On Tue, 2005-11-22 at 01:53 +0100, Daniel Nylander wrote:
> Here is the swedish translation of xmms-goom
>
Thank you for the translation. The binary you translated isn't included
in Debian's xmms-goom package but I'll forward your work to the upstream
author.
John
signature.asc
Description:
tags 340070 + patch
thanks
pri_set_error and pri_set_message in libpri.h from libpri-dev have
changed since this version of yate was released. Updating yate to a
newer upstream would likely fix the FTBFS error. Barring that, the
attached dpatch gets the yate package compiling again in its curren
tags 336840 + patch
thanks
Reordering the call to glutInit in orbit.c fixes this error.
John
diff -ur space-orbit-1.01.orig/src/orbit.c space-orbit-1.01/src/orbit.c
--- space-orbit-1.01.orig/src/orbit.c 2005-12-13 18:22:35.0 -0600
+++ space-orbit-1.01/src/orbit.c 2005-12-13 18:22:22.0
Package: libdv
Severity: minor
In debian/rules you need to either export the CFLAGS after setting
them or include the CFLAGS on the configure/make lines. As is,
compiling with noopt will result in -O2 binaries.
Thanks
John
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT
Package: kino
Version: 0.75-7
Severity: wishlist
The ffmpeg divx export scripts export a valid mpeg4 file but
tag this file as "FMP4". This causes problems with some
free software video players which don't understand that "FMP4"
is functionally identical to "DIVX".
test.avi is tagged as "FMP4"
On Fri, 2005-02-04 at 11:11 +0100, Martin Schuster wrote:
> Package: xmms-infinity
> Version: 0.5.9-1
> Severity: normal
>
> New upstream version is available (0.6.0)
> http://freshmeat.net/projects/infinity-plugin/?branch_id=50068&release_id=178677
>
My understanding was that the 0.6.0 release
retitle 285274 RFP: libvisual -- abstraction library for visualization plugins
thanks
> Is there any progress on this ITP? I'd really like to see libvisual
> in Debian.
I haven't made any progress with it and I'd assume that Frederik
hasn't either. Feel free to take over the ITP if you'd like.
retitle 285274 ITP: libvisual -- abstraction library for visualization plugins
thanks
On Fri, 2005-05-06 at 20:25 +0200, Frederik Dannemare wrote:
> I have actually been doing packages since 0.1.7, since I need it for
> LiVES which I'm also maintaining (also not yet in Debian).
> All I need is a
On Fri, 2005-05-06 at 21:50 +0200, Frederik Dannemare wrote:
> On Friday 06 May 2005 21:07, John Lightsey wrote:
> > You'll have to give me some slack though. I haven't sponsored anyone
> > before and I'll be fairly busy for the next few weeks.
>
> No prob
On Fri, 2005-02-04 at 18:40 +0100, Martin Schuster wrote:
> On Fri, Feb 04, 2005 at 08:15:52AM -0600, John Lightsey wrote:
> > My understanding was that the 0.6.0 release was mostly the portability
> > fixes I applied to 0.5.9 and forwarded upstream. I'll take a look at
>
Package: gnome-games
Version: 1:2.10.1-5
Severity: normal
Play a game of AisleRiot until you get the
"Congratulations You have won!!!" dialog.
>From this point you can intentionally or accidentally
win another game instantly.
Click the close button on the dialog.
Click one of the open spaces so
On Thu, 2005-02-10 at 21:42 +0100, Thorsten Haude wrote:
> Jess uses 50M memory although inactive and never uses in current session:
> 50924k: PID 4259 (/usr/lib/xmms/Visualization/libjess.so)
>
You saw this output from memstat, correct?
I can get the same sort of wacky output, but if I remov
On Tue, 2005-01-11 at 00:12 +0100, Frederik Dannemare wrote:
> On Saturday 08 January 2005 00:39, John Lightsey wrote:
> > On Sat, 2005-01-08 at 00:00 +0100, Frederik Dannemare wrote:
> > > OK, I can confirm my interest in this package. I have pretty much
> > > already m
On Mon, 2005-02-28 at 15:45 +0100, Andreas Jochens wrote:
...
> With the attached patch 'xmms-synaesthesia' can be compiled
> on amd64 using gcc-4.0.
>
> Regards
> Andreas Jochens
>
> diff -urN ../tmp-orig/xmms-synaesthesia-0.0.3/syna_core.c ./syna_core.c
> --- ../tmp-orig/xmms-synaesthesia-0.0.3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/20/2012 11:39 AM, Henri Salo wrote:
> I could not reproduce this issue in squeeze with amd64-machine
> using monkey package 0.9.3-1. Could you tell me more about your
> virtualization environment?
I used a KVM VM running Squeeze with an AMD Ath
On Fri, 2012-09-21 at 16:07 +0300, Henri Salo wrote:
> On Thu, Sep 20, 2012 at 01:37:35PM -0500, John Lightsey wrote:
> > If you'd like, I can get a full backtrace. It takes some effort since
> > the monkey package doesn't handle DEB_BUILD_OPTIONS correctly.
>
> I
Package: libapr1
Version: 1.4.5-1.1
Severity: important
Tags: security
APR's hash implementation is vulnerable to the same types of algorithmic
complexity attacks disclosed in oCert-2011-003.
Discussion of the problem on the apr-dev mailing list is available here:
http://www.mail-archive.com/dev
Package: monkey
Version: 0.9.3-1
Severity: grave
Tags: security
Justification: user security hole
Monkey webserver fails to drop supplemental groups when lowering privileges.
This allows any local user on the system to read any fine that root's
supplemental
groups can access. Monkey does perform a
Package: monkey
Version: 0.9.3-1
Severity: grave
Tags: security
Justification: user security hole
The Monkey webserver retains RUID/RGID root so that it can regain root as
needed to perform privileged operations. Unfortunately, monkey does not drop
RUID/RGID root before executing CGI scripts. This
Package: monkey
Version: 0.9.3-1
Severity: important
In testing the 0.9.3-1 monkey package on an AMD64 KVM VM, all requests to the
server resulted in segfaults in the thread trying to handle the request. A 386
test VM did not have the same problem. The segfault occurs when
m_build_buffer_from_buff
On 03/28/2013 09:58 AM, Damyan Ivanov wrote:
> -=| John Lightsey, 18.05.2011 20:25:09 -0500 |=-
>> tags 610384 + wontfix
>> thanks
>>
>> The handling of files in /tmp with Parallel::Forkmanager 0.7.6+ is very
>> insecure.
>>
>> http://rt.cpan.or
Package: libhttp-dav-perl
Version: 0.38-1
Severity: normal
There have been several releases of HTTP::DAV since the last refresh of the
Debian package in 2009. The 0.40 version in particular fixed an annoying bug
where you have to specify the realm along with authentication credentials.
-- System
Package: masqmail
Version: 0.2.21-4
Severity: critical
Tags: security
Justification: root security hole
Reporting publicly since this has already been disclosed on the masqmail list.
In src/log.c there are two logging functions that use this logic:
uid_t saved_uid;
saved_uid = seteuid(conf.mail_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/01/2011 04:00 PM, Dominic Hargreaves wrote:
> Source: libfinance-quotehist-perl
> Version: 1.16-1
> Severity: serious
> Justification: fails to build from source (but built successfully in the past)
>
> This package FTBFS with a clean sid chroot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
block 242613 by 531702
thanks
I was going to update apt-watch-gnome to use the x-terminal-emulator
alternative instead of xterm with the apt-watch 0.4.0 release, but it
turns out that gnome-terminal isn't usable in a su-to-root context
because of bug
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/12/2011 03:03 AM, Niels Thykier wrote:
> Please see attached patch as an example of how to do this.
>
> Please note that the buildds are still using "build" followed by
> "binary-arch".
>
> For more information, please see [1].
>
> ~Niels
>
>
Source: glib2.0
Severity: important
Tags: security
The standard hashing functions provided with the ghashtable implementation
in glib are vulnerable to the algorithmic complexity attacks described in
oCert-2011-003
http://www.ocert.org/advisories/ocert-2011-003.html
This was reported upstream in
On 01/07/2012 10:34 PM, Michael Biebl wrote:
> On 08.01.2012 02:28, John Lightsey wrote:
> This discussion is from 2003 and had no real conclusion.
> Have you checked if the current code base is still vulnerable?
Yes, I looked at their upstream repo and it appears to me that the
standar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: nwall
Version: 1.32+debian-4.1
Severity: normal
- --- Please enter the report below this line. ---
In main(), the return value of ttyname(2) isn't checked which results
in a segfault if fd 2 isn't attached to a tty:
strace -f perl -e 'open
Thanks for the bug report on apt-watch. It should be straightforward to fix.
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/19/2011 07:08 PM, Michael Biebl wrote:
> Hi John,
>
> as you might have noticed, the GNOME 3 transition is now ongoing in unstable.
> Could you please upload apt-watch 0.4.0 from experimental to unstable now as
> otherwise apt-watch will block t
Package: ftp.debian.org
Severity: normal
src:apt-watch hasn't served much purpose since the switch to Gnome3 and the
deemphasis of panel applets. It will FTBFS shortly (#772617) and should be
removed from the archive.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with
On Tue, 2014-12-09 at 08:34 +, Dmitry Shachnev wrote:
> Package: apt-watch-gnome
> Version: 0.4.0-2.1
> Severity: important
> Justification: will FTBFS soon
Thanks for the report. I've requested removal of apt-watch. It hasn't
been very relevant since the switch to Gnome3.
signature.asc
Desc
Source: phamm
Severity: important
Tags: upstream security
While looking through codesearch.debian.net I noticed that phamm's
views/helpers.php uses $_SERVER['PHP_SELF'] in a way that is vulnerable to
reflected XSS attacks.
To reproduce the problem, load a URL like this in Firefox:
http://127.0
On Sun, 2016-12-18 at 18:15 +0100, koopa wrote:
> numpy.oldnumeric has been removed in 1.9 release so castle-combat does not
> start
> https://docs.scipy.org/doc/numpy-dev/release.html#numpy-1-9-0-release-notes
>
> so castle-combat does not start
>
Thanks for pointing this out.
castle-combat ha
Package: ftp.debian.org
Severity: normal
Please remove the castle-combat package. There has been no upstream development
of castle-combat in many years, and it no longer functions due to the removal of
the oldnumeric module from numpy.
signature.asc
Description: This is a digitally signed messag
On Tue, 2007-05-22 at 18:09 +0200, Giovanni Mascellani wrote:
> While having a look into /var/cache/apt, I noted that some files are
> owned by root.root and others by giovanni.giovanni (my username). I
> believe that apt-watch moves the .debs from its cache to the system
> cache, but doesn't set r
On Tue, 2006-06-20 at 20:07 +0200, Karl Bartel wrote:
> I just uploaded a new release. The code worked out quite different
> than in the patch, because I wanted to add a "Sound on/off" switch
> without adding an additional conditional around each line where a
> sound is played. This bug shoul
On Tue, 2006-05-30 at 18:07 +0300, Timo Juhani Lindfors wrote:
> Package: castle-combat
> Version: 0.8.0-2
> Severity: grave
> Justification: renders package unusable
>
> When two local players play the game it throws
...
> File "/usr/share/games/castle-combat/scripts/cannon.py", line 21, in
On Sat, 2006-07-08 at 12:52 +0200, Matthias Klose wrote:
> Package: castle-combat
> Tags: patch
>
> I'm not uploading this before Jul 15 as a NMU, because it's a change
> to the build system as well (introducing debhelper).
While I certainly appreciate the help in updating to the new Python
polic
Package: wnpp
Severity: wishlist
Owner: John Lightsey <[EMAIL PROTECTED]>
* Package name: libparallel-forkmanager-perl
Version : 0.7.5
Upstream Author : Szabó, Balázs <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/~dlux/Parallel-ForkManager-0.7.
This shouldn't be tagged as a grave security issue. The symlink tests
in Apache are trivial to overcome with timing attacks and the Apache
documentation explicitly states that the symlink tests should not be
considered a security restriction.
http://httpd.apache.org/docs/2.2/mod/core.html#options
tags 431324 + pending
thanks
I isolated the problem with apt-watch yesterday and I'll have a new
version uploaded this evening with the fix.
John
signature.asc
Description: This is a digitally signed message part
Package: wnpp
Severity: wishlist
Owner: John Lightsey <[EMAIL PROTECTED]>
* Package name: libyaml-tiny-perl
Version : 1.04
Upstream Author : Adam Kennedy <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/~adamk/YAML-Tiny-1.04/
* License : Perl (
On Sun, 2009-09-27 at 15:48 +0200, Luca Falavigna wrote:
> I was looking at castle-combat trying to see if it can be ported to
> python-numpy because python-numeric* packages have been removed.
>
> This is not a trivial task because some things have changed and it
> crashes every now and then, wit
Package: xen-tools
Version: 3.9-4
Severity: grave
Tags: security
Justification: user security hole
I'm tagging this security, though common best practices would suggest that
access
to the Dom0 should be severely restricted to begin with.
When xen-create-image is used to create a file based DomU,
Package: nsd3
Version: 3.0.7-2~bpo40+1
Severity: minor
Please update the cron job for NSD3 so that it doesn't
generate output when there is no error. IMHO, this message
shouldn't be sent:
nsdc: no patch necessary.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (50
Package: nsd3
Version: 3.0.7-2~bpo40+1
Severity: normal
The NSD3 init script provides a "reload" action which calls "nsdc reload". As
discussed in the upstream bug report, "nsdc reload" does not reread the nsd.conf
configuration file, so it's behavior falls far short of the policy manual's
guid
tags 275401 +patch
thanks
I can easily replicate this bug...
update apt-watch (works)
launch synaptic from apt-watch
close synaptic
update apt-watch (error)
The attached patch seems to fix the problem with 3.2-2. I haven't
looked at apt-watch closely enough to follow exactly what it's doing,
an
On Fri, 2006-02-24 at 00:38 +, Eduardo Neves Heleno Silva wrote:
> Hi, I made myself a new icon and animation for apt-watch. Unfortunally
> it's very hard to make the animation look better, because its size is
> very small (24x24) but I think it's a bit beeter than the current one.
Personal
On Mon, 2006-04-24 at 12:21 +0200, Martin Schulze wrote:
> Package: apt-watch-backend
> One of these descriptions is most probably wrong...
I'll update the short descriptions with the next version. Thanks for
pointing this out.
John
signature.asc
Description: This is a digitally signed messa
Hi there,
The other day I was looking for a cross platform C++ IDE that's a bit
lighter and better integrated than Eclipse + CDT. The description and
screenshots of Codeblocks on their website looked quite good, and I'm a
fan of wxWidgets to begin with. After that I saw your ITP on the WNPP
list
tags 594353 + pending
thanks
I'll upload a new version tonight without -Werror in CXXFLAGS. The
package builds fine aside from the deprecation warnings.
Thanks for your bug report.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble?
On 02/11/2011 08:28 AM, Moritz Muehlenhoff wrote:
> Hi John,
> I've tried to rebuild java-imaging-utilities for Univention Corporate Server,
> a Debian derived distribution based on Debian stable (currently Lenny, our
> next
> release will be based on Squeeze).
>
> libfinance-quotehist-perl fails
On Fri, 2009-02-20 at 15:45 +0100, colliar wrote:
> especially with cron-apt installed apt-watch often downloads files for a
> second time instead of checking the system cache.
Thanks for reporting this issue. This problem will be addressed in the
next release of apt-watch.
John
signature.asc
Hi there,
Do you still intend to adopt the Debian Parrot packages? From what I
can see, there was some talk in December about setting up group
maintenance of Parrot, but it doesn't look like that ever took off.
John
signature.asc
Description: This is a digitally signed message part
On Tue, 2008-03-11 at 07:23 +0200, Joona Kiiski wrote:
> Package: castle-combat
> Version: 0.8.1.dfsg.1-0.1
> Severity: normal
> When I click help-button in the main menu, nothing happens, but
> program becomes unresponsive for mouse
> clicks or keypresses.
Thanks for pointing this out. It's po
Package: debbugs
Version: 2.4.2~exp1
Severity: normal
Tags: patch
Hi there, I rebuilt the packages from experimental on my testing system, but
it looks like this problem may exist in previous versions as well. We doing a
fresh install of debbugs and running debbugsconfig for the first time, it d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for your bug report. I'll improve the long description when I
package the next upstream release of YAML::Tiny.
John
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.or
Package: wnpp
Severity: wishlist
Owner: John Lightsey
* Package name: libfinance-quotehist-perl
Version : 1.14
Upstream Author : Matthew Sisk
* URL : http://search.cpan.org/dist/Finance-QuoteHist/
* License : Perl (Artistic + GPL)
Programming Lang: Perl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
fixed 612914 1.14-1+squeeze1
thanks
The fixed version of libfinance-quotehist-perl has been accepted into
stable-proposed-updates and will be included in the next stable release.
The patch applied is:
diff --git a/debian/rules b/debian/rules
index 2
tags 610384 + wontfix
thanks
The handling of files in /tmp with Parallel::Forkmanager 0.7.6+ is very
insecure.
http://rt.cpan.org/Ticket/Display.html?id=68298
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lis
gelog
@@ -1,3 +1,9 @@
+libfinance-quotehist-perl (1.14-1+squeeze1) stable; urgency=low
+
+ * Disable faulty unit tests. (Closts: #612914)
+
+ -- John Lightsey Mon, 23 May 2011 23:58:00 -0500
+
libfinance-quotehist-perl (1.14-1) unstable; urgency=low
* Initial Release. (Closes: #588401)
diff --
tags 841144 + patch
thanks
I'm attaching the patch we used at cPanel to fix this issue with the
4.9 Debian Stable kernel.
I forwarded a version of this patch to the ocfs2-devel mailing list
already.
From Mon Sep 17 00:00:00 2001
From: John Lightsey
ation accurate and clear
Current code assume that ::w_unwritten_list always has only one item on.
This is not right and hard to get understood.
So improve how to count unwritten item.
Reported-by: John Lightsey
Signed-off-by: Changwei Ge
---
fs/ocfs2/aops.c | 4 +++-
1 file changed, 3 inser
65 matches
Mail list logo
