[Pkg-kde-extras] You have $550, 000 lodged in Western Union to be transferred to you.
Respond for details --- This email has been checked for viruses by AVG. https://www.avg.com ___ pkg-kde-extras mailing list pkg-kde-extras@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] skrooge_2.16.2-1_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 04 Nov 2018 23:53:16 +0100 Source: skrooge Binary: skrooge skrooge-common Architecture: source Version: 2.16.2-1 Distribution: unstable Urgency: medium Maintainer: Debian KDE Extras Team Changed-By: Pino Toscano Description: skrooge- personal finance manager for KDE skrooge-common - Skrooge architecture independent files Changes: skrooge (2.16.2-1) unstable; urgency=medium . * Team upload. * New upstream release. * Disable the build of the Qt Designer plugins, which are not useful without development stuff: - pass -DSKG_DESIGNER=OFF to cmake - remove special casing for Qt plugins when removing .so symlinks * Bump Standards-Version to 4.2.1, no changes required. * Update lintian overrides. Checksums-Sha1: b7f269fee2cd3bcea1d7996b34fe992b2928db2e 2838 skrooge_2.16.2-1.dsc 9f4f0799ba519a72ccaf870e2de861f41402 21005424 skrooge_2.16.2.orig.tar.xz 80e6f1cf7a7aa17b29b655adf8a67b852a9ee8b2 6736 skrooge_2.16.2-1.debian.tar.xz 6771b0c74348a8be12c585b0e147b40dd166ef67 22924 skrooge_2.16.2-1_source.buildinfo Checksums-Sha256: f53dde37a02f2da6f1f30e127d6ea1e1002a21f1eb774aff1d1f37ddc54fd980 2838 skrooge_2.16.2-1.dsc 124e0928595be6c1ae0a879f4f1cd4631e7aced8c5273ccb92e128a4f2c2bb45 21005424 skrooge_2.16.2.orig.tar.xz dddaafbd654c9b561e527c1f7da26650c28255c4baa1f381555d90c463946e62 6736 skrooge_2.16.2-1.debian.tar.xz 1a003a8904778b14f5b4a216dddcaf5a18080fec78a8ecd87f1afa99438eb7a2 22924 skrooge_2.16.2-1_source.buildinfo Files: 33c3e4e0768cff6302939d230425e8a4 2838 kde optional skrooge_2.16.2-1.dsc cf06bd96c3b551f03e6352e523776715 21005424 kde optional skrooge_2.16.2.orig.tar.xz 44df24edb79dd2a9cfa15802e8e0a8a2 6736 kde optional skrooge_2.16.2-1.debian.tar.xz b78c5c900ac858e383b4cae11931ec26 22924 kde optional skrooge_2.16.2-1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEXyqfuC+mweEHcAcHLRkciEOxP00FAlvfeKYACgkQLRkciEOx P000DA//Vn4+8NDqJMqolXE2pnUmqM/u9R/+9VL5SRoVx1SgqJnIsUUlSrfL6V8R s4/B3/LFYPox0JsOmm4/JqkJKRjd9KxxgkWEoKZfUIcaw3rxXM9AmpIrF8JGggzU ba9vh3gSr3vpRG2lEtXwS1ySfiHyba3bkSFdIv1t6t3f2qahiqj3g2UcHVyufCwy 1qsezdjld2kQNeaGn4scicy1TTjYXAJ1+abIw24z6BnWEbiB2OehVsp3+pIRIX0q rv42E0tMLG1yrtp4+aiP0un8gyltkHN09fq/3WLuN9QV3rOkG19gq7i02WEB9coi gqScOHv6PD+PsGPPWXIY2NAHf+By4F0i48j/ohsRYbxx23e0IR6FAVS//KrgUgdp RzOexblgvx70hlULolJS0g1IL1wsFymqSYVMJLm5pHrcInhIHuMU1LFB0K8yK1Iv YpqlC43P+SHDga5tn9N/PvkDipqSg03QM7MwKAd+Ypf0dwlNEtmdyFN/F8a7gn/1 mdopURARTB/Hudp5b71rzg4t2REN7uv0MD1139RBswaRz+5868tVTbPVWRH4q5Db m9Peb4H3Cq/Bb+AdOaX3mJUcGxnYc3B6yDnE+Ov483Y0Dc7OEjcRWdf8DLl/CcWC 99HJuVP1FNMiDrajEi7KrjYWB73sL8p3JEQqdj6o/yZsaJqKn6M= =JeoO -END PGP SIGNATURE- Thank you for your contribution to Debian. ___ pkg-kde-extras mailing list pkg-kde-extras@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Processing of skrooge_2.16.2-1_source.changes
skrooge_2.16.2-1_source.changes uploaded successfully to localhost along with the files: skrooge_2.16.2-1.dsc skrooge_2.16.2.orig.tar.xz skrooge_2.16.2-1.debian.tar.xz skrooge_2.16.2-1_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) ___ pkg-kde-extras mailing list pkg-kde-extras@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-kde-extras
Re: [Pkg-kde-extras] exiv2 stretch update (CVE-2018-16336)
Hi Roberto, On Thu, Nov 01, 2018 at 09:11:38PM -0400, Roberto C. Sánchez wrote: > On Tue, Oct 30, 2018 at 08:51:49AM +0100, Salvatore Bonaccorso wrote: > > > > Yes this is right. There was as well announced > > https://lists.debian.org/debian-devel-announce/2018/04/msg7.html > > for a slightly changed worflow possibility (for the cases one is > > absolutely confident the upload will be accepted, once can upload in > > advance, but still submit debdiff and bug to release.d.o). > > > So, I went ahead and filed the bug rather than uploading preemptively. > The bug is #912531. Adam pointed out that the CVE in question is still > open in unstable. Is there a plan to upload a 0.25-5 version that > addresses the CVE? Or is there work underway to upload a 0.26 package? > > Alternately, I could NMU to unstable based on 0.25-4 to clear the way > for the stable proposed update of 0.25-3.1+deb9u2. I am happy to do > what I can to help or to wait if that is what serves the team best. > > Please advise. Right the fix needs to be first in unstable, so either a maintainer upload for 0.25-4 but I guess the exiv2 maintainer would not object against a NMU, but I cannot speak for the exiv2 packaging team. Regards, Salvatore ___ pkg-kde-extras mailing list pkg-kde-extras@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Bug#912828: exiv2: CVE-2018-18915
Source: exiv2 Version: 0.26-1 Severity: grave Tags: security upstream Forwarded: https://github.com/Exiv2/exiv2/issues/511 Hi, The following vulnerability was published for exiv2, only affecting the experimental version. The severity as such is not warranted but is to make sure the 0.26 affecting issues do not enter an upcoming stable release. If you disagree on that approach I would not object to downgrade to important. CVE-2018-18915[0]: | There is an infinite loop in the Exiv2::Image::printIFDStructure | function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a | remote denial of service attack. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-18915 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18915 [1] https://github.com/Exiv2/exiv2/issues/511 Regards, Salvatore ___ pkg-kde-extras mailing list pkg-kde-extras@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-kde-extras
