-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 17 Jan 2010 14:47:41 +0100
Source: dokuwiki
Binary: dokuwiki
Architecture: source all
Version: 0.0.20090214b-3.1
Distribution: unstable
Urgency: high
Maintainer: Mohammed Adnène Trojette adn+...@diwi.org
Changed-By: Giuseppe
tags 561832 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 17 Jan 2010 12:41:13 +0100.
The fix will be in the next upload.
=
Fixed
@@
+dokuwiki (0.0.20090214b-3.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Check against cross-site request forgeries (CSRF)
+ * Fixed multiple vulnerabilities in ACL plugin (Closes: #565406)
+
+ -- Giuseppe Iuculano iucul...@debian.org Sun, 17 Jan 2010 14:47:41 +0100
@@
+dokuwiki (0.0.20090214b-3.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Check against cross-site request forgeries (CSRF)
+ * Fixed multiple vulnerabilities in ACL plugin (Closes: #565406)
+
+ -- Giuseppe Iuculano iucul...@debian.org Sun, 17 Jan 2010 14:47:41 +0100
Il 16/01/2010 11:08, Goswin von Brederlow ha scritto:
That usualy means one of the libraries can not be found.
What does
ldd i586-jdk/bin/unpack200
$ ldd i586-jdk/bin/unpack200
not a dynamic executable
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Il 16/01/2010 11:08, Goswin von Brederlow ha scritto:
That usualy means one of the libraries can not be found.
What does
ldd i586-jdk/bin/unpack200
$ ldd i586-jdk/bin/unpack200
not a dynamic executable
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1971-1secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
January 15, 2010
Author: derevko-guest
Date: 2010-01-15 20:14:24 + (Fri, 15 Jan 2010)
New Revision: 13827
Modified:
data/DSA/list
Log:
DSA-1971-1 libthai - arbitrary code execution
Modified: data/DSA/list
===
--- data/DSA/list
Author: derevko-guest
Date: 2010-01-15 20:19:46 + (Fri, 15 Jan 2010)
New Revision: 13828
Modified:
data/CVE/list
Log:
CVE-2009-4012 fixed in libthai 0.1.13-1
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-15
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1971-1secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
January 15, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1969-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
January 12, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1969-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
January 12, 2010
Author: derevko-guest
Date: 2010-01-12 21:35:11 + (Tue, 12 Jan 2010)
New Revision: 13793
Modified:
data/CVE/list
Log:
CVE-2009-4212 disclosed
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-12 20:52:02 UTC (rev
Author: derevko-guest
Date: 2010-01-10 13:11:25 + (Sun, 10 Jan 2010)
New Revision: 13777
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
NFU
spu notifications
Modified: data/CVE/list
===
--- data/CVE/list
Author: derevko-guest
Date: 2010-01-10 13:43:17 + (Sun, 10 Jan 2010)
New Revision: 13778
Modified:
data/CVE/list
Log:
- CVE-2009-4565: sendmail does not properly handle a '\0' character
- sarg issues
- NFUs
Modified: data/CVE/list
Package: sendmail
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for sendmail.
CVE-2009-4565[0]:
| sendmail before 8.14.4 does not properly handle a '\0' character in a
| Common Name (CN)
Package: sendmail
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for sendmail.
CVE-2009-4565[0]:
| sendmail before 8.14.4 does not properly handle a '\0' character in a
| Common Name (CN)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1965 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
January 06, 2010
Team pkg-amule-de...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
amule - client for the eD2k and Kad networks, like eMule
amule-common - common files for the rest of aMule packages
amule-daemon - non-graphic version of aMule, a client for the eD2k
Author: derevko-guest
Date: 2010-01-06 10:24:52 + (Wed, 06 Jan 2010)
New Revision: 13731
Modified:
data/CVE/list
Log:
- NFUs
- new uzbl issue
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-06 01:28:25 UTC (rev
Author: derevko-guest
Date: 2010-01-06 10:39:38 + (Wed, 06 Jan 2010)
New Revision: 13732
Modified:
data/CVE/list
Log:
uzbl: CVE id requested
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-06 10:24:52 UTC (rev
Author: derevko-guest
Date: 2010-01-06 14:14:50 + (Wed, 06 Jan 2010)
New Revision: 13733
Modified:
data/CVE/list
Log:
NFU
redmine: bug filed
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-06 10:39:38 UTC (rev
Author: derevko-guest
Date: 2010-01-06 17:44:57 + (Wed, 06 Jan 2010)
New Revision: 13735
Modified:
data/CVE/list
Log:
CVE-2009-4427: phpldapadmin in etch not affected
Modified: data/CVE/list
===
--- data/CVE/list
Team pkg-amule-de...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
amule - client for the eD2k and Kad networks, like eMule
amule-common - common files for the rest of aMule packages
amule-daemon - non-graphic version of aMule, a client for the eD2k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Jan 2010 13:20:35 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 2.9.1-1
Distribution: unstable
Urgency: low
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed-By: Giuseppe
Vollstrecker ha scritto:
So one package for one single small file? I got critized for spltting
the translations and the utils into separate packages (which I have
still reasons for). Where's the difference?
I don't know why you got criticized, but there are many other packages that
provide
Package: redmine
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for redmine.
CVE-2009-4459[0]:
| Redmine 0.8.7 and earlier uses the title tag before defining the
| character encoding in a
Package: redmine
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for redmine.
CVE-2009-4459[0]:
| Redmine 0.8.7 and earlier uses the title tag before defining the
| character encoding in a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1965 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
January 06, 2010
Package: redmine
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for redmine.
CVE-2009-4459[0]:
| Redmine 0.8.7 and earlier uses the title tag before defining the
| character encoding in a
-By: Giuseppe Iuculano iucul...@debian.org
Description:
phpldapadmin - web based interface for administering LDAP servers
Closes: 561975
Changes:
phpldapadmin (1.1.0.5-6+lenny1) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fixed CVE-2009-4427: Local file
Author: derevko-guest
Date: 2010-01-05 08:11:13 + (Tue, 05 Jan 2010)
New Revision: 13719
Modified:
data/CVE/list
Log:
CVE-2009-0689 fixed in kdelibs 4:3.5.10.dfsg.1-3
Modified: data/CVE/list
===
--- data/CVE/list
Team pkg-amule-de...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
amule - client for the eD2k and Kad networks, like eMule
amule-common - common files for the rest of aMule packages
amule-daemon - non-graphic version of aMule, a client for the eD2k
Team pkg-amule-de...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
amule - client for the eD2k and Kad networks, like eMule
amule-common - common files for the rest of aMule packages
amule-daemon - non-graphic version of aMule, a client for the eD2k
reopen 313579
thanks
Hi,
Debian Bug Tracking System ha scritto:
Hi,
I'm closing this bug, because this won't get included upstream, and
including it in debian would help users of firefoy/iceweasel and gnome.
I expect right after including this, someone wants lynx to be patched
for
Hi,
Vollstrecker ha scritto:
If we can add a gnome support, we should do it.
And if we could add kde-support, we should do it? And if we could add
opera-support, we should do it?
Why not? :-)
everything, but I as a user would be pissed if I would have to install
support for a system I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Mon, 04 Jan 2010 21:08:46 +0100
Source: phpldapadmin
Binary: phpldapadmin
Architecture: source all
Version: 1.1.0.7-1.2
Distribution: unstable
Urgency: high
Maintainer: Fabio Tranchitella kob...@debian.org
Changed-By: Giuseppe
Giuseppe Iuculano ha scritto:
Hi,
Attached is a debdiff of the changes I made for 1.1.0.7-1.1 0-day NMU.
Hi,
previous NMU introduced a regression. Attached the debdiff for 1.1.0.7-1.2 0-day
NMU.
Cheers,
Giuseppe.
diff -u phpldapadmin-1.1.0.7/debian/changelog
phpldapadmin-1.1.0.7/debian
tags 562992 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Tue, 5 Jan 2010 08:43:30 +0100.
The fix will be in the next upload.
=
Disable
Michael Gilbert ha scritto:
Hi all,
I've prepared updates for CVE-2009-3637 for alien-arena [0] and gotten
that approved [1] for a stable-proposed-update. Would anyone be willing
to sponsor this upload?
Fixed the distribution field in debian/changelog
(s/unstable/stable-proposed-updates/)
Giuseppe Iuculano ha scritto:
Hi,
Attached is a debdiff of the changes I made for 1.1.0.7-1.1 0-day NMU.
Hi,
previous NMU introduced a regression. Attached the debdiff for 1.1.0.7-1.2 0-day
NMU.
Cheers,
Giuseppe.
diff -u phpldapadmin-1.1.0.7/debian/changelog
phpldapadmin-1.1.0.7/debian
tags 562992 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Tue, 5 Jan 2010 08:43:30 +0100.
The fix will be in the next upload.
=
Disable
Author: derevko-guest
Date: 2010-01-03 10:55:57 + (Sun, 03 Jan 2010)
New Revision: 13701
Modified:
data/CVE/list
data/NMU/list
Log:
- NFUs and ITPs
- phpldapadmin NMUed
Modified: data/CVE/list
===
--- data/CVE/list
Author: derevko-guest
Date: 2010-01-03 17:54:42 + (Sun, 03 Jan 2010)
New Revision: 13704
Modified:
data/CVE/list
Log:
gwt uploaded in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-03 17:25:10 UTC (rev
Author: derevko-guest
Date: 2010-01-04 07:46:02 + (Mon, 04 Jan 2010)
New Revision: 13708
Modified:
data/CVE/list
Log:
CVE-2007-6452 is fixed
Modified: data/CVE/list
===
--- data/CVE/list 2010-01-04 07:29:22 UTC (rev
Michael Gilbert ha scritto:
CVE-2007-6452 (Unspecified vulnerability in the benchmark reporting system
in Google ...)
- - gwt 1.6.4-1
+ - gwt undetermined (low; bug #563542)
Why this should be undetermined?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 03 Jan 2010 11:47:29 +0100
Source: phpldapadmin
Binary: phpldapadmin
Architecture: source all
Version: 1.1.0.7-1.1
Distribution: unstable
Urgency: high
Maintainer: Fabio Tranchitella kob...@debian.org
Changed-By: Giuseppe
retitle 561975 CVE-2009-4427: Local file inclusion vulnerability
thanks
Hi,
this issue got a CVE id:
CVE-2009-4427[0]:
| Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5
| allows remote attackers to include and execute arbitrary local files
| via a .. (dot dot) in the cmd
(1.1.0.7-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fixed CVE-2009-4427 (Closes: #561975)
+
+ -- Giuseppe Iuculano iucul...@debian.org Sun, 03 Jan 2010 11:47:29 +0100
+
phpldapadmin (1.1.0.7-1) unstable; urgency=low
* New upstream release.
diff -u
retitle 561975 CVE-2009-4427: Local file inclusion vulnerability
thanks
Hi,
this issue got a CVE id:
CVE-2009-4427[0]:
| Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5
| allows remote attackers to include and execute arbitrary local files
| via a .. (dot dot) in the cmd
(1.1.0.7-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fixed CVE-2009-4427 (Closes: #561975)
+
+ -- Giuseppe Iuculano iucul...@debian.org Sun, 03 Jan 2010 11:47:29 +0100
+
phpldapadmin (1.1.0.7-1) unstable; urgency=low
* New upstream release.
diff -u
Author: derevko-guest
Date: 2010-01-02 09:30:05 + (Sat, 02 Jan 2010)
New Revision: 13696
Modified:
data/CVE/list
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
SPU notifications
Modified: data/CVE/list
===
---
Author: derevko-guest
Date: 2010-01-02 15:01:04 + (Sat, 02 Jan 2010)
New Revision: 13697
Modified:
data/CVE/list
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
NFUs and ITPs
two minor network-manager issues
Modified: data/CVE/list
Package: network-manager-applet
Severity: important
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for network-manager-applet.
CVE-2009-4145[0]:
| nm-connection-editor in NetworkManager (NM) 0.7.x exports
Hi,
this issue got a CVE id:
CVE-2009-4144[0]:
| NetworkManager (NM) 0.7.2 does not ensure that the configured
| Certification Authority (CA) certificate file for a (1) WPA Enterprise
| or (2) 802.1x network remains present upon a connection attempt, which
| might allow remote attackers to
Package: ia32-libs
Version: 20090808
Severity: serious
Hi,
it seems ia32-libs is broken on ia64:
$ file i586-jdk/bin/unpack200
i586-jdk/bin/unpack200: ELF 32-bit LSB executable, Intel 80386, version 1
(SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.2.5, not stripped
$
Package: network-manager-applet
Severity: important
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for network-manager-applet.
CVE-2009-4145[0]:
| nm-connection-editor in NetworkManager (NM) 0.7.x exports
Hi,
this issue got a CVE id:
CVE-2009-4144[0]:
| NetworkManager (NM) 0.7.2 does not ensure that the configured
| Certification Authority (CA) certificate file for a (1) WPA Enterprise
| or (2) 802.1x network remains present upon a connection attempt, which
| might allow remote attackers to
Package: ia32-libs
Version: 20090808
Severity: serious
Hi,
it seems ia32-libs is broken on ia64:
$ file i586-jdk/bin/unpack200
i586-jdk/bin/unpack200: ELF 32-bit LSB executable, Intel 80386, version 1
(SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.2.5, not stripped
$
Team pkg-amule-de...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
amule - client for the eD2k and Kad networks, like eMule
amule-common - common files for the rest of aMule packages
amule-daemon - non-graphic version of aMule, a client for the eD2k
Team pkg-amule-de...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
amule - client for the eD2k and Kad networks, like eMule
amule-common - common files for the rest of aMule packages
amule-daemon - non-graphic version of aMule, a client for the eD2k
Author: derevko-guest
Date: 2009-12-28 09:48:04 + (Mon, 28 Dec 2009)
New Revision: 13668
Modified:
data/CVE/list
Log:
kvm and xen-tools removed
Modified: data/CVE/list
===
--- data/CVE/list 2009-12-27 22:25:37 UTC (rev
: Giuseppe Iuculano iucul...@debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
dmraid - Device-Mapper Software RAID support tool
dmraid-udeb - Device-Mapper Software RAID support tool (udeb) (udeb)
libdmraid-dev - Device-Mapper Software RAID support tool - header files
tags 548620 moreinfo unreproducible
thanks
Package: amule-daemon
Version: 2.2.1-1+lenny2
Severity: grave
File: /usr/bin/amuled
Justification: renders package unusable
It is impossible to use the program. Immediately does segfault.
I can't reproduce that, please provide[1] a meaningful
tags 553716 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 27 Dec 2009 16:43:01 +0100.
The fix will be in the next upload.
=
Replace
tags 525264 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 27 Dec 2009 16:51:46 +0100.
The fix will be in the next upload.
=
Fixed
tags 525265 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 27 Dec 2009 16:58:10 +0100.
The fix will be in the next upload.
=
Fixed
tags 548620 moreinfo unreproducible
thanks
Package: amule-daemon
Version: 2.2.1-1+lenny2
Severity: grave
File: /usr/bin/amuled
Justification: renders package unusable
It is impossible to use the program. Immediately does segfault.
I can't reproduce that, please provide[1] a meaningful
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 22 Dec 2009 20:57:32 +0100
Source: kvm
Binary: kvm kvm-source
Architecture: source all i386
Version: 72+dfsg-5~lenny4
Distribution: stable-security
Urgency: high
Maintainer: Jan Lübbe jlue...@debian.org
Changed-By: Giuseppe
Author: derevko-guest
Date: 2009-12-26 09:33:13 + (Sat, 26 Dec 2009)
New Revision: 13651
Modified:
data/CVE/list
data/NMU/list
Log:
poppler NMUed
Modified: data/CVE/list
===
--- data/CVE/list 2009-12-26 09:15:04 UTC
Author: derevko-guest
Date: 2009-12-26 18:24:10 + (Sat, 26 Dec 2009)
New Revision: 13658
Modified:
data/CVE/list
Log:
- NFUs
- CVE-2009-4422: Multiple cross-site scripting (XSS) vulnerabilities in
libphp-jpgraph
- CVE-2009-4412: Unrestricted file upload vulnerability in Serendipity
-
Package: libphp-jpgraph
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libphp-jpgraph.
CVE-2009-4422[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in the
| GetURLArguments
Package: serendipity
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for serendipity.
CVE-2009-4412[0]:
| Unrestricted file upload vulnerability in Serendipity before 1.5
| allows remote
retitle 499076 CVE-2009-4411: Physical walk no longer ignores all symlinks
tags 499076 security
severity 499076 serious
thanks
Hi,
this issue got a CVE id:
CVE-2009-4411[0]:
| The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when
| running in recursive (-R) mode, follow symbolic
Package: sql-ledger
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for sql-ledger.
CVE-2009-4402[0]:
| The default configuration of SQL-Ledger 2.8.24 allows remote attackers
| to perform
Package: ghostscript
Version: 8.70~dfsg-2
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for ghostscript.
CVE-2009-4270[0]:
| Stack-based buffer overflow in the errprintf function in
Package: sql-ledger
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for sql-ledger.
CVE-2009-4402[0]:
| The default configuration of SQL-Ledger 2.8.24 allows remote attackers
| to perform
Package: libphp-jpgraph
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libphp-jpgraph.
CVE-2009-4422[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in the
| GetURLArguments
Package: serendipity
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for serendipity.
CVE-2009-4412[0]:
| Unrestricted file upload vulnerability in Serendipity before 1.5
| allows remote
Package: sql-ledger
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for sql-ledger.
CVE-2009-4402[0]:
| The default configuration of SQL-Ledger 2.8.24 allows remote attackers
| to perform
Package: ghostscript
Version: 8.70~dfsg-2
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for ghostscript.
CVE-2009-4270[0]:
| Stack-based buffer overflow in the errprintf function in
: source i386
Version: 0.12.2-2.1
Distribution: unstable
Urgency: high
Maintainer: Loic Minier l...@dooz.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-glib-dev - PDF rendering library -- development files
Justin Piszcz ha scritto:
Package: smartmontools
Version: 5.38+svn2920-2
Problem: smartmontools starts too early and fails since udev is not
ready yet.
Hi,
sorry for the late reply. Could you try the 5.39-1 version please?
Cheers,
Giuseppe
signature.asc
Description: OpenPGP digital
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1962 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
December 23, 2009
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 23 Dec 2009 14:31:36 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 2.9-1
Distribution: unstable
Urgency: low
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed-By: Giuseppe
tags 556902 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Wed, 23 Dec 2009 13:32:06 +0100.
The fix will be in the next upload.
=
Updated
tags 561866 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Wed, 23 Dec 2009 14:21:00 +0100.
The fix will be in the next upload.
=
debian
tags 561866 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Wed, 23 Dec 2009 14:21:00 +0100.
The fix will be in the next upload.
=
debian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1962 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
December 23, 2009
Author: derevko-guest
Date: 2009-12-22 13:28:40 + (Tue, 22 Dec 2009)
New Revision: 13624
Modified:
data/CVE/list
Log:
filed bugs for kvm issues
Modified: data/CVE/list
===
--- data/CVE/list 2009-12-22 10:28:18 UTC (rev
Author: derevko-guest
Date: 2009-12-22 20:26:39 + (Tue, 22 Dec 2009)
New Revision: 13625
Modified:
data/CVE/list
Log:
kvm issues triage
Modified: data/CVE/list
===
--- data/CVE/list 2009-12-22 13:28:40 UTC (rev 13624)
tags 561113 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Tue, 22 Dec 2009 09:58:12 +0100.
The fix will be in the next upload.
=
Fixed crash
Package: kvm
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kvm.
CVE-2009-4031[0]:
| The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86
| emulator in the KVM subsystem in
Package: kvm
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kvm.
CVE-2009-3638[0]:
| Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in
| arch/x86/kvm/x86.c in the
+
+ * Non-maintainer upload by the Security Team.
+ * Fixed CVE-2009-3938 (Closes: #534680)
+
+ -- Giuseppe Iuculano iucul...@debian.org Tue, 22 Dec 2009 16:11:27 +0100
+
poppler (0.12.2-2) unstable; urgency=low
* Switch to quilt to manage patches.
diff -u poppler-0.12.2/debian/patches
Package: kvm
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kvm.
CVE-2009-4031[0]:
| The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86
| emulator in the KVM subsystem in
Package: kvm
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kvm.
CVE-2009-3638[0]:
| Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in
| arch/x86/kvm/x86.c in the
Package: kvm
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kvm.
CVE-2009-4031[0]:
| The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86
| emulator in the KVM subsystem in
Package: kvm
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for kvm.
CVE-2009-3638[0]:
| Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in
| arch/x86/kvm/x86.c in the
Author: derevko-guest
Date: 2009-12-21 18:29:24 + (Mon, 21 Dec 2009)
New Revision: 13617
Modified:
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
spu notifications
Modified: data/ospu-candidates.txt
===
---
1301 - 1400 of 3350 matches
Mail list logo
