Bug#605391: Patch for CVE-2010-3436 breaks open_basedir
Package: php5 Version: 5.3.3-4 Severity: normal hy, the patch which was added cause CVE-2010-3436 breaks configurations. If you have set: open_basedir=/srv/www/ it breaks. You must now set open_basedir=/srv/www without the ending /. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#577925: tgt missing init script for tgtd
Package: tgt Version: 1:1.0.3-2 Severity: important hy, I can't find any init script for tgt in this or older tgt packages. Please add an init script for tgt to your packages. ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#573139: php5-imagick unable to install on testing/unstable
Package: php5-imagick Version: 2.1.1RC1-1 Severity: important hy, package is not install able on testing and unstable. Please update package to 2.3.0 and build it for php 5.3 Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#510119: rpc.idmapd not working on various 2.6.26.* 2.6.27.* 2.6.28
On Thu, Feb 04, 2010 at 10:49:43AM +1000, Alexander Zangerl wrote: On Mon, 29 Dec 2008 14:15:52 +0100, Ruben Puettmann writes: but rpc.idmapd don't work I get : strace -f -F rpc.idmapd -f -c /etc/idmapd.conf -v ... open(/var/lib/nfs/rpc_pipefs/nfs, O_RDONLY) = 9 fcntl64(9, F_SETSIG, 0xa) = 0 fcntl64(9, 0x402 /* F_??? */, 0x800e) = -1 EINVAL (Invalid argument) ... no idea if this issue is still active, but i've had the same problem recently and found some explanation: http://bugs.gentoo.org/261697 apparently the rpc.idmapd requires dnotify support the kernel. maybe your kernels don't include that? My Kernel was build with dnotify and inotify as you can see in my first mail: CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y Ruben -- Ruben Puettmann ruben.puettm...@rcs-networks.com http://www.rcs-networks.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#548254: Keepalived new Version with major fixes
Package: keepalived
Version: 1.1.17-2
Severity: normal
hy,
there is a new release from keepalived with major fixes:
2009-09-24 Alexandre Cassen acas...@li...
* keepalived-1.1.18 released.
* Fixed compilation warnings
* Updated autoconf kernel version detection. Created a new
configuration option to force kernel versioni selection.
This option can be useful for crosscompilation:
--with-kernel-version={2.2|2.4|2.6}
* Updated media link failure detection strategy. Kernel
linkwatch has been around for long time so set it as
default strategy. Alternatively you can choose to use
MII BSMR polling strategy by adding new keyword
'vrrp_linkbeat_use_polling' in your configuration file.
* Vincent Bernat bernat at luffy.cx fixed ip_vs.h includes.
* Removed vrrp_running and check_running test since it is
already performed by keepalived_running.
* Properly handle father pidfile handling.
* fixed reload handler to properly print out PID.
* Willy and I fixed a signal handling issue while reloading
daemon. A dereferencing master thread issue leading to a
segfault, so that reload was seen as a restart because it
was respawned by keepalived father process.
* Willy fixed a missing UNSET_RELOAD declaration leading to
a potential infinite loop while performing reload.
* Vincent Bernat bernat at luffy.cx fixed initial value
of quorum state on startup and reload. Fixed sorry server
removal to consider quorum state.
* VRRP : Add missing notify calls while entering FAULT state.
* VRRP : Willy added support to delayed script check launch
(up and down). It defines rise and fall keywords. fall
defines the required number of failures to switch in KO mode,
rise defines the number of sucesses to switch in OK mode.
* VRRP : Fixed an IP_DROP_MEMBERSHIP issue while performing
reload. vrrp socket pool is released at first.
Please update the package
Ruben
--
Ruben Puettmann
ru...@puettmann.net
http://www.puettmann.net
signature.asc
Description: Digital signature
Bug#539392: DBD::CSV: perl script to read CSV file does not work
Package: libdbd-csv-perl Version: 0.2200-5 Severity: high hy, executing your script at the command line, I take an error: /tmp/perl $ perl csv.pl DBD::CSV::st execute failed: Error while reading file ./testtable.csv: Bad file descriptor at /usr/lib/perl5/site_perl/5.8.8/DBD/CSV.pm line 210, GEN0 chunk 1. [for Statement SELECT * FROM info] at csv.pl line 11. execute: Error while reading file ./testtable.csv: Bad file descriptor at /usr/lib/perl5/site_perl/5.8.8/DBD/CSV.pm line 210, GEN0 chunk 1. It seems, that there is a bug in DBD::CSV v0.22, consider following posting: http://www.perlmonks.org/?node_id=673399 and this bug ticket: https://rt.cpan.org/Public/Bug/Display.html?id=33764 It is fixed in DBD-CSV-0.24_02 Please update the package. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#533837: strongSwan Two Denial of Service Vulnerabilities
hy,
attached diff will fix tis bug and also bug #525652.
ruben
--
Ruben Puettmann
ru...@puettmann.net
http://www.puettmann.net
diff -Nru strongswan-4.2.14/debian/changelog strongswan-4.2.14/debian/changelog
--- strongswan-4.2.14/debian/changelog 2009-06-21 18:34:54.0 +0200
+++ strongswan-4.2.14/debian/changelog 2009-06-21 18:34:55.0 +0200
@@ -1,3 +1,14 @@
+strongswan (4.2.14-1.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Fix build on i386
+Closes: #525652: FTBFS on i386:
+libstrongswan-padlock.so*': No such file or directory
+ * Fix Two Denial of Service Vulnerabilities
+Closes: #533837: strongSwan Two Denial of Service Vulnerabilities
+
+ -- Ruben Puettmann ru...@puettmann.net Sun, 21 Jun 2009 17:50:02 +0200
+
strongswan (4.2.14-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru strongswan-4.2.14/debian/rules strongswan-4.2.14/debian/rules
--- strongswan-4.2.14/debian/rules 2009-06-21 18:34:54.0 +0200
+++ strongswan-4.2.14/debian/rules 2009-06-21 18:34:55.0 +0200
@@ -41,7 +41,7 @@
# the padlock plugin only makes sense on i386
# but it actually doesn't do much, so maybe we don't need it
ifeq ($(DEB_BUILD_ARCH_CPU),i386)
- CONFIGURE_ARGS += --enable-padlock
+ CONFIGUREARGS += --enable-padlock
endif
patch:
diff -Nru strongswan-4.2.14/src/libstrongswan/asn1/asn1.c
strongswan-4.2.14/src/libstrongswan/asn1/asn1.c
--- strongswan-4.2.14/src/libstrongswan/asn1/asn1.c 2009-04-01
08:16:00.0 +0200
+++ strongswan-4.2.14/src/libstrongswan/asn1/asn1.c 2009-06-21
18:34:55.0 +0200
@@ -261,6 +261,11 @@
len = 256*len + *blob-ptr++;
blob-len--;
}
+ if (len blob-len)
+ {
+ DBG2(length is larger than remaining blob size);
+ return ASN1_INVALID_LENGTH;
+ }
return len;
}
@@ -283,14 +288,20 @@
{
int tz_hour, tz_min;
- sscanf(eot+1, %2d%2d, tz_hour, tz_min);
+ if (sscanf(eot+1, %2d%2d, tz_hour, tz_min) != 2)
+ {
+ return 0; /* error in positive timezone offset format */
+ }
tz_offset = 3600*tz_hour + 60*tz_min; /* positive time zone
offset */
}
else if ((eot = memchr(utctime-ptr, '-', utctime-len)) != NULL)
{
int tz_hour, tz_min;
- sscanf(eot+1, %2d%2d, tz_hour, tz_min);
+ if (sscanf(eot+1, %2d%2d, tz_hour, tz_min) != 2)
+ {
+ return 0; /* error in negative timezone offset format */
+ }
tz_offset = -3600*tz_hour - 60*tz_min; /* negative time zone
offset */
}
else
@@ -303,14 +314,20 @@
const char* format = (type == ASN1_UTCTIME)? %2d%2d%2d%2d%2d:
%4d%2d%2d%2d%2d;
- sscanf(utctime-ptr, format, t.tm_year, t.tm_mon, t.tm_mday,
-
t.tm_hour, t.tm_min);
+ if (sscanf(utctime-ptr, format, t.tm_year, t.tm_mon,
t.tm_mday,
+
t.tm_hour, t.tm_min) != 5)
+ {
+ return 0; /* error in time st [yy]yymmddhhmm time
format */
+ }
}
/* is there a seconds field? */
if ((eot - utctime-ptr) == ((type == ASN1_UTCTIME)?12:14))
{
- sscanf(eot-2, %2d, t.tm_sec);
+ if (sscanf(eot-2, %2d, t.tm_sec) != 1)
+ {
+ return 0; /* error in ss seconds field format */
+ }
}
else
{
diff -Nru strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c
strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c
--- strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c 2009-04-01
08:16:00.0 +0200
+++ strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c 2009-06-21
18:34:55.0 +0200
@@ -160,7 +160,7 @@
blob1-len = asn1_length(blob);
- if (blob1-len == ASN1_INVALID_LENGTH || blob-len blob1-len)
+ if (blob1-len == ASN1_INVALID_LENGTH)
{
DBG1(L%d - %s: length of ASN.1 object invalid or too large,
level, obj.name);
diff -Nru strongswan-4.2.14/src/pluto/asn1.c strongswan-4.2.14/src/pluto/asn1.c
--- strongswan-4.2.14/src/pluto/asn1.c 2009-04-01 08:16:04.0 +0200
+++ strongswan-4.2.14/src/pluto/asn1.c 2009-06-21 18:34:55.0 +0200
@@ -191,6 +191,13 @@
len = 256*len + *blob-ptr++;
blob-len--;
}
+if (len blob-len)
+{
+ DBG(DBG_PARSING,
+ DBG_log(length
Bug#525652: FTBFS on i386: libstrongswan-padlock.so*': No such file or directory
hy,
attached patch will fix this bug and also #533837
Ruben
--
Ruben Puettmann
ru...@puettmann.net
http://www.puettmann.net
diff -Nru strongswan-4.2.14/debian/changelog strongswan-4.2.14/debian/changelog
--- strongswan-4.2.14/debian/changelog 2009-06-21 18:34:54.0 +0200
+++ strongswan-4.2.14/debian/changelog 2009-06-21 18:34:55.0 +0200
@@ -1,3 +1,14 @@
+strongswan (4.2.14-1.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Fix build on i386
+Closes: #525652: FTBFS on i386:
+libstrongswan-padlock.so*': No such file or directory
+ * Fix Two Denial of Service Vulnerabilities
+Closes: #533837: strongSwan Two Denial of Service Vulnerabilities
+
+ -- Ruben Puettmann ru...@puettmann.net Sun, 21 Jun 2009 17:50:02 +0200
+
strongswan (4.2.14-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru strongswan-4.2.14/debian/rules strongswan-4.2.14/debian/rules
--- strongswan-4.2.14/debian/rules 2009-06-21 18:34:54.0 +0200
+++ strongswan-4.2.14/debian/rules 2009-06-21 18:34:55.0 +0200
@@ -41,7 +41,7 @@
# the padlock plugin only makes sense on i386
# but it actually doesn't do much, so maybe we don't need it
ifeq ($(DEB_BUILD_ARCH_CPU),i386)
- CONFIGURE_ARGS += --enable-padlock
+ CONFIGUREARGS += --enable-padlock
endif
patch:
diff -Nru strongswan-4.2.14/src/libstrongswan/asn1/asn1.c
strongswan-4.2.14/src/libstrongswan/asn1/asn1.c
--- strongswan-4.2.14/src/libstrongswan/asn1/asn1.c 2009-04-01
08:16:00.0 +0200
+++ strongswan-4.2.14/src/libstrongswan/asn1/asn1.c 2009-06-21
18:34:55.0 +0200
@@ -261,6 +261,11 @@
len = 256*len + *blob-ptr++;
blob-len--;
}
+ if (len blob-len)
+ {
+ DBG2(length is larger than remaining blob size);
+ return ASN1_INVALID_LENGTH;
+ }
return len;
}
@@ -283,14 +288,20 @@
{
int tz_hour, tz_min;
- sscanf(eot+1, %2d%2d, tz_hour, tz_min);
+ if (sscanf(eot+1, %2d%2d, tz_hour, tz_min) != 2)
+ {
+ return 0; /* error in positive timezone offset format */
+ }
tz_offset = 3600*tz_hour + 60*tz_min; /* positive time zone
offset */
}
else if ((eot = memchr(utctime-ptr, '-', utctime-len)) != NULL)
{
int tz_hour, tz_min;
- sscanf(eot+1, %2d%2d, tz_hour, tz_min);
+ if (sscanf(eot+1, %2d%2d, tz_hour, tz_min) != 2)
+ {
+ return 0; /* error in negative timezone offset format */
+ }
tz_offset = -3600*tz_hour - 60*tz_min; /* negative time zone
offset */
}
else
@@ -303,14 +314,20 @@
const char* format = (type == ASN1_UTCTIME)? %2d%2d%2d%2d%2d:
%4d%2d%2d%2d%2d;
- sscanf(utctime-ptr, format, t.tm_year, t.tm_mon, t.tm_mday,
-
t.tm_hour, t.tm_min);
+ if (sscanf(utctime-ptr, format, t.tm_year, t.tm_mon,
t.tm_mday,
+
t.tm_hour, t.tm_min) != 5)
+ {
+ return 0; /* error in time st [yy]yymmddhhmm time
format */
+ }
}
/* is there a seconds field? */
if ((eot - utctime-ptr) == ((type == ASN1_UTCTIME)?12:14))
{
- sscanf(eot-2, %2d, t.tm_sec);
+ if (sscanf(eot-2, %2d, t.tm_sec) != 1)
+ {
+ return 0; /* error in ss seconds field format */
+ }
}
else
{
diff -Nru strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c
strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c
--- strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c 2009-04-01
08:16:00.0 +0200
+++ strongswan-4.2.14/src/libstrongswan/asn1/asn1_parser.c 2009-06-21
18:34:55.0 +0200
@@ -160,7 +160,7 @@
blob1-len = asn1_length(blob);
- if (blob1-len == ASN1_INVALID_LENGTH || blob-len blob1-len)
+ if (blob1-len == ASN1_INVALID_LENGTH)
{
DBG1(L%d - %s: length of ASN.1 object invalid or too large,
level, obj.name);
diff -Nru strongswan-4.2.14/src/pluto/asn1.c strongswan-4.2.14/src/pluto/asn1.c
--- strongswan-4.2.14/src/pluto/asn1.c 2009-04-01 08:16:04.0 +0200
+++ strongswan-4.2.14/src/pluto/asn1.c 2009-06-21 18:34:55.0 +0200
@@ -191,6 +191,13 @@
len = 256*len + *blob-ptr++;
blob-len--;
}
+if (len blob-len)
+{
+ DBG(DBG_PARSING,
+ DBG_log(length
Bug#533837: strongSwan Two Denial of Service Vulnerabilities
Package: strongswan Severity: serious Tags: security hy, out of the NEW file from the 4.2.16 release: strongswan-4.2.16 - - Applying their fuzzing tool, the Orange Labs vulnerability research team found another two DoS vulnerabilities, one in the rather old ASN.1 parser of Relative Distinguished Names (RDNs) and a second one in the conversion of ASN.1 UTCTIME and GENERALIZEDTIME strings to a time_t value. Malformed X.509 certificate RDNs or timestamps can cause the pluto IKE daemon to crash and restart. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#529843: P3Scan dies if chosen clamd
Package: p3scan Version: 2:2.3.2-7 Severity: important hy, if I try to start p3scan it dies: r...@fw-1:[/etc/p3scan] /etc/init.d/p3scan start Starting transparent pop3 virus- and spam-scanner: p3scan. r...@fw-1:[/etc/p3scan] *** glibc detected *** /usr/sbin/p3scan: corrupted double-linked list: 0x080bf2d0 *** === Backtrace: = /lib/i686/cmov/libc.so.6[0xb7d3bbe9] /lib/i686/cmov/libc.so.6[0xb7d3d76d] /lib/i686/cmov/libc.so.6(__libc_calloc+0xef)[0xb7d3f2cf] /lib/i686/cmov/libc.so.6(open_memstream+0x5d)[0xb7d3358d] /lib/i686/cmov/libc.so.6(__vsyslog_chk+0x78)[0xb7dab0c8] /lib/i686/cmov/libc.so.6(syslog+0x27)[0xb7dab677] /usr/sbin/p3scan[0x804c74b] /usr/sbin/p3scan[0x8057f29] /usr/sbin/p3scan[0x8054a20] /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7ce2775] /usr/sbin/p3scan[0x804a421] === Memory map: 08048000-08078000 r-xp 09:00 3918033/usr/sbin/p3scan 08078000-08079000 rw-p 0002f000 09:00 3918033/usr/sbin/p3scan 08079000-080de000 rw-p 08079000 00:00 0 [heap] b7b0-b7b21000 rw-p b7b0 00:00 0 b7b21000-b7c0 ---p b7b21000 00:00 0 b7c4d000-b7c78000 r-xp 09:00 6135955/lib/libgcc_s.so.1 b7c78000-b7c79000 rw-p 0002a000 09:00 6135955/lib/libgcc_s.so.1 b7c79000-b7c83000 r-xp 09:00 6135821 /lib/i686/cmov/libnss_files-2.9.so b7c83000-b7c84000 r--p 9000 09:00 6135821 /lib/i686/cmov/libnss_files-2.9.so b7c84000-b7c85000 rw-p a000 09:00 6135821 /lib/i686/cmov/libnss_files-2.9.so b7c85000-b7c8e000 r-xp 09:00 6135829 /lib/i686/cmov/libnss_nis-2.9.so b7c8e000-b7c8f000 r--p 8000 09:00 6135829 /lib/i686/cmov/libnss_nis-2.9.so b7c8f000-b7c9 rw-p 9000 09:00 6135829 /lib/i686/cmov/libnss_nis-2.9.so b7c9-b7ca5000 r-xp 09:00 6135818/lib/i686/cmov/libnsl-2.9.so b7ca5000-b7ca6000 r--p 00014000 09:00 6135818/lib/i686/cmov/libnsl-2.9.so b7ca6000-b7ca7000 rw-p 00015000 09:00 6135818/lib/i686/cmov/libnsl-2.9.so b7ca7000-b7ca9000 rw-p b7ca7000 00:00 0 b7ca9000-b7cb r-xp 09:00 6135822 /lib/i686/cmov/libnss_compat-2.9.so b7cb-b7cb1000 r--p 6000 09:00 6135822 /lib/i686/cmov/libnss_compat-2.9.so b7cb1000-b7cb2000 rw-p 7000 09:00 6135822 /lib/i686/cmov/libnss_compat-2.9.so b7cb2000-b7cb3000 rw-p b7cb2000 00:00 0 b7cb3000-b7cc7000 r-xp 09:00 3941818/usr/lib/libz.so.1.2.3.3 b7cc7000-b7cc8000 rw-p 00013000 09:00 3941818/usr/lib/libz.so.1.2.3.3 b7cc8000-b7cca000 r-xp 09:00 6135843/lib/i686/cmov/libdl-2.9.so b7cca000-b7ccb000 r--p 1000 09:00 6135843/lib/i686/cmov/libdl-2.9.so b7ccb000-b7ccc000 rw-p 2000 09:00 6135843/lib/i686/cmov/libdl-2.9.so b7ccc000-b7e26000 r-xp 09:00 6135838/lib/i686/cmov/libc-2.9.so b7e26000-b7e27000 ---p 0015a000 09:00 6135838/lib/i686/cmov/libc-2.9.so b7e27000-b7e29000 r--p 0015a000 09:00 6135838/lib/i686/cmov/libc-2.9.so b7e29000-b7e2a000 rw-p 0015c000 09:00 6135838/lib/i686/cmov/libc-2.9.so b7e2a000-b7e2d000 rw-p b7e2a000 00:00 0 b7e2d000-b7f67000 r-xp 09:00 3940667 /usr/lib/i686/cmov/libcrypto.so.0.9.8 b7f67000-b7f7d000 rw-p 0013a000 09:00 3940667 /usr/lib/i686/cmov/libcrypto.so.0.9.8 b7f7d000-b7f81000 rw-p b7f7d000 00:00 0 b7f81000-b7fc3000 r-xp 09:00 3940666 /usr/lib/i686/cmov/libssl.so.0.9.8 b7fc3000-b7fc7000 rw-p 00042000 09:00 3940666 /usr/lib/i686/cmov/libssl.so.0.9.8 b7fc7000-b7ff7000 r-xp 09:00 3940739/usr/lib/libpcre.so.3.12.1 b7ff7000-b7ff8000 rw-p 0002f000 09:00 3940739/usr/lib/libpcre.so.3.12.1 b7ffb000-b7ffd000 rw-p b7ffb000 00:00 0 b7ffd000-b8019000 r-xp 09:00 6135968/lib/ld-2.9.so b8019000-b801a000 r--p 0001b000 09:00 6135968/lib/ld-2.9.so b801a000-b801b000 rw-p 0001c000 09:00 6135968/lib/ld-2.9.so bff06000-bff1b000 rw-p bffeb000 00:00 0 [stack] e000-f000 r-xp 00:00 0 [vdso] The p3scan.conf is attached Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net ## ## # P3Scan Version 2.3.2 # ## # default configuration file # # all params are set to default # ## ## # # PID File # # where to write a pid-file # # default: /var/run/p3scan/p3scan.pid # pidfile = /var/run/p3scan/p3scan.pid # # Max Child's # # The maximum number of connections we will handle at once. Any further # connections will be dropped. Keep in mind that a number of 10 also # means that 10 viruscanners can
Bug#525652: strongswan: FTBFS on i386: libstrongswan-padlock.so*': No such file or directory
hy, this is a bug in debian/rules. It must be: ifeq ($(DEB_BUILD_ARCH_CPU),i386) CONFIGUREARGS += --enable-padlock endif insted of: ifeq ($(DEB_BUILD_ARCH_CPU),i386) CONFIGURE_ARGS += --enable-padlock endif ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#529854: Please drop root user and group
Package: strongswan Version: 4.2.14-1 Severity: wishlist hy, please build strongswan with: --with-user=USER --with-group=GROUP so it will not run as root. Or is it imposible on Debian Linux? ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#526171: [Pkg-xfce-devel] Bug#526171: Missing icons in menu
On Thu, Apr 30, 2009 at 07:20:45AM +0200, Yves-Alexis Perez wrote: On mer, 2009-04-29 at 23:52 +0200, Ruben Puettmann wrote: See attached images. Rodent isn't compatible with 4.6. Please install an XDG compliant theme (like Tango) and report back. thx, this helped, why is there no dependency on minimal one compliant theme? Why is the xfce4-icon-theme not an compliant theme? Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#525010: undefined symbol: raptor_version_decimal
Package: php5-librdf Version: 1.0.8.1-2 Severity: normal hy, after upgrade I got: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20060613/redland.so' - /usr/lib/php5/20060613/redland.so: undefined symbol: raptor_version_decimal in Unknown on line 0 [Tue Apr 21 15:35:13 2009] [notice] Apache/2.2.11 (Debian) DAV/2 SVN/1.5.6 PHP/5.2.6-3 with Suhosin-Patch mod_ssl/2.2.11 OpenSSL/0.9.8g configured -- resuming normal operations r...@app5:[/tmp] dpkg -l |grep php5 ii libapache2-mod-php5 5.2.6.dfsg.1-3 server-side, HTML-embedded scripting language (Apache 2 module) ii php5 5.2.6.dfsg.1-3 server-side, HTML-embedded scripting language (metapackage) ii php5-cli 5.2.6.dfsg.1-3 command-line interpreter for the php5 scripting language ii php5-common 5.2.6.dfsg.1-3Common files for packages built from the php5 source ii php5-curl 5.2.6.dfsg.1-3CURL module for php5 ii php5-dev 5.2.6.dfsg.1-3Files for PHP5 module development ii php5-gd 5.2.6.dfsg.1-3GD module for php5 ii php5-idn 1.2b-5.3 PHP API for the IDNA library ii php5-imagick 2.1.1RC1-1 ImageMagick module for php5 ii php5-librdf 1.0.8.1-2 PHP5 language bindings for the Redland RDF library ii php5-mcrypt 5.2.6.dfsg.1-3MCrypt module for php5 ii php5-memcache 3.0.1-1 memcache extension module for PHP5 ii php5-memcached0.1.5-1 memcached module for PHP 5 ii php5-mhash5.2.6.dfsg.1-3MHASH module for php5 ii php5-mysql5.2.6.dfsg.1-3MySQL module for php5 ii php5-pspell 5.2.6.dfsg.1-3pspell module for php5 ii php5-recode 5.2.6.dfsg.1-3recode module for php5 ii php5-timezonedb 2008.2-1 Independent timezone database for PHP ii php5-xsl 5.2.6.dfsg.1-3XSL module for php5 r...@app5:[/tmp] dpkg -l |grep rdf ii librdf0 1.0.8-2 Redland Resource Description Framework (RDF) library ii php5-librdf 1.0.8.1-2 PHP5 language bindings for the Redland RDF library Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#523117: SQL Support for strongswan
Package: strongswan Severity: wishlist hy, It would be nice to have the mysql, sqlite and the sql plugin enabled. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#519937: Please provide django-admin.py
Package: python-django Version: 1.0.2-1 Severity: normal hy, it would be very nice if you can provide django-admin.py. In nearly all documentations about django django-admin.py is written not django-admin. Also many software will call django-admin.py insted of django-admin. Example is the django plugin for the eric ide. This confused many user and software. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#519929: eric new upstream version's
Package: eric Version: 4.3.0-2 Severity: normal Hello, there are a new eric version with some bug fixes. Can you please update the package to the newest Version. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#519937: Please provide django-admin.py
On Mon, Mar 16, 2009 at 11:19:12AM +, Chris Lamb wrote: Hy Chris, Specific exceptions to Policy can be made, but they would have to be backed up by stronger arguments beyond the ones you have already brought up - the Eric plugin could surely be patched to fallback to calling django-admin, and the mismatch between the documentation and the script itself is trivial and cosmetic. Thus, I don't believe this change can be made at this time. Sorry. Ok so I will inform the eric maintainer. Could you then please patch the whole python-django-doc and the other documentation which is distributed from debian. So that the local documentation will be ok? Thx for your information. ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#516102: new keepalived release with major fixes
Package: keepalived Version: 1.1.15-1 Severity: normal hy, after long time teher is a new release from keepalived. It hast some serious fixes. 2009-02-15 Release 1.1.16 | Bugfixes * Code clean-up. * Stefan Rompf, stefan at loplof.de extended scheduler to synchronize signal handling by sending the signal number through a self pipe, making signals select()able. Child reaping has been moved to a simple signal synchronous signal handler. Signal shutdown handling has been centralized. * Denis Ovsienko, pilot at etcnet.org extended healthchecker framework to support alpha/omega design. It provides virtual service control in a more fine-graned maner. You may have a look to the SYNOPSIS file to have full picture on configation. It addresses the following issues : - A virtual service is considered up even with an empty RS pool. - There is no reliable mean to avoid service regression, when the server pool becomes too small. - There is no mean to escalate any of the above fault/recovery events. - Real servers are assumed alive initially. This leads to unnecessary state flap on keepalived start. - notify_down isn't executed for working real servers on keepalived shutdown. - There is no reliable mean to handle keepalived stop to move the virtual service over another load balancer. * Stephan Mayr, Mayr.Stefan at swm.de fixed default value for checker loop... a missing TIMER_HZ. * Merge keepalived.init.suse. * Robin Garner, robin.garner at scu.edu.au added support to --log-console facility. * Tobias Klausmann, klausman at schwarzvogel.de fixed an openfile leak while performing reload. * Leo Baltus, Leo.Baltus at omroep.nl extended pidfile handling to allow keepalived to start using configurated pidfile. * VRRP : Siim Poder, siim at p6drad-teel.net fixed IPSEC AH auth to skip IPv4 id field of zero. If zeroed kernel will fill it and lead to an unwanted protocol re-election. * VRRP : Siim Poder, siim at p6drad-teel.net fixed reloading issue. New ip addresses are added (from configuration). State is kept instead of starting from whatever is in configuration file. If prios are changed in such a way, state change can occur after reload. * VRRP : Vincent Bernat, bernat at luffy.cx extended virtual_route to support virtual black hole route as well as multihop route. * VRRP : Stig Thormodsrud, stig at vyatta.com fixed a crash while using virtual_router_id set to 255. * VRRP: Jon DeVree, jadevree at arbor.net fixed arp handling to to initialize the target hardware address, using 0xff as found in arping. Let scripts work without dealing with weight, if the script fails, VRRP fails. * VRRP : Pierre-Yves Ritschard, pierre-yves at spootnik.org removed the GOTO_FAULT state from FSM. * VRRP : Willy Tarreau, w at 1wt.eu fixed link detection handling to support right ioctl values for recent kernel ! It can lead to issue while running instance on a bonding interface. * VRRP : Willy Tarreau, w at 1wt.eu extended scheduler to catch time drift. It implements an internal monotonic clock. It maintains an offset between sysclock and monotonic clock, if computed time if anterior to monotonic time then just update offset. If time computed if fare away into the future then limit delay and recompute offset. * VRRP : Willy Tarreau, w at 1wt.eu fixed autoconf issues. Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#510118: dnotify not work on 2.6.26, 2.6.27 and 2.6.28
Package: dnotify Version: 0.18.0-2 Severity: normal hy, I have here various kernel ( 2.6.26.* 2.6.27.*, 2.6.28) all on i686 built with: CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y but dnotify don't work I get : strace dnotify -A /tmp -e ls ... open(/tmp, O_RDONLY) = 3 fcntl64(3, F_SETSIG, 0x22) = 0 fcntl64(3, 0x402 /* F_??? */, 0x8001) = -1 EINVAL (Invalid argument) ... Ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#510119: rpc.idmapd not working on various 2.6.26.* 2.6.27.* 2.6.28
Package: nfs-common Version: 1:1.1.4-1 Severity: important hy, I have here various kernel ( 2.6.26.* 2.6.27.*, 2.6.28) all on i686 built with: CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y but rpc.idmapd don't work I get : strace -f -F rpc.idmapd -f -c /etc/idmapd.conf -v ... open(/var/lib/nfs/rpc_pipefs/nfs, O_RDONLY) = 9 fcntl64(9, F_SETSIG, 0xa) = 0 fcntl64(9, 0x402 /* F_??? */, 0x800e) = -1 EINVAL (Invalid argument) ... ruben -- Ruben Puettmann ru...@puettmann.net http://www.puettmann.net signature.asc Description: Digital signature
Bug#507130: wireshark only with gnome dependency's
Package: wireshark Version: 1.0.3-1 Severity: normal hy, I try to install wireshark and I got these: Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: gksu gnome-keyring libadns1 libgksu2-0 libgnome-keyring0 libgtop2-7 libgtop2-common liblua5.1-0 libpam-gnome-keyring libportaudio2 wireshark-common Suggested packages: adns-tools The following NEW packages will be installed: gksu gnome-keyring libadns1 libgksu2-0 libgnome-keyring0 libgtop2-7 libgtop2-common liblua5.1-0 libpam-gnome-keyring libportaudio2 wireshark wireshark-common 0 upgraded, 12 newly installed, 0 to remove and 0 not upgraded. Need to get 11.9MB of archives. After this operation, 45.6MB of additional disk space will be used. Do you want to continue [Y/n]? Sorry I don't want the half of gnome on my workstation Why does wireshark need gnome? ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#506730: no mysqlmanager init scripts
Package: mysql-server-5.0 Version: 5.0.67-1 Severity: wishlist hy, it would be very nice if debian would ship some init scripts for using mysqlmanager. Thx Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#501770: eric new upstream version's
Package: eric Version: 4.1.5-1 Severity: normal Hello, there are many new eric version with a lot of nice features and plugins. Can you please update the package to the newest Version. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#500676: openntpd dies cause ipv6 on only v4 enabled machine
Package: openntpd
Version: 3.9p1-7
Severity: important
hy,
on some machines the openntpd dies after random time. The machines have
only ipv4 enabled, and strace give me this output:
[pid 23264] poll( unfinished ...
[pid 23260] ... poll resumed [{fd=4, events=POLLIN}, {fd=-1}], 2, 514000) = 0
[pid 23260] time(NULL) = 1222730519
[pid 23260] time(NULL) = 1222730519
[pid 23260] socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = -1 EAFNOSUPPORT (Address
family not supported by protocol)
[pid 23260] write(2, fatal: client_query socket: Addr..., 69) = 69
[pid 23260] exit_group(1) = ?
Process 23260 detached
... poll resumed [{fd=3, events=POLLIN, revents=POLLIN|POLLHUP}], 1, 15000) =
1
read(3, , 4096) = 0
time(NULL) = 1222730519
stat64(/etc/localtime, {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0
send(4, 26Sep 30 01:21:59 ntpd[23264]:..., 67, MSG_NOSIGNAL) = 67
rt_sigaction(SIGCHLD, {SIG_DFL}, {0x80497c0, [CHLD], SA_RESTART}, 8) = 0
kill(23260, SIGTERM)= -1 ESRCH (No such process)
wait4(-1, NULL, 0, NULL)= -1 ECHILD (No child processes)
time(NULL) = 1222730519
stat64(/etc/localtime, {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0
send(4, 30Sep 30 01:21:59 ntpd[23264]:..., 44, MSG_NOSIGNAL) = 44
exit_group(0) = ?
Process 23264 detached
Seems that the opnentpd get'S from DNS an ipv6 record and dies.
The DNS Entry's for the used NTP Server's:
ntp0IN A194.97.4.214
IN 2001:748:100:60::2
ntp1IN A194.97.5.110
IN 2001:748:200:4::2
Ruben
--
Ruben Puettmann
[EMAIL PROTECTED]
http://www.puettmann.net
signature.asc
Description: Digital signature
Bug#499436: libapache2-mod-log-sql: score_board table missing create
Package: libapache2-mod-log-sql Version: 1.100-13 Severity: normal hy, the file: /usr/share/doc/libapache2-mod-log-sql/create_tables.sql Is missing the sql statement for creating the score_board table. Also the autocreating doesn't run: Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#479655: UNRELEASED; urgency=low
hy, is there a date for this release? It is still not in unstable Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#483537: Amavisd-new cron jobs spams me
Package: amavisd-new Version: 1:2.5.3-1 hy, the amavisd-new cron jobs in /etc/cron.daily and /etc/cron.d/ spams me with this message: /etc/cron.daily/amavisd-new: ERROR: configuration specifies 'use_bayes 0', sa-learn disabled run-parts: /etc/cron.daily/amavisd-new exited with return code 1 Please do a test if use_bayes 1 befor starting the scripts. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#481362: libmagick10 will install iceweasel on update
Package: libmagick10 Version: 7:6.3.7.9.dfsg1-2+b1 Severity: serious hy, I was trying an dist-upgrade on some server's and I saw that libmagick which is needed for imagemagick will install many qt4 stuff and also iceweasel on the server [EMAIL PROTECTED]:[~] apt-get -u dist-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following NEW packages will be installed: djview4 djvulibre-plugin iceweasel libaudio2 libdjvulibre21 libhunspell-1.2-0 libilmbase6 libmng1 libnspr4-0d libnss3-1d libopenexr6 libqt4-core libqt4-dbus libqt4-designer libqt4-gui libqt4-network libqt4-qt3support libqt4-script libqt4-sql libqt4-sql-mysql libqt4-svg libqt4-test libqt4-xml libqtcore4 libxp6 myspell-en-us qt4-qtconfig The following packages will be upgraded: libmagick10 1 upgraded, 27 newly installed, 0 to remove and 0 not upgraded. Need to get 18.2MB/27.1MB of archives. After this operation, 62.7MB of additional disk space will be used. Do you want to continue [Y/n]? I think this is not ok. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#464374: no postgresql-8.3-slony1 aviable
On Wed, Feb 06, 2008 at 07:13:38PM +0100, Martin Pitt wrote: hy, the slony version 1.2.13 is now out. So can you please update the debian packages ? Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#465491: mdadm use wrong metadata version as default
Package: mdadm Version: 2.6.4-1 Severity: critical Justification: breaks lilo boot from raid1 Lilo can only boot from Raid1 devices with raid 0.9 metadata. Not with raid 1.x. The manpage from mdadm says: Options are: 0, 0.90, default Use the original 0.90 format superblock. This format limits arrays to 28 component devices and limits compo‐ nent devices of levels 1 and greater to 2 terabytes. 1, 1.0, 1.1, 1.2 Use the new version-1 format superblock. This has few restrictions. The different sub-versions store the superblock at different locations on the device, either at the end (for 1.0), at the start (for 1.1) or 4K from the start (for 1.2). but the mdadm from debian doesn't use 0.9 as default. For more information please look at : https://anti.teamidiot.de/nei/2006/10/softraid_lilo/ Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#464374: no postgresql-8.3-slony1 aviable
Package: slony1 version: 1.2.12-1 Severity: serious My system told me on distupgrade that I must switch to postgresql 8.3 but I can't find any slony package for it. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#464374: no postgresql-8.3-slony1 aviable
On Wed, Feb 06, 2008 at 04:29:57PM +0100, Peter Eisentraut wrote: There is no slony release yet that works with 8.3. The same is true of several other plugins. So an upgrade to 8.3 across the board is impossible at the moment. Ok the messages also said that there will be no support for 8.2 on testing and unstable. Why this message, was there problems with the communication between the maintainer? For some minutes I habe build some slony packages out of the cvs for testing purpose. They compile and seem to run. More I can say in some day's. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#464374: no postgresql-8.3-slony1 aviable
On Wed, Feb 06, 2008 at 05:17:26PM +0100, Peter Eisentraut wrote: I am not familiar with the exact wording of the message, but I suppose it is aimed primarily at users of stable, who will end up doing stable to stable upgrades. Those who are using testing and unstable will have to endure a transition period of a month or two until everything is back in place. Here the message: The PostgreSQL version 8.2 is obsolete, but the server or client packages are still installed. Please install the latest packages (postgresql-8.3 and postgresql-client-8.3) and upgrade the existing 8.2 clusters with pg_upgradecluster (see manpage). . Please be aware that the installation of postgresql-8.3 will automatically create a default cluster 8.3/main. If you want to upgrade the 8.2/main cluster, you need to remove the already existing 8.3 cluster (pg_dropcluster --stop 8.3 main, see manpage for details). . The old server and client packages are no longer supported. After the existing clusters are upgraded, the postgresql-8.2 and postgresql-client-8.2 packages should be removed. I thing this is clear no support for 8.2 or? ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#447021: libmime-lite-perl/3.020-2 broken code
Package: libmime-lite-perl
Version: 3.020-2
Severity: normal
hy,
seems that the /usr/share/perl5/MIME/Lite.pm has a bug around line 511:
...
sub my_extract_full_addrs {
my $str = shift;
my @addrs;
$str =~ s/\s/ /g; ### collapse whitespace
...
If I send with this code a mail:
$msg = MIME::Lite-new (
From = $from_address,
To = $email,
Subject = $subject,
Type ='multipart/mixed'
) or die Error creating multipart container: $!\n;
$msg-attach (
Type = 'TEXT',
Data = $message_body
) or die Error adding the text message part: $!\n;
$msg-attach (
Type = 'application/zip',
Path = $client_windows_src,
Filename = $client_windows,
Disposition = 'attachment'
) or die Error adding $client_windows_src: $!\n;
$msg-attach (
Type = 'application/zip',
Path = $client_unix_src,
Filename = $client_unix,
Disposition = 'attachment'
) or die Error adding $client_windows_src: $!\n;
MIME::Lite-send('smtp', $mail_host, Timeout=60);
$msg-send;
I got uninitialized errors on line 511 an so on. I have fix it with:
sub my_extract_full_addrs {
my $str = shift;
my @addrs;
if ($str eq ) { $str= ; }
$str =~ s/\s/ /g; ###
collapse whitespace
Ruben
--
Ruben Puettmann
[EMAIL PROTECTED]
http://www.puettmann.net
signature.asc
Description: Digital signature
Bug#428370: php5-sqlrelay don't use /etc/php5/conf.d
Package: php5-sqlrelay Version: 1:0.37.1-3.1 hy the php5 configuration has changed. All php5 extensions got load via /etc/php5/conf.d/$extension.ini. could you please change this package that it don't write in /etc/php5/apache2|cli|cgi|apache/php.ini ? thx ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#428385: missing dev package from libldap-2.3-0
Package: libldap-2.3-0 Version: 2.3.35-1 hy, I'm missing the -dev package for compiling source against libldap 2.3. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#411125: Please package version 3.7.3
Package: awffull Version: 3.7.1-1 Severity: important Please package the new version. There are some fixes fixes: There have been quite a few changes in the move from v3.6.1 to v3.7.4-beta1: * Add support for the GeoIP API's for country detection * Add the ability to display Country Flags in the Country table. o See the INSTALL file for details * Fix a nasty segfault and apply some patches from Debian Webalizer * for possible buffer overflows * Minor update to the GeoIP usage. Stop DNS calls being made. * autoconf fix - proper compilation options now selected. Can * improve speed by ~ 13%. YMMV. * Fix for the auto log detection. Was dropping into Domino when it * shouldn't. * Quite a few spelling corrections in various documents * 3.7.2 is purely a fix release over 3.7.1 * 3.7.3 removes most of the translations for country names * (Australia == ?) that AWFFull will output when run under a * language other than English. This was necessary as it was * discovered that many of the translations for country were very * incorrect. It was felt better to not be there than wrong. * 3.7.4-beta1 brings in TrueType Font support into all graphs. This * also allows for native character set support in the graphs. * 3.7.4-beta1 has some automated, via kbabel, translations for * country names, as were removed in v3.7.3. These are marked fuzzy * and hence not immediately accessible. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#402638: php5-json don't use /etc/php5/conf.d
Package: php5-json Version: 1.2.1-3+b2 hy the php5 configuration has changed. All php5 extensions got load via /etc/php5/conf.d/$extension.ini. could you please change this package that it don't write in /etc/php5/apache2|cli|cgi|apache/php.ini ? thx ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#402020: php5-memcache don't use /etc/php5/conf.d
Package: php5-memcache Version: 2.0.1-1+b2 hy the php5 configuration has changed. All php5 extensions got load via /etc/php5/conf.d/$extension.ini. could you please change this package that it don't write in /etc/php5/apache2|cli|cgi|apache/php.ini ? thx ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#401280: race Condition in osiris console
Package: osiris
Version: 4.2.0-2
Severity: important
Tags: patch
hy,
here is a mail from one of the developers with an temp. fix.
schnippp-
In src/libosirisctl/osirisctl.c:ctl_get_database() at the break; on line
3808, the status should be set to TRUE when the function returns,
however on some systems a FALSE is returned to the calling function
src/cli/osiris.c:process_print_db() at the if statement on line 2867.
This causes the CLI print-db to fail even though the temporary database
was correctly written to the CLI host as shown by trying to diff the
db.temp and the original DB on the management host.
When debugging this issue, I found that putting a sleep(1); right before
the offending break in osirisctl.c on line 3808 fixes the problem. Can
anyone provide insight as to why this workaround works, and maybe
provide a better fix?
This condition exists on some Debian systems as reported by Ruben
Puettmann and I was able to recreate the error on a Fedora Core 5 i386
virtual machine.
Thank you!
dave
--schnapp---
You can follow the discussion on:
http://osiris.shmoo.com/pipermail/osiris-devel/
attached is an Patch for the 4.2.2 Version
Ruben
--
Ruben Puettmann
[EMAIL PROTECTED]
http://www.puettmann.net
--- osiris-4.2.2/src/libosirisctl/osirisctl.c 2006-07-27 19:57:51.0
-0400
+++ osiris-patched/src/libosirisctl/osirisctl.c 2006-11-29 15:50:11.000673960
-0500
@@ -3804,8 +3804,21 @@
}
}
+/* set status to TRUE, close the database file, and return
+ to the CLI...
+
+ This is functionally equivalent to what was previously here;
+ however, some systems would see ctl_get_database() return
+ FALSE to the CLI which would make print-db fail.
+*/
status = TRUE;
-break;
+
+if( dbfile )
+{
+fclose( dbfile );
+}
+
+return status;
}
/* drop all other message types. */
Bug#400879: libapache2-mod-auth-mysql not installable on etch or unstable
Package: libapache2-mod-auth-mysql Version: 4.3.9-2.1+b1 Severity: serious hy, this package will be removed an dist-upgrade on unstable or testing. Also it I can not install it: [EMAIL PROTECTED]:[/tmp] apt-get install libapache2-mod-auth-mysql Reading package lists... Done Building dependency tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. Since you only requested a single operation it is extremely likely that the package is simply not installable and a bug report against that package should be filed. The following information may help to resolve the situation: The following packages have unmet dependencies: libapache2-mod-auth-mysql: Depends: apache2-common (= 2.0.50-10) but it is not installable E: Broken packages Please fix this. mod_authn_dbd is no way for me cause it has not the possibilityto use groups. For group support mod_authz_dbd is need which is noch in the current apache2.2 source only in trunk. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#400881: please include Apache Module mod_authz_dbd from trunk
Package: apache2.2-common Version: 2.2.3-3.1 Severity: wishlist Please include mod_authz_dbd from trunk if possible. Ist is needed for group authorization using sql. mod_authn_dbd is included but it can't do group authorization. An alternative was mod_auth_mysql for me but this modul is since long time in debian broken see the Bus on libapache2-mod-auth-mysql. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#385588: apache2-mpm-worker *** glibc detected *** double free or corruption
On Sun, Nov 12, 2006 at 03:23:07PM +0100, Thijs Kinkhorst wrote: Do you have any update on this? Also, does it still occur with the latest 2.2.3 version as available in testing/unstable? Sorry no new Infoprmation. We have switched the apache2 to prefork and all runs fine. It is an productive service so I can't du testing on it. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#398358: New Upstream Version with some new features
Package: osiris Version: 4.2.0-2 hy, there are 2 new upstream Verison aviable: 4.2.1 4.2.2 Changes: Differences with version 4.2.1 = FIXES: : fixed format string vulnerabilities in the logging functions Differences with version 4.2.0 = FIXES: : scanner adheres to new Mac OS X resource fork convention. : fixed bug with readdir() wrapper bug with dirents end case. : fixed Date header in email notifications for console on Windows. : updated linux init script installs. : fixed bug with add/remove user on same login session. : removed uid/inode from linux mod_ports record header. : fixed potential problem with deep paths in scanner. FEATURES: : scan command now pushes baseline database to host. : added import-filters command (developer submission). : auth.db passwords are now encrypted (hashed). : mod_ports has new params to ignore certain port numbers. : added -q option to console, to not log to system log. The auth.db passwords are now encrypted (hashed) is form my view importent. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#320835: seems that something is going on with php5-mysqli
hello, I have seen that there is a new php5 version with php5-mysqli on http://ftp-master.debian.org/new.html. But it is there since mor than 1 week. Why is it not going in the distribution? Any problems? Can I get somwhere the source package for testing? Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#388457: tomcat5 don't find the ejc.jar
Package: tomcat5.5 Version: 5.5.17-1 Severity: serious Tags: unstable hy, i have running the package on etch system with some packages pining from unstable. Java is installed: ii sun-j2sdk1.51.5.0+update08 Java(TM) JDK, Standard Edition, Sun Microsystems(TM) created with make-jpkg After installing via apt-get -t unstable tomcat5.5 the tomcat doesnt' found the ecj.jar installed from ecj-boostrap. An tomcat5.5 package from apache.org ( apache-tomcat-5.5.17.tar.gz) found it. So it seems that in tomcat5.5 is /usr/share/java/ not in the lib path. After copy the file to ./lib/tomcat5.5/shared/lib/ecj.jar all runs fine. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#387652: igal upstream no longer aviable
Package: igal Version: 1.4-16 hy, the upstream webside : http://www.stanford.edu/~epop/igal/ is no longer aviable. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386831: User tomcat5 problem after removing tomcat5 but keeping tomcat5.5
On Tue, Sep 12, 2006 at 03:30:45PM +0200, Arnaud Vandyck wrote: I don't know how to solve this issue. A solution could be to change the user of tomcat5.5 as tomcat5-5. Yes this would be the best way. Cause so it is posible that tomcat5 and tomcat5.5 runs on the same Server with different users. But if you do you must keep the people in mind that already has installed the package. Thanks for help on this bug. No Problem I need it here for some productiv webservices. If there is a new package I can test it. But it must be runable under testing. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#320835: Status?
I wonder if you intent to resolve this whichlist bug anytime soon? Looks like there is no intrest by the package maintainer to fix this ;-( There is no reaction on any mail or bts request. ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#386831: User tomcat5 problem after removing tomcat5 but keeping tomcat5.5
Package: tomcat5.5 Version: 5.5.15-1 Severity: serious Tags: experimental hy, I installed tomcat5.5 on an system which hast tomcat5 from etch installed. After that I want remove the tomcat5 packages, cause tomcat5.5 is runnig well. tomcat5 removed the user tomcat5 so that the tomcat5.5 could not be startet anymore. ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#386247: OpenSSL Security Advisory [5th September 2006]
Package: openssl Version: all Severity: important Please see : http://www.openssl.org/news/secadv_20060905.txt For me it looks like stable must have an update testing must have an update unstable must have an update Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#385588: apache2-mpm-worker *** glibc detected *** double free or corruption
Package: apache2-mpm-worker Version: 2.0.55-4.1 Severity: normal apache2 with apache2-mpm-worker dies often with : *** glibc detected *** double free or corruption (!prev): 0x083af378 *** [Fri Sep 01 13:54:19 2006] [notice] child pid 20732 exit signal Aborted (6) *** glibc detected *** double free or corruption (!prev): 0x084355d0 *** [Fri Sep 01 13:54:23 2006] [notice] child pid 23834 exit signal Aborted (6) Installed modules: ii apache2 2.0.55-4.1next generation, scalable, extendable web server ii apache2-common2.0.55-4.1next generation, scalable, extendable web server ii apache2-mpm-worker2.0.55-4.1high speed threaded model for Apache2 ii apache2-utils 2.0.55-4.1utility programs for webservers ii libapache2-mod-jk 1.2.18-1 Apache 2 connector for the Tomcat Java servlet engine Configured modules: [/etc/apache2/mods-enabled] ls -la drwxr-xr-x 2 root root 4096 2006-06-22 18:25 . drwxr-xr-x 8 root root 4096 2006-09-01 13:02 .. lrwxrwxrwx 1 root root 37 2006-06-22 15:37 cgid.conf - /etc/apache2/mods-available/cgid.conf lrwxrwxrwx 1 root root 37 2006-06-22 15:37 cgid.load - /etc/apache2/mods-available/cgid.load lrwxrwxrwx 1 root root 25 2006-06-22 18:08 jk.conf - ../mods-available/jk.conf lrwxrwxrwx 1 root root 25 2006-06-22 15:04 jk.load - ../mods-available/jk.load The Apache2 serves only 2 servlets running inside tomcat5. No other content Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#380060: webalizer: Problem veryfied
Package: webalizer Version: 2.01.10-30.1 Followup-For: Bug #380060 Hello, I can confirm the completly broken reports on the latest release. Tthe daily and hourly statistic tables become totally broken. All fields names mismatch it's data. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#382461: pan no longer gtk2 programm seems to be a gnome programm
Package: pan Version: 0.106-2 The newsreader pan look in the description like an gtk2 programm: Description: A Newsreader based on GTK2, which looks like Forte Agent But it depends on the whole gnome stuff now: Reading package lists... Done Building dependency tree... Done Calculating upgrade... Done The following NEW packages will be installed: gnome-mime-data libavahi-client3 libavahi-common-data libavahi-common3 libavahi-glib1 libbonobo2-0 libbonobo2-common libgmime2.1 libgnome2-0 libgnome2-common libgnomevfs2-0 libgnomevfs2-common The following packages will be upgraded: pan 1 upgraded, 12 newly installed, 0 to remove and 0 not upgraded. Need to get 0B/5134kB of archives. After unpacking 18.8MB of additional disk space will be used. Do you want to continue [Y/n]? Sorry I don't accept that i need now for an new package 18.8MB more disk space. So I can't use it. If this ist upstream related please change the description. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#382461: pan no longer gtk2 programm seems to be a gnome programm
On Fri, Aug 11, 2006 at 05:55:29PM +0300, Yavor Doganov wrote: But it depends on the whole gnome stuff now: The package can be built without GNOME dependencies, I think, but it seems an overhead to introduce two binary packages, f.i. pan-gtk2 and pan-gnome. However, it's up to the maintainer to decide. Why seems it to much overhead? I think not cause ther is more than gnome or kde outside. I still using wmaker and xfce4. Both doesn't need kdelibs or gnome. Buth both works very well with gtk2 programms. Sorry I don't accept that i need now for an new package 18.8MB more disk space. So I can't use it. It's always a pity to lose users :-( Yes I like pan very much but, I will not accept the gnome stuff. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#315297: Fedora Directory Server port to Debian ?
Something new here? There is a little piece of documentation in the wiki. http://directory.fedora.redhat.com/wiki/Howto:DebianUbuntu I personly would like to see the feodora directory server in Debian. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#379135: please include mysqli extension
Package: php5 Severity: wishlist hy, mysql5.0 is now now default on debian etch and unstable. Please add the mysqli extension in php5 there are many differences between mysql and mysqli. If php5-mysql is build against the new client libs it doesn't help. We will need php5-mysql and php5-mysqli. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#346192: Auth_MySQL_Encryption_Types MySQL broken in libapache-mod-auth-mysql
Package: libapache-mod-auth-mysql Version: 4.3.9-2 The password hashing mechanism from Mysql changed in 4.1 to provide better security. So libapache-mod-auth-mysql is no longer able to check Auth_MySQL_Encryption_Types MySQL Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#346194: Auth_MySQL_Encryption_Types MySQL broken in libapache2-mod-auth-mysql
Package: libapache2-mod-auth-mysql Version: 4.3.9-2 The password hashing mechanism from Mysql changed in 4.1 to provide better security. So libapache-mod-auth-mysql is no longer able to check Auth_MySQL_Encryption_Types MySQL Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#325521: Mysql Server Crashes in 4.1.14 and 5.0.12
Package: mysql-server-4.1 Version: 4.1.13a Severity: Important we have here some server crashes and found in the mysql bug database this reports: http://bugs.mysql.com/bug.php?id=11869 (Server crashes making a union join query with fulltext search) http://bugs.mysql.com/bug.php?id=11819 (CREATE TABLE with a SET DEFAULT 0 and UTF8 crashes server) http://bugs.mysql.com/bug.php?id=11868 (update with subquery fails) All this bugs are fixed in 4.1.14. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#299065: MySQL Privilege Escalation and Command Execution Vulnerabilities
Package: mysql-server Version: 4.0.23-7 Severity: critical Tags: security Several vulnerabilities were identified in MySQL, which may be exploited by local attackers to execute arbitrary commands or obtain elevated privileges. - The first flaw is due to an insecure (predictable name) temporary file creation with CREATE TEMPORARY TABLE, which may be exploited by an attacker that has CREATE TEMPORARY TABLE privileges to conduct symlink attacks. - The second vulnerability is due to an arbitrary library injection error and resides in the udf_init() function (sql_udf.cc), which may be exploited by an attacker (with INSERT and DELETE privileges) to load/execute a malicious library with MySQL privileges. - The third flaw occurs when handling specially crafted CREATE FUNCTION commands, which may be exploited by a malicious user (with INSERT and DELETE privileges) to execute arbitrary code with MySQL privileges. For the complete Advisory see: http://www.k-otik.com/english/advisories/2005/0252 -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#299066: MySQL Privilege Escalation and Command Execution Vulnerabilities
Package: mysql-server-4.1 Version: 4.1.10-1 Severity: critical Tags: security Several vulnerabilities were identified in MySQL, which may be exploited by local attackers to execute arbitrary commands or obtain elevated privileges. - The first flaw is due to an insecure (predictable name) temporary file creation with CREATE TEMPORARY TABLE, which may be exploited by an attacker that has CREATE TEMPORARY TABLE privileges to conduct symlink attacks. - The second vulnerability is due to an arbitrary library injection error and resides in the udf_init() function (sql_udf.cc), which may be exploited by an attacker (with INSERT and DELETE privileges) to load/execute a malicious library with MySQL privileges. - The third flaw occurs when handling specially crafted CREATE FUNCTION commands, which may be exploited by a malicious user (with INSERT and DELETE privileges) to execute arbitrary code with MySQL privileges. Fro the complete Advisory see: http://www.k-otik.com/english/advisories/2005/0252 -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
Bug#291033: Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability
Package: imagemagick Version: 6.0.6.2-1.6 Severity: important Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. See: http://www.idefense.com/application/poi/display?id=184type=vulnerabilitiesflashstatus=true or http://www.imagemagick.org/www/Changelog.html 2005-01-14 Cristy [EMAIL PROTECTED] * Fixed iDEFENSE PSD heap overflow vulnerability reported by Andrei * Nigmatulin. Ruben -- Ruben Puettmann [EMAIL PROTECTED] http://www.puettmann.net signature.asc Description: Digital signature
