Dear maintainer,
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of graphicsmagick:
https://security-tracker.debian.org/tracker/CVE-2017-17498
https://security-tracker.debian.org/tracker/CVE-2017-17500
https://security-tracker.debian.org/tra
Hi,
Last month I worked 14.5h on LTS, which I spent doing the following:
- firefox-esr update
- xorg-server update
- openjdk-7 update (this took longer than normal due to a bootstrap failure
which I tried to fix, but in the end decided to disable the bootstrap build,
which triggered another build
Hi Diego,
During my investigations on CVE-2015-8216 (I didn't update the tracker
because I'm still working on it, by the way), I discovered the following
floating point exception in libswscale/utils.c:
$ ./avconv -i fpe.jpg out.jpg
avconv version 0.8.21, Copyright (c) 2000-2014 the Libav develope
Hello Sergei,
On Sun, 10 Dec 2017, Sergei Golovan wrote:
> On Sun, Dec 10, 2017 at 9:52 PM, Thorsten Alteholz wrote:
> > Hi Sergei,
> >
> > The Debian LTS team would like to fix the security issues which are
> > currently open in the Wheezy version of erlang:
> > https://security-tracker.debian.o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Frank,
You were faster than me, seems that you found the problem.
Probably I did not exercise this part of the source code in my tests,
thanks for the report and the provided patch.
I will apply your patch, run another round of tests and upload
Hi,
the following patch fixes the regression, at least for me:
--- a/sesman/libscp/libscp_v0.c 2017-12-12 14:07:58.0 +0100
+++ b/sesman/libscp/libscp_v0.c 2017-12-12 14:09:16.0 +0100
@@ -203,7 +203,7 @@
/* reading username */
in_uint16_be(c->in_s, sz);
-buf[sz]=g_n
Hi again,
After the update xrdp-sesman started to segfault in libscp:
Thanks for the report. I did not catch this segfault during my tests.
Thanks for investigation.
I have a spare server with same configuration and will try to reproduce
the issue.
I can reproduce the error on this spa
Hi,
After the update xrdp-sesman started to segfault in libscp:
Thanks for the report. I did not catch this segfault during my tests.
Thanks for investigation.
I have a spare server with same configuration and will try to reproduce
the issue.
Best regards,
Frank.
--
Frank Richter
Le
Hi,
> Hi Frank,
>
>> After the update xrdp-sesman started to segfault in libscp:
>
Thanks for the report. I did not catch this segfault during my tests.
> Thank you for the report. I'm adding Lucas Kanashiro to the CC as
> he performed this upload and will likely be able to fix this faster.
>
>
Hi,
> You can't see the CVE-2017-16927.patch? I do not have my laptop with me
> right now, but I will check the patch and investigate the issue ASAP.
Great stuff. (I can see it now — it must have caught me pre-coffee...!)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la
Hi Frank,
> After the update xrdp-sesman started to segfault in libscp:
Thank you for the report. I'm adding Lucas Kanashiro to the CC as
he performed this upload and will likely be able to fix this faster.
(Lucas, I can't immediately see the patch under debian/patches?)
Best wishes,
--
Dear Debian LTS Team,
today we updated xrdp in wheezy/lts to 0.5.0-2+deb7u2.
Architecture is i386.
Release is 7.11 with all upgrades applied.
After the update xrdp-sesman started to segfault in libscp:
Dec 12 07:54:33 flts kernel: [7210262.262235] xrdp-sesman[27580]:
segfault at 9 ip f
12 matches
Mail list logo
