actually a bug in package 'libvorbisfile3',
but I'm reporting it against nexuiz as nexuiz triggered this, I am not
100% sure, and would like you to be aware, too. Please feel free to
reassign if appropriate.
It could also be related to the running rarewares.org kernel. Sorry if
that
re trying to send authentication
continuation to it, we crashed.
Patches are available at
http://dovecot.org/patches/1.0-auth-crashfix.diff
http://dovecot.org/patches/1.0-login-crashfixes.diff
Stable isn't affected, the vulnerabilities have been introduced in 1.0*
Cheers,
Moritz
,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
--
To UNSUBSCRIBE
Hi,
what's the status of your "Dark Places" ITP, are you still working on
packages?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
res need
to be worked out before. Expect an upload next week.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
html for details.
> A fixed version (1.6.1) is available at http://www.rudedog.org/auth_ldap/.
A DSA for Woody and Sarge is in preparation, Etch and sid do no longer contain
auth_ldap packages.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "un
173227, #305070)
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686
Locale: LANG=C, [EMAIL PROTECTED] (char
pto or loop-aes.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686
Locale: LANG=C, [EMAIL PROTECTED] (char
if (!c) return NIL; /* unterminated string */
/* quote next character */
if (c == '\\') c = *t++;
+ if (!c) return NIL; /* can't quote NUL either */
arg[i++] = c;
}
c = *t++; /* rem
ian.org/wsvn/kernel/patch-tracking/?rev=0&sc=0
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Recai Okta? wrote:
> Let me know whether it is fine and I'll make the upload to stable-security
> (right?).
Did you upload? I don't see any builds trickling in. If not, I'll do it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of &
This is already included in the 2.6.8-16sarge2 update, which will probably
appear over the course of this week.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
check.
Cheers,
Moritz
[Software affected] hcidump
[Version] 1.29 (may be other)
[Impact] Denial of Service (may be more)
[Credits] Pierre Betouin - [EMAIL PROTECTED] - Bug found with BSS v0.6 GPL
fuzzer (Bluetooh Stack Smasher)
BSS could be downloaded on
http://www.secuobs.co
Subject: gtk-gnutella: "active downloads" pane empty after some time
Package: gtk-gnutella
Version: 0.96b-1
Severity: normal
When the active downloads are shown in the main window pane after a while (1
to 30 minutes, I guess) that window pane becomes blank. Sometimes the
formerly
selected line is
Package: wnpp
Severity: wishlist
Owner: Moritz Muehlenhoff <[EMAIL PROTECTED]>
* Package name: wormux
Version : 0.7
Upstream Authors: Jean-Christophe DUBERGA, Laurent DEFERT SIMONNEAU, Lawrence
AZZOUG
Matthieu FERTRÉ, Renaud LOTTIAUX, Victor STINNER
4257/100/0/threaded
for details.
This has been assigned CVE-2006-0635, please mention it in the changelog when
fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell
ns a buffer during
|strip alpha operation in png_do_strip_filler().
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
simulated by
| Honeyd.
There's no CVE yet. Stable is affected according to upstream.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel:
is not very useful.
Which help do you mean? The man page?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
s file is in your
> source package.
Fixed in CVS.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
8
for more information and a demo image.
Upstream's fix can be found at
http://mplayerhq.hu/pipermail/ffmpeg-cvslog/2005-December/000979.html
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Arch
e see
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558
for more information and a demo image.
Upstream's fix can be found at
http://mplayerhq.hu/pipermail/ffmpeg-cvslog/2005-December/000979.html
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstab
tags 342276 security
thanks
Hi,
gpdf is in fact vulnerable to the latest xpdf issues from iDefense.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-2005-3191:
http://www.idefense.com/application/poi/display?id=342
http://www.idefense.com/application/poi/display?id=343
CVE-2005-3192:
http://www.idefense.com/application/poi/display?id=344
pdftohtml is not vulnerable to CVE-2005-3193.
Cheers,
Moritz
-- System Information:
Debian
tag 342287 security
thanks
Hi,
I can confirm that kpdf is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
d=344
Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability
http://www.idefense.com/application/poi/display?id=345
Please reference CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193 when fixing
this.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT pr
tags 342288 security
thanks
Hi,
I can confirm that poppler is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
http://www.idefense.com/application/poi/display?id=343
CVE-2005-3192:
http://www.idefense.com/application/poi/display?id=344
pdftohtml is not vulnerable to CVE-2005-3193.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500
Hi,
the patch provided by the xpdf author actually fixed CVE-2005-3191 and
CVE-2005-3192 as well. You might want to amend the changelog in a later
upload to avoid confusion.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Troubl
.
Please see http://www.hardened-php.net/advisory_242005.109.html for
more information; it's fixed in 7.15.1
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh
ontrib
deb http://security.debian.org/debian-security sarge/updates main non-free
contrib
However, the packages are present on the ftp.de.debian.org host in the
appropriate directory. I just can't apt-get install them. I can download
it manually, and installing it with dpkg -i works fi
tags 342276 -security
thanks
I made a typo and tagged the wrong bug.
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: file-roller
Version: 2.10.4-2
Severity: important
File-roller seems to incorrectly set passwords on .zip files.
While I can set a password using file-roller and create a password protected
archive just fine, and can also extract files from this archive fine using
file-roller (after res
Hi,
this has been assigned CVE-2005-4048, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
n assigned CVE-2005-4080, please mention it in the changelog
when fixing this.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux
&type=vulnerabilities
for details. This has been assigned CVE-2005-3651.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14
Package: horde3
Severity: important
Tags: security
Several security problems have been fixed in Horde. Please see
http://lists.horde.org/archives/announce/2005/000238.html for
details. It's fixed upstream in 3.0.8.
Cheers,
Moritz
-- System Information:
Debian Release: testing/uns
Package: kronolith
Severity: important
Tags: security
Several cross-site-scripting vulnerabilities have been found in
Kronolith. Please see
http://lists.horde.org/archives/announce/2005/000234.html for
details. It's been fixed upstream in 2.0.5
Cheers,
Moritz
-- System Inform
Package: mnemo2
Severity: important
Tags: security
Several XSS vulnerabilities have been found in Mnemo. Please see
http://lists.horde.org/archives/announce/2005/000237.html for
details. It's been fixed upstream in 2.0.2.
Cheers,
Moritz
-- System Information:
Debian Release: te
Package: nag2
Severity: important
Tags: security
Multiple XSS vulnerabilities have been found in nag. Please see
http://lists.horde.org/archives/announce/2005/000236.html for
details. It's been fixed upstream in 2.0.3.
Cheers,
Moritz
-- System Information:
Debian Release: te
Package: turba2
Severity: important
Tags: security
Multiple XSS vulnerabilities have been found in Turba. Please see
http://lists.horde.org/archives/announce/2005/000235.html for details.
It's been fixed upstream in 2.0.4.
Cheers,
Moritz
-- System Information:
Debian Release: te
.
It's been fixed upstream in 1.6.8p12.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EM
Hi,
this has been assigned CVE-2005-4190, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4189, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4192, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4191, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
fixing this.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15
onfigured phpMyAdmin.
|
| Marc Delisle, for the team
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
details and upstream's patch.
This affects oldstable and stable as well.
This is CVE-2005-4268, please mention it in the changelog when fixing
this.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'
VE-2004-2541, please mention it in the changelog when
fixing this.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
might be affected
as well: http://www.frsirt.com/english/advisories/2005/2385
As some Real Player vulnerabilities in the past affected Helix as well
this could be correct, can you confirm it?
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
Noah Meyerhans wrote:
> > According to http://service.real.com/help/faq/security/051110_player/EN/
> > helix-player is not vulnerable to the "malicious skin" problems, but
> > only to the stack overrun via malicious RealMedia file". This bug is
> > allegedly fixed in 1.0.6.
> >
> > I can examine
Package: otrs
Severity: grave
Tags: security
Justification: user security hole
OTRS is vulnerable to several SQL injection and Cross-Site-Scripting
vulnerabilities. Please see here for more information:
http://otrs.org/advisory/OSA-2005-01-en/
http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt
user from the "fuse" group (or whatever group
has been chosen) to manipulate mount options.
A patch from Miklos Szeredi can be found at
http://bugs.gentoo.org/attachment.cgi?id=73173
This has been assigned CVE-2005-3531, please mention it in the changelog
when fixing it.
Cheers,
.
Please see http://www.frsirt.com/english/advisories/2005/2515 for details.
It's fixed upstream in 5.1.6. This has been assigned CVE-2005-3747, please
mention it in the changelog when fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT pr
.
It's been fixed upstream in 1.2.8.
This has been assigned CVE-2005-3745, please mention it in the changelog
when fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i68
eers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
--
To UNSUBSC
the mentioned library is used in two other Debian source packages
(motor and orpheus) as well, you should check whether it's feasible
to package it as a separate package and link dynamically.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers uns
/
for details.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=I
as been assigned CVE-2005-3883 and it's fixed upstream in 5.1.0.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.1
Hi,
this has been assigned CVE-2005-3862, please mention it in the changelog
when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
VE-2005-3863 by MITRE, please mention
it in the changelog.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
tails and a patch.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (char
eam recommends users upgrade their nuauth installations.
This has been assigned CVE-2005-3950, please mention it in the changelog
when fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Archi
Hi,
This has been assigned CVE-2005-3691 for the file overwrite issue
and CVE-2005-3949 for the SQL injection vulnerabilities.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-3912, please mention it in the
changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Dear security team,
so far there hasn't been a security update for the latest evolution
vulnerabilities. (CVE-2005-2549/CVE-2005-2550)
I've attached patches for Woody and Sarge. The Sarge fixes are straightforward,
but some comments on Woody, relative to the patch hunks from the Sarge fix:
- accum_
Hey,
this is not really a bug, it's a missing feature. -y is implemented by
craeting silence, not just by chaning the timecodes. Therefore mkvmerge
has to know how to create silence for that particular audio type. For
FLAC it doesn't.
You could use the --delay feature which really only modifies t
://vd.lwang.org/webcalendar_multiple_vulns.txt
for details.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG
ntion it in
the changelog when fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C
tagram
was too much in flux to make an upload worthwhile to users. Now, that
the savegame format has been fixed since November this has changed,
but I'm currently busy with other things. If you want, you can take
over the ITP, otherwise I'll package it in February or March.
Cheers,
le to local, trusted users), then I could simply mark it
in the white list and it wouldn't clutter my report.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/s
d/repository/Release
making 'apt-cache' and 'apt-get source' unusable by non-root users. I
guess that my problem is related to this problem.
apt is 0.6.43
Regards,
Moritz
--
LINET Services GbR
Gotenweg 15 Tel.: 0531-280 191 71
38106 Braunschweig
could be added to the openssh-server dependencies once it is
generally considered both reliable and using a good reporting approach.
I thus recommend to reassign this a bug against wnpp twice, once with
title 'tattle', once with title 'never seen before' (if still of interest
Package: sqlite
Version: 2.8.16-1
Severity: important
I cannot create new tables with sqlite. Whenever I try to create both
a new database and a new table inside I always get the following
assertion:
0 [EMAIL PROTECTED]:/tmp$ sqlite test.sqlite
SQLite version 2.8.16
Enter ".help" for instructio
Hey,
sorry, but I've ben a bit noob-ish. The SQL syntax is wrong. Creating a
table with a proper command like 'create table whatever (dummy
integer);' works nicely. However, the colon should not cause an
assertion but a proper error message.
You can close the bug report if yo
affects testing and sid.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=I
lem faded away slowly, there was a constant
decrease in crashes/time. Unfortunately I am unable to say what exactly
caused the problem to no longer occur on my setup.
In case you have any further questions related to this, please do not
hesitate to ask.
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PRO
nstable; urgency=low
* 002_static_libs.diff:
+ New patch that adds libaaâ<80><99>s required static libraries to
sdl-configâ<80><99>s
--static-libs output (Closes: #273018, #246477).
Speaking of SDL; it seems like the regular maintainer is MIA and the current
co
) and it's already missing in stable and testing.
Plus, alternatives exist in the archive (lxdoom and prboom).
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /b
ure (better logging
in case of an attack), but doesn't seem to fix a direct security problem
and could potentially break scripts that monitor the log file and expect
the current logfile file format.
The rest of the patch looks fine.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
"Prohibit '..' in URLs" [CVE-2006-0347]
> + Backport r1635 and r1642 from upstream's Subversion repository:
> "Fixed potential buffer overflows" [CVE-2005-4439]
>
> Let me know whether it is fine and I'll make the upload to stable-security
> (right?).
Thanks, it looks good, please upload.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: wnpp
Severity: wishlist
Owner: Moritz Muehlenhoff <[EMAIL PROTECTED]>
* Package name: glest
Version : 2.0pre
Upstream Author : Glest Team
* URL : http://www.glest.org
* License : GPL for the code, permissive free license for the game data
Descr
please verify/
confirm?
This is CVE-2006-0405, please mention it in the changelog when fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/b
#1406959)
Does this affect stable?
This has been assigned CVE-2006-0402, please mention it in the changelog when
fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell
Peter Palfrader schrieb:
> Please install the tor-dbg to your tor binary package as well and send
> us a backtrace.
see below.
> Is there anything interesting in the log?
Nothing at all.
> What was the previous version
> which worked fine for you?
Hmm, I wouldn't know how to determine the vers
Hi,
what is the current status of pydev for Debian, now that Eclipse 3
is in main?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
rm.source_3.1.1/feature.xml
(No such file or directory)
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc1
Locale: LANG=C, [
Stephan Michels wrote:
> On 10/30/05, Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:
> > Package: eclipse-platform
> > Version: 3.1.1-3
> > Severity: normal
> >
> > I can't install new extensions (features), I always get the error message
> > &
sing in 0.19.3 or the fix
is very non-obvious. But it should be checked back with upstream.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Thijs Kinkhorst wrote:
> On Mon, October 31, 2005 16:07, Moritz Muehlenhoff wrote:
> > The included patches look fine and correlate to what I extracted from the
> > interdiff. But where's the fix for CVE-2005-3337 aka mantis bug 5959?
> >
> > The mantis bug is
, though. (The maintainers don't even seem to
know patches, see http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=336756
for a bizarre message, with lots of instruction like
FIND line 75:
code foo
AFTER, ADD
code bar
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
for more information.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-686
Locale: LANG=C, [EMAIL PROTECTED] (char
Hi,
this has been assigned CVE-2005-3393, please mention so in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
o be a CVE assignment yet)
* Fixed an issue with calling [19]virtual() on Apache 2. This
allowed bypassing of certain configuration directives like
safe_mode or open_basedir. (CVE-2005-3392)
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubs
Hi,
this issue is CVE-2005-1109 and was addressed by DSA-713 from 2005-04-13.
Do you have reason to believe that the fix used there was incomplete?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
the DSA text is indeed incorrect, this is unfixed in sid.
Attached is the patch from the DSA.
Cheers,
Moritz
diff -u graphviz-2.2.1/debian/changelog graphviz-2.2.1/debian/changelog
--- graphviz-2.2.1/debian/changelog
+++ graphviz-2.2.1/debian/changelog
@@ -1,3 +1,11 @@
+graphviz
through a NULL pointer, causing
a segfault. Affects all OpenVPN 2.0 versions.
CVE-2005-3409
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/b
t for more
details.
Cheers,
Moritz
-- System Information:
Debian Release: 3.1
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.29-vs1.2.10
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
--
T
achable: 994000 bytes in 19105 blocks.
==10948== suppressed: 0 bytes in 0 blocks.
[..]
There is additional output about uninitialized values above the error report.
Let me know if you need that, too.
Hth,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers te
1 - 100 of 804 matches
Mail list logo
