Bug#951537: php-horde-data: CVE-2020-8518

Hi, it looks like this [1] is the corresponding commit to fix this vulnerability. regards, Philip [1] https://github.com/horde/Data/commit/78ad0c2390176cdde7260a271bc6ddd86f4c9c0e

Bug#884835: [Pkg-mailman-hackers] Bug#884835: mailman3-suite: postinst fails if nginx is installed and apache2 is missing

Hi, On Wed, 20 Dec 2017 17:50:42 +0100 Pierre-Elliott =?iso-8859-1?Q?B=E9cue?= wrote: > Please provide a little more output to explain how the postinst will > fail? Did you chose "none" for the webserver to configure? I installed mailman3-suite in a fresh KVM guest and

Bug#884835: [Pkg-mailman-hackers] Bug#884835: mailman3-suite: postinst fails if nginx is installed and apache2 is missing

Hi, Am Wed, 20 Dec 2017 17:50:42 +0100 schrieb Pierre-Elliott Bécue : > Please provide a little more output to explain how the postinst will > fail? Did you chose "none" for the webserver to configure? Atfer the installation failed I removed and purged all related packages.

Bug#884835: mailman3-suite: postinst fails if nginx is installed and apache2 is missing

Package: mailman3-suite Version: 0+20170523-6 Severity: normal Hi, it's possible to use mailman3 with nginx. But without Apache2 installed the postinst will fail because there's no instruction how to proceed with nginx. regard, Phil

Bug#884316: mailman3-suite: Unable to use nginx because of a typo in control file

Package: mailman3-suite Version: 0+20170523-2 Severity: minor Tags: patch Hi, it's great to see mailman3 in Debian. Thanks a lot for your efforts. There is a small typo in the control file that prevents to use nginx with this package. Patch is attached. regard, Phil --- control.orig

Bug#881113: mailman3-core: Package should suggest lynx

Package: mailman3-core Version: 3.1.0-1 Severity: minor Dear Maintainer, Mailman uses lynx to convert html to plain text messages. Maybe it's a good idea to add lynx to the package suggestions. -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable')

Bug#870748: coquelicot: wrong command line option for cron job

Package: coquelicot Version: 0.9.6-1 Severity: normal The cron job in /etc/cron.d fails because of a wrong command line option for reading the settings file. The wrong parameter is "-f" which doesn't exists. Instead it should be "-c" to read the file. regards, Philip -- System Information:

Bug#865647: php-horde-ingo: XSS vulnerability in rule search

Package: php-horde-ingo Version: 3.2.13-1 Severity: normal Tags: security Dear maintainer, thanks for your efforts to update all Horde packages for stretch. There's one open security problem left. Fix can be found at https://github.com/horde/horde/commit/6854284a647f360f358b4739e4df65a9cd814664

Bug#816799: spamass-milter: postfix requires milter_rcpt_macros parameter (documentation)

> If spamass-milter is used with postfix, the milter_rcpt_macros > parameter needs to be set in /etc/postfix/main.cf: > > milter_rcpt_macros = b i j r _ {auth_type} {auth_ssf} s Z > {rcpt_addr} {rcpt_host} {rcpt_mailer} The milter readme[1] doesn't lists "b", "r", "auth_ssf", "s" and "Z" as

Bug#821384: redmine: webserver needs to access plugin_asset directory

Source: redmine Version: 3.0~20140825-8~deb8u2 Severity: normal Dear Maintainer, the websever (Apache in my case) expects plugin data like stylesheets or js to be available unter the alias /plugin_assets/. By default Apache can't access the linked directory

Bug#810144: redmine: Preview doesn't work / 404

Dear Maintainer, On Wed, 06 Jan 2016 23:42:42 +0100 Philip Frei > Failed to load resource: the server responded with a status of 404 > (Not Found) POST https://webserver/issues/preview/new/test 404 (Not > Found) I found the source of this error: I use nginx as a reverse proxy for

Bug#810144: redmine: Preview doesn't work / 404

Package: redmine Version: 3.0~20140825-5 Severity: normal Dear Maintainer, the preview of wiki pages/ tickets etc. doesn't work. I'm running Redmine with Apache + Passenger + Mysql from the browser: Failed to load resource: the server responded with a status of 404 (Not Found) POST

Bug#803641: [pkg-horde] Bug#803641: Aw: Re: Bug#803641: php-horde: Multiple CSRF Vulnerabilities

On Tue, 3 Nov 2015 21:24:33 +0100 Mathieu Parent wrote: > I have tested and uploaded the fix to > security-master-unembargoed, in coordination with the security team. > If I understand correctly, it will go to the security mirrors soon. It's already there. So this bug

Bug#803641: Aw: Re: [pkg-horde] Bug#803641: php-horde: Multiple CSRF Vulnerabilities

> This seems to be: > https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae > I will prepare an upload for next jessie point-release, unless you > think it should go to the security mirors sooner. Thanks a lot! I think Horde's command shells are hardly used (I, for one

Bug#803641: [pkg-horde] Bug#803641: Bug#803641: php-horde: Multiple CSRF Vulnerabilities

On Mon, 2 Nov 2015 08:11:54 +0100 Mathieu Parent wrote: > Note that the Horde team doesn't provide CVEs, I've asked for it at: > http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html This[1] is how the Horde team handles security bugs in the changelog:

Bug#803641: php-horde: Multiple CSRF Vulnerabilities

Package: php-horde Version: 5.2.1+debian0-2+deb8u1 Severity: normal Dear Maintainer, there are some multiple CSRF vulnerabilities in Horde that were recently discovered[1]. The new version (5.2.8) in testing/unstable fixes this problem. But the problem still exists for stable's version. I would

Bug#773827: php-horde-core: missing dependency to libjs-excanvas

Package: php-horde-core Version: 2.15.0+debian0-1 Severity: normal Dear Maintainer, php-horde-core creates a symlink pointing from /usr/share/horde/js/excanvas to /usr/share/javascript/excanvas but the corresponding package libjs-excanvas doesn't belong to it's dependencies. -- System

Bug#773831: php-horde-webmail: new version fixes security issues

Package: php-horde-webmail Version: 5.2.2-1 Severity: important Dear Maintainer, the Horde team released a new version that fixes some security issues (http://lists.horde.org/archives/announce/2014/001073.html). It would be great to have this version in Debian jessie. -- System Information:

Bug#749799: php-horde-core: problem with horde's smartphone view because of outdated libjs-jquery-mobile

Package: php-horde-core Version: 2.11.1+dfsg0-1 Severity: normal Dear Maintainer, Horde provides a smartphone view for use with smartphones and tablet computers. It depends on jquery-mobile library. Because of Debian's outdated version of libjs-jquery-mobile the smartphone view doesn't work

Bug#673060: xfce4-volumed: add gstreamer0.10-alsa as dependency

Package: xfce4-volumed Version: 0.1.13-2+b1 Severity: normal I installed a Debian testing system with the xfce desktop. Although xfce4-volumed was installed automatically it doesn't work unless I installed gstreamer0.10-alsa. I think it should be a dependency for this package. Thanks for your

Bug#554506: cryptsetup: unable to find root volume

Package: cryptsetup Version: 2:1.0.7-2 Severity: important I installed today's testing netinstall image on a new laptop with lvm an crypto root. After the first boot it can't find the root volume: volume group debian not found. skipping volume group debian. unable to find LVM volume debian/root

Bug#514122: googleearth-package: Google Earth 5 fails to start because of libssl.so.0.9.8 error

Package: googleearth-package Version: 0.5.4 Severity: normal With make-googleearth-package I built a deb package of version 5.0.11337.1968+0.5.4-1. The newly installed application crashes everytime with the following error: /usr/lib/googleearth/googleearth-bin: relocation error:

Bug#506911: claws-mail: checks for new mail in offline mode after trying to close the program

Hi, On Wed, 26 Nov 2008 09:25:45 +0100 Ricardo Mones [EMAIL PROTECTED] wrote: Could you try if this is reproducible with 3.6.1 version from experimental? (it's not in unstable because requires libetpan from experimental but otherwise it's built for sid). With the version from experimental it

Bug#506911: claws-mail: checks for new mail in offline mode after trying to close the program

Package: claws-mail Version: 3.5.0-2 Severity: normal Everytime I switch to offline mode and later want to close Claws-Mail it checks for new mail. If there is no network connection Claws-Mail hangs some minutes before it closes itself. -- System Information: Debian Release: lenny/sid APT

Bug#478316: claws-mail: doesn't recognize network-manager connection change

Package: claws-mail Version: 3.4.0-1 Severity: normal Claws Mail doesn't recognize a status change of network-manager. Other programs (gajim, liferea) with this feature switch offline/online. Also the debug output shows no activity on this topic. -- System Information: Debian Release: 4.0

Bug#451893: xserver-xorg-video-intel: shows no fonts

On Mon, 19 Nov 2007 20:33:01 +0100 Brice Goglin [EMAIL PROTECTED] wrote: Does it help if you add Option AccelMethod XAA in the above section? EXA is enabled by default in 2.2.0. But there is at least one known problem with fonts and EXA. It helps. Thanks for this hint. Philip. --

Bug#437805: synaptic: Problem between theme and the upgrade.png icon

Hi, also there are other missing icons like package-install -reinstall -upgrade and so on. I think this is not a problem with synaptic but with the icon theme. Synaptic gives me the following error message: Warning, failed to load: package-availableSymbol »package-available« nicht im Thema

Bug#444700: filezilla: crashes right after start

Package: filezilla Version: 3.0.0~beta2-4 Severity: grave Justification: renders package unusable -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (900, 'stable'), (800, 'testing'), (600, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux

Bug#443199: cant' connect to database

On Fri, 21 Sep 2007 14:17:40 +0200 (CEST) Piotr Ożarowski [EMAIL PROTECTED] wrote: python-sqlalchemy (= 0.3.0-1) | 0.3.1-2 could you try with python-sqlalchemy 0.3.10-1 [1] before I will find a better solution? If new SQLAlchemy doesn't help, please let me know. With this version

Bug#443313: claws-mail: crashes when saving template

Package: claws-mail Version: 3.0.0-1 Severity: normal -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (900, 'stable'), (800, 'testing'), (600, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.22-2-686

Bug#443199: cant' connect to database

Package: griffith Version: 0.9.5-1 Severity: important --- Please enter the report below this line. --- --- System information. --- Architecture: i386 Kernel: Linux 2.6.22-2-686 Debian Release: 4.0 900 stable security.debian.org 900 stable ftp.de.debian.org 800

Bug#443217: lincity-ng: please provide a .desktop-file

Package: lincity-ng Version: 1.1.0-2 Severity: minor -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (900, 'stable'), (800, 'testing'), (600, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.22-2-686

Bug#402969: linux-image-2.6.18-3-xen-686: blktab driver for XEN is disabled

Hi Bastian, Without these driver I must use the deprecated loopback-mounted file-backed VBDs ... see point 6.2.1 of the XEN user.pdf. No, you don't need to. Using the blktap based method it the recommended way of using file-backed VBDs. And the Xen user documentation tells: Note that

Bug#405948: uswsusp: suspend fails with encryption enabled

Package: uswsusp Version: 0.6~cvs20070202-1 Followup-For: Bug #405948 With the latest version from unstable the problem still exists. I experienced with different settings in uswsusp.conf and hibernate's common.conf but I still can't find the cause. But I figured out that everytime I set

Bug#408983: apache2.2-common: link mods-enabled/dir.conf is missing

Package: apache2.2-common Version: 2.2.3-3.2 Severity: normal This is the same bug as reported in this posting http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=392356;msg=22 The link mods-enabled/dir.conf is missing. a2dismod dir and a2enmod dir brings it back. -- System Information: Debian

Bug#405948: uswsusp: suspend fails with encryption enabled

On Tue, 9 Jan 2007 22:59:07 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: Can you just try s2disk It seems to work fine with s2disk. I tried it several times and the suspend process didn't abort. So I started to play with different settings. Now I think it has something to do with

Bug#405948: uswsusp: suspend fails with encryption enabled

On Tue, 9 Jan 2007 16:45:33 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: You said it aborted after about two seconds. All that time there are no messages what so ever vissible on the screen? Only two messages from the hibernate script. The suspend process starts with: Stopping CPU Frequency

Bug#405948: uswsusp: suspend fails with encryption enabled

On Mon, 8 Jan 2007 10:57:53 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: Any error messages? If it went to quick, I think you can see some more by going to the first free virtual terminal (eg. ctrl-alt-f8) Unfortunately I can't see any error messages. Even when I try to suspend from a terminal

Bug#405948: uswsusp: suspend fails with encryption enabled

Package: uswsusp Version: 0.3~cvs20060928-6 Severity: important About every second time I can't suspend my notebook. The suspend process starts but just after 2 seconds it aborts. This only happens with encryption enabled and a key file (I already created different keyfiles). Suspend works

Bug#401102: doesn't create uswsusp.key file

Hi Tim, On Thu, 7 Dec 2006 16:06:50 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: From the strace it seems suspend-keygen exits cleanly. There are several points in the code where the execution path jumps to clean up if something returned an error. Unfortunately there are almost no error

Bug#401102: doesn't create uswsusp.key file

On Tue, 5 Dec 2006 21:08:28 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: Could you please run strace suspend-keygen I attached a file with the output. BTW, is your system in any way special? Weird filesystem, experimental libraries? I don't think so. It's a ext3 filesystem. Most

Bug#401102: doesn't create uswsusp.key file

On Wed, 6 Dec 2006 12:04:27 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: Op Wed, 6 Dec 2006 11:41:52 +0100 schreef Philip Frei [EMAIL PROTECTED]: On Tue, 5 Dec 2006 21:08:28 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: Could you please run strace suspend-keygen I

Bug#401102: doesn't create uswsusp.key file

On Sun, 3 Dec 2006 23:36:12 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: And you are sure the keyfile isn't there? What happens if you run suspend-keygen by hand? The keyfile isn't there. Even a search with find ended up with no success. It's the same with the suspend-keygen tool. -- To

Bug#401102: doesn't create uswsusp.key file

On Tue, 5 Dec 2006 17:33:47 +0100 Tim Dijkstra [EMAIL PROTECTED] wrote: It's the same with the suspend-keygen tool. Very odd... Here it works just fine. Are you sure the partition you try to write to is not full and writable? You would probably get an error msg then, but who knows?

Bug#401102: doesn't create uswsusp.key file

Hi, this is the output from the steps you told me: dpkg-reconfigure uswsusp Generating RSA key, this may take a while ... libgcrypt version: 1.2.3 Key bits (between 1024 and 4096 inclusive) [1024]: Generating 4094-bit RSA keys. Please wait. Testing the private key. Please wait. Passphrase

Bug#401102: doesn't create uswsusp.key file

Package: uswsusp Version: 0.3~cvs20060928-4 Severity: normal Some problems occured during configuration (dpkg-reconfigure): - RSA key bits: This dialog only accepts key up to 4094 bits. It doesn't continue with 4095 and 4096. After that I have to enter a password for the key file. The tools

Bug#399920: mozilla-plugin-gnash: please create a link for iceweasel

Package: mozilla-plugin-gnash Version: 0.7.2-1 Severity: normal Because of Iceweasel entered unstable it would be nice to create a link to the plugin in /usr/lib/iceweasel/plugins -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (990, 'testing'), (500,

Bug#385986: xfce4: solved by reinstalling hicolor-icon-theme

Package: xfce4 Version: 4.3.99.1 Followup-For: Bug #385986 Suggested by a post in the xfce forum (http://forum.xfce.org/index.php?topic=2884.0) I tried to dpkg-reconfigure the hicolor-icon-theme, but it didn't work. But apt-get install --reinstall brought the icons back. -- System

Bug#394549: rubrica: crashes after trying to open a contact

Package: rubrica Version: 1.0.15-1 Severity: normal I tried to open a contact and ruvrica crashed. Bug-buddy delivers the following output: 0xb74481de in __waitpid_nocancel () from /lib/tls/libpthread.so.0 #0 0xb74481de in __waitpid_nocancel () from /lib/tls/libpthread.so.0 #1 0xb7eb1655 in

Bug#392650: tor: installation exists with error

Package: tor Version: 0.1.1.24-1 Severity: grave Justification: renders package unusable -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to

Bug#392650: tor: installation exists with error

I figured out that this is only an error when upgrading tor. I remove it (apt-get remove --purge), rebooted and tried a clean installation - and it worked. But upgrading from 0.1.1.23-1 failed. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL

Bug#390212: /usr/share/menu/kftpgrabber is missing

Package: kftpgrabber Version: 0.8.0~alpha2-1 Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#387328: /usr/share/menu/kasablanca is missing

Package: kasablanca Version: 0.4.0.2-1 Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#385986: xfce4: all icons are missing

Package: xfce4 Version: 4.3.90.2 Severity: normal All xfce specific icons are missing. The settings manager only display text buttons. Same thing with panel items and the logout buttons. I'll add a screenshot soon. -- System Information: Debian Release: testing/unstable APT prefers testing

Bug#382823: xchat-gnome-common: /usr/share/menu/xchat-gnome is missing

Package: xchat-gnome-common Version: 1:0.12-2 Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#382819: linuxdcpp0.691: Doesn't come with menu entry

Package: linuxdcpp0.691 Version: 0.0.1.cvs20060715-1 Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#382416: istanbul: crashes when it tries to save a file

Package: istanbul Version: 0.2.0-1 Severity: important -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#374940: turkey: doesn't run in gui-mode

Package: turkey Version: 1.34.0-1 Severity: important -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-nibbler

Bug#372869: latex2html: doesn't convert German umlauts in footnotes to correct html-code

Package: latex2html Version: 2002-2-1-20050114-5 Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#370263: update-manager: doesn't start because of missing python module

Package: update-manager Version: 0.42.2ubuntu22-1 Severity: grave Justification: renders package unusable -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell:

Bug#361198: gnome-power-manager: can't hibernate from gpm, but running manually hal-system-power-hibernate works

Package: gnome-power-manager Version: 2.14.0-1 Severity: important -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux

Bug#360062: banshee: no menu entry

Package: banshee Version: 0.10.9-1 Severity: wishlist -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-calculon

Bug#357777: gajim: cant' use D-Bus with python2.4-dbus

Package: gajim Version: 0.9.1-3 Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-1-686 Locale: [EMAIL PROTECTED],