Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: p...@packages.debian.org
Control: affects -1 + src:poco
User: release.debian@packages.debian.org
Usertags: pu
Fix for CVE-2023-52389 (which doesn't warrant a DSA),
debdiff below.
Cheers,
Moritz
diff -Nru poco-1
Package: ftp.debian.org
Severity: normal
Tags: security
X-Debbugs-Cc: math...@packages.debian.org, Debian Security Team
Control: affects -1 + src:mathtex
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove mathtex, it's dead upstream and there are open security issues.
The la
Package: ftp.debian.org
Severity: normal
Tags: security
X-Debbugs-Cc: math...@packages.debian.org, Debian Security Team
Control: affects -1 + src:mathtex
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove mathtex. It's dead upstream and there are open security issues.
Cheer
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: perl-doc-h...@packages.debian.org
Control: affects -1 + src:perl-doc-html
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove perl-doc-html. It contains outdated docs, has been dropped
from testing since 2018 and is orphane
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: haskell98-tutor...@packages.debian.org
Control: affects -1 + src:haskell98-tutorial
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove haskell98-tutorial. It's RC-buggy since 2021
and up for adoption without any takers sin
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: ifsch...@packages.debian.org
Control: affects -1 + src:ifscheme
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove ifscheme. It's broken since at least 2021 (#981637)
and orphaned without an adopter since 2020.
Cheers,
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: picp...@packages.debian.org
Control: affects -1 + src:picprog
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove picprog. It's RC-buggy since 2019 and thus missed
the last two stable releases (since Linux 5.5 entered Debia
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: watchc...@packages.debian.org
Control: affects -1 + src:watchcatd
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove watchcatd. It's dead upstream and generally obsolete,
such process supervision is built into systemd nati
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: sle...@packages.debian.org
Control: affects -1 + src:sleepd
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove sleepd. Upstream development has stopped a long time ago,
and it's orphaned for a decade without an adopter.
C
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: ram...@packages.debian.org
Control: affects -1 + src:ramond
User: ftp.debian@packages.debian.org
Usertags: remove
Please remove ramond. It's dead upstream, the last maintainer upload
was in 2012 without a new adopter and it's basically non
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: un...@packages.debian.org
Control: affects -1 + src:unadf
Addresses two no-dsa security issues, same fix already rolled out
for Bookworm. Debdiff below.
Cheers,
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: un...@packages.debian.org
Control: affects -1 + src:unadf
Fixes two minor security issues. These have actually been in
past releases (wheezy/jessie), but the patch wa
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: golang-github-go-macaron-bind...@packages.debian.org
Control: affects -1 + src:golang-github-go-macaron-bindata
Please remove golang-github-go-macaron-bindata. The version in the archiv
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: el...@packages.debian.org
Control: affects -1 + src:elida
Please remove elida, it's obsolete, unused and without an adopter for years.
Upstream is also gone, the former maintainer was a
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: netkit-...@packages.debian.org
Control: affects -1 + src:netkit-rsh
Please remove netkit-rsh. It's obsolete, dead upstream and has open security
issues.
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: gsm0710m...@packages.debian.org
Control: affects -1 + src:gsm0710muxd
Please remove gsm0710muxd. It's been orphaned since nine years and removal was
already suggested in the original O:
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: apf-firew...@packages.debian.org
Control: affects -1 + src:apf-firewall
Please remove apf-firewall. Removal was already hinted at in the original
orphan bug from 2016 and at this point
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: ma...@packages.debian.org
Control: affects -1 + src:mason
Please remove mason, it's orphaned without an adopter since 2018, upstream
is dead upstream (vanished off the internet) and it
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: masqm...@packages.debian.org
Control: affects -1 + src:masqmail
Please remove masqmail. It's dead upstream, orphaned without an adopter
since 2015 and RC-buggy (dropped from testing sin
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: p...@packages.debian.org
Control: affects -1 + src:pads
Please move pads. It's dead upstream, orphaned without a new maintainer since
2015
and depends on the legacy PCRE.
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: free...@packages.debian.org
Control: affects -1 + src:freelan
Please remove freelan. It's orphaned without an adopter since five years
and FTBFS since almost two years due to a lack of
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: golang-github-go-macaron-c...@packages.debian.org
Control: affects -1 + src:golang-github-go-macaron-csrf
Please remove golang-github-go-macaron-csrf. It was only packaged for
Gitea, wh
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: golang-github-go-macaron-i...@packages.debian.org
Control: affects -1 + src:golang-github-go-macaron-i18n
Please remove golang-github-go-macaron-i18n. It was only packaged for gitea,
wh
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: l...@packages.debian.org
Control: affects -1 + src:latd
Please remove latd. It's orphaned without an adopter since 2014, dead upstream
and practically unused per popcon.
Cheers,
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: xava...@packages.debian.org
Control: affects -1 + src:xavante
Please remove xavante, the last maintainer upload was in 2013, there's plenty of
web servers in the archive and it depends
Source: netatalk
Version: 3.1.13~ds-2
Severity: serious
netatalk should not enter bookworm unless it gets adopted and
actively maintained.
Cheers,
Moritz
Source: dpatch
Version: 2.0.41
Severity: serious
dpatch has been obsoleted by source format 3.0 (quilt), there's only
19 reverse dependencies in the archive (5 of them in testing), for
which bugs have been filed.
Cheers,
Moritz
Source: efax
Version: 1:0.9a-20
Severity: serious
dpatch is deprecated and will be removed before the bookworm release.
Please migrate to source format 3.0 (quilt) instead.
Package: cflow
Severity: normal
Tags: security
X-Debbugs-Cc: Debian Security Team
This was assigned CVE-2020-23856:
https://lists.gnu.org/archive/html/bug-cflow/2020-07/msg0.html
Cheers,
Moritz
Source: giflib
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2020-23922:
https://sourceforge.net/p/giflib/bugs/151/
Source: webcit
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27741
http://cve.mitre.org/cgi-bin/c
Package: tinymce
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2020-12648:
https://labs.bishopfox.com/advisories/tinymce-version-5.2.1
CVE-2020-17480:
https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95
Package: tinymce
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
This was assigned CVE-2019-1010091:
https://github.com/tinymce/tinymce/issues/4394
Cheers,
Moritz
Source: gnulib
Severity: grave
Tags: security
Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155
Patch:
http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
Cheers,
Moritz
Package: pdf2htmlex
Severity: serious
Should pdf2htmlex be removed? It's RC-buggy for over a year and upstream
development seems to have stopped:
http://pdf2htmlex.blogspot.de/2016/12/looking-for-new-maintainer.html
Cheers,
Moritz
Source: lighttpd
Severity: normal
Your package uses "libssl-dev | libssl1.0-dev" as a build dependency
on OpenSSL. openssl1.0 is scheduled for removal, the alternate build
dependency can now be removed.
Cheers,
Moritz
Source: twitter-bootstrap
Severity: serious
src:twitter-bootstrap is a 6.5 year old version of Bootstrap which is orphaned
since 2013. "Current" packages are in the archive as src:twitter-bootstrap3.
The vintage version should not be in buster, reverse deps should migrate to
src:twitter-bootstrap3
Source: giflib
Severity: important
Tags: security
https://sourceforge.net/p/giflib/bugs/113/
Source: giflib
Severity: important
Tags: security
https://sourceforge.net/p/giflib/bugs/112/
Package: doc-debian-fr
Severity: serious
These docs have been updated the last time over 12 years ago, is this actually
still useful or rather misleading and should be removed?
Cheers,
Moritz
Source: virglrenderer
Severity: grave
Tags: security
Please see:
https://security-tracker.debian.org/tracker/CVE-2017-5956
https://security-tracker.debian.org/tracker/CVE-2017-5957
https://security-tracker.debian.org/tracker/CVE-2017-5993
https://security-tracker.debian.org/tracker/CVE-2017-5994
h
Package: virglrenderer
Severity: important
Tags: security
Please see
https://security-tracker.debian.org/tracker/CVE-2017-5937 and
https://security-tracker.debian.org/tracker/CVE-2016-10214
Cheers,
Moritz
On Wed, Jan 11, 2017 at 05:09:24PM +, Holger Levsen wrote:
> control: severity -1 important
>
> Hi Ondřej,
>
> first of all, thanks for all your work on courier, despite not even
> using it!
>
> Second, I think I disagree with your conclusion (from December 26th
> 2016!) that courier should
These bugs are not fixed and should not be closed. Even if they're switched
temporarily
to openssl 1.0.2, this will go away after the stretch release. Also, they
should at
least be forwarded upstream before flipping to 1.0.2.
Source: openslp-dfsg
Severity: serious
The last maintainer upload of openslp happened in 2007
and it's orphaned for 5.5 years now. The 1.2 branch is
completely abandoned upstream.
At the minimum the package should be upgraded to 2.0,
but the comment at
https://bugzilla.redhat.com/show_bug.cgi?id=
Source: openslp-dfsg
Severity: grave
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5177
Cheers,
Moritz
On Mon, Dec 08, 2014 at 01:45:12PM +0100, Vasyl Kaigorodov wrote:
> Hello,
>
> A buffer overflow was reported [1] in mpfr.
> This is due to incorrect GMP documentation for mpn_set_str about the
> size of a buffer (discussion is at [1]; first fix in the GMP
> documentation is at [2]). This bug is p
Package: sendmail
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see http://www.openwall.com/lists/oss-security/2014/06/03/1 for
details.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of "unsubscribe".
retitle 721052 aqualung: lacks support AC3, AAC, WavPack, WMA, etc. after being
rebuilt against libav 9/10
thanks
Sebastian Ramacher wrote:
> Source: aqualung
> Version: 0.9~beta11-1.2
> Severity: normal
>
> aqualung fails to detect libav when rebuilt against libav 9. The build
> log to rebuil a
Package: xsane
Severity: important
As pre-announced in
https://lists.debian.org/debian-devel/2013/12/msg00570.html
it is planned to remove lcms1 for jessie. Please adapt your package.
The severity will be bumped to RC-level before the jessie freeze.
Cheers,
Moritz
--
To UNSUBSCRIBE, e
Source: devil
Severity: important
As pre-announced in
https://lists.debian.org/debian-devel/2013/12/msg00570.html
it is planned to remove lcms1 for jessie. Please adapt your package.
The severity will be bumped to RC-level before the jessie freeze.
Cheers,
Moritz
--
To UNSUBSCRIBE, em
Package: forked-daapd
Severity: important
Hi,
your package fails to build from source against libav 10 (currently
packaged in experimental). This bug will become release-critical
at some point when the libav10 transition starts.
Migration documentation can be found at
https://wiki.libav.org/Migra
On Wed, Sep 25, 2013 at 08:15:42AM +0200, Marc Haber wrote:
> Package: open-vm-tools-dkms
> Severity: minor
>
> Hi,
>
> from trying, it looks like Open-vm-tools work fine with basic
> functionality if one does not install the kernel modules inside the VM.
>
> Please document (for example in the
Package: open-vm-tools-dkms
Severity: grave
open-vm-tools-dkms fails to build against Linux 3.10-1 from current Debian sid:
Mi 17. Jul 14:26:10 CEST 2013
Using 2.6.x kernel build system.
make: Entering directory `/var/lib/dkms/open-vm-tools/9.2.3/build/vmblock'
make -C /lib/modules/3.10-1-amd64/b
Package: python-qpid
Severity: grave
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1909
for details.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@list
On Fri, Oct 26, 2012 at 03:15:31PM +0200, Markus Koschany wrote:
> tags 691451 patch
> thanks
>
> My new package is available at mentors.debian.net
>
> http://mentors.debian.net/package/lgeneral
>
> and in Git at
>
> http://git.debian.org/pkg-games/lgeneral.git
>
> Please see also bug #690683.
On Sun, Oct 21, 2012 at 10:57:38PM +0200, Arthur de Jong wrote:
> On Tue, 2012-10-02 at 14:37 +0200, Moritz Muehlenhoff wrote:
> > Please see the thread starting at
> > http://www.openwall.com/lists/oss-security/2012/09/07/2
> > for details.
>
> I've had a quick l
On Thu, Oct 11, 2012 at 05:07:04PM +0200, Markus Koschany wrote:
> Hi everyone,
>
> i intend to adopt LGeneral and would like to maintain it as part of the
> Debian Games Team.
Nice!
> I'm also cc'ing Moritz and Drew because you seemed
> to be interested in LGeneral in the past and to let you k
Package: opencryptoki
Severity: grave
Tags: security
Justification: user security hole
Please see the thread starting at
http://www.openwall.com/lists/oss-security/2012/09/07/2
for details.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a s
Package: openslp-dfsg
Severity: grave
Tags: security
Justification: user security hole
Please see https://bugzilla.redhat.com/show_bug.cgi?id=857242.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
Package: ncpfs
Severity: important
Tags: security
Please see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1680
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of
Source: libcdaudio
Severity: important
Tags: patch
Please enabled hardened build flags through dpkg-buildflags.
Patch attached.
Cheers,
Moritz
diff -aur libcdaudio-0.99.12p2.harden/debian/rules libcdaudio-0.99.12p2/debian/rules
--- libcdaudio-0.99.12p2.harden/debian/rules 2012-01-18 15:5
Package: loop-aes-utils
Severity: important
Tags: patch
Please enabled hardened build flags through dpkg-buildflags.
Patch attached.
Cheers,
Moritz
diff -aur loop-aes-utils-2.16.2.harden/debian/rules loop-aes-utils-2.16.2/debian/rules
--- loop-aes-utils-2.16.2.harden/debian/rules 2011-02
Package: avifile
Severity: important
Hi,
the transition from ffmpeg/0.6.2 to libav/0.7 is planned soonish.
(libav is a ffmpeg fork, to which Debian will switch, see
http://en.wikipedia.org/wiki/FFmpeg for more information)
Your package currently fails to build from source when built against
libav
Package: kradio4
Severity: important
Hi,
the transition from ffmpeg/0.6.2 to libav/0.7 is planned soonish.
(libav is a ffmpeg fork, to which Debian will switch, see
http://en.wikipedia.org/wiki/FFmpeg for more information)
Your package currently fails to build from source when built against
libav
severity 193061 wishlist
retitle 193061 Check status of replacement data files
thanks
On Sun, Dec 19, 2010 at 10:13:43PM -0600, Drew Scott Daniels wrote:
> unarchive 193061
> found 193061 1.1.1-3
> thanks
> Removing recommends lgeneral-data for dfsg caused this bug to be a problem
> again. I'm not
On Sun, Nov 14, 2010 at 07:55:23PM +1100, david b wrote:
> Package: offlineimap
> Severity: grave
> Tags: security
> Justification: user security hole
>
> offlineimap performs absolutely no ssl certificate checking. So users
> could/can be the victim of a man in the middle attack.
> In debian the
severity 564938 normal
reassign 564938 ftp.debian.org
retitle 564938 RM: wip -- RoQA; unused, orphaned since 3.5 years, dead upstream
thanks
On Tue, Jan 12, 2010 at 09:12:46PM +, Simon McVittie wrote:
> Source: wip
> Severity: wishlist
> User: debian...@lists.debian.org
> Usertags: proposed-r
severity 564930 normal
reassign 564930 ftp.debian.org
retitle 564930 RM: aap -- RoQA; orphaned, low popcon, no rdepends, alternatives
thanks
On Tue, Jan 12, 2010 at 08:42:21PM +, Simon McVittie wrote:
> Source: aap
> Severity: wishlist
> Justification: low-popcon build tool with no rdepends
>
Package: ncpfs
Severity: grave
Tags: security
Please see http://seclists.org/fulldisclosure/2010/Mar/122 for details
and a patch.
I don't know why the ncp mount needs to be setuid root in the first,
dropping the setuidness seems like an equally adequate fix to me.
Cheers,
Moritz
-- Syst
Package: xar
Severity: grave
Tags: security
The following was reported to us by Braden Thomas of the Apple Security Team:
>> Description:
>> We've discovered a signature verification bypass issue in xar. The
>> issue is that xar_open assumes that the checksum is stored at offset
>> 0, but xar_si
Package: ytnef
Severity: grave
Tags: security
Please see
http://www.ocert.org/advisories/ocert-2009-013.html
This is CVE-2009-3721 (buffer overflows) and CVE-2009-3887 (traversal)
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500
Karl Goetz wrote:
> Hi, The following files might also be DFSG problems:
>
> BSDish licence + advertising clauses.
BSD + advertising clause is DFSG compliant.
> These have no licence grant:
> ./ippd/md4.{c,h}
> radius.c
This code comes from RFC 1186:
http://tools.ietf.org/html/rfc1186
>
severity 560920 normal
tags 560920 -security
thanks
On Sat, Dec 12, 2009 at 10:48:50PM -0500, Michael Gilbert wrote:
> package: matanza
> severity: serious
> tags: security
>
> Hi,
>
> The following CVE (Common Vulnerabilities & Exposures) ids were
> published for expat. I have determined that
Package: sun-java6
Severity: grave
Tags: security
Update 17 fixes a lot of security issues:
[58]CVE-2009-3728 Directory traversal vulnerability in the
ICC_Profile.getInstance ...
[59]CVE-2009-3729 Unspecified vulnerability in the TrueType font parsing
functionality ...
[60]CVE-2009-386
Package: sun-java5
Severity: serious
Sun Java 5 is end-of-lifed in October, see
http://www.j2ee.me/products/archive/eol.policy.html
Since security issues are frequent and cannot be fixed w/o the
source, we should probably not include it in Squeeze and remove
it from the archive.
Cheers,
Package: egroupware
Severity: serious
Egroupware has had its share of security issues in the past and is
difficult to fix/test by the Security Team w/o maintainer support.
Unless it finds an adopter before the Squeeze release, it should
rather be removed.
Cheers,
Moritz
-- System Inform
Package: glib1.2
Severity: serious
glib1.2 is deprecated along with GTK 1.2.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core)
Locale: LANG=C, l
As requested by the release managers here's the announcement that
the remaining packages still using GTK 1.2 will be removed from
testing soon now that KDE 4 has transitioned to Squeeze (kdegraphics
3 still used imlib 1 and kdebindings from KDE 3 still had bindings
for GTK 1.2):
icewm
linpopup
wmc
Package: gnome-libs
Severity: serious
gnome-libs is deprecated for Squeeze.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=C, lc
fixed 496411 20060918-3
thanks
On Sun, Nov 23, 2008 at 02:23:13AM +0100, Jiri Palecek wrote:
> Hello,
>
> On Thursday 20 November 2008 03:25:41 Raphael Geissert wrote:
> > I have found all of the reported issues in BOTH versions marked as fixed.
> > Please stop blindly closing this report and *do
On Thu, Nov 06, 2008 at 09:33:54AM +0100, Jiří Paleček wrote:
> Version: 20081031+dfsg-1
>
> Hello,
>
> I've attempted to close the bug, but have written malformed closing
> statement in the changelog. Therefore, I'm closing it manually.
Jiri, I saw that you've adopted LTP and prepared new pac
Kurt Roeckx wrote:
> Package: lockvc
> Version: 4.0.5-6
> Severity: serious
>
> Hi,
>
> It seems that lockvc sometimes segfaults on me. It's not doing it all
> time, but atleast once a week.
>
> I'm setting it to serious since the console is unlocked at that point,
> and so I consider it to be
On Mon, Aug 25, 2008 at 11:36:05PM +0200, Moritz Muehlenhoff wrote:
> On Mon, Aug 25, 2008 at 05:44:21PM +0200, Thijs Kinkhorst wrote:
> > Hi,
> >
> > > It's still very useful, but I don't have the time to maintain it myself.
> > > Unless it becomes
On Mon, Aug 25, 2008 at 05:44:21PM +0200, Thijs Kinkhorst wrote:
> Hi,
>
> > It's still very useful, but I don't have the time to maintain it myself.
> > Unless it becomes unusable for some reason I'd like to see it kept.
>
> Well, it now has an RC bug about a temp file issue. No-one has turned u
=low
+
+ * Non-maintainer upload.
+ * Fix FTBFS (Closes: #487007)
+
+ -- Moritz Muehlenhoff <[EMAIL PROTECTED]> Fri, 27 Jun 2008 21:36:51 +0200
+
tapiir (0.7.1-9) unstable; urgency=medium
* QA upload.
diff -u tapiir-0.7.1/debian/control tapiir-0.7.1/debian/control
--- tapiir-0.7.1/
) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fix GCC 4.3 compatibility, based on initial patch by Kumar Appaiah
+(Closes: #462203)
+
+ -- Moritz Muehlenhoff <[EMAIL PROTECTED]> Fri, 21 Mar 2008 00:36:31 +0100
+
briquolo (0.5.6-2) unstable; urgency=low
* Orphaning package, s
severity 455784 normal
thanks
On Tue, Dec 11, 2007 at 02:12:43PM -0600, Gus wrote:
> Package: briquolo
> Version: 0.5.5-1
> Severity: grave
> Justification: renders package unusable
>
> *** Please type your report below this line ***
>
> After installing a new kernel this morning, i get segfaults
/changelog
@@ -1,3 +1,10 @@
+lineak-defaultplugin (1:0.9-4.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fix GCC 4.3 compatibility, patch by Cyril Brulebois (Closes: #454866)
+
+ -- Moritz Muehlenhoff <[EMAIL PROTECTED]> Thu, 20 Mar 2008 01:24:26 +0100
+
lineak-defaultplugin (1
severity 133170 important
thanks
Hi,
for Lenny we'd like to stop supporting two freetype packages in the archive.
freetype1 has been in oldlibs for Etch, it has very few reverse deps left
and we'll try to phase it out now.
Please adapt your package, so that it links against the regular freetype
pa
Package: vflib3
Severity: important
Hi,
for Lenny we'd like to stop supporting two freetype packages in the archive.
freetype1 has been in oldlibs for Etch, it has very few reverse deps left
and we'll try to phase it out now.
Please adapt your package, so that it links against the regular freetype
Package: pike7.6-image
Severity: important
Hi,
for Lenny we'd like to stop supporting two freetype packages in the archive.
freetype1 has been in oldlibs for Etch, it has very few reverse deps left
and we'll try to phase it out now.
Please adapt your package, so that it links against the regular f
Package: vflib2
Severity: important
Hi,
for Lenny we'd like to stop supporting two freetype packages in the archive.
freetype1 has been in oldlibs for Etch, it has very few reverse deps left
and we'll try to phase it out now.
Please adapt your package, so that it links against the regular freetype
Package: tex-guy
Severity: important
Hi,
for Lenny we'd like to stop supporting two freetype packages in the archive.
freetype1 has been in oldlibs for Etch, it has very few reverse deps left
and we'll try to phase it out now.
Please adapt your package, so that it links against the regular freetyp
Package: flyspray
Severity: serious
Your package includes a copy of PHPMailer, which also is packaged as
libphp-phpmailer in the archive. You need to fix your package
to use the system-wide library. Otherwise it requires too much overhead
whenever a vulnerability in PHPMailer is found. (like right
Package: libapache2-mod-layout
Severity: grave
It's been filed for removal from sid:
reassign 392229 ftp.debian.org
retitle 392229 RM: libapache2-mod-layout -- RoM; orphaned, buggy
thanks
On Wed, Nov 15, 2006 at 03:47:45PM +0100, Luk Claes wrote:
> > You uploaded libapache2-mod-layout 4.0.
Package: timezoneconf
Severity: grave
It's been filed for removal from sid:
reassign 379035 ftp.debian.org
retitle 379035 RM: timezoneconf -- RoQA; orphaned, unsupportably buggy
thanks
Some of the more unsupportable bugs are 275289 and 289637.
Like localeconf and etherconf, this is one of
Package: hubcot-source
Severity: grave
Justification: renders package unusable
This kernel driver is from 2001 and I've been unable to compile
it against 2.6.18. Since the kernel build system is based on Kconfig
nowadays the Makefile would nee rework (and most probably the driver
itself as well to
Package: drupal
Severity: grave
Drupal is currently orphaned and two major releases behind upstream.
It is regularly subject to vulnerabilities being actively exploited.
I've seen that there has been some interest in adopting it in June,
but nothing has materialised yet (also not in NEW).
The cu
On Wed, Jun 14, 2006 at 05:53:45PM -0500, Alec Berryman wrote:
> Package: libjpeg-mmx
> Severity: important
> Tags: security patch
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> CVE-2006-3005: "The JPEG library in media-libs/jpeg before 6b-r7 on
> Gentoo Linux is built without the -maxme
1 - 100 of 101 matches
Mail list logo
