Package: tomcat6
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for tomcat6.
CVE-2010-4312[0]:
| The default configuration of Apache Tomcat 6.x does not include the
| HTTPOnly flag in a
Package: moon
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for moon.
CVE-2010-4254[0]:
| Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is
| used, does not properly
Package: eucalyptus
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for eucalyptus.
CVE-2010-3905[0]:
| The password reset feature in the administrator interface for
| Eucalyptus 2.0.0 and
Package: phpmyadmin
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for phpmyadmin.
CVE-2010-4480[0]:
| error.php in PhpMyAdmin 3.3.8.1, and other versions before
| 3.4.0-beta1, allows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2138-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
December 29, 2010
Package: pam
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomas Mraz pointed out that pam_namespace PAM module executes external
namespace.init script with an environment settings inherited form the program
or service that has pam_namespace configured.
Package: tomcat6
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for tomcat6.
CVE-2010-4312[0]:
| The default configuration of Apache Tomcat 6.x does not include the
| HTTPOnly flag in a
Package: moon
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for moon.
CVE-2010-4254[0]:
| Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is
| used, does not properly
Package: eucalyptus
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for eucalyptus.
CVE-2010-3905[0]:
| The password reset feature in the administrator interface for
| Eucalyptus 2.0.0 and
Package: phpmyadmin
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for phpmyadmin.
CVE-2010-4480[0]:
| error.php in PhpMyAdmin 3.3.8.1, and other versions before
| 3.4.0-beta1, allows
-By: Giuseppe Iuculano iucul...@debian.org
Description:
wordpress - weblog manager
Closes: 605603
Changes:
wordpress (2.5.1-11+lenny4) stable-security; urgency=high
.
* [6f61bff] Fix CVE-2010-4257: SQL injection vulnerability in the
do_trackbacks function (Closes: #605603)
Checksums-Sha1
On 12/23/2010 11:23 AM, Florian Weimer wrote:
The attached patch was tested with a 9750 controller and a 9500S
controller. Basic SMART functionality still works.
smartmontools 5.39.1+svn3124-2 uploaded with your patch, thanks.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 28 Dec 2010 17:22:34 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.3.dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed
-- Giuseppe Iuculano iucul...@debian.org Tue, 28 Dec 2010 17:22:34 +0100
signature.asc
Description: OpenPGP digital signature
-- Giuseppe Iuculano iucul...@debian.org Tue, 28 Dec 2010 17:22:34 +0100
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 26 Dec 2010 12:26:16 +0100
Source: smartmontools
Binary: smartmontools
Architecture: source i386
Version: 5.39.1+svn3124-2
Distribution: unstable
Urgency: low
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed
Author: iuculano
Date: 2010-12-24 12:25:55 + (Fri, 24 Dec 2010)
New Revision: 15747
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2010-12-23 21:14:45 UTC (rev 15746)
On 12/21/2010 05:27 PM, Julien Cristau wrote:
I still don't know what you mean. Surely the lyrics is essentially
data, so whether it's GPL-compatible is irrelevant? And if it's
non-free, you're still shipping the old lyrics (twice now, since it's
both in the upstream source and the debian
Package: libxml2
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libxml2.
CVE-2010-4494[0]:
| Double free vulnerability in Google Chrome before 8.0.552.215 allows
| remote
Package: libxml2
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libxml2.
CVE-2010-4494[0]:
| Double free vulnerability in Google Chrome before 8.0.552.215 allows
| remote
Package: libxml2
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libxml2.
CVE-2010-4494[0]:
| Double free vulnerability in Google Chrome before 8.0.552.215 allows
| remote
On 12/21/2010 05:27 PM, Julien Cristau wrote:
I still don't know what you mean. Surely the lyrics is essentially
data, so whether it's GPL-compatible is irrelevant? And if it's
non-free, you're still shipping the old lyrics (twice now, since it's
both in the upstream source and the debian
On 12/20/2010 05:38 PM, Julien Cristau wrote:
What is GPL-compliant lyrics supposed to mean? Either they're free,
and there's no need to replace them, GPL or not. Or they're not free,
and we need to not ship them, in which case a patch is not enough. I
just don't get what the GPL has to do
Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
- High Stale pointers in cursor handling. Credit to Sławomir Błażek and
Sergey Glazunov.
-- Giuseppe Iuculano iucul...@debian.org Sat, 18 Dec 2010 17:39:19 +0100
chromium-browser (6.0.472.63~r59945-3) unstable; urgency=high
On 12/20/2010 05:38 PM, Julien Cristau wrote:
What is GPL-compliant lyrics supposed to mean? Either they're free,
and there's no need to replace them, GPL or not. Or they're not free,
and we need to not ship them, in which case a patch is not enough. I
just don't get what the GPL has to do
Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
- High Stale pointers in cursor handling. Credit to Sławomir Błażek and
Sergey Glazunov.
-- Giuseppe Iuculano iucul...@debian.org Sat, 18 Dec 2010 17:39:19 +0100
chromium-browser (6.0.472.63~r59945-3) unstable; urgency=high
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package wordpress, 3.0.3 is a security release.
unblock wordpress/3.0.3-1
Cheers,
Giuseppe.
-BEGIN PGP
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package wordpress, 3.0.3 is a security release.
unblock wordpress/3.0.3-1
Cheers,
Giuseppe.
-BEGIN PGP
: unstable
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 17 Dec 2010 11:03:55 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.3-1
Distribution: unstable
Urgency: high
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed-By: Giuseppe
tags 607240 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 17 Dec 2010 10:59:01 +0100.
The fix will be in the next upload.
=
Use GPL
tags 607240 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Fri, 17 Dec 2010 10:59:01 +0100.
The fix will be in the next upload.
=
Use GPL
: unstable
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 07 Dec 2010 08:43:38 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.2-1
Distribution: unstable
Urgency: high
Maintainer: Giuseppe Iuculano iucul...@debian.org
Changed-By: Giuseppe
tags 602732 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Mon, 6 Dec 2010 16:51:02 +0100.
The fix will be in the next upload.
=
Remove
tags 602732 + pending
thanks
Hello,
The following change has been committed for this bug by
Giuseppe Iuculano iucul...@debian.org on Mon, 6 Dec 2010 16:51:02 +0100.
The fix will be in the next upload.
=
Remove
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2128-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
December 01, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2128-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
December 01, 2010
: Giuseppe Iuculano iucul...@debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
dmraid - Device-Mapper Software RAID support tool
dmraid-udeb - Device-Mapper Software RAID support tool (udeb) (udeb)
libdmraid-dev - Device-Mapper Software RAID support tool - header files
Release Team,
Would this be an acceptable change for a freeze exception?
On 11/19/2010 01:11 PM, Florian Weimer wrote:
Package: smartmontools
Version: 5.39.1+svn3124-1
3w-sas is part of squeeze's kernel (for the 9750 cards), so it would
be nice to have support in smartmontools as well.
Release Team,
Would this be an acceptable change for a freeze exception?
On 11/19/2010 01:11 PM, Florian Weimer wrote:
Package: smartmontools
Version: 5.39.1+svn3124-1
3w-sas is part of squeeze's kernel (for the 9750 cards), so it would
be nice to have support in smartmontools as well.
: experimental
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
: experimental
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
Author: iuculano
Date: 2010-11-14 10:50:36 + (Sun, 14 Nov 2010)
New Revision: 15581
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2010-11-13 21:14:28 UTC (rev 15580)
Hi Daniel! Sorry for the late reply.
On 11/05/2010 03:23 AM, Daniel Takashi wrote:
I want to help the project too, if it still needed.
You are welcome, please join[1] the alioth group.
[1]https://alioth.debian.org/projects/pkg-chromium/
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP
Hi Daniel! Sorry for the late reply.
On 11/05/2010 03:23 AM, Daniel Takashi wrote:
I want to help the project too, if it still needed.
You are welcome, please join[1] the alioth group.
[1]https://alioth.debian.org/projects/pkg-chromium/
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP
Author: iuculano
Date: 2010-11-09 18:32:00 + (Tue, 09 Nov 2010)
New Revision: 15573
Modified:
data/CVE/list
Log:
Old webkit issues are fixed in chromium
Modified: data/CVE/list
===
--- data/CVE/list 2010-11-09 03:49:27
tags 602355 experimental
thanks
On 11/09/2010 04:13 AM, Jonathan Nieder wrote:
Could you indicate what version of google-chrome-stable you used
(from about:version)? Hopefully this has just been recently
fixed upstream and we can just sync with that or cherry-pick a
relevant patch.
The
On 11/09/2010 05:09 PM, Jonathan Nieder wrote:
Doesn't debbugs version tracking take care of that already?
Yes but the tag comes in handy when you upload a new experimental
version and have to check if some bugs were fixed in that suite.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package chromium-browser
chromium-browser (6.0.472.63~r59945-2) unstable; urgency=high
* Added the missing
Package: libvpx
Version: 0.9.1-1
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Christoph Diehl discovered a memory corruption in libvpx.
(see the chromium blog post[0],
[$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.)
On 11/07/2010 10:27 AM, Giuseppe Iuculano wrote:
Patch: https://review.webmproject.org/#change,928
Please also apply the following regression patch:
http://review.webmproject.org/#change,1098
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Package: libvpx
Version: 0.9.1-1
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Christoph Diehl discovered a memory corruption in libvpx.
(see the chromium blog post[0],
[$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.)
Package: libvpx
Version: 0.9.1-1
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Christoph Diehl discovered a memory corruption in libvpx.
(see the chromium blog post[0],
[$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.)
On 11/07/2010 10:27 AM, Giuseppe Iuculano wrote:
Patch: https://review.webmproject.org/#change,928
Please also apply the following regression patch:
http://review.webmproject.org/#change,1098
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package chromium-browser
chromium-browser (6.0.472.63~r59945-2) unstable; urgency=high
* Added the missing
Package: libxml2
Version: 2.7.7.dfsg-4
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
it was discovered that libxml2 does not well process a malformed XPATH,
causing crash and allowing arbitrary code execution.
Patch:
fixed 602609 2.7.8.dfsg-1
thanks
It was fixed in 2.7.8
Cheers,
Giuseppe
signature.asc
Description: OpenPGP digital signature
Package: libxml2
Version: 2.7.7.dfsg-4
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
it was discovered that libxml2 does not well process a malformed XPATH,
causing crash and allowing arbitrary code execution.
Patch:
Package: libxml2
Version: 2.7.7.dfsg-4
Severity: serious
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
it was discovered that libxml2 does not well process a malformed XPATH,
causing crash and allowing arbitrary code execution.
Patch:
fixed 602609 2.7.8.dfsg-1
thanks
It was fixed in 2.7.8
Cheers,
Giuseppe
signature.asc
Description: OpenPGP digital signature
: unstable
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package chromium-browser
* New stable microrelease.
* Allow to choose whether links are opened in a new link or
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please unblock package chromium-browser
* New stable microrelease.
* Allow to choose whether links are opened in a new link or
: unstable
Urgency: high
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
Author: iuculano
Date: 2010-10-08 08:02:08 + (Fri, 08 Oct 2010)
New Revision: 15441
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2010-10-07 21:14:44 UTC (rev 15440)
On 10/06/2010 08:23 PM, gustavo panizzo gfa wrote:
The upload would fix these bugs: 598284
security related bug, CVE-2010-3350
I've uploaded your package, thanks for your work.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Author: iuculano
Date: 2010-10-07 10:30:39 + (Thu, 07 Oct 2010)
New Revision: 15436
Modified:
data/CVE/list
Log:
CVE-2010-3350 fixed in sid
Modified: data/CVE/list
===
--- data/CVE/list 2010-10-07 07:08:10 UTC (rev
On 10/06/2010 04:00 PM, Sam Morris wrote:
Just realised there is an obvious workaround for this problem: set a
custom command 'chromium-browser --new-window' as the preferred web
browser.
I bet I should play with
/usr/share/gnome-control-center/default-apps/chromium-browser.xml,
tab-command
: experimental
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page
On 10/06/2010 09:28 AM, Lazy wrote:
Oct 6 10:26:19 lucid-lynx named[2866]: /etc/bind/named.conf.local:9: open:
/etc/smbind/smbind.conf: permission denied
As write in /usr/share/doc/smbind/README.Debian, probably you want run:
/usr/share/doc/smbind/README.Debian
Cheers,
Giuseppe
--
BIND9
Author: iuculano
Date: 2010-10-04 10:02:06 + (Mon, 04 Oct 2010)
New Revision: 15416
Modified:
data/CVE/list
data/embedded-code-copies
Log:
CVE-2010-3071 fixed in squeeze
criticalmass embeds curl
Modified: data/CVE/list
===
On 10/04/2010 01:54 PM, Laurent Fousse wrote:
LD_LIBRARY_PATH=/usr/lib/chromium-browser:/usr/lib/xulrunner-1.9.1:/usr/lib/chromium-browser
#
On 10/04/2010 11:16 AM, Laurent Fousse wrote:
Same problem. New script attached.
Regards,
Laurent.
could you try also chromium-browser --disable-plugins please?
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Package: criticalmass
Version: 1:1.0.0-1.4
Severity: important
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This package statically links against the curl system copy.
This can lead to problems in case of security issues, please update the package
to dynamically link to the system curl.
On 10/04/2010 01:29 PM, Laurent Fousse wrote:
* Giuseppe Iuculano [Mon, Oct 04, 2010 at 11:39:46AM +0200]:
On 10/04/2010 11:16 AM, Laurent Fousse wrote:
# Env:
#
LD_LIBRARY_PATH=/usr/lib/chromium-browser:/usr/lib/xulrunner-1.9.1:/kora/home/casys/lfousse/local_amd64/lib:/usr/local/cuda
On 10/04/2010 11:21 AM, Laurent Fousse wrote:
* Giuseppe Iuculano [Mon, Oct 04, 2010 at 11:19:31AM +0200]:
On 10/04/2010 11:16 AM, Laurent Fousse wrote:
Same problem. New script attached.
Regards,
Laurent.
could you try also chromium-browser --disable-plugins please?
Still the same
On 10/04/2010 11:16 AM, Laurent Fousse wrote:
# Env:
#
LD_LIBRARY_PATH=/usr/lib/chromium-browser:/usr/lib/xulrunner-1.9.1:/kora/home/casys/lfousse/local_amd64/lib:/usr/local/cuda/lib64
#
On 09/30/2010 03:32 PM, Laurent Fousse wrote:
Does this happen also with chromium-browser --temp-profile ?
Yes.
Laurent.
Please run the debugger again with run --single-process
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Ciao Enrico,
thanks for the bug report.
On 09/04/2010 11:49 AM, Enrico Zini wrote:
I am sorry this bug report is not very precise, but it is a very
annoying issue that I haven't managed to pinpoint in a deterministic
way.
Sometimes, chromium decides that it does not want to load a URL. In
On 09/30/2010 09:57 AM, Laurent Fousse wrote:
I can't run chromium-browser, it just segfaults at startup:
lfou...@bourrasque:~% chromium-browser
zsh: segmentation fault chromium-browser
Does this happen also with chromium-browser --temp-profile ?
Cheers,
Giuseppe.
signature.asc
-By: Giuseppe Iuculano iucul...@debian.org
Description:
couchdb- RESTful document oriented database
Closes: 570013
Changes:
couchdb (0.11.0-2.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2010-2234: fix Cross-site request forgery vulnerability
On 09/24/2010 02:36 PM, Luís Picciochi Oliveira wrote:
- On my diff, I moved the /usr/share/amule/skins directory from the
amule package to amule-common.
You seem to have copied it instead, so now it is provided by both
packages, although amule depends on amule-common (and this directory
will
/changelog
@@ -1,3 +1,11 @@
+couchdb (0.11.0-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * CVE-2010-2234: fix Cross-site request forgery vulnerability
+(Closes: #570013)
+
+ -- Giuseppe Iuculano iucul...@debian.org Sun, 26 Sep 2010 11:09:53 +0200
+
couchdb
Author: iuculano
Date: 2010-09-23 16:28:14 + (Thu, 23 Sep 2010)
New Revision: 15368
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===
--- data/CVE/list 2010-09-23 12:11:39 UTC (rev 15367)
Author: iuculano
Date: 2010-09-23 16:46:04 + (Thu, 23 Sep 2010)
New Revision: 15369
Modified:
data/CVE/list
Log:
CVE-2010-3476 fixed in otrs2 2.4.8+dfsg1-1
NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2010-09-23
Package: libv8
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libv8.
CVE-2010-3412[0]:
| Race condition in the console implementation in Google Chrome before
| 6.0.472.59 has
On 09/23/2010 06:18 PM, Jérémy Lal wrote:
Thank you Giuseppe,
i'll fix this tonight.
You are welcome. Feel free to ping me if you need a sponsor.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Package: libv8
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libv8.
CVE-2010-3412[0]:
| Race condition in the console implementation in Google Chrome before
| 6.0.472.59 has
Package: libv8
Severity: serious
Tags: security patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for libv8.
CVE-2010-3412[0]:
| Race condition in the console implementation in Google Chrome before
| 6.0.472.59 has
On 09/23/2010 06:18 PM, Jérémy Lal wrote:
Thank you Giuseppe,
i'll fix this tonight.
You are welcome. Feel free to ping me if you need a sponsor.
Cheers,
Giuseppe.
signature.asc
Description: OpenPGP digital signature
Author: iuculano
Date: 2010-09-19 08:51:46 + (Sun, 19 Sep 2010)
New Revision: 15347
Modified:
data/CVE/list
Log:
changeset for CVE-2010-1807
Modified: data/CVE/list
===
--- data/CVE/list 2010-09-18 14:32:25 UTC (rev
Author: iuculano
Date: 2010-09-18 14:32:25 + (Sat, 18 Sep 2010)
New Revision: 15346
Modified:
data/CVE/list
Log:
CVE-2010-2790 fixed
some details for CVE-2010-1807
Modified: data/CVE/list
===
--- data/CVE/list
: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector
tags 580681 moreinfo
thanks
On 06/01/2010 10:38 AM, Luk Bettale wrote:
I have the same bug to.
The bug only appears when the gtk-key-theme-name is set to Emacs AND when my
keyboard layout is set to 'fr (oss)'.
The space bar does work well when the layout is 'us (alt-intl)' or 'fr
(latin9)'
tags 594734 moreinfo
thanks
On 08/28/2010 10:19 PM, yellow wrote:
I am running linux on a HPC mini and the internet browser chromium is not
working.
I get a first popup window, and cannot click into to say start.
Could you say me if this is happening with chromium 6 please?
Cheers,
Author: iuculano
Date: 2010-09-16 15:13:01 + (Thu, 16 Sep 2010)
New Revision: 15334
Modified:
data/CVE/list
Log:
CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow
Modified: data/CVE/list
===
---
Author: iuculano
Date: 2010-09-15 13:49:22 + (Wed, 15 Sep 2010)
New Revision: 15329
Modified:
data/CVE/list
Log:
apple/webkit duplicates
Modified: data/CVE/list
===
--- data/CVE/list 2010-09-15 13:37:20 UTC (rev 15328)
: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers
pkg-chromium-ma...@lists.alioth.debian.org
Changed-By: Giuseppe Iuculano iucul...@debian.org
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector
On 09/15/2010 08:23 PM, Mehdi Dogguy wrote:
I think it's easy to see if we will have to accept a new major release of
Chromium in Squeeze (after its release): Would you be able to backport any
fix from 6.x to 3.x? If they keep releasing every 3 months, you'll have to
deal with a more distant
501 - 600 of 3350 matches
Mail list logo