Bug#785429: icedove: FTBFS with new libvpx 1.4
Package: icedove Version: 31.6.0-1 Severity: serious On a binNMU for the libvpx transition, your package failed to build with: /«PKGBUILDDIR»/mozilla/media/webrtc/trunk/webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc: In member function 'virtual int webrtc::VP8EncoderImpl::InitEncode(const webrtc::VideoCodec*, int, uint32_t)': /«PKGBUILDDIR»/mozilla/media/webrtc/trunk/webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc:183:29: error: 'IMG_FMT_I420' was not declared in this scope raw_ = vpx_img_wrap(NULL, IMG_FMT_I420, codec_.width, codec_.height, ^ /«PKGBUILDDIR»/mozilla/media/webrtc/trunk/webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc: In member function 'virtual int webrtc::VP8EncoderImpl::Encode(const webrtc::I420VideoFrame&, const webrtc::CodecSpecificInfo*, const std::vector*)': /«PKGBUILDDIR»/mozilla/media/webrtc/trunk/webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc:352:16: error: 'PLANE_Y' was not declared in this scope raw_->planes[PLANE_Y] = const_cast(input_image.buffer(kYPlane)); ^ /«PKGBUILDDIR»/mozilla/media/webrtc/trunk/webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc:353:16: error: 'PLANE_U' was not declared in this scope raw_->planes[PLANE_U] = const_cast(input_image.buffer(kUPlane)); ^ /«PKGBUILDDIR»/mozilla/media/webrtc/trunk/webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc:354:16: error: 'PLANE_V' was not declared in this scope raw_->planes[PLANE_V] = const_cast(input_image.buffer(kVPlane)); ^ make[7]: *** [vp8_impl.o] Error 1 See https://buildd.debian.org/status/fetch.php?pkg=icedove&arch=amd64&ver=31.6.0-1%2Bb1&stamp=1431713936 These constants are now called VPX_*. Regards, Emilio -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#758086: marked as done (CVE-2014-3577 Apache HttpComponents hostname verification bypass)
Your message dated Sat, 16 May 2015 06:03:38 + with message-id and subject line Bug#758086: fixed in commons-httpclient 3.1-10.2+deb7u1 has caused the Debian Bug report #758086, regarding CVE-2014-3577 Apache HttpComponents hostname verification bypass to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 758086: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: commons-httpclient Version: 3.1-10.2 Severity: important Tags: security https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6153 It was found that the fix for CVE-2012-5783 was incomplete. The code added to check that the server hostname matches the domain name in the subject's CN field was flawed. This can be exploited by a Man-in-the-middle (MITM) attack, where the attacker can spoof a valid certificate using a specially crafted subject. This issue was discovered by Florian Weimer of Red Hat Product Security. --- Henri Salo signature.asc Description: Digital signature --- End Message --- --- Begin Message --- Source: commons-httpclient Source-Version: 3.1-10.2+deb7u1 We believe that the bug you reported is fixed in the latest version of commons-httpclient, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 758...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Markus Koschany (supplier of updated commons-httpclient package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 15 Apr 2015 21:24:48 +0200 Source: commons-httpclient Binary: libcommons-httpclient-java libcommons-httpclient-java-doc Architecture: source all Version: 3.1-10.2+deb7u1 Distribution: wheezy Urgency: high Maintainer: Debian Java Maintainers Changed-By: Markus Koschany Description: libcommons-httpclient-java - A Java(TM) library for creating HTTP clients libcommons-httpclient-java-doc - Documentation for libcommons-httpclient-java Closes: 758086 Changes: commons-httpclient (3.1-10.2+deb7u1) wheezy; urgency=high . * Team upload. * Add CVE-2014-3577.patch. (Closes: #758086) It was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. The fix for CVE-2012-6153 was intended to address the incomplete patch for CVE-2012-5783. The issue is now completely resolved by applying this patch and the 06_fix_CVE-2012-5783.patch. * Change java.source and java.target ant properties to 1.5, otherwise commons-httpclient will not compile with this patch. Checksums-Sha1: ca26cd0f2a5be0029a7b2e8d56cf85fb38c31d1e 2526 commons-httpclient_3.1-10.2+deb7u1.dsc 0c6dfbf3d0d47cfc70595d2b15223a59f264795b 13684 commons-httpclient_3.1-10.2+deb7u1.debian.tar.gz 301f4d1a8f1e400f257c13cd222981d60696584c 299718 libcommons-httpclient-java_3.1-10.2+deb7u1_all.deb b87b0f77aba48d6177092356e96e2b149f840283 1547514 libcommons-httpclient-java-doc_3.1-10.2+deb7u1_all.deb Checksums-Sha256: 219a2ecdf758361cec1ea85bce645115c14bf609dc7b565cd0ab5aee610f6cb1 2526 commons-httpclient_3.1-10.2+deb7u1.dsc e977a7922cff20c65fb6dcfbd9bb2f11e2f079245edddc68567055dd0e444cac 13684 commons-httpclient_3.1-10.2+deb7u1.debian.tar.gz 7bafb3dc4b04d2c0af8ecb8010eae11b63496c57184fe1bd6b812f824eee2037 299718 libcommons-httpclient-java_3.1-10.2+deb7u1_all.deb 47af253e18f750a10ff226c487aceadb056a78a913a6ab3c1d7022b620bd 1547514 libcommons-httpclient-java-doc_3.1-10.2+deb7u1_all.deb Files: 022067c70b0363ea2c1fa31542290b64 2526 java optional commons-httpclient_3.1-10.2+deb7u1.dsc 8a5862dc9b0b0898c61e438359eec285 13684 java optional commons-httpclient_3.1-10.2+deb7u1.debian.tar.gz 4deb3d76811d48c359dcbe0616f76b41 299718 java optional libcommons-httpclient-java_3.1-10.2+deb7u1_all.deb e1708de058fde033592dc11b9468294b 1547514 doc optional libcommons-httpclient-java-doc_3.1-10.2+deb7u1_all.deb -BEGIN PGP SIGNATURE- Version
Bug#784009: want to back out to get wget working again
On 2015-05-16 積丹尼 Dan Jacobson wrote: > I don't know how to get wget 1.16.3-2 working again. > It is not clear which dpkg -i actions I should do. [...] Downgrading libgnutls-deb0-28 (and if they are installed libgnutls-openssl27, gnutls-bin and libgnutlsxx28) to 3.3.15-2 should be enough. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: found 784009 in 3.3.15-3, notfound 784009 in 3.3.15-1, notfound 784009 in 3.3.15-2
Processing commands for cont...@bugs.debian.org: > found 784009 3.3.15-3 Bug #784009 [libgnutls-deb0-28] [experimental] Lack of versioned symbols in nettle causes segfault Bug #784063 [libgnutls-deb0-28] wget: segfault since this morning upgrade Bug #785266 [libgnutls-deb0-28] libnettle4: seg fault Marked as found in versions gnutls28/3.3.15-3. Marked as found in versions gnutls28/3.3.15-3. Marked as found in versions gnutls28/3.3.15-3. > notfound 784009 3.3.15-1 Bug #784009 [libgnutls-deb0-28] [experimental] Lack of versioned symbols in nettle causes segfault Bug #784063 [libgnutls-deb0-28] wget: segfault since this morning upgrade Bug #785266 [libgnutls-deb0-28] libnettle4: seg fault Ignoring request to alter found versions of bug #784009 to the same values previously set Ignoring request to alter found versions of bug #784063 to the same values previously set Ignoring request to alter found versions of bug #785266 to the same values previously set > # never affected uploads o unstable yet > notfound 784009 3.3.15-2 Bug #784009 [libgnutls-deb0-28] [experimental] Lack of versioned symbols in nettle causes segfault Bug #784063 [libgnutls-deb0-28] wget: segfault since this morning upgrade Bug #785266 [libgnutls-deb0-28] libnettle4: seg fault Ignoring request to alter found versions of bug #784009 to the same values previously set Ignoring request to alter found versions of bug #784063 to the same values previously set Ignoring request to alter found versions of bug #785266 to the same values previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 784009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784009 784063: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784063 785266: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785266 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785424: virtualbox: CVE-2015-3456: floppy driver host code execution
Source: virtualbox Version: 4.1.18-dfsg-1 Severity: grave Tags: security upstream fixed-upstream Justification: user security hole Hi, the following vulnerability was published for virtualbox. CVE-2015-3456[0]: | The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and | earlier and KVM, allows local guest users to cause a denial of service | (out-of-bounds write and guest crash) or possibly execute arbitrary | code via the (1) FD_CMD_READ_ID, (2) | FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka | VENOM. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-3456 [1] http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: found 775888 in 4.1.18-dfsg-1
Processing commands for cont...@bugs.debian.org:
> found 775888 4.1.18-dfsg-1
Bug #775888 {Done: Ritesh Raj Sarraf } [virtualbox]
virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595
CVE-2015-0418 CVE-2015-0427
Marked as found in versions virtualbox/4.1.18-dfsg-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
775888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#783141: lnav: FTBFS on all architectures on buildds
Control: tags -1 + help On Wed, Apr 22, 2015 at 09:43:31PM +0200, Salvatore Bonaccorso wrote: > lnav/0.7.3-1 builded locally in a pbuilder based build environment, > but the build seems to hang during tests on all architectures: > > https://buildd.debian.org/status/package.php?p=lnav&suite=experimental FTR, had no time so far to investigate this issue. So if somebody comes up checking the new upstream commits for a fix of this would be appreciated. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#783141: lnav: FTBFS on all architectures on buildds
Processing control commands: > tags -1 + help Bug #783141 [src:lnav] lnav: FTBFS on all architectures on buildds Added tag(s) help. -- 783141: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783141 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: reassign 785266 to libgnutls-deb0-28
Processing commands for cont...@bugs.debian.org: > reassign 785266 libgnutls-deb0-28 Bug #785266 [libnettle4] libnettle4: seg fault Bug reassigned from package 'libnettle4' to 'libgnutls-deb0-28'. No longer marked as found in versions nettle/2.7.1-5. Ignoring request to alter fixed versions of bug #785266 to the same values previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 785266: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785266 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: forcibly merging 784009 785266
Processing commands for cont...@bugs.debian.org: > forcemerge 784009 785266 Bug #784009 [libgnutls-deb0-28] [experimental] Lack of versioned symbols in nettle causes segfault Bug #784063 [libgnutls-deb0-28] wget: segfault since this morning upgrade Bug #785266 [libgnutls-deb0-28] libnettle4: seg fault Severity set to 'serious' from 'grave' Marked as found in versions gnutls28/3.3.14-3. Bug #784063 [libgnutls-deb0-28] wget: segfault since this morning upgrade Merged 784009 784063 785266 > thanks Stopping processing here. Please contact me if you need assistance. -- 784009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784009 784063: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784063 785266: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785266 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#784009: want to back out to get wget working again
I don't know how to get wget 1.16.3-2 working again. It is not clear which dpkg -i actions I should do. Debian Release: stretch/sid APT prefers experimental APT policy: (990, 'experimental'), (500, 'unstable') Architecture: i386 (i686) Versions of packages wget depends on: ii libc6 2.21-0experimental0 ii libgnutls-deb0-28 3.3.15-3 ii libidn11 1.30-1 ii libnettle4 2.7.1-5 ii libpcre3 2:8.35-4 ii libpsl00.5.1-1 ii libuuid1 2.26.2-3 ii zlib1g 1:1.2.8.dfsg-2+b1 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed (with 1 errors): forcibly merging 784009 785266
Processing commands for cont...@bugs.debian.org: > forcemerge 784009 785266 Bug #784009 [libgnutls-deb0-28] [experimental] Lack of versioned symbols in nettle causes segfault Bug #784063 [libgnutls-deb0-28] wget: segfault since this morning upgrade Unable to merge bugs because: package of #785266 is 'libnettle4' not 'libgnutls-deb0-28' Failed to forcibly merge 784009: Did not alter merged bugs > thanks Stopping processing here. Please contact me if you need assistance. -- 784009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784009 784063: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784063 785266: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785266 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785065: vdso32 fails to built on ppc64el
On 2015-05-12 15:55, Matthias Klose wrote: > that should be fixed on the kernel side by removing this code. there never > was a > powerpcle userland support. If this is not possible in the short term, then we > can re-enable this for unstable for some time. > This also seems to break grub2 on ppc64el [1]. I think it's a legitimate use case. [1] https://buildd.debian.org/status/fetch.php?pkg=grub2&arch=ppc64el&ver=2.02~beta2-23&stamp=1431706310 -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#784647: opencv: diff for NMU version 2.4.9.1+dfsg-1.1
Control: tags 784647 + pending Dear maintainer, I've prepared an NMU for opencv (versioned as 2.4.9.1+dfsg-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Cheers -- Sebastian Ramacher diff -Nru opencv-2.4.9.1+dfsg/debian/changelog opencv-2.4.9.1+dfsg/debian/changelog --- opencv-2.4.9.1+dfsg/debian/changelog 2014-09-19 04:15:33.0 +0200 +++ opencv-2.4.9.1+dfsg/debian/changelog 2015-05-15 21:34:14.0 +0200 @@ -1,3 +1,12 @@ +opencv (2.4.9.1+dfsg-1.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Bernhard Übelacker ] + * Build with -march=i586 instead of -march=i686 on i386. (Closes: #784647) + + -- Sebastian Ramacher Fri, 15 May 2015 21:34:12 +0200 + opencv (2.4.9.1+dfsg-1) unstable; urgency=medium * New upstream release. diff -Nru opencv-2.4.9.1+dfsg/debian/patches/optimize_i586.patch opencv-2.4.9.1+dfsg/debian/patches/optimize_i586.patch --- opencv-2.4.9.1+dfsg/debian/patches/optimize_i586.patch 1970-01-01 01:00:00.0 +0100 +++ opencv-2.4.9.1+dfsg/debian/patches/optimize_i586.patch 2015-05-15 16:44:12.0 +0200 @@ -0,0 +1,21 @@ +Description: Optimize of i386 changed from 686 to 586. + Similar to the patch patches/0011_optimize_i486.patch in wheezy + by Nobuhiro Iwamatsu. + Upstream moved the location from CMakeLists.txt to cmake/OpenCVCompilerOptions.cmake. +Author: Bernhard Übelacker +Bug-Debian: https://bugs.debian.org/784647 +Origin: other, https://sources.debian.net/src/opencv/2.3.1-11%2Bdeb7u1/debian/patches/0011_optimize_i486.patch/ +Last-Update: 2015-05-09 + + +--- opencv-2.4.9.1+dfsg.orig/cmake/OpenCVCompilerOptions.cmake opencv-2.4.9.1+dfsg/cmake/OpenCVCompilerOptions.cmake +@@ -109,7 +109,7 @@ if(CMAKE_COMPILER_IS_GNUCXX) + endif() + + if(X86 AND NOT MINGW64 AND NOT X86_64 AND NOT APPLE) +-add_extra_compiler_option(-march=i686) ++add_extra_compiler_option(-march=i586) + endif() + + # Other optimizations diff -Nru opencv-2.4.9.1+dfsg/debian/patches/series opencv-2.4.9.1+dfsg/debian/patches/series --- opencv-2.4.9.1+dfsg/debian/patches/series 2014-09-19 04:04:00.0 +0200 +++ opencv-2.4.9.1+dfsg/debian/patches/series 2015-05-15 16:43:46.0 +0200 @@ -7,3 +7,4 @@ revert-Make-ts-always-static fix_path_of_opencl_headers libav10.patch +optimize_i586.patch signature.asc Description: Digital signature
Processed: opencv: diff for NMU version 2.4.9.1+dfsg-1.1
Processing control commands: > tags 784647 + pending Bug #784647 [libopencv-imgproc2.4] libav-tools: avconv fails with Illegal Instruction Added tag(s) pending. -- 784647: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784647 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: #783543 (miscompile of _mm256_permutevar8x32_epi32) is fixed-upstream
Processing commands for cont...@bugs.debian.org: > tags 783543 fixed-upstream Bug #783543 [llvm-toolchain-3.6] miscompile of _mm256_permutevar8x32_epi32 Added tag(s) fixed-upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 783543: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783543 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#750743: gspiceui: Please update to use wxwidgets3.0
Hi Olly Thanks, in fact I do need some assistance. I have compiled version 1.1.00 and the source can be found at dget http://gudjon.org/debian/source/gspiceui_1.1.00+dfsg-1.dsc This needs fortifying but if I uncomment the fortifying flags in the debian/rules file I get the following error: /usr/include/wx-3.0/wx/ctrlsub.h:144: undefined reference to `non-virtual thunk to wxListBoxBase::IsSorted() const' Do you know how to solve this? I don't have a clue. Regards Gudjon -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785378: marked as done ([dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid)
Your message dated Fri, 15 May 2015 18:04:02 + with message-id and subject line Bug#785378: fixed in dbus 1.9.16-2 has caused the Debian Bug report #785378, regarding [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 785378: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785378 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: dbus Version: 1.8.18-1 Severity: important --- Please enter the report below this line. --- Recent upgrade from version 1.8.16 to 1.8.18 leads to the following error during the boot process: /usr/bin/dbus-uuidgen: symbol lookup error: /usr/bin/dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid This leads to many applications failing to run properly including kde, network-manager, power. Downgrading to 1.8.16 resolves the issues. --- System information. --- Architecture: amd64 Kernel: Linux 4.0.0-1-amd64 Debian Release: stretch/sid 800 unstableftp.us.debian.org 500 testing ftp.us.debian.org 500 stable dl.google.com 100 experimentalftp.us.debian.org --- Package information. --- Depends(Version) | Installed -+-= libaudit1 (>= 1:2.2.1) | 1:2.4-1+b1 libc6 (>= 2.17) | libcap-ng0 | libdbus-1-3 (>= 1.7.6) | libexpat1 (>= 2.0.1) | libselinux1 (>= 2.0.65) | libsystemd-journal0 (>= 38) | libsystemd-login0(>= 31) | adduser | lsb-base (>= 3.2-14) | Package Status (Version) | Installed =-+-=== systemd | 215-17 systemd-sysv | dbus-x11 | 1.8.16-1 Package's Recommends field is empty. Suggests (Version) | Installed ===-+-=== dbus-x11| 1.8.16-1 -- JP --- End Message --- --- Begin Message --- Source: dbus Source-Version: 1.9.16-2 We believe that the bug you reported is fixed in the latest version of dbus, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 785...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie (supplier of updated dbus package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 15 May 2015 15:58:31 +0100 Source: dbus Binary: dbus dbus-udeb dbus-x11 libdbus-1-3 libdbus-1-3-udeb dbus-1-doc libdbus-1-dev dbus-1-dbg dbus-tests dbus-user-session Architecture: all source Version: 1.9.16-2 Distribution: experimental Urgency: medium Maintainer: Utopia Maintenance Team Changed-By: Simon McVittie Closes: 785378 Description: dbus-1-dbg - simple interprocess messaging system (debug symbols) dbus-1-doc - simple interprocess messaging system (documentation) dbus - simple interprocess messaging system (daemon and utilities) dbus-tests - simple interprocess messaging system (test infrastructure) dbus-udeb - simple interprocess messaging system (minimal runtime) (udeb) dbus-user-session - simple interprocess messaging system (systemd --user integration) dbus-x11 - simple interprocess messaging system (X11 deps) libdbus-1-3 - simple interprocess messaging system (library) libdbus-1-3-udeb - simple interprocess messaging system (minimal library) (udeb) libdbus-1-dev - simple interprocess messaging system (development headers) Changes: dbus (1.9.16-2) experimental; urgency=medium . * libdbus-1-3 Breaks dbus versions that did not have a lockstep dependency on it, to allow dropping internal ABIs (Closes: #785378) * Drop now-unnecessary XS-Testsuite field from d/control Checksums-Sha1: c39f80fa616392bb54d46288ebd478fc713733e4 2916 dbus_1.9.16-2.dsc 9a2a122a248aded6a1602b547a1f7f5832a460a4 41848 dbus_1.9.16-2.debian.tar.xz 0bab7267fa9b43cfbb565b5b474aa22e2499a585 1384030 dbus-1-doc_1.9.16-2_all.deb a3f91d5d9a6b5cc78a1c43e4e698130a867135e1 67794 dbus-user-session_1.9.16-2_all.deb Checksu
Processed: found 783451 in 0.63-1
Processing commands for cont...@bugs.debian.org:
> found 783451 0.63-1
Bug #783451 {Done: Salvatore Bonaccorso }
[src:libmodule-signature-perl] libmodule-signature-perl: CVE-2015-3406
CVE-2015-3407 CVE-2015-3408 CVE-2015-3409
Marked as found in versions libmodule-signature-perl/0.63-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
783451: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783451
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785403: libgd2: FTBFS with libvpx 1.4
Source: libgd2 Version: 2.1.0-5 Severity: serious Tags: sid stretch Your package fails to build against the new libvpx: webpimg.c: In function 'VPXEncode': webpimg.c:714:24: error: 'IMG_FMT_I420' undeclared (first use in this function) vpx_img_wrap(&img, IMG_FMT_I420, ^ webpimg.c:714:24: note: each undeclared identifier is reported only once for each function it appears in webpimg.c:716:16: error: 'PLANE_Y' undeclared (first use in this function) img.planes[PLANE_Y] = (uint8*)(Y); ^ webpimg.c:717:16: error: 'PLANE_U' undeclared (first use in this function) img.planes[PLANE_U] = (uint8*)(U); ^ webpimg.c:718:16: error: 'PLANE_V' undeclared (first use in this function) img.planes[PLANE_V] = (uint8*)(V); ^ make[3]: *** [webpimg.lo] Error 1 These (and others you may be using in other files) should now be VPX_FOO. Cheers, Emilio -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785378: [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid
On Friday 15 May 2015 09:51:28 LeJacq, Jean Pierre wrote: > On Friday 15 May 2015 14:48:15 Simon McVittie wrote: > > On 15/05/15 14:45, Simon McVittie wrote: > > > Do you have libdbus-1-3 version 1.9.16 (from experimental) installed? I > > > suspect you might? > > > > If my guess is correct, then this is really a bug in > > libdbus-1-3/1.9.16-1 (which should have a Breaks relationship with older > > dbus versions), and you should be able to work around it by either > > upgrading dbus to the matching version, or downgrading libdbus-1-3. > > Yes I do indeed have libdbus-1-3 version 1.9.16 from experimental. > > I'm not sure how I got dbus from sid but libdbus-1-3 from experimental. I > will attempt getting them to the same version - 1.9.16. I can confirm that the issue is resolved when both dbus and libdbus-1-3 are at version 1.9.16 - both from experimental. -- JP -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#784215: strongswan-nm: network-manager-strongswan unavailable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I got a message saying network-manager-strongswan will be dropped from testing due to this bug. Is this off the table, too? Regards Harri -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJVViQfAAoJEAqeKp5m04HL6N0H/0kIonHzlk6phvGauCYSIWDu pmEjhpCz+VYBE7HW76GegrcarF35aOe3QSIhPbvSm3EFmB5RBz4oQVoExbqw0YVi W4ikxUKB+9Ow8ypvceKSW3yHftSBnpKb0tkCGmJmmXsGTdmtOs/6xG7pJHPyzE+u 7tZ+g4KdHwKXi1hA7pqs/XoD+qBHZRaS92xUGDk4ydFkgkzY0zLJOF61FaPNHLb2 wK+hq4VNFJA66kYD1W2s4ZO1uIMrHdZ2uMD3dMyVEtzt0ezB6yE/pObdD9ljv0Ls oNq7rBsA3kGDqLOXVcduflb4rXhUo7ihkMBCTLn/zL6VyXzqvXyHfPj0b4nMpAQ= =29qa -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#784215: network-manager-strongswan into backports?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Ian, is there a chance to add network-manager-strongswan to backports? It seems that Jessie's strongswan-nm has a bad dependency, see #759826. I am already using n-m-s on Jessie. It builds fine. There is a minor hiccup at run time (you have to try twice to reconnect), but IMHO this is less serious than the bad dependency. It would be very nice if you could sponsor an upload to backports. Regards Harri -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJVVh2FAAoJEAqeKp5m04HLJKgH/A3co7QqX2mMgre47iozqrY7 zQ0Gw86j/nMXZsTTewMe5e97cm97EXJ93prkXFu8ugGZCcCPG7TqB9siI8JE2VGi GoM59yzLAf2bz8HBJSC4JFJLJ3kMOVZXMygdwWLl/hnrEwmcPR+qF3oadhuu+Lzf wwlNX777RJH1iTmjPPOT9hOXXkenf22MnUfGbs2TrWaBFDMSPDBAV+17dxmfz4es cnL5FFdRuHVw8nwONwJZ+EiuiZ5IOBF3wpo8oFxcJ7c4qvmhTs/c+d6xvqreRJHP 1KpaNTcFVFGry86tcrURT+qyVaTSjdfYvHSNN072p4GB2+mbakgLYnnY9EQYaKw= =PzlW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: reassign 785378 to libdbus-1-3, notfound 785378 in 1.8.18-1, severity of 785378 is serious ...
Processing commands for cont...@bugs.debian.org: > reassign 785378 libdbus-1-3 1.9.16-1 Bug #785378 [dbus] [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid Bug reassigned from package 'dbus' to 'libdbus-1-3'. No longer marked as found in versions dbus/1.8.18-1. Ignoring request to alter fixed versions of bug #785378 to the same values previously set Bug #785378 [libdbus-1-3] [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid Marked as found in versions dbus/1.9.16-1. > notfound 785378 1.8.18-1 Bug #785378 [libdbus-1-3] [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid Ignoring request to alter found versions of bug #785378 to the same values previously set > severity 785378 serious Bug #785378 [libdbus-1-3] [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid Severity set to 'serious' from 'important' > tags 785378 + pending Bug #785378 [libdbus-1-3] [dbus] dbus-uuidgen: undefined symbol: dbus_internal_do_not_use_create_uuid Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 785378: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785378 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: close 785382
Processing commands for cont...@bugs.debian.org: > close 785382 Bug #785382 [libdancer-plugin-database-core-perl] libdancer-plugin-database-core-perl: faulty update queries Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 785382: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785382 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: bug 785382 is forwarded to https://github.com/bigpresh/Dancer-Plugin-Database/issues/64
Processing commands for cont...@bugs.debian.org:
> forwarded 785382 https://github.com/bigpresh/Dancer-Plugin-Database/issues/64
Bug #785382 {Done: Nuno Carvalho }
[libdancer-plugin-database-core-perl] libdancer-plugin-database-core-perl:
faulty update queries
Set Bug forwarded-to-address to
'https://github.com/bigpresh/Dancer-Plugin-Database/issues/64'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
785382: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785382
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: update 785382
Processing commands for cont...@bugs.debian.org: > severity 785382 grave Bug #785382 [libdancer-plugin-database-core-perl] libdancer-plugin-database-core-perl: faulty update queries Severity set to 'grave' from 'important' > owner 785382 sm...@cpan.org Bug #785382 [libdancer-plugin-database-core-perl] libdancer-plugin-database-core-perl: faulty update queries Owner recorded as sm...@cpan.org. > fixed 785382 libdancer-plugin-database-core-perl/0.10-1 Bug #785382 [libdancer-plugin-database-core-perl] libdancer-plugin-database-core-perl: faulty update queries Marked as fixed in versions libdancer-plugin-database-core-perl/0.10-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 785382: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785382 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785326: libavcodec56: CVE-2014-7937 - Multiple off-by-one errors in libavcodec/vorbisdec.c
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote: > Version: 6:11.3-1 > > On 2015-05-14 20:41:15, Arne Wichmann wrote: > > Package: libavcodec56 > > Version: 6:11.3-2 > > Severity: grave > > Tags: security > > Justification: user security hole > > > > Hi, as far as I can see this has not yet been reported or fixed: > > > > CVE-2014-7937 : Multiple off-by-one errors in libavcodec/vorbisdec.c in > > FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow > > remote attackers to cause a denial of service (use-after-free) or possibly > > have unspecified other impact via crafted Vorbis I data [1] > > > > I marked this as grave as the impact is unclear and might include arbitrary > > code execution. Feel free do downgrade if this can be ruled out. > > > > (Actually I would like to have a look at the test case to check a bit more > > thoroughly, but AFAICS I would need to talk to google for this.) > > > > [1] https://security-tracker.debian.org/tracker/CVE-2014-7937 > > https://lists.libav.org/pipermail/libav-devel/2015-January/066433.html > > A similar commit to the one maintained in this mailing list post was applied > to > 11.3. So closing with that version. Do you mean the patch at [0]? Honestly it doesn't look like the ffmpeg patch at all, and the commit message doesn't even mention the bug fix. How can you be so sure that the bug is fixed? Cheers [0] https://github.com/libav/libav/commit/0025f7408a0fab2cab4a950064e4784a67463994 signature.asc Description: Digital signature
Bug#785356: xrdp "Oh no! Something has gone wrong." is back
Hello Vincent Bernat, after dist-upgrade to jessie of a wheezy-installation with gnome desktop comes "Oh no! Something has gone wrong." on access from Windows to this machine - also with Remmina on localhost. It doesn't seem to be a message from xrdp. Which application is displaying the message? on the localhost p.e. Remmina. Sesman runs right and on the then appearing desktop this message is shown and I can't work, only logout is possible. Joachim -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#784903: [Pkg-fglrx-devel] Bug#784903: fglrx-driver: broken depends on xorg-video-abi-18
* On Tue, May 12, 2015 07:51PM +0200 Patrick Matthäi (pmatth...@debian.org) wrote: > Am 10.05.2015 um 14:18 schrieb Michael Tatge: > > Source: fglrx-driver > > Version: 1:14.9+ga14.201-2 > > Severity: grave > > Justification: renders package unusable > > > > fglrx-driver depends on xorg-video-abi-18 but xserver-xorg-core provides > > xorg-video-abi-19 thus rendering the package uninstallable. > > I will check in the next days if the experimental 14.12 version is > compatible with it, but I do not think so. It seems it is not. Even amd say it's only compatible with Xorg up to 1.16. For the time being I downgraded to 1.16 since I cannot get the radeon driver to *not* use xinerama or mergedfb... Michael -- PGP-Key-ID: EEE7D043 Jabber: in...@jabber.de signature.asc Description: Digital signature
Bug#785367: mercurial-git: AttributeError: 'tuple' object has no attribute 'rfind'
Package: mercurial-git
Version: 0.8.0-1
Severity: grave
hg is completely broken when this extension is enabled:
$ hg init testrepo
$ cd testrepo/
$ echo foo > foo
$ hg add foo
** Unknown exception encountered with possibly-broken third-party extension git
** which supports versions 3.3 of Mercurial.
** Please disable git and try your action again.
** If that fixes the bug please report it to
https://bitbucket.org/durin42/hg-git/issues
** Python 2.7.10rc1 (default, May 11 2015, 00:30:56) [GCC 4.9.2]
** Mercurial Distributed SCM (version 3.4)
** Extensions loaded: git
Traceback (most recent call last):
File "/usr/bin/hg", line 43, in
mercurial.dispatch.run()
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 29, in run
sys.exit((dispatch(request(sys.argv[1:])) or 0) & 255)
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 91, in
dispatch
ret = _runcatch(req)
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 160, in
_runcatch
return _dispatch(req)
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 885, in
_dispatch
cmdpats, cmdoptions)
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 646, in
runcommand
ret = _runcommand(ui, options, cmd, d)
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 976, in
_runcommand
return checkargs()
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 947, in
checkargs
return cmdfunc()
File "/usr/lib/python2.7/dist-packages/mercurial/dispatch.py", line 882, in
d = lambda: util.checksignature(func)(ui, *args, **cmdoptions)
File "/usr/lib/python2.7/dist-packages/mercurial/util.py", line 718, in check
return func(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/mercurial/commands.py", line 203, in add
rejected = cmdutil.add(ui, repo, m, "", False, **opts)
File "/usr/lib/python2.7/dist-packages/mercurial/cmdutil.py", line 2200, in add
for f in wctx.walk(match):
File "/usr/lib/python2.7/dist-packages/mercurial/context.py", line 1275, in
walk
True, False))
File "/usr/lib/python2.7/dist-packages/mercurial/dirstate.py", line 727, in
walk
ignore = self._ignore
File "/usr/lib/python2.7/dist-packages/mercurial/scmutil.py", line 1136, in
__get__
entry.obj = self.func(obj)
File "/usr/lib/python2.7/dist-packages/hgext/git/gitdirstate.py", line 100, in
_ignore
fns = self._finddotgitignores()
File "/usr/lib/python2.7/dist-packages/hgext/git/gitdirstate.py", line 164, in
_finddotgitignores
work = [d for d in work if not dirignore(d)]
File "/usr/lib/python2.7/dist-packages/mercurial/dirstate.py", line 601, in
_dirignore
for p in util.finddirs(f):
File "/usr/lib/python2.7/dist-packages/mercurial/util.py", line 2286, in
finddirs
pos = path.rfind('/')
AttributeError: 'tuple' object has no attribute 'rfind'
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages mercurial-git depends on:
ii mercurial 3.4-1
ii python-dulwich 0.10.1-1
pn python:any
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Fixed in spatialite-tools/4.2.1~rc1-3
Processing commands for cont...@bugs.debian.org: > notfixed 785091 spatialite-bin/4.2.1~rc1-3 Bug #785091 [spatialite-bin] spatialite-bin: spatialite gives a Segmentation fault. The source spatialite-bin and version 4.2.1~rc1-3 do not appear to match any binary packages No longer marked as fixed in versions spatialite-bin/4.2.1~rc1-3. > fixed 785091 spatialite-tools/4.2.1~rc1-3 Bug #785091 [spatialite-bin] spatialite-bin: spatialite gives a Segmentation fault. Marked as fixed in versions spatialite-tools/4.2.1~rc1-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 785091: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785091 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785366: chef: not installable in sid
Package: chef Version: 11.12.8-2 Severity: serious User: trei...@debian.org Usertags: edos-uninstallable Dear Maintainer, chef is currently not installable in sid since it depends on ruby-rest-client (<< 1.7.0). This dependency is hard-coded in debian/control. However, the version of ruby-rest-client in sid is 1.8.0-1. Cheers -Ralf. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Fixed in spatialite-bin/4.2.1~rc1-3
Processing commands for cont...@bugs.debian.org: > fixed 785091 spatialite-bin/4.2.1~rc1-3 Bug #785091 [spatialite-bin] spatialite-bin: spatialite gives a Segmentation fault. The source spatialite-bin and version 4.2.1~rc1-3 do not appear to match any binary packages Marked as fixed in versions spatialite-bin/4.2.1~rc1-3; no longer marked as fixed in versions spatialite-bin/4.2.1~rc1-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 785091: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785091 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785363: missing license in debian/copyright
Package: edk2 Version: 0~20150106.5c2d456b-1 Severity: serious User: alteh...@debian.org Usertags: ftp X-Debbugs-CC: ftpmas...@ftp-master.debian.org thanks Dear Maintainer, please add the dual license of: EmbeddedPkg/Library/FdtLib/fdt_ro.c EmbeddedPkg/Library/FdtLib/libfdt_internal.h EmbeddedPkg/Library/FdtLib/fdt_sw.c EmbeddedPkg/Library/FdtLib/fdt_wip.c EmbeddedPkg/Library/FdtLib/fdt_strerror.c EmbeddedPkg/Library/FdtLib/fdt_rw.c EmbeddedPkg/Library/FdtLib/fdt_empty_tree.c EmbeddedPkg/Library/FdtLib/fdt.c EmbeddedPkg/Include/libfdt.h EmbeddedPkg/Include/fdt.h to debian/copyright. Thanks! Thorsten -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785362: missing license in debian/copyright
Package: qemu Version: 2.3+dfsg-3 Severity: serious User: alteh...@debian.org Usertags: ftp X-Debbugs-CC: ftpmas...@ftp-master.debian.org thanks Dear Maintainer, please add the missing licenses of: pc-bios/qemu_logo*.svg to debian/copyright. Thanks! Thorsten -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785326: marked as done (libavcodec56: CVE-2014-7937 - Multiple off-by-one errors in libavcodec/vorbisdec.c)
Your message dated Fri, 15 May 2015 11:05:17 +0200 with message-id <20150515090517.gg25...@ramacher.at> and subject line Re: Bug#785326: libavcodec56: CVE-2014-7937 - Multiple off-by-one errors in libavcodec/vorbisdec.c has caused the Debian Bug report #785326, regarding libavcodec56: CVE-2014-7937 - Multiple off-by-one errors in libavcodec/vorbisdec.c to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 785326: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785326 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libavcodec56 Version: 6:11.3-2 Severity: grave Tags: security Justification: user security hole Hi, as far as I can see this has not yet been reported or fixed: CVE-2014-7937 : Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data [1] I marked this as grave as the impact is unclear and might include arbitrary code execution. Feel free do downgrade if this can be ruled out. (Actually I would like to have a look at the test case to check a bit more thoroughly, but AFAICS I would need to talk to google for this.) [1] https://security-tracker.debian.org/tracker/CVE-2014-7937 https://lists.libav.org/pipermail/libav-devel/2015-January/066433.html cu AW -- System Information: Debian Release: stretch/sid APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.7-ckt9 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages libavcodec56 depends on: ii libavresample2 6:11.3-2 ii libavutil546:11.3-2 ii libc6 2.19-18 ii libgsm11.0.13-4 ii libmp3lame03.99.5+repack1-7 ii libopenjpeg5 1:1.5.2-3 ii libopus0 1.1-2 ii libschroedinger-1.0-0 1.0.11-2.1 ii libspeex1 1.2~rc1.2-1 ii libtheora0 1.1.1+dfsg.1-6 ii libva1 1.5.1-2 ii libvorbis0a1.3.4-2 ii libvorbisenc2 1.3.4-2 ii libvpx11.3.0-3 ii libx264-1422:0.142.2431+gita5831aa-1+b2 ii libx265-43 1.5-1 ii libxvidcore4 2:1.3.3-1 ii multiarch-support 2.19-18 ii zlib1g 1:1.2.8.dfsg-2+b1 libavcodec56 recommends no packages. libavcodec56 suggests no packages. -- no debconf information --- End Message --- --- Begin Message --- Version: 6:11.3-1 On 2015-05-14 20:41:15, Arne Wichmann wrote: > Package: libavcodec56 > Version: 6:11.3-2 > Severity: grave > Tags: security > Justification: user security hole > > Hi, as far as I can see this has not yet been reported or fixed: > > CVE-2014-7937 : Multiple off-by-one errors in libavcodec/vorbisdec.c in > FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow > remote attackers to cause a denial of service (use-after-free) or possibly > have unspecified other impact via crafted Vorbis I data [1] > > I marked this as grave as the impact is unclear and might include arbitrary > code execution. Feel free do downgrade if this can be ruled out. > > (Actually I would like to have a look at the test case to check a bit more > thoroughly, but AFAICS I would need to talk to google for this.) > > [1] https://security-tracker.debian.org/tracker/CVE-2014-7937 > https://lists.libav.org/pipermail/libav-devel/2015-January/066433.html A similar commit to the one maintained in this mailing list post was applied to 11.3. So closing with that version. Cheers -- Sebastian Ramacher signature.asc Description: Digital signature --- End Message ---
Processed: notfound 785326 in 6:11.3-2
Processing commands for cont...@bugs.debian.org: > notfound 785326 6:11.3-2 Bug #785326 [libavcodec56] libavcodec56: CVE-2014-7937 - Multiple off-by-one errors in libavcodec/vorbisdec.c No longer marked as found in versions libav/6:11.3-2. > thanks Stopping processing here. Please contact me if you need assistance. -- 785326: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785326 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: found 785326 in 6:11.2-1
Processing commands for cont...@bugs.debian.org: > found 785326 6:11.2-1 Bug #785326 [libavcodec56] libavcodec56: CVE-2014-7937 - Multiple off-by-one errors in libavcodec/vorbisdec.c Marked as found in versions libav/6:11.2-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 785326: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785326 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#784256: usemod-wiki: Undefined subroutine CGI::startform
2015-05-14 21:13 GMT+02:00 Christoph Berg : > Re: Ludovic Rousseau 2015-05-04 > <20150504153158.27553.98664.report...@linutop.apdu.fr> >> I upgraded my system to Jessie (Debian 8.0) and now my wiki is no more >> working :-( >> >> I get this error as an HTML page: >> « Software error: >> >> Undefined subroutine CGI::startform >> at /usr/lib/cgi-bin/wiki.pl line 1503. > > Hi Ludovic, > > I've just fixed this for unstable, thanks for the report! > > For jessie, the problem is only there when you have libcgi-pm-perl > installed. If you remove that, the CGI.pm version bundled with perl > works. Is that workaround good enough, or should we look into > preparing a package for proposed-updates? Hello Christoph, In my setup libcgi-pm-perl is installed because it is a dependency of smokeping. So I can't really remove this package. The popularity of usemod-wiki [1] is quiet low. But the popularity of libcgi-pm-perl [2] is high. Maybe it is a good idea to prepare a package for proposed-updates if it is not too much work for you. Regards, [1] https://qa.debian.org/popcon.php?package=usemod-wiki [2] https://qa.debian.org/popcon.php?package=libcgi-pm-perl -- Dr. Ludovic Rousseau -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785255: ardour3(4) is back!
I don't know how and why, but today (I upgrade my sid daily) ardour starts without any problem. Alberto -- Alberto Maurizi a.maur...@isac.cnr.it ISAC-CNR Phone n. +39 051 639 9615 via Gobetti 101 Fax n. +39 051 639 9658 40129 Bologna, Italy home page: http://bolchem.isac.cnr.it/staff:alberto_maurizi.do bolchem project:http://bolchem.isac.cnr.it -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#785356: xrdp "Oh no! Something has gone wrong." is back
❦ 15 mai 2015 09:27 +0200, Joachim Schmidt : > after dist-upgrade to jessie of a wheezy-installation with gnome desktop comes > "Oh no! Something has gone wrong." > on access from Windows to this machine - also with Remmina on > localhost. It doesn't seem to be a message from xrdp. Which application is displaying the message? -- Don't just echo the code with comments - make every comment count. - The Elements of Programming Style (Kernighan & Plauger) signature.asc Description: PGP signature
Bug#785356: xrdp "Oh no! Something has gone wrong." is back
Package: xrdp Version: 0.6.1-2 Severity: grave Justification: renders package unusable Dear Maintainer, after dist-upgrade to jessie of a wheezy-installation with gnome desktop comes "Oh no! Something has gone wrong." on access from Windows to this machine - also with Remmina on localhost. I tryed dpkg -- purge xrdp apt-get install xrdp without success. Thank You Joachim -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages xrdp depends on: ii adduser 3.113+nmu3 ii libc62.19-18 ii libpam0g 1.1.8-3.1 ii libssl1.0.0 1.0.1k-3 ii libx11-6 2:1.6.2-3 ii libxfixes3 1:5.0.1-2+b2 Versions of packages xrdp recommends: ii vnc4server [vnc-server] 4.1.1+X4.3.0-37.6 xrdp suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
