Bug#891469: awstats: Path traversal in config parameter if site config is missing.

Hi, Since awstats is currently unmaintained, can you request a new CVE for this at https://cveform.mitre.org/ ? This way it'll be properly monitored and taken care of in distros. Cheers! Sylvain On Sun, 25 Feb 2018 21:33:34 +0100 =?utf-8?b?VG9tYcW+IMWgb2xj?= wrote: Package: awstats Versio

Bug#890414: awstats: run-parts doesnt work with .sh files

For your consideration: https://salsa.debian.org/debian/awstats/-/merge_requests/2 The awstats package is orphaned. Depending on the answers I may do a NMU. Cheers! Sylvain On Wed, 6 May 2020 13:36:23 + debian_reportbug_202...@michaelaltfield.net wrote: Package: awstats Version: 7.6+dfsg-

Bug#560940: CVE-2009-3560 and CVE-2009-3720 denial-of-services

n_expat.dpatch by Sylvain Beucler ## ## All lines beginning with `## DP:' are a description of the patch. -## DP: use system expat to address CVE-2009-3560 and CVE-2009-3720 DoS -## DP: see also debian/rules, target 'clean' +## DP: No description. tla-1.3.5+dfsg.orig/src/tl

Bug#560940: CVE-2009-3560 and CVE-2009-3720 denial-of-services

On Tue, Dec 15, 2009 at 01:31:30PM +0100, Sylvain Beucler wrote: > Patched package available at: > http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;package=tla Ben noticed that part of the bundled libexpat was still used. I missed 2 "-I ../lib/expat" occurrence

Bug#560940: CVE-2009-3560 and CVE-2009-3720 denial-of-services

Patched package available at: http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;package=tla -- Sylvain signature.asc Description: Digital signature

Bug#560940: CVE-2009-3560 and CVE-2009-3720 denial-of-services

I'm having a look at this. I had worked on this package a while ago, and I'm currently doing a NM Tasks&Skills, so it's a pleasure ;) -- Sylvain signature.asc Description: Digital signature

Bug#395877: Package lta embeds neon

On Wed, Nov 22, 2006 at 10:04:06PM +0100, Daniel Baumann wrote: > Neil McGovern wrote: > > Is there a reason why dynamic linking won't work? It would be really > > nice to get another embedded code copy out of Debian. > > it didn't, because the debian version of libneon at that time was > incompat

Bug#384901: bus error on commit

Hi, Could you try with the current unstable (-4) version? Thanks, -- Sylvain On Sun, Aug 27, 2006 at 03:02:39PM -0400, Clint Adams wrote: > Package: tla > Version: 1.3.5+dfsg-3 > Severity: important > > On sparc, > > % tla commit > * no log found, creating one automatically > * (Use "tla mak

Bug#382465: FTBFS on arm, sparc, ia64, hppa

> tla 1.3.5+dfsg-2 fails to build from source on arm, sparc, ia64 and > hppa[1]. Actually it builds, but the test suite fails on those architectures. I reported that upstream and they're working on it. http://lists.gnu.org/archive/html/gnu-arch-users/2006-08/msg6.html Maybe we can drop the te

Bug#281870: Fix confirmed

Thanks for the fix, it is now integrated in the new version. Closing the bug :) https://savannah.nongnu.org/projects/arch4debian/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]