Processed: retitle 989144 to inspircd: CVE-2021-33586: memory disclosure

Processing commands for cont...@bugs.debian.org: > retitle 989144 inspircd: CVE-2021-33586: memory disclosure Bug #989144 {Done: Salvatore Bonaccorso } [src:inspircd] inspircd: memory disclosure Changed Bug title to 'inspircd: CVE-2021-33586: memory disclosure' from 'inspircd: memory disclosure'

Processed: isc-dhcp: diff for NMU version 4.4.1-2.3

Processing control commands: > tags 989157 + patch Bug #989157 [src:isc-dhcp] isc-dhcp: CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient Added tag(s) patch. > tags 989157 + pending Bug #989157 [src:isc-dhcp] is

Bug#989157: isc-dhcp: diff for NMU version 4.4.1-2.3

Control: tags 989157 + patch Control: tags 989157 + pending Dear maintainer, I've prepared an NMU for isc-dhcp (versioned as 4.4.1-2.3) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer (or even if fine with the NMU and want me to reschedule). Regards, Salvat

Processed: isc-dhcp: CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient

Processing control commands: > found -1 4.4.1-2 Bug #989157 [src:isc-dhcp] isc-dhcp: CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient Marked as found in versions isc-dhcp/4.4.1-2. -- 989157: https://bugs.debi

Bug#989157: isc-dhcp: CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient

Source: isc-dhcp Version: 4.4.1-2.2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 4.4.1-2 Hi, The following vulnerability was published for isc-dhcp. CVE-2021-25217[0]: | In ISC DHCP 4.1-ESV-R1 -

Processed: severity of 989080 is serious

Processing commands for cont...@bugs.debian.org: > severity 989080 serious Bug #989080 [cifs-utils] cifs-utils: Fix for CVE-2021-20208 breaks cifs.upcall Severity set to 'serious' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 989080: https://bug

Bug#989110: marked as done (libptl-dev: missing Depends: libptl1 (= ${binary:Version}))

Your message dated Wed, 26 May 2021 22:34:50 + with message-id and subject line Bug#989110: fixed in ptl 1.0.2-2 has caused the Debian Bug report #989110, regarding libptl-dev: missing Depends: libptl1 (= ${binary:Version}) to be marked as done. This means that you claim that the problem has

Bug#943425: marked as done (klibc: [s390x] setjmp/longjmp do not save/restore all registers in use)

Your message dated Wed, 26 May 2021 22:33:32 + with message-id and subject line Bug#943425: fixed in klibc 2.0.8-6.1 has caused the Debian Bug report #943425, regarding klibc: [s390x] setjmp/longjmp do not save/restore all registers in use to be marked as done. This means that you claim that

Bug#943425: klibc: debdiff for NMU 2.0.8-6.1

Hi Ben, maks, please find attached the debdiff fixing this release-critical bug. I’ve uploaded to DELAYED/0 per devref. Please integrate this into the next maintainer upload. I’ve only added the patch for the wrong registers being saved, not the one fixing sig{set,long}jmp because, apparently, k

Bug#892275: redshift: Unable to connect to GeoClue

* Paul Gevers [210526 21:49]: > On Thu, 4 Feb 2021 14:29:55 +0100 Laurent Bigonville > wrote: > > IMVHO, you should remove the redshift systemd file and let redshift > > start via de xdg autostart mechanism. The geoclue agent should then be > > started before redshift as I think it start the pr

Processed (with 1 error): Merge duplicates

Processing commands for cont...@bugs.debian.org: > reassign 977143 python3-libtorrent Bug #977143 [libtorrent-rasterbar10] libtorrent-rasterbar10: Python argument types in torrent_handle.move_storage(torrent_handle, str) did not match C++ signature Bug reassigned from package 'libtorrent-rasterb

Bug#989095: debdiff patch for CVE-2021-23017

Hello! > If you fix the vulnerability please also make sure to include the CVE (Common > Vulnerabilities & Exposures) id in your changelog entry. I made a debdiff for myself according to upstream instructions from the patch [0]. It is attached to this e-mail. Link to the upstream patch was foun

Processed: tagging 989128

Processing commands for cont...@bugs.debian.org: > tags 989128 + bullseye experimental Bug #989128 [src:orthanc-dicomweb] package statically links without using a Built-Using attribute Added tag(s) experimental and bullseye. > thanks Stopping processing here. Please contact me if you need assist

Processed: tagging 989127

Processing commands for cont...@bugs.debian.org: > tags 989127 + bullseye experimental Bug #989127 [src:orthanc-webviewer] package statically links without using a Built-Using attribute Added tag(s) bullseye and experimental. > thanks Stopping processing here. Please contact me if you need assis

Processed: tagging 989126

Processing commands for cont...@bugs.debian.org: > tags 989126 + bullseye experimental Bug #989126 [src:orthanc-wsi] package statically links without using a Built-Using attribute Added tag(s) experimental and bullseye. > thanks Stopping processing here. Please contact me if you need assistance.

Bug#982769: marked as done (php-horde-text-filter: CVE-2021-26929)

Your message dated Wed, 26 May 2021 19:17:09 + with message-id and subject line Bug#982769: fixed in php-horde-text-filter 2.3.5-3+deb10u2 has caused the Debian Bug report #982769, regarding php-horde-text-filter: CVE-2021-26929 to be marked as done. This means that you claim that the problem

Bug#989144: closing 989144

close 989144 3.8.1-2 thanks

Processed: closing 989144

Processing commands for cont...@bugs.debian.org: > close 989144 3.8.1-2 Bug #989144 [src:inspircd] inspircd: memory disclosure Marked as fixed in versions inspircd/3.8.1-2. Bug #989144 [src:inspircd] inspircd: memory disclosure Marked Bug as done > thanks Stopping processing here. Please contact

Bug#989144: inspircd: memory disclosure

Source: inspircd Version: 3.8.1-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team This is already fixed in unstable with 3.8.1-2: https://docs.inspircd.org/security/2021-01/ The fix should ideally go into testing/bullseye. Regards, Salvatore

Bug#987856: marked as done (lz4: CVE-2021-3520)

Your message dated Wed, 26 May 2021 19:02:13 + with message-id and subject line Bug#987856: fixed in lz4 1.8.3-1+deb10u1 has caused the Debian Bug report #987856, regarding lz4: CVE-2021-3520 to be marked as done. This means that you claim that the problem has been dealt with. If this is not

Bug#984956: Pmix issues with openmpi-4.1.0

Hi Alastair, On 26-05-2021 15:53, Alastair McKinstry wrote: > You mean do an upload of 1.10.0~rc1-7 > (current testing UCX) > as 1.10.1 > ~rc1.really.1.10.0-1? >

Bug#989126: package statically links without using a Built-Using attribute

Control: reassign -1 src:orthanc-wsi 1.0-2 On Mi, 26 mai 21, 12:08:19, Matthias Klose wrote: > Package: src:orthanc-wsi1.0-2 > Version: 1.0-2 > Severity: serious > Tags: sid bulseye > > The package statically links without using a Built-Using attribute, apparently > introduced in the last -3 uplo

Processed: Re: Bug#989126: package statically links without using a Built-Using attribute

Processing control commands: > reassign -1 src:orthanc-wsi 1.0-2 Bug #989126 [src:orthanc-wsi1.0-2] package statically links without using a Built-Using attribute Warning: Unknown package 'src:orthanc-wsi1.0-2' Bug reassigned from package 'src:orthanc-wsi1.0-2' to 'src:orthanc-wsi'. No longer mar

Processed: Re: Bug#989103: pulseaudio crashes on startup

Processing control commands: > tags -1 unreproducible moreinfo Bug #989103 [pulseaudio] pulseaudio crashes on startup Added tag(s) unreproducible and moreinfo. -- 989103: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989103 Debian Bug Tracking System Contact ow...@bugs.debian.org with proble

Bug#989103: pulseaudio crashes on startup

Control: tags -1 unreproducible moreinfo On Tue, May 25, 2021 at 10:27 PM Michał Mirosław wrote: > Package: pulseaudio > Version: 14.2-2 > Severity: grave > Justification: renders package unusable > X-Debbugs-Cc: mirq-debo...@rere.qmqm.pl > > After upgrade to bullseye, pulseaudio crashes on sta

Bug#984956: Pmix issues with openmpi-4.1.0

Hi Paul To confirm: You mean do an upload of 1.10.0~rc1-7 (current testing UCX) as 1.10.1 ~rc1.really.1.10.0-1? thanks Alastair On 20/05/2021

Processed: Re: Bug#987672: designate accesses the internet during the build

Processing control commands: > retitle -1 designate requires a nameserver in /etc/resolv.conf during the > build Bug #987672 [src:designate] designate accesses the internet during the build Changed Bug title to 'designate requires a nameserver in /etc/resolv.conf during the build' from 'designat

Bug#989111: libopenmpi-dev: broken symlinks: /usr/lib/i386-linux-gnu/openmpi/lib/libmca_common_{ofi,ompio}.so

This appears to be limited to i386/ 32-bit systems. They're shipped elsewhere. There have been changes on 32-bit support. Thanks Alastair On 26/05/2021 08:15, Andreas Beckmann wrote: Package: libopenmpi-dev Version: 4.1.1-1 Severity: serious User: debian...@lists.debian.org Usertags: piupart

Bug#987672: designate accesses the internet during the build

Control: retitle -1 designate requires a nameserver in /etc/resolv.conf during the build Control: severity -1 normal What fails is parsing /etc/resolv.conf without nameserver, which is not a problem on the buildds. cu Adrian

Bug#984956: Still occurring here with 4.1.0-9

Alastair McKinstry Hi Can you confirm that openmpi 4.1.0-9 is present on all the nodes ? Regards Alastair From: Dominique Brazziel Reply to: Dominique Brazziel , <984...@bugs.debian.org> Date: Thursday 20 May 2021 at 13:03 To: "984...@bugs.debian.org" <984...@bugs.debian.org> Subject: Bug#984

Bug#989127: package statically links without using a Built-Using attribute

Package: src:orthanc-webviewer Version: 2.7-3 Severity: serious Tags: sid bulseye The package statically links without using a Built-Using attribute, apparently introduced in the last -3 upload. You need to add such an attribute when statically linking.

Bug#989126: package statically links without using a Built-Using attribute

Package: src:orthanc-wsi1.0-2 Version: 1.0-2 Severity: serious Tags: sid bulseye The package statically links without using a Built-Using attribute, apparently introduced in the last -3 upload. You need to add such an attribute when statically linking.

Bug#989128: package statically links without using a Built-Using attribute

Package: src:orthanc-dicomweb Version: 1.5+dfsg-2 Severity: serious Tags: sid bulseye The package statically links without using a Built-Using attribute, apparently introduced in the last -2 upload. You need to add such an attribute when statically linking.

Bug#989120: golang-github-go-sourcemap-sourcemap accesses the network during the build

Package: src:golang-github-go-sourcemap-sourcemap Version: 2.1.3+git20201028.eed1c20-2 Severity: serious Tags: sid bookworm golang-github-go-sourcemap-sourcemap accesses the network during the build, seen on the Ubuntu buildds: dh_auto_test -O--buildsystem=golang cd obj-x86_64-linux-gn

Bug#988929: jverein: broken symlinks: /usr/share/jameica/plugins/jverein/lib/*-*.jar -> ../../../../java/*.jar

Followup-For: Bug #988929 Control: found -1 2.8.18+git20200921.6212a59+dfsg-6 There is one broken link left: 7m26.6s ERROR: FAIL: Broken symlinks: /usr/share/jameica/plugins/jverein/lib/javax.mail-1.6.2.jar -> ../../../../java/javax.mail.jar (jverein) Andreas

Processed: Re: jverein: broken symlinks: /usr/share/jameica/plugins/jverein/lib/*-*.jar -> ../../../../java/*.jar

Processing control commands: > found -1 2.8.18+git20200921.6212a59+dfsg-6 Bug #988929 {Done: Mechtilde Stehmann } [jverein] jverein: broken symlinks: /usr/share/jameica/plugins/jverein/lib/*-*.jar -> ../../../../java/*.jar Marked as found in versions jverein/2.8.18+git20200921.6212a59+dfsg-6; no

Bug#989104: marked as done (kgpg 21.04 depends on 20.08 libkfʼs)

Your message dated Wed, 26 May 2021 17:23:09 +0900 with message-id and subject line Re: Bug#989104: kgpg 21.04 depends on 20.08 libkfʼs has caused the Debian Bug report #989104, regarding kgpg 21.04 depends on 20.08 libkfʼs to be marked as done. This means that you claim that the problem has been

Bug#989115: ntopng-data: broken symlinks: /usr/share/ntopng/httpdocs/font-awesome/fonts/fontawesome-webfont.* and others

Package: ntopng-data Version: 3.8.1+dfsg1-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. >From the attached log (scroll to the bottom...): 0m13.6s ERROR: FAIL: Broken symlinks:

Processed: found 988928 in 7.8.6~rc1-1~exp1, found 988897 in 243-1, found 988930 in 9.0.0-2 ..., affects 988928 ...

Processing commands for cont...@bugs.debian.org: > found 988928 7.8.6~rc1-1~exp1 Bug #988928 [grass-doc] grass-doc: broken symlink: /usr/share/doc/grass-doc/html/jquery -> ../../../javascript/jquery Marked as found in versions grass/7.8.6~rc1-1~exp1. > found 988897 243-1 Bug #988897 [cockpit-ws]

Bug#989112: wims-lti: fails to install: ModuleNotFoundError: No module named 'wimsLTI.config'

Package: wims-lti Version: 0.4.4.1-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the

Bug#989111: libopenmpi-dev: broken symlinks: /usr/lib/i386-linux-gnu/openmpi/lib/libmca_common_{ofi,ompio}.so

Package: libopenmpi-dev Version: 4.1.1-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. >From the attached log (scroll to the bottom...): 7m38.7s ERROR: FAIL: Broken symlinks: /u

Bug#989009: re-open #989009

Control: reopen -1 Control: notfixed -1 gosa/2.7.4+reloaded3-15 Dear maintainers of python3-yaml, this bug has erroneously been closed by an upload of the src:pkg gosa. With this mail, I reopen this bug #989009 again and remove the "fixed in" meta data. Sorry for the noise, Mike -- mike

Processed: re-open #989009

Processing control commands: > reopen -1 Bug #989009 {Done: Mike Gabriel } [src:python-ddt] python-ddt FTBFS with python3-yaml 5.3.1-4 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No long

Bug#989110: libptl-dev: missing Depends: libptl1 (= ${binary:Version})

Package: libptl-dev Version: 1.0.2-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. >From the attached log (scroll to the bottom...): 7m3.8s ERROR: FAIL: Broken symlinks: /usr/li