Bug#484570: [Secure-testing-team] Bug#484570: [motion] motion.conf world readable and thus writable through web interface by default

Hi Nico, On Thursday 5 June 2008 01:41, Nico Golde wrote: > That basically makes the control_authentication which is > used for http authentication useless as an attacker can read > login credentials and then change the configuration to > whatever he likes via the web interface of motion (for > ex

Bug#484609: pptp-linux: Disconnects immediately after connection

Package: pptp-linux Version: 1.7.2-1 Severity: grave Justification: renders package unusable The latest upgrade to 1.7.2-1 broke my internet connection. pppd daemon hang up immediately after connection and I have the following in the syslog: pppd[4914]: Terminating on signal 15 pppd[4914]: Conne

Bug#484555: marked as done (linux-headers-2.6.22-3-amd64: Broken dependency with linux-kbuild-2.6.22)

Your message dated Thu, 5 Jun 2008 08:20:44 +0200 with message-id <[EMAIL PROTECTED]> and subject line Re: Bug#484555: linux-headers-2.6.22-3-amd64: Broken dependency with linux-kbuild-2.6.22 has caused the Debian Bug report #484555, regarding linux-headers-2.6.22-3-amd64: Broken dependency with

Processed: Re: Bug#484555: linux-headers-2.6.22-3-amd64: Broken dependency with linux-kbuild-2.6.22

Processing commands for [EMAIL PROTECTED]: > reassign 484555 linux-2.6 Bug#484555: linux-headers-2.6.22-3-amd64: Broken dependency with linux-kbuild-2.6.22 Warning: Unknown package 'linux-headers-2.6.22-3-amd64' Bug reassigned from package `linux-headers-2.6.22-3-amd64' to `linux-2.6'. > -- Stop

Processed: tagging 484187, tagging 285242, tagging 237640

Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.10.29 > tags 484187 + pending Bug#484187: xfrisk: FTBFS: Nonexistent build-dependency: libxaw-headers There were no tags set. Tags added: pending > tags 285242 + pending Bug#285242: xfrisk:

Bug#484599: ia32-libs contains several sources and break policy 4.13

Package: ia32-libs Version: 2.5 Severity: serious Hi, ia32-libs contains several sources of software that are already packaged and available from the Debian archive. This is a clear breakage of point 2.13 of the Debian policy 3.8.0.0: « Debian packages should not make use of these convenience c

Bug#392894: robotour: Found in 3.2.1-3.1

Package: robotour Version: 3.2.1-3.1 Followup-For: Bug #392894 Hi Zak, I compiled 3.2.1-3.1 on a Sid cowbuilder, installed in on a Lenny system, and reproduced the bug again. The machine is not the same as earlier in this bug. A typical error message is: (dummy:4340): GLib-GObject-WARNING **: /

Bug#484351: 2.0.2-ruby1.8.7-compat rails branch

Antonio Terceiro wrote: > Hi, > > I'm maintaining a branch with rails 2.0.2 + known 1.8.7-compatibility > changes cherry-picked from upstream rails on alioth: > > http://git.debian.org/?p=users/terceiro-guest/rails.git;a=summary > > See the 2.0.2-ruby1.8.7-compat branch. AFAICT it works, and my

Bug#479680: marked as done (clustalw_2.0.5-1(ia64/unstable): FTBFS: ISO C++ forbids declaration of 'auto_ptr' with no type)

Your message dated Thu, 5 Jun 2008 12:56:44 +0900 with message-id <[EMAIL PROTECTED]> and subject line Fixed in all current versions, closing the bug has caused the Debian Bug report #479680, regarding clustalw_2.0.5-1(ia64/unstable): FTBFS: ISO C++ forbids declaration of 'auto_ptr' with no type

Bug#484580: Correction

The previus version of libgtk2.0-0 package that don't have the problem is 2.12.9-4, not 2.12.9-9. Thanks. Fabiano. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#479612: spandsp ABI & SONAME

Processing commands for [EMAIL PROTECTED]: > reassign 479612 spandsp 0.0.4pre18-1 Bug#479612: after upgrade to spandsp 0.0.4pre18 asterisk-app-fax crashes asterisk Bug reassigned from package `asterisk-app-fax' to `spandsp'. > retitle 479612 spandsp 0.0.4pre18-1 broke ABI Bug#479612: after upgr

Bug#479612: spandsp ABI & SONAME

reassign 479612 spandsp 0.0.4pre18-1 retitle 479612 spandsp 0.0.4pre18-1 broke ABI severity 479612 grave thanks Steve, do we have any news regarding the ABI issues of spandsp I mentioned on my previous mail? The ABI issue will block spandsp from releasing with our stable release, scheduled f

Bug#484192: marked as done (mctools-lite: FTBFS: hardware.c:471: error: storage size of 'ust' isn't known)

Your message dated Thu, 05 Jun 2008 02:02:03 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484192: fixed in mctools-lite 970129-19 has caused the Debian Bug report #484192, regarding mctools-lite: FTBFS: hardware.c:471: error: storage size of 'ust' isn't known to be marked as don

Bug#380226: VERIFY YOUR PLANETMAIL NOW

Dear PLANET Email Owner, This message is from PLANET messaging centre to all PLANET Email owners. We are currently upgrading our data base and e-mail centre. We are deleting all unused PLANET email to create more space for new one. To

Bug#484580: libgtk2.0-0: openoffice.org menu problem

Package: libgtk2.0-0 Version: 2.12.10-1 Severity: grave Justification: renders package unusable After upgrade to libgtk2.0-0 2.12.10-1 the menu of openoffice.org don't appear in the right place, under select menu, but in the border of screen. Downgrade to 2.12.9-9 fix the problem.

Bug#483982: marked as done (workbone: FTBFS: storage size of 'ust' isn't known)

Your message dated Thu, 05 Jun 2008 00:32:17 + with message-id <[EMAIL PROTECTED]> and subject line Bug#483982: fixed in workbone 2.40-9 has caused the Debian Bug report #483982, regarding workbone: FTBFS: storage size of 'ust' isn't known to be marked as done. This means that you claim that

Processed: your mail

Processing commands for [EMAIL PROTECTED]: > tags 484192 pending Bug#484192: mctools-lite: FTBFS: hardware.c:471: error: storage size of 'ust' isn't known There were no tags set. Tags added: pending > End of message, stopping processing here. Please contact me if you need assistance. Debian bu

Bug#484351: 2.0.2-ruby1.8.7-compat rails branch

Hi, I'm maintaining a branch with rails 2.0.2 + known 1.8.7-compatibility changes cherry-picked from upstream rails on alioth: http://git.debian.org/?p=users/terceiro-guest/rails.git;a=summary See the 2.0.2-ruby1.8.7-compat branch. AFAICT it works, and my current rails project is working with th

Bug#473400: xlockmore: xlock shouldn't unlock the screen if screensaver fails

Hi Timo, * Timo Sirainen <[EMAIL PROTECTED]> [2008-06-05 01:57]: > On Thu, 2008-06-05 at 01:48 +0200, Nico Golde wrote: > > Hi Timo, > > I agree this needs to be fixed. Can you provide any help in > > debugging this? For example which screensaver did you use? > > I just typed "xlock", which used

Bug#473400: xlockmore: xlock shouldn't unlock the screen if screensaver fails

On Thu, 2008-06-05 at 01:48 +0200, Nico Golde wrote: > Hi Timo, > I agree this needs to be fixed. Can you provide any help in > debugging this? For example which screensaver did you use? I just typed "xlock", which used random screensavers. It takes about 20-60 minutes to crash, but I guess I cou

Bug#483123: iceweasel: Iceweasel does not work

Same issue with iceweasel-l10n-pl. Regards. -- Jacek Sowiński aka "mruwek" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#484573: patch

Hi, a patch like the following should fix the symptom. I'm a bit worried that this error did not get caught before; do you do install testing? diff -ru c-ares-1.5.2-orig/debian/control c-ares-1.5.2/debian/control --- c-ares-1.5.2-orig/debian/control2008-06-05 08:46:11.0 +0900 +++

Bug#473400: xlockmore: xlock shouldn't unlock the screen if screensaver fails

Hi Timo, I agree this needs to be fixed. Can you provide any help in debugging this? For example which screensaver did you use? Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. p

Bug#484463: marked as done (.pc files indirectly adds --export-dynamic to the linker flags)

Your message dated Wed, 04 Jun 2008 23:47:03 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484463: fixed in enchant 1.3.0-5.1 has caused the Debian Bug report #484463, regarding .pc files indirectly adds --export-dynamic to the linker flags to be marked as done. This means that y

Bug#484574: libc-ares2: file conflicts

Package: libc-ares2 Version: 1.5.2-1 Severity: serious libc-ares1 1.5.1-0 and libc-ares2 1.5.2-1 share /usr/lib/libcares.so.2.0.0 dpkg: /var/cache/apt/archives/libc-ares2_1.5.2-1_amd64.deb の処理中にエラーが発生しました (--unpack): `/usr/lib/libcares.so.2.0.0' を上書きしようとしています。これはパッケージ libc-ares1 にも含まれています re

Bug#484573: libc-ares-dev: file conflicts

Package: libc-ares-dev Version: 1.5.2-1 Severity: serious libc-ares1 1.5.1-0 and libc-ares2 1.5.2-1 share /usr/lib/libcares.so.2.0.0 dpkg: /var/cache/apt/archives/libc-ares2_1.5.2-1_amd64.deb の処理中にエラーが発生しました (--unpack): `/usr/lib/libcares.so.2.0.0' を上書きしようとしています。これはパッケージ libc-ares1 にも含まれています

Bug#484570: [motion] motion.conf world readable and thus writable through web interface by default

Package: motion Version: 3.2.3-2.1 Severity: grave Tags: security X-Debbugs-CC: [EMAIL PROTECTED] Hi, the default configuration file of motion is world-readable in default installations on Debian: ls -l /etc/motion/motion.conf -rw-r--r-- 1 root root 22085 5. Jun 00:49 /etc/motion/motion.conf Th

Bug#482053: marked as done (xfsprogs: xfs_growfs will create unmountable filesystem on 32bit OS)

Your message dated Thu, 05 Jun 2008 09:04:20 +1000 with message-id <[EMAIL PROTECTED]> and subject line has caused the Debian Bug report #482053, regarding xfsprogs: xfs_growfs will create unmountable filesystem on 32bit OS to be marked as done. This means that you claim that the problem has bee

Bug#480309: marked as done (Crash at startup)

Your message dated Wed, 04 Jun 2008 22:02:09 + with message-id <[EMAIL PROTECTED]> and subject line Bug#480309: fixed in freevo 1.8.1-0 has caused the Debian Bug report #480309, regarding Crash at startup to be marked as done. This means that you claim that the problem has been dealt with. If

Processed: tagging 484351

Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.10.28 > tags 484351 - patch Bug#484351: rails: breaks with ruby 1.8.7 Tags were: patch Tags removed: patch > End of message, stopping processing here. Please contact me if you need assista

Bug#395252: software embedding ffmpeg

hi, I have been trying to address this bug from time to time , but with no success so far ; up to some time ago, the version of ffmpeg-free in unstable was 0.cvs20070307 , and that had an difference in a fundamental C structure in a header, wrt mplayer. Joey Hess ha scritto: > So is there any rea

Bug#484479: marked as done (Fails to start vservers (capget(): Invalid argument))

Your message dated Wed, 04 Jun 2008 21:47:05 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484479: fixed in util-vserver 0.30.215-4 has caused the Debian Bug report #484479, regarding Fails to start vservers (capget(): Invalid argument) to be marked as done. This means that you c

Processed: ardour - FTBFS: Built-in libsigc++, broken

Processing commands for [EMAIL PROTECTED]: > tag 474422 patch Bug#474422: ardour - FTBFS: Built-in libsigc++, broken There were no tags set. Tags added: patch > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, De

Bug#474422: ardour - FTBFS: Built-in libsigc++, broken

tag 474422 patch thanks Hi, I'm attaching a patch that makes ardour 2.4.1-1 build with gcc/stdlibc++ 4.3. Yes, I know that upstream already fixed it in SVN and the next upstream release will contain the fixes. However, I just want to make the fix visible in the BTS to prevent duplicated effort a

Bug#484492: marked as done (unsatisfiable versioned dep)

Your message dated Wed, 4 Jun 2008 23:27:19 +0200 with message-id <[EMAIL PROTECTED]> and subject line Re: unsatisfiable versioned dep has caused the Debian Bug report #484492, regarding unsatisfiable versioned dep to be marked as done. This means that you claim that the problem has been dealt w

Bug#484555: linux-headers-2.6.22-3-amd64: Broken dependency with linux-kbuild-2.6.22

Package: linux-headers-2.6.22-3-amd64 Severity: grave Justification: renders package unusable *** Please type your report below this line *** I can't install this package because it depends on linux-kbuild-2.6.22 and the package linux-kbuild-2.6.22 does not exist. -- System Information: Debian Re

Processed: ardour: FTBFS: build times out

Processing commands for [EMAIL PROTECTED]: > tag 458660 unreproducible Bug#458660: ardour: FTBFS: build times out There were no tags set. Tags added: unreproducible > severity 458660 normal Bug#458660: ardour: FTBFS: build times out Severity set to `normal' from `serious' > thanks Stopping proce

Bug#481071: marked as done (python-pygame: pygame.image.fromstring does not work)

Your message dated Wed, 04 Jun 2008 21:17:19 + with message-id <[EMAIL PROTECTED]> and subject line Bug#481071: fixed in pygame 1.8.0release-0 has caused the Debian Bug report #481071, regarding python-pygame: pygame.image.fromstring does not work to be marked as done. This means that you cla

Bug#473721: marked as done (directory conflict with libc6-i386)

Your message dated Wed, 04 Jun 2008 21:02:03 + with message-id <[EMAIL PROTECTED]> and subject line Bug#473721: fixed in gnu-efi 3.0e-2 has caused the Debian Bug report #473721, regarding directory conflict with libc6-i386 to be marked as done. This means that you claim that the problem has b

Bug#484351: there is more stuff breaking with ruby 1.8.7

tags - patch thanks Hi, I just found that there are more issues between rails and ruby 1.8.7, so it's not that simple as the patch I sent before. For the record, looking in upstream's git repository it seems that several things were done to add compatibility with ruby 1.8.7:

Bug#481071: marked as done (python-pygame: pygame.image.fromstring does not work)

Your message dated Wed, 04 Jun 2008 20:47:16 + with message-id <[EMAIL PROTECTED]> and subject line Bug#481071: fixed in pygame 1.7.1release-4.2 has caused the Debian Bug report #481071, regarding python-pygame: pygame.image.fromstring does not work to be marked as done. This means that you c

Bug#484474: marked as done ([reportbug-ng] code execution by preparing module files in os.curdir)

Your message dated Wed, 04 Jun 2008 20:47:17 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484474: fixed in reportbug-ng 0.2008.06.04 has caused the Debian Bug report #484474, regarding [reportbug-ng] code execution by preparing module files in os.curdir to be marked as done. Thi

Bug#484479: Fails to start vservers (capget(): Invalid argument)

* Michal Čihař <[EMAIL PROTECTED]> [2008-06-04 11:09-0400]: > Hi > > Dne Wed, 4 Jun 2008 13:39:25 -0400 > Micah Anderson <[EMAIL PROTECTED]> napsal(a): > > > I've applied a patch from upstream that I hope will solve this. Can > > you try this on your machine and let me know the results? > > > >

Bug#431676: marked as done (piuparts test: fails to remove: line 4: killall: command not found)

Your message dated Wed, 04 Jun 2008 19:52:20 + with message-id <[EMAIL PROTECTED]> and subject line Bug#431676: fixed in dns-flood-detector 1.12-1etch1 has caused the Debian Bug report #431676, regarding piuparts test: fails to remove: line 4: killall: command not found to be marked as done.

Bug#484469: reassign 484469 to dpkg

On Wed, 04 Jun 2008, Giovanni Lovato wrote: > # perl -e 'print "hello\n"' > Segmentation fault Ouch. Something is very messed on your system. Try manually unpacking the various perl packages with "dpkg --unpack <.deb file>" or maybe try "apt-get reinstall perl perl-base perl-modules" But we can't

Bug#484469: reassign 484469 to dpkg

Raphael Hertzog wrote: > reassign 484469 perl > thanks > > Hi, > > Neither is this dpkg that's faulty: > /bin/sh: line 1: 10805 Segmentation fault /usr/sbin/dpkg-preconfigure > --apt > > It simply looks like that perl segfaults whenever it has something to do. > > > Giovanni, you simply

Bug#42158: Lose weight by suppressing your appetite

Your appetite may be the cause for your weight http://scourink.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#484517: marked as done (missing copyright information in debian/copyright)

Your message dated Wed, 04 Jun 2008 18:47:02 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484517: fixed in c-ares 1.5.2-1 has caused the Debian Bug report #484517, regarding missing copyright information in debian/copyright to be marked as done. This means that you claim that th

Bug#479300: marked as done (as31_2.3.1-1(sparc/unstable): FTBFS, ./configure: Permission denied)

Your message dated Wed, 04 Jun 2008 18:32:03 + with message-id <[EMAIL PROTECTED]> and subject line Bug#479300: fixed in as31 2.3.1-1.1 has caused the Debian Bug report #479300, regarding as31_2.3.1-1(sparc/unstable): FTBFS, ./configure: Permission denied to be marked as done. This means that

Bug#484221: marked as done (haproxy: FTBFS: field 'in' has incomplete type)

Your message dated Wed, 04 Jun 2008 18:17:02 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484221: fixed in haproxy 1.3.14.5-1 has caused the Debian Bug report #484221, regarding haproxy: FTBFS: field 'in' has incomplete type to be marked as done. This means that you claim that t

Bug#484535: piespy crashes with a gtk error

Package: piespy Version: 0.4.0-2 Severity: grave Justification: renders package unusable When running piespy I get the following error shortly before a crash: (.:14152): Gtk-WARNING **: cannot open display: This happens each time. FWIW, I am running this on a remote server with no X. >From h

Bug#484533: vym corrupts files when saving.

Package: vym Version: 1.10.0-1.1 Severity: grave Justification: causes non-serious data loss Hi, I tried loading a *.vym file, and I got this error: Fatal parsing error: error occurred while parsing content in line 37, column 3 File is: /tmp/vym-s8rrUj/new_research.xml DOCTYPE HTML PUBLIC "-//W

Bug#484479: Fails to start vservers (capget(): Invalid argument)

Hi Dne Wed, 4 Jun 2008 13:39:25 -0400 Micah Anderson <[EMAIL PROTECTED]> napsal(a): > I've applied a patch from upstream that I hope will solve this. Can > you try this on your machine and let me know the results? > > You can pull the deb from: > > http://people.debian.org/~micah/util-vserver >

Bug#484479: Fails to start vservers (capget(): Invalid argument)

* Micah Anderson <[EMAIL PROTECTED]> [2008-06-04 13:08-0400]: > The util-vserver trunk can build against the newer headers, so maybe we > can pull from there to resolve this. Hi, I've applied a patch from upstream that I hope will solve this. Can you try this on your machine and let me know the

Bug#483828: gtk-qt-engine-kde4: evolution crash backtrace

Package: gtk-qt-engine-kde4 Version: 1.1-1 Followup-For: Bug #483828 I can confirm this happening in evolution and GIMP. Iceweasel works fine, though. Follows the moment of the crash from within gdb: $ gdb evolution GNU gdb 6.7.1-debian

Bug#484311: marked as done (reportbug adds os.curdir to sys.path)

Your message dated Wed, 04 Jun 2008 16:32:06 + with message-id <[EMAIL PROTECTED]> and subject line Bug#484311: fixed in reportbug 3.41 has caused the Debian Bug report #484311, regarding reportbug adds os.curdir to sys.path to be marked as done. This means that you claim that the problem has

Bug#484499: slash: possible SQL injection vulnerability

Hi Please use CVE-2008-2231 as a reference for this issue. It should be included in every changelog entry that deals with this issue. Thanks in advance. Cheers Steffen signature.asc Description: This is a digitally signed message part.

Bug#42158: Is your stomach a "bottom-less" pit?

We carry many different Wohtelgsis ptudocrs aballiave ... You will lose the whegit you've always wanted whoiutt furiale! http://withequa.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#484311: reportbug adds os.curdir to sys.path

> please also fix: > > diff -Nru reportbug-3.40/checks/compare_pseudo-pkgs_lists.py > reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py > --- reportbug-3.40/checks/compare_pseudo-pkgs_lists.py 2008-05-22 > 03:21:42.0 +0200 > +++ reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.

Bug#481737: [php-maint] Bug#481737: FTBFS on arm

I did another test build, this time without the suhosin patch (and no other changes). This build succeeded. BTW, for both builds I had gcc-4.3 4.3.0-4 installed, which is not current anymore but it's the same version that was used by the arm buildd. Cheers, Stefan -- To UNSUBSCRIBE, email

Processed: found 461219 in 4.2-1

Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.10.28 > found 461219 4.2-1 Bug#461219: spamassassin should not expire database by default, timeouts on very low load Bug marked as found in version 4.2-1. > End of message, stopping proces

Bug#484479: Fails to start vservers (capget(): Invalid argument)

Hi, Thanks for your bug report. > some upgrade of util-vserver made all attempts to start vserver fail > with: > > # vserver pmademo start > capget(): Invalid argument > capabilities are not enabled in kernel-setup > > Downgrading backt to 0.30.214-6 the problem is gone (this is lat

Bug#484311: reportbug adds os.curdir to sys.path

Hi, please also fix: diff -Nru reportbug-3.40/checks/compare_pseudo-pkgs_lists.py reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py --- reportbug-3.40/checks/compare_pseudo-pkgs_lists.py 2008-05-22 03:21:42.0 +0200 +++ reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py 20

Bug#480589: marked as done (libc-ares1 contains libcares.2.so)

Your message dated Wed, 04 Jun 2008 15:50:22 + with message-id <[EMAIL PROTECTED]> and subject line Bug#480589: fixed in c-ares 1.5.2-0 has caused the Debian Bug report #480589, regarding libc-ares1 contains libcares.2.so to be marked as done. This means that you claim that the problem has be

Bug#484517: missing copyright information in debian/copyright

Package: c-ares Severity: serious Version: 1.5.1-0 Hi, the debian/copyright fails to list copyright notices, e.g. those for copyrights owned by the Massachusetts Institute of Technology. Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PRO

Bug#484474: this is a no-dsa

Hi, Just to let you know that we won't be treating this as an issue for which we'll issue a stable DSA. See for reasoning the similar issue in reportbug, which is here even stronger because as a GUI application, it is often ran from the menu rather than the commandline. However, you can provide a

Bug#484311: reportbug adds os.curdir to sys.path

Hi Thijs, * Thijs Kinkhorst <[EMAIL PROTECTED]> [2008-06-04 14:14]: > On Wed, June 4, 2008 13:14, Nico Golde wrote: > > I agree that it is of a low impact but I disagree that this > > is not a security issue, people are using reportbug in /tmp and I don't see > > a reason to assume people are not d

Bug#484491: CVE-2008-2098: buffer overflow allows arbitrary code execution

severity 484491 normal thanks Steffen Joeris wrote: > Package: vmware-package > Severity: grave > Tags: security > Justification: user security hole > > Hi > > The following CVE[0] has been issued against vmware products. hi, vmware-package is a script which builds .debs from vmware tarballs;

Processed: Re: Bug#484491: CVE-2008-2098: buffer overflow allows arbitrary code execution

Processing commands for [EMAIL PROTECTED]: > severity 484491 normal Bug#484491: CVE-2008-2098: buffer overflow allows arbitrary code execution Severity set to `normal' from `grave' > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administra

Bug#484469: reassign 484469 to dpkg

reassign 484469 perl thanks Hi, Neither is this dpkg that's faulty: /bin/sh: line 1: 10805 Segmentation fault /usr/sbin/dpkg-preconfigure --apt It simply looks like that perl segfaults whenever it has something to do. Giovanni, you simply show the final problem but I suppose it didn't app

Processed: Re: reassign 484469 to dpkg

Processing commands for [EMAIL PROTECTED]: > reassign 484469 perl Bug#484469: debconf: it seems to segfaults configuring every package Bug reassigned from package `dpkg' to `perl'. > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administra

Bug#481860: openssh-server upgrade didn't remove all compromised keys from /etc/ssh

On Mon, 19 May 2008, Vincent Lefevre wrote: > On another Debian machihe, I can see that ssh-vulnkey outputs > "Unknown (no blacklist information)" for the RSA key, probably > because openssh-blacklist-extra isn't installed on this machine. > > The description field of openssh-blacklist-extra says:

Bug#484311: reportbug adds os.curdir to sys.path

Per my vac message if you guys can put together a quick release in the next day or so that would be great. It will otherwise be Tuesday at the earliest. Chris. On 6/4/08, Thijs Kinkhorst <[EMAIL PROTECTED]> wrote: > On Wed, June 4, 2008 14:27, Thomas Arendsen Hein wrote: >> I encountered this bug

Bug#483400: python-mapscript module crashes when importing

I am experiencing the same problem with Debian Unstable. The following thread seems to discuss this problem: http://www.mail-archive.com/[EMAIL PROTECTED]/msg14117.html Some of my installed packages are the following (all standard debian packages): ii libagg-dev2.5+dfsg1-

Bug#475705: marked as done (linux-modules-extra-2.6: FTBFS: scripts/Makefile.build:46: *** CFLAGS was changed)

Your message dated Wed, 04 Jun 2008 14:32:08 + with message-id <[EMAIL PROTECTED]> and subject line Bug#476359: fixed in r6040 0.17-3 has caused the Debian Bug report #476359, regarding linux-modules-extra-2.6: FTBFS: scripts/Makefile.build:46: *** CFLAGS was changed to be marked as done. Th

Bug#476359: marked as done (Regression FTBFS with 2.6.25)

Your message dated Wed, 04 Jun 2008 14:32:08 + with message-id <[EMAIL PROTECTED]> and subject line Bug#476359: fixed in r6040 0.17-3 has caused the Debian Bug report #476359, regarding Regression FTBFS with 2.6.25 to be marked as done. This means that you claim that the problem has been deal

Bug#475705: marked as done (linux-modules-extra-2.6: FTBFS: scripts/Makefile.build:46: *** CFLAGS was changed)

Your message dated Wed, 04 Jun 2008 14:32:08 + with message-id <[EMAIL PROTECTED]> and subject line Bug#475705: fixed in r6040 0.17-3 has caused the Debian Bug report #475705, regarding linux-modules-extra-2.6: FTBFS: scripts/Makefile.build:46: *** CFLAGS was changed to be marked as done. Th

Bug#476359: marked as done (Regression FTBFS with 2.6.25)

Your message dated Wed, 04 Jun 2008 14:32:08 + with message-id <[EMAIL PROTECTED]> and subject line Bug#475705: fixed in r6040 0.17-3 has caused the Debian Bug report #475705, regarding Regression FTBFS with 2.6.25 to be marked as done. This means that you claim that the problem has been deal

Bug#484499: slash: possible SQL injection vulnerability

Hi, Steffen Joeris schrieb am Wed, Jun 04, 2008 at 11:24:06PM +1000: > Yes, I am aware that the stable team knows about it. Oh, ok. > The issue, however, is unembargoed (and thus public and known) Of course it is. > and nothing stops you from uploading fixed packages to unstable. That's not r

Processed: reassign 484469 to dpkg

Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.10.28 > reassign 484469 dpkg Bug#484469: debconf: it seems to segfaults configuring every package Bug reassigned from package `debconf' to `dpkg'. > End of message, stopping processing here

Bug#484469: [Debconf-devel] Bug#484469: debconf: it seems to segfaults configuring every package

Giovanni Lovato wrote: > Package: debconf > Version: 1.5.22 > Severity: grave > Justification: renders package unusable > > apt-get segfaults on every action using debconf, aptitute too. > Look at for an example. /var/lib/dpkg/info/perl.postinst: line 19: 10810 Seg

Bug#484503: tightvncserver: could not open default font 'fixed'

severity 484503 important thanks Lowering this one as well. For comments see the other bug you just submitted. Best regards, // Ola On Wed, Jun 04, 2008 at 02:52:31PM +0200, Georg Hoermann wrote: > Package: tightvncserver > Version: 1.3.9-4 > Severity: grave > Justification: renders package unu

Processed: Re: Bug#484503: tightvncserver: could not open default font 'fixed'

Processing commands for [EMAIL PROTECTED]: > severity 484503 important Bug#484503: tightvncserver: could not open default font 'fixed' Severity set to `important' from `grave' > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (

Bug#484313: marked as done (compizconfig-backend-gconf: FTBFS without libxslt1-dev installed)

Your message dated Wed, 4 Jun 2008 15:36:58 +0200 with message-id <[EMAIL PROTECTED]> and subject line Re: Bug#484313: compizconfig-backend-gconf: FTBFS without libxslt1-dev installed has caused the Debian Bug report #484313, regarding compizconfig-backend-gconf: FTBFS without libxslt1-dev instal

Processed: Re: Bug#484504: vnc4server: could not open default font "fixed"

Processing commands for [EMAIL PROTECTED]: > severity 484504 important Bug#484504: vnc4server: could not open default font "fixed" Severity set to `important' from `grave' > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (admi

Bug#484504: vnc4server: could not open default font "fixed"

severity 484504 important thanks Hi Georg I'm lowering the severity because I know that it works for many users. It works perfectly for me for example. It must be something related to the configuration. On Wed, Jun 04, 2008 at 03:01:01PM +0200, Georg Hoermann wrote: > Package: vnc4server > Versi

Bug#484507: grub-pc postinst fails silently

Package: grub-pc Version: 1.96+20080601-2 Severity: serious Excerpt from today's update: Setting up grub-pc (1.96+20080601-2) ... Installing new version of config file /etc/grub.d/10_linux ... *** glibc detected *** /usr/sbin/grub-probe: realloc(): invalid next size: 0x01bf83

Bug#484499: slash: possible SQL injection vulnerability

Hi Alex > the bug is well known to me, there are fixed packages available for > Etch and Sarge (since at that time Sarge still had security support). > > Security Team has been informed about the bug on the day of the > initial disclosure, but I'm still waiting for them to publish an DSA > and pub

Bug#484504: vnc4server: could not open default font "fixed"

Package: vnc4server Version: 4.1.1+X4.3.0-26 Severity: grave Justification: renders package unusable The system does not start up, this bug exists for months now and I did *not* find a solution. I am no X guru, my other machine has exactly the same problem. I did not change x configuration etc.,

Processed: Re: Bug#484499: slash: possible SQL injection vulnerability

Processing commands for [EMAIL PROTECTED]: > tag 484499 + confirmed pending patch etch Bug#484499: slash: possible SQL injection vulnerability Tags were: security Tags added: confirmed, pending, patch, etch > thanks Stopping processing here. Please contact me if you need assistance. Debian bug

Bug#484499: slash: possible SQL injection vulnerability

tag 484499 + confirmed pending patch etch thanks Hi, the bug is well known to me, there are fixed packages available for Etch and Sarge (since at that time Sarge still had security support). Security Team has been informed about the bug on the day of the initial disclosure, but I'm still waiting

Bug#484503: tightvncserver: could not open default font 'fixed'

Package: tightvncserver Version: 1.3.9-4 Severity: grave Justification: renders package unusable The system does not start up, this bug exists for months now and I did *not* find a solution. I am no X guru, my other machine has exactly the same problem. I did not change x configuration etc., XWi

Bug#476606: marked as done (python-crack fails to install together with python-codespeak-lib)

Your message dated Wed, 04 Jun 2008 12:47:04 + with message-id <[EMAIL PROTECTED]> and subject line Bug#476606: fixed in codespeak-lib 0.9.1-2 has caused the Debian Bug report #476606, regarding python-crack fails to install together with python-codespeak-lib to be marked as done. This means

Bug#476489: ucspi: should conflict with courier-mta

On Wed, Jun 04, 2008 at 02:21:20PM +0200, Stefan Hornburg wrote: > Can you supply the corresponding code for preinst/postrm ? Yes, in preinst on 'install' or 'upgrade' (from a version that did not yet add the diversion): add_diversion() { dpkg-divert --package courier-mta --add --rename \ -

Bug#477454: a few of the many occurences of "fuck" in Debian changelogs (and more)

why are we policing profanity? can we all just take a deep breath and lighten the hell up? On Tue, Jun 3, 2008 at 6:22 PM, Joey Hess <[EMAIL PROTECTED]> wrote: > Now that this bug has been brought to my attention, I cannot help > myself. I have to grep Debian changelogs for profanity, filter for >

Bug#484499: slash: possible SQL injection vulnerability

Package: slash Severity: grave Tags: security Justification: user security hole Hi A possible SQL injection vulnerability was discovered in slash. The vulnerability was an SQL injection. Its effect was to allow a user with no special authorization to read any information from any table the Slash

Bug#484311: reportbug adds os.curdir to sys.path

On Wed, June 4, 2008 14:27, Thomas Arendsen Hein wrote: > I encountered this bug in the real world: I extracted a tarball > which contained a file named token.py, then I wanted to report a problem > and therefore started reportbug. > > This tarball did not contain harmful code, but as I did not ver

Bug#484311: reportbug adds os.curdir to sys.path

* Thijs Kinkhorst <[EMAIL PROTECTED]> [20080604 14:13]: > On Wed, June 4, 2008 13:14, Nico Golde wrote: > > I agree that it is of a low impact but I disagree that this > > is not a security issue, people are using reportbug in /tmp and I don't see > > a reason to

Bug#482048: marked as done (Source package contains non-free IETF RFC/I-D)

Your message dated Wed, 04 Jun 2008 12:17:07 + with message-id <[EMAIL PROTECTED]> and subject line Bug#482048: fixed in courier 0.59.0-3 has caused the Debian Bug report #482048, regarding Source package contains non-free IETF RFC/I-D to be marked as done. This means that you claim that the

Bug#476489: ucspi: should conflict with courier-mta

Gerrit Pape wrote: Hi Stefan, are you around? Thanks, Gerrit. On Mon, May 05, 2008 at 08:16:12AM +, Gerrit Pape wrote: On Thu, Apr 17, 2008 at 01:45:38AM +0200, Ralf Treinen wrote: ucspi-tcp should conflict with courier-mta as it shares a file with that package: Unpacking courier-mta (f

  1   2   >