date:20070831

Bug#433038: Debian bug#433038: mod_python collides with mod_php5

2007-08-31 Thread Graham Dumpleton

On 31/08/2007, Robert Edmonds <[EMAIL PROTECTED]> wrote:
> Graham Dumpleton wrote:
> > In 411487 it mentions:
> >
> > """So, it seems it's directly related to libmhash2 (as [2] suggests)."""
> >
> > Disabling of mhash module may not be enough if one of the other PHP
> > modules they list in 433038 also use libmhash2 library. Quite possible
> > that one of the crypto libraries use it, or the ldap module mentioned
> > in the mod_python mailing list mail.
> >
> > Can you run ldd on main PHP module and all PHP modules and see which
> > one has a dependency on libmhash2, or any other md5 hash library.
>
> In the user's last message to the bug report, he includes the contents
> of /proc/.../maps for functioning and malfunctioning apache instances.
>
> > Basic problem as we understand it is that libmhash2 uses a symbol name
> > which clashes with one used by Python md5 module. Which ever gets
> > loaded first, usually PHP version, takes precedence and since that is
> > not compatible with other package a crash occurs.
> >
> > If it can be determined that it is libmhash2 and then which symbol in
> > it clashes with one in Python md5 module, one or the other could
> > somehow be namespace escaped to avoid the problem.
>
> Is it possibly some other library than libmhash2?  The only additonal
> cryptography-related DSOs I see present in the user's php instance are:
>
> /usr/lib/libmcrypt.so.4.4.7
> /usr/lib/php5/20060613+lfs/mcrypt.so
>
> All the symbols in those DSOs appear to be namespace escaped.

Hmmm, it is worrying that there are so many different crypto libraries
linked in.

/lib/i686/cmov/libcrypt-2.6.1.so
/usr/lib/i686/cmov/libcrypto.so.0.9.8
/usr/lib/libgcrypt.so.11.2.3
/usr/lib/libk5crypto.so.3.1
/usr/lib/libmcrypt.so.4.4.7
/usr/lib/php5/20060613+lfs/mcrypt.so

Other areas which also have given problems with PHP/mod_python are
shared libraries for expat, MySQL, SSL and sqllite. See later sections
in:

  http://code.google.com/p/modwsgi/wiki/ApplicationIssues

This is for mod_wsgi, but same things can occur with it.

The only way they may possibly work out which is the problem is to
attach a debugger to Apache in single process mode and work out where
it crashes. Instructions on doing this in later sections of:

  http://code.google.com/p/modwsgi/wiki/DebuggingTechniques

Graham


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440274: wondershaper: limits incoming traffic although a higher value is set on start

2007-08-31 Thread Claus Malter

Package: wondershaper
Version: 1.1a-4
Severity: grave
Justification: renders package unusable

I've started wondershaper with the command 'wondershaper ppp0 25000 4000'. That 
should limit the outgoing traffic to 500kb/s and the incoming to about 
3000kb/s. But testing the incoming speed with iptraf -d ppp0 I've seen that the 
incoming traffic is limited to a value of about 5000kbits/s (about 600kb/s). No 
matter what changes i made to the startup line of wondershaper. It's always 
limited to the mentioned value.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.20.4
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages wondershaper depends on:
ii  iproute   20061002-3 Professional tools to control the 

wondershaper recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440206: multipath-tools: installing multipath tools causes mkinitramfs to generate an initrd which does not boot

2007-08-31 Thread Guido Guenther

Hi Ian,
On Thu, Aug 30, 2007 at 06:28:38PM +0100, Ian Campbell wrote:
> My system does not use multipath but I installed multipath-tools to get
> kpartx (I know now this is a separate package). When my ramdisk was
> next generated (new kernel or initramfs-tools I suppose) I ended up with
> an initrd which did not boot (hence severity: critical). This seems to
> be because the multipath tools hooks "dmsetup create" on my root disk
> but do not undo this when no multipath configuration is discovered (or
> whatever I don't really know what is supposed to happen) therefore the
> device is busy when the initrd comes to mount it.
It can't "detect" if you have a multipath configuration since it might
very well be possible that all the other paths are currently not
available. So by building multipath-tools into the initramfs you
made this your root devices:

/dev/mapper/SATA_FUJITSU_MHV2080_NW9UT6C27043-part3

so booting with this device would have worked. Anyway, thanks for the
report! I'll move the initramfs into a separte package.
Thanks,
 -- Guido



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#356055: loadlin: loadlin.exe cannot be built from source

2007-08-31 Thread Samuel Thibault

Hi,

Pierre Habouzit, le Thu 30 Aug 2007 23:18:46 +0200, a écrit :
> On Tue, May 02, 2006 at 10:01:56PM +, Samuel Thibault wrote:
> > Hi,
> > 
> > Sven Joachim, le Thu 09 Mar 2006 13:45:04 +0100, a écrit :
> > > (b) Failing that, move the loadlin package to the contrib section, see
> > > sections 2.2.1 and 2.2.2 of the Policy Manual.
> > 
> > This would be _very_ unfortunate.
> 
> 
> > The problem is that in some circumstances, blind people _DO_ need
> > loadlin for being able to install/boot linux. That's one of the reason
> > why it is still provided on installation CDs (btw, Janos, could you at
> > last apply the patch I suggested for bug #338318?).
> 
>   Hmm, now that there is win32-loader, is this still needed for blind
> people or not ?

MS-DOS is a lot more accessible than windows, you know :)

> it seems yasm upstream has absolutly no will to include your patch,

What makes you believe that?  When I submitted some basic patches, they
indeed got refused for technical reasons and I couldn't yet take the
time to fix them.  But the ground goal (have tasm frontend support) is
clearly welcome by ustream.

Samuel

Bug#356055: loadlin: loadlin.exe cannot be built from source

2007-08-31 Thread Pierre Habouzit

On Fri, Aug 31, 2007 at 07:57:02AM +, Samuel Thibault wrote:
> Hi,
> 
> Pierre Habouzit, le Thu 30 Aug 2007 23:18:46 +0200, a écrit :
> > On Tue, May 02, 2006 at 10:01:56PM +, Samuel Thibault wrote:
> > > Hi,
> > > 
> > > Sven Joachim, le Thu 09 Mar 2006 13:45:04 +0100, a écrit :
> > > > (b) Failing that, move the loadlin package to the contrib section, see
> > > > sections 2.2.1 and 2.2.2 of the Policy Manual.
> > > 
> > > This would be _very_ unfortunate.
> > 
> > 
> > > The problem is that in some circumstances, blind people _DO_ need
> > > loadlin for being able to install/boot linux. That's one of the reason
> > > why it is still provided on installation CDs (btw, Janos, could you at
> > > last apply the patch I suggested for bug #338318?).
> > 
> >   Hmm, now that there is win32-loader, is this still needed for blind
> > people or not ?
>
> MS-DOS is a lot more accessible than windows, you know :)

  Well, I absolutely don't know honestly, That's why I'm just asking.

> > it seems yasm upstream has absolutly no will to include your patch,
>
> What makes you believe that?  When I submitted some basic patches, they
> indeed got refused for technical reasons and I couldn't yet take the
> time to fix them.  But the ground goal (have tasm frontend support) is
> clearly welcome by ustream.

  Well, that was the impression I had when I spoke about this issue with
sam (yasm maintainer). But if you feel it's not the case then well,
that's good news. OTOH, loadlin still risks to be put in contrib because
of that and that would suck.

-- 
·O·  Pierre Habouzit
··O[EMAIL PROTECTED]
OOOhttp://www.madism.org


pgpgACEuN1xKa.pgp
Description: PGP signature

Bug#440015: still broken with binutils 2.18

2007-08-31 Thread Kilian Krause

tags 440015 - moreinfo
thanks control

Retrying with binutils 2.18 instead of 2.18~cvs20070812-1 still shows
the same for opal:
make[1]: Leaving directory `/build/opal-2.2.8~dfsg1/samples/simple'
samples/simple/obj_*_n/simpleopal --help >/dev/null
samples/simple/obj_linux_mips_n/simpleopal: symbol lookup error:
samples/simple/obj_linux_mips_n/simpleopal: undefined symbol:
_ZNK49H245_MiscellaneousCommand_type_videoFastUpdateGOB7CompareERK7PObject
make: *** [build-arch-stamp] Error 127

and for openh323:
make[1]: Leaving directory `/build/openh323-1.18.0.dfsg/samples/simple'
samples/simple/obj_*_r/simph323 --help >/dev/null
samples/simple/obj_linux_mips_r/simph323: symbol lookup error:
samples/simple/obj_linux_mips_r/simph323: undefined symbol:
_ZNK18H245_FECCapability5CloneEv
make: *** [build-arch-stamp] Error 127

-- 
Best regards,
Kilian


signature.asc
Description: Digital signature

Bug#294520: Cannot reproduce the problem

2007-08-31 Thread Samuel Thibault

Hi,

Otavio Salvador, le Thu 30 Aug 2007 16:55:08 -0300, a écrit :
> I've produced [...] a test that was suppose to fail without the
> libparted/disk.c change (included on the patch and that you need to
> revert for testing) but I cannot make it to fail.

Because it only tests primary partitions.  The bug happens only for
extended partitions.

Samuel

Processed (with 5 errors): still broken with binutils 2.18

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> tags 440015 - moreinfo
Bug#440015: binutils: [mipsen] Assertion failures while building openh323 1.18.0
Tags were: moreinfo
Tags removed: moreinfo

> thanks control
Unknown command or malformed arguments to command.

> Retrying with binutils 2.18 instead of 2.18~cvs20070812-1 still shows
Unknown command or malformed arguments to command.

> the same for opal:
Unknown command or malformed arguments to command.

> make[1]: Leaving directory `/build/opal-2.2.8~dfsg1/samples/simple'
Unknown command or malformed arguments to command.

> samples/simple/obj_*_n/simpleopal --help >/dev/null
Unknown command or malformed arguments to command.

Too many unknown commands, stopping here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440100: CVE-2007-4558 rejected as duplicate of CVE-2007-4134

2007-08-31 Thread Tomas Hoger

Hi!

CVE name CVE-2007-4558 was rejected on 2007-08-30 as duplicate of
previously assigned name CVE-2007-4134.

Please consider using name CVE-2007-4134 to avoid confusion.

-- 
Tomas Hoger


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#433038: Debian bug#433038: mod_python collides with mod_php5

2007-08-31 Thread Graham Dumpleton

On 31/08/2007, Robert Edmonds <[EMAIL PROTECTED]> wrote:
> Graham Dumpleton wrote:
> > More information. In libmhash2 it has:
> >
> > lib/.libs/libmhash.a(md5.o):
> > 0a60 T _MD5Final
> >  T _MD5Init
> > 0040 T _MD5Transform
> > 0940 T _MD5Update
> >  U _mutils_bzero
> >  U _mutils_memcpy
> >  U _mutils_word32nswap
> >  U dyld_stub_binding_helper
> >
> > In Python (<2.5), it has its own md5c.c file. If this is compiled
> > correctly, it should end up with:
> >
> > 1288 T __Py_MD5Final
> > 1174 T __Py_MD5Init
> > 11b4 T __Py_MD5Update
> >
> > Ie., Python should prefix the symbols so there is no clash.
> >
> > You should check that this prefixing is actually occurring by doing an
> > nm on md5.so in Python modules directory. If it isn't, that could be
> > the problem.
>
> It looks like this is not the case --
>
> [EMAIL PROTECTED]:~$ nm -D /usr/lib/python2.4/lib-dynload/md5.so | grep MD5
> 1b30 T MD5Final
> 1380 T MD5Init
> 13b0 T MD5Transform
> 1c10 T MD5Update
>
> [EMAIL PROTECTED]:~$ nm -D /usr/lib/libmhash.so.2 | grep MD5
> 69b0 T MD5Final
> 6200 T MD5Init
> 6230 T MD5Transform
> 6a80 T MD5Update
>
> I guess this is the root cause of Debian bug #411487, but it looks like
> the submitter of #433038 still experiences his problem even when
> libmhash is not loaded into the apache process.

I think I know what may have gone wrong here.

In Python source code there is md5c.c and md5.h. In the md5.h file it has:

/* Rename all exported symbols to avoid conflicts with similarly named
   symbols in some systems' standard C libraries... */

#define MD5Init _Py_MD5Init
#define MD5Update _Py_MD5Update
#define MD5Final _Py_MD5Final

void MD5Init(MD5_CTX *);
void MD5Update(MD5_CTX *, unsigned char *, unsigned int);
void MD5Final(unsigned char [16], MD5_CTX *);

If when the Python package was Debianised, whoever did it added
additional -I flags at the start of the CPPFLAGS passed to the
compiler such that instead of picking up md5.h from the Python source
directory, it picked up one from some system include directory, or
from another package, then the symbols would not have been namespace
prefixed like they should have.

As a result, just for Debian package of Python, the symbols wouldn't
be namespaced and thus why this problem only appears on Linux systems
derived from Debian packages.

The only way therefore of fixing this may be to review the Debian
package build scripts around Python to see if they do do something
with -I as a described. Simple fix may then be to append the -I flags
rather than prepend them. Otherwise, would be necessary to patch
md5c.c in Python source code to move the #defines into it just before
"md5.h" is included. That way the namespace prefixing will occur even
if wrong "md5.h" is included. One would hope though in this case that
the "md5.h" file actually used is compatible with the md5c.c file in
Python.

Graham

-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: CVE-2007-4558 rejected as duplicate of CVE-2007-4134

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> retitle 440100 CVE-2007-4134: Directory traversal vulnerability
Bug#440100: CVE-2007-4558: Directory traversal vulnerability
Changed Bug title to `CVE-2007-4134: Directory traversal vulnerability' from 
`CVE-2007-4558: Directory traversal vulnerability'.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#431947: marked as done (secvpn: fails to purge if perl-modules is not installed)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 09:17:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#431947: fixed in secvpn 2.21
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: secvpn
Version: 2.20
Severity: serious

Hi,

Your package fails to purge:
  (Reading database ... 5731 files and directories currently installed.)
  Removing secvpn ...
  Stopping Monitor Daemon for Secure Virtual Private Network: secvpnmon.
  /usr/sbin/deluser: In order to use the --remove-home, --remove-all-files, and 
--backup features,
  you need to install the `perl-modules' package. To accomplish that, run
  apt-get install perl-modules.
  dpkg: error processing secvpn (--purge):
   subprocess pre-removal script returned error exit status 8

This causes a piuparts test to fail.
-- 
| Lucas Nussbaum
| [EMAIL PROTECTED]   http://www.lucas-nussbaum.net/ |
| jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F |

--- End Message ---
--- Begin Message ---
Source: secvpn
Source-Version: 2.21

We believe that the bug you reported is fixed in the latest version of
secvpn, which is due to be installed in the Debian FTP archive:

secvpn_2.21.dsc
  to pool/main/s/secvpn/secvpn_2.21.dsc
secvpn_2.21.tar.gz
  to pool/main/s/secvpn/secvpn_2.21.tar.gz
secvpn_2.21_all.deb
  to pool/main/s/secvpn/secvpn_2.21_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernd Schumacher <[EMAIL PROTECTED]> (supplier of updated secvpn package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Fri, 31 Aug 2007 10:43:10 +0200
Source: secvpn
Binary: secvpn
Architecture: source all
Version: 2.21
Distribution: unstable
Urgency: low
Maintainer: Bernd Schumacher <[EMAIL PROTECTED]>
Changed-By: Bernd Schumacher <[EMAIL PROTECTED]>
Description: 
 secvpn - Secure Virtual Private Network
Closes: 431947
Changes: 
 secvpn (2.21) unstable; urgency=low
 .
   * Fixed Bug "secvpn: fails to purge if perl-modules is not installed".
 Closes: #431947
Files: 
 731ad2116713c431d31f6f1fdf4a9634 529 net optional secvpn_2.21.dsc
 33c236c205b58363a9517c6414791038 217696 net optional secvpn_2.21.tar.gz
 e5708c35bcc0cce96efc8a25192257a9 223466 net optional secvpn_2.21_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG19g+INZoglnvXbwRAn/WAJ9C02042VxB8U2CoIvsKeNrl0r2ZwCfaKKP
So+97uKYU4jG6WBeHeoxsUI=
=SVuV
-END PGP SIGNATURE-

--- End Message ---

Bug#440283: linux-image-2.6-686-bigmem: kernel BUG at mm/slab.c:595

2007-08-31 Thread Sven Holzhter

Package: linux-image-2.6-686-bigmem
Version: 2.6.18+6etch2
Severity: grave
Justification: renders package unusable


just tried to rar some files to tape

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-686-bigmem
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages linux-image-2.6-686-bigmem depends on:
ii  linux-image-2.6.18 2.6.18.dfsg.1-13etch1 Linux 2.6.18 image on PPro/Celeron

linux-image-2.6-686-bigmem recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440286: file conflicts between packages

2007-08-31 Thread Michael Ablassmeier

Package: compiz-dev,libdecoration0-dev
Severity: serious
Justification: policy violation

hi,

both compiz-dev and libdecoration0-dev ship `/usr/include/compiz/decoration.h'
but do neither conflict nor add a diversion, thus fail to be installed in the
same environment:

 > Unpacking libdecoration0-dev (from .../libdecoration0-dev_0.5.2-1_i386.deb) 
 > ...
 > dpkg: error processing 
 > /var/cache/apt/archives/libdecoration0-dev_0.5.2-1_i386.deb (--unpack):
 >  trying to overwrite `/usr/include/compiz/decoration.h', which is also in 
 > package compiz-dev
 > Errors were encountered while processing:
 >  /var/cache/apt/archives/libdecoration0-dev_0.5.2-1_i386.deb
 > E: Sub-process /usr/bin/dpkg returned an error code (1)

bye,
- michael


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#440286: file conflicts between packages

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> reassign 440286 compiz
Bug#440286: file conflicts between packages
Bug reassigned from package `compiz-dev,libdecoration0-dev' to `compiz'.

> fixed 440286 0.5.2-2
Bug#440286: file conflicts between packages
Bug marked as fixed in version 0.5.2-2.

> kthxbye
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440286: marked as done (file conflicts between packages)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 11:37:37 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#440286: file conflicts between packages
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: compiz-dev,libdecoration0-dev
Severity: serious
Justification: policy violation

hi,

both compiz-dev and libdecoration0-dev ship `/usr/include/compiz/decoration.h'
but do neither conflict nor add a diversion, thus fail to be installed in the
same environment:

 > Unpacking libdecoration0-dev (from .../libdecoration0-dev_0.5.2-1_i386.deb) 
 > ...
 > dpkg: error processing 
 > /var/cache/apt/archives/libdecoration0-dev_0.5.2-1_i386.deb (--unpack):
 >  trying to overwrite `/usr/include/compiz/decoration.h', which is also in 
 > package compiz-dev
 > Errors were encountered while processing:
 >  /var/cache/apt/archives/libdecoration0-dev_0.5.2-1_i386.deb
 > E: Sub-process /usr/bin/dpkg returned an error code (1)

bye,
- michael

--- End Message ---
--- Begin Message ---
reassign 440286 compiz
fixed 440286 0.5.2-2
kthxbye

On Fri, Aug 31, 2007 at 11:24:41 +0200, Michael Ablassmeier wrote:

> Package: compiz-dev,libdecoration0-dev
> Severity: serious
> Justification: policy violation
> 
> hi,
> 
> both compiz-dev and libdecoration0-dev ship `/usr/include/compiz/decoration.h'
> but do neither conflict nor add a diversion, thus fail to be installed in the
> same environment:
> 
>  > Unpacking libdecoration0-dev (from 
> .../libdecoration0-dev_0.5.2-1_i386.deb) ...
>  > dpkg: error processing 
> /var/cache/apt/archives/libdecoration0-dev_0.5.2-1_i386.deb (--unpack):
>  >  trying to overwrite `/usr/include/compiz/decoration.h', which is also in 
> package compiz-dev
>  > Errors were encountered while processing:
>  >  /var/cache/apt/archives/libdecoration0-dev_0.5.2-1_i386.deb
>  > E: Sub-process /usr/bin/dpkg returned an error code (1)
> 
Fixed in unstable.

Cheers,
Julien
--- End Message ---

Bug#356055: loadlin: loadlin.exe cannot be built from source

2007-08-31 Thread Samuel Thibault

Pierre Habouzit, le Fri 31 Aug 2007 10:05:40 +0200, a écrit :
> On Fri, Aug 31, 2007 at 07:57:02AM +, Samuel Thibault wrote:
> > Hi,
> > 
> > Pierre Habouzit, le Thu 30 Aug 2007 23:18:46 +0200, a écrit :
> > > On Tue, May 02, 2006 at 10:01:56PM +, Samuel Thibault wrote:
> > > > Hi,
> > > > 
> > > > Sven Joachim, le Thu 09 Mar 2006 13:45:04 +0100, a écrit :
> > > > > (b) Failing that, move the loadlin package to the contrib section, see
> > > > > sections 2.2.1 and 2.2.2 of the Policy Manual.
> > > > 
> > > > This would be _very_ unfortunate.
> > > 
> > > 
> > > > The problem is that in some circumstances, blind people _DO_ need
> > > > loadlin for being able to install/boot linux. That's one of the reason
> > > > why it is still provided on installation CDs (btw, Janos, could you at
> > > > last apply the patch I suggested for bug #338318?).
> > > 
> > >   Hmm, now that there is win32-loader, is this still needed for blind
> > > people or not ?
> >
> > MS-DOS is a lot more accessible than windows, you know :)
> 
>   Well, I absolutely don't know honestly, That's why I'm just asking.

MS-DOS is text-based, which is a lot easier for screen readers to
produce as braille or speech output.  Windows is graphical-oriented, so
producing it as braille or speech then is far from trivial.

Samuel

Processed: closing 404304

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.6
> close 404304 0.2DrJekyll-4
Bug#404304: xmms2-plugin-faad: faad2 needs to be removed from testing
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 0.2DrJekyll-4, send any further explanations to 
Andreas Barth <[EMAIL PROTECTED]>

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#439022: marked as done (Depends on a package removed from sid)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 02:58:28 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Depends on a package removed from sid
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: kig
Version: 4:3.5.7-1
Severity: serious

--- Please enter the report below this line. ---

The package libboost-python1.34.0 has been removed from sid, so it lays in
the section "local or obsolete". But, when I try to remove it, synaptic
prompts me to remove: kde, kde-amusements, kdeedu and kig. That is because
kig still depends on the inexistent libboost-python1.34.0.

--- System information. ---
Architecture: i386
Kernel: Linux 2.6.22-1-686

Debian Release: lenny/sid
990 unstable www.debian-multimedia.org
990 unstable ftp.uk.debian.org
500 stable dl.google.com
500 experimental www.debian-multimedia.org
1 experimental ftp.uk.debian.org

--- Package information. ---
Depends (Version) | Installed
===-+-==
kdelibs4c2a (>= 4:3.5.7-1) | 4:3.5.7.dfsg.1-4
libacl1 (>= 2.2.11-1) | 2.2.42-1
libart-2.0-2 (>= 2.3.18) | 2.3.19-3
libattr1 (>= 2.4.4-1) | 1:2.4.32-1.2
libaudio2 | 1.9-2+b1
libboost-python1.34.0 (>= 1.34.0~rc2-1) | 1.34.0-1+b1
libc6 (>= 2.5-5) | 2.6.1-1
libfam0 | 2.7.0-13
libfontconfig1 (>= 2.4.0) | 2.4.2-1.2
libfreetype6 (>= 2.2) | 2.3.5-1+b1
libgcc1 (>= 1:4.1.2) | 1:4.2.1-4
libice6 (>= 1:1.0.0) | 2:1.0.4-1
libidn11 (>= 0.5.18) | 1.0-0
libjpeg62 | 6b-13
libpng12-0 (>= 1.2.13-4) | 1.2.15~beta5-2
libqt3-mt (>= 3:3.3.7) | 3:3.3.7-6
libsm6 | 2:1.0.3-1+b1
libstdc++6 (>= 4.1.2) | 4.2.1-4
libx11-6 | 2:1.0.3-7
libxcursor1 (>> 1.1.2) | 1:1.1.8-2
libxext6 | 1:1.0.3-2
libxft2 (>> 2.1.1) | 2.1.12-2
libxi6 | 2:1.1.2-1
libxinerama1 | 1:1.0.2-1
libxrandr2 (>= 2:1.2.0) | 2:1.2.1-1
libxrender1 | 1:0.9.2-1
libxt6 | 1:1.0.5-3
python2.5 (>= 2.5) | 2.5.1-5
zlib1g (>= 1:1.2.1) | 1:1.2.3.3.dfsg-5
kdeedu-data (>> 4:3.5.7) | 4:3.5.7-1
kdeedu-data (<< 4:3.5.8) | 4:3.5.7-1
--- End Message ---
--- Begin Message ---
This bug was resolved by way of binNMU.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/
--- End Message ---

Processed: reassign

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> reassign #440251 libdbix-class-perl
Bug#440251: libclass-c3-perl: Missing dependency on 
libclass-c3-componentised-perl
Bug reassigned from package `libclass-c3-perl' to `libdbix-class-perl'.

> stop
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440283: marked as done (linux-image-2.6-686-bigmem: kernel BUG at mm/slab.c:595)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 12:37:55 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#440283: linux-image-2.6-686-bigmem: kernel BUG at 
mm/slab.c:595
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: linux-image-2.6-686-bigmem
Version: 2.6.18+6etch2
Severity: grave
Justification: renders package unusable

just tried to rar some files to tape

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-686-bigmem
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages linux-image-2.6-686-bigmem depends on:
ii  linux-image-2.6.18 2.6.18.dfsg.1-13etch1 Linux 2.6.18 image on PPro/Celeron

linux-image-2.6-686-bigmem recommends no packages.

-- no debconf information

--- End Message ---
--- Begin Message ---
On Fri, Aug 31, 2007 at 11:11:50AM +0200, Sven Holzhter wrote:
> Package: linux-image-2.6-686-bigmem
> Version: 2.6.18+6etch2
> Severity: grave
> Justification: renders package unusable
> 
> 
> just tried to rar some files to tape

Not even minimal information. Please read the documentation how to fill
bugreports first.

Bastian

-- 
War isn't a good life, but it's life.
-- Kirk, "A Private Little War", stardate 4211.8
--- End Message ---

Bug#399892: nepenthes_0.2.0-1(hppa/experimental): FTBFS: tries to use static library compiled without -fPIC

2007-08-31 Thread Frank Lichtenheld

On Wed, Aug 29, 2007 at 02:53:01PM -0300, Luciano Bello wrote:
> El Mar 17 Jul 2007, Jan Wagner escribió:
> > Hi Luciano,
> >
> > On Wednesday 20 June 2007 19:15, Luciano Bello wrote:
> > >   I need your opinion and comments about: http://bugs.debian.org/399892
> > >   Nepenthes has a module (modulehoneytrap.so) linked with libipq (IPQ
> > > library for userspace), which is part of iptables-dev. Libipq looks like
> > > it only comes in a static form, and hence isn't built PIC.
> > >   Frank Lichtenheld <[EMAIL PROTECTED]> proposed to ask here.
> > >
> > > Please CC to the bug if you think is proper.
> >
> > Any process with the issue?
> 
> Sorry for the delay..
> 
> No.. nothing new.

Have you asked the iptables-dev maintainer whether he would provide a
version of libipq compiled with PIC?

Gruesse,
-- 
Frank Lichtenheld <[EMAIL PROTECTED]>
www: http://www.djpig.de/

Bug#440251: marked as done (libclass-c3-perl: Missing dependency on libclass-c3-componentised-perl)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 10:47:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#440251: fixed in libdbix-class-perl 0.08006-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libclass-c3-perl
Version: 0.19-2
Severity: grave
Justification: renders package unusable


Looks like libclass-c3-componentised-perl is required, because before 
installing that I got:

2007-08-30 15:41:12 Slimserver died. Restarting.
Base class package "Class::C3::Componentised" is empty.
(Perhaps you need to 'use' the module which defines that package first.)
 at /usr/share/perl5/DBIx/Class/Componentised.pm line 7
BEGIN failed--compilation aborted at 
/usr/share/perl5/DBIx/Class/Componentised.pm line 7.
Compilation failed in require at (eval 104) line 3.
...propagated at /usr/share/perl/5.8/base.pm line 84.
BEGIN failed--compilation aborted at /usr/share/perl5/DBIx/Class.pm line 7.
Compilation failed in require at (eval 103) line 3.
...propagated at /usr/share/perl/5.8/base.pm line 84.
BEGIN failed--compilation aborted at /usr/share/perl5/DBIx/Class/Schema.pm line 
12.
Compilation failed in require at (eval 100) line 3.
...propagated at /usr/share/perl/5.8/base.pm line 84.
BEGIN failed--compilation aborted at /usr/share/perl5/Slim/Schema.pm line 29.
Compilation failed in require at /usr/share/perl5/Slim/Music/Info.pm line 70.
Can't locate object method "forceCommit" via package "Slim::Schema" at 
/usr/sbin/slimserver line 1041.
END failed--call queue aborted.

This went away after installing libclass-c3-componentised-perl.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-1-686 (SMP w/2 CPU cores)
Locale: LANG=en US, LC_CTYPE=en US (charmap=UTF-8) (ignored: LC_ALL set to 
en_US.utf8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libclass-c3-perl depends on:
ii  libalgorithm-c3-perl  0.07-1 A module for merging hierarchies u
ii  libtest-exception-perl0.25-1 Test functions for exception based
ii  perl  5.8.8-7Larry Wall's Practical Extraction 

Versions of packages libclass-c3-perl recommends:
pn  libclass-c3-xs-perl(no description available)

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: libdbix-class-perl
Source-Version: 0.08006-2

We believe that the bug you reported is fixed in the latest version of
libdbix-class-perl, which is due to be installed in the Debian FTP archive:

libdbix-class-perl_0.08006-2.diff.gz
  to pool/main/libd/libdbix-class-perl/libdbix-class-perl_0.08006-2.diff.gz
libdbix-class-perl_0.08006-2.dsc
  to pool/main/libd/libdbix-class-perl/libdbix-class-perl_0.08006-2.dsc
libdbix-class-perl_0.08006-2_all.deb
  to pool/main/libd/libdbix-class-perl/libdbix-class-perl_0.08006-2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Krzysztof Krzyzaniak (eloy) <[EMAIL PROTECTED]> (supplier of updated 
libdbix-class-perl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Thu, 30 Aug 2007 10:02:19 +0200
Source: libdbix-class-perl
Binary: libdbix-class-perl
Architecture: source all
Version: 0.08006-2
Distribution: unstable
Urgency: low
Maintainer: Debian Catalyst Maintainers <[EMAIL PROTECTED]>
Changed-By: Krzysztof Krzyzaniak (eloy) <[EMAIL PROTECTED]>
Description: 
 libdbix-class-perl - Extensible and flexible object <-> relational mapper
Closes: 440251
Changes: 
 libdbix-class-perl (0.08006-2) unstable; urgency=low
 .
   * debian/control: libclass-c3-componentised-perl should be in Depends not
 in Recommends (closes: #440251)
Files: 
 333dc00c199778eed15462dc65448fb4 1350 perl optional 
libdbix-class-perl_0.08006-2.dsc
 5bb009181d58c30036f119381ce2114c 3765 perl optional 
libdbix-class-perl_0.08006-2.diff.gz
 3f26f748a98ae9e5f30a3d19f4880a47 383328 perl optional 
libdbix-class-perl_0.08006-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG1+2G

Bug#294520: Cannot reproduce the problem

2007-08-31 Thread Otavio Salvador

Samuel Thibault <[EMAIL PROTECTED]> writes:

> Hi,
>
> Otavio Salvador, le Thu 30 Aug 2007 16:55:08 -0300, a écrit :
>> I've produced [...] a test that was suppose to fail without the
>> libparted/disk.c change (included on the patch and that you need to
>> revert for testing) but I cannot make it to fail.
>
> Because it only tests primary partitions.  The bug happens only for
> extended partitions.

No. I've wrote the test to use extended partitions too and it passes
too, I've removed it since the code to write primary partitions is
smaller.

Can you try to make it to fail properly?

-- 
O T A V I OS A L V A D O R
-
 E-mail: [EMAIL PROTECTED]  UIN: 5906116
 GNU/Linux User: 239058 GPG ID: 49A5F855
 Home Page: http://otavio.ossystems.com.br
-
"Microsoft sells you Windows ... Linux gives
 you the whole house."

Bug#440100: CVE-2007-4558: Directory traversal vulnerability

2007-08-31 Thread Nico Golde

Hi,
since the maintainer seems to be MIA I am going to 0-day NMU 
this. The attached patch fixes the issue. I edited the 
source directly since a) the maintainer did it too and b) I 
didn't want to introduce dpatch in a security fix.

The patch will be also archived on:
http://people.debian.org/~nion/nmu-diff/star-1.5a67-1_1.5a67-1.1.patch

Kind regards
Nico

-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpyrVBEwMizd.pgp
Description: PGP signature

Bug#431516: depends on non-essential package adduser in postrm

2007-08-31 Thread Frank S. Thomas

package greylistd
tags 431516 + patch
thanks

Hello,

One way to fix this bug is to mask the calls to deluser/delgroup with tests 
that check for the existence of deluser/delgroup as outlined in this wiki 
page: http://wiki.debian.org/AccountHandlingInMaintainerScripts.
If adduser is available it will remove the user/group otherwise a warning is 
printed that the user/group couldn't be deleted because the deluser/delgroup 
commands couldn't be found. A patch to fix this is attached.

Grüße,
Frank
diff -Naur greylistd-0.8.3.5.bak/debian/postrm greylistd-0.8.3.5/debian/postrm
--- greylistd-0.8.3.5.bak/debian/postrm	2004-12-31 14:54:44.0 +0100
+++ greylistd-0.8.3.5/debian/postrm	2007-08-31 14:17:59.0 +0200
@@ -1,5 +1,5 @@
 #! /bin/sh -e
-# postinst script for greylistd
+# postrm script for greylistd
 #
 # see: dh_installdeb(1)
 
@@ -33,8 +33,18 @@
 
 	if id -u greylist >/dev/null 2>&1
 	then
-	deluser --system greylist
-	delgroup --system greylist >/dev/null 2>&1 || true
+	if [ -x "`which deluser 2>/dev/null`" ]; then
+	deluser --system greylist
+	else
+	echo >&2 "Not removing \`greylist' system account" \
+	  "because deluser command was not found."
+	fi
+	if [ -x "`which delgroup 2>/dev/null`" ]; then
+	delgroup --system greylist >/dev/null 2>&1 || true
+	else
+	echo >&2 "Not removing \`greylist' system group" \
+	  "because delgroup command was not found."
+	fi
 	fi
 	;;
 


signature.asc
Description: This is a digitally signed message part.

Processed: tagging bugs that are closed by packages in NEW as pending

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> # the following bugs are closed by packages in NEW
> #
> tags 431773 pending
Bug#431773: libqt4-dev: Missing mkspec files on hppa
Tags were: lenny sid patch
Bug#427398: scandir syscall broken on hppa
Bug#433768: getdent(3) broken on hppa
Tags added: pending

> tags 433755 pending
Bug#433755: Please include dropped header file serial_reg.h in linux-libc-dev
Tags were: upstream
Tags added: pending

> tags 435378 pending
Bug#435378: Keyboard doesn't work on Pegasos2
There were no tags set.
Tags added: pending

> tags 439662 pending
Bug#439662: xen-3: FTBFS on amd64: error: gnu/stubs-32.h: No such file or 
directory
There were no tags set.
Tags added: pending

> tags 440206 pending
Bug#440206: multipath-tools: installing multipath tools causes mkinitramfs to 
generate an initrd which does not boot
There were no tags set.
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: depends on non-essential package adduser in postrm

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> package greylistd
Ignoring bugs not assigned to: greylistd

> tags 431516 + patch
Bug#431516: depends on non-essential package adduser in postrm
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440311: sun-java6-bin: fails to install

2007-08-31 Thread Ludo

Package: sun-java6-bin
Version: 6-02-1
Severity: grave
Justification: renders package unusable

When I try to install sun-java6-bin_6-02-1_i386.deb, I get this:

-
dax /var/log # dpkg -i /var/cache/apt/archives/sun-java6-bin_6-02-1_i386.deb
(Reading database ... 348238 files and directories currently installed.)
Preparing to replace sun-java6-bin 6-02-1 (using
.../sun-java6-bin_6-02-1_i386.deb) ...
sun-dlj-v1-1 license has already been accepted
Unpacking replacement sun-java6-bin ...
Setting up sun-java6-bin (6-02-1) ...
dpkg: error processing sun-java6-bin (--install):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 sun-java6-bin
-

The same happens when I specify --force-all. I've been having the same problem
with sun-java5-bin, as you can see:

-
dax /var/log # apt-get upgrade -y
Reading package lists... Done
Building dependency tree... Done
The following packages have been kept back:
  cupsys-driver-gutenprint eclipse-sdk ffmpeg foomatic-db-gutenprint kdebase
  kdelibs twinkle wengophone
0 upgraded, 0 newly installed, 0 to remove and 11 not upgraded.
3 not fully installed or removed.
Need to get 0B of archives.
After unpacking 0B of additional disk space will be used.
Setting up sun-java5-bin (1.5.0-12-2) ...
dpkg: error processing sun-java5-bin (--configure):
 subprocess post-installation script returned error exit status 1
Setting up sun-java6-bin (6-02-1) ...
dpkg: error processing sun-java6-bin (--configure):
 subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of sun-java6-plugin:
 sun-java6-plugin depends on sun-java6-bin (= 6-02-1); however:
  Package sun-java6-bin is not configured yet.
dpkg: error processing sun-java6-plugin (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 sun-java5-bin
 sun-java6-bin
 sun-java6-plugin
E: Sub-process /usr/bin/dpkg returned an error code (1)
-


The logs don't give more information:

-
[etc, etc]
2007-08-31 14:25:51 status half-configured sun-java6-bin 6-02-1
2007-08-31 14:31:47 upgrade sun-java6-bin 6-02-1 6-02-1
2007-08-31 14:31:47 status half-configured sun-java6-bin 6-02-1
2007-08-31 14:31:48 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:48 status half-installed sun-java6-bin 6-02-1
2007-08-31 14:31:52 status half-installed sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status unpacked sun-java6-bin 6-02-1
2007-08-31 14:31:54 status half-configured sun-java6-bin 6-02-1
2007-08-31 14:34:40 status half-configured sun-java5-bin 1.5.0-12-2
2007-08-31 14:34:41 status half-configured sun-java6-bin 6-02-1
-

This is on a Debian unstable system. Any idea of what could be wrong?

-- System Information:
Debian Release: lenny/sid
Architecture: i386 (i686)

Kernel: Linux 2.6.22-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440100: marked as done (CVE-2007-4134: Directory traversal vulnerability)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 13:02:02 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#440100: fixed in star 1.5a67-1.1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: star
Version: 1.5a67-1
Severity: grave
Tags: security
Justification: user security hole


A vulnerability has been found in star. From CVE-2007-4558:

"Directory traversal vulnerability in extract.c in star before 1.5a84 allows
user-assisted remote attackers to overwrite arbitrary files via certain //..
(slash slash dot dot) sequences in directory symlinks in a TAR archive."


This is fixed in 1.5a84.

Please mention the CVE id in the changelog.

--- End Message ---
--- Begin Message ---
Source: star
Source-Version: 1.5a67-1.1

We believe that the bug you reported is fixed in the latest version of
star, which is due to be installed in the Debian FTP archive:

star_1.5a67-1.1.diff.gz
  to pool/main/s/star/star_1.5a67-1.1.diff.gz
star_1.5a67-1.1.dsc
  to pool/main/s/star/star_1.5a67-1.1.dsc
star_1.5a67-1.1_i386.deb
  to pool/main/s/star/star_1.5a67-1.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <[EMAIL PROTECTED]> (supplier of updated star package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Fri, 31 Aug 2007 14:17:39 +0200
Source: star
Binary: star
Architecture: source i386
Version: 1.5a67-1.1
Distribution: unstable
Urgency: high
Maintainer: Pawel Wiecek <[EMAIL PROTECTED]>
Changed-By: Nico Golde <[EMAIL PROTECTED]>
Description: 
 star   - A fast POSIX-compliant tape archiver
Closes: 440100
Changes: 
 star (1.5a67-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by testing security team.
   * Fix directory traversal vulnerability in extract.c
 (CVE-2007-4134) (Closes: #440100).
Files: 
 8e0e5316c685b46561fae4672c8afc86 646 utils optional star_1.5a67-1.1.dsc
 5010b572b45bbbc3a625b3a8f65b81bf 31448 utils optional star_1.5a67-1.1.diff.gz
 53574a89cf4dafb72ccff9fc56654135 297786 utils optional star_1.5a67-1.1_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG2A3mHYflSXNkfP8RAktHAJ9NV5H4KWZJZGS6MrB+llm9yHGpFACfQw6x
goX0YP9rgEkOmG/xV//MiPQ=
=xOz+
-END PGP SIGNATURE-

--- End Message ---

Processed: Re: Bug#440311: sun-java6-bin: fails to install

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 440311 normal
Bug#440311: sun-java6-bin: fails to install
Severity set to `normal' from `grave'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440311: sun-java6-bin: fails to install

2007-08-31 Thread Matthias Klose

severity 440311 normal
thanks

so what does happen if you configure with -y/--force-all? please check within a
fresh chroot.

Ludo schrieb:
> Package: sun-java6-bin
> Version: 6-02-1
> Severity: grave
> Justification: renders package unusable

the severity is wrong anyway. use serious for such cases, but I cannot reproduce
it anyway, so downgrading.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#431382: pango-graphite_0.9.0-1: FTBFS: wrong include search path?

2007-08-31 Thread Daniel Glassey

reopen 433225
thanks

On 15/07/2007, Cyril Brulebois <[EMAIL PROTECTED]> wrote:
> Steve Langasek <[EMAIL PROTECTED]> (01/07/2007):
> > Hi Daniel,
> >
> > pango-graphite is failing to build on all architectures with the following
> > error:
> >
> > [...]
> > XftGrFont.cpp:16:22: error: GrResult.h: No such file or directory
> > [...]
>
> Hi,
>
> please: 1/ fix the .pc file with the attached patch, 2/ update your B-D on
> libgraphite-dev, versionning it with >= ${version with the correct .pc file}.
>
> Cloning, reassigning, tagging, and so on accordingly.

Sorry for the trouble, I should have got to that much sooner, no excuses.

The bug was in pango-graphite not silgraphite. I'm going to upload a
new upstream version (2.2.1) of silgraphite and this will include
removing the patches. Once that hits the archive I'll upload a new
release of pango-graphite (0.9.2) that knows where the headers are. So
I'm reopening this bug until the new pango-graphite comes.

Thanks,
Daniel

-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#431382: pango-graphite_0.9.0-1: FTBFS: wrong include search path?

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> reopen 433225
Bug#433225: [libgraphivz-dev] broken .pc file: wrong include path
'reopen' may be inappropriate when a bug has been closed with a version;
you may need to use 'found' to remove fixed versions.
Bug reopened, originator not changed.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: reopen 431382

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> reopen 431382
Bug#431382: [pango-graphite] broken B-D: libgraphite-dev
Bug reopened, originator not changed.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440325: kawari8_8.2.4-2(hppa/unstable): FTBFS: missing include?

2007-08-31 Thread lamont

Package: kawari8
Version: 8.2.4-2
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of kawari8_8.2.4-2 on bld-3 by sbuild/hppa 98
> Build started at 20070831-0144

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: cdbs (>= 0.4.48), debhelper (>= 5), python-dev, 
> libstlport4.6-dev, docbook-to-man, unzip

[...]

> ./libkawari/wordcollection.h:30: warning: 'class 
> IWordCollection' has virtual functions 
> but non-virtual destructor
> g++ -o../mach/linux/kosui   -pthread -lstlport -D_REENTRANT tool/kosui.o 
> libkawari/kawari_engine.o libkawari/kawari_ns.o libkawari/kawari_dict.o 
> libkawari/kawari_code.o libkawari/kawari_codeset.o 
> libkawari/kawari_codeexpr.o libkawari/kawari_codekis.o libkawari/kawari_vm.o 
> libkawari/kawari_lexer.o libkawari/kawari_compiler.o libkawari/kawari_log.o 
> libkawari/kawari_rc.o misc/misc.o misc/mt19937ar.o misc/l10n.o misc/phttp.o 
> saori/saori.o saori/saori_module.o saori/saori_unique.o kis/kis_echo.o 
> kis/kis_dict.o kis/kis_date.o kis/kis_counter.o kis/kis_file.o 
> kis/kis_escape.o kis/kis_urllist.o kis/kis_substitute.o kis/kis_split.o 
> kis/kis_communicate.o kis/kis_xargs.o kis/kis_string.o kis/kis_help.o 
> kis/kis_saori.o kis/kis_system.o libkawari/kawari_crypt.o misc/base64.o 
> saori/saori_native.o saori/saori_python.o  -pthread -lstlport -lpython2.4 -ldl
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> /usr/lib/gcc/hppa-linux-gnu/4.1.3/../../../libstlport.so: undefined reference 
> to [EMAIL PROTECTED]'
> collect2: ld returned 1 exit status
> make[1]: *** [../mach/linux/kosui] Error 1
> make[1]: Leaving directory 
> `/build/buildd/kawari8-8.2.4/build-tree/kawari-824/build/src'
> make: *** [debian/stamp-makefile-build] Error 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=hppa&pkg=kawari8&ver=8.2.4-2



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440324: bugzilla: Uninstallable due to bashisms (when using POSIX shell, eg. dash)

2007-08-31 Thread Ted Percival

Package: bugzilla
Version: 2.22.1-2
Severity: serious
Justification: Policy 10.4

Installation is failing on my system where /bin/sh is a link to
/bin/dash. The precense of the "-ne" and "-e" in output indicates that
there are probably one or more scripts using bash features without
specifying /bin/bash as the interpreter.

Here is a snippet of the output during installation:
> Replacing config file /etc/bugzilla/dbconfig-params with new version
> -ne granting access to database bugzilla for [EMAIL PROTECTED]: 
> -e failed.
> error encountered creating user:
> mysql said: ERROR 1049 (42000): Unknown database 'bugzilla'


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.16.29-xen
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)

Versions of packages bugzilla depends on:
ii  apache2-mpm-prefork [httpd 2.2.3-4+etch1 Traditional model for Apache HTTPD
ii  dbconfig-common1.8.29+etch1  common framework for packaging dat
ii  debconf [debconf-2.0]  1.5.11Debian configuration management sy
ii  exim4  4.63-17   metapackage to ease exim MTA (v4) 
ii  exim4-daemon-light [mail-t 4.63-17   lightweight exim MTA (v4) daemon
ii  libappconfig-perl  1.56-2Perl module for configuration file
ii  libdbd-mysql-perl  3.0008-1  A Perl5 database interface to the 
ii  libmailtools-perl  1.74-1Manipulate email in perl programs
ii  libmime-perl   5.420-0.1 Perl5 modules for MIME-compliant m
ii  libtemplate-perl   2.14-1template processing system written
ii  libtimedate-perl   1.1600-5  Time and date functions for Perl
ii  mysql-client-5.0 [mysql-cl 5.0.32-7etch1 mysql database client binaries
ii  patch  2.5.9-4   Apply a diff file to an original
ii  ucf2.0020Update Configuration File: preserv

Versions of packages bugzilla recommends:
ii  libchart-perl   2.4.1-4  Chart Library for Perl
ii  libxml-parser-perl  2.34-4.2 Perl module for parsing XML files
ii  mysql-server5.0.32-7etch1mysql database server (meta packag
ii  mysql-server-5.0 [m 5.0.32-7etch1mysql database server binaries
ii  perlmagick  7:6.2.4.5.dfsg1-0.14 A perl interface to the libMagick 

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440329: swh-plugins_0.4.15-0.1(hppa/unstable): FTBFS: unrecognized command line option "-march=hppa"

2007-08-31 Thread lamont

Package: swh-plugins
Version: 0.4.15-0.1
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of swh-plugins_0.4.15-0.1 on peri by sbuild/hppa 98
> Build started at 20070831-0331

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>> 4.0.0), libtool, automake1.9, ladspa-sdk, 
> fftw3-dev (>= 3.0.1-1), ed, pkg-config

[...]

> make[3]: Entering directory `/build/buildd/swh-plugins-0.4.15/po'
> make[3]: Nothing to be done for `all'.
> make[3]: Leaving directory `/build/buildd/swh-plugins-0.4.15/po'
> Making all in util
> make[3]: Entering directory `/build/buildd/swh-plugins-0.4.15/util'
> if hppa-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -Wall -O3 
> -fomit-frame-pointer -fstrength-reduce -funroll-loops -ffast-math -fPIC -DPIC 
> -march=hppa   -MT rms.o -MD -MP -MF ".deps/rms.Tpo" -c -o rms.o rms.c; \
>   then mv -f ".deps/rms.Tpo" ".deps/rms.Po"; else rm -f ".deps/rms.Tpo"; 
> exit 1; fi
> cc1: error: unrecognized command line option "-march=hppa"
> make[3]: *** [rms.o] Error 1
> make[3]: Leaving directory `/build/buildd/swh-plugins-0.4.15/util'
> make[2]: *** [all-recursive] Error 1
> make[2]: Leaving directory `/build/buildd/swh-plugins-0.4.15'
> make[1]: *** [all] Error 2
> make[1]: Leaving directory `/build/buildd/swh-plugins-0.4.15'
> make: *** [build-stamp] Error 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=hppa&pkg=swh-plugins&ver=0.4.15-0.1



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440326: r-cran-maps_2.0-36-1(hppa/unstable): FTBFS: mawk: not found

2007-08-31 Thread lamont

Package: r-cran-maps
Version: 2.0-36-1
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of r-cran-maps_2.0-36-1 on bld-3 by sbuild/hppa 98
> Build started at 20070831-0748

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>> 4.1.0), r-base-dev (>> 2.0.0), cdbs

[...]

> AWK=mawk R CMD INSTALL -l 
> /build/buildd/r-cran-maps-2.0-36/debian/r-cran-maps/usr/lib/R/site-library .
> * Installing *source* package 'maps' ...
> ** libs
> ** arch - 
> make[1]: Entering directory `/build/buildd/r-cran-maps-2.0-36/src'
> gcc-4.2 -std=gnu99 -g -O2Gmake.c   -o Gmake
> gcc-4.2 -std=gnu99 -g -O2Lmake.c   -o Lmake
> Converting world to world2
> mawk -f convert.awk < world.line > world2.line
> /bin/sh: mawk: command not found
> make[1]: *** [world2.line] Error 127
> make[1]: Leaving directory `/build/buildd/r-cran-maps-2.0-36/src'
> ERROR: compilation failed for package 'maps'
> ** Removing 
> '/build/buildd/r-cran-maps-2.0-36/debian/r-cran-maps/usr/lib/R/site-library/maps'
> make: *** [R_any_arch] Error 1

A full build log can be found at:
http://buildd.debian.org/build.php?arch=hppa&pkg=r-cran-maps&ver=2.0-36-1

mawk is not build-essential.  There is 'awk', or you could build-depend.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#439226: CVE-2007-4462: arbitrary files overwriting

2007-08-31 Thread Moritz Muehlenhoff

Nicolas François wrote:
> > Hi,
> > 
> > A security issue has been reported against your package po4a:
> > 
> > > lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite
> > > arbitrary files via a symlink attack on the gettextization.failed.po
> > > temporary file.
> > 
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462
> > It seems the new upstream 0.32 fixes this.
> > 
> > Please mention the CVE id in the changelog when fixing this.
> > Also please check whether stable and oldstable are vulneable and coordinate 
> > with the security team.
> 
> This was fixed in Debian's 0.31-1
> 
> stable and oldstable are vulnerable.
> 
> The fix for this bug is quite simple:
> replacing
> $pores->write("/tmp/gettextization.failed.po");
> by
> $pores->write("gettextization.failed.po");
> 
> Security Team, shall I prepare packages with this fix and upload to
> stable-security and oldstable-security?

Which enduser tools use the affected code and which operations trigger the
vulnerability?

Given that there's apparently no regularly scheduled execution (e.g. in
comparison to a server cron job), that the .pm doesn't run with elevated
privileges, that po4a is exotic and apparently uncommon in a multi user
environment with shared /tmp I'm for now inclined to consider this not
grave enough for a DSA. (However, this depends on the information I'm
asking for)

Cheers,
Moritz

-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Intent to NMU

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> Tags 420342 +pending
Bug#420342: papaya: FTBFS: mv: cannot stat 
`debian/papaya/usr/share/papaya/manual.pdf': No such file or directory
Tags were: sid lenny
Tags added: pending

> Thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#433225: marked as done ([libgraphivz-dev] broken .pc file: wrong include path)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 15:17:05 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#433225: fixed in silgraphite2.0 1:2.2.1-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: pango-graphite
Version: 0.9.0-1
Severity: serious

Hi Daniel,

pango-graphite is failing to build on all architectures with the following
error:

[...]
 g++ -DPACKAGE_NAME=\"pango-graphite\" -DPACKAGE_TARNAME=\"pango-graphite\" 
-DPACKAGE_VERSION=\"0.9.0\" "-DPACKAGE_STRING=\"pango-graphite 0.9.0\"" 
-DPACKAGE_BUGREPORT=\"[EMAIL PROTECTED]" -DPACKAGE=\"pango-graphite\" 
-DVERSION=\"0.9.0\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 
-DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 
-DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 
-DSTDC_HEADERS=1 -DHAVE_LIMITS_H=1 -DHAVE_MALLOC_H=1 -DHAVE_MEMORY_H=1 
-DHAVE_STDDEF_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DSIZEOF_WCHAR_T=4 
-DHAVE_STDLIB_H=1 -DHAVE_MALLOC=1 -DHAVE_STDLIB_H=1 -DHAVE_REALLOC=1 
-DHAVE_VPRINTF=1 -DHAVE_ISASCII=1 -DHAVE_MEMMOVE=1 -DHAVE_MEMSET=1 
-DHAVE_STRCASECMP=1 -DHAVE_STRCHR=1 -DHAVE_STRRCHR=1 -DHAVE_STRTOUL=1 
-DNDEBUG=1 -I. -I. -DPANGO_ENABLE_ENGINE -DPANGO_ENABLE_BACKEND 
-DG_DISABLE_DEPRECATED -DMODULE_VERSION=\"1.6.0\" -DPANGO_MAJOR_VERSION=1 
-DPANGO_MINOR_VERSION=16 -DG_DISABLE_ASSERT -DG_DISABLE_CHECKS 
-I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/pango-1.0 
-I/usr/include/freetype2 -g -Wall -O2 -c XftGrFont.cpp  -fPIC -DPIC -o 
.libs/XftGrFont.o
XftGrFont.cpp:16:22: error: GrResult.h: No such file or directory
[...]

Full build log can be found at
.

It looks like /usr/include/graphite is missing from the include search path
for this build.

Cheers,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/

--- End Message ---
--- Begin Message ---
Source: silgraphite2.0
Source-Version: 1:2.2.1-2

We believe that the bug you reported is fixed in the latest version of
silgraphite2.0, which is due to be installed in the Debian FTP archive:

libgraphite-dev_2.2.1-2_i386.deb
  to pool/main/s/silgraphite2.0/libgraphite-dev_2.2.1-2_i386.deb
libgraphite3-dbg_2.2.1-2_i386.deb
  to pool/main/s/silgraphite2.0/libgraphite3-dbg_2.2.1-2_i386.deb
libgraphite3_2.2.1-2_i386.deb
  to pool/main/s/silgraphite2.0/libgraphite3_2.2.1-2_i386.deb
silgraphite2.0_2.2.1-2.diff.gz
  to pool/main/s/silgraphite2.0/silgraphite2.0_2.2.1-2.diff.gz
silgraphite2.0_2.2.1-2.dsc
  to pool/main/s/silgraphite2.0/silgraphite2.0_2.2.1-2.dsc
silgraphite2.0_2.2.1.orig.tar.gz
  to pool/main/s/silgraphite2.0/silgraphite2.0_2.2.1.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Glassey <[EMAIL PROTECTED]> (supplier of updated silgraphite2.0 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Fri, 31 Aug 2007 14:54:42 +0100
Source: silgraphite2.0
Binary: libgraphite3 libgraphite3-dbg libgraphite-dev
Architecture: source i386
Version: 1:2.2.1-2
Distribution: unstable
Urgency: low
Maintainer: Daniel Glassey <[EMAIL PROTECTED]>
Changed-By: Daniel Glassey <[EMAIL PROTECTED]>
Description: 
 libgraphite-dev - Development files for SILGraphite
 libgraphite3 - SILGraphite - a "smart font" rendering engine
 libgraphite3-dbg - debugging symbols for SILGraphite
Closes: 433225
Changes: 
 silgraphite2.0 (1:2.2.1-2) unstable; urgency=low
 .
   * Upload to Debian
   * Remove the patch to graphite.pc.in (see bug 433225), Closes: #433225
   Thanks to Cyril for the NMU and good attempt at fixing problem
   Reclosing bug reopened by mistake
Files: 
 be6e5954266e53a83cb2efe16b9e8ad4 660 libs optional silgraphite2.0_2.2.1-2.dsc
 d990ba0b38264012ca823b1f2965c415 1987896 libs optional 
silgraphite2.0_2.2.1.orig.tar.gz
 29fc1a2db446896a356db210f8135c0b 8198 libs optional 
silgraphite2

Bug#420342: Intent to NMU

2007-08-31 Thread Margarita Manterola

Tags 420342 +pending
Thanks

Hi!

Based on the patch provided by Mario Iseli, I have prepared an NMU for
Papaya.  I have added texlive-latex-recommended, texlive-latex-extra, and
texlive-extra-utils to build-dependencies, replacing the removed tetex-*
packages.

I have also removed gnome-gv from the dependencies, since it's been
replaced by evince (it's no longer in testing).

I'll be uploading to the 3-day delayed queue.  This means that the package
should be entering unstable around Monday, September 3rd.

I'm attaching the full output of interdiff.  It's a bit big, due to the
rules that replace the config.guess, but the real changes are small:

diff -u papaya-0.97.20031122/debian/control papaya-0.97.20031122/debian/control
--- papaya-0.97.20031122/debian/control
+++ papaya-0.97.20031122/debian/control
@@ -2,13 +2,13 @@
 Section: games
 Priority: optional
 Maintainer: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]>
-Build-Depends: debhelper (>> 4.0.0), libgtk2.0-dev, libglade2-dev, 
kdelibs4-dev, pkg-config, python-dev, python-gtk2-dev, libfreetype6-dev, 
tetex-bin, tetex-extra, netpbm, gs
+Build-Depends: debhelper (>> 4.0.0), libgtk2.0-dev, libglade2-dev, 
kdelibs4-dev, pkg-config, python-dev, python-gtk2-dev, libfreetype6-dev, 
texlive-latex-recommended, texlive-latex-extra, texlive-extra-utils, netpbm, gs
 Standards-Version: 3.6.2.1
 
 Package: papaya
 Section: games
 Architecture: any
-Depends: ${shlibs:Depends} ${misc:Depends}, mime-support, gpdf | xpdf | 
gnome-gv | pdf-viewer
+Depends: ${shlibs:Depends} ${misc:Depends}, mime-support, gpdf | xpdf | evince 
| pdf-viewer
 Description: extensible MUD client
  Papaya is a GTK/GNOME MUD client with plugin support to enable extra features
  without adding unnecessary bloat. It features multiple simultaneous

-- 
 Bezitos,
 Maggie.
diff -u papaya-0.97.20031122/config.guess papaya-0.97.20031122/config.guess
--- papaya-0.97.20031122/config.guess
+++ papaya-0.97.20031122/config.guess
@@ -1,9 +1,10 @@
 #! /bin/sh
 # Attempt to guess a canonical system name.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-#   2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
+#   Inc.
 
-timestamp='2006-02-23'
+timestamp='2007-03-06'
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -160,6 +161,7 @@
 	arm*) machine=arm-unknown ;;
 	sh3el) machine=shl-unknown ;;
 	sh3eb) machine=sh-unknown ;;
+	sh5el) machine=sh5le-unknown ;;
 	*) machine=${UNAME_MACHINE_ARCH}-unknown ;;
 	esac
 	# The Operating System including object format, if it has switched
@@ -210,7 +212,7 @@
 	echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE}
 	exit ;;
 macppc:MirBSD:*:*)
-	echo powerppc-unknown-mirbsd${UNAME_RELEASE}
+	echo powerpc-unknown-mirbsd${UNAME_RELEASE}
 	exit ;;
 *:MirBSD:*:*)
 	echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
@@ -770,6 +772,8 @@
 	case ${UNAME_MACHINE} in
 	pc98)
 		echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	amd64)
+		echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
 	*)
 		echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
 	esac
@@ -777,10 +781,7 @@
 i*:CYGWIN*:*)
 	echo ${UNAME_MACHINE}-pc-cygwin
 	exit ;;
-i*:MINGW*:*)
-	echo ${UNAME_MACHINE}-pc-mingw32
-	exit ;;
-i*:MSYS_NT-*:*:*)
+*:MINGW*:*)
 	echo ${UNAME_MACHINE}-pc-mingw32
 	exit ;;
 i*:windows32*:*)
@@ -790,12 +791,15 @@
 i*:PW*:*)
 	echo ${UNAME_MACHINE}-pc-pw32
 	exit ;;
-x86:Interix*:[345]*)
-	echo i586-pc-interix${UNAME_RELEASE}
-	exit ;;
-EM64T:Interix*:[345]*)
-	echo x86_64-unknown-interix${UNAME_RELEASE}
-	exit ;;
+*:Interix*:[3456]*)
+	case ${UNAME_MACHINE} in
+	x86) 
+		echo i586-pc-interix${UNAME_RELEASE}
+		exit ;;
+	EM64T | authenticamd)
+		echo x86_64-unknown-interix${UNAME_RELEASE}
+		exit ;;
+	esac ;;
 [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
 	echo i${UNAME_MACHINE}-pc-mks
 	exit ;;
@@ -831,6 +835,9 @@
 arm*:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
+avr32*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
 cris:Linux:*:*)
 	echo cris-axis-linux-gnu
 	exit ;;
@@ -947,6 +954,9 @@
 x86_64:Linux:*:*)
 	echo x86_64-unknown-linux-gnu
 	exit ;;
+xtensa:Linux:*:*)
+	echo xtensa-unknown-linux-gnu
+	exit ;;
 i*86:Linux:*:*)
 	# The BFD linker knows what the default object file format is, so
 	# first see if it will tell us. cd to the root directory to prevent
@@ -989,7 +999,7 @@
 	LIBC=gnulibc1
 	# endif
 	#else
-	#if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__sun)
+	#if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
 	LIBC=gnu
 	#else
 	LIBC=gnuaout
@@ -1205,6 +1215,15 @

Bug#438511: marked as done (CVE-2007-3713 possible arbitary code execution)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 15:47:06 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#438511: fixed in centerim 4.22.1-2lenny1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: centerim
Version: 4.22.1-2
Severity: grave
Tags: security

CVE-2007-3713[0]:
Multiple buffer overflows in Konst CenterICQ 4.9.11 through 
4.21 allow remote attackers to execute arbitrary code via 
unspecified vectors. NOTE: the provenance of this 
information is unknown; the details are obtained solely from 
third party information. NOTE: this might overlap 
CVE-2007-0160.

If you fix this bug please include a CVE id in the 
changelog.

Kind regards
Nico
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3713
-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpIDSFwUkztD.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: centerim
Source-Version: 4.22.1-2lenny1

We believe that the bug you reported is fixed in the latest version of
centerim, which is due to be installed in the Debian FTP archive:

centericq-fribidi_4.22.1-2lenny1_all.deb
  to pool/main/c/centerim/centericq-fribidi_4.22.1-2lenny1_all.deb
centericq-utf8_4.22.1-2lenny1_all.deb
  to pool/main/c/centerim/centericq-utf8_4.22.1-2lenny1_all.deb
centericq_4.22.1-2lenny1_all.deb
  to pool/main/c/centerim/centericq_4.22.1-2lenny1_all.deb
centerim-common_4.22.1-2lenny1_i386.deb
  to pool/main/c/centerim/centerim-common_4.22.1-2lenny1_i386.deb
centerim-fribidi_4.22.1-2lenny1_i386.deb
  to pool/main/c/centerim/centerim-fribidi_4.22.1-2lenny1_i386.deb
centerim-utf8_4.22.1-2lenny1_i386.deb
  to pool/main/c/centerim/centerim-utf8_4.22.1-2lenny1_i386.deb
centerim_4.22.1-2lenny1.diff.gz
  to pool/main/c/centerim/centerim_4.22.1-2lenny1.diff.gz
centerim_4.22.1-2lenny1.dsc
  to pool/main/c/centerim/centerim_4.22.1-2lenny1.dsc
centerim_4.22.1-2lenny1_i386.deb
  to pool/main/c/centerim/centerim_4.22.1-2lenny1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <[EMAIL PROTECTED]> (supplier of updated centerim package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Thu, 30 Aug 2007 10:22:22 +
Source: centerim
Binary: centerim-utf8 centericq-utf8 centericq-fribidi centerim centericq 
centerim-fribidi centerim-common
Architecture: source all i386
Version: 4.22.1-2lenny1
Distribution: testing-security
Urgency: high
Maintainer: Anibal Avelar (Fixxxer) <[EMAIL PROTECTED]>
Changed-By: Steffen Joeris <[EMAIL PROTECTED]>
Description: 
 centericq  - transitional package for centerim
 centericq-fribidi - transitional package for centerim-fribidi
 centericq-utf8 - transitional package for centerim-utf8
 centerim   - A text-mode multi-protocol instant messenger client
 centerim-common - A text-mode multi-protocol instant messenger client (data 
files)
 centerim-fribidi - A text-mode multi-protocol instant messenger client (Hebrew)
 centerim-utf8 - A text-mode multi-protocol instant messenger client
Closes: 438511
Changes: 
 centerim (4.22.1-2lenny1) testing-security; urgency=high
 .
   * Non-maintainer upload by testing security team
   * Included fedora-security-patch (Thanks to Tristan Seligmann)
 to fix CVE-2007-3713 (Closes: #438511)
Files: 
 af9aeed04028edb6ad5bc30bd4464b5a 958 net optional centerim_4.22.1-2lenny1.dsc
 d128b54e3cc04a6ee651c51682a497a9 2606696 net optional 
centerim_4.22.1.orig.tar.gz
 e80f19aad463c474c48dd7f4e3d70491 2504978 net optional 
centerim_4.22.1-2lenny1.diff.gz
 544198c2c4481d63264a8374aaa5a8ad 371580 net optional 
centerim-common_4.22.1-2lenny1_i386.deb
 90114cf78966f3445b92644be6f406b0 1292628 net optional 
centerim_4.22.1-2lenny1_i386.deb
 fd8760fb91d7226d4602359830001c22 1292686 net optional 
centerim-utf8_4.22.1-2lenny1_i386.deb
 15902d6b00f5d13d71e0358011c6aa5a 1293264 net optional 
centerim-fribidi_4.22.1-2lenny1_i386.deb
 ca2c1061c336fd67f395a67b35188109 40112 net optional 
centericq_4.22.1-2lenny1_all.deb
 591b75c19a79006078be48ccb91bcd

Bug#424478: diff for 0.9.2-4.1 NMU

2007-08-31 Thread Pierre Habouzit

Hi,

Attached is the diff for my oprofile 0.9.2-4.1 NMU.
diff -u oprofile-0.9.2/debian/changelog oprofile-0.9.2/debian/changelog
--- oprofile-0.9.2/debian/changelog
+++ oprofile-0.9.2/debian/changelog
@@ -1,3 +1,11 @@
+oprofile (0.9.2-4.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Closes: bug#424478 -- Force rebuild with newer binutils, to let orprofile
+understand binaries with --hash-style=gnu.
+
+ -- Pierre Habouzit <[EMAIL PROTECTED]>  Fri, 31 Aug 2007 18:18:56 +0200
+
 oprofile (0.9.2-4) unstable; urgency=low
 
   * Closes: bug#411286 -- does not work on AMD64, 2.6.19.2 kernel (used
diff -u oprofile-0.9.2/debian/control oprofile-0.9.2/debian/control
--- oprofile-0.9.2/debian/control
+++ oprofile-0.9.2/debian/control
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Al Stone <[EMAIL PROTECTED]>
 Standards-Version: 3.7.2
-Build-Depends: debhelper (>> 4.0.0), xsltproc, docbook-xsl, libqt3-mt-dev, 
libpopt-dev, binutils-dev, qt3-dev-tools, g++ (>>3.3.1), automake1.9
+Build-Depends: debhelper (>> 4.0.0), xsltproc, docbook-xsl, libqt3-mt-dev, 
libpopt-dev, binutils-dev (>= 2.18~cvs20070812-1), qt3-dev-tools, g++ 
(>>3.3.1), automake1.9
 
 Package: oprofile
 Architecture: i386 ia64 alpha hppa powerpc sparc amd64 arm mips
@@ -34,7 +34,7 @@
 Package: oprofile-common
 Architecture: i386 ia64 alpha hppa powerpc sparc amd64 arm mips
 Replaces: oprofile
-Depends: debconf | debconf-2.0, binutils, ${shlibs:Depends}
+Depends: debconf | debconf-2.0, binutils (>= 2.18~cvs20070812-1), 
${shlibs:Depends}
 Description: system-wide profiler for Linux systems (command line components)
  This package contains only the command line components of the
  oprofile package.  This allows oprofile to be used on machines that


pgpOsCS2JqZIi.pgp
Description: PGP signature

Bug#440333: padevchooser: fails to start

2007-08-31 Thread Bardia Behabadi

Package: padevchooser
Version: 0.9.3-1
Severity: grave
Justification: renders package unusable

padevchooser fails to startup with the following error msg:
** (padevchooser:2470): WARNING **: pa_browser_new() failed.
searching the web revealed this bug report:
http://www.pulseaudio.org/ticket/29
where they claim it's a dbus startup problem, however i do have dbus
started up automagically by gnome so i'm not sure what to do.
All other PulseAudio 'utils' are working but this seemingly essential
one does not.  Thanks for your help.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-1-k7 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages padevchooser depends on:
ii  libatk1.0-01.18.0-2  The ATK accessibility toolkit
ii  libc6  2.6.1-1+b1GNU C Library: Shared libraries
ii  libcairo2  1.4.10-1  The Cairo 2D vector graphics libra
ii  libdbus-1-31.1.1-3   simple interprocess messaging syst
ii  libdbus-glib-1-2   0.74-1simple interprocess messaging syst
ii  libfontconfig1 2.4.2-1.2 generic font configuration library
ii  libgconf2-42.18.0.1-3GNOME configuration database syste
ii  libglade2-01:2.6.2-1 library to load .glade files at ru
ii  libglib2.0-0   2.14.0-2  The GLib library of C routines
ii  libgtk2.0-02.10.13-1 The GTK+ graphical user interface 
ii  libnotify1 0.4.4-3   sends desktop notifications to a n
ii  liborbit2  1:2.14.7-0.1  libraries for ORBit2 - a CORBA ORB
ii  libpango1.0-0  1.16.5-1  Layout and rendering of internatio
ii  libpulse-browse0   0.9.5-7lenny2 PulseAudio client libraries
ii  libpulse-mainloop-glib00.9.5-7lenny2 PulseAudio client libraries
ii  libpulse0  0.9.6-1   PulseAudio client libraries
ii  libx11-6   2:1.0.3-7 X11 client-side library
ii  libxcursor11:1.1.8-2 X cursor management library
ii  libxext6   1:1.0.3-2 X11 miscellaneous extension librar
ii  libxfixes3 1:4.0.3-2 X11 miscellaneous 'fixes' extensio
ii  libxi6 2:1.1.2-1 X11 Input extension library
ii  libxinerama1   1:1.0.2-1 X11 Xinerama extension library
ii  libxml22.6.29.dfsg-1 GNOME XML library
ii  libxrandr2 2:1.2.1-1 X11 RandR extension library
ii  libxrender11:0.9.2-1 X Rendering Extension client libra

Versions of packages padevchooser recommends:
ii  paman 0.9.3-1PulseAudio Manager
ii  paprefs   0.9.5-1PulseAudio Preferences
ii  pavucontrol   0.9.4-1PulseAudio Volume Control
ii  pavumeter 0.9.2-1PulseAudio Volume Meter

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440333: clarification

2007-08-31 Thread Bardia Fallah Behabadi

Not sure that the dbus hypothesis is right.  I do not recieve the first
line reported in the referenced bug report:
libnotify-Message: Unable to get session bus: Unable to determine the address

I only see a similar second line:
** (padevchooser:7957): WARNING **: pa_browser_new() failed.
which seems entirely uninformative.
The number 7957 changes everytime, i guess it's a PID.
Hope that helps.  lmk what other kind of information i can provide.

I have the same bug on my system at home (this is my work machine), i
suspect i have not started the pulseaudio daemon properly?  Or not
enabled the necessary modules, but when i start the PA daemon in verbose
mode in a terminal window i do see the two modules required being loaded:
http://0pointer.de/lennart/projects/padevchooser/
"Obviously padevchooser requires an installation of PulseAudio (version
0.9.2), compiled with ZeroConf support. For being discovered correctly
PulseAudio servers need to load module-zeroconf-publish and
module-native-protocol-tcp"


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#424478: marked as done (opreport says binaries not in usable format (please schedule binNMU of oprofile on every arch))

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 16:47:06 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#424478: fixed in oprofile 0.9.2-4.1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: oprofile
Severity: important

On Sun, May 13, 2007 at 03:23:46PM +0200, Pierre Habouzit wrote:
>   The move of the toolchain to GNU_HASH style broke opreport and
> friends. A simple rebuild is enough to make it support the "new way".

  Binutils are now able (with the last gcc as well) to produce binaries
using --hash-style=gnu. The current oprofile does not understand such
binaries yet, and needs a rebuild to do so (it's sufficient).

  Though, Steve thinks (and I agree) that it would be better to make a
new sourceful upload with a version depends upon binutils, version
2.17cvs20070426-6 should do.

Cheers,
-- 
·O·  Pierre Habouzit
··O[EMAIL PROTECTED]
OOOhttp://www.madism.org

pgpIIocpLXcDL.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: oprofile
Source-Version: 0.9.2-4.1

We believe that the bug you reported is fixed in the latest version of
oprofile, which is due to be installed in the Debian FTP archive:

oprofile-common_0.9.2-4.1_amd64.deb
  to pool/main/o/oprofile/oprofile-common_0.9.2-4.1_amd64.deb
oprofile-gui_0.9.2-4.1_amd64.deb
  to pool/main/o/oprofile/oprofile-gui_0.9.2-4.1_amd64.deb
oprofile_0.9.2-4.1.diff.gz
  to pool/main/o/oprofile/oprofile_0.9.2-4.1.diff.gz
oprofile_0.9.2-4.1.dsc
  to pool/main/o/oprofile/oprofile_0.9.2-4.1.dsc
oprofile_0.9.2-4.1_amd64.deb
  to pool/main/o/oprofile/oprofile_0.9.2-4.1_amd64.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pierre Habouzit <[EMAIL PROTECTED]> (supplier of updated oprofile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Fri, 31 Aug 2007 18:18:56 +0200
Source: oprofile
Binary: oprofile-common oprofile oprofile-gui
Architecture: source amd64
Version: 0.9.2-4.1
Distribution: unstable
Urgency: low
Maintainer: Al Stone <[EMAIL PROTECTED]>
Changed-By: Pierre Habouzit <[EMAIL PROTECTED]>
Description: 
 oprofile   - system-wide profiler for Linux systems
 oprofile-common - system-wide profiler for Linux systems (command line 
components)
 oprofile-gui - system-wide profiler for Linux systems (GUI components)
Closes: 424478
Changes: 
 oprofile (0.9.2-4.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Closes: bug#424478 -- Force rebuild with newer binutils, to let orprofile
 understand binaries with --hash-style=gnu.
Files: 
 a7b067c73859ce5e07d0a1cf27c22b89 773 devel optional oprofile_0.9.2-4.1.dsc
 f6eaaedd90c263fb1faa39b907e6ee24 44291 devel optional 
oprofile_0.9.2-4.1.diff.gz
 85bbae3db3f7d334cc6d47b40582c9fa 190994 devel optional 
oprofile_0.9.2-4.1_amd64.deb
 b170f952cdb15273c2a31de82624ce40 2094760 devel optional 
oprofile-common_0.9.2-4.1_amd64.deb
 f4ceb5b246b8a877150e0d45071d4fbd 96188 devel optional 
oprofile-gui_0.9.2-4.1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG2EAgvGr7W6HudhwRAi93AJ9pqrHpIRB7df74m6XXTlp8vkcLsgCfU7up
MDYT2nu5RT2XBRZweaeghEo=
=eDCh
-END PGP SIGNATURE-

--- End Message ---

Bug#439445: marked as done (uninstallable in sid (depends on obsoleted libmtp5))

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 19:00:59 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#439445: Please compile amarok with libmtp6 (i.e. libmptp > 
0.2.0)
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: amarok
Version: 1.4.7-1
Severity: wishlist


Hello

libmtp 0.2.0 was released with the following changes (written by Linus
Walleij):

* It uses extended commands to retrieve and cache large
  metadata sets quickly.
* Is features VERY many new device ID:s and bug flags
  making it ever more interoperable.
* It fully supports 64bit filesizes. (We hope.)
* It produced udev rules for the new kernels.
* It produces a very bleeding edge HAL style .fdi file.
* Many, many other bug fixes.

Notice that the album API in the libmtp.h file has changed
somewhat, it should be quite easy to upgrade the existing code.
However the album API still needs some overhaul.

The library version is bumped to libmtp.so.6 as a consequence of
the changes which affects distribution packaging and makes
it necessary to recompile applications linking to libmtp.

This new version was packaged by Raphael in libmtp6. 

Could you upgrade amarok to this version of libmtp ?

Thanks

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.21-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages amarok depends on:
ii  amarok-xine [amarok-eng 1.4.7-1  xine engine for the Amarok audio p
ii  kdelibs4c2a 4:3.5.7.dfsg.1-5 core libraries and binaries for al
ii  libart-2.0-22.3.19-3 Library of functions for 2D graphi
ii  libaudio2   1.9-2+b1 The Network Audio System (NAS). (s
ii  libc6   2.6.1-1  GNU C Library: Shared libraries
ii  libfontconfig1  2.4.2-1.2generic font configuration library
ii  libfreetype62.3.5-1+b1   FreeType 2 font engine, shared lib
ii  libgcc1 1:4.2.1-4GCC support library
ii  libgl1-mesa-glx [libgl1 7.0.1-1  A free implementation of the OpenG
ii  libglib2.0-02.14.0-2 The GLib library of C routines
ii  libgpod20.5.2-4  a library to read and write songs 
ii  libice6 2:1.0.4-1X11 Inter-Client Exchange library
ii  libidn111.0-0GNU libidn library, implementation
ii  libifp4 1.0.0.2-3communicate with iRiver iFP audio 
ii  libjpeg62   6b-13The Independent JPEG Group's JPEG 
ii  libkarma0   0.0.6-2  Rio Karma access library [runtime 
ii  libmtp5 0.1.5-2  Media Transfer Protocol (MTP) libr
ii  libmysqlclient15off 5.0.45-1 MySQL database client library
ii  libnjb5 2.2.5-4.1Creative Labs Nomad Jukebox librar
ii  libpng12-0  1.2.15~beta5-2   PNG library - runtime
ii  libpq5  8.2.4-3  PostgreSQL C client library
ii  libqt3-mt   3:3.3.7-7Qt GUI Library (Threaded runtime v
ii  libruby1.8  1.8.6.36-1   Libraries necessary to run Ruby 1.
ii  libsdl1.2debian 1.2.11-9 Simple DirectMedia Layer
ii  libsm6  2:1.0.3-1+b1 X11 Session Management library
ii  libsqlite3-03.4.2-1  SQLite 3 shared library
ii  libstdc++6  4.2.1-4  The GNU Standard C++ Library v3
ii  libtag1c2a  1.4-8+b1 TagLib Audio Meta-Data Library
ii  libtagc01.4-8+b1 TagLib Audio Meta-Data Library (C 
ii  libtunepimp50.5.3-4+b1   MusicBrainz tagging library
ii  libusb-0.1-42:0.1.12-7   userspace USB programming library
ii  libvisual-0.4-0 0.4.0-1.1Audio visualization framework
ii  libx11-62:1.0.3-7X11 client-side library
ii  libxcursor1 1:1.1.8-2X cursor management library
ii  libxext61:1.0.3-2X11 miscellaneous extension librar
ii  libxft2 2.1.12-2 FreeType-based font drawing librar
ii  libxi6  2:1.1.2-1X11 Input extension library
ii  libxinerama11:1.0.2-1X11 Xinerama

Bug#433047: marked as done (libspf2: debian/copyright misrepresents license as GPL/BSD, should be LGPL/BSD)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 17:18:13 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#433047: fixed in libspf2 1.2.5.dfsg-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libspf2
Version: 4
Severity: serious
Tags: patch
Justification: Policy 12.5

debian/copyright misrepresents the license as GPL/BSD, but libspf2's
README file says:

| The code in the libspf2 distribution is Copyright 2005 by Shevek
| and Wayne Schlitt, all rights reserved.  Copyright retained for the
| purpose of protecting free software redistribution.
| 
| This program is free software; you can redistribute it and/or modify
| it under the terms of either:
| 
|   a) the GNU Lesser General Public License as published by the Free
|  Software Foundation; either version 2.1, or (at your option) any
|  later version, or
| 
|   OR
| 
|   b) The two-clause BSD license.
| 
| [...]

So the license really is LGPL/BSD.  I am attaching a patch that updates
debian/copyright accordingly.
diff -ruN libspf2-1.2.5.dfsg.org/debian/copyright 
libspf2-1.2.5.dfsg/debian/copyright
--- libspf2-1.2.5.dfsg.org/debian/copyright 2007-07-13 22:06:15.0 
+
+++ libspf2-1.2.5.dfsg/debian/copyright 2007-07-13 22:56:41.0 +
@@ -9,11 +9,12 @@
 
 Copyright:
 
-This software is copyright (c) 2004 by Wayne Schlitt <[EMAIL PROTECTED]>
+This software is copyright (c) 2004-2005 by Wayne Schlitt <[EMAIL PROTECTED]>
+and Shevek <[EMAIL PROTECTED]>
 
-You are free to distribute this software under the terms of
-the GNU General Public License version 2 or the BSD license, at your choice.
+You are free to distribute this software under the terms of the GNU Lesser
+General Public License version 2.1 or the BSD license, at your choice.
 
-On Debian systems, the complete text of the GNU General Public
-License can be found in the file `/usr/share/common-licenses/GPL-2' and
+On Debian systems, the complete text of the GNU Lesser General Public
+License can be found in the file `/usr/share/common-licenses/LGPL-2.1' and
 the BSD license can be found in the file `/usr/share/common-licenses/BSD'.
--- End Message ---
--- Begin Message ---
Source: libspf2
Source-Version: 1.2.5.dfsg-3

We believe that the bug you reported is fixed in the latest version of
libspf2, which is due to be installed in the Debian FTP archive:

libspf2-2_1.2.5.dfsg-3_i386.deb
  to pool/main/libs/libspf2/libspf2-2_1.2.5.dfsg-3_i386.deb
libspf2-dev_1.2.5.dfsg-3_i386.deb
  to pool/main/libs/libspf2/libspf2-dev_1.2.5.dfsg-3_i386.deb
libspf2_1.2.5.dfsg-3.diff.gz
  to pool/main/libs/libspf2/libspf2_1.2.5.dfsg-3.diff.gz
libspf2_1.2.5.dfsg-3.dsc
  to pool/main/libs/libspf2/libspf2_1.2.5.dfsg-3.dsc
spfquery_1.2.5.dfsg-3_i386.deb
  to pool/main/libs/libspf2/spfquery_1.2.5.dfsg-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Magnus Holmgren <[EMAIL PROTECTED]> (supplier of updated libspf2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Wed, 22 Aug 2007 17:13:27 +0200
Source: libspf2
Binary: spfquery libspf2-2 libspf2-dev
Architecture: source i386
Version: 1.2.5.dfsg-3
Distribution: unstable
Urgency: low
Maintainer: Magnus Holmgren <[EMAIL PROTECTED]>
Changed-By: Magnus Holmgren <[EMAIL PROTECTED]>
Description: 
 libspf2-2  - library for validating mail senders with SPF
 libspf2-dev - Header and development libraries for libspf2
 spfquery   - query SPF (Sender Policy Framework) to validate mail senders
Closes: 430414 431239 433047 435139 435140
Changes: 
 libspf2 (1.2.5.dfsg-3) unstable; urgency=low
 .
   * 22_spfquery_fallback_segfault.dpatch: Fix fallback-related segfault in
 spfquery (Closes: #430414). Thanks to Robert Millan.
   * Correct debian/copyright (Closes: #433047). Thanks to Julian Mehnle.
   * A second patch from Robert split into three:
 * 40_permanent_include_errors.dpatch: Make permanent errors in
   processing an include: directive cause the parent evaluation to return
   a permanent error as well (Closes: #435139).
 * 41_none_not_neutral.dpatch: Use a diffent explanat

Bug#439226: CVE-2007-4462: arbitrary files overwriting

2007-08-31 Thread Nicolas François

Hello,

On Fri, Aug 31, 2007 at 05:39:47PM +0200, Moritz Muehlenhoff wrote:
> 
> Which enduser tools use the affected code and which operations trigger the
> vulnerability?
> 
> Given that there's apparently no regularly scheduled execution (e.g. in
> comparison to a server cron job), that the .pm doesn't run with elevated
> privileges, that po4a is exotic and apparently uncommon in a multi user
> environment with shared /tmp I'm for now inclined to consider this not
> grave enough for a DSA. (However, this depends on the information I'm
> asking for)

The vulnerability is a symlink attack which does not involve a race
condition (the link could be installed a long time before).

po4a is a development tool, used as a build dependency for some Debian
packages.  My opinion is that it should not be used by root.

The vulnerability occurs in po4a-gettextize when it is used to import an
existing translation and convert it to a PO file usable for latter
operations by the po4a tools (and by translators).
The file is written in /tmp only if this process fails.
This usage of po4a-gettextize is intended to be interactive (with the user
fixing errors reported by each runs of po4a-gettextize) in the early stage
of building a translation framework.

Thus I don't expect this vulnerability to occur (there should be no erros
and the file should not be written) in a build system or to be triggered
by admins using "make && make install" as root with a non malicious
software.

If eventually this results in overwriting a file, this file will be a PO
file.
This will result in a DOS if /etc/shadow is overwritten. I don't expect
any line matching a valid shadow entry (i.e. the first field will contain
a space or will start with " or #).

Kind Regards,
-- 
Nekral

-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: depends on non-essential package ucf in postrm

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> package localepurge
Ignoring bugs not assigned to: localepurge

> tags 431522 + patch
Bug#431522: depends on non-essential package ucf in postrm
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#431522: depends on non-essential package ucf in postrm

2007-08-31 Thread Frank S. Thomas

package localepurge
tags 431522 + patch
thanks

Hello,

To fix this the ucf call must be masked by a test that checks for the 
existence of /usr/bin/ucf. The attached patch does exactly this. It 
additionally prints a warning that ucf could not be found if it is 
unavailable during purge.

Grüße,
Frank
diff -Naur localepurge-0.5.9.bak/debian/postrm localepurge-0.5.9/debian/postrm
--- localepurge-0.5.9.bak/debian/postrm	2007-08-31 17:56:48.0 +0200
+++ localepurge-0.5.9/debian/postrm	2007-08-31 19:10:52.0 +0200
@@ -7,7 +7,11 @@
 db_purge
 rm -rf /var/cache/localepurge
 rm -f /etc/locale.nopurge
-/usr/bin/ucf --purge /etc/locale.nopurge
+if [ -x /usr/bin/ucf ]; then
+/usr/bin/ucf --purge /etc/locale.nopurge
+else
+echo >&2 "/etc/locale.nopurge could not be purged because ucf was not found."
+fi
 rm -f /etc/locale.nopurge.md5sum
 
 echo


signature.asc
Description: This is a digitally signed message part.

Bug#440137: Fwd: cultivation: movement with the mouse is broken

2007-08-31 Thread Miriam Ruiz

From: Jason Rohrer <[EMAIL PROTECTED]>
Date: 31-ago-2007 19:59
Subject: Re: cultivation: movement with the mouse is broken
To: Miriam Ruiz <[EMAIL PROTECTED]>

I can't reproduce it on my end (ubuntu edgy, my build from source).

However, I do recall seeing that once or twice while testing... but I think
that resizing the window or maybe quitting and restarting the game fixed the
problem.  I don't recall.  In any event, it didn't seem like a serious
problem, so unfortunately, I never looked into it.  Now I wish I had.

Just tried it on another machine here (faster graphics card, Ubuntu Feisty,
fresh build from cultivation v8 source).  Cannot reproduce.

It has something to do with coordinate translation between mouse and world
coords.  Maybe different graphics cards (or different X servers) feed mouse
coords into GLUT windows differenly.  Can you ask the bug reporter (or those
who can reproduce it) to see if resizing or repositioning the window
helps?  Also, is it consistent (always happens on the problem machines)?  Or
is it something that goes away after restarting Cultivation?

Also, the fact that the button clicks still work makes me suspicious that
it's something in my code...  please keep me posted.  I hope we can fix this
soon.

Jason

On Thu, 30 Aug 2007 10:22:13 +0200
"Miriam Ruiz" <[EMAIL PROTECTED]> wrote:

> Hi Jason!
>
> I've packaged the latest version of Cultivation for Debian, but I'm
getting
> a strange bug report ( http://bugs.debian.org/440137 )
>
> I'll try to look at it carefullier later, but just wanted to ask if you
> might know anything about it.
>
> Thanks!! :)
>
> Miry

Bug#440333: padevchooser: fails to start

2007-08-31 Thread CJ van den Berg

On Fri, Aug 31, 2007 at 09:06:58AM -0700, Bardia Behabadi wrote:
> ** (padevchooser:2470): WARNING **: pa_browser_new() failed.

That means that the avahi daemon is not running, which is required by all
libpulse-browse0 applications. I guess libpulse-browse0 should really depend
on on avahi-daemon. I will add a dependency.

Please confirm that "aptitude install avahi-daemon" solves the problem for
you.

Thanks.

-- 
CJ van den Berg

mailto:[EMAIL PROTECTED]
  xmpp:[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440137: Cultivation and mouse

2007-08-31 Thread Miriam Ruiz

It seems to be related with whatever library that might have changed in
Debian, because using version 7 results in the same mouse errors than the 8
now.

Dunno if it might be a bug somewhere, or a bug thas has been corrected in
some library.

Miry

Bug#367731: Patch prepared

2007-08-31 Thread Benjamin Mesing

tag 367731 +patch
thanks

I have prepared a patch. I did not encounter any problems, the patch
seems straigtforward to me.

The only problem I was able to detect is, that when updating iptotal an
error is reported:

dpkg -i iptotal_0.3.3-6.1_amd64.deb
(Reading database ... 156305 files and directories currently installed.)
Preparing to replace iptotal 0.3.3-6 (using 
iptotal_0.3.3-6.1_amd64.deb) ...
Stopping iptotal: iptotal.
Unpacking replacement iptotal ...
postrm called with unknown argument `upgrade'
dpkg: warning - old post-removal script returned error exit status 1
dpkg - trying script from the new package instead ...
dpkg: ... it looks like that went OK.
Setting up iptotal (0.3.3-6.1) ...
Starting iptotal: iptotal.

However, the error is non-fatal (actually I believe it is not really a
problem, just a missing empty case-block in the postrm script) and the
recovery mechanism works just fine. Also, it is not caused by the patch
but is in the current code base. Since it is not critical, I refrained
from fixing it.

If you see any problems with the patch, please let me know. Otherwise
you could prepare a new upload based on the fix or I could ask my AM to
sponsor an NMU.

Regards Ben
diff -ur iptotal-debian-orig/debian/postinst iptotal-0.3.3/debian/postinst
--- iptotal-debian-orig/debian/postinst	2007-08-28 19:16:35.0 +0200
+++ iptotal-0.3.3/debian/postinst	2007-08-28 18:46:42.0 +0200
@@ -20,8 +20,11 @@
 case "$1" in
 configure)
 update-rc.d iptotal defaults >/dev/null
-/etc/init.d/iptotal start
-
+if which invoke-rc.d >/dev/null 2>&1; then
+ invoke-rc.d iptotal start
+else
+/etc/init.d/iptotal start
+fi
 ;;
 
 abort-upgrade|abort-remove|abort-deconfigure)
diff -ur iptotal-debian-orig/debian/prerm iptotal-0.3.3/debian/prerm
--- iptotal-debian-orig/debian/prerm	2007-08-28 19:16:35.0 +0200
+++ iptotal-0.3.3/debian/prerm	2007-08-28 18:45:41.0 +0200
@@ -19,7 +19,11 @@
 
 case "$1" in
 remove|upgrade|deconfigure)
-	/etc/init.d/iptotal stop
+if which invoke-rc.d >/dev/null 2>&1; then
+ invoke-rc.d iptotal stop
+else
+/etc/init.d/iptotal stop
+fi
 ;;
 failed-upgrade)
 ;;

Processed: Patch prepared

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> tag 367731 +patch
Bug#367731: iptotal: must use invoke-rc.d
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#434948: marked as done (wise: FTBFS (ia64, hppa): ps2pdf failure)

2007-08-31 Thread Debian Bug Tracking System

Your message dated Fri, 31 Aug 2007 21:11:49 +0200
with message-id <[EMAIL PROTECTED]>
and subject line bug fixed
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: wise
Version: 2.4.0-1
Severity: serious
Justification: no longer builds from source

>From 
>http://buildd.debian.org/fetch.cgi?&pkg=wise&ver=2.4.0-1&arch=ia64&stamp=1185436921&file=log:

[snip]
cd docs && dvips wise2.dvi
This is dvips(k) 5.96.1 Copyright 2007 Radical Eye Software (www.radicaleye.com)
' TeX output 2007.07.26:0801' -> wise2.ps


. 







[1] [2] [3] [4] 
[5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20
<./genewise21.eps>] [21] [22] [23] [24<./genewise6.eps>] [25] [26] [27] [28] 
[29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] [40] [41] [42] [43] 
[44] 
cd docs && ps2pdf wise2.ps
/bin/sh: line 1:  8993 Bus error   ps2pdf wise2.ps
make: *** [build-stamp] Error 135
[snip]

I'm guessing this is due to #428876.

--- End Message ---
--- Begin Message ---

Source: wise
Source-Version: 2.4.0-3

The last workaround for this bug seems to work. I therefore close this
bug.

-- 
Philipp Benner
--- End Message ---

Bug#440100: CVE-2007-4558: Directory traversal vulnerability

2007-08-31 Thread Pawel Wiecek

On Aug 31,  2:23pm, Nico Golde wrote:
> this. The attached patch fixes the issue. I edited the=20

Obviously you're talking about the patch you *didn't* attach, yes?

Pawel

-- 
 (___)  | Pawel Wiecek - Coven / Svart - |
< o o > |  http://www.coven.vmh.net/<[EMAIL PROTECTED]>GSM: 
+48603240006 |
 \ ^ /  | GPG/PGP info in message headers  *  [ Debian GNU/Linux developer ] |
  (")   |   Love cannot be much younger than the lust for murder.   -- Freud |


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: your mail

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 440351 serious
Bug#440351: finch: overwriting libgnt from gaim
Severity set to `serious' from `normal'

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: unblock bug

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> unblock 434948 by 428876 435229
Bug#428876: gs-common: Bus error
Bug#435229: gs-common: ps2pdf segfaults on s390
Bug#434948: wise: FTBFS (ia64, hppa): ps2pdf failure
Was blocked by: 428876 435229
Blocking bugs of 434948 removed: 428876, 435229, 435229, 428876

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#436681: backuppc: Web interface password publicly visible

2007-08-31 Thread Frans Pop

On Monday 27 August 2007, Ludovic Drolez wrote:
> I've just added a new db_subst with an empty value in the postinst. It
> should fix the problem. (db_subst "backuppc/configuration-note" "pass"
> "")

I've taken a look at the code and IMO you should also db_reset the variable 
immediately after the the db_go in backuppc.config. That seems by far the 
most natural place to do it and ensures the password is visible only for 
the shortest time possible.

Note that the db_reset in the postinst is still needed to reset values for 
existing installations on upgrade, but that could then be dropped after 
lenny has been released.

Are you also planning to fix this issue for stable? IMO it should be.

Cheers,
FJP

signature.asc
Description: This is a digitally signed message part.

Processed: downgrade

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 438702 important
Bug#438702: chan_zap.so: crashes Asterisk when hanging up
Severity set to `important' from `serious'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440333: padevchooser: fails to start

2007-08-31 Thread Bardia Fallah Behabadi

I confirm that "aptitude install avahi-daemon" solves the problem for me.
Thanks!

On Fri, Aug 31, 2007 at 08:04:42PM +0200, CJ van den Berg wrote:
> On Fri, Aug 31, 2007 at 09:06:58AM -0700, Bardia Behabadi wrote:
> > ** (padevchooser:2470): WARNING **: pa_browser_new() failed.
> 
> That means that the avahi daemon is not running, which is required by all
> libpulse-browse0 applications. I guess libpulse-browse0 should really depend
> on on avahi-daemon. I will add a dependency.
> 
> Please confirm that "aptitude install avahi-daemon" solves the problem for
> you.
> 
> Thanks.
> 
> -- 
> CJ van den Berg
> 
> mailto:[EMAIL PROTECTED]
>   xmpp:[EMAIL PROTECTED]
> 


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed (with 1 errors): severity of 440137 is minor from _8.20070809.dfsg1-2

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 440137 minor
Bug#440137: cultivation: movement with the mouse is broken
Severity set to `minor' from `grave'

> end
Unknown command or malformed arguments to command.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440137: severity of 440137 is minor from _8.20070809.dfsg1-2

2007-08-31 Thread Miriam Ruiz

severity 440137 minor
end

Bug#431382: reopen 431382

2007-08-31 Thread Steve Langasek

severity 431382 minor
thanks

On Fri, Aug 31, 2007 at 03:23:49PM +0100, Daniel Glassey wrote:
> reopened wrong bug with last email

> Sorry for the trouble, I should have got to that much sooner, no excuses.

> The bug was in pango-graphite not silgraphite. I'm going to upload a
> new upstream version (2.2.1) of silgraphite and this will include
> removing the patches. Once that hits the archive I'll upload a new
> release of pango-graphite (0.9.2) that knows where the headers are. So
> I'm reopening this bug until the new pango-graphite comes.

The original bug report was about a build failure which no longer occurs.
I don't quite understand what it is you think needs to change here, but this
is no longer an RC bug regardless; reducing the severity.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: reopen 431382

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 431382 minor
Bug#431382: [pango-graphite] broken B-D: libgraphite-dev
Severity set to `minor' from `serious'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: [pango-graphite] broken B-D: libgraphite-dev

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 431382 serious
Bug#431382: [pango-graphite] broken B-D: libgraphite-dev
Severity set to `serious' from `minor'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#294520: Cannot reproduce the problem

2007-08-31 Thread Samuel Thibault

Hi,

Otavio Salvador, le Fri 31 Aug 2007 09:16:02 -0300, a écrit :
> Can you try to make it to fail properly?

I'm in the train so I couldn't download version 1.8 of parted with its
test engine, but the attached program fails without the patch.

Samuel
// cc -std=c99 test.c -lparted -o test

//#include 
#include 

//#include 

#include 

//#include "common.h"
#define  fail_if(expr, fmt, ...) if (expr) fprintf(stderr,fmt,##__VA_ARGS__)

static char* temporary_disk = "testpart";

#if 0
static void
create_disk (void)
{
temporary_disk = _create_disk (20);
fail_if (temporary_disk == NULL, "Failed to create temporary disk");
}

static void
destroy_disk (void)
{
unlink (temporary_disk);
free (temporary_disk);
}
#endif

/* TEST: Create a disklabel on a simple disk image */
void START_TEST (void)
{
PedDevice* dev = ped_device_get (temporary_disk);
if (dev == NULL)
return;

PedDiskType* type;
PedDisk* disk;
PedDisk* disk_dup;
PedPartition *part;
PedPartition *part_dup;
PedConstraint *constraint;

//disk = _create_disk_label (dev, ped_disk_type_get ("msdos"));
disk = ped_disk_new_fresh (dev, ped_disk_type_get ("msdos"));

constraint = ped_constraint_any (dev);

/* Primary partition from 16,4kB to 15MB */
part = ped_partition_new (disk, PED_PARTITION_EXTENDED,
  NULL,
  32, 29311);
ped_disk_add_partition (disk, part, constraint);

/* Logical partition from 10MB to 15MB */
part = ped_partition_new (disk, PED_PARTITION_LOGICAL,
  
ped_file_system_type_get ("ext2"),
  19584, 29311);
ped_disk_add_partition (disk, part, constraint);

/* Logical partition from 16,4kB to 4981kB */
part = ped_partition_new (disk, PED_PARTITION_LOGICAL,
  
ped_file_system_type_get ("ext2"),
  32, 9727);
ped_disk_add_partition (disk, part, constraint);

ped_disk_commit (disk);

ped_constraint_destroy (constraint);

disk_dup = ped_disk_duplicate (disk);

/* Checks if all partitions match */
#define compar(i) \
part = ped_disk_get_partition (disk, i); \
part_dup = ped_disk_get_partition (disk_dup, i); \
\
fail_if (part->num != part_dup->num || \
 part->geom.start != 
part_dup->geom.start || \
 part->geom.end != part_dup->geom.end, \
 "Duplicated partition %d/%d/%d doesn't 
match. " \
 "Details are start: %lld/%lld end: 
%lld/%lld\n", \
 i, part->num, part_dup->num, 
part->geom.start, part_dup->geom.start, \
 part->geom.end, part_dup->geom.end);
compar(1);
compar(5);
compar(6);

ped_disk_destroy (disk);
ped_device_destroy (dev);
}
//END_TEST

int
main (void)
{
system("dd < /dev/zero > testpart bs=1024 seek=2 count=1");
START_TEST();
#if 0
int number_failed;
Suite* suite = suite_create ("Disk");
TCase* tcase_duplicate = tcase_create ("Duplicate");

/* Fail when an exception is raised */
ped_exception_set_handler (_test_exception_handler);

//tcase_add_checked_fixture (tcase_duplicate, create_disk, 
destroy_disk);
tcase_add_test (tcase_duplicate, test_duplicate);
/* Disable timeout for this test */
tcase_set_timeout (tcase_duplicate, 0);
suite_add_tcase (suite, tcase_duplicate);

SRunner* srunner = srunner_create (suite);
srunner_run_all (srunner, CK_VERBOSE);

number_failed = srunner_ntests_failed (srunner);
srunner_free (srunner);

return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
#endif
}

Bug#433038: libapache2-mod-python: mod_python collides with mod_php5,? rendering psp ususuable without proper error messages

2007-08-31 Thread Robert Edmonds

Gunter Ohrner wrote:
> My php related packages:

I'm suspicious of the xml/expat libraries and the python/php modules.
try achieving an apache process that doesn't load libxml2 or libexpat.
I think you'll need to remove the php5-gd, php5-imagick, php5-xmlrpc,
and php5-xsl modules.

also, do you have any python extension modules installed?

-- 
Robert Edmonds
[EMAIL PROTECTED]


signature.asc
Description: Digital signature

Bug#427406: Removing /usr/share/pixmaps/hicolor/ solves the problem

2007-08-31 Thread Sven Arvidsson

On Thu, 2007-08-30 at 23:08 +0200, Guilhem Bonnefille wrote:
> On 8/30/07, Claudius Hubig <[EMAIL PROTECTED]> wrote:
> > Sven Arvidsson <[EMAIL PROTECTED]> wrote:
> > >You didn't happen to save those files? If you didn't, do you know what
> > >icons were in there?
> >
> > Not really - I checked wether or not any installed .deb had files in
> > there (which was not the case) and had a look
> > in /usr/share/pixmaps/hicolor/ what contained the following:
> >
> > 16x16/
> > 48x48/
> > icon-theme.cache
> > 32x32/
> > autopackage-installer.png
> > scalable/
> >
> > I'm sorry I didn't saved the files in there, but since they didn't
> > belong to any installed package and I don't have non-debian-packages
> > installed on my system anymore, I thought they were just crap still
> > existing due to experiments in former days/whatever.
> 
> I had the same problem. File are quite old (2006) for me. I imagine it
> was a previous installation of the hicolor-icon-theme package.
> Probably a erroneous upgrade procedure after a directory switch.

I was mostly interested in easily reproducing the bug. I will give it a
shot later (trying to create an invalid cache file
in /usr/share/pixmaps/hicolor) and see what happens. Either way I will
probably forward this bug to the upstream developers.

-- 
Cheers,
Sven Arvidsson
http://www.whiz.se
PGP Key ID 760BDD22


signature.asc
Description: This is a digitally signed message part

Bug#294520: Cannot reproduce the problem

2007-08-31 Thread Otavio Salvador

Samuel Thibault <[EMAIL PROTECTED]> writes:

> Hi,
>
> Otavio Salvador, le Fri 31 Aug 2007 09:16:02 -0300, a écrit :
>> Can you try to make it to fail properly?
>
> I'm in the train so I couldn't download version 1.8 of parted with its
> test engine, but the attached program fails without the patch.

Right. Thanks! I got my fault and solved it properly. I'm commiting it
now :-)

-- 
O T A V I OS A L V A D O R
-
 E-mail: [EMAIL PROTECTED]  UIN: 5906116
 GNU/Linux User: 239058 GPG ID: 49A5F855
 Home Page: http://otavio.ossystems.com.br
-
"Microsoft sells you Windows ... Linux gives
 you the whole house."

Processed: breaks debootstrap on ia64, d-i release blocker

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> severity 439607 grave
Bug#439607: Priority should not be important
Severity set to `grave' from `normal'

> tag 439607 d-i
Bug#439607: Priority should not be important
There were no tags set.
Tags added: d-i

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: tagging bugs that are closed by packages in NEW as pending

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> # the following bugs are closed by packages in NEW
> #
> tags 439196 pending
Bug#439196: linphone-nox: nox client fails to start
There were no tags set.
Bug#439437: linphone: error while loading shared libraries: libosipparser2.so.3
Tags added: pending

> tags 439600 pending
Bug#439600: libosip2-3: package-name-doesnt-match-sonames libosip2-2
There were no tags set.
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#439607: FWD: breaks debootstrap on ia64, d-i release blocker

2007-08-31 Thread Joey Hess

Breaks it on all arches, actually, I only noticed ia64 1st..

-- 
see shy jo


signature.asc
Description: Digital signature

Bug#440160: sysklogd uses /var/log/mail.log .err .info instead of /var/log/mail/mail.log .err .info

2007-08-31 Thread Adam D. Barratt

Hi,

On Thu, 2007-08-30 at 12:30 +0200, [EMAIL PROTECTED] wrote:
[...]
> I don't really know if it is new sendmail config, proftpd config  or new 
> sylogd config, but many of my log files have been deactivated and replaced by 
> others in others
> places, it's really annoying, because many other tools pointing to the past 
> paths can't anymore find their childrens, for example, logcheck, logrotate, 
> fail2ban
> 
> all mail related logs are now written in /var/log/mail.log mail.err mail.warn 
> and mail.info instead of being all written in the directory /var/log/mail/ as 
> it has always
> been...

Unless you modified your syslog config to move them, they've always been
in /var/log/mail.* :

sysklogd (1.3-15) unstable; urgency=low

  * Added /var/log/mail.log as a logfile
  * Corrected Description field (Bug#7624)
  * Added read statement in postinst script (Bug#8243)

 -- Martin Schulze <[EMAIL PROTECTED]>  Wed, 26 Mar 1997 13:32:24 +0100

The oldest Debain system I have easy access to is woody (well, the
chroot is :-) and syslog.conf in that points to /var/log/mail.log with
no mention of /var/log/mail/*

Regards,

Adam


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#439984: marked as done (libpam0g: Bad item passed to pam_*_item())

2007-08-31 Thread Debian Bug Tracking System

Your message dated Sat, 01 Sep 2007 01:47:13 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#439984: fixed in pam 0.99.7.1-4
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libpam0g
Version: 0.99.7.1-2
Severity: grave
Justification: renders package unusable


Can not login into linux console, getting:

Bad item passed to pam_*_item()

Reboot the linux don't help.


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)
Shell: /bin/sh linked to /bin/bash

Versions of packages libpam0g depends on:
ii  libc6 2.6.1-1+b1 GNU C Library: Shared libraries
ii  libpam-runtime0.99.7.1-2 Runtime support for the PAM librar

libpam0g recommends no packages.

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: pam
Source-Version: 0.99.7.1-4

We believe that the bug you reported is fixed in the latest version of
pam, which is due to be installed in the Debian FTP archive:

libpam-cracklib_0.99.7.1-4_amd64.deb
  to pool/main/p/pam/libpam-cracklib_0.99.7.1-4_amd64.deb
libpam-cracklib_0.99.7.1-4_i386.deb
  to pool/main/p/pam/libpam-cracklib_0.99.7.1-4_i386.deb
libpam-doc_0.99.7.1-4_all.deb
  to pool/main/p/pam/libpam-doc_0.99.7.1-4_all.deb
libpam-modules_0.99.7.1-4_amd64.deb
  to pool/main/p/pam/libpam-modules_0.99.7.1-4_amd64.deb
libpam-modules_0.99.7.1-4_i386.deb
  to pool/main/p/pam/libpam-modules_0.99.7.1-4_i386.deb
libpam-runtime_0.99.7.1-4_all.deb
  to pool/main/p/pam/libpam-runtime_0.99.7.1-4_all.deb
libpam0g-dev_0.99.7.1-4_amd64.deb
  to pool/main/p/pam/libpam0g-dev_0.99.7.1-4_amd64.deb
libpam0g-dev_0.99.7.1-4_i386.deb
  to pool/main/p/pam/libpam0g-dev_0.99.7.1-4_i386.deb
libpam0g_0.99.7.1-4_amd64.deb
  to pool/main/p/pam/libpam0g_0.99.7.1-4_amd64.deb
libpam0g_0.99.7.1-4_i386.deb
  to pool/main/p/pam/libpam0g_0.99.7.1-4_i386.deb
pam_0.99.7.1-4.diff.gz
  to pool/main/p/pam/pam_0.99.7.1-4.diff.gz
pam_0.99.7.1-4.dsc
  to pool/main/p/pam/pam_0.99.7.1-4.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steve Langasek <[EMAIL PROTECTED]> (supplier of updated pam package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Fri, 31 Aug 2007 17:11:05 -0700
Source: pam
Binary: libpam0g-dev libpam0g libpam-modules libpam-doc libpam-runtime 
libpam-cracklib
Architecture: source amd64 all i386
Version: 0.99.7.1-4
Distribution: unstable
Urgency: low
Maintainer: Steve Langasek <[EMAIL PROTECTED]>
Changed-By: Steve Langasek <[EMAIL PROTECTED]>
Description: 
 libpam-doc - Documentation of PAM
 libpam-runtime - Runtime support for the PAM library
 libpam-cracklib - PAM module to enable cracklib support
 libpam-modules - Pluggable Authentication Modules for PAM
 libpam0g   - Pluggable Authentication Modules library
 libpam0g-dev - Development files for PAM
Closes: 389197 439984 440019 440074 440355 440362 440368
Changes: 
 pam (0.99.7.1-4) unstable; urgency=low
 .
   * libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted
 to fix the library skew, only reloaded; special-case this daemon in the
 postinst and remove the mention of it from the debconf template, also
 tightening the language of the debconf template in the process.
 Closes: #440074.
   * Add courier-authdaemon to the list of services that need to be
 restarted; thanks to Micah Anderson for reporting.
   * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over
 garbage lines in /etc/environment and log an error, instead of failing
 with an obscure error; and ignore any PAM_BAD_ITEM values returned
 by pam_putenv(), since this is the expected error return when trying
 to delete a non-existent var.  Closes: #439984.
   * Yet another thinko in hurd_no_setfsuid and in
 029_pam_limits_capabilities; this code should really be Hurd-safe at
 last...
   * getline() returns -

Bug#440100: CVE-2007-4558: Directory traversal vulnerability

2007-08-31 Thread Nico Golde

Hi,
* Pawel Wiecek <[EMAIL PROTECTED]> [2007-09-01 04:00]:
> On Aug 31,  2:23pm, Nico Golde wrote:
> > this. The attached patch fixes the issue. I edited the=20
> 
> Obviously you're talking about the patch you *didn't* attach, yes?

Thanks!
Attached.
Kind regards
Nico
-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -Nurad star-1.5a67~/debian/changelog star-1.5a67/debian/changelog
--- star-1.5a67~/debian/changelog	2007-08-31 14:15:51.0 +0200
+++ star-1.5a67/debian/changelog	2007-08-31 14:18:28.0 +0200
@@ -1,3 +1,11 @@
+star (1.5a67-1.1) unstable; urgency=high
+
+  * Non-maintainer upload by testing security team.
+  * Fix directory traversal vulnerability in extract.c
+(CVE-2007-4134) (Closes: #440100).
+
+ -- Nico Golde <[EMAIL PROTECTED]>  Fri, 31 Aug 2007 14:17:39 +0200
+
 star (1.5a67-1) unstable; urgency=low
 
   * New upstream version
diff -Nurad star-1.5a67~/star/extract.c star-1.5a67/star/extract.c
--- star-1.5a67~/star/extract.c	2007-08-31 14:15:51.0 +0200
+++ star-1.5a67/star/extract.c	2007-08-31 14:17:29.0 +0200
@@ -1643,6 +1643,8 @@
 return (FALSE);
 		} while (*p != '/');
 		p++;
+		while (*p == '/') /* Skip multiple slashes */
+			p++;
 	}
 	return (FALSE);
 }


pgpV028ypKUYb.pgp
Description: PGP signature

Processed: tagging 417121

2007-08-31 Thread Debian Bug Tracking System

Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.7
> tags 417121 - moreinfo
Bug#417121: pcmciautils: Data Corruption while using Texas Instrument PCI7420   
--CardBus
Tags were: moreinfo
Tags removed: moreinfo

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#394403: Why?

2007-08-31 Thread Kartik Mistry

Hi,

I am wondering why this bug is not fixed? Fixed is available for
Ubuntu (along with other Important bug..)

My kid will love to see ktoon ;)

-- 
Cheers,
---
Kartik Mistry  || GPG: 0xD1028C8D || IRC: kart_
kartikmistry.org/blog || kartikm.wordpress.com
--


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

82 matches

Mail list logo