reopen 794573
thanks
I'm reopening this as it is now broken in testing. This combination:
ii kwin-x114:5.3.2-3
ii kwin-style-breeze 4:5.3.2-2
Doesn't work and the user cannot login to a KDE5 session.
Package: lvm2
Version: 2.03.02-3
Severity: critical
Justification: breaks the whole system
The system with the latest kernel from testing and the latest lvm2 is
unbootable when the root filesystem is a cached lvm volume.
During boot, it says:
device-mapper: table: 253:3: cache: Error creating ca
I just tested it and the problem is that the dm_cache_smq module is missing
from initramfs. Adding it to "/etc/initramfs-tools/modules" and running
"update-initramfs -u" addresses the problem.
I guess that lvm2 should add dm_cache and dm_cache_smq to
/usr/share/initramfs-tools/hooks/lvm2, just lik
Package: login
Version: 1:4.0.3-30.7
Severity: critical
Tags: security
Justification: root security hole
It seems that /var/log/btmp is created as a world readable file.
This is insecure (and it is reported by 'tiger') because this file
contains failed logins , including unknown usernames. It is
On Sunday 16 January 2005 22:24, Justin Pryzby wrote:
> On Sun, Jan 16, 2005 at 09:51:44PM +0200, Stefanos Harhalakis wrote:
> > Package: login
> > Version: 1:4.0.3-30.7
> > Severity: critical
> > Tags: security
> > Justification: root security hole
> >
Package: udev
Version: 0.105-4
Severity: critical
Tags: security
Justification: root security hole
This is a follow-up to closed bug report #404927.
The group problem is not yet fixed. The rule:
SUBSYSTEM=="block", ATTRS{removable}=="1", \
DRIVERS!="aacraid", GROUP="f
On Saturday 26 January 2008, Marco d'Itri wrote:
> tag 462655 unreproducible moreinfo
> thanks
>
> On Jan 26, Stefanos Harhalakis <[EMAIL PROTECTED]> wrote:
> > The group problem is not yet fixed. The rule:
> >
> > SUBSYSTEM=="block", ATT
Package: logcheck
Version: 1.2.54
Severity: grave
Tags: security
Justification: user security hole
Logcheck can leave a world readable dead.letter that contains parsed
logs.
Steps to reproduce:
* Create a lot of logs that will not be filtered by logcheck. (very
easy). 10MBytes should be enough.
On Friday 20 June 2008, Robert Luberda wrote:
> > The problem that it is world readable lies in the used tool mail,
> > coming from the mailx package. The information exposure problem is not
> > limited to logcheck here, it in fact is a more general problem residing
> > in mailx that it doesn't ti
Package: udev
Version: 0.141-1
Severity: critical
Tags: security
Justification: root security hole
Bug #462655 also affects lenny.
I believe that it should be ported to lenny too since:
a) It is security related
b) Most aacraid-related controllers are on servers which tend to use stable
-- Pack
Hello,
I'm using ATI's fglrx 9.6 driver (not debian's) with some custom patching and
it works for me even with "Invalid map handle" errors. This probably means
that this message is not fatal and it is not the one that causes the
segmentation fault.
FWIW: The invalid map handle seems to be some
Package: udev
Version: 0.103-1
Severity: critical
Tags: security
Justification: root security hole
Hi there,
Just noticed that udev sets the group of the hard disks to 'floppy'
making them r/w to this group (actually, tiger noticed it):
brw-rw 1 root floppy 8, 0 Dec 29 11:25 /dev/sda
It seems that this problem occurred between 27/12/2006 and 29/12/2006. The
only thing that changed was the kernel from 2.6.16-2-686-smp to 2.6.18-3-686.
If I remember correctly, tiger was not updated lately, so it would have
noticed this change:
Here are the last tiger reports:
-rw---
Hello,
This bug will be closed by the next fsprotect version which is currently in
mentors. I've contacted my sponsor so it is a matter of time to be uploaded.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@list
Hello,
Does the patch of message #77 fix your problem?
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hello,
On Thursday 21 of January 2010, Julien Cristau wrote:
> fsprotect depends on aufs-modules which is not in sid (and soon not in
> testing). Besides, to quote one of the kernel maintainers, "User-space
> packages should never depend on kernel components, because the kernel
> might be provide
On Tuesday 22 of December 2009, Phil Vandry wrote:
> On Tue, 22 Dec 2009 16:04:24 +0200, Harhalakis Stefanos wrote:
> > > $ ls -ld /
> > > drwxrwxrwt 7 root root 160 2009-12-18 21:40 .
> >
> > This does not seem easy to exploit because of the sticky bit. No?
>
> You're right. The problem is less s
Hello,
On Wednesday 19 of May 2010, Faidon Liambotis wrote:
> Ping?
Does the attached patch work?
If not I'd like to have a test case (either a sample program or step-by-step
instructions) in order to reproduce the bug. Just installing heartbeat isn't
enough since IPv6Addr gives:
# ./IPv6addr
Hi,
On Sat, Mar 3, 2012 at 16:44, Cyril Brulebois wrote:
> Julien Cristau (01/01/2012):
>> On Fri, Jun 3, 2011 at 10:55:08 +0300, V13 wrote:
>> > Thanks for the report. I'll fix it in the next release.
>> any ETA for this fix?
>
> ping again?
This is now in mentors, but needs some cleanups bef
And in case it helps more, here's the full patch.
diff -Nur puppet-2.7.18.orig/lib/puppet/ssl/base.rb puppet-2.7.18/lib/puppet/ssl/base.rb
--- puppet-2.7.18.orig/lib/puppet/ssl/base.rb 2012-07-10 00:36:29.0 +0100
+++ puppet-2.7.18/lib/puppet/ssl/base.rb 2013-04-13 23:01:44.245916200 +0100
@
Gr. It's never easy...
I'll try to find a solution but I don't promise anything.
"Adam D. Barratt" wrote:
>On Sat, 2013-04-13 at 23:03 +0100, Stefanos Harhalakis wrote:
>> And in case it helps more, here's the full patch.
>
>The upstream
21 matches
Mail list logo
