldopen
* On 5/21/21 7:32 PM, Frédéric Pierret wrote:
> I'll try to fix that quickly, thank you.
Yep, just a matter of adding libjs-jquery and libjs-underscore to Depends on
python3-hawkey-doc. I've done that on my weird, stretch-based setup with the
initial dnf 4.0.9 version.
> BTW, Mihai may I change
Package: ftp.debian.org
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi ftpmasters,
Please drop source package 4store from Debian unstable.
Upstream is dead: Last release was in 2015, source tracker saw no
changes since 2017, and issue tracker was last active in 2018.
The p
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Krzysztof Krzyżaniak (eloy)
Please unblock package whipper
Adds a couple of missing dependencies, and fixes up a stale description
talking about Python 2.7.
[ Reason ]
Fixes
Control: tags 987646 + patch
Dear maintainer,
I've prepared an NMU for eclipse-titan (versioned as 7.2.0-1.1). The diff
is attached to this message.
Regards.
SR
diff -Nru eclipse-titan-7.2.0/debian/changelog eclipse-titan-7.2.0/debian/changelog
--- eclipse-titan-7.2.0/debian/changelog 2021-02-1
Control: tags -1 d-i confirmed
Hi,
On 20-05-2021 10:26, Emilio Pozuelo Monfort wrote:
> Please unblock package libx11
This needs also an ack from d-i, boot CC-ed.
> This fixes CVE-2021-31535, a bug in libX11 which could lead to the
> execution of additional X requests due to insufficient buffer
Package: gnome-shell-extension-redshift
Version: 3.20.1-2.1
Severity: serious
https://extensions.gnome.org/extension/685/redshift/
Deprecation notice: As of GNOME 3.24, there is native support for night light
mode in your display settings. This extension is not required or reccomended
anymore.
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen
X-Debbugs-CC: debian-de...@lists.debian.org
* Package name : node-rollup-plugin-sass
Version : 1.2.2
Upstream Author : BinRui.Guan
* URL : https://github.com/differui/rollup-plugin-sass#readme
* License : Expat
Programming Lang: JavaScri
Hi Alberto,
On 11-05-2021 21:03, Alberto Garcia wrote:
> On Tue, Apr 27, 2021 at 11:27:32PM +0200, Alberto Garcia wrote:
>
>> Nothing to do with webkit actually. The test launches Balsa, waits
>> for two seconds and then takes a screenshot of the window. The bug
>> happens because when xdg-deskto
Package: golang-github-containers-image
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
This was assigned CVE-2021-20291:
https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1
Cheers,
Moritz
Source: golang-github-gin-gonic-gin
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2020-28483:
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736
https://github.com/gin-gonic/gin/pull/2474
Cheers,
Moritz
Control: tags 987547 + pending
Dear maintainer,
I've prepared an NMU for debspawn (versioned as 0.4.1-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards.
SR
diff -Nru debspawn-0.4.1/debian/changelog debspawn-0.4.1/debian/changelog
--- debspawn-0.
Source: google-oauth-client-java
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2020-7692:
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-575276
https://github.com/googleapis/google-oauth-java-client/issues/469
https://github.com/googleapis/google-oauth-java-client/com
Source: rust-http
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2019-25009:
https://rustsec.org/advisories/RUSTSEC-2019-0034.html
https://github.com/hyperium/http/commit/82d53dbdfdb1ffbeb0323200a0bbd30b5f895fa7
https://github.com/hyperium/http/commit/8ffe094df1431321d45086
Package: libhibernate-validator-java
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2020-10693:
https://bugzilla.redhat.com/show_bug.cgi?id=1805501
Cheers,
Moritz
Package: redis
Version: 5:5.0.7-2
Severity: normal
Dear Maintainer,
* What led up to the situation?
Upgrades between versions of the package, with local configuration changes
* What exactly did you do (or not do) that was effective
Nothing particular other than modifying the default config (even
The problem, which I had reported in January, still exists.
It would be useful to apply the patch indicated above or similar (so as
not to have to apply it to each update of the LVM2 package).
Thanks
Antonio
On Fri, May 21, 2021 at 09:28:02PM +0200, Paul Gevers wrote:
> > In webkit2gtk 2.32.1-1 the dependency on xdg-desktop-portal-gtk was
> > downgraded to a recommendation so the test no longer fails.
>
> balsa is close to autoremoval from bullseye because of this issue.
> Should xdg-desktop-portal-gt
Source: thrift
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2019-11939:
https://github.com/facebook/fbthrift/commit/483ed864d69f307e9e3b9dadec048216100c0757
Cheers,
Moritz
Source: thrift
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2020-13949:
https://seclists.org/oss-sec/2021/q1/140
There's no real information what fixed this and it seems invasive, so
probably safest to only pull this after the end of the freeze?
Cheers,
Mori
Source: golang-github-nats-io-jwt
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
https://advisories.nats.io/CVE/CVE-2020-26892.txt
https://advisories.nats.io/CVE/CVE-2020-26521.txt
Cheers,
Moritz
Package: cdebconf-gtk-udeb
Version: 0.258
Severity: important
X-Debbugs-Cc: Simon McVittie
Hi,
The 0.258 update is *very* important for us since it makes extra sure
(together with libgtk2.0-0-udeb 2.24.33-2) we don't run into relayout
loops meaning hangs from a user point of view.
Yes, it comes
Control: tags -1 important
Control: retitle -1 balsa autopkgtest fails with xdg-desktop-portal-gtk
Hi
On 21-05-2021 21:43, Alberto Garcia wrote:
> In any case I would definitely reduce the severity of the bug, I just
> didn't want to do it on behalf of the original reporter :)
Oh, with the curre
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: car...@debian.org,iwama...@debian.org
Hi Release team,
Please unblock package lz4
The maintainer of lz4 (X-Debbugs-CC'ed) fixed in unstable the
CVE-2021-3520 issue, tracked a
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package cool-retro-term
Unregister the alternative on package removal.
unblock cool-retro-term/1.1.1+git20200723-2.1
diff -Nru cool-retro-term-1.1.1+git20200723/debian/chang
Package: dino-im
Version: 0.2.0+git20210515.686035c-1
Severity: normal
X-Debbugs-Cc: b...@dismail.de
Dear Maintainer,
in order to enable video calls in dino-im (experimental), I noticed that
gstreamer1.0-gtk3 seems
to be a dependency. Only after installing that package, the video call button
is
Hello,
This bug is still valid in unstable. However, the patch provided
previously no longer applies for the issue.
I filed a MR in salsa [1] and forwarded the patch upstream [2].
[1] https://salsa.debian.org/dns-team/bind9/-/merge_requests/16
[2] https://gitlab.isc.org/isc-projects/bind9/-/iss
On Fri, May 21, 2021 at 3:30 PM Moritz Muehlenhoff wrote:
> Package: golang-github-containers-image
> Severity: important
> Tags: security
> X-Debbugs-Cc: Debian Security Team
>
> This was assigned CVE-2021-20291:
>
> https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d69
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package adios
Remove obsolete alternatives on upgrades from buster.
unblock adios/1.13.1-28.2
diff -Nru adios-1.13.1/debian/changelog adios-1.13.1/debian/changelog
--- adios
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package waitress
Fix removal of obsolete alternatives on upgrades from buster.
unblock waitress/1.4.4-1.1
diff -Nru waitress-1.4.4/debian/changelog waitress-1.4.4/debian/cha
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package ukui-session-manager
Clean up obsolete alternatives on upgrades from buster.
unblock ukui-session-manager/3.0.2-1.1
diff -Nru ukui-session-manager-3.0.2/debian/chang
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Michael Banck
Please unblock package pydantic
pydantic (1.7.4-1) unstable; urgency=medium
* Team upload.
* New upstream point release.
- Fixes CVE-2021-29510: Date a
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package python-linux-procfs
Remove obsolete alternatives on upgrades from buster.
unblock python-linux-procfs/0.6.3-1.1
diff -Nru python-linux-procfs-0.6.3/debian/changelog
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package python-schedutils
Clean up obsolete alternatives on upgrades form buster.
unblock python-schedutils/0.6-2.1
diff -Nru python-schedutils-0.6/debian/changelog
python-
Hello Andreas,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
From the attached log (scroll to the bottom...):
0m39.1s ERROR: FAIL: Broken symlinks:
/usr/share/doc/fpart/README -> README.md (fpart)
Thanks a lot for your report!
Debian is currentl
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Gergely Pilisi
Please unblock package eclipse-titan
eclipse-titan (7.2.0-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Re-instate the --no-parallel option, fi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Colin Watson
Please unblock package python-libnacl
python-libnacl (1.7.2-3) unstable; urgency=medium
* Team upload.
* Patch: Fix crypto_kdf_derive_from_key() on 32-bit p
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: r...@debian.org
[ Reason ]
Disables the ESC G Q escape sequence, which could cause the command '0'
to be executed. This addresses:
https://security-tracker.debian.org
Package: upgrade-reports
Severity: normal
X-Debbugs-Cc: vagr...@debian.org
On numerous systems I have upgraded recently, the process of:
apt upgrade --without-new-pkgs
apt full-upgrade
Results in at least one package (guile-2.2-libs, zile, sometimes others)
in an un-upgraded state.
Running
1 - 100 of 136 matches
Mail list logo
