X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/blobdiff_plain/466c9f7daf4ca3103387ee36545e342dc871dbe8..c195916edaa80040b7106b041e08bcb43c4501f1:/doc/LennyBugsAll?ds=sidebyside diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll index b8096a7..be4eab3 100644 --- a/doc/LennyBugsAll +++ b/doc/LennyBugsAll @@ -30,6 +30,10 @@ in [http://packages.debian.org/lenny/dk-filter dk-filter] "dk-filter reliably crashes upon connection from postfix" [[BR]](Note: bug report, little followup. Test, reproduce, debug, fix.) +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] +in [http://packages.debian.org/lenny/splashy splashy] +"splashy: Splashy fails to install due to missing default theme" + These ones are only about 2 weeks old: [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] @@ -157,10 +161,6 @@ in [http://packages.debian.org/lenny/ghostscript ghostscript] in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1] "epiphany-webkit: Crashes at startup whenever I go to a site." -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] -in [http://packages.debian.org/lenny/egroupware-core egroupware-core] -"CVE-2007-3215: phpmailer issue (embedded code-copy)" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373] in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl] "libtemplate-perl: Upgrade from etch breaks code using DBI plugins" @@ -181,42 +181,14 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk] "gnu-fdisk: wipes out MBR when used on GPT partitions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] -in [http://packages.debian.org/lenny/wordpress wordpress] -"wordpress can be subject of delayed attacks via cookies" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918] in [http://packages.debian.org/lenny/network-manager network-manager] "Updating to lenny failed when NetworkManager got updated" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] -in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] -"ffmpeg-debian: Several security issues" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237] in [http://packages.debian.org/lenny/snmpd snmpd] "/etc/init.d/snmpd start reports error if already running" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] -in [http://packages.debian.org/lenny/icedove icedove] -"Mozilla Thunderbird Multiple Vulnerabilities" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] -in [http://packages.debian.org/lenny/splashy splashy] -"splashy: Splashy fails to install due to missing default theme" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] -in [http://packages.debian.org/lenny/mailscanner mailscanner] -"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] -in [http://packages.debian.org/lenny/xml2rfc xml2rfc] -"Yet another boilerplate change" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] -in [http://packages.debian.org/lenny/wireshark wireshark] -"wireshark: DoS caused by sending a SMTP request with large content" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748] in [http://packages.debian.org/lenny/rtorrent rtorrent] "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')" @@ -237,6 +209,20 @@ in [http://packages.debian.org/lenny/open-iscsi open-iscsi] in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools] "initramfs-tools: Wrong check for udevadm in functions" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] +in [http://packages.debian.org/lenny/release.debian.org release.debian.org] +"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" + += Unclassified Security = + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] +in [http://packages.debian.org/lenny/icedove icedove] +"Mozilla Thunderbird Multiple Vulnerabilities" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] +in [http://packages.debian.org/lenny/mailscanner mailscanner] +"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" + [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] in [http://packages.debian.org/lenny/xine-lib xine-lib] "xine-lib: CVE-2008-5242 heap-based buffer overflow" @@ -245,18 +231,21 @@ in [http://packages.debian.org/lenny/xine-lib xine-lib] in [http://packages.debian.org/lenny/xine-lib xine-lib] "xine-lib: CVE-2008-5246 heap overflow" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] -in [http://packages.debian.org/lenny/release.debian.org release.debian.org] -"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] +in [http://packages.debian.org/lenny/wireshark wireshark] +"wireshark: DoS caused by sending a SMTP request with large content" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] -in [http://packages.debian.org/lenny/amule-daemon amule-daemon] -"amule-daemon: causes OOM's by leaking lots of memory" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] +in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] +"ffmpeg-debian: Several security issues" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] -in [http://packages.debian.org/lenny/smarty smarty] -"smarty: Non-free logo included in package" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] +in [http://packages.debian.org/lenny/wordpress wordpress] +"wordpress can be subject of delayed attacks via cookies" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] +in [http://packages.debian.org/lenny/egroupware-core egroupware-core] +"CVE-2007-3215: phpmailer issue (embedded code-copy)" = Fresh bugs = @@ -396,6 +385,10 @@ in [http://packages.debian.org/lenny/debget debget] These look like good progress is being made and they'll get fixed soon. +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] +in [http://packages.debian.org/lenny/smarty smarty] +"smarty: Non-free logo included in package" + [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782] in [http://packages.debian.org/lenny/release-notes release-notes] "release-notes: Where's the license?" @@ -417,11 +410,26 @@ in [http://packages.debian.org/lenny/tuxguitar tuxguitar] in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery] "libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js" += Not much of use one can do = + (this one looks like it'll be removed from Lenny or have amd64 disabled) + [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021] in [http://packages.debian.org/lenny/helpdeco helpdeco] "Fails to work on amd64" +(this one looks the maintainer has labeled unreproducible) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] +in [http://packages.debian.org/lenny/amule-daemon amule-daemon] +"amule-daemon: causes OOM's by leaking lots of memory" + +(waiting on upstream) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] +in [http://packages.debian.org/lenny/xml2rfc xml2rfc] +"Yet another boilerplate change" + = Flamewars = You might enjoy reading these, but they may not be good targets to fix.