Bernd,
I see you taken care of the issue or atleast pushed the correct persons. Thanks
alot.
Regards, norbert
Bernd Zeimetz schrieb
>Hi Norbert,
>
>
>> I noted my concerns on the bug-report, I thought that counts as "talking to
>> the
>> package maintainers".
>
>Using "This helps" a
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock leafnode. It fixes 759869 (which was filed with
severity "important", but could just as well have been filed with
RC severity; if the Cron job isn't executed news messages old
Adam,
On 03/20/2015 06:41 PM, Adam D. Barratt wrote:
> Well, they're related to the extent that they suggest potential room to
> tighten up the security fix.
Agreed. I opened #780867 to keep track of this.
> Indeed, I agree that the new version is certainly an improvement over
> the version curr
Your message dated Fri, 20 Mar 2015 17:41:02 +
with message-id <49b201782e3157fa3abc9933747af...@mail.adsl.funky-badger.org>
and subject line Re: Bug#780719: unblock: flightgear/3.0.0-5
has caused the Debian Bug report #780719,
regarding unblock: flightgear/3.0.0-5
to be marked as done.
This m
Dear Stefano,
I kept meaning to thank you for this upload, but lacked the time. Here it
goes, then: thanks for caring about uploads of youtube-dl to jessie.
P.S.: Sorry if this e-mail goes formatted as HTML, but it is beyond my
control right now.
( this is the first time I write to release@ , so please forgive me if
I do something wrong )
Hello up there,
I've discovered today that, though it used to work in 2014, `unshare -r`
(make a new namespace and become root there) both when initially run by
root or usual users got broken because
Adam,
On 03/20/2015 05:19 PM, Adam D. Barratt wrote:
> The latter's potentially a fairly important point. One of the reasons
> that insecure tempfile handling is an issue is that if you write to or
> truncate a file in /tmp and that file is a symlink to another file the
> result can be that the de
Symlinks are followed, but I don't think Nasal can create symlinks (and
if it could, I agree we'd have a bigger problem).
I'm assuming that there's no good reason for anyone ever to be running
flightgear in a privileged context
Agreed: that's one reason I have a 'create an unprivileged user' h
On 2015-03-20 14:09, Markus Wanner wrote:
Control: tags -1 - moreinfo
On 03/18/2015 11:12 PM, Rebecca N. Palmer wrote:
Is untrusted scripts being able to write (not read) /tmp/*.xml a
security or other RC bug (which would require a new upload of
flightgear
_and_ flightgear-data with the obviou
I'm not aware of any that do, but haven't specifically looked.
I now have: as far as I can tell, no Nasal scripts are currently writing
to /tmp, and given that upstream also support Windows, they would
probably consider doing so to be a bug. I'll suggest removing this
upstream, but currently d
Control: tags -1 - moreinfo
On 03/18/2015 11:12 PM, Rebecca N. Palmer wrote:
> Yes, the allowed-paths list is intentionally identical to the
> (post-#780716-fix) Nasal/IOrules: the purpose of this patch is to move
> the checking process to somewhere scripts can't disable.
Good, thanks for confirm
Processing control commands:
> tags -1 - moreinfo
Bug #780719 [release.debian.org] unblock: flightgear/3.0.0-5
Ignoring request to alter tags of bug #780719 to the same tags previously set
--
780719: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780719
Debian Bug Tracking System
Contact ow...
12 matches
Mail list logo
