Bug#939866: mariadb-server-10.1: replication hangs in state "Slave_IO_Running: Preparing" after upgrade from 10.1.38 to 10.1.41

Hello, We confirm this serious bug. After upgrading from 10.1.38-0+deb9u1 to 10.1.41-0+deb9u1, replication is completely broken. For the moment we `apt-mark old` mariadb package with 10.1.38-0+deb9u1 version on all our servers. Regards, -- Grégory Colpart - CEO Evolix - Clé OpenPGP : 0x4497527

Bug#921030: Fails to import the ansible module since its migration to Python 3

Hi Samuel, On Sun, Feb 24, 2019 at 03:25:26AM +, Samuel Henrique wrote: > I'm working on this: https://salsa.debian.org/debian/ansible-lint > I think i'm close to an upload now, there's only some problems with .js > sources. I review your patches and all is right, in particular your removal o

Bug#598582: [pkg-horde] Bug#598582: horde3: Four security issues in Horde

Hello, On Wed, Nov 03, 2010 at 07:58:25PM +0100, Mehdi Dogguy wrote: > On 0, Gregory Colpart wrote: > > > > For horde3, I prepare the patches for Lenny and Squeeze/Sid. They > > are on http://git.debian.org/?p=pkg-horde/horde3.git;a=summary > > I'm waiti

Bug#598582: [pkg-horde] Bug#598582: horde3: Four security issues in Horde

For horde3, I prepare the patches for Lenny and Squeeze/Sid. They are on http://git.debian.org/?p=pkg-horde/horde3.git;a=summary I'm waiting comments from upstream before uploading. Regards, -- Gregory Colpart GnuPG:4096R/B8612B5D Evolix - Informatique et Logiciels Libres http://www.evo

Bug#595313: nagvis: unable to read input file /etc/dbconfig-common/ndoutils-mysql.conf

(no description available) nagvis suggests no packages. -- no debconf information -- Gregory Colpart GnuPG:4096R/B8612B5D Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe&q

Bug#585165: [pkg-horde] Bug#585165: CVE-2010-1916: Security issue in Xinha

Hi, On Thu, Jul 15, 2010 at 02:51:07PM +0200, Alexander Reichle-Schmehl wrote: > > * Gregory Colpart [100622 01:48]: > [..] > > > Please check if your code copy is affected and update the internal copy. > > I think code copy of xinha in Horde is not affected because

Bug#585165: [pkg-horde] Bug#585165: CVE-2010-1916: Security issue in Xinha

lity/index.h+tml > http://xinha.webfactional.com/ticket/1518 > > Please check if your code copy is affected and update the internal copy. I think code copy of xinha in Horde is not affected because there is no PHP code from Xinha on it. Majority of Xinha plugins are not present. Regards

Bug#548231: [pppoeconf] menu item fails unless launched as root

exec gksu "$0" "$@" || exit 1 --8<-- Regards, -- Gregory Colpart GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#551127: unsatisfiable Depends: pear (>= 5.2.0-8)

n.org/GregoryColpart/PearPolicyDraft : "Depends should: * have php-pear, probably versionned (See in package.xml) Note we have PEAR 1.4.11 in php-pear etch package (version 5.2.0-8*), and if could be a good idea to use (>= 5.2.0-8) if possible to make backport easier." Regards,

Bug#547318: [pkg-horde] Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver

> > Now, I'm waiting upstream advice before building/uploading. > > Ok great. So far the diff looks good to me. Feel free to > upload to security master (and additionally you might drop > me a mail so I don't miss it). Thanks for your work! Patch reviewed by upstream,

Bug#547318: [pkg-horde] Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver

ity, patch is pushed: http://git.debian.org/?p=pkg-horde/horde3.git;a=commitdiff;h=0a71866537d0bd896fda156ba83be746483714a4 Now, I'm waiting upstream advice before building/uploading. Regards, -- Gregory Colpart GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.e

Bug#547318: [pkg-horde] Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver

mmitdiff;h=a3873329efa3ed5797678626638afbb2bb4f48d0 Now I'm testing package and preparing upload for sid. Regards, -- Gregory Colpart GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject

Bug#528927: [pkg-horde] Bug#528927: horde3 should depend on php-mdb2

56826196d4163e29 Bug is also present in Lenny. Workaround: install php-mdb2 package... ! I downgrade the severity of the bug, because Horde could work without database. Then php-mdb2 should be in Recommends and not in Depends. Regards, -- Gregory Colpart GnuPG:1024D/C1027A0E Evolix - Informatique e

Bug#515892: [pkg-horde] Bug#515892: horde3: Nothing works after upgrading from 3.1.3-4etch4 to 3.2.2+debian0-2

sible to "see > all headers" when clicking it, I always get "Requested message > not found." > - Many messages aren't viewable online Outch. Could you open separate bug report for them? Or even open bug reports directly in upstream BTS (bugs.horde.org)? R

Bug#495554: [pkg-horde] Bug#495554: Bug#495554: imp4: It can be use to inject email thought Imp

said it's from a regular user. Could you try to track him in horde's logs? Could you also give the version of your horde3 package? [*]http://marc.info/?l=horde&m=120119991901767&w=2 Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Info

Bug#495554: [pkg-horde] Bug#495554: imp4: It can be use to inject email thought Imp

MSIE 7.0; Windows NT 5.1; > .NET CLR 1.1.4322; .NET CLR 2.0.50727)" > > So i cannot block expand.php because this is use by the user that log > into the systen to send email. but besides the spammers are abusing > the system. Thanks for your report. Are you sure spammers don&

Bug#424810: not fixed

= 5.2.0-8) Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#470640: Fixed horde3 packages

re of this copyright problem[*] which apply for a lot of horde packages. I/We will fix them ASAP. [*]http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/2008-February/002067.html Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatiqu

Bug#470640: Fixed horde3 packages

e your horde3 package. 8<-- Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#470640: [pkg-horde] Bug#470640: intent to NMU

7;t mail you or tag "pending" this bug (our ARCH repository doesn't tag BTS automatically). For unstable, I have a "new upstream package" ready (I will ask sponsoring for it in few minutes). For Etch and Sarge, I will prepare patched packages if needed during this wee

Bug#464058: [horde-vendor] Bug#464058: turba access checking issue

package. 8<-- Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#464058: [horde-vendor] Bug#464058: turba access checking issue

he process of creating one. We're waiting it. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#464058: [horde-vendor] Bug#464058: turba access checking issue

urba 2.1.4 (Debian stable): http://gcolpart.evolix.net/debian/turba2/turba2_2.1.3-1_2.1.3-1etch1.diff - Patch for Turba 2.0.2 (Debian oldstable): http://gcolpart.evolix.net/debian/turba2/turba2_2.0.2-1_2.0.2-1sarge1.diff Note: FYI, Debian security team requested CVE id for this security issue. Reg

Bug#464058: turba access checking issue

now. I was waiting a feedback from Peter, original bug submitter. If not, I will test your patch, but probably not before thursday. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email

Bug#442970: scalable-cyrfonts: FTBFS: make[1]: *** [convert] Error 1

fonts). Find in attachment a patch as small and as non-disruptive as it can be :) [*]http://fontforge.sourceforge.net/scripting.html Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ --- rules.ori 2008-02-12 23:

Bug#464058: turba access checking issue

to be able to add contacts from one > address book to a contact list in another address book? If not then users > should also no longer be able to add contacts to contact lists from other > address books. Could you give more details (sources.php, etc.) on this problem ? Regards, -- Gregory

Bug#445406: [pkg-horde] Bug#445406: login to horde3 fails due to wrong cookie path

o say here). > --- conf.php.old 2007-10-05 15:56:41.0 +0200 > +++ conf.php 2007-10-05 15:56:30.0 +0200 There is no conf.php file in horde3 package. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres

Bug#431584: Correct patch for #431584

[Debian BSP, September 29/30th] Hello, Here is a correct patch to verify if userdel is installed during postrm. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ diff -u ldapdns-2.06/debian/rules ldapdn

Bug#431590: Patch for #431590

tags 431590 +patch thanks [Debian BSP, September 29/30th] Hello, Here is a patch to verify if deluser/delgroup is installed during postrm. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ diff -u

Bug#431523: NMU patch for #431523

tags 431523 +patch thanks [Debian BSP, September 28/29th] Hello, Here is a NMU patch to verify if ucf is installed during postrm. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ diff -u nagios-1.4/

Bug#427418: NMU patch for #427418

tags 427418 +patch thanks [Debian BSP, September 28/29th] Hello, I think upstream needs rename all icons in rubrica-*.png Here is a NMU-patch for renaming 'contacts.png' icon, which fixes this RC-bug. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evoli

Bug#443899: php-pear: CVE-2007-2519: PEAR installer arbitrary code execution vulnerability

crucial system files if the PEAR Installer is running as a privileged user. Vendor advisory: http://pear.php.net/advisory-20070507.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2519 I attach a patch backported by Ubuntu for this security issue. Regards, -- Gregory Colpart

Bug#434045: [pkg-horde] Bug#434045: security-bug informations for horde3 package

Hello, Here is a little "ping" to know if you intent to fix this security issue[*] opened since july 2007. [*] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434045 Regards, On Sun, Jul 22, 2007 at 09:06:48AM +0200, Gregory Colpart wrote: > Hello, > > The pac

Bug#438001: amavisd-new: Impossible to install

talling? During your sarge->etch upgrade, did you read the debconf message? (See bug #430028). Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#438001: amavisd-new: Impossible to install

ault configuration: ---8<--- /etc/amavis/conf.d$ grep -r "$.*socket" ./ ./25-amavis_helpers:$unix_socketname = ''; ./20-debian_defaults:$inet_socket_port = ''; /etc/amavis/conf.d$ sudo /etc/init.d/amavis start Starting amavisd: No listen sockets or ports speci

Bug#431853: depends on non-essential package adduser in postrm

bug. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ --- amavisd-new.postrm.orig 2007-08-11 16:02:00.0 +0200 +++ amavisd-new.postrm 2007-08-11 15:59:10.0 +0200 @@ -18,6 +18,36 @@

Bug#434045: security-bug informations for horde3 package

ch) this problem has been fixed in version 3.1.3-4etch1. For the unstable distribution (sid) this problem has been fixed in version 3.1.4-1. We recommend that you upgrade your horde3 package. 8<---------- Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuP

Bug#434045: [pkg-horde] Bug#434045: horde3: Cross-site scripting (XSS) vulnerability

use an attacker could also inject data in HTML code of all pages. Then we could imagine a lot of attacks, for example a fake login/password ... I am working on updated packages and warning security team. Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix

Bug#411479: and with nfs?

On Thu, Apr 26, 2007 at 09:28:03PM +0200, Gregory Colpart wrote: > Hi, > > I have same problem here with deleting lock file and nfs:/home. > My strange workaround is: > % mv ~/.mozilla ~/foo > % mv ~/foo ~/.mozilla Oops, sorry, I'm confused. The problem was presence of

Bug#411479: and with nfs?

Hi, I have same problem here with deleting lock file and nfs:/home. My strange workaround is: % mv ~/.mozilla ~/foo % mv ~/foo ~/.mozilla Regards, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUB

Bug#420098: tla-buildpackage: change module name tla_support to vcs_support

, os -from tla_support import util +from vcs_support import util from tbppy import versions, extcmd, tbpconfig util.verbose = 1 Regards, -- Gregory COLPART GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- System Information: Debian Release: lenny/sid APT prefer

Bug#375077: udevd: nss_ldap: failed to bind to LDAP server -> boot fails

is hacky patch for postinst : if [ -x "/etc/init.d/libnss-ldap" ]; then update-rc.d -f libnss-ldap remove >/dev/null update-rc.d libnss-ldap start 03 S . start 01 0 6 . stop 01 2 3 4 5 . >/dev/null || exit $? fi Regards, -- Gregory Colpart <[EMAIL PROTECTED]>

Bug#358317: tla-buildpackage: Needs adapting to new tla-load-dirs libraries

ver import cmd +from tla_support import commandver def printhelp(): print """Usage: @@ -42,6 +43,8 @@ if len(sys.argv) < 4: syntax() +commandver.setscm("tla") + progname, ARCHIVENAME, ARCHIVELOC, WCLOC = sys.argv CONFIGVER = "%s/configs--head--1.0&qu

Bug#382291: load-dirs-common: Using 'tla -v' instead of 'tla -V' in svk test

ax elif util.getstdoutsafeexec(tlacmd, ['-v'])[0].find('This is svk') != -1: Regards, -- Gregory COLPART <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- System Information: Debian Release: testing/unstable APT p

Bug#364068: [pkg-horde] Bug#364068: imp4: Fails to display any message

On Sat, May 06, 2006 at 01:44:23AM +0300, Mikko Visa wrote: > > I'll try imp 4.1, any idea when it comes to testing? Seems to be in > unstable already. It is now: http://packages.qa.debian.org/i/imp4/news/20060506T210819Z.html Regards -- Gregory Colpart <[EMAIL PROTECT

Bug#323350: #323350: egroupware: Another XMLRPC vulnerability

.dfsg.patch 84f23e68ad3cdecabcefb63edf13405b Thanks, -- Gregory Colpart <[EMAIL PROTECTED]> GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]