Hi,
* Adam D. Barratt <[EMAIL PROTECTED]> [2008-12-08 09:09]:
> On Mon, 2008-12-08 at 01:31 +0100, Cyril Brulebois wrote:
> [...]
> > Since the filename is predictable, I guess debsign is vulnerable to symlink
> > attacks and the like (although I'm no security crack, etc., sorry if I'm
> > overthin
Package: xen-utils-3.2-1
Version: 3.2.1-2
Severity: grave
I tried to start an HVM guest to setup Windows 2003 64 bits entreprise R2, and
I spent a long time figuring out that there is no /usr/lib/xen folder by
default, and this is where Xen is searching for it's file when using HVM, VNC
and all. D
severity 508132 normal
close 508132 2.22.0-3
thanks
Le lundi 08 décembre 2008 à 07:52 +0100, Damien Courousse a écrit :
> This happens on a powerpc laptop (iBook 12" G4), with Debian Etch PPC.
Sorry, but etch is in maintenance mode only, we won’t fix such bugs.
The disks-admin tool is not part o
Processing commands for [EMAIL PROTECTED]:
> severity 508132 normal
Bug#508132: disks-admin : crash
Severity set to `normal' from `critical'
> close 508132 2.22.0-3
Bug#508132: disks-admin : crash
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in vers
Processing commands for [EMAIL PROTECTED]:
> severity 508139 normal
Bug#508139: HVM guests can't be used because there is no /usr/lib/xen folder
Severity set to `normal' from `grave'
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administ
severity 508139 normal
thanks
Please reread the bts documentation what "grave" means.
On Mon, Dec 08, 2008 at 04:52:04PM +0800, Thomas Goirand wrote:
> I tried to start an HVM guest to setup Windows 2003 64 bits entreprise R2, and
> I spent a long time figuring out that there is no /usr/lib/xen f
Hi,
Nico Golde wrote, Monday, December 08, 2008 8:36 AM:
* Adam D. Barratt <[EMAIL PROTECTED]> [2008-12-08 09:09]:
> On Mon, 2008-12-08 at 01:31 +0100, Cyril Brulebois wrote:
> [...]
> > Since the filename is predictable, I guess debsign is vulnerable to
> > symlink
> > attacks and the like (al
Your message dated Mon, 08 Dec 2008 09:17:24 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507445: fixed in gnupg-doc 2003.04.06+dak1-0.1
has caused the Debian Bug report #507445,
regarding gnupg-doc orig.tar.gz missing in main
to be marked as done.
This means that you claim that
Martín Ferrari wrote:
> Hi,
>
> On Sun, Dec 7, 2008 at 14:21, Thiemo Seufer <[EMAIL PROTECTED]> wrote:
>
> >> as -o tas.o tas.s
> >> tas.s: Assembler messages:
> >> tas.s:10: Error: illegal operands `ori t1,zero,12345'
> >> tas.s:11: Error: opcode not supported on this processor: mips1 (mips1) `
Your message dated Mon, 08 Dec 2008 11:17:08 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#506428: fixed in rocksndiamonds 3.2.6.0+dfsg-2
has caused the Debian Bug report #506428,
regarding Data files are not downloaded
to be marked as done.
This means that you claim that the pro
Stefan Söffing <[EMAIL PROTECTED]> writes:
> Hi,
>
> thank you for looking into this problem.
>
> I just tried libgnutls26 2.4.2-4, unfortunately it doesn't solve this
> problem for me, I still get
>
> - Peer's certificate is NOT trusted
>
> for the self-signed certificate. LDAP access is still br
Florian Weimer wrote:
> This is RC because we cannot change the package at all, for instance
> to incorporate a security fix.
i think we're going to use yuicompressor to offer compressed libs in
each packages, however, i did not manage to upload a proper
yuicompressor package yet.
therefore, and
Martín Ferrari wrote:
> On Mon, Dec 8, 2008 at 09:30, Thiemo Seufer <[EMAIL PROTECTED]> wrote:
>
> >> Could you tell me if the assembler code generated by gcc looks as a
> >> reasonable replacement for the offending code you've patched?
> >
> > I think __sync_lock_test_and_set should be good enoug
Processing commands for [EMAIL PROTECTED]:
> unmerge 506853
Bug#506853: libgnutls26: 2.4.2-3 breaks OpenLDAP access
Bug#507633: libgnutls26: GnuTLS does not know VeriSign any more
Disconnected #506853 from all other report(s).
> reopen 506853
Bug#506853: libgnutls26: 2.4.2-3 breaks OpenLDAP acces
On Mon, Dec 08, 2008 at 09:37:42AM +1100, [EMAIL PROTECTED] wrote:
> > The bug should affect ubuntu and probably gentoo (4.1.2.2 already
> > packaged). Not RedHat / Mandrake.
>
> A quick peek into shadow-utils-4.1.2-8.fc10.src.rpm suggests Fedora is
> also affected. I do not know about RHEL.
shad
Hi,
thank you for looking into this problem.
I just tried libgnutls26 2.4.2-4, unfortunately it doesn't solve this
problem for me, I still get
- Peer's certificate is NOT trusted
for the self-signed certificate. LDAP access is still broken.
- Stefan
--
To UNSUBSCRIBE, email to [EMAIL PROT
On Mon, Dec 08, 2008 at 11:22:34AM +0100, Nicolas François wrote:
> On Mon, Dec 08, 2008 at 09:37:42AM +1100, [EMAIL PROTECTED] wrote:
> > > The bug should affect ubuntu and probably gentoo (4.1.2.2 already
> > > packaged). Not RedHat / Mandrake.
> >
> > A quick peek into shadow-utils-4.1.2-8.fc10
Strange it is an hinsenbug, turning on debugging and the bug desapear :-(
--
"ROUCARIES Bastien"
[EMAIL PROTECTED]
---
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
On Sun, Dec 07, 2008 at 10:18:13PM +0100, martin f krafft wrote:
> also sprach Lars Bensmann <[EMAIL PROTECTED]> [2008.12.07.1605 +0100]:
> Can you reproduce the bug with an equivalent extensions.conf (the
> other format for the dialplans)?
No. I could not.
The following also causes the problem:
Your message dated Mon, 08 Dec 2008 13:37:49 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#508101:
gobject-introspection_0.6.1-1(unstable/sparc/spontini): OSError: [Errno 2] No
such file or directory: '/nonexistent/.cache'
has caused the Debian Bug report #508101,
regarding
Hi,
On Sun, Dec 7, 2008 at 14:21, Thiemo Seufer <[EMAIL PROTECTED]> wrote:
>> as -o tas.o tas.s
>> tas.s: Assembler messages:
>> tas.s:10: Error: illegal operands `ori t1,zero,12345'
>> tas.s:11: Error: opcode not supported on this processor: mips1 (mips1) `ll
>> t0,(a0)'
>> tas.s:12: Error: op
On Mon, Dec 8, 2008 at 09:30, Thiemo Seufer <[EMAIL PROTECTED]> wrote:
>> Could you tell me if the assembler code generated by gcc looks as a
>> reasonable replacement for the offending code you've patched?
>
> I think __sync_lock_test_and_set should be good enough, AFAICS there's
> no need to do
Hi,
* Adam D. Barratt <[EMAIL PROTECTED]> [2008-12-08 11:03]:
> Nico Golde wrote, Monday, December 08, 2008 8:36 AM:
> >* Adam D. Barratt <[EMAIL PROTECTED]> [2008-12-08 09:09]:
> >> On Mon, 2008-12-08 at 01:31 +0100, Cyril Brulebois wrote:
> >> [...]
> >> > Since the filename is predictable, I gue
Thanks for your help, here is the output:
teilchen01:~# gnutls-cli -p 636 thea.physik.uni-kl.de -d 1 --print-cert
--x509cafile /etc/ssl/certs/thea_cacert.pem
Processed 1 CA certificate(s).
Resolving 'thea.physik.uni-kl.de'...
Connecting to '131.246.123.113:636'...
- Certificate type: X.509
- Got
Package: exim4-config
Version: 4.69-9
Severity: grave
Justification: renders package unusable
On attempting to install exim (apt-get install exim4) fails with:
==
Setting up exim4-config (4.69-9) ...
/usr/sbin/dpkg-statoverride: non-existing group Debian-exim
Usage: dpkg-statoverride [ ...]
> Start openvpn with the following command
> openvpn --config /etc/openvpn/server.conf --script-security 2
You need --script-security 3 to allow password to be passed through the
environment.
This is documented in the openvpn man page:
0 -- Strictly no calling of external programs.
1 -- (Defaul
Oh, and I forgot to mention, obviously I added 'Debian-exim' group and it then
proceeded to install fine.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> BH == Ben Hutchings [2008-12-7]
BH> I am uploading the following changes to delayed/3.
Thanks Ben,
I will let it in for the moment, due to the security implications. I
think I will revert to /tmp as soon as I have some more time to ponder
about it, which won't happen for at least two wee
Thank you Andreas, you are absolutely right. I have no idea how I
missed that! I suppose even the sys admin is entitled to be guilty of
user error once in a while!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hello,
I am not a debian developer, but I have been working with the upstream
maintainer (who is also the Debian developer of this package), Loic
Dachary. I am working toward debian developer status and am maintaining
this package by proxy through Loic.
First, please be aware that Yocto-Reader i
Nico Golde wrote, Mon, 8 Dec 2008 11:25:36 +0100:
[...]
Nico Golde wrote, Monday, December 08, 2008 8:36 AM:
[...]
>No this is correct, devscripts is vulnerable to
>a symlink attack before the fix (for example signfile()).
[...]
Just had a look again at this issue. It should be no
real proble
Processing commands for [EMAIL PROTECTED]:
> severity 508165 normal
Bug#508165: exim4-config: exim4 install fails with dpkg-statoverride:
non-existing group Debian-exim
Severity set to `normal' from `grave'
> tags 508165 unreproducible
Bug#508165: exim4-config: exim4 install fails with dpkg-stat
severity 508165 normal
tags 508165 unreproducible
thanks
On 2008-12-08 Will Hargrave <[EMAIL PROTECTED]> wrote:
> Oh, and I forgot to mention, obviously I added 'Debian-exim' group and it then
> proceeded to install fine.
Hello,
Can you reproduce this bug? The respective code (for adding
users) h
Hi Andreas
On Monday 08 Dec 2008, Andreas Martens wrote:
> On 12/05/08 16:48, Chris Halls wrote:
> > We've discovered that a bug fix to OOo's document export to ODF has made
> > certain writer documents saved with version 3.0 to appear to loose text
> > when you load the document in 2.x, even if y
On Mon, Dec 08, 2008 at 03:32:50PM +0100, Davide G. M. Salvetti wrote:
> > BH == Ben Hutchings [2008-12-7]
>
> BH> I am uploading the following changes to delayed/3.
>
> Thanks Ben,
>
> I will let it in for the moment, due to the security implications. I
> think I will revert to /tmp as so
Package: sun-java5
Version: 1.5.0-16-3
Severity: grave
Tags: security
Justification: user security hole
JDK 5.0 Update 17 fixes 12 security issues as described:
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
Thanks,
Dominic.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "
Package: sun-java6
Version: 6-10-2
Severity: grave
Tags: security
Justification: user security hole
Java SE 6 1.6.0_11 13 security issues as described:
http://java.sun.com/javase/6/webnotes/6u11.html
Thanks,
Dominic.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscrib
Your message dated Mon, 08 Dec 2008 17:32:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507423: fixed in htop 0.8.1-2
has caused the Debian Bug report #507423,
regarding htop_0.8.1-1(s390/experimental):
to be marked as done.
This means that you claim that the problem has been
* Charles Plessy [Wed, 03 Dec 2008 22:57:54 +0900]:
> Dear release team,
> I would like to suggest to remove RC-bugged acl2 package from testing.
Hello, Charles, a removal hint was added by Luk yesterday.
Cheers,
--
Adeodato Simó dato at net.com.org.es
Debi
Your message dated Mon, 8 Dec 2008 19:05:35 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#508103: collectd_4.4.2-3(unstable/sparc/lebrun):
/usr/lib/libupsclient.so: No such file or directory
has caused the Debian Bug report #508103,
regarding collectd_4.4.2-3(unstable/sparc/l
Your message dated Mon, 8 Dec 2008 19:17:48 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Request for binNMU of clamfs 0.9.1-3
has caused the Debian Bug report #507711,
regarding clamfs: Uninstallable in Sid due to libpoconet soname bump
to be marked as done.
This means that you
On Sun, December 7, 2008 4:37 pm, Bastien ROUCARIES wrote:
> Strange it is an hinsenbug, turning on debugging and the bug desapear :-(
If you turned on debugging using the latest cvs,
be aware I performed a blind change on the basis of the earlier bug reports.
But does the bug reappear if you turn
Your message dated Mon, 08 Dec 2008 20:36:46 +0100
with message-id <[EMAIL PROTECTED]>
and subject line closing openvpn script-security level bugreport.
has caused the Debian Bug report #507747,
regarding openvpn auth via-env fails to pass password to auth script
to be marked as done.
This means
On Sun, 2008-12-07 at 20:16 +0100, Baurzhan Ismagulov wrote:
> Now that #506713 is closed, I have a couple of questions regarding the
> process:
>
> * The closing message mentions experimental; will the package be
> available in lenny? If yes, will this happen automatically, or does
> someone
Processing commands for [EMAIL PROTECTED]:
> severity 508111 important
Bug#508111: [debsign] Insecure tempfile creation (redux)
Severity set to `important' from `serious'
>
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrat
Your message dated Mon, 08 Dec 2008 21:47:07 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#496482: fixed in neon27 0.28.2-6.1
has caused the Debian Bug report #496482,
regarding neon25 transitional package should not exist
to be marked as done.
This means that you claim that the
On Mon, Dec 08, 2008 at 08:17:13AM +0100, Max Kellermann wrote:
> Package: libmad0
> Version: 0.15.1b-3
> Severity: grave
>
> I generated a raw audio file and tried to load it into audacity
> (1.3.5-2). Audacity crashed with the following message. Looks like
> it attempted to load the file as mp
Processing commands for [EMAIL PROTECTED]:
> tags 502140 -patch
Bug#502140: cannot unlock screen during etch -> lenny transition
Tags were: patch
Tags removed: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administra
On Sun, Dec 07, 2008 at 12:10:12AM -0500, Michael Gilbert wrote:
> tag 502140 patch
> thank you
>
> i have developed a preinst for libpam-modules that will wait for
> xscreensaver to be deactivated before allowing it to begin its
> upgrade. then to prevent the screensaver from reactivating, it wi
> This is not a patch that I'll accept, stylistically and in terms of intent.
> I'm working on fixing this in the way I earlier indicated it should be
> fixed.
just trying to help. it works, and its automatic. but yes, it does
leave the screen unlocked during all of the upgrade (although, this
c
The proposed changes to this package are unsuitable for Debian.
Firstly, abrowser does not exist in Debian (the equivalent virtual
package in Debian is www-browser), and in any case Tuxguitar appears to
depend specifically on Mozilla derivatives. Secondly, the package
dependencies and documentatio
Your message dated Tue, 09 Dec 2008 01:18:09 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507768: fixed in texlive-extra 2007.dfsg.11-1
has caused the Debian Bug report #507768,
regarding texlive-plain-extra: colortab package is nosell
to be marked as done.
This means that you c
Your message dated Tue, 09 Dec 2008 01:18:09 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507009: fixed in texlive-extra 2007.dfsg.11-1
has caused the Debian Bug report #507009,
regarding texlive-latex-extra: yi4latex is nosell
to be marked as done.
This means that you claim tha
Your message dated Tue, 09 Dec 2008 01:18:09 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#491354: fixed in texlive-extra 2007.dfsg.11-1
has caused the Debian Bug report #491354,
regarding texlive-fonts-extra: No license statement for wsuipa fonts
to be marked as done.
This means
Processing commands for [EMAIL PROTECTED]:
> tags 506684 pending
Bug#506684: guile-1.8: includes own definition of jmp_buf type in public header
Tags were: patch
Tags added: pending
>
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system
So far as I can see, these are the possible reasons why the cryptroot
hook may silently fail to generate the configuration file:
- /etc/crypttab is missing
- The root device specified in /etc/fstab is not defined by LABEL or
UUID and is not under /dev/mapper/
- The root device is not listed in /etc
Your message dated Mon, 8 Dec 2008 21:23:05 -0600
with message-id <[EMAIL PROTECTED]>
and subject line msp-webserver no longer in the archive
has caused the Debian Bug report #506268,
regarding CVE-2008-5160: allows remote attackers to cause a denial of service
(daemon crash) via multiple invalid
Moritz,
Are you going to apply your patch?
Ben.
--
Ben Hutchings
All extremists should be taken out and shot.
signature.asc
Description: This is a digitally signed message part
Alternately you could upload the same code with the Architecture list
including only 32-bit architectures and then ask ftpmaster to remove the
broken 64-bit binaries.
Ben.
--
Ben Hutchings
All extremists should be taken out and shot.
signature.asc
Description: This is a digitally signed messag
I don't think there's any clean way to do lock the screen from a script
such as hibernate, because that is part of each user session, not global
state.
Perhaps the documentation should be changed to recommend use of a
locking screensaver instead. If so, this should also be mentioned in
NEWS.Debia
Dear Alpha buildd admins,
apt is built on alpha but not installed:
http://buildd.debian.org/pkg.cgi?pkg=apt
It prevents the propagation of version 0.7.19 to Lenny, which fixes the RC bug
http://bugs.debian.org/463030
Can you do something?
Have a nice day,
--
Charles Plessy
Tsurumi, Kanagawa,
Hi Marc,
On Sun, Dec 7, 2008 at 20:07, Marc 'HE' Brockschmidt
<[EMAIL PROTECTED]> wrote:
> Your package failed to build on my buildd:
Thanks for the report. Too late I discovered the many problems that
drawterm has on non-i386 architectures. I'm working on a patch for
this and other problems I'v
(Copying 9fans in case somebody can lend a hand on this, copying the
Debian bug report(er)s)
Hi Russ,
I'm a Plan9 newbie and Debian Developer, and I'm currently tying to
fix bugs that showed after I uploaded drawterm to Debian. However I
have hit some problems that are being difficult to solve. I'
[bcc: everyone but Martín]
Thanks for your note. Drawterm has been run successfully
on the MIPS under SGI IRIX and the Sparc under Solaris
and the 64-bit Alpha under Digital UNIX. I'm afraid that
I have not tried Linux on those platforms, nor gcc on some,
so there will be problems.
Drawterm als
Package: xserver-xorg
Version: 1:7.4~4
Severity: grave
Justification: renders package unusable
Hi,
On a new laptop, I need the intel driver from experimental, so I'm
forced to use the xorg from experimental as well.
With the lenny version (using the vesa driver) input works fine.
After switchin
65 matches
Mail list logo
