Source: node-http-server
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for node-http-server.
CVE-2021-23797[0]:
| All versions of package http-server-node are vulnerable to Directory
| Traversal via use of --path-as-is.
h
Hi,
ping? Please do merge the upstream fix.
Thanks,
//mirabilos
Source: devscripts
Version: 2.23.1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/fetch.php?pkg=devscripts&arch=s390x&ver=2.23.1&stamp=1676400700&raw=0
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/devscripts.html
...
==
One thing I do not understand is why is this needed on both Qt 5 and Qt 6?
What I understand from the thread is that currently any of them can provide
the dictionaries, so why not keeping this under just one source package?
signature.asc
Description: This is a digitally signed message part.
Source: silver-platter
Version: 0.5.6-1
Severity: serious
https://ci.debian.net/data/autopkgtest/testing/amd64/s/silver-platter/31340548/log.gz
...
==
ERROR: tests (unittest.loader._FailedTest.tests)
-
Package: src:linux
Version: 6.1.8-1
Severity: normal
Dear Maintainer,
I noticed a slow and unstable wifi connection with
Realtek Semiconductor Corp. RTL8188EUS 802.11n Wireless Network Adapter
(usb id 0bda:8179).
Web browsers could not open websites. Mail client thunderbird had
problems to rea
Source: libhttp-daemon-ssl-perl
Version: 1.05-01-4
Severity: serious
https://ci.debian.net/data/autopkgtest/testing/amd64/libh/libhttp-daemon-ssl-perl/31328850/log.gz
...
t/testmodule.t ..
1..14
ok #authority certificate generated 1
ok #server certificate generated 2
ok #authority certificate sa
Source: rust-criterion
Version: 0.4.0-2
Severity: serious
https://ci.debian.net/data/autopkgtest/testing/amd64/r/rust-criterion/31329906/log.gz
...
error[E0004]: non-exhaustive patterns: `Some(BytesDecimal(_))` not covered
--> src/csv_report.rs:36:55
|
36 | let (throughput_num, throu
Package: ruby-oj
Version: 3.14.1-3
Severity: serious
Tags: ftbfs
Control: affects -1 src:ruby-oj-introspect
https://buildd.debian.org/status/fetch.php?pkg=ruby-oj-introspect&arch=armhf&ver=0.7.1-3&stamp=1676220273&raw=0
...
In file included from /usr/include/ruby-3.1.0/vendor_ruby/oj/parser.h:10,
Package: accountsservice
Version: 22.08.8-5
Severity: critical
Justification: breaks the whole system
X-Debbugs-Cc: jami...@helixinnovations.io
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I set shadowconfig to
Source: redmine
Version: 5.0.4-3
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=redmine&arch=all
...
PARALLEL_WORKERS=2 bin/rake test RAILS_ENV=test
sh: 1: gs: not found
(GhostScript convert not available)
Bazaar test repository NOT FOUND. Skipping functional tests !!
Am 14.02.23 um 20:20 schrieb Dominik S:
Yes, same error.
I added in the description this version because the error occurred on
it. Reportbug prompted me to try 253~rc1-1 and there is the same error.
Feb 14 20:12:43 amdpc (udev-worker)[545]: eeepc-wmi: Processing device
(SEQNUM=3309, ACTIO
Source: git
Version: 1:2.30.2-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 1:2.39.1-0.1
Hi,
The following vulnerabilities were published for git.
CVE-2023-22490[0] and CVE-2023-23946[1].
If you fix the vulnerabilities please
Hello.
This is what I did today. Maybe someone can follow my steps
and arrive at something.
I'm using this $HOME/.procmailrc file:
-
LOGFILE=$HOME/.cache/procmail.log
VERBOSE=yes
:0 h
SUBJECT=|formail -cXSubject:|cat
MYVAR=$SUBJECT
:0
/dev/null
---
Hi Adrian,
On 14-02-2023 14:25, Adrian Bunk wrote:
This will require a hint from the release team I have not yet requested,
since installability of binary-all packages is tested on amd64 and arm64
but there is no requirement that a binary-all package is installable on
arm64 and several are not.[
On Tue, Feb 14, 2023 at 05:50:12PM +0100, Santiago Ruano Rincón wrote:
> Hello Glenn,
>
> El 12/02/23 a las 08:54, Glenn Strauss escribió:
> > > Since you are listed in Uploaders:, this shouldn't be a NMU. I don't
> > > understand why lintian doesn't complain about this in this job:
> > > https://
I am uploading a NMU to DELAYED/10 to fix this.
The debdiff is attached.diff -u netselect-0.3.ds1/debian/README.source
netselect-0.3.ds1/debian/README.source
--- netselect-0.3.ds1/debian/README.source
+++ netselect-0.3.ds1/debian/README.source
@@ -1,12 +1,6 @@
Netselect's sources in Debian hav
On 09/07/2022 19.53, root wrote:
Nvidia driver 470.129.06 does not support RTX-3050 videocard, however
nvidia-detect says the opposite.
Does it work with the newer 470 driver in stable (or the tesla-470
driver in sid/bookworm?)
Andreas
Package: stunnel4
Version: 3:5.56+dfsg-10
Severity: important
X-Debbugs-Cc: oron.pe...@harmonicinc.com
Dear Maintainer,
* This problem is relevant when starting an "stunnel4" instance from systemd
E.g: "systemct start stunnel@foobar.service"
* The service fails with the following erro
Source: libdisasm
Version: 0.23-6
Vcs-Cvs and Vcs-Browser point to the upstream CVS. They have to point to the
packaging CVS.
So please drop them.
Source: oinkmaster
Version: 2.0-4.1
Vcs-Cvs and Vcs-Browser point to the upstream CVS. They have to point to the
packaging CVS.
So please drop them.
Samuel Thibault, le mar. 14 févr. 2023 18:10:11 +0100, a ecrit:
> E: Unable to locate package sound-modules-6.1.0-4-arm64-di
> E: Unable to locate package speakup-modules-6.1.0-4-arm64-di
>
> and indeed, it seems these modules are getting built only for amd64,
> 686, mips, sh4.
>
> Could we consi
Control: tags -1 moreinfo
On 2023-02-13 10:32:12 +0100, Chris Hofstaedtler wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package util-linux, to fix a bug in logger(1).
>
> [ Reason ]
> Bug #1030285 re
Control: tag -1 moreinfo - patch
On Mon, 13 Feb 2023, none wrote:
> In this patch I've included a fix for this problem, which includes a
> new option for the /etc/default config. By default it is commented out
> so that the behaviour doesn't change.
>
> This introduces the -Y command line flag fo
Hello,
Jumping in because this bug is causing autoremoval of a reverse
depency in my radar. The test failure below did not appear when
I ran the build time tests a dozen of times in a row:
> > test_until_time (test_schedule.SchedulerTests.test_until_time) ... FAIL
> > test_weekday_at_todady
> >
Bumped severity as this makes bts currently unusable, and probably
breaks for quite a few DDs their workflow.
I made
https://salsa.debian.org/extrepo-team/extrepo-data/-/merge_requests/209 to
fix this.
Hi,
I uploaded systemd-cron_1.15.19-5 , without the file.
I'm not sure if the handover of this non-file
is done correctly, you can NMU if you know better.
[lament placeholder]
Alexandre
I'm bumping the bug severity because currently it will ignore
security-relevant settings like keysize and algo, and the defaults are
pretty weak.
To be explicit: on your side you'd need yet another upload with a
Conflicts: systemd-cron (<<1.15.19-5~)
(and/or a Breaks?)
Hi Simon.
>
> but if this package is unlikely to be backported, you can simplify that
> to just the new package:
>
> libgdk-pixbuf-2.0-dev
>
Updating the rust-gtk stack involves/affects +44 packages. My wip update for
gtk-rs 0.5 contains this fix:
https://salsa.debian.org/rust-team/debcargo-c
Source: ibus-tests
Version: 1.5.27-2
Severity: important
gnome-shell was never actually removed from unstable since mozjs102
was fixed, please revert the #1018871 change on armel.
I am uploading a NMU to DELAYED/10. The debdiff is attached.diff -Nru etoile-0+20080616+dfsg/debian/changelog
etoile-0+20080616+dfsg/debian/changelog
--- etoile-0+20080616+dfsg/debian/changelog 2023-02-14 22:44:04.0
+0100
+++ etoile-0+20080616+dfsg/debian/changelog 2023-02-14 22:
On Tue, Feb 14, 2023 at 07:35:51PM +0100, Daniel Leidert wrote:
>
> As soon as this version hits testing, you have successfully disabled
> the last working environment to use vmdb2 to create images of Ubuntu
> and Debian. As soon as this version hits Testing, one then can no
> longer build images
Package: libjpeg9
Version: 1:9d-1.1
Severity: grave
Justification: renders package unusable
Dear Maintainer,
/usr/lib/*/{libjpeg.so.9,libjpeg.so.9.4.0} are missing in the package, making
it completely unusable:
$ dpkg -L libjpeg9
/.
/usr
/usr/share
/usr/share/doc
/usr/share/doc/libjpeg9
/usr/sh
Package: depthcharge-tools-installer
Severity: wishlist
Tags: l10n patch
Dear Maintainer,
Please find attached the Dutch translation of depthcharge-tools-
installer debconf messages. A draft has been posted to the debian-l10n-
dutch mailing list allowing for review.
Please add it
X-Debbugs-Cc: ya...@gnu.org
On Tue, 15 Mar 2022 08:52:01 +0100 Lucas Nussbaum wrote:
This package is among the few (1.9%) that still use source format 1.0 in
bookworm. Please upgrade it to source format 3.0, as (1) this format has many
advantages, as documented in https://wiki.debian.org/Proje
Package: depthcharge-tools-installer
Tags: l10n patch
Severity: wishlist
Hello,
Could you please update this Brazilian Portuguese translation?
Attached you will find the file pt_BR.po. It is UTF-8 encoded and
tested with msgfmt and podebconf-display-po.
Kind regards.
--
Paulo Henrique de Lim
X-Debbugs-Cc: ya...@gnu.org
On Tue, 15 Mar 2022 08:51:59 +0100 Lucas Nussbaum wrote:
This package is among the few (1.9%) that still use source format 1.0 in
bookworm. Please upgrade it to source format 3.0, as (1) this format has many
advantages, as documented in https://wiki.debian.org/Proje
Package: firebuild
Tags: l10n patch
Severity: wishlist
Hello,
Could you please update this Brazilian Portuguese translation?
Attached you will find the file pt_BR.po. It is UTF-8 encoded and
tested with msgfmt and podebconf-display-po.
Kind regards.
--
Paulo Henrique de Lima Santana (phls)
B
Package: partman-cros
Tags: l10n patch
Severity: wishlist
Hello,
Could you please update this Brazilian Portuguese translation?
Attached you will find the file pt_BR.po. It is UTF-8 encoded and
tested with msgfmt and podebconf-display-po.
Kind regards.
--
Paulo Henrique de Lima Santana (phls)
Which part do you not understand about not being needed on both Qt 5 and Qt 6?
The part about building the .bdic files or the part about Qt WebEngine using
the .bdic files at runtime?
On Tuesday, February 14, 2023 12:25:20 PM MST Lisandro Damián Nicanor Pérez
Meyer wrote:
> One thing I do not
Package: bugs.debian.org
Severity: normal
X-Debbugs-Cc: slow_sp...@att.net
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation? I turn on the multifunction printer with
scanner. I start a scanner program. I wait upwa
I am uploading a NMU to DELAYED/10. The debdiff is attached.diff -Nru wsgicors-0.4.1/debian/changelog wsgicors-0.4.1/debian/changelog
--- wsgicors-0.4.1/debian/changelog 2019-10-06 20:25:37.0 +0200
+++ wsgicors-0.4.1/debian/changelog 2023-02-14 23:33:55.0 +0100
@@ -1,3 +1,1
Source: qemu
Followup-For: Bug #1030545
> In the build logs for libguestfs, I see last successful builds were done
> on 5.10.0-20-s390x kernel, and on 5.10.0-21-s390x, all builds fails.
> 5.10.0-21-s390x is the one running on zelenka too.
Sorry for what I now worry may have been distractions in m
Source: mruby
Version: 3.1.0-1
Severity: important
Tags: patch
The patch below fixes the FTBFS on i386 (and perhaps also on m68k).
The change in 3.1.0-2 is not necessary.
--- debian/rules.old2023-02-14 22:24:06.359165557 +
+++ debian/rules2023-02-14 22:25:04.935110237 +
@@ -1
Package: crowdsec
Version: 1.4.2-1
Severity: normal
Hi,
A bunch of extra packages were needed to be able to upload 1.4.2, but
that's done now. It would be best to catch up with the latest release
from the 1.4.x upstream series (if feasible) before bookworm freezes
deeper.
At the moment, v1.4.6 i
Package: crowdsec
Version: 1.4.2-1
Severity: normal
Hi,
Seen while testing 1.4.2 while 1.4.6 is available upstream:
Crowdsec is not the latest version. Current version is '1.4.2' and the
latest stable version is 'v1.4.6'. Please update it!
We're in touch with upstream and they will support
I am uploading a NMU to DELAYED/10 to fix this. The debdiff is attached.diff -Nru joe-4.6/debian/changelog joe-4.6/debian/changelog
--- joe-4.6/debian/changelog2018-02-17 21:10:49.0 +0100
+++ joe-4.6/debian/changelog2023-02-14 23:52:07.0 +0100
@@ -1,3 +1,10 @@
+joe (4.6-1.1
Package: crowdsec
Version: 1.4.2-1
Severity: important
Hi,
The crowdsec binary package comes with a copy of hub files (“offline
hub”) so that it's immediately useful. It's also possible to switch
to using the “online hub” by running:
cscli hub update
With 1.4.2-1, an error is returned:
Package: release.debian.org
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
A week ago, Theodore Ts'o uploaded e2fsprogs 1.47.0 into Debian unstable. This
version contains a unannounced change that basically breaks grub2 (and
grub-install). This issue has been reported as #10309
Package: crowdsec
Version: 1.4.2-1
Severity: important
Hi,
Seen during upgrade tests, starting at 1.0.9-*: there's an important
delay (~ 1 minute) during the upgrade, with no apparent activity.
According to crowdsec.log, we're waiting for the existing process to
shut down following the SIGTERM:
Control: found -1 1.4.2-1
Cyril Brulebois (2021-06-23):
> I'm in touch with upstream, and various things should get improved in
> their next major release regarding “configuration management” in a broad
> sense (including the way assets are handled). The initial packaging was
> an opportunity to
Am Dienstag, dem 14.02.2023 um 16:53 -0500 schrieb Theodore Ts'o:
[snip]
Your arrogant and ignorant attitude is frustrating, to say the least.
You don't care about the mess you create, for a feature, that probably
only a handful of people will ever need (I did a quick search and
didn't find anyth
Package: git-buildpackage
X-Debbugs-Cc: samuel...@debian.org
Version: 0.9.30
Severity: normal
Tags: patch
As stated in the title, the changelog header has the wrong format.
Specfile documentation:
https://rpm-packaging-guide.github.io/#working-with-spec-files
...
Follow this format for the first
Am 14.02.2023 um 13:41 teilte Hilmar Preuße mit:
Am 14.02.2023 um 13:29 teilte Jele, Harald mit:
Hi Harald,
removing the fonts-ebgaramond seems not to be a good idea:
apt remove fonts-ebgaramond
would remove almost the whole texlive installation because of it's
dependencies.
Could you never
Package: crowdsec
Version: 1.4.2-1
Severity: normal
Hi,
This was spotted during the final stages of 1.4.2-* preparations but it
seemed not important enough to delay an upload:
E: golang-github-crowdsecurity-crowdsec-dev: symlink-target-in-build-tree
/build/crowdsec-1.4.2/_build/src/github.c
On 2/11/23 1:58 PM, Peter B wrote:
"Just tested font changing for qt6ct itself and qtcreator, and fonts
are changing just fine,
so I can't reproduce this problem.
However, I'm using Xfce, so maybe this is a Gnome issue?
Fonts do take a little while to change though.
Is qt5ct w
Package: unixodbc-dev
Version: 2.3.11
Severity: important
X-Debbugs-Cc: michael.ship...@charter.com
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I maintain a custom perl build at the cuompany I work
There is more about this in the referenced bugs, but I dispute
Daniel's characterization of the issue.
I will draw the analogy of building a program which links against
glibc for Bookworm resulting in a binary that will not run on Buster.
We expect that, and we tell people to use build chroots. T
Followup-For: Bug #1030298
minimized reproducer (needs only python3-pyopencl):
=
import math
import numpy as np
import pyopencl.array as cl_array
import pyopencl as cl
import pyopencl.clmath as clmath
context = cl.Context()
queue = cl.CommandQueue(context)
for s in [10]:
a = cl_array.a
So,
It looks like the bug is in the Microsoft odbc package not the Debian odbc
package.
Please close this ticket.
I apologize for any inconvenience.
E-MAIL CONFIDENTIALITY NOTICE:
The contents of this e-mail message and any attachments are intended solely for
the addressee(s) and may contain c
Huh,
So it looks like this is a problem with the Microsoft Debian package, not with
the package provided by Debian.
Please disregard my previous email.
-Original Message-
From: Michael Shipper
Sent: Tuesday, February 14, 2023 7:07 PM
To: Debian Bug Tracking System
Subject: [EXTERNAL]
Package: wnpp
Owner: Mason James
Severity: wishlist
X-Debbugs-CC: debian-de...@lists.debian.org, debian-p...@lists.debian.org
* Package name: libtemplate-plugin-htmltotext-perl
Version : 0.03
Upstream Author : Fayland Lam
* URL : https://metacpan.org/release/Template-
This 'fix' unnecessarily broke the dependency of my VIM 7.4 packages, which
aren't affected by this bug.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: lib...@packages.debian.org
Control: affects -1 + src:librnd
This is a fairly trivial transition due to upstream rolling to a new ABI
version. I originally uploaded this st
Control: tags -1 + moreinfo
Hi Christoph,
On Sun, Feb 12, 2023 at 11:28:52PM +0100, Christoph Anton Mitterer wrote:
> Source: linux
> Version: 6.1.11-1
> Severity: normal
>
>
> Hey.
>
> Over the year this has unfortunately happened numerous times, either by
> changes
> in the Xorg driver, or
Package: golang-docker-credential-helpers
Version: 0.6.4+ds1-1+b4
Severity: wishlist
Tags: patch
Dear Maintainer,
The golang-docker-credential-helpers binary package contains two entirely
separate credential helpers.
docker-credential-pass requires the pass tool to work, and
docker-credential-se
Am 15.02.2023 um 00:22 teilte Hilmar Preuße mit:
Hi Harald,
I'm building new packages, which do not depend on fonts-ebgaramond: the
fonts in there are not part of TL any more, so the dep is obsolete. I'll
hand them over for testing ASAP.
Here is the link: https://freeshell.de/~hille42/TL_2023
Hi Steffen,
On Fri, 30 Sep 2022 23:50:47 +0200 Steffen Moeller
wrote:
Subject: ITP: parallel-hashmap --
Package: wnpp
Owner: Steffen Moeller
Severity: wishlist
I found your ITP and initial packaging for parallel-hashmap. I need this
library to package pytorch-sparse (#1031265). Is it OK i
Control: tags -1 confirmed
Good Morning,
Étienne Mollier, on 2023-02-14:
> However, looking at the nature of the test, and the hour at
> which it ran (build log starts at 03:05:50 +), I'm under the
> impression that the build time test failure could occur every
> day in a window between 0:00
Control: tags -1 moreinfo trixie
On 2023-02-14 22:54:12 -0700, Bdale Garbee wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: transition
> X-Debbugs-Cc: lib...@packages.debian.org
> Control: affects -1 + src:librnd
>
> This is a fai
code-Data-Files/releases/tag/microcode-20230214
Regards,
Salvatore
Package: lintian
Severity: wishlist
Dear maintainer,
At mentors.debian.net, we use the bpo version of lintian to run on
uploaded packages. But this 2.115.1 version report the latest
standards-version as unknown.
Could we please have a bpo build for 2.116.3?
Thanks,
--
Baptiste Beauplat - l
101 - 174 of 174 matches
Mail list logo
