Package: aqualung
Followup-For: Bug #503571
Ben, Adam,
I am unable to reproduce here, aqualung works fine under lenny.
Mark
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU c
This works, though:
adamantium /home/richih # apt-get remove vim-runtime vim vim-gnome
vim-full vim-vimoutliner
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package vim-full is not installed, so not removed
The following packages were automatically insta
Package: vim-runtime
Version: 1:7.1.314-3
Severity: grave
Justification: renders package unusable
Upgrading failed. See below for what I tried to do to fix this:
adamantium /home/richih # apt-get install -f
Reading package lists... Done
Building dependency tree
Reading state information... Done
C
the paragraph for the technical committee seems like a very good
start. however, i request the following rewrite of the fourth
sentance:
The submitter sees the getweb script's dependencies on external
data/files as potentially dangerous. Once the package enters stable,
upstream changes (moving/m
Le Tue, Oct 28, 2008 at 11:59:50AM +1100, Brian May a écrit :
>
> If we rename plink in putty (I think that is what you are asking?), that
> it going to make our version of putty inconsistent with every other
> putty package out there. This program is often used by scripts, they
> will break to
Package: balazar3
Version: 0.1-1
Severity: grave
Tags: security
Justification: user security hole
balazar3 uses /tmp/balazar3_v0.1_saves as its default save game
directory. This introduces an insecure temporary file vulnerability.
The default save directory should live inside $HOME.
- Josh Tripl
Hello,
Same for me, I've always had the repeater, thus couldn't reproduce the
"7th" bug.
Christoph Berg, le Sat 25 Oct 2008 20:47:08 +0200, a écrit :
> Or is the bug rather that applications not running on a linux consule
> must not try to connect to gpm?
Ideally they shouldn't even try, yes. A
Steffen Möller wrote:
Teodor happened to have nicely explained my objections to rename plink.
Except what he said is wrong, puttygen hasn't been renamed.
Dear Colin, if you don't mind too much, or if you could be bribed with a
few beers, please be so kind to rename the plink binary package
Processing commands for [EMAIL PROTECTED]:
> # User security hole
> severity 503702 grave
Bug#503702: lockvc: Segfaults.
Severity set to `grave' from `serious'
>
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(adminis
Package: wicd
Version: 1.5.2-1
Severity: serious
Justification: Policy 10.8 and others
I purged wicd, and it left behind various files:
$ tree /etc/wicd /var/lib/wicd /var/log/wicd
/etc/wicd
|-- manager-settings.conf
|-- wired-settings.conf
`-- wireless-settings.conf
/var/lib/wicd
`-- configurati
dpkg -l python-g{object,tk2}
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
uppercase=bad)
||/ Name
Version
Package: wicd
Version: 1.5.2-1
Severity: grave
Justification: renders package unusable
As far as I can tell, the wicd client does not cope with a restart of
the wicd server. It starts spewing dbus errors and does not respond
to left-clicks. It responds to right-clicks by opening the usual
right-
On Mon, Oct 27, 2008 at 23:43:40 +0200, Guillem Jover wrote:
> +
> + p = grub_strchr (p, '}') + 1;
> + if (p == NULL)
> + goto pvs_fail;
> +
This test seems buggy. The +1 needs to be after the NULL check.
Cheers,
Julien
--
To UNSUBSCRIBE, email to [EMAIL PROT
Hello,
peter green, le Mon 27 Oct 2008 23:37:17 +, a écrit :
> This bug has been pending for over a fortnight and the bug that was
> marked as blocking it after it was tagged pending was fixed over a week ago.
>
> What is the current status of the bug and if there are still problems is
> th
El 27/10/08 18:05 James Vega escribió:
> On Mon, Oct 27, 2008 at 05:00:18PM -0300, Felipe Sateler wrote:
> > Duh, I thought this was supposed to be handled by ${python:Depends}.
> > Apparently it doesn't. This may take a while to get uploaded (new
> > upstream version with lots of changes to review
Here are 2 replies from upstream :
Evan Hunt wrotes :
--8<
> Here is a more simple use case to reproduce the bug from a fresh
> install of bind9. Add the following lines to
> /etc/bind/named.conf.local.
Thank you, I was able to reproduce the bug with these instruc
Package: wicd
Version: 1.5.2-1
Severity: grave
Justification: renders package unusable
wicd needs dependencies on some of the external tools it uses. In
particular, it should have a dependency on dhcpcd | dhcp3-client |
pump, a dependency on net-tools | ethtool, and a dependency on
net-tools | ip
This bug has been pending for over a fortnight and the bug that was
marked as blocking it after it was tagged pending was fixed over a week ago.
What is the current status of the bug and if there are still problems is
the work in progress code availible anywhere?
--
To UNSUBSCRIBE, email t
Processing commands for [EMAIL PROTECTED]:
> tags 503735 + patch
Bug#503735: gnome-chess: menus only work in English language locales
There were no tags set.
Tags added: patch
> tags 472866 + patch
Bug#472866: gnome-chess: default configuration is completely unusable
There were no tags set.
Tags
Hi,
On Mon, Oct 27, 2008 at 10:33:28PM +0100, Adeodato Simó wrote:
> * Micha Lenk [Mon, 27 Oct 2008 11:40:09 +0100]:
>
> > This is kind of a mini transition: kmymoney2 should not get updated in
> > Lenny/Squeeze without kmymoney2-plugin-aqbanking being updated too.
> > But I believe we don't need
Package: gnome-chess
Version: 0.4.0-2
Severity: grave
Justification: renders package unusable
The File/New/Programs and the File/New/Servers menus don't work in
non-English locales. This makes it impossible to play against the
computer or on a chess server.
-- System Information:
Debian Release:
Your message dated Mon, 27 Oct 2008 23:58:27 +0100 (CET)
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#503311: monit: Client Certificate authentication fails
with openssl-engine error
has caused the Debian Bug report #503311,
regarding monit: Client Certificate authentic
I have added the crash log (copiling with --enable-debug) and a bt full to show
that it is the same bug at the forwarded upstream mozilla bug report.
Mike, your diff makes my xulrunner not compile:
/usr/bin/ld: unrecognized option '--no-relax'
Ahora también puedes acceder a tu correo Terra desd
$ apt-get install --reinstall docbook-xml
E: Could not open lock file /var/lib/dpkg/lock - open (13 Permission
denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you
root?
[EMAIL PROTECTED]:~$ sudo apt-get install --reinstall docbook-xml
Reading package lists... Done
Build
Please can you provide your monit configuration? (the "set httpd ..."
part is sufficient).
Is the certificate self-signed or using public CA?
Thanks,
Martin
Georges Toth wrote:
Package: monit
Version: 1:4.10.1-4
Severity: grave
Justification: renders package unusable
After having upgraded
Processing commands for [EMAIL PROTECTED]:
> # Arg, the bit quoted below does not work, my bad. Let's do what should
> # have been done in the first place:
> found 482629 0.9.6beta-4
Bug#482629: kmymoney2-plugin-aqbanking: FTBFS with kmymoney2 0.9-1: Missing
header files
Bug marked as found in ve
# Arg, the bit quoted below does not work, my bad. Let's do what should
# have been done in the first place:
found 482629 0.9.6beta-4
tag 482629 sid
# And undo the mistake:
notfound 482629 0.9.9beta-1
thanks
> # Let's do this, or else the bug will be listed as affecting Lenny AFAICS
> found 48262
Hi,
I was “assigned” the RC bug as part of BugSprint
(http://wiki.debian.org/BugSprint).
After some time debugging, i can add more information.
Here is a more simple use case to reproduce the bug from a fresh
install of bind9. Add the following lines to
/etc/bind/named.conf.local.
--8<-
Package: virtualbox-ose
Followup-For: Bug #502375
I've just found that:
http://www.virtualbox.org/ticket/1499
Basically it says:
"You have to use either a 32-bit kernel and a 32-bit environment or a 64-bit
kernel and a 64-bit environment if you want to use VirtualBox."
That's why I can run virt
Processing commands for [EMAIL PROTECTED]:
> severity 500482 serious
Bug#500482: Segmentation fault in grub-probe
Severity set to `serious' from `normal'
> tags 500482 - unreproducible moreinfo
Bug#500482: Segmentation fault in grub-probe
Tags were: moreinfo unreproducible
Tags removed: unreprodu
On Mon, Oct 27, 2008 at 02:50:15PM +0200, Niko Tyni wrote:
> On Mon, Oct 27, 2008 at 12:52:57PM +0100, Bastian Blank wrote:
> > Package: request-tracker3.6
> > Version: 3.6.7-3
> > Severity: serious
> >
> > request-tracker3.6 uses debconf as a registry to detect which db
> > informations are avail
severity 500482 serious
tags 500482 - unreproducible moreinfo
tags 500482 + patch
thanks
Hi,
Setting severity to serious (not grave) as this does not affect
everyone, but if it does prevents installing kernels. But of course
adjust if you disagree.
On Sun, 2008-10-26 at 12:17:28 -0700, Steve Lan
Processing commands for [EMAIL PROTECTED]:
> notfound 478105 1.06-7
Bug#478105: funguloids: crashes on startup
Bug no longer marked as found in version 1.06-7.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, D
notfound 478105 1.06-7
thanks
hi johan,
as far as i can tell, your problem seems to be an entirely different issue.
i downloaded the latest funguloids and both by default and with your config
it worked for me, so it seems something likely different with your client
system. therefore if you cont
* Micha Lenk [Mon, 27 Oct 2008 11:40:09 +0100]:
> This is kind of a mini transition: kmymoney2 should not get updated in
> Lenny/Squeeze without kmymoney2-plugin-aqbanking being updated too.
> But I believe we don't need to enforce it by technical means...
If a user of kmymoney2-plugin-aqbanking
# Let's do this, or else the bug will be listed as affecting Lenny AFAICS
found 482629 0.9.9beta-1
thanks
* Mark Purcell [Mon, 27 Oct 2008 21:28:25 +1100]:
> notfound 482629 0.9.6beta-4
> thanks
> On Saturday 24 May 2008 10:56:19 Micha Lenk wrote:
> > Version: 0.9.6beta-4
> > The package kmymon
Processing commands for [EMAIL PROTECTED]:
> # Let's do this, or else the bug will be listed as affecting Lenny AFAICS
> found 482629 0.9.9beta-1
Bug#482629: kmymoney2-plugin-aqbanking: FTBFS with kmymoney2 0.9-1: Missing
header files
Bug marked as found in version 0.9.9beta-1 and reopened.
> th
tags 494010 patch
thanks
Hi,
I'm attaching a patch for building the dsp56k firmware from source.
Note: the dsp56k_bootstrap.asm in this patch includes fixes provided separately
(and explained) in this bug log. I will send them to upstream as well.
--
Robert Millan
The DRM opt-in fallacy: "
Processing commands for [EMAIL PROTECTED]:
> tags 494010 patch
Bug#494010: binary firmware in drivers/char/dsp56k.c
Tags were: lenny-ignore
Tags added: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Deb
* Mark Purcell [Mon, 27 Oct 2008 21:41:14 +1100]:
> d-r,
> It would appear that RC #502275 is not resolved in lenny due to the lack of
> the hppa & ia64 buildds, which were last successful on 15 Oct, not uploading
> to incoming.
> Thus request a give back for:
> pdnsd_1.2.6-par-11_hppa
* Mark Purcell [Mon, 27 Oct 2008 19:24:50 +1100]:
> d-r,
> It would appear that RC #496334 is being held out of lenny by the lack of the
> hppa & ia64 builds which were both completed on 15 Oct, but haven't been
> installed.
> Request a give back be scheduled for mdadm_2.6.7.1-1_hppa &
> mdad
* Mark Purcell [Mon, 27 Oct 2008 19:15:21 +1100]:
> d-r,
> It would appear that resolution of RC #494468 is being held out of lenny by
> the lack of the hppa build, which appears to of been last successful on 14
> Oct.
> Request a give back be scheduled for glibc_2.7-15_hppa
Done.
--
Adeoda
* Mark Purcell [Mon, 27 Oct 2008 19:27:27 +1100]:
> d-r,
> It would appear that RC #487568 is being held out of lenny by the lack of the
> hppa build which was last successful on 14 Oct, but still hasn't been
> installed.
> Request a give back of motion_3.2.9-7_hppa
Done.
--
Adeodato Simó
* Norbert Preining [Mon, 27 Oct 2008 00:50:32 +0100]:
> Hi Adeodato,
> fixing the bug you just have committed in jadetex 3.13-10, I ask you for
> an unfreeze. The patch is exactely what you sent me, plus that in the
> control file I have already some time ago added the Vcs-* fields.
> Nothing els
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.9.26
> tags 494010 - patch
Bug#494010: binary firmware in drivers/char/dsp56k.c
Tags were: patch lenny-ignore
Tags removed: patch
>
End of message, stopping processing here.
Please contact
On Mon, Oct 27, 2008 at 05:00:18PM -0300, Felipe Sateler wrote:
> Duh, I thought this was supposed to be handled by ${python:Depends}.
> Apparently it doesn't. This may take a while to get uploaded (new upstream
> version with lots of changes to review), but is already fixed in git.
You'll likel
Processing commands for [EMAIL PROTECTED]:
> severity 503698 minor
Bug#503698: a56: alloc, fixstring implicitly converted to pointers
Severity set to `minor' from `serious'
> tags 503698 pending
Bug#503698: a56: alloc, fixstring implicitly converted to pointers
Tags were: patch
Tags added: pendin
severity 503698 minor
tags 503698 pending
thanks
On Mon, Oct 27, 2008 at 11:23:49AM -0600, dann frazier wrote:
> Package: a56
> Version: 1.3-4
> Severity: serious
> Tags: patch
>
> Our automated buildd log filter[1] detected a problem that is likely to
> cause your package to segfault on architec
Your message dated Mon, 27 Oct 2008 20:49:57 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#501301: fixed in libaudio-flac-decoder-perl 0.2.dfsg-0.1
has caused the Debian Bug report #501301,
regarding libaudio-flac-decoder-perl: source package contains proprietary flac
file?
to be
2008/10/27 Luk Claes <[EMAIL PROTECTED]>:
> Arnaud Quette wrote:
>> Hi Luk,
>>
>> checking back, seems I've pissed on my shoes, while playing with
>> several packages at the same time! all apologies.
>> should I re upload 2.2.2-6.1 or .2?
>
> .2
done,
thanks again Luk, and ... may the force be wit
Hi,
I'm pretty sure this bug is a duplicate of 503303, which look like duplicates
of #464559 (merged with #466027, #466695, #467059, #475530).
"Unfortunatly" those bugs are closed in sid/lenny, but thats exactly the
problem here (as we cannot upgrade apt in an etch pointrelease as upgrades
nee
Your message dated Mon, 27 Oct 2008 21:36:14 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#503583: libgnokii4: should conflict with libgnokii3
has caused the Debian Bug report #503583,
regarding libgnokii4: should conflict with libgnokii3
to be marked as done.
This means that
Processing commands for [EMAIL PROTECTED]:
> notfound 503583 0.6.27.dfsg-1
Bug#503583: libgnokii4: should conflict with libgnokii3
Bug no longer marked as found in version 0.6.27.dfsg-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system admi
Here is how I do to reproduce the bug:
[EMAIL PROTECTED]:~$ mkdir test
[EMAIL PROTECTED]:~$ sudo piuparts -m "http://ftp.belnet.be/debian/ main" -s \
etch_root.tar.gz -d etch -a hddtemp -t test
[EMAIL PROTECTED]:~$ rm -Rf test/*
[EMAIL PROTECTED]:~$ sudo tar -xzf etch_root.tar.gz -C test/
[EMA
found 503633 1:5.08.0.dfsg2-8
thanks
El 27/10/08 02:07 James Vega escribió:
> Package: python-csoundac
> Version: 1:5.08.2~dfsg-1
> Severity: serious
> Justification: Policy 3.5
>
> % python
> Python 2.5.2 (r252:60911, Sep 29 2008, 21:15:13)
> [GCC 4.3.2] on linux2
> Type "help", "copyright", "cre
Processing commands for [EMAIL PROTECTED]:
> found 503633 1:5.08.0.dfsg2-8
Bug#503633: python-csoundac: Missing dependency on python-csound
Bug marked as found in version 1:5.08.0.dfsg2-8.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system ad
Hello,
plink has just made it to the archive.
Teodor happened to have nicely explained my objections to rename plink.
Dear Colin, if you don't mind too much, or if you could be bribed with a
few beers, please be so kind to rename the plink binary package.
Many thanks and best regards,
Steffen
Your message dated Mon, 27 Oct 2008 19:02:08 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#503144: fixed in libgsf 1.14.8-1lenny1
has caused the Debian Bug report #503144,
regarding FTBFS on armel: gsf-scan, ** ERROR **: Compilation trouble with
endianess.
to be marked as done.
On Thu, Oct 23, 2008 at 05:45:40PM +0200, Felix Zielcke wrote:
> Attached is now an ugly patch which would display the grub-probe error
> "Check your device.map" if it fails.
>
> Else I had the idea to make an environment variable like
> GRUB_PROBE_HIDE_ERRORS=1 which would hide the output of
> gr
On Mon, Oct 27, 2008 at 06:29:39PM +0100, Thomas Viehmann wrote:
> Roberto C. Sánchez wrote:
> > All that said, should I hold off uploading libactivesupport-ruby since
> > it will depend on libtzinfo-ruby?
> Well, ideally, you (or upstream) would create something for ruby that
> works properly in t
At 1225129482 time_t, Moritz Muehlenhoff wrote:
> Maybe we could forward this bug to Martin Schwidefsky <[EMAIL PROTECTED]>,
> who is the glibc s390 maintainer and who works for IBM on the s390 Linux port.
Why not.
Martin, do you have any clue about bug #479952?
http://bugs.debian.org/479952
Ch
Package: bindgraph
Version: 0.2a-3.1
Severity: serious
Justification: Policy 10.7.3
I've just upgraded bindgraph and as all the other upgrades it is
replacing the content for /etc/default/bindgraph with an automatically
generated one using the debconf settings. The diff between the previous
conten
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> archive 403673
Bug 403673 [libattr1] /lib/libacl.so.1: symbol getxattr, version ATTR_1.0 not
defined in file libattr.so.1 with link time reference
Bug 403585 [libattr1] Regression i
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> unarchive 411070
Bug 411070 [mailutils] libsieve2-1: Duplicate file with libmailutils1
Unarchived Bug 411070
> fixed 411070 1:1.2+dfsg1-2
Bug#411070: libsieve2-1: Duplicate file with
Processing commands for [EMAIL PROTECTED]:
> # I'm unarchiving bugs that at some point got fixed, got archived
> # but the BTS now thinks are still present in testing or unstable.
> # Most likely those bugs got fixed in an NMU and the changelog entry
> # for the NMU is not in the latest version an
Hi Kees,
On Sun, 26 Oct 2008, Kees Cook wrote:
How about this patch as an alternative, which doesn't change the
semantics of the array, but makes sure it is aligned.
After applying only your patch, it still crashes in log_work.c. (So, I
guess it works as well as my patch to super.c, although
Julien Danjou wrote:
> At 1224427706 time_t, Pierre Habouzit wrote:
> > Not that I'm aware of, and it's probably a bug in s390 assembly, and
> > actually not a tokyocabinet bug _at all_. So unless upstream knows s390
> > assembly... I don't think he can help a lot :)
>
> After discussing with Pie
Package: lockvc
Version: 4.0.5-6
Severity: serious
Hi,
It seems that lockvc sometimes segfaults on me. It's not doing it all
time, but atleast once a week.
I'm setting it to serious since the console is unlocked at that point,
and so I consider it to be not useful at all.
I've switched to vloc
Roberto C. Sánchez wrote:
> All that said, should I hold off uploading libactivesupport-ruby since
> it will depend on libtzinfo-ruby?
Well, ideally, you (or upstream) would create something for ruby that
works properly in the sense that it uses the tzinfo data. The timezone
definitions are enough
Hi,
Marcus Better wrote:
> dpkg: error processing
> /var/cache/apt/archives/libgnokii4_0.6.27.dfsg-1_amd64.deb (--unpack):
> trying to overwrite `/usr/lib/libgnokii.so.4.0.0', which is also in package
> libgnokii3
>
The current version of libgnokii3 in unstable doesn't have the file
libgnoki
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> unarchive 496392
Bug 496392 [myspell-tools,libmyspell3c2] The possibility of attack with the
help of symlinks in some Debian packages
Unarchived Bug 496392
> reassign 496392 myspell
Package: a56
Version: 1.3-4
Severity: serious
Tags: patch
Our automated buildd log filter[1] detected a problem that is likely to
cause your package to segfault on architectures where the size of a
pointer is greater than the size of an integer, such as ia64 and amd64.
Function `alloc' implicit
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> unarchive 496392
Bug 496392 [myspell-tools,libmyspell3c2a] The possibility of attack with the
help of symlinks in some Debian packages
Unarchived Bug 496392
Warning: Unknown package
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> unarchive 496392
Bug 496392 [myspell-tools,libmyspell3c2a] The possibility of attack with the
help of symlinks in some Debian packages
Unarchived Bug 496392
Warning: Unknown package
Arnaud Quette wrote:
> Hi Luk,
>
> checking back, seems I've pissed on my shoes, while playing with
> several packages at the same time! all apologies.
> should I re upload 2.2.2-6.1 or .2?
.2
Cheers
Luk
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble?
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> unarchive 496392
Bug 496392 [myspell-tools] The possibility of attack with the help of symlinks
in some Debian packages
Unarchived Bug 496392
> reassign 496392 myspell-tools,libmysp
Processing commands for [EMAIL PROTECTED]:
> # Automatically generated email from bts, devscripts version 2.10.35
> unarchive 496392
Bug 496392 [myspell-tools] The possibility of attack with the help of symlinks
in some Debian packages
Unarchived Bug 496392
> notfixed 496392 1:3.0+pre3.1-18etch1
Your message dated Mon, 27 Oct 2008 11:24:01 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Fixed in 1.03-46
has caused the Debian Bug report #491916,
regarding qmail: Preinst fails if /etc/inetd.conf does not exist
to be marked as done.
This means that you claim that the problem has
Processing commands for [EMAIL PROTECTED]:
> fixed 491919 1.03-46
Bug#491919: qmail-src: Prompts should use debconf
Bug marked as fixed in version 1.03-46.
> fixed 491916 1.03-46
Bug#491916: qmail: Preinst fails if /etc/inetd.conf does not exist
Bug marked as fixed in version 1.03-46.
> fixed 45
>From upstream.
-- Forwarded message --
From: Matthias Wandel <[EMAIL PROTECTED]>
Date: Mon, Oct 27, 2008 at 4:13 PM
Subject: Re: Bug#503645: jhead: CVE-2008-4640, CVE-2008-4641 command
injection via filename and insecure file handling
To: Ludovic Rousseau <[EMAIL PROTECTED]>
Ah,
Hi Ludovic,
* Ludovic Rousseau <[EMAIL PROTECTED]> [2008-10-27 16:47]:
> On Mon, Oct 27, 2008 at 1:06 PM, Matthias Wandel <[EMAIL PROTECTED]> wrote:
> > So what is the security vulnerability?
> >
> > You can use it to delete files, but why not just use "rm"?
>
> If I understand correctly we have t
Hi Ludovic,
* Ludovic Rousseau <[EMAIL PROTECTED]> [2008-10-27 15:14]:
> From upstream author.
>
> -- Forwarded message --
> From: Matthias Wandel
> Date: Mon, Oct 27, 2008 at 1:06 PM
> Subject: Re: Bug#503645: jhead: CVE-2008-4640, CVE-2008-4641 command
> injection via filename an
Processing commands for [EMAIL PROTECTED]:
> fixed 445772 4.0.1-6lenny1
Bug#445772: gnat-gps: FTBFS: unsat b-deps: libgnatprj-dev: Depends: gnat-4.2 (=
4.2.1-7) but it is not going to be installed
Bug marked as fixed in version 4.0.1-6lenny1.
> notfound 445772 4.0.1-6lenny1
Bug#445772: gnat-gps:
-3
Severity: serious
Hi,
your package failed to build from source.
| Automatic build of libsyncml_0.4.7-3 on njoerd by sbuild/sparc 98-farm
| Build started at 20081027-0156
| **
| Checking available source versions...
On Mon, Oct 27, 2008 at 1:06 PM, Matthias Wandel <[EMAIL PROTECTED]> wrote:
> So what is the security vulnerability?
>
> You can use it to delete files, but why not just use "rm"?
If I understand correctly we have two problems (from [1])
2 - unsafe temp file creation
4 - shell escapes
I think "un
SIGNED MESSAGE-
Hash: SHA1
Package: libjogl-java
Version: 1.1.1+dak1-2
Severity: serious
There was an error while trying to autobuild your package:
> Automatic build of libjogl-java_1.1.1+dak1-2 on zx6000 by sbuild/ia64 98-farm
> Build started at 20081027-0633
[...]
> ** Using bui
Le mardi 28 octobre 2008 à 00:50 +1100, Tim Lyth a écrit :
> Output as requested:
> ls /usr/share/python-support/*/pygtk.pth -lh
> -rw-r--r-- 1 root root 8 2008-06-07 23:41
> /usr/share/python-support/python-gobject/pygtk.pth
> -rw-r--r-- 1 root root 8 2006-08-06 06:58
> /usr/share/python-support
Your message dated Mon, 27 Oct 2008 14:02:17 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#503462: fixed in texlive-bin 2007.dfsg.2-4
has caused the Debian Bug report #503462,
regarding texlive-extra-utils must Replaces: tetex-bin
to be marked as done.
This means that you claim t
Your message dated Mon, 27 Oct 2008 14:02:58 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#502515: fixed in texlive-extra 2007.dfsg.8-1
has caused the Debian Bug report #502515,
regarding texlive-latex-extra: kalendar is non-free
to be marked as done.
This means that you claim th
Your message dated Mon, 27 Oct 2008 14:02:58 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#502002: fixed in texlive-extra 2007.dfsg.8-1
has caused the Debian Bug report #502002,
regarding texlive-latex-extra: hilowres.sty is non-free
to be marked as done.
This means that you clai
Package: network-manager-gnome
Version: 0.6.6-2
Severity: grave
Justification: renders package unusable
Hi,
I have upgrade to network manager in experimental, as part of that the various
libnm libraries
have been upgraded to version 0.7.x
However neither network-manager, nor network-manager-gno
Output as requested:
ls /usr/share/python-support/*/pygtk.pth -lh
-rw-r--r-- 1 root root 8 2008-06-07 23:41
/usr/share/python-support/python-gobject/pygtk.pth
-rw-r--r-- 1 root root 8 2006-08-06 06:58
/usr/share/python-support/python-gtk2/pygtk.pth
Josselin Mouette wrote:
Please show the res
Processing commands for [EMAIL PROTECTED]:
> severity 503555 important
Bug#503555: sofa-framework - Missuse of ressources
Severity set to `important' from `serious'
> retitle 503555 "build arch all packages only in the binary-indep target"
Bug#503555: sofa-framework - Missuse of ressources
Change
>From upstream author.
-- Forwarded message --
From: Matthias Wandel
Date: Mon, Oct 27, 2008 at 1:06 PM
Subject: Re: Bug#503645: jhead: CVE-2008-4640, CVE-2008-4641 command
injection via filename and insecure file handling
To: Ludovic Rousseau <[EMAIL PROTECTED]>
So what is the s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: libsyncml
Version: 0.4.7-3
Severity: serious
The error on ia64 is slightly different.
There was an error while trying to autobuild your package:
> Automatic build of libsyncml_0.4.7-3 on zx6000 by sbuild/ia64 98-farm
> Build started at 2008
On Mon, Oct 27, 2008 at 12:52:57PM +0100, Bastian Blank wrote:
> Package: request-tracker3.6
> Version: 3.6.7-3
> Severity: serious
>
> request-tracker3.6 uses debconf as a registry to detect which db
> informations are available. The debconf data is volatile and therefor
> not possible to be used
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: libjogl-java
Version: 1.1.1+dak1-2
Severity: serious
There was an error while trying to autobuild your package:
> Automatic build of libjogl-java_1.1.1+dak1-2 on zx6000 by sbuild/ia64 98-farm
> Build started at 2008102
Dave Benjamin a écrit :
> I installed libapache2-mod-ocamlnet and enabled the module using "a2enmod
> netcgi_apache". Apache 2 no longer starts, printing this message instead:
> [...]
> I tried to resolve the problem by:
>
> 1. Saving /usr/lib/ocaml/3.10.2 to /etc/ld.so.conf.d/ocaml.conf
> 2. Runn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: ffmpeg-debian
Version: 3:0.svn20080925-1
Severity: serious
There was an error while trying to autobuild your package:
> Automatic build of ffmpeg-debian_3:0.svn20080925-1 on alkman.ayous.org by
> sbuild/ia64 98-farm
> Build started at 20081
On Mon, Oct 27, 2008 at 12:26:18PM +, Dominic Hargreaves wrote:
> I propose to change debian/config to just check whether the rt3.6-db-*
> packages are installed to determine whether to support these packages
> (and then remove the db4.6-db-* config/postinst scripts altogether).
>
> Does this
1 - 100 of 148 matches
Mail list logo
