Processed: severity of 305624 is grave
Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.8.14 > severity 305624 grave Bug#305624: undefined symbol in app_dtmftotext.so: prevents asterisk starting Severity set to `grave'. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#298939: xfree86 4.1.0-16woody6 available to fix CAN-2005-0605
Branden Robinson wrote: > On Fri, Mar 11, 2005 at 03:35:32AM -0500, Branden Robinson wrote: > > The following URL contains source and binary packages for powerpc resolving > > CAN-2005-0605[1], which is described as: > > > > The XPM library's scan.c file may allow attackers to execute arbitrary > > code > > by crafting a malicious XPM image file containing a negative bitmap_unit > > value that provokes a buffer overflow. > > > > http://redwald.deadbeast.net/tmp/CAN-2005-0605/ > > Can someone tell me what the status of this is? Sure. We don't have an ARM buildd for *stable* anymore. Hence, the 11th architecure is missing. Regards, Joey -- Testing? What's that? If it compiles, it is good, if it boots up, it is perfect. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305566: digikam: hangs when trying to display larger albums
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Achim,
> Hmm, only 10 thumbnails only? All my albums have more (all < 150)
Mine normally too.
> This sounds more like a 'broken' image triggering digikams memory
> consumption to go out of bounds. Is it always the '8th' pic that
> triggers it of only one of the 10 pictues?
The 9th. For the said album, yes. But even there (where an 8th gif
keeps everything in a normal state) the exchange the 8th one with a
~1MB jpg is triggering the thing.
> What happens when you looks at the folder with other tools like
> gwenview, showimg, konqueror?
Nothing, all of them run without errors when I try to view single
images/folders. Seems to be specific to digikam.
> What other pkgs did you install together with and after the
> digikam 0.7.2 upgrade (ls -ltr | tail -50)?
You probably mean this:
cd /var/cache/apt/archives
find . -anewer digikam_0.7.2-2_i386.deb -exec ls -l \{\} \;
I attached the output to this mail.
> Can you tar the album with the 10/4k gifs and attach it to the bug
> report?
Sure, also attached.
> P.S. I've build a 0.7.3-beta1 deb with the patch applied but
> now digikam and kio_thumbnails use each 50% CPU on the
> first thumbnail creation of an little AVI movie :(
Please send me a download link. My cameras driver refuses to download
movies from it anyway.
Hope that helps,
/Markus
- --
A: No.
Q: Should I include quotations after my reply?
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCZ0GTV/arRO6fNWsRAjcxAKCBvtUHyYzg9PZUicfybankLr6fhwCeNrFc
xW1Sb9wNS1Mc7JNz/x2qoyI=
=+JVU
-END PGP SIGNATURE-
gif-samples.tgz
Description: GNU Unix tar archive
pkglist.tgz
Description: GNU Unix tar archive
Bug#303196: marked as done (xchat-systray: FTBFS (amd64): Missing -fPIC)
Your message dated Thu, 21 Apr 2005 01:32:07 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#303196: fixed in xchat-systray 2.4.5-2 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 5 Apr 2005 11:33:48 + >From [EMAIL PROTECTED] Tue Apr 05 04:33:48 2005 Return-path: <[EMAIL PROTECTED]> Received: from c146077.adsl.hansenet.de (localhost.localdomain) [213.39.146.77] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DImJY-0004bc-00; Tue, 05 Apr 2005 04:33:48 -0700 Received: from aj by localhost.localdomain with local (Exim 4.50) id 1DImJc-0004EI-9N; Tue, 05 Apr 2005 13:33:52 +0200 To: Debian Bug Tracking System <[EMAIL PROTECTED]> From: Andreas Jochens <[EMAIL PROTECTED]> Subject: xchat-systray: FTBFS (amd64): Missing -fPIC Message-Id: <[EMAIL PROTECTED]> Date: Tue, 05 Apr 2005 13:33:52 +0200 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: xchat-systray Version: 2.4.5-1 Severity: normal Tags: patch When building 'xchat-systray' on amd64/unstable, I get the following error: gcc -O3 -Wall `pkg-config --libs gtk+-2.0` src/away_system.o src/data_manager.o src/events.o src/menu.o src/settings.o src/warnings.o src/help.o src/eggtrayicon.o src/systray.o -shared -o systray.so /usr/bin/ld: src/away_system.o: relocation R_X86_64_32 can not be used when making a shared object; recompile with -fPIC src/away_system.o: could not read symbols: Bad value collect2: ld returned 1 exit status make[1]: *** [systray.so] Error 1 make[1]: Leaving directory `/xchat-systray-2.4.5' make: *** [build-stamp] Error 2 With the attached patch 'xchat-systray' can be compiled on amd64. Regards Andreas Jochens diff -urN ../tmp-orig/xchat-systray-2.4.5/Makefile ./Makefile --- ../tmp-orig/xchat-systray-2.4.5/Makefile2005-04-05 13:28:18.928047158 +0200 +++ ./Makefile 2005-04-05 13:28:16.716461819 +0200 @@ -1,5 +1,5 @@ #UNIX VARS -CFLAGS = -O3 -Wall +CFLAGS = -O3 -Wall -fPIC GTKFLAGS =`pkg-config --cflags gtk+-2.0` LIBS = `pkg-config --libs gtk+-2.0` mkdir = mkdir --- Received: (at 303196-close) by bugs.debian.org; 21 Apr 2005 05:48:09 + >From [EMAIL PROTECTED] Wed Apr 20 22:48:08 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOUXo-0007eZ-00; Wed, 20 Apr 2005 22:48:08 -0700 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1DOUIJ-0004mq-00; Thu, 21 Apr 2005 01:32:07 -0400 From: David Moreno Garza <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#303196: fixed in xchat-systray 2.4.5-2 Message-Id: <[EMAIL PROTECTED]> Sender: Archive Administrator <[EMAIL PROTECTED]> Date: Thu, 21 Apr 2005 01:32:07 -0400 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Source: xchat-systray Source-Version: 2.4.5-2 We believe that the bug you reported is fixed in the latest version of xchat-systray, which is due to be installed in the Debian FTP archive: xchat-systray_2.4.5-2.diff.gz to pool/main/x/xchat-systray/xchat-systray_2.4.5-2.diff.gz xchat-systray_2.4.5-2.dsc to pool/main/x/xchat-systray/xchat-systray_2.4.5-2.dsc xchat-systray_2.4.5-2_i386.deb to pool/main/x/xchat-systray/xchat-systray_2.4.5-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Moreno Garza <[EMAIL PROTECTED]> (supplier of updated xchat-systray package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash:
Bug#305624: undefined symbol in app_dtmftotext.so: prevents asterisk starting
Package: asterisk-app-dtmftotext Version: 0.0.20050203-2 Severity: critical With asterisk-app-dtmftotext installed, asterisk fails to start, e.g. # asterisk -U asterisk -vvvc ... [app_dtmftotext.so]Apr 21 15:40:49 WARNING[22078]: loader.c:258 ast_load_resource: /usr/lib/asterisk/modules/app_dtmftotext.so: undefined symbol: __gethostbyname__is__not__reentrant__use__ast_gethostbyname__instead__ Apr 21 15:40:49 WARNING[22078]: loader.c:440 load_modules: Loading module app_dtmftotext.so failed! I'm mark this bug as "critical" since it keeps this package (asterisk-app-dtmftotext) from working, but also keeps other packages (asterisk) from working. asterisk itself does start up successfully if I remove asterisk-app-dtmftotext. Drew -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11 Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Versions of packages asterisk-app-dtmftotext depends on: ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an ii libspandsp0 0.0.2pre10-3 Telephony signal processing librar -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#285079: marked as done (libosip2 2.0.9 breaks siproxd)
Your message dated Thu, 21 Apr 2005 14:59:29 +0900 (JST) with message-id <[EMAIL PROTECTED]> and subject line Bug#285079: Ping has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 10 Dec 2004 14:53:26 + >From [EMAIL PROTECTED] Fri Dec 10 06:53:26 2004 Return-path: <[EMAIL PROTECTED]> Received: from iliveon.earth.li (pot.noodles.at.earth.li) [217.147.80.1] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Ccm98-0003ZZ-00; Fri, 10 Dec 2004 06:53:26 -0800 Received: from noodles by pot.noodles.at.earth.li with local (Exim 4.34) id 1Ccm7G-0005tz-AE; Fri, 10 Dec 2004 14:51:30 + Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Jonathan McDowell <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: libosip2 2.0.9 breaks siproxd X-Mailer: reportbug 3.4 Date: Fri, 10 Dec 2004 14:51:30 + X-Debbugs-Cc: Debian VoIP Team <[EMAIL PROTECTED]> Message-Id: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE, X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2004_03_25 X-Spam-Level: Package: libosip2 Version: 2.0.9-1 Severity: grave Justification: renders package unusable The new libosip2 2.0.9 package, which I upgraded to this morning, seems to break siproxd, with the error: /usr/sbin/siproxd: relocation error: /usr/sbin/siproxd: undefined symbol: osip_free Looking at the old 2.0.6 lib compared to 2.0.9: [EMAIL PROTECTED] ~]$ nm -D /usr/lib/libosip2.so.2.0.6 | grep osip_free U osip_free [EMAIL PROTECTED] ~]$ nm -D libosip2.so.2.0.9 | grep osip_free [EMAIL PROTECTED] ~]$ This looks like the ABI has changed between 2.0.6 and 2.0.9. Shouldn't the soname have also changed or do I misunderstand that problem? Dropping back to 2.0.6 makes siproxd work for me again. siproxd version is 0.57.snap040720-2 -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.10-rc3 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Versions of packages libosip2 depends on: ii libc6 2.3.2.ds1-19 GNU C Library: Shared libraries an -- no debconf information --- Received: (at 285079-done) by bugs.debian.org; 21 Apr 2005 05:59:17 + >From [EMAIL PROTECTED] Wed Apr 20 22:59:17 2005 Return-path: <[EMAIL PROTECTED]> Received: from c158130.vh.plala.or.jp (mvs2.plala.or.jp) [210.150.158.130] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOUib-9c-00; Wed, 20 Apr 2005 22:59:17 -0700 Received: from msc2.plala.or.jp ([172.23.8.25]) by mvs2.plala.or.jp with ESMTP id <[EMAIL PROTECTED]> for <[EMAIL PROTECTED]>; Thu, 21 Apr 2005 14:59:07 +0900 Received: from cfard.araki.net ([210.158.216.125]) by msc2.plala.or.jp with ESMTP id <[EMAIL PROTECTED]> for <[EMAIL PROTECTED]>; Thu, 21 Apr 2005 14:59:06 +0900 Received: from localhost (localhost [127.0.0.1]) by cfard.araki.net (Postfix) with ESMTP id E3846171C8 for <[EMAIL PROTECTED]>; Thu, 21 Apr 2005 14:59:29 +0900 (JST) Date: Thu, 21 Apr 2005 14:59:29 +0900 (JST) Message-Id: <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: Bug#285079: Ping From: ARAKI Yasuhiro <[EMAIL PROTECTED]> In-Reply-To: <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> X-Mailer: Mew version 4.0.65 on Emacs 21.4 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Hi, I believe #285079 was fixed at 285178-close. At Debian Bug report logs - #285079, libosip2 2.0.9 breaks siproxd and Debian Bug report logs - #285178, libosip2 2.0.9 breaks siproxd is same problem. #285178 is already closed at "Sun, 20 Mar 2005 16:02:55 -0500" by uploaded siproxd (1:0.5.10-1). It use libos
Bug#304843: unreproducible
I still cannot reproduce this; please tell me how you're running pbuilder (how it's being called, and the contents of your .pbuilderrc). As far as I can tell, pbuilder requires being run as root to chroot. -- Andres Salomon <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#298939: xfree86 4.1.0-16woody6 available to fix CAN-2005-0605
On Fri, Mar 11, 2005 at 03:35:32AM -0500, Branden Robinson wrote: > The following URL contains source and binary packages for powerpc resolving > CAN-2005-0605[1], which is described as: > > The XPM library's scan.c file may allow attackers to execute arbitrary code > by crafting a malicious XPM image file containing a negative bitmap_unit > value that provokes a buffer overflow. > > http://redwald.deadbeast.net/tmp/CAN-2005-0605/ Can someone tell me what the status of this is? -- G. Branden Robinson| A celibate clergy is an especially Free Software Developer| good idea, because it tends to [EMAIL PROTECTED] | suppress any hereditary propensity http://deadbeast.net/~branden/ | toward fanaticism.-- Carl Sagan signature.asc Description: Digital signature
Bug#305606: Acknowledgement (amavisd-new: *experimental 2.2.1* blocking CLEAN messages)
OK, I thought I had understood things with the new version, but I missed the -c flag in init.d/ ... honest, I did look for it... So, the problem is that the default config of amavisd-new appears to be blocking messages. The /etc/amavisd.conf file isn't looked at or used, as you intended. Sorry for the red herring. I've set up amavis on a spare machine and I'm going to try to do some testing to figure out what in the 3 config fragments is screwing things up. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305617: squid: assertion failure causes squid to abort: assertion failed: store_swapout.c:232: "mem->inmem_lo == 0"
Package: squid Version: 2.5.9-4 Severity: serious This applies to 2.5.9-5 - I downgraded to be able to check for duplicate bug reports. I get this assertion failure, and abort: assertion failed: store_swapout.c:232: "mem->inmem_lo == 0" Regards, Daniel -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.12-rc1-enki Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Versions of packages squid depends on: ii adduser 3.63 Add and remove users and groups ii coreutils 5.2.1-2 The GNU core utilities ii debconf 1.4.48 Debian configuration management sy ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an ii libldap22.1.30-6 OpenLDAP libraries ii libpam0g0.76-22 Pluggable Authentication Modules l ii logrotate 3.7-2Log rotation utility ii netbase 4.21 Basic TCP/IP networking system ii squid-common2.5.9-4 Internet Object Cache (WWW proxy c -- debconf information: squid/fix_cachedir_perms: false * squid/largefiles_warning: squid/anonymize_headers: squid-cgi/cachemgr: squid/old_version: false squid/http_anonymizer: squid/authenticate_program: squid/fix_lines: true -- Artists are people driven by a conflict between the desire to communicate and the even stronger desire to hide. -- D. W. Winnicott -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#285079: Ping
Hi samuel, Now I uploaded libosip2_2.0.9-4+2.0.6_i386.deb to debian queue. libosip2_2.0.9-4+2.0.6 made from libosip2-2.0.6. And it includes fix for "URI Parsing Heap Overflows. Reported at http://www.securiteam.com/securitynews/5RP0B20FFG.html";. Thanks. -- ARAKI Yasuhiro A Debian Official Developer <[EMAIL PROTECTED]> From: Samuel Mimram <[EMAIL PROTECTED]> Subject: Bug#285079: Ping Date: Wed, 20 Apr 2005 17:49:01 +0200 > ARAKI Yasuhiro wrote: > > Samuel, > > > >>Hi, > >> > >>I'm just pinging the BR just to know how the issue of ABI-breakage of > >>libosip2 is going on since it blocks my package linphone (no news since > >>Dec 2004). > > > > > > As you packaged "linphone" (at least linphone_1.0.1-3) depends > > NEW ABI package of libosip2 is installed in Debian as "libosip2-3". > > > > Do you want to use libosip2(<= 2.0.6)'s ABI? > > I don't want to use libosip2 but this RC bug on it prevents libosip2-3 > from entering testing. See: > > http://bjorn.haxx.se/debian/testing.pl?package=libosip2-3 > > Regards, > > Samuel. > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#282287: marked as done (FTBFS: build-depends on unavailable libwraster2-dev)
Your message dated Wed, 20 Apr 2005 22:42:25 -0400 with message-id <[EMAIL PROTECTED]> and subject line closing this bug has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 21 Nov 2004 00:58:10 + >From [EMAIL PROTECTED] Sat Nov 20 16:58:10 2004 Return-path: <[EMAIL PROTECTED]> Received: from sorrow.cyrius.com [65.19.161.204] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CVg3O-0005ck-00; Sat, 20 Nov 2004 16:58:10 -0800 Received: by sorrow.cyrius.com (Postfix, from userid 10) id 162AA64D4A; Sun, 21 Nov 2004 00:58:10 + (UTC) Received: by derision.cyrius.com (Postfix, from userid 1000) id DE37117AC8; Sun, 21 Nov 2004 00:57:43 + (GMT) Date: Sun, 21 Nov 2004 00:57:43 + From: Martin Michlmayr <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: FTBFS: build-depends on unavailable libwraster2-dev Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6+20040722i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2004_03_25 X-Spam-Level: Package: wdm Version: 1.27-2 Serious: serious Your package has a build-dependency on libwraster2-dev which no longer cannot be fulfilled in unstable. wmaker rencently moved to libwraster3-dev and therefore libwraster2-dev is now no longer available in unstable. You'll have to switch to libwraster3-dev. -- Martin Michlmayr http://www.cyrius.com/ --- Received: (at 282287-done) by bugs.debian.org; 21 Apr 2005 02:42:28 + >From [EMAIL PROTECTED] Wed Apr 20 19:42:28 2005 Return-path: <[EMAIL PROTECTED]> Received: from spider.morgul.net [128.30.28.25] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DORe8-0003cM-00; Wed, 20 Apr 2005 19:42:28 -0700 Received: from frodo by spider.morgul.net with local (Exim 4.50) id 1DORe5-0005Lf-AE for [EMAIL PROTECTED]; Wed, 20 Apr 2005 22:42:25 -0400 Date: Wed, 20 Apr 2005 22:42:25 -0400 From: Noah Meyerhans <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: closing this bug Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="19uQFt6ulqmgNgg1" Content-Disposition: inline User-Agent: Mutt/1.3.28i Sender: Noah Meyerhans <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: --19uQFt6ulqmgNgg1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline acknowledging an NMU... --19uQFt6ulqmgNgg1 Content-Type: application/pgp-signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQFCZxMRYrVLjBFATsMRAgsJAJ9ra9MeAKZfnOb0hO0ryjEsclDBUACfWzez NRwmUW4pGJt1449jq/zIfDA= =Y2yy -END PGP SIGNATURE- --19uQFt6ulqmgNgg1-- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305606: amavisd-new: *experimental 2.2.1* blocking CLEAN messages
Package: amavisd-new Version: 1:2.2.1-1 Severity: critical Tags: experimental Justification: causes serious data loss Tagging critical per-debian policy, e-mail dropped. The experimental version of amavisd-new uses a new config schema, but it looks like it's not completely implemented yet, since we're still reading the old config file, not the new generated config file. The old config file w/new Amavis is causing data loss, CLEAN mail messages are being blocked. Apr 20 18:24:18 new-insecurity amavis[30740]: (30740-01) Blocked CLEAN, [140.211.166.43] [140.211.166.43] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, Hits: 0, 1896 ms I suspect this has to do with SQL, I've attached my diffs from the default just in case this would help you isolate my weirdness. (1) (critical issue) Change amavisd to read the new generated config file, and squawk loudly that the old config file is not longer used. You probably need to preserve it somehow during the upgrade process so the user can reference it, but it should be moved out of the way and clearly marked, and moved back if downgraded (ow!). (2) (minor issues) 00-upstream and 10-debian should be in /usr/share/amavisd-new and should not be conf (3) 20-debconf probably doesn't belong in /etc... (4) The generated file doesn't belong in /etc, suggest /var/lib/amavisd-new Obviously you need to figure out how to handle the mydomainname problem. (5) Why is clamd commented out? It seems like there are *excessive* debianizations in 10-debian. Real changes should be forwarded upstream, 10-debian should be small and just have changes. :-( -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.11-686-smp-evms Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages amavisd-new depends on: ii adduser 3.63 Add and remove users and groups ii file 4.12-1 Determines file type using "magic" ii libarchive-tar-perl 1.23-1 Archive::Tar - manipulate tar file ii libarchive-zip-perl 1.14-1 Module for manipulation of ZIP arc ii libcompress-zlib-perl 1.34-1 Perl module for creation and manip ii libconvert-tnef-perl 0.17-4 Perl module to read TNEF files ii libconvert-uulib-perl 1.0.5.1-1 Perl interface to the uulib librar pn libdigest-md5-perl Not found. ii libmailtools-perl 1.62-1 Manipulate email in perl programs pn libmime-base64-perl Not found. ii libmime-perl 5.417-1Perl5 modules for MIME-compliant m ii libnet-perl 1:1.19-1 Implementation of Internet protoco ii libnet-server-perl0.87-3 An extensible, general perl server ii libunix-syslog-perl 0.100-4Perl interface to the UNIX syslog( ii perl [libtime-hires-perl] 5.8.4-8Larry Wall's Practical Extraction ii perl-modules [libnet-perl]5.8.4-8Core Perl modules -- no debconf information --- amavisd.conf.dpkg-dist 2004-11-30 18:14:42.0 -0800 +++ amavisd.conf2005-04-20 18:14:25.0 -0700 @@ -2,7 +2,7 @@ # Configuration file for amavisd-new # Defaults modified for the Debian amavisd-new package -# $Id: amavisd.conf,v 1.27.2.2 2004/11/18 23:27:55 hmh Exp $ +# $Id: amavisd.conf,v 1.28 2004/12/26 13:16:23 hmh Exp $ # # This software is licensed under the GNU General Public License (GPL). # See comments at the start of amavisd-new for the whole license text. @@ -63,7 +63,7 @@ # $mydomain serves as a quick default for some other configuration settings. # More refined control is available with each individual setting further down. # $mydomain is never used directly by the program. -$mydomain = 'example.com'; # (no useful default) +$mydomain = 'new-insecurity.home.shockwave.org'; # (no useful default) # $myhostname = 'host.example.com'; # fqdn of this host, default by uname(3) @@ -102,8 +102,8 @@ # POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4 # (set host and port number as required; host can be specified # as IP address or DNS name (A or CNAME, but MX is ignored) -#$forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail -#$notify_method = $forward_method; # where to submit notifications +$forward_method = 'smtp:127.0.0.1:10026'; # where to forward checked mail +$notify_method = $forward_method; # where to submit notifications # NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST # uncomment the appropriate settings below if using other setups! @@ -137,7 +137,7 @@ # feeding amavisd, e.g. with Postfix the 'Max procs' field in the # master.cf file, like the '2' in the: smt
Bug#305604: ftp.debian.org: Please remove source package libdbd-sqlite-perl
Package: ftp.debian.org Severity: serious With libdbd-sqlite2-perl and libdbd-sqlite3-perl now in testing we can now drop libdbd-sqlite-perl. Please note that: * The lire package still depends on libdbd-sqlite-perl; I can prepare an NMU if required, the maintainer hasn't responded to several emails sent to his d.o address and Cc'ed to debian-perl. * We can't ship libdbd-sqlite-perl with sarge since it's not compatible with upstream. Getting stuck a couple of years with that problem is something I'd rather not handle. The sooner the package is removed from testing the better, since this would give me more time to react to bug reports and feedback from users. Thanks! Marcelo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305605: CAN-2005-0718: remote DoS from aborted connections
Package: squid Severity: grave Justification: user security hole More info at http://www.securityfocus.com/bid/13166, but in summary: > A remote denial of service vulnerability affects the Squid Proxy. > This issue is due to a failure of the application to properly handle > exceptional network requests. The problem presents itself when a > remote attacker prematurely aborts a connection during a PUT or POST > request. > A remote attacker may leverage this issue to crash the affected Squid > Proxy, denying service to legitimate users. Vulnerable versions listed at that site say that 2.4.6, and 2.5.9 are both vulnerable, suggesting that Woody, Sarge, Sid are all exposed. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686-smp Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305055: marked as done (dmapi: FTBFS: parse error in xfs/xfs_fs.h)
Your message dated Wed, 20 Apr 2005 21:32:20 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#305055: fixed in dmapi 2.2.1-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 17 Apr 2005 17:24:44 + >From [EMAIL PROTECTED] Sun Apr 17 10:24:44 2005 Return-path: <[EMAIL PROTECTED]> Received: from mail-out.m-online.net [212.18.0.9] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DNDVj-0008TK-00; Sun, 17 Apr 2005 10:24:44 -0700 Received: from mail.m-online.net (svr20.m-online.net [192.168.3.148]) by mail-out.m-online.net (Postfix) with ESMTP id 8B7D2810F; Sun, 17 Apr 2005 19:24:42 +0200 (CEST) Received: from atari.stigge.org (ppp-82-135-71-67.mnet-online.de [82.135.71.67]) by mail.m-online.net (Postfix) with ESMTP id 3ACB26BDBF; Sun, 17 Apr 2005 19:24:38 +0200 (CEST) Received: from [192.168.5.99] (localhost [127.0.0.1]) by atari.stigge.org (Postfix) with ESMTP id 2E718100442A3; Sun, 17 Apr 2005 19:24:37 +0200 (CEST) From: Roland Stigge <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: dmapi: FTBFS: parse error in xfs/xfs_fs.h Message-Id: <[EMAIL PROTECTED]> Date: Sun, 17 Apr 2005 19:24:37 +0200 (CEST) Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: dmapi Version: 2.2.0-1 Severity: serious Hi, building the package dmapi in a clean sid build environment (with pbuilder) on i386 results in: = [...] gcc -O1 -g -DNDEBUG -funsigned-char -Wall -I../include -DVERSION=\"2.2.0\" -DLOCALEDIR=\"/usr/share/locale\" -DPACKAGE=\"dmapi\" -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_REENTRANT -fno-strict-aliasing -c dm_event.c -o dm_event.o >/dev/null 2>&1 /usr/bin/libtool --mode=compile gcc -O1 -g -DNDEBUG -funsigned-char -Wall -I../include -DVERSION=\"2.2.0\" -DLOCALEDIR=\"/usr/share/locale\" -DPACKAGE=\"dmapi\" -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_REENTRANT -fno-strict-aliasing -c dm_handle.c gcc -O1 -g -DNDEBUG -funsigned-char -Wall -I../include -DVERSION=\"2.2.0\" -DLOCALEDIR=\"/usr/share/locale\" -DPACKAGE=\"dmapi\" -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_REENTRANT -fno-strict-aliasing -c dm_handle.c -fPIC -DPIC -o .libs/dm_handle.o In file included from dm_handle.c:43: /usr/include/xfs/xfs_fs.h:319: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:321: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:322: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:323: error: parse error before '}' token /usr/include/xfs/xfs_fs.h:350: error: variable or field `__user' declared void /usr/include/xfs/xfs_fs.h:350: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:352: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:354: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:355: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:356: error: parse error before '}' token /usr/include/xfs/xfs_fs.h:366: error: field `hreq' has incomplete type /usr/include/xfs/xfs_fs.h:367: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:375: error: field `hreq' has incomplete type /usr/include/xfs/xfs_fs.h:379: error: variable or field `__user' declared void /usr/include/xfs/xfs_fs.h:379: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:385: error: variable or field `__user' declared void /usr/include/xfs/xfs_fs.h:385: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:386: error: parse error before '*' token /usr/include/xfs/xfs_fs.h:389: error: parse error before '}' token /usr/include/xfs/xfs_fs.h:392: error: field `hreq' has incomplete type /usr/include/xfs/xfs_fs.h:394: error: field `__user' has incomplete type /usr/include/xfs/xfs_fs.h:394: error: parse error before '*' token make[2]: *** [dm_handle.lo] Error 1 make[1]: *** [default] Error 2 make[1]: Leaving directory `/tmp/buildd/dmapi-2.2.0' make: *** [built] Error 2 = Thanks for considering. -- DARTS - Debian Archive Regression Test Suite http://darts.alioth.debian.org/ Please note that this report has not been generated fully automatically
Bug#305601: CAN-2005-0404: serious content spoofing vulnerability
Package: kmail Severity: grave Justification: user security hole For more information see: http://www.securityfocus.com/bid/13085 In summary: > A remote email message content spoofing vulnerability affects KDE > KMail. This issue is due to a failure of the application to properly > sanitize HTML email messages. > An attacker may leverage this issue to spoof email content and various > header fields of email messages. This may aid an attacker in > conducting phishing and social engineering attacks by spoofing PGP > keys as well as other critical information. securityfocus list 3.3.2 as vulnerable, which is currently in Sarge and Sid. No idea if it would affect 2.2.2 which is in Woody. See KDE bug 96020. Work around is to disable HTML email. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686-smp Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305570: slappasswd -> ../lib/slapd , but /usr/lib/slapd missing
G'night,
Torsten Landschoff wrote:
Hi Hans,
On Wed, Apr 20, 2005 at 10:52:34PM +0200, Hans van Kranenburg wrote:
Seems /usr/lib/slapd (when present) detects with which name it was
called, and changes behaviour accordingly... :S
Yes, that's right :( Upstream merged slappasswd into slapd for some
reason.
I'm not a fan of tricky things like that :) Programs that behave
differently when they're called with another name are against the
KISS-thing imho, if there's not a very good reason.
http://en.wikipedia.org/wiki/KISS_principle
So... I think ldap-utils lacks some dependency on a package
containing the /usr/lib/slapd. According to the `dpkg -l`
/usr/lib/slapd only exists in package slapd. I don't want to run
slapd on the webserver, but I want slappasswd to generate encryptes
passwords there...
Problem is that slappasswd currently /is/ slapd. You can still
install it without actually running the slapd server. Anyway, the
symbolic link in ldap-utils will vanish :(
But without slapd installed, ldap-utils itself is broken now for me.
I will now temporarily fix this by manually copying /usr/lib/slapd
from Jerry to Tom.
Seems like there is no other way with the current upstream
implementation :(
I don't need all the extra stuff that's needed to run a full blown slapd
on the webserver.
So I won't suggest a dependency that forces slapd to be installed when
installing ldap-utils only to be able to run slappasswd to generate some
{SSHA} stuff...
Perhaps some slapd-common sort of package that includes only the stuff I
need to use slappasswd and /usr/bin/ldap* programs when the LDAP server
is not on localhost, but next to it on another box.
Thanks!
Hans van Kranenburg
--
Technische Hogeschool Rijswijk
Lange Kleiweg 80
2288 GK Rijswijk
T 070-3401876
E [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305343: Exploitable buffer overflow in RTSP streaming code
Patch for sid attached. Gerardo diff -Nru /tmp/K6tJKUUwAx/xine-lib-1.0/src/input/librtsp/rtsp.c /tmp/ljlLpb7MdV/xine-lib-1.0/src/input/librtsp/rtsp.c --- /tmp/K6tJKUUwAx/xine-lib-1.0/src/input/librtsp/rtsp.c 2004-07-25 19:13:54.0 +0200 +++ /tmp/ljlLpb7MdV/xine-lib-1.0/src/input/librtsp/rtsp.c 2005-04-21 02:09:50.313439360 +0200 @@ -218,6 +218,7 @@ unsigned int answer_seq; char **answer_ptr=s->answers; int code; + int ans_count = 0; answer=rtsp_get(s); if (!answer) @@ -268,7 +269,7 @@ } *answer_ptr=answer; answer_ptr++; - } while (strlen(answer)!=0); + } while ((strlen(answer)!=0) && (++ans_count < MAX_FIELDS)); s->cseq++;
Bug#305005: marked as done (slapd: [slapd.postinst] FATAL ERROR: integer expression expected)
Your message dated Wed, 20 Apr 2005 19:47:31 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#304840: fixed in openldap2.2 2.2.23-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--
Received: (at submit) by bugs.debian.org; 17 Apr 2005 08:09:40 +
>From [EMAIL PROTECTED] Sun Apr 17 01:09:40 2005
Return-path: <[EMAIL PROTECTED]>
Received: from fep31-0.kolumbus.fi (fep31-app.kolumbus.fi) [193.229.0.35]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DN4qa-lt-00; Sun, 17 Apr 2005 01:09:40 -0700
Received: from bongo.cante.net ([81.197.3.110]) by fep31-app.kolumbus.fi
with ESMTP
id <[EMAIL PROTECTED]>
for <[EMAIL PROTECTED]>; Sun, 17 Apr 2005 11:09:38 +0300
Received: from fw.cante.net ([192.168.1.3]:40576 helo=cante.cante.net)
by bongo.cante.net with esmtp (Exim 4.50)
id 1DN4qY-0001pu-8R; Sun, 17 Apr 2005 11:09:38 +0300
Received: from jaalto by cante.cante.net with local (Exim 4.50)
id 1DN4rB-0005Yo-1D; Sun, 17 Apr 2005 11:10:17 +0300
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Jari Aalto <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: slapd: [slapd.postinst] FATAL ERROR: integer expression expected
X-Mailer: reportbug 3.9
Date: Sun, 17 Apr 2005 11:10:15 +0300
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-7.2 required=4.0 tests=BAYES_00,HAS_PACKAGE,
REMOVE_REMOVAL_NEAR autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: slapd
Version: 2.2.23-2
Severity: important
Preconditions:
slapd would not upgrade, so I removed it (apt-get remove slapd) and
ran install (apt-get install slapd).
Error during install:
Reading Package Lists... Done
Building Dependency Tree... Done
Suggested packages:
openldap-guide
The following NEW packages will be installed:
slapd
0 upgraded, 1 newly installed, 0 to remove and 39 not upgraded.
Need to get 796kB of archives.
After unpacking 2241kB of additional disk space will be used.
Get:1 http://ftp.fi.debian.org unstable/main slapd 2.2.23-2 [796kB]
Fetched 796kB in 2s (278kB/s)
Preconfiguring packages ...
Selecting previously deselected package slapd.
(Reading database ... 120482 files and directories currently installed.)
Unpacking slapd (from .../slapd_2.2.23-2_i386.deb) ...
Setting up slapd (2.2.23-2) ...
Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.2.23-1... done.
Enabling LDAPv2 support... already enabled.
Moving old database directories to /var/backups:
Loading from /var/backups/slapd-2.2.23-1:
- directory dc=cante,dc=net... /var/lib/dpkg/info/slapd.postinst: line 103:
/var/backups/slapd-2.2.23-1/dc=cante,dc=net.ldif: No such file or directory
/var/lib/dpkg/info/slapd.postinst: line 106: [: : integer expression expected
failed.
Loading the database from the LDIF dump failed with the following
error while running slapadd:
/var/backups/slapd-2.2.23-1/dc=cante,dc=net.ldif: No such file or directory
dpkg: error processing slapd (--configure):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
slapd
E: Sub-process /usr/bin/dpkg returned an error code (1)
The offending code:
96 automatic_ldif_fixing_wanted_for() {
#
96 {{{
97 # Check if the user wants us to automatically fix the given LDIF file.
98 # Usage: if automatic_ldif_fixing_wanted_for "$file"; then ...
99 # XXX: Use debconf to configure this
100
101 local file size maxsize
102 file="$1"
103 size=`wc -c < "$file"`
104 maxsize=$((1024 * 1024 * 20))
105
106 if [ "$size" -lt "$maxsize" ]; then
107 return 0
108 else
109 return 1
110 fi
111 }
Suggestion:
Check for existence of file before proceeding.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)
Versions of packages slapd depends on:
ii coreutils [fileutils] 5.2.1-2 The GNU core utilities
ii debc
Bug#304549: marked as done (libldap-2.2-7: libldap_r is not correctly linked against libpthread)
Your message dated Wed, 20 Apr 2005 19:47:31 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#304549: fixed in openldap2.2 2.2.23-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 13 Apr 2005 22:24:51 + >From [EMAIL PROTECTED] Wed Apr 13 15:24:51 2005 Return-path: <[EMAIL PROTECTED]> Received: from pd9e87a24.dip.t-dialin.net (finsterwalde.dnsalias.net) [217.232.122.36] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DLqHy-0004Tj-00; Wed, 13 Apr 2005 15:24:51 -0700 Received: from localhost (alpha.home.net [127.0.0.1]) by finsterwalde.dnsalias.net (Postfix) with ESMTP id AB6D938CC9 for <[EMAIL PROTECTED]>; Thu, 14 Apr 2005 00:24:18 +0200 (CEST) Received: from finsterwalde.dnsalias.net ([127.0.0.1]) by localhost (alpha [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 01642-02 for <[EMAIL PROTECTED]>; Thu, 14 Apr 2005 00:24:18 +0200 (CEST) Received: by finsterwalde.dnsalias.net (Postfix, from userid 1000) id 3683F38C9C; Thu, 14 Apr 2005 00:24:18 +0200 (CEST) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Silvio Schmidt <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: slapd: The newest Version 2.2.23 instantly dies when a process tries to access it. X-Mailer: reportbug 3.8 Date: Thu, 14 Apr 2005 00:24:17 +0200 Message-Id: <[EMAIL PROTECTED]> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at finsterwalde.dnsalias.net Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: slapd Version: 2.2.23 Severity: grave Justification: renders package unusable -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: alpha Kernel: Linux 2.6.11 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages slapd depends on: ii coreutils [fileutils] 5.2.1-2 The GNU core utilities ii debconf 1.4.30.11Debian configuration management sy ii fileutils 5.2.1-2 The GNU file management utilities ii libc6.1 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libdb4.24.2.52-18Berkeley v4.2 Database Libraries [ ii libgcrypt11 1.2.0-4 LGPL Crypto library - runtime libr ii libgnutls11 1.0.16-9 GNU TLS library - runtime library ii libgpg-error0 1.0-1library for common error values an ii libiodbc2 3.52.2-3 iODBC Driver Manager ii libldap22.2.23 OpenLDAP libraries ii libltdl31.5.6-6 A system independent dlopen wrappe ii libsasl22.1.19-1.5 Authentication abstraction library ii libslp1 1.0.11a-2OpenSLP libraries ii libwrap07.6.dbs-8Wietse Venema's TCP wrappers libra ii perl [libmime-base64-perl] 5.8.4-8 Larry Wall's Practical Extraction ii psmisc 21.5-1 Utilities that use the proc filesy ii zlib1g 1:1.2.2-3compression library - runtime -- debconf information: slapd/fix_directory: true * shared/organization: Finsterwalde slapd/upgrade_slapcat_failure: * slapd/backend: BDB * slapd/allow_ldap_v2: true * slapd/no_configuration: false * slapd/move_old_database: true slapd/suffix_change: false slapd/slave_databases_require_updateref: * slapd/dump_database_destdir: /var/backups/slapd-VERSION slapd/autoconf_modules: true * slapd/domain: home.net slapd/password_mismatch: slapd/invalid_config: true slapd/upgrade_slapadd_failure: * slapd/dump_database: always * slapd/purge_database: false slapd/admin: --- Received: (at 304549-close) by bugs.debian.org; 20 Apr 2005 23:56:45 + >From [EMAIL PROTECTED] Wed Apr 20 16:56:45 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOP3l-0005M8-00; Wed, 20 Apr 2005 16:56:45 -0700 Received: from katie by newraff.debian.org with local (E
Bug#305570: marked as done (slappasswd -> ../lib/slapd , but /usr/lib/slapd missing)
Your message dated Wed, 20 Apr 2005 19:47:31 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#304339: fixed in openldap2.2 2.2.23-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 20 Apr 2005 20:52:46 + >From [EMAIL PROTECTED] Wed Apr 20 13:52:46 2005 Return-path: <[EMAIL PROTECTED]> Received: from od251.xs4all.nl [213.84.168.241] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOMBh-0006hS-00; Wed, 20 Apr 2005 13:52:45 -0700 Received: from [192.168.251.21] (knorrie.od251.csrdelft.nl [192.168.251.21]) by od251.xs4all.nl (Postfix) with ESMTP id 7FE071D9; Wed, 20 Apr 2005 22:52:44 +0200 (CEST) Message-ID: <[EMAIL PROTECTED]> Date: Wed, 20 Apr 2005 22:52:34 +0200 From: Hans van Kranenburg <[EMAIL PROTECTED]> User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: [EMAIL PROTECTED] Subject: slappasswd -> ../lib/slapd , but /usr/lib/slapd missing Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: ldap-utils Version: 2.2.23-1 (Sarge) Severity: grave Hi, I use slappasswd on a box called 'Tom' to generate passwords in php which are used to update user details on a ldap server, called 'Jerry'. The php script directly contacts to the ldap server over an ssl-tunnel. Some days ago users started complaining their changed passwords didn't work anymore, so I went debugging and I found this: On the webserver only ldap-utils was installed because of slappasswd. But since the last apt-get upgrade slappasswd seems being thrown away and replaced by a symlink pointing to /usr/lib/slapd, which isn't present. tom.3 /usr/sbin# ll slappasswd lrwxrwxrwx 1 root root 12 2005-04-20 22:05 slappasswd -> ../lib/slapd tom.3 /usr/sbin# ll ../lib/slapd ls: ../lib/slapd: No such file or directory On the other box, the LDAP server Jerry, both ldap-utils and the server slapd are installed. This box has the /usr/lib/slapd: jerry.0 /usr/sbin# ll slappasswd lrwxrwxrwx 1 root root 12 2005-04-13 16:45 slappasswd -> ../lib/slapd jerry.0 /usr/sbin# ll ../lib/slapd -rwxr-xr-x 1 root root 626584 2005-04-01 18:59 ../lib/slapd Seems /usr/lib/slapd (when present) detects with which name it was called, and changes behaviour accordingly... :S These packages are installed: tom.3 ~# dpkg -l | egrep "(ldap|slap)" ii ldap-utils 2.2.23-1 OpenLDAP utilities ii libldap-2.2-7 2.2.23-1 OpenLDAP libraries ii libldap2 2.1.30-3 OpenLDAP libraries ii libldap2-dev 2.1.30-3 OpenLDAP development libraries ii php4-ldap 4.3.10-10 LDAP module for php4 jerry.0 ~# dpkg -l | egrep "(ldap|slap)" ii ldap-utils 2.2.23-1 OpenLDAP utilities ii libldap-2.2-7 2.2.23-1 OpenLDAP libraries ii libldap2 2.1.30-3 OpenLDAP libraries ii libnss-ldap220-1 NSS module for using LDAP as a naming servic ii postfix-ldap 2.1.5-9LDAP map support for Postfix ii pure-ftpd-ldap 1.0.19-4 Pure-FTPd FTP server with LDAP user authenti ii slapd 2.2.23-1 OpenLDAP server (slapd) BTW: /usr/lib/slapd is not listed in a search for slapd in the Debian packages... http://packages.debian.org/cgi-bin/search_contents.pl?word=slapd&searchmode=searchfiles&case=insensitive&version=testing&arch=i386 Seems only the symlinks are included in the results? Why? So... I think ldap-utils lacks some dependency on a package containing the /usr/lib/slapd. According to the `dpkg -l` /usr/lib/slapd only exists in package slapd. I don't want to run slapd on the webserver, but I want slappasswd to generate encryptes passwords there... I will now temporarily fix this by manually copying /usr/lib/slapd from Jerry to Tom. Greetings, Hans van Kranenburg -- Technische Hogeschool Rijswijk Lange Kleiweg 80 2288 GK Rijswijk The Netherlands T 070-3401876 E [EMAIL PROTECTED] --- Received: (at 304339-close) by bugs.debian.org; 20 Apr 2005 23:54:18 + >From [EMAIL PROTECTED] Wed Apr 20 16:54:18 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.
Bug#305595: "doodle -b $HOME" exits on permission denied
Package: doodle Version: 0.6.2-2 Severity: grave Justification: renders package unusable I've been doing what the manual of doodle says to do and here is what I get: $ doodle -b $HOME Error creating database '/var/lib/doodle/doodle.db' at tree.c:1783: Permission denied The directory /var/lib/doodle is unreadable either. The package "doodled" is also installed. Thanks. -- System Information: Debian Release: 3.1  APT prefers testing  APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.7 Locale: LANG=C, LC_CTYPE=C Versions of packages doodle depends on: ii adduser  3.63  Add and remove users and groups ii libdoodle1   0.6.2-2   desktop search engine (library) -- no debconf information
Bug#305596: gbib: Do not upload to Sid packages compiled with gcc 4.0
Package: gbib Version: 0.1.2-3 Severity: grave Tags: sid * gbib depends on libgcc1 (>= 1:4.0) [UNAVAILABLE] Please use a clean sid chroot to build packages if you must use experimental packages in your development machine... -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11.7-debian2+libata6dev1+bluesmoke Locale: LANG=pt_BR.ISO-8859-1, LC_CTYPE=pt_BR.ISO-8859-1 (charmap=ISO-8859-1) Versions of packages gbib depends on: ii gdk-imlib1 1.9.14-16.2 imaging library for use with gtk ( ii libart2 1.4.2-19The GNOME canvas widget - runtime ii libaudiofile00.2.6-6 Open-source version of SGI's audio ii libc62.3.2.ds1-21GNU C Library: Shared libraries an ii libdb3 3.2.9-22Berkeley v3 Database Libraries [ru ii libesd-alsa0 [libesd 0.2.35-2Enlightened Sound Daemon (ALSA) - ii libgcc1 1:3.4.3-12 GCC support library ii libglib1.2 1.2.10-9The GLib library of C routines ii libgnome32 1.4.2-19The GNOME libraries ii libgnomesupport0 1.4.2-19The GNOME libraries (Support libra ii libgnomeui32 1.4.2-19The GNOME libraries (User Interfac ii libgtk1.21.2.10-17 The GIMP Toolkit set of widgets fo ii libice6 4.3.0.dfsg.1-12.0.1 Inter-Client Exchange library ii libsm6 4.3.0.dfsg.1-12.0.1 X Window System Session Management ii libstdc++5 1:3.3.5-12 The GNU Standard C++ Library v3 ii libx11-6 4.3.0.dfsg.1-12.0.1 X Window System protocol client li ii libxext6 4.3.0.dfsg.1-12.0.1 X Window System miscellaneous exte ii libxi6 4.3.0.dfsg.1-12.0.1 X Window System Input extension li ii xlibs4.3.0.dfsg.1-12 X Keyboard Extension (XKB) configu -- no debconf information -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304339: marked as done (ldap-utils: Adding users via smbldap-useradd (or other means) fails)
Your message dated Wed, 20 Apr 2005 19:47:31 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#304339: fixed in openldap2.2 2.2.23-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 12 Apr 2005 14:02:31 + >From [EMAIL PROTECTED] Tue Apr 12 07:02:31 2005 Return-path: <[EMAIL PROTECTED]> Received: from sargon.lncsa.com [81.80.199.233] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DLLyJ-0002dF-00; Tue, 12 Apr 2005 07:02:31 -0700 Received: from localhost (localhost [127.0.0.1]) by sargon.lncsa.com (Postfix) with ESMTP id 648093DD3C6; Tue, 12 Apr 2005 16:01:58 +0200 (CEST) Received: from sargon.lncsa.com ([127.0.0.1]) by localhost (sargon [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01821-04; Tue, 12 Apr 2005 16:01:58 +0200 (CEST) Received: from naxos (naxos.lncsa.com [192.168.0.3]) by sargon.lncsa.com (Postfix) with ESMTP id 42A7F65E6F; Tue, 12 Apr 2005 16:01:58 +0200 (CEST) Received: by naxos (Postfix, from userid 1053) id 6E7A425CA19; Tue, 12 Apr 2005 16:01:54 +0200 (CEST) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Laurent CARON <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: ldap-utils: Adding users via smbldap-useradd (or other means) fails X-Mailer: reportbug 3.9 Date: Tue, 12 Apr 2005 16:01:54 +0200 Message-Id: <[EMAIL PROTECTED]> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at lncsa.com Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: ldap-utils Version: 2.2.23-1 Severity: grave Justification: renders package unusable I installed ldap-utils on 8th April, and everything seemed fine until I tried to add a new user on my system. It complained about missing slappasswd (/usr/sbin/slappasswd -> ../lib/slapd). On another system, this file seems ok. Is it really a package related bug? A postinst bug? A. bug? -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.10-poweredge-64gb-20041227 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of packages ldap-utils depends on: ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libldap-2.2-7 2.2.23-1 OpenLDAP libraries ii libsasl22.1.19-1.5 Authentication abstraction library ii libssl0.9.7 0.9.7e-3 SSL shared libraries -- no debconf information --- Received: (at 304339-close) by bugs.debian.org; 20 Apr 2005 23:54:18 + >From [EMAIL PROTECTED] Wed Apr 20 16:54:18 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOP1O-fh-00; Wed, 20 Apr 2005 16:54:18 -0700 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1DOOup-0006Q5-00; Wed, 20 Apr 2005 19:47:31 -0400 From: Torsten Landschoff <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#304339: fixed in openldap2.2 2.2.23-3 Message-Id: <[EMAIL PROTECTED]> Sender: Archive Administrator <[EMAIL PROTECTED]> Date: Wed, 20 Apr 2005 19:47:31 -0400 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: X-CrossAssassin-Score: 3 Source: openldap2.2 Source-Version: 2.2.23-3 We believe that the bug you reported is fixed in the latest version of openldap2.2, which is due to be installed in the Debian FTP archive: ldap-utils_2.2.23-3_i386.deb to pool/main/o/openldap2.2/ldap-utils_2.2.23-3_i386.deb libldap-2.2-7_2.2.23-3_i386.deb to pool/main/o/openldap2.2/libldap-2.2-7_2.2.23-3_i386.deb openldap2.2_2.2.23-3.diff.gz to pool/main/o/openldap2.2/openldap2.2_2.2.23-3.diff.gz openldap2.2_2.2.23-3.dsc to pool/main/o/openldap2.2/openldap2.2_2.2.23-3.ds
Bug#304840: marked as done (slapd: Fails on upgrade at restoring the backup)
Your message dated Wed, 20 Apr 2005 19:47:31 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#304840: fixed in openldap2.2 2.2.23-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 15 Apr 2005 21:02:57 + >From [EMAIL PROTECTED] Fri Apr 15 14:02:57 2005 Return-path: <[EMAIL PROTECTED]> Received: from mail.dnsteam.de (svr14.dnsteam.de) [62.96.92.5] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DMXxo-0005vW-00; Fri, 15 Apr 2005 14:02:57 -0700 Received: from spinnacker.mholti.homelinux.net (pD9E19BA3.dip0.t-ipconnect.de [217.225.155.163]) (authenticated bits=0) by svr14.dnsteam.de (8.12.10/8.12.10/SuSE Linux 0.7) with ESMTP id j3FL2eAU018438 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 23:02:52 +0200 From: Michael Holtermann <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: slapd: Fails on upgrade at restoring the backup Date: Fri, 15 Apr 2005 23:02:18 +0200 User-Agent: KMail/1.7.2 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <[EMAIL PROTECTED]> X-Virus-Scanned: by amavisd-new Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.5 required=4.0 tests=BAYES_00,HAS_PACKAGE, HTML_MESSAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: slapd Version: 2.2.23-2 Severity: grave Justification: causes non-serious data loss On today's apt-get upgrade slapd fails and left with an empty directory. The Directory was backed up by dpkg to /var/backups/$BASE_DN-2.2.23-1.ldapdb. But dpkg fails to move it back to /var/lib/ldap: Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.2.23-1... done. Enabling LDAPv2 support... already enabled. Moving old database directories to /var/backups: Loading from /var/backups/slapd-2.2.23-1: - directory dc=mholti,dc=homelinux,dc=net... /var/lib/dpkg/info/slapd.postinst: line 103: /var/backups/slapd-2.2.23-1/dc=mholti,dc=homelinux,dc=net.ldif: No such file or directory /var/lib/dpkg/info/slapd.postinst: line 106: [: : integer expression expected failed. Loading the database from the LDIF dump failed with the following error while running slapadd: /var/backups/slapd-2.2.23-1/dc=mholti,dc=homelinux,dc=net.ldif: No such file or directory In the backup-dir there are some bdb-files. I've copied them back to /var/lib/ldap. 'til now slapd is up and running again. Greetings, Michael. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11.7-micha Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages slapd depends on: ii coreutils [fileutils] 5.2.1-2 The GNU core utilities ii debconf 1.4.48 Debian configuration management sy ii fileutils 5.2.1-2 The GNU file management utilities ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libdb4.14.1.25-18Berkeley v4.1 Database Libraries [ pn libgcrypt1 Not found. pn libgnutls7 Not found. ii libiodbc2 3.52.2-3 iODBC Driver Manager ii libldap22.1.30-3 OpenLDAP libraries ii libltdl31.5.6-6 A system independent dlopen wrappe ii libsasl22.1.19-1.5 Authentication abstraction library ii libslp1 1.0.11a-2OpenSLP libraries pn libtasn1-0 Not found. ii libwrap07.6.dbs-8Wietse Venema's TCP wrappers libra ii perl [libmime-base64-perl] 5.8.4-8 Larry Wall's Practical Extraction ii psmisc 21.6-1 Utilities that use the proc filesy ii zlib1g 1:1.2.2-4compression library - runtime --- Received: (at 304840-close) by bugs.debian.org; 20 Apr 2005 23:56:46 + >From [EMAIL PROTECTED] Wed Apr 20 16:56:46 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org wit
Bug#304738: marked as done (slapd: upgrade from 2.2.23-1 to 2.2.23-2 fails in postinst)
Your message dated Wed, 20 Apr 2005 19:47:31 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#304840: fixed in openldap2.2 2.2.23-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 15 Apr 2005 03:26:02 + >From [EMAIL PROTECTED] Thu Apr 14 20:26:02 2005 Return-path: <[EMAIL PROTECTED]> Received: from mail.tbdnetworks.com (stargazer.tbdnetworks.com) [63.209.25.99] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DMHT0-0006k4-00; Thu, 14 Apr 2005 20:26:02 -0700 Received: from defiant.tbdnetworks.com ([192.168.4.126] helo=defiant ident=postfix) by stargazer.tbdnetworks.com with esmtp (Exim 4.50) id 1DMHSJ-0006RI-0G; Thu, 14 Apr 2005 20:25:19 -0700 Received: by defiant (Postfix, from userid 511) id 3168F139B0; Thu, 14 Apr 2005 20:25:17 -0700 (PDT) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Norbert Kiesel <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: slapd: upgrade from 2.2.23-1 to 2.2.23-2 fails in postinst X-Mailer: reportbug 3.9 Date: Thu, 14 Apr 2005 20:25:17 -0700 Message-Id: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: slapd Version: 2.2.23-2 Severity: important Hi, I get the following during upgrade Setting up slapd (2.2.23-2) ... Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.2.23-1... done. Moving old database directories to /var/backups: - directory dc=tbdnetworks,dc=com... done. Loading from /var/backups/slapd-2.2.23-1: - directory dc=tbdnetworks,dc=com... /var/lib/dpkg/info/slapd.postinst: line 103: /var/backups/slapd-2.2.23-1/dc=tbdnetworks,dc=com.ldif: No such file or directory /var/lib/dpkg/info/slapd.postinst: line 106: [: : integer expression expected failed. Loading the database from the LDIF dump failed with the following error while running slapadd: /var/backups/slapd-2.2.23-1/dc=tbdnetworks,dc=com.ldif: No such file or directory dpkg: error processing slapd (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: slapd E: Sub-process /usr/bin/dpkg returned an error code (1) Looking into /var/backups, I see /var/backups/dc=tbdnetworks,dc=com-2.2.23-1.ldapdb/ |-- DB_CONFIG |-- __db.001 |-- __db.002 |-- __db.003 |-- __db.004 |-- __db.005 |-- dn2id.bdb |-- id2entry.bdb |-- log.01 `-- objectClass.bdb /var/backups/slapd-2.2.23-1/ `-- slapd.conf The upgrade from 2.1.30 to 2.2.23-1 failed in a similar way, but I thought I might have done something wrong so I did not report that. Best, Norbert -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.11.6 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages slapd depends on: ii coreutils [fileutils] 5.2.1-2 The GNU core utilities ii debconf 1.4.48 Debian configuration management sy ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libdb4.24.2.52-18Berkeley v4.2 Database Libraries [ ii libiodbc2 3.52.2-3 iODBC Driver Manager ii libldap-2.2-7 2.2.23-2 OpenLDAP libraries ii libltdl31.6-0+1.5a-4 A system independent dlopen wrappe ii libperl5.8 5.8.4-8 Shared Perl library ii libsasl22.1.19-1.5 Authentication abstraction library ii libslp1 1.0.11a-2OpenSLP libraries ii libssl0.9.7 0.9.7e-3 SSL shared libraries ii libwrap07.6.dbs-8Wietse Venema's TCP wrappers libra ii perl [libmime-base64-perl] 5.8.4-8 Larry Wall's Practical Extraction ii psmisc 21.6-1 Utilities that use the proc filesy -- debconf information: slapd/fix_directory: true * shared/organization: TBD Networks slapd/upgrade_slapcat_failure: slapd/backend: BDB * slapd/allow_ldap_v2: false slapd/no_configuration: false slapd/move_old_database: true slap
Bug#305588: marked as done (kbd: bashism (echo -e) in unicode_start/stop)
Your message dated Wed, 20 Apr 2005 19:32:04 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#305588: fixed in kbd 1.12-11 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 20 Apr 2005 22:01:03 + >From [EMAIL PROTECTED] Wed Apr 20 15:01:03 2005 Return-path: <[EMAIL PROTECTED]> Received: from ms-2.rz.rwth-aachen.de (ms-dienst.rz.rwth-aachen.de) [134.130.3.131] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DONFn-0004xz-00; Wed, 20 Apr 2005 15:01:03 -0700 Received: from r220-1 (r220-1.rz.RWTH-Aachen.DE [134.130.3.31]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <[EMAIL PROTECTED]> for [EMAIL PROTECTED]; Thu, 21 Apr 2005 00:01:02 +0200 (MEST) Received: from relay.rwth-aachen.de ([134.130.3.1]) by r220-1 (MailMonitor for SMTP v1.2.2 ) ; Thu, 21 Apr 2005 00:01:01 +0200 (MEST) Received: from dustpuppy.kawo2.rwth-aachen.de (dustpuppy.kawo2.RWTH-Aachen.DE [134.130.180.5]) by relay.rwth-aachen.de (8.13.3/8.13.3/1) with ESMTP id j3KM10AX024348 for <[EMAIL PROTECTED]>; Thu, 21 Apr 2005 00:01:00 +0200 (MEST) Received: from localhost (localhost [127.0.0.1]) by dustpuppy.kawo2.rwth-aachen.de (Postfix) with ESMTP id 78C7A1FC0AA for <[EMAIL PROTECTED]>; Thu, 21 Apr 2005 00:01:00 +0200 (CEST) Received: from [127.0.0.1] (fera.kawo2.rwth-aachen.de [134.130.183.83]) by dustpuppy.kawo2.rwth-aachen.de (Postfix) with ESMTP id 252391FC0AA; Thu, 21 Apr 2005 00:01:00 +0200 (CEST) Date: Thu, 21 Apr 2005 00:01:00 +0200 From: Jan Braun <[EMAIL PROTECTED]> Subject: kbd: bashism (echo -e) in unicode_start/stop To: Debian Bug Tracking System <[EMAIL PROTECTED]> Message-id: <[EMAIL PROTECTED]> MIME-version: 1.0 X-Mailer: reportbug 3.8 Content-type: multipart/mixed; boundary="Boundary_(ID_jjnsppAr9dPOyVu2NgGFMA)" X-AntiVirus: checked by AntiVir MailGate (version: 2.0.1.16; AVE: 6.28.0.19; VDF: 6.28.0.108; host: dustpuppy.kawo2.rwth-aachen.de) Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: This is a multi-part MIME message sent by reportbug. --Boundary_(ID_jjnsppAr9dPOyVu2NgGFMA) MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline Package: kbd Version: 1.12-10 Severity: serious Tags: patch Justification: Policy 10.4 Hi, the unicode_start and unicode_stop scripts in kbd use echo -e with backslash escape sequences. This is not posix-compatible and breaks (by outputting a spurious "-e ") when /bin/sh is dash. The simple fix is to use printf. regards, Jan -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages kbd depends on: ii console-common 0.7.49 Basic infrastructure for text cons ii debconf 1.4.30.13Debian configuration management sy ii dpkg1.10.27 Package maintenance system for Deb ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii sysvinit2.86.ds1-1 System-V like init -- no debconf information --Boundary_(ID_jjnsppAr9dPOyVu2NgGFMA) MIME-version: 1.0 Content-type: text/plain; charset=us-ascii; NAME=kbd.patch Content-transfer-encoding: 7BIT Content-disposition: attachment; filename=kbd.patch diff /usr/bin/unicode_start ./unicode_start 41c41 < echo -n -e '\033%G' --- > printf '\033%%G' diff /usr/bin/unicode_stop ./unicode_stop 18c18 < echo -n -e '\033%@' --- > printf '\033%%@' --Boundary_(ID_jjnsppAr9dPOyVu2NgGFMA)-- --- Received: (at 305588-close) by bugs.debian.org; 20 Apr 2005 23:44:04 + >From [EMAIL PROTECTED] Wed Apr 20 16:44:04 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOOrU-0007jy-00; Wed, 20 Apr 2005 16:44:04 -0700 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1DOOfs-000624-00; Wed, 20 Apr 2005 19:32:04 -0400 From: Denis B
Bug#305574: heimdal: Telnet vulnerabilities (CAN-2005-0469)
Patch attached, based on FreeBSD one.
Bye,
Gerardo
--- heimdal-0.6.3/appl/telnet/telnet/telnet.c.orig 2002-05-03
12:19:43.0 +0200
+++ heimdal-0.6.3/appl/telnet/telnet/telnet.c 2005-04-21 01:07:40.854403312
+0200
@@ -1294,6 +1294,7 @@
unsigned char slc_reply[128];
+unsigned char const * const slc_reply_eom = &slc_reply[sizeof(slc_reply)];
unsigned char *slc_replyp;
void
@@ -1309,6 +1310,14 @@
void
slc_add_reply(unsigned char func, unsigned char flags, cc_t value)
{
+ /* A sequence of up to 6 bytes my be written for this member of the SLC
+* suboption list by this function. The end of negotiation command,
+* which is written by slc_end_reply(), will require 2 additional
+* bytes. Do not proceed unless there is sufficient space for these
+* items.
+*/
+ if (&slc_replyp[6+2] > slc_reply_eom)
+ return;
if ((*slc_replyp++ = func) == IAC)
*slc_replyp++ = IAC;
if ((*slc_replyp++ = flags) == IAC)
@@ -1322,6 +1331,9 @@
{
int len;
+/* The end of negotiation command requires 2 bytes. */
+if (&slc_replyp[2] > slc_reply_eom)
+return;
*slc_replyp++ = IAC;
*slc_replyp++ = SE;
len = slc_replyp - slc_reply;
@@ -1415,8 +1427,8 @@
}
}
-#defineOPT_REPLY_SIZE 256
-unsigned char *opt_reply;
+#defineOPT_REPLY_SIZE (2 * SUBBUFSIZE)
+unsigned char *opt_reply = NULL;
unsigned char *opt_replyp;
unsigned char *opt_replyend;
@@ -1475,9 +1487,9 @@
return;
}
vp = env_getvalue(ep);
- if (opt_replyp + (vp ? strlen((char *)vp) : 0) +
- strlen((char *)ep) + 6 > opt_replyend)
- {
+if (opt_replyp + (vp ? 2 * strlen((char *)vp) : 0) +
+2 * strlen((char *)ep) + 6 > opt_replyend)
+{
int len;
void *tmp;
opt_replyend += OPT_REPLY_SIZE;
@@ -1503,6 +1515,8 @@
*opt_replyp++ = ENV_USERVAR;
for (;;) {
while ((c = *ep++)) {
+ if (opt_replyp + (2 + 2) > opt_replyend)
+ return;
switch(c&0xff) {
case IAC:
*opt_replyp++ = IAC;
@@ -1517,6 +1531,8 @@
*opt_replyp++ = c;
}
if ((ep = vp)) {
+ if (opt_replyp + (1 + 2 + 2) > opt_replyend)
+ return;
#ifdef OLD_ENVIRON
if (telopt_environ == TELOPT_OLD_ENVIRON)
*opt_replyp++ = old_env_value;
@@ -1547,7 +1563,9 @@
{
int len;
- len = opt_replyp - opt_reply + 2;
+ if (opt_replyp + 2 > opt_replyend)
+ return;
+ len = opt_replyp + 2 - opt_reply;
if (emptyok || len > 6) {
*opt_replyp++ = IAC;
*opt_replyp++ = SE;
Bug#305566: digikam: hangs when trying to display larger albums
On Wednesday 20 April 2005 23:32, Markus Schatzl wrote: > Hi Achim, > > > What is huge? How many pictures? Total size of pictures? > > Not that much, actually. About 10 pictures at ~1MB suffice to trigger > the issue. Hmm, only 10 thumbnails only? All my albums have more (all < 150). No problem here. > But meanwhile (sorry for not checking this before) I found out that > not the filesize raises the problem, it seems to be the displaying of > them, i.e. the thumbnails. BTW, it's typical that some of the > thumbnail-placeholders to remain empty before digikam starts to eat up > all CPU-time. This sounds more like a 'broken' image triggering digikams memory consumption to go out of bounds. Is it always the '8th' pic that triggers it of only one of the 10 pictues? > I exchanged the pictures from the said 10/1MB album with 10 4K gifs > and got the freeze again. When I deleted 2 of them and started digikam > again, everything was ok. > > Changing the thumbnail display size made it possible to scroll down a > bit where otherwise the mere show()ing of the first few images > triggered the bug. What happens when you looks at the folder with other tools like gwenview, showimg, konqueror? What other pkgs did you install together with and after the digikam 0.7.2 upgrade (ls -ltr | tail -50)? Can you tar the album with the 10/4k gifs and attach it to the bug report? Achim P.S. I've build a 0.7.3-beta1 deb with the patch applied but now digikam and kio_thumbnails use each 50% CPU on the first thumbnail creation of an little AVI movie :(:( > > > If you used a digikam version before that did not show the problem, > > which version? > > I set up that box completely anew about 2 months ago. The version that > ran on UNSTABLE on the old disk worked fine. Since 0.7.2 went to > unstable not before Feb 16 it must have been 0.7-x or 0.7.1. So it was 0.7.0. But I doubt that the digikam upgrade triggered the problem. What other pkgs did you install together with and after the digikam 0.7.2 upgrade (ls -ltr | tail -50)? Can you tar the album with the 10/4k gifs and attach it to the bug report? > > If you need more infos, don't hesitate to ask. I did not ;) Achim P.S. I've build a 0.7.3-beta1 deb with the patch applied but now digikam and kio_thumbnails use each 50% CPU on the first thumbnail creation of an little AVI movie :( > > > Thanks in advance, > /Markus > > -- > A: No. > Q: Should I include quotations after my reply? > > -- To me vi is Zen. To use vi is to practice zen. Every command is a koan. Profound to the user, unintelligible to the uninitiated. You discover truth everytime you use it. -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305570: slappasswd -> ../lib/slapd , but /usr/lib/slapd missing
Hi Hans, On Wed, Apr 20, 2005 at 10:52:34PM +0200, Hans van Kranenburg wrote: > Seems /usr/lib/slapd (when present) detects with which name it was > called, and changes behaviour accordingly... :S Yes, that's right :( Upstream merged slappasswd into slapd for some reason. > So... I think ldap-utils lacks some dependency on a package containing > the /usr/lib/slapd. According to the `dpkg -l` /usr/lib/slapd only > exists in package slapd. I don't want to run slapd on the webserver, but > I want slappasswd to generate encryptes passwords there... Problem is that slappasswd currently /is/ slapd. You can still install it without actually running the slapd server. Anyway, the symbolic link in ldap-utils will vanish :( > I will now temporarily fix this by manually copying /usr/lib/slapd from > Jerry to Tom. Seems like there is no other way with the current upstream implementation :( Greetings Torsten signature.asc Description: Digital signature
Bug#273871: libsilc package policy violations (bug #273871)
Steve Langasek wrote: 4) the package itself is not the right name 4) is an approximation, but not actually a correct description (it's the same incorrect approximation used by Policy itself). The problem is that the package name is not being changed when the library soname changes, which means that silc's shlibs are completely useless for preventing breakage of packages depending on it. OK. This is not a theoretical; I recall that when this bug was being discussed on IRC a week or so ago, there were cases of actual packages whose dependencies were satisfied but required a previous silc soname and were therefore completely broken. OK. That's interesting. I wonder if the problem in this case is with the upstream sources. There is no reason to require any *particular* package name for a library, except that it should be unique; basing it on the soname is the best way to ensure that it's unique in a future-proofed manner. The following command gives the policy-recommended package name for any library: OK, thanks for the further enlightenment. I'm afraid I'm still being dense however. If I may, here are some other SONAME files from some other libraries in sid. objdump -p /usr/lib/libsilc-1.0.so.2.1.0 |grep SONAME SONAME libsilc-1.0.so.2 objdump -p /usr/lib/libgnomeui-2.so.0.800.1 |grep SONAME SONAME libgnomeui-2.so.0 objdump -p /usr/lib/libgnomeprint-2-2.so.0.1.0 |grep SONAME SONAME libgnomeprint-2-2.so.0 objdump -p /usr/lib/libgnomecups-1.0.so.1.0.0 |grep SONAME SONAME libgnomecups-1.0.so.1 To finally get understand this problem correctly then, is it that the libsilc-1.0.so.2.1.0 library was the SAME name as a previous version with an identical but incompatable SONAME? So, the problem with this package is that the debian/rules file does not correctly increment the SONAME for incompatable library releases? So, the SONAME in this latest release of the libsilc package should have been something like "libsilc-1.0.so.2.1" or "libsilc-1.0.so.3" instead of "libsilc-1.0.so.2" so that other packages could correctly list the right version as a dependancy? I looked around in debian/* for this package trying to figure out how it might be fixed. Now it seems to me that the problem is more how the last few versions have been packaged & versioned, not that this particular version is packaged incorrectly or needs to be changed. So what really needs to happen is future versions need to change the versions in a correct fashion if they are not binary compatible? Thanks for your explianation on this; as it's not clear to me. I'd like to know the correct method of doing things here. Does it sound like I almost understand it right now? Jeff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: your mail
Processing commands for [EMAIL PROTECTED]: > tags 302341 + upstream fixed-upstream pending Bug#302341: egroupware-calendar: sql error in matrix-view Tags were: upstream unreproducible Tags added: upstream, fixed-upstream, pending > tags 304496 + upstream fixed-upstream pending Bug#304496: egroupware-email: Inproper attachment handling of canceled emails may disclose personal information Tags were: security Tags added: upstream, fixed-upstream, pending > tags 305576 + upstream fixed-upstream pending Bug#305576: Multiple security issues in egroupware Tags were: security Tags added: upstream, fixed-upstream, pending > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305413: libfreetype6: Many packages which use freetype now segfault
Dennis told me in private that the problem was with a particular font file and removing that made things work again. I hav a copy of the file (it is probably not distributable and anyway, it is 17 megabytes compressed, so sending it to the BTS is not a good idea) and will see tomorrow whether this is the same problem as #302269 (currently assigned to fontconfig). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305588: kbd: bashism (echo -e) in unicode_start/stop
Package: kbd Version: 1.12-10 Severity: serious Tags: patch Justification: Policy 10.4 Hi, the unicode_start and unicode_stop scripts in kbd use echo -e with backslash escape sequences. This is not posix-compatible and breaks (by outputting a spurious "-e ") when /bin/sh is dash. The simple fix is to use printf. regards, Jan -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages kbd depends on: ii console-common 0.7.49 Basic infrastructure for text cons ii debconf 1.4.30.13Debian configuration management sy ii dpkg1.10.27 Package maintenance system for Deb ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii sysvinit2.86.ds1-1 System-V like init -- no debconf information diff /usr/bin/unicode_start ./unicode_start 41c41 < echo -n -e '\033%G' --- > printf '\033%%G' diff /usr/bin/unicode_stop ./unicode_stop 18c18 < echo -n -e '\033%@' --- > printf '\033%%@'
Processed: tagging 305572
Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.8.10 > tags 305572 sid Bug#305572: swingwt: FTBFS: Package libswt-gtk3-java has no installation candidate There were no tags set. Tags added: sid > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: merging 304339 305570
Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.8.10 > merge 304339 305570 Bug#304339: ldap-utils: Adding users via smbldap-useradd (or other means) fails Bug#305570: slappasswd -> ../lib/slapd , but /usr/lib/slapd missing Merged 304339 305570. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#273871: libsilc package policy violations (bug #273871)
On Wed, Apr 20, 2005 at 01:40:14PM -0700, Jeff Carr wrote: > Robert McQueen wrote: > >Tamas SZERB wrote: > >>once upon a time, I closed this bug. then the submitter reopened it, > >>so currently I don't give it a f*ck. Our opinion are different, so if > >>you feel any ambition to get the both sides together, feel free to > >>volunteer. :) > >This package's violation of Debian policy on the packaging of shared > >library packages is a fact, not an opinion. You have given no sound > >reasons why this package is not correctly versioned, or given any > >indication that you understand the issues at hand, such as how it is > >expected to retain compatibility with existing packages when the API or > >ABI undergoes changes (indeed, as it has just done upstream). > Could you help explain to me more clearly what the problem is with this > package against debian 8.1 guidelines? After reading the bug report at > bugs.debian.org It's still not clear to me how the package should be > changed. It seems quite subtle. I tried comparing it to some of the > libgnome* packages to see if I could determine what was correct, but it > still wasn't clear to me. > Which one is a correct description of the problem? > 1) the libsilc package should not contain /usr/lib/libsilc.so at all > 2) the /usr/lib/libsilc* symlinks are not correct > (wrong names or missing needed names) > 3) /usr/lib/libsilcclient-1.0.so.2.1.0 is not the right name > 4) the package itself is not the right name 4) is an approximation, but not actually a correct description (it's the same incorrect approximation used by Policy itself). The problem is that the package name is not being changed when the library soname changes, which means that silc's shlibs are completely useless for preventing breakage of packages depending on it. This is not a theoretical; I recall that when this bug was being discussed on IRC a week or so ago, there were cases of actual packages whose dependencies were satisfied but required a previous silc soname and were therefore completely broken. There is no reason to require any *particular* package name for a library, except that it should be unique; basing it on the soname is the best way to ensure that it's unique in a future-proofed manner. The following command gives the policy-recommended package name for any library: $ objdump -p /tmp/silc/usr/lib/libsilc-1.0.so.2 \ | sed -n -e's/^[[:space:]]*SONAME[[:space:]]*//p' \ | sed -e's/\([0-9]\)\.so\./\1-/; s/\.so\.//' libsilc-1.0-2 $ -- Steve Langasek postmodern programmer signature.asc Description: Digital signature
Bug#305574: heimdal: Telnet vulnerabilities (CAN-2005-0469)
Package: heimdal Severity: grave Tags: security Justification: user security hole Heimdal is vulnerable to CAN-2005-0469, the slc_add_reply buffer overflow reported for multiple telnet clients. Heimdal 0.6.4 fixes this issue. Cheers, Moritz -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305576: Multiple security issues in egroupware
Package: egroupware Severity: grave Tags: security Justification: user security hole Multiple security issues have been reported for egroupware that have been adressed in the new 1.0.0.007 release. See this advisory for full details: Cheers, Moritz From: GulfTech Security Research <[EMAIL PROTECTED]> Subject: Multiple eGroupware Vulnerabilities Date: Tue, 19 Apr 2005 21:55:05 -0500 ## # GulfTech Security Research April 20th, 2005 ## # Vendor : eGroupware # URL : http://www.egroupware.org/ # Version : Versions Prior To 1.0.0.007 # Risk: Multiple Vulnerabilities ## Description: eGroupware is a very popular open source web based collaboration software that can be used within an intranet, or externally via the internet to build a community and/or help coordinate large projects. eGroupware also comes pre packaged in some linux distributions. GulfTech Security Research has found a few high risk SQL Injection vulnerabilities as well as Cross Site Scripting vulnerabilities. A new version of eGroupware is now available and all eGroupware users should upgrade immediately. Not only does the new eGroupware release address these security issues, but it also includes a number of important bugfixes! Cross Site Scripting: Cross site scripting exists in eGroupware. This vulnerability exists due to user supplied input not being checked properly. Below are examples that can be used for reference. http://egroupware/index.php?menuaction=addressbook.uiaddressbook.edit&ab_id= 11[XSS] http://egroupware/index.php?menuaction=manual.uimanual.view&page=ManualAddre ssbook[XSS] http://egroupware/index.php?menuaction=forum.uiforum.post&type=new[XSS] http://egroupware/wiki/index.php?page=RecentChanges[XSS] http://egroupware/wiki/index.php?action=history&page=WikkiTikkiTavi&lang=en[ XSS] http://egroupware/index.php?menuaction=wiki.uiwiki.edit&page=setup[XSS] http://egroupware/sitemgr/sitemgr-site/?category_id=4[XSS] This vulnerability could be used to steal cookie based authentication credentials within the scope of the current domain, or render hostile code in a victim's browser. SQL Injection: There are a number of SQL Injection vulnerabilities in eGroupware. These issues can be used by an attacker to retrieve sensitive information from the underlying database and aid in further attacks. Examples below http://egroupware/tts/index.php?filter=u99[SQL] http://egroupware/tts/index.php?filter=c99[SQL] http://egroupware/index.php?menuaction=preferences.uicategories.index&cats_a pp=foobar[SQL] We will not be releasing any exploited code as requested by the developers but these issues are not hard to exploit and all users should upgrade immediately. Solution: eGroupware 1.0.0.007 has been released to address these issues, and users can finfd the updated packages at the following location. http://sourceforge.net/project/showfiles.php?group_id=78745 Special thanks to Mr Ralf Becker and the rest of the eGroupware team for addressing these issues fairly quickly despite the recent constitution and admin elections etc. Related Info: The original advisory can be found at the following location http://www.gulftech.org/?node=research&article_id=00069-04202005 Credits: James Bercegay of the GulfTech Security Research Team -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305566: digikam: hangs when trying to display larger albums
Hi Markus, looks like it's a known Problem: http://sourceforge.net/mailarchive/message.php?msg_id=11492713 ... One of the problems with current digikam is that the thumbnail pixmaps are kept in memory for all the items in the current view. usually users have <300 files per folder, so thats not a big problem. but with tags (and espcially with recursive subtags), you can easily have >1000 pictures in one view. if this number grows too large, you can easily run out of memory. i have been trying to come up with a clean design to handle this problem and here"s a preliminary patch to attempt that, which will keep the memory requirement fairly constant by putting a cap on how many thumbnails are kept in memory. the patch should apply cleanly against current cvs. ... None of the patches commited yet to cvs AFAICS. Have you time/knowledge/patience to build from cvs and try patch#3? I'm still curious how many files you have in one album ;) Achim -- To me vi is Zen. To use vi is to practice zen. Every command is a koan. Profound to the user, unintelligible to the uninitiated. You discover truth everytime you use it. -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305546: marked as done (prolog-el: FTBFS: Missing Build-Depends on 'dpatch')
Your message dated Wed, 20 Apr 2005 17:02:12 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#305546: fixed in prolog-el 1.3-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 20 Apr 2005 17:39:18 + >From [EMAIL PROTECTED] Wed Apr 20 10:39:18 2005 Return-path: <[EMAIL PROTECTED]> Received: from d007144.adsl.hansenet.de (localhost.localdomain) [80.171.7.144] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOJAU-0003mu-00; Wed, 20 Apr 2005 10:39:18 -0700 Received: from aj by localhost.localdomain with local (Exim 4.50) id 1DOJAS-0008FZ-Ob; Wed, 20 Apr 2005 19:39:16 +0200 To: Debian Bug Tracking System <[EMAIL PROTECTED]> From: Andreas Jochens <[EMAIL PROTECTED]> Subject: prolog-el: FTBFS: Missing Build-Depends on 'dpatch' Message-Id: <[EMAIL PROTECTED]> Date: Wed, 20 Apr 2005 19:39:16 +0200 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: prolog-el Version: 1.3-2 Severity: serious Tags: patch When building 'prolog-el' in a clean 'unstable' chroot, I get the following error: #-/usr/bin/make clean dh_clean dpatch deapply-all make: dpatch: Command not found make: *** [unpatch] Error 127 Please add the missing Build-Depends on 'dpatch' to debian/control. Regards Andreas Jochens diff -urN ../tmp-orig/prolog-el-1.3/debian/control ./debian/control --- ../tmp-orig/prolog-el-1.3/debian/control2005-04-18 18:34:14.0 +0200 +++ ./debian/control2005-04-20 19:27:06.255515079 +0200 @@ -2,7 +2,7 @@ Section: interpreters Priority: optional Maintainer: Jorgen Schaefer <[EMAIL PROTECTED]> -Build-Depends: debhelper (>= 4.0.0) +Build-Depends: debhelper, dpatch Standards-Version: 3.6.1 Package: prolog-el --- Received: (at 305546-close) by bugs.debian.org; 20 Apr 2005 21:13:55 + >From [EMAIL PROTECTED] Wed Apr 20 14:13:55 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOMWB-Dl-00; Wed, 20 Apr 2005 14:13:55 -0700 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1DOMKq-0003Sc-00; Wed, 20 Apr 2005 17:02:12 -0400 From: Jorgen Schaefer <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#305546: fixed in prolog-el 1.3-3 Message-Id: <[EMAIL PROTECTED]> Sender: Archive Administrator <[EMAIL PROTECTED]> Date: Wed, 20 Apr 2005 17:02:12 -0400 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Source: prolog-el Source-Version: 1.3-3 We believe that the bug you reported is fixed in the latest version of prolog-el, which is due to be installed in the Debian FTP archive: prolog-el_1.3-3.dsc to pool/main/p/prolog-el/prolog-el_1.3-3.dsc prolog-el_1.3-3.tar.gz to pool/main/p/prolog-el/prolog-el_1.3-3.tar.gz prolog-el_1.3-3_all.deb to pool/main/p/prolog-el/prolog-el_1.3-3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jorgen Schaefer <[EMAIL PROTECTED]> (supplier of updated prolog-el package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 20 Apr 2005 22:50:28 +0200 Source: prolog-el Binary: prolog-el Architecture: source all Version: 1.3-3 Distribution: unstable Urgency: low Maintainer: Jorgen Schaefer <[EMAIL PROTECTED]> Changed-By: Jorgen Schaefer <[EMAIL PROTECTED]> Description: prolog-el - Emacs major mode for editing Prolog code Closes: 305546 Changes: prolog-el (1.3-3) unstable; urgency=low . * Added Bu
Bug#305570: slappasswd -> ../lib/slapd , but /usr/lib/slapd missing
Package: ldap-utils Version: 2.2.23-1 (Sarge) Severity: grave Hi, I use slappasswd on a box called 'Tom' to generate passwords in php which are used to update user details on a ldap server, called 'Jerry'. The php script directly contacts to the ldap server over an ssl-tunnel. Some days ago users started complaining their changed passwords didn't work anymore, so I went debugging and I found this: On the webserver only ldap-utils was installed because of slappasswd. But since the last apt-get upgrade slappasswd seems being thrown away and replaced by a symlink pointing to /usr/lib/slapd, which isn't present. tom.3 /usr/sbin# ll slappasswd lrwxrwxrwx 1 root root 12 2005-04-20 22:05 slappasswd -> ../lib/slapd tom.3 /usr/sbin# ll ../lib/slapd ls: ../lib/slapd: No such file or directory On the other box, the LDAP server Jerry, both ldap-utils and the server slapd are installed. This box has the /usr/lib/slapd: jerry.0 /usr/sbin# ll slappasswd lrwxrwxrwx 1 root root 12 2005-04-13 16:45 slappasswd -> ../lib/slapd jerry.0 /usr/sbin# ll ../lib/slapd -rwxr-xr-x 1 root root 626584 2005-04-01 18:59 ../lib/slapd Seems /usr/lib/slapd (when present) detects with which name it was called, and changes behaviour accordingly... :S These packages are installed: tom.3 ~# dpkg -l | egrep "(ldap|slap)" ii ldap-utils 2.2.23-1 OpenLDAP utilities ii libldap-2.2-7 2.2.23-1 OpenLDAP libraries ii libldap2 2.1.30-3 OpenLDAP libraries ii libldap2-dev 2.1.30-3 OpenLDAP development libraries ii php4-ldap 4.3.10-10 LDAP module for php4 jerry.0 ~# dpkg -l | egrep "(ldap|slap)" ii ldap-utils 2.2.23-1 OpenLDAP utilities ii libldap-2.2-7 2.2.23-1 OpenLDAP libraries ii libldap2 2.1.30-3 OpenLDAP libraries ii libnss-ldap220-1 NSS module for using LDAP as a naming servic ii postfix-ldap 2.1.5-9LDAP map support for Postfix ii pure-ftpd-ldap 1.0.19-4 Pure-FTPd FTP server with LDAP user authenti ii slapd 2.2.23-1 OpenLDAP server (slapd) BTW: /usr/lib/slapd is not listed in a search for slapd in the Debian packages... http://packages.debian.org/cgi-bin/search_contents.pl?word=slapd&searchmode=searchfiles&case=insensitive&version=testing&arch=i386 Seems only the symlinks are included in the results? Why? So... I think ldap-utils lacks some dependency on a package containing the /usr/lib/slapd. According to the `dpkg -l` /usr/lib/slapd only exists in package slapd. I don't want to run slapd on the webserver, but I want slappasswd to generate encryptes passwords there... I will now temporarily fix this by manually copying /usr/lib/slapd from Jerry to Tom. Greetings, Hans van Kranenburg -- Technische Hogeschool Rijswijk Lange Kleiweg 80 2288 GK Rijswijk The Netherlands T 070-3401876 E [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305572: swingwt: FTBFS: Package libswt-gtk3-java has no installation candidate
Package: swingwt Version: 0.85.1-1 Severity: serious When trying to build 'swingwt' in a clean 'unstable' chroot, I get the following error: Building swingwt unstable main amd64... Reading Package Lists... Building Dependency Tree... E: Package libswt-gtk3-java has no installation candidate E: Failed to satisfy Build-Depends dependency for swingwt: libswt-gtk3-java Package libswt-gtk3-java is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source Regards Andreas Jochens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305565: dosemu: Following installation instructions results in "..no operating system"
On Wed, Apr 20, 2005 at 09:18:34PM +0100, Matthew Vernon wrote: > > I installed dosemu as per the instructions (including downloading the > freedos tarball (whose location has changed)), and only ever get > "Sorry, there is no operating system". Needless to say, this is > somewhat frustrating and less than useful... Use the dosemu-freedos package instead of the upstream tarball... -- Ryan Underwood, <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305566: digikam: hangs when trying to display larger albums
Hi Markus, What is huge? How many pictures? Total size of pictures? If you used a digikam version before that did not show the problem, which version? Thx, Achim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#303326: file conflicts in libcgi-dev cgilib
On Wed, 2005-04-06 at 04:15 +0200, Frank Lichtenheld wrote: > Package: libcgi-dev,cgilib > Subject: libcgi-dev,cgilib: conflicting files > Severity: serious > > At least the following files are included in at least two > packages (there may be others, only the first one found is reported): > usr/lib/libcgi.a > > You may want to add conflicts to one or more of the packages or > take other actions to allow the parallel installation of the packages. > > Please clone and reassign this report as needed to properly track the issue Hi, what shall we do about this? I can add a conflict against cgilib for libcgi. I can also rename the file, but this will probably a nuisance for anybody already using it. Greetings, Oliver signature.asc Description: This is a digitally signed message part
Bug#273871: libsilc package policy violations (bug #273871)
Robert McQueen wrote: Tamas SZERB wrote: once upon a time, I closed this bug. then the submitter reopened it, so currently I don't give it a f*ck. Our opinion are different, so if you feel any ambition to get the both sides together, feel free to volunteer. :) This package's violation of Debian policy on the packaging of shared library packages is a fact, not an opinion. You have given no sound reasons why this package is not correctly versioned, or given any indication that you understand the issues at hand, such as how it is expected to retain compatibility with existing packages when the API or ABI undergoes changes (indeed, as it has just done upstream). I saw this email to debian-devel and thought I would take a look at it to try to resolve the problem. I must admit, I don't understand the problem with the versioning. Can you explain it to me further? The libsilc package seems to have similarly named lib* files as other gnome packages. Could you help explain to me more clearly what the problem is with this package against debian 8.1 guidelines? After reading the bug report at bugs.debian.org It's still not clear to me how the package should be changed. It seems quite subtle. I tried comparing it to some of the libgnome* packages to see if I could determine what was correct, but it still wasn't clear to me. Which one is a correct description of the problem? 1) the libsilc package should not contain /usr/lib/libsilc.so at all 2) the /usr/lib/libsilc* symlinks are not correct (wrong names or missing needed names) 3) /usr/lib/libsilcclient-1.0.so.2.1.0 is not the right name 4) the package itself is not the right name curiously, Jeff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304914: marked as done (libaqbanking: FTBFS: undefined reference to `GWEN_PluginManager_AddPathFromWinReg')
Your message dated Wed, 20 Apr 2005 16:17:32 -0400 with message-id <[EMAIL PROTECTED]> and subject line Bug#304914: fixed in libaqbanking 1.0.8-2 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 16 Apr 2005 13:27:57 + >From [EMAIL PROTECTED] Sat Apr 16 06:27:57 2005 Return-path: <[EMAIL PROTECTED]> Received: from astra.telenet-ops.be [195.130.132.58] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DMnL3-0003XB-00; Sat, 16 Apr 2005 06:27:57 -0700 Received: from localhost (localhost.localdomain [127.0.0.1]) by astra.telenet-ops.be (Postfix) with SMTP id 3E72D3280AA for <[EMAIL PROTECTED]>; Sat, 16 Apr 2005 15:27:56 +0200 (MEST) Received: from Q.roeckx.be (dD5775FD9.access.telenet.be [213.119.95.217]) by astra.telenet-ops.be (Postfix) with ESMTP id E499432809E for <[EMAIL PROTECTED]>; Sat, 16 Apr 2005 15:27:55 +0200 (MEST) Received: by Q.roeckx.be (Postfix, from userid 501) id 9EA2A26136; Sat, 16 Apr 2005 15:27:52 +0200 (CEST) Date: Sat, 16 Apr 2005 15:27:52 +0200 From: Kurt Roeckx <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: libaqbanking: FTBFS: undefined reference to `GWEN_PluginManager_AddPathFromWinReg' Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: libaqbanking Version: 1.0.8-1 Severity: serious Hi, Your package is failing to build with the following error on some arches: /bin/sh ../../libtool --tag=CC --mode=link cc -g -Wall -O2 -g -Wall -g -o abt est abtest.o -L../../src/libs/aqbanking -laqbanking -L/usr/lib -lgwenhywfar -l ofx -lktoblzcheck mkdir .libs cc -g -Wall -O2 -g -Wall -g -o .libs/abtest abtest.o -L/build/buildd/libaqbank ing-1.0.8/src/libs/aqbanking /build/buildd/libaqbanking-1.0.8/src/libs/aqbankin g/.libs/libaqbanking.so -L/usr/lib /usr/lib/libgwenhywfar.so /usr/lib/libofx.so /usr/lib/libktoblzcheck.so /build/buildd/libaqbanking-1.0.8/src/libs/aqbanking/.libs/libaqbanking.so: unde fined reference to `GWEN_PluginManager_AddPathFromWinReg' collect2: ld returned 1 exit status make[4]: *** [abtest] Error 1 I have no idea why it works on some and fails on others. Kurt --- Received: (at 304914-close) by bugs.debian.org; 20 Apr 2005 20:26:06 + >From [EMAIL PROTECTED] Wed Apr 20 13:26:05 2005 Return-path: <[EMAIL PROTECTED]> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOLlt-00040Z-00; Wed, 20 Apr 2005 13:26:05 -0700 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1DOLdc-0001tf-00; Wed, 20 Apr 2005 16:17:32 -0400 From: Thomas Viehmann <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#304914: fixed in libaqbanking 1.0.8-2 Message-Id: <[EMAIL PROTECTED]> Sender: Archive Administrator <[EMAIL PROTECTED]> Date: Wed, 20 Apr 2005 16:17:32 -0400 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Source: libaqbanking Source-Version: 1.0.8-2 We believe that the bug you reported is fixed in the latest version of libaqbanking, which is due to be installed in the Debian FTP archive: libaqbanking-data_1.0.8-2_all.deb to pool/main/liba/libaqbanking/libaqbanking-data_1.0.8-2_all.deb libaqbanking-doc_1.0.8-2_all.deb to pool/main/liba/libaqbanking/libaqbanking-doc_1.0.8-2_all.deb libaqbanking-plugins-libgwenhywfar17_1.0.8-2_i386.deb to pool/main/liba/libaqbanking/libaqbanking-plugins-libgwenhywfar17_1.0.8-2_i386.deb libaqbanking0-dev_1.0.8-2_all.deb to pool/main/liba/libaqbanking/libaqbanking0-dev_1.0.8-2_all.deb libaqbanking0_1.0.8-2_i386.deb to pool/main/liba/libaqbanking/libaqbanking0_1.0.8-2_i386.deb libaqbanking_1.0.8-2.diff.gz to pool/main/liba/libaqbanking/libaqbanking_1.0.8-2.diff.gz libaqbanking_1.0.8-2.dsc to pool/main/liba/lib
Bug#305565: dosemu: Following installation instructions results in "..no operating system"
Package: dosemu Version: 1.0.2.1-7 Severity: grave Justification: renders package unusable Hi, I installed dosemu as per the instructions (including downloading the freedos tarball (whose location has changed)), and only ever get "Sorry, there is no operating system". Needless to say, this is somewhat frustrating and less than useful... Cheers, Matthew -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux ming 2.4.25 #3 Thu Mar 18 16:33:28 GMT 2004 i686 Locale: LANG=C, LC_CTYPE=C Versions of packages dosemu depends on: ii debconf 1.0.32 Debian configuration management sy ii libc6 2.2.5-11.8 GNU C Library: Shared libraries an ii slang11.4.4-7.2 The S-Lang programming library - r ii xbase-clients 4.1.0-16woody5 miscellaneous X clients ii xlibs 4.1.0-16woody5 X Window System client libraries ii xutils4.1.0-16woody5 X Window System utility programs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305566: digikam: hangs when trying to display larger albums
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: digikam
Version: 0.7.2-2
Severity: grave
Justification: renders package unusable
- -- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-k7
Misc: 1GB RAM
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages digikam depends on:
ii kdelibs4 4:3.3.2-4.0.2 KDE core libraries
ii libart-2.0-2 2.3.17-1Library of functions for
2D graphi
ii libaudio21.7-2 The Network Audio System
(NAS). (s
ii libc62.3.2.ds1-21GNU C Library: Shared
libraries an
ii libexif100.6.9-6 library to parse EXIF files
ii libfam0c102 2.7.0-6 client library to control
the FAM
ii libfontconfig1 2.3.1-2 generic font
configuration library
ii libfreetype6 2.1.7-2.3 FreeType 2 font engine,
shared lib
ii libgcc1 1:3.4.3-12 GCC support library
ii libgdbm3 1.8.3-2 GNU dbm database routines
(runtime
ii libgphoto2-2 2.1.5-4 gphoto2 digital camera
library
ii libgphoto2-port0 2.1.5-4 gphoto2 digital camera
port librar
ii libice6 4.3.0.dfsg.1-12.0.1 Inter-Client Exchange library
ii libidn11 0.5.13-1.0 GNU libidn library,
implementation
ii libimlib21.2.0-2.2 powerful image loading
and renderi
ii libimlib2-dev1.2.0-2.2 Imlib2 development files
ii libjpeg626b-10 The Independent JPEG
Group's JPEG
ii libkexif10.2.1-2 library for KDE to
read/display/ed
ii libkipi0 0.1.1-2 library for apps that
want to use
ii libpng12-0 1.2.8rel-1 PNG library - runtime
ii libqt3c102-mt3:3.3.4-3 Qt GUI Library (Threaded
runtime v
ii libsm6 4.3.0.dfsg.1-12.0.1 X Window System Session
Management
ii libstdc++5 1:3.3.5-12 The GNU Standard C++
Library v3
ii libtiff4 3.7.2-2 Tag Image File Format
(TIFF) libra
ii libx11-6 4.3.0.dfsg.1-12.0.1 X Window System protocol
client li
ii libxcursor1 1.1.3-1 X cursor management library
ii libxext6 4.3.0.dfsg.1-12.0.1 X Window System
miscellaneous exte
ii libxft2 2.1.7-1 FreeType-based font
drawing librar
ii libxrandr2 4.3.0.dfsg.1-12.0.1 X Window System Resize,
Rotate and
ii libxrender1 0.8.3-7 X Rendering Extension
client libra
ii libxt6 4.3.0.dfsg.1-12.0.1 X Toolkit Intrinsics
ii xlibs4.3.0.dfsg.1-12 X Keyboard Extension
(XKB) configu
ii zlib1g 1:1.2.2-4 compression library - runtime
- -- no debconf information
A strace reveals that digikam (or any of its libs) tries to do a brk()
to allocate more memory and gets stuck then (eats almost all CPU time):
read(16, " 0_68_", 10) = 10
time(NULL) = 1113823069
gettimeofday({1113823069, 797626}, NULL) = 0
gettimeofday({1113823069, 811999}, NULL) = 0
write(16, "3a_50_\0\0\0\2\0\0\0\n\0s\0h\0m\0i\0d\0\0\0\16"..., 68) =
68
write(16, "a7_43_\0\0\0 \0d\0i\0g\0i\0k\0a\0m\0t\0h"..., 177) = 177
gettimeofday({1113823069, 818037}, NULL) = 0
ioctl(3, FIONREAD, [0]) = 0
gettimeofday({1113823069, 818158}, NULL) = 0
select(19, [3 4 5 7 9 11 15 16 18], [], [], {19, 465938}) = 1 (in [16],
left {19, 466000})
read(16, " c_64_", 10) = 10
read(16, "\0\0\0d\0\0\0K\0\0\0 ", 12) = 12
brk(0) = 0x86ac000
brk(0x86d4000) = 0x86d4000
brk(0) = 0x86d4000
brk(0x86f5000) = 0x86f5000
Sorry for not having time to dig deeper. Please ask for further details
if necessary.
Thanks in advance,
/Markus
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCZrp4V/arRO6fNWsRAvpOAKCkdbLx9MjG5aTgl1ekO0ssgCL9gQCgx3HQ
eGZFO1u7H6P1F4bnRSutLfw=
=Vcwb
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#299105: marked as done (links to wrong library)
Your message dated Wed, 20 Apr 2005 21:49:28 +0200 with message-id <[EMAIL PROTECTED]> and subject line Acknowledge NMU has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 11 Mar 2005 20:26:25 + >From [EMAIL PROTECTED] Fri Mar 11 12:26:25 2005 Return-path: <[EMAIL PROTECTED]> Received: from mail-out.m-online.net [212.18.0.9] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1D9qiG-rS-00; Fri, 11 Mar 2005 12:26:24 -0800 Received: from mail.m-online.net (svr20.m-online.net [192.168.3.148]) by mail-out.m-online.net (Postfix) with ESMTP id F0F25768A for <[EMAIL PROTECTED]>; Fri, 11 Mar 2005 21:26:22 +0100 (CET) Received: from sol.so.argh.org (ppp-82-135-68-9.mnet-online.de [82.135.68.9]) by mail.m-online.net (Postfix) with ESMTP id DB7C85A297 for <[EMAIL PROTECTED]>; Fri, 11 Mar 2005 21:26:22 +0100 (CET) Received: from aba by sol.so.argh.org with local (Exim 4.22 #1 (Debian) [+prerelease]) id 1D9qi7-0005xu-Tu for <[EMAIL PROTECTED]>; Fri, 11 Mar 2005 21:26:15 +0100 Date: Fri, 11 Mar 2005 21:26:15 +0100 From: Andreas Barth <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: links to wrong library Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Editor: Vim http://www.vim.org/ User-Agent: Mutt/1.5.6i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: stunnel Version: 2:3.26-2 Severity: grave Hi, stunnel doesn't work at all here. After setting it up (with this parameter line): stunnel -D debug -p [...] -T -d nntps -l /usr/lib/users/nnrpd -s news -g news a try to connect to it ends with: [EMAIL PROTECTED]:~$ telnet-ssl -z ssl localhost nntps Trying [...]... Connected to [...]. Escape character is '^]'. nnrpd: error while loading shared libraries: /usr/lib/stunnel.so: cannot open shared object file: No such file or directory Connection closed by foreign host. After creating the symbolic link from /usr/lib/libstunnel.so to /usr/lib/stunnel.so it works. This seems to indicate that the program has just a wrong link inside. Thanks for your work with this package. Cheers, Andi -- http://home.arcor.de/andreas-barth/ PGP 1024/89FB5CE5 DC F1 85 6D A6 45 9C 0F 3B BE F1 D0 C5 D1 D9 0C --- Received: (at 299105-done) by bugs.debian.org; 20 Apr 2005 19:49:44 + >From [EMAIL PROTECTED] Wed Apr 20 12:49:44 2005 Return-path: <[EMAIL PROTECTED]> Received: from postfix3-1.free.fr [213.228.0.44] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOLCY-Xv-00; Wed, 20 Apr 2005 12:49:34 -0700 Received: from [10.3.3.2] (colombes.speedblue.org [82.224.227.40]) by postfix3-1.free.fr (Postfix) with ESMTP id E8D4A1734FC for <[EMAIL PROTECTED]>; Wed, 20 Apr 2005 21:49:33 +0200 (CEST) Message-ID: <[EMAIL PROTECTED]> Date: Wed, 20 Apr 2005 21:49:28 +0200 From: Julien Lemoine <[EMAIL PROTECTED]> Organization: Debian User-Agent: Debian Thunderbird 1.0.2 (X11/20050331) X-Accept-Language: en-us, en MIME-Version: 1.0 To: [EMAIL PROTECTED] Subject: Acknowledge NMU Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: -- Julien Lemoine / SpeedBlue "Savoir que les choses sont sans espoir et cependant tout faire pour les changer", Francis Scott Fitzgerald -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305435: yet another datum
bazaar 1.4~200504200032 from bazaar.canonical.com also bus errors. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305435: more data
If built with -O0, it doesn't bus error, but this fails: === TESTING: abrowse === Test 1: make 2 of each namespace level branch: could not connect to source archive to verify official name [EMAIL PROTECTED]/dists--bazaar--1.3--patch-84 make[3]: *** [tests-timestamp] Error 2 make[3]: Leaving directory `/tmp/bazaar-1.3.2/debian/build/baz/tests' make[2]: *** [test] Error 2 make[2]: Leaving directory `/tmp/bazaar-1.3.2/debian/build/baz' make[1]: *** [test] Error 2 make[1]: Leaving directory `/tmp/bazaar-1.3.2/debian/build' make: *** [debian/build-stamp] Error 2 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: HPaq cxx trouble
Processing commands for [EMAIL PROTECTED]: > retitle 175604 cxx's "compaq" mangling style not supported by binutils Bug#175604: trouble installing cxx Changed Bug title. > severity 175604 grave Bug#175604: cxx's "compaq" mangling style not supported by binutils Severity set to `grave'. > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304666: Patch for FTBFS bug
tags 304666 + patch thanks Hello Attached you'll find a patch for the FTBFS bug in zorp. bye, -christian- diff -u zorp-2.0.9/tests/core/Makefile.am zorp-2.0.9/tests/core/Makefile.am --- zorp-2.0.9/tests/core/Makefile.am +++ zorp-2.0.9/tests/core/Makefile.am @@ -6,4 +6,5 @@ -#test_readline_LDADD = +test_readline_LDADD = -lzorpll test_registry_SOURCES = test_registry.c #test_registry_LDADD = $(top_srcdir)/lib/.libs/libzorp.so +test_registry_LDADD = -lzorpll diff -u zorp-2.0.9/debian/changelog zorp-2.0.9/debian/changelog --- zorp-2.0.9/debian/changelog +++ zorp-2.0.9/debian/changelog @@ -1,3 +1,10 @@ +zorp (2.0.9-10) unstable; urgency=high + + * NMU + * Fixed FTBFS bug. Closes: #304666 + + -- Christian Hammers <[EMAIL PROTECTED]> Wed, 20 Apr 2005 20:20:54 +0200 + zorp (2.0.9-9) unstable; urgency=low * Fixed invalid lvalue in test_registry. Closes: #290446 only in patch2: unchanged: --- zorp-2.0.9.orig/zorp/Makefile.am +++ zorp-2.0.9/zorp/Makefile.am @@ -2,7 +2,7 @@ pkglib_PROGRAMS = zorp zorp_SOURCES = main.c -zorp_LDADD = ../lib/libzorp.la +zorp_LDADD = ../lib/libzorp.la -lzorpll sysconf_DATA = policy.py.sample
Processed: Patch for FTBFS bug
Processing commands for [EMAIL PROTECTED]: > tags 304666 + patch Bug#304666: zorp: FTBFS: Link errors in zorp binary There were no tags set. Tags added: patch > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#287038: Any progress regarding DSA for unrtf (CAN-2004-1297)
Hello Christian You have an open grave/security bug that has had no visible progress since some weeks now. Are there any open problems where help is needed? (in fact you did not even acknowledge Joey Hess' NMU are you maybe no active maintainer any more?) bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#287043: Any progress regarding the DSA for mpg123 (#287043)?
Christian Hammers wrote: > Hello > > Last comment regarding this bug report was: > "CAN-2004-1284 Buffer overflow in the find_next_file function" > > Date: Tue, 18 Jan 2005 10:00:37 +0100 > > From: Daniel Kobras <[EMAIL PROTECTED]> > > > > An update for woody is pending. > > Has there been progress during the last 3 month? Open bugs from 2004 > are no good PR for us... I have no information about this. Since mpg123 is non-free, I refuse to spend more time on it than reviewing a patch, uploading packages when all architectures are built by the maintainer, writing and releasing an advisory. Basically, non-free is not supported by the security team, that's documented in the FAQ (I hope). Regards, Joey -- If you come from outside of Finland, you live in wrong country. -- motd of irc.funet.fi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305413: libfreetype6: Many packages which use freetype now segfault
I tried to reproduce this. I took upgraded a two-week-old qemu sid image (with basic X, but without GNOME), installed GNOME on it, and ran xchat and gnumeric. Both started up fine. Dennis, could you figure out which font is causing this? Bug #302269 (filed against fontconfig, but seems to really be a problem with libfreetype6) shows problem with a BDF font (Small-Fonts_r400-3.bdf), for example. This might be related, or it might not be, but knowing the font would be helpful. Do the apps crash on you as soon as they start up or do you need to do something else? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#287043: Any progress regarding the DSA for mpg123 (#287043)?
Hello Last comment regarding this bug report was: "CAN-2004-1284 Buffer overflow in the find_next_file function" > Date: Tue, 18 Jan 2005 10:00:37 +0100 > From: Daniel Kobras <[EMAIL PROTECTED]> > > An update for woody is pending. Has there been progress during the last 3 month? Open bugs from 2004 are no good PR for us... bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305546: prolog-el: FTBFS: Missing Build-Depends on 'dpatch'
Package: prolog-el Version: 1.3-2 Severity: serious Tags: patch When building 'prolog-el' in a clean 'unstable' chroot, I get the following error: #-/usr/bin/make clean dh_clean dpatch deapply-all make: dpatch: Command not found make: *** [unpatch] Error 127 Please add the missing Build-Depends on 'dpatch' to debian/control. Regards Andreas Jochens diff -urN ../tmp-orig/prolog-el-1.3/debian/control ./debian/control --- ../tmp-orig/prolog-el-1.3/debian/control2005-04-18 18:34:14.0 +0200 +++ ./debian/control2005-04-20 19:27:06.255515079 +0200 @@ -2,7 +2,7 @@ Section: interpreters Priority: optional Maintainer: Jorgen Schaefer <[EMAIL PROTECTED]> -Build-Depends: debhelper (>= 4.0.0) +Build-Depends: debhelper, dpatch Standards-Version: 3.6.1 Package: prolog-el -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304552: marked as done (buffer overflows (CAN-2005-1035))
Your message dated Wed, 20 Apr 2005 19:15:05 +0200 with message-id <[EMAIL PROTECTED]> and subject line You marked the wrong bug as fixed has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 13 Apr 2005 22:38:44 + >From [EMAIL PROTECTED] Wed Apr 13 15:38:44 2005 Return-path: <[EMAIL PROTECTED]> Received: from kitenet.net [64.62.161.42] (postfix) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DLqVQ-0006Hw-00; Wed, 13 Apr 2005 15:38:44 -0700 Received: from dragon.kitenet.net (unknown [66.168.94.177]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "Joey Hess", Issuer "Joey Hess" (verified OK)) by kitenet.net (Postfix) with ESMTP id D3E6417F2C for <[EMAIL PROTECTED]>; Wed, 13 Apr 2005 22:38:42 + (GMT) Received: by dragon.kitenet.net (Postfix, from userid 1000) id CCCB76E73F; Wed, 13 Apr 2005 18:41:45 -0400 (EDT) Date: Wed, 13 Apr 2005 18:41:44 -0400 From: Joey Hess <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: buffer overflows (CAN-2005-1035) Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="UlVJffcvxoiEqYs2" Content-Disposition: inline X-Reportbug-Version: 3.9 User-Agent: Mutt/1.5.9i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: --UlVJffcvxoiEqYs2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: pavuk Severity: serious Tags: security pavuk has some buffer overflows that are fixed in new upstream version 0.9.32. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=3Den_US.UTF-8, LC_CTYPE=3Den_US.UTF-8 (charmap=3DUTF-8) Versions of packages pavuk depends on: ii libc62.3.2.ds1-20GNU C Library: Shared librarie= s an ii libdb2 2:2.7.7.0-9 The Berkeley database routines= (ru ii libglib1.2 1.2.10-9The GLib library of C routines ii libgtk1.21.2.10-17 The GIMP Toolkit set of widget= s fo ii libsocks44.3.beta2-13SOCKS libraries ii libssl0.9.7 0.9.7e-3SSL shared libraries ii libx11-6 4.3.0.dfsg.1-12.0.1 X Window System protocol clien= t li ii libxext6 4.3.0.dfsg.1-12.0.1 X Window System miscellaneous = exte ii libxi6 4.3.0.dfsg.1-12.0.1 X Window System Input extensio= n li ii libxmu6 4.3.0.dfsg.1-12.0.1 X Window System miscellaneous = util ii xlibs4.3.0.dfsg.1-12 X Keyboard Extension (XKB) con= figu ii zlib1g 1:1.2.2-4 compression library - runtime --=20 see shy jo --UlVJffcvxoiEqYs2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCXaAod8HHehbQuO8RApEEAJ4h1MrvG5ElDDw3LLeINkSspx0q8gCcDhHQ GnwbTueqWN3C+HpsCsOQZxI= =nvZs -END PGP SIGNATURE- --UlVJffcvxoiEqYs2-- --- Received: (at 304552-done) by bugs.debian.org; 20 Apr 2005 17:15:08 + >From [EMAIL PROTECTED] Wed Apr 20 10:15:08 2005 Return-path: <[EMAIL PROTECTED]> Received: from gate.lathspell.de (app109.intern) [212.117.68.82] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOIn6-0002Ki-00; Wed, 20 Apr 2005 10:15:08 -0700 Received: by app109.intern (Postfix, from userid 1000) id F0BCE2C69E; Wed, 20 Apr 2005 19:15:05 +0200 (CEST) Date: Wed, 20 Apr 2005 19:15:05 +0200 From: Christian Hammers <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: You marked the wrong bug as fixed Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.8i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spa
Bug#264816: doomlegacy-sdl: combines incompatible, non-dfsg licences
> I've recently adopted doomlegacy. I am currently working on the > license issue. Doomlegacy has been removed from unstable. I'm sending > this to the BTS so that nobody closes all of doomlegacy bugs because > of the removal. Hi - I'm pleased to see someone is working on this bug! I was wondering what your approach is. Given the upstream rewrite to C++, I'm concerned simply cutting out the portions which aren't good will not be effective in the long-run. I'm very interested in helping to persuade the licence owners of the dodgy material (raven/activision) to re-licence under the GPL. I know that Thierry's contact in Raven was in agreement. It seems that activision (the publishers) are the ones that need convincing. Sorry if you get two copies of this - I'm CCing the bug. I didn't get a copy of your mail to it in the first place so I'm not sure what's going on there. -- Jon Dowland http://jon.dowland.name/ PGP fingerprint: 7032F238 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305535: Using slapcat on running slapd is dangerous
Package: backupninja Version: 0.4.4-1 Severity: serious from 'man slapcat' Limitations Your slapd(8) should not be running (at least, not in read-write mode) when you do this to ensure consistency of the database. So you should stop slapd before and start it after. But I think that the following scenario should be better: You should use not slapcat, but ldapsearch -x -D "basedn" -y /etc/ldap.secret or just ldapsearch -x (in dependence of configuration user choosed) -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (620, 'testing'), (600, 'unstable'), (550, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.10-1-686 Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R) Versions of packages backupninja depends on: ii gawk 1:3.1.4-2 GNU awk, a pattern scanning and pr ii mawk 1.3.3-11 a pattern scanning and text proces -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#285079: Ping
ARAKI Yasuhiro wrote: Samuel, Hi, I'm just pinging the BR just to know how the issue of ABI-breakage of libosip2 is going on since it blocks my package linphone (no news since Dec 2004). As you packaged "linphone" (at least linphone_1.0.1-3) depends NEW ABI package of libosip2 is installed in Debian as "libosip2-3". Do you want to use libosip2(<= 2.0.6)'s ABI? I don't want to use libosip2 but this RC bug on it prevents libosip2-3 from entering testing. See: http://bjorn.haxx.se/debian/testing.pl?package=libosip2-3 Regards, Samuel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305530: Add dependency to libpt sound plugin
Package: ohphone-basic Version: 1:1.4.3+20050304-1 Severity: serious Add dependency to one of libpt sound plugin. -- System Information: Debian Release: 3.1 Architecture: amd64 (x86_64) Kernel: Linux 2.6.11-9-amd64-k8 Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Versions of packages ohphone-basic depends on: ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an ii libexpat1 1.95.8-1 XML parsing C library - runtime li ii libgcc1 1:3.4.3-12 GCC support library ii libldap2 2.1.30-6 OpenLDAP libraries ii libopenh323-1 1.15.3-2 H.323 aka VoIP library ii libpt-1.8.3 1.8.4-1Portable Windows Library ii libsasl2 2.1.19-1.5 Authentication abstraction library ii libsdl1.2debi 1.2.7+1.2.8cvs20041007-4.1 Simple DirectMedia Layer ii libssl0.9.7 0.9.7e-3 SSL shared libraries ii libstdc++51:3.3.5-12 The GNU Standard C++ Library v3 -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305435: a little more info
=== TESTING: id-tagging-defaults === Test 1: id-tagging-defaults => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz id-tagging-defaults => egrep ^junk id-tagging-defaults => egrep ^backup id-tagging-defaults => egrep ^precious id-tagging-defaults => egrep ^source id-tagging-defaults Test 1: PASS ! cleaning workdir ! cleaning workdir ! setting up workdir ! doing initial setup => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz my-id Jane Doe <[EMAIL PROTECTED]> ! creating and setting up archives => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz make-archive [EMAIL PROTECTED] cached:/tmp/bazaar-1.3.2/debian/build/baz/tests/archivedir/jane-archive => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz make-archive [EMAIL PROTECTED] cached:/tmp/bazaar-1.3.2/debian/build/baz/tests/archivedir/foo-archive ! doing initial imports => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz init-tree --nested [EMAIL PROTECTED]/hello-world--mainline--1.0 => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz id-tagging-method explicit => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz add hello-world.c README => /tmp/bazaar-1.3.2/debian/build/baz/tests/../baz/baz import -L initial import Bus error make: *** [tests-timestamp] Error 138 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305518: evolution-data-server1.2 reintroduces bug #277668 from evolution-data-server
Package: evolution-data-server1.2 Version: 1.2.2-2 Severity: serious Justification: Impedes security support evolution-data-server1.2 reintroduces a the use of a private copy of libdb4.1 (which happens to lack at least some debian patches, and leads to FTBFS on mips/mipsel). It should use the dynamic library instead. For a discussion of the bug see #277668. Thiemo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305504: Version 1.0.1 completely insecure, Version 1.0.4 is out
Package: helix-player Version: 1.0.1-1 Severity: serious With 1.0.2, 1.0.3[0] and today with 1.0.4[1], grave security bugs are fixed in helix-player. I already informed Thomas about it. Though he is only reachable at weekends, we will organise who will upload a new package soon. Regards, Daniel [0] http://service.real.com/help/faq/security/050224_player [1] http://service.real.com/help/faq/security/050419_player/EN/ -- Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: [EMAIL PROTECTED] Internet: http://people.panthera-systems.net/~daniel-baumann/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305479: netsaint-plugins: check_log plugin breaks system
On Wed, Apr 20, 2005 at 03:16:39PM +0400, Al Nikolov wrote: > On Wednesday 20 April 2005 14:07, Steve Langasek wrote: > > FYI, the netsaint-plugins package is only available from non-us.debian.org, > > which is quite moribund and will be discontinued with the release of sarge. > > This bug will not be fixed, as the netsaint package has been replaced with > > nagios in the main archive. I would strongly encourage you to install > > nagios rather than fighting with any bugs in netsaint; of course, please > > let us know if you find bugs (this one or others) in nagios. > Please, reconsider. > 1) The debian-non-US archive was separated only in consequence of US law (the > law of a country where not to say everybody live), not of "unimportance" of > packages in it. It's just mirrored elsewhere outside US, but logically should > be considered as part of the official archive. Think also about other forms > of Debian distribution (on CD sets for instance). Its unimportance comes from the fact that there are very few packages remaining there, even in woody. The archive scripts have never been restored to operation after the server compromise in 2003; so although this is a bug that affects the stable version of Debian (which I didn't understand before, sorry), it is unlikely that this problem will be fixed if it requires uploading a new package to non-US. > 2) There is no nagios package in Debian release. There _is_ netsaint package. > It may be weak, buggy and uncomfortable (relatively to nagios), but it is > released, and people use it. If one (like me) uses it for years, and one day > just adds a new service to be monitored (and that was $subj), gets a wierd > result, tests the plugin from the command line under root (yes, i know, i > know, that's bad!), and gets a lot of working packages breaked.. what should > he do? That will be not a good time to upgrade all his systems to > nagios/sarge/whatever. > I beg to prepare NMU, if you don't object. I have no objections, but I'm not the package maintainer. I was merely commenting on an RC bug that seems unlikely to get fixed. If you feel strongly about getting this bug fixed in woody, you will most likely need to talk to the stable release manager about getting this fix allowed in through main (not non-US). -- Steve Langasek postmodern programmer signature.asc Description: Digital signature
Bug#305479: netsaint-plugins: check_log plugin breaks system
On Wednesday 20 April 2005 14:07, Steve Langasek wrote: > FYI, the netsaint-plugins package is only available from non-us.debian.org, > which is quite moribund and will be discontinued with the release of sarge. > This bug will not be fixed, as the netsaint package has been replaced with > nagios in the main archive. I would strongly encourage you to install > nagios rather than fighting with any bugs in netsaint; of course, please > let us know if you find bugs (this one or others) in nagios. Please, reconsider. 1) The debian-non-US archive was separated only in consequence of US law (the law of a country where not to say everybody live), not of "unimportance" of packages in it. It's just mirrored elsewhere outside US, but logically should be considered as part of the official archive. Think also about other forms of Debian distribution (on CD sets for instance). 2) There is no nagios package in Debian release. There _is_ netsaint package. It may be weak, buggy and uncomfortable (relatively to nagios), but it is released, and people use it. If one (like me) uses it for years, and one day just adds a new service to be monitored (and that was $subj), gets a wierd result, tests the plugin from the command line under root (yes, i know, i know, that's bad!), and gets a lot of working packages breaked.. what should he do? That will be not a good time to upgrade all his systems to nagios/sarge/whatever. I beg to prepare NMU, if you don't object. -- Regards, Al Nikolov -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304050:
Hi All, "During the evolution update to version 2.2 the addressbook and the calendar files where converted to a new version or format. Because of the multisync can't access the addressbook and calendar files any more. (I'm not sure about the task files, i don't use that feature). I'm not quit shure what exactly has changed in format, maybe it would help just to recompile the evolution plugin with the updated evolution libraries to the same version as the evolution uses." Probably the file formats did not change. If I exit evolution and kill /usr/lib/evolution/evolution-data-server-1.2 and start multisync it seems to be working. The trick is that multisync (especially libmultisync-plugin-evolution 0.82-5) starts /usr/lib/evolution/evolution-data-server-1.0 which is the part of "evolution-data-server" debian package. This is the old one probably used by evloution 2.0. Evolution 2.2 uses evolution-data-server1.2. If /usr/lib/evolution/evolution-data-server-1.2 is running current evolution plugin can not use it. Hopefully a recompile with the new libraries will help. BR kecsa -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305479: netsaint-plugins: check_log plugin breaks system
Hi Al, On Wed, Apr 20, 2005 at 01:03:17PM +0400, Al Nikolov wrote: > Package: netsaint-plugins > Version: 1.2.9.4-18.1 > Severity: grave > Tags: patch > Justification: causes non-serious data loss FYI, the netsaint-plugins package is only available from non-us.debian.org, which is quite moribund and will be discontinued with the release of sarge. This bug will not be fixed, as the netsaint package has been replaced with nagios in the main archive. I would strongly encourage you to install nagios rather than fighting with any bugs in netsaint; of course, please let us know if you find bugs (this one or others) in nagios. Cheers, -- Steve Langasek postmodern programmer signature.asc Description: Digital signature
Bug#304412: marked as done (CAN-2005-0941: "OpenOffice DOC document Heap Overflow")
Your message dated Wed, 20 Apr 2005 02:00:19 -0700 with message-id <[EMAIL PROTECTED]> and subject line CAN-2005-0941: "OpenOffice DOC document Heap Overflow" has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 12 Apr 2005 22:38:51 + >From [EMAIL PROTECTED] Tue Apr 12 15:38:51 2005 Return-path: <[EMAIL PROTECTED]> Received: from imap.gmx.net (mail.gmx.net) [213.165.64.20] by spohr.debian.org with smtp (Exim 3.35 1 (Debian)) id 1DLU1z-00053D-00; Tue, 12 Apr 2005 15:38:51 -0700 Received: (qmail invoked by alias); 12 Apr 2005 22:38:19 - Received: from dsl-084-056-110-083.arcor-ip.net (EHLO localhost) [84.56.110.83] by mail.gmx.net (mp002) with SMTP; 13 Apr 2005 00:38:19 +0200 X-Authenticated: #1545045 Received: by localhost (Postfix, from userid 1000) id 3E4986A1F0; Wed, 13 Apr 2005 00:38:16 +0200 (CEST) Date: Wed, 13 Apr 2005 00:38:16 +0200 From: Rene Engelhard <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: CAN-2005-0941: "OpenOffice DOC document Heap Overflow" Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cWoXeonUoKmBZSoM" Content-Disposition: inline X-Reportbug-Version: 3.9 X-PGP-Key: 248AEB73 X-PGP-Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73 User-Agent: Mutt/1.5.9i X-Y-GMX-Trusted: 0 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: --cWoXeonUoKmBZSoM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: openoffice.org Version: 1.1.3-8 Severity: grave Justification: user security hole Tags: sarge sid experimental pending =66rom full-disclosure (http://archives.neohapsis.com/archives/fulldisclosu= re/2005-04/0218.html): OpenOffice DOC document Heap Overflow [Security Advisory] Advisory:[AD_LAB-05001] OpenOffice DOC document Heap Overflow Class: Design Error DATE:30/3/2005 CVEID:CAN-2005-0941 Vulnerable: <=3DOpenOffice OpenOffice 1.1.4 -OpenOffice OpenOffice 2.0dev Unvulnerable: Unknow Vendor: www.openoffice.org I.DESCRIPTION: - - OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. The vulnerability is caused due to a error within the .Doc document header processing.This can be exploited to cause a heap-based buffer overflow.=20 [...] -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (400, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=3DISO-8859-15) Versions of packages openoffice.org depends on: ii dictionaries-common [openoffi 0.25.4 Common utilities for spelling = dict ii openoffice.org-bin1.1.3-8OpenOffice.org office suite bi= nary ii openoffice.org-debian-files 1.1.3-8+1 Debian specific parts of OpenO= ffic ii openoffice.org-l10n-de [openo 1.1.3-8German language package for Op= enOf ii openoffice.org-l10n-en [openo 1.1.3-8English (US) language package = for=20 ii ttf-opensymbol1.1.3-8The OpenSymbol TrueType font ii xml-core 0.09 XML infrastructure and XML cat= alog -- no debconf information --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFCXE3Y+FmQsCSK63MRAhJIAJ9RvzELacwAKTI4SaAJnoKRbc46FgCfT2cS T82ElwiAVBKKHvwDTvgTggA= =//v+ -END PGP SIGNATURE- --cWoXeonUoKmBZSoM-- --- Received: (at 304412-done) by bugs.debian.org; 20 Apr 2005 09:00:19 + >From [EMAIL PROTECTED] Wed Apr 20 02:00:19 2005 Return-path: <[EMAIL PROTECTED]> Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (localhost.localdomain) [66.93.39.86] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOB4F-0003KY-00; Wed, 20 Apr 2005 02:00:19 -0700 Received: by localhost.localdomain
Bug#305479: netsaint-plugins: check_log plugin breaks system
Package: netsaint-plugins
Version: 1.2.9.4-18.1
Severity: grave
Tags: patch
Justification: causes non-serious data loss
In consequence of sh-syntax errors, the check_log script deletes
/bin/mktemp file if started as root (thus breaking an essential
package), never mind runs properly.
Unfortunately, i haven't figured out how to build that script from the
source (plugins-scripts/check_log.sh) and i submit this patch only for
information.
--- /tmp/tmp.orig/netsaint-plugins-1.2.9.4/plugins-scripts/check_log.sh Sat Apr
14 00:19:47 2001
+++ check_log Wed Apr 20 12:30:47 2005
@@ -62,12 +62,12 @@
ECHO="/bin/echo"
GREP="/bin/grep"
-DIFF="/bin/diff"
-TAIL="/bin/tail"
+DIFF="/usr/bin/diff"
+TAIL="/usr/bin/tail"
CAT="/bin/cat"
RM="/bin/rm"
-PROGNAME=`/bin/basename $0`
+PROGNAME=`/usr/bin/basename $0`
PROGPATH=`echo $0 | /bin/sed -e 's,[\\/][^\\/][^\\/]*$,,'`
REVISION=`echo '$Revision: 1.3.2.4 $' | /bin/sed -e 's/[^0-9.]//g'`
@@ -175,13 +175,13 @@
# The temporary file that the script should use while
# processing the log file.
-if [-x /bin/mktemp]; then
- tempdiff="/bin/mktemp /tmp/check_log.XX"
+if [ -x /bin/mktemp ]; then
+ tempdiff=`/bin/mktemp /tmp/check_log.XX`
else
date=`/bin/date '+%H%M%S'`
tempdiff="/tmp/check_log.$date"
/bin/touch $tempdiff
- chmod 600 $tempdiff
+ /bin/chmod 600 $tempdiff
fi
$DIFF $logfile $oldlog > $tempdiff
@@ -203,6 +203,6 @@
exitstatus=${STATE_WARNING}
fi
-exit exitstatus
+exit $exitstatus
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux spider 2.4.18 #1 Tue Jan 11 20:42:15 MSK 2005 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages netsaint-plugins depends on:
ii dnsutils 1:9.2.1-2.woody.2 Clients provided with BIND
ii libc6 2.2.5-11.8GNU C Library: Shared libraries an
ii libssl0.9.60.9.6c-2.woody.7 SSL shared libraries
ii netkit-ping [ping] 0.10-9The ping utility from netkit
ii perl [perl5] 5.6.1-8.9 Larry Wall's Practical Extraction
ii procps 1:2.0.7-8.woody1 The /proc file system utilities.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304469: marked as done (openoffice.org: Invalid range checking in DOC header parsing leading to possible heap overflow)
Your message dated Wed, 20 Apr 2005 02:00:19 -0700
with message-id <[EMAIL PROTECTED]>
and subject line CAN-2005-0941: "OpenOffice DOC document Heap Overflow"
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--
Received: (at submit) by bugs.debian.org; 13 Apr 2005 12:08:48 +
>From [EMAIL PROTECTED] Wed Apr 13 05:08:47 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org (vserver151.vserver151.serverflex.de)
[193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DLgfn-0002lm-00; Wed, 13 Apr 2005 05:08:47 -0700
Received: from p54893e8f.dip.t-dialin.net ([84.137.62.143]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1DLgfl-0005px-Ba
for [EMAIL PROTECTED]; Wed, 13 Apr 2005 14:08:46 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.50)
id 1DLgfg-0002cF-AI; Wed, 13 Apr 2005 14:08:40 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: openoffice.org: Invalid range checking in DOC header parsing leading to
possible heap overflow
X-Mailer: reportbug 3.9
Date: Wed, 13 Apr 2005 14:08:39 +0200
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 84.137.62.143
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: openoffice.org
Version: 1.1.3-8
Severity: grave
Tags: security
Justification: user security hole
Lee Xioajun <[EMAIL PROTECTED]> reported an issue with invalid input
checks in DOC header parsing, which can possibly be exploited with remote
code execution. I'm including his advisory verbose, as I could not find a
WWW reference for it. The relevant issue #s seems to be 46276 and 46388.
It's supposed to be fixed upstream, but I couldn't find it in the plethora
of CVS modules and subprojects.
Cheers,
Moritz
OpenOffice DOC document Heap Overflow
[Security Advisory]
Advisory:[AD_LAB-05001] OpenOffice DOC document Heap Overflow
Class: Design Error
DATE:30/3/2005
CVEID:CAN-2005-0941
Vulnerable:
<=OpenOffice OpenOffice 1.1.4
-OpenOffice OpenOffice 2.0dev
Unvulnerable:
Unknow
Vendor:
www.openoffice.org
I.DESCRIPTION:
-
OpenOffice.org is an office productivity suite, including word
processing, spreadsheets, presentations, drawings, data charting,
formula editing, and file conversion facilities.
The vulnerability is caused due to a error within the .Doc document header
processing.This can be exploited to cause a heap-based buffer overflow.
II.DETAILS:
--
There is a vulnerability in StgCompObjStream::Load() function,
When reading DOC document information of format,memory is allocated by DOC
provide length.
DOC provided a 32 bits integer,and will use the low 16 bits of this number to
allocate memory,
but when reading doc information,still use the 32 bits number as length,this
maybe cause heap
overflow, and when free happened ,will cause write pointer,maybe cause
arbitrary code excute .
BOOL StgCompObjStream::Load()
{
memset( &aClsId, 0, sizeof( ClsId ) );
nCbFormat = 0;
aUserName.Erase();
if( GetError() != SVSTREAM_OK )
return FALSE;
Seek( 8L );
INT32 nMarker = 0;
*this >> nMarker;
if( nMarker == -1L )
{
*this >> aClsId;
INT32 nLen1 = 0;
*this >> nLen1; // we can control this 32 bits int
sal_Char* p = new sal_Char[ (USHORT) nLen1 ]; //use low 16 bits
value to allocate memory
if( Read( p, nLen1 ) == (ULONG) nLen1 ) //still use 32 bits
int as length,if failed,
// will goto free
step,maybe cause write pointer.
{
aUserName = String( p, gsl_getSystemTextEncoding() );
nCbFormat = ReadClipboardFormat
Bug#289561: marked as done (nvidia-kernel-2.4.27-1-k7: nvidia.o won't load, X won't start)
Your message dated Wed, 20 Apr 2005 01:57:25 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#289561: nvidia-kernel-2.4.27-2-k7: 2.4.27-2-k7 does not work either has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 9 Jan 2005 20:24:08 + >From [EMAIL PROTECTED] Sun Jan 09 12:24:08 2005 Return-path: <[EMAIL PROTECTED]> Received: from moutng.kundenserver.de [212.227.126.191] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cnjbc-0003w1-00; Sun, 09 Jan 2005 12:24:08 -0800 Received: from [212.227.126.161] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1Cnjbb-00019L-00; Sun, 09 Jan 2005 21:24:07 +0100 Received: from [145.254.121.242] (helo=haktar.heitkoetter.net) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 1Cnjba-0006u1-00; Sun, 09 Jan 2005 21:24:06 +0100 Received: from jan by haktar.heitkoetter.net with local (Exim 3.36 #1 (Debian)) id 1CnjbZ-UA-00; Sun, 09 Jan 2005 21:24:05 +0100 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Jan Heitkoetter <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: nvidia-kernel-2.4.27-1-k7: nvidia.o won't load, X won't start X-Mailer: reportbug 3.2 Date: Sun, 09 Jan 2005 21:24:05 +0100 Message-Id: <[EMAIL PROTECTED]> Sender: Jan Heitkoetter <[EMAIL PROTECTED]> X-Provags-ID: kundenserver.de [EMAIL PROTECTED] auth:d9de22eff458bff89ec0e3b56294b0c0 X-BadReturnPath: [EMAIL PROTECTED] rewritten as [EMAIL PROTECTED] using "From" header Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: nvidia-kernel-2.4.27-1-k7 Version: 1.0.6111+3 Severity: grave Justification: renders package unusable After upgrading the nvidia-kernel package, nvidia.o won't load and, therefore, X would not start. When compiling nvidia-kernel from nvidia-kernel-source (1.0.6111-1) using kernel headers package for 2.4.27-1-k7 everything's fine. /var/log/XFree86.0.log reads (EE) NVIDIA(0): Failed to initialize the NVIDIA kernel module! /var/log/syslog reads after sending SIGHUP to gdm: gdm[1642]: GDM restarting ... kernel: apm: BIOS version 1.2 Flags 0x03 (Driver version 1.16) kernel: apm: overridden by ACPI. insmod: /lib/modules/2.4.27-1-k7/kernel/arch/i386/kernel/apm.o: init_module: No such device insmod: Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters. You may find more information in syslog or the output from dmesg insmod: /lib/modules/2.4.27-1-k7/kernel/arch/i386/kernel/apm.o: insmod char-major-10-134 failed insmod: /lib/modules/2.4.27-1-k7/nvidia/nvidia.o: insmod char-major-195 failed gdm[1812]: gdm_slave_xioerror_handler: Fatal X error - Restarting :0 Regards, Jan -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (600, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27-1-k7 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages nvidia-kernel-2.4.27-1-k7 depends on: ii nvidia-kernel-common 1.0.6629+1 NVIDIA binary kernel module common -- no debconf information --- Received: (at 289561-done) by bugs.debian.org; 20 Apr 2005 08:57:26 + >From [EMAIL PROTECTED] Wed Apr 20 01:57:26 2005 Return-path: <[EMAIL PROTECTED]> Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (localhost.localdomain) [66.93.39.86] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOB1S-0003A8-00; Wed, 20 Apr 2005 01:57:26 -0700 Received: by localhost.localdomain (Postfix, from userid 1000) id CDB67172A57; Wed, 20 Apr 2005 01:57:25 -0700 (PDT) Date: Wed, 20 Apr 2005 01:57:25 -0700 From: Steve Langasek <[EMAIL PROTECTED]> To: Jan Heitkoetter <[EMAIL PROTECTED]>, [EMAIL PROTECTED] Subject: Re: Bug#289561: nvidia-kernel-2.4.27-2-k7: 2.4.27-2-k7 does not work either Message-ID: <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="J/dobhs11T7y2rNN" Content-Disposition: inline In-Reply-To: <[EMAIL PROT
Bug#305435: bazaar: ftbfs [sparc] test-framework: line 28: 13580 Bus error
package bazaar
tags 305435 confirmed
thanks
On Tue, Apr 19, 2005 at 04:48:25PM -0700, Blars Blarson said
> Package: bazaar
> Version: 1.3.2-1
> Severity: serious
> Tags: sid
> Justification: fails to build from source
>
> bazaar fails to build from source on sparc, duplicated on sparc pbuilder.
>
> === TESTING: id-tagging-defaults ===
> Test 1: id-tagging-defaults
> Test 1: PASS
> /tmp/buildd/bazaar-1.3.2/src/baz/tests/test-framework: line 28: 13580 Bus
> error
> $DEBUGPREFIX ${builddir}/../baz/baz "$@"
> make[3]: *** [tests-timestamp] Error 138
> make[3]: Leaving directory `/tmp/buildd/bazaar-1.3.2/debian/build/baz/tests'
> make[2]: *** [test] Error 2
Yup, Joshua Kwan confirmed it, too. Do one of you guys have time to
help us debug this by running the test suite under gdb?
-rob
--
Words of the day: Freeh BCCI Kosovo anarchy MD2 Kosovo ANC monarchist MP5K-SD
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#305435: bazaar: ftbfs [sparc] test-framework: line 28: 13580 Bus error
Processing commands for [EMAIL PROTECTED]: > package bazaar Ignoring bugs not assigned to: bazaar > tags 305435 confirmed Bug#305435: bazaar: ftbfs [sparc] test-framework: line 28: 13580 Bus error Tags were: sid Tags added: confirmed > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#295131: scorched3d: libsdl1.2debian-all depends on glib/gmodule/gthread 2.0
On Mon, Apr 18, 2005 at 12:57:40PM -0500, [EMAIL PROTECTED] wrote: > the libSDL-1.2.so.0 in libsdl1.2debian-all depends on glib 2.0, > which conflicts the glib 1.2 loaded via wxgtk2.4, causing very > erratic behavior, including crashes, buttons not working, text > not drawing, etc. I don't know which package this bug report > should go to, so I filed it against this one. libsdl1.2debian-alsa, > which I also tried, does not have this problem; I haven't tried > the others. I'm assuming the orignal bug is caused by the same > issue, since the presence of a .gtkrc will almost always cause > a segfault immediately on startup in this configuration. Yep it's certainly related to original report, and as in original report I have no idea how to fix it now. Either wx2.4 will be rebuilt against gtk2.0, or scorched3d against wx2.5, but the latter won't make scorched3d in releasable state for sarge, cause wx2.5 can't be installed with wx2.4 at the same time. regards fEnIo -- ,''`. Bartosz Fenski | mailto:[EMAIL PROTECTED] | pgp:0x13fefc40 | irc:fEnIo : :' : 32-050 Skawina - Glowackiego 3/15 - w. malopolskie - Poland `. `' phone:+48602383548 | proud Debian maintainer and user `- http://skawina.eu.org | jid:[EMAIL PROTECTED] | rlu:172001 signature.asc Description: Digital signature
Bug#305472: FTBFS in experimental
Package: ekg2 Version: 20050419+0101-1 Severity: serious Tags: experimental Hi, please see http://experimental.ftbfs.de/build.php?arch=&pkg=ekg2 for the full build log This bug may be connected to the fact that mips* builds with sudo instead of fakeroot. Cheers, Andi Automatic build of ekg2_20050419+0101-1 on sigrun by sbuild/mips 1.170.5 Build started at 20050420-0911 ** [...] Checking correctness of source dependencies... Toolchain package versions: libc6-dev_2.3.2.ds1-20 linux-kernel-headers_2.5.999-test7-bk-17 gcc-3.3_1:3.3.5-12 g++-3.3_1:3.3.5-12 binutils_2.15-5 libstdc++5_1:3.3.5-12 libstdc++5-3.3-dev_1:3.3.5-12 -- dpkg-source: extracting ekg2 in ekg2-20050419+0101 su: Authentication service cannot retrieve authentication info. (Ignored) dpkg-buildpackage: source package is ekg2 dpkg-buildpackage: source version is 20050419+0101-1 dpkg-buildpackage: host architecture is mips /usr/bin/sudo debian/rules clean dh_testdir dh_testroot rm -f build-stamp /usr/bin/make -C docs/ekg2book make[1]: Entering directory `/build/buildd/ekg2-20050419+0101/docs/ekg2book' rm -rf book ./generate.sh xsltproc sheet.xsl book.xml Writing userbook-sources.html for sect1(userbook-sources) Writing userbook-install.html for sect1(userbook-install) Writing userbook-sessions.html for sect1(userbook-sessions) Writing userbook-networks.html for sect1(userbook-networks) Writing userbook-connecting.html for sect1(userbook-connecting) Writing userbook-status.html for sect1(userbook-status) Writing userbook-userlist.html for sect1(userbook-userlist) Writing userbook-user.html for sect1(userbook-user) Writing userbook-contacts.html for sect1(userbook-contacts) Writing userbook.html for chapter(userbook) Writing plugin-ioctld.html for sect1(plugin-ioctld) Writing plugin-irc.html for sect1(plugin-irc) Writing plugin-jabber.html for sect1(plugin-jabber) Writing plugin-logs.html for sect1(plugin-logs) Writing plugin-logsqlite.html for sect1(plugin-logsqlite) Writing plugin-ncurses.html for sect1(plugin-ncurses) Writing plugin-python.html for sect1(plugin-python) Writing plugin-rc.html for sect1(plugin-rc) Writing plugin-sim.html for sect1(plugin-sim) Writing plugin-sms.html for sect1(plugin-sms) Writing plugin-xosd.html for sect1(plugin-xosd) Writing plugins.html for chapter(plugins) Writing develbook-files.html for sect1(develbook-files) Writing develbook-debugging.html for sect1(develbook-debugging) Writing develbook-themes.html for sect1(develbook-themes) Writing develbook-plugins.html for sect1(develbook-plugins) Writing develbook.html for chapter(develbook) Writing faq-usage.html for sect1(faq-usage) Writing faq.html for chapter(faq) Writing index.html for book mkdir book mv *.html book/ make[1]: Leaving directory `/build/buildd/ekg2-20050419+0101/docs/ekg2book' /usr/bin/make distclean make[1]: Entering directory `/build/buildd/ekg2-20050419+0101' make[1]: *** No rule to make target `distclean'. Stop. make[1]: Leaving directory `/build/buildd/ekg2-20050419+0101' [...] 0 translated messages, 497 untranslated messages. make[3]: Leaving directory `/build/buildd/ekg2-20050419+0101/po' make[3]: Entering directory `/build/buildd/ekg2-20050419+0101' make[3]: Leaving directory `/build/buildd/ekg2-20050419+0101' make[2]: Leaving directory `/build/buildd/ekg2-20050419+0101' make[1]: Leaving directory `/build/buildd/ekg2-20050419+0101' /usr/bin/make -C docs/ekg2book make[1]: Entering directory `/build/buildd/ekg2-20050419+0101/docs/ekg2book' rm -rf book rm: cannot remove `book/develbook-debugging.html': Permission denied rm: cannot remove `book/develbook-files.html': Permission denied rm: cannot remove `book/develbook-plugins.html': Permission denied rm: cannot remove `book/develbook-themes.html': Permission denied rm: cannot remove `book/develbook.html': Permission denied rm: cannot remove `book/faq-usage.html': Permission denied rm: cannot remove `book/faq.html': Permission denied rm: cannot remove `book/index.html': Permission denied rm: cannot remove `book/plugin-ioctld.html': Permission denied rm: cannot remove `book/plugin-irc.html': Permission denied rm: cannot remove `book/plugin-jabber.html': Permission denied rm: cannot remove `book/plugin-logs.html': Permission denied rm: cannot remove `book/plugin-logsqlite.html': Permission denied rm: cannot remove `book/plugin-ncurses.html': Permission denied rm: cannot remove `book/plugin-python.html': Permission denied rm: cannot remove `book/plugin-rc.html': Permission denied rm: cannot remove `book/plugin-sim.html': Permission denied rm: cannot remove `book/plugin-sms.html': Permission denied rm: cannot remove `book/plugin-xosd.html': Permission denied rm: cannot remove `book/plugins
Processed: tagging 304339
Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.8.14 > tags 304339 pending Bug#304339: ldap-utils: Adding users via smbldap-useradd (or other means) fails There were no tags set. Tags added: pending > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#305005: slapd: [slapd.postinst] FATAL ERROR: integer expression expected
| > Right now I'm in the chicken and egg situation where I cannot re/install | > new slapd cleanly, because it always dies with this error. | | It will fail in a different place then. The whole problem is that the | maintainer scripts always try to load the database contents in 2.3.23-2 | wether the database was dumped or not. | | Work around in your case: | | - back up the configuration | - purge the slapd package | - reinstall the package and omit the configuration | - copy the database files and configuration back in place | (db files from /var/backups/-2.3.23-1.ldapdb to /var/lib/ldap) I managed to make the upgrade happen, but I think this si not satisfactory. I think the package should recover from a case like: apt-get --purge remove x apt-get install x I think, at minimum there should be better error handling and a message displayed to a user what might be the reason for the failure and how to fix it. After looking at the code, the error handling is lacking now. Could that be improved? I'm not still sure what is the real problem with the upgrade, so the cause may be deeper. Jari -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: reassign 304607 to php4-imap,php4-pgsql, reassign 294501 to php4-imap,php4-pgsql ...
Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.8.14 > reassign 304607 php4-imap,php4-pgsql Bug#304607: php4-pgsql: Error reloading apache Bug reassigned from package `php4-pgsql' to `php4-imap,php4-pgsql'. > reassign 294501 php4-imap,php4-pgsql Bug#294501: php4-pgsql: php4-psql causes apache to segfault upon startup Bug reassigned from package `php4-imap' to `php4-imap,php4-pgsql'. > merge 304607 294501 Bug#294501: php4-pgsql: php4-psql causes apache to segfault upon startup Bug#304607: php4-pgsql: Error reloading apache Merged 294501 304607. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: #254122 patch
Processing commands for [EMAIL PROTECTED]: > tags 254122 + patch Bug#254122: eroaster: Assumes CD burner is ATAPI There were no tags set. Tags added: patch > -- Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processed: tagging 305469
Processing commands for [EMAIL PROTECTED]: > # Automatically generated email from bts, devscripts version 2.8.14 > tags 305469 sid Bug#305469: cupsys: /usr/lib/cups/backend/http missing There were no tags set. Tags added: sid > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
