Source: starman
Version: 0.2012-1
Severity: serious
Tags: wheezy sid
Justification: FTBFS
Hi
starman FTBFS due to test failures:
dh_auto_test
make[1]: Entering directory
`/build/salvi-starman_0.2012-1-amd64-e9NZV_/starman-0.2012'
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM
Source: libperl-apireference-perl
Version: 0.06-1
Severity: serious
Tags: wheezy sid
Justification: FTBFS
Hi
libperl-apireference-perl FTBFS with version of perl in unstable, as
libperl-apireference-perl does not know about 5.12.4:
dh build
dh_testdir
debian/rules
Hi Lucas
On Tue, Jul 19, 2011 at 08:28:32AM +0200, Lucas Nussbaum wrote:
Source: libconfig-model-perl
Version: 1.249-1
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20110718 qa-ftbfs
Justification: FTBFS on amd64
Hi,
During a rebuild of all
merge 627235 634601
thanks
Hi Lucas
On Tue, Jul 19, 2011 at 08:41:22AM +0200, Lucas Nussbaum wrote:
Source: libpoex-role-sessioninstantiation-perl
Version: 1.102610-1
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20110718 qa-ftbfs
Justification:
tag 634582 + confirmed
thanks
Hi Lucas
On Tue, Jul 19, 2011 at 08:40:07AM +0200, Lucas Nussbaum wrote:
Source: libhtml-template-expr-perl
Version: 0.07-1
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20110718 qa-ftbfs
Justification: FTBFS on amd64
Hi Jakub
On Tue, Jul 19, 2011 at 06:08:53PM +0200, Jakub Wilk wrote:
Any ideas on how to get the version without using apt-cache?
Build-depend on libmodule-corelist-perl and then use dpkg-query -W.
Thanks for the idea Jakub!
However in this case this will not work straigh away, because
tag 626019 + confirmed
thanks
Hi
On Sun, May 08, 2011 at 10:48:30AM +0200, Jeffrey Ratcliffe wrote:
Or am I being slow, and this is just because of the Perl 5.12
transition (that being the only change)?
I did a check on smetana.d.o sparc porterbox. The build hangs there
with:
Source: libwx-perl
Version: 1:0.98-1
Severity: serious
Tags: wheezy sid
Justification: FTBFS
Hi
libwx-perl 0.98 in unstable FTBFS:
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e
test_harness(0, 'blib/lib', 'blib/arch') t/*.t
Error: Unable to initialize gtk, is DISPLAY set
to adapt check for perl 5
+(Closes: #628357).
+ * Covert to '3.0 (quilt)' source package format and drop quilt framework
+from debian/control and debian/rules.
+
+ -- Salvatore Bonaccorso car...@debian.org Wed, 15 Jun 2011 21:29:36 +0200
+
tct (1.19-1) unstable; urgency=low
* Merging
Okay, I read some older bug reports on tct:
BTW: The clean target of the tct Debian package is broken, the
strange upstream mechanism (reconfig) conflicts with debian/rules
and debian/patches/01-conglomeration.patch. IMO we should sort this
out...
in http://bugs.debian.org/532342
So maybe
I have attached the packages differences, so far. Still builds fine in
wheezy but not in unstable.
Regards
Salvatore
--- /tmp/wheezy 2011-06-16 08:24:32.838848570 +0200
+++ /tmp/sid 2011-06-16 08:24:36.950844283 +0200
@@ -1,11 +1,11 @@
-Setting up bsdmainutils (8.2.2) ...
+Setting up bsdmainutils
Hi Dave
On Wed, Jun 15, 2011 at 04:29:00PM +0100, Dave Walker wrote:
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric
Hi,
Attached is the patch which has been uploaded to Ubuntu Oneiric
package to resolve this issue.
Thanks I have added your submitted
Source: libapache2-mod-perl2
Version: 2.0.5-2
Severity: serious
Justification: FTBFS
Recent build on buildd for hurd-i386 and kfreebsd-i386 failed.
https://buildd.debian.org/status/fetch.php?pkg=libapache2-mod-perl2arch=kfreebsd-i386ver=2.0.5-2stamp=1308251003
Hi
Last upload of libapache2-mod-perl2 FTBFS on kfreebsd-i386 and
hurd-i386 [1]. Could you give back these on the two architectures?
[1] http://bugs.debian.org/630749
gb libapache2-mod-perl_2.0.5-2 . kfreebsd-i386 hurd-i386
Regards
Salvatore
signature.asc
Description: Digital signature
Hi Christoph
Thanks for your reply:
On Fri, Jun 17, 2011 at 02:15:04PM +0200, Christoph Egger wrote:
Salvatore Bonaccorso car...@debian.org writes:
Last upload of libapache2-mod-perl2 FTBFS on kfreebsd-i386 and
hurd-i386 [1]. Could you give back these on the two architectures?
What
Source: bzr-gtk
Version: bzr731-1
Severity: serious
Tags: wheezy sid
Justification: FTBFS
Hi
Trying to build bzr-gtk with a similar setup as on the buildds bzr-gtk
FTBFS:
debian/rules override_dh_auto_test
make[1]: Entering directory
Hi
Builds went fine again for the 3.307 upload. I furthermore tested
build of 3.304 on gabrielli.debian.org, and this didn't failed too (as
it previously did).
Regards
Salvatore
signature.asc
Description: Digital signature
Hi Oleksandr
In case your are short of time, I can upload the fix prepared by
Martin Eberhard Schauer.
Many thanks for your work
Regards,
Salvatore
signature.asc
Description: Digital signature
Hi
This now builds again due to the latest cyrpt-ssley upload fixing the
originating issue.
Closing the bugreport.
Regards
Salvatore
signature.asc
Description: Digital signature
: makeinfo: command not found.
+Thanks to Angel Abad and Martin Eberhard Schauer (Closes: #652246)
+
+ -- Salvatore Bonaccorso car...@debian.org Mon, 09 Jan 2012 16:05:33 +0100
+
bashdb (4.2.0.8-1) unstable; urgency=low
* New upstream release.
diff -Nru bashdb-4.2.0.8/debian/control bashdb
Source: libperl5i-perl
Version: 2.9.0-1
Severity: serious
Justification: FTBFS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
As noticed by fabreg (Fabrizio Regalli), libperl5i-perl FTBFS:
# Failed test at t/utf8.t line 23.
# {
# 'GLOB(0x2568e50)' = [
# 'unix',
# 'perlio'
#
Source: libdevel-ebug-perl
Version: 0.49-3
Severity: serious
Justification: FTBFS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi
Current version in unstable FTBFS:
# Failed test at t/finished.t line 22.
# got: '1'
# expected: '0'
# Failed test at t/finished.t line
Hi Jaldahar
On Thu, Sep 29, 2011 at 10:04:02AM +0200, Matthias Klose wrote:
Thanks I've been meaning to look into this error for a while, I'll try and
get to it today.
Hi, any update on this?
Any news on this issue? (p.s.: is not to put stress!)
Regards,
Salvatore
signature.asc
Hi Jonas
I'm looking at open RC bugs. Lucas reported 655819 which is the same
634580. The problem is that in the package the patch added is not
applied.
Regards,
Salvatore
signature.asc
Description: Digital signature
tag 642737 + unreproducible
thanks
Hi
On Sat, Sep 24, 2011 at 11:10:01PM +0200, Salvatore Bonaccorso wrote:
On Sat, Sep 24, 2011 at 11:45:34PM +0300, Damyan Ivanov wrote:
tags 642737 moreinfo unreproducible
I can reproduce it with a build with sbuild.
(No time to look at it today
HTML::Template. This breaks with
+use HTML::Template 2.10, since 2.1 2.6. The version required (2.6)
+is anyway already satisfied even in Etch. (Closes: #634586).
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 29 Sep 2011 20:55:21 +0200
+
libhtml-popuptreeselect-perl (1.6-5) unstable
Hi Fabrizio
Last time I had contact with upstream, he told me due to lack of time
he cannot port giplet for now. I suggest to remove giplet from
unstable.
Regards
Salvatore
signature.asc
Description: Digital signature
Hi Michael
On Tue, Oct 25, 2011 at 03:55:24AM +0200, Michael Biebl wrote:
tags 631479 + unreproducible
thanks
I tried building pygtk in an up-to-date sid chroot and it build without
problem. Could you please try if you can reproduce the problem?
Did some unclean environment maybe leak into
384e1f6b6b5d4fd2aeb68becefabeda998f9beb5 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso car...@debian.org
Date: Tue, 27 Nov 2012 17:36:57 +0100
Subject: [PATCH] Use Digest::SHA instead of Digest::SHA1
libdigest-sha1-perl package was reoved from Debian. Digest::SHA is part
of Perl core modules included
of Digest::SHA1
+libdigest-sha1-perl package was removed from Debian. Digest::SHA is part of
+Perl core modules included with the perl interpreter since 5.10.
+Thanks to Ansgar Burchardt ans...@debian.org (Closes: #694474)
+
+ -- Salvatore Bonaccorso car...@debian.org Wed, 28 Nov 2012
with the perl interpreter since 5.10.
+Thanks to Ansgar Burchardt ans...@debian.org (Closes: #694474)
+ * Don't create .packlist file.
+Add create_packlist=0 in config-stamp target on perl Build.PL call.
+
+ -- Salvatore Bonaccorso car...@debian.org Wed, 28 Nov 2012 16:44:15 +0100
+
libmasonx
to perl Build.PL call.
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 01 Dec 2012 09:53:08 +0100
+
libmasonx-request-withapachesession-perl (0.30-3) unstable; urgency=low
* debian/control - removed libapache-request-perl from dependencies
only in patch2:
unchanged:
--- libmasonx-request
Hi Andreas
On Sun, Dec 02, 2012 at 02:42:26AM +0100, Andreas Beckmann wrote:
Followup-For: Bug #694395
Control: found -1 0.06-2
Hi,
what I didn't take into account in my analysis were the virtual packages
provided by perl-modules: they include libextutils-command-perl, so
Control: reassign 675895 icu 4.8.1.1-7
Control: fixed 675895 4.8.1.1-8
Control: affects 675895 + parrot
Hi Alessandro and Jay
On Tue, Jun 05, 2012 at 02:22:07PM -0400, Jay Berkenbilt wrote:
Alessandro Ghedini al3x...@gmail.com wrote:
Apparently it's icu-config --ldlfags (called by Parrot's
Hi Christophe
I was looking at current RC bugs for wheezy and noticed #694368. I saw
that you already commited the changes to git[1] however also including
a new upstream version afterwards.
[1]:
Source: ssdeep
Source-Version: 2.7-2
Hi Christophe
On Thu, Dec 06, 2012 at 03:08:03PM +0100, Christophe Monniez wrote:
the fix was just uploaded.
Thanks!
Do we need a release excpetion for this to be accepeted ?
Just fill a bug for pseudopackage release.debian.org for a unblock
request.
Control: severity -1 important
Hi Simon
On Thu, Dec 06, 2012 at 03:11:27PM +0100, Simon Kainz wrote:
Version: 0.03-1
Severity: grave
Tags: upstream
Justification: causes non-serious data loss
Using libparse-debain-packages-perl, the following problem arises when parsing
stanzas with more
Hey Alessandro
On Fri, Dec 07, 2012 at 12:11:23PM +0100, Alessandro Ghedini wrote:
But it looks there is another FTBFS on ia64[2].
Yup, that's #689177, which is sid-only.
Yup, noticed it only after already sending my email.
Salvatore
signature.asc
Description: Digital signature
Hi Jay
On Fri, Dec 07, 2012 at 10:13:20PM -0500, Jay Berkenbilt wrote:
It's not clear to me whether there's anything I have to do ICU regarding
this. I doesn't look like it, but before I just ignore this, I thought
I'd double check. If there is something I need to do, please draw my
Package: gksu-polkit
Severity: grave
Tags: security
Hi,
the following vulnerability was published for gksu-polkit.
CVE-2012-5617[0,1]:
privilege escalation due to improper authentication settings in policykit
configuration file
If you fix the vulnerability please also make sure to include the
Hi Serafeim
(Warning: I'm not part of the release-team)
On Wed, Dec 12, 2012 at 09:39:51PM +0100, Serafeim Zanikolas wrote:
On Wed, Dec 12, 2012 at 08:22:30PM +, Adam D. Barratt wrote:
On Wed, 2012-12-12 at 19:32 +, Serafeim Zanikolas wrote:
cflow (1:1.4+dfsg1-1) unstable;
Control: reopen -1
Hi Daniel
On Thu, Dec 13, 2012 at 01:51:14PM +, Debian Bug Tracking System wrote:
This is an automatic notification regarding your Bug report
which was filed against the open-vm-tools package:
#695845: open-vm-tools: Init script should Required-{Start,Stop} $remote_fs
Hi Daniel
On Sat, Dec 15, 2012 at 01:51:15PM +, Debian Bug Tracking System wrote:
[...]
open-vm-tools (2:9.2.2-893683-2) unstable; urgency=low
.
* Removing init order to network (Closes: #695845).
* Correcting version number (Closes: #695912).
* Don't check for vm on stop in
Control: tags -1 + unreproducible moreinfo
Hi Mathieu
Disclaimer: I'm not the maintainer of tig.
On Mon, Dec 17, 2012 at 09:40:42AM +0100, Mathieu Malaterre wrote:
Package: tig
Version: 1.0-2
Severity: serious
Justification: fails to build from source
I cannot build tig from my squeeze
Control: tags -1 + squeeze
Control: notfound -1 2.9.2.2-3
Hi Gregor
On Thu, Dec 20, 2012 at 10:11:43PM +0100, gregor herrmann wrote:
On Thu, 20 Dec 2012 04:35:52 +0100, Andreas Beckmann wrote:
The problem is still reproducible in a lenny-squeeze upgrade.
Hm, at least _I_ don't care a lot
Hi
On Sat, Dec 22, 2012 at 11:48:33AM +0100, Ivo De Decker wrote:
Control: fixed -1 2.9.2.2-3
Hi Salvatore,
On Sat, Dec 22, 2012 at 11:13:26AM +0100, Salvatore Bonaccorso wrote:
Control: tags -1 + squeeze
Control: notfound -1 2.9.2.2-3
[...]
But I tried too to check the Squeeze
/share/doc but not in
+Wheezy (Closes: #696066).
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 22 Dec 2012 15:35:33 +0100
+
fuse (2.9.0-2) unstable; urgency=low
* Correcting debhelper docs file to not include unwanted files
diff -Nru fuse-2.9.0/debian/fuse-utils.preinst
fuse-2.9.0
Control: tags -1 + patch
Hi Daniel!
On Sat, Dec 15, 2012 at 03:04:41PM +0100, Salvatore Bonaccorso wrote:
Hi Daniel
On Sat, Dec 15, 2012 at 01:51:15PM +, Debian Bug Tracking System wrote:
[...]
open-vm-tools (2:9.2.2-893683-2) unstable; urgency=low
.
* Removing init order
Source: owncloud
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerabilities were published for owncloud.
CVE-2012-5665[0]:
Auth bypass in user_webdavauth and user_ldap
CVE-2012-5666[1]:
XSS vulnerability in
Source: freetype
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerabilities were published for freetype.
CVE-2012-5670[0]:
Out-of-bounds write in _bdf_parse_glyphs
CVE-2012-5669[1]:
Out-of-bounds read in
-of-bounds read in _bdf_parse_glyphs.
+(Closes: #696691)
+ * Add savannah-bug-37907.patch patch
+[SECURITY] CVE-2012-5670: Out-of-bounds write in _bdf_parse_glyphs.
+(Closes: #696691)
+
+ -- Salvatore Bonaccorso car...@debian.org Wed, 26 Dec 2012 00:54:12 +0100
+
freetype (2.4.9-1
Hi Daniel
I asked now for a pre-approval for fuse to upload to t-p-u only fixing
#696066 now. See [1].
[1]: http://bugs.debian.org/696713
Is this okay with you? Do you have comments on it?
Regards,
Salvatore
signature.asc
Description: Digital signature
Hi
Looks I forgot to CC the original bugreport and Daniel Baumann.
Doing so now. Daniel, please see below.
Regards,
Salvatore
On Wed, Dec 26, 2012 at 04:59:18PM +0100, Salvatore Bonaccorso wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Hi
On Fri, Dec 28, 2012 at 01:17:46AM +0900, Nobuhiro Ban wrote:
Package: jenkins
Version: 1.447.2+dfsg-2
Severity: grave
Tags: security
Dear Maintainer,
The upstream vendor announced a security advisory, that is rated high
severity.
See:
.
+(Closes: #696691)
+
+ -- Salvatore Bonaccorso car...@debian.org Fri, 28 Dec 2012 21:32:28 +0100
+
freetype (2.4.9-1) unstable; urgency=low
* New upstream release
diff -u freetype-2.4.9/debian/patches-freetype/series freetype-2.4.9/debian/patches-freetype/series
--- freetype-2.4.9/debian/patches
permissions on database files. Fix
+CVE-2012-5577 and CVE-2012-5578. (Closes: #696736) (LP: #1031465)
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 29 Dec 2012 08:46:59 +0100
+
python-keyring (0.9.2-1) unstable; urgency=low
* New upstream release (Closes: #675379, #678682)
diff -Nru
Hi Carl
Reading trough the code a bit:
On Sat, Dec 29, 2012 at 08:56:07AM +0100, Salvatore Bonaccorso wrote:
http://www.openwall.com/lists/oss-security/2012/11/16/2
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-5577.html
http://people.canonical.com/~ubuntu-security/cve
Hi
I have asked if this warrants a CVE and if one can be assigned. If so
I will then update it here. Here is the temporary entry in the
security-tracker:
https://security-tracker.debian.org/tracker/TEMP-0654341-9198B9
p.s.: A user might be tricked also to save the open file and loose data,
Control: retitle -1 [CVE-2012-6076] inkscape reads .eps files from /tmp instead
of the current directory
Control: retitle 696915 unblock: inkscape/0.48.3.1-1.3
Hi
On Sat, Dec 29, 2012 at 09:48:42PM +0100, John Paul Adrian Glaubitz wrote:
Hi,
I have just uploaded inkscape 0.48.3.1-1.3 which
-permissions-on-database-files.patch
+[SECURITY]: Fix insecure permissions on database files. Fix
+CVE-2012-5577 and CVE-2012-5578. (Closes: #696736) (LP: #1031465)
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 29 Dec 2012 08:46:59 +0100
+
python-keyring (0.9.2-1) unstable; urgency=low
Hi Carl!
On Mon, Dec 31, 2012 at 11:37:05AM +0100, Carl Chenet wrote:
On 30/12/2012 18:44, Salvatore Bonaccorso wrote:
tags 696736 + pending
thanks
Dear maintainer,
I've prepared an NMU for python-keyring (versioned as 0.9.2-1.1) and
uploaded it to DELAYED/7. Please feel free
Hi Julián
On Tue, Jan 01, 2013 at 01:19:05AM -0500, Julián Moreno Patiño wrote:
tags 695284 + pending
thanks
Dear maintainer,
I've prepared an NMU for tsung (versioned as 1.4.2-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Looks like the
Control: found -1 0.2-3
Hi Sebastian
On Wed, Jan 02, 2013 at 08:09:10PM +0100, Sebastian Ramacher wrote:
Control: found -1 0.7.1-1
On 2012-12-29 09:42:08, Salvatore Bonaccorso wrote:
Hi Carl
Reading trough the code a bit:
On Sat, Dec 29, 2012 at 08:56:07AM +0100, Salvatore
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerabilities were published for asterisk.
CVE-2012-5976[0]:
Crashes due to large stack allocations when using TCP
CVE-2012-5977[1]:
Denial of
-umask-0.patch
+ - 0001-sanlock-use-lockfile-mode-644.patch
+ - 0001-wdmd-use-lockfile-mode-644.patch (Closes: #696424)
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 03 Jan 2013 22:12:33 +0100
+
sanlock (2.2-1) unstable; urgency=low
* Initial release. (Closes: #669102)
diff -Nru
Hi
Only a small follow-up. David (Maintainer of sanlock) will have a look
at this in the upcoming week.
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
0001-Ensure-correct-return-code-on-malformed-signature-in.patch
+[SECURITY] CVE-2012-6088: Ensure correct return code on malformed
+signature in packages. Patch cherry-picked from upstream git repository.
+(Closes: #697375)
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 05 Jan 2013 13
Hi Daniel
On Wed, Aug 15, 2012 at 05:49:00PM +, Daniel Pocock wrote:
Upstream have released 3.1.8 which only differs from 3.1.7 by adding the
fix for the security issue
It has now been pushed to the git.debian.org VCS for building the
Ganglia package
It is on the squeeze branch and
Hi Michal
On Sat, Jan 05, 2013 at 09:06:49PM +0100, Michal Čihař wrote:
Hi
Dne Sat, 5 Jan 2013 13:33:41 +0100
Salvatore Bonaccorso car...@debian.org napsal(a):
Hi Michal
On Fri, Jan 04, 2013 at 03:55:13PM +0100, Moritz Muehlenhoff wrote:
Package: rpm
Severity: grave
Tags
Hi Adrian
On Sat, Jan 05, 2013 at 09:13:21PM +0100, John Paul Adrian Glaubitz wrote:
Hi Salvatore,
I have seen you are in the LowNMU and the package maintained in
collab-maint. I can do a NMU in case you have not the time to prepare
the upload.
Why not do an NMU and upload it into
Hey Andrian
On Sun, Jan 06, 2013 at 02:06:51AM +0100, John Paul Adrian Glaubitz wrote:
Hi Salvatore,
On Sat, Jan 05, 2013 at 11:42:04PM +0100, Salvatore Bonaccorso wrote:
See Dev-Ref 5.11.1.[1], the 4th and 5th item. I know Michal is quite
active so I first wanted to confirm with him
Hi David
On Mon, Jan 07, 2013 at 09:06:53AM +, David Weber wrote:
Attached is the debdiff contianing these three refreshed for the
version in unstable and testing. But I'm not yet ready to propose a
NMU. Testing of the resulting package is welcome!
Thanks for the debdiff!
It works
+
+ * Non-maintainer upload.
+ * Add missing Depends on libcollection-dev for libini-config-dev.
+Thanks to Asbjørn Sloth Tønnesen asbj...@asbjorn.biz (Closes: #697186)
+
+ -- Salvatore Bonaccorso car...@debian.org Mon, 07 Jan 2013 21:41:36 +0100
+
ding-libs (0.1.3-1) unstable; urgency=low
Control: retitle -1 jenkins: CVE-2013-0158: remote code execution vulnerability
Hi
On Tue, Jan 08, 2013 at 02:06:39AM +0900, Nobuhiro Ban wrote:
Package: jenkins
Version: 1.447.2+dfsg-2
Severity: grave
Tags: security
Dear Maintainer,
The upstream vendor announced a security advisory,
Hi Timo
On Tue, Jan 08, 2013 at 09:54:12AM +0200, Timo Aaltonen wrote:
On 07.01.2013 22:52, Salvatore Bonaccorso wrote:
Hi
@Timo: Not to put any pressure or so. In case you are short of time I
can prepare a NMU for this and upload.
That would be fine, or I can push the change to git
Hi Timo
On Tue, Jan 08, 2013 at 05:42:19PM +0200, Timo Aaltonen wrote:
On 08.01.2013 10:32, Salvatore Bonaccorso wrote:
Hi Timo
On Tue, Jan 08, 2013 at 09:54:12AM +0200, Timo Aaltonen wrote:
On 07.01.2013 22:52, Salvatore Bonaccorso wrote:
Hi
@Timo: Not to put any pressure or so
://release.debian.org/wheezy/freeze_policy.html
(but I have not looked if #689696 can be considered RC).
+sanlock (2.2-1.1) unstable; urgency=low
+
+ * Fix CVE-2012-5638 sanlock world writable /var/log/sanlock.log. Thanks to
Salvatore Bonaccorso (Closes: #696424)
would wrap this line
+Add patches
Package: redhat-cluster-suite
Version: 3.1.8-1
Severity: serious
Justification: fails to install
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
redhat-cluster-suite fails to install as clvm package was dropped in
lvm2 source package:
lvm2 (2.02.95-6) unstable; urgency=low
* Drop cluster
. (Closes: #685061)
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 10 Jan 2013 19:36:49 +0100
+
gfs2-utils (3.1.3-1) unstable; urgency=low
* Initial release as stand-alone package; this used to be part of the
diff -Nru gfs2-utils-3.1.3/debian/control gfs2-utils-3.1.3/debian/control
--- gfs2-utils
Depends for redhat-cluster-suite binary package.
+Cluster (clvm) support was dropped in lvm2 source package by removing
+the clvm binary package. Drop the Depends also in redhat-cluster-suite.
+(Closes: #697870)
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 10 Jan 2013 21:40:28
Package: condor
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerability was published for condor.
CVE-2012-5390[0]:
Possible privilege escalation
This is mentioned on the stable release series notes[1] as
Hi
I have submitted this as grave severity, but could you double check if
this is actually a problem for condor in Debian?
[1]:
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
Regards,
Salvatore
--
To UNSUBSCRIBE, email to
init script contains a dependency on the
+service providing gfs_controld, which in turn is provided by
+gfs2-cluster. (Closes: #685061)
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 10 Jan 2013 19:36:49 +0100
+
gfs2-utils (3.1.3-1) unstable; urgency=low
* Initial release
-cluster-suite.
+(Closes: #697870)
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 10 Jan 2013 21:40:28 +0100
+
redhat-cluster (3.1.8-1) unstable; urgency=low
[ Andres Rodriguez ]
diff -Nru redhat-cluster-3.1.8/debian/control redhat-cluster-3.1.8/debian/control
--- redhat-cluster-3.1.8
and yaml coercion from the
+XML parser. (Closes: #697895) (LP: #1098357)
+
+ -- Salvatore Bonaccorso car...@debian.org Fri, 11 Jan 2013 21:14:26 +0100
+
ruby-extlib (0.9.15-2) unstable; urgency=low
* Add full text of the Ruby licence.
@@ -49 +56,0 @@
-
only in patch2:
unchanged:
--- ruby
: #1098357)
+
+ -- Salvatore Bonaccorso car...@debian.org Fri, 11 Jan 2013 20:52:05 +0100
+
libextlib-ruby (0.9.13-2) unstable; urgency=low
* std-ver - 3.8.4. No changes needed.
only in patch2:
unchanged:
--- libextlib-ruby-0.9.13.orig/spec/hash_spec.rb
+++ libextlib-ruby-0.9.13/spec
Package: axis2c
Severity: grave
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following vulnerability was published for axis2c.
CVE-2012-6107[0]:
Does not verify that the server hostname matches a domain name in the subject's
CN or subjectAltName field of the x.509
Source: fuse
Version: 2.9.2-2
Severity: serious
Justification: makes various packages in unstable uninstallable
Hi Daniel
Please reintroduce the fuse-utils transitional package in unstable
until the wheezy release happened. Else 13 packages with Depends, 5
with Recommends on fuse-utils are
Hi Thorsten
On Tue, Oct 09, 2012 at 09:59:40PM +, Thorsten Glaser wrote:
Hi,
can we please agree this is a corner case and have this
be tagged wheezy-ignore?
Hmm, as the tag should be decided by the Release Team, do you have an
opinion from them on this?
I haven't looked at it in more
the ENABLED then (re-)add
+ it to the configuration file in postinst.
+- Remove configuration file on purge in postrm script
+
+ -- Salvatore Bonaccorso car...@debian.org Fri, 12 Oct 2012 20:53:58 +0200
+
ferm (2.1-2) unstable; urgency=low
[ great debian l10n teams ]
diff -u ferm
Hi
I'm forwarding this to the debian-release mailinglist as Adam
suggested to me on IRC:
On Tue, Oct 09, 2012 at 09:59:40PM +, Thorsten Glaser wrote:
Hi,
can we please agree this is a corner case and have this
be tagged wheezy-ignore?
bye,
//mirabilos
@Release Team, this is a
Package: libfile-data-perl
Version: 1.16-1
Severity: serious
Justification: virtually empty binary package
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
This was noticed in #debian-perl by jonas.
libfile-data-perl's binary package is virtually empty:
dpkg-deb -c
; urgency=low
+
+ * Non-maintainer upload.
+ * Remove auth_dacs.load only on purge (Closes: #689541)
+
+ -- Salvatore Bonaccorso car...@debian.org Thu, 18 Oct 2012 16:31:30 +0200
+
dacs (1.4.27b-1) unstable; urgency=low
* New upstream version.
diff -Nru dacs-1.4.27b/debian/libapache2-mod
Hi Christoph!
Thanks a lot for your feedback. I was currently looking at open RC
bugs for wheezy.
On Fri, Oct 19, 2012 at 11:16:51AM +0200, Christoph Berg wrote:
thanks for the patch, but I don't think it is valid. If you remove
the dacs module, but leave the apache config there, apache will
Hi Christoph
On Fri, Oct 19, 2012 at 11:16:51AM +0200, Christoph Berg wrote:
thanks for the patch, but I don't think it is valid. If you remove the
dacs module, but leave the apache config there, apache will not be
happy. I guess the best would be to call a2dismod to remove the
symlink when
Hi
Note this package is on Niels' list for removal candidates[1].
[1]: http://lists.debian.org/debian-release/2012/10/msg00817.html
On Sun, Aug 05, 2012 at 09:53:09PM +0200, Luca Falavigna wrote:
Documentation states that the following line is enough:
auth sufficient pam_barada.so
while
Hi Paul
On Fri, Sep 28, 2012 at 05:12:51PM +0200, Paul van Tilburg wrote:
Package: camping
Version: 2.1.498-3
Severity: grave
Tags: patch upstream
Justification: renders package unusable
Hi,
Currently, it is not possible in Debian to use the Camping framework to
write/create an
Control: reopen 666334
Control: found 666334 0.22.0-1
Control: retitle 666334 FTBFS: build-arch problems with patch applying and
instalation of files genrated only in build-indep target
Hi
(only going to RC bugs for wheezy):
On Mon, Jul 30, 2012 at 02:37:17PM +0200, Ralf Treinen wrote:
Hi Giuseppe
I had a look at the debdiff between the version in testing an the
version in unstable and it looks quite big to ask for an unbock for
wheezy.
Would it possible to prepare a minimal possible fix for that only
resolving the serious bugs (probably also #649515 if also affecting
wheezy)
Hi Alexander
On Fri, Oct 12, 2012 at 11:14:06PM +0200, Salvatore Bonaccorso wrote:
Attached is a tentative patch to solve this issue. Hope it can help!
(I have not taken any NMU upload action, only attaching the patch
here).
Do you agree on the proposed solution? I can do more testing
301 - 400 of 3898 matches
Mail list logo