Processing commands for [EMAIL PROTECTED]:
found 309596 3.0-3
Bug#309596: tetex-base: FTBFS in experimental: Endless loop on Linux 2.6
Bug marked as found in version 3.0-3.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
Hi,
Is there any further information? Or, already fixed? I can't
reproduce this bug.
Sorry, I've been busy.
1. Are there any files in /usr/share/xemacs21/site-lisp/gnus? Do
you have *.elc files there?
Yes, 152 elc files. I have no idea where they came from,
though. Should they
Processing commands for [EMAIL PROTECTED]:
severity 341398 grave
Bug#341398: racoon stopped working when upgrading from 0.6.2-2 to 0.6.3-1
Severity set to `grave'.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
hi,
while in a lecture this morning i found my thoughts travelling back to
this bug report for some reason and...
On Mon, Dec 05, 2005 at 03:58:47PM -0800, Steve Langasek wrote:
New upstream versions for RC bugfixes are allowed via t-p-u, yes.
this may stem from my unfamiliarity with tpu: how
On Tue, Dec 06, 2005 at 04:21:48AM -0500, sean finney wrote:
while in a lecture this morning i found my thoughts travelling back to
this bug report for some reason and...
On Mon, Dec 05, 2005 at 03:58:47PM -0800, Steve Langasek wrote:
New upstream versions for RC bugfixes are allowed via
Package: ffmpeg
Version: 0.cvs20050918-5
Severity: grave
Tags: security
Justification: user security hole
An exploitable heap overflow has been found in libavcodec's handling
of images with PIX_FMT_PAL8 pixel formats. Please see
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558
for
Package: libxine1
Version: 1.0.1-1.4
Severity: grave
Tags: security
Justification: user security hole
An exploitable heap overflow has been found in libavcodec's handling
of images with PIX_FMT_PAL8 pixel formats. xine-lib's embedded copy
is vulnerable as well. Please see
tags 339267 patch
thanks
Hi Guenter,
I've prepared an NMU to fix this bug in stk. The patch for the NMU is
attached, and I'll be uploading the package shortly to the NEW queue. If
you disagree with any of the changes made, please make a maintainer upload
in its place.
Cheers,
--
Steve
Processing commands for [EMAIL PROTECTED]:
# Automatically generated email from bts, devscripts version 2.9.9
tags 325689 + security
Bug#325689: xsetbg keeps opening X clients without closing the old
Tags were: confirmed
Tags added: security
severity 325689 grave
Bug#325689: xsetbg keeps
Package: python-visual
Version: 3.2.1-3
Severity: serious
There was an error while trying to autobuild your package:
Automatic build of python-visual_3.2.1-3+b1 on debian01 by sbuild/s390 79
[...]
/bin/sh ..//libtool --mode=compile g++ -I/usr/include/python2.3
-DHAVE_CONFIG_H -I../include
Package: gr-usrp
Version: 0.5-2+b1
Severity: serious
There was an error while trying to autobuild your package:
Automatic build of gr-usrp_0.5-2+b1 on debian-31 by sbuild/s390 79
[...]
/bin/sh ../libtool --mode=link s390-linux-gnu-g++ -g -O2 -Wall
-Woverloaded-virtual -pthread -o
Package: kmail
Version: 4:3.4.2-2
Severity: critical
Justification: causes serious data loss
Since I upgraded KDE to 3.4.x, I'm getting unpleasant crashes on various KDE
applications
but the most serious, because of the frecuency in which it happens is kmail.
The worst part is that, as kmail is
Hi there,
I'm tagging this bug as security and upping the severity.
Justification:
A small script can be used to affect the availability of the parent
xserver if xloadimage is installed. If the resource limits of the
xserver are high enough, there is potential for the process table to
become
Package: libopenh323-1.15.6
Version: 1.15.6-2
Severity: serious
Justification: File conflict
# apt-get dist-upgrade
.
The following NEW packages will be installed:
libopenh323-1.15.6 (1.15.6-2)
The following packages have been kept back:
0 upgraded, 1 newly installed, 0 to
Package: aptitude
Version: 0.4.0-3experimental2
Severity: serious
Tags: experimental
Justification: no longer builds from source
experimental aptitude (as of today) fails make check in tests/ because
vscreen is not included in LDADD in tests/Makefile.in, looks like
tests/Makefile.in isn't updated
Hi!
Thxs for the report.
I had noticed it yesterday.
The thing is AFAIK that this file needs an asm/atomic.h include.
And I discovered that this include was provided by the linux kernel jeaders.
Now come the tricky part: pbuilder chroot allready has those headers
installed, so it is no
On Tue, Dec 06, 2005 at 11:58:22AM +0100, Romain Beauxis wrote:
The thing is AFAIK that this file needs an asm/atomic.h include.
And I discovered that this include was provided by the linux kernel jeaders.
And a userspace program MUST NOT include this headers directly.
Bastian
--
Change is
Le Mardi 6 Décembre 2005 12:11, Bastian Blank a écrit :
On Tue, Dec 06, 2005 at 11:58:22AM +0100, Romain Beauxis wrote:
The thing is AFAIK that this file needs an asm/atomic.h include.
And I discovered that this include was provided by the linux kernel
jeaders.
And a userspace program
On Tue, Dec 06, 2005 at 11:37:48AM +0100, Bastian Blank wrote:
There was an error while trying to autobuild your package:
Yes, gr-usrp is currently unbuildable because cppunit hasn't gone through the
mt allocator transition.
/* Steinar */
--
Homepage: http://www.sesse.net/
--
To
block 342214 with 339178
thanks
On Tue, Dec 06, 2005 at 12:29:18PM +0100, Steinar H. Gunderson wrote:
Yes, gr-usrp is currently unbuildable because cppunit hasn't gone through the
mt allocator transition.
Sorry, typo there -- gnuradio-core is the package we're waiting on. (I can't
believe the
reassign 342214 libusrp0c2a 0.8-4
thanks
On Tue, Dec 06, 2005 at 11:37:48AM +0100, Bastian Blank wrote:
Package: gr-usrp
Version: 0.5-2+b1
Severity: serious
There was an error while trying to autobuild your package:
Automatic build of gr-usrp_0.5-2+b1 on debian-31 by sbuild/s390 79
[...]
Processing commands for [EMAIL PROTECTED]:
reassign 342214 libusrp0c2a 0.8-4
Bug#342214: gr-usrp - FTBFS: /usr/lib/libusrp.so: No such file or directory
Bug reassigned from package `gr-usrp' to `libusrp0c2a'.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian
Package: kile-i18n
Severity: grave
Justification: renders package unusable
The kile-i18n package cannot be installed because it needs kile version
1:1.8.1-3.1, whereas the current release of kile is 1:1.8.1-3.1+b1.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
Processing commands for [EMAIL PROTECTED]:
tag 341936 + fixed-in-experimental
Bug#341936: k3d_0.5.0.34-0pre1(s390/experimental): FTBFS: dh_python fails due
to missing python in build-depends
There were no tags set.
Tags added: fixed-in-experimental
quit
Stopping processing here.
Please
Processing commands for [EMAIL PROTECTED]:
# Automatically generated email from bts, devscripts version 2.9.9
#nope, cause it's not a gr-usrp bug anyway
unblock 342214 with 339178
Bug#342214: gr-usrp - FTBFS: /usr/lib/libusrp.so: No such file or directory
Was blocked by: 339178
Blocking bugs
Package: pingus
Version: 0.6.0-8.2
Severity: grave
Justification: renders package unusable
The pingus package cannot be installed, because it needs pingus-data
version = 0.6.0-8.2+b1, whereas the current release is 0.6.0-8.2.
-- System Information:
Debian Release: testing/unstable
APT
Package: trac
Version: 0.9.1-2
Severity: grave
Tags: security
What's New
--
A brief summary of major changes for version 0.9.2:
* Fix for an SQL injection vulnerability in the search module.
(http://projects.edgewall.com/trac/changeset/2605)
* Fix for broken email ticket notifications.
El mar, 06-12-2005 a las 11:53 +0100, Willi Mann escribió:
Package: libopenh323-1.15.6
Version: 1.15.6-2
Severity: serious
Justification: File conflict
# apt-get dist-upgrade
.
The following NEW packages will be installed:
libopenh323-1.15.6 (1.15.6-2)
The following packages
tags 341398 + moreinfo unreproducible
thanks
I see you're using non standard kernel. Can you reporoduce the same
problem with standard kernel? I was unable to reproduce with 2.6.14-2-686.
Can you state what kind of ipsec policies you have in place?
Are you using any other tools which use pfkey
Processing commands for [EMAIL PROTECTED]:
tags 341398 + moreinfo unreproducible
Bug#341398: racoon stopped working when upgrading from 0.6.2-2 to 0.6.3-1
There were no tags set.
Tags added: moreinfo, unreproducible
thanks
Stopping processing here.
Please contact me if you need assistance.
I realize that the subject of this bug report says ia64; but it really hits
all architectures. I appreciate that all those C++ transitions are making
life hard on maintainers - but today kmail came out and that allowed me to do
a major dist-upgrade to my sid.
The only conflict left was lyx,
Your message dated Tue, 6 Dec 2005 14:03:26 +0100
with message-id [EMAIL PROTECTED]
and subject line Not installable
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to
Your message dated Tue, 6 Dec 2005 15:24:12 +0100
with message-id [EMAIL PROTECTED]
and subject line 0.9.2-1 has been uploaded, closing the bug.
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is
Package: mysql-dfsg-5.0
Severity: serious
The package has been tried again; this time there was no problem
installing tetex-bin, and all build-deps installed fine. But the build
was stopped due to inactivity:
Package: tetex-extra
Version: 2.0.2c-8
Severity: grave
Justification: renders package unusable
Hi!
The latest update is not installable:
snell:~# apt-get install tetex-extra
Reading Package Lists... Done
Building Dependency Tree... Done
The following packages will be upgraded:
tetex-extra
1
Package: cgoban
Version: 1.9.14-8
Severity: serious
Justification: fails to build from source
cgoban failed to build on a sparc buildd, duplicated on my sparc pbuilder.
make[1]: Entering directory `/build/buildd/cgoban-1.9.14'
cd . automake-1.9 --gnu
/bin/sh: automake-1.9: command not found
Package: gcc-3.4
Version: 3.4.4-10
Severity: important
hi,
starting with version 3.4.4-10, gcc-3.4 makes boost 1.33.x FTBFS.
/usr/bin/ld:
Processing commands for [EMAIL PROTECTED]:
tag 260775 + fixed
Bug#260775: oops.cfg should not be readable worlwide
There were no tags set.
Tags added: fixed
tag 307360 + fixed
Bug#307360: oops: Format string vulnerability in database auth handling
(CAN-2005-1121)
Tags were: patch security
Package: centericq
Version: 4.21.0-7
Severity: serious
The last upload of centericq works around a bug in curl.
Bastian
--
You're too beautiful to ignore. Too much woman.
-- Kirk to Yeoman Rand, The Enemy Within, stardate unknown
signature.asc
Description: Digital signature
On Tue, Dec 06, 2005 at 03:33:52PM +0100, Frank Küster wrote:
CRUFT BEGIN
/usr/bin/fakeroot: line 152: 24322 Trace/breakpoint trap
FAKEROOTKEY=$FAKEROOTKEY LD_LIBRARY_PATH=$PATHS LD_PRELOAD=$LIB $@
Build killed with signal 15 after 150 minutes of inactivity
sean finney [EMAIL PROTECTED] wrote:
none of these should endlessly loop. if faulty hardware/disk is
suspect, the find jobs might be taking an extraordinary amount of
time as a result... i can see a way to optimise the cleanups on
the .deps directory (passing -prune to find) but it seems
Robert Sander [EMAIL PROTECTED] wrote:
Package: tetex-extra
Version: 2.0.2c-8
Severity: grave
Justification: renders package unusable
Hi!
The latest update is not installable:
snell:~# apt-get install tetex-extra
Reading Package Lists... Done
Building Dependency Tree... Done
The
Package: gcc-4.0
Version: n/a
Severity: important
hi,
gcc-4.0 makes boost 1.33.x FTBFS on hppa. this bug is probably the
same of #342245 for gcc-3.4, only that gcc-4.0 _never_ built 1.33.x on
that architecture.
/usr/bin/ld:
Aidas Kasparas wrote:
tags 341398 + moreinfo unreproducible
thanks
I see you're using non standard kernel. Can you reporoduce the same
problem with standard kernel? I was unable to reproduce with 2.6.14-2-686.
Can you state what kind of ipsec policies you have in place?
Are you using any other
Package: libglibmm-2.4-1c2
Severity: grave
Justification: renders package unusable
The libglibmm-2.4-1c2 package cannot be installed because it needs
libsigc++-2.0-0c2 that has been replaced by libsigc++-2.0-0c2a.
-- System Information:
Debian Release: testing/unstable
APT prefers
Package: libgtkmm-2.4-1c2
Severity: grave
Justification: renders package unusable
The libgtkmm-2.4-1c2 package is uninstallable because it needs
libsigc++-2.0-0c2 that has been replaced by libsigc++-2.0-0c2a.
-- System Information:
Debian Release: testing/unstable
APT prefers
On Tue, Dec 06, 2005 at 11:53:44AM +0100, Filippo Giunchedi [EMAIL PROTECTED]
was heard to say:
Package: aptitude
Version: 0.4.0-3experimental2
I assume you mean -5experimental1.
Severity: serious
Tags: experimental
Justification: no longer builds from source
experimental aptitude (as
On Tue, Dec 06, 2005 at 05:05:36PM +0100, Frank K?ster wrote:
What was the package that was not fully installed or removed? I guess
it was tetex-extra?
Yes.
Please send us the output of
ls /var/lib/texmf/web2c/updmap*
kpsewhich --format='web2c files' updmap.cfg
snell:~# ls
Florian Weimer a écrit :
It's at the end of the URL you quoted, but it's incomplete, and the
general approach is wrong. Now, I would byte-code the affected
instructions in the macro and use it in all macro expansions.
like this ?
Processing commands for [EMAIL PROTECTED]:
tag 342218 + fixed-in-experimental
Bug#342218: aptitude: fails to build, tests/Makefile.in is not up to date
Tags were: experimental
Tags added: fixed-in-experimental
quit
Stopping processing here.
Please contact me if you need assistance.
Debian
* Michel Quercia:
like this ?
--
# corps de boucle à dérouler. taille du code = 24 octets
# entrer avec eax = edx = 1er chiffre de a, CF = 0
#undef BODY
#define BODY(x,y,z) \
adcl
hi -admin and -devel,
executive summary: mysterious and unreproducible ftbfs for
mysql, and perhaps other packages on the hppa architecture. a faulty
buildd (sarti) is suspected, but afaict all requests for information
remain unanswered.
i'm suspecting hardware problems, as for mysql this is
Your message dated Tue, 06 Dec 2005 18:29:23 +0100
with message-id [EMAIL PROTECTED]
and subject line Closed with upload
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility
Hi Matt,
According to my reading of the doc for mmap, this should work. It does
work on other platforms. It also seg faults instead of returning ((void*)-1).
Now, what? :-(
If you don't want to require that users use a kernel that doesn't
misbehave like this, shouldn't you add an autoconf
On Tue, Dec 06, 2005 at 08:13:27AM -0800, Daniel Burrows wrote:
On Tue, Dec 06, 2005 at 11:53:44AM +0100, Filippo Giunchedi [EMAIL
PROTECTED] was heard to say:
Package: aptitude
Version: 0.4.0-3experimental2
I assume you mean -5experimental1.
indeed, I failed to tell reportbug I
Robert Sander [EMAIL PROTECTED] wrote:
snell:~# ls /var/lib/texmf/web2c/updmap*
/var/lib/texmf/web2c/updmap.cfg
snell:~# kpsewhich --format='web2c files' updmap.cfg
snell:~#
This shows that the file exists, but is not found - probably due to some
misconfiguration. What's the output of
Your message dated Tue, 6 Dec 2005 09:52:04 -0800
with message-id [EMAIL PROTECTED]
and subject line [EMAIL PROTECTED]: Fixed in upload of aptitude
0.4.0-5experimental2 to experimental]
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been
On Tue, Dec 06, 2005 at 07:01:25PM +0100, Frank K?ster wrote:
kpsewhich --expand-var '$WEB2C'
grep WEB2C /etc/texmf/texmf.cnf
grep '^TEXMF =' /etc/texmf/texmf.cnf
snell:~# kpsewhich --expand-var '$WEB2C'
{/root/texmf,/usr/local/share/texmf,/usr/local/lib/texmf,!!/usr/share/texmf}/web2c
Florian Weimer a écrit :
It's a release-critical bug which needs to be fixed. I would like to
use the patch you described above, applied to 0.21. Do you think this
is feasible?
I don't know how to make a patch. Is this ok ?
[EMAIL PROTECTED]:~/src/caml/numerix/numerix-0.21$ diff -b -C 2
On Tue, Dec 06, 2005 at 06:38:07PM +0100, Filippo Giunchedi [EMAIL PROTECTED]
was heard to say:
On Tue, Dec 06, 2005 at 08:13:27AM -0800, Daniel Burrows wrote:
On Tue, Dec 06, 2005 at 11:53:44AM +0100, Filippo Giunchedi [EMAIL
PROTECTED] was heard to say:
Package: aptitude
Version:
Robert Sander [EMAIL PROTECTED] wrote:
snell:~# kpsewhich --expand-var '$WEB2C'
{/root/texmf,/usr/local/share/texmf,/usr/local/lib/texmf,!!/usr/share/texmf}/web2c
snell:~# grep WEB2C /etc/texmf/texmf.cnf
% WEB2C is for Web2C specific files. The current directory may not be
WEB2C =
Le Mardi 6 Décembre 2005 12:14, Romain Beauxis a écrit :
And a userspace program MUST NOT include this headers directly.
Hum..
So what is the correct way of doing things then?
Hi!
I have googled this and found out that it had to be re-implemented in
userland.
I search around for a
Hi there, Myon!
Debian Bug Tracking System wrote:
the binNMUs are on their way, only arm and m68k are still missing.
Good! Thanks for your time!
--
.''`. Follow the white Rabbit - Ranty (and Lewis Carroll)
: :' :
`. `' Proudly running unstable Debian GNU/Linux
`-
Package: libgphoto2-2
Version: 2.1.6-5.3
Severity: grave
Justification: renders package unusable
I am using udev unstable, version 0.076-4.
libgphoto2 generates a set of rules for use with udev, namely
/etc/udev/libgphoto2.rules. These in turn call the executable
/etc/hotplug/usb/libgphoto2,
Package: xpdf-reader
Version: 3.00-13
Severity: critical
Justification: causes serious data loss
Arbitrary code execution (with privileges as user of package) issues
reported by iDefense:
Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability
Multiple Vendor xpdf DCTStream
On Tue, Dec 06, 2005 at 07:54:09PM +0100, Frank K?ster wrote:
You don't by chance have a typescript of the upgrade from woody's
version of tetex (1.0something) to sarge's?
The host was upgraded from woody to sarge three weeks ago, but I have
not recorded the upgrade, sorry.
Greetings
--
Processing commands for [EMAIL PROTECTED]:
# Automatically generated email from bts, devscripts version 2.9.9
# not RC unless it causes a build failure
severity 342257 important
Bug#342257: centericq - workarounds bugs in curl
Severity set to `important'.
End of message, stopping processing
Processing commands for [EMAIL PROTECTED]:
# Automatically generated email from bts, devscripts version 2.9.9
severity 342281 grave
Bug#342281: xpdf-reader: security issues by iDefense
Severity set to `grave'.
End of message, stopping processing here.
Please contact me if you need
reassign 341392 ftp.debian.org
retitle 341392 Please remove obsoleted socket-modules-2.6.14-2-386-di
thanks
On Tuesday 06 December 2005 06:55, Frans Pop wrote:
This looks to be a serious bug in kernel-wedge as it seems a module
from a previous kernel version is included when that module is not
hi steve, olaf,
On Tue, Dec 06, 2005 at 01:30:23AM -0800, Steve Langasek wrote:
Yeah, it simply won't work. You'd need to give this build a distinguishing
version number that's the version in unstable; perhaps 5.0.16-0+etch1.
I'd advise against giving it a different upstream version
On Tue, Dec 06, 2005 at 10:03:42AM -0800, Daniel Burrows wrote:
Could you confirm that -5experimental2 fixes this?
It does, thanks for your quick answer and action!
filippo
--
Filippo Giunchedi
PGP key: 0x6B79D401
random quote follows:
At the source of every error which is blamed on the
Processing commands for [EMAIL PROTECTED]:
tags 339176 +pending
Bug#339176: library package needs to be renamed (libstdc++ allocator change)
There were no tags set.
Tags added: pending
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking
Processing commands for [EMAIL PROTECTED]:
reassign 341392 ftp.debian.org
Bug#341392: linux-2.6: kernel BUG at mm/slab.c:1807!
Bug reassigned from package `linux-kernel-di-i386-2.6' to `ftp.debian.org'.
retitle 341392 Please remove obsoleted socket-modules-2.6.14-2-386-di
Bug#341392:
Processing commands for [EMAIL PROTECTED]:
severity 341392 important
Bug#341392: Please remove obsoleted socket-modules-2.6.14-2-386-di
Severity set to `important'.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
Your message dated Tue, 6 Dec 2005 21:23:49 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 6 Dec 2005 21:23:49 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 6 Dec 2005 21:23:49 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 6 Dec 2005 21:23:49 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 6 Dec 2005 21:23:49 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 06 Dec 2005 12:22:42 -0800
with message-id [EMAIL PROTECTED]
and subject line libgnomecanvasmm2.0: FTBFS (amd64/gcc-4.0): explicit
specialization of non-template 'Glib::anonymous class'
has caused the attached Bug report to be marked as done.
This means that you claim
Your message dated Tue, 6 Dec 2005 21:28:06 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 6 Dec 2005 21:28:06 +0100
with message-id [EMAIL PROTECTED]
and subject line Fixed in vorbis-tools 1.0.1-1.5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your
Your message dated Tue, 06 Dec 2005 12:20:37 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#342269: libglibmm-2.4-1c2: cannot install: broken
dependency
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this
Your message dated Tue, 06 Dec 2005 12:20:37 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#342269: libglibmm-2.4-1c2: cannot install: broken
dependency
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this
clone 342281 -1 -2 -3
reassign -1 gpdf
retitle -1 gpdf: source taken from xpdf may introduce heap-overflow
vulnerabilities
reassign -2 kpdf
retitle -2 kpdf: source taken from xpdf may introduce heap-overflow
vulnerabilities
reassign -3 libpoppler0c2
retitle -3 libpoppler0c2: source taken from
Processing commands for [EMAIL PROTECTED]:
clone 342281 -1 -2 -3
Bug#342281: xpdf-reader: security issues by iDefense
Bug 342281 cloned as bugs 342286-342288.
reassign -1 gpdf
Bug#342286: xpdf-reader: security issues by iDefense
Bug reassigned from package `xpdf-reader' to `gpdf'.
retitle -1
Processing commands for [EMAIL PROTECTED]:
tags 342281 security
Bug#342281: xpdf-reader: security issues by iDefense
There were no tags set.
Tags added: security
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
tags 342276 security
thanks
Hi,
gpdf is in fact vulnerable to the latest xpdf issues from iDefense.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: pdftohtml
Severity: grave
Tags: security
Justification: user security hole
Some security problems have been found in xpdf, of which pdftohtml ships
a local copy. It is therefore vulnerable to a subset of the xpdf issues
(not all of them, as it ships an older copy than current xpdf):
tag 342287 security
thanks
Hi,
I can confirm that kpdf is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
Processing commands for [EMAIL PROTECTED]:
tag 342287 security
Bug#342287: kpdf: source taken from xpdf may introduce heap-overflow
vulnerabilities
There were no tags set.
Tags added: security
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking
Package: ocaml-ssl
Severity: serious
Justification: no longer builds from source
Hello,
Well in fact, it is mostly a problem of findlib. The package needs to be
rebuild for mips, mipsel, m68k, arm against findlib 1.1-3.
Kind regard
Sylvain Le Gall
-- System Information:
Debian Release:
Package: tetex-bin
Version: 3.0-10.1
Severity: grave
Tags: security
Justification: user security hole
Multiple exploitable security problems have been found in xpdf, which are
all present in tetex-bin's embedded xpdf copy as well:
Multiple Vendor xpdf DCTStream Baseline Heap Overflow
* Michel Quercia:
I don't know how to make a patch. Is this ok ?
It is.
--- 985,991
#define BODY(x,y,z) \
adcl x(%ebx,%ecx,4), %eax; \
!/* movl y(%esi,%ecx,4), %edx */ .byte 0x8B, 0x54, 0x8E, y; \
movl %eax, x(%edi,%ecx,4); \
!/* adcl
tags 342288 security
thanks
Hi,
I can confirm that poppler is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
Processing commands for [EMAIL PROTECTED]:
tags 342288 security
Bug#342288: libpoppler0c2: source taken from xpdf may introduce heap-overflow
vulnerabilities
There were no tags set.
Tags added: security
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug
Package: koffice
Severity: grave
Tags: security
Justification: user security hole
Some heap overflows have been found in xpdf, of which koffice ships
a local copy. It is therefore vulnerable to a subset of the xpdf issues:
CVE-2005-3191:
http://www.idefense.com/application/poi/display?id=342
Package: postgresql-common
Version: 24
Severity: serious
First, apologies if this was fixed in something after package version 24; I
didnt see a bug report it about it, and I didnt see anything in the
changelogs (quick glance only)
This would appear to have been introduced by fixing #316100.
Processing commands for [EMAIL PROTECTED]:
# found in woody according to iDEFENSE
found 342281 1.00-3.4
Bug#342281: xpdf-reader: security issues by iDefense
Bug marked as found in version 1.00-3.4.
# also in unstable
found 342281 3.01-2
Bug#342281: xpdf-reader: security issues by iDefense
Processing commands for [EMAIL PROTECTED]:
reassign 342282 libgphoto2-2
Bug#342282: camera access works only when root
Bug reassigned from package `digikam' to `libgphoto2-2'.
severity 342282 grave
Bug#342282: camera access works only when root
Severity set to `grave'.
severity 341151 grave
1 - 100 of 120 matches
Mail list logo