Processing commands for cont...@bugs.debian.org:
severity 665642 serious
Bug #665642 [xarchiver] [xarchiver] crashes when opening 7z archives
Bug #551468 [xarchiver] xarchiver fails to open 7z archives
Bug #685712 [xarchiver] xarchiver: don't show correct file list with 7zip
archive
Severity
Package: bind9
Severity: grave
Tags: security
Justification: user security hole
Please see https://kb.isc.org/article/AA-00828
Stable is not affected. This needs to be fixed through testing-proposed-updates,
since the testing and unstable packages have diverged and won't be updated that
late in
Attached is the latest debdiff
diff -Nru xarchiver-0.5.2+20090319+dfsg/debian/changelog
xarchiver-0.5.2+20090319+dfsg/debian/changelog
--- xarchiver-0.5.2+20090319+dfsg/debian/changelog 2012-12-05
09:06:47.0 +0100
+++ xarchiver-0.5.2+20090319+dfsg/debian/changelog 2012-12-05
On Wed, Nov 28, 2012 at 07:52:51AM -0800, Jonathan Nieder wrote:
If you can bisect to find the first unaffected kernel between 3.2 and
3.3-rc6 as described at [1], that would be excellent. Thanks much for
your work.
I have now been bisecting (I skipped the drm tree reset, this is bisect
On Wed, 05 Dec 2012 10:18:20 +0100, Andreas Beckmann wrote:
unarchive 606781
found 606781 1.0.5-0.2
This has also reopened the bug and marked it as found in all versions
since then; was this on purpose or an unintended side-effect?
That seems to have been a side effect since there was no
Package: release.debian.org
Severity: serious
User: release.debian@packages.debian.org
Usertags: pu security
Hi,
Please pre-approve an upload to stable-security to update bogofilter for
http://security-tracker.debian.org/tracker/CVE-2012-5468
Here's the diff against the package in squeeze
Hi Michael,
On Tue, December 4, 2012 20:25, Michael Stapelberg wrote:
On Fri, 30 Nov 2012 16:14:42 +0100
Moritz Muehlenhoff j...@inutil.org wrote:
http://www.openwall.com/lists/oss-security/2012/10/29/8
Please see the Red Hat bug for more details on the patch
status:
On Tue, Dec 04, 2012 at 08:01:58PM +0100, Tobias Hansen wrote:
the discussion in RC bug #591969 ended with a call for a wheezy-ignore
tag. The bug was also tagged squeeze-ignore. What does the release team say?
In general, I'm fairly loathed to add a *second* release ignore tag.
Can someone
Processing commands for cont...@bugs.debian.org:
severity 692852 serious
Bug #692852 [src:dolphin] dolfin: Avoid hardcoding the swig2.0 version
Warning: Unknown package 'src:dolphin'
Severity set to 'serious' from 'minor'
Warning: Unknown package 'src:dolphin'
thanks
Stopping processing here.
Control: tags -1 + moreinfo
On 05.12.2012 11:27, Serafeim Zanikolas wrote:
Please pre-approve an upload to stable-security to update bogofilter
for
http://security-tracker.debian.org/tracker/CVE-2012-5468
If you really mean stable-security then you need to be talking to the
security team...
Processing control commands:
tags -1 + moreinfo
Bug #695198 [release.debian.org] pu: package bogofilter/1.2.2-2
Added tag(s) moreinfo.
--
695198: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695198
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE,
Processing commands for cont...@bugs.debian.org:
reassign 692852 dolphin
Bug #692852 [src:dolphin] dolfin: Avoid hardcoding the swig2.0 version
Warning: Unknown package 'src:dolphin'
Bug reassigned from package 'src:dolphin' to 'dolphin'.
Ignoring request to alter found versions of bug #692852
Processing commands for cont...@bugs.debian.org:
found 692852 1.0.0-7
Bug #692852 [dolphin] dolfin: Avoid hardcoding the swig2.0 version
There is no source info for the package 'dolphin' at version '1.0.0-7' with
architecture ''
Unable to make a source version for version '1.0.0-7'
Marked as
On Wed, Dec 05, 2012 at 09:31:00AM +0100, Moritz Muehlenhoff wrote:
Package: bind9
Severity: grave
Tags: security
Justification: user security hole
Please see https://kb.isc.org/article/AA-00828
Stable is not affected. This needs to be fixed through
testing-proposed-updates,
since the
Processing commands for cont...@bugs.debian.org:
reassign 692852 src:dolfin dolfin/1.0.0-7
Bug #692852 [dolphin] dolfin: Avoid hardcoding the swig2.0 version
Bug reassigned from package 'dolphin' to 'src:dolfin'.
No longer marked as found in versions 1.0.0-7.
Ignoring request to alter fixed
Processing commands for cont...@bugs.debian.org:
reassign 692852 dolfin
Bug #692852 [src:dolfin] dolfin: Avoid hardcoding the swig2.0 version
Bug reassigned from package 'src:dolfin' to 'dolfin'.
No longer marked as found in versions dolfin/1.0.0-7.
Ignoring request to alter fixed versions of
Your message dated Wed, 5 Dec 2012 13:45:51 +0100
with message-id 20121205124551.GC26998@mobee
and subject line Re: Bug#695198: pu: package bogofilter/1.2.2-2
has caused the Debian Bug report #695198,
regarding pu: package bogofilter/1.2.2-2
to be marked as done.
This means that you claim that
Hi Jan,
I have a new package version containing your patch ready. I filed #689588
[1] to ask the Release team whether the change could get a freeze exception.
I got no response so far.
as far as I can see the way of action is to upload the fixed package to
unstable and then
reportbug
Hi Roland,
what about NMUing the package right now once you have found a proper
patch? If there are any reasons that might prevent you from uploading
just ping me about this.
Kind regards
Andreas.
--
http://fam-tille.de
--
To UNSUBSCRIBE, email to
Hi,
reading Andreas' hint how to really solve the problem looks pretty
straightforward to me. If you just need some helping hand for the
upload feel free to ping me for another NMU.
Kind regards
Andreas.
--
http://fam-tille.de
--
To UNSUBSCRIBE, email to
Processing commands for cont...@bugs.debian.org:
tags 677650 + pending
Bug #677650 [unhide.rb] unhide.rb: in `module:LibC': uninitialized constant
DL::Importable (NameError)
Added tag(s) pending.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
677650:
Hi Andreas,
On 12/05/2012 01:57 PM, Andreas Tille wrote:
what about NMUing the package right now once you have found a proper
patch? If there are any reasons that might prevent you from uploading
just ping me about this.
I just wanted to see if any buildd-tools developer wanted to upload.
I
On Wed, Dec 05, 2012 at 02:40:20PM +0100, Roland Stigge wrote:
Hi Andreas,
On 12/05/2012 01:57 PM, Andreas Tille wrote:
what about NMUing the package right now once you have found a proper
patch? If there are any reasons that might prevent you from uploading
just ping me about this.
Processing control commands:
reassign 675895 icu 4.8.1.1-7
Bug #675895 {Done: Alessandro Ghedini gh...@debian.org} [src:parrot] parrot:
FTBFS in sid: (.text+0x20): undefined reference to `main'
Bug reassigned from package 'src:parrot' to 'icu'.
No longer marked as found in versions
On 12/05/2012 02:57 PM, Roger Leigh wrote:
On Wed, Dec 05, 2012 at 02:40:20PM +0100, Roland Stigge wrote:
On 12/05/2012 01:57 PM, Andreas Tille wrote:
what about NMUing the package right now once you have found a proper
patch? If there are any reasons that might prevent you from uploading
Control: reassign 675895 icu 4.8.1.1-7
Control: fixed 675895 4.8.1.1-8
Control: affects 675895 + parrot
Hi Alessandro and Jay
On Tue, Jun 05, 2012 at 02:22:07PM -0400, Jay Berkenbilt wrote:
Alessandro Ghedini al3x...@gmail.com wrote:
Apparently it's icu-config --ldlfags (called by Parrot's
On 12/05/2012 03:11 PM, Roland Stigge wrote:
But don't worry - it's just a minor change and at least fixes the issue
for the protocol. ;-) So others won't be disturbed by it during bug
squashing.
So please consider sbuild 0.63.2-1.1 for wheezy (freeze exemption).
(Maybe Roger will override the
On Wed, Dec 05, 2012 at 03:17:11PM +0100, Roland Stigge wrote:
On 12/05/2012 03:11 PM, Roland Stigge wrote:
But don't worry - it's just a minor change and at least fixes the issue
for the protocol. ;-) So others won't be disturbed by it during bug
squashing.
So please consider sbuild
Am 05.12.2012 13:07, schrieb Neil McGovern:
Can someone explain: 1) Why there were no updates to the bug
between December 2010 and June 2012?
The bug could not be resolved, so i didnt see any reason to update it.
Work was going on in the background to fix this (libjs-swfobject,
libjs-swfupload
Package: bzr-loom
Version: 2.2.0-2
Severity: grave
Tags: upstream
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
bzr: ERROR: exceptions.AttributeError: 'module' object has no attribute
'BzrBranch5'
Traceback (most recent call last):
File /usr/lib/python2.7/dist-packages/bzrlib/commands.py,
Package: agda-stdlib
Version: 0.6-2
Severity: grave
Justification: renders package unusable
Data.FFI module is contained in ffi subdirectory of source tarball.
It is needed for compilation using MAlonzo backend, but isn't provided by
agda-stdlib or any related package.
-- System Information:
On Wed, Dec 5, 2012 at 10:56 PM, Christian Welzel wrote:
2) What action is being taken to resolve the unbuildability of the
AS1 SWFs?
Nothing. There is simply no open source AS1 compiler.
mtasc has been in Debian for years:
http://packages.debian.org/sid/mtasc
--
bye,
pabs
On Wed, Dec 5, 2012 at 11:06 PM, Paul Wise wrote:
On Wed, Dec 5, 2012 at 10:56 PM, Christian Welzel wrote:
2) What action is being taken to resolve the unbuildability of the
AS1 SWFs?
Nothing. There is simply no open source AS1 compiler.
mtasc has been in Debian for years:
On Wed, Dec 5, 2012 at 10:56 PM, Christian Welzel wrote:
2) What action is being taken to resolve the unbuildability of the
AS1 SWFs?
Nothing. There is simply no open source AS1 compiler.
There is makeswf from libming-utils but it doesn't appear to be able
to compile
On Wed, Dec 5, 2012 at 15:17:11 +0100, Roland Stigge wrote:
On 12/05/2012 03:11 PM, Roland Stigge wrote:
But don't worry - it's just a minor change and at least fixes the issue
for the protocol. ;-) So others won't be disturbed by it during bug
squashing.
So please consider sbuild
Package: xcp-xapi
Version: 1.3.2-13
Severity: critical
I get this bug when installing XCP and configuring the network portion of it.
When I issue the following command:
xe pif-reconfigure-ip uuid=$PIF_UUID mode=static IP=10.0.0.10
netmask=255.255.255.240 gateway=10.0.0.1 DNS=10.5.1.2,10.5.1.3
Riku Voipio wrote:
On Wed, Nov 28, 2012 at 07:52:51AM -0800, Jonathan Nieder wrote:
If you can bisect to find the first unaffected kernel between 3.2 and
3.3-rc6 as described at [1], that would be excellent. Thanks much for
your work.
I have now been bisecting (I skipped the drm tree reset,
Hi Christophe
I was looking at current RC bugs for wheezy and noticed #694368. I saw
that you already commited the changes to git[1] however also including
a new upstream version afterwards.
[1]:
Hi,
seems the package is ready for an upload. Any reason why this is not
done? I could sponsor an upload or NMU if this would help.
Kind regards
Andreas.
--
http://fam-tille.de
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe.
On 12/05/2012 04:34 PM, Julien Cristau wrote:
On Wed, Dec 5, 2012 at 15:17:11 +0100, Roland Stigge wrote:
On 12/05/2012 03:11 PM, Roland Stigge wrote:
But don't worry - it's just a minor change and at least fixes the issue
for the protocol. ;-) So others won't be disturbed by it during bug
[also sent to 683671@b.d.o since this concerns dash; for reportbug,
one should do a test with bash as /bin/sh to see whether reportbug
is really buggy or if this is just a consequence of the dash bug.]
On 2012-12-05 16:53:41 +0100, Vincent Lefevre wrote:
I think I've found how to reproduce it.
Hi,
I've uploaded the two packages to mentors.debian.net.
We must solve the two bugs at the same time because axis uses
commons-httpclient.
Upstream seems End-of-life and rejected the patches.
El mié, 05-12-2012 a las 16:43 +0100, Andreas Tille escribió:
Hi,
seems the package is ready for
Processing commands for cont...@bugs.debian.org:
# version got lost
found 692852 1.0.0-7
Bug #692852 [dolfin] dolfin: Avoid hardcoding the swig2.0 version
There is no source info for the package 'dolfin' at version '1.0.0-7' with
architecture ''
Unable to make a source version for version
tag 656301 + patch
tag 692261 + patch
On Wed, 05 Dec 2012 17:34:59 +0530, Kartik Mistry wrote:
On Wed, Dec 5, 2012 at 5:23 PM, Markus Koschany a...@gambaru.de wrote:
thanks for your interest in xarchiver. I haven't found a sponsor yet, so
please go ahead!
Uploaded! Thanks for your work!
On Wed, Dec 5, 2012 at 17:05:26 +0100, Roland Stigge wrote:
On 12/05/2012 04:34 PM, Julien Cristau wrote:
On Wed, Dec 5, 2012 at 15:17:11 +0100, Roland Stigge wrote:
On 12/05/2012 03:11 PM, Roland Stigge wrote:
But don't worry - it's just a minor change and at least fixes the issue
for
On Wed, 05 Dec 2012 13:20:48 +0100, Ralf Treinen wrote:
This has now made python-dolphin not installable in sid since the version of
swig in sid has passed to 2.0.8-1 on 2012-10-31. However, python-dolphin still
depends on swig2.0 (= 2.0.7), swig2.0 ( 2.0.8~).
Hence raising severity to
notfound 684130 4:2.6.0-1+1
thanks
On Tue, 7 Aug 2012 12:34:43 +0300
Grey Fenrir grey.fen...@gmail.com wrote:
Package: digikam
Version: 4:2.6.0-1+b1
Severity: grave
Justification: renders package unusable
I cannot reproduce the crash with that version (neither with
4:2.6.0-1+b2 which is
Processing commands for cont...@bugs.debian.org:
notfound 684130 4:2.6.0-1+1
Bug #684130 {Done: Mark Purcell m...@debian.org} [digikam] digikam: crash
when starts
There is no source info for the package 'digikam' at version '4:2.6.0-1+1' with
architecture ''
Unable to make a source version for
Hi gregor,
On 05.12.2012 19:03, gregor herrmann wrote:
BTW: I don't think it's a good idea to combine the fix for one RC
bugs with changes that fix 2 minor bugs in an upload that should get
into wheezy ...
I think fixing the two minor bugs is covered by point 4 of the freeze
policy. It's a
Processing commands for cont...@bugs.debian.org:
severity 695224 grave
Bug #695224 [perl-modules] perl-modules: Locale::Maketext code injection
Severity set to 'grave' from 'important'
thanks
Stopping processing here.
Please contact me if you need assistance.
--
695224:
Processing commands for cont...@bugs.debian.org:
severity 693420 grave
Bug #693420 [perl-modules] CVE-2012-5526 CGI.pm: Newline injection due to
improper CRLF escaping in Set-Cookie and P3P headers
Severity set to 'grave' from 'important'
thanks
Stopping processing here.
Please contact me if
On Wed, 28 Nov 2012 19:33:58 -0500, Andres Cimmarusti wrote:
This patch solves this problem:
http://git.fedorahosted.org/cgit/pycups.git/commit/?id=7fdad2e693e74b8811beca28d4ac6dd1619c988a
Thanks, I've now backported this patch to the current Debian package.
Debdiff attached; since I can't
Processing commands for cont...@bugs.debian.org:
tags 693420 +patch
Bug #693420 [perl-modules] CVE-2012-5526 CGI.pm: Newline injection due to
improper CRLF escaping in Set-Cookie and P3P headers
Added tag(s) patch.
tags 695224 +patch
Bug #695224 [perl-modules] perl-modules: Locale::Maketext
Processing commands for cont...@bugs.debian.org:
notfound 684130 4:2.6.0-1+b1
Bug #684130 {Done: Mark Purcell m...@debian.org} [digikam] digikam: crash
when starts
Ignoring request to alter found versions of bug #684130 to the same values
previously set
thanks
Stopping processing here.
Processing commands for cont...@bugs.debian.org:
notfound 684130 4:2.6.0-1
Bug #684130 {Done: Mark Purcell m...@debian.org} [digikam] digikam: crash
when starts
No longer marked as found in versions digikam/4:2.6.0-1.
thanks
Stopping processing here.
Please contact me if you need assistance.
Processing commands for cont...@bugs.debian.org:
tag 694055 pending
Bug #694055 [gnome-themes-standard] gnome-themes-standard: fails to upgrade
from 'sid' - trying to overwrite
/usr/share/gnome-background-properties/adwaita.xml
Added tag(s) pending.
thanks
Stopping processing here.
Please
tag 694055 pending
thanks
Hello!
Just a short note that this is fixed in svn and looks like it will
be part of the upcoming package version 3.6.2-1 ... see:
http://anonscm.debian.org/viewvc/pkg-gnome/desktop/experimental/gnome-themes-standard/debian/changelog?revision=36326view=markup
A
tags 642136 + patch
thanks
I agree with Joey Hess: Available to alle users should not be the
default for new wifi connections, so that unprivileged users can
connect to new networks without needing a sudo or root password, or
additional policykit privileges.
The attached patch to the
Processing commands for cont...@bugs.debian.org:
severity 694846 grave
Bug #694846 [dicomscope] dicomscope: Exception in thread main
java.lang.UnsatisfiedLinkError
Severity set to 'grave' from 'normal'
thanks
Stopping processing here.
Please contact me if you need assistance.
--
694846:
Processing commands for cont...@bugs.debian.org:
tags 642136 + patch
Bug #642136 [network-manager] network-manager: Connecting to a wifi network
requires org.freedesktop.NM.settings.modify.system privileges
Bug #645815 [network-manager] network-manager-gnome: Should not create
system-wide
Hi Alberto,
On Wed, Dec 05, 2012 at 06:01:51PM +0100, Alberto Fernández wrote:
I've uploaded the two packages to mentors.debian.net.
We must solve the two bugs at the same time because axis uses
commons-httpclient.
I guess you mean bug #692442, right?
Upstream seems End-of-life and
tags -1 + pending
thanks
On Wed, 12 Oct 2011 23:52:22 +0200
Jonas Smedegaard d...@jones.dk wrote:
The source package contains only compressed Javascript code which is
then copied as-is to the binary package.
Instead, the source package should be the proper upstream source and
use a tool
Processing commands for cont...@bugs.debian.org:
tags 645133 + pending
Bug #645133 [simile-timeline] simile-timeline: source package should use proper
source
Added tag(s) pending.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
645133:
Hi Andreas
I've uploaded both packages to mentors.
commons-httpclient - bug #692442 CVE-2012-5783
axis - bug #692650 CVE-2012-5784
Since axis uses commons-httpclient, we need fix and upload both
packages.
Upstream has ignored axis patch, and rejected commons-httpclient patch.
Basically, they
reopen 669513
thanks
The bug is in gnat-4.4. You tested the wrong package.
Cheers,
Tobias
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processing commands for cont...@bugs.debian.org:
reopen 669513
Bug #669513 {Done: Michael Stapelberg stapelb...@debian.org} [src:gnat-4.4]
gnat-4.4: FTBFS: unsatisfiable build-dependency: gcc-4.4-source ( 4.4.7) but
4.4.7-1 is to be installed
Bug reopened
Ignoring request to alter fixed
Hi Tobias,
Tobias Hansen than...@debian.org writes:
The bug is in gnat-4.4. You tested the wrong package.
I missed the fact that gnat-4.4 is _also_ in testing. My apologies.
--
Best regards,
Michael
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of
Your message dated Wed, 5 Dec 2012 18:34:57 -0500
with message-id
CANTw=mopjzys0emosnnd59owyqjapk_m_+m3ydsjmgmkp5f...@mail.gmail.com
and subject line re: oss4-base: 4.2-build2007-1+nmu1 adds clicking sounds into
audio
has caused the Debian Bug report #694631,
regarding oss4-base:
control: reassign -1 bzr
control: found -1 2.6.0~bzr6571-1
control: retitle -1 bzr: breaks bzr-loom 2.2.0-2
Only experimental bzr has this problem.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Processing control commands:
reassign -1 bzr
Bug #695215 [bzr-loom] breaks with newer versions of bzr
Bug reassigned from package 'bzr-loom' to 'bzr'.
No longer marked as found in versions bzr-loom/2.2.0-2.
Ignoring request to alter fixed versions of bug #695215 to the same values
previously
control: severity -1 wishlist
control: tag -1 upstream
control: reopen -1
Reopening since the issue was worked around rather than fixed. This
should really be addressed upstream, so it should be forwarded there
by someone with more interest than myself.
Thanks,
Mike
--
To UNSUBSCRIBE, email
Processing control commands:
severity -1 wishlist
Bug #693659 {Done: Michael Gilbert mgilb...@debian.org} [src:oss4] vmix
floating-point mode does not use proper API on Linux
Severity set to 'wishlist' from 'grave'
tag -1 upstream
Bug #693659 {Done: Michael Gilbert mgilb...@debian.org}
Package: winetricks
Version: 0.0+20121030+svn918-1
Severity: serious
Hi,
I've labeled this Serious since I believe multiarch is a release goal,
but that might be incorrect.
My errors might also follow from never using multiarch before, but I did
the following, which I believe is correc,t and
control: severity -1 normal
Downgrading the severity since this not a severe issue and its easy
enough to workaround.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processing control commands:
severity -1 normal
Bug #695221 [xcp-xapi] xcp-xapi: xe pif-reconfigure-ip doesn't work with non
255.255.255.0 subnet netmask
Severity set to 'normal' from 'critical'
--
695221: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695221
Debian Bug Tracking System
Hi,
Axel Beckert wrote:
evolvotron fails to build from source on ia64, but built in the past:
Nevertheless no change in evolvotron seems to be the cause for that but a
change somewhere in the build-dependencies/toolchain as versions which
built before now FTBFS, too, namely the version in
Hi,
Moritz Muehlenhoff j...@debian.org writes:
On Sun, Nov 25, 2012 at 11:07:38AM +0900, Arnaud Fontaine wrote:
The following CVEs are not affecting Zope2 package (Plone/Zope3/..)
(within brackets is the Product/module/... affected along with the
corresponding filename in Plone Hotfix):
Hi,
Axel Beckert wrote:
The new upstream version (plus some package maintenance like using
dpkg-buildflags) builds fine on at least amd64 and ia64. Hence the
pending tag.
But it's not the new upstream version which fixes the issue but me
having enabled hardening build flags (which was
Hi Andreas
I've uploaded both packages to mentors.
commons-httpclient - bug #692442 CVE-2012-5783
axis - bug #692650 CVE-2012-5784
Since axis uses commons-httpclient, we need fix and upload both
packages.
Upstream has ignored axis patch, and rejected commons-httpclient patch.
Hi,
Axel Beckert wrote:
But it's not the new upstream version which fixes the issue but me
having enabled hardening build flags (which was anything but trivial
with that package). Actually, according to git bisect, this commit
solves the issue:
Hi All
The upstream patch for CVE-2012-5783 referred to in Red Hat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=873317#c3
Is the 4.x patch. As you've noted, there is no 3.x patch available and
upstream won't provide one because it is EOL. I think Alberto's patch
looks sane (from a
On Thu, Dec 6, 2012 at 12:08 AM, Markus Koschany a...@gambaru.de wrote:
I think fixing the two minor bugs is covered by point 4 of the freeze
policy. It's a win-win situation and it comes without altering one
single line of code.
http://release.debian.org/wheezy/freeze_policy.html
.. and
Hi,
thanks for the additional information. Please note that I uploaded the
NMUed packages yesterday. In case the just one small issue mentioned
by David below is serious above please reopen the bug report to prevent
migration to testing (I also filed unblock request bugs).
Kind regards
Package: mesa
Severity: grave
Tags: security
Justification: user security hole
This issue affects mesa:
http://googlechromereleases.blogspot.de/2012/11/stable-update-for-chrome-os_30.html
Proposed patch:
http://www.mail-archive.com/mesa-dev@lists.freedesktop.org/msg29015.html
I don't see the
Package: tomcat6
Severity: grave
Tags: security
Justification: user security hole
More Tomcat security issues have been disclosed:
http://tomcat.apache.org/security-6.html
The page contains links to the upstream fixes.
BTW, is there a specific reason why both tomcat6 and tomcat7 are present in
Package: tomcat7
Severity: grave
Tags: security
Justification: user security hole
New security issues in Tomcat have been disclosed:
http://tomcat.apache.org/security-7.html
The page contains links to upstream fixes.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to
86 matches
Mail list logo
