Bug#857026: wordpress: 4.7.3 security release

Source: wordpress Version: 4.7.2 Severity: grave Tags: upstream security Justification: user security hole There are six security issues with wordpress 4.7.2 that wordpress 4.7.3 fixes. * Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon

Bug#856319: fontconfig: ambiguous font selection for normal and regular

Package:fontconfig (and/or possibly libfontconfig1) Version:2.11.0-6.3+deb8u1 When a type1 font supplies a Book weight (weight=75), NO Regular weight, NO Normal weight, and a Medium weight (weight=100) - fontconfig should select the Book weight (closest value) when Regular (weight=80)

Bug#854899: procps: /bin/ps needs /usr/lib/x86_64-linux-gnu/liblz4.so.1 so separate /usr fails

reassign 854899 libsystemd0 forcemerge 845480 854899 thankyou Hi Paul, This is a duplicate of #845480 which is against libsystemd0 and is tagged wontfix. It's not a direct link but via libsystemd0. - Craig -- Craig Small (@smallsees) https://dropbear.xyz/ csmall at : enc.com.au Debian GNU

Bug#854468: lprng: diff for NMU version 3.8.B-2.1

. If you want to do the same upload > yourself, feel free. > I'm the same. Yes reschedule it to /0. I think some people are depending on it. - Craig > > > - Craig > > Sebastian > -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian

Bug#852758: procps: pkill returns success on failure due to operation not permitted

nd can kill one and not the other. The other programs use 1 so we have used this for pkill too. The upstream commit is at https://gitlab.com/procps-ng/procps/commit/625d0809daa5b666d9f5834bebcdc458799221f3 - Craig -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au D

Bug#852858: ssl-cert-check: Enable checks for xmpp servers

a matter of calling resolve_service_host. - Craig -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.8.0-2-amd64 (SMP w/6 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE

Bug#851310: wordpress: Eight security issues in wordpress 4.7

Source: wordpress Version: 4.7+dfsg-2 Severity: grave Tags: upstream security Justification: user security hole There are a bunch of security holes in wordpress 4.7. Eight! security issues! The best summary of them is at [1] which lists them as: WordPress 4.3-4.7 - Potential Remote Command

Bug#850583: csvkit is missing documentation

, html pages, pdf, epub, and several other formats. This conversion should be done during the package build, in the debian/rules makefile, with the output placed in the correct location. This would require a build-depends on the tool used (pandoc, docutils, etc). craig -- craig sanders &l

Bug#824252: -t and -d don't work as expected

just missing from the debian packages. rst files can easily be converted to manpages, html, epub, pdf, and other formats with, e.g., pandoc or python-docutils. craig -- craig sanders <c...@taz.net.au>

Bug#849365: libphp-phpmailer: CVE-2016-10033 (wordpress not vulnerable)

ailer bug but I thought it should be noted somewhere wordpress, for once, isn't vulnerable. - Craig 1: https://core.trac.wordpress.org/ticket/37210 -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : de

Bug#847597: wordpress enforces installation of MariaDB

ql-client | virtual-mysql-client" That second package should mean you're safe to upgrade wordpress AND keep mysql. - Craig -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:

Bug#846079: procps: Can't upgrade with aptitude

Tags 846079 moreinfo Tags 846079 unreproducible Severity 846079 normal Thankyou Hi, there should be more output saying what else is going wrong. it looks like two other people have done the same thing (thanks both of you) with no problems . Generally this sort of problem boils down to two

Bug#846032: yaboot: Power Mac G5 ofboot.b not configured correctly for second disk

Package: yaboot Version: 1.3.16-4 Severity: important Dear Maintainer, Fresh installation of 8.6.0 on a Power Mac G5 (2005) onto the second SATA disk. The installation proceeded without errors, but it was not possible to boot into Linux afterwards. Booting the DVD in rescue mode showed the

Bug#845480: /bin/ps depends on /usr/lib/... which makes the system unbootable

wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hello Craig, > > Am So den 27. Nov 2016 um 11:12 schrieb Craig Small: > > There is a reason for linking to libsystemd and it is to do with > accessing > > the systemd type parameters that can be applied

Bug#845480: /bin/ps depends on /usr/lib/... which makes the system unbootable

not sure if booting with /usr unmounted is still a valid way of booting or not or if there is a work-around, but it basically comes down to how the systemd libraries operate. - Craig -- Craig Small (@smallsees) https://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux https

Bug#845480: /bin/ps depends on /usr/lib/... which makes the system unbootable

There is a reason for linking to libsystemd and it is to do with accessing the systemd type parameters that can be applied to a process. - Craig On Sun, Nov 27, 2016 at 8:28 PM Klaus Ethgen <kl...@ethgen.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > H

Bug#845480: /bin/ps depends on /usr/lib/... which makes the system unbootable

tps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843809 I am not sure at this point where to go, but it is either intentional or a bug, but its not ps' bug. - Craig On Thu, Nov 24, 2016 at 7:42 AM Klaus Ethgen <kl...@ethgen.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA

Bug#842879: use uptime, not btime, else wrong start times on some systems

On Sun, 6 Nov 2016, 10:18 AM 積丹尼 Dan Jacobson <jida...@jidanni.org> wrote: > Craig, it turns out ps is using the wrong file in the first place! > If it used /proc/uptime it would surely never have this problem on any > system Thats a big call to say it won't have a proble

Bug#842879: [jidanni 126520274] ps dates wrong

y procps' fault, but just a quirk of how /proc works in this situation. - Craig

Bug#842879: no alternate way to find how long they have been running?

stat the processes' stat file perhaps? Using a find? $ ps -o lstart 2730 STARTED Mon Oct 31 16:03:54 2016 $ stat /proc/2730/stat File: '/proc/2730/stat' Size: 0 Blocks: 0 IO Block: 1024 regular empty file Device: 4h/4d Inode: 15018747Links: 1 Access:

Bug#842879: get start date from local VPS, not underlying actual computer

l happily show the wrong thing. This doesn't sound like a real VPS but a container. Sometimes LXC or docker shells show this sort of odd behaviour. Do you know what virtualisation they are using there? - Craig

Bug#840680: [pkg-gnupg-maint] Bug#840680: dirmngr: Dirmngr not always responding

. However if I hit enter on the connect manager it exits but dirmngr keeps running. gpg --send-key then is like before where it hangs. This happened in both 2.1.15-4 and 2.1.15-5 However! I downloaded 2.1.15-6 and it sends the key fine, so it looks like that was the fix for me. - Craig

Bug#842011: [debian-mysql] Bug#842011: Bug#842011: Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

d luck getting help. it's not I that needs help. craig -- craig sanders <c...@taz.net.au>

Bug#842011: [debian-mysql] Bug#842011: Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

ariadb transition should be handled at least as well as that. it's not impossible, it's not even "too hard". craig -- craig sanders <c...@taz.net.au>

Bug#842011: [debian-mysql] Bug#842011: Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

pend on the virtual package. if mariadb's client can serve in place of mysql's then of course it makes sense to use whichever one is available. did you have anything actually useful - and preferably not completely obvious - to add, or are you just mouthing off because you can? craig -- craig sanders <c...@taz.net.au>

Bug#842011: [debian-mysql] Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

g on port 3306 (or whatever's defined in my.cnf) #! /bin/bash ( exec 3<>/dev/tcp/localhost/3306 ) >& /dev/null echo $? wrapped in a subshell to avoid spamming stderr if nothing's listening. craig -- craig sanders <c...@taz.net.au>

Bug#842011: [debian-mysql] Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

On Tue, Oct 25, 2016 at 01:09:23PM +0100, Robie Basak wrote: > On Tue, Oct 25, 2016 at 10:00:32PM +1100, Craig Sanders wrote: > > it still seems very surprising to me that a package called > > default-MYSQL-client would force the removal of mysql-client* and > > mysq

Bug#841909: [pkg-gnupg-maint] Bug#841909: /usr/bin/gpg: Configuration error over ssh

the pinentry-gnome3 with the patch. What happens now is I get the ncurses pinentry screen appearing and the file is successfully signed. So yes, for me at least your patch solves my problem. Thanks for the quick answer! - Craig On Tue, Oct 25, 2016 at 4:57 AM Daniel Kahn Gillmor <d...@fifthhorseman.

Bug#842011: [debian-mysql] Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

On Tue, Oct 25, 2016 at 10:54:56AM +0100, Robie Basak wrote: > Hi Craig, Hi > On Tue, Oct 25, 2016 at 08:01:26PM +1100, Craig Sanders wrote: > > it's somewhat surprising that a package called default-mysql-client > > should force the removal of both mysql-client and mysql-s

Bug#842011: default-mysql-client forces removal of mysql-server* and mysql-client*

installed, 5 to remove and 3 not upgraded. Need to get 5,700 kB of archives. After this operation, 69.5 MB disk space will be freed. Do you want to continue? [Y/n] n Abort. craig -- craig sanders <c...@taz.net.au>

Bug#841909: /usr/bin/gpg: Configuration error over ssh

Package: gnupg Version: 2.1.15-4 Severity: normal File: /usr/bin/gpg Since the latest upgrade, I am unable to sign anything using a ssh shell. $ gpg --sign gpg.txt File 'gpg.txt.gpg' exists. Overwrite? (y/N) y gpg: signing failed: Configuration error gpg: signing failed: Configuration error

Bug#841535: tracker.debian.org has inscrutable hieroglyphic links instead of text

guess some might find the icons pretty or something, but could we please have text as well as the icons? thanks, craig ps: i only know they're icons rather than broken images because I inspected the element in firefox, then googled "octicon" and then installed the octicons package. bef

Bug#840680: dirmngr: Dirmngr not always responding

Package: dirmngr Version: 2.1.15-4 Followup-For: Bug #840680 Possibly the same problem but --send-keys hangs most of the time and never times out. At the same time dirmngr-client --ping also hangs. I never seen so many ENOSYS before, this is stracing an existing dirmngr so perhaps its the strace

Bug#840365: 1:45.4.0-1 broke the External Editor plugin

en nothing happens - no gvim as expected. craig -- craig sanders <c...@taz.net.au>

Bug#837049: [Pkg-zfsonlinux-devel] Bug#837049: Bug#837049: Please configure zfs_arc_max in postinst

On Sun, Sep 11, 2016 at 07:12:49AM +0200, Petter Reinholdtsen wrote: > [Craig Sanders] > > good idea. at the least, we should include an example in the > > package. e.g. I made the following file for my systems, which I copy > > to various machines and modify to suit. &g

Bug#837049: [Pkg-zfsonlinux-devel] Bug#837049: Please configure zfs_arc_max in postinst

hat they did. > Maybe it should also be registered as a conffile. definitely. craig -- craig sanders <c...@taz.net.au>

Bug#837090: wordpress CVEs (was: Re: Bug#837090: wordpress: CVE-2016-6896 CVE-2016-6897)

On Sat, Sep 10, 2016 at 6:25 PM Salvatore Bonaccorso <car...@debian.org> wrote: > HI Craig, > > Thanks for looking into it. Some comments, and adding the security > team alias. > > On Fri, Sep 09, 2016 at 09:13:46PM +, Craig Small wrote: > > On Fri, Sep 9, 2016 a

Bug#836262: libnih1 has a dependency conflict with libc6 in sid

master. or anything else that actually resolves the bug rather than ignoress it. it's not a trivial bug either - given that it breaks cgmanager (by forcing it to be uninstalled) AND everything that depends on it (including most containerisation tools), this would be a release critical bug if we were n

Bug#837090: wordpress: CVE-2016-6896 CVE-2016-6897

e package uploader, reported by Dominik Schilling". Fixed in changeset 38524. The first changeset is simple with the other two being trivial. I will start to look at jessie and see if that version is impacted. My initial hunch is it will be. Expect a debdiff shortly! - Craig

Bug#832148: fix SIGPWR warning on kfreebsd

y times you saw that message before you went 'dammit, im going to fix that'. - Craig -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5

Bug#827245: [Pkg-libvirt-maintainers] Bug#827245: Bug#827245: missing backend for pool type 11 (zfs)

and i'm off to get some sleep. craig -- craig sanders <c...@taz.net.au>

Bug#827245: [Pkg-libvirt-maintainers] Bug#827245: missing backend for pool type 11 (zfs)

ebootstrap, docker-doc, rinse, zfs-fuse | zfsutils Description-en: Linux container runtime craig -- craig sanders <c...@taz.net.au>

Bug#827245: [Pkg-libvirt-maintainers] Bug#827245: missing backend for pool type 11 (zfs)

. > I've pushed the changes to enable zfs pool support on kfreebsd. Why not on linux? zfs is available in debian now. craig -- craig sanders <c...@taz.net.au>

Bug#827245: missing backend for pool type 11 (zfs)

: error: debian/rules build gave error exit status 2 The changes required to enable ZFS support seem obvious and straight-forward. maybe i should try building in a jessie or testing VM? craig ps: i've really got to find out why i don't get auto-subscribed to bug reports I submit. I only saw your

Bug#833260: supercat: diff for NMU version 0.5.5-4.1

Package: supercat Version: 0.5.5-4 Severity: normal Tags: patch pending Dear maintainer, I've prepared an NMU for supercat (versioned as 0.5.5-4.1). The diff is attached to this message. Regards. craig -- craig sanders <c...@taz.net.au> diff -Nru supercat-0.5.5/debian/changelog supercat

Bug#833253: supercat: diff for NMU version 0.5.5-4+nmu1

Package: supercat Version: 0.5.5-4 Severity: normal Tags: patch pending Dear maintainer, I've prepared an NMU for supercat (versioned as 0.5.5-4+nmu1). The diff is attached to this message. Regards. craig -- craig sanders <c...@taz.net.au> diff -Nru supercat-0.5.5/debian/changelog su

Bug#833148: ddclient: update CloudFlare API to v4

this into the Debian package, full credit to Harry Xue. I've applied it and it seems to be doing the right thing. I'd send the output from ddclient in foreground but I'm not sure what is key material. - Craig 1: https://github.com/wimpunk/ddclient/pull/42 -- System Information: Debian Release: stretch/sid

Bug#832574: upgrading openssh-server kills ssh session on systemd machines

On Wed, Jul 27, 2016 at 12:14:47PM +0100, Colin Watson wrote: > On Wed, Jul 27, 2016 at 04:03:54PM +1000, Craig Sanders wrote: > > upgrading kills the ssh session on systemd machines. > > Yes, sorry. I have no way to fix this properly because it happens > in "prerm u

Bug#832574: upgrading openssh-server kills ssh session on systemd machines

n to surya closed. ganesh:~# I had to ssh back in and `pkill dpkg apt-get` before I could even run `dpkg --configure --pending`. This happened on my only systemd machine. Did not happen on any of my sysvinit machines. craig -- craig sanders <c...@taz.net.au>

Bug#832079: supercat colour rules for debian packages

of them. Please find attached colour rules for: spcrc-dpkg-l - package listings (e.g. from dpkg -l or dlocate -l) spcrc-package - package details (e.g. from apt-cache show or dlocate -s or grep-dctrl) craig -- craig sanders <c...@taz.net.au> # HTML COLOR NAME COL A N T STRING or R

Bug#831761: can't migrate from system with tsc_scale cpu flag to one without

d. For a more detailed analysis/example of the problem, see: http://unix.stackexchange.com/questions/296636/100-cpu-utilisation-and-hang-after-virsh-migrate craig -- craig sanders <c...@taz.net.au>

Bug#831396: procps: [ps] fails on kfreebsd

m_min_free_fd); So, the fix will be to have some #if around that extra check and just use the old school make available the same as free. - Craig

Bug#831396: procps: [ps] fails on kfreebsd

n(tm) Processor 3000+ GNU/kFreeBSD Could it be they have "improved" the procfs in some way from 9.x to 10.x? Can you strace the ps command? I'm looking for opens under /proc that fail. - Craig

Bug#831348: procps: includes /bin/kill.procps/kill on kfreebsd

Thanks Sven, Ill have to look into this and see if I can fudge it for hurd and kfreebsd. Alternatively they could both use sensible filesystem structures :-P - Craig On Fri, 15 Jul 2016 05:27 Sven Joachim <svenj...@gmx.de> wrote: > Package: procps > Version: 2:3.3.12-2 >

Bug#830734: procps: FTBFS[!linux]: 'HOST_NAME_MAX' undeclared

On Tue, Jul 12, 2016 at 11:43 PM Aaron M. Ucko <u...@debian.org> wrote: > Craig Small <csm...@debian.org> writes: > > > /usr/include/x86_64-linux-gnu/bits/local_lim.h:#define HOST_NAME_MAX 64 > > I just took a closer look and noticed the "-linux-" in th

Bug#830734: procps: FTBFS[!linux]: 'HOST_NAME_MAX' undeclared

-linux-gnu/bits/local_lim.h:#define HOST_NAME_MAX 64 local_lim.h is part of libc6-dev version 2.19-18+deb8u4 It seems very odd it was there and then disappeared. Or... is it there for kfreebsd-amd64 and not there for kfreebsd-i386? - Craig

Bug#827198: wordpress: Update nginx example configuration for php7

Sorry Jeremy, Sure thing just let me know when you do it. - Craig On Tue, 12 Jul 2016 12:21 Jeremy Bicha <jbi...@ubuntu.com> wrote: > Hi, it's been a month with no response. > > How about I just push this minor patch to collab-maint git? > > Thanks, > Jeremy >

Bug#830772: procps: FTBFS on i386: strtod_nol_or_err("123") != 123.000000

Hang on, you can help with something else. Did watch compile? I'm getting mixed errors that HOST_NAME_MAX is not defined. - Craig On Mon, Jul 11, 2016 at 9:02 PM Craig Small <csm...@debian.org> wrote: > No problems Emilio it happens. Already got a fix by skipping the test. >

Bug#830772: procps: FTBFS on i386: strtod_nol_or_err("123") != 123.000000

No problems Emilio it happens. Already got a fix by skipping the test. - Craig On Mon, Jul 11, 2016 at 8:45 PM Emilio Pozuelo Monfort <po...@debian.org> wrote: > Control: forcemerge -1 830733 > > On 11/07/16 12:29, Emilio Pozuelo Monfort wrote: > > Your package fa

Bug#830734: procps: FTBFS[!linux]: 'HOST_NAME_MAX' undeclared

it is there but something is not including local_lim.h? On Mon, Jul 11, 2016 at 8:26 PM Aurelien Jarno <aurel...@aurel32.net> wrote: > On 2016-07-10 18:50, Aaron M. Ucko wrote: > > Craig Small <csm...@debian.org> writes: > > > > > local_lim.h is part of libc6

Bug#830733: procps: FTBFS[i386]: FAIL: strtod_nol_or_err("123") != 123.000000

Can you apply this patch to your setup and see if it checks? You really only need to compile lib/test_strod_nol and run it. - Craig On Mon, Jul 11, 2016 at 8:00 AM Craig Small <csm...@enc.com.au> wrote: > On Mon, Jul 11, 2016 at 7:33 AM Aaron M. Ucko <a...@alum.mit.edu> wro

Bug#830733: procps: FTBFS[i386]: FAIL: strtod_nol_or_err("123") != 123.000000

as the host definition and kfreebsd i386 does not. As I said, kfreebsd has include problems all the time (most of the ifdefs are for it) - Craig -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org

Bug#830734: procps: FTBFS[!linux]: 'HOST_NAME_MAX' undeclared

this a case of broken kFreeBSD includes again? csmall@freebsd1:~$ grep '[[:space:]]HOST_NAME_MAX[[:space:]]' `find /usr/include -type f` /usr/include/x86_64-linux-gnu/bits/local_lim.h:#define HOST_NAME_MAX 64 local_lim.h is part of libc6-dev version 2.19-18+deb8u4 So what version are you using and why did the definition go away? - Craig

Bug#830670: mkbmdeb lacks support for Provides:

check with apt-cache search -n -- -dkms | cut -d' ' -f1 | xargs -n1 apt-cache rdepends | grep -v '^[R ]' seems to indicate that this will be a problem with ALL -dkms packages. craig PS: one current work-around is to use the 'equivs' package to build a dummy package which has, for e

Bug#822479: Issue Resolved

This issue has now been resolved for past month or so, so bug can be marked as resolved/fixed. Thanks.

Bug#830535: partclone.xfs is missing from package

nfigure.ac2016-07-09 14:27:47.477298030 +1000 @@ -24,7 +24,7 @@ ) AM_CONDITIONAL(ENABLE_ALL, test "$enable_all" = yes) if test "$enable_all" = "yes"; then -#enable_xfs="yes" +enable_xfs="yes" enable_extfs="yes" #enable_reiserfs="yes" enable_reiser4="yes" craig -- craig sanders <c...@taz.net.au>

Bug#830313: watch: segfaults with --color

I messed up the manual patch when it wouldn't apply. I put the return before the attrset() That'll do it! - Craig On Sat, Jul 9, 2016 at 3:38 PM Craig Small <csm...@debian.org> wrote: > there seems to be a problem, watch is now not interpreting any ansi > sequences. > im b

Bug#830313: watch: segfaults with --color

016 at 04:59:07AM +0000, Craig Small wrote: > > Hi Josh, > > Thanks for looking into this, I only do some simple use of watch so > don't > > see the problems. I agree, if it doesn't understand something then stop > > messing around and drop out. > > > > Patch

Bug#830313: watch: segfaults with --color

applied upstream. - Craig

Bug#826994: [Pkg-zfsonlinux-devel] Bug#826994: Bug#826994: Missing init-script(s)?

and used in production by > myself on Jessie systems without problem, though. If there is people > willing to give a hand on maintaining LSB support I'm happy to carry > it. I guess that means "patches welcome". craig -- craig sanders <c...@taz.net.au>

Bug#829418: pptpd uses incorrect method to identify systemd

a postinst, it's a read-only operation so isn't affected by the lock. BTW, the space in " installed$" is essential, as "not-installed" is also valid there. Also, the '\n' in the format string isn't strictly necessary, but some tools (not grep) ignore the last line of input if i

Bug#829418: pptpd uses incorrect method to identify systemd

ncountered while processing: pptpd You need to check whether the systemd-sysv package is installed. The easiest way to do that is to check if the directory /usr/share/doc/systemd-sysv/ exists, e.g.: if [ -d /usr/share/doc/systemd-sysv/ ] ; then craig

Bug#692113: watch: Please update manual page to also mention 0,1.

al separator > convention when parsing floating point arguments. Which I have now implemented in upstream. free and watch both will take 12.34 and 12,34 - Craig https://gitlab.com/procps-ng/procps/commit/1310a768483c44fecae1f59f96e68c1cfbde7888 -- Craig Small (@smallsees) http://dropbear.

Bug#770215: 'ps' needlessly stats files all over the VFS

om Debian. https://gitlab.com/procps-ng/procps/commit/365cb37029d0b81cb14d4d8a17adffc47fdf4548 - Craig -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825

Bug#827171: works on vserver but not lxc

wants to change to, how does it calculate the alternative uptime? Daniel had a suggested approach but does it work for all circumstances? - Craig -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5

Bug#811678: found in 3.0.0 with small fix

found 1:3.0.0~delta-3 thankyou While they are different problems, mudlet 3.0.0 delta won't compile with GCC 6. The fix is a one-line patch. Waiting on upstream to see if delta is their latest release. - Craig -- Craig Small (@smallsees) http://enc.com.au/ csmall at : enc.com.au Debian

Bug#828225: wordpress: Various security fixes in 4.5.3 CVE-2016-5832 to 5839

Source: wordpress Version: 4.5.2+dfsg-2 Severity: important Tags: security Various security fixes in wordpress 4.5.3 CVE-2016-5832 - redirect bypass in the customizer, reported by Yassine Aboukir; CVE-2016-5833 - XSS problem via attachment name reported by Jouko Pynnonen CVE-2016-5834 - XSS

Bug#827245: missing backend for pool type 11 (zfs)

nually creating ZVOLs and accessing them in libvirt VMs (with a 'dir' storage pool pointing to /dev/zvol/export/volumes) for years, but it would be useful to be able to manage them directly with virsh or virt-manager. craig -- craig sanders <c...@taz.net.au>

Bug#798408: Bug#825354: mudlet: FTBFS on armel/armhf: glu development package not found

let from arm. - Craig -- Craig Small (@smallsees) http://enc.com.au/ csmall at : dropbear.xyz Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5

Bug#825354: mudlet: FTBFS on armel/armhf: glu development package not found

is really not there - Craig On Sun, 5 Jun 2016 2:47 am Scott Kitterman <deb...@kitterman.com> wrote: > On Saturday, June 04, 2016 03:59:49 PM Emilio Pozuelo Monfort wrote: > > On 26/05/16 14:49, Craig Small wrote: > > > On Thu, May 26, 2016 at 8:57 PM Emilio Pozuelo Monf

Bug#825354: mudlet: FTBFS on armel/armhf: glu development package not found

not include it. Architecture: amd64 Depends: libgl1-mesa-dev | libgl-dev, libglu1-mesa-dev | libglu-dev, Architecture: armel Depends: libgles2-mesa-dev | libgles2-dev, I think it should be just a matter of adding libglu1-mesa-dev to the build dependencies and we're done. - Craig -- Craig Small (@small

Bug#824252: -t and -d don't work as expected

delimiter or there should be extra options (perhaps -T and -D) to set it (similar to the way awk's FS and OFS variables work) Thanks, craig -- craig sanders <c...@taz.net.au>

Bug#819523: squid3 in wheezy-backports has unmet dependencies

I don't think this package has been rebuilt yet. At least, the problem persists. Thanks for your help, Craig -- Craig Holyoak IT Support @ Redlands College choly...@redlands.qld.edu.au http://www.redlands.qld.edu.au/ --

Bug#822867: dh-make: should strip trailing \n from /etc/mailname

Hi Jakub, Thanks for the report, dh-make 2.201606 will have that fix. - Craig -- Craig Small (@smallsees) http://enc.com.au/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825 D939 04D2 0519 3938

Bug#823649: libjs-mediaelement: Reflected XSS vulnerability

Package: libjs-mediaelement Version: 2.15.1+dfsg-1 Severity: important Tags: security upstream I saw this regarding the wordpress 4.5.2 release[1]. MediaElement.js is vulnerable to a reflected XSS attack. The wordpress patch is at [2] but I cannot exactly find what has changed but I think it is

Bug#823640: wordpress: Reflected XSS in PLupload and mediaelement

Package: wordpress Version: 4.5.1 Severity: important Tags: security upstream Wordpress 4.2 to 4.5.1 has a XSS vulnerability in Plupload and mediaelement. I haven't yet done the analysis to see if we are fully vulnerable (some mediaelement items are removed due to DFSG problems) but most likely

Bug#823218: /usr/bin/uscan: uscan: incorrectly imports catfile

Package: devscripts Version: 2.16.4 Severity: normal File: /usr/bin/uscan Tags: patch uscan crashes out because catfile is not correctly imported. uscan info: New orig.tar.* tarball version (after mk-origtargz): 4.5.1 uscan info: Successfully repacked wordpress-4.5.1.tar.gz as

Bug#823061: cdavin9-✉-Message-on-hold-

White On Apr 30, 2016 12:32 PM, "Angel" wrote: > > > > > > > > > > > > * _Just_saw_something_really_hot_that_made_me_wonder... > _What_would_you_like_me_to_wear_tonight?_ > _What's_the_hottest_thing_I_can_do_for_you_when_I_see_you?_ > We'll_even_play_some_games_honey_ >

Bug#822861: killall: option --older-than breaks with german locale

- no debconf information > > -- > Mit freundlichen Grüßen, > > Jörg Ludwig > > IServ GmbH > Bültenweg 73 > 38106 Braunschweig > > Telefon: 0531-2243666-0 > Fax: 0531-2243666-9 > Mobil: 0179-9101055 > E-Mail: joerg.lud...@iser

Bug#816861: fuser does not show the PID that keeps busy a schroot mount-point

x, because just like /proc//fd it can be fooled by symlinks. - Craig On Wed, Mar 9, 2016 at 8:58 AM Franco Martelli <martelli...@gmail.com> wrote: > On 08/03/2016 at 10:52, Craig Small wrote: > > It actually finds the process you are looking for, however it also finds > >

Bug#822479: network-manager-openvpn-gnome: Plugin fails to load when using Connection Editor

Package: network-manager-openvpn-gnome Version: 1.2.0-1 Severity: important Dear Maintainer, * What led up to the situation? Clicking "Configure VPN" in the nm-applet, opens the "Connection Editor" clicking the add button displays a window to choose Connection Type, OpenVPN options are not

Bug#822228: libprojectm2v5 depends on obsolete package ttf-dejavu-core

on it (including clementine). craig

Bug#810018: Additional info possibly relevant for procps-base/pidof ...

Hi Andreas, One thing before we move to the procps pid, it doesn't match all processes the pidof one does [1]. I have fixed it upstream but probably worth waiting for that to appear otherwise things like kde and sshd sessions "disappear". - Craig 1: https://gitlab.com/procps-ng/pro

Bug#820288: wordpress: Keep alternate *-php5 and php5-* dependencies for installability in old releases

Hi Raphaël, That's a good idea! I'll update shortly. Thanks for the dependencies line too. - Craig -- Craig Small (@smallsees) http://enc.com.au/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825

Bug#819547: RM: jffnms -- ROM; Deadish upstream, php package

upstream maintainer for it too but haven't done much with it as I've been working on a python replacement. I think popcorn showed 16 installations. Thanks! - Craig

Bug#819523: squid3 in wheezy-backports has unmet dependencies

Package: squid3 Version: 3.4.8-6+deb8u2~bpo70+1 Severity: normal Dear Maintainer, I have been running squid3 from wheezy-backports fine for some time, currently on version 3.4.8-5~bpo70+1. However, following the recent update to 3.4.8-6+deb8u2~bpo70+1, it is now uninstallable (and

Bug#819314: procps: [sysctl] Missing dependency when used with systemd

. - Craig

Bug#818870: wordpress: Bump phpmailer dependency to 5.2.14

Source: wordpress Version: 4.4.2+dfsg-1 Severity: minor In #818758 the submitter was reporting a bug against the backported version of wordpress. This was because it didn't depend on version 5.2.14 of phpmailer. The control file needs to be updated to include 5.2.14 in the sid version of

Bug#816861: fuser does not show the PID that keeps busy a schroot mount-point

/dev/dm-3 $ ls -l /dev/dm-3 brw-rw 1 root disk 253, 3 Mar 1 19:33 /dev/dm-3 so.. considering the chroot device id is the same as whatever /dev/dm-3 is, you'll get a long list of processes because it probably something like /home - Craig -- Craig Small (@smallsees) http://enc.c

Bug#805645: dh-make: manpage.xml.ex uses , which fails to format correctly

n't use xml myself. I agree, I'm not sure if this is valid xml and the parser is wrong or the xml itself should be changed. - Craig

<    1   2   3   4   5   6   7   8   9   10   >