Hi Adrian,
> >...
> > > debdiffs contain only changes to debian/
> >
> > The bookworm/bullseye debdiffs looks good, please upload to
> > security-master, thanks!
>
> both are now uploaded.
DSA has been released, thanks!
> > Note that both need -sa, but dak needs some special attention when
>
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: c...@packages.debian.org, guilhe...@puida.xyz
Control: affects -1 + src:curl
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
1. Fix CVE-2004
> When a protocol selection parameter option disables all pro
On 2024-04-02 14:34:20 [+0200], Guillem Jover wrote:
> (Please do not take this mail as endorsing any specific action, just
> wanted to clarify/correct the above.)
Right, same here. The 5.4.x series has threaded decompression which I
would like to keep. The 5.6.x series has branchless decompressor
On Sat, Mar 30, 2024 at 03:24:21PM -0400, Jeremy Bícha wrote:
> On Sat, Mar 30, 2024 at 2:06 PM Josh Triplett wrote:
> > After upgrading GNOME to 46, the touchpad seems to have some sort of
> > acceleration enabled: it feels like it has a painfully large amount of
> > inertia.
> >
> > I've tried
>
Hello sir
Am Wed, 03 Apr 2024 20:46:29 +0200
schrieb Simon Chopin :
> I just uploaded the attached debdiff to Ubuntu to both fix the FTBFS and
> start the t64 transition for this package, based on the following
> comment:
Are you able to test this for the dev snapshot of mpg123 before I do
the next releas
This is actually https://bugs.debian.org/1063957
prettytable has worked around this for the 3.10.0 release by switching
to a fork, python-pytest-lazy-fixtures, which is not yet packaged in
Debian.
Thank you,
Jeremy Bícha
I noticed one package affected by this issue, prettytable, has
switched to a fork, pytest-lazy-fixtures (note the s at the end of the
name).
Would someone like to package this for Debian to fix several packages
failing to build?
https://github.com/dev-petrov/pytest-lazy-fixtures
Thank you,
Jerem
On 2024-02-29 20:37:25 [-0800], Steve Langasek wrote:
> This is definitely not the behavior we want. However, the good thing is
> that the dependency from coreutils to libssl is new since bookworm. As a
> result, while this can affect users on upgrades from testing, it will not
> affect upgrades
This is already fixed in unstable, waiting for pacemaker to migrate.
Package: release.debian.org
Severity: normal
Tags: trixie
User: release.debian@packages.debian.org
Usertags: pu
Given the time_t transition, several folks have requested chromium
updates via t-p-u. The current version in testing (122.0.6261.57-1) has
20 CVEs that are fixed in newer versions
Dear Bastian,
Am 03.04.24 um 18:26 schrieb Paul Menzel:
Am 01.04.24 um 22:29 schrieb Bastian Blank:
On Fri, Jan 26, 2024 at 01:44:44PM +0100, Paul Menzel wrote:
$ grep UUID /etc/default/grub
# Uncomment if you don't want GRUB to pass "root=UUID=xxx"
parameter to Linux
GRUB_D
Please always reply to the bug report (I'll see it then too)!
On woensdag 3 april 2024 22:01:20 CEST you wrote:
> Thanks, I am working on that, but it's not trivial
>
> (1) About firmware
>
> These are provided by debian and cause the problem
> -rw-r--r-- 1 root root 1299660 2023-05-01 21:30
> i
Hi Sven,
On Wed, Apr 03, 2024 at 06:01:50PM +0200, Sven Joachim wrote:
> Control: severity -1 normal
>
> On 2024-04-03 11:29 +0200, Alejandro Colomar wrote:
>
> > Hi,
> >
> > On Tue, Apr 02, 2024 at 08:58:32PM +0200, Aurelien Jarno wrote:
> >> Thanks, that sounds great that we can finally get ri
Hi,
On 2024-04-03 12:37, Philipp Kern wrote:
> Hi,
>
> On Tue, Apr 02, 2024 at 06:58:35AM +0200, Aurelien Jarno wrote:
> > On 2024-04-02 09:21, Sean Whitton wrote:
> > > Hello,
> > >
> > > On Mon 01 Apr 2024 at 05:29pm +02, Aurelien Jarno wrote:
> > >
> > > > The debian policy, section 4.9, for
Hi. I've just realized that (as a member of Debian Med)
I could fix this myself.
Nilesh: Would it help if I do a "team upload" to fix this?
(Using the proposed patch)
Or would you prefer to fix it yourself?
Thanks.
On 03.04.2024 12:54, Julian Gilbey wrote:
On Wed, Jan 24, 2024 at 06:07:56PM +0100, Sven Joachim wrote:
Hi Julian,
nice. However, it first builds the program and then tests that,
rather than the package from the archive. This is not very useful,
as changes in reverse dependencies could cause
Source: node-express
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for node-express.
CVE-2024-29041[0]:
| Express.js minimalist web framework for node. Versions of Express.js
| prior to 4.19.0 and all pre-release alpha and
Source: nodejs
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for nodejs.
CVE-2024-27983[0]:
https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/
CVE-2024-27982[1]:
https://nodejs.org/en/blog/vulnerability
Control: tags -1 + pending
On 10.03.2024 17:28, Diego Caraffini wrote:
Hi,
I have a paper written in LaTeX that the publisher required to not
contain any user macro, so I used de-macro to produce a distributable
version with a Makefile target.
Fixed in git, will be part of next upload.
H.
-
On 2024-04-03 22:47 +0200, Alejandro Colomar wrote:
> On Wed, Apr 03, 2024 at 06:01:50PM +0200, Sven Joachim wrote:
>> Control: severity -1 normal
>>
>> On 2024-04-03 11:29 +0200, Alejandro Colomar wrote:
>>
>> > I now see that `apt-file show glibc-doc` shows several more pages. I'll
>> > have a
Hi Sven,
On Wed, Apr 03, 2024 at 11:17:10PM +0200, Sven Joachim wrote:
> Those are not additional pages, but just symlinks.
>
> ,
> | $ file $(dpkg -L glibc-doc | tail -n17)
> | /usr/share/man/man3/pthread_cond_broadcast.3.gz: symbolic link to
> pthread_cond_init.3.gz
> | /usr/share/ma
On Tue, Apr 02, 2024 at 12:02:53AM +0200, Sebastian Ramacher wrote:
> On 2024-04-01 23:39:37 +0200, Andrea Bolognani wrote:
> > The problem with it, and the reason why a manual dependency is used
> > in that case, is that ${shlib:Depends} will not pick it up, since
> > it's dlopen()ed rather than l
Package: asunder
Version: 3.0.1+ds-1
Followup-For: Bug #1068181
X-Debbugs-Cc: joshaspin...@member.fsf.org
Dear Maintainer,
Thanks for your response and information. Please find the steps below I carry
out to reproduce, noting the update of the repos
before attempting to install.
Please also no
tags 1066248 +pending
tags 1049315 +pending
thanks
Last night I successfully completed a test build of librnd from upstream
svn trunk that resolves all open Debian bugs. The next upstream release
is still expected on 10 April, and I plan to update the Debian librnd
package immediately after that
tags 1059647 +upstream
thanks
Upstream reports in https://github.com/scikit-fmm/scikit-fmm/issues/78
that this issue is fixed on a development branch, and will be merged and
released as soon as a test suite issue gets resolved.
Bdale
signature.asc
Description: PGP signature
This appears to be another manifestation of the incompatibility with
python3.12 reported in #1059647. I'm not going to mark it as a
duplicate in the BTS since the process of getting there is so different,
but I believe the fix will be the same. Upstream has reworked the build
process to allow use
Dear Maintainers,
Would it be possible to consider a merge request[1] that addresses this issue?
Best Regards,
Vladimir.
[1] https://salsa.debian.org/debian/gimp-plugin-registry/-/merge_requests/2
Source: xz-utils
Source-Version: 5.6.1+really5.4.5-1
Severity: important
(Maybe this even deserves to be serious, dunno.)
Hi!
The last upload by the Security Team reverted the version, but that
does not necessarily include regenerating the system initramfs, as
brought up from a comment in LWN bu
On Apr 16, Oskar Liljeblad wrote:
> varnishncsa sometimes does not start after reboot.
> I suspect varnishncsa fails because it cannot contact varnish, which has not
> started completely yet.
This bug is 9 years old: can you still reproduce it?
--
ciao,
Marco
signature.asc
Description: PGP s
Package: python3-nbconvert,python3-lxml
Version: 6.5.3-4,5.2.0-1
Control: affects -1 src:pandas
Control: affects -1 python3-nbsphinx
Control: block 1068104 by -1
The pandas documentation fails to build in current unstable with:
Running Sphinx v7.2.6
nbconvert not installed. Skipping notebooks.
E
On 03/04/2024 22:51, Joshua Aspinall wrote:
E: Unable to fetch some archives, maybe run apt-get update or try with
--fix-missing?
Hi Josh,
I suggest trying that suggestion "maybe run apt-get update or try with
--fix-missing?"
Also try installing cdparanoia and wavpack separately.
You can
Control: tags 1064708 + patch
Control: tags 1064708 + pending
Dear maintainer,
I've prepared an NMU for pygame (versioned as 2.5.2-1.2) and
uploaded it.
Regards.
diff -Nru pygame-2.5.2/debian/changelog pygame-2.5.2/debian/changelog
--- pygame-2.5.2/debian/changelog 2024-01-10 06:32:39.00
On 04.04.24 00:09, Rebecca N. Palmer wrote:
Package: python3-nbconvert,python3-lxml
Version: 6.5.3-4,5.2.0-1
Control: affects -1 src:pandas
Control: affects -1 python3-nbsphinx
Control: block 1068104 by -1
The pandas documentation fails to build in current unstable with:
Running Sphinx v7.2.6
n
Package: musl
Version: 1.2.5-1
Severity: normal
Tags: upstream
X-Debbugs-Cc: t...@debian.org, m...@lists.openwall.com
||/ Name Version Architecture Description
+++-==---==
ii binutils 2.42-4 s39
On 2024-04-03 23:46:43 +0200, Andrea Bolognani wrote:
> On Tue, Apr 02, 2024 at 12:02:53AM +0200, Sebastian Ramacher wrote:
> > On 2024-04-01 23:39:37 +0200, Andrea Bolognani wrote:
> > > The problem with it, and the reason why a manual dependency is used
> > > in that case, is that ${shlib:Depends
Source: libhdf4
Version: 4.2.16-4
Severity: important
Please update to the latest upstream version. 4.3.0 has the following changelog entry, which I would like to see in the
Debian package:
"The XDR I/O library has been refactored into an internal, minimalist I/O layer with a different name. I
Hi ZenWorker,Am 03.04.2024 um 15:51 schrieb ZenWalker :Package: snapshot.debian.orgSeverity: graveDebian is tracking issues related to the xz backdoor additionally at https://salsa.debian.org/ftp-team/xz-2024-incident/. I made Bastian aware of your perfect catch and this is now also https://salsa.
Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission
Submission-Type: new
Site: deb.mirror.cywg.as400442.net
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 hurd-amd64 i386
mips mips64el mipsel powerpc ppc64el riscv64 s390x
Archive-http: /d
Package: openssh-client
Version: 1:9.7p1-4
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
Forwarded: https://github.com/openssh/openssh-portable/pull/479
Tags: patch
On a pure wayland system, without X11, openssh-askpass-gnome works just
fine.
But ssh-agent won't use it when passed the -c op
retitle 1068350 musl: miscompiles (runtime problems) on riscv64 and s390x with
static-pie
thanks
Dixi quod…
>For some reason, mksh built with static-pie behaves bogus:
Exact same behaviour on the riscv64 buildd.
bye,
//mirabilos
--
/⁀\ The UTF-8 Ribbon
╲ ╱ Campaign against
╳ HTML eMail! Als
Package: wnpp
Severity: wishlist
Owner: Kunal Mehta
X-Debbugs-Cc: debian-de...@lists.debian.org, lego...@debian.org
* Package name: python-github-webhook
Version : 1.0.4
Upstream Contact: Alex Chamberlain
* URL : https://github.com/bloomberg/python-github-webhook
* Li
Good evening,
The bug involving compiling/installing nvidia-kernel-dkms is still present. The
result of the bug is that following a reboot after the erroneous installation
noted below, my display drivers get completely disabled, including nouveau,
resulting in my external display not functionin
On Thu, 2 Nov 2023 23:05:28 +0100 at46 wrote:
> I had the same problem and it took me quite some time to find that
> fluidsynth was the root cause of this. Fluidsynth was installed as
new
> dependency from lutris 0.5.14 and blocked my sound device each
~second
> boot.
>
> @Patrick I could chec
Hi,
Any update on this?
Is this the correct forum to report issues/ask question about the
official Debian images on AWS?
On 2024-02-18 13:09, Flavio Veloso Soares wrote:
> Hello,
>
> Bookworm's release notes clearly states that "systemd-resolved was
> not, and still is not, the default DNS re
Hi, Paul,
> If you believe your package is unable to migrate to testing due to
> issues beyond your control, don't hesitate to contact the Release Team.The
> excuses shows peony blocked by qtbase-opensource-src which it's beyond my
> contorl,and the peony and peony-extensions will been auto rem
Control: tags -1 + pending
On Wed, Apr 03, 2024 at 06:48:56PM -0700, Flavio Veloso Soares wrote:
> Is this the correct forum to report issues/ask question about the official
> Debian images on AWS?
The BTS isn't really the correct forum to ask questions about any Debian
topics, but it is the righ
Package: gnome-system-tools
Followup-For: Bug #1066239
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch
Dear Maintainer,
Would it be possible tot consider the attached patch as a solution to this
issue.
In Ubuntu, the attached patch was applie
Control: tags -1 confirmed
On 4/4/24 12:59 AM, Bastian Germann wrote:
Please update to the latest upstream version. 4.3.0 has the following
changelog entry, which I would like to see in the Debian package:
That's not available where the other releases are and used by uscan:
https://suppor
Hi Marco,
[CC'ing security team]
On Mon, Apr 01, 2024 at 04:25:05PM +0200, Marco d'Itri wrote:
> Control: found -1 5.0.0-1
> Control: fixed -1 7.4.2
>
> On Nov 17, Salvatore Bonaccorso wrote:
>
> > CVE-2023-44487[0]:
> > | The HTTP/2 protocol allows a denial of service (server resource
> > | c
Can this still reproduce using power-profiles-daemon 0.21-1? It's
available in unstable.
If so, can you please check the value of
"/sys/devices/system/cpu/intel_pstate/no_turbo" at the time of the
problem?
If the kernel doesn't advertise turbo support then
power-profiles-daemon can't do anything
Hi Noah - I guess I'll be doing bullseye->bookworm installs in the
meantime, until 12.6 so I can fill bug reports (if any).
Appreciate the reply. Thanks for bringing me awareness of the issue in GH.
On 2024-04-03 20:01, Noah Meyerhans wrote:
Control: tags -1 + pending
On Wed, Apr 03, 2024 at
Source: nodejs
Source-Version: 18.20.1+dfsg-1
- Forwarded message from Debian FTP Masters
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 03 Apr 2024 16:50:38 +0200
Source: nodejs
Architecture: source
Version: 18.20.1+dfsg-1
Distribution: unstable
Urgency: medi
Package: src:linux
Version: 6.1.76-1
Severity: important
X-Debbugs-Cc: vek.m1...@gmail.com
Dear Maintainer,
* What led up to the situation?
doing systemctl hibernate led to the issue
* What exactly did you do (or not do) that was effective (or
ineffective)?
the swap space in the swap-p
On Wed, Apr 03, 2024 at 03:41:17PM +0200, Michael Biebl wrote:
> Am 03.04.24 um 13:42 schrieb Julian Gilbey:
> [...]
> > I can confirm that something like this is still happening with
> > network-manager 1.46.0-1 (Debian testing machine), when using
> > network-manager-strongswan: before switching
On 4 April 2024 02:52:29 CEST, David Landry wrote:
>Good evening,
>
>The bug involving compiling/installing nvidia-kernel-dkms is still present.
>The result of the bug is that following a reboot after the erroneous
>installation noted below, my display drivers get completely disabled,
>includin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Control: severity -1 important
On Tue, 2024-03-26 at 12:25 +0100, Matthias Klose wrote:
> Package: src:ifuse
> Version: 1.1.4~git20181007.3b00243-1
> Severity: serious
> Tags: sid trixie ftbfs patch
>
> ifuse ftbfs from source, not finding the libp
FYI, this only seems to affect the description for the -S switch in the
man-page; The files section at the bottom is fine.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
libsoup2.4.1 was renamed to libsoup-2.4.1 for the time64 transition.
It seems that the new version of libgrss was built a bit too early and, on most
architectures, picked up a dependency on
101 - 159 of 159 matches
Mail list logo
