Hi,
On Sat, Mar 09, 2013 at 07:54:42PM +0100, Guido Günther wrote:
> Hi,
> sorry for the delay but attached is the diff for the stable update. This
> addrsses #701649 (CVE-2013-1766) as well as #699224 (kind of
> CVE-2013-0170). Is this enough for the security team to issue the DSA?
> Let me know i
Hi,
Laurent Desarmes writes:
> There's also an issue with the serial, it's now displaying in hex form
> with openssl 1.0.1e-1
I don't believe there is an issue with the serial number. In TinyCA it
has always been shown in hex and openssl puts both hex and decimal
representations into its -text o
Hi,
The two patches submitted so far do not address the root of the problem,
that is the botched process handling in tinyca. I am working on a better
solution to this issue, which I intend to upload next week. Please bear
with me.
Cheers
Uli
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@
Dear Michael,
I have pushed a new version of the package, including the
fix, to the repository of cil on collab-maint [1]. I have a
sponsor for the upload, but he can't access his GPG key for
the next few days. Can you please delay the upload?
Alternatively, does anyone volunteer to review the pa
Package: iceweasel
Severity: grave
Tags: security
Hi,
the following vulnerabilities were published for iceweasel.
(I am aware that these are fixed in experimental, but they should also be
fixed in testing and stable. If I can be of assistance please indicate so.)
CVE-2011-1187[0]:
| Google Chrom
Your message dated Thu, 14 Mar 2013 22:02:55 +
with message-id
and subject line Bug#703064: fixed in nova 2012.2.3-3
has caused the Debian Bug report #703064,
regarding CVE-2013-1838: Nova DoS by allocating all Fixed IPs
to be marked as done.
This means that you claim that the problem has bee
Your message dated Thu, 14 Mar 2013 21:48:57 +
with message-id
and subject line Bug#703064: fixed in nova 2012.1.1-15
has caused the Debian Bug report #703064,
regarding CVE-2013-1838: Nova DoS by allocating all Fixed IPs
to be marked as done.
This means that you claim that the problem has be
Your message dated Thu, 14 Mar 2013 21:32:36 +
with message-id
and subject line Bug#703063: fixed in glance 2012.2.3-2
has caused the Debian Bug report #703063,
regarding CVE-2013-1840: Backend credentials leak in Glance v1 API
to be marked as done.
This means that you claim that the problem
Your message dated Thu, 14 Mar 2013 21:17:40 +
with message-id
and subject line Bug#703063: fixed in glance 2012.1.1-5
has caused the Debian Bug report #703063,
regarding CVE-2013-1840: Backend credentials leak in Glance v1 API
to be marked as done.
This means that you claim that the problem
Package: nova
Severity: grave
Tags: security
Vish Ishaya reported a vulnerability in Nova where there is no quota for
Fixed IPs. Previously the instance quota acted as a proxy for a Fixed IP
quota, but if your configuration allows an instance to consume more than
one Fixed IP via an extension such
Source: glance
Severity: grave
Tags: security
Stuart McLaren from HP reported a vulnerability in the information
potentially returned to the user in Glance v1 API. If an authenticated
user requests, through the v1 API, an image that is already cached, the
headers returned may disclose the Glance o
At least this example [1] works just fine.
[1]
http://zbar.sourcearchive.com/documentation/0.10plus-pdoc/test__pygtk_8py-source.html
Anton
2013/3/13 Bernd Zeimetz :
> So no crash, nothing badly happening? Does it work? Like are you able to scan
> a
> barcode?
--
To UNSUBSCRIBE, email to deb
I have just realized I didn't atach all the threads' backtrace, so I am
submitting them just in case.
(gdb) thread apply all bt
Thread 13 (Thread 0x7fffdf0ec700 (LWP 32017)):
#0 0x74cc9e33 in poll () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x740ea624 in ?? () from /lib/x86_64-li
Your message dated Thu, 14 Mar 2013 18:02:34 +
with message-id
and subject line Bug#702047: fixed in firewalld 0.2.12-4
has caused the Debian Bug report #702047,
regarding firewalld: fails to install due to insserv rejecting the script header
to be marked as done.
This means that you claim th
Package: texstudio
Version: 2.3+debian-3
Followup-For: Bug #702999
Well, I thought it was a SIGSEGV, but it is a SIGABRT. I attach the gdb
session. I hope it helps!
-- System Information:
Debian Release: 7.0
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimenta
had the same issue of missing usb-support on my QNAP TS-119 after a squeeze
kernel update 2.6.32-48
I did a.
update-initramfs -u
reboot
.to get it working again.
thank you for reporting and hinting to install the new kernel in flash!
Your message dated Thu, 14 Mar 2013 17:32:27 +
with message-id
and subject line Bug#702904: fixed in adequate 0.4.4
has caused the Debian Bug report #702904,
regarding adequate: fails to install, remove, and install again
to be marked as done.
This means that you claim that the problem has be
Processing commands for cont...@bugs.debian.org:
> tags 702753 + patch
Bug #702753 [src:spandsp] spandsp: Downloads external files at build time
(through xsltproc) -- missing Build-Depends?
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
70275
Processing control commands:
> tag -1 + confirmed tag
Unknown tag/s: tag.
Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid
help security upstream pending sarge sarge-ignore experimental d-i confirmed
ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore
Control: tag -1 + confirmed tag
On Sun, 10 Mar 2013 19:02:44 -0700, Daniel Schepler wrote:
> When I recently did a full build of spandsp in pbuilder, it happened
> that my net connection went down momentarily, and I noticed this in
> the build log:
>
> ...
> cd t38_manual ; xsltproc ../wrapper.x
Hello!
On Wednesday 13 March 2013 11:46:30 you wrote:
> > What kind of ODBC operation were you doing?
> > What do you call "non-JET3 compressed data"? Jet4 databases are UCS2
> > encoded while Jet3 use a local charset. How is compression involved there?
> > Do you have an exemple database?
>
> I
Your message dated Thu, 14 Mar 2013 14:48:24 +
with message-id
and subject line Bug#702374: fixed in postfix 2.10.0-2
has caused the Debian Bug report #702374,
regarding postfix: get message Relay Access Denied, when using SASL
to be marked as done.
This means that you claim that the problem
Your message dated Thu, 14 Mar 2013 14:48:24 +
with message-id
and subject line Bug#702374: fixed in postfix 2.10.0-2
has caused the Debian Bug report #702374,
regarding new upstream version broke relay_clientcerts
to be marked as done.
This means that you claim that the problem has been deal
Package: libncurses-ruby1.9.1
Version: 1.2.4-2
Justification: renders package unusable
Severity: grave
Hi,
libncurses-ruby1.9.1 seems to use the STR2CSTR makro, which was removed in
ruby-1.9.
Instead of STR2CSTR, StringValuePtr() must be used
see also http://www.ruby-forum.com/topic/215406
br,
Hi
On Thu, Mar 14, 2013 at 05:03:21PM +0400, Dmitry E. Oboukhov wrote:
> >> I downgraded mod-perl, 2.0.7-1 crashes, too (the same backtrace)
> >>
> >> Then I downgraded apache to 2.2.22-12 and 2.2.22-12 + modperl 2.0.7-1
> >> don't crash. Also apache 2.2.22-12 and modperl 2.0.7-2 don't crash,
> >
On Thu, Mar 14, 2013 at 05:03:21PM +0400, Dmitry E. Oboukhov wrote:
> >> I downgraded mod-perl, 2.0.7-1 crashes, too (the same backtrace)
> >>
> >> Then I downgraded apache to 2.2.22-12 and 2.2.22-12 + modperl 2.0.7-1
> >> don't crash. Also apache 2.2.22-12 and modperl 2.0.7-2 don't crash,
> >> to
>> I downgraded mod-perl, 2.0.7-1 crashes, too (the same backtrace)
>>
>> Then I downgraded apache to 2.2.22-12 and 2.2.22-12 + modperl 2.0.7-1
>> don't crash. Also apache 2.2.22-12 and modperl 2.0.7-2 don't crash,
>> too.
>>
>> But backtrace points to mod-perl, so I doubt to reassign the
>> bugr
-=| Dmitry E. Oboukhov, 14.03.2013 16:01:25 +0400 |=-
> I downgraded mod-perl, 2.0.7-1 crashes, too (the same backtrace)
>
> Then I downgraded apache to 2.2.22-12 and 2.2.22-12 + modperl 2.0.7-1
> don't crash. Also apache 2.2.22-12 and modperl 2.0.7-2 don't crash,
> too.
>
> But backtrace points
also yesterday i upgraded apache from 2.2.22-12 to 2.2.22-13.
>>
PS: Mojolicious has no XS modules, but mod-perl crashes often.
So I think that the problem is in mod-perl (backtrace points to) or
apache :)
> Could you also check the way forward, with the recently rebuild
> PS: Mojolicious has no XS modules, but mod-perl crashes often.
>
> So I think that the problem is in mod-perl (backtrace points to) or
> apache :)
>> Could you also check the way forward, with the recently rebuild
>> libapache2-mod-perl2 in unstable (also only test fixes), to 2.
Hi Dmitry
On Thu, Mar 14, 2013 at 04:01:25PM +0400, Dmitry E. Oboukhov wrote:
> >>> Can you please downgrade back and verify that the crashes go away
> >>> with 2.0.7-1?
> >>
> >> No, 2.0.7-1 is already removed from repo :(
>
> > You can find old package versions at
> > http://snapshot.debian.or
On Thu, Mar 14, 2013 at 02:10:01PM +0400, hr...@infotech.am wrote:
> This effect is exactly the same as it was before, but with one small
> difference: the error messages suppressed, and we haven't chance to see
> errors.
> It is worst. We have the bug, but haven't error messages.
The original bug
>>> Can you please downgrade back and verify that the crashes go away
>>> with 2.0.7-1?
>>
>> No, 2.0.7-1 is already removed from repo :(
> You can find old package versions at
> http://snapshot.debian.org/binary/libapache2-mod-perl2/
Thanks for url :)
I downgraded mod-perl, 2.0.7-1 crashes, too
Hi all
On Thu, Mar 14, 2013 at 08:54:06AM -, Steve Hay wrote:
> Niko Tyni wrote on 2013-03-13:
> > On Wed, Mar 13, 2013 at 09:13:15AM -, Steve Hay wrote:
> >> Dominic Hargreaves wrote on 2013-03-12:
> >
> >>> When trying to fix this issue in Debian stable, I found that the
> patch
> >>> a
>> Package: libapache2-mod-perl2
>> Version: 2.0.7-2
>> Severity: grave
>> Today I've upgraded my modperl upto wheezy from 2.0.7-1 to 2.0.7-2
>> and apache began to crash.
> That's quite surprising, given the only source changes between those
> versions are in the test suite.
> Can you please do
On Thu, Mar 14, 2013 at 03:11:25PM +0400, Dmitry E. Oboukhov wrote:
> >> Package: libapache2-mod-perl2
> >> Version: 2.0.7-2
> >> Severity: grave
>
> >> Today I've upgraded my modperl upto wheezy from 2.0.7-1 to 2.0.7-2
> >> and apache began to crash.
>
> > That's quite surprising, given the only
Today I have upgraded the kernel, now it is linux-image-3.2.0-4-amd64
(3.2.39-2).
I think we have to reopen the bug, because it seems that the bug is not
solved but just suppressed the warning messages.
It is not just my thoughts; everyone can make sure executing couple of
command.
df ( will
Niko Tyni wrote on 2013-03-13:
> On Wed, Mar 13, 2013 at 09:13:15AM -, Steve Hay wrote:
>> Dominic Hargreaves wrote on 2013-03-12:
>
>>> When trying to fix this issue in Debian stable, I found that the
patch
>>> at
>>>
>>> http://svn.apache.org/viewvc?view=revision&revision=1455340
>>>
>>> d
On Wed, 13 Mar 2013 21:21:07 -0700, tony mancill wrote:
> > (What's missing is some explanation in d/copyright how and why the
> > +ds version is created, I suppose. Oh, and a note in d/changelog that
> > debian/patches/02_update_buildtime.patch was refreshed.)
>
> Thank you very much for the ana
On Thu, Mar 14, 2013 at 01:46:01AM +0400, Dmitry E. Oboukhov wrote:
> Package: libapache2-mod-perl2
> Version: 2.0.7-2
> Severity: grave
> Today I've upgraded my modperl upto wheezy from 2.0.7-1 to 2.0.7-2
> and apache began to crash.
That's quite surprising, given the only source changes between
40 matches
Mail list logo
