Hi,
> Otherwise, please let me know, I'll build a package for you.
There you go if you need it :
https://sml.zincube.net/~niol/tmp/davmail_4.8.3.2554-1+fix891916+1_all.deb
changes :
https://sml.zincube.net/~niol/tmp/davmail_4.8.3.2554-1+fix891916+1_amd64.changes
Alex
tag 911514 pending
thanks
> during a test with piuparts I noticed your package failed to install. As
> per definition of the release team this makes the package too buggy for
> a release, thus the severity.
I've prepared updates for the davmail backport and its libhtmlcleaner
dependency :
https:/
found 96 4.7.1-1
thanks
Hi,
Thanks for bringing this to my attention.
> I'm slightly confused about the available information about the
> affected version. From the code it looks to me that 4.7.1 as in stable
> would be affected as well, but upstream is claiming 4.7.8 is affected
> to 4.8.0.
Hi,
Here is an updated debdiff per the security team advice adding also
changes from the original request.
Adding fix for:
CVE-2021-29625
Thanks,
Alex
adminer_4.7.1-1+deb10u1.debian.tar.xz
Description: application/xz
o not print response if HTTP code is
+ not 200
+- CVE-2021-29625: XSS in doc_link
+
+ -- Alexandre Rossi Wed, 26 May 2021 09:06:37
+0200
+
adminer (4.7.1-1) unstable; urgency=medium
* New upstream release.
diff -Nru adminer-4.7.1/debian/conf.php adminer-4.7.1/debian/conf.php
--- ad
)
+
+ -- Alexandre Rossi Wed, 26 May 2021 09:13:52
+0200
+
adminer (4.7.9-1) unstable; urgency=medium
* New upstream version 4.7.9
diff -Nru adminer-4.7.9/debian/patches/CVE-2021-29625.patch
adminer-4.7.9/debian/patches/CVE-2021-29625.patch
--- adminer-4.7.9/debian/patches/CVE-2021-29625
Hi,
> My current policy was to Suggest: deps required by the ui components.
> This enables server users to skip those. I think I'll add default-jre
> as a Suggest: for the mean time
Moving on with the above solution.
Thanks, and sorry for the misinterpretation of bug severity values.
Alex
ru davmail-5.5.1.3299/debian/changelog
davmail-5.5.1.3299/debian/changelog
--- davmail-5.5.1.3299/debian/changelog 2020-10-13 11:09:08.0 +0200
+++ davmail-5.5.1.3299/debian/changelog 2021-07-07 14:39:48.0 +0200
@@ -1,3 +1,14 @@
+davmail (5.5.1.3299-5) unstable; urgency=medium
+
+ [ Alexa
Hi,
Here is an updated debdiff per the security team advice adding also
changes from the original request.
Adding fixes for:
Fix open redirect if Adminer is accessible at //adminer.php%2F@
https://github.com/vrana/adminer/commit/6a2de873e194cf4bf3f2edb489ba98580a17a632
Fix XSS if Adminer is acc
Hi,
Reversing the following patch fixes the problem in bullseye.
https://salsa.debian.org/debian/pkg-collectd/-/commit/8846b4564bfca329542c8a2567e46e1b28448094
Thanks,
Alex
Package: postgresql-common
Version: 225
Severity: normal
Tags: patch
Dear Maintainers,
While upgrading to bullseye, probably because I was not paying enough
attention but maybe also in relation with #943788 (README.Debian:
pg_upgradecluster, again suggests to drop active cluster), I was bitten
ha
Hi,
> I am orphaning this package so that it can be more actively maintained.
> Full Git maintenance history is available - see its Vcs-Git entry.
I'd be happy to take over. I'm a DM so I can upload by myself when
someone feels it'll be appropriate.
I'd start with an upload with the patch I prop
Hi,
> > I'd be happy to take over. I'm a DM so I can upload by myself when
> > someone feels it'll be appropriate.
> >
> > I'd start with an upload with the patch I proposed for #906542.
>
> Thanks; please go ahead in preparing your package.
Available for review at mentors:
https://mentors.debi
d
> > make[1]: Entering directory '/<>'
> > uwsgi --build-plugin /usr/src/uwsgi/plugins/php
> > make[1]: *** [debian/rules:29: override_dh_auto_build] Error 1
The following patch fixes the problem.
Thanks,
Alex
commit f3fc84b5e9c73d3cda24306df62cb334cb5d33f7 (H
Hi,
For the record, this is in
debian/patches/transmission-daemon_execstop_service.patch
upstream thinks it is not a good idea.
https://github.com/transmission/transmission/issues/138
Thanks,
Alex
Package: uwsgi-plugin-php
Version: 2.0.18+20200523+1+0.0.8
Severity: normal
Hi,
CI fails in bullseye. The relevant part of the log[1] is:
!!! uWSGI process 13224 got Segmentation Fault !!!
*** backtrace of 13224 ***
uwsgi(uwsgi_backtrace+0x2a) [0x55f6838d06aa]
uwsgi(uwsgi_segfaul
The problem seems to be that the PHP plugin is compiled against PHP7.4
and is linked with libphp.so which points to 7.3 in bullseye and 7.4 in sid.
$ ldd /usr/lib/uwsgi/plugins/php_plugin.so | grep php
libphp7.so => /usr/lib/libphp7.so (0x7f4b8ca48000)
$ ls -l /usr/lib/libphp7.so
lrwxrwxrwx 1
> > The problem seems to be that the PHP plugin is compiled against PHP7.4
> > and is linked with libphp.so which points to 7.3 in bullseye and 7.4 in sid.
> >
> > $ ldd /usr/lib/uwsgi/plugins/php_plugin.so | grep php
> > libphp7.so => /usr/lib/libphp7.so (0x7f4b8ca48000)
> > $ ls -l /usr/lib/
> > I do not have much experience with shared object libraries, but as
> > libphp7.3.so and libphp7.4.so declare the same soname libphp7.so, I could
> > not find a way for uwsgi-plugin-php to explicitely reference libphp7.4.so :
> > passing -lphp7.4 to the linker still goes back to linking to libph
Package: libwoodstox-java
Version: 1:5.1.0-2
Severity: wishlist
Dear Maintainer,
woodstox-core 6.1.1 is available.
upstream of davmail is carrying out a patch and would like at least 5.2
available in Debian in order to drop an internal workaround[1] available
upstream in 5.2.
5.2.1 and 5.3 buil
Package: libonig-dev
Version: 6.9.5-1
Followup-For: Bug #958467
Hi,
Same here, every package using libevhtp should FTBFS.
It appears upstream changed[1] the default...
[1]
https://jff.email/cgit/libonig.git/diff/CMakeLists.txt?id=6b986090d954dbac91bbb3c43ce7c3328c91a780
Thanks,
Alex
-- Syst
Package: libevhtp-dev
Version: 1.2.18-1
Severity: important
Dear Maintainer,
My build fails with:
/bin/bash ../libtool --tag=CC --mode=link gcc
-DPKGDATADIR=\"/usr/share/seafile\" -DPACKAGE_DATA_DIR=\""/usr/share/seafile"\"
-DSEAFILE_SERVER -DFULL_FEATURE -I../include -I../lib -I../lib
Hi,
> Because this is in a way blocking the removal of the unmaintained
> webkitgtk from Debian Testing, I am bumping the severity.
>
> See https://bugs.debian.org/880470
FYI, I would be happy to move on with this but I'm stuck with the
program segfaulting when used with the proposed patch. It wo
>> FYI, I would be happy to move on with this but I'm stuck with the
>> program segfaulting when used with the proposed patch. It works
>> correctly if launched like this :
>> SWT_GTK3=0 davmail
>>
>> I'm still investigating as to why.
>>
>> Alex
>>
>>
>> (SWT:24928): GLib-GObject-WARNING
Hi,
> davmail fails to work correctly with latest java-9-openjdk in Debian
> unstable.
>
> Fetching and sending messages fails with an exception trace:
>
> Exception in thread "ImapConnection-51322" java.lang.NoClassDefFoundError:
> javax/activation/DataHandler
> at
> davmail.exchange.Ex
> It's working again with libmail-java/1.6.1-2.
OK great, no overlinking required in java.
Thanks a lot Emmanuel and thanks Midix for your detailed report and
quick follow-up.
Cheers,
Alex
Salut,
> I'm having some trouble getting mutt and evolution to retrieve mail via
> davmail.
[...]
> 2018-04-03 11:26:02,255 DEBUG [ImapConnection-38454] davmail - < a0004 FETCH
> 1:605 (UID FLAGS INTERNALDATE RFC822.SIZE BODY.PEEK[HEADER.FIELDS (DATE FROM
> SUBJECT TO CC MESSAGE-ID REFERENCES C
Hi,
> In a bit of historical context, this "fork" was done between August and
> December 2016 because we needed them to drop their OpenSSL dependency because
> of the widely known license issues it causes.
> There was discussion in https://github.com/haiwen/ccnet/issues/7 and
> https://github.com/
Hi,
I've done some proof of concept packaging which seems to be working.
Long story short :
* the good :
- some rather simple steps[0] give you a working install
- my work is available [1][2] , comments and feedback welcome!
* the bad :
- ccnet-server also builds libccnet with an add
Package: licensecheck
Version: 3.0.31-2
Severity: normal
Dear Maintainer,
licensecheck misses a license in the HTML file of a package I maintain. The
package is libhtmlcleaner and the HTML file can be seen online[0].
$ licensecheck src/test/resources/test23.html
src/test/resources/test23.html: *
lightdm-autologin-greeter provides the functionality, thus closing.
Hi,
> This package fails to build with default-jdk pointing to openjdk-9-jdk.
The new upstream version 4.8.2 seems to build well. Can you confirm this?
Alex
> When shutting down davmail, and restarting it, we often get
> Microsoft.Exchange.Data.Storage.TooManyObjectsOpenedExceptions when the
> client (Thunderbird) reconnects.
>
> This even happens when exiting Thunderbird before killing davmail.
>
> ==> Apparently davmail doesn't close its sessions wit
Hi,
> when I install the package, the file apache.conf is not in place in
> /etc/adminer/.
Why would you expect that? I could not find any documentation pointing
to this location.
A basic apache configuration for adminer is available at the following location.
/etc/apache2/conf-available/adminer.
Hi,
> Adminer 4.7.1-1 on the debian buster stable install
adminer 4.7.1 does not have apache integration, you should make apache
configuration yourself.
apache integration was re-introduced in 4.7.3-1 . The binary package
should install just fine in buster.
What is your bug report about?
Alexan
> Ok thanks, my bug report is related to the non presence of this configuration
> file.
>
> Now I know why it is not present. so it's normal. I will try to find a
> configuration file or configure it manually.
The following configuration file should be close to making adminer
available at http:/
Hi,
> "localhost/adminer" or similar does not start the program = adminer.php file
Can you be more explicit on what you are trying to do? Did you type
localhost/adminer in your browser address bar?
> there is no man page
There usually is no man page for web apps unless they provide cli tools.
Hi,
> adminer from stable is missing configuration (and docs) files. I just
> installed the version from the backports repository and now I have:
> - a README.Debian file that helps in the setup
> - a con file in /etc/adminer
> - a file in /etc/apache2/conf-available
> - a working adminer install
>> > Maybe it would make sense to just add the missing config files from the
>> > one in backports without bumping up the version. Does this respect
>> > stable policies?
>>
>> Do you mean backports policies here?
>
> No, I meant stable. As I said the package from backports works as expected
> (bu
Hi,
> Converting mp4 videos hangs with errors :
> TRANSCODE P1030181_video.webm
> transcoding P1030181.MP4 failed, skipped
> Pipeline is stalled, this is a problem either in gst or in lazygal's
> use of gst
> ...
> VIDEOTHUMB P1030181_thumb.jpg
> creating P1030181.MP4 thumb
Hi,
> I should add that libwoodstox-java 1:4.1.3-1 didn't provide some
> necessary ReaderConfig method but I find that 1:5.1.0-2 works fine.
Installing davmail from unstable in oldstable is not tested, sorry.
Anyway if I can do something to ease backporting, do not hesitate to
contact me.
Thanks
Hi,
> For me /usr/bin/davmail immediately crashes with,
> java.lang.ClassNotFoundException: org.apache.http.HttpRequest
Not in unstable on two different machines.
> Adding /usr/share/java/httpcore.jar into its MANIFEST.MF fixed
> this problem for me.
This is not a direct davmail.jar dependency
Hi,
> Aha, thank you for quickly investigating - yes, that other bug certainly
> looks relevant. So very likely something fixable by constraining
> versions of a couple of dependencies to be sufficiently new but I could
> easily have misjudged the degree we expect such mixed-version systems to
> w
Le 13 octobre 2019 01:04:46 GMT+02:00, "Pierre-Elliott Bécue"
a écrit :
>Le jeudi 03 octobre 2019 à 11:50:48+0200, Jonas Smedegaard a écrit :
>> Quoting Alexandre Rossi (2019-10-02 15:04:54)
>> > > > > > Do you have plans/solutions regarding this issu
Hi,
> >Do you require some assistance regarding a new upload of uwsgi? I'm
> >eager to dedicate some time to it if you can't do so. :)
>
> I have a patch but I have not been able to test it yet because the py2
> removal makes the package FTBS... I'm close to fix it though. I'll post an
> update
> > > >Do you require some assistance regarding a new upload of uwsgi? I'm
> > > >eager to dedicate some time to it if you can't do so. :)
> > >
> > > I have a patch but I have not been able to test it yet because the py2
> > > removal makes the package FTBS... I'm close to fix it though. I'll po
> > > > > I have a patch but I have not been able to test it yet because
> > > > > the py2 removal makes the package FTBS... I'm close to fix it
> > > > > though. I'll post an update here by wednesday.
> > > >
> > > > The patch I want to test is here:
> > > > https://sml.zincube.net/~niol/repos
> > unfortunately davmail fails to build from source with
> > libjackrabbit-java 2.18.0. Long deprecated methods have been removed.
> > Your package build-depends on a very old version of jackrabbit (2.4.3).
This is too much work and I'm afraid if I do not get help I'll miss
the 2019-02-12 - Soft-
Hi,
> > 1) Mandatory adminer/ directory
> >
> > I have not found any way to make adminer work without a /adminer/ directory.
> >
> > This makes it a bit complicated to to deploy in a custom path or without
> > exposing the whole /usr/share/adminer even if other files are not required.
> >
> > A
Package: graphite-web
Version: 1.1.4-3
Severity: minor
Dear Maintainer,
graphite-build-search-index outputs the following error if there are
no whisper database on the system:
/etc/cron.hourly/graphite_build_search_index:
/usr/bin/graphite-build-search-index: 12: cd: can't cd to
/var/li
Hi,
Here is a patch that fixes the problem.
Alex
commit 98c8018968cb586e689bc188ece369c7a9129a6e
Author: Alexandre Rossi
Date: Tue Sep 17 11:00:16 2019 +0200
prevent dh_python3 from putting python:any in Depends (Closes: #936651)
diff --git a/debian/bin/graphite-manage b/debian/bin
Hi,
Here is a patch that fixes the problem.
Alex
commit 314d6581942e475a96cdf4b4766d083d7a49f61c
Author: Alexandre Rossi
Date: Tue Sep 17 11:15:48 2019 +0200
avoid hourly error in cron with no whisper db (Closes: #940554)
diff --git a/debian/bin/graphite-build-search-index b/debian/bin
Hi,
> uwsgi-core depends on libmatheval1, which future in the archive seems
> compromised, this implies that src:uwsgi and all packages which depend
> on it will get out of the archive sooner or later.
>
> Do you have plans/solutions regarding this issue? Is it possible to drop
> uwsgi-core depen
> > > > Do you have plans/solutions regarding this issue? Is it possible
> > > > to drop uwsgi-core dependency on libmatheval1?
> > >
> > > It should be as simple as not building the matheval plugin which is
> > > not critical to uwsgi. Should I go on with this?
> >
> > Yeah, I just wasn't sure
Hi,
> > Re-reading yur original bug report I'm not entirely sure what problem
> > you are seeing. Can you elaborate?
>
> 1. What web server configuration is needed to use Adminer?
>
> 2. If I symlink /var/www/html/adm to /usr/share/adminer/adminer
> Adminer can't access it's CSS file.
I've trie
Package: autodep8
Version: 0.18
Severity: normal
Dear Maintainer,
For django packages, autodep8 fails to determine the proper python module
name:
$ autodep8
Test-Command: set -e ; for py in $(pyversions -r 2>/dev/null) ; do cd
"$AUTOPKGTEST_TMP" ; echo "Testing with $py:" ; $py -c "import
djan
formation
diff --git a/debian/changelog b/debian/changelog
index a32710e..c506471 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+cron (3.0pl1-133+mailfrom+2) unstable; urgency=medium
+
+ * Add domain name to mail From: header.
+
+ -- Alexandre Rossi Sun, 12 May 2019 12:
Thanks for you response.
> This has nothing to do with Django packages. It will fail for any
> package where the main module does not match the (upstream) package
> name.
>
> This import test is also the very minimal testing that can be done in a
> python package. If you care enough about testing
Package: uwsgi-plugin-php
Version: 2.0.17.1+8+0.0.3+b3
Severity: normal
Tags: patch
Dear Maintainer,
I've noticed that an interesting fix for the uwsgi PHP plugin is not included
in the upstream releases[1].
This fix[2] solves failures to initialize PHP sessions using session_start()
for PHP app
Hi,
> I do not personally use PHP at all, and it sounds like you do: Would you
> perhaps be interested in joining our little packaging team and help care
> for PHP-related issues in general?
I'd be more than happy to join.
Alex
Package: goaccess
Version: 1:1.2-4+b10
Severity: normal
Dear Maintainer,
The generated HTML report tries to load the following resources which are
not available in the generated file or HTML report target directory.
fonts/fontawesome-webfont.woff2?v=4.7.0
fonts/fontawesome-webfont.woff?v
Hi,
> > Thanks; please go ahead in preparing your package.
>
> Available for review at mentors:
> https://mentors.debian.net/package/adminer
>
> > I would suggest that you sart with — at least to begin with -- the Git-
> > based packaging under my salsa.debian.org account.
>
> Individual commit
Hi,
> > > https://mentors.debian.net/package/adminer
> […]
> > Package updated to latest policy (nothing to do). Sorry for this.
>
> Uploaded; thanks. :)
Thanks a lot.
Should I update myself the VCS repository? Or should we move it out of
your personnal area on salsa? Perhaps in the Debian grou
> > Should I update myself the VCS repository? Or should we move it out of
> > your personnal area on salsa? Perhaps in the Debian group?
>
> Good idea. Can you create a repo in the Debian group? If so, please
> just go ahead and do that and push the entire history (etc.) there and
> then let me k
Hi,
> > I cannot find the Debian group in the project creation form on salsa so
> > I think I am not allowed to create new projects in the Debian group.
>
> Makes some kind of sense. I've created:
>
> https://salsa.debian.org/debian/adminer
>
> … and given you what I believe to be the maximum
Hi,
> Should I push directly to master, send a patcht o the mailing list or propose
> a pull request in salsa, or other?
The fix has been pushed to master.
Any upload planned? Or should I prepare an upload on mentors.d.o?
Also, I'm pondering raising the severity of this bug. uwsgi-plugin-php
ca
> > > Should I push directly to master, send a patcht o the mailing list
> > > or propose a pull request in salsa, or other?
> >
> > The fix has been pushed to master.
>
> Good. But where is that, exactly? URL?
https://salsa.debian.org/uwsgi-team/uwsgi/commit/78c4ab534609f01b30ebcc2560e269bd7
upstream uses d3 v5 and d3.arc appeared in d3 v4. So the webui seems
to require libjs-d3 >=4 or perhaps libjs-d3 >=5.
Then there's #839961 (only d3 v3 is in Debian).
downloading d3 latest and:
$ sudo cp d3.min.js /usr/share/rspamd/www/js/lib/d3.min.js
fixes the problem.
Also the current packaging
Package: rspamd
Version: 1.8.1-2+b2
Severity: normal
Tags: patch
Dear Maintainer,
The logrotate script /etc/logrotate.d/rspamd makes the log rotate and then:
service rspamd reopenlog >/dev/null 2>&1 || true
Unfortunately, for the non-standard action reopenlog, /usr/sbin/service uses
the SysV
Hi,
> Upoin trying to authenticate to an Outlook 365 EWS server, I get the
> following:
>
> davmail.exception.DavMailException: Authentication failed
> com/sun/media/jfxmedia/events/PlayerStateListener
The following patch should fix the problem, unfortunately I cannot
test (I do not have a o365
Hi,
> unfortunately davmail fails to build from source with
> libjackrabbit-java 2.18.0. Long deprecated methods have been removed.
> Your package build-depends on a very old version of jackrabbit (2.4.3).
>
> See also the deprecated list that explains which methods should be
> used instead.
>
> h
Package: lintian
Version: 2.18.0
Severity: minor
Tags: patch
Dear Maintainer,
The suggested package for the embedded html5shiv library has changed name to
node-html5shiv. lintian should suggest to correct name.
Thanks,
Alex
-- System Information:
Debian Release: bullseye/sid
APT prefers unst
Hi,
> Looks good - I just prefer having patches more tight so will tidy up the
> ones recently added by others than myself, then release.
Now that the fix is in the source, there needs to be a binNMU of
uwsgi-plugin-php or a new upload with some basic fixes[1] I had for the package.
[1] https:/
Package: python-certbot
Version: 1.18.0-1
Severity: minor
Tags: patch
Dear Maintainer,
certbot.service leaves no info in the journal except for errors.
oct. 26 00:44:01 volyova systemd[1]: Starting Certbot...
oct. 26 00:44:03 volyova systemd[1]: certbot.service: Succeeded.
Certificate not due f
Hi,
Please find a fix for this in my PR.
https://salsa.debian.org/debian-graphite-team/graphite-web/-/merge_requests/4/diffs?commit_id=f33e706201af428ac88066de0b52c523f805854e
Thanks,
Alex
Hi,
I had fixed this in my PR.
https://salsa.debian.org/debian-graphite-team/graphite-web/-/merge_requests/4/diffs?commit_id=65e05dab11fdc84cdfb3401c3aad45d2ce097ebd
Thanks,
Alex
Hi,
Also, dh_systemd could restart template instances on upgrade, which it
does not.
Alex
Hi,
> * Package name: android-file-transfer-linux
> Version : 4.2.0
> Upstream Author : Vladimir
> * URL : https://github.com/whoozle/android-file-transfer-linux
Isn't this the same as https://packages.debian.org/android-file-transfer ?
Cheers,
Alex
Hi,
Thanks for your bug report.
> After upgrading davmail, it did not start. /usr/bin/davmail is now a jar
> file; it doesn't run without java.
/usr/bin/davmail is a jar file that gets executable using jarwrapper.
> /etc/init.d/davmail start
> dows not give any information. (and does not star
Hi,
> Alexandre> /usr/bin/davmail is a jar file that gets executable using
> Alexandre> jarwrapper.
>
> I worked that out. The issue is that inside a container,
> /proc/fs/binfmt_misc cannot be changed. So to get it to work,
> jarwrapper needs to be installed on the host, as well as in the
> con
Package: systemd
Version: 247.3-6
Severity: normal
Dear Maintainer,
man:org.freedesktop.systemd1 says:
JobRemoved() are sent out each time a new job is queued or dequeued.
[...] done indicates successful execution of a job.
However, when I subscribe to the JobRemoved signal and I restar
Hi,
Many thanks for your quick feedback, this is driving me crazy.
Le Wed, Oct 20, 2021 at 06:26:45PM +0200, Michael Biebl a écrit :
> > man:org.freedesktop.systemd1 says:
> >
> > JobRemoved() are sent out each time a new job is queued or dequeued.
> > [...] done indicates successful e
Hi,
> > I usually recommend to use Type=notify or if that is not possible, I
> > think forking is better then simple for most cases.
>
> See the difference:
>
> # systemctl cat fail.service
> # /etc/systemd/system/fail.service
> [Unit]
> Description=fail
>
> [Service]
> Type=simple
> ExecStart=
Hi,
> * Package name: python-django-contrib-comments
> Version : 2.1.0
> Upstream Author : Django Software Foundation
> * URL : https://github.com/django/django-contrib-comments/
> * License : BSD-3-clause
> Programming Lang: Python
> Description : Djang
tag 1001684 moreinfo
thanks
Hi,
> According to https://github.com/jagornet/dhcp/issues/20 , log4j 1.2 is
> vulnerable to CVE-2019-17571, so davmail should use log4j 2.15 or 2.16
> instead.
According to the debian security tracker[1], this has been fixed in
log4j so davmail uses a fixed version.
tag 1001684 -moreinfo +upstream
severity 1001684 wishlist
thanks
> I only stumbled upon this when examining our servers for instances
> vulnerable to CVE-2021-44228. Forums seem to claim that versions log4j
> versions 1 are not safe either (different vulnerabilities), but without
> giving any spec
mail vulnerable to log4j? If so, when could we expect a
> > security fix?
>
> Qouting https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001684#22
> Debian maintainer of Davmail, Alexandre Rossi:
>
> > Also, since a while already, Java now has its own internal logging
severity 987601 normal
thanks
Hi,
Lowering severity as working around is trivial by installing openjdk-11-jre .
> > After installing the latest security updates, davmail stopped working.
> > I looked into it and found out, that it required the file
> > '/usr/lib/jvm/java-1
> 1-openjdk-amd64/lib
Proof of concept packaging available at
https://sml.zincube.net/~niol/repositories.git/django-filebrowser-safe/
.
Alex
Proof of concept packaging available at
https://sml.zincube.net/~niol/repositories.git/django-grappelli-safe/
.
Alex
Proof of concept packaging available at
https://sml.zincube.net/~niol/repositories.git/django-mezzanine/
.
Alex
Hi,
Thanks a lot for your bug report.
> after the last upgrade of java on testing and starting davmail from
> command line the mail seem to work correctly, but the Calendar not (for
> example you cannot accept an invitation or you accept it and it is
> marked as not accepted or the calendar is no
Hi,
> > From this report (system information) I have seen that I have removed
> > two library, I try to install they
> > # apt install libswt-gtk-4-java libswt-cairo-gtk-4-jni
> >
> > and restarted javamail from xterm. Appear the davmail window, but when I
> > click on it the windows disappear an
> >> I've prepared updates for the davmail backport and its libhtmlcleaner
> >> dependency :
> >> https://sml.zincube.net/~niol/tmp/
>
> building the libhtmlcleaner-java backport in stretch fails:
> Error: Could not find or load main class
> org.apache.maven.surefire.booter.ForkedBooter
I've upda
Hi Geert,
> I've prepared updates for the davmail backport and its libhtmlcleaner
> dependency :
> https://sml.zincube.net/~niol/tmp/
>
> Those are awaiting sponsorship (the process for granting me upload
> rights also to backports is ongoing).
Granting me upload rights to the backports archive d
Hi,
> I've just uploaded working versions of the Seafile Client packages (that
> are libsearpc, seafile and seafile-client) that don't require ccnet anymore.
>
> So if anyone wants to continue with packaging ccnet with the
> ccnet-server sources, please feel free to do so.
It's done :
https://sml
Closing as I did not get any followup. Feel free to reopen if still applicable.
Hi,
> The latest version of davmail fails to execute from initscripts if
> ENABLE_DAEMON is set to true. Appears to be because
> /usr/share/java/davmail-4.9.0.2652.jar does not have execute permissions.
> chmod +x to the target resolves the problem.
Thanks a lot for reporting and providing a work
Hi,
Thanks for reporting.
Debian buster has java10 as default java. I cannot make davmail run
with java8 and java10 and at the same time compile it with java10. I'm
seeking advice for now about how to solve.
You can work around the bug by running davmail with java10:
$ sudo update-alternatives -
Hi,
> This is a jarwrapper bug, the CheckProperty class was compiled without
> specifying the source/target level, thus defaulting to Java 10 bytecode
> (version 54.0).
Thanks but the second part of the stacktrace is still on davmail.
I need to investigate between these options:
1) make the bina
401 - 500 of 558 matches
Mail list logo