Dear Debian security team,
I'll prepare the "jekyll"'s security fix about CVE-2018-17567 for strech
- https://security-tracker.debian.org/tracker/CVE-2018-17567
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909933
Please check and upload this package for stretch-security.
Patch attached.
See:
https://github.com/BurntSushi/ripgrep/commit/a4868b88351318182eed3b801d0c97a106a7d38f
Le 12/02/2019 à 02:04, peter green a écrit :
Package: rust-ripgrep
Version: 0.10.0-1
Severity: serious
While performing a test build on s390x to see if bug 916615 was
actually fixed I ran into a new err
Processing commands for cont...@bugs.debian.org:
> tags 919461 + pending
Bug #919461 [src:ssreflect] ssreflect FTBFS in unstable
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
919461: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919461
Your message dated Tue, 12 Feb 2019 06:34:18 +
with message-id
and subject line Bug#921362: fixed in bignumber.js 8.0.2+ds-1
has caused the Debian Bug report #921362,
regarding Not suitable for buster, package unmaintained
to be marked as done.
This means that you claim that the problem has b
Your message dated Tue, 12 Feb 2019 06:36:07 +
with message-id
and subject line Bug#921367: fixed in unorm.js 1.4.1-1
has caused the Debian Bug report #921367,
regarding Not suitable for buster, package probably unmaintained
to be marked as done.
This means that you claim that the problem has
Your message dated Tue, 12 Feb 2019 06:34:53 +
with message-id
and subject line Bug#910757: fixed in gnulib 20180621~6979c25-3
has caused the Debian Bug report #910757,
regarding gnulib: CVE-2018-17942 heap-based buffer overflow
to be marked as done.
This means that you claim that the problem
Martin Steigerwald writes:
> Well the file has in its header:
>
> /* Fast hashing routine for a long.
>(C) 2002 William Lee Irwin III, IBM */
>
> /*
> * Knuth recommends primes in approximately golden ratio to the maximum
> * integer representable by a machine word for multiplicative hashin
Martin Steigerwald writes:
> Well the file has in its header:
>
> /* Fast hashing routine for a long.
>(C) 2002 William Lee Irwin III, IBM */
>
> /*
> * Knuth recommends primes in approximately golden ratio to the maximum
> * integer representable by a machine word for multiplicative hashin
Martin Steigerwald writes:
> Well the file has in its header:
>
> /* Fast hashing routine for a long.
>(C) 2002 William Lee Irwin III, IBM */
>
> /*
> * Knuth recommends primes in approximately golden ratio to the maximum
> * integer representable by a machine word for multiplicative hashin
Your message dated Tue, 12 Feb 2019 06:22:25 +
with message-id
and subject line Bug#917160: fixed in nagios4 4.3.4-3
has caused the Debian Bug report #917160,
regarding nagios4: CVE-2018-13441 CVE-2018-13457 CVE-2018-13458
to be marked as done.
This means that you claim that the problem has b
Your message dated Tue, 12 Feb 2019 06:20:11 +
with message-id
and subject line Bug#921682: fixed in binutils-mipsen 2~c2
has caused the Debian Bug report #921682,
regarding binutils-mipsen: FTBFS sid (Version in Debian Archive >= Version in
debian/changelog)
to be marked as done.
This means
Your message dated Tue, 12 Feb 2019 07:14:20 +0100
with message-id <20190212061420.ga16...@x201s.cruise.homelinux.net>
and subject line Re: Bug#914857: thunderbird: add transitional packages for
removed languages to stable
has caused the Debian Bug report #914857,
regarding thunderbird: add transi
> I don't know whether this is an issue from amavisd-new or dpkg
> (start-stop-daemon) but feel free to assign it properly.
Bug #921557 is relevant here.
--
Brian May
Processing commands for cont...@bugs.debian.org:
> found 922050 0.1.1+dfsg1-2
Bug #922050 [src:runc] runc: CVE-2019-5736
Marked as found in versions runc/0.1.1+dfsg1-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
922050: https://bugs.debian.org/cgi-bin/bugrepo
Processing control commands:
> tag -1 pending
Bug #921362 [src:bignumber.js] Not suitable for buster, package unmaintained
Added tag(s) pending.
--
921362: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921362
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #921362 in bignumber.js reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/js-team/bignumber.js/commit/1f9b2ca98fcf057664984da48
Your message dated Mon, 11 Feb 2019 20:55:09 -0800
with message-id <20190212045509.gb9...@virgil.dodds.net>
and subject line Re: Bug#920760: libpam-modules: does not ensure that
pam-auth-update gets called after the package was configured
has caused the Debian Bug report #920760,
regarding libpam-
Your message dated Tue, 12 Feb 2019 04:04:10 +
with message-id
and subject line Bug#922094: fixed in spec-alpha-clojure 0.2.176-3
has caused the Debian Bug report #922094,
regarding spec-alpha-clojure: FTBFS in sid (Could not resolve dependencies for
project org.clojure:spec.alpha:jar:0.2.176
Your message dated Tue, 12 Feb 2019 03:49:04 +
with message-id
and subject line Bug#922092: fixed in core-specs-alpha-clojure 0.2.44-3
has caused the Debian Bug report #922092,
regarding core-specs-alpha-clojure: FTBFS in sid (Could not resolve
dependencies for project org.clojure:core.specs.
I looked into this a bit yesterday.
As mentioned in the issue upstream at
https://github.com/etcd-io/etcd/issues/9353, the fix has been merged in
the master branch of etcd in March 2018, almost a year ago. The
conversation also mentions that this will be part of the next release
v3.4. However v3.4
Package: rust-ripgrep
Version: 0.10.0-1
Severity: serious
While performing a test build on s390x to see if bug 916615 was actually fixed
I ran into a new error. I then did a test build on amd64 and was able to reduce
the same testsuite failure, so this doesn't seem to be architecture specific.
Your message dated Tue, 12 Feb 2019 00:51:43 +
with message-id
and subject line Bug#920423: fixed in sogo 4.0.5-3
has caused the Debian Bug report #920423,
regarding sogo: Exception thrown on "rich" email view after 4.0.5 upgrade (from
3.2.6)
to be marked as done.
This means that you claim t
Hi Onur,
El dl. 11 de 02 de 2019 a les 18:31 +0300, en/na Onur Tolga Sehitoglu
va escriure:
> I just posted the following on the SOGO bugtracker issue page.
> Patched fixed the problem for me:
>
> I figured out the problem. The shouldAskReceipt function in
> UIxMailView.m
> sends a nil email para
Processing commands for cont...@bugs.debian.org:
> tags 920423 + patch pending
Bug #920423 [sogo] sogo: Exception thrown on "rich" email view after 4.0.5
upgrade (from 3.2.6)
Added tag(s) patch and pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
920423:
Processing control commands:
> tag -1 pending
Bug #921367 [src:unorm.js] Not suitable for buster, package probably
unmaintained
Added tag(s) pending.
--
921367: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921367
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #921367 in unorm.js reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/js-team/unorm.js/commit/8cb70ff8609012380b7cad2c0e0ddfccb
On 2/11/19 3:50 AM, Martin Steigerwald wrote:
> Adding in ax...@kernel.dk, as I am not sure whether the oracle.com address
> from Jens is actually valid / up to date.
>
> Domenico Andreoli - 11.02.19, 08:22:
>> On Mon, Feb 11, 2019 at 12:08:32AM +0100, Kristian Fiskerstrand wrote:
>> >
> Mit freun
Hi Michael,
thanks for your message. Sorry for replying that late, but I could read
it only today since it ended up in the spam folder.
On Fri, Feb 08, 2019 at 12:06:48PM +, Michael R. Crusoe wrote:
> Bug #920997 in slurm-wlm reported by you has been fixed in the
> Git repository and is await
Package: src:core-specs-alpha-clojure
Version: 0.2.44-2
Severity: serious
Tags: ftbfs
Dear maintainer:
I tried to build this package in sid but it failed:
[...]
debian/rules build-indep
dh build-indep
dh_update_
Package: src:spec-alpha-clojure
Version: 0.2.176-2
Severity: serious
Tags: ftbfs
Dear maintainer:
I tried to build this package in sid but it failed:
[...]
debian/rules build-indep
dh build-indep
dh_update_autot
Package: src:node-commander
Version: 2.12.2-2
Severity: serious
Tags: ftbfs
Dear maintainer:
I tried to build this package in sid but it failed:
[...]
debian/rules build-indep
dh build-indep --with nodejs
dh_upd
Processing control commands:
> tag -1 pending
Bug #919898 [ceph-common] ceph-common: missing Breaks+Replaces: ceph-base (<<
12.2.10+dfsg1-1~)
Ignoring request to alter tags of bug #919898 to the same tags previously set
--
919898: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919898
Debian
Control: tag -1 pending
Hello,
Bug #919898 in ceph reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/ceph-team/ceph/commit/5781cc593e70f0e1bb7d8b402edec681e3ec087
Processing commands for cont...@bugs.debian.org:
> tags 917736 + experimental
Bug #917736 [src:openhft-chronicle-core] openhft-chronicle-core: FTBFS: [ERROR]
/<>/src/main/java/net/openhft/chronicle/core/io/IOTools.java:[32,27]
cannot find symbol
Added tag(s) experimental.
> tags 917738 + experim
Hi,
> On the other hand, the first thing I would do if this was working
> would be to try removing more hardening features as previously
> discussed on this bug number until it (likely) worked. Could you
> try this please?
>
> Also, perhaps enable some deeper logging? Or check the actual
> redis-
I attempted starting 1.4.10-3+deb9u3 with a new persistence_location
directory, and it started up correctly. In the crashing directory, I
have a couple of retained messages and the crash appears to be during
loading of those.
Hi Petri
On 2019-01-22 10:02:40, Petri Hintukainen wrote:
> Hello,
>
> On Wed, Jan 16, 2019 at 7:14 AM Reinhard Tartler wrote:
> > Looking at the commit history, it seems that there have been some
> > changes wrt java
> > compatibility, mostly by you. I wonder whether you'd expect libbluray
> > t
Source: borgbackup
Version: 1.1.8-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://github.com/borgbackup/borg/issues/3903
Control: fixed -1 1.1.9-1
As there is no CVE assigned for this issue, fill a bug for having an
unique identifier withing Debian.
Processing control commands:
> fixed -1 1.1.9-1
Bug #922080 [src:borgbackup] borgbackup: fuse mount exposes backup to
unauthorized users
Marked as fixed in versions borgbackup/1.1.9-1.
--
922080: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922080
Debian Bug Tracking System
Contact ow...@b
Processing commands for cont...@bugs.debian.org:
> # version tracking is confused by bugs with found and fixed in different
> # packages
> reassign 918079 nbsphinx0.3
Bug #918079 {Done: Jerome Benoit } [src:nbsphinx] pandas:
FTBFS: B-D on python-nbsphinx which is no longer installable nor built a
Processing commands for cont...@bugs.debian.org:
> # bug files against multiple packages confuses version tracking, fixing
> # second attempt
> reassign 918913 nbconvert 5.4-1
Bug #918913 {Done: Julien Puydt } [src:nbconvert,
src:nbsphinx] nbconvert 5.4 breaks nbsphinx
Bug reassigned from package
Processing commands for cont...@bugs.debian.org:
> # bug files against multiple packages confuses version tracking, fixing
> reassign 918913 nbconvert/5.4-1
Unknown command or malformed arguments to command.
> fixed 918913 nbconvert/5.4-2
Bug #918913 {Done: Julien Puydt } [src:nbconvert,
src:nbsp
Processing commands for cont...@bugs.debian.org:
> # the changelog entry for 31 is missing in the changelog for 32, so version
> # tracking doesn't know the bug is fixed in 32 (which builds file on the
> # buildd)
> fixed 917745 32
Bug #917745 {Done: Matthias Klose } [src:cross-toolchain-base]
cr
Your message dated Mon, 11 Feb 2019 19:36:07 +
with message-id
and subject line Bug#922020: fixed in xkeyboard-config 2.26-2
has caused the Debian Bug report #922020,
regarding gnome-shell: Keyboard layout not applied in programs using Xwayland
to be marked as done.
This means that you claim
Your message dated Mon, 11 Feb 2019 19:36:07 +
with message-id
and subject line Bug#922020: fixed in xkeyboard-config 2.26-2
has caused the Debian Bug report #922020,
regarding Chromium / Firefox⁻esr fall back to QWERTY keyboard
to be marked as done.
This means that you claim that the problem
Processing control commands:
> severity -1 minor
Bug #913359 [x11-xkb-utils] xkbcomp.pc requires libxkbfile-dev as dependency
Severity set to 'minor' from 'serious'
--
913359: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913359
Debian Bug Tracking System
Contact ow...@bugs.debian.org with p
Control: severity -1 minor
On Sun, Feb 10, 2019 at 10:12:31PM +0600, Judit Foglszinger wrote:
> tags 913359 +patch
> user debian-rele...@lists.debian.org
>
> usertag 913359 + bsp-2019-02-de-berlin
> thanks
>
> Added a patch.
> diff -Nru x11-xkb-util
Your message dated Mon, 11 Feb 2019 18:50:01 +
with message-id
and subject line Bug#921753: fixed in librime 1.4.0+dfsg1-2
has caused the Debian Bug report #921753,
regarding librime-dev: wrong libdir in
/usr/lib/x86_64-linux-gnu/pkgconfig/rime.pc
to be marked as done.
This means that you cl
Your message dated Mon, 11 Feb 2019 18:49:15 +
with message-id
and subject line Bug#922059: fixed in flatpak 1.2.3-1
has caused the Debian Bug report #922059,
regarding flatpak: vulnerability similar to runc CVE-2019-5736 involving
/proc/self/exe
to be marked as done.
This means that you cla
Control: tags -1 + patch
Attached is a debdiff against version 1.0.0~rc6+dfsg1-1 in sid/buster.
I'm happy to upload this if it'd be helpful.
noah
diff -Nru runc-1.0.0~rc6+dfsg1/debian/changelog runc-1.0.0~rc6+dfsg1/debian/changelog
--- runc-1.0.0~rc6+dfsg1/debian/changelog 2019-01-24 12:55:34.0
Your message dated Mon, 11 Feb 2019 18:50:01 +
with message-id
and subject line Bug#921753: fixed in librime 1.4.0+dfsg1-2
has caused the Debian Bug report #921753,
regarding librime-dev: wrong libdir in
/usr/lib/x86_64-linux-gnu/pkgconfig/rime.pc
to be marked as done.
This means that you cl
Processing control commands:
> tags -1 + patch
Bug #922050 [src:runc] runc: CVE-2019-5736
Added tag(s) patch.
--
922050: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Package: mosquitto
Version: 1.4.10-3+deb9u3
Severity: grave
Justification: renders package unusable
Dear Maintainer,
* What led up to the situation?
On armv7l box, after updating from 1.4.10-3+deb9u2 to 1.4.10-3+deb9u3,
mosquitto dumps core on startup.
Used gdb to get a stack trace (after in
Your message dated Mon, 11 Feb 2019 18:37:57 +
with message-id
and subject line Bug#922027: fixed in python-django 1:1.11.20-1
has caused the Debian Bug report #922027,
regarding CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()
to be marked as done.
This means that you c
Processing control commands:
> tag -1 pending
Bug #922059 [flatpak] flatpak: vulnerability similar to runc CVE-2019-5736
involving /proc/self/exe
Added tag(s) pending.
--
922059: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922059
Debian Bug Tracking System
Contact ow...@bugs.debian.org wi
Control: tag -1 pending
Hello,
Bug #922059 in flatpak reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/debian/flatpak/commit/edda1581f561abd42f0e3bbe82cfd784cf48
Processing control commands:
> tag -1 pending
Bug #922027 [python-django] CVE-2019-6975: Memory exhaustion in
django.utils.numberformat.format()
Added tag(s) pending.
--
922027: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922027
Debian Bug Tracking System
Contact ow...@bugs.debian.org wit
Control: tag -1 pending
Hello,
Bug #922027 in python-django reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/modules/python-django/commit/1d0dc8f3bfa
Processing commands for cont...@bugs.debian.org:
> retitle 921753 librime-dev: wrong libdir in
> /usr/lib/x86_64-linux-gnu/pkgconfig/rime.pc
Bug #921753 [librime-dev] fcitx-rime: FTBFS (dh_auto_configure fails)
Bug #921755 [librime-dev] ibus-rime: FTBFS (Syntax error in cmake code)
Changed Bug ti
Processing control commands:
> reassign -1 librime-dev
Bug #921755 [src:ibus-rime] ibus-rime: FTBFS (Syntax error in cmake code)
Bug reassigned from package 'src:ibus-rime' to 'librime-dev'.
No longer marked as found in versions ibus-rime/1.3.0-1.
Ignoring request to alter fixed versions of bug #9
Control: reassign -1 librime-dev
Control: affects -1 src:fcitx-rime src:ibus-rime
Control: retitle: librime-dev: wrong libdir in
/usr/lib/x86_64-linux-gnu/pkgconfig/rime.pc
Control: found -1 1.4.0+dfsg1-1
Control: merge 921753 921755
/usr/lib/x86_64-linux-gnu/pkgconfig/rime.pc has:
libdir=$/usr/
Processing control commands:
> reassign -1 librime-dev
Bug #921753 [src:fcitx-rime] fcitx-rime: FTBFS (dh_auto_configure fails)
Bug reassigned from package 'src:fcitx-rime' to 'librime-dev'.
No longer marked as found in versions fcitx-rime/0.3.2-3.
Ignoring request to alter fixed versions of bug #
Your message dated Mon, 11 Feb 2019 16:55:49 +
with message-id
and subject line Bug#909383: fixed in python-mode 1:6.2.3-1.1
has caused the Debian Bug report #909383,
regarding python-mode: fails to install with xemacs21
to be marked as done.
This means that you claim that the problem has bee
On Mon, 11 Feb 2019 at 15:47, Andreas Tille wrote:
>
> On Mon, Feb 11, 2019 at 03:32:47PM +, Carnë Draug wrote:
> >
> > Well, all those regressions are because they can't install bioperl
> > which is their dependency. There is no issue on themselves or in
> > upstream bioperl. The issue is t
Package: flatpak
Version: 1.2.2-1
Severity: critical
Tags: security upstream patch
Justification: root security hole (?)
Control: found -1 1.2.0-1~bpo9+1
Control: found -1 0.8.9-0+deb9u1
Control: found -1 0.8.9-0+deb9u1~bpo8+1
Control: found -1 0.8.5-2+deb9u1
Flatpak upstream releases 1.2.3 and 1.
Processing control commands:
> found -1 1.2.0-1~bpo9+1
Bug #922059 [flatpak] flatpak: vulnerability similar to runc CVE-2019-5736
involving /proc/self/exe
Marked as found in versions flatpak/1.2.0-1~bpo9+1.
> found -1 0.8.9-0+deb9u1
Bug #922059 [flatpak] flatpak: vulnerability similar to runc CVE
Control: tag -1 pending
Hello,
Bug #919119 in scribus-ng reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/debian/scribus-ng/commit/d0cb2daa86d16e12e85d0c9d4bb52f
Processing control commands:
> tag -1 pending
Bug #919119 [src:scribus-ng] scribus-ng: FTBFS in experimental
Added tag(s) pending.
--
919119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919119
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Your message dated Mon, 11 Feb 2019 16:04:30 +
with message-id
and subject line Bug#922016: Removed package(s) from unstable
has caused the Debian Bug report #916637,
regarding libupnp: keep out of testing
to be marked as done.
This means that you claim that the problem has been dealt with.
I
Your message dated Mon, 11 Feb 2019 15:51:42 +
with message-id
and subject line Bug#921988: Removed package(s) from unstable
has caused the Debian Bug report #909981,
regarding erlang-cherly FTBFS with Erlang 21.1
to be marked as done.
This means that you claim that the problem has been dealt
On Mon, Feb 11, 2019 at 03:32:47PM +, Carnë Draug wrote:
>
> Well, all those regressions are because they can't install bioperl
> which is their dependency. There is no issue on themselves or in
> upstream bioperl. The issue is that Debian's bioperl claims to have
> recommend dependency on b
Didier 'OdyX' Raboud dijo [Sat, Feb 02, 2019 at 03:38:01PM +0100]:
> Le samedi, 2 février 2019, 14.48:22 h CET Ian Jackson a écrit :
> > Ping ?
>
> Thank for the ping.
>
> Gunnar and myself have started working on a draft, the latest version of
> which
> is available at
>
> https://salsa
On Fri, 01 Feb 2019 11:36:59 +0100 Jordi Mallach wrote:
> El dj. 31 de 01 de 2019 a les 20:06 +, en/na Matthew Hall va
> escriure:
> > No problem!
> >
> > It seems to actually be a known issue(?) with SOGo upstream, I’ve
> > managed to open a bug report on there own tracker:
> >
> > https://so
On Mon, 11 Feb 2019 at 14:06, Andreas Tille wrote:
>
> Hi Carnė,
>
> On Mon, Feb 11, 2019 at 12:59:45PM +, Carnė Draug wrote:
> > On Wed, 6 Feb 2019 at 14:06, Andreas Tille wrote:
> > > This is what I've though about: Removing the files from bioperl-run
> > > (which would be 1.7.2-5 then)
> >
Your message dated Mon, 11 Feb 2019 15:21:20 +
with message-id
and subject line Bug#921466: fixed in rust-rusty-tags 3.4.0-1
has caused the Debian Bug report #921466,
regarding rust-rusty-tags: Section: FIXME-(source.section)
to be marked as done.
This means that you claim that the problem ha
Your message dated Mon, 11 Feb 2019 15:20:15 +
with message-id
and subject line Bug#910757: fixed in gnulib 20140202+stable-3.1
has caused the Debian Bug report #910757,
regarding gnulib: CVE-2018-17942 heap-based buffer overflow
to be marked as done.
This means that you claim that the proble
Processing commands for cont...@bugs.debian.org:
> tags 922027 + upstream fixed-upstream
Bug #922027 [python-django] CVE-2019-6975: Memory exhaustion in
django.utils.numberformat.format()
Added tag(s) upstream and fixed-upstream.
> thanks
Stopping processing here.
Please contact me if you need a
Source: runc
Version: 1.0.0~rc6+dfsg1-1
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
The following vulnerability was published for runc.
CVE-2019-5736[0]:
runc container breakout
If you fix the vulnerability please also make sure to include the
CVE (Common Vulne
Processing commands for cont...@bugs.debian.org:
> # missing second part of the fix
> found 921131 1.1.31-2.1
Bug #921131 {Done: Holger Levsen } [yum-utils] CVE-2018-10897
Marked as found in versions yum-utils/1.1.31-2.1; no longer marked as fixed in
versions yum-utils/1.1.31-2.1 and reopened.
>
Processing commands for cont...@bugs.debian.org:
> found 922027 1:1.10.7-2+deb9u4
Bug #922027 [python-django] CVE-2019-6975: Memory exhaustion in
django.utils.numberformat.format()
Marked as found in versions python-django/1:1.10.7-2+deb9u4.
> thanks
Stopping processing here.
Please contact me i
Processing commands for cont...@bugs.debian.org:
> found 922027 1:1.10.7-2
Bug #922027 [python-django] CVE-2019-6975: Memory exhaustion in
django.utils.numberformat.format()
Marked as found in versions python-django/1:1.10.7-2.
> thanks
Stopping processing here.
Please contact me if you need ass
Processing commands for cont...@bugs.debian.org:
> found 922027 1:1.11.18-1
Bug #922027 [python-django] CVE-2019-6975: Memory exhaustion in
django.utils.numberformat.format()
Marked as found in versions python-django/1:1.11.18-1.
> thanks
Stopping processing here.
Please contact me if you need a
Your message dated Mon, 11 Feb 2019 14:54:09 +
with message-id
and subject line Bug#916151: fixed in kopete 4:17.08.3-2.1
has caused the Debian Bug report #916151,
regarding kopete FTBFS with glibc 2.28
to be marked as done.
This means that you claim that the problem has been dealt with.
If t
Your message dated Mon, 11 Feb 2019 14:56:06 +
with message-id
and subject line Bug#921990: fixed in mypy 0.670-2
has caused the Debian Bug report #921990,
regarding mypy should depend on the precise version of python3-mypy
to be marked as done.
This means that you claim that the problem has
Your message dated Mon, 11 Feb 2019 14:53:06 +
with message-id
and subject line Bug#914146: fixed in dogecoin 1.10.0-7.1
has caused the Debian Bug report #914146,
regarding dogecoin FTBFS with boost 1.67
to be marked as done.
This means that you claim that the problem has been dealt with.
If
> On Mon, 11 Feb 2019, Ulrich Mueller wrote:
> On Mon, 11 Feb 2019, Domenico Andreoli wrote:
>> On Mon, Feb 11, 2019 at 12:08:32AM +0100, Kristian Fiskerstrand wrote:
>>> It was [pointed out] by one of our license group that [hash.h] is the
>>> same that has a GPL-2+ in [fio] which has a
The bug does not seem to be fixed.
I am still getting this error:
2019-02-11 15:45:44 ERROR verify gpg signature exited with code 2
2019-02-11 15:45:44 ERROR Last 5 lines of standard error:
2019-02-11 15:45:44 ERROR verify gpg signature:
gpg:avec la clef RSA
067E3C456BAE240ACEE88F
On Mon, 11 Feb 2019 15:21:12 +0100
Jan Huijsmans wrote:
> Sorry for the spam, PEBKAC, wront netboot.tar.gz. (wget renamed as the
> old one from just after 4.19.0-2 kernel update was still there)
>
> Linking kernel + netboot update would be great though, or is there a
> standard delay of a day or
Your message dated Mon, 11 Feb 2019 14:46:52 +
with message-id
and subject line Bug#874276: fixed in ca-certificates-java 20170929~deb9u1
has caused the Debian Bug report #874276,
regarding openjdk-8-jre-headless: uninstallable on armhf
to be marked as done.
This means that you claim that the
Your message dated Mon, 11 Feb 2019 14:46:52 +
with message-id
and subject line Bug#874276: fixed in ca-certificates-java 20170929~deb9u1
has caused the Debian Bug report #874276,
regarding ca-certificates-java: fails to install on armhf: Error: missing
`server' JVM at `/usr/lib/jvm/java-8-op
On Mon, 11 Feb 2019 15:17:04 +0100
Jan Huijsmans wrote:
> On Thu, 25 Oct 2018 15:09:31 +0200 Oliver Riesener
> wrote:
> > On 10/25/18 11:06 AM, Oliver Riesener wrote:
> > > On 10/25/18 1:45 AM, Ben Hutchings wrote:
> > >> On Wed, 2018-10-24 at 18:44 +0200, John Paul Adrian Glaubitz
> > >> wrote:
On Mon, Feb 11, 2019 at 09:58:18PM +0800, Keng-Yu Lin wrote:
> I am happy with the NMU.
> Thanks for helping and tidying up the format.
Thanks, so I've hastened it so it will go in today.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4
On Thu, 25 Oct 2018 15:09:31 +0200 Oliver Riesener
wrote:
> On 10/25/18 11:06 AM, Oliver Riesener wrote:
> > On 10/25/18 1:45 AM, Ben Hutchings wrote:
> >> On Wed, 2018-10-24 at 18:44 +0200, John Paul Adrian Glaubitz wrote:
> >>> On 10/24/18 6:42 PM, Oliver Riesener wrote:
> No unetbootin, it
Processing commands for cont...@bugs.debian.org:
> reassign 921939 src:r-cran-mlmrev 1.0-6-5
Bug #921939 {Done: Andreas Tille } [src:lme4,
src:r-cran-mlmrev] lme4 breaks r-cran-mlmrev autopkgtest
Bug reassigned from package 'src:lme4, src:r-cran-mlmrev' to
'src:r-cran-mlmrev'.
No longer marked a
[Adding t...@security.debian.org to CC]
Chris Lamb wrote:
> retitle 922027 CVE-2019-6975: Memory exhaustion in
> django.utils.numberformat.format()
> severity 922027 grave
> found 922027 1:1.10.7-2+deb9u3
> tags 922027 + security
> thanks
Security team, may I upload this to stretch-security? Di
On Mon, 11 Feb 2019 at 21:12, Mattia Rizzolo wrote:
>
> Control: tags 914146 + patch
> Control: tags 914146 + pending
>
>
> Dear maintainer,
>
> I've prepared an NMU for dogecoin (versioned as 1.10.0-7.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
I
Hi Carnë,
On Mon, Feb 11, 2019 at 12:59:45PM +, Carnë Draug wrote:
> On Wed, 6 Feb 2019 at 14:06, Andreas Tille wrote:
> > This is what I've though about: Removing the files from bioperl-run
> > (which would be 1.7.2-5 then)
>
> Upstream has released BioPerl-Run 1.7.3 which fixes this confli
On Feb/09, Nicolas Braud-Santoni wrote:
> Ah, I was bitten in the arse by #884428 again.
> The upload to security-master should now be fine :)
>
> Sorry for accidentally duplicating your work, I didn't realise you had
> prepared a backported fix for stable before the issue went public :)
Thanks
Control: tag -1 pending
Hello,
Bug #921990 in mypy reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/med-team/mypy/commit/21eb078c6bbe9d996f26ee75bc34883c7d1b383a
Processing control commands:
> tag -1 pending
Bug #921990 [mypy] mypy should depend on the precise version of python3-mypy
Added tag(s) pending.
--
921990: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921990
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
1 - 100 of 132 matches
Mail list logo
