Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Although it is an upstream release, please unblock suricata 4.1.4-1 for
buster.
Suricata is an Intrusion Detection System (IDS), which makes it
exposed to malicious traffic by design. The up
and issue a warning if not matching the tss
+ user.
+- Do not try to change uid before running tcsd, the daemon already changes
+ its uid just after starting.
+ * Urgency high, RC bug
+
+ -- Pierre Chifflier Tue, 04 Nov 2014 15:11:08 +0100
+
trousers (0.3.13-2) unstable; urgency
:
+prelude-manager.postrm: Fix debconf usage. Source confmodule at the very
+beginning (if available). Drop extra db_purge call as that is already
+added by dh_installdebconf. (Closes: #660455)
+ * Acknowledge NMU
+
+ -- Pierre Chifflier Mon, 18 Mar 2013 00:03:20 +0100
+
prelude-manager
On Thu, Feb 21, 2013 at 08:33:16PM +, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On Tue, 2013-02-19 at 23:21 +0100, Pierre Chifflier wrote:
> > Please unblock package trousers
> >
> > Upload 0.3.9-3+wheezy1 fixes a serious bug which causes installat
:17.0 +0200
+++ trousers-0.3.9/debian/changelog 2013-02-19 22:56:59.0 +0100
@@ -1,3 +1,10 @@
+trousers (0.3.9-3+wheezy1) stable-proposed-updates; urgency=low
+
+ * Reload udev rules before triggering event during postinst
+(Closes: #581505)
+
+ -- Pierre Chifflier Mon, 18 Feb 2013 17:29
On Sat, Jan 26, 2013 at 01:39:57PM +0100, Niels Thykier wrote:
> Control: tags -1 moreinfo
>
> On 2013-01-25 18:57, Christian PERRIER wrote:
> > Quoting Pierre Chifflier (pol...@debian.org):
> >
> >> I will indeed remove the files from the source. I just did a minim
On Fri, Jan 25, 2013 at 12:20:36PM +0100, Niels Thykier wrote:
> Control: tags -1 moreinfo
>
> On 2013-01-25 11:51, Pierre Chifflier wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unbloc
by Debian package, the embedded one
+contains a flash file built with a vulnerable version of yui (charts.swf).
+(Closes: #694642)
+ * Urgency high, this is a RC bug
+
+ -- Pierre Chifflier Fri, 25 Jan 2013 11:37:09 +0100
+
glpi (0.83.31-1) unstable; urgency=medium
* Imported Upstre
On Fri, Jan 25, 2013 at 07:15:43AM +0100, Christian PERRIER wrote:
> Quoting Niels Thykier (ni...@thykier.net):
>
> > Pierre Chifflier
> >glpi
>
> I looked briefly at the RC bug for glpi (#694642). It seems that an
> embedded Flash file provided with the package h
On Mon, Jul 30, 2012 at 02:49:50PM +0200, Niels Thykier wrote:
> On 2012-07-23 10:56, Pierre Chifflier wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> >
> > Hi,
> >
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
GLPI 0.83.31 (micro-fix based on 0.83.3) is an important security
release, fixing two CVEs:
CVE-2012-4002:
Bug #3704: CSRF prevention step 1
Bug #3707: CSRF prevention step 2
CVE-
On Sat, Jul 21, 2012 at 12:23:03PM +0200, Julien Cristau wrote:
> On Thu, Jul 5, 2012 at 21:25:38 +0200, Pierre Chifflier wrote:
>
> > +# kill tcsd (and any other process owned by the tss user)
> > +killall -u tss 2>/dev/null || true
>
> Why
On Thu, Jul 05, 2012 at 09:17:59PM +0200, Pierre Chifflier wrote:
>
> I've attached a full debdiff (modifications of both packages).
>
Here it is
diff -Nru trousers-0.3.9/debian/changelog trousers-0.3.9/debian/changelog
--- trousers-0.3.9/debian/changelog 2012-06-18 22:22:21.0
On Thu, Jul 05, 2012 at 10:01:08AM +0200, Pierre Chifflier wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package trousers
>
> This version fixes an annoying bug which prev
) unstable; urgency=low
+
+ * Add workaround for upgrade failure for versions before 0.3.8-3
+(Closes: #679621)
+
+ -- Pierre Chifflier Wed, 04 Jul 2012 21:57:22 +0200
+
trousers (0.3.9-1) unstable; urgency=low
* Imported Upstream version 0.3.9
diff -Nru trousers-0.3.9/debian
Hi,
pgdesigner is actually uninstallable due to the removal of
gambas2-gb-qt-kde and gambas2-gb-qt-kde-html (See #620646).
After some discussions with the gambas maintainer (#620646) and
upstream, it seems there is no solution since upstream is not really
willing to port gambas to Qt4 [1]
Withou
On 01/20/2011 09:54 PM, Adam D. Barratt wrote:
> That's in progress; if you check the "for" column on [1], all the times
> are within the past day or so.
>
> The i386, powerpc and s390 binNMUs are already in the archive and the
> armel package will be after tonight's britney run. The status of
>
Hi release team,
As discussed some time ago, xtables-addons needs a rebuild in squeeze to
be rebuilt with the correct iptables-dev dependencies.
The binNMU has been proposed some time ago successfully [1], however the
package did not made it into squeeze [2]
This caused by the version number (sid
On 01/17/2011 03:13 PM, Julien Cristau wrote:
[..]
>>
> It also means I have no idea whether the bytecode we were shipping
> before had anything to do with the source files.
True. I'll put some real clean / rebuild all code with a next upload for
sid, to remove any binary file.
>
> Anyway, unblo
On 01/16/2011 04:25 PM, Julien Cristau wrote:
> On Tue, Jan 11, 2011 at 12:22:24 +0100, Pierre Chifflier wrote:
>
>> Hi,
>>
>> pgdesigner 1.2.17-2 has just been uploaded to sid, and closes an RC bug
>> affecting squeeze.
>> I've managed to backport only t
2010/11/9 Adam D. Barratt :
>> The solution is to trigger a rebuild of package xtables-addons with the
>> current versions of the squeeze tools.
>> Can you trigger a rebuild, or redirect me to the best way of doing this ?
>
> I've scheduled binNMUs in testing to fix this. To stop it happening
> ag
Hi,
pgdesigner 1.2.17-2 has just been uploaded to sid, and closes an RC bug
affecting squeeze.
I've managed to backport only the fix from the svn repository and make a
minimal patch
Cheers,
Pierre
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscrib
On 12/01/2010 10:48 PM, Adam D. Barratt wrote:
> I've just had a quick look at your t-p-u upload for suricata. Without
> getting too far in to checking the patches themselves, one thing that I
> noticed is that the diff adds nine new patches to debian/patches but
> debian/patches/series is only ei
On 08/30/2010 10:22 AM, Pierre Chifflier wrote:
> On Thu, Aug 26, 2010 at 02:06:23PM +0400, Sergey Ptashnick wrote:
>> Package: xtables-addons-common
>> Version: 1.26-2
>> Severity: important
>>
>> ipset from xtables-addons-common 1.26-2 (sqeeze) requires shared
Hi,
Suricata 1.0.2 was released after the freeze, and it fixes several
bugs (exactly, "half a dozen TCP evasions").
See http://www.packetstan.com/2010/09/suricata-tcp-evasions.html
The git commits are more or less exactly the fixes, so I am proposing to unblock
suricata 1.0.2 since porting the fi
On Thu, Aug 12, 2010 at 08:35:21PM +0100, Adam D. Barratt wrote:
> On Thu, 2010-08-12 at 17:09 +0200, Pierre Chifflier wrote:
> > xtables-addons 1.26-2 contains the following (important) changes:
> >
> >* Do not build the TEE target (Closes: #592237)
> >*
Hi,
I missed the freeze date for a few days (I was in vacation), so I
couldn't upload suricata 1.0.1 in time ..
Would it be possible to allow 1.0.1-1 to go in Squeeze ? I know this is
a new (upstream) version, but the changes are almost only bugfixes and
are really important imho:
Improvements
Hi,
OpenSCAP 0.5.12-3 has been uploaded, with a fix for an RC bug.
* Fix FTBFS on GNU/kFreeBSD (Closes: #592486)
* Bump standards version to 3.9.1
Can you unblock it for squeeze ?
Thank,
Pierre
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsub
Hi,
xtables-addons 1.26-2 contains the following (important) changes:
* Do not build the TEE target (Closes: #592237)
* Fix build not to use kernel headers when building source (Closes: #581779)
* Bump standards version to 3.9.1
Can you please unblock it ?
Thanks,
Pierre
--
To UNSUB
On Thu, May 27, 2010 at 07:17:27PM +0100, Adam D. Barratt wrote:
> On Wed, 2010-05-26 at 23:48 +0200, Pierre Chifflier wrote:
> > I have a problem with some of my packages: nuapplet and nufw (the first
> > depends on some libraries provided by the second).
> > Recently, th
Hi,
I have a problem with some of my packages: nuapplet and nufw (the first
depends on some libraries provided by the second).
Recently, there was a bug in nufw causing a build failure in nuapplet [1]
The transition was then (automatically) blocked for both packages.
I have uploaded new version f
On Fri, Nov 14, 2008 at 02:50:05PM -0600, Raphael Geissert wrote:
> Hi all,
>
> While taking a look at the PTS I noticed there is an unblock hint for fosil
> 0.9-1 in freeze-exception but it never took place because 0.9.1-1 was
> uploaded just four days after 0.9-1.
>
> Since the changelog of t
Hi,
These two updates occurs after a discussion with websvn upstream, to
validate the corrections. Security problem is described at:
http://www.gulftech.org/?node=research&article_id=00132-10202008
(I haven't found any related CVE, but a Secunia advisory:
http://secunia.com/advisories/32338/
)
Th
Hi,
Please allow glpi 0.68.2-1etch0.2 (etch) and 0.70.2-2 (testing) updates,
They close a RC bug by updating a file to a version covered by a
DFSG-free license (CC-SA 2.0 => LGPLv3).
The author of the file has agreed to change the license after a
discussion, which is a very good news :)
Changelog
Hi,
Please allow pgsnap 0.4.0-2 to enter Lenny, it fixes an important
problem:
* Fix pgsnap for relative paths (Closes: #501882)
Cheers,
Pierre
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
Please allow nufw 2.2.15-3 to enter lenny.
It fixes an important bug, which creates problems during installation.
* Rewrite certificate generation code to use make-ssl-cert (Closes: #497778)
Cheers,
Pierre
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". T
Hi,
Please allow websvn 2.0-3 to enter lenny, it fixes a RC bug.
* Acknowledge NMU (thanks Thijs Kinkhorst) (Closes: #417142)
* Bump standards version to 3.8.0 (no changes)
.
* Non-maintainer upload.
* Fix unconditional use of debconf in postrm (Closes: #417142).
Cheers,
Pierre
--
T
Hi,
Please allow wzdftpd 0.8.3-5 into Lenny.
If fixes a RC bug (wrong use of embedded Perl).
Changelog:
* Add patch to fix use of embedded Perl (call PERL_SYS_INIT3)
(Closes: #495079)
* urgency=high because of RC bug
* Bump standards version to 3.8.0 (no changes)
Thanks,
Pierre
-
Hi,
Please include nufw 2.2.15-2 into lenny, it fixes a RC bug which is tagged
security (rpath to insecure location).
Changelog:
* Remove rpath to insecure location (Closes: #495769)
* urgency=high because of RC bug
* Add dependency on rpath
* Bump standards version (no changes)
Than
Hi,
I just uploaded ocsinventory-server 1.01-6 to unstable, which contains a
fix that should go to Lenny, imho: this version allows to install
package and skip the dbconfig part. Without the fix, it was impossible
to install ocsinventory-server during the installation (since the MySQL
server was n
On Wed, Jan 09, 2008 at 12:46:03PM +0100, Nico Golde wrote:
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for nufw some time ago.
>
> CVE-2007-5723[0]:
> | Heap-based buffer overflow in the samp_send function in nuauth/sasl.c
> | in NuFW before 2.2.7 allows remo
On Thu, Nov 01, 2007 at 07:23:48PM +1100, Steffen Joeris wrote:
> Hi
>
> There has been a CVE[0] issued against nufw. I would like to request a bump
> of the urgency to get it migrated to testing.
>
> Cheers
> Steffen
>
> [0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5723
Hi,
The
Hi,
wzdftpd 0.8.1-1 has been removed from etch a few days ago, because of a
RC bug. I've fixed the RC bug in version 0.8.1-2.
Can you please unblock wzdftpd ?
Thanks,
Pierre
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Sun, Mar 04, 2007 at 11:23:50AM +0100, Christian Perrier wrote:
> > Yes, this would be ok. (Hmm, only 3 translations? :)
>
>
> Thanks. I'm doing a small call for new translations and will update
> both the testing and unstable versions.
>
>
Hi,
As the glpi maintainer, I'm ok with these up
On Tue, Jul 04, 2006 at 02:30:10PM +0200, Julien Danjou wrote:
> Hello,
>
> The fix for DSA-1006-1 on wzdftpd broke dependencies as explained in bug
> report #372531.
> We would like to see this bug fixed in the next stable point-release.
>
> Would it be possible to the security team to fix this
45 matches
Mail list logo
