On Mon, Feb 01, 2021 at 09:43:19AM +0100, Håvard Flaget Aasen wrote:
> Package: openscap
> Severity: important
> Version: 1.2.17-0.1
>
> Dear openscap maintainer,
>
[...]
>
> Please let me know if you are still willing to maintain this package.
> According to the criteria listed at [3], I will
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Although it is an upstream release, please unblock suricata 4.1.4-1 for
buster.
Suricata is an Intrusion Detection System (IDS), which makes it
exposed to malicious traffic by design. The
On Tue, Nov 06, 2018 at 02:02:06PM +0100, Arturo Borrero Gonzalez wrote:
> Control: forwarded -1 https://bugzilla.netfilter.org/show_bug.cgi?id=1290
>
> Hopefully next upstream release will contain a fix.
Hi,
Thanks Arturo.
After some more testing, it seems the bug would be less severe than it
Package: iptables
Version: 1.8.1-2
Severity: grave
Tags: security
Justification: breaks rules, inserts pass-all rules
X-Debbugs-Cc: t...@security.debian.org,
secure-testing-t...@lists.alioth.debian.org
Hi,
The debian package for iptables now transparently converts inserted
rules to nftables,
close 897465 1.1.8-2
done
On Thu, May 03, 2018 at 11:55:18AM +0200, Lucas Nussbaum wrote:
> On 03/05/18 at 11:22 +0200, Pierre Chifflier wrote:
> > tags 897465 - moreinfo unreproducible
> > severity 897465 normal
> > thanks
> >
> > Hi Lucas,
> >
tags 897465 - moreinfo unreproducible
severity 897465 normal
thanks
Hi Lucas,
I cannot reproduce this FTBFS here (in pbuilder), nor in a porter box.
However, I just uploaded sagan-1.1.8-2, where a build-dep was missing.
These issues may be related (though I don't see how). Can you test again
Package: wnpp
Severity: normal
Hi,
I have no more time to maintain ocsinventory, so I'm RFA-ing this
package.
Adoption is planned by the Debian-Perl group.
Pierre
Package: wnpp
Severity: normal
Hi,
I have no more time to maintain ocsinventory, so I'm RFA-ing this
package.
Adoption is planned by the Debian-Perl group.
Pierre
Package: libgetopt-ocaml-dev
Version: 0.0.20040811-10+b6
Hi,
When compiling a program using getopt, ocaml complains the cmx file is missing:
File "_none_", line 1:
Warning 58: no cmx file was found in path for module Getopt, and its
interface was not compiled with -opaque
File "src/main.ml",
On 09/25/2017 01:00 AM, Manuel A. Fernandez Montecelo wrote:
>
> I am submitting an NMU to delayed/15, debdiff attached, with the
> combined patches (please Helmut double-check if this is the final form
> that it was intended).
>
> If you want me to cancel the NMU just ask.
>
> (BTW, I checked
Package: ftp.debian.org
Severity: normal
Hi,
Please remove nuapplet from the archive. There is no upstream since a
long time, Qt4 is going to be removed and it's popcon is low.
This package depends on src:nufw, also to be removed (See #875420)
Thanks!
Package: ftp.debian.org
Severity: normal
Hi,
Please remove nufw from the archive. There is no upstream since a
long time, Qt4 is going to be removed and it's popcon is low.
Thanks!
On Thu, Nov 17, 2016 at 07:47:56PM -0500, Hon Ching(Vicky) Lo wrote:
> On Thu, 2016-11-17 at 16:29 -0500, Hon Ching(Vicky) Lo wrote:
> > Hi
> >
> > The patch is upstream:
> > https://sourceforge.net/p/trousers/tpm-tools/ci/6fb8a3c5ad3bc6e62f6895a4fcf3540faa29b4f2/
> >
> >
> > Thanks,
> > Vicky
On 11/18/2016 01:46 AM, Hon Ching(Vicky) Lo wrote:
> On Thu, 2016-11-17 at 14:18 -0500, Hon Ching(Vicky) Lo wrote:
>> The patch that supports OpenSSL 1.1 (backward-compatible) is upstream:
>> https://sourceforge.net/p/trousers/trousers/ci/05411ea68746acbaf4e69295be50b9a47cddb2fd/
>>
>>
>> Vicky
>
On 09/07/2016 12:15 PM, Robert Haist wrote:
> Package: suricata
> Version: 3.1.1-4
>
> It might be a security improvement to let suricata run with non-root
> privileges and a special permission for the provided capture modes.
> Running as root might be a problem if a protocol parser or some other
On Mon, Aug 08, 2016 at 11:13:51PM +0200, Michael Biebl wrote:
>
> You've enabled Werror. Probably because you've built directly inside the
> git directory. In this case, --enable-compile-warnings= defaults to
> error. I use git buildpackage, which uses a git export in a separate
> build
On 08/07/2016 11:07 AM, Michael Biebl wrote:
> Source: liblognorm
> Version: 1.1.2-1.1
> Severity: important
> Tags: patch
>
> Hi Pierre!
>
> The latest rsyslog version in Debian is quite outdated. The reason is,
> that newer versions require libfastjson instead of json-c.
>
> I've already
On 07/15/2016 01:11 AM, Helmut Grohne wrote:
> Source: libcap-ng
> Version: 0.7.7-3
> Severity: wishlist
> Tags: patch
>
> Hi,
>
> libcap-ng is part of the build-closure of essential and thus needs to be
> able to be cross built. On the other hand, cross building python
> extensions is currenty
On 04/04/2016 07:57 PM, Ben Hutchings wrote:
> Package: sbsigntool
> Version: 0.6-2
> Severity: normal
>
> It looks like sbsigntool is intended to work cross-architecture, e.g.
> an i386 build can operate on an amd64 executable. If this is the
> case, please add 'Multi-Arch: foreign' to its
On 03/24/2016 09:38 AM, Yves-Alexis Perez wrote:
> control: affects -1 suricata
> On jeu., 2016-03-24 at 07:20 +0100, Florian Weimer wrote:
>> * Hilko Bengen:
>>
>>>
>>> the original report may not have been 100% clear on this, but the bug is
>>> the main cause of a vulnerability in Suricata (a
On Wed, Feb 24, 2016 at 09:08:58PM -0500, Mathieu Trudel-Lapierre wrote:
> Package: wnpp
> Severity: wishlist
> Owner: "Mathieu Trudel-Lapierre"
>
> * Package name: tpm2-tss
> Version : 0.9.8
> Upstream Author : Will Arthur
> * URL
On Sat, Jan 16, 2016 at 01:56:36PM +0100, Sylvestre Ledru wrote:
> Le 11/01/2016 20:56, Pierre Chifflier a écrit :
> > tags 783919 +patch
> > thanks
> >
> > On Thu, Nov 26, 2015 at 01:33:19PM +0100, Sylvestre Ledru wrote:
> >> I will be happy to apply a patch if
tags 783919 +patch
thanks
On Thu, Nov 26, 2015 at 01:33:19PM +0100, Sylvestre Ledru wrote:
> I will be happy to apply a patch if you have any.
>
Hi Sylvestre,
Here is a patch for llvm-toolchain-3.6. It is now possible to build it
with the bindings enabled, since ocaml-ctypes >= 0.4 has
On 01/06/2016 11:49 AM, Thijs Kinkhorst wrote:
> Package: websvn
> Severity: serious
>
> I propose to remove websvn from Debian.
>
> The package is unmaintained with last maintainer upload in 2011. There was
> also
> no response to a security issues which I fixed in an NMU one year ago. I then
block 783919 by 792657
thanks
Hi,
The OCaml transition [1] seems now complete, which means that the
findlib transition (and in turn, the ugrade to ctypes >= 0.4) is
possible.
Could you consider updating these packages ? I am trying to get the
LLVM-OCaml bindings back in Debian [2], but a recent
Hi Sylvestre,
Do you have any news on this issue (#783919) ? What are the missing
packages, and if there is any hope to have working ocaml-llvm bindings
again in Debian ?
Building an entire LLVM compiler is really annoying, when I miss only
the bindings :/
Cheers,
Pierre
retitle 702255 ITP: efitools -- Tools to manipulate EFI secure boot keys and
signatures
owner 702255 !
block 702255 by 702254
thanks
Hi,
I've finally managed to get some time to work again on this ITP.
I've uploaded the sbsigntool package to NEW (See #702254), which is
required to build
tags 702254 + pending
thanks
Hi,
I finally got some time to work on the package again, and fix it
according to the answers from FTPmasters.
I'll upload it to NEW.
Cheers,
Pierre
Package: libllvm-3.6-ocaml-dev
Version: 1:3.6-2
Severity: important
Dear Maintainer,
The current package libllvm-3.6-ocaml-dev from sid is empty, and does
not contain the /usr/lib/ocaml/llvm-3.6/ directory and contents.
Regards,
Pierre
--
To UNSUBSCRIBE, email to
severity 766136 normal
tags 766136 + moreinfo unreproducible
thanks
On Tue, Oct 21, 2014 at 07:46:20AM +0100, David Halls wrote:
I tried 'import capng' from Python, failed to import.
Traced the problem down to libcap-ng's build has an error.
See
On Tue, Apr 21, 2015 at 08:39:16AM +0200, Raphael Hertzog wrote:
Hi,
On Mon, 20 Apr 2015, Hilko Bengen wrote:
* Raphaël Hertzog:
But libhtp is already packaged separately. Embedded copy are best
avoided and to me it looks like #777040 got fixed the wrong way.
libhtp should be
On Mon, Feb 09, 2015 at 10:42:26PM +0100, Arturo Borrero Gonzalez wrote:
On 9 February 2015 at 15:05, Pierre Chifflier pol...@debian.org wrote:
This bug is solved by the next (pending) uploading, to be validated by
the release team.
I have a some questions:
* How this could happen
tags 772551 + pending
block 772551 by 777042
thanks
Hi,
This bug is solved by the next (pending) uploading, to be validated by
the release team.
The two bug reports for the unblock requests are:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777040 (libhtp)
severity 772685 normal
thanks
Hi,
While it's true the packaging is late (mainly due to the fact that
upstream completely changed the relation with libee/liblogorm, and that
the released versions did not compile because the autotools files were
broken), the severity of this bug is absolutely not
and issue a warning if not matching the tss
+ user.
+- Do not try to change uid before running tcsd, the daemon already changes
+ its uid just after starting.
+ * Urgency high, RC bug
+
+ -- Pierre Chifflier pol...@debian.org Tue, 04 Nov 2014 15:11:08 +0100
+
trousers (0.3.13-2
severity 767690 normal
tags 767690 + unreproducible moreinfo
thanks
Hi,
I tried for a few days to reproduce the bug on different hosts, without
any luck. I'm therefore lowering the severity to normal, until having
more information.
Preparing to unpack .../trousers_0.3.13-2_amd64.deb ...
severity 767690 serious
tags 767690 - moreinfo unreproducible
thanks
On Mon, Nov 03, 2014 at 09:45:13PM +0100, Andreas Beckmann wrote:
On 2014-11-03 21:40, Pierre Chifflier wrote:
I tried for a few days to reproduce the bug on different hosts, without
did you try chroots, not real machines
On Mon, Aug 25, 2014 at 11:15:14AM +0200, Svante Signell wrote:
Attached is also a build dependency on quilt in debian/control. I don't
know if this is strictly needed, but is included for completeness. The
source directory does not have a debian/patches directory since no
patches are present
On Mon, Jul 14, 2014 at 01:15:26PM +0200, Svante Signell wrote:
Source: libbfio
Version: 20130507-1
Severity: important
Tags: patch
User: debian-h...@lists.debian.org
Usertags: hurd
Hello,
libbfio fails to build from source due to usage of PATH_MAX,which is not
defined on GNU/Hurd.
Hi Alexandr,
Bug #736309:
libnetfilter-queue-{dev, dbg}: unhandled symlink to directory conversion:
/usr/share/doc/PACKAGE
is marked as serious, and is causing several packages (in my cast,
suricata and nfqueue-bindings) to be scheduled for autoremove.
Do you plan to upload a fixed version ?
Hi,
It seems the script to generate OVAL definitions is broken. As the
maintainer of openscap, I would like to give a try to update the script
and make the definitions work again.
Is it possible to access the script ? If so, where ?
Thanks,
Pierre
--
To UNSUBSCRIBE, email to
On Wed, Feb 19, 2014 at 10:05:01AM +0100, Didier Raboud wrote:
Package: trousers
Version: 0.3.11.2-1
Severity: important
Unfortunately, trousers doesn't configure (in dpkg terms) correctly as
it's init script fails to start with the following error. (I'm using
systemd as init):
Hi,
On Tue, Jan 14, 2014 at 03:51:27PM +0200, Niko Tyni wrote:
On Tue, Apr 23, 2013 at 09:21:39PM +0200, Axel Beckert wrote:
Chris Knadle wrote:
I would be really happy if I would be able to use p0f in Debian to
inform XP users that their OS will be EoL soon. :-)
For that I
Package: ftp.debian.org
Severity: normal
Hi,
Please remove wzdftpd from Debian. Upstream is dead since a long time, and
it has bugs.
Regards,
Pierre
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Package: ftp.debian.org
Severity: normal
Hi,
Please remove nulog from Debian. Upstream is dead since a long time, and
it has bugs (including RC) because it does not work with current twisted
version.
Regards,
Pierre
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a
Package: cookiecutter
Version: 0.6.4-1
Severity: wishlist
Dear Maintainer,
Could you update cookiecutter to the latest upstream version (0.7.0) ?
It fixes several bugs and add new features.
Thanks,
Pierre
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
Package: swig2.0
Version: 2.0.10-1
Severity: normal
Hi,
Since some version (I cannot tell which one precisely, but I think
~ 2.0.8), the file swigp4.ml is not shipped anymore in the ocaml
bindings. This file is required and should be added again.
Regards,
Pierre
--
To UNSUBSCRIBE, email to
Package: ftp.debian.org
Severity: normal
Hi,
Due to some problems with building openscap on kfreebsd-*, I had to
upload a new version disabling these architectures. Version 0.9.8-2,
currently in unstable, is currently not transitioning because of the old
binaries for kfreebsd-* [1].
Can you
On Tue, Aug 20, 2013 at 03:23:33PM +0200, gregor herrmann wrote:
On Mon, 12 Aug 2013 16:46:41 +0200, Dominic Hargreaves wrote:
This bug still appears to exist in unstable, and since glibc 2.16 is
now in unstable, should probably be upgraded. It also blocks the perl
5.18 transition which
On Thu, May 16, 2013 at 12:21:15AM +0200, Michael Biebl wrote:
Hi,
I'd like to proceed with the removal of libnl1 soon.
What's the current status of this bug report?
Hi Michael,
This is currently in progress, but I need a few more days I think. The
package for openscap has been
On Tue, Apr 23, 2013 at 05:23:44PM +0200, Axel Beckert wrote:
Control: tag -1 + patch
Hi Pierre,
Hi Axel,
Please give me some time to look at the your package, I have currently
only few time because of my work.
I may also need to merge your work, as I previously had a git repository
with v3,
Package: wnpp
Severity: wishlist
Owner: Pierre Chifflier pol...@debian.org
* Package name: sbsigntool
Version : 0.6
Upstream Author : Jeremy Kerr jeremy.k...@canonical.com
* URL : http://packages.ubuntu.com/quantal/sbsigntool
* License : GPL-3+ with OpenSSL
Package: wnpp
Severity: wishlist
Owner: Pierre Chifflier pol...@debian.org
* Package name: efitools
Version : 1.4.0
Upstream Author : James Bottomley jbottom...@parallels.com
* URL : http://blog.hansenpartnership.com/uefi-secure-boot/
* License : GPLv2
On Sun, Mar 03, 2013 at 04:17:46PM +0100, Pierre Chifflier wrote:
Hi Julien,
I am maintaining the Debian packages for DFF, an open source forensics
application and framework.
The new version of dff requires a dependency on libbfio, and I saw you
have filled an ITP (#650842) for it. Since
Hi Julien,
I am maintaining the Debian packages for DFF, an open source forensics
application and framework.
The new version of dff requires a dependency on libbfio, and I saw you
have filled an ITP (#650842) for it. Since it have some packages ready
here, I would like to know if you are still
Hi,
I am maintaining the Debian packages for DFF, an open source forensics
application and framework.
The new version of dff requires a dependency on libpff, and I saw an
ITP is already filled (#575358) for it.
Since I have some packages ready here, I would like to know if anyone is
working on
On Thu, Feb 21, 2013 at 08:33:16PM +, Adam D. Barratt wrote:
Control: tags -1 + moreinfo
On Tue, 2013-02-19 at 23:21 +0100, Pierre Chifflier wrote:
Please unblock package trousers
Upload 0.3.9-3+wheezy1 fixes a serious bug which causes installation of
trousers to fail in some
On Sat, Jan 26, 2013 at 01:39:57PM +0100, Niels Thykier wrote:
Control: tags -1 moreinfo
On 2013-01-25 18:57, Christian PERRIER wrote:
Quoting Pierre Chifflier (pol...@debian.org):
I will indeed remove the files from the source. I just did a minimal
diff for the inclusion in testing
:17.0 +0200
+++ trousers-0.3.9/debian/changelog 2013-02-19 22:56:59.0 +0100
@@ -1,3 +1,10 @@
+trousers (0.3.9-3+wheezy1) stable-proposed-updates; urgency=low
+
+ * Reload udev rules before triggering event during postinst
+(Closes: #581505)
+
+ -- Pierre Chifflier pol...@debian.org Mon, 18
package, the embedded one
+contains a flash file built with a vulnerable version of yui (charts.swf).
+(Closes: #694642)
+ * Urgency high, this is a RC bug
+
+ -- Pierre Chifflier pol...@debian.org Fri, 25 Jan 2013 11:37:09 +0100
+
glpi (0.83.31-1) unstable; urgency=medium
* Imported
On Fri, Jan 25, 2013 at 12:20:36PM +0100, Niels Thykier wrote:
Control: tags -1 moreinfo
On 2013-01-25 11:51, Pierre Chifflier wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package glpi
On Sun, Jan 06, 2013 at 02:05:21PM +0100, Andreas Metzler wrote:
Package: trousers
Version: 0.3.10-1
Hello,
afaict the binaries in the trousers package are not distributable. They
are GPLv2+ licensed but link against against a CPL library (libtspi1).
According to
Sorry for the late reply. This seems to have fallen through the cracks
and I'm currently catching up with old mail.
I think this doesn't warrant a DSA, but could you fix this through
a stable point update?
http://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable
On Sat, Nov 17, 2012 at 03:00:04PM +0100, Yves-Alexis Perez wrote:
On sam., 2012-11-17 at 11:30 +0100, Pierre Chifflier wrote:
Hi Security Team,
I'm forwarding this email to ask for review on the correction for
CVE-2012-0698 in stable (other versions are not affected).
Hey
tags 692268 + unreproducible
thanks
On Sun, Nov 04, 2012 at 01:44:43PM +0100, Bruno Filipe Oliveira Ramos wrote:
Package: vym
Version: 2.3.3-1
Severity: important
Tags: l10n
Dear Maintainer,
there seems to be a problem when adding accented characters to the mind map.
If you type the
(CVE-2012-0698)
+Closes: #692649
+
+ -- Pierre Chifflier pol...@debian.org Thu, 08 Nov 2012 22:08:58 +0100
+
trousers (0.3.5-2) unstable; urgency=low
* QA upload.
diff -Nru trousers-0.3.5/debian/patches/04-security-cve-2012-0698.patch trousers-0.3.5/debian/patches/04-security-cve-2012-0698
On Tue, Oct 30, 2012 at 06:21:07PM +0100, Moritz Muehlenhoff wrote:
On Sun, Oct 21, 2012 at 10:57:38PM +0200, Arthur de Jong wrote:
On Tue, 2012-10-02 at 14:37 +0200, Moritz Muehlenhoff wrote:
Please see the thread starting at
http://www.openwall.com/lists/oss-security/2012/09/07/2
for
On Mon, Jul 30, 2012 at 02:49:50PM +0200, Niels Thykier wrote:
On 2012-07-23 10:56, Pierre Chifflier wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
GLPI 0.83.31 (micro-fix based on 0.83.3) is an important
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
GLPI 0.83.31 (micro-fix based on 0.83.3) is an important security
release, fixing two CVEs:
CVE-2012-4002:
Bug #3704: CSRF prevention step 1
Bug #3707: CSRF prevention step 2
On Sat, Jul 21, 2012 at 12:23:03PM +0200, Julien Cristau wrote:
On Thu, Jul 5, 2012 at 21:25:38 +0200, Pierre Chifflier wrote:
+# kill tcsd (and any other process owned by the tss user)
+killall -u tss 2/dev/null || true
Why is this necessary, and what happens
) unstable; urgency=low
+
+ * Add workaround for upgrade failure for versions before 0.3.8-3
+(Closes: #679621)
+
+ -- Pierre Chifflier pol...@debian.org Wed, 04 Jul 2012 21:57:22 +0200
+
trousers (0.3.9-1) unstable; urgency=low
* Imported Upstream version 0.3.9
diff -Nru trousers-0.3.9
On Thu, Jul 05, 2012 at 10:01:08AM +0200, Pierre Chifflier wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package trousers
This version fixes an annoying bug which prevents upgrades or removal
from
On Thu, Jul 05, 2012 at 09:17:59PM +0200, Pierre Chifflier wrote:
I've attached a full debdiff (modifications of both packages).
Here it is
diff -Nru trousers-0.3.9/debian/changelog trousers-0.3.9/debian/changelog
--- trousers-0.3.9/debian/changelog 2012-06-18 22:22:21.0 +0200
fixed 647946 1.0.0-2
close 647946
thanks
Hi,
The installation fails because the profile for prelude-lml does not
exist.
The bug was fixed after Squeeze (See #616178) and documented in the
README.Debian file:
Profile
---
A Prelude profile must be created for prelude-lml.
To create it, run
Hi,
I have merged the patch from Alban Browaeys (thanks to him for writing
it) in version 0.6.6-2, just uploaded a few moments ago.
Thanks,
Pierre
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: ftp.debian.org
Severity: normal
Hi,
Please remove esvn from unstable. Upstream is dead since 2010, and there
is no Qt4 version.
Thanks,
Pierre
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Package: paxctl
Version: 0.6-1
Severity: normal
Hi,
Upstream version 0.7 was released for a while now, and fixes some
problems with the -C option.
Please upgrade to version 0.7, available at
http://pax.grsecurity.net/paxctl-0.7.tar.bz2
Cheers,
Pierre
--
To UNSUBSCRIBE, email to
tags 666330 + moreinfo unreproducible
severity 666330 normal
thanks
On Fri, Mar 30, 2012 at 11:21:15AM +0200, Lucas Nussbaum wrote:
Source: suricata
Version: 1.2.1-1
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20120330 qa-ftbfs qa-ftbfs-buildarch
Hi,
Two security issues have been reported in phpCAS, which is embedded in
glpi:
http://seclists.org/oss-sec/2012/q1/551
I'm following this information so you can check if the embedded copy
needs an update, since you are also distributing it in the standard
tarball.
Note that in the Debian
Salut,
J'ai essayé d'envoyer le mail qui suit, mais il a été refusé par le
serveur de ML (je ne suis pas inscrit avec la bonne adresse ..). Je le
transmet donc directement, en attendant de m'inscrire.
A+,
Pierre
Hi,
Two security issues have been reported in phpCAS, which is embedded in
glpi:
On Fri, Feb 10, 2012 at 05:51:28PM +0100, Moritz Muehlenhoff wrote:
Package: glpi
Severity: important
Tags: security
Please see
http://permalink.gmane.org/gmane.comp.security.full-disclosure/84497
Hi,
I've prepared the package for unstable and will upload it just after
sending this
retitle 652756 sslsniff: does not build with boost 1.48
severity 652756 normal
thanks
Hi,
This was caused by the temporary upload of boost-dev defaulting to 1.48,
which was reverted to 1.46 (so not affecting the current version anymore).
I'm keeping the bug open to track the compatibility with
Package: wnpp
Severity: wishlist
Owner: Pierre Chifflier pol...@debian.org
* Package name: tpm-tools
Version : 1.3.7
Upstream Author : Kent Yoder shpedoi...@gmail.com
* URL : http://trousers.sourceforge.net/
* License : CPL (http://www.opensource.org/licenses
On Mon, Nov 21, 2011 at 04:29:10PM +1100, Dmitry Smirnov wrote:
Recently I did some work on the package which I believe solve this problem.
However it have been 12 days since I wrote to maintainer but got no
reply so far.
To get this work some visibility I put my changes to
On Sat, Nov 19, 2011 at 10:18:15PM +0100, Leo Iannacone wrote:
Some news? :)
Hi,
This bug had somehow disappeared in my mailbox. This is now fixed in
0.8-2.
Cheers,
Pierre
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
close 648675
thanks
On Mon, Nov 14, 2011 at 12:18:19AM +0100, J.Pietschmann wrote:
Package: ocsinventory-server
Version: 2.0.2-2
Severity: important
Tags: upstream
Dear Maintainer,
the ocsinventory server wont work with fusioninventory-agent since the upgrade
to 2.0 in wheezy, this
On Thu, Nov 03, 2011 at 04:36:31PM +0100, Nils Olav Fossum wrote:
Hi,
I just wonder if there is any news on getting the ulogd2 package into debian.
Hi,
Thanks for raising this bug report .. I had tons of stuff to do, and
left the ulogd packages for too long.
I have started again some work
On Mon, Oct 17, 2011 at 01:20:53PM +0200, Ralf Treinen wrote:
Package: libopenscap0,libopenscap1
Version: libopenscap0/0.7.3-1
Version: libopenscap1/0.8.0-1
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite
Date: 2011-10-17
Architecture: amd64
Distribution: sid
On Mon, Oct 17, 2011 at 02:39:52PM +0200, Julien Cristau wrote:
On Mon, Oct 17, 2011 at 14:13:03 +0200, Pierre Chifflier wrote:
On Mon, Oct 17, 2011 at 01:20:53PM +0200, Ralf Treinen wrote:
Package: libopenscap0,libopenscap1
Version: libopenscap0/0.7.3-1
Version: libopenscap1/0.8.0-1
Package: wnpp
Severity: wishlist
Owner: Pierre Chifflier pol...@debian.org
* Package name: dff
Version : 1.2.0
Upstream Author : ArxSys
* URL : http://www.digital-forensic.org/
* License : GPLv2
Programming Lang: C and Python
Description : A powerful
Source: zsh
Severity: normal
Tags: patch
User: debian...@lists.debian.org
Usertags: hardening
Hardening options is a proposed release goal for Wheezy [1].
Having important package compiled with the hardening options will add
various protections against issues such as stack smashing, predictable
Source: tcsh
Severity: normal
Tags: patch
User: debian...@lists.debian.org
Usertags: hardening
Hardening options is a proposed release goal for Wheezy [1].
Having important package compiled with the hardening options will add
various protections against issues such as stack smashing, predictable
Source: aiccu
Severity: normal
Tags: patch
User: debian...@lists.debian.org
Usertags: hardening
Hardening options is a proposed release goal for Wheezy [1].
Having important package, interpreters and daemons compiled with the
hardening options will add various protections against issues such as
Package: dpkg
Version: 1.16.1
Severity: normal
Hi,
When using the following Makefile snippet:
DEB_BUILD_MAINT_OPTIONS = hardening=+pie,+bindnow
export DEB_BUILD_MAINT_OPTIONS
-include /usr/share/dpkg/buildflags.mk
export CFLAGS LDFLAGS
The variable DEB_BUILD_MAINT_OPTIONS is not used, and the
Source: isc-dhcp
Severity: normal
Tags: patch
User: debian...@lists.debian.org
Usertags: hardening
Hardening options is a proposed release goal for Wheezy [1].
Having important package, interpreters and daemons compiled with the
hardening options will add various protections against issues such
Source: openldap
Severity: normal
Tags: patch
User: debian...@lists.debian.org
Usertags: hardening
Hardening options is a proposed release goal for Wheezy [1].
Having important package, interpreters and daemons compiled with the
hardening options will add various protections against issues such
Source: amanda
Severity: normal
Tags: patch
User: debian...@lists.debian.org
Usertags: hardening
Hardening options is a proposed release goal for Wheezy [1].
Having important package, interpreters and daemons compiled with the
hardening options will add various protections against issues such as
On Wed, Oct 05, 2011 at 01:26:47PM -0700, Steve Langasek wrote:
tags 644427 - patch
thanks
On Wed, Oct 05, 2011 at 09:10:57PM +0200, Pierre Chifflier wrote:
--- openldap-2.4.25.orig/debian/rules 2011-10-05 18:56:46.0
+0200
+++ openldap-2.4.25/debian/rules2011-10-05
+
+Author: Pierre Chifflier
+Description: Fix build error with -Werror=format-security hardening flag.
+
+diff -ruN bash-4.1.orig/print_cmd.c bash-4.1/print_cmd.c
+--- bash-4.1.orig/print_cmd.c 2009-09-16 21:32:26.0 +0200
bash-4.1/print_cmd.c 2011-09-16 11:38:40.0 +0200
+@@ -1374,7
Package: vsftpd
Version: 2.3.4-1
Severity: normal
Tags: patch
Hardening options is a proposed release goal for Wheezy [1].
vsftpd is a FTP daemon aiming at security, so having its package
compiled with the hardening options seems really like a
good idea.
I have rebuilt the package with
1 - 100 of 287 matches
Mail list logo