Package: leap-archive-keyring
Version: 2016.03.08
Severity: normal
This package installs a keyring in /etc/apt/trusted.gpg.d which is
great as it allows people to easily install LEAP applications by
leveraging the trust path already in Debian.
It does, however, mean that LEAP could, in theory,
After reviewing this patch for inspiration in implementing a --lts
option (#762715), I believe I have found it to be slightly incomplete.
Those two chunks, in particular, probably do not yield the warning you
would have expected:
@@ -430,7 +433,7 @@ if (defined $opt_level) {
if (defined
Package: wnpp
Severity: wishlist
* Package name: sigal
Version : 1.3.0
Upstream Author : Simon Conseil
* URL : http://sigal.saimon.org/
* License : Expat
Programming Lang: Python
Description : Simple Static Gallery Generator
Sigal
Control: tags -1 +pending
Control: forwarded -1 https://github.com/dashea/requests-file/issues/10
Uploaded this to NEW and notified the upstream of possible
collaboration.
signature.asc
Description: PGP signature
Package: wnpp
Severity: wishlist
Owner: Antoine Beaupre <anar...@debian.org>
* Package name: python-requests-file
Version : 2017-04-28
Upstream Author : David Shea
* URL : https://pypi.python.org/pypi/requests-file
* License : Apache 2.0
Programmin
Package: xul-ext-itsalltext
Version: 1.9.2-2
Severity: normal
Tags: upstream
Once Firefox 57 hits the archive, this extension will completely stop
working, as it relies on the older XUL API. It also cannot be ported
to the new web-ext API cleanly, as it is a fundamental shift in the
way it works:
On Thu, Nov 24, 2016 at 01:50:37PM +0100, martin f krafft wrote:
> Package: rxvt-unicode
> Version: 9.22-1+b1
> Severity: wishlist
>
> Please include this extension in the package:
>
> https://github.com/majutsushi/urxvt-font-size
> Dear Maintainer,
>
> As you may have known archlinux wiki
Package: nm.debian.org
Severity: wishlist
Hi!
Following recent changes in the nm.debian.org site, there seems to
have been somewhat of a surge in the number of new "emeritus"
developers, presumably because the site makes it easier for people to
confirm their inactive status. Similarly, the
On Wed, May 17, 2017 at 10:47:00AM -0400, Nicholas D Steeves wrote:
> Control: tag -1 +moreinfo
>
> Tagging as moreinfo while investigating a potential trademark
> infringement issue. I will untag when this has been resolved.
Any update here?
Can you clarify the trademark issue and what's
Package: wnpp
Severity: wishlist
Owner: Antoine Beaupre <anar...@debian.org>
* Package name: pat
Version : 0.3.0
Upstream Author : Martin Hebnes Pedersen <martin.h.peder...@gmail.com>
* URL : http://getpat.io/
* License : MIT (Expat)
Programm
Package: python-feedparser
Version: 5.1.3-3
Severity: wishlist
Even though upstream is not very active, there *is* a new release
available (5.2.1) which is not included into Debian:
https://github.com/kurtmckee/feedparser/blob/develop/NEWS#L14
Unfortunately, it seems the newer version from the
Package: wnpp
Severity: wishlist
Owner: Antoine Beaupre <anar...@debian.org>
* Package name: safeeyes
Version : 1.2.2
Upstream Author : slgobin...@gmail.com
* URL : http://slgobinath.github.io/SafeEyes/
* License : GPL-3
Programming Lang: Python
Descr
On Fri, Sep 01, 2017 at 03:29:06PM +0100, Chris Lamb wrote:
> Package: wnpp
> Severity: wishlist
>
> * Package name: selfspy
> * URL : https://github.com/gurgeh/selfspy
> Upstream Author : David Fendrich (@gurgeh)
> * License : GPLv3
>
> Selfspy continuously monitors
Control: forwarded -1 https://github.com/feed2imap/feed2imap/pull/22
Control: tags -1 +patch
On Sun, May 15, 2016 at 04:20:28PM +0800, Paul Wise wrote:
> Package: feed2imap
> Version: 1.2.5-1
> Severity: wishlist
> File: /usr/bin/feed2imap-opmlexport
>
> rss2email has an option to export OPML
Control: forward -1 https://github.com/feed2imap/feed2imap/issues/12
Control: tags -1 +patch
On Wed, Jun 29, 2016 at 04:44:27PM +0200, Matteo Calorio wrote:
> Hello, any news about that? Thanks, Matteo
This is not on load, but there's an upstream bug for the write part:
On Tue, Dec 18, 2007 at 12:24:08AM -0800, Josh Triplett wrote:
> Package: feed2imap
> Version: 0.9.2-1
> Severity: wishlist
>
> I want to subscribe to various feeds, with all items going to the same
> IMAP server. Please allow setting the IMAP server once, not per-feed.
Not sure this is a very
On Mon, Aug 28, 2017 at 02:53:12PM +0200, Guido Günther wrote:
> While a patch for this was upstream in 4.042 (around
> b6be72f321e920419bdc5c86998d9b9cb26c6791) upstream reverted _all_
> changes of back to 4.041.
That's right, like #866818...
I've backported the patch to wheezy, but this is
On Mon, Aug 28, 2017 at 02:56:36PM +0200, Guido Günther wrote:
> I've pinged upstream again why the patch is still pending:
>
> https://github.com/perl5-dbi/DBD-mysql/issues/120#issuecomment-325342844
After reviewing the original advisory and the suggested patch, I have
opened that PR in:
Source: sparse
Version: 0.5.0-4
Severity: important
Since I uploaded the new version of horst (5.0, from 4.2), sparse now
fails to parse its source code on some architecture. The buildds
report problems with s390x and ppc64el:
On Wed, Aug 09, 2017 at 11:01:57PM +0200, Petter Reinholdtsen wrote:
>
> A few minutes ago I concluded that the packaging cleanup might be good
> enough for the ftpmasters to accept it, and uploaded it for NEW
> processing.
>
> These are the lintian issues I am unsure how to handle:
>
> W:
In case the FTP masters are reviewing this looking for more information,
know that I have helped with the packaging and also reviewed the
licensing information upstream. There are some details of that work in
the upstream issue here:
https://github.com/hoytech/vmtouch/issues/47
I think this is
Package: git-annex
X-Debbugs-CC: t...@security.debian.org
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: security
Hi,
the following vulnerability was published for git-annex.
CVE-2017-12976[0]:
| git-annex before 6.20170818 allows remote attackers to execute
| arbitrary
Source: txtorcon
Version: 0.18.0
Severity: normal
Hi!
I would like to get help to see the latest version of txtorcon
(0.19.3) arrive in the archive. It is necessary to make tor support
work properly in magic-wormhole, and I suspect in other applications.
For example, wormhole requires the
I have made another delayed NMU for the 5.4.68 release, because the
latest slop upload breaks it as well...
A.
diff -Nru maim-5.4.64/CMakeLists.txt maim-5.4.68/CMakeLists.txt
--- maim-5.4.64/CMakeLists.txt 2017-07-20 10:05:29.0 -0400
+++ maim-5.4.68/CMakeLists.txt 2017-08-15
Package: ftp.debian.org
Severity: normal
gnome-web-photo is a tool to "create snapshot images and print web
pages from the command line". Two years ago, I migrated this from
Ubuntu into Debian and made myself maintainer, mostly to scratch my
own itch: I was using the Shutter screenshot tool and
Package: gitsome
Version: 0.7.0-1
Severity: wishlist
gitsome is designed to work even without the xonsh shell. there's a
bash completion file in scripts/gh_complete.sh which can be installed
in /usr/share/bash-completion/completions/.
this would give regular shell users the POWAR of gitsome
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I am working on a new release of Monkeysign, which I'd like to upload
in Debian. If it would be just me, I would tag the current HEAD with
2.2.4, considering the changes are
Package: squid-deb-proxy-client
Version: 0.8.9
Severity: normal
Tags: patch
Hi!
I must admit: I have a broken setup. So maybe this could be argued as
"garbage in, garbage out". But hear me out before you discard this
one. :)
In my home network, I did some tests to setup apt-cacher-ng on my
Package: sbuild
Version: 0.73.0-4
Severity: wishlist
Tags: patch
It would be nice if sbuild automatically updated the configured
schroots. As things stand now, a configured schroot will slowly rot
down to a point where new builds will have to download a bunch of base
packages at each run, if
Hi!
Thanks for your bug report!
It looks like newer versions of slop are not backwards compatible with
maim. Boo. :)
I prepared a NMU to fix this, available here:
https://people.debian.org/~anarcat/debian/sid/
Let me know if it works for you then I'll upload the fix to the main
archive!
A.
Control: tags -1 +patch
On Wed, Mar 30, 2016 at 04:39:28PM +, Patrick O'Doherty wrote:
> Thanks for the feedback folks. I'm planning to address this as follows:
>
> * package slop - this is in progress at the moment
> * cut a new release of maim with both an updated description and also a
>
Package: unattended-upgrades
Version: 0.93.1+nmu1
Severity: normal
Tags: patch
Hi,
In the past week, my filesystem finally filled up due to 6GB of
archives in /var/cache/apt/archives. I identified unattended-upgrades
as the cause of this problem, as it didn't purge old packages (hello
texlive!)
For what it's worth, I can reproduce this in stretch by rebuilding with
ASAN (-lasan -fsanitize=address -fno-omit-frame-pointer).
I can also reproduce this in wheezy by running it in valgrind:
$ valgrind /usr/sbin/tcpdump -ntr poc
==26648== Memcheck, a memory error detector
==26648== Copyright
Hi,
(Sorry for the large CC list, but I am hoping to get a broad approval of
the next changes for this in order to avoid previous mistakes. ;) In
particular, I'd be very grateful for some input by Stefan considering
his knowledge of the Apache codebase and how ... exotic this problems
is.)
As I
Hi!
First, thank you very much for the detailed bug report, very useful!
Responses inline.
On Tue, Mar 21, 2017 at 11:56:40AM -0500, Brian Kroth wrote:
> Package: apache2.2-common
> Version: 2.2.22-13+deb7u8
> Severity: normal
> Tags: security
>
> Dear Maintainer,
>
> We have some websites
On Tue, Jul 18, 2017 at 01:53:09PM -0400, Noah Meyerhans wrote:
> Control: tags -1 + pending patch
>
> On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote:
> >
> > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
> >
>
> I believe that the attached
Package: tracker.debian.org
Followup-For: Bug #812609
Same issue here. I always end up going to the packages.debian.org site
to find the .dsc link...
-- System Information:
Debian Release: 9.0
APT prefers stable
APT policy: (500, 'stable'), (1, 'experimental'), (1, 'unstable')
Architecture:
Package: cups
Version: 2.2.1-8
Severity: normal
Hi!
When trying to share my printers with my roommates through the CUPS
web interface, I quickly found the "Share printers connected to this
system" button and clicked it. And lo and behold, other Linux (and
probably Mac, haven't tried) computers
Package: poppler
X-Debbugs-CC: t...@security.debian.org
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: security patch upstream
Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=100774
Hi,
the following vulnerability was published for poppler.
CVE-2017-9865[0]:
| The
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
The ca-certificates package in jessie is still vulnerable to #858539,
that is it still ships the WoSign and StartCom certificates which have
been marked as blacklisted after october
On Fri, May 19, 2017 at 10:46:35AM -0500, Michael Shuler wrote:
> On 05/19/2017 10:07 AM, Chris Lamb wrote:
> > I've uploaded ca-certificates 20161130+nmu1 to DELAYED/5:
> >
> > ca-certificates (20161130+nmu1) unstable; urgency=medium
> >
> > * Non-maintainer upload.
> > * Add
On Mon, Jun 05, 2017 at 06:32:11AM +0200, Salvatore Bonaccorso wrote:
> Hi!
>
> On Sun, Jun 04, 2017 at 08:35:05PM +0200, Salvatore Bonaccorso wrote:
> > Hi Bdale
> >
> > Since time is pressing a bit for the release of stretch, any problem
> > in if I would prepare a NMU for both stretch
Package: pulseaudio
Version: 10.0-1
Followup-For: Bug #845938
This is still an issue in Debian stretch: the gdm3 package runs
pulseaudio, which takes over the bluetooth device and makes it
impossible for regular users to connect to their bluetooth device
using the hifi A2DP sink. See #805414 for
On Sat, Jun 24, 2017 at 02:10:26AM +0200, Aurelien Jacobs wrote:
> Package: gdm3
> Version: 3.22.3-3
> Followup-For: Bug #805414
>
> The workaround from https://wiki.debian.org/BluetoothUser/a2dp used to
> work, but starting with gdm3 3.22.3-2, it is not enough anymore.
> I found out that I now
Package: apparmor-profiles-extra
Version: 1.11
Severity: normal
The apparmor profile for irssi is way too restrictive. A first
failure, in my use case, is restricting logs to be in ~/irclogs. While
this *is* the upstream default, it seems rather unusual to enforce
this in apparmor. A more common
Package: apparmor
Version: 2.11.0-3
Severity: grave
Right now, in debian stretch, any apparmor command will yield:
$ sudo aa-disable usr.bin.irssi
ERROR: Include file /etc/apparmor.d/program-chunks/postfix-common not found
... if apparmor-profiles is installed.
This, obviously, is an error in
Package: cryptsetup
Version: 2:1.7.3-4
Severity: wishlist
I have multiple crypto partitions I need to unlock when the machine
starts up. I use the dropbear-initramfs hack to unlock those
remotely. Unfortunately, the current implementation in
"cryptroot-unlock" doesn't seem to handle multiple
Control: tags -1 +unreproducible
Control: fixed -1 1.13.1~ds1-2
I cannot reproduce this here. Can you provide a step-by-step procedure
to reproduce this on a clean system?
A.
signature.asc
Description: PGP signature
Control: fixed -1 1.0.0~rc2+git20170201.1
On Fri, Feb 24, 2017 at 10:39:00PM +0100, Vincent Bernat wrote:
> ❦ 24 février 2017 12:34 -0800, Norbert Kiesel :
>
> > What else can I do to get docker working again?
>
> You can install the one from experimental. It works fine
Control: fixed -1 1.13.1~ds1-2
On Fri, Mar 03, 2017 at 11:11:36AM +0200, Dov Feldstern wrote:
> Current versions of docker.io and runc conflict; docker.io depends on runc,
> but:
>
> runc : Breaks: docker.io (< 1.12) but 1.11.2~ds1-6 is to be installed
I believe this is now fixed: I
Control: tags -1 +moreinfo
On Mon, Jun 26, 2017 at 11:16:56AM +0200, Roland Kammerer wrote:
> Package: docker.io
> Version: 1.13.1~ds1-2
> Severity: critical
> Tags: upstream
> Justification: breaks unrelated software
>
> Dear Maintainer,
>
> * What led up to the situation?
> Any docker command
Control: notfound -1 1.13.1~ds1-2
Control: tags -1 unreproducible
On Fri, Jun 09, 2017 at 04:28:41PM -0300, Antonio Terceiro wrote:
> On Wed, 07 Jun 2017 14:19:16 -0400 Robbie Harwood
> wrote:
> > Package: docker.io
> > Version: 1.13.1~ds1-2
> > Severity: grave
> >
Control: fixed -1 1.13.1~ds1-2
On Mon, Jan 30, 2017 at 09:31:38PM +0100, Dominik George wrote:
> One of the maintainer scripts asks the user whether it is ok to “nuke”
> docker containers using a message followed by a sleep.
Where? I don't see such a sleep here:
root@marcos:~# dpkg -l docker.io
Control: fixed -1 1.13.1~ds1-2
Just tested the sid package in stretch and it installs fine so I guess
this is solved now.
A.
signature.asc
Description: PGP signature
On Thu, Mar 02, 2017 at 08:00:33PM +0100, Emmanuel Engelhart wrote:
> Debian developer Vasudev/Copyninja
> (uid=vasudev,ou=users,dc=debian,dc=org) has already volunteered to
> work on this RFP. One time implemented this package should IMO be
> maintained within the DebianEdu team.
Any progress
On Sat, Sep 19, 2015 at 02:31:48PM +0200, Emmanuel Engelhart wrote:
> On 02.09.2015 11:23, Elena ``of Valhalla'' wrote:
> > X-Debbugs-Cc: debian-edu-pkg-t...@lists.alioth.debian.org,
> > 1o5g4...@gmail.com
> >
> > What about packaging just kiwix-serve?
> > It shouldn't depend on xulrunner, and
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
A security issue came up in kedpm as shipped in stable (CVE-2017-8296,
#860817). It was marked "no-dsa" by the security team, to be fixed in
the next point release.
This is
Package: release-notes
Severity: wishlist
I filed a removal request for kedpm (#861277) and that should be
mentioned in the release notes, along with the fpm2 removal:
https://www.debian.org/releases/stretch/amd64/release-notes/ch-information.en.html#noteworthy-obsolete-packages
A possible
Package: ftp.debian.org
Severity: normal
I am one of the last maintainers of the kedpm package, and I am not
using it anymore. Recently, a security issue was found in the package
(#860817), and I feel there may be more - I haven't deeply audited the
source code myself. Or if I did, it was a long
affects 85225 xbmc
package xbmc
found 85225 2:11.0~git20120510.82388d5-1
thanks
I can confirm this affects both jessie-backports and wheezy. I've been
able to access random files on my Kodi install using:
Package: gocode
Version: 20150303-3+b1
Severity: wishlist
Please ship a elpa-company-go binary package.
This would be equivalent to the following MELPA package:
https://melpa.org/#/company-go
It depends on the upstream "go-mode" which was downstreamed recently
here:
Package: wnpp
Severity: wishlist
* Package name: elpa-go-mode
Version : 1.5.0
Upstream Author : Dominik Honnef
* URL : https://github.com/dominikh/go-mode.el
* License : BSD-3-clause
Programming Lang: Elisp
Description : Emacs mode
Package: wnpp
Severity: wishlist
* Package name: elpa-elpy
Version : 1.14.1
Upstream Author : Jorgen Schäfer
* URL : https://github.com/jorgenschaefer/elpy
* License : GPL-3+
Programming Lang: Elisp
Description : Emacs Python Development Environment
Package: wnpp
Severity: wishlist
* Package name: elpa-markdown-toc
Version : 0.1.2
Upstream Author : Antoine R. Dumont
* URL : https://github.com/ardumont/markdown-toc/
* License : GPL-3+
Programming Lang: Elisp
Description : Generate a TOC in markdown
Package: wnpp
Severity: wishlist
* Package name: elpa-multiple-cursors
Version : 1.4.0
Upstream Author : Magnar Sveen
* URL : https://github.com/magnars/multiple-cursors.el
* License : GPL-3+
Programming Lang: Elisp
Description : Multiple cursors for
Package: wnpp
Severity: wishlist
* Package name: elpa-writegood-mode
Version : 2.0.2
Upstream Author : Benjamin Beckwith
* URL : http://bnbeckwith.com/code/writegood-mode.html
* License : GPL-3+
Programming Lang: Elisp
Description : Minor mode for Emacs
Package: wnpp
Severity: wishlist
* Package name: elpa-writeroom-mode
Version : 3.6.1
Upstream Author : Joost Kremers
* URL : https://github.com/joostkremers/writeroom-mode
* License : 3-clause BSD?
Programming Lang: Elisp
Package: emacs25
Version: 25.1+1-3+b1
Severity: normal
I'm getting this when running emacs -q after adding adding the
Marmalade repo (https://marmalade-repo.org/packages/):
https://paste.anarc.at/snaps/snap-2017.04.24-12.53.11.png
This is after running package-list-packages with the Marmalade
Package: debian-goodies
Version: 0.69
Severity: wishlist
Tags: patch
Hi!
We have been working hard on restoring the manpages.debian.org service
in the last months. It's now reliable and complete, yet you need a web
browser to use it.
The neat thing is: manpages.debian.org also ships actual
On Thu, Mar 23, 2017 at 09:43:00AM -0500, Don Armstrong wrote:
> On Thu, 23 Mar 2017, Michael Stapelberg wrote:
> > Sorry for the late reply.
> >
> > The description looks good to me.
>
> Cool.
>
> > I don’t have a set of bugs to re-assign. I’m not sure whether the BTS was
> > ever used for
On Thu, Mar 23, 2017 at 02:55:51PM +, Ian Jackson wrote:
> Michael Stapelberg writes ("Re: Bug#851885: Please add pseudopackage
> `manpages.debian.org'"):
> > Oh, I m not planning to create any bugs. I m working with GitHub. iwj@
> > wanted
> > this pseudo-package to be created, and I agreed
Package: redshift-gtk
Version: 1.9.1-4
Severity: normal
I have recommended this tool to a friend that has this problem of
using the computer too late at night (bad boy, go to sleep! ;).
When we did the first setup, my friend naturally clicked on the
Redshift icon in the application menus, and
Package: redshift-gtk
Version: 1.11-1
Severity: wishlist
If the systemd service is enabled (and works, see #827098) then a user
wanting GUI visbility on whatever redshift is doing might naturally
start the graphical application he/she sees in the menus.
In this case, both applications get into a
On Sun, Nov 27, 2016 at 12:36:05PM -0500, Antoine Beaupré wrote:
> On 2016-11-27 11:16:11, Holger Levsen wrote:
> > On Sun, Nov 27, 2016 at 10:39:16AM -0500, Antoine Beaupré wrote:
> >> > … you've been attacked.
> >> I beg to disagree. I doubt that M. Kshevetskiy has been, in this case,
> >>
Package: wnpp
Severity: wishlist
Owner: Antoine Beaupre <anar...@debian.org>
* Package name: grammalecte
Version : 0.5.15
Upstream Author : Olivier R. (olivier /at/ grammalecte /dot/ net)
* URL : https://www.dicollecte.org/grammalecte/
* License :
Control: tag -1 +patch
On Mon, Apr 17, 2017 at 09:19:07AM -0400, Antoine Beaupre wrote:
> On Sun, Jun 07, 2015 at 08:32:54AM +0200, Samuel Thibault wrote:
> > Michael Biebl, le Sun 07 Jun 2015 01:41:59 +0200, a écrit :
> > > /etc/inittab is a sysvinit specific config file, w
On Sat, Apr 06, 2013 at 09:29:25AM +0200, Joost van Baal-Ilić wrote:
> Hi,
>
> I agree with Andreas Beckmann it would be useful if a remark could be
> added to the release notes. I can apply a patch soon. Below snippets
> from previous discussion summarize the relevant parts I believe.
>
Control: tags -1 +moreinfo
On Sat, May 04, 2013 at 02:24:01PM -0700, Jonathan Nieder wrote:
> Guillem Jover wrote:
>
> > Ah, much better indeed, thanks Jonathan.
>
> Thanks for the quick review. Here's the same change in patch form,
> with two tweaks:
>
> - s/machine
On Sun, Jun 07, 2015 at 08:32:54AM +0200, Samuel Thibault wrote:
> Michael Biebl, le Sun 07 Jun 2015 01:41:59 +0200, a écrit :
> > /etc/inittab is a sysvinit specific config file, which systemd won't
> > read. This is not going to change.
> >
> > If you have custom changes to /etc/inittab, those
Package: guacamole-client
X-Debbugs-CC: t...@security.debian.org
secure-testing-t...@lists.alioth.debian.org
Severity: normal
Tags: security
Version: 0.9.9+dfsg-1
Hi,
the following vulnerability was published for guacamole.
CVE-2016-1566[0]:
| Cross-site scripting (XSS) vulnerability in the
Package: python-pysaml2
X-Debbugs-CC: t...@security.debian.org
secure-testing-t...@lists.alioth.debian.org
Severity: normal
Tags: security
Hi,
the following vulnerability was published for python-pysaml2.
CVE-2016-10127[0]:
| PySAML2 allows remote attackers to conduct XML external entity (XXE)
Package: www.debian.org
Severity: normal
According to carnil in a discussion on the debian-lts@ mailing list,
DLAs and DSAs are manually imported in the website:
https://lists.debian.org/debian-lts/2017/03/msg00200.html
The process looks something like:
cd webwml/english/security
Package: www.debian.org
Severity: normal
Hi!
First, thanks for doing the work of importing DLAs and DSAs in the
website, it is greatly appreciated.
However, during a discussion on the debian-lts@ mailing list, we have
noticed that DLAs since squeeze LTS support was terminated have not
been
Control: found -1 2.7.103-4
Control: notfound -1 2.9.0-3
Here's some more information about that security issue that I could
gleam from testing and other sources.
To reproduce this in wheezy, you first need to install apparmor:
apt-get install apparmor apparmor-profiles
sed -i -e
On Mon, Mar 27, 2017 at 10:39:17AM -0400, Antoine Beaupre wrote:
> On Thu, Mar 23, 2017 at 09:25:42AM -0500, Michael Shuler wrote:
> > Thanks for the report, Chris.
>
> Any timeline for this deployment? Do you need help with patching this
> in?
Actually, I'm not sure I under
On Tue, Jan 03, 2017 at 01:16:45PM -0600, Michael Shuler wrote:
> On 01/01/2017 12:40 PM, Thomas Lange wrote:
> > There's still no fix. Do you need help for a fix?
>
> If you have a patch idea, that would be great! Apologies for the delay
> in getting something together to reproduce and test a
On Thu, Mar 23, 2017 at 09:25:42AM -0500, Michael Shuler wrote:
> Thanks for the report, Chris.
Any timeline for this deployment? Do you need help with patching this
in?
A.
signature.asc
Description: PGP signature
Package: docker.io
Version: 1.11.2~ds1-6
Severity: grave
I tried to install docker.io in Debian stretch (I know, it's banned,
but I figured I'd try my luck) and it completely hangs apt-get
install:
$ LANG=C sudo dpkg --configure -a
Setting up docker.io (1.11.2~ds1-6) ...
addgroup: The group
Hi all,
As those monitoring this bug report may have noticed, I have closed the
WNPP bug for the packaging of the "Breakin" tool into Debian.
In its place, I have uploaded the "Stressant" package which is a "simple
stress testing and burn-in tool". To quote the package description
further:
Package: stress-ng
Version: 0.07.24-1
Severity: normal
I am using stress-ng to build a larger automated stress-testing
tool. Therefore, I don't need the "info" prefixes in the generated
logfile, so I tried using --log-brief to remove those.
By defualt, the logfile works fine:
$ stress-ng
Note that fedorahosted.org closed down on march 1st.
The tool is now called "MediaWriter", but is still quite
Fedora-specific:
https://github.com/MartinBriza/MediaWriter/
See also their usage instructions here:
https://fedoraproject.org/wiki/How_to_create_and_use_Live_USB
A.
--
Never
On Sun, Feb 08, 2015 at 06:01:14PM +, Damyan Ivanov wrote:
> -=| Joey Hess, 27.01.2015 18:00:11 -0400 |=-
> > Source: kgb-bot
> > Version: 1.33-2
> > Severity: important
> > Tags: security
> >
> > 2015.01.19 18:08:39: Listening on http://0.0.0.0:?session=KGB
> > 2015.01.19 18:08:43:
On Sun, Feb 21, 2016 at 01:47:45PM +1100, Lars Ingebrigtsen wrote:
> Kurt Roeckx writes:
>
> > From what I understand, it is (or was) possible to configure
> > things in such a way that it uses s_client to set up SSL, even
> > when it's configured to use gnutls. You should never
tags -1 -unreproducible
I can reproduce issues with certification verification in Emacs 24.5+1-8
in Debian Stretch. As documented here:
https://glyph.twistedmatrix.com/2015/11/editor-malware.html
The following script will yield an error:
(let ((bad-hosts
(cl-loop for bad
in
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package atheme-services
There is a security issue that was fixed in the upstream 7.2.8 package
(#855588), which introduced a new security issue, which was fixed in
the 7.2.9
Package: atheme-services
Version: 7.2.7
Severity: grave
Tags: security
Upstream changelog says:
This is a security release closing a memory leak that could be
exploited by attackers to potentially cause a denial of
service. Release 7.2.7 is affected; older releases are
Package: pcscd
Version: 1.8.20-1
Severity: grave
Since I upgraded from 1.8.19-1 to 1.8.20-1 (or maybe it is because of
scdaemon 2.1.18, unclear), I cannot reliably use pcscd for multiple
days.
After a while, the pcscd daemon just disappears, and then scdaemon
cannot talk to it anymore:
fév 09
Package: debian-installer
Severity: wishlist
After reflecting for a few days about password generation and writing
an [article][1] about it, I was told the debian-installer may be a good
place to encourage people to set strong passwords. In the d-i, we set
one or three critically important
Package: scdaemon
Version: 2.1.18-3
Severity: grave
In Bug#854005, I have described a distinct issue I have experience
with my Yubikey since the upgrade of the GnuPG suite from 2.1.17 to
2.1.18, and in the case of pcscd, from 1.8.19-1 to 1.8.20-1.
I am not sure what exactly is going on here.
On Fri, Feb 03, 2017 at 09:40:35AM +0900, NIIBE Yutaka wrote:
> Hello,
>
> Thanks to dkg to explicitly CC me.
>
> On Thu 2017-02-02 17:54:26 -0500, Wouter Verhelst wrote:
> > Since a recent upgrade, gnupg-agent no longer finds the authentication
> > (SSH) key on my OpenPGP smartcard:
> >
> >
401 - 500 of 545 matches
Mail list logo