Bug#981545: ITS: openscap

On Mon, Feb 01, 2021 at 09:43:19AM +0100, Håvard Flaget Aasen wrote: > Package: openscap > Severity: important > Version: 1.2.17-0.1 > > Dear openscap maintainer, > [...] > > Please let me know if you are still willing to maintain this package. > According to the criteria listed at [3], I will

Bug#928294: unblock: suricata/4.1.4-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Although it is an upstream release, please unblock suricata 4.1.4-1 for buster. Suricata is an Intrusion Detection System (IDS), which makes it exposed to malicious traffic by design. The

Bug#912977: iptables: nftables layer breaks ipsec/policy keyword

On Tue, Nov 06, 2018 at 02:02:06PM +0100, Arturo Borrero Gonzalez wrote: > Control: forwarded -1 https://bugzilla.netfilter.org/show_bug.cgi?id=1290 > > Hopefully next upstream release will contain a fix. Hi, Thanks Arturo. After some more testing, it seems the bug would be less severe than it

Bug#912977: iptables: nftables layer breaks ipsec/policy keyword

Package: iptables Version: 1.8.1-2 Severity: grave Tags: security Justification: breaks rules, inserts pass-all rules X-Debbugs-Cc: t...@security.debian.org, secure-testing-t...@lists.alioth.debian.org Hi, The debian package for iptables now transparently converts inserted rules to nftables,

Bug#897465: sagan: FTBFS: ./conftest.c:120: undefined reference to `strlcat'

close 897465 1.1.8-2 done On Thu, May 03, 2018 at 11:55:18AM +0200, Lucas Nussbaum wrote: > On 03/05/18 at 11:22 +0200, Pierre Chifflier wrote: > > tags 897465 - moreinfo unreproducible > > severity 897465 normal > > thanks > > > > Hi Lucas, > >

Bug#897465: sagan: FTBFS: ./conftest.c:120: undefined reference to `strlcat'

tags 897465 - moreinfo unreproducible severity 897465 normal thanks Hi Lucas, I cannot reproduce this FTBFS here (in pbuilder), nor in a porter box. However, I just uploaded sagan-1.1.8-2, where a build-dep was missing. These issues may be related (though I don't see how). Can you test again

Bug#895426: RFA: ocsinventory-agent -- Hardware and software inventory tool (client)

Package: wnpp Severity: normal Hi, I have no more time to maintain ocsinventory, so I'm RFA-ing this package. Adoption is planned by the Debian-Perl group. Pierre

Bug#895424: RFA: ocsinventory-server -- Hardware and software inventory tool (Communication Server)

Package: wnpp Severity: normal Hi, I have no more time to maintain ocsinventory, so I'm RFA-ing this package. Adoption is planned by the Debian-Perl group. Pierre

Bug#892363: missing cmx file

Package: libgetopt-ocaml-dev Version: 0.0.20040811-10+b6 Hi, When compiling a program using getopt, ocaml complains the cmx file is missing: File "_none_", line 1: Warning 58: no cmx file was found in path for module Getopt, and its interface was not compiled with -opaque File "src/main.ml",

Bug#831362: Bug#840848: libcap-ng FTCBFS: wrong python dependencies

On 09/25/2017 01:00 AM, Manuel A. Fernandez Montecelo wrote: > > I am submitting an NMU to delayed/15, debdiff attached, with the > combined patches (please Helmut double-check if this is the final form > that it was intended). > > If you want me to cancel the NMU just ask. > > (BTW, I checked

Bug#875437: RM: nuapplet -- ROM; Dead upstream, needs Qt4, low popcon

Package: ftp.debian.org Severity: normal Hi, Please remove nuapplet from the archive. There is no upstream since a long time, Qt4 is going to be removed and it's popcon is low. This package depends on src:nufw, also to be removed (See #875420) Thanks!

Bug#875420: RM: nufw -- ROM; Dead upstream, needs Qt4, low popcon

Package: ftp.debian.org Severity: normal Hi, Please remove nufw from the archive. There is no upstream since a long time, Qt4 is going to be removed and it's popcon is low. Thanks!

Bug#828577: The patch is upstream

On Thu, Nov 17, 2016 at 07:47:56PM -0500, Hon Ching(Vicky) Lo wrote: > On Thu, 2016-11-17 at 16:29 -0500, Hon Ching(Vicky) Lo wrote: > > Hi > > > > The patch is upstream: > > https://sourceforge.net/p/trousers/tpm-tools/ci/6fb8a3c5ad3bc6e62f6895a4fcf3540faa29b4f2/ > > > > > > Thanks, > > Vicky

Bug#828579: The patch is upstream

On 11/18/2016 01:46 AM, Hon Ching(Vicky) Lo wrote: > On Thu, 2016-11-17 at 14:18 -0500, Hon Ching(Vicky) Lo wrote: >> The patch that supports OpenSSL 1.1 (backward-compatible) is upstream: >> https://sourceforge.net/p/trousers/trousers/ci/05411ea68746acbaf4e69295be50b9a47cddb2fd/ >> >> >> Vicky >

Bug#836929: suricata should drop root privileges when running

On 09/07/2016 12:15 PM, Robert Haist wrote: > Package: suricata > Version: 3.1.1-4 > > It might be a security improvement to let suricata run with non-root > privileges and a special permission for the provided capture modes. > Running as root might be a problem if a protocol parser or some other

Bug#833628: Please package latest upstream version based on liblognorm

On Mon, Aug 08, 2016 at 11:13:51PM +0200, Michael Biebl wrote: > > You've enabled Werror. Probably because you've built directly inside the > git directory. In this case, --enable-compile-warnings= defaults to > error. I use git buildpackage, which uses a git export in a separate > build

Bug#833628: Please package latest upstream version based on libfastjson

On 08/07/2016 11:07 AM, Michael Biebl wrote: > Source: liblognorm > Version: 1.1.2-1.1 > Severity: important > Tags: patch > > Hi Pierre! > > The latest rsyslog version in Debian is quite outdated. The reason is, > that newer versions require libfastjson instead of json-c. > > I've already

Bug#831362: support building libcap-ng without python extensions

On 07/15/2016 01:11 AM, Helmut Grohne wrote: > Source: libcap-ng > Version: 0.7.7-3 > Severity: wishlist > Tags: patch > > Hi, > > libcap-ng is part of the build-closure of essential and thus needs to be > able to be cross built. On the other hand, cross building python > extensions is currenty

Bug#820002: Should be Multi-Arch: foreign

On 04/04/2016 07:57 PM, Ben Hutchings wrote: > Package: sbsigntool > Version: 0.6-2 > Severity: normal > > It looks like sbsigntool is intended to work cross-architecture, e.g. > an i386 build can operate on an amd64 executable. If this is the > case, please add 'Multi-Arch: foreign' to its

Bug#819050: Please leave the severity at serious, this bug is a security issue.

On 03/24/2016 09:38 AM, Yves-Alexis Perez wrote: > control: affects -1 suricata > On jeu., 2016-03-24 at 07:20 +0100, Florian Weimer wrote: >> * Hilko Bengen: >> >>> >>> the original report may not have been 100% clear on this, but the bug is >>> the main cause of a vulnerability in Suricata (a

Bug#815846: ITP: tpm2-tss -- TPM (Trusted Platform Module) 2.0 Software Stack

On Wed, Feb 24, 2016 at 09:08:58PM -0500, Mathieu Trudel-Lapierre wrote: > Package: wnpp > Severity: wishlist > Owner: "Mathieu Trudel-Lapierre" > > * Package name: tpm2-tss > Version : 0.9.8 > Upstream Author : Will Arthur > * URL

Bug#783919: news on ocaml-llvm bindings ?

On Sat, Jan 16, 2016 at 01:56:36PM +0100, Sylvestre Ledru wrote: > Le 11/01/2016 20:56, Pierre Chifflier a écrit : > > tags 783919 +patch > > thanks > > > > On Thu, Nov 26, 2015 at 01:33:19PM +0100, Sylvestre Ledru wrote: > >> I will be happy to apply a patch if

Bug#783919: news on ocaml-llvm bindings ?

tags 783919 +patch thanks On Thu, Nov 26, 2015 at 01:33:19PM +0100, Sylvestre Ledru wrote: > I will be happy to apply a patch if you have any. > Hi Sylvestre, Here is a patch for llvm-toolchain-3.6. It is now possible to build it with the bindings enabled, since ocaml-ctypes >= 0.4 has

Bug#810084: RM: websvn (RoQA; unmaintained, rc-buggy, inactive upstream, alternatives exist)

On 01/06/2016 11:49 AM, Thijs Kinkhorst wrote: > Package: websvn > Severity: serious > > I propose to remove websvn from Debian. > > The package is unmaintained with last maintainer upload in 2011. There was > also > no response to a security issues which I fixed in an NMU one year ago. I then

Bug#792657: udating ocaml-ctypes ?

block 783919 by 792657 thanks Hi, The OCaml transition [1] seems now complete, which means that the findlib transition (and in turn, the ugrade to ctypes >= 0.4) is possible. Could you consider updating these packages ? I am trying to get the LLVM-OCaml bindings back in Debian [2], but a recent

Bug#783919: news on ocaml-llvm bindings ?

Hi Sylvestre, Do you have any news on this issue (#783919) ? What are the missing packages, and if there is any hope to have working ocaml-llvm bindings again in Debian ? Building an entire LLVM compiler is really annoying, when I miss only the bindings :/ Cheers, Pierre

Bug#702255: efitools: changing back from ITP to RFP

retitle 702255 ITP: efitools -- Tools to manipulate EFI secure boot keys and signatures owner 702255 ! block 702255 by 702254 thanks Hi, I've finally managed to get some time to work again on this ITP. I've uploaded the sbsigntool package to NEW (See #702254), which is required to build

Bug#702254: sbsigntool package

tags 702254 + pending thanks Hi, I finally got some time to work on the package again, and fix it according to the answers from FTPmasters. I'll upload it to NEW. Cheers, Pierre

Bug#783919: libllvm-3.6-ocaml-dev: empty package

Package: libllvm-3.6-ocaml-dev Version: 1:3.6-2 Severity: important Dear Maintainer, The current package libllvm-3.6-ocaml-dev from sid is empty, and does not contain the /usr/lib/ocaml/llvm-3.6/ directory and contents. Regards, Pierre -- To UNSUBSCRIBE, email to

Bug#766136: libcap-ng: Python build error, didn't fail build - empty bindings

severity 766136 normal tags 766136 + moreinfo unreproducible thanks On Tue, Oct 21, 2014 at 07:46:20AM +0100, David Halls wrote: I tried 'import capng' from Python, failed to import. Traced the problem down to libcap-ng's build has an error. See

Bug#783005: suricata: ships embedded libhtp and can conflict with a future libhtp update

On Tue, Apr 21, 2015 at 08:39:16AM +0200, Raphael Hertzog wrote: Hi, On Mon, 20 Apr 2015, Hilko Bengen wrote: * Raphaël Hertzog: But libhtp is already packaged separately. Embedded copy are best avoided and to me it looks like #777040 got fixed the wrong way. libhtp should be

Bug#772551: Suricata: missing library libhtp-0.5.12.so.1

On Mon, Feb 09, 2015 at 10:42:26PM +0100, Arturo Borrero Gonzalez wrote: On 9 February 2015 at 15:05, Pierre Chifflier pol...@debian.org wrote: This bug is solved by the next (pending) uploading, to be validated by the release team. I have a some questions: * How this could happen

Bug#772551: Suricata: missing library libhtp-0.5.12.so.1

tags 772551 + pending block 772551 by 777042 thanks Hi, This bug is solved by the next (pending) uploading, to be validated by the release team. The two bug reports for the unblock requests are: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777040 (libhtp)

Bug#772685: sagan: abandoned package/no longer works

severity 772685 normal thanks Hi, While it's true the packaging is late (mainly due to the fact that upstream completely changed the relation with libee/liblogorm, and that the released versions did not compile because the autotools files were broken), the severity of this bug is absolutely not

Bug#768154: unblock: trousers/0.3.13-3

and issue a warning if not matching the tss + user. +- Do not try to change uid before running tcsd, the daemon already changes + its uid just after starting. + * Urgency high, RC bug + + -- Pierre Chifflier pol...@debian.org Tue, 04 Nov 2014 15:11:08 +0100 + trousers (0.3.13-2

Bug#767690: trousers: fails to install: subprocess installed post-installation script returned error exit status 2

severity 767690 normal tags 767690 + unreproducible moreinfo thanks Hi, I tried for a few days to reproduce the bug on different hosts, without any luck. I'm therefore lowering the severity to normal, until having more information. Preparing to unpack .../trousers_0.3.13-2_amd64.deb ...

Bug#767690: trousers: fails to install: subprocess installed post-installation script returned error exit status 2

severity 767690 serious tags 767690 - moreinfo unreproducible thanks On Mon, Nov 03, 2014 at 09:45:13PM +0100, Andreas Beckmann wrote: On 2014-11-03 21:40, Pierre Chifflier wrote: I tried for a few days to reproduce the bug on different hosts, without did you try chroots, not real machines

Bug#754792: libbfio: FTBFS on hurd-386

On Mon, Aug 25, 2014 at 11:15:14AM +0200, Svante Signell wrote: Attached is also a build dependency on quilt in debian/control. I don't know if this is strictly needed, but is included for completeness. The source directory does not have a debian/patches directory since no patches are present

Bug#754792: libbfio: FTBFS on hurd-386

On Mon, Jul 14, 2014 at 01:15:26PM +0200, Svante Signell wrote: Source: libbfio Version: 20130507-1 Severity: important Tags: patch User: debian-h...@lists.debian.org Usertags: hurd Hello, libbfio fails to build from source due to usage of PATH_MAX,which is not defined on GNU/Hurd.

Bug#736309: libnetfilter-queue serious bug, #736309

Hi Alexandr, Bug #736309: libnetfilter-queue-{dev, dbg}: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE is marked as serious, and is causing several packages (in my cast, suricata and nfqueue-bindings) to be scheduled for autoremove. Do you plan to upload a fixed version ?

Bug#738199: Access to the oval generation script ?

Hi, It seems the script to generate OVAL definitions is broken. As the maintainer of openscap, I would like to give a try to update the script and make the definitions work again. Is it possible to access the script ? If so, where ? Thanks, Pierre -- To UNSUBSCRIBE, email to

Bug#739485: The package fails to configure in absence of suitable hardware

On Wed, Feb 19, 2014 at 10:05:01AM +0100, Didier Raboud wrote: Package: trousers Version: 0.3.11.2-1 Severity: important Unfortunately, trousers doesn't configure (in dpkg terms) correctly as it's init script fails to start with the following error. (I'm using systemd as init): Hi,

Bug#680884: [p0f] Please update to v3 [use case]

On Tue, Jan 14, 2014 at 03:51:27PM +0200, Niko Tyni wrote: On Tue, Apr 23, 2013 at 09:21:39PM +0200, Axel Beckert wrote: Chris Knadle wrote: I would be really happy if I would be able to use p0f in Debian to inform XP users that their OS will be EoL soon. :-) For that I

Bug#735170: RM: wzdftpd -- ROM; buggy, dead upstream

Package: ftp.debian.org Severity: normal Hi, Please remove wzdftpd from Debian. Upstream is dead since a long time, and it has bugs. Regards, Pierre -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact

Bug#733888: RM: nulog -- ROM; buggy, dead upstream

Package: ftp.debian.org Severity: normal Hi, Please remove nulog from Debian. Upstream is dead since a long time, and it has bugs (including RC) because it does not work with current twisted version. Regards, Pierre -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a

Bug#733567: cookiecutter: please update to 0.7.0

Package: cookiecutter Version: 0.6.4-1 Severity: wishlist Dear Maintainer, Could you update cookiecutter to the latest upstream version (0.7.0) ? It fixes several bugs and add new features. Thanks, Pierre -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of

Bug#725945: swig2.0: Missing file swigp4.ml for ocaml bindings

Package: swig2.0 Version: 2.0.10-1 Severity: normal Hi, Since some version (I cannot tell which one precisely, but I think ~ 2.0.8), the file swigp4.ml is not shipped anymore in the ocaml bindings. This file is required and should be added again. Regards, Pierre -- To UNSUBSCRIBE, email to

Bug#725670: RM: openscap [kfreebsd-*] -- ROM; ANAIS

Package: ftp.debian.org Severity: normal Hi, Due to some problems with building openscap on kfreebsd-*, I had to upload a new version disabling these architectures. Version 0.9.8-2, currently in unstable, is currently not transitioning because of the old binaries for kfreebsd-* [1]. Can you

Bug#693892: Still applies to unstable

On Tue, Aug 20, 2013 at 03:23:33PM +0200, gregor herrmann wrote: On Mon, 12 Aug 2013 16:46:41 +0200, Dominic Hargreaves wrote: This bug still appears to exist in unstable, and since glibc 2.16 is now in unstable, should probably be upgraded. It also blocks the perl 5.18 transition which

Bug#688172: openscap: Please port to libnl-3.x

On Thu, May 16, 2013 at 12:21:15AM +0200, Michael Biebl wrote: Hi, I'd like to proceed with the removal of libnl1 soon. What's the current status of this bug report? Hi Michael, This is currently in progress, but I need a few more days I think. The package for openscap has been

Bug#680884: [p0f] Please update to v3 [use case]

On Tue, Apr 23, 2013 at 05:23:44PM +0200, Axel Beckert wrote: Control: tag -1 + patch Hi Pierre, Hi Axel, Please give me some time to look at the your package, I have currently only few time because of my work. I may also need to merge your work, as I previously had a git repository with v3,

Bug#702254: ITP: sbsigntool -- Utility for signing and verifying files for UEFI Secure Boot

Package: wnpp Severity: wishlist Owner: Pierre Chifflier pol...@debian.org * Package name: sbsigntool Version : 0.6 Upstream Author : Jeremy Kerr jeremy.k...@canonical.com * URL : http://packages.ubuntu.com/quantal/sbsigntool * License : GPL-3+ with OpenSSL

Bug#702255: ITP: efitools -- Tools to manipulate EFI secure boot keys and signatures

Package: wnpp Severity: wishlist Owner: Pierre Chifflier pol...@debian.org * Package name: efitools Version : 1.4.0 Upstream Author : James Bottomley jbottom...@parallels.com * URL : http://blog.hansenpartnership.com/uefi-secure-boot/ * License : GPLv2

Bug#650842: debian packages for libbfio

On Sun, Mar 03, 2013 at 04:17:46PM +0100, Pierre Chifflier wrote: Hi Julien, I am maintaining the Debian packages for DFF, an open source forensics application and framework. The new version of dff requires a dependency on libbfio, and I saw you have filled an ITP (#650842) for it. Since

Bug#650842: debian packages for libbfio

Hi Julien, I am maintaining the Debian packages for DFF, an open source forensics application and framework. The new version of dff requires a dependency on libbfio, and I saw you have filled an ITP (#650842) for it. Since it have some packages ready here, I would like to know if you are still

Bug#575358: debian packages for libpff

Hi, I am maintaining the Debian packages for DFF, an open source forensics application and framework. The new version of dff requires a dependency on libpff, and I saw an ITP is already filled (#575358) for it. Since I have some packages ready here, I would like to know if anyone is working on

Bug#700973: unblock: trousers/0.3.9-3+wheezy1

On Thu, Feb 21, 2013 at 08:33:16PM +, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Tue, 2013-02-19 at 23:21 +0100, Pierre Chifflier wrote: Please unblock package trousers Upload 0.3.9-3+wheezy1 fixes a serious bug which causes installation of trousers to fail in some

Bug#698925: unblock: glpi/0.83.31-2

On Sat, Jan 26, 2013 at 01:39:57PM +0100, Niels Thykier wrote: Control: tags -1 moreinfo On 2013-01-25 18:57, Christian PERRIER wrote: Quoting Pierre Chifflier (pol...@debian.org): I will indeed remove the files from the source. I just did a minimal diff for the inclusion in testing

Bug#700973: unblock: trousers/0.3.9-3+wheezy1

:17.0 +0200 +++ trousers-0.3.9/debian/changelog 2013-02-19 22:56:59.0 +0100 @@ -1,3 +1,10 @@ +trousers (0.3.9-3+wheezy1) stable-proposed-updates; urgency=low + + * Reload udev rules before triggering event during postinst +(Closes: #581505) + + -- Pierre Chifflier pol...@debian.org Mon, 18

Bug#698925: unblock: glpi/0.83.31-2

package, the embedded one +contains a flash file built with a vulnerable version of yui (charts.swf). +(Closes: #694642) + * Urgency high, this is a RC bug + + -- Pierre Chifflier pol...@debian.org Fri, 25 Jan 2013 11:37:09 +0100 + glpi (0.83.31-1) unstable; urgency=medium * Imported

Bug#698925: unblock: glpi/0.83.31-2

On Fri, Jan 25, 2013 at 12:20:36PM +0100, Niels Thykier wrote: Control: tags -1 moreinfo On 2013-01-25 11:51, Pierre Chifflier wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package glpi

Bug#697512: trousers: incompatible licenses (trousers GPLv2+ / libtspi1 CPL)

On Sun, Jan 06, 2013 at 02:05:21PM +0100, Andreas Metzler wrote: Package: trousers Version: 0.3.10-1 Hello, afaict the binaries in the trousers package are not distributable. They are GPLv2+ licensed but link against against a CPL library (libtspi1). According to

Bug#692649: trousers: CVE-2012-0698

Sorry for the late reply. This seems to have fallen through the cracks and I'm currently catching up with old mail. I think this doesn't warrant a DSA, but could you fix this through a stable point update? http://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable

Bug#692649: [Fwd: Bug#692649: trousers: CVE-2012-0698]

On Sat, Nov 17, 2012 at 03:00:04PM +0100, Yves-Alexis Perez wrote: On sam., 2012-11-17 at 11:30 +0100, Pierre Chifflier wrote: Hi Security Team, I'm forwarding this email to ask for review on the correction for CVE-2012-0698 in stable (other versions are not affected). Hey

Bug#692268: vym: Cannot add accented characters to mind map

tags 692268 + unreproducible thanks On Sun, Nov 04, 2012 at 01:44:43PM +0100, Bruno Filipe Oliveira Ramos wrote: Package: vym Version: 2.3.3-1 Severity: important Tags: l10n Dear Maintainer, there seems to be a problem when adding accented characters to the mind map. If you type the

Bug#692649: trousers: CVE-2012-0698

(CVE-2012-0698) +Closes: #692649 + + -- Pierre Chifflier pol...@debian.org Thu, 08 Nov 2012 22:08:58 +0100 + trousers (0.3.5-2) unstable; urgency=low * QA upload. diff -Nru trousers-0.3.5/debian/patches/04-security-cve-2012-0698.patch trousers-0.3.5/debian/patches/04-security-cve-2012-0698

Bug#689417: opencryptoki: CVE-2012-4454 CVE-2012-4455

On Tue, Oct 30, 2012 at 06:21:07PM +0100, Moritz Muehlenhoff wrote: On Sun, Oct 21, 2012 at 10:57:38PM +0200, Arthur de Jong wrote: On Tue, 2012-10-02 at 14:37 +0200, Moritz Muehlenhoff wrote: Please see the thread starting at http://www.openwall.com/lists/oss-security/2012/09/07/2 for

Bug#682482: unblock: glpi/0.83.31-1

On Mon, Jul 30, 2012 at 02:49:50PM +0200, Niels Thykier wrote: On 2012-07-23 10:56, Pierre Chifflier wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, GLPI 0.83.31 (micro-fix based on 0.83.3) is an important

Bug#682482: unblock: glpi/0.83.31-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, GLPI 0.83.31 (micro-fix based on 0.83.3) is an important security release, fixing two CVEs: CVE-2012-4002: Bug #3704: CSRF prevention step 1 Bug #3707: CSRF prevention step 2

Bug#680343: unblock: trousers/0.3.9-2

On Sat, Jul 21, 2012 at 12:23:03PM +0200, Julien Cristau wrote: On Thu, Jul 5, 2012 at 21:25:38 +0200, Pierre Chifflier wrote: +# kill tcsd (and any other process owned by the tss user) +killall -u tss 2/dev/null || true Why is this necessary, and what happens

Bug#680343: unblock: trousers/0.3.9-2

) unstable; urgency=low + + * Add workaround for upgrade failure for versions before 0.3.8-3 +(Closes: #679621) + + -- Pierre Chifflier pol...@debian.org Wed, 04 Jul 2012 21:57:22 +0200 + trousers (0.3.9-1) unstable; urgency=low * Imported Upstream version 0.3.9 diff -Nru trousers-0.3.9

Bug#680343: unblock: trousers/0.3.9-2

On Thu, Jul 05, 2012 at 10:01:08AM +0200, Pierre Chifflier wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package trousers This version fixes an annoying bug which prevents upgrades or removal from

Bug#680343: unblock: trousers/0.3.9-2

On Thu, Jul 05, 2012 at 09:17:59PM +0200, Pierre Chifflier wrote: I've attached a full debdiff (modifications of both packages). Here it is diff -Nru trousers-0.3.9/debian/changelog trousers-0.3.9/debian/changelog --- trousers-0.3.9/debian/changelog 2012-06-18 22:22:21.0 +0200

Bug#647946: Fails to install on squeeze

fixed 647946 1.0.0-2 close 647946 thanks Hi, The installation fails because the profile for prelude-lml does not exist. The bug was fixed after Squeeze (See #616178) and documented in the README.Debian file: Profile --- A Prelude profile must be created for prelude-lml. To create it, run

Bug#631807: segfault in libcap-ng0 is back on armel - filecap , bluetoothd etc

Hi, I have merged the patch from Alban Browaeys (thanks to him for writing it) in version 0.6.6-2, just uploaded a few moments ago. Thanks, Pierre -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#673509: RM: esvn -- ROM; dead upstream, uses qt3

Package: ftp.debian.org Severity: normal Hi, Please remove esvn from unstable. Upstream is dead since 2010, and there is no Qt4 version. Thanks, Pierre -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact

Bug#671042: paxctl: Please upgrade to version 0.7

Package: paxctl Version: 0.6-1 Severity: normal Hi, Upstream version 0.7 was released for a while now, and fixes some problems with the -C option. Please upgrade to version 0.7, available at http://pax.grsecurity.net/paxctl-0.7.tar.bz2 Cheers, Pierre -- To UNSUBSCRIBE, email to

Bug#666330: suricata: FTBFS: cp: cannot stat `debian/tmp/suricata-debian.yaml': No such file or directory

tags 666330 + moreinfo unreproducible severity 666330 normal thanks On Fri, Mar 30, 2012 at 11:21:15AM +0200, Lucas Nussbaum wrote: Source: suricata Version: 1.2.1-1 Severity: serious Tags: wheezy sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20120330 qa-ftbfs qa-ftbfs-buildarch

Bug#662944: [security] embedded copy of phpCAS

Hi, Two security issues have been reported in phpCAS, which is embedded in glpi: http://seclists.org/oss-sec/2012/q1/551 I'm following this information so you can check if the embedded copy needs an update, since you are also distributing it in the standard tarball. Note that in the Debian

Bug#662944: [security] embedded copy of phpCAS

Salut, J'ai essayé d'envoyer le mail qui suit, mais il a été refusé par le serveur de ML (je ne suis pas inscrit avec la bonne adresse ..). Je le transmet donc directement, en attendant de m'inscrire. A+, Pierre Hi, Two security issues have been reported in phpCAS, which is embedded in glpi:

Bug#659383: CVE-2011-1037

On Fri, Feb 10, 2012 at 05:51:28PM +0100, Moritz Muehlenhoff wrote: Package: glpi Severity: important Tags: security Please see http://permalink.gmane.org/gmane.comp.security.full-disclosure/84497 Hi, I've prepared the package for unstable and will upload it just after sending this

Bug#652756: sslsniff: FTBFS: SSLConnectionManager.cpp:47:74: error: 'boost::asio::ip::tcp::acceptor' has no member named 'io_service'

retitle 652756 sslsniff: does not build with boost 1.48 severity 652756 normal thanks Hi, This was caused by the temporary upload of boost-dev defaulting to 1.48, which was reverted to 1.46 (so not affecting the current version anymore). I'm keeping the bug open to track the compatibility with

Bug#649599: ITP: tpm-tools -- Management tools for the TPM hardware

Package: wnpp Severity: wishlist Owner: Pierre Chifflier pol...@debian.org * Package name: tpm-tools Version : 1.3.7 Upstream Author : Kent Yoder shpedoi...@gmail.com * URL : http://trousers.sourceforge.net/ * License : CPL (http://www.opensource.org/licenses

Bug#638061: xtables-addons: next release

On Mon, Nov 21, 2011 at 04:29:10PM +1100, Dmitry Smirnov wrote: Recently I did some work on the package which I believe solve this problem. However it have been 12 days since I wrote to maintainer but got no reply so far. To get this work some visibility I put my changes to

Bug#632090:

On Sat, Nov 19, 2011 at 10:18:15PM +0100, Leo Iannacone wrote: Some news? :) Hi, This bug had somehow disappeared in my mailbox. This is now fixed in 0.8-2. Cheers, Pierre -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble?

Bug#648675: ocsinventory-server: ocsinventory can't be contacted from fusioninventory-agent

close 648675 thanks On Mon, Nov 14, 2011 at 12:18:19AM +0100, J.Pietschmann wrote: Package: ocsinventory-server Version: 2.0.2-2 Severity: important Tags: upstream Dear Maintainer, the ocsinventory server wont work with fusioninventory-agent since the upgrade to 2.0 in wheezy, this

Bug#502305: ulogd2: Status of package?

On Thu, Nov 03, 2011 at 04:36:31PM +0100, Nils Olav Fossum wrote: Hi, I just wonder if there is any news on getting the ulogd2 package into debian. Hi, Thanks for raising this bug report .. I had tons of stuff to do, and left the ulogd packages for too long. I have started again some work

Bug#645612: libopenscap1 and libopenscap0: error when trying to install together

On Mon, Oct 17, 2011 at 01:20:53PM +0200, Ralf Treinen wrote: Package: libopenscap0,libopenscap1 Version: libopenscap0/0.7.3-1 Version: libopenscap1/0.8.0-1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2011-10-17 Architecture: amd64 Distribution: sid

Bug#645612: libopenscap1 and libopenscap0: error when trying to install together

On Mon, Oct 17, 2011 at 02:39:52PM +0200, Julien Cristau wrote: On Mon, Oct 17, 2011 at 14:13:03 +0200, Pierre Chifflier wrote: On Mon, Oct 17, 2011 at 01:20:53PM +0200, Ralf Treinen wrote: Package: libopenscap0,libopenscap1 Version: libopenscap0/0.7.3-1 Version: libopenscap1/0.8.0-1

Bug#644928: ITP: dff -- A powerful, efficient and modular digital forensic tool

Package: wnpp Severity: wishlist Owner: Pierre Chifflier pol...@debian.org * Package name: dff Version : 1.2.0 Upstream Author : ArxSys * URL : http://www.digital-forensic.org/ * License : GPLv2 Programming Lang: C and Python Description : A powerful

Bug#644400: zsh: please enable hardening options

Source: zsh Severity: normal Tags: patch User: debian...@lists.debian.org Usertags: hardening Hardening options is a proposed release goal for Wheezy [1]. Having important package compiled with the hardening options will add various protections against issues such as stack smashing, predictable

Bug#644402: tcsh: please enable hardening options

Source: tcsh Severity: normal Tags: patch User: debian...@lists.debian.org Usertags: hardening Hardening options is a proposed release goal for Wheezy [1]. Having important package compiled with the hardening options will add various protections against issues such as stack smashing, predictable

Bug#644408: aiccu: please enable hardening options

Source: aiccu Severity: normal Tags: patch User: debian...@lists.debian.org Usertags: hardening Hardening options is a proposed release goal for Wheezy [1]. Having important package, interpreters and daemons compiled with the hardening options will add various protections against issues such as

Bug#644412: dpkg-buildflags: use DEB_BUILD_MAINT_OPTIONS when including buildflags.mk

Package: dpkg Version: 1.16.1 Severity: normal Hi, When using the following Makefile snippet: DEB_BUILD_MAINT_OPTIONS = hardening=+pie,+bindnow export DEB_BUILD_MAINT_OPTIONS -include /usr/share/dpkg/buildflags.mk export CFLAGS LDFLAGS The variable DEB_BUILD_MAINT_OPTIONS is not used, and the

Bug#644413: isc-dhcp: please enable hardening options

Source: isc-dhcp Severity: normal Tags: patch User: debian...@lists.debian.org Usertags: hardening Hardening options is a proposed release goal for Wheezy [1]. Having important package, interpreters and daemons compiled with the hardening options will add various protections against issues such

Bug#644427: openldap: please enable hardening options

Source: openldap Severity: normal Tags: patch User: debian...@lists.debian.org Usertags: hardening Hardening options is a proposed release goal for Wheezy [1]. Having important package, interpreters and daemons compiled with the hardening options will add various protections against issues such

Bug#644437: amanda: please enable hardening options

Source: amanda Severity: normal Tags: patch User: debian...@lists.debian.org Usertags: hardening Hardening options is a proposed release goal for Wheezy [1]. Having important package, interpreters and daemons compiled with the hardening options will add various protections against issues such as

Bug#644427: [Pkg-openldap-devel] Bug#644427: openldap: please enable hardening options

On Wed, Oct 05, 2011 at 01:26:47PM -0700, Steve Langasek wrote: tags 644427 - patch thanks On Wed, Oct 05, 2011 at 09:10:57PM +0200, Pierre Chifflier wrote: --- openldap-2.4.25.orig/debian/rules 2011-10-05 18:56:46.0 +0200 +++ openldap-2.4.25/debian/rules2011-10-05

Bug#641350: patch for #641350

+ +Author: Pierre Chifflier +Description: Fix build error with -Werror=format-security hardening flag. + +diff -ruN bash-4.1.orig/print_cmd.c bash-4.1/print_cmd.c +--- bash-4.1.orig/print_cmd.c 2009-09-16 21:32:26.0 +0200 bash-4.1/print_cmd.c 2011-09-16 11:38:40.0 +0200 +@@ -1374,7

Bug#644295: vsftpd: please enable hardening options

Package: vsftpd Version: 2.3.4-1 Severity: normal Tags: patch Hardening options is a proposed release goal for Wheezy [1]. vsftpd is a FTP daemon aiming at security, so having its package compiled with the hardening options seems really like a good idea. I have rebuilt the package with

  1   2   3   >