Hi Craig,
On Sat, Apr 17, 2021 at 08:32:35AM +1000, Craig Small wrote:
> Should CVE-2021-29447 [1] be also listed against this bug? I'll be putting
> it in the changelog.
I choosed to explicitly cover only CVE-2021-29450 with this bug
because CVE-2021-29447 while fixed as well with 5.7.1, is only
Hi,
I realised that on one hand there is a patch for this package but no
according upload and on the other hand there is the option that the
package can be removed without affecting other packages.
Any progress on this?
Kind regards
Andreas.
--
http://fam-tille.de
Your message dated Sat, 17 Apr 2021 02:18:43 +
with message-id
and subject line Bug#974552: fixed in libxcrypt 1:4.4.18-3
has caused the Debian Bug report #974552,
regarding upgrade-reports: libc6/libcrypt split breaks perl during
buster->bullseye upgrade
to be marked as done.
This means tha
Your message dated Sat, 17 Apr 2021 02:18:43 +
with message-id
and subject line Bug#953562: fixed in libxcrypt 1:4.4.18-3
has caused the Debian Bug report #953562,
regarding libcrypt1 should ship file in /usr, Replaces is useless
to be marked as done.
This means that you claim that the proble
Your message dated Fri, 16 Apr 2021 23:18:43 +
with message-id
and subject line Bug#987065: fixed in wordpress 5.7.1+dfsg1-1
has caused the Debian Bug report #987065,
regarding wordpress: CVE-2021-29450: Authenticated disclosure of
password-protected posts and pages
to be marked as done.
Thi
Control: tag -1 pending
Hello,
Bug #987065 in SOURCENAME reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/debian/wordpress/-/commit/482426d90c4065cbb6c2f9cac342b
Processing control commands:
> tag -1 pending
Bug #987065 [src:wordpress] wordpress: CVE-2021-29450: Authenticated disclosure
of password-protected posts and pages
Added tag(s) pending.
--
987065: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987065
Debian Bug Tracking System
Contact ow...@
Should CVE-2021-29447 [1] be also listed against this bug? I'll be putting
it in the changelog.
How good is it when WordPress raise their own CVEs! One glorious day they
will put them in their announcements too.
1:
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-
Your message dated Fri, 16 Apr 2021 21:49:03 +
with message-id
and subject line Bug#986592: fixed in kaptive 0.7.3-3
has caused the Debian Bug report #986592,
regarding kleborate: flaky arm64 autopkgtest: Mutex is not owned by current
thread
to be marked as done.
This means that you claim th
Source: wordpress
Version: 5.7+dfsg1-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 5.0.11+dfsg1-0+deb10u1
Hi,
The following vulnerability was published for wordpress.
CVE-2021-29450[0]:
| Wordp
Processing control commands:
> found -1 5.0.11+dfsg1-0+deb10u1
Bug #987065 [src:wordpress] wordpress: CVE-2021-29450: Authenticated disclosure
of password-protected posts and pages
Marked as found in versions wordpress/5.0.11+dfsg1-0+deb10u1.
--
987065: https://bugs.debian.org/cgi-bin/bugreport
Package: kcov
Version: 38+dfsg-1
Followup-For: Bug #964654
Dear Maintainer,
Just in case merge notifications don't get to you from salsa, I thought I'd add
a note here too (I hope that's OK -- I missed a couple of such notifications
myself, hence the concern).
I just created this:
https://sal
Processing commands for cont...@bugs.debian.org:
> found 986085 5.6.1+dfsg1-1
Bug #986085 [wordpress-theme-twentytwentyone] wordpress-theme-twentytwentyone:
broken symlink /var/lib/wordpress/wp-content/themes/twentytwentytwentyone ->
/usr/share/wordpress/wp-content/themes/twentytwentytwentyone
M
Processing commands for cont...@bugs.debian.org:
> found 986974 14.2.16-2
Bug #986974 [src:ceph] ceph: CVE-2021-20288
Marked as found in versions ceph/14.2.16-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
986974: https://bugs.debian.org/cgi-bin/bugreport.cgi?
Processing commands for cont...@bugs.debian.org:
> found 986339 0+git20181215-2
Bug #986339 [universal-ctags] universal-ctags: prerm fails on upgrades
Marked as found in versions universal-ctags/0+git20181215-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
9863
Processing control commands:
> reassign -1 libwaffle-dev 1.6.3-1
Bug #986517 [src:piglit] piglit: FTBFS:
./obj-x86_64-linux-gnu/CMakeFiles/CMakeTmp/./obj-x86_64-linux-gnu/CMakeFiles/CMakeTmp/src.c:11:
undefined reference to `pthread_create'
Bug reassigned from package 'src:piglit' to 'libwaffle-
Control: reassign -1 libwaffle-dev 1.6.3-1
Control: retitle -1 libwaffle-dev: Missing dependency on libudev-dev
Control: affects -1 src:piglit
...
-- Checking for module 'waffle-1'
-- Package 'libudev', required by 'waffle-1', not found
CMake Error at /usr/share/cmake-3.18/Modules/FindPkgConfig.
Your message dated Fri, 16 Apr 2021 19:26:13 +0100
with message-id
and subject line Fixed in 0.101-1
has caused the Debian Bug report #986510,
regarding lintian-brush: FTBFS: dh_auto_test: error: pybuild --test -i
python{version} -p 3.9 returned exit code 13
to be marked as done.
This means that
On Fri, Apr 16, 2021 at 09:24:38AM +0200, Andreas Tille wrote:
> I've got a testing-removal warning for routine-update due this bug. I
> know you are usually very prompt in replying to issues thus I'm simply
> wondering whether you might have missed this bug report. I personally
> have never dive
Processing commands for cont...@bugs.debian.org:
> found 986436 2.3.1-1
Bug #986436 [node-tldjs] node-tldjs: modifies shipped files:
/usr/lib/nodejs/tldjs/rules.json
Marked as found in versions tldjs/2.3.1-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
986436
Processing commands for cont...@bugs.debian.org:
> forwarded 985947
> https://github.com/varnish/varnish-modules/commit/2c120e576ebb73bc247790184702ba58dc0afc39
Bug #985947 [varnish-modules] CVE-2021-28543
Set Bug forwarded-to-address to
'https://github.com/varnish/varnish-modules/commit/2c120e5
Am 16.04.21 um 14:25 schrieb Bastian Germann:
The issue is fixed in 2021.04 (experimental) which has the same default
environment as 2021.01.
The upstream commit that fixed this is
https://github.com/u-boot/u-boot/commit/82d01f04facef1276cede067efd02d2a731ffe83
It applies cleanly on 2021.01+d
st by interrupting the boot to get
to a u-boot shell, and typing "setenv boot_targets scsi0", it worked
fine with 2021.01 (e.g. it didn't hit the bootefi codepath) as well.
Booting the debian-installer image from
https://d-i.debian.org/daily-images/armhf/20210416-00:15/netboot/SD-c
Processing control commands:
> tag -1 patch
Bug #984862 [iptables-netflow-dkms] iptables-netflow-dkms: module wants to
build with gcc instead of kernel's compiler
Added tag(s) patch.
> severity -1 serious
Bug #984862 [iptables-netflow-dkms] iptables-netflow-dkms: module wants to
build with gcc i
Andreas Tille writes:
> Do you have any idea why your means to fix this issue were not
> successfully?
Ah, yeah, a closer look indicates that the code I patched takes effect
only for *silent* crashes, whereas these were fatal exceptions
accompanied by error messages. I'll look into broadening t
On Wed, 10 Feb 2021 09:37:01 +0100 Ivo De Decker wrote:
On Mon, Jan 04, 2021 at 08:27:51PM -0800, Vagrant Cascadian wrote:
> >> I'll test on a few of my systems to see if I can reproduce the issue.
> >
> > I can confirm similar behavior on a pinebook, although the kernel does
> > boot and actual
Your message dated Fri, 16 Apr 2021 11:48:39 +
with message-id
and subject line Bug#986727: fixed in pexpect 4.8.0-2
has caused the Debian Bug report #986727,
regarding pexpect: flaky autopkgtest
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
On Mon, 12 Apr 2021 12:05:29 +0200 Moritz Muehlenhoff
wrote:
>
https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
>
> Why is there a separate package duplicating rexml from src:ruby2.7
in bullseye?
I think the separate package was introduced by
Processing commands for cont...@bugs.debian.org:
> found 985864 1:15.0.0-1
Bug #985864 [trove-common] trove-common: fails to install: install: cannot stat
'/usr/share/trove-common/trove-guestagent.conf': No such file or directory
Marked as found in versions openstack-trove/1:15.0.0-1.
> found 986
...apparently the fix was accidentally not included in the 0.3.14
release, see
https://github.com/xianyi/OpenBLAS/issues/2715
for more information.
Thank you
Thomas
On 15/04/2021 01.47, Hubert Chathi wrote:
Upstream has a patch that should remove the affected code, so I think
that I will try to merge that in instead. If that doesn't work, then I
will apply your patch.
Looks like a better solution than using g++-9.
You should apply the patch to 0.8.0-1 an
Hi Aaron,
On Sun, Apr 11, 2021 at 08:57:05PM +0200, Paul Gevers wrote:
> Control: reopen -1
>
> On 10-04-2021 00:21, Debian Bug Tracking System wrote:
> > which was filed against the kaptive package:
> >
> > #986592: kleborate: flaky arm64 autopkgtest: Mutex is not owned by current
> > thread
>
Hi Jelmer,
I've got a testing-removal warning for routine-update due this bug. I
know you are usually very prompt in replying to issues thus I'm simply
wondering whether you might have missed this bug report. I personally
have never dived into lintian-brush but if you give some signal that you
a
Your message dated Fri, 16 Apr 2021 07:03:28 +
with message-id
and subject line Bug#986799: fixed in libtpms 0.8.2-1
has caused the Debian Bug report #986799,
regarding CVE-2021-3446
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case
34 matches
Mail list logo
