Bug#984956: Pmix issues with openmpi-4.1.0

2021-05-25 Thread Lucas Nussbaum
Hi Alastair, Any news on that? If you have to time to resolve the issue, please tell me. I can maybe find some time on my side. Lucas On 16/05/21 at 07:25 +0100, Alastair McKinstry wrote: > Hi Lucas > > Yikes. > > No, I wanted to wait and check if there were any issues before issuing an > unb

Processed: found 989074 in 1.3.12-7, tagging 987926, found 987537 in 2.2.3-1, tagging 987537 ...

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > found 989074 1.3.12-7 Bug #989074 [src:aewm] Ship upstream-dead aewm with bullseye? Marked as found in versions aewm/1.3.12-7. > tags 987926 + sid bullseye Bug #987926 [gimp-dcraw] RM: gimp-dcraw, upstream gone, possible security flaws Added tag(s

Bug#989104: kgpg 21.04 depends on 20.08 libkfʼs

2021-05-25 Thread Dmitry Alexandrov
Package: kgpg Version: 4:21.04.0-1 Severity: serious X-Debbugs-Cc: d...@gnui.org Dear maintainer, kgpg 21.04.0-1 depends on libkf5akonadicontact5-20.08 and libkf5akonadicore5-20.08, which are indeed packages from 20.08 KDE and cannot be installed along with their 21.04 versions. As a result kg

Bug#988089: marked as done (mariadb-server: MariaDB uninstalled on dist-upgrade Debian 10 -> 11)

2021-05-25 Thread Debian Bug Tracking System
Your message dated Wed, 26 May 2021 04:48:30 + with message-id and subject line Bug#988089: fixed in galera-4 26.4.8-1 has caused the Debian Bug report #988089, regarding mariadb-server: MariaDB uninstalled on dist-upgrade Debian 10 -> 11 to be marked as done. This means that you claim that t

Bug#989103: pulseaudio crashes on startup

2021-05-25 Thread Michał Mirosław
Package: pulseaudio Version: 14.2-2 Severity: grave Justification: renders package unusable X-Debbugs-Cc: mirq-debo...@rere.qmqm.pl After upgrade to bullseye, pulseaudio crashes on startup in pa_alsa_sink_new() -> find_mixer() due to mapping==NULL. The code at upstream's HEAD seems to assume tha

Bug#989009: marked as done (python-ddt FTBFS with python3-yaml 5.3.1-4)

2021-05-25 Thread Debian Bug Tracking System
Your message dated Tue, 25 May 2021 20:21:03 + with message-id and subject line Bug#989009: fixed in gosa 2.7.4+reloaded3-15 has caused the Debian Bug report #989009, regarding python-ddt FTBFS with python3-yaml 5.3.1-4 to be marked as done. This means that you claim that the problem has been

Processed: tagging 987639

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > tags 987639 + pending Bug #987639 [src:smlsharp] smlsharp FTBFS with gcc 10 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 987639: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987639 De

Processed: nginx: CVE-2021-23017: DNS Resolver off-by-one heap write vulnerability

2021-05-25 Thread Debian Bug Tracking System
Processing control commands: > found -1 1.14.2-2+deb10u3 Bug #989095 [src:nginx] nginx: CVE-2021-23017: DNS Resolver off-by-one heap write vulnerability Marked as found in versions nginx/1.14.2-2+deb10u3. > found -1 1.14.2-2 Bug #989095 [src:nginx] nginx: CVE-2021-23017: DNS Resolver off-by-one h

Bug#989095: nginx: CVE-2021-23017: DNS Resolver off-by-one heap write vulnerability

2021-05-25 Thread Salvatore Bonaccorso
Source: nginx Version: 1.18.0-6 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 1.14.2-2+deb10u3 Control: found -1 1.14.2-2 Hi, The following vulnerability was published for nginx. CVE-2021-23017[0]: | DNS Resolver off-by-one heap

Bug#989049: debspawn: privilege escalation via uid reuse

2021-05-25 Thread Salvatore Bonaccorso
Hi, On Tue, May 25, 2021 at 06:46:33PM +0200, Matthias Klumpp wrote: > Am Di., 25. Mai 2021 um 13:21 Uhr schrieb Salvatore Bonaccorso > : > > [...] > > > > > > Can you please elaborate on why you reopened this issue? I believe it > > > has indeed been addressed with version 0.4.2-1, there is no mo

Processed: Re: triangle: triggers lintian autoreject tag 'malformed-contact'

2021-05-25 Thread Debian Bug Tracking System
Processing control commands: > tags -1 patch Bug #988706 [src:triangle] triangle: triggers lintian autoreject tag 'malformed-contact' Added tag(s) patch. -- 988706: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988706 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems

Bug#989049: debspawn: privilege escalation via uid reuse

2021-05-25 Thread Matthias Klumpp
Am Di., 25. Mai 2021 um 13:21 Uhr schrieb Salvatore Bonaccorso : > [...] > > > > Can you please elaborate on why you reopened this issue? I believe it > > has indeed been addressed with version 0.4.2-1, there is no more uid > > reuse for the build user and Debspawn will pick a free uid that is not

Bug#988917: marked as done (pg-partman: CVE-2021-33204)

2021-05-25 Thread Debian Bug Tracking System
Your message dated Tue, 25 May 2021 18:38:27 +0200 with message-id and subject line Re: Bug#988917: pg-partman: CVE-2021-33204 has caused the Debian Bug report #988917, regarding pg-partman: CVE-2021-33204 to be marked as done. This means that you claim that the problem has been dealt with. If th

Bug#988917: pg-partman: CVE-2021-33204

2021-05-25 Thread Christoph Berg
Version: 4.5.1-1 Re: Salvatore Bonaccorso > CVE-2021-33204[0]: > | In the pg_partman (aka PG Partition Manager) extension before 4.5.1 > | for PostgreSQL, arbitrary code execution can be achieved via SECURITY > | DEFINER functions because an explicit search_path is not set. Fixed in unstable. Ch

Bug#988674: python3-saga: broken symlink: /usr/lib/python3/dist-packages/_saga_api.cpython-39-x86_64-linux-gnu.so -> _saga_api-7.3.0.so

2021-05-25 Thread Sebastiaan Couwenberg
On 5/18/21 7:16 AM, Sebastiaan Couwenberg wrote: > Pre-approval of the changes in saga (7.3.0+dfsg-5) has been requested in > #988692 before upload to unstable. No response on the unblock bugreport yet, hopefully we get the fix into unstable and testing before autoremoval. No saga in bullseye is

Bug#986215: marked as done (scrollz: CVE-2021-29376)

2021-05-25 Thread Debian Bug Tracking System
Your message dated Tue, 25 May 2021 15:48:44 + with message-id and subject line Bug#986215: fixed in scrollz 2.2.3-2 has caused the Debian Bug report #986215, regarding scrollz: CVE-2021-29376 to be marked as done. This means that you claim that the problem has been dealt with. If this is not

Bug#988360: marked as done (pod2pdf: please use versioned Depends: libpod-parser-perl (>= 1.63))

2021-05-25 Thread Debian Bug Tracking System
Your message dated Tue, 25 May 2021 15:03:26 + with message-id and subject line Bug#988360: fixed in pod2pdf 0.42-5.2 has caused the Debian Bug report #988360, regarding pod2pdf: please use versioned Depends: libpod-parser-perl (>= 1.63) to be marked as done. This means that you claim that th

Bug#986662: ossp-padsp not working with recent Pulseaudio

2021-05-25 Thread Ralf Jung
Hi all, Meanwhile, the version of osspd that I had uploaded a while ago finally got accepted to unstable. :) When we prepared the fix, we were not aware that this would become an RC bug, so we didn't strive for a minimal fix. Okay. Then I'll open a bugreport with release.debian.org and ask

Bug#989071: libbz2.a isn't compiled with -fPIC

2021-05-25 Thread Raul Tambre
Package: bzip2 Version: 1.0.8-4 Severity: serious Debian policy 10.2 requires that Architecture: any packages be compiled with -fPIC. While libbz2.so is, libbz2.a isn't (see readelf --relocs /usr/lib/x86_64-linux-gnu/libbz2.so). -- System Information: Debian Release: 11.0 APT prefers experime

Processed: notfound 989049 in 0.4.2-1

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > notfound 989049 0.4.2-1 Bug #989049 {Done: Salvatore Bonaccorso } [debspawn] debspawn: privilege escalation via uid reuse There is no source info for the package 'debspawn' at version '0.4.2-1' with architecture '' Unable to make a source versio

Processed: closing 989049, found 989049 in 0.4.1-1

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > # fixup previous copy paste error for the found version > found 989049 0.4.1-1 Bug #989049 [debspawn] debspawn: privilege escalation via uid reuse Marked as found in versions debspawn/0.4.1-1. > close 989049 0.4.2-1 Bug #989049 [debspawn] debspawn

Bug#989049: debspawn: privilege escalation via uid reuse

2021-05-25 Thread Salvatore Bonaccorso
Hi, On Tue, May 25, 2021 at 10:32:36AM +0200, Matthias Klumpp wrote: > Hi Salvatore! > > Am Di., 25. Mai 2021 um 06:51 Uhr schrieb Debian Bug Tracking System > : > > > > Processing commands for cont...@bugs.debian.org: > > > > > found 989049 0.4.2-1 > > Bug #989049 {Done: Matthias Klumpp } [debsp

Processed: severity of 989075 is critical

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > severity 989075 critical Bug #989075 [src:4store] RM: src:4store -- ROM; dead upstream Severity set to 'critical' from 'grave' > thanks Stopping processing here. Please contact me if you need assistance. -- 989075: https://bugs.debian.org/cgi-bi

Processed: severity of 989075 is grave

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > severity 989075 grave Bug #989075 [src:4store] RM: src:4store -- ROM; dead upstream Severity set to 'grave' from 'normal' > thanks Stopping processing here. Please contact me if you need assistance. -- 989075: https://bugs.debian.org/cgi-bin/bug

Bug#988562: ping

2021-05-25 Thread Chris Hofstaedtler
ping to delay autoremoval until unblock bug is processed

Bug#989074: Bug#989005: RM: aewm -- RoQA; dead upstream; unmaintained; very low popcon

2021-05-25 Thread Chris Hofstaedtler
* Pino Toscano [210525 10:44]: [..] > Hence, it looks to me it would be a better idea to simply remove aewm > from Debian. I've cloned this as #989074 against src:aewm. Parties interested in keeping aewm can reply there to indicate their commitments and also keep aewm in bullseye... Chris

Processed: clone 989005

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > clone 989005 -1 Bug #989005 [ftp.debian.org] RM: aewm -- RoQA; dead upstream; unmaintained; very low popcon Bug 989005 cloned as bug 989074 > reassign -1 src:aewm Bug #989074 [ftp.debian.org] RM: aewm -- RoQA; dead upstream; unmaintained; very l

Bug#987388: Crash of amdgpu on Debian 11 Bullseye

2021-05-25 Thread Maxime G.
According to other sources, it looks like a video memory overrun. I'm looking for a way to reproduce it. Do you have any ideas?

Bug#989071: marked as done (libbz2.a isn't compiled with -fPIC)

2021-05-25 Thread Debian Bug Tracking System
Your message dated Tue, 25 May 2021 11:31:18 +0300 with message-id <1b448c3e-a390-6213-0a65-e77670f16...@tambre.ee> and subject line has caused the Debian Bug report #989071, regarding libbz2.a isn't compiled with -fPIC to be marked as done. This means that you claim that the problem has been dea

Processed: bug 988986 is forwarded to https://github.com/leethomason/tinyxml2/issues/867

2021-05-25 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > forwarded 988986 https://github.com/leethomason/tinyxml2/issues/867 Bug #988986 [tinyxml2] ABI change in tinyxml2 8.1.0+dfsg-1 Set Bug forwarded-to-address to 'https://github.com/leethomason/tinyxml2/issues/867'. > thanks Stopping processing here

Bug#989049: debspawn: privilege escalation via uid reuse

2021-05-25 Thread Matthias Klumpp
Hi Salvatore! Am Di., 25. Mai 2021 um 06:51 Uhr schrieb Debian Bug Tracking System : > > Processing commands for cont...@bugs.debian.org: > > > found 989049 0.4.2-1 > Bug #989049 {Done: Matthias Klumpp } [debspawn] debspawn: > privilege escalation via uid reuse > There is no source info for the p