Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon

On 2019-03-11 Axel Beckert wrote: [...] > Here's the change I made to /lib/lsb/init-functions (as Dmitry already > suggested): > --- /lib/lsb/init-functions~2018-11-28 20:21:37.0 +0100 > +++ /lib/lsb/init-functions 2019-03-11 21:46:41.673767215 +0100 > @@ -141,7 +141,7 @@ > i

Bug#924161: unblock: lirc/0.10.1-5.1

Hi Nicolas, On 2019-03-12 02:21, Nicolas Braud-Santoni wrote: > On Mon, Mar 11, 2019 at 12:31:42AM +0100, Andreas Beckmann wrote: >> This needs a lot of more work :-( >> >> * is this usage of --link-doc valid? the packages don't have a strictly >> versioned Depends: lirc (= ${binary:version}), so

Bug#924373: qiime: Does not install due to outdated dependencies

Source: qiime Severity: grave Tags: patch Justification: renders package unusable # sudo apt install qiime Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situ

Bug#920241: Any update ?

Dear Maintainer, Got the obsolete conffile error again today while upgrading to the new release. Could you please fix it. -- Regards, Shirish Agarwal शिरीष अग्रवाल My quotes in this email licensed under CC 3.0 http://creativecommons.org/licenses/by-nc/3.0/ http://flossexpe

Bug#924275: Pulls in lvm2 packages on systems not needing them

On Sun, Mar 10, 2019 at 08:22:08PM -0400, Theodore Ts'o wrote: > tag 924275 +pending > thanks > > On Sun, Mar 10, 2019 at 09:29:04PM +0100, Sven Hartge wrote: > > > > While I like the new fsck-via-LVM-snapshot feature, I think adding lvm2 > > to Recommends is too agressive here. > > > > On syste

Bug#805821: systemd does not see existing dmraid volumes

>>> Could you send us a "udevadm info" dump for those devices. >> >> root@nyws:~# udevadm info /dev/mapper/jmicron_Main > > [snip] > > Those udevadm info dumps look ok to me. I don't see anything that would > obviously be wrong. > > Can you still reproduce the issue? > Would be great if you can

Bug#924372: O: x4d-icons -- X4D Icon set for various online document types

Package: wnpp Severity: normal I intend to orphan the x4d-icons package. The package description is: Icon set indicating document types and target versions of those specifications e.g. HTML, XHTML, CSS, MathML, etc. These are metric compatible & naming scheme compatible with other logos used f

Bug#924371: RM: libinotify-kqueue -- ROM; FTBFS, never built, not interested

Package: ftp.debian.org Severity: normal as per subject.

Bug#924279: sbuild-debian-developer-setup fails within docker

On Mon, Mar 11, 2019 at 9:00 PM Johannes Schauer wrote: > > Quoting Tong Sun (2019-03-12 01:38:06) > > OH! I found I have to read your comment a second time before realizing what > > you were saying. > > > > OK, going pass that now I'm facing another problem: > > > > $ sudo /usr/bin/sbuild-debian-d

Bug#924370: O: libica

Package: wnpp Severity: normal Description: hardware cryptography support for IBM System z hardware libica library provides hardware acceleration for cryptographic functions and is part of the openCryptoki project. I shall continue to maintain this in Ubuntu, most likely. Regards, Dimitri.

Bug#924369: O: friendly-recovery -- Make recovery boot mode more user-friendly

Package: wnpp Severity: normal I intend to orphan the friendly-recovery package from Debian. Ubuntu Developer will probably continue to maintain this package in Ubuntu, as it is used there by default. The package description is: Make the recovery boot mode more user-friendly by providing a menu

Bug#924047: FTBFS: package don't build successful after new GCC version

On Sun, Mar 10, 2019 at 08:03:57AM +0100, Carsten Schoenert wrote: > That's the last option in my eyes as it's a step backwards and is > absolutely not needed as I fixed the problem already. ---end quoted text--- Yes, but this needs to be done for every gcc update ! I tried unmangling the c++ sym

Bug#924367: O: mdadm -- tool to administer Linux MD arrays (software RAID)

Package: wnpp Severity: normal I intend to orphan the mdadm package. The package description is: The mdadm utility can be used to create, manage, and monitor MD (multi-disk) arrays for software RAID or multipath I/O. . This package automatically configures mdadm to assemble arrays during the

Bug#924368: O: btrfs-progs -- Checksumming Copy on Write Filesystem utilities

Package: wnpp Severity: normal I intend to orphan the btrfs-progs package. The package description is: Btrfs is a new copy on write filesystem for Linux aimed at implementing advanced features while focusing on fault tolerance, repair and easy administration. . This package contains utilitie

Bug#924192: ntpsec: at boot ntpsec starts before DNS is available

On 3/11/19 9:50 PM, Rick Thomas wrote: > Would unplugging/replugging the ethernet cable work for steps 2 and 4… Sure, that'd be another option. -- Richard

Bug#924192: ntpsec: at boot ntpsec starts before DNS is available

Thanks Richard, I’ll see if I can set up that experiment(s) and report back ASAP. Would unplugging/replugging the ethernet cable work for steps 2 and 4… Enjoy! Rick > On Mar 11, 2019, at 2:53 PM, Richard Laager wrote: > > Can we narrow this down to a reproducer? It sounds like something like

Bug#802210: systemd: Shutdown delay waiting for stop events

Control: tags -1 + moreinfo On Sun, 18 Oct 2015 14:52:12 +0300 Aryeh Leib Taurog wrote: > Package: systemd > Version: 215-17+deb8u2 > Severity: normal > > Dear Maintainer, > > I just recently upgraded from wheezy to jessie. The /home partition > is LUKS encrypted. > > Shutdown always takes 9

Bug#800707: systemd: Sytem hangs on shutdown when nfs-shares are mounted via autofs

Control: tags -1 + moreinfo On Fri, 02 Oct 2015 21:01:07 +0200 =?utf-8?q?J=C3=BCrgen_Bausa?= wrote: > Package: systemd > Version: 215-17+deb8u2 > Severity: normal > > Dear Maintainer, > > I am running jessie on a laptop with wlan (Networkmanager) and want to use > autofs to mount nfs shares, as

Bug#827000: systemd: Shutdown / reboot fails on discless system (booting from iscsitarget)

Control: reassign -1 open-iscsi On Sat, 11 Jun 2016 05:35:52 +0200 Klaus Pieper wrote: > Package: systemd > Version: 230-2 > Severity: normal > > Dear Maintainer, > > * installed on iscsi target with the beta installer which worked perfectly. > Could boot up without any further configuration. >

Bug#813176: "Checking in progress on 1 disk. (0.0%)" doesn't update

Control: tags -1 + moreinfo On Sun, 3 Mar 2019 22:57:29 + (UTC) Pierre Ynard wrote: > reassign 813176 systemd > thanks > > This line is, or was, part of the systemd-fsckd source code: > > https://github.com/systemd/systemd/blob/e7a3aa3df640993ce9aace39b946543305f3af53/src/fsckd/fsckd.c#L343

Bug#812916: systemd-ask-password related log messages

Control: tags -1 + moreinfo On Sat, 26 Mar 2016 13:10:45 -0500 "Karl O. Pinc" wrote: > Hi, > > I got the following 2 (contiguous) log messages in /var/log/daemon > that may be useful and seem related to the problem. > They occurred when messages were broadcast to all ttys (excepting > the one tt

Bug#805821: systemd does not see existing dmraid volumes

Control: tags -1 moreinfo On Mon, 23 Nov 2015 23:17:12 +0300 Nikita Youshchenko wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > > Could you send us a "udevadm info" dump for those devices. > > root@nyws:~# udevadm info /dev/mapper/jmicron_Main [snip] Those udevadm info dumps lo

Bug#794547: Fwd: cryptsetup: "Operation was cancelled" after LUKS volume hotplug, but mounts successfully

Control: tags -1 + moreinfo Hi Matvey, sorry for not getting back to you earlier. Can you still reproduce the issue on an up-to-date buster system with systemd v241? On Tue, 4 Aug 2015 05:50:55 -0400 Matvey Soloviev wrote: > Package: systemd > Version: 222-2 > Severity: normal > > Dear Mainta

Bug#924366: natural sort output on cpuspeed plugin

Package: munin-plugins-core Version: 2.0.47-1 Control: severity -1 wishlist The output of several plugins (including cpusped) is not sorted at all, and a simple numeric iteration (e.g. of cpu cores or network interfaces) results in incorrect sorting (1, 10, 11, 12, ..., 2, 20, 21, etc). I fixed t

Bug#915706: 9.6.0 DVD and XFCE CD for mipsel are actually netinst

e. Assign to me... Steve McIntyre 于2019年3月10日周日 上午7:36写道： > > Control: reassign -1 cdimage.debian.org > Control: severity -1 important > > On Thu, Dec 06, 2018 at 05:54:51PM +0800, seam...@debian.org wrote: > >Package: debian-installer > >Severity: serious > > > >I tried "debian-9.6.0-mipsel

Bug#924357: dillo: ddg search string in dillorc results in non-useful links

Hi, liftof+d...@gmail.com wrote: > When Dillo's search function is used with duckduckgo.com, the > resulting links lead to a blank page. > > By slightly modifying dillorc, the problem is eliminated: > > search_url="dd DuckDuckGo (https) https://duckduckgo.com/lite/?kp=-1&q=%s"; > > needs to be:

Bug#924161: unblock: lirc/0.10.1-5.1

Hi abe, On Mon, Mar 11, 2019 at 12:31:42AM +0100, Andreas Beckmann wrote: > This needs a lot of more work :-( > > * is this usage of --link-doc valid? the packages don't have a strictly > versioned Depends: lirc (= ${binary:version}), so I can install *only* > liblirc0 and have a dangling /usr/s

Bug#923273: [pkg-apparmor] Bug#923273: Bug#923273: apparmor: nvidia_modprobe named profile is shipped in complain mode

On Fri, Mar 08, 2019 at 06:57:14PM +0200, Vincas Dargis wrote: > Since LibreOffice is in complain mode by default, so I doubt this issue I strongly dislike the idea of shipping any profiles in complain mode. I would rather the profiles in question be disabled entirely. Complain mode profiles can

Bug#924279: sbuild-debian-developer-setup fails within docker

Quoting Tong Sun (2019-03-12 01:38:06) > OH! I found I have to read your comment a second time before realizing what > you were saying. > > OK, going pass that now I'm facing another problem: > > $ sudo /usr/bin/sbuild-debian-developer-setup > . . . > I: SUITE: unstable > I: TARGET: /srv/chroot/u

Bug#924365: www.debian.org: FTBFS in buster: turkish vs. tr_TR locale

Package: www.debian.org Severity: normal User: www.debian@packages.debian.org Usertags: scripts Hi, While working on rebuilding the website within stretch and buster, I've noticed the following. The turkish subdirectory doesn't build in buster, apparently due to possible locale issues:

Bug#924364: unblock: owasp-java-html-sanitizer/0.1+r88-2

Please find attached the debdiff. diff -Nru owasp-java-html-sanitizer-0.1+r88/debian/changelog owasp-java-html-sanitizer-0.1+r88/debian/changelog --- owasp-java-html-sanitizer-0.1+r88/debian/changelog 2012-03-22 04:54:45.0 +0100 +++ owasp-java-html-sanitizer-0.1+r88/debian/changelog 20

Bug#924364: unblock: owasp-java-html-sanitizer/0.1+r88-2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package owasp-java-html-sanitizer The libjsr305-java-doc package was removed from Debian but it is not really required to build owasp-java-html-sanitizer. unblock owasp-java

Bug#924279: sbuild-debian-developer-setup fails within docker

On Sun, Mar 10, 2019 at 11:13 PM Johannes Schauer wrote: > > Quoting Tong Sun (2019-03-10 23:57:17) > > When I run sbuild-debian-developer-setup within docker, this is what I'll > > get: > > > > root/# sbuild-debian-developer-setup > > Please run sudo /usr/bin/sbuild-debian-developer-setup at > >

Bug#923573: more example

openwrt% make menuconfig Checking ... ok. ... Checking ... ok. Build dependency: Please build with umask 022 - other values produce broken packages -- sergio.

Bug#894174: gcalcli: --nodeclined error

Howdy, Can you take a look and see if you can still reproduce this issue with 4.0.4-1? This looks to me as if it should be fixed, and I did not get any traceback when I tried using the aforementioned option. ~Unit 193 Unit193 @ freenode Unit193 @ OFTC

Bug#924363: wget: segfault when using --convert-links [stretch only]

Package: wget Version: 1.18-5+deb9u2 Severity: important Tags: security Tags: patch Fixed: 1.20.1-1 Dear maintainer, the 09-stretch version of wget --convert-links fails if when encountering an embedded image and trying to parse this as a link. How to repeat Save the following file as "index.h

Bug#924362: package fails to configure (postinst)

Package: chkrootkit Version: 0.52-3 Severity: important On a system running buster, I just had a failure upgrading the package. I put 'set -x' in chkrootkit.postinst so that we can see where its failing. Here's the output: Setting up chkrootkit (0.52-3) ... + . /usr/share/debconf/confmodule + [

Bug#921159: Can't enter second option

On Sun, Mar 10 2019, Gabriel F. T. Gomes wrote: > > https://github.com/scop/bash-completion/pull/291 Fixed upstream [1]. When a new upstream version gets released, I'll close this bug report. [1] https://github.com/scop/bash-completion/commit/dd80f35279afd4f056dc191767b9869c9649d476

Bug#924361: smcroute: racy systemd unit start (and autopkgtest failure)

Source: smcroute Version: 2.4.2-4 Severity: important User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu disco Hi Joachim, Thanks for the fixes to the smcroute autopkgtests in 2.4.2-4. I've synced this new version into Ubuntu, and the autopkgtests have now passed on all architectures *e

Bug#924309: RM: passenger/5.0.30-1

On Mon, Mar 11, 2019 at 07:53:44PM +0100, Paul Gevers wrote: > Control: tags -1 moreinfo > > Hi Nicolas Hi Paul, > On 11-03-2019 13:29, Nicolas Braud-Santoni wrote: > > Passenger has had an open, grave security bug open since December 2017 > > (#884463) > > and hasn't been uploaded to since Aug

Bug#924053: Find /.disk/info patch

I attach a patch that makes Secure Boot minimal image minimal grub.cfg to seach for /disk/.info instead of /live/vmlinuz. This fixes unbootable Secure Boot (even if you boot with Secure Boot turned off) when live-build is setup to build with more than one linux kernel flavour. This has been teste

Bug#924360: xen-hypervisor-4.11-amd64: HVM Boot failure: "ERR: Bootloader shutdown EFI x64 boot services!"

Package: xen-hypervisor-4.11-amd64 Version: 4.11.1+26-g87f51bf366-3 Severity: important Dear Maintainer, * What led up to the situation? unfortunately xen hypervisor does not boot on my machine (Asus Prime B360M-C Mainboard, in Setup only EFI enabled, Intel VMX Virtalization Technology is e

Bug#924359: augustus: hardcoded built-using

package: augustus version: 3.3.2+dfsg-1 severity: serious Hi, Augustus has hardcoded built-using: https://sources.debian.org/src/augustus/3.3.2+dfsg-1/debian/control/?hl=31#L31 "Built-Using: samtools-legacy (= 0.1.19-2)" The built-using information should be determined based on the version tha

Bug#924358: Dependency problems with logind | consolekit

Package: lightdm Version: 1.26.0-4 Depends: logind [linux-any] | consolekit these packages are not in the buster/sid archives.

Bug#923465: Update alternatives fixes problem

I followed what John did, except I did not uninstall freecad-python2 and did not install freecad-python3. Running update-alternatives was enough to resolved the issue. If the new package was supposed to do that, I don't think it worked, at least upgrading from -4. rleblanc@riker:~/code$ dpkg -l "*

Bug#923465: fixed in freecad 0.18~pre1+dfsg1-5

On Sat, 02 Mar 2019 10:20:00 + Kurt Kremitzki wrote: > Source: freecad > Source-Version: 0.18~pre1+dfsg1-5 > > We believe that the bug you reported is fixed in the latest version of > freecad, which is due to be installed in the Debian FTP archive. > > A summary of the changes between this ver

Bug#924357: dillo: ddg search string in dillorc results in non-useful links

Package: dillo Version: 3.0.4-2+b1 Severity: normal Dear Maintainer, When Dillo's search function is used with duckduckgo.com, the resulting links lead to a blank page. By slightly modifying dillorc, the problem is eliminated: search_url="dd DuckDuckGo (https) https://duckduckgo.com/lite/?kp=-1

Bug#924356: google-authenticator: FTBFS

Source: google-authenticator Version: 20170702-2 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) Dear Maintainer, I do: apt-get source google-authenticator cd google-authenticator-20170702 fakeroot make -f debian/rules binary

Bug#924060: Serious regression in systemd 215-17+deb8u10

Am 11.03.19 um 19:17 schrieb Markus Koschany: > > Am 11.03.19 um 15:51 schrieb Dan Poltawski: >> Thanks for your responses. One of my colleagues has been looking into this >> trying to get the bottom of it and we do seem to have identified a memory >> leak which isn't present on stretch. I note

Bug#924355: RM: cuyo/2.0.0brl1-3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please consider removing cuyo from buster. The version in testing currently is an old forked version that is in no good shape. While there is an ITA for it (#916692), that didn't got to a new upl

Bug#924354: unblock: php7.3/7.3.3-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package php7.3 It fixes the recent security issues by following 7.3.x (we'll also follow 7.3.x releases in buster-security as we did with 7.0.x in stretch-security). unblock

Bug#924352: CVE-2018-16384

Package: modsecurity-crs Severity: normal Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16384 (It seems questionable to assign a CVE ID to modsecurity-crs for this from my POV) Cheers, Moritz

Bug#924353: CVE-2018-20593

Source: mxml Severity: important Tags: security Please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20593 https://github.com/michaelrsweet/mxml/issues/237 Cheers, Moritz

Bug#924192: ntpsec: at boot ntpsec starts before DNS is available

Can we narrow this down to a reproducer? It sounds like something like this would work: 0) Configure two different pools where you can tell the servers apart. 1) Stop ntpd. 2) Break your DNS. 3) Start ntpd. Wait a few seconds for it to try to resolve and fail. 4) Fix your DNS. Expected resu

Bug#924351: CVE-2018-16647 CVE-2018-16648

Package: mupdf Version: 1.14.0+ds1-3 Severity: grave Tags: security CVE-2018-16648: https://bugs.ghostscript.com/show_bug.cgi?id=699685 http://www.ghostscript.com/cgi-bin/findgit.cgi?38f883fe129a5e89306252a4676eaaf4bc968824 CVE-2018-16647: https://bugs.ghostscript.com/show_bug.cgi?id=699686 http:

Bug#924312: stunnel4: Fails to stop with sysvinit: start-stop-daemon: matching only on non-root pidfile /var/lib/stunnel4///stunnel4.pid is insecure

Hi Peter, Peter Pentchev wrote: > > […], this looks like a bug in lsb-base. And indeed, it is and > > is also already reported: https://bugs.debian.org/921558 > > > > Reassigning accordingly. > > Thanks for reporting this and for your analysis! You're welcome. > I came up with the same result

Bug#924350: libofx: CVE-2019-9656

Source: libofx Version: 1:0.9.14-1 Severity: important Tags: security upstream Forwarded: https://github.com/libofx/libofx/issues/22 Hi, The following vulnerability was published for libofx. CVE-2019-9656[0]: | An issue was discovered in LibOFX 0.9.14. There is a NULL pointer | dereference in th

Bug#924349: linux-image-4.19.0-2-amd64: IPv6 reverse path filtering incorrectly removes IPv6 traffic from bridge

Package: src:linux Version: 4.19.16-1 Severity: normal Dear Maintainer, since a recent update, IPv6 communication between two of my VMs stopped working. You can see some of the debugging effort at . It turned out that setting IPv6_rpfilter=no

Bug#924348: CVE-2019-7629

Package: tintin++ Severity: grave Tags: security Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7629 Cheers, Moritz

Bug#924347: ITP: golang-github-hashicorp-go-safetemp -- Functions for working safely with temporary files and directories.

Package: wnpp Severity: wishlist Owner: Aman Verma * Package name: golang-github-hashicorp-go-safetemp Version : 1.0.0-1 Upstream Author : HashiCorp * URL : https://github.com/hashicorp/go-safetemp * License : MPL-2.0 Programming Lang: Go Description :

Bug#918754: Update

Escalation from 'su' lacked the path. I was able to 'su -' and access the correct paths from the user ENVIRONMENT. -- - Andrew "lathama" Latham -

Bug#923782: Relax dependency on faraday to allow updating ruby-faraday

Package: ruby-puppet-forge Followup-For: Bug #923782 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey! With the provided patch, I am able to use librarian-puppet without any issue. Unless someone protests, I'll do a NMU next week to fix this bug. - -- System Information: Debian Release: bust

Bug#922938: RFS: python-css-parser/1.0.4-1~bpo9+1

Hi Chris, If you have a minute would you please sponsor this backport and/or grant me DM permissions for it? I maintain it on the DPMT and my key is E2A6261E3900AED7CDC667085A8830475F7D1061 A stretch-backport of python-css-parser is needed to update the bpo of calibre, and a recent version of ca

Bug#862373: The State of the YAML

On Mon, 11 Mar 2019 22:14:13 +0100, Ivo De Decker wrote: > Control: tags -1 buster-ignore Thanks. > > So I guess we have to consider if we're happy with the ability to > > turn off loading objects and recommend it to consumers and close the > > bugs; or if we want to change the defaults, which

Bug#918754: bash: $PATH in bash does not include /sbin and /usr/sbin

I just hit this on a fresh install. I was concerned something changed but found the usermod tool in /usr/sbin/ when needing to append a group. -- - Andrew "lathama" Latham -

Bug#862475: The State of the YAML

Control: tags -1 buster-ignore Hi, On Fri, May 18, 2018 at 11:09:23AM +0200, gregor herrmann wrote: > Quick status update on the perl YAML modules and the problem of > instantiating objects: > > * libyaml-syck-perl has $YAML::LoadBlessed since a long time > * libyaml-libyaml-perl since 0.69 and

Bug#924192: ntpsec: at boot ntpsec starts before DNS is available

Hi Richard, My observations follow your quote… > On Mar 11, 2019, at 12:30 PM, Richard Laager wrote: > > On 3/10/19 4:11 AM, Rick Thomas wrote: >> If ntpsec implemented the "preempt" option on "peer" directives, the >> first "peer" would be revisited after a few minutes and all would be >> well

Bug#818366: synaptic: fails to start under Wayland

Hi Trevis, all, On Sun, 10 Mar 2019 20:46:02 +0530 Trevis Schiffer wrote: > Check this commit. > > > Looks like it is fixed on version 0.84.3 The reported failure in one of the recent merged bug reports was for v

Bug#924346: xmltooling: CVE-2019-9628: XML parser class fails to trap exceptions on malformed XML declaration

Source: xmltooling Version: 3.0.3-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://issues.shibboleth.net/jira/browse/CPPXT-143 Control: found -1 1.6.0-4+deb9u1 Control: found -1 1.6.0-4 Hi, The following vulnerability was published for xmltooling, fil

Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon

Control: tag -1 + patch Hi Dmitry, Dmitry Bogatov wrote: > > base=${1##*/} > > if [ ! $pidfile ]; then > > name_param="--name $base --pidfile /var/run/$base.pid" > > else > > name_param="--pidfile $pidfile" > > fi > > > > The if clause checks for nonempty $pidfile inst

Bug#924312: stunnel4: Fails to stop with sysvinit: start-stop-daemon: matching only on non-root pidfile /var/lib/stunnel4///stunnel4.pid is insecure

On Mon, Mar 11, 2019 at 09:28:04PM +0100, Axel Beckert wrote: > Control: reassign -1 lsb-base > Control: forcemerge 921558 -1 > Control: affects 921558 + stunnel4 > > Hi Paul, > > Paul Gevers wrote: > > On Mon, 11 Mar 2019 14:15:25 +0100 Axel Beckert wrote: > > > Version: 3:5.50-3 > > > > ^

Bug#924345: xastir-data should be Arch: all

Package: xastir-data Version: 2.1.0-3 Severity: normal The multiarch hinter suggests that xastir-data should actually be "Architecture: all" rather than "any". Looking at the control file, most of xastir-data's package stanza looks like it was copied from xastir, but never updated. Same Descripti

Bug#924344: glib2.0: CVE-2019-9633

Source: glib2.0 Version: 2.58.3-1 Severity: important Tags: security upstream Forwarded: https://gitlab.gnome.org/GNOME/glib/issues/1649 Control: fixed -1 2.59.2-1 Hi, The following vulnerability was published for glib2.0, filling a bug for tracking. CVE-2019-9633[0]: | gio/gsocketclient.c in GN

Bug#924312: stunnel4: Fails to stop with sysvinit: start-stop-daemon: matching only on non-root pidfile /var/lib/stunnel4///stunnel4.pid is insecure

Control: reassign -1 lsb-base Control: forcemerge 921558 -1 Control: affects 921558 + stunnel4 Hi Paul, Paul Gevers wrote: > On Mon, 11 Mar 2019 14:15:25 +0100 Axel Beckert wrote: > > Version: 3:5.50-3 > > ^^^ > I don't think the bug is only in this version, is it? No. But for

Bug#786887:

New bug opened about this: #924343

Bug#924343: snmpd: default config startup warnings

Package: snmpd Version: 5.7.3+dfsg-5 Severity: Normal Dear Maintainer, this is a follow-up to bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786887 which was closed because it was filed against a very old version of this package. I just tried again with an up-to-date debian sid system, an

Bug#924341: pygnuplot: FTBFS due to unsatisfiable build-dependency debhelper (= 12)

Source: pygnuplot Version: 0.11.16-1 Severity: serious Tags: ftbfs Dear Maintainer, pygnuplot fails to build because it cannot install its build dependencies: $ sudo apt build-dep pygnuplot Reading package lists... Done Building dependency tree Reading state information... Done Some packages c

Bug#924342: ITP: wf-recorder -- screen recorder for wlroots-based compositors

Package: wnpp Severity: wishlist Owner: Birger Schacht * Package name: wf-recorder Version : no release yet Upstream Author : Ilia Bozhinov * URL : https://github.com/ammen99/wf-recorder * License : MIT Programming Lang: C Description : screen recorder

Bug#923924: Please review and apply attached patch to support shutdown on SIGPWR

On Mon, Mar 11, 2019 at 06:12:06PM +, Dmitry Bogatov wrote: > > On Fri, Mar 08, 2019 at 02:39:47PM +, Dmitry Bogatov wrote: > > > [2019-03-07 12:57] Andras Korn > > > > part 1 text/plain 218 > > > > Sorry, I sent an earlier version of the patch by mistake. > > > > > >

Bug#850425: mpt3sas "swiotlb buffer is full" problem only under Xen

On 3/11/19 7:34 AM, Juergen Gross wrote: > > I'm not sure. Patch 3 of this series is basically already there (see > commit c6d4381220a0087ce19dbf6984d92c451bd6b364). So maybe all we need > is patch 4, which should really be easy to do? > > Hans, could you give it a try? You'd need to use a 4.20 k

Bug#924192: ntpsec: at boot ntpsec starts before DNS is available

On 3/10/19 4:11 AM, Rick Thomas wrote: > If ntpsec implemented the "preempt" option on "peer" directives, the > first "peer" would be revisited after a few minutes and all would be > well. But it doesn't. So the first "peer" is as if it never existed. What leads you to this conclusion, specifica

Bug#907277: autoconf: AC_SEARCH_LIBS for __atomic_foo fails with AC_LANG([C++]) and g++-8

Hi all, On 10-03-2019 13:41, Simon McVittie wrote: > On Thu, 17 Jan 2019 at 11:00:40 -0500, Nick Bowler wrote: >> I'm not familiar with the library in question but the problem >> appears to be specific to these __atomic_xyz builtins which seem >> to get special treatment in g++. Other builtins I

Bug#924340: unblock: python2.7/2.7.16-1 python-stdlib-extensions/2.7.16-1 python-defaults/2.7.16-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please consider unblocking the python2 packages to the final 2.7.16 release, basically bumping the version and reporting a final release number in sys.version.

Bug#921952: [Pkg-sass-devel] Bug#921952: Don't include in buster without proper commitment to update in stable

On Mon, Mar 11, 2019 at 12:29:10PM +0100, Jonas Smedegaard wrote: > control: reopen -1 > > Quoting Jonas Smedegaard (2019-03-11 12:22:03) > > Quoting Moritz Muehlenhoff (2019-02-10 14:47:49) > > > Source: libsass > > > Severity: serious > > > > > > None of the security bugs filed in the BTS has s

Bug#924339: javahelper regressed building -doc packages

Package: javahelper Version: 0.72-5 Severity: serious Tags: sid buster javahelper regressed building -doc packages, as seen with the android-platform-build package. See #924328.

Bug#924312: stunnel4: Fails to stop with sysvinit: start-stop-daemon: matching only on non-root pidfile /var/lib/stunnel4///stunnel4.pid is insecure

Hi Axel, On Mon, 11 Mar 2019 14:15:25 +0100 Axel Beckert wrote: > Version: 3:5.50-3 ^^^ I don't think the bug is only in this version, is it? > This is caused by the following change in dpkg 1.19.3 from 22 Jan 2019: > > * start-stop-daemon: Check whether standalone --pidfile

Bug#924338: unblock: binutils-/gcc -mipsen packages

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please consider unblocking binutils-mipsen, gcc-8-cross-mipsen, gcc-defaults-mipsen (the gcc-* packages are not yet in testing). the mips64 packages were removed from the -ports packages, a

Bug#924301: e2fsprogs: e2scrub failure on /

On Mon, Mar 11, 2019 at 09:59:05AM +0100, Vincent Lefevre wrote: > Package: e2fsprogs > Version: 1.45.0-1 > Severity: normal > > I got the following mail: > > > Date: Sun, 10 Mar 2019 03:10:04 +0100 (CET) > From: e2sc...@zir

Bug#924336: dillo: ssl negotiation fails on some sites

Control: tag -1 + confirmed fixed-upstream Control: found -1 3.0.5-3 Control: found -1 3.0.5-5 Control: forwarded -1 http://lists.dillo.org/pipermail/dillo-dev/2018-December/011100.html Hi, liftof+d...@gmail.com wrote: > When I use Dillo to access certain web sites, no content appears > in the b

Bug#924337: Please reenable mqtt and varnish

Source: collectd Version: 5.8.1-1.2 Severity: important The mqtt and varnish plugins are disabled because of dependency issues. The blocking bugs #911265, #911266, and #879471 are resolved. Please reenable the plugins.

Bug#924309: RM: passenger/5.0.30-1

Control: tags -1 moreinfo Hi Nicolas On 11-03-2019 13:29, Nicolas Braud-Santoni wrote: > Passenger has had an open, grave security bug open since December 2017 > (#884463) > and hasn't been uploaded to since August 2016. > > As far as I can tell, no other package will be adversely impacted by t

Bug#923891: Workarounds?

Is there a short-term workaround that will fix the broken login system?  For example, can Redmine 4.0.1-1 be safely downgraded to 3.4.6-1 or will that cause database problems? -- Soren Stoutner Small Business Tech Solutions so...@smallbusinesstech.net 623-262-6169

Bug#923446: m2crypto: autopkgtest with new version of openssl: Connection refused

Control: severity -1 serious For this actually is a FTBFS bug I'm raising its severity. Thanks, DS -- 4096R/DF5182C8 https://danielstender.com

Bug#686895: initscripts: /forcefsck: fsck -f undefined (e2fsck-ism)

On Mon, 11 Mar 2019, Dmitry Bogatov wrote: > So, you propose that we: > * drop all checks for /forcecheck No! > * document this fact in NEWS file > * write documentation, that e[2-4]fs users should use tune2fs tool >instead Yes. //mirabilos -- tarent solutions GmbH Rochusstraße 2-4, D-

Bug#924336: dillo: ssl negotiation fails on some sites

Package: dillo Version: 3.0.4-2+b1 Severity: important Dear Maintainer, When I use Dillo to access certain web sites, no content appears in the browser window. When run from an xterm, this message can be seen: Nav_open_url: new url='https://www.raspberrypi.org/' 139903201941136:error:14077410:S

Bug#924060: Serious regression in systemd 215-17+deb8u10

Am 11.03.19 um 15:51 schrieb Dan Poltawski: > Thanks for your responses. One of my colleagues has been looking into this > trying to get the bottom of it and we do seem to have identified a memory > leak which isn't present on stretch. I note the report posted to the list > https://bugs.debian.

Bug#924132: runit: Add support for runit in init-system-helpers

[2019-03-09 21:05] Lorenzo Puliti > this is for buster +1 > > Here is my proposal for adding runit-init support in > 'init-system-helpers'; please do not reassign to init-system-helpers > as this need also some changes in runit and dh-runit to work properly. > This is still a work in progress b

Bug#923924: Please review and apply attached patch to support shutdown on SIGPWR

[2019-03-10 12:09] Andras Korn > On Fri, Mar 08, 2019 at 02:39:47PM +, Dmitry Bogatov wrote: > > [2019-03-07 12:57] Andras Korn > > > part 1 text/plain 218 > > > Sorry, I sent an earlier version of the patch by mistake. > > > > > > I'm attaching the correct one, which I te

Bug#686895: initscripts: /forcefsck: fsck -f undefined (e2fsck-ism)

[2019-03-09 21:57] Thorsten Glaser > > But I really want to have some transition plan to get rid of > > /forcecheck, something like: > > … you might like that tune2fs can now (1.45.0-1, not yet in > buster, officially not likely to make it but we can hope) set > a flag force_fsck that next boot’

Bug#924334: ITS: fpart

Package: fpart Version: 0.9.2-1+b1 Severity: important Hello, Following : https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881806 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911246 I would like to take ownership and update the fpart package. FYI, I will be using updated source

  1   2   >