Processing commands for cont...@bugs.debian.org:
> fixed 1009035 0.4.0+gh-1
Bug #1009035 [src:ruby-asciidoctor-include-ext] ruby-asciidoctor-include-ext:
CVE-2022-24803 - Command Injection vulnerability
Marked as fixed in versions ruby-asciidoctor-include-ext/0.4.0+gh-1.
> thanks
Stopping
Processing commands for cont...@bugs.debian.org:
> tags 104 + sid bookworm
Bug #104 [src:rust-boxfnonce] Don't include in Bookworm
Added tag(s) sid and bookworm.
> tags 103 + sid bookworm
Bug #103 [src:rust-encoding] Don't include in Bookworm
Added tag(s) bookworm and sid.
>
Processing commands for cont...@bugs.debian.org:
> tags 1028371 + pending
Bug #1028371 [src:bernhard] bernhard: needs rebuilds on top of new protobuf
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1028371:
Processing commands for cont...@bugs.debian.org:
> found 1033297 4.14.5+86-g1c354767d5-1
Bug #1033297 [src:xen] xen: CVE-2022-42331 CVE-2022-42332 CVE-2022-42333
CVE-2022-42334
Marked as found in versions xen/4.14.5+86-g1c354767d5-1.
> thanks
Stopping processing here.
Please contact me if you
Source: redis
Version: 5:7.0.9-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for redis.
Note this is not strictly speaking RC severity for the CVE issue, but
it's only present in unstable, so let's
Processing control commands:
> tags 1033295 + patch
Bug #1033295 [src:cairosvg] cairosvg: CVE-2023-27586: SSRF & DOS vulnerability
Added tag(s) patch.
> tags 1033295 + pending
Bug #1033295 [src:cairosvg] cairosvg: CVE-2023-27586: SSRF & DOS vulnerability
Added tag(s) pending.
--
1033295:
Control: tags 1033295 + patch
Control: tags 1033295 + pending
Dear maintainer,
I've prepared an NMU for cairosvg (versioned as 2.5.2-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
diff -Nru cairosvg-2.5.2/debian/changelog
Source: rust-const-cstr
Version: 0.3.0-1
Severity: serious
Hi,
there is https://rustsec.org/advisories/RUSTSEC-2023-0020.html which flags
that rust-const-cstr is unmaintained. Since there are no reverse deps in the
archive, let's exclude it from bookworm (or rather remove rightaway)?
Cheers,
Source: rust-boxfnonce
Version: 0.1.1-2
Severity: serious
Per https://rustsec.org/advisories/RUSTSEC-2019-0040.html rust-boxfnonce is
obsolete,
let's keep it out of bookworm (and remove from the archive).
Cheers,
Moritz
Source: rust-encoding
Version: 0.2.33-1
Severity: serious
Hi,
there is https://rustsec.org/advisories/RUSTSEC-2021-0153.html which flags
that rust-encoding is unmaintained. Since there are no reverse deps in the
archive, let's exclude it from bookworm (or rather remove rightaway)?
Cheers,
Processing control commands:
> affects -1 + src:ruby-omniauth-shibboleth
Bug #101 [ftp.debian.org] RM: ruby-omniauth-shibboleth -- ROM; rc-buggy,
unmaintained upstream, leaf package
Added indication that 101 affects src:ruby-omniauth-shibboleth
> block 999726 by -1
Bug #999726
Control: severity -1 normal
(I intended to avoid having to argue by implementing specific objective
tests that valgrind has to meet to be declared available, but I did not
manage to get that done. Thus, arguing...)
On Sat, Oct 22, 2022 at 12:12:40PM +0300, Adrian Bunk wrote:
> Package:
Processing control commands:
> severity -1 normal
Bug #102 [valgrind-if-available] valgrind-if-available shouldn't stop
providing valgrind on mipsel
Severity set to 'normal' from 'serious'
--
102: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=102
Debian Bug Tracking System
Quack,
On 2023-03-21 18:49, Arnaud Ferraris wrote:
@duck, any comment on the above?
Thanks for the contribution.
Honestly when I read the title I really wondered how phog could have
ended-up shipping this file. I forgot it initially, was asked about it
and added it quickly, so it's not
On Tue, 10 May 2022 01:14:01 +0530 Mohd Bilal
wrote:
> If you feel there's any other
> workaround for this please suggest. The upstream hasn't been active
and
> I dont think they'll have new version anytime soon
as discussed in
Processing commands for cont...@bugs.debian.org:
> forwarded 1019643
> https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
Bug #1019643 [src:ruby-omniauth-oauth2-generic] ruby-omniauth-oauth2-generic:
FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed: Failure/Error:
Processing commands for cont...@bugs.debian.org:
> forwarded 1019643
> https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
Bug #1019643 [src:ruby-omniauth-oauth2-generic] ruby-omniauth-oauth2-generic:
FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed: Failure/Error:
Processing commands for cont...@bugs.debian.org:
> forwarded 1019643
> https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
Bug #1019643 [src:ruby-omniauth-oauth2-generic] ruby-omniauth-oauth2-generic:
FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed: Failure/Error:
On Sat, 18 Mar 2023 17:06:08 +0100 Dominique Dumont wrote:
On Tue, 14 Feb 2023 22:21:26 +0100 Lee Garrett wrote:
> Bumped severity as this makes bts currently unusable, and probably
> breaks for quite a few DDs their workflow.
This does not break on my system where bts is connected to local
Control: forwarded -1
https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
On Mon, 12 Sep 2022 22:08:30 -0300 Antonio Terceiro
wrote:
> We are about to start the ruby3.1 transition in unstable. While
trying to
> rebuild ruby-omniauth-oauth2-generic with ruby3.1 enabled, the build
Processing control commands:
> severity -1 important
Bug #1005886 [cdimage.debian.org] cdimage.debian.org: bookworm net-install CD
hangs on "Detecting Network Hardware"
Severity set to 'important' from 'grave'
--
1005886: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005886
Debian Bug
Control: severity -1 important
James Addison (2023-03-22):
> Followup-For: Bug #1005886
> X-Debbugs-Cc: powe...@gmail.com
> Control: reassign -1 cdimage.debian.org
> Control: retitle -1 cdimage.debian.org: bookworm net-install CD hangs on
> "Detecting Network Hardware"
>
> Sorry (both to you
Processing control commands:
> reassign -1 cdimage.debian.org
Bug #1005886 [debian-cd] debian-cd: bookworm net-install CD hangs on "Detecting
Network Hardware"
Bug reassigned from package 'debian-cd' to 'cdimage.debian.org'.
Ignoring request to alter found versions of bug #1005886 to the same
Followup-For: Bug #1005886
X-Debbugs-Cc: powe...@gmail.com
Control: reassign -1 cdimage.debian.org
Control: retitle -1 cdimage.debian.org: bookworm net-install CD hangs on
"Detecting Network Hardware"
Sorry (both to you Tony, and also the Debian CD team) for confusion and wasting
time - I
Your message dated Wed, 22 Mar 2023 11:50:51 +
with message-id
and subject line Bug#1031974: fixed in pydle 0.9.4-4
has caused the Debian Bug report #1031974,
regarding python3-pydle: import fails: AttributeError: module 'asyncio' has no
attribute 'coroutine'
to be marked as done.
This
Control: tag -1 pending
Hello,
Bug #1031974 in pydle reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Processing control commands:
> tag -1 pending
Bug #1031974 [python3-pydle] python3-pydle: import fails: AttributeError:
module 'asyncio' has no attribute 'coroutine'
Added tag(s) pending.
--
1031974: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031974
Debian Bug Tracking System
Contact
On 3/21/23 17:27, Alberto Garcia wrote:
> On Mon, Mar 20, 2023 at 01:29:51PM +0100, Gianfranco Costamagna wrote:
>
>> Hello, for some reasons, now webkit2gtk is not linking anymore
>> libGLESv2.so.2 causing surf to fail autopkgtests on arm64 and armhf
>
> Hmmm... the reason is that this is now
On Sat, 11 Mar 2023 16:50:42 +0100 Emmanuel Engelhart wrote:
Looking at the package names visible at
https://packages.debian.org/search?searchon=sourcenames=zimlib
I really wonder if we have libzim-8.1.0 in the most recent dev/testing
versions of Debian!?
Could someone please confirm the
Your message dated Wed, 22 Mar 2023 08:49:25 +
with message-id
and subject line Bug#1031741: fixed in goxel 0.11.0-1.1
has caused the Debian Bug report #1031741,
regarding goxel: usage of sanitizers might introduce vulnerabilities
to be marked as done.
This means that you claim that the
Your message dated Wed, 22 Mar 2023 06:21:34 +
with message-id
and subject line Bug#1009657: fixed in mysql-workbench 8.0.32+dfsg-1
has caused the Debian Bug report #1009657,
regarding mysql-workbench: not installable under sid
to be marked as done.
This means that you claim that the problem
31 matches
Mail list logo