Hi,
I merge partially your patch, the problem is that I need a svg backend during
build in order to generate the icons...
Any idea to solve is welcomed
Bastien
signature.asc
Description: This is a digitally signed message part.
-2024-26462 (Closes: #1064965)
+A memory leak vulnerability was found in /krb5/src/kdc/ndr.c.
+ * Fixes CVE-2025-24528 (Closes: #1094730)
+Prevent overflow when calculating ulog block size
+ * Add Salsa CI
+
+ -- Bastien Roucariès Sun, 23 Feb 2025 17:42:24 +
+
krb5 (1.20.1-2+deb12u2
Hi,
I can NMU this bug for SID if needed
Bastien
signature.asc
Description: This is a digitally signed message part.
control: retitle -1 samba-security-private-samba needed by freeipa
Hi
See
https://github.com/freeipa/freeipa/blob/cbe863bf15ed3c0091256f86e9da3fe382b658f1/server.m4#L193C14-L193C44
only used for test
https://github.com/freeipa/freeipa/blob/cbe863bf15ed3c0091256f86e9da3fe382b658f1/daemons/ipa
Source: samba
Version: need samba-libs.install: new private library:
libsamba-net-private-samba.so link for dev for freeipa
Severity: important
Dear Maintainer,
For freeipa we need that libsamba-net-private-samba.so.0
is added to the dev lib and a libsamba-net-private-samba.so link
is created ?
Le lundi 10 février 2025, 19:45:18 UTC Yavor Doganov a écrit :
> Source: imagemagick
> Version: 8:7.1.1.43+dfsg1-1
> Severity: important
> Control: affects -1 + src:gnustep-gui
>
> [ I am filing this bug with severity:important because bugs affecting
> non-release architectures were traditionally
Le lundi 3 février 2025, 20:18:16 UTC Jonathan Wiltshire a écrit :
> Control: tag -1 moreinfo
>
> On Sun, Jun 16, 2024 at 10:29:09AM +, Bastien Roucariès wrote:
> > Control: tag -1 - moreinfo
> > Le samedi 15 juin 2024, 21:53:51 UTC Jonathan Wiltshire a écrit :
> >
Le vendredi 27 décembre 2024, 15:48:30 UTC Salvatore Bonaccorso a écrit :
> Hi Bastian,
>
> Just a small remark below:
>
> On Thu, Dec 26, 2024 at 09:38:26PM +, Bastien Roucariès wrote:
> > Package: release.debian.org
> > Severity: normal
> > Tags: boo
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: node-post...@packages.debian.org
Control: affects -1 + src:node-postcss
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
Fix CVE-2023-44270 (Closes: #1053282)
The vulnerability affects linters
us
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-CC: Pierre Gruet
(Please provide enough information to help the release team
to judge the request efficiently. E.g. by filling in the
sections below.)
[Reason]
CVE-2024
Le samedi 5 octobre 2024, 21:54:53 UTC Vincent Lefevre a écrit :
> Package: postfix
> Version: 3.9.0-3
> Severity: normal
>
> In Debian, several postfix services run in chroot. This may have been
> good in the past, but this is now strongly discouraged by upstream and
> yields various issues: see
control: tags -1 + patch
Hi,
You forget to upgrade the test dependency to newer imagemagick and imagemagick
library
Bastien
signature.asc
Description: This is a digitally signed message part.
Hi,
This kind of error is likely due because you do not use pkg-conf to get the
config flags.
Please use it
Bastien
control: tags -1 + important
Le mardi 29 octobre 2024, 17:18:03 UTC gregor herrmann a écrit :
> On Tue, 29 Oct 2024 16:08:30 +, Niko Tyni wrote:
>
> > This gives a list of thirteen integers on trixie, but
> > just one undef on sid.
> >
> > Is this an intentional API change in ImageMagick 7 t
control: forwarded -1
http://lists.infradead.org/pipermail/linux-arm-kernel/2024-November/976054.html
signature.asc
Description: This is a digitally signed message part.
Le vendredi 1 novembre 2024, 11:57:17 UTC Aurelien Jarno a écrit :
Hi aurelien,
> control: severity -1 wishlist
>
> Hi,
>
> On 2024-10-31 11:24, Bastien Roucariès wrote:
> > Package: libc6-dev
> > Version: 2.40-3
> > Severity: normal
> > Tags: upstream
&
Hi;
In order to be clear the underlying request is to add 32 bit equivalents of 64
bit caps where the feature is actually accessible from 32 bits and make sense
the second wave of crypto instructions (sha3, sha512) was not added to arm32
Bastien
signature.asc
Description: This is a digitally s
Source: linux
Severity: wishlist
Tags: upstream
affects: src:isa-support
Dear Maintainer,
HWCAP and HWCAP2 (used by getauxval) are not in sync between 32bits and 64bits
arch for the same processor.
for arm64 for instance see https://docs.kernel.org/arch/arm64/elf_hwcaps.html
they are more hardw
Package: libc6-dev
Version: 2.40-3
Severity: normal
Tags: upstream
Dear Maintainer,
Newer hwcap/hwcap2 are not in sync for arm* particularly arm32 (including crc32
flags)
Can you add it.
Thanks
Bastien
signature.asc
Description: This is a digitally signed message part.
Le mercredi 23 octobre 2024, 12:03:21 UTC Emilio Pozuelo Monfort a écrit :
Hi,
> Control: tags -1 confirmed
>
> On 20/10/2024 11:04, Bastien Roucariès wrote:
> > Le jeudi 17 octobre 2024, 20:02:56 UTC Johannes Schauer Marin Rodrigues a
> > écrit :
> >> Hi,
> >
Le mardi 29 octobre 2024, 16:08:30 UTC Niko Tyni a écrit :
> On Tue, Oct 29, 2024 at 07:59:25AM +0000, Bastien Roucariès wrote:
> > Package: libgd-securityimage-perl
> > Version: 1.75-3
> > Severity: serious
> > Justification: Break transition imagemagick 7
> >
&
Package: libgd-securityimage-perl
Version: 1.75-3
Severity: serious
Justification: Break transition imagemagick 7
Dear Maintainer,
Last autopkgtest for imagemagick7 fail with a lot of message on stderr.
I suppose a depends on fonts is missing:
30s Argument " " isn't numeric in division (/) at
/
Le jeudi 17 octobre 2024, 20:02:56 UTC Johannes Schauer Marin Rodrigues a écrit
:
> Hi,
>
> On Tue, 24 Sep 2024 12:58:48 + Bastien =?ISO-8859-1?Q?Roucari=E8s?=
> wrote:
> > Le mardi 20 août 2024, 07:11:13 UTC Emilio Pozuelo Monfort a écrit :
> > > On 28/07/20
Source: mediawiki
Severity: serious
Tags: upstream security
Dear Maintainer,
Dompurify was affected recently by a few security bug
Can you cross check that you patched the problem
https://sources.debian.org/src/mediawiki/1:1.39.10-1/extensions/VisualEditor/lib/ve/lib/dompurify/
Better will be
Source: form-history-control
Version: dompurify
Severity: serious
Tags: security
Justification: security
X-Debbugs-Cc: Debian Security Team
Dear Maintainer,
you include a copy a dompurify that seems to be affected by recent CVE
https://sources.debian.org/src/form-history-control/2.5.1.0-1/commo
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: docker...@packages.debian.org, secur...@debian.org
Control: affects -1 + src:docker.io
User: release.debian@packages.debian.org
Usertags: pu
Control: tags -1 + security
[ Reason ]
CVE-2024-41110
[ Impact ]
Authentifica
Le dimanche 13 octobre 2024, 11:18:12 UTC Moritz Mühlenhoff a écrit :
> On Sat, Oct 12, 2024 at 07:36:46PM +0000, Bastien Roucariès wrote:
> > Package: release.debian.org
> > Severity: normal
> > Tags: bookworm
> > X-Debbugs-Cc: python-report...@packages.debian.org, secu
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: python-report...@packages.debian.org, secur...@debian.org
Control: affects -1 + src:python-reportlab
User: release.debian@packages.debian.org
Usertags: pu
Control: tags -1 + security
[ Reason ]
CVE-2023-33733
[ Impact ]
Source: docker.io
Version: 20.10.24+dfsg1-1
Severity: serious
Tags: security
Justification: security
Dear Maintainer,
security vulnerability has been detected in certain versions of Docker Engine,
which could allow an attacker to bypass authorization plugins (AuthZ) under
specific circumstances.
control: tags -1 + moreinfo
According to a quick research:
The solution was to raise the HTTP request header field size with the following
directive:
LimitRequestFieldSize 65536
Have a look at the official Apache HTTPD documentation of this directive:
The LimitRequestFieldSize directive
Le vendredi 27 septembre 2024, 16:18:45 UTC Julian Gilbey a écrit :
> On Fri, Sep 27, 2024 at 11:55:16AM -0400, Louis-Philippe Véronneau wrote:
> > On 2024-09-25 15:20, Julian Gilbey wrote:
> > > Package: lintian
> > > Version: 2.118.2
> > > Severity: normal
> > >
> > > With the node-async 3.2.6+d
Le mardi 20 août 2024, 07:11:13 UTC Emilio Pozuelo Monfort a écrit :
> On 28/07/2024 20:56, Bastien Roucariès wrote:
> > control: tags -1 - moreinfo
> >
> > Hi,
> >
> > Last reverse deps of lib magick pipeline is not really bad
> > https://salsa.debian.or
control: retitle -1 Regression: Reverse proxy via mod_rewrite broken after
2.4.62
Le mardi 10 septembre 2024, 15:18:48 UTC Salvatore Bonaccorso a écrit :
> Hi,
>
> On Tue, Sep 10, 2024 at 05:07:29PM +0200, Salvatore Bonaccorso wrote:
> > Hi,
> >
> > On Tue, Sep 10, 2024 at 06:59:51AM +, Mar
control: tags -1 + upstream
Le vendredi 30 août 2024, 12:59:12 UTC Christian Marillat a écrit :
> On 30 août 2024 12:45, Bastien Roucariès wrote:
>
>
> [...]
>
> >> >> Yes, as Magick++-7.Q16HDRI isn't the expected name.
> >> >
>
Le vendredi 30 août 2024, 12:43:24 UTC Christian Marillat a écrit :
> On 30 août 2024 12:39, Bastien Roucariès wrote:
>
> > Le vendredi 30 août 2024, 12:33:31 UTC Christian Marillat a écrit :
> >> On 30 août 2024 12:23, Bastien Roucariès wrote:
> >>
> >&g
Le vendredi 30 août 2024, 12:33:31 UTC Christian Marillat a écrit :
> On 30 août 2024 12:23, Bastien Roucariès wrote:
>
> > Le vendredi 30 août 2024, 12:12:43 UTC Christian Marillat a écrit :
> >> On 30 août 2024 09:33, Bastien Roucariès wrote:
> >>
> >> [
Le vendredi 30 août 2024, 12:12:43 UTC Christian Marillat a écrit :
> On 30 août 2024 09:33, Bastien Roucariès wrote:
>
>
> [...]
>
> > pkgconf with the HDRI name coded in it should work
> > pkgconf --libs Magick++-7.Q16HDRI
>
> But as I'm saying befo
Le vendredi 30 août 2024, 09:33:29 UTC Bastien Roucariès a écrit :
> Le vendredi 30 août 2024, 09:26:54 UTC Christian Marillat a écrit :
> > On 30 août 2024 08:23, Bastien Roucariès wrote:
> >
> > > control: tags -1 + moreinfo
> > >
> > > Hi,
> >
Le vendredi 30 août 2024, 09:26:54 UTC Christian Marillat a écrit :
> On 30 août 2024 08:23, Bastien Roucariès wrote:
>
> > control: tags -1 + moreinfo
> >
> > Hi,
> >
> > Magick++.pc is the name of the default config that is shipped by the Q16
> &
control: tags -1 + moreinfo
Hi,
Magick++.pc is the name of the default config that is shipped by the Q16
version.
I would like to avoid conflict with Q16 package so for me it will be won't fix,
except if you could propose a patch for alternative system but I really dislike
for build to use al
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: ca...@packages.debian.org
Control: affects -1 + src:cacti
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
Previous upload fail debci, forget to backport test
[ Impact ]
Low a few line
[ Tests ]
Salsa
Le samedi 24 août 2024, 13:35:03 UTC Paul Gevers a écrit :
> Hi Bastien,
>
> On 24-08-2024 15:18, Bastien Roucariès wrote:
> > Le samedi 24 août 2024, 11:03:38 UTC Paul Gevers a écrit :
> >> I'm wondering if you may have hardened cacti and that if fails on that
> &
Le samedi 24 août 2024, 11:03:38 UTC Paul Gevers a écrit :
> Hi,
>
> On 24-08-2024 10:31, Bastien Roucariès wrote:
> > Could you reject the time of investigation ?
>
> I'm wondering if you may have hardened cacti and that if fails on that
> now. If this is to b
Le samedi 24 août 2024, 06:04:39 UTC Paul Gevers a écrit :
> Hi,
>
> On 22-08-2024 17:38, Bastien Roucariès wrote:
> > [ Tests ]
> > Automated test and manual test of the application by myself and others,
> > including users.
>
> Did you run the autopk
Hi,
Le mercredi 21 août 2024, 12:53:39 UTC Bastien Roucariès a écrit :
> Le mardi 20 août 2024, 07:37:46 UTC Bastien Roucariès a écrit :
> > Le mardi 20 août 2024, 07:11:13 UTC Emilio Pozuelo Monfort a écrit :
> > > On 28/07/2024 20:56, Bastien Roucariès wrote:
> > > &g
Source: ruby-mojo-magick
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6167776
Thanks
Rouca
signature.asc
control: tags -1 + moreinfo
We get information that this upgrade may break some unrelated software
Could you wait a little bit ?
Thanks
Bastien
signature.asc
Description: This is a digitally signed message part.
Le jeudi 22 août 2024, 18:01:02 UTC Adam D. Barratt a écrit :
> Control: tags -1 + moreinfo
>
> On Thu, 2024-08-22 at 15:38 +, Bastien Roucariès wrote:
> > [ Reason ]
> > Security upload. Except CVE-2024-27082 that need
> > coordination with other packages.
>
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: ca...@packages.debian.org
Control: affects -1 + src:cacti
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
Security upload. Except CVE-2024-27082 that need
coordination with other packages.
[ Impact ]
CV
Source: converseen
Severity: important
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6158068
rouca
signature
Source: lebiniou
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6158076
Thanks
Rouca
signature.asc
Descript
Source: pythonmagick
Severity: important
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6164324
signature.asc
Source: jmagick
Severity: important
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6158077
signature.asc
Descr
Source: ruby-rmagick
Severity: important
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6164327
signature.asc
Source: rss-glx
Severity: important
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6164326
signature.asc
Des
Source: vdr-plugin-skinenigmang
Severity: important
Tags: ftbfs
Control: block 1060103 by -1
Control: tag -1 + sid
Dear Maintainer,
You package FTBFS with newer imagemagick
Could you help the transition
Full log could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6164331
si
Source: synfig
Severity: serious
Tags: ftbfs
Justification: ftbfs
Dear Maintainer,
Your package fail to build from source, and seems to be related to ffmpeg
Tested during rebuild for imagemagick could be found here
https://salsa.debian.org/debian/imagemagick/-/jobs/6164328
configure:22159: resu
Source: virtuoso-opensource
Severity: serious
Tags: ftbfs sid
Justification: FTBFS
Dear Maintainer,
Your package FTBFS:
Dksesstr.c: In function 'strdev_free_buf':
Dksesstr.c:152:44: warning: unused parameter 'arg' [-Wunused-parameter]
152 | strdev_free_buf (buffer_elt_t * b, caddr_t arg)
Le jeudi 22 août 2024, 02:43:41 UTC Yadd a écrit :
> On 8/22/24 02:06, Bastien Roucariès wrote:
> > Le mercredi 21 août 2024, 11:07:17 UTC Niels Thykier a écrit :
> >> On Tue, 20 Aug 2024 18:50:20 + Bastien =?ISO-8859-1?Q?Roucari=E8s?=
> >> wrote:
> >>
Le mercredi 21 août 2024, 11:07:17 UTC Niels Thykier a écrit :
> On Tue, 20 Aug 2024 18:50:20 + Bastien =?ISO-8859-1?Q?Roucari=E8s?=
> wrote:
> > Package: devscripts
> > Version: 2.23.7
> > Severity: minor
> >
> > Dear Maintainer,
> >
> > I do not find the syntax of the regex used by Files
Le mardi 20 août 2024, 07:37:46 UTC Bastien Roucariès a écrit :
> Le mardi 20 août 2024, 07:11:13 UTC Emilio Pozuelo Monfort a écrit :
> > On 28/07/2024 20:56, Bastien Roucariès wrote:
> > > control: tags -1 - moreinfo
> > >
> > > Hi,
> > >
> >
Package: apache2
Severity: important
Forwarded: https://github.com/apache/httpd/pull/475
Control: tags -1 + bullseye
Control: tags -1 + bookworm
Control: tags -1 + upstream
Control: tags -1 + security
Dear Maintainer,
A tracking bug for a regression https://github.com/apache/httpd/pull/475
Rouca
Package: apache2
Version: 2.4.61-1~deb12u1
Severity: important
Forwarded: https://bz.apache.org/bugzilla/show_bug.cgi?id=69197
Control: tags -1 + bullseye
Control: tags -1 + bookworm
Control: tags -1 + upstream
Control: Found -1 2.4.61-1~deb11u1
Dear Maintainer,
A tracking bug for a regression
>
Package: apache2
Version: 2.4.61-1~deb12u1
Severity: important
Forwarded: https://bz.apache.org/bugzilla/show_bug.cgi?id=69203
Control: tags -1 + bullseye
Control: tags -1 + bookworm
Control: tags -1 + upstream
Dear Maintainer,
A tracking bug for a regression
> After the update "http://domain.c
Package: devscripts
Version: 2.23.7
Severity: minor
Dear Maintainer,
I do not find the syntax of the regex used by Files-Excluded.
I suppose it is POSIX RE.
It should be documented if it is the case
If it is not PCRE could be possible to add a Files-Excluded-PCRE field ? It
will greatly help
Package: devscripts
Version: 2.23.7
Severity: minor
Tags: patch
Dear Maintainer,
I found a new efficient way to get the tarballs when they are more than 100
tags like in js package:
version=4
opts=\
filenamemangle=s%.*/@ANY_VERSION@%@PACKAGE@-$1.tar.gz%,\
downloadurlmangle=s%(api.github.com/repo
Le mardi 20 août 2024, 07:11:13 UTC Emilio Pozuelo Monfort a écrit :
> On 28/07/2024 20:56, Bastien Roucariès wrote:
> > control: tags -1 - moreinfo
> >
> > Hi,
> >
> > Last reverse deps of lib magick pipeline is not really bad
> > https://salsa.debian.or
Le lundi 19 août 2024, 08:00:10 UTC Fabio Fantoni a écrit :
Hi
> Il 27/09/2023 12:04, Bastien Roucariès ha scritto:
> > control: owner -1 !
> > Control: retitle -1 ITP: grub-btrfs -- provides grub entries for btrfs
> > snapshots (boot environments/restore points)
> &
Source: civicrm
Severity: serious
Tags: security
Justification: security problem
X-Debbugs-Cc: Debian Security Team
Dear Maintainer,
You include a sinon in installed package and bundle without source (thus
serious bug).
This a duplication of package but moreover a security problem (even if mino
Le samedi 17 août 2024, 16:38:10 UTC Adam D. Barratt a écrit :
> Control: tags -1 + confirmed
>
> On Mon, 2024-07-29 at 15:32 +, Bastien Roucariès wrote:
> > Security fix CVE-2024-31497
Done
>
> Please go ahead.
>
> Regards,
>
> Adam
>
signature.
Package: wnpp
Severity: wishlist
Owner: Bastien Roucariès
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: node-webpack-stream
Version : 7.0.0
Upstream Contact: https://github.com/shama
* URL : https://github.com/shama/webpack-stream
* License
Le mercredi 14 août 2024, 19:54:15 UTC Bastien Roucariès a écrit :
Dear adam
Debdiff joined
> Le mercredi 14 août 2024, 19:53:13 UTC Adam D. Barratt a écrit :
> > COntrol: tags -1 + moreinfo
> >
> > On Mon, 2024-08-05 at 17:56 +0000, Bastien Roucariès wrote:
control: tags -1 + pending
Le mercredi 14 août 2024, 19:49:55 UTC Adam D. Barratt a écrit :
> Control: tags -1 + confirmed
>
> On Mon, 2024-08-05 at 13:16 +, Bastien Roucariès wrote:
> > [ Reason ]
> > CVE-2022-39369
> >
> > [ Impact ]
> > Service Hostn
Le mercredi 14 août 2024, 19:53:13 UTC Adam D. Barratt a écrit :
> COntrol: tags -1 + moreinfo
>
> On Mon, 2024-08-05 at 17:56 +, Bastien Roucariès wrote:
> > CVE-2022-39369
> >
> > [ Impact ]
> > Service Hostname Discovery Exploitation
>
> diff -
Le mercredi 14 août 2024, 14:47:30 UTC Helmut Grohne a écrit :
> Source: lintian
> Version: 2.118.0
> Severity: serious
> Tags: ftbfs
>
> I attempted building lintian in unstable and this is what I got.
>
> |
> debian/test-out/eval/checks/debian/lintian-overrides/malformed/missing-colon/generic.
Le mercredi 14 août 2024, 13:42:29 UTC Santiago Ruano Rincón a écrit :
> El 12/08/24 a las 00:15, Bastien Roucariès escribió:
> > Le lundi 12 août 2024, 00:04:15 UTC Henrique de Moraes Holschuh a écrit :
> > > > salsa. Some user used +deb12u1~1
> > > > but it is n
Le mardi 13 août 2024, 11:54:26 UTC Herwin Weststrate a écrit :
> I've found one possibly breaking change between the current 3.2.1 and
> the proposed 3.2.5: the encoding of binary attributes in JSON. This
> might be a fringe issue.
>
> I have used this configuration:
>
> update request {
>
Le mardi 13 août 2024, 03:03:31 UTC Sean Whitton a écrit :
> Hello,
>
> Policy has a fair bit of this already but it's spread out.
> E.g. take a look at 5.6.12.2.
>
> Rather than duplicating, it might be helpful to have a discussion in
> dev-ref that is kind of an index to all these relevant bits
control: tags -1 + moreinfo
Hi,
The project is included in apache2
moreover top of website said:
The project is in maintenance mode (only bugfixes and updates for new languages
apis). Do not expect quick answers on github issues and/or pull requests (sorry
for that) A big thanks to all of the
Le lundi 12 août 2024, 00:04:15 UTC Henrique de Moraes Holschuh a écrit :
> > salsa. Some user used +deb12u1~1
> > but it is not safe against +deb12u1~debu11u1 upgrade for instance. So a
> > suffix
> > like ~pre should be used, and should be documented
>
> Maybe we could set aside "~~~" for such
Package: developers-reference
version: 13.8
Severity: important
Dear Maintainer,
could we have a definitive documentation of debian versionning including corner
case
- the +really scheme should be documented with better discussion than policy
- the +~ multiple tarball, and uscan checksum should b
Le vendredi 9 août 2024, 09:29:44 UTC Bernhard Schmidt a écrit :
>
> >> Another story is bullseye, that one is affected as well but a backport
> >> there is even harder. For now I have marked it as well no-dsa in the
> >> security-tracker, but maybe it should be with mentioning
> >> that backport
Hi,
I have fixed the autopkgtest on bullseye.
I have added a basic test for client with and whitout mitigation. It work.
Real testing is needed and a NEWS file for explaining that it is only a bandaid
and TLS is better.
I plan to backport trixie version to bookworm, and propose a MR if you agr
Package: bugs.debian.org
Severity: wishlist
Dear Maintainer,
Can we have a salsa field like forwarded to mark bugs that have for example a
MR implemented.
Ideally a automatic tools will mark the bug as pending when the MR is merged
Bastein
control: tags -1 + patch
Please found merge request here
https://salsa.debian.org/debian/freeradius/-/merge_requests/12
signature.asc
Description: This is a digitally signed message part.
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: ocsinventory-ser...@packages.debian.org
Control: affects -1 + src:ocsinventory-server
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
CVE-2022-39369
[ Impact ]
Service Hostname Discovery Exploitation
T
Package: systemd
Version: 247.3-7+deb11u5
Severity: important
Tags: patch upstream jessie stretch buster bullseye
Forwarded: https://github.com/systemd/systemd/commit/b2c7d1bbc2
Dear Maintainer,
Without this commit autopkgtest on salsa are broken.
See for instance
https://salsa.debian.org/apache
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: fusiondirect...@packages.debian.org
Control: affects -1 + src:fusiondirectory
User: release.debian@packages.debian.org
Usertags: pu
Control: block -1 by 1077984
[ Reason ]
CVE-2022-39369
[ Impact ]
Service Hostname Disc
The debdiffdiff -Nru php-cas-1.3.8/debian/changelog php-cas-1.3.8/debian/changelog
--- php-cas-1.3.8/debian/changelog 2019-12-07 20:07:56.0 +
+++ php-cas-1.3.8/debian/changelog 2024-07-11 10:16:11.0 +
@@ -1,3 +1,22 @@
+php-cas (1.3.8-1+deb11u1) bullseye-security; urgency=hig
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: php-...@packages.debian.org
Control: affects -1 + src:php-cas
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
CVE-2022-39369
[ Impact ]
Service Hostname Discovery Exploitation
The phpCAS library uses H
Hi
Can this bug could be due to libuv
According to
https://lists.archlinux.org/pipermail/arch-ports/2018-November/000839.html
thread
Did you try to recompile without --shared-libuv ?
Bastien
signature.asc
Description: This is a digitally signed message part.
Package: wnpp
Severity: wishlist
Owner: Bastien Roucariès
X-Debbugs-Cc: debian-de...@lists.debian.org
Package name: node-path-scurry
Version : 1.9.2
Upstream Contact: ttps://github.com/isaacs/path-scurry#readme
URL : https://www.example.org/
License : BlueOak
Package: pkg-js-tools
Version: 0.15.22
Severity: important
Dear Maintainer,
Could you run an hook like pre-test in tests that will run something like for
instance regenerating certicate.
It will avoid a lot a failure and manual work
I can work arround using d/rules for build but not for test
B
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: pu...@packages.debian.org
Control: affects -1 + src:putty
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
Security fix CVE-2024-31497
[ Impact ]
Vulnerable biased nonce generation is still here.
[ Test
e
> > Version: 2.117.1
> > Distribution: unstable
> > Urgency: medium
> > Maintainer: Debian Lintian Maintainers
> > Changed-By: Bastien Roucariès
> > Closes: 1077112
> > Changes:
> > lintian (2.117.1) unstable; urgency=medium
> >
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: pu...@packages.debian.org
Control: affects -1 + src:putty
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
Security fix CVE-2024-31497
[ Impact ]
Vulnerable biased nonce generation is still here.
[ Test
control: tags -1 - moreinfo
Hi,
Last reverse deps of lib magick pipeline is not really bad
https://salsa.debian.org/debian/imagemagick/-/pipelines/708187
A lot of failure are due to broken package or does not use pkgconfig
I suppose we could go to experimental
Bastien
signature.asc
Descriptio
Source: ocsinventory
Version: 2.8.1+dfsg1-1
Severity: important
Tags: patch bullseye
Dear Maintainer,
php-cas support was broken for bullseye
It need
(1)
https://github.com/OCSInventory-NG/OCSInventory-
ocsreports/commit/f8a667f9f19b285799ec6a25a28240165b039dfb
(2)
https://github.com/OCSInventor
control: forcemerge 1076158 -1
signature.asc
Description: This is a digitally signed message part.
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: imagemag...@packages.debian.org
Control: affects -1 + src:imagemagick
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
* CVE-2023-34151 fix was incomplete (Closes: #1070340)
* Fix variation of CVE-20
1 - 100 of 669 matches
Mail list logo
