Bug#404564: SA23492: w3m: Certificate Handling Format String Vulnerability

Package: w3m Version: 0.5.1-5 Severity: important Tags: security Description: A vulnerability has been reported in w3m, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a format string error when handling SSL certificates a

Bug#404818: SA23528: cacti: "cmd.php" Command Execution and SQL Injection

//secunia.com/advisories/23528/ Regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh

Bug#404817: Cannot build from source

ual.xsl were missing and I had to download them from the upstream build dependencies do not contain fop and saxon. when these are not installed, the build process fails when trying to install the documentation. gdk-pixbuf is contained in gtk-2.0. libgdk-pixbuf-dev is a gtk-1.2 library and it is not ne

Bug#400906: pinging...

The patch 10_CVE-2006-5864.patch in new version evince-0.4.0-3 solves the problem in this bug? Regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsub

Bug#400906: SA23111: evince: "get_next_text()" Buffer Overflow Vulnerability

closes 400906 thanks DSA-1243-1[1,2] closes this bug. [1] - http://www.us.debian.org/security/2006/dsa-1243 [2] - http://secunia.com/advisories/23579/ regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCR

Bug#404940: SA23465: tdiary: Unspecified Ruby Code Execution Vulnerability

: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''`. : :' :Alex de Oliveira Silva | e

Bug#404964: libvncauth-dev: No header file vncauth.h

tags 404964 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- diff -ur vnc-3.3.7.orig/debian/rules vn

Bug#406727: FTBFS, missing b-d on python-dev

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I don't see this problem to build driconf using pbuilder. dpkg-deb: building package `driconf' in `../driconf_0.9.0-2_all.deb'. regards, - -- .''`. : :' :Alex de Oliveira Silva | enerv `. `'

Bug#406755: dynagen: FTBFS: make: dpatch: Command not found

eveu: > Package: dynagen Version: 0.8.3-1 Severity: serious > > Hi, > > Your package is failing to build with the following error: dpatch > deapply-all make: dpatch: Command not found make: *** > [deapply-dpatches] Error 127 > > > Kurt > > > regards -

Bug#406755: dynagen: FTBFS: make: dpatch: Command not found

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tags 406755 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) Steve Langasek escreveu: > On Sat, Jan 13, 2007 at 11:21:48PM -0300, Alex de Oliveira Silva > wrote: > >>

Bug#406859: milter-greylist: FTBFS: libspf2 not found

t;> make: *** [config.status] Error 1 > > > Kurt > > > - -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev

Bug#407020: SA23736: libgtop2: "glibtop_get_proc_map_s()" Buffer Overflow

on: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''

Bug#407121: ITP: ossec-hids -- Open source host-based intrusion detection system.

Package: wnpp Severity: wishlist Owner: Alex de Oliveira Silva <[EMAIL PROTECTED]> * Package name: ossec-hids Version : 1.0 Upstream Author : Daniel B. Cid <[EMAIL PROTECTED]> * URL : http://www.ossec.net/ * License : GPL Programming Lang: C

Bug#407020: Help in libgtop

pgpsAb9Won1FX.pgp Description: PGP message

Bug#407202: CVE-2007-0248: squid: Denial of Service Vulnerabilities

in/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a su

Bug#407289: CVE-2007-0262: wordpress: Full Path disclosure and disclosure of Table Prefix Weakness

the changelog. -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_B

Bug#407290: CVE-2007-0256: vlc: Media Player Unspecified Denial Of Service Vulnerability

APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''`. : :' :Alex de Oliveira Silv

Bug#407350: CVE-2007-0257: kernel-patch-grsecurity2: Kernel PaX Local Privilege Escalation Vulnerability

s unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''`. : :' :Alex de Oli

Bug#407121: wrong ITP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm sorry. I did not see the ITP. :( regards, - -- .''`. : :' : Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using

Bug#407997: CVE-2007-0374: joomla: SQL injection vulnerability

e new upstream update. regards -- .''`. : :' : Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#407995: CVE-2007-0374: mambo: SQL injection vulnerability.

of mambo to solve this security bug. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#407997: CVE-2007-0374: joomla: SQL injection vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin Michlmayr escreveu: > * Alex de Oliveira Silva <[EMAIL PROTECTED]> [2007-01-22 17:50]: >> Package: joomla > > Is this package actually in Debian? What does > dpkg -p joomla | grep Maintainer > say? Hi Martin. Jo

Bug#408090: CVE-2007-0406: gxine: Multiple buffer overflows.

://xinehq.de/index.php/news?show_category_id=1 Note: Please mention the CVE id in the changelog. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsub

Bug#408090: CVE-2007-0406: gxine: Multiple buffer overflows.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Darren Salt escreveu: > close 408090 0.5.8-2 thanks > > I demand that Alex de Oliveira Silva may or may not have written... > > >> Multiple buffer overflows in the (1) main function in (a) >> client.c, and

Bug#407997: joomla: SQL injection vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 close 407997 thanks Joomla 1.0.12-1 its not affected. regards, - -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comme

Bug#410236: CVE-2007-0844: libpam-ssh: pam_ssh "auth_via_key()" Function

, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#405412: SA23596: miredo: HMAC-MD5-64 Hash Spoofing Vulnerability

86 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with

Bug#404995: pnputils: ..conflict w pnpbios-tools on `/sbin/lspnp'...

I don't understand why pnputils conflict with pnpbios-tools. pnpbios-tools don't exist (I don't know if this name is a old name of pnputils) Please run dpkg -L pnpbios-tools. pnputils is (build from source - ok) and (installation - ok) in my computer. regards, -- .'

Bug#405425: FrSIRT/ADV-2007-0026: vlc: "cdio_log_handler()" and "vcd_log_handler()" Format String Vulnerabilities

http://projects.info-pull.com/moab/MOAB-02-01-2007.html -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8

Bug#405441: ITP: smc -- A Jump and Run game like Super Mario World written in C++

age. Features: * In-Game Level Editor * Many Levels * Multiple Maryo Stages * Multiple Overworlds * Great Sound and Music For more information see the oficial web site. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To

Bug#405441: ITP: smc -- A Jump and Run game like Super Mario World written in C++

mc if you talk with upstream to change this graphics to another. In the future, maybe the project smc have problem with nitendo. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#403339: hslogger: FTBFS: unknown package: FilePath

tags 403339 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- diff -ur hslogger-1.0.1.orig/debian/control h

Bug#406238: SA23647: mediawiki: AJAX Unspecified Cross-Site Scripting

'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- T

Bug#406244: SA23675: gforge: "advanced_search.php" Cross-Site Scripting Vulnerability

rmation: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) -- .''`. : :&#

Bug#406318: SA23670: xorg: "DBE" and "Renderer" Extensions Vulnerabilities

Update to version 7.2 RC3. Reference: http://secunia.com/advisories/23670/ -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC

Bug#406332: SA23702: phpmyadmin: "Cross-Site Scripting and Unspecified Vulnerabilities"

7;unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRI

Bug#406486: CVE-2007-0203: phpmyadmin: Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1

linked to /bin/bash Kernel: Linux 2.6.18-3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of &qu

Bug#406628: CVE-2007-0159: libgeoip1: "GeoIP_update_database_general()" Remote Directory Traversal Vulnerability

3-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#406486: Correct description

2-rc1 : http://www.phpmyadmin.net/home_page/downloads.php References http://www.frsirt.com/english/advisories/2007/0125 http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 regards, - -- .''`. : :' : Alex de Oliveira Silva | enerv `. `' www.enerv.net `-

Bug#406486: Reporting useless bugs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin Schulze escreveu: > > > You could probably start writing 15k bugs... > > Regards, > > Joey > I only trying help. Sorry. In my next bugs, I go wait for more informations. regards, - -- .''`. : :&#x

Bug#402111: new upstream version available

tags 402111 + patch thanks Only for documentation http://madwifi.org/changeset/1842 (the patch is attached to this email) --- madwifi-0.9.2+r1809.20061115.orig/net80211/ieee80211_wireless.c 2006-12-08 08:29:46.0 -0300 +++ madwifi-0.9.2+r1809.20061115/net80211/ieee80211_wireless.c 2

Bug#402140: SA23283: phpbb2: privmsg.php Cross-Site Request Forgery and Cross-Site Scripting

Package: phpbb2 Version: 2.0.21-5 Severity: important Tags: security Some vulnerabilities have been discovered in phpBB, which can be exploited by malicious people to conduct cross-site request forgery attacks and cross-site scripting attacks. 1) The application allows users to send messages vi

Bug#398376: scim-bridge: installation fails: /var/lib/dpkg/info/tamil-gtk2im.postinst: line 7: update-gtk-immodules: command not found

Tags 398376 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) --- scim-bridge-0.2.4.orig/debian/control 2006-12-08 13:47:37.0 -0300 +++ scim-bridge-0.2.4/debian/control2006-12-08 13:46:33.0 -0300 @@ -8,

Bug#398376: scim-bridge: installation fails: /var/lib/dpkg/info/tamil-gtk2im.postinst: line 7: update-gtk-immodules: command not found

Sorry! The correct patch is this. --- scim-bridge-0.2.4.orig/debian/control 2006-12-08 13:47:37.0 -0300 +++ scim-bridge-0.2.4/debian/control2006-12-08 13:46:33.0 -0300 @@ -8,7 +8,7 @@ Package: scim-bridge Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends},

Bug#323742: FTBFS: Unable to find gcc-3.3

Tags 323742 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) --- ndiswrapper-modules-i386.orig/debian/control2006-12-08 14:03:36.0 -0300 +++ ndiswrapper-modules-i386-1.1/debian/control 2006-12-08 14:03:10.000

Bug#402172: python-gtk2-dev: fail to install, missing depends python-gtk2 (>= 2.8.6-8)

Package: python-gtk2-dev Version: 2.8.6-7 Severity: important The package python-gtk2-dev depends python-gtk2 (>= 2.8.6-8) but in Debian unstable python-gtk2 is version 2.8.6-7. -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (

Bug#402194: libocc-x11: FTBFS: cp: missing destination file operand after `oo2crc.tmp'

Package: libocc-x11 Version: 20020123 Severity: important The libocc-x11 fails to build from source. rm -f ooconfig.cpl ooconfig.tmp echo "fix-includes" >ooconfig.tmp echo "remove-line \"*:X11:*\"" >>ooconfig.tmp echo "remove-line PRAGMAS:LIB:HAVE_LIBX11" >>ooconfig.tmp echo "define PRAGMAS:LIB:

Bug#393062: FTBFS: i-csstli.adb:55:01: (style) multiple blank lines

Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) But now I see this errors. gcc-4.1 -c -gnatfno -O3 -gnatg -g -I- -gnatA -gnatpg /home/enerv/debian/libadabindx-0.7.2/build/i-csstli.adb i-csstli.adb:52:04: warning: "Elmt_Size" is not modified

Bug#334028: Unable to locale [sic] crtbegin.o provided by gcc

found 334028 0.9.27 merge 334028 339859 374489 thanks strace /usr/bin/i386-uclibc-linux-gcc -o hello hello.c > output cat output | grep crtbegin access("/usr/lib/gcc-lib/i486-linux-gnu/3.3.6/crtbegin.o", F_OK) = 0 I think you need to put in Depends: gcc-3.3 -- To UNSUBSCRIBE, email to [EMAIL P

Bug#374489: Problem in uClibc

I think I found the problem. The package uclibc-toolchain depends on gcc | c-compiler. But in the compilation of the package its only using gcc-3.3. strace /usr/bin/i386-uclibc-linux-gcc -o hello hello.c > output cat output | grep crtbegin access("/usr/lib/gcc-lib/i486-linux-gnu/3.3.6/crtbegin.o"

Bug#402802: SA23258: mantis: Custom Field Information Disclosure

Package: mantis Version: 1.0.6+dfsg-2 Severity: important Tags: security A security issue has been reported in Mantis, which can be exploited by malicious people to disclose sensitive information. The security issue is caused due to an unspecified error in the handling of custom fields, that ar

Bug#402921: SA23330: fai: Exposure of Password Hashes

Package: fai Version: 3.1.2 Severity: important Tags: security Justin R. Beckley has reported a security issue in fai-client, which can be exploited by malicious, local users to view administrator password hashes. The security issue is caused due to the application storing the root password ha

Bug#402921: wrong opened bug

close 402921 thanks Wrong opened bug See #402644 Sorry Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#403322: FTBFS: missing pciutils b-dep

Tags 403322 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) diff -ur flashrom-0.0+r2526.orig/debian/control flashrom-0.0+r2526/debian/control --- flashrom-0.0+r2526.orig/debian/control 2006-12-16 17:19:29.0 -0300 +

Bug#398400: egnome: postinst fails: Cannot find executable /usr/lib/smarteiffel/bin/selib2html

tags 398400 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) diff -ur egnome-0.cvs20020302.orig/debian/postinst egnome-0.cvs20020302/debian/postinst --- egnome-0.cvs20020302.orig/debian/postinst 2006-11-26 01:57:19.0 -

Bug#382644: vpopmail-bin uninstallable

Hi coven. I have changed libmysql to libmysqlclient15-dev to see if this solves the problem. I only see one error missing this "include" freecdbmake.h. Well, I hope this helps you in the next package. chmod 755 libtool touch configure-stamp dh_testdir cd plugins && /usr/bin/make make[1]: Entra

Bug#398371: xfingerd: installation fails: invoke-rc.d: unknown initscript, /etc/init.d/inetd not found.

tags 398371 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) diff -ur xfingerd-0.6.orig/debian/control xfingerd-0.6/debian/control --- xfingerd-0.6.orig/debian/control2006-11-26 20:42:38.0 -0300 +++ xfingerd-0.6/debi

Bug#398400: egnome: postinst fails: Cannot find executable /usr/lib/smarteiffel/bin/selib2html

tags 398400 + patch thanks Even though this a simple fix, I provide anyhow a patch for it. (the patch is attached to this email) p.s - I'm sending it again because "bug system" didn't add tag into the patch. :) diff -ur egnome-0.cvs20020302.orig/debian/postinst egnome-0.cvs20020302/debian/p

Bug#328362: pmk: postinst fails, missing depends?

tags 328362 + patch thanks Even though this is a simple fix to the missing depends gcc and failed to run pmksetup , I provide anyhow a patch for it. (the patch is attached to this email) diff -ur pmk-0.9.3s2.orig/debian/control pmk-0.9.3s2/debian/control --- pmk-0.9.3s2.orig/debian/control

Bug#400553: CVE-2006-5116: Cross-Site Scripting vulnerability

Package: phpmyadmin Version: 4:2.9.0.3-1 Severity: important Tags: security Cross-Site-Scripting vulnerabilities have been found in phpmyadmin. Please see http://www.securityfocus.com/bid/20253 -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Archi

Bug#400557: CVE-2006-5941: Unspecified Malformed TCP packet remote denial of service vulnerability

Package: snmpd Version: 5.2.3-3 Severity: important Tags: security Net-SNMP Unspecified Malformed TCP Packet Remote Denial Of Service Vulnerability. Please see http://www.securityfocus.com/bid/21256 -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'

Bug#400557: wrong opened bug

close 400557 thanks Explanation: This bug is only for Solaris. Sorry, Thomas. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#400553: CVE-2006-5116

Is true this bug is old. I looked at changelog and it really contains bug CVE-2006-5116 Sorry Thijs. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#400650: SA23092: tdiary Unspecified Cross-Site scripting vulnerability

Package: tdiary Version: 2.0.2+20060303-4 Severity: important Tags: security Vulnerability has been reported in tDiary, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to unspecified parameters is not properly sanitised before being returned to t

Bug#400904: FrSIRT/ADV-2006-4747: evince: "DocumentMedia" Handling Client-Side Buffer Overflow Vulnerability

Package: evince Version: 0.4.0-2+b2 Severity: important Tags: Security A vulnerability has been identified in GNOME Evince, which could be exploited by attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when handling a PostScript file containing an overly long "Do

Bug#400906: SA23111: evince: "get_next_text()" Buffer Overflow Vulnerability

Package: evince Version: 0.4.0-2+b2 Severity: important Tags: security A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "get_next_text()" function in ps/ps.c. Thi

Bug#401061: SA23145: kronolith: "view" Local File Inclusion Vulnerability

Package: kronolith Version: 2.1.4-1 Severity: important Tags: security A vulnerability has been reported in Kronolith, which can be exploited by malicious users to disclose sensitive information. Input passed to the "view" parameter within the "Kronolith_FreeBusy_View::factory" function in lib/FB

Bug#401061: SA23145: kronolith: "view" Local File Inclusion Vulnerability

I need sleep :~ Sorry Ola. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#401759: ITP: ktranslator -- translate words from one language to another

Hi Eriberto :) The upstream version of ktranslator dates back to 2005/03/22. Maybe the upstream abandoned it. Did you sent him a e-mail? Joao Eriberto Mota Filho escreveu: Package: wnpp Severity: wishlist Owner: Joao Eriberto Mota Filho <[EMAIL PROTECTED]> * Package name: ktranslator

Bug#309501: fails to build

retitle 309501 FTBS: fails to build in s390 thanks I tested basilisk2 in i386 and it builds perfectly. I am retitle this bug to specify which is the real problem. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#326398: ITP: joomla -- new content management system created by the former mambo team

I have interest in maintaining package joomla. My sponsor Daniel Ruoso <[EMAIL PROTECTED]> will upload the package as soon as everything is ok. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#396244: fails to use linda

Package: linda Version: 0.3.24 Severity: normal After changed permissions in debian/rules of my packages and run linda. linda -i ../mambo_4.6.1-1_all.deb Traceback (most recent call last): File "/usr/bin/linda", line 101, in ? main.run() File "/usr/bin/linda", line 59, in run checker

Bug#396431: bittorrent crash after start download

Package: bittorrent Version: 3.4.2-10 Severity: important After I started download using btdownloadcurses I receive this erro. Thanks in advanced. Traceback (most recent call last): File "/usr/bin/btdownloadcurses", line 220, in ? run(mainerrlist, argv[1:]) File "/usr/bin/btdownloadcurses

Bug#396431: bittorrent crash after start download

Jamuraa escreveu: On 10/31/06, Alex de Oliveira Silva <[EMAIL PROTECTED]> wrote: Package: bittorrent Version: 3.4.2-10 Severity: important After I started download using btdownloadcurses I receive this erro. Thanks in advanced. Traceback (most recent call last): File &qu

Bug#396431: bittorrent crash after start download

Jamuraa escreveu: On 11/1/06, Alex de Oliveira Silva <[EMAIL PROTECTED]> wrote: Jamuraa escreveu: > On 10/31/06, Alex de Oliveira Silva <[EMAIL PROTECTED]> wrote: >> Package: bittorrent >> Version: 3.4.2-10 >> Severity: important >> >> After I star

Bug#326681: RFP: gShield

The package of upstream is too old, maybe it abandoned the package. Soo, who really want to package gshield, please contact upstream and looks if he still developing it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#408719: libnl - FTBFS: doxygen: Command not found

uild/buildd/libnl-1.0~pre6' make: *** [build/libnl-doc] Error >> 2 >> ** >> Build finished at 20070127-1249 FAILED [dpkg-buildpackage died] > > regards, - -- .''`. : :' :

Bug#408839: CVE-2007-0508: bbclone: "BBC_LIB_PATH" Parameter Handling Remote File Inclusion Vulnerability

e=CVE-2007-0508 http://www.frsirt.com/english/advisories/2007/0318 http://secunia.com/advisories/23874 Note: Please mention the CVE id in the changelog. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, emai

Bug#408889: CVE-2006-6899: bluez-utils: HID Insecure Device Connection Vulnerability

, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#255484: Debian assp packages.

package for my company and I really appreciate to help in ASSP. regards, - -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http:/

Bug#408982: CVE-2007-0455: libgd2: "gdImageStringFTEx()" Denial of Service

?id=224607 patch attached in email. Note: Please mention the CVE id in the changelog. regards, -- .''`. : :' : Alex de Oliveira Silva | enerv `. `' www.enerv.net `- diff -ur libgd2-2.0.33.orig/gdft.c libgd2-2.0.33/gdft.c --- libgd2-2.0.33.orig/gdft.c

Bug#255484: Bug#369903: Debian assp packages.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 José Parrella escreveu: > Alex de Oliveira Silva escribió: >> How are going the Debian assp packages? What it is missing? Do >> you need some help? What do you think about me and you work >> together in assp? > > Alex: Thank

Bug#409256: SA24016: wireshark: Multiple Denial of Service Vulnerabilities

capture file. The vulnerabilities are reported in various versions prior to 0.99.5. Solution: Update to version 0.99.5. Reference: http://secunia.com/advisories/24016/ regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To U

Bug#409257: CVE-2007-0640: zabbix: buffer overflow.

ted to "SNMP IP addresses." Reference: http://www.zabbix.com/rn1.1.5.php http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0640 Note: Please mention the CVE id in the changelog. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net

Bug#409703: CVE-2007-0667: sql-ledger: Arbitrary Code Execution

mention the CVE id in the changelog. Thanks in advanced. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#409709: CVE-2007-0650 tetex-bin: Buffer overflows in teTeX's makeindex

://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=225491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0650 Note: Please mention the CVE id in the changelog. Thanks in advanced. regards, -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `-

Bug#409709: CVE-2007-0650 tetex-bin: Buffer overflows in teTeX's makeindex

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 close 409709 thanks Only affected if compiled w/o kpathsea support. Thanks Moritz Muehlenhoff. regards, - -- .''`. : :' :Alex de Oliveira Silva | enerv `. `' www.enerv.net `- -BEGIN PGP SIGNATURE- V

Bug#394116: trivial patch to sendfile in src/pussy and fix bug #394116

tags 394116 + patch thanks This trivial patch solve the problem in src/pussy bad interpreter. Patch attached. --- sendfile-2.1b.orig/src/pussy +++ sendfile-2.1b/src/pussy @@ -1,4 +1,4 @@ -#!/client/bin/perl -w +#!/usr/bin/perl -w # PUSSY - Perl User SAFT Server Yin

Bug#364129: ITA: mambo -- web content management system

I have interest in maintaining package mambo. My sponsor Daniel Ruoso <[EMAIL PROTECTED]> will upload the package as soon as everything is ok. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]