Bug#1019230: Bug#1021276: Pending snort 2.9.20 update
Dear Markus, Thank you for preparing. Could you please share the patch you are working on? Snort is available in Salsa. Maybe you could upload / provide there your propose changes in a separate branch? Saludos, Javier El vie, 20 ene 2023, 21:42, Markus Koschany escribió: > Control: tags -1 pending > Control: owner -1! > > Dear maintainer, > > I have prepared a new upstream release of snort, version 2.9.20, which will > address the current release critical bugs in your package. I am currently > testing it and intend to upload it to delayed 5 tomorrow. That should > ensure > snort will re-enter testing in time for Bookworm's soft freeze. > > Regards, > > Markus >
Bug#991113: libpam-chroot: pam_chroot.so installed in wrong place - Not able to login after upgrade
Dear Michael, Thanks for the proposed patch. I will try to review and submit a new package version is the coming days. Saludos, Javier El mié, 8 jun 2022 20:45, M. Buecher escribió: > I had a look at the package source and only the paths in the file > debian/rules [1] have to be changed. > Extend all `lib/$(DEB_HOST_MULTIARCH)` to > `lib/$(DEB_HOST_MULTIARCH)/security` (added suffix `/security`). > > [1] https://sources.debian.org/src/libpam-chroot/0.9-5/debian/rules/ > > Here the changed lines I tested successfully: > > ``` > mkdir -p > $(CURDIR)/debian/libpam-chroot/lib/$(DEB_HOST_MULTIARCH)/security > # Add here commands to install the package into debian/libpam-chroot > $(MAKE) install DESTDIR=$(CURDIR)/debian/libpam-chroot > LIBDIR=$(CURDIR)/debian/libpam-chroot/lib/$(DEB_HOST_MULTIARCH)/security > INSTALL="install --strip-program=true" > ``` > > Enable source repositories, install build tools and dependencies, then > build and install: > > ``` > nano /etc/apt/sources.list > apt-get update > apt-get install devscripts build-essential > cd /var/tmp > apt-get build-dep libpam-chroot > apt-get source libpam-chroot > cd libpam-chroot-0.9*/ > sed -i -e 's#lib/\$(DEB_HOST_MULTIARCH)\( > \|$\)#lib/\$(DEB_HOST_MULTIARCH\)/security\1#' debian/rules > debuild -us -uc > # > cd /var/tmp > dpkg -i libpam-chroot_0.9*.deb > ``` >
Bug#1009820: snort: Privilege escalation due to insecure use of logrotate
severity 1009820 normal tags 1009820 - upstream thanks Dear Wolfgang, The 'snort' user is not a regular user (but a user created by the package itself, which is blocked from access as it has no password set). Consequently the privilege escalation you describe cannot be leveraged by a normal user. The only user in a standard installation of this package that can become 'snort' is actually the root user itself or if there is a remote code execution in the Snort software which compromises the Snort process itself. The fix proposed (make the files managed by root) is not invalid: - if /var/log/snort is owned by root then the Snort process (running as Snort user) will not be able to create the log files - the Snort process is running as 'snort' user and should not be modified to be run as 'root' The reason for this setup is precisely to improve the security of the software as distributed in Debian and applying a principle of minimum privilege, it is not an option to have this software running as root as a vulnerability found in the software (which is reading packages from the network, input which is by definition, untrusted) could potentially lead to a compromise of the system it is running in Consequently I'm adjusting the bug: - To normal (to be reviewed) as this is not, in my view, a critical bug - To Debian-specific, as the configuration of logrotate and the setup (Snort is running as 'snort' user) is specific to the package and not defined by upstream The most likely fix for this bug in any case is to adjust the definitions in the logrotate file, which uses "/var/log/snort/*/alert" and "/var/log/ snort/*/*log". These definitions are too broad and could be simplified. Best regards, Javier Fernandez-Sanguino On Mon, 18 Apr 2022 at 19:27, Wolfgang Hotwagner wrote: > Package: snort > Version: 2.9.15.1-5 > Severity: critical > Tags: security upstream > Justification: root security hole > X-Debbugs-Cc: sec-advis...@ait.ac.at > > Dear Maintainer, > > The path of the logdirectory of snort can be manipulated by user > > Snort in Debian Bullseye: > > # ls -ld /var/log/snort/ > drwxr-s--- 3 snort adm 4096 Apr 14 08:44 /var/log/snort/ > > > The files in /var/log/snort/*/*log are once a day rotated by > > logrotate as user root with the following config: > > /var/log/snort/snort.alert /var/log/snort/snort.alert.fast > /var/log/snort/*log /var/log/snort/*/alert /var/log/snort/*/*log { > daily > rotate 7 > compress > missingok > notifempty > create 0640 snort adm > sharedscripts > postrotate > if [ -x /usr/sbin/invoke-rc.d ]; then \ > invoke-rc.d snort restart > /dev/null; \ > else \ > /etc/init.d/snort restart > /dev/null; \ > fi; > endscript > } > > Due to logrotate is prone to a race-condition(see the link to my blog > below) it is possible for user "snort" to replace or create any directory > in /var/log/snort/ with a symbolik link to any > > directory(for example /etc/bash_completion.d). logrotate will place files > AS ROOT into /etc/bash_completition.d and set the owner and group to > "snort.adm". An attacker could simply place a reverse-shell into this file. > As soon as root logs in, a reverse shell will be executed then. > > You can find an exploit for this bug at my blog: > https://tech.feedyourhead.at/content/abusing-a-race-condition-in-logrotate-to-elevate-privileges > and > https://tech.feedyourhead.at/content/details-of-a-logrotate-race-condition > > Proof of Concept: > # > > snort@b8ff2e70f94d:~$ cd /tm > > snort@b8ff2e70f94d:/tmp$ git clone > https://github.com/whotwagner/logrotten.git > Cloning into 'logrotten'... > remote: Enumerating objects: 97, done. > remote: Counting objects: 100% (10/10), done. > remote: Compressing objects: 100% (8/8), done. > remote: Total 97 (delta 4), reused 7 (delta 2), pack-reused 87 > Receiving objects: 100% (97/97), 419.77 KiB | 691.00 KiB/s, done. > Resolving deltas: 100% (41/41), done. > snort@b8ff2e70f94d:/tmp$ cd logrotten/ > snort@b8ff2e70f94d:/tmp/logrotten$ gcc -o logrotten logrotten.c > > snort@b8ff2e70f94d:/tmp/logrotten$ echo "hello world" > payload > snort@b8ff2e70f94d:/tmp/logrotten$ mkdir /var/log/snort/pwn > snort@b8ff2e70f94d:/tmp/logrotten$ vim /var/log/snort/pwn/pwnme.lo > > snort@b8ff2e70f94d:/tmp/logrotten$ ./logrotten -p payload -c > /var/log/snort/pwn/pwnme.log > Waiting for rotating /var/log/snort/pwn/pwnme.log... > Renamed /var/log/snort/pwn with /var/log/snort/pwn2 and created symlink to > /etc/bash_completion.d > Waiting 1 seconds before writing payload... > Done! > snort@b8ff2e70f94d:/tmp/logrotten$ ls -l /etc/bash_completion.d/ > tot
Bug#965455: chrootuid: diff for NMU version 1.3-6.1
Dear João, Thanks for preparing, the patch looks ok to me. Saludos, Javier El sáb, 16 abr 2022 22:30, Joao Eriberto Mota Filho escribió: > Control: tags 965455 + patch > Control: tags 965455 + pending > Control: tags 998939 + patch > Control: tags 998939 + pending > > Dear maintainer, > > I've prepared an NMU for chrootuid (versioned as 1.3-6.1) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should delay it longer. > > Regards, > > Eriberto > > diff -u chrootuid-1.3/debian/rules chrootuid-1.3/debian/rules > --- chrootuid-1.3/debian/rules > +++ chrootuid-1.3/debian/rules > @@ -53,4 +53,6 @@ > dh_builddeb > > binary: binary-indep binary-arch > -.PHONY: build clean binary-indep binary-arch binary install configure > +build-arch: build > +build-indep: build > +.PHONY: build build-arch build-indep clean binary-indep binary-arch > binary install configure > diff -u chrootuid-1.3/debian/control chrootuid-1.3/debian/control > --- chrootuid-1.3/debian/control > +++ chrootuid-1.3/debian/control > @@ -2,7 +2,7 @@ > Section: admin > Priority: optional > Maintainer: Javier Fernandez-Sanguino Pen~a > -Build-Depends: debhelper (>> 3.0.0) > +Build-Depends: debhelper-compat (= 13) > Standards-Version: 3.9.1.0 > Homepage: http://ftp.porcupine.org/pub/security/index.html > > diff -u chrootuid-1.3/debian/changelog chrootuid-1.3/debian/changelog > --- chrootuid-1.3/debian/changelog > +++ chrootuid-1.3/debian/changelog > @@ -1,3 +1,16 @@ > +chrootuid (1.3-6.1) unstable; urgency=medium > + > + * Non-maintainer upload. > + * Using new DH level format. Consequently: > + - debian/compat: removed. > + - debian/control: changed from 'debhelper' to 'debhelper-compat' in > +Build-Depends field and bumped level to 13. > + - Closes: #965455 > + * debian/rules: added missing targets build-arch and build-indep. > +(Closes: #998939) > + > + -- Joao Eriberto Mota Filho Sat, 16 Apr 2022 > 17:10:27 -0300 > + > chrootuid (1.3-6) unstable; urgency=low > >* Change maintainer's e-mail address > reverted: > --- chrootuid-1.3/debian/compat > +++ chrootuid-1.3.orig/debian/compat > @@ -1 +0,0 @@ > -5 >
Bug#965458: chntpw: Removal of obsolete debhelper compat 5 and 6 in bookworm
Dear Fabio and Adrian, I have just uploaded version 140201-1 to the archive based on Fabio's work in Salsa. I have taken some time to fix some additional bugs as well as incorporate some patches / improvements published in Github by Adrian Gibanel Lopez (https://github.com/rescatux/chntpw/) some of which had been also submitted to Debian. Note that the changes are in this repository: https://salsa.debian.org/debian/chntpw (I restored there the old GIT repo from Alioth). Thank you both for your work Javier On Wed, 19 Jan 2022 at 15:27, Fabio Fantoni wrote: > Hi, in recent days I had prepared a git for chntpw, contacted the > maintainer, then prepared the patches to convert to dh and compat 13 and > also solve other few issues. > > the maintainer is still active and he told me he would revise my > changes, anyway thanks to Adrian Bunk for your pending patch/build that > delayed remove from testing (in case the maintainer does not have time > to review and do the new build) > >
Bug#961359: Bug#929276: remem: diff for NMU version 2.12-7.1
Dear Boyuan, On Tue, 31 Aug 2021 at 16:39, Boyuan Yang wrote: > Control: tags -1 +patch +pending > X-Debbugs-CC: j...@debian.org > > Dear maintainer, > > I've prepared an NMU for remem (versioned as 2.12-7.1) and > uploaded it to DELAYED/5. Please feel free to tell me if I > should delay it longer. > Thank you very much for preparing this NMU. I do not see any need to delay it longer, and will incorporate your patch in my next package upload. Best regards Javier
Bug#980047: libpam-chroot: diff for NMU version 0.9-4.4
Dear Adrian, Thank you for preparing the NMU but please cancel it. I have just uploaded version 0.9-5 to unstable to fix the RC bugs. Sorry for the delay. Best regards, Javier On Wed, 16 Jun 2021 at 13:48, Adrian Bunk wrote: > Control: tags 980047 + patch > Control: tags 980047 + pending > > Dear maintainer, > > I've prepared an NMU for libpam-chroot (versioned as 0.9-4.4) and > uploaded it to DELAYED/2. Please feel free to tell me if I should cancel > it. > > cu > Adrian >
Bug#984614: #984614 - fixed in unstable
El mar., 13 abr. 2021 19:51, Chris Hofstaedtler escribió: > Hello again, > > just in case you are not aware - if snort should stay in testing, > someone will need to file an unblock bug against release.debian.org. > This was done already: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986908 The updated version will not transition into testing automatically. > Indeed. Let's see if the unblock request goes through. Best regards Javier
Bug#984614: snort in Bullseye
On Fri, 9 Apr 2021 at 20:10, Chris Hofstaedtler wrote: > Control: found -1 2.9.15.1-2 > > Hi, > > it appears this conffile handling problem is caused by a not good > enough attempt to move the old conffile /etc/cron.daily/5snort to > /etc/cron.daily/snort-common. > You are correct. > It would appear trivial to change this to use > dpkg-maintscript-helper mv_conffile instead. > Thank you for suggesting this, I was not aware of this. I have fixed the issue by using dpkg-maintscript-helper properly in the preinst/postinst/postrm. > Someone with enough interest in snort should probably just make this > change and upload it. > After preparing a new version of the package and testing it in a chroot with different upgrade scenarios, I have uploaded a new version to unstable fixing this issue (and some others I encountered along the way). Best regards Javier
Bug#962275: snort: Failed to start LSB
An update on this bug: The missing symbols issue is really a problem in the daq library. A patch introduced in 2.0.7-1 to fix some FTBFS bugs (959617, 958101) actually disabled symbols in the library which are required. This will be soon fixed. The issue related to the library location is a little bit more tricky to fix. I have seen that the RedHat package (rpm - in snort.spec) actually does this by modifying snort.conf when the package is built (using sed) to change the library patch for the dynamicengine. I might need to introduce something similar in the Debian package. Saludos Javier
Bug#962275: snort: Failed to start LSB
Dear Thorsten, Indeed I have found two issues in the Snort package related to this bug report: 1.- The location of the libraries in /etc/snort.conf is not correct for different architectures. I need to find a way to ammend this value when the package gets compiled (or find a way to locate this libraries in a common place for all architectures) 2.- There are some symbols missing in /usr/lib/x86_64-linux-gnu/libsfbpf.so.0 I have not yet found a way to fix either 1 or 2, and will continue investigating. Best regards Javier
Bug#962275: snort: Failed to start LSB
On Fri, 5 Jun 2020 at 15:09, Thorsten Bonow wrote: > Package: snort > Version: 2.9.15.1-2 > Severity: grave > > Dear Maintainer, > > installation of 'snort' fails with a subprocess error (fresh install, > /etc/snort doesn't exist before installation. Accepting the propose > d network settings: 192.168.0.0/16). Aptitude output: > Dear Thorsten, Thank you for your report. The Snort package appears to be configured with the following values: snort/address_range: 192.168.0.0/16 * snort/interface: eth0 Could you please confirm if the 'eth0' interface is available in the system? One possible reason for startup failing is that the interface is not the correct one (administrator should configure the proper one via debconf). Best regards Javier
Bug#878841: clips FTBFS: uudecode: not found
Saludos Javier On 17 October 2017 at 07:28, Adrian Bunkwrote: > Source: clips > Version: 6.30-1 > Severity: serious > > https://buildd.debian.org/status/package.php?p=clips=sid Thanks for the report, I forgot to adjust the Build-depends with the new changes introduced in the package. Will fix and upload a new version of the package today night (CEST) Best regards Javier
Bug#861842: snort 2.9.7 is EOL upstream
severity 861842 important thanks On 4 May 2017 at 18:36, Lee Garrettwrote: > Source: snort > Version: 2.9.7.0-5 > Severity: grave > Justification: renders package unusable > I do not agree that this Snort version being EOL makes the package unusable. Sure, it will be difficult to support as there will be no support upstream, but not unusable to end users. The package can still be used, and sysadmins can update it with rules if they invest the required time. I agree however, it was an oversight on our side to not provide an updated Snort version last year, before the freeze. > The version of snort in Debian testing/sid has reached EOL in March [0], > making > it difficult to provide security updates or rule updates over the > lifecycle of > stretch. Since no newer version is packaged yet and stretch is deep into > the > freeze, I suggest removing the package from stretch > As you said, it might be difficult to get security updates, but not impossible. Patches can be backported. As for the risk of potential security vulnerabilities during Stretch's lifecycle: It is worth noting, also, that Snort does not have a bad track record of security bugs that need an immediate fix. There has only been one DSA for Snort in Debian (DSA-297 [1]). Overall, NIST's Vulnerability database has only 30 security bugs reported for Snort [2] in the past 17 years, of which only a few (4) led to remote execution (2 of them were fixed in the DSA above). As maintainer, I am willing to work in backporting fixes of vulnerabilities if required. As for rule updates: Snort users can run the release in Debian and still get some new rules in it. There will not be able to use new rules that make use of preprocessors. But this is the same if we would have 2.9.8.3 in Debian instead, some rules would only work with newer releases (e.g. 2.9.9.0). Also note that in Debian we do not distribute rule updates, only a limited subset of the available rules in the Internet are provided (see the snort-rules-default package for more information) Based on the reasoning above, and the fact that the 'grave' severity does not really qualify for "unmaintained/unsupported" software in Debian, I'm reducing the severity of this bug. I will not oppose the removal if the Debian Security team requests it, but please be aware in the past we have shipped software in the stable release that is not maintained upstream anymore. Best regards Javier [1] https://www.debian.org/security/2003/dsa-297 [2] https://nvd.nist.gov/vuln/search/results?adv_search=false_type=basic_type=overview_type=all=snort
Bug#850632: openuniverse: fails to start "input in flex scanner failed
On 23 January 2017 at 10:19, Petter Reinholdtsenwrote: > Control: tags -1 + patch > > [Petter Reinholdtsen] > > I guess the install target for the configuration file is bad. > > The problem seem to be that autoconf/automake have changed behaviour, > breaking > the old install target in conf/Makefile.am in combination with the symlinks > created by dh. > Thank you for investigating the issue Petter. I will try to make an upload with this fix tonight. Regards Javier
Bug#842568: iisemulator: diff for NMU version 0.95-3.2
El 24 nov. 2016 2:03 p. m., "Joao Eriberto Mota Filho"escribió: > > Control: tags 842568 + pending > > Dear maintainer, > > I've prepared an NMU for iisemulator (versioned as 0.95-3.2) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should delay it longer. > Thank you for fixing this and the upload. Actually, there is no need to delay it. Best regards Javier
Bug#827791: samhain: logfile-monitor requires build dependency on libpcre3-dev
On 21 June 2016 at 07:37, Logan Rosenwrote: > samhain currently fails to build from source because it doesn't > build-depend on > libpcre3-dev, which is required by the newly-enabled logfile-monitor > module. > Thank you for detecting this. I have just submitted a new upstream version which is also affected by the same bug. I will upload a new version shortly fixing this issue. Regards Javier
Bug#783683: cron started with -f (foreground), killing processes on restart
On 7 June 2015 at 18:30, Christian Kastner deb...@kvr.at wrote: On 2015-06-06 21:33, Christoph Berg wrote: I had hoped to see this fixed in today's point release. What happened with the jessie package? I'm afraid I couldn't get a hold of Javier regarding an upload. I myself don't have upload rights yet. My fault. Quite simply: life got in the way. I meant to take care of this before I went AFK for the weekend, but I forgot about this :-/ If an upload to jessie-p-u is still a possibility and you'd like to sponsor, a package for jessie has been prepared on the jessie branch. It was already ACKed by the RT, see #785573. I am going to do this right away. I'm building the origin/jessie branch as I'm writing this. Regards Javier
Bug#735530: samhain: FTBFS on amd64 and kfreebsd
tags 735530 upstream help thanks The latest samhain upload doesn't build on amd64. This was also the case with the previous upload (3.1.0-1). I've forwarded this issue upstream. I have not yet received an answer or patch to fix this. If someone can help review and tackle this issue it would be most appreciated. It looks like the problem lies in the ASM definition on x_sh_checksum.c. Maybe that one can be replaced or skipped for amd64. Also, the audit build-dep doesn't exist on kfreebsd, so the build can't be started there. The previous upload also failed on kfreebsd-amd64 (but it did build fine on kfreebsd-i386). This has been fixed and it builds now on kfreebsd-i386. It doesn't build on kfreebsd-amd64 (for the same reason as above). Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#735530: samhain: FTBFS on amd64 and kfreebsd
On 16 January 2014 09:33, Ivo De Decker ivo.dedec...@ugent.be wrote: The latest samhain upload doesn't build on amd64. This was also the case with the previous upload (3.1.0-1). (...) Thanks. I'll take a more detailed look but, reviewing this fast: - the amd64 FTBFS issue seem to be an upstream issue. I will report it to them - the build-dep regarding the audit library can be removed for those architectures, it is not an essential library for the program to work Best regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701353: samhain: ftbfs with GCC-4.8
El 03/09/2013 12:09, Laurent Bigonville bi...@debian.org escribió: Any news about this bug? No news. Sorry, I cannot work on this until next week. For some reasons (unclean build environment?) the i386 version of the package is depending against libaudit0 and this is blocking the transition to libaudit1. It might be because of an unclean environment. Feel free to binNMU if required. Regards Javier
Bug#710068: tiger: postinst uses /usr/share/doc content (Policy 12.3)
From the attached log (scroll to the bottom...): Selecting previously unselected package tiger. (Reading database ... 7084 files and directories currently installed.) Unpacking tiger (from .../tiger_1%3a3.2.3-10_amd64.deb) ... Setting up tiger (1:3.2.3-10) ... ERROR in maintainer script, cannot find package configuration file at /usr/share/doc/tiger/examples/tigerrc.gz dpkg: error processing tiger (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: tiger Indeed, I have to modify the package to puse the configuration template file and put it in a different location. I will do this as soon as possible. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#688379: [Openvas-distro-deb] Bug#688379: openvas-server: modifies conffiles (policy 10.7.3): /etc/openvas/openvasd.conf
Sébastien, Thank you for the patch, but I already asked the debian-release team to remove openvas-server from testing [1]. Openvas-server is replaced by openvas-scanner (available in experimental). I would suggest you do not dedicate too much time in it. Some of openva-server's bugs (I believe this one also) are present in openvas-scanner and it would be best to fix them there. Best regards Javier [1] http://lists.debian.org/debian-release/2012/10/msg00729.html -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#614497: doc-debian: The OPL-licensed documents taken from Debian website are non-free
On 22 October 2012 14:30, Jonathan Nieder jrnie...@gmail.com wrote: Many parts of www.debian.org are already relicensed by now. Maybe this bug could be resolved by updating the copyright information and calling it a day (update: no). Hello Jonathan, Thanks for the updated information. However, in the listing of documents you indicate that some of the versions of the constitution are still under the OPL license and, in addition, in doc-debian we have provide additional documentation (such as information about bug handling, taken from http://www.debian.org/Bugs/) that seems to still be OPL. I would rather wait for the copyright notice in each of these pages to change before I change debian/copyright and update the status. Right now all of them point to the boilerplate page http://www.debian.org/license which still mentions that OPL is the current license for all the documents previous to January 25th, 2012. Hopefully, when #388141 is resolved for all documents we will be able to update debian/copyright and close this bug too. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679106: cron: multiple /etc/init.d/cron stop may kill unrelated processes
On 3 July 2012 02:39, Christoph Anton Mitterer cales...@scientia.net wrote: On Tue, 2012-07-03 at 02:04 +0200, Javier Fernández-Sanguino Peña wrote: This should be fixed in cron itself (through it's SIG handler) Are you going to follow this up? I you are asking if this is going to fix in the current cron version the answer is no. Since the latest cron release (4.1) and the cron fork (cronie) already do this properly the approach would be to upgrade our current cron version to the latest upstream. I'd rather not include yet another patch in our sources, working on moving over to 4.1 is preferred. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679106: cron: multiple /etc/init.d/cron stop may kill unrelated processes
On 29/06/2012, Christoph Anton Mitterer cales...@scientia.net wrote: On Wed, 2012-06-27 at 20:36 +0200, Javier Fernandez-Sanguino wrote: For its stop argument, cron uses /lib/lsb/init-functions's killproc. I believe killproc should remove the pidfile if the processes is killed properly. ok... weird... Thanks for the information. The killlproc() function is not removing the pidfile, and it probably should. It seems that /lib/lsb/init-functions changed its behaviour and produces this bug (or maybe we are not using it properly in cron's init.d). Just to confirm, could you please tell me: - which version of lsb-base do you have installed. Is it the latest one (4.1+Debian7)? - which version of dpkg do you have installed. Is it the latest one (1.16.4.3)? Thanks Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679106: cron: multiple /etc/init.d/cron stop may kill unrelated processes
tag 679106 moreinfo thanks Apparently, cron doesn't clear the PID file once stopped, so subsequent invokations of: /etc/init.d/cron stop continue to try killing a process of that PID. For its stop argument, cron uses /lib/lsb/init-functions's killproc. I believe killproc should remove the pidfile if the processes is killed properly. I'm unable to reproduce the behaviour you are seeing. Maybe this is associated with your environment. In order to diagnose it, I would appreciate if you could run the following (as root) and send the output to this bug report (you can use 'script' to capture all the output to a file). Please ensure first that the cron daemon is started: sh -x /etc/init.d/cron stop ls -la /var/run/cron* /etc/init.d/cron status sh -x /etc/init.d/cron stop ls -la /var/run/cron* /etc/init.d/cron status Thanks, Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#650060: NMU
Thanks for the NMU, I did not have time this week to make an upload myself. Regards Javier PS: If I have time I might make an upload soon with the same changes, in order to acknowledge the NMU -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#676066: farpd: FTBFS: configure: error: libevent not found
Thanks for taking care of this bug and provide a patch. I will review it and upload as soon as possible. Javier El 16/06/2012 18:24, Sebastian Ramacher sebast...@ramacher.at escribió: tags 676066 + patch thanks On 05/06/12 00:04, Lucas Nussbaum wrote: Relevant part: debian/rules build dh_testdir #... Please find attached a patch to fix this FTBFS. Regards -- Sebastian Ramacher
Bug#650060: snort: diff for NMU version 2.9.2.2-1.1
Yes, I will make an upload hopefully today. Regards Javier El 17/06/2012 19:14, Adam D. Barratt a...@adam-barratt.org.uk escribió: On Sun, 2012-06-03 at 18:18 +0200, gregor herrmann wrote: Now we just have to figure out why it fa... Is there any chance of an upload including the updated patch (or an alternative solution) that lets snort build again soon? This is one of the few remaining packages keeping mysql-5.1 in testing. Regards, Adam
Bug#650060: snort: diff for NMU version 2.9.2.2-1.1
I've prepared an NMU for snort (versioned as 2.9.2.2-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Thank you, I have applied this patch to the GIT repo, I will test it out and, if it works as expected I will upload a new package version myself. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#622011: [Openvas-distro-deb] Bug#622011: openvas-client: FTBFS: nessus.c:485: undefined reference to `SSLv2_client_method'
Thanks for the patch, I will apply it an upload a new version as soon as possible. Regards Javier El 21/08/2011 16:33, Ilya Barygin bary...@gmail.com escribió: tags 622011 patch thanks Hello, Attached is the patch which was used in Ubuntu to fix this problem. https://launchpad.net/ubuntu/+source/openvas-client/2.0.5-1ubuntu1 ___ Openvas-distro-deb mailing list openvas-distro-...@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-distro-deb
Bug#618112: titantools: FTBFS: collect2: ld returned 1 exit status
On 29 March 2011 09:15, Adam D. Barratt a...@adam-barratt.org.uk wrote: On Tue, March 29, 2011 06:29, Lucas Nussbaum wrote: Strange, you are rebuilding titantools 4.0.11-4 (from oldstable) when the latest version is 4.0.11+notdfsg1-2. 4.0.11-4 is still available in lenny and sid. I suspect that you forgot to ask for it to be removed when it was uploaded to non-free. In the case of unstable, this is because: noshell | 4.0.11-4 | sid | alpha, hppa alpha and hppa don't have non-free autobuilders, so the old binaries will need to be removed by ftp-master. Thanks for the info, I will contact ftp-master for the removal. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#608590: snort: Local changes to some configuration files are not preserved on upgrades
Package: snort Version: 2.8.5.2-2 Priority: serious Justification: Policy violation 10.7.3 Tags: stable unstable The Snort package handles a configuration file /etc/snort/snort.debian.conf through debconf but does not preserver changes introduced in this configuration file by the local admin. It expects all the changes to be done through dpkg-reconfigure and fails to act if the admin manually edits the file, overwritting any changes when the package gets upgrade. In addition, the snort-mysql and snort-pgsql manage a section of the /etc/snort/snort.conf file (between DBSTART and DBEND) editing its contents without considering the local changes done by the system's administrators. These two behaviours are a violation of Debian's policy, failing to met the requirement in Section 10.7.3: local changes must be preserved during a package upgrade, and thus the serious severity. I'm working in fixing this bug as well as fixing the handling of the /etc/snort/database.conf configuration file auto-generated in versions 2.8.5.2-5 and later. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607951: Snort-common: error in preinst script generates improper config files
Package: snort-common Version: 2.8.5.2-2 Severity: serious Tag: pending Reviewing today the patch introduced in snort-common's preinst has two bugs that have the following consequences: - the /etc/snort/database.conf file created gets overwritten with the contents of snort.conf and the resulting configuration prevents the snort daemon from starting. - the use of bash's echo when parsing /etc/default/snort.conf generates config files with errors I have generated new packages fixing these bugs and will upload them as soon as I recover my internet connectivity. Regards Javier
Bug#607751: snort: Update gives current Snort configuration is invalid error and it will not start
+++ Initializing rule chains... Warning: /etc/snort/rules/dos.rules(42) = threshold (in rule) is deprecated; use detection_filter instead. ERROR: /etc/snort/rules/community-smtp.rules(13) = !any is not allowed Fatal Error, Quitting.. ---8--- This happens because the SMTP_SERVERS variable is define das 'any'. This variable is configured based, IIRC, on your setting of HOME_NET. So you should review your /etc/snort/snort.conf configuration file is properly defined. IIRC the value of HOME_NET is based on the defintion of DEBIAN_HOME_NET (in /etc/snort/snort.debian.conf) which is, in turn, is defined by the administrator when installing the package (through debconf). If the value is not properly defined this kind of stuff can happen. So I don't fully believe it is a bug in the package, it is associated with the user's configuration. However, the fix of this bug is really simple, just comment out the offending line. Alternatively, the debconf prompt could check that DEBIAN_HOME_NET is not defined to values that might cause problems. There is no code in the configuration scripts to ensure this currently, but could be added. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603428: snort: prompting due to modified conffiles which where not modified by the user
Becas right now, with the current code, changes gets overwritten by debconf on package (re)configuration. Just like it previously happened with a given section of the config file. Regards Javier El 20/12/2010 22:22, Julien Cristau jcris...@debian.org escribió: On Mon, Dec 20, 2010 at 22:20:35 +0100, Javier Fernandez-Sanguino wrote: Which warning? The NEWS ... The config file. Why would you want to discourage editing that directly? Cheers, Julien -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJND8kjAAoJEDEBgAUJBeQMlr4QANWdboAB2S5DBNj/b1eSkigo 0g+N68HaSxhdYNYKnmJc4RwATGFcwHkhSGYuX9VmnbVZHpgdggQHfBqJs1Ck7HB/ UI09oy+qDJ3ucXcYDM3SQ6MAY2polHYD4489hiFcdzPiXT2XImfMD4KFED/Mbks0 aqL0ezNxdum2OaMqJQFN4pYnlCkKrxjyJ4xmswNQathBh6bbGbhiuBO29vADZ17L dk/PTLLF7uiibkQ5zgDxSJoCJPVI+rT48f4+QUbP21lX+LWDMkpi1PR2mfBzk2La BB8U/ai0DVmlsICIa+UTs4ft3cDMUHHve7xDeQUsFXn3TiujIv1RYgJ/QTEQkMQh IQpvWIEgQ7KyRp8sOdaBGvrqUl1JoL18n61FFdVA6YP3mVv+Sdy9QHeC1qjRqp3k QSBiOAsBAkTMqF/lByBaE2T86pvlTFZ0z01Uzi5rnge84sd+VxzUhGpNSIpkJYvq TXedFtKAEVDWzVxbR1K7jZQSuiDvDu1TKvzcHcLm9w3Z3hcqByPyxJ/yduD/gWX3 vMI6BKbfMQtjoiGiuWKYBkEU+6Gr2w6o4x/NswrE93/EauRp7QKQMi8f5cBSe5Ta Ub+ZL1JHikvVjZih9xCfGLzm03KoH6qcp/W3gznEK9m32H0a58/vfADlKAfQU/pY gQkfQG3mu48iG4RaoNjo =YlJe -END PGP SIGNATURE-
Bug#603428: snort: prompting due to modified conffiles which where not modified by the user
Which warning? The NEWS file or the header in the autogenerated config file? I do not see any harm in either. Can you please elaborate? Javier El 20/12/2010 16:48, Julien Cristau jcris...@debian.org escribió: On Mon, Dec 20, 2010 at 15:57:17 +0100, Javier Fernández-Sanguino Peña wrote: On Mon, Dec 20, 201... There shouldn't be any reason to warn users like that? Cheers, Julien -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJND3oIAAoJEDEBgAUJBeQMQrAP/0bzzKK+dkFd8TTaknktB7bY 9iIfi6SUow1Nn44M0lfTeIOIpAM9y6JHCwNDTQhd3IKy1ty0F8mfPdfWKPHSPKEs 7qgI98V6rCPhnkgV4GD9dLDYvHtLlYBH+nVa5ULq0WyIfCbUkgA2Gjx7yiD5wmlc 0zyk5OiwZwzKrkF920T2O6MY9Zk1KvY61LFA07YFhHSx4V8qdyKq78jUJPZKm7Ln 2YQcrIiP1CYY8BHHzGB8rLl9vDKrFka5bG8fOFOdnYxcaDuK0ySNCFUAxO5uZy2r io9meluYVqPH+uKerv9U29RdyhJRiRYQ4UN7stiMRmOs/XRLAMdYSS7sY2deFzrz GeZrhy8MY9xFsMZtCjJMPaNCkKOjG4fXyaJEIhLJm/HEZ7YQxMfmZNk1RaNWiezH JLCMgB497PUs3Xd4nP/gNvsJSqscRISvOu3rsTYRLI/eCLJAaPplo5e7R485b6qY vpQKAbTm7tFoPpU6micWtSFquJhuL1z2iFL2VnaDBtMkOAHDrAEfhqZQvG/M7rwG y9JDHXScIz/tv97KsbXvBZxBLyU+7p053c5kyPlPaJ9a7vxreZWjY9Uxay+S6jqB q3V4gtCNr2pBZ4bxepamvCpZgluhuE8sRy4QXCt/Q2VSgDOELchdJFC1BWN7RR8P D7MFquswMnwuJKhmxWQm =Cllw -END PGP SIGNATURE-
Bug#528434: Review of the cron security patches - improved in 3.0pl1-109
Hi, Recarding his bug in Vixie Cron, Christian Kastner pointed me to an additional place where the call to initgroups was unchecked. I've commited a fix in the latest cron package version (3.0pl1-109). You might want to review this fix too to include it in Ubuntu. The patch is available at http://svn.debian.org/wsvn/pkg-cron/trunk/popen.c?op=diffrev=0sc=0 Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#575784: cron: security hole ? allowes opening user sessions ?
That logging appears because those users have setup cron jobs and an entry is generated every time a job is started. This is fixed in sid (by not using pam's session-interactive) but does not mean you have been hacked through cron. Regards Javier 2010/3/29, Oz Nahum nahu...@gmail.com: Package: cron Version: 3.0pl1-106 Justification: root security hole Severity: critical Tags: security Hi Guys, I am by no means a security expert. I noticed my server was breached and multiple accounts on it have been logging via cron over and over again. From the auth log: Mar 29 10:30:01 sinbra CRON[5643]: pam_unix(cron:session): session opened for user arun by (uid=0) Mar 29 10:30:01 sinbra CRON[5642]: pam_unix(cron:session): session closed for user michael Mar 29 10:30:01 sinbra CRON[5643]: pam_unix(cron:session): session closed for user arun Mar 29 10:31:01 sinbra CRON[5729]: pam_unix(cron:session): session opened for user arun by (uid=0) Mar 29 10:31:01 sinbra CRON[5728]: pam_unix(cron:session): session opened for user michael by (uid=0) Mar 29 10:31:01 sinbra CRON[5728]: pam_unix(cron:session): session closed for user michael Mar 29 10:31:01 sinbra CRON[5729]: pam_unix(cron:session): session closed for user arun Mar 29 10:32:01 sinbra CRON[5822]: pam_unix(cron:session): session opened for user michael by (uid=0) Mar 29 10:32:01 sinbra CRON[5823]: pam_unix(cron:session): session opened for user arun by (uid=0) Mar 29 10:32:01 sinbra CRON[5822]: pam_unix(cron:session): session closed for user michael Mar 29 10:32:01 sinbra CRON[5823]: pam_unix(cron:session): session closed for user arun as soon as I removed cron, these session openings where stopped. I removed cron with the --purge flag, and manually erased everything in the /etc/ directory which realted to cron. I then restarted the computer, However, as soon as I re-installed cron, these session openings via uid=0 started again. There is a high possibility I'm wrong, and this is not related to cron, so feel free to downgrade this bug. Thanks Oz. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (700, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-trunk-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages cron depends on: ii adduser 3.112 add and remove users and groups ii debianutils 3.2.2 Miscellaneous utilities specific t ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii libpam0g 1.1.1-2Pluggable Authentication Modules l ii libselinux1 2.0.89-4 SELinux runtime shared libraries ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip Versions of packages cron recommends: pn exim4 | postfix | mail-transp none (no description available) ii lockfile-progs0.1.13 Programs for locking and unlocking Versions of packages cron suggests: ii anacron 2.3-14 cron-like program that doesn't go ii checksecurity 2.0.13 basic system security checks ii logrotate 3.7.8-4Log rotation utility -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#540679: Update on this bug
Just for reference, this bug appears in other architectures too, from the build logs of the recently-uploaded 1.6-1 version: - Armel: https://buildd.debian.org/fetch.cgi?pkg=xorpver=1.6-1arch=armelstamp=1267677892file=log - hppa: https://buildd.debian.org/fetch.cgi?pkg=xorpver=1.6-1arch=hppastamp=1266567644file=log - ia64: https://buildd.debian.org/fetch.cgi?pkg=xorpver=1.6-1arch=ia64stamp=1267373972file=log - mips: https://buildd.debian.org/fetch.cgi?pkg=xorpver=1.6-1arch=mipsstamp=1267867626file=log - mipsel: https://buildd.debian.org/fetch.cgi?pkg=xorpver=1.6-1arch=mipselstamp=1267582500file=log - sparc: https://buildd.debian.org/fetch.cgi?pkg=xorpver=1.6-1arch=sparcstamp=1266647187file=log Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#566677: [Openvas-distro-deb] Bug#566677: prompts user without following Debian Configuration Management Specification
2010/1/25 Luk Claes l...@debian.org: I was under the idea that prompting during a purge should not rely on debconf being available. Isn't that right? Maybe I'm not up to date. You're right on one thing: purge should not fail when debconf is not available. So if Debconf is not available it could prompt through a non-debconf mechanism but if Debconf is available it should use a debconf-based mechanism. Is that the way forward? I would like to have the same end-result when purging whether debconf is available or not. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#566677: [Openvas-distro-deb] Bug#566677: Bug#566677: prompts user without following Debian Configuration Management Specification
On Montag, 25. Januar 2010, Javier Fernandez-Sanguino wrote: I was under the idea that prompting during a purge should not rely on debconf being available. Isn't that right? Maybe I'm not up to date. debian-policy 3.8.2 finally fixed #206684, there is no exception for purge. Thanks Holder, I was not not aware of this change. I will upload a new version fixing this bug as soon as possible. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#566677: [Openvas-distro-deb] Bug#566677: prompts user without following Debian Configuration Management Specification
during a test with piuparts I noticed your package prompts the user badly. Prompting in maintainer scripts must be done by communicating through a program such as debconf which conforms to the Debian Configuration management specification, version 2 or higher. I was under the idea that prompting during a purge should not rely on debconf being available. Isn't that right? Maybe I'm not up to date. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#552071: snort-mysql: last upgraded version starts snort in foreground, failing upgrade and loading
2009/10/23 alex bodnaru alexb...@012.net.il: Package: snort-mysql Version: 2.8.4.1-4+b1 Severity: grave Justification: renders package unusable hello friends, thanks for providing us snort. a problem with last version i've installed: snort is starting in foreground (even though by start-stop-daemon). Could you please provide a log of the Snort startup? Run (as root) 'sh -x /etc/init.d/snort start 21 /tmp/snort.log' and send me the /tmp/snort.log file generated. Thank you Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#512486: wordtrans-qt: uncompressed man page (although with .gz suffix)
2009/1/22 Evgeni Golov sarge...@die-welt.net: I'll prepare an NMU, making the package binNMU-able, and hoping the new build will have correctly gziped manpages. Go ahead an NMU but please forward first a proposed patch to this bug report. If time permits I might be able to make the upload myself. Regards Javier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#460886: cron: Fails to stop because of incorrect .pid file name
2008/1/15, Frans Pop [EMAIL PROTECTED]: Seems like the error is in this line: PIDFILE=/var/run/cron.pid which should probably be PIDFILE=/var/run/crond.pid Aggh a typo. I hate that. I will fix that ASAP (i.e. today) Which makes me wonder if [ -e /etc/cron.pid ] PIDFILE=/etc/cron.pid should also possibly be [ -e /etc/crond.pid ] PIDFILE=/etc/crond.pid ? This is not actually a typo, is copied verbatim from the code, but forced the typo I introduced in the proper PIDFILE definition above. Regards Javier Cheers, FJP -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-rc7 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages cron depends on: ii adduser 3.105 add and remove users and groups ii debianutils 2.28.2 Miscellaneous utilities specific t ii libc62.7-6 GNU C Library: Shared libraries ii libpam0g 0.99.7.1-5 Pluggable Authentication Modules l ii libselinux1 2.0.15-2+b1 SELinux shared libraries ii lsb-base 3.1-24 Linux Standard Base 3.1 init scrip Versions of packages cron recommends: ii exim4 4.68-2 meta-package to ease Exim MTA (v4) ii exim4-daemon-light [mail-tran 4.68-2 lightweight Exim MTA (v4) daemon -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#445113: Reopen bug
reopen bug 445113 thanks This bug has not been fixed by the upload of snort 2.7.0-8 as there are still build failures in hppa and sparc The root bug (that causes ps2pdf to do a segmentation fault) seems to have been fixed in ia64 and s390, however. I'm reopening this bug again since debian/rules needs to be reviewed and fixed. Regards Javier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#445113: snort: FTBFS on a few archs
When I checked snort for testing migration, I saw that it did not build on a few archs (arm, hppa, ia64, s390 and sparc) and it always has this error message: This seems to be a new bug. Bus error ? Anyway, the FAQ and other documentation should be arch: all packages, I will review why this is not working on the build daemons. Regards Javier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439642: Probably something debian buildd specific
2007/10/1, Cyril Brulebois [EMAIL PROTECTED]: And where's the patch? Put the .so in the appropriate package, do you really expect more? You might have wanted to remove the help tag instead, since you've now got the hint you were looking for, haven't you? Well, a patch is a patch. A comment is *not* a patch. I've already fixed this and uploaded a new version of the package (in INCOMING, since it introduces a new package). Introducing a new package and moving files over to it is a non-trivial task. Regards Javier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439642: Probably something debian buildd specific
2007/10/1, Cyril Brulebois [EMAIL PROTECTED]: I think you mean NEW. Incoming is http://incoming.debian.org, and is described in http://www.debian.org/devel/incoming_mirrors.html. True, got confused, meant NEW. Regards Javier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#295154: etherape: Etherape does not start (breaks)
Package: etherape Version: 0.9.0-8 Severity: grave Justification: renders package unusable It seems etherape will not run at all for me, if I run it as root I get this: # LC_ALL=C etherape (etherape:19457): Gtk-WARNING **: gtkwidget.c:3138: widget `GtkToolButton' has no activatable signal clicked without arguments (etherape:19457): GLib-GObject-WARNING **: IA__g_object_set_property: object class `GtkTable' has no property named `orientation' (etherape:19457): Gtk-CRITICAL **: gtk_menu_shell_insert: assertion `GTK_IS_MENU_SHELL (menu_shell)' failed (etherape:19457): Gtk-CRITICAL **: gtk_menu_shell_insert: assertion `GTK_IS_MENU_SHELL (menu_shell)' failed (etherape:19457): Gtk-CRITICAL **: gtk_menu_shell_insert: assertion `GTK_IS_MENU_SHELL (menu_shell)' failed And then it breaks, if traced with gdb it ends up with: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 19547)] 0x080540b2 in fatal_error_dialog () (gdb) If I actually try to run it as an average user it will work. But, obviously, I can't do anything with it as I cannot setup any interfaces in promiscuous mode. Regards Javier -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.27-1-686 Locale: LANG=spanish, LC_CTYPE=spanish (charmap=ISO-8859-1) Versions of packages etherape depends on: ii libart-2.0-2 2.3.17-1Library of functions for 2D graphi ii libatk1.0-0 1.8.0-4 The ATK accessibility toolkit ii libbonobo2-0 2.8.1-1 Bonobo CORBA interfaces library ii libbonoboui2-0 2.6.1-1 The Bonobo UI library ii libc62.3.2.ds1-20GNU C Library: Shared libraries an ii libgconf2-4 2.8.1-4 GNOME configuration database syste ii libglade2-0 1:2.4.2-1 library to load .glade files at ru ii libglib2.0-0 2.6.2-1 The GLib library of C routines ii libgnome2-0 2.8.0-6 The GNOME 2 library - runtime file ii libgnomecanvas2-02.8.0-1 A powerful object-oriented display ii libgnomeui-0 2.8.0-3 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 2.8.3-11The GNOME virtual file-system libr ii libgtk2.0-0 2.6.2-2 The GTK+ graphical user interface ii libice6 4.3.0.dfsg.1-10 Inter-Client Exchange library ii liborbit21:2.10.5-0.1libraries for ORBit2 - a CORBA ORB ii libpango1.0-01.8.0-3 Layout and rendering of internatio ii libpcap0.7 0.7.2-7 System interface for user-level pa ii libpopt0 1.7-5 lib for parsing cmdline parameters ii libsm6 4.3.0.dfsg.1-10 X Window System Session Management ii libxml2 2.6.16-2GNOME XML library ii xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu ii zlib1g 1:1.2.2-4 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]