tags 552044 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 20 Mar 2011 19:07:11 +0100.
The fix will be in the next upload.
=
Re-enabled
tags 564853 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Sun, 20 Mar 2011 11:11:40 +0100.
The fix will be in the next upload.
=
Fix FTBFS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2192-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 15, 2011
On 03/16/2011 11:50 PM, Sam Morris wrote:
ii libvpx00.9.1-2 VP8 video codec (shared library)
Probably because you have libvpx0 from stable, could you upgrade it please?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Author: iuculano
Date: 2011-03-15 16:09:54 + (Tue, 15 Mar 2011)
New Revision: 16381
Modified:
data/DSA/list
Log:
DSA-2192-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-03-14 21:15:03 UTC (rev 16380)
+++
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2192-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 15, 2011
Distribution: stable-security
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector
On 03/14/2011 12:38 PM, Thibaut VARENE wrote:
Chromium apparently uses too many X windows, overloading the X server and
eventually making it impossible to run new applications.
Did this happen after the last security update?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital
On 03/14/2011 10:24 PM, Thibaut VARENE wrote:
I can't tell for sure whether the last sec update triggered it, but
I'm not sure either I've experienced this before. And yes, I'm
up-to-date.
Could you please install the wheezy/testing version and test it? It is
an ancient version without the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2190-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 11, 2011
amd64
Version: 10.0.648.133~r77742-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium - Chromium browser
chromium-browser - Chromium browser
-By: Giuseppe Iuculano iucul...@debian.org
Description:
dkms - Dynamic Kernel Module Support Framework
Closes: 577972 592863
Changes:
dkms (2.1.1.2-6) unstable; urgency=low
.
[ Michael Gilbert ]
* [430b97f] Fix logging for compound make statements (closes: #577972)
- Thanks
The following commit has been merged in the master branch:
commit 313d66145b1b5b682dd980e58a6a9430bf6ee6e4
Author: Giuseppe Iuculano iucul...@debian.org
Date: Sat Mar 12 10:55:19 2011 +0100
Merge from Ubuntu: depend on patch instead of recommending it, if its
missing the patches feature
tags 607173 wontfix
thanks
I'm sorry, but I haven't the necessary resources to support chromium in
lenny.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2190-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 11, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 16 Feb 2011 17:22:09 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.5+dfsg-0+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Giuseppe Iuculano iucul...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2188-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 10, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2189-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 10, 2011
Author: iuculano
Date: 2011-03-10 10:54:50 + (Thu, 10 Mar 2011)
New Revision: 16352
Modified:
data/CVE/list
Log:
xslt no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2011-03-10 10:30:09 UTC (rev 16351)
+++
Author: iuculano
Date: 2011-03-10 12:25:15 + (Thu, 10 Mar 2011)
New Revision: 16355
Modified:
data/DSA/list
Log:
DSA-2188-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-03-10 12:08:56 UTC (rev 16354)
+++
Author: iuculano
Date: 2011-03-10 17:33:19 + (Thu, 10 Mar 2011)
New Revision: 16356
Modified:
data/DSA/list
Log:
DSA-2189-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-03-10 12:25:15 UTC (rev 16355)
+++
Author: iuculano
Date: 2011-03-10 17:50:26 + (Thu, 10 Mar 2011)
New Revision: 16357
Modified:
data/CVE/list
Log:
wordpress issues don't affect lenny
Modified: data/CVE/list
===
--- data/CVE/list 2011-03-10 17:33:19 UTC
Author: iuculano
Date: 2011-03-10 19:22:09 + (Thu, 10 Mar 2011)
New Revision: 16358
Modified:
data/CVE/list
data/DSA/list
Log:
got CVE id from chromium sec team
Modified: data/CVE/list
===
--- data/CVE/list
amd64
Version: 10.0.648.127~r76697-1
Distribution: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium - Chromium browser
chromium-browser - Chromium browser
This is CVE-2011-1202
Cheers.
Giuseppe.
signature.asc
Description: OpenPGP digital signature
# [$1000] [74675] High Invalid memory access in v8. Credit to Christian
Holler.
http://code.google.com/p/v8/issues/detail?id=1146
Patch: http://code.google.com/p/v8/source/detail?r=6773
This is CVE-2011-1286
# [$1000] [74662] High Corruption via re-entrancy of RegExp code. Credit to
On 03/10/2011 06:50 PM, Julien Cristau wrote:
What are these numbers? If they're meant as a cross-reference to some
other source, then you might consider making it explicit. Or removing
the numbers altogether, if not. As is, it's just confusing.
you are right, adding now:
Out-of-bounds
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2188-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 10, 2011
# [$1000] [74675] High Invalid memory access in v8. Credit to Christian
Holler.
http://code.google.com/p/v8/issues/detail?id=1146
Patch: http://code.google.com/p/v8/source/detail?r=6773
This is CVE-2011-1286
# [$1000] [74662] High Corruption via re-entrancy of RegExp code. Credit to
Author: iuculano
Date: 2011-03-09 14:06:22 + (Wed, 09 Mar 2011)
New Revision: 16337
Modified:
data/CVE/list
Log:
Chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2011-03-09 12:30:16 UTC (rev 16336)
Package: libxslt
Severity: important
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
new version of google chrome fixed a minor security issue in libxslt:
Issue 73716: Leak of address of heap object via xslt generate-id() function
Upstream patch:
Package: libv8
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
chromium 10.0.648.127 fixed the following security issues in libv8:
# [$1000] [74675] High Invalid memory access in v8. Credit to Christian Holler.
Package: libxslt
Severity: important
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
new version of google chrome fixed a minor security issue in libxslt:
Issue 73716: Leak of address of heap object via xslt generate-id() function
Upstream patch:
Package: libv8
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
chromium 10.0.648.127 fixed the following security issues in libv8:
# [$1000] [74675] High Invalid memory access in v8. Credit to Christian Holler.
Package: libv8
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
chromium 10.0.648.127 fixed the following security issues in libv8:
# [$1000] [74675] High Invalid memory access in v8. Credit to Christian Holler.
i386
Version: 10.0.648.114~r75702-1
Distribution: experimental
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium - Chromium browser
chromium-browser - Chromium browser
On 03/04/2011 04:38 PM, Michael Gilbert wrote:
I've built this in a squeeze chroot and a dedicated squeeze machine,
and all seems to go fine. A couple things could be going wrong. One
is that webkit needs about 3 GiB to build, so you may have run out of
disk space. The second is that webkit
On 03/04/2011 04:44 PM, Giuseppe Iuculano wrote:
The problem was the parallel build, I disabled it in my build system and
it works.
BTW It is not clear to me what we should do with the webkit version in
lenny.
Do we need an End-of-life announcement for it?
Cheers,
Giuseppe.
signature.asc
: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector
On 02/25/2011 08:48 PM, Michael Gilbert wrote:
It's been a couple days now since I uploaded this, and fedora's advisory
was released a week ago now [0]. Is there someone assigned as the
preparer for this DSA that I should be talking directly to?
I'm very busy in these days, but if no one can
On 02/21/2011 07:44 PM, Michael Gilbert wrote:
It makes life so much simpler if we can prepare one package for all
releases. I'd rather spend a lot of time upfront to solve the hard
infrastructure problem rather than have to deal with a bunch of
redundant work for every update.
You can't
On 02/21/2011 09:06 PM, Gustavo Noronha Silva wrote:
* If you want upload 1.2.7-1 there,you can upload 1.2.6-2+1.2.7-1 (or
something like 1.2.7-0+squeeze1 when wheezy has 1.2.7-1) to squeeze.
Guess we'll have to stick with 1.2.6+1.2.7-1 for the time being, then.
IMHO in this case there is
reassign 612876 libglib2.0-0
forcemerge 613381 612876
thanks
On 02/16/2011 12:24 PM, Jason Woofenden wrote:
Chromium is doing what it should (saying that it can handle the
http protocol.) The issue is a change in glib (in how it finds
url/mime handlers) which is not yet matched with an update
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2166-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
February 16, 2011
Distribution: stable-security
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector
Author: iuculano
Date: 2011-02-16 13:57:41 + (Wed, 16 Feb 2011)
New Revision: 16168
Modified:
data/DSA/list
Log:
DSA-2165-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-02-16 13:50:32 UTC (rev 16167)
+++
Author: iuculano
Date: 2011-02-16 15:01:18 + (Wed, 16 Feb 2011)
New Revision: 16169
Modified:
data/CVE/list
Log:
Chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2011-02-16 13:57:41 UTC (rev 16168)
Author: iuculano
Date: 2011-02-16 15:27:12 + (Wed, 16 Feb 2011)
New Revision: 16170
Modified:
data/CVE/list
Log:
Chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2011-02-16 15:01:18 UTC (rev 16169)
Author: iuculano
Date: 2011-02-16 15:50:43 + (Wed, 16 Feb 2011)
New Revision: 16171
Modified:
data/DSA/list
Log:
DSA-2166-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-02-16 15:27:12 UTC (rev 16170)
+++
: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector
Package: wnpp
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I haven't any fakeraid card anymore, so I request an adopter.
Description:
dmraid discovers, activates, deactivates and displays properties of software
RAID sets (eg, ATARAID) and contained DOS partitions.
dmraid
Package: wnpp
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I haven't any fakeraid card anymore, so I request an adopter.
Description:
dmraid discovers, activates, deactivates and displays properties of software
RAID sets (eg, ATARAID) and contained DOS partitions.
dmraid
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2166-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
February 16, 2011
Author: iuculano
Date: 2011-02-11 20:23:33 + (Fri, 11 Feb 2011)
New Revision: 16108
Modified:
data/CVE/list
Log:
wordpress 3.0.5 uploaded
Modified: data/CVE/list
===
--- data/CVE/list 2011-02-11 09:09:49 UTC (rev 16107)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 11 Feb 2011 17:50:40 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.5+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed
Hey Timo,
On 02/09/2011 04:42 PM, Timo Juhani Lindfors wrote:
chrome/common/metrics_helpers.cc:22:20: error: prtime.h: No such file or
directory
Have you installed libnspr4-dev?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Hey Timo,
On 02/09/2011 04:42 PM, Timo Juhani Lindfors wrote:
chrome/common/metrics_helpers.cc:22:20: error: prtime.h: No such file or
directory
Have you installed libnspr4-dev?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector
Package: chromium-bsu
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
now that Squeeze has been relased I'd like to rename chromium-browser to
chromium.
Could you please remove the chromium transitional package please?
Cheers,
Giuseppe.
-BEGIN PGP SIGNATURE-
Hi,
On 02/05/2011 12:30 AM, Kees Cook wrote:
Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
posting a debdiff for this issue. When a debdiff is available, members
of the security team will review it and publish
: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector
Hi Timo,
On 01/30/2011 01:57 PM, Timo Juhani Lindfors wrote:
the contents of src/v8 seems match what is in libv8. Would it be
possible to avoid compiling src/v8 if chromium-browser is anyway using
external libv8?
yes, the version in squeeze already compiles against libv8.
The next version in
Hi Timo,
On 01/30/2011 01:57 PM, Timo Juhani Lindfors wrote:
the contents of src/v8 seems match what is in libv8. Would it be
possible to avoid compiling src/v8 if chromium-browser is anyway using
external libv8?
yes, the version in squeeze already compiles against libv8.
The next version in
tags 611041 moreinfo unreproducible
thanks
On 01/25/2011 02:05 AM, brian m. carlson wrote:
If you need more information or for me to test something, please let me
know.
I can't reproduce this, please run chromium-browser --disable-plugins
blog.mozilla.com
Cheers,
Giuseppe.
signature.asc
Ciao David,
On 01/20/2011 08:01 PM, David Paleino wrote:
Would it be ok to upload it to NEW with the above?
All the embedded code is part of various plugins, and they need to be
compiled at the same time.
I'll wait for a reply before uploading to NEW.
No objections against uploading it,
Ciao David,
On 01/20/2011 08:01 PM, David Paleino wrote:
Would it be ok to upload it to NEW with the above?
All the embedded code is part of various plugins, and they need to be
compiled at the same time.
I'll wait for a reply before uploading to NEW.
No objections against uploading it,
Author: iuculano
Date: 2011-01-19 10:40:41 + (Wed, 19 Jan 2011)
New Revision: 15927
Modified:
data/CVE/list
Log:
chromium/webkit/libvpx issues
Modified: data/CVE/list
===
--- data/CVE/list 2011-01-19 09:14:46 UTC (rev
Package: libvpx
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libvpx.
CVE-2010-4489[0]:
| Google Chrome before 8.0.552.215 does not properly handle WebM video,
| which allows remote
Package: libvpx
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libvpx.
CVE-2010-4489[0]:
| Google Chrome before 8.0.552.215 does not properly handle WebM video,
| which allows remote
Package: libvpx
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libvpx.
CVE-2010-4489[0]:
| Google Chrome before 8.0.552.215 does not properly handle WebM video,
| which allows remote
: experimental
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
Hi,
On 01/15/2011 04:58 PM, Daniel Baumann wrote:
it would be nice if you could upload a snapshot of the 10.x version to
experimental.
Unfortunately I haven't the necessary resources to maintain the beta,
the dev channel and backport security fixes for squeeze.
Cheers,
Giuseppe.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package chromium-browser
chromium-browser (6.0.472.63~r59945-5) unstable; urgency=high
* Backported security
On 01/16/2011 03:46 PM, Julien Cristau wrote:
Don't these things have CVE IDs?
Not yet.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package chromium-browser
chromium-browser (6.0.472.63~r59945-5) unstable; urgency=high
* Backported security
On 01/16/2011 03:46 PM, Julien Cristau wrote:
Don't these things have CVE IDs?
Not yet.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
: unstable
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2143-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
January 14, 2011
Author: iuculano
Date: 2011-01-14 09:08:22 + (Fri, 14 Jan 2011)
New Revision: 15844
Modified:
data/DSA/list
Log:
DSA-2143-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-01-13 21:44:36 UTC (rev 15843)
+++
Author: iuculano
Date: 2011-01-14 09:17:59 + (Fri, 14 Jan 2011)
New Revision: 15846
Modified:
data/DSA/list
Log:
DSA-2143-1
Modified: data/DSA/list
===
--- data/DSA/list 2011-01-14 09:17:23 UTC (rev 15845)
+++
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2143-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
January 14, 2011
+lenny5
Distribution: stable-security
Urgency: high
Maintainer: Debian MySQL Maintainers pkg-mysql-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
libmysqlclient15-dev - MySQL database development files
libmysqlclient15off - MySQL database client library
On 01/01/2011 04:38 PM, Marek wrote:
is something wrong or am I misunderstanding something ?
Something was wrong, now it is fixed. Thanks for the notice.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 30 Dec 2010 14:47:40 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.4+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2138-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
December 29, 2010
Author: iuculano
Date: 2010-12-29 10:10:10 + (Wed, 29 Dec 2010)
New Revision: 15761
Modified:
data/CVE/list
Log:
wordpress in lenny is not vulnerable to the XML-RPC remote publishing issue
Modified: data/CVE/list
===
---
Author: iuculano
Date: 2010-12-29 14:51:20 + (Wed, 29 Dec 2010)
New Revision: 15762
Modified:
data/DSA/list
Log:
DSA-2138-1
Modified: data/DSA/list
===
--- data/DSA/list 2010-12-29 10:10:10 UTC (rev 15761)
+++
Author: iuculano
Date: 2010-12-29 16:08:32 + (Wed, 29 Dec 2010)
New Revision: 15763
Modified:
data/CVE/list
data/NMU/list
Log:
xfig NMUed
triaging mysql issues
opened bug for CVE-2010-3853
Modified: data/CVE/list
===
---
Author: iuculano
Date: 2010-12-29 16:27:52 + (Wed, 29 Dec 2010)
New Revision: 15764
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2010-12-29 16:08:32 UTC (rev 15763)
Author: iuculano
Date: 2010-12-29 18:11:31 + (Wed, 29 Dec 2010)
New Revision: 15765
Modified:
data/CVE/list
Log:
Filed some bugs
NFUs
CVE-2010-1707 is fixed
mysql triage
Modified: data/CVE/list
===
--- data/CVE/list
: experimental
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
-By: Giuseppe Iuculano iucul...@debian.org
Description:
xfig - Facility for Interactive Generation of figures under X11
xfig-doc - XFig on-line documentation and examples
xfig-libs - XFig image libraries and examples
Closes: 606257
Changes:
xfig (1:3.2.5.b-1.1) unstable; urgency=high
.
* Non
Package: pam
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomas Mraz pointed out that pam_namespace PAM module executes external
namespace.init script with an environment settings inherited form the program
or service that has pam_namespace configured.
@@ -1,3 +1,11 @@
+xfig (1:3.2.5.b-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fixed CVE-2010-4262: Stack-based buffer overflow by processing certain FIG
+images (Closes: #606257)
+
+ -- Giuseppe Iuculano iucul...@debian.org Wed, 29 Dec 2010 16:50:04
Package: tomcat6
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for tomcat6.
CVE-2010-4312[0]:
| The default configuration of Apache Tomcat 6.x does not include the
| HTTPOnly flag in a
Package: moon
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for moon.
CVE-2010-4254[0]:
| Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is
| used, does not properly
Package: eucalyptus
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for eucalyptus.
CVE-2010-3905[0]:
| The password reset feature in the administrator interface for
| Eucalyptus 2.0.0 and
Package: phpmyadmin
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for phpmyadmin.
CVE-2010-4480[0]:
| error.php in PhpMyAdmin 3.3.8.1, and other versions before
| 3.4.0-beta1, allows
On 12/23/2010 11:23 AM, Florian Weimer wrote:
The attached patch was tested with a 9750 controller and a 9500S
controller. Basic SMART functionality still works.
smartmontools 5.39.1+svn3124-2 uploaded with your patch, thanks.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital
Package: pam
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomas Mraz pointed out that pam_namespace PAM module executes external
namespace.init script with an environment settings inherited form the program
or service that has pam_namespace configured.
401 - 500 of 3350 matches
Mail list logo