Package: webext-privacy-badger
Version: 2018.12.5-1
Severity: grave
Similar to Debian bug #916431 in ublock-origin, symlinks to jquery and
underscore libraries are not followed by Firefox or they are silently
ignored. I used the internal addon debugging mode of Firefox and those
Javascript
Control: tags -1 confirmed
On Fri, 14 Dec 2018 13:13:17 +0100 Paride Legovini wrote:
> Package: webext-ublock-origin
> Version: 1.17.0+dfsg-2
> Severity: normal
>
> Dear Maintainer,
>
> In Firefox the icons in the toolbar-accessible settings menu are missing
> (see the attached screenshot). In
Hi,
please keep the bug in CC.
Am 13.12.18 um 14:54 schrieb Hans:
> Am Donnerstag, 13. Dezember 2018, 14:37:08 CET schrieben Sie:
>
> Hi Markus,
>
>
>
> this is not quite correct, as I have java11 installed, but running java-8,
> please see:
You have Java 11 and Java 8 installed but
Control: tags -1 confirmed
Hello,
Am 13.12.18 um 12:12 schrieb Hans-J. Ullrich:
> Package: mediathekview
> Version: 13.2.1-2
> Severity: important
>
> Dear Maintainer,
>
> with the latest version I got into the issue, that mediathekview is freezing
> after it
> downloaded the videolist.
>
>
Control: forwarded -1 https://github.com/mediathekview/MediathekView/issues/400
Control: retitle: mediathekview: first start without VLC should not require
second confirmation
Am 11.12.18 um 21:06 schrieb Dominik George:
> Control: rettle -1 mediathekview: first start without vlc is inobvious
>
Hello Andreas,
Am 09.12.18 um 16:07 schrieb Andreas Ronnquist:
> tags 916037 + patch
> thanks
>
> Patch attached to fix this build error (Which I am the cause of).
Please feel free to upload your fix as needed. Since all packages are
team-maintained and you are a member of the team and know
Control: reopen -1
Now the build also fails because of
error: 'HOME_DIR' was not declared in this scope
I don't know how one can reliably set the HOME_DIR variable on GNU/Hurd
and kFreeBSD, so I leave this task to someone else.
signature.asc
Description: OpenPGP digital signature
)
+
+ -- Markus Koschany Sun, 09 Dec 2018 15:12:05 +0100
+
mudlet (1:3.7.1-1) unstable; urgency=medium
* New upstream release
diff -Nru mudlet-3.7.1/debian/patches/QTabBar-include.patch
mudlet-3.7.1/debian/patches/QTabBar-include.patch
--- mudlet-3.7.1/debian/patches/QTabBar-include.patch 1970-01
Package: moria
Version: 5.7.10+20181022-1
Severity: serious
Dear maintainer,
moria fails to build from source on mips64el. This prevents the
package migration to testing. According to the build log the error is
caused by
src/ui_io.cpp:521:31: error: cast from 'int*' to 'fd_set*' increases
:32:28.0 +0100
@@ -1,3 +1,11 @@
+gltron (0.70final-12.2) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Add no-Werror.patch and do not treat warnings as errors anymore.
+(Closes: #897760)
+
+ -- Markus Koschany Sun, 09 Dec 2018 14:32:28 +0100
+
gltron (0.70final-12.1
Control: tags -1 moreinfo
On Sat, 1 Dec 2018 21:04:18 + Sajid Nawaz Khan
wrote:
[...]
> The Issue
> Since upgrading to a fresh and clean install of Kali Linux 2018.4, msfvenom
> is unable to generate weaponised APKs. An identical command worked prior to
> the update.
>
>
> How'd you do
Hello gregor,
Am 02.12.18 um 12:30 schrieb gregor herrmann:
> On Tue, 23 Jan 2018 00:00:14 +0100, Markus Koschany wrote:
>
>> I've prepared a patch to fix the FTBFS with Java 9. Please find attached
>> the debdiff.
>
> Unfortunately the build fails earlier now:
Tha
Am 30.11.18 um 18:21 schrieb Hans Georg Colle:
> Hello Markus,
> could you run your application using xorg instead of the xwayland
> server (i. e. choose "Gnome unter Xorg" in the gdm3 greeter settings
> before logging in), please, and report the result?
> I got the same issue running a JavaFX-UI
Hi,
Am 26.11.18 um 15:13 schrieb Gianfranco Costamagna:
> control: tags -1 -wontfix -moreinfo
> control: affects -1 src:performous
>
> Markus, please have a look at this bug :)
I don't know how I can help here. Performous only fails on powerpc
architectures which looks like a Boost bug to me.
Hi Phil,
Am 27.11.18 um 20:38 schrieb Phil Morrell:
> Control: owner -1 !
> Control: retitle -1 ITP: wildfly -- a JEE application server
> thanks
>
> My new $dayjob currently uses JBoss EAP, so I intend to work towards
> having WildFly available in **bullseye**. I know this is a complex task,
>
Hi,
Am 26.11.18 um 22:46 schrieb Gilles Filippini:
> Package: ant
> Version: 1.9.10-1
> Severity: serious
> Tags: patch
> Justification: Causes FTBFS
>
> Hi,
>
> When installed along with usrmerge, ant can be invoked via /bin/ant. In this
> case it fails with:
[...]
Just some quick notes,
Hi,
On Thu, 22 Nov 2018 21:35:39 +0100 Salvatore Bonaccorso
wrote:
> Source: sysstat
> Version: 12.0.1-1
> Severity: important
> Tags: security upstream
> Forwarded: https://github.com/sysstat/sysstat/issues/196
>
> Hi,
>
> The following vulnerability was published for sysstat.
[...]
I can't
Control: reassign -1 src:javahelper
Am 23.11.18 um 09:48 schrieb Matthias Klose:
> Package: src:libjide-oss-java
> Version: 3.7.4+dfsg-1
> Severity: serious
> Tags: sid buster
>
> Seen at
> https://bugs.launchpad.net/ubuntu/+source/starjava-ttools/+bug/1804773
>
> verified that a rebuild in
Hello,
Am 22.11.18 um 23:09 schrieb Dan Van Atta:
[...]
>> Presumably the latest Substance binaries have fixed this issue.
>
> I'm eager for confirmation that this looks to be fixed, I'm happy to
> help with what I can in that effort.
Thank you very much for responding to this bug report. I'm
Package: keepalived
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for keepalived.
CVE-2018-19115[0]:
| keepalived before 2.0.7 has a heap-based buffer overflow when parsing
| HTTP status codes resulting in DoS or possibly
Am 21.11.18 um 19:57 schrieb Thorsten Glaser:
> Hi Emmanuel,
>
>> 2.1 under the CDDL+GPL and the version 2.1.1 under the EPL+GPL. So it's
>> still correct to state that the code is licensed under the CDDL.
>
> the code, perhaps, but not the source package you received.
>
> Why don’t you just
Am 21.11.18 um 19:30 schrieb Thorsten Glaser:
[...]
> This is wrong, see the NOTICE file:
>
> | ## Declared Project Licenses
> |
> | This program and the accompanying materials are made available under the
> terms
> | of the Eclipse Public License v. 2.0 which is available at
> |
Control: severity -1 normal
Am 21.11.18 um 18:15 schrieb Thorsten Glaser:
> Source: jaxrs-api
> Version: 2.1.2-2
> Severity: serious
> Justification: Policy 2.3, 12.5, possibly 2.1
>
> In an internal Java™ project of $dayjob I was checking licences
> of updated components and found that
Am 19.11.18 um 16:30 schrieb Mathieu Malaterre:
> On Mon, Nov 19, 2018 at 4:15 PM Markus Koschany wrote:
>> Are you sure you are trying to build src:libpdfbox-java and not
>> src:libpdfbox2-java?
>
> Sorry my fault. Fixed now.
>
>> In any case both packages build f
Am 19.11.18 um 15:19 schrieb Mathieu Malaterre:
> Source: libpdfbox-java
> Version: 1:1.8.16-1
>
> For some reason I cannot build libpdfbox-java locally, it fails to build with:
>
> Offline mode. Give up looking for package containing
> /usr/share/doc/libbcprov-java/apidocs/index.html
>> dpkg
Am 19.11.18 um 12:55 schrieb Reinhard Karcher:
> Am Montag, 19. November 2018, 12:51:03 CET schrieb Markus Koschany:
>> Am 19.11.18 um 10:26 schrieb Reinhard Karcher:
>>> Package: mediathekview
>>> Version: 13.2.1-1
>>> Severity: grave
>>
>>>
Am 19.11.18 um 10:26 schrieb Reinhard Karcher:
> Package: mediathekview
> Version: 13.2.1-1
> Severity: grave
>
> mediathekview hangs in startup:
[...]
Hi,
thanks for the report. It appears libguava-java must be added as a
runtime dependency too. This will be fixed shortly.
Regards,
Markus
Hi,
Am 16.11.18 um 19:49 schrieb Rene Engelhard:
[...]
>>> diff --git
>>> a/connectivity/registry/mysql/org/openoffice/Office/DataAccess/Drivers.xcu
>>> b/connectivity/registry/mysql/org/openoffice/Office/DataAccess/Drivers.xcu
>>> index 77988448f..acd8bfdaf 100644
>>> ---
>>>
Source: mozilla-noscript
Version: 10.1.9.6-2
Severity: serious
Hi,
mozilla-noscript currently FTBFS because of
https://buildd.debian.org/status/fetch.php?pkg=mozilla-noscript=all=10.1.9.6-2=1537976571=0
dh_webext: Ignored some command-line arguments: ['-i']
Traceback (most recent call last):
Control: retitle -1 mysql-connector-java: removal from Debian
Control: block -1 by 913323 913354 913360 913343 913362
So here we go. The removal of mysql-connector-java is currently blocked
by five bugs. I have submitted patches for four of them and I will take
care of netbeans myself. I'm
Package: libnb-ide14-java
Version: 8.1+dfsg3-5
Severity: important
Hello,
we would like to remove libmysql-java from Debian because it is
frequently affected by security vulnerabilities which are not fully
disclosed. This makes it hard to determine the impact of such a flaw.[1]
However we also
jar
+
+
+
--
2.19.1
>From 1172166889764ae0e77488e5d173f33961b9859b Mon Sep 17 00:00:00 2001
From: Markus Koschany
Date: Fri, 9 Nov 2018 23:06:15 +0100
Subject: [PATCH] mariadb
---
connectivity/qa/complex/connectivity/JdbcLongVarCharTest.java | 4 ++--
.../mysql/org/open
rom e92546baa42ffa32db69d4ae2e35fa446b0e7622 Mon Sep 17 00:00:00 2001
From: Markus Koschany
Date: Fri, 9 Nov 2018 21:18:56 +0100
Subject: [PATCH] Switch from libmysql-java to libmariadb-java.
---
debian/changelog | 7 +++
debian/control | 2 +-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/deb
Mon Sep 17 00:00:00 2001
From: Markus Koschany
Date: Fri, 9 Nov 2018 18:32:31 +0100
Subject: [PATCH] Switch from libmysql-java to libmariadb-java.
---
debian/changelog | 7 +++
debian/control | 2 +-
debian/patches/mariadb.patch |
On closer inspection I'm not sure why you need the build-dependency on
libmysql-java at all. The package builds fine without it. I wonder how
igv loads the jdbc driver. It seems to make a runtime connection to a
MySQL/MariaDB server though. Could also just be an option.
See line 83 in
the necessary changes to the
Debian packaging without using a patch.
Markus
From 86feef76191c245ec314f1efc66f0f6dfba1a634 Mon Sep 17 00:00:00 2001
From: Markus Koschany
Date: Fri, 9 Nov 2018 16:14:47 +0100
Subject: [PATCH 1/2] B-D on libjaxb-api-java and fix FTBFS with Java 11.
---
debian/control
:00 2001
From: Markus Koschany
Date: Fri, 9 Nov 2018 16:02:33 +0100
Subject: [PATCH] Replace libmysql-java with libmariadb-java.
---
debian/control | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/debian/control b/debian/control
index a3b5948..97d88d1 100644
--- a/debian/cont
There was a mistake in mariadb.patch. s/com/org. Updated patch is attached
From: Markus Koschany
Date: Fri, 9 Nov 2018 13:55:11 +0100
Subject: mariadb
Use MariaDB driver class.
Forwarded: no
---
.../java/org/openstreetmap/osmosis/apidb/common/DataSourceFactory.java | 2 +-
1 file changed, 1
Mon Sep 17 00:00:00 2001
From: Markus Koschany
Date: Fri, 9 Nov 2018 13:39:08 +0100
Subject: [PATCH 1/2] Switch from libmysql-java to libmariadb-java.
---
debian/control | 4 ++--
debian/maven.rules | 1 +
debian/patches/02-fix_plexus.patch | 2 +-
3 files chan
Am 08.11.18 um 19:34 schrieb Moritz Mühlenhoff:
[...]
> So upon a closer look this seems to only affect the 8.x releases of the
> connector (Oracle only lists those affected release series which are
> affected and this only lists 8.x, while 5.1.x is still supported; there's
> a 5.1.47 release).
>
Control: tags -1 pending
Thanks for reporting. The extra packs are included in eboard now. I have
updated the Breaks and Replaces fields in debian/control and I am going
to request the removal of eboard-extras-pack1 from Debian.
Regards,
Markus
signature.asc
Description: OpenPGP digital
Package: glusterfs
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for glusterfs.
CVE-2018-14651[0]:
| It was found that the fix for CVE-2018-10927, CVE-2018-10928,
| CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was
Am 05.11.18 um 14:13 schrieb Moritz Mühlenhoff:
[...]
> The Java connector follows the horrible Oracle policy of not disclosing
> vulnerability information. Given that we now have mariadb-connector-java
> in the archive (with a transparent upstream), can we migrate existing
> reverse deps
Package: mysql-connector-java
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for mysql-connector-java.
CVE-2018-3258[0]:
| Vulnerability in the MySQL Connectors component of Oracle MySQL
| (subcomponent: Connector/J).
Am 04.11.18 um 06:55 schrieb Harald Dunkel:
> Package: bzflag
> Version: 2.4.18-1
>
> Since the upgrade of alsa-lib to version 1.1.7 bzflag has lost sound
> via alsa. At start time there is just a message
>
> Couldn't open audio: Couldn't set hardware audio parameters: Success
>
> Moving back
libbtm-java looks like a removal candidate for me. Last release was in
2012, project looks pretty much stalled.
https://github.com/bitronix/btm
The only r-dep is ehcache which uses libbtm-java for its tests.
signature.asc
Description: OpenPGP digital signature
Package: javahelper
Version: 0.70
Severity: important
I discovered a regression in jh_installjavadoc. This tool will
automatically create a doc-base file.
In libjackson-json-java 1.9.2-9 the content looks as follows:
Format: HTML
Index: //usr/share/doc/libjackson-json-java/api
Files:
Control: severity -1 important
On Tue, 30 Oct 2018 14:39:11 +0100 Markus Koschany wrote:
> Control: forwarded -1
> https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8213149
> thanks
>
> Look like upstream can't reproduce this issue with their custom JDK image.
>
Am 30.10.18 um 18:25 schrieb Thierry:
> Adrian Bunk wrote:
>
>> Package: xul-ext-ublock-origin
>> Version: 1.10.4+dfsg-1
>> Severity: serious
>> Control: fixed -1 1.16.6+dfsg-1
>> Control: close -1
>>
>> XUL addons are no longer supported.
>>
>> This is already fixed in unstable.
>
> OK, but
Control: forwarded -1
https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8213149
thanks
Look like upstream can't reproduce this issue with their custom JDK image.
signature.asc
Description: OpenPGP digital signature
I was investigating the Java 11 FTBFS of axis and uddi4j. I wonder if we
rather should focus on removing these packages instead of patching them.
Axis has seen its last release in 2006. AFAIK Apache CXF would be a
better alternative because it is actively maintained. Unfortunately it
is not
Am 30.10.18 um 01:15 schrieb Emmanuel Bourg:
> Le 30/10/2018 à 00:41, gregor herrmann a écrit :
>
>> I guess we need to make sure that we build with openjdk-8.
>> (You know this better than me but I seem to remember that the plan
>> was to keep openjdk-8 in buster for building packages?)
>
> No
ava:372)
/usr/bin/mh_installpom: line 148: debian/.mh/pom.properties: No such
file or directory
make: *** [debian/rules:9: binary] Error 1
From: Markus Koschany
Date: Mon, 29 Oct 2018 20:36:31 +0100
Subject: java11
Fix biz.aQute.remote/src/aQute/remote/agent/RedirectOutput.java:41: error:
nullOutputStrea
Control: owner -1 !
I'm currently working on updating Teeworlds to version 0.7.
Markus
signature.asc
Description: OpenPGP digital signature
On Mon, 15 Oct 2018 17:48:38 +0200 Andreas Beckmann wrote:
> Package: libjetbrains-annotations-java
> Version: 16.0.2-4
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: piuparts replaces-without-breaks
>
> Hi,
>
> during a test with piuparts and DOSE tools I noticed your
I believe I have found a way to workaround this issue for the moment. If
I pass -Djdk.gtk.version=2 to PDFsam version 3.3.7 it no longer crashes.
However there is another issue with fontawesomefx, so there is still
some work to do. I think I will forward this issue to the OpenJFX
developers
Hello,
Am 23.10.18 um 21:20 schrieb Anthony DeRobertis:
> Package: tomcat7
> Version: 7.0.56-3+really7.0.91-1
> Severity: important
>
> After applying the recent security update, the web app we're running
> (which is unfortunately a proprietary product provided by a vendor) no
> longer works.
Control: forwarded -1 https://github.com/torakiki/pdfsam/issues/310
thanks
Apparently upstream managed to run PDFsam with OpenJFX 11. I'm currently
investigating why it doesn't work for us.
signature.asc
Description: OpenPGP digital signature
Am 21.10.18 um 23:51 schrieb Yavor Doganov:
> Markus Koschany wrote:
>> I only noticed that the Close button in the "Info" submenu doesn't
>> work as intended.
>
> There is no "Info" submenu; I guess you mean the Close button in the
> About dialog?
Hi!
Thanks again for your patches to port monster-masher away from esound
and gconfmm. I only noticed that the Close button in the "Info" submenu
doesn't work as intended. Otherwise the game seems to work. Minor
nitpick: Please consider to submit a debdiff for future patches because
it is easier
I have just requested a CVE id for this issue. Upstream clarified the
fixing commits. They are
https://github.com/teeworlds/teeworlds/commit/a263185571903ead01f6b351a91ea219ac9d215f
https://github.com/teeworlds/teeworlds/commit/aababc63e1bc41672502ca6c7a1dd9f61d94
Hi,
Am 20.10.18 um 21:01 schrieb Salvatore Bonaccorso:
[...]
> For 0.6.5 the following two commits might be the relevant ones (not
> found any further possibly releated):
>
> https://github.com/teeworlds/teeworlds/commit/4c00063b2fd9c25998f3d308723e1ae65c20548d
>
Package: teeworlds-server
Version: 0.6.4+dfsg-1
Severity: grave
Tags: security
It was discovered that a Teeworlds server could be made inaccessible
by forging connection packets. This made it look like the server was
always full thus access to the server was effectively denied. My own
private
Hi Bill,
On Mon, 21 Nov 2016 23:51:54 +0100 Bill Allombert
wrote:
> Package: brutalchess
> Version: 0.5.2+dfsg-7
> Severity: wishlist
> Tags: patch
>
> Dear Debian Games team,
>
> I did not find a way to undo the last move, so I made this simple patch
> that causes backspace to undo the last
Hi Ryan,
On Tue, 16 Oct 2018 11:32:34 -0400 "Ryan C. Gordon"
wrote:
>
> Can someone humor me and make a quick change to Neverball for me?
>
> In neverball/share/fs_physfs.c, there are three calls to
> PHYSFS_setBuffer(). Just comment them out and rebuild Neverball with
> PhysicsFS support
Package: mediathekview
Version: 13.0.6-1
Severity: wishlist
I am filing this bug report to document the progress on packaging
version 13.2.1 of mediathekview.
The new version made significant changes under the hood which require
new build-dependencies. I have already packaged libmbassador-java
I have decided to split the issue into smaller parts. I'm going to fix
the JavaFX 11 "not found" issue by using the --add-modules option in
mediathekview's wrapper script. I don't even have to patch the sources
then. Another patch will ensure compatibility with the default-jdk
version in Debian.
On Tue, 05 May 2015 14:35:53 +0200 Jonas Smedegaard wrote:
> Package: python-moinmoin
> Severity: important
>
> fckeditor has been removed from Jessie, yet is recommended by
> python-moinmoin.
>
> One of the RC bugs against fckeditor - bug#758897 - indicates that
> ckeditor is a successor, so
Hi,
Am 15.10.18 um 19:45 schrieb Erich Schubert:
> Hi,
>
> It seems the classpath is not set up correctly.
>
> With Java 11 as my main java, the following works:
>
> java -cp
>
Am 15.10.18 um 19:22 schrieb Jakub Wilk:
> Package: webext-ublock-origin
> Version: 1.17.0+dfsg-2
>
> Some strings are missing on the dashboard page:
> * "Shortcuts" tab;
> * "Disable JavaScript" checkbox.
>
> See the attached screenshot.
>
> Curiously, they both show correctly in a newly
Control: severity -1 grave
Control: block -1 by 910764
Am 15.10.18 um 15:55 schrieb shirish शिरीष:
> Dear all,
>
> The issue is still prevalent even though you do get a
> 'banner'/animation or whatever its called similar to when gimp starts
> even though there are now versions of openjfx and
Control: tags -1 unreproducible
Control: severity -1 important
Am 15.10.18 um 14:11 schrieb Marco Righi:
> Package: pdfsam
> Version: 1.1.4-4
> Severity: grave
>
> --- Please enter the report below this line. ---
> Hi,
> After pdfsam execution appears only a little box (see image_1).
> After
Package: triplea
Version: 1.9.0.0.7062-2
Severity: grave
Justification: renders package unusable
After the switch to OpenJFX 11, triplea fails to start with a
NullPointerException.
triplea.engine.version.bin:1.9
java.lang.NullPointerException
at
Hi Gürkan,
Am 11.10.18 um 17:42 schrieb Gürkan Myczko:
> Hello Josue and Markus
>
> I've prepared a new upstream version of greed, and added the desktop file.
> Feel free to use:
>
> http://phd-sid.ethz.ch/debian/greed/greed_4.2-1.dsc
>
> Best,
Thank you for preparing a new Debian release of
Control: tags -1 confirmed pending
Am 11.10.18 um 16:24 schrieb Eugen Dedu:
> Package: webext-ublock-origin
> Version: 1.17.0+dfsg-1
> Severity: grave
> Justification: renders package unusable
>
> Dear Maintainer,
>
> After upgrading to 1.17.0+dfsg-1 version, the package does not work with
>
Package: gnulib
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for gnulib.
CVE-2018-17942[0]:
| The convert_to_decimal function in vasnprintf.c in Gnulib before
| 2018-09-23 has a heap-based buffer overflow because memory
Control: tags -1 pending
Hi,
I'm going to backport the upstream commit
https://github.com/gorhill/uBlock/commit/c5e3773a3c0480c6900db848c8755d6ec409933f
for this issue. Please note this only works in Firefox >= 62. The
"open_at_install" option is not available in Firefox ESR, so there is
not
Package: openjfx
Version: 11+26-3
Followup-For: Bug #910585
Ok, that fixed the initial issue but now I get a core dump...
Attached is the log file.
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0x0001, pid=23180, tid=23230
#
# JRE
Control: tags -1 pending
I believe the issue is caused by a missing build-dependency on
libgtk-3-dev.
signature.asc
Description: OpenPGP digital signature
Control: forcemerge 910395 910611
Am 08.10.18 um 19:37 schrieb Philip Rinn:
> Package: openjfx
> Version: 11+26-3
> Severity: normal
>
> Hi,
>
> since some days (sadly I don't know it the 8 -> 11 update triggered this)
> mediathekview and pdfsam don't start anymore:
Hi,
we are aware of the
Package: openjfx
Version: 11+26-3
Severity: serious
I have made significant progress with packaging a newer version of
MediathekView. However when I try to run the application I get a
RuntimeException which indicates that some package is missing. I
suspect libopenjfx-jni is the culprit.
Am 07.10.18 um 18:21 schrieb Markus Koschany:
> The patch contained a mistake but I just tried it on plummer.debian.org
> (ppc64el porterbox) and it unfortunately doesn't make any difference.
I should have added that I still think it has something to do with the
disabled JIT. The aforemen
The patch contained a mistake but I just tried it on plummer.debian.org
(ppc64el porterbox) and it unfortunately doesn't make any difference.
signature.asc
Description: OpenPGP digital signature
Am 07.10.18 um 14:31 schrieb Emmanuel Bourg:
> Control; severity -1 important
>
> Downgrading the severity, upstream doesn't support non x86 architectures
> and the packages are only provided as a best effort.
I believe this issue is related to the patches that disable JIT
compilation.
After
Am 07.10.18 um 13:16 schrieb Moritz Muehlenhoff:
[...]
> No, unfortunately it's the same "we fix, but don't tell" bullshit policy
> as with all other Oracle products.
>
> Given that mediathekview is our only reverse dependency in stretch we
> can probably mark it as ignored for stretch anyway?
Hi,
On Wed, 01 Aug 2018 16:45:30 +0200 Moritz Muehlenhoff
wrote:
> Source: openjfx
> Severity: grave
> Tags: security
>
> http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
> fixed CVE-2018-2941 in JavaFX, which should affect our openjfx package.
We have recently
Package: openjfx
Version: 11+26-1
Severity: serious
OpenJFX installs the javafx.control jar for javafx.web.jar. Most
likely a copy error in libopenjfx-java.poms. This means that web
related classes are missing which makes e.g. mediathekview FTBFS.
Markus
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
* Package name: jiconfont-font-awesome
Version : 4.7.0.0
Upstream Author : Cadu Andrade
* URL : https://github.com/jIconFont/jiconfont-font_awesome
* License : MIT, SIL-OFL 1.1
Programming Lang: Java
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
* Package name: jiconfont-swing
Version : 1.0.1
Upstream Author : Cadu Andrade
* URL : https://github.com/jIconFont/jiconfont-swing
* License : MIT
Programming Lang: Java
Description : jIconFont
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
* Package name: jiconfont
Version : 1.0.0
Upstream Author : jiconfont
* URL : https://github.com/jIconFont/jiconfont
* License : MIT
Programming Lang: Java
Description : API to provide icons
Package: wnpp
Severity: wishlist
Owner: Markus Koschany
* Package name: commons-dbcp2
Version : 2.5.0
Upstream Author : Apache Software Foundation
* URL : https://commons.apache.org/proper/commons-dbcp/
* License : Apache-2.0
Programming Lang: Java
Control: tags -1 pending
Control: block -1 by 910112
Fix is ready to upload in Git but blocked by #910112.
signature.asc
Description: OpenPGP digital signature
Package: javahelper
Version: 0.68
Severity: serious
The recent javahelper update broke jh_linkjars. This commit introduced
the regression
https://salsa.debian.org/java-team/javatools/commit/a87bc535da1dcba04e0e5fdca524e00c43de3efe
The error manifests for example in lombok-ast and
Am 01.10.18 um 06:13 schrieb Berkeley Roshan Churchill:
> Package: ghostscript
> Version: 9.06~dfsg-2+deb8u9
> Severity: grave
> Justification: renders package unusable
>
> Dear Maintainer,
>
>* What led up to the situation?
>
> Ghostscript was upgraded to 9.06~dfsg-2+deb8u9
>
>* What
Control: found 909929 9.06~dfsg-2+deb8u9
This issue is also present in Jessie.
signature.asc
Description: OpenPGP digital signature
I have tried some of those commits:
http://git.ghostscript.com/?p=ghostpdl.git=search=HEAD=commit=txtwrite
This one adds even more whitespace and moves the 1 character further to
the right.
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d0d4e282f98487ca2979edbaf6834d9341bcee53
This
-2018-14598:
+If the server sends a reply in which even the first string would overflow
+the transmitted bytes, list[0] (or flist[0]) will be set to NULL and a
+count of 0 is returned. This may trigger a segmentation fault leading to a
+Denial of Service.
+
+ -- Markus Koschany Sat
to be incorrectly
+identified. It was therefore possible for users to authenticate with
+revoked certificates when using mutual TLS. Users not using OCSP checks are
+not affected by this vulnerability.
+
+ -- Markus Koschany Fri, 28 Sep 2018 23:51:20 +0200
+
tomcat-native (1.2.12-2+deb9u1) stretch
Hi,
Am 28.09.18 um 20:54 schrieb Salvatore Bonaccorso:
[...]
> So this would imply changed behaviour in a stable release, and thus
> need extra care to not break more (ps2ascii might not be widely used
> still).
Thanks for sharing this information. I agree that changed behavior in a
stable
Package: poppler
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for poppler.
CVE-2018-16646[0]:
| In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause
| infinite recursion via a crafted file. A remote
801 - 900 of 3519 matches
Mail list logo
