Bug#525048: [PATCH] sort -m: don't segfault when output file is also an input file

[Jim Meyering]

Thanks to Otavio Salvador for finding/reporting this.

Here's the patch I'm considering:

>From 570beb56f58bb087a614af885bec7e9cf6b19423 Mon Sep 17 00:00:00 2001
From: Jim Meyering 
Date: Wed, 22 Apr 2009 08:45:27 +0200
Subject: [PATCH] sort -m: don't segfault when output file is also an input file

* src/sort.c (avoid_trashing_input): Fix an off-by-one error and
guard the use of memmove.
* NEWS (Bug fixes): Mention it.
* tests/misc/sort: Add tests to exercise the offending code.
* THANKS: Update.
Reported by Otavio Salvador in http://bugs.debian.org/525048.
---
 NEWS|6 +-
 THANKS  |1 +
 src/sort.c  |   10 ++
 tests/misc/sort |   17 -
 4 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/NEWS b/NEWS
index 5951bb5..ee44a23 100644
--- a/NEWS
+++ b/NEWS
@@ -1,9 +1,13 @@
 GNU coreutils NEWS-*- outline -*-

-* Noteworthy changes in release ?.? (-??-??) [?]
+* Noteworthy changes in release 7.3 (-??-??) [?]

 ** Bug fixes

+  sort -m no longer segfaults when its output file is also an input file.
+  E.g., with this, touch 1; sort -m -o 1 1, sort would segfault.
+  [introduced in coreutils-7.2]
+
   ls now aligns output correctly in the presence of abbreviated month
   names from the locale database that have differing widths.

diff --git a/THANKS b/THANKS
index fe523fe..876a6b6 100644
--- a/THANKS
+++ b/THANKS
@@ -435,6 +435,7 @@ Ole Laursen o...@hardworking.dk
 Oliver Kiddle   okid...@yahoo.co.uk
 Ørn E. Hansen   oehan...@daimi.aau.dk
 Oskar Liljeblad o...@hem.passagen.se
+Otavio Salvador ota...@ossystems.com.br
 Pádraig Brady   p...@draigbrady.com
 Patrick Mauritz oxyg...@studentenbude.ath.cx
 Paul D. Smith   psm...@gnu.org
diff --git a/src/sort.c b/src/sort.c
index 2e6ce87..f48d727 100644
--- a/src/sort.c
+++ b/src/sort.c
@@ -1,5 +1,5 @@
 /* sort - sort lines of text (with all kinds of options).
-   Copyright (C) 1988, 1991-2008 Free Software Foundation, Inc.
+   Copyright (C) 1988, 1991-2009 Free Software Foundation, Inc.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -2602,18 +2602,20 @@ avoid_trashing_input (struct sortfile *files, size_t 
ntemps,
  pid_t pid;
  char *temp = create_temp (&tftp, &pid);
  size_t num_merged = 0;
- while (i + num_merged < nfiles)
+ do
{
  num_merged += mergefiles (&files[i], 0, nfiles - i, tftp, temp);
  files[i].name = temp;
  files[i].pid = pid;

- memmove(&files[i], &files[i + num_merged],
- num_merged * sizeof *files);
+ if (i + num_merged < nfiles)
+   memmove(&files[i + 1], &files[i + num_merged],
+   num_merged * sizeof *files);
  ntemps += 1;
  nfiles -= num_merged - 1;;
  i += num_merged;
}
+ while (i < nfiles);
}
 }

diff --git a/tests/misc/sort b/tests/misc/sort
index 4f377df..a27f47a 100755
--- a/tests/misc/sort
+++ b/tests/misc/sort
@@ -1,6 +1,6 @@
 #!/usr/bin/perl

-# Copyright (C) 2008 Free Software Foundation, Inc.
+# Copyright (C) 2008, 2009 Free Software Foundation, Inc.

 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -339,6 +339,21 @@ my @Tests =
 ["sort-numeric", '--sort=numeric', {IN=>".01\n0\n"}, {OUT=>"0\n.01\n"}],
 ["sort-gennum", '--sort=general-numeric',
   {IN=>"1e2\n2e1\n"}, {OUT=>"2e1\n1e2\n"}],
+
+# -m with output file also used as an input file
+# In coreutils-7.2, this caused a segfault.
+# This test looks a little strange.  Here's why:
+# since we're using "-o f", standard output will be empty, hence OUT=>''
+# We still want to ensure that the output file, "f" has expected contents,
+# hence the added CMP=> directive.
+["output-is-input", '-m -o f', {IN=> {f=> "a\n"}}, {OUT=>''},
+ {CMP=> ["a\n", {'f'=> undef}]} ],
+["output-is-input-2", '-m -o f', {OUT=>''},
+ {IN=> {f=> "a\n"}}, {IN=> {g=> "b\n"}}, {IN=> {h=> "c\n"}},
+ {CMP=> ["a\nb\nc\n", {'f'=> undef}]} ],
+["output-is-input-3", '-m -o f', {OUT=>''},
+ {IN=> {g=> "a\n"}}, {IN=> {h=> "b\n"}}, {IN=> {f=> "c\n"}},
+ {CMP=> ["a\nb\nc\n", {'f'=> undef}]} ],
 );

 # Add _POSIX2_VERSION=199209 to the environment of each test
--
1.6.3.rc1.205.g37f8



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524566: Non-DFSG files distributed in fluidsynth package

[Luk Claes]

David Henningsson wrote:

Hello Release team,

while working on adopting my first package (fluidsynth), non-DFSG files
were discovered in all releases of fluidsynth, both unstable, testing,
stable and oldstable. (bug: #524566)

The non-DFSG files is a soundfont and some documentation, and is only
included in the upstream tarball, so no binary packages are affected.

I could use some advice on how to proceed, and possibly some assistance
as well.


I would propose to fix it first in unstable (by repacking upstream 
tarball by removing the files an recreating the tarball and using 
another upstream version in debian/changelog like adding .dfsg.1). If 
that worked out ok, feel free to do similar things for the version in 
stable and oldstable.


Cheers

Luk



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#521394: Pre-approval for heartbeat stable-proposed-updates upload (2.1.3-6lenny3)

[Luk Claes]

Simon Horman wrote:

Hi,

I would like to upload a(nother) fresh version of heartbeat to fix
a but in the o2cf resource. Without the simple fix suggested
by Michel, the script is completely broken - though I should
not that the script was first deprecated and more recently
removed from upstream.


So maybe it's better to not fix it in stable as it's deprecated anyway?

Cheers

Luk



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525096: get-config-dir never called if -z $monserver

[Michael Tautschnig]

Package: fai-client
Version: 3.2.18
Severity: serious
Tags: patch
Justification: major component is broken

A small code re-arrangement in r5338 caused fai to skip the call to
get-config-dir if the following return is taken (from task_confdir in
subroutines-linux):
 
 78 # check if monitor server is available
 79 [ -z "$monserver" ] && monserver=$SERVER
 80 if [ -z "$monserver" ]; then
 81   echo "No monitor daemon defined."
 82   return
 83 fi

As of r5338, get-config-dir is called in task_confdir, but _after_ these lines
of code. Therefore it will never be called and no config space is fetched. Note
that monserver will be empty on softupdates, dirinstalls or installs using a
fixed IP configuration, unless set explicitly.

Of course, softupdates without an updated config space are quite useless (note
that there is _some_ config space available when using a storage other than NFS,
its just not up-to-date).

A bugfix for this issue is attached and also included in 3.2.18+experimental27.

Best,
Michael

2009-04-22  Michael Tautschnig  

* subroutines-linux: get-config-dir was never run if -z $monserver, 
which may
be the case when no DHCP was done (dirinstall, softupdates, or 
install using
fixed IP); problem was introduced by patch in r5338.
Index: trunk/lib/subroutines-linux
===
--- trunk.orig/lib/subroutines-linux
+++ trunk/lib/subroutines-linux 
@@ -79,8 +79,8 @@
 [ -z "$monserver" ] && monserver=$SERVER
 if [ -z "$monserver" ]; then
echo "No monitor daemon defined."
-   return
-fi
+  faimond=0
+else
 faimond=1
 sendhostname=$HOSTNAME # save current hostname
 if sendmon check; then
@@ -90,6 +90,7 @@
faimond=0
echo "Can't connect to monserver on $monserver port 4711. Monitoring 
disabled."
 fi
+fi
 
 get-config-dir || {
echo "Problems accessing the config space."


pgp54R3Y7n71D.pgp
Description: PGP signature

Bug#524778: marked as done (Remote code execution via preg_replace in html2text.php)

[Debian Bug Tracking System]

Your message dated Wed, 22 Apr 2009 06:02:14 +
with message-id 
and subject line Bug#524778: fixed in mahara 1.1.3-1
has caused the Debian Bug report #524778,
regarding Remote code execution via preg_replace in html2text.php
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
524778: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524778
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: mahara
Version: 1.1.2-1
Severity: important
Tags: security patch

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

mahara is using the vulnerable version of html2text,
which could lead to code execution attacks, the same of CVE-2008-5619 in 
roundcube.

The patch for this issue can be found at [1]

I'm not sure if it is exploitable, and version in stable isn't affected, so I 
set the severity only
to important.


[1]http://trac.roundcube.net/changeset/2148

Cheers,
Giuseppe.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknrjxMACgkQNxpp46476apvegCdHU0uUdAg/i9p8twr1+IMrMRZ
6cEAnAxHOcQBOWRq+OT97HQjIDB5gYTb
=pQn2
-END PGP SIGNATURE-


--- End Message ---
--- Begin Message ---
Source: mahara
Source-Version: 1.1.3-1

We believe that the bug you reported is fixed in the latest version of
mahara, which is due to be installed in the Debian FTP archive:

mahara-apache2_1.1.3-1_all.deb
  to pool/main/m/mahara/mahara-apache2_1.1.3-1_all.deb
mahara_1.1.3-1.diff.gz
  to pool/main/m/mahara/mahara_1.1.3-1.diff.gz
mahara_1.1.3-1.dsc
  to pool/main/m/mahara/mahara_1.1.3-1.dsc
mahara_1.1.3-1_all.deb
  to pool/main/m/mahara/mahara_1.1.3-1_all.deb
mahara_1.1.3.orig.tar.gz
  to pool/main/m/mahara/mahara_1.1.3.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 524...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Francois Marier  (supplier of updated mahara package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 22 Apr 2009 17:06:36 +1200
Source: mahara
Binary: mahara mahara-apache2
Architecture: source all
Version: 1.1.3-1
Distribution: unstable
Urgency: high
Maintainer: Mahara Debian Packaging Team 
Changed-By: Francois Marier 
Description: 
 mahara - Electronic portfolio, weblog, and resume builder
 mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 
config
Closes: 524778
Changes: 
 mahara (1.1.3-1) unstable; urgency=high
 .
   * New Upstream Version
 - fixes XSS issues in user profile field and text boxes in user views
   (CVE-2009-0664)
 - fixes remote code execution in the bundled copy of html2text
   (CVE-2008-5619, closes: #524778)
   * Bump Standards-Version to 3.8.1 (no changes)
   * Remove execute bit on a bunch of Javascript files (lintian warning)
Checksums-Sha1: 
 6b032f11ba15ad16bd2ca721da0c14803186effe 1268 mahara_1.1.3-1.dsc
 c98dda14a3974517077b1c08ce884911497fa13b 2640170 mahara_1.1.3.orig.tar.gz
 debd01ff405155b42839191f85a044158ddfe350 21015 mahara_1.1.3-1.diff.gz
 e1a33bf48264f5f4cbafd147979a1ce4b81d46b8 1831574 mahara_1.1.3-1_all.deb
 5d026bf1608b9bc710343a8d775be1089e1b47bb 9328 mahara-apache2_1.1.3-1_all.deb
Checksums-Sha256: 
 a0578e8e11b314d6e1fee811e9db38df0a8c288261bb87e3fa25b79080057e57 1268 
mahara_1.1.3-1.dsc
 180922db6a77fb8d83f1943f336a59d5a1bd46cf121a483d49fb714221f09710 2640170 
mahara_1.1.3.orig.tar.gz
 d57731348d3544efde8b405832a1be02ef63194ab8d230e59e5afc48eb5a1b68 21015 
mahara_1.1.3-1.diff.gz
 f1f4eb10023d6818e75f3b3c32ced74c0f4b53de200484fa5271b2b9ea564c4f 1831574 
mahara_1.1.3-1_all.deb
 cc243d1088a6d7ed939f4a3d0c991a9483e1061b9a2dde7050a4ad67d557f72f 9328 
mahara-apache2_1.1.3-1_all.deb
Files: 
 70ea45454f5acb17f043f14c686a02bf 1268 web optional mahara_1.1.3-1.dsc
 fe15cc66716a9127d085d928adbbe859 2640170 web optional mahara_1.1.3.orig.tar.gz
 baaff649eb8fe52e7c9381273c715d87 21015 web optional mahara_1.1.3-1.diff.gz
 12ec800391a78aa4cdb0dd3a2dd79746 1831574 web optional mahara_1.1.3-1_all.deb
 785cef8dd7c2477006f3ec8c0ec718bb 9328 web optional 
mahara-apache2_1.1.3-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknupj0ACgkQScUZKBnQNIb5agCglNYpjEc1MO2C44K0oDi+xHJ5
e2gAn1Jzc5S7mLE++CsPSeKb5A5WHswa
=91Iw
-END 

Bug#524745: [Pkg-octave-devel] Bug#524745: Bug#524745: Postinst seems to run forever on mipsel

[Rafael Laboissiere]

* Stephen Gran  [2009-04-21 23:55]:

> This one time, at band camp, Rafael Laboissiere said:
> > * Martin Zobel-Helas  [2009-04-21 21:17]:
> > 
> > > here some more infos:
> > > 
> > > 21029 ?S  0:00  \_ sh -c /usr/bin/sudo /usr/bin/apt-get 
> > > --purge -o 
> > > Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status 
> > > -o DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o DPkg::R
> > > 21030 ?S  0:03  \_ /usr/bin/apt-get --purge -o 
> > > Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status 
> > > -o DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o 
> > > DPkg::Run-Directory=/ho
> > > 22519 pts/0Ss+0:00  \_ /usr/bin/dpkg 
> > > --root=/home/buildd/build/chroot-unstable --force-confold --status-fd 14 
> > > --configure libmagic1 file gettext-base libkeyutils1 libkrb5support0 
> > > libk5crypto3 libkrb5-3 libgss
> > > 23967 pts/0S+ 0:00  \_ /bin/sh -e 
> > > /var/lib/dpkg/info/octave3.0.postinst configure 
> > > 23976 pts/0R+   1987:42  \_ octave-3.0.5 --silent 
> > > --no-history --no-init-file --eval pkg ('rebuild');
> > > 
> > > strace -p 23976
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > > [...] runs infitive
> > 
> > Thanks for the info.  Is the hanging due to some file Octave is trying to
> > open/read/close?  Could you please run lsof on the octave-3.0.5 process
> > and post the results?  In the case above, it would be:
> > 
> > lsof -p 23976
> 
> The process has been killed, so we no longer have that information for
> you.

Yes, I know, but could you try to launch the offending command:

octave-3.0.5 --silent --no-history --no-init-file --eval "pkg ('rebuild');"

in one of the machines where it fails and see what happens?

-- 
Rafael



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#522346: closed by Alejandro Garrido Mota (Bug#522346: fixed in gbackground 1.1-2)

[Marc Graham]

Hi Alejandro,

Respectfully, shouldn't openoffice do something other than crash in the case
of not being able to find the right file to display its dialog?

Marc

2009/4/22 Debian Bug Tracking System 

>
> This is an automatic notification regarding your Bug report
> which was filed against the gbackground package:
>
> #522346: error starting gbackground looks for Dialog.pm but can't find
>
> It has been closed by Alejandro Garrido Mota .
>
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Alejandro Garrido Mota
>  by
> replying to this email.
>
>
> --
> 522346: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522346
> Debian Bug Tracking System
> Contact ow...@bugs.debian.org with problems
>
>
> -- Forwarded message --
> From: Alejandro Garrido Mota 
> To: 522346-cl...@bugs.debian.org
> Date: Wed, 22 Apr 2009 03:32:05 +
> Subject: Bug#522346: fixed in gbackground 1.1-2
> Source: gbackground
> Source-Version: 1.1-2
>
> We believe that the bug you reported is fixed in the latest version of
> gbackground, which is due to be installed in the Debian FTP archive:
>
> gbackground_1.1-2.diff.gz
>  to pool/main/g/gbackground/gbackground_1.1-2.diff.gz
> gbackground_1.1-2.dsc
>  to pool/main/g/gbackground/gbackground_1.1-2.dsc
> gbackground_1.1-2_all.deb
>  to pool/main/g/gbackground/gbackground_1.1-2_all.deb
>
>
>
> A summary of the changes between this version and the previous one is
> attached.
>
> Thank you for reporting the bug, which will now be closed.  If you
> have further comments please address them to 522...@bugs.debian.org,
> and the maintainer will reopen the bug report if appropriate.
>
> Debian distribution maintenance software
> pp.
> Alejandro Garrido Mota  (supplier of updated
> gbackground package)
>
> (This message was generated automatically at their request; if you
> believe that there is a problem with it please contact the archive
> administrators by mailing ftpmas...@debian.org)
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Format: 1.8
> Date: Sat, 11 Apr 2009 18:10:46 -0430
> Source: gbackground
> Binary: gbackground
> Architecture: source all
> Version: 1.1-2
> Distribution: unstable
> Urgency: low
> Maintainer: Alejandro Garrido Mota 
> Changed-By: Alejandro Garrido Mota 
> Description:
>  gbackground - Program to change GNOME background periodically
> Closes: 522346
> Changes:
>  gbackground (1.1-2) unstable; urgency=low
>  .
>   * Add libui-dialog-perl package to Depends field (Closes: #522346)
> Checksums-Sha1:
>  59f0c01e2477b8bdf0a7c724d91d4b2045d9784f 1039 gbackground_1.1-2.dsc
>  fbd125ecd45460b1ee819e8c2e6da48b7b630230 2094 gbackground_1.1-2.diff.gz
>  c936656337230c7e0d30035bd2e19c1a7bbcf16f 13384 gbackground_1.1-2_all.deb
> Checksums-Sha256:
>  af1d3b995d1933a22271136f5a37bff6a36274d213aabe37fb614275eafdbd06 1039
> gbackground_1.1-2.dsc
>  adde2392320dce52d8dd5b389340f741bdfbf4fcb335e5971cf046b6ce2a1b19 2094
> gbackground_1.1-2.diff.gz
>  f1344bb6367adafe385b2872aab4ee4f378b268aaebc5ed4dd7b344752630496 13384
> gbackground_1.1-2_all.deb
> Files:
>  2ace4d3f425b48c1de74aa9321ba8f47 1039 gnome optional gbackground_1.1-2.dsc
>  7ee9d5ffd2c524f9cabbc95df6158a09 2094 gnome optional
> gbackground_1.1-2.diff.gz
>  559475c09ae269429692dfb5dff7bf57 13384 gnome optional
> gbackground_1.1-2_all.deb
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEARECAAYFAknujvgACgkQgY5NIXPNpFURawCfc0b9DKE804sKRKDgPYgFlDZL
> iQAAoJ9J7afldVkAVlqYM4vHfVR21SHp
> =gUqZ
> -END PGP SIGNATURE-
>
>
>
>
> -- Forwarded message --
> From: Marc Graham 
> To: Debian Bug Tracking System 
> Date: Fri, 03 Apr 2009 10:20:55 +1100
> Subject: error starting gbackground looks for Dialog.pm but can't find
> Package: gbackground
> Version: 1.1-1
> Severity: grave
> Justification: renders package unusable
>
>
> Just installed gbackground and it won't run. Returns with the following
>
> Can't locate UI/Dialog.pm in @INC (@INC contains: /etc/perl
> /usr/local/lib/perl/5.10.0 /usr/local/share/perl/5.10.0 /usr/lib/perl5
> /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10
> /usr/local/lib/site_perl .) at /usr/bin/gbackground line 5.
> BEGIN failed--compilation aborted at /usr/bin/gbackground line 5.
>
>
> Marc
>
> -- System Information:
> Debian Release: squeeze/sid
>  APT prefers testing
>  APT policy: (500, 'testing')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
> Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages gbackground depends on:
> ii  libglib-perl  1:1.190-2  Perl interface to the GLib and
> GOb
> ii  libgtk2-gladexml-perl 1.007-1Perl interface to use user
> interfa
> ii  libgtk2-perl  1:1.190-1  Perl interface to the 2.x
> series o
> ii  libp

Bug#522598: work around to improve the situation a bit - NOT

[H. S.]

After I sent my previous post, I experimented a bit more. Even though
the work around that I posted earlier worked in audacious, it did not
work later in the day when I tested with mplayer and flash videos on
some websites. Just though to clear this up and exclude any false
leads.

Thanks.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#522811: marked as done (xine-lib: heap-based buffer overflow due to integer overflow in quicktime atom parsing)

[Debian Bug Tracking System]

Your message dated Wed, 22 Apr 2009 06:18:33 +0200
with message-id <20090422041833.ga30...@ngolde.de>
and subject line CVE-2009-1274 is fixed
has caused the Debian Bug report #522811,
regarding xine-lib: heap-based buffer overflow due to integer overflow in 
quicktime atom parsing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
522811: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522811
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: xine-lib
Severity: grave
Tags: security patch

Hi,
Tobias Klein discovered an integer overflow in the quicktime 
STTS atom processing that leads to a heap-based buffer 
overflow probably resulting in arbitrary code execution.

As you are also upstream of xine I expect you are aware of:
http://trapkit.de/advisories/TKADV2009-005.txt.

You fixed this bug in 1.1.16.3.

A few words from my side, I expect you to contact the 
security team in case you get notified of a security issue 
in xine in the future as it's not nice to see other people 
notifying us while we our Debian maintainer is also the 
upstream. Sorry but this workflow sucks! Debian can allocate 
CVE ids if you need them and I see no reason why a fixed 
package is not already in unstable.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry if we get one in time.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpI18sjjgPMb.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Version: 1.1.16.3-1

Darren,
you were neither able to reply on #522811, nor to notify the 
security team of a security issue in xine-lib and you even 
didn't comment on the bug afterwards that it is already 
fixed in the version you uploaded nearly at the same time. 
The bug was still open until now.

This wastes a lot of time which you as the maintainer should 
spend. This is nothing personal but either you as upstream
are able to produce secure code or you are able to properly 
communicate with your security team.

I talked with you about this problem in IRC and I would have 
expected at least a notice that you uploaded a fixed version 
if you are not able to close the bug by yourself.

This is nothing personal but on the next security related 
bug of xine without maintainer reaction or coordination with 
the security team I will file a removal bug for xine.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpMHDFYUaiW2.pgp
Description: PGP signature
--- End Message ---

Bug#522346: marked as done (error starting gbackground looks for Dialog.pm but can't find)

[Debian Bug Tracking System]

Your message dated Wed, 22 Apr 2009 03:32:05 +
with message-id 
and subject line Bug#522346: fixed in gbackground 1.1-2
has caused the Debian Bug report #522346,
regarding error starting gbackground looks for Dialog.pm but can't find
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
522346: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522346
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gbackground
Version: 1.1-1
Severity: grave
Justification: renders package unusable


Just installed gbackground and it won't run. Returns with the following

Can't locate UI/Dialog.pm in @INC (@INC contains: /etc/perl 
/usr/local/lib/perl/5.10.0 /usr/local/share/perl/5.10.0 /usr/lib/perl5 
/usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 
/usr/local/lib/site_perl .) at /usr/bin/gbackground line 5.
BEGIN failed--compilation aborted at /usr/bin/gbackground line 5.


Marc

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages gbackground depends on:
ii  libglib-perl  1:1.190-2  Perl interface to the GLib and GOb
ii  libgtk2-gladexml-perl 1.007-1Perl interface to use user interfa
ii  libgtk2-perl  1:1.190-1  Perl interface to the 2.x series o
ii  libproc-pid-file-perl 1.24-6 Perl module for managing process i

gbackground recommends no packages.

gbackground suggests no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: gbackground
Source-Version: 1.1-2

We believe that the bug you reported is fixed in the latest version of
gbackground, which is due to be installed in the Debian FTP archive:

gbackground_1.1-2.diff.gz
  to pool/main/g/gbackground/gbackground_1.1-2.diff.gz
gbackground_1.1-2.dsc
  to pool/main/g/gbackground/gbackground_1.1-2.dsc
gbackground_1.1-2_all.deb
  to pool/main/g/gbackground/gbackground_1.1-2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 522...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alejandro Garrido Mota  (supplier of updated gbackground 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sat, 11 Apr 2009 18:10:46 -0430
Source: gbackground
Binary: gbackground
Architecture: source all
Version: 1.1-2
Distribution: unstable
Urgency: low
Maintainer: Alejandro Garrido Mota 
Changed-By: Alejandro Garrido Mota 
Description: 
 gbackground - Program to change GNOME background periodically
Closes: 522346
Changes: 
 gbackground (1.1-2) unstable; urgency=low
 .
   * Add libui-dialog-perl package to Depends field (Closes: #522346)
Checksums-Sha1: 
 59f0c01e2477b8bdf0a7c724d91d4b2045d9784f 1039 gbackground_1.1-2.dsc
 fbd125ecd45460b1ee819e8c2e6da48b7b630230 2094 gbackground_1.1-2.diff.gz
 c936656337230c7e0d30035bd2e19c1a7bbcf16f 13384 gbackground_1.1-2_all.deb
Checksums-Sha256: 
 af1d3b995d1933a22271136f5a37bff6a36274d213aabe37fb614275eafdbd06 1039 
gbackground_1.1-2.dsc
 adde2392320dce52d8dd5b389340f741bdfbf4fcb335e5971cf046b6ce2a1b19 2094 
gbackground_1.1-2.diff.gz
 f1344bb6367adafe385b2872aab4ee4f378b268aaebc5ed4dd7b344752630496 13384 
gbackground_1.1-2_all.deb
Files: 
 2ace4d3f425b48c1de74aa9321ba8f47 1039 gnome optional gbackground_1.1-2.dsc
 7ee9d5ffd2c524f9cabbc95df6158a09 2094 gnome optional gbackground_1.1-2.diff.gz
 559475c09ae269429692dfb5dff7bf57 13384 gnome optional gbackground_1.1-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknujvgACgkQgY5NIXPNpFURawCfc0b9DKE804sKRKDgPYgFlDZL
iQAAoJ9J7afldVkAVlqYM4vHfVR21SHp
=gUqZ
-END PGP SIGNATURE-


--- End Message ---

Bug#525048: sort: sefaults

[Bob Proulx]

Michael Stone wrote:
> Otavio Salvador wrote:
>> Michael Stone wrote:
>>> you wrote:
 $: sort -um -o list list work
>>>
>>> I'll look at the segfault, but I'm not sure that was ever guaranteed to give
>>> a useful result (you're overwriting an input file).
>>
>> Yes, it works nicely in stable release (hence the notfound usage) so it
>> qualifies as a regression IMO.
>
> I didn't say it didn't work, I said "I'm not sure that was ever  
> guaranteed to give a useful result".

In this case it is guaranteed to provide a meaning result.  Both
traditional implementations and POSIX require -o to buffer output so
that it can also be an input file.  (I think that is virtually the
entire reason for the -o instead of simply using output redirection.)

  http://www.opengroup.org/onlinepubs/009695399/utilities/sort.html

  -o  output
  Specify the name of an output file to be used instead of the
  standard output. This file can be the same as one of the input files.

In any case it shouldn't segfault.

Bob



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525088: xtables-addons-source: should depend on pkg-config

[John Wright]

My patch won't apply, since I ran into this while attempting a backport.
Sorry about that.  Still, the solution is simple enough: add pkg-config
to the dependency list of xtables-addons-source.

-- 
John Wright 



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525088: xtables-addons-source: should depend on pkg-config

[John Wright]

Package: xtables-addons-source
Version: 1.14-1
Severity: serious
Tags: patch

The configure script in xtables-addons-source requires pkg-config to be
available:


checking for libxtables... configure: error: in 
`/usr/src/modules/xtables-addons':
configure: error: The pkg-config script could not be found or is too old.  Make 
sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.

Alternatively, you may set the environment variables libxtables_CFLAGS
and libxtables_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.

To get pkg-config, see .
See `config.log' for more details.
make[1]: *** [binary-modules] Error 1
make[1]: Leaving directory `/usr/src/modules/xtables-addons'
make: *** [kdist_build] Error 2
BUILD FAILED!


I have attached a patch.

Thanks,
-- 
John Wright 
diff --git a/debian/control b/debian/control
index 0c4d347..11e3cf4 100644
--- a/debian/control
+++ b/debian/control
@@ -15,6 +15,7 @@ Depends: module-assistant,
 debhelper (>= 5),
 make,
 bzip2,
+pkg-config,
 iptables-dev
 Description: Source for the xtables-addons driver
  This package provides the source code for the xtables-addons kernel modules.

Bug#522598: work around to improve the situation a bit

[H. S.]

Hello,

Just a little followup. Discovered from
https://fedoraproject.org/wiki/Features/GlitchFreeAudio that following
helps the situation a bit:

The PulseAudio sound server has been rewritten to use timer-based
audio scheduling instead of the traditional interrupt-driven approach.
Timer-based scheduling may expose issues in some Alsa drivers. To turn
timer-based scheduling off, replace the line

load-module module-hal-detect

in /etc/pulse/default.pa by

load-module module-hal-detect tsched=0


After the above modification, I still get following messages in syslog:
Apr 21 20:36:31 red pulseaudio[16799]: module-alsa-sink.c: ALSA woke
us up to write new data to the device, but there was actually nothing
to write! Most likely this is an ALSA driver bug. Please report this
issue to the PulseAudio developers.
Apr 21 20:37:02 red last message repeated 14 times


but the sound chopping appears to have gone and sound plays smoothly now.


Regards.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#522416: Bug#524915: intent to NMU

[Jonas Smedegaard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Wed, Apr 22, 2009 at 01:51:31AM +0200, Nico Golde wrote:
>Hi,
>attached is a patch that fixes the described issues which I 
>am going to upload as a 0-day NMU as there was no reaction 
>on these bugs yet.

Thanks a lot!  Your work is much appreciated.


  - Jonas

- -- 
* Jonas Smedegaard - idealist og Internet-arkitekt
* Tlf.: +45 40843136  Website: http://dr.jones.dk/

  [x] quote me freely  [ ] ask before reusing  [ ] keep private
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknuZW4ACgkQn7DbMsAkQLgOyQCfe0Wgp1uQsZuixXBFc7A7VV/y
I7AAniSGIBqgO7x8vmU+jB2tiNpZkF3t
=2yrz
-END PGP SIGNATURE-



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524915: marked as done (ghostscript: CVE-2009-0792 multiple integer overflows in icc library)

[Debian Bug Tracking System]

Your message dated Wed, 22 Apr 2009 00:02:07 +
with message-id 
and subject line Bug#524915: fixed in ghostscript 8.64~dfsg-1.1
has caused the Debian Bug report #524915,
regarding ghostscript: CVE-2009-0792 multiple integer overflows in icc library
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
524915: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524915
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ghostscript
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for ghostscript.

CVE-2009-0792[0]:
| Multiple integer overflows in icc.c in the International Color
| Consortium (ICC) Format library (aka icclib), as used in Ghostscript
| 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and
| earlier, allow context-dependent attackers to cause a denial of
| service (heap-based buffer overflow and application crash) or possibly
| execute arbitrary code by using a device file for a translation
| request that operates on a crafted image file and targets a certain
| "native color space," related to an ICC profile in a (1) PostScript or
| (2) PDF file with embedded images.  NOTE: this issue exists because of
| an incomplete fix for CVE-2009-0583.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

Patch attached.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792
http://security-tracker.debian.net/tracker/CVE-2009-0792

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -up ghostscript-8.63/icclib/icc.c.CVE-2009-0792 ghostscript-8.63/icclib/icc.c
--- ghostscript-8.63/icclib/icc.c.CVE-2009-0792	2009-04-15 16:37:49.0 +0100
+++ ghostscript-8.63/icclib/icc.c	2009-04-15 16:38:00.0 +0100
@@ -2982,7 +2982,7 @@ static int icmCurve_lookup_fwd(
 			rv |= 1;
 		}
 		ix = (int)floor(val);		/* Coordinate */
-		if (ix > (p->size-2))
+		if (ix < 0 || ix > (p->size-2))
 			ix = (p->size-2);
 		w = val - (double)ix;		/* weight */
 		val = p->data[ix];
@@ -3004,6 +3004,11 @@ static int icmTable_setup_bwd(
 ) {
 	int i;
 
+	if (size > INT_MAX - 2)
+		/* Although rt->size is unsigned long, the rt data
+		 * structure uses int data types to store indices. */
+		return 2;
+
 	rt->size = size;		/* Stash pointers to these away */
 	rt->data = data;
 	
@@ -3022,7 +3027,7 @@ static int icmTable_setup_bwd(
 	rt->qscale = (double)rt->rsize/(rt->rmax - rt->rmin);	/* Scale factor to quantize to */
 	
 	/* Initialize the reverse lookup structures, and get overall min/max */
-	if ((rt->rlists = (int **) icp->al->calloc(icp->al, 1, rt->rsize * sizeof(int *))) == NULL) {
+	if ((rt->rlists = (int **) icp->al->calloc(icp->al, rt->rsize, sizeof(int *))) == NULL) {
 		return 2;
 	}
 
@@ -3035,6 +3040,15 @@ static int icmTable_setup_bwd(
 			int t;
 			t = s; s = e; e = t;
 		}
+		/* s and e should both be in the range [0,rt->rsize]
+		 * now, but let's not rely on floating point
+		 * calculations -- double-check. */
+		if (s < 0)
+			s = 0;
+		if (e < 0)
+			e = 0;
+		if (s >= rt->rsize)
+			s = rt->rsize-1;
 		if (e >= rt->rsize)
 			e = rt->rsize-1;
 
@@ -3053,6 +3067,9 @@ static int icmTable_setup_bwd(
 as = rt->rlists[j][0];	/* Allocate space for this list */
 nf = rt->rlists[j][1];	/* Next free location in list */
 if (nf >= as) {			/* need to expand space */
+	if (as > INT_MAX / 2 / sizeof (int))
+		return 2;
+
 	as *= 2;
 	rt->rlists[j] = (int *) icp->al->realloc(icp->al,rt->rlists[j], sizeof(int) * as);
 	if (rt->rlists[j] == NULL) {
@@ -3104,7 +3121,7 @@ static int icmTable_lookup_bwd(
 		val = rsize_1;
 	ix = (int)floor(val);		/* Coordinate */
 
-	if (ix > (rt->size-2))
+	if (ix < 0 || ix > (rt->size-2))
 		ix = (rt->size-2);
 	if (rt->rlists[ix] != NULL)  {		/* There is a list of fwd candidates */
 		/* For each candidate forward range */
@@ -3131,6 +3148,7 @@ static int icmTable_lookup_bwd(
 	/* We have failed to find an exact value, so return the nearest value */
 	/* (This is slow !) */
 	val = fabs(ival - rt->data[0]);
+	/* rt->size is known to be < INT_MAX */
 	for (k = 0, i = 1; i < rt->size; i++) {
 		double er;
 		er = fabs(ival - rt->data[i]);
@@ -3671,7 +3689,7 @@ static int icmData_allocate(
 	if (p->size != p->_size) {
 		if (p->data != NULL)
 			icp->al->free(icp->al, p->data);
-		if ((p->data = (unsigned char *) icp->al->malloc(icp->al, p->size * sizeof(unsigned char))) =

Bug#522416: marked as done (ghostscript: CVE-2009-058{3,4} multiple integer overflows resulting in arbitrary code execution)

[Debian Bug Tracking System]

Your message dated Wed, 22 Apr 2009 00:02:07 +
with message-id 
and subject line Bug#522416: fixed in ghostscript 8.64~dfsg-1.1
has caused the Debian Bug report #522416,
regarding ghostscript: CVE-2009-058{3,4} multiple integer overflows resulting 
in arbitrary code execution
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
522416: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522416
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ghostscript
Version: 8.64~dfsg-1
Severity: grave
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for ghostscript.

CVE-2009-0584[0]:
| icc.c in the International Color Consortium (ICC) Format library (aka
| icclib), as used in Ghostscript 8.64 and earlier and Argyll Color
| Management System (CMS) 1.0.3 and earlier, allows context-dependent
| attackers to cause a denial of service (application crash) or possibly
| execute arbitrary code by using a device file for processing a crafted
| image file associated with large integer values for certain sizes,
| related to an ICC profile in a (1) PostScript or (2) PDF file with
| embedded images.

CVE-2009-0583[1]:
| Multiple integer overflows in icc.c in the International Color
| Consortium (ICC) Format library (aka icclib), as used in Ghostscript
| 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and
| earlier, allow context-dependent attackers to cause a denial of
| service (heap-based buffer overflow and application crash) or possibly
| execute arbitrary code by using a device file for a translation
| request that operates on a crafted image file and targets a certain
| "native color space," related to an ICC profile in a (1) PostScript or
| (2) PDF file with embedded images.

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

We already have fixed packages for stable/oldstable, the 
patches in their probably apply for the unstable version as 
well.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584
http://security-tracker.debian.net/tracker/CVE-2009-0584
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
http://security-tracker.debian.net/tracker/CVE-2009-0583

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgp0iYUO8Vflq.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: ghostscript
Source-Version: 8.64~dfsg-1.1

We believe that the bug you reported is fixed in the latest version of
ghostscript, which is due to be installed in the Debian FTP archive:

ghostscript-doc_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/ghostscript-doc_8.64~dfsg-1.1_all.deb
ghostscript-x_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/ghostscript-x_8.64~dfsg-1.1_amd64.deb
ghostscript_8.64~dfsg-1.1.diff.gz
  to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1.1.diff.gz
ghostscript_8.64~dfsg-1.1.dsc
  to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1.1.dsc
ghostscript_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1.1_amd64.deb
gs-aladdin_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-aladdin_8.64~dfsg-1.1_all.deb
gs-common_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-common_8.64~dfsg-1.1_all.deb
gs-esp_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-esp_8.64~dfsg-1.1_all.deb
gs-gpl_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-gpl_8.64~dfsg-1.1_all.deb
gs_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs_8.64~dfsg-1.1_all.deb
libgs-dev_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/libgs-dev_8.64~dfsg-1.1_amd64.deb
libgs8_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/libgs8_8.64~dfsg-1.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 522...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde  (supplier of updated ghostscript package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 22 Apr 2009 00:19:51 +0200
Source: ghostscript
Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscrip

Bug#524803: marked as done (ghostscript: multiple vulnerabilities)

[Debian Bug Tracking System]

Your message dated Wed, 22 Apr 2009 00:02:07 +
with message-id 
and subject line Bug#524803: fixed in ghostscript 8.64~dfsg-1.1
has caused the Debian Bug report #524803,
regarding ghostscript: multiple vulnerabilities
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
524803: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524803
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: ghostscript
severity: grave
tags: security

Hi,

The following CVE (Common Vulnerabilities & Exposures) ids were
published for ghostscript.

CVE-2007-6725[0]:
| The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly
| other versions, allows remote attackers to cause a denial of service
| (crash) and possibly execute arbitrary code via a crafted PDF file
| that triggers a buffer underflow in the cf_decode_2d function.

CVE-2008-6679[1]:
| Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and
| possibly other versions, allows remote attackers to cause a denial of
| service (ps2pdf crash) and possibly execute arbitrary code via a
| crafted Postscript file.

CVE-2009-0196[2]:
| Heap-based buffer overflow in the big2_decode_symbol_dict function
| (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in
| Ghostscript 8.64, and probably earlier versions, allows remote
| attackers to execute arbitrary code via a PDF file with a JBIG2 symbol
| dictionary segment with a large run length value.

Please coordinate with the security team (t...@security.debian.org)
to prepare fixes for the stable releases.

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6725
http://security-tracker.debian.net/tracker/CVE-2007-6725
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679
http://security-tracker.debian.net/tracker/CVE-2008-6679
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196
http://security-tracker.debian.net/tracker/CVE-2009-0196


--- End Message ---
--- Begin Message ---
Source: ghostscript
Source-Version: 8.64~dfsg-1.1

We believe that the bug you reported is fixed in the latest version of
ghostscript, which is due to be installed in the Debian FTP archive:

ghostscript-doc_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/ghostscript-doc_8.64~dfsg-1.1_all.deb
ghostscript-x_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/ghostscript-x_8.64~dfsg-1.1_amd64.deb
ghostscript_8.64~dfsg-1.1.diff.gz
  to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1.1.diff.gz
ghostscript_8.64~dfsg-1.1.dsc
  to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1.1.dsc
ghostscript_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1.1_amd64.deb
gs-aladdin_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-aladdin_8.64~dfsg-1.1_all.deb
gs-common_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-common_8.64~dfsg-1.1_all.deb
gs-esp_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-esp_8.64~dfsg-1.1_all.deb
gs-gpl_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs-gpl_8.64~dfsg-1.1_all.deb
gs_8.64~dfsg-1.1_all.deb
  to pool/main/g/ghostscript/gs_8.64~dfsg-1.1_all.deb
libgs-dev_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/libgs-dev_8.64~dfsg-1.1_amd64.deb
libgs8_8.64~dfsg-1.1_amd64.deb
  to pool/main/g/ghostscript/libgs8_8.64~dfsg-1.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 524...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde  (supplier of updated ghostscript package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 22 Apr 2009 00:19:51 +0200
Source: ghostscript
Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscript-x 
ghostscript-doc libgs8 libgs-dev
Architecture: source all amd64
Version: 8.64~dfsg-1.1
Distribution: unstable
Urgency: high
Maintainer: Masayuki Hatta (mhatta) 
Changed-By: Nico Golde 
Description: 
 ghostscript - The GPL Ghostscript PostScript/PDF interpreter
 ghostscript-doc - The GPL Ghostscript PostScript/PDF interpreter - 
Documentation
 ghostscript-x - The GPL Ghostscript PostScript/PDF inter

Bug#519028: linux-image-686: Doesn't work for me...

[Shai Berger]

Package: linux-image-686
Version: 2.6.26+17
Severity: normal


This version (as its number implies) still depends on 2.6.26,
but 2.6.29 is in unstable.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages linux-image-686 depends on:
ii  linux-image-2.6.26-1-686  2.6.26-13  Linux 2.6.26 image on PPro/Celeron

linux-image-686 recommends no packages.

linux-image-686 suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524915: intent to NMU

[Nico Golde]

Hi,
attached is a patch that fixes the described issues which I 
am going to upload as a 0-day NMU as there was no reaction 
on these bugs yet.

It will be also archived on:
http://people.debian.org/~nion/nmu-diff/ghostscript-8.64~dfsg-1_8.64~dfsg-1.1.patch

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u ghostscript-8.64~dfsg/debian/changelog ghostscript-8.64~dfsg/debian/changelog
--- ghostscript-8.64~dfsg/debian/changelog
+++ ghostscript-8.64~dfsg/debian/changelog
@@ -1,3 +1,20 @@
+ghostscript (8.64~dfsg-1.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * This update fixes various security issues:
+- CVE-2009-0792: multiple integer overflows in the icc library
+  can cause a heap-based buffer overflow possibly leading to arbitray
+  code execution.
+- CVE-2009-0584/CVE-2009-0583: Multiple integer overflows causing an
+  application crash or possibly arbitrary code execution.
+- CVE-2009-0196: heap-based buffer overflow in big2_decode_symbol_dict()
+  leading to arbitrary code execution via a crafted JBIG2 symbol
+  dictionary segment.
+  .
+  (Closes: #524915, #522416, #524803)
+
+ -- Nico Golde   Wed, 22 Apr 2009 00:19:51 +0200
+
 ghostscript (8.64~dfsg-1) unstable; urgency=low
 
   * New upstream release.
diff -u ghostscript-8.64~dfsg/debian/patches/00list ghostscript-8.64~dfsg/debian/patches/00list
--- ghostscript-8.64~dfsg/debian/patches/00list
+++ ghostscript-8.64~dfsg/debian/patches/00list
@@ -8,0 +9,2 @@
+73_CVE-2009-0792_CVE-2009-0584_CVE-2009-0583
+74_CVE-2009-0196
only in patch2:
unchanged:
--- ghostscript-8.64~dfsg.orig/debian/patches/74_CVE-2009-0196.dpatch
+++ ghostscript-8.64~dfsg/debian/patches/74_CVE-2009-0196.dpatch
@@ -0,0 +1,26 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 74_CVE-2009-0196.dpatch by Nico Golde 
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: CVE-2009-0196
+
+...@dpatch@
+diff -urNad ghostscript-8.64~dfsg~/jbig2dec/jbig2_symbol_dict.c ghostscript-8.64~dfsg/jbig2dec/jbig2_symbol_dict.c
+--- ghostscript-8.64~dfsg~/jbig2dec/jbig2_symbol_dict.c	2007-12-11 09:29:58.0 +0100
 ghostscript-8.64~dfsg/jbig2dec/jbig2_symbol_dict.c	2009-04-21 23:57:26.0 +0200
+@@ -699,6 +699,15 @@
+ exrunlength = params->SDNUMEXSYMS;
+   else
+ code = jbig2_arith_int_decode(IAEX, as, &exrunlength);
++  if (exrunlength > params->SDNUMEXSYMS - j) {
++jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number,
++  "runlength too large in export symbol table (%d > %d - %d)\n",
++  exrunlength, params->SDNUMEXSYMS, j);
++jbig2_sd_release(ctx, SDEXSYMS);
++/* skip to the cleanup code and return SDEXSYMS = NULL */
++SDEXSYMS = NULL;
++break;
++  }
+   for(k = 0; k < exrunlength; k++)
+ if (exflag) {
+   SDEXSYMS->glyphs[j++] = (i < m) ? 
only in patch2:
unchanged:
--- ghostscript-8.64~dfsg.orig/debian/patches/73_CVE-2009-0792_CVE-2009-0584_CVE-2009-0583.dpatch
+++ ghostscript-8.64~dfsg/debian/patches/73_CVE-2009-0792_CVE-2009-0584_CVE-2009-0583.dpatch
@@ -0,0 +1,1159 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 73_CVE-2009-0792.dpatch by Nico Golde 
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: fixing various integer overflows
+
+...@dpatch@
+diff -urNad ghostscript-8.64~dfsg~/icclib/icc.c ghostscript-8.64~dfsg/icclib/icc.c
+--- ghostscript-8.64~dfsg~/icclib/icc.c	2008-05-09 06:12:01.0 +0200
 ghostscript-8.64~dfsg/icclib/icc.c	2009-04-22 01:44:37.0 +0200
+@@ -152,6 +152,8 @@
+  *  Various bug fixes and enhancements.
+  */
+ 
++#include 
++#include 
+ #include 
+ #include 
+ #include 
+@@ -313,8 +315,11 @@
+ 	icmFileMem *p = (icmFileMem *)pp;
+ 	size_t len;
+ 
++	if (count > 0 && size > SIZE_MAX / count)
++		return 0;
++
+ 	len = size * count;
+-	if ((p->cur + len) >= p->end) {		/* Too much */
++	if (len > (p->end - p->cur)) { /* Too much */
+ 		if (size > 0)
+ 			count = (p->end - p->cur)/size;
+ 		else
+@@ -1634,6 +1639,8 @@
+ 
+ 	/* Allocate a file write buffer */
+ 	len = p->get_size((icmBase *)p);
++	if (icp->errc)
++		return icp->errc;
+ 	if ((buf = (char *) icp->al->malloc(icp->al, len)) == NULL) {
+ 		sprintf(icp->err,"icmUInt8Array_write malloc() failed");
+ 		return icp->errc = 2;
+@@ -1698,7 +1705,7 @@
+ 	if (p->size != p->_size) {
+ 		if (p->data != NULL)
+ 			icp->al->free(icp->al, p->data);
+-		if ((p->data = (unsigned int *) icp->al->malloc(icp->al, p->size * sizeof(unsigned int))) == NULL) {
++		if ((p->data = (unsigned int *) icp->al->calloc(icp->al, p->size, sizeof(unsigned int))) == NULL) {
+ 			sprintf(icp->err,"icmUInt8Array_alloc: malloc() of icmUInt8Array data failed");
+ 			return icp->errc = 2;
+ 		}
+@@ -1749,6 +1756,10 @@
+ 	icmUInt16Array *p = (icmUInt16Array *)pp;
+ 	u

Processed: retitle 524915 to ghostscript: CVE-2009-0792 multiple integer overflows in icc library

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 524915 ghostscript: CVE-2009-0792 multiple integer overflows in icc 
> library
Bug#524915: ghotscript: CVE-2009-0792.patch multiple integer overflows in icc 
library
Changed Bug title to `ghostscript: CVE-2009-0792 multiple integer overflows in 
icc library' from `ghotscript: CVE-2009-0792.patch multiple integer overflows 
in icc library'.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524995: libxine1-misc-plugins: Does not install on amd64 - missing dependency: libmagick10

[Darren Salt]

I demand that nido may or may not have written...

> Package libxine1-misc-plugins cannot be installed - it depends on
> libmagick10 which is unavailable

There's an ongoing transition involving imagemagick. You should either
rebuild the .debs locally or install libmagick10 from testing for now.

-- 
| Darren Salt| linux or ds at  | nr. Ashington, | Toon
| RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army
|   Let's keep the pound sterling

How do you keep a turkey in suspense?



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed (with 1 errors): your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> close 516582 2.8.1
Bug#516582: pcp_2.7.8-20090217(mips/unstable): FTBFS on mips
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 2.8.1, send any further explanations to Peter De 
Schrijver 

> close 524451 2.8.1
Bug#524451: pcp - FTBFS: error: pcp/pmapi.h: No such file or directory
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 2.8.1, send any further explanations to Bastian 
Blank 

> done
Unknown command or malformed arguments to command.

> --
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#522477: Patch for inkscape FTBFS

[Daniel Schepler]

package inkscape
tags 522477 + patch
thanks

I'm attaching a patch which makes inkscape build on my system; just drop it 
into debian/patches and add it to debian/patches/00list.
-- 
Daniel Schepler

#! /bin/sh /usr/share/dpatch/dpatch-run
## 11_early-png-header.dpatch by Daniel Schepler 
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad inkscape-0.46~/src/dialogs/export.cpp inkscape-0.46/src/dialogs/export.cpp
--- inkscape-0.46~/src/dialogs/export.cpp	2009-04-21 22:26:34.0 +
+++ inkscape-0.46/src/dialogs/export.cpp	2009-04-21 22:26:44.0 +
@@ -20,6 +20,7 @@
 # include "config.h"
 #endif
 
+#include 
 #include 
 #include 
 #include 
@@ -60,7 +61,6 @@
 #include "io/sys.h"
 
 #include "helper/png-write.h"
-#include 
 
 
 #define SP_EXPORT_MIN_SIZE 1.0
diff -urNad inkscape-0.46~/src/main.cpp inkscape-0.46/src/main.cpp
--- inkscape-0.46~/src/main.cpp	2009-04-21 22:18:48.0 +
+++ inkscape-0.46/src/main.cpp	2009-04-21 22:27:00.0 +
@@ -28,6 +28,8 @@
 #endif
 #include "path-prefix.h"
 
+#include 
+
 #include 
 
 #ifdef HAVE_IEEEFP_H
@@ -111,7 +113,6 @@
 
 #include "main-cmdlineact.h"
 
-#include 
 #include 
 
 enum {
diff -urNad inkscape-0.46~/src/sp-image.cpp inkscape-0.46/src/sp-image.cpp
--- inkscape-0.46~/src/sp-image.cpp	2009-04-21 22:26:34.0 +
+++ inkscape-0.46/src/sp-image.cpp	2009-04-21 22:26:44.0 +
@@ -17,6 +17,7 @@
 # include "config.h"
 #endif
 
+#include 
 #include 
 #include 
 #include 
@@ -41,7 +42,6 @@
 #include "libnr/nr-matrix-fns.h"
 
 #include "io/sys.h"
-#include 
 #if ENABLE_LCMS
 #include "color-profile-fns.h"
 #include "color-profile.h"

Processed: Patch for inkscape FTBFS

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> package inkscape
Ignoring bugs not assigned to: inkscape

> tags 522477 + patch
Bug#522477: inkscape: FTBFS: pngconf.h:328: error: expected constructor, 
destructor, or type conversion before '.' token
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525048: sort: sefaults

[Michael Stone]

On Tue, Apr 21, 2009 at 05:36:20PM -0300, Otavio Salvador wrote:

On Tue, Apr 21, 2009 at 4:02 PM, Michael Stone  wrote:

On Tue, Apr 21, 2009 at 03:43:21PM -0300, you wrote:


$: sort -um -o list list work


I'll look at the segfault, but I'm not sure that was ever guaranteed to give
a useful result (you're overwriting an input file).


Yes, it works nicely in stable release (hence the notfound usage) so it
qualifies as a regression IMO.


I didn't say it didn't work, I said "I'm not sure that was ever 
guaranteed to give a useful result".


Mike Stone



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#523016: marked as done (clamav vulnerability)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 22:52:28 + (UTC)
with message-id <20090421225228.5d4c1b...@verdi.debian.org>
and subject line Bug#523016: fixed in clamav 0.95.1+dfsg-1volatile1
has caused the Debian Bug report #523016,
regarding clamav vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
523016: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523016
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: clamav
severity: grave
tags: security

hi,

ubuntu recently patched a problem in clamav [1].  the description is:

  It was discovered that ClamAV did not properly verify its input when
  processing TAR archives. A remote attacker could send a specially
  crafted TAR file and cause a denial of service via infinite loop.

  It was discovered that ClamAV did not properly validate Portable
  Executable (PE) files. A remote attacker could send a crafted PE file
  and cause a denial of service (divide by zero).

i'm not sure if this is CVE-2009-1241 or if it a new issue.

[1] http://www.ubuntu.com/usn/usn-754-1


--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.95.1+dfsg-1volatile1

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the volatile.debian.org FTP archive:

clamav-base_0.95.1+dfsg-1volatile1_all.deb
  to pool/volatile/main/c/clamav/clamav-base_0.95.1+dfsg-1volatile1_all.deb
clamav-daemon_0.95.1+dfsg-1volatile1_amd64.deb
  to pool/volatile/main/c/clamav/clamav-daemon_0.95.1+dfsg-1volatile1_amd64.deb
clamav-dbg_0.95.1+dfsg-1volatile1_amd64.deb
  to pool/volatile/main/c/clamav/clamav-dbg_0.95.1+dfsg-1volatile1_amd64.deb
clamav-docs_0.95.1+dfsg-1volatile1_all.deb
  to pool/volatile/main/c/clamav/clamav-docs_0.95.1+dfsg-1volatile1_all.deb
clamav-freshclam_0.95.1+dfsg-1volatile1_amd64.deb
  to 
pool/volatile/main/c/clamav/clamav-freshclam_0.95.1+dfsg-1volatile1_amd64.deb
clamav-milter_0.95.1+dfsg-1volatile1_amd64.deb
  to pool/volatile/main/c/clamav/clamav-milter_0.95.1+dfsg-1volatile1_amd64.deb
clamav-testfiles_0.95.1+dfsg-1volatile1_all.deb
  to pool/volatile/main/c/clamav/clamav-testfiles_0.95.1+dfsg-1volatile1_all.deb
clamav_0.95.1+dfsg-1volatile1.diff.gz
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg-1volatile1.diff.gz
clamav_0.95.1+dfsg-1volatile1.dsc
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg-1volatile1.dsc
clamav_0.95.1+dfsg-1volatile1_amd64.deb
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg-1volatile1_amd64.deb
libclamav-dev_0.95.1+dfsg-1volatile1_amd64.deb
  to pool/volatile/main/c/clamav/libclamav-dev_0.95.1+dfsg-1volatile1_amd64.deb
libclamav6_0.95.1+dfsg-1volatile1_amd64.deb
  to pool/volatile/main/c/clamav/libclamav6_0.95.1+dfsg-1volatile1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 523...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

volatile.debian.org distribution maintenance software
pp.
Stephen Gran  (supplier of updated clamav package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@volatile.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 21 Apr 2009 21:40:13 +0100
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6 
clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source all amd64
Version: 0.95.1+dfsg-1volatile1
Distribution: lenny-volatile
Urgency: high
Maintainer: ClamAV Team 
Changed-By: Stephen Gran 
Description: 
 clamav - anti-virus utility for Unix - command-line interface
 clamav-base - anti-virus utility for Unix - base package
 clamav-daemon - anti-virus utility for Unix - scanner daemon
 clamav-dbg - debug symbols for ClamAV
 clamav-docs - anti-virus utility for Unix - documentation
 clamav-freshclam - anti-virus utility for Unix - virus database update utility
 clamav-milter - anti-virus utility for Unix - sendmail integration
 clamav-testfiles - anti-virus utility for Unix - test files
 libclamav-dev - anti-virus utility for Unix - development files
 libclamav6 - anti-virus utility for Unix - library
Closes: 523016
Changes: 
 clamav (0.95.1+dfsg-1volatile1) lenny-volatile; urgency=high
 .
   * Prepare volatile upload
   * Fixes DoS in tar unpacker (closes: #523016)
Checksums-Sha1: 
 c93d5d315bc6d9663abcecf0dcd44

Bug#524745: [Pkg-octave-devel] Bug#524745: Postinst seems to run forever on mipsel

[Stephen Gran]

This one time, at band camp, Rafael Laboissiere said:
> * Martin Zobel-Helas  [2009-04-21 21:17]:
> 
> > here some more infos:
> > 
> > 21029 ?S  0:00  \_ sh -c /usr/bin/sudo /usr/bin/apt-get 
> > --purge -o 
> > Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status 
> > -o DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o DPkg::R
> > 21030 ?S  0:03  \_ /usr/bin/apt-get --purge -o 
> > Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status 
> > -o DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o 
> > DPkg::Run-Directory=/ho
> > 22519 pts/0Ss+0:00  \_ /usr/bin/dpkg 
> > --root=/home/buildd/build/chroot-unstable --force-confold --status-fd 14 
> > --configure libmagic1 file gettext-base libkeyutils1 libkrb5support0 
> > libk5crypto3 libkrb5-3 libgss
> > 23967 pts/0S+ 0:00  \_ /bin/sh -e 
> > /var/lib/dpkg/info/octave3.0.postinst configure 
> > 23976 pts/0R+   1987:42  \_ octave-3.0.5 --silent 
> > --no-history --no-init-file --eval pkg ('rebuild');
> > 
> > strace -p 23976
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> > [...] runs infitive
> 
> Thanks for the info.  Is the hanging due to some file Octave is trying to
> open/read/close?  Could you please run lsof on the octave-3.0.5 process
> and post the results?  In the case above, it would be:
> 
> lsof -p 23976

The process has been killed, so we no longer have that information for
you.
-- 
 -
|   ,''`.Stephen Gran |
|  : :' :sg...@debian.org |
|  `. `'Debian user, admin, and developer |
|`- http://www.debian.org |
 -


signature.asc
Description: Digital signature

Bug#524745: [Pkg-octave-devel] Bug#524745: Postinst seems to run forever on mipsel

[Rafael Laboissiere]

* Martin Zobel-Helas  [2009-04-21 21:17]:

> here some more infos:
> 
> 21029 ?S  0:00  \_ sh -c /usr/bin/sudo /usr/bin/apt-get 
> --purge -o 
> Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status -o 
> DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o DPkg::R
> 21030 ?S  0:03  \_ /usr/bin/apt-get --purge -o 
> Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status -o 
> DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o 
> DPkg::Run-Directory=/ho
> 22519 pts/0Ss+0:00  \_ /usr/bin/dpkg 
> --root=/home/buildd/build/chroot-unstable --force-confold --status-fd 14 
> --configure libmagic1 file gettext-base libkeyutils1 libkrb5support0 
> libk5crypto3 libkrb5-3 libgss
> 23967 pts/0S+ 0:00  \_ /bin/sh -e 
> /var/lib/dpkg/info/octave3.0.postinst configure 
> 23976 pts/0R+   1987:42  \_ octave-3.0.5 --silent 
> --no-history --no-init-file --eval pkg ('rebuild');
> 
> strace -p 23976
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> [...] runs infitive

Thanks for the info.  Is the hanging due to some file Octave is trying to
open/read/close?  Could you please run lsof on the octave-3.0.5 process
and post the results?  In the case above, it would be:

lsof -p 23976

Thanks,

-- 
Rafael



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#523953: Got some clarifications

[Apelete Seketeli]

I have made some research on the state of the 2.7.0 Intel driver.
>From what I've read, the problems I have come from my using of
Metacity's compositing manager. The new intel driver currently has
some tearing and framerate (among others) problems while watching
videos in a composited environment. The good news is that upstream
seems to be fully aware of the problem, and the bad is there's no way
to know (AFAIK) how much time (and effort) it will take before the
driver improves.
Disabling compositing helps with the video (not with the general
redraw speed on the desktop though), for those seeking for a
workaround.

Thanks for the hard work,
Keep it up.
--
Apelete Seketeli 



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525052: marked as done (linphone_3.1.1-1(mips/unstable): FTBFS on mips: missing intltool)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 22:17:19 +
with message-id 
and subject line Bug#525052: fixed in linphone 3.1.1-2
has caused the Debian Bug report #525052,
regarding linphone_3.1.1-1(mips/unstable): FTBFS on mips: missing intltool
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
525052: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525052
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: linphone
Version: 3.1.1-1
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of linphone_3.1.1-1 on mayr by sbuild/mips 99.999
> Build started at 20090421-1359

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>= 7), dpkg-dev (>= 1.13.19), cdbs, autoconf, 
> automake1.9, autotools-dev, libtool, pkg-config, libglib2.0-dev, libosip2-dev 
> (>= 3.0.3-2), libexosip2-dev (>= 3.0.3-2), libasound2-dev, libspeex-dev (>= 
> 1.1.12), libspeexdsp-dev, libsamplerate0-dev, libxml-parser-perl, 
> libgtk2.0-dev, libglade2-dev, libtheora-dev, dpatch, libavcodec-dev, 
> libreadline5-dev, libsdl1.2-dev, libswscale-dev, doxygen

[...]

> checking whether we are using the GNU C compiler... (cached) yes
> checking whether cc accepts -g... (cached) yes
> checking for cc option to accept ISO C89... (cached) none needed
> checking dependency style of cc... (cached) none
> checking how to run the C preprocessor... cc -E
> checking for grep that handles long lines and -e... /bin/grep
> checking for egrep... /bin/grep -E
> checking for ANSI C header files... yes
> checking whether NLS is requested... yes
> checking for intltool-update... no
> checking for intltool-merge... no
> checking for intltool-extract... no
> configure: error: The intltool scripts were not found. Please install 
> intltool.
> make: *** [config.status] Error 1
> dpkg-buildpackage: failure: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=mips&pkg=linphone&ver=3.1.1-1



--- End Message ---
--- Begin Message ---
Source: linphone
Source-Version: 3.1.1-2

We believe that the bug you reported is fixed in the latest version of
linphone, which is due to be installed in the Debian FTP archive:

liblinphone-dev_3.1.1-2_i386.deb
  to pool/main/l/linphone/liblinphone-dev_3.1.1-2_i386.deb
liblinphone3_3.1.1-2_i386.deb
  to pool/main/l/linphone/liblinphone3_3.1.1-2_i386.deb
libmediastreamer-dev_3.1.1-2_i386.deb
  to pool/main/l/linphone/libmediastreamer-dev_3.1.1-2_i386.deb
libmediastreamer0_3.1.1-2_i386.deb
  to pool/main/l/linphone/libmediastreamer0_3.1.1-2_i386.deb
libortp-dev_3.1.1-2_i386.deb
  to pool/main/l/linphone/libortp-dev_3.1.1-2_i386.deb
libortp8_3.1.1-2_i386.deb
  to pool/main/l/linphone/libortp8_3.1.1-2_i386.deb
linphone-common_3.1.1-2_all.deb
  to pool/main/l/linphone/linphone-common_3.1.1-2_all.deb
linphone-nox_3.1.1-2_i386.deb
  to pool/main/l/linphone/linphone-nox_3.1.1-2_i386.deb
linphone_3.1.1-2.diff.gz
  to pool/main/l/linphone/linphone_3.1.1-2.diff.gz
linphone_3.1.1-2.dsc
  to pool/main/l/linphone/linphone_3.1.1-2.dsc
linphone_3.1.1-2_i386.deb
  to pool/main/l/linphone/linphone_3.1.1-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 525...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mark Purcell  (supplier of updated linphone package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 22 Apr 2009 08:01:08 +1000
Source: linphone
Binary: linphone linphone-nox linphone-common liblinphone3 liblinphone-dev 
libmediastreamer0 libmediastreamer-dev libortp8 libortp-dev
Architecture: source all i386
Version: 3.1.1-2
Distribution: unstable
Urgency: low
Maintainer: Debian VoIP Team 
Changed-By: Mark Purcell 
Description: 
 liblinphone-dev - linphone web phone's library (supporting the SIP protocol)
 liblinphone3 - linphone's shared library part (supporting the SIP protocol)
 libmediastreamer-dev - linphone web phone's media library
 libmediastreamer0 - linphone web phone's media library
 libortp-dev - Real-time Transport Protocol 

Bug#520250: marked as done (liblinphone3: symbol lookup error: /usr/lib/liblinphone.so.3: undefined symbol: ms_set_mtu)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 22:17:19 +
with message-id 
and subject line Bug#520250: fixed in linphone 3.1.1-2
has caused the Debian Bug report #520250,
regarding liblinphone3: symbol lookup error: /usr/lib/liblinphone.so.3: 
undefined symbol: ms_set_mtu
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
520250: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520250
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: liblinphone3
Version: 3.0.0-2
Severity: grave
Justification: renders package unusable


r...@rom:~$ linphone-3 --verbose

(linphone-3:8670): libglade-WARNING **: Radio button group video_item 
could not be found
linphone-message : Registering all filters...
linphone-message : Registering all soundcard handlers
linphone-message : Card ALSA: default device added
linphone-message : Card ALSA: HDA Intel added
linphone-message : Card OSS: /dev/dsp added
linphone-message : Card OSS: /dev/dsp added
linphone-message : Loading plugins
linphone-message : Cannot open directory /usr/lib/mediastreamer/plugins: 
No such file or directory
linphone-message : ms_init() done
linphone-3: symbol lookup error: /usr/lib/liblinphone.so.3: undefined 
symbol: ms_set_mtu

r...@rom:~$ dpkg -S /usr/lib/liblinphone.so.3
liblinphone3: /usr/lib/liblinphone.so.3

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages liblinphone3 depends on:
ii  libc6 2.9-4  GNU C Library: Shared libraries
ii  libexosip2-4  3.1.0-1eXtended OSIP library
ii  libmediastreamer0 2.1.1-1+b1 linphone web phone's media library
ii  libortp8  3.0.0-2Real-time Transport Protocol stack
ii  libosip2-43.3.0-1Session Initiation Protocol (SIP) 

liblinphone3 recommends no packages.

liblinphone3 suggests no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: linphone
Source-Version: 3.1.1-2

We believe that the bug you reported is fixed in the latest version of
linphone, which is due to be installed in the Debian FTP archive:

liblinphone-dev_3.1.1-2_i386.deb
  to pool/main/l/linphone/liblinphone-dev_3.1.1-2_i386.deb
liblinphone3_3.1.1-2_i386.deb
  to pool/main/l/linphone/liblinphone3_3.1.1-2_i386.deb
libmediastreamer-dev_3.1.1-2_i386.deb
  to pool/main/l/linphone/libmediastreamer-dev_3.1.1-2_i386.deb
libmediastreamer0_3.1.1-2_i386.deb
  to pool/main/l/linphone/libmediastreamer0_3.1.1-2_i386.deb
libortp-dev_3.1.1-2_i386.deb
  to pool/main/l/linphone/libortp-dev_3.1.1-2_i386.deb
libortp8_3.1.1-2_i386.deb
  to pool/main/l/linphone/libortp8_3.1.1-2_i386.deb
linphone-common_3.1.1-2_all.deb
  to pool/main/l/linphone/linphone-common_3.1.1-2_all.deb
linphone-nox_3.1.1-2_i386.deb
  to pool/main/l/linphone/linphone-nox_3.1.1-2_i386.deb
linphone_3.1.1-2.diff.gz
  to pool/main/l/linphone/linphone_3.1.1-2.diff.gz
linphone_3.1.1-2.dsc
  to pool/main/l/linphone/linphone_3.1.1-2.dsc
linphone_3.1.1-2_i386.deb
  to pool/main/l/linphone/linphone_3.1.1-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 520...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mark Purcell  (supplier of updated linphone package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 22 Apr 2009 08:01:08 +1000
Source: linphone
Binary: linphone linphone-nox linphone-common liblinphone3 liblinphone-dev 
libmediastreamer0 libmediastreamer-dev libortp8 libortp-dev
Architecture: source all i386
Version: 3.1.1-2
Distribution: unstable
Urgency: low
Maintainer: Debian VoIP Team 
Changed-By: Mark Purcell 
Description: 
 liblinphone-dev - linphone web phone's library (supporting the SIP protocol)
 liblinphone3 - linphone's shared library part (supporting the SIP protocol)
 libmediastreamer-dev - linphone web phone's media library
 libmediastreamer0 - linphone web phone's media library
 libortp-dev - Real-time Transport Protocol stack
 libortp8   -

Bug#523016: marked as done (clamav vulnerability)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 22:27:44 + (UTC)
with message-id <20090421222744.e4978b...@verdi.debian.org>
and subject line Bug#523016: fixed in clamav 0.95.1+dfsg-0volatile1
has caused the Debian Bug report #523016,
regarding clamav vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
523016: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523016
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: clamav
severity: grave
tags: security

hi,

ubuntu recently patched a problem in clamav [1].  the description is:

  It was discovered that ClamAV did not properly verify its input when
  processing TAR archives. A remote attacker could send a specially
  crafted TAR file and cause a denial of service via infinite loop.

  It was discovered that ClamAV did not properly validate Portable
  Executable (PE) files. A remote attacker could send a crafted PE file
  and cause a denial of service (divide by zero).

i'm not sure if this is CVE-2009-1241 or if it a new issue.

[1] http://www.ubuntu.com/usn/usn-754-1


--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.95.1+dfsg-0volatile1

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the volatile.debian.org FTP archive:

clamav-base_0.95.1+dfsg-0volatile1_all.deb
  to pool/volatile/main/c/clamav/clamav-base_0.95.1+dfsg-0volatile1_all.deb
clamav-daemon_0.95.1+dfsg-0volatile1_i386.deb
  to pool/volatile/main/c/clamav/clamav-daemon_0.95.1+dfsg-0volatile1_i386.deb
clamav-dbg_0.95.1+dfsg-0volatile1_i386.deb
  to pool/volatile/main/c/clamav/clamav-dbg_0.95.1+dfsg-0volatile1_i386.deb
clamav-docs_0.95.1+dfsg-0volatile1_all.deb
  to pool/volatile/main/c/clamav/clamav-docs_0.95.1+dfsg-0volatile1_all.deb
clamav-freshclam_0.95.1+dfsg-0volatile1_i386.deb
  to 
pool/volatile/main/c/clamav/clamav-freshclam_0.95.1+dfsg-0volatile1_i386.deb
clamav-milter_0.95.1+dfsg-0volatile1_i386.deb
  to pool/volatile/main/c/clamav/clamav-milter_0.95.1+dfsg-0volatile1_i386.deb
clamav-testfiles_0.95.1+dfsg-0volatile1_all.deb
  to pool/volatile/main/c/clamav/clamav-testfiles_0.95.1+dfsg-0volatile1_all.deb
clamav_0.95.1+dfsg-0volatile1.diff.gz
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg-0volatile1.diff.gz
clamav_0.95.1+dfsg-0volatile1.dsc
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg-0volatile1.dsc
clamav_0.95.1+dfsg-0volatile1_i386.deb
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg-0volatile1_i386.deb
clamav_0.95.1+dfsg.orig.tar.gz
  to pool/volatile/main/c/clamav/clamav_0.95.1+dfsg.orig.tar.gz
libclamav-dev_0.95.1+dfsg-0volatile1_i386.deb
  to pool/volatile/main/c/clamav/libclamav-dev_0.95.1+dfsg-0volatile1_i386.deb
libclamav6_0.95.1+dfsg-0volatile1_i386.deb
  to pool/volatile/main/c/clamav/libclamav6_0.95.1+dfsg-0volatile1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 523...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

volatile.debian.org distribution maintenance software
pp.
Stephen Gran  (supplier of updated clamav package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@volatile.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 21 Apr 2009 21:40:13 +0100
Source: clamav
Binary: clamav libclamav-dev clamav-dbg clamav-milter clamav-base 
clamav-freshclam clamav-testfiles clamav-daemon clamav-docs libclamav6
Architecture: source i386 all
Version: 0.95.1+dfsg-0volatile1
Distribution: etch-volatile
Urgency: high
Maintainer: ClamAV Team 
Changed-By: Stephen Gran 
Description: 
 clamav - anti-virus utility for Unix - command-line interface
 clamav-base - anti-virus utility for Unix - base package
 clamav-daemon - anti-virus utility for Unix - scanner daemon
 clamav-dbg - debug symbols for ClamAV
 clamav-docs - anti-virus utility for Unix - documentation
 clamav-freshclam - anti-virus utility for Unix - virus database update utility
 clamav-milter - anti-virus utility for Unix - sendmail integration
 clamav-testfiles - anti-virus utility for Unix - test files
 libclamav-dev - anti-virus utility for Unix - development files
 libclamav6 - anti-virus utility for Unix - library
Closes: 523016
Changes: 
 clamav (0.95.1+dfsg-0volatile1) etch-volatile; urgency=high
 .
   * Prepare volatile upload
   * Fixes DoS in 

Bug#513968: Bug#515346: Breaks massbuild script from d-i

[Adam D. Barratt]

tags 513968 - d-i
severity 513968 normal
thanks

On Tue, 2009-04-21 at 18:50 -0300, Otavio Salvador wrote:
> Sorry but I mistakenly sent it to this bug while I intended to send it
> to #515346

I think you actually meant #524393 :-)

#515346 is also related to dch -r but is otherwise unrelated to your
issue.

> On Tue, Apr 21, 2009 at 6:39 PM, Otavio Salvador
>  wrote:
> > Hello,
> >
> > This behaviour change breaks unrelated code so I raised the severity; our
> > mass build script fails due it.
> >
> > Please fix it ASAP.
> >
> > --
> > Otavio Salvador  O.S. Systems
> > E-mail: ota...@ossystems.com.br  http://www.ossystems.com.br
> > Mobile: +55 53 9981-7854 http://projetos.ossystems.com.br




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#515346: Breaks massbuild script from d-i

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 513968 - d-i
Bug#513968: [debuild] -v with a version not in changelog copies whole changelog
Tags were: d-i
Tags removed: d-i

> severity 513968 normal
Bug#513968: [debuild] -v with a version not in changelog copies whole changelog
Severity set to `normal' from `serious'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: setting package to libmediastreamer-dev libortp8 liblinphone-dev linphone-nox linphone linphone-common libortp-dev libmediastreamer0 liblinphone3 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> #linphone (3.1.1-2) unstable; urgency=low
> #
> #  * Fix "symbol lookup error: /usr/lib/liblinphone.so.3: undefined"
> #set shlibs args "libmediastreamer0 (>= 3)" (Closes: #520250)
> #
> package libmediastreamer-dev libortp8 liblinphone-dev linphone-nox linphone 
> linphone-common libortp-dev libmediastreamer0 liblinphone3
Ignoring bugs not assigned to: libmediastreamer-dev linphone-nox 
liblinphone-dev libortp8 linphone linphone-common libortp-dev libmediastreamer0 
liblinphone3

> tags 520250 + pending
Bug#520250: liblinphone3: symbol lookup error: /usr/lib/liblinphone.so.3: 
undefined symbol: ms_set_mtu
There were no tags set.
Tags added: pending

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524803: CVE-2008-6679 also fixed

[Nico Golde]

Hi,
turns out CVE-2008-6679 also is fixed since 8.64.
The only unfixed issue in this report is CVE-2009-0196.

Michael, please better check the code next time, this would 
have save me a lot of time this evening.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpNupB0XQSmI.pgp
Description: PGP signature

Bug#513968: Breaks massbuild script from d-i

[Otavio Salvador]

Sorry but I mistakenly sent it to this bug while I intended to send it
to #515346

On Tue, Apr 21, 2009 at 6:39 PM, Otavio Salvador
 wrote:
> Hello,
>
> This behaviour change breaks unrelated code so I raised the severity; our
> mass build script fails due it.
>
> Please fix it ASAP.
>
> --
> Otavio Salvador                  O.S. Systems
> E-mail: ota...@ossystems.com.br  http://www.ossystems.com.br
> Mobile: +55 53 9981-7854         http://projetos.ossystems.com.br
>



-- 
Otavio Salvador  O.S. Systems
E-mail: ota...@ossystems.com.br  http://www.ossystems.com.br
Mobile: +55 53 9981-7854 http://projetos.ossystems.com.br



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524745: armel failures

[Riku Voipio]

Some armel logs:

https://buildd.debian.org/build.php?pkg=octave-io&arch=armel&ver=1.0.7-2
https://buildd.debian.org/build.php?pkg=octave-combinatorics&arch=armel&ver=1.0.7-2

all kernels 2.6.26ish.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524803: CVE-2007-6725 fixed

[Nico Golde]

Hi,
I am currently triaging the ghostscript bugs for unstable...
After checking every upstream version after this bug was 
filed it turned out that CVE-2007-6725 was silently fixed in 
8.63 so this is a non-issue for unstable/testing.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpYpubCYE7im.pgp
Description: PGP signature

Bug#524745: Postinst seems to run forever on mipsel

[Philipp Kern]

On Tue, Apr 21, 2009 at 11:37:35PM +0200, Philipp Kern wrote:
> Maybe we guessed wrong with the kernel bug:
> 
> 23:35 < sgran> 21:35:08.474724 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
> -opost -isig -icanon -echo ...}) = 0
> 23:35 < sgran> 21:35:08.474887 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
> -opost -isig -icanon -echo ...}) = 0
> 23:35 < sgran> 21:35:08.840969 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
> -opost -isig -icanon -echo ...}) = 0
> 23:35 < sgran> 21:35:08.841159 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
> -opost -isig -icanon -echo ...}) = 0
> 
> This is what happens on ia64.

Hanging processes also confirmed on ppc and armel.

Kind regards,
Philipp Kern
-- 
 .''`.  Philipp KernDebian Developer
: :' :  http://philkern.de Stable Release Manager
`. `'   xmpp:p...@0x539.de Wanna-Build Admin
  `-finger pkern/k...@db.debian.org


signature.asc
Description: Digital signature

Bug#513968: Breaks massbuild script from d-i

[Otavio Salvador]

Hello,

This behaviour change breaks unrelated code so I raised the severity; our
mass build script fails due it.

Please fix it ASAP.

-- 
Otavio Salvador  O.S. Systems
E-mail: ota...@ossystems.com.br  http://www.ossystems.com.br
Mobile: +55 53 9981-7854 http://projetos.ossystems.com.br



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: severity of 513968 is serious, tagging 513968

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 513968 serious
Bug#513968: [debuild] -v with a version not in changelog copies whole changelog
Severity set to `serious' from `normal'

> tags 513968 d-i
Bug#513968: [debuild] -v with a version not in changelog copies whole changelog
There were no tags set.
Tags added: d-i

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524745: Postinst seems to run forever on mipsel

[Philipp Kern]

On Tue, Apr 21, 2009 at 09:17:55PM +0200, Martin Zobel-Helas wrote:
> Hi,
> 
> here some more infos:
> 
> 21029 ?S  0:00  \_ sh -c /usr/bin/sudo /usr/bin/apt-get 
> --purge -o 
> Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status -o 
> DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o DPkg::R
> 21030 ?S  0:03  \_ /usr/bin/apt-get --purge -o 
> Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status -o 
> DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o 
> DPkg::Run-Directory=/ho
> 22519 pts/0Ss+0:00  \_ /usr/bin/dpkg 
> --root=/home/buildd/build/chroot-unstable --force-confold --status-fd 14 
> --configure libmagic1 file gettext-base libkeyutils1 libkrb5support0 
> libk5crypto3 libkrb5-3 libgss
> 23967 pts/0S+ 0:00  \_ /bin/sh -e 
> /var/lib/dpkg/info/octave3.0.postinst configure 
> 23976 pts/0R+   1987:42  \_ octave-3.0.5 --silent 
> --no-history --no-init-file --eval pkg ('rebuild');
> 
> strace -p 23976
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
> [...] runs infitive

Maybe we guessed wrong with the kernel bug:

23:35 < sgran> 21:35:08.474724 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
-opost -isig -icanon -echo ...}) = 0
23:35 < sgran> 21:35:08.474887 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
-opost -isig -icanon -echo ...}) = 0
23:35 < sgran> 21:35:08.840969 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
-opost -isig -icanon -echo ...}) = 0
23:35 < sgran> 21:35:08.841159 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B0 
-opost -isig -icanon -echo ...}) = 0

This is what happens on ia64.

Kind regards,
Philipp Kern


signature.asc
Description: Digital signature

Processed: setting package to libmediastreamer-dev libortp8 liblinphone-dev linphone-nox linphone linphone-common libortp-dev libmediastreamer0 liblinphone3 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> #linphone (3.1.1-2) unstable; urgency=low
> #
> #  * Fix "linphone_3.1.1-1(mips/unstable): FTBFS on mips: missing
> #intltool" added Build-Depends: intltool (Closes: #525052)
> #
> package libmediastreamer-dev libortp8 liblinphone-dev linphone-nox linphone 
> linphone-common libortp-dev libmediastreamer0 liblinphone3
Ignoring bugs not assigned to: libmediastreamer-dev linphone-nox 
liblinphone-dev libortp8 linphone linphone-common libortp-dev libmediastreamer0 
liblinphone3

> tags 525052 + pending
Bug#525052: linphone_3.1.1-1(mips/unstable): FTBFS on mips: missing intltool
There were no tags set.
Tags added: pending

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#521306: marked as done (libtcnative-1: tomcat6 fails to start with "Socket bind failed: [22] Invalid argument")

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 21:02:40 +
with message-id 
and subject line Bug#521306: fixed in tomcat-native 1.1.16-1
has caused the Debian Bug report #521306,
regarding libtcnative-1: tomcat6 fails to start with "Socket bind failed: [22] 
Invalid argument"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
521306: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521306
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libtcnative-1
Version: 1.1.13-1
Severity: grave

Installing this package causes tomcat6 to stop functioning, giving the
following log messages at startup:

2009-mar-26 15:09:52 org.apache.coyote.http11.Http11AprProtocol init
ALLVARLIG: Error initializing endpoint
java.lang.Exception: Socket bind failed: [22] Invalid argument
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:612)
at 
org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
at 
org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
at 
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at 
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)

Ubuntu bug (fixed):
  https://bugs.launchpad.net/tomcat6/+bug/287645

Reportedly fixed in tomcat-native 1.1.15.

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-openvz-amd64 (SMP w/4 CPU cores)
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libtcnative-1 depends on:
ii  libapr1   1.3.3-3The Apache Portable Runtime Librar
ii  libc6 2.9-4  GNU C Library: Shared libraries
ii  libssl0.9.8   0.9.8g-15  SSL shared libraries
ii  libuuid1  1.41.3-1   universally unique id library

libtcnative-1 recommends no packages.

libtcnative-1 suggests no packages.

-- no debconf information



--- End Message ---
--- Begin Message ---
Source: tomcat-native
Source-Version: 1.1.16-1

We believe that the bug you reported is fixed in the latest version of
tomcat-native, which is due to be installed in the Debian FTP archive:

libtcnative-1_1.1.16-1_amd64.deb
  to pool/main/t/tomcat-native/libtcnative-1_1.1.16-1_amd64.deb
tomcat-native_1.1.16-1.diff.gz
  to pool/main/t/tomcat-native/tomcat-native_1.1.16-1.diff.gz
tomcat-native_1.1.16-1.dsc
  to pool/main/t/tomcat-native/tomcat-native_1.1.16-1.dsc
tomcat-native_1.1.16.orig.tar.gz
  to pool/main/t/tomcat-native/tomcat-native_1.1.16.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 521...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Damien Raude-Morvan  (supplier of updated tomcat-native 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sun, 29 Mar 2009 15:40:58 +0200
Source: tomcat-native
Binary: libtcnative-1
Architecture: source amd64
Version: 1.1.16-1
Distribution: unstable
Urgency: low
Maintainer: Debian Java Maintainers 

Changed-By: Damien Raude-Morvan 
Description: 
 libtcnative-1 - Tomcat native library using the apache portable runtime
Closes: 514500 517163 521306
Changes: 
 tomcat-native (1.1.16-1) unstable; urgency=low
 .
   * New upstream release (Closes: #514500)
 - Fix IPv6 issues (Closes: #517163, #521306)
   * debian/control:
 - Move libtcnative-1 to "java" section
 - Add myself to Uploaders
 - Bump Standards-Versio

Bug#512498: marked as done (rhino: NPE at startup)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 21:02:35 +
with message-id 
and subject line Bug#512498: fixed in rhino 1.7R2-1
has caused the Debian Bug report #512498,
regarding rhino: NPE at startup
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
512498: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512498
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: rhino
Version: 1.7R2~pre-2
Severity: serious

rhino throws NullPointerException when invoked from the command line:

~$ rhino
Exception in thread "main" java.lang.NullPointerException
at org.mozilla.javascript.Kit.classOrNull(Kit.java:92)
at 
org.mozilla.javascript.tools.shell.ShellLine.getStream(ShellLine.java:65)
at org.mozilla.javascript.tools.shell.Global.init(Global.java:153)
at org.mozilla.javascript.tools.shell.Global$1.run(Global.java:108)
at org.mozilla.javascript.Context.call(Context.java:502)
at org.mozilla.javascript.ContextFactory.call(ContextFactory.java:511)
at org.mozilla.javascript.tools.shell.Global.init(Global.java:105)
at org.mozilla.javascript.tools.shell.Main.exec(Main.java:158)
at org.mozilla.javascript.tools.shell.Main.main(Main.java:140)

This does not happen with 1.7R1-2.

-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.28-melech (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages rhino depends on:
ii  default-jre [java2-runtime]  1.5-30  Standard Java or Java compatible R
ii  ibm-j2sdk1.6 [java2-runtime] 1.6.0   Java(TM) JDK, Standard Edition, IB
ii  jamvm [java1-runtime]1.5.1-3 virtual machine which conforms to 
ii  java-gcj-compat [java2-runti 1.0.78-2Java runtime environment using GIJ
ii  openjdk-6-jre [java2-runtime 6b14-1~exp1 OpenJDK Java runtime, using Hotspo

rhino recommends no packages.

Versions of packages rhino suggests:
pn  rhino-doc  (no description available)

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: rhino
Source-Version: 1.7R2-1

We believe that the bug you reported is fixed in the latest version of
rhino, which is due to be installed in the Debian FTP archive:

rhino-doc_1.7R2-1_all.deb
  to pool/main/r/rhino/rhino-doc_1.7R2-1_all.deb
rhino_1.7R2-1.diff.gz
  to pool/main/r/rhino/rhino_1.7R2-1.diff.gz
rhino_1.7R2-1.dsc
  to pool/main/r/rhino/rhino_1.7R2-1.dsc
rhino_1.7R2-1_all.deb
  to pool/main/r/rhino/rhino_1.7R2-1_all.deb
rhino_1.7R2.orig.tar.gz
  to pool/main/r/rhino/rhino_1.7R2.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 512...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Damien Raude-Morvan  (supplier of updated rhino package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 13 Apr 2009 02:40:15 +0200
Source: rhino
Binary: rhino rhino-doc
Architecture: source all
Version: 1.7R2-1
Distribution: unstable
Urgency: low
Maintainer: Debian Java Maintainers 

Changed-By: Damien Raude-Morvan 
Description: 
 rhino  - JavaScript engine written in Java
 rhino-doc  - Documentation for rhino Java Script Engine
Closes: 512498
Changes: 
 rhino (1.7R2-1) unstable; urgency=low
 .
   [ Marcus Better ]
   * Updated package descriptions.
 .
   [ Matthias Klose ]
   * (Build-)depend on default-jre-headless/-jdk.
   * Drop alternate dependencies on java2-runtime-headless and
 java2-runtime-headless. The binary package is currently built to
 require a java5 runtime.
 .
   [ Damien Raude-Morvan ]
   * New upstream release.
 - new 02_exclude-jdk15 patch to exclude already compiled classes
   for jdk15 rebuild: gcj doesn't handle compiling classes already
   on its classpath
 - new "rhino-debugger" launcher for Rhino Debugger Swing UI
 - update "rhino" launcher to exclude OpenJDK bundled rhino (Closes: 
#512498)
   * debian/{postinst,prerm }: scripts should take care of errors,
 add set -e before any instruction
   * debian/rules: add new get-ori

Bug#525064: pstoedit: FTBFS: Obsolete Build-Depends

[Daniel Schepler]

Package: pstoedit
Version: 3.45-4
Severity: serious

The pstoedit source package has a versioned Build-Depends on libmagick++9-dev, 
which has been removed from sid and replaced with libmagick++-dev.
-- 
Daniel Schepler




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#494902: spikeproxy: patch which fix the bug

[Emmanuel Bouthenot]

tags 494902 + patch
thanks

Hi,

Attached is a patch which fix the bug.


Cheers,

M.

-- 
Emmanuel Bouthenot
 mail : kol...@openics.org
  gpg : 0x414EC36E
 xmpp : kol...@im.openics.org
  irc : kolter@(freenode|oftc)
diff -u spkproxy-1.4.8/debian/changelog spkproxy-1.4.8/debian/changelog
--- spkproxy-1.4.8/debian/changelog
+++ spkproxy-1.4.8/debian/changelog
@@ -1,3 +1,11 @@
+spkproxy (1.4.8-4.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Change dependency from python-pyopenssl to python-openssl
+(Closes: #494902)
+
+ -- Emmanuel Bouthenot   Mon, 21 Apr 2009 18:53:26 +
+
 spkproxy (1.4.8-4) unstable; urgency=low
 
   * Acknowledge NMU, thanks Ana for the patch. (Closes: #380960)
diff -u spkproxy-1.4.8/debian/control spkproxy-1.4.8/debian/control
--- spkproxy-1.4.8/debian/control
+++ spkproxy-1.4.8/debian/control
@@ -8,7 +8,7 @@
  
 Package: spikeproxy
 Architecture: all
-Depends: ${python:Depends}, python-pyopenssl
+Depends: ${python:Depends}, python-openssl
 Description: Web application security testing proxy
  SPIKE proXy is part of the SPIKE Application Testing Suite, 
  It functions as an HTTP and HTTPS proxy, and allows the web developer

Bug#525048: sort: sefaults

[Otavio Salvador]

Hello Michael,

On Tue, Apr 21, 2009 at 4:02 PM, Michael Stone  wrote:
> On Tue, Apr 21, 2009 at 03:43:21PM -0300, you wrote:
>>
>> $: sort -um -o list list work
>
> I'll look at the segfault, but I'm not sure that was ever guaranteed to give
> a useful result (you're overwriting an input file).

Yes, it works nicely in stable release (hence the notfound usage) so it
qualifies as a regression IMO.

-- 
Otavio Salvador  O.S. Systems
E-mail: ota...@ossystems.com.br  http://www.ossystems.com.br
Mobile: +55 53 9981-7854 http://projetos.ossystems.com.br



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#452470: marked as done (Recommends fop, which is outside main (in contrib))

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 19:54:04 +
with message-id 
and subject line Bug#452470: fixed in asciidoc 8.2.7-3~lenny1
has caused the Debian Bug report #452470,
regarding Recommends fop, which is outside main (in contrib)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
452470: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452470
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: asciidoc
Version: 8.2.2-1
Severity: important
User: debian-rele...@lists.debian.org
Usertags: goal-recommends

Hi!

I observed that your package recommends the following packages which
are not in main. Specifically, these packages in the "Recommends" 
field are in contrib or non-free:

fop: contrib/text

Please consider correcting this problem, as it is a Lenny release
goal[1].

Thanks.

Kumar

[1]: http://lists.debian.org/debian-devel-announce/2007/07/msg00013.html
-- 
Kumar Appaiah,
458, Jamuna Hostel,
Indian Institute of Technology Madras,
Chennai - 600 036



--- End Message ---
--- Begin Message ---
Source: asciidoc
Source-Version: 8.2.7-3~lenny1

We believe that the bug you reported is fixed in the latest version of
asciidoc, which is due to be installed in the Debian FTP archive:

asciidoc_8.2.7-3~lenny1.diff.gz
  to pool/main/a/asciidoc/asciidoc_8.2.7-3~lenny1.diff.gz
asciidoc_8.2.7-3~lenny1.dsc
  to pool/main/a/asciidoc/asciidoc_8.2.7-3~lenny1.dsc
asciidoc_8.2.7-3~lenny1_all.deb
  to pool/main/a/asciidoc/asciidoc_8.2.7-3~lenny1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 452...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Holger Levsen  (supplier of updated asciidoc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 26 Mar 2009 10:40:42 +0100
Source: asciidoc
Binary: asciidoc
Architecture: source all
Version: 8.2.7-3~lenny1
Distribution: stable-proposed-updates
Urgency: low
Maintainer: Fredrik Steen 
Changed-By: Holger Levsen 
Description: 
 asciidoc   - Highly configurable text format for writing documentation
Closes: 452470 494531 496987
Changes: 
 asciidoc (8.2.7-3~lenny1) stable-proposed-updates; urgency=low
 .
   * Non-maintainer upload with maintainer approval.
   * Replace fop with dblatex (Closes: #452470)
   * Install dblatex supportfiles (Closes: #494531, #496987)
Checksums-Sha1: 
 ee1e12909c51d9c732c07465b115e8606b1f1530 1110 asciidoc_8.2.7-3~lenny1.dsc
 717fc9a0d9c021f312a376d347b0ffbf9119333d 4511 asciidoc_8.2.7-3~lenny1.diff.gz
 edd4dff0b92c08b081e1943d14b27e927ca747de 824674 asciidoc_8.2.7-3~lenny1_all.deb
Checksums-Sha256: 
 87a4f2ed8fed926cd47c1605fb439feaf8e206af127b4c434c48494a128b56da 1110 
asciidoc_8.2.7-3~lenny1.dsc
 96184230163f2030f78b1b413e69e0e7d657fa9d1788bbf625f45181ba5ec6fb 4511 
asciidoc_8.2.7-3~lenny1.diff.gz
 f310795e917ee72bfabdde71adc377d41aea8624061a6daca0564219db136510 824674 
asciidoc_8.2.7-3~lenny1_all.deb
Files: 
 36abb3ec018232e0dc11196a4a9bb87e 1110 text optional asciidoc_8.2.7-3~lenny1.dsc
 e70d993eb5c04203853ab45947f3c7a1 4511 text optional 
asciidoc_8.2.7-3~lenny1.diff.gz
 bc87f16008442817d3daa56c89ec482b 824674 text optional 
asciidoc_8.2.7-3~lenny1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJy08YUHLQNqxYNSARAtvpAJ9rQwzQ4T38CDchrq0iyQou94cu9wCgmxRU
DxOe65F1Q+HrPwrxpqxzqAQ=
=qZUe
-END PGP SIGNATURE-


--- End Message ---

Bug#523016: marked as done (clamav vulnerability)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 19:53:50 +
with message-id 
and subject line Bug#523016: fixed in clamav 0.94.dfsg.2-1lenny2
has caused the Debian Bug report #523016,
regarding clamav vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
523016: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523016
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: clamav
severity: grave
tags: security

hi,

ubuntu recently patched a problem in clamav [1].  the description is:

  It was discovered that ClamAV did not properly verify its input when
  processing TAR archives. A remote attacker could send a specially
  crafted TAR file and cause a denial of service via infinite loop.

  It was discovered that ClamAV did not properly validate Portable
  Executable (PE) files. A remote attacker could send a crafted PE file
  and cause a denial of service (divide by zero).

i'm not sure if this is CVE-2009-1241 or if it a new issue.

[1] http://www.ubuntu.com/usn/usn-754-1


--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.94.dfsg.2-1lenny2

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive:

clamav-base_0.94.dfsg.2-1lenny2_all.deb
  to pool/main/c/clamav/clamav-base_0.94.dfsg.2-1lenny2_all.deb
clamav-daemon_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1lenny2_amd64.deb
clamav-dbg_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1lenny2_amd64.deb
clamav-docs_0.94.dfsg.2-1lenny2_all.deb
  to pool/main/c/clamav/clamav-docs_0.94.dfsg.2-1lenny2_all.deb
clamav-freshclam_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1lenny2_amd64.deb
clamav-milter_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/clamav-milter_0.94.dfsg.2-1lenny2_amd64.deb
clamav-testfiles_0.94.dfsg.2-1lenny2_all.deb
  to pool/main/c/clamav/clamav-testfiles_0.94.dfsg.2-1lenny2_all.deb
clamav_0.94.dfsg.2-1lenny2.diff.gz
  to pool/main/c/clamav/clamav_0.94.dfsg.2-1lenny2.diff.gz
clamav_0.94.dfsg.2-1lenny2.dsc
  to pool/main/c/clamav/clamav_0.94.dfsg.2-1lenny2.dsc
clamav_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/clamav_0.94.dfsg.2-1lenny2_amd64.deb
libclamav-dev_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1lenny2_amd64.deb
libclamav5_0.94.dfsg.2-1lenny2_amd64.deb
  to pool/main/c/clamav/libclamav5_0.94.dfsg.2-1lenny2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 523...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tautschnig  (supplier of updated clamav package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 14 Apr 2009 16:53:46 +0200
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav5 
clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source all amd64
Version: 0.94.dfsg.2-1lenny2
Distribution: stable-security
Urgency: low
Maintainer: ClamAV Team 
Changed-By: Michael Tautschnig 
Description: 
 clamav - anti-virus utility for Unix - command-line interface
 clamav-base - anti-virus utility for Unix - base package
 clamav-daemon - anti-virus utility for Unix - scanner daemon
 clamav-dbg - debug symbols for ClamAV
 clamav-docs - anti-virus utility for Unix - documentation
 clamav-freshclam - anti-virus utility for Unix - virus database update utility
 clamav-milter - anti-virus utility for Unix - sendmail integration
 clamav-testfiles - anti-virus utility for Unix - test files
 libclamav-dev - anti-virus utility for Unix - development files
 libclamav5 - anti-virus utility for Unix - library
Closes: 522744 523016
Changes: 
 clamav (0.94.dfsg.2-1lenny2) stable-security; urgency=low
 .
   [ Scott Kittermann ]
   * Backported change from 0.95 of FLEVEL_DCONF to be able to re-enable
 signatures when security issues have been fixed.
   * Security issues addressed in this release (closes: #523016, 522744):
 - [CVE-2008-6680] Fixed division by zero with --detect-broken.
 - [CVE-2009-1270] clamd and clamscan get hung up.
 .
   [ Michael Tautschnig ]
   * B

Bug#522813: marked as done (multipath-tools: CVE-2009-0115 insecure permissions of control socket)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 19:54:02 +
with message-id 
and subject line Bug#522813: fixed in multipath-tools 0.4.8-14+lenny1
has caused the Debian Bug report #522813,
regarding multipath-tools: CVE-2009-0115 insecure permissions of control socket
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
522813: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522813
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: multipath-tools
Severity: grave
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for multipath-tools.

CVE-2009-0115[0]:
| multipath-tools in SUSE openSUSE 10.3 through 11.0 and SUSE Linux
| Enterprise Server (SLES) 10 uses world-writable permissions for the
| socket file (aka /var/run/multipathd.sock), which allows local users
| to send arbitrary commands to the multipath daemon.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0115
http://security-tracker.debian.net/tracker/CVE-2009-0115

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpaZpop8IMrA.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: multipath-tools
Source-Version: 0.4.8-14+lenny1

We believe that the bug you reported is fixed in the latest version of
multipath-tools, which is due to be installed in the Debian FTP archive:

kpartx_0.4.8-14+lenny1_powerpc.deb
  to pool/main/m/multipath-tools/kpartx_0.4.8-14+lenny1_powerpc.deb
multipath-tools-boot_0.4.8-14+lenny1_all.deb
  to pool/main/m/multipath-tools/multipath-tools-boot_0.4.8-14+lenny1_all.deb
multipath-tools_0.4.8-14+lenny1.diff.gz
  to pool/main/m/multipath-tools/multipath-tools_0.4.8-14+lenny1.diff.gz
multipath-tools_0.4.8-14+lenny1.dsc
  to pool/main/m/multipath-tools/multipath-tools_0.4.8-14+lenny1.dsc
multipath-tools_0.4.8-14+lenny1_powerpc.deb
  to pool/main/m/multipath-tools/multipath-tools_0.4.8-14+lenny1_powerpc.deb
multipath-udeb_0.4.8-14+lenny1_powerpc.udeb
  to pool/main/m/multipath-tools/multipath-udeb_0.4.8-14+lenny1_powerpc.udeb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 522...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther  (supplier of updated multipath-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 06 Apr 2009 20:03:48 +0200
Source: multipath-tools
Binary: multipath-tools kpartx multipath-tools-boot multipath-udeb
Architecture: source powerpc all
Version: 0.4.8-14+lenny1
Distribution: stable-security
Urgency: low
Maintainer: Debian LVM Team 
Changed-By: Guido Günther 
Description: 
 kpartx - create device mappings for partitions
 multipath-tools - maintain multipath block device access
 multipath-tools-boot - Support booting from multipath devices
 multipath-udeb - maintain multipath block device access (udeb)
Closes: 522813
Changes: 
 multipath-tools (0.4.8-14+lenny1) stable-security; urgency=low
 .
   * [3d76714] fix umask of multipathd socket (CVE-2009-0115). Upstream
 commit 0a0319d381249760c71023edbe0ac9c093bb4a74. (Closes: #522813)
Checksums-Sha1: 
 182770d7d7c3d81b2b469e47c4478b48e44d2e14 1375 
multipath-tools_0.4.8-14+lenny1.dsc
 e538c62b14c993d392e3dddb823b06720378a8d0 202446 
multipath-tools_0.4.8.orig.tar.gz
 d95402d28b8327db358e4ca0b7b2a12f3aa63b29 22746 
multipath-tools_0.4.8-14+lenny1.diff.gz
 cfcbb73941a3814fd0600d244ffad446e4a742c8 182596 
multipath-tools_0.4.8-14+lenny1_powerpc.deb
 644a779e53f68dce150e64a193bdf9d90c4d384a 29824 
kpartx_0.4.8-14+lenny1_powerpc.deb
 e077c217967baaf8161607dc57379e633b623e37 10886 
multipath-tools-boot_0.4.8-14+lenny1_all.deb
 9a0489582e4467682fff8ab9b320749c3c9abe25 98676 
multipath-udeb_0.4.8-14+lenny1_powerpc.udeb
Checksums-Sha256: 
 876eb1ce2f00894c982ef269879a39e54d1c2bef105c8d5b4c8be931b083e751 1375 
multipath-tools_0.4.8-14+lenny1.dsc
 a3cb242717c907e287088df2b1f161b78bfd40193d0c3faf20c65825bb84a2a4 202446 
multipath-tools_0.4.8.orig.tar.gz
 7255436c00c9874eada1ec6b4b629a7558898f439578e7905cd

Bug#516669: marked as done (files owned by !root)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 19:53:56 +
with message-id 
and subject line Bug#516669: fixed in git-core 1:1.5.6.5-3+lenny1
has caused the Debian Bug report #516669,
regarding files owned by !root
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
516669: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516669
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: git-core
Version: 1:1.5.6.5-3
Severity: serious
Tags: security

Files in /usr/share/git-core are not owned by root on lenny/alpha.

wea...@intrepid:~/tmp$ wget -nv 
http://ftp.at.debian.org/debian/pool/main/g/git-core/git-core_1.5.6.5-3_alpha.deb
2009-02-23 00:40:33 
URL:http://ftp.at.debian.org/debian/pool/main/g/git-core/git-core_1.5.6.5-3_alpha.deb
 [3819436/3819436] -> "git-core_1.5.6.5-3_alpha.deb" [1]
wea...@intrepid:~/tmp$ ar x git-core_1.5.6.5-3_alpha.deb
wea...@intrepid:~/tmp$ tar tzvf data.tar.gz | grep share/git-core
drwxr-xr-x root/root 0 2009-02-12 08:19 ./usr/share/git-core/
drwxr-xr-x buildd/buildd 0 2009-02-12 08:14 ./usr/share/git-core/templates/
drwxr-xr-x buildd/buildd 0 2009-02-12 08:14 
./usr/share/git-core/templates/branches/
-rw-r--r-- buildd/buildd58 2008-08-07 01:38 
./usr/share/git-core/templates/description
drwxr-xr-x buildd/buildd 0 2009-02-12 08:14 
./usr/share/git-core/templates/hooks/
-rw-r--r-- buildd/buildd   207 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/post-update
-rw-r--r-- buildd/buildd   441 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/applypatch-msg
-rw-r--r-- buildd/buildd  1196 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/prepare-commit-msg
-rw-r--r-- buildd/buildd   887 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/commit-msg
-rw-r--r-- buildd/buildd  4262 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/pre-rebase
-rw-r--r-- buildd/buildd   510 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/post-receive
-rw-r--r-- buildd/buildd   387 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/pre-applypatch
-rw-r--r-- buildd/buildd   152 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/post-commit
-rw-r--r-- buildd/buildd  1706 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/pre-commit
-rw-r--r-- buildd/buildd  2910 2008-08-07 01:38 
./usr/share/git-core/templates/hooks/update
drwxr-xr-x buildd/buildd 0 2009-02-12 08:14 
./usr/share/git-core/templates/info/
-rw-r--r-- buildd/buildd   240 2008-08-07 01:38 
./usr/share/git-core/templates/info/exclude
wea...@intrepid:~/tmp$ 


--- End Message ---
--- Begin Message ---
Source: git-core
Source-Version: 1:1.5.6.5-3+lenny1

We believe that the bug you reported is fixed in the latest version of
git-core, which is due to be installed in the Debian FTP archive:

git-arch_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-arch_1.5.6.5-3+lenny1_all.deb
git-core_1.5.6.5-3+lenny1.diff.gz
  to pool/main/g/git-core/git-core_1.5.6.5-3+lenny1.diff.gz
git-core_1.5.6.5-3+lenny1.dsc
  to pool/main/g/git-core/git-core_1.5.6.5-3+lenny1.dsc
git-core_1.5.6.5-3+lenny1_powerpc.deb
  to pool/main/g/git-core/git-core_1.5.6.5-3+lenny1_powerpc.deb
git-cvs_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-cvs_1.5.6.5-3+lenny1_all.deb
git-daemon-run_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-daemon-run_1.5.6.5-3+lenny1_all.deb
git-doc_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-doc_1.5.6.5-3+lenny1_all.deb
git-email_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-email_1.5.6.5-3+lenny1_all.deb
git-gui_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-gui_1.5.6.5-3+lenny1_all.deb
git-svn_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/git-svn_1.5.6.5-3+lenny1_all.deb
gitk_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/gitk_1.5.6.5-3+lenny1_all.deb
gitweb_1.5.6.5-3+lenny1_all.deb
  to pool/main/g/git-core/gitweb_1.5.6.5-3+lenny1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 516...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gerrit Pape  (supplier of updated git-core package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 23 Feb 2009 13:50:14 +
Source: git-core
Binary: git-cor

Bug#524023: lilypond's problems with guile 1.8.6

[Thomas Bushnell BSG]

On Tue, 2009-04-21 at 14:06 +0200, Vincent Fourmond wrote:
> severity 524023 grave
> thanks
> 
>   Hello,
> 
>   As lilypond simply does not work in unstable, I'm raising the
> severity to grave. The patch mentionned in the bug report files works
> perfectly fine. I hereby announce my intention to NMU lilypond within
> a few days, unless you wish me not to do it (in which case, please
> upload a fix !).

My intention is to upload the latest stable lilypond version tonight...

Thomas





-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525034: marked as done (python-nevow: Fails to install: pycentral pkginstall not overwriting local files)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 19:32:11 +
with message-id 
and subject line Bug#525034: fixed in nevow 0.9.33-4
has caused the Debian Bug report #525034,
regarding python-nevow: Fails to install: pycentral pkginstall not overwriting 
local files
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
525034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525034
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-nevow
Version: 0.9.33-3
Severity: grave

From my pbuilder build log for kiwi:

...
Setting up python-twisted-bin (8.2.0-2+pb1) ...
Setting up python-zopeinterface (3.3.1-7+pb1) ...
Setting up python-twisted-core (8.2.0-2+pb1) ...
Setting up python-twisted-web (8.2.0-2+pb1) ...
Setting up python-nevow (0.9.33-3+pb1) ...
pycentral: pycentral pkginstall: not overwriting local files:
  /usr/lib/python2.4/site-packages/twisted/plugins/dropin.cache
pycentral pkginstall: not overwriting local files:
  /usr/lib/python2.4/site-packages/twisted/plugins/dropin.cache
dpkg: error processing python-nevow (--configure):
 subprocess post-installation script returned error exit status 1
Setting up python-pkg-resources (0.6c9-2+pb1) ...
dpkg: dependency problems prevent configuration of python-pydoctor:
 python-pydoctor depends on python-nevow; however:
  Package python-nevow is not configured yet.
dpkg: error processing python-pydoctor (--configure):
 dependency problems - leaving unconfigured
Setting up python-setuptools (0.6c9-2+pb1) ...
Setting up xfonts-encodings (1:1.0.2-3+pb2) ...
Setting up xfonts-utils (1:7.4+1+pb1) ...
Setting up xfonts-base (1:1.0.0-6+pb1) ...
Setting up xserver-common (2:1.6.1-1+pb1) ...
Setting up libaudit0 (1.7.12-1+pb1) ...
Setting up xvfb (2:1.6.1-1+pb1) ...
Processing triggers for python-support ...
Errors were encountered while processing:
 python-nevow
 python-pydoctor
E: Sub-process /usr/bin/dpkg returned an error code (1)
-- 
Daniel Schepler



--- End Message ---
--- Begin Message ---
Source: nevow
Source-Version: 0.9.33-4

We believe that the bug you reported is fixed in the latest version of
nevow, which is due to be installed in the Debian FTP archive:

nevow_0.9.33-4.diff.gz
  to pool/main/n/nevow/nevow_0.9.33-4.diff.gz
nevow_0.9.33-4.dsc
  to pool/main/n/nevow/nevow_0.9.33-4.dsc
python-nevow_0.9.33-4_all.deb
  to pool/main/n/nevow/python-nevow_0.9.33-4_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 525...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Vincent Bernat  (supplier of updated nevow package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 21 Apr 2009 21:14:21 +0200
Source: nevow
Binary: python-nevow
Architecture: source all
Version: 0.9.33-4
Distribution: unstable
Urgency: low
Maintainer: Vincent Bernat 
Changed-By: Vincent Bernat 
Description: 
 python-nevow - Web application templating system for Python and Twisted
Closes: 525034
Changes: 
 nevow (0.9.33-4) unstable; urgency=low
 .
   * Don't ship dropin.cache. Closes: #525034.
Checksums-Sha1: 
 234485f50873c68beed97680b7febc8c49cf72f7 1456 nevow_0.9.33-4.dsc
 85af1669c45e2ac9ebb3615aaa9616b593f04307 6227 nevow_0.9.33-4.diff.gz
 df51b9be783dd590e18d2997d29c3cea1d0bf75e 566350 python-nevow_0.9.33-4_all.deb
Checksums-Sha256: 
 fa0f75933894ac258f6df705e7f4043b725b0563dcaedfb7a16d29a07d89495e 1456 
nevow_0.9.33-4.dsc
 caa46f6c5d220aa732b304ea6e18b1e22daf7257f4971f0070bcf18fb37ee583 6227 
nevow_0.9.33-4.diff.gz
 5d4a22ea5c2f4b3be39a743b0c83569ba31f5ae61654b9f06b211ce75e33bebe 566350 
python-nevow_0.9.33-4_all.deb
Files: 
 99b4a651028cf3b79346a548a244ac94 1456 python optional nevow_0.9.33-4.dsc
 8372cd5c3dd56b7be115b2464b4ea841 6227 python optional nevow_0.9.33-4.diff.gz
 cf7da61cf657485d7e1c5f7e07f3fe6c 566350 python optional 
python-nevow_0.9.33-4_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknuHMAACgkQKFvXofIqeU5j2gCgl7ar8flM6ZAw9gadaN69blvA
HjwAn3uRbaOnZm6rqFaq0+sdipnzepeJ
=qllU
-END PGP SIGNATURE-


--- End Message ---

Bug#524745: Postinst seems to run forever on mipsel

[Martin Zobel-Helas]

Hi,

here some more infos:

21029 ?S  0:00  \_ sh -c /usr/bin/sudo /usr/bin/apt-get --purge 
-o Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status -o 
DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o DPkg::R
21030 ?S  0:03  \_ /usr/bin/apt-get --purge -o 
Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status -o 
DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o 
DPkg::Run-Directory=/ho
22519 pts/0Ss+0:00  \_ /usr/bin/dpkg 
--root=/home/buildd/build/chroot-unstable --force-confold --status-fd 14 
--configure libmagic1 file gettext-base libkeyutils1 libkrb5support0 
libk5crypto3 libkrb5-3 libgss
23967 pts/0S+ 0:00  \_ /bin/sh -e 
/var/lib/dpkg/info/octave3.0.postinst configure 
23976 pts/0R+   1987:42  \_ octave-3.0.5 --silent 
--no-history --no-init-file --eval pkg ('rebuild');

strace -p 23976
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0
[...] runs infitive

Hope that helps

Greetings
Martin


-- 
 Martin Zobel-Helas   | Debian System Administrator
 Debian & GNU/Linux Developer   |   Debian Listmaster
 Public key http://zobel.ftbfs.de/5d64f870.asc   -   KeyID: 5D64 F870
 GPG Fingerprint:  5DB3 1301 375A A50F 07E7  302F 493E FB8E 5D64 F870




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Small fix

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 518031 +patch
Bug#518031: doxygen: Segmentation Fault building documentation
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#518031: Small fix

[Leandro Lucarella]

tags 518031 +patch
thanks

There is a small patch in a Gentoo bug that seems to work fine (I've
tested it with doxygen 1.5.8-1 package and applied and worked just fine):
http://bugs.gentoo.org/show_bug.cgi?id=266693

-- 
Leandro Lucarella
Integratech S.A.
4571-5252



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 525034 + pending
Bug#525034: python-nevow: Fails to install: pycentral pkginstall not 
overwriting local files
There were no tags set.
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: tagging 524972

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 524972 + pending
Bug#524972: Source package contains non-free IETF RFC/I-D
There were no tags set.
Tags added: pending

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525054: setroubleshoot_2.1.9-1(mips/unstable): FTBFS on mips: missing builddependency ?

[Peter De Schrijver]

Package: setroubleshoot
Version: 2.1.9-1
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of setroubleshoot_2.1.9-1 on mayr by sbuild/mips 99.999
> Build started at 20090420-1347

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>= 7), quilt, autotools-dev, python, python-support 
> (>= 0.6), xdg-utils, gettext, intltool, libxml-parser-perl, libnotify-dev, 
> libgtk2.0-dev, libaudit-dev

[...]

> gcc  -g -O2  -Wl,-z,defs -o seapplet seapplet.o sedbus.o  -lnotify 
> -lgtk-x11-2.0 -ldbus-glib-1 -lgdk-x11-2.0 -latk-1.0 -lpangoft2-1.0 
> -lgdk_pixbuf-2.0 -lm -lpangocairo-1.0 -lgio-2.0 -lcairo -lpango-1.0 
> -lfreetype -lfontconfig -lgmodule-2.0 -ldbus-1 -lgobject-2.0 -lglib-2.0
> -lauparse -lselinux
> /usr/bin/ld: cannot find -lselinux
> collect2: ld returned 1 exit status
> make[5]: *** [seapplet] Error 1
> make[5]: Leaving directory `/build/buildd/setroubleshoot-2.1.9/src'
> make[4]: *** [all-recursive] Error 1
> make[4]: Leaving directory `/build/buildd/setroubleshoot-2.1.9/src'
> make[3]: *** [all] Error 2
> make[3]: Leaving directory `/build/buildd/setroubleshoot-2.1.9/src'
> make[2]: *** [all-recursive] Error 1
> make[2]: Leaving directory `/build/buildd/setroubleshoot-2.1.9'
> make[1]: *** [all] Error 2
> make[1]: Leaving directory `/build/buildd/setroubleshoot-2.1.9'
> make: *** [build-stamp] Error 2
> dpkg-buildpackage: failure: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=mips&pkg=setroubleshoot&ver=2.1.9-1




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525052: linphone_3.1.1-1(mips/unstable): FTBFS on mips: missing intltool

[Peter De Schrijver]

Package: linphone
Version: 3.1.1-1
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of linphone_3.1.1-1 on mayr by sbuild/mips 99.999
> Build started at 20090421-1359

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>= 7), dpkg-dev (>= 1.13.19), cdbs, autoconf, 
> automake1.9, autotools-dev, libtool, pkg-config, libglib2.0-dev, libosip2-dev 
> (>= 3.0.3-2), libexosip2-dev (>= 3.0.3-2), libasound2-dev, libspeex-dev (>= 
> 1.1.12), libspeexdsp-dev, libsamplerate0-dev, libxml-parser-perl, 
> libgtk2.0-dev, libglade2-dev, libtheora-dev, dpatch, libavcodec-dev, 
> libreadline5-dev, libsdl1.2-dev, libswscale-dev, doxygen

[...]

> checking whether we are using the GNU C compiler... (cached) yes
> checking whether cc accepts -g... (cached) yes
> checking for cc option to accept ISO C89... (cached) none needed
> checking dependency style of cc... (cached) none
> checking how to run the C preprocessor... cc -E
> checking for grep that handles long lines and -e... /bin/grep
> checking for egrep... /bin/grep -E
> checking for ANSI C header files... yes
> checking whether NLS is requested... yes
> checking for intltool-update... no
> checking for intltool-merge... no
> checking for intltool-extract... no
> configure: error: The intltool scripts were not found. Please install 
> intltool.
> make: *** [config.status] Error 1
> dpkg-buildpackage: failure: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=mips&pkg=linphone&ver=3.1.1-1




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525048: sort: sefaults

[Michael Stone]

On Tue, Apr 21, 2009 at 03:43:21PM -0300, you wrote:

$: sort -um -o list list work


I'll look at the segfault, but I'm not sure that was ever guaranteed to 
give a useful result (you're overwriting an input file).


Mike Stone



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: notfound 525048 in 6.10-6

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> notfound 525048 6.10-6
Bug#525048: sort: sefaults
Bug no longer marked as found in version 6.10-6.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525048: sort: sefaults

[Otavio Salvador]

Package: coreutils
Version: 7.2-1
Severity: serious
Tags: d-i

Hello,

While updating d-i kernel I've found a regression in sort, against
stable.

$: sort -um -o list list work

The files are attached to easy the reproducability.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.28-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages coreutils depends on:
ii  libacl1   2.2.47-2   Access control list shared library
ii  libc6 2.9-7  GNU C Library: Shared libraries
ii  libselinux1   2.0.71-1   SELinux shared libraries

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information
kernel/drivers/acpi/fan.ko
kernel/drivers/acpi/processor.ko
kernel/drivers/acpi/thermal.ko
kernel/drivers/thermal/thermal_sys.ko
kernel/drivers/acpi/processor.ko
kernel/drivers/thermal/thermal_sys.ko

Bug#520706: [pkg-nvidia-devel] Bug#520706: nvidia-kernel-source: It is a KERNEL_SOURCE vs KERNEL_OUTPUT issue

[Lennart Sorensen]

On Tue, Apr 21, 2009 at 01:02:33PM +0200, Olivier Berger wrote:
> On Tue, Apr 07, 2009 at 04:23:53PM -0400, Lennart Sorensen wrote:
> > I just posted a patch to the mailing list that makes 180.29 build
> > perfectly with 2.6.29-2 and also works with linux-modules-nonfree-2.6,
> > which is something we have been trying to get going for a while now.
> > 
> 
> Would you care to share with the BTS the URL for such patch ?
> 
> FWIW, I experience similar issue, I suppose :

It is part of 180.44-2 release.  Make sure you rm -rf
/usr/src/modules/nvidia-kernel before using the new one.

> # m-a -t -l 2.6.29-1-686 a-i nvidia-kernel
> ...
> SNIP
> ...
> # Build the modules
> /usr/bin/make -C . LINUXDIR=/lib/modules/2.6.29-1-686/build 
> KVERREL=2.6.29-1-686
> make[2]: entrant dans le r?pertoire ? /usr/src/modules/nvidia-kernel ?
> make[2]: quittant le r?pertoire ? /usr/src/modules/nvidia-kernel ?
> # Install the modules
> dh_installdirs
> install -m 0644 /usr/src/modules/nvidia-kernel/debian/override 
> /usr/src/modules/nvidia-kernel/debian/nvidia-kernel-2.6.29-1-686/usr/share/lintian/overrides/nvidia-kernel-2.6.29-1-686
> install -m 0644 /usr/src/modules/nvidia-kernel/nvidia.ko 
> /usr/src/modules/nvidia-kernel/debian/nvidia-kernel-2.6.29-1-686/lib/modules/2.6.29-1-686/nvidia/nvidia.ko
>  ; \
> 
> install: ne peut ?valuer `/usr/src/modules/nvidia-kernel/nvidia.ko': Aucun 
> fichier ou dossier de ce type
> make[1]: *** [binary-modules] Erreur 1
> make[1]: quittant le r?pertoire ? /usr/src/modules/nvidia-kernel ?
> make: *** [kdist_build] Erreur 2
> BUILD FAILED!

-- 
Len Sorensen



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524849: ..#524849 work-around: hold libslang2 and first upgrade slsh, and thenafter libslang2

[Arnt Karlsen]

Package: libslang2
Version: 2.1.4-2
Severity: normal


...aptitude output; the bug whined:
Reading package fields... Done
Reading package status... Done
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
Reading changelogs...
(Reading database ... 952013 files and directories currently installed.)
Preparing to replace libslang2 2.1.4-1 (using .../libslang2_2.1.4-2_i386.deb) 
...
Unpacking replacement libslang2 ...
dpkg: error processing /var/cache/apt/archives/libslang2_2.1.4-2_i386.deb 
(--unpack):
 trying to overwrite `/usr/lib/slang/v2/modules/fcntl-module.so', which is also 
in package slsh
Errors were encountered while processing:
 /var/cache/apt/archives/libslang2_2.1.4-2_i386.deb
Updating Debian Packages of System Configurations (dpsyco).
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install.  Trying to recover:
Press return to continue.

...so I held back libslang2 to first upgrade slsh:
Reading package fields... Done
Reading package status... Done
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
Reading changelogs...
(Reading database ... 952013 files and directories currently installed.)
Preparing to replace slsh 2.1.4-1 (using .../archives/slsh_2.1.4-2_i386.deb) ...
Unpacking replacement slsh ...
Processing triggers for man-db ...
Setting up slsh (2.1.4-2) ...
Updating Debian Packages of System Configurations (dpsyco).
Press return to continue.

...and thenafter libslang2:
Reading package fields... Done
Reading package status... Done
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
Reading changelogs...
(Reading database ... 952003 files and directories currently installed.)
Preparing to replace libslang2 2.1.4-1 (using .../libslang2_2.1.4-2_i386.deb) 
...
Unpacking replacement libslang2 ...
Setting up libslang2 (2.1.4-2) ...
Updating Debian Packages of System Configurations (dpsyco).
Press return to continue.

Reading package lists... Done
Building dependency tree


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.29-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libslang2 depends on:
ii  libc6 2.9-7  GNU C Library: Shared libraries
ii  libpcre3  7.8-2+b1   Perl 5 Compatible Regular Expressi
ii  libpng12-01.2.35-1   PNG library - runtime

libslang2 recommends no packages.

libslang2 suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525042: openssl-blacklist: FTBFS: Permission denied on openssl-vulnkey

[Daniel Schepler]

Package: openssl-blacklist
Version: 0.5-1
Severity: serious

From my pbuilder build log:

...
 debian/rules build
dh_testdir
# Add here commands to configure the package.
touch configure-stamp
dh_testdir
# Add here commands to compile the package.
sh ./test.sh
no args: ./test.sh: line 40: ./openssl-vulnkey: Permission denied
PASS
no modulus: ./test.sh: line 48: ./openssl-vulnkey: Permission denied
PASS
no bits: ./test.sh: line 56: ./openssl-vulnkey: Permission denied
PASS

bad_req.csr: 
./test.sh: line 69: ./openssl-vulnkey: Permission denied
PASS

bad_req.csr (stdin): 
./test.sh: line 78: ./openssl-vulnkey: Permission denied
PASS

bad_x509.pem: 
./test.sh: line 69: ./openssl-vulnkey: Permission denied
PASS

bad_x509.pem (stdin): 
./test.sh: line 78: ./openssl-vulnkey: Permission denied
PASS

bad_rsa.key: 
./test.sh: line 69: ./openssl-vulnkey: Permission denied
PASS

bad_rsa.key (stdin): 
./test.sh: line 78: ./openssl-vulnkey: Permission denied
PASS

bad_rsa_4096.pem: 
./test.sh: line 69: ./openssl-vulnkey: Permission denied
PASS

bad_rsa_4096.pem (stdin): 
./test.sh: line 78: ./openssl-vulnkey: Permission denied
PASS

bad_x509_4096.pem: 
./test.sh: line 69: ./openssl-vulnkey: Permission denied
PASS

bad_x509_4096.pem (stdin): 
./test.sh: line 78: ./openssl-vulnkey: Permission denied
PASS

all bad files (examples/bad_req.csr examples/bad_x509.pem examples/bad_rsa.key 
examples/bad_rsa_4096.pem 
examples/bad_x509_4096.pem): 
./test.sh: line 88: ./openssl-vulnkey: Permission denied
PASS

bad modulus: 
./test.sh: line 97: ./openssl-vulnkey: Permission denied
PASS

good_req.csr: 
./test.sh: line 110: ./openssl-vulnkey: Permission denied
FAIL

good_req.csr (stdin): 
./test.sh: line 119: ./openssl-vulnkey: Permission denied
FAIL

good_x509.pem: 
./test.sh: line 110: ./openssl-vulnkey: Permission denied
FAIL

good_x509.pem (stdin): 
./test.sh: line 119: ./openssl-vulnkey: Permission denied
FAIL

good_rsa.key: 
./test.sh: line 110: ./openssl-vulnkey: Permission denied
FAIL

good_rsa.key (stdin): 
./test.sh: line 119: ./openssl-vulnkey: Permission denied
FAIL

all good files (examples/good_req.csr examples/good_x509.pem 
examples/good_rsa.key): 
./test.sh: line 129: ./openssl-vulnkey: Permission denied
FAIL

some bad files, some good files (examples/bad_req.csr examples/bad_x509.pem 
examples/bad_rsa.key 
examples/bad_rsa_4096.pem examples/bad_x509_4096.pem examples/good_req.csr 
examples/good_x509.pem 
examples/good_rsa.key): 
./test.sh: line 138: ./openssl-vulnkey: Permission denied
PASS

good modulus: 
./test.sh: line 147: ./openssl-vulnkey: Permission denied
FAIL

Non-existent file:
FAIL

Permission denied:
FAIL

--
FAILED
make: *** [build-stamp] Error 1
dpkg-buildpackage: failure: debian/rules build gave error exit status 2




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525034: python-nevow: Fails to install: pycentral pkginstall not overwriting local files

[Daniel Schepler]

Package: python-nevow
Version: 0.9.33-3
Severity: grave

From my pbuilder build log for kiwi:

...
Setting up python-twisted-bin (8.2.0-2+pb1) ...
Setting up python-zopeinterface (3.3.1-7+pb1) ...
Setting up python-twisted-core (8.2.0-2+pb1) ...
Setting up python-twisted-web (8.2.0-2+pb1) ...
Setting up python-nevow (0.9.33-3+pb1) ...
pycentral: pycentral pkginstall: not overwriting local files:
  /usr/lib/python2.4/site-packages/twisted/plugins/dropin.cache
pycentral pkginstall: not overwriting local files:
  /usr/lib/python2.4/site-packages/twisted/plugins/dropin.cache
dpkg: error processing python-nevow (--configure):
 subprocess post-installation script returned error exit status 1
Setting up python-pkg-resources (0.6c9-2+pb1) ...
dpkg: dependency problems prevent configuration of python-pydoctor:
 python-pydoctor depends on python-nevow; however:
  Package python-nevow is not configured yet.
dpkg: error processing python-pydoctor (--configure):
 dependency problems - leaving unconfigured
Setting up python-setuptools (0.6c9-2+pb1) ...
Setting up xfonts-encodings (1:1.0.2-3+pb2) ...
Setting up xfonts-utils (1:7.4+1+pb1) ...
Setting up xfonts-base (1:1.0.0-6+pb1) ...
Setting up xserver-common (2:1.6.1-1+pb1) ...
Setting up libaudit0 (1.7.12-1+pb1) ...
Setting up xvfb (2:1.6.1-1+pb1) ...
Processing triggers for python-support ...
Errors were encountered while processing:
 python-nevow
 python-pydoctor
E: Sub-process /usr/bin/dpkg returned an error code (1)
-- 
Daniel Schepler




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#525035: serf: FTBFS: Test failures

[Daniel Schepler]

Package: serf
Version: 0.2.0-1
Severity: serious

From my pbuilder build log:

...
/usr/bin/make -C . check
make[1]: Entering directory `/tmp/buildd/serf-0.2.0'
== Testing test/testcases/simple.response ==

http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
http://www.w3.org/1999/xhtml"; xml:lang="en">

scotch.ics.uci.edu






More to come!

Apache httpd 2.0 manual

Trust our CA!






== Testing test/testcases/chunked-empty.response ==
== Testing test/testcases/chunked.response ==
this is 1 test.
i am a test.this is a test.
== Testing test/testcases/chunked-trailers.response ==
this is 1 test.
i am a test.this is a test.
Trailer-Test: f
== Testing test/testcases/deflate.response ==


 
  Test of gzip Content-Encoding
 
 
This is a test

This file was created with mod_deflate on the server side.
curl -i --output gzip.response -H "Accept-Encoding: gzip" 
http://localhost:8080/1.html


Apache

== Running test_all ==
.....

There were 4 failures:
1) test_serf_setup_proxy: test/test_context.c:566: expected <0> but was <22>
2) test_keepalive_limit_one_by_one: test/test_context.c:700: expected <0> but 
was <98>
3) test_keepalive_limit_one_by_one_and_burst: test/test_context.c:860: expected 
<0> but was <98>
4) test_serf_progress_callback: test/test_context.c:978: expected <0> but was 
<98>

!!!FAILURES!!!
Runs: 13 Passes: 9 Fails: 4

make[1]: *** [check] Error 1
make[1]: Leaving directory `/tmp/buildd/serf-0.2.0'
make: *** [debian/stamp-makefile-check] Error 2
dpkg-buildpackage: failure: debian/rules build gave error exit status 2




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524417: marked as done (libmodplug_1:0.8.4-4(mips/unstable): FTBFS on mips: missing autotools info.)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 15:18:00 +
with message-id 
and subject line Bug#524417: fixed in libmodplug 1:0.8.4-5
has caused the Debian Bug report #524417,
regarding libmodplug_1:0.8.4-4(mips/unstable): FTBFS on mips: missing autotools 
info.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
524417: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524417
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libmodplug
Version: 1:0.8.4-4
Severity: serious

There was an error while trying to autobuild your package:

> Automatic build of libmodplug_1:0.8.4-4 on mayr by sbuild/mips 99.999
> Build started at 20090416-0105

[...]

> ** Using build dependencies supplied by package:
> Build-Depends: debhelper (>= 5.0.0), autoconf, automake, autotools-dev, 
> libtool

[...]

> aclocal
> libtoolize -f
> libtoolize: putting auxiliary files in `.'.
> libtoolize: linking file `./ltmain.sh'
> libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.in and
> libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree.
> libtoolize: Consider adding `-I m4' to ACLOCAL_AMFLAGS in Makefile.am.
> autoheader
> automake
> configure.in:20: required file `./config.guess' not found
> configure.in:20:   `automake --add-missing' can install `config.guess'
> configure.in:20: required file `./config.sub' not found
> configure.in:20:   `automake --add-missing' can install `config.sub'
> make: *** [configure-stamp] Error 1
> dpkg-buildpackage: failure: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=mips&pkg=libmodplug&ver=1:0.8.4-4



--- End Message ---
--- Begin Message ---
Source: libmodplug
Source-Version: 1:0.8.4-5

We believe that the bug you reported is fixed in the latest version of
libmodplug, which is due to be installed in the Debian FTP archive:

libmodplug-dev_0.8.4-5_all.deb
  to pool/main/libm/libmodplug/libmodplug-dev_0.8.4-5_all.deb
libmodplug0c2_0.8.4-5_i386.deb
  to pool/main/libm/libmodplug/libmodplug0c2_0.8.4-5_i386.deb
libmodplug_0.8.4-5.diff.gz
  to pool/main/libm/libmodplug/libmodplug_0.8.4-5.diff.gz
libmodplug_0.8.4-5.dsc
  to pool/main/libm/libmodplug/libmodplug_0.8.4-5.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 524...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Zed Pobre  (supplier of updated libmodplug package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 20 Apr 2009 14:29:36 -0400
Source: libmodplug
Binary: libmodplug0c2 libmodplug-dev
Architecture: source all i386
Version: 1:0.8.4-5
Distribution: unstable
Urgency: low
Maintainer: Zed Pobre 
Changed-By: Zed Pobre 
Description: 
 libmodplug-dev - development files for mod music based on ModPlug
 libmodplug0c2 - shared libraries for mod music based on ModPlug
Closes: 524417
Changes: 
 libmodplug (1:0.8.4-5) unstable; urgency=low
 .
   * Fix ftbfs on all architectures (Closes: #524417):
 * Build-depends: automake1.9
 * re-order autotools/libtool calls.
 * Thanks to Fathi Boudra for the patch.
Checksums-Sha1: 
 ec15c0da42800a016e97dffde8230b2ccf6faa83 1314 libmodplug_0.8.4-5.dsc
 17fade6a876ae495b446f15b3c81f4fde8373884 7606 libmodplug_0.8.4-5.diff.gz
 c5f26020ed521c2306c2a1e7c97242d2fb011bcd 25068 libmodplug-dev_0.8.4-5_all.deb
 48aef0b8b2b4d5e423cba6aff8d7b8c97899072b 171984 libmodplug0c2_0.8.4-5_i386.deb
Checksums-Sha256: 
 cda94a60c1596b8e851564cafa286d33f20394e2b315a962d8c94521fc299399 1314 
libmodplug_0.8.4-5.dsc
 5f9d5e56c76455e392ad02fc0e0ad37dfc05a3a390c8e48fcdaf685ae6f2b635 7606 
libmodplug_0.8.4-5.diff.gz
 421812919b3bf6563c224cd894d3f2f96c73979269eccb3c6bed71096b9abb0c 25068 
libmodplug-dev_0.8.4-5_all.deb
 648dc391c380f69a87cf2f69418695ae29f2d70b3639b2f2c4b3790364d6199c 171984 
libmodplug0c2_0.8.4-5_i386.deb
Files: 
 b7fbc14a80ff16eb06e03571a5220b41 1314 libs optional libmodplug_0.8.4-5.dsc
 981f8207ba3a60324eb79c1a155e41e2 7606 libs optional libmodplug_0.8.4-5.diff.gz
 d8fa0feab15b2b71645eb07e1e3d4d0c 25068 libdevel optional 
libmodplug-dev_0.8.4-5_all.deb
 e7f57e873a712820e9cb2b2eb847951c 171984 libs optional 
libmodplug0c2_0.8.4-5_i386.deb

-BEGIN PGP SIGNA

Bug#524303: Patch not applied

[Cortese, Matteo]

The changelog for 1.2.6-14 states:

   [ Josselin Mouette ]
   * Manually bump build-dependency and dependency on python-support to
 1.0. The dependencies stay manual since ${python:Depends} would add
 a dependency on python (<< 2.5). Closes: #524303.

However, despite the changelog, the package itself still depends and
build-depends on python-support (>= 0.7.1):

   Package: python-elementtree
   Source: elementtree
   Version: 1.2.6-14
   Architecture: all
   Maintainer: Debian Python Modules Team

   Installed-Size: 184
   Depends: python-support (>= 0.7.1)
   Suggests: python-elementtree-doc
   Conflicts: python2.3-elementtree, python2.4-elementtree
   Replaces: python2.3-elementtree, python2.4-elementtree
   Provides: python2.4-elementtree
   Section: python
   Priority: optional
   Homepage: http://effbot.org/zone/element-index.htm
   [...]


This means that:
1) 1.2.6-14 is still broken;
2) 1.2.6-14 was allowed to testing, since it depends on a version of
python-support that's present in testing.



Note:  If the reader of this message is not the intended recipient, or an 
employee or agent responsible for delivering this message to the intended 
recipient, you are hereby notified that any dissemination, distribution or 
copying of this communication is strictly prohibited. If you have received this 
communication in error, please notify us immediately by replying to the message 
and deleting it from your computer. Thank you.





--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#519548: patch to fix mondo

[Rogério Brito]

Dear Andree,

On Apr 21 2009, Andree Leidenfrost wrote:
> Nice to hear from you again!

Nice to know that you're maintaining mondo. I think that it would be a
nice thing to have it support backups on powerpc's... I have three here
that would be nice to be backed up.

> Thanks a lot for the patch! I thought I had it all covered but not so,
> obviously. Thanks again.

I think that you missed it because the code seems (at least at a first
glance) to be much more complicated than necessary, with some
duplication of code.

Also, it seems that the code could be cleaned up a little.

> I've revamped my computer over Easter (read: I didn't have a working
> one) and have thus not been able, unfortunately, to release a new
> package version with your patch included. I am going away on Thu only to
> return on 11 May. But I will definitely release a new version with your
> patch soon after.

Nice. I am very glad that mondo is dropping a dependency. :-)

> Other than that, I would be very happy to receive more patches from you
> in the future!

I will chase some warnings and see what can be fixed. Where would you
prefer me to send you patches? Here in Debian's BTS? Directly to your
personal e-mail?


Thanks,

-- 
Rogério Brito : rbr...@{mackenzie,ime.usp}.br : GPG key 1024D/7C2CAEB8
http://www.ime.usp.br/~rbrito : http://meusite.mackenzie.com.br/rbrito
Projects: algorithms.berlios.de : lame.sf.net : vrms.alioth.debian.org



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#523204: marked as done (dballe: FTBFS: dvips: ! Couldn't find header file cm-super-t1.enc.)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 15:34:00 +0100
with message-id <20090421143400.gb8...@enricozini.org>
and subject line Re: Bug#523204: dballe: FTBFS: dvips: ! Couldn't find header 
file cm-super-t1.enc.
has caused the Debian Bug report #523204,
regarding dballe: FTBFS: dvips: ! Couldn't find header file cm-super-t1.enc.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
523204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523204
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: dballe
Version: 4.0.2-1
Severity: serious

Hi,

Your package is failing to build with the following error:
Chapter 4.
(./troubleshooting.tex) (./guide.bbl [21] [22]) [23] (./guide.aux)

LaTeX Warning: There were undefined references.

 )
(see the transcript file for additional information)
Output written on guide.dvi (23 pages, 36596 bytes).
Transcript written on guide.log.
TEXINPUTS="".":" dvips guide.dvi -o
This is dvips(k) 5.96.1 Copyright 2007 Radical Eye Software (www.radicaleye.com)
' TeX output 2009.04.06:2243' -> guide.ps
dvips: ! Couldn't find header file cm-super-t1.enc.
Note that an absolute path or a relative path with .. are denied in -R2 mode.
make[3]: *** [guide.ps] Error 1



Kurt



--- End Message ---
--- Begin Message ---
Version: 4.0.10-1

> Source: dballe
> Version: 4.0.2-1
> Severity: serious
> 
> Hi,
> 
> Your package is failing to build with the following error:
> Chapter 4.
[...]
> dvips: ! Couldn't find header file cm-super-t1.enc.
> Note that an absolute path or a relative path with .. are denied in -R2 mode.
> make[3]: *** [guide.ps] Error 1

The error did not make much sense to me, but before investigating it
further I tried to build a new upstream version that I had pending for
upload, and it did not have the bug. I'll then assume that this new
version closes the bug.

I've just (finally) uploaded 4.0.10-1, which apparently I forgot to
upload quite a bit of time ago, so this problem should be solved.


Ciao,

Enrico

-- 
GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini 


signature.asc
Description: Digital signature
--- End Message ---

Bug#481786: ttf2tex: freetype1 deprecation

[Barry deFreese]

Rafael Laboissiere wrote:

* Barry deFreese  [2009-04-16 11:27]:

  
My apologies but I cannot see keeping freetype1 in Debian just for  
ttf2tex.  Especially since ttf2tex has not been part of any recent stable 
releases.


Do you have any other thoughts or options before I request removal of  
freetype1 and probably ttf2tex?



ttf2tex is dead upstream [1] and I am not willing to port it to freetype2
or whatever.  Let us just have both freetype1 and ttf2tex removed from
Debian.

[1] http://www.ctan.org/tex-archive/obsolete/support/ttf2tex/README

Thanks,

  

I have filed removal requests on both.  Thank you for the follow-up!

Barry deFreese
Debian QA



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524194: marked as done (depends on bibledit-data which conflicts with scripturechecks)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 13:47:05 +
with message-id 
and subject line Bug#524194: fixed in bibledit 3.7-1
has caused the Debian Bug report #524194,
regarding depends on bibledit-data which conflicts with scripturechecks
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
524194: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524194
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bibledit
Version: 3.6-1
Severity: grave
Justification: renders package unusable

The package bibledit depends on bibledit-data and provides scripturechecks,
but bibledit-data conflicts with scripturechecks.

So this package is not installable.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (991, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.23-grml (SMP w/1 CPU core; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages bibledit depends on:
pn  bibledit-data  (no description available)
ii  iputils-ping [ping]3:20071127-1  Tools to test the reachability of 
ii  libart-2.0-2   2.3.19-3  Library of functions for 2D graphi
ii  libatk1.0-01.24.0-2  The ATK accessibility toolkit
ii  libbonobo2-0   2.24.1-1  Bonobo CORBA interfaces library
ii  libbonoboui2-0 2.24.1-1  The Bonobo UI library
ii  libc6  2.9-6 GNU C Library: Shared libraries
ii  libcairo2  1.8.6-2   The Cairo 2D vector graphics libra
ii  libcurl3-gnutls7.18.2-8.1Multi-protocol file transfer libra
ii  libenchant1c2a 1.4.2-3.3 a wrapper library for various spel
ii  libfontconfig1 2.6.0-3   generic font configuration library
ii  libfreetype6   2.3.9-4   FreeType 2 font engine, shared lib
ii  libgcc11:4.3.3-7 GCC support library
ii  libgconf2-42.24.0-7  GNOME configuration database syste
ii  libglade2-01:2.6.2-1 library to load .glade files at ru
ii  libglib2.0-0   2.20.0-2  The GLib library of C routines
ii  libgnome2-02.20.1.1-1The GNOME 2 library - runtime file
ii  libgnomecanvas2-0  2.20.1.1-1A powerful object-oriented display
ii  libgnomeui-0   2.24.1-1  The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0 1:2.24.0-3GNOME Virtual File System (runtime
ii  libgtk2.0-02.14.7-5  The GTK+ graphical user interface 
ii  libgtkhtml3.14-19  3.24.5-2  HTML rendering/editing library - r
ii  libgtksourceview2.0-0  2.4.2-1   shared libraries for the GTK+ synt
ii  libice62:1.0.5-1 X11 Inter-Client Exchange library
ii  liborbit2  1:2.14.13-0.1 libraries for ORBit2 - a CORBA ORB
ii  libpango1.0-0  1.22.4-3  Layout and rendering of internatio
ii  libpopt0   1.14-4lib for parsing cmdline parameters
ii  libsm6 2:1.1.0-2 X11 Session Management library
ii  libsqlite3-0   3.6.11-2  SQLite 3 shared library
ii  libstdc++6 4.3.3-7   The GNU Standard C++ Library v3
ii  libxml22.7.3.dfsg-1  GNOME XML library
ii  psmisc 22.6-1Utilities that use the proc filesy

Versions of packages bibledit recommends:
ii  bibletime 1.6.5.1-1  A bible study tool for KDE

bibledit suggests no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: bibledit
Source-Version: 3.7-1

We believe that the bug you reported is fixed in the latest version of
bibledit, which is due to be installed in the Debian FTP archive:

bibledit-data_3.7-1_all.deb
  to pool/main/b/bibledit/bibledit-data_3.7-1_all.deb
bibledit_3.7-1.diff.gz
  to pool/main/b/bibledit/bibledit_3.7-1.diff.gz
bibledit_3.7-1.dsc
  to pool/main/b/bibledit/bibledit_3.7-1.dsc
bibledit_3.7-1_i386.deb
  to pool/main/b/bibledit/bibledit_3.7-1_i386.deb
bibledit_3.7.orig.tar.gz
  to pool/main/b/bibledit/bibledit_3.7.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 524...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonathan Marsden  (supplier of up

Processed: [mips{,el}] FTBFS for packages using cmake

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 524583 buildd.debian.org
Bug#524583: kdeedu_4:4.2.2-1+b1(mips/unstable): FTBFS on mips
Bug reassigned from package `kdeedu' to `buildd.debian.org'.

> reassign 524582 buildd.debian.org
Bug#524582: kdeartwork_4:4.2.2-2(mips/unstable): FTBFS on mips
Bug reassigned from package `kdeartwork' to `buildd.debian.org'.

> forcemerge 524586 524583 524582
Bug#524586: mayr's kernel should be upgraded
Bug#524582: kdeartwork_4:4.2.2-2(mips/unstable): FTBFS on mips
Bug#524583: kdeedu_4:4.2.2-1+b1(mips/unstable): FTBFS on mips
Bug#524589: synaptic_0.62.5+b1(mips/unstable): FTBFS on mips.
Forcibly Merged 524582 524583 524586 524589.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524582: [mips{,el}] FTBFS for packages using cmake

[Didier Raboud]

reassign 524583 buildd.debian.org
reassign 524582 buildd.debian.org
forcemerge 524586 524583 524582
thanks

Hi dear mips{,el} buildd admins !

As you may know, several packages are FTBFS on mips and/or mipsel these days, 
particularily ones using cmake ([0] [1] [2]).

I installed a mips qemu and tried various kernel versions to try to hunt down 
this issue, with great help from Modestas Vainius. For mips (I can't tell for 
mipsel as I haven't tried with it), it appears that 
linux-image-2.6-26-1-4kc-malta is suffering from #520034 (linux-2.6: inexistant 
syscalls return wrong errno on mips/mipsel), which seems consistant with what 
we could see on my qemu install logs. This linux-2.6 bug is fixed in binary 
2.6.26-2 in stable (2.6.26-13) and I could successfully build at least kdesudo 
with versions 2.6.29-1 and 2.6.26-2.

So, could you please update the kernel version on mayr and mayer to at least 
2.6.26-2 (linux-2.6 (2.6.26-14) stable) ?

Best regards, 

OdyX

N.B. By the way, reassigning bugs 524583, 524582 to buildd.d.o and 
force-merging 
to 524586.

[0] On kdeedu: http://bugs.debian.org/524583
[1] On kdeartwork: http://bugs.debian.org/524582
[2] On kdesudo: https://buildd.debian.org/pkg.cgi?pkg=kdesudo
-- 
Didier Raboud, proud Debian user.
CH-1802 Corseaux
did...@raboud.com


signature.asc
Description: This is a digitally signed message part.

Processed: Re: Bug#522780: tags

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 522780 - patch
Bug#522780: tftpd-hpa: postinst fails without update-inetd installed
Tags were: patch
Tags removed: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#522780: tags

[Cyril Brulebois]

tag 522780 - patch
thanks

Holger Levsen  (20/04/2009):
> tags 522780 +patch
> severity 522780 serious
> User: debian...@lists.debian.org
> Usertags: piuparts.debian.org piuparts
> 
> Hi Jaakko,
> 
> just add "update-inetd" to Depends:, that fixes the issue. Thus tagging patch.
> http://www.debian.org/doc/debian-policy/ch-relationships.html#s-binarydeps

No. Make that optional. See #462654.

Oh, and putting back the submitter in the loop…

Mraw,
KiBi.


signature.asc
Description: Digital signature

Bug#476376: marked as done (Please port to new libmpcdec API)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 13:02:06 +
with message-id 
and subject line Bug#476376: fixed in quodlibet 2.0-3
has caused the Debian Bug report #476376,
regarding Please port to new libmpcdec API
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
476376: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476376
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: quodlibet
Severity: wishlist
Version: 1.0-2

Hi,
please port your application to the new libmpcdec API in experimental.
You find it as libmpcdec-dev / libmpcdec6 in the libmpc source package.

The API changes are fairly trivial, see [0] for a patch that does this
for the GStreamer plugin.

The API might not be 100% stable yet but there are very few changes (if
any) to be expected. I don't know if libmpc (and Musepack's stream
version 8) will be ready for lenny but when this gets uploaded to
unstable this bugs will become grave.

Thanks

[0] http://bugzilla.gnome.org/show_bug.cgi?id=526905


signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
--- End Message ---
--- Begin Message ---
Source: quodlibet
Source-Version: 2.0-3

We believe that the bug you reported is fixed in the latest version of
quodlibet, which is due to be installed in the Debian FTP archive:

exfalso_2.0-3_all.deb
  to pool/main/q/quodlibet/exfalso_2.0-3_all.deb
quodlibet-ext_2.0-3_i386.deb
  to pool/main/q/quodlibet/quodlibet-ext_2.0-3_i386.deb
quodlibet_2.0-3.diff.gz
  to pool/main/q/quodlibet/quodlibet_2.0-3.diff.gz
quodlibet_2.0-3.dsc
  to pool/main/q/quodlibet/quodlibet_2.0-3.dsc
quodlibet_2.0-3_all.deb
  to pool/main/q/quodlibet/quodlibet_2.0-3_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 476...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tristan Seligmann  (supplier of updated quodlibet 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sat, 28 Mar 2009 17:48:21 +0200
Source: quodlibet
Binary: exfalso quodlibet quodlibet-ext
Architecture: source all i386
Version: 2.0-3
Distribution: unstable
Urgency: low
Maintainer: Christine Spang 
Changed-By: Tristan Seligmann 
Description: 
 exfalso- audio tag editor for GTK+
 quodlibet  - audio library manager and player for GTK+
 quodlibet-ext - extensions for the Quod Libet audio player
Closes: 476376
Changes: 
 quodlibet (2.0-3) unstable; urgency=low
 .
   * Fix watch file.
   * Don't create empty /usr/lib/quodlibet.
   * Avoid installing empty site-packages dir in exfalso.
   * Remove spurious libmpcdec3 dependency (closes: #476376).
   * Switch to quilt for patches.
   * Apply Ubuntu patch for selecting music profile.
   * Update changelog.
   * Set DEB_PYTHON_MODULE_PACKAGES and depend on cdbs 0.5.45.
   * Bump Standards-Version; no changes required.
Checksums-Sha1: 
 125daefa62191d9147ae0ba74c2e33de38662214 1355 quodlibet_2.0-3.dsc
 312bcace3803baaf88cc3b9ca964b30aff663e74 7686 quodlibet_2.0-3.diff.gz
 6d6db96af2530808d3072a3bf21ad455f295fc38 555144 exfalso_2.0-3_all.deb
 ef760008ef86c18d2948c308d4d118ec08cb4a0a 29944 quodlibet_2.0-3_all.deb
 d1eb28af2d1550e77174a6253c360861c145d7f5 27304 quodlibet-ext_2.0-3_i386.deb
Checksums-Sha256: 
 746f81767159570b6f8f63de03e5ebd4b90be26621b725745b4a71029707ca05 1355 
quodlibet_2.0-3.dsc
 0a6e66ce16406b6ef1a068555b20679bfbb2bc0eced53c8f3f2c966a9b9101c0 7686 
quodlibet_2.0-3.diff.gz
 5524e878662675efeefd2f91dc6e64f66f443253165fc08e60dcd47f0dfa6bff 555144 
exfalso_2.0-3_all.deb
 1b12afb2e5a96466320a842577c8c0449b90184a1004955cec64adf97abac4df 29944 
quodlibet_2.0-3_all.deb
 7187a88e46eca48505b43f31f9cd9617f314d91feb89a5e827eb2268a6b494d9 27304 
quodlibet-ext_2.0-3_i386.deb
Files: 
 c183731ec03c86990952967b891e0418 1355 sound optional quodlibet_2.0-3.dsc
 f7469b6a89b51a53abd25c2e64418da1 7686 sound optional quodlibet_2.0-3.diff.gz
 a38fad4936a2d8d9215160401d15 555144 sound optional exfalso_2.0-3_all.deb
 56446f51e81e6aaabe2bb00185da3bd7 29944 sound optional quodlibet_2.0-3_all.deb
 0d9853757dfa89347f2a5bc717d4583d 27304 sound optional 
quodlibet-ext_2.0-3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkntwNoACgkQd73XuVITgbp+1gCgk7bH9VvYe5DJhY16hq3V2uc2

Bug#523329: marked as done (tar: causes dpkg-source extract failures)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 14:59:23 +0200
with message-id <20090421125923.ga17...@rivendell>
and subject line Re: Bug#523329: Bug still there
has caused the Debian Bug report #523329,
regarding tar: causes dpkg-source extract failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
523329: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523329
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: tar
Version: 1.22-1
Severity: important

Since installing the latest version of tar, I'm getting failures in
attempting to extract certain deb packages.  For example, with
telepathy-glib:


frobozz:/tmp$ dpkg-source -x telepathy-glib_0.7.29-1.dsc
dpkg-source: extracting telepathy-glib in telepathy-glib-0.7.29
dpkg-source: info: unpacking telepathy-glib_0.7.29.orig.tar.gz
dpkg-source: failure: gunzip died from signal 13
frobozz:/tmp$ ls telepathy-glib-0.7.29.orig/
frobozz:/tmp$

When I try the same thing with the previous version of tar installed,
the package unpacks just fine.

(Never mind the local "+pb1" versions below, I've also reproduced the
same problem in a vanilla pbuilder chroot.)
-- 
Daniel Schepler

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.29-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages tar depends on:
ii  libc6 2.9-6+pb1  GNU C Library: Shared libraries

tar recommends no packages.

Versions of packages tar suggests:
ii  bzip2  1.0.5-1+pb1   high-quality block-sorting file co
ii  ncompress  4.2.4.2-2+pb1 Original Lempel-Ziv compress/uncom

-- no debconf information


--- End Message ---
--- Begin Message ---
found 523329 1.14.25
fixed 523329 1.14.26
thanks

On Tue, 21 Apr 2009, Michael Meskes wrote:
> reopen 523329

Don't do that. You just lost any versioning information associated to the
bug report. You should have used "found 523329 1.14.26" to reopen it
instead.

> dpkg-source: info: using source format `1.0'
> dpkg-source: info: building virtualbox-ose using existing 
> virtualbox-ose_2.2.0-dfsg.orig.tar.gz
> 
> gzip: stdout: Broken pipe
> dpkg-source: failure:  gave error exit status 1
> dpkg-buildpackage: failure: dpkg-source -i.git/ -I.git -b virtualbox-ose gave 
> error exit status 29
> debuild: fatal error at line 1324:
> dpkg-buildpackage -rfakeroot -D -us -uc -i.git/ -I.git failed
> ...
> 
> Downgrading tar to 1.20-1 fixed the problem.

I can't reproduce it. The initial bug report failed at dpkg-source -x
and you're seeing a problem at build time. The initial error message
was "dpkg-source: failure: gunzip died from signal 13" and you get
another error message.

So it's not the same problem. In fact the error message is not normal, it
should have told exactly what command failed and it doesn't (" gave error
exit status 1" instead of " gave error exit status 1").
Can you maybe strace to check what process failed ? It might be tar
itself (in that case, dpkg-source is not to blame).

Anyway, please open a new bugreport about it (not grave, probably
important if it's not a problem like ENOSPC) and give us a way to
reproduce it more reliably. Are you on i386 ? What version of gzip and tar
and dpkg-dev ?

The error message is weird too. It shows gzip but if it fails apparently
during the tar extraction, it should have been gunzip. But if gzip or
gunzip failed, we should have had their name in the error message.

Cheers,
-- 
Raphaël Hertzog

Contribuez à Debian et gagnez un cahier de l'admin Debian Lenny :
http://www.ouaza.com/wp/2009/03/02/contribuer-a-debian-gagner-un-livre/

--- End Message ---

Processed: Re: Bug#523329: Bug still there

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 523329 1.14.25
Bug#523329: tar: causes dpkg-source extract failures
Bug marked as found in version 1.14.25 and reopened.

> fixed 523329 1.14.26
Bug#523329: tar: causes dpkg-source extract failures
Bug marked as fixed in version 1.14.26.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#519548: patch to fix mondo

[Andree Leidenfrost]

Hi Rogério,

Nice to hear from you again!

Thanks a lot for the patch! I thought I had it all covered but not so,
obviously. Thanks again.

I've revamped my computer over Easter (read: I didn't have a working
one) and have thus not been able, unfortunately, to release a new
package version with your patch included. I am going away on Thu only to
return on 11 May. But I will definitely release a new version with your
patch soon after.

Other than that, I would be very happy to receive more patches from you
in the future!

Thanks a lot for your help!

Best regards,
Andree

On Wed, 2009-04-08 at 08:00 -0300, Rogério Brito wrote:
> tags 519548 +patch
> thanks
> 
> Here is a patch to fix mondo so that it stops seeing if cdrecord is
> available on systems that have wodim installed.
> 
> I just tested it now and it seems to work fine, but I really think that
> mondo should have a function to check alternative names for some
> utilities (the case of wodim, cdrecord, dvdrecord, whatever) is
> potentially just one of these cases.
> 
> I may be submitting other patches to the project, if this is desired.
> 
> 
> Regards,
> 
-- 
Andree Leidenfrost
Sydney - Australia


signature.asc
Description: This is a digitally signed message part

Bug#525002: ktechlab: segfaults when adding a circuit element to a new page

[Folken]

Package: ktechlab
Version: 0.3-9
Severity: grave
Justification: renders package unusable

Steps to reproduce the problem:

1. Start Ktechlab
2. File-New 
3. Select Circuit
4. Drag a Battery component from the component list to the new untitled circuit
->  Program Segfaults 


-- System Information:
Debian Release: 5.0.1
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=de_CH.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ktechlab depends on:
ii  gpsim0.22.0-5Simulator for Microchip's PIC micr
ii  kdelibs4c2a  4:3.5.10.dfsg.1-0lenny1 core libraries and binaries for al
ii  libacl1  2.2.47-2Access control list shared library
ii  libart-2.0-2 2.3.20-2Library of functions for 2D graphi
ii  libatk1.0-0  1.22.0-1The ATK accessibility toolkit
ii  libattr1 1:2.4.43-2  Extended attribute shared library
ii  libaudio21.9.1-5 Network Audio System - shared libr
ii  libc62.7-18  GNU C Library: Shared libraries
ii  libcairo21.6.4-7 The Cairo 2D vector graphics libra
ii  libfontconfig1   2.6.0-3 generic font configuration library
ii  libfreetype6 2.3.7-2 FreeType 2 font engine, shared lib
ii  libgamin0 [libfa 0.1.9-2 Client library for the gamin file 
ii  libgcc1  1:4.3.2-1.1 GCC support library
ii  libglib2.0-0 2.16.6-1+lenny1 The GLib library of C routines
ii  libgtk2.0-0  2.12.12-1~lenny1The GTK+ graphical user interface 
ii  libice6  2:1.0.4-1   X11 Inter-Client Exchange library
ii  libidn11 1.8+20080606-1  GNU libidn library, implementation
ii  libjpeg626b-14   The Independent JPEG Group's JPEG 
ii  libpango1.0-01.20.5-3Layout and rendering of internatio
ii  libpixman-1-00.10.0-2pixel-manipulation library for X a
ii  libpng12-0   1.2.27-2+lenny2 PNG library - runtime
ii  libpopt0 1.14-4  lib for parsing cmdline parameters
ii  libqt3-mt3:3.3.8b-5+b1   Qt GUI Library (Threaded runtime v
ii  libreadline5 5.2-3.1 GNU readline and history libraries
ii  libsm6   2:1.0.3-2   X11 Session Management library
ii  libstdc++6   4.3.2-1.1   The GNU Standard C++ Library v3
ii  libx11-6 2:1.1.5-2   X11 client-side library
ii  libxcursor1  1:1.1.9-1   X cursor management library
ii  libxext6 2:1.0.4-1   X11 miscellaneous extension librar
ii  libxft2  2.1.12-3FreeType-based font drawing librar
ii  libxi6   2:1.1.4-1   X11 Input extension library
ii  libxinerama1 2:1.0.3-2   X11 Xinerama extension library
ii  libxrandr2   2:1.2.3-1   X11 RandR extension library
ii  libxrender1  1:0.9.4-2   X Rendering Extension client libra
ii  libxt6   1:1.0.5-3   X11 toolkit intrinsics library
ii  zlib1g   1:1.2.3.3.dfsg-12   compression library - runtime

Versions of packages ktechlab recommends:
ii  gputils   0.13.6-1   GNU PIC utilities

ktechlab suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524887: geotranz fails to start

[Gaudenz Steinlin]

On Mon, Apr 20, 2009 at 07:48:46PM +0200, Roberto Lumbreras wrote:
> Hi,
> 
> The geoid files should be in /usr/share/geotranz/data/
> Please check if in that directory there are the following files:
> 
> 3_param.dat
> 7_param.dat
> default.xml
> egm84.grd
> egm96.grd
> ellips.dat

The files are there:
insgesamt 4100
-rw-r--r-- 1 root root   21923 15. Aug 2008  3_param.dat
-rw-r--r-- 1 root root 202  7. Apr 2008  7_param.dat
-rw-r--r-- 1 root root1139 31. Jul 2008  default.xml
-rw-r--r-- 1 root root2812 11. Okt 2006  egm84.grd
-rw-r--r-- 1 root root 4155868 20. Jun 2005  egm96.grd
-rw-r--r-- 1 root root1725 15. Aug 2008  ellips.dat

> 
> I've checked and they are included in the powerpc .deb so you should have
> them.
> 
> If the files are missing, try reinstalling the package (apt-get --reinstall
> install geontraz)
> 
> If you have the files but geotranz does not work, do the following and tell
> me if it works:
> 
> cd /usr/share/geotranz/data/
> LD_LIBRARY_PATH=/usr/lib/geotranz java -jar
> /usr/share/geotranz/java_gui/geotrans2.jar

This does not help. I get the same error.

> 
> 
> I'm unable to reproduce the bug, so please send me more information.

Which additonal information do you need? I'm happy to debug this with
your help.

Gaudenz

> 
> Regards,
> Roberto Lumbreras
> 
> 
> On Mon, Apr 20, 2009 at 5:17 PM, Gaudenz Steinlin wrote:
> 
> > Package: geotranz
> > Version: 2.4.2-3
> > Severity: grave
> >
> > After starting geotranz from the command line only a message window
> > with: "Error: Error initializing GEOTRANZ engine: Unable to read geoid
> > file!" appears. After clicking on "OK" (the only button in this window)
> > geotranz quits without ever showing the main dialog.
> >
> > I set the severity to grave, because this makes the package completely
> > unusable. But it's a bit hard to judge if this affects all users. If you
> > believe that this bug does not affect all users (eg. powerpc related),
> > please adjust the severity as appropriate.
> >
> > Gaudenz
> >
> > -- System Information:
> > Debian Release: squeeze/sid
> >  APT prefers unstable
> >  APT policy: (500, 'unstable'), (300, 'experimental')
> > Architecture: powerpc (ppc)
> >
> > Kernel: Linux 2.6.29-1-powerpc
> > Locale: LANG=de_CH.UTF-8, LC_CTYPE=de_CH.UTF-8 (charmap=UTF-8)
> > Shell: /bin/sh linked to /bin/bash
> >
> > Versions of packages geotranz depends on:
> > ii  geotranz-libs2.4.2-3 GEOgraphic coordinates
> > TRANslator
> > ii  openjdk-6-jre6b14-1.5~pre1-5 OpenJDK Java runtime, using
> > Hotspo
> >
> > Versions of packages geotranz recommends:
> > ii  geotranz-doc  2.4.2-3GEOgraphic coordinates
> > TRANslator
> >
> > geotranz suggests no packages.
> >
> > -- no debconf information
> >
> >
> >

-- 
Ever tried. Ever failed. No matter.
Try again. Fail again. Fail better.
~ Samuel Beckett ~



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524854: marked as done (python-lunar fails to install in squeeze; update-python-modules fails)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 12:02:04 +
with message-id 
and subject line Bug#524854: fixed in liblunar 2.0.1-2
has caused the Debian Bug report #524854,
regarding python-lunar fails to install in squeeze; update-python-modules fails
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
524854: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524854
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-lunar
Version: 2.0.1-1
Severity: grave
Justification: renders package unusable


When aptitude tried to install python-lunar, it said: 

Errors were encountered while processing:
 python-lunar
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install.  Trying to recover:
Setting up python-lunar (2.0.1-1) ...
Usage: update-python-modules [-v] [-c] package_directory [...]
   update-python-modules [-v] [-c] package.dirs [...]
   update-python-modules [-v] [-al-fl-p]

update-python-modules: error: /usr/share/python-support/python-lunar.public is 
not a directory
dpkg: error processing python-lunar (--configure):
 subprocess post-installation script returned error exit status 2
Errors were encountered while processing:
 python-lunar
Press return to continue.

 (give or take any typos when I transcribed it from the
console).  A freshly-started python session is subsequently unable to
import lunar, so the package is unusable.

The update-python-modules script is provided by:
ii  python-support 0.8.7 automated rebuilding support for 
Python modules

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.ISO-8859-15, LC_CTYPE=en_GB.ISO-8859-15 (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages python-lunar depends on:
ii  libatk1.0-01.24.0-2  The ATK accessibility toolkit
ii  libc6  2.9-4 GNU C Library: Shared libraries
ii  libcairo2  1.8.6-2+b1The Cairo 2D vector graphics libra
ii  libfontconfig1 2.6.0-3   generic font configuration library
ii  libfreetype6   2.3.9-4   FreeType 2 font engine, shared lib
ii  libglib2.0-0   2.20.0-2  The GLib library of C routines
ii  libgtk2.0-02.14.7-5  The GTK+ graphical user interface 
ii  libgtksourceview2.0-0  2.4.2-1   shared libraries for the GTK+ synt
ii  liblunar-1-0   2.0.1-1   Chinese Lunar library
ii  libpango1.0-0  1.24.0-3+b1   Layout and rendering of internatio
ii  python2.5  2.5.4-1   An interactive high-level object-o
ii  zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime

python-lunar recommends no packages.

python-lunar suggests no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: liblunar
Source-Version: 2.0.1-2

We believe that the bug you reported is fixed in the latest version of
liblunar, which is due to be installed in the Debian FTP archive:

liblunar-1-0-dbg_2.0.1-2_amd64.deb
  to pool/main/libl/liblunar/liblunar-1-0-dbg_2.0.1-2_amd64.deb
liblunar-1-0_2.0.1-2_amd64.deb
  to pool/main/libl/liblunar/liblunar-1-0_2.0.1-2_amd64.deb
liblunar-1-dev_2.0.1-2_amd64.deb
  to pool/main/libl/liblunar/liblunar-1-dev_2.0.1-2_amd64.deb
liblunar-1-doc_2.0.1-2_all.deb
  to pool/main/libl/liblunar/liblunar-1-doc_2.0.1-2_all.deb
liblunar_2.0.1-2.diff.gz
  to pool/main/libl/liblunar/liblunar_2.0.1-2.diff.gz
liblunar_2.0.1-2.dsc
  to pool/main/libl/liblunar/liblunar_2.0.1-2.dsc
python-lunar_2.0.1-2_amd64.deb
  to pool/main/libl/liblunar/python-lunar_2.0.1-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 524...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
LI Daobing  (supplier of updated liblunar package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 21 Apr 2009 19:23:11 +0800
Source: liblunar
Binary: liblunar-1-dev liblunar-1-0 liblunar-1-0-dbg liblunar-1-doc python-lunar
Architecture: source amd64 all
Version: 2.0.1-2

Bug#520706: [pkg-nvidia-devel] Bug#520706: nvidia-kernel-source: It is a KERNEL_SOURCE vs KERNEL_OUTPUT issue

[Olivier Berger]

On Tue, Apr 21, 2009 at 01:02:33PM +0200, Olivier Berger wrote:
> 
> FWIW, I experience similar issue, I suppose :
> 

My bad, this was not on the same version and I actually experienced #523947 
instead, it seems.

Sorry for the bothering (well... actually,  URL to the patch in question 
wouldn't hurt, still ;)

Best regards,



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524995: libxine1-misc-plugins: Does not install on amd64 - missing dependency: libmagick10

[nido]

Package: libxine1-misc-plugins
Version: 1.1.16.3-1
Severity: grave
Justification: renders package unusable

Package libxine1-misc-plugins cannot be installed - it depends on libmagick10 
which is unavailable


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.29-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#520706: [pkg-nvidia-devel] Bug#520706: nvidia-kernel-source: It is a KERNEL_SOURCE vs KERNEL_OUTPUT issue

[Olivier Berger]

On Tue, Apr 07, 2009 at 04:23:53PM -0400, Lennart Sorensen wrote:
> I just posted a patch to the mailing list that makes 180.29 build
> perfectly with 2.6.29-2 and also works with linux-modules-nonfree-2.6,
> which is something we have been trying to get going for a while now.
> 

Would you care to share with the BTS the URL for such patch ?

FWIW, I experience similar issue, I suppose :

# m-a -t -l 2.6.29-1-686 a-i nvidia-kernel
...
SNIP
...
# Build the modules
/usr/bin/make -C . LINUXDIR=/lib/modules/2.6.29-1-686/build KVERREL=2.6.29-1-686
make[2]: entrant dans le répertoire « /usr/src/modules/nvidia-kernel »
make[2]: quittant le répertoire « /usr/src/modules/nvidia-kernel »
# Install the modules
dh_installdirs
install -m 0644 /usr/src/modules/nvidia-kernel/debian/override 
/usr/src/modules/nvidia-kernel/debian/nvidia-kernel-2.6.29-1-686/usr/share/lintian/overrides/nvidia-kernel-2.6.29-1-686
install -m 0644 /usr/src/modules/nvidia-kernel/nvidia.ko 
/usr/src/modules/nvidia-kernel/debian/nvidia-kernel-2.6.29-1-686/lib/modules/2.6.29-1-686/nvidia/nvidia.ko
 ; \

install: ne peut évaluer `/usr/src/modules/nvidia-kernel/nvidia.ko': Aucun 
fichier ou dossier de ce type
make[1]: *** [binary-modules] Erreur 1
make[1]: quittant le répertoire « /usr/src/modules/nvidia-kernel »
make: *** [kdist_build] Erreur 2
BUILD FAILED!

Thanks in advance.

Best regards,



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#522112: marked as done (openswan-modules-source: Fails to build with kernel 2.6.26)

[Debian Bug Tracking System]

Your message dated Tue, 21 Apr 2009 11:02:07 +
with message-id 
and subject line Bug#522112: fixed in openswan 1:2.6.21+dfsg-2
has caused the Debian Bug report #522112,
regarding openswan-modules-source: Fails to build with kernel 2.6.26
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
522112: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522112
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openswan-modules-source
Version: 1:2.4.12+dfsg-1.3+lenny1
Severity: serious
Justification: no longer builds from source



-- System Information:
Debian Release: 5.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openswan-modules-source depends on:
ii  bzip2 1.0.5-1high-quality block-sorting file co
ii  coreutils 6.10-6 The GNU core utilities
ii  debhelper 7.0.15 helper programs for debian/rules

Versions of packages openswan-modules-source recommends:
ii  kernel-package   11.015  A utility for building Linux kerne
ii  linux-source-2.6.26 [lin 2.6.26-13lenny2 Linux kernel source for version 2.

Versions of packages openswan-modules-source suggests:
pn  openswan   (no description available)

-- no debconf information

This is the output of 'm-a -t a-b openswan':

Extracting the package tarball, /usr/src/openswan-modules.tar.bz2, please 
wait...
sed -e "s!\$KVERS!`sed -n -e '/UTS_RELEASE/s/^[^"]*"\([^"]*\)".*$/\1/p' 
/usr/src/linux/include/linux/version.h`!g; 
s!\$KSRC!/usr/src/linux!; s!\$KEMAIL!!; s!\$KMAINT!!; s!\$KDREV!"Custom.1.00"!; 
s!\$DEBDATE!Di, 31 Mär 2009 23:23:29 +0200!" 
debian/control.in > debian/control
dh_testdir
dh_testroot
rm -f build-stamp configure-stamp
/usr/bin/make modclean KERNELSRC=/usr/src/linux 
OPENSWANSRCDIR=/usr/src/modules/openswan
make[1]: Entering directory `/usr/src/modules/openswan'
rm -rf /usr/src/modules/openswan/modobj
make[1]: Leaving directory `/usr/src/modules/openswan'
dh_clean
rm -f debian/control
/usr/bin/make -f debian/rules binary-modules
make[1]: Entering directory `/usr/src/modules/openswan'
sed -e "s!\$KVERS!2.6.26-1-686!g; s!\$KSRC!/lib/modules/2.6.26-1-686/build!; 
s!\$KEMAIL!!; s!\$KMAINT!!; 
s!\$KDREV!2.6.26-13lenny2!; s!\$DEBDATE!Di, 31 Mär 2009 23:23:30 +0200!" 
debian/control.in > debian/control
dh_testdir
# Add here commands to configure the package.
touch configure-stamp
dh_testdir
/usr/bin/make module KERNELSRC=/lib/modules/2.6.26-1-686/build 
OPENSWANSRCDIR=/usr/src/modules/openswan
make[2]: Entering directory `/usr/src/modules/openswan'
Building module for a 2.6 kernel
make[3]: Entering directory `/usr/src/modules/openswan'
make[4]: Entering directory `/usr/src/modules/openswan'
make[4]: »/usr/src/modules/openswan/modobj26/Makefile« ist bereits aktualisiert.
make[4]: Leaving directory `/usr/src/modules/openswan'
/usr/bin/make -C /lib/modules/2.6.26-1-686/build  
BUILDDIR=/usr/src/modules/openswan/modobj26 
SUBDIRS=/usr/src/modules/openswan/modobj26 
MODULE_DEF_INCLUDE=/usr/src/modules/openswan/packaging/linus/config-all.h 
MODULE_DEFCONFIG=/usr/src/modules/openswan/linux/net/ipsec/defconfig  
MODULE_EXTRA_INCLUDE= ARCH=i386 modules
make[4]: Entering directory `/usr/src/linux-headers-2.6.26-1-686'
  CC [M]  /usr/src/modules/openswan/modobj26/ipsec_init.o
In file included from /usr/src/modules/openswan/modobj26/ipsec_init.c:85:
/usr/src/modules/openswan/linux/include/openswan/ipsec_esp.h:52: error: 
expected specifier-qualifier-list before 
‘des_key_schedule’
make[5]: *** [/usr/src/modules/openswan/modobj26/ipsec_init.o] Fehler 1
make[4]: *** [_module_/usr/src/modules/openswan/modobj26] Fehler 2
make[4]: Leaving directory `/usr/src/linux-headers-2.6.26-1-686'
make[3]: *** [module26] Fehler 2
make[3]: Leaving directory `/usr/src/modules/openswan'
make[2]: *** [module] Fehler 2
make[2]: Leaving directory `/usr/src/modules/openswan'
make[1]: *** [build-stamp] Fehler 2
make[1]: Leaving directory `/usr/src/modules/openswan'
make: *** [kdist_image] Fehler 2
sed -e "s!\$KVERS!`sed -n -e '/UTS_RELEASE/s/^[^"]*"\([^"]*\)".*$/\1/p' 
/usr/src/linux/include/linux/version.h`!g; s!\$KSRC!/usr/src/linux!; 
s!\$KEMAIL!!; s!\$KMAINT!!; s!\$KDREV!"Custom.1.00"!; s!\$DEBDATE!Di, 31 Mär 
2009 23:23:29 +0200!" debian/control.in > debian/control
dh_testdir
dh_testroot
rm -f build-stamp configure-stamp
/usr/bin/make modclean KERNELSRC=/usr

Processed: closing 524980, closing 524980

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # Automatically generated email from bts, devscripts version 2.10.35lenny3
> close 524980 1.3.6-1lenny3
Bug#524980: SLURM daemons do not drop supplemental groups
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 1.3.6-1lenny3, send any further explanations to 
Thijs Kinkhorst 

> close 524980 1.3.15-1
Bug#524980: SLURM daemons do not drop supplemental groups
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug marked as fixed in version 1.3.15-1, send any further explanations to Thijs 
Kinkhorst 

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#481786: ttf2tex: freetype1 deprecation

[Rafael Laboissiere]

* Barry deFreese  [2009-04-16 11:27]:

> My apologies but I cannot see keeping freetype1 in Debian just for  
> ttf2tex.  Especially since ttf2tex has not been part of any recent stable 
> releases.
>
> Do you have any other thoughts or options before I request removal of  
> freetype1 and probably ttf2tex?

ttf2tex is dead upstream [1] and I am not willing to port it to freetype2
or whatever.  Let us just have both freetype1 and ttf2tex removed from
Debian.

[1] http://www.ctan.org/tex-archive/obsolete/support/ttf2tex/README

Thanks,

-- 
Rafael



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524980: SLURM daemons do not drop supplemental groups

[Thijs Kinkhorst]

Package: slurm-llnl
Version: 1.3.6-1
Severity: grave
Tags: security patch pending


The following issue has been reported on the slurm-llnl mailinglist.
Updated packages are in preparation.

--  Forwarded Message  --

A security flaw has been discovered in all releases of SLURM
versions 1.2 and 1.3. This flaw can be exploited by legitimate
users of a computer to increase their privileges based upon
the supplemental groups available to the SLURM daemons.


Description

A vulnerability exists in the current SLURM sbcast implementation.
The result of this flaw is that sbcast may not properly establish
user supplementary groups before opening files for writing, instead
inheriting the supplementary group list from the slurmd daemon,
which may contain system groups with elevated privileges.

Similar logic exists in support of the strigger command. If the
SlurmUser is configured to be root, unprivileged users may execute
a program inheriting the supplementary group list from the slurmctld
daemon, which may contain system groups with elevated privileges.

You can check the current list of supplementary groups that would be
inherited from these daemons by running the following command:

    grep ^Groups /proc/`pidof slurmd`/status
    grep ^Groups /proc/`pidof slurmctld`/status


Impact

A valid SLURM user may be able to write files in directories with
group write access for one of the inherited groups and/or may be able
to overwrite files with similar group write access. Depending upon
system configuration, this may allow a user to gain elevated privileges.


Solution

We are providing four options to fix this problem.

1. Apply the initgroups.patch2 to an existing SLURM version 1.3
    or 1.2 distribution.

2. Install the nogroups.c wrapper to start the SLURM daemons without
    any supplemental groups. This can be used with most configurations
    and no change in the installed SLURM code.

3. Install SLURM version 1.3.14, which is the same as version
    1.3.13 (a very stable release made on 13 January 2009) plus
    initgroups.patch2.

4. Install SLURM version 1.3.15, which includes initgroups.patch2
    plus support for BlueGene/P systems, an assortment of minor
    bug fixes and some minor enhancements.

After performing one of these changes, the SLURM daemons must be
restarted for the change to take effect.

SLURM version 1.4.0-pre12 was also released today for those working
with a beta version of the next major release.
---
Index: src/common/uid.c
===
--- src/common/uid.c	(revision 17072)
+++ src/common/uid.c	(revision 17170)
@@ -111,6 +111,24 @@
 }
 
 gid_t
+gid_from_uid (uid_t uid)
+{
+	struct passwd pwd, *result;
+	char buffer[PW_BUF_SIZE];
+	gid_t gid;
+	int rc;
+
+	rc = getpwuid_r(uid, &pwd, buffer, PW_BUF_SIZE, &result);
+	if (result == NULL) {
+		gid = (gid_t) -1;
+	} else {
+		gid = result->pw_gid;
+	}
+
+	return gid;
+}
+
+gid_t
 gid_from_string (char *name)
 {
 	struct group grp, *result;
Index: src/common/uid.h
===
--- src/common/uid.h	(revision 17072)
+++ src/common/uid.h	(revision 17170)
@@ -60,6 +60,12 @@
 uid_t uid_from_string (char *name);
 
 /*
+ * Return the primary group id for a given user id, or 
+ * (gid_t) -1 on failure.
+ */
+gid_t gid_from_uid (uid_t uid);
+
+/*
  * Same as uid_from_name(), but for group name/id.
  */
 gid_t gid_from_string (char *name);
Index: src/slurmd/slurmd/slurmd.c
===
--- src/slurmd/slurmd/slurmd.c	(revision 17072)
+++ src/slurmd/slurmd/slurmd.c	(revision 17170)
@@ -160,6 +160,18 @@
 		(void) close(i);
 
 	/*
+	 * Drop supplementary groups.
+	 */
+	if (geteuid() == 0) {
+		if (setgroups(0, NULL) != 0) {
+			fatal("Failed to drop supplementary groups, "
+			  "setgroups: %m");
+		}
+	} else {
+		info("Not running as root. Can't drop supplementary groups");
+	}
+
+	/*
 	 * Create and set default values for the slurmd global
 	 * config variable "conf"
 	 */
Index: src/slurmd/slurmd/req.c
===
--- src/slurmd/slurmd/req.c	(revision 17072)
+++ src/slurmd/slurmd/req.c	(revision 17170)
@@ -108,6 +108,7 @@
 static void _job_limits_free(void *x);
 static int  _job_limits_match(void *x, void *key);
 static bool _job_still_running(uint32_t job_id);
+static int  _init_groups(uid_t my_uid, gid_t my_gid);
 static int  _kill_all_active_steps(uint32_t jobid, int sig, bool batch);
 static int  _terminate_all_steps(uint32_t jobid, bool batch);
 static void _rpc_launch_tasks(slurm_msg_t *);
@@ -1836,12 +1837,34 @@
 }
 
 static int
+_init_groups(uid_t my_uid, gid_t my_gid)
+{
+	char *user_name = uid_to_string(my_uid);
+	int rc;
+
+	if (user_name == NULL) {
+		error("sbcast: Could not find uid %ld", (long)my_uid);
+		return -1;
+	}
+
+	rc = initgroups(user_n

Bug#502798: Workaround for 55-create-dev

[Nicolas Dumoulin]

I've tried to recreate a machine after fixing the 55-create-dev, and it works 
like a charm.

To fix the script:
sed -i -e 's#\./MAKEDEV#MAKEDEV#' /usr/lib/xen-tools/debian.d/55-create-dev

-- 
Nicolas Dumoulin
Ingénieur d'études - Cemagref, LISC
+33 (0)4.73.44.07.29



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: update

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 516784 1:3.0.1-10
Bug#516784: Source package contains non-free IETF RFC/I-D
Bug marked as found in version 1:3.0.1-10.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524975: Source package contains non-free IETF RFC/I-D

[Simon Josefsson]

Severity: serious
Package: gtk-gnutella
Version: 0.96.6-1
User: debian-rele...@lists.debian.org
Usertags: nonfree-doc rfc

Hi!  This old bug is back again:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393373

I guess you'll have to remove these files:

  gtk-gnutella-0.96.6/doc/gnutella/draft-nielsen-dime-02.txt
  gtk-gnutella-0.96.6/doc/other/rfc3548.txt

In the old report, it said that upstream had fixed this, so that the
rfc's wouldn't be shipped in future *.tar.gz's.  Maybe that didn't work?

Thanks,
/Simon



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#524972: Source package contains non-free IETF RFC/I-D

[Simon Josefsson]

Severity: serious
Package: argyll
Version: 1.0.3-5
User: debian-rele...@lists.debian.org
Usertags: nonfree-doc rfc

Hi!

This source package contains the following files from the IETF under
non-free license terms:

  Argyll_V1.0.3/jcnf/yajl/rfc4627.txt

The license on RFC/I-Ds is not DFSG-free, see:
 * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
 * http://release.debian.org/removing-non-free-documentation
 * http://wiki.debian.org/NonFreeIETFDocuments

The lenny/squeeze release policy says binary and source packages must
each be free:
 * http://release.debian.org/lenny/rc_policy.txt
 * http://release.debian.org/squeeze/rc_policy.txt

The severity is serious, because this violates the Debian policy:
 * http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg

There are (at least) three ways to fix this problem.  In order of
preference:

1. Ask the author of the RFC to re-license the RFC under a free
   license.  A template for this e-mail request can be found at
   http://wiki.debian.org/NonFreeIETFDocuments

2. Remove the non-free material from the source, e.g., by re-packaging
   the upstream archive and adding 'dfsg' to the Debian package
   version name.

3. Move the package to non-free.

General discussions are kindly requested to take place on debian-legal
or debian-devel in the thread with Subject: "Non-free IETF RFC/I-Ds in
source packages".

Thanks,
Simon



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#502798: /usr/lib/xen-tools/lenny.d/55-create-dev: line 39

[Nicolas Dumoulin]

As Antono Vasiljev, I've a problem with the hook script 55-create-dev with the 
same errors.

I've created my domU with the option " --role udev" on my Lenny (xen-tools 
3.9-4 on 2.6.26-1-xen-amd64):
xen-create-image --hostname=vssh --role udev

MAKEDEV is well present at /sbin/MAKEDEV in the domU, but not in /dev. What's 
missing ?
I've checked that udev is well installed in my domU.

Please find attached the domU creation log.

-- 
Nicolas Dumoulin
Ingénieur d'études - Cemagref, LISC
+33 (0)4.73.44.07.29

General Information

Hostname   :  vssh
Distribution   :  lenny
Partitions :  swap2048Mb (swap)
  /   1Gb   (ext3)
Image type :  full
Memory size:  2048Mb
Kernel path:  /boot/vmlinuz-2.6.26-1-xen-amd64
Initrd path:  /boot/initrd.img-2.6.26-1-xen-amd64

Networking Information
--
IP Address : DHCP [MAC: 00:16:3E:6B:DF:F6]
  Logical volume "vssh-swap" created

Creating swap on /dev/vmdisks/vssh-swap
Setting up swapspace version 1, size = 2147479 kB
no label, UUID=100e78df-e0c0-4354-be1f-2024f5da33fc
Done
  Logical volume "vssh-disk" created

Creating ext3 filesystem on /dev/vmdisks/vssh-disk
mke2fs 1.41.3 (12-Oct-2008)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
65536 inodes, 262144 blocks
13107 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=268435456
8 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376

Writing inode tables: 0/81/82/83/84/85/86/87/8done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 33 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
Done
Installation method: debootstrap
Falling back to default debootstrap command

Copying files from host to image.
Copying files from /var/cache/apt/archives -> /tmp/X7NPTf3xxx/var/cache/apt/archives
Done
Done
I: Retrieving Release
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
I: Checking component main on http://vfrontal.clermont.cemagref.fr:/debian...
I: Validating adduser
I: Validating apt
I: Validating apt-utils
I: Validating aptitude
I: Retrieving base-files
I: Validating base-files
I: Validating base-passwd
I: Validating bash
I: Validating bsdmainutils
I: Validating bsdutils
I: Validating coreutils
I: Validating cpio
I: Validating cron
I: Validating debconf
I: Validating debconf-i18n
I: Validating debian-archive-keyring
I: Validating debianutils
I: Validating dhcp3-client
I: Validating dhcp3-common
I: Validating diff
I: Validating dmidecode
I: Validating dpkg
I: Validating e2fslibs
I: Validating e2fsprogs
I: Validating ed
I: Validating findutils
I: Validating gcc-4.2-base
I: Validating gcc-4.3-base
I: Validating gnupg
I: Validating gpgv
I: Validating grep
I: Validating groff-base
I: Validating gzip
I: Validating hostname
I: Validating ifupdown
I: Validating info
I: Validating initscripts
I: Validating iproute
I: Validating iptables
I: Validating iputils-ping
I: Validating libacl1
I: Validating libattr1
I: Validating libblkid1
I: Validating libbz2-1.0
I: Validating libc6
I: Validating libcomerr2
I: Validating libconsole
I: Validating libcwidget3
I: Validating libdb4.6
I: Validating libdevmapper1.02.1
I: Validating libept0
I: Validating libgcc1
I: Validating libgcrypt11
I: Validating libgdbm3
I: Validating libgnutls26
I: Validating libgpg-error0
I: Validating liblocale-gettext-perl
I: Validating libncurses5
I: Validating libncursesw5
I: Validating libnewt0.52
I: Retrieving libpam-modules
I: Validating libpam-modules
I: Retrieving libpam-runtime
I: Validating libpam-runtime
I: Retrieving libpam0g
I: Validating libpam0g
I: Validating libpopt0
I: Validating libreadline5
I: Validating libsasl2-2
I: Validating libselinux1
I: Validating libsepol1
I: Validating libsigc++-2.0-0c2a
I: Validating libslang2
I: Validating libss2
I: Validating libssl0.9.8
I: Validating libstdc++6
I: Validating libtasn1-3
I: Validating libtext-charwidth-perl
I: Validating libtext-iconv-perl
I: Validating libtext-wrapi18n-perl
I: Validating libusb-0.1-4
I: Validating libuuid1
I: Validating libwrap0
I: Validating libxapian15
I: Validating login
I: Validating logrotate
I: Validating lsb-base
I: Validating lzma
I: Validating makedev
I: Validating man-db
I: Validating manpages
I: Validating mawk
I: Validating mktemp
I: Validating module-init-tools
I: Validating mount
I: Validating nano
I: Validating ncurses-base
I: Validating ncurses-bin
I: Validating net-tools
I: Validating netbase
I: Validating netcat-traditional
I: Validating passwd
I: Validating perl-base
I: Validating procps
I: Validating readline-common
I: Validati