Source: mpg123
Version: 1.25.0-1
Severity: important
Tags: upstream security
Hi,
the following vulnerability was published for mpg123.
CVE-2017-10683[0]:
| In mpg123 1.25.0, there is a heap-based buffer over-read in the
| convert_latin1 function in libmpg123/id3.c. A crafted input will lead
| to
Processing control commands:
> tags -1 + patch
Bug #866860 [src:mpg123] mpg123: CVE-2017-10683
Added tag(s) patch.
--
866860: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866860
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
__
Control: tags -1 + patch
On Sun, Jul 02, 2017 at 11:12:36AM +0200, Salvatore Bonaccorso wrote:
> Source: mpg123
> Version: 1.25.0-1
> Severity: important
> Tags: upstream security
>
> Hi,
>
> the following vulnerability was published for mpg123.
>
> CVE-2017-10683[0]:
> | In mpg123 1.25.0, ther
Am Sun, 02 Jul 2017 11:12:36 +0200
schrieb Salvatore Bonaccorso :
> CVE-2017-10683[0]:
> | In mpg123 1.25.0, there is a heap-based buffer over-read in the
> | convert_latin1 function in libmpg123/id3.c. A crafted input will lead
> | to a remote denial of service attack.
I don't oppose the creati
Processing commands for cont...@bugs.debian.org:
> found 866860 1.20.1-2
Bug #866860 [src:mpg123] mpg123: CVE-2017-10683
Marked as found in versions mpg123/1.20.1-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
866860: http://bugs.debian.org/cgi-bin/bugreport.c
Control: tags -1 + moreinfo
On 2017-07-01 13:23:16, Andreas Beckmann wrote:
> Package: vlc-bin
> Version: 2.2.6-2
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: piuparts
> Control: affects -1 + kmplayer
>
> Hi,
>
> during a test with piuparts I noticed your package fails to u
Processing control commands:
> tags -1 + moreinfo
Bug #866738 [vlc-bin] vlc-bin: fails to upgrade from 'stretch' - trying to
overwrite /usr/bin/cvlc
Added tag(s) moreinfo.
--
866738: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866738
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Your message dated Sun, 2 Jul 2017 16:30:21 +0200
with message-id <8e00a4e3-7498-50e8-25ac-348b48c70...@debian.org>
and subject line Re: Bug#866738: vlc-bin: fails to upgrade from 'stretch' -
trying to overwrite /usr/bin/cvlc
has caused the Debian Bug report #866738,
regarding vlc-bin: fails to up
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of mpg123:
https://security-tracker.debian.org/tracker/CVE-2017-10683
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined her
Processing control commands:
> tag -1 moreinfo unreproducible
Bug #866532 [inkscape] inkscape: Fails to start because of libgsl.so.0 can't be
found
Added tag(s) unreproducible and moreinfo.
--
866532: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866532
Debian Bug Tracking System
Contact ow.
Control: tag -1 moreinfo unreproducible
On Fri, Jun 30, 2017 at 12:33:44AM +0200, greggy wrote:
> Inkscape fails to start with the following error message:
>
> $ inkscape
> inkscape: error while loading shared libraries: libgsl.so.0: cannot open
> shared object file: No such file or directory
>
Processing control commands:
> forwarded -1 https://bugs.launchpad.net/inkscape/+bug/1701930
Bug #864415 [inkscape] [inkscape] crash while rotating with snap to path
Set Bug forwarded-to-address to
'https://bugs.launchpad.net/inkscape/+bug/1701930'.
> tag -1 upstream
Bug #864415 [inkscape] [inksc
Control: forwarded -1 https://bugs.launchpad.net/inkscape/+bug/1701930
Control: tag -1 upstream
Control: severity -1 normal
Sorry, it slipped past me…
On Fri, Jun 09, 2017 at 07:45:16PM +0200, Carsten Knoll wrote:
> See the attached file. It crashes in 100% of cases, if I rotate the
> dashed lin
Processing commands for cont...@bugs.debian.org:
> tag 861362 pending
Bug #861362 [src:jsusfx] src:jsusfx: unnecessary versioned b-d on php7.0-cli?
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
861362: http://bugs.debian.org/cgi-bin/bugrepo
jsusfx_0.3.1-3_amd64.changes uploaded successfully to localhost
along with the files:
jsusfx_0.3.1-3.dsc
jsusfx_0.3.1-3.debian.tar.xz
jsusfx_0.3.1-3_amd64.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
__
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 02 Jul 2017 20:54:58 +0200
Source: jsusfx
Binary: pd-jsusfx
Architecture: source
Version: 0.3.1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: IOhannes m zmölnig (D
Your message dated Sun, 02 Jul 2017 19:20:09 +
with message-id
and subject line Bug#861362: fixed in jsusfx 0.3.1-3
has caused the Debian Bug report #861362,
regarding src:jsusfx: unnecessary versioned b-d on php7.0-cli?
to be marked as done.
This means that you claim that the problem has bee
Hi Mattia,
I was actually a bit hesitant to submit this report, and indeed I should
have investigated a bit more.
You were right: I wasn't executing version 0.92.1-1 from stretch, but a
self-compiled version, which was linked to libgsl.so.0. Everything works
fine now. All my apologies.
Best,
Greg
qtractor_0.8.3-1_amd64.changes uploaded successfully to localhost
along with the files:
qtractor_0.8.3-1.dsc
qtractor_0.8.3.orig.tar.gz
qtractor_0.8.3-1.debian.tar.xz
qtractor_0.8.3-1_amd64.buildinfo
qtractor_0.8.3-1_amd64.deb
Greetings,
Your Debian queue daemon (running on host
Your message dated Mon, 3 Jul 2017 00:06:12 +0200
with message-id <20170702220610.7l3key27dukkp...@mapreri.org>
and subject line Re: Bug#866532: inkscape: Fails to start because of
libgsl.so.0 can't be found
has caused the Debian Bug report #866532,
regarding inkscape: Fails to start because of li
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 02 Jul 2017 23:47:49 +0200
Source: qtractor
Binary: qtractor
Architecture: source amd64
Version: 0.8.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Jaromír Mikeš
Processing commands for cont...@bugs.debian.org:
> # fixing up bug metadata to allow archival
> reassign 851748 menu-cache
Bug #851748 {Done: Andriy Grytsenko } [libfm-extra4]
libfm-extra4 in debian/testing kills LXDE menus
Bug reassigned from package 'libfm-extra4' to 'menu-cache'.
No longer mar
Control: tags -1 unreproducible moreinfo
Hi Susu,
2017-06-02 3:54 GMT+02:00 susu <0x73757...@gmail.com>:
> Package: kodi
> Version: version 2:17.1+dfsg1-3
> Severity: important
>
> Dear Maintainer,
>
> Dear Maintainer,
>
> oh ,my kodi not work.
> $kodi
> /usr/lib/x86_64-linux-gnu/kodi/kodi.bin: e
Processing control commands:
> tags -1 unreproducible moreinfo
Bug #863925 [kodi] kodi not work
Added tag(s) moreinfo and unreproducible.
--
863925: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863925
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
___
ardour_5.10.0~dfsg-1_amd64.changes uploaded successfully to localhost
along with the files:
ardour_5.10.0~dfsg-1.dsc
ardour_5.10.0~dfsg.orig.tar.bz2
ardour_5.10.0~dfsg-1.debian.tar.xz
ardour-altivec_5.10.0~dfsg-1_all.deb
ardour-data_5.10.0~dfsg-1_all.deb
ardour-dbgsym_5.10.0~dfsg-1_amd6
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 02 Jul 2017 23:45:55 +0200
Source: ardour
Binary: ardour ardour-data ardour-video-timeline ardour3 ardour-i686
ardour-altivec
Architecture: source all amd64
Version: 1:5.10.0~dfsg-1
Distribution: unstable
Urgency:
qsampler_0.4.3-1_amd64.changes uploaded successfully to localhost
along with the files:
qsampler_0.4.3-1.dsc
qsampler_0.4.3.orig.tar.gz
qsampler_0.4.3-1.debian.tar.xz
qsampler-dbgsym_0.4.3-1_amd64.deb
qsampler_0.4.3-1_amd64.buildinfo
qsampler_0.4.3-1_amd64.deb
Greetings,
Your
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 03 Jul 2017 01:35:42 +0200
Source: qsampler
Binary: qsampler
Architecture: source amd64
Version: 0.4.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Jaromír Mikeš
FYI: The status of the csoundqt source package
in Debian's testing distribution has changed.
Previous version: 0.9.3-1
Current version: 0.9.4-1
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you will receiv
FYI: The status of the qmidinet source package
in Debian's testing distribution has changed.
Previous version: 0.4.2-2
Current version: 0.4.3-2
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you will receiv
FYI: The status of the rtkit source package
in Debian's testing distribution has changed.
Previous version: 0.11-4
Current version: 0.11-5
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you will receive
lat
FYI: The status of the frei0r source package
in Debian's testing distribution has changed.
Previous version: 1.6.0-1
Current version: 1.6.1-1
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you will receive
FYI: The status of the blender source package
in Debian's testing distribution has changed.
Previous version: 2.78.a+dfsg0-4
Current version: 2.78.c+dfsg0-2
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day yo
33 matches
Mail list logo
