Bug#1056639: FTBFS: requires network during mandatory build steps

Package: rust-urlshortener Version: 3.0.2-1 Severity: grave Justification for severity: Policy violation During a rebuild of Debian testing, we ran into this test failing during an sbuild controlled build on a VM with limit network connectivity (only configured APT repositories usable). See log e

Bug#1050236: FTBFS: 30 - testlpe fails

Hi. Two notes: 1) This doesn't just fail on rscv64 but also on amd64 and i386 with the same error as in the linked build log from the original report: [...] [ RUN ] LPETest.MeasureSegments_multi_px_1_0_2 add_actions_edit_document: no app! add_actions_pages: no app! add_actions_undo: no app!

Bug#1055729: FTBFS: faad2 fails to build on i386, blocking DSA fix transition

Severity: serious Package: faad2 Tags: patch upstream security fixed-upstream Please apply upstream fix https://github.com/knik0/faad2/commit/1001f9576cbb29242671c489cd861de61cfe08e2?diff=unified Kind regards, Sven

Bug#1055023: FTBFS: libpoe-component-client-dns-perl requires DNS during tests.

Package: libpoe-component-client-dns-perl Severity: serious Version: 1:1.054-3 While rebuilding debian trixie in a network-restricted environment, we ran into this build error (using sbuild): Can't call method "rdstring" on an undefined value at t/06_hosts.t line 143. # Looks like your test exite

Bug#1004598: fix available upstream

Audacity 3.2.0 is available upstream, fixing this.

Bug#1017862: scipy: FTBFS on 32bit arches fixed

fixed 1017862 1.8.1-8 thanks Upload of 1.8.1-8 contained https://salsa.debian.org/python-team/packages/scipy/-/blob/master/debian/patches/pythran_type_PR16646.patch - which fixes this both according to the original failure report and my build of scipy for i386. Cheers, Sven

Bug#1016357: Fails tests with insufficient network connectivity

Package: golang-github-pion-turn.v2 Version: 2.0.8-2 Severity: Serious The package fails tests (see log of failing test below) when run on a machine with limited network (in this case: Can only reach the relevant APT repository server). This is a policy violation, which says that package tests mus

Bug#1016356: FTBFS: unpaper fails to build against ffmpeg 5.0

package: unpaper Version: 6.1-2 Severity: serious Build log excerpt below. There is a new upstream version, but I'm not sure if that builds cleanly against the new ffmpeg. ffmpeg version: 7:5.0.1-3 (lbavformat-dev and friends) dpkg-buildpackage - Command: dpkg-buildpackage --sa

Bug#1012685: reported bug is in error. tilix is installable.

The bug report is apparently erroneously reported against tilix version 1.9.5-1 - which actually fixed the issue, as far as I can tell. Version 1.9.5-1 is installable (no "impossible dependency") in debian/sid

Bug#1011875: golang-github-opencontainers-runtime-tools: FTBFS unreproducible

Hi there. Just a side note: The test fails on my test builds (with the same error as in the original report. Because it relies on having a working network connection. Which it shouldn't do. (my test builds are on a connection that only allows access to a Debian mirror). Cheers, Sven

Bug#1009643: Acknowledgement (Puppet: Fails to work with Ruby 3.0)

Just a quick update: The problem of this particular one is: in puppet/file_system.rb def self.symlink(path, dest, options = {}) @impl.symlink(assert_path(path), dest, options) end Changing this to: def self.symlink(path, dest, **options) @impl.symlink(assert_path(path), dest, **o

Bug#1009643: Puppet: Fails to work with Ruby 3.0

Package: puppet Version: 5.5.22-4 Severity: serious Justification: Fails at core functions Since testing switched /usr/bin/ruby to use ruby3.0, a previously working Puppet manifest fails: s...@larsa.muc:/tmp$ ruby3.0 /usr/bin/puppet apply t.pp Notice: Compiled catalog for larsa.muc.corp.google.co

Bug#1003870: FTBFS: ilorest - missing dep on python3-pbr

Package: ilorest Version: 3.2.2+ds1-2 Severity: serious When rebuilding ilorest, I ran into error below on my build server which has limited network access. AFAICT, adding a build-dependency on python3-pbr should address this failure. Cheers, Sven + python3.9 setup.py install --install-layout=de

Bug#1001785: texlive-extra affected by log4j CVEs

rieb am Sa., 18. Dez. 2021, 14:47: > Am 16.12.2021 um 09:38 teilte Sven Mueller mit: > > Hi Sven, hi Norbert, > > > texlive-extra-utils contains arara (https://github.com/islandoftex/arara > ) > > which was updated two days ago via TeX Live ( > https://www.tug.org/

Bug#1001785: texlive-extra affected by log4j CVEs

Package: texlive-extra-utils Severity: grave Version: 2021.20211127-1 Tags: security texlive-extra-utils contains arara (https://github.com/islandoftex/arara) which was updated two days ago via TeX Live (https://www.tug.org/texlive/) which was updated slightly after that. Please update to the newe

Bug#1001209: dnsmasq: Regression: Fails to direct queries to 127.0.1.1#10053

a breaking change for existing installations, I don't think that would be appropriate. Cheers, Sven Michael Biebl schrieb am Do., 9. Dez. 2021, 19:45: > On Mon, 6 Dec 2021 14:20:51 +0100 Sven Mueller > wrote: > > Package: dnsmasq > > Version: 2.86-1.1 > > Severity

Bug#1001209: quick update

This bug is actually caused by what appears to be an accidental change: --local apparently is now an alias to --address while the manpage says it is an alias to --server. Still a regression and/or breaking change. Cheers, Sven

Bug#1001209: dnsmasq: Regression: Fails to direct queries to 127.0.1.1#10053

Package: dnsmasq Version: 2.86-1.1 Severity: Serious We have this our /etc/NetworkManager/dnsmasq.d/local-proxy: local=/in.ourdoma.in/127.0.1.1#10053 This leads to: dnsmasq: Bad address in --address at line 2 of /etc/NetworkManager/dnsmasq.d/goobuntu-dnsproxy The syntax used is exactly as docu

Bug#996387: FTBFS - also with ruby 2.7.4

Hi. I get the same "rpc/rpc.h" error while rebuilding against (at least essentially) debian-testing and ruby 2.7.4. gcc -fdebug-prefix-map=/<>=. -I. -I/usr/include/x86_64-linux-gnu/ruby-2.7.0 -I/usr/include/ruby-2.7.0/ruby/backward -I/usr/include/ruby-2.7.0 -I. -Wdate-time -D_FORTIFY_SOURCE=2

Bug#983470: cdbs: waf-unpack needs Python 2.7

Am Mi., 24. Feb. 2021 um 19:34 Uhr schrieb Jonas Smedegaard : > severity -1 normal > > Hi Sven, > > Quoting Sven Mueller (2021-02-24 19:02:41) > > /usr/lib/cdbs/waf-unpack is using /usr/bin/python and it's syntax is > > Python 2 only. > > I have no clue

Bug#983470: cdbs: waf-unpack needs Python 2.7

Package: cdbs Version: 0.4.163 Severity: Serious /usr/lib/cdbs/waf-unpack is using /usr/bin/python and it's syntax is Python 2 only. I have no clue what a WAF is, so I didn't spend time trying to fix this issue, sorry. Marking as serious as Python 2.7 is EOL and https://wiki.debian.org/Python/2Re

Bug#983092: xapps-common:all is not properly arch-independent

ioned library package I spoke about. Doh. Cheers, Sven Andreas Henriksson schrieb am Fr., 19. Feb. 2021, 21:22: > Hello, > > On Fri, Feb 19, 2021 at 10:45:41AM +0100, Sven Mueller wrote: > > Package: xapp > > Version: 2.0.6-1 > > Severity: serious > > > > xap

Bug#983092: xapps-common:all is not properly arch-independent

Package: xapp Version: 2.0.6-1 Severity: serious xapps-common is tagged as architecture:all, but the generated xapp-sn-watcher.desktop included in it depends on the architecture it was built on. By accident, we rebuilt the arch:all packages from xapp on i386, while our main architecture is amd64.

Bug#982677: FTBFS - required network connection

Severity: serious Package: rbac-client-clojure Version: 0.9.4-2 TTBOMK, Policy says that builds shouldn't rely on networking. However, when attempting to build rbac-client-clojure on my (well, mostly) network-less builder VM, I run into this error: debian/rules override_dh_auto_build make[1]:

Bug#981870: FTBFS: Doesn't build against ruby-nokogiri 1.11.1

Package: ruby-azure-storage-common Version: 2.0.1-4 Severity: Serious This makes the package unbuildable in both unstable and testing (bullseye). Error message during build: /usr/lib/ruby/vendor_ruby/rubygems/dependency.rb:309

Bug#980787: libtss2-esys split causes regression

Severity: Grave Package: tpm2-tss Version: 3.0.3-1 Machines upgrading from previous versions lose access to the TPM because libtss2-tcti-device0 (at least, not sure when others would be needed) are not automatically installed during upgrade. Neither does tpm2-tools depend on these dynamically load

Bug#979252: New gpsd migrated to testing

Hi. Just wanted to let you know that the new gpsd is now in testing and that foxtrotgps now FTBFS in testing (and probably unstable), as best I can tell, for the very reason mentioned here. There are also lots of warnings about deprecated types (IIUC), but those don't make the build fail )(yet?).

Bug#972912: [Pkg-samba-maint] Bug#972912: Incorrect fix to bug

schrieb Mathieu Parent < math.par...@gmail.com>: > Le lun. 21 déc. 2020 à 16:06, Sven Mueller a > écrit : > > > > Well, turns out that apparently nobody else bothers with a .symbols file > for Python extensions. I looked at the packages for samba, numpy, mypy and >

Bug#979243: [Pkg-rust-maintainers] Bug#979243: FTBFS: rust-cpp-demangle - obsolete dep on rust-if-cfg-0.1-dev

Hi Peter. Odd. We are rebuilding packages in debian testing, but for some unknown reason (I'm still looking into it), the rust-cfg-if-0.1 source package was not considered. After manually adding it, everything works fine, thanks for the hint. Cheers, Sven Am Mo., 4. Jan. 2021 um 18:34 Uhr schrie

Bug#979243: FTBFS: rust-cpp-demangle - obsolete dep on rust-if-cfg-0.1-dev

Package: rust-cpp-demangle Version: 0.2.13-1 Severity: Serious It has this build dependency: librust-cfg-if-0.1+default-dev (>= 0.1.9-~~) , (And a matching, hard-coded Depends line on the binary package) However, this version of rust-cfg-if is now gone and replaced by 1.0 (Just FYI: the same h

Bug#972912: [Pkg-samba-maint] Bug#972912: Incorrect fix to bug

ebian/changelog? Cheers, Sven Am Do., 17. Dez. 2020 um 16:55 Uhr schrieb Mathieu Parent < math.par...@gmail.com>: > Le jeu. 17 déc. 2020 à 16:48, Sven Mueller a > écrit : > > > > Hi Mathieu. > > Hi, > > > Just wanted to say that your fix here seems wrong:

Bug#971216: doxygen build error

riginal dh_doxygen script? CC'ing Paolo for this, see intro. Cheers, Sven Attached is a patch to the included dh_doxygen Description: Remove custom dh_doxygen (broken with newer doxygen) Once upon a time, the custom script was useful, but this is not the time. Author: Sven Mueller https://bugs

Bug#971216: doxygen build error

Hi there. I believe this error is solely caused by embedding dh_doxygen into the imagemagick source package instead of using the dh_doxygen helper from the doxygen package. I tried a build with the debian/scripts/dh_doxygen call in debian/rules replaced by /usr/bin/dh_doxygen and it succeeded. C

Bug#972912: Incorrect fix to bug

Hi Mathieu. Just wanted to say that your fix here seems wrong: The symbols file says when a specific symbol for a specific lib was added. If I rebuild ldb against Python 3.9, it will suddenly claim that - for example - symbol PYLDB_UTIL_2.1.0@PYLDB_UTIL_2.1.0 was added to the package - for the Py

Bug#977038: Confirmed: build-dep on libgrpc-java fixes the issue

declared dependency on libgrpc-java. 0.24.0-1 does have that dependency. Sorry for the noise. Am Fr., 11. Dez. 2020 um 10:41 Uhr schrieb Sven Mueller < sven.muelle...@gmail.com>: > Hi Tony. > > You might be right and I'll try to debug a little more. > I'll share the bui

Bug#977038: Confirmed: build-dep on libgrpc-java fixes the issue

0. Dez. 2020 um 18:45 Uhr schrieb tony mancill : > On Thu, Dec 10, 2020 at 04:51:53PM +0100, Sven Mueller wrote: > > Hi. > > > > I just re-ran tests after adding a build dependency on libgrpc-java and > > that fixed the reported issue. > > Hi Sven, > > Woul

Bug#977038: Confirmed: build-dep on libgrpc-java fixes the issue

Hi. I just re-ran tests after adding a build dependency on libgrpc-java and that fixed the reported issue. Cheers, Sven

Bug#977038: google-oauth-client-java: FTBFS: Failed to execute goal on project google-oauth-client: Could not resolve dependencies for project com.google.api-client:google-api-client:jar:1.27.1: Canno

Package: google-oauth-client-java Version: 1.28.0-1 Severity: serious This can likely be fixed with a build dependency on grpc-java [ERROR] Failed to execute goal on project google-oauth-client: Could not resolve dependencies for project com.google.oauth-client:google-oauth-client:jar:1.28.0: Can

Bug#961798: python-pyaudio: FTBFS for doc package

Tags: patch The attached patch fixes the issue. The problem is that libjs-jquery doesn't contain files relevant here anymore and uses symlinks itself instead. Which dh_linktree doesn't seem support. Switching to node-jquery and the relevant path fixes the build error Index: python-pyaudio-0.2.11/

Bug#961798: python-pyaudio: FTBFS for doc package

Package: python-pyaudio Version: 0.2.11-1.1 Severity: serious python-pyaudio fails to build from source in both testing and unstable with the following error: dh_installinit: warning: Compatibility levels before 10 are deprecated (level 9 in use) dh_perl -O--buildsystem=pybuild dh_link -O--

Bug#958460: FTBFS with no network

Package: appstream-generator Version: 0.8.1-1 Severity: serious This is a policy violation, as the build process must not rely on network accessibility. Error message: [139/147] /usr/bin/xsltproc --nonet --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.th

Bug#952244: qtcurve: FTBFS: dh_install: error: missing files, aborting

Hi. Looks like this is due to a missing build-dependency on the libx11-xcb-dev package. Adding that dependency makes the package build for me. Cheers, Sven

Bug#951637: merge request

Tags 951636 + patch Tags 951637 + patch thanks See https://salsa.debian.org/haskell-team/DHG_packages/merge_requests/4

Bug#951637: FTBFS if mail address can't be detected by git

Package: haskell-githash Version: 0.1.3.1-3 Severity: serious I was attempting to build haskell-githash on a system that had no usable network and thus also no FQDN. I do interpret this as an attempt to access the network during build, though this is debatable, so feel free to downgrade the severi

Bug#719505: spampd: diff for NMU version 2.30-22.1

I'm actually about to file a RFA/O bug for spampd: I don't use it anymore and don't really have the spare time to set up any test hosts or similar to handle bugs well. So your NMU is quite welcome. Indeed adopting the package would be even more welcome. If you want that, I can give you read/write a

Bug#625177: Uploaded to DELAYED/5

On Mon, August 22, 2011 3:25 am, Asheesh Laroia wrote: > Tag: fixed > > I uploaded this patched package to DELAYED/5! Maintainer, please feel free > to beat the upload if you like. I currently don't have time and also (more importantly) no access to my build machine including my gpg key. Patch loo

Bug#597399: Please add upstream #4319 to this list

Am 10.10.2010 14:41, schrieb Julien Cristau: > On Thu, Sep 30, 2010 at 22:06:40 +0200, Sven Mueller wrote: > >> Upstream bug #4319 produces empty files on my setup, see also Debian Bug >> 593125 (my last comment there is from September 17th and includes the fix). >> >&g

Bug#597399: Please add upstream #4319 to this list

Upstream bug #4319 produces empty files on my setup, see also Debian Bug 593125 (my last comment there is from September 17th and includes the fix). NOTE: I will prepare an NMU to testing-proposed-updates at least with the fix to my problem if I don't hear anything on this bug or bug #593125 by Fr

Bug#552638: (package vdr) debian-rules-not-a-makefile

> Package: vdr > Version: 1.6.0-12 > Severity: serious > > 4.9 Main building script: debian/rules > > This file must be an executable makefile, and contains the > package-specific recipes for compiling the package and building binary > package(s) from the source. > > > It must start with the li

Bug#527495: setting package to cyrus-doc-2.2 cyrus-pop3d-2.2 cyrus-murder-2.2 cyrus-common-2.2 cyrus-imapd-2.2 cyrus-admin-2.2 cyrus-clients-2.2 libcyrus-imap-perl22 cyrus-dev-2.2 cyrus-nntpd-2.2 ...

# Automatically generated email from bts, devscripts version 2.10.35lenny3 # via tagpending # # cyrus-imapd-2.2 (2.2.13-16) UNRELEASED; urgency=high # # * Fix build dependency on tcl-dev (keeping old tcl8.3-dev to make #backports easier) (Closes: 545281) # * Fix up README.Debian.database (Cl

Bug#527495: cyrus-imapd-2.2: service imap pid xxxx in BUSY state: terminated abnormally

ards, Sven Achim Schaefer schrieb: > HI, > > I don't have any problem any more (concerning this bug). > Sorry for not closing the bug some time ago, when the new sasl package was > availible. > > I think it can be closed. > > Achim > Am Donnerstag 03 Septem

Bug#527495: cyrus-imapd-2.2: service imap pid xxxx in BUSY state: terminated abnormally

Hi Achim, Frank. Could you please confirm that the problem still exists with the recent 2.2.13-14+b4 rebuild and the current cyrus-sasl? As far as I understand Bug #527161, this problem should now be gone. If not, we Regards, Sven Frank Segtrop schrieb: > Hi! > > Same problem here! > > kernel

Bug#413428: ifupdown: Patch fixing only this issue, extracted from far bigger Ubuntu patch

PS: If I find the time, I will also add documentation of this tweak somewhere. Suggested Changelog entry: Modprobe net-pf-10 before configuring interfaces (inspired by Ubuntu patch from https://patches.ubuntu.com/i/ifupdown and comments by Andreas Henriksson). Patch by Sven Mueller (Clos

Bug#493708: netcat: Package contains no executable

Package: netcat Version: 1.10-38 Severity: grave Justification: renders package unusable Package contains no executable. This renders the package unusable (only contains copyright and changelog.Debian.gz). -- System Information: Debian Release: lenny/sid APT prefers testing-proposed-updates A

Bug#478004: I2O & grub

Robert Millan schrieb: Sorry to bother you, but you're listed as one of the reporters of I2O issues in GRUB (in #486505), and it appears that I2O is not fully supported yet despite our previous efforts. I'd appreciate if you could check #478004 and at least confirm if the problem can be reproduc

Bug#465177: FTBFS: configuRe: error: unable to configure inotify support

Andres Mejia wrote on 12/02/2008 05:45: I've investigated this some more and found that the inotify-tools package fails the test to see if sys/inotify.h actually works for the powerpc and ia64 architectures as well, yet the build continues for that package, unlike in mediatomb. Here's the diffe

Bug#447172: lirc-modules-source: doesn't build driver modules

Package: lirc-modules-source Version: 0.8.2-1 Severity: grave Justification: renders package unusable The most recent upload of 0.8.2-1 to experimental sadly rendered the lirc-modules-source package unusable. For some reason, the Makefile in the drivers subdirectory gets corrupted on every build I

Bug#440661: Done in 0.80.0-13

Package: lirc-modules-source Version: 0.80.0-13 This duplicate of #440494 and 436166 has been resolved in Version 0.80.0-13 of lirc-modules-source -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#400494: SLAB_ATOMIC not defined any longer in 2.6.21 and up at least

Hi. Attached you find a patch which rectifies this and enabled 0.80 to build against newest kernels. At least the igorplugusb driver works fine against 2.6.22 (both Debian and homebrew 2.6.22.6) kernels. I have no means to test the others right now. Still, and update to 0.82 would be nice. Regar

Bug#425802: still a problem with current version of spampd

James Cloos wrote on 27/05/2007 17:48: > I get this on startup with the current version of spampd: F*** You are right. Sorry for not noticing this when I checked the fixed up patch. > Starting spam checking proxy daemon: spampd > util: cannot untaint path: "REF(0x8c6d024)/bayes" > util: cannot u

Bug#421100: spampd patch

Tags 421100 + pending Thanks Alexander Wirt wrote on 10/05/2007 18:45: > sorry for taking a little bit longer. Attached is a patch against spampd > which takes sure that it will get a nice and friendly environment and also > sets a correct SA home for itself and his helpers. Thanks for the patch

Bug#416739: Fixes bug 416739 in cyrus-common-2.2

Javier Merino wrote on 17/05/2007 21:33: >- update-rc.d cyrus2.2 remove >/dev/null >+if [ -x usr/sbin/update-rc.d ]; then >+ update-rc.d cyrus2.2 remove >/dev/null >+ fi > ; > The above h

Bug#421100: spampd: Process doesn't discard environment upon user switch

I'm just confirming that I received your report and that I'm really looking forward to get a patch to fix the described behaviour. I honestly wouldn't have the time to work on one for the next weeks, so the help is higly appreciated. Regards, Sven signature.asc Description: OpenPGP digital signa

Bug#398996: mimedefang: postinst failure: tries chown to inexistant group smmsp

Package: mimedefang Version: 2.57-1 Severity: serious Justification: renders package uninstallable As the subject says: postinst tries to chown /var/spool/MIMEDefang to defang:smmsp, but the smmsp group doesn't exist. This is probably a result of not depending on sendmail anymore. -- System Infor

Bug#374396: perl: FTBFS on MIPS/hppa

Hi. Is there any chance to get this fixed within the next week or two? It's already blocking something like 60 packages from entering testing. Regards, Sven signature.asc Description: OpenPGP digital signature

Bug#379357: Upgrade of postfix fails (init script fails to stop postfix with non-standard queue directory)

Package: postfix Version: 2.2.10-1bpo2 Severity: serious Justification: Init script "stop" action not working like policy requires The debian init script fails to stop postfix if the queue directory for postfix has been changed by the local admin. This is due to using a hard-wired path in the init

Bug#374603: An override for "/var/cache/spampd" already exists.

Adam James wrote on 20/06/2006 09:56: Hmm, weird that this problem didn't occure on my system. Anyway, fixed package is prepared and will be uploaded today. Regards, Sven signature.asc Description: OpenPGP digital signature

Bug#367267: ftp.debian.org: Missing .orig.tar.gz files for dresden-ocl and libbsf-java

Pierre HABOUZIT wrote on 02/06/2006 10:33: > severity 367267 serious > thanks > > On Sun, May 14, 2006 at 09:49:31PM +0200, Sven Mueller wrote: > >>http://ftp.debian.org/debian/pool/main/d/dresden-ocl/dresden-ocl_1.1.orig.tar.gz > > this creates a policy violat

Bug#366362: configure fails on first install

Sven Mueller wrote on 08/05/2006 02:20: > Joey: What would you say I (or possibly you) should do here? Changing > the init script would violate an Etch release target (LSB 2.1 > conformance). Not changing the init script would require a change in how > debhelper handles init script

Bug#366362: configure fails on first install

Package spampd Tags 366362 + moreinfo Thanks Sven Mueller wrote on 08/05/2006 01:54: > As you see, the invoke-rc.d result is somewhat ignored (well, the script > exits cleanly when invoke-rc.d returned an error) by appending "|| exit > 0". Therefore, dpkg shouldn'

Bug#366362: configure fails on first install

Package spampd Tags 366362 + moreinfo unreproducible Laurent Bigonville wrote on 08/05/2006 01:06: > Package: spampd > Severity: grave > Version: 2.30-3 > > The postinstall script failed because STARTSPAMPD=0. > > Paramétrage de spampd (2.30-3) ... > Starting spam checking proxy daemon: spampd (

Bug#346354: Is distribution of the maxdb-doc package a GPL violation?

Hi. I've read the whole bug log and though I'm not a regular on debian-legal, I still would like to add a note to it: I don't know what the current upstream does, but I wonder about one thing: The header about the SAP Html Export indicates that the export happened on 19.10.2004, about 1.5 years a

Bug#365629: cyrus-common-2.2 version 2.2.13-1 0: cyrdeliver segfaults

Michael Holtermann wrote on 01/05/2006 18:06: > With current version 2.2.13-1 of cyrus-common-2.2 a non-working > cyrdeliver will be installed. > > If called from command line > # cyrdeliver -m user.micha > Segmentation fault > > will occur. I was able to reproduce the error, producing a core du

Bug#362839: spampd startup fails: Scalar found where operator expected

On 15/04/2006 23:46, Adam James wrote: > Package: spampd > Version: 2.30-2 > Severity: grave > Justification: renders package unusable > > Upon upgrading to 2.30-2 (from 2.30-1): Thanks for the report and patch. These problems seemingly slipped in between testing of the package and the upload (wa

Bug#361937: libsasl2: DIGEST-MD5 Pre-Auth DoS found in 2.1.18, likely to also be in 2.1.19 and 2.1.20

Package: libsasl2 Version: 2.1.19-1.5 Severity: serious Tags: security Justification: Security problem Please see http://labs.musecurity.com/advisories/MU-200604-01.txt for more information. Regrads, Sven -- System Information: Debian Release: 3.1 APT prefers stable APT policy: (990, 'stabl

Bug#359904:

@@ +php4 (4:4.3.10-17) stable-security; urgency=low + + Sven Mueller <[EMAIL PROTECTED]>: + * Patch ext/standard/html.c to fix a possible information disclosure bug in +html_entity_decode() (closes: #359904) + * Fix a small issue in debian/rules regarding the order in which patches are +a

Bug#323236: nut: reinstalling nut breaks if user cyrus is not there

Severity 323236 normal Tags 323236 +wontfix thanks Hi. This bug was re-assigned to cyrus21-imapd, which is partly correct as the problem is indeed related to the cyrus21-imapd packages. However, the error your system reported isn't the fault of the cyrus21 packages as it seems. What happened? 1

Bug#332259: webmin possible remote root exploit -> problem also applies to spampd

http://www.dyadsecurity.com/webmin-0001.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341394 If this is considered a possible remote root compromise, the spampd bug I reported a while ago to [EMAIL PROTECTED] (see also bug #332259) is also a possible remote compromise (though not root comp

Bug#332259: spampd fails with 'Error in process_request': Modification of read-only variable in Syslog.pm

Package spampd found 332259 2.20-16 found 332259 2.20-9 Tags +confirmed +upstream Thanks Sven Mueller wrote on 05/10/2005 22:25: > Richard Wohlstadter wrote on 05/10/2005 16:56: > >>Package: spampd >>Version: 2.20-9 >> >>When processing an email with the followi

Bug#332259: spampd fails with 'Error in process_request': Modification of read-only variable in Syslog.pm

Martin Schulze schrieb: > Sven Mueller wrote: > >>>Hence, it's rather "one mail falls through" or something. Doesn't sound >>>security-relevant to me. >> >>Well, it's more of an indirect DoS. The mails are rejected with an SMTP >>

Bug#332259: spampd fails with 'Error in process_request': Modification of read-only variable in Syslog.pm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, October 7, 2005 6:17, Martin Schulze said: > Sven Mueller wrote: >> I created a fixed package (actually two: one for sid/etch and one for >> sarge), available at https://mail.incase.de/spampd/sarge-security/ >>

Bug#332259: spampd fails with 'Error in process_request': Modification of read-only variable in Syslog.pm

Package spampd found 332259 2.20-16 Tags 332259 +pending +upstream thanks I created a fixed package (actually two: one for sid/etch and one for sarge), available at https://mail.incase.de/spampd/sarge-security/ respectively at https://mail.incase.de/spampd/sid/ (until my sponsor finds the time to

Bug#324531: pcre3: patch for CAN-2005-2491

Package pcre3 Tags 324531 +patch thanks Martin Pitt wrote on 24/08/2005 14:12: > Here is the relevant change from pcre3 6.1-> 6.2, ported to 5.0: > > http://patches.ubuntu.com/patches/pcre3.CAN-2005-2491.diff Hmm, didn't get that the capturing fix is also needed. But your are right there. Att

Bug#324531: pcre3: CAN-2005-2491

Stefan Fritsch wrote on 23/08/2005 23:15: >>Patch extracted from difference between upstream versions 6.0 and >>6.1, modified to patch version 4.5. Patch is attached. > > While the issue corresponding to your patch should be fixed as well, > this is not the patch for CAN-2005-2491. The securitytrac

Bug#324531: pcre3: CAN-2005-2491

Stefan Fritsch wrote on 23/08/2005 23:15: >>Patch extracted from difference between upstream versions 6.0 and >>6.1, modified to patch version 4.5. Patch is attached. > > While the issue corresponding to your patch should be fixed as well, > this is not the patch for CAN-2005-2491. The securitytrac

Bug#274342: CAN-2004-0815 - Can this bug finally be closed?

2.2.3a-15 is in the latest Woody version, released well after this bug had been tagged pending. So can this bug be closed? Yes or no? ;-) I#m just trying to clean up the list of security tagged bugs a bit, especially for packages I use (OK, I don't use samba 2.2 anymore, but samba 3). cu, sven

Bug#324531: pcre3: CAN-2005-2491

Joey Hess wrote on 23/08/2005 01:43: > Adrian Bunk wrote: > >>It should be checked which of the versions in unstable/testing, >>stable and oldstable might be affected by CAN-2005-2491 >>(PCRE Heap Overflow May Let Users Execute Arbitrary Code). > > > Which is unfortunatly still marked as "reserv

Bug#324531: Additional note: unstable seems unaffected

Hi. The code used to actually parse regular expressions seems to be completely different in pcre3-3.4-1.1 (version in oldstable), so it is likely oldstable is not affected by this bug. But I can't tell for sure. At the very least the fix will definately need to be modified, something I won't be

Bug#324531: pcre3: Version in stable (4.5-1.2) affected, patch attached

Package: pcre3 Followup-For: Bug #324531 Patch extracted from difference between upstream versions 6.0 and 6.1, modified to patch version 4.5. Patch is attached. Regards, Sven -- System Information: Debian Release: 3.1 APT prefers experimental APT policy: (400, 'experimental'), (90, 'testin

Bug#324531: pcre3: testing, unstable also effected

Package: pcre3 Followup-For: Bug #324531 Same patch as in my previous mail also works for 5.0-1.1 Regards, Sven -- System Information: Debian Release: 3.1 APT prefers experimental APT policy: (400, 'experimental'), (90, 'testing'), (50, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6

Bug#316173: NMU prepared to fix these bugs (316173, 320048/320063)

Hi. During my NM process, I prepared a NMU for the bugs mentioned in the subject and CC'ed. I didn't upload it (or rather: ask for upload by a sponsor) yet, but the packages I prepared are publicly available at http://mail.incase.de/NMUs/ I will wait a week or so and then ask for upload by a spon

Bug#322591: For NM-queue purposes, I created a NMU for this bug

Hi. As said, I created a NMU for this bug (not really uploaded into the archive though). The files of the NMU are available at http://mail.incase.de/NMUs/ I first created this NMU with my own patch, but given that it is cleaner than mine, I converted it to use the patch given in this bugreport. r

Bug#263783: Can this bug be closed?

Obviously, if the sole purpose of the bug was to keep debpartial-mirror out of sarge, you could close the bug (and get a wider audience when the package gets into testing). regards, Sven signature.asc Description: OpenPGP digital signature

Bug#316173: apache2: Security issues in HTTP proxy responses with both Transfer-Encoding and Content-Length headers

Package apache2 Tags 316173 +patch thanks Borut Mrak wrote on 08/07/2005 17:25: > I hope this will be of some help. Me too ;-) > If it's OK, someone tag this bug with PATCH or whatever is appropriate: > > sorry about the long URL: > > http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/2.0.

Bug#320048: security: Buffer overflow in ssl_engine_kernel.c

Package: apache2 Version: 2.0.54-4 Severity: grave Tags: security, patch Justification: possible DoS There is a buffer overflow (off-by-one in buffer size checks) in ssl_engine_kernel.c which could be exploited to DoS the server. Upstream bug report at http://issues.apache.org/bugzilla/show_bug.

Bug#296459: More info: pinfo is uninstallable

Package: pinfo Version: 0.6.8-4 Followup-For: Bug #296459 The problem is that /usr/share/info/pinfo.info.gz is a gzip of a zero-byte file. This is most likely the result of a missing build-dependency on texinfo. You either have to add texinfo to the list of Build-Dependencies or remove the texinf