Package: trafficserver
Version: 8.0.2+ds-1+deb10u4
Severity: grave
Tags: security
Justification: user security hole
-- System Information:
Debian Release: 10.10
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-
Processing commands for cont...@bugs.debian.org:
> severity 982758 important
Bug #982758 [webext-browserpass] webext-browserpass: Failed to install on
upgrade to bullseye
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
9
severity 982758 important
thanks
> I tried with a stable chroot, then installed all the webext* packages you have
> installed and then upgraded webext-browserpass. Works like a charm.
By now I've ran more test up to a full system dist-upgrade with all webext*
packages installed, not a single fai
Processing commands for cont...@bugs.debian.org:
> found 990303 8.1.1+ds-1
Bug #990303 [trafficserver] trafficserver: Apache Traffic Server is vulnerable
to various HTTP/1.x and HTTP/2 attacks
Marked as found in versions trafficserver/8.1.1+ds-1.
> thanks
Stopping processing here.
Please contact
Processing commands for cont...@bugs.debian.org:
> tags 990303 + upstream
Bug #990303 [trafficserver] trafficserver: Apache Traffic Server is vulnerable
to various HTTP/1.x and HTTP/2 attacks
Added tag(s) upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
On Thu, Jun 24, 2021 at 07:11:02PM +0200, László Böszörményi (GCS) wrote:
Control: tags -1 +pending moreinfo
On Wed, Jun 16, 2021 at 10:00 AM Francesco P. Lovergine
wrote:
This is currently run on testing since ages. I had to restart due to a changed
fingerprint and the global service started
Control: forwarded -1
https://github.com/diaspora/diaspora_federation/pull/116
On Thu, 03 Dec 2020 23:25:20 +0530 Pirate Praveen
wrote:
> ruby-diaspora-federation ftbfs/fails autopkgtest with ruby-faraday
1.0
Reported upstream
https://github.com/diaspora/diaspora_federation/pull/116
Processing commands for cont...@bugs.debian.org:
> severity 985967 serious
Bug #985967 [freeradius] freeradius: Fails to start with permission denied when
configuring to use privileged ports
Severity set to 'serious' from 'important'
>
End of message, stopping processing here.
Please contact me
Processing commands for cont...@bugs.debian.org:
> severity 985967 serious
Bug #985967 [freeradius] freeradius: Fails to start with permission denied when
configuring to use privileged ports
Ignoring request to change severity of Bug 985967 to the same value.
> thanks
Stopping processing here.
P
Processing commands for cont...@bugs.debian.org:
> forwarded 976343 github.com/diaspora/diaspora_federation/pull/116
Bug #976343 [ruby-diaspora-federation] ruby-diaspora-federation: ftbfs with
ruby-faraday 1.0
Set Bug forwarded-to-address to
'github.com/diaspora/diaspora_federation/pull/116'.
>
On Fri, Jun 25, 2021 at 08:59:25AM +0200, Lorenzo Maurizi wrote:
> Package: trafficserver
> Version: 8.0.2+ds-1+deb10u4
> Severity: grave
> Tags: security
> Justification: user security hole
>
> CVE:
> CVE-2021-27577 Incorrect handling of url fragment leads to cache poisoning
> CVE-2021-32565 HTTP
Your message dated Fri, 25 Jun 2021 11:03:29 +
with message-id
and subject line Bug#976343: fixed in ruby-diaspora-federation 0.2.6-3
has caused the Debian Bug report #976343,
regarding ruby-diaspora-federation: ftbfs with ruby-faraday 1.0
to be marked as done.
This means that you claim that
Please close, this is a duplicate of #920907
Cheers,
Marcos
Your message dated Fri, 25 Jun 2021 12:18:33 +
with message-id
and subject line Bug#990284: fixed in atlas-ecmwf 0.25.0-3
has caused the Debian Bug report #990284,
regarding atlas-ecmwf: please build for ppc64el
to be marked as done.
This means that you claim that the problem has been dealt w
Package: librust-object+compression-dev
Version: 0.12.0-3
Severity: serious
Tags: patch
librust-object+compression-dev depends on librust-flate2-1+default-dev
which is a (versioned) virtual package provided by
librust-flate2+zlib-dev in buster and by librust-flate2+rust-backend-dev
in bullseye. ap
Your message dated Fri, 25 Jun 2021 13:33:51 +
with message-id
and subject line Bug#892275: fixed in redshift 1.12-4.2
has caused the Debian Bug report #892275,
regarding redshift shouldn't start itself via systemd
to be marked as done.
This means that you claim that the problem has been deal
Package: python-pkg-resources
Version: 44.1.1-1
Severity: serious
Tags: patch
Hi,
in some upgrade scenarios the unversioned python packages don't get
removed despite of the Breaks existing in python2.7 and friends.
This is caused by the unversioned python packages getting higher scores
and apt-ge
Package: sssd
Version: 2.4.1-2
Severity: serious
After upgrade from Buster, several components of sssd simply fail:
| ● sssd-nss.socket loaded failed failed
SSSD NSS Service responder socket
| sssd-pac.socket loaded active li
reassign 990228 ssl-cert
severity 990228 normal
thanks
So I think there is no bug in OpenSSL and the additional check
being done in 3.0 makes sense. So I'm reassigning this to
ssl-cert.
Kurt
Processing commands for cont...@bugs.debian.org:
> reassign 990228 ssl-cert
Bug #990228 [openssl] openssl: breaks ssl-cert installation:
8022CB35777F:error:127A:random number generator:RAND_write_file:Not a
regular file:../crypto/rand/randfile.c:190:Filename=/dev/urandom
Bug reassigned f
Your message dated Fri, 25 Jun 2021 20:19:27 +
with message-id
and subject line Bug#989064: fixed in curl 7.74.0-1.3
has caused the Debian Bug report #989064,
regarding curl: output of -w accidentally in microseconds
to be marked as done.
This means that you claim that the problem has been de
Your message dated Fri, 25 Jun 2021 21:19:01 +
with message-id
and subject line Bug#990276: fixed in feature-check 0.2.2-7
has caused the Debian Bug report #990276,
regarding [feature-check] Version comparisons may return the wrong result
to be marked as done.
This means that you claim that t
Processing commands for cont...@bugs.debian.org:
> forcemerge 989870 989320
Bug #989870 [libwine-development,libwine-development-dev]
libwine-development,libwine-development-dev: both ship
usr/lib/x86_64-linux-gnu/wine-development/libwine.so
Unable to merge bugs because:
package of #989320 is 'l
Processing commands for cont...@bugs.debian.org:
> reassign 989870 src:wine-development
Bug #989870 [libwine-development,libwine-development-dev]
libwine-development,libwine-development-dev: both ship
usr/lib/x86_64-linux-gnu/wine-development/libwine.so
Bug reassigned from package 'libwine-devel
Your message dated Sat, 26 Jun 2021 02:48:55 +
with message-id
and subject line Bug#989320: fixed in wine-development 5.22+repack-2
has caused the Debian Bug report #989320,
regarding libwine-development-dev: libwine-development and
libwine-development-dev both supply libwine.so
to be marked
Your message dated Sat, 26 Jun 2021 02:48:55 +
with message-id
and subject line Bug#989320: fixed in wine-development 5.22+repack-2
has caused the Debian Bug report #989320,
regarding libwine-development,libwine-development-dev: both ship
usr/lib/x86_64-linux-gnu/wine-development/libwine.so
t
Package: glances
Version: 3.1.5-1
Severity: serious
Justification: Policy 2.2.1
Hi,
the source package contains:
glances/outputs/static/public/glances.js
glances/outputs/static/public/glances.map.js
these files are copied into the binary package as:
/usr/lib/python3/dist-packages/glances/outpu
27 matches
Mail list logo
