Bug#1041740: Error: Regex version mismatch, expected: 10.42 2022-12-11 actual: 10.36 2020-12-04

[Frank lin Piat]

Package: selinux-policy-default
Version: 2:2.20210203-7
Severity: minor

After upgading from bullseye to bookworm...
I had the following error many time (tens or hundreds times) when I use 
apt/dpkg programs:

> dpkg: warning: selinux: Regex version mismatch, expected: 10.42 2022-12-11 
> actual: 10.36 2020-12-04

I installed SELinux at some point on my system and partially removed it.
Some packages were in configured (uninstalled) state.

After purging those packages configuraiton, the error don't occur anymore :

Purging configuration files for selinux-basics (0.5.8) ...
Purging configuration files for selinux-policy-dev (2:2.20210203-7) ...
Purging configuration files for at (3.1.23-1) ...
Purging configuration files for selinux-policy-default (2:2.20210203-7) ...
Purging configuration files for setools-gui (4.3.0-2) ...
Purging configuration files for discover (2.1.2-8) ...


My assumption is that this error wouldn't occur anymore if the packages were
installed state during the upgrade.

Thanks

Franklin Piat

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages selinux-policy-default depends on:
ii  libselinux1  3.4-1+b6
ii  libsemanage2 3.4-1+b5
ii  libsepol23.4-2.1
pn  policycoreutils  
pn  selinux-utils

Versions of packages selinux-policy-default recommends:
pn  checkpolicy  
pn  setools  

Versions of packages selinux-policy-default suggests:
pn  logcheck
pn  syslog-summary  

Bug#1041739: Error: Regex version mismatch, expected: 10.42 2022-12-11 actual: 10.36 2020-12-04

[Frank Lin PIAT]

Package: selinux-policy-default
Version: 2:2.20210203-7
Severity: minor

After upgading from bullseye to bookworm...
I had the following error many time (tens or hundreds times) when I use 
apt/dpkg programs:

> dpkg: warning: selinux: Regex version mismatch, expected: 10.42 2022-12-11 
> actual: 10.36 2020-12-04

I installed SELinux at some point on my system and partially removed it.
Some packages were in configured (uninstalled) state.

After purging those packages configuraiton, the error don't occur
anymore :

Purging configuration files for selinux-basics (0.5.8) ...
Purging configuration files for selinux-policy-dev (2:2.20210203-7) ...
Purging configuration files for at (3.1.23-1) ...
Purging configuration files for selinux-policy-default (2:2.20210203-7) ...
Purging configuration files for setools-gui (4.3.0-2) ...
Purging configuration files for discover (2.1.2-8) ...


My assumption is that this error wouldn't occur anymore if the packages were
installed state during the upgrade.

Thanks

Franklin Piat

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages selinux-policy-default depends on:
ii  libselinux1  3.4-1+b6
ii  libsemanage2 3.4-1+b5
ii  libsepol23.4-2.1
pn  policycoreutils  
pn  selinux-utils

Versions of packages selinux-policy-default recommends:
pn  checkpolicy  
pn  setools  

Versions of packages selinux-policy-default suggests:
pn  logcheck
pn  syslog-summary  

Bug#875177: [scap-workbench] Future Qt4 removal from Buster

[Frank Lin Piat]

Il will upgrade that package.

Thank you Moritz

Franklin
-- 
Envoyé de mon téléphone. Excusez la brièveté.

Bug#854627: sudo with graphical apps doesn't work on wayland

[Frank lin Piat]

Hello

For reference, this bug is known upstream as 
https://bugzilla.redhat.com/show_bug.cgi?id=1274451


Regarding Gparted, a workaround has been implemented in Upstream 0.30.0
[UPPATCH] [UPNEWS].
(Some people complained about that workaround, see Debian bug #883812,
but it's works)
Note: for people using version <0.30.0, a workaround is to logout the
sessions and open a session using X11 instead of Wayland !



[UPPATCH]  https://gitlab.gnome.org/GNOME/gparted/commit/f38ccd02
[UPNEWS] https://gparted.org/news.php?item=214

Bug#861542: debian-faq: LSB support in Debian stretch

[Frank Lin PIAT]

Package: debian-faq
Version: 8.1
Severity: normal

Hello,

The state of LSB in Debian Strech is modified, as described in package lsb NEWS
file (quoted below) and in the release notes (see Bug#804264):
URL: 
https://www.debian.org/releases/stretch/amd64/release-notes/ch-information.en.html#reduced-lsb-support

I suppose the FAQ §4.3 should be updated :
  "How compatible is Debian with other distributions of Linux?"
  URL 
https://www.debian.org/doc/manuals/debian-faq/ch-compat.html#s-otherdistribs

Regards,

Franklin

Quoting lsb NEWS files
> lsb (9.20150826) unstable; urgency=low
>
>  This update drops all lsb-* compatibility packages, and is therefore
>  an abandon of the pursuit of LSB compatibility for Debian. Only
>  lsb-release and lsb-base are kept as they continue to be used 
>  throughout the archive.
>
> -- Didier Raboud   Wed, 26 Aug 2015 12:00:00 +0200


Compare the package list:
https://packages.debian.org/source/jessie/lsb
https://packages.debian.org/source/stretch/lsb

Bug#750138: Info received (Bug#750138: scap-workbench)

[Frank lin Piat]

Hello,
On Thu, 2016-12-15 at 15:28 +0100, Petter Reinholdtsen wrote:
> Frank, do you plan to set up a shared git repo for the package now?

What about collab-maint ?

> The build failed everywhere, probably because of missing build
> dependencies, see
> https://buildd.debian.org/status/package.php?p=scap-workbench
> >.

FTBFS was due to a hardcoded value. Fix thanks to Aaron M. Ucko
(#848250)

> I notice a new version is available from upstream.

I have merged and tested it. It seems ok so I pushed it.(some remote
features seems to require openscap >= 1.2.12 but unstable has 1.2.9, I
haven't tested it)
Pierre, do you intend to upgrade openscap ? Do you want some help ?

> The git repo seem to lack a pristine-tar branch.  Is this
> intentional?

Fixed

There are a few more lintian info/warning to fix. I would fix later.
I: scap-workbench source: unused-license-paragraph-in-dep5-copyright
expat (paragraph at line 56)I: scap-workbench: spelling-error-in-binary 
usr/bin/scap-workbench Allows to Allows one toI: scap-workbench:
hardening-no-bindnow usr/bin/scap-workbenchW: scap-workbench: extra-
license-file usr/share/doc/scap-workbench/COPYING.gzI: scap-workbench:
desktop-entry-lacks-keywords-entry usr/share/applications/scap-
workbench.desktop
Thanks

Bug#750138: scap-workbench

[Frank lin Piat]

[Sorry for the late response]

On mar., 2016-05-03 at 22:59 -0400, Greg Elin wrote:
> What is the difference between the collab-maint repo and the Alioth
> group?


An Alioth project is meant for a group of people to collaborate. Each
project has one or more repository (GIT/SVN/HG...), mailing list,
homepage...

On the other hand, collab-maint [Quoting https://wiki.debian.org/Glossa
ry ]
> Short for "collaborative maintenance"; [..] packages that don't
> belong to any particular team but would benefit from being team-
> maintained can just be added to the "collab-maint" project. 

Collab-maint provides no mailing list, no homepage, no group
membership, but's it's easier to setup.

Regards

Bug#750138: scap-workbench

[Frank lin Piat]

[CC'ing Pierre]

On sam., 2016-04-30 at 11:52 -0400, Klee Dienes wrote:
> I'd be happy to sponsor the package.  I noticed you have Pierre
> Chifflier  listed in the Uploaders: field ... is
> he already sponsoring the package?  If so I'll gladly defer.

Your offer is welcome and accepted, Pierre never had time to upload.

I suppose we could decide where to host the git repository before
uploading.
Do you think it's better to first use a "collab-maint" repo, or create
an Alioth group to collaborate on SCAP related stuff ?


> I took a quick look and came up with a few minor nits:
> [..]
> I pushed updates [..] to a fork on
> https://anonscm.debian.org/git/users/klee/scap-workbench.git

Thanks, merged

> I'm happy to collaborate on this and other similar projects.

I'll be happy to work on this with you,

Franklin

Bug#766294: virt-manager: Cannot Exit Console Fullscreen Mode [VNC]

[Frank Lin PIAT]

Package: virt-manager
Version: 1:1.2.1-4
Followup-For: Bug #766294

Hello,

I have the same problem when my guest is running in VNC mode.
But it's fine when running in Spice mode.

Frank lin Piat

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages virt-manager depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.24.0-2
ii  gconf2   3.2.6-3
ii  gir1.2-gtk-3.0   3.18.7-1
ii  gir1.2-gtk-vnc-2.0   0.5.3-1.3+b1
ii  gir1.2-libosinfo-1.0 0.2.12-2
ii  gir1.2-libvirt-glib-1.0  0.2.2-0.1
ii  gir1.2-vte-2.91  0.42.4-1
ii  librsvg2-common  2.40.11-2
ii  python-dbus  1.2.0-3
ii  python-gi3.18.2-2
ii  python-gi-cairo  3.18.2-2
ii  python-ipaddr2.1.11-2
ii  python-libvirt   1.3.1-1
ii  python-urlgrabber3.9.1-4.2
pn  python2.7:any
pn  python:any   
ii  virtinst 1:1.2.1-4

Versions of packages virt-manager recommends:
ii  gir1.2-spice-client-gtk-3.0  0.30-1
ii  gnome-icon-theme 3.12.0-1
ii  libvirt-daemon-system1.3.1-1

Versions of packages virt-manager suggests:
ii  gnome-keyring3.18.3-1
ii  python-gnomekeyring  2.32.0+dfsg-3
pn  python-guestfs   
ii  ssh-askpass  1:1.2.4.1-9
ii  virt-viewer  1.0-1

-- no debconf information

Bug#805179: dmeventd libdevmapper-event-lvm2raid.so dlopen failed

[Frank Lin PIAT]

Package: dmeventd
Version: 2:1.02.110-1
Severity: normal


Hello,

dmeventd isn't loading library from apropriate direcory.


# dpkg -L dmeventd | grep libdevmapper-event-lvm2raid.so
/lib/x86_64-linux-gnu/device-mapper/libdevmapper-event-lvm2raid.so
  ^
   :-(

#strace -f -s256  -p $(pgrep dmeventd) | grep '^open'
open("/lib/x86_64-linux-gnu/libdevmapper-event-lvm2raid.so", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/libdevmapper-event-lvm2raid.so", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/libdevmapper-event-lvm2raid.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No 
such file or directory)
open("/usr/lib/libdevmapper-event-lvm2raid.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT 
(No such file or directory)

Thanks




Details if needed:


I have two disk in one LVM volume group.
I previously created an LV on the disk. When I want to convert
that LV ibnto a mirrored one , i get the error in /var/log/syslog:

> dmeventd[12850]: dmeventd libdevmapper-event-lvm2raid.so dlopen failed:
>   libdevmapper-event-lvm2raid.so: cannot open shared object file: 
>   No such file or directory.


Step to reproduce:
  * Create a volume
# lvcreate -L 1G -n lv_test vg_test
  * start dmevent and strace it:
# systemctl restart dm-event.service
# strace -f -s256  -p $(pgrep dmeventd)  2> /tmp/mir.log &
  * Attempt to convert the disk to mirrored.
# lvconvert  -m1 --mirrorlog disk vg_test/lv_test



# dpkg -S libdevmapper-event-lvm2raid.so
dmeventd:
/lib/x86_64-linux-gnu/device-mapper/libdevmapper-event-lvm2raid.so



dmeventd strace output:

Process 12850 attached
select(4, [4], NULL, NULL, {0, 786406}) = 0 (Timeout)
select(5, [4], NULL, NULL, {1, 0})  = 0 (Timeout)
select(5, [4], NULL, NULL, {1, 0})  = 0 (Timeout)
select(5, [4], NULL, NULL, {1, 0})  = 0 (Timeout)
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 548690})
read(4, "\0\0\0\10\0\0\0\16", 8)= 8
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 98})
read(4, "13135:0 HELLO\0", 14)  = 14
select(4, NULL, [3], NULL, NULL)= 1 (out [3])
write(3, "\0\0\0\0\0\0\0\02613135:0 HELLO HELLO 2\0", 30) = 30
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 999676})
read(4, "\0\0\0\4\0\0\0t", 8)   = 8
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 98})
read(4, "13135:1 libdevmapper-event-lvm2raid.so
LVM-hZyLsNPg71k7OjdNYPR036NIzuOvupwOXA0BXtfdlSj3A6cuTGhxbV5xwg02048G
65280 0\0", 116) = 116
select(4, NULL, [3], NULL, NULL)= 1 (out [3])
write(3, "\377\377\377\376\0\0\0\"13135:1 No such file or directory\0",
42) = 42
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 999335})
read(4, "\0\0\0\10\0\0\0\16", 8)= 8
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 98})
read(4, "13135:2 HELLO\0", 14)  = 14
select(4, NULL, [3], NULL, NULL)= 1 (out [3])
write(3, "\0\0\0\0\0\0\0\02613135:2 HELLO HELLO 2\0", 30) = 30
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 999672})
read(4, "\0\0\0\2\0\0\0t", 8)   = 8
select(5, [4], NULL, NULL, {1, 0})  = 1 (in [4], left {0, 99})
read(4, "13135:3 libdevmapper-event-lvm2raid.so
LVM-hZyLsNPg71k7OjdNYPR036NIzuOvupwOXA0BXtfdlSj3A6cuTGhxbV5xwg02048G
65280 0\0", 116) = 116
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 7
fstat(7, {st_mode=S_IFREG|0644, st_size=129984, ...}) = 0
mmap(NULL, 129984, PROT_READ, MAP_PRIVATE, 7, 0) = 0x7faae3ac6000
close(7)= 0
access("/etc/ld.so.nohwcap", F_OK)  = -1 ENOENT (No such file or
directory)
open("/lib/x86_64-linux-gnu/libdevmapper-event-lvm2raid.so",
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/libdevmapper-event-lvm2raid.so",
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/libdevmapper-event-lvm2raid.so", O_RDONLY|O_CLOEXEC) = -1
ENOENT (No such file or directory)
open("/usr/lib/libdevmapper-event-lvm2raid.so", O_RDONLY|O_CLOEXEC) = -1
ENOENT (No such file or directory)
munmap(0x7faae3ac6000, 129984)  = 0
sendto(6, "<27>Nov 15 15:34:55 dmeventd[12850]: dmeventd
libdevmapper-event-lvm2raid.so dlopen failed:
libdevmapper-event-lvm2raid.so: cannot open shared object file: No such
file or directory.", 182, MSG_NOSIGNAL, NULL, 0) = 182
select(4, NULL, [3], NULL, NULL)= 1 (out [3])
write(3, "\0\0\0O\0\0\0\22013135:3 libdevmapper-event-lvm2raid.so dlopen
failed: libdevmapper-event-lvm2raid.so: cannot open shared object file:
No such file or directory\0", 152) = 152


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761802

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 

Bug#801963: 801963 remmina crashes with Gnome 3.18/Wayland

[Frank Lin PIAT]

Hello,

I have the same issue : 
Remmina 1.1.2-3 works fine on libgtk 3.18.2-1 on X11
but it fails if I start my gnome session with Wayland.

But this seems similar to a bug known upstream about some remaining X11
calls. It is probably fixed  remmina 1.2.0.
  "Remmina crashes using the Mir GTK backend" 
  https://github.com/FreeRDP/Remmina/issues/554



gdb) bt
#0  0x75f7db6f in ?? () from /usr/lib/x86_64-linux-gnu/libX11.so.6
#1  0x75f7deda in XInternAtom () from 
/usr/lib/x86_64-linux-gnu/libX11.so.6
#2  0x7724649c in gdk_x11_atom_to_xatom_for_display () from 
/usr/lib/x86_64-linux-gnu/libgdk-3.so.0
#3  0x00435c9a in remmina_public_get_current_workspace 
(screen=screen@entry=0x68b010) at 
/build/remmina-tAK0pB/remmina-1.1.2/remmina/src/remmina_public.c:469
#4  0x0043de41 in remmina_widget_pool_find (type=7760656, 
tag=tag@entry=0x0) at 
/build/remmina-tAK0pB/remmina-1.1.2/remmina/src/remmina_widget_pool.c:93
#5  0x0041f2ef in remmina_exec_command 
(command=command@entry=REMMINA_COMMAND_MAIN, data=data@entry=0x0) at 
/build/remmina-tAK0pB/remmina-1.1.2/remmina/src/remmina_exec.c:59
#6  0x0041752c in remmina_on_command_line (app=, 
cmdline=) at 
/build/remmina-tAK0pB/remmina-1.1.2/remmina/src/remmina.c:184
#7  0x70c01fb0 in ffi_call_unix64 () from 
/usr/lib/x86_64-linux-gnu/libffi.so.6
#8  0x70c01a18 in ffi_call () from /usr/lib/x86_64-linux-gnu/libffi.so.6
#9  0x76915839 in g_cclosure_marshal_generic () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#10 0x76915015 in g_closure_invoke () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#11 0x76927061 in ?? () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#12 0x7692f899 in g_signal_emit_valist () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#13 0x7693012f in g_signal_emit () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#14 0x76bff913 in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#15 0x76c018bd in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#16 0x76c01a6a in g_application_run () from 
/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#17 0x00415817 in main (argc=1, argv=0x7fffe098) at 
/build/remmina-tAK0pB/remmina-1.1.2/remmina/src/remmina.c:237

Bug#804264: release-notes: LSB drops all lsb-* compatibility packages

[Frank Lin PIAT]

Package: release-notes
Severity: normal


This should be worth being mentioned in the release-notes(?)

Quoting lsb NEWS files
> lsb (9.20150826) unstable; urgency=low
>
>  This update drops all lsb-* compatibility packages, and is therefore an
>  abandon of the pursuit of LSB compatibility for Debian. Only lsb-release and
>  lsb-base are kept as they continue to be used throughout the archive.
>
> -- Didier Raboud   Wed, 26 Aug 2015 12:00:00 +0200


Compare the package list:
https://packages.debian.org/source/jessie/lsb
https://packages.debian.org/source/stretch/lsb

BTW, Debian FAQ should be updated too if this is confirmed.

https://www.debian.org/doc/manuals/debian-faq/ch-compat.html#s-otherdistribs

Regards,

Franklin

Bug#797599: RM: autorun4linuxcd -- ROM; obsolete

[Frank Lin PIAT]

Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: Debian Live 

Hi FTP masters,

Please, remove src:autorun4linuxcd.
Even though the package has a popcon of 27 users, I doubt that anyone is
still using it: It was never ported to Windows Vista/7/8 .. (and the
popcon isn't very relevant, since it is meant for Live CDs).

The only part which might still be useful is the windows .exe to be
called by Windows' autorun.inf. If some people appear to be interested,
it should be possible to move the tiny .c file to another package.

Regards,

Franklin

Bug#668254: bash-completion: dh_bash-completion still installs files in /etc/bash_completion

[Frank Lin PIAT]

Package: bash-completion
Followup-For: Bug #668254

Hello,

Lintian Bug #776954 warn about /etc/bash_completion.d has been
merged, so lintian now warns when a bash completion snippet is installed
in /etc/bash_completion.d rather than /usr/share/bash-completion/completions/.

However, dh_bash-completion (from bash-completion) still install bash completion
snippets in /etc/bash_completion.d

Could you update dh_bash-completion to install the snippet in the proper
location, or prompt lintian maintainer to disable that warning until
it's fixed.

Thanks,

Frank lin Piat



links:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776954


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#737370: mkdir: directories created with weird mode when -p is used [FIXED in 8.22]

[Frank Lin PIAT]

On 2 Feb 2014, Bob Proulx said
 I cannot recreate the above behavior.
 [..]
 If I set umask to a more restrictive umask then I can.
 
   $ umask 022
   $ rm -rf /tmp/a
   $ mkdir /tmp/a
   $ cd /tmp/a
   $ setfacl -m d:g::rwx .
   $ mkdir b 
   $ mkdir -p c
   $ ls -log
   total 0
   drwxrwxr-x+ 2 40 Feb  2 11:31 b
   drwxr-xr-x+ 2 40 Feb  2 11:31 c

On Jessie, the result is:
drwxrwxr-x+ 2 4096 Mar  9 22:17 b
drwxrwxr-x+ 2 4096 Mar  9 22:17 c

The bug was fixed upstream by Paul Eggert, in version 8.22
http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=e7198a67b8dd7f23925dfa40b7a90342e185f729
 

Regards

Thanks

Frank lin Piat


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#779996: RFP: reredirect -- Tool to dynamicly redirect outputs of a running process

[Frank Lin PIAT]

Package: wnpp
Severity: wishlist

* Package name: reredirect
  Version : 0.1
  Upstream Author : Jérôme Pouiller j...@sysmic.org
* URL : https://github.com/jerome-pouiller/reredirect/blob/master
* License : MIT
  Programming Lang: C
  Description : Tool to dynamicly redirect outputs of a running process


reredirect - A tool to dynamically redirect outputs of a running program

reredirect is a utility for taking an existing running program and
attaching its outputs (standard output and error output) to files or
another process.

Using reredirect, you can log output of a already launched process,
redirect debug output of a background process to /dev/null or to a pager
as if you launched it with  or |.

---

This package is very similar to the retty[1], unfortunately, retty
upstream seems stalled since 2008... and it's compiled on i386 only.
(I filed a bug to ask for other archs, see bug #779995 )


[1] https://packages.qa.debian.org/r/retty.html


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#779995: retty: Support x86_64 and other arch

[Frank Lin PIAT]

Package: retty
Severity: normal

Hello,

This package is compiled for i386 only. That's certainly frustrating
many x86_64 users :-)

Could you provide binaries for other archs.

(I understand that upstream has stalled... maybe it's sensible to switch
to reredirect[1]?)

Regards,

Franklin Piat


[1] https://github.com/jerome-pouiller/reredirect/

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable'), (500, 'testing-updates')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#750138: ITP: scap-workbench -- Scanning and tailoring tool for SCAP content

[Frank Lin PIAT]

Hello

I am  looking for a co-maintainer  sponsor for this package.
anyone interested in this tool ?

On Mon, 2014-06-02 at 00:57 +0200, Frank Lin PIAT wrote:
 * Package name: scap-workbench
   Version : 0.8.8

I have now updated this package to the latest release (1.0.3).

regards,

Franklin

 
 [1] 
 http://anonscm.debian.org/gitweb/?p=users/franklin-guest/scap-workbench.git
 git://anonscm.debian.org/users/franklin-guest/scap-workbench.git


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#759588: release-notes: Disk encrypted with cryptsetup LUKS whirlpool needs to be migrated manually

[Frank Lin PIAT]

Package: release-notes
Severity: normal

Quoting cryptsetup's NEWS file:

I must tell that I don't know if whirlpool is the default crypo or not.

 cryptsetup (2:1.6.4-5) unstable; urgency=medium
 
  The whirlpool hash implemenation has been broken in gcrypt until version
  1.5.3. This has been fixed in subsequent gcrypt releases. In particular,
  the gcrypt version that is used by cryptsetup starting with this release,
  has the bug fixed. Consequently, LUKS containers created with broken
  whirlpool will fail to open from now on.

  In the case that you're affected by the whirlpool bug, please read section
  '8.3 Gcrypt after 1.5.3 breaks Whirlpool' of the cryptsetup FAQ at
  https://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions carefully.
  It explains how to open your LUKS container and reencrypt it afterwards.

 -- Jonas Meurer m...@debian.org  Tue, 04 Mar 2014 23:17:37 +0100


-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable'), (500, 'testing-updates')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#757587: TypeError: could not parse URI, smb: URI not supported by gnomevfs

[Frank Lin PIAT]

Hello,

I have investigated a little bit. The problem occurs when soundconverter
is loading my previous settings (my gconf settings are attached below).

I could bypass the conversion problem, by manually forcing a the output
location with:
  gconftool --type string --set /apps/SoundConverter/selected-folder 
/tmp/inexistent
or puring all the settings with:
  gconftool --recursive-unset  /apps/SoundConverter


The problem is that my target directory was set to and samba/cifs share,
and GnomeVFS don't support that anymore (smb:// was removed in gnome-vfs
1:2.24.4-4, see changelog[1]).
  import  gnomevfs
  print gnomevfs.URI(smb://anyserver/anyshare)
  TypeError: could not parse URI

So I guess that SoundConverter should be prepared to handle that error
nicely. Also, gnomevfs seems to be deprecated now, in favor or gio. 

Regards,

Franklin

[1] 
http://metadata.ftp-master.debian.org/changelogs//main/g/gnome-vfs/testing_changelog


 My SoundConverter Settings 
$ gconftool --dump /apps/SoundConverter
gconfentryfile
  entrylist base=/apps/SoundConverter
entry
  keycreate-subfolders/key
  value
int1/int
  /value
/entry
entry
  keyoutput-mime-type/key
  value
stringaudio/mpeg/string
  /value
/entry
entry
  keysame-folder-as-input/key
  value
int0/int
  /value
/entry
entry
  keyselected-folder/key
  value
stringsmb://freebox/disque%20dur/Musiques/string
  /value
/entry
  /entrylist
/gconfentryfile


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#641114: How do diagnose TypeError: could not parse URI for selected-folder

[Frank Lin PIAT]

Hello,

I had a similar error (bug 757587) related to smb:/// , i'll write some
hints do diagnose TypeError: could not parse URI.

If you encounter an error like TypeError: could not parse URI and more
specifically when it's related to set_widget_initial_values for the
selected-folder like the traceback below...

  File /usr/bin/soundconverter, line 1765, in set_widget_initial_values
uri = filename_to_uri(self.get_string('selected-folder'))
  File /usr/bin/soundconverter, line 358, in filename_to_uri
filename = str(gnomevfs.URI(filename))
 TypeError: could not parse URI

The self.get_string(selected-folder) above is meant to retrieve the
destination directory. You can fetch the location using this command:
  gconftool --get /apps/SoundConverter/selected-folder

The error TypeError: could not parse URI means that gnomevfs can't
handle that URI (i.e file location).
  python -c 'import gnomevfs ; print gnomevfs.URI(file:///tmp)'
should work (i.e print file:///tmp)
  python -c 'import gnomevfs ; print gnomevfs.URI(b0rken:///tmp)'
should fail (i.e print TypeError: could not parse URI)

So to further diagnose your problem, you should run the python command
above with the URI retrieved by gconftool above !

Hope this helps,

Regards,

Franklin


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#757587: TypeError: could not parse URI

[Frank Lin PIAT]

Package: soundconverter
Version: 2.1.3-1
Severity: important


When I launch soundconverter with my own useraccount, it dies with the 
following traceback.
On the same machine, when I launch with another useraccount, it starts properly 
(with 
the same warning but no traceback).

Regards.

Franklin

$ soundconverter --debug
SoundConverter 2.1.3
  using Gstreamer version: 0.10.36
  using 4 thread(s)
  using gio
  xingmux gstreamer element not found, disabling Xing Header output.
  lame gstreamer element not found, disabling MP3 output.
  faac gstreamer element not found, disabling AAC output.
/usr/lib/soundconverter/python/soundconverter/ui.py:1493: Warning: Attempt to 
add property GnomeProgram::sm-connect after class was initialised
  gnome.init(name, version)
/usr/lib/soundconverter/python/soundconverter/ui.py:1493: Warning: Attempt to 
add property GnomeProgram::show-crash-dialog after class was initialised
  gnome.init(name, version)
/usr/lib/soundconverter/python/soundconverter/ui.py:1493: Warning: Attempt to 
add property GnomeProgram::display after class was initialised
  gnome.init(name, version)
/usr/lib/soundconverter/python/soundconverter/ui.py:1493: Warning: Attempt to 
add property GnomeProgram::default-icon after class was initialised
  gnome.init(name, version)
Traceback (most recent call last):
  File /usr/bin/soundconverter, line 189, in module
gui_main(NAME, VERSION, GLADEFILE, files)
  File /usr/lib/soundconverter/python/soundconverter/ui.py, line 1499, in 
gui_main
win = SoundConverterWindow(builder)
  File /usr/lib/soundconverter/python/soundconverter/ui.py, line 1164, in 
__init__
self.prefs = PreferencesDialog(builder, self.widget)
  File /usr/lib/soundconverter/python/soundconverter/ui.py, line 443, in 
__init__
self.set_widget_initial_values(builder)
  File /usr/lib/soundconverter/python/soundconverter/ui.py, line 475, in 
set_widget_initial_values
uri = filename_to_uri(self.get_string('selected-folder'))
  File /usr/lib/soundconverter/python/soundconverter/fileoperations.py, line 
142, in filename_to_uri
filename = str(gnomevfs.URI(filename))
TypeError: could not parse URI


-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable'), (500, 'testing-updates')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages soundconverter depends on:
ii  gstreamer0.10-plugins-base  0.10.36-1.1
ii  gstreamer0.10-plugins-good  0.10.31-3+nmu3
ii  python  2.7.8-1
ii  python-glade2   2.24.0-3+b1
ii  python-gnome2   2.28.1+dfsg-1
ii  python-gst0.10  0.10.22-3

soundconverter recommends no packages.

Versions of packages soundconverter suggests:
pn  gstreamer0.10-ffmpegnone
pn  gstreamer0.10-plugins-ugly  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#750702: openscap: Please upgrade to openscap 1.0.8

[Frank Lin PIAT]

Source: openscap
Version: 1.0.2-1
Severity: wishlist
Tags: patch

Hello,

upstream have release openscap 1.0.8. Could you upgrade the Debian
package ?

I have worked on packaging 1.0.8, it's currently available on my
personal git repo [1], on branch fpiat-prep-108.

  * Imported Upstream version 1.0.8
  * Refreshed quilt patches
  * New quilt patch: fix installation of schema files in automake scripts
  * Don't create directory /usr/lib/openscap (empty)
  * Register doc-base
  * Install oscap bash completion file
  * Create separate package for arch independant files.
  * Distinct short description for each package.
  * lintian-overrides source-is-missing jquery.js

Regards,

Franklin

[1] http://anonscm.debian.org/gitweb/?p=users/franklin-guest/openscap.git

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable'), (500, 'testing-updates')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#750138: ITP: scap-workbench -- Scanning and tailoring tool for SCAP content

[Frank Lin PIAT]

Package: wnpp
Severity: wishlist
Owner: Frank Lin PIAT fp...@klabs.be

* Package name: scap-workbench
  Version : 0.8.8
  Upstream Author : Martin Preisler mprei...@redhat.com
  : Maros Barabas mbara...@redhat.com
* URL : https://fedorahosted.org/scap-workbench/
* License : GPL3
  Programming Lang: C++
  Description : Scanning and tailoring tool for SCAP content
 SCAP is a line of standards managed by NIST with the goal of
 providing a standard language for the expression of Computer Network
 Defense related information.
 .
 The intended scope of this project is to implement working interface
 wrappers for parsing and querying SCAP content including:
 * Common Vulnerabilities and Exposures (CVE)
 * Common Configuration Enumeration (CCE)
 * Common Platform Enumeration (CPE)
 * Common Vulnerability Scoring System (CVSS)
 * Extensible Configuration Checklist Description Format (XCCDF)
 * Open Vulnerability and Assessment Language (OVAL)
 .
 This package contains a GUI tool (scap-workbench) that provides
 tailoring and scanning functionality for SCAP content.
 The tool is based on OpenSCAP library, and provides a simple GUI
 for oscap command-line.


At the time of writing, SCAP isn't much supported by Debian. I intend
to work on better support in Debian.

The package is already in pretty good shape. My work should soon be
available on my personal Alioth/Git repo [1] (until it's moved to a
team repo).

I am looking for some people interested in sponsoring and co-maintaining
this packages and working on SCAP (I'll post on Debian Forensics later).

Regards,

Franklin

[1] http://anonscm.debian.org/gitweb/?p=users/franklin-guest/scap-workbench.git
git://anonscm.debian.org/users/franklin-guest/scap-workbench.git


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#748993: dh_installdirs: Only needed to create empty directory

[Frank Lin PIAT]

Package: debhelper
Version: 9.20140228
Severity: wishlist

Hello,

Please document that dh_installdirs is only meant to be used when you need to
ship an empty directory [1].


Regards,

Franklin


[1] https://wiki.debian.org/Multiarch/Implementation#Dynamic_debian.2F.2A_files


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#710421: dnsmasq provides the ProxyDHCP feature

[Frank lin Piat]

Hello,


Package: wnpp
Owner: Osamu Aoki os...@debian.org
* Package name: pxe-pdhcp
  Version : 0.1
  Description : ProxyDHCP server for the non-DHCP server host

..
The upstream source is old (2007) and not active.  But there are 
patches on the web.

The folllowing updates are made to fit for Debian.


Just in case you were not aware of it... the package dnsmasq already
provides the ProxyDHCP feature.

I wonder if pxe-pdhcp has some features that dnsmasq doesn't.
dnsmasq does have a nice feature: it's supported and actively developed 
:-)


Regards,

Franklin


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#696480: puppet-common: puppet describe --list explodes with undefined method 'downcase' for nil:NilClass

[Frank lin Piat]

Package: puppet-common
Version: 2.7.18-2
Severity: normal
Tags: patch upstream


When running the following command:
  puppet describe --list
Puppet fails with the error:
  Could not run: Could not autoload 
/var/lib/puppet/lib/puppet/type/mountpoint.rb:
 undefined method `downcase' for nil:NilClass


This bug have been fixed upstream, see 
http://projects.puppetlabs.com/issues/13070
(I patched the fileautoload.rb on my intalled packaged, and it works.)

Regards,

Franklin


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages puppet-common depends on:
ii  adduser3.113+nmu3
ii  facter 1.6.10-1
ii  libaugeas-ruby1.8  0.4.1-1.1
ii  lsb-base   4.1+Debian8
ii  ruby-shadow2.1.4-2
ii  ruby1.81.8.7.358-6
ii  sysv-rc2.88dsf-32

Versions of packages puppet-common recommends:
ii  debconf-utils  1.5.46
ii  lsb-release4.1+Debian8

Versions of packages puppet-common suggests:
pn  librrd-ruby1.8  none
pn  ruby-selinuxnone

-- Configuration Files:
/etc/puppet/puppet.conf changed [not included]

-- no debconf information
--- /usr/lib/ruby/vendor_ruby/puppet/util/autoload.rb~	2012-12-21 12:13:00.348814181 +0100
+++ /usr/lib/ruby/vendor_ruby/puppet/util/autoload.rb	2012-12-21 12:13:03.132842125 +0100
@@ -107,8 +107,8 @@
   name = File.basename(file).chomp(.rb).intern
   next if loaded?(name)
   begin
-Kernel.require file
 loaded(name, file)
+Kernel.require file
   rescue SystemExit,NoMemoryError
 raise
   rescue Exception = detail

Bug#668739: PHP: Unable to load dynamic library suhosin.so

[Frank Lin PIAT]

Package: release-notes
Severity: normal

After upgrading to wheezy, PHP will produce error like this (in web
server's log, on PHP command line, in mail from Cron Daemon...),
if php5-suhosin was installed in squeeze before the upgrade.

 PHP Warning:  PHP Startup: Unable to load dynamic library
 '/usr/lib/php5/20100525+lfs/suhosin.so' -
 /usr/lib/php5/20100525+lfs/suhosin.so: cannot open shared object file:
 No such file or directory in Unknown on line 0

Reason why it happen:
  php5-suhosin depends on an obsolete version of phpapi-20090626+lfs
  so php5-suhosin is removed during the upgrade... but the PHP config
  snippet /etc/php5/conf.d/suhosin.ini isn't purged... so PHP still
  try to load the module suhosin.so.

The release notes should document that the user should:
  dpkg -P php5-suhosin


Regards,

Franklin

P.S. php5-suhosin seems to still being work on in unstable.
 if it is reintroduced in testing it's likely to solve the problem.



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668744: php5-sqlite: PHP Startup: Unable to load dynamic library sqlite.so

[Frank Lin PIAT]

Package: php5-sqlite
Version: 5.4.0-3
Severity: normal


Hello dear maintainers,

After upgrading to wheezy, PHP will produce error like this (in web
server's log, in mail from Cron Daemon...), if php5-sqlite is/was 
installed (in squeeze).

 PHP Warning:  PHP Startup: Unable to load dynamic library
 '/usr/lib/php5/20100525+lfs/sqlite.so' -
 /usr/lib/php5/20100525+lfs/sqlite.so: cannot open shared object file:
 No such file or directory in Unknown on line 0

$ cat /etc/php5/conf.d/sqlite.ini
 ; configuration for php SQLite module
 extension=sqlite.so

$ dpkg -L php5-sqlite | grep -F .so
 /usr/lib/php5/20100525+lfs/pdo_sqlite.so
 /usr/lib/php5/20100525+lfs/sqlite3.so

 the package should purge or update it's former configuration file.

Regars,

Franklin


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages php5-sqlite depends on:
ii  dpkg   1.16.2
ii  libapache2-mod-php5 [phpapi-20100525+lfs]  5.4.0-3
ii  libc6  2.13-27
ii  libsqlite3-0   3.7.11-2
ii  php5-cgi [phpapi-20100525+lfs] 5.4.0-3
ii  php5-cli [phpapi-20100525+lfs] 5.4.0-3
ii  php5-common5.4.0-3
ii  ucf3.0025+nmu2

php5-sqlite recommends no packages.

php5-sqlite suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#647219: 668739 release-notes request for bug 647219

[Frank Lin PIAT]

affects 668739 + php5-suhosin
thanks

Bug #668739 is a release-notes request for problem documented in bug
#647219

Regards,

Franklin

see
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=647219
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668739





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668759: Cloning an archived bug produced a misleading error message.

[Frank Lin PIAT]

Package: bugs.debian.org


Cloning an archived bug produced a misleading error message.

I tried to clone 647219 (which actually worked, see 668719), but the
error was misleading :

 On Sat, 2012-04-14 at 07:06 +, Debian Bug Tracking System wrote:
  Processing commands for cont...@bugs.debian.org:
  
   clone 647219 -1
  Bug #647219 [php5-suhosin] php5-suhosin: cron.d message after removal
  Bug 647219 cloned as bug 668719
  Failed to clone 647219: Not altering archived bugs; see unarchive.






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668136: puppetmaster-passenger: superfluous dependency on facter

[Frank Lin PIAT]

Package: puppetmaster-passenger
Version: 2.7.11-1
Severity: wishlist

Hello,

puppetmaster-passenger depends on facter. this dependency isn't needed
since puppetmaster-passenger depends on puppetmaster-common which
depends on facter.

regards,

Franklin

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668018: remmina: should depend on dbus-x11

[Frank lin Piat]

Package: remmina
Version: 1.0.0-3
Severity: normal

Dear Maintainer,

What led up to the situation ?
 I installed remmina on a minimalist system...

What exactly did you do (or not do) that was effective (or ineffective) ?
 It happens that remmina requires dbus-x11 to work:
   remmina -h
   Error spawning command line `dbus-launch --autolaunch=01c83765a499d58402e3
   0f031000 --binary-syntax --close-stderr': Failed to execute child 
   process dbus-launch (No such file or directory)

  What was the outcome of this action?
apt-get install dbus-x11

Then remmina starts


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages remmina depends on:
ii  libatk1.0-0 2.2.0-2
ii  libc6   2.13-27
ii  libcairo2   1.10.2-7
ii  libgcrypt11 1.5.0-3
ii  libgdk-pixbuf2.0-0  2.24.1-1
ii  libglib2.0-02.30.2-6
ii  libgtk-3-0  3.2.3-1
ii  libpango1.0-0   1.29.4-3+b1
ii  libssh-40.5.2-1
ii  libvte-2.90-9   1:0.30.1-4
ii  libx11-62:1.4.4-4
ii  remmina-common  1.0.0-3

Versions of packages remmina recommends:
ii  remmina-plugin-rdp  1.0.0-3
ii  remmina-plugin-vnc  1.0.0-3

remmina suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668020: remmina-plugin-vnc: Remmina window is completely grey in VNC window fit remote resolution

[Frank lin Piat]

Package: remmina-plugin-vnc
Version: 1.0.0-3
Severity: normal

Dear Maintainer,

 What led up to the situation?
Connect from Remmina 1.0.0-3 to Vino 3.2.2-1+b1 (both are wheezy version)
using VNC. Once you are connected, click on Window fit remote resolution
button...
The content of the window goes completely grey.

 What exactly did you do (or not do) that was effective (or ineffective)
I tried various settings... it didn't help.

 What was the outcome of this action?
I have to adjust the window size manually rather that use this button.


Note that once the window is grey, Remmina's buttons aren't visible anymore
(they are grey too!). It is still possible to press Ctrl-R F to swith
full screen mode... which works properly.

Also, closing the grey window and re-establishing a connection doesn't
help because the window is still grey. One can go to the
  Connection settings  Advanced  Horizontal Scale
the slightly change the window ratio.


Regards,

Franklin


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages remmina-plugin-vnc depends on:
ii  libatk1.0-02.2.0-2
ii  libc6  2.13-27
ii  libcairo2  1.10.2-7
ii  libglib2.0-0   2.30.2-6
ii  libgtk-3-0 3.2.3-1
ii  libpango1.0-0  1.29.4-3+b1
ii  libvncserver0  0.9.8.2-2
ii  remmina1.0.0-3

remmina-plugin-vnc recommends no packages.

remmina-plugin-vnc suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668021: directvnc: Couldn't parse the keyboard mapping file

[Frank lin Piat]

Package: directvnc
Version: 0.7.7-1
Severity: normal

Dear Maintainer,


when I run directvnc, I get the error:

  Couldn't parse the keyboard mapping file

Could you explain in the README.Debian how build those mapping.
(or even better... build them when the package is installed)

Regards,

Franklin

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages directvnc depends on:
ii  libc6  2.13-27
ii  libdirectfb-1.2-9  1.2.10.0-4.3
ii  libjpeg8   8d-1
ii  zlib1g 1:1.2.6.dfsg-2

Versions of packages directvnc recommends:
ii  x11proto-core-dev  7.0.22-1

directvnc suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666265: sshuttle: manpage double dash are rendered incorrectly

[Frank Lin PIAT]

Package: sshuttle
Version: 0.54-1
Severity: normal


Hello,

in sshuttle(8) manpage, the double dash shoudl be escaped.
options like --auto-nets are displayed like —auto-nets :
   -N, —auto-nets
  in addition to the subnets provided on the  command  line,  ask  
 the  server
  which subnets it thinks we should route, and route those 
 automatically.  The
  suggestions are taken automatically from the server's routing 
 table.

Regards,

Franklin



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#660473: openais seems discontinued upstream

[Frank Lin PIAT]

Package: openais
Version: 1.1.4-4
Severity: normal

Hello,

I noticed that OpenAIS seems discontinued upstream.

Their website (openais.org) is currently down. Google's cache of that
website mention:

 The main developers of this project have decided not to continue further
 development of the AIS implementation.
 
 Instead, we are spending our time maintaining a great roadmap and
 maintenance model around Corosync for bare metal clusters. The
 developers believe Pacemaker coupled with Corosync do a great job of
 providing bare metal high availability. Because Corosync and Pacemaker
 are shipped everywhere and are widely deployed, the need for AIS
 services is limited.
 
 I want to offer a sincere Thank You to the thousands of people who have
 supported and used our software. With your support, the community was
 able to come to conclusion on a great set of software components to
 deliver bare metal high availability. As a result of your contributions,
 we have created the only viable open source alternative to proprietary
 software and made a dent in the Universe.
 
 Great Work!
 
 Regards,
 
 Steven Dake
 
 openais project maintainer
 
 The downloads and repository will be kept available for historical
 purposes.
Here they are...
  ftp://ftp.openais.org/

 We also continue to maintain the whitetank and Wilson branches
 in limited fashion for a few more years. 

There seems to have some activity:

svn info  http://svn.fedorahosted.org/svn/openais/ | grep Date
Last Changed Date: 2011-11-16 13:47:28 +0100 (Wed, 16 Nov 2011)


It might be worth to mention the package deprecation in the
pacakge Description.

Regards,

Franklin



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#656879: nautilus-gtkhash: trying to overwrite libgtkhash-properties.so also in package gtkhash

[Frank Lin PIAT]

Package: nautilus-gtkhash
Version: 0.6.0-1
Severity: normal

Hi,

[I have a mixed testing/unstable system]

I had the following error while installing.
I looks like nautilus-gtkhash should depends on gtkhash = 0.6.0-1.

Regards,

Franklin

 Selecting previously unselected package gtkhash.
 (Reading database ... 288771 files and directories currently installed.)
 Unpacking gtkhash (from .../gtkhash_0.3.0-6_i386.deb) ...
 Selecting previously unselected package gtkhash-common.
 Unpacking gtkhash-common (from .../gtkhash-common_0.6.0-1_all.deb) ...
 Selecting previously unselected package nautilus-gtkhash.
 Unpacking nautilus-gtkhash (from .../nautilus-gtkhash_0.6.0-1_i386.deb) ...
 dpkg: error processing 
 /var/cache/apt/archives/nautilus-gtkhash_0.6.0-1_i386.deb (--unpack):
  trying to overwrite 
 '/usr/lib/nautilus/extensions-3.0/libgtkhash-properties.so', which is also in 
 package gtkhash 0.3.0-6
 configured to not write apport reports
   Processing triggers for menu ...
 Processing triggers for desktop-file-utils ...
 Processing triggers for gnome-menus ...
 Processing triggers for gconf2 ...
 Processing triggers for man-db ...
 Processing triggers for libglib2.0-0 ...
 Errors were encountered while processing:
  /var/cache/apt/archives/nautilus-gtkhash_0.6.0-1_i386.deb
 E: Sub-process /usr/bin/dpkg returned an error code (1)
 A package failed to install.  Trying to recover:
 Setting up gtkhash-common (0.6.0-1) ...
 Setting up gtkhash (0.3.0-6) ...
 Processing triggers for menu ...
 Press return to continue.


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.1.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages nautilus-gtkhash depends on:
ii  gtkhash  0.3.0-6
ii  gtkhash-common   0.6.0-1
ii  libatk1.0-0  2.2.0-2
ii  libc62.13-24
ii  libcairo-gobject21.10.2-6.2
ii  libcairo21.10.2-6.2
ii  libfontconfig1   2.8.0-3
ii  libfreetype6 2.4.8-1
ii  libgdk-pixbuf2.0-0   2.24.0-2
ii  libglib2.0-0 2.30.2-4
ii  libgtk-3-0   3.2.3-1
ii  libmhash20.9.9.9-1
ii  libnautilus-extension1a  3.2.1-2+b1
ii  libpango1.0-01.29.4-2
ii  zlib1g   1:1.2.3.4.dfsg-3

nautilus-gtkhash recommends no packages.

nautilus-gtkhash suggests no packages.



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#653122: hyde: UWrong upstream project homepage

[Frank Lin PIAT]

Package: hyde
Version: 0.8.5a1-2
Severity: normal

In debian/control, the upstream Homepage should be
 http://hyde.github.com/

Regards,

Franklin


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.1.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#653123: libjs-modestmaps: Wrong upstream homepage

[Frank Lin PIAT]

Package: libjs-modestmaps
Version: 0.21.0+ds1
Severity: normal

Hello,

In debian/control, the upstream Homepage should be
 http://modestmaps.com/

Regards,

Franklin

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.1.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#649338: ITP: pxe-kexec -- Retrieves PXE configuration file and kexec entries

[Frank Lin PIAT]

Hello,

Some comment regarding the package description...

On Sun, 2011-11-20 at 02:32 +, Dave Walker (Daviey) wrote:
 Package: wnpp
 
 * Package name: pxe-kexec
   Description : Retrieves PXE configuration file and kexec entries

 Tool that fetches PXE configuration from a TFTP (or FTP) server,

Since the tools is curl based, I suppose that it supports HTTP too. This
could be an interesting feature for ipxe/gpxe users, so it's worth
mentioning it if it is supported.

 reads that PXE configuration file, prompts the user for an boot
Consider using the word reboot instead of boot, so aptitude search
work with both boot and reboot match. (and it seems more accurate,
IMO)

 entry (label), downloads the specified kernel and initrd and 
 finally tries to boot the kernel using kexec using supplied 
 command line retrieved via PXE.

I doubt this tools supports the actual PXE protocol (UDP/4011, served by
the package pxe).

Altogether, the description could look like this (drop the text in
brackets if it is inaccurate).

Description : Fetch PXE configuration file and netboot using kexec
Tool that fetches PXE configuration file (SysLinux' PXELinux format),
prompts the user for a boot entry (label), [let the user interactively
edit the kernel parameters], downloads the selected kernel and initrd
over the network using TFTP, FTP [or HTTP] and finally boot the kernel
using kexec.

(I have inserted imported keyword like: syslinux, network, netboot,
reboot...)

This description can be further improved (especially by i18n people)!

Regards,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#649281: js: Error occurred during initialization ov VM

[Frank Lin PIAT]

Package: rhino
Version: 1.7R3-2
Severity: normal

The following command fails:

$ /usr/bin/js
Error occurred during initialization of VM
java/lang/NoClassDefFoundError: java/lang/Object


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.0.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rhino depends on:
ii  default-jre-headless [java5-runtime-headless]1:1.6-43
ii  libjline-java1.0-1   
ii  librhino-java1.7R3-2 
ii  openjdk-6-jre-headless [java5-runtime-headless]  6b23~pre11-1

rhino recommends no packages.

Versions of packages rhino suggests:
ii  librhino-java-doc  1.7R3-2

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#648695: libpam-modules: /sbin/pam_timestamp_check missing

[Frank Lin PIAT]

Package: libpam-modules
Version: 1.1.3-6
Severity: normal

Hello,

The binary file /sbin/pam_timestamp_check is neither in
libpam-modules (or libpam-modules-bin), even though
the manpage (/usr/share/man/man8/pam_timestamp_check.8.gz)
exist in libpam-modules.

Regards,

Franklin



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#647016: btnx: Homepage URL is cybersquatted

[Frank Lin PIAT]

Package: btnx
Version: 0.4.11-3
Severity: normal

Hello,

I noticed that upstream's homepage URL is Cybersqatted.

BTW, It would be nice to give a package use case in the
description because the following statement wasn't 
very clear to me: a daemon [..] to send keyboard and
mouse button combination events when a mouse button is
pressed

Thanks

Franklin

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.0.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#612390: python-moinmoin: moinmoin edit(gui) fckeditor doesn't work with chrome

[Frank Lin PIAT]

forwarded 612390 
http://moinmo.in/MoinMoinBugs/MoinMoin1.8.0GuiEditingNotAvailableOnGoogleChrome
thanks

Hello,

This feature request should be added by upstream developers first. We
avoid diverging from upstream package.

Thank you for your feedback.

Regards,

Franklin


On Tue, 2011-02-08 at 18:29 +1100, David Maslen wrote:
 Package: python-moinmoin
 Version: 1.9.3-1
 Severity: wishlist
 
 The gui editor fckedit works with moinmoin when I connect with firefox,
 but not when I connect with chrome. Both browsers used under Mac OSX.
 
 I think this may be an upsteam bug.
 http://moinmo.in/MoinMoinBugs/MoinMoin1.8.0GuiEditingNotAvailableOnGoogleChrome





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#592894: wiki.debian.org change e-mails have no direct link to wiki page

[Frank Lin PIAT]

Reassign 592894 moin
Thanks

Hello,

I don't know if you noticed the page, but the linked page with the diff
also contains the full rendered content.

Do you still believe that 2 links are still needed ?

If so, could you forward this wishlist upstream ? On http://moinmo.in )

Regards


Lars Wirzenius wrote:
 Package: wiki.debian.org
 Severity: wishlist

 When you subscribe to a page in the wiki, you get an e-mail whenever
 someone changes the page. The mail contains a link showing the diff,
 and that's good. I often also want to read the actual page in its
 current state, rather than diffs, so that I do not have to mentally
 apply diffs, then format the markup in my brain -- I find it easier
 to let my computer do those things for me.

 Could we have a link in the change e-mail to the actual wiki page?
 In addition to the link to the diff?



 -- System Information:
 Debian Release: squeeze/sid
   APT prefers testing
   APT policy: (500, 'testing')
 Architecture: amd64 (x86_64)

 Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
 Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
 Shell: /bin/sh linked to /bin/dash



 --
 To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive:
 http://lists.debian.org/20100813173905.4262.51281.report...@havelock







-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#591532: Info received (Bug#591532: wiki.debian.org: When I try to login I get: global name 'wikiutil' is not defined)

[Frank Lin PIAT]

Problem:
 When I try to login I get: global name 'wikiutil' is not defined

Workaround for this bug:
  Type your password properly!

i.e: after some investigations, it appears that the regression introduced
in the last secruity update only occurs when a user tries to login with a
wrong password (moin 1.7.1-3+lenny5 ; Bug #584809 ; CVE-2010-2487)






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#591532: wiki.debian.org: When I try to login I get: global name 'wikiutil' is not defined

[Frank Lin PIAT]

reassign 591532 moin
thanks

Hello,

It's a bug in the package, introduced by a recent security update.
I've attached a patch to fix it (I don't understand how I could miss
that bug when I tested my previous patch).

Thank you for reporting this bug,

Franklin

Josue Abarca wrote:
 Package: wiki.debian.org
 Severity: normal


 When I try to login I get: global name 'wikiutil' is not defined.

diff --git a/debian/patches/CVE-2010-2487-XSS.patch b/debian/patches/CVE-2010-2487-XSS.patch
index d353459..949feb9 100644
--- a/debian/patches/CVE-2010-2487-XSS.patch
+++ b/debian/patches/CVE-2010-2487-XSS.patch
@@ -166,8 +184,19 @@ Last-update: 2010-06-04
  return request.page.send_page()
  
  func(pagename, request)
 a/MoinMoin/action/login.py	2008-03-03 00:20:39.0 +0100
-+++ b/MoinMoin/action/login.py	2010-06-07 06:41:50.0 +0200
+Index: git/MoinMoin/action/login.py
+===
+--- git.orig/MoinMoin/action/login.py	2010-08-03 20:01:39.0 -0400
 git/MoinMoin/action/login.py	2010-08-03 20:14:20.0 -0400
+@@ -10,7 +10,7 @@
+ @license: GNU GPL, see COPYING for details.
+ 
+ 
+-from MoinMoin import userform
++from MoinMoin import userform, wikiutil
+ from MoinMoin.Page import Page
+ from MoinMoin.widget import html
+ 
 @@ -68,7 +68,7 @@
  if hasattr(request, '_login_messages'):
  for msg in request._login_messages:

Bug#591282: python-axiom shouldn't depend on python-twisted-conch

[Frank Lin PIAT]

Package: python-axiom
Version: 0.6.0-2
Severity: normal

python-axiom depends on python-twisted-conch, which is kind
of weird and unexpected(1).
Would it be possible that python-axiom don't depends on conch
(or to provide an alternate  light version of axiom package)

Thanks,

Franklin


(1) the funny consequence is that installing Totem or Rythmbox's
coherence plugin pulls an ssh client ;-)

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages python-axiom depends on:
ii  python   2.6.5-5 An interactive high-level object-o
ii  python-central   0.6.14+nmu2 register and build utility for Pyt
ii  python-epsilon   0.6.0-3 utility Python modules commonly us
ii  python-pysqlite2 2.6.0-1 Python interface to SQLite 3
ii  python-twisted-conch 1:10.0.0-3  The Twisted SSH Implementation
ii  python-twisted-core  10.0.0-3Event-based framework for internet
ii  python-zope.interface [pytho 3.5.3-1+b1  Interfaces for Python

python-axiom recommends no packages.

python-axiom suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#584809: moin: Xss due to unescaped theme.add_msg to be fixed

[Frank Lin PIAT]

Hi Nicolas,

Could you upload that security update for Debian stable. I have updated
(and attached) that patch, to mention the CVE number as suggested by
Raphael.

Thanks,

Franklin

Nc Golde wrote:
 Hi,
 any news on this bug report? It's a bit sad to see a fix but nothing
 happening. Frank, if you need sponsoring I can sponsor your upload or
 Jonas please pick this up and upload. I don't want to hijack this,
 hence the mail but it would be nice to get this fixed.

diff --git a/debian/changelog b/debian/changelog
index 2d7ce4a..0bb8a7c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+moin (1.7.1-3+lenny5) stable-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed XSS in theme.add_msg, CVE-2010-2487
+(Closes: #584809)
+
+ -- Frank Lin PIAT fp...@klabs.be  Mon, 07 Jun 2010 06:48:00 +0200
+
 moin (1.7.1-3+lenny4) stable-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff --git a/debian/patches/series b/debian/patches/series
index f3c6cd2..9e4916b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,3 +14,4 @@ CVE-2010-0669.patch
 security_hierarchical_ACL.patch
 CVE-2010-0828.patch
 textcha.patch
+CVE-2010-2487-XSS.patch
diff --git a/debian/patches/CVE-2010-2487-XSS.patch b/debian/patches/CVE-2010-2487-XSS.patch
new file mode 100644
index 000..d353459
--- /dev/null
+++ b/debian/patches/CVE-2010-2487-XSS.patch
@@ -0,0 +1,221 @@
+Description: XSS by unescaped content emitted by theme.add_msg
+ Backport of upstream VCS (branch 1.7)
+Bug: http://bugs.debian.org/584809
+Bug-Vendor: http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
+Origin: upstream, http://hg.moinmo.in/moin/1.7/rev/37306fba2189
+Author: Eugene Syromyatnikov evgsyr AT gmail.com
+Last-update: 2010-06-04
+--- a/MoinMoin/Page.py	2008-05-19 09:40:47.0 +0200
 b/MoinMoin/Page.py	2010-06-07 06:41:50.0 +0200
+@@ -1053,8 +1053,8 @@
+ if 'highlight' in request.form:
+ del request.form['highlight']
+ request.theme.add_msg(_('Invalid highlighting regular expression %(regex)s: %(error)s') % {
+-  'regex': self.hilite_re,
+-  'error': str(err),
++  'regex': wikiutil.escape(self.hilite_re),
++  'error': wikiutil.escape(str(err)),
+   }, warning)
+ self.hilite_re = None
+ 
+@@ -,7 +,7 @@
+ request.theme.add_msg(strong%s/strongbr % (
+ _('Revision %(rev)d as of %(date)s') % {
+ 'rev': self.rev,
+-'date': self.mtime_printable(request)
++'date': wikiutil.escape(self.mtime_printable(request))
+ }), info)
+ 
+ # This redirect message is very annoying.
+--- a/MoinMoin/PageEditor.py	2008-06-20 22:10:19.0 +0200
 b/MoinMoin/PageEditor.py	2010-06-07 06:41:50.0 +0200
+@@ -278,14 +278,15 @@
+ elif 'template' in form:
+ # If the page does not exist, we try to get the content from the template parameter.
+ template_page = wikiutil.unquoteWikiname(form['template'][0])
++template_page_escaped = wikiutil.escape(template_page)
+ if request.user.may.read(template_page):
+ raw_body = Page(request, template_page).get_raw_body()
+ if raw_body:
+-request.theme.add_msg(_([Content of new page loaded from %s]) % (template_page, ), 'info')
++request.theme.add_msg(_([Content of new page loaded from %s]) % (template_page_escaped, ), 'info')
+ else:
+-request.theme.add_msg(_([Template %s not found]) % (template_page, ), 'warning')
++request.theme.add_msg(_([Template %s not found]) % (template_page_escaped, ), 'warning')
+ else:
+-request.theme.add_msg(_([You may not read %s]) % (template_page, ), 'error')
++request.theme.add_msg(_([You may not read %s]) % (template_page_escaped, ), 'error')
+ 
+ # Make backup on previews - but not for new empty pages
+ if not use_draft and preview and raw_body:
+--- a/MoinMoin/PageGraphicalEditor.py	2008-05-20 20:21:16.0 +0200
 b/MoinMoin/PageGraphicalEditor.py	2010-06-07 06:41:50.0 +0200
+@@ -169,14 +169,15 @@
+ elif 'template' in form:
+ # If the page does not exist, we try to get the content from the template parameter.
+ template_page = wikiutil.unquoteWikiname(form['template'][0])
++template_page_escaped = wikiutil.escape(template_page)
+ if request.user.may.read(template_page):
+ raw_body = Page(request, template_page).get_raw_body

Bug#589016: epiphany-browser: Page security information (i.e SSL/TLS certificate property) won't show up

[Frank Lin PIAT]

Package: epiphany-browser
Version: 2.30.2-3
Severity: important

Hello,

When I visit an https:// website, then go to menu
 view  Page security information

The appropriate security panel never show up.

I have also tested upgrading to SID's:
libnspr4-0d   4.8.4-2
libnss3-1d3.12.6-3
but the problem still occurs.

Regards,

Franklin

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages epiphany-browser depends on:
ii  dbus-x111.2.24-1 simple interprocess messaging syst
ii  epiphany-browser-data   2.30.2-3 Data files for the GNOME web brows
ii  gnome-icon-theme2.30.3-1 GNOME Desktop icon theme
ii  iso-codes   3.18-1   ISO language, territory, currency,
ii  libavahi-client30.6.25-4 Avahi client library
ii  libavahi-common30.6.25-4 Avahi common library
ii  libavahi-gobject0   0.6.25-4 Avahi GObject library
ii  libc6   2.11.2-2 Embedded GNU C Library: Shared lib
ii  libdbus-1-3 1.2.24-1 simple interprocess messaging syst
ii  libdbus-glib-1-20.86-1   simple interprocess messaging syst
ii  libgconf2-4 2.28.1-3 GNOME configuration database syste
ii  libgirepository1.0-00.6.14-1+b1  Library for handling GObject intro
ii  libglib2.0-02.24.1-1 The GLib library of C routines
ii  libgnome-keyring0   2.30.1-1 GNOME keyring services library
ii  libgtk2.0-0 2.20.1-1 The GTK+ graphical user interface 
ii  libice6 2:1.0.6-1X11 Inter-Client Exchange library
ii  libnotify1 [libnotify1-gtk2 0.5.0-2  sends desktop notifications to a n
ii  libnspr4-0d 4.8.4-1  NetScape Portable Runtime Library
ii  libnss3-1d  3.12.6-2 Network Security Service libraries
ii  libpango1.0-0   1.28.1-1 Layout and rendering of internatio
ii  libseed02.30.0-1 GObject JavaScript bindings for th
ii  libsm6  2:1.1.1-1X11 Session Management library
ii  libsoup-gnome2.4-1  2.30.2-1 an HTTP library implementation in 
ii  libsoup2.4-12.30.2-1 an HTTP library implementation in 
ii  libwebkit-1.0-2 1.2.1-2  Web content engine library for Gtk
ii  libx11-62:1.3.3-3X11 client-side library
ii  libxml2 2.7.7.dfsg-4 GNOME XML library
ii  libxslt1.1  1.1.26-5 XSLT 1.0 processing library - runt

Versions of packages epiphany-browser recommends:
ii  ca-certificates  20090814Common CA certificates
ii  evince   2.30.1-3Document (postscript, pdf) viewer
ii  yelp 2.30.1+webkit-1 Help browser for GNOME

Versions of packages epiphany-browser suggests:
pn  epiphany-extensions   none (no description available)

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#589023: iceweasel: SSL/X509 Certificate for 'AddTrust External CA Root' not recognized as valid

[Frank Lin PIAT]

Package: iceweasel
Version: 3.5.10-1

Hello,

When I visit https://www.gandi.net, the certificate isn't trusted/recognized.
I can reproduce the problem with https://www.comodo.com
  Error title: This Connection is Untrusted
  Error code: sec_error_unknown_issuer

The certificates hierarchy goes like this (notice the loop):
 www.gandi.net
  `- COMODO EV SGC CA
  `- AddTrust External CA Root
  `- UTN - DATACorp SGC
  `- AddTrust External CA Root
  `- UTN - DATACorp SGC
  `- AddTrust External CA Root
  `- (loop continues)

 www.comodo.com
  `- COMODO EV SGC CA
  `- AddTrust External CA Root
  `- UTN - DATACorp SGC
  `- AddTrust External CA Root
  `- UTN - DATACorp SGC
  `- AddTrust External CA Root
  `- (loop continues)


Other web browsers (epiphany/Deb, chrome/Deb, firefox 3.6.3/Win, Safari/Win)
and openssl's CLI don't exhibit this loop behaviour.
(I have submited a webshots session... we'll see how other browsers do
on http://browsershots.org/https://www.comodo.com/ )

The certificate AddTrust External CA Root is supposed to be
enabled/trusted on my system:
 readlink /etc/ssl/certs/AddTrust_External_Root.pem 
 /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt

 # openssl x509 -noout -in 
 /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt  -subject
 subject= /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
 External CA Root

And it seems valid:
 debsums ca-certificates | grep AddTrust_External_Root
 /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt  OK

openssl verify -verbose 
/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt
 /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt: OK



OpenSSL seems happy with it, and doesn't loop:
 openssl  s_client  -host www.gandi.net -port 443 -CApath /etc/ssl/certs 
 -showcerts  showcerts_gandi.txt 
 depth=4 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
 External CA Root
 verify return:1
 depth=3 /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST 
 Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
 verify return:1
 depth=2 /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO 
 Certification Authority
 verify return:1
 depth=1 /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO 
 EV SGC CA
 verify return:1
 depth=0 
 /serialNumber=423093459/1.3.6.1.4.1.311.60.2.1.3=FR/1.3.6.1.4.1.311.60.2.1.2=Paris/businessCategory=V1.0,
  Clause 5.(b)/C=FR/postalCode=75011/ST=Paris/L=Paris/street=15 Place de la 
 Nation/O=Gandi SAS/OU=Comodo EV SGC SSL/CN=www.gandi.net
 verify return:1

and 
 openssl  s_client  -host www.comodo.com -port 443 -CApath /etc/ssl/certs 
 -showcerts  showcerts_comodo.txt 
 depth=2 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
 External CA Root
 verify return:1
 depth=1 /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO 
 EV SGC CA
 verify return:1
 depth=0 
 /serialNumber=04058690/1.3.6.1.4.1.311.60.2.1.3=GB/1.3.6.1.4.1.311.60.2.1.2=Greater
  Manchester/1.3.6.1.4.1.311.60.2.1.1=Manchester/businessCategory=V1.0, Clause 
 5.(b)/C=GB/postalCode=M5 3EQ/ST=Greater Manchester/L=Salford/street=Trafford 
 Road
 verify return:1

Regards,

Franklin

-- Package-specific info:

-- Extensions information
Name: Clear Cache Button
Location: ${PROFILE_EXTENSIONS}/{563e4790-7e70-11da-a72b-0800200c9a66}
Status: enabled

Name: Default
Location: /usr/lib/iceweasel/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}
Package: iceweasel
Status: enabled

Name: Firebug
Location: ${PROFILE_EXTENSIONS}/fire...@software.joehewitt.com
Status: enabled

Name: FirefoxNotify
Location: 
/usr/lib/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/firefoxnot...@abhishek.mukherjee
Package: xul-ext-notify
Status: enabled

Name: Flashblock
Location: ${PROFILE_EXTENSIONS}/{3d7eb24f-2740-49df-8937-200b1cc08f8a}
Status: enabled

Name: It's All Text!
Location: ${PROFILE_EXTENSIONS}/itsallt...@docwhat.gerf.org
Status: enabled

Name: JavaScript Debugger
Location: ${PROFILE_EXTENSIONS}/{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
Status: enabled

Name: Live HTTP headers
Location: /usr/lib/iceweasel/extensions/{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
Package: mozilla-livehttpheaders
Status: enabled

Name: Operator
Location: ${PROFILE_EXTENSIONS}/{95C9A302-8557-4052-91B7-2BB6BA33C885}
Status: user-disabled

Name: SQLite Manager
Location: ${PROFILE_EXTENSIONS}/sqlitemana...@mrinalkant.blogspot.com
Status: enabled

Name: ScrapBook
Location: ${PROFILE_EXTENSIONS}/{53A03D43-5363-4669-8190-99061B2DEBA5}
Status: user-disabled

Name: Web Developer
Location: ${PROFILE_EXTENSIONS}/{c45c406e-ab73-11d8-be73-000a95be3b12}
Status: enabled

-- Plugins information
Name: DivX® Web Player
Location: /usr/lib/mozilla/plugins/libtotem-mully-plugin.so
Package: totem-mozilla
Status: enabled

Name: 

Bug#589023: iceweasel: SSL/X509 Certificate for 'AddTrust External CA Root' not recognized as valid

[Frank Lin PIAT]

On Wed, 2010-07-14 at 13:43 +0200, Mike Hommey wrote:
 On Wed, Jul 14, 2010 at 01:27:12PM +0200, Frank Lin PIAT wrote:
  
  When I visit https://www.gandi.net, the certificate isn't 
  trusted/recognized.
Error title: This Connection is Untrusted
Error code: sec_error_unknown_issuer

 [..] as it works properly here, I suspect something fishy with the
 certificate database in your user profile.
 
 Can you first check if that works better if you try with a new profile

The new profile is OK (I should have tested that rather than make wrong
assumption).

I investigated... In the OK profile, the AddTrust External CA Root
certificate is selfsigned, whereas the certificates are differents on
the KO profile (and they make a loop!):

/usr/bin/certutil -L -d /home/fpiat/.mozilla/firefox/*.default/ -a -n AddTrust 
External CA Root  | openssl x509 -noout -issuer -subject 
 issuer= /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST 
 Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
 subject= /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
 External CA Root

/usr/bin/certutil -L -d /home/fpiat/.mozilla/firefox/*.default/ -a -n UTN - 
DATACorp SGC  | openssl x509 -noout -issuer -subject 
 issuer= /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
 External CA Root
 subject= /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST 
 Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC

I wonder where I got those certificates from, and if others could be affected.

me thinking
If I understand how NSS work properly, it means that NSS is learning
certificates chains (i.e adding certificates to it's database) as it is
receiving certificates from visited websites.

This fuzzy / unpredictable behavior scares me.
/me thinking

Anyway, I removed the Software Security Device entries, and it's now
working:
UTN - DATACorp SGC
 `- AddTrust External CA Root
 `- COMODO EV SGC CA
  `- www.comodo.com

Regards,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#589023: iceweasel: SSL/X509 Certificate for 'AddTrust External CA Root' not recognized as valid

[Frank Lin PIAT]

On Wed, 2010-07-14 at 18:49 +0200, Mike Hommey wrote:
 On Wed, Jul 14, 2010 at 06:17:30PM +0200, Frank Lin PIAT wrote:
  On Wed, 2010-07-14 at 13:43 +0200, Mike Hommey wrote:
   On Wed, Jul 14, 2010 at 01:27:12PM +0200, Frank Lin PIAT wrote:

When I visit https://www.gandi.net, the certificate isn't 
trusted/recognized.
  Error title: This Connection is Untrusted
  Error code: sec_error_unknown_issuer
  
   [..] as it works properly here, I suspect something fishy with the
   certificate database in your user profile.
   
   Can you first check if that works better if you try with a new profile
  
  The new profile is OK (I should have tested that rather than make wrong
  assumption).
  
  I investigated... In the OK profile, the AddTrust External CA Root
  certificate is selfsigned, whereas the certificates are differents on
  the KO profile (and they make a loop!):
  
  /usr/bin/certutil -L -d /home/fpiat/.mozilla/firefox/*.default/ -a -n 
  AddTrust External CA Root  | openssl x509 -noout -issuer -subject 
   issuer= /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST 
   Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
   subject= /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
   External CA Root
  
  /usr/bin/certutil -L -d /home/fpiat/.mozilla/firefox/*.default/ -a -n UTN 
  - DATACorp SGC  | openssl x509 -noout -issuer -subject 
   issuer= /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust 
   External CA Root
   subject= /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST 
   Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
  
  I wonder where I got those certificates from, and if others could be 
  affected.
  
  me thinking
  If I understand how NSS work properly, it means that NSS is learning
  certificates chains (i.e adding certificates to it's database) as it is
  receiving certificates from visited websites.
  
  This fuzzy / unpredictable behavior scares me.
  /me thinking
 
 AFAIK, it doesn't.
 
 The AddTrust External CA Root certificate is provided by the builtin
 object token, so it shouldn't have been broken in the first place. Are
 you sure you never imported a broken certificate?

I have no clue how that certificate ended up on my laptop. I am
extremely reluctant to add CA certificate to my laptop, I doubt I ever
did that (and when I see the amount of Software Security Device, I am
pretty sure I didn't import them all myself :-/ )

The AddTrust External CA Root certificate I removed is the one under
The USERTRUST Network, which type was Software Security Device:
 CN = AddTrust External CA Root
 OU = AddTrust External TTP Network
 O = AddTrust AB
 C = SE

I did *not* remove the certificate AddTrust External CA Root filed
under AddTrust AB,  which type was Builtin Object Token already.

I have attached both certificates (.pem and .txt)

  Anyway, I removed the Software Security Device entries, and it's now
  working:
  UTN - DATACorp SGC
   `- AddTrust External CA Root
   `- COMODO EV SGC CA
`- www.comodo.com
 
 Do you have a backup of your firefox profile directory? If you don't
 have any private key stored in it, would you mind providing the *.db
 files from there?

I am sending it the .db files privately


Franklin


AddTrustExternalCARoot~AddTrust AB.pem
Description: application/x509-ca-cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, 
CN=AddTrust External CA Root
Validity
Not Before: May 30 10:48:38 2000 GMT
Not After : May 30 10:48:38 2020 GMT
Subject: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, 
CN=AddTrust External CA Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:b7:f7:1a:33:e6:f2:00:04:2d:39:e0:4e:5b:ed:
1f:bc:6c:0f:cd:b5:fa:23:b6:ce:de:9b:11:33:97:
a4:29:4c:7d:93:9f:bd:4a:bc:93:ed:03:1a:e3:8f:
cf:e5:6d:50:5a:d6:97:29:94:5a:80:b0:49:7a:db:
2e:95:fd:b8:ca:bf:37:38:2d:1e:3e:91:41:ad:70:
56:c7:f0:4f:3f:e8:32:9e:74:ca:c8:90:54:e9:c6:
5f:0f:78:9d:9a:40:3c:0e:ac:61:aa:5e:14:8f:9e:
87:a1:6a:50:dc:d7:9a:4e:af:05:b3:a6:71:94:9c:
71:b3:50:60:0a:c7:13:9d:38:07:86:02:a8:e9:a8:
69:26:18:90:ab:4c:b0:4f:23:ab:3a:4f:84:d8:df:
ce:9f:e1:69:6f:bb:d7:42:d7:6b:44:e4:c7:ad:ee:
6d:41:5f:72:5a:71:08:37:b3:79:65:a4:59:a0:94:
37:f7:00:2f:0d:c2:92:72:da:d0:38:72:db:14:a8:
45:c4:5d:2a:7d:b7:b4:d6:c4:ee:ac:cd:13:44:b7:
c9:2b:dd:43:00:25:fa:61:b9:69:6a:58:23:11:b7:
a7:33:8f:56:75:59:f5:cd:29:d7:46:b7

Bug#588884: Convert SVG file

[Frank Lin PIAT]

Package: grub-pc
Version: 1.98~20100101-1
Severity: normal

[re-submitting this bug, which was originally sent to #560978 by mistake]


Assuming that the background image provided is a .svg, I have added the
following snippet in /etc/grub.d/05_debian_theme to convert the svg into
a png at the resolution specified GRUB_GFXMODE.

This snippets certainly needs some improvements/a better integration
with grub.

Franklin


# Convert .svg files
case $WALLPAPER in
*.svg)
svgfmt=$(echo $GRUB_GFXMODE | sed -n -e 's/^\(\w*\)x\(\w*\)$/-w \1 -h 
\2/p')

[ ! $svgfmt ]  svgfmt=-w 640 -h 480
if which rsvg-convert  /dev/null; then
rsvg-convert -f png $svgfmt $WALLPAPER -o 
/boot/grub/auto-converted.png
WALLPAPER=/boot/grub/auto-converted.png
fi
;;
esac



### BEGIN /etc/grub.d/05_debian_theme ###
#!/bin/bash -e

source /usr/lib/grub/grub-mkconfig_lib

# this allows desktop-base to override our settings
f=/usr/share/desktop-base/grub_background.sh
if test -e ${f} ; then
  source ${f}
else
#  WALLPAPER=/usr/share/images/desktop-base/moreblue-orbit-grub.png
  WALLPAPER=/usr/share/images/desktop-base/moreblue-orbit-wallpaper.svg
  COLOR_NORMAL=black/black
  COLOR_HIGHLIGHT=magenta/black
fi

set_blue_theme()
{
  cat  EOF
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
EOF
}

# Convert .svg files
case $WALLPAPER in
*.svg)
svgfmt=$(echo $GRUB_GFXMODE | sed -n -e 's/^\(\w*\)x\(\w*\)$/-w \1 -h 
\2/p')

[ ! $svgfmt ]  svgfmt=-w 640 -h 480
if which rsvg-convert  /dev/null; then
rsvg-convert -f png $svgfmt $WALLPAPER -o 
/boot/grub/auto-converted.png
WALLPAPER=/boot/grub/auto-converted.png
fi
;;
esac

# check for usable backgrounds
use_bg=false
if [ $GRUB_TERMINAL_OUTPUT = gfxterm ] ; then
  for i in /boot/grub/`basename ${WALLPAPER}` ${WALLPAPER} ; do
if is_path_readable_by_grub $i ; then 
  bg=$i
  case ${bg} in
*.png)  reader=png ;;
*.tga)  reader=tga ;;
*.jpg|*.jpeg)   reader=jpeg ;;
  esac
  if test -e /boot/grub/${reader}.mod ; then
echo Found background image: `basename ${bg}` 2
use_bg=true
break
  fi
fi
  done
fi

# set the background if possible
if ${use_bg} ; then
  prepare_grub_to_access_device `${grub_probe} --target=device ${bg}`
  cat  EOF
insmod ${reader}
if background_image `make_system_path_relative_to_its_root ${bg}` ; then
  set color_normal=${COLOR_NORMAL}
  set color_highlight=${COLOR_HIGHLIGHT}
else
EOF
fi

# otherwise, set the traditional Debian blue theme
if ${use_bg} ; then
  set_blue_theme | sed -e s/^/  /g
  echo fi
else
  set_blue_theme
fi
### END /etc/grub.d/05_debian_theme ###






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#584809: moin: Xss due to unescaped theme.add_msg to be fixed

[Frank Lin PIAT]

Raphael Geissert wrote:

 This issue has been assigned CVE-2010-2487, please mention it in the
 uploads
 fixing the issues.

 Jonas, Franklin, does any of you have time to prepare the package for
 lenny?

Hi Raphael,

A patch is included in this BR, it just needs to be uploaded
(well, one needs to add the CVE to the changelog, as you requested).

I have no upload right, so I can't do the actual upload myself.

Regards,

Franklin

P.S. I am working on the new upstream release for unstable, which fix this
CVE.




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#584989: Utilize submenu support of syslinux menu.c32.

[Frank Lin PIAT]

Hello,

On Tue, 2010-06-08 at 16:07 +1000, Trent W. Buck wrote:
 Package: di-netboot-assistant
 Version: 0.36b
 Severity: wishlist
 
 Some time ago, syslinux (pxelinux) menu.c32 got some new features.
 
 Firstly,
 
 DEFAULT menu
 LABEL menu
MENU HIDE
KERNEL debian-installer/pxelinux.cfg/menu.c32
 
 becomes
 
 UI menu.c32

di-n-a can't guarantee which version of pxelinux.0 is installed...
therefore we try to be conservative.
I'll adopt this new scheme in squeeze+1.

 Secondly, instead of calling [vesa]menu.c32 on another cfg file,
 
 LABEL daily-amd64
 MENU LABEL Debian Installer (daily, amd64) [SUB-MENU]
 KERNEL debian-installer/daily/amd64/boot-screens/vesamenu.c32
 APPEND debian-installer/daily/amd64/boot-screens/menu.cfg
 
 you can simply use submenus
 
 MENU BEGIN daily-amd64
   MENU TITLE Debian Installer (daily, amd64)
 LABEL mainmenu
   MENU LABEL ^Back..
   MENU EXIT
 INCLUDE debian-installer/daily/amd64/boot-screens/menu.cfg
 MENU END

As far as I can remember, the current scheme does not include config
file, but actually loads it (i.e the current options are reset).
Still, I like the back option... I'll try to investigate that (but
again, that's probably for squeeze+1)

 While you're at it, I suggest dropping the default.serial-9600 menu
 (upstream d-i dropped it some time ago), or at least adding CONSOLE
 0 and SERIAL 0 9600 to its prelude.

good idea


I you believe that some of the suggestions are backward compatible with
lenny's pxelinux and you have some spare time... then patchs are
welcome ;)

Thank you for your report,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#584809: moin: Xss due to unescaped theme.add_msg to be fixed

[Frank Lin PIAT]

Package: moin
Version: 1.7.1-3+lenny2
Severity: important
Tags: security

An XSS have been reported upstream:
 There is a possible reflected Cross-Site Scripting attack. An attacker
 able to cause a user to follow a specially crafted malicious link may be
 able to recover session identifiers or exploit browser vulnerabilities.

Moin 1.9.2 (unstable) and 1.7 (lenny) are supposed to be affected.

See:
 http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#584809: moin: Xss due to unescaped theme.add_msg to be fixed

[Frank Lin PIAT]

Hi,

Find attached a patch for moin 1.7 (lenny).

Jonas, are you available to upload it?

Regards,

Franklin
diff --git a/debian/changelog b/debian/changelog
index 2d7ce4a..0bb8a7c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+moin (1.7.1-3+lenny5) stable-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed XSS in theme.add_msg. (Closes: #584809)
+
+ -- Frank Lin PIAT fp...@klabs.be  Mon, 07 Jun 2010 06:48:00 +0200
+
 moin (1.7.1-3+lenny4) stable-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff --git a/debian/patches/series b/debian/patches/series
index f3c6cd2..9e4916b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,3 +14,4 @@ CVE-2010-0669.patch
 security_hierarchical_ACL.patch
 CVE-2010-0828.patch
 textcha.patch
+theme_addmsg_XSS.patch
diff --git a/debian/patches/theme_addmsg_XSS.patch 
b/debian/patches/theme_addmsg_XSS.patch
new file mode 100644
index 000..d353459
--- /dev/null
+++ b/debian/patches/theme_addmsg_XSS.patch
@@ -0,0 +1,221 @@
+Description: XSS by unescaped content emitted by theme.add_msg
+ Backport of upstream VCS (branch 1.7)
+Bug: http://bugs.debian.org/584809
+Bug-Vendor: http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
+Origin: upstream, http://hg.moinmo.in/moin/1.7/rev/37306fba2189
+Author: Eugene Syromyatnikov evgsyr AT gmail.com
+Last-update: 2010-06-04
+--- a/MoinMoin/Page.py 2008-05-19 09:40:47.0 +0200
 b/MoinMoin/Page.py 2010-06-07 06:41:50.0 +0200
+@@ -1053,8 +1053,8 @@
+ if 'highlight' in request.form:
+ del request.form['highlight']
+ request.theme.add_msg(_('Invalid highlighting regular 
expression %(regex)s: %(error)s') % {
+-  'regex': self.hilite_re,
+-  'error': str(err),
++  'regex': 
wikiutil.escape(self.hilite_re),
++  'error': wikiutil.escape(str(err)),
+   }, warning)
+ self.hilite_re = None
+ 
+@@ -,7 +,7 @@
+ request.theme.add_msg(strong%s/strongbr % (
+ _('Revision %(rev)d as of %(date)s') % {
+ 'rev': self.rev,
+-'date': self.mtime_printable(request)
++'date': 
wikiutil.escape(self.mtime_printable(request))
+ }), info)
+ 
+ # This redirect message is very annoying.
+--- a/MoinMoin/PageEditor.py   2008-06-20 22:10:19.0 +0200
 b/MoinMoin/PageEditor.py   2010-06-07 06:41:50.0 +0200
+@@ -278,14 +278,15 @@
+ elif 'template' in form:
+ # If the page does not exist, we try to get the content from the 
template parameter.
+ template_page = wikiutil.unquoteWikiname(form['template'][0])
++template_page_escaped = wikiutil.escape(template_page)
+ if request.user.may.read(template_page):
+ raw_body = Page(request, template_page).get_raw_body()
+ if raw_body:
+-request.theme.add_msg(_([Content of new page loaded from 
%s]) % (template_page, ), 'info')
++request.theme.add_msg(_([Content of new page loaded from 
%s]) % (template_page_escaped, ), 'info')
+ else:
+-request.theme.add_msg(_([Template %s not found]) % 
(template_page, ), 'warning')
++request.theme.add_msg(_([Template %s not found]) % 
(template_page_escaped, ), 'warning')
+ else:
+-request.theme.add_msg(_([You may not read %s]) % 
(template_page, ), 'error')
++request.theme.add_msg(_([You may not read %s]) % 
(template_page_escaped, ), 'error')
+ 
+ # Make backup on previews - but not for new empty pages
+ if not use_draft and preview and raw_body:
+--- a/MoinMoin/PageGraphicalEditor.py  2008-05-20 20:21:16.0 +0200
 b/MoinMoin/PageGraphicalEditor.py  2010-06-07 06:41:50.0 +0200
+@@ -169,14 +169,15 @@
+ elif 'template' in form:
+ # If the page does not exist, we try to get the content from the 
template parameter.
+ template_page = wikiutil.unquoteWikiname(form['template'][0])
++template_page_escaped = wikiutil.escape(template_page)
+ if request.user.may.read(template_page):
+ raw_body = Page(request, template_page).get_raw_body()
+ if raw_body:
+-request.write(_([Content of new page loaded from %s]) % 
(template_page, ), 'br')
++request.write(_([Content of new page loaded from %s]) % 
(template_page_escaped, ), 'br')
+ else:
+-request.write(_([Template %s not found]) % 
(template_page, ), 'br

Bug#582093: python-moinmoin: search fails to detect https when running under mod_wsgi

[Frank Lin PIAT]

forwarded 582093 http://moinmo.in/MoinMoinBugs/TitleSearchFailsWsgiSSL
thanks

Thank you for investigating this issue.
I'll try to have a look tonight (unless another maintainer
is faster than me;)

(I am considering to fix this issue in the next Debian Lenny
point release, rather that a security update.)

Ruprechtsberger Rainer wrote:
 python-moinmoin search fails to detect https correctly when running
 under mod_wsgi. This problem is known upstream:
 http://moinmo.in/MoinMoinBugs/TitleSearchFailsWsgiSSL

 There is a security implication of this bug: in a https only environment
 information about a wiki instance is sent unencrypted over network.

 A fix is available for quite a while:
 http://hg.moinmo.in/moin/1.7/rev/3e019f6ae381





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#581597: aptitude --help output is not formated properly (for -i option)

[Frank Lin PIAT]

Package: aptitude
Version: 0.6.1.5-3
Severity: minor

When running aptitude --help, the formatting is wrong for option -i :

--
 -S fname   Read the aptitude extended status info from fname.
 -u Download new package lists on startup.
  (terminal interface only) -i Perform an install 
run on startup.
  (terminal interface only)
 ^
  Here(!)


Thanks,

Franklin

-- Package-specific info:
aptitude 0.6.1.5 compiled at Mar 12 2010 09:52:06
Compiler: g++ 4.4.3
Compiled against:
  apt version 4.8.0
  NCurses version 5.7
  libsigc++ version: 2.2.4.2
  Ept support enabled.
  Gtk+ support disabled.

Current library versions:
  NCurses version: ncurses 5.7.20100313
  cwidget version: 0.5.16
  Apt version: 4.8.0
Terminal: xterm
$DISPLAY is set.
`which aptitude`: /usr/bin/aptitude
aptitude version information:

aptitude linkage:

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages aptitude depends on:
ii  apt [libapt-pkg-libc6.9 0.7.25.3 Advanced front-end for dpkg
ii  libboost-iostreams1.40. 1.40.0-6+b1  Boost.Iostreams Library
ii  libc6   2.10.2-6 Embedded GNU C Library: Shared lib
ii  libcwidget3 0.5.16-3 high-level terminal interface libr
ii  libept0 0.5.30   High-level library for managing De
ii  libgcc1 1:4.4.2-9GCC support library
ii  liblog4cxx100.10.0-1.1   A logging library for C++
ii  libncursesw55.7+20100313-2   shared libraries for terminal hand
ii  libsigc++-2.0-0c2a  2.2.4.2-1type-safe Signal Framework for C++
ii  libsqlite3-03.6.23.1-1   SQLite 3 shared library
ii  libstdc++6  4.4.2-9  The GNU Standard C++ Library v3
ii  libxapian15 1.0.20-2 Search engine library
ii  zlib1g  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages aptitude recommends:
ii  apt-xapian-index  0.30   maintenance tools for a Xapian ind
ii  aptitude-doc-en [aptitude-doc 0.6.1.5-3  English manual for aptitude, a ter
ii  libparse-debianchangelog-perl 1.1.1-2parse Debian changelogs and output
ii  sensible-utils0.0.4  Utilities for sensible alternative

Versions of packages aptitude suggests:
ii  debtags   1.7.9+b2   Enables support for package tags
ii  tasksel   2.81   Tool for selecting tasks for insta

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580888: ITP: gnome-media-player -- GNOME Media Player is a simple media player for GNOME that supports playing media using the vlc, xine and gstreamer engines.

[Frank Lin PIAT]

On Sun, 2010-05-09 at 17:58 +0200, Julien Cristau wrote:
 On Sun, May  9, 2010 at 18:25:15 +0300, Bilal Akhtar wrote:
 
  Package name: gnome-media-player

I find the package name extremely misleading: There is already a Gnome
Media Player: Gnome's Totem.

BTW, do we really need yet another media player? If you follow GNOME HID
(like Totem) and use the same back-ends as Totem, the two applications
are very likely to be pretty identical (?) Why not contributing to totem
directly?

  Version : 0.1.2
Description : GNOME Media Player is a simple media player for
  GNOME that supports playing media using the vlc, xine and gstreamer
  engines.
 
 This is not a short description.  Try to make it fit in a line.

I suggest: simple media player for GNOME and Gtk+.

Actually, I don't get the impression that simple is appropriate. The
launchpad page mention:
| The goal is to combine multiple engines into a consistent user
| interface so users can switch between engines without having to
| retrain themselves to use a different UI.
That seems to be the unique feature of the tool.

  GNOME Media Player is a simple media player for GNOME that supports
  playing media using the vlc, xine and gstreamer engines.

 It has the ability to switch between the engines in the GUI, 

This statement is strange for a package which is advertized as GNOME
Media Player. You could drop this statement and just mention that it's
for GNOME and Gtk+

  ... and features an engine Auto-select mode, which automatically 
  selects the best engine for playing the selected file.

I am not a native English speaker, but that could be worded in a simpler
way. 

 And this makes it sounds like a pretty pointless piece of software...

* The description should state that it is a replacement for GNOME's
  official media player (totem) (or something similar, to mention
  that it isn't the official media player)
* The description should mention that the software is still in early
  development stage, then mention the consequences (missing feature,
  unstable, ...)
  

my 2 cents,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580688: python-moinmoin: multiple protocols missing from config/__init__.py

[Frank Lin PIAT]

On Sat, 2010-05-08 at 16:23 +0200, Tollef Fog Heen wrote: 
 ]] Frank Lin PIAT  wrote
 
 | On Fri, 2010-05-07 at 21:49 +0200, Tollef Fog Heen wrote:
 |  Package: python-moinmoin
 |  Severity: normal
 | 
 |  moin has a list of protocols it leaves alone in
 |  MoinMoin/config/__init__.py
 | 
 |  from this list, at least git, imap, imaps, caldav and nntps are
 |  missing leading to wrongly formatted URLs.
 | 
 | I checked on my system (see proto.html). And none of those url schemes are
 | supported by Debian Gnome default setup (DebianTesting). Therefore, I
 | wonder if those schemes are good candidates for inclusion.
 
 It means you can't add git urls that are copy paste-able, for instance,
 something which is quite unfortunate and there is no way for me to
 change that.

I am not sure to understand what you want.
It is certainly possible to change the behavior, if it is safe.


If I were you, I would use curly brackets, like for all code samples:

-
   Git repository:
{{{
git://foo
   }}}
-

Or the in-line form:

-
  Git repository: {{{git://foo}}}


 | Since upstream documents how to achieve your goal for specific needs (see
 | below), I am closing this bug. If you believe it could be useful for most
 | users, we could file a feature request[1] upstream, and
 | elaborate there.
 
 [...]
 
 | Note: the proper way to achieve this in Debian would be to add a patch and
 | recompile the package (because
 | the /usr/share/pyshared/MoinMoin/config/__init__.py isn't a
 | configuration file).
 
 And lose out on security updates?  No thanks.
 
 I find it quite disconcerning that the what upstream considers
 configuration isn't shipped in /etc and marked as configuration files in
 the package, though.

You should blame us, the Debian package maintainer, not upstream:
Upstream provide a tarball that is meant to be decompressed (typically
in /srv/foo).

Adding a protocol has important security implication:
- disclosing credential
- DoS attacks (locking accounts...)
- cross site scripting attacks
etc.
The main problem is that wikis are usually public, so anyone can add
arbitrary link.

 I believe this is a release critical bug, but I'd
 appreciate your input on it before filing it.

MoinMoin/config/__init__.py is not a configuration file, but the
source code, that needs to be modified before compilation.
(I understand that you are reluctant to do so, for security reason).


So what is/are the protocol(s) that you want/need? then we'll have to
figure out (your help is welcome):
- Does Debian or Windows or MacOS handle it? (with a popular tool)
- Are those URL scheme documented
- Are there security issues

regards,

Franklin 




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579569: ITP: ants -- advanced normalization tools for brain and image mapping

[Frank Lin PIAT]

On Sun, 2010-05-09 at 12:36 -0400, Yaroslav Halchenko wrote:
 Thanks Frank!
 
 On Sun, 02 May 2010, Frank Lin PIAT wrote:
 Description : advanced normalization tools for brain and image 
   mapping
   The ANTS package is designed to enable researchers with advanced tools for
   brain and image mapping. 
  This paragraph could be written in a way to clarify that this tool
  analyses brain images (i.e it has nothing to do with organizing
  mind/ideas)
 it never used 'mind' in the description ;)  but lets indeed make it more
 descriptive/less confusing:

thanks

 Description: advanced normalization tools for brain and image analysis
  Advanced Normalization Tools (ANTS) is an ITK-based suite of
  normalization, segmentation and template-building tools for quantitative
  morphometric analysis.
 
 better?

The concept of brain and image mapping seems to be gone, I don't know
how important it is.

At the risk of being picky... ITK is quite technical. GUI might be more
explicit.

Thanks,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580569: python-xappy: Should depend on python-xappian

[Frank Lin PIAT]

Package: python-xappy
Version: 0.5-2
Severity: normal

Hello,

python-xappy should depend on python-xappian:

grep import.*\xapian /usr/share/pyshared/xappy/ -R
/usr/share/pyshared/xappy/errors.py:import xapian
/usr/share/pyshared/xappy/_checkxapian.py:import xapian
/usr/share/pyshared/xappy/highlight.py:import xapian
/usr/share/pyshared/xappy/replaylog.py:import xapian
/usr/share/pyshared/xappy/marshall.py:import xapian
/usr/share/pyshared/xappy/indexerconnection.py:import xapian
/usr/share/pyshared/xappy/searchconnection.py:import xapian as _xapian
/usr/share/pyshared/xappy/datastructures.py:import xapian
/usr/share/pyshared/xappy/fieldactions.py:import xapian

Regards,

Franklin


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages python-xappy depends on:
ii  python   2.5.4-9 An interactive high-level object-o
ii  python-central   0.6.14+nmu2 register and build utility for Pyt

python-xappy recommends no packages.

python-xappy suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580574: libapache2-mod-fastcgi: /var/lib/apache2/fastcgi not purged

[Frank Lin PIAT]

Package: libapache2-mod-fastcgi
Version: 2.4.6-1
Severity: wishlist

When purging libapache2-mod-fastcgi, dpkg complains that 
/var/lib/apache2/fastcgi not empty so not removed.


 LOG 
Removing libapache2-mod-fastcgi ...
Module fastcgi disabled.
Run '/etc/init.d/apache2 restart' to activate new configuration!
Purging configuration files for libapache2-mod-fastcgi ...
dpkg: warning: while removing libapache2-mod-fastcgi, directory
'/var/lib/apache2/fastcgi' not empty so not removed.
dpkg: warning: while removing libapache2-mod-fastcgi, directory
'/var/lib/apache2' not empty so not removed.
 END 

BTW, I wonder why the package uses /var/lib/apache2/fastcgi... I would
assume that the application could regenerate the content if it were erased ?


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libapache2-mod-fastcgi depends on:
ii  apache2.2-common  2.2.15-3   Apache HTTP Server common files
ii  libc6 2.10.2-6   Embedded GNU C Library: Shared lib

libapache2-mod-fastcgi recommends no packages.

libapache2-mod-fastcgi suggests no packages.



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579796: ITP: othman -- electronic Quran browser in Python

[Frank Lin PIAT]

On Fri, 2010-04-30 at 23:18 +0300, أحمد المحمودي wrote:
 * Package name: othman
 * License : Waqf Public License
   Description : electronic Quran browser
 
  Othman electronic Quran browser displays Quranic text in Othmani script style
  as written under authority of Othman ibn Affan the companion of prophet
  Muhammad (Peace Be Upon Him).

Regarding the long description,

Not everyone knows that Othmani script is a script for Arabic. (I
didn't know it anyway;) So it might be worth mentioning that the text is
in Arabic only (is it?).

 Othman project features fast search, autoscrolling
I suggest Othman brower features fast search and autoscrolling

 copy Quranic text to clipboard.

Copy/Paste is a trivial feature. You might want to drop it from the
description (except if this feature is fairly unique for Quran readers)

I wonder who many people use the word Coran for Qur'an in English. If
this is quite frequent, you might want insert this synonym somewhere in
the description.

My 2 cents,

Franklin




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580221: ITP: python-libssh2 -- python-libssh2 is a python binding for libssh2 library.

[Frank Lin PIAT]

On Tue, 2010-05-04 at 15:47 +0200, fabien.dot.bouc...@gmail.com wrote:
 
 * Package name: python-libssh2
   Description : python-libssh2 is a python binding for libssh2 library.

The short description should not contain the package name, so:
  python binding for libssh2 library.

 python-libssh2 is a python binding for libssh2 library.
 It was forked and rewrote from scratch using old org.keyphrene
 (http://sourceforge.net/projects/orgkeyphrene/) bindings.

It is usually a good idea to insert the original library's description,
so I suggest the following long description:

-
 libssh2 is the thin library implementing client side of SSH2 protocol
 as defined by Internet Drafts SECSH-TRANS, SECSH-USERAUTH,
 SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX,
 SECSH-NUMBERS, and SECSH-PUBLICKEY
 .
 This boils down to the regular terminal, scp and SFTP sessions; port
 forwarding; password, key-based and keyboard-interactive
 authentication.
 .
 This package contains the python bindings libssh2. It is a fork and
 rewrite of org.keyphrene.
-

Note that the two first paragraph are a pristine copy of libssh2
description... the I18N teams should appreciate ;)

Regards

Frankli n




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580176: ITP: obdgpslogger -- Suite of tools to log OBDII and GPS data

[Frank Lin PIAT]

On Mon, 2010-05-03 at 20:39 -0700, Gary Briggs wrote:
 Package: wnpp
 Severity: wishlist
 Owner: Gary Briggs chu...@icculus.org
 
 * Package name: obdgpslogger
 * URL : http://icculus.org/obdgpsloger/
wrong URL: http://icculus.org/obdgpslogger/

   Description : Suite of tools to log OBDII and GPS data
 
  Tools to log OBDII and GPS data in your car and convert to CSV or google 
 earth
  Includes a modular OBDII Simulator


This package contain a suite of tools to log OBDII and GPS data in your
car and convert to CSV or google earth KML file.

OBD-II (On-Board Diagnostics) are vehicle's self-diagnostic and
reporting capability, which can be use to monitor vehicle speed, engine
RPM, throttle position, oil temperatures and much more.

The package also includes a modular OBDII Simulator


The description could certainly be described further.




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579871: ITP: libnet-https-any-perl -- A perl module for HTTPS GET and POST using any available SSL module

[Frank Lin PIAT]

On Sat, 2010-05-01 at 15:25 -0700, Ivan Kohler wrote:
 
 * Package name: libnet-https-any-perl
   Description : A perl module for HTTPS GET and POST using any available 
 SSL module

Short description is too long. May be just:
  Perl module for HTTPS GET and POST

 This is a simple wrapper around either of the two available SSL
 modules. It offers a unified API for sending GET and POST requests
 over HTTPS and receiving responses.

I suggest a few improvements:
 Net::HTTPS::Any library is a simple wrapper around either of 
  the two available SSL/TLS perl modules. It offers a unified API
  for sending simple GET and POST requests over HTTPS and 
  receiving responses.

 It depends on Net::SSLeay _or_ ( Crypt::SSLeay and LWP::UserAgent ).

I suppose that this last sentence is not part of the description.

My two cents,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580221: ITP: python-libssh2 -- python-libssh2 is a python binding for libssh2 library.

[Frank Lin PIAT]

On Tue, 2010-05-04 at 22:40 +0200, Simon Josefsson wrote:
 Frank Lin PIAT fp...@klabs.be writes:
 
  Note that the two first paragraph are a pristine copy of libssh2
  description... the I18N teams should appreciate ;)
 
 On the other hand, I don't think the libssh2 description is particularly
 useful for a user.  The uppercase acronyms aren't friendly.  How about
 something like this:
 
   libssh2 is a client-side C library implementing the SSH2 protocol
   with support for regular terminal, scp and SFTP sessions; port
   forwarding; password, key-based and keyboard-interactive
   authentication.

Yes, it looks better.
We could file a bug against libssh2 now ;)

   This package contains the python bindings libssh2. It is a fork and
   rewrite of org.keyphrene.

Regards,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579177: ITP: xul-ext-monkeysphere -- Iceweasel/Firefox extension for using Monkeysphere on the web

[Frank Lin PIAT]

On Mon, 2010-05-03 at 12:13 -0400, Jameson Rollins wrote:
 Hi, Frank.  Thanks so much for the feedback.  Responses below.
 
 On Sun, 02 May 2010 23:36:57 +0200, Frank Lin PIAT fp...@klabs.be wrote:
  On Sun, 2010-04-25 at 18:44 -0400, Jameson Graef Rollins wrote:
   * Package name: xul-ext-monkeysphere
 Version : 0.1
  
  The package description could mention that this is an
  early/alpha/experimental release, to avoid deception (and encourage
  feed-back)
 
 This extension definitely is in the early stages of development, but it
 is working for most cases now, and the developers are using it
 routinely.  I'm also not sure how we would indicate that it's alpha or
 experimental in the Package: or Version: fields of the control file,
 which I think is what you're implying.  Do you have a suggestion for
 that?

I have gathered some existing excuses, but none seems to fit your
need.
  http://wiki.debian.org/PackagesDescriptions/Fragments
Based on what you told, upstream might want to number it 0.9 ;)
Still, let me give a try:
 Although the program is still in development stage, It already
  have some useful features, and it is quite stable

Feel free to adjust or rewrite it.

  Wouldn't it be better to state that it's a replacement for X509
  certificates? (there is probably an even better wording, but I can't
  find it).
 
 Monkeysphere is not actually a replacement for X.509, at least not in
 the sense of using Monkeysphere *or* X.509.  The goal of Monkeysphere,
 broadly, is to expand the usage of OpenPGP for authentication on the
 net.  In the context of the web, the Monkeysphere xul extension can be
 used to validate sites that have put their host keys on the OpenPGP Web
 of Trust (WOT).  However, the extension actually currently relies upon
 sites providing an X.509 certificate through normal TLS channels.  We
 provide a fallback validation check using the WOT when the standard
 X.509 validation fails.  Our goal is not to disrupt standard X.509
 validation if the user wishes to continue to rely upon it, but to
 instead provide an alternative to standard X.509 validation that uses
 OpenPGP and the WOT.

ok we just have to figure out how to write that in 4 or 5 lines ;)

Monkeysphere uses OpenPGP's « Web of Trust » to validate X509
 certificates that aren't signed by a known certificate authorities
 (CA).

We could also something like this:

In regular public key infrastructure (PKI), X509 certificates
 are signed by a third party organisations, that are considered to 
 be trusted by both the webserver-admin and the web-browser vendor.


 I agree, though, that it is relevant to mention X.509 in the package
 description, at least in the sense of providing an alternative, but I
 feel like we're currently doing that with this bit:
 
   This extensions enables Monkeysphere checking of X.509 certificates
   from https hosts whose keys are in the web of trust.
 
 Does this not seem clear enough?  Or is there something else that we're
 missing in the description to make things clearer?
 
  The long description should mention that this package contains an
  Iceweasel extensions, maybe:
   This package contains an Iceweasel/Firefox extensions to use
Monkeysphere for checking of X.509 certificates from https hosts 
whose keys are in the web of trust.
 
 Good point.  We'll fix that.

Again, just my 2 cents ;)

Franklin




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579675: ITP: goban -- Goban screensaver

[Frank Lin PIAT]

On Mon, 2010-05-03 at 17:01 +0400, Al Nikolov wrote:
 On Monday 03 May 2010 00:28:55 Frank Lin PIAT wrote:
 Description : Goban screensaver
 
  The short description should not include the package name, maybe
  something like:
screen saver replaying games of Go

   Replays historical games of go (aka wei-chi and baduk) on the screen.
 
  The long description could/should also mention:
  - that it's a screen-saver.
 
 If this is mentioned in the short description?

The short description is like the subject of an email.
see developper-reference[1].

  - that it is Designed to work with xscreensaver and Gnome.
 
 I don't think it should be linked with Gnome somehow.

I suppose it should only mention Gnome if it actually uses Gnome libs,
or if integrates with gnome properly. (My suggestion was based on my
understanding of upstream's  website).

 Xscreensaver is almost standard part of every usual desktop
 installation, at least for Gnome/KDE, and it is in Required. 

xscreensaver is not part of Lenny/Gnome desktop. I would file a bug if
Squeeze/Gnome were recommending xscreensaver.

Anyway, it doesn't matter to mention xscreensaver in the description,
the package will depend on it, isn't it?

  - which historical games of go are replayed? (the game played
using cgoban, right?)
 
 Well, no. Actually the original source tarball is consisting of some set of 
 historic games which can be easily extended/replaced by user.

Even though this is possible, I suppose that very few users will do it,
so it isn't the main feature.

So, maybe something like:
 This is a screen saver that replays some games of go (aka wei-chi and
  baduk). The pre-recorded games shipped in the packages were recorded
  during various tournaments
(please review this description carefully, especially the statement in
the second sentence).

Feel free to improve/rewrite my suggestions.

Franklin

[1] 
http://www.debian.org/doc/developers-reference/best-pkging-practices.html#bpp-pkg-synopsis




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579284: ITP: voxbo -- processing, statistical analysis, and display of brain imaging data

[Frank Lin PIAT]

On Mon, 2010-04-26 at 15:05 -0400, Michael Hanke wrote:
 Package: wnpp
 Severity: wishlist
 Owner: Michael Hanke michael.ha...@gmail.com
 
 * Package name: voxbo
   Version : 1.8.5
   Upstream Author : Daniel Kimberg kimberg mail.med.upenn.edu
 * URL : http://www.voxbo.org
 * License : GPL-3
   Programming Lang: C++
   Description : processing, statistical analysis, and display of brain 
 imaging data

This is a pretty long short-description, I suggest:
  analysis, and display of brain imaging data

  This is a toolkit for analysis of functional neuroimaging (chiefly
  fMRI) experiments and voxel-based lesion-behavior mapping. VoxBo
  supports the modified GLM (for autocorrelated data), as well as the
  standard GLM for non-autocorrelated data. The toolkit is designed to be
  interoperable with AFNI, FSL, SPM and others.

The package description could mention that it is targeted for medical
field.

Regards,

Franklin






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579675: ITP: goban -- Goban screensaver / copyright issue

[Frank Lin PIAT]

On Thu, 2010-04-29 at 22:36 +0400, Al Nikolov wrote:
 
 * Package name: goban
 * URL : http://draves.org/goban/
 * License : GPL

From what I understood, the package contains a copy of some games that
were recorded during some tournaments.

The records are retrieved from [1], but the website mention:
  « The databases on this site are a service to the Go Community:The
databases have been compiled by Jan van Rongen and are his
copyright. They can be distributed freely, as long as this 
copyright statement is distributed with them. The databases 
shall not be made part of any [non] commercially available 
database collection of games of go without the written 
permission of Jan van Rongen. »

1. Do you think Jan van Rongen actually owns some copyright on 
   those files (I am not sure if he played any of those games)

2. If Jan van Rongen owns some copyright, I am afraid the games
   are non-free (are they).

   Description : Goban screensaver
 
 Replays historical games of go (aka wei-chi and baduk) on the screen.

Regards,

Franklin

[1] http://www.xs4all.nl/~rongen17/




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580160: groovy: stargGroovy can't find javac

[Frank Lin PIAT]

Package: groovy
Version: 1.7.0-3
Severity: normal


Well, an example is worth long explainations:

$ startGroovy 
startGroovy: JAVA_HOME not set and cannot find javac to deduce location,
please set JAVA_HOME.

$groovy
groovy: JAVA_HOME not set and cannot find javac to deduce location,
please set JAVA_HOME.

$groovysh 
groovysh: JAVA_HOME not set and cannot find javac to deduce location,
please set JAVA_HOME.

$ javac
bash: javac: command not found

$ls -o /etc/alternatives/java* | sed -e 's/ - /\n\t\0/'
lrwxrwxrwx. 1 root 36 2010-03-17 23:15 /etc/alternatives/java
 - /usr/lib/jvm/java-6-sun/jre/bin/java
lrwxrwxrwx. 1 root 46 2010-03-17 23:15 /etc/alternatives/java.1.gz
 - /usr/lib/jvm/java-6-sun/jre/man/man1/java.1.gz
lrwxrwxrwx. 1 root 39 2009-12-31 08:18 /etc/alternatives/java_vm
 - /usr/lib/jvm/java-6-sun/jre/bin/java_vm
lrwxrwxrwx. 1 root 42 2010-02-05 16:06 /etc/alternatives/javaws
 - /usr/lib/jvm/java-6-openjdk/jre/bin/javaws
lrwxrwxrwx. 1 root 52 2010-02-05 16:06 /etc/alternatives/javaws.1.gz
 - /usr/lib/jvm/java-6-openjdk/jre/man/man1/javaws.1.gz

Regards,

Franklin


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages groovy depends on:
ii  antlr2.7.7-14language tool for constructing rec
ii  gij-4.3 [java5-runtime-headl 4.3.4-4 The GNU Java bytecode interpreter
ii  ivy  2.1.0-1 The agile dependency manager
ii  junit4   4.8.1-3 JUnit regression test framework fo
ii  libasm3-java 3.2-3   Java bytecode manipulation framewo
ii  libbsf-java  1:2.4.0-3   Bean Scripting Framework to suppor
ii  libclassworlds-java  1.1-final-4 framework for container developers
ii  libcommons-cli-java  1.2-2   API for working with the command l
ii  libcommons-logging-java  1.1.1-7 commmon wrapper interface for seve
ii  libjline-java0.9.94-5Java library for handling console 
ii  libmockobjects-java  0.09-3  Framework for developing and using
ii  libregexp-java   1.5-2   Regular expression library for Jav
ii  libservlet2.4-java   5.0.30-12   Servlet 2.4 and JSP 2.0 Java libra
ii  libxstream-java  1.3.1-6 Java library to serialize objects 
ii  openjdk-6-jre-headless [java 6b18-1.8-1  OpenJDK Java runtime, using Hotspo
ii  sun-java6-jre [java5-runtime 6.20-dlj-1  Sun Java(TM) Runtime Environment (

groovy recommends no packages.

Versions of packages groovy suggests:
ii  ant   1.8.0-3Java based build tool like make
pn  groovy-docnone (no description available)

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580186: python-moinmoin: xmlrpc requests are broken (moin 1.9.2 with werkzeug 0.6+)

[Frank Lin PIAT]

Package: python-moinmoin
Version: 1.9.2-3
Severity: normal
Tags: patch

XmlRPC/WikiRpc getPage and putPage are broken in Moin 1.9.2

Example, using get.py:
 import xmlrpclib
 wikiurl = http://localhost:8080/;
 homewiki = xmlrpclib.ServerProxy(wikiurl + ?action=xmlrpc2,
 allow_none=True)
 pagename = 'FrontPage'
 raw_text = homewiki.getPage(pagename)
 print raw_text

Fails with:

Traceback (most recent call last):
  File get.py, line 8, in module
raw_text = homewiki.getPage(pagename)
  File /usr/lib/python2.5/xmlrpclib.py, line 1147, in __call__
return self.__send(self.__name, args)
  File /usr/lib/python2.5/xmlrpclib.py, line 1437, in __request
verbose=self.__verbose
  File /usr/lib/python2.5/xmlrpclib.py, line 1201, in request
return self._parse_response(h.getfile(), sock)
  File /usr/lib/python2.5/xmlrpclib.py, line 1340, in _parse_response
return u.close()
  File /usr/lib/python2.5/xmlrpclib.py, line 787, in close
raise Fault(**self._stack[0])
xmlrpclib.Fault: Fault 1: 'type \'exceptions.AttributeError\': 
\'XMLRPCContext\' object has no attribute \'in_data\'\n  File 
/usr/lib/pymodules/python2.5/MoinMoin/xmlrpc/__init__.py, line 137, in 
process\ndata = request.in_data\n\n  File 
/usr/lib/pymodules/python2.5/MoinMoin/web/contexts.py, line 224, in 
__getattr__\nreturn super(HTTPContext, self).__getattribute__(name)\n'


This bug was already forwarded upstream, and they already provided a patch:
 http://hg.moinmo.in/moin/1.9/rev/87dae5077cae

Regards,

Franklin

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-4-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages python-moinmoin depends on:
ii  python  2.5.4-9  An interactive high-level object-o
ii  python-parsedatetime0.8.7-1  Python module to parse human-reada
ii  python-pygments 1.3.1+dfsg-1 syntax highlighting package writte
ii  python-support  1.0.8automated rebuilding support for P
ii  python-werkzeug 0.6.2-1  collection of utilities for WSGI a

Versions of packages python-moinmoin recommends:
ii  apache2-mpm-prefork [httpd-cg 2.2.15-3   Apache HTTP Server - traditional n
ii  exim4-daemon-light [mail-tran 4.71-4 lightweight Exim MTA (v4) daemon
ii  fckeditor 1:2.6.6-1  rich text format javascript web ed
ii  libapache2-mod-wsgi   3.2-1  Python WSGI adapter module for Apa
ii  python-xapian 1.0.19-1   Xapian search engine interface for
ii  python-xappy  0.5-2  easy-to-use interface to the Xapia

Versions of packages python-moinmoin suggests:
pn  antiword  none (no description available)
pn  catdocnone (no description available)
ii  docbook-dsssl 1.79-6 modular DocBook DSSSL stylesheets,
ii  miscfiles [wordlist]  1.4.2.dfsg.1-9 Dictionaries and other interesting
ii  poppler-utils [xpdf-utils 0.12.4-1   PDF utilitites (based on libpopple
ii  python-4suite-xml 1.0.2-7.2+b1   An open-source platform for XML an
ii  python-docutils   0.6-3  utilities for the documentation of
ii  python-flup   1.0.2-1Implements Python Web Server Gatew
pn  python-gdchartnone (no description available)
pn  python-ldap   none (no description available)
ii  python-mysqldb1.2.2-10+b1A Python interface to MySQL
ii  python-openid 2.2.4-1OpenID support for servers and con
pn  python-pyxmpp none (no description available)
pn  python-tz none (no description available)
pn  python-xmlnone (no description available)
pn  smbfs none (no description available)
ii  wamerican [wordlist]  6-3American English dictionary words 
ii  wfrench [wordlist]1.2.3-8French dictionary words for /usr/s

-- Configuration Files:
/etc/moin/apache.conf changed [not included]
/etc/moin/farmconfig.py changed [not included]
/etc/moin/mywiki.py changed [not included]
/etc/moin/wikilist changed [not included]

-- no debconf information

-- debsums errors found:
debsums: changed file /usr/share/moin/server/moin.wsgi (from python-moinmoin 
package)



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579284: ITP: voxbo -- processing, statistical analysis, and display of brain imaging data

[Frank Lin PIAT]

On Mon, 2010-05-03 at 19:11 -0400, Michael Hanke wrote:
 On Tue, May 04, 2010 at 12:43:35AM +0200, Frank Lin PIAT wrote:
  On Mon, 2010-04-26 at 15:05 -0400, Michael Hanke wrote:
   
   * Package name: voxbo
 Description : processing, statistical analysis, and display of 
   brain imaging data
 
This is a toolkit for analysis of functional neuroimaging (chiefly
fMRI) experiments and voxel-based lesion-behavior mapping. VoxBo
supports the modified GLM (for autocorrelated data), as well as the
standard GLM for non-autocorrelated data. The toolkit is designed to be
interoperable with AFNI, FSL, SPM and others.
  
  The package description could mention that it is targeted for medical
  field.
 
 Do you have any specific phrase in mind. Voxbo is not limited to medical
 usecases, but first and foremost neuroimaging/cognitive neuroscience research.

May be something like:
---
This is a toolkit for analysis of functional neuroimaging (chiefly
fMRI) experiments and voxel-based lesion-behavior mapping. It is
primarily used in neuroimaging and cognitive neuroscience research.
.
VoxBo supports the modified GLM (for autocorrelated data), as well as
the standard GLM for non-autocorrelated data. The toolkit is designed to
be interoperable with AFNI, FSL, SPM and others.
---

Regards,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#580186: Acknowledgement (python-moinmoin: xmlrpc requests are broken (moin 1.9.2 with werkzeug 0.6+))

[Frank Lin PIAT]

forwarded 580186 
http://moinmo.in/MoinMoinBugs/1.9.2XMLRPCContext_object_has_no_attribute_in-data
tag 580186 pending




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579675: ITP: goban -- Goban screensaver

[Frank Lin PIAT]

Hello,

On Thu, 2010-04-29 at 22:36 +0400, Al Nikolov wrote:
 Package: wnpp
 Severity: wishlist
 Owner: Al Nikolov cl...@debian.org
 
 
 * Package name: goban
   Version : 1.1
   Upstream Author : Scott Draves s...@draves.org
 * URL : http://draves.org/goban/
 * License : GPL
   Programming Lang: C
   Description : Goban screensaver

The short description should not include the package name, maybe
something like:
  screen saver replaying games of Go

 Replays historical games of go (aka wei-chi and baduk) on the screen.

The long description could/should also mention:
- that it's a screen-saver.
- that it is Designed to work with xscreensaver and Gnome.
- which historical games of go are replayed? (the game played
  using cgoban, right?)

Franklin






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579569: ITP: ants -- advanced normalization tools for brain and image mapping

[Frank Lin PIAT]

On Wed, 2010-04-28 at 13:23 -0400, Yaroslav Halchenko wrote:
 
 * Package name: ants
   Description : advanced normalization tools for brain and image mapping
 
 The ANTS package is designed to enable researchers with advanced tools for
 brain and image mapping. 
 ^^
This paragraph could be written in a way to clarify that this tool
analyses brain images (i.e it has nothing to do with organizing
mind/ideas)

 Many of the ANTS registration tools are
 diffeomorphic, but deformation (elastic and BSpline) transformations are
 available. Unique components of ANTS include multivariate similarity metrics,
 landmark guidance, the ability to use label images to guide the mapping and
 both greedy and space-time optimal implementations of diffeomorphisms. The
 symmetric normalization (SyN) strategy is a part of the ANTS toolkit as is
 directly manipulated free form deformation (DMFFD).

Thanks,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579600: ITP: sigrok -- Crossplatform logic analyzer and protocol decoder software

[Frank Lin PIAT]

On Thu, 2010-04-29 at 00:41 +0200, Uwe Hermann wrote:
 Owner: Uwe Hermann u...@debian.org
 
 * Package name: sigrok
   Version : 0.1

Version is 0.1... the package description could mention that the
software is an early release (alpha/experimental), to avoid deception
(and encourage feed-back).

   Description : Crossplatform logic analyzer and protocol decoder software

Some suggestions to improve the description:

 sigrok is a portable, cross-platform, Free/Libre/Open-Source logic analyzer
 software

This paragraph applies to the whole Debian archive, so it could be
dropped.

 that supports various logic analyzer hardware products.
So, the description could start with:
 sigrok is a logic analyzer and protocol decoder software...
Then 
 This is used by [whom] to help doing [what].

 Design goals:

Those features could be written as text, rather than bullets.

  - Broad hardware support. Supports a wide variety of logic analyzers
from various vendors with different capabilities.

Isn't that implicit, from the list below?

  - Cross-platform. Works on Linux, Mac OS X and Windows,

Does this really matter to Debian users?

  and on many architectures including x86, ARM, Sparc and PowerPC.

Unless this feature is unique to this tool, it can be dropped.

  - Scriptable protocol decoding. Extendable with protocol decoders
and analyzers written in Python.
  - Format support. Supports various input and output formats (raw,
ASCII, hex, CSV, gnuplot, VCD, others).
  
 Supported (and/or work-in-progress) logic analyzer devices:
(A list is fine here.)
  - Saleae Logic
  - EE Electronics XLA/ESLA100
  - ASIX SIGMA
  - Openbench Logic Sniffer
  - ZEROPLUS Logic Cube LAP-C series
  - CWAV USBee SX
  - Braintechnology USB-LPS
  - Buspirate (v3)
  - Intronix Logicport

My cents,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579692: ITP: libtest-inter-perl -- framework for more readable interactive test scripts

[Frank Lin PIAT]

On Thu, 2010-04-29 at 22:03 +0100, Chris Butler wrote:
 Package: wnpp
 Owner: Chris Butler chr...@debian.org
 Severity: wishlist
 X-Debbugs-CC: debian-de...@lists.debian.org,debian-p...@lists.debian.org
 
 * Package name: libtest-inter-perl
   Version : 1.01
   Upstream Author : Sullivan Beck sb...@cpan.org
 * URL : http://search.cpan.org/dist/Test-Inter/
 * License : Artistic or GPL-1+
   Programming Lang: Perl
   Description : framework for more readable interactive test scripts

Just a quick suggestion to improve the description:

 Test::Inter is another framework for writing test scripts. It is loosely
  ^ insert for perl developers.
which clarifies:
- the programming language
- who are the intended users (i.e the developers)

 inspired by Test::More, and has most of it's functionality, but it is
 not a drop-in replacement.
 
 This framework offers the ability to write the tests in a more readable
 format, and you can access specific tests in a reasonably interactive fashion.

My 2¢,

Franklin




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579147: ITP: libapp-cpanminus-perl -- Get, unpack, build and install modules from CPAN

[Frank Lin PIAT]

On Sun, 2010-04-25 at 18:12 +, Jeremiah C. Foster wrote:
 
 * Package name: libapp-cpanminus-perl
   Description : Get, unpack, build and install modules from CPAN
 
  A dependency free, zero configuration, and stand alone CPAN module
  installer. Maintainable and extensible with plugins and friendly 
  to shell scripting. When running, it requires only 10MB of RAM.

The package description should mention that the modules aren't
integrated with Debian packaging (no resolution dependency ; some
conflicts may happens ; security updates aren't handled by apt***, etc).
Also, installing the same module on 2 systems at a few days interval
does not guarantee to install the the version (isn't it?)

So the preferred way to install a perl module in Debian is to use
package from Debian)

My 2 cents,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579177: ITP: xul-ext-monkeysphere -- Iceweasel/Firefox extension for using Monkeysphere on the web

[Frank Lin PIAT]

On Sun, 2010-04-25 at 18:44 -0400, Jameson Graef Rollins wrote:
 * Package name: xul-ext-monkeysphere
   Version : 0.1

The package description could mention that this is an
early/alpha/experimental release, to avoid deception (and encourage
feed-back)


   Description : Iceweasel/Firefox extension for using Monkeysphere on the 
 web
 
 Monkeysphere is a system for using the OpenPGP web of trust 
 as a PKI for rsa keys.
   ^^^ Is it appropriate to name those keys RSA

Wouldn't it be better to state that it's a replacement for X509
certificates? (there is probably an even better wording, but I can't
find it).

 This extensions enables Monkeysphere checking of X.509 certificates
 from https hosts whose keys are in the web of trust.

The long description should mention that this package contains an
Iceweasel extensions, maybe:
 This package contains an Iceweasel/Firefox extensions to use
  Monkeysphere for checking of X.509 certificates from https hosts 
  whose keys are in the web of trust.


My 2 cents,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579401: ITP: pyopenfst -- Python bindings for the OpenFst library

[Frank Lin PIAT]

Hello,

On Tue, 2010-04-27 at 17:04 +0200, Jakub Wilk wrote:
 Package: wnpp
 Severity: wishlist
 Owner: Jakub Wilk jw...@debian.org
 
 * Package name: pyopenfst
python-openfst ?

Version : (not released yet)
Upstream Author : Thomas Breuel, David Huggins-Daines
 * URL : http://code.google.com/p/pyopenfst/
 * License : Apache License 2.0
Programming Lang: C++
Description : Python bindings for the OpenFst library
 
 The OpenFST library implements algorithms on weighted finite state 
 transducers. The PyOpenFST project contains bindings for the library.

I would suggest duplicating libopenfst's description, then add that this
is python binding, like:


OpenFst is a library for constructing, combining, optimizing, and 
searching weighted finite-state transducers (FSTs). Weighted 
finite-state transducers are automata where each transition has an input
label, an output label, and a weight. The more familiar finite-state 
acceptor is represented as a transducer with each transition's input and
output label equal. Finite-state acceptors are used to represent sets of
strings (specifically, regular or rational sets); finite-state 
transducers are used to represent binary relations between pairs of 
strings (specifically, rational transductions). The weights can be used 
to represent the cost of taking a particular transition.

This package (known upstream as PyOpenFST), contains the python
bindings.


Regards,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579373: ITP: zthreads -- A platform-independent, multi-threading and synchronization library for C++

[Frank Lin PIAT]

On Tue, 2010-04-27 at 14:07 +0200, Cleto Martin Angelina wrote:
 Package: wnpp
 Severity: wishlist
 Owner: Cleto Martin Angelina cleto.mar...@gmail.com
 Owner: Cleto Martin Angelina cleto.mar...@gmail.com
 
 * Package name: zthreads
libzthreads?
   Version : 2.3.2
   Upstream Author : Eric Crahen ecra...@users.sourceforge.net
 * URL : http://zthread.sourceforge.net/
 * License : MIT
   Programming Lang: C++
   Description : A platform-independent, multi-threading, object-oriented 
 and synchronization library for C++
This is a pretty long short description.
I would suggest something like:
  synchronization library
or
  synchronization library for C++

 Zthreads is an advanced platform-independant, object-oriented
 threading and synchronization library. Designed and tested under POSIX
  Win32 systems. Not just another thread wrapper.
 ..
 It provides several structures for concurrent programming like
 PoolExecutor, MonitoredQueue, Barriers and much more. Futhermore,
  ^^
  My spell checker suggest: Furthermore 
 structures like Task and Thread are provided for creating threading
 applications in C++ easier.

 This library is used in Bruce Eckel's book Thinking in
 C++ as a good framework for concurrent programming.

This last paragraph could/should be dropped. (IMHO, this sounds like
advertising, and it isn't a useful information about what the package is
doing / why it is useful / when it it should be used)

Thanks,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579104: ITP: libopengl-xscreensaver-perl -- Helper module for writing OpenGL-based XScreenSaver hacks

[Frank Lin PIAT]

On Sun, 2010-04-25 at 13:10 +0200, Maximilian Gass wrote:
 Package: wnpp
 Owner: Maximilian Gass m...@cloudconnected.org
 Severity: wishlist
 X-Debbugs-CC: debian-de...@lists.debian.org,debian-p...@lists.debian.org
 
 * Package name: libopengl-xscreensaver-perl
   Version : 0.04
   Upstream Author : Lars Stoltenow pe...@penma.de
 * URL : http://search.cpan.org/dist/OpenGL-XScreenSaver/
 * License : Artistic or GPL-1+
  ^^
  I don't think I have ever seen
  that license ;)
  check the source, but it is
  likely to be GPL-2 or later

  The upstream tarball was missing a copyright statement, therefore I asked
  upstream to provide one:
   Programming Lang: Perl
   Description : Helper module for writing OpenGL-based XScreenSaver hacks
 
 OpenGL::XScreenSaver allows you to write OpenGL XScreenSaver hacks in Perl.
 It prepares the GL to be used with XScreenSaver.
 
 This module provides some methods supporting both preview and fullscreen mode.






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579076: ITP: bitfrost -- Python library for BIOS security on the OLPC XO laptop

[Frank Lin PIAT]

On Sat, 2010-04-24 at 23:17 -0400, Luke Faraone wrote:
 
 * Package name: bitfrost
   Description : Python library for BIOS security on the OLPC XO laptop
 
 Bitfrost is the OLPC security platform. This package contains tools to
 handle securing the early boot stages of the system running on the XO
 laptop.

Hello,

The package description could be improved, to mention what the package
is doing :
Is it executed at boot time (I doubt so), or is it use to configure the
bootload and/or the firmware?

Also, what kind of security does it configures? (define a boot password,
protect the access to the firmware? configure the boot sequence, etc.)

If it configures the firmware, does one needs that tool to revert the
changes, or can it be done from the firmware itself?

Thanks,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#578750: ITP: kmid -- MIDI/Karaoke player for KDE

[Frank Lin PIAT]

Hello Lisandro,

On Thu, 2010-04-22 at 10:40 -0300, Lisandro Damián Nicanor Pérez Meyer
wrote:
 
 * Package name: kmid
is it kmid or kmid2?

   Description : MIDI/Karaoke player for KDE

 KMid is a rewrite from scratch of the original KDE midi player.
   
   Not so useful for end-user
 It plays MIDI and karaoke files.

I would suggest:
 This package provides a MIDI and karaoke player for KDE. KMid2 is a
 rewrite of kmid for KDE4, with a new architecture and also some new
 features.

Upstream description also list some interesting features, which could de
included (I have dropped some bullets, it could be shorted further to
only list the nice features of this MID player).

 Some major features:
 * Playback to external hardware MIDI devices.
 * Allows to use software synths as well.
 * Tempo and volume controls.
 * Pitch (transpose) control.
 * Rhythm view (visual metronome).
 * Configurable character encoding, font and color for lyrics.
 * MIDI Mapper.
 * Channels window, with solo/muting controls and instrument selectors.
 * MIDI sequencing is implemented on pluggable backends.

Does it just play .MID files, or does it also plays some similar files?

Regards,

Franklin




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579401: ITP: pyopenfst -- Python bindings for the OpenFst library

[Frank Lin PIAT]

Jakub Wilk wrote:
 * Frank Lin PIAT fp...@klabs.be, 2010-04-28, 08:33:
 * Package name: pyopenfst
python-openfst ?

 I don't see any reason to deviate from the upstream name. (Python Policy
 2.2 does not apply here, as it doesn't talk about source package names.)

I suppose that the source will be named pyopenfst, and the binary
will be named python-openfst.
That's why I have included (known upstream as PyOpenFST) in the
description, so people doing aptitude search pyopenfst find it.

I would suggest duplicating libopenfst's description, then add that this
is python binding, like: [..]

 Agreed, thanks for your feedback.

Thanks,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579189: python-moinmoin: incorrect whitespace escape in search result URL

[Frank Lin PIAT]

tag 579189 +pending
thanks

Upstream patch is backported:
http://git.debian.org/?p=collab-maint/moin.git;a=commitdiff;h=091541d54f80f15c9ea6145aff7eb397b42cec4c





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579189: python-moinmoin: incorrect whitespace escape in search result URL

[Frank Lin PIAT]

Hello,

On Sun, 2010-04-25 at 22:41 -0700, Chuan-kai Lin wrote:
 
 When I search for a term using the MoinMoin built-in search
 functionality, and the search term matches exactly one document whose
 name contains a space, the search functionality redirects the user to a
 broken URL that does not exist.  The redirected URL is broken due to
 incorrect white-space escape.
   http://wiki_host/Debian%2520Rocks

This bug can't be reproduced in upstream release. It is because we use
Debian's system wide python-werkzeug (0.6+), rather that shipping a copy
(moinmoin upstream ships 0.5).

 Versions of packages python-moinmoin depends on:
 ii  python-werkzeug 0.6-1collection of utilities for WSGI 
 a

The bug still needs to be fixed.

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579189: python-moinmoin: incorrect whitespace escape in search result URL

[Frank Lin PIAT]

forwarded 579189 http://moinmo.in/MoinMoinBugs/RedirectIsBrokenWithWerkzeug0.6
thanks

On Tue, 2010-04-27 at 23:27 +0200, Frank Lin PIAT wrote:
 
 On Sun, 2010-04-25 at 22:41 -0700, Chuan-kai Lin wrote:
  
  When I search for a term using the MoinMoin built-in search
  functionality, and the search term matches exactly one document whose
  name contains a space, the search functionality redirects the user to a
  broken URL that does not exist.  The redirected URL is broken due to
  incorrect white-space escape.
http://wiki_host/Debian%2520Rocks
 
 This bug can't be reproduced in upstream release. It is because we use
 Debian's system wide python-werkzeug (0.6+), rather that shipping a copy
 (moinmoin upstream ships 0.5).

The same problem occurs for redirect page, like:
  #redirect Debian Rocks






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#579311: ns3: Description doesn't describe what the package is about

[Frank Lin PIAT]

Package: ns3
Severity: normal

The package description provide little information about what the
package is doing:

 ns-3 is a discrete-event network simulator for Internet systems, targeted 
  
 primarily for research and educational use.

This paragraph should be extend. What kind of simulation is performed?
(which OSI level? what kind of network does it simulate? what can be
performed? can it simulate real life network? what tool can be 
tested: routing? sniffing...)?

Who can use it? in what situation? Can it be useful in real life? what for?

 ns-3 is free software, licensed under the GNU GPLv2 license, and is 
 publicly available for research, development, and use.

This paragraph could be dropped completely. (the package is in Debian main,
right?)

 ns-3 is intended as an eventual replacement for the popular ns-2 simulator.
This is quite obvious and it can be dropped? (except if ns-2 was really
popular, but ns-3 isn't yet)

 The project acronym “nsnam” derives historically from the concatenation of
 ns (network simulator) and nam (network animator).
 

My 2¢,

Franklin

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#578405: python-moinmoin: Ship symlink in /usr/share/moin/data/dict

[Frank Lin PIAT]

On Tue, 2010-04-20 at 08:25 +0200, Jonas Smedegaard wrote:
 On Mon, Apr 19, 2010 at 11:51:04PM +0200, Frank Lin PIAT wrote:
 
  On Mon, Apr 19, 2010 at 04:54:10PM +0100, Sam Morris wrote:
  /usr/share/moin/data/dict contains an empty 'dummy_dict' file. It 
  would be cool if it contained a symlink to the (absolute) path 
  /usr/share/dict/words so that wikis created on the system would have 
  working spellchecking by default. :)
 
 Creating an absolute symlink would be a violation to the Policy, 
 however, there is another solution:
 
 ln -s ../../usr/share/dict/words /etc/moin/dict
 
 Yeah - but a relative symlink braks when moved around.

I think ou missed the fact that the symlinks is in /etc/moin ;)

 So make sure to mention that the link should be adjusted or replaced
 if any guides suggest to make a copy and store it somewhere else (I do
 not recall if that is true about the symlink as it is about the
 underlay).

I should document that people who runs different wiki in different
languages should symlink /etc/moin/dict to /dev/null, and manually
create a symlink in each $data directory.

Regards,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#578405: python-moinmoin: Ship symlink in /usr/share/moin/data/dict

[Frank Lin PIAT]

On Mon, 2010-04-19 at 18:39 +0200, Jonas Smedegaard wrote:
 Hi Sam,
 
 On Mon, Apr 19, 2010 at 04:54:10PM +0100, Sam Morris wrote:
 /usr/share/moin/data/dict contains an empty 'dummy_dict' file. It would 
 be cool if it contained a symlink to the (absolute) path 
 /usr/share/dict/words so that wikis created on the system would have 
 working spellchecking by default. :)

Creating an absolute symlink would be a violation to the Policy,
however, there is another solution:

ln -s ../../usr/share/dict/words /etc/moin/dict

 thanks for the suggestion.

Thank you for pinging me on the issue ;)

A few weeks ago, I noticed that the symlink in /etc/moin/words didn't
work, but my attention went away. I have just digged the issue, the
problem is just that this file should be named dict (see patch
attached)

 If I recall correctly (it was quite some time ago I setup this part of 
 the packaging) the reason for not doing this is that preferred system 
 language (used by e.g. cracklib) might very well be different from 
 webapp language, and wrong dictionary is worse than no dictionary IMO.
 
 Maybe ask via debconf if the system dictionary should be used or not.

What about multi-language support?
 scenario 1: An admin has two wikis in two different languages
 scenario 2: A wiki some contents/pages in different languages

I believe that both problem could be solved if moinmoin where looking
for a distinct dictionary, based on the current page language (see
statement like #language fr)

I have just submitted:
  http://moinmo.in/FeatureRequests/MultiLanguageDict

 I also seem to recall that Moin supports multiple dictionary files, so 
 an alternative could be to ask _which_ dictionaries to use via a 
 freeform debconf string defaulting to words, and symlink all provided 
 words from that string.

It seems to only work for dict file in /etc/moin/ and
in /var/lib/mywiki/ (for typical installation).

Regards,

Franklin
--- debian/rules~   2010-04-14 09:31:19.0 +0200
+++ debian/rules2010-04-19 22:43:22.0 +0200
@@ -121,7 +121,7 @@
 binary-fixup/$(pkg)::
mkdir -p  debian/$(cdbs_curpkg)/usr/share/pyshared/MoinMoin/
ln -s /etc/moin/words debian/$(cdbs_curpkg)/usr/share/pyshared/MoinMoin/
-   ln -s /usr/share/dict/words debian/$(cdbs_curpkg)/etc/moin/words
+   ln -s ../../usr/share/dict/words debian/$(cdbs_curpkg)/etc/moin/dict
 
 # Move underlay to /usr/share/moin
 install/$(pkg)::

Bug#578257: gdevilspie: Package description: Describe what Devils Pie is about

[Frank Lin PIAT]

Package: gdevilspie
Version: 0.31-1
Severity: normal

Hello,

Someone reading gdevilspie's packager description is likely to be
puzzled, unless he/she knows what Devils Pie is about.

I suggest the following package description, which could be improved
further (and reviewed by a native English speaker).

 Devils Pie is a tool to find windows as they are created and perform
 actions on them, such as resizing, moving to another workspace, or
 pinning them to all workspaces.

 This package provides a user interface to write Devils Pie rules and
 to start and stop the Devils Pie daemon.

Thanks,

Franklin

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#442225: Reporting false-positive to Anti-virus vendor

[Frank Lin PIAT]

Hello,

While it was a good idea to report the bug here so other users are aware
of the problem, the best way to solve this issue is to submit the
false positive to the anti-virus editor.

Do you know if the problem still occurs?

(IMHO, one should not use an anti-virus which editor don't let me submit
false positive... what would you do if your anti-virus were to prevent
you for using an important program, like an accounting or bank account
management tool?)

Thanks,

Franklin




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#577853: usb-modeswitch-data: Unusual chars in filenames

[Frank Lin PIAT]

Hello Didier,

On Thu, 2010-04-15 at 10:24 +0200, Didier 'OdyX' Raboud wrote:
 Le jeudi 15 avril 2010 09:47:22 Frank Lin PIAT, vous avez écrit :
  
  The package usb-modeswitch-data provide the file:
/etc/usb_modeswitch.d/16d8:6803:?
  
  The question-mark ? symbol is unusual on unix filesystem, and it is
  almost guaranteed that it is going to break various script (both
  provided by Debian and local admin ones).
  
  Also, I suggest to replace the column too.
 
 Although I recognise that : and ? symbols are somehow special on Unix 
 filesystems, I don't see this as a problem, because usb-modeswitch just 
 works 
 with those files. Thus downgrading severity to wishlist (I am of course open 
 to 
 discussion).

I was not concerned about usb-modeswitch not working, but I was worried
about third-party (bash) script, that may not be prepared to handle
unusual chars. I am especially thinking of script written by the local
system maintainer.
For instance, since the column is a standard delimiter for bash $PATH
variable, many script developer may assume that no single file contains
column.

 Furthermore, this is clearly an upstream issue which should be fixed there, 
 to 
 ensure cross-distribution compatibility, thus tagging as such. I will make 
 sure 
 upstream (CCed) is aware of the issue and eventually commenting on the 
 bugreport.
 
 Is such an action schedule (non-action schedule…) fine for you?

Fixing the bug upstream is probably the sensible thing to do.

Regards,

Franklin




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org