Package: jetty
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4612[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP
| Snoop page in Mort Bay
Package: jetty
Severity: important
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4609[0]:
| The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote
| attackers to obtain
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libstruts1.2-java some time ago.
CVE-2008-2025[0]:
| Cross-site scripting (XSS) vulnerability in Apache Struts before
| 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2
| on SUSE openSUSE 10.3,
Il 28/03/2010 23:41, Michael Gilbert ha scritto:
Those are just guidelines, right?
Yes they are, the purpose of developers-reference is to provide an
overview of the recommended procedures.
Cheers,
Giuseppe
signature.asc
Description: OpenPGP digital signature
Author: derevko-guest
Date: 2010-03-29 09:48:13 + (Mon, 29 Mar 2010)
New Revision: 14348
Modified:
data/CVE/list
Log:
- NFU
- filed some bugs
- CVE-2010-1100: Integer overflow in Arora
- CVE-2009-4612 and CVE-2009-4611 are fixed in jetty 6.1.22-1
- CVE-2009-2902, CVE-2009-2693 and
Author: derevko-guest
Date: 2010-03-29 17:08:32 + (Mon, 29 Mar 2010)
New Revision: 14351
Modified:
data/spu-candidates.txt
Log:
spu notifications
Modified: data/spu-candidates.txt
===
--- data/spu-candidates.txt
Author: derevko-guest
Date: 2010-03-29 21:22:32 + (Mon, 29 Mar 2010)
New Revision: 14354
Modified:
data/CVE/list
Log:
dojo issue fixed in sid
Modified: data/CVE/list
===
--- data/CVE/list 2010-03-29 21:14:22 UTC (rev
Package: viewvc
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for viewvc.
CVE-2010-0004[0]:
| ViewVC before 1.1.3 composes the root listing view without using the
| authorizer for each
Package: ruby1.9
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for ruby1.9.
CVE-2009-1904[0]:
| The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173
| allows
Package: xpdf-reader
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for xpdf.
CVE-2009-1188[0]:
| Integer overflow in the JBIG2 decoding feature in the
| SplashBitmap::SplashBitmap
Package: python3.1
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for python3.1.
CVE-2008-5983[0]:
| Untrusted search path vulnerability in the PySys_SetArgv API function
| in Python 2.6
Package: arora
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for arora.
CVE-2010-1100[0]:
| Integer overflow in Arora allows remote attackers to bypass intended
| port restrictions on
Package: viewvc
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for viewvc.
CVE-2010-0736[0]:
| Cross-site scripting (XSS) vulnerability in the view_queryform
| function in lib/viewvc.py in
Package: jetty
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4610[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty
| 6.x and 7.0.0 allow
Package: jetty
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4612[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP
| Snoop page in Mort Bay
Package: jetty
Severity: important
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4609[0]:
| The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote
| attackers to obtain
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kde4libs some time ago.
CVE-2009-0689[0]:
| Array index error in the (1) dtoa implementation in dtoa.c (aka
| pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in
| gdtoa/misc.c in libc, as used in multiple
Package: viewvc
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for viewvc.
CVE-2010-0004[0]:
| ViewVC before 1.1.3 composes the root listing view without using the
| authorizer for each
Package: xpdf-reader
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for xpdf.
CVE-2009-1188[0]:
| Integer overflow in the JBIG2 decoding feature in the
| SplashBitmap::SplashBitmap
Package: python3.1
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for python3.1.
CVE-2008-5983[0]:
| Untrusted search path vulnerability in the PySys_SetArgv API function
| in Python 2.6
Package: viewvc
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for viewvc.
CVE-2010-0736[0]:
| Cross-site scripting (XSS) vulnerability in the view_queryform
| function in lib/viewvc.py in
Package: jetty
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4610[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty
| 6.x and 7.0.0 allow
Package: jetty
Severity: important
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4609[0]:
| The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote
| attackers to obtain
Package: viewvc
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for viewvc.
CVE-2010-0004[0]:
| ViewVC before 1.1.3 composes the root listing view without using the
| authorizer for each
Package: ruby1.9
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for ruby1.9.
CVE-2009-1904[0]:
| The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173
| allows
Package: xpdf-reader
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for xpdf.
CVE-2009-1188[0]:
| Integer overflow in the JBIG2 decoding feature in the
| SplashBitmap::SplashBitmap
Package: python3.1
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for python3.1.
CVE-2008-5983[0]:
| Untrusted search path vulnerability in the PySys_SetArgv API function
| in Python 2.6
Package: arora
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for arora.
CVE-2010-1100[0]:
| Integer overflow in Arora allows remote attackers to bypass intended
| port restrictions on
Package: viewvc
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for viewvc.
CVE-2010-0736[0]:
| Cross-site scripting (XSS) vulnerability in the view_queryform
| function in lib/viewvc.py in
Package: jetty
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4610[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty
| 6.x and 7.0.0 allow
Package: jetty
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2009-4612[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP
| Snoop page in Mort Bay
Package: lib3ds
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for lib3ds.
CVE-2010-0280[0]:
| Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in
| Google SketchUp 7.x before
Hi Michael!
Il 27/03/2010 19:58, Michael Gilbert ha scritto:
I am looking for a sponsor for the new version 0.9.21-1+nmu1
of my package pulseaudio, which fixes CVE-2009-1299 (bug #573615).
Thanks for your work, I've uploaded your NMU with small modifications in
debian/changelog:
---
Author: derevko-guest
Date: 2010-03-28 21:39:25 + (Sun, 28 Mar 2010)
New Revision: 14347
Modified:
data/CVE/list
data/problematic-packages
Log:
filed some bugs
Modified: data/CVE/list
===
--- data/CVE/list 2010-03-28
Hi Martin,
Il 28/03/2010 12:40, Martin Eberhard Schauer ha scritto:
Dear Guiseppe,
despite of translating the debconf template at the same day when your
mail hit the german mailing list, he unfortunately failed submitting the
po file in time.
We would be very grateful if you could apply the
tags 575701 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 28 Mar 2010 16:02:37 +0200.
The fix will be in the next upload.
=
Updated
Package: krb5
Version: 1.8+dfsg~alpha1-7
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for krb5.
CVE-2010-0628[0]:
| The spnego_gss_accept_sec_context function in
|
Package: lib3ds
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for lib3ds.
CVE-2010-0280[0]:
| Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in
| Google SketchUp 7.x before
Package: libmikmod
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for libmikmod.
CVE-2009-3995[0]:
| Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module
| Decoder
Package: liboggplay
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for liboggplay.
CVE-2009-3388[0]:
| liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before
| 2.0.1 might
Package: lxr-cvs
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for lxr-cvs.
CVE-2009-4497[0]:
| Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5
| and 0.9.6 allows
Package: squid3
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for squid3.
CVE-2010-0308[0]:
| lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through
| 3.1.0.15 allows
Package: krb5
Version: 1.8+dfsg~alpha1-7
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for krb5.
CVE-2010-0628[0]:
| The spnego_gss_accept_sec_context function in
|
Package: lib3ds
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for lib3ds.
CVE-2010-0280[0]:
| Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in
| Google SketchUp 7.x before
Package: libmikmod
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for libmikmod.
CVE-2009-3995[0]:
| Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module
| Decoder
Package: liboggplay
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for liboggplay.
CVE-2009-3388[0]:
| liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before
| 2.0.1 might
Package: squid3
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for squid3.
CVE-2010-0308[0]:
| lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through
| 3.1.0.15 allows
Package: krb5
Version: 1.8+dfsg~alpha1-7
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for krb5.
CVE-2010-0628[0]:
| The spnego_gss_accept_sec_context function in
|
Package: lib3ds
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for lib3ds.
CVE-2010-0280[0]:
| Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in
| Google SketchUp 7.x before
Package: libmikmod
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for libmikmod.
CVE-2009-3995[0]:
| Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module
| Decoder
Package: liboggplay
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for liboggplay.
CVE-2009-3388[0]:
| liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before
| 2.0.1 might
Package: lxr-cvs
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for lxr-cvs.
CVE-2009-4497[0]:
| Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5
| and 0.9.6 allows
Package: squid3
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for squid3.
CVE-2010-0308[0]:
| lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through
| 3.1.0.15 allows
tags 222170 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sat, 27 Mar 2010 10:26:42 +0100.
The fix will be in the next upload.
=
Install
tags 575525 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sat, 27 Mar 2010 10:37:12 +0100.
The fix will be in the next upload.
=
Adopt nload
tags 575525 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sat, 27 Mar 2010 10:37:12 +0100.
The fix will be in the next upload.
=
Adopt nload
Hi Alexander,
Il 26/03/2010 12:24, Alexander Sack ha scritto:
Just pull and build the ubuntu package.
Is there a specific reason why you (Chromium team) uploaded
chromium-browser in Ubuntu two months ago and not yet in Debian?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital
tags 575525 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sat, 27 Mar 2010 10:37:12 +0100.
The fix will be in the next upload.
=
Adopt nload
tags 575525 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sat, 27 Mar 2010 10:37:12 +0100.
The fix will be in the next upload.
=
Adopt nload
Hi Alexander,
Il 26/03/2010 12:24, Alexander Sack ha scritto:
Just pull and build the ubuntu package.
Is there a specific reason why you (Chromium team) uploaded
chromium-browser in Ubuntu two months ago and not yet in Debian?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital
tags 573535 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:01:47 +0100.
The fix will be in the next upload.
=
Update
tags 573544 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:03:39 +0100.
The fix will be in the next upload.
=
Updated
tags 573641 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:06:37 +0100.
The fix will be in the next upload.
=
Updated
tags 574250 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:09:50 +0100.
The fix will be in the next upload.
=
Updated
tags 574856 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:11:38 +0100.
The fix will be in the next upload.
=
Updated
tags 573821 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:08:27 +0100.
The fix will be in the next upload.
=
Updated
tags 574965 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 26 Mar 2010 13:12:55 +0100.
The fix will be in the next upload.
=
Updated
Ciao Giuseppe!
Il 08/03/2010 10:13, Giuseppe Sacco ha scritto:
LIMIT/OFFSET clause on postgresql manual is available at
http://www.postgresql.org/docs/8.4/interactive/sql-select.html#SQL-LIMIT
Could you try the attacked patch please?
Cheers,
Giuseppe.
--- a/php/src/include.php
+++
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2021-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 22, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2021-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 22, 2010
Author: derevko-guest
Date: 2010-03-22 10:45:36 + (Mon, 22 Mar 2010)
New Revision: 14314
Modified:
data/CVE/list
Log:
spamass-milter 0.3.1-9 fixed remote command execution issue
Modified: data/CVE/list
===
--- data/CVE/list
Author: derevko-guest
Date: 2010-03-22 12:11:22 + (Mon, 22 Mar 2010)
New Revision: 14315
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-2021-1
Modified: data/CVE/list
===
--- data/CVE/list 2010-03-22 10:45:36 UTC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2019-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 20, 2010
-security
Urgency: high
Maintainer: Sebastien Bacher seb...@debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
libpango1.0-0 - Layout and rendering of internationalized text
libpango1.0-0-dbg - The Pango library and debugging symbols
libpango1.0-common - Modules
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2019-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 20, 2010
Author: derevko-guest
Date: 2010-03-20 13:29:14 + (Sat, 20 Mar 2010)
New Revision: 14305
Modified:
data/DSA/list
Log:
DSA-2019-1
Modified: data/DSA/list
===
--- data/DSA/list 2010-03-20 01:02:45 UTC (rev 14304)
+++
Author: derevko-guest
Date: 2010-03-20 13:31:36 + (Sat, 20 Mar 2010)
New Revision: 14306
Modified:
data/CVE/list
Log:
autokey arbitrary file overwriting via symlinks
Modified: data/CVE/list
===
--- data/CVE/list
. (Closes: #574021)
+
+ -- Giuseppe Iuculano iucul...@debian.org Thu, 18 Mar 2010 15:18:06 +0100
+
pango1.0 (1.20.5-5) stable; urgency=low
* Merge changes from the 1.20.5-3+lenny1 security upload by Steffen
diff -u pango1.0-1.20.5/debian/patches/series
pango1.0-1.20.5/debian/patches/series
. (Closes: #574021)
+
+ -- Giuseppe Iuculano iucul...@debian.org Thu, 18 Mar 2010 15:18:06 +0100
+
pango1.0 (1.20.5-5) stable; urgency=low
* Merge changes from the 1.20.5-3+lenny1 security upload by Steffen
diff -u pango1.0-1.20.5/debian/patches/series
pango1.0-1.20.5/debian/patches/series
Author: derevko-guest
Date: 2010-03-17 07:40:52 + (Wed, 17 Mar 2010)
New Revision: 14281
Modified:
data/DSA/list
Log:
Added CVE-2009-1299 in DSA-2017-1
Modified: data/DSA/list
===
--- data/DSA/list 2010-03-16 22:03:21
Il 17/03/2010 11:51, Andrey Smachev ha scritto:
Versions of packages arping depends on:
ii libc6 2.10.2-2 GNU C Library: Shared
libraries
ii libnet1 1.1.4-1library for the
construction and h
ii libpcap0.81.0.0-2
tags 574291 moreinfo unreproducible
thanks
Hi,
Il 17/03/2010 11:51, Andrey Smachev ha scritto:
# arping -B
Segmentation fault
I can't reproduce this, please provide[1] a meaningful debugging backtrace.
[1]http://wiki.debian.org/HowToGetABacktrace
Cheers,
Giuseppe
signature.asc
libpulse0-dbg libpulse-mainloop-glib0
libpulse-mainloop-glib0-dbg libpulse-browse0 libpulse-browse0-dbg libpulse-dev
Architecture: source i386
Version: 0.9.10-3+lenny2
Distribution: stable-security
Urgency: high
Maintainer: CJ van den Berg c...@vdbonline.com
Changed-By: Giuseppe Iuculano iucul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2016-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 13, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2016-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 13, 2010
Author: derevko-guest
Date: 2010-03-13 16:15:34 + (Sat, 13 Mar 2010)
New Revision: 14265
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-2016-1
Modified: data/CVE/list
===
--- data/CVE/list 2010-03-13 15:51:41 UTC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2014-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 12, 2010
Author: derevko-guest
Date: 2010-03-12 10:57:15 + (Fri, 12 Mar 2010)
New Revision: 14258
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-2014-1
Modified: data/CVE/list
===
--- data/CVE/list 2010-03-12 04:53:18 UTC
Author: derevko-guest
Date: 2010-03-13 00:19:43 + (Sat, 13 Mar 2010)
New Revision: 14262
Modified:
data/CVE/list
Log:
CVE-2009-1299 disclosed
Modified: data/CVE/list
===
--- data/CVE/list 2010-03-12 23:19:40 UTC (rev
tags 573492 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 12 Mar 2010 21:52:32 +0100.
The fix will be in the next upload.
=
Updated
Package: pulseaudio
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Dan Rosenberg discovered an insecure temporary file creation in pulseadio.
Please see:
https://bugs.edge.launchpad.net/ubuntu/+source/pulseaudio/+bug/509008
Upstream patch:
Hi,
You are noted as the last translator of the debconf translation for
smbind. The English template has been changed, and now some messages
are marked fuzzy in your translation or are missing.
I would be grateful if you could take the time and update it.
Please send the updated file to me, or
Package: pulseaudio
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Dan Rosenberg discovered an insecure temporary file creation in pulseadio.
Please see:
https://bugs.edge.launchpad.net/ubuntu/+source/pulseaudio/+bug/509008
Upstream patch:
Il 12/03/2010 07:07, Christian PERRIER ha scritto:
I reworked my review to respect this...
I committed[1] your patch, thanks.
Should I send another call for translations?
[1]
http://git.debian.org/?p=users/iuculano/smbind.git;a=commitdiff;h=9e579a84cd3fa3bb50dfa484b81d7a99d0011b04
Cheers,
, or submit it as a wishlist bug
against smbind.
The deadline for receiving the updated translation is
Mon, 22 Mar 2010 20:08:47 +0100.
Thanks in advance,
# Copyright (C) 2009 Giuseppe Iuculano giuse...@iuculano.it
# This file is distributed under the same license as nbd package.
# Hideki Yamane (Debian
Hi,
You are noted as the last translator of the debconf translation for
smbind. The English template has been changed, and now some messages
are marked fuzzy in your translation or are missing.
I would be grateful if you could take the time and update it.
Please send the updated file to me, or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2014-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
March 12, 2010
Package: pulseaudio
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Dan Rosenberg discovered an insecure temporary file creation in pulseadio.
Please see:
https://bugs.edge.launchpad.net/ubuntu/+source/pulseaudio/+bug/509008
Upstream patch:
Hi,
You are noted as the last translator of the debconf translation for
smbind. The English template has been changed, and now some messages
are marked fuzzy in your translation or are missing.
I would be grateful if you could take the time and update it.
Please send the updated file to me, or
Hi,
You are noted as the last translator of the debconf translation for
smbind. The English template has been changed, and now some messages
are marked fuzzy in your translation or are missing.
I would be grateful if you could take the time and update it.
Please send the updated file to me, or
1001 - 1100 of 3350 matches
Mail list logo