Bug#1008656: linux-image-5.10.0-13-cloud-amd64: Consider AHCI SATA support in cloud kernels
Package: src:linux Version: 5.10.106-1 Severity: wishlist Dear Maintainer, While experimenting with oVirt and cloud-init I noticed that providing user-data scripts was possible with the "generic" cloud image but not the "genericcloud" variant. So I tried to reproduce it with `virt-install` to figure out what's going on and could replicate similar behavior: the cloud-init user-data is, by default (for x86), provided to the guest as a SATA connected CDROM drive and the kernel is unable to detect it because it's missing AHCI support. I think it would make sense to include AHCI support in the kernel cloud image since it should fix cloud-init support in the "genericcloud" images built by the cloud team. -- Package-specific info: ** Version: Linux version 5.10.0-13-cloud-amd64 (debian-ker...@lists.debian.org) (gcc-10 (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP Debian 5.10.106-1 (2022-03-17) ** Command line: BOOT_IMAGE=/boot/vmlinuz-5.10.0-13-cloud-amd64 root=UUID=cfc65fc6-a14b-4377-ab3d-8a375a40c280 ro console=tty0 console=ttyS0,115200 earlyprintk=ttyS0,115200 consoleblank=0 ** Not tainted ** Kernel log: Unable to read kernel log; any relevant messages should be attached ** Model information sys_vendor: QEMU product_name: Standard PC (Q35 + ICH9, 2009) product_version: pc-q35-6.2 chassis_vendor: QEMU chassis_version: pc-q35-6.2 bios_vendor: SeaBIOS bios_version: ArchLinux 1.16.0-1 ** Loaded modules: virtio_net net_failover virtio_blk failover crc32c_intel virtio_pci virtio_ring virtio ** PCI devices: 00:00.0 Host bridge [0600]: Intel Corporation 82G33/G31/P35/P31 Express DRAM Controller [8086:29c0] Subsystem: Red Hat, Inc. QEMU Virtual Machine [1af4:1100] Control: I/O+ Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.1 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.2 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.3 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.4 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.5 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.6 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:02.7 PCI bridge [0604]: Red Hat, Inc. QEMU PCIe Root port [1b36:000c] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B
Bug#959878: libgraphicsmagick-q16-3: config dir version changed from 1.4 to 1.3.35
Package: libgraphicsmagick-q16-3 Version: 1.4+really1.3.35-1~deb10u1 Severity: normal Dear Maintainer, After updating to 1.4+really1.3.35-1~deb10u1, the config dirs have changed from /usr/{lib,share}/GraphicsMagick-1.4/config/ to /usr/{lib,share}/GraphicsMagick-1.3.35/config/ It's probably not a big deal for most users but it came rather unexpected to us. Just wanted to report this so you're aware of this. I'm not sure if this should be worked around (use alternatives?) in the stable builds or if we should work around it in our specific use case. Kind regards Thomas -- System Information: Debian Release: 10.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-8-amd64 (SMP w/48 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libgraphicsmagick-q16-3 depends on: ii libbz2-1.0 1.0.6-9.2~deb10u1 ii libc62.28-10 ii libfreetype6 2.9.1-3+deb10u1 ii libgomp1 8.3.0-6 ii libice6 2:1.0.9-2 ii libjbig0 2.1-3.1+b2 ii libjpeg62-turbo 1:1.5.2-2+b1 ii liblcms2-2 2.9-3 ii liblzma5 5.2.4-1 ii libpng16-16 1.6.36-6 ii libsm6 2:1.2.3-1 ii libtiff5 4.1.0+git191117-2~deb10u1 ii libwebp6 0.6.1-2 ii libwebpmux3 0.6.1-2 ii libwmf0.2-7 0.2.8.4-14 ii libx11-6 2:1.6.7-1 ii libxext6 2:1.3.3-1+b2 ii libxml2 2.9.4+dfsg1-7+b3 ii libzstd1 1.3.8+dfsg-3 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages libgraphicsmagick-q16-3 recommends: ii ghostscript 9.27~dfsg-2+deb10u3 ii gsfonts 1:8.11+urwcyr1.0.7~pre44-4.4 Versions of packages libgraphicsmagick-q16-3 suggests: pn graphicsmagick-dbg -- no debconf information
Bug#864319: CVE-2017-9324
Hi all, There are 2 different security issues. https://www.otrs.com/security-advisory-2017-03-security-update-otrs-versions/ // CVE-2017-9324 // https://security-tracker.debian.org/tracker/CVE-2017-9324 This one is patched afaik with commit: https://github.com/OTRS/otrs/commit/aeadb28008f1c53b2ef8891e274d0f04c0da550b The tracker lists a commit, this commit is linked to the 3.3 version seems to be the same but could break on merge. The other issue is https://www.otrs.com/security-advisory-2017-02-security-update-otrs-versions/ sounds like: https://security-tracker.debian.org/tracker/CVE-2017-9299 This one seems to be patched with: https://github.com/OTRS/otrs/commit/68c953c5131d393733846fed58cbe6901ad3a5e7 Cheers, Thomas -Oorspronkelijk bericht- Van: Salvatore Bonaccorso [mailto:salvatore.bonacco...@gmail.com] Namens Salvatore Bonaccorso Verzonden: woensdag 7 juni 2017 09:06 Aan: Patrick Matthäi CC: Moritz Muehlenhoff; 864...@bugs.debian.org; Debian Security Team; debian-rele...@lists.debian.org Onderwerp: Bug#864319: CVE-2017-9324 Hi Patrick, On Wed, Jun 07, 2017 at 09:01:17AM +0200, Patrick Matthäi wrote: > Am 06.06.2017 um 22:37 schrieb Moritz Muehlenhoff: > > Package: otrs > > Severity: grave > > Tags: security > > > > Hi, > > details are sparse on this one, could you get in touch with upstream > > to isolate this to the change in question? > > https://www.otrs.com/security-advisory-2017-03-security-update-otrs- > > versions/ > > > > Cheers, > > Moritz > > I will try. On which way should I fix Stretch? stretch-security > updates or direct upload to Stretch? otrs2 in stretch is not covered/supported by security, since non-free. That will need to go in a future stretch point release (unless we want to make an exception here). Regards, Salvatore
Bug#637990: qemu-kvm: Please include patch to stash away SCM_RIGHTS fd to allow libvirt to hotplug NIC's
Package: qemu-kvm Version: 0.12.5+dfsg-5+squeeze6 Severity: important Tags: upstream patch Hi, it's currently not possible to hotplug NIC's using libvirt and as far as I can tell, it's qemu's fault. When I try to hotplug a NIC I get the following error: internal error unable to send TAP file handle: No file descriptor supplied via SCM_RIGHTS I've been looking around for a while and found that Ubuntu includes a patch to fix this: https://launchpad.net/ubuntu/+source/qemu-kvm/0.12.4+noroms-0ubuntu3 Could this be included in squeeze and lenny-backports? Or do you guys know of another way to hotplug network devices with libvirt? :-) -- Package-specific info: /proc/cpuinfo: processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 30 model name : Intel(R) Xeon(R) CPU X3450 @ 2.67GHz stepping: 5 cpu MHz : 2660.403 cache size : 8192 KB physical id : 0 siblings: 8 core id : 0 cpu cores : 4 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm tpr_shadow vnmi flexpriority ept vpid bogomips: 5320.80 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 30 model name : Intel(R) Xeon(R) CPU X3450 @ 2.67GHz stepping: 5 cpu MHz : 2660.403 cache size : 8192 KB physical id : 0 siblings: 8 core id : 1 cpu cores : 4 apicid : 2 initial apicid : 2 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm tpr_shadow vnmi flexpriority ept vpid bogomips: 5319.72 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 2 vendor_id : GenuineIntel cpu family : 6 model : 30 model name : Intel(R) Xeon(R) CPU X3450 @ 2.67GHz stepping: 5 cpu MHz : 2660.403 cache size : 8192 KB physical id : 0 siblings: 8 core id : 2 cpu cores : 4 apicid : 4 initial apicid : 4 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm tpr_shadow vnmi flexpriority ept vpid bogomips: 5319.72 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 30 model name : Intel(R) Xeon(R) CPU X3450 @ 2.67GHz stepping: 5 cpu MHz : 2660.403 cache size : 8192 KB physical id : 0 siblings: 8 core id : 3 cpu cores : 4 apicid : 6 initial apicid : 6 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm tpr_shadow vnmi flexpriority ept vpid bogomips: 5319.72 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 4 vendor_id : GenuineIntel cpu family : 6 model : 30 model name : Intel(R) Xeon(R) CPU X3450 @ 2.67GHz stepping: 5 cpu MHz : 2660.403 cache size : 8192 KB physical id : 0 siblings: 8 core id : 0 cpu cores : 4 apicid : 1 initial apicid : 1 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
Bug#500987: kjs: javascript RegExp doesn't work with
Package: kdelibs5 Version: 4.1.2-1 Severity: serious Justification: Sune says so When you use kdelibs5-4.1.2-1 with a libpcre3 version lower than 7.7 there is a regression with kjs. With the kjs javascript debugger enabled you will see a parse error when visiting e.g. http://www.regular-expressions.info/javascriptexample.html If you upgrade libpcre3 to a version above, or equal to, 7.7 this parse error doesn't show and the javascript works as expected. I believe that this happens because kdelibs5-4.1.2-1 is built against libpcre3-7.8-1 and kjs enables a certain feature for libpcre3 versions above 7.7: kjs/regexp.cpp:148:#ifdef PCRE_JAVASCRIPT_COMPAT // introduced in PCRE 7.7 kjs/regexp.cpp-149- options |= PCRE_JAVASCRIPT_COMPAT; kjs/regexp.cpp-150-#endif A possible solution would be to make kdelibs5 depend on >=libpcre3-7.7 as it doesn't depend on a specific version right now. On #khtml someone mentioned this: [18:48:40] We should probably use pcre_feature_supported. [18:49:17] Of course, that's really generally the case that if you run against an older version of library you'll get problems. Reaction on #debian-kde: [09:39:56] he is usually right. [09:40:44] please for now report a serious bug against kdelibs5 with this info. If you are in doubt about justification, just say "Sune says so" ;) -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (900, 'testing'), (600, 'unstable'), (101, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#342642: otrs: upgrade failed
hi, Are the owner ship promissions set right on all otrs file? use ~otrs/bin/SetPermissions.sh i used otrs:www-data (that should work on debian as default) but it didn't work until i used www-data:www-data ; Good luck! Thomas Wouters Andreas Tille wrote: Package: otrs Version: 2.0.4p01-1 Severity: grave Justification: renders package unusable Hello, after latest upgrade in testing OTRS became unusable: http://localhost/cgi-bin/otrs/customer.pl Forbidden You don't have permission to access /cgi-bin/otrs/customer.pl on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.0.54 (Debian GNU/Linux) PHP/4.4.0-4 Server at wr-linux02.rki.ivbb.bund.de Port 80 Moreover the cron jobs fail continuousely: --- Date: Fri, 09 Dec 2005 08:00:04 +0100 From: Cron Daemon <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Cron <[EMAIL PROTECTED]> test -x $HOME/bin/GenericAgent.pl && $HOME/bin/GenericAgent.pl -c db >> /dev/null DBD::Pg::st execute failed: FEHLER: Relation »process_id« existiert nicht ERROR: OTRS-GenericAgent-10 Perl: 5.8.7 OS: linux Time: Fri Dec 9 08:00:04 2005 Message: FEHLER: Relation »process_id« existiert nicht , SQL: 'SELECT process_name, process_id, process_host, process_create FROM process_id WHERE process_name = 'GenericAgent'' Traceback (14567): Module: Kernel::System::PID::PIDGet (v1.3) Line: 167 Module: Kernel::System::PID::PIDCreate (v1.3) Line: 100 Module: /usr/share/otrs/bin/GenericAgent.pl (v1.36) Line: 123 DBD::Pg::db do failed: FEHLER: Relation »process_id« existiert nicht ERROR: OTRS-GenericAgent-10 Perl: 5.8.7 OS: linux Time: Fri Dec 9 08:00:04 2005 Message: FEHLER: Relation »process_id« existiert nicht , SQL: 'INSERT INTO process_id (process_name, process_id, process_host, process_create) VALUES ('GenericAgent', '14567', 'wr-linux02.rki.ivbb.bund.de', 1134111604)' Traceback (14567): Module: Kernel::System::PID::PIDCreate (v1.3) Line: 129 Module: /usr/share/otrs/bin/GenericAgent.pl (v1.36) Line: 123 --- Tha database ist stored in PostgreSQL. The postgresql server was upgraded in the same apt-get upgrade process. The database itself looks fine and is accessible via other clients (psql, pgamdin3). Feel free to ask me for further information that might be needed to track down the problem. Kind regards Andreas. -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (501, 'testing'), (50, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages otrs depends on: ii apache2 2.0.54-5 next generation, scalable, extenda ii apache2-mpm-prefork [apache2] 2.0.54-5 traditional model for Apache2 ii libauthen-sasl-perl 2.09-1 Authen::SASL - SASL Authentication ii libdate-pcalc-perl1.2-2 Perl module for Gregorian calendar ii libdbi-perl 1.48-2 Perl5 database interface by Tim Bu ii libemail-valid-perl 0.15-3 Check validity of Internet email a ii libio-stringy-perl2.110-1Perl5 modules for IO from scalars ii libmailtools-perl 1.62-1 Manipulate email in perl programs ii libmime-perl 5.418-1Perl5 modules for MIME-compliant m ii perl 5.8.7-7Larry Wall's Practical Extraction Versions of packages otrs recommends: ii aspell0.60.3-5 GNU Aspell spell-checker ii ispell3.1.20.0-4 International Ispell (an interacti pn libapache2-mod-perl2 | libapa (no description available) ii libdbd-mysql-perl 3.0002-1 A Perl5 database interface to the ii libdbd-pg-perl1.43-1 a PostgreSQL interface for Perl 5 pn libgd-graph-perl (no description available) pn libgd-text-perl(no description available) ii mysql-server 4.1.14-6 mysql database server (transitiona ii mysql-server-4.1 [mysql-serve 4.1.14-6 mysql database server binaries ii postgresql7.5.13 object-relational SQL database man ii procmail 3.22-11Versatile e-mail processor -- debconf-show failed -- Thomas Wouters [EMAIL PROTECTED] SIJN Veerpoortstraat 28 6981 BN Doesburg Tel: 062-33 89 144 Fax: 084-22 02 007 www: www.sijn.nl