RC Bugs 2013/22

Again not much work on RC bugs done in 2013/22:

• #702776 - ganglia: limiting security support

  Manually close the bug in BTS.

• #666129 - new upstream version fixes security problem with the secret file (CVE-2012-6140)

  Manually close the bug in BTS.

RC Bugs 2013/21

Not much concrete work on RC bugs done:

• #665555 - gxine: Including individual glib headers no longer supported

  Investigated the further FTBFS and send information to the BTS.

• #705909 - libmath-prime-util-perl: FTBFS (failing tests) on some architectures (but built previously)

  Applied patch from upstream git repository and uploaded package to unstable.

RC Bugs 2013/20

After the release I really slowly started again working on my own packages and from time to time also look at UDD. Still, no much work done:

• #706667 - xmp: CVE-2013-1980: MASI parsing buffer overflow

  Uploaded package with patch for CVE-2013-1980.

• #699615 - CVE-2013-0250 - corosync: Remote DoS due improper HMAC initialization

  Manually closed the bugreport.

RC Bugs 2013/19

After the Wheezy release now there are again more RC bugs opening.

• #707406 - perlipq: FTBFS: libipq.h:33:43: fatal error: linux/netfilteripv4/ipqueue.h: No such file or directory

  Add comment in BTS.

RC Bugs 2013/18

Again the week before the Wheezy release not much work done on fixing RC bugs itself.

• #706732 - FTBFS: tests require internet connectivity

  Only run tests which do not require network connectivity.

RC Bugs 2013/17

Explicit work done on RC bugs in 2013/17:

• #702267 - stunnel: CVE-2013-1762 buffer overflow in NTLM authentication of the CONNECT protocol negotiation

  Tried to extract the patch for unstable and testing version and sent to the BTS.

RC Bugs 2013/15

This week was a quite busy week elswhere. Thus no direct work on RC bugs done.

• #705274 - curl: CVE-2013-1944: libcurl cookie domain tailmatch

  Upload the packages with the work already prepared by Alessandro Ghedini.

RC Bugs 2013/14

Work on RC bugs in 2013/14:

• #674447 - CVE-212-2942

  Investigated the references and sent a update to the BTS.

RC Bugs 2013/13

Again not much work done on concrete RC bugs in the week 2013/13:

• #702905 - almanah: CVE-2013-1853: Almanah doesn't encrypt the database

  Mark found versions correctly in BTS and did some small tests to check also regression from Squeeze to Wheezy updates. Comment on the corresponding unblock request bug.

• #703862 - libnet-jabber-perl: Missing Digest::SHA1 dependency (replace with Digest::SHA)

  Add patch to use Digest::SHA instead of Digest::SHA1.

• #703933 - libxslt: CVE-2012-6139

  Checked the bug and prepared debdiffs. Version in unstable uploaded.

RC Bugs 2013/12

Work on RC bugs done in 2013/12:

• #702775 - ganglia: limiting security support

  Comment on proposed text for README.Debian.security.

• #703348 - CVE-2013-1854

  Manually close bug, as it was fixed in unstable.

• #703349 - CVE-2013-1855 CVE-2013-1857

  Manually close bug, as it was fixed in unstable.

Categories

• bugs (74)
• debconf (2)
• debconf12 (1)
• debconf13 (1)
• debian (76)
• rc (74)

Archive

• December 2013 (1)
• November 2013 (3)
• October 2013 (4)
• September 2013 (2)
• August 2013 (3)
• July 2013 (3)
• June 2013 (4)
• May 2013 (5)
• April 2013 (3)
• March 2013 (3)
• February 2013 (4)
• January 2013 (5)
• December 2012 (4)
• November 2012 (4)
• October 2012 (4)
• September 2012 (4)
• August 2012 (2)
• July 2012 (5)
• June 2012 (4)
• May 2012 (5)
• April 2012 (4)
• March 2012 (1)

Links

• My Debian QA Page
• Bug Counts
• Full lintian reports
• Bugstats
• Buildd Overview
• http://portfolio.debian.net

Copyright © 2013 Salvatore Bonaccorso. Powered by BlazeBlogger.