On Mon, 29 Apr 2019 07:46:22 +0700 Arnaud Rebillout
wrote:
> Actually this was fixed upstream lately, and the fix is in Debian
> testing already. See
> https://github.com/docker/libnetwork/pull/2339#issuecomment-487207550
>
> There's still other iptables related bugs, the most outstanding being
>
Processing commands for cont...@bugs.debian.org:
> affects 926872 evolution
Bug #926872 [libwebkit2gtk-4.0-37] evolution: Spaces in mail view disappeared
with recent updates
Bug #928399 [libwebkit2gtk-4.0-37] libwebkit2gtk-4.0-37: White spaces are
always skipped in redinering of text plain.
Processing commands for cont...@bugs.debian.org:
> #
> # bts-link upstream status pull for source package src:php-imagick
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> # https://bts-link-team.pages.debian.net/bts-link/
> #
> user
Processing commands for cont...@bugs.debian.org:
> #
> # bts-link upstream status pull for source package src:linux
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> # https://bts-link-team.pages.debian.net/bts-link/
> #
> user debian-bts-l...@lists.debian.org
Package: testssl.sh
Version: 2.9.5-7+dfsg1-1
Severity: serious
Justification: Policy 3.5
Hi,
on a minimal Debian installation testssl fails to work. It's missing at least
these dependencies (package name in brackets):
- dig (dnsutils)
- host (bind9-host)
- ps (procps)
- hexdump (bsdmainutils)
Source: python-tblib
Version: 1.4.0-1
Severity: serious
Tags: ftbfs
Dear Maintainer,
python-tblib currently fails to build from source with the following
error message:
ERRORS
___ ERROR collecting
Source: cjson
Version: 1.7.10-1
Severity: grave
Tags: security upstream fixed-upstream
Hi,
The following vulnerabilities were published for cjson.
CVE-2019-11834[0]:
| cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a
| string literal.
CVE-2019-11835[1]:
| cJSON before
Control: retitle -1 drupal7: Insecure deserialization on bundled third-party
library "Phar Stream Wrapper" (SA-CORE-2019-007) (CVE-2019-11831)
On Wed, May 08, 2019 at 04:13:30PM -0500, Gunnar Wolf wrote:
> Package: drupal7
> Version: 7.52-2+deb9u8
> Severity: grave
> Tags: security upstream
>
Processing control commands:
> retitle -1 drupal7: Insecure deserialization on bundled third-party library
> "Phar Stream Wrapper" (SA-CORE-2019-007) (CVE-2019-11831)
Bug #928688 [drupal7] drupal7: Insecure deserialization on bundled third-party
library "Phar Stream Wrapper" (SA-CORE-2019-007)
Hi Berto,
I applied upstream's patch
https://bug-197658-attachments.webkit.org/attachment.cgi?id=369368
to the sources of webkit2gtk_2.24.1-1 in my debian box, and installed
them.Then I surely confired to fix problems reported by debian bug
#926872 and #928399.
Thank you for all things.
On Sat, 6 Apr 2019 14:28:22 +0100 Samuel Henrique wrote:
> Control: tags -1 patch
>
> Fix available on https://salsa.debian.org/samueloph/acme-tiny
>
> Discussion about the epoch bump:
> https://lists.debian.org/debian-devel/2019/04/msg00052.html
>
> --
> Samuel Henrique
Hi Samuel,
I have
Greetings, Andreas,
thank you for your message. Sorry for the late answer, I was abroad with no
easy internet connectivity.
On Mon, May 06, 2019 at 07:52:24AM +0200, Andreas Tille wrote:
Hi Filippo,
as far as I understood Debian Release team your last fix is not accepted
for Buster. Do you
Your message dated Thu, 9 May 2019 18:58:05 +0200
with message-id <7d54e29b-a30b-ae4c-a61e-2bc852037...@debian.org>
and subject line Re: underlinked clang libraries on armel cause build failures
has caused the Debian Bug report #926772,
regarding underlinked clang libraries on armel cause build
Cited from upstream For a native x86_64 build, you need to REMOVE {{-fPIE}}
from the CFLAGS and {{-fPIE -pie}} from LDFLAGS.
Seems dpkg-buildflags are passed that arguments to build processs in 64bits
amd64,
due in i386 builds compiles fine!
Lenz McKAY Gerardo (PICCORO)
Le 09/05/2019 à 16:34, Kim-Alexander Brodowski a écrit :
> Sorry for the late response. It's been a couple of busy days.
>
> I'll test the changes on monday, but it looks good at first glance.
Thanks, we are going to test here too. I filed also a
pre-approval-unblock to ask if I can add a
Your message dated Thu, 09 May 2019 15:03:51 +
with message-id
and subject line Bug#928304: fixed in groonga 9.0.1-2
has caused the Debian Bug report #928304,
regarding groonga-httpd: Privilege escalation due to insecure use of logrotate
(CVE-2019-11675)
to be marked as done.
This means
Sorry for the late response. It's been a couple of busy days.
I'll test the changes on monday, but it looks good at first glance.
Hi,
On Wed, 8 May 2019 20:32:53 +0200 Salvatore Bonaccorso
wrote:
> Hi,
>
> [please always include team@security.d.o as so any team member can
> reply]
>
I've got it, thanks.
> On Wed, May 08, 2019 at 12:03:49PM +0900, Hideki Yamane wrote:
> > Hi Salvatore,
> >
> > Can you follow his
Source: asterisk
Version: 1:16.2.1~dfsg-1
Severity: grave
lasted source fails to buil din common local install with error:
/usr/bin/ld: res_pjsip_session.o: relocation R_X86_64_PC32 against
symbol `ast_sip_session_media_state_reset' can not be used when making
a shared object; recompile with
Le 09/05/2019 à 15:34, Anthony Prades a écrit :
> Sieve patch added to master branch on salsa.
>
> For needed upgrade steps commit
> (https://salsa.debian.org/debian/cyrus-imapd/commit/e76b566f92d7153a053f7e03f7c406e64970cb3e),
> if you're agree, I'll merge it, upgrade changelog...
> But I'm not
Sieve patch added to master branch on salsa.
For needed upgrade steps commit
(https://salsa.debian.org/debian/cyrus-imapd/commit/e76b566f92d7153a053f7e03f7c406e64970cb3e),
if you're agree, I'll merge it, upgrade changelog...
But I'm not sure if it's ok to do like this in postinst...
Anthony
On
Le 09/05/2019 à 15:13, Anthony Prades a écrit :
> Hi,
>
> I'll add this patch. We use it in production and it works fine.
>
> For upgrade steps, what do you think about:
> https://salsa.debian.org/debian/cyrus-imapd/commit/e76b566f92d7153a053f7e03f7c406e64970cb3e
>
> Anthony
Thanks, that's
Le 09/05/2019 à 15:10, Ondřej Surý a écrit :
> Xavier,
>
> feel free to ask for membership in salsa and add yourself to Uploaders and do
> the upload.
>
> I haven’t used cyrus-imapd in years, so I am maintaining it just out of
> inertia and because nobody stepped up until now. So thank you
Hi,
I'll add this patch. We use it in production and it works fine.
For upgrade steps, what do you think about:
https://salsa.debian.org/debian/cyrus-imapd/commit/e76b566f92d7153a053f7e03f7c406e64970cb3e
Anthony
On 5/9/19 2:46 PM, Xavier wrote:
> Le 09/05/2019 à 10:52, Xavier a écrit :
>>
>>
Xavier,
feel free to ask for membership in salsa and add yourself to Uploaders and do
the upload.
I haven’t used cyrus-imapd in years, so I am maintaining it just out of inertia
and because nobody stepped up until now. So thank you very mich for caring.
Ondrej
--
Ondřej Surý
> On 9 May
Le 09/05/2019 à 10:52, Xavier a écrit :
>
>
> Le 09/05/2019 à 10:13, Ondřej Surý a écrit :
>> Hi Xavier,
>>
>> yes, the comaintainers are really sought.
>>
>> The emails here should reset the autoremoval status, so if you have time to
>> fix this bug, it doesn’t need to be downgraded, just
On Thu, 09 May 2019, Peter Palfrader wrote:
> I plan to revert the -5 change from this bug which has also been
> reverted in the stretch upload.
uploaded to delayed 5.
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
I plan to revert the -5 change from this bug which has also been
reverted in the stretch upload.
It seems to be unnecessary.
diff -Nur postgrey-1.36-5/debian/changelog postgrey-1.36-5.1/debian/changelog
--- postgrey-1.36-5/debian/changelog2017-11-25 11:18:01.0 +0100
+++
On Thu, May 09, 2019 at 11:40:24AM +, Holger Levsen wrote:
> On Thu, May 09, 2019 at 12:56:18PM +0200, Santiago Vila wrote:
> > Hello Holger. I'd like to work on this issue.
> >
> > My plan is to change "exit 1" to "exit 0" (as proposed) in both
> > stretch and buster. If that's not enough I
On Thu, May 09, 2019 at 12:56:18PM +0200, Santiago Vila wrote:
> Hello Holger. I'd like to work on this issue.
>
> My plan is to change "exit 1" to "exit 0" (as proposed) in both
> stretch and buster. If that's not enough I will also add a
> Breaks: debian-security-support (<= 2019.02.02~deb9u1)
So,
since this bug has been reopened without comments, here's what appears
to be the status:
currently stretch has 1.36-3+deb9u2 and sid has 1.36-5.
According to the changelog, stretch get a patch in -3+deb9u1 which was
reverted in -3+deb9u2.
sid got that patch in -5, no revert.
--
Peter
On Wed, May 08, 2019 at 06:45:05PM +, Holger Levsen wrote:
> On Wed, May 08, 2019 at 02:06:20PM -0400, Gabriel Filion wrote:
> > so in order to unblock things one might want to run:
> >
> > apt purge debian-security-support
> > apt update && apt upgrade
> > apt install debian-security-support
Processing commands for cont...@bugs.debian.org:
> severity 928689 important
Bug #928689 [initramfs-tools] initramfs-tools: Fails with "cp: failed to access
'/var/tmp/mkinitramfs_URATxd//usr/bin/touch': Too many levels of symbolic links"
Severity set to 'important' from 'serious'
> thanks
Le 09/05/2019 à 10:13, Ondřej Surý a écrit :
> Hi Xavier,
>
> yes, the comaintainers are really sought.
>
> The emails here should reset the autoremoval status, so if you have time to
> fix this bug, it doesn’t need to be downgraded, just fixed...
>
> Ondrej
> --
> Ondřej Surý
>
Hi Xavier,
yes, the comaintainers are really sought.
The emails here should reset the autoremoval status, so if you have time to fix
this bug, it doesn’t need to be downgraded, just fixed...
Ondrej
--
Ondřej Surý
ond...@sury.org
> On 9 May 2019, at 15:04, Xavier wrote:
>
> Le 09/05/2019 à
Le 09/05/2019 à 06:37, Xavier a écrit :
> Hi all,
>
> I'm afraid to see that Cyrus-Imapd is going to be out of Buster. Sorry,
> I can't help here, but can this bug be considered as "important" instead
> of "serious" to avoid expel?
>
> Cheers,
> Xavier
Hi all,
I just saw that Cyrus-Imapd is
Processing commands for cont...@bugs.debian.org:
> tags 926872 + fixed-upstream
Bug #926872 [libwebkit2gtk-4.0-37] evolution: Spaces in mail view disappeared
with recent updates
Bug #928399 [libwebkit2gtk-4.0-37] libwebkit2gtk-4.0-37: White spaces are
always skipped in redinering of text
37 matches
Mail list logo
