Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
On 08/10/2013 19:13, Kurt Roeckx wrote: > > Yes, disabling TLS 1.2 seems to fix your issue, but I really have > no idea why. I also don't think this is a good idea. > > You say that the other side is using OpenSSL 1.0.1, but it looks > like a really weird version to me. It doesn't seem to support > TLS 1.2 but does 1.1 while there never was a version released > that only didn't do 1.2 but did 1.1. > > It seems to be a snapshot from cvs/git since it says "1.0.1-stable > 05 Jun 2011" and doesn't actually have any real version in it. > Looking at the release history and git repository, it seems to be > in the middle of a development cycle. Please note that 1.0.1 was > released on 19 Apr 2012. > > So I suggest you upgrade it to a released version like 1.0.1e or > the current 1.0.1-stable version. The server admin fixed the issue by importing this commit in the 1.0.1c NetBSD version : http://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff;f=ssl/s3_pkt.c;h=dca345865a10a5fae10741e009676731181fc60d;hp=2d569cc1cedc5aa2bb0d0e7f876a22468e77950e;hb=c3b130338760a7e52656fd217d1d4c846e85cdff;hpb=5762f7778da56b9502534fd236007b9a1b0244d9 I think the issue is in the client as well, but fixing it on the server side is enough for it to work. Cheers, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#725825: mongodb-server: No safe upgrade path from Wheezy to Jessie when using sharded cluster
Package: mongodb-server Version: 1:2.4.5-1 Severity: normal Hi, Just FYI (but maybe you are already aware of that), there is no safe upgrade path from 2.0 to 2.4 on a sharded cluster. When the Mongos are upgraded, they will fail to upgrade config servers metadata, as they assume the metadata is 2.2 format. According to upstream, the upgrade path from 2.0 to 2.4 when using a sharded cluster is to upgrade to 2.2 first : http://docs.mongodb.org/manual/release-notes/2.4-upgrade/ The problem is, not only is it not supported, but the metadata will get corrupt. I'm not sure what the best way to deal with it would be. At the very least, the users should be warned. If a sharded cluster is detected, upgrade should be interrupted to prevent data loss. Unattended upgrade in a cluster is out of the question, but maybe we can provide a safe way to do it (I'm not yet sure of what mongos --upgrade does), via script or otherwise. Cheers, -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mongodb-server depends on: ii adduser 3.113+nmu3 ii libboost-filesystem1.49.0 1.49.0-4+b1 ii libboost-program-options1.49.0 1.49.0-4+b1 ii libboost-system1.49.0 1.49.0-4+b1 ii libboost-thread1.49.0 1.49.0-4+b1 ii libc6 2.17-92+b1 ii libgcc1 1:4.8.1-10 ii libgoogle-perftools42.1-1 ii libpcre31:8.31-2 ii libpcrecpp0 1:8.31-2 ii libsnappy1 1.1.0-1 ii libstdc++6 4.8.1-10 ii mongodb-clients 1:2.4.5-1 mongodb-server recommends no packages. mongodb-server suggests no packages. -- no debconf information -- Clément Hermann (nodens) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Hello Kurt, Is there any news on this issue ? I have reports of the same problem from other debian users, and only debian users. After upgrade of the remote (netbsd) box, the problem still occurs. The issue is also still present in current sid version. We need to apply the ubuntu patch to connect (attached), wich seem to disable TLS_1.2 client altogether. I think this is enough, the second part of the patch may not be needed. Is there any way I can help fix this ? Cheers, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. Description: Work around TLS 1.2 failures for some broken servers that "hang" if a client hello record length exceeds 255 bytes. . 1. Set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. This will truncate the number of ciphers sent in the client hello. 2. Set OPENSSL_NO_TLS1_2_CLIENT to disable TLS 1.2 client support entirely. Also, check TLS_get_client_version() rather than TLS1_get_versions() to avoid improper truncation of client hello cipher lists. This change has been forwarded upstream in rt #2881. Bug-Ubuntu: https://bugs.launchpad.net/bugs/965371 Bug-Debian: http://bugs.debian.org/665452 Bug: http://rt.openssl.org/Ticket/Display.html?id=2771 Bug: http://rt.openssl.org/Ticket/Display.html?id=2881 Forwarded: not-needed Last-Update: 2012-10-04 Index: openssl-1.0.1c/Configure === --- openssl-1.0.1c.orig/Configure 2012-10-03 23:59:05.235548667 -0700 +++ openssl-1.0.1c/Configure 2012-10-04 10:34:23.076454592 -0700 @@ -106,7 +106,7 @@ my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED"; # There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS -my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall"; +my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50"; $debian_cflags =~ s/\n/ /g; my $strict_warnings = 0; Index: openssl-1.0.1c/ssl/s23_clnt.c === --- openssl-1.0.1c.orig/ssl/s23_clnt.c 2012-10-03 23:46:22.967530550 -0700 +++ openssl-1.0.1c/ssl/s23_clnt.c 2012-10-04 10:33:13.820452946 -0700 @@ -491,7 +491,7 @@ * as hack workaround chop number of supported ciphers * to keep it well below this if we use TLS v1.2 */ - if (TLS1_get_version(s) >= TLS1_2_VERSION + if (TLS1_get_client_version(s) >= TLS1_2_VERSION && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; #endif
Bug#680137: irssi: Can't connect to SSL-enabled server after upgrading libssl
Hi, With some more test and some help from a friend, we made some progress. It *does* work when adding -no_tls1_1 option to openssl s_client. It works if the server allows renegociation : I can connect to freenode. It seems to be #665452 again, or a variant. Anyway, that explains why it works in ubuntu. The patch tls12_workarounds.patch (attached) works around it (but I'm not qualified to tell whether this is an acceptable solution or not). The patch headers give some more information, I'll copy it here for readability of the report : -patch header- Description: Work around TLS 1.2 failures for some broken servers that "hang" if a client hello record length exceeds 255 bytes. . 1. Set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. This will truncate the number of ciphers sent in the client hello. 2. Set OPENSSL_NO_TLS1_2_CLIENT to disable TLS 1.2 client support entirely. Also, check TLS_get_client_version() rather than TLS1_get_versions() to avoid improper truncation of client hello cipher lists. This change has been forwarded upstream in rt #2881. Bug-Ubuntu:https://bugs.launchpad.net/bugs/965371 Bug-Debian:http://bugs.debian.org/665452 Bug:http://rt.openssl.org/Ticket/Display.html?id=2771 Bug:http://rt.openssl.org/Ticket/Display.html?id=2881 Forwarded: not-needed Last-Update: 2012-10-04 -End of patch header----- Cheers. - -- Clement Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. Description: Work around TLS 1.2 failures for some broken servers that "hang" if a client hello record length exceeds 255 bytes. . 1. Set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. This will truncate the number of ciphers sent in the client hello. 2. Set OPENSSL_NO_TLS1_2_CLIENT to disable TLS 1.2 client support entirely. Also, check TLS_get_client_version() rather than TLS1_get_versions() to avoid improper truncation of client hello cipher lists. This change has been forwarded upstream in rt #2881. Bug-Ubuntu: https://bugs.launchpad.net/bugs/965371 Bug-Debian: http://bugs.debian.org/665452 Bug: http://rt.openssl.org/Ticket/Display.html?id=2771 Bug: http://rt.openssl.org/Ticket/Display.html?id=2881 Forwarded: not-needed Last-Update: 2012-10-04 Index: openssl-1.0.1c/Configure === --- openssl-1.0.1c.orig/Configure 2012-10-03 23:59:05.235548667 -0700 +++ openssl-1.0.1c/Configure 2012-10-04 10:34:23.076454592 -0700 @@ -106,7 +106,7 @@ my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED"; # There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS -my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall"; +my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50"; $debian_cflags =~ s/\n/ /g; my $strict_warnings = 0; Index: openssl-1.0.1c/ssl/s23_clnt.c === --- openssl-1.0.1c.orig/ssl/s23_clnt.c 2012-10-03 23:46:22.967530550 -0700 +++ openssl-1.0.1c/ssl/s23_clnt.c 2012-10-04 10:33:13.820452946 -0700 @@ -491,7 +491,7 @@ * as hack workaround chop number of supported ciphers * to keep it well below this if we use TLS v1.2 */ - if (TLS1_get_version(s) >= TLS1_2_VERSION + if (TLS1_get_client_version(s) >= TLS1_2_VERSION && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; #endif
Bug#475784: RFP: php-gnupg -- PHP extension to interact with gnupg
Hi, is there anyone working on this currently ? I need this package, and though I did create one with dh-make-pecl, a maintained package would be nice. Was there any caveat (except the lack of upstream update) ? I cannot find the package mentioned on mentors (it is old anyway). I'd be willing to work on it, but I would need a sponsor. Cheers -- Clément Hermann (nodens) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#697150: mtpfs should not depends on fuse-utils but on fuse
Package: mtpfs Severity: important Hi, mtpfs depends on fuse-utils, which was a transition package and isn't available in sid now for most architecture. So a new install of mtpfs on a current sid system with no fuse-utils leftover is not possible. Please depend on fuse. Cheers, Clément Hermann (nodens) -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Le 04/07/2012 04:47, Kurt Roeckx a écrit : On Wed, Jul 04, 2012 at 12:34:54AM +0200, Clement Hermann (nodens) wrote: Le 04/07/2012 00:21, Kurt Roeckx a écrit : The server is running on netbsd 6. I asked the admin, and openssl version returns : OpenSSL 1.0.1-stable 05 Jun 2011 a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though. Can you try: strings /usr/lib/libssl.so.9 |grep OpenSSL Here : OpenSSLDie DTLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011 OpenSSL 1.0.1-stable 05 Jun 2011 TLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011 SSLv3 part of OpenSSL 1.0.1-stable 05 Jun 2011 SSLv2 part of OpenSSL 1.0.1-stable 05 Jun 2011 So it fails to talk to itself? That makes little sense to me. Kurt I don't have the issue with 1.0.1 from ubuntu, only from Debian sid with SSLv3 (works with TLS1.1, tested on different boxes), so it looks like a Debian-specific issue. -- Clément -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Le 04/07/2012 00:21, Kurt Roeckx a écrit : The server is running on netbsd 6. I asked the admin, and openssl version returns : OpenSSL 1.0.1-stable 05 Jun 2011 a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though. Can you try: strings /usr/lib/libssl.so.9 |grep OpenSSL Here : OpenSSLDie DTLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011 OpenSSL 1.0.1-stable 05 Jun 2011 TLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011 SSLv3 part of OpenSSL 1.0.1-stable 05 Jun 2011 SSLv2 part of OpenSSL 1.0.1-stable 05 Jun 2011 -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Le 04/07/2012 00:14, Clement Hermann (nodens) a écrit : The server is running on netbsd 6. I asked the admin, and openssl version returns : OpenSSL 1.0.1-stable 05 Jun 2011 a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though. I made a few more tests, and it seems to sometimes work with openssl s_client -tls1_1. But when it works, I need to stop trying for 10s or so, or it will never work again. The same thing happens with -cipher AES256 (but it could be some kind of entropy issue on the server). However, it never works without specifying either the protocol or the cipher. I let irssi try for 2 days before trying to downgrade libssl (several minutes between tries). Hope that helps, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Le 03/07/2012 23:54, Kurt Roeckx a écrit : On Tue, Jul 03, 2012 at 11:29:26PM +0200, Clement Hermann (nodens) wrote: Package: libssl1.0.0 Version: 1.0.1c-3 Severity: normal Hi, I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3 IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my tests with openssl s_client to be sure. The connexion works with libssl1.0.0h, but every later version fails with the error "wrong cipher". What's funny is that if I force the cipher that would have been chosen with 1.0.0h when using 1.0.1, I can connect. Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1). Do you know what ssl implementation and version is running on the other side? Is there some firewall or ssl accelerator in between or something? I'm not sure what hybrid supports for ssl libraries, and the Debian package doesn't seem to be build with ssl enabled. The server is running on netbsd 6. I asked the admin, and openssl version returns : OpenSSL 1.0.1-stable 05 Jun 2011 a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though. -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Package: libssl1.0.0 Version: 1.0.1c-3 Severity: normal Hi, I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3 IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my tests with openssl s_client to be sure. The connexion works with libssl1.0.0h, but every later version fails with the error "wrong cipher". What's funny is that if I force the cipher that would have been chosen with 1.0.0h when using 1.0.1, I can connect. Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1). Here are some logs. They are anonymized, as this is a private IRC server. ** *** working : 1.0.0h (from snapshot.debian.org) ** ** openssl s_client -connect irc.example.net:994 CONNECTED(0003) depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = r...@example.net verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = r...@example.net verify error:num=27:certificate not trusted verify return:1 depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = r...@example.net verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=r...@example.net i:/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=Example Root CA/emailAddress=r...@example.net --- Server certificate -BEGIN CERTIFICATE- -END CERTIFICATE- subject=/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=r...@example.net issuer=/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=Example Root CA/emailAddress=r...@example.net --- No client certificate CA names sent --- SSL handshake has read 1205 bytes and written 351 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : SSLv3 Cipher: AES256-SHA Session-ID: EA1227FD3AF94737B103C92D43B0B2C6E290374FECEAC0A8B268C9CD7EBFC22E Session-ID-ctx: Master-Key: BB7067003E1899F894A3979EBE0704F9F82F240E560339BE136CFF3DCDC204FCFA716D34B4B2996C4E9A63AE623BEB67 Key-Arg : None PSK identity: None PSK identity hint: None Start Time: 1341348684 Timeout : 7200 (sec) Verify return code: 21 (unable to verify the first certificate) --- :irc.example.net NOTICE AUTH :*** Looking up your hostname... :irc.example.net NOTICE AUTH :*** Checking Ident :irc.example.net NOTICE AUTH :*** Found your hostname :irc.example.net NOTICE AUTH :*** No Ident response ** *** NOT working : starting with 1.0.1 (debian) *** ** ~$ openssl s_client -connect irc.example.net:994 CONNECTED(0003) 140721299515048:error:14092105:SSL routines:SSL3_GET_SERVER_HELLO:wrong cipher returned:s3_clnt.c:952: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 58 bytes and written 7 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.1 Cipher: Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1341349387 Timeout : 300 (sec) Verify return code: 0 (ok) --- ** *** working : 1.0.1c-3 whith cipher forced ** ** ~$ openssl s_client -cipher AES256-SHA -connect irc.example.net:994CONNECTED(0003) depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = r...@example.net verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = r...@example.net verify error:num=27:certificate not trusted verify return:1 depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = r...@example.net verify error:num=21:unable to verify the first certificate verify return:1 -
Bug#676531: openvpn: --x509-username-field doesn't work (please add configure option)
Package: openvpn Version: 2.2.1-8 Severity: normal Hi, The manpage indicate that you can use any X509 field as username with the option --x509-username-field. However, this option is invalid unless you add --enable-x509-alt-username to the configure script options. Could you please include this option ? I did add it on a local installation without encountering any problem, so I have a patch available on request (althought a very trivial one). Cheers, -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openvpn depends on: ii debconf [debconf-2.0] 1.5.42 ii initscripts2.88dsf-22.1 ii libc6 2.13-30 ii liblzo2-2 2.06-1 ii libpam0g 1.1.3-7 ii libpkcs11-helper1 1.09-1 ii libssl1.0.01.0.1a-3 ii net-tools 1.60-24.1 openvpn recommends no packages. Versions of packages openvpn suggests: pn openssl 1.0.1a-3 pn resolvconf -- debconf information excluded -- Clément Hermann (nodens) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#620853: gnome-terminal transparency doesn't work in mutter
merge 620853 630339 Thanks -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#620853: gnome-terminal: Transparency only works when maximized
reassign 620853 mutter tags 620853 +fixed-upstream Hi, It seems to be a bug in Mutter and not gnome-terminal. Also, it is fixed upstream : https://bugzilla.gnome.org/show_bug.cgi?id=635268 Cheers, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#570167: libccid: New Neowave Weneo card version with new productId
On 17/02/2010 10:00, Ludovic Rousseau wrote: Hello, 2010/2/17 Clement Hermann (nodens): I am a tester of the new USB card for public transportation in Grenoble, France (Semitag). They use Neowave Weneo card, but the card use a different productId than the Neowave_weneo and Neowave_weneo2 drivers. Can you also send me: - a picture of the reader - the URL of a page describing the reader Thanks I do not have a camera ready for taking a picture, but it looks very much like what you can see http://www.neowave.fr/en/weneo_transport.html (apart from the branding, it's red and has the "Tag" Logo). I don't know if there is a sim inside it : It seem sealed. I could take a picture if you really need it. Cheers, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#570167: libccid: New Neowave Weneo card version with new productId
Package: libccid Version: 1.3.11-1 Severity: normal Hi, I am a tester of the new USB card for public transportation in Grenoble, France (Semitag). They use Neowave Weneo card, but the card use a different productId than the Neowave_weneo and Neowave_weneo2 drivers. Please find new driver description attached, as well as a very simple patch to /etc/libccid_Info.plist for the impatients (just added the new productId... Works so far). Cheers, Clément Hermann (nodens) -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'sid'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libccid depends on: ii libc62.10.2-6Embedded GNU C Library: Shared lib ii libpcsclite1 1.5.5-3 Middleware to access a smart card ii libusb-0.1-4 2:0.1.12-14 userspace USB programming library Versions of packages libccid recommends: ii pcscd 1.5.5-3Middleware to access a smart card Versions of packages libccid suggests: pn pcmciautils(no description available) -- no debconf information idVendor: 0x1E0D iManufacturer: Neowave idProduct: 0x0033 iProduct: Weneo bcdDevice: 1.71 (firmware release?) bLength: 9 bDescriptorType: 4 bInterfaceNumber: 1 bAlternateSetting: 0 bNumEndpoints: 3 bulk-IN, bulk-OUT and Interrupt-IN bInterfaceClass: 0x0B [Chip Card Interface Device Class (CCID)] bInterfaceSubClass: 0 bInterfaceProtocol: 0 bulk transfer, optional interrupt-IN (CCID) iInterface: Weneo Reader CCID Class Descriptor bLength: 0x36 bDescriptorType: 0x21 bcdCCID: 1.10 bMaxSlotIndex: 0x00 bVoltageSupport: 0x02 3.0V dwProtocols: 0x 0x0003 T=0 T=1 dwDefaultClock: 3.570 MHz dwMaximumClock: 3.570 MHz bNumClockSupported: 1 Support 3570 kHz dwDataRate: 9600 bps dwMaxDataRate: 115200 bps bNumDataRatesSupported: 5 Support 9600 bps Support 19200 bps Support 38400 bps Support 57600 bps Support 115200 bps dwMaxIFSD: 254 dwSynchProtocols: 0x dwMechanical: 0x No special characteristics dwFeatures: 0x00010230 10 Automatic ICC clock frequency change according to parameters 20 Automatic baud rate change according to frequency and Fi, Di params ..02.. NAD value other than 00 accepted (T=1) 01 TPDU level exchange dwMaxCCIDMessageLength: 271 bytes bClassGetResponse: 0xFF echoes the APDU class bClassEnveloppe: 0xFF echoes the APDU class wLcdLayout: 0x bPINSupport: 0x00 bMaxCCIDBusySlots: 1 --- etc/libccid_Info.plist 2010-02-17 00:20:01.366447525 +0100 +++ /etc/libccid_Info.plist 2010-02-17 00:22:17.0 +0100 @@ -229,6 +229,7 @@ 0x04E8 0x1E0D 0x1E0D + 0x1E0D 0x1206 0x04DA 0x09C3 @@ -362,6 +363,7 @@ 0x0007 0x0013 0x8033 + 0x0033 0x2105 0x117A 0x0008 @@ -495,6 +497,7 @@ Softforum XecureHSM Neowave Weneo Neowave Weneo + Neowave Weneo Synnix STD200 Panasonic USB Smart Card Reader 7A-Smart ActivCard USB Reader 2.0
Bug#560161: php5-ldap: LDAPS and LDAP+TLS return error on valid wildcard certificate check
Package: php5-ldap Severity: normal Hi, php5-ldap return error on bind when server is using a wildcard SSL certificate, even when the certificate is valid. ldapsearch works OK on the same certificate. Workaround : add TLS_REQCERT never in ldap.conf (but then you cannot verify that you are connecting to the right server), or use a simple (non-wildcard) certificate. This is probably an upstream bug (see http://bugs.php.net/bug.php?id=17738), but the relevant bug is currently in "no feedback" state so maybe it could be re-opened as a new bug. (I don't have any php version supported upstream readily available that can connect to a ldaps server with a wildcard cert, so I did not report it upstream). Cheers, -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'sid'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#543391: cyrus-imapd-2.2: Sieve does not decode MIME headers
Package: cyrus-imapd-2.2 Severity: normal Hi, Sieve does not decode RFC2231 headers before comparison, so if the message's header checked is RFC2231 encoded, it will never match. It means that if you receive a mail with UTF-8 encoded subject, filters based on the subject content won't be filtered. This report is mainly for your information : it has already be reported upstream some time ago as #1721 : https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=1721 (fix pending, but unlikely to be backported to 2.2.x) Cheers -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'sid'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#527449: swftools: multiple vulnerabilities in embedded copy of xpdf
Le 18/08/2009 16:26, Simo Kauppi a écrit : > On Tue, Aug 18, 2009 at 12:19:12PM +0200, Clement Hermann (nodens) wrote: >> Hi, > > Hi, > >> Is there any news on this bug ? would you accept a patch to use >> libpoppler instead of embedded xpdf ? > > Nothing new; the 0.9.0 release of swftools still uses the xpdf 3.02 > embedded in it and the last time I asked, the upstream had no plans to > start using libpoppler instead. I saw a patch by Patrice Dumas on the swftools mailing list last year [1]. It was accepted and applied at the time, I couldn't find why it was removed, but maybe it could be tweaked to apply against current swftools. http://www.mail-archive.com/swftools-com...@nongnu.org/msg02205.html -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#526240: Version 0.9.0 of swftools is out. Please upgrade this package.
Hi, Is there any caveat on upgrading to the latest upstream version (besides the libpoppler use discussed in #527449) ? Or is this only a time problem ? I am willing to provide help (patch / testing / whatever) if I can and if you need any. Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#527449: swftools: multiple vulnerabilities in embedded copy of xpdf
Hi, Is there any news on this bug ? would you accept a patch to use libpoppler instead of embedded xpdf ? Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#484629: gcstar: version 1.4.0 is out
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
as I badly needed the 1.4 version for my comics collection, I actually
"uupdate'd" the package, cleaned (removed or adapted) some patches, and
it seems to work so far.
There is still some work to do (a few lintian warnings), but I didn't
want to alter the original package too much, as you said you were
working on it.
Anyway, here is the complete patch, and I attached the individual
patches as well, in case it helps.
The 01-set_usr_lib.dpatch and 07_fix_manpath.dpatch has been slightly
modified to fit the new source, and the 11_fix_allocine_plugin.dpatch
has been added from upstream CVS to fix a bug induced by new allocine.fr
layout. The 10-fix-storable-crash.dpatch has been fixed upstream.
Regards,
- --
Clement Hermann (nodens)
- - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?"
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/
Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmp3tAACgkQ0yQ2guvROZ1iHQCfUobNkA/LWcIk7FRHOB5MMF/I
DSwAn1NSNO2fhyehiKjm9LjqS9EuimX9
=UDXi
-END PGP SIGNATURE-
gcstar-new_upstream-1.4.3.patch.gz
Description: application/gzip
#! /bin/sh /usr/share/dpatch/dpatch-run
## 01-set_usr_lib.dpatch by Alexander Wirt
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad gcstar-1.4.3~/bin/gcstar gcstar-1.4.3/bin/gcstar
--- gcstar-1.4.3~/bin/gcstar2008-10-11 13:08:15.0 +0200
+++ gcstar-1.4.3/bin/gcstar 2009-02-28 18:55:56.710196397 +0100
@@ -44,9 +44,9 @@
use POSIX qw(locale_h);
$ENV{GCS_BIN_DIR} = $RealBin;
-($ENV{GCS_LIB_DIR} = $ENV{GCS_BIN_DIR}) =~ s/bin\/?$/lib\/gcstar/;
+($ENV{GCS_LIB_DIR} = $ENV{GCS_BIN_DIR}) =~ s/bin\/?$/share\/gcstar\/lib/;
($ENV{GCS_SHARE_DIR} = $ENV{GCS_BIN_DIR}) =~ s/bin\/?$/share\/gcstar/;
-use lib File::Spec->canonpath("$RealBin/../lib/gcstar");
+use lib File::Spec->canonpath("$RealBin/../share/gcstar/lib");
if (exists $ENV{PAR_TEMP})
{
unshift @INC, "$RealBin/../lib/gcstar";
diff -urNad gcstar-1.4.3~/install gcstar-1.4.3/install
--- gcstar-1.4.3~/install 2008-07-17 19:31:01.0 +0200
+++ gcstar-1.4.3/install2009-02-28 18:55:56.710196397 +0100
@@ -196,8 +196,8 @@
chmod 0755, $baseDir.'/bin/'.$binName;
#Copying lib
-verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/lib/gcstar';
-recursiveCopy('lib/gcstar', $baseDir.'/lib/gcstar');
+verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/share/gcstar/lib';
+recursiveCopy('lib/gcstar', $baseDir.'/share/gcstar/lib');
#Copying share
verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/share/gcstar';
#! /bin/sh /usr/share/dpatch/dpatch-run
## 07_fix_manpath.dpatch by Alexander Wirt
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad gcstar-1.4.3~/install gcstar-1.4.3/install
--- gcstar-1.4.3~/install 2009-02-28 18:56:29.674198841 +0100
+++ gcstar-1.4.3/install2009-02-28 18:58:05.402193838 +0100
@@ -107,7 +107,7 @@
}
unlink $baseDir.'/bin/'.$binName;
-unlink $baseDir.'/man/man1/'.$binName.'.1.gz';
+unlink $baseDir.'share/man/man1/'.$binName.'.1.gz';
# remove menu and mime items
@@ -187,9 +187,9 @@
mkpath $baseDir.'/bin';
copy 'bin/gcstar', $baseDir.'/bin/'.$binName;
-verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/man/man1';
-mkpath $baseDir.'/man/man1';
-my $manPage = "$baseDir/man/man1/$binName.1";
+verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/share/man/man1';
+mkpath $baseDir.'/share/man/man1';
+my $manPage = "$baseDir/share/man/man1/$binName.1";
copy 'man/gcstar.1', $manPage;
`gzip -f -9 $manPage 2>&1 >/dev/null`;
#! /bin/sh /usr/share/dpatch/dpatch-run
## 11_fix_allocine_plugin.dpatch by Clément Hermann (nodens)
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad gcstar-1.4.3~/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm
gcstar-1.4.3/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm
--- gcstar-1.4.3~/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm2008-08-15
13:55:14.0 +0200
+++ gcstar-1.4.3/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm 2009-03-01
01:35:05.622195296 +0100
@@ -2,7 +2,7 @@
###
#
-# Copyright 2005-20
Bug#404926: closed by Daniel Baumann (reply to dan...@debian.org) (Re: vsftpd: defs.h limits the username length to 32 chars)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Debian Bug Tracking System a écrit : > This is an automatic notification regarding your Bug report > which was filed against the vsftpd package: > [...] > Re: vsftpd: defs.h limits the username length to 32 chars > Expéditeur: > Daniel Baumann > Date: > Sat, 31 Jan 2009 04:00:35 +0100 > Destinataire: > 404926-d...@bugs.debian.org, 404926-submit...@bugs.debian.org > > Destinataire: > 404926-d...@bugs.debian.org, 404926-submit...@bugs.debian.org > > > Hi, > > on linux, you cannot have longer login names than 32 chars anyway due to > libc6. Therefore, it doesn't make any sense to me to have longer names > in vsftpd. > Sorry, but this is wrong. Usernames longer than 32 chars do work. They are truncated in utmp.h but one can login. Our naming policy involve sometimes longer than 32 chars ftp usernames. Once I changed defs.h it did work. Also, vsftp still says "login failed", it should at least return a meaningful error such as "invalid username". It would save users facing this issue some hassle. Please, reopen this bug. Reagrds, - -- Clément Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmF5N0ACgkQ0yQ2guvROZ3B7QCdHbnFfqcHzriuun2E3O6+6KLE VDkAnRT5h3HGo3+UzLfZWocXKPviL5bR =+LmV -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#491545: New upstream version (1.4.1) is available
Hi, Any news ? the upstream version is 1.4.3 now. Do you need any help on tracking the strange bug you mentionned on your previous answer ? Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#164379: Bug#425663: xnest: no xkb extension support
tags 164379 +fixed-upstream tags 425663 +fixed-upstream Thanks Hi, This bug is now fixed upstream : https://bugs.freedesktop.org/show_bug.cgi?id=10015 Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#425663: xnest: no xkb extension support
tags 164379 +fixed-upstream Thanks Hi, This bug is now fixed upstream : https://bugs.freedesktop.org/show_bug.cgi?id=10015 Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#476120: linux-2.6: please set CONFIG_X86_BIGSMP
Package: linux-2.6 Severity: normal Hi, on a recent intel quad-core (core2) CPU, CONFIG_X86_BIGSMP=y is needed to boot with more than 8 cpu. Without it, booting stops after CPU detection. Booting works when setting maxcpus=8 as boot parameter (but, obviously, you are then limited to 8 cores). Quadri Quad-core systems becomes more and more widespread these days (think virtualization), making x86 machines with more than 8 CPUs more common. Debian (be it Etch or Lenny) won't work on them. Please, enable this option, so that debian can be used for a high-end virtualization system without recompiling ! Backporting this to Etch as well seems mostly harmless to me, but I'll let a kernel guru check ;) Cheers, Clément Hermann (nodens) -- (Irrelevant) System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (990, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-1-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
Bug#393976: xvnc4viewer: always return 1 on exit (was: Re: Bug#393976: tsclient: Bug still present)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 reassign 393976 xvnc4viewer 4.1.1+X4.3.0-21 thanks Javier Kohen a écrit : > Both those actions yield the reconnect dialog here. Like I said in my > original report, the details window shows VNCviewer's output to stdout, > as if it were an error message. All it says is the VNC version (4.1.1), > the server's parameters and the chosen encoding. See below: > > VNC Viewer Free Edition 4.1.1 for X - built Feb 26 2007 20:38:07 > Copyright (C) 2002-2005 RealVNC Ltd. > See http://www.realvnc.com for information on VNC. > > Mon Nov 26 17:14:13 2007 > CConn: connected to host XX port 5900 > CConnection: Server supports RFB protocol version 3.8 > CConnection: Using RFB protocol version 3.8 > > Mon Nov 26 17:14:14 2007 > TXImage: Using default colormap and visual, TrueColor, depth 24. > CConn: Using pixel format depth 6 (8bpp) rgb222 > CConn: Using ZRLE encoding > > Ok, it seems you are using xvnc4viewer, where I was trying with tightvncviewer. I did reproduce the bug. However, the bug does not lie in tsclient but in xvnc4viewer itself. It returns 1 on exit, regardless of whether you asked for exit or closed the windows (or send a TERM or SIGKILL signal, by the way). Tsclient has no way to tell that you exited cleanly, so it asks you if you want to reconnect. I'm reassigning the bug to xvnc4viewer. You might want to try to install xtightvncviewer and do a update-alternative --config vncviewer if that really bother you, or wait for the bug in xvncv4viewer to be fixed :) Cheers, - -- Clement Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHTe0D0yQ2guvROZ0RAoZlAJ9bVnGjbHd6/c3PTQybeeKZp2ifzwCfWzHC PqlPPrRPorQaIYqUJ3iOs0g= =MUTd -END PGP SIGNATURE-
Bug#449144: tsclient: Please add RDPv5 disk mapping support (patch available)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josselin Mouette a écrit : > Hi, Hi Josselin, > Thanks for the patch. Actually I did not wrote it. A friend of mine did and posted it on sourceforge. I'm merely a relay here, I quickly reviewed and tested it and it seemed ok to me. > > Currently, tsclient is missing a primary maintainer and is therefore far > from up-to-date despite how useful it is. > > If you want to contribute to the packaging to keep tsclient in good > shape in Debian, you are most welcome. I don't have much free time, but I'd be glad to help. I don't have much experience in debian packaging (I did create some packages or backports for private or corporate usage, nothing more), but if someone is willing to mentor me I could probably help on tsclient. Besides, I need it, I want it upgraded, so I guess someone has to do the job ;) I'll look into the source package and see if I can submit a patch. Cheers, - -- Clement Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHLllG0yQ2guvROZ0RAmeAAKCVYmprrCEiLc1Xi1NNeVoks7IjHACfYQXh KjTRn9Y53/MVEtZVuPiNmlY= =cYeD -END PGP SIGNATURE-
Bug#449144: tsclient: Please add RDPv5 disk mapping support (patch available)
Package: tsclient
Version: 0.148-3
Severity: wishlist
Tags: patch
Hi,
A long-time missing feature in tsclient is the ability to map a local
directory to a remote computer in RDPv5.
A patch available on sourceforge address this (see URL below, also
attached here for your convenience). However, you probably need to
upgrade to the latest version (0.150) to make apply it cleanly.
URL to the patch on sourceforge :
http://sourceforge.net/tracker/index.php?func=detail&aid=1822832&group_id=192483&atid=941576
Cheers,
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.20-1-xen-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages tsclient depends on:
ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit
ii libbonoboui2-02.18.0-5 The Bonobo UI library
ii libc6 2.6.1-1GNU C Library: Shared libraries
ii libglib2.0-0 2.14.0-2 The GLib library of C routines
ii libgnome2-0 2.18.0-4 The GNOME 2 library - runtime file
ii libgnomeui-0 2.18.1-2 The GNOME 2 libraries (User Interf
ii libgtk2.0-0 2.10.13-1 The GTK+ graphical user interface
ii libpanel-applet2-02.18.3-1 library for GNOME Panel applets
ii rdesktop 1.5.0-2RDP client for Windows NT/2000 Ter
tsclient recommends no packages.
-- no debconf information
diff -ur tsclient-0.150/src/connect.c tsclient-0.151/src/connect.c
--- tsclient-0.150/src/connect.c 2007-04-11 20:15:35.0 +0200
+++ tsclient-0.151/src/connect.c 2007-10-30 15:03:42.0 +0100
@@ -175,6 +175,16 @@
GtkWidget *cboKeyboardLang;
GtkWidget *txtKeyboardLang;
+ // Drive mapping
+ GtkWidget *chkDiskMapping;
+
+ // Drive mapping Widgets
+ GtkWidget *frameDrive;
+ GtkWidget *lblDriveFrame;
+ GtkWidget *tblDrive;
+ GtkWidget *imgDrive;
+ GtkWidget *vbxDrive;
+
// Program Tab Widgets
GtkWidget *lblProgramsTab1;
@@ -191,6 +201,7 @@
// Performance Tab Widgets
GtkWidget *lblPerformanceTab1;
+ GtkWidget *vbxPerformanceTab1;
// Performance Frame Widgets
GtkWidget *framePerform;
@@ -689,7 +700,6 @@
gtk_option_menu_set_menu (GTK_OPTION_MENU (optKeyboard), mnuKeyboard);
-
lblKeyboardLang = gtk_label_new (_("Use the following keyboard language\n(2 char keycode)"));
gtk_table_attach (GTK_TABLE (tblKeyboard), lblKeyboardLang, 1, 2, 2, 3,
(GtkAttachOptions) (GTK_FILL),
@@ -777,9 +787,15 @@
(GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
(GtkAttachOptions) (GTK_FILL), 0, 0);
+ // Last tab (Performance)
+ vbxPerformanceTab1 = gtk_vbox_new (FALSE, 0);
+ gtk_container_add (GTK_CONTAINER (nbkComplete), vbxPerformanceTab1);
+ gtk_notebook_set_tab_label_packing (GTK_NOTEBOOK (nbkComplete), vbxPerformanceTab1,
+ TRUE, TRUE, GTK_PACK_START);
+
framePerform = gtk_frame_new (NULL);
- gtk_container_add (GTK_CONTAINER (nbkComplete), framePerform);
+ gtk_container_add (GTK_CONTAINER (vbxPerformanceTab1), framePerform);
gtk_notebook_set_tab_label_packing (GTK_NOTEBOOK (nbkComplete), framePerform,
TRUE, TRUE, GTK_PACK_START);
gtk_container_set_border_width (GTK_CONTAINER (framePerform), 3);
@@ -840,6 +856,37 @@
gtk_label_set_line_wrap (GTK_LABEL (lblPerformanceOptions), TRUE);
gtk_misc_set_alignment (GTK_MISC (lblPerformanceOptions), 0, 0.5);
+
+ frameDrive = gtk_frame_new (NULL);
+ // Add the new frame to the Local ressource tab
+ gtk_box_pack_start (GTK_BOX (vbxLocalTab1), frameDrive, TRUE, TRUE, 0);
+ gtk_container_set_border_width (GTK_CONTAINER (frameDrive), 3);
+ gtk_frame_set_shadow_type (GTK_FRAME (frameDrive), GTK_SHADOW_NONE);
+
+ lblDriveFrame = gtk_label_new_with_mnemonic (_("Remotely map your disk drive"));
+ gtk_label_set_markup (GTK_LABEL (lblDriveFrame), g_strconcat ("", _("Remotely map your disk drive"), "", NULL));
+ gtk_frame_set_label_widget (GTK_FRAME (frameDrive), lblDriveFrame);
+ gtk_label_set_justify (GTK_LABEL (lblDriveFrame), GTK_JUSTIFY_LEFT);
+
+ tblDrive = gtk_table_new (1, 2, FALSE);
+ gtk_container_add (GTK_CONTAINER (frameDrive), tblDrive);
+ gtk_table_set_col_spacings (GTK_TABLE (tblDrive), 6);
+
+ imgDrive = create_pixmap (frmConnect, "harddrive.png");
+ gtk_misc_set_padding (GTK_MISC (imgDrive), 3, 3);
+ gtk_table_attach (GTK_TABLE (tblDrive), imgDrive, 0, 1, 0, 1,
+(GtkAttachOptions) (GTK_FILL),
+(GtkAttachOptions) 0, 0, 0);
+
+ vbxDrive = gtk_vbox_new (FALSE, 0);
+ gtk_table_attach (GTK_TABLE (tblDrive), vbxDrive, 1, 2, 0, 2,
+(GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+(GtkAttac
Bug#317258: [stable] kernel upload to p-u
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I finally had the opportunity to reset this server, and did it on the kernel without the patch to see the error messages. The kernel loads, the megaraid_mbox driver detects the device, and we have ... Megaraid mbox : Wait for 0 commands to complete :300 Megaraid mbox : reset sequence completed successfully appearing for a few minutes. It seems it tries for each id in the scsci chain. Eventually, it gives up with : scsi : Device offlined - not ready after error recovery. Voilà, hope it helps. Regards, - -- Clement Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHJc3F0yQ2guvROZ0RAo6BAJ44cotyAMbGchn5LGS5Er+8dNcVyQCdGajO FUIQtxB2llhcYAPCNzwupVM= =Mb85 -END PGP SIGNATURE-
Bug#421129: mldonkey-server: mldonkey_server wrapper absent from package
Package: mldonkey-server Version: 2.8.5-1 Severity: important Hi, The mldonkey_server wrapper ain't in the mldonkey-server package, and the init script relies on it to launch mlnet. mlnet can still be launched manually, however, but any "server" setup (as proposed by debconf) won't work. Regards, -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (990, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.20-1-xen-amd64 (SMP w/1 CPU core) Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages mldonkey-server depends on: ii adduser 3.102 Add and remove users and groups ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy ii dpkg 1.13.25package maintenance system for Deb ii libbz2-1.01.0.3-6high-quality block-sorting file co ii libc6 2.5-4 GNU C Library: Shared libraries ii libfreetype6 2.2.1-5FreeType 2 font engine, shared lib ii libgcc1 1:4.1.2-4 GCC support library ii libgd2-xpm2.0.34~rc1-2 GD Graphics Library version 2 ii libjpeg62 6b-13 The Independent JPEG Group's JPEG ii libpng12-01.2.15~beta5-1 PNG library - runtime ii libstdc++64.1.2-4The GNU Standard C++ Library v3 ii mime-support 3.39-1 MIME files 'mime.types' & 'mailcap ii ucf 2.0021 Update Configuration File: preserv ii zlib1g1:1.2.3-13 compression library - runtime mldonkey-server recommends no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#317258: Bug #317258: megaraid driver not working on netraid 1M/2M and 2.6.18 (used to be patched)
Hi, Is there anything new on this bug ? Is there a chance the patch is re-applied before Etch release ? Upgrade to Etch (and subsequent maintenance) will be painful for Netraid 1M/2M users if the patch is not applied on the current kernel shipped in Etch... Also, the patch seems mostly harmless to me (but you may know better, please explain if this is the case :) ) Best regards, and Happy New Year to you all -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#385024: xen-tools: Please use --numeric-owner tar option
Steve Kemp wrote: I think your suggestion of using "--numeric-owner" makes a lot of sense, and to be honest I can't think of this package being used upon a non-GNU system, so adding it unconditionally makes a lot of sense. maybe the best would be to specify an archive command in the configuration file (with arguments and at least one special character to tell where the filename should be). This would permit the use of other tools such as star (ACL support), or even enabling the possibility to read directly the files from the standard input (and so beeing able to use tar over ssh or other neat tricks) However, --numeric-owner would be sufficient for now ;) Regards, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#385024: Acknowledgement (xen-tools: Please use --numeric-owner tar option)
FYI, I gave a quick look to the code and found a workaround : --tar " --numeric-owner". Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#383628: enlightenment: package upgrade
Jan Christoph Nordholz wrote: Hi Clement, Hi Jan, a new package is being worked on. Actually, the most recent upstream version is 0.16.8.3 (released Aug 17th). ;-) Oops... missed this one ;-) But note that not only the binary's name has changed - the user configuration has moved from .enlightenment to .e16 and changed much of its internal structure and syntax (the keybindings file is a prominent example), so there is no comfortable way to migrate from 0.16.7 to 0.16.8. Right. When I changed from 0.16.7 to 0.16.8cvs, My old conf mostly worked, even if the file structure had changed. There where few problems, but I had to reconfigure some features, so I guess it might indeed cause a few issues if the user is not properly warned. Anyway, glad to know that E's not forgotten in debian ! :) Please, don't hesitate to ask if you think I can help in any way. Cheers, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#383628: enlightenment: How about upgrading to DR16 0.16.8.2 ?
Package: enlightenment
Version: 1:0.16.7.2-1
Severity: wishlist
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
The title says it all :)
The 0.16.8.2 version does not seem very different to me, but it adds
some interesting features (such as a composite manager) and fixes some
annoying little bugs. The only big change I can see is the renaming of
binaries (enlightenment -> e16) to allow people to use DR16 and DR17 on
the same system.
Actually, I used your debian/* to package it for myself a while ago and
it's mostly OK.
A package renaming may be appropriate to follow upstream
("enlightenement" primarily refers to DR17): the package would then be
named e16. It may also avoid Conflicts: or patches when packaging DR17.
Best regards,
Clement Hermann (nodens)
- -- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-xen-686
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
Versions of packages enlightenment depends on:
pn enlightenment-data (no description available)
ii libaudiofile0 0.2.6-6Open-source version of SGI's audio
ii libc6 2.3.6-7GNU C Library: Shared libraries
ii libesd0 0.2.36-3 Enlightened Sound Daemon - Shared
ii libice6 1:1.0.0-3 X11 Inter-Client Exchange library
ii libimlib2 1.2.1-2powerful image loading and renderi
ii libsm61:1.0.0-4 X11 Session Management library
ii libx11-6 2:1.0.0-6 X11 client-side library
ii libxext6 1:1.0.0-4 X11 miscellaneous extension librar
ii xlibs 6.9.0.dfsg.1-6 X Window System client libraries m
Versions of packages enlightenment recommends:
ii esound0.2.36-3 Enlightened Sound Daemon - Support
ii menu 2.1.27 generates programs menu for all me
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFE5baJ0yQ2guvROZ0RAuEiAKCgp6wWgVl1zJPkw9RVFjqLBlBlPQCfRZAT
4nKopR+/mZYsH6ikh0xsB/s=
=6f2v
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#377984: xen-tools: a simple way to duplicate virtual machines
Steve Kemp wrote: On Wed, Jul 12, 2006 at 02:15:28PM +0200, Clement Hermann (nodens) wrote: I think that this could be done already without too many steps. Of course. Actually, I did it several times. However, I'd like to make it even easier (that what's wishlist is about after all) :) And if the source vm has to be stopped, copying the image file is faster and the stopped domU can be restarted sooner. I agree that a lvm snapshot can be done to make things faster, though. (You might also be interested in the --tar argument which will untar a previous tarfile of a disk image instead of using a network copy.) Yep. I use that to copy real machine in domU : I tar everything (except proc, sys and big log files) over ssh on my xen machine and create a new domU with --tar. Many thanks for this particular option, it really helps :) Regards, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#377984: xen-tools: a simple way to duplicate virtual machines
Package: xen-tools Version: 2.1-3 Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I see that the xen-duplicate-image support is discontinued upstream. However, it would be nice to be able to duplicate images easily (one can copy the images or LVM and change the configuration, or archive an existing image with tar and use the tar file option of xen-create-image), but it means doing several steps for this operation. xen-create-image with the appropriate option could verify that a machine is stopped to prevent corruption, and use an existing image or lv as source to create a new image with the correct networking configuration. What do you think ? Regards, - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-xen-686 Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1) Versions of packages xen-tools depends on: ii debootstrap 0.3.3 Bootstrap a basic Debian system ii libtext-template-perl 1.44-1.1 Text::Template perl module ii perl-modules 5.8.8-4Core Perl modules Versions of packages xen-tools recommends: pn reiserfsprogs (no description available) pn rpmstrap (no description available) ii xen-hypervisor-3.0-i386 [ 3.0.2+hg9697-1 The Xen Hypervisor for i386 ii xfsprogs 2.7.16-1 Utilities for managing the XFS fil - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEtOff0yQ2guvROZ0RAqahAKCd9OcJhc9hDMmJoXoeLjACFenjrgCgiXYi IoXMr2FkfrusmXNijg+wlYA= =OFAP -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#377684: xen-tools: --force option won't work with XFS
Package: xen-tools Version: 2.1-3 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, The problem is, if --force option is given, the -f option is given after - --name=, so it won't work (--name should be followed by the loopback image filename if I understand the code correctly). The " -f" option added between the binary and other args by appending " -f " to the binary (that is after the binary / args separation), or maybe it would be better to split the command in several variables (like $binary $force $args) and run it that way (&runCommand( "$binary $force $args" )). TIMTOWTDI ;) Regards, - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-xen-686 Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1) Versions of packages xen-tools depends on: ii debootstrap 0.3.3 Bootstrap a basic Debian system ii libtext-template-perl 1.44-1.1 Text::Template perl module ii perl-modules 5.8.8-4Core Perl modules Versions of packages xen-tools recommends: pn reiserfsprogs (no description available) pn rpmstrap (no description available) ii xen-hypervisor-3.0-i386 [ 3.0.2+hg9697-1 The Xen Hypervisor for i386 ii xfsprogs 2.7.16-1 Utilities for managing the XFS fil - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEsn7E0yQ2guvROZ0RAoUSAJ9f6iREkwB7l5OD/okPHKRxBmBELQCfevwS BQCzw4yAZ/JODMTTwbnJ1Sw= =jfkL -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#291368: Webalizer should be able to generate stats in different languages
Jose Carlos Medeiros wrote: Hi, Debian Webalizer was patched to use gettext then I think if you use something like: LANG=pt_BR; webalizer ; This will create htm and png files to Brazilian Portuguese instead default language ex. English. yep. This is an old bug which should probably be closed now :) -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#368436: linux-image-2.6.16-1-xen-686: Package is missing fundamental files
Bastian Blank wrote: severity 368436 normal thanks On Mon, May 22, 2006 at 10:29:49AM +0200, Clement Hermann (nodens) wrote: Package: linux-image-2.6.16-1-xen-686 Version: 2.6.16-12 Severity: grave Justification: renders package unusable Pardon, the package works. Only if you can build an initramfs of some sort to boot your kernel. Yaird needs a config. file to build one. Assuming there is a way to build an initramfs image with initramfs-tools (thanks goes to Maximilian for pointing this), I agree (and thus don't have any objection to the severity downgrade). However, The lack of config.version and System.map is a major problem, please don't overlook it. I'm glad there is work in progress to integrate xen in the Debian kernels. However, the current -xen kernels are mostly unusable : - no System.map - no config. (that means no initrd) - no (post|pre)(inst|rm) (this is not a real problem, at least, an informative message should warn the user about the lack of boot loader / initramfs automatic configuration, and point him to some doc) - no doc (the doc should give a clue on how to configure grub, that is, load the hypervisor as a kernel and then kernel and initrd as "modules", or at least a link to xen-source.com) This don't make the included files broken. You're right. But the package is still broken :) Anyway, the important thing is that these informations are now where people can find them, that is, in the BTS. Regards, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#368436: linux-image-2.6.16-1-xen-686: Package is missing fundamental files
maximilian attems wrote: On Mon, May 22, 2006 at 10:29:49AM +0200, Clement Hermann (nodens) wrote: Package: linux-image-2.6.16-1-xen-686 Version: 2.6.16-12 Severity: grave Justification: renders package unusable severity seems exagerated, as packages are work under progress. xen is far from stable itself ;) Well, I suppose the gravity could be downgraded as you can generate a initramfs image with initramfs-tools (didn't know this one, I mainly use yaird). However, lacks of config and System.map are IMO a grave problem. The other problems I report are mainly here for the records, I don't exactly need doc etc (I used to compile a xen kernel myself before this package was uploaded) but I think they are needed before this package hits testing. I don't think the kernel team (or Bastian ?) needs help on this, however I should be able to provide a patch if necessary. you may want to read the nice summary posted on planet.debian.org: http://blog.andrew.net.au/2006/05/07#xen1 Very nice summary indeed. I didn't noticed it (hard to find in google, as most planet debian blog posts), but I'll point newcomers to it the next time I'm asked how to do xen in debian :) Regards, -- Clément Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#368436: linux-image-2.6.16-1-xen-686: Package is missing fundamental files
Package: linux-image-2.6.16-1-xen-686 Version: 2.6.16-12 Severity: grave Justification: renders package unusable -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I'm glad there is work in progress to integrate xen in the Debian kernels. However, the current -xen kernels are mostly unusable : - no System.map - no config. (that means no initrd) - no (post|pre)(inst|rm) (this is not a real problem, at least, an informative message should warn the user about the lack of boot loader / initramfs automatic configuration, and point him to some doc) - no doc (the doc should give a clue on how to configure grub, that is, load the hypervisor as a kernel and then kernel and initrd as "modules", or at least a link to xen-source.com) I understand this is WIP, but at least System.map and config. should be provided to make this usable to someone who knows how xen work. Thanks, - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-1-686-smp Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1) Versions of packages linux-image-2.6.16-1-xen-686 depends on: ii linux-modules-2.6.16-1-xen-68 2.6.16-12 Linux kernel modules 2.6.16 image ii module-init-tools 3.2.2-2tools for managing Linux kernel mo ii yaird [linux-initramfs-tool] 0.0.12-9 Yet Another mkInitRD Versions of packages linux-image-2.6.16-1-xen-686 recommends: pn libc6-i686 (no description available) - -- no debconf information - -- Clément Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEcXZ90yQ2guvROZ0RAl3NAJ9pZpFpCRuU7d9k/zh9CC8IRqBIfgCgnTik WRv0hEzhaI8n6w7Z85r+rJo= =65eR -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#366252: xen-tools: hda vs sda
Steve Kemp wrote: OK. I'll upload after waiting for verification from Clement. Please go ahead, Steve. The problem is fixed :) Thanks ! -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#366252: xen-tools: hda vs sda
Radu Spineanu wrote: It should be fixed in CVS now. Does it account for the submitter's bug report, and has the reported behaviour now stopped? I hope the submitter has a little time to test the CVS version so he can confirm it, but i am confident the bug is fixed. Steve, can you please hold the upload until Clement confirms that everything is ok ? I should be able to test it this week-end. -- Clément 'nodens' Hermann - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#323668: Still some problems when building a xen kernel on amd64
Hi, I noticed that kernel_image target works as expected (detect xen usage, and the amd64.mk does it job just fine), but the binary_arch target seems broken. When using the default parameters, ARCH=xen is used. When using --arch=x86_64, the target used to build the kernel is bzImage instead of vmlinux, which fail. However, I didn't found out why. Cheers, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#362229: xserver-xorg-core: xorg search for XKB files in the wrong place
Clément wrote: However, it might not be the only problem, as a symlink from /usr/X11R6/lib/X11/xkb to /usr/share/X11/xkb does not resolve the problem (although the error is no longer due to file anavailability) : haven:~$ setxkbmap -rules xorg -layout us -model pc105 Error loading new keyboard description Well this does not work, but restarting X fixes the problem in X, so it might not be related after all :) -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu.
Bug#346344: kdelibs-data tries to overwrite `/usr/share/mimelnk/image/x-djvu.desktop'
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > What version of libdjvulibre15 is this? The libdjvulibre15_3.5.16-2 > in the Debian archive does not contain this file. this happens with libdjvulibre15 3.5.15-1 on my system. installing the latest libdjvulibre15 solves the problem. Regards, - -- Clément 'nodens' Hermann - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFD16ix0yQ2guvROZ0RAkDfAJ9jSkXDRwATzYGd7EbNihmZisNNaQCfRX81 feajwmqIZ/DQhce3ehpP5hI= =buos -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#324189: Vlan scripts are buggy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I also have this problem (a vlan is never brought down if the interface is named vlan), on sarge machines. It looks like $IF_VLAN_RAW_DEVICE is empty. The problem does not occur on version 1.8-2. I suggest this bug be tagged "sarge". Attached is the quick (and most probably unclean) workaround I use on sarge machines. Regards, - -- Clément 'nodens' Hermann - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDjDrB0yQ2guvROZ0RAvHoAJ900cbA/eMwbwrJdIBu0xbQAduvzgCfam3E txV0oDyUPLoRC2fRQQ01Hnw= =t+N5 -END PGP SIGNATURE- --- /root/tmp/etc/network/if-post-down.d/vlan 2004-08-19 11:12:22.0 +0200 +++ if-post-down.d/vlan 2005-11-29 11:59:11.0 +0100 @@ -11,6 +11,10 @@ eth*.*) IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"` ;; +vlan*) + IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/vlan0*//"` + ;; + *) exit 0 ;; esac
Bug#340328: /usr/bin/ld: qemu-i386: Not enough room for program headers (allocated 8, need 9)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This fails under debian as well, since 2.16.1cvs20051109-1. going back to 2.16.1cvs20050902-1 fixes the problem. Regards, - -- Clement Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDiOTP0yQ2guvROZ0RAuhVAJ9R0VYrdjspTahd4LoT/GsRhlPa8ACgl22K Cpum1LwHm8OOqBe7knCw0IY= =8Jqp -END PGP SIGNATURE-
Bug#316502: ITP: libsmbios -- Provide access to as much (SM)BIOS information as possible
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, This looks very interesting. Do you have any package available yet ? Regards, - -- Clément 'nodens' Hermann - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDJ+fm0yQ2guvROZ0RAicCAJ0f8qvqL6YexoHLAHc/sWUWrrRf2wCfR8fm 3y5C7UfLC0GRSsla54btgzU= =A4Xr -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#320920: snort: 2.4 upgrade, prelude support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Javier Fernández-Sanguino Peña a écrit : > On Tue, Aug 02, 2005 at 09:08:04AM +0200, Clement 'nodens' Hermann wrote: > >>Package: snort >>Severity: wishlist >> >>Hi, >> >>Snort 2.4 is now out. Could you please, when you upgrade to this >>version, enable prelude output support (i.e a snort-prelude >>package ?) > > > Well, these are two requests and asks for two answers: > > 1.- I have to sort out how are we going to provide rules since, in > the next version, rules are no longer in the package and the new license > prohibits re-distribution. I contacted the Snort upstream maintainers > a while back with no answer. I suppose you are aware of that, but I just noticed that there is a set of GPL rules that could be included in a debian package. Theses rules are only updated on each major release, but the regular rules could be fetched using oinkmaster... The GPL'ed rules can be found here : http://www.snort.org/pub-bin/downloads.cgi#COMM Best regards, - -- Clément 'nodens' Hermann - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDDXMR0yQ2guvROZ0RAoDUAJ9crYGdOpnTiKr952o4EERAodFmSQCeNFCk Z604hGACC++iOkAPMVqU9Aw= =m577 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#320920: snort: 2.4 upgrade, prelude support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Javier Fernández-Sanguino Peña a écrit : > Well, these are two requests and asks for two answers: > > 1.- I have to sort out how are we going to provide rules since, in > the next version, rules are no longer in the package and the new license > prohibits re-distribution. I contacted the Snort upstream maintainers > a while back with no answer. I wasn't aware of this issue. I hope you can sort this out soon. Wouldn't a postinst script which download the rules be OK ? Or would it be against the DFSG ? I think it would not be actually part of the package that way, but I'm not really expert in this field. > 2.- Snort-prelude would require patching the Snort package since, as > far as I am aware, it is not in Snort proper but an external patch. > I'm not sure I want to do that, if you can provide code that implements > it I might consider it (not the patch, but the changes in how the > package is built in Debian). > Actually, the prelude support was included upstream a few month ago, as you can see in http://www.snort.org/docs/release_notes/release_notes_240.txt and http://www.prelude-ids.org/rubrique.php3?id_rubrique=13 Regards, - -- Clément 'nodens' Hermann - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC863C0yQ2guvROZ0RAk66AKCdMOxRscnROfyMmo0jVWwBFU4CYwCgqpvD rVJWyVeIRu/wrLZKu+9Nbug= =4Lh3 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#312569: [electricsheep #312569] Fixed?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexis Sukrieh a écrit : > tags 312569 + moreinfo > thanks > > Please could you reproduce that bug with the new package we uploaded? > Unstable now provides 2.6.2. > > I'm looking forward to your comments, in order to close that bug if it's > not reproducible with the new upstream release. > I could not reproduce this bug with the last version. Thanks for upgrading :) best regards, - -- Clement Hermann (nodens) - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCvdHV0yQ2guvROZ0RAgq0AJoDuJvNwjXgSKnmwZPMMvgM5CSFswCfcf2x EZRgOFWuet/uetAFE9bIiTU= =+UVO -END PGP SIGNATURE-
Bug#314579: Acknowledgement (last libgoffice-1 version breaks excel files support in gnumeric)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 severity 314579 normal thanks Ok, I'm downgrading this bug, because I was mistaken. The last version of gnumeric does not have this problem. However, could you please change the soname when the ABI change ? It would prevent such problems. Best regards, - -- Clément 'nodens' Hermann - - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCso6l0yQ2guvROZ0RAoR9AKCjD2WnPEL53duiLEKfTpcWt98xfQCcDKSQ fQRewGJOYxJJB/AjvsNK2eA= =hBZl -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
