Bug#450644: wpasupplicant: segfaults after a few seconds
On Thu, Nov 08, 2007 at 08:15:32PM +0100, Albert Dengg wrote: Package: wpasupplicant Version: 0.6.0-4 Severity: grave Justification: renders package unusable hi since a few days (i cannont pinpoint it better since i haven't used it for some time), wpa_supplicant segafaults a few seconds after it was started when i try to connect to my wpa2 secured wlan. I don't know if anybody pointed you to the merged bugs yet, but there are fixed packages available at: http://people.debian.org/~kroeckx/ Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#450629: CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 multiple vulnerabilities leading to arbitrary code execution
Processing commands for [EMAIL PROTECTED]: tags 450629 + patch Bug#450629: CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 multiple vulnerabilities leading to arbitrary code execution Tags were: security Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450629: CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 multiple vulnerabilities leading to arbitrary code execution
tags 450629 + patch
thanks
Hi,
Hamish asked me to do an NMU. Attached is the patch for
this. It will be also archived on:
http://people.debian.org/~nion/nmu-diff/xpdf-3.02-1.2_3.02-1.3.patch
I will upload this as soon as ftp-master is back.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u xpdf-3.02/debian/changelog xpdf-3.02/debian/changelog
--- xpdf-3.02/debian/changelog
+++ xpdf-3.02/debian/changelog
@@ -1,3 +1,17 @@
+xpdf (3.02-1.3) unstable; urgency=high
+
+ * Non-maintainer upload by testing security team.
+ * Included fix-CVE-2007-5393_2007-5392_2007-4352.dpatch to address the
+following security issues (Closes: #450629)
+- CVE-2007-5393 buffer overflow in the CCITTFaxStream::lookChar leading
+ to arbitrary code execution via a crafted pdf file.
+- CVE-2007-5392 integer overflow in the DCTStream::reset resulting in a
+ heap based buffer overflow allows code execution.
+- CVE-2007-4352 array index error in DCTStream::readProgressiveDataUnit
+ leads to memory corruption and possibly arbitrary code execution.
+
+ -- Nico Golde [EMAIL PROTECTED] Fri, 09 Nov 2007 09:22:19 +0100
+
xpdf (3.02-1.2) unstable; urgency=high
* Non-maintainer upload by testing security team.
diff -u xpdf-3.02/debian/patches/00list xpdf-3.02/debian/patches/00list
--- xpdf-3.02/debian/patches/00list
+++ xpdf-3.02/debian/patches/00list
@@ -21,0 +22,3 @@
+
+# Fix CVE-2007-5393, CVE-2007-5392, CVE-2007-4352
+fix-CVE-2007-5393_2007-5392_2007-4352.dpatch
only in patch2:
unchanged:
--- xpdf-3.02.orig/debian/patches/fix-CVE-2007-5393_2007-5392_2007-4352.dpatch
+++ xpdf-3.02/debian/patches/fix-CVE-2007-5393_2007-5392_2007-4352.dpatch
@@ -0,0 +1,652 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## fix-CVE-2007-5393_2007-5392_2007-4352.dpatch by Nico Golde [EMAIL PROTECTED]
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad xpdf-3.02~/xpdf/Stream.cc xpdf-3.02/xpdf/Stream.cc
+--- xpdf-3.02~/xpdf/Stream.cc 2007-02-27 23:05:52.0 +0100
xpdf-3.02/xpdf/Stream.cc 2007-11-09 09:20:09.0 +0100
+@@ -1245,23 +1245,26 @@
+ columns = columnsA;
+ if (columns 1) {
+ columns = 1;
+- }
+- if (columns + 4 = 0) {
+-columns = INT_MAX - 4;
++ } else if (columns INT_MAX - 2) {
++columns = INT_MAX - 2;
+ }
+ rows = rowsA;
+ endOfBlock = endOfBlockA;
+ black = blackA;
+- refLine = (short *)gmallocn(columns + 3, sizeof(short));
+- codingLine = (short *)gmallocn(columns + 2, sizeof(short));
++ // 0 = codingLine[0] codingLine[1] ... codingLine[n] = columns
++ // --- max codingLine size = columns + 1
++ // refLine has one extra guard entry at the end
++ // --- max refLine size = columns + 2
++ codingLine = (int *)gmallocn(columns + 1, sizeof(int));
++ refLine = (int *)gmallocn(columns + 2, sizeof(int));
+
+ eof = gFalse;
+ row = 0;
+ nextLine2D = encoding 0;
+ inputBits = 0;
+- codingLine[0] = 0;
+- codingLine[1] = refLine[2] = columns;
+- a0 = 1;
++ codingLine[0] = columns;
++ a0i = 0;
++ outputBits = 0;
+
+ buf = EOF;
+ }
+@@ -1280,9 +1283,9 @@
+ row = 0;
+ nextLine2D = encoding 0;
+ inputBits = 0;
+- codingLine[0] = 0;
+- codingLine[1] = columns;
+- a0 = 1;
++ codingLine[0] = columns;
++ a0i = 0;
++ outputBits = 0;
+ buf = EOF;
+
+ // skip any initial zero bits and end-of-line marker, and get the 2D
+@@ -1299,211 +1302,230 @@
+ }
+ }
+
++inline void CCITTFaxStream::addPixels(int a1, int blackPixels) {
++ if (a1 codingLine[a0i]) {
++if (a1 columns) {
++ error(getPos(), CCITTFax row is wrong length (%d), a1);
++ err = gTrue;
++ a1 = columns;
++}
++if ((a0i 1) ^ blackPixels) {
++ ++a0i;
++}
++codingLine[a0i] = a1;
++ }
++}
++
++inline void CCITTFaxStream::addPixelsNeg(int a1, int blackPixels) {
++ if (a1 codingLine[a0i]) {
++if (a1 columns) {
++ error(getPos(), CCITTFax row is wrong length (%d), a1);
++ err = gTrue;
++ a1 = columns;
++}
++if ((a0i 1) ^ blackPixels) {
++ ++a0i;
++}
++codingLine[a0i] = a1;
++ } else if (a1 codingLine[a0i]) {
++if (a1 0) {
++ error(getPos(), Invalid CCITTFax code);
++ err = gTrue;
++ a1 = 0;
++}
++while (a0i 0 a1 = codingLine[a0i - 1]) {
++ --a0i;
++}
++codingLine[a0i] = a1;
++ }
++}
++
+ int CCITTFaxStream::lookChar() {
+ short code1, code2, code3;
+- int a0New;
+- GBool err, gotEOL;
+- int ret;
+- int bits, i;
++ int b1i, blackPixels, i, bits;
++ GBool gotEOL;
+
+- // if at eof just return EOF
+- if (eof codingLine[a0] = columns) {
+-return EOF;
++ if (buf != EOF) {
++return buf;
+ }
+
+ // read the next row
+- err = gFalse;
+- if (codingLine[a0] = columns) {
++ if (outputBits == 0) {
++
++// if at eof just return EOF
++if
Bug#450696: phpbb3: login to admin control panel fails for fresh install
Package: phpbb3 Version: 3.0.0~RC7-1 Severity: grave Justification: renders package unusable After installing the package, I was following the instructions in README.Debian. I logged in as Admin, and clicked on 'Administrator Control Panel' and it asked me to type in my password again. I get: General Error You need to enter your password to access the Administration Control Panel. I tried to find a fix for this by searching with Google and found this problem reported several times, but the only fix I could find was to update to RC7 style templates. I checked that the specific part of the login template that needed to be fixed for this was already up to RC7 specification (as was expected since I have just installed RC7 with no prior phpbb installation present, and have not added any styles or anything). I have not yet changed any configuration settings, having been unable to. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (990, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.21-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages phpbb3 depends on: ii apache2 2.2.6-2Next generation, scalable, extenda ii apache2-mpm-prefork [httpd] 2.2.6-2Traditional model for Apache HTTPD ii dbconfig-common 1.8.36 common framework for packaging dat ii debconf [debconf-2.0] 1.5.16 Debian configuration management sy ii libapache2-mod-php5 5.2.4-2server-side, HTML-embedded scripti ii mysql-client-5.0 [mysql-clien 5.0.45-1 MySQL database client binaries ii php5-mysql5.2.4-2MySQL module for php5 Versions of packages phpbb3 recommends: ii php5-gd 5.2.4-2GD module for php5 ii php5-imagick 2.0.0a2-1 ImageMagick module for php5 ii postfix [mail-transport-agent 2.4.6-1High-performance mail transport ag -- debconf information: * phpbb3/database-type: mysql phpbb3/mysql/admin-user: root phpbb3/remote/host: phpbb3/db/basepath: * phpbb3/httpd: apache2 phpbb3/db/app-user: phpbb3 phpbb3/remove-error: abort phpbb3/dbconfig-reinstall: false phpbb3/db/dbname: phpbb3 phpbb3/install-error: abort phpbb3/upgrade-backup: true phpbb3/dbconfig-upgrade: true phpbb3/purge: false * phpbb3/dbconfig-install: true phpbb3/mysql/method: unix socket phpbb3/missing-db-package-error: abort phpbb3/pgsql/changeconf: false phpbb3/remote/newhost: phpbb3/pgsql/manualconf: phpbb3/dbconfig-remove: phpbb3/internal/reconfiguring: false phpbb3/internal/skip-preseed: false phpbb3/pgsql/authmethod-user: phpbb3/upgrade-error: abort phpbb3/pgsql/admin-user: postgres phpbb3/remote/port: phpbb3/pgsql/authmethod-admin: ident phpbb3/pgsql/no-empty-passwords: phpbb3/passwords-do-not-match: phpbb3/pgsql/method: unix socket -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450695: CVE-2007-5395 arbitrary code execution via crafted file
Package: link-grammar
Version: 4.2.2-1
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for link-grammar.
CVE-2007-5395[0]:
| Stack-based buffer overflow in the separate_word function in
| tokenize.c in Link Grammar 4.1b and possibly other versions, as used
| in AbiWord Link Grammar 4.2.4, allows remote attackers to execute
| arbitrary code via a long word, as reachable through the
| separate_sentence function.
A patch for this extracted from upstream CVS is attached.
This is the cvs log for this fix:
RCS file: /cvsroot/link-grammar/link-grammar/tokenize.c,v
Working file: tokenize.c
head: 1.4
branch:
locks: strict
access list:
symbolic names:
link-grammar-4-2-4: 1.3
release-4-2-2: 1.2
release-4-2-1: 1.2
release-4-1-3: 1.1.1.1
release-4-1-1: 1.1.1.1
begin: 1.1.1.1
start: 1.1.1
keyword substitution: kv
total revisions: 5; selected revisions: 1
description:
revision 1.4
date: 2007/10/27 19:03:40; author: dom; state: Exp; lines: +15 -14
Secunia advisory SA27340 and CVE identifier CVE-2007-5395.
The vulnerability is caused due to a boundary error within the
separate_word() function in tokenize.c when processing overly long
words (over 61 bytes). This can be exploited to cause a stack-based
buffer overflow via a specially crafted sentence passed to the
separate_sentence() function.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5395
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u -r1.3 -r1.4
--- link-grammar/tokenize.c 16 Aug 2006 17:07:02 - 1.3
+++ link-grammar/tokenize.c 27 Oct 2007 19:03:40 - 1.4
@@ -172,7 +172,8 @@
used in a sentence.
*/
-
+#undef MIN
+#define MIN(a, b) (((a) (b)) ? (a) : (b))
static int separate_word(Sentence sent, char *w, char *wend, int is_first_word, int quote_found) {
/* w points to a string, wend points to the char one after the end. The
@@ -256,8 +257,8 @@
for (n_r_stripped = 0; n_r_stripped MAX_STRIP; n_r_stripped++) {
- strncpy(word, w, wend-w);
- word[wend-w] = '\0';
+ strncpy(word, w, MIN(wend-w, MAX_WORD));
+ word[MIN(wend-w, MAX_WORD)] = '\0';
if (wend == w) break; /* it will work without this */
if (boolean_dictionary_lookup(sent-dict, word) || is_initials_word(word)) break;
@@ -285,8 +286,8 @@
/* Now we strip off suffixes...w points to the remaining word, wend to the end of the word. */
s_stripped = -1;
-strncpy(word, w, wend-w);
-word[wend-w] = '\0';
+strncpy(word, w, MIN(wend-w, MAX_WORD));
+word[MIN(wend-w, MAX_WORD)] = '\0';
word_is_in_dict=0;
if (boolean_dictionary_lookup(sent-dict, word) || is_initials_word(word)) word_is_in_dict=1;
@@ -309,16 +310,16 @@
if(s_ok==1 || i==s_strippable) {
- strncpy(newword, w, (wend-len)-w);
- newword[(wend-len)-w] = '\0';
+ strncpy(newword, w, MIN((wend-len)-w, MAX_WORD));
+ newword[MIN((wend-len)-w, MAX_WORD)] = '\0';
/* Check if the remainder is in the dictionary; for the no-suffix case, it won't be */
if (boolean_dictionary_lookup(sent-dict, newword)) {
if(verbosity1) if(i s_strippable) printf(Splitting word into two: %s-%s\n, newword, suffix[i]);
s_stripped = i;
wend -= len;
- strncpy(word, w, wend-w);
- word[wend-w] = '\0';
+ strncpy(word, w, MIN(wend-w, MAX_WORD));
+ word[MIN(wend-w, MAX_WORD)] = '\0';
break;
}
@@ -326,17 +327,17 @@
else {
for (j=0; jp_strippable; j++) {
if (strncmp(w, prefix[j], strlen(prefix[j])) == 0) {
- strncpy(newword, w+strlen(prefix[j]), (wend-len)-(w+strlen(prefix[j])));
- newword[(wend-len)-(w+strlen(prefix[j]))]='\0';
+ strncpy(newword, w+strlen(prefix[j]), MIN((wend-len)-(w+strlen(prefix[j])), MAX_WORD));
+ newword[MIN((wend-len)-(w+strlen(prefix[j])), MAX_WORD)]='\0';
if(boolean_dictionary_lookup(sent-dict, newword)) {
if(verbosity1) if(i s_strippable) printf(Splitting word into three: %s-%s-%s\n, prefix[j], newword, suffix[i]);
if (!issue_sentence_word(sent, prefix[j])) return FALSE;
if(i s_strippable) s_stripped = i;
wend -= len;
w += strlen(prefix[j]);
- strncpy(word, w, wend-w);
- word[wend-w] = '\0';
- break;
+ strncpy(word, w, MIN(wend-w, MAX_WORD));
+ word[MIN(wend-w, MAX_WORD)] = '\0';
+ break;
}
}
}
pgpwkuWpPUggW.pgp
Description: PGP signature
Processed: already reported, depsite amd64 and kfreebsd-* affects also arm, s390, ...
Processing commands for [EMAIL PROTECTED]: reassign 450662 libsigc++ Bug#450662: libsigc++0c2: Empty package, no shared library on amd64. Bug reassigned from package `libsigc++0c2' to `libsigc++'. forcemerge 450662 260256 Bug#450662: libsigc++0c2: Empty package, no shared library on amd64. Bug#260256: libsigc++(GNU/k*BSD): FTBFS: out of date libtool scripts Forcibly Merged 260256 450662. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450497: --- resolved.
If I try to start the application it complains about running with Motif and exits right away. However, there is no Motif installed on my system. For some reason, there was indeed original Motif installed on my box in /usr/local/lib in addition to the lesstif version in /usr/lib from the lesstif2 package. After I disabled the Motif lib xmgrace works like a charme. You can close the bug, if you haven't already. Suggestion: A more verbose message on the command line. Something along the lines of /-- To find the offending library execute: ldd `which xmgrace6` | grep 'libXm\.' \- ---(kaimartin)--- -- Kai-Martin Knaak [EMAIL PROTECTED] Universität Hannover, Inst. f. Quantenoptik tel: +49-511-762-2895 Welfengarten 1, 30167 Hannoverfax: +49-511-762-2211 GPG key:http://pgp.mit.edu:11371/pks/lookup?search=Knaak+kmkop=get
Bug#450644: wpasupplicant: segfaults after a few seconds
On Fri, Nov 09, 2007 at 08:47:38AM +0100, Kurt Roeckx wrote: On Thu, Nov 08, 2007 at 08:15:32PM +0100, Albert Dengg wrote: Package: wpasupplicant Version: 0.6.0-4 Severity: grave Justification: renders package unusable hi since a few days (i cannont pinpoint it better since i haven't used it for some time), wpa_supplicant segafaults a few seconds after it was started when i try to connect to my wpa2 secured wlan. I don't know if anybody pointed you to the merged bugs yet, but there are fixed packages available at: http://people.debian.org/~kroeckx/ thx... i retrospective i should have guessed that the problem is within openssl and not wpa_supplicant from the ltrace... yours albert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#419874: amavis-stats also for etch?
Hi Joost, Thanks for fixing this bug in amavis-stats. Since it's a grave bug and the patch is straightforward, do you think you can try to get it in the next etch point release? Thijs
Bug#450497: marked as done (xmgrace6: Failed initializing GUI, exiting)
Your message dated Fri, 9 Nov 2007 14:32:59 +0100 with message-id [EMAIL PROTECTED] and subject line Fwd: Bug#450497: --- resolved. has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: grace6 Version: 5.99.1+dev4-4 Severity: grave Justification: renders package unusable If I try to start the application it complains about running with Motif and exits right away. However, there is no Motif installed on my system. ~$ xmgrace6 The software was built with LessTif, but is running with Motif! We don't support binary Motif/LessTif compatibility. Use a semistatic binary or compile Grace yourself! Failed initializing GUI, exiting ---(kaimartin)--- -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages grace6 depends on: ii defoma0.11.10-0.1Debian Font Manager -- automatic f ii fftw2 2.1.3-20 library for computing Fast Fourier ii gconf22.20.0-1 GNOME configuration database syste ii gsfonts 1:8.11+urwcyr1.0.7~pre41-3 Fonts for the Ghostscript interpre ii lesstif2 1:0.95.0-2.1 OSF/Motif 2.1 implementation relea ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries ii libexpat1 1.95.8-4 XML parsing C library - runtime li ii libice6 2:1.0.4-1 X11 Inter-Client Exchange library ii libjpeg62 6b-14 The Independent JPEG Group's JPEG ii libnetcdf33.6.1-1An interface for scientific data a ii libplot2c22.5-2+b1 The GNU plotutils libraries ii libpng12-01.2.15~beta5-3 PNG library - runtime ii libsm62:1.0.3-1+b1 X11 Session Management library ii libt1-5 5.1.1-1.1 Type 1 font rasterizer library - r ii libx11-6 2:1.0.3-7 X11 client-side library ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxmu6 1:1.0.3-1 X11 miscellaneous utility library ii libxp61:1.0.0.xsf1-1 X Printing Extension (Xprint) clie ii libxpm4 1:3.5.7-1 X11 pixmap library ii libxt61:1.0.5-3 X11 toolkit intrinsics library ii xmhtml1 1.1.7-14 A Motif widget for display HTML 3. ii zlib1g1:1.2.3.3.dfsg-6 compression library - runtime grace6 recommends no packages. -- no debconf information ---End Message--- ---BeginMessage--- -- Forwarded message -- From: Kai-Martin Knaak [EMAIL PROTECTED] Date: Nov 9, 2007 1:57 PM Subject: Bug#450497: --- resolved. To: [EMAIL PROTECTED] For some reason, there was indeed original Motif installed on my box in /usr/local/lib in addition to the lesstif version in /usr/lib from the lesstif2 package. After I disabled the Motif lib xmgrace works like a charme. You can close the bug, if you haven't already. Suggestion: A more verbose message on the command line. Something along the lines of /-- To find the offending library execute: ldd `which xmgrace6` | grep 'libXm\.' \- ---(kaimartin)--- -- Kai-Martin Knaak [EMAIL PROTECTED] Universität Hannover, Inst. f. Quantenoptik tel: +49-511-762-2895 Welfengarten 1, 30167 Hannoverfax: +49-511-762-2211 GPG key:http://pgp.mit.edu:11371/pks/lookup?search=Knaak+kmkop=get -- blog: http://twerner.blogspot.com/ homepage: http://www.twerner42.de/ ---End Message---
Bug#450711: dkim-filter(2.3.2.dfsg-1) fails to start with settings that works with version2.0.2.dfsg-1. Only message is in syslog dkim-filter[26391]: can't initialize DKIM library.. Settings are che
Package: dkim-filter Version: 2.0.2.dfsg-1 Severity: grave Justification: renders package unusable dkim-filter(2.3.2.dfsg-1) fails to start with settings that works with version2.0.2.dfsg-1. Only message is in syslog: dkim-filter[26391]:can't initialize DKIM library.. Settings are checked and are valid for version 2.3.2.dfsg-1. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (990, 'stable'), (650, 'testing'), (600, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-486 Locale: LANG=nl_NL, LC_CTYPE=nl_NL (charmap=ISO-8859-1) Versions of packages dkim-filter depends on: ii adduser 3.102 Add and remove users and groups ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries ii libdb4.5 4.5.20-11 Berkeley v4.5 Database Libraries [ ii libmilter18.14.1-9 Sendmail Mail Filter API (Milter) ii libssl0.9.8 0.9.8g-1 SSL shared libraries dkim-filter recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: nautilus crashes when diff-ext is installed
Processing commands for [EMAIL PROTECTED]: tags 431692 + pending Bug#431692: nautilus crashes when diff-ext is installed Tags were: fixed-upstream Bug#431754: diff-ext: Invalid memory reference Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#431692: nautilus crashes when diff-ext is installed
tags 431692 + pending thanks hi, this odd bug seems to be still there and keeps making nautilus crashing. Anyway I've *definitely* fixed it (the fix has been pushed to my bzr branch already), and I'm currently waiting to have ries (ftp-master server) up and running to have the package uploaded. I've attached a fixed binary file to the mail so you can test the fix yourself in the meantime. Thanks for reporting back, Andrea diff-ext_0.2.3-2_i386.deb Description: application/deb
Bug#450634: Connot be installed on Sid
Hi Kevin, sorry, I'm not that experienced to fix it. Given that, I can test any solution that you have in mind. BTW, I don't know if I really need mozart-gtk. My purpose is only to run SpiCO and what I can say now is something doesn't work. SpiCO is working on other computers with Mac OSX, I don't know about other Linux distribution, so I'm complaining about mozart-gtk because is the piece of software I can't install, but I might be completely wrong as well. However this may be listed as a bug, perhaps of minor importance. Waiting for you to have time to solve it! In the meanwhile, I've written to Mozart ML for support. Bye! Valerio -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging 433187
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.9.26 tags 433187 + pending Bug#433187: linux-2.6 - [sparc64-smp] produces unkillable processes Tags were: etch fixed-upstream sid lenny Bug#430984: pthreads issue with libc6 Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450711: dkim-filter(2.3.2.dfsg-1) fails to start with settings that works with version2.0.2.dfsg-1. Only message is in syslog dkim-filter[26391]: can't initialize DKIM library.. Settings are che
On Fri, Nov 09, 2007 at 03:23:54PM +0100, Jos Zonneveld [EMAIL PROTECTED] wrote: dkim-filter(2.3.2.dfsg-1) fails to start with settings that works with version2.0.2.dfsg-1. Only message is in syslog: dkim-filter[26391]:can't initialize DKIM library.. Settings are checked and are valid for version 2.3.2.dfsg-1. ... What exactly are those settings? Can you send your /etc/default/dkim-filter and /etc/dkim-filter.conf (and any other associated files)? -- Mike Markley [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#445579: libpam-krb5-migrate-heimdal: Fails with recent heimdal packages (sid)
On Wed, 10 Oct 2007, Jelmer Vernooij wrote: Severity: grave Justification: renders package unusable /var/log/syslog is full of these: dovecot-auth: PAM unable to dlopen(/lib/security/pam_krb5_migrate.so) dovecot-auth: PAM [error: /lib/security/pam_krb5_migrate.so: undefined symbol: kadm5_get_policy] dovecot-auth: PAM adding faulty module: /lib/security/pam_krb5_migrate.so Thanks for the bugreport - I can reproduce this. Will hopefully upload a fixed version in the next ocuple of weeks. Any updates on this ? I know ftp-master is dead at the moment, but if you've built packages, I'd be happy to test them... I can test amd64 or i386 (my ppc box is not functional at the moment) -- Rick Nelson After watching my newly-retired dad spend two weeks learning how to make a new folder, it became obvious that intuitive mostly means what the writer or speaker of intuitive likes. (Bruce Ediger, [EMAIL PROTECTED], in comp.os.linux.misc, on X the intuitiveness of a Mac interface.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: upload pending by dead ries (ftp-master)
Processing commands for [EMAIL PROTECTED]: tag 431986 pending Bug#431986: hlatex-fonts-base: postinst fails if libkpathsea4 unpacked but not configured There were no tags set. Tags added: pending tag 442596 pending Bug#442596: hlatex-fonts: FTBFS if build twice in a row There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#448873: iscsitarget: ietd.conf public readable and contains passwords
On Fri, Nov 02, 2007 at 06:25:39PM +0100, Martin Zobel-Helas wrote: Package: iscsitarget Version: 0.4.15-4 Severity: serious Tags: security Justification: Policy 10.9 /etc/ietd.conf will on most usual cases contain passwords, but is 644 per default after the installations. That needs to be fixed. This doesn't warrant a DSA, but could be fixed in a point update. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: [Pkg-xfce-devel] Bug#450705: xfce4-panel: Randomly hangs
Processing commands for [EMAIL PROTECTED]: reassign #450705 xfwm4 Bug#450705: xfce4-panel: Randomly hangs Bug reassigned from package `xfce4-panel' to `xfwm4'. forcemerge #450705 #446935 Bug#450705: xfce4-panel: Randomly hangs Bug#446935: xserver-xorg: Seems to lock up occasionally for no apparent reason Bug#442053: system freezes when using gtk 2.11 Bug#450625: xfce doesn't answer to actions of the user Forcibly Merged 442053 446935 450625 450705. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450754: vfu: Embeds a copy of pcre
Package: vfu Severity: grave Tags: security Justification: user security hole vfu embeds a copy of pcre. There's been a recent security update for pcre (DSA-1399). (I'm not sure if vfu's pcre processes untrusted regexps or if it's all user-controlled. In that case it's not a security problem, but should still be fixed for cleanliness): You should fix the vfu package to link against a shared library version of PCRE. (The packaging also appears a bit messy, e.g. the old binaries in the source package: drwxr-xr-x 2 jmm jmm 4.0K Jun 5 2005 .OBJ.libvscon.a drwxr-xr-x 2 jmm jmm 4.0K Jun 5 2005 .OBJ.libvslib.a drwxr-xr-x 2 jmm jmm 4.0K Jun 5 2005 .OBJ.test ) Cheers, Moritz -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core) Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#431605: korganizer: Many events without hours associated in a single day disappear
Package: korganizer
Version: 4:3.5.7-4
Followup-For: Bug #431605
Hey there,
It's been quite a while since I first reported this bug.
Anyway, it keeps happening despite my periodical updates.
Upon further examination of the issue, I've seen the only events
disappearing are the ones that share the same day with many other.
For example: having 10 events crowded in the same day will eventualy
erase them all automatically.
Note these events never have associated hours.
Other events, with or without associated hours, that are in other days,
are not affected.
I'm posting at the end of the email an illustrative collection of
fragments of the events that disappeared from my std.ics
You may note that all/many of these events have the same category, and
that it's name has a non-standard character ('á'). Maybe it has something
to do with the bug, maybe not.
I thank all again for the great software and great work, but this is a
serious issue with permanent data loss! Please take this into
consideration when reading my report.
Please contact me if there's anything else I can do to help.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages korganizer depends on:
ii kdelibs4c2a 4:3.5.7.dfsg.1-7 core libraries and binaries for al
ii libart-2.0-22.3.19-3 Library of functions for 2D graphi
ii libaudio2 1.9-2+b1 The Network Audio System (NAS). (s
ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries
ii libfontconfig1 2.4.2-1.2generic font configuration library
ii libfreetype62.3.5-1+b1 FreeType 2 font engine, shared lib
ii libgcc1 1:4.2.1-4GCC support library
ii libice6 2:1.0.4-1X11 Inter-Client Exchange library
ii libidn111.1-1GNU libidn library, implementation
ii libjpeg62 6b-14The Independent JPEG Group's JPEG
ii libkcal2b 4:3.5.7-4KDE calendaring library
ii libkdepim1a 4:3.5.7-4KDE PIM library
ii libkpimexchange14:3.5.7-4KDE PIM Exchange library
ii libkpimidentities1 4:3.5.7-4KDE PIM user identity information
ii libpng12-0 1.2.15~beta5-2 PNG library - runtime
ii libqt3-mt 3:3.3.7-8Qt GUI Library (Threaded runtime v
ii libsm6 2:1.0.3-1+b1 X11 Session Management library
ii libstdc++6 4.2.1-4 The GNU Standard C++ Library v3
ii libx11-62:1.0.3-7X11 client-side library
ii libxcursor1 1:1.1.9-1X cursor management library
ii libxext61:1.0.3-2X11 miscellaneous extension librar
ii libxft2 2.1.12-2 FreeType-based font drawing librar
ii libxi6 2:1.1.3-1X11 Input extension library
ii libxinerama11:1.0.2-1X11 Xinerama extension library
ii libxrandr2 2:1.2.2-1X11 RandR extension library
ii libxrender1 1:0.9.4-1X Rendering Extension client libra
ii libxt6 1:1.0.5-3X11 toolkit intrinsics library
ii perl5.8.8-7 Larry Wall's Practical Extraction
ii zlib1g 1:1.2.3.3.dfsg-5 compression library - runtime
Versions of packages korganizer recommends:
ii kghostview4:3.5.7-4 PostScript viewer for KDE
-- no debconf information
Fragments from my std.ics that disappeared
BEGIN:VEVENT
DTSTAMP:20071101T005224Z
ORGANIZER;CN=Alex Henry Ribeiro dos Santos:MAILTO:[EMAIL PROTECTED]
CREATED:20071029T224920Z
UID:KOrganizer-567121598.864
SEQUENCE:1
LAST-MODIFIED:20071031T210600Z
SUMMARY:Geral no quarto e na gaveta (semana)
CATEGORIES:diário
DTSTART;VALUE=DATE:20071101
DTEND;VALUE=DATE:20071102
TRANSP:OPAQUE
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20071101T005224Z
ORGANIZER;CN=Alex Henry Ribeiro dos Santos:MAILTO:[EMAIL PROTECTED]
CREATED:20071020T182636Z
UID:KOrganizer-545790359.172
SEQUENCE:5
LAST-MODIFIED:20071031T210550Z
SUMMARY:Atualizar currículo Lattes (6 meses)
DTSTART;VALUE=DATE:20071101
DTEND;VALUE=DATE:20071102
TRANSP:OPAQUE
END:VEVENT
BEGIN:VEVENT
BEGIN:VEVENT
DTSTAMP:20071101T005224Z
ORGANIZER;CN=Alex Henry Ribeiro dos Santos:MAILTO:[EMAIL PROTECTED]
CREATED:20071029T224600Z
UID:KOrganizer-2028320321.936
SEQUENCE:1
LAST-MODIFIED:20071031T210609Z
SUMMARY:Trocar roupa de cama e fronha (semana)
CATEGORIES:diário
DTSTART;VALUE=DATE:20071101
DTEND;VALUE=DATE:20071102
TRANSP:OPAQUE
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20071101T005224Z
ORGANIZER;CN=Alex Henry Ribeiro dos Santos:MAILTO:[EMAIL PROTECTED]
Bug#442411: btanks: 442411: this is an openal problem
# downgrading severity: 1) 2 workarounds 2) doesn't affect all machines severity 442411 important forwarded 442411 http://sourceforge.net/tracker/index.php?func=detailaid=1777107group_id=167474atid=843095 The second workaround is to turn off sound and music. Looks like it is a problem in openal rather than in btanks. Leaving this bug here for documentation purposes. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Processed (with 3 errors): btanks: 442411: this is an openal problem
Processing commands for [EMAIL PROTECTED]: # downgrading severity: 1) 2 workarounds 2) doesn't affect all machines severity 442411 important Bug#442411: btanks: segfaults shortly after starting single player game Severity set to `important' from `grave' forwarded 442411 http://sourceforge.net/tracker/index.php?func=detailaid=1777107group_id=167474atid=843095 Bug#442411: btanks: segfaults shortly after starting single player game Noted your statement that Bug has been forwarded to http://sourceforge.net/tracker/index.php?func=detailaid=1777107group_id=167474atid=843095. The second workaround is to turn off sound and music. Unknown command or malformed arguments to command. Looks like it is a problem in openal rather than in btanks. Leaving this Unknown command or malformed arguments to command. bug here for documentation purposes. Unknown command or malformed arguments to command. -- Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
