Source: matrix-synapse
Version: 1.116.0-4
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerabilities were published for matrix-synapse.
CVE-2024-52805[0]:
| Synapse is an open-source Matrix ho
Hi Benjamin,
On Wed, Nov 27, 2024 at 04:06:34PM +0100, Salvatore Bonaccorso wrote:
> Hi
>
> On Fri, Nov 22, 2024 at 01:46:17AM +0100, Benjamin Drung wrote:
> > On Thu, 2024-11-21 at 22:03 +0100, Salvatore Bonaccorso wrote:
> > > Control: tags -1 + moreinfo
> > >
> > > Hi Benjamin,
> > >
> > > O
Hi Sascha,
Thanks for contacting me, and sorry for my late reply. I'm working on a
new upstream release, but still use fusepy. I understand your point, and
I will remove the python3-fusepy Recommends.
Thanks!
Cheer,
Emmanuel
signature.asc
Description: PGP signature
Hi,
Quoting Johannes Schauer Marin Rodrigues (2024-12-01 21:39:59)
> > That's a funky issue. Thank's for not giving and reporting it instead. It
> > can actually be reproduced in a quite simplified setting. What you need is
> > an unstable installation with sbuild and a bookworm chroot. Then go
>
Package: iptables
Version: 1.8.11-1
Severity: normal
Dear Maintainer,
up to iptables 1.8.10-4+b1 rules concerning protocol igmp used to be
listed by iptables -S like this one
-A EXT_INPUT_CHAIN -p igmp -j POST_INPUT_DROP_CHAIN
Since iptables 1.8.11-1 the string 'igmp' has been substitute
On Wed, 24 Jul 2024 14:45:13 +0200 Matthias Geiger wrote:
Source: rust-axum
Version: 0.6.20-30
Severity: normal
X-Debbugs-Cc: werdah...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I intent to update the whole tungstenite stack to the latest upstream
release. This would see tokio
Package: gcc-riscv64-unknown-elf
Version: 14.2.0-8+16
It looks like adding -mxgot to the mips64el build flags (as suggested by
Nicolas Schodet) has resolve the build issue on that arch, letting me
reset this package to Architecture: Any. That means there's no need to
remove this package from the
Control: tags -1 + wontfix
I'd like to keep nomacs in unstable. I think there's still hope for the
package. Many of the RC bugs would be fixed simply with an update to the
latest upstream, see #1076763.
It's something I've personally been working on, but got distracted by an
upstream issue:
http
Source: cups-filters
Version: 1.28.17-5
Severity: normal
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi Thorsten,
The following vulnerability was published for cups-filters.
No direct action needed, it's more to get a cross reference in BTS
about the issue, it
On Tue, Dec 3, 2024 at 4:48 PM Rebecca N. Palmer
wrote:
> This applies the above upstream patch to Debian brasero; it builds, but
> that's all the testing it's had.
>
> https://salsa.debian.org/rnpalmer-guest/brasero
>
> (Not a real merge request because the above repository was created with
> 'gi
On Tue, Dec 3, 2024 at 3:12 PM Rebecca N. Palmer
wrote:
> Control: forwarded -1 https://gitlab.gnome.org/GNOME/gdl/-/issues/9
> (actually Gentoo reporting the same bug, but they don't have a fix either)
>
> Upstream are considering archiving this project, which suggests but does
> not prove that r
Control: tags -1 fixed-upstream patch
Upstream fix:
https://gitlab.gnome.org/GNOME/brasero/-/merge_requests/30/diffs
What looks like the actual error is further back than the above log shows:
brasero-metadata.c:668:45: error: passing argument 1 of
'gst_install_plugins_async' from incompatible
Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org, Debian Python Team
Owner: Roland Mas
Severity: wishlist
* Package name: python-ewokscore
Version : 0.15.0
Upstream Contact: Wout De Nolf
* URL : https://gitlab.esrf.fr/workflow/ewoks/ewokscore
* License
dh_install: error: missing files, aborting
Hi. I think the reason this package fails to build for me with
such weird error is that there is a "|| true" in line 66 of debian/rules.
That's against Debian Policy 4.6, "Error trapping in makefiles":
https://www.debian.org/doc/debian-policy/ch-sourc
Control: forwarded -1 https://gitlab.gnome.org/GNOME/gdl/-/issues/9
(actually Gentoo reporting the same bug, but they don't have a fix either)
Upstream are considering archiving this project, which suggests but does
not prove that removing it from Debian might be reasonable if we can't
fix this
On Tue, Dec 03, 2024 at 08:22:49PM +0100, Michael Biebl wrote:
>
> Just to clarify: The failing test uses -r 1, not 0:
>
> fs_ext2.c#383,extfs_mkfs(): command [mke2fs -q -F -b 1024 -L 'Test' -U
> 31ec6c69-80a1-4ed6-9642-f2b78f798bff -I 256 -r 1 -O
> has_journal,ext_attr,resize_inode,dir_i
Hello,
I found the patch that fixes it: it is
d20c6601664624116f3dc43f21c7ec4a186cf8d3 in the GIT repository. The
patch itself is this:
diff --git a/libsoup/server/http1/soup-server-message-io-http1.c
b/libsoup/server/http1/soup-server-message-io-http1.c
index 90139f2b..3803cabc 100644
---
Hello,
I found the patch that fixes it: it is the commit
d20c6601664624116f3dc43f21c7ec4a186cf8d3 . The patch itself is this:
diff --git a/libsoup/server/http1/soup-server-message-io-http1.c
b/libsoup/server/http1/soup-server-message-io-http1.c
index 90139f2b..3803cabc 100644
--- a/libsoup/s
Dear Marcel,
Did you see the question from Mattia about eatmydata? We are unable to
reproduce your problem, and thus am curious how it could happen.
--
Happy hacking
Petter Reinholdtsen
Hi Jörg,
thanks for your vigilance. The fix is on its way.
signature.asc
Description: PGP signature
Control: tags -1 + patch
[Klee Dienes]
> You make a good point about ELIBACC not being in the list of errors
> from open(). But then again, neither is EFAULT.
Good point. In that case, I guess it do not make much difference
which non-standard fault is returned, and ELIBACC is just as good as
EF
Package: network-manager-pptp
Version: 1.2.12-1
Severity: normal
X-Debbugs-Cc: s...@debian.org
Hi,
I have a PPTP VPN configured in N-M.
If I activate it from nm-applet, I get asked for the keyring password,
then the connection is established.
If I activate it from nmcli ("nmcli connection up VP
Control: reassign -1 arno-iptables-firewall
On 2024-12-04, at 00:03:21 +0100, Sven Geuer wrote:
> Package: iptables
> Version: 1.8.11-1
> Severity: normal
>
> Dear Maintainer,
>
> up to iptables 1.8.10-4+b1 rules concerning protocol igmp used to be
> listed by iptables -S like this one
>
>
Hello,
Frank Dietrich, le dim. 01 déc. 2024 17:07:28 +0100, a ecrit:
> sorry for the long delay.
No problem, better some reply after some time rather than none :)
> Samuel Thibault wrote:
> >Do you have the brltty package installed?
>
> It was not. After installing the package brltty it seems
Bastian Blank wrote:
Interestingly, the later binnmu does not contain this file at all.
Note that the error I reported happened while building "python-escript-doc",
which is binary-indep. So, just because we can see successful binary-arch
builds in buildd.debian.org for version 5.6-9+b1 three d
Source: kmymoney
Version: 5.1.3-1
Severity: important
X-Debbugs-Cc: delta...@debian.org
Dear Maintainer,
your package currently build-depends on libkf5akonadi-dev and
libkf5identitymanagement-dev. Those packages will cease to exist
and will be replaced by libakonadi-dev and libkidentitymanagement
Am 03.12.24 um 16:51 schrieb Theodore Ts'o:
On Tue, Dec 03, 2024 at 04:23:39PM +0100, Michael Biebl wrote:
B) Revert e2fsprogs's change to address bug 1086603 and not worry about
leaving an exposed, sharp edge to careless users.
Personally I would prefer B, all the other options don't sou
Hello,
FYI I reported this problem on OFTC #virt and was advised to post
a patch to remove the check, which I did (see below). Also
attached in case my webmail mangles it.
Regards,
Leigh.
Original Message
Subject: [libvirt PATCH] lxc: remove no longer working netns check
Date
This appears to have been fixed (presumably by upstream): gcc-14 is now
the default and this package builds successfully. I suggest closing
this bug.
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/gnome-font-viewer.html
Package: libsoup-3.0-0
Version: 3.2.2-2
Severity: important
X-Debbugs-Cc: sergio.cos...@canonical.com
Dear maintainer,
first of all, this bug has been fixed in libsoup 3.3 and later.
I wrote a little http server in C with libsoup and a client in
python using requests. The client periodically ask
On Sun, Dec 01, 2024 at 01:58:49PM +, Helge Kreutzmann wrote:
> Hello Dann,
> hello Thadeu,
> I intend to NMU kdump-tools early January 2025 to fix longstanding l10n
> bugs[1]. The changelog would be something like the following:
>
> kdump-tools (1:1.10.5+nmu1) unstable; urgency=medium
>
>
Control: tags -1 moreinfo
Control: severity -1 minor
Thanks
Package: sbuild
Version: 0.86.0
Severity: important
Hi!
Starting with version 0.86.0, sbuild using the unshare backend does not
build gcc packages successfully, at least on arm64 and amd64. The
version immediately before that, 0.85.11, works. Similar failures have
been seen on other architectures
Hello Dann,
Am Tue, Dec 03, 2024 at 05:29:58PM -0700 schrieb dann frazier:
> On Sun, Dec 01, 2024 at 01:58:49PM +, Helge Kreutzmann wrote:
> > Hello Dann,
> > hello Thadeu,
> > I intend to NMU kdump-tools early January 2025 to fix longstanding l10n
> > bugs[1]. The changelog would be something
Package: bzip2
Version: 1.0.8-6
Severity: minor
Tags: patch
* What led up to the situation?
Checking for defects with
test-[g|n]roff -mandoc -t -K utf8 -rF0 -rHY=0 -ww -b -z < "man page"
[Use "groff -e ' $' " to find trailing spaces.]
["test-groff" is a script in the repository for
After an intuition, it seems the problem is much more noticeable if a
background image is set in terminator settings.
Without a background image, the memory is still leaking though, i.e. not
freed when closing the tab/split, but each empty tab/split adds up much
less memory (I'd say about 2 orde
Package: wnpp
Followup-For: Bug #1011133
Hi,
Here is a first attempt to package it:
https://salsa.debian.org/Peutch-guest/raylib
Some remarks:
- more work is needed for the d/copyright,
- the upstream examples have been excluded because they are not build and also
because of the previous point,
Package: python-multipart
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for python-multipart.
CVE-2024-53981[0]:
| python-multipart is a streaming multipart parser for Python. When
| parsing form data, python-mu
Source: python-xarray
Version: 2024.11.0-1
Severity: important
Tags: patch
Dear Maintainer,
The numba-doc build dependency prevents testing migration as numba is RC buggy,
see:
https://qa.debian.org/excuses.php?package=python-xarray
The attached patch resolves the issue by dropping the build
Source: kraft
Version: 1.2.2-1
Severity: important
X-Debbugs-Cc: delta...@debian.org
Dear Maintainer,
your package currently build-depends on libkf5akonadi-dev and
libkf5akonadicontact-dev. Those packages will cease to exist
and will be replaced by libakonadi-dev and libakonadicontact-dev.
The ol
Source: sus
Version: 7.20180621
Severity: wishlist
Hey.
Would be nice if the new POSIX.1-2024 (that is also: Open Group Base
Specifications Issue 8) could be packaged, for which downloads are
available since today:
https://pubs.opengroup.org/onlinepubs/9799919799/download/
I'm however not sure
Package: terminator
Version: 2.1.4-3
it looks like terminator's memory usage always grows and never shrinks:
- start terminator
- run within terminator `ps -xo pid,%mem,cmd | grep $PPID | head -1`,
example:
186384 0.8 /usr/bin/python3 /usr/bin/terminator
- start a dozen tabs (ctrl-shift
Hi Keith,
Quoting Keith Packard (2024-12-03 21:30:43)
> It looks like adding -mxgot to the mips64el build flags (as suggested by
> Nicolas Schodet) has resolve the build issue on that arch, letting me reset
> this package to Architecture: Any. That means there's no need to remove this
> package fr
This applies the above upstream patch to Debian brasero; it builds, but
that's all the testing it's had.
https://salsa.debian.org/rnpalmer-guest/brasero
(Not a real merge request because the above repository was created with
'git push' and hence isn't officially a fork.)
Package: wnpp
Severity: wishlist
Owner: Mike Gabriel
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: lomiri-teleports-app
Version : 1.20
Upstream Contact: Flo Lee
* URL : https://gitlab.com/ubports/development/apps/teleports
* License : Expat (and
On Di 03 Dez 2024 18:02:09 CET, Boyuan Yang wrote:
Hi,
在 2024-12-03二的 15:03 +,Mike Gabriel写道:
Hi Boyuan, hi all,
Boyuan, you have done the previous uploads of sqlcipher in Debian and
not just fixed problems but also update the package to latest upstream.
I have an interest in sqlcipher
Control: tags -1 + unreproducible
# tree /media
/media
└── MyBook
└── Hostshare
└── GIFS
├── GIFLINKS
│ └── achtagDu6Blo -> ../IJa7b9jy.gif
└── IJa7b9jy.gif
5 directories, 2 files
# chase achtagDu6Blo
/media/MyBook/Hostshare/GIFS/IJa7b9jy.gif
# t
On Tue, 03 Dec 2024 07:57:02 + nsch...@oblivion-software.de wrote:
> Package: sponsorship-requests Severity: normal Dear mentors, I am
> looking for a sponsor for my package "ffmpegfs": * Package name
> : ffmpegfs Version : 2.17-1~bpo12+1 Upstream contact :
> Norber
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: listad...@packages.debian.org
Control: affects -1 + src:listadmin
User: ftp.debian@packages.debian.org
Usertags: remove
Listadmin was a great tool, but the Mailman 2→3 transition was basically a
rewrite, and it is no longer possible to use
Control: severity -1 serious
On Fri, Nov 22, 2024 at 03:06:37PM +0100, J. Fernando LAGRANGE wrote:
> Tests are now passing: it seems to me that this bug can be closed.
> I sent a message to change severity to important for now.
>
> Please feel free to point me to any further action I can take so
Package: wnpp
Severity: normal
X-Debbugs-Cc: be...@packages.debian.org, debian-pyt...@lists.debian.org,
r...@debian.org
Control: affects -1 + src:beets
I request an adopter for the beets package. It's in the Debian Python
Team. I'm not really a user of it any more, somebody who cares about it
wil
Hi,
Quoting Matthias Klose (2024-12-03 18:33:14)
> > This is because cross-building in unstable from amd64 (build) to arm64
> > (host) is broken right now. The autopkgtest will pass once that is fixed
> > in the relevant packages.
> >
> > Feel free to reassign this bug to the actual culprit,
Source: dde-qt5integration
Severity: normal
We are working on libqtxdg transition, which the package depends on.
Please help to update to build against new libqtxdg.
https://bugs.debian.org/106
https://release.debian.org/transitions/html/auto-libqtxdg.html
-- System Information:
Debian Rel
Source: ukui-panel
Severity: normal
We are working on libqtxdg transition, which the package depends on.
Please help to update to build against new libqtxdg.
https://bugs.debian.org/106
https://release.debian.org/transitions/html/auto-libqtxdg.html
-- System Information:
Debian Release: tr
Source: ukui-sidebar
Severity: normal
We are working on libqtxdg transition, which the package depends on.
Please help to update to build against new libqtxdg.
https://bugs.debian.org/106
https://release.debian.org/transitions/html/auto-libqtxdg.html
-- System Information:
Debian Release:
Package: gnome-core
Version: 1:47+4
Severity: wishlist
X-Debbugs-Cc: m...@eipi.fun
Dear Maintainer,
I found that many people complain about non gnome-core packages installed by
metapackage gnome.
I think, maybe we could add a gnome-non-core metapackage, thus people could
remove
less important c
Package: sddm
Version: 0.19.0-5
Severity: normal
Tags: patch
X-Debbugs-Cc: adrela...@kicksecure.com, arraybo...@gmail.com
NOTICE: This bug only affects Bookworm to my awareness. This bug is
present in SDDM 0.19.0 upstream, and does not exist in SDDM 0.20.0
upstream from my testing, and both Trixie
Package: texlive-extra-utils
Version: 2024.20241115-1
Severity: minor
Tags: patch
* What led up to the situation?
Checking for defects with
test-[g|n]roff -mandoc -t -K utf8 -rF0 -rHY=0 -ww -b -z < "man page"
[Use "groff -e ' $' " to find trailing spaces.]
["test-groff" is a script
I think the core of the reason why this works for the build and for
autopkgtest is that they are using the chroot that has been pre-generated,
which points to unstable. Because piuparts creates a temporary chroot, it
behaves differently.
It seems the solution is one of the following:
1. Add
Package: wnpp
Severity: wishlist
Owner: Josenilson Ferreira da Silva
X-Debbugs-Cc: debian-de...@lists.debian.org, nilsonfsi...@hotmail.com
* Package name: python-proton-keyring-linux
Version : 0.2.0
Upstream Contact: Proton AG
* URL : https://github.com/ProtonVPN/pyth
Package: python3-alsaaudio
Version: 0.10.0-0.1
Severity: wishlist
pyalsaaudio 0.11.0 has been available for a while.
Not *obviously* known upstream. Some type mismatches (like this one),
some shape mismatches that suggest different handling of duplicates in
indexes.
(There's also two other apparently unrelated issues that can make pandas
FTBFS: test_spss_metadata, and parso not supporting python 3.13.)
I
Package: wnpp
Severity: wishlist
* Package name: lib-healpix-c++
Version : 3.83_2024Nov13 is the current version
Upstream Contact: https://sourceforge.net/u/hivon,
https://sourceforge.net/u/reinecke, https://sourceforge.net/u/ejoliet,
https://sourceforge.net/u/womulane or https:/
Source: itinerary
Severity: important
X-Debbugs-Cc: delta...@debian.org
Dear Maintainer,
your package build-depends on KDE PIM 22.12. We will soon upload
KDE PIM 24.08/24.12 to unstable which will make your package fail
to build.
However, a version of your package compatible with KDE PIM 24.08/2
Source: kgpg
Severity: important
X-Debbugs-Cc: delta...@debian.org
Dear Maintainer,
your package build-depends on KDE PIM 22.12. We will soon upload
KDE PIM 24.08/24.12 to unstable which will make your package fail
to build.
However, a version of your package compatible with KDE PIM 24.08/24.12
Source: kio-gdrive
Severity: important
X-Debbugs-Cc: delta...@debian.org
Dear Maintainer,
your package build-depends on KDE PIM 22.12. We will soon upload
KDE PIM 24.08/24.12 to unstable which will make your package fail
to build.
However, a version of your package compatible with KDE PIM 24.08/
Upstream is archived, and do not appear to be aware of this bug.
The actual errors appear to be these 3:
caribou-gtk-module.c: In function 'caribou_gtk_module_callback':
caribou-gtk-module.c:599:24: error: assignment to 'CaribouKeyboard *'
{aka 'struct _CaribouKeyboard *'} from incompatible poi
Sorry, I wrote my earlier email without reading Bastian's first.
Thanks.
Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org, Debian Python Team
Owner: Roland Mas
Severity: wishlist
* Package name: python-papermill
Version : 2.6.0
Upstream Contact: "nteract contributors"
* URL : https://github.com/nteract/papermill
* License
Source: ceph
Version: 18.2.4+ds-10
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://tracker.ceph.com/issues/68836
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for ceph.
CVE-2024-48916[0]:
Authenti
Sergio[1] got access to the actual container that failed to run this
test, and we tried to troubleshoot it a bit. We were pressed for time,
and didn't get very far.
What we did/tried:
- reproduced the problem at will, in every single test run, interactively
- verified that the ldap setup was sound
Control: tags -1 + patch
The attached patch resolves the issue in (at least) the lxc autopkgtest
environment.
noah
>From da1b5c83e3d730c3f2aa63297bc9e994c0a9b237 Mon Sep 17 00:00:00 2001
From: Noah Meyerhans
Date: Tue, 3 Dec 2024 15:18:21 -0500
Subject: [PATCH] autopkgtest: set ping_group_range
101 - 172 of 172 matches
Mail list logo
