Bug#496362: The possibility of attack with the help of symlinks in some Debian packages
Thijs Kinkhorst wrote:
First, I think it's always a good idea not to enable DEBUG by default.
Sure, it's a mistake, I perfectly understand this.
Second, I don't think that it requires a rewrite of the entire file to fix
it. Using PHP's tempnam() function to get the filenames instead of the
hardcoded path names with PID is a change of just a few lines.
Did you mean Perl mktemp()? It's not a PHP script!!! :) That makes me
think that I might have missed some Perl dependencies. The script uses
the following:
use strict;
use MIME::Tools;
use MIME::Parser;
use File::MkTemp;
does any of you knows what it corresponds in terms of Debian deps?
Last, would a patch like the attached one would do? I'm all but good in
Perl, so I might need help on that one.
Thank you all for your time on this issue,
Cheers,
Thomas
diff --git a/admin/sa-wrapper b/admin/sa-wrapper
index 76a2ddd..67ee4dc 100755
--- a/admin/sa-wrapper
+++ b/admin/sa-wrapper
@@ -15,8 +15,9 @@
use strict;
use MIME::Tools;
use MIME::Parser;
+use File::MkTemp;
-my $DEBUG = 1;
+my $DEBUG = 0;
my $UNPACK_DIR = '/var/lib/amavis/tmp';
my $SA_LEARN = '/usr/bin/sa-learn';
# my @DOMAINS = qw/example.com example.org/;
@@ -47,8 +48,8 @@ sub recurs
if ($ent-head-mime_type eq 'message/rfc822') {
if ($DEBUG) {
- unlink /tmp/spam.log.$$ if -e /tmp/spam.log.$$;
- open(OUT, |$SA_LEARN -D --$spamham --single /tmp/spam.log.$$ 21) or die Cannot pipe $SA_LEARN: $!;
+ $debug_file = mktemp(/tmp/sa-wrapper.XX.log);
+ open(OUT, |$SA_LEARN -D --$spamham --single $debug_file 21) or die Cannot pipe $SA_LEARN: $!;
} else {
open(OUT, |$SA_LEARN --$spamham --single) or die Cannot pipe $SA_LEARN: $!;
}
@@ -73,7 +74,8 @@ unless (grep { $_ eq $domain } @DOMAINS) {
if ($DEBUG) {
MIME::Tools-debugging(1);
- open(STDERR, /tmp/spam_err.log);
+ $debug_file2 = mktemp(/tmp/sa-wrapper.XX);
+ open(STDERR, $debug_file2);
}
my $parser = new MIME::Parser;
$parser-extract_nested_messages(0);
Bug#496331: marked as done (workrave - FTBFS: ImportError: No module named Cheetah.Template)
Your message dated Tue, 26 Aug 2008 06:02:04 + with message-id [EMAIL PROTECTED] and subject line Bug#496331: fixed in workrave 1.9.0-3 has caused the Debian Bug report #496331, regarding workrave - FTBFS: ImportError: No module named Cheetah.Template to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496331: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496331 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: workrave Version: 1.9.0-2 Severity: serious There was an error while trying to autobuild your package: Automatic build of workrave_1.9.0-2 on debian-31.osdl.marist.edu by sbuild/s390 98 [...] Making all in gtkmm make[4]: Entering directory `/build/buildd/workrave-1.9.0/frontend/gtkmm' Making all in src make[5]: Entering directory `/build/buildd/workrave-1.9.0/frontend/gtkmm/src' Making all in gnome_applet make[6]: Entering directory `/build/buildd/workrave-1.9.0/frontend/gtkmm/src/gnome_applet' dbus-binding-tool --prefix=workrave --mode=glib-server DBusGnomeApplet.xml applet-server-bindings.h dbus-binding-tool --prefix=workrave --mode=glib-client DBusGnomeApplet.xml applet-client-bindings.h python ../../../../common/bin/dbusgen.py --language=dbus-glib ../workrave-gui.xml DBusGUI Traceback (most recent call last): File ../../../../common/bin/dbusgen.py, line 28, in module from Cheetah.Template import Template ImportError: No module named Cheetah.Template make[6]: *** [DBusGUI.xml] Error 1 make[6]: Leaving directory `/build/buildd/workrave-1.9.0/frontend/gtkmm/src/gnome_applet' make[5]: *** [all-recursive] Error 1 make[5]: Leaving directory `/build/buildd/workrave-1.9.0/frontend/gtkmm/src' make[4]: *** [all-recursive] Error 1 make[4]: Leaving directory `/build/buildd/workrave-1.9.0/frontend/gtkmm' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/build/buildd/workrave-1.9.0/frontend' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/build/buildd/workrave-1.9.0' make[1]: *** [all] Error 2 make[1]: Leaving directory `/build/buildd/workrave-1.9.0' make: *** [build-stamp] Error 2 dpkg-buildpackage: failure: debian/rules build gave error exit status 2 ** Build finished at 20080814-1328 FAILED [dpkg-buildpackage died] ---End Message--- ---BeginMessage--- Source: workrave Source-Version: 1.9.0-3 We believe that the bug you reported is fixed in the latest version of workrave, which is due to be installed in the Debian FTP archive: workrave-data_1.9.0-3_all.deb to pool/main/w/workrave/workrave-data_1.9.0-3_all.deb workrave_1.9.0-3.diff.gz to pool/main/w/workrave/workrave_1.9.0-3.diff.gz workrave_1.9.0-3.dsc to pool/main/w/workrave/workrave_1.9.0-3.dsc workrave_1.9.0-3_amd64.deb to pool/main/w/workrave/workrave_1.9.0-3_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Francois Marier [EMAIL PROTECTED] (supplier of updated workrave package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 26 Aug 2008 17:24:36 +1200 Source: workrave Binary: workrave workrave-data Architecture: source amd64 all Version: 1.9.0-3 Distribution: unstable Urgency: low Maintainer: Francois Marier [EMAIL PROTECTED] Changed-By: Francois Marier [EMAIL PROTECTED] Description: workrave - Repetitive Strain Injury prevention tool workrave-data - Repetitive Strain Injury prevention tool (data files) Closes: 496331 Changes: workrave (1.9.0-3) unstable; urgency=low . * Add python-cheetah to Build-Depends (closes: #496331) Checksums-Sha1: dbe7deb133317003f99485ac07c13a56513e6de5 1357 workrave_1.9.0-3.dsc 18ba14090d0f03865fe83e90642e65ca1459e7be 405453 workrave_1.9.0-3.diff.gz 1355c158a7cc1d250362bb89607ebc094ab1726c 318614 workrave_1.9.0-3_amd64.deb 4864e1b438a95002ba8724a8b0a1c4be0177a176 5091744 workrave-data_1.9.0-3_all.deb Checksums-Sha256: 5fa640833aba1a33c32e0e2c4183bf0811ae56554687c01c65dca11ede0987fc 1357 workrave_1.9.0-3.dsc fb69808a419ed9fbffd9775d86ba94abc6576e6c499c7083080c3e84fa1b8a74 405453 workrave_1.9.0-3.diff.gz
Bug#496598: marked as done (fix for #494466 causes netinst to fail)
Your message dated Tue, 26 Aug 2008 08:50:18 +0200 with message-id [EMAIL PROTECTED] and subject line Re: Bug#496598: fix for #494466 causes netinst to fail has caused the Debian Bug report #496598, regarding fix for #494466 causes netinst to fail to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496598 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: base-installer Version: 1.94 Severity: serious hey, HP QA reported an issue with the most recent netinst builds for i386 and amd64. Their report follows: * New lenny builds of 24th Aug ??? both amd64 and i686 bit failed during installing the base system leading to installtion incomplete. SYSTEM CONFIGURATIONS: Server: BL480c and DL365G5 Operating System: Debian ??? Lenny amd64/i686 ??? netinstaller ??? 24th Aug Build Boot Controller: Smart Array P400i and E200i Network Controller: 373i STEPS TO REPRODUCE THE PROBLEM: 1. Select option - Install 2. Install the base system 3. After completing 79% of installation , the following error occurs The target file system contains files from a past installation. These files could cause problems with the installation process and if you proceed, some of the existing files may be overwritten. Proceed with installation to unclean target? Yes or No 4. When selected either, the step 2 restarts and the same error occurs when completes 79%. * I was able to reproduce this, and it appears to haev been introduced by the fix for #494466. I added 'set -x' into bootstrap-base postinst, and saw this[1] in syslog. To help verify, I retried the install w/ base-installer/initramfs-tools/driver-policy=most on the cmdline and the install completed w/o issue. [1] Aug 25 23:14:35 main-menu[1006]: (process:506): + break Aug 25 23:14:35 main-menu[1006]: (process:506): + [ initramfs-tools = initramfs-tools ] Aug 25 23:14:35 main-menu[1006]: (process:506): + db_get base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + _db_cmd GET base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= printf %s\n GET base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= Aug 25 23:14:35 main-menu[1006]: (process:506): read -r Aug 25 23:14:35 main-menu[1006]: _db_internal_line Aug 25 23:14:35 main-menu[1006]: (process:506): + RET=10 base-installer/initramfs-tools/driver-policy doesn't exist Aug 25 23:14:35 main-menu[1006]: (process:506): + return 10 Aug 25 23:14:35 main-menu[1006]: (process:506): + db_input medium base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + _db_cmd INPUT medium base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= printf %s\n INPUT medium base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= Aug 25 23:14:35 main-menu[1006]: (process:506): read -r _db_internal_line Aug 25 23:14:35 main-menu[1006]: (process:506): + RET=10 base-installer/initramfs-tools/driver-policy doesn't exist Aug 25 23:14:35 main-menu[1006]: (process:506): + return 10 Aug 25 23:14:35 main-menu[1006]: (process:506): + true Aug 25 23:14:35 main-menu[1006]: (process:506): + db_go Aug 25 23:14:35 main-menu[1006]: (process:506): + _db_cmd GO Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= printf %s\n GO Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= Aug 25 23:14:35 main-menu[1006]: (process:506): read -r _db_internal_line Aug 25 23:14:35 main-menu[1006]: (process:506): + RET=ok Aug 25 23:14:35 main-menu[1006]: (process:506): + return 0 Aug 25 23:14:35 main-menu[1006]: (process:506): + db_get base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + _db_cmd GET base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= printf %s\n GET base-installer/initramfs-tools/driver-policy Aug 25 23:14:35 main-menu[1006]: (process:506): + IFS= Aug 25 23:14:35 main-menu[1006]: (process:506): read -r _db_internal_line Aug 25 23:14:35 main-menu[1006]: (process:506): + RET=10 base-installer/initramfs-tools/driver-policy doesn't exist Aug 25 23:14:35 main-menu[1006]: (process:506): + return 10 Aug 25 23:14:35 main-menu[1006]: INFO: Menu item 'bootstrap-base' succeeded but requested to be left unconfigured. -- dann frazier ---End Message--- ---BeginMessage--- On Tuesday 26
Bug#492629: unable to reproduce
fyi, I tried to reproduce this on a fresh lenny/i386 install but was unable to duplicate - the gui started up fine for me. -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496403: confirmed
TK Perhaps an own spool directory would be more appropriate TK than working in /tmp? use mktemp -t -d for create temporary directories :) -- . ''`. Dmitry E. Oboukhov : :’ : [EMAIL PROTECTED] `. `~’ GPGKey: 1024D / F8E26537 2006-11-21 `- 1B23 D4F8 8EC0 D902 0555 E438 AB8C 00CF F8E2 6537 signature.asc Description: Digital signature
Bug#438982: marked as done (most proapbly copyright issues: /usr/share/feh/images/menubg_britney.png)
Your message dated Tue, 26 Aug 2008 06:47:03 + with message-id [EMAIL PROTECTED] and subject line Bug#438982: fixed in feh 1.3.4.dfsg.1-2 has caused the Debian Bug report #438982, regarding most proapbly copyright issues: /usr/share/feh/images/menubg_britney.png to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 438982: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438982 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: feh Version: 1.3.4-2 Severity: serious Hi! I don't see anything mentioned in the copyright file about /usr/share/feh/images/menubg_britney.png - so I am quite sure that it isn't an authorized material. I highly doubt that the Tom Gilbert has shot the photo himself. Please go and check that with upstream and/or remove the file to make a DFSG-free package. So long, Rhonda ---End Message--- ---BeginMessage--- Source: feh Source-Version: 1.3.4.dfsg.1-2 We believe that the bug you reported is fixed in the latest version of feh, which is due to be installed in the Debian FTP archive: feh_1.3.4.dfsg.1-2.diff.gz to pool/main/f/feh/feh_1.3.4.dfsg.1-2.diff.gz feh_1.3.4.dfsg.1-2.dsc to pool/main/f/feh/feh_1.3.4.dfsg.1-2.dsc feh_1.3.4.dfsg.1-2_i386.deb to pool/main/f/feh/feh_1.3.4.dfsg.1-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille [EMAIL PROTECTED] (supplier of updated feh package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 25 Aug 2008 20:50:31 +0200 Source: feh Binary: feh Architecture: source i386 Version: 1.3.4.dfsg.1-2 Distribution: unstable Urgency: low Maintainer: Andreas Tille [EMAIL PROTECTED] Changed-By: Andreas Tille [EMAIL PROTECTED] Description: feh- imlib2 based image viewer Closes: 420889 438982 470863 477785 485246 492503 Changes: feh (1.3.4.dfsg.1-2) unstable; urgency=low . * New maintainer Closes: #492503 * Standards-Version: 3.8.0 (no changes needed) * Applied patch from Fedora which fixes the escape filename issue in ~/.fehbg issue (Thanks to Hans de Goede [EMAIL PROTECTED]) Closes: #470863 * debian/feh.mime: s/pnm/x-portable-anymap/, s/xpm/x-xpixmap/, s/tga/targa/, removed argb entry Closes: #420889 * Added desktop file (Thanks to Guillaume giggz [EMAIL PROTECTED]) Closes: #477785 * Enable new source format 3.0 (quilt) by avoiding explicit usage of -p0 option in debian/patches/series (Thanks to Raphael Hertzog [EMAIL PROTECTED]) Closes: #485246 * Confirm NMU with copyright issue Closes: #438982 * Removed x-dev from Build-Depends * debian/patches/04_remove_menubg_britney_build_target.patch: Remove menubg_britney.png from list of build targets * Do not depend from specific automake version * debian/rules: s/maintainer-clean/distclean/ * Rename /usr/bin/gen_cam_menu.sh to /usr/bin/gen_cam_menu and document this in README.Debian * debian/patches/04_prevent_removal_feh_spec.patch: Do not remove files contained in upstream tarball in clean target Checksums-Sha1: 746e43a78eeea0e46710687ac7867edfa06803db 1045 feh_1.3.4.dfsg.1-2.dsc 56dbfb842053f1c438ddd0640b4c4f6018bb2052 11135 feh_1.3.4.dfsg.1-2.diff.gz c4bf281aac4c58dfa9f08e0411eb4ea76c291711 250138 feh_1.3.4.dfsg.1-2_i386.deb Checksums-Sha256: cb80f73423eb6390c70f1f2f9121a9a8261803813d380fbd849cca84599241ba 1045 feh_1.3.4.dfsg.1-2.dsc d00cd01d46f27822ea51c856f22ca18e4a3a4c40be7b44f4a29bfb5f315b8cca 11135 feh_1.3.4.dfsg.1-2.diff.gz 1b1bc9b755cbeb1f71e5c1d37c4c1522edb1a08f9413b4e532a4ddec5e1373e6 250138 feh_1.3.4.dfsg.1-2_i386.deb Files: fd5f04ea68de5cc763a2980ce455085a 1045 graphics optional feh_1.3.4.dfsg.1-2.dsc cd5337306c7a4fa49e0e7f196f16693a 11135 graphics optional feh_1.3.4.dfsg.1-2.diff.gz c7e42f967196bc8f72d72455ba0bc954 250138 graphics optional feh_1.3.4.dfsg.1-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIs58gYDBbMcCf01oRAvXUAJ9vPcnumGbRniJOKAGTKssMG08JsQCfZv0l FyTNDzWZwZeCWIHP2QQsqAY= =9Y9D -END PGP SIGNATURE- ---End Message---
Bug#496617: starfighter-data: Contains non-free graphics contents
Package: starfighter-data Severity: serious According to Hans de Goede, from Fedora Games: I've been in contact with upstream about this and I got the following list from them of resources which they got from various places and they thus cannot give any license guarantees about: For Project: Starfighter All Music All Sound Effects Character Portraits Starfighter (and other spacecraft) images See: http://lists.debian.org/debian-devel-games/2008/08/msg00018.html See: https://www.redhat.com/archives/fedora-games-list/2008-August/msg00027.html See: https://www.redhat.com/archives/fedora-games-list/2008-August/msg00030.html (I'm reporting this bug to prevent the package from being released in Lenny before this is fixed.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496618: viruskiller: Contains non-free sound and music
Package: viruskiller Severity: serious According to Hans de Goede, from Fedora Games: I've been in contact with upstream about this and I got the following list from them of resources which they got from various places and they thus cannot give any license guarantees about: For Virus Killer: All Music All Sound Effects Even though the music doesn't seem to be released in the binary package, it is still included in the source: sound/*.wav music/*.mod See: http://lists.debian.org/debian-devel-games/2008/08/msg00018.html See: https://www.redhat.com/archives/fedora-games-list/2008-August/msg00027.htm See: https://www.redhat.com/archives/fedora-games-list/2008-August/msg00030.htm -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#493667: nfs-common: nfs quite broken
On Mon, Aug 04, 2008 at 12:37:19AM +1200, Paul Collins wrote: I discovered today that I was no longer able to write to the v3 mount on my 1.1.2 server. I checked /proc/mounts and noticed sec=null on the mount. Either adding sec=sys to the client's mount options or downgrading to nfs-common 1.1.2 on the client fixes the problem. On Mon, Aug 04, 2008 at 12:18:58PM +0900, Miles Bader wrote: After upgrading from nfs-common 1:1.1.2-6 to 1:1.1.3-1, some nfs-mounted filesystems became almost unusable. The basic symptom was that it acted as if I was a different user: I could not access my files unless they were world-readable. Please try the workaround found by Paul Collins (add sec=sys to the client's mount options) and tell us if it fixed this problem for you. At least five other people have confirmed that this workaround fixed this problem. signature.asc Description: Digital signature
Bug#491202: Bug#491057: linux-image-2.6.25-2-686: Dell Latitude D610 laptop doesn't resume with 2.6.25
On 24/08/08 at 18:52 +0200, Michael Biebl wrote: tags 491202 moreinfo help thanks Lucas Nussbaum wrote: On 21/08/08 at 10:50 +0200, Michael Biebl wrote: If acpi-support is working for you, could you please post a list loaded modules right before the suspend (or better, the diff between pm-utils and acpi-support). Does your computer require any quirks (lshal | grep quirk)? Can you experiment with a different set of quirks [1]? After a lot more testing: acpi-support's legacy mode still fails sometimes (but rarely -- about once every 20 suspend/resumes cycles). It never failed with 2.6.24, so there's a kernel regression somewhere. What about the latest 2.6.26-3 kernel in unstable? Same problem. But using pm-suspend, it fails a lot more frequently. Using pm-suspend --quirk-vbe-post --quirk-vbestate-restore (quirks suggested by lshal | grep quirks), it fails about one third of the times. I also tried with --quirk-vbemode-restore, with no improvement. I think that all of this might be related to the fact that my laptop (Dell Latitude D610) is shipped using either an intel video card, or an ATI one (my case). Maybe the work on this laptop was done by someone with an Intel video card. Which graphics card is it exactly, what driver do you use (open/closed source)? Do you use a framebuffer (radeonfb)? 01:00.0 VGA compatible controller: ATI Technologies Inc M22 [Mobility Radeon X300] I use the opensource driver, no framebuffer. With ATI cards and the opensource driver I had good experiences with using the s3_bios+s3_mode quirk. Well it used to work very well for me as well ;) Looks very much like a kernel regression and I'm not sure if there is that much that can be done within pm-utils. Nonetheless it would be interesting what acpi-support (legacy mode) does differently so it doesn't fail that often. CCing Bart, maybe he can share his insight. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | signature.asc Description: Digital signature
Bug#496624: util-vserver: missing dependency : schedutils (for ionice)
Package: util-vserver Version: 0.30.216~r2772-1 Severity: serious Justification: no longer builds from source Hello, It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. Thanks you. -- System Information: Debian Release: 4.0 APT prefers proposed-updates APT policy: (991, 'proposed-updates'), (990, 'stable'), (450, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.25-2-vserver-686 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Versions of packages util-vserver depends on: ii debconf1.5.11etch2 Debian configuration management sy ii iproute20061002-3Professional tools to control the ii libbeecrypt6 4.1.2-6 open source C library of cryptogra ii libc6 2.3.6.ds1-13etch7 GNU C Library: Shared libraries ii make 3.81-2The GNU version of the make util ii net-tools 1.60-17 The NET-3 networking toolkit Versions of packages util-vserver recommends: ii binutils2.17-3 The GNU assembler, linker and bina ii debootstrap 0.3.3.2etch1 Bootstrap a basic Debian system -- debconf information: util-vserver/prerm_stop_running_vservers: true util-vserver/postrm_remove_vserver_configs: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496462: marked as done (nvi: security vulnerability in creation of shared directory in postinst)
Your message dated Tue, 26 Aug 2008 09:17:12 + with message-id [EMAIL PROTECTED] and subject line Bug#496462: fixed in nvi 1.81.6-4 has caused the Debian Bug report #496462, regarding nvi: security vulnerability in creation of shared directory in postinst to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496462: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496462 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: nvi Version: 1.79-25 Severity: grave Tags: security patch Hi everyone, Going through the list of packages listed at [1] I noticed the overrides are completely wrong and it *is* a security issue. I verified versions 1.79-25 and 1.81.6-3 (etch and lenny, respectively) of the package and are both affected. An attacker could create /var/tmp/vi.recover as a symlink pointing to some directory (e.g. /) and abuse the code in the postinst script to make it a+wxr. The code portion follows: if [ $1 = configure ] ; then [ -d /var/tmp/vi.recover ] || mkdir -p /var/tmp/vi.recover chown root:root /var/tmp/vi.recover chmod 1777 /var/tmp/vi.recover fi The main mistake is to ignore any possible failure of mkdir to create the directory (probably because it already exists, and might not be a directory). Attached is a simple patch that aborts the execution of the postinst if mkdir fails, of course a better way to do it would be to use 'set -e' and review the usage of /var/tmp/vi.recover. [1]http://lintian.debian.org/tags/possibly-insecure-handling-of-tmp-files-in-maintainer-script.html Kind regards, -- Atomo64 - Raphael Please avoid sending me Word, PowerPoint or Excel attachments. See http://www.gnu.org/philosophy/no-word-attachments.html diff -urN nvi-1.81.6.orig/debian/postinst nvi-1.81.6/debian/postinst --- nvi-1.81.6.orig/debian/postinst 2008-08-24 17:10:47.0 -0500 +++ nvi-1.81.6/debian/postinst 2008-08-24 17:14:39.0 -0500 @@ -11,7 +11,7 @@ --slave /usr/share/man/man1/editor.1.gz editor.1.gz /usr/share/man/man1/nvi.1.gz if [ $1 = configure ] ; then -[ -d /var/tmp/vi.recover ] || mkdir -p /var/tmp/vi.recover +[ -d /var/tmp/vi.recover ] || mkdir -p /var/tmp/vi.recover || exit $? chown root:root /var/tmp/vi.recover chmod 1777 /var/tmp/vi.recover fi signature.asc Description: This is a digitally signed message part. ---End Message--- ---BeginMessage--- Source: nvi Source-Version: 1.81.6-4 We believe that the bug you reported is fixed in the latest version of nvi, which is due to be installed in the Debian FTP archive: nvi-doc_1.81.6-4_all.deb to pool/main/n/nvi/nvi-doc_1.81.6-4_all.deb nvi_1.81.6-4.diff.gz to pool/main/n/nvi/nvi_1.81.6-4.diff.gz nvi_1.81.6-4.dsc to pool/main/n/nvi/nvi_1.81.6-4.dsc nvi_1.81.6-4_amd64.deb to pool/main/n/nvi/nvi_1.81.6-4_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jan Christoph Nordholz [EMAIL PROTECTED] (supplier of updated nvi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 25 Aug 2008 19:43:31 +0200 Source: nvi Binary: nvi nvi-doc Architecture: source all amd64 Version: 1.81.6-4 Distribution: unstable Urgency: high Maintainer: Jan Christoph Nordholz [EMAIL PROTECTED] Changed-By: Jan Christoph Nordholz [EMAIL PROTECTED] Description: nvi- 4.4BSD re-implementation of vi nvi-doc- 4.4BSD re-implementation of vi - documentation files Closes: 496462 Changes: nvi (1.81.6-4) unstable; urgency=high . * Safeguard the creation of /var/tmp/vi.recover in the postinst against symlink attacks. Thanks Raphael Geissert for spotting this. RC security bug, urgency bumped. Closes: #496462. Checksums-Sha1: 95f78b8fba8574d795288720795be9365fdc9f81 1067 nvi_1.81.6-4.dsc 7f12911134d75c5d8611ea3eb706c3d2470e810a 83973 nvi_1.81.6-4.diff.gz d1ec29476af4dab80a046b4e86ac627fbdc17cbe 116294 nvi-doc_1.81.6-4_all.deb 17a82f46e169374cc708e3268338a4cebd56125b 272574 nvi_1.81.6-4_amd64.deb Checksums-Sha256: 95aadcaa5c2546d343bdc680a53dc0abef74fa4cb33b853ee4f32af24c01b1b9 1067 nvi_1.81.6-4.dsc b1e3ae2c5d1b814ae014a85459db14cc1fc81b42b00ab7f0a49cc970c28e6946 83973
Bug#374569: marked as done (groff-base: groff-base includes non-free material)
Your message dated Tue, 26 Aug 2008 09:17:09 + with message-id [EMAIL PROTECTED] and subject line Bug#374569: fixed in groff 1.18.1.1-21 has caused the Debian Bug report #374569, regarding groff-base: groff-base includes non-free material to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 374569: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374569 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: groff-base Version: 1.18.1.1-12 Severity: serious From /usr/share/doc/groff-base/copyright: == Copyright (C) 1994-2000, 2001, 2002 Free Software Foundation, Inc. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with the Front-Cover texts being `A GNU Manual, and with the Back-Cover Texts as in (a) below. A copy of the license is included in the section entitled `GNU Free Documentation License. (a) The FSF's Back-Cover Text is: `You have freedom to copy and modify this GNU Manual, like GNU software. Copies published by the Free Software Foundation raise funds for GNU development. == If the non-free material has already been removed, please also edit the copyright file. manoj -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-selinux1-1-skas3-v9-pre9 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Versions of packages groff-base depends on: ii libc6 2.3.6-15 GNU C Library: Shared libraries ii libgcc1 1:4.1.1-5 GCC support library ii libstdc++64.1.1-5The GNU Standard C++ Library v3 groff-base recommends no packages. -- no debconf information -- Never, ever lie to someone you love unless you're absolutely sure they'll never find out the truth. Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C ---End Message--- ---BeginMessage--- Source: groff Source-Version: 1.18.1.1-21 We believe that the bug you reported is fixed in the latest version of groff, which is due to be installed in the Debian FTP archive: groff-base_1.18.1.1-21_i386.deb to pool/main/g/groff/groff-base_1.18.1.1-21_i386.deb groff_1.18.1.1-21.diff.gz to pool/main/g/groff/groff_1.18.1.1-21.diff.gz groff_1.18.1.1-21.dsc to pool/main/g/groff/groff_1.18.1.1-21.dsc groff_1.18.1.1-21_i386.deb to pool/main/g/groff/groff_1.18.1.1-21_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson [EMAIL PROTECTED] (supplier of updated groff package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 26 Aug 2008 09:27:51 +0100 Source: groff Binary: groff-base groff Architecture: source i386 Version: 1.18.1.1-21 Distribution: unstable Urgency: low Maintainer: Colin Watson [EMAIL PROTECTED] Changed-By: Colin Watson [EMAIL PROTECTED] Description: groff - GNU troff text-formatting system groff-base - GNU troff text-formatting system (base system components) Closes: 374569 485203 489604 489604 495713 Changes: groff (1.18.1.1-21) unstable; urgency=low . * Build-depend on xutils-dev rather than xutils (thanks, Daniel Schepler; closes: #485203). * Update DEB_BUILD_OPTIONS parsing code from policy 3.8.0. * Build-depend on x11proto-core-dev rather than x-dev (thanks, Lintian). * Use /bin/bash for eqn2graph and pic2graph due to use of $RANDOM, even though that's only a fallback in case mktemp fails (closes: #489604). * Display more helpful output if a device was not found but is known to be one of the devices in the groff binary package rather than groff-base. *
Bug#496407: fixed in sng 1.0.2-6
Hi, why did you remove it instead of just fixing it? Now people who already installed this stay vulnerable which I don't really consider to be good. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpThtVTwLQIH.pgp Description: PGP signature
Bug#496346: openarena: contains lcc, which is not free software
Peter De Wachter [EMAIL PROTECTED] wrote: OpenArena contains a copy of the lcc compiler in the code/tools/lcc directory, which does not seem free software as it does not allow commercial distribution. I agree. The early parts make it look like a BSD-style licence, but the license part starting with this seems non-free:- You may not sell lcc or any product derived from it in which it is a significant part of the value of the product. [...] lcc was mentioned on debian-legal back in August 2003 as an example of a non-free compiler in a book. See http://lists.debian.org/debian-legal/2003/08/msg00552.html Unless there's some other licence issued since, it seems pretty clearly unsuitable for debian main. Thanks, -- MJR/slef My Opinion Only: see http://people.debian.org/~mjr/ Please follow http://www.uk.debian.org/MailingLists/#codeofconduct -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496415: The possibility of attack with the help of symlinks in some Debian packages
severity 496415 important thanks On Sun, Aug 24, 2008 at 10:05:29PM +0400, Dmitry E. Oboukhov wrote: In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. I'm fully aware of what a symlink overrun is. As for tiger, the one you've found in the 'genmsgidx' script exists but is not that important, that script is actually used only when the package is built it not used when any of the Tiger scripts are run as root. I will fix the bug for the benefit of those who autobuild packages in untrusted systems, but I'm lowering its severity. Regards Javier signature.asc Description: Digital signature
Processed (with 5 errors): Re: The possibility of attack with the help of symlinks in some Debian packages
Processing commands for [EMAIL PROTECTED]: 3Rseverity 496369 normal Unknown command or malformed arguments to command. tag 496369 confirmed Bug#496369: The possibility of attack with the help of symlinks in some Debian packages Tags were: security Tags added: confirmed Dmitry E. Oboukhov wrote: Unknown command or malformed arguments to command. Binary-package: ampache (3.4.1-1) Unknown command or malformed arguments to command. file: /usr/share/ampache/www/locale/base/gather-messages.sh Unknown command or malformed arguments to command. Since this script is only used for translating ampache and not for Unknown command or malformed arguments to command. Too many unknown commands, stopping here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#332782: Release Notes: license clarification
On Tue, Aug 26, 2008 at 05:42:12AM +0200, W. Martin Borgert wrote: Obviously the implicit copyright all rights reserved would apply by default, but given that all contributions were explicitly published by all of the authors, I think that considering the work to be released into the public domain is a perfectly reasonable legal scenario, until decided otherwise. You try to apply logic and common sense - but we're talking about law - worse, copyright law. Well, okay, but we've already screwed up in theoretical terms. Instead, we have to think about the practical aspects of the law instead - will someone abuse our work, or will someone abuse us in court. (Indeed, many a lawyer will say that we should only ever consider practical aspects, and leave the theory to them.) I suppose copypaste can happen with the Release Notes, but it would not detract from our cause (publishing information about Debian), so we don't care if someone rips us off :) I guess I could envision a case where some minor rogue contributor comes in screaming how his commit was 'all rights reserved' and how they never realized what was happening (shocking! :). But, in such an (unlikely) court battle the onus would be on them to prove that the stuff they committed was both copyrightable in the first place as well as not infringing on previous work (which they apparently didn't have any license to modify). Only after that would they have to explain the insignificant logical details such as just how they managed to mistake the second most visible document in the project -- with the public contact addresses and the public CVS repository with read/write access for many people -- for private venues where their work would be kept safe from copyright infringement. So it's pretty much a non-issue :) -- 2. That which causes joy or happiness. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496369: The possibility of attack with the help of symlinks in some Debian packages
3Rseverity 496369 normal tag 496369 confirmed Dmitry E. Oboukhov wrote: Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Since this script is only used for translating ampache and not for the general package usage, I'm lowering the severity to normal. A patch to fix the script by using mktemp is attached. Cheers, Moritz diff -aur ampache-3.4.1.orig/locale/base/gather-messages.sh ampache-3.4.1/locale/base/gather-messages.sh --- ampache-3.4.1.orig/locale/base/gather-messages.sh 2008-05-31 09:50:23.0 +0200 +++ ampache-3.4.1/locale/base/gather-messages.sh 2008-08-22 16:04:47.0 +0200 @@ -17,8 +17,11 @@ # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # +TMPFILE=`mktemp` -find ../../ -name *.php /tmp/filelist -find ../../ -name *.inc /tmp/filelist +find ../../ -name *.php $TMPFILE +find ../../ -name *.inc $TMPFILE -xgettext -f /tmp/filelist -L PHP -o ./messages.po +xgettext -f $TMPFILE -L PHP -o ./messages.po + +rm $TMPFILE \ Kein Zeilenumbruch am Dateiende.
Processed (with 58 errors): The possibility of attack with the help of symlinks in some Debian
Processing commands for [EMAIL PROTECTED]: tags 496359 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496359: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: tags 496360 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496360: The possibility of attack with the help of symlinks in some Debian packages Tags were: confirmed Tags added: tags 496362 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496362: The possibility of attack with the help of symlinks in some Debian packages Tags were: confirmed Tags added: tags 496363 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496363: The possibility of attack with the help of symlinks in some Debian packages Tags were: confirmed Tags added: tags 496364 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496364: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: tags 496365 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496365: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: tags 496366 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496366: The possibility of attack with the help of symlinks in some Debian packages Tags were: patch confirmed Tags added: tags 496367 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496367: The possibility of attack with the help of symlinks in some Debian packages Tags were: pending Tags added: tags 496368 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496368: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: tags 496369 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496369: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: tags 496370 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496370: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: tags 496371 secuirity Unknown tag/s: secuirity. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore. Bug#496371: The possibility
Processed: The possibility of attack with the help of symlinks in some Debian
Processing commands for [EMAIL PROTECTED]: tags 496359 security Bug#496359: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496360 security Bug#496360: The possibility of attack with the help of symlinks in some Debian packages Tags were: confirmed Tags added: security tags 496362 security Bug#496362: The possibility of attack with the help of symlinks in some Debian packages Tags were: confirmed Tags added: security tags 496363 security Bug#496363: The possibility of attack with the help of symlinks in some Debian packages Tags were: confirmed Tags added: security tags 496364 security Bug#496364: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496365 security Bug#496365: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496366 security Bug#496366: The possibility of attack with the help of symlinks in some Debian packages Tags were: patch confirmed Tags added: security tags 496367 security Bug#496367: The possibility of attack with the help of symlinks in some Debian packages Tags were: pending Tags added: security tags 496368 security Bug#496368: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496369 security Bug#496369: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496370 security Bug#496370: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496371 security Bug#496371: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496372 security Bug#496372: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496374 security Bug#496374: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496376 security Bug#496376: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496378 security Bug#496378: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496379 security Bug#496379: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496380 security Bug#496380: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496381 security Bug#496381: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496382 security Bug#496382: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496383 security Bug#496383: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496384 security Bug#496384: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496387 security Bug#496387: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496388 security Bug#496388: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496389 security Bug#496389: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496390 security Bug#496390: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496391 security Bug#496391: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496392 security Bug#496392: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496395 security Bug#496395: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496396 security Bug#496396: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496398 security Bug#496398: The possibility of attack with the help of symlinks in some Debian packages There were no tags set. Tags added: security tags 496399 security Bug#496399: The possibility of attack with the help of symlinks in some
Bug#496415: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 10:17:06 + with message-id [EMAIL PROTECTED] and subject line Bug#496415: fixed in tiger 1:3.2.2-4 has caused the Debian Bug report #496415, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496415: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496415 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: tiger Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file: /usr/lib/emacsen-common/packages/install/emacs-jabber
Bug#496362: The possibility of attack with the help of symlinks in some Debian packages
Hi Thomas, On Tuesday 26 August 2008 08:17, Thomas Goirand wrote: Thijs Kinkhorst wrote: First, I think it's always a good idea not to enable DEBUG by default. Sure, it's a mistake, I perfectly understand this. Second, I don't think that it requires a rewrite of the entire file to fix it. Using PHP's tempnam() function to get the filenames instead of the hardcoded path names with PID is a change of just a few lines. Did you mean Perl mktemp()? It's not a PHP script!!! :) Sorry, I confused this bug with another one, there's so many of them all of a sudden :-) That makes me think that I might have missed some Perl dependencies. The script uses the following: use strict; use MIME::Tools; use MIME::Parser; use File::MkTemp; does any of you knows what it corresponds in terms of Debian deps? The file search on packages.debian.org is very helpful for this (search e.g. for Tools.pm or Parser.pm). With respect to the File::MkTemp, I think you need to use File::Temp as the MkTemp one is not available in Debian. This module also provides a mktemp function. Last, would a patch like the attached one would do? I'm all but good in Perl, so I might need help on that one. That would work indeed if you change the included module (and verify that that indeed also works, of course). cheers, Thijs pgp5zRzGVxkPJ.pgp Description: PGP signature
Bug#496406: here's a patch
On Monday 25 August 2008 22:48, Sylvestre Ledru wrote: Thank you very much for your patch. It has been added [1] but fwbuilder is currently in NEW (for a new package). Torsten or I are going to upload it in unstable when the version -4 will be processed. Thanks, but please note that this fix should go into lenny. I'm not sure that that NEW package is going into lenny, so maybe you need to prepare a version for testing proposed updates? cheers, Thijs pgpuYKHID0gLa.pgp Description: PGP signature
Bug#496406: here's a patch
Le mardi 26 août 2008 à 12:38 +0200, Thijs Kinkhorst a écrit : On Monday 25 August 2008 22:48, Sylvestre Ledru wrote: Thank you very much for your patch. It has been added [1] but fwbuilder is currently in NEW (for a new package). Torsten or I are going to upload it in unstable when the version -4 will be processed. Thanks, but please note that this fix should go into lenny. I'm not sure that that NEW package is going into lenny, so maybe you need to prepare a version for testing proposed updates? Yep, I agree that should be fixed in Lenny too. I will ask for the package to be unblocked. Sylvestre -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495246: Permission for xosd NMU?
On Tue, Aug 26, 2008 at 07:41:39AM +0200, Luk Claes wrote: The below is fine, please upload. [..] Attached you can find the corresponding .diff.gz. Sven -- If God passed a mic to me to speak I'd say stay in bed, world Sleep in peace [The Cardigans - 03:45: No sleep] xosd_2.2.14-1.6.diff.gz Description: Binary data
Processed: severity of 496369 is normal
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.9.26 severity 496369 normal Bug#496369: The possibility of attack with the help of symlinks in some Debian packages Severity set to `normal' from `grave' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495521: marked as done (kaya: 0.4.2 contains data corruption bugs)
Your message dated Tue, 26 Aug 2008 10:32:10 +
with message-id [EMAIL PROTECTED]
and subject line Bug#495521: fixed in kaya 0.4.2-3
has caused the Debian Bug report #495521,
regarding kaya: 0.4.2 contains data corruption bugs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
495521: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495521
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: kaya
Version: 0.4.2-2
Severity: grave
Tags: patch
Justification: causes non-serious data loss
0.4.2 contains a few data loss / data corruption bugs that are fixed
upstream in 0.4.3. The attached patch fixes these bugs, as well as a
compiler error where valid code would not compile. In order from
most serious to least, the bugs are:
rts/VMState.cc: fixes memory allocation bug which can cause
hard-to-trace crashes.
libs/my_inter.cc: fixes data corruption bug where values returned from
prepared queries in MySQL contain NULLs
stdlib/Mime.k: fixes bug with processing of form fields in file upload
forms
stdlib/Regex.k: fixes bug with Regex splitting of strings where the
delimiter terminates the string
compiler/LambdaLift.hs: fixes bug with for loops and lambda functions
Thanks
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages kaya depends on:
ii g++-4.24.2.3-2 The GNU C++ compiler
ii libc6 2.7-9 GNU C Library: Shared libraries
ii libgc-dev 1:6.8-1.1 conservative garbage collector for
ii libgc1c2 1:6.8-1.1 conservative garbage collector for
ii libgcc11:4.3-20080227-1 GCC support library
ii libgcrypt111.4.0-3 LGPL Crypto library - runtime libr
ii libgcrypt11-dev1.4.0-3 LGPL Crypto library - development
ii libgmp3c2 2:4.2.1+dfsg-5Multiprecision arithmetic library
ii libgnutls-dev 2.2.2-1 the GNU TLS library - development
ii libncurses55.6+20080203-1Shared libraries for terminal hand
ii libpcre3 7.6-2 Perl 5 Compatible Regular Expressi
ii libpcre3-dev 7.6-2 Perl 5 Compatible Regular Expressi
ii libreadline5 5.2-3 GNU readline and history libraries
ii libstdc++6 4.3-20080227-1The GNU Standard C++ Library v3
ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime
ii zlib1g-dev 1:1.2.3.3.dfsg-11 compression library - development
kaya recommends no packages.
-- no debconf information
diff -rN -u old-kaya/compiler/LambdaLift.hs new-kaya/compiler/LambdaLift.hs
--- old-kaya/compiler/LambdaLift.hs 2008-08-18 10:04:38.0 +0100
+++ new-kaya/compiler/LambdaLift.hs 2008-08-18 10:04:38.0 +0100
@@ -83,7 +83,7 @@
let (defs'',e2') = lift' defs' locs e2 in
(defs'',DoWhile e1' e2')
lift' defs locs (For i nm j lval e1 e2) =
- let (defs',e1') = lift' defs locs e1 in
+ let (defs',e1') = lift' defs (fakevars++locs) e1 in
let (defs'',e2') = lift' defs' (fakevars++locs) e2 in
let (defs''',lval') = liftlval defs'' locs lval in
(defs''',For i nm j lval' e1' e2')
diff -rN -u old-kaya/libs/my_inter.cc new-kaya/libs/my_inter.cc
--- old-kaya/libs/my_inter.cc 2008-08-18 10:04:38.0 +0100
+++ new-kaya/libs/my_inter.cc 2008-08-18 10:04:38.0 +0100
@@ -289,7 +289,11 @@
for(int j = 0; jnumflds; j++) {
KayaValue pv,fld;
- pv = KayaString(KSTRING((char*)rbind[i].buffer));
+ if (rnull[j]) {
+ pv = KayaString(L);
+ } else {
+ pv = KayaString(KSTRING((char*)rbind[j].buffer));
+ }
fld = KayaUnion(0,1);
KayaUnionSetArg(fld,0,pv);
KayaArrayPush(row,fld);
diff -rN -u old-kaya/rts/VMState.cc new-kaya/rts/VMState.cc
--- old-kaya/rts/VMState.cc 2008-08-18 10:04:38.0 +0100
+++ new-kaya/rts/VMState.cc 2008-08-18 10:04:38.0 +0100
@@ -28,7 +28,7 @@
void initFunMap(kint sz, kint fmhash)
{
-func* funcs = (func*)malloc(sizeof(func)*sz);
+func* funcs = (func*)GC_MALLOC_UNCOLLECTABLE(sizeof(func)*sz);
m_funmap[0] = funcs;
m_funmapsize = sz;
m_funmaphash = fmhash;
diff -rN -u old-kaya/stdlib/Mime.k new-kaya/stdlib/Mime.k
--- old-kaya/stdlib/Mime.k 2008-08-18 10:04:38.0 +0100
+++ new-kaya/stdlib/Mime.k 2008-08-18 10:04:38.0
Bug#495079: marked as done (wzdftpd: embedding perl needs PERL_SYS_INIT3())
Your message dated Tue, 26 Aug 2008 10:32:20 + with message-id [EMAIL PROTECTED] and subject line Bug#495079: fixed in wzdftpd 0.8.3-5 has caused the Debian Bug report #495079, regarding wzdftpd: embedding perl needs PERL_SYS_INIT3() to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 495079: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495079 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: wzdftpd Version: 0.8.3-4 Severity: important User: [EMAIL PROTECTED] Usertags: perl-sys-init3 As described in the 'perlembed' document, programs embedding Perl must use the PERL_SYS_INIT3() and PERL_SYS_TERM() macros to provide system-specific tune up of the C runtime environment necessary to run Perl interpreters. Your package has been identified as failing this: - at least one of the binary packages built from the source depends on libperl5.10 - the unpacked source matches 'perl_parse' but not 'PERL_SYS_INIT3' As a consequence, the embedded Perl interpreter is most probably broken on the hppa architecture, where PERL_SYS_INIT3() is needed for initializing lock structures. Without this, calling perl_parse() will hang inside pthread_mutex_lock(). See #486069 for more information. Cheers, -- Niko Tyni [EMAIL PROTECTED] ---End Message--- ---BeginMessage--- Source: wzdftpd Source-Version: 0.8.3-5 We believe that the bug you reported is fixed in the latest version of wzdftpd, which is due to be installed in the Debian FTP archive: wzdftpd-back-mysql_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd-back-mysql_0.8.3-5_amd64.deb wzdftpd-back-pgsql_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd-back-pgsql_0.8.3-5_amd64.deb wzdftpd-dev_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd-dev_0.8.3-5_amd64.deb wzdftpd-mod-avahi_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd-mod-avahi_0.8.3-5_amd64.deb wzdftpd-mod-perl_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd-mod-perl_0.8.3-5_amd64.deb wzdftpd-mod-tcl_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd-mod-tcl_0.8.3-5_amd64.deb wzdftpd_0.8.3-5.diff.gz to pool/main/w/wzdftpd/wzdftpd_0.8.3-5.diff.gz wzdftpd_0.8.3-5.dsc to pool/main/w/wzdftpd/wzdftpd_0.8.3-5.dsc wzdftpd_0.8.3-5_amd64.deb to pool/main/w/wzdftpd/wzdftpd_0.8.3-5_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pierre Chifflier [EMAIL PROTECTED] (supplier of updated wzdftpd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 26 Aug 2008 10:12:37 +0200 Source: wzdftpd Binary: wzdftpd wzdftpd-back-mysql wzdftpd-back-pgsql wzdftpd-mod-avahi wzdftpd-mod-tcl wzdftpd-mod-perl wzdftpd-dev Architecture: source amd64 Version: 0.8.3-5 Distribution: unstable Urgency: high Maintainer: Pierre Chifflier [EMAIL PROTECTED] Changed-By: Pierre Chifflier [EMAIL PROTECTED] Description: wzdftpd- A portable, modular, small and efficient ftp server wzdftpd-back-mysql - MySQL backend for wzdftpd wzdftpd-back-pgsql - PostgreSQL backend for wzdftpd wzdftpd-dev - Development files for wzdftpd wzdftpd-mod-avahi - Zeroconf module for wzdftpd wzdftpd-mod-perl - Perl module for wzdftpd wzdftpd-mod-tcl - Tcl module for wzdftpd Closes: 495079 Changes: wzdftpd (0.8.3-5) unstable; urgency=high . * Add patch to fix use of embedded Perl (call PERL_SYS_INIT3) (Closes: #495079) * urgency=high because of RC bug * Bump standards version to 3.8.0 (no changes) Checksums-Sha1: 0bf28edcff644ea22aead68625a4308ef0bfaf4c 1246 wzdftpd_0.8.3-5.dsc 4386cef3157f93927b848a2c5213d11d41fb466e 4142 wzdftpd_0.8.3-5.diff.gz 354bfd58fa610cb65630ed1d778949f102f42917 287446 wzdftpd_0.8.3-5_amd64.deb d70585331a6f740f4dc1150b773497fb0e7e060a 41718 wzdftpd-back-mysql_0.8.3-5_amd64.deb 18433e3a803bcff6ccd27d4066fb179bd339ef85 41482 wzdftpd-back-pgsql_0.8.3-5_amd64.deb f4e3706efc47e90407640e913ee4ac73534c3c6a 31918 wzdftpd-mod-avahi_0.8.3-5_amd64.deb 62ebafa69ad8108b16459874602a9890ec913e10 36564 wzdftpd-mod-tcl_0.8.3-5_amd64.deb f2944b3f80d5fd2eedcbeb2d612fcdcbad4eac57 43168 wzdftpd-mod-perl_0.8.3-5_amd64.deb c8e2548d7bd4af52c6fd5ba4555020a5f32ff058 73444 wzdftpd-dev_0.8.3-5_amd64.deb
Bug#496365: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 10:32:05 + with message-id [EMAIL PROTECTED] and subject line Bug#496365: fixed in honeyd 1.5c-5 has caused the Debian Bug report #496365, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496365: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496365 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: honeyd-common Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file:
Bug#492970: (was: nfs-utils-1.1.3 released)
On Fri, Aug 08, 2008 at 09:06:46PM -0400, Chuck Lever wrote: Confirmed. The kernel's mountd client doesn't even bother to unmarshal the auth flavor list in the server's reply. I'll work on a fix. Please let me know when you have a patch to test it. signature.asc Description: Digital signature
Bug#496362: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Thijs Kinkhorst said: Last, would a patch like the attached one would do? I'm all but good in Perl, so I might need help on that one. That would work indeed if you change the included module (and verify that that indeed also works, of course). http://git.debian.org/?p=collab-maint/freeradius.git;a=commitdiff;h=e741df7ca28c2d139d30573ca5e7e80b9cdc59c3 is the fix for a very similar bug in freeradius. It should at least get you started on the way to fixing your bug. Cheers, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496486: synce-kpm: Program does not do anything
On Mon, Aug 25, 2008 at 08:15:01AM +0200, Alex Hermann wrote: After installing I started the program. It just sits around doing absolutely nothing. ActiveSync Status says: Make sure Sync-Engine is running (No hint as to how to make it running) SyncEngine indeed needs to be running. You can do this by installing the synce-synce-engine package and then running synce-sync-engine(1). Connecting the PDA and starting ActiveSync on it doesn't make a difference. The only available documentation in the form of a man-page doesn't provide any help except for a feature list. The documentation is on the website: http://www.synce.org/ I agree that synce-kpm should have a dependency on synce-sync-engine and some kind of D-Bus activation. Does installing and running it fix this bug? Thanks, -- Jonny Lamb, UK [EMAIL PROTECTED] http://jonnylamb.com GPG: 0x2E039402 signature.asc Description: Digital signature
Processed: Re: Bug#496556: gstreamer0.10-plugins-ugly: Description notes that the package might cause problem for distribution, but it's in main section
Processing commands for [EMAIL PROTECTED]: severity 496556 normal Bug#496556: gstreamer0.10-plugins-ugly: Description notes that the package might cause problem for distribution, but it's in main section Severity set to `normal' from `serious' retitle 496556 Should clarify or drop part of description which mention possible distribution problems Bug#496556: gstreamer0.10-plugins-ugly: Description notes that the package might cause problem for distribution, but it's in main section Changed Bug title to `Should clarify or drop part of description which mention possible distribution problems' from `gstreamer0.10-plugins-ugly: Description notes that the package might cause problem for distribution, but it's in main section'. stop Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496640: anon-proxy: fails to install if /etc/environment is empty
Package: anon-proxy Version: 00.05.38+20080710-1 Severity: serious Justification: Policy 6.1. If /etc/environment is empty, installation or removing/purging of anon-proxy fail. The reason is the grep call in line 50 of anon-proxy.postinst fails, if /etc/environment is empty. The same applies to line 29 of anon-proxy.prerm As a result aptitude won't install/remove/upgrade any other package, making the system unusable/breaking security updates, etc. Workaround: create/remove/edit /etc/environment to be either a file with at least a 'space' in it or to be removed. Johannes -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (x86_64) Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages anon-proxy depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii libc6 2.7-13 GNU C Library: Shared libraries ii libgcc1 1:4.3.1-2 GCC support library ii libssl0.9.8 0.9.8g-13 SSL shared libraries ii libstdc++64.3.1-2The GNU Standard C++ Library v3 ii libxerces-c28 2.8.0-3validating XML parser library for anon-proxy recommends no packages. Versions of packages anon-proxy suggests: pn mixmaster none (no description available) pn mixminion none (no description available) ii tor 0.2.0.30-2 anonymizing overlay network for TC -- debconf information: * anon-proxy/environment: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496556: gstreamer0.10-plugins-ugly: Description notes that the package might cause problem for distribution, but it's in main section
severity 496556 normal retitle 496556 Should clarify or drop part of description which mention possible distribution problems stop On Mon, Aug 25, 2008, Carl Fürstenberg wrote: The description states at the end: This packages contains plugins from the ugly set, a set of good-quality plug-ins that might pose distribution problems.. If this is correct, then the package is in the wrong section, i.e. should be in non-free if I'm correct; Tf this is wrong, plese downgrade this bug to minor and retitle it so it points to that the description is wrong. Distributions might be an issue because of the libraries the package relies on, especially if you want to ship proprietary plugins for GStreamer. GStreamer is mostly LGPL, but if you start mixing GPL bits or libraries with it, it becomes GPL; that's why it might be problematic. I think the description represents pretty well the upstream one; we have no problem distributing this package or the available build-deps in Debian main -- the ftpmasters gave the green light on inclusion obviously. Perhaps we should make it clearer which distribution issues it might cause, or that this is an upstream description of this set of plugins in the description. -- Loïc Minier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: #487623 confirmed and backtraced
Processing commands for [EMAIL PROTECTED]: tags 487623 + confirmed Bug#487623: Inkscape crashes everytime when open a Open file dialog in zh_CN.UTF-8 locale There were no tags set. Tags added: confirmed thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#487623: #487623 confirmed and backtraced
tags 487623 + confirmed
thanks
Bug reproducible even on recent svn (0.46+devel, actually svn r19753).
I think the bug hasn't changed since 0.46, so I'm providing backtrace
from svn version.
Below a clean backtrace, attached a full backtrace.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6203700 (LWP 4030)]
font_instance::InitTheFace (this=0x0) at libnrtype/FontInstance.cpp:349
349 theFace=pango_ft2_font_get_face(pFont);
(gdb) bt
#0 font_instance::InitTheFace (this=0x0) at libnrtype/FontInstance.cpp:349
#1 0x083e9ed0 in font_factory::Face (this=0xa0370b0, descr=0xc3ca100,
canFail=false) at libnrtype/FontFactory.cpp:824
#2 0x083ea132 in font_factory::Face (this=0xa0370b0, descr=0xc3ca100,
canFail=true) at libnrtype/FontFactory.cpp:801
#3 0x083f806b in
Inkscape::Text::Layout::Calculator::_buildPangoItemizationForPara
(this=0xbf88affc, para=0xbf88af44)
at libnrtype/Layout-TNG-Compute.cpp:879
#4 0x083f990a in Inkscape::Text::Layout::Calculator::calculate
(this=0xbf88affc) at libnrtype/Layout-TNG-Compute.cpp:1377
#5 0x083f9f2d in Inkscape::Text::Layout::calculateFlow (this=0xb1bd2d8) at
libnrtype/Layout-TNG-Compute.cpp:1515
#6 0x080f5657 in SPText::rebuildLayout (this=0xb1bd1b8) at sp-text.cpp:573
#7 0x080f5936 in sp_text_update (object=0xb1bd1b8, ctx=0xbf88b1a8,
flags=value optimized out) at sp-text.cpp:248
#8 0x080d8856 in SPObject::updateDisplay (this=0xb1bd1b8, ctx=0xbf88b1a8,
flags=127) at sp-object.cpp:1298
#9 0x080c79df in CGroup::onUpdate (this=0xc414800, ctx=0xbf88b2e8, flags=92)
at sp-item-group.cpp:668
#10 0x080d8856 in SPObject::updateDisplay (this=0xb1a0da0, ctx=0xbf88b2e8,
flags=95) at sp-object.cpp:1298
#11 0x080c79df in CGroup::onUpdate (this=0xc414da8, ctx=0xbf88b42c, flags=28)
at sp-item-group.cpp:668
#12 0x080e8ce1 in sp_root_update (object=0x9ac4410, ctx=0xbf88b648, flags=27)
at sp-root.cpp:553
#13 0x080d8856 in SPObject::updateDisplay (this=0x9ac4410, ctx=0xbf88b648,
flags=27) at sp-object.cpp:1298
#14 0x0808c038 in SPDocument::_updateDocument (this=0x965bea0) at
document.cpp:826
#15 0x0808c132 in sp_document_idle_handler (data=0x965bea0) at document.cpp:872
#16 0xb73b9381 in ?? () from /usr/lib/libglib-2.0.so.0
#17 0x0965bea0 in ?? ()
#18 0x0c410bf0 in ?? ()
#19 0xbf88b718 in ?? ()
#20 0xb74364a8 in ?? () from /usr/lib/libglib-2.0.so.0
#21 0xb686a3f0 in ?? () from /lib/i686/cmov/libpthread.so.0
#22 0xb74364a8 in ?? () from /usr/lib/libglib-2.0.so.0
#23 0xbf88b768 in ?? ()
#24 0xb73bb2e1 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
Backtrace stopped: frame did not save the PC
--
.''`. ** Debian GNU/Linux ** | Luca Bruno (kaeso)
: :' : The Universal O.S.| lucab (AT) debian.org
`. `'` | GPG Key ID: 3BFB9FB3
`- http://www.debian.org | Debian GNU/Linux Developer
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type show copying
and show warranty for details.
This GDB was configured as i486-linux-gnu...
(gdb) run
Starting program: /usr/local/bin/inkscape
[Thread debugging using libthread_db enabled]
[New Thread 0xb6204700 (LWP 4001)]
[New Thread 0xb5455b90 (LWP 4014)]
[New Thread 0xb4c54b90 (LWP 4015)]
[Thread 0xb5455b90 (LWP 4014) exited]
[Thread 0xb4c54b90 (LWP 4015) exited]
[New Thread 0xb4c54b90 (LWP 4016)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6204700 (LWP 4001)]
font_instance::InitTheFace (this=0x0) at libnrtype/FontInstance.cpp:349
349 theFace=pango_ft2_font_get_face(pFont);
(gdb) bt full
#0 font_instance::InitTheFace (this=0x0) at libnrtype/FontInstance.cpp:349
No locals.
#1 0x083e9ed0 in font_factory::Face (this=0x9a860b0, descr=0xbe518c0,
canFail=false) at libnrtype/FontFactory.cpp:824
res = (class font_instance *) 0x0
#2 0x083ea132 in font_factory::Face (this=0x9a860b0, descr=0xbe518c0,
canFail=true) at libnrtype/FontFactory.cpp:801
tc = value optimized out
nFace = value optimized out
res = (class font_instance *) 0xbe5c208
#3 0x083f806b in
Inkscape::Text::Layout::Calculator::_buildPangoItemizationForPara
(this=0xbfb8aafc, para=0xbfb8aa44)
at libnrtype/Layout-TNG-Compute.cpp:879
new_item = {item = 0xbe41a28, font = 0x0}
font_description = (PangoFontDescription *) 0xbe518c0
current_pango_item = (GList *) 0xbdf9bd0
para_text = {static npos = 4294967295, string_ = {static npos =
4294967295,
_M_dataplus = {std::allocatorchar = {__gnu_cxx::new_allocatorchar =
{No data fields}, No data fields},
_M_p = 0xb9f8bc4 æ\227 é¢\204è§\210}}}
attributes_list = (PangoAttrList *) 0xbdf9830
input_index = value optimized out
pango_items_glist = (GList *) 0xbdf9bd0
#4 0x083f990a in
Bug#494031: [Pkg-scicomp-devel] Bug#494031: Bug#494031: Bug#494031: paraview_3.2.3-2(sparc/unstable): FTBFS on sparc, bus error
On Mon, Aug 18, 2008 at 7:55 PM, Ondrej Certik [EMAIL PROTECTED] wrote: Hi, the problem on sparc is this: (sid)[EMAIL PROTECTED]:~/paraview-3.2.2/obj-sparc-linux-gnu/bin$ ./H5detect /* Generated automatically by H5detect -- do not edit */ [...] Bus error (sid)[EMAIL PROTECTED]:~/paraview-3.2.2/obj-sparc-linux-gnu/bin$ So this should not happen. Now we need to debug this program to figure out what went wrong. Ok, here is how to reproduce it on sparc with upstream hdf5-1.8.1: $ wget ftp://ftp.hdfgroup.org/HDF5/current/src/hdf5-1.8.1.tar.gz $ tar xzf hdf5-1.8.1.tar.gz $ cd hdf5-1.8.1 $ ./configure $ make [wait a while, then it compiles H5detect and calls it and it fails] $ cd src $ ./H5detect [...] Bus error So the problem is just getting hdf5 run on sparc. Looking at the Debian package hdf5, it does't have any sparc specific patches. Looking at the sparc buildlog for the hdf5 package, the H5detect works just fine in it (search for it): http://buildd.debian.org/fetch.cgi?pkg=hdf5;ver=1.6.6-4;arch=sparc;stamp=1207153381 So we just need to use this (older) hdf5 in Debian from paraview and it would solve all problems, because we will leave the portability of hdf5 to the hdf5 guys. :) Any volunteers to try to compile paraview with Debian hdf5, instead of the one in Utilities/hdf5? That would help a lot, since I am very busy with my thesis now. Thanks, Ondrej -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#496592: linuxtrade: Dysfunctional package?
Processing commands for [EMAIL PROTECTED]: clone 496592 -1 Bug#496592: linuxtrade: Dysfunctional package? Bug 496592 cloned as bug 496646. reassign -1 ftp.debian.org Bug#496646: linuxtrade: Dysfunctional package? Bug reassigned from package `linuxtrade' to `ftp.debian.org'. retitle -1 please remove the linuxtrade package Bug#496646: linuxtrade: Dysfunctional package? Changed Bug title to `please remove the linuxtrade package' from `linuxtrade: Dysfunctional package?'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496624: util-vserver: missing dependency : schedutils (for ionice)
Hi, * kaouete [EMAIL PROTECTED] [2008-08-26 01:40-0400]: Justification: no longer builds from source Can you provide a build log showing this? It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. There is no such package called 'schedutils', ionice is included in util-linux. micah signature.asc Description: Digital signature
Bug#485769: [pkg-wpa-devel] Bug#485769: wpasupplicant crashes: not with 32bit kernel
severity 485769 important thanks On Sunday 24 August 2008 23:50:05 Stefan Fritsch wrote: Hrm. It works with linux-image-2.6.25-2-686. Maybe the severity is not grave after all. But wpasupplicant should not crash. I cannot reproduce the problem, neither can my peer. Also have little idea of what can be wrong. Downgrading the severity as it seem to work for many people. Thanks, Kel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: [pkg-wpa-devel] Bug#485769: wpasupplicant crashes: not with 32bit kernel
Processing commands for [EMAIL PROTECTED]: severity 485769 important Bug#485769: wpasupplicant crashes Severity set to `important' from `grave' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#494031: [Pkg-scicomp-devel] Bug#494031: Bug#494031: Bug#494031: paraview_3.2.3-2(sparc/unstable): FTBFS on sparc, bus error
Ondrej, thank you for your investigations I will give it a try this week or next week. Best regards C. On Tue, Aug 26, 2008 at 2:31 PM, Ondrej Certik [EMAIL PROTECTED] wrote: On Mon, Aug 18, 2008 at 7:55 PM, Ondrej Certik [EMAIL PROTECTED] wrote: Hi, the problem on sparc is this: (sid)[EMAIL PROTECTED]:~/paraview-3.2.2/obj-sparc-linux-gnu/bin$ ./H5detect /* Generated automatically by H5detect -- do not edit */ [...] Bus error (sid)[EMAIL PROTECTED]:~/paraview-3.2.2/obj-sparc-linux-gnu/bin$ So this should not happen. Now we need to debug this program to figure out what went wrong. Ok, here is how to reproduce it on sparc with upstream hdf5-1.8.1: $ wget ftp://ftp.hdfgroup.org/HDF5/current/src/hdf5-1.8.1.tar.gz $ tar xzf hdf5-1.8.1.tar.gz $ cd hdf5-1.8.1 $ ./configure $ make [wait a while, then it compiles H5detect and calls it and it fails] $ cd src $ ./H5detect [...] Bus error So the problem is just getting hdf5 run on sparc. Looking at the Debian package hdf5, it does't have any sparc specific patches. Looking at the sparc buildlog for the hdf5 package, the H5detect works just fine in it (search for it): http://buildd.debian.org/fetch.cgi?pkg=hdf5;ver=1.6.6-4;arch=sparc;stamp=1207153381 So we just need to use this (older) hdf5 in Debian from paraview and it would solve all problems, because we will leave the portability of hdf5 to the hdf5 guys. :) Any volunteers to try to compile paraview with Debian hdf5, instead of the one in Utilities/hdf5? That would help a lot, since I am very busy with my thesis now. Thanks, Ondrej -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#494031: [Pkg-scicomp-devel] Bug#494031: Bug#494031: Bug#494031: paraview_3.2.3-2(sparc/unstable): FTBFS on sparc, bus error
Ok, here is how to reproduce it on sparc with upstream hdf5-1.8.1: $ wget ftp://ftp.hdfgroup.org/HDF5/current/src/hdf5-1.8.1.tar.gz $ tar xzf hdf5-1.8.1.tar.gz $ cd hdf5-1.8.1 $ ./configure $ make [wait a while, then it compiles H5detect and calls it and it fails] $ cd src $ ./H5detect [...] Bus error So the problem is just getting hdf5 run on sparc. Looking at the Debian package hdf5, it does't have any sparc specific patches. I just confirmed, that taking the source package of hdf5 in Debian and doing: $ ./configure $ make $ cd src $ ./H5detect will not break, it works nicely. So we just need to take those sources and be done with it. Any volunteers? Ondrej -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496624: tries to build sid source on etch
Hi, It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. There is no such package called 'schedutils', ionice is included in util-linux. Well, there was in stable. Judging from the information that reportbug provided about other package versions and APT policy, the reporter is trying to build util-vserver from sid on etch. That may indeed not work but is obviously not a supported configuration. Thijs pgpC8ve9ggqIp.pgp Description: PGP signature
Processed: confirmed, patch
Processing commands for [EMAIL PROTECTED]: tags 496392 confirmed patch Bug#496392: The possibility of attack with the help of symlinks in some Debian packages Tags were: security Tags added: confirmed, patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496392: confirmed, patch
tags 496392 confirmed patch thanks Hi, The issue is indeed present. Put the attached patch in debian/patches to fix it. cheers, Thijs 10_fix_insecure_tmp.dpatch Description: application/shellscript pgpzLRXPNPxDq.pgp Description: PGP signature
Bug#493967: freeze exception requested for RC bug (wrong copyright file)
Hi, As Dennis Brakhane report in #493967, I made a mistake when writing debian/copyright when I started packaging mercurial: I talk about GPL-v2+ instead of GPL-v2 only. My upload 1.0.1-5 has only the debian/copyright changed (switching to the new proposal format at this occasion) [and debian/changelog of course] Can it get a freeze exception ? I also just see that upstream released on August, 13 a minor bug-fix version of mercurial. The changelist is available here: http://www.selenic.com/mercurial/wiki/index.cgi/WhatsNew Do you think that I would be allowed to package it for lenny ? If yes, I will do it immediately. If no, I will wait for the lenny release before packaging it. Note that, according to upstream, this release fix two security bugs. One (CVE-2008-2942) is already fixed in the current package (patch backported). The other one is not. Best regards, Vincent -- Vincent Danjean GPG key ID 0x9D025E87 [EMAIL PROTECTED] GPG key fingerprint: FC95 08A6 854D DB48 4B9A 8A94 0BF7 7867 9D02 5E87 Unofficial pacakges: http://www-id.imag.fr/~danjean/deb.html#package APT repo: deb http://perso.debian.org/~vdanjean/debian unstable main -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496624: util-vserver: missing dependency : schedutils (for ionice)
On Tue, Aug 26, 2008 at 08:36:51AM -0400, Micah Anderson wrote: Hi, * kaouete [EMAIL PROTECTED] [2008-08-26 01:40-0400]: Justification: no longer builds from source Can you provide a build log showing this? It is just the configure script that fails and say ionice is nowhere to be found. It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. There is no such package called 'schedutils', ionice is included in util-linux. Like someone else said : I am on etch, so I guess this is the reason why it did not work. If it is in util-linux and this package is a dependency of util-vserver, I guess this bug report should be closed :) Maybe the depends field can specify a minimum version of util-linux that contains ionice ? Looks like ionice was added after the current version of util-linux in stable (I can't check on packages.debian.org, it doesn't seems to respond ...) Next time I will check the dependencies more thoroughly :) kaouete signature.asc Description: Digital signature
Processed: Patch for parallel builds failure
Processing commands for [EMAIL PROTECTED]: tags 490333 patch Bug#490333: lmemory: FTBFS: /bin/sh: ./config.status: No such file or directory There were no tags set. Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#490333: Patch for parallel builds failure
tags 490333 patch thanks Here's a patch attached that fixes target inter-dependencies in debian/rules. -- damJabberID: [EMAIL PROTECTED] commit 29f7767b74c6c7085a52348c14a3e8450198d1fb Author: Damyan Ivanov [EMAIL PROTECTED] Date: Tue Aug 26 16:47:15 2008 +0300 rules: fix target dependencies Allows for parallel build, Closes: #490333 diff --git a/debian/rules b/debian/rules index e323b43..fb572db 100755 --- a/debian/rules +++ b/debian/rules @@ -41,8 +41,8 @@ configure-stamp: touch configure-stamp -build: configure-stamp build-stamp -build-stamp: +build: build-stamp +build-stamp: configure-stamp dh_testdir $(MAKE) signature.asc Description: Digital signature
Bug#493967: marked as done (mercurial: Incorrect license text. Mercurial is GPLv2 only)
Your message dated Tue, 26 Aug 2008 13:47:03 + with message-id [EMAIL PROTECTED] and subject line Bug#493967: fixed in mercurial 1.0.1-5 has caused the Debian Bug report #493967, regarding mercurial: Incorrect license text. Mercurial is GPLv2 only to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 493967: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493967 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: mercurial Version: 1.0.1-4 Severity: serious Justification: Policy 12.5 /usr/share/doc/mercurial/copyright states: This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. The (at your option) any later version is wrong! Mercurial is licensed as GPLv2 only, see here: http://selenic.com/pipermail/mercurial/2008-August/020534.html or the mercurial homepage. Greetings, Dennis -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25-1-686 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages mercurial depends on: ii libc6 2.7-13 GNU C Library: Shared libraries ii mercurial-common 1.0.1-4Scalable distributed version contr ii python2.5.2-2An interactive high-level object-o ii python-support0.8.5 automated rebuilding support for P ii ucf 3.007 Update Configuration File: preserv Versions of packages mercurial recommends: ii kdiff30.9.92-2 compares and merges 2 or 3 files o ii meld 1.1.5.1-2 graphical tool to diff and merge f pn python-beaker none (no description available) Versions of packages mercurial suggests: ii emacs 22.2+2-3 The GNU Emacs editor (metapackage) ii python-elementtree1.2.6-12 Light-weight toolkit for XML proce pn python-mysqldbnone (no description available) pn python-pygments none (no description available) ii python-subversion 1.5.1dfsg1-1 Python bindings for Subversion ii qct 1.5-1 GUI commit tool ii tk8.4 [wish] 8.4.19-2 Tk toolkit for Tcl and X11, v8.4 - ii vim 1:7.1.314-3+b1 Vi IMproved - enhanced vi editor -- no debconf information ---End Message--- ---BeginMessage--- Source: mercurial Source-Version: 1.0.1-5 We believe that the bug you reported is fixed in the latest version of mercurial, which is due to be installed in the Debian FTP archive: mercurial-common_1.0.1-5_all.deb to pool/main/m/mercurial/mercurial-common_1.0.1-5_all.deb mercurial_1.0.1-5.diff.gz to pool/main/m/mercurial/mercurial_1.0.1-5.diff.gz mercurial_1.0.1-5.dsc to pool/main/m/mercurial/mercurial_1.0.1-5.dsc mercurial_1.0.1-5_amd64.deb to pool/main/m/mercurial/mercurial_1.0.1-5_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Vincent Danjean [EMAIL PROTECTED] (supplier of updated mercurial package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 26 Aug 2008 15:28:20 +0200 Source: mercurial Binary: mercurial mercurial-common Architecture: all amd64 source Version: 1.0.1-5 Distribution: unstable Urgency: low Maintainer: Python Applications Packaging Team [EMAIL PROTECTED] Changed-By: Vincent Danjean [EMAIL PROTECTED] Closes: 493967 Description: mercurial-common - Scalable distributed version control system (Common files) mercurial - Scalable distributed version control system Changes: mercurial (1.0.1-5) unstable; urgency=low . * Fix debian/copyright (GPL-2 only and not GPL-2+) (Closes: #493967) Checksums-Sha1: 2834699db7752c008bd401d1e9e777d2cfeaee2f 475242 mercurial-common_1.0.1-5_all.deb 7445c1055759b5f2d0939675570f02d9fed17bc1 1408 mercurial_1.0.1-5.dsc
Bug#496383: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 14:02:07 + with message-id [EMAIL PROTECTED] and subject line Bug#496383: fixed in xastir 1.9.2-1.1 has caused the Debian Bug report #496383, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496383: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496383 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xastir Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file: /usr/lib/emacsen-common/packages/install/emacs-jabber
Bug#496428: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 14:02:02 + with message-id [EMAIL PROTECTED] and subject line Bug#496428: fixed in emacs-jabber 0.7.91-2 has caused the Debian Bug report #496428, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496428: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496428 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: emacs-jabber Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file:
Processed: retitle 496646 to RM: linuxtrade -- RoM, broken
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.9.26 retitle 496646 RM: linuxtrade -- RoM, broken Bug#496646: please remove the linuxtrade package Changed Bug title to `RM: linuxtrade -- RoM, broken' from `please remove the linuxtrade package'. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486937: marked as done (DEB_BUILD_OPTIONS must be whitespace-separated)
Your message dated Tue, 26 Aug 2008 16:42:51 +0200
with message-id [EMAIL PROTECTED]
and subject line DEB_BUILD_OPTIONS is whitespace-separated since 1.14.21
has caused the Debian Bug report #486937,
regarding DEB_BUILD_OPTIONS must be whitespace-separated
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
486937: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486937
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: dpkg-dev
Version: 1.14.20
Severity: serious
Tags: patch
Policy 3.8.0.1, section 4.9.1, on DEB_BUILD_OPTIONS:
If multiple flags are given, they must be separated by whitespace.
dpkg-buildpackage uses , separators instead, which breaks any rules
file that follows the example code in Policy.
Presumably this bug is not RC for lenny, as the relevant Policy text is
new to 3.8.0.
diff -urN dpkg-1.14.20.orig/scripts/Dpkg/BuildOptions.pm
dpkg-1.14.20/scripts/Dpkg/BuildOptions.pm
--- dpkg-1.14.20.orig/scripts/Dpkg/BuildOptions.pm 2008-06-18
02:33:30.0 -0500
+++ dpkg-1.14.20/scripts/Dpkg/BuildOptions.pm 2008-06-18 23:45:52.0
-0500
@@ -38,13 +38,13 @@
$overwrite = 1 if not defined($overwrite);
my $env = $overwrite ? '' : $ENV{DEB_BUILD_OPTIONS}||'';
-if ($env) { $env .= ',' }
+if ($env) { $env .= ' ' }
while (my ($k, $v) = each %$opts) {
if ($v) {
- $env .= $k=$v,;
+ $env .= $k=$v ;
} else {
- $env .= $k,;
+ $env .= $k ;
}
}
---End Message---
---BeginMessage---
Version: 1.14.21
This has been fixed in the 1.14.21 version that just got uploaded (but
lacked a Closes: entry).
Cheers,
--
Raphaël Hertzog
Le best-seller français mis à jour pour Debian Etch :
http://www.ouaza.com/livre/admin-debian/
---End Message---
Processed: severity of 496646 is normal
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.9.26 severity 496646 normal Bug#496646: RM: linuxtrade -- RoM, broken Severity set to `normal' from `grave' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496425: The possibility of attack with the help of symlinks in some Debian packages
severity 496420 important severity 496425 important thanks Dmitry E. Oboukhov wrote: Binary-package: ogle (0.9.2-5.2) file: /usr/lib/ogle/ogle_audio_debug file: /usr/lib/ogle/ogle_cli_debug file: /usr/lib/ogle/ogle_ctrl_debug file: /usr/lib/ogle/ogle_gui_debug file: /usr/lib/ogle/ogle_mpeg_ps_debug file: /usr/lib/ogle/ogle_mpeg_vs_debug file: /usr/lib/ogle/ogle_nav_debug file: /usr/lib/ogle/ogle_vout_debug The temp race issues are only present in some debug scripts not present in the standard path, so I'm lowering the severity. Alan, shouldn't ogle rather be dropped from the archive? It's dead upstream (last release from 2003), the MMX versions appears broken (#351857, #347277), it only supports OSS (#307610), and you haven't uploaded since two years. I remember to have used Ogle ages ago since it was the first DVD-menu-capable player for Linux, but it seems superseded by other players today. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491848: marked as done (undeclared (and wrong) dependency on python2.5-dev)
Your message dated Tue, 26 Aug 2008 14:47:05 +
with message-id [EMAIL PROTECTED]
and subject line Bug#491848: fixed in jppy 0.0.47-1
has caused the Debian Bug report #491848,
regarding undeclared (and wrong) dependency on python2.5-dev
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
491848: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491848
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
---BeginMessage---
Package: jppy-jpilot-plugins
Version: 0.0.45-1
Severity: serious
Tags: upstream
Unless python2.5-dev is installed, jpilot can't spawn the jppy
plugin but instead writes on startup:
jppy: Starting...
libpython2.5.so: cannot open shared object file: No such file or
directory
piper:~|master|% ls -l /usr/lib/libpython2.5.so /usr/lib/libpython2.5.so.1;
dpkg -S /usr/lib/libpython2.5.so /usr/lib/libpython2.5.so.1.0
lrwxrwxrwx 1 root root 17 2008-07-22 14:10 /usr/lib/libpython2.5.so -
libpython2.5.so.1
lrwxrwxrwx 1 root root 19 2008-07-13 21:51 /usr/lib/libpython2.5.so.1 -
libpython2.5.so.1.0
python2.5-dev: /usr/lib/libpython2.5.so
python2.5: /usr/lib/libpython2.5.so.1.0
Yet, the plugin seems to be linked properly:
piper:~|master|% ldd /usr/lib/jpilot/plugins/libjppy.so | grep pyth
libpython2.5.so.1.0 = /usr/lib/libpython2.5.so.1.0 (0x7febb2f26000)
This seems to be due to
jpilot_plugins/jppy.c:210:
// we seem to have to do this, as well as just linking this plugin
// to the python library, otherwise init_pygobject() causes the
// plugin to stop-and-exit. If we only do this and don't link,
// then we get··
// error [/usr/lib/jpilot/plugins/libjppy.so: undefined symbol:
PyExc_ImportError]
if (!dlopen (PYTHON_SHARED_LIB, RTLD_NOW | RTLD_GLOBAL)) {·
jp_logf(JP_LOG_FATAL, \n%s\n, dlerror());·
python_is_working = 0;·
return 0;·
}·
and SConstruct:194:
jppyPluginEnv.Append(CPPDEFINES=['PYTHON_SHARED_LIB=\\libpython${python_version}.so\\'])
If we remove all this code, the plugin fails to load and jpilot just
says:
Python is not running, unable to generate GUI!
but I could get it to say anything about PyExc_ImportError, even
with jpilot's -d flag.
I'd say this is quite a horrible hack and we should try to get rid
of it, but if that fails, then PYTHON_SHARED_LIB needs to be defined
to point to the same .so.* file with which the plugin is linked,
which I suppose has to be determined with
readlink -f /usr/lib/libpython2.5.so
(which would work during build on Debian at least).
With PYTHON_SHARED_LIB set to libpython2.5.so.1.0, stuff still
doesn't work, however:
jppy: Ready.
(-v:22246): libglade-WARNING **: could not find glade file
'@@python_module_prefix@@/gui/contacts.glade'
Traceback (most recent call last):
File /usr/lib/jpilot/plugins/jpilot_site.py, line 6, in plugin_gui
combined.notebook(hbox, control_mainloop=0)
File jppy/gui/combined.py, line 22, in __init__
self.panes.append(contacts.pane(glade_path))
File jppy/gui/contacts.py, line 47, in __init__
wTree = gtk.glade.XML(gladefile,vpanedContacts)
RuntimeError: could not create GladeXML object
Warning! Failed during python version of plugin_gui().
Is the only solution to depend on python2.5-dev???
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages jppy-jpilot-plugins depends on:
ii jppy 0.0.45-1 Personal Information Manager using
ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit
ii libc6 2.7-12 GNU C Library: Shared libraries
ii libcairo2 1.6.4-6The Cairo 2D vector graphics libra
ii libglib2.0-0 2.16.4-2 The GLib library of C routines
ii libgtk2.0-0 2.12.11-2 The GTK+ graphical user interface
ii libpango1.0-0 1.20.5-1 Layout and rendering of internatio
ii python2.5 2.5.2-8An interactive high-level object-o
Versions of packages jppy-jpilot-plugins recommends:
ii jpilot1.6.0-1graphical app. to modify the conte
jppy-jpilot-plugins suggests no packages.
-- no debconf information
--
.''`. martin f. krafft [EMAIL PROTECTED]
: :' : proud Debian developer, author, administrator, and user
`. `'`
Processed: Re: The possibility of attack with the help of symlinks in some Debian packages
Processing commands for [EMAIL PROTECTED]: severity 496420 important Bug#496420: The possibility of attack with the help of symlinks in some Debian packages Severity set to `important' from `grave' severity 496425 important Bug#496425: The possibility of attack with the help of symlinks in some Debian packages Severity set to `important' from `grave' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#482645: marked as done ([965GM] rendering problems (missing text/images) with exa composite)
Your message dated Tue, 26 Aug 2008 15:17:03 + with message-id [EMAIL PROTECTED] and subject line Bug#451791: fixed in xserver-xorg-video-intel 2:2.3.2-2+lenny3 has caused the Debian Bug report #451791, regarding [965GM] rendering problems (missing text/images) with exa composite to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 451791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451791 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xserver-xorg-video-intel Version: 2:2.3.1-1 Severity: grave Hi, Upgrading to a newer version of xserver-xorg-video-intel makes my system break horribly! :( X starts but I can see no written text or icons, so everything is pretty unuseable. This is reverted to normal downgrading this package to version 2.1.1... Thanks, Guido -- Package-specific info: /var/lib/x11/X.roster does not exist. /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 2008-03-27 16:39 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1831520 2008-04-29 20:38 /usr/bin/Xorg Contents of /var/lib/x11/xorg.conf.roster: xserver-xorg VGA-compatible devices on PCI bus: 00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller (rev 0c) /etc/X11/xorg.conf does not match checksum in /var/lib/x11/xorg.conf.md5sum. Xorg X server configuration file status: -rw-r--r-- 1 root root 2097 2008-05-12 23:13 /etc/X11/xorg.conf Contents of /etc/X11/xorg.conf: # xorg.conf (xorg X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the xorg.conf manual page. # (Type man xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section Files EndSection Section InputDevice Identifier Generic Keyboard Driver kbd Option CoreKeyboard Option XkbRules xorg Option XkbModel pc105 Option XkbLayout gb EndSection Section InputDevice Identifier Configured Mouse Driver mouse Option CorePointer Option Device/dev/input/mice Option Protocol ImPS/2 Option Emulate3Buttons true EndSection Section InputDevice Identifier Synaptics Touchpad Driver synaptics Option SendCoreEventstrue Option Device/dev/psaux Option Protocol auto-dev Option HorizScrollDelta 0 EndSection Section Device Identifier Generic Video Card Driver intel BusID PCI:0:2:0 Option monitor-TV TV # Option monitor-VGA VGA EndSection #Section Monitor # Identifier VGA # Option RightOf LVDS #EndSection Section Monitor Identifier TV Option Ignore true EndSection Section Monitor Identifier Generic Monitor Option DPMS HorizSync 28-64 VertRefresh 43-60 EndSection Section Screen Identifier Default Screen Device Generic Video Card Monitor Generic Monitor DefaultDepth24 SubSection Display Modes 1280x1024 1280x800 1280x768 1200x800 1024x768 EndSubSection EndSection Section ServerLayout Identifier Default Layout Screen Default Screen InputDevice Generic Keyboard InputDevice Configured Mouse InputDevice Synaptics Touchpad EndSection Xorg X server log files on system: -rw-r--r-- 1 root root 34703 2008-05-24 09:04 /var/log/Xorg.0.log Contents of most recent Xorg X server log file /var/log/Xorg.0.log: X.Org X Server 1.4.0 Release Date: 5 September 2007 X Protocol Version 11, Revision 0 Build Operating System: Linux Debian (xorg-server 2:1.4-3) Current Operating System: Linux rx 2.6.25.4rx00 #1 SMP PREEMPT Wed May 21 15:54:06 IST 2008 x86_64 Build Date: 29 September 2007 08:59:46PM Before reporting problems, check
Bug#452268: marked as done ([965G EXA] all fonts are unreadable)
Your message dated Tue, 26 Aug 2008 15:17:03 + with message-id [EMAIL PROTECTED] and subject line Bug#451791: fixed in xserver-xorg-video-intel 2:2.3.2-2+lenny3 has caused the Debian Bug report #451791, regarding [965G EXA] all fonts are unreadable to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 451791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451791 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xserver-xorg Version: 1:7.2-5 Severity: serious --- Please enter the report below this line. --- I use unstable and in some recent upgrade (I think yesterday, or the day before that), all fonts became unreadable. When I start xterm in .xsession, the font is readable, but whenever I start gnome-session, or kde, or xfce, or kate, or openoffice or gnome-terminal from the xterm, it's completely unusable, because I cannot read anything - there are black rectangles instead of the letters in all fonts. So I did $ sudo apt-get remove --purge xserver-xorg-core changed sources.list from unstable to testing $ sudo apt-get update $ sudo apt-get install xorg and everything started to work again. So the bug is clearly in xorg somewhere. Any ideas? Please ask for more information, I don't know what could be relevant as I don't understand fonts much. Thanks, Ondrej This is my original xorg.conf: # /etc/X11/xorg.conf (xorg X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the /etc/X11/xorg.conf manual page. # (Type man /etc/X11/xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section Files FontPath/usr/share/fonts/X11/misc FontPath/usr/X11R6/lib/X11/fonts/misc FontPath/usr/share/fonts/X11/cyrillic FontPath/usr/X11R6/lib/X11/fonts/cyrillic FontPath/usr/share/fonts/X11/100dpi/:unscaled FontPath/usr/X11R6/lib/X11/fonts/100dpi/:unscaled FontPath/usr/share/fonts/X11/75dpi/:unscaled FontPath/usr/X11R6/lib/X11/fonts/75dpi/:unscaled FontPath/usr/share/fonts/X11/Type1 FontPath/usr/X11R6/lib/X11/fonts/Type1 FontPath/usr/share/fonts/X11/100dpi FontPath/usr/X11R6/lib/X11/fonts/100dpi FontPath/usr/share/fonts/X11/75dpi FontPath/usr/X11R6/lib/X11/fonts/75dpi # path to defoma fonts FontPath/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType EndSection Section Module Loadi2c Loadbitmap Loadddc Loaddri Loadextmod Loadfreetype Loadglx Loadint10 Loadtype1 Loadvbe EndSection Section InputDevice Identifier Generic Keyboard Driver kbd Option CoreKeyboard Option XkbRules xorg Option XkbModel pc104 Option XkbLayout us EndSection Section InputDevice Identifier Configured Mouse Driver mouse Option CorePointer Option Device/dev/input/mice Option Protocol ImPS/2 Option Emulate3Buttons true EndSection Section Device Identifier Generic Video Card #Driver vesa Driver i810 EndSection Section Monitor Identifier BenQ FP93G Option DPMS EndSection Section Screen Identifier Default Screen Device Generic Video Card Monitor BenQ FP93G DefaultDepth24 SubSection Display Depth 1 Modes 1280x1024 1152x864 1024x768 832x624 800x600 720x400 640x480 640x350 EndSubSection SubSection Display Depth 4 Modes 1280x1024 1152x864 1024x768 832x624 800x600 720x400 640x480 640x350 EndSubSection SubSection Display Depth 8 Modes 1280x1024 1152x864 1024x768 832x624
Bug#483487: marked as done (xserver-xorg-video-intel: font rendering problem hit me about two weeks ago)
Your message dated Tue, 26 Aug 2008 15:17:03 + with message-id [EMAIL PROTECTED] and subject line Bug#451791: fixed in xserver-xorg-video-intel 2:2.3.2-2+lenny3 has caused the Debian Bug report #451791, regarding xserver-xorg-video-intel: font rendering problem hit me about two weeks ago to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 451791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451791 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xserver-xorg-video-intel Version: 2:2.3.1-1 Severity: normal I track all the testing updates and ended up with no font rendering starting about two weeks ago. At first all the fonts became invisible/transparent. That lasted for two weeks, as I was trying reinstallation of all the X parts to no effect. Then it suddenly started working normally for awhile on Saturday. After rebooting that time, it turned into the black rectangles as in the JPG included in this thread. To confirm that my hardware had not glitched, I installed another fresh testing image onto a spare disk, but it had black rectangles, too. Then I tried installing Ubuntu 8.4 and that worked perfectly out of the box, including compiz, etc. I took the deb from the Ubuntu install and used dpkg to force it onto my Debian testing. That turned the font rendering back into transparent. So I tried a couple more older versions from snapshot.debian.net, but those were all transparent back to November. The working Ubuntu version is 2:2.2.1-1ubuntu13. I guess that depends on a related core version to work so nicely. One odd effect that drove me crazy was that every once in a while, maybe every 15 restarts, the fonts would come back working normally. Just enough random reinforcement to drive me nuts. Then on the next reboot they were back to black rectangles. I thought I had some kind of disk corruption of those particular GUI fonts for awhile, then worried my hardware was unstable, since it worked sometimes but not others. Finally I stumbled across this bug report. The workaround to add AccelMethod XAA works perfectly for me. -- Package-specific info: Contents of /var/lib/x11/X.roster: xserver-xorg /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 2007-09-05 17:59 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1674940 2008-04-29 13:37 /usr/bin/Xorg Contents of /var/lib/x11/xorg.conf.roster: xserver-xorg VGA-compatible devices on PCI bus: 00:02.0 VGA compatible controller: Intel Corporation 82Q963/Q965 Integrated Graphics Controller (rev 02) /etc/X11/xorg.conf does not match checksum in /var/lib/x11/xorg.conf.md5sum. Xorg X server configuration file status: -rw-r--r-- 1 root root 1755 2008-05-28 18:16 /etc/X11/xorg.conf Contents of /etc/X11/xorg.conf: # xorg.conf (xorg X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the xorg.conf manual page. # (Type man xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section Files EndSection Section InputDevice Identifier Generic Keyboard Driver kbd Option CoreKeyboard Option XkbRules xorg Option XkbModel pc104 Option XkbLayout us EndSection Section InputDevice Identifier Configured Mouse Driver mouse Option CorePointer Option Device/dev/input/mice Option Protocol ImPS/2 Option Emulate3Buttons false Option ZAxisMapping 4 5 EndSection Section Device Identifier Intel Corporation 82Q963/Q965 Integrated Graphics Controller Driver intel BusID PCI:0:2:0 Option AccelMethod XAA EndSection Section Monitor Identifier Generic Monitor Option DPMS HorizSync 28-84 VertRefresh 43-60 EndSection Section Screen Identifier Default Screen Device Intel Corporation 82Q963/Q965 Integrated Graphics Controller Monitor Generic
Bug#462921: marked as done (xserver-xorg-video-intel: exa corruption with 965Q)
Your message dated Tue, 26 Aug 2008 15:17:03 + with message-id [EMAIL PROTECTED] and subject line Bug#451791: fixed in xserver-xorg-video-intel 2:2.3.2-2+lenny3 has caused the Debian Bug report #451791, regarding xserver-xorg-video-intel: exa corruption with 965Q to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 451791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451791 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xserver-xorg-video-intel Version: 2:2.2.0+git20080107-1 Severity: important Hi, since december the xserver-xorg-video-intel driver doesn't work with exa on my 965Q card. I get no font in gdm, and in icewm. Forcing XAA mode make the driver work again. PS : 2:2.2.0+git20080107-1 doesn't slove the problem. -- Package-specific info: Contents of /var/lib/x11/X.roster: xserver-xorg /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 jan 3 2007 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1673916 jan 18 22:59 /usr/bin/Xorg Contents of /var/lib/x11/xorg.conf.roster: xserver-xorg VGA-compatible devices on PCI bus: 00:02.0 VGA compatible controller: Intel Corporation 82Q963/Q965 Integrated Graphics Controller (rev 02) /etc/X11/xorg.conf does not match checksum in /var/lib/x11/xorg.conf.md5sum. Xorg X server configuration file status: -rw-r--r-- 1 root root 3054 jan 28 09:42 /etc/X11/xorg.conf Contents of /etc/X11/xorg.conf: # /etc/X11/xorg.conf (xorg X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the /etc/X11/xorg.conf manual page. # (Type man /etc/X11/xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section Files FontPath/usr/share/fonts/X11/misc FontPath/usr/X11R6/lib/X11/fonts/misc FontPath/usr/share/fonts/X11/cyrillic FontPath/usr/X11R6/lib/X11/fonts/cyrillic FontPath/usr/share/fonts/X11/100dpi/:unscaled FontPath/usr/X11R6/lib/X11/fonts/100dpi/:unscaled FontPath/usr/share/fonts/X11/75dpi/:unscaled FontPath/usr/X11R6/lib/X11/fonts/75dpi/:unscaled FontPath/usr/share/fonts/X11/Type1 FontPath/usr/X11R6/lib/X11/fonts/Type1 FontPath/usr/share/fonts/X11/100dpi FontPath/usr/X11R6/lib/X11/fonts/100dpi FontPath/usr/share/fonts/X11/75dpi FontPath/usr/X11R6/lib/X11/fonts/75dpi # path to defoma fonts FontPath/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType EndSection Section Module Loadbitmap Loaddbe Loadddc Loaddri Loadextmod Loadfreetype Loadglx Loadint10 Loadrecord Loadvbe EndSection Section InputDevice Identifier Generic Keyboard Driver kbd Option CoreKeyboard Option XkbRulesxorg Option XkbModelpc105 Option XkbLayout fr EndSection Section InputDevice Identifier Configured Mouse Driver mouse Option CorePointer Option Device /dev/input/mice Option ProtocolImPS/2 Option Emulate3Buttons true EndSection Section Device Identifier Carte vido gnrique Driver i810 #Driver vesa BusID PCI:0:2:0 Option AccelMethod XAA EndSection Section Monitor Identifier cran gnrique Option DPMS HorizSync 30-83 VertRefresh 50-76 EndSection Section Screen Identifier Default Screen Device Carte vido gnrique Monitor cran gnrique DefaultDepth24 SubSection Display Depth 1 Modes 1280x1024 800x600 640x480 EndSubSection SubSection Display Depth 4 Modes 1280x1024 800x600 640x480 EndSubSection
Bug#496272: marked as done ([965GM] fonts and menu icons are blank)
Your message dated Tue, 26 Aug 2008 15:17:03 + with message-id [EMAIL PROTECTED] and subject line Bug#451791: fixed in xserver-xorg-video-intel 2:2.3.2-2+lenny3 has caused the Debian Bug report #451791, regarding [965GM] fonts and menu icons are blank to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 451791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451791 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xserver-xorg Version: 1:7.3+15 Severity: grave Justification: renders package unusable I just installed lenny with the netinst installer on a Thinkpad X61. All the fonts are blank. gdm or kdm. I log into gnome and the fonts and menus are all blank. I can click on the menu, and the entries highlight, but they are all blank. It doesn't matter if I use the default xorg.conf file generated by dpkg or if I use the one that used to work with this system before my hard drive died. I don't see how it could be related, but also the bottom pixel of the capital S is missing from the default console font. Mark -- Package-specific info: Contents of /var/lib/x11/X.roster: xserver-xorg /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 2008-08-22 11:46 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1719604 2008-08-02 14:43 /usr/bin/Xorg Contents of /var/lib/x11/xorg.conf.roster: xserver-xorg VGA-compatible devices on PCI bus: 00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller (rev 0c) /etc/X11/xorg.conf unchanged from checksum in /var/lib/x11/xorg.conf.md5sum. Xorg X server configuration file status: -rw-r--r-- 1 root root 1077 2008-08-23 20:44 /etc/X11/xorg.conf Contents of /etc/X11/xorg.conf: # xorg.conf (X.Org X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the xorg.conf manual page. # (Type man xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section InputDevice Identifier Generic Keyboard Driver kbd Option XkbRules xorg Option XkbModel pc104 Option XkbLayout us EndSection Section InputDevice Identifier Configured Mouse Driver mouse EndSection Section Device Identifier Configured Video Device EndSection Section Monitor Identifier Configured Monitor EndSection Section Screen Identifier Default Screen Monitor Configured Monitor EndSection Xorg X server log files on system: -rw-r--r-- 1 root root 34482 2008-08-23 20:53 /var/log/Xorg.0.log Contents of most recent Xorg X server log file /var/log/Xorg.0.log: X.Org X Server 1.4.2 Release Date: 11 June 2008 X Protocol Version 11, Revision 0 Build Operating System: Linux Debian (xorg-server 2:1.4.2-3) Current Operating System: Linux maggie 2.6.25-2-686 #1 SMP Fri Jul 18 17:46:56 UTC 2008 i686 Build Date: 02 August 2008 11:27:26PM Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: /var/log/Xorg.0.log, Time: Sat Aug 23 20:53:36 2008 (==) Using config file: /etc/X11/xorg.conf (==) No Layout section. Using the first Screen section. (**) |--Screen Default Screen (0) (**) | |--Monitor Configured Monitor (==) No device specified for screen Default Screen. Using the first device section listed. (**) | |--Device Configured Video Device (==) |--Input Device Configured Mouse (==) |--Input Device Generic Keyboard (==) The core pointer device wasn't specified explicitly in the layout. Using the first mouse device. (==) The core keyboard device wasn't specified explicitly in the layout. Using the first keyboard device. (==) Automatically adding devices (==) Automatically enabling devices (==) No FontPath specified. Using compiled-in default. (WW) The directory
Bug#496624: marked as done (util-vserver: missing dependency : schedutils (for ionice))
Your message dated Tue, 26 Aug 2008 11:44:13 -0400 with message-id [EMAIL PROTECTED] and subject line Re: Bug#496624: util-vserver: missing dependency : schedutils (for ionice) has caused the Debian Bug report #496624, regarding util-vserver: missing dependency : schedutils (for ionice) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496624: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496624 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: util-vserver Version: 0.30.216~r2772-1 Severity: serious Justification: no longer builds from source Hello, It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. Thanks you. -- System Information: Debian Release: 4.0 APT prefers proposed-updates APT policy: (991, 'proposed-updates'), (990, 'stable'), (450, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.25-2-vserver-686 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Versions of packages util-vserver depends on: ii debconf1.5.11etch2 Debian configuration management sy ii iproute20061002-3Professional tools to control the ii libbeecrypt6 4.1.2-6 open source C library of cryptogra ii libc6 2.3.6.ds1-13etch7 GNU C Library: Shared libraries ii make 3.81-2The GNU version of the make util ii net-tools 1.60-17 The NET-3 networking toolkit Versions of packages util-vserver recommends: ii binutils2.17-3 The GNU assembler, linker and bina ii debootstrap 0.3.3.2etch1 Bootstrap a basic Debian system -- debconf information: util-vserver/prerm_stop_running_vservers: true util-vserver/postrm_remove_vserver_configs: false ---End Message--- ---BeginMessage--- * Victor NOEL [EMAIL PROTECTED] [2008-08-26 07:22-0400]: It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. There is no such package called 'schedutils', ionice is included in util-linux. Like someone else said : I am on etch, so I guess this is the reason why it did not work. Yes, you will need to adjust the build-dependencies to make it build properly on etch. If it is in util-linux and this package is a dependency of util-vserver, I guess this bug report should be closed :) I'm closing it, thanks. Maybe the depends field can specify a minimum version of util-linux that contains ionice ? This is not possible to do in etch, you maybe would prefer to wait until the package is available in backports.org. Next time I will check the dependencies more thoroughly :) No problem, micah signature.asc Description: Digital signature ---End Message---
Bug#496624: util-vserver: missing dependency : schedutils (for ionice)
* Victor NOEL [EMAIL PROTECTED] [2008-08-26 07:22-0400]: It looks like the ionice binary is needed by the configure script. It is included in the schedutils package which is not a dependency of util-vserver. There is no such package called 'schedutils', ionice is included in util-linux. Like someone else said : I am on etch, so I guess this is the reason why it did not work. Yes, you will need to adjust the build-dependencies to make it build properly on etch. If it is in util-linux and this package is a dependency of util-vserver, I guess this bug report should be closed :) I'm closing it, thanks. Maybe the depends field can specify a minimum version of util-linux that contains ionice ? This is not possible to do in etch, you maybe would prefer to wait until the package is available in backports.org. Next time I will check the dependencies more thoroughly :) No problem, micah signature.asc Description: Digital signature
Bug#495722: Uninstallable Qt-4.4.1 packages in experimental?
On Wed, Aug 20, 2008 at 10:54:22AM +1000, Nathan Scott wrote: Package: qt4-x11 Version: 4.4.1-1 Severity: serious I'm trying to install the 4.4.1 packages from experimental, to see if 483790 is really resolved for my app, and I'm struggling - it kinda, sorta, maybe looks like a packaging botch in libqtcore4 vs libqtgui4? Below is what I see from dpkg... (which suggests that the libqtcore4 package comes from two different .deb files??) In the full output below, note particularly these lines: Preparing to replace libqtcore4 4.4.1-1 (using libqtcore4_4.4.1-1_i386.deb) ... Unpacking replacement libqtcore4 ... Preparing to replace libqtcore4 4.4.1-1 (using libqtgui4_4.4.1-1_i386.deb) ... Unpacking replacement libqtcore4 ... [and later] More than one copy of package libqtcore4 has been unpacked in this run ! Only configuring it once. This seems to cause a follow-on effect of not allowing most other things to be installed, as libqtgui4 isn't there. Thanks for your help! cheers. (Reading database ... 199889 files and directories currently installed.) Preparing to replace libqt4-assistant 4.4.1-1 (using libqt4-assistant_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-assistant ... Preparing to replace libqt4-core 4.4.1-1 (using libqt4-core_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-core ... Preparing to replace libqt4-dbus 4.4.1-1 (using libqt4-dbus_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-dbus ... Preparing to replace libqt4-designer 4.4.1-1 (using libqt4-designer_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-designer ... Preparing to replace libqt4-dev 4.4.1-1 (using libqt4-dev_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-dev ... Preparing to replace libqt4-gui 4.4.1-1 (using libqt4-gui_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-gui ... Preparing to replace libqt4-help 4.4.1-1 (using libqt4-help_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-help ... Preparing to replace libqt4-network 4.4.1-1 (using libqt4-network_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-network ... Preparing to replace libqt4-opengl 4.4.1-1 (using libqt4-opengl_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-opengl ... Preparing to replace libqt4-opengl-dev 4.4.1-1 (using libqt4-opengl-dev_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-opengl-dev ... Preparing to replace libqt4-qt3support 4.4.1-1 (using libqt4-qt3support_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-qt3support ... Preparing to replace libqt4-script 4.4.1-1 (using libqt4-script_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-script ... Preparing to replace libqt4-svg 4.4.1-1 (using libqt4-svg_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-svg ... Preparing to replace libqt4-test 4.4.1-1 (using libqt4-test_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-test ... Preparing to replace libqt4-webkit 4.4.1-1 (using libqt4-webkit_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-webkit ... Preparing to replace libqt4-xml 4.4.1-1 (using libqt4-xml_4.4.1-1_i386.deb) ... Unpacking replacement libqt4-xml ... Preparing to replace libqtcore4 4.4.1-1 (using libqtcore4_4.4.1-1_i386.deb) ... Unpacking replacement libqtcore4 ... Preparing to replace libqtcore4 4.4.1-1 (using libqtgui4_4.4.1-1_i386.deb) ... Unpacking replacement libqtcore4 ... Preparing to replace qt4-demos 4.4.1-1 (using qt4-demos_4.4.1-1_i386.deb) ... Unpacking replacement qt4-demos ... Preparing to replace qt4-designer 4.4.1-1 (using qt4-designer_4.4.1-1_i386.deb) ... Unpacking replacement qt4-designer ... Preparing to replace qt4-dev-tools 4.4.1-1 (using qt4-dev-tools_4.4.1-1_i386.deb) ... Unpacking replacement qt4-dev-tools ... Preparing to replace qt4-qtconfig 4.4.1-1 (using qt4-qtconfig_4.4.1-1_i386.deb) ... Unpacking replacement qt4-qtconfig ... More than one copy of package libqtcore4 has been unpacked in this run ! Only configuring it once. dpkg: dependency problems prevent configuration of libqt4-designer: libqt4-designer depends on libqtgui4 (= 4.4.1-1); however: Version of libqtgui4 on system is 4.4.0-3. dpkg: error processing libqt4-designer (--install): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of libqt4-dev: libqt4-dev depends on libqtgui4 (= 4.4.1-1); however: Version of libqtgui4 on system is 4.4.0-3. libqt4-dev depends on libqt4-sql (= 4.4.1-1); however: Version of libqt4-sql on system is 4.4.0-3. libqt4-dev depends on libqt4-xmlpatterns (= 4.4.1-1); however: Version of libqt4-xmlpatterns on system is 4.4.0-3. libqt4-dev depends on libqt4-designer (= 4.4.1-1); however: Package libqt4-designer is not configured yet. dpkg: error processing libqt4-dev (--install): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of libqt4-gui: libqt4-gui depends on libqtgui4 (= 4.4.1-1); however: Version of libqtgui4
Bug#494648: emergency upload request for TWiki
OoO En cette nuit nuageuse du mardi 26 août 2008, vers 00:27, Sven Dowideit [EMAIL PROTECTED] disait : do I need to find and contact (and bribe with beer?) someone to 'convince release-manager'? Bribing with a beer will surely work. You can also just write to [EMAIL PROTECTED] Provide a debdiff with the previous version. -- I WILL NOT INSTIGATE REVOLUTION I WILL NOT INSTIGATE REVOLUTION I WILL NOT INSTIGATE REVOLUTION -+- Bart Simpson on chalkboard in episode 7G06 pgpkvOgHQdR4F.pgp Description: PGP signature
Bug#495380: marked as done (unionfs-fuse: cow fails to create directories)
Your message dated Tue, 26 Aug 2008 16:47:03 + with message-id [EMAIL PROTECTED] and subject line Bug#495380: fixed in unionfs-fuse 0.21-2 has caused the Debian Bug report #495380, regarding unionfs-fuse: cow fails to create directories to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 495380: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495380 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: unionfs-fuse Version: 0.21-1 Severity: grave Tags: patch Justification: renders package unusable ---End Message--- ---BeginMessage--- Source: unionfs-fuse Source-Version: 0.21-2 We believe that the bug you reported is fixed in the latest version of unionfs-fuse, which is due to be installed in the Debian FTP archive: unionfs-fuse_0.21-2.diff.gz to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-2.diff.gz unionfs-fuse_0.21-2.dsc to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-2.dsc unionfs-fuse_0.21-2_amd64.deb to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bernd Schubert [EMAIL PROTECTED] (supplier of updated unionfs-fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 11 Aug 2008 09:22:42 + Source: unionfs-fuse Binary: unionfs-fuse Architecture: source amd64 Version: 0.21-2 Distribution: unstable Urgency: high Maintainer: Bernd Schubert [EMAIL PROTECTED] Changed-By: Bernd Schubert [EMAIL PROTECTED] Description: unionfs-fuse - Fuse implementation of unionfs Closes: 495380 Changes: unionfs-fuse (0.21-2) unstable; urgency=high . * fix a critical bug: creating new files in directories existing only in read-only branches failed, since the directory path wasn't copied to the rw-branch * (closes: #495380) Checksums-Sha1: e4858bb44546ba825cbf9497c421c85d995ce631 1017 unionfs-fuse_0.21-2.dsc 3e877b4829733458fbac054de3ab90e1cacdbd12 4968 unionfs-fuse_0.21-2.diff.gz 7b92f0322e460a340dc5d884749e88a75a47f41c 24760 unionfs-fuse_0.21-2_amd64.deb Checksums-Sha256: 074de0e6d6575ee9fb6422ef5a40531b78d743f47c93b37ded1e737bfcd6ca61 1017 unionfs-fuse_0.21-2.dsc 148c4b21f9a874aa96d31cfa7925c0de6b760841f007c0eeaa2cbcf49bd1ffc9 4968 unionfs-fuse_0.21-2.diff.gz 8988e96c8f865eb0a1a80b79c6d83091c6a9effacb4b38549e5e6aa31b8dd613 24760 unionfs-fuse_0.21-2_amd64.deb Files: 92149e1c2e4b0ce82e3d5f17ea6fe9f9 1017 misc optional unionfs-fuse_0.21-2.dsc 2416d3d550b68da91032c7a56e2fe3ac 4968 misc optional unionfs-fuse_0.21-2.diff.gz a011d85dd230a855840be42cfb807cca 24760 misc optional unionfs-fuse_0.21-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEUEARECAAYFAki0MiwACgkQKFvXofIqeU6lyQCgoKdAwcUNdzPyMTj10HNRSc2e iDQAmKg4sFcECkio0qFA22JqXWTZITU= =Xk5X -END PGP SIGNATURE- ---End Message---
Bug#496598: closed by Frans Pop [EMAIL PROTECTED] (Re: Bug#496598: fix for #494466 causes netinst to fail)
On Tue, Aug 26, 2008 at 06:51:03AM +, Debian Bug Tracking System wrote: Problem is a version mismatch between bootstrap-base (1.93) and base-installer (1.94). This is just the usual arch all versus arch any breakage one can expect in unstable. Will fix itself with next images. Cheers, FJP Indeed it did, thanks Frans! -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#332782: Release Notes: license clarification
Josip Rodin wrote: On Tue, Aug 26, 2008 at 05:42:12AM +0200, W. Martin Borgert wrote: Obviously the implicit copyright all rights reserved would apply by default, but given that all contributions were explicitly published by all of the authors, I think that considering the work to be released into the public domain is a perfectly reasonable legal scenario, until decided otherwise. You try to apply logic and common sense - but we're talking about law - worse, copyright law. Well, okay, but we've already screwed up in theoretical terms. Instead, we have to think about the practical aspects of the law instead - will someone abuse our work, or will someone abuse us in court. (Indeed, many a lawyer will say that we should only ever consider practical aspects, and leave the theory to them.) I suppose copypaste can happen with the Release Notes, but it would not detract from our cause (publishing information about Debian), so we don't care if someone rips us off :) I guess I could envision a case where some minor rogue contributor comes in screaming how his commit was 'all rights reserved' and how they never realized what was happening (shocking! :). But, in such an (unlikely) court battle the onus would be on them to prove that the stuff they committed was both copyrightable in the first place as well as not infringing on previous work (which they apparently didn't have any license to modify). Only after that would they have to explain the insignificant logical details such as just how they managed to mistake the second most visible document in the project -- with the public contact addresses and the public CVS repository with read/write access for many people -- for private venues where their work would be kept safe from copyright infringement. So it's pretty much a non-issue :) Nope, without a license the contributor could ask for compensation per copy that was distributed if the court would agree that he has copyright on it and we didn't have permission to distribute it (which is not far fetched at all without having a license...). Cheers Luk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: [Debian GNUstep maintainers] Bug#495373: Bug#495373: Poor support for the xmonad WM; blank windows with the cairo backend
Processing commands for [EMAIL PROTECTED]: retitle 495373 Offset issues with the xmonad WM Bug#495373: Poor support for the xmonad WM; blank windows with the cairo backend Changed Bug title to `Offset issues with the xmonad WM' from `Poor support for the xmonad WM; blank windows with the cairo backend'. reassign 495373 gnustep-back0.14 Bug#495373: Offset issues with the xmonad WM Bug reassigned from package `gnustep-back0.14-cairo' to `gnustep-back0.14'. clone 495373 -1 Bug#495373: Offset issues with the xmonad WM Bug 495373 cloned as bug 496677. retitle -1 Cairo backend unusable on 64-bit architectures Bug#496677: Offset issues with the xmonad WM Changed Bug title to `Cairo backend unusable on 64-bit architectures' from `Offset issues with the xmonad WM'. reassign -1 lubgnustep-gui0.14 Bug#496677: Cairo backend unusable on 64-bit architectures Warning: Unknown package 'lubgnustep-gui0.14' Bug reassigned from package `gnustep-back0.14' to `lubgnustep-gui0.14'. found -1 0.14.0-3 Bug#496677: Cairo backend unusable on 64-bit architectures Warning: Unknown package 'lubgnustep-gui0.14' Bug marked as found in version 0.14.0-3. severity -1 serious Bug#496677: Cairo backend unusable on 64-bit architectures Warning: Unknown package 'lubgnustep-gui0.14' Severity set to `serious' from `normal' tags -1 patch fixed-upstream Bug#496677: Cairo backend unusable on 64-bit architectures There were no tags set. Warning: Unknown package 'lubgnustep-gui0.14' Tags added: patch, fixed-upstream thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496558: nautilus: Fails to browse
further to this. I have this problem (just recently appeared on a lenny machine). the first obvious problem is no desktop icons, then no window when 'home' or 'desktop' or whatever are selected under 'places' I have noticed it is a problem on one user's desktop but not on another's (i'm not sure the important difference - could be gnome theme? language?) Also, I have noticed on the affected desktop, certain selections of the applications menu cause what looks the same as a metacity restart (all windows, panels (all but the desktop background) vanish and the screen redraws itself.) This happens for the affected user's desktop for the 'accesories', 'games' and 'other' submenus for not any others... no idea why. -AA. [using the account of the unaffected 'mischka' user] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496678: nautilus: Fails to start
Package: nautilus Version: 2.20.0-6 Severity: grave Justification: renders package unusable Clicking Home desktop icon results in 'Starting file browser..' button being displayed in bottom panel, but application window does not appear and button eventually disappears from panel. Typing 'nautilus' or 'nautilus --no-desktop' in terminal simply sits there and nothing happens at all. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages nautilus depends on: ii desktop-file-utils 0.15-1 Utilities for .desktop files ii gnome-control-cente 1:2.22.2.1-1 utilities to configure the GNOME d ii libart-2.0-22.3.20-2 Library of functions for 2D graphi ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit ii libbonobo2-02.22.0-1 Bonobo CORBA interfaces library ii libc6 2.7-13 GNU C Library: Shared libraries ii libcairo2 1.6.4-6 The Cairo 2D vector graphics libra ii libeel2-2.202.20.0-7 Eazel Extensions Library (for GNOM ii libesd0 0.2.36-3 Enlightened Sound Daemon - Shared ii libexempi3 2.0.1-1 library to parse XMP metadata (Lib ii libexif12 0.6.16-2.1 library to parse EXIF files ii libgail-common 1.22.3-1 GNOME Accessibility Implementation ii libgail18 1.22.3-1 GNOME Accessibility Implementation ii libgconf2-4 2.22.0-1 GNOME configuration database syste ii libglade2-0 1:2.6.2-1library to load .glade files at ru ii libglib2.0-02.16.4-2 The GLib library of C routines ii libgnome-desktop-2 2.22.3-1 Utility library for loading .deskt ii libgnome2-0 2.20.1.1-1 The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.20.1.1-1 A powerful object-oriented display ii libgnomeui-02.20.1.1-1 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 1:2.22.0-4 GNOME Virtual File System (runtime ii libgtk2.0-0 2.12.11-3The GTK+ graphical user interface ii libnautilus-extensi 2.20.0-6 libraries for nautilus components ii liborbit2 1:2.14.13-0.1libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.20.5-1 Layout and rendering of internatio ii librsvg2-2 2.22.2-2 SAX-based renderer library for SVG ii libselinux1 2.0.65-2 SELinux shared libraries ii libstartup-notifica 0.9-1library for program launch feedbac ii libtrackerclient0 0.6.6-2 metadata database, indexer and sea ii libx11-62:1.1.4-2X11 client-side library ii libxml2 2.6.32.dfsg-2+lenny1 GNOME XML library ii nautilus-data 2.20.0-6 data files for nautilus ii shared-mime-info0.30-2 FreeDesktop.org shared MIME databa Versions of packages nautilus recommends: ii app-install-data2008.07.28 Application Installer Data Files ii desktop-base4.0.7common files for the Debian Deskto ii eject 2.1.5+deb1-1 ejects CDs and operates CD-Changer ii libgnomevfs2-extra 1:2.22.0-4 GNOME Virtual File System (extra m ii librsvg2-common 2.22.2-2 SAX-based renderer library for SVG ii nautilus-cd-burner 2.20.0-1 CD Burning front-end for Nautilus ii synaptic0.62.1 Graphical package manager Versions of packages nautilus suggests: ii eog 2.22.3-1 Eye of GNOME graphics viewer progr ii evince [pdf-viewer] 2.22.2-2 Document (postscript, pdf) viewer pn fam none (no description available) ii totem 2.22.2-3 A simple media player for the GNOM pn tracker none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496346: openarena: contains lcc, which is not free software
On Tue, 26 Aug 2008 10:42:58 +0100 MJ Ray wrote: [...] lcc was mentioned on debian-legal back in August 2003 as an example of a non-free compiler in a book. See http://lists.debian.org/debian-legal/2003/08/msg00552.html Unless there's some other licence issued since, it seems pretty clearly unsuitable for debian main. LCC has already been discussed on debian-legal [1][2] because it was included in tremulous. The conclusion was indeed that LCC is non-free. Nonetheless, I see that tremulous is in contrib (not in main, at least because of its data package being in non-free) and it seems that LCC has been dropped. Its changelog [3] states: | The tools used to build the qvm files are still non-free but don't | need to be included in Debian QVM stands for Quake Virtual Machine, a bytecode interpreter, whose instruction set is derived from the bytecode interpreter target of LCC, with minor differences [4]. Hence, I think qvm files means the bytecode to be interpreted by the QVM... At the end of the day: IIUC, this means that a package in contrib (tremulous) ships DFSG-free pre-compiled bytecode (qvm files) that requires an unpackaged compiler (LCC) to be built. Which is OK, isn't it? Maybe openarena could be moved to contrib while dropping LCC in a similar way? [1] http://lists.debian.org/debian-legal/2006/04/msg00229.html [2] http://lists.debian.org/debian-legal/2006/05/msg00015.html [3] http://packages.debian.org/changelogs/pool/contrib/t/tremulous/current/changelog [4] http://icculus.org/~phaethon/q3mc/q3vm_specs.html Usual (or useless?) disclaimers: IANAL, TINLA, IANADD, TINASOTODP. -- http://frx.netsons.org/doc/index.html#nanodocs The nano-document series is here! . Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4 pgpN2OBWvrTEr.pgp Description: PGP signature
Processed: Fixing typo in the package name
Processing commands for [EMAIL PROTECTED]: reassign 496677 libgnustep-gui0.14 Bug#496677: Cairo backend unusable on 64-bit architectures Warning: Unknown package 'lubgnustep-gui0.14' Bug reassigned from package `lubgnustep-gui0.14' to `libgnustep-gui0.14'. found 496677 0.14.0-3 Bug#496677: Cairo backend unusable on 64-bit architectures Bug marked as found in version 0.14.0-3. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#483989: xserver-xorg-video-savage: system freeze while starting X
On Sun, Jun 01, 2008 at 08:49:18PM +0200, Stefan Lippers-Hollmann wrote: Yes, it is completely dead, open ssh connections trying to gather last bits from tail -f /var/log/messages stall immediately (unfortunately the notebook has no serial connectors for a serial console), pings get no answer - a hard poweroff is the only recovery. Pinging again to make sure the bug didn't disappear by chance :) Otherwise, we need to decide between: 1) reverting to 2.1.3-5 which worked fine except bug #481739 (which looks strange to me) 2) reapplying 02_temporary_revert_pciaccess.diff and reverting 5 pciaccess commits (merging all of them in the 02_revert). Not sure how stable this one would be. Maybe we can start with (2) for now, and switch to (1) as the ultimate solution if needed before Lenny gets released? Brice -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#493967: freeze exception requested for RC bug (wrong copyright file)
Vincent Danjean wrote: Hi, As Dennis Brakhane report in #493967, I made a mistake when writing debian/copyright when I started packaging mercurial: I talk about GPL-v2+ instead of GPL-v2 only. My upload 1.0.1-5 has only the debian/copyright changed (switching to the new proposal format at this occasion) [and debian/changelog of course] Can it get a freeze exception ? unblocked I also just see that upstream released on August, 13 a minor bug-fix version of mercurial. The changelist is available here: http://www.selenic.com/mercurial/wiki/index.cgi/WhatsNew Do you think that I would be allowed to package it for lenny ? If yes, I will do it immediately. If no, I will wait for the lenny release before packaging it. No, I don't think it would qualify. Note that, according to upstream, this release fix two security bugs. One (CVE-2008-2942) is already fixed in the current package (patch backported). The other one is not. Feel free to backport this second issue too if the changes are not too invasive. Cheers Luk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: severity of 493163 is serious, tagging 493163
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.35 #breaks slune and balazarbrothers severity 493163 serious Bug#493163: python-soya: Can't init sound Severity set to `serious' from `important' tags 493163 + patch Bug#493163: python-soya: Can't init sound There were no tags set. Tags added: patch End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#493163: python-soya sound patch
This is caused by the transition to openal-soft. openal-soft uses a different device name syntax than the old implementation, and as a result sound initialization fails. The attached patch just passes NULL to alcOpenDevice, which I think is good enough. -- Peter De Wachter --- a/sound/sound.pyx +++ b/sound/sound.pyx @@ -70,7 +70,7 @@ cdef int attrs[6] if _SOUND_INITED == 0: - _device = alcOpenDevice(PyString_AS_STRING(device_names)) + _device = alcOpenDevice(NULL) if _device == NULL: raise RuntimeError(Cannot create an OpenAL device!)
Bug#492310: reopening 492310, found 492310 in 2.0.0.svn20071027-4
# Automatically generated email from bts, devscripts version 2.10.29~bpo40+1 reopen 492310 # did not seem to work found 492310 2.0.0.svn20071027-4 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: reopening 492310, found 492310 in 2.0.0.svn20071027-4
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.29~bpo40+1 reopen 492310 Bug#492310: Please rebuild against openal-soft (libopenal1) 'reopen' may be inappropriate when a bug has been closed with a version; you may need to use 'found' to remove fixed versions. Bug reopened, originator not changed. # did not seem to work found 492310 2.0.0.svn20071027-4 Bug#492310: Please rebuild against openal-soft (libopenal1) Bug marked as found in version 2.0.0.svn20071027-4. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496694: python-soya: missing dependency on python-pyrex / fails to build from source
Package: python-soya Version: 0.13.2-4 Severity: serious Tags: patch soya lacks a build-dependency on python-pyrex, which causes the build system skips building the pyx files in the distribution (it uses precompiled files instead). As a result, the pyx files have bitrotted and no longer build with current pyrex. The attached patch, taken from Soya SVN (revision 391), fixes this. However, the version of pyrex in Debian generates broken code (#483035), so you should wait with uploading until that bug is fixed. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/1 CPU core) Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python-soya depends on: ii libc6 2.7-13 GNU C Library: Shared libraries ii libcal3d12 0.11.0-3 Skeletal based 3d character animat ii libfreetype62.3.7-2 FreeType 2 font engine, shared lib ii libglew1.5 1.5.0dfsg1-3 The OpenGL Extension Wrangler - ru ii libode0debian1 2:0.9-1 Open Dynamics Engine - runtime lib ii libopenal1 1:1.4.272-2 Software implementation of the Ope ii libsdl1.2debian 1.2.13-2 Simple DirectMedia Layer ii libstdc++6 4.3.1-9 The GNU Standard C++ Library v3 ii python 2.5.2-2 An interactive high-level object-o ii python-editobj 0.5.7-7 Python object editor ii python-imaging-tk 1.1.6-3 Python Imaging Library - ImageTk M ii python-support 0.8.5automated rebuilding support for P ii python-twisted-core 8.1.0-3 Event-based framework for internet ii ttf-freefont20080323-3 Freefont Serif, Sans and Mono True python-soya recommends no packages. Versions of packages python-soya suggests: pn python-soya-doc none (no description available) -- no debconf information --- a/text/text.pyx +++ b/text/text.pyx @@ -152,7 +152,7 @@ for j from 0 = j bitmap.rows: # get pixels memcpy(self._pixels + self._current_x + (self._current_y + j) * MAX_TEXTURE_SIZE, bitmap.buffer + bitmap.pitch * j, bitmap.pitch) - self._current_x = int (self._current_x + glyph.width + 5.) + self._current_x = self._current_x + (int glyph.width) + 5 glBindTexture(GL_TEXTURE_2D, self._tex_id) glTexParameteri(GL_TEXTURE_2D, GL_TEXTURE_MIN_FILTER, GL_LINEAR) --- a/cal3d/model.pyx +++ b/cal3d/model.pyx @@ -685,8 +685,11 @@ CalCoreModel_CreateCoreMaterialThread(self._core_model, i) CalCoreModel_SetCoreMaterialId(self._core_model, i, 0, i) CalCoreMaterial_SetUserData(material, CalUserData i) - - CalRenderer_GetMapUserData + + # Greg Ewing, March 2007 ([EMAIL PROTECTED]) + # Following line commented out as it wasn't doing anything and was causing + # a compiler warning. POSSIBLE BUG. + #CalRenderer_GetMapUserData # This method is split in 3 ; this is a work-around for a bug in Pyrex --- a/opengl.pyx +++ b/opengl.pyx @@ -22,6 +22,7 @@ include python.pxd cimport c_opengl +from c_opengl cimport GLenum, GLuint GL_FALSE = c_opengl.GL_FALSE GL_TRUE = c_opengl.GL_TRUE @@ -844,9 +845,8 @@ c_opengl.glScalef(x,y,z) def glGenTextures(int n): - cdef unsigned int ret + cdef GLuint ret c_opengl.glGenTextures(n,ret) - return ret def glBindTexture(int target, unsigned int texture): @@ -864,7 +864,7 @@ def glMatrixMode(int mode): c_opengl.glMatrixMode(mode) -def glMultMatrix(float mode): +def glMultMatrix(GLenum mode): c_opengl.glMultMatrix(mode) def glTexParameteri(int target, int param, int value): --- a/definitions/model/terrain.pxd +++ b/definitions/model/terrain.pxd @@ -54,7 +54,7 @@ int texcoord_type # 0: use terrainvertex texcoord, 1, 2, 3, 4: the tri use a texture generated (from blend_material), and the texcoord are (0.0, 0.0) - (1.0, 1.0) ctypedef _TerrainTri TerrainTri -ctypedef void (*terrain_drawColor_FUNC )(float*) +ctypedef void (*terrain_drawColor_FUNC )(GLfloat*) ctypedef void (*terrain_disableColor_FUNC)() ctypedef void (*terrain_enableColor_FUNC )() --- a/definitions/base.pxd +++ b/definitions/base.pxd @@ -238,29 +238,30 @@ NETWORK_STATE_HAS_POSITION = 1 0 NETWORK_STATE_HAS_SCALING = 1 1 -ctypedef struct Frustum: -## Frustum -## points : -## 15---12 -## |\ /| -## | \ / | -## | 3---0 | -## | | | | -## | 6---9 | -## | /
Bug#496592: marked as done (linuxtrade: Dysfunctional package?)
Your message dated Tue, 26 Aug 2008 20:15:51 +0100 with message-id [EMAIL PROTECTED] and subject line linuxtrade has been removed from Debian, closing #496592 has caused the Debian Bug report #496592, regarding linuxtrade: Dysfunctional package? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496592: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496592 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: linuxtrade Severity: grave Justification: renders package unusable When investigating the temp file issue reported on it, I tried to run linuxtrade, but the connection to scottrader.com hangs and no login is possible (I used the guest account which was displayed) Since upstream went non-free some time ago and web sites are in constant flux, this package seems not useful anymore. Dirk, does it work for you, e.g. which a full-blown scottrader account? Cheers, Moritz -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core) Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash ---End Message--- ---BeginMessage--- Version: 3.65-8+rm The linuxtrade package has been removed from Debian testing, unstable and experimental, so I am now closing the bugs that were still opened against it. For more information about this package's removal, read http://bugs.debian.org/496646 . That bug might give the reasons why this package was removed, and suggestions of possible replacements. Don't hesitate to reply to this mail if you have any question. Thank you for your contribution to Debian. -- Marco Rodrigues http://Marco.Tondela.org ---End Message---
Bug#496372: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 20:15:48 +0100 with message-id [EMAIL PROTECTED] and subject line linuxtrade has been removed from Debian, closing #496372 has caused the Debian Bug report #496372, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496372: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496372 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: linuxtrade Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file:
Bug#496438: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 20:16:59 +0100 with message-id [EMAIL PROTECTED] and subject line cdcontrol has been removed from Debian, closing #496438 has caused the Debian Bug report #496438, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496438: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496438 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: cdcontrol Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file:
Bug#496432: marked as done (The possibility of attack with the help of symlinks in some Debian packages)
Your message dated Tue, 26 Aug 2008 20:19:11 +0100 with message-id [EMAIL PROTECTED] and subject line ibackup has been removed from Debian, closing #496432 has caused the Debian Bug report #496432, regarding The possibility of attack with the help of symlinks in some Debian packages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496432: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496432 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: ibackup Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlink with the same name in this directory in order to destroy or rewrite some system or user file. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Even if you create files or directories with help of function 'RANDOM' or pid(), then your system is not protected. Attacker can create many symlinks in order to destroy your data or create 'denial of service' for your package scripts. Even if you make rm(dir) for files/directories, then your system is not protected. Attacker can permanently create symlinks. This list is created with the help of script. This list is sorted by hand. Howewer in some cases mistake is possible. Please, Be understanding to possible mistakes. :) I set Severity into grave for this bug. The table of discovered problems is below. Discussion of this bug you can see in debian-devel@: http://lists.debian.org/debian-devel/2008/08/msg00271.html Binary-package: r-base-core-ra (1.1.1-1) file: /usr/lib/Ra/lib/R/bin/javareconf Binary-package: rccp (0.9-2) file: /usr/lib/rccp/delqueueask Binary-package: mafft (6.240-1) file: /usr/bin/mafft-homologs Binary-package: openoffice.org-common (1:2.4.1-6) file: /usr/lib/openoffice/program/senddoc Binary-package: crossfire-maps (1.11.0-1) file: /usr/share/games/crossfire/maps/Info/combine.pl Binary-package: sgml2x (1.0.0-11.1) file: /usr/bin/rlatex Binary-package: liguidsoap (0.3.6-4) file: /var/lib/liguidsoap/liguidsoap.py Binary-package: citadel-server (7.37-1) file: /usr/lib/citadel-server/migrate_aliases.sh Binary-package: ampache (3.4.1-1) file: /usr/share/ampache/www/locale/base/gather-messages.sh Binary-package: xen-utils-3.2-1 (3.2.1-2) file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug Binary-package: dtc-common (0.29.6-1) file: /usr/share/dtc/admin/accesslog.php file: /usr/share/dtc/admin/sa-wrapper Binary-package: honeyd-common (1.5c-3) file: /usr/share/honeyd/scripts/test.sh Binary-package: lustre-tests (1.6.5-1) file: /usr/lib/lustre/tests/runiozone Binary-package: linuxtrade (3.65-8+b4) file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol file: /usr/share/linuxtrade/bin/linuxtrade.wn file: /usr/share/linuxtrade/bin/moneyam.helper Binary-package: freevo (1.8.1-0) file: /usr/bin/freevo.real Binary-package: fml (4.0.3.dfsg-2) file: /usr/share/fml/libexec/mead.pl Binary-package: rkhunter (1.3.2-3) file: /usr/bin/rkhunter Binary-package: openswan (1:2.4.12+dfsg-1.1) file: /usr/lib/ipsec/livetest Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest Binary-package: aptoncd (0.1-1.1) file: /usr/share/aptoncd/xmlfile.py Binary-package: cdcontrol (1.90-1.1) file: /usr/lib/cdcontrol/writtercontrol Binary-package: newsgate (1.6-23) file: /usr/bin/mkmailpost Binary-package: gpsdrive-scripts (2.10~pre4-3) file: /usr/bin/geo-code Binary-package: impose+ (0.2-11) file: /usr/bin/impose Binary-package: mgt (2.31-5) file: /usr/games/mailgo Binary-package: audiolink (0.05-1) file: /usr/bin/audiolink Binary-package: ibackup (2.27-4.1) file: /usr/bin/ibackup Binary-package: emacspeak (26.0-3) file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl Binary-package: bk2site (1:1.1.9-3.1) file: /usr/lib/cgi-bin/bk2site/redirect.pl Binary-package: datafreedom-perl (0.1.7-1) file: /usr/bin/dfxml-invoice Binary-package: emacs-jabber (0.7.91-1) file:
Bug#496698: FTBFS: insufficient build-depends (file gcj-dbtool)
Source: openoffice.org Version: 1:3.0.0~ooo300m3-2 Severity: serious Tags: experimental Hello, openoffice.org in experimental failed to build with the following message: for jar in xmerge.jar.1.jar; do \ /usr/bin/gcj-dbtool-4.3 -f xmerge.jar.db $jar \ /usr/lib/gcj/openoffice/xmerge.jar.so; \ done make[1]: Leaving directory `/build/buildd/openoffice.org-3.0.0~ooo300m3/debian/tmp/native-jars/gcj' gcj-dbtool -n debian/tmp/native-jars/tmp.db 64 /bin/bash: gcj-dbtool: command not found make: *** [debian/stampdir/native-jars] Error 127 dpkg-buildpackage: failure: /usr/bin/fakeroot debian/rules binary-arch gave error exit status 2 ** Build finished at 20080825-0146 FAILED [dpkg-buildpackage died] -- It is trying to execute command gcj-dbtool which is contained in package gij, but doesn't build-depend on it. Alternatively, it could call gcj-dbtool-4.3 instead, which is in the package gij-4.3. Regards Jiri Palecek -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#332782: Release Notes: license clarification
On Tue, Aug 26, 2008 at 07:26:38PM +0200, Luk Claes wrote: But, in such an (unlikely) court battle the onus would be on them to prove that the stuff they committed was both copyrightable in the first place as well as not infringing on previous work (which they apparently didn't have any license to modify). Nope, without a license the contributor could ask for compensation per copy that was distributed if the court would agree that he has copyright on it and we didn't have permission to distribute it (which is not far fetched at all without having a license...). As I said above... they could hardly claim copyright on modifications which they made without a license. -- 2. That which causes joy or happiness. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging 496144, reassign 496144 to libxml2, forcibly merging 496125 496144
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.35 tags 496144 - moreinfo Bug#496144: gdmgreeter: gdmgreeter segfault after installing nvidia proprietary drivers Tags were: moreinfo Tags removed: moreinfo reassign 496144 libxml2 Bug#496144: gdmgreeter: gdmgreeter segfault after installing nvidia proprietary drivers Bug reassigned from package `gdm' to `libxml2'. forcemerge 496125 496144 Bug#496125: libxml2: security fix does double free / segfaults (breaks Gnome apps) Bug#496144: gdmgreeter: gdmgreeter segfault after installing nvidia proprietary drivers Bug#491461: vim-gtk: gvim receives an immediate segmentation fault and does not start Bug#496136: gnome-panel: menu Applications, System etc hangs when selecting Bug#496163: AI-written SVG icons cause segfaults?! Bug#496178: debian lenny: after upgrade, gdm failed to start Bug#496190: gnome-panel: Memory corruption Bug#496311: gdmgreeter, gnome-panel, metacity segfault at c ip b74750a0 sp bfb43480 error 4 in libc-2.7.so Forcibly Merged 491461 496125 496136 496144 496163 496178 496190 496311. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#493263: marked as done (timidity brokes splashy)
Your message dated Tue, 26 Aug 2008 19:47:05 + with message-id [EMAIL PROTECTED] and subject line Bug#493263: fixed in timidity 2.13.2-20 has caused the Debian Bug report #493263, regarding timidity brokes splashy to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 493263: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493263 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: timidity Version: 2.13.2-19 Severity: critical Justification: breaks unrelated software splashy just works really fine if i don't have timidity installed, if so it hangs and don't show kde the pogressbar stucks at 95% why? cause S99timidity is there but i don't know what to do in order to fix it... i use sound konverter and it depends on timidity and as lenny is comming out i think it should be fixed soon. Thanks Daniel. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (900, 'testing'), (600, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages timidity depends on: pn freepats none(no description available) ii libartsc0 1.5.9-2 aRts sound system C support librar ii libasound2 1.0.17-1 ALSA library ii libaudio2 1.9.1-4 Network Audio System - shared libr ii libaudiofile0 0.2.6-7 Open-source version of SGI's audio ii libc6 2.7-10GNU C Library: Shared libraries ii libesd00.2.36-3 Enlightened Sound Daemon - Shared ii libflac8 1.2.1-1.2 Free Lossless Audio Codec - runtim ii libglib2.0-0 2.17.4-1 The GLib library of C routines ii libice62:1.0.4-1 X11 Inter-Client Exchange library ii libjack0 0.109.2-3 JACK Audio Connection Kit (librari ii libncurses55.6+20080713-1shared libraries for terminal hand ii libogg01.1.3-4 Ogg Bitstream Library ii libpng12-0 1.2.27-1 PNG library - runtime ii libsm6 2:1.1.0-1 X11 Session Management library ii libvorbis0a1.2.0.dfsg-3.1The Vorbis General Audio Compressi ii libvorbisenc2 1.2.0.dfsg-3.1The Vorbis General Audio Compressi ii libx11-6 2:1.1.4-2 X11 client-side library ii libxaw72:1.0.4-2 X11 Athena Widget library ii libxext6 2:1.0.4-1 X11 miscellaneous extension librar ii libxmu62:1.0.4-1 X11 miscellaneous utility library ii libxt6 1:1.0.5-3 X11 toolkit intrinsics library ii lsb-base 3.2-12Linux Standard Base 3.2 init scrip ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime timidity recommends no packages. Versions of packages timidity suggests: pn pmidi none (no description available) ---End Message--- ---BeginMessage--- Source: timidity Source-Version: 2.13.2-20 We believe that the bug you reported is fixed in the latest version of timidity, which is due to be installed in the Debian FTP archive: timidity-el_2.13.2-20_all.deb to pool/main/t/timidity/timidity-el_2.13.2-20_all.deb timidity-interfaces-extra_2.13.2-20_i386.deb to pool/main/t/timidity/timidity-interfaces-extra_2.13.2-20_i386.deb timidity_2.13.2-20.diff.gz to pool/main/t/timidity/timidity_2.13.2-20.diff.gz timidity_2.13.2-20.dsc to pool/main/t/timidity/timidity_2.13.2-20.dsc timidity_2.13.2-20_i386.deb to pool/main/t/timidity/timidity_2.13.2-20_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joost Yervante Damad [EMAIL PROTECTED] (supplier of updated timidity package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 05 Aug 2008 19:54:19 +0200 Source: timidity Binary: timidity timidity-interfaces-extra timidity-el Architecture: source all
Processed: Fixed by DSA-1631-2
Processing commands for [EMAIL PROTECTED]: reassign 496538 libxml2 Bug#496538: gnome-themes-extras: Bad SVGs in /usr/share/icons/Gorilla/scalable/mimetypes/ Bug reassigned from package `gnome-themes-extras' to `libxml2'. forcemerge 496125 496538 Bug#496125: libxml2: security fix does double free / segfaults (breaks Gnome apps) Bug#496538: gnome-themes-extras: Bad SVGs in /usr/share/icons/Gorilla/scalable/mimetypes/ Bug#491461: vim-gtk: gvim receives an immediate segmentation fault and does not start Bug#496136: gnome-panel: menu Applications, System etc hangs when selecting Bug#496144: gdmgreeter: gdmgreeter segfault after installing nvidia proprietary drivers Bug#496163: AI-written SVG icons cause segfaults?! Bug#496178: debian lenny: after upgrade, gdm failed to start Bug#496190: gnome-panel: Memory corruption Bug#496311: gdmgreeter, gnome-panel, metacity segfault at c ip b74750a0 sp bfb43480 error 4 in libc-2.7.so Forcibly Merged 491461 496125 496136 496144 496163 496178 496190 496311 496538. found 496125 2.6.27.dfsg-3 Bug#496125: libxml2: security fix does double free / segfaults (breaks Gnome apps) Bug#491461: vim-gtk: gvim receives an immediate segmentation fault and does not start Bug#496136: gnome-panel: menu Applications, System etc hangs when selecting Bug#496144: gdmgreeter: gdmgreeter segfault after installing nvidia proprietary drivers Bug#496163: AI-written SVG icons cause segfaults?! Bug#496178: debian lenny: after upgrade, gdm failed to start Bug#496190: gnome-panel: Memory corruption Bug#496311: gdmgreeter, gnome-panel, metacity segfault at c ip b74750a0 sp bfb43480 error 4 in libc-2.7.so Bug#496538: gnome-themes-extras: Bad SVGs in /usr/share/icons/Gorilla/scalable/mimetypes/ Bug marked as found in version 2.6.27.dfsg-3. fixed 496125 2.6.27.dfsg-4 Bug#496125: libxml2: security fix does double free / segfaults (breaks Gnome apps) Bug#491461: vim-gtk: gvim receives an immediate segmentation fault and does not start Bug#496136: gnome-panel: menu Applications, System etc hangs when selecting Bug#496144: gdmgreeter: gdmgreeter segfault after installing nvidia proprietary drivers Bug#496163: AI-written SVG icons cause segfaults?! Bug#496178: debian lenny: after upgrade, gdm failed to start Bug#496190: gnome-panel: Memory corruption Bug#496311: gdmgreeter, gnome-panel, metacity segfault at c ip b74750a0 sp bfb43480 error 4 in libc-2.7.so Bug#496538: gnome-themes-extras: Bad SVGs in /usr/share/icons/Gorilla/scalable/mimetypes/ Bug marked as fixed in version 2.6.27.dfsg-4. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#494244: marked as done (xsupplicant: FTBFS: configure: error: header file linux/wireless.h is required for Xsupplicant.)
Your message dated Tue, 26 Aug 2008 15:18:49 -0500 with message-id [EMAIL PROTECTED] and subject line xsupplicant removed from the archive has caused the Debian Bug report #494244, regarding xsupplicant: FTBFS: configure: error: header file linux/wireless.h is required for Xsupplicant. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 494244: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494244 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems ---BeginMessage--- Package: xsupplicant Version: 1.2.4.dfsg.1-7 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20080807 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: /usr/bin/fakeroot debian/rules clean dh_testdir dh_testroot rm -f build-stamp rm -f doc/Open1x-UserGuide.html doc/Open1x-UserGuide.pdf \ doc/Open1x-UserGuide.txt [ ! -f Makefile ] || /usr/bin/make distclean #rm -f src/os_cardif.c rm -f src/core.c rm -f src/cardif/Makefile.am cp -f /usr/share/misc/config.sub config.sub cp -f /usr/share/misc/config.guess config.guess dh_clean dpkg-source -b xsupplicant-1.2.4.dfsg.1-7 dpkg-source: warning: source directory 'xsupplicant-1.2.4.dfsg.1-7' is not sourcepackage-upstreamversion 'xsupplicant-1.2.4.dfsg.1' dpkg-source: warning: .orig directory name xsupplicant-1.2.4.dfsg.1-7.orig is not package-upstreamversion (wanted xsupplicant-1.2.4.dfsg.1.orig) dpkg-source: info: using source format `1.0' dpkg-source: info: building xsupplicant using existing xsupplicant_1.2.4.dfsg.1.orig.tar.gz dpkg-source: info: building xsupplicant in xsupplicant_1.2.4.dfsg.1-7.diff.gz dpkg-source: info: building xsupplicant in xsupplicant_1.2.4.dfsg.1-7.dsc debian/rules build dh_testdir aclocal-1.9 automake-1.9 autoconf CFLAGS=-Wall -g -O2 ./configure --host=i486-linux-gnu --build=i486-linux-gnu --prefix=/usr --enable-maintainer-mode checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for gawk... no checking for mawk... mawk checking whether make sets $(MAKE)... yes checking whether to enable maintainer-specific portions of Makefiles... yes checking build system type... i486-pc-linux-gnu checking host system type... i486-pc-linux-gnu checking for i486-linux-gnu-ranlib... no checking for ranlib... ranlib checking for i486-linux-gnu-gcc... i486-linux-gnu-gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether i486-linux-gnu-gcc accepts -g... yes checking for i486-linux-gnu-gcc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of i486-linux-gnu-gcc... gcc3 checking for bison... bison -y checking for flex... flex checking lex output file root... lex.yy checking lex library... -lfl checking whether yytext is a pointer... yes checking how to run the C preprocessor... i486-linux-gnu-gcc -E checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking whether byte ordering is bigendian... no checking user defined path to OpenSSL... checking user defined path to OpenSSL libraries... checking user defined path to OpenSSL headers... checking Operating System... Linux checking sys/socket.h usability... yes checking sys/socket.h presence... yes checking for sys/socket.h... yes checking for linux/wireless.h... no configure: error: header file linux/wireless.h is required for Xsupplicant. make: *** [config.status] Error 1 The full build log is available from: http://people.debian.org/~lucas/logs/2008/08/07 A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot containing a sid i386 environment. Internet was not accessible from the build systems. -- | Lucas
Processed: Re: Bug#496698: FTBFS: insufficient build-depends (file gcj-dbtool)
Processing commands for [EMAIL PROTECTED]: merge 496480 496698 Bug#496480: openoffice.org_1:3.0.0~ooo300m3-2(experimental/i386/demosthenes): gcj-dbtool: command not found Bug#496698: FTBFS: insufficient build-depends (file gcj-dbtool) Merged 496480 496698. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496698: FTBFS: insufficient build-depends (file gcj-dbtool)
merge 496480 496698 thanks Hi, Jiří Paleček wrote: openoffice.org in experimental failed to build with the following message: for jar in xmerge.jar.1.jar; do \ /usr/bin/gcj-dbtool-4.3 -f xmerge.jar.db $jar \ /usr/lib/gcj/openoffice/xmerge.jar.so; \ done make[1]: Leaving directory `/build/buildd/openoffice.org-3.0.0~ooo300m3/debian/tmp/native-jars/gcj' gcj-dbtool -n debian/tmp/native-jars/tmp.db 64 /bin/bash: gcj-dbtool: command not found make: *** [debian/stampdir/native-jars] Error 127 dpkg-buildpackage: failure: /usr/bin/fakeroot debian/rules binary-arch gave error exit status 2 ** Build finished at 20080825-0146 FAILED [dpkg-buildpackage died] -- How is that different to 496480 which already was filed days ago and is marked pending right now? Next time please actually look at the BTS before filing another bug. It's not as if RC bugs Thanks. It is trying to execute command gcj-dbtool which is contained in package gij, but doesn't build-depend on it. Alternatively, it could call gcj-dbtool-4.3 instead, which is in the package gij-4.3. No, the latter option was there before the switch to OpenJDK, but I don't want to build-depend on a specific gij version when I am not using gij directly (and for aot-compiling I am using j-g-c-dev which uses gij-4.3, if that changes and I hardcode -4.3...) Regards, Rene -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#494404: patch + comments on cl-geodesics
On Tue, 26 Aug 2008 01:08:53 +0200 Luca Capello [EMAIL PROTECTED] wrote: OTOH, if you decide to keep it, there are a few other problems I noticed: - utilities.lisp doesn't have an IN-PACKAGE form, so it gets loaded in whatever random package happens to be active. Since it's loaded by all the three subsystems, I'd say it's correct. Well, consider this transcript: * (defpackage :foo (:use :common-lisp)) #PACKAGE FOO * (in-package :foo) #COMMON-LISP:PACKAGE FOO * (require :geodesics) ..lots of compiling.. * (apropos :foo) ..lots of symbols defined in utilities.lisp.. Utilities.lisp clobbers variables and functions in whatever package the user happened to be in, that can't be right. And re-loading the geodesics fasls won't work if that :foo package no longer exists. - The GD-STATIC-EQUAL, GD-STATIC-UNEQUAL and GD-COSMOLOGICAL systems each define the same symbols in the GEODESICS package, so they can't be loaded simultaneously. But that's exactly what the GEODESICS system does. I think each of the GD-* systems needs to live in a separate package? I guess the idea was to having to load only one system instead of three. It can also be possible to split geodesics.asd in three different files, one for each subsystem, still providing the old geodesics.asd which loads the three. But those three systems define functions with the exact same names: geodesics:a geodesics:da/dt geodesics:adash geodesics:n geodesics:dn/dt geodesics:ndash If you load GD-STATIC-UNEQUAL after GD-STATIC-EQUAL, you'll redefine GD-STATIC-EQUAL's functions. If you next load GD-COSMOLOGICAL, you'll just redefine them again. A system that loads more than one of these three is nonsensical. -- Peter De Wachter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496544: RFS: reportbug-ng (closes RC #496544)
Dear all, I need sponsorship for a NMU that closes RC bug #496544 of the native package reportbug-ng. Do I have to ask for a release freeze, or would that be the sponsor? This NMU fixes the breakage of bug-triage (#496536; potentially other as well). I attach the patch with the changes (all of which are required for fixing the RC bug). http://www.cs.man.ac.uk/~zanikols/deb/reportbug-ng_1.1+nmu1.dsc Cheers, Serafeim diff -r -u reportbug-ng-1.1.orig/debian/changelog reportbug-ng-1.1+nmu1/debian/changelog --- reportbug-ng-1.1.orig/debian/changelog 2008-07-28 11:38:35.0 +0100 +++ reportbug-ng-1.1+nmu1/debian/changelog 2008-08-26 20:35:51.0 +0100 @@ -1,3 +1,10 @@ +reportbug-ng (1.1+nmu1) unstable; urgency=low + + * Non-maintainer upload. + * Don't pollute python sys.path with private modules (Closes: #496544). + + -- Serafeim Zanikolas [EMAIL PROTECTED] Tue, 26 Aug 2008 20:27:57 +0100 + reportbug-ng (1.1) unstable; urgency=low * Added settings window which allows to chose the default MUA, the colors diff -r -u reportbug-ng-1.1.orig/src/Makefile reportbug-ng-1.1+nmu1/src/Makefile --- reportbug-ng-1.1.orig/src/Makefile 2008-07-28 11:38:35.0 +0100 +++ reportbug-ng-1.1+nmu1/src/Makefile 2008-08-26 20:27:22.0 +0100 @@ -10,8 +10,8 @@ $(MAKE) install -C $$i; \ done - mkdir -p $(DESTDIR)/usr/share/python-support/reportbug-ng - cp *.py $(DESTDIR)/usr/share/python-support/reportbug-ng/ + mkdir -p $(DESTDIR)/usr/share/python-support/reportbug-ng/reportbug_ng/ + cp *.py $(DESTDIR)/usr/share/python-support/reportbug-ng/reportbug_ng/ mkdir -p $(DESTDIR)/usr/bin cp reportbug-ng $(DESTDIR)/usr/bin/reportbug-ng diff -r -u reportbug-ng-1.1.orig/src/reportbug-ng reportbug-ng-1.1+nmu1/src/reportbug-ng --- reportbug-ng-1.1.orig/src/reportbug-ng 2008-07-28 11:38:36.0 +0100 +++ reportbug-ng-1.1+nmu1/src/reportbug-ng 2008-08-26 20:45:34.0 +0100 @@ -24,7 +24,7 @@ import logging from optparse import OptionParser from PyQt4 import QtCore, QtGui -from rnggui import RngGui +from reportbug_ng.rnggui import RngGui if __name__ == __main__: # Get Options diff -r -u reportbug-ng-1.1.orig/src/rnggui.py reportbug-ng-1.1+nmu1/src/rnggui.py --- reportbug-ng-1.1.orig/src/rnggui.py 2008-07-28 11:38:36.0 +0100 +++ reportbug-ng-1.1+nmu1/src/rnggui.py 2008-08-26 20:37:20.0 +0100 @@ -21,11 +21,11 @@ from PyQt4 import QtCore, QtGui -from ui import mainwindow -from ui import submitdialog -import rnghelpers as rng +from reportbug_ng.ui import mainwindow +from reportbug_ng.ui import submitdialog +import reportbug_ng.rnghelpers as rng import debianbts as bts -from rngsettings import RngSettings +from reportbug_ng.rngsettings import RngSettings class RngGui(QtGui.QMainWindow, mainwindow.Ui_MainWindow): diff -r -u reportbug-ng-1.1.orig/src/rngsettings.py reportbug-ng-1.1+nmu1/src/rngsettings.py --- reportbug-ng-1.1.orig/src/rngsettings.py 2008-07-28 11:38:36.0 +0100 +++ reportbug-ng-1.1+nmu1/src/rngsettings.py 2008-08-26 20:37:50.0 +0100 @@ -19,9 +19,9 @@ from PyQt4 import QtCore, QtGui -from ui import settings -import rnghelpers as rng -from rnghelpers import Settings +from reportbug_ng.ui import settings +import reportbug_ng.rnghelpers as rng +from reportbug_ng.rnghelpers import Settings class RngSettings(QtGui.QDialog, settings.Ui_Dialog): diff -r -u reportbug-ng-1.1.orig/src/ui/Makefile reportbug-ng-1.1+nmu1/src/ui/Makefile --- reportbug-ng-1.1.orig/src/ui/Makefile 2008-07-28 11:38:36.0 +0100 +++ reportbug-ng-1.1+nmu1/src/ui/Makefile 2008-08-26 20:43:41.0 +0100 @@ -22,8 +22,8 @@ $(PYUIC) $ -o $@ install: - mkdir -p $(DESTDIR)/usr/share/python-support/reportbug-ng/ui - cp -r *.py $(DESTDIR)/usr/share/python-support/reportbug-ng/ui/ + mkdir -p $(DESTDIR)/usr/share/python-support/reportbug-ng/reportbug_ng/ui + cp -r *.py $(DESTDIR)/usr/share/python-support/reportbug-ng/reportbug_ng/ui/ clean: rm -f $(GUI_CLASSES) $(RCCS) $(PYRCCS)
Bug#494031: Signal handlers not working?
Hi,
I dug a little bit into the code and it seems that the problem is
caused by this macro defined in Utilities/hdf5/H5detect.c:
#if defined(H5_HAVE_LONGJMP) defined(H5_HAVE_SIGNAL)
#define ALIGNMENT(TYPE,INFO) { \
char*volatile _buf=NULL; \
volatile TYPE _val=1; \
volatile TYPE _val2; \
volatile size_t _ano=0; \
void(*_handler)(int) = signal(SIGBUS, sigbus_handler);\
void(*_handler2)(int) = signal(SIGSEGV, sigsegv_handler); \
\
_buf = (char*)malloc(sizeof(TYPE)+align_g[NELMTS(align_g)-1]); \
if (setjmp(jbuf_g)) _ano++; \
if (_anoNELMTS(align_g)) { \
*((TYPE*)(_buf+align_g[_ano])) = _val; /*possible SIGBUS or SEGSEGV*/ \
_val2 = *((TYPE*)(_buf+align_g[_ano])); /*possible SIGBUS or SEGSEGV*/ \
[...]
It tries to set the signal handlers for SIGBUS and SIGSEGV and then
try various casts in an attempt to detect the alignment requirements.
So, SIGBUS/SIGSEGV appears to be intentional, except that they are
supposed to be caught by signal handlers, and not terminate the build.
The signal(2) man page includes the following information:
The only portable use of signal() is to set a signal's disposition to
SIG_DFL or
SIG_IGN. The semantics when using signal() to establish a signal
handler vary
across systems (and POSIX.1 explicitly permits this variation); do not
use it
for this purpose.
Current theory is that setting signal handlers via signal() does not
work in Debian for some reason. I'll try to rewrite this code using
sigaction interface to see if it helps.
Cheers.
--
Jurij Smakov [EMAIL PROTECTED]
Key: http://www.wooyd.org/pgpkey/ KeyID: C99E03CC
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
