-notes/rt/5.0.5
I think there is a minor typo in the changelog. I noticed this typo is
also present in the changelog for 5.0.5+dfsg-1 on
https://metadata.ftp-master.debian.org/changelogs//main/r/request-tracker5/request-tracker5_5.0.5+dfsg-1_changelog.
Kind regards,
Geoff Crompton
Hi,
I've just checked this on a Debian 11 system, and am no longer able to
reproduce the error. I agree with Lionel, I think this bug report can safely be
closed.
Kind regards,
Geoff Crompton
Infrastructure Team Leader
+61 (0) 3 8341 0244
geo...@trinity.unimelb.edu.au
Trinity College
wheezy backport 2.1.18 packages, and
they fixed this problem for me.
—
Geoff Crompton, Senior ICT Infrastructure Administrator
T: +61 (0)3 9348 7138
Trinity College | University of Melbourne | Royal Parade, Parkville | Victoria
3052, Australia
www.trinity.unimelb.edu.au <http://www.trinity.unimelb.edu.au/>
Given the fix for this went into -4, it seems likely
2.4.31+really2.4.40-3~bpo70+1 (the wheezy backport) is vulnerable.
Could someone confirm that?
--
Geoff Crompton, System Administrator
T: +61 (0)3 9348 7138
Trinity College | University of Melbourne | Royal Parade, Parkville |
Victoria 3052
Package: postgrey
Version: 1.34-1.1
Severity: grave
Tags: patch
Justification: renders package unusable
Dear Maintainer,
A fresh install of postgrey on two Wheezy machines fails to start. Much like
was the case in debian bug #722136, starting the postgrey daemon on the
command
line reveals the
Package: linux-image-3.2.0-4-amd64
Version: 3.2.41-2+deb7u2
Severity: normal
--- Please enter the report below this line. ---
The touchpad on this MacBook Air sometimes becomes unresponsive. At
these times the kernel log scrolls these messages whenever you drag your
fingers across the touchpad:
On 18/05/13 10:10, Geoff Crompton wrote:
On 18/05/13 09:49, Thaddeus H. Black wrote:
I'm sorry, I don't have a work around. I never tried the drm-3.7 branch
that Alex suggested. Due to bug 703468 I've been booting some later
kernels as well, and I think I still have the same problem. On Monday
On 18/05/13 09:49, Thaddeus H. Black wrote:
Have you solved or worked around your Debian Bug#688828:
xserver-xorg-video-radeon: brightness controls don't work?
If so, how, please? I have precisely the same problem you have, and can
confirm similar symptoms in detail, including the
On 12/04/13 17:13, Jonathan Nieder wrote:
tags 703468 - moreinfo
quit
Geoff Crompton wrote:
I ran the 'cherry-pick' command, and redid the make deb-pkg and dpkg -i
steps. When I rebooted onto that kernel it worked fine. So it seems this
patch fixes the 3.4.4 kernel.
Beautiful. Let's take
On 12/04/13 09:40, Jonathan Nieder wrote:
Could you try the attached patch against a 3.4.y kernel? It works like
this:
0. prerequisites:
apt-get install git build-essential
1. get the kernel history, if you don't already have it:
git clone \
On 11/04/13 10:54, Geoff Crompton wrote:
I've also built a 3.2.39 kernel with some patches stripped. This kernel
still does exhibit the problem, suggesting the patches I stripped out
are not responsible. Those patches are:
bugfix/x86/drm-i915-kick-any-firmware-framebuffers-before-claim.patch
On 10/04/13 16:35, Jonathan Nieder wrote:
What's next?
3.6.9-1~experimental.1, to narrow down the range to search for a fix.
The binary from snapshot.debian.org (linux-image-3.6-trunk-amd64)
should install fine, or if you prefer to build from source then there
are instructions at [1].
Thanks,
On 08/04/13 16:28, Jonathan Nieder wrote:
Thanks for testing.
As a next test, can you try the 3.4.4 binary package from
http://snapshot.debian.org/package/linux/?
Hope that helps,
Jonathan
I've tried that. The 3.4.4-1~eperimental.1 linux-image I built from
those sources does not boot,
On 03/04/13 09:30, Jonathan Nieder wrote:
Geoff Crompton wrote:
I had been considering building a kernel for each patch where the kernel
only includes that one patch. But with 17 patches, that seems like a lot
of kernels to test (for me anyway). So I've further whittled that down
by looking
-Encoding: 7bit
From: Geoff Crompton geo...@trinity.unimelb.edu.au
To: Debian Bug Tracking System sub...@bugs.debian.org
Subject: linux-image-3.2.0-4-amd64: none
X-Debbugs-Cc: none
Package: src:linux
Version: 3.2.35-2
Severity: normal
Dear Maintainer,
*** Please consider answering these questions
the same as the
patch on this bug report that makes my invocations of mrtg go silent. So
I'm treating it like it's the same issue.
Please find attached my modified patch.
Cheers,
Geoff Crompton
--- a/lib/SNMP_Session.pm
+++ b/lib/SNMP_Session.pm
@@ -146,7 +146,7 @@
if (eval {local $SIG
Package: ppp
Version: 2.4.5-4
Severity: normal
Tags: squeeze
Over my ppp link I use the source address my ISP assigns me, as well as a
class C subnet, 203.24.247.0/24. Every now and then traffic for
203.24.247.0/24 breaks. Traffic to/from my regular IPv4 address continues
successfully. From
Package: isc-dhcp-relay
Version: 4.1.1-P1-15+squeeze3
Severity: normal
Tags: patch
The dhcrelay man page doesn't mention that if you use any -i option to
specify interfaces, you need to add an -i option for the interface used to
contact the DHCP server. Otherwise dhcrelay silently drops the
Package: dibbler-client
Version: 0.7.3-1.3
Severity: normal
Tags: ipv6
Whenever the pppd daemon on my Debian Squeeze router restarts I loose IPv6
connectivity on the next work behind it. IPv4 continues to work, and IPv6
works from the router. Restarting dibbler-client restores
IPv6 connectivity
Package: squid
Version: 2.7.STABLE9-2.1
Severity: normal
Tags: patch
On my system I had squid, squid3, srg and squidguard. squid had been installed
due to a recommends dependancy by srg.
When I purged squid the logrotation for squidguard started to complain. By
default squidGuard logs to
Package: collectd
Version: 4.10.1-1+squeeze2
Severity: normal
If I have a /etc/collectd/plugins/ping.conf file such as:
Plugin ping
Host 150.101.140.197
Host 2001:44b8:69:2:1::100
/Plugin
Then when I start collectd I get log lines like:
Jul 5 18:05:13 ogrady collectd[18720]:
(hence this being a wishlist bug).
This bug is my vote to get this patch into squeeze somehow (be that a
squeeze-n-half kernel, or a cherry picked patch to a later squeeze kernel).
I'll understand if you tag this wont-fix.
Cheers,
Geoff Crompton
-- Package-specific info:
** Version:
Linux version
into it,
and instead did an EFI boot into the installed MAC partition. I'm going to try
getting booting working with rEFit, but thought I'd send in this installation
report first.
Cheers,
Geoff Crompton
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
that will prevent the graphics
being re-initialised, so I can't get to a console to generate an 'lspci'
listing, or other useful information.
Cheers,
Geoff Crompton
Package: backupninja
Version: 0.9.8.1-1
Severity: normal
The rdiff action lets you use ssh options for remote destinations, but not
remote sources. If you want to generate specific keys to be used you can
easily do that for a remote destination by using an ssh options of '-i
/path/to/key', but
Package: python-moinmoin
Severity: normal
I'm trying to make a personal backport of moin to Lenny of 1.9.3. However when
I do so, the resulting package has incorrect dependancy information.
In the end of debian/rules I can see there is the following line:
CDBS_DEPENDS += python-werkzeug,
and would like the bugreport reopened.
I don't disagree with you about the issue being a non-bug, so the bug
report can remain closed.
Kind regards,
- Jonas
Cheers,
Geoff Crompton
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
Package: python-tz
Version: 2008c-2
Severity: normal
I have a script that imports some django (and hence mysql) libraries, before
then importing pytz. When I run the script I see:
geo...@chiraz:~/svk/passwordaging/trunk/bin$ ./report-force-change-rate
=978127
There is a new upstream release, 0.23, but it according to the upstream
bug report, it doesn't fix this bug.
Cheers,
Geoff Crompton
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: pidgin
Version: 2.7.2-1
Severity: normal
*** Please type your report below this line ***
Currently when I startup pidgin I get a message displayed at the bottom
of the
buddy list saying that pidgin couldn't connect to avahi-daemon. The message
reads:
go8...@svelt disconnected
Unable
Package: iputils-ping
Version: 3:20071127-1
Severity: normal
Please include the following patch so that ping reports how many packets
failed the icmp checksum.
--- ping.c (revision 150)
+++ ping.c (working copy)
@@ -709,7 +709,7 @@
return 1; /* 'Twas not our ECHO */
packages (version
1.98~20100115-1)
* installing them
* bind mounting /dev and /proc into the chroot
* running upgrade-grub and grub-install '(hd0)' (I suspect if I'd
already mounted /dev and /proc when installing the packages I wouldn't
have had to do that separately).
--
Geoff Crompton
Package: funguloids
Version: 1.06-8+b1
Severity: normal
Fungaloids crashes after you click the 'start game' in the menu. If run
from the console, I see the following at the end of the output:
Texture: baseglow2.jpg: Loading 1 faces(PF_R8G8B8,128x128x1) with 5
hardware generated mipmaps from
none (no description available)
-- no debconf information
--
+-Geoff Crompton
+--Debian System Administrator
+---Trinity College
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: libconcord1
Version: 0.21-4
Severity: normal
When iceweasel launches congruity it fails to detect my remote. If I
manually launch congruity as root, it detects the remote fine. I worked
around this by chowning the user of the /dev/usb/001/003 file to my
username, then congruity when
to SQLite 3
pn python-sqlalchemy-doc none (no description available)
-- no debconf information
--
+-Geoff Crompton
+--Debian System Administrator
+---Trinity College
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
Package: request-tracker3.6
Version: 3.6.1-4
Followup-For: Bug #440041
We've run into the same problem. In our case we had two front ends, and SSL
proxy for Internet access, and a normal port 80 frontend for use within the
office, which both showed the same problem. Our backend ran on a high
Package: twiki
Version: 1:4.0.5-9.1
Severity: normal
It seems if I set $TWiki::cfg{Plugins}{JSCalendarContrib}{Enabled} = 1;
in /etc/twiki/LocalSite.cfg, the JSCalendarContrib plugin doesn't work.
On http://localhost/cgi-bin/twiki/view/TWiki/InstalledPlugins under the
Plugin Diagnostics I get
%distinputdirs at
/etc/debarchiver.conf line 30.
Ambiguous use of % resolved as operator % at /etc/debarchiver.conf line 30.
Warning: Loading config file /etc/debarchiver.conf:
syntax error at /etc/debarchiver.conf line 16, near
$intentional syntax error
--
Geoff Crompton
Debian System
Package: debarchiver
Version: 0.7.3
Severity: normal
Hi, it seems if someone writes a syntax error in /etc/debarchiver.conf, the
script silently ignores that problem.
I had a look at the code, I think the problem may be in opalmod, line 152 of
OpaL::action says:
150 sub pdebug ($$;) {
Package: shorewall-lite
Version: 3.2.6-1
Severity: normal
Please supply a man page with shorewall-lite. I think upstream may have one,
as they have generated http://www.shorewall.net/manpages/shorewall-lite.html
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500,
Marc Haber wrote:
On Thu, Jun 07, 2007 at 10:30:17AM +1000, Geoff Crompton wrote:
Is it possible to add a low priority debconf question so that adminstrators
can preseed what the uid ranges should be, for dynamically allocated user
accounts and groups?
This is already configurable via
Package: adduser
Version: 3.102
Severity: normal
Is it possible to add a low priority debconf question so that adminstrators
can preseed what the uid ranges should be, for dynamically allocated user
accounts and groups?
Thanks!
-- System Information:
Debian Release: 4.0
APT prefers stable
Package: gpa
Version: 0.7.0-1.1
Severity: normal
I store my private key on a usb stick, and when I start gpa, it locks up
shortly after starting if the usb stick isn't plugged in.
It pops the dialog You do not have a private key yet. Do you want to generate
one now (recommended) or do it later?.
Package: gnotime
Version: 2.2.2-10
Severity: normal
The File ...blah... exists, overwrite? dialog continually pops up under the
save dialog when I'm saving a report.
To replicate, I do:
* Reports - choose a report
* Click the save button
* select an existing file
* Click OK
Then the
Package: puppet
Version: 0.20.1-1
Severity: wishlist
Please consider adding /etc/logcheck/ignore.d.{workstation,server}/puppet:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ puppetd\[[0-9]+\]: (Starting|Finished)
configuration run( in [.[:digit:]]+ seconds)?$
Or refiling this bug against
gregor herrmann wrote:
On Wed, 18 Apr 2007 09:56:30 +1000, Geoff Crompton wrote:
For sarge I did a private backport of libperl6-export-perl, and my changelog
notes that I added a libfilter-simpler-perl dependancy, as
http://search.cpan.org/~dconway/Perl6-Export-0.07/Export.pm lists
Package: libperl6-export-perl
Version: 0.07-9
Severity: minor
For sarge I did a private backport of libperl6-export-perl, and my changelog
notes that I added a libfilter-simpler-perl dependancy, as
http://search.cpan.org/~dconway/Perl6-Export-0.07/Export.pm lists it as a
dependancy.
I've not
Package: slapd
Severity: wishlist
The slapd.conf man page doesn't document the option 'index'. When that is
added, please highlight the fact that if index options are altered, you must
run slapindex.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-3-686
, referring readers to the back end specific
man pages?
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
That looks great. Thanks!
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: postfix
Version: 2.3.7-3
Severity: minor
When I just upgraded to 2.3.7-3, I saw the following:
Unpacking replacement postfix ...
Setting up postfix (2.3.7-3) ...
Installing new version of config file /etc/postfix/postfix-script ...
Installing new version of config file
Package: xen-tools
Severity: normal
If you don't set 'dir' or 'lvm', you get told :
Error: No recognised installation type.
This is a little confusing, if you have set the installation type. Suggested
patch below.
--- /usr/bin/xen-create-image 2006-11-20 00:51:09.0 +1100
+++
Package: imapsync
Version: 1.182-1
Severity: wishlist
Hi,
Version 1.209 is now available.
Cheers
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-3-686-smp
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1)
--
To UNSUBSCRIBE, email to [EMAIL
406609
tesuser1 opened file, but couldn't save it, opened readonly
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
for my system.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Geoff Crompton wrote:
I'm also having this problem.
I can confirm that I get the same weird behaviour, ie what John Goersen
said:
When a user that is someone other than the Unix owner of the file
writes to it, the permissions switch to 0474 (-r--rwxr--) and an ACL
is added
to it.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: libpam-ldap
Severity: normal
Hi,
The man page for pam_ldap.conf says regarding the host attribute:
If not specified the libraries will attempt to use DNS 'Resource Records'
(RR) or 'Service Records' (SRV) to find the appropriate host.
However it seems that instead it just logs
to everything in /usr/share/doc/, but doesn't setup the content
negotiation for the apache2 manual.
Maybe this isn't really a bug.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
Package: jpilot
Version: 0.99.9.1-2
Severity: normal
Jpilot doesn't support repeating todo items. My tungsten T5 does. If I follow
this sequence:
* on palm, create todo item repeating weekly
* sync with jpilot
* on jpilot, check the todo item as done
Then I end up without that todo item
Nyaochi has fixed my bug, I can confirm that the code in CVS fixes it.
If you push out a package, I'd be happy to confirm with that as well.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
or not.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: easyh10
Version: 1.4-1
Severity: normal
When I run easyh10 on my player, it segfaults while doing the media
information:See below for what I see when I run it.
I had a look at the core file dumped, using gdb, but it seems there were
no debugging symbols in the easyh10 binary, so I
Benjamin Seidenberg wrote:
Geoff Crompton wrote:
Package: easyh10
Version: 1.4-1
Severity: normal
When I run easyh10 on my player, it segfaults while doing the media
information:See below for what I see when I run it.
I had a look at the core file dumped, using gdb, but it seems there were
Benjamin Seidenberg wrote:
Geoff Crompton wrote:
Benjamin Seidenberg wrote:
Geoff Crompton wrote:
Package: easyh10
Version: 1.4-1
Severity: normal
When I run easyh10 on my player, it segfaults while doing the media
information:See below for what I see when I run it.
I had a look at the core
Package: libio-prompt-perl
Version: 0.99.4-1
Severity: normal
IO::Prompt wants to use Want.pm, but it is not declared as a dependancy in the
debian package.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Package: am-utils
Version: 6.1.5-1
Severity: normal
I have just upgraded from sarge to etch. I have the following line in my fstab:
sd01:/home /home nfs defaults,rw,hard,intr0 0
Now when the boot process finishes /home is not mounted. I booted and set
init=/bin/bash
as possible ... so another quick-fix won't be needed
for this packages.
- Alexander
I can confirm that 1.0.2-2.sarge1.0.8b.2 fixed the size of the
attachment panel.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
/content/msgHdrViewOverlay.js ::
displayAttachmentsForExpandedView :: line 1161 data: no]
Source File: chrome://messenger/content/msgHdrViewOverlay.js
Line: 1161
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
Package: xen-tools
Version: 2.3-0
Severity: normal
The sarge debootstrap package doesn't support the --keep-debootstrap-dir
option, which means if you've backported xen-tools, it breaks.
Please make the debootstrap depend on version = 0.3.0
-- System Information:
Debian Release: 3.1
Package: horde3
Severity: normal
Horde 3.0.11 fixes some XSS issues, according to
http://lists.horde.org/archives/announce/2006/000287.html
This is being tracked at secfocus:
http://www.securityfocus.com/bid/19544
No CVE yet.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
address get an Internal Server Error.
In the error log I see:
[Wed Aug 9 17:23:50 2006] [error] [client 203.89.205.90] Premature end of
script headers: /usr/share/apt-cacher/apt-cacher.pl
Cheers,
Geoff Crompton
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux
Alexander Sack wrote:
AFAICT, this is fixed in sarge8 too.
Can you confirm that the bug is gone for you too?
- Alexander
Yep, confirmed it doesn't crash my browser anymore. Running
1.0.4-2sarge9. So feel free to close this bug.
Thanks!
--
Geoff Crompton
Debian System Administrator
Package: samba
Version: 3.0.14a-3sarge1
Severity: grave
Samba have announced http://www.samba.org/samba/security/CAN-2006-3403.html,
and have a patch available. It affects all samba configurations, hence I
consider this grave.
I wouldn't be surprised if the security team is already aware of this.
Package: solarwolf
Version: 1.5-1
Severity: normal
When I choose setup - music - Normal, or Low instead of off, solar wolf
crashes, and displays a Solarwolf Error dialog box.
The dialog box says:
pygame.error:
music not loaded
File /usr/lib/games/solarwolf/snd.py, Line 106, Function
: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27skas
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages perl-base depends on:
ii libc6 2.3.2.ds1-22sarge3 GNU C Library: Shared libraries an
-- no debconf information
--
Geoff Crompton
Debian System
Is this considered important enough for a DSA for sarge?
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: clamav-freshclam
Severity: important
Securityfocus announced a problem with clamav-freshclam:
http://www.securityfocus.com/bid/17754
Further details are at:
http://www.clamav.net/security/0.88.2.html
The clamav people say it affects ClamAV 0.80 - 0.88.1, so a DSA might be
needed.
--
Package: dnsmasq
Version: 2.22-2
Severity: grave
Justification: user security hole
According to securityfocus dnsmasq will crash if it gets a broadcast reply
packet:
http://www.securityfocus.com/bid/17662
This DoS affects sarge. Any idea if a DSA is in the works?
-- System Information:
Debian
Hi,
Just wondering if there is an openvpn update in the works to fix
CVE-2006-1629?
Cheers
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: openvpn
Version: 2.0-1sarge2
Followup-For: Bug #360559
Is this the same as CVE-2006-1629? http://www.securityfocus.com/bid/17392 is
listing sarge as vulnerable. Do you know if the security team is working on
a fix?
Cheers
-- System Information:
Debian Release: 3.1
Architecture: i386
Hi, did DSA 985-1 close this?
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
, or that
another DSA might be needed.
Cheers
Thomas Wana wrote:
Steve Kemp wrote:
On Wed, Feb 15, 2006 at 02:01:51PM +1100, Geoff Crompton wrote:
This bug has been closed for unstable (see bug 350964) with the 4.6
upload, but will it be fixed for sarge?
Please see DSA-969-1 released two days ago
Adam Conrad wrote:
Geoff Crompton wrote:
Do you have any recommendations on how to safely purge apache-perl? I
thought it'd be good to have it documented in this bug report, for
future people that might stumble across this.
* manually edit files in /var/lib/dpkg/info to remove references
by other debhelper scripts.
# Automatically added by dh_installinit
if [ $1 = purge ] ; then
update-rc.d apache remove /dev/null
fi
# End automatically added section
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
Adam Conrad wrote:
Geoff Crompton wrote:
ii apache 1.3.33-6sarge1 versatile, high-performance HTTP server
pc apache-perl1.3.9-13.1-1.2 Versatile, high-performance HTTP
There's nothing I can do to fix the potato (!) version of apache-perl at
this point.
... Adam
Thats
Package: firebird2
Severity: grave
Justification: user security hole
Apparently firebird 1.5.3 fixes a buffer overflow. I saw it at
http://www.securityfocus.com/bid/17077. More details at
http://www.securityfocus.com/archive/1/427480
The researcher has a patch for the specific problem he found
I'm succesfully using postfix ldap lookups on a sarge production server.
So to me, looks like this bug has been fixed for sarge.
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
Ola Lundqvist wrote:
On Mon, Feb 27, 2006 at 10:50:52AM +1100, Geoff Crompton wrote:
Package: horde3
Severity: normal
Looks like this is fine for etch and sid, but I'm not sure if this has been
fixed for sarge.
Haven't found a CVE for this, it's from SEC Consult Security Advisory
20051211-0
Package: php4
Version: 4:4.3.10-16
Severity: normal
A recent security focus newsletter updated this issue which was announced back
in October. However I couldn't find a debian bug report specific to this, and
the changelog in sarge doesn't mention 2005-3388.
I saw it at:
Package: horde3
Severity: normal
Looks like this is fine for etch and sid, but I'm not sure if this has been
fixed for sarge.
Haven't found a CVE for this, it's from SEC Consult Security Advisory
20051211-0. Other horde apps are also affected, but I've not done bug reports
for them.
-- System
Package: kernel-image-2.6.8-i386
Severity: normal
Seen at http://www.securityfocus.com/bid/14470, where they say Linux Kernel
is affected by a remote denial of service vulnerability when handling XDR data
for the nfsacl protocol.
I've tried to work out if sarge is vulnerable. They say that it
Hi,
This bug shows it was closed with the 2.1.30-11 version of libldap2.
However slapd is from openldap2.2 in sarge, and it uses libldap-2.2.7.
So I'm confused about whether this is really fixed for sarge. I noticed
that libldap-2.2.7 depends on libldap2, is that how slapd gets fixed?
--
Geoff
Package: libapache2-request-perl
Severity: important
Seen at http://www.securityfocus.com/bid/16710. Version 2.0.7 has a fix.
changelog from
http://svn.apache.org/viewcvs.cgi/httpd/apreq/tags/v2_07/CHANGES?rev=376998view=markup
says:
- C API [joes]
SECURITY: CVE-2006-0042 (cve.mitre.org)
Package: squirrelmail
Version: 2:1.4.4-7
Severity: important
The changelog at http://www.squirrelmail.org/changelog.php says for 1.4.6:
- Security: MagicHTML fix for comments in styles which allowed
for cross site scripting when using Internet Explorer (reported
by Scott Hughes)
Package: squirrelmail
Version: 2:1.4.4-7
Severity: important
The changelog at http://www.squirrelmail.org/changelog.php says for 1.4.6:
- Security: Prohibit IMAP injection attempts (reported by Vicente
Aguilera) [CVE-2006-0377].
-- System Information:
Debian Release: 3.1
Architecture:
Package: squirrelmail
Version: 2:1.4.4-7
Severity: important
The changelog at http://www.squirrelmail.org/changelog.php says for 1.4.6:
- Security: Fix possible cross site scripting through the right_main
parameter of webmail.php. This now uses a whitelist of acceptable
values.
Package: mozilla-firefox
Version: 1.0.4-2sarge5
Severity: important
No CVE yet, seen at http://www.securityfocus.com/bid/16741. Affects firefox
1.0 through to 1.5
The bid has a html snippet that triggers it, which I've not reproduced here. I
tried the snippet, and it immediately crashed my
I'm seeing the same behaviour. Anyone know a work around?
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
1 - 100 of 178 matches
Mail list logo