Quoting Steven Chamberlain (ste...@pyro.eu.org):
> Patch for this actually just a diff limited to ./grub-installer from:
>
> $ git revert a070f516 99389d59 926cee22
Agreed from my side. I guess we now just need Cyril's ACK to apply in
git and probably buildunless something else is needed in
Your message dated Sat, 12 Jan 2013 00:17:39 +
with message-id
and subject line Bug#697714: fixed in libxcrypt 1:2.4-3
has caused the Debian Bug report #697714,
regarding libxcrypt: fix ftbfs due to deprecated libc locking macros
to be marked as done.
This means that you claim that the proble
Your message dated Sat, 12 Jan 2013 00:18:28 +
with message-id
and subject line Bug#692871: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #692871,
regarding mysql-server-5.5: Regression in privileges of mysql debian-sys-maint
user
to be marked as done.
This means that you
Your message dated Sat, 12 Jan 2013 00:18:28 +
with message-id
and subject line Bug#695001: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #695001,
regarding mysql-5.5: New MySQL issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If
Your message dated Sat, 12 Jan 2013 00:18:28 +
with message-id
and subject line Bug#692871: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #692871,
regarding mysql-server-5.5: error in SQL syntax in postinst
to be marked as done.
This means that you claim that the problem h
Your message dated Fri, 11 Jan 2013 18:03:10 -0600
with message-id <20130112000310.gb...@gwolf.org>
and subject line Re: [drupal7] SA-CORE-2012-004 - Drupal core - Multiple
vulnerabilities in Drupal 6 & 7
has caused the Debian Bug report #696342,
regarding [drupal7] SA-CORE-2012-004 - Drupal core
On Tue, Jan 08, 2013 at 06:49:56PM +0100, Moritz Mühlenhoff wrote:
> On Tue, Jan 08, 2013 at 02:45:59AM +0200, Tzafrir Cohen wrote:
> > Hi,
> >
> > On Wed, Jan 02, 2013 at 10:56:43PM +0100, Salvatore Bonaccorso wrote:
> > > Package: asterisk
> > > Severity: grave
> > > Tags: security
> > > Justifi
Processing commands for cont...@bugs.debian.org:
> user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was deb...@abeckmann.de).
> usertags 697085 piuparts
There were no usertags set.
Usertags are now: piuparts.
> found 697085 1.3.0+dfsg-1~exp3
Bug #697085 [qemu-system] qem
Your message dated Fri, 11 Jan 2013 22:47:39 +
with message-id
and subject line Bug#697580: fixed in connman 1.0-1.1
has caused the Debian Bug report #697580,
regarding connman: CVE-2012-6459
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not
Processing commands for cont...@bugs.debian.org:
> tags 697930 + patch
Bug #697930 [nagios3] nagios3: CVE-2012-6096
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
697930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697930
Debian Bug Track
Processing commands for cont...@bugs.debian.org:
> tags 697931 + patch
Bug #697931 [icinga] icinga: CVE-2012-6096
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
697931: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697931
Debian Bug Trackin
Your message dated Fri, 11 Jan 2013 21:32:37 +
with message-id
and subject line Bug#697895: fixed in ruby-extlib 0.9.15-3
has caused the Debian Bug report #697895,
regarding Update libextlib-ruby / ruby-extlib for vulnerabilities (Re:
CVE-2013-0156)
to be marked as done.
This means that you
Hi
(resending this as I missed the bugreport)
On Fri, Jan 11, 2013 at 12:06:54AM +, Joshua Timberman wrote:
> Package: libextlib-ruby
>
> Version: 0.9.13-2
> Severity: grave
> Tags: security
>
> Dan Kubb, upstream maintainer of the extlib RubyGem recently updated it to
> resolve security is
Processing commands for cont...@bugs.debian.org:
> tags 697895 + patch
Bug #697895 [libextlib-ruby] Update libextlib-ruby / ruby-extlib for
vulnerabilities (Re: CVE-2013-0156)
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
697895: http://bugs
Hi
Attached the upstream commits applied to the unstable version and
generated debdiff. But this creates too some additional files in one
of the binary packages created:
ruby-extlib:
[The following lists of changes regard files as different if they have
different names, permissions or owners.]
F
On 11/01/2013 17:12, Thorsten Glaser wrote:
> On Sun, 16 Dec 2012, Jérémy Lal wrote:
>
>> I am working on a fix.
>
> Any news?
I'll try to make config script use the first generated
password if a second database user name is the same as a first
one. But i'm not sure i can even read the first pa
Processing commands for cont...@bugs.debian.org:
> tags 697870 + pending
Bug #697870 [redhat-cluster-suite] redhat-cluster-suite: Fails to install due
to removed clvm package
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
697870: http://bug
tags 697870 + pending
thanks
Dear maintainer,
I've prepared an NMU for redhat-cluster (versioned as 3.1.8-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
Note: I know that #697870 is not yet older than 7 days. If you want to
do an upload yourself or I
Processing commands for cont...@bugs.debian.org:
> tags 685061 + pending
Bug #685061 [gfs2-utils] gfs2-utils: fails to install due to incorrect
dependencies in init.d LSB header
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
685061: http://
tags 685061 + pending
thanks
Dear maintainer,
I've prepared an NMU for gfs2-utils (versioned as 3.1.3-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
p.s.: I know this package is only available in unstable, so one might
argue why the NMU is done. But r
On 09/01/13 21:54, Michael Biebl wrote:
> On 09.01.2013 22:29, Simon McVittie wrote:
>> As far as I can work out, bumping libgstreamer0.10-0's shlibs
>> would only help to achieve this if we additionally NMU a bunch of
>> packages to rebuild them against the new libgstreamer0.10-0 so
>> they get a
Processing commands for cont...@bugs.debian.org:
> tags 681227 + patch
Bug #681227 [grub-installer] does not validate free-form input
Added tag(s) patch.
> block 651720 by 681227
Bug #651720 {Done: Wouter Verhelst } [src:grub-installer]
new ZFS install on / fails if /boot isn't ZFS
651720 was not
tags 681227 + patch
block 651720 by 681227
# kFreeBSD bugfix couldn't enter wheezy yet due to regressions
thanks
Hi,
On 07/01/13 19:56, Wouter Verhelst wrote:
>> What to do with the workaround added by Wouter in grub-installer/1.84?
>
> The workaround tried to eliminate the possibility of invali
Processing commands for cont...@bugs.debian.org:
> notfound 659994 icedove/10.0.3-2
Bug #659994 [icedove] [regression] icedove: symbol lookup error:
[...]/libdbusservice.so: undefined symbol: NS_Alloc
Bug #660736 [icedove] Subject: icedove deads on undefined symbol
Bug #691985 [icedove] icedove:
Hello Raymond,
On Thu, Dec 13, 2012 at 01:45:35PM -0500, Raymond S Brand wrote:
> Carsten,
>
> I'm still using the (current) one from Debian Squeeze, and every
> time there is a security update I have to remove those libraries
> again to get it to work.
why not trying to use a version from Backp
Your message dated Fri, 11 Jan 2013 17:32:38 +
with message-id
and subject line Bug#697186: fixed in ding-libs 0.1.3-2
has caused the Debian Bug report #697186,
regarding Missing dependency on libcollection-dev
to be marked as done.
This means that you claim that the problem has been dealt wi
Processing commands for cont...@bugs.debian.org:
> found 697895 0.9.13-2
Bug #697895 [libextlib-ruby] Update libextlib-ruby / ruby-extlib for
vulnerabilities (Re: CVE-2013-0156)
Marked as found in versions libextlib-ruby/0.9.13-2.
> severity 697895 grave
Bug #697895 [libextlib-ruby] Update libext
Hi,
Though I'm currently not using md, I have done so in the past, and it
has always worked well for me. I saw this bug report and thought that
I might try to reproduce it. Here's what I did:
1. retrieved debian-5010-i386-netinst.iso from
http://cdimage.debian.org/mirror/cdimage/archive/5.0.1
Your message dated Fri, 11 Jan 2013 17:15:50 +0100
with message-id <2013061550.GA17037@elende>
and subject line Re: [htcondor-debian] Bug#697936: condor: CVE-2012-5390:
possible privilege escalation
has caused the Debian Bug report #697936,
regarding condor: CVE-2012-5390: possible privilege e
On Sun, 16 Dec 2012, Jérémy Lal wrote:
> I am working on a fix.
Any news?
In the meantime, I tried to recover myself: look into
/etc/redmine/default/database.yml what was used as
password, connect as postgres to the DB and ALTER ROLE
and set the redmine user’s password to that.
Doesn’t work ☹
On Jan 11, 2013, at 8:45 AM, Salvatore Bonaccorso wrote:
> Hi
>
> I have submitted this as grave severity, but could you double check if
> this is actually a problem for condor in Debian?
>
> [1]:
> http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
>
> Regard
Control: found -1 3.2.1-2
On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
Package: nagios3
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-6096:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
Fix:
http://nagios.svn.sourcefor
Processing control commands:
> found -1 3.2.1-2
Bug #697930 [nagios3] nagios3: CVE-2012-6096
Marked as found in versions nagios3/3.2.1-2.
--
697930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697930
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE,
Processing commands for cont...@bugs.debian.org:
> severity 697795 important
Bug #697795 [tsung] tsung crashes: "Kernel pid terminated"
Severity set to 'important' from 'grave'
> tags 697795 = moreinfo unreproducible
Bug #697795 [tsung] tsung crashes: "Kernel pid terminated"
Added tag(s) unreprodu
$ tsung -f tsung.xml start
Starting Tsung
"Log directory is: /home/ghantoos/.tsung/log/20130111-1011"
^C
BREAK: (a)bort (c)ontinue (p)roc info (i)nfo (l)oaded
(v)ersion (k)ill (D)b-tables (d)istribution
Can you please provide you xml file for further investigation?
In the meantime, I will be downgrading the severity to Important.
Cheers,
Ignace M
Because of this bug i updated to 3.6.1-1 from experimental - it didn't
help.
Regards
Karsten
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi
I have submitted this as grave severity, but could you double check if
this is actually a problem for condor in Debian?
[1]:
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.deb
Package: condor
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerability was published for condor.
CVE-2012-5390[0]:
Possible privilege escalation
This is mentioned on the stable release series notes[1] as
On 18:55 Thu 10 Jan , Michael Biebl wrote:
> On 10.01.2013 18:25, Vasudev Kamath wrote:
> > Package: libgtk-3-bin
> > Version: 3.4.2-5
> > Severity: serious
> >
> > When trying to upgrade from 3.4.2-4 to 3.4.2-5 I get following error and
> > aptitude aborts
> >
> > Adding 'diversion of /usr/s
On Fri, Jul 27, 2012 at 02:51:20PM +, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the owncloud package:
>
> #681138: owncloud: setup sets wrong db entrys which prevent using cal/carddav
>
> It has been closed by Tho
Package: icinga
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-6096:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
Fix:
http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
Cheers,
Moritz
--
Package: nagios3
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2012-6096:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
Fix:
http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
Cheers,
Moritz
--
Package: plexus-cipher
Version: 1.5-3
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
When building on a fast machine i get:
Running org.sonatype.plexus.components.cipher.PBECipherTest
+K09MzMSG00HwGTNaRzYDsUqhiabft0kDLpG1hGpezo=
+K09Mz
Ping,
any news regarding this RC bug? If no one volunteers, I'd be happy to
make an NMU. As for the testing of this bug, I cannot readily verify
the fix since the test utility for Connman - "test-connman" - is not
part of Debian.
However, since the patch was provided by upstream, I assume that th
On Thu, Jan 10, 2013 at 09:26:37PM +0100, Thomas Girard wrote:
> Since my GPG key has expired, I will not be able to upload this in a
> timely fashion, so you can consider this email as a call for NMU.
>
For info, you can simply change the expiration date...
Neil
--
To UNSUBSCRIBE, email to d
On Sat, Jan 05, 2013 at 04:44:48PM +, Dominic Hargreaves wrote:
> Strangely, when I try and reproduce with a vanilla 5.14.3 build, I
> get:
>
> $ ./perl -e 'print "x"x(2**31)'
> $ echo $?
> 0
>
> which seems wrong in a different way...
FWIW, I can reproduce it with an unpatched 5.14.3 on cu
46 matches
Mail list logo
