Control: severity -1 minor
Am 26.08.19 um 22:11 schrieb darkdragon:
> Package: javahelper
> Version: 0.72.8
>
> The tutorial (/usr/share/doc/javahelper/tutorial.html) contains the following:
>
>> Sample Application Packaging
>>
>> debian/salliere.links
>>
>> usr/share/salliere/salliere.jar
Am 26.08.19 um 14:06 schrieb mer...@debian.org:
> On 2019-08-26 15:03, Markus Koschany wrote:
>> Thank you for the patch! I believe this also fixes the runtime errors
>> for several other applications, e.g. triplea [1]
>>
>> [1] https://bugs.debian.org/911078
>
Hi,
Am 26.08.19 um 08:17 schrieb mer...@debian.org:
> Source: insubstantial
> Version: 7.3+dfsg3-4
> Control: tags -1 + patch
>
> Hello,
>
> When using 'insubstantial' jars at runtime of one of my packaged
> projects, I ran into upstream's issue [#56]. A workaround has been
> proposed
never shipped sunec.jar in OpenJDK 7,
(see also [2]] so the removal causes applications that rely on Elyptic
Curve algorithms to fail. The current workaround is to use a different
security provider or to downgrade openjdk-7 to the previous version
which can be downloaded from snapshots.debian.o
Package: angrydd
Version: 1.0.1-13
Severity: normal
While working on porting angrydd to python3-pygame Reiner Herrmann
discovered that the Quit Game menu button does not work as intended.
One can only quit the game by pressing the ESC button at the moment.
This issue is also present with the old
Am 02.08.19 um 13:57 schrieb 積丹尼 Dan Jacobson:
> OK, but the user wonders "maybe the two sources aren't even aware of
> each other, that's why they are duplicating their work."
A Debian maintainer must be aware of an upstream project in order to
package it. Packaging is alway a conscious decision
Package: javahelper
Version: 0.72.9
Severity: serious
jh_linkjars apparently chokes on the new debhelper-compat package.
Since it is not a real package dpkg -L does not work. I presume the
workaround is to either add debhelper-compat to a blacklist or to find
a more general way to not use dpkg
Am 02.08.19 um 13:36 schrieb 積丹尼 Dan Jacobson:
> There must be some pros and cons you can list for users faced with the
> unfamiliar choice of which path to take. They can't be 100% equivalent
> certainly. If 100% equivalent then mention why the package exists.
Sorry, but I don't understand your
Hello Dan,
Am 01.08.19 um 03:08 schrieb 積丹尼 Dan Jacobson:
> Package: webext-ublock-origin
>
> User notices there is a package "webext-ublock-origin".
>
> User also notices there is
>
> https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
>
> Bug: the
(0.4.8-1+deb10u1) buster; urgency=medium
+
+ * Backport "Fix save or load game crash" patch to Buster.
+
+ -- Markus Koschany Sat, 27 Jul 2019 03:24:19 +0200
+
+freeorion (0.4.8-3) unstable; urgency=medium
+
+ * Really fix save or load game crash. (Closes: #930417)
+
+ -- Markus Kosc
Hi Giovanni,
Am 23.07.19 um 18:57 schrieb Giovanni Mascellani:
> Hi,
>
> the problem here is that operator== is called on an instance of
> std::map<>::iterator. The intention is probably to compare two iterators
> for inequality. But calling the operator overloading function is not the
> right
Hi,
On Fri, 19 Jul 2019 20:35:19 +0200 =?UTF-8?Q?Hilmar_Preu=c3=9fe?=
wrote:
> On 19.07.19 17:41, Moritz Muehlenhoff wrote:
>
> Hi,
>
> > Please see:
> > http://bugs.proftpd.org/show_bug.cgi?id=4372
> > https://github.com/proftpd/proftpd/pull/816
> >
> The patch from upstream applies nicely
Hi,
Am 21.07.19 um 03:55 schrieb Adrien CLERC:
> Package: sweethome3d
> Version: 6.2+dfsg-1
> Severity: important
>
> Dear Maintainer,
>
> I have the following error:
>
>> env LANG=C sweethome3d
> [warning] /usr/bin/sweethome3d: Unable to locate /usr/share/icedtea-
> web/netx.jar in
Am 30.06.19 um 15:05 schrieb Paul Gevers:
> retitle 931198 buster-pu: package warzone2100/3.2.1-3+deb10u1
> user release.debian@packages.debian.org
> usertags 931198 - unblock
> usertags 931198 pu
> tags 931198 buster
> thanks
>
> Hi Marcus,
>
> On 28-06-201
Hi,
Am 13.07.19 um 20:06 schrieb Martin Juhlin:
> Package: wabt
>
> Version: 1.0.8-1
>
> Severity: normal
>
>
> Dear Maintainer,
>
>
> I was running wasm2c on an example file and found that the generated
>
> output needs a wasm-rt.h file. The final output also needs
>
> wasm-rt-impl.c +
Hello,
this issue is caused by the command systemctl daemon-reload in
solr-tomcat's postinst file. You can try to remove it and see if it
works. However solr-tomcat is supposed to work in a systemd environment,
I doubt that anyone has tested it with another init system or without one.
Regards,
Hello,
Am 08.07.19 um 17:50 schrieb Sven Joachim:
> Package: webext-ublock-origin
> Version: 1.19.0+dfsg-2
> Severity: important
>
> After upgrading from 1.18.4+dfsg-2 I found that uBlock Origin was no
> longer functional in firefox-esr. Some observations so far:
[...]
Thanks for reporting. I
Am 30.06.19 um 12:42 schrieb Thomas Uhle:
> Hello Markus,
>
> it seems that the bugfix has been backported upstream to OpenJFX 11.0.2
> as well. Please see https://bugs.openjdk.java.net/browse/JDK-8216292 for
> further reference.
Thanks for the information. I will remove the workaround in PDFsam
+++ freeorion-0.4.8/debian/changelog2019-06-23 01:52:26.0 +0200
@@ -1,3 +1,16 @@
+freeorion (0.4.8-3) unstable; urgency=medium
+
+ * Really fix save or load game crash. (Closes: #930417)
+
+ -- Markus Koschany Sun, 23 Jun 2019 01:52:26 +0200
+
+freeorion (0.4.8-2) unstable; urgency=medium
the report and Bernhard Übelacker for the patch.
+(Closes: #930942)
+
+ -- Markus Koschany Wed, 26 Jun 2019 06:49:41 +0200
+
warzone2100 (3.2.1-3) unstable; urgency=medium
* Team upload.
diff -Nru warzone2100-3.2.1/debian/control warzone2100-3.2.1/debian/control
--- warzone2100-3.2.1/debian/control
Hello,
Am 26.06.19 um 09:59 schrieb duncanwebb:
> Package: unattended-upgrades
> Version: 0.83.3.2+deb8u1
> Severity: serious
> Justification: normal
>
> Dear Maintainer,
>
> Jessie uses python 3.4 and python 3.4 does not support f"" strings
>
> So now unattended upgrades no longer performs
Hello,
Am 30.05.19 um 20:55 schrieb Bastien Bouclet:
> Package: residualvm
>
> Version: 0.3.1+dfsg-1
>
> I'm an upstream maintainer of ResidualVM and just noticed the version
> packaged in Debian was build against SDL 1.2. At this point we recommend
> linking against SDL 2, as ResidualVM can
Hello,
On Tue, 18 Jun 2019 12:46:30 +0200 Julian Andres Klode
wrote:
> Package: goplay
> Severity: serious
>
> Hi folks,
>
> goplay has not received any updates since 2015, it uses libept,
> which we'd like to get rid of eventually I think, as it's also
> unmaintained, so I think it would be
) for
+an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x or
+logback-core jar in the classpath, an attacker can send a specifically
+crafted JSON message that allows them to read arbitrary local files on the
+server. (Closes: #930750)
+
+ -- Markus Koschany Sat
Sorry, I mistyped your email address. Does the new version resolve your
issue?
Thanks
Markus
On Sun, 16 Jun 2019 02:19:44 +0200 Markus Koschany wrote:
> Thanks for the report, and thanks to Bernhard for the investigation. I
> have just uploaded a new revision of freeorion with the pr
Thanks for the report, and thanks to Bernhard for the investigation. I
have just uploaded a new revision of freeorion with the proposed patch
to unstable. Please tell me if it resolves your issue.
Regards,
Markus
signature.asc
Description: OpenPGP digital signature
(Closes: #929513)
+
+ -- Markus Koschany Wed, 29 May 2019 14:55:09 +0200
+
marsshooter (0.7.6-3) unstable; urgency=medium
* Switch to compat level 11.
diff -Nru
marsshooter-0.7.6/debian/patches/avoid-crash-because-of-missing-return-statement.patch
marsshooter-0.7.6/debian/patches/avoid
Am 28.05.19 um 11:05 schrieb Bernhard Übelacker:
[...]
> I tried to have a look at this crash and I think I found something.
Hi Bernhard,
thanks for the patch! Although I still can't reproduce the crash, I
think the patch makes sense and I trust you with your assessment. I have
just uploaded a
Hi,
Am 25.05.19 um 10:34 schrieb Jacob Nevins:
> Package: marsshooter
> Version: 0.7.6-3
> Severity: important
>
> When I start marsshooter, either from the desktop menu or command line,
> it runs for a few seconds (13-18s in my tests), and then segfaults.
I can't reproduce the segfault at the
Control: severity -1 grave
On Fri, 24 May 2019 13:45:04 +0200 Bardot Jerome
wrote:
[...]
> Can't find robocode.core-1.x.jar module near to robocode.jar
> Class path: /usr/share/java/robocode.jar
Thanks for reporting. This is another Java 11 issue. It seems we have to
explicitly add some jar
Hi,
On Mon, 20 May 2019 12:20:31 +0200 Sylvain Beucler wrote:
> Package: axis
> X-Debbugs-CC: t...@security.debian.org
> Tags: security
>
> Hi,
>
> The following vulnerability was published for axis.
>
> CVE-2019-0227[0]:
> | A Server Side Request Forgery (SSRF) vulnerability affected the
because of missing
+com.mysql.cj.jdbc.admin.MiniAdmin validation. (Closes: #929177)
+
+ -- Markus Koschany Sat, 18 May 2019 20:31:28 +0200
+
jackson-databind (2.9.8-1) unstable; urgency=medium
* Team upload.
diff -Nru jackson-databind-2.9.8/debian/patches/CVE-2019-12086.patch
jackson
-02-10 14:13:56.0 +0100
+++ debian-games-3/debian/changelog 2019-05-20 00:01:59.0 +0200
@@ -1,3 +1,10 @@
+debian-games (3) unstable; urgency=medium
+
+ * Suggest Netbeans, cuyo and holdingnuts because they will not be part of
+Debian 10 "Buster".
+
+ -- Markus Kosc
:00.0 +0100
+++ librecad-2.1.2/debian/patches/CVE-2018-19105.patch 2019-05-19
23:17:22.0 +0200
@@ -0,0 +1,92 @@
+From: Markus Koschany
+Date: Thu, 16 May 2019 13:08:48 +0200
+Subject: CVE-2018-19105
+
+Bug-Upstream: https://github.com/LibreCAD/LibreCAD/issues/1038
+Bug-Debian
Package: jackson-databind
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
I will take care of this one myself.
The following vulnerability was published for jackson-databind.
CVE-2019-12086[0]:
| A Polymorphic Typing issue was discovered in FasterXML jackson-
|
: #871223)
+
+ -- Markus Koschany Sat, 18 May 2019 15:17:26 +0200
+
neverball (1.6.0+git20180603-1) unstable; urgency=medium
* New upstream snapshot 1.6.0+git20180603.
diff -Nru neverball-1.6.0+git20180603/debian/neverball-common.install
neverball-1.6.0+git20180603/debian/neverball
a specially crafted file. (Closes: #928477)
+
+ -- Markus Koschany Thu, 16 May 2019 13:11:05 +0200
+
librecad (2.1.3-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru librecad-2.1.3/debian/patches/CVE-2018-19105.patch
librecad-2.1.3/debian/patches/CVE-2018-19105.patch
--- librecad
On Wed, 15 May 2019 13:36:31 +0200 Julian Schustereit
wrote:
> Package: proftpd-basic
> Version: 1.3.5e+r1.3.5-2+deb8u1
>
> After the upgrade from version '1.3.5e-0+deb8u1' to '1.3.5e+r1.3.5-2+deb8u1'
> the sftp session is being terminated when using the command 'mkdir /'.
>
> Before the
Control: tags -1 pending patch
On Sun, 5 May 2019 16:55:54 +0200 Markus Koschany wrote:
> Package: librecad
> X-Debbugs-CC: t...@security.debian.org
> Severity: important
> Tags: security
>
> Hi,
>
> The following vulnerability was published for librecad.
>
> C
Package: librecad
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for librecad.
CVE-2018-19105[0]:
| LibreCAD 2.1.3 allows remote attackers to cause a denial of service
| (0x89C04589 write access violation and application
Hi Jochen,
Am 03.05.19 um 13:47 schrieb Jochen Sprickerhof:
[...]
> This is due to libnb-javaparser-java which is still on the jdk-9
> version.
[...]
> So one way would be to get this packaged (maybe rename nb-javac-9-*.jar
> to nb-javac-11-*.jar) and convince the release team to include
Hi,
Am 02.05.19 um 20:56 schrieb Jochen Sprickerhof:
[...]
> I had a look into this was able to create new projects when I remove the
> nb-javac.patch. @Markus do we really need it?
The nb-javac patch is necessary, otherwise the nb-javac module is not
properly detected at runtime. You should see
Thank you very much. I have uploaded a new revision with your patch a
few minutes ago. The game itself appears to work, the settings menu for
the controls is a bit hidden. ETW was originally developed for the
AMIGA, so that may explain some of the oddities.
Regards,
Markus
signature.asc
Control: tags -1 confirmed
Thanks for the report. I can confirm this issue is still present in
1.3.6-4. I have reverted to version 1.3.5 in Jessie again, so this
problem should not occur in Jessie anymore.
Regards,
Markus
signature.asc
Description: OpenPGP digital signature
Hi,
Am 01.05.19 um 00:31 schrieb Steinar H. Gunderson:
> On Tue, Apr 30, 2019 at 11:23:52PM +0100, Simon McVittie wrote:
>>> On a quick analysis: It appears that etw tries to find its own path by
>>> opening /proc/self/maps (code is in etw/prefix.c), looking for an executable
>>> mapping (r-xp)
Control: tags -1 pending
Hi,
Am 29.04.19 um 08:29 schrieb Ghislain Adnet:
> hi,
>
>> https://people.debian.org/~apo/proftpd/
>>
>
> i was able to install it and connect in sftp like before ! :)
>
> for the small test done:
>
> 1/ get the old version and connect ok
> 2/ get the actual one
On Thu, 25 Apr 2019 13:53:06 +0200 Ghislain Adnet wrote:
> hi,
>
> We are still using the old package not protected from the vulnerability,
> any idea when sftp on jessie will work again ?
> Is there anything i can do to help it ?
>
> regards,
> Ghislain.
Hello and thanks for your offer.
2019-04-25 16:39:14.0
+0200
@@ -1,3 +1,10 @@
+lucene-solr (3.6.2+dfsg-20) unstable; urgency=medium
+
+ * Team upload.
+ * Remove now obsolete solr-permissions.conf in
/etc/systemd/system/tomcat9.d/.
+
+ -- Markus Koschany Thu, 25 Apr 2019 16:39:14 +0200
+
lucene-solr (3.6.2+dfs
-solr-3.6.2+dfsg/debian/changelog 2019-04-19 00:39:36.0
+0200
@@ -1,3 +1,10 @@
+lucene-solr (3.6.2+dfsg-19) unstable; urgency=medium
+
+ * Team upload.
+ * Install solr-permissions.conf into the correct directory.
+
+ -- Markus Koschany Fri, 19 Apr 2019 00:39:36 +0200
+
lucene-solr
(4.10.4+dfsg-5) unstable; urgency=medium
+
+ * Team upload.
+ * Add carrotsearch-juni4-ant.patch and do not require
+libcarrotsearch-randomizedtesting-java as a test dependency anymore.
+This allows us to remove libsimple-xml-java from Buster.
+
+ -- Markus Koschany Wed, 17 Apr 2019 00:24:30
=medium
+
+ * Team upload.
+
+ [ Hilko Bengen ]
+ * Remove myself from Uploaders
+
+ [ Markus Koschany ]
+ * Remove libsimple-xml-java from B-D so this package can be removed from
+Testing.
+ * Ignore org.simpleframework:simple-xml
+ * Ignore junit4-ant module.
+
+ -- Markus Koschany Wed
Package: teeworlds
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for teeworlds.
CVE-2019-10877[0]:
| In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in
| engine/shared/map.cpp that can lead to a buffer
Hello,
Am 15.04.19 um 12:51 schrieb Timo Müller:
> Hello,
>
> after testing with different working and not working configs of proftpd we
> think we found a workaround.
>
> The login is working with the following config:
I was also working on proftpd at the weekend and tried to gather more
Hi,
Am 15.04.19 um 04:08 schrieb Paul Wise:
> On Sun, 07 Apr 2019 13:46:33 +0200 Markus Koschany wrote:
>
>> Thoughts?
>
> There is a better option for this:
>
> Keep the one package but install a different manifest.json into the
> Firefox and Chrome extension di
Hi,
Am 13.04.19 um 11:31 schrieb Ivo De Decker:
[...]
> It is possible to remove the test-dependency (probably by disabling the
> tests)? That way simple-xml could be removed from buster. Even if we don't do
> this for buster, it might be good to do this for bullseye anyway, if the
> package
Package: graphicsmagick
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for graphicsmagick.
CVE-2019-11005[0]:
| In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based
| buffer overflow in the function
I just found this bug report which may be related:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1794605
Can someone confirm that using RSA keys instead of
SFTPHostKey /etc/ssh/ssh_host_ecdsa_key
works for you?
signature.asc
Description: OpenPGP digital signature
Hello,
Am 11.04.19 um 22:59 schrieb Hilmar Preuße:
[...]
> Your latest upload to Debian oldstable introduced a new bug: the proftp
> server now crashes, upon SSH connections. As I don't have an oldstable
> system at hand: are you able to reproduce the issue using the package
> you built?
I
Hello Helmut,
Am 10.04.19 um 06:33 schrieb Helmut Grohne:
> Control: reopen -1
>
> Hi Markus,
>
> On Sun, Mar 24, 2019 at 01:09:06PM +, Debian Bug Tracking System wrote:
>>* Fix infinite loop patch. Really (Closes: #924291)
>
> As much as I hate to say this, it still loops. You can see
+java.net.URL. (Closes: #926088)
+
+ -- Markus Koschany Mon, 08 Apr 2019 00:13:19 +0200
+
robocode (1.9.3.3-1) unstable; urgency=medium
* New upstream version 1.9.3.3.
diff -Nru robocode-1.9.3.3/debian/patches/CVE-2019-10648.patch
robocode-1.9.3.3/debian/patches/CVE-2019-10648.patch
Am 07.04.19 um 20:36 schrieb Adrian Bunk:
> On Sun, Apr 07, 2019 at 11:12:30AM -0700, tony mancill wrote:
>> ...
>> Somewhat related, given that closure-compiler upstream releases about
>> once a month on average, perhaps it is a candidate for doing Something
>> Different.
>
> That's pretty
Source: ublock-origin
Version: 1.18.4+dfsg-2
Severity: wishlist
adding Sean to CC, perhaps he has some ideas too as the previous
maintainer.
Hi,
I was asked by upstream if we could package uBo for Firefox and
Chromium in separate packages again. The reasoning is that we had
recently two severe
On Wed, 20 Mar 2019 17:50:39 + Qwerty Chouskie
wrote:
> After much research at
> https://github.com/Neverball/neverball/issues/170, it seems this issue
> only affects the Debian package for some reason, likely a weird compiler
> bug or such. Anyways, the solution seems to be a rebuild of
Am 05.04.19 um 13:56 schrieb Francesco P. Lovergine:
[...]
> That should be definitively the easiest solutions. Of course 1.3.5e does
> not strictly fix only those three leaks, so that update could be non
> acceptable for a secteam upload.
The security team has marked this issue as no-dsa, so
Hi,
Am 29.03.19 um 16:44 schrieb Francesco P. Lovergine:
> On Thu, Mar 28, 2019 at 01:49:51PM +0100, Markus Koschany wrote:
>> Hello Francesco,
>>
>> I intend to upgrade proftpd in Jessie to fix the memory leaks and
>> another unrelated issue. I think it would be best
Hi,
Am 04.04.19 um 23:32 schrieb Damon Thomas:
> Package: webext-https-everywhere
> Version: 2019.1.31-2
> Severity: normal
>
> Dear Maintainer,
>
> I was having issues with frequent "Gah. Your Tab Just Crashed" Firefox-ESR
> errors.
> This persisted through the recent FF-ESR point upgrade.
Hello Jaroslav,
On Mon, 01 Apr 2019 09:03:31 +0200 Jaroslav Tulach
wrote:
[...]
> Hello Markus,
> it would be better to have a whole NetBeans log file instead of just the
> stack
> trace. Then we could see classpath, list of enabled modules and may be deduce
> more.
>
> Best regards.
> -jt
Hi,
Am 31.03.19 um 20:59 schrieb Dominik Stadler:
> I think the current changes do not properly fix this, I created
> https://salsa.debian.org/java-team/netlib-java/merge_requests/2 with the
> set of changes based on previous patches that I think would make the
> classes be built again and also
Package: nuget
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for nuget.
CVE-2019-0757[0]:
A tampering vulnerability exists in NuGet software when executed in a
Linux or Mac environment. An attacker who successfully exploited
Hi,
On Sat, 30 Mar 2019 08:32:34 +0100 Salvatore Bonaccorso
wrote:
> Hi Bernd,
>
> On Fri, Mar 29, 2019 at 10:54:50PM +0100, Bernd Zeimetz wrote:
> > Hi Salvatore,
> >
> > > The following vulnerability was published for gpsd, not competely sure
> > > on severity and on if the referenced
Package: bwa
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for bwa.
CVE-2019-10269[0]:
| BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based
| buffer overflow in the bns_restore function in bntseq.c via a
Hi,
Am 29.03.19 um 18:22 schrieb Eugen Dedu:
> On 29/03/2019 17:55, Markus Koschany wrote:
>> Am 29.03.19 um 17:38 schrieb Eugen Dedu:
>>> Wouldn't it make sense to upload to unstable instead of experimental?
>>> Currently, firefox 66 is in unstable, and does not work
Am 29.03.19 um 17:38 schrieb Eugen Dedu:
> Wouldn't it make sense to upload to unstable instead of experimental?
> Currently, firefox 66 is in unstable, and does not work with ublock
> origin from unstable. People who track unstable have to figure out that
> they need to install ublock origin
Package: activemq
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for activemq.
CVE-2019-0222[0]:
| In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame
| can lead to broker Out of Memory exception making it
Hello Francesco,
I intend to upgrade proftpd in Jessie to fix the memory leaks and
another unrelated issue. I think it would be best to backport the
version in testing. If you agree, I could also update proftpd in stable.
Please let me know if I can proceed.
Regards,
Markus
signature.asc
Control: forcemerge 925509 925510
Control: severity -1 serious
Am 25.03.19 um 23:26 schrieb Wouter Wijsman:
[...]
> A java.lang.NoSuchMethodError exception has occurred.
> Please report this at
> https://issues.apache.org/jira/projects/NETBEANS/issues,
> including a copy of your messages.log
version.
Cheers,
Markus
From: Markus Koschany
Date: Mon, 25 Mar 2019 14:44:22 +0100
Subject: URLClassLoader
---
src/org/netlib/generate/JavaGenerator.java | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/src/org/netlib/generate/JavaGenerator.java b/src/org/netlib
, well explained here:
http://java9.wtf/class-loading/
(I love the homepage name)
I tried to follow the solution and hope it helps.
Regards,
Markus
From: Markus Koschany
Date: Mon, 25 Mar 2019 14:44:22 +0100
Subject: URLClassLoader
---
src/org/netlib/generate/JavaGenerator.java | 17
Control: tags -1 pending
Hello!
Am 24.03.19 um 16:52 schrieb Olivier:
> Hello,
>
> I just found out that the manifest.json in webext-ublock-origin contains an
> incorrect value. The value 'split' of 'incognito' is not supported in Firefox
>
Hi,
Am 24.03.19 um 20:41 schrieb Bertrand Florat:
> Hi,
>
> FYI, the develop branch of jajuk works with the revival of substance
> (radiance), it works for instance with radiance-substance 2.0.1.
>
> See https://github.com/kirill-grouchnikov/radiance
Thanks for the hint. Unfortunately
Hi Andreas,
Am 24.03.19 um 18:09 schrieb Andreas Tille:
> Hi Markus,
>
> you have set this bug pending but the fix seems not to be uploaded until
> now. The package would have been removed from testing without my ping
> of the bug (which is the only thing I intend to do here.
>
> Kind regards
-02-06 22:59:39.0
+0100
+++ sweethome3d-6.1.2+dfsg/debian/changelog 2019-03-24 14:00:44.0
+0100
@@ -1,3 +1,10 @@
+sweethome3d (6.1.2+dfsg-2) unstable; urgency=medium
+
+ * Replace dependency on icedtea-netx-common with icedtea-netx.
+(Closes: #924594)
+
+ -- Markus Koschany
+0100
+++ netrek-client-cow-3.3.1/debian/changelog2019-03-24 13:31:40.0
+0100
@@ -1,3 +1,10 @@
+netrek-client-cow (3.3.1-3) unstable; urgency=medium
+
+ * Team upload.
+ * Fix infinite loop patch. Really (Closes: #924291)
+
+ -- Markus Koschany Sun, 24 Mar 2019 13:31:40 +0100
Am 24.03.19 um 07:33 schrieb Helmut Grohne:
> Control: reopen -1
>
> On Thu, Mar 21, 2019 at 12:54:04AM +, Debian Bug Tracking System wrote:
>>* Fix possible infinite loop. (Closes: #924291)
>
> Thank you for the timely fix. Unfortunately, it doesn't work as the
> variables are
Am 24.03.19 um 09:36 schrieb Martin Steigerwald:
[...]
> Would it make sense to reassign this issue to Firefox package so the
> maintainers of it can have a look at?
I don't know yet. Since the official version works, it is probably not a
Firefox bug. It is likely related to a missing Firefox
On Thu, 14 Mar 2019 19:53:28 +0100 Matthias Klose wrote:
> Package: src;sweethome3d
> Version: 6.1.2+dfsg-1
> Severity: serious
> Tags: sid buster
>
> Build-depend on icedtea-netx instead of icedtea-netx-common (nbs).
>
> Patch at
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
[...]
> I will update ublock-origin to version 1.18.10 and see if it fixes
> the problem. I couldn't find a hint in the recent release notes, so
> it could also be a Firefox bug. I will investigate. Since Debian is
> currently in a full freeze mode
Control: tags -1 confirmed
Hello, and thank you both for the report.
Am 23.03.19 um 12:40 schrieb Martin Steigerwald:
> Package: webext-ublock-origin
> Version: 1.18.4+dfsg-2
> Severity: normal
>
> Dear Markus,
>
> uBlock Origin becomes deactivated with Firefox 66.0-1.
>
> With Firefox ESR
)
+ * Move the package to salsa.debian.org.
+
+ -- Markus Koschany Wed, 20 Mar 2019 21:31:57 +0100
+
netrek-client-cow (3.3.1-1) unstable; urgency=medium
* Team upload.
diff -Nru netrek-client-cow-3.3.1/debian/control
netrek-client-cow-3.3.1/debian/control
--- netrek-client-cow-3.3.1/debian/control
Hello!
On Wed, 20 Mar 2019 20:33:10 +0100 Salman Mohammadi
wrote:
>
> Package: webext-https-everywhere
> Version: 2019.1.31-2
> Severity: minor
>
> Dear Maintainer,
>
> The timestamp which shows the last updated time is currently set to
> January 1, 1980 which is obviously not correct.
>
>
Hi Mike,
On Fri, 08 Mar 2019 22:40:52 + Mike Gabriel
wrote:
[...]
> The critical patch is CVE-2019-6111-2.patch. With that patch added I
> get segfaults with scp. Without that patch scp works, but is
> susceptible to the earlier mentioned exploit for CVE-2019-6111.
>
> I am a bit lost
:15.0 +0100
@@ -1,3 +1,11 @@
+retroarch-assets (1.3.6+git20160731+dfsg1-2) unstable; urgency=medium
+
+ * Team upload.
+ * Remove alternative dependency on fonts-roboto because it provides the
+unhinted version now. This fixes broken symlinks. See also #922947.
+
+ -- Markus Koschany
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Control: severity -1 normal
The RC issue was fixed in version 1.3.6+git20160731+dfsg1-2. Let's
keep this bug open for Debian 11. For Buster we can still depend on
the hinted fonts thus there is no risk of breaking anything.
-BEGIN PGP
Control: tags -1 confirmed pending
On Fri, 22 Feb 2019 09:18:51 +0100 Andrej Shadura
wrote:
> Package: retroarch-assets
> Severity: normal
>
> Dear Maintainer,
>
> The Roboto upstream no longer provides hinted fonts, so
> fonts-roboto-hinted is now a transitional package providing symlinks to
Control: reassign 924328 javahelper
Control: forcemerge 924339 924328
Control: affects 924328 src:android-platform-build
Control: retitle 924328 javahelper: jh_build regressed for -doc packages
This issue is caused by the fix for #887666
https://bugs.debian.org/887666
It is not related to the
Control: severity -1 important
On Sat, 2 Mar 2019 15:38:51 +0100 Markus Koschany wrote:
[...]
> Could you elaborate on why this is a bug in libitext-java and how this
> is connected to bouncycastle?
Unfortunately you haven't responded to my last email. I can't reproduce
this be
Am 13.03.19 um 17:47 schrieb Matthias Klose:
> On 13.03.19 10:54, Andreas Tille wrote:
>> On Tue, Mar 12, 2019 at 11:41:22AM +0100, Andreas Tille wrote:
>>> Michael Crusoe has suggested a workaround[1]. What do you think about
>>> this?
>>
>> In case there is no answer to this question I assume
Control: tags -1 pending
Hi,
Am 11.03.19 um 23:16 schrieb Michael Biebl:
[...]
>
> Thanks, Markus.
>
> Also big thanks to the debian-lts team in general for backporting those
> security fixes for the systemd package in old-stable.
I could reproduce the memory leak with valgrind following the
Hi,
Am 11.03.19 um 21:05 schrieb Pedro Pena:
> Hello Markus,
>
> Very exciting..
>
> I applied the patches and made the other changes as well.
> However, there are lintian warnings because infinitetux.jar
> is now included in the source files.
[...]
I think I know the reason. You used
2019-03-12
01:25:43.0 +0100
@@ -1,3 +1,12 @@
+owasp-java-html-sanitizer (0.1+r88-2) unstable; urgency=medium
+
+ * Team upload.
+ * Remove obsolete DM-uploads-allowed field.
+ * Do not build-depend on libjsr305-java-doc anymore because it is gone.
+(Closes: #923654)
+
+ -- Markus
601 - 700 of 3519 matches
Mail list logo