Bug#1004682: src:pure-ftpd: fails to migrate to testing for too long: uploader built arch:all binaries

On 31/01/2022 19:39, Paul Gevers wrote: Source: pure-ftpd Version: 1.0.49-4.1 Severity: serious Control: close -1 1.0.50-2 Tags: sid bookworm pending User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), The Release Team considers packages that are out-of-sync b

Bug#943874: pure-ftpd: pure-ftp error on upgrade

On 1/18/21 11:55 PM, Andreas Beckmann wrote: > Followup-For: Bug #943874 > Control: tag -1 patch pending > > Hi, > > I'm attaching a patch that tries to clean up the docdir symlink mess. > The package is already uploaded to DELAYED/5. > > > Andreas > Thanks a lot for your fixes! Regards

Bug#961491: CVE-2020-10936: Security flaws in setuid wrappers

On 12/7/20 10:52 AM, Sylvain Beucler wrote: > Hi, > > On Sat, 10 Oct 2020 09:45:42 +0300 "Stefan Hornburg (Racke)" > wrote: >> On 10/7/20 3:03 PM, Sylvain Beucler wrote: >> > I noticed this local root escalation yesterday and I'm working on a &g

Bug#961491: fixed in sympa 6.2.40~dfsg-5

On 10/7/20 3:03 PM, Sylvain Beucler wrote: > Hi, > > I noticed this local root escalation yesterday and I'm working on a > Stretch LTS update. > See also https://salsa.debian.org/sympa-team/sympa/-/merge_requests/1 > > Are there plans to update buster? > > Cheers! > Sylvain > Hello Sylvain, t

Bug#961491: CVE-2020-10936: Security flaws in setuid wrappers

package: sympa severity: critical tags: upstream security patch Security advisory: https://sympa-community.github.io/security/2020-002.html Excerpt: --snip-- A vulnerability has been discovered in Sympa web interface by which attacker can execute arbitrary code with root privileges. Sympa uses

Bug#952428: Security flaws in CSRF prevention

package: sympa severity: critical version: 6.2.40~dfsg-3 tags: patch A vulnerability has been discovered in Sympa web interface that can cause denial of service (DoS) attack. By submitting requests with malformed parameters, this flaw allows to create junk files in Sympa's directory for temporary

Bug#940505: pure-ftpd: TLS 1.3 support broken

On 9/16/19 3:53 PM, Thomas Deutschmann wrote: > Source: pure-ftpd > Severity: grave > Justification: causes non-serious data loss > > Dear Maintainer, > > please consider disabling TLS 1.3 support. > > While you added TLS 1.3 compatibility through bug 918630, this uncovered > a grave bug in pure

Bug#671644: Login problem confirmed

Hello Daniel, sorry for the very, very late answer to your bug report. This problem still exists in current Sympa and I actually suspect that you are correct and this a problem with Cookie handling. It actually results in *changing* the current password. Regards Racke -- Ecommerce an

Bug#909383: Patch to skip install for Xemacs21

Hello, attached is a patch to skip install of python-mode for Xemacs21. Regards Racke -- Ecommerce and Linux consulting + Perl and web application programming. Debian and Sympa administration. Provisioning with Ansible. --- python-mode-6.2.3/debian/emacsen-install 2017-01-17 22:33:55.00

Bug#909383: xemacs21 stale

I think the main problem is that xemacs21 is quite stale, latest upstream release dating back to 2013. Thus it doesn't support (string-to-syntax) Regards Racke -- Ecommerce and Linux consulting + Perl and web application programming. Debian and Sympa administration. Provisioning

Bug#909383: Fails to install

This even happens on a normal system - looks like it enters an infinite loop: Loading 50w3m-el... Loading 20apel... Loading 50flim... Loading 50w3m-el... Loading 20apel... Loading 50flim... Loading 50w3m-el... Loading 20apel... Loading 50flim... Loading 50w3m-el... Loading 20apel... Loading 50flim

Bug#877173: Critical Errors in 6.2.20 Release

Package: sympa Version: 6.2.20~dfsg-2 Severity: serious upgrade_send_spool.pl could leave some messages not upgraded [diff] "sympa.pl --change_user_email" was broken GH #65 Next release is planned for 1st of October. Regards Racke -- Ecommerce and Linux consulting + Perl and

Bug#863631: Also affects sympa: trashes configuration on update without asking

On 07/05/2017 10:42 PM, Daniel Gnoutcheff wrote: > Control: found -1 6.1.23~dfsg-2+deb8u1 > > I've experienced this on jessie as well when upgrading from > 6.1.23~dfsg-2 to 6.1.23~dfsg-2+deb8u1 for the 8.7 point release. > > The listmaster directive in /etc/sympa/sympa.conf got clobbered, locking

Bug#868720: sympa FTBFS: configure: error: invalid value /usr/sbin/newaliases for newaliases command

On 07/18/2017 01:02 AM, Adrian Bunk wrote: > Source: sympa > Version: 6.2.16~dfsg-4 > Severity: serious > > https://buildd.debian.org/status/package.php?p=sympa&suite=sid > > ... > checking for pod2man... /usr/bin/pod2man > checking for makemap... /usr/bin/makemap > checking user-supplied newalia

Bug#864546: sympa: shipped file missing after upgrade from jessie to stretch: /etc/sympa/sympa.conf-smime.in

ase use > dpkg-maintscript-helper rm_conffile > to remove it properly (also from dpkg's database). > > > cheers, > > Andreas > Patch attached. Regards Racke -- Ecommerce and Linux consulting + Perl and web application programming. Debian and Sympa administr

Bug#864546: sympa: shipped file missing after upgrade from jessie to stretch: /etc/sympa/sympa.conf-smime.in

On 06/10/2017 03:06 PM, Stefan Hornburg (Racke) wrote: > On 06/10/2017 02:02 PM, Andreas Beckmann wrote: >> Package: sympa >> Version: 6.2.16~dfsg-3 >> Severity: serious >> User: debian...@lists.debian.org >> Usertags: piuparts >> >> Hi, >> &g

Bug#864546: sympa: shipped file missing after upgrade from jessie to stretch: /etc/sympa/sympa.conf-smime.in

On 06/10/2017 02:02 PM, Andreas Beckmann wrote: > Package: sympa > Version: 6.2.16~dfsg-3 > Severity: serious > User: debian...@lists.debian.org > Usertags: piuparts > > Hi, > > during a test with piuparts I noticed your package modifies conffiles. > This is forbidden by the policy, see > https:/

Bug#863701: sympa: insists that cookie has changed when it hasn't

On 05/30/2017 03:38 PM, Dominik George wrote: > Hi, > >> In this case the head command might not be in the path Sympa is seeing. >> Could you please test if >> `/usr/bin/head ...` works for you? > > Yes, it does. > > -nik > OK, thanks a lot. I'll adjust the default settings for the configurat

Bug#863701: sympa: insists that cookie has changed when it hasn't

On 05/30/2017 10:35 AM, Dominik George wrote: > Hi, > >> The configuration file is at /etc/sympa/sympa/sympa.conf for the Debian >> package, >> so this hasn't changed? > > Confirmed. > >> >> What are the permissions of the cookie file? > > 640 owned by sympa:sympa > > I have placed debugging p

Bug#863701: sympa: insists that cookie has changed when it hasn't

On 05/30/2017 09:37 AM, Dominik George wrote: > Package: sympa > Version: 6.2.16~dfsg-3 > Severity: grave > Justification: renders package unusable > > SYMPA suddenly refuses to start with: > > May 30 09:35:20 terra sympa_msg.pl[22389]: DIED: sympa.conf/cookie parameter > has changed. You may ha

Bug#848015: ciphersaber: diff for NMU version 1.01-2.1

On 04/04/2017 07:01 AM, Mattia Rizzolo wrote: > Control: tags 848015 + patch > Control: tags 848015 + pending > > Dear maintainer, > > I've prepared an NMU for ciphersaber (versioned as 1.01-2.1) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should delay it longer. > > Regar

Bug#829477: courier-mta: fails to install: Invalid command 'gendh'

On 07/03/2016 07:07 PM, Andreas Beckmann wrote: > Package: courier-mta > Version: 0.76.1-3+exp1 > Severity: serious > User: debian...@lists.debian.org > Usertags: piuparts > > Hi, > > during a test with piuparts I noticed your package failed to install. As > per definition of the release team thi

Bug#754538: sqwebmail fails to install due to non-existant /var/www directory

On 07/12/2014 10:12 AM, Willi Mann wrote: > Package: sqwebmail > Version: 0.73.1-1.2 > Severity: serious > Justification: fails to install > > Hi Racke, > > sqwebmail fails to install if the directory /var/www does not exist (which > apparently does not exist if nginx is installed as httpd-cgi):

Bug#741899: courier-maildrop: maildrop fails to deliver to virtual user reporting "Invalid user specified."

On 03/17/2014 03:25 AM, Thomas L Marshall wrote: > Package: courier-maildrop > Version: 0.73.1-1 > Severity: grave > Tags: d-i > Justification: renders package unusable > > Dear Maintainer, > > After upgrading to courier-maildrop_0.73.1-1_amd64.deb, my email server begin > bouncing messages with

Bug#741620: upgrade broke starttls?

severity 741620 grave thanks On 03/14/2014 04:38 PM, Joey Hess wrote: > Package: courier-imap-ssl > Version: 4.15-1 > Severity: normal > > Establishing connection to kitenet.net:143 > ERROR: While attempting to sync account 'joey' > command: CAPABILITY => socket error: - [Errno 1] > _ssl.c:

Bug#730086: courier-pop-ssl not able to upgrade: error

tags 730086 unreproducible severity 730086 important thanks On 11/21/2013 08:01 AM, Andreas Rittershofer wrote: > Package: courier-pop-ssl > Version: 0.68.2-1 > Severity: grave > Justification: renders package unusable > > Dear Maintainer, > >* What led up to the situation? > > apt-get upgr

Bug#741162: Install fails due to dangling symlink

Package: courier-pop-ssl Version: 0.73.1-0.1 Severity: grave Justification: renders package unusable It fails on a fresh install on my system: Setting up courier-pop-ssl (0.73.1-0.1) ... cp: not writing through dangling symlink ‘/usr/lib/courier/pop3d.pem’ dpkg: error processing package courier-p

Bug#730086: courier-pop-ssl not able to upgrade: error

On 11/21/2013 08:01 AM, Andreas Rittershofer wrote: > Package: courier-pop-ssl > Version: 0.68.2-1 > Severity: grave > Justification: renders package unusable > > Dear Maintainer, > >* What led up to the situation? > > apt-get upgrade > >* What was the outcome of this action? > > apt-g

Bug#730346: dh-make-drupal barfs on undefined method 'search'

package: dh-make-drupal version: 1.6-1 severity: grave racke@argus:~/build$ dh-make-drupal google_analytics /usr/bin/dh-make-drupal:695:in `fetch_data': undefined method `search' for nil:NilClass (NoMethodError) from /usr/bin/dh-make-drupal:747:in `for' from /usr/bin/dh-make-drupa

Bug#691485: Security vulnerabilities in RT

package: request-tracker3.8 severity: critical tags: security >From the RT mailing lists: We have determined a number of security vulnerabilities which affect both RT 3.8.x and RT 4.0.x. We are releasing RT versions 3.8.15 and 4.0.8, and RTFM version 2.4.5, to resolve these vulnerabilities, as w

Bug#691486: Security vulnerabilities in RT

package: request-tracker4 severity: critical tags: security >From the RT mailing lists: We have determined a number of security vulnerabilities which affect both RT 3.8.x and RT 4.0.x. We are releasing RT versions 3.8.15 and 4.0.8, and RTFM version 2.4.5, to resolve these vulnerabilities, as wel

Bug#642165: Observations

Hello, on my local machine it fails too in my sid /chroot. Building the package from my installed wheezy works fine. Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http://www.icdevgroup.org/ Interchange De

Bug#669146: courier-imap: Since last update (20' ago) I can't connect anymore

On 04/18/2012 11:40 AM, Alberto Serrano wrote: Hi Racke, We have been experiencing the same issue since upgrade to 0.67.0 (yesterday at 19:00 GMT+2 approx.). Imap server connections don't work properly anymore. In /var/log/syslog, the imap log entries stop after initial connection: Apr 18

Bug#669146: courier-imap: Since last update (20' ago) I can't connect anymore

On 04/18/2012 02:15 PM, Alberto Serrano wrote: Confirmed. After installing fam, the problem is solved: # apt-get install fam libfam0 So it was probably related to the recent upgrade of libgamin0 0.1.10-4. Thanks again, Alberto. PS: To those applying this workaround. Do not install only libfa

Bug#669146: courier-imap: Since last update (20' ago) I can't connect anymore

On 04/18/2012 01:25 PM, Jesse Molina wrote: Here an FYI of a problem I had recently. I doubt this is the same issue, but I'll write it up anyway for posterity. I had a similar issue about a week ago when I updated some courier related packages. The issue turned out to be some kind of problem

Bug#669146: courier-imap: Since last update (20' ago) I can't connect anymore

On 04/17/2012 08:50 PM, Jean-Yves Barbier wrote: Package: courier-imap Version: 4.10.0-1 Severity: grave Tags: upstream Justification: renders package unusable Dear Maintainer, * What led up to the situation? An update. * What exactly did you do (or not do) that was effective (or

Bug#669146: courier-imap: Since last update (20' ago) I can't connect anymore

On 04/17/2012 08:50 PM, Jean-Yves Barbier wrote: Package: courier-imap Version: 4.10.0-1 Severity: grave Tags: upstream Justification: renders package unusable Dear Maintainer, * What led up to the situation? An update. * What exactly did you do (or not do) that was effective (or

Bug#620396: dot-forward and courier-mta: error when trying to install together

On 04/01/2011 08:19 PM, Ralf Treinen wrote: Package: courier-mta,dot-forward Version: courier-mta/0.65.3-2 Version: dot-forward/1:0.71-1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2011-04-01 Architecture: amd64 Distribution: sid Hi, automatic installation te

Bug#617334: Squeeze is still vulnerable

On 09/01/2011 11:05 PM, Igor Sverkos wrote: Hi, please correct me, but the current Debian stable (squeeze) looks still vulnerable: root@squeeze /root # apt-show-versions pure-ftpd pure-ftpd/squeeze uptodate 1.0.28-3 Did you forget to create an update for the stable branch? That's tr

Bug#624848: Glob vulnerability in Pure-FTPd

package: pure-ftpd, pure-ftpd-mysql, pure-ftpd-postgresql severity: serious tag: security From the author on the Pure-FTPd mailinglist: --snip-- A new "0-day" multiple vendors vulnerability in the glob(3) function has been published. A command like STAT {..,..,..}/*/{..,..,..}/*/{..,..,..}/*/

Bug#622014: courier: FTBFS: libcouriertls.c:555: undefined reference to `SSLv2_method'

On 04/09/2011 02:13 PM, Lucas Nussbaum wrote: Source: courier Version: 0.65.3-2 Severity: serious Tags: wheezy sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20110408 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd

Bug#622014: courier: FTBFS: libcouriertls.c:555: undefined reference to `SSLv2_method'

On 04/09/2011 02:13 PM, Lucas Nussbaum wrote: Source: courier Version: 0.65.3-2 Severity: serious Tags: wheezy sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20110408 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd

Bug#617334: Patch for TLS security flaw

Hello, The patch can be found on GitHub: https://github.com/jedisct1/pure-ftpd/commit/65c4d4ad331e94661de763e9b5304d28698999c4 Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http://www.icdevgroup.org/ Int

Bug#617334: Update on security problem

Hello, I asked on the mailing list for a single patch which fixes the TLS security flaw so we can use it for stable and maybe oldstable security upgrade. Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http

Bug#617334: TLS security flaw

package: pure-ftpd tags: security severity: grave The new release 1.0.30 fixes a flaw similar to Postfix's CVE-2011-0411 by clearing the command-line buffer after switching to TLS. Reference: http://tech.groups.yahoo.com/group/postfix-users/message/275069 Regards Racke -- LinuXia Syst

Bug#606704: If someone fixes this bug, please fix #605355 as well

On 01/07/2011 07:23 PM, Mehdi Dogguy wrote: On 0, "Stefan Hornburg (Racke)" wrote: On 12/29/2010 06:20 PM, Christian PERRIER wrote: I got a verbal ACK from at least one release team member that fixing the Portuguese debconf translation update for squeeze (with a t-p-u upload) would

Bug#606704: If someone fixes this bug, please fix #605355 as well

On 12/29/2010 06:20 PM, Christian PERRIER wrote: I got a verbal ACK from at least one release team member that fixing the Portuguese debconf translation update for squeeze (with a t-p-u upload) would be OK. I was indeed about to build such upload when I got pointed by Julien to this RC bug. So,

Bug#606704: sympa: installation fails

On 12/11/2010 01:41 AM, Lucas Nussbaum wrote: Package: sympa Version: 6.0.1+dfsg-3 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: [..] + echo Not configur

Bug#594119: Upgrade path from Lenny to Squeeze is broken

On 11/13/2010 09:59 PM, Julien Cristau wrote: On Tue, Nov 2, 2010 at 12:27:59 +0100, Stefan Hornburg (Racke) wrote: On 11/02/2010 12:25 PM, Julien Cristau wrote: On Sun, Oct 10, 2010 at 03:15:22 +0200, Jonas Smedegaard wrote: On Sat, Oct 09, 2010 at 05:36:08PM +0200, Julien Cristau wrote

Bug#594119: Upgrade path from Lenny to Squeeze is broken

On 11/02/2010 09:20 PM, Adam D. Barratt wrote: On Tue, 2010-11-02 at 12:27 +0100, Stefan Hornburg (Racke) wrote: On 11/02/2010 12:25 PM, Julien Cristau wrote: On Sun, Oct 10, 2010 at 03:15:22 +0200, Jonas Smedegaard wrote: On Sat, Oct 09, 2010 at 05:36:08PM +0200, Julien Cristau wrote: Err

Bug#594119: Upgrade path from Lenny to Squeeze is broken

On 11/02/2010 12:25 PM, Julien Cristau wrote: On Sun, Oct 10, 2010 at 03:15:22 +0200, Jonas Smedegaard wrote: On Sat, Oct 09, 2010 at 05:36:08PM +0200, Julien Cristau wrote: On Tue, Aug 31, 2010 at 15:00:32 +0200, Stefan Hornburg (Racke) wrote: Fix applied to Git: http://git.debian.org/?p

Bug#601507: Postinst script breaks on chmod aliaswrapper

On 10/26/2010 10:18 PM, Stefan Hornburg (Racke) wrote: package: sympa version: 6.1.1~dfsg-1 severity: grave Aliaswrapper has moved to /usr/lib/sympa/sbin/aliaswrapper which causes failure of postinst script: Setting up sympa (6.1.1~dfsg-1) ... dbconfig-common: writing config to /etc/dbconfig

Bug#601507: Postinst script breaks on chmod aliaswrapper

package: sympa version: 6.1.1~dfsg-1 severity: grave Aliaswrapper has moved to /usr/lib/sympa/sbin/aliaswrapper which causes failure of postinst script: Setting up sympa (6.1.1~dfsg-1) ... dbconfig-common: writing config to /etc/dbconfig-common/sympa.conf dbconfig-common: flushing administrative

Bug#597434: Fixe for courier IMAP_ULIMITD

On 09/23/2010 06:54 AM, Thomas Goirand wrote: Hi, Here's a patch to fix the issue. Do you agree that is the way to fix it, and would you accept that I NMU this fix, so that it has a chance to get into Squeeze soon? Thomas Goirand (zigo) I'm going to upload fixed packages myself. Regards

Bug#597434: Fixe for courier IMAP_ULIMITD

On 09/23/2010 06:54 AM, Thomas Goirand wrote: Hi, Here's a patch to fix the issue. Do you agree that is the way to fix it, and would you accept that I NMU this fix, so that it has a chance to get into Squeeze soon? Thomas Goirand (zigo) I'm going to upload a fixed version myself. Thanks for

Bug#597434: The /etc/courier/imapd IMAP_ULIMITD is too small

On 09/19/2010 07:52 PM, Thomas Goirand wrote: Package: courier-imap Version: 4.8.0-1 Severity: grave In the file /etc/courier/imapd, there is the following: IMAP_ULIMITD=65536 While it doesn't seem so problematic under i386, under amd64 arch, each time I want to setup a server with courier-imap

Bug#594119: Upgrade path from Lenny to Squeeze is broken

On 08/25/2010 01:59 PM, Stefan Hornburg (Racke) wrote: On 08/23/2010 09:52 PM, Emmanuel Bouthenot wrote: Package: sympa Version: 6.0.1+dfsg-2 Severity: critical {,family,bounce}queue binaries are now installed in /usr/lib/sympa/lib/sympa/ instead of /usr/lib/sympa/bin before. It will breaks

Bug#594113: task_manager.pl daemon failed to start

On 08/24/2010 11:44 AM, Jonas Smedegaard wrote: Hi Emmanuel, On Mon, Aug 23, 2010 at 09:20:38PM +0200, Emmanuel Bouthenot wrote: Package: sympa Version: 6.0.1+dfsg-2 Severity: grave To start correctly, task_manager.pl daemon expects /usr/share/sympa/default/ca-bundle.crt to be a valid symlink

Bug#594113: task_manager.pl daemon failed to start

On 08/26/2010 09:49 AM, Jonas Smedegaard wrote: On Thu, Aug 26, 2010 at 08:24:46AM +0200, Emmanuel Bouthenot wrote: Well, you not experiencing problems avoiding Recommends do not really change the Debian definition of the Recommends: stanza: >`Recommends' > This declares a strong, but not abs

Bug#594119: Upgrade path from Lenny to Squeeze is broken

On 08/23/2010 09:52 PM, Emmanuel Bouthenot wrote: Package: sympa Version: 6.0.1+dfsg-2 Severity: critical {,family,bounce}queue binaries are now installed in /usr/lib/sympa/lib/sympa/ instead of /usr/lib/sympa/bin before. It will breaks mail aliases used by SYMPA during the upgrade from Lenny t

Bug#594113: task_manager.pl daemon failed to start

On 08/25/2010 10:34 AM, Jonas Smedegaard wrote: On Wed, Aug 25, 2010 at 09:18:36AM +0200, Stefan Hornburg (Racke) wrote: IMHO Sympa daemons should work without packages in Recommends. And ca-certificates isn't really a problem to be depend on. Is S/MIME a mandatory or optional featu

Bug#594113: task_manager.pl daemon failed to start

On 08/25/2010 09:11 AM, Emmanuel Bouthenot wrote: When not respecting recommends, you cannot expect package to work "out of the box" but will need some hand-tuning to get working. I never install Recommends on my Debian machines (servers, desktop, laptop). It's the first time I encounter such

Bug#584001: courier-faxmail: Security bugs in ghostscript

On 06/01/2010 03:05 AM, Paul Szabo wrote: Package: courier-faxmail Severity: grave Tags: security Justification: user security hole Please note remote execute-any-code security bugs in ghostscript: http://bugs.debian.org/583183 This package depends on ghostscript, and may be affected. Plea

Bug#584001: courier-faxmail: Security bugs in ghostscript

On 06/01/2010 01:24 PM, paul.sz...@sydney.edu.au wrote: Dear Racke, What kind of fixes do you have in mind? Please add the -P- option to all $GS invocations. Thanks, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics Unive

Bug#584001: courier-faxmail: Security bugs in ghostscript

On 06/01/2010 01:24 PM, paul.sz...@sydney.edu.au wrote: Dear Racke, What kind of fixes do you have in mind? Please add the -P- option to all $GS invocations. OK, I'll do so today. I just wonder why this option isn't mentioned in the gs manpage. Regards Racke -- LinuXia Systems

Bug#583989: Courier IMAP: Clients think logins have failed after upgrade

On 06/01/2010 01:18 AM, Adam Warner wrote: Package: courier Version: 0.64.2-1 Severity: grave Upstream has the patch: "Thunderbird chokes on that and requests a login again, claimin

Bug#584001: courier-faxmail: Security bugs in ghostscript

On 06/01/2010 03:05 AM, Paul Szabo wrote: Package: courier-faxmail Severity: grave Tags: security Justification: user security hole Please note remote execute-any-code security bugs in ghostscript: http://bugs.debian.org/583183 This package depends on ghostscript, and may be affected. Plea

Bug#579790: courier-authdaemon: uninstallation fails: exec: /usr/sbin/courierlogger: cannot execute: No such file or directory

On 05/06/2010 10:35 PM, Sascha Silbe wrote: I've worked around this by killing the remaining courier processes manually ("pkill -f courier") and hacking /var/lib/dpkg/info/courier-authdaemon.prerm to do "exit 0" immediately. Courier is now gone from my system. CU Sascha OK, thanks for the in

Bug#436266: (no subject)

severity 436266 important thanks On 05/03/2010 11:04 PM, Olaf van der Spek wrote: severity 436266 serious thanks This one leads to data loss... I don't consider this a serious data loss. Volatile and discarded data has to be purged at some point. Of course, the default setting can still be

Bug#579550: sympa: missing dependencies

On 04/28/2010 04:23 PM, Malte S. Stretz wrote: Package: sympa Version: 6.0.1-1 Severity: grave Justification: renders package unusable Startup will fail because the following Perl libraries aren't automatically pulled in: libfile-copy-recursive libnet-netmask-perl libterm-progressbar-perl Ca

Bug#575366: HTTP response splitting vulnerability

package: interchange severity: critical tags: security, fixed-upstream Interchange 5.7.6 closes a potential HTTP response splitting vulnerability. For details see http://www.icdevgroup.org/i/dev/news?mv_arg=00042. The patch to fix the vulnerability is here: http://git.icdevgroup.org/?p=interch

Bug#574106: Build failure on sid (AMD64)

Stefan Hornburg (Racke) wrote: package: courier severity: serious Courier packages fail to build on sid (AMD64 architecture). The error message is: /usr/bin/libtool --tag=CXX --mode=link g++ -Wall -I./.. -I.. -I./../afx -I./../rfc822 -I./libs -g -O2 -lcrypt -o aliaslookup aliaslookup.o

Bug#572439: SA-CORE-2010-001 - Drupal core - Multiple vulnerabilities

package: drupal6 severity: critical tags: security * Advisory ID: DRUPAL-SA-CORE-2010-001 * Project: Drupal core * Version: 5.x, 6.x * Date: 2010-March-03 * Security risk: Critical * Exploitable from: Remote * Vulnerability: Multiple vulnerabilities DESCRIPTION ---

Bug#560614: fixed

Jan Dittberner wrote: I patched debian/rules to use the system libtool to fix this FTBFS and NMUed it at BSP Mönchengladbach. That's great. Please send me the patch. Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration IC

Bug#563407: sympa: FTBFS because libmime-base64-perl was removed

Ansgar Burchardt wrote: Hi, "Stefan Hornburg (Racke)" writes: So why does it fail if perl is present? That seems odd to me. Some buildds will not consider alternative dependencies, others may do so. Many buildds run different versions of sbuild (see also for example #54134

Bug#563407: sympa: FTBFS because libmime-base64-perl was removed

Ansgar Burchardt wrote: Source: sympa Version: 5.4.7-1 Severity: serious Justification: FTBFS Hi, sympa failed to build [1] on hppa, hurd-i386, ia64, mips, mipsel, sparc because libmime-base64-perl is no longer a real package and sympa has a versioned build-dep on it. Replacing the build-dep

Bug#559802: CVE-2009-3736 local privilege escalation

Michael Gilbert wrote: Package: courier-authlib Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities & Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug fi

Bug#559020: Session Fixation Vulnerability

Package: request-tracker3.6 Tag: security Severity: critical http://blog.bestpractical.com/2009/11/session-fixation-vulnerability.html RT 3.8.6 is not affected. Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP

Bug#555087: [courier-mta] courier-mta does not install on clean squeeze system

tags 555087 + confirmed patch thanks Heiner Markert wrote: Package: courier-mta Version: 0.59.0-3 Severity: serious --- Please enter the report below this line. --- When performing apt-get install courier-mta on an otherwise clean squeeze system, dpkg fails with an post-install script error in

Bug#555087: [courier-mta] courier-mta does not install on clean squeeze system

Heiner Markert wrote: Package: courier-mta Version: 0.59.0-3 Severity: serious --- Please enter the report below this line. --- When performing apt-get install courier-mta on an otherwise clean squeeze system, dpkg fails with an post-install script error in package courier-mta. Installing the

Bug#554182: courier: missing-build-dependency po-debconf

tag 554182 + pending confirmed thanks Manoj Srivastava wrote: Package: courier Version: 0.63.0-1 Severity: serious User: lintian-ma...@debian.org Usertags: missing-build-dependency The package doesn't specify a build dependency on a package that is used in debian/rules. Also, it depends on obso

Bug#553539: interchange-ui: dir-or-file-in-var-www /var/www/interchange-5/da_DK/az.gif and 150+ others

tag 553539 + confirmed fixed-upstream thanks Manoj Srivastava wrote: Package: interchange-ui Version: 5.7.2-1 Severity: serious User: lintian-ma...@debian.org Usertags: dir-or-file-in-var-www Debian packages should not install files under /var/www. This is not one of the /var directories in the

Bug#368905: interchange-doc: Useless without interchange in testing

Barry deFreese wrote: Hi, What's the status of this. It is from 2006 but interchange has been in testing for a while now. Hello, Barry! Interchange has moved its documentation system, so it'll take a while to adjust the package accordingly. Regards Racke -- LinuXia Systems => htt

Bug#547511: python-scientific and sympa: error when trying to install together

Olivier Berger wrote: On Sun, Sep 20, 2009 at 02:52:53PM +0200, Ralf Treinen wrote: Unpacking sympa (from .../sympa_5.4.7-1_amd64.deb) ... dpkg: error processing /var/cache/apt/archives/sympa_5.4.7-1_amd64.deb (--unpack): trying to overwrite '/usr/bin/task_manager', which is also in package p

Bug#521037: courier-base: postinst failure caused by incorrect alternative if maildrop is installed

Laurent Bonnaud wrote: Package: courier-base Version: 0.61.2-1 Justification: postinst script must not fail Severity: serious Hi, here is the problem: Setting up courier-base (0.61.2-1) ... update-alternatives: error: alternative link /usr/share/man/man5/maildir.5.gz is already managed by ma

Bug#527833: courier: FTBFS: ./libtool: line 1210: libtool: compile: cannot determine name of library object from `': command not found

Paweł Tęcza wrote: Lucas, Probably the reason of FTBFS is because you have newer version of autoconf and libtool packages on your Sid box. I had very similar problem under Ubuntu Jaunty. Did you try to run `autoreconf -f` before? It works with Courier 0.62.1. Packages will show up soon. Reg

Bug#524419: Same bugs with pure-ftpd-mysql

laradji nacer wrote: The command /usr/sbin/pure-ftpd-wrapper is call by the inetd service at connection and it call /ust/sbin/pure-ftpd . It need to call the command : /usr/sbin/pure-ftpd-mysql when you use it with mysql or /usr/sbin/pure-ftpd-postgresql when you use it with postgresql I have

Bug#517960: courier-imap-ssl: upgrade to lenny broke ssl connection

Erwan David wrote: On Tue, Mar 03, 2009 at 11:01:20AM CET, Stefan Hornburg said: Erwan David wrote: Package: courier-imap-ssl Version: 4.4.0-2 Severity: grave Justification: renders package unusable Since upgrade to lenny, I cannot get a ssl connection with courier-imap. Here is the log

Bug#517960: courier-imap-ssl: upgrade to lenny broke ssl connection

Erwan David wrote: Package: courier-imap-ssl Version: 4.4.0-2 Severity: grave Justification: renders package unusable Since upgrade to lenny, I cannot get a ssl connection with courier-imap. Here is the log: Mar 3 09:55:09 maio imapd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3

Bug#505732: SA32658: Interchange Cross-Site Scripting Vulnerabilities

Raphael Geissert wrote: Source: interchange Severity: grave Version: 5.6.0-1 Tags: security Hi, The following SA (Secunia Advisory) id was published for interchange. SA32658[1]: Some vulnerabilities have been reported in Interchange, which can be exploited by malicious people to conduct cross

Bug#499078: jfsutils: Bus Error when running fsck.jfs on sparc

Luk Claes wrote: Stefan Hornburg (Racke) wrote: Luk Claes wrote: Hi Any news from upstream? Can we expect an upload shortly? No word from upstream. Will you upload a version that at least takes care of being able to recover from a power failure like the patch submitter proposes? We have

Bug#499078: jfsutils: Bus Error when running fsck.jfs on sparc

Luk Claes wrote: Hi Any news from upstream? Can we expect an upload shortly? No word from upstream. Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http://www.icdevgroup.org/ Interchange Development T

Bug#501605: sympa: broken post-inst script

Olivier Berger wrote: Le vendredi 10 octobre 2008 à 14:19 +0200, Stefan Hornburg a écrit : It should be more robust by principle as the replacement string is read from environment and special quoting isn't needed. Hmmm... the fact that it keeps in the environment afterwards is someth

Bug#501605: sympa: broken post-inst script

Olivier Berger wrote: On Thu, Oct 09, 2008 at 05:25:50PM +0200, Patrick Schoenfeld wrote: Hi, On Thu, Oct 09, 2008 at 03:17:43PM +0300, Niko Tyni wrote: Line 212 in the postinst breaks if sympa/key_password contains sed metacharacters, for instance 'a/b/c' as above. attached is a patch for th

Bug#501605: sympa: broken post-inst script

Patrick Schoenfeld wrote: Hi, On Fri, Oct 10, 2008 at 09:46:27AM +0200, Stefan Hornburg wrote: Thanks for the patch! Did you test it already? I tested it manually with a testscript containing only that code and RET="fo4b/!bar" or something. That worked fine. I didn't test

Bug#501605: sympa: broken post-inst script

Olivier Berger wrote: On Thu, Oct 09, 2008 at 05:25:50PM +0200, Patrick Schoenfeld wrote: Hi, On Thu, Oct 09, 2008 at 03:17:43PM +0300, Niko Tyni wrote: Line 212 in the postinst breaks if sympa/key_password contains sed metacharacters, for instance 'a/b/c' as above. attached is a patch for th

Bug#501605: sympa: broken post-inst script

Patrick Schoenfeld wrote: Hi, On Fri, Oct 10, 2008 at 09:46:27AM +0200, Stefan Hornburg wrote: Thanks for the patch! Did you test it already? I tested it manually with a testscript containing only that code and RET="fo4b/!bar" or something. That worked fine. I didn't test

Bug#501605: sympa: broken post-inst script

Patrick Schoenfeld wrote: Tags 501605 +patch thanks Hi, On Thu, Oct 09, 2008 at 03:17:43PM +0300, Niko Tyni wrote: Line 212 in the postinst breaks if sympa/key_password contains sed metacharacters, for instance 'a/b/c' as above. attached is a patch for this issue. Thanks for the patch! Did

Bug#501605: sympa: broken post-inst script

Niko Tyni wrote: severity 501605 serious tag 501605 - unreproducible thanks On Thu, Oct 09, 2008 at 01:42:39PM +0200, Patrick Schoenfeld wrote: Severity 501605 important thanks I have tested the installation of sympa as well and I can't reproduce the problem. Additional I auditted the post-i

Bug#494202: Installation script overwrites existing sympa.conf

severity 494202 important thanks Ari Epstein wrote: Package: sympa Version: 5.2.3-1.2+etch1 Severity: serious Justification: Policy 10.7.3 Upgrading to latest stable sympa package has overwritten my sympa.conf (and maybe other files as well). 10.7.3 indicates upgrade should not alter local

  1   2   >