Just FYI - I think that the whole problem can be avoided by merging this patch
https://github.com/P-H-C/phc-winner-argon2/pull/331
(we have the patch applied in cryptsetup for embedded libargon already).
Just upstream is no longer responding here...
Milan
Your message dated Wed, 08 Mar 2023 05:34:12 +
with message-id
and subject line Bug#1032420: fixed in libtpms 0.9.2-3.1
has caused the Debian Bug report #1032420,
regarding libtpms: CVE-2023-1017 CVE-2023-1018
to be marked as done.
This means that you claim that the problem has been dealt wit
Hi Seunghun,
On Wed, Mar 08, 2023 at 10:39:07AM +0900, Seunghun Han wrote:
> Dear Salvatore,
>
> I appreciate your work. Please don't delay it and go through the
> process. I'm currently on an urgent project, so I have to do it for a
> while.
Thank you for the quick response and the quick follow
Your message dated Wed, 08 Mar 2023 03:19:22 +
with message-id
and subject line Bug#1032476: fixed in apache2 2.4.56-1
has caused the Debian Bug report #1032476,
regarding apache2: CVE-2023-25690 CVE-2023-27522
to be marked as done.
This means that you claim that the problem has been dealt wi
Processing control commands:
> tag -1 pending
Bug #1032476 [src:apache2] apache2: CVE-2023-25690 CVE-2023-27522
Added tag(s) pending.
--
1032476: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tag -1 pending
Hello,
Bug #1032476 in apache2 reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/apache-team/apache2/-/commit/9c806d791108319cc4c8efab5576
Hey Guilhem.
Is it possible that your fix doesn't work on not-yet-usr-merged
systems?
I get here:
$ env --unset=LD_PRELOAD ldd /sbin/cryptsetup | sed -nr
'/.*=>\s*(\S+)\/libargon2\.so\..*/ {s//\1/p;q}'
/usr/lib/x86_64-linux-gnu
but:
$ dpkg -L libgcc-s1
/lib/x86_64-linux-gnu
/lib/x86_64-linux-
Control: tag -1 pending
Hello,
Bug #1026566 in elasticsearch-curator reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/packages/elasticsearch-curator/
Processing control commands:
> tag -1 pending
Bug #1026566 [src:elasticsearch-curator] elasticsearch-curator: FTBFS:
TypeError: load() missing 1 required positional argument: 'Loader'
Bug #1022015 [src:elasticsearch-curator] elasticsearch-curator: Uses deprecated
yaml.load
Ignoring request to al
Dear Salvatore,
I appreciate your work. Please don't delay it and go through the
process. I'm currently on an urgent project, so I have to do it for a
while.
Best regards,
Seunghun
On Wed, Mar 8, 2023 at 6:45 AM Salvatore Bonaccorso wrote:
>
> Control: tags 1032420 + patch
> Control: tags 1032
On Fri, Mar 03, 2023 at 05:46:15PM +, Simon McVittie wrote:
> I've cut down what I think is the root cause of this compile failure to
> a more minimal bug report: see #1032317.
That's super helpful, thanks :) Spoiler alert: I have a suspicion on the
root cause, I'll follow up there.
> I don't
No go for it, thanks.
On Fri, 3 Mar 2023 at 07:27, Adrian Bunk wrote:
> Control: tags 1028454 + patch
> Control: tags 1028454 + pending
>
> Dear maintainer,
>
> I've prepared an NMU for nsscache (versioned as 0.42-2.1) and uploaded
> it to DELAYED/7. Please feel free to tell me if I should cance
Package: opendrop
Version: 3.3.1-4
Severity: grave
Tags: patch upstream
Justification: renders package unusable
debian patch sundials_nvector_API6.patch enabled opendrop to build
against sundials 6.
Nevertheless it still fails when attempting to analysis interfacial
tension measurements:
[ARKOD
Hi Adrian (2023.03.07_10:09:35_+)
> Creating an own debhelper addon similar to dh_numpy3 would work for
> automatically creating such dependencies, but is there any way for
> python3-protobuf to inject such versioned runtime dependencies into
> python3:Depends that does not require every rdep
Your message dated Tue, 07 Mar 2023 22:23:51 +
with message-id
and subject line Bug#919234: fixed in freeradius 3.2.1+dfsg-2
has caused the Debian Bug report #919234,
regarding ttls fails with tls 1.3, enabled by default
to be marked as done.
This means that you claim that the problem has bee
Processing control commands:
> tags -1 + pending
Bug #919234 [freeradius] ttls fails with tls 1.3, enabled by default
Added tag(s) pending.
--
919234: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919234
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + pending
Hi Fabio,
Am 07.03.23 um 17:00 schrieb Fabio PEDRETTI:
Hi, 3.2.1 currently in testing fixed most issues, however there is
still an issue preventing freeradius working with TLS 1.3.
The issue was reported upstream at:
https://github.com/FreeRADIUS/freeradius-server/is
Your message dated Tue, 07 Mar 2023 21:49:26 +
with message-id
and subject line Bug#1030464: fixed in aiomysql 0.1.1-2
has caused the Debian Bug report #1030464,
regarding aiomysql: FTBFS:
pkg_resources.extern.packaging.version.InvalidVersion: Invalid version:
'unknown'
to be marked as done.
Processing control commands:
> tags 1032420 + patch
Bug #1032420 [src:libtpms] libtpms: CVE-2023-1017 CVE-2023-1018
Added tag(s) patch.
> tags 1032420 + pending
Bug #1032420 [src:libtpms] libtpms: CVE-2023-1017 CVE-2023-1018
Added tag(s) pending.
--
1032420: https://bugs.debian.org/cgi-bin/bugre
Control: tags 1032420 + patch
Control: tags 1032420 + pending
Dear maintainer,
I've prepared an NMU for libtpms (versioned as 0.9.2-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Additionally the changes can be fetches as MR on salsa:
https://salsa.d
close 1032479 1.1.4-1
thanks
Processing commands for cont...@bugs.debian.org:
> close 1032479 1.1.4-1
Bug #1032479 [src:libmemcached] libmemcached: CVE-2023-27478
Ignoring request to alter fixed versions of bug #1032479 to the same values
previously set
Bug #1032479 [src:libmemcached] libmemcached: CVE-2023-27478
Marked Bug
Source: libmemcached
Version: 1.1.3-3
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: fixed -1 1.1.4-1
Hi,
The following vulnerability was published for libmemcached. It is
fixed with the recent upload 1.1.4-1 to unstable already. But the fi
Processing control commands:
> fixed -1 1.1.4-1
Bug #1032479 [src:libmemcached] libmemcached: CVE-2023-27478
Marked as fixed in versions libmemcached/1.1.4-1.
--
1032479: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032479
Debian Bug Tracking System
Contact ow...@bugs.debian.org with probl
Processing control commands:
> tag -1 pending
Bug #1030464 [src:aiomysql] aiomysql: FTBFS:
pkg_resources.extern.packaging.version.InvalidVersion: Invalid version:
'unknown'
Added tag(s) pending.
--
1030464: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030464
Debian Bug Tracking System
Co
Control: tag -1 pending
Hello,
Bug #1030464 in aiomysql reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/packages/aiomysql/-/commit/d9f982e4a335593bc
Hi s3v,
On Fri, 17 Feb 2023 18:27:11 +0100 s3v wrote:
> After adding python3-setuptools-scm to build depends, I was able to
> build your package in a sid chroot environment.
Thank you for the hint, I'm looking at implementing your
suggestion in the package.
> dpkg-source: info: local changes de
Source: apache2
Version: 2.4.55-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerabilities were published for apache2.
CVE-2023-25690[0]:
| Some mod_proxy configurations on Apache HTTP Server versions 2.4.0
| through 2.4.55
Your message dated Tue, 07 Mar 2023 20:11:49 +0100
with message-id <87y1o8fkay@turtle.gmx.de>
and subject line Re: Bug#1031626: marked as done (gdb-doc: Keep new version out
of testing until gdb migrates)
has caused the Debian Bug report #1031626,
regarding gdb-doc: Keep new version out of tes
Processing control commands:
> tags -1 fixed-upstream
Bug #1032163 [src:sudo] sudo: CVE-2023-27320
Added tag(s) fixed-upstream.
--
1032163: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032163
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 fixed-upstream
X-Debbugs-Cc: s...@packages.debian.org
It has already been resolved by upstream.
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
This issue does not affect bullseye (see
https://security-tracker.debian.org/tracker/CVE-2023-27320). Just
test
On 2023-03-07 15:59:40, Steve McIntyre wrote:
> On Tue, Mar 07, 2023 at 10:39:04AM -0500, Antoine Beaupré wrote:
>>On 2023-02-26 19:15:39, anar...@debian.org wrote:
>>> Control: tags 987008 + pending
>>>
>>> Dear maintainer,
>>>
>>> I've prepared an NMU for grub2 (versioned as 2.06-8.1) and
>>> upl
Processing commands for cont...@bugs.debian.org:
> tags 1026566 + pending
Bug #1026566 [src:elasticsearch-curator] elasticsearch-curator: FTBFS:
TypeError: load() missing 1 required positional argument: 'Loader'
Bug #1022015 [src:elasticsearch-curator] elasticsearch-curator: Uses deprecated
yaml
On Tue, Mar 07, 2023 at 10:39:04AM -0500, Antoine Beaupré wrote:
>On 2023-02-26 19:15:39, anar...@debian.org wrote:
>> Control: tags 987008 + pending
>>
>> Dear maintainer,
>>
>> I've prepared an NMU for grub2 (versioned as 2.06-8.1) and
>> uploaded it to DELAYED/2. Please feel free to tell me if I
Hi, 3.2.1 currently in testing fixed most issues, however there is
still an issue preventing freeradius working with TLS 1.3.
The issue was reported upstream at:
https://github.com/FreeRADIUS/freeradius-server/issues/4878
and the commit fixing it is:
https://github.com/FreeRADIUS/freeradius-server
Package: file-roller
Version: 43.0-1
Severity: grave
Justification: renders package unusable
On some machine where file-roller is installed, when I want to open
https://cpan.metacpan.org/authors/id/S/SI/SISYPHUS/Math-MPFR-4.25.tar.gz
from Firefox, Firefox proposes to open the file with "Archive Ma
Processing commands for cont...@bugs.debian.org:
> severity 919234 serious
Bug #919234 [freeradius] ttls fails with tls 1.3, enabled by default
Severity set to 'serious' from 'important'
> forwarded 919234 https://github.com/FreeRADIUS/freeradius-server/issues/4878
Bug #919234 [freeradius] ttls fa
On 2023-02-26 19:15:39, anar...@debian.org wrote:
> Control: tags 987008 + pending
>
> Dear maintainer,
>
> I've prepared an NMU for grub2 (versioned as 2.06-8.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Note that the package was uploaded to *ex
Your message dated Tue, 07 Mar 2023 14:34:15 +
with message-id
and subject line Bug#1016958: fixed in epics-base 7.0.3.1-4
has caused the Debian Bug report #1016958,
regarding epics-base: FTBFS without network access
to be marked as done.
This means that you claim that the problem has been de
Processing commands for cont...@bugs.debian.org:
> block 1023666 by 1016280
Bug #1023666 [gcc-10] gcc-10 should not be shipped in bookworm
1023666 was blocked by: 1023687 1023674 1023679 1022180 1023678 1022184 1023684
1023682 1023677 1023671 1023681 1022181
1023666 was not blocking any bugs.
Add
Processing commands for cont...@bugs.debian.org:
> fixed 1031576 1.3.239.0-1
Bug #1031576 [src:vulkan-validationlayers] vulkan-validationlayers: FTBFS in
testing: vk_sdk_platform.h:27:2: error: #warning "vk_sdk_platform.h is
deprecated and will be removed in future release! Use
VK_SDK_PLATFORM_
Your message dated Tue, 07 Mar 2023 13:04:40 +
with message-id
and subject line Bug#1032444: fixed in plastex 2.1-4
has caused the Debian Bug report #1032444,
regarding plastex: FTBFS: tests fail with Jinja2 3.1
to be marked as done.
This means that you claim that the problem has been dealt w
On Tue, 28 Feb 2023 15:20:51 + James Addison wrote:
Bug #1004184 implies that gcc-11 cannot build correct mips64 code for a key
Debian package (source: matplotlib) without buildflag adjustments. However,
gcc-10 does emit correct code for the same package and architecture.
Should that be co
Your message dated Tue, 07 Mar 2023 12:04:26 +
with message-id
and subject line Bug#1016443: fixed in gpac 2.0.0+dfsg1-4
has caused the Debian Bug report #1016443,
regarding gpac: CVE-2022-29339 CVE-2022-29340 CVE-2022-29537 CVE-2022-30976
CVE-2022-1035 CVE-2022-1172 CVE-2022-1222 CVE-2022-14
Processing commands for cont...@bugs.debian.org:
> retitle 1023624 RM: pytoml -- RoQA; obsoleted by upstream; alternatives exist
Bug #1023624 [src:pytoml] RM: pytoml -- ROM; obsoleted by upstream;
alternatives exist
Changed Bug title to 'RM: pytoml -- RoQA; obsoleted by upstream; alternatives
ex
Hi,
the problem in #1031716/#1028371 is as follows:
1. python3-protobuf and protobuf-compiler are both built from
src:protobuf
2. packages using python3-protobuf (e.g. python3-bernhard) ship files
that were generated with protobuf-compiler during their build
(e.g. /usr/lib/python3/dist
46 matches
Mail list logo
