Bug#496783: RM: newsgate -- RoQA; insecure, unstable, orphaned, limited archs, free alternatives, low popcon
Package: ftp.debian.org Hi, Please remove newsgate from unstable, as result of the combination of the following factors: * It's riddled with insecure tempfile usage; * As the documentation indicates the software is quite unfinished; * Most recent upstream release 1996; * Package has been up for adoption and subsequently orphaned since January with no registerd interest; * It's only available on i386 and amd64; * There are free alternatives available; * It has low popcon numbers. thanks, Thijs pgpBJGxnX5U76.pgp Description: PGP signature
Bug#429914: OpenFire in Debian : issue with mina ?
Hi, As you may have seen on my comment, I have a problem compiling openfire with debian mina package because of a non-existing getEventQueueSize method, I pasted the error message at the end of this mail. I checked out various branches of mina directly from svn and never found this method, so I rather think openfire use a patched version, but I am waiting for a confirmation. I've checked too Mina 1.0, 1.1 and 2.0 and I can confirm your analysis : no MINA release ever included getEventQueueSize method. From what I see in OpenFire SVN Browser [1], MINAStatCollector class was Moved statistic class from MINA to Wildfire since changes were not included into MINA 1.2. AFAIK, no release of MINA 1.2 was ever made. I've also jardiff-ed [2] mina-core.jar from OpenFire tar.gz and mina-core.jar from debian package : The only diff is this added getEventQueueSize method (in OpenFire one). So, to me, it's clear OpenFire included is home-made Mina JAR. I intented to directly ask mina upstream if they know about this method in the case I didn't receive an answer from openfire upstream, but you may check that now with mina upstream. I'll try to contact them about that but, IMHO, you may exclude this MINAStatCollector from OpenFire build until we get an answer. Cheers, [1] http://www.igniterealtime.org/fisheye/browse/svn-org/openfire/branches/rsm_branch/src/java/org/apache/mina/management/MINAStatCollector.java [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495998 (Soon in debian :) -- Damien Raude-Morvan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495085: [Pkg-samba-maint] Bug#495085: smbfs: *** glibc detected *** free(): invalid pointer: 0x08050c0a ***
Hi Christian Bug you're right, I could download the etchandhalf kernel sources and try again with that kernel... The point is mostly confirming that the bug is also there with the stock Debian kernel. As always with things related to cifs stuff, problems may lie in the userland utilities (so, the samba source package) or in the kernel drivers (so, the kernel source package). Dowloaded the 2.6.24 debian tree, built it with make-kpkg... Problem persists. I also did apt-get install --reinstall smbfs and libc6 to be sure to have the right versions. Problem persists. Any more suggestions? Could it be something in my smb.conf file (we have a ldap/krb5/winbindd enabled environment here) -Benoit- -- SPAM SPAM SPAM SPAM / Hormel's new miracle meat in a can Tastes fine, saves time. / If you want something grand, / Ask for SPAM! - Hormel's 1937 jingle for SPAM Hippopotomonstrosesquippedaliophobia sh: http://en.wikipedia.org/wiki/-phobia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496786: samba-common: net rpc shutdown don't work
Package: samba-common Version: 2:3.2.1-1 Severity: normal The scripts with this command were worked for a years, but now failed and report: Shutdown of remote machine failed result was: WERR_OK I don't know starting from what version this problem arise, but it is result of one of upgrades. At the same time the smb client on the same machine with the same account on the same server is working fine. More over, the net rpc user is working too. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R) Shell: /bin/sh linked to /bin/bash Versions of packages samba-common depends on: ii debconf [debconf-2.0 1.5.23 Debian configuration management sy ii libc62.7-13 GNU C Library: Shared libraries ii libcomerr2 1.41.0-4common error description library ii libkrb53 1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries ii libldap-2.4-22.4.10-3OpenLDAP libraries ii libncurses5 5.6+20080823-1 shared libraries for terminal hand ii libpam-modules 1.0.1-3 Pluggable Authentication Modules f ii libpopt0 1.14-4 lib for parsing cmdline parameters ii libreadline5 5.2-3 GNU readline and history libraries ii libtalloc1 1.2.0~git20080616-1 hierarchical pool based memory all ii libuuid1 1.41.0-4universally unique id library ii libwbclient0 2:3.2.1-1 client library for interfacing wit ii ucf 3.007 Update Configuration File: preserv samba-common recommends no packages. samba-common suggests no packages. -- debconf information: samba-common/encrypt_passwords: true * samba-common/dhcp: false * samba-common/workgroup: INISTDOM samba-common/do_debconf: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496785: Openclipart needs more packages to work correctly
Package: inkscape Version: 0.46-2 Severity: minor The Import From Open Clip Art Library funcion in Inkscape needs the package libgnomevfs2-extra to work (else it fails with the message: Failed to receive the Open Clip Art Library RSS feed). This bug is already documented in Ubuntu's Launchpad: https://bugs.launchpad.net/inkscape/+bug/210336 Can you please add libgnomevfs2-extra to the Suggests or Recommends section of the package? Thank you! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496784: Bitstream Vera Sans is the default font, but it may not be installed
Package: inkscape Version: 0.46-2 Severity: minor Inkscape uses Bitstream Vera Sans as its default font (I don't know if this is taken from another configuration file or is specific to Inkscape). If the package ttf-bitstream-vera is not installed, a lot of error messages like this get generated (even when working with files that have no text objects): ** (inkscape:3766): WARNING **: Family name Bitstream Vera Sans does not have an entry in the font lister. Please Suggest or Recommend package ttf-bitstream-vera in inkscape. Thank you! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496746: pubkey auth non-functional on testing?
Hi, Colin Watson schrieb: Please use -vvv when reporting bugs. The lower the debug level, the larger the responsible region of code tends to be. In this case I need a bit more in order to help. [EMAIL PROTECTED]:~$ slogin -vvv localhost OpenSSH_5.1p1 Debian-2, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/liske/.ssh/identity type -1 debug1: identity file /home/liske/.ssh/id_rsa type -1 debug3: Not a RSA1 key file /home/liske/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-END' debug3: key_read: missing keytype debug1: identity file /home/liske/.ssh/id_dsa type 2 debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-2 debug1: match: OpenSSH_5.1p1 Debian-2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-2 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[EMAIL PROTECTED],hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[EMAIL PROTECTED],hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[EMAIL PROTECTED],zlib debug2: kex_parse_kexinit: none,[EMAIL PROTECTED],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[EMAIL PROTECTED],hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[EMAIL PROTECTED],hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[EMAIL PROTECTED] debug2: kex_parse_kexinit: none,[EMAIL PROTECTED] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 127/256 debug2: bits set: 530/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/liske/.ssh/known_hosts debug3: check_host_in_hostfile: match line 48 debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/liske/.ssh/known_hosts:48 debug2: bits set: 508/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1:
Bug#302750: [Help] Re: feh: alpha blending (e.g., thumbnail under pointer hilite) not working
Hi Maciej, you reported the problem described above a long time ago and got not response. I took over the feh package now and just would like to say sorry for leaving your problem ignored in the first place. I verified that this problem exists on recent testing with the current feh version. I'm a little bit suspicious about the fact that you wrote the problem would not occure when using the old 4.3.0.dfsg.1-1 version of xserver-xfree86. I admit I'm not very educated in X server programming and thus I would like to ask for help here on Debian devel list whether this is really a problem of feh or rather the underlying libraries. Any ideas? Kind regards and thanks for reporting problems in Debian anyway Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496427: confirmed to be present
tags 496427 confirmed thanks Indeed present, a simple grep yields a number of different results already, see below. As the code contains many instances of different things written to /tmp, it may make sense to resolve that by creating one private working dir securely, and then prefixing that path to all uses of /tmp. Thijs ./lmbench-3.0-a7/src/bench.h:97:#define UNIX_CONTROL/tmp/lmbench.ctl ./lmbench-3.0-a7/src/bench.h:98:#define UNIX_DATA /tmp/lmbench.data ./lmbench-3.0-a7/src/bench.h:99:#define UNIX_LAT/tmp/lmbench.lat ./lmbench-3.0-a7/src/rhttp.c:81: sprintf(name, /tmp/rhttp%d, i); ./lmbench-3.0-a7/src/rhttp.c:96:system(cat /tmp/rhttp*; rm /tmp/rhttp*); ./lmbench-3.0-a7/src/rhttp.c:106: sprintf(buf, /tmp/http%d, i); ./lmbench-3.0-a7/src/lat_fcntl.c:105: sprintf(state-filename1, /tmp/lmbench-fcntl%d.1, getpid()); ./lmbench-3.0-a7/src/lat_fcntl.c:106: sprintf(state-filename2, /tmp/lmbench-fcntl%d.2, getpid()); ./lmbench-3.0-a7/src/lat_unix_connect.c:18:#define CONNAME /tmp/af_unix ./lmbench-3.0-a7/src/lat_fifo.c:15:#define F1 /tmp/lmbench_f1.%d ./lmbench-3.0-a7/src/lat_fifo.c:16:#define F2 /tmp/lmbench_f2.%d ./lmbench-3.0-a7/src/lat_proc.c:20:#define PROG /tmp/hello-s ./lmbench-3.0-a7/src/lat_proc.c:23:#define PROG /tmp/hello ./lmbench-3.0-a7/src/lmhttp.c:23:#define LOGFILE /usr/tmp/lmhttp.log ./lmbench-3.0-a7/scripts/SHIT:594: system co -q -p -kkvl $rev $_[$i] /tmp/sdiff.$$ . ./lmbench-3.0-a7/scripts/SHIT:595: $diff /tmp/sdiff.$$ $working[$i]; ./lmbench-3.0-a7/scripts/SHIT:597: unlink(/tmp/sdiff. $$);./lmbench-3.0-a7/scripts/rccs:603: system co -q -p -kkvl $rev $_[$i] /tmp/sdiff.$$ . ./lmbench-3.0-a7/scripts/rccs:604: $diff /tmp/sdiff.$$ $working[$i]; ./lmbench-3.0-a7/scripts/rccs:606: unlink(/tmp/sdiff. $$); pgpDCeJ0CxsSz.pgp Description: PGP signature
Bug#496787: RFA: gnade -- GNat Ada Database Environment
Package: wnpp Severity: wishlist GNADE is a complete database development environment for Ada programmers. It consists of: a. A Thin binding to the ODBC API. With this API, you can write programs that query any ODBC-compliant database server. b. Thin bindings to some specific database servers which provide functionality above and beyond ODBC. In this release, these include MySQL, PostgreSQL and SQLite. c. An Embedded-SQL preprocessor, gesql. You can write Ada programs that contain embedded SQL statements, as per the ISO SQL 92 standard. The preprocessor translates the embedded SQL statements to ODBC calls. I hereby request for someone to adopt the package. It is in good shape with no known bugs. Future maintenance effort should be low. Upstream has a version 2.0 in the works. I can sponsor the package for you if you're not a Debian developer. The packaging scripts are in a public monotone repository which you are welcome to use if you so wish: http://www.ada-france.org/article131.html http://www.ada-france.org:8081/branch/changes/org.debian.gnade -- Ludovic Brenta. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496371: [Pkg-lustre-maintainers] Bug#496371: The possibility of attack with the help of symlinks in some Debian packages
Hello Dmitry, Thanks for your test, but atm I've some problems to fix this issue for lustre- tests In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Btw: lustre-tests is a package which contains only binaries for debugging lustre, and is therefore only needed on very very few systems. But nevertheless this should be fixed. I guess the part which is critical is this one: ---snip-- while date; do LOOP=`expr $LOOP + 1` echo Test #$LOOP iozone $VERIFY $ODIR -r $REC -i 0 -i 1 -f $FILE -s $SIZE 21 || exit $? [ -f endiozone -o $LOOP -ge $COUNT ] rm -f endiozone exit 0 done | tee /tmp/iozone.log snap This small script creates a log of the iozone run in /tmp without checking if this file exists there. Do you have any hints how to fix this issue? Greetings Winnie signature.asc Description: This is a digitally signed message part.
Bug#496277: Confirmation that downgrading libxml2 is valid workaround
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I was hit by this bug as well, and can confirm that downgrading libxml2 works: libxml2 2.6.32.dfsg-2+lenny1 - 2.6.32.dfsg-1 - Jonas - -- * Jonas Smedegaard - idealist og Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAki1ShEACgkQn7DbMsAkQLhFVwCfdxykelbXkoyTlfpcltczWVxS pwkAn0yMRWXcwASgo/jEZ6FcNX2r+iKR =4Ppx -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#470279: lmbench: writes to /usr
tags 470279 moreinfo thanks Hi, during the configuration of the benchmark, config-run writes to /usr. This is a violation of the FHS, and means that lmbench cannot be ran when /usr is mounted read-only, such as running from a live CD. That would be a serious bug if that would be the case, but I can't find the code that does that. Only if /usr/tmp exists and is already writable, will it write there, as I understand it. Do you have an example of the problem? cheers, Thijs pgpl2iUZKAWAV.pgp Description: PGP signature
Bug#496433: this is indeed present
tags 496433 confirmed thanks Hi, Indeed, several times the file /tmp/audiolink.db.tmp gets used in code/audiolink. This is probably easily fixable through using the Perl::Temp module and its mktemp() funtion to create a secure file once, (re)use that on the several needed occasions and remove it after. cheers, Thijs pgpvRA3CeGTnO.pgp Description: PGP signature
Bug#496368: intent to NMU
Hi,
I'm going to upload an NMU for this one.
Patch attached and archived on:
http://people.debian.org/~nion/nmu-diff/sgml2x-1.0.0-11.1_1.0.0-11.2.patch
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u sgml2x-1.0.0/debian/changelog sgml2x-1.0.0/debian/changelog
--- sgml2x-1.0.0/debian/changelog
+++ sgml2x-1.0.0/debian/changelog
@@ -1,3 +1,11 @@
+sgml2x (1.0.0-11.2) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix possible symlink attacks in rlatex by using mktemp to create
+temporary files in a secure way (Closes: #496368)
+
+ -- Nico Golde [EMAIL PROTECTED] Wed, 27 Aug 2008 14:14:43 +0200
+
sgml2x (1.0.0-11.1) unstable; urgency=low
* Non-maintainer upload.
only in patch2:
unchanged:
--- sgml2x-1.0.0.orig/bin/rlatex
+++ sgml2x-1.0.0/bin/rlatex
@@ -5,27 +5,25 @@
LATEXPRG=${LATEXPRG:-latex}
while true; do
-pid=$$
-export pid
-rm -f /tmp/rlok$pid
-(
- if ${LATEXPRG} $*
+RLSOTMP=$(mktemp /tmp/RLSO.)
+RLOKTMP=xxx
+
+ if ${LATEXPRG} $* | tee $RLSOTMP
then
- touch /tmp/rlok$pid
+ RLOKTMP=$(mktemp /tmp/rlok.)
fi
-) | tee /tmp/rlso$pid
-if [ ! -f /tmp/rlok$pid ]
-then
- rm -f /tmp/rlso$pid
+ if [ $RLOKTMP = xxx ]
+ then
echo 2 $(basename $0): Exiting in error
exit 1
-fi
+ fi
-if ! grep -E '^(LaTeX Warning: (Label\(s\) may|There were undefined references)|Package longtable Warning: Table widths have changed)' /tmp/rlso$pid /dev/null
+if ! grep -E '^(LaTeX Warning: (Label\(s\) may|There were undefined references)|Package longtable Warning: Table widths have changed)' $RLSOTMP /dev/null
then
- rm -f /tmp/rlso$pid
+ rm -f $RLSOTMP
exit 0
fi
echo Re-running LaTeX
+ rm -f $RLSOTMP $RLOKTMP
done
pgpwi3d5cTfyG.pgp
Description: PGP signature
Bug#481134: Please hint poppler-data for lenny inclusion
On Sun, 24 Aug 2008 08:32:21 +0200 Christian Perrier [EMAIL PROTECTED] wrote: Also don't forget about suggesting to add it to the CJK languages -desktop tasks in tasksel, if it is that important. I think that non-free packages can be added there... That's very very helpful for our users! If not, users must edit their apt lines by hand, and know this poppler-data package is needed to view PDF files, it's painful thing for average users (Yes, I can do that easily, and you can also do that, but your mother, father, little brother or sister probably can't do that). Our priorities are our users and free software - yeah, you know that, users are important for us :) (not only free software) So I and other Japanese Debian developer/maintainer/package maintainer/ users want poppler-data package to there, the CJK languages-desktop tasks in tasksel. Please consider that. -- Regards, Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp http://wiki.debian.org/HidekiYamane -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496419: issue is present, code runs as root
tags 496419 confirmed
thanks
Hi,
A simple grep revealed a lot of tempfile issues here, see below. As far as I
understand it, the code runs as root. This makes the issue quite serious.
Please make sure this is fixed before lenny is released.
As several different temp files are used insecurely, it may be better to
create a separate, private working directory for the program where it may
store all those files at will.
cheers,
Thijs
./config-scripts/xen-3.2/configure-xend.sh:cat EOF /tmp/open_ssl.res
./config-scripts/xen-3.2/configure-xend.sh:$OPENSSL req -new -key
$KEY -out $CSR /tmp/open_ssl.res
./config-scripts/xen-3.2/configure-xend.sh:rm /tmp/open_ssl.res
./config-scripts/xen-3.1/configure-xend.sh:cat EOF /tmp/open_ssl.res
./config-scripts/xen-3.1/configure-xend.sh:$OPENSSL req -new -key
$KEY -out $CSR /tmp/open_ssl.res
./config-scripts/xen-3.1/configure-xend.sh:rm /tmp/open_ssl.res
./src/utils.py:updates_file = /tmp/updates.xml
./src/utils.py:
dir=/tmp)
./src/utils.py:TEST_CONFIGFILE = '/tmp/convirt.conf'
./src/XenNode.py:dom_config.save(/tmp/test_config)
./src/XenNode.py:newcfg.set_filename(/tmp/Txx)
./src/XenNode.py:f = managed_node.node_proxy.open(/tmp/Txx)
./src/XenNode.py:print ### read config from /etc/xen/auto and write them
to /tmp
./src/XenNode.py:d.save(/tmp/ + f)
./src/NodeProxy.py:node.put(/tmp/send, /tmp/send_r)
./src/NodeProxy.py:node.get(/tmp/send_r, /tmp/received)
./src/NodeProxy.py:fd = node.open('/tmp/test_writable','w')
./src/NodeProxy.py:
print 'exists?: ',node.file_exists('/tmp/test_writable')
./src/NodeProxy.py:print 'isWritable?: ',
node.file_is_writable('/tmp/test_writable')
./src/NodeProxy.py:node.remove('/tmp/test_writable')
./src/NodeProxy.py:print 'exists?: ',
node.file_exists('/tmp/test_writable')
./src/NodeProxy.py:node.mkdir(/tmp/node_test)
./src/NodeProxy.py:w = node.open(/tmp/node_test/test, w)
./src/NodeProxy.py:r = node.open(/tmp/node_test/test)
./src/NodeProxy.py:node.remove(/tmp/node_test/test)
./src/NodeProxy.py:node.rmdir(/tmp/node_test)
./src/NodeProxy.py:output,code = node.exec_cmd('find /tmp')
./src/NodeProxy.py:output,code = node.exec_cmd('junk /tmp')
./src/GridManager.py:
dir=/tmp)
./src/KVMProxy.py:cmdline = cmdline + -monitor unix:/tmp/ +
config.get(name) + \
./src/KVMProxy.py:config[monitor] = unix:/tmp/xyz
pgpQfkgkbRggy.pgp
Description: PGP signature
Bug#481134: Please hint poppler-data for lenny inclusion
On Sun, 24 Aug 2008 19:45:13 +0200 Luk Claes [EMAIL PROTECTED] wrote: unblocked Great thanks Luk! But, verrry sooorry, I've updated this poppler-data package before read this mail... changelog is below, 1 bug fix and trivial changes. poppler-data (0.2.0-2) unstable; urgency=low * debian/control - add DM-Upload-Allowed: yes, because I'm DM :) - fix poppler-data should suggest libpoppler3 (Closes: #496268) - change Priority: optional from extra, same as cmap-adobe-* - add some descriptions for cmap-adobe-* users so, please unblock this again, please... I am terribly sorry about the inconvenience. -- Regards, Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp http://wiki.debian.org/HidekiYamane -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496788: RFP: cciss_vol_status -- CCISS RAID Drive and Volume Status Utility
Package: wnpp Severity: wishlist * Package name: cciss_vol_status Version : 1.0.3 Upstream Author : Stephen M. Cameron [EMAIL PROTECTED] * URL : http://cciss.sourceforge.net/ * License : GPL Programming Lang: C Description : CCISS RAID Drive and Volume Status Utility cciss_vol_status is a RAID monitor for Compaq/HP SmartArray Controllers (kernel driver name: cciss). It can check for problems on physical or logical drives, and is probably the only tool, which has the full knowledge of reporting drives behind cciss controllers (as it is written by HP), and does not rely on parsing the controller event log. Man page: http://cciss.sourceforge.net/cciss_vol_status.8.html Current 1.0.3 download URL: https://sourceforge.net/project/showfiles.php?group_id=33072package_id=223791 -Christian -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.24.6-percival Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496582: gnome-app-install: Application hangs while searching for a package
reassign 496582 librsvg2-2 2.22.2-2 severity 496582 important Am Mittwoch, den 27.08.2008, 00:13 +0200 schrieb Jose Pablo Ferrero: The problem occurs when showing some icons (i.e. elisa.svg). Trying to open elisa.svg (/usr/share/app-install/icons/) with gpaint or gimp cause a segmentation fault, but with epiphany, iceweasel or svgdisplay there isn't any problem. I'm not sure where the problem could be, but because this is not a gnome-install-app bug, please close it. This seems to be a bug in librsvg. Many applications crash with this file, including eog and rsvg-view. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Bug#496790: astyle: Error in manpage
Package: astyle Version: 1.22-1 Severity: minor Tags: patch The manage says: -V, --convert-tabs Convert tabs to spaces. But astyle --help (and actual behaviour) is: --version OR -V Print version number. It took me a while to understand why astyle was not doing something when I included -V in the command line. The correct line for the man page is: -v, --convert-tabs -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/2 CPU cores) Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages astyle depends on: ii libc6 2.7-13 GNU C Library: Shared libraries ii libgcc1 1:4.3.1-2 GCC support library ii libstdc++64.3.1-2The GNU Standard C++ Library v3 astyle recommends no packages. astyle suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496789: passwd(1) still describes the old behaviour of --lock
Package: passwd Version: 1:4.1.1-4 Severity: normal Hi, The passwd man page currently says: -l, --lock Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the password). Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod --expiredate 1 (this set the account´s expire date to Jan 2, 1970). Since the 'Note' now seems to be the default behaviour (which I do like :), it should probably either be reworded to reflect that, or dropped entirely. I'd guess the former will probably cause the least confusion while people readjust their expectation of what -l does. Thanks! Ron -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496791: geany: Copy text with middle mouse button doesn't work
Package: geany Version: 0.14-1 Severity: normal If I select text with the left mouse button, and then middle click somewhere else, the selected text is not copied. This works in all other programs I have. To clarify, I'm talking about copying text within geany, from and to the same text document. I'm running geany within the XFCE4 environment. Best regards, Torquil Sørensen -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (650, 'unstable'), (600, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages geany depends on: ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit ii libc6 2.7-13 GNU C Library: Shared libraries ii libcairo2 1.6.4-6The Cairo 2D vector graphics libra ii libgcc1 1:4.3.1-9 GCC support library ii libglib2.0-0 2.16.5-1 The GLib library of C routines ii libgtk2.0-0 2.12.11-3 The GTK+ graphical user interface ii libpango1.0-0 1.20.5-1 Layout and rendering of internatio ii libstdc++64.3.1-9The GNU Standard C++ Library v3 geany recommends no packages. Versions of packages geany suggests: pn doc-base none (no description available) ii libvte9 1:0.16.14-3 Terminal emulator widget for GTK+ -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496371: [Pkg-lustre-maintainers] Bug#496371: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Patrick Winnertz said: I guess the part which is critical is this one: tmpfile=$(mktemp /tmp/iozone.XX) ---snip-- while date; do LOOP=`expr $LOOP + 1` echo Test #$LOOP iozone $VERIFY $ODIR -r $REC -i 0 -i 1 -f $FILE -s $SIZE 21 || exit $? [ -f endiozone -o $LOOP -ge $COUNT ] rm -f endiozone exit 0 snap done | tee $tmpfile -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496371: [Pkg-lustre-maintainers] Bug#496371: The possibility of attack with the help of symlinks in some Debian packages
SG tmpfile=$(mktemp /tmp/iozone.XX) use 'mktemp -t iozone.XX' instead 'mktemp /tmp/iozone.XX' -- ... mpd paused: Manowar - Gloves of Metal . ''`. Dmitry E. Oboukhov : :’ : [EMAIL PROTECTED] `. `~’ GPGKey: 1024D / F8E26537 2006-11-21 `- 1B23 D4F8 8EC0 D902 0555 E438 AB8C 00CF F8E2 6537 signature.asc Description: Digital signature
Bug#496792: libsdl-perl: segfaults at perl exit
Package: libsdl-perl Version: 1.20.3dfsg-3+b1 Severity: minor Hi! [EMAIL PROTECTED] ~]% perl -MSDL -e1 zsh: segmentation fault perl -MSDL -e1 The segfault occurs after all perl code is executed. I can run for example frozen-bubble, perl segfaults after pressing escape and exiting from the game. Backtrace: [EMAIL PROTECTED] ~]% gdb --args perl -MSDL::App -e1 [...] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7d416b0 (LWP 13448)] 0xb6baa174 in ?? () from /lib/libselinux.so.1 (gdb) bt #0 0xb6baa174 in ?? () from /lib/libselinux.so.1 #1 0x005f in ?? () #2 0xb6b98000 in ?? () #3 0x000181c4 in ?? () #4 0xb6bafff4 in ?? () from /lib/libselinux.so.1 #5 0xb6bafff4 in ?? () from /lib/libselinux.so.1 #6 0xb6bb0ae4 in ?? () from /lib/libselinux.so.1 #7 0xbfe46428 in ?? () #8 0xb6ba369e in ?? () from /lib/libselinux.so.1 #9 0x in ?? () Maybe not very helpful without debugging symbols... ii libselinux12.0.65-2 SELinux shared libraries I don't think this bug affects usability of anything, but anyway indicates some problem. Cheers, Jarek. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.25.11 (PREEMPT) Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2) (ignored: LC_ALL set to pl_PL) Shell: /bin/sh linked to /bin/bash Versions of packages libsdl-perl depends on: ii libc6 2.7-13 GNU C Library: Shared libraries ii libgcc1 1:4.3.1-2 GCC support library ii libgl1-mesa-glx [ 7.0.3-5A free implementation of the OpenG ii libglu1-mesa [lib 7.0.3-5The OpenGL utility library (GLU) ii libjpeg62 6b-14 The Independent JPEG Group's JPEG ii libpng12-01.2.27-1 PNG library - runtime ii libsdl-console1.3-5 console that can be added to any S ii libsdl-gfx1.2-4 2.0.13-4 drawing and graphical effects exte ii libsdl-image1.2 1.2.6-3image loading library for Simple D ii libsdl-mixer1.2 1.2.8-4mixer library for Simple DirectMed ii libsdl-net1.2 1.2.7-2network library for Simple DirectM ii libsdl-ttf2.0-0 2.0.9-1ttf library for Simple DirectMedia ii libsdl1.2debian 1.2.13-2 Simple DirectMedia Layer ii libsmpeg0 0.4.5+cvs20030824-2+b1 SDL MPEG Player Library - shared l ii libstdc++64.3.1-2The GNU Standard C++ Library v3 ii perl 5.10.0-13 Larry Wall's Practical Extraction ii perl-base [perlap 5.10.0-13 minimal Perl system libsdl-perl recommends no packages. Versions of packages libsdl-perl suggests: ii ttf-freefont 20080323-3 Freefont Serif, Sans and Mono True -- no debconf information -- Linux jest darmowy, jeśli twój czas nie przedstawia żadnej wartości. Jeśli jest coś warty(czas), Linux jest po prostu tańszy od innych. Jarek Kamiński gg# 453620 signature.asc Description: Digital signature
Bug#496743: openbox: action GrowToEdge* grows too much when windows are sid by side
Hi Nicolas, * Nicolas Évrard [EMAIL PROTECTED] [2008-08-27 13:52]: This might not be a bug but it feels like it. When two windows are side by side the actions GrowToEdge* makes the selected window grow to the edge of the other window (the window on the left with a GrowToEast will go to the east side of the other window). That's pretty much what the action is for. Thus it overlaps the window making this action kind of useless. What do you mean by this? Do the windows overlap each other or not? Cause if they do the action resizes this window to the edge of the window before resizing to the workspace corner. This is also on purpose to resize a window to the size of another for example. So far I see no bug here. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgp1wp9YiHCRa.pgp Description: PGP signature
Bug#483337: intent to NMU
Hi,
a patch to fix this is attached and archived on:
http://people.debian.org/~nion/nmu-diff/mt-daapd-0.9~r1696-1.3_0.9~r1696-1.4.patch
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u mt-daapd-0.9~r1696/debian/changelog mt-daapd-0.9~r1696/debian/changelog
--- mt-daapd-0.9~r1696/debian/changelog
+++ mt-daapd-0.9~r1696/debian/changelog
@@ -1,3 +1,11 @@
+mt-daapd (0.9~r1696-1.4) unstable; urgency=low
+
+ * Fix authentication upstream patch checking for a wrong return value
+(03_fix-authentication.dpatch; Closes: #496217).
+ * Fix taglib api calls (04_taglib_api_calls.dpatch; Closes: #483337)
+
+ -- Nico Golde [EMAIL PROTECTED] Wed, 27 Aug 2008 14:53:45 +0200
+
mt-daapd (0.9~r1696-1.3) unstable; urgency=high
* Non-maintainer upload by the Security Team.
diff -u mt-daapd-0.9~r1696/debian/patches/00list mt-daapd-0.9~r1696/debian/patches/00list
--- mt-daapd-0.9~r1696/debian/patches/00list
+++ mt-daapd-0.9~r1696/debian/patches/00list
@@ -2,0 +3,2 @@
+03_fix-authentication
+04_taglib_api_calls
only in patch2:
unchanged:
--- mt-daapd-0.9~r1696.orig/debian/patches/04_taglib_api_calls.dpatch
+++ mt-daapd-0.9~r1696/debian/patches/04_taglib_api_calls.dpatch
@@ -0,0 +1,47 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04_taglib_api_calls.dpatch by Nico Golde [EMAIL PROTECTED]
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad mt-daapd-0.9~r1696~/src/scan-mpc.c mt-daapd-0.9~r1696/src/scan-mpc.c
+--- mt-daapd-0.9~r1696~/src/scan-mpc.c 2007-08-10 06:07:26.0 +0200
mt-daapd-0.9~r1696/src/scan-mpc.c 2008-08-27 14:53:27.0 +0200
+@@ -70,31 +70,31 @@
+ len = strlen(val);
+ if ((pmp3-title = calloc(len + 1, 1)) != NULL)
+ strncpy(pmp3-title, val, len);
+-taglib_tag_free_strings(val);
++taglib_tag_free_strings();
+ }
+ if ((val = taglib_tag_artist(tag)) != NULL) {
+ len = strlen(val);
+ if ((pmp3-artist = calloc(len + 1, 1)) != NULL)
+ strncpy(pmp3-artist, val, len);
+-taglib_tag_free_strings(val);
++taglib_tag_free_strings();
+ }
+ if ((val = taglib_tag_album(tag)) != NULL) {
+ len = strlen(val);
+ if ((pmp3-album = calloc(len + 1, 1)) != NULL)
+ strncpy(pmp3-album, val, len);
+-taglib_tag_free_strings(val);
++taglib_tag_free_strings();
+ }
+ if ((val = taglib_tag_comment(tag)) != NULL) {
+ len = strlen(val);
+ if ((pmp3-comment = calloc(len + 1, 1)) != NULL)
+ strncpy(pmp3-comment, val, len);
+-taglib_tag_free_strings(val);
++taglib_tag_free_strings();
+ }
+ if ((val = taglib_tag_genre(tag)) != NULL) {
+ len = strlen(val);
+ if ((pmp3-genre = calloc(len + 1, 1)) != NULL)
+ strncpy(pmp3-genre, val, len);
+-taglib_tag_free_strings(val);
++taglib_tag_free_strings();
+ }
+
+ if ((i = taglib_tag_year(tag)) != 0)
only in patch2:
unchanged:
--- mt-daapd-0.9~r1696.orig/debian/patches/03_fix-authentication.dpatch
+++ mt-daapd-0.9~r1696/debian/patches/03_fix-authentication.dpatch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 03_fix-authentication.dpatch by Nico Golde [EMAIL PROTECTED]
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad mt-daapd-0.9~r1696~/src/webserver.c mt-daapd-0.9~r1696/src/webserver.c
+--- mt-daapd-0.9~r1696~/src/webserver.c 2007-10-22 05:40:29.0 +0200
mt-daapd-0.9~r1696/src/webserver.c 2008-08-27 14:49:35.0 +0200
+@@ -1131,7 +1131,7 @@
+ if((auth_handler) (auth_handler(pwsc,NULL,NULL)==0)) {
+ /* do the auth thing */
+ auth=ws_getarg(pwsc-request_headers,Authorization);
+-if((auth) (ws_decodepassword(auth,username, password))) {
++if((auth) (0 == ws_decodepassword(auth,username, password))) {
+ if(auth_handler(pwsc,username,password))
+ can_dispatch=1;
+ ws_addarg(pwsc-request_vars,HTTP_USER,%s,username);
pgpBJGtvdiZfi.pgp
Description: PGP signature
Bug#496772: newsbeuter: depends on a nonexistent package
Hi Riccardo, * Riccardo Stagni [EMAIL PROTECTED] [2008-08-27 13:53]: [...] (I filed a similar bugreport against libmrss0. If you think it's a fault in libnxml, please reassign/merge as appropriate) I reassigned this one back to newsbeuter as it is only newsbeuters fault calling libnxml-depends and libmrss-depends in the rules file. A fix is on its way. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpuvxzE5rrG9.pgp Description: PGP signature
Bug#496349: libfcgi-perl: download link in copyright file is broken
On Mon, 25 Aug 2008 09:42:19 +0200, Toni Mueller wrote: I don't think the severity is warranted; debian/copyrights lists the place where the upstream sources were fetched at the time of packaging. After all web sites are in flux all the time, that's why we distribute them through our mirror network. I chose the severity because it's a violation of a 'must' clause in the policy (and that's what reportbug advised to set). Of course, I'm very much aware about the fact that web sites change all the time, but I also do find it very important to properly track upstream sources. I agree that this is technically a policy violation, OTOH it's not really difficult to find the module on CPAN: http://search.cpan.org/dist/FCGI/ Other than that, I'm inclined to do an NMU to close the bug - the change is trivial and doesn't affect functionality in the slightest, after all. Therefore, letting the change through should only be a formality. Sure, but having an upload just for this line doesn't really help, and bringing the package up2date might be unwanted during the freeze. Since Luk has changed the severity I'd appreciate an input from the release team's side. But apart from that, I am confused about the state of this package, wrt. who is currently responsible, The package is in the meantime in the pkg-perl repository; cf. http://lists.debian.org/debian-perl/2008/06/msg00039.html svn+ssh://svn.debian.org/svn/pkg-perl/trunk/libfcgi-perl Cheers, gregor -- .''`. http://info.comodo.priv.at/ | gpg key ID: 0x00F3CFE4 : :' : debian gnu/linux user, admin developer - http://www.debian.org/ `. `' member of https://www.vibe.at/ | how to reply: http://got.to/quote/ `-NP: Sting: Consider Me Gone signature.asc Description: Digital signature
Bug#496743: openbox: action GrowToEdge* grows too much when windows are sid by side
* Nico Golde [2008-08-27 15:29 +0200]: Hi Nicolas, * Nicolas Évrard [EMAIL PROTECTED] [2008-08-27 13:52]: This might not be a bug but it feels like it. When two windows are side by side the actions GrowToEdge* makes the selected window grow to the edge of the other window (the window on the left with a GrowToEast will go to the east side of the other window). That's pretty much what the action is for. I though that it was an action designed to maximize the window in one way *without* overlapping other window. Thus it overlaps the window making this action kind of useless. What do you mean by this? Do the windows overlap each other or not? Before the GrowToEdge no, but after they do. Cause if they do the action resizes this window to the edge of the window before resizing to the workspace corner. This is also on purpose to resize a window to the size of another for example. That's why I was not sure this was a bug. In that case I should ask for the creation of an action to maximize a window in one direction without overlaping another. -- (° Nicolas Évrard / ) Liège - Belgique ^^ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496762: newsbeuter: please provide a next-unread for only unread within the same feed
severity 496762 wishlist tags 496762 upstream thanks Hi Gerfried, * Gerfried Fuchs [EMAIL PROTECTED] [2008-08-27 13:52]: Package: newsbeuter Version: 0.9.1-1 Severity: minor I downgraded the severity to wishlist as this is rather a feature request than a bug. Currently n goes to next unread message, no matter in which feed it lives, there is no indication about that it's going to change feed. It would be nice to have that indication somehow, e.g. maybe having to press n twice with a message in between, or to have a different function like e.g. next-unfread-same-feed or such that wouldn't automatically jump to a different feed. What you could do is setting goto-next-feed to no, this will stop newsbeuter from directly going to the next feed if all articles in a feed are read and set a different keybinding to the next-unread-feed command. Will that work for you? Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpAzkVTyyXZE.pgp Description: PGP signature
Bug#496771: Deb AMD64 eats huge amounts of memory (and babies?) because of badly built libs
On Wed, Aug 27, 2008 at 12:50:45PM +0200, Gustaf R??ntil?? wrote: Package: general Version: AMD64 This is basically a debian AMD64-version of the bug report for ubuntu AMD64 bug 24691 [1]. The problem is (seems to be) that a lot of libraries are built with alignment above 2**3. Most of these cases are actually 2**20 in ubuntu AMD64 and 2**21 in debian AMD64. In other words, 1 and 2 MB correspondingly! I often see loose and vague arguments such as if 99MB of that is shared, the calculator is really only 'using' 1MB of ram -- and that's fine [2]. It's not fine. And it's certainly incorrect. Just because a library is shared doesn't mean it's fine that it consumes megabytes(!) of memory in vain. Especially libraries that are shared between 1 process. Now, I can't figure out why such huge amounts of memory is hogged on my computer. But I need to restart X about once a week. If I don't, my 4 GB of RAM is quickly filled and my 4 GB swap starts to work (hurray, 15 second delay when changing virtual desktop). It's been like this since I bought this machine (soon 2 years ago), and I frequently update my X driver (-radeon, -radeonhd, fglrx, etc), so I doubt they are to blame for stealing my memory, even though it could've been a good guess. memstat reports lots and lots of libraries which consumes slightly more than 2 mb each: $ memstat | grep '\.so' | grep -v PID gives me 551 lines, and by just grasping the result, easily 90% of them are slightly more than 2 mb (2**21 + small stuff). If these libraries could be built with 2**3 (8 byte) alignment, instead of 2**21 (2 megabytes), I assume, just like the discussion in [1], that at least some memory wouldn't be wasted in vain. So how many libraries (on my system) are built with 2**21 alignment? /lib: $ for file in `\ls *.so.*` ; do if objdump -x $file | grep -q -e '2\*\*21' ; then echo $file ; fi ; done | wc 99 /usr/lib: $ for file in `\ls *.so.*` ; do if objdump -x $file | grep -q -e '2\*\*21' ; then echo $file ; fi ; done | wc 2777 /usr/lib/*: $ for file in `\ls */*.so.*` ; do if objdump -x $file | grep -q -e '2\*\*21' ; then echo $file ; fi ; done | wc 396 99 + 2777 + 396 = 3272. Quite a lot of libraries. Loading them all would require roughly 7 GB. Remember: loading. Not using. And these are just on my system, it's not even close to all libraries in debian. Just looking at how much memory pidgin-specific plugins consumes is frightening: memstat | grep -E '(purple|pidgin)+.*\.so.*' Returns 88 libraries, ALL consuming slightly more than 2 mb. How many of them are shared with any other program than pidgin? I'd say none. But that's just a guess. So this means at least 200 mb memory usage for pidgin alone? Could this really be the case?! $ ps aux | grep pidgin gustaf 30432 0.2 1.7 631196 68532 ?SAug26 2:36 pidgin Oh yeah, 631192 kB virtual and 68532 kB resident. I say this again, some people argues; but most of that 616 MB is shared so it doesn't matter. It matters, because Linux prefers to swap it, to give place for IO buffers, and when things are being swapped, holy moses, Ctrl+Alt+Backspace is thy saviour. Pidgin consuming 616 MB virtual memory is just.. Well.. Messed up. To put it lightly. It could be reasonable to see the rest of the memory hoggers on my system, to make it clear that this really is a big problem. Please note that pidgin is only on 8th place! This is 'top' sorted by 'M' (memory usage): 31095 gustaf20 0 1314m 700m 35m R 30 17.8 252:06.36 firefox-bin 32197 gustaf20 0 1006m 439m 39m S 12 11.2 167:03.50 epiphany-browse 30134 root 20 0 625m 256m 14m S8 6.5 99:41.51 Xorg 2680 gustaf20 0 479m 103m 25m S0 2.6 4:07.31 banshee-1 30305 gustaf20 0 438m 82m 17m S0 2.1 0:31.87 /usr/lib/ontv/o 1621 gustaf20 0 304m 76m 14m S0 1.9 0:42.91 gnome-terminal 6070 clamav20 0 92524 76m 380 S0 1.9 0:00.00 clamd 30432 gustaf20 0 616m 66m 28m S1 1.7 2:37.08 pidgin Firefox and epiphany are complete pigs when it comes to memory use. On amd64 machines not running those things look absolutely fine. Firefox causes plenty of swapping on i386 as well. $ free -m total used free sharedbuffers cached Mem: 3934 3891 43 0331 1186 -/+ buffers/cache: 2373 1561 Swap: 3859 5 3853 Real memory usage of my very recently booted machine (I haven't started even a small subset of the apps I usually run): 2373 MB! Firefox probably consumes over 50% of the ram of all the applications you are likely to run. Memory is allocated in 4KB pages (since that is what the hardware supports unless you think 2MB pages are a good idea, or 1GB pages). What memory address the pages are mapped to is completely irrelevant. Hence alignment should not affect
Bug#495917: openssh-client: unable to connect to Netscreen Devices with version 1:5.1p1-2
Hello, A colleague tells me: | There appears to be a bug in XOS switches that mean that if you try and | ssh to them from a machine running openssh 4.7 or higher (this is the | default on lenny) then you will fail to connect with a message channel | 0: open failed: resource shortage: Channel open failed. | | This is down to an increase in the window size available in the ssh | client. I've made a patched version of the openssh 5.1 binary which | reduces the window size back to the pre openssh 4.7 size (4k rather | than 64k). | | The work around is to change the advertised window size back to 4 from | 64k in channels.h | | 151c151 | #define CHAN_SES_WINDOW_DEFAULT (64*CHAN_SES_PACKET_DEFAULT) | --- | #define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT) | 153c153 | #define CHAN_TCP_WINDOW_DEFAULT (64*CHAN_TCP_PACKET_DEFAULT) | --- | #define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT) I've asked him to report the bug to Extreme too. Dave -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#482140: (pas de sujet)
I experienced the same problem with my notebook. Using Etch Stable (installed from the CD), then upgrading to Lenny (to get my Intel GMA965 chipset working well with 3D). I've got a 32 bits Intel architecture (CPU = pentium M) I solved the problem by : - editing my /etc/apt/sources.list to switch back to etch - apt-get remove docbook-xml (complains many times about update-xmlcatalog: error: entity not registered ) - apt-get update - apt-get install docbook-xml - editing /etc/apt/sources.list to update to lenny - apt-get update - apt-get dist-upgrade That did it ;-) Hope that helps. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#481134: Please hint poppler-data for lenny inclusion
Hideki Yamane a écrit : So I and other Japanese Debian developer/maintainer/package maintainer/ users want poppler-data package to there, the CJK languages-desktop tasks in tasksel. Please consider that. The easiest way to have this to happen is by sending a wishlist bug report against tasksel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495085: [Pkg-samba-maint] Bug#495085: smbfs: *** glibc detected *** free(): invalid pointer: 0x08050c0a ***
Benoit Panizzon a écrit : Dowloaded the 2.6.24 debian tree, built it with make-kpkg... Problem persists. I also did apt-get install --reinstall smbfs and libc6 to be sure to have the right versions. Problem persists. Any more suggestions? My suggestion was not really meant to solve the issue but more being able to say that the problem also happens with the kernel that's delivered in Debian. Incidentally, my suggestion was to apt-get install linux-image-2.6.24- *binary* package, not recompiling the kernel on your machine. It's indeed a fairly long time since I personnally use just the genuine Debian kernels without recompiling my own one...:-) Anyway, don't see that as a potential solution. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#481134: Please hint poppler-data for lenny inclusion
在 2008-08-27三的 15:58 +0200,Christian Perrier写道: Hideki Yamane a écrit : So I and other Japanese Debian developer/maintainer/package maintainer/ users want poppler-data package to there, the CJK languages-desktop tasks in tasksel. Please consider that. The easiest way to have this to happen is by sending a wishlist bug report against tasksel. Though I'm not a maintainer of tasksel stuff, I think it's valid to suggest the same to be done for Chinese(both simplified and traditional) and Korean tasks as well, so that we save some bug number count :) -- Regards, Deng Xiyue, a.k.a. manphiz signature.asc Description: 这是信件的数字签 名部分
Bug#496395: The possibility of attack with the help of symlinks in some Debian packages
tags 496395 confirmed patch
thanks
Dmitry E. Oboukhov wrote:
Package: apertium
Severity: grave
Hi, maintainer!
This message about the error concerns a few packages at once. I've
tested all the packages (for Lenny) on my Debian mirror. All scripts
of packages (marked as executable) were tested.
Two patches fixing these issues are attached.
Cheers,
Moritz
--- apertium-3.0.7+1.orig/apertium/Makefile.in 2008-03-31 06:22:55.0 +0200
+++ apertium-3.0.7+1/apertium/Makefile.in 2008-08-23 19:37:13.0 +0200
@@ -1148,25 +1148,29 @@
@echo Creating apertium-gen-deformat script
@echo #!$(BASH) $@
@cat deformat-header.sh $@
+ @echo TMP_DEFORMAT=\`mktemp\` $@
+ @echo TMP_LEX=\`mktemp\` $@
@echo $(XMLLINT) --dtdvalid $(apertiumdir)/format.dtd --noout \$$FILE1 \\ $@
@if [ `basename $(XSLTPROC)` == xsltproc ]; \
- then echo $(XSLTPROC) --stringparam mode \$$MODE $(apertiumdir)/deformat.xsl \$$FILE1 /tmp/\$$\$$.deformat.l \\; \
- else echo $(XSLTPROC) $(apertiumdir)/deformat.xsl \$$FILE1 $$mode=\$$MODE\ /tmp/\$$\$$.deformat.l \\; \
+ then echo $(XSLTPROC) --stringparam mode \$$MODE $(apertiumdir)/deformat.xsl \$$FILE1 \$$TMP_DEFORMAT \\; \
+ else echo $(XSLTPROC) $(apertiumdir)/deformat.xsl \$$FILE1 $$mode=\$$MODE\ \$$TMP_DEFORMAT \\; \
fi $@
- @echo $(FLEX) \$$FLEXOPTS -o/tmp/\$$\$$.lex.cc /tmp/\$$\$$.deformat.l \\ $@
- @echo $(CXX) $(CXXFLAGS) -w $(APERTIUM_CFLAGS) -I $(apertiuminclude) -o \$$FILE2 /tmp/\$$\$$.lex.cc \\ $@
- @echo rm /tmp/\$$\$$.deformat.l /tmp/\$$\$$.lex.cc $@
+ @echo $(FLEX) \$$FLEXOPTS -o \$$TMP_LEX \$$TMP_DEFORMAT \\ $@
+ @echo $(CXX) $(CXXFLAGS) -w $(APERTIUM_CFLAGS) -I $(apertiuminclude) -o \$$FILE2 \$$TMP_LEX \\ $@
+ @echo rm \$$TMP_DEFORMAT \$$TMP_LEX $@
@chmod a+x $@
apertium-gen-reformat: Makefile.am gen-header.sh
@echo Creating apertium-gen-reformat script
@echo #!$(BASH) $@
@cat gen-header.sh $@
+ @echo TMP_REFORMAT=\`mktemp\` $@
+ @echo TMP_LEX=\`mktemp\` $@
@echo $(XMLLINT) --dtdvalid $(apertiumdir)/format.dtd --noout \$$FILE1 \\ $@
- @echo $(XSLTPROC) $(apertiumdir)/reformat.xsl \$$FILE1 /tmp/\$$\$$.reformat.l \\ $@
- @echo $(FLEX) \$$FLEXOPTS -o/tmp/\$$\$$.lex.cc /tmp/\$$\$$.reformat.l \\ $@
- @echo $(CXX) $(CXXFLAGS) -w $(APERTIUM_CFLAGS) -I $(apertiuminclude) -o \$$FILE2 /tmp/\$$\$$.lex.cc \\ $@
- @echo rm /tmp/\$$\$$.reformat.l /tmp/\$$\$$.lex.cc $@
+ @echo $(XSLTPROC) $(apertiumdir)/reformat.xsl \$$FILE1 \$$TMP_REFORMAT \\ $@
+ @echo $(FLEX) \$$FLEXOPTS -o \$$TMP_LEX \$$TMP_REFORMAT \\ $@
+ @echo $(CXX) $(CXXFLAGS) -w $(APERTIUM_CFLAGS) -I $(apertiuminclude) -o \$$FILE2 \$$TMP_LEX \\ $@
+ @echo rm \$$TMP_REFORMAT \$$TMP_LEX $@
@chmod a+x $@
apertium-gen-modes: Makefile.am modes-header.sh
--- apertium-3.0.7+1.orig/apertium/apertium-header.sh 2008-02-05 07:49:07.0 +0100
+++ apertium-3.0.7+1/apertium/apertium-header.sh 2008-08-23 21:41:12.0 +0200
@@ -38,17 +38,17 @@
function translate_odt
{
- INPUT_TMPDIR=/tmp/$$odtdir
+ INPUT_TMPDIR=`mktemp`
locale_utf8
test_zip
if [[ $FICHERO == ]]
- then FICHERO=/tmp/$$odtorig
+ then FICHERO=`mktemp`
cat $FICHERO
BORRAFICHERO=true
fi
- OTRASALIDA=/tmp/$$odtsalida.zip
+ OTRASALIDA=/tmp/$RANDOM-$RANDOM-$RANDOM-odtsalida.zip
unzip -q -o -d $INPUT_TMPDIR $FICHERO
find $INPUT_TMPDIR | grep content\\\.xml |\
@@ -78,17 +78,17 @@
function translate_docx
{
- INPUT_TMPDIR=/tmp/$$docxdir
+ INPUT_TMPDIR=`mktemp`
locale_utf8
test_zip
if [[ $FICHERO == ]]
- then FICHERO=/tmp/$$docxorig
+ then FICHERO=`mktemp`
cat $FICHERO
BORRAFICHERO=true
fi
- OTRASALIDA=/tmp/$$docxsalida.zip
+ OTRASALIDA=/tmp/$RANDOM-$RANDOM-$RANDOM-docxsalida.zip
if [[ $UWORDS == no ]]
then OPCIONU=-u;
@@ -98,8 +98,9 @@
unzip -q -o -d $INPUT_TMPDIR $FICHERO
for i in $(find $INPUT_TMPDIR|grep xlsx$);
- do $APERTIUM_PATH/apertium -f xlsx -d $DIRECTORY $OPCIONU $PREFIJO $i /tmp/$$xlsxembed;
- mv /tmp/$$xlsxembed $i;
+ TMP_XLSXEMBED=`mktemp`
+ do $APERTIUM_PATH/apertium -f xlsx -d $DIRECTORY $OPCIONU $PREFIJO $i $TMP_XLSXEMBED;
+ mv $TMP_XLSXEMBED $i;
done;
find $INPUT_TMPDIR | grep xml |\
@@ -130,17 +131,17 @@
function translate_xlsx
{
- INPUT_TMPDIR=/tmp/$$xlsxdir
+ INPUT_TMPDIR=`mktemp`
locale_utf8
test_zip
if [[ $FICHERO == ]]
- then FICHERO=/tmp/$$xlsxorig
+ then FICHERO=`mktemp`
cat $FICHERO
BORRAFICHERO=true
fi
- OTRASALIDA=/tmp/$$xslxsalida.zip
+ OTRASALIDA=/tmp/$RANDOM-$RANDOM-$RANDOM-xslxsalida.zip
unzip -q -o -d $INPUT_TMPDIR $FICHERO
find $INPUT_TMPDIR | grep sharedStrings.xml |\
Bug#496794: utime callback is deprecated
Package: unionfs-fuse
Version: 0.21-2
Severity: wishlist
Tags: patch
The utime callback only allows for second resolution and is
deprecated. The utimens callback allows for microsecond resolution.
MfG
Goswin
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (400, 'unstable-i386')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25-kvm-nofb (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
diff -u unionfs-fuse-0.21/debian/changelog unionfs-fuse-0.21/debian/changelog
--- unionfs-fuse-0.21/debian/changelog
+++ unionfs-fuse-0.21/debian/changelog
@@ -1,3 +1,9 @@
+unionfs-fuse (0.21-2a0.mrvn.1) unstable; urgency=low
+
+ * utime() is deprecated, use utimens() instead.
+
+ -- Goswin von Brederlow [EMAIL PROTECTED] Wed, 27 Aug 2008 15:59:52 +0200
+
unionfs-fuse (0.21-2) unstable; urgency=high
* fix a critical bug: creating new files in directories existing only
only in patch2:
unchanged:
--- unionfs-fuse-0.21.orig/src/unionfs.c
+++ unionfs-fuse-0.21/src/unionfs.c
@@ -684,7 +684,7 @@
return 0;
}
-static int unionfs_utime(const char *path, struct utimbuf *buf) {
+static int unionfs_utimens(const char *path, struct timeval *tv) {
DBG_IN();
if (uopt.stats_enabled strcmp(path, STATS_FILENAME) == 0) return 0;
@@ -700,7 +700,7 @@
char p[PATHLEN_MAX];
snprintf(p, PATHLEN_MAX, %s%s, uopt.branches[i].path, path);
- int res = utime(p, buf);
+ int res = utimes(p, tv);
to_root();
@@ -843,7 +843,7 @@
.symlink = unionfs_symlink,
.truncate = unionfs_truncate,
.unlink = unionfs_unlink,
- .utime = unionfs_utime,
+ .utimens = unionfs_utimens,
.write = unionfs_write,
#ifdef HAVE_SETXATTR
.getxattr = unionfs_getxattr,
Bug#496743: openbox: action GrowToEdge* grows too much when windows are sid by side
Hi Nicolas, * Nicolas Évrard [EMAIL PROTECTED] [2008-08-27 16:11]: * Nico Golde [2008-08-27 15:29 +0200]: * Nicolas Évrard [EMAIL PROTECTED] [2008-08-27 13:52]: This might not be a bug but it feels like it. When two windows are side by side the actions GrowToEdge* makes the selected window grow to the edge of the other window (the window on the left with a GrowToEast will go to the east side of the other window). That's pretty much what the action is for. I though that it was an action designed to maximize the window in one way *without* overlapping other window. I don't get what you mean. Maximizing windows always overlaps other windows on every window manager I have seen so far. Can you please be a bit more precise on what do you expect? Thus it overlaps the window making this action kind of useless. What do you mean by this? Do the windows overlap each other or not? Before the GrowToEdge no, but after they do. Only if you execute the action multiple times. If just executed one time the edge of the one window will grow to the nearest etch of the other window. Cause if they do the action resizes this window to the edge of the window before resizing to the workspace corner. This is also on purpose to resize a window to the size of another for example. That's why I was not sure this was a bug. In that case I should ask for the creation of an action to maximize a window in one direction without overlaping another. See above :) Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgp2Mh7muR5PO.pgp Description: PGP signature
Bug#417142: NMU for websvn
Hi Pierre,
This RC bug has now been open for two weeks. I'm uploading an NMU to the
delayed-5 queue according to the attached patch. I hope this helps to keep
websvn in good shape in lenny.
cheers,
Thijs
diff -u websvn-2.0/debian/changelog websvn-2.0/debian/changelog
--- websvn-2.0/debian/changelog
+++ websvn-2.0/debian/changelog
@@ -1,3 +1,10 @@
+websvn (2.0-2.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Fix unconditional use of debconf in postrm (Closes: #417142).
+
+ -- Thijs Kinkhorst [EMAIL PROTECTED] Wed, 27 Aug 2008 15:56:07 +0200
+
websvn (2.0-2) unstable; urgency=low
* Upload to unstable
diff -u websvn-2.0/debian/postrm websvn-2.0/debian/postrm
--- websvn-2.0/debian/postrm
+++ websvn-2.0/debian/postrm
@@ -1,10 +1,12 @@
#! /bin/sh
-# post remove script for wzdftpd
+# post remove script for websvn
set -e
-. /usr/share/debconf/confmodule
-db_version 2.0 || [ $? -lt 30 ]
+if [ -f /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
+ db_version 2.0 || [ $? -lt 30 ]
+fi
case $1 in
purge)
@@ -14,22 +16,24 @@
ucf -p /etc/websvn/svn_deb_conf.inc || true
rm -rf /var/cache/websvn/
- db_get websvn/webservers
- webservers=$RET
- restart=
-
- for webserver in $webservers; do
- webserver=${webserver%,}
-
- case $webserver in
-apache|apache-perl|apache-ssl|apache2)
-rm -f /etc/$webserver/conf.d/websvn
-test -x /usr/sbin/$webserver || continue
-restart=$restart $webserver
- ;;
- esac
- done
+ if [ -f /usr/share/debconf/confmodule ]; then
+ db_get websvn/webservers
+ webservers=$RET
+ restart=
+
+ for webserver in $webservers; do
+webserver=${webserver%,}
+
+case $webserver in
+ apache|apache-perl|apache-ssl|apache2)
+ rm -f /etc/$webserver/conf.d/websvn
+ test -x /usr/sbin/$webserver || continue
+ restart=$restart $webserver
+;;
+esac
+ done
+ fi
;;
esac
@@ -47,7 +51,9 @@
#DEBHELPER#
-db_stop
+if [ -f /usr/share/debconf/confmodule ]; then
+ db_stop
+fi
exit 0
pgpM2QTJ4CHSA.pgp
Description: PGP signature
Bug#496402: The possibility of attack with the help of symlinks in some Debian packages
severity 496402 normal thanks On Sun, Aug 24, 2008 at 10:05:29PM +0400, Dmitry E. Oboukhov wrote: Package: aegis Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. The affected scripts are only examples, lowering severity. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496793: GNUcash: fails to run Libgcrypt version mismatch
Hi Athanasius, Athanasius wrote: Package: gnucash Version: 2.2.6-1 Recently GNUcash on my Debian/lenny (testing) system stopped running. If I run it from an xterm I see: gnc.bin-Message: main: binreloc relocation support was disabled at configure time. 3:2008/08/27 14-25-50:gwen(15810):cryptkey.c: 37: Libgcrypt version mismatch Could not initialize Gwenhywfar, aborting [...] This is strange. Can you please tell us the version of libgcrypt11 you have currently installed? (Run dpkg -l libgcrypt11 for this information). Regards Micha -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496795: php5: Segfaults on infinite recursion
Package: php5
Version: 5.2.6-2
Severity: normal
While fiddling around with one project, I accidentally made an infinite
recursion, and PHP went away with a segmentation fault.
A few minutes later, I could reduce the problem to the following snippet:
?php
function foo () { foo (); }
foo ();
?
This makes php segfault somewhere in the zend engine. The backtrace here
is rather long, and shares a strong resemblance to the backtrace posted
in #405067.
It should be very easy to reproduce anyway.
Even though infinite recursions are bad, and should be avoided, I
believe that php should handle it a wee-bit better. Perl for example
just eats up all resources it can, until killed, which would be the
expected behaviour, I think.
--
Gergely Nagy [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496371: [Pkg-lustre-maintainers] Bug#496371: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Patrick Winnertz said: Thanks Stephen, tmpfile=$(mktemp /tmp/iozone.XX) I know that this way it is possible. But as the user should find the log afterwards I would prefer to use /tmp/iozone.log or something else, nothing random. But as I wrote in my previous email I don't have a idea how to fix this without using mktemp. You can echo what file to look at. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496796: [paraview] Saving an animation to .avi fails
Package: paraview Version: 3.2.3-2 Severity: normal --- Please enter the report below this line. --- When I create several .vtk files, paraview allows them to load at once and then one can click the play button and it shows the animation. This works fine. However, when doing save animation and then to avi, paraview shows a console with this error: Codec not found. ERROR: In /scratch/debian/build-area/paraview-3.2.3/VTK/IO/vtkFFMPEGWriter.cxx, line 451 vtkFFMPEGWriter (0x97460f0): Error initializing video stream. How can I make paraview to save the animation at least in some codec in Debian sid? Ondrej --- System information. --- Architecture: i386 Kernel: Linux 2.6.26-1-686 Debian Release: lenny/sid 500 unstableftp.cz.debian.org --- Package information. --- Depends (Version) | Installed ===-+-== libavcodec51 (= 0.svn20080206-8) | 0.svn20080206-12 OR libavcodec-unstripped-51 (= 0.svn20080206-8) | libavformat52 (= 0.svn20080206-8) | 0.svn20080206-12 OR libavformat-unstripped-52 (= 0.svn20080206-8) | libavutil49 (= 0.svn20080206-8) | 0.svn20080206-12 OR libavutil-unstripped-49(= 0.svn20080206-8) | libc6(= 2.7-1) | 2.7-13 libgcc1(= 1:4.1.1) | 1:4.3.1-9 libgl1-mesa-glx | 7.0.3-5 OR libgl1 | libglu1-mesa| 7.0.3-5 OR libglu1 | libice6(= 1:1.0.0) | 2:1.0.4-1 libopenmpi1 | 1.2.7~rc2-1 libqt4-assistant (= 4.4.0) | 4.4.0-4 libqt4-network (= 4.4.0) | 4.4.0-4 libqt4-xml (= 4.4.0) | 4.4.0-4 libqtcore4 (= 4.4.0) | 4.4.0-4 libqtgui4(= 4.4.0) | 4.4.0-4 libreadline5 (= 5.2) | 5.2-3 libsm6 | 2:1.0.3-2 libstdc++6 (= 4.2.1) | 4.3.1-9 libx11-6| 2:1.1.4-2 libxext6| 2:1.0.4-1 libxt6 | 1:1.0.5-3 python2.5 (= 2.5) | 2.5.2-11 xlibmesa-gl | OR libgl1 | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496619: seconded
seconded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496798: ImageJ: Run script does not allow to change maximum size of JVM heap
Package: imagej
Version: 1.40a-1
Severity: normal
Tags: patch
The run script provided with the ImageJ package (/usr/bin/imagej) does
not allow to change the maximum size of the JVM heap the program will
use on 32 bit architectures via the -x option as documented in the man
page.
When using the -x switch, the following output is given on the console:
| [EMAIL PROTECTED]:~$ imagej -x 1500
| /usr/bin/imagej: line 263: ((: 1500 16 || 1500 : syntax error: operand
expected (error token is )
| Open other images in this ImageJ panel as follows:
| imagej -p 1 image1 [image2 ... imageN]
|
| [EMAIL PROTECTED]:~$
This error is due to a copy+paste error in the run script sample
provided by upstream and is fixed with this patch:
--- imagej.orig 2008-07-11 11:24:15.0 +0200
+++ imagej 2008-07-11 11:24:17.0 +0200
@@ -102,7 +102,7 @@
else
arch='-d32'
java_path=${ij_path}/jre/bin/java
- free_mem=`free | awk 'NR == 2 {fmem=int($2 / 1024); if (fmem 1800)
{print fmem} else {print 1800}}'`
+ max_mem=`free | awk 'NR == 2 {fmem=int($2 / 1024); if (fmem 1800)
{print fmem} else {print 1800}}'`
free_mem=`free | awk 'NR == 3 {fmem=int($4 / 1024); if (fmem
1800) {print fmem} else {print 1800}}'`
mem=${free_mem}/3*2
if (( $mem $default_mem || $mem $min_mem )) ; then
mem=$default_mem ; fi
As a minor sidenote, the indentation in this script is severly broken
and should be fixed.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.25-2-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages imagej depends on:
ii java-gcj-compat [java2-runtim 1.0.78-2 Java runtime environment using GIJ
ii sun-java6-jre [java2-runtime] 6-07-4 Sun Java(TM) Runtime Environment (
imagej recommends no packages.
Versions of packages imagej suggests:
ii sun-java6-jdk [java2-compiler 6-07-4 Sun Java(TM) Development Kit (JDK)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496797: dhcp3-relay init gets damaged by xen-utils-common package
Package: dhcp3-relay Version: 3.0.4-13 Severity: minor Hello, if you install the dhcp3-relay package version 3.0.4-13 along with the xen-utils-common package version 3.0.3-0-2 you will probably have: ~# ls -l /etc/rc*.d/*dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc0.d/K20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc1.d/K20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc2.d/S20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc3.d/S20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc4.d/S20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc5.d/S20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc6.d/K20dhcp3-relay - ../init.d/dhcp3-relay ~# ls -l /etc/rc*.d/*xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc0.d/K21xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc1.d/K21xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc2.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc3.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc4.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc5.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc6.d/K21xend - ../init.d/xend ~# This leads to the situation where /etc/rc2.d/S21dhcp3-relay is started while /etc/rc2.d/S20xend reconfigures your ethernet interfaces afterwards. For this reason dhcrelay3 can't get an IP-address to fill in the Relay agent IP address field of the BOOTP-protocol. Now, the remote DHCP-server has no clue that it's talking with a relay and we won't ever receive an answer by the server. Starting /etc/init.d/dhcp3-relay after /etc/init.d/xend helps: ### update-rc.d -f dhcp3-relay remove update-rc.d dhcp3-relay start 21 2 3 4 5 . stop 20 0 1 6 . /etc/init.d/dhcp3-relay restart ### Now we have: ~# ls -l /etc/rc*.d/*dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc0.d/K20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc1.d/K20dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc2.d/S21dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc3.d/S21dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc4.d/S21dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc5.d/S21dhcp3-relay - ../init.d/dhcp3-relay lrwxrwxrwx 1 root root 21 Aug 27 14:28 /etc/rc6.d/K20dhcp3-relay - ../init.d/dhcp3-relay ~# ls -l /etc/rc*.d/*xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc0.d/K21xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc1.d/K21xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc2.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc3.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc4.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc5.d/S20xend - ../init.d/xend lrwxrwxrwx 1 root root 14 Aug 18 15:17 /etc/rc6.d/K21xend - ../init.d/xend ~# That's ok! Regards, Fabian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496799: imp4: cyrus.php file missing
Package: imp4 Version: 4.2-1 Severity: grave Justification: renders package unusable The file /usr/share/horde3/imp/lib/Quota/cyrus.php has been removed from horde3 (checked hord3 CVS website, stating courier.php and cyrus.php have been merged somehow). However some imp functions still use cyrus.php. Symlinking cyrus.php to imap.php within the same directory solves the situation. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages imp4 depends on: ii horde3 3.2.1+debian0-2 horde web application framework ii php-mail-mime1.5.2-0.1 PHP PEAR module for creating MIME ii php5-imap5.2.6-3 IMAP module for php5 imp4 recommends no packages. Versions of packages imp4 suggests: ii aspell 0.60.6-1 GNU Aspell spell-checker pn imapproxy none (no description available) ii ingo1 1.2-1email filter component for Horde F ii ispell 3.1.20.0-4.4 International Ispell (an interacti ii kronolith2 2.2-1calendar component for Horde Frame ii turba2 2.2.1-1 contact management component for h -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#494422: It IS a bug somewhere that installing 2 bootloader packages breaks booting
On Wed, Aug 27, 2008 at 10:16:40AM +0200, Jonas Smedegaard wrote: 2) bootloader packages conflict with each other (bad - leaves a moment with *no* bootloader if switching) Not that bad IMHO. Not having a bootloader package is _not_ the same as not having a bootloader. GRUB (both Legacy and 2) propagates its files to /boot/grub which is not handled by the package system. I think LILO operates similarly. Ah, and both GRUBs already conflict with each other. 3) bootloader packages coordinate to flag which of them is in use, and other packages must respect this flagging I'd have to see the details, but I'm not very fond of the extra burden this could mean to bootloader maintainers. -- Robert Millan The DRM opt-in fallacy: Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495154: Processed: RM: tmsnc/testing -- ROM; project discontinued upstream
Hi Miriam, Debian Bug Tracking System wrote: Bug#495154: tmsnc: Package should not go into stable Changed Bug title to `RM: tmsnc/testing -- ROM; project discontinued upstream' from `tmsnc: Package should not go into stable'. based on the bug report, it looks like the release team would prefer removing it (as dead upstream) from unstable as well - testing removals would have been handled by the release team, yet you indicate in the bug that you only want removal from testing. Could you clarify this for me, please? Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495968: [gpicview] security RC bugs
Hi, [2] [ 2019485 ] gpicview ask_before_save is ignored with LIBJPEG [3] [ 2019492 ] gpicview ask_before_save is ignored if auto_save_rotated those are no security bugs, there is no way for another user to exploit this. Those are just normal application bugs. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpUMMlY331LK.pgp Description: PGP signature
Bug#491655: how about fixing this in a Debian revision / NMU
Hi, Luk Claes wrote: Yes, I think it's worth fixing. as not much seems to have happened in for a week (particularly not on Friday), I'll be aiming at a NMU on Saturday. That should also give the maintainers some breathing-room to consider what else they're planning to do. Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496800: dependency problem between mono and mono-common and mono-jit
Package: mono Version: 1.2.5.1-1+lenny1 Severity: normal Mono is dependent on mono-common (= 1.2.5.1-1+lenny1) and mono-jit (= 1.2.5.1-1+lenny1), but those packages are not available. Installing mono (and mono-dev also) will fail and installing mono-common or mono-jit will remove mono. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages mono depends on: ii mono-common 1.9.1+dfsg-3 common files for Mono ii mono-jit1.9.1+dfsg-3 fast CLI JIT/AOT compiler for Mono Versions of packages mono recommends: ii libgdiplus 1.9-1interface library for Mono class S ii libmono-corlib1.0-cil 1.9.1+dfsg-3 Mono core library (1.0) mono suggests no packages. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496793: GNUcash: fails to run Libgcrypt version mismatch
On Wed, Aug 27, 2008 at 04:19:49PM +0200, Micha Lenk wrote: Athanasius wrote: Package: gnucash Version: 2.2.6-1 Recently GNUcash on my Debian/lenny (testing) system stopped running. If I run it from an xterm I see: gnc.bin-Message: main: binreloc relocation support was disabled at configure time. 3:2008/08/27 14-25-50:gwen(15810):cryptkey.c: 37: Libgcrypt version mismatch Could not initialize Gwenhywfar, aborting [...] This is strange. Can you please tell us the version of libgcrypt11 you have currently installed? (Run dpkg -l libgcrypt11 for this information). ii libgcrypt111.4.1-1LGPL Crypto library - runtime library (and checking dpkg -l libgcrypt\* that is the only version installed). -- - Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/ Finger athan(at)fysh.org for PGP key And it's me who is my enemy. Me who beats me up. Me who makes the monsters. Me who strips my confidence. Paula Cole - ME -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495917: openssh-client: unable to connect to Netscreen Devices with version 1:5.1p1-2
On Wed, Aug 27, 2008 at 02:51:08PM +0100, Dave Holland wrote:
A colleague tells me:
| There appears to be a bug in XOS switches that mean that if you try and
| ssh to them from a machine running openssh 4.7 or higher (this is the
| default on lenny) then you will fail to connect with a message channel
| 0: open failed: resource shortage: Channel open failed.
|
| This is down to an increase in the window size available in the ssh
| client. I've made a patched version of the openssh 5.1 binary which
| reduces the window size back to the pre openssh 4.7 size (4k rather
| than 64k).
|
| The work around is to change the advertised window size back to 4 from
| 64k in channels.h
|
| 151c151
| #define CHAN_SES_WINDOW_DEFAULT (64*CHAN_SES_PACKET_DEFAULT)
| ---
| #define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT)
| 153c153
| #define CHAN_TCP_WINDOW_DEFAULT (64*CHAN_TCP_PACKET_DEFAULT)
| ---
| #define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT)
I've asked him to report the bug to Extreme too.
Does the rather ugly patch attached to this mail help?
--
Colin Watson [EMAIL PROTECTED]
Index: channels.h
===
RCS file: /home/cjwatson/cvs/openssh/openssh/channels.h,v
retrieving revision 1.1.1.10
diff -p -u -r1.1.1.10 channels.h
--- channels.h 22 Jul 2008 14:59:34 - 1.1.1.10
+++ channels.h 27 Aug 2008 14:58:46 -
@@ -148,9 +148,9 @@ struct Channel {
/* default window/packet sizes for tcp/x11-fwd-channel */
#define CHAN_SES_PACKET_DEFAULT (32*1024)
-#define CHAN_SES_WINDOW_DEFAULT (64*CHAN_SES_PACKET_DEFAULT)
+#define CHAN_SES_WINDOW_DEFAULT ((datafellows SSH_BUG_WINDOWSIZE) ? (4*CHAN_SES_PACKET_DEFAULT) : (64*CHAN_SES_PACKET_DEFAULT))
#define CHAN_TCP_PACKET_DEFAULT (32*1024)
-#define CHAN_TCP_WINDOW_DEFAULT (64*CHAN_TCP_PACKET_DEFAULT)
+#define CHAN_TCP_WINDOW_DEFAULT ((datafellows SSH_BUG_WINDOWSIZE) ? (4*CHAN_TCP_PACKET_DEFAULT) : (64*CHAN_TCP_PACKET_DEFAULT))
#define CHAN_X11_PACKET_DEFAULT (16*1024)
#define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT)
Index: compat.c
===
RCS file: /home/cjwatson/cvs/openssh/openssh/compat.c,v
retrieving revision 1.1.1.7
diff -p -u -r1.1.1.7 compat.c
--- compat.c 12 Jun 2007 11:03:10 - 1.1.1.7
+++ compat.c 27 Aug 2008 14:58:46 -
@@ -160,6 +160,7 @@ compat_datafellows(const char *version)
SSH_BUG_SCANNER },
{ Probe-*,
SSH_BUG_PROBE },
+ { NetScreen, SSH_BUG_WINDOWSIZE },
{ NULL, 0 }
};
Index: compat.h
===
RCS file: /home/cjwatson/cvs/openssh/openssh/compat.h,v
retrieving revision 1.1.1.8
diff -p -u -r1.1.1.8 compat.h
--- compat.h 12 Jun 2007 11:03:10 - 1.1.1.8
+++ compat.h 27 Aug 2008 14:58:46 -
@@ -57,6 +57,7 @@
#define SSH_BUG_FIRSTKEX 0x0080
#define SSH_OLD_FORWARD_ADDR 0x0100
#define SSH_BUG_RFWD_ADDR 0x0200
+#define SSH_BUG_WINDOWSIZE 0x0400
void enable_compat13(void);
void enable_compat20(void);
Index: mux.c
===
RCS file: /home/cjwatson/cvs/openssh/openssh/mux.c,v
retrieving revision 1.2
diff -p -u -r1.2 mux.c
--- mux.c 22 Jul 2008 19:45:18 - 1.2
+++ mux.c 27 Aug 2008 14:58:46 -
@@ -71,6 +71,7 @@
#include misc.h
#include match.h
#include buffer.h
+#include compat.h
#include channels.h
#include msg.h
#include packet.h
Bug#491655: [Pkg-audacious-maintainers] Bug#491655: how about fixing this in a Debian revision / NMU
On Wed, 2008-08-27 at 16:52 +0200, Thomas Viehmann wrote: Hi, Luk Claes wrote: Yes, I think it's worth fixing. as not much seems to have happened in for a week (particularly not on Friday), I'll be aiming at a NMU on Saturday. That should also give the maintainers some breathing-room to consider what else they're planning to do. I am not upload enabled at the moment, please proceed with the NMU. You might take a look at some of the other patches and see if they are worthwhile to include in the NMU too. William signature.asc Description: This is a digitally signed message part
Bug#494995: [uml-devel] Bug#494995: user-mode-linux: static build fails with multiple definition of `strrchr'
On Wed, Aug 27, 2008 at 09:04:29AM +0100, Graham Cobb wrote: On Tuesday 26 August 2008 21:20:12 Jeff Dike wrote: A symbol clash between libc and the kernel. Try this: ... The patch itself didn't apply for me (probably because I copy/paste'd it from the email) but making the change by hand to the Makefile worked and fixed the problem. Great, thanks for the testing. Jeff -- Work email - jdike at linux dot intel dot com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496802: ImageJ: New upstream release available
Package: imagej Version: 1.40a-1 Severity: wishlist Upstream has released version 1.41j of ImageJ, which contains some important bug fixes as well as new features. It is available from http://rsbweb.nih.gov/ij/upgrade/ij.jar Since one cannot use the Plugins-Utilities-Update ImageJ mechanism favoured by upstream with the system install (ij.jar in /usr/share/java) most appropriately used by the Debian package, it would be nice to just repackage ImageJ with the updated ij.jar in place. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496436: The possibility of attack with the help of symlinks in some Debian packages
tags 496436 patch confirmed
thanks
Dmitry E. Oboukhov wrote:
Package: gpsdrive-scripts
Severity: grave
Hi, maintainer!
This message about the error concerns a few packages at once. I've
tested all the packages (for Lenny) on my Debian mirror. All scripts
of packages (marked as executable) were tested.
The attached (untested) patch should fix this issue.
Cheers,
Moritz
diff -aur gpsdrive-2.10~pre4.orig/scripts/geo-code gpsdrive-2.10~pre4/scripts/geo-code
--- gpsdrive-2.10~pre4.orig/scripts/geo-code 2007-09-14 23:47:07.0 +0200
+++ gpsdrive-2.10~pre4/scripts/geo-code 2008-08-23 22:35:24.0 +0200
@@ -248,7 +248,7 @@
#
# Main Program
#
-TMP=/tmp/geo$$
+TMP=`mktemp`
STYLE=${TMP}.style
COORDS=${TMP}.coords
OUTWAY=${TMP}.way
@@ -269,7 +269,7 @@
| head -n1 \
`
if [ $URL = ]; then
- cp $COORDS /tmp/geo.google
+ cp -d $COORDS /tmp/geo.google
error Unable to lookup telephone number or name with Google
else
URL=http://maps.yahoo.com/$URL;
@@ -295,7 +295,7 @@
fi
if [ $DEBUG -gt 0 ]; then
-filter=tee /tmp/geo.yahoo
+filter=tee `mktemp`
else
filter=cat
fi
Nur in gpsdrive-2.10~pre4/scripts: geo-code~.
Bug#496801: ivtv-utils: Devices not numbered from 1
Package: ivtv-utils Version: 1.2.0-1 Severity: minor /usr/share/doc/ivtv-utils/NEWS.Debian.gz has the entry, ivtv (0.6.0-1) * The IVTV devices have been renumbered starting with 1 instead of zero. i.e. Tuner 0 has become Tuner 1 etc. -- Ian Campbell [EMAIL PROTECTED] Wed, 22 Mar 2006 19:07:08 + This isn't true anymore; devices are numbered from 0. I would like to renumber my devices, as I'm running into a conflict with the default numbering scheme: ivtv0: Registered device video0 for encoder MPG (4096 kB) ivtv0: Registered device video32 for encoder YUV (2048 kB) ivtv0: Registered device video24 for encoder PCM (320 kB) ivtv1: Registered device video1 for encoder MPG (4096 kB) ivtv1: Registered device video33 for encoder YUV (2048 kB) ivtv1: Registered device video25 for encoder PCM (320 kB) ivtv2: Registered device video2 for encoder MPG (4096 kB) ivtv2: Registered device video34 for encoder YUV (2048 kB) ivtv2: Registered device video26 for encoder PCM (320 kB) ivtv3: Registered device video3 for encoder MPG (4096 kB) ivtv3: Registered device video35 for encoder YUV (2048 kB) ivtv3: Registered device video27 for encoder PCM (320 kB) ivtv4: Registered device video4 for encoder MPG (4096 kB) ivtv4: Registered device video36 for encoder YUV (2048 kB) ivtv4: Registered device video28 for encoder PCM (320 kB) ivtv5: Registered device video5 for encoder MPG (4096 kB) ivtv5: Registered device video37 for encoder YUV (2048 kB) ivtv5: Registered device video29 for encoder PCM (320 kB) ivtv6: Registered device video6 for encoder MPG (4096 kB) ivtv6: Registered device video38 for encoder YUV (2048 kB) ivtv6: Registered device video30 for encoder PCM (320 kB) ivtv7: Registered device video7 for encoder MPG (4096 kB) ivtv7: Registered device video39 for encoder YUV (2048 kB) ivtv7: Registered device video31 for encoder PCM (320 kB) ivtv8: Registered device video8 for encoder MPG (4096 kB) ivtv8: Registered device video40 for encoder YUV (2048 kB) ivtv8: Registered device video9 for encoder PCM (320 kB) ivtv9: Registered device video10 for encoder MPG (4096 kB) ivtv9: Registered device video41 for encoder YUV (2048 kB) ivtv9: Registered device video11 for encoder PCM (320 kB) ivtv8 uses video9 for PCM, since video32 is already used by ivtv0 for YUV. ivtv9 thus gets video10 for MPG, yet vbi9. BTW they work fine. I don't see any documentation for renumbering all the devices; since you appear to know how to do it, could you point to the documentation or document it? Cheers, Dave -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26 (SMP w/2 CPU cores) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US) Shell: /bin/sh linked to /bin/bash Versions of packages ivtv-utils depends on: ii libc6 2.7-4 GNU C Library: Shared libraries ii libconfig-inifiles-perl 2.39-5 Read .ini-style configuration file ii libgcc1 1:4.2.2-3 GCC support library ii libstdc++64.2.2-3The GNU Standard C++ Library v3 ii libvideo-ivtv-perl0.13-6+b1 Perl extension for using V4l2 in t ii perl 5.10.0-10 Larry Wall's Practical Extraction Versions of packages ivtv-utils recommends: ii devscripts2.10.35scripts to make the life of a Debi ii fakeroot 1.8Gives a fake root environment ii perl-tk 1:804.028-1+b1 Perl module providing the Tk graph ii unzip 5.52-10De-archiver for .zip files -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495154: Processed: RM: tmsnc/testing -- ROM; project discontinued upstream
2008/8/27 Thomas Viehmann [EMAIL PROTECTED]: Hi Miriam, Debian Bug Tracking System wrote: Bug#495154: tmsnc: Package should not go into stable Changed Bug title to `RM: tmsnc/testing -- ROM; project discontinued upstream' from `tmsnc: Package should not go into stable'. based on the bug report, it looks like the release team would prefer removing it (as dead upstream) from unstable as well - testing removals would have been handled by the release team, yet you indicate in the bug that you only want removal from testing. Could you clarify this for me, please? It would be better to remove it both from testing AND unstable. It makes no sense to keep maintaining it in Debian at all. Thanks, Miry -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496803: util-vserver: system hang when shutting down host
Package: util-vserver Version: 0.30.216~r2772-1 Severity: grave Tags: patch Justification: causes non-serious data loss I'm afraid that /etc/init.d/util-vserver stop hangs if there is at least one guest running; it's usually called on host shutdown when it will block the whole system from rebooting/etc until human intervention, and even worse, it's called after ssh and local logins are already disabled, leaving only Ctrl-Alt-SysRQ or reset+hope for no fs damage. Fix: vserver $vserver stop 21 /dev/null should be: vserver $vserver stop 21 /dev/null -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496410: The possibility of attack with the help of symlinks in some Debian packages
severity 496410 grave thanks SL So I don't think I've made a mistake here. You are mistake, see http://www.debian.org/Bugs/Developer.en.html#severities quote: grave makes the package in question unusable or mostly so, or causes data loss, or introduces a security hole allowing access to the accounts of users who use the package. _or_ _causes_ _data_ _loss_ create symlink /etc/shadow - /tmp/eglog and you are loss data of /etc/shadow :) -- ... mpd is off . ''`. Dmitry E. Oboukhov : :’ : mailto://[EMAIL PROTECTED] jabber://[EMAIL PROTECTED] `. `~’ GPGKey: 1024D / F8E26537 2006-11-21 `- 1B23 D4F8 8EC0 D902 0555 E438 AB8C 00CF F8E2 6537 signature.asc Description: Digital signature
Bug#496804: ttf-indic-fonts: Non standard /etc/fonts/ directory usage.
Package: ttf-indic-fonts Version: 1:0.5.4 Severity: normal I see followings under /etc/fonts/conf.d ttf-bengali-fonts.conf ttf-devanagari-fonts.conf ttf-gujarati-fonts.conf ttf-kannada-fonts.conf ttf-malayalam-fonts.conf ttf-oriya-fonts.conf ttf-punjabi-fonts.conf ttf-tamil-fonts.conf ttf-telugu-fonts.conf The rest of font packages use symlinks such as 41-ttf-arphic-uming.conf pointing to ../conf.avail/41-ttf-arphic-uming.conf . I think your package should follow font package policy described under conf.d/README . Regards, Osamu -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages ttf-indic-fonts depends on: ii ttf-bengali-fonts 1:0.5.4Free TrueType fonts for the Bengal ii ttf-devanagari-fonts 1:0.5.4Free TrueType fonts for languages ii ttf-gujarati-fonts1:0.5.4Free TrueType fonts for the Gujara ii ttf-kannada-fonts 1:0.5.4Free TrueType fonts for the Kannad ii ttf-malayalam-fonts 1:0.5.4Free TrueType fonts for the Malaya ii ttf-oriya-fonts 1:0.5.4Free TrueType fonts for the Oriya ii ttf-punjabi-fonts 1:0.5.4Free TrueType fonts for the Punjab ii ttf-tamil-fonts 1:0.5.4Free TrueType fonts for the Tamil ii ttf-telugu-fonts 1:0.5.4Free TrueType fonts for the Telugu ttf-indic-fonts recommends no packages. ttf-indic-fonts suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#429695: grub-efi: key combinations requiring ctrl do not work
Hello, Marco from upstream just told me on IRC that this problem might have been fixed by apple already. So please make sure you're running the latest firmware version. In case it still happens, then please try out the patch from Robert http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=29;filename=efi_at.diff;att=1;bug=429695 -- Felix Zielcke -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#417142: NMU for websvn
On Wed, Aug 27, 2008 at 04:10:06PM +0200, Thijs Kinkhorst wrote: Hi Pierre, This RC bug has now been open for two weeks. I'm uploading an NMU to the delayed-5 queue according to the attached patch. I hope this helps to keep websvn in good shape in lenny. Hi Thijs, I'm merging your patch and asking for a freeze exception so it can reach lenny in time. Thanks ! Pierre -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496793: GNUcash: fails to run Libgcrypt version mismatch
Hi Athanasius, Athanasius wrote: Can you please tell us the version of libgcrypt11 you have currently installed? (Run dpkg -l libgcrypt11 for this information). ii libgcrypt111.4.1-1LGPL Crypto library - runtime library (and checking dpkg -l libgcrypt\* that is the only version installed). That's even more strange: It's the most recent version of libgrypt11. Can you provide us a complete strace output? What is the output of the following command (all in one line)? strings /usr/lib/libgwenhywfar.so.47 | grep -B3 'Libgcrypt version mismatch' | head -n1 This should output the version string of gcrypt.h your libgwenhywfar has been compiled with (I expect it to be 1.4.1). You say, your Gnucash was working up to August 14th. Can you reproduce what packages got updated between then and your first failing try to run Gnucash? Are there any other limiting constraints we should know about? (I.e. do you have sufficient free memory and so on?) Regards Micha -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496800: [pkg-mono-group] Bug#496800: dependency problem between mono and mono-common and mono-jit
On Wed, 2008-08-27 at 16:48 +0200, F. Luteijn wrote: Package: mono Version: 1.2.5.1-1+lenny1 Severity: normal Mono is dependent on mono-common (= 1.2.5.1-1+lenny1) and mono-jit (= 1.2.5.1-1+lenny1), but those packages are not available. Installing mono (and mono-dev also) will fail and installing mono-common or mono-jit will remove mono. Remove mono. It's a useless metapackage which was removed ages ago - and is still causing us problems like this because there appears to be no mechanism for removing obsolete packages from testing-security. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495917: openssh-client: unable to connect to Netscreen Devices with version 1:5.1p1-2
On Wed, Aug 27, 2008 at 03:59:18PM +0100, Colin Watson wrote:
Does the rather ugly patch attached to this mail help?
The Extreme X450 XOS switches we have here (X450 and Black Diamond
models) have this version banner:
SSH-2.0-4.1.2 SSH Secure Shell Toolkit
so I guess after this line
+ { NetScreen, SSH_BUG_WINDOWSIZE },
we should also have a line like
+ { *4.1.2*,SSH_BUG_WINDOWSIZE },
to include these devices too?
thanks,
Dave
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496410: The possibility of attack with the help of symlinks in some Debian packages
severity 496410 important thanks On Wed, Aug 27, 2008 at 07:12:29PM +0400, Dmitry E. Oboukhov wrote: _or_ _causes_ _data_ _loss_ It does not cause data loss, the admin needs to execute it. And now stop bitching around. Bastian -- Superior ability breeds superior ambition. -- Spock, Space Seed, stardate 3141.9 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496805: f-prot-installer: F-prot-installer points to the wrong download location
Package: f-prot-installer Version: 0.5.22 Severity: important f-prot-installer fails with the following error message: -- System Information: the following NEW packages will be installed: f-prot-installer 0 upgraded, 1 newly installed, 0 to remove and 215 not upgraded. Need to get 0B/24.9kB of archives. After this operation, 94.2kB of additional disk space will be used. Preconfiguring packages ... Selecting previously deselected package f-prot-installer. (Reading database ... 158902 files and directories currently installed.) Unpacking f-prot-installer (from .../f-prot-installer_0.5.22_i386.deb) ... Processing triggers for man-db ... Setting up f-prot-installer (0.5.22) ... installing f-prot Downloading file fp-linux-ws.tar.gz.md5 from ftp://ftp.f-prot.com/pub/linux/ No such directory `pub/linux/'. Download failed. Please make sure that your computer is connected to the Internet. If you see this error although you are connected, either the server is down or the download location has changed. In the latter case you can still download the files manually. Please file a bug report against f-prot-installer! dpkg: error processing f-prot-installer (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: f-prot-installer E: Sub-process /usr/bin/dpkg returned an error code (1) Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686-bigmem (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages f-prot-installer depends on: ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii debianutils 2.30 Miscellaneous utilities specific t ii libwww-perl 5.813-1WWW client/server library for Perl ii unzip 5.52-12De-archiver for .zip files ii wget 1.11.4-1 retrieves files from the web f-prot-installer recommends no packages. f-prot-installer suggests no packages. -- debconf information: * f-prot-installer/action: Download and install * f-prot-installer/configured: false f-prot-installer/note_cron: f-prot-installer/where_are_files: /tmp * f-prot-installer/reinstall: true f-prot-installer/failed: * f-prot-installer/update_defs: true f-prot-installer/install_later: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496806: RM: mono -- ROM; testing-security package obsolete causing problems
Package: ftp.debian.org Hi, Please remove mono 1.2.5.1-1+lenny1 from security.debian.org. The package was rendered obsolete a long time ago. Whilst usually this wouldn't cause a problem, an obsolete metapackage (mono) is available only in testing-security (removed from the version in lenny) and causes fairly frequent bug reports. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495154: Processed: RM: tmsnc/testing -- ROM; project discontinued upstream
retitle 495154 RM: tmsnc -- ROM; project discontinued upstream thanks Miriam Ruiz wrote: It would be better to remove it both from testing AND unstable. It makes no sense to keep maintaining it in Debian at all. Will do. Thanks for the quick reply! Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491655: [Pkg-audacious-maintainers] Bug#491655: how about fixing this in a Debian revision / NMU
William Pitcock wrote: I am not upload enabled at the moment, please proceed with the NMU. You might take a look at some of the other patches and see if they are worthwhile to include in the NMU too. If you can whip up a short MU for sponsoring, we could also go with that. Otherwise, I'd probably focus on the most urgent stuff, so I would appreciate specific suggestions. Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496807: gnucash: silently removes main files while trying to save without lock
Package: gnucash Version: 2.2.6-1 Severity: grave Justification: causes data loss I was trying to use gnucash over sshfs, to allow several machines to handle the same file. It complained that it was unable to get a lock, and so couldn't prevent simultaneous writes. This was no problem, because there isn't another person working on them. For the rest, everything seemed to work fine. However, when trying to reopen the file, I found that it had not been written, but instead it was deleted. So not only did I lose the work of the session, but it actually deleted my previous work as well. I tried creating a new file, which also complains about the lock file, but seems to work fine otherwise, but it also doesn't create the file. This would have been a critical issue (causes serious data loss), except that gnucash writes loads of log and backup files, so normally most of the work will not actually be lost. As a quick fix, it would be acceptable to turn the lock warning into an error. Thanks, Bas Wijnen signature.asc Description: Digital signature
Bug#491270: bug has been pending for three weeks
Hi, this (RC!) bug has been pending for three weeks now. Unless there are objections, I should think that August is a good month to have a fix uploaded and will see to that if noone else does. Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496800: [pkg-mono-group] Bug#496800: dependency problem between mono and mono-common and mono-jit
It is a fresh install without any old dependicies. When I select mono I don't expect such dependicy problems which cannot normally be solved. It should normally be build with the right version or it should not be in the repository. Met vriendelijke groet, Frans Luteijn. Xout Europe BV De Virieusingel 4 P.O. Box 223 5300 AE Zaltbommel The Netherlands P: +31(0)88 77 88 200 F: +31(0)88 77 88 299 E: [EMAIL PROTECTED] W: www.xout.eu Jo Shields wrote: On Wed, 2008-08-27 at 16:48 +0200, F. Luteijn wrote: Package: mono Version: 1.2.5.1-1+lenny1 Severity: normal Mono is dependent on mono-common (= 1.2.5.1-1+lenny1) and mono-jit (= 1.2.5.1-1+lenny1), but those packages are not available. Installing mono (and mono-dev also) will fail and installing mono-common or mono-jit will remove mono. Remove mono. It's a useless metapackage which was removed ages ago - and is still causing us problems like this because there appears to be no mechanism for removing obsolete packages from testing-security.
Bug#491655: [Pkg-audacious-maintainers] Bug#491655: how about fixing this in a Debian revision / NMU
Hi, On Wed, 2008-08-27 at 17:40 +0200, Thomas Viehmann wrote: William Pitcock wrote: I am not upload enabled at the moment, please proceed with the NMU. You might take a look at some of the other patches and see if they are worthwhile to include in the NMU too. If you can whip up a short MU for sponsoring, we could also go with that. Otherwise, I'd probably focus on the most urgent stuff, so I would appreciate specific suggestions. Alright, I'll publish 1.5.1-4 on mentors sometime before Friday. William signature.asc Description: This is a digitally signed message part
Bug#496747: xserver-xorg-video-ati: multi-head virtualsize and direct rendering not working with two different monitor resolutions
Philipp Neuser wrote: When you've got two monitores with different resoultion, the virtualsize is not correct. It's always the bigger one. You can only correct this, if you open a console and type xrandr --output VGA-0 --auto. You have to do this every time you login. As I said, please send the whole ouput of xrandr --verbose before and after running the above xrandr --auto. Direct rendering only works, if you have two displays with the same resolution. Also, you don't get debugging information from glxinfo. Please send the output of LIBGL_DEBUG=verbose glxinfo when if fails. Brice -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496808: ruby1.8: DoS vulnerability in rexml parsing module
Package: ruby1.8 Version: 1.8.5-4etch2 Severity: grave Tags: security Justification: user security hole The rexml lib is vulnerable to a DoS attack. Please see http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/. I know there isn't an official patch yet (except the overloading of the REXML module via http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb but I expect that to be out soon. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-domu Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages ruby1.8 depends on: ii libc6 2.3.6.ds1-13etch7 GNU C Library: Shared libraries ii libruby1.8 1.8.5-4etch2 Libraries necessary to run Ruby 1. ruby1.8 recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496793: GNUcash: fails to run Libgcrypt version mismatch
Hi Athanasius, Athanasius wrote: On Wed, Aug 27, 2008 at 05:14:43PM +0200, Micha Lenk wrote: Athanasius wrote: Can you please tell us the version of libgcrypt11 you have currently installed? (Run dpkg -l libgcrypt11 for this information). ii libgcrypt111.4.1-1LGPL Crypto library - runtime library (and checking dpkg -l libgcrypt\* that is the only version installed). That's even more strange: It's the most recent version of libgrypt11. Can you provide us a complete strace output? Attached. Hmm, I can't find anything suspicious yet. Can you also provide an ltrace output and the file /tmp/gnucash.trace produced when running Gnucash with command line option --debug? Regards Micha -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496807: gnucash: silently removes main files while trying to save without lock
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 forwarded 496807 http://bugzilla.gnome.org/show_bug.cgi?id=549595 thanks Hi Bas, thank you for your feedback on Gnucash. I have forwarded your report to the upstream bug tracker as http://bugzilla.gnome.org/show_bug.cgi?id=549595 Regards Micha -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFItXzCWN0/4pnhQbQRAiKrAJ9UwCF+zvVF7T2e2WIVlKhG/n5BPACfTC74 GpT7oBeAcLVsN96/1ihqrD8= =A28K -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#480320: closed by Ding Honghui [EMAIL PROTECTED] (Bug#480320: fixed in curlftpfs 0.9.2-1)
Can the new version be uploaded to testing? Because of the freeze, this must be done by request. http://release.debian.org/migration/testing.pl?package=curlftpfs * trying to update curlftpfs from 0.9.1-3 to 0.9.2-1 (candidate is 15 days old) * curlftpfs is in freeze; contact debian-release if update is needed Liam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496809: selinux-policy-default: logrotate_t needs to test exec syslogd
Package: selinux-policy-default
Version: 2:0.0.20080702-6
Severity: normal
Tags: patch
Hi,
while running cron.daily script /etc/cron.daily/sysklogd following
denials appeared:
Aug 27 13:13:50 sid kernel: [ 554.238311] type=1400 audit(1219835630.106:5):
avc: denied { execute } for pid=5273 comm=sysklogd name=syslogd dev=hda2
ino=28 scontext=unconfined_u:system_r:logrotate_t:s0
tcontext=system_u:object_r:syslogd_exec_t:s0 tclass=file
Aug 27 13:13:50 sid kernel: [ 554.243321] type=1300 audit(1219835630.106:5):
arch=4003 syscall=33 success=no exit=-13 a0=9d1c0a8 a1=1 a2=b7ef7ff4 a3=0
items=0 ppid=5161 pid=5273 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=sysklogd exe=/bin/bash
subj=unconfined_u:system_r:logrotate_t:s0 key=(null)
This is caused by line:
test -x /sbin/syslogd || exit 0
near start of script. Access needs to be allowed test fails otherwise.
Thanks
--
Zito
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=cs_CZ.ISO-8859-2 (charmap=ISO-8859-2)
Shell: /bin/sh linked to /bin/bash
Versions of packages selinux-policy-default depends on:
ii libpam-modules1.0.1-3Pluggable Authentication Modules f
ii libselinux1 2.0.65-4 SELinux shared libraries
ii libsepol1 2.0.30-2 Security Enhanced Linux policy lib
ii policycoreutils 2.0.49-5 SELinux core policy utilities
ii python2.5.2-2An interactive high-level object-o
Versions of packages selinux-policy-default recommends:
ii checkpolicy 2.0.16-1 SELinux policy compiler
ii setools 3.3.4.ds-4 tools for Security Enhanced Linux
Versions of packages selinux-policy-default suggests:
pn logcheck none (no description available)
pn syslog-summarynone (no description available)
-- no debconf information
Index: selinux-policy-src/policy/modules/admin/logrotate.te
===
--- selinux-policy-src.orig/policy/modules/admin/logrotate.te 2008-08-27 17:27:48.0 +0200
+++ selinux-policy-src/policy/modules/admin/logrotate.te 2008-08-27 17:30:27.0 +0200
@@ -137,6 +137,9 @@
# for syslogd-listfiles
logging_read_syslog_config(logrotate_t)
+
+# for test -x /sbin/syslogd
+ logging_domtrans_syslog(logrotate_t)
')
optional_policy(`
Bug#496808: ruby1.8: DoS vulnerability in rexml parsing module
On Wednesday 27 August 2008 17:56, Frank Louwers wrote: The rexml lib is vulnerable to a DoS attack. Please see http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/. This is CVE-2008-3790. Please mention it in the package changelog on uploads. Thijs pgpzxooaDe7u4.pgp Description: PGP signature
Bug#493217: libnfsidmap-0.21 is available
Kevin Coffman wrote:
--- libnfsidmap-0.21/libnfsidmap.c~ 2008-08-02 10:52:00.289845221 +1200
+++ libnfsidmap-0.21/libnfsidmap.c 2008-08-02 10:47:50.647889312 +1200
@@ -101,7 +101,7 @@
char plgname[128];
int ret = 0;
- snprintf(plgname, sizeof(plgname), %s%s.so, PLUGIN_PREFIX, method);
+ snprintf(plgname, sizeof(plgname), %s%s.so.0, PLUGIN_PREFIX,
method);
dl = dlopen(plgname, RTLD_NOW | RTLD_LOCAL);
if (dl == NULL) {
Getting back to this. I'm curious if there is a specific reason why
the *.so symlink was not there? Adding the .0 shouldn't be
necessary. But there may be a reason for not including the .so
symlink that I am not aware of.
The reason the version (or a version) number is need is because
some distros only installed the .so with the -devel package which
is not normally installed... The question is how do we get the
version to change automagically when the soname changes?
steved.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496723: tasksel: Please add consolekit to the desktop task
Michael Biebl wrote: For a better out-of-the-box experience I'd like to see consolekit installed by default as part of the desktop and/or laptop task in lenny. I hope you're aware that lenny is frozen.. -- see shy jo signature.asc Description: Digital signature
Bug#496793: GNUcash: fails to run Libgcrypt version mismatch
On Wed, Aug 27, 2008 at 06:02:59PM +0200, Micha Lenk wrote: Athanasius wrote: On Wed, Aug 27, 2008 at 05:14:43PM +0200, Micha Lenk wrote: Athanasius wrote: Can you please tell us the version of libgcrypt11 you have currently installed? (Run dpkg -l libgcrypt11 for this information). ii libgcrypt111.4.1-1LGPL Crypto library - runtime library (and checking dpkg -l libgcrypt\* that is the only version installed). That's even more strange: It's the most recent version of libgrypt11. Can you provide us a complete strace output? Attached. Hmm, I can't find anything suspicious yet. Can you also provide an ltrace output and the file /tmp/gnucash.trace produced when running Gnucash with command line option --debug? I had to modify the shell script /usr/bin/gnucash to run gnucash-bin as: exec ltrace -s 4096 -f -o /tmp/gnucash-ltrace gnucash-bin --debug $@ as ltrace doesn't seem happy running a shell script. Resultant file attached. -- - Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/ Finger athan(at)fysh.org for PGP key And it's me who is my enemy. Me who beats me up. Me who makes the monsters. Me who strips my confidence. Paula Cole - ME 17141 __libc_start_main(0x804a730, 2, 0xbfbcf3d4, 0x804b0f0, 0x804b0e0 unfinished ... 17141 g_thread_init(0, 0, 0xdfc5a0, 0, 0x612b00c1) = 0x972a600 17141 g_log(0x804b27b, 32, 0x804b970, 0, 0x612b00c1) = 32 17141 gnc_path_get_localedir(0x804b27b, 32, 0x804b970, 0, 0x612b00c1) = 0x972a668 17141 bindtextdomain(gnucash, /usr/share/locale) = /usr/share/locale 17141 textdomain(gnucash) = gnucash 17141 bind_textdomain_codeset(0x804b529, 0x804b2b9, 0x804b970, 0, 0x612b00c1) = 0x9729aa8 17141 g_free(0x972a668, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 3 17141 qof_log_init(0x972a668, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 0xb6e867f0 17141 qof_log_set_default(64, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 33 17141 g_getenv(0x804b2bf, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 0 17141 g_getenv(0x804b2cf, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 0 17141 g_getenv(0x804b2de, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 0 17141 g_getenv(0x804b2eb, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 0 17141 dcgettext(0, 0x804b1a8, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1a8 17141 dcgettext(0, 0x804b6e8, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b6e8 17141 dcgettext(0, 0x804b72c, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b72c 17141 dcgettext(0, 0x804b75c, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b75c 17141 dcgettext(0, 0x804b7ac, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b7ac 17141 dcgettext(0, 0x804b800, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b800 17141 dcgettext(0, 0x804b1bd, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1bd 17141 dcgettext(0, 0x804b1d4, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1d4 17141 dcgettext(0, 0x804b824, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b824 17141 dcgettext(0, 0x804b1df, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1df 17141 dcgettext(0, 0x804b848, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b848 17141 dcgettext(0, 0x804b1e9, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1e9 17141 dcgettext(0, 0x804b874, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b874 17141 dcgettext(0, 0x804b1f1, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1f1 17141 dcgettext(0, 0x804b89c, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b89c 17141 dcgettext(0, 0x804b1fb, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b1fb 17141 dcgettext(0, 0x804b8c8, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b8c8 17141 dcgettext(0, 0x804b200, 5, 0xbfbcf120, 0x87dd2ca) = 0x804b200 17141 strstr(gnucash-bin, -bin) = -bin 17141 g_option_context_new(0x804b26f, 0x804b26a, 5, 0xbfbcf120, 0xbfbcf150) = 0x972a6f0 17141 g_option_context_add_main_entries(0x972a6f0, 0xbfbcf150, 0x804b529, 0xbfbcf120, 0xbfbcf150) = 0xb6e85520 17141 gtk_get_option_group(0, 0x804b529, 0x804b529, 0xbfbcf120, 0xbfbcf150) = 0x972b3a8 17141 g_option_context_add_group(0x972a6f0, 0x972b3a8, 0x804b529, 0xbfbcf120, 0xbfbcf150) = 0x972ab50 17141 g_option_context_parse(0x972a6f0, 0xbfbcf350, 0xbfbcf148, 0xbfbcf2bc, 0xbfbcf150) = 1 17141 g_option_context_free(0x972a6f0, 0xbfbcf350, 0xbfbcf148, 0xbfbcf2bc, 0xbfbcf150) = 4 17141 gnc_set_extra(0, 0xbfbcf350, 0xbfbcf148, 0xbfbcf2bc, 0xbfbcf150) = 0 17141 gnc_set_gconf_path(0x804b54f, 0xbfbcf350, 0xbfbcf148, 0xbfbcf2bc, 0xbfbcf150) = 0x804b54f 17141 gnc_set_debugging(1, 0xbfbcf350, 0xbfbcf148, 0xbfbcf2bc, 0xbfbcf150) = 1 17141 g_get_tmp_dir(0x804b2eb, 0x9729aa8, 0x804b970, 0, 0x612b00c1) = 0x9734070 17141 g_build_filename(0x9734070, 0x804b2fa, 0, 0, 0x612b00c1) = 0x972b408 17141 qof_log_init_filename(0x972b408, 0x804b2fa, 0, 0, 0x612b00c1) = 3 17141 g_free(0x972b408, 0x804b2fa, 0, 0, 0x612b00c1) = 3 17141 qof_log_set_default(16, 0x804b2fa, 0, 0, 0x612b00c1) = 16 17141 gnc_log_default(16, 0x804b2fa, 0, 0, 0x612b00c1) = 33 17141 gnc_is_debugging(16, 0x804b2fa, 0, 0, 0x612b00c1) = 1 17141 qof_log_set_level(0x804b295, 64, 0, 0, 0x612b00c1) = 64 17141 qof_log_set_level(0x804b308, 64, 0, 0, 0x612b00c1) = 64 17141 qof_log_set_level(0x804b30c, 64, 0, 0, 0x612b00c1) = 64
Bug#493817: O: ruledispatch -- Rule-based Dispatching and Generic Functions
retitle 493817 ITA: ruledispatch -- Rule-based Dispatching and Generic Functions owner 493817 ! thanks I intend to adopt this package. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 signature.asc Description: PGP signature
Bug#493804: O: pyprotocols -- Open Protocols and Component Adaptation for Python
retitle 493804 ITA: pyprotocols -- Open Protocols and Component Adaptation for Python owner 493804 ! thanks I intend to adopt this package. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 signature.asc Description: PGP signature
Bug#493791: O: decoratortools -- version-agnostic decorators support for Python
retitle 493791 ITA: decoratortools -- version-agnostic decorators support for Python owner 493791 ! thanks I intend to adopt this package. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 signature.asc Description: PGP signature
Bug#496810: initscript nsca fails when invocked with start and already running
Package: nsca Version: 2.6-3.2 Severity: serious Hi, you should add in README.Debian that dpkg-reconfigure nsca is needed to install startup links (I discovered it by looking at /var/lib/dpkg/info/nsca.postinst..., not something usual users want to do). README.Debian currently says : by default nsca works with an init script /etc/init.d/nsca But it does not say that, by default, symlinks are not installed. [This would be wishlist bug] However, trying to enable nsca, I found a bug: atsina:/etc/init.d# dpkg-reconfigure nsca update-rc.d: warning: /etc/init.d/nsca missing LSB information update-rc.d: see http://wiki.debian.org/LSBInitScripts Starting Nagios Service Check Acceptor: /usr/sbin/nsca already running. ERROR: could not start nsca. invoke-rc.d: initscript nsca, action start failed. atsina:/etc/init.d# Missing LSB headers are already reported. But nsca also fails to return a 0 code when already running: atsina:/etc/init.d# /etc/init.d/nsca start ; echo $? Starting Nagios Service Check Acceptor: /usr/sbin/nsca already running. ERROR: could not start nsca. 1 atsina:/etc/init.d# According to policy 9.3.2 (and recents discussions on debian-devel), starting an already running service or stopping an already stopped service must not return an error code. Best regards, Vincent -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.27-rc3-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#472603: RFA: udptunnel -- Tunnel UDP packets over a TCP connection
retitle 472603 ITA: udptunnel -- Tunnel UDP packets over a TCP connection owner 472603 ! thanks I intend to adopt this package. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 signature.asc Description: PGP signature
Bug#496812: awesome: blank java applications
Package: awesome Version: 3.0~rc4-1 Severity: normal The programs start and continue running, but the window itself is just grey. I can activate windows in the programs by clicking in the window and the menus themselves show up. I have experienced this problem in both jabref and josm. I have attached a picture of the problem in jabref -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (700, 'unstable'), (650, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages awesome depends on: ii libc6 2.7-13 GNU C Library: Shared libraries ii libcairo2 1.6.4-6The Cairo 2D vector graphics libra ii libdbus-1-3 1.2.1-3simple interprocess messaging syst ii libev33.43-1 high-performance event loop librar ii libglib2.0-0 2.16.5-1 The GLib library of C routines ii libimlib2 1.4.0-1.1 powerful image loading and renderi ii liblua5.1-0 5.1.3-1Simple, extensible, embeddable pro ii liblua5.1-filesystem0 1.4.1-1luafilesystem library for the lua ii libncurses5 5.6+20080823-1 shared libraries for terminal hand ii libpango1.0-0 1.20.5-1 Layout and rendering of internatio ii libreadline5 5.2-3 GNU readline and history libraries ii libx11-6 2:1.1.4-2 X11 client-side library ii libxcb-atom0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-aux0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-event0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-icccm0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-keysyms0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-property0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-randr0 1.1-1.1X C Binding, randr extension ii libxcb-render-util0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-render01.1-1.1X C Binding, render extension ii libxcb-xinerama0 1.1-1.1X C Binding, xinerama extension ii libxcb1 1.1-1.1X C Binding Versions of packages awesome recommends: ii x11-xserver-utils 7.3+5 X server utilities awesome suggests no packages. -- no debconf information jabref.png Description: Binary data
Bug#496349: libfcgi-perl: download link in copyright file is broken
gregor herrmann wrote: On Mon, 25 Aug 2008 09:42:19 +0200, Toni Mueller wrote: I don't think the severity is warranted; debian/copyrights lists the place where the upstream sources were fetched at the time of packaging. After all web sites are in flux all the time, that's why we distribute them through our mirror network. I chose the severity because it's a violation of a 'must' clause in the policy (and that's what reportbug advised to set). Of course, I'm very much aware about the fact that web sites change all the time, but I also do find it very important to properly track upstream sources. I agree that this is technically a policy violation, OTOH it's not really difficult to find the module on CPAN: http://search.cpan.org/dist/FCGI/ Other than that, I'm inclined to do an NMU to close the bug - the change is trivial and doesn't affect functionality in the slightest, after all. Therefore, letting the change through should only be a formality. Sure, but having an upload just for this line doesn't really help, and bringing the package up2date might be unwanted during the freeze. Since Luk has changed the severity I'd appreciate an input from the release team's side. From the Release Team's point of view this issue is not release critical so I downgraded it to important. As the maintainers are active, I don't think there should be any NMU. Though if the maintainers think it's worth to fix before the release, it's a change that probably would get a freeze exception. Cheers Luk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496793: GNUcash: fails to run Libgcrypt version mismatch
On Wed, Aug 27, 2008 at 06:31:55PM +0200, Micha Lenk wrote:
Athanasius wrote:
Can you also provide an ltrace output and the file /tmp/gnucash.trace
produced when running Gnucash with command line option --debug?
I got your ltrace file. What's with the /tmp/gnucash.trace file created
by Gnucash itself?
Ah I misunderstood.
Not helped by the fact I have TMPDIR set and, on checking strace
output, it actually ended up elsewhere. However, it's 0 bytes in size.
Looking at the strace output it's opened as FD 3 and after a couple
other calls it seems to never be referenced again (searching on 3, ):
open(/var/tmp/athan/gnucash.trace.WZKYGU, O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE,
0600) = 3
rename(/var/tmp/athan/gnucash.trace.WZKYGU, /var/tmp/athan/gnucash.trace) = 0
fcntl64(3, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat64(3, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7d09000
_llseek(3, 0, [0], SEEK_CUR)= 0
--
- Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/
Finger athan(at)fysh.org for PGP key
And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence. Paula Cole - ME
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496768: wireshark: Follow TCP stream is not Port numbers reused-aware
On Wednesday 27 August 2008 11:52:18 Christoph Biedl wrote:
Package: wireshark
Version: 1.0.2-3
Severity: normal
TCP Port numbers reused happens every now and then, especially if
the capture is run over a longer time and the client OS does not use a
wide range of local ports.
Now I noticed that at least for HTTP the extremely useful Follow TCP
stream function ignores all data in the second TCP stream. This
hides potentially interesting data.
I'd expect this as behavior as this are indeed 2 unrelated TCP streams that
just happen to use the same ports by accident.
The operation is called Follow TCP stream not Follow TCP streams ;-)
Joost
How to repeat
-
Use the following Perl script that does two HTTP GET request using the
same local port number. Insert a web server in the $host variable,
and capture the traffic.
---
#!/usr/bin/perl -w
use IO::Socket;
use strict;
my $host = 'a.web.server';
for my $i (1..2) {
my $sock = new IO::Socket::INET (
PeerAddr = $host,
PeerPort = 80,
Proto = 'tcp',
LocalPort = ,
ReuseAddr = 1,
) || die (Cannot create socket: $!.\n);
print $sock
GET / HTTP/1.0\r\n .
Host: $host\r\n .
X-Round: $i\r\n .
\r\n;
while (defined (my $line = $sock)) {
;
}
undef $sock;
last if ($i == 2);
sleep (1);
}
exit 0;
---
Open the capture file in wireshark and select Follow TCP stream.
Expected behaviour: wireshark shows both request/response pairs.
Seen behaviour: wireshark always only shows the first pair, identified
by the X-Round: 1 header. Selecting a packet of the second pair
before doing the Follow TCP stream does not help.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages wireshark depends on:
ii libadns1 1.4-0.1Asynchronous-capable DNS
client li ii libatk1.0-0 1.22.0-1 The ATK
accessibility toolkit ii libc6 2.7-13 GNU C
Library: Shared libraries ii libcairo2 1.6.4-6The
Cairo 2D vector graphics libra ii libcomerr21.41.0-3
common error description library ii libgcrypt11 1.4.1-1
LGPL Crypto library - runtime libr ii libglib2.0-0 2.16.4-2
The GLib library of C routines ii libgnutls26 2.4.1-1
the GNU TLS library - runtime libr ii libgtk2.0-0
2.12.11-3 The GTK+ graphical user interface ii libkrb53
1.6.dfsg.4~beta1-3 MIT Kerberos runtime libraries ii libpango1.0-0
1.20.5-1 Layout and rendering of internatio ii libpcap0.8
0.9.8-5system interface for user-level pa ii libpcre3
7.6-2.1Perl 5 Compatible Regular Expressi ii
libportaudio2 19+svn20071022-2 Portable audio I/O - shared librar
ii wireshark-common 1.0.2-3network traffic analyser
(common f ii zlib1g1:1.2.3.3.dfsg-12 compression library
- runtime
Versions of packages wireshark recommends:
ii gksu 2.0.0-5graphical frontend to su
wireshark suggests no packages.
-- no debconf information
--
homepage: http://damad.be/joost
photo/blog: http://damad.be/joost/blog
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
