Bug#732742: Acknowledgement (icedove: calendar fails with Components.classes[cid] is undefined (calUtils.js line 22))

Control: affects 732742 iceowl-extension hm, it looks like http://bugs.debian.org/732742 is is due to a version mismatch between icedove 24.1.1-1 and iceowl-extension 24.0-1 apparently these need to be more tightly tightly-coupled, version-wise: https://blog.mozilla.org/calendar/2013/10/ Upgr

Bug#726759: linux-tools-3.11: uninstallable on jessie/sid (Depends: libperl5.14 (>= 5.14.2) but it is not installable)

Package: linux-tools-3.11 Version: 3.11~rc4-1~exp1 Severity: normal 0 root@alice:~# apt-get install linux-tools-3.11 Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an imposs

Bug#726964: git-email: git-send-email(1) CONFIGURATION section does not mention sendemail.to or sendemail.tocmd

Package: git-email Version: 1:1.8.4~rc3-1 Severity: normal the CONFIGURATION section in the git-send-email(1) man page documents: * sendemail.aliasesfile * sendemail.aliasesfiletype * sendemail.multiedit * sendemail.confirm it does not mention: * sendemail.to * sendemail.tocmd it should

Bug#726971: gnutls-doc: many of /usr/share/doc/gnutls-doc/examples/*.c #include "examples.h", which is not shipped

Package: gnutls-doc Version: 3.2.4-5 Severity: normal Tags: patch Dear Maintainer, trying to compile example code in /usr/share/doc/gnutls-doc/examples/*.c usually fails because many of those examples have: #include "examples.h" but there is no examples.h shipped. It is present in doc/example

Bug#726972: wireshark: dissected Server Key Exchange packet does not display DH parameters for TLS 1.2 streams with DHE

Package: wireshark Version: 1.10.2-2 Severity: normal I used wireshark to dissect packets coming from a range of TLS connections, all negotiating a DHE key exchange mechanism (e.g. TLS_DHE_RSA_WITH_AES_128_CBC_SHA) When the packets were TLS 1.2 packets, the server key exchange mechanism will p

Bug#651965: xserver-xorg-video-nouveau: corrupt glyphs and icons in gnome-shell on NV34 [GeForce FX 5200]

Hi Adrian-- On 10/20/2013 05:38 PM, John Paul Adrian Glaubitz wrote: >> I'm seeing corrupted text glyphs and icons in the latest gnome-shell >> (from either unstable or experimental). I believe it's a problem with >> the nouveau driver (maybe specific to this particular model of card?) > > I hav

Bug#651965: xserver-xorg-video-nouveau: corrupt glyphs and icons in gnome-shell on NV34 [GeForce FX 5200]

On 10/21/2013 03:12 PM, Sven Joachim wrote: > On 2013-10-21 08:21 +0200, Daniel Kahn Gillmor wrote: > >> On 10/20/2013 05:38 PM, John Paul Adrian Glaubitz wrote: >> >>> after upgrading to the Mesa >>> version in experimental (9.2.1-1). I figured out that after

Bug#701141: update on shipping more tools in libnss3-tools

Hi Mike-- Any thoughts about shipping more of the tools in libnss3-tools (http://bugs.debian.org/701141)? I would find them really useful. Thanks as always for your work on debian packaging of mozilla projects. Regards, --dkg pgprmXIL3kNvF.pgp Description: PGP signature

Bug#727528: iceweasel: connection reset when connecting to CapitalOne login page using https

On 10/23/2013 09:27 PM, Bin Guo wrote: > https://login.capitalone.com/ > > would render a frame saying "The connection was reset", same if you > directly connect to https://login.capitalone.com/ > > CapitalOne site used to work fine with iceweasel, but failed later. > For a while opera also fai

Bug#727660: gnutls28: CVE-2013-4466: GNUTLS-SA-2013-3

On 10/25/2013 12:20 AM, Salvatore Bonaccorso wrote: > CVE-2013-4466[0]: > gnutls/libdane buffer overflow > > This only affects 3.1.x and 3.2.x so, gnutls28. A patch [1] is > provided (upstream recomendation is to directly update to 3.2.5, see > [2]). Is this relevant for debian, given that we bu

Bug#727710: assword add accepts the empty string as a context

Package: assword Version: 0.7-1 Severity: normal try: echo | assword add or: assword add '' In either situation, it creates a password with an empty string as the context. this context is unsearchable from "assword gui" and it is probably actually not useful. assword add should probably fa

Bug#243461: debianutils: sensible-editor should run /usr/bin/editor and check for DISPLAY

Package: sensible-utils Version: 0.0.9 Followup-For: Bug #243461 Hi there! in the absence of environment variables or ~/.selected_editor, sensible-editor appears to choose from: * nano * nano-tiny * vi It does not try /usr/bin/editor. It should try /usr/bin/editor before trying any of the a

Bug#727731: /usr/sbin/fancontrol: line 492: [: too many arguments

Package: fancontrol Version: 1:3.3.4-2 Severity: normal 0 dkg@alice:~/tmp$ grep fancontrol /var/log/syslog | tail Oct 25 16:21:48 alice fancontrol[2057]: /usr/sbin/fancontrol: line 492: [: too many arguments Oct 25 16:21:58 alice fancontrol[2057]: /usr/sbin/fancontrol: line 492: [: too many argu

Bug#727729: xml2rfc: please package version 2.x

Hi Russ-- Thanks for the note! On 10/25/2013 04:20 PM, Russ Allbery wrote: > It looks like most folks in the IETF who have been using this tool are > switching to the 2.x version, which was completely rewritten in Python > and is now being maintained by the IETF tools team. Yep, i agree that deb

Bug#727660: gnutls28: CVE-2013-4466: GNUTLS-SA-2013-3

Hi Andreas-- On 10/26/2013 02:24 AM, Andreas Metzler wrote: >> On Fri, Oct 25, 2013 at 09:56:58AM -0400, Daniel Kahn Gillmor wrote: >>> btw, it's not clear to me why we --disable-libdane -- I see that it was >>> set (along with --without-tpm) in 3.1.3-1, but i do

Bug#727660: gnutls28: CVE-2013-4466: GNUTLS-SA-2013-3

On 10/27/2013 10:17 AM, Andreas Metzler wrote: tpm used to be undistributable, see and . right, i saw your note on gnutls-devel about t

Bug#728237: assword: "assword gui" fails without graphical explanation when db is not signed

Package: assword Version: 0.7-1 Severity: normal If ~/.assword/db is not properly signed, i get this backgtrace: 130 dkg@alice:~/.assword$ assword gui Traceback (most recent call last): File "/usr/bin/assword", line 267, in gui(sys.argv[2:], method=method) File "/usr/bin/assword", line 2

Bug#683338: [oss-security] CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference

[replying to http://www.openwall.com/lists/oss-security/2014/01/07/5] On 01/07/2014 05:47 AM, Guido Berhoerster wrote: > an openSUSE user discovered that it is trivial to crash > lightdm-gtk-greeter by entering an empty username due to a NULL > pointer dereference. When a greeter crashes the light

Bug#711744: [Pkg-gnupg-maint] Bug#711744: [gnupg] Please check signature files when getting new orig.tar.gz

Control: clone 711744 -1 Control: reassign -1 devscripts Control: retitle -1 uscan should abort if pgpsigmangleurl but no upstream-signing-key.pgp On Tue 2014-01-07 04:48:58 -0500, Thijs Kinkhorst wrote: > On Sun, December 15, 2013 19:44, Daniel Kahn Gillmor wrote: >> uscan should fai

Bug#711744: [Pkg-gnupg-maint] Bug#711744: [gnupg] Please check signature files when getting new orig.tar.gz

Control: clone 711744 -1 Control: reassign -1 devscripts Control: retitle -1 uscan should propagate the pasv option to PGP signature URL On Tue 2014-01-07 04:48:58 -0500, Thijs Kinkhorst wrote: > When I [use pasv], the downloading of the orig.tar.gz works [...], but > the downloading of the signat

Bug#732201: Please add libnssdb.a and libnssckfw.a to libnss3-dev

On 01/13/2014 11:57 PM, Timo Aaltonen wrote: > On 13.01.2014 11:05, Mike Hommey wrote: >> The contents of libnssb.a are in libnss3.so. Why do you need libnssb? > > For an apache module called mod_rev.so, configure.in has: > > if ! test -e "$nss_lib_dir"/libnssb.a > then > AC_MSG_ERROR([NSS is i

Bug#735384: signing-party: caff leaks signing activity to other local users

Package: signing-party Version: 1.1.4-1 Severity: minor when signing a key, during caff's "export and prune" section, caff creates a directory with: tempdir("caff-$keyid-X", DIR => '/tmp/', CLEANUP => 1); This means that any process on the system able to observe /tmp can see what keys are

Bug#735363: gpg --trust-model=always sometimes fails with fatal error as of 1.4.16

Control: affects 735363 signing-party re: http://bugs.debian.org/735363 -- "Fatal error/non-zero exit code returned when --trust-model=always used" (filed in debian against gpg 1.4.16) caff (from debian's signing-party package) also fails with the recent change to gnupg's behavior when --trust-mo

Bug#707178: Breakin - stress-test and hardware diagnostics tool - Please see if you are able to assist to an issue we are having now for more than a month on 3 servers

Hi Bryan-- On 01/17/2014 04:13 AM, Bryan Fisher wrote: > My name is Bryan Fisher, and I work for a company called Pinnacle Africa in > South Africa, Cape Town. > > I was hoping that maybe you could assist me in the issue that I am getting > with server h/w please. I think you're asking about

Bug#735781: libglib2.0-0: gvfsd-metadata segfault in libgio-2.0.so.0.3200.4

Package: libglib2.0-0 Version: 2.33.12+really2.32.4-5 Severity: normal Dear Maintainer, I'm running wheezy, gnome3, in fallback mode, on an i386 platform with the amd64 kernel. I see the following errors when users operate the machine: [27145.672917] gvfsd-metadata[9258]: segfault at 2 ip 0

Bug#735831: monkeysphere: FTBFS: Tests failures

Control: affects 735363 monkeysphere Control: blocks 735831 735363 On 01/17/2014 03:04 PM, David Suárez wrote: > Source: monkeysphere > Version: 0.36-1 > Severity: serious > Tags: jessie sid > User: debian...@lists.debian.org > Usertags: qa-ftbfs-20140114 qa-ftbfs > Justification: FTBFS on amd64 >

Bug#728944: icedove: segmentation fault in icedove 24.0-1

On 01/15/2014 04:24 PM, Carsten Schoenert wrote: > are this segfaults also happen with the current 24.2.0? yep, i just had one. :( --dkg signature.asc Description: OpenPGP digital signature

Bug#701141: update on shipping more tools in libnss3-tools

On Thu 2013-10-24 15:05:37 -0400, Daniel Kahn Gillmor wrote: > Any thoughts about shipping more of the tools in libnss3-tools > (http://bugs.debian.org/701141)? I would find them really useful. I have still not heard back about this. It has been several months since the patch ha

Bug#728661: openbox: /usr/bin/openbox-gnome-session fails if gnome-session does not exist.

Package: openbox Version: 3.5.2-4 Severity: normal dkg@tiny-monster:~$ dpkg -l 'gnome-session*' Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name

Bug#728668: linux-image-3.11-1-powerpc: nouveau kernel message every 10 seconds: E[ DRM] DDC responded, but no EDID for TV-1

Package: src:linux Version: 3.11.6-2 Severity: normal As you can see from the attached kernel log, the nouveau module is reporting the same error message every 10 seconds. This machine ("omega") is a 1GHz gooseneck powerpc G4 iMac. I got the same error messages and behavior from 3.10-3-powerpc.

Bug#728678: libpixman-1-0:amd64: In pixman_region32_init_rect: Invalid rectangle passed

Package: libpixman-1-0 Version: 0.30.2-1 Severity: normal fetch the following file and render it with evince: http://www.nyc.gov/html/lpc/downloads/pdf/maps/BedStuy_ExpStuyHeights_DESIGNATION_FINAL%20MAP.pdf here is the sha1sum: fc2ac2ef60bfa43ff00f224a4190833b0d910331 BedStuy_ExpStuyHeights_D

Bug#701141: update on shipping more tools in libnss3-tools

On 11/04/2013 01:12 AM, Mike Hommey wrote: I'm going to prepare an upload of 3.15.3 beta 2 in the coming days with this addressed. Great. Thank you, Mike! --dkg -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact li

Bug#728668: linux-image-3.11-1-powerpc: nouveau kernel message every 10 seconds: E[ DRM] DDC responded, but no EDID for TV-1

On 11/04/2013 05:01 AM, Bastian Blank wrote: On Sun, Nov 03, 2013 at 11:37:11PM +, Daniel Kahn Gillmor wrote: As you can see from the attached kernel log, the nouveau module is reporting the same error message every 10 seconds. [ 319.038615] nouveau E[ DRM] DDC responded, but no

Bug#728668: linux-image-3.11-1-powerpc: nouveau kernel message every 10 seconds: E[ DRM] DDC responded, but no EDID for TV-1

On 11/04/2013 10:07 AM, Bastian Blank wrote: Nope. It is most likely connected via LVDS. that's what i would assume. I failed to check it when i was looking at the machine, though. There is a workaround available: Add the parameter tv_disable=1 to nouveau, - either somewhere in /etc/modpro

Bug#728733: gnutls26: Cannot use 'sudo' with LDAP unless I recompile sans '--with-libgcrypt'

Control: forcemerge 658896 728733 On 11/04/2013 02:55 PM, Jeffrey Thomas wrote: I have a number of Debian and RHEL servers on our OpenLDAP setup, but this new Debian 7 machine couldn't use 'sudo'. Research led me to this Ubuntu bug report, and the fix outlined in steps 22-24 worked on my Debi

Bug#728944: icedove: segmentation fault in icedove 24.0-1

Package: icedove Version: 24.0-1 Severity: normal I launched icedove with: NSPR_LOG_MODULES=all:5 NSPR_LOG_FILE=~/tmp/icedove-dbg.log /usr/lib/icedove/run-mozilla.sh -g /usr/bin/icedove i ran it for the day, and it just crashed on me: Program received signal SIGSEGV, Segmentation fault. dospri

Bug#729028: perdition: ssl_outgoing_ciphers not applied to STARTTLS connections

Package: perdition Version: 1.19~rc4-2 Control: found -1 1.19~rc5-1 Control: found -1 2.0-1 Tags: patch security upstream Forwarded: perdition-us...@vergenet.net Perdition(8) says: --ssl_outgoing_ciphers STRING: Cipher list when making outgoing SSL or TLS connections as

Bug#728668: linux-image-3.11-1-powerpc: nouveau kernel message every 10 seconds: E[ DRM] DDC responded, but no EDID for TV-1

On 11/04/2013 10:07 AM, Bastian Blank wrote: > On Mon, Nov 04, 2013 at 09:11:30AM -0500, Daniel Kahn Gillmor wrote: >> On 11/04/2013 05:01 AM, Bastian Blank wrote: >>> Do you have something connected to the TV-1 output? >> As far as i know, there is no TV-1 output. It

Bug#728743: libgmime2.6-cil: Installation hangs whilst installing Assembly

Control: tags 728743 + moreinfo unreproducible On 11/04/2013 04:45 PM, Peter Denison wrote: > Dear Maintainer, >* What led up to the situation? > Upgrade of libgmime2.6-cil to 2.6.19-1 >* What exactly did you do (or not do) that was effective (or > ineffective)? > apt-get -u upgrade

Bug#728944: icedove: segmentation fault in icedove 24.0-1

On 11/09/2013 07:44 AM, Guido Günther wrote: > That's > > while ((c = *fmt++) != 0) { thanks for the diagnosis. > So we at least know that the format string used is bad and that it tries > to print a size. Since this is fairly generic code I'd suspect that > something gets corrupted befor

Bug#729305: sobby fails to purge when there was a non-system sobby user

Package: sobby Version: 0.4.8-1 Severity: normal 0 dirk:~# apt-get purge sobby Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED: sobby* 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. After this

Bug#729320: RedlandWarning: Variable bnodeid1 was bound but it is unused in the query

Package: mozilla-devscripts Version: 0.34 Severity: minor Running dh_xul-ext as part of a build of a pending enigmail 1.6 package, i see this warning: dh_xul-ext /usr/lib/python2.7/dist-packages/RDF.py:1995: RedlandWarning: Variable bnodeid1 was bound but is unused in the query results = Re

Bug#729431: icedove-dev: please ship more python tools from source package's mozilla/config

Package: icedove-dev Version: 24.0-1 Severity: normal Hi there! I've been working on cleaning up the enigmail debian packaging, which Build-Depends: icedove-dev. I find that to build enigmail fairly cleanly, i still need to "borrow" a few files from icedove's source package. It would be great i

Bug#729028: perdition: ssl_outgoing_ciphers not applied to STARTTLS connections

Hi Simon-- Re: http://bugs.debian.org/729028: On Tue 2013-11-12 23:04:07 -0500, Simon Horman wrote: > Thanks for bringing this to my attention and sorry > for not noticing the mailing list post: I'm not suer what happened there. dunno if you care to investigate the mailing list situation further

Bug#728743: libgmime2.6-cil: Installation hangs whilst installing Assembly

Control: 728743 reassign mono-gac Control: 728743 affects libgmime2.6-cil On 11/11/2013 02:56 PM, Peter Denison wrote: > On Sun, 10 Nov 2013, Daniel Kahn Gillmor wrote: >> It's possible that you'll want to reassign this bug to either >> mono-runtime (for /usr/bin/m

Bug#729028: perdition: ssl_outgoing_ciphers not applied to STARTTLS connections

Perdition, the IMAP and POP proxy server, fails to apply the administrator's specified ciphersuite preferences when making outbound connections to IMAP and POP servers using STARTTLS. For these outbound connections, it applies the administrator's listening ciphersuite preferences, which in many ca

Bug#729520: wireshark: SSH dissector misparses connection string as an "Encrypted request packet"

Package: wireshark Version: 1.10.3-1 Severity: normal Attached is a screenshot showing the wireshark view of the beginning of an SSH session. Wireshark interprets the SSH connection string [0] as an "Encrypted request packet", rather than as the human-readable string that it is. The screenshot s

Bug#728743: libgmime2.6-cil: Installation hangs whilst installing Assembly

On 11/13/2013 04:44 PM, Mirco Bauer wrote: > Please run and paste the output of this command: > > grep SigBlk /proc/self/status Who are you asking to run this, Mirco? You had me in the To: field, so i'm assuming you're asking me, but i've been unable to replicate the issue. fwiw, here's what i

Bug#729616: [monkeysphere] Bug#729616: monkeysphere ssh-proxycommand forces me to go get a key by hand

On 11/14/2013 06:45 PM, Clint Adams wrote: > Package: monkeysphere > Version: 0.36-1 > > Revoked ssh://lair.fifthhorseman.net in keyring, new key not; it may > have been alleged that this is a bug: > > % ssh lair.fifthhorseman.net > Monkeysphere warning --- >

Bug#729683: gnome-orca: orca reads password text entries aloud

Package: gnome-orca Version: 3.4.2-2 Severity: normal Hi Orca folks-- It looks like the gnome screen-reader reads back every key pressed into a password text entry field. If the computer in question has public audio enabled, this effectively reads the user's password aloud to anyone else in the

Bug#730591: epiphany-browser: noisy messages to stderr: " Wnck-WARNING **: Unhandled action type _OB_WM_ACTION_UNDECORATE"

Package: epiphany-browser Version: 3.8.2-4 Severity: minor I'm running openbox with some custom rules to handle window decorations. when i launch ephiphany-browser, i get many many of the following noisy messages to stderr at browser startup (and more when i do things like maximizing the window):

Bug#644442: gnome-session-save is no longer present in

Version: 3.4.2.1-4 gnome-session-save isn't in gnome any more. it's been replaced by gnome-session-quit, which has a --force option, which is supposed to do the same thing. --dkg -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble

Bug#730867: iceweasel: ssl_error_no_cypher_overlap error when using ipv6-enabled server with sslv3 disabled

On 11/30/2013 09:08 AM, Pierre Emeriaud wrote: > Package: iceweasel > Version: 25.0-1 > Severity: important > Tags: ipv6 > > When using ipv6, iceaweasel SSL hello is SSLv3, whereas it offers TLSv1 when > using ipv4. > > This leeds to the ssl_error_no_cypher_overlap error messages if the server

Bug#701141: update on shipping more tools in libnss3-tools

On Mon 2013-11-04 01:12:33 -0500, Mike Hommey wrote: > On Fri, Nov 01, 2013 at 06:05:26PM -0400, Daniel Kahn Gillmor wrote: >> On Thu 2013-10-24 15:05:37 -0400, Daniel Kahn Gillmor wrote: >> >> > Any thoughts about shipping more of the tools in libnss3-tools >> &g

Bug#730867: iceweasel: ssl_error_no_cypher_overlap error when using ipv6-enabled server with sslv3 disabled

Control: tags 730867 + unreproducible help moreinfo On 12/02/2013 01:55 AM, Pierre Emeriaud wrote: >> What configuration settings for iceweasel's TLS stack are made in >> about:config for the profile experiencing this behavior? > > The config is pretty vanilla. no tweaks whatsoever. > >> In part

Bug#730867: iceweasel: ssl_error_no_cypher_overlap error when using ipv6-enabled server with sslv3 disabled

Control: tags 730867 - moreinfo On 12/03/2013 01:49 AM, Pierre Emeriaud wrote: > Sure. The two packet captures attached to this mail were done by the > same computer, don't pay attention to the .pcapng/.pcap extension. huh, very strange, i agree that they show what you're describing. in particul

Bug#750338: pyshared for python2 has gone away

It looks to me like https://bugs.debian.org/750338 is caused by the fact that there is only one version of python2 in debian sid. i plan to change the trac packaging to just use /usr/share/python2.7 for debian. (i understand that upstream has announced that there will never be a python2.8, so we

Bug#732322: mknod in a fakechroot environment

On 06/18/2014 05:38 PM, jhcha54008 wrote: > Hi, > > I got the same result : > > mknod: 'dev/ttyS0': Permission denied > > The patch below solved the issue. > > It is perhaps advisable to not chroot before making a > new device node (as in debirf version 0.33, > file /usr/bin/debirf, line 135 :

Bug#727528: connection reset on https://login.capitalone.com

On 06/20/2014 08:34 AM, Dara Adib wrote: > I still can't access https://login.capitalone.com/ and > https://login1.capitalone.com/ with Iceweasel. Strangely, it seems to > be caused by the presence of iceweasel (case insensitive) in the user > agent, regardless of the browser/OS. > > I tested both

Bug#752564: libgpg-error: new upstream version 1.13 available

Source: libgpg-error Severity: wishlist Dear Maintainer, version 1.13 of libgpg-error is available upstream: ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.13.tar.bz2 It would be good to have this in debian. I'm prepared to do an upload if that would be useful. thanks, --dkg

Bug#752580: libgpg-error: verify upstream signature

Source: libgpg-error Version: 1.12-0.2 Severity: normal Tags: patch Werner Koch signs all of his upstream releases. for libgpg-error, he puts them as detached signatures (named with a suffix of .sig) next to the original tarball. The attached patch provides a way for uscan to verify those packag

Bug#752564: libgpg-error: new upstream version 1.13 available

Control: tags -1 + patch On 06/24/2014 02:30 PM, Daniel Kahn Gillmor wrote: > version 1.13 of libgpg-error is available upstream: I'm preparing an upload of libgpg-error 1.13, using the attached debdiff. I'd be happy to commit these changes to the pkg-gnupg team svn repo if i

Bug#752564: Info received (Bug#752564: libgpg-error: new upstream version 1.13 available)

2014-06-24 18:27:07.0 -0400 @@ -1,3 +1,11 @@ +libgpg-error (1.13-0.1) unstable; urgency=low + + * NMU + * New upstream release (Closes: #752564) + * verify upstream signatures (Closes: #752580) + + -- Daniel Kahn Gillmor Tue, 24 Jun 2014 17:36:15 -0400 + libgpg-error (1.12-0.2

Bug#752675: gpgme1.0: please check upstream signatures for gpgme

Source: gpgme1.0 Version: 1.4.3-0.1 Severity: normal Tags: patch Werner Koch (GnuPG upstream) distributes detached signatures over his source code releases using the .sig suffix. The attached patch makes for an easy way to check that the upstream source is the correct one. --dkg -- System In

Bug#752683: gpgme1.0: new upstream version 1.5.0 available

Source: gpgme1.0 Version: 1.4.3-0.1 Severity: normal Dear Maintainer, ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.5.0.tar.bz2 is available upstream. I'm preparing it as an NMU. I notice that the last several versions of this package were also NMU'ed. The pkg-gnupg team would be happy to put this

Bug#752683: gpgme1.0: new upstream version 1.5.0 available

Control: tags -1 + pending patch On 06/25/2014 11:30 AM, Daniel Kahn Gillmor wrote: > ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.5.0.tar.bz2 > > is available upstream. > > I'm preparing it as an NMU. Attached is the debdiff for upgrading to gpgme 1.5.0. I'll upload i

Bug#752793: debian-keyring: Thom May's key appears twice in debian-keyring.gpg

Package: debian-keyring Version: 2014.04.25 Severity: minor I just noticed that Thom May's key appears twice in debian-keyring.gpg for some reason. It's key 0xB5679467473F7EFA: 0 dkg@alice:~$ pgpdump < /usr/share/keyrings/debian-keyring.gpg | grep Thom\ May User ID - Thom May Us

Bug#726638: improved patch for filenames with shell metacharacters or whitespace

Control: tags -1 + patch Attached is an improved patch that should help xapers handle not only whitespace in filenames, but also safely handle filenames with shell metacharacters. we should never set shell=True if at all possible, especially when the pdf filename may be attacker-supplied. This a

Bug#726638: improved patch for filenames with shell metacharacters or whitespace

On 04/16/2014 05:48 PM, Jameson Graef Rollins wrote: > I actually don't want the spawned process to be owned by xapers. If > it's owned by xapers then closing xapers closes the opened paper. > That's why I used the technique that I did. hm, that doesn't happen for me (i just tested). can you p

Bug#745144: pem2openpgp(1) manpage: punctuation error

Control: tags -1 + pending On 04/18/2014 07:54 AM, Jakub Wilk wrote: > Package: monkeysphere > Version: 0.36-1 > Severity: minor > Tags: patch > > $ man pem2openpgp | grep 1, > openpgp2ssh(1,) monkeysphere(1), monkeysphere(7), ssh(1), > > It should be "(1)," rather than "(1,)". thanks, i've

Bug#745553: emacs24-el: mml2015-always-trust should default to nil, not t

Package: emacs24-el Version: 24.3+1-2 Severity: normal Hi emacs maintainers! in /usr/share/emacs/24.3/lisp/gnus/mml2015.el.gz i see this variable definition: (defcustom mml2015-always-trust t "If t, GnuPG skip key validation on encryption." :group 'mime-security :type 'boolean) This is

Bug#646002: gnome-control-center: gnome Displays control panel fails, reports "required virtual size does not fit available size; requested=(1,1)"

On 04/23/2014 06:55 PM, althaser wrote: > [https://bugs.debian.org/646002] is an old bug. > > Could you please still reproduce this issue with newer gnome-control-center > version like 1:3.4.3.1-2 or 1:3.8.3-5 ? sorry, i no longer have access to the machine i filed this about, and i don't run gn

Bug#740160: gnutls unusable with cacert SHA2-512 sigs

On 02/26/2014 01:17 PM, Andreas Metzler wrote: > On 2014-02-26 Daniel Pocock wrote: >> Package: libgnutls26 >> Severity: serious >> Version: 2.12.20-8 > > [...] >> - running gnutls-cli in debug mode, I notice the following: > [...] > > Can you check whether this is fixed in GnuTLS 3.x? - It is a

Bug#740135: ITP: slt -- TLS reverse-proxy with SNI multiplexing (TLS virtual hosts)

On Wed 2014-02-26 06:57:47 -0500, Konstantin Khomoutov wrote: > I'm not the native speaker so please be warned; but these two phrases > catched my eye. Both are obviously incorrect ("lets a user can send" > and "passing the through the") but I'd also change them slightly so > that they read better

Bug#740727: chromium: segfault when connecting to a TLS server with a weak DHE group

Package: chromium Version: 32.0.1700.123-2 Severity: important https://demo.cmrg.net/ is a horribly-configured webserver offering only discrete-log DHE key exchange with a trivially-crackable 16-bit group. chromium segfaults when visiting it for any reason: 0 dkg@alice:~$ chromium https://demo.c

Bug#740419: Unreliable testsuite

Control: tags -1 + help On 03/01/2014 07:12 AM, Christian Hofstaedtler wrote: > Source: xdotool > Version: 1:3.20130111.1-3 > > Apparently the test suite that runs during package build is > unreliable and sometimes fails for no apparent reason. yes, i've noticed this as well. I've brought it up

Bug#741261: [Pkg-mozext-maintainers] Bug#741261: enigmail: fails to recognize private keys for different accounts, asks for all private keys passphrases

Control: tags -1 + moreinfo hi dpdt1-- On 03/10/2014 10:28 AM, dpdt1 wrote: > i have 7-8 private keys in my gpg keyring, 3 of those just for email > accounts. > when i decrypt with default key(set in gpg.conf) everything's allright. when i > try to decrypt another account, gpg-agent asks for al

Bug#742755: openconnect: avoid OpenSSL in openconnect, just use libgnutls28

failed >From dd9690636fe3e6dffdcf01ad0a2df062403b91d8 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 26 Mar 2014 17:15:17 -0400 Subject: [PATCH] use GPL-compatible libraries (drop openssl, rely on modern GnuTLS) note that this removes the openconnect_print_err_cb symbol from

Bug#742799: msva-perl: sample systemd unit file

On 03/27/2014 11:47 AM, Clint Adams wrote: > Package: msva-perl > Version: 0.9.2-1 > Severity: wishlist > > I just switched from runit to systemd for running a "system-wide" > instance of msva-perl, using the following unit file. I suggest > including a better version as an example. > > [Unit] >

Bug#743301: eatmydata: breaks other programs that set LD_PRELOAD

Control: tags -1 + pending On 04/01/2014 11:22 AM, Antonio Terceiro wrote: > Package: faketime > Version: 0.9.5-1 > Severity: important > Tags: patch > > Hello, > > There is logic error in src/faketime.c that causes faketime to damage > the contents of an existing LD_PRELOAD environment variable

Bug#745772: ITP: libdigest-perl-md5-perl -- Perl Implementation of Rivest's MD5 algorithm

On 04/24/2014 06:09 PM, Florian Schlichting wrote: > Package: wnpp > Owner: Florian Schlichting > Severity: wishlist > X-Debbugs-CC: debian-de...@lists.debian.org,debian-p...@lists.debian.org > > * Package name: libdigest-perl-md5-perl > Version : 1.9 > Upstream Author : Christian

Bug#745772: ITP: libdigest-perl-md5-perl -- Perl Implementation of Rivest's MD5 algorithm

On 04/28/2014 09:02 AM, Florian Schlichting wrote: > libspreadsheet-parseexcel-perl has been waiting for something like this > to happen for a little over three years now, so I think it's safe to say > it's not going to happen, and it's a lot easier to have an alternative > implementation of the MD

Bug#746598: iceweasel 29.0: PDF previewer does not work anymore

On 05/01/2014 03:30 PM, Christophe Troestler wrote: > Package: iceweasel > Version: 29.0-1 > Severity: normal > Trying to display a PDF file, such as > http://math.umons.ac.be/anum/ftp_san/mathelem/espaceRN.pdf > with the iceweasel PDF previewer displays a blank page. hm, that page renders for me

Bug#746615: rxvt-unicode: new upstream version 9.20 available

Package: rxvt-unicode Version: 9.19-1 Severity: wishlist http://dist.schmorp.de/rxvt-unicode/Changes suggests that rxvt-unicode version 9.20 was released on April 26. It would be great to have that in debian (it also fixes security bug https://bugs.debian.org/746593) Thanks for maintaining rxvt-

Bug#745553: emacs24-el: mml2015-always-trust should default to nil, not t

On 04/24/2014 03:12 PM, Rob Browning wrote: > [If possible, please preserve the 745553-forwarded address in any replies.] > > This bug was filed recently, and I suspect it might be something you'd > like to discuss upstream. thanks for forwarding this, Rob. More notes belo

Bug#749545: birdfont: segmentation fault after "SearchPaths.vala:149: ucd not found"

Package: birdfont Version: 0.37-2 Severity: normal I just installed birdfont here and tried to run it with the following error: 0 dkg@tyr:~$ birdfont birdfont version 0.37 built on Tue May 27 12:08:57 2014 ** (birdfont:21950): WARNING **: SearchPaths.vala:149: ucd not found ** (birdfont:21950):

Bug#749545: birdfont: segmentation fault after "SearchPaths.vala:149: ucd not found"

On 06/01/2014 06:53 AM, Hideki Yamane wrote: > Can anyone try to reproduce it with ppc machine? I have the one but > it takes time to setup. > > And dkg, how about other valac app on your machine, works fine? I'm not sure what other valac app to try -- i used grep-dctrl to sort out that the "s

Bug#750094: Misleading warning

over on https://bugs.debian.org/750094, On 06/01/2014 10:01 AM, Juliusz Chroboczek wrote: > Package: gnutls-bin > Version: 3.2.14-1 > > Try the following: > > gnutls-cli --dh-bits 256 --starttls -p 80 www.debian.org > > It prints the following warning: > > |<1>| Note that the security leve

Bug#750504: sks postinst script fails when no logfiles present

Package: sks Version: 1.1.5-1 Severity: normal the sks postinst script is set -e and it has: LOG_FILES=$(cd ${SKS_DIR}/${DBHOME}; ls -1 | grep -E "^log\.") which executes when the bdb recovery tool it wants to use doesn't exist. in this scenario, if there is no logfile, then this assig

Bug#750094: Misleading warning

On 06/04/2014 03:30 AM, Nikos Mavrogiannopoulos wrote: > I agree with your points. In fact the current warning was setup to > cover (0). There could be another warning for (1), but gnutls-cli > prints the size of the prime anyway if DHE is negotiated so I'm not > sure how much another warning would

Bug#748669: an sks update for wheezy? ( https://bugs.debian.org/748669 )

hi good release team people-- https://bugs.debian.org/748669 proposes an update for sks for wheezy. Could we get a response from the release team about whether to go ahead with it or not? Regards, --dkg signature.asc Description: OpenPGP digital signature

Bug#750709: ITP: libpsl -- Library for Public Suffix List

Package: wnpp Severity: wishlist Owner: Daniel Kahn Gillmor * Package name: libpsl Version : 0.3.0 Upstream Author : Tim Ruehsen * URL : https://github.com/rockdaboot/libpsl * License : MIT Programming Lang: C Description : Library for Public Suffix

Bug#750721: faketime does not pass exit code of child process

On 06/06/2014 04:34 AM, Kees Cook wrote: > Package: faketime > Version: 0.9.5-2 > Severity: normal > > The "faketime" tool does not pass the error code of the child process: Thanks for this, Kees. (and for the patch) I've forwarded this to the upstream author, and hopefully we'll hear back soon

Bug#737571: faketime: diff for NMU version 0.9.5-2.1

On 06/06/2014 04:57 PM, Jakub Wilk wrote: > Control: tags -1 + patch pending > thanks > > I've prepared an NMU for faketime (versioned as 0.9.5-2.1) and uploaded > it to DELAYED/3. Please feel free to tell me if I should delay it longer. Thanks Jakub. fwiw, upstream (cc'ed here) has tried to re

Bug#751021: dpkg: File descriptor 6 (/var/lib/dpkg/triggers/Unincorp) leaked on vgs invocation.

Package: dpkg Version: 1.17.10 Severity: normal dpkg appears to leave a file descriptor open in its children when processing triggers. When one of the children (or their descendents) invokes an lvm2 command, lvm itself complains about the extra file descriptor. Is there a reason to leak the file

Bug#744328: notmuch-web: config doesn't match docs, and appears to be root-only

Package: notmuch-web Version: 0.2.0-4+b1 Followup-For: Bug #744328 I think debian/patches/config-in-etc should be dropped, and the notmuch-web package shouldn't be treated as a system service (at least not on its own). Please provide the current /etc/notmuch-web/ directory instead in someplace li

Bug#751339: RFP: ath9k-htc-firmware -- free firmware for Atheros AR7010/AR9271 wireless adapters

Package: wnpp Severity: wishlist * Package name: ath9k-htc-firmware Version : 1.3.2 Upstream Author : Qualcomm Atheros * URL : http://jxself.org/ath9k-htc/ * License : ClearBSD Programming Lang: C, assembly Description : free firmware for Atheros AR7010/

Bug#751430: perdition 2.1 available upstream

Source: perdition Severity: wishlist Since February 6, perdition 2.1 has been available: http://horms.org/pleb_blossom/permalink/2014/2014-02-06T16_51_24.shtml It would be great to have this version in debian! Regards, --dkg -- System Information: Debian Release: jessie/sid APT pref

Bug#747423: pygtk: please support python 3 (create new python3-gtk package)

Source: pygtk Version: 2.24.0-3+b1 Severity: wishlist It would be great to have pygtk available for python 3. Can we have a python3-gtk in debian? If this isn't possible for some reason (i couldn't find any documentation about the combination of python 3 and pygtk), feel free to close it with a

Bug#747423: pygtk: please support python 3 (create new python3-gtk package)

On 05/08/2014 10:42 AM, Emilio Pozuelo Monfort wrote: > Not possible, and not gonna happen. python-gtk rdeps need to be ported to > gobject-introspection and use gir1.2-gtk-2.0 or, preferably, gir1.2-gtk-3.0. > See: > > https://wiki.gnome.org/action/show/Projects/PyGObject > https://wiki.gnome.o

<    1   2   3   4   5   6   7   8   9   10   >