Bug#399188: CVE-2006-5925: ELinks "smb" Protocol File Upload/Download Vulnerability

2006-11-18 Thread Kalle Olavi Niemitalo 
package elinks
forwarded 399188 http://bugzilla.elinks.cz/show_bug.cgi?id=841
quit

Stefan Fritsch <[EMAIL PROTECTED]> writes:

> A vulnerability has been found in elinks:
> Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed
> allows remote attackers to execute arbitrary code via shell
> metacharacters in an smb:// URI, as demonstrated by using PUT and GET
> statements.

I have fixed this upstream by forcing --disable-smb in configure.in.
So far, the change is only in Git and not in any released version.


pgpcr5UaUG0CL.pgp
Description: PGP signature

Processed: Re: Bug#399188: CVE-2006-5925: ELinks "smb" Protocol File Upload/Download Vulnerability

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> package elinks
Ignoring bugs not assigned to: elinks

> forwarded 399188 http://bugzilla.elinks.cz/show_bug.cgi?id=841
Bug#399188: CVE-2006-5925: ELinks "smb" Protocol File Upload/Download 
Vulnerability
Noted your statement that Bug has been forwarded to 
http://bugzilla.elinks.cz/show_bug.cgi?id=841.

> quit
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399287: ipw3945 must go to contrib

2006-11-18 Thread Daniel Baumann 
severity 399287 normal
tags 399287 +wontfix
thanks

Adrian Bunk wrote:
> ipw3945-source clearly fails the first point since it's useless without
> the non-free ipw3945d package.

In some future version, the driver will not require the daemon anymore.

This was discussed before when looking for linux-modules-extra-2.6
integration, where waldi and I come together that it's ok as it is.

-- 
Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email:  [EMAIL PROTECTED]
Internet:   http://people.panthera-systems.net/~daniel-baumann/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#399287: ipw3945 must go to contrib

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> severity 399287 normal
Bug#399287: ipw3945 must go to contrib
Severity set to `normal' from `serious'

> tags 399287 +wontfix
Bug#399287: ipw3945 must go to contrib
There were no tags set.
Tags added: wontfix

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#398530: uim: Need to depend on libgtk2.0-bin

2006-11-18 Thread Osamu Aoki 
Package: uim
Followup-For: Bug #398530

Since /usr/sbin/update-gtk-immodules is provided by libgtk2.0-bin, 
uim-gtk2.0 needs to depend on libgtk2.0-bin.

Since test was executed removing many package together and the removal
order was

...
  Removing libgtk2.0-bin ...
  dpkg - warning: while removing libgtk2.0-bin, directory `/etc/gtk-2.0' not 
empty so not removed.
  Removing libcanna1g ...
  Removing uim-utils ...
  Removing libgtk2.0-0 ...
...

Bug was hit.

I guess Pre-Depends on libgtk2.0-0 may fix this issue.

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-686
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)

-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +
Osamu Aoki <[EMAIL PROTECTED]>  Yokohama Japan, GPG-key: A8061F32
 .''`.  Debian Reference: post-installation user's guide for non-developers
 : :' : http://qref.sf.net and http://people.debian.org/~osamu
 `. `'  "Our Priorities are Our Users and Free Software" --- Social Contract



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#398125: marked as done (gaim-librvp will not run or build with gaim 2.0.0beta5)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 21:47:11 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#398125: fixed in gaim-librvp 0.9.5-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: gaim-librvp
Version: 0.9.5-1
Severity: grave
Tags: patch

With the upload of gaim 2.0.0beta5, gaim-librvp will not build or run
due to a gaim ABI change. Attached is a patch which will fix the
problem.
diff -ur librvp-0.9.5.orig/rvp.c librvp-0.9.5/rvp.c
--- librvp-0.9.5.orig/rvp.c	2006-11-11 16:18:29.0 -0500
+++ librvp-0.9.5/rvp.c	2006-11-11 16:25:24.0 -0500
@@ -2465,7 +2465,7 @@
   }
 }
   } else { /* type = RECV */
-gaim_proxy_connect( xfer->account, ipaddr, atoi( port ),
+gaim_proxy_connect( NULL, xfer->account, ipaddr, atoi( port ),
 rvp_xfer_connect_callback, xfer );
   }
 }
@@ -5609,7 +5609,7 @@
   gaim_debug_misc( __FUNCTION__, "Reconnection required (%s)\n",
gfd->website.address );
 
-  if (( sock = gaim_proxy_connect( ac, gfd->website.address,
+  if (( sock = gaim_proxy_connect( NULL, ac, gfd->website.address,
gfd->website.port, url_fetched_cb,
gfd )) < 0 ) {
 rvp_async_data( gc, gfd, 0 );
@@ -5825,7 +5825,7 @@
   gfd->parsedheaders = NULL;
 }
 
-if (( sock = gaim_proxy_connect( ac, gfd->website.address,
+if (( sock = gaim_proxy_connect( NULL, ac, gfd->website.address,
  gfd->website.port, url_fetched_cb,
  gfd )) < 0 ) {
   rvp_async_data( gc, gfd, 0 );
@@ -6476,7 +6476,7 @@
   }
 
   if (( sock =
-gaim_proxy_connect( ac, gfud->website.address,
+gaim_proxy_connect( NULL, ac, gfud->website.address,
 gfud->website.port, url_fetched_cb, gfud )) < 0 ) {
 rvp_async_data( gc, gfud, 0 );
 destroy_fetch_url_data( gfud );
@@ -6725,7 +6725,7 @@
   rd->domain = g_strdup( domain );
   rd->authid = g_strdup( id );
 
-  if ( gaim_proxy_connect( account, rd->authhost, rd->port,
+  if ( gaim_proxy_connect( NULL, account, rd->authhost, rd->port,
rvp_login_connect, gc ) < 0 ) {
 gaim_connection_error(gc, _("Failed to connect to server."));
   }
--- End Message ---
--- Begin Message ---
Source: gaim-librvp
Source-Version: 0.9.5-2

We believe that the bug you reported is fixed in the latest version of
gaim-librvp, which is due to be installed in the Debian FTP archive:

gaim-librvp_0.9.5-2.diff.gz
  to pool/main/g/gaim-librvp/gaim-librvp_0.9.5-2.diff.gz
gaim-librvp_0.9.5-2.dsc
  to pool/main/g/gaim-librvp/gaim-librvp_0.9.5-2.dsc
gaim-librvp_0.9.5-2_amd64.deb
  to pool/main/g/gaim-librvp/gaim-librvp_0.9.5-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Devin Carraway <[EMAIL PROTECTED]> (supplier of updated gaim-librvp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 11 Nov 2006 14:18:30 -0800
Source: gaim-librvp
Binary: gaim-librvp
Architecture: source amd64
Version: 0.9.5-2
Distribution: unstable
Urgency: low
Maintainer: Devin Carraway <[EMAIL PROTECTED]>
Changed-By: Devin Carraway <[EMAIL PROTECTED]>
Description: 
 gaim-librvp - MS Exchange RVP instant messaging plugin for GAIM
Closes: 398125
Changes: 
 gaim-librvp (0.9.5-2) unstable; urgency=low
 .
   * Apply patch from Ari Pollak <[EMAIL PROTECTED]> to fix FTBFS caused by gaim
 2.0b5 API change (Closes: #398125)
   * Forcibly disable rpath, which showed up in 0.9.5
Files: 
 0cb5c44e50ec6b656f491e977c686bb5 632 net extra gaim-librvp_0.9.5-2.dsc
 8da914972d992a25d2e141ff93a2356b 3299 net extra gaim-librvp_0.9.5-2.diff.gz
 fc7d625fc9c16cc33cd4deff2f64722e 178182 net extra gaim-librvp_0.9.5-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFW+1XU5XKDemr/NIRAkrcAJ96o9igcwT33x4g4EW2wzNFFX1DUgCcDN3s
LZF

Processed: leptonlib: libpng3 will not be available

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> retitle 397860 leptonlib: libpng3 will not be available
Bug#397860: leptonlib: FTBFS: libpng3-dev and libpng3 are not available any more
Changed Bug title.

> severity 397860 wishlist
Bug#397860: leptonlib: libpng3 will not be available
Severity set to `wishlist' from `serious'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399174: libphp-adodb cannot be installed on unstable

2006-11-18 Thread Steve Langasek 
On Sun, Nov 19, 2006 at 04:13:51AM +, Cameron Dale wrote:

> I'm currently in the process of adopting this package, so I'm still a
> little unfamiliar with it. Please bear with me.

> On 11/18/06, Steve Langasek <[EMAIL PROTECTED]> wrote:
> >On Sat, Nov 18, 2006 at 10:14:49AM +, Richard Burton wrote:
> >> The following packages have unmet dependencies.
> >>  libphp-adodb: Depends: phpapi-20050606 but it is not installable or
> >> phpapi-20051025 but it is not installable

> >Hrm, this package shouldn't be depending on phpapi in the first place, it's
> >an architecture: all package and the phpapi declarations refer to the 
> >binary
> >extension ABI...

> The dependency on phpapi was inserted in response to bug #335380,
> which suggested using phpapi as it is provided by all php clients.

That bug submitter was misguided.  the phpapi virtual package is not
intended for use by apps written in php; please use the packages 'php4'
and/or 'php5' for this,

> I take it you are saying this is not the correct way to create this
> dependency, but I can't see why not.

Because the API changes every time a new upstream version of PHP comes out
that changes any of the extension interfaces, and these interfaces are
completely irrelevant to libphp-adodb which means you'll have to re-upload
libphp-adodb every time PHP changes!

Cheers,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399174: libphp-adodb cannot be installed on unstable

2006-11-18 Thread Cameron Dale 

Hi Steve,

I'm currently in the process of adopting this package, so I'm still a
little unfamiliar with it. Please bear with me.

On 11/18/06, Steve Langasek <[EMAIL PROTECTED]> wrote:

On Sat, Nov 18, 2006 at 10:14:49AM +, Richard Burton wrote:
> The following packages have unmet dependencies.
>  libphp-adodb: Depends: phpapi-20050606 but it is not installable or
> phpapi-20051025 but it is not installable

Hrm, this package shouldn't be depending on phpapi in the first place, it's
an architecture: all package and the phpapi declarations refer to the binary
extension ABI...


The dependency on phpapi was inserted in response to bug #335380,
which suggested using phpapi as it is provided by all php clients. I
take it you are saying this is not the correct way to create this
dependency, but I can't see why not. Could you explain this to me, or
is there some documentation you could point me to that could explain
this?

Also, what method would you suggest using for this dependency,
something like "php5-cgi | php5-cli | libapache2-mod-php5 |
libapache-mod-php5 | php4-cgi | php4-cli | libapache2-mod-php4 |
libapache-mod-php4", or is there a better way?

Thanks,
Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Dependencies problems

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> severity 334498 serious
Bug#334498: Dependencies problems
Severity set to `serious' from `minor'

> retitle 334498 missing dependency on libx11-6
Bug#334498: Dependencies problems
Changed Bug title.

> close 334498 6.8.2.dfsg.1-1
Bug#334498: missing dependency on libx11-6
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 6.8.2.dfsg.1-1, send any further explanations to 
Nicolas Baradakis <[EMAIL PROTECTED]>

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399296: marked as done (libpng: Conflict with the new libpng package)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 19:32:11 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#399296: fixed in libpng 1.2.13-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libpng
Version: 1.2.13-0
Severity: serious
Owner: "Nelson A. de Oliveira" <[EMAIL PROTECTED]>

On Sat, Nov 18, 2006 at 10:39:33PM -0200, Nelson A. de Oliveira wrote:
>Hi Anibal!
>
>Today I saw that you have packed a new version of libpng. Thank you for 
>that!
>Downloading the source from incoming, building it and installing using
>"dpkg -i ", I saw a conflict:
>
>"/usr/share/doc/libpng12-0/examples/pngtest.png" is on the package
>libpng12-dev (version 1.2.8rel-7) while now it's on libpng12-0
>(version 1.2.13-0). I know that it's on the correct package now, but
>it failed to install, since they are conflicting.
>
>I don't know if this conflict will happen if using apt-get or
>aptitude, but I am sending this email to say to you what happened.
>
>Thank you for your attention!
>
>Best regards,
>Nelson

Aníbal Monsalve Salazar
-- 
http://v7w.com/anibal


signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: libpng
Source-Version: 1.2.13-1

We believe that the bug you reported is fixed in the latest version of
libpng, which is due to be installed in the Debian FTP archive:

libpng12-0-udeb_1.2.13-1_i386.udeb
  to pool/main/libp/libpng/libpng12-0-udeb_1.2.13-1_i386.udeb
libpng12-0_1.2.13-1_i386.deb
  to pool/main/libp/libpng/libpng12-0_1.2.13-1_i386.deb
libpng12-dev_1.2.13-1_i386.deb
  to pool/main/libp/libpng/libpng12-dev_1.2.13-1_i386.deb
libpng_1.2.13-1.diff.gz
  to pool/main/libp/libpng/libpng_1.2.13-1.diff.gz
libpng_1.2.13-1.dsc
  to pool/main/libp/libpng/libpng_1.2.13-1.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[EMAIL PROTECTED]> (supplier of updated libpng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sun, 19 Nov 2006 13:55:17 +1100
Source: libpng
Binary: libpng12-dev libpng12-0 libpng12-0-udeb
Architecture: source i386
Version: 1.2.13-1
Distribution: unstable
Urgency: low
Maintainer: Anibal Monsalve Salazar <[EMAIL PROTECTED]>
Changed-By: Anibal Monsalve Salazar <[EMAIL PROTECTED]>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
Closes: 353061 399296
Changes: 
 libpng (1.2.13-1) unstable; urgency=low
 .
   * Fixed conflict with the new libpng package. Closes: #399296.
   * Fixed png.5 man page formatting. Closes: #353061.
 Patch by Kevin Ryde <[EMAIL PROTECTED]>.
Files: 
 fbd4e5ee0552e8dc91e55843ec6c8239 694 libs optional libpng_1.2.13-1.dsc
 c1300c38199dad4033ca54766cbfff1f 14103 libs optional libpng_1.2.13-1.diff.gz
 f92a1cdbe403503932add548f2cc07e7 185468 libs optional 
libpng12-0_1.2.13-1_i386.deb
 08c93d790bafb9243e8dcf821f02b38b 171860 libdevel optional 
libpng12-dev_1.2.13-1_i386.deb
 3c2953099a1b05d92cc0b0f9e2f490bb 67256 debian-installer extra 
libpng12-0-udeb_1.2.13-1_i386.udeb
Package-Type: udeb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFX87ZipBneRiAKDwRAo1nAKCWGq7cWUC0GJdATIyypv46pvZ+igCguPU7
4Ky11WtHKVMKIKFTTJ2Bmro=
=lm3k
-END PGP SIGNATURE-

--- End Message ---

Bug#396749: marked as done (FTBFS: no suitably configured kernel include tree found)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 19:32:14 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#396749: fixed in oprofile 0.9.2-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: oprofile
Version: 0.9.2-2
Severity: serious
Justification: no longer builds from source

oprofile does not build e.g. on Alpha:
[...]
checking for kernel OProfile support... no
configure: error: no suitably configured kernel include tree found
make: *** [config-stamp] Error 1

Full log at
http://buildd.debian.org/fetch.cgi?pkg=oprofile&arch=alpha&ver=0.9.2-2&stamp=1162077107

Falk


-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: alpha
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17.5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

--- End Message ---
--- Begin Message ---
Source: oprofile
Source-Version: 0.9.2-3

We believe that the bug you reported is fixed in the latest version of
oprofile, which is due to be installed in the Debian FTP archive:

oprofile-common_0.9.2-3_i386.deb
  to pool/main/o/oprofile/oprofile-common_0.9.2-3_i386.deb
oprofile-gui_0.9.2-3_i386.deb
  to pool/main/o/oprofile/oprofile-gui_0.9.2-3_i386.deb
oprofile_0.9.2-3.diff.gz
  to pool/main/o/oprofile/oprofile_0.9.2-3.diff.gz
oprofile_0.9.2-3.dsc
  to pool/main/o/oprofile/oprofile_0.9.2-3.dsc
oprofile_0.9.2-3_i386.deb
  to pool/main/o/oprofile/oprofile_0.9.2-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Al Stone <[EMAIL PROTECTED]> (supplier of updated oprofile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 20:06:11 -0700
Source: oprofile
Binary: oprofile-common oprofile oprofile-gui
Architecture: source i386
Version: 0.9.2-3
Distribution: unstable
Urgency: low
Maintainer: Al Stone <[EMAIL PROTECTED]>
Changed-By: Al Stone <[EMAIL PROTECTED]>
Description: 
 oprofile   - system-wide profiler for Linux systems
 oprofile-common - system-wide profiler for Linux systems (command line 
components)
 oprofile-gui - system-wide profiler for Linux systems (GUI components)
Closes: 396749 398506
Changes: 
 oprofile (0.9.2-3) unstable; urgency=low
 .
   * Closes: bug#396749 -- FTBFS: no suitably configured kernel include tree
 found; ./configure needs --with-kernel-support, and not --without.
   * Closes: bug#398506 -- Shouldn't build depend on an unversioned automake;
 corrected dependency.
Files: 
 52725427aac2baed00a35e9df0b624a5 745 devel optional oprofile_0.9.2-3.dsc
 b73b061946de0d62d4bf6ba0fabf 42244 devel optional oprofile_0.9.2-3.diff.gz
 47989f172a0fbc0924420a7237c849b0 189436 devel optional 
oprofile_0.9.2-3_i386.deb
 bc173af52b99fedb2a687b0ef98a8d51 4053104 devel optional 
oprofile-common_0.9.2-3_i386.deb
 8caf65d6abb39926d82bba09d2f0b20d 93870 devel optional 
oprofile-gui_0.9.2-3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFX8ziso6+T7qY4V0RAgABAJ9IjxYdO6zmVaATN5Rc3FTbs0X1+ACfZUpb
eIsn/H5uptXDuEryE+UQkQE=
=2Lp+
-END PGP SIGNATURE-

--- End Message ---

Processed: tagging 397860

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.22
> tags 397860 sid
Bug#397860: leptonlib: FTBFS: libpng3-dev and libpng3 are not available any more
There were no tags set.
Tags added: sid

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399296: libpng: Conflict with the new libpng package

2006-11-18 Thread Aníbal Monsalve Salazar 
Package: libpng
Version: 1.2.13-0
Severity: serious
Owner: "Nelson A. de Oliveira" <[EMAIL PROTECTED]>

On Sat, Nov 18, 2006 at 10:39:33PM -0200, Nelson A. de Oliveira wrote:
>Hi Anibal!
>
>Today I saw that you have packed a new version of libpng. Thank you for 
>that!
>Downloading the source from incoming, building it and installing using
>"dpkg -i ", I saw a conflict:
>
>"/usr/share/doc/libpng12-0/examples/pngtest.png" is on the package
>libpng12-dev (version 1.2.8rel-7) while now it's on libpng12-0
>(version 1.2.13-0). I know that it's on the correct package now, but
>it failed to install, since they are conflicting.
>
>I don't know if this conflict will happen if using apt-get or
>aptitude, but I am sending this email to say to you what happened.
>
>Thank you for your attention!
>
>Best regards,
>Nelson

Aníbal Monsalve Salazar
-- 
http://v7w.com/anibal


signature.asc
Description: Digital signature

Bug#393711: libnss-mdns: /etc/nsswitch.conf configuration is broken

2006-11-18 Thread Lennart Poettering 
On Thu, 16.11.06 17:45, Loïc Minier ([EMAIL PROTECTED]) wrote:

> Hi,
>
> This is a followup for Debian bug   I propose the following on first installation, or on upgrade from prior
>  versions:
>  1) run a suite of tests to see whether the .local domain or the above
> IPv4 blocks are in active;

I guess this is more or less similar to the "host" trick I was
suggesting at uds-mtv.

>  2) have an override over the result of this suite to permit explicitely
> disabling or enabling mDNS;

This seems to be available in the new avahi-daemon with a /etc/default
fragment. I think it is a good idea to enable/disable nss-mdns and
avahi-daemon always at the same time.

If nss-mdns is compiled with --disable-legacy then
/etc/default/avahi-daemon will also deactivate nss-mdns implicitly.

as a side note: --disable-legacy disables the mini mDNS stack in
nss-mdns and makes it rely exclusively on avahi-daemon for
resolving. Because network access is then filtered through the
chrooted/priv-dropped avahi-daemon process I nowadays recommend for
all distributors for security reasons. The next upstream version of
nss-mdns will probably change the default configure argument to
--disable-legacy.

Please note however, that nss-mdns will not work without avahi-daemon
if compiled like this. Hence nss-mdns should replace "Recommends:
avahi-daemon" with "Depends: avahi-daemon" if compiled this way.

It might be advisable to build two versions of the libnss-mdns
package, one with --disable-legacy (called libnss-mdns), the other one
without "--disable-legacy" (called libnss-mdns-legacy). Please note
that "legacy" in this context refers to the mDNS mechanism called
"legacy lookups", not to the fact that one package would be
"obsoleted" in a way by the other.

>  3) enforce the configuration by either sweeping all mdns entries from
> nsswitch.conf or by adding the relevant ones.

I believe that we should not fiddle with nsswitch.conf aside from
package installations/deinstallations. 

Remember that mdns is designed for mobile workstations like laptops
which might change from networks where .local is defined in unicast
DNS to others where it is not very often and during runtime.

>  Part 1) would typically be implemented in maintainer scripts or a
>  separate shell script and could use:
>  - /etc/hosts, "hostname --fqdn", reverse lookups of some particular
>hosts (such as default gateway), or "route" or "iptables -L" output,
>"dig -t NS local" on the resolv.conf nameservers: check whether the
>domain .local is in use on this network

The trick I recommended at uds-mtv uses the SOA record of unicast DNS
zones. See the wiki page for an example for this.

>  - "route" output, arp cache, conntracking table, "iptables -L" output:
>check whether subnet 169.254.0.0/16 is in use.

I don't see any point in doing this. In contrast to .local the network
169.254/16 is defined by the IETF for exclusive use in link-local
adressing and has been so for quite a while (even since before the IPv4ll
RFC was written). It's very unlikely that anyone uses 169.254/16 for
anything but IPv4ll adressing. 

>  I'm less sure about checking for fe80::/16; first I think IPv6 is less
>  common, so the intersection with sites using .local becomes smaller;
>  second, I fear that the route output always show fe80:: as it is used
>  for link-local addresses (anyone please correct me).

Same as IPv4ll here: this range has been defined by the IETF for
exclusive link-local use. If anyone uses this for any other purpose
he must be very misled or likes to shoot himself in the f

Processed: leptonlib: FTBFS: libpng3-dev and libpng3 are not available any more

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> retitle 397860 leptonlib: FTBFS: libpng3-dev and libpng3 are not available 
> any more
Bug#397860: leptonlib: please {build-,}depend on libpng12-{dev,0}
Changed Bug title.

> severity 397860 serious
Bug#397860: leptonlib: FTBFS: libpng3-dev and libpng3 are not available any more
Severity set to `serious' from `wishlist'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399224: marked as done (xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 17:02:08 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#399224: fixed in xfonts-scalable 1:1.0.0-6
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: xfonts-scalable
Version: 1:1.0.0-5
Severity: serious
Rationale: policy violation paragraph 11.8.5 (13), renders gsfonts-x11 unusable
Tags: patch

1:1.0.0-4 contained fonts.dir as a file in the package.  This file is
removed in 1:1.0.0-5, which results in removal of fonts.dir.  But
after all this the postinst (and also postrm) should run
update-fonts-scale, update-fonts-alias and update-fonts-dir, but it
only runs update-fonts-scale and update-fonts-alias.

This is defined in policy 11.8.5:

 11.  Font packages that provide one or more `fonts.scale' files as
  described above must invoke `update-fonts-scale' on each
  directory into which they installed fonts _before_ invoking
  `update-fonts-dir' on that directory.  This invocation must occur
  in both the `postinst' (for all arguments) and `postrm' (for all
  arguments except `upgrade') scripts.

 12.  Font packages that provide one or more `fonts.alias' files as
  described above must invoke `update-fonts-alias' on each
  directory into which they installed fonts.  This invocation must
  occur in both the `postinst' (for all arguments) and `postrm'
  (for all arguments except `upgrade') scripts.

 13.  Font packages must invoke `update-fonts-dir' on each directory
  into which they installed fonts.  This invocation must occur in
  both the `postinst' (for all arguments) and `postrm' (for all
  arguments except `upgrade') scripts.

(see especially paragraph 13.).

If fonts.dir is missing, this results in the X server ignoring this
directory:

(WW) `fonts.dir' not found (or not valid) in "/usr/share/fonts/X11/Type1".
Entry deleted from font path.
(Run 'mkfontdir' on "/usr/share/fonts/X11/Type1").

As a workaround 
 update-fonts-dir Type1
And manually adding /usr/share/fonts/X11/Type1 to the font path (or
restarting the X server) should help.

I tagged this bug severity "serious" because the behavior of this
package violates the above mentioned policy and implies that other
packages with Type1 fonts (like gsfonts-x11) are unusable, which as a
result leads to programs like xfig being unusable because they need
the unusable fonts.

I attached a small patch, which solves this problem.  Please let me
know, if you want me to NMU the modified package.

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-amd64
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)

Versions of packages xfonts-scalable depends on:
ii  xfonts-utils  1:1.0.1-1  X Window System font utility progr

xfonts-scalable recommends no packages.

-- no debconf information

Tscho

Roland

-- 
 * [EMAIL PROTECTED] * http://www.spinnaker.de/ *
diff -u xfonts-scalable-1.0.0/debian/changelog 
xfonts-scalable-1.0.0/debian/changelog
--- xfonts-scalable-1.0.0/debian/changelog
+++ xfonts-scalable-1.0.0/debian/changelog
@@ -1,3 +1,11 @@
+xfonts-scalable (1:1.0.0-5.1) unstable; urgency=high
+
+  * Non maintainer upload.
+  * Run update-fonts-dir in postinst and postrm, otherwise the fonts are
+not usable.
+
+ -- Roland Rosenfeld <[EMAIL PROTECTED]>  Sat, 18 Nov 2006 18:00:28 +0100
+
 xfonts-scalable (1:1.0.0-5) unstable; urgency=medium
 
   [ Eugene Konev ]
diff -u xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in 
xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in
--- xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in
+++ xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in
@@ -19,7 +19,7 @@
 remove_conffile_commit /etc/X11/fonts/X11R7/Type1/xfonts-scalable.scale
 
 FONTDIRS="Type1"
-UPDATECMDS="update-fonts-scale update-fonts-alias"
+UPDATECMDS="update-fonts-scale update-fonts-alias update-fonts-dir"
 
 if which defoma-app >/dev/null 2>&1 && \
[ -e /usr/share/defoma/scripts/fontconfig.defoma ]; then
diff -u xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in 
xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in
--- xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in
+++ xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in
@@ -22,7 +22,7 @@
 
 if [ "$1" = "purge" ] ||

Bug#395080: Network Management SPAM Rejected

2006-11-18 Thread SPAM filter @ NETMAN.COM 
Network Management SPAM Rejected

***ALERT**ALERT**ALERT**ALERT**ALERT***
If you have received this message, your email has been marked 
SPAM by NETMAN.COM.
The message has not been forwarded on to the intended user.  
We do NOT ALLOW unsolicited emailing on this domain.  

Please remove this email address from your lists.

If your email was NOT unsolicited, please contact the Email 
user for futher options.  You can also check the HEADER of 
the message to see if your mail server is listed on our  
Relay Black Lists.  We use SPAMCOP, RELAYS.VISI.COM and  
ORDB.ORG.  You should see an X-HEADER (see below) with the 
relay list that listed your server.  Contact the relay list 
provider for further removal instructions.

Network Management, Inc.



Original Message:
Received: from SMTP32-FWD by sbnets.com
  (SMTP32) id AB05CA8CE0080182A; Sat, 18 Nov 2006 19:18:13 -0600
Received: from master.debian.org [70.103.162.29] by mail.netman.com with ESMTP
  (SMTPD32-8.15) id A05CA8CE0080; Sat, 18 Nov 2006 19:16:12 -0600
Received: from qa by master.debian.org with local (Exim 4.50)
id 1GlbI2-qe-9z
for [EMAIL PROTECTED]; Sun, 19 Nov 2006 01:16:10 +
Received: from spohr.debian.org ([140.211.166.43]) by master.debian.org
 with esmtp (Exim 4.50) id 1Glalp-0006CP-Rn for
 [EMAIL PROTECTED]; Sun, 19 Nov 2006 00:42:54 +
Received: from debbugs by spohr.debian.org with local (Exim 4.50) id
 1GlacL-0003h6-6l; Sat, 18 Nov 2006 16:33:05 -0800
X-Loop: [EMAIL PROTECTED]
Subject: Bug#395080: CVE-2006-5445: Denial of service in chan_sip
Reply-To: Ben Hutchings <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Resent-From: Ben Hutchings <[EMAIL PROTECTED]>
Resent-To: debian-bugs-dist@lists.debian.org
Resent-CC: Debian VoIP Team <[EMAIL PROTECTED]>
Resent-Date: Sun, 19 Nov 2006 00:33:04 +
Resent-Message-Id: <[EMAIL PROTECTED]>
X-Debian-PR-Message: report 395080
X-Debian-PR-Package: asterisk
X-Debian-PR-Keywords: security
X-Debian-PR-Source: asterisk
Received: via spool by [EMAIL PROTECTED]
 id=B395080.116389617328043 (code B ref 395080); Sun, 19 Nov 2006 00:33:04
 +
Received: (at 395080) by bugs.debian.org; 19 Nov 2006 00:29:33 +
Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]) by
 spohr.debian.org with esmtp (Exim 4.50) id 1GlaYv-0007HP-4C for
 [EMAIL PROTECTED]; Sat, 18 Nov 2006 16:29:33 -0800
Received: from [192.168.4.138] (helo=deadeye.i.decadentplace.org.uk) by
 shadbolt.decadent.org.uk with esmtp (Exim 4.50) id 1GlaYl-0008N4-Kp for
 [EMAIL PROTECTED]; Sun, 19 Nov 2006 00:29:29 +
Received: from womble by deadeye.i.decadentplace.org.uk with local (Exim
 4.63) (envelope-from <[EMAIL PROTECTED]>) id 1GlaYx-0008Sz-D0 for
 [EMAIL PROTECTED]; Sun, 19 Nov 2006 00:29:35 +
From: Ben Hutchings <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="=-P2fnCnnG9WVR+A50K/+E"
Date: Sun, 19 Nov 2006 00:29:35 +
Message-Id: <[EMAIL PROTECTED]>
MIME-Version: 1.0
X-Mailer: Evolution 2.6.3
X-Sa-Exim-Connect-Ip: 192.168.4.138
X-Sa-Exim-Mail-From: [EMAIL PROTECTED]
X-Sa-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-Sa-Exim-Scanned: Yes (on shadbolt.decadent.org.uk)
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
 (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
 version=2.60-bugs.debian.org_2005_01_02
Resent-Sender: Debian BTS <[EMAIL PROTECTED]>
Resent-Date: Sat, 18 Nov 2006 16:33:05 -0800
Delivered-To: [EMAIL PROTECTED]
Precedence: list
X-Loop: [EMAIL PROTECTED]
X-PTS-Package: asterisk
X-PTS-Keyword: bts
X-Unsubscribe: echo 'unsubscribe asterisk' | mail [EMAIL PROTECTED]
X-IMAIL-SPAM-DNSBL: (SpamCop,b05ca8ce0080182a,127.0.0.2)


--=-P2fnCnnG9WVR+A50K/+E
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

The fix for CVE-2006-5445 in the 1.2 branch appears to be:
http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=3D4=
5306&r2=3D45380

There's no corresponding fix in the 1.0 branch.

Here's my attempt at backporting it.  This is untested, since I don't
run Asterisk myself.

The initialisation of the SIP context (sip_pvt) is a bit different in
1.0 and I've copied what looks like the corresponding code from
sip_alloc() into transmit_response_using_temp().  I added a call to
build_contact() because __send_response() indirectly uses the
our_contact member.

In 1.0 there's no validate commands before the call find_call() and
there's no sip_method array.  Therefore I wrote string comparisons
against all the commands that are allowed to create a new SIP context
based on the flags in the 1.2 code, minus "PUBLISH" because that isn't
supported at all (I'm not sure this is correct; we may end up sending
the wrong error message).

Ben.

--- asterisk-1.0.7.dfsg.1/channels/chan_sip.c.orig  2006-11-18 
20:25:43.=
0 +
+++ asterisk-1.0.7.dfsg.1/channels/chan

Bug#399287: ipw3945 must go to contrib

2006-11-18 Thread Adrian Bunk 
Package: ipw3945-source
Version: 1.1.2-2
Severity: serious


Quoting your policy:


<--  snip  -->

2.2.1. The main category


 Every package in _main_ must comply with the DFSG (Debian Free
 Software Guidelines).

 In addition, the packages in _main_
* must not require a package outside of _main_ for compilation or
  execution (thus, the package must not declare a "Depends",
  "Recommends", or "Build-Depends" relationship on a non-_main_
  package),
* must not be so buggy that we refuse to support them, and
* must meet all policy requirements presented in this manual.

<--  snip  -->


ipw3945-source clearly fails the first point since it's useless without
the non-free ipw3945d package.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399238: marked as done (otrs2: Apache::Constants not found during startup of Apache2)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 16:17:16 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#399238: fixed in otrs2 2.0.4p01-17
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: otrs2
Version: 2.0.4p01-16
Severity: grave
Justification: renders package unusable


To finish configuration of the package I commented out the apache2 restart
line in postconf.

Now, Apache2 does not start. When I try to start it I get following
messages in errorlog:

[Sat Nov 18 15:03:27 2006] [error] Can't locate loadable object for module Apach
e::Constants in @INC (@INC contains: /usr/share/otrs/Kernel/cpan-lib /usr/share/
otrs/ /etc/perl /usr/local/lib/perl/5.8.4 /usr/local/share/perl/5.8.4 /usr/lib/p
erl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_
perl . /etc/apache2) at /usr/lib/perl5/mod_perl.pm line 14\nCompilation failed i
n require at /usr/lib/perl5/Apache.pm line 6.\nBEGIN failed--compilation aborted
 at /usr/lib/perl5/Apache.pm line 6.\nCompilation failed in require at /usr/shar
 e/perl/5.8/CGI.pm line 190.\nCompilation failed in require at 
/usr/share/otrs/sc
 ripts/apache2-perl-startup.pl line 18.\nBEGIN failed--compilation aborted at 
/us
 r/share/otrs/scripts/apache2-perl-startup.pl line 18.\nCompilation failed in 
req
 uire at (eval 2) line 1.\n
 [Sat Nov 18 15:03:27 2006] [error] Can't load Perl file: 
/usr/share/otrs/scripts
 /apache2-perl-startup.pl for server [name of my server]:0, exiting...
 

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-1-686
Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2)

Versions of packages otrs2 depends on:
ii  adduser   3.63   Add and remove users and groups
ii  apache2   2.0.54-5sarge1 next generation, scalable, extenda
ii  apache2-mpm-prefork [apac 2.0.54-5sarge1 traditional model for Apache2
ii  dbconfig-common   1.8.27 common framework for packaging dat
ii  debconf   1.4.30.13  Debian configuration management sy
ii  libapache2-mod-perl2  1.999.21-1 Integration of perl with the Apach
ii  libauthen-sasl-perl   2.10-1 Authen::SASL - SASL Authentication
ii  libdate-pcalc-perl1.2-2  Perl module for Gregorian calendar
ii  libdbi-perl   1.46-6 Perl5 database interface by Tim Bu
ii  libemail-valid-perl   0.15-1 Check validity of Internet email a
ii  libio-stringy-perl2.110-1Perl5 modules for IO from scalars 
ii  libmailtools-perl 1.62-1 Manipulate email in perl programs
ii  libmime-perl  5.417-1Perl5 modules for MIME-compliant m
ii  perl  5.8.4-8sarge5  Larry Wall's Practical Extraction 
ii  ucf   1.17   Update Configuration File: preserv

-- debconf information excluded

--- End Message ---
--- Begin Message ---
Source: otrs2
Source-Version: 2.0.4p01-17

We believe that the bug you reported is fixed in the latest version of
otrs2, which is due to be installed in the Debian FTP archive:

otrs2_2.0.4p01-17.diff.gz
  to pool/main/o/otrs2/otrs2_2.0.4p01-17.diff.gz
otrs2_2.0.4p01-17.dsc
  to pool/main/o/otrs2/otrs2_2.0.4p01-17.dsc
otrs2_2.0.4p01-17_all.deb
  to pool/main/o/otrs2/otrs2_2.0.4p01-17_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Torsten Werner <[EMAIL PROTECTED]> (supplier of updated otrs2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sun, 19 Nov 2006 00:53:53 +0100
Source: otrs2
Binary: otrs2
Architecture: source all
Version: 2.0.4p01-17
Distribution: unstable
Urgency: medium
Maintainer: Torsten Werner <[EMAIL PROTECTED]>
Changed-By: Torsten Werner <[EMAIL PROTECTED]>
Description: 
 otrs2  - Open Ticket Request System
Closes: 399238
Changes: 
 otrs2 (2.0.4p01-17) unstable; urgency=medium
 .
   * Make the dependency on libapache2-mod-perl2 versioned now. (Hopefully
 closes: #399238)
   * Set urgency to medium bec

Bug#395080: CVE-2006-5445: Denial of service in chan_sip

2006-11-18 Thread Ben Hutchings 
The fix for CVE-2006-5445 in the 1.2 branch appears to be:
http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=45306&r2=45380

There's no corresponding fix in the 1.0 branch.

Here's my attempt at backporting it.  This is untested, since I don't
run Asterisk myself.

The initialisation of the SIP context (sip_pvt) is a bit different in
1.0 and I've copied what looks like the corresponding code from
sip_alloc() into transmit_response_using_temp().  I added a call to
build_contact() because __send_response() indirectly uses the
our_contact member.

In 1.0 there's no validate commands before the call find_call() and
there's no sip_method array.  Therefore I wrote string comparisons
against all the commands that are allowed to create a new SIP context
based on the flags in the 1.2 code, minus "PUBLISH" because that isn't
supported at all (I'm not sure this is correct; we may end up sending
the wrong error message).

Ben.

--- asterisk-1.0.7.dfsg.1/channels/chan_sip.c.orig  2006-11-18 
20:25:43.0 +
+++ asterisk-1.0.7.dfsg.1/channels/chan_sip.c   2006-11-18 23:22:41.0 
+
@@ -557,6 +557,7 @@
 static struct ast_ha *localaddr;
 
 static struct ast_frame  *sip_read(struct ast_channel *ast);
+static int transmit_response_using_temp(char *callid, struct sockaddr_in *sin, 
int useglobal_nat, struct sip_request *req, char *msg);
 static int transmit_response(struct sip_pvt *p, char *msg, struct sip_request 
*req);
 static int transmit_response_with_sdp(struct sip_pvt *p, char *msg, struct 
sip_request *req, int retrans);
 static int transmit_response_with_auth(struct sip_pvt *p, char *msg, struct 
sip_request *req, char *rand, int reliable, char *header);
@@ -2364,7 +2365,7 @@
char *callid;
char tmp[256] = "";
char iabuf[INET_ADDRSTRLEN];
-   char *cmd;
+   const char *cmd = req->rlPart1;
char *tag = "", *c;
 
callid = get_header(req, "Call-ID");
@@ -2378,11 +2379,6 @@
   SIP implementations, and thus Asterisk does not enable this 
behavior
   by default. Short version: You'll need this option to 
support conferencing
   on the pingtel */
-   strncpy(tmp, req->header[0], sizeof(tmp) - 1);
-   cmd = tmp;
-   c = strchr(tmp, ' ');
-   if (c)
-   *c = '\0';
if (!strcasecmp(cmd, "SIP/2.0"))
strncpy(tmp, get_header(req, "To"), sizeof(tmp) - 1);
else
@@ -2414,9 +2410,19 @@
p = p->next;
}
ast_mutex_unlock(&iflock);
-   p = sip_alloc(callid, sin, 1);
-   if (p)
-   ast_mutex_lock(&p->lock);
+
+   if (strcasecmp(cmd, "REGISTER")
+   && strcasecmp(cmd, "OPTIONS")
+   && strcasecmp(cmd, "INVITE")
+   && strcasecmp(cmd, "SUBSCRIBE")
+   && strcasecmp(cmd, "MESSAGE")) {
+   if (strcasecmp(cmd, "RESPONSE"))
+   transmit_response_using_temp(callid, sin, 1, req, "481 
Call leg/transaction does not exist");
+   } else {
+   p = sip_alloc(callid, sin, 1);
+   if (p)
+   ast_mutex_lock(&p->lock);
+   }
return p;
 }
 
@@ -3218,6 +3224,45 @@
return send_response(p, &resp, reliable, seqno);
 }
 
+/*--- transmit_response_using_temp: Transmit response, no retransmits, using 
temporary pvt */
+static int transmit_response_using_temp(char *callid, struct sockaddr_in *sin, 
int useglobal_nat, struct sip_request *req, char *msg)
+{
+   struct sip_pvt *p = alloca(sizeof(*p));
+   char iabuf[INET_ADDRSTRLEN];
+
+   memset(p, 0, sizeof(*p));
+
+   if (sin) {
+   memcpy(&p->sa, sin, sizeof(p->sa));
+   if (ast_sip_ouraddrfor(&p->sa.sin_addr, &p->ourip))
+   memcpy(&p->ourip, &__ourip, sizeof(p->ourip));
+   } else
+   memcpy(&p->ourip, &__ourip, sizeof(p->ourip));
+   p->branch = rand();
+   p->tag = rand();
+   p->ocseq = 101;
+
+   if (useglobal_nat && sin) {
+   /* Setup NAT structure according to global settings if we have 
an address */
+   p->nat = global_nat;
+   memcpy(&p->recv, sin, sizeof(p->recv));
+   }
+
+   strncpy(p->fromdomain, default_fromdomain, sizeof(p->fromdomain) - 1);
+   /* z9hG4bK is a magic cookie.  See RFC 3261 section 8.1.1.7 */
+   if (p->nat != SIP_NAT_NEVER)
+   snprintf(p->via, sizeof(p->via), "SIP/2.0/UDP 
%s:%d;branch=z9hG4bK%08x;rport", ast_inet_ntoa(iabuf, sizeof(iabuf), p->ourip), 
ourport, p->branch);
+   else
+   snprintf(p->via, sizeof(p->via), "SIP/2.0/UDP 
%s:%d;branch=z9hG4bK%08x", ast_inet_ntoa(iabuf, sizeof(iabuf), p->ourip), 
ourport, p->branch);
+   strncpy(p->callid, callid, sizeof(p->callid) - 1);
+
+   build_contact(p);
+
+   __transmit_response(p, msg, req, 0);
+
+   re

Bug#397892: marked as done (libpng: CVE-2006-3334: specially crafted PNG may crash your browser)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 15:32:25 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#397892: fixed in libpng 1.2.13-0
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libpng
Severity: grave
Version: 1.2.8rel-7
Tags: security

At http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334
it reads:

  Name: CVE-2006-3334 (under review)
  Status: Candidate
  Description: Buffer overflow in the png_decompress_chunk
  function in pngrutil.c in libpng before 1.2.12 allows
  context-dependent attackers to cause a denial of service
  and possibly execute arbitrary code via unspecified vectors
  related to "chunk error processing," possibly involving the
  "chunk_name".

At http://www.libpng.org/pub/png/libpng.html it reads:

  Versions up through 1.2.11 and 1.0.19 have a buffer-overrun
  vulnerability when a particular error message is triggered.
  The overrun is always by exactly two bytes ('k' and NULL)
  so it seems highly unlikely that it could be used for
  anything more nefarious than denial of service (e.g.,
  crashing your browser when you visit a site displaying a
  specially crafted PNG). Nevertheless, it's worth fixing,
  and versions libpng 1.2.12 and libpng 1.0.20, released 27
  June 2006, do just that. (Note that 1.2.11 and 1.0.19
  erroneously claimed to include the fix, but in fact it had
  been inadvertently omitted.)

  The same releases (and their immediate predecessors) also
  fix an out-of-bounds (by one) memory read and a second
  buffer overrun, this one in the code that writes the sCAL
  chunk (which is rather rare in any case).

Aníbal Monsalve Salazar
--
http://v7w.com/anibal


signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: libpng
Source-Version: 1.2.13-0

We believe that the bug you reported is fixed in the latest version of
libpng, which is due to be installed in the Debian FTP archive:

libpng12-0-udeb_1.2.13-0_i386.udeb
  to pool/main/libp/libpng/libpng12-0-udeb_1.2.13-0_i386.udeb
libpng12-0_1.2.13-0_i386.deb
  to pool/main/libp/libpng/libpng12-0_1.2.13-0_i386.deb
libpng12-dev_1.2.13-0_i386.deb
  to pool/main/libp/libpng/libpng12-dev_1.2.13-0_i386.deb
libpng_1.2.13-0.diff.gz
  to pool/main/libp/libpng/libpng_1.2.13-0.diff.gz
libpng_1.2.13-0.dsc
  to pool/main/libp/libpng/libpng_1.2.13-0.dsc
libpng_1.2.13.orig.tar.gz
  to pool/main/libp/libpng/libpng_1.2.13.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[EMAIL PROTECTED]> (supplier of updated libpng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sun, 19 Nov 2006 09:02:09 +1100
Source: libpng
Binary: libpng12-dev libpng12-0 libpng12-0-udeb
Architecture: source i386
Version: 1.2.13-0
Distribution: unstable
Urgency: high
Maintainer: Anibal Monsalve Salazar <[EMAIL PROTECTED]>
Changed-By: Anibal Monsalve Salazar <[EMAIL PROTECTED]>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
Closes: 366070 369104 397892 398706
Changes: 
 libpng (1.2.13-0) unstable; urgency=high
 .
   * New upstream release.
   * CVE-2006-5793: Fixed a new security issue regarding malformed
 sPLT chunks. Closes: #398706.
   * Transitional package libpng3 is not shipped anymore.
 Closes: #369104.
 .
 libpng (1.2.12-0) unstable; urgency=high
 .
   * New upstream release. Closes: #366070.
   * CVE-2006-3334: Fixed Buffer overflow in the png_decompress_chunk
 function in pngrutil.c in libpng before 1.2.12 allows
 context-dependent attackers to cause a denial of service and
 possibly execute arbitrary code via unspecified vectors related
 to "chunk error processing," possibly involving the "chunk_name".
 Closes: #397892.
   * Removed debian/x86_patches/pnggccrd-PIC.patch as it's merged
 upstream.
Files: 
 14aa3a60b30c4747017065deecbe4925 694 libs optional libpng_1.2.13-0.dsc
 08b577ea037305024c4245fd19c29388 823594 libs optional libpng_1.2.13.orig.tar.gz
 ff7b693726a96905c2

Processed: severity of 399238 is serious

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.22
> severity 399238 serious
Bug#399238: otrs2: Apache::Constants not found during startup of Apache2
Severity set to `serious' from `grave'

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#398706: marked as done (libpng: CVE-2006-5793: malformed sPLT chunks may blow away your browser)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 15:32:25 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#398706: fixed in libpng 1.2.13-0
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libpng
Severity: grave
Version: 1.2.8rel-7
Tags: security

There is a new security issue regarding malformed sPLT chunks.
The CVE project assigned CVE-2006-5793 for this bug.

Aníbal Monsalve Salazar
--
http://v7w.com/anibal


signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: libpng
Source-Version: 1.2.13-0

We believe that the bug you reported is fixed in the latest version of
libpng, which is due to be installed in the Debian FTP archive:

libpng12-0-udeb_1.2.13-0_i386.udeb
  to pool/main/libp/libpng/libpng12-0-udeb_1.2.13-0_i386.udeb
libpng12-0_1.2.13-0_i386.deb
  to pool/main/libp/libpng/libpng12-0_1.2.13-0_i386.deb
libpng12-dev_1.2.13-0_i386.deb
  to pool/main/libp/libpng/libpng12-dev_1.2.13-0_i386.deb
libpng_1.2.13-0.diff.gz
  to pool/main/libp/libpng/libpng_1.2.13-0.diff.gz
libpng_1.2.13-0.dsc
  to pool/main/libp/libpng/libpng_1.2.13-0.dsc
libpng_1.2.13.orig.tar.gz
  to pool/main/libp/libpng/libpng_1.2.13.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[EMAIL PROTECTED]> (supplier of updated libpng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sun, 19 Nov 2006 09:02:09 +1100
Source: libpng
Binary: libpng12-dev libpng12-0 libpng12-0-udeb
Architecture: source i386
Version: 1.2.13-0
Distribution: unstable
Urgency: high
Maintainer: Anibal Monsalve Salazar <[EMAIL PROTECTED]>
Changed-By: Anibal Monsalve Salazar <[EMAIL PROTECTED]>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
Closes: 366070 369104 397892 398706
Changes: 
 libpng (1.2.13-0) unstable; urgency=high
 .
   * New upstream release.
   * CVE-2006-5793: Fixed a new security issue regarding malformed
 sPLT chunks. Closes: #398706.
   * Transitional package libpng3 is not shipped anymore.
 Closes: #369104.
 .
 libpng (1.2.12-0) unstable; urgency=high
 .
   * New upstream release. Closes: #366070.
   * CVE-2006-3334: Fixed Buffer overflow in the png_decompress_chunk
 function in pngrutil.c in libpng before 1.2.12 allows
 context-dependent attackers to cause a denial of service and
 possibly execute arbitrary code via unspecified vectors related
 to "chunk error processing," possibly involving the "chunk_name".
 Closes: #397892.
   * Removed debian/x86_patches/pnggccrd-PIC.patch as it's merged
 upstream.
Files: 
 14aa3a60b30c4747017065deecbe4925 694 libs optional libpng_1.2.13-0.dsc
 08b577ea037305024c4245fd19c29388 823594 libs optional libpng_1.2.13.orig.tar.gz
 ff7b693726a96905c2553817593e905d 13893 libs optional libpng_1.2.13-0.diff.gz
 a785e401a8806a468b3cdeb9bb0fe694 185372 libs optional 
libpng12-0_1.2.13-0_i386.deb
 04b7f3fa653f2e94888279bd2bfda4f0 171866 libdevel optional 
libpng12-dev_1.2.13-0_i386.deb
 2b400bf890ac647e85663cfa1edf37fd 67258 debian-installer extra 
libpng12-0-udeb_1.2.13-0_i386.udeb
Package-Type: udeb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFX5QQipBneRiAKDwRAif2AJ9Vl5iTHKlz35gYI9phmVdrXMTDBACfSJ/B
6hdJwIRPILPLbZh6/TwTXac=
=uY0l
-END PGP SIGNATURE-

--- End Message ---

Bug#394534: pilot-link and kpilot

2006-11-18 Thread Ana Guerrero 
Hi Ludovic,

On Sat, Nov 18, 2006 at 01:44:11PM +0100, Ludovic Rousseau wrote:
> > It seems kpilot has already been ported to work with new pilot-link 0.12,
> > but it has two problems.
> > 
> > First, kpilot is being maintained outside the KDE SVN, so the code we're
> > shipping in kdepim is not longer maintained. It is not clear whether
> > they're going back to maintain it inside the KDE SVN. The current code is
> > available at http://cvs.codeyard.net/kpilot/
> 
> That is bad news. Any plan to package this new version instead?
>

It should be packaged independently of kdepim and I do not know if somebody 
of the Qt/KDE team is interested. Anyway, if it is packaged independently 
i do not think it will be ready before the freeze, specially since it
will be a SVN version.


> I propose to NOT use the pilot-link-0.12 provided by KPilot. And file
> bugs against pilot-link if bugs must be corrected.

Yes, i agree on this.

> 
> > I do not understand why care was not taken to avoid breaking the
> > reverse dependencies when the transition from pilot-link was made.
> 
> This was planned. See [1]. I could not test every package using
> libpisock. kpilot recompiled correctly so I assumed the code to use
> pilot-link 0.12 was in place. This is not the case and some parts of
> kpilot are now non working.
> 

Ok, not your fault :)


> We clearly have a problem with kpilot upstream(s):
> - The new version is no more maintained as part of kdepim (and Debian is
>   packaging kpilot as part of KDE kdepim). Trying to solve the kiplot
>   provided by kdepim looks like a waste of time.
> - I can't find an stable release of the new version. Only the current
>   svn version is available. I don't think it is a good idea to provide
>   in etch an work-in-progress version of kpilot.
> 
> I don't know what is the plan of the debian-qt-kde maintainers. I do not
> use KDE or kpilot so I can't really test it.
>

We're waiting for a possible patch to fix this from the kpilot upstream 
(we already asked them about this). But if we do not find some way to fix 
kpilot to work with pilot-link 0.12 in a week or so, we will have remove 
kpilot from kdepim.

Ana




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399238: otrs2: Apache::Constants not found during startup of Apache2

2006-11-18 Thread Torsten Werner 

Hi Steve,


On 11/19/06, Steve Langasek <[EMAIL PROTECTED]> wrote:

It's the sarge version of the package.  If otrs2 isn't compatible with the
sarge version of libapache2-mod-perl2, it needs to have a versioned
dependency.


it does not depend on libapache2-mod-perl2 it just recommends it. IMHO
the versioned depends, conflicts, ... should be in
libapache2-mod-perl2, perl, apache2 or whatever packages do really
conflict (*). OTRS just uses libapache2-mod-perl2 as a perl
interpreter embedded into apache2 if it is available and does not use
it if it is not available. It does not use any special features of it.
OTRS even works with libapache-mod-perl and apache (version 1).


Regards,
Torsten

(*) In this case we have a mixture of sarge and backports from sid
which makes debugging more difficult.

--
blog: http://twerner.blogspot.com/
homepage: http://www.twerner42.de/


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399238: otrs2: Apache::Constants not found during startup of Apache2

2006-11-18 Thread Steve Langasek 
On Sun, Nov 19, 2006 at 12:23:45AM +0100, Torsten Werner wrote:
> On 11/19/06, Steve Langasek <[EMAIL PROTECTED]> wrote:
> >It's the sarge version of the package.  If otrs2 isn't compatible with the
> >sarge version of libapache2-mod-perl2, it needs to have a versioned
> >dependency.

> it does not depend on libapache2-mod-perl2 it just recommends it.

No, it currently has a dependency on libapache2-mod-perl2.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: tagging bugs that are closed by packages in NEW as pending

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # the following bugs are closed by packages in NEW
> #
> tags 398335 pending
Bug#398335: thunderbird-traybiff: Wrong depends for icedove
There were no tags set.
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#393606: marked as done (mail-notification-evolution: Fails to contact evolution)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sun, 19 Nov 2006 00:08:15 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Fixed in upload to experimental (rebuild against experimental 
evo)
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: mail-notification-evolution
Version: 3.0.dfsg.1-7+b1
Severity: grave
Justification: renders package unusable

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I am unable to add Evolution to the list of mailboxes that m-n monitors.

"Mail Notification can not contact Evolution. Make sure that Evolution
is running and that the Evolution Mail Notification plugin is loaded."

- -- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages mail-notification-evolution depends on:
ii  evolution2.8.1-1.1   groupware suite with mail client a
ii  libart-2.0-2 2.3.17-1Library of functions for 2D graphi
ii  libatk1.0-0  1.12.2-1The ATK accessibility toolkit
ii  libbonobo2-0 2.16.0-1Bonobo CORBA interfaces library
ii  libbonoboui2-0   2.16.0-1The Bonobo UI library
ii  libc62.3.6.ds1-4 GNU C Library: Shared libraries
ii  libcairo21.2.4-3.1   The Cairo 2D vector graphics libra
ii  libcamel1.2-81.8.1-1 The Evolution MIME message handlin
ii  libedataserver1.2-7  1.8.1-1 Utility library for evolution data
ii  libfontconfig1   2.4.1-2 generic font configuration library
ii  libgconf2-4  2.14.0-5GNOME configuration database syste
ii  libglib2.0-0 2.12.3-2The GLib library of C routines
ii  libgnome-keyring00.4.9-1 GNOME keyring services library
ii  libgnome2-0  2.16.0-1The GNOME 2 library - runtime file
ii  libgnomecanvas2-02.14.0-2A powerful object-oriented display
ii  libgnomeui-0 2.16.1-1The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0   2.16.0-1GNOME virtual file-system (runtime
ii  libgtk2.0-0  2.10.6-2The GTK+ graphical user interface 
ii  libice6  1:1.0.1-2   X11 Inter-Client Exchange library
ii  liborbit21:2.14.0-2  libraries for ORBit2 - a CORBA ORB
ii  libpango1.0-01.14.5-1Layout and rendering of internatio
ii  libpopt0 1.10-3  lib for parsing cmdline parameters
ii  libsm6   1:1.0.1-3   X11 Session Management library
ii  libx11-6 2:1.0.0-9   X11 client-side library
ii  libxcursor1  1.1.7-4 X cursor management library
ii  libxext6 1:1.0.1-2   X11 miscellaneous extension librar
ii  libxfixes3   1:4.0.1-4   X11 miscellaneous 'fixes' extensio
ii  libxi6   1:1.0.1-3   X11 Input extension library
ii  libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library
ii  libxml2  2.6.26.dfsg-4   GNOME XML library
ii  libxrandr2   2:1.1.0.2-4 X11 RandR extension library
ii  libxrender1  1:0.9.1-3   X Rendering Extension client libra
ii  mail-notification3.0.dfsg.1-7+b1 mail notification in system tray

mail-notification-evolution recommends no packages.

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFNCLSshl/216gEHgRAoJVAKC27JE+DFH/gOgWOaRWpvH5dpdTmgCg9HDa
CWjruc04dDGSSDewXu//Vlc=
=PCZN
-END PGP SIGNATURE-

--- End Message ---
--- Begin Message ---

Package: mail-notification-evolution
Version: 3.0.dfsg.1-9

The fix for this was not acked in the changelog, but was correctly
fixed in the upload to experimental.

Big thanks to Loïc Minier and Pascal Giard for fixing this!

Cheers,
Øystein
--- End Message ---

Bug#398626: marked as done (jwchat: postinst fails: chown: cannot access `/etc/jwchat/config.js': No such file or directory)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 15:02:40 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#398626: fixed in jwchat 1.0beta2-12
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: jwchat
Version: 1.0beta2-11
Severity: serious
Usertags: grid5000

Hi,

During a piuparts run over all the packages in etch, I ran into a
problem with your package:
  Setting up jwchat (1.0beta2-11) ...
  chown: cannot access `/etc/jwchat/config.js': No such file or
directory
  dpkg: error processing jwchat (--configure):
   subprocess post-installation script returned error exit status 1

The full log is available from 
http://ox.blop.info/bazaar/buildlogs/20061114/

The piuparts run was done on about 40 AMD64 nodes of the Grid'5000
platform, using a clean chroot containing an etch i386 environment
(not unstable).  Internet was not accessible from the build systems.

About Grid'5000:
Grid'5000 is an highly reconfigurable experimental Grid platform
gathering 9 sites and featuring a total of 5000 CPUs. It serves as a
testbed for research in Grid Computing. See https://www.grid5000.fr/
-- 
| Lucas Nussbaum
| [EMAIL PROTECTED]   http://www.lucas-nussbaum.net/ |
| jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F |

--- End Message ---
--- Begin Message ---
Source: jwchat
Source-Version: 1.0beta2-12

We believe that the bug you reported is fixed in the latest version of
jwchat, which is due to be installed in the Debian FTP archive:

jwchat_1.0beta2-12.diff.gz
  to pool/main/j/jwchat/jwchat_1.0beta2-12.diff.gz
jwchat_1.0beta2-12.dsc
  to pool/main/j/jwchat/jwchat_1.0beta2-12.dsc
jwchat_1.0beta2-12_all.deb
  to pool/main/j/jwchat/jwchat_1.0beta2-12_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Torsten Werner <[EMAIL PROTECTED]> (supplier of updated jwchat package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 23:49:18 +0100
Source: jwchat
Binary: jwchat
Architecture: source all
Version: 1.0beta2-12
Distribution: unstable
Urgency: medium
Maintainer: jwchat packagers <[EMAIL PROTECTED]>
Changed-By: Torsten Werner <[EMAIL PROTECTED]>
Description: 
 jwchat - a full featured, web-based Jabber chat client
Closes: 398626
Changes: 
 jwchat (1.0beta2-12) unstable; urgency=medium
 .
   [ Sune Vuorela ]
   * Fixed postinst to do stuff in correct order. (Closes: #398626)
   * Fixed postrm to not do a unguarded a2dissite.
 .
   [ Torsten Werner ]
   * Added XS-Vcs-Svn header to debian/control.
   * Set urgency to medium because the bug is RC.
Files: 
 9ada0de0467f203d70710ad502d9dc0c 752 web optional jwchat_1.0beta2-12.dsc
 7523f657373cad741ee5f84c1268df52 7595 web optional jwchat_1.0beta2-12.diff.gz
 e4c5c3067a5aba81d827b46ef5ad1d9e 437416 web optional jwchat_1.0beta2-12_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFX45YfY3dicTPjsMRAk82AKCZkcjvyoHBNxZ9U5JxQnp84J/OHACfZHqe
Zu0n7xZNqMPR2dtc3oYxf68=
=+zjf
-END PGP SIGNATURE-

--- End Message ---

Processed: tagging 399213

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.22
> tags 399213 sid
Bug#399213: zope-quotafolder is missing a depend on zope2.9
There were no tags set.
Tags added: sid

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399238: otrs2: Apache::Constants not found during startup of Apache2

2006-11-18 Thread Steve Langasek 
On Sat, Nov 18, 2006 at 08:44:18PM +, Torsten Werner wrote:
> On 11/18/06, Arek <[EMAIL PROTECTED]> wrote:
> >ii  libapache2-mod-perl2  1.999.21-1 Integration of perl with the 
> >Apach

> This package is very old. May you upgrade it, please?

It's the sarge version of the package.  If otrs2 isn't compatible with the
sarge version of libapache2-mod-perl2, it needs to have a versioned
dependency.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Processed (with 2 errors): your mail

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> severity 399251 normal
Bug#399251: error instantiating 'org.apache.juli.ClassLoaderLogManager'
Severity set to `normal' from `serious'

> tag 399251 - confirmed
Bug#399251: error instantiating 'org.apache.juli.ClassLoaderLogManager'
Tags were: confirmed
Tags removed: confirmed

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: severity of 367267 is normal

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.25
> severity 367267 normal
Bug#367267: ftp.debian.org: Missing .orig.tar.gz files for dresden-ocl and 
libbsf-java
Severity set to `normal' from `serious'

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#396735: marked as done (bluefish: Crash trying to save a document)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 14:02:18 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#396735: fixed in bluefish 1.0.7-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: bluefish
Version: 1.0.6-1
Severity: grave
Justification: renders package unusable


The program "bluefish" crashes, if you press the button "save as".

The problem occurs, if the file ".bluefish/session" is missing in the 
home directory. This is the case on all new installations, because there 
the whole directory ".bluefish" is missing.

See also:
http://bugzilla.gnome.org/show_bug.cgi?id=360401

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-686
Locale: LANG=C, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages bluefish depends on:
ii  libart-2.0-2   2.3.17-1  Library of functions for 2D graphi
ii  libaspell150.60.4-4  GNU Aspell spell-checker runtime l
ii  libatk1.0-01.12.3-1  The ATK accessibility toolkit
ii  libbonobo2-0   2.14.0-2  Bonobo CORBA interfaces library
ii  libbonoboui2-0 2.14.0-5  The Bonobo UI library
ii  libc6  2.3.6.ds1-4   GNU C Library: Shared libraries
ii  libcairo2  1.2.4-4   The Cairo 2D vector graphics libra
ii  libfontconfig1 2.4.1-2   generic font configuration library
ii  libgconf2-42.16.0-2  GNOME configuration database syste
ii  libglib2.0-0   2.12.4-1  The GLib library of C routines
ii  libgnome-keyring0  0.4.9-1   GNOME keyring services library
ii  libgnome2-02.16.0-2  The GNOME 2 library - runtime file
ii  libgnomecanvas2-0  2.14.0-2  A powerful object-oriented display
ii  libgnomeui-0   2.14.1-2  The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0 2.14.2-2+b1   GNOME virtual file-system (runtime
ii  libgtk2.0-02.8.20-3  The GTK+ graphical user interface 
ii  libice61:1.0.1-2 X11 Inter-Client Exchange library
ii  liborbit2  1:2.14.0-2libraries for ORBit2 - a CORBA ORB
ii  libpango1.0-0  1.14.7-1  Layout and rendering of internatio
ii  libpcre3   6.7-1 Perl 5 Compatible Regular Expressi
ii  libpopt0   1.10-3lib for parsing cmdline parameters
ii  libsm6 1:1.0.1-3 X11 Session Management library
ii  libx11-6   2:1.0.3-2 X11 client-side library
ii  libxcursor11.1.7-4   X cursor management library
ii  libxext6   1:1.0.1-2 X11 miscellaneous extension librar
ii  libxfixes3 1:4.0.1-4 X11 miscellaneous 'fixes' extensio
ii  libxi6 1:1.0.1-3 X11 Input extension library
ii  libxinerama1   1:1.0.1-4.1   X11 Xinerama extension library
ii  libxml22.6.26.dfsg-4 GNOME XML library
ii  libxrandr2 2:1.1.0.2-4   X11 RandR extension library
ii  libxrender11:0.9.1-3 X Rendering Extension client libra

bluefish recommends no packages.

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: bluefish
Source-Version: 1.0.7-1

We believe that the bug you reported is fixed in the latest version of
bluefish, which is due to be installed in the Debian FTP archive:

bluefish_1.0.7-1.diff.gz
  to pool/main/b/bluefish/bluefish_1.0.7-1.diff.gz
bluefish_1.0.7-1.dsc
  to pool/main/b/bluefish/bluefish_1.0.7-1.dsc
bluefish_1.0.7-1_i386.deb
  to pool/main/b/bluefish/bluefish_1.0.7-1_i386.deb
bluefish_1.0.7.orig.tar.gz
  to pool/main/b/bluefish/bluefish_1.0.7.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Leidert (dale) <[EMAIL PROTECTED]> (supplier of updated bluefish package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SH

Bug#340163: marked as done (3ddesktop: links to libfreetype6, which is going away)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 14:02:14 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#340163: fixed in 3ddesktop 0.2.9-6
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: 3ddesktop
Version: 0.2.9-5
Severity: grave

The 3ddesktop package currently depends on libfreetype6, but it does not use
it.  This dependency is being pulled in via imlib2-config --libs, which
works as designed but is *not* a correct tool for getting a list of libs to
link against on a GNU system using dynamic linking.

Attached is a short patch which fixes the 3ddesktop package build to no
longer link against spurious libraries.  This patch changes the binary
package dependencies from this: 

 Depends: libc6 (>= 2.3.5-1), libfreetype6 (>= 2.1.5-1), libgcc1 (>= 1:4.0.1), 
libglu1-xorg | libglu1, libice6 | xlibs (>> 4.1.0), libimlib2, libsm6 | xlibs 
(>> 4.1.0), libstdc++6 (>= 4.0.1), libx11-6 | xlibs (>> 4.1.0), libxext6 | 
xlibs (>> 4.1.0), libxi6 | xlibs (>> 4.1.0), libxmu6 | xlibs (>> 4.1.0), libxt6 
| xlibs (>> 4.1.0), libxxf86vm1, xlibmesa-gl | libgl1, zlib1g (>= 1:1.2.1)

to this:

 Depends: libc6 (>= 2.3.5-1), libgcc1 (>= 1:4.0.2), libglu1-xorg | libglu1, 
libimlib2, libstdc++6 (>= 4.0.2-4), libx11-6 | xlibs (>> 4.1.0), libxxf86vm1, 
xlibmesa-gl | libgl1

There are a number of other ways to achieve this effect; you may wish to
edit the configure.ac, Makefile.am, and acinclude.m4 for this package
instead so that patch failures against future upstream versions will tell
you if the handling needs to change, or you may wish to use the (IMHO
kludgy) -Wl,--as-needed option to gcc.  By editing the autotools code, it's
also possible to optimize the build-dependencies in addition to the
dependencies, FWIW.

In any case, although libfreetype6 is currently available in unstable, due
to bug #314385 it is very likely that this package will have to go through a
library transition in the near future.  Since 3ddesktop doesn't use
freetype, I'm filing this bug at "grave" severity pre-emptively, to
encourage you to get your package free of the transition before it starts.

Cheers,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/
diff -u 3ddesktop-0.2.9/debian/rules 3ddesktop-0.2.9/debian/rules
--- 3ddesktop-0.2.9/debian/rules
+++ 3ddesktop-0.2.9/debian/rules
@@ -39,7 +39,7 @@
 
 build-stamp: patch-stamp config.status
dh_testdir
-   $(MAKE)
+   $(MAKE) 3ddeskd_LDFLAGS="-lImlib2 -lGLU -lGL -lXxf86vm -lX11" LIBS=""
touch build-stamp
 
 clean: unpatch
diff -u 3ddesktop-0.2.9/debian/changelog 3ddesktop-0.2.9/debian/changelog
--- 3ddesktop-0.2.9/debian/changelog
+++ 3ddesktop-0.2.9/debian/changelog
@@ -1,3 +1,13 @@
+3ddesktop (0.2.9-5.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Hard-code the list of needed libraries in debian/rules; allowing
+autodetection causes gratuitous linkage to a bunch of libraries not
+needed on Debian, and the autotoolage is in bad enough shape that it's
+not worth trying to fix this in the configure script.
+
+ -- Steve Langasek <[EMAIL PROTECTED]>  Mon, 21 Nov 2005 03:54:09 -0800
+
 3ddesktop (0.2.9-5) unstable; urgency=low
 
   [ Pierre Habouzit ]


signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: 3ddesktop
Source-Version: 0.2.9-6

We believe that the bug you reported is fixed in the latest version of
3ddesktop, which is due to be installed in the Debian FTP archive:

3ddesktop_0.2.9-6.diff.gz
  to pool/main/3/3ddesktop/3ddesktop_0.2.9-6.diff.gz
3ddesktop_0.2.9-6.dsc
  to pool/main/3/3ddesktop/3ddesktop_0.2.9-6.dsc
3ddesktop_0.2.9-6_amd64.deb
  to pool/main/3/3ddesktop/3ddesktop_0.2.9-6_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pierre Habouzit <[EMAIL PROTECTED]> (supplier of updated 3ddesktop package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 21:21

Bug#399260: marked as done (debian-installer: [powerpc] Please apply attached patch, adding prep and 2.6.18-2 support.)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 21:18:25 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#399260: debian-installer: [powerpc] Please apply attached 
patch, adding prep and 2.6.18-2 support.
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: debian-installer
Severity: grave
Justification: d-i powerpc daily builds need to be upgraded to 2.6.18-2 kernel 
.udebs


Please apply the attached patch.

It adds support for the 2.6.18-2 kernel .udebs currently in unstable, as well
as the prep support (needs mkvmlinuz 26 though, which was uploaded today).

It also includes adding the Apple G5 fancontrol modules in the ramdisk.

This patch is RC, because without it, the d-i daily builds are probably not 
building
anymore, now that the 2.6.18-2 kernel .udebs are in unstable.

Friendly,

Sven Luther

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: powerpc (ppc)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-powerpc
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Index: config/powerpc/prep.cfg
===
--- config/powerpc/prep.cfg (revision 0)
+++ config/powerpc/prep.cfg (revision 0)
@@ -0,0 +1,19 @@
+MEDIUM_SUPPORTED = cdrom netboot hd-media
+
+# The version of the kernel to use.
+KERNELVERSION = 2.6.18-2-prep
+KERNEL_FLAVOUR = di
+KERNELNAME = vmlinux
+KERNELIMAGEVERSION = $(KERNELVERSION)
+
+SUBARCHES = prep 
+
+cd_content: cd_content_common
+
+netboot_content: netboot_content_common
+
+arch_miniiso: arch_miniiso_common
+
+arch_boot_screens:
+
+#arch_boot: arch_boot_initrd
Index: config/powerpc/prep/hd-media.cfg
===
--- config/powerpc/prep/hd-media.cfg(revision 42615)
+++ config/powerpc/prep/hd-media.cfg(working copy)
@@ -0,0 +1,18 @@
+# Not really a floppy, this is a 239 mb image, large enough to put a
+# netinst iso in, and small enough to fit on a mid-range memory stick, 
+# such as those advertised as being 256 mb in size.
+FLOPPY_SIZE = 244736
+
+DISK_LABEL = "bootable drive"
+MEDIA_TYPE = bootable drive
+
+GZIPPED = .gz
+EXTRANAME = hd-media/
+
+TARGET = $(KERNEL) $(INITRD) $(BOOT) 
+
+MANIFEST-BOOT = "256 mb image (compressed) for USB memory stick"
+MANIFEST-INITRD = "for use on USB memory sticks"
+MANIFEST-KERNEL = "for use on USB memory sticks"
+
+arch_boot: hd_media_common
Index: config/powerpc/prep/cdrom.cfg
===
--- config/powerpc/prep/cdrom.cfg   (revision 42615)
+++ config/powerpc/prep/cdrom.cfg   (working copy)
@@ -0,0 +1,9 @@
+MEDIA_TYPE = CD-ROM
+
+# cd booting does not need floppy images on powerpc
+TARGET = $(INITRD) $(KERNEL) builtin_initrd
+EXTRANAME = $(MEDIUM)/
+
+MANIFEST-BOOT = "CDROM image for most PowerPC CPUs"
+MANIFEST-INITRD = "initrd for use with powerpc CDROM"
+MANIFEST-KERNEL = "kernel for use with powerpc CDROM"
Index: config/powerpc/prep/netboot.cfg
===
--- config/powerpc/prep/netboot.cfg (revision 42615)
+++ config/powerpc/prep/netboot.cfg (working copy)
@@ -0,0 +1,9 @@
+MEDIA_TYPE = netboot image
+
+TARGET = $(INITRD) $(KERNEL) $(MINIISO) builtin_initrd netboot_content
+EXTRANAME = $(MEDIUM)/
+
+MANIFEST-BOOT = "tftp boot image for most PowerPC CPUs"
+MANIFEST-INITRD = "initrd for use with powerpc netboot"
+MANIFEST-KERNEL = "kernel for use with powerpc netboot"
+MANIFEST-MINIISO = "small bootable CD image for powerpc netboot"
Index: config/powerpc/powerpc64.cfg
===
--- config/powerpc/powerpc64.cfg(revision 42615)
+++ config/powerpc/powerpc64.cfg(working copy)
@@ -1,7 +1,7 @@
 MEDIUM_SUPPORTED = cdrom netboot gtk-miniiso
 
 # The version of the kernel to use.
-KERNELVERSION = 2.6.17-2-powerpc64
+KERNELVERSION = 2.6.18-2-powerpc64
 KERNEL_FLAVOUR = di
 KERNELNAME = vmlinux
 KERNELIMAGEVERSION = $(KERNELVERSION)
Index: config/powerpc/powerpc.cfg
===
--- config/powerpc/powerpc.cfg  (revision 42615)
+++ config/powerpc/powerpc.cfg  (working copy)
@@ -1,7 +1,7 @@
 MEDIUM_SUPPORTED = cdrom netboot hd-media floppy gtk-miniiso # monolithic
 
 # The version of the kernel to use.
-KERNELVERSION = 2.6.17-2-powerpc
+KERNELVERSION = 2.6.18-2-powerpc
 KERNEL_FLAVOUR = di
 KERNELNAME = vmlinux
 KE

Bug#395080: Network Management SPAM Rejected

2006-11-18 Thread SPAM filter @ NETMAN.COM 
Network Management SPAM Rejected

***ALERT**ALERT**ALERT**ALERT**ALERT***
If you have received this message, your email has been marked 
SPAM by NETMAN.COM.
The message has not been forwarded on to the intended user.  
We do NOT ALLOW unsolicited emailing on this domain.  

Please remove this email address from your lists.

If your email was NOT unsolicited, please contact the Email 
user for futher options.  You can also check the HEADER of 
the message to see if your mail server is listed on our  
Relay Black Lists.  We use SPAMCOP, RELAYS.VISI.COM and  
ORDB.ORG.  You should see an X-HEADER (see below) with the 
relay list that listed your server.  Contact the relay list 
provider for further removal instructions.

Network Management, Inc.



Original Message:
Received: from SMTP32-FWD by sbnets.com
  (SMTP32) id A7B3344DD011E0342; Sat, 18 Nov 2006 15:31:24 -0600
Received: from master.debian.org [70.103.162.29] by mail.netman.com with ESMTP
  (SMTPD32-8.15) id AB3344DD011E; Sat, 18 Nov 2006 15:29:23 -0600
Received: from qa by master.debian.org with local (Exim 4.50)
id 1GlXkY-000474-Cz
for [EMAIL PROTECTED]; Sat, 18 Nov 2006 21:29:22 +
Received: from spohr.debian.org ([140.211.166.43] ident=Debian-exim) by
 master.debian.org with esmtp (Exim 4.50) id 1GlWRN-0006bl-QE for
 [EMAIL PROTECTED]; Sat, 18 Nov 2006 20:05:30 +
Received: from debbugs by spohr.debian.org with local (Exim 4.50) id
 1GlWPc-0002bW-6m; Sat, 18 Nov 2006 12:03:40 -0800
X-Loop: [EMAIL PROTECTED]
Subject: Bug#395080: security issues in asterisk
Reply-To: Ben Hutchings <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Resent-From: Ben Hutchings <[EMAIL PROTECTED]>
Resent-To: debian-bugs-dist@lists.debian.org
Resent-CC: Debian VoIP Team <[EMAIL PROTECTED]>
Resent-Date: Sat, 18 Nov 2006 20:03:38 +
Resent-Message-Id: <[EMAIL PROTECTED]>
X-Debian-PR-Message: report 395080
X-Debian-PR-Package: asterisk
X-Debian-PR-Keywords: security
X-Debian-PR-Source: asterisk
Received: via spool by [EMAIL PROTECTED]
 id=B395080.11638797014312 (code B ref 395080); Sat, 18 Nov 2006 20:03:38
 +
Received: (at 395080) by bugs.debian.org; 18 Nov 2006 19:55:01 +
Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]) by
 spohr.debian.org with esmtp (Exim 4.50) id 1GlWHF-00016n-1A;
 Sat, 18 Nov 2006 11:55:01 -0800
Received: from [192.168.4.138] (helo=deadeye.i.decadentplace.org.uk) by
 shadbolt.decadent.org.uk with esmtp (Exim 4.50) id 1GlWHB-0002LF-AH;
 Sat, 18 Nov 2006 19:54:57 +
Received: from womble by deadeye.i.decadentplace.org.uk with local (Exim
 4.63) (envelope-from <[EMAIL PROTECTED]>) id 1GlWHM-0007JN-TZ;
 Sat, 18 Nov 2006 19:55:08 +
From: Ben Hutchings <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="=-00rynq6noZmvgm26tjuG"
Date: Sat, 18 Nov 2006 19:55:08 +
Message-Id: <[EMAIL PROTECTED]>
MIME-Version: 1.0
X-Mailer: Evolution 2.6.3
X-Sa-Exim-Connect-Ip: 192.168.4.138
X-Sa-Exim-Mail-From: [EMAIL PROTECTED]
X-Sa-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-Sa-Exim-Scanned: Yes (on shadbolt.decadent.org.uk)
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
 (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_00,VALID_BTS_CONTROL
 autolearn=no version=2.60-bugs.debian.org_2005_01_02
Resent-Sender: Debian BTS <[EMAIL PROTECTED]>
Resent-Date: Sat, 18 Nov 2006 12:03:40 -0800
Delivered-To: [EMAIL PROTECTED]
Precedence: list
X-Loop: [EMAIL PROTECTED]
X-PTS-Package: asterisk
X-PTS-Keyword: bts
X-Unsubscribe: echo 'unsubscribe asterisk' | mail [EMAIL PROTECTED]
X-IMAIL-SPAM-DNSBL: (SpamCop,7b3344dd011e0342,127.0.0.2)


--=-00rynq6noZmvgm26tjuG
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

package asterisk
retitle 394025 CVE-2006-5444: Remote compromise in chan_skinny
retitle 395080 CVE-2006-5445: Denial of service in chan_sip
thanks

One bug per bug report, please.

Ben.

--=20
Ben Hutchings
Lowery's Law:
 If it jams, force it. If it breaks, it needed replacing anyway=
.

--=-00rynq6noZmvgm26tjuG
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQBFX2Uc79ZNCRIGYgcRAkU2AJ0cWdMSudD2Vq+MteEHNPxODUaKmwCaA6A1
JZmzR5F7vYBrwQYoNGh071Q=
=6aTB
-END PGP SIGNATURE-

--=-00rynq6noZmvgm26tjuG--





-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399261: llvm has rpath to insecure location (/home/ahs3/...)

2006-11-18 Thread Bill Allombert 
Package: llvm
Version: 1.8b-1
Severity: serious
Tags: security

Hello Al,
llvm includes a binary with a rpath pointing to 
/home/ahs3/debian/llvm/llvm-1.8b/llvm/Release/bin.

%chrpath /usr/lib/llvm/llvmc
/usr/lib/llvm/llvmc: RPATH=/home/ahs3/debian/llvm/llvm-1.8b/llvm/Release/bin

This allows an attacker with write access to that directory to add
modified libraries which will be loaded when someone else run llvm.

Cheers,
-- 
Bill. <[EMAIL PROTECTED]>

Imagine a large blue swirl here. 


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399260: debian-installer: [powerpc] Please apply attached patch, adding prep and 2.6.18-2 support.

2006-11-18 Thread Sven Luther 
Package: debian-installer
Severity: grave
Justification: d-i powerpc daily builds need to be upgraded to 2.6.18-2 kernel 
.udebs


Please apply the attached patch.

It adds support for the 2.6.18-2 kernel .udebs currently in unstable, as well
as the prep support (needs mkvmlinuz 26 though, which was uploaded today).

It also includes adding the Apple G5 fancontrol modules in the ramdisk.

This patch is RC, because without it, the d-i daily builds are probably not 
building
anymore, now that the 2.6.18-2 kernel .udebs are in unstable.

Friendly,

Sven Luther

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: powerpc (ppc)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-powerpc
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Index: config/powerpc/prep.cfg
===
--- config/powerpc/prep.cfg (revision 0)
+++ config/powerpc/prep.cfg (revision 0)
@@ -0,0 +1,19 @@
+MEDIUM_SUPPORTED = cdrom netboot hd-media
+
+# The version of the kernel to use.
+KERNELVERSION = 2.6.18-2-prep
+KERNEL_FLAVOUR = di
+KERNELNAME = vmlinux
+KERNELIMAGEVERSION = $(KERNELVERSION)
+
+SUBARCHES = prep 
+
+cd_content: cd_content_common
+
+netboot_content: netboot_content_common
+
+arch_miniiso: arch_miniiso_common
+
+arch_boot_screens:
+
+#arch_boot: arch_boot_initrd
Index: config/powerpc/prep/hd-media.cfg
===
--- config/powerpc/prep/hd-media.cfg(revision 42615)
+++ config/powerpc/prep/hd-media.cfg(working copy)
@@ -0,0 +1,18 @@
+# Not really a floppy, this is a 239 mb image, large enough to put a
+# netinst iso in, and small enough to fit on a mid-range memory stick, 
+# such as those advertised as being 256 mb in size.
+FLOPPY_SIZE = 244736
+
+DISK_LABEL = "bootable drive"
+MEDIA_TYPE = bootable drive
+
+GZIPPED = .gz
+EXTRANAME = hd-media/
+
+TARGET = $(KERNEL) $(INITRD) $(BOOT) 
+
+MANIFEST-BOOT = "256 mb image (compressed) for USB memory stick"
+MANIFEST-INITRD = "for use on USB memory sticks"
+MANIFEST-KERNEL = "for use on USB memory sticks"
+
+arch_boot: hd_media_common
Index: config/powerpc/prep/cdrom.cfg
===
--- config/powerpc/prep/cdrom.cfg   (revision 42615)
+++ config/powerpc/prep/cdrom.cfg   (working copy)
@@ -0,0 +1,9 @@
+MEDIA_TYPE = CD-ROM
+
+# cd booting does not need floppy images on powerpc
+TARGET = $(INITRD) $(KERNEL) builtin_initrd
+EXTRANAME = $(MEDIUM)/
+
+MANIFEST-BOOT = "CDROM image for most PowerPC CPUs"
+MANIFEST-INITRD = "initrd for use with powerpc CDROM"
+MANIFEST-KERNEL = "kernel for use with powerpc CDROM"
Index: config/powerpc/prep/netboot.cfg
===
--- config/powerpc/prep/netboot.cfg (revision 42615)
+++ config/powerpc/prep/netboot.cfg (working copy)
@@ -0,0 +1,9 @@
+MEDIA_TYPE = netboot image
+
+TARGET = $(INITRD) $(KERNEL) $(MINIISO) builtin_initrd netboot_content
+EXTRANAME = $(MEDIUM)/
+
+MANIFEST-BOOT = "tftp boot image for most PowerPC CPUs"
+MANIFEST-INITRD = "initrd for use with powerpc netboot"
+MANIFEST-KERNEL = "kernel for use with powerpc netboot"
+MANIFEST-MINIISO = "small bootable CD image for powerpc netboot"
Index: config/powerpc/powerpc64.cfg
===
--- config/powerpc/powerpc64.cfg(revision 42615)
+++ config/powerpc/powerpc64.cfg(working copy)
@@ -1,7 +1,7 @@
 MEDIUM_SUPPORTED = cdrom netboot gtk-miniiso
 
 # The version of the kernel to use.
-KERNELVERSION = 2.6.17-2-powerpc64
+KERNELVERSION = 2.6.18-2-powerpc64
 KERNEL_FLAVOUR = di
 KERNELNAME = vmlinux
 KERNELIMAGEVERSION = $(KERNELVERSION)
Index: config/powerpc/powerpc.cfg
===
--- config/powerpc/powerpc.cfg  (revision 42615)
+++ config/powerpc/powerpc.cfg  (working copy)
@@ -1,7 +1,7 @@
 MEDIUM_SUPPORTED = cdrom netboot hd-media floppy gtk-miniiso # monolithic
 
 # The version of the kernel to use.
-KERNELVERSION = 2.6.17-2-powerpc
+KERNELVERSION = 2.6.18-2-powerpc
 KERNEL_FLAVOUR = di
 KERNELNAME = vmlinux
 KERNELIMAGEVERSION = $(KERNELVERSION)
Index: config/powerpc.cfg
===
--- config/powerpc.cfg  (revision 42615)
+++ config/powerpc.cfg  (working copy)
@@ -1,4 +1,4 @@
-SUBARCH_SUPPORTED = powerpc powerpc64 # apus
+SUBARCH_SUPPORTED = powerpc powerpc64 prep # apus
 
 KERNELMAJOR = 2.6
 
Index: pkg-lists/cdrom/powerpc.cfg
===
--- pkg-lists/cdrom/powerpc.cfg (revision 42615)
+++ pkg-lists/cdrom/powerpc.cfg (working copy)
@@ -28,3 +28,4 @@
 
 # IBM Power hypervisor modules, only available on powerpc64.
 hypervisor-modules-${kernel:Version} ?
+fancontrol-modules-${kernel:Version} ?
Index: pkg-lists/netboot/powerpc

Bug#399256: FTBS: missing buil-dep on ruby

2006-11-18 Thread Vincent Fourmond 
Package: qt4-qtruby
Version: 1.4.6-1
Severity: serious

Build-dep missing on ruby is screwing up the building system. Gosh, I thought
I wouldn't let myself be caught again !

Vince

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.18
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) (ignored: LC_ALL set to 
en_GB)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#398713: marked as done (collatinus: FTBFS: hyperlatex: cannot find emacs or xemacs)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 21:39:14 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#398713: collatinus: FTBFS: hyperlatex: cannot find emacs 
or xemacs
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: collatinus
Version: 7.14-3
Severity: serious

Hello,

There was a problem while autobuilding your package:

> Automatic build of collatinus_7.14-3 on avidan by sbuild/i386 98
> Build started at 20061115-0128
> **
> Checking available source versions...
> Fetching source files...
> Reading package lists...
> Building dependency tree...
> Need to get 2770kB of source archives.
> Get:1 http://ftp.fr.debian.org sid/main collatinus 7.14-3 (dsc) [662B]
> Get:2 http://ftp.fr.debian.org sid/main collatinus 7.14-3 (tar) [2766kB]
> Get:3 http://ftp.fr.debian.org sid/main collatinus 7.14-3 (diff) [3242B]
> Fetched 2770kB in 11s (240kB/s)
> Download complete and in download only mode
> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>> 4.0.0)
> Build-Depends-Indep: hyperlatex, tetex-extra, python-support (>= 0.4)
> Checking for already installed source dependencies...
> debhelper: missing
> hyperlatex: missing
> tetex-extra: missing
> python-support: missing
> Checking for source dependency conflicts...
>   /usr/bin/sudo /usr/bin/apt-get --purge $CHROOT_OPTIONS -q -y install 
> debhelper hyperlatex tetex-extra python-support
> Reading package lists...
> Building dependency tree...
> The following extra packages will be installed:
>   bsdmainutils defoma ed emacs emacs21 emacs21-bin-common emacs21-common
>   emacsen-common file fontconfig-config gettext gettext-base gs gs-common
>   gs-gpl gsfonts html2text intltool-debian libfontconfig1 libfreetype6 libice6
>   libjpeg62 libkpathsea4 liblockfile1 libncursesw5 libnetpbm10 libnewt0.52
>   libpaper1 libpng12-0 libpoppler0c2 libpopt0 libsm6 libt1-5 libtiff4
>   libungif4g libx11-6 libx11-data libxau6 libxaw7 libxdmcp6 libxext6 libxmu6
>   libxpm4 libxt6 netpbm po-debconf python python-minimal python2.4
>   python2.4-minimal tetex-base tetex-bin tex-common ttf-dejavu ucf whiptail
>   x11-common xaw3dg
> Suggested packages:
>   wamerican wordlist whois vacation dh-make defoma-doc psfontmgr
>   x-ttcidfont-conf dfontmgr emacs21-el emacs21-non-dfsg cvs gettext-doc
>   gs-pdfencrypt hpijs libfreetype6-dev python-doc python-tk python-profiler
>   python2.4-doc gv postscript-viewer xpdf-reader pdf-viewer texinfo texi2html
>   dvipng chktex lacheck rubber sam2p xbase-clients
> Recommended packages:
>   libft-perl curl wget lynx libgpmg1 libfribidi0 libpaper-utils
>   libmail-sendmail-perl libcompress-zlib-perl tetex-doc psutils perl-tk
>   libxml-parser-perl latex-beamer latex-xcolor lmodern pgf preview-latex-style
>   debconf-utils
> The following NEW packages will be installed:
>   bsdmainutils debhelper defoma ed emacs emacs21 emacs21-bin-common
>   emacs21-common emacsen-common file fontconfig-config gettext gettext-base gs
>   gs-common gs-gpl gsfonts html2text hyperlatex intltool-debian libfontconfig1
>   libfreetype6 libice6 libjpeg62 libkpathsea4 liblockfile1 libncursesw5
>   libnetpbm10 libnewt0.52 libpaper1 libpng12-0 libpoppler0c2 libpopt0 libsm6
>   libt1-5 libtiff4 libungif4g libx11-6 libx11-data libxau6 libxaw7 libxdmcp6
>   libxext6 libxmu6 libxpm4 libxt6 netpbm po-debconf python python-minimal
>   python-support python2.4 python2.4-minimal tetex-base tetex-bin tetex-extra
>   tex-common ttf-dejavu ucf whiptail x11-common xaw3dg
> 0 upgraded, 62 newly installed, 0 to remove and 2 not upgraded.
> Need to get 66.9MB/75.2MB of archives.
> After unpacking 246MB of additional disk space will be used.
> Get:1 http://ftp.fr.debian.org sid/main libice6 1:1.0.1-2 [42.6kB]
> Get:2 http://ftp.fr.debian.org sid/main libsm6 1:1.0.1-3 [18.0kB]
> Get:3 http://ftp.fr.debian.org sid/main libxt6 1:1.0.2-2 [154kB]
> Get:4 http://ftp.fr.debian.org sid/main libfreetype6 2.2.1-5 [342kB]
> Get:5 http://ftp.fr.debian.org sid/main libnewt0.52 0.52.2-8 [63.7kB]
> Get:6 http://ftp.fr.debian.org sid/main libpopt0 1.10-3 [33.1kB]
> Get:7 http://ftp.fr.debian.org sid/main whiptail 0.52.2-8 [34.6kB]
> Get:8 http://ftp.fr.debian.org sid/main defoma 0.11.10 [78.7kB]
> Get:9 http://ftp.fr.debian.org sid/main ttf-dejavu 2.11-1 [3256kB]
> Get:10 http://ftp.fr.debian.org sid/main fontconfig-config 2.4.1-2 [138kB]
> Get:11 http://ftp.fr.debian.org sid/main libfontconfig1 2.4.1-2 [203kB]
> Get:12 h

Bug#399195: python-cairo: python2.3 import fail

2006-11-18 Thread Loic Dachary 
 > Confusing?  Yes.  But this is the route the python people took.

Thanks a lot for sharing your experience. It's a lot clearer now.

-- 
+33 1 76 60 72 81  Loic Dachary mailto:[EMAIL PROTECTED]
http://dachary.org/loic/gpg.txt sip:[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#382906: RM: mozilla-locale-hu -- RoM; mozilla scheduled for removal

2006-11-18 Thread Laszlo Boszormenyi 
reassign 382906 ftp.debian.org
retitle 382906 RM: mozilla-locale-hu -- RoM; mozilla scheduled for removal
block 382906 with 370436
thanks

Hi,

As the maintainer of mozilla-locale-hu I request the removal of its
removal due to the upcoming mozilla package removal.

Regards,
Laszlo/GCS


signature.asc
Description: This is a digitally signed message part

Processed: RM: mozilla-locale-hu -- RoM; mozilla scheduled for removal

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> reassign 382906 ftp.debian.org
Bug#382906: mozilla-locale-hu: depends on mozilla
Bug reassigned from package `mozilla-locale-hu' to `ftp.debian.org'.

> retitle 382906 RM: mozilla-locale-hu -- RoM; mozilla scheduled for removal
Bug#382906: mozilla-locale-hu: depends on mozilla
Changed Bug title.

> block 382906 with 370436
Bug#382906: RM: mozilla-locale-hu -- RoM; mozilla scheduled for removal
Was not blocked by any bugs.
Blocking bugs of 382906 added: 370436

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399238: otrs2: Apache::Constants not found during startup of Apache2

2006-11-18 Thread Torsten Werner 

On 11/18/06, Arek <[EMAIL PROTECTED]> wrote:

ii  libapache2-mod-perl2  1.999.21-1 Integration of perl with the Apach


This package is very old. May you upgrade it, please?

Cheers,
Torsten


--
blog: http://twerner.blogspot.com/
homepage: http://www.twerner42.de/


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Processed (with 2 errors): your mail

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> clone 395167 -1
Bug#395167: Tomcat doesn't run with java-gcj-compat-dev
Bug 395167 cloned as bug 399251.

> reassign -1 libgcj7-0
Bug#399251: Tomcat doesn't run with java-gcj-compat-dev
Bug reassigned from package `tomcat5.5' to `libgcj7-0'.

> tag -1 - pending patch
Bug#399251: Tomcat doesn't run with java-gcj-compat-dev
Tags were: patch pending confirmed
Tags removed: pending, patch

> forwarded -1 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29869.
Bug#399251: Tomcat doesn't run with java-gcj-compat-dev
Noted your statement that Bug has been forwarded to 
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29869..

> severity -1 serious
Bug#399251: Tomcat doesn't run with java-gcj-compat-dev
Severity set to `serious' from `serious'

> retitle -1 error instantiating 'org.apache.juli.ClassLoaderLogManager'
Bug#399251: Tomcat doesn't run with java-gcj-compat-dev
Changed Bug title.

> stop
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: merge 365766 395555

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> package azureus
Ignoring bugs not assigned to: azureus

> retitle 365766 Azureus requires java-gcj-compat
Bug#365766: azureus: Azureus doesn't load without java-gcj-compat, no 
Changed Bug title.

> severity 365766 serious
Bug#365766: Azureus requires java-gcj-compat
Severity set to `serious' from `normal'

> tag 365766 confirmed
Bug#365766: Azureus requires java-gcj-compat
Tags were: pending
Tags added: confirmed

> merge 365766 39
Bug#365766: Azureus requires java-gcj-compat
Bug#39: Does not work with kaffe
Merged 365766 39.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed (with 2 errors): your mail

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # There are two bugs here. First the logger problem.
> clone 395167 libgcj7-0 -1
Unknown command or malformed arguments to command.

> reassign -1 libgcj7-0
Bug number -1 not found. (Is it archived?)

> retitle -1 LogManager class loading failure with Tomcat
Bug number -1 not found. (Is it archived?)

> tag -1 -pending -patch
Unknown tag/s: -patch.
Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid 
help security upstream pending sarge sarge-ignore experimental d-i confirmed 
ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore.

Bug number -1 not found. (Is it archived?)

> # Then classpath fix required for gcj. This one warrants severity serious.
> retitle 395167 Tomcat doesn't run with java-gcj-compat-dev
Bug#395167: tomcat5.5: error instantiating 
'org.apache.juli.ClassLoaderLogManager'
Changed Bug title.

> severity 395167 serious
Bug#395167: Tomcat doesn't run with java-gcj-compat-dev
Severity set to `serious' from `normal'

> notforwarded 395167
Bug#395167: Tomcat doesn't run with java-gcj-compat-dev
Removed annotation that Bug had been forwarded to 
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29869.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: security issues in asterisk

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> package asterisk
Ignoring bugs not assigned to: asterisk

> retitle 394025 CVE-2006-5444: Remote compromise in chan_skinny
Bug#394025: Remote compromise
Changed Bug title.
(By the way, that Bug is currently marked as done.)

> retitle 395080 CVE-2006-5445: Denial of service in chan_sip
Bug#395080: CVE-2006-5444/5:security issues in asterisk
Changed Bug title.
(By the way, that Bug is currently marked as done.)

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#395080: security issues in asterisk

2006-11-18 Thread Ben Hutchings 
package asterisk
retitle 394025 CVE-2006-5444: Remote compromise in chan_skinny
retitle 395080 CVE-2006-5445: Denial of service in chan_sip
thanks

One bug per bug report, please.

Ben.

-- 
Ben Hutchings
Lowery's Law:
 If it jams, force it. If it breaks, it needed replacing anyway.


signature.asc
Description: This is a digitally signed message part

Bug#399224: xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm

2006-11-18 Thread Julien Cristau 
tags 399224 pending
kthxbye

On Sat, Nov 18, 2006 at 20:23:16 +0100, Roland Rosenfeld wrote:

> But also a fresh installation of etch is broken.  If only
> xfonts-scalable (and no other Type1 font package) is installed, this
> means, that no fonts.dir is installed, which results in
> xfonts-scalable been completely unusable.
> 
xfonts-scalable was indeed missing a call to dh_installxfonts, which
handles this.
Fixed in svn, thanks!

Cheers,
Julien


signature.asc
Description: Digital signature

Processed: Re: Bug#399224: xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 399224 pending
Bug#399224: xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm
Tags were: patch
Tags added: pending

> kthxbye
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399224: xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm

2006-11-18 Thread Roland Rosenfeld 
On Sat, 18 Nov 2006, Julien Cristau wrote:

> > 1:1.0.0-4 contained fonts.dir as a file in the package.  This file
> > is removed in 1:1.0.0-5, which results in removal of fonts.dir.
> > But after all this the postinst (and also postrm) should run
> > update-fonts-scale, update-fonts-alias and update-fonts-dir, but
> > it only runs update-fonts-scale and update-fonts-alias.

> is this an issue when upgrading from the stable version of
> xfonts-scalable, or only on upgrade from 1:1.0.0-4?

As far as I can see the most important issue appears when upgrading
from 1.0.0-4 (maybe from other 1.0.0 versions, too), because this
completely removes fonts.dir.  The sarge version handles this correct.

But also a fresh installation of etch is broken.  If only
xfonts-scalable (and no other Type1 font package) is installed, this
means, that no fonts.dir is installed, which results in
xfonts-scalable been completely unusable.

If gsfonts-x11 is installed before xfonts-scalable, gsfonts-x11 will
work correct, while the fonts from xfonts-scalable aren't accessible.

> If the latter, then I don't think this is a release-critical bug,
> and the severity is at most important.

It is still a policy violation which makes the package and maybe other
packages unusable.  I prefer fixing it instead of discussing the
severity (xfonts-scalable is no longer part of the xfree or x.org
sources, so it isn't a problem to build a new version of this
package).

Tscho

Roland

-- 
 * [EMAIL PROTECTED] * http://www.spinnaker.de/ *

Bug#397264: marked as done (ImportError: No module named tunepimp)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 11:07:40 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#397264: fixed in libtunepimp 0.5.2-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: python-tunepimp
Version: 0.4.2-3.2
Severity: grave

This package do not work at all. Even the included example does not run:

[EMAIL PROTECTED]:/usr/share/doc/python-tunepimp/examples$ ./trm.py 
Traceback (most recent call last):
  File "./trm.py", line 35, in ?
from tunepimp import tunepimp, metadata, track
ImportError: No module named tunepimp

Tested on an amd64 and i386 hosts.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (900, 'testing'), (400, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.18-1-amd64
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages python-tunepimp depends on:
ii  libtunepimp3  0.4.2-3.2  MusicBrainz tagging library and si
ii  python2.4.3-11   An interactive high-level object-o
ii  python-ctypes 1.0.0-1.1  Python package to create and manip
ii  python-support0.5.4  automated rebuilding support for p

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: libtunepimp
Source-Version: 0.5.2-1

We believe that the bug you reported is fixed in the latest version of
libtunepimp, which is due to be installed in the Debian FTP archive:

libtunepimp-dev_0.5.2-1_i386.deb
  to pool/main/libt/libtunepimp/libtunepimp-dev_0.5.2-1_i386.deb
libtunepimp5_0.5.2-1_i386.deb
  to pool/main/libt/libtunepimp/libtunepimp5_0.5.2-1_i386.deb
libtunepimp_0.5.2-1.diff.gz
  to pool/main/libt/libtunepimp/libtunepimp_0.5.2-1.diff.gz
libtunepimp_0.5.2-1.dsc
  to pool/main/libt/libtunepimp/libtunepimp_0.5.2-1.dsc
libtunepimp_0.5.2.orig.tar.gz
  to pool/main/libt/libtunepimp/libtunepimp_0.5.2.orig.tar.gz
python-tunepimp_0.5.2-1_all.deb
  to pool/main/libt/libtunepimp/python-tunepimp_0.5.2-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adam Cécile (Le_Vert) <[EMAIL PROTECTED]> (supplier of updated libtunepimp 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Mon,  6 Nov 2006 12:46:00 +0100
Source: libtunepimp
Binary: libtunepimp-dev python-tunepimp libtunepimp5
Architecture: source all i386
Version: 0.5.2-1
Distribution: experimental
Urgency: low
Maintainer: Adam Cécile (Le_Vert) <[EMAIL PROTECTED]>
Changed-By: Adam Cécile (Le_Vert) <[EMAIL PROTECTED]>
Description: 
 libtunepimp-dev - MusicBrainz tagging library development files
 libtunepimp5 - MusicBrainz tagging library
 python-tunepimp - Python bindings for MusicBrainz tagging library
Closes: 362635 370390 389162 397264
Changes: 
 libtunepimp (0.5.2-1) experimental; urgency=low
 .
   * New co-maintener.
   * New upstream release (Closes: #389162).
 Crash in TRM Lookup fixed, see: http://bugs.musicbrainz.org/ticket/1563 
(Closes: #370390).
   * API change.
   * Re-package using debhelper.
 Python-support transition done (Closes: #397264).
 Remove empty directory in python-tunepimp (Closes: #362635).
 Fix all lintian warnings.
   * libtunepimp-perl removed, out-dated, not supported by upstream anymore.
   * Rename libtunepimp3-dev to libtunepimp-dev.
   * Remove libtunepimp-bin package, this is only code sample tools.
   * Update long description.
   * Update copyright with LGPL license.
Files: 
 e509c092dd0c7e4236ab9cbf5b489686 935 libs optional libtunepimp_0.5.2-1.dsc
 655b254539013f5e7fe50ac035c26dcb 1076084 libs optional 
libtunepimp_0.5.2.orig.tar.gz
 9e847974802e87dad50f31264c50f083 10362 libs optional 
libtunepimp_0.5.2-1.diff.gz
 79064460863681ec41e3312e30f0e10a 250758 libdevel optional 
libtunepimp-dev_0.5.2-1_i386.deb
 45b4fbcb133f72c8c4bdf97c586bc10a 411632 libs optional 
libtunepimp5_0.5.2-1_i386.deb
 bde5edcee39414effc10e4d977f914db 17686 python optional 
python-tunepimp_0.5.2-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFT1R9+C5c

Bug#399229: marked as done (gaim: Fails to build)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 13:46:56 -0500 (EST)
with message-id <[EMAIL PROTECTED]>
and subject line 
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: gaim
Version: 1:2.0.0+beta5-1
Severity: serious
Tags: patch
Justification: no longer builds from source

The dbus-1 file gets placed in the wrong dir (i.e. /) which makes the
install fail, which makes the build fail. I've tried playing with export
DBUS_SERVICES_DIR = usr/share/dbus-1 in debian/rules, but that doesn't seem
to help much.

dh_installchangelogs -pgaim  ./ChangeLog --no-act
dh_installudev -pgaim
dh_install -pgaim
cp: cannot stat `./debian/tmp/usr/share/dbus-1': No such file or directory
dh_install: command returned error code 256

So, I fixed it with the attached patch.


-- System Information:
Debian Release: 4.0
  APT prefers experimental
  APT policy: (500, 'experimental'), (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages gaim depends on:
ii  gaim-data1:2.0.0+beta5-1 multi-protocol instant messaging c
ii  libaspell15  0.60.4-4GNU Aspell spell-checker runtime l
ii  libatk1.0-0  1.12.3-1The ATK accessibility toolkit
ii  libavahi-compat-howl00.6.15-2Avahi Howl compatibility library
ii  libc62.5-0exp3   GNU C Library: Shared libraries
ii  libcairo21.2.4-4 The Cairo 2D vector graphics libra
ii  libdbus-1-3  1.0.0-1 simple interprocess messaging syst
ii  libdbus-glib-1-2 0.71-3  simple interprocess messaging syst
ii  libfontconfig1   2.4.1-2 generic font configuration library
ii  libfreetype6 2.2.1-5 FreeType 2 font engine, shared lib
ii  libgcrypt11  1.2.3-2 LGPL Crypto library - runtime libr
ii  libglib2.0-0 2.12.4-2The GLib library of C routines
ii  libgnutls13  1.5.3-1 the GNU TLS library - runtime libr
ii  libgstreamer0.10-0   0.10.10-2   Core GStreamer libraries and eleme
ii  libgtk2.0-0  2.10.6-3The GTK+ graphical user interface 
ii  libgtkspell0 2.0.10-3+b1 a spell-checking addon for GTK's T
ii  libice6  1:1.0.1-2   X11 Inter-Client Exchange library
ii  libncursesw5 5.5-5   Shared libraries for terminal hand
ii  libpango1.0-01.14.7-1Layout and rendering of internatio
ii  libperl5.8   5.8.8-6.1   Shared Perl library
ii  libpng12-0   1.2.8rel-7  PNG library - runtime
ii  libsm6   1:1.0.1-3   X11 Session Management library
ii  libstartup-notification0 0.8-2   library for program launch feedbac
ii  libx11-6 2:1.0.3-3   X11 client-side library
ii  libxcursor1  1.1.7-4 X cursor management library
ii  libxext6 1:1.0.1-2   X11 miscellaneous extension librar
ii  libxfixes3   1:4.0.1-4   X11 miscellaneous 'fixes' extensio
ii  libxi6   1:1.0.1-3   X11 Input extension library
ii  libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library
ii  libxml2  2.6.27.dfsg-1   GNOME XML library
ii  libxrandr2   2:1.1.0.2-4 X11 RandR extension library
ii  libxrender1  1:0.9.1-3   X Rendering Extension client libra
ii  libxss1  1:1.1.0-1   X11 Screen Saver extension library
ii  zlib1g   1:1.2.3-13  compression library - runtime

Versions of packages gaim recommends:
pn  gstreamer0.10-alsa | gstreame  (no description available)
pn  gstreamer0.10-plugins-base (no description available)
pn  gstreamer0.10-plugins-good (no description available)

-- no debconf information
diff -uNr gaim-2.0.0+beta5/debian/rules gaim-2.0.0+beta5-my/debian/rules
--- gaim-2.0.0+beta5/debian/rules   2006-11-18 19:34:23.0 +0200
+++ gaim-2.0.0+beta5-my/debian/rules2006-11-18 19:19:12.0 +0200
@@ -12,7 +12,7 @@
 DEB_MAKE_BUILD_TARGET = GADU_LIBS="-lpthread -lgadu"

 # for gaim
-DEB_CONFIGURE_EXTRA_FLAGS := --disable-nas --disable-nss -enable-perl 
--disable-silc --with-zephyr=/usr --enable-dbus
+DEB_CONFIGURE_EXTRA_FLAGS := --disable-nas --disable-nss -enable-perl 
--disable-silc --with-zephyr=/usr --enable

Processed: Doesn't affect Debian yet.

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 399170 +upstream
Bug#399170: Firefox Sage Extension Feed Script Insertion Vulnerability
Tags were: security
Tags added: upstream

> tags 399170 +wontfix
Bug#399170: Firefox Sage Extension Feed Script Insertion Vulnerability
Tags were: upstream security
Tags added: wontfix

> severity 399170 normal
Bug#399170: Firefox Sage Extension Feed Script Insertion Vulnerability
Severity set to `normal' from `grave'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399238: otrs2: Apache::Constants not found during startup of Apache2

2006-11-18 Thread Arek 
Package: otrs2
Version: 2.0.4p01-16
Severity: grave
Justification: renders package unusable


To finish configuration of the package I commented out the apache2 restart
line in postconf.

Now, Apache2 does not start. When I try to start it I get following
messages in errorlog:

[Sat Nov 18 15:03:27 2006] [error] Can't locate loadable object for module Apach
e::Constants in @INC (@INC contains: /usr/share/otrs/Kernel/cpan-lib /usr/share/
otrs/ /etc/perl /usr/local/lib/perl/5.8.4 /usr/local/share/perl/5.8.4 /usr/lib/p
erl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_
perl . /etc/apache2) at /usr/lib/perl5/mod_perl.pm line 14\nCompilation failed i
n require at /usr/lib/perl5/Apache.pm line 6.\nBEGIN failed--compilation aborted
 at /usr/lib/perl5/Apache.pm line 6.\nCompilation failed in require at /usr/shar
 e/perl/5.8/CGI.pm line 190.\nCompilation failed in require at 
/usr/share/otrs/sc
 ripts/apache2-perl-startup.pl line 18.\nBEGIN failed--compilation aborted at 
/us
 r/share/otrs/scripts/apache2-perl-startup.pl line 18.\nCompilation failed in 
req
 uire at (eval 2) line 1.\n
 [Sat Nov 18 15:03:27 2006] [error] Can't load Perl file: 
/usr/share/otrs/scripts
 /apache2-perl-startup.pl for server [name of my server]:0, exiting...
 

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-1-686
Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2)

Versions of packages otrs2 depends on:
ii  adduser   3.63   Add and remove users and groups
ii  apache2   2.0.54-5sarge1 next generation, scalable, extenda
ii  apache2-mpm-prefork [apac 2.0.54-5sarge1 traditional model for Apache2
ii  dbconfig-common   1.8.27 common framework for packaging dat
ii  debconf   1.4.30.13  Debian configuration management sy
ii  libapache2-mod-perl2  1.999.21-1 Integration of perl with the Apach
ii  libauthen-sasl-perl   2.10-1 Authen::SASL - SASL Authentication
ii  libdate-pcalc-perl1.2-2  Perl module for Gregorian calendar
ii  libdbi-perl   1.46-6 Perl5 database interface by Tim Bu
ii  libemail-valid-perl   0.15-1 Check validity of Internet email a
ii  libio-stringy-perl2.110-1Perl5 modules for IO from scalars 
ii  libmailtools-perl 1.62-1 Manipulate email in perl programs
ii  libmime-perl  5.417-1Perl5 modules for MIME-compliant m
ii  perl  5.8.4-8sarge5  Larry Wall's Practical Extraction 
ii  ucf   1.17   Update Configuration File: preserv

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399170: Doesn't affect Debian yet.

2006-11-18 Thread Alan Woodland 

tags 399170 +upstream
tags 399170 +wontfix
severity 399170 normal
thanks

Tagging this bug won't fix and reducing the severity - I confirmed  
the version currently in unstable and testing is not vulnerable. This  
information is relevant to a future upload (probably post etch now)  
however, and thus I've chosen not to close it.


I've also added the feed mentioned in the report to my big list of  
tests just to be safe in the future :-)


Alan


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399224: xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm

2006-11-18 Thread Julien Cristau 
On Sat, Nov 18, 2006 at 18:08:23 +0100, Roland Rosenfeld wrote:

> Package: xfonts-scalable
> Version: 1:1.0.0-5
> Severity: serious
> Rationale: policy violation paragraph 11.8.5 (13), renders gsfonts-x11 
> unusable
> Tags: patch
> 
> 1:1.0.0-4 contained fonts.dir as a file in the package.  This file is
> removed in 1:1.0.0-5, which results in removal of fonts.dir.  But
> after all this the postinst (and also postrm) should run
> update-fonts-scale, update-fonts-alias and update-fonts-dir, but it
> only runs update-fonts-scale and update-fonts-alias.
> 
Hi Roland,

is this an issue when upgrading from the stable version of
xfonts-scalable, or only on upgrade from 1:1.0.0-4?
If the latter, then I don't think this is a release-critical bug, and
the severity is at most important.

Cheers,
Julien


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399195: python-cairo: python2.3 import fail

2006-11-18 Thread Dave Beckett 
Loic Dachary wrote:
> Thanks for the explanation. I'm confused though because
> apt-cache show claims support for python2.3. Any idea why this is so ?

When I built it, there might have been support for python2.3.  Although
I haven't changed anything, the python defaults have changed, so there
is no longer any support for 2.3 - basically, at the point of installation,
the python defaults get applied by 'pycentral' so it's out of my hand.

I've just compiled a new version of pycairo in experimental and all
mention of 2.3 is now removed from the build.  This was caused by
the build-time use of the python defaults noticing the change.

Confusing?  Yes.  But this is the route the python people took.

Dave



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399229: gaim: Fails to build

2006-11-18 Thread George-Cristian Bîrzan 
Package: gaim
Version: 1:2.0.0+beta5-1
Severity: serious
Tags: patch
Justification: no longer builds from source

The dbus-1 file gets placed in the wrong dir (i.e. /) which makes the
install fail, which makes the build fail. I've tried playing with export
DBUS_SERVICES_DIR = usr/share/dbus-1 in debian/rules, but that doesn't seem
to help much.

dh_installchangelogs -pgaim  ./ChangeLog --no-act
dh_installudev -pgaim
dh_install -pgaim
cp: cannot stat `./debian/tmp/usr/share/dbus-1': No such file or directory
dh_install: command returned error code 256

So, I fixed it with the attached patch.


-- System Information:
Debian Release: 4.0
  APT prefers experimental
  APT policy: (500, 'experimental'), (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages gaim depends on:
ii  gaim-data1:2.0.0+beta5-1 multi-protocol instant messaging c
ii  libaspell15  0.60.4-4GNU Aspell spell-checker runtime l
ii  libatk1.0-0  1.12.3-1The ATK accessibility toolkit
ii  libavahi-compat-howl00.6.15-2Avahi Howl compatibility library
ii  libc62.5-0exp3   GNU C Library: Shared libraries
ii  libcairo21.2.4-4 The Cairo 2D vector graphics libra
ii  libdbus-1-3  1.0.0-1 simple interprocess messaging syst
ii  libdbus-glib-1-2 0.71-3  simple interprocess messaging syst
ii  libfontconfig1   2.4.1-2 generic font configuration library
ii  libfreetype6 2.2.1-5 FreeType 2 font engine, shared lib
ii  libgcrypt11  1.2.3-2 LGPL Crypto library - runtime libr
ii  libglib2.0-0 2.12.4-2The GLib library of C routines
ii  libgnutls13  1.5.3-1 the GNU TLS library - runtime libr
ii  libgstreamer0.10-0   0.10.10-2   Core GStreamer libraries and eleme
ii  libgtk2.0-0  2.10.6-3The GTK+ graphical user interface 
ii  libgtkspell0 2.0.10-3+b1 a spell-checking addon for GTK's T
ii  libice6  1:1.0.1-2   X11 Inter-Client Exchange library
ii  libncursesw5 5.5-5   Shared libraries for terminal hand
ii  libpango1.0-01.14.7-1Layout and rendering of internatio
ii  libperl5.8   5.8.8-6.1   Shared Perl library
ii  libpng12-0   1.2.8rel-7  PNG library - runtime
ii  libsm6   1:1.0.1-3   X11 Session Management library
ii  libstartup-notification0 0.8-2   library for program launch feedbac
ii  libx11-6 2:1.0.3-3   X11 client-side library
ii  libxcursor1  1.1.7-4 X cursor management library
ii  libxext6 1:1.0.1-2   X11 miscellaneous extension librar
ii  libxfixes3   1:4.0.1-4   X11 miscellaneous 'fixes' extensio
ii  libxi6   1:1.0.1-3   X11 Input extension library
ii  libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library
ii  libxml2  2.6.27.dfsg-1   GNOME XML library
ii  libxrandr2   2:1.1.0.2-4 X11 RandR extension library
ii  libxrender1  1:0.9.1-3   X Rendering Extension client libra
ii  libxss1  1:1.1.0-1   X11 Screen Saver extension library
ii  zlib1g   1:1.2.3-13  compression library - runtime

Versions of packages gaim recommends:
pn  gstreamer0.10-alsa | gstreame  (no description available)
pn  gstreamer0.10-plugins-base (no description available)
pn  gstreamer0.10-plugins-good (no description available)

-- no debconf information
diff -uNr gaim-2.0.0+beta5/debian/rules gaim-2.0.0+beta5-my/debian/rules
--- gaim-2.0.0+beta5/debian/rules   2006-11-18 19:34:23.0 +0200
+++ gaim-2.0.0+beta5-my/debian/rules2006-11-18 19:19:12.0 +0200
@@ -12,7 +12,7 @@
 DEB_MAKE_BUILD_TARGET = GADU_LIBS="-lpthread -lgadu"

 # for gaim
-DEB_CONFIGURE_EXTRA_FLAGS := --disable-nas --disable-nss -enable-perl 
--disable-silc --with-zephyr=/usr --enable-dbus
+DEB_CONFIGURE_EXTRA_FLAGS := --disable-nas --disable-nss -enable-perl 
--disable-silc --with-zephyr=/usr --enable-dbus 
--with-dbus-services=/usr/share/dbus-1
 DEB_DH_MAKESHLIBS_ARGS_gaim := -V -X/usr/lib/gaim
 DEB_DH_SHLIBDEPS_ARGS_gaim := -X/usr/lib/gaim/libgg.so 
-X/usr/lib/gaim/libzephyr.so -X/usr/lib/gaim/tcl.so 
-X/usr/lib/gaim/gevolution.so -X/usr/lib/gaim/libsametime.so -- -dSuggests 
debian/g
aim/usr/lib/gaim/libgg.so debian/gaim/usr/lib/gaim/libzephyr.so 
debian/gaim/usr/lib/gaim/tcl.so debian/gaim/usr/lib/gaim/libsametime.so 
-dDepends

Bug#399227: yacas-proteus has rpath to insecure location (/tmp/buildd/yacas-1.0.57/debian/yacas/usr/lib)

2006-11-18 Thread Bill Allombert 
Package: yacas-proteus
Version: 1.0.57-2.4
Severity: serious
Tags: security

Hello Gopal,
yacas-proteus includes a binary with a rpath pointing to
/tmp/buildd/yacas-1.0.57/debian/yacas/usr/lib.

%chrpath /usr/bin/proteusworksheet
/usr/bin/proteusworksheet: RPATH=/tmp/buildd/yacas-1.0.57/debian/yacas/usr/lib

This allow an attacker with write access to that directory to
add modified libraries which will be loaded when someone
else run proteusworksheet.

Cheers,
-- 
Bill. <[EMAIL PROTECTED]>

Imagine a large blue swirl here. 


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#398694: adonthell: diff for NMU version 0.3.4.cvs.20050813-2.4

2006-11-18 Thread Mohammed Adnène Trojette 
tags 398694 + patch
thanks

Hi,

Attached is the diff for my adonthell 0.3.4.cvs.20050813-2.4 NMU.
-- 
adn
Mohammed Adnène Trojette
diff -u adonthell-0.3.4.cvs.20050813/config.sub 
adonthell-0.3.4.cvs.20050813/config.sub
--- adonthell-0.3.4.cvs.20050813/config.sub
+++ adonthell-0.3.4.cvs.20050813/config.sub
@@ -4,7 +4,7 @@
 #   2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
 #   Inc.
 
-timestamp='2006-07-02'
+timestamp='2006-09-20'
 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@@ -276,6 +276,7 @@
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
+   | score \
| sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | 
sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | 
sparclite \
@@ -284,7 +285,7 @@
| tahoe | thumb | tic4x | tic80 | tron \
| v850 | v850e \
| we32k \
-   | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \
+   | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
| z8k)
basic_machine=$basic_machine-unknown
;;
@@ -367,7 +368,7 @@
| tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
-   | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \
+   | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
| xstormy16-* | xtensa-* \
| ymp-* \
| z8k-*)
@@ -909,6 +910,10 @@
sb1el)
basic_machine=mipsisa64sb1el-unknown
;;
+   sde)
+   basic_machine=mipsisa32-sde
+   os=-elf
+   ;;
sei)
basic_machine=mips-sei
os=-seiux
@@ -1366,6 +1371,9 @@
 # system, and we'll never get to this point.
 
 case $basic_machine in
+score-*)
+   os=-elf
+   ;;
 spu-*)
os=-elf
;;
diff -u adonthell-0.3.4.cvs.20050813/debian/changelog 
adonthell-0.3.4.cvs.20050813/debian/changelog
--- adonthell-0.3.4.cvs.20050813/debian/changelog
+++ adonthell-0.3.4.cvs.20050813/debian/changelog
@@ -1,3 +1,12 @@
+adonthell (0.3.4.cvs.20050813-2.4) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Replace remaining "" with .
+(Closes: #398694)
+Thanks Goswin von Brederlow and Matthew Johnson for noticing.
+
+ -- Mohammed Adnène Trojette <[EMAIL PROTECTED]>  Sat, 18 Nov 2006 17:43:05 
+0100
+
 adonthell (0.3.4.cvs.20050813-2.3) unstable; urgency=low
 
   * Non-maintainer upload.
diff -u adonthell-0.3.4.cvs.20050813/debian/patches/02_use_libsdl-ttf.diff 
adonthell-0.3.4.cvs.20050813/debian/patches/02_use_libsdl-ttf.diff
--- adonthell-0.3.4.cvs.20050813/debian/patches/02_use_libsdl-ttf.diff
+++ adonthell-0.3.4.cvs.20050813/debian/patches/02_use_libsdl-ttf.diff
@@ -33,7 +33,7 @@
  
  #include "types.h"
 -#include "SDL_keysym.h"
-+#include 
++#include 
  
  
  /**
@@ -124,7 +124,7 @@
  %include "gametime.h"
  %include "gamedate.h"
 -%include "SDL_keysym.h"
-+%include 
++%include 
  %include "input.h"
  %include "audio.h"
  %include "character_base.h"

Processed: adonthell: diff for NMU version 0.3.4.cvs.20050813-2.4

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 398694 + patch
Bug#398694: FTBFS: Unable to find 'SDL/SDL_keysym.h'
Tags were: patch
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399226: yacas has rpath to insecure location (/tmp/yacas/usr/bin/yacas)

2006-11-18 Thread Bill Allombert 
Package: yacas
Version: 1.0.57-2.4
Severity: serious
Tags: security

Hello Gopal,
yacas includes a binary with a rpath pointing to /tmp/yacas/usr/bin/yacas.

chrpath /usr/bin/yacas
/usr/bin/yacas: RPATH=/tmp/buildd/yacas-1.0.57/debian/yacas/usr/lib

This allows an attacker with write access to that directory to
add modified libraries which will be loaded when someone
else run yacas.

Cheers,
-- 
Bill. <[EMAIL PROTECTED]>

Imagine a large blue swirl here. 


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399224: xfonts-scalable: doesn't call update-fonts-dir in postinst/postrm

2006-11-18 Thread Roland Rosenfeld 
Package: xfonts-scalable
Version: 1:1.0.0-5
Severity: serious
Rationale: policy violation paragraph 11.8.5 (13), renders gsfonts-x11 unusable
Tags: patch

1:1.0.0-4 contained fonts.dir as a file in the package.  This file is
removed in 1:1.0.0-5, which results in removal of fonts.dir.  But
after all this the postinst (and also postrm) should run
update-fonts-scale, update-fonts-alias and update-fonts-dir, but it
only runs update-fonts-scale and update-fonts-alias.

This is defined in policy 11.8.5:

 11.  Font packages that provide one or more `fonts.scale' files as
  described above must invoke `update-fonts-scale' on each
  directory into which they installed fonts _before_ invoking
  `update-fonts-dir' on that directory.  This invocation must occur
  in both the `postinst' (for all arguments) and `postrm' (for all
  arguments except `upgrade') scripts.

 12.  Font packages that provide one or more `fonts.alias' files as
  described above must invoke `update-fonts-alias' on each
  directory into which they installed fonts.  This invocation must
  occur in both the `postinst' (for all arguments) and `postrm'
  (for all arguments except `upgrade') scripts.

 13.  Font packages must invoke `update-fonts-dir' on each directory
  into which they installed fonts.  This invocation must occur in
  both the `postinst' (for all arguments) and `postrm' (for all
  arguments except `upgrade') scripts.

(see especially paragraph 13.).

If fonts.dir is missing, this results in the X server ignoring this
directory:

(WW) `fonts.dir' not found (or not valid) in "/usr/share/fonts/X11/Type1".
Entry deleted from font path.
(Run 'mkfontdir' on "/usr/share/fonts/X11/Type1").

As a workaround 
 update-fonts-dir Type1
And manually adding /usr/share/fonts/X11/Type1 to the font path (or
restarting the X server) should help.

I tagged this bug severity "serious" because the behavior of this
package violates the above mentioned policy and implies that other
packages with Type1 fonts (like gsfonts-x11) are unusable, which as a
result leads to programs like xfig being unusable because they need
the unusable fonts.

I attached a small patch, which solves this problem.  Please let me
know, if you want me to NMU the modified package.

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-amd64
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)

Versions of packages xfonts-scalable depends on:
ii  xfonts-utils  1:1.0.1-1  X Window System font utility progr

xfonts-scalable recommends no packages.

-- no debconf information

Tscho

Roland

-- 
 * [EMAIL PROTECTED] * http://www.spinnaker.de/ *
diff -u xfonts-scalable-1.0.0/debian/changelog 
xfonts-scalable-1.0.0/debian/changelog
--- xfonts-scalable-1.0.0/debian/changelog
+++ xfonts-scalable-1.0.0/debian/changelog
@@ -1,3 +1,11 @@
+xfonts-scalable (1:1.0.0-5.1) unstable; urgency=high
+
+  * Non maintainer upload.
+  * Run update-fonts-dir in postinst and postrm, otherwise the fonts are
+not usable.
+
+ -- Roland Rosenfeld <[EMAIL PROTECTED]>  Sat, 18 Nov 2006 18:00:28 +0100
+
 xfonts-scalable (1:1.0.0-5) unstable; urgency=medium
 
   [ Eugene Konev ]
diff -u xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in 
xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in
--- xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in
+++ xfonts-scalable-1.0.0/debian/xfonts-scalable.postinst.in
@@ -19,7 +19,7 @@
 remove_conffile_commit /etc/X11/fonts/X11R7/Type1/xfonts-scalable.scale
 
 FONTDIRS="Type1"
-UPDATECMDS="update-fonts-scale update-fonts-alias"
+UPDATECMDS="update-fonts-scale update-fonts-alias update-fonts-dir"
 
 if which defoma-app >/dev/null 2>&1 && \
[ -e /usr/share/defoma/scripts/fontconfig.defoma ]; then
diff -u xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in 
xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in
--- xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in
+++ xfonts-scalable-1.0.0/debian/xfonts-scalable.postrm.in
@@ -22,7 +22,7 @@
 
 if [ "$1" = "purge" ] || [ "$1" = "remove" ] || [ "$1" = "disappear" ]; then
   FONTDIRS="Type1"
-  UPDATECMDS="update-fonts-scale update-fonts-alias"
+  UPDATECMDS="update-fonts-scale update-fonts-alias update-fonts-dir"
 
   if which defoma-app >/dev/null 2>&1 && \
  [ -e /usr/share/defoma/scripts/fontconfig.defoma ]; then


pgpWHKbW7jsBg.pgp
Description: PGP signature

Bug#398694: FTBFS: Unable to find 'SDL/SDL_keysym.h'

2006-11-18 Thread Mohammed Adnène Trojette 
On Fri, Nov 17, 2006, Matthew Johnson wrote:
> I have a patch which fixes this (attached) and am preparing an NMU
> upload with it.
> 
> Previous patches have left  in the %includes rather
> than just .

I introduced the bug in my NMUs so I've taken responsibility. Thanks for
noticing it: I've just uploaded a hopefully fixed adonthell (compilation
tested on a PowerPC box).

-- 
adn
Mohammed Adnène Trojette

Bug#397628: Patch for bugs

2006-11-18 Thread Arjan Oosting 
Op za, 18-11-2006 te 17:29 +0100, schreef Mohammed Adnène Trojette:
> Please be careful that you've introduced bashisms in your patch.

Indeed I have. Naughty me. Thanks for the notice.

Greetings Arjan

> For example:
> 
> --- haskell98-report-20030706.orig/hierarchical-modules/Makefile
> +++ haskell98-report-20030706/hierarchical-modules/Makefile
> @@ -8,4 +8,4 @@
> TEXINPUTS=../styles: pdflatex $<
> 
>  clean :
> -   rm hier.ps hier.pdf
> +   rm -f hier.{ps,pdf,aux,dvi,log}
> 
> should be
> 
> -   rm hier.ps hier.pdf
> +   rm -f hier.ps hier.pdf hier.aux hier.dvi hier.log
> 


signature.asc
Description: Dit berichtdeel is digitaal ondertekend

Bug#399195: python-cairo: python2.3 import fail

2006-11-18 Thread Loic Dachary 

Thanks for the explanation. I'm confused though because
apt-cache show claims support for python2.3. Any idea why this is so ?

$ apt-cache show python-cairo
Package: python-cairo
Priority: optional
Section: python
Installed-Size: 236
Maintainer: Dave Beckett <[EMAIL PROTECTED]>
Architecture: i386
Source: pycairo
Version: 1.2.0-1
Replaces: python2.3-cairo, python2.4-cairo
Provides: python2.3-cairo, python2.4-cairo
Depends: libc6 (>= 2.3.6-6), libcairo2 (>= 1.2.0), python-central (>= 0.5), 
python (<< 2.5), python (>= 2.3)
Conflicts: python2.3-cairo, python2.4-cairo
Filename: pool/main/p/pycairo/python-cairo_1.2.0-1_i386.deb
Size: 81198
MD5sum: bbad227a34e38dbbf92be5876d94452e
SHA1: 7363188a816396d37ec46ceb4c9bce0bb2c7c49e
SHA256: 7eff778aa7064f378dd3c6be99916cf66b3746d0366b8610105f96e235d41a43
Description: Python bindings for the Cairo vector graphics library
 This package contains modules that allow you to use the cairo vector
 graphics library in Python programs.
Python-Version: 2.4, 2.3

-- 
+33 1 76 60 72 81  Loic Dachary mailto:[EMAIL PROTECTED]
http://dachary.org/loic/gpg.txt sip:[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#380758: marked as done (Python transition (#2): you are building a private python module !)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 08:32:11 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#380758: fixed in boa-constructor 0.4.4cvs20050714-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: boa-constructor
Version: 0.4.4cvs20050714-2
Severity: important

  Hi, your package has been detected as generating a (for most of that
mass bug fill: private) python module/extension that may need an upgrade
to the new Python Policy[1].

  A wiki page[2] explains what has to be done to upgrade your packages
to the new Policy. This bug may be a false positive, in that case,
please just close the bug.

  This bug is part of a mass bug filling, and its severity will be
raised to serious when python will default to python2.4 (which should
happend on tomorrow - Wed 2nd of July). Please note that this bug (even
not being RC) falls under the 0-day NMU policy.


  [1] http://lists.debian.org/debian-devel-announce/2006/06/msg9.html
  [2] http://wiki.debian.org/DebianPython/NewPolicy
  especially "Notes for packages with private modules/extensions"


Special Notes

  * embedded interpreters: You don't *need* to do anything for your
package, though using XS/XB-Python-Version is much appreciated as it
helps tracking your package for binNMUs when python2.4 will become
default.

  * if you need help updating your package, you can either:
 - mail debian-python@lists.debian.org ,
 - tag your bug + help ,
 - come on #debian-python/OFTC.


--- End Message ---
--- Begin Message ---
Source: boa-constructor
Source-Version: 0.4.4cvs20050714-3

We believe that the bug you reported is fixed in the latest version of
boa-constructor, which is due to be installed in the Debian FTP archive:

boa-constructor_0.4.4cvs20050714-3.diff.gz
  to pool/main/b/boa-constructor/boa-constructor_0.4.4cvs20050714-3.diff.gz
boa-constructor_0.4.4cvs20050714-3.dsc
  to pool/main/b/boa-constructor/boa-constructor_0.4.4cvs20050714-3.dsc
boa-constructor_0.4.4cvs20050714-3_all.deb
  to pool/main/b/boa-constructor/boa-constructor_0.4.4cvs20050714-3_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Cédric Delfosse <[EMAIL PROTECTED]> (supplier of updated boa-constructor 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 15:54:16 +0100
Source: boa-constructor
Binary: boa-constructor
Architecture: source all
Version: 0.4.4cvs20050714-3
Distribution: unstable
Urgency: low
Maintainer: Cédric Delfosse <[EMAIL PROTECTED]>
Changed-By: Cédric Delfosse <[EMAIL PROTECTED]>
Description: 
 boa-constructor - RAD tool for Python and WxWindows application
Closes: 380758
Changes: 
 boa-constructor (0.4.4cvs20050714-3) unstable; urgency=low
 .
   * Use python-support (Closes: #380758)
Files: 
 b95edd8fb48c61be78acd7cc10a70cd7 659 devel optional 
boa-constructor_0.4.4cvs20050714-3.dsc
 c65998138b7468b894177112ed95665c 6933 devel optional 
boa-constructor_0.4.4cvs20050714-3.diff.gz
 fce96daab760d5ddb13f7d114a91654c 3908646 devel optional 
boa-constructor_0.4.4cvs20050714-3_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFXzImbmmXPPfovGMRAqCYAJ9tChv8iLnKkT2T47BbRGA0WktKOACgmPHN
2NO0cDLkt8qNOE3ZuLV+anQ=
=WaEU
-END PGP SIGNATURE-

--- End Message ---

Bug#399170: Sage extension feed script insertion vulnerability

2006-11-18 Thread Stefan Fritsch 
If the version in Debian is not affected by this bug, you can of 
course close or downgrade this bug. 

Note that I have never used sage and don't know how it works, but from 
your description it sounds like disabling HTML mode would take care 
of many potential vulnerabilities. So I don't see any reason not to 
release the current version with etch.

However, if you uploaded a new version with HTML mode enabled you need 
to be very sure that the sanitization works. Maybe it would be a good 
idea to delay this upload past etch release or prevent it from 
reaching etch by filing a (versioned) RC bug.

Of course, if you think that the current version is not fit to be 
released with etch, then you should ask debian-release to remove it.
You can also file a seperate severity serious bug report saying that 
you think it unfit for release.

Cheers,
Stefan


pgpBmxxsBTQ96.pgp
Description: PGP signature

Bug#399195: marked as done (python-cairo: python2.3 import fail)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 08:35:23 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#399195: python-cairo: python2.3 import fail
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

Subject: python-cairo: python2.3 import fail
Package: python-cairo
Version: 1.2.0-1
Severity: serious

$ python2.3
Python 2.3.5 (#2, Oct 18 2006, 23:04:45) 
[GCC 4.1.2 20061015 (prerelease) (Debian 4.1.1-16.1)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import cairo
Traceback (most recent call last):
  File "", line 1, in ?
ImportError: No module named cairo
>>> 
$ python2.4
Python 2.4.4 (#2, Oct 20 2006, 00:23:25) 
[GCC 4.1.2 20061015 (prerelease) (Debian 4.1.1-16.1)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import cairo
>>> 
>>> 


-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-vserver-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages python-cairo depends on:
ii  libc62.3.6.ds1-8 GNU C Library: Shared libraries
ii  libcairo21.2.4-4 The Cairo 2D vector graphics libra
ii  python   2.4.4-1 An interactive high-level object-o
ii  python-central   0.5.10  register and build utility for Pyt

python-cairo recommends no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Loic Dachary (OuoU) wrote:
> Subject: python-cairo: python2.3 import fail
> Package: python-cairo
> Version: 1.2.0-1
> Severity: serious
> 
> $ python2.3
> Python 2.3.5 (#2, Oct 18 2006, 23:04:45) 
> [GCC 4.1.2 20061015 (prerelease) (Debian 4.1.1-16.1)] on linux2
> Type "help", "copyright", "credits" or "license" for more information.
 import cairo
> Traceback (most recent call last):
>   File "", line 1, in ?
> ImportError: No module named cairo
> $ python2.4
> Python 2.4.4 (#2, Oct 20 2006, 00:23:25) 
> [GCC 4.1.2 20061015 (prerelease) (Debian 4.1.1-16.1)] on linux2
> Type "help", "copyright", "credits" or "license" for more information.
 import cairo

 

This is the hint, whenever you install python-cairo
and have python2.3 installed you get this message:

INFO: using old version '/usr/bin/python2.3'
Unpacking replacement python-cairo ...
Setting up python-cairo (1.2.0-1) ...

The versions that python-cairo gets built on is under the
control of the debian python policy and programs that
interpret it such as python-central.  If you want to get
python 2.3 support returned, contact them.

So this bug will not be fixed, since right now python 2.3
is not returned when 'pyversions -r' is run asking for "all"
debian python versions:

$ apt-get build-dep python-cairo
...
$ apt-get source python-cairo
...
$ cd pycairo-1.2.0
$ pyversions -r
python2.4

Dave

--- End Message ---

Bug#397628: Patch for bugs

2006-11-18 Thread Mohammed Adnène Trojette 
On Sat, Nov 11, 2006, Arjan Oosting wrote:
> tag 397628 patch
> [snip]
> I have attached my diff.gz as I have based my work on a snapshot of the
> new upstream darcs archive (I have updated get-orig-source in
> debian/rules appropriately)

Please be careful that you've introduced bashisms in your patch.

For example:

--- haskell98-report-20030706.orig/hierarchical-modules/Makefile
+++ haskell98-report-20030706/hierarchical-modules/Makefile
@@ -8,4 +8,4 @@
TEXINPUTS=../styles: pdflatex $<

 clean :
-   rm hier.ps hier.pdf
+   rm -f hier.{ps,pdf,aux,dvi,log}

should be

-   rm hier.ps hier.pdf
+   rm -f hier.ps hier.pdf hier.aux hier.dvi hier.log

-- 
adn
Mohammed Adnène Trojette

Bug#399214: solfege: Fails to upgrade (3.0.6-1 -> 3.6.3-1); cannot remove it as well

2006-11-18 Thread Yavor Doganov 
Package: solfege
Version: 3.0.6-1
Severity: serious

The package fails to upgrade to the current version in testing:

Preparing to replace solfege 3.0.6-1 (using .../solfege_3.6.3-1_i386.deb) ...
Document `solfege' is not installed, cannot remove.
usage: update-python-modules [-v] [-c] package_directory [...]
   update-python-modules [-v] [-c] package.dirs [...]
   update-python-modules [-v] [-a|-f]

update-python-modules: error: /usr/share/solfege is not in the python-support 
directory.
dpkg: warning - old pre-removal script returned error exit status 2
dpkg - trying script from the new package instead ...
usage: update-python-modules [-v] [-c] package_directory [...]
   update-python-modules [-v] [-c] package.dirs [...]
   update-python-modules [-v] [-a|-f]

update-python-modules: error: /usr/share/python-support/solfege.dirs does not 
exist
dpkg: error processing /var/cache/apt/archives/solfege_3.6.3-1_i386.deb 
(--unpack):
 subprocess new pre-removal script returned error exit status 2

Also it fails when attempting to remove it:

Removing solfege ...
Document `solfege' is not installed, cannot remove.
usage: update-python-modules [-v] [-c] package_directory [...]
   update-python-modules [-v] [-c] package.dirs [...]
   update-python-modules [-v] [-a|-f]

update-python-modules: error: /usr/share/solfege is not in the python-support 
directory.
dpkg: error processing solfege (--remove):
 subprocess pre-removal script returned error exit status 2

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-k7
Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8)

Versions of packages solfege depends on:
ii  libc62.3.6.ds1-7 GNU C Library: Shared libraries
ii  python   2.4.3-11An interactive high-level object-o
ii  python-gnome22.12.4-5Python bindings for the GNOME desk
ii  python-gnome2-extras 2.14.2-1+b1 Python bindings for the GNOME desk
ii  python-gtk2  2.8.6-6 Python bindings for the GTK+ widge

solfege recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399216: libccaudio2-doc conflicts with libcommoncpp2-doc

2006-11-18 Thread Vitaly Mayatskih 
Subject: libccaudio2-doc: conflicts with libcommoncpp2-doc
Package: libccaudio2-doc
Version: 0.9.10-1
Severity: grave
Justification: renders package unusable

*** Please type your report below this line ***

$ LANG=C sudo apt-get install libccaudio2-doc
Reading package lists... Done
Building dependency tree... Done
The following NEW packages will be installed:
  libccaudio2-doc
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/278kB of archives.
After unpacking 1995kB of additional disk space will be used.
(Reading database ... 154441 files and directories currently installed.)
Unpacking libccaudio2-doc (from .../libccaudio2-doc_0.9.10-1_all.deb) ...
dpkg: error 
processing /var/cache/apt/archives/libccaudio2-doc_0.9.10-1_all.deb 
(--unpack):
 trying to overwrite `/usr/share/man/man3/ost.3.gz', which is also in package 
libcommoncpp2-doc
Errors were encountered while processing:
 /var/cache/apt/archives/libccaudio2-doc_0.9.10-1_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)

-- 
wbr, Vitaly Mayatskih


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399213: zope-quotafolder is missing a depend on zope2.9

2006-11-18 Thread Jérémy Bobbio 
Package: zope-quotafolder
Version: 0.1.1-2
Severity: grave
Justification: renders package unusable

zope-quotafolder depends on "zope2.8 | zope2.7 | zope (>= 2.6.2)".

zope2.8 have been removed from unstable.  Its removal from testing is
currently blocked by zope-quotafolder as it would make it uninstallable.

zope-quotafolder dependencies should be updated to contain zope2.9 as
well.

Regards,
-- 
Jérémy


signature.asc
Description: Digital signature

Bug#398776: marked as done (dblatex: postrm fails: /var/lib/dpkg/info/dblatex.postrm: line 44: mktexlsr: command not found)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 07:32:07 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#398776: fixed in dblatex 0.2-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: dblatex
Version: 0.2-1
Severity: serious
Usertags: grid5000

Hi,

During a piuparts run over all the packages in etch, I ran into a
problem with your package:
  Removing dblatex ...
  Purging configuration files for dblatex ...
  /var/lib/dpkg/info/dblatex.postrm: line 44: mktexlsr: command not
found
  dpkg: error processing dblatex (--purge):
   subprocess post-removal script returned error exit status 127

mktexlsr is not garanteed to be isntalled during postrm purge.

The piuparts run was done on about 40 AMD64 nodes of the Grid'5000
platform, using a clean chroot containing an etch i386 environment
(not unstable).  Internet was not accessible from the build systems.

About Grid'5000:
Grid'5000 is an highly reconfigurable experimental Grid platform
gathering 9 sites and featuring a total of 5000 CPUs. It serves as a
testbed for research in Grid Computing. See https://www.grid5000.fr/
-- 
| Lucas Nussbaum
| [EMAIL PROTECTED]   http://www.lucas-nussbaum.net/ |
| jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F |

--- End Message ---
--- Begin Message ---
Source: dblatex
Source-Version: 0.2-2

We believe that the bug you reported is fixed in the latest version of
dblatex, which is due to be installed in the Debian FTP archive:

dblatex_0.2-2.diff.gz
  to pool/main/d/dblatex/dblatex_0.2-2.diff.gz
dblatex_0.2-2.dsc
  to pool/main/d/dblatex/dblatex_0.2-2.dsc
dblatex_0.2-2_all.deb
  to pool/main/d/dblatex/dblatex_0.2-2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Hoenen <[EMAIL PROTECTED]> (supplier of updated dblatex package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 09:52:18 +0100
Source: dblatex
Binary: dblatex
Architecture: source all
Version: 0.2-2
Distribution: unstable
Urgency: high
Maintainer: Andreas Hoenen <[EMAIL PROTECTED]>
Changed-By: Andreas Hoenen <[EMAIL PROTECTED]>
Description: 
 dblatex- Produces DVI, PostScript, PDF documents from DocBook sources
Closes: 398776
Changes: 
 dblatex (0.2-2) unstable; urgency=high
 .
   * Do not depend on script mktexlsr belonging to a non-essential package
 in postrm purge. (Urgency set to high due to serious severity.)
 Closes: #398776
Files: 
 c3b549921ddbaf23a937bcdf5ee17987 583 text optional dblatex_0.2-2.dsc
 4c6bcd49549c47ba15db6f4dc07f183e 8307 text optional dblatex_0.2-2.diff.gz
 b48585f40cbb3b6ed666a5fe4afdbaad 591118 text optional dblatex_0.2-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFXyWsvJtHM4T7RtYRAuCGAJ4sU4Vg8a/HZ1s5SO4E31OvXGdPpwCg4WO7
cAxAFj1k7e10HnBTb0707J8=
=fqb7
-END PGP SIGNATURE-

--- End Message ---

Bug#389695: up-imapproxy: diff for NMU version 1.2.4-5.1

2006-11-18 Thread Steinar H. Gunderson 
tags 389695 + patch
thanks

Hi,

Attached is the diff for my up-imapproxy 1.2.4-5.1 NMU.
diff -Nru /tmp/ltDENmLScu/up-imapproxy-1.2.4/debian/changelog 
/tmp/hJRo061wx6/up-imapproxy-1.2.4/debian/changelog
--- /tmp/ltDENmLScu/up-imapproxy-1.2.4/debian/changelog 2006-11-18 
15:55:38.0 +0100
+++ /tmp/hJRo061wx6/up-imapproxy-1.2.4/debian/changelog 2006-11-18 
15:55:38.0 +0100
@@ -1,3 +1,12 @@
+up-imapproxy (1.2.4-5.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Remove the odd grep hack; it broke upgrades, as we don't get any warnings
+on stop anymore, and the non-zero return status of grep killed the init
+script. (Closes: #389695)
+
+ -- Steinar H. Gunderson <[EMAIL PROTECTED]>  Sat, 18 Nov 2006 15:51:36 +0100
+
 up-imapproxy (1.2.4-5) unstable; urgency=high
 
   * Code enhancements

Processed: up-imapproxy: diff for NMU version 1.2.4-5.1

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 389695 + patch
Bug#389695: upgrade fails due to failing /etc/init.d/imapproxy stop
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Tag "sid" packages not going to be in etch

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 392972 + sid
Bug#392972: cps-site: Error Value: 'roles'
There were no tags set.
Tags added: sid

> tags 336804 + sid
Bug#336804: schoolbell: includes a fr_FR.po translation instead of fr.po
Tags were: l10n
Tags added: sid

> tags 365049 + sid
Bug#365049: schooltool: logrotate script does not use invoke-rc.d
There were no tags set.
Tags added: sid

> tags 392632 + sid
Bug#392632: debhelper and po-debconf should be in Build-Depends
There were no tags set.
Tags added: sid

> tags 392640 + sid
Bug#392640: schooltool: po-debconf and debhelper should be in Build-Depends
There were no tags set.
Tags added: sid

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#389695: marked as done (upgrade fails due to failing /etc/init.d/imapproxy stop)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 07:02:14 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#389695: fixed in up-imapproxy 1.2.4-5.1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: imapproxy
Version: 1.2.4-4
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I tried to upgrade imapproxy today, but failed:

Voorbereiden om imapproxy 1.2.4-4 te vervangen (door 
.../imapproxy_1.2.4-5_i386.deb) ...
Stopping IMAP proxy: invoke-rc.d: initscript imapproxy, action "stop" failed.
dpkg: waarschuwing - verouderd pre-removal script gaf een foutcode 1
dpkg - script uit het nieuwe pakket wordt geprobeerd ...
Stopping IMAP proxy: invoke-rc.d: initscript imapproxy, action "stop" failed.
dpkg: fout bij afhandelen van 
/var/cache/apt/archives/imapproxy_1.2.4-5_i386.deb (--unpack):
 subproces nieuw pre-removal script gaf een foutwaarde 1 terug
Starting IMAP proxy: imapproxy.
Fouten gevonden tijdens behandelen van:
 /var/cache/apt/archives/imapproxy_1.2.4-5_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

It seems the error is in the init script when it is called with stop:

 [EMAIL PROTECTED]:~$ ps aux | grep imapproxy[d]
 nobody7989  0.0  0.2  11956  1524 ?Ssl  10:11   0:00 
/usr/sbin/imapproxyd -f /etc/imapproxy.conf
 [EMAIL PROTECTED]:~$ sudo /etc/init.d/imapproxy stop ; echo $?
 Stopping IMAP proxy: 1
 [EMAIL PROTECTED]:~$ ps aux | grep imapproxy[d]
 [EMAIL PROTECTED]:~$

The init script stops imapproxy but still return exit code 1, which is cause by 
the call
to grep:

  [EMAIL PROTECTED]:~$ sudo /etc/init.d/imapproxy start ; echo $?
  Starting IMAP proxy: imapproxy.
  0
  [EMAIL PROTECTED]:~$ sudo start-stop-daemon --oknodo --stop --quiet 
--pidfile=/var/run/imapproxy.pid --exec /usr/sbin/imapproxyd -- -f 
/etc/imapproxy.conf | grep warning ; echo $?
  1
  [EMAIL PROTECTED]:~$ sudo /etc/init.d/imapproxy start ; echo $? Starting IMAP 
proxy: imapproxy.
  0
  [EMAIL PROTECTED]:~$ sudo start-stop-daemon --oknodo --stop --quiet 
--pidfile=/var/run/imapproxy.pid --exec /usr/sbin/imapproxyd -- -f 
/etc/imapproxy.conf ; echo $?
  0

Because there are no warning the call to grep returns with exit code 1, which 
causes the initscript to exit with code 1:

 [EMAIL PROTECTED]:~$ echo "" | grep warning ; echo $?
 1

Greetings Arjan 


- -- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-3-moonshine
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)

Versions of packages imapproxy depends on:
ii  debconf [debconf-2.0]1.5.4   Debian configuration management sy
ii  libc62.3.6.ds1-4 GNU C Library: Shared libraries
ii  libncurses5  5.5-3   Shared libraries for terminal hand
ii  libssl0.9.8  0.9.8c-1SSL shared libraries
ii  libwrap0 7.6.dbs-11  Wietse Venema's TCP wrappers libra

imapproxy recommends no packages.

- -- debconf information:
* imapproxy/imap-server: localhost

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFGjPMUALvsZYuOJARAt0qAJ9554t8WkgiMwO91A8s7+Cqf1KNlACgsNtd
czjt5VlA26ghRBC6qzRCXng=
=rHkp
-END PGP SIGNATURE-

--- End Message ---
--- Begin Message ---
Source: up-imapproxy
Source-Version: 1.2.4-5.1

We believe that the bug you reported is fixed in the latest version of
up-imapproxy, which is due to be installed in the Debian FTP archive:

imapproxy_1.2.4-5.1_i386.deb
  to pool/main/u/up-imapproxy/imapproxy_1.2.4-5.1_i386.deb
up-imapproxy_1.2.4-5.1.diff.gz
  to pool/main/u/up-imapproxy/up-imapproxy_1.2.4-5.1.diff.gz
up-imapproxy_1.2.4-5.1.dsc
  to pool/main/u/up-imapproxy/up-imapproxy_1.2.4-5.1.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steinar H. Gunderson <[EMAIL PROTECTED]> (supplier of updated up-imapproxy 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 15

Bug#399205: libsmbios-dev: where is libsmbios.so ?

2006-11-18 Thread Julien BLACHE 
Package: libsmbios-dev
Version: 0.12.1-2
Severity: serious
Justification: renders package unusable

Hi,

libsmbios-dev does not provide libsmbios.so, making it impossible to link
against libsmbios.

Note that it also lacks a static libsmbios.a.

JB.

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.19-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages libsmbios-dev depends on:
ii  libsmbios10.12.1-2   Provide access to (SM)BIOS informa

libsmbios-dev recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399170: Sage extension feed script insertion vulnerability

2006-11-18 Thread Alan Woodland 
I don't have anything available to test this on right now, but I  
strongly suspect that this will not affect the version of Sage  
currently in Debian. The version currently in Debian is 1.3.7, plus  
my somewhat draconian patch to fix the previously reported  
vulnerabilities. See the bug report for the last round of  
vulnerabilities for the patch I hacked up [0].


Reasoning:
From the looks of the feed mentioned in the report [1] the exploit  
can only work if HTML mode is on. If HTML mode is disabled the  
contents of the feed will be converted into HTML entities as required  
before viewing, which will prevent the exploit from working. My patch  
disabled HTML mode entirely (as well as fixing a bug with the non- 
HTML mode), therefore I can't see this exploit working on the version  
in Debian currently.


As for where to go from here with Debian I'm not quite sure. I had  
planned to do a fairly comprehensive review of 1.3.8 before uploading  
it and re-enabling HTML mode. (I still really don't like the way  
feeds end up treated as local). Presumably though if I'm correct and  
this bug doesn't actually affect the version in Debian it shouldn't  
be an RC bug? In light of these problems though I'm somewhat uneasy  
with the idea of this releasing when Etch releases though. The way to  
do that though I assume would be to get it removed from testing  
manually, and keep this bug report open to stop it going back into  
testing? Any thoughts?


Alan

[0] - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=388149
[1] - http://michaeldaw.org/projects/sage-exploit-feed.xml


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#393392: marked as done (Source package contains non-free IETF RFC/I-D's)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 06:22:27 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#393392: fixed in libunicode-map8-perl-dfsg 0.12-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libunicode-map8-perl
Version: 0.12-2
Severity: serious

Hi!

This bug has been filed on multiple packages, and general discussions
are kindly requested to take place on debian-legal or debian-devel in
the thread with Subject: "Non-free IETF RFC/I-Ds in source packages".

It seems this source package contains the following files from the
IETF under non-free license terms:

Unicode-Map8-0.12/rfc1345.txt 

The license on RFC/I-Ds is not DFSG-free, see:
 * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
 * http://release.debian.org/removing-non-free-documentation
 * http://wiki.debian.org/NonFreeIETFDocuments

The etch release policy says binary and source packages must each be free:
 * http://release.debian.org/etch_rc_policy.txt

The severity is serious, because this violates the Debian policy:
 * http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg

There are (at least) three ways to fix this problem.  In order of
preference:

1. Ask the author of the RFC to re-license the RFC under a free
   license.  A template for this e-mail request can be found at
   http://wiki.debian.org/NonFreeIETFDocuments

2. Remove the non-free material from the source, e.g., by re-packaging
   the upstream archive and adding a 'dfsg' version name to it.

3. Move the package to non-free.

I went over many packages looking for names of likely non-free files,
and there may be false positives.  If this is the case for your
package, I'm sorry for the noise.  I'll modify the scripts to take
into account false positives when I learn of them, and publish the
list of exceptions under "Known exceptions" at
.

Thanks,
Simon

--- End Message ---
--- Begin Message ---
Source: libunicode-map8-perl-dfsg
Source-Version: 0.12-3

We believe that the bug you reported is fixed in the latest version of
libunicode-map8-perl-dfsg, which is due to be installed in the Debian FTP 
archive:

libunicode-map8-perl-dfsg_0.12-3.diff.gz
  to 
pool/main/libu/libunicode-map8-perl-dfsg/libunicode-map8-perl-dfsg_0.12-3.diff.gz
libunicode-map8-perl-dfsg_0.12-3.dsc
  to 
pool/main/libu/libunicode-map8-perl-dfsg/libunicode-map8-perl-dfsg_0.12-3.dsc
libunicode-map8-perl-dfsg_0.12.orig.tar.gz
  to 
pool/main/libu/libunicode-map8-perl-dfsg/libunicode-map8-perl-dfsg_0.12.orig.tar.gz
libunicode-map8-perl_0.12-3_i386.deb
  to 
pool/main/libu/libunicode-map8-perl-dfsg/libunicode-map8-perl_0.12-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
gregor herrmann <[EMAIL PROTECTED]> (supplier of updated 
libunicode-map8-perl-dfsg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Mon, 16 Oct 2006 23:09:40 +0200
Source: libunicode-map8-perl-dfsg
Binary: libunicode-map8-perl
Architecture: source i386
Version: 0.12-3
Distribution: unstable
Urgency: low
Maintainer: Debian Perl Group <[EMAIL PROTECTED]>
Changed-By: gregor herrmann <[EMAIL PROTECTED]>
Description: 
 libunicode-map8-perl - Perl module to map 8bit character sets to Unicode
Closes: 393392
Changes: 
 libunicode-map8-perl-dfsg (0.12-3) unstable; urgency=low
 .
   * Repackaged .orig.tar.gz: removed non-free RFC (closes: #393392).
   * Set Standards-Version to 3.7.2 (no changes).
Files: 
 72e891ce11884aabbddff96bbd578a65 870 perl optional 
libunicode-map8-perl-dfsg_0.12-3.dsc
 8eb6699784d327a1a4f0b2bb2c85601b 55223 perl optional 
libunicode-map8-perl-dfsg_0.12.orig.tar.gz
 4ff92ad64fd92cd9f4d92fe1cf1a3655 9384 perl optional 
libunicode-map8-perl-dfsg_0.12-3.diff.gz
 f86e982b36f7ec3e8d9d80954a07b52f 78596 perl optional 
libunicode-map8-perl_0.12-3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFM/i4+NMfSd6w7DERAmVnAJ9QJLYndSZZkfRDHowsLtpKWarZvwCggrDS
ZlUMyCDoobbO/iN4gWC8R7o=
=FzF5
-END PGP SIGNATURE-

--- End Message ---

Bug#393384: marked as done (Source package contains non-free IETF RFC/I-D's)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 06:22:24 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#393384: fixed in libdigest-md2-perl-dfsg 2.03-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libdigest-md2-perl
Version: 2.03-2
Severity: serious

Hi!

This bug has been filed on multiple packages, and general discussions
are kindly requested to take place on debian-legal or debian-devel in
the thread with Subject: "Non-free IETF RFC/I-Ds in source packages".

It seems this source package contains the following files from the
IETF under non-free license terms:

Digest-MD2-2.03/rfc1319.txt 

The license on RFC/I-Ds is not DFSG-free, see:
 * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
 * http://release.debian.org/removing-non-free-documentation
 * http://wiki.debian.org/NonFreeIETFDocuments

The etch release policy says binary and source packages must each be free:
 * http://release.debian.org/etch_rc_policy.txt

The severity is serious, because this violates the Debian policy:
 * http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg

There are (at least) three ways to fix this problem.  In order of
preference:

1. Ask the author of the RFC to re-license the RFC under a free
   license.  A template for this e-mail request can be found at
   http://wiki.debian.org/NonFreeIETFDocuments

2. Remove the non-free material from the source, e.g., by re-packaging
   the upstream archive and adding a 'dfsg' version name to it.

3. Move the package to non-free.

I went over many packages looking for names of likely non-free files,
and there may be false positives.  If this is the case for your
package, I'm sorry for the noise.  I'll modify the scripts to take
into account false positives when I learn of them, and publish the
list of exceptions under "Known exceptions" at
.

Thanks,
Simon

--- End Message ---
--- Begin Message ---
Source: libdigest-md2-perl-dfsg
Source-Version: 2.03-3

We believe that the bug you reported is fixed in the latest version of
libdigest-md2-perl-dfsg, which is due to be installed in the Debian FTP archive:

libdigest-md2-perl-dfsg_2.03-3.diff.gz
  to 
pool/main/libd/libdigest-md2-perl-dfsg/libdigest-md2-perl-dfsg_2.03-3.diff.gz
libdigest-md2-perl-dfsg_2.03-3.dsc
  to pool/main/libd/libdigest-md2-perl-dfsg/libdigest-md2-perl-dfsg_2.03-3.dsc
libdigest-md2-perl-dfsg_2.03.orig.tar.gz
  to 
pool/main/libd/libdigest-md2-perl-dfsg/libdigest-md2-perl-dfsg_2.03.orig.tar.gz
libdigest-md2-perl_2.03-3_i386.deb
  to pool/main/libd/libdigest-md2-perl-dfsg/libdigest-md2-perl_2.03-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
gregor herrmann <[EMAIL PROTECTED]> (supplier of updated 
libdigest-md2-perl-dfsg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Mon, 16 Oct 2006 23:02:31 +0200
Source: libdigest-md2-perl-dfsg
Binary: libdigest-md2-perl
Architecture: source i386
Version: 2.03-3
Distribution: unstable
Urgency: low
Maintainer: Debian Perl Group <[EMAIL PROTECTED]>
Changed-By: gregor herrmann <[EMAIL PROTECTED]>
Description: 
 libdigest-md2-perl - MD2 Message Digest for Perl
Closes: 393384
Changes: 
 libdigest-md2-perl-dfsg (2.03-3) unstable; urgency=low
 .
   * Repackaged .orig.tar.gz: removed non-free RFC (closes: #393384).
Files: 
 41852f1c503082cf60c77621dc6bfc98 867 perl optional 
libdigest-md2-perl-dfsg_2.03-3.dsc
 743315336cfc2799ea63282bc9b76da5 11327 perl optional 
libdigest-md2-perl-dfsg_2.03.orig.tar.gz
 10d87d142f1bf11156aa86aded3370b8 2272 perl optional 
libdigest-md2-perl-dfsg_2.03-3.diff.gz
 3f3f8b91108f618c020af9f78075ba59 18412 perl optional 
libdigest-md2-perl_2.03-3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFM/d8+NMfSd6w7DERAhbaAKC60i6jSTX+ON4as1xUGEPfeJS4GQCdFDU4
kOozp8dfeJZf0RBnE3DauUw=
=pi3q
-END PGP SIGNATURE-

--- End Message ---

Bug#393383: marked as done (Source package contains non-free IETF RFC/I-D's)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 06:22:20 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#393383: fixed in libdigest-hmac-perl-dfsg 1.01-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libdigest-hmac-perl
Version: 1.01-4
Severity: serious

Hi!

This bug has been filed on multiple packages, and general discussions
are kindly requested to take place on debian-legal or debian-devel in
the thread with Subject: "Non-free IETF RFC/I-Ds in source packages".

It seems this source package contains the following files from the
IETF under non-free license terms:

libdigest-hmac-perl-1.01.orig/rfc2104.txt 

The license on RFC/I-Ds is not DFSG-free, see:
 * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
 * http://release.debian.org/removing-non-free-documentation
 * http://wiki.debian.org/NonFreeIETFDocuments

The etch release policy says binary and source packages must each be free:
 * http://release.debian.org/etch_rc_policy.txt

The severity is serious, because this violates the Debian policy:
 * http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg

There are (at least) three ways to fix this problem.  In order of
preference:

1. Ask the author of the RFC to re-license the RFC under a free
   license.  A template for this e-mail request can be found at
   http://wiki.debian.org/NonFreeIETFDocuments

2. Remove the non-free material from the source, e.g., by re-packaging
   the upstream archive and adding a 'dfsg' version name to it.

3. Move the package to non-free.

I went over many packages looking for names of likely non-free files,
and there may be false positives.  If this is the case for your
package, I'm sorry for the noise.  I'll modify the scripts to take
into account false positives when I learn of them, and publish the
list of exceptions under "Known exceptions" at
.

Thanks,
Simon

--- End Message ---
--- Begin Message ---
Source: libdigest-hmac-perl-dfsg
Source-Version: 1.01-5

We believe that the bug you reported is fixed in the latest version of
libdigest-hmac-perl-dfsg, which is due to be installed in the Debian FTP 
archive:

libdigest-hmac-perl-dfsg_1.01-5.diff.gz
  to 
pool/main/libd/libdigest-hmac-perl-dfsg/libdigest-hmac-perl-dfsg_1.01-5.diff.gz
libdigest-hmac-perl-dfsg_1.01-5.dsc
  to pool/main/libd/libdigest-hmac-perl-dfsg/libdigest-hmac-perl-dfsg_1.01-5.dsc
libdigest-hmac-perl-dfsg_1.01.orig.tar.gz
  to 
pool/main/libd/libdigest-hmac-perl-dfsg/libdigest-hmac-perl-dfsg_1.01.orig.tar.gz
libdigest-hmac-perl_1.01-5_all.deb
  to pool/main/libd/libdigest-hmac-perl-dfsg/libdigest-hmac-perl_1.01-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
gregor herrmann <[EMAIL PROTECTED]> (supplier of updated 
libdigest-hmac-perl-dfsg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Mon, 16 Oct 2006 22:57:46 +0200
Source: libdigest-hmac-perl-dfsg
Binary: libdigest-hmac-perl
Architecture: source all
Version: 1.01-5
Distribution: unstable
Urgency: low
Maintainer: Debian Perl Group <[EMAIL PROTECTED]>
Changed-By: gregor herrmann <[EMAIL PROTECTED]>
Description: 
 libdigest-hmac-perl - create standard message integrity checks
Closes: 393383
Changes: 
 libdigest-hmac-perl-dfsg (1.01-5) unstable; urgency=low
 .
   * Repackaged .orig.tar.gz: removed nonfree RFC (closes: #393383).
Files: 
 8b964ec59a73ee0d18e52e1f0e70011f 929 perl optional 
libdigest-hmac-perl-dfsg_1.01-5.dsc
 b248cdac39cf0a89e2d5226d69b62ff0 6525 perl optional 
libdigest-hmac-perl-dfsg_1.01.orig.tar.gz
 50d1a7f79265bfd47d7395fbad0f67ec 2241 perl optional 
libdigest-hmac-perl-dfsg_1.01-5.diff.gz
 10169dde747397223abed6c16dcd72dc 10014 perl optional 
libdigest-hmac-perl_1.01-5_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFM/UU+NMfSd6w7DERAsULAKCRtL2PUldXN70QR68fH5ulrBMVDQCgpagE
fw6bxMeWQjxsdFz9rokEXAQ=
=NhhO
-END PGP SIGNATURE-

--- End Message ---

Processed: Raising severity of 389695

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> severity 389695 serious
Bug#389695: upgrade fails due to failing /etc/init.d/imapproxy stop
Severity set to `serious' from `normal'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399195: python-cairo: python2.3 import fail

2006-11-18 Thread OuoU 

Subject: python-cairo: python2.3 import fail
Package: python-cairo
Version: 1.2.0-1
Severity: serious

$ python2.3
Python 2.3.5 (#2, Oct 18 2006, 23:04:45) 
[GCC 4.1.2 20061015 (prerelease) (Debian 4.1.1-16.1)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import cairo
Traceback (most recent call last):
  File "", line 1, in ?
ImportError: No module named cairo
>>> 
$ python2.4
Python 2.4.4 (#2, Oct 20 2006, 00:23:25) 
[GCC 4.1.2 20061015 (prerelease) (Debian 4.1.1-16.1)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import cairo
>>> 
>>> 


-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-vserver-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages python-cairo depends on:
ii  libc62.3.6.ds1-8 GNU C Library: Shared libraries
ii  libcairo21.2.4-4 The Cairo 2D vector graphics libra
ii  python   2.4.4-1 An interactive high-level object-o
ii  python-central   0.5.10  register and build utility for Pyt

python-cairo recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#391181: patches included in the CVS

2006-11-18 Thread Mathieu Roy 
Hello,

I finally took the time to include all your contributions in the CVS.

Unfortunately, some of them was based on the latest release, not on the CVS, 
and as result there was a bit of duplicate fixes and some gettext strings 
that slightly changed that got fuzzy.

I think I'll make a new release with the merge result. If you want to check 
the result, grab the CVS. If you want to continue to update i18n or whatever, 
I can also provide you CVS write access.

The planning of this release is at https://gna.org/task/?4145 and it will have 
to be done before November the 29th before after I wont have the time to.

Thanks a lot for all your contributions,

-- 
Mathieu Roy

  | Not everybody on earth is native english speaker, keep cool :)
  | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#394534: pilot-link and kpilot

2006-11-18 Thread Ludovic Rousseau 
Le 18.11.2006, à 01:12:04, Ana Guerrero a écrit:
> Hi,

Hello Ana, and all,

> It seems kpilot has already been ported to work with new pilot-link 0.12,
> but it has two problems.
> 
> First, kpilot is being maintained outside the KDE SVN, so the code we're
> shipping in kdepim is not longer maintained. It is not clear whether
> they're going back to maintain it inside the KDE SVN. The current code is
> available at http://cvs.codeyard.net/kpilot/

That is bad news. Any plan to package this new version instead?

The new web site has version KPilot 4.5.3 (peuter) 2005-07-21. The svn
version includes a copy of pilot-link 0.12 so should work with libpisock9
available in etch (testing).

> Second, this code includes its own copy of pilot-link, and i do not know
> whether it is only to make the program building easier, or because 
> modifications over pilot link are necessary. 

That is bad news. Why are they doing that?
I propose to NOT use the pilot-link-0.12 provided by KPilot. And file
bugs against pilot-link if bugs must be corrected.

> I do not understand why care was not taken to avoid breaking the
> reverse dependencies when the transition from pilot-link was made.

This was planned. See [1]. I could not test every package using
libpisock. kpilot recompiled correctly so I assumed the code to use
pilot-link 0.12 was in place. This is not the case and some parts of
kpilot are now non working.


We clearly have a problem with kpilot upstream(s):
- The new version is no more maintained as part of kdepim (and Debian is
  packaging kpilot as part of KDE kdepim). Trying to solve the kiplot
  provided by kdepim looks like a waste of time.
- I can't find an stable release of the new version. Only the current
  svn version is available. I don't think it is a good idea to provide
  in etch an work-in-progress version of kpilot.

I don't know what is the plan of the debian-qt-kde maintainers. I do not
use KDE or kpilot so I can't really test it.

Bye

[1] http://lists.debian.org/debian-release/2006/09/msg00108.html

-- 
 Dr. Ludovic Rousseau[EMAIL PROTECTED]
 -- Normaliser Unix c'est comme pasteuriser le camembert, L.R. --

Bug#392566: marked as done (namazu2 - FTBFS: ../libtool: line 4817: rc1/debian/namazu2/usr/lib/libnmz.a: No such file or directory)

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 13:09:44 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#392566: fixed in namazu2 2.0.17~rc1-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: namazu2
Version: 2.0.17~rc1-1
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of namazu2_2.0.17~rc1-1 on debian-31 by sbuild/s390 85
[...]
> /usr/bin/install -c .libs/libnmz.so.7.0.0 
> /build/buildd/namazu2-2.0.17~rc1/debian/namazu2/usr/lib/libnmz.so.7.0.0
> (cd /build/buildd/namazu2-2.0.17~rc1/debian/namazu2/usr/lib && rm -f 
> libnmz.so.7 && ln -s libnmz.so.7.0.0 libnmz.so.7)
> (cd /build/buildd/namazu2-2.0.17~rc1/debian/namazu2/usr/lib && rm -f 
> libnmz.so && ln -s libnmz.so.7.0.0 libnmz.so)
> /usr/bin/install -c .libs/libnmz.lai 
> /build/buildd/namazu2-2.0.17~rc1/debian/namazu2/usr/lib/libnmz.la
> /usr/bin/install -c .libs/libnmz.a 
> /build/buildd/namazu2-2.0.17~rc1/debian/namazu2/usr/lib/libnmz.a
> ranlib /build/buildd/namazu2-2.0.17
> ranlib: '/build/buildd/namazu2-2.0.17': No such file
> rc1/debian/namazu2/usr/lib/libnmz.a
> ../libtool: line 4817: rc1/debian/namazu2/usr/lib/libnmz.a: No such file or 
> directory
> make[3]: *** [install-libLTLIBRARIES] Error 127
> make[3]: Leaving directory `/build/buildd/namazu2-2.0.17~rc1/nmz'
> make[2]: *** [install-am] Error 2
> make[2]: Leaving directory `/build/buildd/namazu2-2.0.17~rc1/nmz'
> make[1]: *** [install-recursive] Error 1
> make[1]: Leaving directory `/build/buildd/namazu2-2.0.17~rc1'
> make: *** [install] Error 2
> **
> Build finished at 20061012-0309
> FAILED [dpkg-buildpackage died]

--- End Message ---
--- Begin Message ---
Source: namazu2
Source-Version: 2.0.17~rc2-1

On Sat, Oct 14, 2006 at 05:47:06AM -0700, NOKUBI Takatsugu wrote:
>  namazu2 (2.0.17~rc1-2) unstable; urgency=low
>  .
>* Updated libtool, closes: #392566.

For some reason, this changelog snippet wasn't carried through to
2.0.17~rc2-1, which makes the BTS think the bug is still open in that branch.
I'm marking it as closed now, since the later versions seem to have built
fine on all architectures.

/* Steinar */
-- 
Homepage: http://www.sesse.net/
--- End Message ---

Bug#337562: marked as done (qsynaptics: Uninstallable on s390 due to unavailable dep xfree86-driver-synaptics | xorg-driver-synaptics )

2006-11-18 Thread Debian Bug Tracking System 
Your message dated Sat, 18 Nov 2006 04:02:12 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#337562: fixed in qsynaptics 0.22.0-6.1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Package: qsynaptics
Severity: grave
Version: 0.22.0-3

Hi

qsynaptics cannot be installed on s390 because xfree86-driver-synaptics
nor xorg-driver-synaptics are available on s390. It's probably best to
ask for removal of qsynaptics on s390? If you agree, then please
reassign this bug to "qsynaptics, ftp.debian.org".

Cheers

Luk

- --
Luk Claes - http://people.debian.org/~luk - GPG key 1024D/9B7C328D
Fingerprint:   D5AF 25FB 316B 53BB 08E7   F999 E544 DE07 9B7C 328D
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDa/bu5UTeB5t8Mo0RAguRAJ95ThkOKc7oazCVmCln18QF24Ca+wCgthNG
v/SLJYfCVQ4CxYw3vvvh1wA=
=IbNV
-END PGP SIGNATURE-

--- End Message ---
--- Begin Message ---
Source: qsynaptics
Source-Version: 0.22.0-6.1

We believe that the bug you reported is fixed in the latest version of
qsynaptics, which is due to be installed in the Debian FTP archive:

qsynaptics_0.22.0-6.1.diff.gz
  to pool/main/q/qsynaptics/qsynaptics_0.22.0-6.1.diff.gz
qsynaptics_0.22.0-6.1.dsc
  to pool/main/q/qsynaptics/qsynaptics_0.22.0-6.1.dsc
qsynaptics_0.22.0-6.1_i386.deb
  to pool/main/q/qsynaptics/qsynaptics_0.22.0-6.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steinar H. Gunderson <[EMAIL PROTECTED]> (supplier of updated qsynaptics 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sat, 18 Nov 2006 12:52:40 +0100
Source: qsynaptics
Binary: qsynaptics
Architecture: source i386
Version: 0.22.0-6.1
Distribution: unstable
Urgency: high
Maintainer: Debian KDE Extras Team <[EMAIL PROTECTED]>
Changed-By: Steinar H. Gunderson <[EMAIL PROTECTED]>
Description: 
 qsynaptics - Synaptic TouchPad configuration tool
Closes: 337562
Changes: 
 qsynaptics (0.22.0-6.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Revert change to architecture field to the version in 0.22.0-5; this
 package should not be built for s390. (Closes: #337562)
Files: 
 b2a579e12ff1188628bd96a333964e89 905 x11 optional qsynaptics_0.22.0-6.1.dsc
 395a66a7d4e32abeea849df580859c9d 3837 x11 optional 
qsynaptics_0.22.0-6.1.diff.gz
 208a1c0bd0172002fbff3c4466c2b7a2 70254 x11 optional 
qsynaptics_0.22.0-6.1_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iQCVAwUBRV701H7hqgLJpbVOAQKmhAP/dXa55yHP9ofwaVChhLSOadnhiIMRw/tk
v+z+TbiSG5DkiF6v4A4+4Sy1NvHwbQTiK5DB/xq4cRqJ3WxiiV8O2kWd+iJN13uu
BOe6JthXTVja6zzCOl2FasZiarjCA9eqZK980Zpf72zlI/mHKVO4oYl5YMAg1Ske
f57CxOqsTL4=
=WD+r
-END PGP SIGNATURE-

--- End Message ---

Processed: qsynaptics: diff for NMU version 0.22.0-6.1

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 337562 + patch
Bug#337562: qsynaptics: Uninstallable on s390 due to unavailable dep 
xfree86-driver-synaptics | xorg-driver-synaptics 
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#399187: CVE-2006-5925: Links "smb" Protocol File Upload/Download Vulnerability

2006-11-18 Thread Stefan Fritsch 
package: links
severity: grave
tags: security

A vulnerability has been found in links:
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed
allows remote attackers to execute arbitrary code via shell
metacharacters in an smb:// URI, as demonstrated by using PUT and GET
statements.

See http://secunia.com/advisories/22905

Please mention the CVE id in the changelog.



pgpBLLjumO6jD.pgp
Description: PGP signature

Bug#337562: qsynaptics: diff for NMU version 0.22.0-6.1

2006-11-18 Thread Steinar H. Gunderson 
tags 337562 + patch
thanks

Hi,

Attached is the diff for my qsynaptics 0.22.0-6.1 NMU.
diff -Nru /tmp/uPsn7lvAZS/qsynaptics-0.22.0/debian/changelog 
/tmp/SP7YEQSWCs/qsynaptics-0.22.0/debian/changelog
--- /tmp/uPsn7lvAZS/qsynaptics-0.22.0/debian/changelog  2006-11-18 
12:56:50.0 +0100
+++ /tmp/SP7YEQSWCs/qsynaptics-0.22.0/debian/changelog  2006-11-18 
12:56:50.0 +0100
@@ -1,3 +1,11 @@
+qsynaptics (0.22.0-6.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Revert change to architecture field to the version in 0.22.0-5; this
+package should not be built for s390. (Closes: #337562)
+
+ -- Steinar H. Gunderson <[EMAIL PROTECTED]>  Sat, 18 Nov 2006 12:52:40 +0100
+
 qsynaptics (0.22.0-6) unstable; urgency=low
 
   * New maintainer (Closes: #373897)
diff -Nru /tmp/uPsn7lvAZS/qsynaptics-0.22.0/debian/control 
/tmp/SP7YEQSWCs/qsynaptics-0.22.0/debian/control
--- /tmp/uPsn7lvAZS/qsynaptics-0.22.0/debian/control2006-11-18 
12:56:50.0 +0100
+++ /tmp/SP7YEQSWCs/qsynaptics-0.22.0/debian/control2006-11-18 
12:56:50.0 +0100
@@ -7,7 +7,7 @@
 Standards-Version: 3.7.2
 
 Package: qsynaptics
-Architecture: any
+Architecture: alpha amd64 arm hppa i386 ia64 m68k mips mipsel powerpc sparc
 Depends: ${shlibs:Depends}, ${misc:Depends}, xserver-xorg-input-synaptics
 Description: Synaptic TouchPad configuration tool
  QSynaptics aims to help desktop users to configure their synaptics

Bug#399188: CVE-2006-5925: ELinks "smb" Protocol File Upload/Download Vulnerability

2006-11-18 Thread Stefan Fritsch 
package: elinks
severity: grave
tags: security

A vulnerability has been found in elinks:
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed
allows remote attackers to execute arbitrary code via shell
metacharacters in an smb:// URI, as demonstrated by using PUT and GET
statements.

See http://secunia.com/advisories/22920

Please mention the CVE id in the changelog.



pgpgIjhtHwXPK.pgp
Description: PGP signature

Bug#394153: twinkle: FTBFS: undefined reference to gsm_decode

2006-11-18 Thread Mark Purcell 
On Thursday 16 November 2006 06:03, Steve Langasek wrote:
[...]
> I don't know yet why this define isn't propagating; it seems to be part of
> debian/patches/libgsm.patch though, and there's probably a race condition
> in the autotools handling that's preventing it from getting where it needs
> to be.  In a rebuild test on amd64, config.log looks right to me, yet it's
> not *consistently* ending up in the generated src/twinkle_config.h, because
> there's a race condition with whether src/twinkle_config.h gets regenerated
> after autoheader is run.

Thanks Steve,

I think I have tracked it down.

debian/patches/libgsm.patch was only applied to configure.in, the necessary 
changes to configure wern't in the patch.

As a result, if autoconf was called and configure was regenerated it would 
dynamically link libgsm, but if configure wasn't regenerated twinkle would 
try and both dynamically and static link libgsm, hence the race condition.

Mark


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#392953: [NONFREE-DOC:GFDL] package contains non-free documentation

2006-11-18 Thread Steinar H. Gunderson 
On Sat, Nov 18, 2006 at 01:54:42PM +1030, Ron wrote:
> I don't profess to be an authority on the details of this, which is why
> I'm seeking clarification -- but it does seem fairly obvious to me that
> any invariant section which inhibits our freedom to modify the source is
> clearly not DFSG free...
> 
> What is not obvious to me, is that the "invariant section" here (in at
> least the case I quoted) does anything of that sort at all.  In this
> case it just seems to make explicit something which has always been
> the case, and which wouldn't change without that invariant section:
> namely that you can't modify the GPL text included with, and referred
> to by, that source.

After actually grep-ing through the source, I begin to see what you mean, I
think.  I can only actually find a single GFDL source in the MinGW
documentation (perhaps the docs are in some other tarball?), namely
gcc-3.4.5-20060117-1/libstdc++-v3/docs/html/17_intro/porting.texi . It states

  Copyright @copyright{} 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
  
  Permission is granted to copy, distribute and/or modify this document
  under the terms of the GNU Free Documentation License, Version 1.2 or
  any later version published by the Free Software Foundation; with the
  Invariant Sections being ``GNU General Public License'', the Front-Cover
  texts being (a) (see below), and with the Back-Cover Texts being (b)
  (see below).  A copy of the license is included in the section entitled
  ``GNU Free Documentation License''.
  
  (a) The FSF's Front-Cover Text is:
  
   A GNU Manual
  
  (b) The FSF's Back-Cover Text is:
  
   You have freedom to copy and modify this GNU Manual, like GNU
   software.  Copies published by the Free Software Foundation raise
   funds for GNU development.

So, we have one invariant section (the GNU GPL), and front- and back-cover
texts. The invariant section, even here, is not actually a no-op; you cannot,
for instance, copy anything from porting.texi without including the invariant
section (save fair use). (I believe that if the GFDL permitted removal of
invariant sections, we wouldn't really have cared about them, but that's a
different story.) In addition, you have the front- and back-cover texts,
which are mini-invariant sections in their own rights; I believe they were
also covered by the GR.

/* Steinar */
-- 
Homepage: http://www.sesse.net/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed (with 1 errors): setting package to twinkle, tagging 394153, tagging 398697

2006-11-18 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.26
> package twinkle
Ignoring bugs not assigned to: twinkle

> tags 394153 + pending
Bug#394153: twinkle: FTBFS: undefined reference to gsm_decode
Tags were: help
Tags added: pending

> tags 398697 + pending
Bug number 398697 belongs to package libgsm, skipping.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

  1   2   >