Bug#1081514: libcurl-gnutls.so.4: undefined symbol: gnutls_free

On Thursday, 12 September 2024 22:51:39 AEST Simon McVittie wrote: > Looks like a duplicate of which is a > regression in libcurl3t64-gnutls. libcurl4t64 (curl with OpenSSL) looks OK > according to packages.debian.org. Yes the same issue. Thanks for the quick res

Bug#1051181: more info

# id test uid=1001(test) gid=1001(test) groups=1001(test),1003(),1004(zzz2), 1005(test2),1006(test6),1007(test7),1008(test8),1009(test9),1010(test10), 1011(test11),1012(test12),1013(test13),1014(test14),1015(test15),1016(test16), 1017(test17),1018(test18),1019(test19) The above is the test use

Bug#1051181: FTBFS: can't build package when user has more than 16 supplementary groups

Package: fapolicyd Version: 1.1.7-5 Severity: serious Tags: patch ftbfs Justification: fails to build from source (but built successfully in the past) # TOTAL: 2 # PASS: 1 # SKIP: 0 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0 .. contents:: :depth: 2 FAIL: gid_proc_test === ./g

Bug#1037890: fixed in 4.3.5

close 1037890 thanks This was fixed upstream in 4.3.5 -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#963497: not a bug for that version

close 963497 thanks Run "setsebool allow_execmem 1" before running certbot and it will be fine. After running certbot you can run "setsebool allow_execmem 0". Or you could run "setsebool -P allow_execmem 1" to make the change continue to apply after a reboot. The 2:2.20161023.1-9 policy does

Bug#963495: not a bug

close 963495 thanks Run "setsebool allow_execmem 1" before running certbot and it will be fine. After running certbot you can run "setsebool allow_execmem 0". Or you could run "setsebool -P allow_execmem 1" to make the change continue to apply after a reboot. There is no good solution to thi

Bug#956568: libsepol: should build-depend on libselinux1-dev

Source: libsepol Version: 3.0-1 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) Gives a compile error about missing flask.h. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Arch

Bug#943495: Can't reproduce

severity 943495 normal thanks I was unable to reproduce a problem when building with the latest packages from Unstable. It appears to be building the Python 3.8 stuff in the cpython3_3.8 directory. I've installed the gcc package from experimental to make all the gcc links point to version 10,

Bug#952896: kmail: message body section of kmail flickers rapidly and displays no content

Package: kmail Version: 4:19.08.3-1 Severity: critical Justification: breaks unrelated software I tagged this critical and breaks unrelated software as there seems no better tag for software that is dangerous for epileptic people to use. Every time I launch kmail the message body section flickers

Bug#874191: not serious

severity 874191 normal thanks Daemon in the wrong domain is not a reason to have the package removed from testing. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#874191: might be a duplicate

On Thursday, 7 September 2017 8:06:12 PM AEST Harlan Lieberman-Berg wrote: > Hm. Looking more, you may be right. What's odd is that some binaries > that are (presumably) being launched by Gnome are being correctly > given the right context; for example, gdm and X are running as > system_u:system_

Bug#874191: might be a duplicate

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874201 Yesterday I was investigating an issue that might be related and I just filed the above bug report. Please investigate whether that might be the cause. # ps axZ|grep sddm system_u:system_r:xdm_t:s0-s0:c0.c1023 963 ? Ssl0:00 /usr/bin

Bug#853207: bluez: bluetooth.service doesn't start with systemd

Package: bluez Version: 5.43-1 Severity: grave Justification: renders package unusable # systemctl restart bluetooth.service # systemctl status bluetooth.service ● bluetooth.service - Bluetooth service Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled; vendor preset Active: inac

Bug#817677: already fixed

close 817677 thanks I fixed this in version 2.2.1-2 but forgot to put a closes: entry in the changelog. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#800258: already fixed

close 800258 thanks This was fixed in 0.13e but I forgot to list it in the changelog. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#849787: probably best to just ignore this for Stretch

priority 849787 wishlist thanks I've made selinux policy packages conflict with mcstrans so this shouldn't be a problem any more. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#830472: can't reproduce, not serious

severity 830472 normal thanks I can't reproduce this. Version 0.74 fixed all the GCC6 related bugs that occur on my system. Version 0.75 should stay in testing because the amd64 package I uploaded compiled without any serious warnings. I'll fix this bug if I can reproduce it, but it's not a r

Bug#849787: mcstrans: Running mcstrans triggers 849748 and is the most serious SE Linux problem

Package: mcstrans Version: 2.6-2 Severity: critical Tags: upstream Justification: breaks unrelated software While mcstrans has no problems for what it does, it triggers bad interactions between systemd, dbus, and SE Linux. I don't think it is possible to properly solve these issues before the sid

Bug#835910: warzone2100: FTBFS when newer automake is installed

Package: warzone2100 Version: 3.1.1-3 Severity: serious Tags: upstream patch Justification: fails to build from source (but built successfully in the past) The warzone2100 build system insists on automake and aclocal version 1.11. If you have 1.15 installed it won't build. The following patch ma

Bug#778599: Vulnerabilities in nanohttp

On Thu, 21 Apr 2016 02:58:18 PM Salvatore Bonaccorso wrote: > Given the package looks unmaintained (last update by maintainer back > in 20 Jun 2010, I think it is the best option to remove the package as > well from unstable). It is already gone in testing, so will not be > included in stretch and

Bug#805492: /var/lib

On Mon, 29 Feb 2016 02:47:04 AM Laurent Bigonville wrote: > Le 28/02/16 11:05, Russell Coker a écrit : > >> the easiest would be to do like fedora and install the modules directly > >> in the /var/lib/selinux//100 store instead of copying/loading > >> them at installa

Bug#805492: /var/lib

> the easiest would be to do like fedora and install the modules directly in > the /var/lib/selinux//100 store instead of copying/loading them at > installation time Do you mean having files in the package under /var/lib? If so that seems like a FHS violation. Why not just keep them under /usr/

Bug#815861: mcstrans: doesn't create /var/run/setrans on startup with systemd

Package: mcstrans Version: 2.4-4 Severity: grave Justification: renders package unusable /var/run/setrans 0755 root root - - I think we need a /usr/lib/tmpfiles.d file with something like the above to create it when systemd is in use. Currently mcstrans doesn't start on Unstable. -- System Inf

Bug#756729: I just uploaded a package to fix this

deb http://www.coker.com.au jessie selinux It's at the above repository if you can't wait for it to get into Unstable/Testing. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#756729: about to close

I'm going to upload a new policy to unstable that closes this bug. It allows udev to restart systemd services (the core problem with allow-hotplug). The policy in question doesn't support all the features of the version of systems in unstable (I'll get to that later). deb http://www.coker.com

Bug#771484: fixed in 2.20140421-8

close 771484 thanks Version 2.20140421-8 fixed this. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.o

Bug#756729: Already fixed

close 756729 thanks This was fixed in testing ages ago. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian

Bug#771484: selinux-policy-default: GPG is totally broken

Package: selinux-policy-default Version: 2:2.20140421-7 Severity: grave Justification: renders package unusable "gpg" doesn't work on the command-line, gpg-agent can't be statted, and the whole X login process that spawns gpg-agent doesn't work for most user roles. -- System Information: Debian R

Bug#755404: NMU to fix

On Mon, 28 Jul 2014 09:53:25 Emilio Pozuelo Monfort wrote: > On 28/07/14 09:22, Russell Coker wrote: > > I've uploaded a NMU to fix this to the 7 day delayed > > queue. I made no code changes and just rebuilt it. > > Why not request a binNMU instead? I didn't rea

Bug#755404: NMU to fix

I've uploaded a NMU to fix this to the 7 day delayed queue. I made no code changes and just rebuilt it. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/

Bug#752591: Bug#752605: udev: luks/lvm not detected rendering system unbootable

On Wed, 25 Jun 2014 09:02:59 Michael Biebl wrote: > Russel, can you confirm that that reverting the "kmod load sg" patch > also fixes your problem? It seems to. Booted once since applying it and it worked. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.c

Bug#678853: maildir-bulletin: should it be removed? /home/bulletins/removed

On Sat, 25 Aug 2012, Ivo De Decker wrote: > Is anybody still interested in maintaining this package in debian? Perhaps > it makes more sense to remove it. > > - it has very few users (popcon says 16) > - it is RC buggy (writes in /home) > - the last upload was in 2008 > - the maintainer put it up

Bug#668954: not a serious bug, just a new feature that doesn't work.

ontinue to work without it. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ Description: Add sandbox support for the sandbox utility from policycoreutils Author: Russell Coker Origin: Fedora Last-Update: 2012-06-26 Index: refpolicy-2.2011

Bug#667664: a fix for this

Bug #667664 is due to the latest versions of the libpcre3 library setting reg.re_nsub to an extremely large value and dansguardian trying to allocate memory for that many records and having malloc fail. I've attached a patch for dansguardian which fixes this. I'll upload a delayed NMU tomorrow

Bug#677759: ok

Fair point Laurent. As this is a corner case I'll change the mcstransd code to map the line in question to something it's happy with. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#672695: wordpress: no sane way for security updates in stable releases

On Sun, 13 May 2012, Bernd Zeimetz wrote: > Being forced to upgrade to a new major version by a stable security support > is nothing we should force our users to. Debian stable is known for > (usually) painfree updates and bugfixes only, not for shipping completely > new versions with a forced mig

Bug#642736: already fixed

close 642736 2:2.20110726-1 thanks The Squeeze policy is never going to build in Wheezy. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Troubl

Bug#626720: policy changes

Martin, using the SE Linux libraries from Unstable I can't make the file_contexts.subs file take affect. I think that the only way to do this is to just have regular expressions that deal with this in the file contexts. It's a bit ugly and slows the relabel process down a little (probably no m

Bug#626720: support in squeeze

What I want to do is to have a policy in squeeze that supports running wheezy in a basic configuration. If a daemon that is in wheezy gets a new feature and breaks then I'm not too bothered (I am not aiming for full compatibility). But I want to have the basics work for everyone (which include

Bug#626720: sorry for being slack

I'm working on this now. http://userspace.selinuxproject.org/trac/browser/libselinux/src?order=date&desc=1 http://userspace.selinuxproject.org/trac/wiki/Releases Firstly please tell me what libraries you used when testing this patch? It seems that the necessary patch to libselinux was first pro

Bug#626720: SELinux refpolicy, initscripts and /run

Looks fine to me if the breaks line does what the changelog says it does. -- My bloghttp://etbe.coker.com.au Sent from an Xperia X10 Android phone -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.or

Bug#626720: SELinux refpolicy, initscripts and /run

Sorry for the delay. Yes please make it break the old version of policy. I hope to upload a fix on Sunday. -- My bloghttp://etbe.coker.com.au Sent from an Xperia X10 Android phone -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Bug#584782: selinux-policy-default: /dev filesystem not labelled

On Fri, 14 Jan 2011, Julien Cristau wrote: > Thanks. I've unblocked refpolicy and selinux-basics, they should get in > over the weekend. I've just uploaded selinux-basics version 0.3.8. The diff is below. The change is that if dkim.pp is loaded then milter.pp (the new dependency of dkim.pp f

Bug#584782: selinux-policy-default: /dev filesystem not labelled

http://etbe.coker.com.au/2010/04/21/upgrading-se-linux-system-squeez/ At the above URL I have documented what you need to do to upgrade a SE Linux system to Squeeze. Manoj, is it possible to get a Lenny update for the policy? If not then we just have to close this bug. -- russ...@coker.com.a

Bug#560633: my workaround

I ran "cp /usr/share/libtool/config/ltmain.sh ." before building the package and it worked well. I don't know whether putting this command in the debian/rules would be the right thing to do. I'm not suggesting that the maintainer do this, merely noting it for other people like me who want to w

Bug#532740: libdkim0d: Should use strtok_r() not strtok() for thread safety

Package: libdkim0d Version: 1:1.0.19-3 Severity: grave Tags: security Justification: user security hole The following patch makes libdkim use strtok_r() instead of strtok() for thread safety. If a server process has multiple threads operating on behalf of different users while verifying dkim dat

Bug#520724: snmpd: fails to set the group (gid), this will be a security problem in some configurations

Package: snmpd Version: 5.4.1~dfsg-12 Severity: grave Tags: security Justification: user security hole The following output of "ps" shows that the group is "root": ps -eo pid,user,euser,suser,fuser,group,egroup,sgroup,fgroup,comm|head -1 ; ps -eo pid,user,euser,suser,fuser,group,egroup,sgroup,f

Bug#498965: further testing

Further testing reveals that policy version 2:0.0.20080702-6 doesn't work correctly in this regard either. However with 2:0.0.20080702-6 the problem is less immediately apparent, it doesn't prevent restarting the daemon but instead will in some situations prevent correct communication. -- T

Bug#468417: sorry

severity 468417 important thanks I just realised that the order of the checks seems to make it impossible to exploit this (if run as non-root it exits with insufficient privs). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#498965: Unable to reproduce

I can't reproduce this. Do you have the dbus module loaded? Run "semodule -l|grep dbus". What AVC messages do you get when you fail to start hal? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#499584: cron: Inadequate security checks in SE Linux code path

Package: cron Version: 3.0pl1-104 Severity: grave When in enforcing mode it would be a serious security hole if a cron job was launched without setting the security context - this would be exactly analogous to forgetting to call setgid() and setuid() before launching a cron job. The current versi

Bug#498333: setools: Does not support the policy in Lenny

Package: setools Version: 2.4-3 Severity: grave Justification: renders package unusable apol in setools does not read the policy in Lenny (version 23). I expect that most of the other utilities also fail to operate correctly in Lenny. This is a grave bug and the package needs to be updated to se

Bug#465733: xfs_check in unstable is also broken

http://www.coker.com.au/bug/xfsdump.gz xfsprogs 2.9.6-1 also has an xfs_check that gives a SEGV. The above URL has the meta-data dump. At least xfs_repair does it's job in 2.9.6-1, after a repair xfs_check works. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe".

Bug#465733: can't fix it

xfs_repair will do some good. After running xfs_repair the xfs_check script will no longer trigger a SEGV of xfs_db. But xfs_repair will never get the filesystem to a state whereby xfs_check finds no errors. I've run xfs_repair many times and xfs_check always gives the following error afterwa

Bug#465733: xfsprogs: xfs_check SEGV

On Friday 15 February 2008 09:16, Nathan Scott <[EMAIL PROTECTED]> wrote: > On Thu, 2008-02-14 at 22:42 +1100, Russell Coker wrote: > > Package: xfsprogs > > Version: 2.8.11-1 > > Severity: critical > > Justification: breaks the whole system > > Heh, er, jus

Bug#465733: xfsprogs: xfs_check SEGV

Package: xfsprogs Version: 2.8.11-1 Severity: critical Justification: breaks the whole system I have a filesystem which causes a SEGV when I try to check it. The problem started when I unexpectedly powered the machine down causing some data loss. When I booted it up again the kernel gave errors

Bug#418672: 5.0.32-7etch1 has this bug

On Thursday 26 April 2007 02:31, sean finney <[EMAIL PROTECTED]> wrote: > > Empty passwords by default might be OK for a source based install of > > MySQL, but they are not OK for a Debian install. Debian packages should > > be expected to be secure by default! > > i think it's fairly common knowl

Bug#418672: 5.0.32-7etch1 has this bug

On Wednesday 25 April 2007 16:36, sean finney <[EMAIL PROTECTED]> wrote: > On Wed, 2007-04-25 at 13:22 +1100, Russell Coker wrote: > > I just did a fresh install of mysql-server-5.0 on an AMD64 system which > > had never been used to run any version of MySQL before. It has r

Bug#418672: 5.0.32-7etch1 has this bug

I just did a fresh install of mysql-server-5.0 on an AMD64 system which had never been used to run any version of MySQL before. It has root accounts with no passwords. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#390648: FTBFS: will not create hard link

On Monday 02 October 2006 23:06, "Steinar H. Gunderson" <[EMAIL PROTECTED]> wrote: > Shouldn't a bug be filed against ftp.debian.org asking for its removal, > then? Yes, but let's get the replacement finished first. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe".

Bug#390648: FTBFS: will not create hard link

> Is this package even useful anymore? I hear rumours that it's being > obsoleted... Correct. Please file no more bugs against it as it will either totally disappear or be replaced by a package with almost no code in common with it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Bug#320351: Bug#243941: How to help with neglected packages

On Friday 20 January 2006 11:44, Amaya <[EMAIL PROTECTED]> wrote: > Russell Coker wrote: > > I don't have the time that this package needs (as is probably > > obvious). I welcome a package takeover by someone such as Amaya. > > Hi there, Russell. While I am not

Bug#320351: Bug#243941: How to help with neglected packages

On Friday 20 January 2006 01:17, Amaya <[EMAIL PROTECTED]> wrote: > Marcus Better wrote: > > I am not a DD. Should I ask someone to do an NMU on these packages? > > I have not yet carefully looked at your patches, but I would be happy to > do so, and upload and so on... But finding a long term Main

Bug#301600: Can't login at 2.6.12-rc1

On Sunday 27 March 2005 12:03, Kyuma Ohta <[EMAIL PROTECTED]> wrote: > I'm using selinux for debian . > At kernel 2.6.11.*,kernel accepts to execute programs, > boot up is okay. > But, kernel 2.6.12-rc1, after loading policy,all programs > can't start excepts sysvinit (and bash?),can't login. > I