date:20091207

Your message dated Mon, 7 Dec 2009 09:16:57 +0100
with message-id 20091207081657.ga31...@orion.carnet.hr
and subject line Re: Bug#559805: CVE-2009-3736 local privilege escalation
has caused the Debian Bug report #559805,
regarding CVE-2009-3736 local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559805: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559805
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: freeradius
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities  Exposures) id was
published for libtool.  I have determined that this package embeds a
vulnerable copy of the libtool source code.  However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the package is not affected, please feel free to close the bug
with a message containing the details of what you did to check.

CVE-2009-3736[0]:
| ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
| attempts to open a .la file in the current working directory, which
| allows local users to gain privileges via a Trojan horse file.

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://security-tracker.debian.org/tracker/CVE-2009-3736


---End Message---
---BeginMessage---
On Sun, Dec 06, 2009 at 11:54:08PM -0500, Michael Gilbert wrote:
 Package: freeradius
 Severity: grave
 Tags: security
 
 The following CVE (Common Vulnerabilities  Exposures) id was
 published for libtool.  I have determined that this package embeds a
 vulnerable copy of the libtool source code.  However, since this is a
 mass bug filing (due to so many packages embedding libtool), I have not
 had time to determine whether the vulnerable code is actually present
 in any of the binary packages. Please determine whether this is the
 case. If the package is not affected, please feel free to close the bug
 with a message containing the details of what you did to check.

We don't build the FreeRADIUS binaries with the local libltdl copy, instead
we use the normal system libltdl*, which is apparent from the linkage and
dependencies, so unless this code somehow inexplicalby crept in, there's
no bug.

-- 
 2. That which causes joy or happiness.

---End Message---

Bug#559804: marked as done (CVE-2009-3736 local privilege escalation)

Your message dated Mon, 7 Dec 2009 10:17:03 +0200
with message-id 20091207081703.gc3...@ants.dhis.net
and subject line Re: Bug#559804: CVE-2009-3736 local privilege escalation
has caused the Debian Bug report #559804,
regarding CVE-2009-3736 local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559804: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559804
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: dico
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities  Exposures) id was
published for libtool.  I have determined that this package embeds a
vulnerable copy of the libtool source code.  However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the package is not affected, please feel free to close the bug
with a message containing the details of what you did to check.

CVE-2009-3736[0]:
| ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
| attempts to open a .la file in the current working directory, which
| allows local users to gain privileges via a Trojan horse file.

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://security-tracker.debian.org/tracker/CVE-2009-3736


---End Message---
---BeginMessage---
Thanks for the report.

dico is not linked against libltdl that is shipped in upstream tarball, 
that was done by passing --without-included-ltdl to configure script 
when called by debian/rules.

I also confirmed this by checking the build logs for dico:
http://buildd.debian.org/pkg.cgi?pkg=dico

So, the problem would go away once #559797 is fixed.

-- 
 ‎أحمد المحمودي (Ahmed El-Mahmoudy)
  Digital design engineer
 GPG KeyID: 0xEDDDA1B7 (@ subkeys.pgp.net)
 GPG Fingerprint: 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7

---End Message---

Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0

2009-12-07 Thread Laurent Bonnaud

Package: frei0r-plugins
Version: 1.1.22git20090409-2
Severity: serious


Hi,

here is the problem:

$ fakeroot apt-get -b source frei0r-plugins
[...]
/bin/sh ../libtool --tag=CC   --mode=compile cc -std=gnu99 -DHAVE_CONFIG_H -I. 
-I../include  -I../include   -I/usr/include/opencv   -DOPENCV_PREFIX=/usr -g 
-O2 -g -Wall -O2  -g -O2 -g -Wall -O2 -c -o facedetect_la-facedetect.lo `test 
-f 'filter/facedetect/facedetect.c' || echo './'`filter/facedetect/facedetect.c
rm: invalid argument: `'
 cc -std=gnu99 -DHAVE_CONFIG_H -I. -I../include -I../include 
-I/usr/include/opencv -DOPENCV_PREFIX=/usr -g -O2 -g -Wall -O2 -g -O2 -g -Wall 
-O2 -c filter/facedetect/facedetect.c  -fPIC -DPIC -o 
.libs/facedetect_la-facedetect.o
In file included from /usr/include/opencv/cxcore.hpp:46,
 from /usr/include/opencv/cxcore.h:2123,
 from /usr/include/opencv/cv.h:58,
 from filter/facedetect/facedetect.c:20:
/usr/include/opencv/cxmisc.h:52:26: error: cvconfig.h: No such file or directory
make[2]: *** [facedetect_la-facedetect.lo] Error 1
make[2]: Leaving directory `/tmp/frei0r-1.1.22git20090409/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/tmp/frei0r-1.1.22git20090409'
make: *** [debian/stamp-makefile-build] Error 2
dpkg-buildpackage: error: debian/rules build gave error exit status 2
Build command 'cd frei0r-1.1.22git20090409  dpkg-buildpackage -b -uc' failed.
E: Child process failed


Removing the -DHAVE_CONFIG_H option allows cv.h to be included without
error.


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.31-1-686-bigmem (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages frei0r-plugins depends on:
ii  libc6 2.10.2-2   GNU C Library: Shared libraries
pn  libcv1none (no description available)
pn  libcvaux1 none (no description available)
ii  libgavl1  1.1.1-2low level audio and video library
ii  libgcc1   1:4.4.2-3  GCC support library
pn  libhighgui1   none (no description available)
ii  libstdc++64.4.2-3The GNU Standard C++ Library v3

frei0r-plugins recommends no packages.

frei0r-plugins suggests no packages.


-- 
Laurent Bonnaud.
http://www.lis.inpg.fr/pages_perso/bonnaud/





-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#515321: Depends on GTK 1.2

2009-12-07 Thread Phil Brooke


Hi,

On Sun, 6 Dec 2009, Moritz Muehlenhoff wrote:

libjsw build-depends on libgtk1.2-dev, which will be removed for Squeeze.

Please port it to GTK 2 or request it's removal.


Darren, what's the status? Shall we go ahead and remove libjsw (and
searchandrescue along with it)?


Unfortunately, I don't have time to take on libjsw.  From the point of 
searchandrescue, I'm hoping to either modify it to use a different 
joystick interface, or simply disable the joystick (since it's playable 
with keyboard only).  Either way, I have to do some work on 
searchandrescue.


Cheers,

Phil.

--
Phil Brooke OpenPGP key: 1024D/50973B91 2000-12-19



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559802: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Stefan Hornburg (Racke)


Michael Gilbert wrote:

Package: courier-authlib
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities  Exposures) id was
published for libtool.  I have determined that this package embeds a
vulnerable copy of the libtool source code.  However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the package is not affected, please feel free to close the bug
with a message containing the details of what you did to check.

CVE-2009-3736[0]:
| ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
| attempts to open a .la file in the current working directory, which
| allows local users to gain privileges via a Trojan horse file.

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.



Is there a patch available for the vulnerability?

I don't know which modifications were applied upstream to the libtool
copy.

Regards
 Racke


--
LinuXia Systems = http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP = http://www.icdevgroup.org/
Interchange Development Team




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559836: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Sylvestre Ledru

Manuel, are you going to handle this issue or do you want me to do it ?

Thanks
Sylvestre

Le lundi 07 décembre 2009 à 00:06 -0500, Michael Gilbert a écrit :
 Package: openmpi
 Severity: grave
 Tags: security
 
 Hi,
 
 The following CVE (Common Vulnerabilities  Exposures) id was
 published for libtool.  I have determined that this package embeds a
 vulnerable copy of the libtool source code.  However, since this is a
 mass bug filing (due to so many packages embedding libtool), I have not
 had time to determine whether the vulnerable code is actually present
 in any of the binary packages. Please determine whether this is the
 case. If the binary packages are not affected, please feel free to close
 the bug with a message containing the details of what you did to check.
 
 CVE-2009-3736[0]:
 | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
 | attempts to open a .la file in the current working directory, which
 | allows local users to gain privileges via a Trojan horse file.
 
 Note that this problem also affects etch and lenny, so if your package
 is affected, please coordinate with the security team to release the
 DSA for the affected packages.
 
 If you fix the vulnerability please also make sure to include the
 CVE id in your changelog entry.
 
 For further information see:
 
 [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
 http://security-tracker.debian.org/tracker/CVE-2009-3736
 
 
 





-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0

2009-12-07 Thread Luca Bigliardi


reassign 559855 libcv-dev
affects 559855 frei0r-plugins
thanks

On Mon, Dec 07, 2009 at 09:20 AM, Laurent Bonnaud wrote:

Hi Laurent,

 Removing the -DHAVE_CONFIG_H option allows cv.h to be included without
 error.

HAVE_CONFIG_H is automatically defined by autotools when autoheader is
used.

I think OpenCV should use less generic names in their public headers,
something like HAVE_CV_CONFIG_H .

Thank you,
Luca

-- 
Beware of programmers who carry screwdrivers.
-- Leonard Brandwein

http://shammash.homelinux.org/ - http://www.artha.org/ - http://www.yue.it/



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: gnome-bluetooth] read/write access to the /dev/rfkill device is required

Processing commands for cont...@bugs.debian.org:

 severity 552185 serious
Bug #552185 [gnome-bluetooth] [gnome-bluetooth] read/write access to the 
/dev/rfkill device is required
Severity set to 'serious' from 'minor'

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0

Processing commands for cont...@bugs.debian.org:

 reassign 559855 libcv-dev
Bug #559855 [frei0r-plugins] frei0r-plugins: FTBFS with OpenCV 2.0
Bug reassigned from package 'frei0r-plugins' to 'libcv-dev'.
Bug No longer marked as found in versions frei0r/1.1.22git20090409-2.
 affects 559855 frei0r-plugins
Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0
Added indication that 559855 affects frei0r-plugins
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#552185: gnome-bluetooth] read/write access to the /dev/rfkill device is required

2009-12-07 Thread Fabian Greffrath


severity 552185 serious
thanks

Dear all,

since the last dist-upgrade the situation has worsened for me. I am 
not even able to enable bluetooth via gnome-bluetooth anymore. To be 
honest, I am not sure if maybe the bluez upgrade (4.42 - 4.57) has 
caused this issue, but since bluetooth doesn't work at all, I am 
raising severity.


Something has to be done quickly, I don't consider the current 
bluetooth situation ready for release.


Cheers,
Fabian


--
Dipl.-Phys. Fabian Greffrath

Ruhr-Universität Bochum
Lehrstuhl für Energieanlagen und Energieprozesstechnik (LEAT)
Universitätsstr. 150, IB 3/134
D-44780 Bochum

Telefon: +49 (0)234 / 32-26334
Fax: +49 (0)234 / 32-14227
E-Mail:  greffr...@leat.ruhr-uni-bochum.de



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559839: marked as done (CVE-2009-3736 local privilege escalation)

Your message dated Mon, 7 Dec 2009 10:18:13 +0100 (CET)
with message-id c5349c17ab7f47e3e20afd09ce3896bb.squir...@www.linux-dev.org
and subject line Re: Bug#559839: CVE-2009-3736 local privilege escalation
has caused the Debian Bug report #559839,
regarding CVE-2009-3736 local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)

--
559839: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559839
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: sbnc
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities Exposures) id was
published for libtool. I have determined that this package embeds a
vulnerable copy of the libtool source code. However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the binary packages are not affected, please feel free to close
the bug with a message containing the details of what you did to check.

CVE-2009-3736[0]:
| ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
| attempts to open a .la file in the current working directory, which
| allows local users to gain privileges via a Trojan horse file.

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://security-tracker.debian.org/tracker/CVE-2009-3736

---End Message---
---BeginMessage---
Hi,

this is already fixed, also in the Lenny release, look here:

http://packages.debian.org/changelogs/pool/main/s/sbnc/current/changelog#versionversion1.2-8

So I am closing.

Package: sbnc
Severity: grave
Tags: security

Hi,

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://security-tracker.debian.org/tracker/CVE-2009-3736

---End Message---

Processed: notfound 559765 in 6.1.21-1

Processing commands for cont...@bugs.debian.org:

 notfound 559765 6.1.21-1
Bug #559765 [jetty] jetty: CVE-2007-6672 info disclosure
Bug No longer marked as found in versions jetty/6.1.21-1.

End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#557781: apt-proxy: lacks dep on zope.interface

2009-12-07 Thread Xavier Luthi

reassign 557781 python-twisted-core
thanks

Bonjour Yann,

On Tue, Nov 24, 2009 at 12:44:37PM +0100, Yann Dirson wrote:
 Package: apt-proxy
 Version: 1.9.36.3+nmu2
 Severity: serious
 
 While updating today both apt-proxy and zope.interface, I got the
 following error.  It looks like apt-proxy requires zope.interface but
 does not declare a dependency on it.  Shouldn't lintian detect such
 problems ?
 

apt-proxy depends on python-twisted-web, which depends on
python-twisted-core, which finally depends on python-zope.interface |
python-zopeinterface (= 3.2.1-3).

This means that zope.interface module is an indirect dependendy of
apt-proxy and should be installed anyway...

I'm reassigning this bug to python-twisted-core as it seems it's a
dependency issue in twisted.

Cheers, 
 Xavier


 Paramétrage de apt-proxy (1.9.36.3+nmu2) ...
 update-rc.d: warning: apt-proxy stop runlevel arguments (0 1 6) do not match 
 LSB Default-Stop values (1)
 insserv: warning: current stop runlevel(s) (0 1 6) of script `apt-proxy' 
 overwrites defaults (1).
 insserv: warning: current stop runlevel(s) (0 1 6) of script `pwrkap' 
 overwrites defaults (empty).
 insserv: warning: current stop runlevel(s) (0 1 6) of script `cpufrequtils' 
 overwrites defaults (empty).
 Starting apt-proxy:Traceback (most recent call last):
   File /usr/bin/twistd, line 20, in module
 from twisted.scripts.twistd import run
   File /usr/lib/python2.5/site-packages/twisted/scripts/twistd.py, line 11, 
 in module
 from twisted.application import app
   File /usr/lib/python2.5/site-packages/twisted/application/app.py, line 7, 
 in module
 from twisted.python import runtime, log, usage, failure, util, logfile
   File /usr/lib/python2.5/site-packages/twisted/python/log.py, line 17, in 
 module
 from zope.interface import Interface
 ImportError: No module named interface
  failed!
 [...]
 Paramétrage de python-zope.interface (3.5.2-2) ...
 
 
 -- System Information:
 Debian Release: squeeze/sid
   APT prefers testing
   APT policy: (990, 'testing'), (500, 'oldstable'), (500, 'unstable'), (500, 
 'stable'), (101, 'experimental')
 Architecture: i386 (i686)
 
 Kernel: Linux 2.6.30-1-686-bigmem (SMP w/2 CPU cores)
 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
 Shell: /bin/sh linked to /bin/bash
 
 Versions of packages apt-proxy depends on:
 ii  adduser  3.111   add and remove users and groups
 ii  bzip21.0.5-3 high-quality block-sorting file 
 co
 ii  debconf [debconf-2.0]1.5.28  Debian configuration management 
 sy
 ii  logrotate3.7.8-4 Log rotation utility
 ii  python   2.5.4-2 An interactive high-level 
 object-o
 ii  python-apt   0.7.13.3Python interface to libapt-pkg
 ii  python-central   0.6.12+nmu1 register and build utility for 
 Pyt
 ii  python-twisted-web   8.2.0-2 An HTTP protocol implementation 
 to
 
 apt-proxy recommends no packages.
 
 Versions of packages apt-proxy suggests:
 ii  rsync 3.0.6-1fast remote file copy program 
 (lik
 
 -- debconf information excluded
 
 
 



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#557781: apt-proxy: lacks dep on zope.interface

Processing commands for cont...@bugs.debian.org:

 reassign 557781 python-twisted-core
Bug #557781 [apt-proxy] apt-proxy: lacks dep on zope.interface
Bug reassigned from package 'apt-proxy' to 'python-twisted-core'.
Bug No longer marked as found in versions apt-proxy/1.9.36.3+nmu2.
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559765: marked as done (jetty: CVE-2007-6672 info disclosure)

Your message dated Mon, 07 Dec 2009 10:38:07 +0100
with message-id 4b1cccff.2070...@thykier.net
and subject line Re: Bug#559765: jetty: CVE-2007-6672 info disclosure
has caused the Debian Bug report #559765,
regarding jetty: CVE-2007-6672 info disclosure
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

--
559765: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559765
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: jetty
Version: 6.1.21-1
Severity: serious
Tags: security

Hi,

The following CVE (Common Vulnerabilities Exposures) id was
published for jetty.

CVE-2007-6672[0]:
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass
| protection mechanisms and read the source of files via multiple '/'
| (slash) characters in the URI.

This may already be fixed. Some of the messages that are linked from
the mitre page indiced that supposedly this was to be fixed in 6.1.7,
but I was unable to track down patches to verify. Please check.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6672
http://security-tracker.debian.org/tracker/CVE-2007-6672

---End Message---
---BeginMessage---
Michael Gilbert wrote:
Package: jetty
Version: 6.1.21-1
Severity: serious
Tags: security

Hi,

The following CVE (Common Vulnerabilities Exposures) id was
published for jetty.

CVE-2007-6672[0]:
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass
| protection mechanisms and read the source of files via multiple '/'
| (slash) characters in the URI.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6672
http://security-tracker.debian.org/tracker/CVE-2007-6672

___
pkg-java-maintainers mailing list
pkg-java-maintain...@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers

Hi Michael

Thank you for your report.

I found the upstream bug report[1] where upstream say they have fixed it
in 6.1.7 (and provide a fix for earlier versions as well) - I saw no
reason to doubt this.

Nevertheless if you can reproduce the issue, please do not hesitate to
reopen the bug.

~Niels

[1]
http://jira.codehaus.org/browse/JETTY-386?focusedCommentId=117699page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#action_117699

quote
[...] Release 6.1.7 is now being created with this fix. [...]
/quote

signature.asc
Description: OpenPGP digital signature
---End Message---

Bug#558099:

2009-12-07 Thread Simon Danner

exactly nothing happens, the alarm doesn't get added to the overview and
it won't alarm you at the specified time.




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#516182: linpopup: Gtk1.2 about to be removed from Debian

2009-12-07 Thread Paul Slootman

On Sun 06 Dec 2009, Moritz Muehlenhoff wrote:
 
 What's the status? Do you intend to update to linpopup2 for Squeeze
 or shall we remove linpopup from the archive? Given that it's
 obsolete on Windows for a long time (according to Wikipedia it was
 dropped with Windows NT), this seems sensible.

I agree that it's most probably obsolete, and time to remove it.


Paul



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#540427: Real patch for my NMU

2009-12-07 Thread Free Ekanayaka

|--== On Mon, 7 Dec 2009 06:19:40 +0100, Cyril Brulebois k...@debian.org 
said:

  CB Sorry about the first NMU, looks like I only removed libc6-dev from
  CB Build-Depends on a porter box, and checked it was OK there; and only
  CB wrote about it on my devel box, where the NMU was prepared. Hopefully
  CB the next one is OK. Sorry about that.

No worries. Thanks for having fixed this.

Ciao!

Free



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: fails to install if /etc/sysctl.d/ not present

Processing commands for cont...@bugs.debian.org:

 retitle 559754 fails to install if /etc/sysctl.d/ not present
Bug #559754 [netbase] netbase: Fails to install on non-Linux
Changed Bug title to 'fails to install if /etc/sysctl.d/ not present' from 
'netbase: Fails to install on non-Linux'
 severity 559754 serious
Bug #559754 [netbase] fails to install if /etc/sysctl.d/ not present
Severity set to 'serious' from 'important'

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: merge

Processing commands for cont...@bugs.debian.org:

 forcemerge 559857 559855
Bug#559857: libcv-dev: cv.h does not compile with
Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0
Forcibly Merged 559855 559857.

 severity 559857 serious
Bug #559857 [libcv-dev] libcv-dev: cv.h does not compile with
Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0
Severity set to 'serious' from 'important'

Severity set to 'serious' from 'important'

 affects 559857 gimp-plugin-registry
Bug #559857 [libcv-dev] libcv-dev: cv.h does not compile with
Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0
Added indication that 559857 affects gimp-plugin-registry
Added indication that 559855 affects gimp-plugin-registry
 retitle 559857 libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H from 
 autotools/autoheader
Bug #559857 [libcv-dev] libcv-dev: cv.h does not compile with
Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0
Changed Bug title to 'libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H 
from autotools/autoheader' from 'libcv-dev: cv.h does not compile with'
Changed Bug title to 'libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H 
from autotools/autoheader' from 'frei0r-plugins: FTBFS with OpenCV 2.0'
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559857: libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H from autotools/autoheader

2009-12-07 Thread Laurent Bonnaud

Hi,

this bug also affects gimp-plugin-registry:

$ fakeroot apt-get -b source gimp-plugin-registry
[...]
Making all in src
make[4]: Entering directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src/src'
if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -D_REENTRANT -pthread 
-I/usr/include/gimp-2.0 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include 
-I/usr/include/gtk-2.0 -I/usr/lib/gtk-2.0/include -I/usr/include/atk-1.0 
-I/usr/include/cairo -I/usr/include/pango-1.0 -I/usr/include/pixman-1 
-I/usr/include/freetype2 -I/usr/include/directfb -I/usr/include/libpng12 
-I/usr/include `pkg-config --cflags opencv`  
-DLOCALEDIR=\/usr/share/locale\ -DDATADIR=\/usr/share/dustcleaner\   
-Wall -g -O2 -fno-tree-pre  -MT dustcleaner_gimp_plugin.o -MD -MP -MF 
.deps/dustcleaner_gimp_plugin.Tpo \
  -c -o dustcleaner_gimp_plugin.o `test -f 'dustcleaner_gimp_plugin.c' 
|| echo './'`dustcleaner_gimp_plugin.c; \
then mv -f .deps/dustcleaner_gimp_plugin.Tpo 
.deps/dustcleaner_gimp_plugin.Po; \
else rm -f .deps/dustcleaner_gimp_plugin.Tpo; exit 1; \
fi
In file included from /usr/include/opencv/cxcore.hpp:46,
 from /usr/include/opencv/cxcore.h:2123,
 from /usr/include/opencv/cv.h:58,
 from dust.h:31,
 from dustcleaner_gimp_plugin.c:34:
/usr/include/opencv/cxmisc.h:52:26: error: cvconfig.h: No such file or directory
make[4]: *** [dustcleaner_gimp_plugin.o] Error 1
make[4]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src/src'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src'
make[1]: *** [build-stamp] Error 2
make[1]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner'
make: *** [build-stamp] Error 1
dpkg-buildpackage: error: debian/rules build gave error exit status 2
Build command 'cd gimp-plugin-registry-2.2  dpkg-buildpackage -b -uc' failed.
E: Child process failed

-- 
Laurent Bonnaud.
http://www.lis.inpg.fr/pages_perso/bonnaud/





-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#525549: gnucash: Missing account file

2009-12-07 Thread Sam Morris

On Mon, 2009-12-07 at 08:48 +0100, Micha Lenk wrote:
 Hi Sam,
 
 Sam Morris wrote:
  I would appreciate it if you could make a gnucash-dbg package available
  to aid in debugging this further.
 
 Gnucash 2.2.9-2, currently available in Debian unstable, has now a
 gnucash-dbg package with debugging symbols. Could you triage your bug
 again with this package installed?

Wow, thanks for that!

I ran into this again yesterday but there was no segfault. I will update
this bug again as soon as I have more information.
 
 Thanks in advance.
 
 Regards
   Micha


-- 
Sam Morris s...@robots.org.uk



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#558816: marked as done (ubuntu-dev-tools and buildd: error when trying to install together)

Your message dated Mon, 07 Dec 2009 11:32:23 +
with message-id e1nhbph-00074j...@ries.debian.org
and subject line Bug#558816: fixed in ubuntu-dev-tools 0.84
has caused the Debian Bug report #558816,
regarding ubuntu-dev-tools and buildd: error when trying to install together
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
558816: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558816
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: buildd,ubuntu-dev-tools
Version: buildd/0.59.0-1
Version: ubuntu-dev-tools/0.83debian1
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite

Date: 2009-11-30
Architecture: amd64
Distribution: sid

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:


WARNING: The following packages cannot be authenticated!
  libdb4.6 exim4-config exim4-base libpcre3 exim4-daemon-light exim4 libdb4.5
  libsqlite3-0 mime-support patch python2.5-minimal python2.5 python-minimal
  python python-central binutils bzip2 dctrl-tools liblzma1 xz-utils make
  libtimedate-perl dpkg-dev devscripts diffstat dupload libboost-system1.40.0
  libboost-filesystem1.40.0 libboost-program-options1.40.0 libicu42
  libboost-regex1.40.0 libfilesys-df-perl liblockdev1 python-support
  lsb-release python-apt python-debian python-httplib2 python-simplejson
  python-pkg-resources python-lazr.uri python-wadllib python-zope.interface
  python-lazr.restfulclient python-oauth python-launchpadlib schroot-common
  schroot sudo ubuntu-dev-tools libsbuild-perl sbuild buildd
W: cowdancer: unsupported operation, read-only open and fchown/fchmod/flock: 
2055:5406998
W: cowdancer: unsupported operation, read-only open and fchown/fchmod/flock: 
2055:5407760
W: cowdancer: unsupported operation, read-only open and fchown/fchmod/flock: 
2055:5406727

Extracting templates from packages: 56%
Extracting templates from packages: 100%
Preconfiguring packages ...
Authentication warning overridden.
Can not write log, openpty() failed (/dev/pts not mounted?)
Selecting previously deselected package libdb4.6.
(Reading database ... 10438 files and directories currently installed.)
Unpacking libdb4.6 (from .../libdb4.6_4.6.21-15_amd64.deb) ...
Selecting previously deselected package exim4-config.
Unpacking exim4-config (from .../exim4-config_4.69-11_all.deb) ...
Selecting previously deselected package exim4-base.
Unpacking exim4-base (from .../exim4-base_4.69-11+b1_amd64.deb) ...
Selecting previously deselected package libpcre3.
Unpacking libpcre3 (from .../libpcre3_7.8-3_amd64.deb) ...
Selecting previously deselected package exim4-daemon-light.
Unpacking exim4-daemon-light (from .../exim4-daemon-light_4.69-11+b1_amd64.deb) 
...
Selecting previously deselected package exim4.
Unpacking exim4 (from .../archives/exim4_4.69-11_all.deb) ...
Selecting previously deselected package libdb4.5.
Unpacking libdb4.5 (from .../libdb4.5_4.5.20-13.1_amd64.deb) ...
Selecting previously deselected package libsqlite3-0.
Unpacking libsqlite3-0 (from .../libsqlite3-0_3.6.20-1_amd64.deb) ...
Selecting previously deselected package mime-support.
Unpacking mime-support (from .../mime-support_3.46-1_all.deb) ...
Selecting previously deselected package patch.
Unpacking patch (from .../patch_2.5.9-5_amd64.deb) ...
Selecting previously deselected package python2.5-minimal.
Unpacking python2.5-minimal (from .../python2.5-minimal_2.5.4-3_amd64.deb) ...
Selecting previously deselected package python2.5.
Unpacking python2.5 (from .../python2.5_2.5.4-3_amd64.deb) ...
Selecting previously deselected package python-minimal.
Unpacking python-minimal (from .../python-minimal_2.5.4-2_all.deb) ...
Selecting previously deselected package python.
Unpacking python (from .../python_2.5.4-2_all.deb) ...
Selecting previously deselected package python-central.
Unpacking python-central (from .../python-central_0.6.13_all.deb) ...
Selecting previously deselected package binutils.
Unpacking binutils (from .../binutils_2.20-4_amd64.deb) ...
Selecting previously deselected package bzip2.
Unpacking bzip2 (from .../bzip2_1.0.5-3_amd64.deb) ...
Selecting previously deselected package dctrl-tools.
Unpacking dctrl-tools (from .../dctrl-tools_2.13.1_amd64.deb) ...
Selecting previously deselected package liblzma1.
Unpacking liblzma1 (from .../liblzma1_4.999.9beta+20091116-1_amd64.deb) ...
Selecting previously deselected package xz-utils.
Unpacking xz-utils (from .../xz-utils_4.999.9beta+20091116-1_amd64.deb) ...
Selecting

Bug#559754: fails to install if /etc/sysctl.d/ not present

2009-12-07 Thread Marco d'Itri

On Dec 07, Michael Biebl bi...@debian.org wrote:

 The obvious fix for this is, that the netbase postinst should simply create 
 the
 /etc/sysctl.d/ directory if not existent.
I do not want an obvious fix, I want the people who care about non-linux
ports to tell me how they should be tested for.

-- 
ciao,
Marco


signature.asc
Description: Digital signature

Bug#544903: marked as done (CVE-2009-2195 WebKit: buffer overflow in floating point numbers parsing)

Your message dated Mon, 7 Dec 2009 12:55:12 +0100
with message-id 200912071255.12302.f...@debian.org
and subject line CVE-2009-2195 WebKit: buffer overflow in floating point 
numbers parsing
has caused the Debian Bug report #544903,
regarding CVE-2009-2195 WebKit: buffer overflow in floating point numbers 
parsing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
544903: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544903
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: qt4-x11
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities  Exposures) id was
published for qt4-x11.

CVE-2009-2195[0]:
| Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote
| attackers to execute arbitrary code or cause a denial of service
| (application crash) via crafted floating-point numbers.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

A patch for this is 
availablehttp://trac.webkit.org/changeset/45696, looking at 
the code in qt4-x11 you probably need to port it :/

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2195
http://security-tracker.debian.net/tracker/CVE-2009-2195

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0
For security reasons, all text in this mail is double-rot13 encrypted.


pgpBm0HtURlgW.pgp
Description: PGP signature
---End Message---
---BeginMessage---
Version: 4:4.6.0-1

---End Message---

Bug#545358: Re: Bug#545358: The patch doesn't seem right

2009-12-07 Thread Maximiliano Curia

Hola Fernando López!

El 07/12/2009 a las 02:19 escribiste:
 Did you take in account the patch 01_debian_4.0.patch introduced in the
 version 2.6.0-2lenny2? It replaces the appereances of debian-3.0 for just
 debian.

Ok, I hadn't seen it.

 This patch changes the dicts and I think it may introduce this bug, as for the
 solution I don't know if there is any better but the one we propose actually
 works, we are using it in our Distro and it works.

 We will prepare a full patch in a few days and send you.

The patch (01_debian_4.0.patch) also removes debian-3.0 without adding a
debian from various places (Hosts, TimeDate, SMB). Can you confirm that
those aren't needed?

In any case, it's usually better to use the fix that was applied by upstream,
specially if you want to push the change to stable.

Thanks, 
-- 
Haskell is faster than C++, more concise than Perl, more regular than Python,
more flexible than Ruby, more typeful than C#, more robust than Java, and has
absolutely nothing in common with PHP. -- Audrey Tang
Saludos /\/\ /\  `/



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559754: fails to install if /etc/sysctl.d/ not present

2009-12-07 Thread Michael Biebl

Marco d'Itri wrote:
 On Dec 07, Michael Biebl bi...@debian.org wrote:
 
 The obvious fix for this is, that the netbase postinst should simply create 
 the
 /etc/sysctl.d/ directory if not existent.
 I do not want an obvious fix, I want the people who care about non-linux
 ports to tell me how they should be tested for.

Well, my point was, that it also fails to install on linux, because procps is
not guaranteed to be installed (as e.g. is in my pbuilder chroot), so the
/etc/sysctl.d directory is not present.

That the sysctl snippet has no effect on non-linux is another issue and should
probably be handled in a separate bug report.

Michael
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#559876: virtualbox-ose-guest-dkms: dkms error during install and purge

2009-12-07 Thread Achim Schaefer

Package: virtualbox-ose-guest-dkms
Version: 3.1.0-dfsg-1
Severity: grave
Justification: renders package unusable

During install one gets the following error:
Setting up virtualbox-ose-guest-dkms (3.1.0-dfsg-1) ...
Adding Module to DKMS build system 

Error! Invalid number of arguments passed.
Usage: add -m module -v module-version


This is due to a reference in the postinst and prerm scripts.
both still refer to the virtualbox-ose-guest-source package name

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable 
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
   

Kernel: Linux 2.6.31-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages virtualbox-ose-guest-dkms depends on:
ii  build-essential   11.4   Informational list of build-essent
ii  dpkg-dev  1.15.5.3   Debian package development tools  
ii  make  3.81-7 An utility for Directing compilati

Versions of packages virtualbox-ose-guest-dkms recommends:
ii  dkms  2.1.0.1-3  Dynamic Kernel Module Support Fram

virtualbox-ose-guest-dkms suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559845: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Simon Horman

On Mon, Dec 07, 2009 at 12:11:07AM -0500, Michael Gilbert wrote:
 Package: heartbeat
 Severity: grave
 Tags: security
 
 Hi,
 
 The following CVE (Common Vulnerabilities  Exposures) id was
 published for libtool.  I see that heartbeat in unstable no longer
 embeds libtool, but it appears that etch and lenny still have it.  I am
 not sure if it is actually used in the binary packages though.  Please
 check.  If those packages are not affected, please close the bug.
 
 CVE-2009-3736[0]:
 | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
 | attempts to open a .la file in the current working directory, which
 | allows local users to gain privileges via a Trojan horse file.
 
 Note that this problem also affects etch and lenny, so if your package
 is affected, please coordinate with the security team to release the
 DSA for the affected packages.
 
 If you fix the vulnerability please also make sure to include the
 CVE id in your changelog entry.
 
 For further information see:
 
 [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
 http://security-tracker.debian.org/tracker/CVE-2009-3736

Hi,

Thanks for bringing this to my attention.

First, for clarification, I believe the relevant packages that are potentially
affected are:

Etch (oldstable):  heartbeat 1.2.5-3, heartbeat-2 2.0.7-2
Lenny (stable):heartbeat 2.1.3-6lenny4
Squeeze (testing): heartbeat 2.1.4-7
Sid (unstable):heartbeat 2.1.4-7
Experimental:  heartbeat 2.99.2+sles11r9-1


With reference to https://bugzilla.redhat.com/show_bug.cgi?id=537941,
which seems to be the most comprehensive source of information on this topic
from a coding point of view, I have noted the following:

* In the Etch, Lenny, Sqeeze and Sid versions of heartbeat
  (and heartbeat-2) .la files are only provided in -dev packages,
  which I suspect would not ordinarily be installed.

  I am unsure of the status of this with regards to the Experimental version.

* In the Etch version the only place that lt_dlopen*() appears to be called
  is inside the PILS library. And in a somewhat verbose way PILS ensures
  that the argument passed to lt_dlopen() is an absolute path which begins
  with /usr/lib/heartbeat/plugins (PLUGIN_DIR, set at compile time).

  I will verify this in the other versions. Probably tomorrow.

With the latter point in mind I am suspecting that heartbeat
(and heartbeat-2) is not vulnerable to this problem. I would
greatly appreciate other opinions on this.




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559836: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Sylvestre Ledru

Le lundi 07 décembre 2009 à 13:30 +0100, Manuel Prinz a écrit :
 Am Montag, den 07.12.2009, 09:30 +0100 schrieb Sylvestre Ledru:
  Manuel, are you going to handle this issue or do you want me to do it ?
 
 I can take care of that. I've forwarded this upstream already. The best
 option would be having a fixed libtool available, or trying to use the
 backported patch in the CVE. Information on fixing this is quite sparse,
 unfortunately.
 
 I hope that there will be some more information in the thread on d-d. I
 can take care of it this evening. If you want to go faster, feel free to
 do so. You don't need to ask for permission. We're a team, aren't we? ;)
Indeed but sometimes, you have upcoming modifications :)

Sylvestre






-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559836: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Manuel Prinz

Am Montag, den 07.12.2009, 09:30 +0100 schrieb Sylvestre Ledru:
 Manuel, are you going to handle this issue or do you want me to do it ?

I can take care of that. I've forwarded this upstream already. The best
option would be having a fixed libtool available, or trying to use the
backported patch in the CVE. Information on fixing this is quite sparse,
unfortunately.

I hope that there will be some more information in the thread on d-d. I
can take care of it this evening. If you want to go faster, feel free to
do so. You don't need to ask for permission. We're a team, aren't we? ;)

Best regards
Manuel




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#549745: mail-notification: FTBFS: em-format-html.h:37:29: error: gtkhtml/gtkhtml.h: No such file or directory

2009-12-07 Thread Yavor Doganov

On Mon, Dec 07, 2009 at 02:05:17AM +0100, Cyril Brulebois wrote:
 See evolution-dev's #559771. I would have been uploading an NMU with
 the attached patch since it's been 2 months without a single reply to
 this RC bug, but there's an include path missing
 (-I/usr/include/libgtkhtml-3.14), and it seems that this “jb” build
 system ignores CFLAGS et al.

It does know cflags/cppflags/etc though (yay for non-standard
variables and build systems), so passing

cppflags=-I/usr/include/libgtkhtml-3.14 -I/usr/include/libgtkhtml-3.14/editor

to ./jb configure in the configure-stamp target appears to do the
job.

 +  * Add a workaround for evolution-dev's #559771: add libgtkhtml3.14-dev
 +to Build-Depends.

You also need libgtkhtml-editor-dev and libebook1.2-dev.  CCing the
Evo bug because of that.



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559809: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Paolo Bonzini




If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.


fixed by the upstream patch 232557c9e5a24f5dbd18ad9a2106cafb74e4e0cf

Paolo



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559884: gnustep-dl2: FTBFS: ../EOControl/EOQualifier.h:240: error: cannot find interface declaration for ‘NSArray’

2009-12-07 Thread Yavor Doganov

Source: gnustep-dl2
Version: 0.11.0-1.1
Severity: serious
Tags: patch fixed-upstream

At Fri, 04 Dec 2009 19:33:16 +0100,
Federico Gimenez Nieto wrote:
 On Wed, 2009-11-25 at 10:33 +0100, Gürkan Sengün wrote:
  I had prepared a newer version of gnustep-dl2 long time ago, but
  never found a sponsor for it:
  
  http://sid.ethz.ch/debian/gnustep-dl2/ (gnustep-dl2_0.12.0-1.dsc)
  
  and I also tried to build it against the latest gnustep tarball versions
  but it failed:
  
  http://gnu.ethz.ch/debian/gnustep-dl2/gnustep-dl2_0.12.0-1_i386.build

 I get the same error when trying to build the current package [1] with
 pbuilder, could you please confirm this?

Yes, so let's record it as a bug before Lucas Nussbaum reports it :-)

This is yet another issue revealed with gnustep-base/1.19.3, and
already fixed in SVN trunk (rev 28419).



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#546192: gnucash: HBCI support stopped working (chipcard)

2009-12-07 Thread Micha Lenk

reassign 546192 libaqbanking
severity 546192 serious
tags 546192 - moreinfo
found 546192 4.1.2-1
fixed 546192 4.1.6-1
done 546192
unarchive 545894
merge 545894 546192
archive 545894
thanks

Hi Sascha,

Sascha Silbe wrote:
 On Fri, Sep 11, 2009 at 04:52:37PM +0200, Micha Lenk wrote:
 [...] Can you
 please run gnucash --debug and make the resulting file
 /tmp/gnucash.trace somehow available to me?
 gnucash --debug created the file somewhere else than it said it would,
 so I didn't find the file at first. The relevant part of it looks very
 similar to #545894 (except that I tried to retrieve transactions instead
 of balance, so it says JobGetTransactions in place of JobGetBalance), so
 you can merge these two bugs. Sorry for the dupe.

So I hereby do.

Regards
  Micha



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed (with 2 errors): Re: Bug#546192: gnucash: HBCI support stopped working (chipcard)

Processing commands for cont...@bugs.debian.org:

 reassign 546192 libaqbanking
Bug #546192 [gnucash] gnucash: HBCI support stopped working (chipcard)
Bug reassigned from package 'gnucash' to 'libaqbanking'.
Bug No longer marked as found in versions 2.2.9-0.1.
 severity 546192 serious
Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard)
Severity set to 'serious' from 'normal'

 tags 546192 - moreinfo
Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard)
Removed tag(s) moreinfo.
 found 546192 4.1.2-1
Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard)
There is no source info for the package 'libaqbanking' at version '4.1.2-1' 
with architecture ''
Unable to make a source version for version '4.1.2-1'
Bug Marked as found in versions 4.1.2-1.
 fixed 546192 4.1.6-1
Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard)
There is no source info for the package 'libaqbanking' at version '4.1.6-1' 
with architecture ''
Unable to make a source version for version '4.1.6-1'
Bug Marked as fixed in versions 4.1.6-1.
 done 546192
Unknown command or malformed arguments to command.

 unarchive 545894
Bug #545894 {Done: Micha Lenk mi...@lenk.info} [libaqbanking] gnucash: No 
import with HBCI anymore
Bug #547507 {Done: Micha Lenk micha.l...@tm.uka.de} [libaqbanking] 
[libaqhbci16] false-positive error: Job ... not supported by your bank
Unarchived Bug 545894
Unarchived Bug 547507
 merge 545894 546192
Bug#545894: gnucash: No import with HBCI anymore
Bug#546192: gnucash: HBCI support stopped working (chipcard)
Mismatch - only Bugs in same state can be merged:
Values for `done mark' don't match:
 #545894 has `done';
 #546192 has `open'
Values for `affects' don't match:
 #545894 has `qbankmanager,gnucash,kmymoney2-plugin-aqbanking';
 #546192 has `'

 archive 545894
Bug #545894 {Done: Micha Lenk mi...@lenk.info} [libaqbanking] gnucash: No 
import with HBCI anymore
Bug #547507 {Done: Micha Lenk micha.l...@tm.uka.de} [libaqbanking] 
[libaqhbci16] false-positive error: Job ... not supported by your bank
archived 545894 to archive/94 (from 545894)
deleted 545894 (from 545894)
archived 547507 to archive/07 (from 545894)
deleted 547507 (from 545894)
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: closing 546192

Processing commands for cont...@bugs.debian.org:

 # Automatically generated email from bts, devscripts version 2.10.35lenny7
 close 546192
Bug#546192: gnucash: HBCI support stopped working (chipcard)
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug closed, send any further explanations to Sascha Silbe 
sascha-debian-bugs-...@silbe.org


End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: your mail

Processing commands for cont...@bugs.debian.org:

 reassign 559758 virtualbox-ose
Bug #559758 [virtualbox-ose-dkms] [virtualbox-ose-dkms] Cannot install dkms 
moduleg
Bug reassigned from package 'virtualbox-ose-dkms' to 'virtualbox-ose'.
Bug No longer marked as found in versions virtualbox-ose/3.1.0-dfsg-1.
 reassign 559876 virtualbox-ose
Bug #559876 [virtualbox-ose-guest-dkms] virtualbox-ose-guest-dkms: dkms error 
during install and purge
Bug reassigned from package 'virtualbox-ose-guest-dkms' to 'virtualbox-ose'.
Bug No longer marked as found in versions virtualbox-ose/3.1.0-dfsg-1.
 forcemerge 559502 559876
Bug#559502: virtualbox-ose: dkms postinst querys source package for the 
upstream version
Bug#559876: virtualbox-ose-guest-dkms: dkms error during install and purge
Forcibly Merged 559502 559876.

 forcemerge 559502 559758
Bug#559502: virtualbox-ose: dkms postinst querys source package for the 
upstream version
Bug#559758: [virtualbox-ose-dkms] Cannot install dkms moduleg
Bug#559876: virtualbox-ose-guest-dkms: dkms error during install and purge
Forcibly Merged 559502 559758 559876.

 retitle 559502 postinst scripts query for -source instead of -dkms
Bug #559502 [virtualbox-ose] virtualbox-ose: dkms postinst querys source 
package for the upstream version
Bug #559758 [virtualbox-ose] [virtualbox-ose-dkms] Cannot install dkms moduleg
Bug #559876 [virtualbox-ose] virtualbox-ose-guest-dkms: dkms error during 
install and purge
Changed Bug title to 'postinst scripts query for -source instead of -dkms' from 
'virtualbox-ose: dkms postinst querys source package for the upstream version'
Changed Bug title to 'postinst scripts query for -source instead of -dkms' from 
'[virtualbox-ose-dkms] Cannot install dkms moduleg'
Changed Bug title to 'postinst scripts query for -source instead of -dkms' from 
'virtualbox-ose-guest-dkms: dkms error during install and purge'
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#552433: stable update: nss-ldapd (#552433: libnss-ldapd: ignores case of uids)

2009-12-07 Thread Holger Levsen

Hi,

On Sonntag, 6. Dezember 2009, Arthur de Jong wrote:
 I brought up bug #552433 here earlier [0] and have been in contact with
 the security team about this but haven't had a definite answer from them
 whether they want (or don't want) to issue an advisory for this.

 I'm now convinced this is a security problem because it can result in
 wrong privileges to be assigned and in denial of service (see [1] for
 more information).

Debian Edu would also very much like this to be fixed soon, see 
http://bugs.skolelinux.org/show_bug.cgi?id=1383 - it's a release blocker for 
our lenny based release as it causes (+has caused already) real world prblems 
as you can read in #1383.


cheers,
Holger


signature.asc
Description: This is a digitally signed message part.

Processed: tagging 559496

Processing commands for cont...@bugs.debian.org:

 tags 559496 + pending
Bug #559496 [gpe-calendar] gpe-calendar: FTBFS since libmimedir-gnome0-dev got 
dropped
Added tag(s) pending.

End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#553230: marked as done (libapache2-mod-macro: missing-dependency-on-libc needed by ./usr/lib/apache2/modules/mod_macro.so but the package doesn't depend on the C library package. No

Your message dated Mon, 07 Dec 2009 15:39:39 +
with message-id e1nhfgz-0005nc...@ries.debian.org
and subject line Bug#553230: fixed in libapache2-mod-macro 1.1.4-3.2
has caused the Debian Bug report #553230,
regarding libapache2-mod-macro: missing-dependency-on-libc needed by 
./usr/lib/apache2/modules/mod_macro.so   but the package doesn't 
depend on the C library package. Normally   this indicates that 
${shlibs: Depends} was omitted from the   Depends line for this 
package in debian/control.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
553230: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553230
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: libapache2-mod-macro
Version: 1.1.4-3.1
Severity: serious
Justification: The listed file appears to be linked against the C library,
User: lintian-ma...@debian.org
Usertags: missing-dependency-on-libc

All shared libraries and compiled binaries must be run through dpkg-shlibdeps to
find out any libraries they are linked against (often via the dh_shlibdeps
debhelper command). The package containing these files must then depend on
${shlibs:Depends} in debian/control to get the proper package dependencies for
those libraries.

Refer to Debian Policy Manual section 8.6 (Dependencies between the library and
other packages - the shlibs system) for details.

,[ 8.6 Dependencies between the library and other packages - the shlibs 
system ]
| If a package contains a binary or library which links to a shared library, we
| must ensure that when the package is installed on the system, all of the
| libraries needed are also installed. This requirement led to the creation of 
the
| shlibs system, which is very simple in its design: any package which provides 
a
| shared library also provides information on the package dependencies required 
to
| ensure the presence of this library, and any package which uses a shared 
library
| uses this information to determine the dependencies it requires. The files 
which
| contain the mapping from shared libraries to the necessary dependency
| information are called shlibs files.
| 
| Thus, when a package is built which contains any shared libraries, it must
| provide a shlibs file for other packages to use, and when a package is built
| which contains any shared libraries or compiled binaries, it must run
| dpkg-shlibdeps on these to determine the libraries used and hence the
| dependencies needed by this package.
`

,[ 8.6.2 How to use dpkg-shlibdeps and the shlibs files ]
| Put a call to dpkg-shlibdeps into your debian/rules file. If your package
| contains only compiled binaries and libraries (but no scripts), you can use a
| command such as:
| 
|  dpkg-shlibdeps debian/tmp/usr/bin/* debian/tmp/usr/sbin/* \
|debian/tmp/usr/lib/*
| 
| Otherwise, you will need to explicitly list the compiled binaries and
| libraries.[53]
| 
| This command puts the dependency information into the debian/substvars file,
| which is then used by dpkg-gencontrol. You will need to place a
| ${shlibs:Depends} variable in the Depends field in the control file for this 
to
| work.
`

manoj


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'oldstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.4-anzu-2 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libapache2-mod-macro depends on:
ii  apache2.2-common  2.2.14-1   Apache HTTP Server common files

libapache2-mod-macro recommends no packages.

libapache2-mod-macro suggests no packages.

-- no debconf information


---End Message---
---BeginMessage---
Source: libapache2-mod-macro
Source-Version: 1.1.4-3.2

We believe that the bug you reported is fixed in the latest version of
libapache2-mod-macro, which is due to be installed in the Debian FTP archive:

libapache2-mod-macro_1.1.4-3.2.diff.gz
  to main/liba/libapache2-mod-macro/libapache2-mod-macro_1.1.4-3.2.diff.gz
libapache2-mod-macro_1.1.4-3.2.dsc
  to main/liba/libapache2-mod-macro/libapache2-mod-macro_1.1.4-3.2.dsc
libapache2-mod-macro_1.1.4-3.2_i386.deb
  to main/liba/libapache2-mod-macro/libapache2-mod-macro_1.1.4-3.2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to

Bug#555152: marked as done (hdf-eos4: FTBFS: configure.ac:20: warning: macro `AM_PROG_LIBTOOL' not found in library)

Your message dated Mon, 07 Dec 2009 15:36:48 +
with message-id e1nhfdo-00052w...@ries.debian.org
and subject line Bug#555152: fixed in hdf-eos4 2.16v1.00.dfsg.2-1
has caused the Debian Bug report #555152,
regarding hdf-eos4: FTBFS: configure.ac:20: warning: macro `AM_PROG_LIBTOOL' 
not found in library
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
555152: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555152
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: hdf-eos4
Version: 2.16v1.00.dfsg.1-2
Severity: serious

Hi,

There was an error while trying to autobuild your package:

 Automatic build of hdf-eos4_2.16v1.00.dfsg.1-2 on nautilus by sbuild/amd64 98
 Build started at 20091005-1830

[...]

 Build-Depends: cdbs, debhelper ( 7), dh-buildinfo, gfortran, libhdf4g-dev, 
 libjpeg62-dev, zlib1g-dev, libgctp-dev, chrpath, autoconf, automake

[...]

 Toolchain package versions: libc6-dev_2.9-27 g++-4.3_4.3.4-5 gcc-4.3_4.3.4-5 
 binutils_2.19.51.20090827-1 libstdc++6_4.4.1-5 libstdc++6-4.3-dev_4.3.4-5

[...]

  debian/rules build
 test -x debian/rules
 # Needed for the pthreads tests
 cp samples/simple.txt testdrivers/threads
 autoreconf
 configure.ac:20: warning: macro `AM_PROG_LIBTOOL' not found in library
 configure.ac:207: warning: AC_LANG_PROGRAM(Fortran): ignoring PROLOGUE: []
 ../../lib/autoconf/lang.m4:231: AC_LANG_SOURCE is expanded from...
 ../../lib/autoconf/lang.m4:248: AC_LANG_PROGRAM is expanded from...
 ../../lib/autoconf/lang.m4:214: AC_LANG_CONFTEST is expanded from...
 ../../lib/autoconf/general.m4:2648: _AC_LINK_IFELSE is expanded from...
 ../../lib/autoconf/general.m4:2665: AC_LINK_IFELSE is expanded from...
 ../../lib/autoconf/general.m4:2674: AC_TRY_LINK is expanded from...
 configure.ac:207: the top level
 configure.ac:207: warning: AC_LANG_PROGRAM(Fortran): ignoring PROLOGUE: []
 ../../lib/autoconf/lang.m4:231: AC_LANG_SOURCE is expanded from...
 ../../lib/autoconf/lang.m4:248: AC_LANG_PROGRAM is expanded from...
 ../../lib/autoconf/lang.m4:214: AC_LANG_CONFTEST is expanded from...
 ../../lib/autoconf/general.m4:2648: _AC_LINK_IFELSE is expanded from...
 ../../lib/autoconf/general.m4:2665: AC_LINK_IFELSE is expanded from...
 ../../lib/autoconf/general.m4:2674: AC_TRY_LINK is expanded from...
 configure.ac:207: the top level
 configure.ac:207: warning: AC_LANG_PROGRAM(Fortran): ignoring PROLOGUE: []
 ../../lib/autoconf/lang.m4:231: AC_LANG_SOURCE is expanded from...
 ../../lib/autoconf/lang.m4:248: AC_LANG_PROGRAM is expanded from...
 ../../lib/autoconf/lang.m4:214: AC_LANG_CONFTEST is expanded from...
 ../../lib/autoconf/general.m4:2648: _AC_LINK_IFELSE is expanded from...
 ../../lib/autoconf/general.m4:2665: AC_LINK_IFELSE is expanded from...
 ../../lib/autoconf/general.m4:2674: AC_TRY_LINK is expanded from...
 configure.ac:207: the top level
 configure.ac:18: error: possibly undefined macro: AC_DISABLE_SHARED
   If this token and others are legitimate, please use m4_pattern_allow.
   See the Autoconf documentation.
 configure.ac:20: error: possibly undefined macro: AM_PROG_LIBTOOL
 autoreconf: /usr/bin/autoconf failed with exit status: 1
 make: *** [makebuilddir/libhdfeos-dev] Error 1
 dpkg-buildpackage: error: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=amd64pkg=hdf-eos4ver=2.16v1.00.dfsg.1-2

If you want to run autoreconf during build, you're missing
atleast a build depedency on libtool.


Kurt



---End Message---
---BeginMessage---
Source: hdf-eos4
Source-Version: 2.16v1.00.dfsg.2-1

We believe that the bug you reported is fixed in the latest version of
hdf-eos4, which is due to be installed in the Debian FTP archive:

hdf-eos4_2.16v1.00.dfsg.2-1.diff.gz
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-1.diff.gz
hdf-eos4_2.16v1.00.dfsg.2-1.dsc
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-1.dsc
hdf-eos4_2.16v1.00.dfsg.2.orig.tar.gz
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2.orig.tar.gz
libhdfeos-dev_2.16v1.00.dfsg.2-1_i386.deb
  to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-1_i386.deb
libhdfeos0_2.16v1.00.dfsg.2-1_i386.deb
  to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 555...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alastair McKinstry mckins...@debian.org (supplier of updated

Bug#559802: CVE-2009-3736 local privilege escalation

On Mon, 07 Dec 2009 08:56:07 +0100, Stefan Hornburg (Racke) wrote:
 Michael Gilbert wrote:
  Package: courier-authlib
  Severity: grave
  Tags: security
  
  Hi,
  
  The following CVE (Common Vulnerabilities  Exposures) id was
  published for libtool.  I have determined that this package embeds a
  vulnerable copy of the libtool source code.  However, since this is a
  mass bug filing (due to so many packages embedding libtool), I have not
  had time to determine whether the vulnerable code is actually present
  in any of the binary packages. Please determine whether this is the
  case. If the package is not affected, please feel free to close the bug
  with a message containing the details of what you did to check.
  
  CVE-2009-3736[0]:
  | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
  | attempts to open a .la file in the current working directory, which
  | allows local users to gain privileges via a Trojan horse file.
  
  Note that this problem also affects etch and lenny, so if your package
  is affected, please coordinate with the security team to release the
  DSA for the affected packages.
  
  If you fix the vulnerability please also make sure to include the
  CVE id in your changelog entry.
  
 
 Is there a patch available for the vulnerability?

Yes, if you follow the link to the mitre page [0], which was included
in the original bug report, you will find a link to the patches [1].

Best wishes,
Mike

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
[1] 
http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5id=29b48580df75f0c5baa2962548a4c101ec7ed7ec



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559805: CVE-2009-3736 local privilege escalation

On Mon, 7 Dec 2009 09:16:57 +0100, Josip Rodin wrote:
 unless this code somehow inexplicalby crept in, there's no bug.

please check your linking process, so that there is no uncertainty
about this.  thank you

mike



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559765: jetty: CVE-2007-6672 info disclosure

reopen 559765
thanks

On Mon, 07 Dec 2009 10:38:07 +0100, Niels Thykier wrote:
 I found the upstream bug report[1] where upstream say they have fixed it
 in 6.1.7 (and provide a fix for earlier versions as well) - I saw no
 reason to doubt this.

changelog notes are not sufficient justification to close a security
issue. the source needs to be checked against a patch, so please find a
way to track that down.  the easiest way is probably to just ask
upstream. thanks.

mike



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#559765: jetty: CVE-2007-6672 info disclosure

Processing commands for cont...@bugs.debian.org:

 reopen 559765
Bug #559765 {Done: Niels Thykier ni...@thykier.net} [jetty] jetty: 
CVE-2007-6672 info disclosure
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559891: FTBFS: autoreconf: Command not found

Package: hdf-eos4
Version: 2.16v1.00.dfsg.1-1
Severity: serious

hdf-eos4 is failing to build on most archs:
  https://buildd.debian.org/build.php?arch=pkg=hdf-eos4

here's the error from a recent build attempt:
build log:
[...]
rm -f debian/stamp-patch*
rm -f debian/stamp-autotools-files
[ ! -f Makefile ] || /usr/bin/make distclean
 debian/rules build
test -x debian/rules
# Needed for the pthreads tests
cp samples/simple.txt testdrivers/threads
# FIXME: a sort of hack
ln -sf -- testswath.f testdrivers/swath/testswath77.f
ln -sf -- testpoint.f testdrivers/point/testpoint77.f
autoreconf
make: autoreconf: Command not found
make: *** [makebuilddir/libhdfeos-dev] Error 127



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559892: FTBFS: dpkg-gensymbols returned exit code 1

Package: mpg123
Version: 1.10.0-1
Severity: serious

mpg123 fails to build on several architectures:
  https://buildd.debian.org/build.php?arch=pkg=mpg123

Here's a tail of the build log:
[...]
test -z /usr/share/man/man1 || /bin/mkdir -p 
/build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1
 /usr/bin/install -c -m 644 man1/mpg123.1 
'/build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1'
test -z /usr/lib/pkgconfig || /bin/mkdir -p 
/build/buildd/mpg123-1.10.0/debian/tmp/usr/lib/pkgconfig
 /usr/bin/install -c -m 644 libmpg123.pc 
'/build/buildd/mpg123-1.10.0/debian/tmp/usr/lib/pkgconfig'
make[3]: Leaving directory `/build/buildd/mpg123-1.10.0'
make[2]: Leaving directory `/build/buildd/mpg123-1.10.0'
make[1]: Leaving directory `/build/buildd/mpg123-1.10.0'
mv /build/buildd/mpg123-1.10.0/debian/tmp/usr/bin/mpg123 \
   /build/buildd/mpg123-1.10.0/debian/tmp/usr/bin/mpg123.bin
mv /build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1/mpg123.1 \
   
/build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1/mpg123.bin.1
install mpg123-oss mpg123-esd mpg123-nas mpg123-alsa 
/build/buildd/mpg123-1.10.0/debian/tmp/usr/bin/
for i in mpg123-oss mpg123-esd mpg123-nas mpg123-alsa; do \
install debian/mpg123-wrapper.1 \

/build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1/$i.1; \
done
touch build-stamp
dh_testdir
dh_testroot
dh_install -plibmpg123-0 -plibmpg123-dev -pmpg123
dh_installdocs -plibmpg123-0 -plibmpg123-dev -pmpg123-esd -pmpg123-nas 
-pmpg123-alsa
dh_installdocs -pmpg123 -A \
   README AUTHORS doc/BENCHMARKING doc/CONTACT \
   doc/README.gain doc/README.remote doc/THANKS 
dh_installexamples -plibmpg123-0 -plibmpg123-dev
dh_installman -pmpg123
dh_installchangelogs -pmpg123-esd -pmpg123-nas -pmpg123-alsa
dh_installchangelogs -pmpg123 NEWS
dh_installchangelogs -plibmpg123-0 -plibmpg123-dev NEWS.libmpg123
dh_installmime -pmpg123
dh_strip -plibmpg123-0 -plibmpg123-dev -pmpg123
dh_compress -plibmpg123-0 -plibmpg123-dev -pmpg123 -pmpg123-esd -pmpg123-nas 
-pmpg123-alsa
dh_fixperms -plibmpg123-0 -plibmpg123-dev -pmpg123 -pmpg123-esd -pmpg123-nas 
-pmpg123-alsa
dh_makeshlibs -plibmpg123-0 -plibmpg123-dev -V libmpg123-0 (= 1.7.2)
dpkg-gensymbols: warning: some symbols disappeared in the symbols file: see 
diff output below
dpkg-gensymbols: warning: debian/libmpg123-0/DEBIAN/symbols doesn't match 
completely debian/libmpg123-0.symbols.hppa
--- debian/libmpg123-0.symbols.hppa (libmpg123-0 hppa)
+++ dpkg-gensymbolsDGA3bj   2009-12-07 00:12:02.0 +
@@ -48,7 +48,7 @@
  mpg123_meta_ch...@base 1.6.2
  mpg123_...@base 1.6.2
  mpg123_new_p...@base 1.6.2
- mpg123_no...@base 1.10.0
+#MISSING: 1.10.0-1# mpg123_no...@base 1.10.0
  mpg123_open...@base 1.6.2
  mpg123_open_fd...@base 1.6.2
  mpg123_open_f...@base 1.6.2
dh_makeshlibs: dpkg-gensymbols -plibmpg123-0 -Idebian/libmpg123-0.symbols.hppa 
-Pdebian/libmpg123-0 -edebian/libmpg123-0/usr/lib/libmpg123.so.0.22.1
 returned exit code 1
make: *** [install] Error 9
dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave error 
exit status 2
**
Build finished at 20091207-0012
FAILED [dpkg-buildpackage died]



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: found 559891 in 2.16v1.00.dfsg.2-1

Processing commands for cont...@bugs.debian.org:

 found 559891 2.16v1.00.dfsg.2-1
Bug #559891 [hdf-eos4] FTBFS: autoreconf: Command not found
There is no source info for the package 'hdf-eos4' at version 
'2.16v1.00.dfsg.2-1' with architecture ''
Unable to make a source version for version '2.16v1.00.dfsg.2-1'
Bug Marked as found in versions 2.16v1.00.dfsg.2-1.

End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#524458: nfs-common: Can't read large files

2009-12-07 Thread Nigel Horne


Iustin Pop wrote:

On Fri, Apr 17, 2009 at 10:34:07AM +0100, Nigel Horne wrote:
  

Package: nfs-common
Version: 1:1.1.2-6lenny1
Severity: grave
Justification: renders package unusable


Large remote files can't be read:

packard:/mnt/gateway/tmp$ mount | fgrep gateway
gateway:/ on /mnt/gateway type nfs (rw,hard,intr,addr=192.168.1.1)
gateway:/home on /mnt/gateway/home type nfs (rw,hard,intr,addr=192.168.1.1)
gateway:/var on /mnt/gateway/var type nfs (rw,hard,intr,addr=192.168.1.1)
packard:/mnt/gateway/tmp$ cd /mnt/gateway/tmp
n...@packard:/mnt/gateway/tmp$ ls -l njh foo
-rw-r--r-- 1 njh njh 4 2009-04-17 10:28 foo
-rw-r- 1 njh njh 185219775 2009-04-17 10:27 njh
n...@packard:/mnt/gateway/tmp$ od -bc foo
000 142 141 162 012
  b   a   r  \n
004
n...@packard:/mnt/gateway/tmp$ od -bc njh
od: njh: read error: Input/output error
000



Hi,

I just tested on a lenny installation with the same version and I can
read such files without problems (and 178MB is not a large file, this
should be no problem for the Linux NFS server).

Are you sure this is not a different problem, like a networking problem
or server problem? What do you see in dmesg on both the client and the
server when running the od?
  


dmesg on client:
packard:/mnt/gateway/tmp# dmesg | tail
[   24.301416] RPC: Registered tcp transport module.
[   24.309434] Slow work thread pool: Starting up
[   24.309504] Slow work thread pool: Ready
[   24.309554] FS-Cache: Loaded
[   24.320409] FS-Cache: Netfs 'nfs' registered for caching
[   24.328938] Installing knfsd (copyright (C) 1996 o...@monad.swb.de).
[   24.354087] svc: failed to register lockdv1 RPC service (errno 97).
[   25.769976] lp: driver loaded but no devices found
[   25.774519] ppdev: user-space parallel port driver
[   34.849005] eth0: no IPv6 routers present
packard:/mnt/gateway/tmp#


dmesg on server:
sh-4.0# dmesg|tail -33
[  389.861319] eth0: link up.
[  389.867222] eth0: link down.
[  391.531240] eth0: link up.
[  391.552880] eth0: link down.
[  393.204767] eth0: link up.
[  393.220826] eth0: link down.
[  394.900901] eth0: link up.
[  394.919915] eth0: link down.
[  396.572787] eth0: link up.
[  396.577378] eth0: link down.
[  398.246313] eth0: link up.
[  398.267623] eth0: link down.
[  399.914919] eth0: link up.
[  399.934264] eth0: link down.
[  401.608766] eth0: link up.
[ 3836.196471] eth1: link up, 100Mbps, full-duplex, lpa 0x45E1
[ 3836.196689] ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[ 3846.220516] eth1: no IPv6 routers present
[ 3850.264279] a.out uses obsolete (PF_INET,SOCK_PACKET)
[ 3856.148019] device eth0 entered promiscuous mode
[ 6819.324361] udev: starting version 148
[19316.196514] device eth0 left promiscuous mode
[19341.132017] device eth0 entered promiscuous mode
[22914.084516] device eth0 left promiscuous mode
[22927.988558] device eth0 entered promiscuous mode
[23881.248515] device eth0 left promiscuous mode
[23889.520019] device eth0 entered promiscuous mode
[24389.948515] device eth0 left promiscuous mode
[24395.700018] device eth0 entered promiscuous mode
[25701.716514] device eth0 left promiscuous mode
[25704.320517] device eth0 entered promiscuous mode
[27512.952515] device eth0 left promiscuous mode
[27516.052101] device eth0 entered promiscuous mode
sh-4.0#

  



--
Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Tutor, Typesetter.
NJH Music, ICQ#20252325
n...@bandsman.co.uk http://www.bandsman.co.uk




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559893: monotone-server: hooks.lua.base is outdated

2009-12-07 Thread Richard Levitte

Package: monotone-server
Version: 0.45-2
Severity: grave
Justification: renders package unusable

With version 0.45, monotone has a new way to handle keys, which also
affects some of the hooks, for example get_passphrase which is used in
/usr/share/monotone/hooks.lua.base (or /etc/monotone/hooks.lua) ...

Unfortunately, hooks.lua.base hasn't been updated accordingly, with
the result that /etc/init.d/monotone will not be able to start mtn,
thereby making this package unusable to all except those that are
willing and knowlegable enough to hack hooks.lua.base or
/etc/monotone/hooks.lua.

Cheers,
Richard

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.30-2-686 (SMP w/2 CPU cores)
Locale: LANG=sv_SE.utf8, LC_CTYPE=sv_SE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages monotone-server depends on:
ii  adduser   3.111  add and remove users and groups
ii  debconf [debconf-2.0] 1.5.28 Debian configuration management sy
ii  lsb-base  3.2-23 Linux Standard Base 3.2 init scrip
ii  monotone  0.45-2 A distributed version (revision) c
ii  ucf   3.0025 Update Configuration File: preserv

monotone-server recommends no packages.

monotone-server suggests no packages.

-- debconf information:
  monotone-server/manage-db: true
  monotone-server/key: monot...@guardian.lp.se



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#506652: licensing for contrib/ in xml2rfc [was: Re: Bug#506652: status on copyright clearance for boilerplate for xml2rfc?]

2009-12-07 Thread Daniel Kahn Gillmor

On 12/02/2009 04:41 PM, Florian Weimer wrote:
 Some of the example RFCs are non-free under Debian's policy.  Some
 parts of contrib were not DFSG-compliant, either, and if there were
 parts that were free software, I simply missed them.

contrib/alex.rousskov/xml2rfcpp.pl is a  4K perl script clearly
indicated as having been released into the public domain (i know PD has
some legal ambiguity but the intent here seems clear to me).

The remaining material in contrib comes from three authors: Pekka
Savola, Fred Baker, and Rob Austein.  I corresponded with all three of
them by e-mail to ask about their contributions, and got a positive
response from each of them that their work is free for any use, freely
redistributable, freely modifiable, and that modifications are also
freely redistributable.

The drafts of the update to 2629 (draft-mrose-writing-rfcs.*) are by the
same author as the rest of the package, and so presumably fall under
LICENSE, so i think we're ok there.

That leaves only the rights for the boilerplate that you're working on
getting granted from the IETF Trust keeping the whole upstream package
out of main.  There doesn't seem to be a need for a re-packaged upstream
tarball, from what i can tell.

I've prepared (and am using) a package of 1.34, and would be happy to
offer it to you, or to upload it to debian myself, if you'd prefer.

Let me know what the best way is to move forward on this.

Regards,

--dkg



signature.asc
Description: OpenPGP digital signature

Bug#559891: marked as done (FTBFS: autoreconf: Command not found)

Your message dated Mon, 07 Dec 2009 17:32:07 +
with message-id e1nhhrp-0006ki...@ries.debian.org
and subject line Bug#559891: fixed in hdf-eos4 2.16v1.00.dfsg.2-2
has caused the Debian Bug report #559891,
regarding FTBFS: autoreconf: Command not found
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559891: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559891
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: hdf-eos4
Version: 2.16v1.00.dfsg.1-1
Severity: serious

hdf-eos4 is failing to build on most archs:
  https://buildd.debian.org/build.php?arch=pkg=hdf-eos4

here's the error from a recent build attempt:
build log:
[...]
rm -f debian/stamp-patch*
rm -f debian/stamp-autotools-files
[ ! -f Makefile ] || /usr/bin/make distclean
 debian/rules build
test -x debian/rules
# Needed for the pthreads tests
cp samples/simple.txt testdrivers/threads
# FIXME: a sort of hack
ln -sf -- testswath.f testdrivers/swath/testswath77.f
ln -sf -- testpoint.f testdrivers/point/testpoint77.f
autoreconf
make: autoreconf: Command not found
make: *** [makebuilddir/libhdfeos-dev] Error 127


---End Message---
---BeginMessage---
Source: hdf-eos4
Source-Version: 2.16v1.00.dfsg.2-2

We believe that the bug you reported is fixed in the latest version of
hdf-eos4, which is due to be installed in the Debian FTP archive:

hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz
hdf-eos4_2.16v1.00.dfsg.2-2.dsc
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-2.dsc
libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb
  to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb
libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb
  to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alastair McKinstry mckins...@debian.org (supplier of updated hdf-eos4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 17:20:02 +
Source: hdf-eos4
Binary: libhdfeos0 libhdfeos-dev
Architecture: source i386
Version: 2.16v1.00.dfsg.2-2
Distribution: unstable
Urgency: low
Maintainer: Alastair McKinstry mckins...@debian.org
Changed-By: Alastair McKinstry mckins...@debian.org
Description: 
 libhdfeos-dev - Development files for the HDF-EOS4 library
 libhdfeos0 - Earth Observation System extensions to HDF4
Closes: 559891
Changes: 
 hdf-eos4 (2.16v1.00.dfsg.2-2) unstable; urgency=low
 .
   * Add autoconf for autoreconf. Closes: 559891.
Checksums-Sha1: 
 4db5f7a5093bcd9f955b0ddbcae44e972f9c6474 1201 hdf-eos4_2.16v1.00.dfsg.2-2.dsc
 ec971537509cdff78f2254d6674386d2ded87713 8642 
hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz
 e96e03139cbfe9064b35c7f0514bfbea8743af81 106612 
libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb
 97d24a936794e9887c4a4fab5a07a41cd28302c9 182532 
libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb
Checksums-Sha256: 
 84af9e3f8805c2675083ed2c8092b311f90f2973f76014a5a5b99eaec3ce0cff 1201 
hdf-eos4_2.16v1.00.dfsg.2-2.dsc
 bd5e5b745cd8af53035e4c22dada8d4450e0cb768d514458b9e66be69f69cd74 8642 
hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz
 751f612628a266ac059c2e9323cf6634ac2ac64549c6976a0038aa4a98607156 106612 
libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb
 2a76c2ad043147ca7074661ce4c883a408d5dafedc4b855645b8f1c2746508dd 182532 
libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb
Files: 
 7cc61484049f30f22ed9eff48400189b 1201 libs optional 
hdf-eos4_2.16v1.00.dfsg.2-2.dsc
 5b1a1057bf9107154a087e156a6ffbe9 8642 libs optional 
hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz
 96ff657fd6ac9903436a367e5e17 106612 libs optional 
libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb
 11286f9ec72d49f56bd3e64d3808ed1b 182532 libdevel optional 
libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFLHTrsQTK/kCo4XFcRAlo3AJ9nlNqSuhdy20ADaYYhlJ6pICWKUQCeLL8n
u9E5UH/wC8vSFNdg5BJyOgQ=
=h4lI
-END PGP SIGNATURE-


---End Message---

Bug#554953: does not support new source formats

2009-12-07 Thread Andres Mejia

notfound 559533 0.59.0-1
found 559553 0.59.1~rc1
thanks

This bug actually only affects sbuild in the git repo.

-- 
Regards,
Andres



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559904: FTBFS: failed to run aclocal

Package: hdf-eos4
Version: 2.16v1.00.dfsg.2-2
Severity: serious

Thanks for the quick turnaround on #559891.
Looks like there's another missing build-dep:
[...]
cp samples/simple.txt testdrivers/threads
# FIXME: a sort of hack
ln -sf -- testswath.f testdrivers/swath/testswath77.f
ln -sf -- testpoint.f testdrivers/point/testpoint77.f
autoreconf
Can't exec aclocal: No such file or directory at 
/usr/share/autoconf/Autom4te/FileUtils.pm line 325.
autoreconf: failed to run aclocal: No such file or directory
make: *** [makebuilddir/libhdfeos-dev] Error 1
dpkg-buildpackage: error: debian/rules build gave error exit status 2

Build finished at 20091207-1745
FAILED [dpkg-buildpackage died]
Purging 
/var/lib/schroot/mount/sid-hppa-sbuild-10e141df-4cf7-47a8-a235-a1bb5d069be8/build/buildd-hdf-eos4_2.16v1.00.dfsg.2-2-hppa-35hd9s




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#558905: Kernel bug.

2009-12-07 Thread Carlos O'Donell

IMO this FTBS is a kernel vfork bug. The return register in the parent
is being corrupted.

Using the emacs23 source I was able to produce a trimmed down test
case for the failing vfork.

I have reported this to our kernel developers here:

http://article.gmane.org/gmane.linux.ports.parisc/2403

Cheers,
Carlos.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559805: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Josip Rodin

On Mon, Dec 07, 2009 at 11:04:38AM -0500, Michael Gilbert wrote:
 On Mon, 7 Dec 2009 09:16:57 +0100, Josip Rodin wrote:
  unless this code somehow inexplicalby crept in, there's no bug.
 
 please check your linking process, so that there is no uncertainty
 about this.  thank you

All the freeradius packages are linked against libltdl.so. Is it even
possible for the linker to somehow add the internal copy and link against
the system library - how would it decide whose symbols to use on run-time?

-- 
 2. That which causes joy or happiness.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#552686: marked as done (fuse: FTBFS on GNU/kFreeBSD)

Your message dated Mon, 07 Dec 2009 18:17:37 +
with message-id e1nhi9r-0001tj...@ries.debian.org
and subject line Bug#552600: fixed in fuse 2.8.1-1.1
has caused the Debian Bug report #552600,
regarding fuse: FTBFS on GNU/kFreeBSD
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
552600: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552600
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: fuse
Version: 2.8.1-1
Severity: serious
Justification: fails to build from source

fuse version 2.8.1-1 fails to build on GNU/kFreeBSD, due to a typo on
a conditional code part.

Also with glibc 2.10.1, it is not necessary anymore to link libfuse to
libfreebsd.

Please find below a patch to fix both issues.


diff -u fuse-2.8.1/debian/control fuse-2.8.1/debian/control
--- fuse-2.8.1/debian/control
+++ fuse-2.8.1/debian/control
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Bartosz Fenski fe...@debian.org
 Uploaders: Adam Cécile (Le_Vert) gand...@le-vert.net
-Build-Depends: debhelper (= 5.0.37), autotools-dev, dpatch, lsb-base (= 
3.0-6), bzip2, libselinux1-dev [!kfreebsd-amd64 !kfreebsd-i386] | 
libselinux-dev [!kfreebsd-amd64 !kfreebsd-i386], libfreebsd-dev [kfreebsd-amd64 
kfreebsd-i386]
+Build-Depends: debhelper (= 5.0.37), autotools-dev, dpatch, lsb-base (= 
3.0-6), bzip2, libselinux1-dev [!kfreebsd-amd64 !kfreebsd-i386] | 
libselinux-dev [!kfreebsd-amd64 !kfreebsd-i386], libc0.1-dev (= 2.10.1) 
[kfreebsd-amd64 kfreebsd-i386]
 Homepage: http://fuse.sourceforge.net/
 Standards-Version: 3.8.2
 
diff -u fuse-2.8.1/debian/patches/001-GNU_kFreeBSD 
fuse-2.8.1/debian/patches/001-GNU_kFreeBSD
--- fuse-2.8.1/debian/patches/001-GNU_kFreeBSD
+++ fuse-2.8.1/debian/patches/001-GNU_kFreeBSD
@@ -6,110 +6,6 @@
 
 @DPATCH@
 
-diff -Nurd fuse-2.7.4.orig/configure fuse-2.7.4/configure
 fuse-2.7.4.orig/configure  2008-07-25 20:19:05.0 +0200
-+++ fuse-2.7.4/configure   2008-07-25 20:19:05.0 +0200
-@@ -11461,6 +11461,89 @@
- 
- fi
- 
-+{ echo $as_me:$LINENO: checking for library containing devname_r 5
-+echo $ECHO_N checking for library containing devname_r... $ECHO_C 6; }
-+if test ${ac_cv_search_devname_r+set} = set; then
-+  echo $ECHO_N (cached) $ECHO_C 6
-+else
-+  ac_func_search_save_LIBS=$LIBS
-+cat conftest.$ac_ext _ACEOF
-+/* confdefs.h.  */
-+_ACEOF
-+cat confdefs.h conftest.$ac_ext
-+cat conftest.$ac_ext _ACEOF
-+/* end confdefs.h.  */
-+
-+/* Override any GCC internal prototype to avoid an error.
-+   Use char because int might match the return type of a GCC
-+   builtin and then its argument prototype would still apply.  */
-+#ifdef __cplusplus
-+extern C
-+#endif
-+char devname_r ();
-+int
-+main ()
-+{
-+return devname_r ();
-+  ;
-+  return 0;
-+}
-+_ACEOF
-+for ac_lib in '' freebsd; do
-+  if test -z $ac_lib; then
-+ac_res=none required
-+  else
-+ac_res=-l$ac_lib
-+LIBS=-l$ac_lib  $ac_func_search_save_LIBS
-+  fi
-+  rm -f conftest.$ac_objext conftest$ac_exeext
-+if { (ac_try=$ac_link
-+case (($ac_try in
-+  *\* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-+  *) ac_try_echo=$ac_try;;
-+esac
-+eval echo \\$as_me:$LINENO: $ac_try_echo\) 5
-+  (eval $ac_link) 2conftest.er1
-+  ac_status=$?
-+  grep -v '^ *+' conftest.er1 conftest.err
-+  rm -f conftest.er1
-+  cat conftest.err 5
-+  echo $as_me:$LINENO: \$? = $ac_status 5
-+  (exit $ac_status); }  {
-+   test -z $ac_c_werror_flag ||
-+   test ! -s conftest.err
-+   }  test -s conftest$ac_exeext 
-+   $as_test_x conftest$ac_exeext; then
-+  ac_cv_search_devname_r=$ac_res
-+else
-+  echo $as_me: failed program was: 5
-+sed 's/^/| /' conftest.$ac_ext 5
-+
-+
-+fi
-+
-+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
-+  conftest$ac_exeext
-+  if test ${ac_cv_search_devname_r+set} = set; then
-+  break
-+fi
-+done
-+if test ${ac_cv_search_devname_r+set} = set; then
-+  :
-+else
-+  ac_cv_search_devname_r=no
-+fi
-+rm conftest.$ac_ext
-+LIBS=$ac_func_search_save_LIBS
-+fi
-+{ echo $as_me:$LINENO: result: $ac_cv_search_devname_r 5
-+echo ${ECHO_T}$ac_cv_search_devname_r 6; }
-+ac_res=$ac_cv_search_devname_r
-+if test $ac_res != no; then
-+  test $ac_res = none required || LIBS=$ac_res $LIBS
-+
-+fi
-+
- libfuse_libs=$libfuse_libs $LIBS
- LIBS=
- 
-diff -Nurd fuse-2.7.4.orig/configure.in fuse-2.7.4/configure.in
 fuse-2.7.4.orig/configure.in   2008-07-25 20:17:20.0 +0200
-+++ fuse-2.7.4/configure.in2008-07-25 20:17:20.0 +0200
-@@ -66,6 +66,7 @@
- LIBS=
- AC_SEARCH_LIBS(dlopen, [dl])
- AC_SEARCH_LIBS(clock_gettime, [rt])
-+AC_SEARCH_LIBS(devname_r,

Bug#557143: marked as done (libfuse should set shlibs correctly)

Your message dated Mon, 07 Dec 2009 18:17:37 +
with message-id e1nhi9r-0001ts...@ries.debian.org
and subject line Bug#557143: fixed in fuse 2.8.1-1.1
has caused the Debian Bug report #557143,
regarding libfuse should set shlibs correctly
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
557143: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557143
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Subject: zfs-fuse: insufficient dependency
Package: zfs-fuse
Version: 0.6.0~beta+433snapshot-2
Justification: Policy 3.5
Severity: serious

*** Please type your report below this line ***

$ zfs-fuse --help
zfs-fuse: /usr/lib/libfuse.so.2: version `FUSE_2.8' not found (required by 
zfs-fuse)

dependency information says libfuse2 (= 2.6), this seems incorrect.

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (999, 'testing'), (990, 'stable'), (900, 'unstable'), (90, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.5 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages zfs-fuse depends on:
ii  fuse-utils 2.7.4-2   Filesystem in USErspace (utilities
ii  libaio10.3.107-7 Linux kernel AIO access library - 
ii  libc6  2.10.1-7  GNU C Library: Shared libraries
ii  libfuse2   2.7.4-2   Filesystem in USErspace library
ii  lsb-base   3.2-23Linux Standard Base 3.2 init scrip
ii  zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime

zfs-fuse recommends no packages.

zfs-fuse suggests no packages.

-- no debconf information


---End Message---
---BeginMessage---
Source: fuse
Source-Version: 2.8.1-1.1

We believe that the bug you reported is fixed in the latest version of
fuse, which is due to be installed in the Debian FTP archive:

fuse-utils_2.8.1-1.1_i386.deb
  to main/f/fuse/fuse-utils_2.8.1-1.1_i386.deb
fuse_2.8.1-1.1.diff.gz
  to main/f/fuse/fuse_2.8.1-1.1.diff.gz
fuse_2.8.1-1.1.dsc
  to main/f/fuse/fuse_2.8.1-1.1.dsc
libfuse-dev_2.8.1-1.1_i386.deb
  to main/f/fuse/libfuse-dev_2.8.1-1.1_i386.deb
libfuse2_2.8.1-1.1_i386.deb
  to main/f/fuse/libfuse2_2.8.1-1.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 557...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie s...@debian.org (supplier of updated fuse package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 04 Dec 2009 17:24:05 +
Source: fuse
Binary: fuse-utils libfuse-dev libfuse2
Architecture: source i386
Version: 2.8.1-1.1
Distribution: unstable
Urgency: low
Maintainer: Bartosz Fenski fe...@debian.org
Changed-By: Simon McVittie s...@debian.org
Description: 
 fuse-utils - Filesystem in USErspace (utilities)
 libfuse-dev - Filesystem in USErspace (development files)
 libfuse2   - Filesystem in USErspace library
Closes: 550334 552600 553015 557143
Changes: 
 fuse (2.8.1-1.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Apply patch from Petr Salinger to fix FTBFS on GNU/kFreeBSD (Closes:
 #552600)
   * Apply patch from Vagrant Cascadian to run MAKEDEV only if found
 (Closes: #550334, #553015)
   * Invoke dh_makeshlibs with an appropriately strict dependency
 (Closes: #557143)
Checksums-Sha1: 
 da8d7cede1b7d31613882760789956394b940501 1806 fuse_2.8.1-1.1.dsc
 0ac39c6c4733cab7eb2ccfdd484da1feb326c753 14488 fuse_2.8.1-1.1.diff.gz
 0b1240e903100ed4d4d80097ee091371a4208053 16776 fuse-utils_2.8.1-1.1_i386.deb
 ca7c9665134eb814e958185f10020fb56ab193ce 175450 libfuse-dev_2.8.1-1.1_i386.deb
 4f6dded9dbcef6a3cb3ac721586b65a58d55ab66 134204 libfuse2_2.8.1-1.1_i386.deb
Checksums-Sha256: 
 c3563b8e66149c1b70da97f818a265b56e16dca2b859bd1e2dcae05869c55bac 1806 
fuse_2.8.1-1.1.dsc
 07f0d8a62ca3172f679d1cd40707adc3dd428bc9629abdc4d289af38686058f3 14488 
fuse_2.8.1-1.1.diff.gz
 e72865f7aab1da322b3d8851ebddf018512ca4ebf34e26b3c93e166afd28cfca 16776 
fuse-utils_2.8.1-1.1_i386.deb
 025bd43080925ead4cf8640d4f06a6b2a4eab92323017eb3c8408891a1e060cd 175450 
libfuse-dev_2.8.1-1.1_i386.deb

Bug#552600: marked as done (fuse: FTBFS on GNU/kFreeBSD)

Your message dated Mon, 07 Dec 2009 18:17:37 +
with message-id e1nhi9r-0001tj...@ries.debian.org
and subject line Bug#552600: fixed in fuse 2.8.1-1.1
has caused the Debian Bug report #552600,
regarding fuse: FTBFS on GNU/kFreeBSD
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
552600: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552600
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---

Package: fuse
Version: 2.8.1-1
Severity: important
Tags: patch
User: debian-...@lists.debian.org
Usertags: kfreebsd

Hi,

the current version fails to build on GNU/kFreeBSD.

It needs update of debian/control and debian/patches/001-GNU_kFreeBSD.
Please find attached patch with them. The eglibc 2.10 provides devname(),
the libfreebsd is not needed anymore.

It would also be nice if you can ask upstream
to include changes in debian/patches/001-GNU_kFreeBSD.

Thanks in advance

Petr


---End Message---
---BeginMessage---
Source: fuse
Source-Version: 2.8.1-1.1

We believe that the bug you reported is fixed in the latest version of
fuse, which is due to be installed in the Debian FTP archive:

fuse-utils_2.8.1-1.1_i386.deb
  to main/f/fuse/fuse-utils_2.8.1-1.1_i386.deb
fuse_2.8.1-1.1.diff.gz
  to main/f/fuse/fuse_2.8.1-1.1.diff.gz
fuse_2.8.1-1.1.dsc
  to main/f/fuse/fuse_2.8.1-1.1.dsc
libfuse-dev_2.8.1-1.1_i386.deb
  to main/f/fuse/libfuse-dev_2.8.1-1.1_i386.deb
libfuse2_2.8.1-1.1_i386.deb
  to main/f/fuse/libfuse2_2.8.1-1.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 552...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie s...@debian.org (supplier of updated fuse package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 04 Dec 2009 17:24:05 +
Source: fuse
Binary: fuse-utils libfuse-dev libfuse2
Architecture: source i386
Version: 2.8.1-1.1
Distribution: unstable
Urgency: low
Maintainer: Bartosz Fenski fe...@debian.org
Changed-By: Simon McVittie s...@debian.org
Description: 
 fuse-utils - Filesystem in USErspace (utilities)
 libfuse-dev - Filesystem in USErspace (development files)
 libfuse2   - Filesystem in USErspace library
Closes: 550334 552600 553015 557143
Changes: 
 fuse (2.8.1-1.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Apply patch from Petr Salinger to fix FTBFS on GNU/kFreeBSD (Closes:
 #552600)
   * Apply patch from Vagrant Cascadian to run MAKEDEV only if found
 (Closes: #550334, #553015)
   * Invoke dh_makeshlibs with an appropriately strict dependency
 (Closes: #557143)
Checksums-Sha1: 
 da8d7cede1b7d31613882760789956394b940501 1806 fuse_2.8.1-1.1.dsc
 0ac39c6c4733cab7eb2ccfdd484da1feb326c753 14488 fuse_2.8.1-1.1.diff.gz
 0b1240e903100ed4d4d80097ee091371a4208053 16776 fuse-utils_2.8.1-1.1_i386.deb
 ca7c9665134eb814e958185f10020fb56ab193ce 175450 libfuse-dev_2.8.1-1.1_i386.deb
 4f6dded9dbcef6a3cb3ac721586b65a58d55ab66 134204 libfuse2_2.8.1-1.1_i386.deb
Checksums-Sha256: 
 c3563b8e66149c1b70da97f818a265b56e16dca2b859bd1e2dcae05869c55bac 1806 
fuse_2.8.1-1.1.dsc
 07f0d8a62ca3172f679d1cd40707adc3dd428bc9629abdc4d289af38686058f3 14488 
fuse_2.8.1-1.1.diff.gz
 e72865f7aab1da322b3d8851ebddf018512ca4ebf34e26b3c93e166afd28cfca 16776 
fuse-utils_2.8.1-1.1_i386.deb
 025bd43080925ead4cf8640d4f06a6b2a4eab92323017eb3c8408891a1e060cd 175450 
libfuse-dev_2.8.1-1.1_i386.deb
 0568b0fa4fff3eedf0b048caa9bf06a9104f67ede7b9cf442391aa7618b111cb 134204 
libfuse2_2.8.1-1.1_i386.deb
Files: 
 5645019d9a6c7402d3366a997942a3e9 1806 libs optional fuse_2.8.1-1.1.dsc
 c60ed37e84b5cf05c6bb734ee32f2581 14488 libs optional fuse_2.8.1-1.1.diff.gz
 93195fbcc71e792e1c7863696906d5b9 16776 utils optional 
fuse-utils_2.8.1-1.1_i386.deb
 f0d31c5341838f1eb48dc5433601e306 175450 libdevel optional 
libfuse-dev_2.8.1-1.1_i386.deb
 cf584d5c6f2184d7402daacfd75033a9 134204 libs optional 
libfuse2_2.8.1-1.1_i386.deb

-BEGIN PGP SIGNATURE-

iQIVAwUBSxlK8U3o/ypjx8yQAQj6yBAAnAcZjrPLRdgsygnBfN/2aKW4FW1Q2+AP
SZpkrMLI83+TTUL7lvnWNT+lLm48J4TdQYtXaCaUzxa1nKGfFUymt8GrTMPjXG/N
93mod+bnkRb4cNV2QzogjWcOghpViRaYM1LdjXAf07AZNyBg3IstcQkdW8W5gBVo
2jqUuOizzVG+OUzVstw17weQPIDUjkGZKCprTHtBXS4O92Hzgx9pDg60WqFDuTI6

Bug#550334: marked as done (fuse-utils: missing dependence on makedev)

Your message dated Mon, 07 Dec 2009 18:17:37 +
with message-id e1nhi9r-0001tf...@ries.debian.org
and subject line Bug#550334: fixed in fuse 2.8.1-1.1
has caused the Debian Bug report #550334,
regarding fuse-utils: missing dependence on makedev
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
550334: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550334
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: fuse-utils
Version: 2.7.4-2
Severity: important


fuse-utils.postinst uses the MAKEDEV command, which is provided by the
makedev package.  However, fuse-utils only depends on makedev | udev,
which means that for most people makedev won't be installed.  If
makedev isn't installed, then the postinst script fails, making
fuse-utils uninstallable.

fuse-utils should depend on both makedev and udev, or at least just
makedev.

Thanks,
Andrew.

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (400, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26 (SMP w/3 CPU cores; PREEMPT)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=UTF-8) (ignored: LC_ALL set to 
en_US)
Shell: /bin/sh linked to /bin/bash

Versions of packages fuse-utils depends on:
ii  adduser   3.111  add and remove users and groups
ii  libc6 2.9-25 GNU C Library: Shared libraries
ii  libfuse2  2.7.4-2Filesystem in USErspace library
ii  makedev   2.3.1-89   creates device files in /dev
ii  sed   4.2.1-3The GNU sed stream editor
ii  udev  0.141-2/dev/ and hotplug management daemo

fuse-utils recommends no packages.

fuse-utils suggests no packages.

-- no debconf information


---End Message---
---BeginMessage---
Source: fuse
Source-Version: 2.8.1-1.1

We believe that the bug you reported is fixed in the latest version of
fuse, which is due to be installed in the Debian FTP archive:

fuse-utils_2.8.1-1.1_i386.deb
  to main/f/fuse/fuse-utils_2.8.1-1.1_i386.deb
fuse_2.8.1-1.1.diff.gz
  to main/f/fuse/fuse_2.8.1-1.1.diff.gz
fuse_2.8.1-1.1.dsc
  to main/f/fuse/fuse_2.8.1-1.1.dsc
libfuse-dev_2.8.1-1.1_i386.deb
  to main/f/fuse/libfuse-dev_2.8.1-1.1_i386.deb
libfuse2_2.8.1-1.1_i386.deb
  to main/f/fuse/libfuse2_2.8.1-1.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 550...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie s...@debian.org (supplier of updated fuse package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 04 Dec 2009 17:24:05 +
Source: fuse
Binary: fuse-utils libfuse-dev libfuse2
Architecture: source i386
Version: 2.8.1-1.1
Distribution: unstable
Urgency: low
Maintainer: Bartosz Fenski fe...@debian.org
Changed-By: Simon McVittie s...@debian.org
Description: 
 fuse-utils - Filesystem in USErspace (utilities)
 libfuse-dev - Filesystem in USErspace (development files)
 libfuse2   - Filesystem in USErspace library
Closes: 550334 552600 553015 557143
Changes: 
 fuse (2.8.1-1.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Apply patch from Petr Salinger to fix FTBFS on GNU/kFreeBSD (Closes:
 #552600)
   * Apply patch from Vagrant Cascadian to run MAKEDEV only if found
 (Closes: #550334, #553015)
   * Invoke dh_makeshlibs with an appropriately strict dependency
 (Closes: #557143)
Checksums-Sha1: 
 da8d7cede1b7d31613882760789956394b940501 1806 fuse_2.8.1-1.1.dsc
 0ac39c6c4733cab7eb2ccfdd484da1feb326c753 14488 fuse_2.8.1-1.1.diff.gz
 0b1240e903100ed4d4d80097ee091371a4208053 16776 fuse-utils_2.8.1-1.1_i386.deb
 ca7c9665134eb814e958185f10020fb56ab193ce 175450 libfuse-dev_2.8.1-1.1_i386.deb
 4f6dded9dbcef6a3cb3ac721586b65a58d55ab66 134204 libfuse2_2.8.1-1.1_i386.deb
Checksums-Sha256: 
 c3563b8e66149c1b70da97f818a265b56e16dca2b859bd1e2dcae05869c55bac 1806 
fuse_2.8.1-1.1.dsc
 07f0d8a62ca3172f679d1cd40707adc3dd428bc9629abdc4d289af38686058f3 14488 
fuse_2.8.1-1.1.diff.gz
 e72865f7aab1da322b3d8851ebddf018512ca4ebf34e26b3c93e166afd28cfca 16776 
fuse-utils_2.8.1-1.1_i386.deb

Bug#554638: Bug#540427: Real patch for my NMU

2009-12-07 Thread Jaromír Mikeš

 Od: Cyril Brulebois k...@debian.org

 
 Sorry about the first NMU, looks like I only removed libc6-dev from
 Build-Depends on a porter box, and checked it was OK there; and only
 wrote about it on my devel box, where the NMU was prepared. Hopefully
 the next one is OK. Sorry about that.

Hi,

I am just preparing new release of jconv ... renamed package and binary to 
jconvolver 0.8.4
this removing these bugs:#529774, #540427, #554638

regards

mira




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559802: CVE-2009-3736 local privilege escalation

2009-12-07 Thread Steve Langasek

On Mon, Dec 07, 2009 at 08:56:07AM +0100, Stefan Hornburg (Racke) wrote:
 CVE-2009-3736[0]:
 | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
 | attempts to open a .la file in the current working directory, which
 | allows local users to gain privileges via a Trojan horse file.

 Note that this problem also affects etch and lenny, so if your package
 is affected, please coordinate with the security team to release the
 DSA for the affected packages.

 If you fix the vulnerability please also make sure to include the
 CVE id in your changelog entry.

 Is there a patch available for the vulnerability?

The patch is to not use embedded copies of libltdl, we have a system libltdl
that all packages should be using.

It appears that courier-authlib is already doing this.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: Digital signature

Bug#559834: marked as done (CVE-2009-3736 local privilege escalation)

Your message dated Mon, 07 Dec 2009 18:51:17 +
with message-id e1nhig1-00036b...@ries.debian.org
and subject line Bug#559834: fixed in hypre 2.4.0b-5
has caused the Debian Bug report #559834,
regarding CVE-2009-3736 local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559834: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559834
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: hypre
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities  Exposures) id was
published for libtool.  I have determined that this package embeds a
vulnerable copy of the libtool source code.  However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the binary packages are not affected, please feel free to close
the bug with a message containing the details of what you did to check.

CVE-2009-3736[0]:
| ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
| attempts to open a .la file in the current working directory, which
| allows local users to gain privileges via a Trojan horse file.

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://security-tracker.debian.org/tracker/CVE-2009-3736


---End Message---
---BeginMessage---
Source: hypre
Source-Version: 2.4.0b-5

We believe that the bug you reported is fixed in the latest version of
hypre, which is due to be installed in the Debian FTP archive:

hypre_2.4.0b-5.diff.gz
  to main/h/hypre/hypre_2.4.0b-5.diff.gz
hypre_2.4.0b-5.dsc
  to main/h/hypre/hypre_2.4.0b-5.dsc
libhypre-2.4.0_2.4.0b-5_amd64.deb
  to main/h/hypre/libhypre-2.4.0_2.4.0b-5_amd64.deb
libhypre-dev_2.4.0b-5_all.deb
  to main/h/hypre/libhypre-dev_2.4.0b-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adam C. Powell, IV hazel...@debian.org (supplier of updated hypre package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 13:29:30 -0500
Source: hypre
Binary: libhypre-2.4.0 libhypre-dev
Architecture: source amd64 all
Version: 2.4.0b-5
Distribution: unstable
Urgency: low
Maintainer: Adam C. Powell, IV hazel...@debian.org
Changed-By: Adam C. Powell, IV hazel...@debian.org
Description: 
 libhypre-2.4.0 - High Performance Matrix Preconditioners - Shared Library
 libhypre-dev - High Performance Matrix Preconditioners - Development Files
Closes: 559484 559834
Changes: 
 hypre (2.4.0b-5) unstable; urgency=low
 .
   * Added libtool to Build-Depends, run libtoolize, and copy ltdl.{c,h} into
 src/babel-runtime/sidl (closes: #559834).
   * Copy new config.{sub,guess} into config dir (closes: #559484).
Checksums-Sha1: 
 c500d66708ba4825820303281b5cfd791d646721 1155 hypre_2.4.0b-5.dsc
 d01cce9cef8658f00ffd6c5cc7e050cafd25bced 10260 hypre_2.4.0b-5.diff.gz
 09b39744684542775b439929b3ab55575ec73bf4 1698108 
libhypre-2.4.0_2.4.0b-5_amd64.deb
 5155f182ceea4f971881e0c7205a95714460678b 151376 libhypre-dev_2.4.0b-5_all.deb
Checksums-Sha256: 
 fb9fcefb8c167dc6c7f2faf7e8ddbbcb0108ccc73cdb6eb5dc5df82803df5e8f 1155 
hypre_2.4.0b-5.dsc
 633f6e135ea399b17380d6ed850ab464422b5650d6f7d7b1dd2fe2210ffacfec 10260 
hypre_2.4.0b-5.diff.gz
 ad0dba11046a4a0390d8e6f43fc5b62aad4f9db25b57072936f6375dad473c50 1698108 
libhypre-2.4.0_2.4.0b-5_amd64.deb
 3fb043d6a45ccf2639cabc9ffc1c32fc4a869428eefec89a065c02141db703ed 151376 
libhypre-dev_2.4.0b-5_all.deb
Files: 
 aaba8bf376300fba62fc2a690279faca 1155 math extra hypre_2.4.0b-5.dsc
 289aef65fa31c38f9b2bf7876b8aea0d 10260 math extra hypre_2.4.0b-5.diff.gz
 b131eaf04a9a168b37653884857885c6 1698108 libs extra 
libhypre-2.4.0_2.4.0b-5_amd64.deb
 9e709c058062a74af0cf1722e427cd61 151376 libdevel extra

Bug#553230: libapache2-mod-macro: diff for NMU version 1.1.4-3.2

2009-12-07 Thread Thom May

feel free to take over this package if you want.

On Sat, Dec 5, 2009 at 3:02 PM, gregor herrmann gre...@debian.org wrote:
 Dear maintainer,

 I've prepared an NMU for libapache2-mod-macro (versioned as 1.1.4-3.2) and
 uploaded it to DELAYED/2. Please feel free to tell me if I
 should delay it longer.

 Regards.

 --
  .''`.   http://info.comodo.priv.at/ -- GPG Key IDs: 0x00F3CFE4, 0x8649AA06
  : :' :  Debian GNU/Linux user, admin,  developer - http://www.debian.org/
  `. `'   Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/
   `-    NP: PagePlant: Most High

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (GNU/Linux)

 iQIcBAEBCAAGBQJLGnYRAAoJELs6aAGGSaoGLrkQAJma6j6HAzTaUtFO31cv3DQo
 fBdDJUgIh0X/eXFPWLS2wu65FnChdLxL3iilPZVI2xUWG5t3YgZV65OIerFdBIY6
 XxV1muYYGh4vYmuvMyYBqc3zqx5POMVRFceqOY41gCjsBvRg+VTVZvh5wzU3F8DR
 tzePgKgGWYe9QvX4FQ1belXupvBcNMSPV5UZ4f61HMMCo1k37Wh+nWp3AEGI03nX
 l9c90TArbvyO5RsuUhrrrNUHQ/9H8CLvcsHyEV3+V0L7f753v81q52Uoj+UdW+TD
 Nc6MY5QZ9odyaAFKz/7zZ8zU0XLfvNioQ2sMP2nseG8UcvgTbG9lwnQHpOwaRnzZ
 9nFuz83xYuxzFIyQwmtvEEVW7z6eDscn27ZQpT/TZbd9CWgNgB3Wj7e6qaUkWgTo
 ZGwq3Nm3qucAO1RCsnR84/dwBqKoidcoruwlxHc6PMWpw8aa1LmE8Lkn5XJmDi+i
 fjEvM3gDhMk0RKkD15VOxt/14qNgqtrgwHATmsx85RQ6vp3UrYrxs0x5GvWXn2eU
 SreEEJ1qilgW+5NyY7751D2jJcWGGssZ49FkuTnUEgMKntFZ2UBVjmU+K0xWBilU
 OQqlT+LlzN8p/B+3GGY9vOzgTCuFWFxj3QdobBeDG0h5P614ZFS7QaXtS9kty5Tp
 P4Gq07lEShUwV0D14eXu
 =/R9U
 -END PGP SIGNATURE-





--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559754: marked as done (fails to install if /etc/sysctl.d/ not present)

Your message dated Mon, 07 Dec 2009 18:52:21 +
with message-id e1nhih3-0003ec...@ries.debian.org
and subject line Bug#559754: fixed in netbase 4.39
has caused the Debian Bug report #559754,
regarding fails to install if /etc/sysctl.d/ not present
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559754
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: netbase
Version: 4.37
Severity: important

Hello,

So at least something broke with bindv6only :)

Setting up netbase (4.38) ...
/var/lib/dpkg/info/netbase.postinst: 82: cannot create 
/etc/sysctl.d/bindv6only.conf: Directory nonexistent
dpkg: error processing netbase (--configure):
 subprocess installed post-installation script returned error exit status 2

This is on hurd-i386, but I guess it happens on kfreebsd-* too.

Samuel

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages netbase depends on:
ii  lsb-base  3.2-23 Linux Standard Base 3.2 init scrip

Versions of packages netbase recommends:
ii  ifupdown  0.6.9  high level tools to configure netw

netbase suggests no packages.

-- debconf information excluded

-- 
Samuel Thibault samuel.thiba...@fnac.net
 Cliquez sur le lien qui suit dans ce mail...vous n'avez plus qu'a vous
 inscrire pour gagner de l'argent en restant connecteet puis faites
 passer le message et vous gagnerez encore plus d'argent ...
 -+- AC in NPC : Neuneu a rencontr� le Pere No�l -+-


---End Message---
---BeginMessage---
Source: netbase
Source-Version: 4.39

We believe that the bug you reported is fixed in the latest version of
netbase, which is due to be installed in the Debian FTP archive:

netbase_4.39.dsc
  to main/n/netbase/netbase_4.39.dsc
netbase_4.39.tar.gz
  to main/n/netbase/netbase_4.39.tar.gz
netbase_4.39_all.deb
  to main/n/netbase/netbase_4.39_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Marco d'Itri m...@linux.it (supplier of updated netbase package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 19:02:29 +0100
Source: netbase
Binary: netbase
Architecture: source all
Version: 4.39
Distribution: unstable
Urgency: low
Maintainer: Marco d'Itri m...@linux.it
Changed-By: Marco d'Itri m...@linux.it
Description: 
 netbase- Basic TCP/IP networking system
Closes: 559754
Changes: 
 netbase (4.39) unstable; urgency=low
 .
   * Create /etc/sysctl.d/ if it does not exist and do nothing on non-Linux
 systems. (Closes: #559754)
Checksums-Sha1: 
 1be245800bccb37640440b1fd14526e67275f27b 682 netbase_4.39.dsc
 82c2299fc42344f171fe6327181c1b202bd0e83f 34068 netbase_4.39.tar.gz
 744078ca3729aafd57caf9727f18bae7554964bc 19778 netbase_4.39_all.deb
Checksums-Sha256: 
 39e22e25bddaf74efb80e10cf28b9b5bbf469152c5258a35e808d355f044a36d 682 
netbase_4.39.dsc
 32a21020cbf59ac5f69ba44d402589ebd827a00f76d973a98c8da2455c4c9f56 34068 
netbase_4.39.tar.gz
 4b53b1249e11b3a1e362e5455d8348650f55a178d383d04d6d1c1ddaf28face5 19778 
netbase_4.39_all.deb
Files: 
 dc47c08588be3cb80d72e8d8dcdf7377 682 admin important netbase_4.39.dsc
 e186865c81dbfb07cbbb35294ad67ff6 34068 admin important netbase_4.39.tar.gz
 2aa696a41312dea321ac5a27e916c560 19778 admin important netbase_4.39_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksdSucACgkQFGfw2OHuP7EwAgCdGr3CYbvF9hAOOsESTEsDbSAN
nGIAn0Pc8k3s7eBFFSBSnfS9HMlFqxNQ
=YzrR
-END PGP SIGNATURE-


---End Message---

Bug#554638: Bug#540427: Real patch for my NMU

2009-12-07 Thread Free Ekanayaka

Hi,

|--== On Mon, 07 Dec 2009 19:05:49 +0100 (CET), Jaromír Mikeš 
mira.mi...@seznam.cz said:

  Od: Cyril Brulebois k...@debian.org
  
  Sorry about the first NMU, looks like I only removed libc6-dev from
  Build-Depends on a porter box, and checked it was OK there; and only
  wrote about it on my devel box, where the NMU was prepared. Hopefully
  the next one is OK. Sorry about that.

  JM Hi,

  JM I am just preparing new release of jconv ... renamed package and binary 
to jconvolver 0.8.4
  JM this removing these bugs:#529774, #540427, #554638

Please don't forget to import the changes from this NMU to the new
sources.

Ciao!

Free



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559910: libeditline-dev and heimdal-dev: error when trying to install together

2009-12-07 Thread Ralf Treinen

Package: heimdal-dev,libeditline-dev
Version: heimdal-dev/1.3.1.dfsg.1-1
Version: libeditline-dev/1.12-5
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite

Date: 2009-12-07
Architecture: amd64
Distribution: sid

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:


WARNING: The following packages cannot be authenticated!
  libdb4.8 libroken18-heimdal libasn1-8-heimdal libc-dev-bin linux-libc-dev
  libc6-dev libeditline0 libeditline-dev libheimsqlite0 libwind0-heimdal
  libhx509-5-heimdal libkrb5-25-heimdal libheimntlm0-heimdal
  libgssapi2-heimdal libhdb9-heimdal libkadm5clnt7-heimdal
  libkadm5srv8-heimdal comerr-dev libkafs0-heimdal heimdal-multidev
  heimdal-dev
W: cowdancer: unsupported operation flock, read-only open and 
fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407052
W: cowdancer: unsupported operation flock, read-only open and 
fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407760
W: cowdancer: unsupported operation flock, read-only open and 
fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407039
Authentication warning overridden.
Can not write log, openpty() failed (/dev/pts not mounted?)
Selecting previously deselected package libdb4.8.
(Reading database ... 10436 files and directories currently installed.)
Unpacking libdb4.8 (from .../libdb4.8_4.8.24-1_amd64.deb) ...
Selecting previously deselected package libroken18-heimdal.
Unpacking libroken18-heimdal (from 
.../libroken18-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libasn1-8-heimdal.
Unpacking libasn1-8-heimdal (from 
.../libasn1-8-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libc-dev-bin.
Unpacking libc-dev-bin (from .../libc-dev-bin_2.10.2-2_amd64.deb) ...
Selecting previously deselected package linux-libc-dev.
Unpacking linux-libc-dev (from 
.../linux-libc-dev_2.6.32~rc8-1~experimental.1_amd64.deb) ...
Selecting previously deselected package libc6-dev.
Unpacking libc6-dev (from .../libc6-dev_2.10.2-2_amd64.deb) ...
Selecting previously deselected package libeditline0.
Unpacking libeditline0 (from .../libeditline0_1.12-5_amd64.deb) ...
Selecting previously deselected package libeditline-dev.
Unpacking libeditline-dev (from .../libeditline-dev_1.12-5_amd64.deb) ...
Selecting previously deselected package libheimsqlite0.
Unpacking libheimsqlite0 (from .../libheimsqlite0_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libwind0-heimdal.
Unpacking libwind0-heimdal (from .../libwind0-heimdal_1.3.1.dfsg.1-1_amd64.deb) 
...
Selecting previously deselected package libhx509-5-heimdal.
Unpacking libhx509-5-heimdal (from 
.../libhx509-5-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libkrb5-25-heimdal.
Unpacking libkrb5-25-heimdal (from 
.../libkrb5-25-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libheimntlm0-heimdal.
Unpacking libheimntlm0-heimdal (from 
.../libheimntlm0-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libgssapi2-heimdal.
Unpacking libgssapi2-heimdal (from 
.../libgssapi2-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libhdb9-heimdal.
Unpacking libhdb9-heimdal (from .../libhdb9-heimdal_1.3.1.dfsg.1-1_amd64.deb) 
...
Selecting previously deselected package libkadm5clnt7-heimdal.
Unpacking libkadm5clnt7-heimdal (from 
.../libkadm5clnt7-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package libkadm5srv8-heimdal.
Unpacking libkadm5srv8-heimdal (from 
.../libkadm5srv8-heimdal_1.3.1.dfsg.1-1_amd64.deb) ...
Selecting previously deselected package comerr-dev.
Unpacking comerr-dev (from .../comerr-dev_2.1-1.41.9-1_amd64.deb) ...
Selecting previously deselected package libkafs0-heimdal.
Unpacking libkafs0-heimdal (from .../libkafs0-heimdal_1.3.1.dfsg.1-1_amd64.deb) 
...
Selecting previously deselected package heimdal-multidev.
Unpacking heimdal-multidev (from .../heimdal-multidev_1.3.1.dfsg.1-1_amd64.deb) 
...
Selecting previously deselected package heimdal-dev.
Unpacking heimdal-dev (from .../heimdal-dev_1.3.1.dfsg.1-1_amd64.deb) ...
dpkg: error processing 
/var/cache/apt/archives/heimdal-dev_1.3.1.dfsg.1-1_amd64.deb (--unpack):
 trying to overwrite '/usr/share/man/man3/editline.3.gz', which is also in 
package libeditline-dev 0:1.12-5
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Processing triggers for man-db ...
W: cowdancer: unsupported operation flock, read-only open and 
fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407052
W: cowdancer: unsupported operation flock, read-only open and 
fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407760
W: cowdancer: unsupported operation flock, read-only open and

Processed: found 529774 in jack-jconv/0.8.1-1.2

Processing commands for cont...@bugs.debian.org:

 found 529774 jack-jconv/0.8.1-1.2
Bug #529774 [libjconv-bin,jack-jconv] jack-jconv and libjconv-bin: error when 
trying to install together
The source jack-jconv and version 0.8.1-1.2 do not appear to match any binary 
packages
Bug Marked as found in versions jack-jconv/0.8.1-1.2.

End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#522580: libqt-perl/kdebindings: build-depend libsmokeqt-dev going away

2009-12-07 Thread Modestas Vainius

Hello,

On antradienis 14 Balandis 2009 23:22:55 Bart Martens wrote:
 retitle 522580 libqt-perl/kdebindings: build-depend (libsmokeqt-dev) going
  away stop
 
 
 Sune and I have briefly discussed this on irc.  We agreed that I wait
 for a heads-up from Sune.

Please either request removal of this package from archive or package a 
version compatible with kdebindings 4 (I don't know if it exists) ASAP. 
Current situation causes unnecessary breakage.

-- 
Modestas Vainius modes...@vainius.eu


signature.asc
Description: This is a digitally signed message part.

Bug#554604: marked as done (kflickr_0.9.1-2.1(ia64/unstable): FTBFS: confused about automake versions?)

Your message dated Mon, 7 Dec 2009 22:18:21 +0300
with message-id 20091207221821.7c37a...@corner
and subject line fixed in kflickr 0.9.1-2.2
has caused the Debian Bug report #554604,
regarding kflickr_0.9.1-2.1(ia64/unstable): FTBFS: confused about automake 
versions?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
554604: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=554604
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: kflickr
Version: 0.9.1-2.1
Severity: serious

There was an error while trying to autobuild your package:

 Automatic build of kflickr_0.9.1-2.1 on mundy by sbuild/ia64 98
 Build started at 20091105-1553

[...]

 ** Using build dependencies supplied by package:
 Build-Depends: debhelper, automake, libtool, kdelibs4-dev, autotools-dev

[...]

 cp -f /usr/share/aclocal/libtool.m4 admin/libtool.m4.in
 make -f Makefile.cvs
 make[1]: Entering directory `/build/buildd/kflickr-0.9.1'
 This Makefile is only for the CVS repository
 This will be deleted before making the distribution
 
 make[2]: Entering directory `/build/buildd/kflickr-0.9.1'
 *** YOU'RE USING automake (GNU automake) 1.11.
 *** KDE requires automake 1.6.1 or newer
 make[2]: *** [cvs] Error 1
 make[2]: Leaving directory `/build/buildd/kflickr-0.9.1'
 make[1]: *** [all] Error 2
 make[1]: Leaving directory `/build/buildd/kflickr-0.9.1'
 make: *** [autotools-stamp] Error 2
 dpkg-buildpackage: error: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=ia64pkg=kflickrver=0.9.1-2.1



---End Message---
---BeginMessage---
Version: 0.9.1-2.2

I believe this was fixed in a recent upload of version 0.9.1-2.2 (see #540669 
for patch).

-- 
Ilya

---End Message---

Bug#552906: marked as done (gnuchess: FTBFS: common.h:747: error: 'getline' redeclared as different kind of symbol)

Your message dated Mon, 07 Dec 2009 19:18:43 +
with message-id e1nhj6z-0006h6...@ries.debian.org
and subject line Bug#552906: fixed in gnuchess 5.07-7
has caused the Debian Bug report #552906,
regarding gnuchess: FTBFS: common.h:747: error: 'getline' redeclared as 
different kind of symbol
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
552906: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552906
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: gnuchess
Version: 5.07-6
Severity: serious
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20091028 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

In eglibc = 2.9, getline was only defined if _GNU_SOURCE was defined.
In eglibc 2.10, getline is always defined (since it became a standard in
POSIX2008). The problem is that your package already has a function
named getline(), which now conflicts with glibc's. You need to rename
your function to something else.
Ubuntu already fixed many occurences of your problem, so it is possible
that an Ubuntu patch is available for your package. Look at the PTS to
find out.

Relevant part:
 if x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I. -I.-pthread -g -Wall -O2 
 -MT atak.o -MD -MP -MF .deps/atak.Tpo \
 -c -o atak.o `test -f 'atak.c' || echo './'`atak.c; \
   then mv -f .deps/atak.Tpo .deps/atak.Po; \
   else rm -f .deps/atak.Tpo; exit 1; \
   fi
 In file included from atak.c:29:
 common.h:747: error: 'getline' redeclared as different kind of symbol
 /usr/include/stdio.h:651: error: previous declaration of 'getline' was here
 make[3]: *** [atak.o] Error 1

The full build log is available from:
   
http://people.debian.org/~lucas/logs/2009/10/28/gnuchess_5.07-6_lsid64.buildlog

A list of current common problems and possible solutions is available at 
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot.  Internet was not
accessible from the build systems.

-- 
| Lucas Nussbaum
| lu...@lucas-nussbaum.net   http://www.lucas-nussbaum.net/ |
| jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F |


---End Message---
---BeginMessage---
Source: gnuchess
Source-Version: 5.07-7

We believe that the bug you reported is fixed in the latest version of
gnuchess, which is due to be installed in the Debian FTP archive:

gnuchess_5.07-7.diff.gz
  to main/g/gnuchess/gnuchess_5.07-7.diff.gz
gnuchess_5.07-7.dsc
  to main/g/gnuchess/gnuchess_5.07-7.dsc
gnuchess_5.07-7_amd64.deb
  to main/g/gnuchess/gnuchess_5.07-7_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 552...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bradley Smith bradsm...@debian.org (supplier of updated gnuchess package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 19:00:35 +
Source: gnuchess
Binary: gnuchess
Architecture: source amd64
Version: 5.07-7
Distribution: unstable
Urgency: low
Maintainer: Bradley Smith bradsm...@debian.org
Changed-By: Bradley Smith bradsm...@debian.org
Description: 
 gnuchess   - Plays a game of chess, either against the user or against itself
Closes: 552906 559909
Changes: 
 gnuchess (5.07-7) unstable; urgency=low
 .
   * Fix getline FTBFS. Closes: #552906, #559909.
Checksums-Sha1: 
 5f0e6ac25f0b9ab0dc7e18c1ab48789ff00a39e9 1186 gnuchess_5.07-7.dsc
 c1a3d6a58beba1809f3434f6507bcbde1661ff2d 7558 gnuchess_5.07-7.diff.gz
 d8655bb5c748abc70baa1d4e6d396c47c2e3b4db 88664 gnuchess_5.07-7_amd64.deb
Checksums-Sha256: 
 b43f98397328803ad24ec8cde55f0280764a753bda5a61d5d1a261bd05b4f8b7 1186 
gnuchess_5.07-7.dsc
 a5067ec1d315cde50ca17880d4c01f2bf46cdb136b2f51f9b63cb207fbe5745c 7558 
gnuchess_5.07-7.diff.gz
 3b014620a5ad14d8d113b00cf91df77b0cfff03f2a9a986ef8172df4ac3d00df 88664 
gnuchess_5.07-7_amd64.deb
Files: 
 83b2df72638ce89af20d3a32a8a7530c 1186 games optional gnuchess_5.07-7.dsc
 76a79b7464e85d666f189cb54f48a6c2 7558 games optional gnuchess_5.07-7.diff.gz
 8ebba3d427d99cbdfdfc1955786fd12d 88664 games optional

Bug#559904: marked as done (FTBFS: failed to run aclocal)

Your message dated Mon, 07 Dec 2009 19:19:01 +
with message-id e1nhj6r-0006k9...@ries.debian.org
and subject line Bug#559904: fixed in hdf-eos4 2.16v1.00.dfsg.2-3
has caused the Debian Bug report #559904,
regarding FTBFS: failed to run aclocal
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559904: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559904
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: hdf-eos4
Version: 2.16v1.00.dfsg.2-2
Severity: serious

Thanks for the quick turnaround on #559891.
Looks like there's another missing build-dep:
[...]
cp samples/simple.txt testdrivers/threads
# FIXME: a sort of hack
ln -sf -- testswath.f testdrivers/swath/testswath77.f
ln -sf -- testpoint.f testdrivers/point/testpoint77.f
autoreconf
Can't exec aclocal: No such file or directory at 
/usr/share/autoconf/Autom4te/FileUtils.pm line 325.
autoreconf: failed to run aclocal: No such file or directory
make: *** [makebuilddir/libhdfeos-dev] Error 1
dpkg-buildpackage: error: debian/rules build gave error exit status 2

Build finished at 20091207-1745
FAILED [dpkg-buildpackage died]
Purging 
/var/lib/schroot/mount/sid-hppa-sbuild-10e141df-4cf7-47a8-a235-a1bb5d069be8/build/buildd-hdf-eos4_2.16v1.00.dfsg.2-2-hppa-35hd9s



---End Message---
---BeginMessage---
Source: hdf-eos4
Source-Version: 2.16v1.00.dfsg.2-3

We believe that the bug you reported is fixed in the latest version of
hdf-eos4, which is due to be installed in the Debian FTP archive:

hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz
hdf-eos4_2.16v1.00.dfsg.2-3.dsc
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-3.dsc
libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb
  to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb
libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb
  to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alastair McKinstry mckins...@debian.org (supplier of updated hdf-eos4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 18:52:06 +
Source: hdf-eos4
Binary: libhdfeos0 libhdfeos-dev
Architecture: source i386
Version: 2.16v1.00.dfsg.2-3
Distribution: unstable
Urgency: low
Maintainer: Alastair McKinstry mckins...@debian.org
Changed-By: Alastair McKinstry mckins...@debian.org
Description: 
 libhdfeos-dev - Development files for the HDF-EOS4 library
 libhdfeos0 - Earth Observation System extensions to HDF4
Closes: 559904
Changes: 
 hdf-eos4 (2.16v1.00.dfsg.2-3) unstable; urgency=low
 .
   * Add dependency on automake, too. Closes: #559904.
Checksums-Sha1: 
 f129c68ee778981776a68328f739a79fdf27d69a 1211 hdf-eos4_2.16v1.00.dfsg.2-3.dsc
 c034d8a57c495aca2002f07c2ea04f272d3f80bc 8669 
hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz
 9af4179eaf1f7d5a9bc0d8f12cc424b22f2d4b41 106640 
libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb
 800a51313f1650ae123a6dc5c43ef90a96ebe71a 182570 
libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb
Checksums-Sha256: 
 0be0fb4184c9f52213dac858aa89e8e21e007d67e285cdaf48c13ff235f50287 1211 
hdf-eos4_2.16v1.00.dfsg.2-3.dsc
 b485d4fb16b4d989ba8eda377942bd54a4744d7d34170cbb3f343280b142296c 8669 
hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz
 dc3157e68cbdea286efa8632e34386679e828f655b8efc869eda001746e219bc 106640 
libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb
 2bbec7ee1749c3c1f522a17bfa18a31bedcd8316a363e888ff340ffd5245936b 182570 
libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb
Files: 
 8da8b55cf4cee8548c3373a6b8799f38 1211 libs optional 
hdf-eos4_2.16v1.00.dfsg.2-3.dsc
 87d461518d4895562ab51a8a30cb8d14 8669 libs optional 
hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz
 6902727da282758cb0f6b91e6ffce58b 106640 libs optional 
libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb
 ee833a4b436b7876c5c3d0d779339d81 182570 libdevel optional 
libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFLHVIxQTK/kCo4XFcRAm5ZAJ0RP1TEg5fdCmTVx1d/lMEhICPmFgCgi3Yy
YyJhjJ8PqYnWsm0MXgIzR2I

Bug#553230: libapache2-mod-macro: diff for NMU version 1.1.4-3.2

2009-12-07 Thread gregor herrmann

On Mon, 07 Dec 2009 18:46:34 +, Thom May wrote:

 feel free to take over this package if you want.

Thanks for the offer, but I just wanted to fix this RC bug.

Maybe an RFA or O bug would be a good idea?

Cheers,
gregor
 
-- 
 .''`.   http://info.comodo.priv.at/ -- GPG Key IDs: 0x00F3CFE4, 0x8649AA06
 : :' :  Debian GNU/Linux user, admin,  developer - http://www.debian.org/
 `. `'   Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/
   `-NP: The Eagles: One Of These Nights


signature.asc
Description: Digital signature

Bug#559913: FTBFS - chrpath: Command not found

Package: hdf-eos4
Version: 2.16v1.00.dfsg.2-3
Severity: serious

And now fails because of:

[...]
make[2]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2'
make[1]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2'
dh_installdirs -plibhdfeos0 
# Broken build system needs -rpath. Remove it after install.
chrpath -d  debian/tmp/usr/lib/libhdfeos.so.0.0.0
make: chrpath: Command not found
make: *** [install/libhdfeos0] Error 127
dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave error 
exit status 2



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559921: aish: should this package be removed?

2009-12-07 Thread Simon McVittie

Package: aish
Version: 1.13-5
Severity: serious
Justification: RC-buggy, low popcon, last upstream was 1998
User: debian...@lists.debian.org
Usertags: proposed-removal

aish seems like a possible candidate for removal from Debian:

* RC-buggy (copyright file not sufficient for GPL compliance, or for Policy)
  with no response from the maintainer
* low popcon (29 votes)
* last upstream release appears to have been 1998, last maintainer upload
  in 2005
* popular alternatives exist for its high-level functionality (uuencode,
  base64); I'm not aware of anything else that supports the ish format,
  but I've also never heard of the ish format before!

If you want to keep this package around in Debian, please just close this bug,
and do an upload to fix the issues in it.

If you don't think it's worth keeping, please send the following commands
to cont...@bugs.debian.org, replacing nn with this bug's number:

severity nn normal
reassign nn ftp.debian.org
retitle nn RM: packagename -- RoM; reasons
thanks 

For more information, see
http://wiki.debian.org/ftpmaster_Removals
http://ftp-master.debian.org/removals.txt

Regards,
smcv


signature.asc
Description: Digital signature

Processed: Re: Bug#559765: jetty: CVE-2007-6672 info disclosure

Processing commands for cont...@bugs.debian.org:

 tags 559765 + wontfix
Bug #559765 [jetty] jetty: CVE-2007-6672 info disclosure
Added tag(s) wontfix.
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559765: jetty: CVE-2007-6672 info disclosure

2009-12-07 Thread Torsten Werner

tags 559765 + wontfix
thanks

On Mon, Dec 7, 2009 at 5:10 PM, Michael Gilbert
michael.s.gilb...@gmail.com wrote:
 changelog notes are not sufficient justification to close a security
 issue. the source needs to be checked against a patch, so please find a
 way to track that down.  the easiest way is probably to just ask
 upstream. thanks.

No, I think it is your duty as the bug reporter to prove that the
package is still vulnerable.

Torsten



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#549264: marked as done (cl-cffi: cffi depends on babel which is not part of debian)

Your message dated Mon, 7 Dec 2009 20:33:29 +
with message-id 20091207203329.ga30...@reptile.pseudorandom.co.uk
and subject line Re: Bug#549264: cffi depends on babel which is not part of 
debian
has caused the Debian Bug report #549264,
regarding cl-cffi: cffi depends on babel which is not part of debian
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
549264: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549264
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---

Package: cl-cffi
Version: 20090823-1
Severity: grave
Justification: renders package unusable

* (asdf:operate 'asdf:load-source-op :cffi)

; loading system definition from /usr/share/common-lisp/systems/ 
cffi.asd into

; #PACKAGE ASDF0
; registering #SYSTEM CFFI {AC05259} as CFFI
; loading system definition from /usr/share/common-lisp/systems/ 
babel.asd into

; #PACKAGE ASDF0

debugger invoked on a SB-INT:SIMPLE-FILE-ERROR in thread #THREAD  
initial thread RUNNING {AA6B711}:
  Couldn't load #P/usr/share/common-lisp/systems/babel.asd: file  
does not

exist.


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.25.4dedibox-r9-smp-x32
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages cl-cffi depends on:
ii  common-lisp-controller6.18   Common Lisp source and  
compiler ma


cl-cffi recommends no packages.

cl-cffi suggests no packages.

-- no debconf information



---End Message---
---BeginMessage---
Version: 20090823-2

It seems that this broken dependency is now resolved - cl-cffi depends
on cl-babel, which is now in Debian - so I'm closing the bug.

Regards,
Simon


signature.asc
Description: Digital signature
---End Message---

Processed: tagging 555150

Processing commands for cont...@bugs.debian.org:

 tags 555150 + pending
Bug #555150 [src:libv8] libv8: FTBFS: symbol differences
Added tag(s) pending.

End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559723: mumps - FTBFS: debian/rules:7: *** invalid syntax in conditional. Stop.

2009-12-07 Thread Adam C Powell IV

Hello Bastian,

Line 7 is:
ifeq ($(MUMPS_MPI,lam))
which is just fine, though MUMPS_MPI is set by:
MUMPS_MPI=$(shell readlink /etc/alternatives/mpi | sed s/usr//g | sed 
s/include//g | sed s/lib//g | sed s/\\///g)

On s390 and a couple of others, /etc/alternatives/mpi will point to
/usr/include/lam and when I use this sed series, it gives me lam.

Do you get something different for MUMPS_MPI on s390, perhaps an escape
character got in there somehow?

-Adam
-- 
GPG fingerprint: D54D 1AEE B11C CE9B A02B  C5DD 526F 01E8 564E E4B6

Engineering consulting with open source tools
http://www.opennovation.com/


signature.asc
Description: This is a digitally signed message part

Bug#555150: libv8: FTBFS: symbol differences

2009-12-07 Thread Antonio Radici

Hi Kurt,
sorry for the late reply but I've been very busy at work, I've now got my free
time back :-) 

I'm working on releasing version 2.0.3 on the library and I will check that it
builds fine in amd64 before uploading.

Thanks for your bug report.

Cheers
Antonio



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#555670: libtheora: FTBFS on hurd-i386 and kfreebsd-*

Processing commands for cont...@bugs.debian.org:

 severity 555670 serious
Bug #555670 [libtheora] libtheora: FTBFS on hurd-i386 and kfreebsd-*
Severity set to 'serious' from 'important'

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559930: FTBFS: fails to relibtoolize

2009-12-07 Thread Cyril Brulebois

Package: hypre
Version: 2.4.0b-5
Severity: serious
Justification: FTBFS

Hi,

your package FTBFS:
| (cd src/babel-runtime  libtoolize)
| libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `config'.
| libtoolize: linking file `config/ltmain.sh'
| libtoolize: putting auxiliary files in `config'.
| libtoolize: linking file `libltdl/config/compile'
| libtoolize: linking file `libltdl/config/config.guess'
| libtoolize: linking file `libltdl/config/config.sub'
| libtoolize: linking file `libltdl/config/depcomp'
| libtoolize: linking file `libltdl/config/install-sh'
| libtoolize: linking file `libltdl/config/missing'
| libtoolize: linking file `libltdl/config/ltmain.sh'
| libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'.
| libtoolize: linking file `m4/argz.m4'
| libtoolize: You should add the contents of `m4/argz.m4' to `aclocal.m4'.
| libtoolize: linking file `m4/libtool.m4'
| libtoolize: `/usr/share/aclocal/ltdl.m4' does not exist.
| make: *** [stamp-build] Error 1


Build logs at the usual place:
  https://buildd.debian.org/status/package.php?suite=unstablep=hypre

Mraw,
KiBi.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559627: marked as done (ziproxy: should this package be removed?)

Your message dated Mon, 7 Dec 2009 19:18:24 -0200
with message-id 20091207211824.ga5...@gladiador.dv.utfpr.edu.br
and subject line Re: Bug#559627: ziproxy: should this package be removed?
has caused the Debian Bug report #559627,
regarding ziproxy: should this package be removed?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559627: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559627
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: ziproxy
Version: 2.5.2-2
Severity: serious
Justification: security-buggy, low popcon, two uploads ever
User: debian...@lists.debian.org
Usertags: proposed-removal

ziproxy seems like a possible candidate for removal from Debian:

* security-buggy (CVE-2009-0804: HTTP Host Header Incorrect Relay Behavior
  Vulnerability) with no response from the maintainer
* low popcon (15 votes)
* runs as root, according to #543471

If you want to keep this package around in Debian, please just close this bug,
and do an upload to fix the issues in it.

If you don't think it's worth keeping, please send the following commands
to cont...@bugs.debian.org, replacing nn with this bug's number:

severity nn normal
reassign nn ftp.debian.org
retitle nn RM: packagename -- RoM; reasons
thanks 

For more information, see
http://wiki.debian.org/ftpmaster_Removals
http://ftp-master.debian.org/removals.txt

Regards,
smcv


signature.asc
Description: Digital signature
---End Message---
---BeginMessage---
* Simon McVittie (s...@debian.org) wrote:
 Package: ziproxy
 Version: 2.5.2-2
 Severity: serious
 Justification: security-buggy, low popcon, two uploads ever
 User: debian...@lists.debian.org
 Usertags: proposed-removal
 
 ziproxy seems like a possible candidate for removal from Debian:
 
 * security-buggy (CVE-2009-0804: HTTP Host Header Incorrect Relay Behavior
   Vulnerability) with no response from the maintainer
 * low popcon (15 votes)
 * runs as root, according to #543471
 
 If you want to keep this package around in Debian, please just close this bug,
 and do an upload to fix the issues in it.
 
 If you don't think it's worth keeping, please send the following commands
 to cont...@bugs.debian.org, replacing nn with this bug's number:
 
 severity nn normal
 reassign nn ftp.debian.org
 retitle nn RM: packagename -- RoM; reasons
 thanks 
 
 For more information, see
 http://wiki.debian.org/ftpmaster_Removals
 http://ftp-master.debian.org/removals.txt
 
 Regards,
 smcv

   I will fix the bugs of the ziproxy package.

   Sorry about this issue. The security-buggy was already fixed [1], but I had
problems with my sponsor to upload the package to the Debian repository. In a
few days I will send the upload using the mentors.debian.net service.

   [1] http://git.debian.org/?p=collab-maint/pkg-ziproxy.git

Thanks,
Talau


signature.asc
Description: Digital signature
---End Message---

Bug#523139: JVM crash

2009-12-07 Thread Christoph Zimmermann

this is a copy of bug nr. 489701

I had the same problem with the RXTX library. I send here the same
solution as I sent to the older bug because I didn't got any response.

Start weitergeleitete Nachricht:

Datum: Fri, 20 Nov 2009 17:56:31 +0100
Von: Christoph Zimmermann nussgip...@gmx.ch
An: 489...@bugs.debian.org
Betreff: librxtx-java: does not work, UnsatisfiedLinkError and
NoClassDefFoundError


small update to the stuff I wrote yesterday:

some simple java test programm using the RXTX library are working when
I install the library manualy (as descriped in my last post).

but the application I was interested in was crashing everytime at the
same position.
(Sump Logic Analyzer Client
http://www.sump.org/projects/analyzer/client/?#comment)

today I tried to install the newer version of the RXTX library,
version rxtx-2.2pre2, getting the same compile errors as from the
latest stable library (the base for the current debian package). 

So I tried to apply the patch from the stable version to the new
2.2pre2 and it worked well. some stuff applied not well but I was able
to compile and install the new version without errors.

Now the Sump Logic Analyzer WORKS! No crashes anymore.

I suggest to update the the library in debian SID to the version
2.2pre2.

output of patch:

rxtx-2.2pre2$ patch -p1  ../rxtx_2.1.7r2-4.diff patching file
Makefile.in Hunk #1 succeeded at 609 with fuzz 2 (offset 53
lines). Hunk #2 succeeded at 626 (offset 53
lines). patching file
configure Hunk #1 succeeded at 22093 (offset 592
lines). Hunk #2 succeeded at 22105 (offset 592
lines). Hunk #3 FAILED at
22133. Hunk #4 FAILED at
22203. Hunk #5 FAILED at
22339. Hunk #6 FAILED at
22391. 4 out of 6 hunks FAILED -- saving rejects to file
configure.rej patching file
debian/changelog patching file
debian/control patching file
debian/copyright patching file
debian/rules patching file
debian/README.Debian patching file
debian/librxtx-java.dirs patching file
debian/librxtx-java.docs patching file
debian/compat patching file
src/SerialImp.cpp Hunk #1 succeeded at 142 (offset 39
lines). Hunk #2 succeeded at 154 (offset 39
lines). patching file
src/I2CImp.c Hunk #1 succeeded at 61 (offset 39
lines). Hunk #2 succeeded at 127 (offset 39
lines). Hunk #3 succeeded at 138 (offset 39
lines). patching file
src/ParallelImp.c Hunk #1 FAILED at
38. 1 out of 1 hunk FAILED -- saving rejects to file
src/ParallelImp.c.rej patching file
src/RS485Imp.c Hunk #1 succeeded at 61 (offset 39
lines). Hunk #2 succeeded at 127 (offset 39
lines). Hunk #3 succeeded at 138 (offset 39
lines). patching file
src/RawImp.c Hunk #1 succeeded at 69 (offset 38
lines). Hunk #2 succeeded at 272 (offset 40
lines). Hunk #3 succeeded at 283 (offset 40
lines). patching file
src/SerialImp.c Hunk #1 succeeded at 66 (offset 39
lines). Hunk #2 succeeded at 320 (offset 39
lines). Hunk #3 succeeded at 334 (offset 39 lines). 



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#545594: kpsk: FTBFS: ld: cannot find -lcompat

2009-12-07 Thread Simon McVittie

tags 545594 + confirmed
thanks

(Putting Lucas back in the loop. Sebastian: if you just mail nnn...@bugs,
the submitter does *not* get a copy!)

On Tue, 08 Sep 2009 at 11:25:33 +0200, Lucas Nussbaum wrote:
 During a rebuild of all packages in sid, your package failed to build on
 amd64.
 
 Relevant part: [...]

Turns out this *isn't* the relevant part. I could reproduce this in an
up-to-date sid amd64 chroot, and the failure is:

checking for main in -lpthread... yes
checking for main in -ldb-4.6... no
checking for main in -ldb-4.0... no
checking for main in -ldb-3.3... no
checking for main in -ldb-3.2... no
checking for main in -ldb-3.1... no
configure: error: Cannot find the Berkeley DB libs

On Thu, 03 Dec 2009 at 16:47:24 +0100, Sebastian Muszynski wrote:
 i've rebuild the package on amd64 without problems.

You must have had an older version of libdb-dev installed... the current
version of libdb-dev is 4.8, which is not on the limited list of versions
that kpsk looks for. The relevant version when dealing with FTBFS bugs is
always the latest from unstable.

I do wonder whether this package should still be in Debian: it has a low and
declining popularity-contest score, and hasn't had an upstream release since
a release candidate in 2007. If you still want to maintain it, go ahead, but
be aware that maintaining it properly probably means taking over upstream
maintenance... Or, if you don't think it's worth maintaining any more,
http://wiki.debian.org/ftpmaster_Removals explains how to request removal.

Simon


signature.asc
Description: Digital signature

Bug#559803: marked as done (CVE-2009-3736 local privilege escalation)

Your message dated Mon, 07 Dec 2009 22:04:02 +0100
with message-id 4b1d6dc2.9050...@vis.ethz.ch
and subject line Re: Bug#559803: CVE-2009-3736 local privilege escalation
has caused the Debian Bug report #559803,
regarding CVE-2009-3736 local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559803: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559803
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: cvsnt
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities  Exposures) id was
published for libtool.  I have determined that this package embeds a
vulnerable copy of the libtool source code.  However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the package is not affected, please feel free to close the bug
with a message containing the details of what you did to check.

CVE-2009-3736[0]:
| ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
| attempts to open a .la file in the current working directory, which
| allows local users to gain privileges via a Trojan horse file.

Note that this problem also affects etch and lenny, so if your package
is affected, please coordinate with the security team to release the
DSA for the affected packages.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://security-tracker.debian.org/tracker/CVE-2009-3736


---End Message---
---BeginMessage---

Package: cvsnt
Severity: grave
Tags: security
Version: 2.5.04.3236-1



The following CVE (Common Vulnerabilities  Exposures) id was
published for libtool.  I have determined that this package embeds a
vulnerable copy of the libtool source code.  However, since this is a
mass bug filing (due to so many packages embedding libtool), I have not
had time to determine whether the vulnerable code is actually present
in any of the binary packages. Please determine whether this is the
case. If the package is not affected, please feel free to close the bug
with a message containing the details of what you did to check.


cvsnt only uses the embeded libtool if it is not installed on the 
system. If it is installed, it uses the installed one.


Best regards
Andreas
--
  (`-''-/).___..--''`-._
   `o_ o  )   `-.  ( ).`-.__.`)
   (_Y_.)'  ._   )  `._ `. ``-..-'
 _..`--'_..-_/  /--'_.' .'
(il).-''  (li).'  ((!.-'

Andreas Tscharner   a...@vis.ethz.ch   ICQ-No. 14356454

---End Message---

Bug#559633: marked as done (kaa-imlib2_0.2.3-2(ia64/unstable): FTBFS: bad build-depends?)

Your message dated Mon, 07 Dec 2009 21:42:42 +
with message-id e1nhllu-0002oc...@ries.debian.org
and subject line Bug#559633: fixed in kaa-base 0.6.0-2
has caused the Debian Bug report #559633,
regarding kaa-imlib2_0.2.3-2(ia64/unstable): FTBFS: bad build-depends?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559633
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: kaa-imlib2
Version: 0.2.3-2
Severity: serious

There was an error while trying to autobuild your package:

 Automatic build of kaa-imlib2_0.2.3-2 on mundy by sbuild/ia64 98
 Build started at 20091204-2148

[...]

 ** Using build dependencies supplied by package:
 Build-Depends: cdbs (= 0.4.42), debhelper (= 5.0.37.2), python-all-dev (= 
 2.3.5-11), python-central (= 0.5), python-kaa-base, libimlib2-dev (= 1.2.1)

[...]

   File setup.py, line 36, in module
 from kaa.distribution.core import Extension, setup
   File /usr/lib/python2.5/site-packages/kaa/__init__.py, line 39, in 
 module
 from async import TimeoutException, InProgress, InProgressCallback, \
   File /usr/lib/python2.5/site-packages/kaa/async.py, line 977, in module
 import main
   File /usr/lib/python2.5/site-packages/kaa/main.py, line 50, in module
 from process import supervisor
   File /usr/lib/python2.5/site-packages/kaa/process.py, line 180, in 
 module
 supervisor = _Supervisor()
   File /usr/lib/python2.5/site-packages/kaa/process.py, line 81, in __init__
 raise SystemError('kaa.base requires Python 2.5 or later')
 SystemError: kaa.base requires Python 2.5 or later
 make: *** [debian/python-module-stampdir/python-kaa-imlib2] Error 1
 dpkg-buildpackage: error: debian/rules build gave error exit status 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=ia64pkg=kaa-imlib2ver=0.2.3-2



---End Message---
---BeginMessage---
Source: kaa-base
Source-Version: 0.6.0-2

We believe that the bug you reported is fixed in the latest version of
kaa-base, which is due to be installed in the Debian FTP archive:

kaa-base_0.6.0-2.diff.gz
  to main/k/kaa-base/kaa-base_0.6.0-2.diff.gz
kaa-base_0.6.0-2.dsc
  to main/k/kaa-base/kaa-base_0.6.0-2.dsc
python-kaa-base_0.6.0-2_i386.deb
  to main/k/kaa-base/python-kaa-base_0.6.0-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
A Mennucc1 mennu...@debian.org (supplier of updated kaa-base package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 21:48:59 +0100
Source: kaa-base
Binary: python-kaa-base
Architecture: source i386
Version: 0.6.0-2
Distribution: unstable
Urgency: low
Maintainer: Freevo Debian Dream Team pkg-freevo-ma...@lists.alioth.debian.org
Changed-By: A Mennucc1 mennu...@debian.org
Description: 
 python-kaa-base - Base Kaa Framework for all Kaa Modules
Closes: 559633
Changes: 
 kaa-base (0.6.0-2) unstable; urgency=low
 .
   * libc6 is /lib/libc6.so.6.1 in IA64 (Closes: #559633).
   * Add myself to uploaders.
Checksums-Sha1: 
 6a9c99f04d40a8da1cea1d0f8f83791ceb7c88b2 1414 kaa-base_0.6.0-2.dsc
 0317a4d05648287f75a8ec437d99db7cf1d051a5 4174 kaa-base_0.6.0-2.diff.gz
 4723d6e3d88815bda5f875e10bd80806f3878793 217634 
python-kaa-base_0.6.0-2_i386.deb
Checksums-Sha256: 
 c9571c0fd07e40c15a90a8282cf7e7aa0e3ebec1742a4d9a5e79bc801dbc8453 1414 
kaa-base_0.6.0-2.dsc
 5dca61eaafc832cea7746f3cf510fcd3c6cfa16d26dec7c672d31af989aec49c 4174 
kaa-base_0.6.0-2.diff.gz
 4f63bc5e2c75e78a916352bfc8dd614456297720ce63b4b901e2832f904dbb0f 217634 
python-kaa-base_0.6.0-2_i386.deb
Files: 
 dd7edef062e8d17f612d666311458332 1414 python optional kaa-base_0.6.0-2.dsc
 1bdf2b2dddae09c5ff82514ea16cc975 4174 python optional kaa-base_0.6.0-2.diff.gz
 f8b9a13b205f21b155e1b651e034ab0a 217634 python optional 
python-kaa-base_0.6.0-2_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksda1AACgkQ9B/tjjP8QKSDoACeLUCPPcuOC4aFcknIEQxf8sLE
BLYAoIUVUps4iHZggw9gYeQut6fDTrZ1
=A3yw
-END PGP SIGNATURE-


---End Message---

Bug#559913: marked as done (FTBFS - chrpath: Command not found)

Your message dated Mon, 07 Dec 2009 21:41:56 +
with message-id e1nhlla-0002k0...@ries.debian.org
and subject line Bug#559913: fixed in hdf-eos4 2.16v1.00.dfsg.2-4
has caused the Debian Bug report #559913,
regarding FTBFS - chrpath: Command not found
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559913
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: hdf-eos4
Version: 2.16v1.00.dfsg.2-3
Severity: serious

And now fails because of:

[...]
make[2]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2'
make[1]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2'
dh_installdirs -plibhdfeos0 
# Broken build system needs -rpath. Remove it after install.
chrpath -d  debian/tmp/usr/lib/libhdfeos.so.0.0.0
make: chrpath: Command not found
make: *** [install/libhdfeos0] Error 127
dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave error 
exit status 2


---End Message---
---BeginMessage---
Source: hdf-eos4
Source-Version: 2.16v1.00.dfsg.2-4

We believe that the bug you reported is fixed in the latest version of
hdf-eos4, which is due to be installed in the Debian FTP archive:

hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz
hdf-eos4_2.16v1.00.dfsg.2-4.dsc
  to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-4.dsc
libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb
  to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb
libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb
  to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alastair McKinstry mckins...@debian.org (supplier of updated hdf-eos4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 19:58:52 +
Source: hdf-eos4
Binary: libhdfeos0 libhdfeos-dev
Architecture: source i386
Version: 2.16v1.00.dfsg.2-4
Distribution: unstable
Urgency: low
Maintainer: Alastair McKinstry mckins...@debian.org
Changed-By: Alastair McKinstry mckins...@debian.org
Description: 
 libhdfeos-dev - Development files for the HDF-EOS4 library
 libhdfeos0 - Earth Observation System extensions to HDF4
Closes: 559913
Changes: 
 hdf-eos4 (2.16v1.00.dfsg.2-4) unstable; urgency=low
 .
   * Build with pbuilder. Add chrpath dependency. Closes: #559913.
Checksums-Sha1: 
 7c80ea41deca18ebc3348376919a55a596ea7ce1 1220 hdf-eos4_2.16v1.00.dfsg.2-4.dsc
 a9ae683221c0bf210be7635d3cef3a9528b8fb98 8707 
hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz
 858bd514d9d95179f63c566e4c0c5b5ae3c113d4 106680 
libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb
 dd67469bbf195a1fc2e424ff1019698db0601fe5 182622 
libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb
Checksums-Sha256: 
 dbe0dd00283dca05a66cdb031d43ae8ce418a3f631c0ab90d0efb419fc530dd5 1220 
hdf-eos4_2.16v1.00.dfsg.2-4.dsc
 28db847ca950a76257f22aff42756ef1f96ffe5772479593d5b736e2a25c22e3 8707 
hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz
 9b327e70042c53bbb06d7bba20f888b51353da635a209d1d673c512cee12d5c6 106680 
libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb
 18a42dfdc5cea221c591debe10eb97428d60cf9ea26eb5bb31f08af57ced02b3 182622 
libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb
Files: 
 67ac14b75f7256cf14f8041c7ed87402 1220 libs optional 
hdf-eos4_2.16v1.00.dfsg.2-4.dsc
 fd875552e908263b0e1ad67ca66e4663 8707 libs optional 
hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz
 5fba2d6649a0efd121b3618fc8a5f354 106680 libs optional 
libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb
 d801bc88cc5ab40b664e4a2c48c6dcbc 182622 libdevel optional 
libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFLHWElQTK/kCo4XFcRAsSsAJ4mB8JHs1emJ7oF94ln9VuFg4aa4wCgqHC6
4YdyBviwDeeSjmgbRjCPeyc=
=5LL3
-END PGP SIGNATURE-


---End Message---

Bug#553557: marked as done (smb2www: dir-or-file-in-var-www /var/www/samba-images)

Your message dated Mon, 07 Dec 2009 21:50:15 +
with message-id e1nhltd-0003f6...@ries.debian.org
and subject line Bug#553557: fixed in smb2www 980804-38
has caused the Debian Bug report #553557,
regarding smb2www: dir-or-file-in-var-www /var/www/samba-images
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
553557: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553557
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: smb2www
Version: 980804-37
Severity: serious
User: lintian-ma...@debian.org
Usertags: dir-or-file-in-var-www

Debian packages should not install files under /var/www. This is not
one of the /var directories in the File Hierarchy Standard and is
under the control of the local administrator. Packages should not
assume that it is the document root for a web server; it is very
common for users to change the default document root and packages
should not assume that users will keep any particular setting. 

Packages that want to make files available via an installed web server
should instead put instructions for the local administrator in a
README.Debian file and ideally include configuration fragments for
common web servers such as Apache.

As an exception, packages are permitted to create the /var/www
directory due to its past history as the default document root, but
should at most copy over a default file in postinst for a new install.

Refer to Filesystem Hierarchy Standard (The /var Hierarchy) for
details.

One solution that works is to put configuration files into
/etc/package_name, put static content, if any, into
/usr/{share,lib}/package_name, then create /var/lib/package name
as home for the package, and symlink the files from /etc and /usr/
into the /var/lib/package_name. Then create a simple set of
configuration snippets for popular web servers (for example, files one
may link into /etc/apache2/conf.d) and put them into
/etc/package_name. This way user modifiable files stil live in /etc,
and a simple operation can make the package go live.

Filed as serious, since this is a violation of the FHS (which is part
of policy), and also since a package with these files will currently
get this package rejected. See
  http://lists.debian.org/debian-devel-announce/2009/10/msg4.html
for details. This means the package has been deemed too buggy to be in
Debian.

manoj


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'oldstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.4-anzu-2 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages smb2www depends on:
ii  apache2   2.2.14-1   Apache HTTP Server metapackage
ii  apache2-mpm-prefork [httpd-cg 2.2.14-1   Apache HTTP Server - traditional n
ii  cdebconf [debconf-2.0]0.145  Debian Configuration Management Sy
ii  debconf [debconf-2.0] 1.5.28 Debian configuration management sy
ii  perl  5.10.1-6   Larry Wall's Practical Extraction 
ii  smbclient 2:3.4.2-1  command-line SMB/CIFS clients for 

smb2www recommends no packages.

smb2www suggests no packages.


---End Message---
---BeginMessage---
Source: smb2www
Source-Version: 980804-38

We believe that the bug you reported is fixed in the latest version of
smb2www, which is due to be installed in the Debian FTP archive:

smb2www_980804-38.diff.gz
  to main/s/smb2www/smb2www_980804-38.diff.gz
smb2www_980804-38.dsc
  to main/s/smb2www/smb2www_980804-38.dsc
smb2www_980804-38_all.deb
  to main/s/smb2www/smb2www_980804-38_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 553...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robert Luberda rob...@debian.org (supplier of updated smb2www package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 00:59:40 +0100
Source: smb2www
Binary: smb2www
Architecture: source all
Version: 980804-38
Distribution: unstable
Urgency: low
Maintainer: Robert Luberda rob...@debian.org
Changed-By: Robert Luberda

Bug#559724: marked as done (stockfish - FTBFS: error: unrecognized command line option -msse)

Your message dated Mon, 07 Dec 2009 21:50:32 +
with message-id e1nhltu-0003jw...@ries.debian.org
and subject line Bug#559724: fixed in stockfish 1.5.1JA-2
has caused the Debian Bug report #559724,
regarding stockfish - FTBFS: error: unrecognized command line option -msse
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559724: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559724
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: stockfish
Version: 1.5.1JA-1
Severity: serious

There was an error while trying to autobuild your package:

 sbuild (Debian sbuild) 0.58.2 (15 Jun 2009) on lxdebian.bfinv.de
[...]
 g++ -msse -MM application.cpp bitboard.cpp pawns.cpp material.cpp endgame.cpp 
 evaluate.cpp main.cpp misc.cpp move.cpp movegen.cpp history.cpp movepick.cpp 
 search.cpp piece.cpp position.cpp direction.cpp tt.cpp value.cpp uci.cpp 
 ucioption.cpp mersenne.cpp book.cpp bitbase.cpp san.cpp benchmark.cpp  
 .depend
 cc1plus: error: unrecognized command line option -msse
 cc1plus: error: unrecognized command line option -msse

Please note that that code built with -msse will not work on machines
without and Debian supports such.


---End Message---
---BeginMessage---
Source: stockfish
Source-Version: 1.5.1JA-2

We believe that the bug you reported is fixed in the latest version of
stockfish, which is due to be installed in the Debian FTP archive:

stockfish_1.5.1JA-2.diff.gz
  to main/s/stockfish/stockfish_1.5.1JA-2.diff.gz
stockfish_1.5.1JA-2.dsc
  to main/s/stockfish/stockfish_1.5.1JA-2.dsc
stockfish_1.5.1JA-2_i386.deb
  to main/s/stockfish/stockfish_1.5.1JA-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Oliver Korff o...@xynyx.de (supplier of updated stockfish package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 16:19:46 +0100
Source: stockfish
Binary: stockfish
Architecture: source i386
Version: 1.5.1JA-2
Distribution: unstable
Urgency: low
Maintainer: Oliver Korff o...@xynyx.de
Changed-By: Oliver Korff o...@xynyx.de
Description: 
 stockfish  - strong chess engine, to play chess against
Closes: 559724
Changes: 
 stockfish (1.5.1JA-2) unstable; urgency=low
 .
   * FTBS Bug: I had to find out, that stockfish uses architecture
 specific SSE extensions. At the moment I counter this by specifying
 the architectures, that are known to work: i386 amd64 kfreebsd-amd64
 kfreebsd-i386 kfreebsd-amd64. This matter will be discussed with
 upstream. (Closes: 559724)
   * Removed knights from Recommends: field, the package is not up to date
   * Adjusted the description slightly
Checksums-Sha1: 
 df66eaf25224816c1c3bd693e3aa493169594f9a 1004 stockfish_1.5.1JA-2.dsc
 4cc4cff81aed67f197b0fc6f96e2dc3a3ff125bc 13045 stockfish_1.5.1JA-2.diff.gz
 cae6396be1bbaac96ac8fe798d18f4d208d726ab 145748 stockfish_1.5.1JA-2_i386.deb
Checksums-Sha256: 
 5042baabb22d25be4d13a85f4b63723314157728327b8a3ad50403b7921ad528 1004 
stockfish_1.5.1JA-2.dsc
 071ab3b6ef980a01c7beb7b39f32faf77bd4f1e5d4fc7f6473567369368c2e2a 13045 
stockfish_1.5.1JA-2.diff.gz
 acf43ee1818055072cb4f1472066232dcc39c990b6093e66e610f8836fd98ee6 145748 
stockfish_1.5.1JA-2_i386.deb
Files: 
 6a468ddc72f9348314238831735fc56c 1004 games optional stockfish_1.5.1JA-2.dsc
 d84a2a545701bcfefc850f6c0b28 13045 games optional 
stockfish_1.5.1JA-2.diff.gz
 353b38b49c6b2f76350ddefeea6519f6 145748 games optional 
stockfish_1.5.1JA-2_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksdblcACgkQYEKwtdP5dN9OUgCgz+9fh+jhNDdBkKEcZjk9SEl7
ECoAnRJCU9vR56SxHlkcvnPUAG2ZcXY8
=rRVO
-END PGP SIGNATURE-


---End Message---

Processed: Heimdal bug

Processing commands for cont...@bugs.debian.org:

 reassign 559910 heimdal-dev
Bug #559910 [heimdal-dev,libeditline-dev] libeditline-dev and heimdal-dev: 
error when trying to install together
Bug reassigned from package 'heimdal-dev,libeditline-dev' to 'heimdal-dev'.
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559892: FTBFS: dpkg-gensymbols returned exit code 1

2009-12-07 Thread Daniel Kobras

Hi!

On Mon, Dec 07, 2009 at 09:39:06AM -0700, dann frazier wrote:
 dpkg-gensymbols: warning: debian/libmpg123-0/DEBIAN/symbols doesn't match 
 completely debian/libmpg123-0.symbols.hppa
 --- debian/libmpg123-0.symbols.hppa (libmpg123-0 hppa)
 +++ dpkg-gensymbolsDGA3bj 2009-12-07 00:12:02.0 +
 @@ -48,7 +48,7 @@
   mpg123_meta_ch...@base 1.6.2
   mpg123_...@base 1.6.2
   mpg123_new_p...@base 1.6.2
 - mpg123_no...@base 1.10.0
 +#MISSING: 1.10.0-1# mpg123_no...@base 1.10.0
   mpg123_open...@base 1.6.2
   mpg123_open_fd...@base 1.6.2
   mpg123_open_f...@base 1.6.2

It turns out that mpg123_noise is only present when dithering is enabled.  In
Debian, apart from i386 and amd64 no other arch turns on this feature at the
moment. This bug could be fixed using configure flag --with-cpu=generic_dither
on these archs, or simply by adjusting the arch-specific symbols files, but I'd
like to check with upstream first whether the symbol is really meant to be
exported in the first place.

Regards,

Daniel.




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559765: jetty: CVE-2007-6672 info disclosure

On Mon, 7 Dec 2009 21:21:14 +0100, Torsten Werner wrote:
 tags 559765 + wontfix
 thanks
 
 On Mon, Dec 7, 2009 at 5:10 PM, Michael Gilbert
 michael.s.gilb...@gmail.com wrote:
  changelog notes are not sufficient justification to close a security
  issue. the source needs to be checked against a patch, so please find a
  way to track that down.  the easiest way is probably to just ask
  upstream. thanks.
 
 No, I think it is your duty as the bug reporter to prove that the
 package is still vulnerable.

because the consequences of security issues can be dire (although in
this case the problem is fairly minor), it is much better to err on the
side of caution when dealing with them.  i can of course spend the time
to study this problem and try to reproduce it, but since there are
already claims that it is fixed, that seems like an unwise use of
time.  it is much more straightforward to simply check that the
existing fix is applied. since you should have a relationship with
upstream, it should be relatively straightforward to get a response
from them. also, this package is your responsibility, so you can't
expect others to do your job for you.

if you think this request is overburdensome/unjustified, you can send an
email to secur...@debian.org.  be aware that they expect this level of
thoroughness at a minimum.

best wishes,
mike



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559944: FTBFS: /usr/bin/ld: bufrdc/bbuprs0.o: relocation R_X86_64_32S against `.rodata.str1.1'…

2009-12-07 Thread Cyril Brulebois

Package: emoslib
Version: 000371+dfsg-1
Severity: serious
Justification: FTBFS

Hi,

your package FTBFS, at least on amd64 and kfreebsd-amd64:
| /usr/bin/ld: bufrdc/bbuprs0.o: relocation R_X86_64_32S against 
`.rodata.str1.1' can not be used when making a shared object; recompile with 
-fPIC
| bufrdc/bbuprs0.o: could not read symbols: Bad value
| collect2: ld returned 1 exit status
| make[1]: *** [build] Error 1

Build logs at the usual place:
  https://buildd.debian.org/status/package.php?suite=unstablep=emoslib

Mraw,
KiBi.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559930: marked as done (FTBFS: fails to relibtoolize)

Your message dated Mon, 07 Dec 2009 22:49:08 +
with message-id e1nhmoc-0001ca...@ries.debian.org
and subject line Bug#559930: fixed in hypre 2.4.0b-6
has caused the Debian Bug report #559930,
regarding FTBFS: fails to relibtoolize
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
559930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559930
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: hypre
Version: 2.4.0b-5
Severity: serious
Justification: FTBFS

Hi,

your package FTBFS:
| (cd src/babel-runtime  libtoolize)
| libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `config'.
| libtoolize: linking file `config/ltmain.sh'
| libtoolize: putting auxiliary files in `config'.
| libtoolize: linking file `libltdl/config/compile'
| libtoolize: linking file `libltdl/config/config.guess'
| libtoolize: linking file `libltdl/config/config.sub'
| libtoolize: linking file `libltdl/config/depcomp'
| libtoolize: linking file `libltdl/config/install-sh'
| libtoolize: linking file `libltdl/config/missing'
| libtoolize: linking file `libltdl/config/ltmain.sh'
| libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'.
| libtoolize: linking file `m4/argz.m4'
| libtoolize: You should add the contents of `m4/argz.m4' to `aclocal.m4'.
| libtoolize: linking file `m4/libtool.m4'
| libtoolize: `/usr/share/aclocal/ltdl.m4' does not exist.
| make: *** [stamp-build] Error 1


Build logs at the usual place:
  https://buildd.debian.org/status/package.php?suite=unstablep=hypre

Mraw,
KiBi.


---End Message---
---BeginMessage---
Source: hypre
Source-Version: 2.4.0b-6

We believe that the bug you reported is fixed in the latest version of
hypre, which is due to be installed in the Debian FTP archive:

hypre_2.4.0b-6.diff.gz
  to main/h/hypre/hypre_2.4.0b-6.diff.gz
hypre_2.4.0b-6.dsc
  to main/h/hypre/hypre_2.4.0b-6.dsc
libhypre-2.4.0_2.4.0b-6_amd64.deb
  to main/h/hypre/libhypre-2.4.0_2.4.0b-6_amd64.deb
libhypre-dev_2.4.0b-6_all.deb
  to main/h/hypre/libhypre-dev_2.4.0b-6_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adam C. Powell, IV hazel...@debian.org (supplier of updated hypre package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 07 Dec 2009 17:22:27 -0500
Source: hypre
Binary: libhypre-2.4.0 libhypre-dev
Architecture: source amd64 all
Version: 2.4.0b-6
Distribution: unstable
Urgency: low
Maintainer: Adam C. Powell, IV hazel...@debian.org
Changed-By: Adam C. Powell, IV hazel...@debian.org
Description: 
 libhypre-2.4.0 - High Performance Matrix Preconditioners - Shared Library
 libhypre-dev - High Performance Matrix Preconditioners - Development Files
Closes: 559930
Changes: 
 hypre (2.4.0b-6) unstable; urgency=low
 .
   * Added libltdl-dev to Build-Depends (closes: #559930).
Checksums-Sha1: 
 9ddf231034c8d32eb6c22d036288fba738089144 1168 hypre_2.4.0b-6.dsc
 efd4267acef771e9392584b9bc55a8688e10c693 10290 hypre_2.4.0b-6.diff.gz
 675cfb5aad9d5befb8f7cf88272c2d1cda03c1cb 1698138 
libhypre-2.4.0_2.4.0b-6_amd64.deb
 c2071b25d13ba0e2b1a9c5455ed042760da55719 151398 libhypre-dev_2.4.0b-6_all.deb
Checksums-Sha256: 
 957ae19449b7bdb244b179a8e5b6dce99e2619240819b2d34796ed732fcd4752 1168 
hypre_2.4.0b-6.dsc
 42273bbc9a7bb9cafa1077945b338fa54d2f4afa9b4dd84f1a34cbbd971a3e61 10290 
hypre_2.4.0b-6.diff.gz
 803ad646205d7a252b69164fa12dab86c0ac018e7ab37f678c87dfb32cc54417 1698138 
libhypre-2.4.0_2.4.0b-6_amd64.deb
 6c3cdc7eba8167ffcf4b944b70af0bc036ad5167508010e15162fdd55a789df3 151398 
libhypre-dev_2.4.0b-6_all.deb
Files: 
 7e0c155ed6bc73d1907faa0ff1d0a9e0 1168 math extra hypre_2.4.0b-6.dsc
 e3c23bdbd409d7ea81256c594aa42a57 10290 math extra hypre_2.4.0b-6.diff.gz
 87ddebd05421736e8714d5d27bff253b 1698138 libs extra 
libhypre-2.4.0_2.4.0b-6_amd64.deb
 304c588005c973e203fbc07ecbe4659f 151398 libdevel extra 
libhypre-dev_2.4.0b-6_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksdge8ACgkQUm8B6FZO5LYClgCePKbO7UInSMknN0cSUtUo55sU
n7sAn1d7R9riAK1P6hgUDcFwI3LnzNTc
=qok5
-END PGP SIGNATURE-


---End Message---

Processed: Re: Heimdal bug

Processing commands for cont...@bugs.debian.org:

 reassign 559910 heimdal-dev heimdal-dev/1.3.1.dfsg.1-1
Bug #559910 [heimdal-dev] libeditline-dev and heimdal-dev: error when trying to 
install together
Ignoring request to reassign bug #559910 to the same package
Bug #559910 [heimdal-dev] libeditline-dev and heimdal-dev: error when trying to 
install together
The source heimdal-dev and version 1.3.1.dfsg.1-1 do not appear to match any 
binary packages
Bug Marked as found in versions heimdal-dev/1.3.1.dfsg.1-1.
 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed (with 4 errors): bug corrections