On Sat, Mar 14, 2009 at 09:16:37PM +0100, Oliver Vollmer wrote:
> Package: linux-image-2.6.26
> Version: 2.6.26-10.00.Custom
> Severity: normal
>
> Hi, after some time recording with this soundcard the "soundcard" hangs up,
> nothing works any longer, no play no recording, in kern.log it get:
> Ma
On Sun, Mar 08, 2009 at 07:09:51PM +, mar...@inventati.org wrote:
>
>
> Package: linux-image-2.6.26-1-amd64
> Version: 2.6.26-13
> Severity: critical
>
> I am experiencing I/O errors on various hosts equipped with a
> 3ware raid controller, 8 GB RAM and running a 2.6.26 Linux kernel.
>
> E
On Wed, Apr 01, 2009 at 02:44:30PM -0400, Francis wrote:
> The bug is into the megaraid_mbox driver. I tried Yellow Dog Linux 6.1
> and the installer also crash when it's loading this driver.
Hi,
The next release of Debian (6.0, code name Squeeze) will be based
on 2.6.32. Please test the current
On Thu, May 07, 2009 at 01:00:13PM -0400, Maximi89 wrote:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=284730
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326723
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326723
> https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bu
Package: ftp.debian.org
Severity: normal
Please remove d4x. It's orphaned since 2006, dead upstream
and non-free (#569648). Popcon is low and we have plenty
of free download managers in the archive.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
w
On Wed, Dec 30, 2009 at 01:35:08PM +0100, Jonas Smedegaard wrote:
> On Wed, Dec 30, 2009 at 01:01:23PM +0100, Moritz Muehlenhoff wrote:
> >On Sat, Dec 12, 2009 at 10:51:57PM -0500, Michael Gilbert wrote:
> >>package: ghostscript
> >>severity: serious
> >>ta
Package: typo3-src
Severity: grave
Tags: security
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/
If Lenny is affected, please get in touch with t...@security.debian.org
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT
On Tue, Feb 23, 2010 at 02:06:41PM +0100, Markus Hochholdinger wrote:
> Here is my solution to this problem, lenny xen kernel:
> * dom0 with clocksource=jiffies and /proc/sys/xen/independent_wallclock=0
> * domU with clocksource=jiffies and /proc/sys/xen/independent_wallclock=0
> * ntpdate/ntp only
On Wed, Oct 28, 2009 at 10:39:10AM +0100, Bernd Zeimetz wrote:
> Package: linux-2.6
> Version: 2.6.26-19
> Severity: important
>
> We get the following backtrace way too often, it repeats for all CPUs,
> but I'm pasting it only once here.
Does this error still occur with 2.6.26-21 from the latest
On Tue, Oct 06, 2009 at 01:43:03AM +0100, Ben Hutchings wrote:
> On Mon, 2009-10-05 at 11:57 +0200, Michal Suchanek wrote:
> > 2009/10/5 Ben Hutchings :
> > > While we still aren't providing an uncompressed vmlinux image, it is now
> > > possible to extract one from vmlinuz. The following Python s
Hi,
Nobuhiro Iwamatsu wrote:
> I attached new patch.
> Could you check ?
| patches/bugfix/sh4/fix-decompress-output-addr.patch | 27 +
| patches/debian/arch-sh4-fix-uimage-build.patch | 10
These patches aren't in current linux-2.6 git, have they been submitted
upstream?
| patches/bugfi
On Mon, Feb 15, 2010 at 08:54:59AM +0100, Bastian Blank wrote:
> On Sun, Feb 14, 2010 at 10:56:10PM +0100, Moritz Muehlenhoff wrote:
> > I'll enable tomoyo next weekend unless further objections arise.
>
> It can't be built as a module, so you have to check space const
severity 464191 wishlist
retitle 464191 Reintroduce Maestro firmware
tags 464191 wontfix
thanks
> >On Tue, Feb 12, 2008 at 06:23:17PM -0500, Rob Bochan wrote:
> >>So now I've got to recompile my kernel just to have sound?
> >>How nice. I haven't had to do that since about 1998. I guess this is goo
Sebastian Andrzej Siewior wrote:
> Package: linux-image-2.6.32-9-sb1-bcm91250a
> Version: 2.6.32-5
> Severity: serious
> Tags: patch fixed-upstream
>
> Swarm will hang during boot and all you see is:
>
> |[0.00] Primary data cache 32kB, 4-way, PIPT, no aliases, linesize 32
> bytes
> |*Ex
tags 518046 moreinfo
thanks
On Tue, Mar 03, 2009 at 10:05:15PM +0200, Nadav Kavalerchik wrote:
> Package: linux-image-2.6.26-1-amd64
> Version: 2.6.26-13
> Severity: normal
>
> --- Please enter the report below this line. ---
> recently, ever time i get back to the computer which is in screensave
tags 519292 moreinfo
thanks
On Wed, Mar 11, 2009 at 06:41:30PM +0100, Mr. P|pex wrote:
> Package: linux-source-2.6.26
> Version: 2.6.26
>
> After some hours when I copy big file between in the local net or when
> use azureus the device network eth0 go down.
> I need to restart the networking serv
On Tue, Feb 16, 2010 at 04:46:31AM +, Ben Hutchings wrote:
> On Sat, 2010-02-06 at 09:31 +, Tom Parker wrote:
> > On 2 February 2010 21:16, maximilian attems wrote:
> > > Squeeze will release with 2.6.32 can anyone of you still
> > > reproduce this?
> > >
> > > also please make sure to use
tags 536594 moreinfo
thanks
On Sat, Aug 15, 2009 at 11:03:42AM -0500, Krzysztof Drewniak wrote:
> I'd like to confirm this bug on a D-Link DWL-650 PCMICA card. For me, if
> the card is inserted (during boot of otherwise) messages similar to the
> ones already in the bug log are displayed and the s
tags 521615 moreinfo
thanks
On Mon, Mar 30, 2009 at 11:49:27PM +0200, Henrik wrote:
> Hello Maximilian,
>
> it has to be a debian patch which messes up my system time.
> I'll figure out some patches of the patchset next days.
>
> These snapshots are a great deal (thx), but I first want to find o
tags 536183 moreinfo
thanks
On Wed, Jul 08, 2009 at 12:16:58PM +1000, Trent W. Buck wrote:
> Package: linux-image-2.6.30-1-686
> Version: 2.6.30-1
> Severity: normal
>
> After upgrading from .29 to .30, I can no longer change my CPU
> frequency scaling governor:
>
> # cat /sys/devices/system
tags 520256 moreinfo
thanks
On Fri, Mar 20, 2009 at 01:18:45AM +0100, yellow protoss wrote:
> HI Max
>
> I returned to the 2.26 kernel
> So I added at teh boot of teh machine:
> /etc/init.d/alsa reload
>
> ons$ uptime
> 01:09:52 up 1 day, 4:59, 3 users, load average: 0.14, 0.18, 0.12
>
> I
On Sat, Mar 21, 2009 at 07:47:36PM +0100, Olaf van der Spek wrote:
> Package: linux-image-2.6.26-1-686
> Version: 2.6.26-13lenny2
> Severity: normal
>
> Hi,
>
> When the half-open TCP connection queue is full and syn cookies are enabled,
> you get a message like "kernel: possible SYN flooding on
On Sat, Feb 13, 2010 at 08:13:54PM +0100, maximilian attems wrote:
> On Sat, Feb 13, 2010 at 06:40:09PM +0100, Fathi Boudra wrote:
> > > aboves is again zero info.
> > > so please pin down which script is faulty in runlevel 2,
> > > come on I'd expect a bit more from a debian dev then a casual user
On Sat, Feb 13, 2010 at 12:22:43PM +0100, maximilian attems wrote:
> On Wed, 08 Jul 2009, ?? wrote:
>
> >
> > When the lid is closed on my Acer Aspire One (D150-1577), kacpid and
> > kacpi_notify both make very active use of the CPU.
> >
> > I cannot find any ev
tags 536896 moreinfo
thanks
On Tue, Jul 14, 2009 at 09:57:54PM +0800, James Andrewartha wrote:
> Package: linux-image-2.6.26-2-amd64
> Version: 2.6.26-17
> Severity: normal
>
> All audio from gstreamer-using apps (eg Totem and Banshee) pops when I use a
> 2.6.{25,26,28,30} amd64 kernel and i386 u
Version: 2.6.28-1
Laurent GUINCHARD wrote:
> Package: linux-image-2.6.26-2-686
> Version: 2.6.26-21lenny3
>
> We have a IBM server (IBM Systemx 3250M3) which have an Intel ICH8 SATA
> controller.
> When I try to install Debian Lenny on this server, the running kernel doesn't
> see the hard dri
tags 554619 moreinfo
thanks
On Thu, Nov 05, 2009 at 07:23:42PM +0100, mase wrote:
> Package: linux-image-2.6.26-2-686
> Version: 2.6.26-19lenny2
> Severity: normal
>
>
> I get very slow connection speeds with this module around 40 KB/s
> what should be 700 - 800 KB/s. I connect through a router
On Thu, Nov 12, 2009 at 12:33:56AM +0100, Stefan Hett wrote:
> I've just tested it with the newly available kernel image in the
> unstable branch (linux-image-2.6.31-1-686) and with that am getting
> the following dmesg output:
>
> [ 15.548007] rt2860sta: module is from the staging directory, th
On Thu, Nov 12, 2009 at 12:47:39PM -0800, Brandon Del Bel wrote:
> If it helps at all, here's the relevant strace output:
>
> 4093 open("/dev/dsp", O_RDWR) = 7
> 4093 ioctl(7, SNDCTL_DSP_GETCAPS, 0xffb7a884) = 0
> 4093 ioctl(7, SNDCTL_DSP_SETFMT or SOUND_PCM_READ_BITS, 0xffb7a888) = 0
tags 557527 moreinfo
thanks
On Sun, Nov 22, 2009 at 05:53:26PM +, Ben Hutchings wrote:
> On Sun, 2009-11-22 at 17:51 +0100, Lennert Van Alboom wrote:
> > Package: linux-2.6
> > Version: 2.6.31-2
> > Severity: normal
> >
> > When the battery is being charged, its charge will rise steadily unti
tags 557068 moreinfo
thanks
On Thu, Nov 19, 2009 at 12:34:05PM +0300, Vladimir Stavrinov wrote:
>
> Package: linux-2.6
> Version: 2.6.31-2
> Severity: normal
>
> It happens twice for a few days after upgrade with last hello before
> dead:
>
> Nov 17 06:41:50 foo kernel: [68763.018411] -
tags 557802 moreinfo
thanks
On Tue, Nov 24, 2009 at 03:39:44PM +0100, Tino Schmidt wrote:
> Package: linux-image-2.6.26-2-686
> Version: 2.6.26-19lenny2
> Severity: normal
>
> Two days ago I installed Debian on a 10-year-old laptop. It's a
> IPC Topnote G. Soundcard is a Creative Labs Ectiva EV19
On Sat, Nov 28, 2009 at 01:27:50PM +0100, Stefan Lippers-Hollmann wrote:
> Hi
>
> On Saturday 28 November 2009, Emmanuel Blot wrote:
> > Package: netinstall
> > Version: sorry, don't know how to obtain that info, see below for the
> > package reference and date.
> >
> > Hardware:
> >Intel D94
tags 559342 moreinfo
thanks
On Sat, Dec 19, 2009 at 11:25:40AM +0100, Eugenio M. Vigo wrote:
> Hi again.
> I've been investigating further on these issues and I'm glad to tell you
> that the HP DeskJet F380 scanning issue was actually about permissions,
> exactly the bug stated here:
> http://bugs
tags 559207 moreinfo
thanks
On Wed, Dec 02, 2009 at 02:25:47PM -0500, Anthony DeRobertis wrote:
> Package: linux-2.6
> Version: 2.6.31-2
> Severity: normal
>
> This warning showed up in my kernel logs, as I either logged out or in
> (to a e16/KDE desktop, logged in using gdm).
Hi,
The next relea
On Sun, Jul 26, 2009 at 02:46:03PM +0200, Moritz Muehlenhoff wrote:
> On Sat, Jan 17, 2009 at 02:50:45AM +0300, Ilia Lilov wrote:
> >
> > I have the next troubles with CPU FAN speed control on my notebook. I had
> > no CPU FAN speed control (cooler works on full speed all
On Thu, Sep 29, 2005 at 09:50:59AM -0600, Shaun Jackman wrote:
> 2005/9/29, Colin Watson :
> > On Wed, Sep 28, 2005 at 02:41:34PM -0600, Shaun Jackman wrote:
> > > binfmt-support allows the hex \x## escape sequence for the magic
> > > option. Could the magic option also support the octal \### escap
Hi Trent,
On Fri, Feb 26, 2010 at 09:57:37AM +1100, Trent W. Buck wrote:
> Moritz Muehlenhoff wrote:
> >> After upgrading from .29 to .30, I can no longer change my CPU
> >> frequency scaling governor: [...]
> >
> > The next release of Debian (6.0, code name Squ
On Sat, Feb 20, 2010 at 01:54:52PM +0100, Julien Cristau wrote:
> On Fri, Feb 19, 2010 at 09:56:53 +0100, Michal Suchanek wrote:
>
> > When kms is enabled the radeon module cannot be unloaded. rmmod
> > complains that the module is busy while the X server is not running.
> >
> > This is different
Package: irssi
Severity: important
irssi 0.8.15 fixed two security issues as reported on oss-security
which do not warrant a DSA. This is mostly to keep you posted in
case you want to fix this through a stable point update:
http://article.gmane.org/gmane.comp.security.oss.general/2805
http://arti
On Fri, Apr 09, 2010 at 10:37:57AM +0200, Mike Hommey wrote:
> On Fri, Apr 09, 2010 at 12:00:35AM +0200, Moritz Muehlenhoff wrote:
> > On Mon, Apr 05, 2010 at 09:39:06AM +0200, Mike Hommey wrote:
> > > On Sun, Apr 04, 2010 at 05:52:13PM -0400, Michael Gilbert wrote:
> >
On Tue, Apr 13, 2010 at 11:57:07PM +0200, Mike Hommey wrote:
> On Tue, Apr 13, 2010 at 11:53:42PM +0200, Moritz Muehlenhoff wrote:
> > On Fri, Apr 09, 2010 at 10:37:57AM +0200, Mike Hommey wrote:
> > > On Fri, Apr 09, 2010 at 12:00:35AM +0200, Moritz Muehlenhoff wrote:
> >
Package: typo3-src
Severity: important
Please see
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/
Any security issues only exploitable if register_globals is enabled
are not covered by security support, you might still want to fix this
for Squeeze.
Cheers,
Moritz
On Thu, Apr 15, 2010 at 10:59:45AM +0300, Tommi Vainikainen wrote:
> Sven Joachim writes:
> > It's not so easy since there are a few packages which would be broken:
>
> ...
>
> > Note that this comes from xemacs21 not being in testing; the xemacs21
> > maintainer's lack of response to RC bugs su
severity 577464 important
thanks
On Sun, Apr 11, 2010 at 02:04:41PM -0700, Rob Browning wrote:
>
> Package: wnn7egg
> Version: 1.02-7
> Severity: serious
>
> It looks like your package requires emacs22 in order to satisfy its
> build or binary dependencies from unstable/testing.
>
> Please ensu
severity 577467 important
thanks
On Sun, Apr 11, 2010 at 02:25:01PM -0700, Rob Browning wrote:
>
> Package: wysihtml-el
> Version: 0.13-5
> Severity: serious
>
> It looks like this package still depends on emacs22 in some way,
> possibly in order to satisfy its build or binary dependencies from
severity 577468 important
thanks
On Sun, Apr 11, 2010 at 02:26:23PM -0700, Rob Browning wrote:
>
> Package: yc-el
> Version: 4.0.13-9
> Severity: serious
>
> It looks like this package still depends on emacs22 in some way,
> possibly in order to satisfy its build or binary dependencies from
> un
Package: ftp.debian.org
Severity: normal
Please remove swami from the archive. It depends on GTK 1.2 and
according to #547035 the GTK2 port still isn't finished after
six years. If it ever appears, swami can be reintroduced.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-
On Thu, Feb 04, 2010 at 01:02:32PM +0100, Aurelien Jarno wrote:
> Deng Xiyue a écrit :
> > On Tue, Jan 26, 2010 at 05:44:53PM +0100, Aurelien Jarno wrote:
> >> Sven Joachim a écrit :
> >>> [ Putting the glibc maintainers and the mips porters into the loop.
> >>> Summary: emacs23-nox aborts with m
severity 561760 important
thanks
Michael Gilbert wrote:
> Package: qt4-x11
> Version: 4:4.5.3-4
> Severity: grave
> Tags: security
>
> Hi,
>
> The following CVE (Common Vulnerabilities & Exposures) ids were
> published for webkit. qt4-x11 embeds webkit, so most of these issues
> are likely appl
On Wed, Mar 17, 2010 at 09:21:42PM +0100, Moritz Muehlenhoff wrote:
> On Wed, Mar 17, 2010 at 04:40:22PM +0100, maximilian attems wrote:
> > On Wed, Mar 17, 2010 at 03:35:44PM +0900, Nobuhiro Iwamatsu wrote:
> > >
> > > 2010/3/3 Nobuhiro Iwamatsu :
> > > >
On Fri, Apr 02, 2010 at 01:21:45PM +0200, Bas Zoetekouw wrote:
> Package: scummvm
> Version: 1.0.0-4
> Severity: normal
>
> Please enable the SCI engine of scummvm. As freesci had now been
> merged into scummvm, I would like to remove freesci from the archive
> (or perhaps replace it by a dummy p
Package: couchdb
Severity: important
Tags: security
The following advisory was posted to full-disclosure. I don't see
the security implications, can you tell me what property is being
attacked here through the timing attack?
Cheers,
Moritz
CVE-2010-0009: Apache CouchDB Timing Attack Vuln
Package: opendchub
Version: OpenDcHub 0.8.1 Remote Code Execution Exploit
Severity: grave
Tags: security
This was reported to full-disclosure:
http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600
Please get in touch with upstream for a fix.
Cheers,
Mori
Package: viewvc
Severity: grave
Tags: security
The following was reported to oss-security:
Just received an announcement stating ViewVC 1.1.5 and 1.0.11 were
released today (right on the heels of 1.1.4 and 1.0.10, for which I
still haven't received a CVE). Looks like they fix an XSS that needs
a
On Fri, Apr 02, 2010 at 05:07:08PM +0200, Nico Golde wrote:
> BTW I only filed this as important as the only application in Debian which
> seems to use this lib is dsniff and in this case it's not really an important
> issue.
This doesn't warrant a DSA, but you could still fix this through a sta
On Thu, Apr 01, 2010 at 03:18:01PM +1100, John Zaitseff wrote:
> Tags: patch
>
> Dear David et al.,
>
> Thank you for packaging ViewVC!
>
> Rather a long time ago, I asked that viewvc 1.1.x be packaged. At
> that time, I promised I would have a go at it myself, since I
> realised that the 1.1.x
severity 561765 important
thanks
> The following CVE (Common Vulnerabilities & Exposures) ids were
> published for webkit. webkit was forked from khtml, so these
> issues very like apply to this package as well. Since there are so
> many problems, I have not had time to check whether the vulnera
Package: transmission
Severity: grave
Tags: security
The message below was reported on oss-security. CVE-2010-0749 seems
like a regular bug to me, not necessarily security-relevant, but
please upload transmission 1.92 ASAP.
Lenny isn't affected, it doesn't have support for Magnet links yet.
On
Michael Gilbert wrote:
> Package: kde4libs
> Version: 4:4.3.4-1
> Severity: serious
> Tags: security
>
> Hi,
>
> The following CVE (Common Vulnerabilities & Exposures) ids were
> published for webkit. webkit was forked from khtml, so these
> issues very like apply to this package as well. Since
On Sat, Sep 26, 2009 at 10:29:09AM +0200, Matthias Klose wrote:
> reopen 527455
> tags 527455 + wontfix help
> thanks
>
> On 26.09.2009 06:30, Debian Bug Tracking System wrote:
> >Your message dated Sat, 26 Sep 2009 04:18:46 +
> >with message-id
> >and subject line Bug#527455: fixed in python2
Package: linux-base
Version: 2.6.32-10
Severity: normal
The conversion on my Thinkpad X31 seems to have generated incorrect
labels, which lead to the home partition not being mounted automatically:
This is the /etc/fstab which was generated:
# /etc/fstab: static file system information.
#
#
On Mon, Apr 05, 2010 at 04:48:13PM +0100, Ben Hutchings wrote:
> On Mon, 2010-04-05 at 16:12 +0200, Moritz Muehlenhoff wrote:
> > Package: linux-base
> > Version: 2.6.32-10
> > Severity: normal
> >
> > The conversion on my Thinkpad X31 seems to have generated in
Package: clamav
Severity: serious
Hi,
[Note; this has been discussed before, but there never was a
real conclusion, but we need to discuss/fix this for Squeeze]:
We should not include clamav in stable any longer, it really is
too volatile to end up in a stable release. #550296 (which
should be RC
Package: abcm2ps
Severity: grave
Tags: security
Hi,
the following was reported to the oss-security mailing list:
Abcm2ps upstream has released:
[1] http://moinejf.free.fr/
[2] http://moinejf.free.fr/abcm2ps-5.9.12.tar.gz
latest v5.9.12 version, addressing
"some security vulnerabili
On Mon, Apr 05, 2010 at 09:39:06AM +0200, Mike Hommey wrote:
> On Sun, Apr 04, 2010 at 05:52:13PM -0400, Michael Gilbert wrote:
> > package: iceweasel
> > severity: important
> > version: 3.0.6-3
> > tags: security
> >
> > hi, iceweasel in lenny is still vulnerable to an address bar spoofing
> > v
Package: ftp.debian.org
Severity: normal
Please remove dillo:
- Depends on long-obsolete GTK 1.2 libs (#515271)
- Broken HTTPS support (#510348)
- Security bugs unfixed for more than nine months (#535788), #560874
- Newer upstream releases depend on fltk2 which has license problems
- Unmaintained
On Thu, Nov 26, 2009 at 12:18:38AM +0100, Francesco Poli wrote:
> On Sun, 29 Jul 2007 14:59:04 +0200 Thomas Petazzoni wrote:
>
> > Hi,
> >
> > For some reason, when converting the attached picture using "exiftran
> > -a" (either inplace, or using an other output file), a blue/grey area
> > appear
On Wed, Jan 13, 2010 at 09:28:43AM +0100, Reinhard Tartler wrote:
> found 550442 0.svn20080206-18
> stop
>
> On Sa, Dez 05, 2009 at 00:33:02 (CET), Reinhard Tartler wrote:
>
> > Moritz Muehlenhoff writes:
> >
> >> Sorry, this slipped through. An upda
Luca Capello wrote:
> Rogério, should I go ahead with the NMU or a new upload is expected
> really soon? Or, better, would you like to prepare an NMU for the bugs
> above based on your debian/changelog? I will be happy to sponsor it, if
> needed.
As said before reintroducing xpdf into Squeeze me
On Mon, Jan 25, 2010 at 05:06:36PM -0500, Anthony DeRobertis wrote:
> Package: linux-2.6
> Severity: normal
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Linux-next commit 4bb950806f10bc3e249dd34375b4a4d6bfc0 contains a
> fix for this bug. I'd really appreciate it if you'd cherry-pi
Package: debhelper
Version: 7.4.11
Severity: wishlist
AFAICS dh is designed to automate as much as possible. It would be
nice if binaries were automatically installed to /usr/games if
the Section in debian/control is "games".
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/
On Mon, Oct 05, 2009 at 02:50:26AM +0100, Ben Hutchings wrote:
> On Tue, 2009-09-08 at 23:36 -0400, Sean M. Pappalardo wrote:
> > The kernel bug system's confirmation message hasn't arrived in over 24
> > hours. I can't file a bug there without that. Is there any way you can
> > file one?
>
> I se
On Mon, Aug 31, 2009 at 10:22:00PM +0200, Andreas Juch wrote:
> Am Mon, 31 Aug 2009 19:18:18 +0100
> schrieb Ben Hutchings :
>
> > On Sun, 2009-06-28 at 23:28 +0200, Andreas Juch wrote:
> > > Because it's a kernel-bug I paste the information from reportbug
> > > against the kernel-image in this ma
Karl Goetz wrote:
> Hi, The following files might also be DFSG problems:
>
> BSDish licence + advertising clauses.
BSD + advertising clause is DFSG compliant.
> These have no licence grant:
> ./ippd/md4.{c,h}
> radius.c
This code comes from RFC 1186:
http://tools.ietf.org/html/rfc1186
>
Package: typo3-src
Severity: grave
Tags: security
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
Apparently this only affects unstable/testing, but please double-check
the Lenny status.
Cheers,
Moritz
Vulnerable subcomponent #1: System extension openid
Vulner
On Fri, Jan 08, 2010 at 07:43:11AM +0100, Luk Claes wrote:
> Moritz Muehlenhoff wrote:
>
> > Please remove rails. It has open security issues, which haven't been
> > acknowledged for six weeks.
>
> removal hint added.
It has a few rdeps, which prevent the removal:
On Fri, Jan 22, 2010 at 06:10:55PM +0100, Moritz Muehlenhoff wrote:
> On Wed, Jan 13, 2010 at 09:28:43AM +0100, Reinhard Tartler wrote:
> > found 550442 0.svn20080206-18
> > stop
> >
> > On Sa, Dez 05, 2009 at 00:33:02 (CET), Reinhard Tartler wrote:
> >
On Fri, Jan 08, 2010 at 07:45:42PM +0100, Ludovic Drolez wrote:
>
> > According to the FAQ Swish prefers libxml for parsing if it's
> > linked, while the included Expat copy is mostly a fallback for systems
> > without libxml available.
> >
> > Ludovic, can you confirm? If so, we can close the bug
On Sun, Aug 30, 2009 at 11:28:44PM +0200, Christoph Egger wrote:
> Hi all!
>
> supertux currently has a open RC bug, patches fixing 3 bugs
> (including the RC one) and needs some love in other areas as
> well. Alexander Reichle Schmehl imported the package into pkg-games
> SVN a long time ag
Pedro R wrote:
> Package: samba
> Version: 2:3.4.5~dfsg-1
> Severity: grave
> Tags: security
> Justification: user security hole
>
>
> Hi,
>
> a security bug has been discovered in all versions of Samba up to and
> including 3.4.5.
> It is possible to cause mtab corruption via a specially craf
On Tue, Feb 09, 2010 at 09:53:46AM +0100, Reinhard Tartler wrote:
> On Do, Jan 28, 2010 at 22:26:45 (CET), Moritz Muehlenhoff wrote:
>
> > On Fri, Jan 22, 2010 at 06:10:55PM +0100, Moritz Muehlenhoff wrote:
> >> On Wed, Jan 13, 2010 at 09:28:43AM +0100, Reinhard Tartler wrote
On Sun, Oct 25, 2009 at 03:42:00PM +, Ben Hutchings wrote:
> On Sun, 2009-02-15 at 22:37 +0100, Jochen Becker wrote:
> > Package: linux-image-2.6.26-1-amd64
> > Version: 2.6.26-13
> > Severity: critical
> > Justification: breaks the whole system
> >
> > by copying data from one software raid d
Ben Hutchings wrote:
> It appears that the kernel deadlocked when powernowd attempted to switch
> the cpufreq governor from ondemand (kernel-based) to userspace. The
> hanging read of /sys/devices/system/cpu/cpu0/cpufreq/ is presumably a
> result of this deadlock.
>
> Please report this upstream
On Sat, Nov 14, 2009 at 05:09:02PM +0100, Manuel Prinz wrote:
> Hi Ben!
>
> Am Mittwoch, den 11.11.2009, 22:34 + schrieb Ben Hutchings:
> > Could you test this:
> >
> > --- a/include/linux/socket.h
> > +++ b/include/linux/socket.h
> > @@ -16,7 +16,12 @@ struct __kernel_sockaddr_storage {
> >
Hi,
On Wed, Dec 31, 2008 at 12:17:20PM +0200, Sam (Uli) Freed wrote:
> Now using Lenovo V200.
>
> Connected as "pc suite" and got:
>
> [1385043.445612] usb 4-1: new full speed USB device using uhci_hcd
> and address 10
> [1385043.631492] usb 4-1: configuration #1 chosen from 1 choice
> [1385043.
Mark Purcell wrote:
> Package: linux-2.6
> Version: 2.6.32-1
> Severity: normal
>
> All,
>
> I can confirm appletouch failure on resume is still an issue with current
> kernels.
Please report this bug upstream at the upstream bugzilla
(http://bugzilla.kernel.org), so that it can be investigate
On Sun, Sep 13, 2009 at 07:51:40PM +0100, Ben Hutchings wrote:
> Piotr,
>
> Has this been fixed? Does the current linux-image-2.6.26-2-486 work on
> this system? (If it crashes in text_poke_early() instead of behaving as
> before, that is a separate bug that we have a fix for.)
Piotr, is it fix
Package: gnome-screensaver
Severity: important
Tags: security
The following was posted to the oss-security mailing list by Vincent Danen
from Red Hat.
Cheers,
Moritz
This is a heads up on a gnome-screensaver issue that was fixed upstream
today.
In version 2
On Wed, Sep 02, 2009 at 07:38:50PM +0200, Moritz Muehlenhoff wrote:
> On Wed, Sep 17, 2008 at 05:13:00PM +0200, francois-xavier poignart wrote:
> > Package: linux-image-2.6.26-1-686
> > Version: 2.6.26-5
> > Severity: important
> >
> >
> > The kernel fai
Christian PERRIER wrote:
> OTOH, we still have lenny that's affected. Dropping the setuid bit in
> lenny would break the behaviour of the package in a too invasive way,
> so we need to use patches that have been proposed in upstream bug
> report by Jeff Layton.
>
> However, they don't apply clean
Package: ftp.debian.org
Severity: normal
Please remove ytnef:
- dead upstream
- security buggy
- low popcon
- orphaned, prior to that it had been RFAed for > 1.5 years
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm
Package: ftp.debian.org
Severity: normal
Please remove came:
- Uses obsolete V4L1 API (569095, 504160)
- orphaned (previously RFAed since 2008)
- dead upstream
- low popcon
- fishy quality (not endian clean (388742), buffer overflows (430156))
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
Package: ftp.debian.org
Severity: normal
Please remove webcam-server:
- orphaned
- only supports the deprecated v4l1 API, which is deprecated (#569102, #482923)
- dead upstream (last release in 2004)
- low popcon
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a sub
On Fri, Feb 12, 2010 at 03:22:14PM +0100, Thomas Pierson wrote:
> Package: linux-2.6
> Version: 2.6.32-5
> Severity: normal
> Tags: fixed-upstream patch
>
> Hi,
>
> This bug was comfirmed and fixed upstream on the Kernel Bug Tracker.
> A patch is available here:
> http://git.kernel.org/?p=linux/k
On Sun, Jan 24, 2010 at 04:52:25PM +, Thorsten Glaser wrote:
> tags 559803 + patch
> thanks
>
> Dear Andreas,
>
> I have prepared an NMU for cvsnt (version 2.5.04.3236-1.2) to use
> the system libtool/libltdl instead of its own bundled version,
> according to Policy §4.13, thus fixing CVE-200
On Sun, Feb 14, 2010 at 07:12:37AM +0100, Christian PERRIER wrote:
> Quoting Steve Langasek (vor...@debian.org):
>
> Thanks for helping out on that issue. It was very clearly going beyond
> my skills and knowledge. This is why we have a team..:-)
>
> > The tarball attached to your earlier mail in
On Sun, Feb 14, 2010 at 12:00:41PM +0100, Stephan Austermühle wrote:
> Sorry, cannot find an updated 2.6.30-2-amd64 on unstable. Do you
> mean 2.6.32-2-amd64?
Yes, please try that version.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with
On Sat, Jan 30, 2010 at 04:12:18PM -0500, Jean-Baptiste Wons wrote:
[Adding Pierre to CC]
> Package: valgrind
> Severity: normal
>
> I tried on version 1:3.5.0-3, and it does work for me.
>
> This is my test program:
> #define _GNU_SOURCE
> #include
> #include
> #include
>
> int main()
> {
On Tue, Feb 03, 2009 at 06:26:31PM +0100, Sebastian Niehaus wrote:
> Package: linux-image-2.6-686
> Version: 2.6.26+17
> Followup-For: Bug #500992
>
> Kind of status report: after some kernel upgrades: the modem still
> does not work.
Hi,
The next release of Debian (6.0, code name Squeeze) will
601 - 700 of 2011 matches
Mail list logo
