On Mon, 2011-01-24 at 21:00 +, Adam D. Barratt wrote:
> On Mon, 2011-01-24 at 20:53 +0100, Patrik Fimml wrote:
> > I'm fine with the patch for abiword, but not a DD so I can't upload it
> > myself.
>
> I'd be happy to NMU it to t-p-u if that would help, assuming I can
> persuade someone else
Your message dated Thu, 27 Jan 2011 05:47:20 +
with message-id
and subject line Bug#610960: fixed in hplip 3.10.6-2
has caused the Debian Bug report #610960,
regarding CVE-2010-4267: Buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this
Hi,
I don't know if the root cause is the same, but here's the stack trace
I'm recording with current epiphany-browser in Debian Squeeze on an
Itanium workstation.
emeric@longspeak:~$ gdb epiphany-browser
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+:
Your message dated Thu, 27 Jan 2011 00:17:20 +
with message-id
and subject line Bug#610960: fixed in hplip 3.11.1-1
has caused the Debian Bug report #610960,
regarding CVE-2010-4267: Buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this
It seems gpmudmon-applet is lacking a build-dependency on libgnome2-dev.
signature.asc
Description: This is a digitally signed message part.
Processing commands for cont...@bugs.debian.org:
> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
a...@adam-barratt.org.uk).
> usertag 611138 + squeeze-can-defer
Bug#611138: CVE-2010-4438
There were no usertags set.
Usertags are now: squeez
On Wednesday 26 January 2011 15:24:19 Raphael Geissert wrote:
> Hi Ari,
Andrew, of course :)
(Thanks to adsb for pointing it out)
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject
user release.debian@packages.debian.org
usertag 611138 + squeeze-can-defer
tag 611138 + squeeze-ignore
thanks
On Wed, 2011-01-26 at 22:34 +0100, Moritz Mühlenhoff wrote:
> On Wed, Jan 26, 2011 at 07:46:32PM +0100, Damien Raude-Morvan wrote:
> > So I don't think Debian package is affected by th
Processing commands for cont...@bugs.debian.org:
> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
a...@adam-barratt.org.uk).
> usertag 611217 + squeeze-can-defer
Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
There were no us
user release.debian@packages.debian.org
usertag 611217 + squeeze-can-defer
tag 611217 + squeeze-ignore
thanks
On Wed, 2011-01-26 at 15:24 -0600, Raphael Geissert wrote:
> > When the DHCPv6 server code processes a message for an address that was
> > previously declined and internally tagged as
On Wed, Jan 26, 2011 at 07:46:32PM +0100, Damien Raude-Morvan wrote:
> Hi,
>
> Le mardi 25 janvier 2011 23:02:18, Moritz Muehlenhoff a écrit :
> > See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4438
> >
> > Please get in touch with Oracle to check, what "unspecified
> > vulnerability"
On Sun, 2011-01-16 at 08:50 +0100, Daniel Baumann wrote:
> On 01/13/2011 11:50 PM, Adam D. Barratt wrote:
> > Is anything happening with this?
>
> yes.
>
> like i said[0], after my vac[1].
Unless I missed any, this is now the only remaining RC bug for live-*.
Is an upload for this planned at the
Your message dated Wed, 26 Jan 2011 21:32:44 +
with message-id
and subject line Bug#485621: fixed in ghostscript 9.00~dfsg-3
has caused the Debian Bug report #485621,
regarding libgs8: undeclared dependency on ghostscript (>> 8.71~), ghostscript
(<= 8.71+)
to be marked as done.
This means th
Your message dated Wed, 26 Jan 2011 21:32:44 +
with message-id
and subject line Bug#485621: fixed in ghostscript 9.00~dfsg-3
has caused the Debian Bug report #485621,
regarding libgs8: undeclared dependency on ghostscript (>> 8.71~), ghostscript
(<= 8.71+)
to be marked as done.
This means th
On Fri, 2011-01-21 at 14:54 +0100, Daniel Baumann wrote:
> On 01/21/2011 02:32 PM, Yves-Alexis Perez wrote:
> > Assuming your back from [VAC], is there any news from this?
>
> like i said[0].. i'm on the last steps of testing and upload RSN.
That was a few days ago; how's the testing going?
Rega
On Mon, 2011-01-24 at 12:21 +0100, Jakub Wilk wrote:
> Source: parmetis
> Version: 3.1.1-1
> Severity: serious
> Tags: patch
> Justification: fails to build from source
>
> parmetis fails to build from source in a clean sid i386 chroot. Tail of
> the build log:
[...]
> The attached patch fixes th
Package: isc-dhcp-server
Version: 4.1.1-P1-15
Severity: grave
Tags: security patch
Hi Ari,
Just as a public record, the following advisory (CVE-2011-0413[0]) has been
published by ISC[1]:
> When the DHCPv6 server code processes a message for an address that was
> previously declined and interna
On Mon, 2011-01-24 at 21:42 +, Adam D. Barratt wrote:
> On Mon, 2011-01-24 at 16:10 +0100, Jakub Wilk wrote:
> > libspe2 FTBFS in a clean sid chroot. Tail of the build log:
> >
> > | cd doc/img; make
> > | make[2]: Entering directory
> > `/build/sbuild-libspe2_2.2.80-95-3.1-i386-pApp47/libspe
Processing commands for cont...@bugs.debian.org:
> severity 602232 grave
Bug #602232 [tcptrack] tcptrack is outdated (does not work with newer kernels
or IPv6)
Severity set to 'grave' from 'important'
> --
Stopping processing here.
Please contact me if you need assistance.
--
602232: http://bu
Your message dated Wed, 26 Jan 2011 21:21:30 +0200
with message-id <20110126192130.ga12...@dee.ktnx.net>
and subject line Re: Bug#609613: bgoffice-dict-downloader: invalid maintainer
address
has caused the Debian Bug report #609613,
regarding bgoffice-dict-downloader: invalid maintainer address
to
-=| Mike O'Connor, Mon, Jan 10, 2011 at 05:29:32PM -0500 |=-
> Package: bgoffice-dict-downloader
> Severity: serious
> Justification: Policy 3.3
>
> the domain name of the Maintainer address does not accept email.
Fixed. There was another MX added and mails sent to
debian-addons-bg-maintain...@o
Processing commands for cont...@bugs.debian.org:
> tags 611138 + moreinfo
Bug #611138 [glassfish] CVE-2010-4438
Added tag(s) moreinfo.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
611138: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611138
Debian Bug Tracki
Processing commands for cont...@bugs.debian.org:
> # fix bug number
> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
jcris...@debian.org).
> usertags 610265 - squeeze-can-defer
Bug#610265: qtiplot/libmuparser0: dependency incorrect
Usertags
Hi,
Le mardi 25 janvier 2011 23:02:18, Moritz Muehlenhoff a écrit :
> See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4438
>
> Please get in touch with Oracle to check, what "unspecified
> vulnerability" they fixed...
From CVE abstract :
"
Sun GlassFish Enterprise Server contains a fl
On Sun, Dec 19, 2010 at 19:30:58 +0100, Julien BLACHE wrote:
> I think it would be best if this matter would be decided upon before the
> release of Squeeze, or not too long after it, so as to avoid further
> breakages in early kernel updates for Squeeze.
>
We're getting close to the squeeze rele
Processing commands for cont...@bugs.debian.org:
> package ntop
Limiting to bugs with field 'package' containing at least one of 'ntop'
Limit currently set to 'package':'ntop'
> forcemerge 609070 611173
Bug#609070: ntop fails to install (via aptitude)
Bug#611173: Fails to install
Forcibly Merged
package ntop
forcemerge 609070 611173
thanks
On 01/26/2011 03:44 AM, Kartik Mistry wrote:
> While installing ntop,
>
> Setting up ntop (3:4.0.3+dfsg1-1) ...
> dpkg: error processing ntop (--configure):
> subprocess installed post-installation script returned error exit status 30
> configured to
Processing commands for cont...@bugs.debian.org:
> reassign 568088 linux-2.6 2.6.26-21
Bug #568088 [cdrom] cdrom: Debian does not boot right after installation
Bug reassigned from package 'cdrom' to 'linux-2.6'.
Bug #568088 [linux-2.6] cdrom: Debian does not boot right after installation
There is
reassign 568088 linux-2.6 2.6.26-21
severity 568088 important
tag 568088 moreinfo
kthxbye
On Mon, Feb 1, 2010 at 22:46:28 +0100, Volodymyr Shcherbyna wrote:
> Package: cdrom
> Severity: critical
> Justification: breaks the whole system
>
> After installation of debian 5.0.3 x64 the OS does not
Processing commands for cont...@bugs.debian.org:
> reassign 598062 apt-setup
Bug #598062 [cdrom] cdrom: Squeeze : grub-pc cannot install on /target for amd64
Bug reassigned from package 'cdrom' to 'apt-setup'.
> forcemerge 598130 598062
Bug#598130: grub-installer cannot install grub-pc on amd64 (
reassign 598062 apt-setup
forcemerge 598130 598062
kthxbye
On Sun, Sep 26, 2010 at 20:33:17 +0200, Lionel Kaufmann wrote:
> I've isolated as far as I can, the piece of code involved.
> Relatated to grub-installer and apt-install...
>
> You can link to new bug report : #598130 or just close.
>
M
On Wed, Dec 15, 2010 at 10:08:01PM +0100, Daniel Baumann wrote:
> mdadm and cryptsetup, same as what we already fixed with lvm, doesn't
> get installed (apparently for different reason though), thus it breaks
> when using luks or raid for target.
I tried to reproduce this with a daily build us
Source: gpmudmon-applet
Version: 0.3.0-1
Severity: serious
Justification: fails to build from source
gpmudmon-applet FTBFS in a powerpc squeeze chroot. Tail of the build
log:
| make[3]: Entering directory `/home/jwilk/gpmudmon-applet-0.3.0/src'
| if powerpc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I
On Wed, 26 Jan 2011, Hilmar Preuße wrote:
On 23.01.11 Faheem Mitha (fah...@email.unc.edu) wrote:
Hi,
I'd like to get a fix uploaded for #610714 for auctex in squeeze.
This should be straightforward. The fix breaks preview with the
version of ghostscript in squeeze (8.71~dfsg2-6.1), and was
On 23.01.11 Faheem Mitha (fah...@email.unc.edu) wrote:
Hi,
> I'd like to get a fix uploaded for #610714 for auctex in squeeze.
> This should be straightforward. The fix breaks preview with the
> version of ghostscript in squeeze (8.71~dfsg2-6.1), and was patched
> in upstream CVS in October 2010
Package: calendarserver
Severity: normal
I could confirm the bug for most part of it but I couldn't see any errors in my
log file. I have a few quick queries for you.
1. When does the error get filed in the log? I have been using the
calendarserver for quite sometime but have never come across th
Your message dated Wed, 26 Jan 2011 14:33:37 +
with message-id
and subject line Bug#611142: fixed in massxpert 2.4.2-1
has caused the Debian Bug report #611142,
regarding massxpert: Program crashes when clicking left of first monomer
vignette
to be marked as done.
This means that you claim t
+hplip (3.10.6-2) unstable; urgency=high
+
+ * SECURITY UPDATE: denial of service and possible arbitrary code
+execution via long SNMP response - Thanks Till
+- debian/patches/CVE-2010-4267.dpatch: validate dLen in io/hpmud/pml.c.
+- Fixes "CVE-2010-4267: Buffer overflow" (Closes: #610
Processing commands for cont...@bugs.debian.org:
> #hplip (3.11.1-1) experimental; urgency=low
> #
> # * New Upstream Release
> #- Fixes "CVE-2010-4267: Buffer overflow" (Closes: #610960)
> #
> limit source hplip
Limiting to bugs with field 'source' containing at least one of 'hplip'
Limit cu
On Wed, Jan 26, 2011 at 14:18:38 +0100, Andreas Tille wrote:
> Hi Julian,
>
> can you please explain your notfixed change? The bug report was wrong
> according to Steffen and the binary upload 2.1-4+b1 works in Squeeze.
> So the bug should be simply closed for all versions. Could you either
> t
Processing commands for cont...@bugs.debian.org:
> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
jcris...@debian.org).
> usertag 611176 squeeze-can-defer
Bug#611176: bugzilla: CVE-2010-4568 Account compromise vulnerability
There were no us
user release.debian@packages.debian.org
usertag 611176 squeeze-can-defer
tag 611176 squeeze-ignore
kthxbye
On Wed, Jan 26, 2011 at 12:55:08 +, Jonathan Wiltshire wrote:
> Package: bugzilla
> Version: 3.0.4.1-2+lenny2
> Severity: grave
> Tags: security
> Justification: user security hole
>
Hi Julian,
can you please explain your notfixed change? The bug report was wrong
according to Steffen and the binary upload 2.1-4+b1 works in Squeeze.
So the bug should be simply closed for all versions. Could you either
tell us how to properly reflect this in BTS (or do the proper action
yourse
Hello Michael,
On Wed, Jan 26, 2011 at 11:02:06AM +0100, Michael Banck wrote:
> > Sending bug report to myself. When clicking left of the first monomer
> > vignette the program crashes. Presumably because of a failed array
> > bound checking.
>
> I guess it's a bad bug, but grave? Can users avo
Processing commands for cont...@bugs.debian.org:
> notfound 611176 3.0.4.1-2
Bug #611176 [bugzilla] bugzilla: CVE-2010-4568 Account compromise vulnerability
There is no source info for the package 'bugzilla' at version '3.0.4.1-2' with
architecture ''
Unable to make a source version for version '
Sorry about the unhelpful report body...!
From the Mozilla advisory:
|Class: Account Compromise
|Versions:2.14 to 3.2.9, 3.4.9, 3.6.3, 4.0rc1
|Fixed In:3.2.10, 3.4.10, 3.6.4, 4.0rc2
|Description: It was possible for a user to gain unauthorized access to
| any Bugzilla ac
Package: bugzilla
Version: 3.0.4.1-2+lenny2
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: bugzilla
Version: FILLINAFFECTEDVERSION
Severity: FILLINSEVERITY
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Expo
Your message dated Wed, 26 Jan 2011 12:45:47 +
with message-id <20110126124546.gb29...@ubuntu.lan>
and subject line Re: [pkg-mono-group] Bug#611174:
libmono-system-data-linq2.0-cil: replaces libmono-system-data2.0-cil but still
depends on it
has caused the Debian Bug report #611174,
regarding
Package: libmono-system-data-linq2.0-cil
Version: 2.6.7-4~bpo50+1
Severity: grave
Justification: renders package unusable
using lenny backports, I am trying to install libmono-system-data-linq2.0-cil.
I understand from
http://packages.debian.org/lenny-backports/libmono-system-data-linq2.0-cil t
Package: ntop
Version: 3:4.0.3+dfsg1-1
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
While installing ntop,
Setting up ntop (3:4.0.3+dfsg1-1) ...
dpkg: error processing ntop (--configure):
subprocess installed post-installation script returned error exit status 30
configured
severity 611172 wishlist
kthxbye
On Wed, Jan 26, 2011 at 12:09:43 +0100, Gabriel Moreau wrote:
> Package: libnss-sss
> Version: 1.2.1-4
> Severity: grave
> Justification: renders package unusable
>
I don't think that's true.
Cheers,
Julien
signature.asc
Description: Digital signature
Processing commands for cont...@bugs.debian.org:
> severity 611172 wishlist
Bug #611172 [libnss-sss] libnss-sss: No ia32 version of libnss_sss.so on 64
bits system
Severity set to 'wishlist' from 'grave'
> kthxbye
Stopping processing here.
Please contact me if you need assistance.
--
611172: h
Package: libnss-sss
Version: 1.2.1-4
Severity: grave
Justification: renders package unusable
No ia32 version of libnss_sss.so on 64 bits system, make acroread crash at
start for example.
Juste need to copy the 32 bits version under /lib32 to resove it
We need a under /lib32
lrwxrwxrwx 1 root r
On Wed, Jan 26, 2011 at 09:36:58AM +0100, Marco Amadori wrote:
> In data Wednesday 26 January 2011 02:43:12, Colin Watson ha scritto:
> > Please review and comment. I can go ahead and push these patches to
> > master if people like them.
>
> Your patches are working on my test environment too. I
On 26.01.2011 11:25, Julien Cristau wrote:
> On Wed, Jan 26, 2011 at 08:56:06 +0300, Michael Tokarev wrote:
>
>> Second, this is an intended behavour. Emty vnc password
>> meant to be no authentication, not a lockdown. When you
>> start it without specifying a password it lets everyone
>> in.
>>
Hi,
On Tue, Jan 25, 2011 at 11:23:22PM +0100, Filippo Rusconi wrote:
> Package: massxpert
> Version: 2.4.1-1
> Severity: grave
> Tags: upstream
> Justification: renders package unusable
>
> Sending bug report to myself. When clicking left of the first monomer
> vignette the program crashes. Presu
retitle 611131 libmuparser0: ABI breakage without SONAME change
On Tue, Jan 25, 2011 at 22:04:45 +0100, Elrond wrote:
> libmuparser0 1.32-1 (as shipped in testing) doesn't have a
> versioned dependency, but should. See #610265 for an
> example.
>
> According to
> http://release.debian.org/sque
Your message dated Wed, 26 Jan 2011 09:47:06 +
with message-id
and subject line Bug#603974: fixed in live-installer 30
has caused the Debian Bug report #603974,
regarding needs to reconfigure console-setup
to be marked as done.
This means that you claim that the problem has been dealt with.
I
Package: calendarserver
Version: 2.4.dfsg-2.1
Severity: grave
Justification: renders package unusable
The files calendaruserproxy.sqlite and resourceinfo.sqlite are found in
/var/run/caldavd. When the machine is reboot, these files will be removed.
These are database files which contain importa
Processing commands for cont...@bugs.debian.org:
> retitle 611131 libmuparser0: ABI breakage without SONAME change
Bug #611131 [libmuparser0] libmuparser0: shlibs should give proper versioned
dependency
Changed Bug title to 'libmuparser0: ABI breakage without SONAME change' from
'libmuparser0: s
Your message dated Wed, 26 Jan 2011 08:38:49 +
with message-id
and subject line Bug#607637: fixed in ntop 3:4.0.3+dfsg1-2
has caused the Debian Bug report #607637,
regarding ntop: config script fails when netstat is not installed
to be marked as done.
This means that you claim that the proble
In data Wednesday 26 January 2011 02:43:12, Colin Watson ha scritto:
> Please review and comment. I can go ahead and push these patches to
> master if people like them.
Your patches are working on my test environment too. I like them and yes,
please push them.
They are fixing this bug, many th
On Wed, Jan 26, 2011 at 08:56:06 +0300, Michael Tokarev wrote:
> Second, this is an intended behavour. Emty vnc password
> meant to be no authentication, not a lockdown. When you
> start it without specifying a password it lets everyone
> in.
>
Intended by whom?
Cheers,
Julien
signature.asc
Processing commands for cont...@bugs.debian.org:
> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
jcris...@debian.org).
> usertag 610749 squeeze-can-defer
Bug#610749: fakeroot fails ownership with kfreebsd systems
There were no usertags set
user release.debian@packages.debian.org
usertag 610749 squeeze-can-defer
tag 610749 squeeze-ignore
kthxbye
On Mon, Jan 24, 2011 at 22:10:35 +0100, Aurelien Jarno wrote:
> Even if testing is not affected, it's a serious problem as packages are
> in unstable before moving to testing. This is wa
65 matches
Mail list logo