Bug#492444: etcinsvk: fails to install
Package: etcinsvk
Version: 1.0
Severity: grave
Justification: renders package unusable
Hi.
etcinsvk fails to install, like this:
$ sudo aptitude install etcinsvk
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
The following NEW packages will be installed:
etcinsvk expect{a}
0 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 352kB of archives. After unpacking 823kB will be used.
Do you want to continue? [Y/n/?]
Writing extended state information... Done
Get:1 http://ftp.es.debian.org lenny/main expect 5.43.0-17 [346kB]
Get:2 http://ftp.es.debian.org lenny/main etcinsvk 1.0 [5098B]
Fetched 352kB in 1s (327kB/s)
Preconfiguring packages ...
Selecting previously deselected package expect.
(Reading database ... 115339 files and directories currently installed.)
Unpacking expect (from .../expect_5.43.0-17_powerpc.deb) ...
Selecting previously deselected package etcinsvk.
Unpacking etcinsvk (from .../archives/etcinsvk_1.0_all.deb) ...
Processing triggers for man-db ...
Setting up expect (5.43.0-17) ...
Setting up etcinsvk (1.0) ...
dpkg: error processing etcinsvk (--configure):
subprocess post-installation script returned error exit status 10
Errors were encountered while processing:
etcinsvk
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install. Trying to recover:
Setting up etcinsvk (1.0) ...
dpkg: error processing etcinsvk (--configure):
subprocess post-installation script returned error exit status 10
Errors were encountered while processing:
etcinsvk
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Reading task descriptions... Done
$
Box is a G4 macmini. Also fails in an amd64 box.
If you need me to perform some tests, just ask.
Thanks,
pancho.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: powerpc (ppc)
Kernel: Linux 2.6.25-1-powerpc-macmini
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages etcinsvk depends on:
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii expect5.43.0-17 A program that can automate intera
ii svk 2.0.2-2A Distributed Version Control Syst
etcinsvk recommends no packages.
etcinsvk suggests no packages.
-- debconf information:
etcinsvk/enabled: false
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492295: hppa segfaults
hppa: testdso : /bin/sh: line 2: 13552 Segmentation fault ./$prog s390: Failed TestsTotal FailFailed % === testsock8 1 12.50% testsockets 7 1 14.29% powerpc: Failed TestsTotal FailFailed % === testrand9 5 55.56% testsock8 1 12.50% mips, sparc, mipsel: Failed TestsTotal FailFailed % === testsock8 1 12.50% amd64: Failed TestsTotal FailFailed % === testsock8 2 25.00% testsockets 7 1 14.29% -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492412: marked as done (Specifies more than one name in Maintainer field)
Your message dated Sat, 26 Jul 2008 06:17:05 +
with message-id [EMAIL PROTECTED]
and subject line Bug#492412: fixed in liblockfile 1.08-2
has caused the Debian Bug report #492412,
regarding Specifies more than one name in Maintainer field
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
492412: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492412
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: liblockfile
Version: 1.08-1
Severity: serious
Policy 5.6.2 does not allow more than one name in the Maintainer field
(And most parsers rely on this). Please move one of the names to Uploaders.
Gruesse,
Frank Lichtenheld
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.25-2-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
---End Message---
---BeginMessage---
Source: liblockfile
Source-Version: 1.08-2
We believe that the bug you reported is fixed in the latest version of
liblockfile, which is due to be installed in the Debian FTP archive:
liblockfile-dev_1.08-2_amd64.deb
to pool/main/libl/liblockfile/liblockfile-dev_1.08-2_amd64.deb
liblockfile1_1.08-2_amd64.deb
to pool/main/libl/liblockfile/liblockfile1_1.08-2_amd64.deb
liblockfile_1.08-2.diff.gz
to pool/main/libl/liblockfile/liblockfile_1.08-2.diff.gz
liblockfile_1.08-2.dsc
to pool/main/libl/liblockfile/liblockfile_1.08-2.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Anibal Monsalve Salazar [EMAIL PROTECTED] (supplier of updated liblockfile
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sat, 26 Jul 2008 15:46:48 +1000
Source: liblockfile
Binary: liblockfile1 liblockfile-dev
Architecture: source amd64
Version: 1.08-2
Distribution: unstable
Urgency: low
Maintainer: Miquel van Smoorenburg [EMAIL PROTECTED]
Changed-By: Anibal Monsalve Salazar [EMAIL PROTECTED]
Description:
liblockfile-dev - Development library for liblockfile
liblockfile1 - NFS-safe locking library, includes dotlockfile program
Closes: 465090 492412
Changes:
liblockfile (1.08-2) unstable; urgency=low
.
* Miquel van Smoorenburg is the maintainer; closes: #465090, #492412
* Standards-Version is 3.8.0
* liblockfile1 depends on ${misc:Depends}
Checksums-Sha1:
a82554e9d5cf9c139acdb10b763651b48c1fecc4 1014 liblockfile_1.08-2.dsc
33bcb2550f5b869d2afdd0ada2e4fca435b5a47d 4885 liblockfile_1.08-2.diff.gz
ffdd9f67d110f0e564e881eeffbb0cb4da144ef5 19408 liblockfile1_1.08-2_amd64.deb
12e4fb04b462fa68478007f1b2d90f3d9aa5b55b 22530 liblockfile-dev_1.08-2_amd64.deb
Checksums-Sha256:
602987f6990badd900aac98dbea42e026f24df9f4b469cc948d8229cc079f9fa 1014
liblockfile_1.08-2.dsc
8a6507ec27973b47de0121ab9698bf232f5d11ec69aab1c52337f019fdb4f218 4885
liblockfile_1.08-2.diff.gz
48f8e30fc24b012eb4cdd70fb8661bdb09df007af22b52840692b1546159ca9f 19408
liblockfile1_1.08-2_amd64.deb
2d53077e2b130f299fcdaf924cb932f68a4edd60fb88b3beea347ed19a39e832 22530
liblockfile-dev_1.08-2_amd64.deb
Files:
e78b7cb5c4dcd4397d1007449f117073 1014 devel standard liblockfile_1.08-2.dsc
d5d1c919b8d65da8cf4d6fa293996252 4885 devel standard liblockfile_1.08-2.diff.gz
5a4597a9930c291c867710c50f7255d9 19408 libs standard
liblockfile1_1.08-2_amd64.deb
8173c99c7241bce0ac25acc80fa1361c 22530 libdevel optional
liblockfile-dev_1.08-2_amd64.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiKvpEACgkQgY5NIXPNpFU1swCglg8JyWE8aHpMqkEbgaEyQP/j
FJAAoNM4Qc6UKg53kKZQVwoFmE54Ujpc
=alTJ
-END PGP SIGNATURE-
---End Message---
Bug#492444: etcinsvk: fails to install
severity 492444 important thanks Thank you for the report. Setting severity to important, as the package installs for some users. It is installed by default in Debian Edu with success. [Pancho Horrillo] etcinsvk fails to install, like this: [...] Setting up etcinsvk (1.0) ... dpkg: error processing etcinsvk (--configure): subprocess post-installation script returned error exit status 10 Errors were encountered while processing: etcinsvk E: Sub-process /usr/bin/dpkg returned an error code (1) Hm. Can you try to add 'set -x' to /var/lib/dpkg/info/etcinsvk.postinst on the line after . /usr/share/debconf/confmodule and then run 'aptitude install -f' to try to run the script again? Exit status 10 smell like something from debconf. A quick look make me suspect this line fail: db_get debian-edu-config/etc-in-svk The fix is to add ' || true' to the end of it. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491212: marked as done (Argus Server in testing)
Your message dated Sat, 26 Jul 2008 06:32:02 + with message-id [EMAIL PROTECTED] and subject line Bug#491212: fixed in argus 1:2.0.6.fixes.1-15 has caused the Debian Bug report #491212, regarding Argus Server in testing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 491212: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491212 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: argus-server Version: 2.0.6.fixes.1-14.1 Hi, the argus_linux binary appears to be missing in the current argus-server packages in debian testing. This is linked to from /usr/sbin/argus. Many thanks David signature.asc Description: OpenPGP digital signature ---End Message--- ---BeginMessage--- Source: argus Source-Version: 1:2.0.6.fixes.1-15 We believe that the bug you reported is fixed in the latest version of argus, which is due to be installed in the Debian FTP archive: argus-server_2.0.6.fixes.1-15_i386.deb to pool/main/a/argus/argus-server_2.0.6.fixes.1-15_i386.deb argus_2.0.6.fixes.1-15.diff.gz to pool/main/a/argus/argus_2.0.6.fixes.1-15.diff.gz argus_2.0.6.fixes.1-15.dsc to pool/main/a/argus/argus_2.0.6.fixes.1-15.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andrew Pollock [EMAIL PROTECTED] (supplier of updated argus package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 25 Jul 2008 23:01:43 -0700 Source: argus Binary: argus-server Architecture: source i386 Version: 1:2.0.6.fixes.1-15 Distribution: unstable Urgency: high Maintainer: Andrew Pollock [EMAIL PROTECTED] Changed-By: Andrew Pollock [EMAIL PROTECTED] Description: argus-server - IP network transaction auditing tool Closes: 491212 Changes: argus (1:2.0.6.fixes.1-15) unstable; urgency=high . * Incorporate previous NMU * Fix breakage caused by libpcap-dev changing the name of net/bpf.h (closes: #491212) * debian/control: bumped Standards-Version (no changes) Checksums-Sha1: 0172e4b8f38aee66688b328cce5feea7f56f0dfe 1114 argus_2.0.6.fixes.1-15.dsc 9c7899f58897487e7cedafc23edb34942cbf57a9 26130 argus_2.0.6.fixes.1-15.diff.gz 928f20e29caf955aa8ef5cc9ce86d871607594ef 136806 argus-server_2.0.6.fixes.1-15_i386.deb Checksums-Sha256: 47eee8b06148d5a545a3d65217ce7750079d1b90574852af2fa2145e3b059da0 1114 argus_2.0.6.fixes.1-15.dsc 43e3b82334205229c60e0b526cbdd1af54a8fb32c333197adffab9d8de511e01 26130 argus_2.0.6.fixes.1-15.diff.gz 66e9bc405de77bd2d4bfaedb7340bcec0e417201a24f6813a1a240adc0e8a162 136806 argus-server_2.0.6.fixes.1-15_i386.deb Files: 4e5e6ebe29c8d7bd5b5608b5debd89e6 1114 net optional argus_2.0.6.fixes.1-15.dsc 0bcce77383063c4f52fbe8dc2f3d934b 26130 net optional argus_2.0.6.fixes.1-15.diff.gz c7dad3e2b04d34a56311bd30f972619e 136806 net optional argus-server_2.0.6.fixes.1-15_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIisHAIblXXKfZFgIRAjg4AJ4oyvHPaAieDZ8K8dmK21pB/M4JSgCfUE0V qBVbH78/DjU2HgZXDLr+LSE= =gzJ/ -END PGP SIGNATURE- ---End Message---
Processed: Re: Bug#492444: etcinsvk: fails to install
Processing commands for [EMAIL PROTECTED]: severity 492444 important Bug#492444: etcinsvk: fails to install Severity set to `important' from `grave' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: severity of 491522 is important
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.33 severity 491522 important Bug#491522: linux-image-2.6.25-2-686: The machine gets complete halted and Freezed after some minutes. Severity set to `important' from `critical' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#490753: marked as done (/boot/vmlinuz-2.6.18-6-686: kernel BUG at drivers/md/bitmap.c:1166!)
Your message dated Sat, 26 Jul 2008 10:01:09 +0200
with message-id [EMAIL PROTECTED]
and subject line Re: /boot/vmlinuz-2.6.18-6-686: kernel BUG at
drivers/md/bitmap.c:1166!
has caused the Debian Bug report #490753,
regarding /boot/vmlinuz-2.6.18-6-686: kernel BUG at drivers/md/bitmap.c:1166!
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
490753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490753
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: linux-image-2.6.18-6-686
Version: 2.6.18.dfsg.1-18etch6
Severity: critical
File: /boot/vmlinuz-2.6.18-6-686
Justification: breaks the whole system
I thought enabling an internal bitmap with mdadm might be a good idea, until I
started getting kernel panics. This happened twice during heavy write I/O to
a raid1 md device, on top of which is a crypt dm layer and a reiserfs file
system.
I've since removed the bitmap, but if you need me to re-add it and convey any
subsequent details from /proc/mdstat or whatever, let me know.
[ cut here ]
kernel BUG at drivers/md/bitmap.c:1166!
invalid opcode: [#1]
SMP
Modules linked in: usbhid nfs nfsd exportfs lockd nfs_acl sunrpc button ipv6
deflate zlib_deflate twofish serpent blowfish des sha1 crypto_null af_key
reiserfs sha256 aes_i586 dm_crypt w83627hf hwmon_vid i2c_isa eeprom i810_audio
ac97_codec snd_intel8x0 snd_ac97_codec snd_ac97_bus snd_pcm_oss snd_pcm
snd_mixer_oss snd_seq_dummy intel_agp agpgart snd_seq_oss snd_seq_midi_event
snd_seq snd_timer parport_pc snd_seq_device i82875p_edac psmouse sg parport
floppy rtc edac_mc serio_raw evdev pcspkr snd i2c_i801 i2c_core soundcore
snd_page_alloc shpchp pci_hotplug eth1394 sr_mod cdrom ext3 jbd mbcache
dm_mirror dm_snapshot dm_mod raid1 md_mod sd_mod generic usb_storage ide_core
ata_piix sata_sil ohci1394 ehci_hcd ieee1394 e1000 uhci_hcd libata scsi_mod
usbcore thermal processor fan
CPU:0
EIP:0060:[f89af822]Not tainted VLI
EFLAGS: 00010046 (2.6.18-6-686 #1)
EIP is at bitmap_startwrite+0x125/0x16e [md_mod]
eax: 3fff ebx: ef80f680 ecx: c8732f5a edx: 3fff
esi: dfaea2c0 edi: 2f5bffe8 ebp: esp: dff05b48
ds: 007b es: 007b ss: 0068
Process pdflush (pid: 152, ti=dff04000 task=dfa1a550 task.ti=dff04000)
Stack: c8732f5a df9843e8 0018 ef80f680 0002 0018 ef89b880 f898527a
0008 ef80f680 dfaea340 c2117200 0002 dfaea2c0
f8b1d2ab 0200 dff05ba0 ef80f600 ef80f580 10776327 65fae622
Call Trace:
[f898527a] make_request+0x4b3/0x51a [raid1]
[f8b1d2ab] crypt_convert_scatterlist+0x7d/0x103 [dm_crypt]
[c01ada17] generic_make_request+0x190/0x1a0
[f8b1d849] crypt_map+0x244/0x2f3 [dm_crypt]
[f89ba327] __map_bio+0x35/0x70 [dm_mod]
[f89bab37] __split_bio+0x168/0x3ec [dm_mod]
[c0121838] __do_softirq+0x5a/0xbb
[c0145815] __alloc_pages+0x4e/0x275
[f89bb2dc] dm_request+0xc7/0xd4 [dm_mod]
[c01ada17] generic_make_request+0x190/0x1a0
[c0143f74] mempool_alloc+0x1c/0xbd
[c01af763] submit_bio+0xbf/0xc5
[c015e5ff] bio_alloc_bioset+0x9b/0xf3
[c015b7f4] submit_bh+0xe4/0x101
[f8bb2799] write_ordered_chunk+0x44/0x69 [reiserfs]
[f8bb2714] add_to_chunk+0x3a/0x51 [reiserfs]
[f8bb2ade] write_ordered_buffers+0x143/0x26c [reiserfs]
[f8bb2755] write_ordered_chunk+0x0/0x69 [reiserfs]
[f8bb2e4f] flush_commit_list+0x189/0x529 [reiserfs]
[c0125380] lock_timer_base+0x15/0x2f
[f8bb5929] do_journal_end+0xab9/0xb08 [reiserfs]
[f8bb59d8] journal_end_sync+0x60/0x65 [reiserfs]
[f8ba7a20] reiserfs_sync_fs+0x32/0x54 [reiserfs]
[c015fc5b] sync_supers+0x61/0xb8
[c0146492] wb_kupdate+0x25/0xdf
[c014689d] pdflush+0x0/0x1b3
[c01469b9] pdflush+0x11c/0x1b3
[c014646d] wb_kupdate+0x0/0xdf
[c012d86b] kthread+0xc2/0xef
[c012d7a9] kthread+0x0/0xef
[c0101005] kernel_thread_helper+0x5/0xb
Code: 8b 46 0c 8b 80 ac 01 00 00 e8 8c ee 7f c7 5b 8b 04 24 66 c7 00 02 00 8b
0c 24 0f b7 11 89 d0 25 ff 3f 00 00 3d ff 3f 00 00 75 08 0f 0b 8e 04 af 18 9b
f8 8d 42 01 8b 14 24 66 89 02 b0 01 86 46
EIP: [f89af822] bitmap_startwrite+0x125/0x16e [md_mod] SS:ESP 0068:dff05b48
BUG: warning at kernel/exit.c:854/do_exit()
[c011f8b7] do_exit+0x44/0x71b
[c0103f9f] die+0x1e2/0x28a
[c0104022] die+0x265/0x28a
[c0104844] do_invalid_op+0x0/0x9d
[c01048d5] do_invalid_op+0x91/0x9d
[f89af822] bitmap_startwrite+0x125/0x16e [md_mod]
[f8b476ec] aes_encrypt+0x8/0xc [aes_i586]
[c01aa2fa] cbc_process_encrypt+0x50/0x85
[c01aa24b] xor_128+0x0/0x17
[f8b476e4] aes_encrypt+0x0/0xc [aes_i586]
[c01aa223] scatterwalk_done+0x35/0x52
[c01aa77f] crypt+0x1a1/0x1f3
[c01037f9]
Bug#492455: strongswan: FTBFS: Uses i386 assembler on non-i386 arches.
Package: strongswan Version: 4.2.4-1 Severity: serious Hi, Your package is failing to build with the following or simular error: padlock_aes_crypter.c:64: error: unknown register name 'edi' in 'asm' padlock_aes_crypter.c:64: error: unknown register name 'esi' in 'asm' padlock_aes_crypter.c:64: error: unknown register name 'edx' in 'asm' padlock_aes_crypter.c:64: error: unknown register name 'ecx' in 'asm' padlock_aes_crypter.c:64: error: unknown register name 'eax' in 'asm' make[5]: *** [padlock_aes_crypter.lo] Error 1 make[5]: Leaving directory `/build/buildd/strongswan-4.2.4/src/libstrongswan/plugins/padlock' As far as I know, padlock is a CPU from VIA with special instructions for encryption. As far as I know, it only runs i386, and amd64 shouldn't be supported either, but you might want to try and detect it. It really doesn't make any sense on other arches. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#489251: marked as done (kdewebdev_4:4.0.84-1(ia64/unstable): FTBFS: No rule to make target `/usr/lib/libICE.so')
Your message dated Sat, 26 Jul 2008 11:20:04 +0200 with message-id [EMAIL PROTECTED] and subject line Re: Bug#489251: kdewebdev_4:4.0.84-1(ia64/unstable): FTBFS: No rule to make target `/usr/lib/libICE.so' has caused the Debian Bug report #489251, regarding kdewebdev_4:4.0.84-1(ia64/unstable): FTBFS: No rule to make target `/usr/lib/libICE.so' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 489251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489251 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: kdewebdev Version: 4:4.0.84-1 Severity: serious There was an error while trying to autobuild your package: Automatic build of kdewebdev_4:4.0.84-1 on alkman.ayous.org by sbuild/ia64 98-farm Build started at 20080704-1153 [...] ** Using build dependencies supplied by package: Build-Depends: cdbs, debhelper (= 5), cmake (= 2.4.5), quilt, kdelibs5-dev (= 4:3.98.0~), libtidy-dev, kdepimlibs5-dev, zlib1g-dev, libboost-dev, libxslt-dev [...] cd /build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/klinkstatus/src /usr/bin/g++ -D_BSD_SOURCE -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_GNU_SOURCE -DQT_NO_STL -DQT_NO_CAST_TO_ASCII -D_REENTRANT -DKDE_DEPRECATED_WARNINGS -g -O2 -g -Wall -O2 -Wnon-virtual-dtor -Wno-long-long -ansi -Wundef -Wcast-align -Wchar-subscripts -Wall -W -Wpointer-arith -Wformat-security -fno-exceptions -fno-check-new -fno-common -Woverloaded-virtual -fvisibility=hidden -fvisibility-inlines-hidden -DNDEBUG -I/build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/klinkstatus/src -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src -I/build/buildd/kdewebdev-4.0.84 -I/build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/ui -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/interfaces -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/interfaces/engine -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/interfaces/ui -I/usr/include/KDE -I/usr/include/qt4/QtDBus -I/usr/include/qt4/QtTest -I/usr/include/qt4/QtUiTools -I/usr/include/qt4/QtScript -I/usr/include/qt4/QtSvg -I/usr/include/qt4/QtXml -I/usr/include/qt4/QtSql -I/usr/include/qt4/QtNetwork -I/usr/include/qt4/QtDesigner -I/usr/include/qt4/QtAssistant -I/usr/include/qt4/Qt3Support -I/usr/include/qt4/QtGui -I/usr/include/qt4/QtCore -I/usr/include/qt4/Qt -I/usr/share/qt4/mkspecs/default -I/usr/include/qt4 -I/usr/include/libxml2 -I/usr/include/threadweaver -o CMakeFiles/klinkstatus.dir/klinkstatus.o -c /build/buildd/kdewebdev-4.0.84/klinkstatus/src/klinkstatus.cpp /usr/bin/cmake -E cmake_progress_report /build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/CMakeFiles [ 0%] Building CXX object klinkstatus/src/CMakeFiles/klinkstatus.dir/main.o cd /build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/klinkstatus/src /usr/bin/g++ -D_BSD_SOURCE -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_GNU_SOURCE -DQT_NO_STL -DQT_NO_CAST_TO_ASCII -D_REENTRANT -DKDE_DEPRECATED_WARNINGS -g -O2 -g -Wall -O2 -Wnon-virtual-dtor -Wno-long-long -ansi -Wundef -Wcast-align -Wchar-subscripts -Wall -W -Wpointer-arith -Wformat-security -fno-exceptions -fno-check-new -fno-common -Woverloaded-virtual -fvisibility=hidden -fvisibility-inlines-hidden -DNDEBUG -I/build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/klinkstatus/src -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src -I/build/buildd/kdewebdev-4.0.84 -I/build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/ui -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/interfaces -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/interfaces/engine -I/build/buildd/kdewebdev-4.0.84/klinkstatus/src/interfaces/ui -I/usr/include/KDE -I/usr/include/qt4/QtDBus -I/usr/include/qt4/QtTest -I/usr/include/qt4/QtUiTools -I/usr/include/qt4/QtScript -I/usr/include/qt4/QtSvg -I/usr/include/qt4/QtXml -I/usr/include/qt4/QtSql -I/usr/include/qt4/QtNetwork -I/usr/include/qt4/QtDesigner -I/usr/include/qt4/QtAssistant -I/usr/include/qt4/Qt3Support -I/usr/include/qt4/QtGui -I/usr/include/qt4/QtCore -I/usr/include/qt4/Qt -I/usr/share/qt4/mkspecs/default -I/usr/include/qt4 -I/usr/include/libxml2 -I/usr/include/threadweaver -o CMakeFiles/klinkstatus.dir/main.o -c /build/buildd/kdewebdev-4.0.84/klinkstatus/src/main.cpp /usr/bin/cmake -E cmake_progress_report /build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/CMakeFiles 1 [ 1%] Building CXX object klinkstatus/src/CMakeFiles/klinkstatus.dir/ui/trayicon.o cd /build/buildd/kdewebdev-4.0.84/obj-ia64-linux-gnu/klinkstatus/src
Bug#492460: pdnsd: appears to be vulnerable to cache poisoning attack CVE-2008-1447
Package: pdnsd Version: 1.2.4par-0.2 1.2.6-par-8 Severity: grave Tags: security Hi, It seems that pdnsd is vulnerable to the DNS cache poisoning attack as described by Dan Kaminski and referenced as CVE-2008-1447. I'm not intimately aware of pdnsd; could you look into this issue and see whether it's indeed vulnerable and whether an updated package can be provided? Reading the source code didn't give me any indication of source port randomisation so I'm filing this as grave until we're either sure that it's not vulnerable or that a fix has been applied. thanks, Thijs -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.18-6-686 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492282: seahorse-agent --execute leaks file descriptors
On Friday 25 July 2008, Josselin Mouette wrote: This explains why this bug hasn't been found before. I use KDE and no KDE desktop process seems to clean up the file descriptors. Therefore for me, every bash started in every terminal has those file descriptors. That’s bad indeed. I think that etch is not affected, since seahorse-agent was not started by default. However let’s make sure this doesn’t get into lenny. It's not started by default in sid/lenny either if one doesn't use gnome: seahorse (2.22.1-2) unstable; urgency=low [ Josselin Mouette ] * seahorse.Xsession: only start seahorse-agent for GNOME sessions. Closes: #443115, #472641. But it is possible to use it without gnome, of course. Fixing this for lenny would certainly be nice. Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#490680: does not work due to dangling symlink/missing dependency
Processing commands for [EMAIL PROTECTED]: severity 490680 important Bug#490680: does not work due to dangling symlink/missing dependency Severity set to `important' from `grave' tags 490680 + unreproducible Bug#490680: does not work due to dangling symlink/missing dependency There were no tags set. Tags added: unreproducible thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#448519: marked as done (libdspam7-drv-mysql: CVE-2007-6418 cron job may disclose dspam database password to users)
Your message dated Sat, 26 Jul 2008 09:40:28 + with message-id [EMAIL PROTECTED] and subject line Bug#448519: fixed in dspam 3.6.8-5etch1 has caused the Debian Bug report #448519, regarding libdspam7-drv-mysql: CVE-2007-6418 cron job may disclose dspam database password to users to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 448519: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448519 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libdspam7-drv-mysql Version: 3.6.8-5 Severity: grave Tags: security Justification: user security hole The cron job in /etc/cron.daily/libdspam7-drv-mysql calls mysql like this: /usr/bin/mysql --user=$MYSQL_USER --password=$MYSQL_PASS This makes the database password of the dspam database user visible in the command line, so users may see it using ps. A malicious local user can use this to connect to the dspam databse and read all recent mail of dspam users. This bug is easily fixed my using a config file or environment variable to pass the password to mysql. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.18-5-k7 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages libdspam7-drv-mysql depends on: ii dbconfig-common1.8.29+etch1 common framework for packaging dat ii debconf [debconf-2.0] 1.5.11Debian configuration management sy ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries ii libdspam7 3.6.8-5 DSPAM is a scalable and statistica ii libldap2 2.1.30-13.3 OpenLDAP libraries ii libmysqlclient15off5.0.32-7etch1 mysql database client library ii mysql-client-5.0 [mysq 5.0.32-7etch1 mysql database client binaries ii ucf2.0020Update Configuration File: preserv ii zlib1g 1:1.2.3-13compression library - runtime Versions of packages libdspam7-drv-mysql recommends: ii mysql-server-5.0 [mysql-se 5.0.32-7etch1 mysql database server binaries -- debconf information excluded ---End Message--- ---BeginMessage--- Source: dspam Source-Version: 3.6.8-5etch1 We believe that the bug you reported is fixed in the latest version of dspam, which is due to be installed in the Debian FTP archive: dspam-doc_3.6.8-5etch1_all.deb to pool/main/d/dspam/dspam-doc_3.6.8-5etch1_all.deb dspam-webfrontend_3.6.8-5etch1_all.deb to pool/main/d/dspam/dspam-webfrontend_3.6.8-5etch1_all.deb dspam_3.6.8-5etch1.diff.gz to pool/main/d/dspam/dspam_3.6.8-5etch1.diff.gz dspam_3.6.8-5etch1.dsc to pool/main/d/dspam/dspam_3.6.8-5etch1.dsc dspam_3.6.8-5etch1_i386.deb to pool/main/d/dspam/dspam_3.6.8-5etch1_i386.deb libdspam7-dev_3.6.8-5etch1_i386.deb to pool/main/d/dspam/libdspam7-dev_3.6.8-5etch1_i386.deb libdspam7-drv-db4_3.6.8-5etch1_i386.deb to pool/main/d/dspam/libdspam7-drv-db4_3.6.8-5etch1_i386.deb libdspam7-drv-mysql_3.6.8-5etch1_i386.deb to pool/main/d/dspam/libdspam7-drv-mysql_3.6.8-5etch1_i386.deb libdspam7-drv-pgsql_3.6.8-5etch1_i386.deb to pool/main/d/dspam/libdspam7-drv-pgsql_3.6.8-5etch1_i386.deb libdspam7-drv-sqlite3_3.6.8-5etch1_i386.deb to pool/main/d/dspam/libdspam7-drv-sqlite3_3.6.8-5etch1_i386.deb libdspam7_3.6.8-5etch1_i386.deb to pool/main/d/dspam/libdspam7_3.6.8-5etch1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst [EMAIL PROTECTED] (supplier of updated dspam package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 17 Feb 2008 14:50:03 +0100 Source: dspam Binary: libdspam7-dev libdspam7-drv-pgsql dspam libdspam7-drv-mysql dspam-webfrontend dspam-doc libdspam7-drv-db4 libdspam7 libdspam7-drv-sqlite3 Architecture: source i386 all Version: 3.6.8-5etch1 Distribution: stable-security Urgency: high Maintainer: Debian DSPAM Maintainers [EMAIL PROTECTED] Changed-By: Thijs Kinkhorst [EMAIL PROTECTED] Description: dspam - is a scalable, fast and statistical anti-spam filter dspam-doc - Documentation for dspam
Bug#348888: marked as done (kiosktool needs patching to work with Debian KDE = 3.4)
Your message dated Sat, 26 Jul 2008 09:40:43 +
with message-id [EMAIL PROTECTED]
and subject line Bug#34: fixed in kiosktool 1.0-2~etch+1
has caused the Debian Bug report #34,
regarding kiosktool needs patching to work with Debian KDE = 3.4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
34: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=34
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: kiosktool
Severity: important
Version: 1.0-1.1
Tags: patch
Hello,
Debian's KDE moves /etc/xdg/menus/applications.menu
to /etc/xdg/kde-applications.menu starting with KDE 3.4. This means that
kiosktool must be patched to find this file. The attached patch does this.
Please document the change in the changelog and README.Debian, so that users
understand the change, and will understand why if they upgrade from Sarge's
KDE 3.3 (which still uses /etc/xdg/menus/applications.menu) that their
settings seem to go, etc.
The patch is borrowed from Ubuntu.
Thanks,
Christopher Martin
--- kiosktool.orig/kiosktool/menueditComponent.cpp
+++ kiosktool.patched/kiosktool/menueditComponent.cpp
@@ -104,8 +104,8 @@
{
bool result;
QString menuEditFile = KioskRun::self()-locateLocal(xdgconf-menu, applications-kmenuedit.menu);
- QString menuFile = KioskRun::self()-locate(xdgconf-menu, applications.menu);
- QString menuFileSave = KioskRun::self()-locateSave(xdgconf-menu, applications.menu);
+ QString menuFile = KioskRun::self()-locate(xdgconf-menu, kde-applications.menu);
+ QString menuFileSave = KioskRun::self()-locateSave(xdgconf-menu, kde-applications.menu);
kdDebug() MenuEditComponent: menuEditFile = menuEditFile endl;
kdDebug() MenuEditComponent: menuFile = menuFile endl;
---End Message---
---BeginMessage---
Source: kiosktool
Source-Version: 1.0-2~etch+1
We believe that the bug you reported is fixed in the latest version of
kiosktool, which is due to be installed in the Debian FTP archive:
kiosktool_1.0-2~etch+1.diff.gz
to pool/main/k/kiosktool/kiosktool_1.0-2~etch+1.diff.gz
kiosktool_1.0-2~etch+1.dsc
to pool/main/k/kiosktool/kiosktool_1.0-2~etch+1.dsc
kiosktool_1.0-2~etch+1_i386.deb
to pool/main/k/kiosktool/kiosktool_1.0-2~etch+1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Holger Levsen [EMAIL PROTECTED] (supplier of updated kiosktool package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.7
Date: Mon, 28 Apr 2008 14:20:11 +
Source: kiosktool
Binary: kiosktool
Architecture: source i386
Version: 1.0-2~etch+1
Distribution: stable
Urgency: low
Maintainer: Debian QA Group [EMAIL PROTECTED]
Changed-By: Holger Levsen [EMAIL PROTECTED]
Description:
kiosktool - tool to configure the KDE kiosk framework
Closes: 34
Changes:
kiosktool (1.0-2~etch+1) stable; urgency=low
.
* QA upload to orphan the package, set maintainer to QA group.
* Include patch from Ubuntu to correct the path to the menu file
(Closes: #34) - No thanks for not updating the Debian BTS for that.
Files:
af6b2585b7e660660f0ddb861fee5852 605 kde optional kiosktool_1.0-2~etch+1.dsc
35806fdd01a50e3cedd828e81118af47 3551 kde optional
kiosktool_1.0-2~etch+1.diff.gz
230eb5e5110ce6bece9f9df48fa37aa4 478066 kde optional
kiosktool_1.0-2~etch+1_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIFeeSUHLQNqxYNSARAnFbAJ90xi/3S1rnn49BdJebo4ufuqKLggCgk4wf
aIi8n/qivabJoN/SCuTlBSI=
=DHHD
-END PGP SIGNATURE-
---End Message---
Bug#470685: marked as done (dovecot-pop3d: security holes (login without password, mail extra groups))
Your message dated Sat, 26 Jul 2008 09:40:28 + with message-id [EMAIL PROTECTED] and subject line Bug#470685: fixed in dovecot 1.0.rc15-2etch4 has caused the Debian Bug report #470685, regarding dovecot-pop3d: security holes (login without password, mail extra groups) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 470685: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=470685 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: dovecot-pop3d Version: 1.0.rc15-2etch3 Severity: critical Tags: security Justification: causes serious data loss There are two security issues: http://dovecot.org/list/dovecot-news/2008-March/64.html http://dovecot.org/list/dovecot-news/2008-March/60.html Dated from March 2008, and my last version from Debian stable has been built on Mon, 07 Jan 2008. Please make a updated version available. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-amd64 Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8) Versions of packages dovecot-pop3d depends on: ii dovecot-common 1.0.rc15-2etch3 secure mail server that supports m ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii libssl0.9.80.9.8c-4etch1 SSL shared libraries dovecot-pop3d recommends no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: dovecot Source-Version: 1.0.rc15-2etch4 We believe that the bug you reported is fixed in the latest version of dovecot, which is due to be installed in the Debian FTP archive: dovecot-common_1.0.rc15-2etch4_amd64.deb to pool/main/d/dovecot/dovecot-common_1.0.rc15-2etch4_amd64.deb dovecot-imapd_1.0.rc15-2etch4_amd64.deb to pool/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch4_amd64.deb dovecot-pop3d_1.0.rc15-2etch4_amd64.deb to pool/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch4_amd64.deb dovecot_1.0.rc15-2etch4.diff.gz to pool/main/d/dovecot/dovecot_1.0.rc15-2etch4.diff.gz dovecot_1.0.rc15-2etch4.dsc to pool/main/d/dovecot/dovecot_1.0.rc15-2etch4.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Fabio Tranchitella [EMAIL PROTECTED] (supplier of updated dovecot package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 13 Mar 2008 12:22:32 +0100 Source: dovecot Binary: dovecot-common dovecot-pop3d dovecot-imapd Architecture: source amd64 Version: 1.0.rc15-2etch4 Distribution: stable-security Urgency: high Maintainer: Dovecot Maintainers [EMAIL PROTECTED] Changed-By: Fabio Tranchitella [EMAIL PROTECTED] Description: dovecot-common - secure mail server that supports mbox and maildir mailboxes dovecot-imapd - secure IMAP server that supports mbox and maildir mailboxes dovecot-pop3d - secure POP3 server that supports mbox and maildir mailboxes Closes: 470685 Changes: dovecot (1.0.rc15-2etch4) stable-security; urgency=high . * Security issue: some passdbs allowed users to log in without a valid password (http://dovecot.org/list/dovecot-news/2008-March/64.html) Applied upstream patch for the 1.0.x branch, downloaded from: http://hg.dovecot.org/dovecot-1.0/raw-rev/da2a9372e26e (Closes: #470685) * Security usse: mail_extra_groups setting is often used insecurely (http://dovecot.org/list/dovecot-news/2008-March/60.html). Applied upstream patch for the 1.0.x branch, downloaded from: http://dovecot.org/patches/1.0/dovecot-1.0.10.mail_priv_groups.diff Files: 8146ccf246ed64e1ac8c0127489ec798 1300 mail optional dovecot_1.0.rc15-2etch4.dsc 21959fc45cf0f8932fa9eb890791ff39 102991 mail optional dovecot_1.0.rc15-2etch4.diff.gz 1c2e1ffeb6bf745ed88cde01c62d264a 1222430 mail optional dovecot-common_1.0.rc15-2etch4_amd64.deb c17bac715f188f55ae20e5a3c95109b1 569588 mail optional dovecot-imapd_1.0.rc15-2etch4_amd64.deb 4f64ed0cc16510e9c3d709342b3c57ca 536634 mail optional dovecot-pop3d_1.0.rc15-2etch4_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux)
Bug#485814: marked as done (typo3-src-4.0: Security Issue: TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core)
Your message dated Sat, 26 Jul 2008 09:58:04 + with message-id [EMAIL PROTECTED] and subject line Bug#485814: fixed in typo3-src 4.0.2+debian-5 has caused the Debian Bug report #485814, regarding typo3-src-4.0: Security Issue: TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 485814: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485814 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: typo3-src-4.0 Severity: grave Tags: security Justification: user security hole The TYPO3 developers have discovered a security hole which allows to execute own code in the context of the webserver user. In the same bulletin an issue of cross side scripting is mentioned. More information can be found here: http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/ -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (650, 'testing'), (600, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages typo3-src-4.0 depends on: ii libapache2-mod-php5 5.2.5-3+lenny1 server-side, HTML-embedded scripti ii php5-cgi 5.2.5-3+lenny1 server-side, HTML-embedded scripti ii php5-cli 5.2.5-3+lenny1 command-line interpreter for the p ii ttf-bitstream-vera1.10-7 The Bitstream Vera family of free Versions of packages typo3-src-4.0 recommends: pn catdoc none (no description available) ii exim44.69-5 meta-package to ease Exim MTA (v4) ii exim4-daemon-light [mail 4.69-5+b1 lightweight Exim MTA (v4) daemon ii ghostscript-x [gs] 8.62.dfsg.1-2.1 The GPL Ghostscript PostScript/PDF ii graphicsmagick 1.1.11-3+b1 collection of image processing too ii mysql-server 5.0.51a-6 MySQL database server (meta packag ii mysql-server-5.0 [mysql- 5.0.51a-6 MySQL database server binaries pn php4-xcache | php5-xcach none (no description available) ii php5-gd 5.2.5-3+lenny1 GD module for php5 ii php5-mysql 5.2.5-3+lenny1 MySQL module for php5 ii poppler-utils [xpdf-util 0.6.4-1 PDF utilitites (based on libpopple pn typo3-dummy none (no description available) -- MfG, Christian Welzel GPG-Key: http://www.camlann.de/key.asc Fingerprint: 4F50 19BF 3346 36A6 CFA9 DBDC C268 6D24 70A1 AD15 ---End Message--- ---BeginMessage--- Source: typo3-src Source-Version: 4.0.2+debian-5 We believe that the bug you reported is fixed in the latest version of typo3-src, which is due to be installed in the Debian FTP archive: typo3-src-4.0_4.0.2+debian-5_all.deb to pool/main/t/typo3-src/typo3-src-4.0_4.0.2+debian-5_all.deb typo3-src_4.0.2+debian-5.diff.gz to pool/main/t/typo3-src/typo3-src_4.0.2+debian-5.diff.gz typo3-src_4.0.2+debian-5.dsc to pool/main/t/typo3-src/typo3-src_4.0.2+debian-5.dsc typo3_4.0.2+debian-5_all.deb to pool/main/t/typo3-src/typo3_4.0.2+debian-5_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Christian Welzel [EMAIL PROTECTED] (supplier of updated typo3-src package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 12 Jun 2008 11:54:00 +0200 Source: typo3-src Binary: typo3 typo3-src-4.0 Architecture: source all Version: 4.0.2+debian-5 Distribution: stable-security Urgency: high Maintainer: Christian Welzel [EMAIL PROTECTED] Changed-By: Christian Welzel [EMAIL PROTECTED] Description: typo3 - Powerful content management framework (Meta package) typo3-src-4.0 - Powerful content management framework (Core) Closes: 485814 Changes: typo3-src (4.0.2+debian-5) stable-security; urgency=high . * Fixed security problem Multiple vulnerabilities in TYPO3 Core (TYPO3-20080611-1) with patch taken from 4.0.9. (Closes: #485814) Files: 7d777c2c73dfbedc116cadb3c12af767 610 web optional typo3-src_4.0.2+debian-5.dsc
Bug#464058: marked as done (turba2: Access rights not checked properly)
Your message dated Sat, 26 Jul 2008 09:58:04 + with message-id [EMAIL PROTECTED] and subject line Bug#464058: fixed in turba2 2.1.3-1etch1 has caused the Debian Bug report #464058, regarding turba2: Access rights not checked properly to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 464058: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464058 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: turba2 Version: 2.1.3-1 Severity: normal Access rights do not seem to be checked properly before allowing a user to edit address data as illustrated in the following example: A user adds an address from his or her personal addressbook to a contact list in a shared address book. Now anybody who has write access to the shared address book can also edit this person's address data in the user's personal addressbook. In fact, after manually entering an object_id (which I looked up in the database) from somebody else's address book I found I could edit this data as well. So it seems that when edit.php is passed an object_id, the owner_id and the requesting user's access rights to the addressbook that the owner_id refers to aren't checked. Apparantly knowing the object_id is enough to be able to edit any address! I guess this is left over from the time address books couldn't be shared yet, based on the assumption that people wouldn't be able to guess the pseudo random 32 character id's. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) ---End Message--- ---BeginMessage--- Source: turba2 Source-Version: 2.1.3-1etch1 We believe that the bug you reported is fixed in the latest version of turba2, which is due to be installed in the Debian FTP archive: turba2_2.1.3-1etch1.diff.gz to pool/main/t/turba2/turba2_2.1.3-1etch1.diff.gz turba2_2.1.3-1etch1.dsc to pool/main/t/turba2/turba2_2.1.3-1etch1.dsc turba2_2.1.3-1etch1_all.deb to pool/main/t/turba2/turba2_2.1.3-1etch1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gregory Colpart (evolix) [EMAIL PROTECTED] (supplier of updated turba2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 21 Feb 2008 02:17:51 +0100 Source: turba2 Binary: turba2 Architecture: source all Version: 2.1.3-1etch1 Distribution: stable-security Urgency: high Maintainer: Horde Maintainers [EMAIL PROTECTED] Changed-By: Gregory Colpart (evolix) [EMAIL PROTECTED] Description: turba2 - contact management component for horde framework Closes: 464058 Changes: turba2 (2.1.3-1etch1) stable-security; urgency=high . * Fix unchecked access to contacts in the same SQL table, if the unique key of another user's contact can be guessed. See CVE-2008-0807 for more informations. (Closes: #464058) * Fix privilege escalation in the Horde API. Files: 0aa309ef908c6ab95b62fa6fbb97d7c5 722 web optional turba2_2.1.3-1etch1.dsc a0407717f3f64fb33f6a57e2244a12b4 1790717 web optional turba2_2.1.3.orig.tar.gz fcef7709711274ebf26b99e3032f4e7e 7434 web optional turba2_2.1.3-1etch1.diff.gz 0fb704f257a5d583196e10de104289f0 1860044 web optional turba2_2.1.3-1etch1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHveA2wM/Gs81MDZ0RAix7AKCzys545lPRKunQOBRxfpwhexu57gCgo2JA zzSijNzt4cddZ5aEeOzhFv4= =8IVv -END PGP SIGNATURE- ---End Message---
Bug#462984: marked as done (python-moinmoin: MOIN_ID cookie bug)
Your message dated Sat, 26 Jul 2008 09:57:42 +
with message-id [EMAIL PROTECTED]
and subject line Bug#462984: fixed in moin 1.5.3-1.2etch1
has caused the Debian Bug report #462984,
regarding python-moinmoin: MOIN_ID cookie bug
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
462984: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462984
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: python-moinmoin
Version: 1.5.8-5
Severity: important
Tags: patch
Allows a malicious user to overwrite files via a bogus cookie. Should
the severety on this be grave?
Example exploit: http://www.milw0rm.com/exploits/4957
Here is the upstream patch, which can also be found at
http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630 :
--- a/MoinMoin/user.py Sun Oct 08 15:06:37 2006 +0200
+++ b/MoinMoin/user.py Sun Jan 20 23:27:48 2008 +0100
@@ -6,7 +6,7 @@
@license: GNU GPL, see COPYING for details.
-import os, time, sha, codecs
+import os, time, sha, codecs, re
try:
import cPickle as pickle
@@ -19,6 +19,7 @@ from MoinMoin import config, caching, wi
from MoinMoin import config, caching, wikiutil
from MoinMoin.util import filesys, timefuncs
+USERID_re = re.compile(r'^\d+\.\d+(\.\d+)?$')
def getUserList(request):
Get a list of all (numerical) user IDs.
@@ -27,10 +28,9 @@ def getUserList(request):
@rtype: list
@return: all user IDs
-import re, dircache
-user_re = re.compile(r'^\d+\.\d+(\.\d+)?$')
+import dircache
files = dircache.listdir(request.cfg.user_dir)
-userlist = [f for f in files if user_re.match(f)]
+userlist = [f for f in files if USERID_re.match(f)]
return userlist
@@ -210,7 +210,7 @@ class User:
self._cfg = request.cfg
self.valid = 0
self.trusted = 0
-self.id = id
+self.id = self.id_sanitycheck(id)
self.auth_username = auth_username
self.auth_method = kw.get('auth_method', 'internal')
self.auth_attribs = kw.get('auth_attribs', ())
@@ -298,6 +298,15 @@ class User:
# use it reliably in edit locking
from random import randint
return %s.%d % (str(time.time()), randint(0,65535))
+
+def id_sanitycheck(self, id):
+ only return valid user IDs, avoid someone faking his cookie to
+contain '../../../somefile', breaking out of the data/user/
directory!
+
+if id and USERID_re.match(id):
+return id
+else:
+return None
def create_or_update(self, changed=False):
Create or update a user profile
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages python-moinmoin depends on:
ii moinmoin-common 1.5.8-5Python clone of WikiWiki - common
ii python2.4.4-6An interactive high-level object-o
ii python-support0.7.6 automated rebuilding support for p
Versions of packages python-moinmoin recommends:
ii exim4 4.69-1 meta-package to ease Exim MTA (v4)
ii exim4-daemon-light [mail-tran 4.69-1 lightweight Exim MTA (v4) daemon
-- no debconf information
--
BOFH excuse #345:
Having to manually track the satellite.
---End Message---
---BeginMessage---
Source: moin
Source-Version: 1.5.3-1.2etch1
We believe that the bug you reported is fixed in the latest version of
moin, which is due to be installed in the Debian FTP archive:
moin_1.5.3-1.2etch1.diff.gz
to pool/main/m/moin/moin_1.5.3-1.2etch1.diff.gz
moin_1.5.3-1.2etch1.dsc
to pool/main/m/moin/moin_1.5.3-1.2etch1.dsc
moinmoin-common_1.5.3-1.2etch1_all.deb
to pool/main/m/moin/moinmoin-common_1.5.3-1.2etch1_all.deb
python-moinmoin_1.5.3-1.2etch1_all.deb
to pool/main/m/moin/python-moinmoin_1.5.3-1.2etch1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Viehmann [EMAIL PROTECTED] (supplier of updated moin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL
Bug#473056: marked as done (mplayer: CVE-2008-0073 remote code execution via crafted rtsp stream)
Your message dated Sat, 26 Jul 2008 09:57:42 + with message-id [EMAIL PROTECTED] and subject line Bug#473056: fixed in mplayer 1.0~rc1-12etch3 has caused the Debian Bug report #473056, regarding mplayer: CVE-2008-0073 remote code execution via crafted rtsp stream to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 473056: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473056 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: mplayer Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for mplayer. CVE-2008-0073CVE-2008-0073[0]: | Array index error in the sdpplin_parse function in | input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP | servers to execute arbitrary code via a large streamid SDP parameter. This also affects mplayer since it also uses this code. A patch is available on: http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=12cb075fba8ea09813fc35e0c731d2a64265b637;style=raw If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073CVE-2008-0073 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpswjvFtTWxi.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: mplayer Source-Version: 1.0~rc1-12etch3 We believe that the bug you reported is fixed in the latest version of mplayer, which is due to be installed in the Debian FTP archive: mplayer-doc_1.0~rc1-12etch3_all.deb to pool/main/m/mplayer/mplayer-doc_1.0~rc1-12etch3_all.deb mplayer_1.0~rc1-12etch3.diff.gz to pool/main/m/mplayer/mplayer_1.0~rc1-12etch3.diff.gz mplayer_1.0~rc1-12etch3.dsc to pool/main/m/mplayer/mplayer_1.0~rc1-12etch3.dsc mplayer_1.0~rc1-12etch3_amd64.deb to pool/main/m/mplayer/mplayer_1.0~rc1-12etch3_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. A Mennucc1 [EMAIL PROTECTED] (supplier of updated mplayer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sat, 29 Mar 2008 07:53:32 +0100 Source: mplayer Binary: mplayer-doc mplayer Architecture: source amd64 all Version: 1.0~rc1-12etch3 Distribution: stable-security Urgency: low Maintainer: A Mennucc1 [EMAIL PROTECTED] Changed-By: A Mennucc1 [EMAIL PROTECTED] Description: mplayer- The Movie Player mplayer-doc - documentation for MPlayer Closes: 473056 Changes: mplayer (1.0~rc1-12etch3) stable-security; urgency=low . * fix CVE-2008-0073, remote code execution via crafted rtsp stream, thanks to Nico Golde and Reimar Döffinger (Closes: #473056). Files: 6ccb62e72b94fa4c797975a36766bb45 1265 graphics optional mplayer_1.0~rc1-12etch3.dsc 54e2210e0f0eaa596acf6210b050fb50 81742 graphics optional mplayer_1.0~rc1-12etch3.diff.gz 2a88c44b4fa0e754660948ea7e42b8e4 2053074 graphics optional mplayer-doc_1.0~rc1-12etch3_all.deb 8f8fb89d21cfc0d8eb028451208f6fb9 4372894 graphics optional mplayer_1.0~rc1-12etch3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH7fdu9B/tjjP8QKQRAn9TAJ9EbUIgCWvHLYnu2K7aSnYCNwnddACgiaIB I4Kuou4VoJwVClF/uxPe9sI= =Hpdt -END PGP SIGNATURE- ---End Message---
Bug#440411: marked as done (checkrestart: arbitrary root-privileged command execution)
Your message dated Sat, 26 Jul 2008 09:40:26 + with message-id [EMAIL PROTECTED] and subject line Bug#440411: fixed in debian-goodies 0.27+etch1 has caused the Debian Bug report #440411, regarding checkrestart: arbitrary root-privileged command execution to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 440411: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440411 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: debian-goodies Version: 0.33 Severity: grave Tags: security Hi, The checkrestart program from debian-goodies (both latest 0.33 and stable 0.27) allows arbitrary command execution with root privileges. Example: $ cp /bin/sleep ; OWNED $ ./; OWNED 1000 $ rm ; OWNED $ sudo checkrestart ... sh: OWNED: command not found ... Since this program is likely launched as a daily root cron job on some systems, I think this is a grave security hole. The cause of the problem is the way dpkg --search is spawned from the main() function: ... dpkgQuery = 'dpkg --search ' + ' '.join(programs.keys()) for line in os.popen(dpkgQuery).readlines(): ... In my above example, one of the programs.keys() is ; OWNED, and thus the executed command is dpkg --search ... ; OWNED Fixing this should be as easy as: ... import subprocess ... dpkgQuery = [dpkg, --search] + programs.keys() dpkgProc = subprocess.Popen(dpkgQuery, stdout=subprocess.PIPE) for line in dpkgProc.stdout.readlines(): ... This way, the command arguments are all well separated, without any shell interpretation. PS: sorry for any mistake i may have done in the way i've reported this bug. I'm not a Debian user, so i'm not used to your system. Actually, i just happened to come accross this checkrestart script reading a gentoo-dev@ post: http://article.gmane.org/gmane.linux.gentoo.devel/51366/ -- TGL. ---End Message--- ---BeginMessage--- Source: debian-goodies Source-Version: 0.27+etch1 We believe that the bug you reported is fixed in the latest version of debian-goodies, which is due to be installed in the Debian FTP archive: debian-goodies_0.27+etch1.dsc to pool/main/d/debian-goodies/debian-goodies_0.27+etch1.dsc debian-goodies_0.27+etch1.tar.gz to pool/main/d/debian-goodies/debian-goodies_0.27+etch1.tar.gz debian-goodies_0.27+etch1_all.deb to pool/main/d/debian-goodies/debian-goodies_0.27+etch1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst [EMAIL PROTECTED] (supplier of updated debian-goodies package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 24 Mar 2008 15:25:59 +0100 Source: debian-goodies Binary: debian-goodies Architecture: source all Version: 0.27+etch1 Distribution: stable-security Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a [EMAIL PROTECTED] Changed-By: Thijs Kinkhorst [EMAIL PROTECTED] Description: debian-goodies - Small toolbox-style utilities for Debian systems Closes: 440411 Changes: debian-goodies (0.27+etch1) stable-security; urgency=high . * Fix security bug that enables users to generate files in the filesystem with shell metacharacters and have the checkrestart script run external code (as root, since the script will only run as admin). Thanks to Thomas de Grenier de Latour for spotting this and providing a patch. (CVE-2007-3912, Closes: 440411) Files: 8653d033f9e6b9f0949fab2cc1813970 836 utils optional debian-goodies_0.27+etch1.dsc 089ff8f154eb3fe4bc47dd85f1581a65 28708 utils optional debian-goodies_0.27+etch1.tar.gz 2739973911e8b0d9ec12559507f6a708 36868 utils optional debian-goodies_0.27+etch1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR+e62mz0hbPcukPfAQJYoAf/Vpo+8A6hntrKOR7jDp4pGT9v7HWhhJDS wltzzk4odJkE4OFrIi69roUACp6O46xRAvCi1KJjj/JizXjmcNGPsYoXq7sSUPNS uK7GZ0/Cnf70ArAM8hvu7m1+nggs7DEB/LdhJWvItYKufD4oBAP7XihDQPVe5kIr TCufoECwlt/Xd38bKR3dDWoP/Iu39JJ6vhVL84lKxt5d1viQ3cetajGzkWqnESdj srmuwclluK+gq68/va2blvgcKaZRweD8FI2YM5mF1P3OHdzPn2fGN7vK7YfsGZBh x8MYgNVkI5LGZE9QnDKLtF9ag5xPvWaPTo1PRcgITwdlyABaHI8CTQ== =3f0S -END PGP SIGNATURE- ---End
Bug#488934: marked as done (licq: ICQ Protocal Changes: Unknown sign on error: 0x1C.)
Your message dated Sat, 26 Jul 2008 09:40:50 + with message-id [EMAIL PROTECTED] and subject line Bug#488934: fixed in licq 1.3.4-2etch1 has caused the Debian Bug report #488934, regarding licq: ICQ Protocal Changes: Unknown sign on error: 0x1C. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 488934: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488934 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: licq Version: 1.3.4-2 Severity: grave Tags: patch Justification: renders package unusable Mirabillis apparently has changed the protocol of LICQ to prevent 3rd party clients to connect. Licq is also affected and cannot connect anymore. Unknown sign on error: 0x1C. The Licq coders have already built a patch: http://www.licq.org/ticket/1637 -Benoit- -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.20.2 Locale: LANG=de_CH, LC_CTYPE=de_CH (charmap=ISO-8859-1) Versions of packages licq depends on: ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii libgcc11:4.1.1-21GCC support library ii libgpg-error0 1.4-1 library for common error values an ii libgpgme11 1.1.2-5 GPGME - GnuPG Made Easy ii libssl0.9.80.9.8c-4etch3 SSL shared libraries ii libstdc++6 4.1.1-21 The GNU Standard C++ Library v3 ii licq-plugin-console [l 1.3.4-2 console user interface plug-in for ii licq-plugin-kde [licq- 1.3.4-2 graphical user interface plug-in f ii licq-plugin-msn [licq- 1.3.4-2 MSN plug-in for Licq ii licq-plugin-qt [licq-p 1.3.4-2 graphical user interface plug-in f Versions of packages licq recommends: ii sox 12.17.9-1 A universal sound sample translato -- no debconf information ---End Message--- ---BeginMessage--- Source: licq Source-Version: 1.3.4-2etch1 We believe that the bug you reported is fixed in the latest version of licq, which is due to be installed in the Debian FTP archive: licq-dev_1.3.4-2etch1_all.deb to pool/main/l/licq/licq-dev_1.3.4-2etch1_all.deb licq-plugin-autoreply_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-autoreply_1.3.4-2etch1_i386.deb licq-plugin-console_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-console_1.3.4-2etch1_i386.deb licq-plugin-forwarder_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-forwarder_1.3.4-2etch1_i386.deb licq-plugin-kde_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-kde_1.3.4-2etch1_i386.deb licq-plugin-msn_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-msn_1.3.4-2etch1_i386.deb licq-plugin-osd_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-osd_1.3.4-2etch1_i386.deb licq-plugin-qt_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-qt_1.3.4-2etch1_i386.deb licq-plugin-rms_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq-plugin-rms_1.3.4-2etch1_i386.deb licq_1.3.4-2etch1.diff.gz to pool/main/l/licq/licq_1.3.4-2etch1.diff.gz licq_1.3.4-2etch1.dsc to pool/main/l/licq/licq_1.3.4-2etch1.dsc licq_1.3.4-2etch1_i386.deb to pool/main/l/licq/licq_1.3.4-2etch1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Frank Lichtenheld [EMAIL PROTECTED] (supplier of updated licq package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 14 Jul 2008 14:34:05 +0200 Source: licq Binary: licq-plugin-msn licq licq-plugin-kde licq-plugin-rms licq-plugin-console licq-plugin-qt licq-dev licq-plugin-osd licq-plugin-forwarder licq-plugin-autoreply Architecture: source i386 all Version: 1.3.4-2etch1 Distribution: stable Urgency: low Maintainer: Debian QA Group [EMAIL PROTECTED] Changed-By: Frank Lichtenheld [EMAIL PROTECTED] Description: licq - ICQ client (base files) licq-dev - Licq development and header files licq-plugin-autoreply - autoreply plug-in for Licq licq-plugin-console - console user interface plug-in for Licq licq-plugin-forwarder - forwarder plug-in for Licq
Bug#457828: marked as done (chkrootkit: Killing a random PID with an arbitrary signal to test whether it is a trojan is extremely unpolite)
Your message dated Sat, 26 Jul 2008 09:40:23 + with message-id [EMAIL PROTECTED] and subject line Bug#421864: fixed in chkrootkit 0.47-2 has caused the Debian Bug report #421864, regarding chkrootkit: Killing a random PID with an arbitrary signal to test whether it is a trojan is extremely unpolite to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 421864: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421864 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: chkrootkit Version: 0.47-1.1 Severity: critical Justification: breaks unrelated software In testing for the Enye LKM, chkrootkit sends signal 58 to PID 12345. This has a chance of hitting any one process of 1/32767. On the system I am typing this on in its current state, I have 350 processes running, and it is not currently busy, so that's 1/100 chance of hitting a process by random. If the system is up for a while, and I run chkrootkit in a daily cronjob, I can expect a random process to be sent signal 58 once every 100 days or so. The other day, it killed gnuplot_x11, which I only noticed once I read my mail saying chkrootkit had Enye LKM found. It certainly explained why a script of mine got confused, and I could tell it had killed gnuplot_x11 because it was still in a zombie state, having not yet been reaped by gnuplot, and it was running as pid 12345. There are reports on the net of it killing other processes. That signal number is not documented in 'man 7 signal', so I guess it's not likely anything would install a signal handler than could deal with 58. Presumably chkrootkit is hoping that signal would be rejected by the kernel as invalid, but that assumption is invalid today: $ sleep 1000 [1] 19277 $ kill -58 19277 [1]+ Real-time signal 24 sleep 1000 $ Incidentally, the documentation of the tests in chkproc.c needs a lot of work: 'man 2 kill' doesn't describe kill as ever being able to return a positive error value, but of course it must, because I got the Enye LKM found message. It took me a while to work out that that code was trying to do anything other than detect for the presence of pid 12345. Perhaps the signals it is sending could be better documented, as to the test for the error return value, and indeed the prevous test for the Adobe LKM, using an errno magic number instead of symbolic name. And why it sends signal 100 to init first without testing the result. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.23 (SMP w/2 CPU cores) Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages chkrootkit depends on: ii binutils2.18.1~cvs20071027-2 The GNU assembler, linker and bina ii debconf [debconf-2. 1.5.17 Debian configuration management sy ii libc6 2.7-5GNU C Library: Shared libraries ii net-tools 1.60-19 The NET-3 networking toolkit ii procps 1:3.2.7-5/proc file system utilities chkrootkit recommends no packages. -- debconf information: chkrootkit/run_daily: false chkrootkit/run_daily_opts: -q chkrootkit/diff_mode: false ---End Message--- ---BeginMessage--- Source: chkrootkit Source-Version: 0.47-2 We believe that the bug you reported is fixed in the latest version of chkrootkit, which is due to be installed in the Debian FTP archive: chkrootkit_0.47-2.diff.gz to pool/main/c/chkrootkit/chkrootkit_0.47-2.diff.gz chkrootkit_0.47-2.dsc to pool/main/c/chkrootkit/chkrootkit_0.47-2.dsc chkrootkit_0.47-2_amd64.deb to pool/main/c/chkrootkit/chkrootkit_0.47-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Francois Marier [EMAIL PROTECTED] (supplier of updated chkrootkit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 25 Apr 2008 11:01:00 +1200 Source: chkrootkit Binary: chkrootkit Architecture: source amd64 Version: 0.47-2 Distribution: stable Urgency: low Maintainer:
Bug#487238: marked as done (ruby1.8: Arbitrary code execution vulnerability and so on)
Your message dated Sat, 26 Jul 2008 09:57:57 + with message-id [EMAIL PROTECTED] and subject line Bug#487238: fixed in ruby1.8 1.8.5-4etch2 has caused the Debian Bug report #487238, regarding ruby1.8: Arbitrary code execution vulnerability and so on to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 487238: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487238 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: ruby1.8 Version: 1.8.6.114-2 Severity: grave Tags: security Justification: user security hole The upstream has announced multiple vulnerabilities in Ruby. They may lead to a denial of service (DoS) condition or allow execution of arbitrary code. * CVE-2008-2662 * CVE-2008-2663 * CVE-2008-2725 * CVE-2008-2726 * CVE-2008-2727 * CVE-2008-2728 * CVE-2008-2664 Vulnerable versions 1.8 series * 1.8.4 and all prior versions * 1.8.5-p230 and all prior versions * 1.8.6-p229 and all prior versions * 1.8.7-p21 and all prior versions 1.9 series * 1.9.0-1 and all prior versions -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'stable'), (90, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=ja_JP.eucJP, LC_CTYPE=ja_JP.eucJP (charmap=EUC-JP) Shell: /bin/sh linked to /bin/bash Versions of packages ruby1.8 depends on: ii libc62.7-10 GNU C Library: Shared libraries ii libruby1.8 1.8.6.114-2 Libraries necessary to run Ruby 1. ruby1.8 recommends no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: ruby1.8 Source-Version: 1.8.5-4etch2 We believe that the bug you reported is fixed in the latest version of ruby1.8, which is due to be installed in the Debian FTP archive: irb1.8_1.8.5-4etch2_all.deb to pool/main/r/ruby1.8/irb1.8_1.8.5-4etch2_all.deb libdbm-ruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch2_i386.deb libgdbm-ruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch2_i386.deb libopenssl-ruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch2_i386.deb libreadline-ruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch2_i386.deb libruby1.8-dbg_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch2_i386.deb libruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libruby1.8_1.8.5-4etch2_i386.deb libtcltk-ruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch2_i386.deb rdoc1.8_1.8.5-4etch2_all.deb to pool/main/r/ruby1.8/rdoc1.8_1.8.5-4etch2_all.deb ri1.8_1.8.5-4etch2_all.deb to pool/main/r/ruby1.8/ri1.8_1.8.5-4etch2_all.deb ruby1.8-dev_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch2_i386.deb ruby1.8-elisp_1.8.5-4etch2_all.deb to pool/main/r/ruby1.8/ruby1.8-elisp_1.8.5-4etch2_all.deb ruby1.8-examples_1.8.5-4etch2_all.deb to pool/main/r/ruby1.8/ruby1.8-examples_1.8.5-4etch2_all.deb ruby1.8_1.8.5-4etch2.diff.gz to pool/main/r/ruby1.8/ruby1.8_1.8.5-4etch2.diff.gz ruby1.8_1.8.5-4etch2.dsc to pool/main/r/ruby1.8/ruby1.8_1.8.5-4etch2.dsc ruby1.8_1.8.5-4etch2_i386.deb to pool/main/r/ruby1.8/ruby1.8_1.8.5-4etch2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. akira yamada [EMAIL PROTECTED] (supplier of updated ruby1.8 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 10 Jul 2008 14:58:13 +0900 Source: ruby1.8 Binary: libtcltk-ruby1.8 libruby1.8-dbg rdoc1.8 libgdbm-ruby1.8 ruby1.8-dev ruby1.8-elisp ruby1.8-examples libdbm-ruby1.8 irb1.8 ruby1.8 libreadline-ruby1.8 libopenssl-ruby1.8 libruby1.8 ri1.8 Architecture: source i386 all Version: 1.8.5-4etch2 Distribution: stable-security Urgency: low Maintainer: akira yamada [EMAIL PROTECTED] Changed-By: akira yamada [EMAIL PROTECTED] Description: irb1.8 - Interactive Ruby (for Ruby 1.8) libdbm-ruby1.8 - DBM interface for Ruby 1.8 libgdbm-ruby1.8 - GDBM interface for Ruby 1.8 libopenssl-ruby1.8 - OpenSSL interface for
Bug#459961: marked as done (mt-daapd: CVE-2007-582[4,5] multiple security vulnerabilities)
Your message dated Sat, 26 Jul 2008 09:57:42 +
with message-id [EMAIL PROTECTED]
and subject line Bug#459961: fixed in mt-daapd 0.2.4+r1376-1.1+etch1
has caused the Debian Bug report #459961,
regarding mt-daapd: CVE-2007-582[4,5] multiple security vulnerabilities
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
459961: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459961
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: mt-daapd
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for mt-daapd.
CVE-2007-5824[0]:
| webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier
| allows remote attackers to cause a denial of service (NULL dereference
| and daemon crash) via a stats method action to /xml-rpc with (1) an
| empty Authorization header line, which triggers a crash in the
| ws_decodepassword function; or (2) a header line without a ':'
| character, which triggers a crash in the ws_getheaders function.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
A patch extracted from upstream CVS is attached.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
#! /bin/sh /usr/share/dpatch/dpatch-run
## CVE-2007-5825-2007-5825.dpatch by Nico Golde [EMAIL PROTECTED]
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad mt-daapd-0.9~r1586~/src/webserver.c
mt-daapd-0.9~r1586/src/webserver.c
--- mt-daapd-0.9~r1586~/src/webserver.c 2007-05-17 06:26:33.0 +0200
+++ mt-daapd-0.9~r1586/src/webserver.c 2008-01-09 22:19:22.0 +0100
@@ -758,7 +758,7 @@
free(value);
}
-if(!last) {
+if(last == first) {
DPRINTF(E_DBG,L_WS,Thread %d: Done parsing GET/POST args!\n,
pwsc-threadno);
done=1;
@@ -961,12 +961,11 @@
if((auth_handler) (auth_handler(pwsc,NULL,NULL)==0)) {
/* do the auth thing */
auth=ws_getarg(pwsc-request_headers,Authorization);
-if(auth) {
-ws_decodepassword(auth,username,password);
+if((auth) (ws_decodepassword(auth,username, password))) {
if(auth_handler(pwsc,username,password))
can_dispatch=1;
-ws_addarg(pwsc-request_vars,HTTP_USER,username);
-ws_addarg(pwsc-request_vars,HTTP_PASSWD,password);
+ws_addarg(pwsc-request_vars,HTTP_USER,%s, username);
+ws_addarg(pwsc-request_vars,HTTP_PASSWD, %s,
password);
free(username); /* this frees password too */
}
@@ -1430,6 +1429,7 @@
int pads=0;
unsigned char *decodebuffer;
unsigned char *pin, *pout;
+char *type,*base64;
int lookup;
*username=NULL;
@@ -1458,21 +1458,34 @@
return -1;
/* xlat table is initialized */
-while(*header != ' ')
+// Trim leading spaces
+while((*header) (*header == ' '))
header++;
-header++;
+// Should be in the form Basic base-64 enc username/pw
+type=header;
+base64 = strchr(header,' ');
+if(!base64) {
+// invalid auth header
+ws_dprintf(L_WS_DBG,Bad authentication header: %s\n,header);
+WS_EXIT();
+return FALSE;
+}
+
+*base64 = '\0';
+base64++;
+
+decodebuffer=(unsigned char *)malloc(strlen(base64));
-decodebuffer=(unsigned char *)malloc(strlen(header));
if(!decodebuffer)
return -1;
-DPRINTF(E_DBG,L_WS,Preparing to decode %s\n,header);
+DPRINTF(E_DBG,L_WS,Preparing to decode %s\n,base64);
-memset(decodebuffer,0,strlen(header));
+memset(decodebuffer,0,strlen(base64));
len=0;
pout=decodebuffer;
-pin=(unsigned char *)header;
+pin=(unsigned char *)base64;
/* this is more than a little sloppy */
while(pin[rack]) {
pgp2sAIyrjYJH.pgp
Description: PGP signature
---End Message---
---BeginMessage---
Source: mt-daapd
Source-Version: 0.2.4+r1376-1.1+etch1
We believe that the bug you reported is fixed in the latest version of
mt-daapd, which is due to be installed in the Debian FTP archive:
mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
Bug#450951: marked as done (grub can't get installed past 1TB)
Your message dated Sat, 26 Jul 2008 09:40:35 + with message-id [EMAIL PROTECTED] and subject line Bug#450951: fixed in grub 0.97-27etch1 has caused the Debian Bug report #450951, regarding grub can't get installed past 1TB to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 450951: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450951 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: grub Version: 0.97-28 Severity: normal Hi, When trying to install grub past 1TB, it fails with error 18 (18 : Selected cylinder exceeds maximum supported by BIOS). This is because the HDIO_GETGEO ioctl is limited to 65535 cylinders (i.e. ~1TB), and for bigger values Linux just returns 65535. I'm not sure where the fix should be done: should the kernel error out when the cylinders don't fit, or should grub recognize 65535 as a bogus value and compute a fake geometry by itself? Or both? Note: there is another bug in bochs's bios which prevents from testing with bochs or qemu the patch is available on the bochs list, I'll probably file a bug against the bochs package too. Samuel -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.23 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages grub depends on: ii libc6 2.6.1-6GNU C Library: Shared libraries ii libncurses5 5.6+20071013-1 Shared libraries for terminal hand grub recommends no packages. -- no debconf information -- Samuel P moo N moo ? D P: keski t'arrive? :)) P m N moo ? P rien le net marche je suis content :) -+- #ens-mim - accro du net -+- ---End Message--- ---BeginMessage--- Source: grub Source-Version: 0.97-27etch1 We believe that the bug you reported is fixed in the latest version of grub, which is due to be installed in the Debian FTP archive: grub-disk_0.97-27etch1_all.deb to pool/main/g/grub/grub-disk_0.97-27etch1_all.deb grub-doc_0.97-27etch1_all.deb to pool/main/g/grub/grub-doc_0.97-27etch1_all.deb grub_0.97-27etch1.diff.gz to pool/main/g/grub/grub_0.97-27etch1.diff.gz grub_0.97-27etch1.dsc to pool/main/g/grub/grub_0.97-27etch1.dsc grub_0.97-27etch1_amd64.deb to pool/main/g/grub/grub_0.97-27etch1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Robert Millan [EMAIL PROTECTED] (supplier of updated grub package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 6 Apr 2008 14:37:36 +0200 Source: grub Binary: grub-disk grub grub-doc Architecture: source amd64 all Version: 0.97-27etch1 Distribution: stable Urgency: low Maintainer: Grub Maintainers [EMAIL PROTECTED] Changed-By: Robert Millan [EMAIL PROTECTED] Description: grub - GRand Unified Bootloader grub-disk - GRUB bootable disk image grub-doc - Documentation for GRand Unified Bootloader Closes: 450951 Changes: grub (0.97-27etch1) stable; urgency=low . * 1tib_disk_limit.diff: Fix 1 TiB disk addressing limit. (Closes: #450951) Files: 308537dbfc7f549e142baa6d99520a1d 906 admin optional grub_0.97-27etch1.dsc cb1f39d551a6c70159ce91d44dddccbb 76518 admin optional grub_0.97-27etch1.diff.gz ff193424ddf7f61f0c8194aac639a6e3 883618 admin optional grub_0.97-27etch1_amd64.deb e95f8cc654b071a9895d23b74b2aad56 245074 admin optional grub-disk_0.97-27etch1_all.deb de2c52075b4d848bdc8a20ed0fbc34c6 273244 doc optional grub-doc_0.97-27etch1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH+MUbC19io6rUCv8RAsx0AJ9bzjgMz1sqzk/DEj1jii3KMB7zKgCeIbXb 8Prxws06dMaYQQk6lX/lP0w= =8+Al -END PGP SIGNATURE- ---End Message---
Bug#445582: marked as done (ldapscripts shows passwords in the clear on the command line)
Your message dated Sat, 26 Jul 2008 09:40:45 +
with message-id [EMAIL PROTECTED]
and subject line Bug#445582: fixed in ldapscripts 1.4-2etch1
has caused the Debian Bug report #445582,
regarding ldapscripts shows passwords in the clear on the command line
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
445582: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=445582
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: ldapscripts
Severity: serious
Version: 1.4-2
Tag: security
Unless you're running grsecurity or some other patched kernel, the
following cannot be good:
_changepassword () {
if [ -z $1 ] || [ -z $2 ]
then
end_die _changepassword : missing argument(s)
else
if is_yes $RECORDPASSWORDS
then
echo $2 : $1 $PASSWORDFILE
fi
$LDAPPASSWDBIN -w $BINDPWD -D $BINDDN -xH ldap://$SERVER; -s $1 $2
2$LOGFILE 1/dev/null
fi
}
Don Armstrong
--
This message brought to you by weapons of mass destruction related
program activities, and the letter G.
http://www.donarmstrong.com http://rzlab.ucr.edu
---End Message---
---BeginMessage---
Source: ldapscripts
Source-Version: 1.4-2etch1
We believe that the bug you reported is fixed in the latest version of
ldapscripts, which is due to be installed in the Debian FTP archive:
ldapscripts_1.4-2etch1.diff.gz
to pool/main/l/ldapscripts/ldapscripts_1.4-2etch1.diff.gz
ldapscripts_1.4-2etch1.dsc
to pool/main/l/ldapscripts/ldapscripts_1.4-2etch1.dsc
ldapscripts_1.4-2etch1_all.deb
to pool/main/l/ldapscripts/ldapscripts_1.4-2etch1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thijs Kinkhorst [EMAIL PROTECTED] (supplier of updated ldapscripts package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.7
Date: Sat, 15 Mar 2008 22:03:09 +0100
Source: ldapscripts
Binary: ldapscripts
Architecture: source all
Version: 1.4-2etch1
Distribution: stable-security
Urgency: high
Maintainer: Pierre Habouzit [EMAIL PROTECTED]
Changed-By: Thijs Kinkhorst [EMAIL PROTECTED]
Description:
ldapscripts - Add and remove user and groups (stored in a ldap directory)
Closes: 445582
Changes:
ldapscripts (1.4-2etch1) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix information disclosure (password used on command line) with
upstream patch. Closes: #445582. CVE-2007-5373
Files:
dabe3144f01910f1f055a2a6d9b63148 883 admin optional ldapscripts_1.4-2etch1.dsc
4d4fd01f12940bf2272cf9b2a27e34c5 8429 admin optional
ldapscripts_1.4-2etch1.diff.gz
52a069bdb720fb9d9897f96dbc150c8a 28482 admin optional
ldapscripts_1.4-2etch1_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR9w5wWz0hbPcukPfAQJnKgf8DCIRoNu2ZeW1CBLMbfJiqqwWve53IbKV
a8eWXv3h/cewz5AorqPlIJjxShu2aQ0gxo6XFRlNOw0bMdkPo1cYvIf+yH6KcHzU
/IHX+U4mGpb3mATVHYsF5PibP599ge09qJBWNC3XQwcBcQ9Jx3N2nNtnzSHNElHP
JA7b9VefiNUZIMsEkOfzCiiOV+vChYX9tSVZUyEb2/LaukA5cgSwa2ylWlD2pM7+
AmwYesLPhoZCho/KiwA8E5ZJ9/cRdC668wbvrQiXuEaT2r5xZQrPdEdpAWAbqnTj
cr4qLTek51SAugPKINuKXZ7XJcTd4hmXQOjYZGxg9KtJems1zrqcSw==
=M9Lm
-END PGP SIGNATURE-
---End Message---
Bug#432665: marked as done (wxmaxima: Not connected to maxima!)
Your message dated Sat, 26 Jul 2008 09:58:07 + with message-id [EMAIL PROTECTED] and subject line Bug#432665: fixed in wxmaxima 0.7.0a-1.1 has caused the Debian Bug report #432665, regarding wxmaxima: Not connected to maxima! to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 432665: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432665 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Subject: wxmaxima: Not connected to maxima! Package: wxmaxima Version: 0.7.0a-1 Severity: grave Justification: renders package unusable If I launch wxmaxima I have this message Not connected to maxima!. I tried a solution to change in the file /home/arnaud/.wxMaxima the line maxima=1 with maxima=/usr/bin/maxima or maxima=/usr/bin/maxima I read this on a reportbug for wxmaxima 0.7.1, but it does not work here. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Versions of packages wxmaxima depends on: ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii libgcc11:4.1.1-21GCC support library ii libstdc++6 4.1.1-21 The GNU Standard C++ Library v3 ii libwxbase2.6-0 2.6.3.2.1.5 wxBase library (runtime) - non-GUI ii libwxgtk2.6-0 2.6.3.2.1.5 wxWidgets Cross-platform C++ GUI t ii libxml22.6.27.dfsg-1 GNOME XML library ii maxima 5.10.0-6 A computer algebra system -- base ii maxima-doc 5.10.0-6 A computer algebra system -- docum wxmaxima recommends no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: wxmaxima Source-Version: 0.7.0a-1.1 We believe that the bug you reported is fixed in the latest version of wxmaxima, which is due to be installed in the Debian FTP archive: wxmaxima_0.7.0a-1.1.diff.gz to pool/main/w/wxmaxima/wxmaxima_0.7.0a-1.1.diff.gz wxmaxima_0.7.0a-1.1.dsc to pool/main/w/wxmaxima/wxmaxima_0.7.0a-1.1.dsc wxmaxima_0.7.0a-1.1_powerpc.deb to pool/main/w/wxmaxima/wxmaxima_0.7.0a-1.1_powerpc.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Charles Plessy [EMAIL PROTECTED] (supplier of updated wxmaxima package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 27 Apr 2008 15:40:50 +0900 Source: wxmaxima Binary: wxmaxima Architecture: source powerpc Version: 0.7.0a-1.1 Distribution: stable Urgency: low Maintainer: Rafa Rodriguez Galvan [EMAIL PROTECTED] Changed-By: Charles Plessy [EMAIL PROTECTED] Description: wxmaxima - a wxWidgets GUI for the computer algebra system maxima Closes: 432665 Changes: wxmaxima (0.7.0a-1.1) stable; urgency=low . * Non-maintainer upload. * Imported the patch from bug 1573741 in Upstream's bugtracker. This solves grave connexion problems. (Closes: #432665) Files: f9ef34f01497384a6f8e5305204c480e 707 math optional wxmaxima_0.7.0a-1.1.dsc f8608cf1d30654adcfb530f722dee49e 7551 math optional wxmaxima_0.7.0a-1.1.diff.gz 06480f10d0d6864387a2371a56e11d03 490934 math optional wxmaxima_0.7.0a-1.1_powerpc.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIFCkNdYl1krr+x/IRAuvJAJ9aabaJcF2IYTOkeVhtts6bjNc/TwCfUIEV 0R8ajV0B2tDFkElH+PrbMR4= =gskX -END PGP SIGNATURE- ---End Message---
Bug#421864: marked as done (chkrootkit: false positive for Enye LKM)
Your message dated Sat, 26 Jul 2008 09:40:23 + with message-id [EMAIL PROTECTED] and subject line Bug#421864: fixed in chkrootkit 0.47-2 has caused the Debian Bug report #421864, regarding chkrootkit: false positive for Enye LKM to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 421864: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421864 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: chkrootkit Version: 0.47-1.1 Severity: normal The check for the Enye LKM seems pretty bogus as described here: http://guru.multimedia.cx/a-few-days-ago-chkrootkit-told-me-enye-lkm-found/ I had exactly the same experience... Chris -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (700, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Versions of packages chkrootkit depends on: ii binutils2.17-3 The GNU assembler, linker and bina ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii net-tools 1.60-17 The NET-3 networking toolkit ii procps 1:3.2.7-3/proc file system utilities chkrootkit recommends no packages. -- debconf information: * chkrootkit/run_daily_opts: -q * chkrootkit/run_daily: true * chkrootkit/diff_mode: false ---End Message--- ---BeginMessage--- Source: chkrootkit Source-Version: 0.47-2 We believe that the bug you reported is fixed in the latest version of chkrootkit, which is due to be installed in the Debian FTP archive: chkrootkit_0.47-2.diff.gz to pool/main/c/chkrootkit/chkrootkit_0.47-2.diff.gz chkrootkit_0.47-2.dsc to pool/main/c/chkrootkit/chkrootkit_0.47-2.dsc chkrootkit_0.47-2_amd64.deb to pool/main/c/chkrootkit/chkrootkit_0.47-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Francois Marier [EMAIL PROTECTED] (supplier of updated chkrootkit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 25 Apr 2008 11:01:00 +1200 Source: chkrootkit Binary: chkrootkit Architecture: source amd64 Version: 0.47-2 Distribution: stable Urgency: low Maintainer: Francois Marier [EMAIL PROTECTED] Changed-By: Francois Marier [EMAIL PROTECTED] Description: chkrootkit - Checks for signs of rootkits on the local system Closes: 421864 Changes: chkrootkit (0.47-2) stable; urgency=low . * Remove Enye check which was killing random applications (closes: #421864) * Set myself as maintainer since the package has been orphaned Files: b78884bf7fa7689da62291c756f993b4 606 misc optional chkrootkit_0.47-2.dsc 214e4e4cdca809cfd4b6d15cc022247b 20312 misc optional chkrootkit_0.47-2.diff.gz 8eb4c9c8dcb29b9057d3c020149fc150 292468 misc optional chkrootkit_0.47-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIERFsScUZKBnQNIYRAtayAJ9/iyclktNbocXGxIwxFm+f54+SwACeNKHe N14v4PDS4RnGr1oJ+zr5qn4= =vWET -END PGP SIGNATURE- ---End Message---
Bug#483410: marked as done (CVE-2008-1105: Boundary failure when parsing SMB responses can result in a buffer overrun)
Your message dated Sat, 26 Jul 2008 09:57:58 + with message-id [EMAIL PROTECTED] and subject line Bug#483410: fixed in samba 3.0.24-6etch10 has caused the Debian Bug report #483410, regarding CVE-2008-1105: Boundary failure when parsing SMB responses can result in a buffer overrun to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 483410: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483410 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: samba Version: 3.0.14a-3sarge11 Severity: critical Tags: security patch Justification: root security hole Patch 1 is for etch Patch 2 is the official patch released by the Samba Team. Applies cleanly on Debian's 3.0.29. However, we'll fix unstable/testing by building samba 3.0.30 To security team: as I said, I'm unsure that I'll be able to work on packages for etch. I'll at least try building with that patch. As usual, I may need guidance to upload to the right place if you're OK for us to upload for etch. What about sarge? It is affected as well (samba is 3.0.14 there) but is it still officially supported wrt security updates? From the announcement: == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions:Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow in the Samba client code. == Because the server process, smbd, can itself == act as a client during operations such as == printer notification and domain authentication, == this issue affects both Samba client and server == installations. == == === Description === Secunia Research reported a vulnerability that allows for the execution of arbitrary code in smbd. This defect is is a result of an incorrect buffer size when parsing SMB replies in the routine receive_smb_raw(). == Patch Availability == A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 3.0.30 has been issued as a security release to correct the defect. Samba administrators are advised to upgrade to 3.0.30 or apply the patch as soon as possible. === Credits === This vulnerability was reported to Samba developers by Alin Rad Pop, Secunia Research. The time line is as follows: * May 15, 2008: Initial report to [EMAIL PROTECTED] * May 15, 2008: First response from Samba developers confirming the bug along with a proposed patch. * May 28, 2008: Public security advisory made available. == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages samba depends on: ii adduser3.107 add and remove users and groups ii debconf [debconf-2.0] 1.5.22Debian configuration management sy ii libacl12.2.47-2 Access control list shared library ii libattr1 1:2.4.41-1Extended attribute shared library ii libc6 2.7-11GNU C Library: Shared libraries ii libcomerr2 1.40.8-2 common error description library ii libcupsys2 1.3.7-5 Common UNIX Printing System(tm) - ii libgnutls262.2.5-1 the GNU TLS library - runtime libr ii libkrb53 1.6.dfsg.3-2 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.9-1 OpenLDAP libraries ii libpam-modules 0.99.7.1-6Pluggable Authentication Modules f ii libpam-runtime 0.99.7.1-6Runtime support for the PAM librar ii libpam0g 0.99.7.1-6Pluggable Authentication Modules l ii libpopt0 1.10-3lib for parsing cmdline parameters ii logrotate 3.7.1-3 Log rotation utility ii lsb-base 3.2-12Linux Standard Base 3.2
Bug#472105: marked as done (cupsys: CVE-2008-0047 buffer overflow in cgi applications using crafted search queries)
Your message dated Sat, 26 Jul 2008 09:40:24 + with message-id [EMAIL PROTECTED] and subject line Bug#472105: fixed in cupsys 1.2.7-4etch3 has caused the Debian Bug report #472105, regarding cupsys: CVE-2008-0047 buffer overflow in cgi applications using crafted search queries to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 472105: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472105 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: cupsys Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for cupsys. CVE-2008-0047[0]: | Heap-based buffer overflow in CUPS in Apple Mac OS X 10.5.2, when | printer sharing is enabled, allows remote attackers to execute | arbitrary code via crafted search expressions. Patch: https://bugzilla.redhat.com/attachment.cgi?id=296901 If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpB9ABEXobNQ.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: cupsys Source-Version: 1.2.7-4etch3 We believe that the bug you reported is fixed in the latest version of cupsys, which is due to be installed in the Debian FTP archive: cupsys-bsd_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/cupsys-bsd_1.2.7-4etch3_i386.deb cupsys-client_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/cupsys-client_1.2.7-4etch3_i386.deb cupsys-common_1.2.7-4etch3_all.deb to pool/main/c/cupsys/cupsys-common_1.2.7-4etch3_all.deb cupsys-dbg_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/cupsys-dbg_1.2.7-4etch3_i386.deb cupsys_1.2.7-4etch3.diff.gz to pool/main/c/cupsys/cupsys_1.2.7-4etch3.diff.gz cupsys_1.2.7-4etch3.dsc to pool/main/c/cupsys/cupsys_1.2.7-4etch3.dsc cupsys_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/cupsys_1.2.7-4etch3_i386.deb libcupsimage2-dev_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch3_i386.deb libcupsimage2_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/libcupsimage2_1.2.7-4etch3_i386.deb libcupsys2-dev_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/libcupsys2-dev_1.2.7-4etch3_i386.deb libcupsys2-gnutls10_1.2.7-4etch3_all.deb to pool/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch3_all.deb libcupsys2_1.2.7-4etch3_i386.deb to pool/main/c/cupsys/libcupsys2_1.2.7-4etch3_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Martin Pitt [EMAIL PROTECTED] (supplier of updated cupsys package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sat, 22 Mar 2008 13:12:42 +0100 Source: cupsys Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsys2-gnutls10 libcupsimage2-dev Architecture: source i386 all Version: 1.2.7-4etch3 Distribution: stable-security Urgency: high Maintainer: [EMAIL PROTECTED] Changed-By: Martin Pitt [EMAIL PROTECTED] Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) cupsys-common - Common UNIX Printing System(tm) - common files cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files libcupsys2-gnutls10 - Common UNIX Printing System(tm) - dummy libs for transition Closes: 467653 472105 Changes: cupsys (1.2.7-4etch3) stable-security; urgency=high . * Add 72_CVE-2008-0047.dpatch: Fix buffer overflow in cgiCompileSearch() using crafted search expressions. Exploitable if printer sharing is enabled. (CVE-2008-0047, STR #2729, Closes: #472105) * Add 73_CVE-2008-0882.dpatch: Fix
Bug#459020: marked as done (php5-recode crashes on amd64, after eating up all memory)
Your message dated Sat, 26 Jul 2008 09:57:51 + with message-id [EMAIL PROTECTED] and subject line Bug#459020: fixed in php5 5.2.0-8+etch11 has caused the Debian Bug report #459020, regarding php5-recode crashes on amd64, after eating up all memory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 459020: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459020 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: php5-recode Version: 5.2.0-8+etch7 Severity: grave Tags: patch Justification: renders package unusable php5-recode crashes on amd64, so all program, which need it, are unusable (like gosa 2.5.14 from the homepage, solution there is run php4 - which should get upgraded like stated yesterday ;) problem is reported to php and listed in bug 41765 ( http://bugs.php.net/bug.php?id=41765 ). patch is also listed there, it is not from me -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-amd64 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages php5-recode depends on: ii libapache-mod-php5 [ph 5.2.0-8+etch7 server-side, HTML-embedded scripti ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries ii librecode0 3.6-12Shared library on which recode is ii php5-cli [phpapi-20060 5.2.0-8+etch7 command-line interpreter for the p ii php5-common5.2.0-8+etch7 Common files for packages built fr php5-recode recommends no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: php5 Source-Version: 5.2.0-8+etch11 We believe that the bug you reported is fixed in the latest version of php5, which is due to be installed in the Debian FTP archive: libapache-mod-php5_5.2.0-8+etch11_i386.deb to pool/main/p/php5/libapache-mod-php5_5.2.0-8+etch11_i386.deb libapache2-mod-php5_5.2.0-8+etch11_i386.deb to pool/main/p/php5/libapache2-mod-php5_5.2.0-8+etch11_i386.deb php-pear_5.2.0-8+etch11_all.deb to pool/main/p/php5/php-pear_5.2.0-8+etch11_all.deb php5-cgi_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-cgi_5.2.0-8+etch11_i386.deb php5-cli_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-cli_5.2.0-8+etch11_i386.deb php5-common_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-common_5.2.0-8+etch11_i386.deb php5-curl_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-curl_5.2.0-8+etch11_i386.deb php5-dev_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-dev_5.2.0-8+etch11_i386.deb php5-gd_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-gd_5.2.0-8+etch11_i386.deb php5-imap_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-imap_5.2.0-8+etch11_i386.deb php5-interbase_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-interbase_5.2.0-8+etch11_i386.deb php5-ldap_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-ldap_5.2.0-8+etch11_i386.deb php5-mcrypt_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-mcrypt_5.2.0-8+etch11_i386.deb php5-mhash_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-mhash_5.2.0-8+etch11_i386.deb php5-mysql_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-mysql_5.2.0-8+etch11_i386.deb php5-odbc_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-odbc_5.2.0-8+etch11_i386.deb php5-pgsql_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-pgsql_5.2.0-8+etch11_i386.deb php5-pspell_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-pspell_5.2.0-8+etch11_i386.deb php5-recode_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-recode_5.2.0-8+etch11_i386.deb php5-snmp_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-snmp_5.2.0-8+etch11_i386.deb php5-sqlite_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-sqlite_5.2.0-8+etch11_i386.deb php5-sybase_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-sybase_5.2.0-8+etch11_i386.deb php5-tidy_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-tidy_5.2.0-8+etch11_i386.deb php5-xmlrpc_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-xmlrpc_5.2.0-8+etch11_i386.deb php5-xsl_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-xsl_5.2.0-8+etch11_i386.deb php5_5.2.0-8+etch11.diff.gz to pool/main/p/php5/php5_5.2.0-8+etch11.diff.gz php5_5.2.0-8+etch11.dsc to pool/main/p/php5/php5_5.2.0-8+etch11.dsc php5_5.2.0-8+etch11_all.deb to pool/main/p/php5/php5_5.2.0-8+etch11_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL
Bug#469293: marked as done (vzctl: vzmigrate corrupts user-ids of files)
Your message dated Sat, 26 Jul 2008 09:58:06 + with message-id [EMAIL PROTECTED] and subject line Bug#469293: fixed in vzctl 3.0.11-14 has caused the Debian Bug report #469293, regarding vzctl: vzmigrate corrupts user-ids of files to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 469293: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469293 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: vzctl Version: 3.0.11-13 Severity: critical Justification: causes serious data loss Hello! The vzmigrate script (etch Version) fails to use --numeric-ids with rsync, causing incorrect user-ids on the destination host, and therefore lots of broken stuff (in my case: ejabberd in the VE wouldn't start, because the ejabberd files were owned by another user). As this causes lots of pain, and loss of (meta-)data, setting Severity: critical. Upstream has patches for this: http://git.openvz.org/?p=vzctl;a=commitdiff;h=3a6a52665b15225ed2d10186861c00ce3b23b6be http://git.openvz.org/?p=vzctl;a=commitdiff;h=bb5138eb46abef2507dc0803d8f32642e44af9c3 I think this would be worth patching in etch. Thanks, Christian -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-028stab053-dl3xx-openvz Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Versions of packages vzctl depends on: ii iproute20061002-3Professional tools to control the ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii vzquota3.0.8-2 server virtualization solution - q Versions of packages vzctl recommends: ii rsync 2.6.9-2etch1 fast remote file copy program (lik -- no debconf information ---End Message--- ---BeginMessage--- Source: vzctl Source-Version: 3.0.11-14 We believe that the bug you reported is fixed in the latest version of vzctl, which is due to be installed in the Debian FTP archive: vzctl_3.0.11-14.diff.gz to pool/main/v/vzctl/vzctl_3.0.11-14.diff.gz vzctl_3.0.11-14.dsc to pool/main/v/vzctl/vzctl_3.0.11-14.dsc vzctl_3.0.11-14_i386.deb to pool/main/v/vzctl/vzctl_3.0.11-14_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ola Lundqvist [EMAIL PROTECTED] (supplier of updated vzctl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 10 Mar 2008 18:58:04 +0100 Source: vzctl Binary: vzctl Architecture: source i386 Version: 3.0.11-14 Distribution: stable Urgency: high Maintainer: Ola Lundqvist [EMAIL PROTECTED] Changed-By: Ola Lundqvist [EMAIL PROTECTED] Description: vzctl - server virtualization solution - control tools Closes: 469293 Changes: vzctl (3.0.11-14) stable; urgency=high . * Correction for serious permission problem with migration, closes: #469293. Files: b7759e75f82d9393132dc6365cb6626e 568 admin optional vzctl_3.0.11-14.dsc c7b56d327104eafd72470d33996d677d 7093 admin optional vzctl_3.0.11-14.diff.gz 67daca400a673c49e83b461d674f91fb 162002 admin optional vzctl_3.0.11-14_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH1XdNGKGxzw/lPdkRAu9qAJ44D/l94ss3fQnYwHqiuRAI3z6X+wCcDzd4 zkavHebJB5yelBjHsjLmwio= =l8X/ -END PGP SIGNATURE- ---End Message---
Bug#466449: marked as done (diatheke: Diatheke allows arbitrary command execution using the range parameter)
Your message dated Sat, 26 Jul 2008 09:58:01 + with message-id [EMAIL PROTECTED] and subject line Bug#466449: fixed in sword 1.5.9-2etch1 has caused the Debian Bug report #466449, regarding diatheke: Diatheke allows arbitrary command execution using the range parameter to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 466449: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466449 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: diatheke Severity: critical Tags: security Justification: root security hole The Diatheke CGI allows arbitrary command execution in the context of the webserver, e.g. www-data by simply abusing the range parameter. For example, range=`yes` will consume tons of resources on the affected webserver. Escalation of privleges and command shells are left as an exercise to the reader. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh Versions of packages diatheke depends on: ii libc6 2.7-8 GNU C Library: Shared libraries ii libcomerr21.40.6-1 common error description library ii libgcc1 1:4.3-20080202-1 GCC support library ii libkrb53 1.6.dfsg.3~beta1-2 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.7-5OpenLDAP libraries ii libstdc++64.3-20080202-1 The GNU Standard C++ Library v3 ii libsword6 1.5.9-7.1 API/library for bible software ii zlib1g1:1.2.3.3.dfsg-11 compression library - runtime Versions of packages diatheke recommends: ii apache2 2.2.8-1Next generation, scalable, extenda ii apache2-mpm-prefork [httpd] 2.2.8-1Traditional model for Apache HTTPD ---End Message--- ---BeginMessage--- Source: sword Source-Version: 1.5.9-2etch1 We believe that the bug you reported is fixed in the latest version of sword, which is due to be installed in the Debian FTP archive: diatheke_1.5.9-2etch1_i386.deb to pool/main/s/sword/diatheke_1.5.9-2etch1_i386.deb libsword-dev_1.5.9-2etch1_i386.deb to pool/main/s/sword/libsword-dev_1.5.9-2etch1_i386.deb libsword6_1.5.9-2etch1_i386.deb to pool/main/s/sword/libsword6_1.5.9-2etch1_i386.deb sword_1.5.9-2etch1.diff.gz to pool/main/s/sword/sword_1.5.9-2etch1.diff.gz sword_1.5.9-2etch1.dsc to pool/main/s/sword/sword_1.5.9-2etch1.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst [EMAIL PROTECTED] (supplier of updated sword package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 21 Feb 2008 23:35:10 +0100 Source: sword Binary: libsword-dev libsword6 diatheke Architecture: source i386 Version: 1.5.9-2etch1 Distribution: stable-security Urgency: high Maintainer: Daniel Glassey [EMAIL PROTECTED] Changed-By: Thijs Kinkhorst [EMAIL PROTECTED] Description: diatheke - CGI script for making bible website libsword-dev - Development files for libsword libsword6 - API/library for bible software Closes: 466449 Changes: sword (1.5.9-2etch1) stable-security; urgency=high . * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. Files: d93f49c3798272c9de84ec6ae5d1cbed 1026 libs optional sword_1.5.9-2etch1.dsc 346539f31b41015161d8dd0d2f035243 1806178 libs optional sword_1.5.9.orig.tar.gz c39c316e9c81e54136eb02f68292c09d 82071 libs optional sword_1.5.9-2etch1.diff.gz 95b5aaff3ccec4dcd1f77e95f6bf2da0 526314 libs optional libsword6_1.5.9-2etch1_i386.deb e3c8ec3d6dcfcfae0cddbb618353db36 701078 libdevel optional libsword-dev_1.5.9-2etch1_i386.deb 0a384fecde3e4492fda105eb9d82ce35 62206 web optional diatheke_1.5.9-2etch1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR74B9mz0hbPcukPfAQK1vQgAslglZdmw1KrpxLpOGJFk9mPJDzX6lTDa xL0r/4/IxFapDxUoxD0Yk/wOsVltChGM8e8Ro4955sWKabR/s0vw1mJg08l9cGy4
Bug#457445: marked as done (libnet-dns-perl: CVE-2007-6341 possible remote denial of service vulnerability)
Your message dated Sat, 26 Jul 2008 09:40:48 + with message-id [EMAIL PROTECTED] and subject line Bug#457445: fixed in libnet-dns-perl 0.59-1etch1 has caused the Debian Bug report #457445, regarding libnet-dns-perl: CVE-2007-6341 possible remote denial of service vulnerability to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 457445: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457445 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libnet-dns-perl Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for libnet-dns-perl. CVE-2007-6341[0]: | Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such | as SpamAssassin and OTRS, allows remote attackers to cause a denial of | service (program croak) via a crafted DNS response. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpGl9tl2kYfi.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: libnet-dns-perl Source-Version: 0.59-1etch1 We believe that the bug you reported is fixed in the latest version of libnet-dns-perl, which is due to be installed in the Debian FTP archive: libnet-dns-perl_0.59-1etch1.diff.gz to pool/main/libn/libnet-dns-perl/libnet-dns-perl_0.59-1etch1.diff.gz libnet-dns-perl_0.59-1etch1.dsc to pool/main/libn/libnet-dns-perl/libnet-dns-perl_0.59-1etch1.dsc libnet-dns-perl_0.59-1etch1_amd64.deb to pool/main/libn/libnet-dns-perl/libnet-dns-perl_0.59-1etch1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Florian Weimer [EMAIL PROTECTED] (supplier of updated libnet-dns-perl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 07 Mar 2008 22:17:33 +0100 Source: libnet-dns-perl Binary: libnet-dns-perl Architecture: source amd64 Version: 0.59-1etch1 Distribution: stable-security Urgency: high Maintainer: Florian Hinzmann [EMAIL PROTECTED] Changed-By: Florian Weimer [EMAIL PROTECTED] Description: libnet-dns-perl - Perform DNS queries from a Perl script Closes: 457445 Changes: libnet-dns-perl (0.59-1etch1) stable-security; urgency=high . * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) Files: 97a61f446273f49c42348334f5cc9ba8 915 perl optional libnet-dns-perl_0.59-1etch1.dsc d3408875f34e5fa0a313a4a21c70e832 137998 perl optional libnet-dns-perl_0.59.orig.tar.gz bfbdf3851e092853756b78e648b5af29 7584 perl optional libnet-dns-perl_0.59-1etch1.diff.gz ac599d5c037f6488e039887081d4d93b 252906 perl optional libnet-dns-perl_0.59-1etch1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR9HHAb97/wQC1SS+AQKbNgf+MsUMd8TmleXs57Jnjmts57VThIfhcyWY yYaHHPw/VXbO7bvA/Ts+Y4KeMbfpzsWB7PPXxhCLMbwsoUkwre7FaDuy5FJOUuBp yCPItusH3krpKGnJTPB8sPCbIISk0bLFjairg3ybTKMoLQ2Ok3nv0nVbmwxXD6E3 rJHPHqfP6KmYt2imEocGZEI+chqdOKX4eYo5wv3b/HRJHyoDzW1HiREz2VJRAwE/ JD4XMcfotwCPRChU8nR1xAuiA5DPQWhgx2x+8v/eYve6CSe+yWJrgQ6s0xkf0CTX oo4cE72rYmyPeXy88mjYx/v99p3ygRcT3473PPH4HLm3PDPxOuo7Uw== =a+2f -END PGP SIGNATURE- ---End Message---
Bug#446034: marked as done (CVE-2007-5301 buffer overflow in vorbis input plugin)
Your message dated Sat, 26 Jul 2008 09:40:17 + with message-id [EMAIL PROTECTED] and subject line Bug#446034: fixed in alsaplayer 0.99.76-9+etch1 has caused the Debian Bug report #446034, regarding CVE-2007-5301 buffer overflow in vorbis input plugin to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 446034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446034 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: alsaplayer Severity: grave Tags: security Hi, The following was released on: http://secunia.com/advisories/27117/ | Some vulnerabilities have been reported in AlsaPlayer, which potentially can be | exploited by malicious people to compromise a user's system. | | The vulnerabilities are caused due to boundary errors in the vorbis input | plug-in when processing .OGG files. These can be exploited to cause buffer | overflows via a specially crafted .OGG file with overly long comments. | | Successful exploitation may allow execution of arbitrary code. Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgprILS7yCvL7.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: alsaplayer Source-Version: 0.99.76-9+etch1 We believe that the bug you reported is fixed in the latest version of alsaplayer, which is due to be installed in the Debian FTP archive: alsaplayer-alsa_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-alsa_0.99.76-9+etch1_i386.deb alsaplayer-common_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-common_0.99.76-9+etch1_i386.deb alsaplayer-daemon_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-daemon_0.99.76-9+etch1_i386.deb alsaplayer-esd_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-esd_0.99.76-9+etch1_i386.deb alsaplayer-gtk_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-gtk_0.99.76-9+etch1_i386.deb alsaplayer-jack_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-jack_0.99.76-9+etch1_i386.deb alsaplayer-nas_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-nas_0.99.76-9+etch1_i386.deb alsaplayer-oss_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-oss_0.99.76-9+etch1_i386.deb alsaplayer-text_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-text_0.99.76-9+etch1_i386.deb alsaplayer-xosd_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/alsaplayer-xosd_0.99.76-9+etch1_i386.deb alsaplayer_0.99.76-9+etch1.diff.gz to pool/main/a/alsaplayer/alsaplayer_0.99.76-9+etch1.diff.gz alsaplayer_0.99.76-9+etch1.dsc to pool/main/a/alsaplayer/alsaplayer_0.99.76-9+etch1.dsc libalsaplayer-dev_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/libalsaplayer-dev_0.99.76-9+etch1_i386.deb libalsaplayer0_0.99.76-9+etch1_i386.deb to pool/main/a/alsaplayer/libalsaplayer0_0.99.76-9+etch1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Devin Carraway [EMAIL PROTECTED] (supplier of updated alsaplayer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 30 Mar 2008 07:35:43 + Source: alsaplayer Binary: alsaplayer-daemon alsaplayer-xosd libalsaplayer-dev alsaplayer-jack alsaplayer-esd alsaplayer-text alsaplayer-nas alsaplayer-oss alsaplayer-alsa alsaplayer-gtk libalsaplayer0 alsaplayer-common Architecture: source i386 Version: 0.99.76-9+etch1 Distribution: stable-security Urgency: high Maintainer: Hubert Chan [EMAIL PROTECTED] Changed-By: Devin Carraway [EMAIL PROTECTED] Description: alsaplayer-alsa - PCM player designed for ALSA (ALSA output module) alsaplayer-common - PCM player designed for ALSA (common files) alsaplayer-daemon - PCM player designed for ALSA (non-interactive version) alsaplayer-esd - PCM player designed for ALSA (EsounD output module) alsaplayer-gtk - PCM player designed for ALSA (GTK version) alsaplayer-jack - PCM player designed for ALSA (JACK output module) alsaplayer-nas - PCM player designed for ALSA (NAS output module) alsaplayer-oss - PCM player designed for ALSA (OSS output module)
Bug#470640: marked as done (horde3: CVE-2008-1284 file inclusion vulnerability)
Your message dated Sat, 26 Jul 2008 09:40:37 + with message-id [EMAIL PROTECTED] and subject line Bug#470640: fixed in horde3 3.1.3-4etch3 has caused the Debian Bug report #470640, regarding horde3: CVE-2008-1284 file inclusion vulnerability to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 470640: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=470640 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: horde3 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for horde3. CVE-2008-1284[0]: | Directory traversal vulnerability in Horde 3.1.6, Groupware before | 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with | certain configurations, allows remote authenticated users to read and | execute arbitrary files via .. sequences and a null byte in the | theme name. Patch is on: http://ftp.horde.org/pub/horde/patches/patch-horde-3.1.6-3.1.7.gz If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1284 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpvHSsic7mEg.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: horde3 Source-Version: 3.1.3-4etch3 We believe that the bug you reported is fixed in the latest version of horde3, which is due to be installed in the Debian FTP archive: horde3_3.1.3-4etch3.diff.gz to pool/main/h/horde3/horde3_3.1.3-4etch3.diff.gz horde3_3.1.3-4etch3.dsc to pool/main/h/horde3/horde3_3.1.3-4etch3.dsc horde3_3.1.3-4etch3_all.deb to pool/main/h/horde3/horde3_3.1.3-4etch3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gregory Colpart (evolix) [EMAIL PROTECTED] (supplier of updated horde3 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sat, 15 Mar 2008 19:08:56 +0100 Source: horde3 Binary: horde3 Architecture: source all Version: 3.1.3-4etch3 Distribution: stable-security Urgency: high Maintainer: Horde Maintainers [EMAIL PROTECTED] Changed-By: Gregory Colpart (evolix) [EMAIL PROTECTED] Description: horde3 - horde web application framework Closes: 470640 Changes: horde3 (3.1.3-4etch3) stable-security; urgency=high . * Fix arbitrary file inclusion through abuse of the theme preference (see CVE-2008-1284 for more informations). (Closes: #470640 Files: f8929682acb675550e4235c62a99cbe6 974 web optional horde3_3.1.3-4etch3.dsc d79fbe74794a4f6c70f208ba3a55bebc 13100 web optional horde3_3.1.3-4etch3.diff.gz d4a9a4db3744a2cd496ed499c39ec6b3 5270328 web optional horde3_3.1.3-4etch3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR9xW32z0hbPcukPfAQLDvQf/ZCo39dkZINdsUdCB3FGYfmkqESY/HhSb GXvgv76Z8/xC/4ADRXFw9lNdrkn74ADkb4kjU36isu85KbGAZ3tp5d0FSQiTkZyj 6VmZ5EAThq+NXk2eLsQNbtV777gTkd/uRu0TwFaj/jCMkrL/25slpdK+Kw+/s5m3 ZlTCyO5QO35sOXndyrUAgBLxuq21oQZK8ictU+8dvMNCOPEitoFGTNFjOiG41Kv3 gPy9zZdLpfi4ffONE4749yFa1vCR3kDRCL3+P8rlgpuYNak1IsXEN4PHKXJMt40M H/16hMAcaoS7RX0e82pMvfN1n5xn+XkYft8esgEGPvxJXFxsN18CBQ== =N1YO -END PGP SIGNATURE- ---End Message---
Bug#431676: marked as done (piuparts test: fails to remove: line 4: killall: command not found)
Your message dated Sat, 26 Jul 2008 09:40:27 + with message-id [EMAIL PROTECTED] and subject line Bug#431676: fixed in dns-flood-detector 1.12-1etch1 has caused the Debian Bug report #431676, regarding piuparts test: fails to remove: line 4: killall: command not found to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 431676: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=431676 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: dns-flood-detector Version: 1.12-1 Severity: serious hi, while running archive wide piuparts tests your package failed on remove with the following error: Removing dns-flood-detector ... /var/lib/dpkg/info/dns-flood-detector.prerm: line 4: killall: command not found dpkg: error processing dns-flood-detector (--purge): subprocess pre-removal script returned error exit status 127 dpkg: dependency problems prevent removal of libpcap0.8: dns-flood-detector depends on libpcap0.8 (= 0.9.3-1). dpkg: error processing libpcap0.8 (--purge): dependency problems - not removing Errors were encountered while processing: dns-flood-detector libpcap0.8 the full log can be found here: http://people.debian.org/~lucas/logs/2007/07/01/ bye, - michael ---End Message--- ---BeginMessage--- Source: dns-flood-detector Source-Version: 1.12-1etch1 We believe that the bug you reported is fixed in the latest version of dns-flood-detector, which is due to be installed in the Debian FTP archive: dns-flood-detector_1.12-1etch1.diff.gz to pool/main/d/dns-flood-detector/dns-flood-detector_1.12-1etch1.diff.gz dns-flood-detector_1.12-1etch1.dsc to pool/main/d/dns-flood-detector/dns-flood-detector_1.12-1etch1.dsc dns-flood-detector_1.12-1etch1_i386.deb to pool/main/d/dns-flood-detector/dns-flood-detector_1.12-1etch1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jan Wagner [EMAIL PROTECTED] (supplier of updated dns-flood-detector package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 21 Mar 2008 17:21:51 +0100 Source: dns-flood-detector Binary: dns-flood-detector Architecture: source i386 Version: 1.12-1etch1 Distribution: stable Urgency: low Maintainer: Jan Wagner [EMAIL PROTECTED] Changed-By: Jan Wagner [EMAIL PROTECTED] Description: dns-flood-detector - detect abusive usage levels on high traffic nameservers Closes: 431676 Changes: dns-flood-detector (1.12-1etch1) stable; urgency=low . * make start-stop-daemon working instead of using kill (Closes: #431676). Files: dd971e5b3ad14547963c4df5c803c13f 627 net optional dns-flood-detector_1.12-1etch1.dsc e505d3929677dfe61b2ddd48d1d90947 3886 net optional dns-flood-detector_1.12-1etch1.diff.gz 8f755740d97f7d1c199837d20d303380 13646 net optional dns-flood-detector_1.12-1etch1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH9AjgQUuEI2/szeARAiGbAJ9co/ldc0beh+SEV2SSrSvkmyJqlgCfdiTE oYqdpDTPnMfpzH+XafBeDx8= =Bc6a -END PGP SIGNATURE- ---End Message---
Bug#426224: marked as done (Please update shutdown to support libata drivers in newer kernels)
Your message dated Sat, 26 Jul 2008 09:58:02 + with message-id [EMAIL PROTECTED] and subject line Bug#426224: fixed in sysvinit 2.86.ds1-38+etchnhalf.1 has caused the Debian Bug report #426224, regarding Please update shutdown to support libata drivers in newer kernels to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 426224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426224 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: sysvinit Version: 2.86.ds1-38 Using current (2.6.22) kernels in Debian leads to an error when shutting down the machine if some disks are managed by libata drivers: DISK MIGHT NOT BE SPUN DOWN PROPERLY. UPDATE SHUTDOWN UTILITY. The details are explained there: http://linux-ata.org/shutdown.html I think shutdown should be updated to fix this. The machine is a Dell Latitude C610 running testing and a git (2.6.22-rc2) kernel, using ata_piix drivers from libata to access the ICH-3 controller. Simon ---End Message--- ---BeginMessage--- Source: sysvinit Source-Version: 2.86.ds1-38+etchnhalf.1 We believe that the bug you reported is fixed in the latest version of sysvinit, which is due to be installed in the Debian FTP archive: initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb to pool/main/s/sysvinit/sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz sysvinit_2.86.ds1-38+etchnhalf.1.dsc to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1.dsc sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. dann frazier [EMAIL PROTECTED] (supplier of updated sysvinit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 15 May 2008 01:19:23 -0600 Source: sysvinit Binary: sysv-rc sysvinit-utils sysvinit initscripts Architecture: source ia64 all Version: 2.86.ds1-38+etchnhalf.1 Distribution: stable Urgency: low Maintainer: Debian sysvinit maintainers [EMAIL PROTECTED] Changed-By: dann frazier [EMAIL PROTECTED] Description: initscripts - Scripts for initializing and shutting down the system sysv-rc- System-V-like runlevel change mechanism sysvinit - System-V-like init utilities sysvinit-utils - System-V-like utilities Closes: 426224 Changes: sysvinit (2.86.ds1-38+etchnhalf.1) stable; urgency=low . * Include patch from Werner Fink at SuSe to handle each disk individually and automatically instead of guessing in the init.d script how to handle them collectively (Closes: #426224). Files: d266d3742f8198068f989ea398c22e02 992 admin required sysvinit_2.86.ds1-38+etchnhalf.1.dsc e7532787c42774b1bb3ab5db7004473a 135812 admin required sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz e7392a6079cce9980aa2425715696f3d 136888 admin required sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb cc4b59577cd43af23578214f3e9c5a86 75590 admin required sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb 20a9c175a94b87459905ebe53496ab18 63898 admin required initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb 5fa79b20fd3a7d3289ad8e7a84913d53 56222 admin required sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIMasihuANDBmkLRkRAsSwAKCUDSZ4+Zk22TfW499MwGFHvm+GjgCffy+A SGOpaz0VOGpPoto4+7zq9OY= =RS7k -END PGP SIGNATURE- ---End Message---
Processed: Re: Bug#492213: linux-image-2.6.25-2-686: reinstall of kernel stalls when recreating missing grub/menu.lst
Processing commands for [EMAIL PROTECTED]: severity 492213 grave Bug#492213: linux-image-2.6.25-2-686: reinstall of kernel stalls when recreating missing grub/menu.lst Severity set to `grave' from `normal' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#430497: marked as done (Please update shutdown)
Your message dated Sat, 26 Jul 2008 09:58:02 + with message-id [EMAIL PROTECTED] and subject line Bug#426224: fixed in sysvinit 2.86.ds1-38+etchnhalf.1 has caused the Debian Bug report #426224, regarding Please update shutdown to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 426224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426224 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: base Severity: important -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.22-6-generic (SMP w/1 CPU core) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash I am having problems with my IDE hard disks at Debian shutdown using any 2.6.22.x kernel. Three seconds before power off is printed the message ata1.01 MIGHT NOT TO SPUN DOWN PROPERTY, UPDATE YOUR SHUTDOWN UTILITY and also does reference to a website: http://linux-ata.org/shutdown.html There is explained what is happening. Shutdown utility of Debian will need to be updated soon in testing/unstable and also in stable if you want to do it compatible with 2.6.22 kernel releases. ---End Message--- ---BeginMessage--- Source: sysvinit Source-Version: 2.86.ds1-38+etchnhalf.1 We believe that the bug you reported is fixed in the latest version of sysvinit, which is due to be installed in the Debian FTP archive: initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb to pool/main/s/sysvinit/sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz sysvinit_2.86.ds1-38+etchnhalf.1.dsc to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1.dsc sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. dann frazier [EMAIL PROTECTED] (supplier of updated sysvinit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 15 May 2008 01:19:23 -0600 Source: sysvinit Binary: sysv-rc sysvinit-utils sysvinit initscripts Architecture: source ia64 all Version: 2.86.ds1-38+etchnhalf.1 Distribution: stable Urgency: low Maintainer: Debian sysvinit maintainers [EMAIL PROTECTED] Changed-By: dann frazier [EMAIL PROTECTED] Description: initscripts - Scripts for initializing and shutting down the system sysv-rc- System-V-like runlevel change mechanism sysvinit - System-V-like init utilities sysvinit-utils - System-V-like utilities Closes: 426224 Changes: sysvinit (2.86.ds1-38+etchnhalf.1) stable; urgency=low . * Include patch from Werner Fink at SuSe to handle each disk individually and automatically instead of guessing in the init.d script how to handle them collectively (Closes: #426224). Files: d266d3742f8198068f989ea398c22e02 992 admin required sysvinit_2.86.ds1-38+etchnhalf.1.dsc e7532787c42774b1bb3ab5db7004473a 135812 admin required sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz e7392a6079cce9980aa2425715696f3d 136888 admin required sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb cc4b59577cd43af23578214f3e9c5a86 75590 admin required sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb 20a9c175a94b87459905ebe53496ab18 63898 admin required initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb 5fa79b20fd3a7d3289ad8e7a84913d53 56222 admin required sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIMasihuANDBmkLRkRAsSwAKCUDSZ4+Zk22TfW499MwGFHvm+GjgCffy+A SGOpaz0VOGpPoto4+7zq9OY= =RS7k -END PGP SIGNATURE- ---End Message---
Bug#436703: marked as done (/sbin/shutdown fails to properly spindown drive)
Your message dated Sat, 26 Jul 2008 09:58:02 + with message-id [EMAIL PROTECTED] and subject line Bug#426224: fixed in sysvinit 2.86.ds1-38+etchnhalf.1 has caused the Debian Bug report #426224, regarding /sbin/shutdown fails to properly spindown drive to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 426224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426224 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: sysvinit Version: 2.86.ds1-38.1 Severity: serious --- Please enter the report below this line. --- /sbin/shutdown fails to properly spindown many newer sata drives before poweroff[0]. [0]http://linux-ata.org/shutdown.html --- System information. --- Architecture: i386 Kernel: Linux 2.6.21.5 Debian Release: lenny/sid 500 unstablemirror.switch.ch 500 unstablemirror.noreply.org 500 unstabledebian-multimedia.org --- Package information. --- Depends (Version) | Installed ===-+- libc6(= 2.6-1) | 2.6-5 libselinux1 (= 2.0.15) | 2.0.15-2+b1 libsepol1(= 2.0.3) | 2.0.3-1+b1 ---End Message--- ---BeginMessage--- Source: sysvinit Source-Version: 2.86.ds1-38+etchnhalf.1 We believe that the bug you reported is fixed in the latest version of sysvinit, which is due to be installed in the Debian FTP archive: initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb to pool/main/s/sysvinit/sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz sysvinit_2.86.ds1-38+etchnhalf.1.dsc to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1.dsc sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb to pool/main/s/sysvinit/sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. dann frazier [EMAIL PROTECTED] (supplier of updated sysvinit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 15 May 2008 01:19:23 -0600 Source: sysvinit Binary: sysv-rc sysvinit-utils sysvinit initscripts Architecture: source ia64 all Version: 2.86.ds1-38+etchnhalf.1 Distribution: stable Urgency: low Maintainer: Debian sysvinit maintainers [EMAIL PROTECTED] Changed-By: dann frazier [EMAIL PROTECTED] Description: initscripts - Scripts for initializing and shutting down the system sysv-rc- System-V-like runlevel change mechanism sysvinit - System-V-like init utilities sysvinit-utils - System-V-like utilities Closes: 426224 Changes: sysvinit (2.86.ds1-38+etchnhalf.1) stable; urgency=low . * Include patch from Werner Fink at SuSe to handle each disk individually and automatically instead of guessing in the init.d script how to handle them collectively (Closes: #426224). Files: d266d3742f8198068f989ea398c22e02 992 admin required sysvinit_2.86.ds1-38+etchnhalf.1.dsc e7532787c42774b1bb3ab5db7004473a 135812 admin required sysvinit_2.86.ds1-38+etchnhalf.1.diff.gz e7392a6079cce9980aa2425715696f3d 136888 admin required sysvinit_2.86.ds1-38+etchnhalf.1_ia64.deb cc4b59577cd43af23578214f3e9c5a86 75590 admin required sysvinit-utils_2.86.ds1-38+etchnhalf.1_ia64.deb 20a9c175a94b87459905ebe53496ab18 63898 admin required initscripts_2.86.ds1-38+etchnhalf.1_ia64.deb 5fa79b20fd3a7d3289ad8e7a84913d53 56222 admin required sysv-rc_2.86.ds1-38+etchnhalf.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIMasihuANDBmkLRkRAsSwAKCUDSZ4+Zk22TfW499MwGFHvm+GjgCffy+A SGOpaz0VOGpPoto4+7zq9OY= =RS7k -END PGP SIGNATURE- ---End Message---
Bug#475163: marked as done (sympa: CVE-2008-1648 denial of service via crafted email)
Your message dated Sat, 26 Jul 2008 09:58:02 + with message-id [EMAIL PROTECTED] and subject line Bug#475163: fixed in sympa 5.2.3-1.2+etch1 has caused the Debian Bug report #475163, regarding sympa: CVE-2008-1648 denial of service via crafted email to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 475163: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475163 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: sympa Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for sympa. CVE-2008-1648[0]: | Sympa before 5.4 allows remote attackers to cause a denial of service | (daemon crash) via an e-mail message with a malformed value of the | Content-Type header and unspecified other headers. NOTE: some of these | details are obtained from third party information. First apply this patch: http://sourcesup.cru.fr/cgi/viewvc.cgi/trunk/src/PlainDigest.pm?r1=3597r2=4834view=patch and then this patch: http://sourcesup.cru.fr/cgi/viewvc.cgi/trunk/src/PlainDigest.pm?r1=4834r2=4835view=patch to fix the problem. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 http://security-tracker.debian.net/tracker/CVE-2008-1648 -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpBVwfrcIBJN.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: sympa Source-Version: 5.2.3-1.2+etch1 We believe that the bug you reported is fixed in the latest version of sympa, which is due to be installed in the Debian FTP archive: sympa_5.2.3-1.2+etch1.diff.gz to pool/main/s/sympa/sympa_5.2.3-1.2+etch1.diff.gz sympa_5.2.3-1.2+etch1.dsc to pool/main/s/sympa/sympa_5.2.3-1.2+etch1.dsc sympa_5.2.3-1.2+etch1_amd64.deb to pool/main/s/sympa/sympa_5.2.3-1.2+etch1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Steve Kemp [EMAIL PROTECTED] (supplier of updated sympa package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 30 Jun 2008 16:17:18 + Source: sympa Binary: sympa Architecture: source amd64 Version: 5.2.3-1.2+etch1 Distribution: stable-security Urgency: high Maintainer: Stefan Hornburg (Racke) [EMAIL PROTECTED] Changed-By: Steve Kemp [EMAIL PROTECTED] Description: sympa - Modern mailing list manager Closes: 475163 Changes: sympa (5.2.3-1.2+etch1) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix possible denial of service attack triggered via a malformed email header (CVE-2008-1648; Closes: #475163). Files: c7e720e56b1c4e9778cea822ed150a19 625 mail optional sympa_5.2.3-1.2+etch1.dsc 355cb9174841205831191c93a83da895 5102528 mail optional sympa_5.2.3.orig.tar.gz a93d8ec3dcbc0a0aed99e513c5749c0e 96804 mail optional sympa_5.2.3-1.2+etch1.diff.gz 531781d522ad5f02e6c5b658883ed37d 3591854 mail optional sympa_5.2.3-1.2+etch1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkho/OcACgkQwM/Gs81MDZ1DggCguWHsxIkq6/qH4sS2fwWoSkjK xAcAoJ1EpG6z5ZmlVxYr5w0bvbS3/e2U =6Xn8 -END PGP SIGNATURE- ---End Message---
Bug#486340: marked as done (debian/copyright needs updating)
Your message dated Sat, 26 Jul 2008 09:58:10 + with message-id [EMAIL PROTECTED] and subject line Bug#486340: fixed in xserver-xorg-video-intel 2:2.2.1-1~etchnhalf2 has caused the Debian Bug report #486340, regarding debian/copyright needs updating to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 486340: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486340 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xserver-xorg-video-intel Severity: serious Version: 2:2.3.1-1 Hi, the debian/copyright of xserver-xorg-video-intel is so outdated it has little to do with the rest of the package when it comes to who owns which copyrights. It would be good to go over the source and extract the relevant copyright notices. Note that per-file annotations are not required, so that copyright notices of files with the same license can easily be agglomerated. Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ ---End Message--- ---BeginMessage--- Source: xserver-xorg-video-intel Source-Version: 2:2.2.1-1~etchnhalf2 We believe that the bug you reported is fixed in the latest version of xserver-xorg-video-intel, which is due to be installed in the Debian FTP archive: xserver-xorg-video-intel_2.2.1-1~etchnhalf2.diff.gz to pool/main/x/xserver-xorg-video-intel/xserver-xorg-video-intel_2.2.1-1~etchnhalf2.diff.gz xserver-xorg-video-intel_2.2.1-1~etchnhalf2.dsc to pool/main/x/xserver-xorg-video-intel/xserver-xorg-video-intel_2.2.1-1~etchnhalf2.dsc xserver-xorg-video-intel_2.2.1-1~etchnhalf2_i386.deb to pool/main/x/xserver-xorg-video-intel/xserver-xorg-video-intel_2.2.1-1~etchnhalf2_i386.deb xserver-xorg-video-intel_2.2.1.orig.tar.gz to pool/main/x/xserver-xorg-video-intel/xserver-xorg-video-intel_2.2.1.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julien Cristau [EMAIL PROTECTED] (supplier of updated xserver-xorg-video-intel package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 23 Jun 2008 15:26:33 +0200 Source: xserver-xorg-video-intel Binary: xserver-xorg-video-intel Architecture: source i386 Version: 2:2.2.1-1~etchnhalf2 Distribution: proposed-updates Urgency: low Maintainer: Debian X Strike Force [EMAIL PROTECTED] Changed-By: Julien Cristau [EMAIL PROTECTED] Description: xserver-xorg-video-intel - X.Org X server -- Intel i8xx, i9xx display driver Closes: 486340 Changes: xserver-xorg-video-intel (2:2.2.1-1~etchnhalf2) proposed-updates; urgency=low . * Update debian/copyright, thanks to Thomas Viehmann for reporting, and Moritz Muehlenhoff for the thorough analysis (closes: #486340). Files: 3abb61b26edecb19e7ae74cff693fefc 1324 x11 optional xserver-xorg-video-intel_2.2.1-1~etchnhalf2.dsc 45f30487584267e37954223c0669afbc 804648 x11 optional xserver-xorg-video-intel_2.2.1.orig.tar.gz 4cb228df1ddccee232830aae4f9e8260 223319 x11 optional xserver-xorg-video-intel_2.2.1-1~etchnhalf2.diff.gz b7b76aaac0a35bf00a402e1a355b63cf 343056 x11 optional xserver-xorg-video-intel_2.2.1-1~etchnhalf2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEUEARECAAYFAkhfpd8ACgkQmEvTgKxfcAwUDACYvqwiurvqSsg3nKR4f6ou/K4E oACff2yXBontleic90vJmZpfoXYPh+U= =x8eL -END PGP SIGNATURE- ---End Message---
Bug#465598: marked as done (libsdl-image1.2: Security update 1.2.5-2etch1 is not installed)
Your message dated Sat, 26 Jul 2008 09:57:59 + with message-id [EMAIL PROTECTED] and subject line Bug#465598: fixed in sdl-image1.2 1.2.5-2+etch1 has caused the Debian Bug report #465598, regarding libsdl-image1.2: Security update 1.2.5-2etch1 is not installed to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 465598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465598 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libsdl-image1.2 Version: 1.2.5-2+b1 Severity: grave Justification: user security hole Tags: security I am unsure where the error is, please reassign appropriately. On Feb. 10th I got the mail about DSA 1493-1. I also see this DSA: remaxp:~# env LANG=C apt-cache policy libsdl-image1.2 libsdl-image1.2: Installed: 1.2.5-2+b1 Candidate: 1.2.5-2+b1 Version table: *** 1.2.5-2+b1 0 500 http://127.0.0.1 etch/main Packages 100 /var/lib/dpkg/status 1.2.5-2etch1 0 500 http://127.0.0.1 etch/updates/main Packages But as you can see, it is not going to be installed: remaxp:~# env LANG=C apt-get install libsdl-image1.2 Reading package lists... Done Building dependency tree... Done libsdl-image1.2 is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. Thus CVE-2007-6697 and CVE-2008-0544 are not yet fixed. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.19.2-grsec-cz01 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages libsdl-image1.2 depends on: ii libc6 2.3.6.ds1-13etch4 GNU C Library: Shared libraries ii libpng12-0 1.2.15~beta5-1PNG library - runtime ii libsdl1.2debian1.2.11-8 Simple DirectMedia Layer ii zlib1g 1:1.2.3-13compression library - runtime libsdl-image1.2 recommends no packages. -- no debconf information -- Dr. Helge Kreutzmann [EMAIL PROTECTED] Dipl.-Phys. http://www.helgefjell.de/debian.php 64bit GNU powered gpg signed mail preferred Help keep free software libre: http://www.ffii.de/ signature.asc Description: Digital signature ---End Message--- ---BeginMessage--- Source: sdl-image1.2 Source-Version: 1.2.5-2+etch1 We believe that the bug you reported is fixed in the latest version of sdl-image1.2, which is due to be installed in the Debian FTP archive: libsdl-image1.2-dev_1.2.5-2+etch1_i386.deb to pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2+etch1_i386.deb libsdl-image1.2_1.2.5-2+etch1_i386.deb to pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2+etch1_i386.deb sdl-image1.2_1.2.5-2+etch1.diff.gz to pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-2+etch1.diff.gz sdl-image1.2_1.2.5-2+etch1.dsc to pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-2+etch1.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst [EMAIL PROTECTED] (supplier of updated sdl-image1.2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 16 Mar 2008 00:39:46 +0100 Source: sdl-image1.2 Binary: libsdl-image1.2 libsdl-image1.2-dev Architecture: source i386 Version: 1.2.5-2+etch1 Distribution: stable-security Urgency: low Maintainer: Michael Koch [EMAIL PROTECTED] Changed-By: Thijs Kinkhorst [EMAIL PROTECTED] Description: libsdl-image1.2 - image loading library for Simple DirectMedia Layer 1.2 libsdl-image1.2-dev - development files for SDL 1.2 image loading libray Closes: 465598 Changes: sdl-image1.2 (1.2.5-2+etch1) stable-security; urgency=low . * Rebuild with higher version number than binary NMU's, no other changes (closes: #465598). Files: 7806c149bf53c0c3fbe09603b28a9e7f 991 libs optional sdl-image1.2_1.2.5-2+etch1.dsc 84411d1b20a5081531b7ecc7a8fa6b98 12288 libs optional sdl-image1.2_1.2.5-2+etch1.diff.gz fe51b351e3eb72f315ed1b74f29138eb 29632 libs optional libsdl-image1.2_1.2.5-2+etch1_i386.deb 6b98b1a5fd2eeaf25feaab7418583ec9 34404 libdevel optional
Bug#478573: marked as done ([peercast] CVE-2008-2040 stack-based buffer overflow in HTTP::getAuthUserPass function)
Your message dated Sat, 26 Jul 2008 09:57:49 +
with message-id [EMAIL PROTECTED]
and subject line Bug#478573: fixed in peercast 0.1217.toots.20060314-1etch1
has caused the Debian Bug report #478573,
regarding [peercast] CVE-2008-2040 stack-based buffer overflow in
HTTP::getAuthUserPass function
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
478573: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: peercast
Severity: grave
Tags: security
X-Debbugs-CC: [EMAIL PROTECTED]
I found a security issue in the peercast server in the
HTTP::getAuthUserPass function. I already contacted the upstream author 6 days
ago and didn't get an answer yet so I am publishing this now.
From core/common/http.cpp:
105 void HTTP::getAuthUserPass(char *user, char *pass)
106 {
107 if (arg)
108 {
109 char *s = stristr(arg,Basic);
110 if (s)
111 {
112 while (*s)
113 if (*s++ == ' ')
114 break;
115 String str;
116 str.set(s,String::T_BASE64);
117 str.convertTo(String::T_ASCII);
118 s = strstr(str.cstr(),:);
119 if (s)
120 {
121 *s = 0;
122 if (user)
123 strcpy(user,str.cstr());
124 if (pass)
125 strcpy(pass,s+1);
This function is used if authentication to the peercast server is done by basic
http auth
rather than by a cookie. In line 116 the base64 encoded string is copied into
str.
Note the set method is peercasts own implementation of set since it
reimplements the String
class. set looks like this:
From core/common/sys.h:
38 MAX_LEN = 256
...
62 void set(const char *p, TYPE t=T_ASCII)
63 {
64 strncpy(data,p,MAX_LEN-1);
65 data[MAX_LEN-1] = 0;
66 type = t;
67 }
In line 117 the string gets decoded and in line 118 and
following the part before ':' in the decoded string gets copied
into user and the part after it into pass.
From core/common/servhs.cpp:
558 bool Servent::handshakeAuth(HTTP http,const char *args,bool local)
559 {
560 char user[64],pass[64];
561 user[0] = pass[0] = 0;
...
580 while (http.nextHeader())
581 {
582 char *arg = http.getArgStr();
583 if (!arg)
584 continue;
585
586 switch (servMgr-authType)
587 {
588 case ServMgr::AUTH_HTTPBASIC:
589 if (http.isHeader(Authorization))
590 http.getAuthUserPass(user,pass);
591 break;
user and pass are only declared to have 64 bytes (line 558) while the buffer
used for
copy can store up to MAX_LEN (256) bytes (ok minus the : here).
Servent::handshakeAuth calls then
the getAuthUserPass function triggering a buffer overflow.
It's thus possible to crash the server and execute arbitrary code if the server
allows http-basic authentication.
I already requested a CVE id for this.
An example configuration and PoC is attached.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Server]
serverPort = 7144
autoServe = Yes
forceIP =
isRoot = No
maxBitrateOut = 0
maxRelays = 2
maxDirect = 0
maxRelaysPerChannel = 0
firewallTimeout = 30
forceNormal = No
rootMsg =
authType = http-basic
cookiesExpire = session
htmlPath = html/en
minPGNUIncoming = 10
maxPGNUIncoming = 20
maxServIn = 50
chanLog =
networkID =
[Broadcast]
broadcastMsgInterval = 10
broadcastMsg =
icyMetaInterval = 8192
broadcastID = 008145B5C0427118B595AF7D9E11
hostUpdateInterval = 180
maxControlConnections = 3
rootHost = yp.peercast.org
[Client]
refreshHTML = 5
relayBroadcast = 30
minBroadcastTTL = 1
maxBroadcastTTL = 7
pushTries = 5
pushTimeout = 60
maxPushHops = 8
autoQuery = 0
queryTTL = 7
[Privacy]
password = s0mep4ss
maxUptime = 0
[Filter]
ip = 255.255.255.255
private = Yes
ban = No
network = Yes
direct = Yes
[End]
[Notify]
PeerCast = Yes
Broadcasters = Yes
Bug#481164: marked as done (python-django: CVE-2008-2302 cross-site scripting vulnerability)
Your message dated Sat, 26 Jul 2008 09:57:54 + with message-id [EMAIL PROTECTED] and subject line Bug#481164: fixed in python-django 0.95.1-1etch1 has caused the Debian Bug report #481164, regarding python-django: CVE-2008-2302 cross-site scripting vulnerability to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 481164: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: python-django Version: 0.97~svn7189-1 Severity: grave Tags: security Justification: user security hole http://www.djangoproject.com/weblog/2008/may/14/security/ Updates need to be prepared for etch, sid/lenny, and experimental. Brett, can you take care of all this? (Also handling the few open bugs for the sid/experimental upload would be nice) -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages python-django depends on: ii python2.5.2-1An interactive high-level object-o ii python-support0.8.1 automated rebuilding support for P Versions of packages python-django recommends: ii python-pysqlite2 2.4.1-1Python interface to SQLite 3 -- no debconf information ---End Message--- ---BeginMessage--- Source: python-django Source-Version: 0.95.1-1etch1 We believe that the bug you reported is fixed in the latest version of python-django, which is due to be installed in the Debian FTP archive: python-django_0.95.1-1etch1.diff.gz to pool/main/p/python-django/python-django_0.95.1-1etch1.diff.gz python-django_0.95.1-1etch1.dsc to pool/main/p/python-django/python-django_0.95.1-1etch1.dsc python-django_0.95.1-1etch1_all.deb to pool/main/p/python-django/python-django_0.95.1-1etch1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Raphael Hertzog [EMAIL PROTECTED] (supplier of updated python-django package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 20 May 2008 00:40:59 +0200 Source: python-django Binary: python-django Architecture: source all Version: 0.95.1-1etch1 Distribution: stable Urgency: low Maintainer: Brett Parker [EMAIL PROTECTED] Changed-By: Raphael Hertzog [EMAIL PROTECTED] Description: python-django - A high-level Python Web framework Closes: 481164 Changes: python-django (0.95.1-1etch1) stable; urgency=low . * Add new patch debian/patches/03_xss_fix.diff. Fixes cross-site scripting vulnerability (CVE-2008-2302). Closes: #481164 Files: dcfc01be4549177a957d5a3503a00fd0 931 python optional python-django_0.95.1-1etch1.dsc c9ea4b3dfdc79ddd5f871f727c067eae 4153 python optional python-django_0.95.1-1etch1.diff.gz 6d78e3c6767803d84bd8f9c22f56242d 1017214 python optional python-django_0.95.1-1etch1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Signed by Raphael Hertzog iD8DBQFIMgdyvPbGD26BadIRAkOvAJ9y6syIot3/yRl5bZNXcBX3c6/7rgCcCYnY Mp4xFgv1GE3JmCoBc7tZPdk= =3OvF -END PGP SIGNATURE- ---End Message---
Bug#474322: marked as done (RM: glimpse/stable RoSRM; license problem)
Your message dated Sat, 26 Jul 2008 10:16:22 + with message-id [EMAIL PROTECTED] and subject line Bug#474322: fixed has caused the Debian Bug report #474322, regarding RM: glimpse/stable RoSRM; license problem to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 474322: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=474322 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: glimpse Version: 4.18.5-1 Severity: serious Justification: License to redistribute possibly expired please investigate; according to debian/copyright: ... Debian may redistribute binaries of glimpse built from modified source code (under the same COPYRIGHT as the original). Internet WorkShop, as per license agreement with Arizona Board of Regents, valid until January 1 2008. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core) Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Shell: /bin/sh linked to /bin/dash Versions of packages glimpse depends on: ii libc6 2.7-8 GNU C Library: Shared libraries glimpse recommends no packages. -- no debconf information ---End Message--- ---BeginMessage--- We believe that the bug you reported is now fixed; the following package(s) have been removed from stable: glimpse | 4.18.5-1 | source, alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, sparc Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive (ftp-master.debian.org) and will not propagate to any mirrors (ftp.debian.org included) until the next cron.daily run at the earliest. Packages are never removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED] This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED] Debian distribution maintenance software pp. Joerg Jaspert (the ftpmaster behind the curtain) ---End Message---
Bug#492465: python-dnspython: appears to be vulnerable to cache poisoning attack CVE-2008-1447
Package: python-dnspython Version: 1.3.5-3.1 1.6.0-1 Severity: grave Tags: security Hi, From inspecting the code of dnspython, it seems that it is not using the recommended source port randomisation for countering the cache poisoning attack as discovered by Dan Kaminski and referenced as CVE-2008-1447. Could you please look into this and see whether updated packages can and should be created for etch/lenny/sid? thanks, Thijs -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.18-6-686 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492469: hugin 0.7.x requires make (even for invoking nona) but does not depend on it
Package: hugin Version: 0.7.0~svn3191-1 Severity: serious Justification: Policy 3.5 hugin (the graphical frontend at least) now requires make for aligning and stitching. Using the Stitch Now button for regular stitching (no HDR) without make installed results in | execvp(make, -f, /tmp/huginmk_bUjuKS, all, clean) failed with error 2! before running nona. This is also documented on http://hugin.sourceforge.net/download/: | make. hugin-0.7.0 or later uses GNU 'make' to oversee the | stitching process, i.e. 'make' is required to run hugin as well as | build it. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#487014: marked as done (libtest-tap-htmlmatrix-perl: FTBFS: Test returned status 255 (wstat 65280, 0xff00))
Your message dated Sat, 26 Jul 2008 11:47:17 + with message-id [EMAIL PROTECTED] and subject line Bug#487014: fixed in libtest-tap-htmlmatrix-perl 0.09-1 has caused the Debian Bug report #487014, regarding libtest-tap-htmlmatrix-perl: FTBFS: Test returned status 255 (wstat 65280, 0xff00) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 487014: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487014 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libtest-tap-htmlmatrix-perl Version: 0.04-1 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20080619 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: /usr/bin/fakeroot debian/rules binary dh_testdir dh_testroot dh_clean -k /usr/bin/perl Build test t/00_dist...skipped all skipped: Test::Distribution must be installed t/basic.ok t/colorful..ok t/file_visual...Can't call method skip_all on unblessed reference at /usr/share/perl5/Test/TAP/Model/File.pm line 33. # Looks like you planned 15 tests but only ran 8. # Looks like your test died just after 8. dubious Test returned status 255 (wstat 65280, 0xff00) DIED. FAILED tests 9-15 Failed 7/15 tests, 53.33% okay t/model_visual..ok t/paths.ok t/subtest_visualok t/templ_output..ok t/uri...ok Failed Test Stat Wstat Total Fail List of Failed --- t/file_visual.t 255 6528015 14 9-15 1 test skipped. Failed 1/9 test scripts. 7/70 subtests failed. Files=9, Tests=70, 1 wallclock secs ( 0.62 cusr + 0.06 csys = 0.68 CPU) Failed 1/9 test programs. 7/70 subtests failed. make: *** [install-stamp] Error 255 The full build log is available from: http://people.debian.org/~lucas/logs/2008/06/19 This rebuild was done with gcc 4.3 instead of gcc 4.2, because gcc 4.3 is now the default on most architectures (even if it's not the case on i386 yet). Consequently, many failures are caused by the switch to gcc 4.3. If you determine that this failure is caused by gcc 4.3, feel free to downgrade this bug to 'important' if your package is only built on i386, and this bug is specific to gcc 4.3 (i.e the package builds fine with gcc 4.2). A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot containing a sid i386 environment. Internet was not accessible from the build systems. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: libtest-tap-htmlmatrix-perl Source-Version: 0.09-1 We believe that the bug you reported is fixed in the latest version of libtest-tap-htmlmatrix-perl, which is due to be installed in the Debian FTP archive: libtest-tap-htmlmatrix-perl_0.09-1.diff.gz to pool/main/libt/libtest-tap-htmlmatrix-perl/libtest-tap-htmlmatrix-perl_0.09-1.diff.gz libtest-tap-htmlmatrix-perl_0.09-1.dsc to pool/main/libt/libtest-tap-htmlmatrix-perl/libtest-tap-htmlmatrix-perl_0.09-1.dsc libtest-tap-htmlmatrix-perl_0.09-1_all.deb to pool/main/libt/libtest-tap-htmlmatrix-perl/libtest-tap-htmlmatrix-perl_0.09-1_all.deb libtest-tap-htmlmatrix-perl_0.09.orig.tar.gz to pool/main/libt/libtest-tap-htmlmatrix-perl/libtest-tap-htmlmatrix-perl_0.09.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. gregor herrmann [EMAIL PROTECTED] (supplier of updated libtest-tap-htmlmatrix-perl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 26 Jul 2008 13:43:11 +0200 Source: libtest-tap-htmlmatrix-perl Binary: libtest-tap-htmlmatrix-perl Architecture: source all Version: 0.09-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group [EMAIL PROTECTED] Changed-By: gregor herrmann
Bug#492364: marked as done (swi-prolog-xpce: file conflict(s?) with spi-prolog)
Your message dated Sat, 26 Jul 2008 11:47:34 + with message-id [EMAIL PROTECTED] and subject line Bug#492364: fixed in swi-prolog 5.6.58-2 has caused the Debian Bug report #492364, regarding swi-prolog-xpce: file conflict(s?) with spi-prolog to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 492364: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492364 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: swi-prolog-xpce Version: 5.6.58-1 Severity: grave Justification: renders package unusable (uninstallable) Presumably as a side effect of switching to dh_install, swi-prolog-xpce now contains at least one file already present in swi-prolog: Preparing to replace swi-prolog-xpce 5.6.57-1 (using .../swi-prolog-xpce_5.6.58-1_amd64.deb) ... Unpacking replacement swi-prolog-xpce ... dpkg: error processing /var/cache/apt/archives/swi-prolog-xpce_5.6.58-1_amd64.deb (--unpack): trying to overwrite `/usr/lib/swi-prolog/swipl', which is also in package swi-prolog dpkg-deb: subprocess paste killed by signal (Broken pipe) Could you please refine swi-prolog-xpce.install appropriately? Thanks! -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.25.11 (SMP w/2 CPU cores) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: swi-prolog Source-Version: 5.6.58-2 We believe that the bug you reported is fixed in the latest version of swi-prolog, which is due to be installed in the Debian FTP archive: swi-prolog-clib_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-clib_5.6.58-2_i386.deb swi-prolog-http_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-http_5.6.58-2_i386.deb swi-prolog-odbc_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-odbc_5.6.58-2_i386.deb swi-prolog-semweb_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-semweb_5.6.58-2_i386.deb swi-prolog-sgml_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-sgml_5.6.58-2_i386.deb swi-prolog-table_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-table_5.6.58-2_i386.deb swi-prolog-xpce_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog-xpce_5.6.58-2_i386.deb swi-prolog_5.6.58-2.diff.gz to pool/main/s/swi-prolog/swi-prolog_5.6.58-2.diff.gz swi-prolog_5.6.58-2.dsc to pool/main/s/swi-prolog/swi-prolog_5.6.58-2.dsc swi-prolog_5.6.58-2_i386.deb to pool/main/s/swi-prolog/swi-prolog_5.6.58-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Lamb [EMAIL PROTECTED] (supplier of updated swi-prolog package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 25 Jul 2008 22:59:28 +0100 Source: swi-prolog Binary: swi-prolog swi-prolog-clib swi-prolog-http swi-prolog-semweb swi-prolog-sgml swi-prolog-table swi-prolog-odbc swi-prolog-xpce Architecture: source i386 Version: 5.6.58-2 Distribution: unstable Urgency: low Maintainer: Chris Lamb [EMAIL PROTECTED] Changed-By: Chris Lamb [EMAIL PROTECTED] Description: swi-prolog - ISO/Edinburgh-style Prolog interpreter swi-prolog-clib - SWI-Prolog interface to system libraries swi-prolog-http - HTTP libraries for SWI-Prolog swi-prolog-odbc - ODBC library for SWI-Prolog swi-prolog-semweb - SWI-Prolog library for manipulating RDF triples swi-prolog-sgml - SGML/XML/HTML parser for SWI-Prolog swi-prolog-table - External table library for SWI-Prolog swi-prolog-xpce - User interface library for SWI-Prolog Closes: 492364 Changes: swi-prolog (5.6.58-2) unstable; urgency=low . * Fix regression when moving from dh_movefiles to dh_install. dh_install only copies the specifies files whilst dh_movefiles moves them - this was resulting in the contents of the binary swi-prolog package being duplicated inside swi-prolog-xpce, causing file conflicts at installation. (Closes: #492364) * Don't build the CHR package on arm and armel to prevent FTBFS on these archictures. * Add 04_fix_hyphens_being_used_as_minus_signs_in_manpages.dpatch to
Bug#490305: kazehakase: Segfault on startup; ruby-related
with my Debian Sid (dist-upgraded) same issue. But on testing and on Sid with root account I can start several times kazehakase without issue. just this message : (kazehakase:4778): Kazehakase-WARNING **: While connecting to session manager: Authentication Rejected, reason : None of the authentication protocols specified are supported and host-based authentication failed. I checked if clip.xml was in /root/.kazehakase/ the answer was YES :) I hope my messages will can help the package maintainer. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: fix for 492455
Processing commands for [EMAIL PROTECTED]: tags 492455 +patch Bug#492455: strongswan: FTBFS: Uses i386 assembler on non-i386 arches. There were no tags set. Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492455: fix for 492455
tags 492455 +patch thanks The attatched debian/rules file has been modified to only build that plugin on i386 only (I don't think any via chips support amd64 and even if they do the current padlock code won't build on it) #!/usr/bin/make -f # Sample debian/rules that uses debhelper. # GNU copyright 1997 to 1999 by Joey Hess. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 export DH_OPTIONS # this is a security-critical package, set all the options we can export DEB_BUILD_HARDENING=1 CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ --libexecdir=/usr/lib \ --enable-http --enable-ldap \ --enable-nonblocking --enable-thread \ --enable-smartcard --enable-cisco-quirks \ --with-default-pkcs11=/usr/lib/opensc-pkcs11.so \ --enable-xml \ --enable-p2p --enable-manager \ --enable-openssl # Could enable --enable-nat-transport, but this is actually insecure, # so don't! # And for --enable-eap-sim we would need the library, which we don't # have right now. DEB_BUILD_ARCH_CPU ?=$(shell dpkg-architecture -qDEB_BUILD_ARCH_CPU) #the padlock plugin only makes sense on i386 ifeq ($(DEB_BUILD_ARCH_CPU),i386) CONFIGUREARGS += --enable-padlock endif configure: configure-stamp configure-stamp: patch dh_testdir # Add here commands to configure the package. ./configure $(CONFIGUREARGS) touch configure-stamp patch: dh_testdir dpatch apply-all unpatch: dpatch deapply-all build: build-stamp build-stamp: configure-stamp $(MAKE) touch build-stamp clean: unpatch dh_testdir dh_testroot rm -f build-stamp configure-stamp -$(MAKE) clean #-$(MAKE) -C programs/fswcert/ clean # after a make clean, no binaries _should_ be left, but -find $(CURDIR) -name *.o | xargs --no-run-if-empty rm -find $(CURDIR)/lib/libcrypto -name *.a | xargs --no-run-if-empty rm # Really clean (#356716) # This is a hack: should be better implemented rm -f lib/libstrongswan/libstrongswan.a || true rm -f lib/libstrongswan/liboswlog.a || true # just in case something went wrong rm -f $(CURDIR)/debian/ipsec.secrets # and make sure that template are up-to-date debconf-updatepo dh_clean install-strongswan: DH_OPTIONS=-a install-strongswan: build-stamp dh_testdir dh_testroot dh_installdirs # Add here commands to install the package into debian/tmp. $(MAKE) install DESTDIR=$(CURDIR)/debian/strongswan install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan/etc/ipsec.secrets # also patch ipsec.conf to include the debconf-managed file echo $(CURDIR)/debian/strongswan/etc/ipsec.conf echo include /var/lib/strongswan/ipsec.conf.inc $(CURDIR)/debian/strongswan/etc/ipsec.conf # and to enable both IKEv1 and IKEv2 by default sed -r 's/^[ \t]+# *plutostart=(yes|no) */\tplutostart=yes/;s/^[ \t]+# *charonstart=(yes|no) */\tcharonstart=yes/' $(CURDIR)/debian/strongswan/etc/ipsec.conf $(CURDIR)/debian/strongswan/etc/ipsec.conf.tmp mv $(CURDIR)/debian/strongswan/etc/ipsec.conf.tmp $(CURDIR)/debian/strongswan/etc/ipsec.conf # this is handled by update-rc.d rm -rf $(CURDIR)/debian/strongswan/etc/rc?.d dh_installdocs -pstrongswan -n # change the paths in the installed doc files (but only in regular # files, not in links to the outside of the build tree !) # TODO: check if we still need this ( cd $(CURDIR)/debian/strongswan/; \ for f in `grep /usr/local/ --recursive --files-with-match *`; \ do \ if [ -f $$f -a ! -L $$f ]; then \ cp $$f $$f.old; \ sed 's/\/usr\/local\//\/usr\//' $$f.old $$f; \ rm $$f.old; \ fi; \ done ) # the logcheck ignore files install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.paranoid/strongswan install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.server/strongswan install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.workstation/strongswan install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/strongswan/etc/logcheck/violations.ignore.d/strongswan # set permissions on ipsec.secrets chmod 600 $(CURDIR)/debian/strongswan/etc/ipsec.secrets #chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.conf chmod 700 -R
Bug#492479: texlife-base: error during upgrade
Package: texlife-base Version: 2007.dfsg.1-3 Severity: grave Justification: renders package unusable I get the following error when upgrading: etting up texlive-base (2007.dfsg.1-3) ... Running mktexlsr. This may take some time... done. Building format(s) --all. This may take some time... fmtutil-sys failed. Output has been stored in /tmp/fmtutil.kSb17790 Please include this file if you report a bug. dpkg: error processing texlive-base (--configure): subprocess post-installation script returned error exit status 1 the contents of /tmp/fmtutil.kSb17790 % cat /tmp/fmtutil.kSb17790 % [16:10] fmtutil: running `mf-nowin -ini -jobname=mf -progname=mf -translate-file=cp227.tcx mf.ini' ... This is METAFONT, Version 2.71828 (Web2C 7.5.6) (INIMF) (/usr/share/texmf-texlive/web2c/cp227.tcx) (/usr/share/texmf-texlive/metafont/config/mf.ini (/usr/share/texmf-texlive/metafont/base/plain.mf Preloading the plain base, version 2.71: preliminaries, basic constants and mathematical macros, macros for converting from device-independent units to pixels, macros and tables for various modes of operation, macros for drawing and filling, macros for proof labels and rules, macros for character and font administration, and a few last-minute items.) (/etc/texmf/metafont/misc/modes.mf) ) Beginning to dump on file mf.base (base=mf 2008.7.26) 2224 strings of total length 29910 11865 memory locations dumped; current usage is 36587845 1003 symbolic tokens Transcript written on mf.log. fmtutil: /var/lib/texmf/web2c/metafont/mf.base installed. fmtutil: running `pdftex -ini -jobname=etex -progname=etex -translate-file=cp227.tcx *etex.ini' ... This is pdfTeXk, Version 3.141592-1.40.3 (Web2C 7.5.6) (INITEX) %-line parsing enabled. (/usr/share/texmf-texlive/web2c/cp227.tcx) entering extended mode (/usr/share/texmf-texlive/tex/plain/config/etex.ini (/usr/share/texmf-texlive/tex/plain/etex/etex.src (/usr/share/texmf-texlive/tex/plain/base/plain.tex Preloading the plain format: codes, registers, parameters, fonts, more fonts, macros, math definitions, output routines, hyphenation (/usr/share/texmf-texlive/tex/generic/hyphen/hyphen.tex [skipping from \patterns to end-of-file...])) (/usr/share/texmf-texlive/tex/plain/etex/etexdefs.lib Skipping module grouptypes; Loading module interactionmodes; Skipping module nodetypes; Skipping module iftypes;) (/usr/share/texmf-texlive/tex/plain/config/language.def (/usr/share/texmf-texlive/tex/generic/hyphen/hyphen.tex)) Augmenting the Plain TeX definitions: \tracingall; Adding new e-TeX definitions: \eTeX, \loggingall, \tracingnone, register allocation; extended register allocation; Recycling: \addlanguage, [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], Retaining: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]@@d, [EMAIL PROTECTED]@ad, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], \eTeX, \etexhdrchk, \etexstatus, \module, \uselanguage, [EMAIL PROTECTED], [EMAIL PROTECTED],) ) Beginning to dump on file etex.fmt (format=etex 2008.7.26) 2836 strings of total length 41448 7953 memory locations dumped; current usage is 1977289 1247 multiletter control sequences \font\nullfont=nullfont \font\tenrm=cmr10 \font\preloaded=cmr9 \font\preloaded=cmr8 \font\sevenrm=cmr7 \font\preloaded=cmr6 \font\fiverm=cmr5 \font\teni=cmmi10 \font\preloaded=cmmi9 \font\preloaded=cmmi8 \font\seveni=cmmi7 \font\preloaded=cmmi6 \font\fivei=cmmi5 \font\tensy=cmsy10 \font\preloaded=cmsy9 \font\preloaded=cmsy8 \font\sevensy=cmsy7 \font\preloaded=cmsy6 \font\fivesy=cmsy5 \font\tenex=cmex10 \font\preloaded=cmss10 \font\preloaded=cmssq8 \font\preloaded=cmssi10 \font\preloaded=cmssqi8 \font\tenbf=cmbx10 \font\preloaded=cmbx9 \font\preloaded=cmbx8 \font\sevenbf=cmbx7 \font\preloaded=cmbx6 \font\fivebf=cmbx5 \font\tentt=cmtt10 \font\preloaded=cmtt9 \font\preloaded=cmtt8 \font\preloaded=cmsltt10 \font\tensl=cmsl10 \font\preloaded=cmsl9 \font\preloaded=cmsl8 \font\tenit=cmti10 \font\preloaded=cmti9 \font\preloaded=cmti8 \font\preloaded=cmti7 \font\preloaded=cmu10 \font\preloaded=cmmib10 \font\preloaded=cmbsy10 \font\preloaded=cmcsc10 \font\preloaded=cmssbx10 \font\preloaded=cmdunh10 \font\preloaded=cmr7 at 14.51799pt \font\preloaded=cmtt10 at 14.4pt \font\preloaded=cmssbx10 at 14.4pt \font\preloaded=manfnt 14787 words of font info for 50 preloaded fonts 14 hyphenation exceptions Hyphenation trie of length 6075 has 181 ops out of 35111 181 for language 0 No pages of output. Transcript written on etex.log. fmtutil:
Bug#492482: texlive-base: error with fmtutil-sys when upgrading to -3
Package: texlive-base Version: 2007.dfsg.1-3 Severity: grave Justification: renders package unusable I get the following error when upgrading to -3: setting up texlive-base (2007.dfsg.1-3) ... Running mktexlsr. This may take some time... done. Building format(s) --all. This may take some time... fmtutil-sys failed. Output has been stored in /tmp/fmtutil.kSb17790 Please include this file if you report a bug. dpkg: error processing texlive-base (--configure): subprocess post-installation script returned error exit status 1 the contents of /tmp/fmtutil.kSb17790 % cat /tmp/fmtutil.kSb17790 % [16:10] fmtutil: running `mf-nowin -ini -jobname=mf -progname=mf -translate-file=cp227.tcx mf.ini' ... This is METAFONT, Version 2.71828 (Web2C 7.5.6) (INIMF) (/usr/share/texmf-texlive/web2c/cp227.tcx) (/usr/share/texmf-texlive/metafont/config/mf.ini (/usr/share/texmf-texlive/metafont/base/plain.mf Preloading the plain base, version 2.71: preliminaries, basic constants and mathematical macros, macros for converting from device-independent units to pixels, macros and tables for various modes of operation, macros for drawing and filling, macros for proof labels and rules, macros for character and font administration, and a few last-minute items.) (/etc/texmf/metafont/misc/modes.mf) ) Beginning to dump on file mf.base (base=mf 2008.7.26) 2224 strings of total length 29910 11865 memory locations dumped; current usage is 36587845 1003 symbolic tokens Transcript written on mf.log. fmtutil: /var/lib/texmf/web2c/metafont/mf.base installed. fmtutil: running `pdftex -ini -jobname=etex -progname=etex -translate-file=cp227.tcx *etex.ini' ... This is pdfTeXk, Version 3.141592-1.40.3 (Web2C 7.5.6) (INITEX) %-line parsing enabled. (/usr/share/texmf-texlive/web2c/cp227.tcx) entering extended mode (/usr/share/texmf-texlive/tex/plain/config/etex.ini (/usr/share/texmf-texlive/tex/plain/etex/etex.src (/usr/share/texmf-texlive/tex/plain/base/plain.tex Preloading the plain format: codes, registers, parameters, fonts, more fonts, macros, math definitions, output routines, hyphenation (/usr/share/texmf-texlive/tex/generic/hyphen/hyphen.tex [skipping from \patterns to end-of-file...])) (/usr/share/texmf-texlive/tex/plain/etex/etexdefs.lib Skipping module grouptypes; Loading module interactionmodes; Skipping module nodetypes; Skipping module iftypes;) (/usr/share/texmf-texlive/tex/plain/config/language.def (/usr/share/texmf-texlive/tex/generic/hyphen/hyphen.tex)) Augmenting the Plain TeX definitions: \tracingall; Adding new e-TeX definitions: \eTeX, \loggingall, \tracingnone, register allocation; extended register allocation; Recycling: \addlanguage, [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], Retaining: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]@@d, [EMAIL PROTECTED]@ad, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], \eTeX, \etexhdrchk, \etexstatus, \module, \uselanguage, [EMAIL PROTECTED], [EMAIL PROTECTED],) ) Beginning to dump on file etex.fmt (format=etex 2008.7.26) 2836 strings of total length 41448 7953 memory locations dumped; current usage is 1977289 1247 multiletter control sequences \font\nullfont=nullfont \font\tenrm=cmr10 \font\preloaded=cmr9 \font\preloaded=cmr8 \font\sevenrm=cmr7 \font\preloaded=cmr6 \font\fiverm=cmr5 \font\teni=cmmi10 \font\preloaded=cmmi9 \font\preloaded=cmmi8 \font\seveni=cmmi7 \font\preloaded=cmmi6 \font\fivei=cmmi5 \font\tensy=cmsy10 \font\preloaded=cmsy9 \font\preloaded=cmsy8 \font\sevensy=cmsy7 \font\preloaded=cmsy6 \font\fivesy=cmsy5 \font\tenex=cmex10 \font\preloaded=cmss10 \font\preloaded=cmssq8 \font\preloaded=cmssi10 \font\preloaded=cmssqi8 \font\tenbf=cmbx10 \font\preloaded=cmbx9 \font\preloaded=cmbx8 \font\sevenbf=cmbx7 \font\preloaded=cmbx6 \font\fivebf=cmbx5 \font\tentt=cmtt10 \font\preloaded=cmtt9 \font\preloaded=cmtt8 \font\preloaded=cmsltt10 \font\tensl=cmsl10 \font\preloaded=cmsl9 \font\preloaded=cmsl8 \font\tenit=cmti10 \font\preloaded=cmti9 \font\preloaded=cmti8 \font\preloaded=cmti7 \font\preloaded=cmu10 \font\preloaded=cmmib10 \font\preloaded=cmbsy10 \font\preloaded=cmcsc10 \font\preloaded=cmssbx10 \font\preloaded=cmdunh10 \font\preloaded=cmr7 at 14.51799pt \font\preloaded=cmtt10 at 14.4pt \font\preloaded=cmssbx10 at 14.4pt \font\preloaded=manfnt 14787 words of font info for 50 preloaded fonts 14 hyphenation exceptions Hyphenation trie of length 6075 has 181 ops out of 35111 181 for language 0 No pages of output. Transcript written on etex.log. fmtutil:
Bug#492483: pcx_1.1.18-1(hppa/unstable): FTBFS: build depends on g77
Package: pcx Version: 1.1.18-1 Severity: serious Hi, your package failed to build from source. | Automatic build of pcx_1.1.18-1 on lofn by sbuild/hppa 98-farm | Build started at 20080726-1404 | ** | Checking available source versions... | Fetching source files... | Reading package lists... | Building dependency tree... | Need to get 465kB of source archives. | Get:1 http://sinclair.farm.ftbfs.de sid/non-free pcx 1.1.18-1 (dsc) [1090B] | Get:2 http://sinclair.farm.ftbfs.de sid/non-free pcx 1.1.18-1 (tar) [450kB] | Get:3 http://sinclair.farm.ftbfs.de sid/non-free pcx 1.1.18-1 (diff) [14.3kB] | Fetched 465kB in 0s (802kB/s) | Download complete and in download only mode | ** Using build dependencies supplied by package: | Build-Depends: debhelper (= 4.0), csh | c-shell, g77 | Checking for already installed source dependencies... | debhelper: missing | Using default version 7.0.16 (Priority: 500) | csh: missing | Using default version 20070713-1 (Priority: 500) | c-shell: missing | No default version. Virtual package? | g77: missing | No default version. Virtual package? | Checking for source dependency conflicts... | /usr/bin/sudo /usr/bin/apt-get --purge $CHROOT_OPTIONS -q -y install debhelper csh g77 | Reading package lists... | Building dependency tree... | E: Package g77 has no installation candidate | Package g77 is not available, but is referred to by another package. | This may mean that the package is missing, has been obsoleted, or | is only available from another source | apt-get failed. | Package installation failed | Trying to reinstall removed packages: | Trying to uninstall newly installed packages: | Source-dependencies not satisfied; skipping pcx | ** | Finished at 20080726-1404 | Build needed 00:00:00, 0k disk space Full build log(s): http://experimental.ftbfs.de/build.php?ver=1.1.18-1pkg=pcxarch=hppa Gruesse, -- Frank Lichtenheld [EMAIL PROTECTED] www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486354: iceweasel: Iceweasel rc2 does not start
Package: iceweasel Version: 3.0.1-1 --- Please enter the report below this line. --- Same here after 3.0 arrived in testing. On startup Iceweasel reports a segmentation fault. I upgraded to the version from unstable but no luck. Whether I use -safe-mode or remove my .mozilla profile does not make a difference. However, when I run iceweasel -g, it apparently runs without problems and I can use the browser. There seems to be a difference between running iceweasel with or without gdb. bye, Jan --- System information. --- Architecture: i386 Kernel: Linux 2.6.25-2-686 Debian Release: lenny/sid 700 testing ftp.nl.debian.org --- Package information. --- Depends(Version) | Installed -+-=== fontconfig | 2.6.0-1 psmisc | 22.6-1 procps | 1:3.2.7-8 debianutils(= 1.16) | 2.30 libc6 (= 2.7-1) | 2.7-10 libgcc1 (= 1:4.1.1) | 1:4.3.1-2 libglib2.0-0 (= 2.12.0) | 2.16.4-2 libgtk2.0-0 (= 2.12.0) | 2.12.10-2 libnspr4-0d(= 1.8.0.10) | 4.7.1-3 libstdc++6(= 4.1.1) | 4.3.1-2 xulrunner-1.9 ( 1.9~rc2-5) | 1.9.0.1-1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#490160: notfixed 490160 in libqt4-webkit/4.4.0-4
# Automatically generated email from bts, devscripts version 2.10.33 # clean up versioning notfixed 490160 libqt4-webkit/4.4.0-4 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: notfixed 490160 in libqt4-webkit/4.4.0-4
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.33 # clean up versioning notfixed 490160 libqt4-webkit/4.4.0-4 Bug#490160: libqt4-webkit / arora: SIGBUS on sparc Bug no longer marked as fixed in version libqt4-webkit/4.4.0-4. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492484: Sould be available for other architectures in addition to AMD64
Package: icedtea-gcjwebplugin Version: 1.0-2 Severity: grave I have a computer of IA32-architecture. Binarypackages of this plugin are only available for AMD64. But I really can build this package in my computer and actually use it. So, what's up? -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (1100, 'testing'), (990, 'stable'), (500, 'testing-proposed-updates'), (500, 'proposed-updates'), (101, 'testing'), (99, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core) Locale: LANG=fi_FI.utf8, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages icedtea-gcjwebplugin depends on: ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit ii libc6 2.7-12 GNU C Library: Shared libraries ii libcairo2 1.6.4-6The Cairo 2D vector graphics libra ii libgcc1 1:4.3.1-7 GCC support library ii libglib2.0-0 2.16.4-2 The GLib library of C routines ii libgtk2.0-0 2.12.11-3 The GTK+ graphical user interface ii libnspr4-0d 4.7.1-3NetScape Portable Runtime Library ii libpango1.0-0 1.20.5-1 Layout and rendering of internatio ii libstdc++64.3.1-7The GNU Standard C++ Library v3 ii openjdk-6-jre 6b11-2 OpenJDK Java runtime icedtea-gcjwebplugin recommends no packages. icedtea-gcjwebplugin suggests no packages. -- no debconf information -- Juhapekka naula Tolvanen * http colon slash slash iki dot fi slash juhtolv Boku wa ongakuka dentaku katate ni. Tashitari. Hiitari. Sousa shite. Sakkyoku suru. Kono botan oseba ongaku kanaderu. Kraftwerk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486073: setting package to audio-cd libaudio-cd-perl, tagging 486073
# Automatically generated email from bts, devscripts version 2.10.34 # via tagpending # # audio-cd (0.05-7) UNRELEASED; urgency=low # # * debian/rules #- replaced pwd with $(CURDIR); thanks to Niko Tyni for the report; Closes: # #486073 # package audio-cd libaudio-cd-perl tags 486073 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: setting package to audio-cd libaudio-cd-perl, tagging 486073
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.34 # via tagpending # # audio-cd (0.05-7) UNRELEASED; urgency=low # # * debian/rules #- replaced pwd with $(CURDIR); thanks to Niko Tyni for the report; Closes: # #486073 # package audio-cd libaudio-cd-perl Ignoring bugs not assigned to: audio-cd libaudio-cd-perl tags 486073 + pending Bug#486073: libaudio-cd-perl: empty package on several architectures [sudo and $(PWD)] There were no tags set. Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#492484: Sould be available for other architectures in addition to AMD64
Processing commands for [EMAIL PROTECTED]: severity 492484 wishlist Bug#492484: Sould be available for other architectures in addition to AMD64 Severity set to `wishlist' from `grave' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: notfixed 480307 in fp-ide/2.2.0-dfsg1-8
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.33 # fix versioning notfixed 480307 fp-ide/2.2.0-dfsg1-8 Bug#480307: fp-ide: Crashes on startup...still. Bug no longer marked as fixed in version fp-ide/2.2.0-dfsg1-8. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#480307: notfixed 480307 in fp-ide/2.2.0-dfsg1-8
# Automatically generated email from bts, devscripts version 2.10.33 # fix versioning notfixed 480307 fp-ide/2.2.0-dfsg1-8 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492488: iceweasel: crashes on startup (x64)
Package: iceweasel
Version: 3.0.1-1
Severity: grave
Justification: renders package unusable
Hi,
I just dist-upgraded to sid and now iceweasel crashes on startup.
I removed all traces of system or user plugins, and .mozilla profiles,
and still the problem persists.
Even trying with iceweasel -safe-mode does not help.
I'm attaching the backtrace [1]
Let me know if you need further info.
regards,
Michele
[1]:
System: Linux 2.6.25-2-amd64 #1 SMP Mon Jul 14 11:05:23 UTC 2008 x86_64
X Vendor: The X.Org Foundation
X Vendor Release: 10402000
Selinux: No
Accessibility: Disabled
GTK+ Theme: Clearlooks
Icon Theme: gnome
Memory status: size: 379949056 vsize: 379949056 resident: 33644544 share:
20262912 rss: 33644544 rss_rlim: 18446744073709551615
CPU usage: start_time: 1217085639 rtime: 80 utime: 70 stime: 10 cutime:0
cstime: 0 timeout: 0 it_real_value: 0 frequency: 100
Backtrace was generated from '/usr/lib/bug-buddy/firefox-bin'
[Thread debugging using libthread_db enabled]
[New Thread 0x7f292e16f6f0 (LWP 5339)]
[New Thread 0x430c6950 (LWP 5349)]
[New Thread 0x420c4950 (LWP 5346)]
[New Thread 0x418c3950 (LWP 5345)]
0x7f292d7b2b9f in waitpid () from /lib/libc.so.6
#0 0x7f292d7b2b9f in waitpid () from /lib/libc.so.6
#1 0x7f2928faa719 in g_spawn_sync () from /usr/lib/libglib-2.0.so.0
#2 0x7f2928faaa28 in g_spawn_command_line_sync ()
from /usr/lib/libglib-2.0.so.0
#3 0x7f2923b6c4b3 in ?? ()
from /usr/lib/gtk-2.0/modules/libgnomebreakpad.so
#4 0x7f292bcdffdb in nsProfileLock::FatalSignalHandler (signo=11)
at nsProfileLock.cpp:216
#5 signal handler called
#6 0x7f292be59b0a in nsFrame::BoxReflow (this=0x257f838,
[EMAIL PROTECTED], aPresContext=0x2579e30,
[EMAIL PROTECTED], aRenderingContext=0x25d4ae0, aX=6000,
aY=6000, aWidth=0, aHeight=0, aMoveFrame=1) at nsFrame.cpp:6302
#7 0x7f292be59f70 in nsFrame::DoLayout (this=0x257f3e0,
[EMAIL PROTECTED]) at nsFrame.cpp:6108
#8 0x7f292bf148fd in nsIFrame::Layout (this=0x257f838,
[EMAIL PROTECTED]) at nsBox.cpp:561
#9 0x7f292be6862e in LayoutAndInvalidate ([EMAIL PROTECTED],
aBox=0x257f838, [EMAIL PROTECTED]) at nsGfxScrollFrame.cpp:2480
#10 0x7f292be691f8 in nsGfxScrollFrameInner::LayoutScrollbars (
this=0x257f458, [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED])
at nsGfxScrollFrame.cpp:2542
#11 0x7f292be6befd in nsHTMLScrollFrame::Reflow (this=0x257f3e0,
aPresContext=value optimized out, [EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED])
at nsGfxScrollFrame.cpp:823
#12 0x7f292be577cb in nsContainerFrame::ReflowChild (
this=value optimized out, aKidFrame=0x257f3e0, aPresContext=0x2579e30,
[EMAIL PROTECTED], [EMAIL PROTECTED], aX=0, aY=0,
aFlags=0, [EMAIL PROTECTED], aTracker=0x0)
at nsContainerFrame.cpp:771
#13 0x7f292be9d3c6 in ViewportFrame::Reflow (this=0x257f0b0,
aPresContext=0x2579e30, [EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED])
at nsViewportFrame.cpp:286
#14 0x7f292be3a05b in PresShell::DoReflow (this=0x257d4c0,
target=0x257f0b0) at nsPresShell.cpp:6280
#15 0x7f292be3d56f in PresShell::ProcessReflowCommands (this=0x257d4c0,
aInterruptible=1) at nsPresShell.cpp:6386
#16 0x7f292be3d6a2 in PresShell::DoFlushPendingNotifications (
this=0x257d4c0, aType=Flush_Layout, aInterruptibleReflow=1)
at nsPresShell.cpp:4574
#17 0x7f292be3d722 in PresShell::ReflowEvent::Run (
this=value optimized out) at nsPresShell.cpp:6145
#18 0x7f292c41286e in nsThread::ProcessNextEvent (this=0x1d40cb0,
mayWait=1, result=0x7fff3619141c) at nsThread.cpp:510
#19 0x7f292c3e837e in NS_ProcessNextEvent_P (thread=0x257f3e0, mayWait=1)
at nsThreadUtils.cpp:230
#20 0x7f292c36c87d in nsBaseAppShell::Run (this=0x234af50)
at nsBaseAppShell.cpp:170
#21 0x7f292c24ef71 in nsAppStartup::Run (this=0x23ac2c0)
at nsAppStartup.cpp:181
#22 0x7f292bcd9ae9 in XRE_main (argc=value optimized out,
argv=value optimized out, aAppData=value optimized out)
at nsAppRunner.cpp:3182
#23 0x004015b1 in main (argc=3, argv=0x7fff36192a38)
at nsXULStub.cpp:421
Thread 4 (Thread 0x418c3950 (LWP 5345)):
#0 0x7f292d7dbd26 in poll () from /lib/libc.so.6
No symbol table info available.
#1 0x7f292cdb1667 in _pr_poll_with_poll (pds=0x1e0b408, npds=1,
timeout=4294967295) at ptio.c:3895
stack_syspoll = {{fd = 21, events = 1, revents = 0}, {fd = 386,
events = 1, revents = 0}, {fd = 0, events = 0, revents = 0}, {
fd = 30233592, events = 0, revents = 0}, {fd = 1099705920, events = 0,
revents = 0}, {fd = 1099705864, events = 0, revents = 0}, {
fd = -1538124099, events = 0, revents = 0}, {fd = 1099705840, events = 0,
revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 771237342,
events = 32553, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0,
events = 0, revents = 0}, {fd =
Bug#492490: [reportbug] Crash
Package: reportbug
Version: 3.43
Severity: critical
--- Please enter the report below this line. ---
Hi.
Trying to run the program:
$ reportbug
Traceback (most recent call last):
File /usr/bin/reportbug, line 1823, in ?
main()
File /usr/bin/reportbug, line 832, in main
lib_package = __import__('reportbuglib', fromlist=[iface])
TypeError: __import__() takes no keyword arguments
[I had to install reportbug-ng to report this. :-/ ]
Best regards,
Gilles
--- System information. ---
Architecture: amd64
Kernel: Linux 2.6.25.11-vs2.3.0.34.14+g1
Debian Release: lenny/sid
500 unstabledebian.inode.at
500 testing security.debian.org
500 testing debian.inode.at
500 stable security.debian.org
500 stable debian.inode.at
500 stable debian-multimedia.informatik.uni-erlangen.de
--- Package information. ---
Depends (Version) | Installed
=-+-===
python (= 2.4) | 2.4.4-6
python-central (= 0.6.7) | 0.6.8
apt | 0.7.14+b1
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#492479: texlife-base: error during upgrade
Processing commands for [EMAIL PROTECTED]: reassign 492479 texlive-base Bug#492479: texlife-base: error during upgrade Warning: Unknown package 'texlife-base' Bug reassigned from package `texlife-base' to `texlive-base'. -- Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491977: grub-probe fails with Cannot find a GRUB drive for /dev/dm-N.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert Millan wrote:
[..] Simply run from your build dir:
./grub-probe -t device /
./grub-probe -t device /boot
Instead of /dev/dm-X, it should print /dev/md0 or /dev/md2.
While this worked, installing the new grub-common package (from
unstable) didn't change anything. Just to be sure, I also upgraded grub
to the latest legacy version and moved /boot/grub/device.map out of the way.
debby:~# dpkg-query -W -f '${Package} ${Status} ${Version}\n' grub\*
grub install ok installed 0.97-42
grub-choose-default purge ok not-installed
grub-common install ok installed 1.96+20080724-1
grub-efi unknown ok not-installed
grub-ieee1275 unknown ok not-installed
grub-legacy-doc unknown ok not-installed
grub-linuxbios unknown ok not-installed
grub-pc purge ok not-installed
grub2 purge ok not-installed
debby:~# dpkg --configure -a
Setting up linux-image-2.6.25-2-686 (2.6.25-7) ...
Running depmod.
Finding valid ramdisk creators.
Using mkinitramfs-kpkg to build the ramdisk.
Other valid candidates: mkinitramfs-kpkg mkinitrd.yaird
initrd.img(/boot/initrd.img-2.6.25-2-686
) points to /boot/initrd.img-2.6.25-2-686
(/boot/initrd.img-2.6.25-2-686) -- doing nothing at
/var/lib/dpkg/info/linux-image-2.6.25-2-686.postinst line 569.
vmlinuz(/boot/vmlinuz-2.6.25-2-686
) points to /boot/vmlinuz-2.6.25-2-686
(/boot/vmlinuz-2.6.25-2-686) -- doing nothing at
/var/lib/dpkg/info/linux-image-2.6.25-2-686.postinst line 569.
Running postinst hook script /usr/sbin/update-grub.
Searching for GRUB installation directory ... found: /boot/grub
grub-probe: error: Cannot find a GRUB drive for /dev/dm-5. Check your
device.map.
User postinst hook script [/usr/sbin/update-grub] exited with value 1
dpkg: error processing linux-image-2.6.25-2-686 (--configure):
subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of linux-image-2.6-686:
linux-image-2.6-686 depends on linux-image-2.6.25-2-686; however:
Package linux-image-2.6.25-2-686 is not configured yet.
dpkg: error processing linux-image-2.6-686 (--configure):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of linux-image-686:
linux-image-686 depends on linux-image-2.6-686; however:
Package linux-image-2.6-686 is not configured yet.
dpkg: error processing linux-image-686 (--configure):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of linux-image-2.6-k7:
linux-image-2.6-k7 depends on linux-image-2.6-686; however:
Package linux-image-2.6-686 is not configured yet.
dpkg: error processing linux-image-2.6-k7 (--configure):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of linux-image-k7:
linux-image-k7 depends on linux-image-686; however:
Package linux-image-686 is not configured yet.
dpkg: error processing linux-image-k7 (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
linux-image-2.6.25-2-686
linux-image-2.6-686
linux-image-686
linux-image-2.6-k7
linux-image-k7
debby:~#
debby:~# /usr/sbin/grub-probe -t device /
/dev/md2
debby:~# /usr/sbin/grub-probe -t device /boot
/dev/md0
debby:~#
Am I missing something? Should I take additional measures before retrying?
Thank in advance.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREKAAYFAkiLSiEACgkQn6GkvSd/BgxoQwCeJTmSo6YC8wM+/heQmeyUuvke
bp4AoI4APyNYhxdOu0VQEZMoeWrUA8De
=QSO6
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492490: [Reportbug-maint] Bug#492490: [reportbug] Crash
Hello Gilles On Sat, Jul 26, 2008 at 17:45, Gilles Sadowski [EMAIL PROTECTED] wrote: --- Package information. --- Depends (Version) | Installed =-+-=== python (= 2.4) | 2.4.4-6 Is this version the default on your machine? Here is: $ python -V Python 2.5.2 Could you please exec the same command and let me know the result? Thanks, Sandro -- Sandro Tosi (aka morph, Morpheus, matrixhasu) My website: http://matrixhasu.altervista.org/ Me at Debian: http://wiki.debian.org/SandroTosi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491977: grub-probe fails with Cannot find a GRUB drive for /dev/dm-N.
Am Samstag, den 26.07.2008, 18:00 +0200 schrieb Moritz Naumann:
debby:~# dpkg-query -W -f '${Package} ${Status} ${Version}\n' grub\*
grub-common install ok installed 1.96+20080724-1
Am I missing something? Should I take additional measures before retrying?
Please see the message above in the report, The patch from Robert is in
1.96+20080724-2 not -1 which you have installed.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492490: [Reportbug-maint] Bug#492490: [reportbug] Crash
Hi. That was a quick reply; thanks! [And it was too quick a report too (see below).] --- Package information. --- Depends (Version) | Installed =-+-=== python (= 2.4) | 2.4.4-6 Is this version the default on your machine? So it seemed. But, in the middle of bigger problems (hence the need of bugreport), I just did an aptitude safe-upgrade, and now bugreport just works again. And now here is what I obtain: --- Package information. --- Depends (Version) | Installed =-+-=== python (= 2.4) | 2.5.2-2 python-central (= 0.6.7) | 0.6.8 apt | 0.7.14+b1 Here is: $ python -V Python 2.5.2 Could you please exec the same command and let me know the result? The same. So, in the end, we won't know in what strange state was the python install... Sorry for the (now wrong) report. Best, Gilles -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492490: [Reportbug-maint] Bug#492490: Bug#492490: [reportbug] Crash
Hi Gilles, --- Package information. --- Depends (Version) | Installed =-+-=== python (= 2.4) | 2.4.4-6 Is this version the default on your machine? So it seemed. But, in the middle of bigger problems (hence the need of bugreport), I just did an aptitude safe-upgrade, and now bugreport just works again. And now here is what I obtain: --- Package information. --- Depends (Version) | Installed =-+-=== python (= 2.4) | 2.5.2-2 python-central (= 0.6.7) | 0.6.8 apt | 0.7.14+b1 Here is: $ python -V Python 2.5.2 Could you please exec the same command and let me know the result? The same. So, in the end, we won't know in what strange state was the python install... Yeah, I supposed so: python 2.5 is the default on sid/lenny, so there was something weird on your system, in this case a missing upgrade, now fixed ;) Sorry for the (now wrong) report. Well, indeed this is a bug, so I'm releasing a new version with dependency on python (= 2.5) Thanks for the report. Sandro -- Sandro Tosi (aka morph, Morpheus, matrixhasu) My website: http://matrixhasu.altervista.org/ Me at Debian: http://wiki.debian.org/SandroTosi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#474909: patch for SBCL NMU
Here is a patch to convert to SBCL diff -u maxima-5.13.0/debian/README.Debian maxima-5.13.0/debian/README.Debian --- maxima-5.13.0/debian/README.Debian +++ maxima-5.13.0/debian/README.Debian @@ -1,6 +1,14 @@ maxima for Debian -- +What's new in 5.15.0 + +I (David Bremner [EMAIL PROTECTED]) have packaged this version of +maxima using sbcl instead of gcl. Currently we lose the nice header +when maxima starts up, and you have to use rmaxima (or emacs :-) ) for +command line editing. On the plus side, it now passes the test suite, +at least on i386. + What's new in 5.9.1: @@ -41 +49 @@ - -- Camm Maguire [EMAIL PROTECTED], Wed Feb 23 19:37:03 2005 + -- David Bremner [EMAIL PROTECTED], Thu, 24 Jul 2008 22:30:12 -0300 diff -u maxima-5.13.0/debian/rules maxima-5.13.0/debian/rules --- maxima-5.13.0/debian/rules +++ maxima-5.13.0/debian/rules @@ -10,6 +10,9 @@ # This is the debhelper compatability version to use. #export DH_COMPAT=3 +# choose LISP to use +LISP=sbcl + NO_STRIP:= #ALT_LINK:= #ifeq ($(DEB_BUILD_ARCH),mips) @@ -37,29 +40,35 @@ build-stamp: dh_testdir - for i in aclocal.m4 src/sys-proclaim.lisp configure ; do [ -e $$i.ori ] || cp $$i $$i.ori; done + # .ori trick does not work so well here because they are clobbered by make clean + mkdir debian/info-backup cp -a doc/info/maxima.info* debian/info-backup + for i in aclocal.m4 src/sys-proclaim.lisp configure; do [ -e $$i.ori ] || cp $$i $$i.ori; done aclocal + autoconf automake - GCL_ANSI=t ./configure --enable-gcl $$(gcl -batch -eval '#-native-reloc(princ --enable-gcl-alt-link)(bye)') \ + ./configure --enable-$(LISP)\ --prefix=/usr \ --libexec=/usr/lib \ --mandir=/usr/share/man \ --infodir=/usr/share/info - GCL_ANSI=t $(MAKE) + $(MAKE) # This sets up some reasonable readline command completion by default - cd src/binary-gcl echo ':lisp (setq si::*readline-prefix* maxima::$$)(when (fboundp (quote si::sgc-on)) (si::sgc-on t))(setq maxima::*maxima-started* nil)(si::putprop (quote cl-info::cause-maxima-index-to-load) /usr/share/doc/maxima-doc/info/maxima-index.lisp (quote autoload))(si::save-system foo)' | ./maxima -eval '(run)' mv foo maxima +# cd src/binary-gcl echo ':lisp (setq si::*readline-prefix* maxima::$$)(when (fboundp (quote si::sgc-on)) (si::sgc-on t))(setq maxima::*maxima-started* nil)(si::putprop (quote cl-info::cause-maxima-index-to-load) /usr/share/doc/maxima-doc/info/maxima-index.lisp (quote autoload))(si::save-system foo)' | ./maxima -eval '(run)' mv foo maxima + +# this adds about 1M to the image, which is not great, but means 44M vs 43M + echo ':lisp (progn (load doc/info/maxima-index.lisp) (sb-ext:save-lisp-and-die newmaxima.core))'| ./maxima-local -eval mv newmaxima.core src/binary-sbcl/maxima.core # Reenable if/when gcl uses __mulsi et. al. on m68k, now configured for (020) unoptimally # [ $$(dpkg --print-architecture) != m68k ] || cp debian/rtest8.mac.m68k tests/rtest8.mac chmod +x ./maxima-local - ./maxima-local --lisp=gcl --batch-string=run_testsuite(true,true); tmp 21 \ + ./maxima-local --lisp=$(LISP) --batch-string=run_testsuite(true,true); tmp 21 \ j=$$! ; echo Waiting on pid $$j ; \ tail -f --pid=$$j --retry tests/tests-gcl.log tmp wait $$j @@ -109,7 +118,8 @@ rm -f $(BOOK) config.log config.status plotting/mgnuplot \ src/maxima.bat src/rmaxima maxima-local xmaxima-local maxima.spec maxima.iss rm -rf src/numerical/slatec/fortran/CVS src/*gazonk* interfaces/xmaxima/win32/Makefile - for i in aclocal.m4 src/sys-proclaim.lisp configure ; do ! [ -e $$i.ori ] || mv $$i.ori $$i; done + ! [ -d debian/info-backup ] || mv debian/info-backup/maxima.info* doc/info rm -rf debian/info-backup + for i in aclocal.m4 src/sys-proclaim.lisp configure; do ! [ -e $$i.ori ] || mv $$i.ori $$i; done dh_clean @@ -220,7 +230,8 @@ dh_installchangelogs -i dh_link -i dh_strip -i - dh_compress -i -X.shtml -X.hh -Xmaxima-index.lisp + # maxima.info is read directly by maxima and shouldn't (?) be compressed + dh_compress -i -X.shtml -X.hh -Xmaxima-index.lisp -Xmaxima.info dh_fixperms -i dh_installdeb -i dh_shlibdeps -i diff -u maxima-5.13.0/debian/control maxima-5.13.0/debian/control --- maxima-5.13.0/debian/control +++ maxima-5.13.0/debian/control @@ -2,13 +2,13 @@ Section: math Priority: optional Maintainer: Camm Maguire [EMAIL PROTECTED] -Build-Depends: gcl ( = 2.6.7-36 ) , texinfo, libgmp3-dev, libreadline5-dev | libreadline-dev, locales, automake1.9, debhelper ( =4.1.0 ) , libncurses5-dev, autoconf2.13, gawk | awk, texlive-latex-recommended, sharutils, libxmu-dev, libxaw7-dev
Processed (with 1 errors): your mail
Processing commands for [EMAIL PROTECTED]: tags 474909 patch Bug#474909: maxima: FTBFS: /bin/sh: ./maxima: No such file or directory There were no tags set. Tags added: patch kthanksbye Unknown command or malformed arguments to command. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#488637: NMU for xine-plugin
Hello, I've prepared a NMU for xine-plugin, which updates it to the long-ago released 1.0.1 version, and fixes the crashes with Iceweasel 3 and Epiphany, as far as I can tell. Please test this and let me know if it makes a difference for you. http://people.debian.org/~chrsmrtn The file 'debian.diff' contains the changes within the debian directory only; look at the .diff.gz for the source changes against upstream release 1.0.1. I've done a little more housecleaning than is normally encouraged for a NMU, so Darren, let me know what you think! I'd like to get a bit of feedback before uploading. Thanks, Christopher Martin signature.asc Description: This is a digitally signed message part.
Bug#492490: marked as done ([reportbug] Crash)
Your message dated Sat, 26 Jul 2008 17:32:03 +
with message-id [EMAIL PROTECTED]
and subject line Bug#492490: fixed in reportbug 3.44
has caused the Debian Bug report #492490,
regarding [reportbug] Crash
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
492490: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492490
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: reportbug
Version: 3.43
Severity: critical
--- Please enter the report below this line. ---
Hi.
Trying to run the program:
$ reportbug
Traceback (most recent call last):
File /usr/bin/reportbug, line 1823, in ?
main()
File /usr/bin/reportbug, line 832, in main
lib_package = __import__('reportbuglib', fromlist=[iface])
TypeError: __import__() takes no keyword arguments
[I had to install reportbug-ng to report this. :-/ ]
Best regards,
Gilles
--- System information. ---
Architecture: amd64
Kernel: Linux 2.6.25.11-vs2.3.0.34.14+g1
Debian Release: lenny/sid
500 unstabledebian.inode.at
500 testing security.debian.org
500 testing debian.inode.at
500 stable security.debian.org
500 stable debian.inode.at
500 stable debian-multimedia.informatik.uni-erlangen.de
--- Package information. ---
Depends (Version) | Installed
=-+-===
python (= 2.4) | 2.4.4-6
python-central (= 0.6.7) | 0.6.8
apt | 0.7.14+b1
---End Message---
---BeginMessage---
Source: reportbug
Source-Version: 3.44
We believe that the bug you reported is fixed in the latest version of
reportbug, which is due to be installed in the Debian FTP archive:
reportbug_3.44.dsc
to pool/main/r/reportbug/reportbug_3.44.dsc
reportbug_3.44.tar.gz
to pool/main/r/reportbug/reportbug_3.44.tar.gz
reportbug_3.44_all.deb
to pool/main/r/reportbug/reportbug_3.44_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sandro Tosi [EMAIL PROTECTED] (supplier of updated reportbug package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sat, 26 Jul 2008 19:17:44 +0200
Source: reportbug
Binary: reportbug
Architecture: source all
Version: 3.44
Distribution: unstable
Urgency: medium
Maintainer: Reportbug Maintainers [EMAIL PROTECTED]
Changed-By: Sandro Tosi [EMAIL PROTECTED]
Description:
reportbug - reports bugs in the Debian distribution
Closes: 492240 492490
Changes:
reportbug (3.44) unstable; urgency=medium
.
[ Chris Lawrence ]
* reportbug
+ Yet another character set issue fix. (Closes: #492240)
.
[ Sandro Tosi ]
* debian/control
- changed build-dep-indep from python-dev to python
- bump required Python version to = 2.5; thanks to Gilles Sadowski for
the report; Closes: #492490 (RC bug, hence urgency set to medium)
Checksums-Sha1:
618f4bed4eed9b5f594040ff24b5e08991f22903 1170 reportbug_3.44.dsc
1a92decb661e9b0802b254bee64eb10475671102 175176 reportbug_3.44.tar.gz
9cdf48fb1c3db6f245f59f8806c92535cd5218db 157346 reportbug_3.44_all.deb
Checksums-Sha256:
68130157e302f22d5c418a993707340f7c3ea7db5167bd6bd19bd3db8e980283 1170
reportbug_3.44.dsc
f4743c8e99afc00fc3088e9064f68078729c6f6a3680046c0aa510767865b8d4 175176
reportbug_3.44.tar.gz
b7c100be341c487066d822c219dfe3e76d253f1a1d7ba8d4d4d4335ef463fbcc 157346
reportbug_3.44_all.deb
Files:
b69519d543f8de59da6075fc320c696a 1170 utils standard reportbug_3.44.dsc
34f64c01e42b48183cafc1c68378750f 175176 utils standard reportbug_3.44.tar.gz
b4b5e99e93ba95deefaf4b3dee8d970b 157346 utils standard reportbug_3.44_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiLXXkACgkQAukwV0RN2VAM0ACaAroFLZDIBDpgCb+vvLMkWcsk
b/IAn0kWC8m1V7GwRfnNy1yOJPSJudTy
=O3je
-END PGP SIGNATURE-
---End Message---
Bug#492513: [digikam] does not start :: symbol lookup error: digikam: undefined symbol
Package: digikam Version: 2:0.9.4-1 Severity: critical --- Please enter the report below this line. --- after upgrade 0.9.3 -- 0.9.4 i get: laptop:~# digikam digikam: symbol lookup error: digikam: undefined symbol: _ZN4KIPI9Interface7versionEv and it does not start :-( --- System information. --- Architecture: i386 Kernel: Linux 2.6.25-trunk-686 Debian Release: lenny/sid 500 unstablewww.debian-multimedia.org 500 unstablemirror.isoc.org.il 500 testing mirror.isoc.org.il 500 kernel-dists-trunk kernel-archive.buildserver.net 500 experimentalwww.debian-multimedia.org 1 experimentalmirror.isoc.org.il --- Package information. --- Depends (Version) | Installed =-+-== kdelibs4c2a (= 4:3.5.9) | 4:3.5.9.dfsg.1-4 libc6 (= 2.7-1) | 2.7-12 libgcc1 (= 1:4.1.1) | 1:4.3.1-2 libgphoto2-2 (= 2.4.0) | 2.4.0-8 libgphoto2-port0 (= 2.4.0) | 2.4.0-8 libjasper1 (= 1.900.1) | 1.900.1-5 libjpeg62 | 6b-14 libkdcraw3| 0.1.4-2 libkexiv2-3 | 0.1.7-1 libkipi0 | 0.1.5-2 liblcms1 (= 1.15-1) | 1.16-10 libpng12-0 (= 1.2.13-4) | 1.2.27-1 libqt3-mt (= 3:3.3.8b) | 3:3.3.8b-2 libsqlite3-0 (= 3.5.9) | 3.5.9-2 libstdc++6 (= 4.2.1) | 4.3.1-2 libtiff4 | 3.8.2-7 libx11-6 | 2:1.1.4-2 kdebase-kio-plugins | 4:3.5.9.dfsg.1-4 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#475036: kernel-package still very important
I need kernel-package to do a group of tasks very important. Please maintain kernel-package 11.00x the best you can, while you rewrite the new version. I promise whenever I find a bug I try to find a fix and send it with the bug report. Jose Calhariz -- -- O que é conservacionismo? Não é aderir ao velho e já tentado, contra o novo e não tentado? --Abraham Lincoln signature.asc Description: Digital signature
Bug#492519: vim-runtime: newrw explorer potentially deletes wrong files
Package: vim-runtime
Version: 1:7.1.314-3
Severity: serious
Netrw explorer currently shipped with Debian Sid can potentially cause
data loss since in certain situations it may delete unintended files.
The problem is in the short listing mode. How to reproduce:
$ mkdir tmpdir
$ cd tmpdir
$ touch foo1 foo2 foo3
$ vim .
Change to short listing mode by pressing i a couple of times. Hide all
the dot files (Ctrl-H and enter ^\.). The directory should look like
this:
Netrw Directory Listing(netrw
v125)
/home/dtw/tmp
Sorted by name
Sort sequence:
[\/]$,\.h$,\.c$,\.cpp$,*,\.o$,\.obj$,\.info$,\.swp$,\.bak$,\~$
Hiding:^\.
Quick Help: F1:help -:go up dir D:delete R:rename s:sort-by
x:exec
foo1 foo2 foo3
Now move the cursor to either file foo2 or foo3 and press D
(delete). You'll see a question which asks if you want to delete _foo1_:
Confirm deletion of file/home/dtw/tmpdir/foo1 [{y(es)},n(o),a(ll),q(uit)]
If user don't pay attention a wrong file gets deleted.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-6-k7 (SMP w/1 CPU core)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
vim-runtime depends on no packages.
Versions of packages vim-runtime recommends:
ii vim-gtk [vim] 1:7.1.314-3+b1 Vi IMproved - enhanced vi editor -
vim-runtime suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: notfixed 490559 in 5.8-1
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.34 # 5.8 still contains this issue notfixed 490559 5.8-1 Bug#490559: drupal5: Security Updates Released 2008-07-09 Bug no longer marked as fixed in version 5.8-1. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#490559: notfixed 490559 in 5.8-1
# Automatically generated email from bts, devscripts version 2.10.34 # 5.8 still contains this issue notfixed 490559 5.8-1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491889: meep not in Lenny anymore
Hi, I don't agree with your reasoning. Upstream recommends using the Debian package on their website (http://ab-initio.mit.edu/wiki/index.php/Meep_Download): We highly recommend using Debian or Ubuntu, as in Debian or Ubuntu the Meep software and all of its dependencies can be installed simply by typing one line: [...] So the removal does might annoy one or the other. Anyway I tried to adopt this package and uploaded a new version to mentors.debian.net. Unfortunately I did not find a sponsor yet. Best regards Thorsten -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging as pending bugs that are closed by packages in NEW
Processing commands for [EMAIL PROTECTED]: # Sat Jul 26 20:03:15 UTC 2008 # Tagging as pending bugs that are closed by packages in NEW # http://ftp-master.debian.org/new.html # # Source package in NEW: ogre tags 479280 + pending Bug#479280: Ogre 1.4.7 Released There were no tags set. Tags added: pending # Source package in NEW: ogre tags 485899 + pending Bug#485899: ogre-doc: API and Manual under non-free CC-BY-SA-2.5 license There were no tags set. Tags added: pending # Source package in NEW: phamm tags 487754 + pending Bug#487754: [INTL:sv] Swedish strings for debconf template Tags were: l10n patch Tags added: pending # Source package in NEW: ganyremote tags 483679 + pending Bug#483679: ITP: ganyremote -- GTK frontend for anyRemote There were no tags set. Tags added: pending # Source package in NEW: kanyremote tags 486546 + pending Bug#486546: ITP: kanyremote -- KDE frontend for anyRemote There were no tags set. Tags added: pending # Source package in NEW: libcsfml tags 481665 + pending Bug#481665: ITP: libcsfml -- Simple and Fast Multimedia Library for C There were no tags set. Tags added: pending # Source package in NEW: gourmet tags 427474 + pending Bug#427474: RFP: gourmet -- Gourmet Recipe Manager manages your recipes, generate shopping lists, and more Tags were: help Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#479607: large-memory did fix the problem for me
I installed from debian-LennyBeta2-amd64-netinst.iso, which worked; I then upgraded to linux-image-2.6.25-2-amd64, which failed (it did not even try to run /init from initrd.img). I then added large-memory to /etc/lilo.conf (at the global level), and now it works. (I did not try MODULES=dep.) Maybe there are two different problems? Or maybe large-memory only helps on certain systems? I've got a SuperMicro X7DCA-i motherboard with 2x Core 2 Quad and 8GB RAM. Some people have wanted to know file sizes. Here are the file sizes for the initial 2.6.24 kernel: [EMAIL PROTECTED]:~$ ls -lL /vmlinuz.old /initrd.img.old -rw-r--r-- 1 root root 7760701 2008-07-25 22:01 /initrd.img.old -rw-r--r-- 1 root root 1668248 2008-05-10 02:32 /vmlinuz.old And for the new kernel: [EMAIL PROTECTED]:~$ ls -lL /vmlinuz /initrd.img -rw-r--r-- 1 root root 8031788 2008-07-26 08:56 /initrd.img -rw-r--r-- 1 root root 1727456 2008-07-14 05:16 /vmlinuz Carl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: retitle 492519 to vim-runtime: netrw explorer potentially deletes wrong files
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.9.26 retitle 492519 vim-runtime: netrw explorer potentially deletes wrong files Bug#492519: vim-runtime: newrw explorer potentially deletes wrong files Changed Bug title to `vim-runtime: netrw explorer potentially deletes wrong files' from `vim-runtime: newrw explorer potentially deletes wrong files'. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492479: marked as done (texlife-base: error during upgrade)
Your message dated Sat, 26 Jul 2008 22:28:45 +0200 with message-id [EMAIL PROTECTED] and subject line Re: Processed: Re: Bug#492479: texlife-base: error during upgrade has caused the Debian Bug report #492479, regarding texlife-base: error during upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 492479: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492479 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: texlife-base Version: 2007.dfsg.1-3 Severity: grave Justification: renders package unusable I get the following error when upgrading: etting up texlive-base (2007.dfsg.1-3) ... Running mktexlsr. This may take some time... done. Building format(s) --all. This may take some time... fmtutil-sys failed. Output has been stored in /tmp/fmtutil.kSb17790 Please include this file if you report a bug. dpkg: error processing texlive-base (--configure): subprocess post-installation script returned error exit status 1 the contents of /tmp/fmtutil.kSb17790 % cat /tmp/fmtutil.kSb17790 % [16:10] fmtutil: running `mf-nowin -ini -jobname=mf -progname=mf -translate-file=cp227.tcx mf.ini' ... This is METAFONT, Version 2.71828 (Web2C 7.5.6) (INIMF) (/usr/share/texmf-texlive/web2c/cp227.tcx) (/usr/share/texmf-texlive/metafont/config/mf.ini (/usr/share/texmf-texlive/metafont/base/plain.mf Preloading the plain base, version 2.71: preliminaries, basic constants and mathematical macros, macros for converting from device-independent units to pixels, macros and tables for various modes of operation, macros for drawing and filling, macros for proof labels and rules, macros for character and font administration, and a few last-minute items.) (/etc/texmf/metafont/misc/modes.mf) ) Beginning to dump on file mf.base (base=mf 2008.7.26) 2224 strings of total length 29910 11865 memory locations dumped; current usage is 36587845 1003 symbolic tokens Transcript written on mf.log. fmtutil: /var/lib/texmf/web2c/metafont/mf.base installed. fmtutil: running `pdftex -ini -jobname=etex -progname=etex -translate-file=cp227.tcx *etex.ini' ... This is pdfTeXk, Version 3.141592-1.40.3 (Web2C 7.5.6) (INITEX) %-line parsing enabled. (/usr/share/texmf-texlive/web2c/cp227.tcx) entering extended mode (/usr/share/texmf-texlive/tex/plain/config/etex.ini (/usr/share/texmf-texlive/tex/plain/etex/etex.src (/usr/share/texmf-texlive/tex/plain/base/plain.tex Preloading the plain format: codes, registers, parameters, fonts, more fonts, macros, math definitions, output routines, hyphenation (/usr/share/texmf-texlive/tex/generic/hyphen/hyphen.tex [skipping from \patterns to end-of-file...])) (/usr/share/texmf-texlive/tex/plain/etex/etexdefs.lib Skipping module grouptypes; Loading module interactionmodes; Skipping module nodetypes; Skipping module iftypes;) (/usr/share/texmf-texlive/tex/plain/config/language.def (/usr/share/texmf-texlive/tex/generic/hyphen/hyphen.tex)) Augmenting the Plain TeX definitions: \tracingall; Adding new e-TeX definitions: \eTeX, \loggingall, \tracingnone, register allocation; extended register allocation; Recycling: \addlanguage, [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED] (not defined), [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], Retaining: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]@@d, [EMAIL PROTECTED]@ad, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], \eTeX, \etexhdrchk, \etexstatus, \module, \uselanguage, [EMAIL PROTECTED], [EMAIL PROTECTED],) ) Beginning to dump on file etex.fmt (format=etex 2008.7.26) 2836 strings of total length 41448 7953 memory locations dumped; current usage is 1977289 1247 multiletter control sequences \font\nullfont=nullfont \font\tenrm=cmr10 \font\preloaded=cmr9 \font\preloaded=cmr8 \font\sevenrm=cmr7 \font\preloaded=cmr6 \font\fiverm=cmr5 \font\teni=cmmi10 \font\preloaded=cmmi9 \font\preloaded=cmmi8 \font\seveni=cmmi7 \font\preloaded=cmmi6 \font\fivei=cmmi5 \font\tensy=cmsy10 \font\preloaded=cmsy9 \font\preloaded=cmsy8 \font\sevensy=cmsy7 \font\preloaded=cmsy6 \font\fivesy=cmsy5 \font\tenex=cmex10 \font\preloaded=cmss10 \font\preloaded=cmssq8 \font\preloaded=cmssi10 \font\preloaded=cmssqi8
Processed: fix submitter
Processing commands for [EMAIL PROTECTED]: submitter 492009 Joost van Baal [EMAIL PROTECTED] Bug#492009: eekboek: should not be shipped with lenny Warning: Unknown package 'eekboek' Changed Bug submitter from Martin Michlmayr [EMAIL PROTECTED] to Joost van Baal [EMAIL PROTECTED]. -- Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#488637: NMU for xine-plugin
I demand that Christopher Martin may or may not have written... I've prepared a NMU for xine-plugin, which updates it to the long-ago released 1.0.1 version, and fixes the crashes with Iceweasel 3 and Epiphany, as far as I can tell. Please test this and let me know if it makes a difference for you. http://people.debian.org/~chrsmrtn The file 'debian.diff' contains the changes within the debian directory only; look at the .diff.gz for the source changes against upstream release 1.0.1. I've done a little more housecleaning than is normally encouraged for a NMU, so Darren, let me know what you think! I'd like to get a bit of feedback before uploading. NAK. This isn't based on our hg packaging repository (OTOH, you couldn't know about that); and I've just released 1.0.2. http://alioth.debian.org/~dsalt-guest/sponsored/xine-plugin/ This should be uploaded as is (due to time constraints); however, I've not examined your diff.gz in any great detail, so if there's any cleanup work which hasn't been done and which you feel is important, send me patches or changesets... http://hg.debian.org/hg/xine-lib/pkg/xine-plugin-deb -- | Darren Salt| linux or ds at | nr. Ashington, | Toon | RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army | + Generate power using sun, wind, water, nuclear. FORGET COAL AND OIL. Support local search and rescue. GET LOST! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#479607: marked as done (lilo fails to boot 2.6.25 kernel image due to wrongly passing initramfs)
Your message dated Sat, 26 Jul 2008 21:02:58 + with message-id [EMAIL PROTECTED] and subject line Bug#479607: fixed in lilo 1:22.8-6 has caused the Debian Bug report #479607, regarding lilo fails to boot 2.6.25 kernel image due to wrongly passing initramfs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 479607: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479607 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Subject: linux-image-2.6.25-1-amd64: Kernel panic: Unable to mount root Package: linux-image-2.6.25-1-amd64 Version: 2.6.25-1 Severity: normal *** Please type your report below this line *** Hi, The new kernel 2.6.25-1 panics on my amd64 MacBookPro machine. Previous kernels worked. The output is: [...] NET: Registered protocol family 1 NET: Registered protocol family 17 registered taskstats version 1 RAMDISK: coulndn't find valid RAM disk image starting at 0 List of all partitions: ... ram0 (driver?) ... ... ram15 (driver?) No filesystem could mount root, tried: Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block (8,3) I tried the ideas of http://wiki.debian.org/InitramfsDebug: with rootdelay=9, it does wait for 9 seconds, afterwards it panics with the same message. With 2.6.24, ls /proc/cmdline prints: BOOT_IMAGE=LinuxOLD ro root=803 I executed, with no luck: dpkg-reconfigure linux-image-2.6.25-1-amd64 dpkg-reconfigure initramfs-tools ls -l /boot gives: total 33111 -rw-r--r-- 1 root root 512 2007-10-07 18:32 boot.0800 -rw-r--r-- 1 root root 512 2007-10-07 18:48 boot.0803 -rw-r--r-- 1 root root 308326 2008-03-15 22:44 coffee.bmp -rw-r--r-- 1 root root 79389 2008-04-19 01:13 config-2.6.24-1-amd64 -rw-r--r-- 1 root root 81924 2008-04-25 17:07 config-2.6.25-1-amd64 lrwxrwxrwx 1 root root 15 2007-10-07 18:32 debian.bmp - /boot/sarge.bmp -rw-r--r-- 1 root root 153720 2008-03-15 22:44 debianlilo.bmp lrwxrwxrwx 1 root root 25 2008-04-29 10:57 initrd.img - initrd.img-2.6.25-1-amd64 -rw-r--r-- 1 root root 6831589 2008-04-19 23:53 initrd.img-2.6.24-1-amd64 -rw-r--r-- 1 root root 6597033 2008-03-27 22:57 initrd.img-2.6.24-1-amd64.bak -rw-r--r-- 1 root root 6989209 2008-05-02 13:15 initrd.img-2.6.25-1-amd64 -rw-r--r-- 1 root root 6990195 2008-04-29 10:57 initrd.img-2.6.25-1-amd64.bak lrwxrwxrwx 1 root root 25 2008-01-29 22:15 initrd.img.old - initrd.img-2.6.24-1-amd64 -rw--- 1 root root 18944 2008-05-02 13:16 map -rw-r--r-- 1 root root 23662 2008-03-15 22:44 sarge.bmp -rw-r--r-- 1 root root 24116 2008-03-15 22:44 sid.bmp -rw-r--r-- 1 root root 1158727 2008-04-19 01:13 System.map-2.6.24-1-amd64 -rw-r--r-- 1 root root 1185722 2008-04-25 17:07 System.map-2.6.25-1-amd64 lrwxrwxrwx 1 root root 22 2008-04-29 10:57 vmlinuz - vmlinuz-2.6.25-1-amd64 -rw-r--r-- 1 root root 1668120 2008-04-19 01:12 vmlinuz-2.6.24-1-amd64 -rw-r--r-- 1 root root 1727008 2008-04-25 17:07 vmlinuz-2.6.25-1-amd64 lrwxrwxrwx 1 root root 22 2008-01-29 22:15 vmlinuz.old - vmlinuz-2.6.24-1-amd64 Here is the diff of initramfs content between 2.6.25 and 2.6.24 (I replaced 2.6.24 with 2.6.25 to have only the useful differences), as suggested by http://wiki.debian.org/InitramfsDebug: --- initramfs-old.content 2008-05-02 20:36:47.0 +0200 +++ initramfs.content 2008-05-02 20:35:12.0 +0200 @@ -52,13 +52,11 @@ ./etc/udev/rules.d/z25_persistent-cd.rules ./etc/udev/rules.d/z20_persistent-input.rules ./etc/udev/rules.d/45-hplip.rules -./etc/udev/rules.d/z60_libsane-extras.rules.dpkg-new ./etc/udev/rules.d/z60_alsa-utils.rules ./etc/udev/rules.d/85-pcmcia.rules ./etc/udev/rules.d/z55_hotplug.rules ./etc/udev/rules.d/z60_libccid.rules ./etc/udev/rules.d/z60_hdparm.rules -./etc/udev/rules.d/z60_libsane.rules.dpkg-new ./etc/udev/rules.d/z60_libsane.rules ./etc/udev/rules.d/z99_hal.rules ./etc/udev/rules.d/z50_run.rules @@ -90,7 +88,6 @@ ./etc/modprobe.d/arch-aliases ./etc/modprobe.d/thinkpad_acpi.modprobe ./etc/modprobe.d/oss-compat -./etc/modprobe.d/libsane.dpkg-new ./etc/modprobe.d/alsa-base-blacklist ./etc/modprobe.d/display_class ./etc/modprobe.d/pnp-hotplug @@ -122,6 +119,8 @@ ./lib/modules/2.6.25-1-amd64/kernel/fs/jfs/jfs.ko ./lib/modules/2.6.25-1-amd64/kernel/fs/nfs ./lib/modules/2.6.25-1-amd64/kernel/fs/nfs/nfs.ko +./lib/modules/2.6.25-1-amd64/kernel/fs/nls +./lib/modules/2.6.25-1-amd64/kernel/fs/nls/nls_base.ko ./lib/modules/2.6.25-1-amd64/kernel/fs/xfs ./lib/modules/2.6.25-1-amd64/kernel/fs/xfs/xfs.ko ./lib/modules/2.6.25-1-amd64/kernel/fs/ext2 @@ -192,15 +191,16 @@
Bug#491633: marked as done (fails to install, attempted to use shell library)
Your message dated Sat, 26 Jul 2008 21:17:06 + with message-id [EMAIL PROTECTED] and subject line Bug#491633: fixed in xft 2.1.13-2 has caused the Debian Bug report #491633, regarding fails to install, attempted to use shell library to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 491633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491633 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libxft-dev Version: 2.1.13-1 Severity: grave The package can't be installed. dpkg fails with the following message: Preparing to replace libxft-dev 2.1.12-3 (using .../libxft-dev_2.1.13-1_i386.deb) ... Error: package maintainer script attempted to use shell library without definining $THIS_PACKAGE shell variable. Please report the package name, version, and the text of this error message to the Debian Bug Tracking System. Visit http://www.debian.org/Bugs/Reporting on the World Wide Web for instructions, read the file /usr/share/doc/debian/bug-reporting.txt from the doc-debian package, or install the reportbug package and use the command of the same name to file a report against version 2.1.13-1 of this package. dpkg: error processing /var/cache/apt/archives/libxft-dev_2.1.13-1_i386.deb (--unpack): subprocess pre-installation script returned error exit status 99 Errors were encountered while processing: /var/cache/apt/archives/libxft-dev_2.1.13-1_i386.deb E: Sub-process /usr/bin/dpkg returned an error code (1) -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.26-mactel (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libxft-dev depends on: ii libc6-dev [libc-dev] 2.7-12GNU C Library: Development Librari ii libfontconfig1-dev 2.6.0-1 generic font configuration library ii libfreetype6-dev 2.3.7-1 FreeType 2 font engine, developmen ii libx11-dev 2:1.1.4-2 X11 client-side library (developme ii libxft22.1.13-1 FreeType-based font drawing librar ii libxrender-dev 1:0.9.4-2 X Rendering Extension client libra ii x11-common 1:7.3+14 X Window System (X.Org) infrastruc ii zlib1g-dev [libz-dev] 1:1.2.3.3.dfsg-12 compression library - development libxft-dev recommends no packages. libxft-dev suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: xft Source-Version: 2.1.13-2 We believe that the bug you reported is fixed in the latest version of xft, which is due to be installed in the Debian FTP archive: libxft-dev_2.1.13-2_i386.deb to pool/main/x/xft/libxft-dev_2.1.13-2_i386.deb libxft2-dbg_2.1.13-2_i386.deb to pool/main/x/xft/libxft2-dbg_2.1.13-2_i386.deb libxft2_2.1.13-2_i386.deb to pool/main/x/xft/libxft2_2.1.13-2_i386.deb xft_2.1.13-2.diff.gz to pool/main/x/xft/xft_2.1.13-2.diff.gz xft_2.1.13-2.dsc to pool/main/x/xft/xft_2.1.13-2.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julien Cristau [EMAIL PROTECTED] (supplier of updated xft package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 26 Jul 2008 23:02:21 +0200 Source: xft Binary: libxft2 libxft2-dbg libxft-dev Architecture: source i386 Version: 2.1.13-2 Distribution: experimental Urgency: low Maintainer: Debian X Strike Force [EMAIL PROTECTED] Changed-By: Julien Cristau [EMAIL PROTECTED] Description: libxft-dev - FreeType-based font drawing library for X (development files) libxft2- FreeType-based font drawing library for X libxft2-dbg - FreeType-based font drawing library for X (unstripped) Closes: 491633 Changes: xft (2.1.13-2) experimental; urgency=low . * Delete obsolete libxft-dev preinst (closes: #491633). Checksums-Sha1: 6d7abe482ea220cd85220a956f3a18cf271f7558 1328 xft_2.1.13-2.dsc b69102eb788c22f1a9808d1f6c853f4e5abce5fc 21059 xft_2.1.13-2.diff.gz 108799e7ef0d716036a5ff41748bc0f9f0e74798 50424 libxft2_2.1.13-2_i386.deb
Bug#492199: marked as done (file conflicts between packages)
Your message dated Sat, 26 Jul 2008 21:02:56 + with message-id [EMAIL PROTECTED] and subject line Bug#492199: fixed in libbsd 0.0.1-1 has caused the Debian Bug report #492199, regarding file conflicts between packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 492199: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492199 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: libbsd-dev, libbsd0 Severity: serious Justification: policy violation hi, both libbsd-dev and libbsd0 ship `/usr/share/man/man3/md5.3.gz' but do neither conflict, nor add a diversion, thus fail to be installed in the same environment: dpkg: error processing /var/cache/apt/archives/libcgi-dev_1.0-6_amd64.deb (--unpack): trying to overwrite `/usr/share/man/man3/md5.3.gz', which is also in package libbsd-dev Processing triggers for man-db ... Errors were encountered while processing: /var/cache/apt/archives/libcgi-dev_1.0-6_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1) bye, - michael ---End Message--- ---BeginMessage--- Source: libbsd Source-Version: 0.0.1-1 We believe that the bug you reported is fixed in the latest version of libbsd, which is due to be installed in the Debian FTP archive: libbsd-dev_0.0.1-1_i386.deb to pool/main/libb/libbsd/libbsd-dev_0.0.1-1_i386.deb libbsd0-dbg_0.0.1-1_i386.deb to pool/main/libb/libbsd/libbsd0-dbg_0.0.1-1_i386.deb libbsd0_0.0.1-1_i386.deb to pool/main/libb/libbsd/libbsd0_0.0.1-1_i386.deb libbsd_0.0.1-1.diff.gz to pool/main/libb/libbsd/libbsd_0.0.1-1.diff.gz libbsd_0.0.1-1.dsc to pool/main/libb/libbsd/libbsd_0.0.1-1.dsc libbsd_0.0.1.orig.tar.gz to pool/main/libb/libbsd/libbsd_0.0.1.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Guillem Jover [EMAIL PROTECTED] (supplier of updated libbsd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 26 Jul 2008 22:57:42 +0300 Source: libbsd Binary: libbsd-dev libbsd0 libbsd0-dbg Architecture: source i386 Version: 0.0.1-1 Distribution: unstable Urgency: low Maintainer: Debian GNU/kFreeBSD [EMAIL PROTECTED] Changed-By: Guillem Jover [EMAIL PROTECTED] Description: libbsd-dev - utility functions from BSD systems - development files libbsd0- utility functions from BSD systems - shared library libbsd0-dbg - utility functions from BSD systems - debugging symbols Closes: 492199 Changes: libbsd (0.0.1-1) unstable; urgency=low . * New upstream release. - Install md5.3 man page as md5.3bsd to avoid conflicting with commonly provided file. (Closes: #492199) * Install upstream ChangeLog. Checksums-Sha1: 60d79ad520a963431f3b2203d7706c206a44b291 1249 libbsd_0.0.1-1.dsc d1ce6736f9967842a860db1b71df166092af3aa2 46871 libbsd_0.0.1.orig.tar.gz 53c7e2778a283720b13daa760839f6626a9e1f93 5247 libbsd_0.0.1-1.diff.gz 305260a92a00b34a0e8ba9f5ffe4b02e9c0adba0 49560 libbsd-dev_0.0.1-1_i386.deb f6a435a3b52b32bb935b83e3c075c979b350fcee 26728 libbsd0_0.0.1-1_i386.deb d8141754210408537f995fc7fd391a63a8ac443f 32630 libbsd0-dbg_0.0.1-1_i386.deb Checksums-Sha256: dccdc685e9f7b9bc923afcecbb6a7889c479f5ea080642fc3cfd4ae9097e1592 1249 libbsd_0.0.1-1.dsc fd58634ad3d0d3c56040ef16a4465c1656207e240ef95cc311549b96ca1055d3 46871 libbsd_0.0.1.orig.tar.gz b1c03dc4df05f2fe6ce95e10cc7e8e41fbe1bcd8264a305952d298dbf34169fb 5247 libbsd_0.0.1-1.diff.gz 17f382ce1f78da1fa31afd79fb465c99621a36d56e65e15746b3af79be0a553e 49560 libbsd-dev_0.0.1-1_i386.deb cc14f29a1acc0b56df766ae819a58b9880281b78f9560ace2fc3ae0aa12f426d 26728 libbsd0_0.0.1-1_i386.deb 5e5cf3ebf4dc25d6c8b6a988cd1bfbcd41e1b7ab23c3f5013de86fc596a9dba8 32630 libbsd0-dbg_0.0.1-1_i386.deb Files: 3cb6f045517c820d171bf45ccf3b79fa 1249 libs optional libbsd_0.0.1-1.dsc c5c31ce402405d26cb4a6bd6f684e539 46871 libs optional libbsd_0.0.1.orig.tar.gz 879ac564a5f527eb50096cbe2f5a0af9 5247 libs optional libbsd_0.0.1-1.diff.gz dc0d4c69e32c507c02fb3d9b6c1e71fe 49560 libdevel optional libbsd-dev_0.0.1-1_i386.deb ece493b62daa927cfb0f745732703de0 26728 libs optional libbsd0_0.0.1-1_i386.deb da3f02b6b3de04214a5b23be359ea1ca 32630 libs extra
Bug#483989: xserver-xorg-video-savage: system freeze while starting X
On Sun, Jun 1, 2008 at 20:45:54 +0200, Stefan Lippers-Hollmann wrote: Hi On Sonntag, 1. Juni 2008, you wrote: [...] Is the machine completely dead with the plain 2.2.1 driver? Can you ping? ssh? catch the log? Yes, it is completely dead, open ssh connections trying to gather last bits from tail -f /var/log/messages stall immediately (unfortunately the notebook has no serial connectors for a serial console), pings get no answer - a hard poweroff is the only recovery. Hi, could you try to find out where the hang occurs? You can put some calls to ErrorF() at various points in the driver, and add Option Log sync in the ServerFlags section of xorg.conf. If we don't manage to track this down soon, I'd be tempted to revert to an earlier version of the savage driver for lenny. Cheers, Julien -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492530: jbidwatcher: is this DFSG compatible ?
Package: jbidwatcher Severity: serious Justification: Policy 2.2.2 Hi, while searching for an ebay tool, I found that : http://www.jbidwatcher.com/commercial_resale.shtml Doesn't that make jbidwatcher non-free ? Thanks, -- Rémi -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/2 CPU cores) Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Patch for Bug 490368
Processing commands for [EMAIL PROTECTED]: tags 490368 patch Bug#490368: yum fails: 'No module named gpgme' There were no tags set. Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#490368: Patch for Bug 490368
tags 490368 patch
thanks
Attached is a debdiff for an NMU for yum to fix this issue.
You can also find the .dsc for this at
http://mentors.debian.net/debian/pool/main/y/yum/yum_3.2.12-1.2.dsc
Please Note: As I've done this properly, and used dpatch to fix this, it
will cause lintian errors (as it already does) because of previous
changes being against the source, rather than using a patch system.
There are already lintian warnings though :(
By request of dilinger, I have only included the changes to fix the RC
bug, I would, at some point, also like to do a QA upload for this to fix
some of the packaging issues.
diff -u yum-3.2.12/debian/rules yum-3.2.12/debian/rules
--- yum-3.2.12/debian/rules
+++ yum-3.2.12/debian/rules
@@ -34,7 +34,7 @@
endif
configure: configure-stamp
-configure-stamp:
+configure-stamp: patch
dh_testdir
# Add here commands to configure the package.
@@ -59,7 +59,8 @@
$(MAKE)
touch build-indep-stamp
-clean:
+clean: clean-patched unpatch
+clean-patched:
dh_testdir
dh_testroot
rm -f build-arch-stamp build-indep-stamp #CONFIGURE-STAMP#
@@ -98,6 +99,15 @@
dh_install -s
+patch: patch-stamp
+patch-stamp:
+ dpatch apply-all
+ dpatch cat-all patch-stamp
+
+unpatch:
+ dpatch deapply-all
+ rm -rf patch-stamp debian/patched
+
# Must not depend on anything. This is to be called by
# binary-arch/binary-indep
# in another 'make' thread.
diff -u yum-3.2.12/debian/changelog yum-3.2.12/debian/changelog
--- yum-3.2.12/debian/changelog
+++ yum-3.2.12/debian/changelog
@@ -1,3 +1,12 @@
+yum (3.2.12-1.2) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Added dpatch rules
+ * Added patch to load correct gpgme module (Closes: #490368)
+ * Changed rules so as to change dependency for python-pyme
+
+ -- Martin Meredith [EMAIL PROTECTED] Sat, 26 Jul 2008 22:34:15 +0100
+
yum (3.2.12-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -u yum-3.2.12/debian/control yum-3.2.12/debian/control
--- yum-3.2.12/debian/control
+++ yum-3.2.12/debian/control
@@ -3,12 +3,12 @@
Priority: extra
Maintainer: Anand Kumria [EMAIL PROTECTED]
Uploaders: Andres Salomon [EMAIL PROTECTED]
-Build-Depends: debhelper (= 4.0.0), python-dev, python-support (= 0.4), intltool
+Build-Depends: debhelper (= 4.0.0), python-dev, python-support (= 0.4), intltool, dpatch
Standards-Version: 3.7.3
Package: yum
Architecture: all
-Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, python-celementtree, python-libxml2, python-urlgrabber, rpm (= 4.4.1), python-rpm, python-pyme, python-sqlitecachec, python-sqlite
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, python-celementtree, python-libxml2, python-urlgrabber, rpm (= 4.4.1), python-rpm, python-pyme (= 0.8.0), python-sqlitecachec, python-sqlite
Description: Advanced front-end for rpm
Yum (Yellow dog Updater, Modified) is an automatic updater and package
installer/remover for rpm systems. It automatically computes dependencies
only in patch2:
unchanged:
--- yum-3.2.12.orig/debian/patches/00list
+++ yum-3.2.12/debian/patches/00list
@@ -0,0 +1 @@
+01_fix_gpgme_include
only in patch2:
unchanged:
--- yum-3.2.12.orig/debian/patches/01_fix_gpgme_include.dpatch
+++ yum-3.2.12/debian/patches/01_fix_gpgme_include.dpatch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 01_fix_gpgme_include.dpatch by Martin Meredith [EMAIL PROTECTED]
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Update yum/misc.py to work with pygpgme = 0.8
+
[EMAIL PROTECTED]@
+diff -urNad yum-3.2.12~/yum/misc.py yum-3.2.12/yum/misc.py
+--- yum-3.2.12~/yum/misc.py 2008-07-26 22:10:40.0 +0100
yum-3.2.12/yum/misc.py 2008-07-26 22:25:01.0 +0100
+@@ -16,7 +16,7 @@
+ import fnmatch
+ import bz2
+ from stat import *
+-import pyme.gpgme
++import pyme.pygpgme
+
+ from Errors import MiscError
+
Bug#490368: Patch for Bug 490368
On Sat, Jul 26, 2008 at 23:05:57 +0100, Martin Meredith wrote: Please Note: As I've done this properly, and used dpatch to fix this, it will cause lintian errors (as it already does) because of previous changes being against the source, rather than using a patch system. There's nothing proper about using dpatch. If you introduce changes in an NMU, and there isn't already a patch system, then you shouldn't add one. Cheers, Julien -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492531: network-manager-gnome: network-manager failed to connect invisible accesspoint
Package: network-manager-gnome Version: 0.6.6-2 Severity: grave Justification: renders package unusable Tags: l10n *** Please type your report below this line *** information about access-point: ssid= H3ll$gat3 encrypted= WPA-PSK mode who fails: network are invisible Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) started... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 1 of 5 (Device Prepare) scheduled... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 1 of 5 (Device Prepare) started... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 2 of 5 (Device Configure) scheduled... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 1 of 5 (Device Prepare) complete. Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 2 of 5 (Device Configure) starting... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2/wireless): access point 'H3ll$gat3' is encrypted, but NO valid key exists. New key needed. Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) New wireless user key requested for network 'H3ll$gat3'. Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 2 of 5 (Device Configure) complete. Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) New wireless user key for network 'H3ll$gat3' received. Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 1 of 5 (Device Prepare) scheduled... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 1 of 5 (Device Prepare) started... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 2 of 5 (Device Configure) scheduled... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 1 of 5 (Device Prepare) complete. Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2) Stage 2 of 5 (Device Configure) starting... Jul 26 23:39:12 tlap NetworkManager: info Activation (eth2/wireless): access point 'H3ll$gat3' is encrypted, and a key exists. No new key needed. Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'INTERFACE_ADD eth2^I^Iwext^I/var/run/wpa_supplicant^I' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'AP_SCAN 1' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'ADD_NETWORK' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was '0' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'SET_NETWORK 0 ssid 48336c6c2467617433' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'SET_NETWORK 0 scan_ssid 1' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'SET_NETWORK 0 proto WPA' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'SET_NETWORK 0 key_mgmt WPA-PSK' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'SET_NETWORK 0 psk key' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info SUP: sending command 'ENABLE_NETWORK 0' Jul 26 23:39:13 tlap NetworkManager: info SUP: response was 'OK' Jul 26 23:39:13 tlap NetworkManager: info Activation (eth2) Stage 2 of 5 (Device Configure) complete. Jul 26 23:39:18 tlap NetworkManager: info Old device 'eth2' activating, won't change. Jul 26 23:39:49 tlap last message repeated 6 times Jul 26 23:40:09 tlap last message repeated 4 times Jul 26 23:40:13 tlap NetworkManager: info Activation (eth2/wireless): association took too long (60s), failing activation. Jul 26 23:40:13 tlap NetworkManager: info Activation (eth2) failed for access point (H3ll$gat3) Jul 26 23:40:13 tlap NetworkManager: info Activation (eth2) failed. Jul 26 23:40:13 tlap NetworkManager: info Deactivating device eth2. Jul 26 23:40:13 tlap NetworkManager: info Activation (eth2) failure scheduled... Jul 26 23:40:13 tlap NetworkManager: WARN nm_signal_handler(): Caught signal 11. Generating backtrace... Jul 26 23:40:13 tlap NetworkManager: *** START ** Jul 26 23:40:14 tlap NetworkManager: (no debugging symbols found) Jul 26 23:40:14 tlap last message repeated 13 times Jul 26 23:40:14 tlap NetworkManager: [Thread debugging using libthread_db enabled] Jul 26 23:40:14 tlap NetworkManager: [New Thread 0xb7b58720 (LWP 2691)] Jul 26 23:40:14 tlap NetworkManager: [New Thread 0xb6b55b90 (LWP 3669)] Jul 26 23:40:14 tlap NetworkManager: [New Thread 0xb7356b90 (LWP 2711)] Jul 26 23:40:14 tlap NetworkManager: [New Thread 0xb7b57b90 (LWP 2707)] Jul 26 23:40:14 tlap NetworkManager: (no debugging symbols found) Jul 26 23:40:14
