Bug#567447: squid: '%W' appended to cache manager address
forwarded 567447 http://bugs.squid-cache.org/show_bug.cgi?id=2889 thanks Hi st, this bug is caused by an incompatibility between the current 2.7 package and squid-langpack. squid 2.7 does not support %W expansion (which is there to pre-compile) message body. I've forwarded it upstream. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573524: 'dpkg-reconfigure drupal6' inherits the old user password for a new database
severity 573524 normal tags 573524 +moreinfo thanks Hi, would you please explain this issue with more details? dbconfig-common is used in drupal6 to automatically create a database for single domain installation. Is provided for the administrator convenience for simple installation and does not handle multiple db configurations. Administrator is asked if dbconfig-common should be used for database configuration at the beginning of drupal6 install. Admins planning to use multiple DBs should skip the auto-configuration and add site-specific database configuration by hand. I don't see the security issue either, since dpkg-reconfigure can only be run by root and root can always access /etc/dbconfig-common/drupal6.conf and read the database password. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#571195: squid3: Czech error messages garbled
reassign 571195 retitle 571195 squid-langpack: Czech error messages garbled tags +fixed-upstream thanks Hi wondra, this bug is known in squid-langpack and will be resolved in the next upload. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570226: squid: please rebuild with --enable-ssl
merge 570226 180886 thanks Hi Anton, please see bug 180886 for details on why squid can't be compiled and distributed with SSL support. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5ed2c71d-2c64-4f77-8187-f842eb4f1...@debian.org
Bug#566402: prompting due to modified conffiles which where not modified by the user
Hi Holger, this bug is due to a move of configuration file from the /etc/squid to the /etc/sarg directory. Please excuse my ignorance. Evidently dpkg doesn't carry information on moved config files. Is there any way to avoid that prompt while still keeping the move? Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ca589dcd-2274-49e0-9710-9f2d3d1a7...@lugroma3.org
Bug#566402: prompting due to modified conffiles which where not modified by the user
Il giorno 16/feb/2010, alle ore 22.10, Julien Cristau ha scritto: Yes. http://wiki.debian.org/DpkgConffileHandling Thanks Julien for pointing this out to me. I will upload a new version with these changes in the next few days. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/a7d594ab-9f84-49da-9576-49f15c2ec...@debian.org
Bug#569528: Many installation errors renders drupal6 unusable
severity 569528 normal reassign 569528 dbconfig-common merge 569528 567402 thanks Thanks Giulio for digging this out in the week-end. :-) Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e08cee5a-8a93-491e-a5da-63c5cda86...@debian.org
Bug#565926: RM: drupal5 -- ROM; Package not in the two latest stable release and near to its EoS upstream
Package: ftp.debian.org Severity: normal drupal5 has not been released with etch and lenny and will stop being supported upstream in a few weeks as soon as drupal 7.x is released. Please remove it from unstable and testing. Regards, L -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#517534: Potential HTTP Timeout race condition may cause 'Zero Sized Reply' error
Il giorno 06/lug/2009, alle ore 12.17, Steven Chamberlain ha scritto: Luigi Gangitano wrote: can you please point me to the upstream version that fixes this bug? If there is a single patch, we can push it in the current stable distribution (lenny) via a security update. I'm using oldstable (etch); maybe this bug is already fixed in current stable (lenny)? Steven, did you by chance have the opportunity to upgrade to lenny and check if this bug is fixed? I cannot reproduce it with current (lenny and sid) machines and have no production server with etch currently running squid 3.0. I'd like, with your help, to pinpoint it at least to debian releases and hopefully mark this bug fixed for lenny. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521052: CVE-2009-0801: HTTP Host Header Incorrect Relay Behavior Vulnerability
This bug has not been publicly addressed upstream and has been marked as 'minor' by several other distribution's Security Teams. Workarounds for admins and users are listed in the CERT KB http://www.kb.cert.org/vuls/id/435052 Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#562012: squid3: Memory filling during file download
severity 562012 normal thanks Hi Federico, I cannot reproduce this bug on a lenny machine with 512MB RAM (installed on bare metal and not on Xen). Can you please try to reproduce it while disabling squidGuard? Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#283342: Reassign bug back to squidguard
retitle 283342 squidguard: problem with localization reassign 283342 squidguard thanks tag 283342 moreinfo unreproducible retitle 283342 squid: problem with localization reassign 283342 squid thanks Raphael HALIMI r...@captainblood.org writes: There is a slight problem with SquidGuard's handling of localization. This issuedoesn't appear in Squid itself. If the languages selected in the webe browser are, for example : [fr_FR] [fr] [en] SquidGuard checks only the first locale asked, can't find any template for [fr_FR], and sends the [en] template. Problem is, SquidGuard does have a [fr] translation, and it's in the browser languages list, so I think SquidGuard should either check other asked languages, or simply replace them by a template it does have (cutting the locale before the underscore : [fr_FR] -- [fr]). As Stefan Fritsch already noted, squidGuard doesn't see any language information; this must have been a problem with squid. Can you still reproduce it? I've found this really old bug in squid list and took some time to analyze it deeply. Squid's redirector interface is really simple: it passes an url to the redirector and gets back and answer that can be OK if the url is allowed to be opened or another URL where the request should be redirected. There is no content involved in this process and language information passed to/from the redirector. squidGuard answer with an URL as configured in it's configuration file. This URL usually refers to some local hosted information page on why the request has been reject. This page is served by a web server and squid is not handling it specially. The issue reported is definitely in the browser - web-server communication and not in the squid - squidguard channel. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#505065: squid will not start
reassign 505065 linux-2.6 close 505065 2.6.20-1 merge 419249 505065 thanks I'm merging and closing this bug, since it is caused by the alpha kernel in etch and the corresponding bug has been closed in kernel version 2.6.20-1. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541208: squid3: LFS support warning in logs
Hi Jerome, squid3 in lenny is compiled without LFS due to a missing configuration option. Even if you are running it on 64-bit architectures, LFS needs explicit enable in squid. Maybe this bug is instead caused by a swap file generated with a previous version of squid or on an 32-bit arch. If you upgraded from one of this versions, squid is simply telling you that the swap file is old. Regards, L Il giorno 12/ago/2009, alle ore 15.36, Jerome Warnier ha scritto: Package: squid3 Version: 3.0.STABLE8-3+lenny2 Severity: wishlist I'm running Squid3 on Debian GNU/Linux Lenny for AMD64. I can read the following from Squid's cache.log: Version 1 of swap file without LFS support detected... While LFS does not bear any meaning on 64-bits architectures (so it might happen on others as well). Note: this is maybe an upstream issue. Hope it helps. -- System Information: Debian Release: 5.0.2 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages squid3 depends on: ii adduser 3.110 add and remove users and groups ii libc6 2.7-18 GNU C Library: Shared libraries ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii libgcc1 1:4.3.2-1.1GCC support library ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l ii libsasl2-22.1.22.dfsg1-23+lenny1 Cyrus SASL - authentication abstra ii libstdc++64.3.2-1.1 The GNU Standard C++ Library v3 ii logrotate 3.7.1-5Log rotation utility ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii netbase 4.34 Basic TCP/IP networking system ii squid3-common 3.0.STABLE8-3+lenny2 A full featured Web Proxy cache (H squid3 recommends no packages. Versions of packages squid3 suggests: pn resolvconf none (no description available) ii smbclient 2:3.2.5-4lenny6 a LanManager-like simple client fo ii squid3-cgi 3.0.STABLE8-3+lenny2 A full featured Web Proxy cache (H ii squidclient 3.0.STABLE8-3+lenny2 A full featured Web Proxy cache (H -- no debconf information -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541032: assertion failed: store_client.cc:430: STORE_DISK_CLIENT == getType()
Hi Thomas, I can't see a proper resolution in bug 2155, so I'm not sure this is fixed in any released version of squid. It can take some time for a fix like this to reach the stable distribution and it can probably fail to reach it, so I'd suggest you take a look at the backports.org packages. Regards, L Il giorno 11/ago/2009, alle ore 12.17, axe ha scritto: Package: squid3 Version: 3.0.STABLE8-3+lenny2 Hi, as specified in Subject I get following error in cache.log: 2009/08/11 06:54:31| assertion failed: store_client.cc:430: STORE_DISK_CLIENT == getType() 2009/08/11 06:54:35| Starting Squid Cache version 3.0.STABLE8 for x86_64-pc-linux-gnu... Asking on the Squid User mailinglist I found out, that this bug has been fixed in 3.0.STABLE18. See this bug: http://www.squid-cache.org/bugs/show_bug.cgi?id=2155 Is a bugfix possible? As explained in the bug my Squid crashes also a couple times per day (which is critical). Thank you, Thomas Jackowski -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527587: no upgrade path from etch
severity 527587 minor tags 527587 +wontfix thanks Hi Simon, as stated in /usr/share/drupal6/README.Debian, I provide no support for database upgrade between releases. Upstream ships an upgrade.php with each major version which should work with data from previous version. Administrators should take care of this step, do backups and all the needed testing on their own. In addition etch was released without a drupal package, while lenny has been released with only drupal6 so there is no upgrade path between releases. I'm tagging this bug 'wontfix' and not closing it, so that any other user can follow instructions from J.M.Roth. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528163: dbconfig-common: writing config to /etc/dbconfig-common/drupal6.conf
Hi Kingsley, can you please try again with a more recent version of drupal6 and ucf. I cannot reproduce the bug you reported. Maybe it was generated by a bugged upload of ucf. :-) Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#544660: drupal6: Installation fails if /var/log/dbconfig-common/ does not exsists
Hi Mihaly, I fail to see a bug in drupal6 here. drupal6 correctly depends on dbconfig-common which ships /var/log/dbconfig-common. If something is missing in the dbconfig-common, any package depending on it will fail installing. In your case, why was /var/log/dbconfig-common missing? Was it removed by accident? If there is nothing else related to drupal6, I'm going to close this bug. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#539719: repeated assertion failure from squid cache
severity 539719 important merge 539160 539719 thanks This bug is a duplicate of bug number 539160. A fix will be proposed shortly to the release team for inclusion in lenny. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#538989: closed by Luigi Gangitano lu...@debian.org (Re: Bug#538989: Regression)
Il giorno 09/ago/09, alle ore 01:38, Nico Golde ha scritto: Hi, * Debian Bug Tracking System ow...@bugs.debian.org [2009-08-09 00:45]: [...] Version: 3.0.STABLE16-2.1 This security issue was resolved in package version 3.0.STABLE16-2.1 for sid/squeeze and 3.0.STABLE8-3+lenny1 for lenny. Funny, actually I NMUed it myself :) I know. :-) You just didn't add the closing tag. :-) L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#538226: squid: Error Pages moved
reassign 538226 squid-langpack severity 538226 normal thanks Hi Ralf, as noted in README.Debian in 2.7.STABLE6-2, error pages have been moved to a different package (squid-langpack) which is in common between squid and squid3 and updated indipendently upstream. With this change directory for languages are names with ISO codes. Instructions on needed configuration fixes are in README.Debian already. The next version of squid-langpack will ship compatibility links for old-style configurations. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#537726: squid3: fails to start when ipv6 address specified in tcp_outgoing_address
severity 537726 wishlist merge 537726 432351 thanks Hi Fayax, squid does not support IPv6 yet (see bug #432351). The development branch has preliminary support, ATM. Please wait for the next 3.1 upload for IPv6-enable squid. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#517534: Potential HTTP Timeout race condition may cause 'Zero Sized Reply' error
Il giorno 04/mar/09, alle ore 00:49, Amos Jeffries ha scritto: Upstream believe this is fixed in current non-beta releases. Hi Amos, can you please point me to the upstream version that fixes this bug? If there is a single patch, we can push it in the current stable distribution (lenny) via a security update. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521300: squid3: use s-s-d --retry functionality rather than shell reimplementttion
Hi Justin, actually your version of the init script does something different from the original: after 5 seconds (timeout added to the --retry option) it sends a KILL signal to squid, which stops all it is doing (ensuring that the saved state of the cache is coherent) and exits, leaving a corrupted storage which will need to be rebuilt on the next startup. This is why the original script waited for as long as two minutes for squid to exit normally, and leaved it running if it needed more time. So maybe you'll get some speed-ups on shutdown but will surely get some slow-downs on startup, there is no clear win. :-) The same behaviour as the original can be achieved adding the --retry 0/forever option, which tells s-s-d to wait forever for squid to exit, but this will hang your terminal until squid does is job. Maybe we should set a limit to something like 5 minutes with --retry 0/300/KILL/5 but I'm not sure that this solution is better than the current code. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#515181: Ignores return status of open(stripe) for coss
Hi Andras, COSS is known to be buggy in 3.x since many stability fixes haven't been ported from 2.6 yet. One of such fixes is the one you encountered. At line 943 of src/fs/coss/store_dir_coss.cc squid writes to the coss directory without checking if the open has been correctly completed. As stated on the page you linked, help is appreciated in porting fixes from 2.6. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534982: squid - DoS in external auth helper
forwarded 534982 http://www.squid-cache.org/bugs/show_bug.cgi?id=2704 thanks Hi Bastian, sorry for the late reply. I'm forwarding this bug upstream, since the issue is better handled there. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534544: squid: ftp put for uploads doesn't work
Hi Santiago, can you please provide a little more information? Is there anything logged in /var/log/squid/cache.log when this happens? Is this CURL specific or is reproducible with any other ftp client? Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521017: slows down when not enough file descriptors
Hi Steffen, Hi Brian, the file descriptor limit is imposed by the operating system to all the processes and its original intention is to avoid resource consumption by arbitrary user process. The limit can be set at runtime and its default value in linux has changed in the last years. Squid holds a file descriptor for: - every client connection - every server connection - every file in the local cache When the maximum number of FDs is reached each of those resources is limited. What kind of behaviour would you suggest? Abruptly closing client or server connection leads to network errors, while persistent client or server connection while keeping an FD busy, vastly lowers the load caused by connection establishment. Actually there is no better solution than changing the maximum open fd number, without changing how Unix works, but I'm still open to discuss any other option. :-) Regards, L Il giorno 24/mar/09, alle ore 12:25, Steffen Joeris ha scritto: I am running transparent squid in a setup with more than 1000 users. I reached the limit of file descriptors and that slowed down the internet for everyone. I've now increased the number of file descriptors in the default configuration, which seemed to solve the problem. However, shouldn't squid be programmed so that it doesn't cause a performance issue, when the limit is reached? I haven't looked at the current implementation, but it felt wrong, when the net performance was overall bad for all the users. -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521288: drupal6: Warns about security updates
Il giorno 26/giu/09, alle ore 23:38, Gunnar Wolf ha scritto: Doka dijo [Wed, Jun 24, 2009 at 08:53:29PM +0200]: When Drupal complains for a security update, then the warning is correct, because there is a new Drupal core version out there, which is not yet rolled out via Debian update mechanism. So the warning is OK, but the comment could be different: no manual action is needed by the user, the Drupal core will be updated via Debian. I agree with Doka's point of view. If I prepare a patch for this effect (so that the update mechanism disregards Drupal core updates), would you consider including it? Actually the warning would still be on even after a security update by Debian, in stable versions. So it could be misleading. A proper fix requires knowledge of files affected by security patches and check for those, which is too much work for Drupal. Disabling the update module in default installation and writing about it Debian documentation seems to me the best option. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#517734: ITP: lusca -- Lusca Web Proxy Cache
Hi Adrian, I'm in the process of packaging lusca these days, at the same time as I'm packaging squid 3.1. I expect the current packaging structure of squid to be easily adaptable to lusca, but will contact you if any help is needed. I really appreciate your help. Regards, L Il giorno 04/mag/09, alle ore 09:39, Adrian Chadd ha scritto: G'day, I just noticed this request for a Debian Lusca package. I'd love to see this happen and I'm willing to help out as much as I can to get this built, integrated and released. (And a whole lot of Lusca development happens on Debian too! I'm just not at all familiar with building / maintaining Debian packages.) Thanks, Adrian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#516438: drupal6: debconf warning ucf
merge 516026 516438 thanks Hi Hans, thanks for your report. The same bug was reported before as #516026. I'm merging your report with the previous one. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#516026: drupal6: warning about missing parameter between ucf and debconf
block 516026 with 513753 thanks Hi Benoit, this bug comes from dbconfig-common. A fix is needed on their side before it can be closed. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#517734: ITP: lusca -- Lusca Web Proxy Cache
Package: wnpp Severity: wishlist Owner: Luigi Gangitano lu...@debian.org * Package name: lusca Version : 1.0-r13795 Upstream Author : Adrian Chadd adr...@creative.net.au * URL : http://www.lusca.org/ * License : GPL Programming Lang: C Description : Lusca Web Proxy Cache Lusca is a fork of the Squid-2 development tree. The Lusca project aims to fix the shortcomings in the Squid-2 codebase whilst maintaining the the Squid-2 functionality and stability. Adrian Chadd, a former squid developer, quit the squid development team and is now working on evolving squid-2. -- System Information: Debian Release: 5.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#486224: ITP: Lusca Web Proxy Cache
retitle 486244 RFP: Cacheboy Squid reassign 486224 wnpp merge 486224 517734 thanks Hi Ralf, since Adrian Chadd left the squid development team, Cacheboy has been renamed to Lusca. Plan is to develop support for IPv6, SMP, modularity and other goodies in squid-2 codebase. I've just filed an ITP for this new package, and plan to make a release shortly. I'm now merging your bug with the ITP. Regards, L -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#515576: /etc/resolvconf/update-libc.d/squid does not work
merge 513102 515576 thanks Guido, thanks for your report. This bug was already known before lenny release and is documented in #513102. I'm planning an update in the next lenny release (5.0.1). Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#514142: squid: denial of service via crafted request
As stated in the original bug report, this bug was reported by upstream security advisory SQUID-2009:1. Since the fix was upload via NMU by Steffen, I'll wait it's migration to lenny and then upload a new version with the advisory reference. Regards, L -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#505065: kernel
Hi Randy, epoll support on Alpha is broken on pre-2.6.20 kernels, so this is not a bug in squid but in the alpha kernel package. It should be fixed in Etch'n'Half when using 2.6.24 kernel. Since you report that squid is not starting with this kernel, can you please provide some more debugging info? A stack trace (see 'strace') could hint to a possible solution. Regards, L Il giorno 02/dic/08, alle ore 13:50, Randy Riegler ha scritto: I have: Linux debian-stable.local 2.6.24-etchnhalf.1-alpha-generic #1 Tue Oct 14 08:54:49 UTC 2008 alpha GNU/Linux now squid just dies with no log entries Randy -- Luigi Gangitano -- lu...@debian.org -- gangit...@lugroma3.org GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#501192: squid3: Browsers issuing a Content Encoding Error when browsing site with
Il giorno 01/nov/08, alle ore 19:20, Giovanni T. ha scritto: [EMAIL PROTECTED]:~$ squidclient -h 192.168.66.2 http://www.gridvm.org/xen-vs-kvm.html HTTP/1.0 200 OK [...] Via: 1.0 localhost (squid/3.0.STABLE8) Proxy-Connection: close I see, can you please use squidclient directly on www.gridvm.org? Something like squidclient -h www.gridvm.org -p 80 http://www.gridvm.org/xen-vs-kvm.html If you do, you'll see that server answering in HTTP/1.1 even if the request is HTTP/1.0. This is a protocol breakage by the HTTP server and is not squid's fault. Even if it is Apache (on gentoo), it may be misconfigured or there could be an accelerator or proxy in front of it. I have not enough informations to debug the server issue. Instead for this one, no chunked encoding headers found, but firefox give me error page. What error page do you see? Can you please do the same test as above? Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#503660: squid: 2.7 STABLE 5 is out
severity 498998 normal clone 503660 -1 retitle -1 squid: Assertion failure in forward.c:110 !EBIT_TEST(e- flags, ENTRY_FWD_HDR_WAIT) tags -1 fixed-upstream merge 503660 498998 499437 thanks Hi Ralf, sadly no new upstream release can reach Lenny anymore, so I'm holding them and keeping a path through unstable to get bug fixes in Lenny. I'm planning a new release of the squid package including a couple of patches fixing several bugs before Lenny release. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#503190: squid: Segfault when /var is full
severity 503190 important forwarded 503190 http://www.squid-cache.org/bugs/show_bug.cgi?id=2070 merge 422345 503190 thanks Hi Olivier, this issues is already known (see bug #422345) and has been forwarded upstream in search of a solution. Regards, L Il giorno 23/ott/08, alle ore 12:23, Olivier Guerrier ha scritto: Package: squid Version: 2.7.STABLE3-1 Severity: normal I've got the following errors: [608423.629227] squid[3125]: segfault at bf144ffc ip b7d96a8e sp bf145000 error 6 in libc-2.7.so[b7d2a000+155000] [608925.163088] squid[3186]: segfault at bf14afe8 ip b7d6e6b8 sp bf14afe4 error 6 in libc-2.7.so[b7d2f000+155000] Found that /var has no room left on this box, made some space and everything run fine again... -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#501192: squid3: Browsers issuing a Content Encoding Error when browsing site with
Scorp, can you please provide your configuration file and a trace of the request you see this behaviour in? Thanks, L Il giorno 08/ott/08, alle ore 19:12, Scorp ha scritto: I've tried the workaround but anything changed. Any other suggestions? -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#501192: squid3: Browsers issuing a Content Encoding Error when browsing site with
Il giorno 27/ott/08, alle ore 21:20, Giovanni T. ha scritto: obluraschi:/tmp# wget http://www.wininizio.it/forum/index.php -q -O -|head -n 3 59070 !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd html xml:lang=en lang=en xmlns=http://www.w3.org/1999/xhtml; This is normal in chunked-encoding HTTP transfer, the number you see is the size in byte of next chunk. Chunked encoding is only supported in HTTP/1.1 while squid only implements HTTP/1.0. Please see http://squidproxy.wordpress.com/2008/04/29/chunked- decoding/ for all the details. How can I attach a trace of the request? Please do the squidclient test from the above web page. You can also attach a tcpdump log (please set capture size to 1500 to get all data) of both connections client--proxy and proxy--server. Thanks, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#498998: Stable 5 out now...
Thanks Nick for your reminder. :-) Debian Lenny is freezed ATM and I'd prefer to bring any needed change through the unstable distribution. So there will be no new upstream version of Squid in Debian until lenny is released. Please see [EMAIL PROTECTED] for explicit instructions about new upstream releases in 'Sid'. Regards, L Il giorno 26/ott/08, alle ore 22:10, Nick Lowe ha scritto: Squid 2.6 Stable 5 has come out before this has been looked at :p ;) -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#501063: drupal6: CVE-2008-3661 doesn't set the secure flag for cookies
tags 501063 +wontfix thanks Upstream doesn't consider this a drupal issue and have not published a fix yet. See http://int21.de/cve/CVE-2008-3661-drupal.html for details. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495122: fixed NMU
Guys, thanks for your work with drupal. I took a couple of days off and could not answer your requests. Since I had already asked the Release Team for an exception, drupal5_5.10-1 has been accepted today in lenny, completely closing this bug. If you still wish to help with drupal maintenance, please take a look at the pkg-drupal Alioth project at http://alioth.debian.org/projects/pkg-drupal/ you will find references to the SVN repository and practices used in drupal packaging. Regards, L Il giorno 18/ago/08, alle ore 01:15, The Anarcat ha scritto: I somehow screwed up on that NMU: * it doesn't have the right version: 5.9-1~lenny1 5.9-1 * it included the _orig source, which caused a REJECT notice from ries * it didn't include the magic NMU string in the changelog * it didn't include a Closes statement with this bug # I just fixed those things in a new upload here: http://debian.koumbit.net/debian/dists/testing-security/main/source/web/drupal5_5.9-1.1%2blenny1.dsc I hope that works for you guys. Thanks, a. -- Antoine Beaupré Réseau Koumbit Networks +1.514.387.6262 -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492167: RM: drupal -- ROM; Drupal versions prior to 5.x are not supported upstream.
Package: ftp.debian.org Severity: normal Drupal versions prior to 5.x are not supported upstream anymore. There is no drupal 4.x package in etch and lenny dists. drupal5 is the package that contains the supported version of drupal in Debian. Regards, L -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.18-6-xen-686 (SMP w/2 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486211: Squid3 crashed with Segfault
Hi Armin, thanks for your follow-up on this bug. Still I have not enough information to reproduce it. Can you please provide: - configuration file, - cache.log (in /var/log/squid) lines preceding segfault, - core file if present, - configuration options you used while building the upstream sources. - a brief description of your environmente. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486211: Squid3 crashed with Segfault
tags 486211 +moreinfo thanks Hi Armin, I'm sure you notice that your bug report is rather uninformative. I understand that squid3 segfaults under unknown condition (you attached no log file which could help identify the cause) and that a custom built binary doesn't show the same behaviour (but you didn't specify which compile option or runtime configuration was used in your build). Can you please test the latest version of squid3 in debian (3.0.STABLE6-1) with the same configuration and provide details on how to reproduce your bug, if it's still there? Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#463075: drupal5: error in prerm
Hi Adrian, I'm sorry for the late answer to your bug. I could not actually reproduce your bug, since any attempt to remove drupal5 (via dpkg, aptitude with and without --purge option) went smoothly. Your bug report suggests that dbconfig-common has already been removed before drupal prerm script is executed, but this should not happen since drupal5 depends on dbconfig-common and dpkg should do the removal in the right order. Did you try to remove dbconfig-common at the same time you removed drupal5 and did you use any --force option? This could explain why dbconfig-common is not present at drupal5 removal. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#380009: squid: transparent proxy changes port number in client url
Hi Cade, I did not receive any answer to my previous request and still cannot reproduce the bug. Can you please check if this bug still exist in latest version of squid (2.7.STABLE2-2)? If it does, can you please provide a tcpdump trace of the original tivo stream without redirection AND the iptables configuration you used to redirect traffic to your squid? I'll assume that everything is ok and close this bug in 2 months if no detail is provided. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#474754: Move SQUID_ARGS var to /etc/default/squid
Hi Andrey, thanks for you patch. Actually, I don't see it as being high priority. SQUID_ARGS can be easily overridden in /etc/default/squid, without the need to remove it from the rc script and mark /etc/default/squid file as a config file. I happen to do just that on many installation. If you think that this may be difficult to understand for the casual administrator, we could add a note in /etc/default/squid hinting for the override. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#472828: Squid garbage text
Hi Marcelo, sorry for the long delay. I tried to reproduce this bug but could not succeed. Since you said that you can trigger it just running squid_unix_group from the command line writing foobar and CR, I tried that, but every instance I could try just showed the normal behaviour of the external_acl helper: - if I type just foobar then CR, it answers 'ERR' without any other output - if I type foo bar then CR, it answers: helper: User does not exists 'foo'\nhelper: Group does not exists 'bar'\nERR, which is right. I really don't know where your garbage is coming from. Can you please try the latest version of squid in debian or try on a different host? Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#483367: squid traffic counter 32-bit overflow
forwarded 483367 http://www.squid-cache.org/bugs/show_bug.cgi?id=2369 thanks Hi Hirling, I've forwarded this bug to the upstream bugzilla, where it can be handled correctly. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#472828: Squid garbage text
Marcelo, can you please provide your squid configuration file (/etc/squid/ squid.conf)? If you're running the squid_unix_group from the command line as it seems from your mail, the garbage you see is simply something you are passing to the program just after 'foobar'. If you are running it from squid, probably it has been invoked with the wrong arguments. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#455910: CVE-2007-6239: Denial of service via HTTP headers
Version: 2.6.5-6etch1 This bug has been fixed in DSA-1482. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26
Bug#472828: squid_unix_group prints garbage text
severity 472828 minor thanks Hi Marcelo, I actually don't see why this bug is important or even why it is a bug ad all. squid_unix_group prints to STDERR informations about what went wront with the autentication which do not affect the external_acl protocol that runs on STDIN/STDOUT. STDERR is ignored by squid while talkin to its helpers. On the other side that warnings can be useful to manually check what is going wrong with external acl authentication and are, thus, useful instead of annoying. Can you please elaborate on this bug? Otherwise I'm proposing to close it, if you agree. Regards, L Il giorno mer, 26/03/2008 alle 20.18 +0200, Marcelo Azevedo ha scritto: ~$ /usr/lib/squid/squid_unix_group test helper: Group does not exist '�� -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#464706: squid: digest_pw_auth dies when digest_pw unreadable, no error message
Hi Ralf, I've succesfully reproduced the bug you reported and have a couple of notes: - helpers protocol of squid is really simple and doesn't allow for communications other than SUCCESS/FAILURE. This is by design of squid developers and cannot be changed. - Squid, indeed, does warn about an issue with authenticator. Following the lines you reported comes this: FATAL: The digestauthenticator helpers are crashing too rapidly, need help! which should point the administrator to the root of the issue. I propose to close this bug or downgrade to a wishlist bug and forward it to the upstream bug tracking tool, at you choice. Regards, Lh -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462932: sarg-maint is missing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 reassing 462932 squid retitle 462932 Remove call to sarg-maint in logrotate script severity 462932 minor thanks Hi Charlie, the sarg-maint script has been substituted by sarg-reports a while ago. I'm reassigning this bug to squid, which stil references an un- existent script in its logrotate job. Regards, L - -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) iD8DBQFHzeSj8ZumGJJMDCYRAoI1AJsFmcjTmIpX8ZhaQr091rDY4okujQCfe99E RUwiEyBYlDAx1RYB5so+8Hw= =cHiK -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#456182: Cronjob schedule is totally ridiculous now
Hi Racke, I'm sorry but the error in cron.d configuration file was clearly a typo. I'm fixing it right now in 5.6-2. As for the other concern in your original report: $base_url is optional and is considered option both in configuration file and the cron script. If no $base_url is found, the default is used, thus respecting its optionality. I fail to see an issue here, but please feel free to open a different bug (maybe wishlist?) with a detailed description of what you consider would be an optimal configuration. Regards, L Il giorno 25/gen/08, alle ore 15:03, Stefan Hornburg (Racke) ha scritto: Hello, the cronjob is now running every minute. Judging from the changelog entry this slipped in by accidence. Please also address my other concerns included in the bug report. I can also break them out into separate bug reports if that helps you. Regards Racke -- LinuXia Systems = http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP = http://www.icdevgroup.org/ Interchange Development Team -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26
Bug#462581: syslog uses blocking IO in main squid process
Hi Brian, global syslog logging is enabled with the '-s' command line argument passed by default to squid in /etc/init.d/squid. You can override the SQUID_ARGS settings in /etc/default/squid. I think this should address the issue you reported, but I'm still leaving this bug opened since looking at the code the syslog part hasn't changed in the last 2 years and it appears that a non-blocking solution cannot be implemented in squid but needs an external non- blocking daemon like syslog-ng. I didn't test this solution and would like to hear from you if it solves this issue. If it doesn't I can forward the bug to the upstream bug reporting tool. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#446052: Squid - glibc detected *** free(): invalid pointer:
Hi Peter, can you please provide more information about this issue? A more verbose log from cache.log, a stack trace and possibly an gdb output would help track down where those free() calls were made. As of now this bug report is rather non-informative. Thanks, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462099: slapd: Fails to upgrade to 2.4.7, assertion failed in slapadd
Package: slapd Version: 2.4.7-3 Severity: important Hi, upgrading from 2.3.39-1 fails with error: Loading from /var/backups/slapd-2.3.39-1: - directory o=lugroma3.org... /var/lib/dpkg/info/slapd.postinst: line 1085: 25396 Abortito$@ 27 failed. Loading the database from the LDIF dump failed with the following error while running slapadd: slapadd: /build/buildd/openldap2.3-2.4.7/servers/slapd/schema_init.c:3669: csnNormalize: Assertion `val-bv_len == (sizeof(mmddHHMMSS.uuZ#SS#SID#ss)-1)' failed. I found a reference to this error here: http://www.openldap.org/lists/openldap-software/200711/msg00072.html it seems that wrongly formatted entryCSN entries (those with 0x in them) in backup cannot be imported in 2.4.7. This directory has been created with slapd 2.1.30, so I don't exactly know when those entire were generated. Right now I'm trying to find a workaround that allows the directory to be imported. Regards, L -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.23 Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages slapd depends on: ii adduser 3.105 add and remove users and groups ii coreutils5.97-5.7The GNU core utilities ii debconf [debconf-2.0]1.5.18 Debian configuration management sy ii libc62.7-6 GNU C Library: Shared libraries ii libdb4.2 4.2.52+dfsg-4 Berkeley v4.2 Database Libraries [ ii libgnutls13 2.0.4-1 the GNU TLS library - runtime libr ii libiodbc23.52.6-1iODBC Driver Manager ii libldap-2.4-22.4.7-3 OpenLDAP libraries ii libltdl3 1.5.24-2A system independent dlopen wrappe ii libperl5.8 5.8.8-12Shared Perl library ii libsasl2-2 2.1.22.dfsg1-17 Cyrus SASL - authentication abstra ii libslp1 1.2.1-7.1 OpenSLP libraries ii libwrap0 7.6.dbs-14 Wietse Venema's TCP wrappers libra ii perl [libmime-base64-per 5.8.8-12Larry Wall's Practical Extraction ii psmisc 22.6-1 Utilities that use the proc filesy Versions of packages slapd recommends: ii libsasl2-modules 2.1.22.dfsg1-17 Cyrus SASL - pluggable authenticat -- debconf information: slapd/fix_directory: true * shared/organization: lugroma3.org slapd/upgrade_slapcat_failure: slapd/backend: BDB * slapd/allow_ldap_v2: true slapd/no_configuration: false slapd/move_old_database: true slapd/suffix_change: false slapd/slave_databases_require_updateref: * slapd/dump_database_destdir: /var/backups/slapd-VERSION slapd/autoconf_modules: true * slapd/domain: lugroma3.org slapd/password_mismatch: slapd/invalid_config: true slapd/slurpd_obsolete: slapd/upgrade_slapadd_failure: * slapd/dump_database: when needed slapd/migrate_ldbm_to_bdb: false slapd/purge_database: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#456666: squid: config directive: httpd_suppress_version_string on does not work
Hi, please check your squid.conf settings and reload your configuration. Setting httpd_suppress_version_string to on correctly suppresses squid version information from both reply headers and error pages. Regards, L signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#456889: storetype null has been dropped from 3.0 HEAD
Hi Ralf, null storeio removal is planned for 3.1 and 2.7, so I'm adding it to the current version in Debian. Any change to the configuration file will always be documented in RELEASE NOTES. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#436961: Following up to #436961: gnome shouldn't depend on tomboy
Hi Jordi, can you please lower the dependency of gnome on tomboy to a Recommends as it was planned for last october? As of now gnome is not installable on any platform not supported by Mono as, for example, Sparc. Since latest changes in aptitude and apt- get which will install every recommended packages by default there would be no change on mono-supported platforms. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#455910: CVE-2007-6239: Denial of service via HTTP headers
tags 455910 +fixed +pending thanks Hi Micah, thanks for you report. This has already been worked on, an updated package is on the way. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#452984: drupal5: Drupal defaults to aliasing for all virtualhosts
Hi Kyle, I'm sure you noticed that /etc/apache2/conf.d/drupal.conf is a configuration file that can be easily modified or deleted and drupal will keep your version between upgrades. It is provided as an easy way to set up drupal on a single host with no virtual hosting and any administrator with little experience in Apache configuration can disable it an configure host-specific directives. So I don't consider this a bug, as I don't consider a bug choises I do in default squid configuration. You can always change them in your configuration file if you wish. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#452984: drupal5: Drupal defaults to aliasing for all virtualhosts
Hi Kyle, let's make some analysis and maybe we'll agree on agreeing. :-) - Drupal has it's own view of virtual hosting (sites). Each site has to be configured with files in different directives. If no site is configured the default configuration applies to all sites. So you don't really have all sites vulnerable with the default debian install. You just have one site that is available on different virtual hosts (www.foo.com/drupal5 is just the same as www.bar.com/drupal5). There is no vulnerability multiplication. - Virtual hosting itself is not a secure way to separate 'data domains'. Since all virtual hosts run in the same webserver process with the same rights, exploiting an hole in one virtual hosts usually leads to access all other virtual hosts. Obviously this is true only for serious holes. Trivial holes like SQL injection only apply to the single webapp database. See previous point for this: if drupal5 is vulnerable to SQL injection the default debian install will only make the single site vulnerable. On the other hand, if the vulnerability leads to file system access or, worse, to arbitrary code execution other virtual hosts will not be protected any way. So again this is, as usual, a compromise between security and ease-of- use. I choose not to provide any third-party module for drupal in debian package, avoiding security issues in those modules. At the same time I choose to make it easy for unexperienced people to set up a drupal site as experienced admins would always know how to trim access down to their own needs. The same choice applies to many other packages in debian (think phpmyadmin, phppgadmin, acidbase and any package using wwwconfig-common). Hope I could make ti more clear to you. :-) Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#440646: squid3: Incorrect content returned by pre7
Hi Ian, thanks for you report. I'll keep the bug record open another week and wait for one more report that everything is ok. I didn't receive your debug dump, maybe it has been rejected on the path. If you manage to upload it somewhere I'll be glad to take a look at it and forward it upstream, so the exact issue can be tracked. Regards, L Il giorno 31/ott/07, alle ore 18:41, Ian Tester ha scritto: Hi Ian, can you please confirm if this bug applies to the latest version of squid3 (squid3-3.0.RC1-1) in unstable? I've been using RC1 for two weeks now (since it appeared) and the bug seems to be gone. I guess you can close this bug then. Did you get the debug dump I sent you? It was rather large and I got some bounce messages a few days later, but forgot to follow up on it. Some relatives visited and other things came up, so I'm sorry I didn't keep you informed. -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#440646: squid3: Incorrect content returned by pre7
Hi Ian, can you please confirm if this bug applies to the latest version of squid3 (squid3-3.0.RC1-1) in unstable? Since I could not reproduce the bug in my test systems I can only rely on your reports to track resolution. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#446887: CVE-2007-5416: possible vulnerability in drupal
Hi Steffen, Drupal security advisory SA-2007-023 http://drupal.org/node/184313 redirects this bug to PHP 4.4.3 and 5.2.4, so this should not be considered a drupal's bug. On a side note, I'll be uploading a new package fixing different security issues shortly. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#440646: squid3: Incorrect content returned by pre7
Ian, can you please test squid3-3.0.RC1 I've just uploaded? Regards, -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#440646: squid3: Incorrect content returned by pre7
Ian, thanks for your test. This excludes what upstream supposed regarding another bug that was already fixed after PRE7. Since upstream asked for full debug output of squid3 to diagnose the issue, can you please set debug_options to ALL,9 in your configuration file and send the cache.log portion that is written when the bug appears? You can follow the upstream bug report at http://www.squid-cache.org/bugs/show_bug.cgi?id=2079 Thanks, L Il giorno 21/set/07, alle ore 07:13, Ian Tester ha scritto: Thanks for that. I installed the packages, cleared out the spool dir, regenerated it, and started squid3. After a few hours of casual browsing, the same problems started appearing. Pages with many resources (images, js, css) appeared broken. Sometimes the page itself would be replaced by an icon or some other random content in the cache. The patch doesn't seem to have changed anything with regard to this problem. -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#435143: more information?
Hi Sean, the bug is easily reproducible: - install an old version of drupal5 (or acidbase, it's the same) - complete db configuration via dbconfig-common - upgrade to the latest version (no matter which) - when prompted for configfile upgrade on dbconfig-common managed file, hit 'd' to show differences, diff will be empty but the file will be corrupted with output of diff in it. Regards, L Il giorno 08/set/07, alle ore 13:38, sean finney ha scritto: could you provide me some more info on this bug? afaik there shouldn't be a way for diff lines to get into the file at all, except for possibly it happening via ucf. is it reproducible? -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#438794: drupal5: DB is not created, dbconfig files are missing, Drupal page full of errors
Hi Dave, did you read the full bug report? Instructions on how the database is populated in Debian's drupal5 package is, as it should be, in /usr/ share/doc/drupal5/README.Debian.gz. In brief, you need to execute the http://localhost/drupal5/ install.php script in a browser. Database and user is correctly created by dbconfig-common but data needs to be generated by this script. README.Debian.gz is the place to look at for Debian specific instructions for each package. Regards, L Il giorno 13/set/07, alle ore 18:21, Dave Allen Barker Jr ha scritto: I don't know any better, and am seeing something similar to Ladislav. Luigi, perhaps you could explain how the database setup is supposed to work since the /usr/share/dbconfig-common/data files aren't present in the package (as pointed out by Luigi)? I too ran 'sudo dpkg-reconfigure drupal5' and the database tables were still not created. -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#440646: squid3: Incorrect content returned by pre7
forwarded 440646 http://www.squid-cache.org/bugs/show_bug.cgi?id=2079 thanks Ian, thanks for the added details, I'm now forwarding this bug to the upstream bug db. Can you please check for error messages in /var/log/squid/cache.log? Regards, -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#434332: closed by Luigi Gangitano [EMAIL PROTECTED] (Re: Bug#434332: Multiple instances of Squid problematic winh init.d scripts)
Hi Peter, I tried to reproduce your setup and could easily succeed running two instances of squid on the same machine. Please check: 1. cache_dir setting in each configuration file (init script tries to zap cache_dir if the required tree is not found) 2. configuration file option for each instance (SQUID_ARGS in init script or default file need to be changed and include '-f configfile' for each instance. If not specified every instance uses /etc/squid/squid.conf by default) 3. every reference to cache_dir, pid file and configuration file needs to be adjusted in init script 4. obviously the http_port directive need to be different for each instance. 5. you may need to stop every instance and start each one on its own to make squid correctly create the cache_dir structure, but this should not be needed if you check correctly the above options. Let me know if you have any problem. Regards, L Quoting Mgr. Peter Tuharsky [EMAIL PROTECTED]: Actually, I did. Please reopen the bug. Peter Please set the pid_filename option in both squid configuration files to different paths.
Bug#440646: squid3: Incorrect content returned by pre7
Hi Ian, this bug may be related to the large object (2GB) support introduced upstream between PRE6 and PRE7. Can you please try the follow: - backup your cache_dir (just move it to somewhere else) - create a new cache_dir (squid will create it automatically if you point it to an empty directory) - check if error persists If this doesn't happen with a fresh cache_dir, the issue could be related to the code that updates format of object indexes. Otherwise we need the old cache_dir to investigate what is wrong in you indexes. Did you create this cache_dir with a squid3 package or it was created with an earlier (2.x) version? Regards, L Il giorno 03/set/07, alle ore 13:43, ian ha scritto: Starting with PRE7, squid3 appears to return data from other recent URLs. For example: browsing ftp.kernel.org, I clicked on a changelog file to read it. I instead got one of the filetype icons. I reloaded and got another icon. It took a few reloads to get the intended changelog to load. On another occasion, a Wikipedia article was seriously corrupted. Pages which load many style sheets, little images, javascript, etc seem to be most succeptable to this bug. -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#431442: squid: crashes occasionally with assertion failed: StatHist.c:195: D[i] = 0
fixed 431442 2.6.10-1 forwarded 431442 http://www.squid-cache.org/bugs/show_bug.cgi?id=1805 thanks [ Posting this to debian-release to investigate if a stable update can be uploaded fixing this bug ] Hi Stephen, this is a known bug in squid which has been fixed in version 2.6.STABLE7. Versions in unstable and testing are not affected. Etch's version is affected and a fix can only be uploaded with RM approval. Regards, L Il giorno mar, 03/07/2007 alle 02.40 +1000, Stephen Rothwell ha scritto: Package: squid Version: 2.6.5-6 Severity: normal I suspect that this is acused by querying squid using SNMP. It is also possible that the cachemgr may be able to generate the crash as it uses the same routine that contains the assert(). -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#431442: squid: crashes occasionally with assertion failed: StatHist.c:195: D[i] = 0
Il giorno sab, 01/09/2007 alle 13.27 +0200, Adeodato Simó ha scritto: this is a known bug in squid which has been fixed in version 2.6.STABLE7. Versions in unstable and testing are not affected. Etch's version is affected and a fix can only be uploaded with RM approval. Hi Luigi. Without having looked at the bug report in detail, there's an issue that's very relevant: does an isolated patch only fixing that issue exist, and how big/intrusive is it? (Or maybe 2.6.STABLE7 was released just to fix that issue, I don't know so that's why I'm asking.) Hi Adeodato, as with every bug in squid, there is an isolated patch fixing the bug. In this case the patch is a simple one-liner: --- squid/src/snmp_agent.c 22 Sep 2006 02:49:24 - 1.88 +++ squid/src/snmp_agent.c 9 Nov 2006 16:35:07 - 1.89 @@ -1,6 +1,6 @@ /* - * $Id: snmp_agent.c,v 1.88 2006/09/22 02:49:24 hno Exp $ + * $Id: snmp_agent.c,v 1.89 2006/11/09 16:35:07 hno Exp $ * * DEBUG: section 49 SNMP Interface * AUTHOR: Kostas Anagnostakis @@ -498,7 +498,7 @@ break; case PERF_MEDIAN_HTTP_NH: x = statHistDeltaMedian(l-client_http.nh_svc_time, - f-client_http.nm_svc_time); + f-client_http.nh_svc_time); break; default: *ErrP = SNMP_ERR_NOSUCHNAME; Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#435741: NTLM SQUID STABLE dosen't work
external ldap_group noinet acl fullinet external ldap_group fullinet acl nomsn external ldap_group nomsn acl CONNECT method CONNECT acl PURGE method PURGE http_access allow PURGE localhost http_access deny PURGE http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny noinet http_reply_access deny noinet http_access deny nomsn nomsnurl http_reply_access deny nomsn nomsnurl http_access allow fullinet http_reply_access allow fullinet http_access allow lan_10_7 auth http_access deny all icp_access deny all http_port 3128 They are a few parameters that change from one version to another, but basically the same config file works in the sarge version of squid and the NTLM works OK without any problem. The winbind config is this, but is the same from etch or sarge: [global] workgroup = JUSBAIRES netbios name = TACUARI-PROXY wins support = no wins server = 10.7.0.1 password server = 10.7.0.1 dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog only = no syslog = 0 security = domain domain master = no encrypt passwords = true passdb backend = tdbsam printing = none restrict anonymous = 1 winbind enum users = yes winbind use default domain = yes winbind separator = \\ load printers = no winbind uid = 1-2 winbind gid = 1-2 I try just installing the squid, squid-common and squidclient from etch on a sarge and the same thing happends. The squid version from etch broke the ntlm authentication. I try the squid from testing and the log disappear, but the problem persists. For me isn't resolved in the 2.6.stable8 like the squid bug says. The only way I solve this is staying in the sarge version of squid :( Tell me if you need anything else. -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#432351: please supply squid3 from ipv6 branch as well
Hi Steinar, IPv6 support for Squid 3.x is planned in version 3.1. Since the ipv6 branch is massively different than HEAD and is stil changing quickly, I don't plan to support it in any release of Debian until upstream integrates it into the main branch. This bug will, thus, remain as a wishlist until an official Squid3 release is made with IPv6 support. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#435143: drupal5: Botched patch of dbconfig.php
reassign 435143 dbconfig-common thanks Hi Gordon, I experienced the same behaviour with drupal5 and acidbase. Since that file is managed by dbconfig-common I suspect that this bug is related to dbconfig-common wrongly updating the configuration file. I'm reassigning this bug to dbconfing-common. For the dbconfig-common maintainers I'm attaching the config and postinst script of drupal5 for reference. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 drupal5.config Description: Binary data drupal5.postinst Description: Binary data drupal5.postrm Description: Binary data
Bug#435741: NTLM SQUID STABLE dosen't work
As stated in the bug report you linked, this problem appeared after 2.6.STABLE5 and was fixed in 2.6.STABLE8. I cannot reproduce this problem with the package in Etch, can you please provide more informations? Regards, L Il giorno 02/ago/07, alle ore 23:37, Guido Lorenzutti ha scritto: Package: squid Version: 2.6.5-6 The NTLM dosen't work in the version of squid used in etch. This is the bug reported in the squid bugzilla, they fix it with the 2.6stable8 version. Etch has the 2.6stable5 and the problem persists. http://www.squid-cache.org/bugs/show_bug.cgi?id=1873 glorenzutti.vcf -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#408577: sarg.hosts does not work as documented for domains
Hi, can you please check the latest version of sarg from unstable (2.2.3.1-1)? Many bug have been fixed since the version you found this bug in. Regards, L Il giorno 26/gen/07, alle ore 23:39, SNL Support ha scritto: Package: sarg Version: 2.0.5.dfsg-1 Severity: normal According to sarg.conf the format for the host exclusion file works like this: # TAG: exclude_hosts file # Hosts, domains or subnets will be excluded from reports. # # Eg.: 192.168.10.10 - exclude ip address only #192.168.10.0 - exclude full C class #s1.acme.foo - exclude hostname only #acme.foo - exclude full domain name # The domain syntax does not work - e.g. adding akamai.net will not cause a248.e.akamai.net to be ignored. - no debconf information -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#426931: Closing Bug#426931: fails to write log file
I'm closing this bug, since it is configuration dependant and a fix has been posted (thanks to [EMAIL PROTECTED]). Regards, -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#428970: RM: libapache-mod-acct -- RoM; obsolete; superseded by apache2
Package: ftp.debian.org Severity: normal Since removal of apache, this package ha no reason to exist in debian. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#427328: squid: [debconf_rewrite] Debconf templates review
Il giorno lun, 04/06/2007 alle 07.27 +0200, Christian Perrier ha scritto: Can you confirm me which templates you are OK to remove. Just the templates names is enough ? I will keep those in my final patch, leaving to you, as maintainer, the duty to remove the code using them in maintainer scripts but that will at least avoiding wasted translations. Are you OK with that plan? If so, I'm waiting for the list of the OK to be removed templates. Ok. I confirm all the template removals of 423955, i.e.: squid/http_anonymizer squid/anonymize_headers squid/old_version squid-cgi/cachemgr squid/authenticate_program squid/largefiles_warning I'm removing these (and settings usage in maintainer scripts) in my svn now. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#427516: Bad DNS hangs squid
forwarded 427516 http://www.squid-cache.org/bugs/show_bug.cgi?id=1987 thanks This seems a potential DoS bug in Squid. I'm forwarding it to the upstream BugZilla. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 signature.asc Description: Questa è una parte del messaggio firmata digitalmente
Bug#427328: squid: [debconf_rewrite] Debconf templates review
Hi Cristian, thanks for your work with squid debconf templates. I have no objection to the patches you sent. Il giorno 03/giu/07, alle ore 10:22, Christian Perrier ha scritto: Please try to avoid uploading squid with these changes right now. Can I still fix #423955 in the meanwhile (obsolete templates) or do you prefer that I don't touch debconf templates at all? Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#307257: About winbind 3 and squid with ntlm authentication (Debian Bug #307257)
reassign 307257 squid severity wishlist thanks Done. Regards, L Il giorno 12/mag/07, alle ore 01:56, Steve Langasek ha scritto: Great! Should this bug be reassigned to squid then? -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#307257: About winbind 3 and squid with ntlm authentication (Debian Bug #307257)
Hi all, I was hit by this bug myself last week, while installing an NTLM authenticated squid. Il giorno 10/mag/07, alle ore 02:30, Jim Barber ha scritto: This should probably be raised as a bug (wishlist?) with the squid maintainers to have this setting changed in the example file (and default config file if it's set) as it breaks the use of the winbindd_priv group. Do one of you winbind maintainers want to do that, or do you want me to do it? :) squid_effective_group was set to allow default permissions on cache and log files to user/group proxy. If squid_effective_group is changed as something else, startup script fixes permissions on the fly. While the fix is easy and administrators can apply by themselves, I'm now planning to disable the default setting and add user proxy (default squid user in Debian package) to winbindd_priv group at install time. This should fix this issue in the default installation. Regards, L -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#416502: closed by Luigi Gangitano [EMAIL PROTECTED] (Re: Bug#418547: squid fails with Squid Parent: child process xxxxxx exited due to signal 6)
I'm sorry but a dependency on any 2.6 kernel would not imply a *running* 2.6 kernel and would also be missing when using a custom built kernel. Regards, L Il giorno 25/apr/07, alle ore 09:44, Folkert van Heusden ha scritto: My point is that there should be a dependency on a 2.6 kernel. -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#418547: squid fails with Squid Parent: child process xxxxxx exited due to signal 6
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Hakan, can you please provide: - - configuration file (purged of sensitive informations) - - strace of squid and childs (please run strace with -f option) to help debug this issue? Are you using redirectors or authenticators? Regards, - -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFGG5SI8ZumGJJMDCYRAhSCAJsHrsMv6LrphFYiLQYcUX4y2wluKwCfVAyp JG06xtG7AJwziKO3KbmNSys= =gYe6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#418555: RM: squid_2.6.12-1 from experimental
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: ftp-master Version: N/V Severity: normal Hi, can you please remove squid_2.6.12-1 from experimental? squid_2.6.12-2 has been uploaded to unstable. Regards, - -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFGG5c48ZumGJJMDCYRAq2mAJ9fjfXXQ1jX434XOeoNQzaONZz4bQCfXpHU uxQBS1E4WwbN891fh2j1PaE= =XXOn -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#377697: Bugs #377697 and #380652, reducing severity and forwarding upstream
severity 377697 wishlist severity 380652 wishlist retitle 377697 Provide runtime selectable comm plugin framework retitle 380652 Provide runtime selectable comm plugin framework forward 377697 http://www.squid-cache.org/bugs/show_bug.cgi?id=1739 forward 380652 http://www.squid-cache.org/bugs/show_bug.cgi?id=1739 thanks Hi, Etch has been released with a notice in the Release Notes that kernel 2.6 is required to run Squid. Since Debian doesn't support 2.6 anymore, these bugs are being converted to wishlist bug for a new comm framework allowing for selectable plugins and forwarded to the upstream bug record. A major rework of the storage framework is going on upstream, se expect this process to take a long time. Regards, -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#416557: release-notes: Please add a note on squid not working with kernel 2.6 anymore
Package: release-notes Severity: normal Hi release-notes maintainers, can you please include a note in etch release notes warning users of Squid that the new version in etch (2.6.5-6 as of now) will not support kernel 2.4.x anymore, since epoll() support is enabled and requires kernel 2.6. Users will have to upgrade the kernel before being able to use the new version of squid. Details can be read in bug 377697 and 380652. Regards, L -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#401816: squid: Missing logcheck rule
severity 401816 wishlist retitle 401816 Please provide logcheck rules file thanks Hi, I'm downgrading severity of this bug to wishlist since this is a request for a new feature. Actually I don't know what log lines should be filtered, so I'm leaving this bug open waiting for a collection of logcheck rules. Regards, -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#407202: CVE-2007-0248: squid: Denial of Service Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 An updated package is building right now for etch/sid. Security Team, please notice that squid-2.5.9 which is shipped with sarge is not vulnerable, since: - - the ftp bug (SA23767) was introduced by a patch added in squid-2.5- STABLE11, see http://www.squid-cache.org/bugs/show_bug.cgi?id=1857 - - the external-acl was introduced during the squid-2.6 development, see http://www.squid-cache.org/bugs/show_bug.cgi?id=1848 If needed, I can help preparing a 'not vulnerable' advisory for these bugs. Regards, L Il giorno 16/gen/07, alle ore 21:33, Alex de Oliveira Silva ha scritto: Package: squid Version: 2.6.5-3 Severity: important Tags: security Two vulnerabilities have been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the handling of certain FTP URL requests can be exploited to crash Squid by visiting a specially crafted FTP URL via the proxy. 2) An error in the external_acl queue can cause Squid to crash when it is under high load conditions. The vulnerabilities are reported in version 2.6. Other versions may also be affected. Solution: Update to version 2.6.STABLE7. Reference: http://secunia.com/advisories/23767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0248 Note: Please mention the CVE id in the changelog. - -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFFrW9O8ZumGJJMDCYRAgUCAJ46Upkbrs93gPsJYpS96H55k5DscQCeLDGq 6b6u/7vuexKANFkpuBufNeI= =M1k7 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#281593:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tag 281593 + fixed pending thanks This bug is confirmed to not appear in 4.7.4-1 which is currently in the NEW queue. Regards, - -- Luigi Gangitano -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFFdY6W8ZumGJJMDCYRAsXFAJ9h45TryLKW56Jx2j8uus7LrkOxGwCeOkH/ RYxZ/SmwX9I1aTYkXp2Ju4g= =wuST -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]