RC Bugs 2013/05

No much work on actually fixing RC bugs done:

• #699316 - libupnp: Multiple stack buffer overflow vulnerabilities

  Sent debdiff (created with the patch found in Red Hat bugtracker) to the BTS.

RC Bugs 2013/04

Work done on RC bugs for 2013/04:

• #698231 - memcached: CVE-2013-0179

  Upload patch as NMU to DELAYED/5 queue.

• #698737 - owncloud: Multiple XSS vulnerabilities (oC-SA-2013-001)

  Sent patch to the BTS.

• #698940 - libcommon-sense-perl is not in the list of libev-perl dependencies

  Add missing Depends on libcommon-sense-perl.

RC Bugs 2013/03

My work done on RC bugs (only where I contributed to closing a bug):

• #696424 - sanlock: CVE-2012-5638

  Upload package prepared by David Weber.

• #698375 - gfs2-utils: fails to upgrade from squeeze: insserv: script gfs2-utils: service gfs2 already provided!

  Investigated the issue and sent a update to the BTS.

• #684810 - rgl: FTBFS: types.h:98:5: error: 'copy' was not declared in this scope, and no declarations were found by argument-dependent lookup at the point of instantiation [-fpermissive]

  Upload patch by Laszlo Kajan to testing-proposed-updates.

• #698231 - memcached: CVE-2013-0179

  Propose debdiff to the BTS.

• #683584 - ganglia: [Debian RT] CVE-2012-3448: arbitrary script execution

  Investigated the issue for Squeeze and proposed a debdiff based on the changes done upstream between 3.1.7 and 3.1.8.

RC Bugs 2013/02

I tried to work again on security-tracker releated topics last week. For working on RC bugs, this is what I've done in 2013/02:

• #685061 - gfs2-utils: fails to install due to incorrect dependencies in init.d LSB header

  Add a Depends on gfs2-cluster for gfs2-utils binary package. Sent debdiff to the BTS. Uploaded the package to DELAYED/5 queue.

• #697870 - redhat-cluster-suite: Fails to install due to removed clvm package

  Sent patch for unstable to the BTS. Uploaded package to DELAYED/5 queue.

• #697186 - Missing dependency on libcollection-dev

  Upload package.

• #697895 - Update libextlib-ruby / ruby-extlib for vulnerabilities (Re: CVE-2013-0156)

  Propose debdiffs to the BTS.

• #697221 - motion: No longer has support for mysql

  Propose patch to the BTS.

RC Bugs 2013/01

Work done on RC bugs in 2013/01:

• #696736 - Insecure permissions on database files

  Upload NMU to the DELAYED/7 queue.

• Fix a FTBFS in libconfig-model-dpkg-perl (no bugreport) if there is no writable $HOME available during tests in build.

• #696424 - sanlock: CVE-2012-5638

  Sent proposed debdiff to the BTS.

• #697375 - rpm: CVE-2012-6088

  Sent proposed debdiffs to the BTS. After Michal's confirmation prepared uploads for unstable and testing.

Categories

• bugs (74)
• debconf (2)
• debconf12 (1)
• debconf13 (1)
• debian (76)
• rc (74)

Archive

• December 2013 (1)
• November 2013 (3)
• October 2013 (4)
• September 2013 (2)
• August 2013 (3)
• July 2013 (3)
• June 2013 (4)
• May 2013 (5)
• April 2013 (3)
• March 2013 (3)
• February 2013 (4)
• January 2013 (5)
• December 2012 (4)
• November 2012 (4)
• October 2012 (4)
• September 2012 (4)
• August 2012 (2)
• July 2012 (5)
• June 2012 (4)
• May 2012 (5)
• April 2012 (4)
• March 2012 (1)

Links

• My Debian QA Page
• Bug Counts
• Full lintian reports
• Bugstats
• Buildd Overview
• http://portfolio.debian.net

Copyright © 2013 Salvatore Bonaccorso. Powered by BlazeBlogger.