Package: cron
Version: 3.0pl1-149
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: georg...@debian.org
Hi,
Both setuid() and setgid() return values are not checked in cron's code used to
execute user-provided commands:
do_command.c:
> 63 static void
> 64 child_proc
Source: modemmanager
Version: 1.22.0-1
Severity: serious
Tags: ftbfs
User: helm...@debian.org
Usertags: dep17m2
Dear Maintainer,
modemmanager currently FTBFS in unstable, like this:
...
dh_auto_configure -- -Dgtk_doc=true \
-Ddbus_policy_dir=/usr/share/dbus-1/system.d \
-Dpolkit
Processing control commands:
> block 1055955 with -1
Bug #1055955 [release.debian.org] transition: perl 5.38
1055955 was blocked by: 1042521 1040396 1042525 1042845 1042844 1050451 1042853
1055955 was not blocking any bugs.
Added blocking bug(s) of 1055955: 1057270
--
1055955: https://bugs.debia
Source: libimager-perl
Version: 1.020+dfsg-1
Severity: serious
Tags: ftbfs
Control: block 1055955 with -1
X-Debbugs-Cc: t...@packages.debian.org
This package fails to build from source on current sid.
It regressed with tiff_4.5.1+git230720-2 which is currently blocked from
migrating to trixie bec
On Sat, 02 Dec 2023 14:24:01 +0200, Niko Tyni wrote:
> It regressed with tiff_4.5.1+git230720-2 which is currently blocked from
> migrating to trixie because libimager-perl autopkgtests are failing too.
>
> Changes:
> tiff (4.5.1+git230720-2) unstable; urgency=high
> .
>* Backport security
Your message dated Sat, 02 Dec 2023 13:36:22 +
with message-id
and subject line Bug#1051070: Removed package(s) from unstable
has caused the Debian Bug report #1056270,
regarding RM: gtimer -- RoQA; low popcon; depends on gtk2
to be marked as done.
This means that you claim that the problem h
Your message dated Sat, 02 Dec 2023 13:37:58 +
with message-id
and subject line Bug#1050359: Removed package(s) from unstable
has caused the Debian Bug report #1056271,
regarding RM: gpr -- RoQA; dead upstream; depends on gtk2
to be marked as done.
This means that you claim that the problem h
Your message dated Sat, 02 Dec 2023 13:38:59 +
with message-id
and subject line Bug#1051888: Removed package(s) from unstable
has caused the Debian Bug report #1004596,
regarding kino: FTBFS with ffmpeg 5.0
to be marked as done.
This means that you claim that the problem has been dealt with.
Your message dated Sat, 02 Dec 2023 13:39:34 +
with message-id
and subject line Bug#1052169: Removed package(s) from unstable
has caused the Debian Bug report #1041799,
regarding lv2-c++-tools: depends on unmaintained gtkmm2.4, and indirectly on
GTK 2
to be marked as done.
This means that yo
Processing commands for cont...@bugs.debian.org:
> block 1055955 with 1054793
Bug #1055955 [release.debian.org] transition: perl 5.38
1055955 was blocked by: 1042521 1042525 1042845 1050451 1042853 1057270 1040396
1042844
1055955 was not blocking any bugs.
Added blocking bug(s) of 1055955: 105479
Your message dated Sat, 02 Dec 2023 13:50:42 +
with message-id
and subject line Bug#1053595: Removed package(s) from unstable
has caused the Debian Bug report #853750,
regarding hdfview: HDF5 files appear empty
to be marked as done.
This means that you claim that the problem has been dealt wi
Processing commands for cont...@bugs.debian.org:
> block 1055955 with 1054776
Bug #1055955 [release.debian.org] transition: perl 5.38
1055955 was blocked by: 1042521 1040396 1054793 1042844 1057270 1042853 1042845
1050451 1042525
1055955 was not blocking any bugs.
Added blocking bug(s) of 1055955
Your message dated Sat, 02 Dec 2023 15:32:26 +
with message-id
and subject line Bug#1053769: fixed in nghttp2 1.52.0-1+deb12u1
has caused the Debian Bug report #1053769,
regarding nghttp2: CVE-2023-44487
to be marked as done.
This means that you claim that the problem has been dealt with.
If
Your message dated Sat, 02 Dec 2023 15:32:18 +
with message-id
and subject line Bug#1054163: fixed in fastdds 2.9.1+ds-1+deb12u2
has caused the Debian Bug report #1054163,
regarding fastdds: CVE-2023-42459
to be marked as done.
This means that you claim that the problem has been dealt with.
I
Your message dated Sat, 02 Dec 2023 15:32:34 +
with message-id
and subject line Bug#1056723: fixed in rabbitmq-server 3.10.8-1.1+deb12u1
has caused the Debian Bug report #1056723,
regarding rabbitmq-server: CVE-2023-46118
to be marked as done.
This means that you claim that the problem has be
Your message dated Sat, 02 Dec 2023 15:32:18 +
with message-id
and subject line Bug#1054163: fixed in fastdds 2.9.1+ds-1+deb12u2
has caused the Debian Bug report #1054163,
regarding fastdds: CVE-2023-42459
to be marked as done.
This means that you claim that the problem has been dealt with.
I
Helmut Grohne writes:
> Then when you retry it, please go for experimental first. Then have
> Chris or me check your upload is ok and only then proceed with uploading
> to unstable.
hackrf_2023.01.1-6 now in experimental is the retry with upstream
updates and the udev rules handling.
Thanks for
Your message dated Sat, 2 Dec 2023 16:23:28 +
with message-id
and subject line Re: Bug#1057122: initscripts has an undeclared file conflict
on /usr/lib/udev/hwclock-set
has caused the Debian Bug report #1057122,
regarding initscripts has an undeclared file conflict on
/usr/lib/udev/hwclock-s
Your message dated Sat, 02 Dec 2023 17:15:59 +
with message-id
and subject line Bug#1054509: Removed package(s) from unstable
has caused the Debian Bug report #55,
regarding sqlite3-pcre: depends on obsolete pcre3 library
to be marked as done.
This means that you claim that the problem ha
(re-adding Cc: tiff@pdo)
On Sat, Dec 02, 2023 at 01:40:51PM +0100, gregor herrmann wrote:
> On Sat, 02 Dec 2023 14:24:01 +0200, Niko Tyni wrote:
>
> > It regressed with tiff_4.5.1+git230720-2 which is currently blocked from
> > migrating to trixie because libimager-perl autopkgtests are failing t
Processing commands for cont...@bugs.debian.org:
> owner 1057166 !
Bug #1057166 [src:pgpainless] pgpainless: FTBFS with bouncycastle 1.77
Owner recorded as Jérôme Charaoui .
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1057166: https://bugs.debian.org/cgi-bin/b
Your message dated Sat, 02 Dec 2023 18:05:41 +
with message-id
and subject line Bug#1056944: Removed package(s) from unstable
has caused the Debian Bug report #1034188,
regarding dmraid's last Debian stable release is bookworm
to be marked as done.
This means that you claim that the problem h
Processing control commands:
> forwarded -1 https://github.com/tonycoz/imager/issues/522
Bug #1057270 [src:libimager-perl] libimager-perl: FTBFS: t/t10tiff.t failure
Set Bug forwarded-to-address to 'https://github.com/tonycoz/imager/issues/522'.
--
1057270: https://bugs.debian.org/cgi-bin/bugrep
Control: forwarded -1 https://github.com/tonycoz/imager/issues/522
On Sat, Dec 02, 2023 at 07:24:39PM +0200, Niko Tyni wrote:
> On Sat, Dec 02, 2023 at 01:40:51PM +0100, gregor herrmann wrote:
> > On Sat, 02 Dec 2023 14:24:01 +0200, Niko Tyni wrote:
> It can be reproduced like this with the libim
Hi Jeffrey,
On 2023-12-02 11:39, Jeffrey Bencteux wrote:
> Hi,
>
> Both setuid() and setgid() return values are not checked in cron's code used
> to execute user-provided commands:
This issue was reported as CVD-2006-2607 and fixed a long time ago.
Here's the relevant patch:
https://sources.d
Processing commands for cont...@bugs.debian.org:
> severity 1051877 serious
Bug #1051877 [src:rust-libgit2-sys] rust-libgit2-sys: please prepare for
libgit2 transition
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1051877
Your message dated Sat, 02 Dec 2023 19:47:15 +
with message-id
and subject line Bug#1033822: fixed in oscrypto 1.3.0-1+deb12u1
has caused the Debian Bug report #1033822,
regarding oscrypto: autopkgtest regression: certificate expired 2023-01-01
00:00:00Z
to be marked as done.
This means that
Your message dated Sat, 02 Dec 2023 19:47:11 +
with message-id
and subject line Bug#1053483: fixed in hash-slinger 3.1-1.1+deb12u1
has caused the Debian Bug report #1053483,
regarding tlsa can produce invalid records
to be marked as done.
This means that you claim that the problem has been de
Your message dated Sat, 02 Dec 2023 19:47:16 +
with message-id
and subject line Bug#1054417: fixed in weborf 0.19-2.1+deb12u1
has caused the Debian Bug report #1054417,
regarding weborf: Denial of service when executing cgi executables
to be marked as done.
This means that you claim that the
Your message dated Sat, 02 Dec 2023 19:47:15 +
with message-id
and subject line Bug#1055598: fixed in oscrypto 1.3.0-1+deb12u1
has caused the Debian Bug report #1055598,
regarding oscrypto: FTBFS in bookworm (Error detecting the version of libcrypto)
to be marked as done.
This means that you
Your message dated Sat, 02 Dec 2023 19:47:10 +
with message-id
and subject line Bug#1057149: fixed in gimp 2.10.34-1+deb12u2
has caused the Debian Bug report #1057149,
regarding gimp: Please add Conflicts+Replaces: gimp-dds
to be marked as done.
This means that you claim that the problem has
Your message dated Sat, 02 Dec 2023 19:47:12 +
with message-id
and subject line Bug#1056163: fixed in libervia-backend 0.9.0~hg3993-4+deb12u1
has caused the Debian Bug report #1056163,
regarding libervia-backend: start fails without pre-existing configuration
to be marked as done.
This means
Control: clone -1 -2
Control: reassign -2 ftp.debian.org
Control: retitle -2 RM: haskell-numtype -- ROM; obsolete
Control: severity -2 normal
On Sat, Oct 21, 2023 at 08:10PM, Ilias Tsitsimpis wrote:
> I intend to remove this package:
>
> * It has no rev dependencies
> * The current version FT
Processing control commands:
> clone -1 -2
Bug #1054317 [src:haskell-numtype] Removal notice: obsolete
Bug 1054317 cloned as bug 1057291
> reassign -2 ftp.debian.org
Bug #1057291 [src:haskell-numtype] Removal notice: obsolete
Bug reassigned from package 'src:haskell-numtype' to 'ftp.debian.org'.
N
Control: clone -1 -2
Control: reassign -2 ftp.debian.org
Control: retitle -2 RM: haskell-parallel-tree-search -- ROM; obsolete
Control: severity -2 normal
On Sun, Oct 22, 2023 at 04:26PM, Ilias Tsitsimpis wrote:
> I intend to remove this package:
>
> * It has no rev dependencies
> * The curre
Processing control commands:
> clone -1 -2
Bug #1054355 [src:haskell-parallel-tree-search] Removal notice: obsolete
Bug 1054355 cloned as bug 1057292
> reassign -2 ftp.debian.org
Bug #1057292 [src:haskell-parallel-tree-search] Removal notice: obsolete
Bug reassigned from package 'src:haskell-paral
Control: clone -1 -2
Control: reassign -2 ftp.debian.org
Control: retitle -2 RM: haskell-syb-with-class -- ROM; obsolete
Control: severity -2 normal
On Sat, Oct 21, 2023 at 08:35PM, Ilias Tsitsimpis wrote:
> I intend to remove this package:
>
> * The current version FTBFS with GHC 9.4
> * It'
Control: clone -1 -2
Control: reassign -2 ftp.debian.org
Control: retitle -2 RM: haskell-repa -- ROM; obsolete
Control: severity -2 normal
On Tue, Oct 24, 2023 at 06:23PM, Ilias Tsitsimpis wrote:
> I intend to remove this package:
>
> * It has no rev dependencies
> * The current version FTBFS
Processing control commands:
> clone -1 -2
Bug #1054318 [src:haskell-syb-with-class] Removal notice: obsolete
Bug 1054318 cloned as bug 1057293
> reassign -2 ftp.debian.org
Bug #1057293 [src:haskell-syb-with-class] Removal notice: obsolete
Bug reassigned from package 'src:haskell-syb-with-class' t
Processing control commands:
> clone -1 -2
Bug #1054495 [src:haskell-repa] Removal notice: obsolete
Bug 1054495 cloned as bug 1057294
> reassign -2 ftp.debian.org
Bug #1057294 [src:haskell-repa] Removal notice: obsolete
Bug reassigned from package 'src:haskell-repa' to 'ftp.debian.org'.
No longer
Your message dated Sat, 02 Dec 2023 20:46:17 +
with message-id
and subject line Bug#1054959: fixed in haskell-irc-core 2.12-1
has caused the Debian Bug report #1054959,
regarding haskell-irc-core: FTBFS: unsatisfiable build-dependencies:
libghc-primitive-dev (< 0.8), libghc-vector-dev (< 0.13
Source: r-cran-data.table
Version: 1.14.8+dfsg-1
Severity: serious
Control: close -1 1.14.8+dfsg2-1
Tags: sid trixie
User: release.debian@packages.debian.org
Usertags: out-of-sync
Dear maintainer(s),
The Release Team considers packages that are out-of-sync between testing
and unstable for m
Processing control commands:
> close -1 1.14.8+dfsg2-1
Bug #1057296 [src:r-cran-data.table] src:r-cran-data.table: fails to migrate to
testing for too long: autopkgtest failure on 32 bits
Marked as fixed in versions r-cran-data.table/1.14.8+dfsg2-1.
Bug #1057296 [src:r-cran-data.table] src:r-cran
Your message dated Sat, 02 Dec 2023 21:00:10 +
with message-id
and subject line Bug#1040901: fixed in linux 6.6.3-1~exp1
has caused the Debian Bug report #1040901,
regarding linux modules must not be signed with CA key, bump ABI every upload
to be marked as done.
This means that you claim tha
On Sat, Dec 02, 2023 at 08:35:38PM +0200, Niko Tyni wrote:
> >From
> >https://sources.debian.org/src/libimager-perl/1.020%2Bdfsg-1/TIFF/imtiff.c/#L302
>
> static toff_t sizeproc(thandle_t x) {
> return 0;
> }
>
> which is used as the TIFFClientOpen() argument in i_readtiff_wiol():
>
>
On Sun, 03 Dec 2023 10:46:50 +1100, Tony Cook wrote:
> > https://github.com/tonycoz/imager/issues/522
> Fixed in 1.022, please let me know if you have any more problems.
Thank you!
1.022 builds fine in Debian unstable, so I've uploaded it.
> d54ea521f63ec1ed7d8c0fd11c23507600d51143 should be
Your message dated Sun, 03 Dec 2023 01:05:51 +
with message-id
and subject line Bug#1057270: fixed in libimager-perl 1.022+dfsg-1
has caused the Debian Bug report #1057270,
regarding libimager-perl: FTBFS: t/t10tiff.t failure
to be marked as done.
This means that you claim that the problem ha
Package: sioyek
Version: 2.0.0+dfsg-3+b5
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: mu...@packages.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
mupdf 0.23 drops the pdf_parse_link_uri symbol, causing sio
On Sun, 03 Dec 2023 02:56:20 +0100 Victor Westerhuis
wrote:
Package: sioyek
Version: 2.0.0+dfsg-3+b5
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: mu...@packages.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA2
Control: tags -1 upstream
Control: forwarded -1 https://github.com/Rdatatable/data.table/issues/5785
Control: reopen -1
Forwarded upstream
Reopening to stay visible in our sentinel
--
http://fam-tille.de
Processing control commands:
> tags -1 upstream
Bug #1057296 {Done: Paul Gevers } [src:r-cran-data.table]
src:r-cran-data.table: fails to migrate to testing for too long: autopkgtest
failure on 32 bits
Added tag(s) upstream.
> forwarded -1 https://github.com/Rdatatable/data.table/issues/5785
Bug
Your message dated Sun, 03 Dec 2023 06:03:59 +
with message-id
and subject line Bug#1057166: fixed in pgpainless 1.6.4-1
has caused the Debian Bug report #1057166,
regarding pgpainless: FTBFS with bouncycastle 1.77
to be marked as done.
This means that you claim that the problem has been deal
Processing commands for cont...@bugs.debian.org:
> owner 1057170 !
Bug #1057170 [src:ssl-utils-clojure] ssl-utils-clojure: FTBFS with bouncycastle
1.77
Owner changed from Jérôme to Jérôme Charaoui
.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1057170: https
Processing commands for cont...@bugs.debian.org:
> owner 1057170 !
Bug #1057170 [src:ssl-utils-clojure] ssl-utils-clojure: FTBFS with bouncycastle
1.77
Owner recorded as Jérôme .
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1057170: https://bugs.debian.org/cgi
Your message dated Sun, 03 Dec 2023 07:07:53 +
with message-id
and subject line Bug#1057170: fixed in ssl-utils-clojure 3.5.3-1
has caused the Debian Bug report #1057170,
regarding ssl-utils-clojure: FTBFS with bouncycastle 1.77
to be marked as done.
This means that you claim that the problem
Processing control commands:
> affects -1 src:pandoc
Bug #1057309 [src:haskell-pandoc] src:haskell-pandoc binary package names
conflict with src:pandoc binary packages
Added indication that 1057309 affects src:pandoc
--
1057309: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057309
Debian B
Source: haskell-pandoc
Version: 3.0.1-2
Severity: serious
Control: affects -1 src:pandoc
Hi,
The binary packages provided by src:haskell-pandoc conflict with the
binary packages of src:pandoc; violationg Debian Policy 3.1 ("Every
package must have a name that’s unique within the Debian archive.")
Hi Graham,
thanks for bringing this up.
I have a totally different question concerning the transition. At
https://buildd.debian.org/status/package.php?p=r-bioc-ioniser
the build logs are lagging now nearly two days for all architectures.
Do you know whom to ask for the reason?
Kind regard
58 matches
Mail list logo
