Your message dated Fri, 07 Jun 2019 00:10:15 +
with message-id
and subject line Bug#930050: fixed in miniupnpd 2.1-6
has caused the Debian Bug report #930050,
regarding miniupnpd: CVE-2019-12107 CVE-2019-12108 CVE-2019-12109
CVE-2019-12110 CVE-2019-12111
to be marked as done.
This means
Control: severity -1 normal
Am 07.06.19 um 00:55 schrieb Adam Borowski:
> Source: systemd
> Version: 241-5
> Severity: critical
> Justification: breaks the whole system
>
>
> When trying to switch to any other init system (and d-i offers no way to
> start with anything but systemd), prerm
Processing control commands:
> severity -1 normal
Bug #930105 [src:systemd] systemd: prerm fail breaks apt and renders system
hard to recover
Severity set to 'normal' from 'critical'
--
930105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930105
Debian Bug Tracking System
Contact
Source: systemd
Version: 241-5
Severity: critical
Justification: breaks the whole system
When trying to switch to any other init system (and d-i offers no way to
start with anything but systemd), prerm refuses to uninstall _in the middle
of the apt run_. This leaves the system in a broken
Processing commands for cont...@bugs.debian.org:
> # workaround mentioned in the bug, thus not completely unusable
> severity 930088 important
Bug #930088 [mpg123] mpg123 plays back gibberish instead of music from mp3 files
Severity set to 'important' from 'grave'
> thanks
Stopping processing
On Tue, 4 Jun 2019 00:09:06 +0900 Hideki Yamane wrote:
> Just removing some lines from debian/rules improves it, debdiff
> attached.
I've submitted it to DELEYED/5 queue, feel free to cancel it.
--
Regards,
Hideki Yamane henrich @ debian.org/iijmio-mail.jp
Are you using the alsa output plugin with routing to pulseaudio? I remember this
from Ubuntu systems. Running mpg123 -o pulse works, -o alsa plays static noise.
Maybe some byte offset not aligned to the data type ...
I suspect the link from alsa to pulse is faulty, as mpg123's alsa output module
Le 06/06/2019 à 22:28, Xavier a écrit :
> Le 06/06/2019 à 09:07, Pirate Praveen a écrit :
>>
>>
>> On 2019, ജൂൺ 6 11:00:16 AM IST, Xavier wrote:
>>> My reducejs tool gives a new analysis:
>>> * downgraded modules to embed
>>> - process-nextick-args : 2.0.0 => 1.0.7
>>
>> This is handled by a
Processing commands for cont...@bugs.debian.org:
> tags 930016 + pending
Bug #930016 [patroni] patroni: pg_createconfig_patroni writes empty
configuration file if default dcs.yml is used
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
Le 06/06/2019 à 09:07, Pirate Praveen a écrit :
>
>
> On 2019, ജൂൺ 6 11:00:16 AM IST, Xavier wrote:
>> My reducejs tool gives a new analysis:
>> * downgraded modules to embed
>> - process-nextick-args : 2.0.0 => 1.0.7
>
> This is handled by a patch.
>
>
I've already created a patch
Have a look at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017#12 and
https://salsa.debian.org/phpmyadmin-team/phpmyadmin/merge_requests/6
Le 06/06/2019 à 21:34, Paul Gevers a écrit :
> Hi Alexis,
>
> On Sun, 2 Jun 2019 22:35:47 +0200 Alexis Murzeau wrote:
>> Did you have any chance to look at this ? Is this upload ok ?
>
> Looking at the message header (the TO field) you addressed you sponsor
> with this question, right? I think
Processing commands for cont...@bugs.debian.org:
> severity 930029 important
Bug #930029 [src:linux] linux-image-4.19.0-5-amd64: Kernel stucks at load
initramfs on ASUS KGPE-D16
Severity set to 'important' from 'critical'
> thanks
Stopping processing here.
Please contact me if you need
On Thu, Jun 06, 2019 at 11:07:31AM +, Riku Voipio wrote:
> Sorry for missign this bug completly. I'll get into fixing at.
I pushed a fix to the arm64 branch:
https://salsa.debian.org/chromium-team/chromium/commit/945283642d205c7b5a5129030f525109ee7b22c1
Riku
Processing commands for cont...@bugs.debian.org:
> severity 930061 normal
Bug #930061 [openssl] openssl: causes regression in kronosnet memory checks
Severity set to 'normal' from 'serious'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
930061:
Hi Alexis,
On Sun, 2 Jun 2019 22:35:47 +0200 Alexis Murzeau wrote:
> Did you have any chance to look at this ? Is this upload ok ?
Looking at the message header (the TO field) you addressed you sponsor
with this question, right? I think you should however be able to answer
the question by
Package: mpg123
Version: 1.25.10-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
I wanted to play some music on my freshly set up laptop, and my usual approach
is to
type 'mpg123 -Z *.mp3'. However, no matter which mp3 file I played (out
of 100+), they all came out
Hi Daniel,
On Thu, Jun 06, 2019 at 08:35:47AM +0200, Daniel Lange wrote:
> Am 06.06.19 um 07:31 schrieb Salvatore Bonaccorso:
> > Could you again point me to your splitted up variant mirror?
>
> https://git.faster-it.de/debian_security_security-tracker_split_files/
Thanks!
While starting to
I see now...
dpkg-statoverride: error: group '_kea' does not exist
I will fix this...
Jason
On Thu, Jun 6, 2019 at 10:06 AM Jason Guy wrote:
> Hi Shane,
>
> Thanks for the help on this. I thought the username is automatically
> created with a group of the same name, as part of user
Hi Shane,
Thanks for the help on this. I thought the username is automatically
created with a group of the same name, as part of user creation.
Is the _kea group not getting created when you installed it? Please let me
know what OS and version you tested on.
I see there is a loop that also set
Package: dctrl-tools
Version: 2.24-3
Severity: serious
Hi!
The join-dctrl command segfaults with the attached files.
,---
$ join-dctrl Packages-A Packages-B
Segmentation fault (core dumped)
`---
Thanks,
Guillem
Package: aaa
Version: 1.0
Package: bbb
Version: 1.1
Package: zzz
Version:
Hi Vincent,
On Wed, Jun 05, 2019 at 12:28:14AM +0200, Vincent Tondellier wrote:
> Hi,
>
> The patch enable-md-clear.patch in the deb9u6 update for stretch is wrong.
> It defines md-clear to the 26th bit of FEAT_6_EAX instead of the 10th bit
> of FEAT_7_0_EDX because the offset is wrong in the
Your message dated Thu, 06 Jun 2019 13:34:38 +
with message-id
and subject line Bug#928948: fixed in wpa 2:2.7+git20190128+0c1e29f-6
has caused the Debian Bug report #928948,
regarding hostapd: syslog is spammed every two seconds
to be marked as done.
This means that you claim that the
Hi folks,
On Tue, 28 May 2019 17:59:56 +0200 Andreas Beckmann wrote:
> Followup-For: Bug #891493
> Control: severity -1 serious
>
> Hi,
>
> this unwarranted co-installability prevention between numix-gtk-theme and
> murrine-themes also causes a stretch -> buster upgrade issue detected by
>
Processing control commands:
> tags -1 +patch +fixed-upstream
Bug #929954 [rst2pdf] [python-reportlab] 3.5.21-1 breaks rst2pdf
Added tag(s) patch.
Bug #929954 [rst2pdf] [python-reportlab] 3.5.21-1 breaks rst2pdf
Added tag(s) fixed-upstream.
--
929954:
control: tags -1 +patch +fixed-upstream
Hello,
On Wed, 5 Jun 2019 11:02:38 +0200 Matthias Klose wrote:
> Control: reassign -1 rst2pdf
>
> not sure how that worked in the past, but flowables.py is using
> reportlab.Version without importing it.
I tracked it down for fun (with v2.6 of
Hi,
Sorry for missign this bug completly. I'll get into fixing at.
Riku
Package: openssl
Version: 1.1.1c-1
Severity: serious
(You seem to use the serious severity for such reports.)
Dear OpenSSL Maintainers,
Please see https://github.com/kronosnet/kronosnet/issues/226: the
Kronosnet upstream CI started to fail in the Valgrind memory checks
after the libssl upgrade
On Fri, Dec 14, 2018 at 03:00:10AM +0100, gregor herrmann wrote:
> On Thu, 13 Dec 2018 21:25:58 +, Dominic Hargreaves wrote:
>
> > > Ok but I don't see how this bug differs from #915550 and #915876 for both
> > > of which the intent seems to remove the corresponding packages.
> > >
> > >
Control: tag -1 + patch pending
Hi,
to prevent two of my/our packages, gosa and movim, from being removed
wiht php-imagick, I uploaded the attached NMU debdiff to DELAYED/2.
Cheers,
Nik
diff -Nru php-imagick-3.4.3/debian/changelog php-imagick-3.4.3/debian/changelog
---
Processing control commands:
> tag -1 + patch pending
Bug #928420 [src:php-imagick] php-imagick: CVE-2019-11037
Added tag(s) patch and pending.
--
928420: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928420
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
On Thu, 06 Jun 2019 11:26:21 +0200, Jonas Smedegaard wrote:
> This bug was introduced in upstream git commit 26bc59e by changing
> \W*\S\W* to \W*\S+\W* - and this commit was first introduced in upstream
> release v3.1.90.
>
> In other words, this does _not_ affect Buster.
Great, thanks!
So
I've tested the patch for mypaint, built local versions for mypaint and
libmypaint as described by Jacob Nevins.
Packages installed without problems, both Mypaint and GIMP seem to work fine,
including working l10n for Mypaint and mypaint brushes in GIMP.
Processing control commands:
> found -1 3.1.92-1
Bug #926392 [libregexp-pattern-license-perl] libregexp-pattern-license-perl:
Exponential runtime regexes on some input
Marked as found in versions libregexp-pattern-license-perl/3.1.92-1.
--
926392:
Control: found -1 3.1.92-1
Quoting Jonas Smedegaard (2019-06-05 23:17:36)
> Quoting gregor herrmann (2019-06-05 21:46:36)
> > AFAICS this is the only buster-relevant RC bug we have.
> >
> >
> > Jonas, my hope is that you have a chance to look into this issue, as
> > you are also the upstream
Package: synphot-data
Version: 0.9.12
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships or creates
world writable files.
>From the attached log (scroll to the bottom...):
ERROR: BAD PERMISSIONS
-rwxrwxrwx 1
Processing control commands:
> found -1 1.8.20140523-4.1+deb9u1
Bug #930050 [src:miniupnpd] miniupnpd: CVE-2019-12107 CVE-2019-12108
CVE-2019-12109 CVE-2019-12110 CVE-2019-12111
Marked as found in versions miniupnpd/1.8.20140523-4.1+deb9u1.
> found -1 1.8.20140523-1
Bug #930050 [src:miniupnpd]
Source: miniupnpd
Version: 2.1-5
Severity: grave
Tags: security upstream
Justification: user security hole
Control: found -1 1.8.20140523-4.1+deb9u1
Control: found -1 1.8.20140523-1
Hi,
The following vulnerabilities were published for miniupnpd.
CVE-2019-12107[0]:
| The upnp_event_prepare
Processing commands for cont...@bugs.debian.org:
> retitle 930017 phpmyadmin: CVE-2019-12616: PMASA-2019-4
Bug #930017 [src:phpmyadmin] phpmyadmin: PMASA-2019-4: CVE-2019-12616
Changed Bug title to 'phpmyadmin: CVE-2019-12616: PMASA-2019-4' from
'phpmyadmin: PMASA-2019-4: CVE-2019-12616'.
>
On Wed, Jun 05, 2019 at 03:51:47PM +, J. Smith wrote:
> See https://debbugs.gnu.org/30045 (fixed in Emacs 26.2).
According to the merged upstream duplicates these should be the relevant
fixes:
http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-26.2=408bf21a8c
Processing commands for cont...@bugs.debian.org:
> retitle 930048 phpmyadmin: CVE-2019-11768: PMASA-2019-3
Bug #930048 [src:phpmyadmin] phpmyadmin: PMASA-2019-03: CVE-2019-11768
Changed Bug title to 'phpmyadmin: CVE-2019-11768: PMASA-2019-3' from
'phpmyadmin: PMASA-2019-03: CVE-2019-11768'.
>
Processing control commands:
> found -1 4:4.6.6-3
Bug #930048 [src:phpmyadmin] phpmyadmin: PMASA-2019-03: CVE-2019-11768
Marked as found in versions phpmyadmin/4:4.6.6-3.
--
930048: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Source: phpmyadmin
Version: 4:4.6.6-4
Severity: grave
Tags: security upstream
Justification: user security hole
Control: found -1 4:4.6.6-3
Hi,
The following vulnerability was published for phpmyadmin.
CVE-2019-11768[0]:
| An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability
|
Processing commands for cont...@bugs.debian.org:
> retitle 930017 phpmyadmin: PMASA-2019-4/
Bug #930017 [src:phpmyadmin] phpmyadmin: CVE-2019-12616
Changed Bug title to 'phpmyadmin: PMASA-2019-4/' from 'phpmyadmin:
CVE-2019-12616'.
> thanks
Stopping processing here.
Please contact me if you
Processing commands for cont...@bugs.debian.org:
> retitle 930017 phpmyadmin: PMASA-2019-4: CVE-2019-12616
Bug #930017 [src:phpmyadmin] phpmyadmin: PMASA-2019-4/
Changed Bug title to 'phpmyadmin: PMASA-2019-4: CVE-2019-12616' from
'phpmyadmin: PMASA-2019-4/'.
> thanks
Stopping processing here.
On 2019, ജൂൺ 6 11:00:16 AM IST, Xavier wrote:
>My reducejs tool gives a new analysis:
> * downgraded modules to embed
> - process-nextick-args : 2.0.0 => 1.0.7
This is handled by a patch.
On 06/06/19 07:30, Xavier wrote:
...
My reducejs tool gives a new analysis:
* updates needed:
- gulp-babel : 7.0.1 => 8.0.0
- rollup-plugin-babel : 3.0.3 => 4.3.2
* downgraded modules to embed
- process-nextick-args : 2.0.0 => 1.0.7
* problems:
- build fails with our
Am 06.06.19 um 07:31 schrieb Salvatore Bonaccorso:
Could you again point me to your splitted up variant mirror?
https://git.faster-it.de/debian_security_security-tracker_split_files/
48 matches
Mail list logo