Processing control commands:
> tags 992053 + patch
Bug #992053 [src:c-ares] c-ares: CVE-2021-3672: Missing input validation on
hostnames returned by DNS servers
Added tag(s) patch.
> tags 992053 + pending
Bug #992053 [src:c-ares] c-ares: CVE-2021-3672: Missing input validation on
hostnames retur
Control: tags 992053 + patch
Control: tags 992053 + pending
Dear maintainer,
I've prepared an NMU for c-ares (versioned as 1.17.1-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
diff -Nru c-ares-1.17.1/debian/changelog c-ares-1.17.1
Processing control commands:
> found -1 1.14.0-1
Bug #992053 [src:c-ares] c-ares: CVE-2021-3672: Missing input validation on
hostnames returned by DNS servers
Marked as found in versions c-ares/1.14.0-1.
> fixed -1 1.14.0-1+deb10u1
Bug #992053 [src:c-ares] c-ares: CVE-2021-3672: Missing input val
Source: c-ares
Version: 1.17.1-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 1.14.0-1
Control: fixed -1 1.14.0-1+deb10u1
Control: fixed -1 1.17.1-1+deb11u1
Hi,
The following vulnerability was pu
Processing control commands:
> affects -1 src:perl
Bug #992052 [src:cd-hit] cd-hit: autopkgtest fails on very powerful CI workers
Added indication that 992052 affects src:perl
--
992052: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992052
Debian Bug Tracking System
Contact ow...@bugs.debian
Source: cd-hit
Version: 4.8.1-3
Severity: serious
X-Debbugs-CC: debian...@lists.debian.org
Tags: sid bookworm
User: debian...@lists.debian.org
Control: affects -1 src:perl
Dear maintainer(s),
With a recent upload of perl the autopkgtest of cd-hit fails in testing
on armhf when that autopkgtest is
Processing commands for cont...@bugs.debian.org:
> found 992046 0.12.1-1
Bug #992046 [src:rust-anymap] rust-anymap: CVE-2021-38187
Marked as found in versions rust-anymap/0.12.1-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
992046: https://bugs.debian.org/cgi
Processing commands for cont...@bugs.debian.org:
> tags 992046 + upstream
Bug #992046 [src:rust-anymap] rust-anymap: CVE-2021-38187
Added tag(s) upstream.
> tags 992045 + upstream
Bug #992045 [cpio] CVE-2021-38185
Added tag(s) upstream.
> forwarded 992045
> https://lists.gnu.org/archive/html/bug-
Hi,
Axel Beckert wrote:
> I can also look into how well the patch applies to buster's version of
> Lynx, but it might take until Monday.
Done now, built with -sa, did a source-only uploaded to
security-master and pushed it into the branch 10_buster on Salsa
including the according git tag.
Source: rust-anymap
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for rust-anymap.
CVE-2021-38187[0]:
| An issue was discovered in the anymap crate through 0.12.1 for Rust.
| It violates soundness via conversion of a *u8 to a
Your message dated Mon, 09 Aug 2021 21:18:51 +
with message-id
and subject line Bug#991971: fixed in lynx 2.9.0dev.6-3~deb11u1
has caused the Debian Bug report #991971,
regarding lynx: [CVE-2021-38165] SSL certificate validation fails with URLs
containing user name or user name and password,
Package: cpio
Version: 2.13+dfsg-4
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
https://github.com/fangqyi/cpiopwn
https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dd96882877721703e19272fe25034560b794061b
https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg0.html
Your message dated Mon, 09 Aug 2021 21:19:52 +
with message-id
and subject line Bug#991046: fixed in tomcat9 9.0.43-2~deb11u1
has caused the Debian Bug report #991046,
regarding tomcat9: CVE-2021-33037 CVE-2021-30640 CVE-2021-30639
to be marked as done.
This means that you claim that the prob
Control: tags -1 patch
On Mon, 09 Aug 2021 01:35:43 +0530 Pirate Praveen
wrote:
> Adding,
> ruby/lib/google usr/lib/ruby/vendor_ruby
> to debian/ruby-google-protobuf.install makes require
'google/protobuf'
> to pass. This can be used as a workaround until we figure out why
> gem2deb is not i
Processing control commands:
> tags -1 patch
Bug #992008 [ruby-google-protobuf] ruby-google-protobuf: Missing
lib/google/protobuf directory and fails require
Added tag(s) patch.
--
992008: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992008
Debian Bug Tracking System
Contact ow...@bugs.deb
Your message dated Mon, 09 Aug 2021 18:03:35 +
with message-id
and subject line Bug#992040: fixed in ruby-rqrcode-rails3 0.1.7-2
has caused the Debian Bug report #992040,
regarding gitlab 2FA broken: NoMethodError (undefined method `module_count' for
#
to be marked as done.
This means that y
Processing commands for cont...@bugs.debian.org:
> severity 992040 grave
Bug #992040 [ruby-rqrcode-rails3] gitlab 2FA broken: NoMethodError (undefined
method `module_count' for #
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
On Mon, Aug 9, 2021 at 1:50 pm, Antonio Terceiro
wrote:
On Mon, Aug 09, 2021 at 01:35:43AM +0530, Pirate Praveen wrote:
On Mon, Aug 9, 2021 at 12:12 am, Pirate Praveen
wrote:
> [copying debian-ruby list]
>
> On Sun, 08 Aug 2021 22:08:39 +0530 Akshay S Dinesh
> wrote:
> > Package:
Le dimanche 8 août 2021, 10:04:30 UTC Benno Schulenberg a écrit :
> > $env -i nano
> > command fail because TERM is unset
>
> I can work around an unset TERM. But what if TERM=="" or TERM=="nonsense"?
> Checking whether TERM is a valid terminal name goes too far, in my opinion.
>
> Also, is the
Le dimanche 8 août 2021, 14:57:42 UTC Bastien Roucariès a écrit :
> Le dimanche 8 août 2021, 10:04:30 UTC Benno Schulenberg a écrit :
> > > $env -i nano
> > > command fail because TERM is unset
> >
> > I can work around an unset TERM. But what if TERM=="" or
> > TERM=="nonsense"?
> > Checking whe
20 matches
Mail list logo