Bug#559805: marked as done (CVE-2009-3736 local privilege escalation)
Your message dated Mon, 7 Dec 2009 09:16:57 +0100 with message-id 20091207081657.ga31...@orion.carnet.hr and subject line Re: Bug#559805: CVE-2009-3736 local privilege escalation has caused the Debian Bug report #559805, regarding CVE-2009-3736 local privilege escalation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559805: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559805 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: freeradius Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 ---End Message--- ---BeginMessage--- On Sun, Dec 06, 2009 at 11:54:08PM -0500, Michael Gilbert wrote: Package: freeradius Severity: grave Tags: security The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. We don't build the FreeRADIUS binaries with the local libltdl copy, instead we use the normal system libltdl*, which is apparent from the linkage and dependencies, so unless this code somehow inexplicalby crept in, there's no bug. -- 2. That which causes joy or happiness. ---End Message---
Bug#559804: marked as done (CVE-2009-3736 local privilege escalation)
Your message dated Mon, 7 Dec 2009 10:17:03 +0200 with message-id 20091207081703.gc3...@ants.dhis.net and subject line Re: Bug#559804: CVE-2009-3736 local privilege escalation has caused the Debian Bug report #559804, regarding CVE-2009-3736 local privilege escalation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559804: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559804 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: dico Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 ---End Message--- ---BeginMessage--- Thanks for the report. dico is not linked against libltdl that is shipped in upstream tarball, that was done by passing --without-included-ltdl to configure script when called by debian/rules. I also confirmed this by checking the build logs for dico: http://buildd.debian.org/pkg.cgi?pkg=dico So, the problem would go away once #559797 is fixed. -- أحمد المحمودي (Ahmed El-Mahmoudy) Digital design engineer GPG KeyID: 0xEDDDA1B7 (@ subkeys.pgp.net) GPG Fingerprint: 8206 A196 2084 7E6D 0DF8 B176 BC19 6A94 EDDD A1B7 ---End Message---
Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0
Package: frei0r-plugins Version: 1.1.22git20090409-2 Severity: serious Hi, here is the problem: $ fakeroot apt-get -b source frei0r-plugins [...] /bin/sh ../libtool --tag=CC --mode=compile cc -std=gnu99 -DHAVE_CONFIG_H -I. -I../include -I../include -I/usr/include/opencv -DOPENCV_PREFIX=/usr -g -O2 -g -Wall -O2 -g -O2 -g -Wall -O2 -c -o facedetect_la-facedetect.lo `test -f 'filter/facedetect/facedetect.c' || echo './'`filter/facedetect/facedetect.c rm: invalid argument: `' cc -std=gnu99 -DHAVE_CONFIG_H -I. -I../include -I../include -I/usr/include/opencv -DOPENCV_PREFIX=/usr -g -O2 -g -Wall -O2 -g -O2 -g -Wall -O2 -c filter/facedetect/facedetect.c -fPIC -DPIC -o .libs/facedetect_la-facedetect.o In file included from /usr/include/opencv/cxcore.hpp:46, from /usr/include/opencv/cxcore.h:2123, from /usr/include/opencv/cv.h:58, from filter/facedetect/facedetect.c:20: /usr/include/opencv/cxmisc.h:52:26: error: cvconfig.h: No such file or directory make[2]: *** [facedetect_la-facedetect.lo] Error 1 make[2]: Leaving directory `/tmp/frei0r-1.1.22git20090409/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/tmp/frei0r-1.1.22git20090409' make: *** [debian/stamp-makefile-build] Error 2 dpkg-buildpackage: error: debian/rules build gave error exit status 2 Build command 'cd frei0r-1.1.22git20090409 dpkg-buildpackage -b -uc' failed. E: Child process failed Removing the -DHAVE_CONFIG_H option allows cv.h to be included without error. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.31-1-686-bigmem (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages frei0r-plugins depends on: ii libc6 2.10.2-2 GNU C Library: Shared libraries pn libcv1none (no description available) pn libcvaux1 none (no description available) ii libgavl1 1.1.1-2low level audio and video library ii libgcc1 1:4.4.2-3 GCC support library pn libhighgui1 none (no description available) ii libstdc++64.4.2-3The GNU Standard C++ Library v3 frei0r-plugins recommends no packages. frei0r-plugins suggests no packages. -- Laurent Bonnaud. http://www.lis.inpg.fr/pages_perso/bonnaud/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#515321: Depends on GTK 1.2
Hi, On Sun, 6 Dec 2009, Moritz Muehlenhoff wrote: libjsw build-depends on libgtk1.2-dev, which will be removed for Squeeze. Please port it to GTK 2 or request it's removal. Darren, what's the status? Shall we go ahead and remove libjsw (and searchandrescue along with it)? Unfortunately, I don't have time to take on libjsw. From the point of searchandrescue, I'm hoping to either modify it to use a different joystick interface, or simply disable the joystick (since it's playable with keyboard only). Either way, I have to do some work on searchandrescue. Cheers, Phil. -- Phil Brooke OpenPGP key: 1024D/50973B91 2000-12-19 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559802: CVE-2009-3736 local privilege escalation
Michael Gilbert wrote: Package: courier-authlib Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Is there a patch available for the vulnerability? I don't know which modifications were applied upstream to the libtool copy. Regards Racke -- LinuXia Systems = http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP = http://www.icdevgroup.org/ Interchange Development Team -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559836: CVE-2009-3736 local privilege escalation
Manuel, are you going to handle this issue or do you want me to do it ? Thanks Sylvestre Le lundi 07 décembre 2009 à 00:06 -0500, Michael Gilbert a écrit : Package: openmpi Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the binary packages are not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0
reassign 559855 libcv-dev affects 559855 frei0r-plugins thanks On Mon, Dec 07, 2009 at 09:20 AM, Laurent Bonnaud wrote: Hi Laurent, Removing the -DHAVE_CONFIG_H option allows cv.h to be included without error. HAVE_CONFIG_H is automatically defined by autotools when autoheader is used. I think OpenCV should use less generic names in their public headers, something like HAVE_CV_CONFIG_H . Thank you, Luca -- Beware of programmers who carry screwdrivers. -- Leonard Brandwein http://shammash.homelinux.org/ - http://www.artha.org/ - http://www.yue.it/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: gnome-bluetooth] read/write access to the /dev/rfkill device is required
Processing commands for cont...@bugs.debian.org: severity 552185 serious Bug #552185 [gnome-bluetooth] [gnome-bluetooth] read/write access to the /dev/rfkill device is required Severity set to 'serious' from 'minor' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0
Processing commands for cont...@bugs.debian.org: reassign 559855 libcv-dev Bug #559855 [frei0r-plugins] frei0r-plugins: FTBFS with OpenCV 2.0 Bug reassigned from package 'frei0r-plugins' to 'libcv-dev'. Bug No longer marked as found in versions frei0r/1.1.22git20090409-2. affects 559855 frei0r-plugins Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0 Added indication that 559855 affects frei0r-plugins thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#552185: gnome-bluetooth] read/write access to the /dev/rfkill device is required
severity 552185 serious thanks Dear all, since the last dist-upgrade the situation has worsened for me. I am not even able to enable bluetooth via gnome-bluetooth anymore. To be honest, I am not sure if maybe the bluez upgrade (4.42 - 4.57) has caused this issue, but since bluetooth doesn't work at all, I am raising severity. Something has to be done quickly, I don't consider the current bluetooth situation ready for release. Cheers, Fabian -- Dipl.-Phys. Fabian Greffrath Ruhr-Universität Bochum Lehrstuhl für Energieanlagen und Energieprozesstechnik (LEAT) Universitätsstr. 150, IB 3/134 D-44780 Bochum Telefon: +49 (0)234 / 32-26334 Fax: +49 (0)234 / 32-14227 E-Mail: greffr...@leat.ruhr-uni-bochum.de -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559839: marked as done (CVE-2009-3736 local privilege escalation)
Your message dated Mon, 7 Dec 2009 10:18:13 +0100 (CET) with message-id c5349c17ab7f47e3e20afd09ce3896bb.squir...@www.linux-dev.org and subject line Re: Bug#559839: CVE-2009-3736 local privilege escalation has caused the Debian Bug report #559839, regarding CVE-2009-3736 local privilege escalation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559839: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559839 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: sbnc Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the binary packages are not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 ---End Message--- ---BeginMessage--- Hi, this is already fixed, also in the Lenny release, look here: http://packages.debian.org/changelogs/pool/main/s/sbnc/current/changelog#versionversion1.2-8 So I am closing. Package: sbnc Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the binary packages are not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 ---End Message---
Processed: notfound 559765 in 6.1.21-1
Processing commands for cont...@bugs.debian.org: notfound 559765 6.1.21-1 Bug #559765 [jetty] jetty: CVE-2007-6672 info disclosure Bug No longer marked as found in versions jetty/6.1.21-1. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#557781: apt-proxy: lacks dep on zope.interface
reassign 557781 python-twisted-core thanks Bonjour Yann, On Tue, Nov 24, 2009 at 12:44:37PM +0100, Yann Dirson wrote: Package: apt-proxy Version: 1.9.36.3+nmu2 Severity: serious While updating today both apt-proxy and zope.interface, I got the following error. It looks like apt-proxy requires zope.interface but does not declare a dependency on it. Shouldn't lintian detect such problems ? apt-proxy depends on python-twisted-web, which depends on python-twisted-core, which finally depends on python-zope.interface | python-zopeinterface (= 3.2.1-3). This means that zope.interface module is an indirect dependendy of apt-proxy and should be installed anyway... I'm reassigning this bug to python-twisted-core as it seems it's a dependency issue in twisted. Cheers, Xavier Paramétrage de apt-proxy (1.9.36.3+nmu2) ... update-rc.d: warning: apt-proxy stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (1) insserv: warning: current stop runlevel(s) (0 1 6) of script `apt-proxy' overwrites defaults (1). insserv: warning: current stop runlevel(s) (0 1 6) of script `pwrkap' overwrites defaults (empty). insserv: warning: current stop runlevel(s) (0 1 6) of script `cpufrequtils' overwrites defaults (empty). Starting apt-proxy:Traceback (most recent call last): File /usr/bin/twistd, line 20, in module from twisted.scripts.twistd import run File /usr/lib/python2.5/site-packages/twisted/scripts/twistd.py, line 11, in module from twisted.application import app File /usr/lib/python2.5/site-packages/twisted/application/app.py, line 7, in module from twisted.python import runtime, log, usage, failure, util, logfile File /usr/lib/python2.5/site-packages/twisted/python/log.py, line 17, in module from zope.interface import Interface ImportError: No module named interface failed! [...] Paramétrage de python-zope.interface (3.5.2-2) ... -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (101, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686-bigmem (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages apt-proxy depends on: ii adduser 3.111 add and remove users and groups ii bzip21.0.5-3 high-quality block-sorting file co ii debconf [debconf-2.0]1.5.28 Debian configuration management sy ii logrotate3.7.8-4 Log rotation utility ii python 2.5.4-2 An interactive high-level object-o ii python-apt 0.7.13.3Python interface to libapt-pkg ii python-central 0.6.12+nmu1 register and build utility for Pyt ii python-twisted-web 8.2.0-2 An HTTP protocol implementation to apt-proxy recommends no packages. Versions of packages apt-proxy suggests: ii rsync 3.0.6-1fast remote file copy program (lik -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#557781: apt-proxy: lacks dep on zope.interface
Processing commands for cont...@bugs.debian.org: reassign 557781 python-twisted-core Bug #557781 [apt-proxy] apt-proxy: lacks dep on zope.interface Bug reassigned from package 'apt-proxy' to 'python-twisted-core'. Bug No longer marked as found in versions apt-proxy/1.9.36.3+nmu2. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559765: marked as done (jetty: CVE-2007-6672 info disclosure)
Your message dated Mon, 07 Dec 2009 10:38:07 +0100 with message-id 4b1cccff.2070...@thykier.net and subject line Re: Bug#559765: jetty: CVE-2007-6672 info disclosure has caused the Debian Bug report #559765, regarding jetty: CVE-2007-6672 info disclosure to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559765: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559765 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: jetty Version: 6.1.21-1 Severity: serious Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for jetty. CVE-2007-6672[0]: | Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass | protection mechanisms and read the source of files via multiple '/' | (slash) characters in the URI. This may already be fixed. Some of the messages that are linked from the mitre page indiced that supposedly this was to be fixed in 6.1.7, but I was unable to track down patches to verify. Please check. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6672 http://security-tracker.debian.org/tracker/CVE-2007-6672 ---End Message--- ---BeginMessage--- Michael Gilbert wrote: Package: jetty Version: 6.1.21-1 Severity: serious Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for jetty. CVE-2007-6672[0]: | Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass | protection mechanisms and read the source of files via multiple '/' | (slash) characters in the URI. This may already be fixed. Some of the messages that are linked from the mitre page indiced that supposedly this was to be fixed in 6.1.7, but I was unable to track down patches to verify. Please check. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6672 http://security-tracker.debian.org/tracker/CVE-2007-6672 ___ pkg-java-maintainers mailing list pkg-java-maintain...@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers Hi Michael Thank you for your report. I found the upstream bug report[1] where upstream say they have fixed it in 6.1.7 (and provide a fix for earlier versions as well) - I saw no reason to doubt this. Nevertheless if you can reproduce the issue, please do not hesitate to reopen the bug. ~Niels [1] http://jira.codehaus.org/browse/JETTY-386?focusedCommentId=117699page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#action_117699 quote [...] Release 6.1.7 is now being created with this fix. [...] /quote signature.asc Description: OpenPGP digital signature ---End Message---
Bug#558099:
exactly nothing happens, the alarm doesn't get added to the overview and it won't alarm you at the specified time. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#516182: linpopup: Gtk1.2 about to be removed from Debian
On Sun 06 Dec 2009, Moritz Muehlenhoff wrote: What's the status? Do you intend to update to linpopup2 for Squeeze or shall we remove linpopup from the archive? Given that it's obsolete on Windows for a long time (according to Wikipedia it was dropped with Windows NT), this seems sensible. I agree that it's most probably obsolete, and time to remove it. Paul -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#540427: Real patch for my NMU
|--== On Mon, 7 Dec 2009 06:19:40 +0100, Cyril Brulebois k...@debian.org said: CB Sorry about the first NMU, looks like I only removed libc6-dev from CB Build-Depends on a porter box, and checked it was OK there; and only CB wrote about it on my devel box, where the NMU was prepared. Hopefully CB the next one is OK. Sorry about that. No worries. Thanks for having fixed this. Ciao! Free -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: fails to install if /etc/sysctl.d/ not present
Processing commands for cont...@bugs.debian.org: retitle 559754 fails to install if /etc/sysctl.d/ not present Bug #559754 [netbase] netbase: Fails to install on non-Linux Changed Bug title to 'fails to install if /etc/sysctl.d/ not present' from 'netbase: Fails to install on non-Linux' severity 559754 serious Bug #559754 [netbase] fails to install if /etc/sysctl.d/ not present Severity set to 'serious' from 'important' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: merge
Processing commands for cont...@bugs.debian.org: forcemerge 559857 559855 Bug#559857: libcv-dev: cv.h does not compile with Bug#559855: frei0r-plugins: FTBFS with OpenCV 2.0 Forcibly Merged 559855 559857. severity 559857 serious Bug #559857 [libcv-dev] libcv-dev: cv.h does not compile with Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0 Severity set to 'serious' from 'important' Severity set to 'serious' from 'important' affects 559857 gimp-plugin-registry Bug #559857 [libcv-dev] libcv-dev: cv.h does not compile with Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0 Added indication that 559857 affects gimp-plugin-registry Added indication that 559855 affects gimp-plugin-registry retitle 559857 libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H from autotools/autoheader Bug #559857 [libcv-dev] libcv-dev: cv.h does not compile with Bug #559855 [libcv-dev] frei0r-plugins: FTBFS with OpenCV 2.0 Changed Bug title to 'libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H from autotools/autoheader' from 'libcv-dev: cv.h does not compile with' Changed Bug title to 'libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H from autotools/autoheader' from 'frei0r-plugins: FTBFS with OpenCV 2.0' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559857: libcv-dev: cv.h does not compile with -DHAVE_CONFIG_H from autotools/autoheader
Hi, this bug also affects gimp-plugin-registry: $ fakeroot apt-get -b source gimp-plugin-registry [...] Making all in src make[4]: Entering directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src/src' if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -D_REENTRANT -pthread -I/usr/include/gimp-2.0 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/gtk-2.0 -I/usr/lib/gtk-2.0/include -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pango-1.0 -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/directfb -I/usr/include/libpng12 -I/usr/include `pkg-config --cflags opencv` -DLOCALEDIR=\/usr/share/locale\ -DDATADIR=\/usr/share/dustcleaner\ -Wall -g -O2 -fno-tree-pre -MT dustcleaner_gimp_plugin.o -MD -MP -MF .deps/dustcleaner_gimp_plugin.Tpo \ -c -o dustcleaner_gimp_plugin.o `test -f 'dustcleaner_gimp_plugin.c' || echo './'`dustcleaner_gimp_plugin.c; \ then mv -f .deps/dustcleaner_gimp_plugin.Tpo .deps/dustcleaner_gimp_plugin.Po; \ else rm -f .deps/dustcleaner_gimp_plugin.Tpo; exit 1; \ fi In file included from /usr/include/opencv/cxcore.hpp:46, from /usr/include/opencv/cxcore.h:2123, from /usr/include/opencv/cv.h:58, from dust.h:31, from dustcleaner_gimp_plugin.c:34: /usr/include/opencv/cxmisc.h:52:26: error: cvconfig.h: No such file or directory make[4]: *** [dustcleaner_gimp_plugin.o] Error 1 make[4]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src/src' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner/src' make[1]: *** [build-stamp] Error 2 make[1]: Leaving directory `/tmp/gimp-plugin-registry-2.2/dustcleaner' make: *** [build-stamp] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 Build command 'cd gimp-plugin-registry-2.2 dpkg-buildpackage -b -uc' failed. E: Child process failed -- Laurent Bonnaud. http://www.lis.inpg.fr/pages_perso/bonnaud/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#525549: gnucash: Missing account file
On Mon, 2009-12-07 at 08:48 +0100, Micha Lenk wrote: Hi Sam, Sam Morris wrote: I would appreciate it if you could make a gnucash-dbg package available to aid in debugging this further. Gnucash 2.2.9-2, currently available in Debian unstable, has now a gnucash-dbg package with debugging symbols. Could you triage your bug again with this package installed? Wow, thanks for that! I ran into this again yesterday but there was no segfault. I will update this bug again as soon as I have more information. Thanks in advance. Regards Micha -- Sam Morris s...@robots.org.uk -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#558816: marked as done (ubuntu-dev-tools and buildd: error when trying to install together)
Your message dated Mon, 07 Dec 2009 11:32:23 + with message-id e1nhbph-00074j...@ries.debian.org and subject line Bug#558816: fixed in ubuntu-dev-tools 0.84 has caused the Debian Bug report #558816, regarding ubuntu-dev-tools and buildd: error when trying to install together to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 558816: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558816 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: buildd,ubuntu-dev-tools Version: buildd/0.59.0-1 Version: ubuntu-dev-tools/0.83debian1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2009-11-30 Architecture: amd64 Distribution: sid Hi, automatic installation tests of packages that share a file and at the same time do not conflict by their package dependency relationships has detected the following problem: WARNING: The following packages cannot be authenticated! libdb4.6 exim4-config exim4-base libpcre3 exim4-daemon-light exim4 libdb4.5 libsqlite3-0 mime-support patch python2.5-minimal python2.5 python-minimal python python-central binutils bzip2 dctrl-tools liblzma1 xz-utils make libtimedate-perl dpkg-dev devscripts diffstat dupload libboost-system1.40.0 libboost-filesystem1.40.0 libboost-program-options1.40.0 libicu42 libboost-regex1.40.0 libfilesys-df-perl liblockdev1 python-support lsb-release python-apt python-debian python-httplib2 python-simplejson python-pkg-resources python-lazr.uri python-wadllib python-zope.interface python-lazr.restfulclient python-oauth python-launchpadlib schroot-common schroot sudo ubuntu-dev-tools libsbuild-perl sbuild buildd W: cowdancer: unsupported operation, read-only open and fchown/fchmod/flock: 2055:5406998 W: cowdancer: unsupported operation, read-only open and fchown/fchmod/flock: 2055:5407760 W: cowdancer: unsupported operation, read-only open and fchown/fchmod/flock: 2055:5406727 Extracting templates from packages: 56% Extracting templates from packages: 100% Preconfiguring packages ... Authentication warning overridden. Can not write log, openpty() failed (/dev/pts not mounted?) Selecting previously deselected package libdb4.6. (Reading database ... 10438 files and directories currently installed.) Unpacking libdb4.6 (from .../libdb4.6_4.6.21-15_amd64.deb) ... Selecting previously deselected package exim4-config. Unpacking exim4-config (from .../exim4-config_4.69-11_all.deb) ... Selecting previously deselected package exim4-base. Unpacking exim4-base (from .../exim4-base_4.69-11+b1_amd64.deb) ... Selecting previously deselected package libpcre3. Unpacking libpcre3 (from .../libpcre3_7.8-3_amd64.deb) ... Selecting previously deselected package exim4-daemon-light. Unpacking exim4-daemon-light (from .../exim4-daemon-light_4.69-11+b1_amd64.deb) ... Selecting previously deselected package exim4. Unpacking exim4 (from .../archives/exim4_4.69-11_all.deb) ... Selecting previously deselected package libdb4.5. Unpacking libdb4.5 (from .../libdb4.5_4.5.20-13.1_amd64.deb) ... Selecting previously deselected package libsqlite3-0. Unpacking libsqlite3-0 (from .../libsqlite3-0_3.6.20-1_amd64.deb) ... Selecting previously deselected package mime-support. Unpacking mime-support (from .../mime-support_3.46-1_all.deb) ... Selecting previously deselected package patch. Unpacking patch (from .../patch_2.5.9-5_amd64.deb) ... Selecting previously deselected package python2.5-minimal. Unpacking python2.5-minimal (from .../python2.5-minimal_2.5.4-3_amd64.deb) ... Selecting previously deselected package python2.5. Unpacking python2.5 (from .../python2.5_2.5.4-3_amd64.deb) ... Selecting previously deselected package python-minimal. Unpacking python-minimal (from .../python-minimal_2.5.4-2_all.deb) ... Selecting previously deselected package python. Unpacking python (from .../python_2.5.4-2_all.deb) ... Selecting previously deselected package python-central. Unpacking python-central (from .../python-central_0.6.13_all.deb) ... Selecting previously deselected package binutils. Unpacking binutils (from .../binutils_2.20-4_amd64.deb) ... Selecting previously deselected package bzip2. Unpacking bzip2 (from .../bzip2_1.0.5-3_amd64.deb) ... Selecting previously deselected package dctrl-tools. Unpacking dctrl-tools (from .../dctrl-tools_2.13.1_amd64.deb) ... Selecting previously deselected package liblzma1. Unpacking liblzma1 (from .../liblzma1_4.999.9beta+20091116-1_amd64.deb) ... Selecting previously deselected package xz-utils. Unpacking xz-utils (from .../xz-utils_4.999.9beta+20091116-1_amd64.deb) ... Selecting
Bug#559754: fails to install if /etc/sysctl.d/ not present
On Dec 07, Michael Biebl bi...@debian.org wrote: The obvious fix for this is, that the netbase postinst should simply create the /etc/sysctl.d/ directory if not existent. I do not want an obvious fix, I want the people who care about non-linux ports to tell me how they should be tested for. -- ciao, Marco signature.asc Description: Digital signature
Bug#544903: marked as done (CVE-2009-2195 WebKit: buffer overflow in floating point numbers parsing)
Your message dated Mon, 7 Dec 2009 12:55:12 +0100 with message-id 200912071255.12302.f...@debian.org and subject line CVE-2009-2195 WebKit: buffer overflow in floating point numbers parsing has caused the Debian Bug report #544903, regarding CVE-2009-2195 WebKit: buffer overflow in floating point numbers parsing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 544903: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544903 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: qt4-x11 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for qt4-x11. CVE-2009-2195[0]: | Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote | attackers to execute arbitrary code or cause a denial of service | (application crash) via crafted floating-point numbers. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. A patch for this is availablehttp://trac.webkit.org/changeset/45696, looking at the code in qt4-x11 you probably need to port it :/ For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2195 http://security-tracker.debian.net/tracker/CVE-2009-2195 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0 For security reasons, all text in this mail is double-rot13 encrypted. pgpBm0HtURlgW.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Version: 4:4.6.0-1 ---End Message---
Bug#545358: Re: Bug#545358: The patch doesn't seem right
Hola Fernando López! El 07/12/2009 a las 02:19 escribiste: Did you take in account the patch 01_debian_4.0.patch introduced in the version 2.6.0-2lenny2? It replaces the appereances of debian-3.0 for just debian. Ok, I hadn't seen it. This patch changes the dicts and I think it may introduce this bug, as for the solution I don't know if there is any better but the one we propose actually works, we are using it in our Distro and it works. We will prepare a full patch in a few days and send you. The patch (01_debian_4.0.patch) also removes debian-3.0 without adding a debian from various places (Hosts, TimeDate, SMB). Can you confirm that those aren't needed? In any case, it's usually better to use the fix that was applied by upstream, specially if you want to push the change to stable. Thanks, -- Haskell is faster than C++, more concise than Perl, more regular than Python, more flexible than Ruby, more typeful than C#, more robust than Java, and has absolutely nothing in common with PHP. -- Audrey Tang Saludos /\/\ /\ `/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559754: fails to install if /etc/sysctl.d/ not present
Marco d'Itri wrote: On Dec 07, Michael Biebl bi...@debian.org wrote: The obvious fix for this is, that the netbase postinst should simply create the /etc/sysctl.d/ directory if not existent. I do not want an obvious fix, I want the people who care about non-linux ports to tell me how they should be tested for. Well, my point was, that it also fails to install on linux, because procps is not guaranteed to be installed (as e.g. is in my pbuilder chroot), so the /etc/sysctl.d directory is not present. That the sysctl snippet has no effect on non-linux is another issue and should probably be handled in a separate bug report. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#559876: virtualbox-ose-guest-dkms: dkms error during install and purge
Package: virtualbox-ose-guest-dkms Version: 3.1.0-dfsg-1 Severity: grave Justification: renders package unusable During install one gets the following error: Setting up virtualbox-ose-guest-dkms (3.1.0-dfsg-1) ... Adding Module to DKMS build system Error! Invalid number of arguments passed. Usage: add -m module -v module-version This is due to a reference in the postinst and prerm scripts. both still refer to the virtualbox-ose-guest-source package name -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31-1-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages virtualbox-ose-guest-dkms depends on: ii build-essential 11.4 Informational list of build-essent ii dpkg-dev 1.15.5.3 Debian package development tools ii make 3.81-7 An utility for Directing compilati Versions of packages virtualbox-ose-guest-dkms recommends: ii dkms 2.1.0.1-3 Dynamic Kernel Module Support Fram virtualbox-ose-guest-dkms suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559845: CVE-2009-3736 local privilege escalation
On Mon, Dec 07, 2009 at 12:11:07AM -0500, Michael Gilbert wrote: Package: heartbeat Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I see that heartbeat in unstable no longer embeds libtool, but it appears that etch and lenny still have it. I am not sure if it is actually used in the binary packages though. Please check. If those packages are not affected, please close the bug. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 Hi, Thanks for bringing this to my attention. First, for clarification, I believe the relevant packages that are potentially affected are: Etch (oldstable): heartbeat 1.2.5-3, heartbeat-2 2.0.7-2 Lenny (stable):heartbeat 2.1.3-6lenny4 Squeeze (testing): heartbeat 2.1.4-7 Sid (unstable):heartbeat 2.1.4-7 Experimental: heartbeat 2.99.2+sles11r9-1 With reference to https://bugzilla.redhat.com/show_bug.cgi?id=537941, which seems to be the most comprehensive source of information on this topic from a coding point of view, I have noted the following: * In the Etch, Lenny, Sqeeze and Sid versions of heartbeat (and heartbeat-2) .la files are only provided in -dev packages, which I suspect would not ordinarily be installed. I am unsure of the status of this with regards to the Experimental version. * In the Etch version the only place that lt_dlopen*() appears to be called is inside the PILS library. And in a somewhat verbose way PILS ensures that the argument passed to lt_dlopen() is an absolute path which begins with /usr/lib/heartbeat/plugins (PLUGIN_DIR, set at compile time). I will verify this in the other versions. Probably tomorrow. With the latter point in mind I am suspecting that heartbeat (and heartbeat-2) is not vulnerable to this problem. I would greatly appreciate other opinions on this. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559836: CVE-2009-3736 local privilege escalation
Le lundi 07 décembre 2009 à 13:30 +0100, Manuel Prinz a écrit : Am Montag, den 07.12.2009, 09:30 +0100 schrieb Sylvestre Ledru: Manuel, are you going to handle this issue or do you want me to do it ? I can take care of that. I've forwarded this upstream already. The best option would be having a fixed libtool available, or trying to use the backported patch in the CVE. Information on fixing this is quite sparse, unfortunately. I hope that there will be some more information in the thread on d-d. I can take care of it this evening. If you want to go faster, feel free to do so. You don't need to ask for permission. We're a team, aren't we? ;) Indeed but sometimes, you have upcoming modifications :) Sylvestre -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559836: CVE-2009-3736 local privilege escalation
Am Montag, den 07.12.2009, 09:30 +0100 schrieb Sylvestre Ledru: Manuel, are you going to handle this issue or do you want me to do it ? I can take care of that. I've forwarded this upstream already. The best option would be having a fixed libtool available, or trying to use the backported patch in the CVE. Information on fixing this is quite sparse, unfortunately. I hope that there will be some more information in the thread on d-d. I can take care of it this evening. If you want to go faster, feel free to do so. You don't need to ask for permission. We're a team, aren't we? ;) Best regards Manuel -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#549745: mail-notification: FTBFS: em-format-html.h:37:29: error: gtkhtml/gtkhtml.h: No such file or directory
On Mon, Dec 07, 2009 at 02:05:17AM +0100, Cyril Brulebois wrote: See evolution-dev's #559771. I would have been uploading an NMU with the attached patch since it's been 2 months without a single reply to this RC bug, but there's an include path missing (-I/usr/include/libgtkhtml-3.14), and it seems that this “jb” build system ignores CFLAGS et al. It does know cflags/cppflags/etc though (yay for non-standard variables and build systems), so passing cppflags=-I/usr/include/libgtkhtml-3.14 -I/usr/include/libgtkhtml-3.14/editor to ./jb configure in the configure-stamp target appears to do the job. + * Add a workaround for evolution-dev's #559771: add libgtkhtml3.14-dev +to Build-Depends. You also need libgtkhtml-editor-dev and libebook1.2-dev. CCing the Evo bug because of that. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559809: CVE-2009-3736 local privilege escalation
If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. fixed by the upstream patch 232557c9e5a24f5dbd18ad9a2106cafb74e4e0cf Paolo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559884: gnustep-dl2: FTBFS: ../EOControl/EOQualifier.h:240: error: cannot find interface declaration for ‘NSArray’
Source: gnustep-dl2 Version: 0.11.0-1.1 Severity: serious Tags: patch fixed-upstream At Fri, 04 Dec 2009 19:33:16 +0100, Federico Gimenez Nieto wrote: On Wed, 2009-11-25 at 10:33 +0100, Gürkan Sengün wrote: I had prepared a newer version of gnustep-dl2 long time ago, but never found a sponsor for it: http://sid.ethz.ch/debian/gnustep-dl2/ (gnustep-dl2_0.12.0-1.dsc) and I also tried to build it against the latest gnustep tarball versions but it failed: http://gnu.ethz.ch/debian/gnustep-dl2/gnustep-dl2_0.12.0-1_i386.build I get the same error when trying to build the current package [1] with pbuilder, could you please confirm this? Yes, so let's record it as a bug before Lucas Nussbaum reports it :-) This is yet another issue revealed with gnustep-base/1.19.3, and already fixed in SVN trunk (rev 28419). -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546192: gnucash: HBCI support stopped working (chipcard)
reassign 546192 libaqbanking severity 546192 serious tags 546192 - moreinfo found 546192 4.1.2-1 fixed 546192 4.1.6-1 done 546192 unarchive 545894 merge 545894 546192 archive 545894 thanks Hi Sascha, Sascha Silbe wrote: On Fri, Sep 11, 2009 at 04:52:37PM +0200, Micha Lenk wrote: [...] Can you please run gnucash --debug and make the resulting file /tmp/gnucash.trace somehow available to me? gnucash --debug created the file somewhere else than it said it would, so I didn't find the file at first. The relevant part of it looks very similar to #545894 (except that I tried to retrieve transactions instead of balance, so it says JobGetTransactions in place of JobGetBalance), so you can merge these two bugs. Sorry for the dupe. So I hereby do. Regards Micha -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed (with 2 errors): Re: Bug#546192: gnucash: HBCI support stopped working (chipcard)
Processing commands for cont...@bugs.debian.org: reassign 546192 libaqbanking Bug #546192 [gnucash] gnucash: HBCI support stopped working (chipcard) Bug reassigned from package 'gnucash' to 'libaqbanking'. Bug No longer marked as found in versions 2.2.9-0.1. severity 546192 serious Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard) Severity set to 'serious' from 'normal' tags 546192 - moreinfo Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard) Removed tag(s) moreinfo. found 546192 4.1.2-1 Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard) There is no source info for the package 'libaqbanking' at version '4.1.2-1' with architecture '' Unable to make a source version for version '4.1.2-1' Bug Marked as found in versions 4.1.2-1. fixed 546192 4.1.6-1 Bug #546192 [libaqbanking] gnucash: HBCI support stopped working (chipcard) There is no source info for the package 'libaqbanking' at version '4.1.6-1' with architecture '' Unable to make a source version for version '4.1.6-1' Bug Marked as fixed in versions 4.1.6-1. done 546192 Unknown command or malformed arguments to command. unarchive 545894 Bug #545894 {Done: Micha Lenk mi...@lenk.info} [libaqbanking] gnucash: No import with HBCI anymore Bug #547507 {Done: Micha Lenk micha.l...@tm.uka.de} [libaqbanking] [libaqhbci16] false-positive error: Job ... not supported by your bank Unarchived Bug 545894 Unarchived Bug 547507 merge 545894 546192 Bug#545894: gnucash: No import with HBCI anymore Bug#546192: gnucash: HBCI support stopped working (chipcard) Mismatch - only Bugs in same state can be merged: Values for `done mark' don't match: #545894 has `done'; #546192 has `open' Values for `affects' don't match: #545894 has `qbankmanager,gnucash,kmymoney2-plugin-aqbanking'; #546192 has `' archive 545894 Bug #545894 {Done: Micha Lenk mi...@lenk.info} [libaqbanking] gnucash: No import with HBCI anymore Bug #547507 {Done: Micha Lenk micha.l...@tm.uka.de} [libaqbanking] [libaqhbci16] false-positive error: Job ... not supported by your bank archived 545894 to archive/94 (from 545894) deleted 545894 (from 545894) archived 547507 to archive/07 (from 545894) deleted 547507 (from 545894) thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: closing 546192
Processing commands for cont...@bugs.debian.org: # Automatically generated email from bts, devscripts version 2.10.35lenny7 close 546192 Bug#546192: gnucash: HBCI support stopped working (chipcard) 'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing. Bug closed, send any further explanations to Sascha Silbe sascha-debian-bugs-...@silbe.org End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: your mail
Processing commands for cont...@bugs.debian.org: reassign 559758 virtualbox-ose Bug #559758 [virtualbox-ose-dkms] [virtualbox-ose-dkms] Cannot install dkms moduleg Bug reassigned from package 'virtualbox-ose-dkms' to 'virtualbox-ose'. Bug No longer marked as found in versions virtualbox-ose/3.1.0-dfsg-1. reassign 559876 virtualbox-ose Bug #559876 [virtualbox-ose-guest-dkms] virtualbox-ose-guest-dkms: dkms error during install and purge Bug reassigned from package 'virtualbox-ose-guest-dkms' to 'virtualbox-ose'. Bug No longer marked as found in versions virtualbox-ose/3.1.0-dfsg-1. forcemerge 559502 559876 Bug#559502: virtualbox-ose: dkms postinst querys source package for the upstream version Bug#559876: virtualbox-ose-guest-dkms: dkms error during install and purge Forcibly Merged 559502 559876. forcemerge 559502 559758 Bug#559502: virtualbox-ose: dkms postinst querys source package for the upstream version Bug#559758: [virtualbox-ose-dkms] Cannot install dkms moduleg Bug#559876: virtualbox-ose-guest-dkms: dkms error during install and purge Forcibly Merged 559502 559758 559876. retitle 559502 postinst scripts query for -source instead of -dkms Bug #559502 [virtualbox-ose] virtualbox-ose: dkms postinst querys source package for the upstream version Bug #559758 [virtualbox-ose] [virtualbox-ose-dkms] Cannot install dkms moduleg Bug #559876 [virtualbox-ose] virtualbox-ose-guest-dkms: dkms error during install and purge Changed Bug title to 'postinst scripts query for -source instead of -dkms' from 'virtualbox-ose: dkms postinst querys source package for the upstream version' Changed Bug title to 'postinst scripts query for -source instead of -dkms' from '[virtualbox-ose-dkms] Cannot install dkms moduleg' Changed Bug title to 'postinst scripts query for -source instead of -dkms' from 'virtualbox-ose-guest-dkms: dkms error during install and purge' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#552433: stable update: nss-ldapd (#552433: libnss-ldapd: ignores case of uids)
Hi, On Sonntag, 6. Dezember 2009, Arthur de Jong wrote: I brought up bug #552433 here earlier [0] and have been in contact with the security team about this but haven't had a definite answer from them whether they want (or don't want) to issue an advisory for this. I'm now convinced this is a security problem because it can result in wrong privileges to be assigned and in denial of service (see [1] for more information). Debian Edu would also very much like this to be fixed soon, see http://bugs.skolelinux.org/show_bug.cgi?id=1383 - it's a release blocker for our lenny based release as it causes (+has caused already) real world prblems as you can read in #1383. cheers, Holger signature.asc Description: This is a digitally signed message part.
Processed: tagging 559496
Processing commands for cont...@bugs.debian.org: tags 559496 + pending Bug #559496 [gpe-calendar] gpe-calendar: FTBFS since libmimedir-gnome0-dev got dropped Added tag(s) pending. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#553230: marked as done (libapache2-mod-macro: missing-dependency-on-libc needed by ./usr/lib/apache2/modules/mod_macro.so but the package doesn't depend on the C library package. No
Your message dated Mon, 07 Dec 2009 15:39:39 + with message-id e1nhfgz-0005nc...@ries.debian.org and subject line Bug#553230: fixed in libapache2-mod-macro 1.1.4-3.2 has caused the Debian Bug report #553230, regarding libapache2-mod-macro: missing-dependency-on-libc needed by ./usr/lib/apache2/modules/mod_macro.so but the package doesn't depend on the C library package. Normally this indicates that ${shlibs: Depends} was omitted from the Depends line for this package in debian/control. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 553230: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553230 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: libapache2-mod-macro Version: 1.1.4-3.1 Severity: serious Justification: The listed file appears to be linked against the C library, User: lintian-ma...@debian.org Usertags: missing-dependency-on-libc All shared libraries and compiled binaries must be run through dpkg-shlibdeps to find out any libraries they are linked against (often via the dh_shlibdeps debhelper command). The package containing these files must then depend on ${shlibs:Depends} in debian/control to get the proper package dependencies for those libraries. Refer to Debian Policy Manual section 8.6 (Dependencies between the library and other packages - the shlibs system) for details. ,[ 8.6 Dependencies between the library and other packages - the shlibs system ] | If a package contains a binary or library which links to a shared library, we | must ensure that when the package is installed on the system, all of the | libraries needed are also installed. This requirement led to the creation of the | shlibs system, which is very simple in its design: any package which provides a | shared library also provides information on the package dependencies required to | ensure the presence of this library, and any package which uses a shared library | uses this information to determine the dependencies it requires. The files which | contain the mapping from shared libraries to the necessary dependency | information are called shlibs files. | | Thus, when a package is built which contains any shared libraries, it must | provide a shlibs file for other packages to use, and when a package is built | which contains any shared libraries or compiled binaries, it must run | dpkg-shlibdeps on these to determine the libraries used and hence the | dependencies needed by this package. ` ,[ 8.6.2 How to use dpkg-shlibdeps and the shlibs files ] | Put a call to dpkg-shlibdeps into your debian/rules file. If your package | contains only compiled binaries and libraries (but no scripts), you can use a | command such as: | | dpkg-shlibdeps debian/tmp/usr/bin/* debian/tmp/usr/sbin/* \ |debian/tmp/usr/lib/* | | Otherwise, you will need to explicitly list the compiled binaries and | libraries.[53] | | This command puts the dependency information into the debian/substvars file, | which is then used by dpkg-gencontrol. You will need to place a | ${shlibs:Depends} variable in the Depends field in the control file for this to | work. ` manoj -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'oldstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31.4-anzu-2 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libapache2-mod-macro depends on: ii apache2.2-common 2.2.14-1 Apache HTTP Server common files libapache2-mod-macro recommends no packages. libapache2-mod-macro suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: libapache2-mod-macro Source-Version: 1.1.4-3.2 We believe that the bug you reported is fixed in the latest version of libapache2-mod-macro, which is due to be installed in the Debian FTP archive: libapache2-mod-macro_1.1.4-3.2.diff.gz to main/liba/libapache2-mod-macro/libapache2-mod-macro_1.1.4-3.2.diff.gz libapache2-mod-macro_1.1.4-3.2.dsc to main/liba/libapache2-mod-macro/libapache2-mod-macro_1.1.4-3.2.dsc libapache2-mod-macro_1.1.4-3.2_i386.deb to main/liba/libapache2-mod-macro/libapache2-mod-macro_1.1.4-3.2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to
Bug#555152: marked as done (hdf-eos4: FTBFS: configure.ac:20: warning: macro `AM_PROG_LIBTOOL' not found in library)
Your message dated Mon, 07 Dec 2009 15:36:48 + with message-id e1nhfdo-00052w...@ries.debian.org and subject line Bug#555152: fixed in hdf-eos4 2.16v1.00.dfsg.2-1 has caused the Debian Bug report #555152, regarding hdf-eos4: FTBFS: configure.ac:20: warning: macro `AM_PROG_LIBTOOL' not found in library to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 555152: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555152 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: hdf-eos4 Version: 2.16v1.00.dfsg.1-2 Severity: serious Hi, There was an error while trying to autobuild your package: Automatic build of hdf-eos4_2.16v1.00.dfsg.1-2 on nautilus by sbuild/amd64 98 Build started at 20091005-1830 [...] Build-Depends: cdbs, debhelper ( 7), dh-buildinfo, gfortran, libhdf4g-dev, libjpeg62-dev, zlib1g-dev, libgctp-dev, chrpath, autoconf, automake [...] Toolchain package versions: libc6-dev_2.9-27 g++-4.3_4.3.4-5 gcc-4.3_4.3.4-5 binutils_2.19.51.20090827-1 libstdc++6_4.4.1-5 libstdc++6-4.3-dev_4.3.4-5 [...] debian/rules build test -x debian/rules # Needed for the pthreads tests cp samples/simple.txt testdrivers/threads autoreconf configure.ac:20: warning: macro `AM_PROG_LIBTOOL' not found in library configure.ac:207: warning: AC_LANG_PROGRAM(Fortran): ignoring PROLOGUE: [] ../../lib/autoconf/lang.m4:231: AC_LANG_SOURCE is expanded from... ../../lib/autoconf/lang.m4:248: AC_LANG_PROGRAM is expanded from... ../../lib/autoconf/lang.m4:214: AC_LANG_CONFTEST is expanded from... ../../lib/autoconf/general.m4:2648: _AC_LINK_IFELSE is expanded from... ../../lib/autoconf/general.m4:2665: AC_LINK_IFELSE is expanded from... ../../lib/autoconf/general.m4:2674: AC_TRY_LINK is expanded from... configure.ac:207: the top level configure.ac:207: warning: AC_LANG_PROGRAM(Fortran): ignoring PROLOGUE: [] ../../lib/autoconf/lang.m4:231: AC_LANG_SOURCE is expanded from... ../../lib/autoconf/lang.m4:248: AC_LANG_PROGRAM is expanded from... ../../lib/autoconf/lang.m4:214: AC_LANG_CONFTEST is expanded from... ../../lib/autoconf/general.m4:2648: _AC_LINK_IFELSE is expanded from... ../../lib/autoconf/general.m4:2665: AC_LINK_IFELSE is expanded from... ../../lib/autoconf/general.m4:2674: AC_TRY_LINK is expanded from... configure.ac:207: the top level configure.ac:207: warning: AC_LANG_PROGRAM(Fortran): ignoring PROLOGUE: [] ../../lib/autoconf/lang.m4:231: AC_LANG_SOURCE is expanded from... ../../lib/autoconf/lang.m4:248: AC_LANG_PROGRAM is expanded from... ../../lib/autoconf/lang.m4:214: AC_LANG_CONFTEST is expanded from... ../../lib/autoconf/general.m4:2648: _AC_LINK_IFELSE is expanded from... ../../lib/autoconf/general.m4:2665: AC_LINK_IFELSE is expanded from... ../../lib/autoconf/general.m4:2674: AC_TRY_LINK is expanded from... configure.ac:207: the top level configure.ac:18: error: possibly undefined macro: AC_DISABLE_SHARED If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. configure.ac:20: error: possibly undefined macro: AM_PROG_LIBTOOL autoreconf: /usr/bin/autoconf failed with exit status: 1 make: *** [makebuilddir/libhdfeos-dev] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 A full build log can be found at: http://buildd.debian.org/build.php?arch=amd64pkg=hdf-eos4ver=2.16v1.00.dfsg.1-2 If you want to run autoreconf during build, you're missing atleast a build depedency on libtool. Kurt ---End Message--- ---BeginMessage--- Source: hdf-eos4 Source-Version: 2.16v1.00.dfsg.2-1 We believe that the bug you reported is fixed in the latest version of hdf-eos4, which is due to be installed in the Debian FTP archive: hdf-eos4_2.16v1.00.dfsg.2-1.diff.gz to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-1.diff.gz hdf-eos4_2.16v1.00.dfsg.2-1.dsc to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-1.dsc hdf-eos4_2.16v1.00.dfsg.2.orig.tar.gz to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2.orig.tar.gz libhdfeos-dev_2.16v1.00.dfsg.2-1_i386.deb to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-1_i386.deb libhdfeos0_2.16v1.00.dfsg.2-1_i386.deb to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 555...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry mckins...@debian.org (supplier of updated
Bug#559802: CVE-2009-3736 local privilege escalation
On Mon, 07 Dec 2009 08:56:07 +0100, Stefan Hornburg (Racke) wrote: Michael Gilbert wrote: Package: courier-authlib Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Is there a patch available for the vulnerability? Yes, if you follow the link to the mitre page [0], which was included in the original bug report, you will find a link to the patches [1]. Best wishes, Mike [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 [1] http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5id=29b48580df75f0c5baa2962548a4c101ec7ed7ec -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559805: CVE-2009-3736 local privilege escalation
On Mon, 7 Dec 2009 09:16:57 +0100, Josip Rodin wrote: unless this code somehow inexplicalby crept in, there's no bug. please check your linking process, so that there is no uncertainty about this. thank you mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559765: jetty: CVE-2007-6672 info disclosure
reopen 559765 thanks On Mon, 07 Dec 2009 10:38:07 +0100, Niels Thykier wrote: I found the upstream bug report[1] where upstream say they have fixed it in 6.1.7 (and provide a fix for earlier versions as well) - I saw no reason to doubt this. changelog notes are not sufficient justification to close a security issue. the source needs to be checked against a patch, so please find a way to track that down. the easiest way is probably to just ask upstream. thanks. mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#559765: jetty: CVE-2007-6672 info disclosure
Processing commands for cont...@bugs.debian.org: reopen 559765 Bug #559765 {Done: Niels Thykier ni...@thykier.net} [jetty] jetty: CVE-2007-6672 info disclosure thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559891: FTBFS: autoreconf: Command not found
Package: hdf-eos4 Version: 2.16v1.00.dfsg.1-1 Severity: serious hdf-eos4 is failing to build on most archs: https://buildd.debian.org/build.php?arch=pkg=hdf-eos4 here's the error from a recent build attempt: build log: [...] rm -f debian/stamp-patch* rm -f debian/stamp-autotools-files [ ! -f Makefile ] || /usr/bin/make distclean debian/rules build test -x debian/rules # Needed for the pthreads tests cp samples/simple.txt testdrivers/threads # FIXME: a sort of hack ln -sf -- testswath.f testdrivers/swath/testswath77.f ln -sf -- testpoint.f testdrivers/point/testpoint77.f autoreconf make: autoreconf: Command not found make: *** [makebuilddir/libhdfeos-dev] Error 127 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559892: FTBFS: dpkg-gensymbols returned exit code 1
Package: mpg123 Version: 1.10.0-1 Severity: serious mpg123 fails to build on several architectures: https://buildd.debian.org/build.php?arch=pkg=mpg123 Here's a tail of the build log: [...] test -z /usr/share/man/man1 || /bin/mkdir -p /build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1 /usr/bin/install -c -m 644 man1/mpg123.1 '/build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1' test -z /usr/lib/pkgconfig || /bin/mkdir -p /build/buildd/mpg123-1.10.0/debian/tmp/usr/lib/pkgconfig /usr/bin/install -c -m 644 libmpg123.pc '/build/buildd/mpg123-1.10.0/debian/tmp/usr/lib/pkgconfig' make[3]: Leaving directory `/build/buildd/mpg123-1.10.0' make[2]: Leaving directory `/build/buildd/mpg123-1.10.0' make[1]: Leaving directory `/build/buildd/mpg123-1.10.0' mv /build/buildd/mpg123-1.10.0/debian/tmp/usr/bin/mpg123 \ /build/buildd/mpg123-1.10.0/debian/tmp/usr/bin/mpg123.bin mv /build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1/mpg123.1 \ /build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1/mpg123.bin.1 install mpg123-oss mpg123-esd mpg123-nas mpg123-alsa /build/buildd/mpg123-1.10.0/debian/tmp/usr/bin/ for i in mpg123-oss mpg123-esd mpg123-nas mpg123-alsa; do \ install debian/mpg123-wrapper.1 \ /build/buildd/mpg123-1.10.0/debian/tmp/usr/share/man/man1/$i.1; \ done touch build-stamp dh_testdir dh_testroot dh_install -plibmpg123-0 -plibmpg123-dev -pmpg123 dh_installdocs -plibmpg123-0 -plibmpg123-dev -pmpg123-esd -pmpg123-nas -pmpg123-alsa dh_installdocs -pmpg123 -A \ README AUTHORS doc/BENCHMARKING doc/CONTACT \ doc/README.gain doc/README.remote doc/THANKS dh_installexamples -plibmpg123-0 -plibmpg123-dev dh_installman -pmpg123 dh_installchangelogs -pmpg123-esd -pmpg123-nas -pmpg123-alsa dh_installchangelogs -pmpg123 NEWS dh_installchangelogs -plibmpg123-0 -plibmpg123-dev NEWS.libmpg123 dh_installmime -pmpg123 dh_strip -plibmpg123-0 -plibmpg123-dev -pmpg123 dh_compress -plibmpg123-0 -plibmpg123-dev -pmpg123 -pmpg123-esd -pmpg123-nas -pmpg123-alsa dh_fixperms -plibmpg123-0 -plibmpg123-dev -pmpg123 -pmpg123-esd -pmpg123-nas -pmpg123-alsa dh_makeshlibs -plibmpg123-0 -plibmpg123-dev -V libmpg123-0 (= 1.7.2) dpkg-gensymbols: warning: some symbols disappeared in the symbols file: see diff output below dpkg-gensymbols: warning: debian/libmpg123-0/DEBIAN/symbols doesn't match completely debian/libmpg123-0.symbols.hppa --- debian/libmpg123-0.symbols.hppa (libmpg123-0 hppa) +++ dpkg-gensymbolsDGA3bj 2009-12-07 00:12:02.0 + @@ -48,7 +48,7 @@ mpg123_meta_ch...@base 1.6.2 mpg123_...@base 1.6.2 mpg123_new_p...@base 1.6.2 - mpg123_no...@base 1.10.0 +#MISSING: 1.10.0-1# mpg123_no...@base 1.10.0 mpg123_open...@base 1.6.2 mpg123_open_fd...@base 1.6.2 mpg123_open_f...@base 1.6.2 dh_makeshlibs: dpkg-gensymbols -plibmpg123-0 -Idebian/libmpg123-0.symbols.hppa -Pdebian/libmpg123-0 -edebian/libmpg123-0/usr/lib/libmpg123.so.0.22.1 returned exit code 1 make: *** [install] Error 9 dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave error exit status 2 ** Build finished at 20091207-0012 FAILED [dpkg-buildpackage died] -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: found 559891 in 2.16v1.00.dfsg.2-1
Processing commands for cont...@bugs.debian.org: found 559891 2.16v1.00.dfsg.2-1 Bug #559891 [hdf-eos4] FTBFS: autoreconf: Command not found There is no source info for the package 'hdf-eos4' at version '2.16v1.00.dfsg.2-1' with architecture '' Unable to make a source version for version '2.16v1.00.dfsg.2-1' Bug Marked as found in versions 2.16v1.00.dfsg.2-1. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#524458: nfs-common: Can't read large files
Iustin Pop wrote: On Fri, Apr 17, 2009 at 10:34:07AM +0100, Nigel Horne wrote: Package: nfs-common Version: 1:1.1.2-6lenny1 Severity: grave Justification: renders package unusable Large remote files can't be read: packard:/mnt/gateway/tmp$ mount | fgrep gateway gateway:/ on /mnt/gateway type nfs (rw,hard,intr,addr=192.168.1.1) gateway:/home on /mnt/gateway/home type nfs (rw,hard,intr,addr=192.168.1.1) gateway:/var on /mnt/gateway/var type nfs (rw,hard,intr,addr=192.168.1.1) packard:/mnt/gateway/tmp$ cd /mnt/gateway/tmp n...@packard:/mnt/gateway/tmp$ ls -l njh foo -rw-r--r-- 1 njh njh 4 2009-04-17 10:28 foo -rw-r- 1 njh njh 185219775 2009-04-17 10:27 njh n...@packard:/mnt/gateway/tmp$ od -bc foo 000 142 141 162 012 b a r \n 004 n...@packard:/mnt/gateway/tmp$ od -bc njh od: njh: read error: Input/output error 000 Hi, I just tested on a lenny installation with the same version and I can read such files without problems (and 178MB is not a large file, this should be no problem for the Linux NFS server). Are you sure this is not a different problem, like a networking problem or server problem? What do you see in dmesg on both the client and the server when running the od? dmesg on client: packard:/mnt/gateway/tmp# dmesg | tail [ 24.301416] RPC: Registered tcp transport module. [ 24.309434] Slow work thread pool: Starting up [ 24.309504] Slow work thread pool: Ready [ 24.309554] FS-Cache: Loaded [ 24.320409] FS-Cache: Netfs 'nfs' registered for caching [ 24.328938] Installing knfsd (copyright (C) 1996 o...@monad.swb.de). [ 24.354087] svc: failed to register lockdv1 RPC service (errno 97). [ 25.769976] lp: driver loaded but no devices found [ 25.774519] ppdev: user-space parallel port driver [ 34.849005] eth0: no IPv6 routers present packard:/mnt/gateway/tmp# dmesg on server: sh-4.0# dmesg|tail -33 [ 389.861319] eth0: link up. [ 389.867222] eth0: link down. [ 391.531240] eth0: link up. [ 391.552880] eth0: link down. [ 393.204767] eth0: link up. [ 393.220826] eth0: link down. [ 394.900901] eth0: link up. [ 394.919915] eth0: link down. [ 396.572787] eth0: link up. [ 396.577378] eth0: link down. [ 398.246313] eth0: link up. [ 398.267623] eth0: link down. [ 399.914919] eth0: link up. [ 399.934264] eth0: link down. [ 401.608766] eth0: link up. [ 3836.196471] eth1: link up, 100Mbps, full-duplex, lpa 0x45E1 [ 3836.196689] ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [ 3846.220516] eth1: no IPv6 routers present [ 3850.264279] a.out uses obsolete (PF_INET,SOCK_PACKET) [ 3856.148019] device eth0 entered promiscuous mode [ 6819.324361] udev: starting version 148 [19316.196514] device eth0 left promiscuous mode [19341.132017] device eth0 entered promiscuous mode [22914.084516] device eth0 left promiscuous mode [22927.988558] device eth0 entered promiscuous mode [23881.248515] device eth0 left promiscuous mode [23889.520019] device eth0 entered promiscuous mode [24389.948515] device eth0 left promiscuous mode [24395.700018] device eth0 entered promiscuous mode [25701.716514] device eth0 left promiscuous mode [25704.320517] device eth0 entered promiscuous mode [27512.952515] device eth0 left promiscuous mode [27516.052101] device eth0 entered promiscuous mode sh-4.0# -- Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Tutor, Typesetter. NJH Music, ICQ#20252325 n...@bandsman.co.uk http://www.bandsman.co.uk -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559893: monotone-server: hooks.lua.base is outdated
Package: monotone-server Version: 0.45-2 Severity: grave Justification: renders package unusable With version 0.45, monotone has a new way to handle keys, which also affects some of the hooks, for example get_passphrase which is used in /usr/share/monotone/hooks.lua.base (or /etc/monotone/hooks.lua) ... Unfortunately, hooks.lua.base hasn't been updated accordingly, with the result that /etc/init.d/monotone will not be able to start mtn, thereby making this package unusable to all except those that are willing and knowlegable enough to hack hooks.lua.base or /etc/monotone/hooks.lua. Cheers, Richard -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.30-2-686 (SMP w/2 CPU cores) Locale: LANG=sv_SE.utf8, LC_CTYPE=sv_SE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages monotone-server depends on: ii adduser 3.111 add and remove users and groups ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip ii monotone 0.45-2 A distributed version (revision) c ii ucf 3.0025 Update Configuration File: preserv monotone-server recommends no packages. monotone-server suggests no packages. -- debconf information: monotone-server/manage-db: true monotone-server/key: monot...@guardian.lp.se -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#506652: licensing for contrib/ in xml2rfc [was: Re: Bug#506652: status on copyright clearance for boilerplate for xml2rfc?]
On 12/02/2009 04:41 PM, Florian Weimer wrote: Some of the example RFCs are non-free under Debian's policy. Some parts of contrib were not DFSG-compliant, either, and if there were parts that were free software, I simply missed them. contrib/alex.rousskov/xml2rfcpp.pl is a 4K perl script clearly indicated as having been released into the public domain (i know PD has some legal ambiguity but the intent here seems clear to me). The remaining material in contrib comes from three authors: Pekka Savola, Fred Baker, and Rob Austein. I corresponded with all three of them by e-mail to ask about their contributions, and got a positive response from each of them that their work is free for any use, freely redistributable, freely modifiable, and that modifications are also freely redistributable. The drafts of the update to 2629 (draft-mrose-writing-rfcs.*) are by the same author as the rest of the package, and so presumably fall under LICENSE, so i think we're ok there. That leaves only the rights for the boilerplate that you're working on getting granted from the IETF Trust keeping the whole upstream package out of main. There doesn't seem to be a need for a re-packaged upstream tarball, from what i can tell. I've prepared (and am using) a package of 1.34, and would be happy to offer it to you, or to upload it to debian myself, if you'd prefer. Let me know what the best way is to move forward on this. Regards, --dkg signature.asc Description: OpenPGP digital signature
Bug#559891: marked as done (FTBFS: autoreconf: Command not found)
Your message dated Mon, 07 Dec 2009 17:32:07 + with message-id e1nhhrp-0006ki...@ries.debian.org and subject line Bug#559891: fixed in hdf-eos4 2.16v1.00.dfsg.2-2 has caused the Debian Bug report #559891, regarding FTBFS: autoreconf: Command not found to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559891: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559891 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: hdf-eos4 Version: 2.16v1.00.dfsg.1-1 Severity: serious hdf-eos4 is failing to build on most archs: https://buildd.debian.org/build.php?arch=pkg=hdf-eos4 here's the error from a recent build attempt: build log: [...] rm -f debian/stamp-patch* rm -f debian/stamp-autotools-files [ ! -f Makefile ] || /usr/bin/make distclean debian/rules build test -x debian/rules # Needed for the pthreads tests cp samples/simple.txt testdrivers/threads # FIXME: a sort of hack ln -sf -- testswath.f testdrivers/swath/testswath77.f ln -sf -- testpoint.f testdrivers/point/testpoint77.f autoreconf make: autoreconf: Command not found make: *** [makebuilddir/libhdfeos-dev] Error 127 ---End Message--- ---BeginMessage--- Source: hdf-eos4 Source-Version: 2.16v1.00.dfsg.2-2 We believe that the bug you reported is fixed in the latest version of hdf-eos4, which is due to be installed in the Debian FTP archive: hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz hdf-eos4_2.16v1.00.dfsg.2-2.dsc to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-2.dsc libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry mckins...@debian.org (supplier of updated hdf-eos4 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 17:20:02 + Source: hdf-eos4 Binary: libhdfeos0 libhdfeos-dev Architecture: source i386 Version: 2.16v1.00.dfsg.2-2 Distribution: unstable Urgency: low Maintainer: Alastair McKinstry mckins...@debian.org Changed-By: Alastair McKinstry mckins...@debian.org Description: libhdfeos-dev - Development files for the HDF-EOS4 library libhdfeos0 - Earth Observation System extensions to HDF4 Closes: 559891 Changes: hdf-eos4 (2.16v1.00.dfsg.2-2) unstable; urgency=low . * Add autoconf for autoreconf. Closes: 559891. Checksums-Sha1: 4db5f7a5093bcd9f955b0ddbcae44e972f9c6474 1201 hdf-eos4_2.16v1.00.dfsg.2-2.dsc ec971537509cdff78f2254d6674386d2ded87713 8642 hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz e96e03139cbfe9064b35c7f0514bfbea8743af81 106612 libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb 97d24a936794e9887c4a4fab5a07a41cd28302c9 182532 libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb Checksums-Sha256: 84af9e3f8805c2675083ed2c8092b311f90f2973f76014a5a5b99eaec3ce0cff 1201 hdf-eos4_2.16v1.00.dfsg.2-2.dsc bd5e5b745cd8af53035e4c22dada8d4450e0cb768d514458b9e66be69f69cd74 8642 hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz 751f612628a266ac059c2e9323cf6634ac2ac64549c6976a0038aa4a98607156 106612 libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb 2a76c2ad043147ca7074661ce4c883a408d5dafedc4b855645b8f1c2746508dd 182532 libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb Files: 7cc61484049f30f22ed9eff48400189b 1201 libs optional hdf-eos4_2.16v1.00.dfsg.2-2.dsc 5b1a1057bf9107154a087e156a6ffbe9 8642 libs optional hdf-eos4_2.16v1.00.dfsg.2-2.diff.gz 96ff657fd6ac9903436a367e5e17 106612 libs optional libhdfeos0_2.16v1.00.dfsg.2-2_i386.deb 11286f9ec72d49f56bd3e64d3808ed1b 182532 libdevel optional libhdfeos-dev_2.16v1.00.dfsg.2-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFLHTrsQTK/kCo4XFcRAlo3AJ9nlNqSuhdy20ADaYYhlJ6pICWKUQCeLL8n u9E5UH/wC8vSFNdg5BJyOgQ= =h4lI -END PGP SIGNATURE- ---End Message---
Bug#554953: does not support new source formats
notfound 559533 0.59.0-1 found 559553 0.59.1~rc1 thanks This bug actually only affects sbuild in the git repo. -- Regards, Andres -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559904: FTBFS: failed to run aclocal
Package: hdf-eos4 Version: 2.16v1.00.dfsg.2-2 Severity: serious Thanks for the quick turnaround on #559891. Looks like there's another missing build-dep: [...] cp samples/simple.txt testdrivers/threads # FIXME: a sort of hack ln -sf -- testswath.f testdrivers/swath/testswath77.f ln -sf -- testpoint.f testdrivers/point/testpoint77.f autoreconf Can't exec aclocal: No such file or directory at /usr/share/autoconf/Autom4te/FileUtils.pm line 325. autoreconf: failed to run aclocal: No such file or directory make: *** [makebuilddir/libhdfeos-dev] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 Build finished at 20091207-1745 FAILED [dpkg-buildpackage died] Purging /var/lib/schroot/mount/sid-hppa-sbuild-10e141df-4cf7-47a8-a235-a1bb5d069be8/build/buildd-hdf-eos4_2.16v1.00.dfsg.2-2-hppa-35hd9s -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#558905: Kernel bug.
IMO this FTBS is a kernel vfork bug. The return register in the parent is being corrupted. Using the emacs23 source I was able to produce a trimmed down test case for the failing vfork. I have reported this to our kernel developers here: http://article.gmane.org/gmane.linux.ports.parisc/2403 Cheers, Carlos. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559805: CVE-2009-3736 local privilege escalation
On Mon, Dec 07, 2009 at 11:04:38AM -0500, Michael Gilbert wrote: On Mon, 7 Dec 2009 09:16:57 +0100, Josip Rodin wrote: unless this code somehow inexplicalby crept in, there's no bug. please check your linking process, so that there is no uncertainty about this. thank you All the freeradius packages are linked against libltdl.so. Is it even possible for the linker to somehow add the internal copy and link against the system library - how would it decide whose symbols to use on run-time? -- 2. That which causes joy or happiness. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#552686: marked as done (fuse: FTBFS on GNU/kFreeBSD)
Your message dated Mon, 07 Dec 2009 18:17:37 + with message-id e1nhi9r-0001tj...@ries.debian.org and subject line Bug#552600: fixed in fuse 2.8.1-1.1 has caused the Debian Bug report #552600, regarding fuse: FTBFS on GNU/kFreeBSD to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 552600: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552600 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: fuse Version: 2.8.1-1 Severity: serious Justification: fails to build from source fuse version 2.8.1-1 fails to build on GNU/kFreeBSD, due to a typo on a conditional code part. Also with glibc 2.10.1, it is not necessary anymore to link libfuse to libfreebsd. Please find below a patch to fix both issues. diff -u fuse-2.8.1/debian/control fuse-2.8.1/debian/control --- fuse-2.8.1/debian/control +++ fuse-2.8.1/debian/control @@ -3,7 +3,7 @@ Priority: optional Maintainer: Bartosz Fenski fe...@debian.org Uploaders: Adam Cécile (Le_Vert) gand...@le-vert.net -Build-Depends: debhelper (= 5.0.37), autotools-dev, dpatch, lsb-base (= 3.0-6), bzip2, libselinux1-dev [!kfreebsd-amd64 !kfreebsd-i386] | libselinux-dev [!kfreebsd-amd64 !kfreebsd-i386], libfreebsd-dev [kfreebsd-amd64 kfreebsd-i386] +Build-Depends: debhelper (= 5.0.37), autotools-dev, dpatch, lsb-base (= 3.0-6), bzip2, libselinux1-dev [!kfreebsd-amd64 !kfreebsd-i386] | libselinux-dev [!kfreebsd-amd64 !kfreebsd-i386], libc0.1-dev (= 2.10.1) [kfreebsd-amd64 kfreebsd-i386] Homepage: http://fuse.sourceforge.net/ Standards-Version: 3.8.2 diff -u fuse-2.8.1/debian/patches/001-GNU_kFreeBSD fuse-2.8.1/debian/patches/001-GNU_kFreeBSD --- fuse-2.8.1/debian/patches/001-GNU_kFreeBSD +++ fuse-2.8.1/debian/patches/001-GNU_kFreeBSD @@ -6,110 +6,6 @@ @DPATCH@ -diff -Nurd fuse-2.7.4.orig/configure fuse-2.7.4/configure fuse-2.7.4.orig/configure 2008-07-25 20:19:05.0 +0200 -+++ fuse-2.7.4/configure 2008-07-25 20:19:05.0 +0200 -@@ -11461,6 +11461,89 @@ - - fi - -+{ echo $as_me:$LINENO: checking for library containing devname_r 5 -+echo $ECHO_N checking for library containing devname_r... $ECHO_C 6; } -+if test ${ac_cv_search_devname_r+set} = set; then -+ echo $ECHO_N (cached) $ECHO_C 6 -+else -+ ac_func_search_save_LIBS=$LIBS -+cat conftest.$ac_ext _ACEOF -+/* confdefs.h. */ -+_ACEOF -+cat confdefs.h conftest.$ac_ext -+cat conftest.$ac_ext _ACEOF -+/* end confdefs.h. */ -+ -+/* Override any GCC internal prototype to avoid an error. -+ Use char because int might match the return type of a GCC -+ builtin and then its argument prototype would still apply. */ -+#ifdef __cplusplus -+extern C -+#endif -+char devname_r (); -+int -+main () -+{ -+return devname_r (); -+ ; -+ return 0; -+} -+_ACEOF -+for ac_lib in '' freebsd; do -+ if test -z $ac_lib; then -+ac_res=none required -+ else -+ac_res=-l$ac_lib -+LIBS=-l$ac_lib $ac_func_search_save_LIBS -+ fi -+ rm -f conftest.$ac_objext conftest$ac_exeext -+if { (ac_try=$ac_link -+case (($ac_try in -+ *\* | *\`* | *\\*) ac_try_echo=\$ac_try;; -+ *) ac_try_echo=$ac_try;; -+esac -+eval echo \\$as_me:$LINENO: $ac_try_echo\) 5 -+ (eval $ac_link) 2conftest.er1 -+ ac_status=$? -+ grep -v '^ *+' conftest.er1 conftest.err -+ rm -f conftest.er1 -+ cat conftest.err 5 -+ echo $as_me:$LINENO: \$? = $ac_status 5 -+ (exit $ac_status); } { -+ test -z $ac_c_werror_flag || -+ test ! -s conftest.err -+ } test -s conftest$ac_exeext -+ $as_test_x conftest$ac_exeext; then -+ ac_cv_search_devname_r=$ac_res -+else -+ echo $as_me: failed program was: 5 -+sed 's/^/| /' conftest.$ac_ext 5 -+ -+ -+fi -+ -+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ -+ conftest$ac_exeext -+ if test ${ac_cv_search_devname_r+set} = set; then -+ break -+fi -+done -+if test ${ac_cv_search_devname_r+set} = set; then -+ : -+else -+ ac_cv_search_devname_r=no -+fi -+rm conftest.$ac_ext -+LIBS=$ac_func_search_save_LIBS -+fi -+{ echo $as_me:$LINENO: result: $ac_cv_search_devname_r 5 -+echo ${ECHO_T}$ac_cv_search_devname_r 6; } -+ac_res=$ac_cv_search_devname_r -+if test $ac_res != no; then -+ test $ac_res = none required || LIBS=$ac_res $LIBS -+ -+fi -+ - libfuse_libs=$libfuse_libs $LIBS - LIBS= - -diff -Nurd fuse-2.7.4.orig/configure.in fuse-2.7.4/configure.in fuse-2.7.4.orig/configure.in 2008-07-25 20:17:20.0 +0200 -+++ fuse-2.7.4/configure.in2008-07-25 20:17:20.0 +0200 -@@ -66,6 +66,7 @@ - LIBS= - AC_SEARCH_LIBS(dlopen, [dl]) - AC_SEARCH_LIBS(clock_gettime, [rt]) -+AC_SEARCH_LIBS(devname_r,
Bug#557143: marked as done (libfuse should set shlibs correctly)
Your message dated Mon, 07 Dec 2009 18:17:37 + with message-id e1nhi9r-0001ts...@ries.debian.org and subject line Bug#557143: fixed in fuse 2.8.1-1.1 has caused the Debian Bug report #557143, regarding libfuse should set shlibs correctly to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 557143: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557143 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Subject: zfs-fuse: insufficient dependency Package: zfs-fuse Version: 0.6.0~beta+433snapshot-2 Justification: Policy 3.5 Severity: serious *** Please type your report below this line *** $ zfs-fuse --help zfs-fuse: /usr/lib/libfuse.so.2: version `FUSE_2.8' not found (required by zfs-fuse) dependency information says libfuse2 (= 2.6), this seems incorrect. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (999, 'testing'), (990, 'stable'), (900, 'unstable'), (90, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31.5 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages zfs-fuse depends on: ii fuse-utils 2.7.4-2 Filesystem in USErspace (utilities ii libaio10.3.107-7 Linux kernel AIO access library - ii libc6 2.10.1-7 GNU C Library: Shared libraries ii libfuse2 2.7.4-2 Filesystem in USErspace library ii lsb-base 3.2-23Linux Standard Base 3.2 init scrip ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime zfs-fuse recommends no packages. zfs-fuse suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: fuse Source-Version: 2.8.1-1.1 We believe that the bug you reported is fixed in the latest version of fuse, which is due to be installed in the Debian FTP archive: fuse-utils_2.8.1-1.1_i386.deb to main/f/fuse/fuse-utils_2.8.1-1.1_i386.deb fuse_2.8.1-1.1.diff.gz to main/f/fuse/fuse_2.8.1-1.1.diff.gz fuse_2.8.1-1.1.dsc to main/f/fuse/fuse_2.8.1-1.1.dsc libfuse-dev_2.8.1-1.1_i386.deb to main/f/fuse/libfuse-dev_2.8.1-1.1_i386.deb libfuse2_2.8.1-1.1_i386.deb to main/f/fuse/libfuse2_2.8.1-1.1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 557...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie s...@debian.org (supplier of updated fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 04 Dec 2009 17:24:05 + Source: fuse Binary: fuse-utils libfuse-dev libfuse2 Architecture: source i386 Version: 2.8.1-1.1 Distribution: unstable Urgency: low Maintainer: Bartosz Fenski fe...@debian.org Changed-By: Simon McVittie s...@debian.org Description: fuse-utils - Filesystem in USErspace (utilities) libfuse-dev - Filesystem in USErspace (development files) libfuse2 - Filesystem in USErspace library Closes: 550334 552600 553015 557143 Changes: fuse (2.8.1-1.1) unstable; urgency=low . * Non-maintainer upload. * Apply patch from Petr Salinger to fix FTBFS on GNU/kFreeBSD (Closes: #552600) * Apply patch from Vagrant Cascadian to run MAKEDEV only if found (Closes: #550334, #553015) * Invoke dh_makeshlibs with an appropriately strict dependency (Closes: #557143) Checksums-Sha1: da8d7cede1b7d31613882760789956394b940501 1806 fuse_2.8.1-1.1.dsc 0ac39c6c4733cab7eb2ccfdd484da1feb326c753 14488 fuse_2.8.1-1.1.diff.gz 0b1240e903100ed4d4d80097ee091371a4208053 16776 fuse-utils_2.8.1-1.1_i386.deb ca7c9665134eb814e958185f10020fb56ab193ce 175450 libfuse-dev_2.8.1-1.1_i386.deb 4f6dded9dbcef6a3cb3ac721586b65a58d55ab66 134204 libfuse2_2.8.1-1.1_i386.deb Checksums-Sha256: c3563b8e66149c1b70da97f818a265b56e16dca2b859bd1e2dcae05869c55bac 1806 fuse_2.8.1-1.1.dsc 07f0d8a62ca3172f679d1cd40707adc3dd428bc9629abdc4d289af38686058f3 14488 fuse_2.8.1-1.1.diff.gz e72865f7aab1da322b3d8851ebddf018512ca4ebf34e26b3c93e166afd28cfca 16776 fuse-utils_2.8.1-1.1_i386.deb 025bd43080925ead4cf8640d4f06a6b2a4eab92323017eb3c8408891a1e060cd 175450 libfuse-dev_2.8.1-1.1_i386.deb
Bug#552600: marked as done (fuse: FTBFS on GNU/kFreeBSD)
Your message dated Mon, 07 Dec 2009 18:17:37 + with message-id e1nhi9r-0001tj...@ries.debian.org and subject line Bug#552600: fixed in fuse 2.8.1-1.1 has caused the Debian Bug report #552600, regarding fuse: FTBFS on GNU/kFreeBSD to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 552600: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552600 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: fuse Version: 2.8.1-1 Severity: important Tags: patch User: debian-...@lists.debian.org Usertags: kfreebsd Hi, the current version fails to build on GNU/kFreeBSD. It needs update of debian/control and debian/patches/001-GNU_kFreeBSD. Please find attached patch with them. The eglibc 2.10 provides devname(), the libfreebsd is not needed anymore. It would also be nice if you can ask upstream to include changes in debian/patches/001-GNU_kFreeBSD. Thanks in advance Petr ---End Message--- ---BeginMessage--- Source: fuse Source-Version: 2.8.1-1.1 We believe that the bug you reported is fixed in the latest version of fuse, which is due to be installed in the Debian FTP archive: fuse-utils_2.8.1-1.1_i386.deb to main/f/fuse/fuse-utils_2.8.1-1.1_i386.deb fuse_2.8.1-1.1.diff.gz to main/f/fuse/fuse_2.8.1-1.1.diff.gz fuse_2.8.1-1.1.dsc to main/f/fuse/fuse_2.8.1-1.1.dsc libfuse-dev_2.8.1-1.1_i386.deb to main/f/fuse/libfuse-dev_2.8.1-1.1_i386.deb libfuse2_2.8.1-1.1_i386.deb to main/f/fuse/libfuse2_2.8.1-1.1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 552...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie s...@debian.org (supplier of updated fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 04 Dec 2009 17:24:05 + Source: fuse Binary: fuse-utils libfuse-dev libfuse2 Architecture: source i386 Version: 2.8.1-1.1 Distribution: unstable Urgency: low Maintainer: Bartosz Fenski fe...@debian.org Changed-By: Simon McVittie s...@debian.org Description: fuse-utils - Filesystem in USErspace (utilities) libfuse-dev - Filesystem in USErspace (development files) libfuse2 - Filesystem in USErspace library Closes: 550334 552600 553015 557143 Changes: fuse (2.8.1-1.1) unstable; urgency=low . * Non-maintainer upload. * Apply patch from Petr Salinger to fix FTBFS on GNU/kFreeBSD (Closes: #552600) * Apply patch from Vagrant Cascadian to run MAKEDEV only if found (Closes: #550334, #553015) * Invoke dh_makeshlibs with an appropriately strict dependency (Closes: #557143) Checksums-Sha1: da8d7cede1b7d31613882760789956394b940501 1806 fuse_2.8.1-1.1.dsc 0ac39c6c4733cab7eb2ccfdd484da1feb326c753 14488 fuse_2.8.1-1.1.diff.gz 0b1240e903100ed4d4d80097ee091371a4208053 16776 fuse-utils_2.8.1-1.1_i386.deb ca7c9665134eb814e958185f10020fb56ab193ce 175450 libfuse-dev_2.8.1-1.1_i386.deb 4f6dded9dbcef6a3cb3ac721586b65a58d55ab66 134204 libfuse2_2.8.1-1.1_i386.deb Checksums-Sha256: c3563b8e66149c1b70da97f818a265b56e16dca2b859bd1e2dcae05869c55bac 1806 fuse_2.8.1-1.1.dsc 07f0d8a62ca3172f679d1cd40707adc3dd428bc9629abdc4d289af38686058f3 14488 fuse_2.8.1-1.1.diff.gz e72865f7aab1da322b3d8851ebddf018512ca4ebf34e26b3c93e166afd28cfca 16776 fuse-utils_2.8.1-1.1_i386.deb 025bd43080925ead4cf8640d4f06a6b2a4eab92323017eb3c8408891a1e060cd 175450 libfuse-dev_2.8.1-1.1_i386.deb 0568b0fa4fff3eedf0b048caa9bf06a9104f67ede7b9cf442391aa7618b111cb 134204 libfuse2_2.8.1-1.1_i386.deb Files: 5645019d9a6c7402d3366a997942a3e9 1806 libs optional fuse_2.8.1-1.1.dsc c60ed37e84b5cf05c6bb734ee32f2581 14488 libs optional fuse_2.8.1-1.1.diff.gz 93195fbcc71e792e1c7863696906d5b9 16776 utils optional fuse-utils_2.8.1-1.1_i386.deb f0d31c5341838f1eb48dc5433601e306 175450 libdevel optional libfuse-dev_2.8.1-1.1_i386.deb cf584d5c6f2184d7402daacfd75033a9 134204 libs optional libfuse2_2.8.1-1.1_i386.deb -BEGIN PGP SIGNATURE- iQIVAwUBSxlK8U3o/ypjx8yQAQj6yBAAnAcZjrPLRdgsygnBfN/2aKW4FW1Q2+AP SZpkrMLI83+TTUL7lvnWNT+lLm48J4TdQYtXaCaUzxa1nKGfFUymt8GrTMPjXG/N 93mod+bnkRb4cNV2QzogjWcOghpViRaYM1LdjXAf07AZNyBg3IstcQkdW8W5gBVo 2jqUuOizzVG+OUzVstw17weQPIDUjkGZKCprTHtBXS4O92Hzgx9pDg60WqFDuTI6
Bug#550334: marked as done (fuse-utils: missing dependence on makedev)
Your message dated Mon, 07 Dec 2009 18:17:37 + with message-id e1nhi9r-0001tf...@ries.debian.org and subject line Bug#550334: fixed in fuse 2.8.1-1.1 has caused the Debian Bug report #550334, regarding fuse-utils: missing dependence on makedev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 550334: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550334 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: fuse-utils Version: 2.7.4-2 Severity: important fuse-utils.postinst uses the MAKEDEV command, which is provided by the makedev package. However, fuse-utils only depends on makedev | udev, which means that for most people makedev won't be installed. If makedev isn't installed, then the postinst script fails, making fuse-utils uninstallable. fuse-utils should depend on both makedev and udev, or at least just makedev. Thanks, Andrew. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (400, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26 (SMP w/3 CPU cores; PREEMPT) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=UTF-8) (ignored: LC_ALL set to en_US) Shell: /bin/sh linked to /bin/bash Versions of packages fuse-utils depends on: ii adduser 3.111 add and remove users and groups ii libc6 2.9-25 GNU C Library: Shared libraries ii libfuse2 2.7.4-2Filesystem in USErspace library ii makedev 2.3.1-89 creates device files in /dev ii sed 4.2.1-3The GNU sed stream editor ii udev 0.141-2/dev/ and hotplug management daemo fuse-utils recommends no packages. fuse-utils suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: fuse Source-Version: 2.8.1-1.1 We believe that the bug you reported is fixed in the latest version of fuse, which is due to be installed in the Debian FTP archive: fuse-utils_2.8.1-1.1_i386.deb to main/f/fuse/fuse-utils_2.8.1-1.1_i386.deb fuse_2.8.1-1.1.diff.gz to main/f/fuse/fuse_2.8.1-1.1.diff.gz fuse_2.8.1-1.1.dsc to main/f/fuse/fuse_2.8.1-1.1.dsc libfuse-dev_2.8.1-1.1_i386.deb to main/f/fuse/libfuse-dev_2.8.1-1.1_i386.deb libfuse2_2.8.1-1.1_i386.deb to main/f/fuse/libfuse2_2.8.1-1.1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 550...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie s...@debian.org (supplier of updated fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 04 Dec 2009 17:24:05 + Source: fuse Binary: fuse-utils libfuse-dev libfuse2 Architecture: source i386 Version: 2.8.1-1.1 Distribution: unstable Urgency: low Maintainer: Bartosz Fenski fe...@debian.org Changed-By: Simon McVittie s...@debian.org Description: fuse-utils - Filesystem in USErspace (utilities) libfuse-dev - Filesystem in USErspace (development files) libfuse2 - Filesystem in USErspace library Closes: 550334 552600 553015 557143 Changes: fuse (2.8.1-1.1) unstable; urgency=low . * Non-maintainer upload. * Apply patch from Petr Salinger to fix FTBFS on GNU/kFreeBSD (Closes: #552600) * Apply patch from Vagrant Cascadian to run MAKEDEV only if found (Closes: #550334, #553015) * Invoke dh_makeshlibs with an appropriately strict dependency (Closes: #557143) Checksums-Sha1: da8d7cede1b7d31613882760789956394b940501 1806 fuse_2.8.1-1.1.dsc 0ac39c6c4733cab7eb2ccfdd484da1feb326c753 14488 fuse_2.8.1-1.1.diff.gz 0b1240e903100ed4d4d80097ee091371a4208053 16776 fuse-utils_2.8.1-1.1_i386.deb ca7c9665134eb814e958185f10020fb56ab193ce 175450 libfuse-dev_2.8.1-1.1_i386.deb 4f6dded9dbcef6a3cb3ac721586b65a58d55ab66 134204 libfuse2_2.8.1-1.1_i386.deb Checksums-Sha256: c3563b8e66149c1b70da97f818a265b56e16dca2b859bd1e2dcae05869c55bac 1806 fuse_2.8.1-1.1.dsc 07f0d8a62ca3172f679d1cd40707adc3dd428bc9629abdc4d289af38686058f3 14488 fuse_2.8.1-1.1.diff.gz e72865f7aab1da322b3d8851ebddf018512ca4ebf34e26b3c93e166afd28cfca 16776 fuse-utils_2.8.1-1.1_i386.deb
Bug#554638: Bug#540427: Real patch for my NMU
Od: Cyril Brulebois k...@debian.org Sorry about the first NMU, looks like I only removed libc6-dev from Build-Depends on a porter box, and checked it was OK there; and only wrote about it on my devel box, where the NMU was prepared. Hopefully the next one is OK. Sorry about that. Hi, I am just preparing new release of jconv ... renamed package and binary to jconvolver 0.8.4 this removing these bugs:#529774, #540427, #554638 regards mira -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559802: CVE-2009-3736 local privilege escalation
On Mon, Dec 07, 2009 at 08:56:07AM +0100, Stefan Hornburg (Racke) wrote: CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Is there a patch available for the vulnerability? The patch is to not use embedded copies of libltdl, we have a system libltdl that all packages should be using. It appears that courier-authlib is already doing this. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org signature.asc Description: Digital signature
Bug#559834: marked as done (CVE-2009-3736 local privilege escalation)
Your message dated Mon, 07 Dec 2009 18:51:17 + with message-id e1nhig1-00036b...@ries.debian.org and subject line Bug#559834: fixed in hypre 2.4.0b-5 has caused the Debian Bug report #559834, regarding CVE-2009-3736 local privilege escalation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559834: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559834 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: hypre Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the binary packages are not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 ---End Message--- ---BeginMessage--- Source: hypre Source-Version: 2.4.0b-5 We believe that the bug you reported is fixed in the latest version of hypre, which is due to be installed in the Debian FTP archive: hypre_2.4.0b-5.diff.gz to main/h/hypre/hypre_2.4.0b-5.diff.gz hypre_2.4.0b-5.dsc to main/h/hypre/hypre_2.4.0b-5.dsc libhypre-2.4.0_2.4.0b-5_amd64.deb to main/h/hypre/libhypre-2.4.0_2.4.0b-5_amd64.deb libhypre-dev_2.4.0b-5_all.deb to main/h/hypre/libhypre-dev_2.4.0b-5_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Adam C. Powell, IV hazel...@debian.org (supplier of updated hypre package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 13:29:30 -0500 Source: hypre Binary: libhypre-2.4.0 libhypre-dev Architecture: source amd64 all Version: 2.4.0b-5 Distribution: unstable Urgency: low Maintainer: Adam C. Powell, IV hazel...@debian.org Changed-By: Adam C. Powell, IV hazel...@debian.org Description: libhypre-2.4.0 - High Performance Matrix Preconditioners - Shared Library libhypre-dev - High Performance Matrix Preconditioners - Development Files Closes: 559484 559834 Changes: hypre (2.4.0b-5) unstable; urgency=low . * Added libtool to Build-Depends, run libtoolize, and copy ltdl.{c,h} into src/babel-runtime/sidl (closes: #559834). * Copy new config.{sub,guess} into config dir (closes: #559484). Checksums-Sha1: c500d66708ba4825820303281b5cfd791d646721 1155 hypre_2.4.0b-5.dsc d01cce9cef8658f00ffd6c5cc7e050cafd25bced 10260 hypre_2.4.0b-5.diff.gz 09b39744684542775b439929b3ab55575ec73bf4 1698108 libhypre-2.4.0_2.4.0b-5_amd64.deb 5155f182ceea4f971881e0c7205a95714460678b 151376 libhypre-dev_2.4.0b-5_all.deb Checksums-Sha256: fb9fcefb8c167dc6c7f2faf7e8ddbbcb0108ccc73cdb6eb5dc5df82803df5e8f 1155 hypre_2.4.0b-5.dsc 633f6e135ea399b17380d6ed850ab464422b5650d6f7d7b1dd2fe2210ffacfec 10260 hypre_2.4.0b-5.diff.gz ad0dba11046a4a0390d8e6f43fc5b62aad4f9db25b57072936f6375dad473c50 1698108 libhypre-2.4.0_2.4.0b-5_amd64.deb 3fb043d6a45ccf2639cabc9ffc1c32fc4a869428eefec89a065c02141db703ed 151376 libhypre-dev_2.4.0b-5_all.deb Files: aaba8bf376300fba62fc2a690279faca 1155 math extra hypre_2.4.0b-5.dsc 289aef65fa31c38f9b2bf7876b8aea0d 10260 math extra hypre_2.4.0b-5.diff.gz b131eaf04a9a168b37653884857885c6 1698108 libs extra libhypre-2.4.0_2.4.0b-5_amd64.deb 9e709c058062a74af0cf1722e427cd61 151376 libdevel extra
Bug#553230: libapache2-mod-macro: diff for NMU version 1.1.4-3.2
feel free to take over this package if you want. On Sat, Dec 5, 2009 at 3:02 PM, gregor herrmann gre...@debian.org wrote: Dear maintainer, I've prepared an NMU for libapache2-mod-macro (versioned as 1.1.4-3.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. -- .''`. http://info.comodo.priv.at/ -- GPG Key IDs: 0x00F3CFE4, 0x8649AA06 : :' : Debian GNU/Linux user, admin, developer - http://www.debian.org/ `. `' Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/ `- NP: PagePlant: Most High -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJLGnYRAAoJELs6aAGGSaoGLrkQAJma6j6HAzTaUtFO31cv3DQo fBdDJUgIh0X/eXFPWLS2wu65FnChdLxL3iilPZVI2xUWG5t3YgZV65OIerFdBIY6 XxV1muYYGh4vYmuvMyYBqc3zqx5POMVRFceqOY41gCjsBvRg+VTVZvh5wzU3F8DR tzePgKgGWYe9QvX4FQ1belXupvBcNMSPV5UZ4f61HMMCo1k37Wh+nWp3AEGI03nX l9c90TArbvyO5RsuUhrrrNUHQ/9H8CLvcsHyEV3+V0L7f753v81q52Uoj+UdW+TD Nc6MY5QZ9odyaAFKz/7zZ8zU0XLfvNioQ2sMP2nseG8UcvgTbG9lwnQHpOwaRnzZ 9nFuz83xYuxzFIyQwmtvEEVW7z6eDscn27ZQpT/TZbd9CWgNgB3Wj7e6qaUkWgTo ZGwq3Nm3qucAO1RCsnR84/dwBqKoidcoruwlxHc6PMWpw8aa1LmE8Lkn5XJmDi+i fjEvM3gDhMk0RKkD15VOxt/14qNgqtrgwHATmsx85RQ6vp3UrYrxs0x5GvWXn2eU SreEEJ1qilgW+5NyY7751D2jJcWGGssZ49FkuTnUEgMKntFZ2UBVjmU+K0xWBilU OQqlT+LlzN8p/B+3GGY9vOzgTCuFWFxj3QdobBeDG0h5P614ZFS7QaXtS9kty5Tp P4Gq07lEShUwV0D14eXu =/R9U -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559754: marked as done (fails to install if /etc/sysctl.d/ not present)
Your message dated Mon, 07 Dec 2009 18:52:21 + with message-id e1nhih3-0003ec...@ries.debian.org and subject line Bug#559754: fixed in netbase 4.39 has caused the Debian Bug report #559754, regarding fails to install if /etc/sysctl.d/ not present to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559754 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: netbase Version: 4.37 Severity: important Hello, So at least something broke with bindv6only :) Setting up netbase (4.38) ... /var/lib/dpkg/info/netbase.postinst: 82: cannot create /etc/sysctl.d/bindv6only.conf: Directory nonexistent dpkg: error processing netbase (--configure): subprocess installed post-installation script returned error exit status 2 This is on hurd-i386, but I guess it happens on kfreebsd-* too. Samuel -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages netbase depends on: ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip Versions of packages netbase recommends: ii ifupdown 0.6.9 high level tools to configure netw netbase suggests no packages. -- debconf information excluded -- Samuel Thibault samuel.thiba...@fnac.net Cliquez sur le lien qui suit dans ce mail...vous n'avez plus qu'a vous inscrire pour gagner de l'argent en restant connecteet puis faites passer le message et vous gagnerez encore plus d'argent ... -+- AC in NPC : Neuneu a rencontr� le Pere No�l -+- ---End Message--- ---BeginMessage--- Source: netbase Source-Version: 4.39 We believe that the bug you reported is fixed in the latest version of netbase, which is due to be installed in the Debian FTP archive: netbase_4.39.dsc to main/n/netbase/netbase_4.39.dsc netbase_4.39.tar.gz to main/n/netbase/netbase_4.39.tar.gz netbase_4.39_all.deb to main/n/netbase/netbase_4.39_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marco d'Itri m...@linux.it (supplier of updated netbase package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 19:02:29 +0100 Source: netbase Binary: netbase Architecture: source all Version: 4.39 Distribution: unstable Urgency: low Maintainer: Marco d'Itri m...@linux.it Changed-By: Marco d'Itri m...@linux.it Description: netbase- Basic TCP/IP networking system Closes: 559754 Changes: netbase (4.39) unstable; urgency=low . * Create /etc/sysctl.d/ if it does not exist and do nothing on non-Linux systems. (Closes: #559754) Checksums-Sha1: 1be245800bccb37640440b1fd14526e67275f27b 682 netbase_4.39.dsc 82c2299fc42344f171fe6327181c1b202bd0e83f 34068 netbase_4.39.tar.gz 744078ca3729aafd57caf9727f18bae7554964bc 19778 netbase_4.39_all.deb Checksums-Sha256: 39e22e25bddaf74efb80e10cf28b9b5bbf469152c5258a35e808d355f044a36d 682 netbase_4.39.dsc 32a21020cbf59ac5f69ba44d402589ebd827a00f76d973a98c8da2455c4c9f56 34068 netbase_4.39.tar.gz 4b53b1249e11b3a1e362e5455d8348650f55a178d383d04d6d1c1ddaf28face5 19778 netbase_4.39_all.deb Files: dc47c08588be3cb80d72e8d8dcdf7377 682 admin important netbase_4.39.dsc e186865c81dbfb07cbbb35294ad67ff6 34068 admin important netbase_4.39.tar.gz 2aa696a41312dea321ac5a27e916c560 19778 admin important netbase_4.39_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksdSucACgkQFGfw2OHuP7EwAgCdGr3CYbvF9hAOOsESTEsDbSAN nGIAn0Pc8k3s7eBFFSBSnfS9HMlFqxNQ =YzrR -END PGP SIGNATURE- ---End Message---
Bug#554638: Bug#540427: Real patch for my NMU
Hi, |--== On Mon, 07 Dec 2009 19:05:49 +0100 (CET), Jaromír Mikeš mira.mi...@seznam.cz said: Od: Cyril Brulebois k...@debian.org Sorry about the first NMU, looks like I only removed libc6-dev from Build-Depends on a porter box, and checked it was OK there; and only wrote about it on my devel box, where the NMU was prepared. Hopefully the next one is OK. Sorry about that. JM Hi, JM I am just preparing new release of jconv ... renamed package and binary to jconvolver 0.8.4 JM this removing these bugs:#529774, #540427, #554638 Please don't forget to import the changes from this NMU to the new sources. Ciao! Free -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559910: libeditline-dev and heimdal-dev: error when trying to install together
Package: heimdal-dev,libeditline-dev Version: heimdal-dev/1.3.1.dfsg.1-1 Version: libeditline-dev/1.12-5 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2009-12-07 Architecture: amd64 Distribution: sid Hi, automatic installation tests of packages that share a file and at the same time do not conflict by their package dependency relationships has detected the following problem: WARNING: The following packages cannot be authenticated! libdb4.8 libroken18-heimdal libasn1-8-heimdal libc-dev-bin linux-libc-dev libc6-dev libeditline0 libeditline-dev libheimsqlite0 libwind0-heimdal libhx509-5-heimdal libkrb5-25-heimdal libheimntlm0-heimdal libgssapi2-heimdal libhdb9-heimdal libkadm5clnt7-heimdal libkadm5srv8-heimdal comerr-dev libkafs0-heimdal heimdal-multidev heimdal-dev W: cowdancer: unsupported operation flock, read-only open and fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407052 W: cowdancer: unsupported operation flock, read-only open and fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407760 W: cowdancer: unsupported operation flock, read-only open and fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407039 Authentication warning overridden. Can not write log, openpty() failed (/dev/pts not mounted?) Selecting previously deselected package libdb4.8. (Reading database ... 10436 files and directories currently installed.) Unpacking libdb4.8 (from .../libdb4.8_4.8.24-1_amd64.deb) ... Selecting previously deselected package libroken18-heimdal. Unpacking libroken18-heimdal (from .../libroken18-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libasn1-8-heimdal. Unpacking libasn1-8-heimdal (from .../libasn1-8-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libc-dev-bin. Unpacking libc-dev-bin (from .../libc-dev-bin_2.10.2-2_amd64.deb) ... Selecting previously deselected package linux-libc-dev. Unpacking linux-libc-dev (from .../linux-libc-dev_2.6.32~rc8-1~experimental.1_amd64.deb) ... Selecting previously deselected package libc6-dev. Unpacking libc6-dev (from .../libc6-dev_2.10.2-2_amd64.deb) ... Selecting previously deselected package libeditline0. Unpacking libeditline0 (from .../libeditline0_1.12-5_amd64.deb) ... Selecting previously deselected package libeditline-dev. Unpacking libeditline-dev (from .../libeditline-dev_1.12-5_amd64.deb) ... Selecting previously deselected package libheimsqlite0. Unpacking libheimsqlite0 (from .../libheimsqlite0_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libwind0-heimdal. Unpacking libwind0-heimdal (from .../libwind0-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libhx509-5-heimdal. Unpacking libhx509-5-heimdal (from .../libhx509-5-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libkrb5-25-heimdal. Unpacking libkrb5-25-heimdal (from .../libkrb5-25-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libheimntlm0-heimdal. Unpacking libheimntlm0-heimdal (from .../libheimntlm0-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libgssapi2-heimdal. Unpacking libgssapi2-heimdal (from .../libgssapi2-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libhdb9-heimdal. Unpacking libhdb9-heimdal (from .../libhdb9-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libkadm5clnt7-heimdal. Unpacking libkadm5clnt7-heimdal (from .../libkadm5clnt7-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package libkadm5srv8-heimdal. Unpacking libkadm5srv8-heimdal (from .../libkadm5srv8-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package comerr-dev. Unpacking comerr-dev (from .../comerr-dev_2.1-1.41.9-1_amd64.deb) ... Selecting previously deselected package libkafs0-heimdal. Unpacking libkafs0-heimdal (from .../libkafs0-heimdal_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package heimdal-multidev. Unpacking heimdal-multidev (from .../heimdal-multidev_1.3.1.dfsg.1-1_amd64.deb) ... Selecting previously deselected package heimdal-dev. Unpacking heimdal-dev (from .../heimdal-dev_1.3.1.dfsg.1-1_amd64.deb) ... dpkg: error processing /var/cache/apt/archives/heimdal-dev_1.3.1.dfsg.1-1_amd64.deb (--unpack): trying to overwrite '/usr/share/man/man3/editline.3.gz', which is also in package libeditline-dev 0:1.12-5 dpkg-deb: subprocess paste killed by signal (Broken pipe) Processing triggers for man-db ... W: cowdancer: unsupported operation flock, read-only open and fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407052 W: cowdancer: unsupported operation flock, read-only open and fchown/fchmod/flock are not supported: tried openning dev:inode of 2055:5407760 W: cowdancer: unsupported operation flock, read-only open and
Processed: found 529774 in jack-jconv/0.8.1-1.2
Processing commands for cont...@bugs.debian.org: found 529774 jack-jconv/0.8.1-1.2 Bug #529774 [libjconv-bin,jack-jconv] jack-jconv and libjconv-bin: error when trying to install together The source jack-jconv and version 0.8.1-1.2 do not appear to match any binary packages Bug Marked as found in versions jack-jconv/0.8.1-1.2. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#522580: libqt-perl/kdebindings: build-depend libsmokeqt-dev going away
Hello, On antradienis 14 Balandis 2009 23:22:55 Bart Martens wrote: retitle 522580 libqt-perl/kdebindings: build-depend (libsmokeqt-dev) going away stop Sune and I have briefly discussed this on irc. We agreed that I wait for a heads-up from Sune. Please either request removal of this package from archive or package a version compatible with kdebindings 4 (I don't know if it exists) ASAP. Current situation causes unnecessary breakage. -- Modestas Vainius modes...@vainius.eu signature.asc Description: This is a digitally signed message part.
Bug#554604: marked as done (kflickr_0.9.1-2.1(ia64/unstable): FTBFS: confused about automake versions?)
Your message dated Mon, 7 Dec 2009 22:18:21 +0300 with message-id 20091207221821.7c37a...@corner and subject line fixed in kflickr 0.9.1-2.2 has caused the Debian Bug report #554604, regarding kflickr_0.9.1-2.1(ia64/unstable): FTBFS: confused about automake versions? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 554604: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=554604 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: kflickr Version: 0.9.1-2.1 Severity: serious There was an error while trying to autobuild your package: Automatic build of kflickr_0.9.1-2.1 on mundy by sbuild/ia64 98 Build started at 20091105-1553 [...] ** Using build dependencies supplied by package: Build-Depends: debhelper, automake, libtool, kdelibs4-dev, autotools-dev [...] cp -f /usr/share/aclocal/libtool.m4 admin/libtool.m4.in make -f Makefile.cvs make[1]: Entering directory `/build/buildd/kflickr-0.9.1' This Makefile is only for the CVS repository This will be deleted before making the distribution make[2]: Entering directory `/build/buildd/kflickr-0.9.1' *** YOU'RE USING automake (GNU automake) 1.11. *** KDE requires automake 1.6.1 or newer make[2]: *** [cvs] Error 1 make[2]: Leaving directory `/build/buildd/kflickr-0.9.1' make[1]: *** [all] Error 2 make[1]: Leaving directory `/build/buildd/kflickr-0.9.1' make: *** [autotools-stamp] Error 2 dpkg-buildpackage: error: debian/rules build gave error exit status 2 A full build log can be found at: http://buildd.debian.org/build.php?arch=ia64pkg=kflickrver=0.9.1-2.1 ---End Message--- ---BeginMessage--- Version: 0.9.1-2.2 I believe this was fixed in a recent upload of version 0.9.1-2.2 (see #540669 for patch). -- Ilya ---End Message---
Bug#552906: marked as done (gnuchess: FTBFS: common.h:747: error: 'getline' redeclared as different kind of symbol)
Your message dated Mon, 07 Dec 2009 19:18:43 + with message-id e1nhj6z-0006h6...@ries.debian.org and subject line Bug#552906: fixed in gnuchess 5.07-7 has caused the Debian Bug report #552906, regarding gnuchess: FTBFS: common.h:747: error: 'getline' redeclared as different kind of symbol to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 552906: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552906 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: gnuchess Version: 5.07-6 Severity: serious User: debian...@lists.debian.org Usertags: qa-ftbfs-20091028 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. In eglibc = 2.9, getline was only defined if _GNU_SOURCE was defined. In eglibc 2.10, getline is always defined (since it became a standard in POSIX2008). The problem is that your package already has a function named getline(), which now conflicts with glibc's. You need to rename your function to something else. Ubuntu already fixed many occurences of your problem, so it is possible that an Ubuntu patch is available for your package. Look at the PTS to find out. Relevant part: if x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I. -I.-pthread -g -Wall -O2 -MT atak.o -MD -MP -MF .deps/atak.Tpo \ -c -o atak.o `test -f 'atak.c' || echo './'`atak.c; \ then mv -f .deps/atak.Tpo .deps/atak.Po; \ else rm -f .deps/atak.Tpo; exit 1; \ fi In file included from atak.c:29: common.h:747: error: 'getline' redeclared as different kind of symbol /usr/include/stdio.h:651: error: previous declaration of 'getline' was here make[3]: *** [atak.o] Error 1 The full build log is available from: http://people.debian.org/~lucas/logs/2009/10/28/gnuchess_5.07-6_lsid64.buildlog A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot. Internet was not accessible from the build systems. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: gnuchess Source-Version: 5.07-7 We believe that the bug you reported is fixed in the latest version of gnuchess, which is due to be installed in the Debian FTP archive: gnuchess_5.07-7.diff.gz to main/g/gnuchess/gnuchess_5.07-7.diff.gz gnuchess_5.07-7.dsc to main/g/gnuchess/gnuchess_5.07-7.dsc gnuchess_5.07-7_amd64.deb to main/g/gnuchess/gnuchess_5.07-7_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 552...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bradley Smith bradsm...@debian.org (supplier of updated gnuchess package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 19:00:35 + Source: gnuchess Binary: gnuchess Architecture: source amd64 Version: 5.07-7 Distribution: unstable Urgency: low Maintainer: Bradley Smith bradsm...@debian.org Changed-By: Bradley Smith bradsm...@debian.org Description: gnuchess - Plays a game of chess, either against the user or against itself Closes: 552906 559909 Changes: gnuchess (5.07-7) unstable; urgency=low . * Fix getline FTBFS. Closes: #552906, #559909. Checksums-Sha1: 5f0e6ac25f0b9ab0dc7e18c1ab48789ff00a39e9 1186 gnuchess_5.07-7.dsc c1a3d6a58beba1809f3434f6507bcbde1661ff2d 7558 gnuchess_5.07-7.diff.gz d8655bb5c748abc70baa1d4e6d396c47c2e3b4db 88664 gnuchess_5.07-7_amd64.deb Checksums-Sha256: b43f98397328803ad24ec8cde55f0280764a753bda5a61d5d1a261bd05b4f8b7 1186 gnuchess_5.07-7.dsc a5067ec1d315cde50ca17880d4c01f2bf46cdb136b2f51f9b63cb207fbe5745c 7558 gnuchess_5.07-7.diff.gz 3b014620a5ad14d8d113b00cf91df77b0cfff03f2a9a986ef8172df4ac3d00df 88664 gnuchess_5.07-7_amd64.deb Files: 83b2df72638ce89af20d3a32a8a7530c 1186 games optional gnuchess_5.07-7.dsc 76a79b7464e85d666f189cb54f48a6c2 7558 games optional gnuchess_5.07-7.diff.gz 8ebba3d427d99cbdfdfc1955786fd12d 88664 games optional
Bug#559904: marked as done (FTBFS: failed to run aclocal)
Your message dated Mon, 07 Dec 2009 19:19:01 + with message-id e1nhj6r-0006k9...@ries.debian.org and subject line Bug#559904: fixed in hdf-eos4 2.16v1.00.dfsg.2-3 has caused the Debian Bug report #559904, regarding FTBFS: failed to run aclocal to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559904: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559904 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: hdf-eos4 Version: 2.16v1.00.dfsg.2-2 Severity: serious Thanks for the quick turnaround on #559891. Looks like there's another missing build-dep: [...] cp samples/simple.txt testdrivers/threads # FIXME: a sort of hack ln -sf -- testswath.f testdrivers/swath/testswath77.f ln -sf -- testpoint.f testdrivers/point/testpoint77.f autoreconf Can't exec aclocal: No such file or directory at /usr/share/autoconf/Autom4te/FileUtils.pm line 325. autoreconf: failed to run aclocal: No such file or directory make: *** [makebuilddir/libhdfeos-dev] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 Build finished at 20091207-1745 FAILED [dpkg-buildpackage died] Purging /var/lib/schroot/mount/sid-hppa-sbuild-10e141df-4cf7-47a8-a235-a1bb5d069be8/build/buildd-hdf-eos4_2.16v1.00.dfsg.2-2-hppa-35hd9s ---End Message--- ---BeginMessage--- Source: hdf-eos4 Source-Version: 2.16v1.00.dfsg.2-3 We believe that the bug you reported is fixed in the latest version of hdf-eos4, which is due to be installed in the Debian FTP archive: hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz hdf-eos4_2.16v1.00.dfsg.2-3.dsc to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-3.dsc libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry mckins...@debian.org (supplier of updated hdf-eos4 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 18:52:06 + Source: hdf-eos4 Binary: libhdfeos0 libhdfeos-dev Architecture: source i386 Version: 2.16v1.00.dfsg.2-3 Distribution: unstable Urgency: low Maintainer: Alastair McKinstry mckins...@debian.org Changed-By: Alastair McKinstry mckins...@debian.org Description: libhdfeos-dev - Development files for the HDF-EOS4 library libhdfeos0 - Earth Observation System extensions to HDF4 Closes: 559904 Changes: hdf-eos4 (2.16v1.00.dfsg.2-3) unstable; urgency=low . * Add dependency on automake, too. Closes: #559904. Checksums-Sha1: f129c68ee778981776a68328f739a79fdf27d69a 1211 hdf-eos4_2.16v1.00.dfsg.2-3.dsc c034d8a57c495aca2002f07c2ea04f272d3f80bc 8669 hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz 9af4179eaf1f7d5a9bc0d8f12cc424b22f2d4b41 106640 libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb 800a51313f1650ae123a6dc5c43ef90a96ebe71a 182570 libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb Checksums-Sha256: 0be0fb4184c9f52213dac858aa89e8e21e007d67e285cdaf48c13ff235f50287 1211 hdf-eos4_2.16v1.00.dfsg.2-3.dsc b485d4fb16b4d989ba8eda377942bd54a4744d7d34170cbb3f343280b142296c 8669 hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz dc3157e68cbdea286efa8632e34386679e828f655b8efc869eda001746e219bc 106640 libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb 2bbec7ee1749c3c1f522a17bfa18a31bedcd8316a363e888ff340ffd5245936b 182570 libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb Files: 8da8b55cf4cee8548c3373a6b8799f38 1211 libs optional hdf-eos4_2.16v1.00.dfsg.2-3.dsc 87d461518d4895562ab51a8a30cb8d14 8669 libs optional hdf-eos4_2.16v1.00.dfsg.2-3.diff.gz 6902727da282758cb0f6b91e6ffce58b 106640 libs optional libhdfeos0_2.16v1.00.dfsg.2-3_i386.deb ee833a4b436b7876c5c3d0d779339d81 182570 libdevel optional libhdfeos-dev_2.16v1.00.dfsg.2-3_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFLHVIxQTK/kCo4XFcRAm5ZAJ0RP1TEg5fdCmTVx1d/lMEhICPmFgCgi3Yy YyJhjJ8PqYnWsm0MXgIzR2I
Bug#553230: libapache2-mod-macro: diff for NMU version 1.1.4-3.2
On Mon, 07 Dec 2009 18:46:34 +, Thom May wrote: feel free to take over this package if you want. Thanks for the offer, but I just wanted to fix this RC bug. Maybe an RFA or O bug would be a good idea? Cheers, gregor -- .''`. http://info.comodo.priv.at/ -- GPG Key IDs: 0x00F3CFE4, 0x8649AA06 : :' : Debian GNU/Linux user, admin, developer - http://www.debian.org/ `. `' Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/ `-NP: The Eagles: One Of These Nights signature.asc Description: Digital signature
Bug#559913: FTBFS - chrpath: Command not found
Package: hdf-eos4 Version: 2.16v1.00.dfsg.2-3 Severity: serious And now fails because of: [...] make[2]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2' make[1]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2' dh_installdirs -plibhdfeos0 # Broken build system needs -rpath. Remove it after install. chrpath -d debian/tmp/usr/lib/libhdfeos.so.0.0.0 make: chrpath: Command not found make: *** [install/libhdfeos0] Error 127 dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave error exit status 2 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559921: aish: should this package be removed?
Package: aish Version: 1.13-5 Severity: serious Justification: RC-buggy, low popcon, last upstream was 1998 User: debian...@lists.debian.org Usertags: proposed-removal aish seems like a possible candidate for removal from Debian: * RC-buggy (copyright file not sufficient for GPL compliance, or for Policy) with no response from the maintainer * low popcon (29 votes) * last upstream release appears to have been 1998, last maintainer upload in 2005 * popular alternatives exist for its high-level functionality (uuencode, base64); I'm not aware of anything else that supports the ish format, but I've also never heard of the ish format before! If you want to keep this package around in Debian, please just close this bug, and do an upload to fix the issues in it. If you don't think it's worth keeping, please send the following commands to cont...@bugs.debian.org, replacing nn with this bug's number: severity nn normal reassign nn ftp.debian.org retitle nn RM: packagename -- RoM; reasons thanks For more information, see http://wiki.debian.org/ftpmaster_Removals http://ftp-master.debian.org/removals.txt Regards, smcv signature.asc Description: Digital signature
Processed: Re: Bug#559765: jetty: CVE-2007-6672 info disclosure
Processing commands for cont...@bugs.debian.org: tags 559765 + wontfix Bug #559765 [jetty] jetty: CVE-2007-6672 info disclosure Added tag(s) wontfix. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559765: jetty: CVE-2007-6672 info disclosure
tags 559765 + wontfix thanks On Mon, Dec 7, 2009 at 5:10 PM, Michael Gilbert michael.s.gilb...@gmail.com wrote: changelog notes are not sufficient justification to close a security issue. the source needs to be checked against a patch, so please find a way to track that down. the easiest way is probably to just ask upstream. thanks. No, I think it is your duty as the bug reporter to prove that the package is still vulnerable. Torsten -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#549264: marked as done (cl-cffi: cffi depends on babel which is not part of debian)
Your message dated Mon, 7 Dec 2009 20:33:29 + with message-id 20091207203329.ga30...@reptile.pseudorandom.co.uk and subject line Re: Bug#549264: cffi depends on babel which is not part of debian has caused the Debian Bug report #549264, regarding cl-cffi: cffi depends on babel which is not part of debian to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 549264: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549264 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: cl-cffi Version: 20090823-1 Severity: grave Justification: renders package unusable * (asdf:operate 'asdf:load-source-op :cffi) ; loading system definition from /usr/share/common-lisp/systems/ cffi.asd into ; #PACKAGE ASDF0 ; registering #SYSTEM CFFI {AC05259} as CFFI ; loading system definition from /usr/share/common-lisp/systems/ babel.asd into ; #PACKAGE ASDF0 debugger invoked on a SB-INT:SIMPLE-FILE-ERROR in thread #THREAD initial thread RUNNING {AA6B711}: Couldn't load #P/usr/share/common-lisp/systems/babel.asd: file does not exist. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25.4dedibox-r9-smp-x32 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages cl-cffi depends on: ii common-lisp-controller6.18 Common Lisp source and compiler ma cl-cffi recommends no packages. cl-cffi suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Version: 20090823-2 It seems that this broken dependency is now resolved - cl-cffi depends on cl-babel, which is now in Debian - so I'm closing the bug. Regards, Simon signature.asc Description: Digital signature ---End Message---
Processed: tagging 555150
Processing commands for cont...@bugs.debian.org: tags 555150 + pending Bug #555150 [src:libv8] libv8: FTBFS: symbol differences Added tag(s) pending. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559723: mumps - FTBFS: debian/rules:7: *** invalid syntax in conditional. Stop.
Hello Bastian, Line 7 is: ifeq ($(MUMPS_MPI,lam)) which is just fine, though MUMPS_MPI is set by: MUMPS_MPI=$(shell readlink /etc/alternatives/mpi | sed s/usr//g | sed s/include//g | sed s/lib//g | sed s/\\///g) On s390 and a couple of others, /etc/alternatives/mpi will point to /usr/include/lam and when I use this sed series, it gives me lam. Do you get something different for MUMPS_MPI on s390, perhaps an escape character got in there somehow? -Adam -- GPG fingerprint: D54D 1AEE B11C CE9B A02B C5DD 526F 01E8 564E E4B6 Engineering consulting with open source tools http://www.opennovation.com/ signature.asc Description: This is a digitally signed message part
Bug#555150: libv8: FTBFS: symbol differences
Hi Kurt, sorry for the late reply but I've been very busy at work, I've now got my free time back :-) I'm working on releasing version 2.0.3 on the library and I will check that it builds fine in amd64 before uploading. Thanks for your bug report. Cheers Antonio -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#555670: libtheora: FTBFS on hurd-i386 and kfreebsd-*
Processing commands for cont...@bugs.debian.org: severity 555670 serious Bug #555670 [libtheora] libtheora: FTBFS on hurd-i386 and kfreebsd-* Severity set to 'serious' from 'important' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559930: FTBFS: fails to relibtoolize
Package: hypre Version: 2.4.0b-5 Severity: serious Justification: FTBFS Hi, your package FTBFS: | (cd src/babel-runtime libtoolize) | libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `config'. | libtoolize: linking file `config/ltmain.sh' | libtoolize: putting auxiliary files in `config'. | libtoolize: linking file `libltdl/config/compile' | libtoolize: linking file `libltdl/config/config.guess' | libtoolize: linking file `libltdl/config/config.sub' | libtoolize: linking file `libltdl/config/depcomp' | libtoolize: linking file `libltdl/config/install-sh' | libtoolize: linking file `libltdl/config/missing' | libtoolize: linking file `libltdl/config/ltmain.sh' | libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'. | libtoolize: linking file `m4/argz.m4' | libtoolize: You should add the contents of `m4/argz.m4' to `aclocal.m4'. | libtoolize: linking file `m4/libtool.m4' | libtoolize: `/usr/share/aclocal/ltdl.m4' does not exist. | make: *** [stamp-build] Error 1 Build logs at the usual place: https://buildd.debian.org/status/package.php?suite=unstablep=hypre Mraw, KiBi. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559627: marked as done (ziproxy: should this package be removed?)
Your message dated Mon, 7 Dec 2009 19:18:24 -0200 with message-id 20091207211824.ga5...@gladiador.dv.utfpr.edu.br and subject line Re: Bug#559627: ziproxy: should this package be removed? has caused the Debian Bug report #559627, regarding ziproxy: should this package be removed? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559627: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559627 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: ziproxy Version: 2.5.2-2 Severity: serious Justification: security-buggy, low popcon, two uploads ever User: debian...@lists.debian.org Usertags: proposed-removal ziproxy seems like a possible candidate for removal from Debian: * security-buggy (CVE-2009-0804: HTTP Host Header Incorrect Relay Behavior Vulnerability) with no response from the maintainer * low popcon (15 votes) * runs as root, according to #543471 If you want to keep this package around in Debian, please just close this bug, and do an upload to fix the issues in it. If you don't think it's worth keeping, please send the following commands to cont...@bugs.debian.org, replacing nn with this bug's number: severity nn normal reassign nn ftp.debian.org retitle nn RM: packagename -- RoM; reasons thanks For more information, see http://wiki.debian.org/ftpmaster_Removals http://ftp-master.debian.org/removals.txt Regards, smcv signature.asc Description: Digital signature ---End Message--- ---BeginMessage--- * Simon McVittie (s...@debian.org) wrote: Package: ziproxy Version: 2.5.2-2 Severity: serious Justification: security-buggy, low popcon, two uploads ever User: debian...@lists.debian.org Usertags: proposed-removal ziproxy seems like a possible candidate for removal from Debian: * security-buggy (CVE-2009-0804: HTTP Host Header Incorrect Relay Behavior Vulnerability) with no response from the maintainer * low popcon (15 votes) * runs as root, according to #543471 If you want to keep this package around in Debian, please just close this bug, and do an upload to fix the issues in it. If you don't think it's worth keeping, please send the following commands to cont...@bugs.debian.org, replacing nn with this bug's number: severity nn normal reassign nn ftp.debian.org retitle nn RM: packagename -- RoM; reasons thanks For more information, see http://wiki.debian.org/ftpmaster_Removals http://ftp-master.debian.org/removals.txt Regards, smcv I will fix the bugs of the ziproxy package. Sorry about this issue. The security-buggy was already fixed [1], but I had problems with my sponsor to upload the package to the Debian repository. In a few days I will send the upload using the mentors.debian.net service. [1] http://git.debian.org/?p=collab-maint/pkg-ziproxy.git Thanks, Talau signature.asc Description: Digital signature ---End Message---
Bug#523139: JVM crash
this is a copy of bug nr. 489701 I had the same problem with the RXTX library. I send here the same solution as I sent to the older bug because I didn't got any response. Start weitergeleitete Nachricht: Datum: Fri, 20 Nov 2009 17:56:31 +0100 Von: Christoph Zimmermann nussgip...@gmx.ch An: 489...@bugs.debian.org Betreff: librxtx-java: does not work, UnsatisfiedLinkError and NoClassDefFoundError small update to the stuff I wrote yesterday: some simple java test programm using the RXTX library are working when I install the library manualy (as descriped in my last post). but the application I was interested in was crashing everytime at the same position. (Sump Logic Analyzer Client http://www.sump.org/projects/analyzer/client/?#comment) today I tried to install the newer version of the RXTX library, version rxtx-2.2pre2, getting the same compile errors as from the latest stable library (the base for the current debian package). So I tried to apply the patch from the stable version to the new 2.2pre2 and it worked well. some stuff applied not well but I was able to compile and install the new version without errors. Now the Sump Logic Analyzer WORKS! No crashes anymore. I suggest to update the the library in debian SID to the version 2.2pre2. output of patch: rxtx-2.2pre2$ patch -p1 ../rxtx_2.1.7r2-4.diff patching file Makefile.in Hunk #1 succeeded at 609 with fuzz 2 (offset 53 lines). Hunk #2 succeeded at 626 (offset 53 lines). patching file configure Hunk #1 succeeded at 22093 (offset 592 lines). Hunk #2 succeeded at 22105 (offset 592 lines). Hunk #3 FAILED at 22133. Hunk #4 FAILED at 22203. Hunk #5 FAILED at 22339. Hunk #6 FAILED at 22391. 4 out of 6 hunks FAILED -- saving rejects to file configure.rej patching file debian/changelog patching file debian/control patching file debian/copyright patching file debian/rules patching file debian/README.Debian patching file debian/librxtx-java.dirs patching file debian/librxtx-java.docs patching file debian/compat patching file src/SerialImp.cpp Hunk #1 succeeded at 142 (offset 39 lines). Hunk #2 succeeded at 154 (offset 39 lines). patching file src/I2CImp.c Hunk #1 succeeded at 61 (offset 39 lines). Hunk #2 succeeded at 127 (offset 39 lines). Hunk #3 succeeded at 138 (offset 39 lines). patching file src/ParallelImp.c Hunk #1 FAILED at 38. 1 out of 1 hunk FAILED -- saving rejects to file src/ParallelImp.c.rej patching file src/RS485Imp.c Hunk #1 succeeded at 61 (offset 39 lines). Hunk #2 succeeded at 127 (offset 39 lines). Hunk #3 succeeded at 138 (offset 39 lines). patching file src/RawImp.c Hunk #1 succeeded at 69 (offset 38 lines). Hunk #2 succeeded at 272 (offset 40 lines). Hunk #3 succeeded at 283 (offset 40 lines). patching file src/SerialImp.c Hunk #1 succeeded at 66 (offset 39 lines). Hunk #2 succeeded at 320 (offset 39 lines). Hunk #3 succeeded at 334 (offset 39 lines). -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545594: kpsk: FTBFS: ld: cannot find -lcompat
tags 545594 + confirmed thanks (Putting Lucas back in the loop. Sebastian: if you just mail nnn...@bugs, the submitter does *not* get a copy!) On Tue, 08 Sep 2009 at 11:25:33 +0200, Lucas Nussbaum wrote: During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: [...] Turns out this *isn't* the relevant part. I could reproduce this in an up-to-date sid amd64 chroot, and the failure is: checking for main in -lpthread... yes checking for main in -ldb-4.6... no checking for main in -ldb-4.0... no checking for main in -ldb-3.3... no checking for main in -ldb-3.2... no checking for main in -ldb-3.1... no configure: error: Cannot find the Berkeley DB libs On Thu, 03 Dec 2009 at 16:47:24 +0100, Sebastian Muszynski wrote: i've rebuild the package on amd64 without problems. You must have had an older version of libdb-dev installed... the current version of libdb-dev is 4.8, which is not on the limited list of versions that kpsk looks for. The relevant version when dealing with FTBFS bugs is always the latest from unstable. I do wonder whether this package should still be in Debian: it has a low and declining popularity-contest score, and hasn't had an upstream release since a release candidate in 2007. If you still want to maintain it, go ahead, but be aware that maintaining it properly probably means taking over upstream maintenance... Or, if you don't think it's worth maintaining any more, http://wiki.debian.org/ftpmaster_Removals explains how to request removal. Simon signature.asc Description: Digital signature
Bug#559803: marked as done (CVE-2009-3736 local privilege escalation)
Your message dated Mon, 07 Dec 2009 22:04:02 +0100 with message-id 4b1d6dc2.9050...@vis.ethz.ch and subject line Re: Bug#559803: CVE-2009-3736 local privilege escalation has caused the Debian Bug report #559803, regarding CVE-2009-3736 local privilege escalation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559803: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559803 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: cvsnt Severity: grave Tags: security Hi, The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://security-tracker.debian.org/tracker/CVE-2009-3736 ---End Message--- ---BeginMessage--- Package: cvsnt Severity: grave Tags: security Version: 2.5.04.3236-1 The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. cvsnt only uses the embeded libtool if it is not installed on the system. If it is installed, it uses the installed one. Best regards Andreas -- (`-''-/).___..--''`-._ `o_ o ) `-. ( ).`-.__.`) (_Y_.)' ._ ) `._ `. ``-..-' _..`--'_..-_/ /--'_.' .' (il).-'' (li).' ((!.-' Andreas Tscharner a...@vis.ethz.ch ICQ-No. 14356454 ---End Message---
Bug#559633: marked as done (kaa-imlib2_0.2.3-2(ia64/unstable): FTBFS: bad build-depends?)
Your message dated Mon, 07 Dec 2009 21:42:42 + with message-id e1nhllu-0002oc...@ries.debian.org and subject line Bug#559633: fixed in kaa-base 0.6.0-2 has caused the Debian Bug report #559633, regarding kaa-imlib2_0.2.3-2(ia64/unstable): FTBFS: bad build-depends? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559633 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: kaa-imlib2 Version: 0.2.3-2 Severity: serious There was an error while trying to autobuild your package: Automatic build of kaa-imlib2_0.2.3-2 on mundy by sbuild/ia64 98 Build started at 20091204-2148 [...] ** Using build dependencies supplied by package: Build-Depends: cdbs (= 0.4.42), debhelper (= 5.0.37.2), python-all-dev (= 2.3.5-11), python-central (= 0.5), python-kaa-base, libimlib2-dev (= 1.2.1) [...] File setup.py, line 36, in module from kaa.distribution.core import Extension, setup File /usr/lib/python2.5/site-packages/kaa/__init__.py, line 39, in module from async import TimeoutException, InProgress, InProgressCallback, \ File /usr/lib/python2.5/site-packages/kaa/async.py, line 977, in module import main File /usr/lib/python2.5/site-packages/kaa/main.py, line 50, in module from process import supervisor File /usr/lib/python2.5/site-packages/kaa/process.py, line 180, in module supervisor = _Supervisor() File /usr/lib/python2.5/site-packages/kaa/process.py, line 81, in __init__ raise SystemError('kaa.base requires Python 2.5 or later') SystemError: kaa.base requires Python 2.5 or later make: *** [debian/python-module-stampdir/python-kaa-imlib2] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 A full build log can be found at: http://buildd.debian.org/build.php?arch=ia64pkg=kaa-imlib2ver=0.2.3-2 ---End Message--- ---BeginMessage--- Source: kaa-base Source-Version: 0.6.0-2 We believe that the bug you reported is fixed in the latest version of kaa-base, which is due to be installed in the Debian FTP archive: kaa-base_0.6.0-2.diff.gz to main/k/kaa-base/kaa-base_0.6.0-2.diff.gz kaa-base_0.6.0-2.dsc to main/k/kaa-base/kaa-base_0.6.0-2.dsc python-kaa-base_0.6.0-2_i386.deb to main/k/kaa-base/python-kaa-base_0.6.0-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. A Mennucc1 mennu...@debian.org (supplier of updated kaa-base package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 21:48:59 +0100 Source: kaa-base Binary: python-kaa-base Architecture: source i386 Version: 0.6.0-2 Distribution: unstable Urgency: low Maintainer: Freevo Debian Dream Team pkg-freevo-ma...@lists.alioth.debian.org Changed-By: A Mennucc1 mennu...@debian.org Description: python-kaa-base - Base Kaa Framework for all Kaa Modules Closes: 559633 Changes: kaa-base (0.6.0-2) unstable; urgency=low . * libc6 is /lib/libc6.so.6.1 in IA64 (Closes: #559633). * Add myself to uploaders. Checksums-Sha1: 6a9c99f04d40a8da1cea1d0f8f83791ceb7c88b2 1414 kaa-base_0.6.0-2.dsc 0317a4d05648287f75a8ec437d99db7cf1d051a5 4174 kaa-base_0.6.0-2.diff.gz 4723d6e3d88815bda5f875e10bd80806f3878793 217634 python-kaa-base_0.6.0-2_i386.deb Checksums-Sha256: c9571c0fd07e40c15a90a8282cf7e7aa0e3ebec1742a4d9a5e79bc801dbc8453 1414 kaa-base_0.6.0-2.dsc 5dca61eaafc832cea7746f3cf510fcd3c6cfa16d26dec7c672d31af989aec49c 4174 kaa-base_0.6.0-2.diff.gz 4f63bc5e2c75e78a916352bfc8dd614456297720ce63b4b901e2832f904dbb0f 217634 python-kaa-base_0.6.0-2_i386.deb Files: dd7edef062e8d17f612d666311458332 1414 python optional kaa-base_0.6.0-2.dsc 1bdf2b2dddae09c5ff82514ea16cc975 4174 python optional kaa-base_0.6.0-2.diff.gz f8b9a13b205f21b155e1b651e034ab0a 217634 python optional python-kaa-base_0.6.0-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksda1AACgkQ9B/tjjP8QKSDoACeLUCPPcuOC4aFcknIEQxf8sLE BLYAoIUVUps4iHZggw9gYeQut6fDTrZ1 =A3yw -END PGP SIGNATURE- ---End Message---
Bug#559913: marked as done (FTBFS - chrpath: Command not found)
Your message dated Mon, 07 Dec 2009 21:41:56 + with message-id e1nhlla-0002k0...@ries.debian.org and subject line Bug#559913: fixed in hdf-eos4 2.16v1.00.dfsg.2-4 has caused the Debian Bug report #559913, regarding FTBFS - chrpath: Command not found to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559913 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: hdf-eos4 Version: 2.16v1.00.dfsg.2-3 Severity: serious And now fails because of: [...] make[2]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2' make[1]: Leaving directory `/build/buildd/hdf-eos4-2.16v1.00.dfsg.2' dh_installdirs -plibhdfeos0 # Broken build system needs -rpath. Remove it after install. chrpath -d debian/tmp/usr/lib/libhdfeos.so.0.0.0 make: chrpath: Command not found make: *** [install/libhdfeos0] Error 127 dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave error exit status 2 ---End Message--- ---BeginMessage--- Source: hdf-eos4 Source-Version: 2.16v1.00.dfsg.2-4 We believe that the bug you reported is fixed in the latest version of hdf-eos4, which is due to be installed in the Debian FTP archive: hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz hdf-eos4_2.16v1.00.dfsg.2-4.dsc to main/h/hdf-eos4/hdf-eos4_2.16v1.00.dfsg.2-4.dsc libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb to main/h/hdf-eos4/libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb to main/h/hdf-eos4/libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry mckins...@debian.org (supplier of updated hdf-eos4 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 19:58:52 + Source: hdf-eos4 Binary: libhdfeos0 libhdfeos-dev Architecture: source i386 Version: 2.16v1.00.dfsg.2-4 Distribution: unstable Urgency: low Maintainer: Alastair McKinstry mckins...@debian.org Changed-By: Alastair McKinstry mckins...@debian.org Description: libhdfeos-dev - Development files for the HDF-EOS4 library libhdfeos0 - Earth Observation System extensions to HDF4 Closes: 559913 Changes: hdf-eos4 (2.16v1.00.dfsg.2-4) unstable; urgency=low . * Build with pbuilder. Add chrpath dependency. Closes: #559913. Checksums-Sha1: 7c80ea41deca18ebc3348376919a55a596ea7ce1 1220 hdf-eos4_2.16v1.00.dfsg.2-4.dsc a9ae683221c0bf210be7635d3cef3a9528b8fb98 8707 hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz 858bd514d9d95179f63c566e4c0c5b5ae3c113d4 106680 libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb dd67469bbf195a1fc2e424ff1019698db0601fe5 182622 libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb Checksums-Sha256: dbe0dd00283dca05a66cdb031d43ae8ce418a3f631c0ab90d0efb419fc530dd5 1220 hdf-eos4_2.16v1.00.dfsg.2-4.dsc 28db847ca950a76257f22aff42756ef1f96ffe5772479593d5b736e2a25c22e3 8707 hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz 9b327e70042c53bbb06d7bba20f888b51353da635a209d1d673c512cee12d5c6 106680 libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb 18a42dfdc5cea221c591debe10eb97428d60cf9ea26eb5bb31f08af57ced02b3 182622 libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb Files: 67ac14b75f7256cf14f8041c7ed87402 1220 libs optional hdf-eos4_2.16v1.00.dfsg.2-4.dsc fd875552e908263b0e1ad67ca66e4663 8707 libs optional hdf-eos4_2.16v1.00.dfsg.2-4.diff.gz 5fba2d6649a0efd121b3618fc8a5f354 106680 libs optional libhdfeos0_2.16v1.00.dfsg.2-4_i386.deb d801bc88cc5ab40b664e4a2c48c6dcbc 182622 libdevel optional libhdfeos-dev_2.16v1.00.dfsg.2-4_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFLHWElQTK/kCo4XFcRAsSsAJ4mB8JHs1emJ7oF94ln9VuFg4aa4wCgqHC6 4YdyBviwDeeSjmgbRjCPeyc= =5LL3 -END PGP SIGNATURE- ---End Message---
Bug#553557: marked as done (smb2www: dir-or-file-in-var-www /var/www/samba-images)
Your message dated Mon, 07 Dec 2009 21:50:15 + with message-id e1nhltd-0003f6...@ries.debian.org and subject line Bug#553557: fixed in smb2www 980804-38 has caused the Debian Bug report #553557, regarding smb2www: dir-or-file-in-var-www /var/www/samba-images to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 553557: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553557 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: smb2www Version: 980804-37 Severity: serious User: lintian-ma...@debian.org Usertags: dir-or-file-in-var-www Debian packages should not install files under /var/www. This is not one of the /var directories in the File Hierarchy Standard and is under the control of the local administrator. Packages should not assume that it is the document root for a web server; it is very common for users to change the default document root and packages should not assume that users will keep any particular setting. Packages that want to make files available via an installed web server should instead put instructions for the local administrator in a README.Debian file and ideally include configuration fragments for common web servers such as Apache. As an exception, packages are permitted to create the /var/www directory due to its past history as the default document root, but should at most copy over a default file in postinst for a new install. Refer to Filesystem Hierarchy Standard (The /var Hierarchy) for details. One solution that works is to put configuration files into /etc/package_name, put static content, if any, into /usr/{share,lib}/package_name, then create /var/lib/package name as home for the package, and symlink the files from /etc and /usr/ into the /var/lib/package_name. Then create a simple set of configuration snippets for popular web servers (for example, files one may link into /etc/apache2/conf.d) and put them into /etc/package_name. This way user modifiable files stil live in /etc, and a simple operation can make the package go live. Filed as serious, since this is a violation of the FHS (which is part of policy), and also since a package with these files will currently get this package rejected. See http://lists.debian.org/debian-devel-announce/2009/10/msg4.html for details. This means the package has been deemed too buggy to be in Debian. manoj -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'oldstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31.4-anzu-2 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages smb2www depends on: ii apache2 2.2.14-1 Apache HTTP Server metapackage ii apache2-mpm-prefork [httpd-cg 2.2.14-1 Apache HTTP Server - traditional n ii cdebconf [debconf-2.0]0.145 Debian Configuration Management Sy ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii perl 5.10.1-6 Larry Wall's Practical Extraction ii smbclient 2:3.4.2-1 command-line SMB/CIFS clients for smb2www recommends no packages. smb2www suggests no packages. ---End Message--- ---BeginMessage--- Source: smb2www Source-Version: 980804-38 We believe that the bug you reported is fixed in the latest version of smb2www, which is due to be installed in the Debian FTP archive: smb2www_980804-38.diff.gz to main/s/smb2www/smb2www_980804-38.diff.gz smb2www_980804-38.dsc to main/s/smb2www/smb2www_980804-38.dsc smb2www_980804-38_all.deb to main/s/smb2www/smb2www_980804-38_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 553...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Robert Luberda rob...@debian.org (supplier of updated smb2www package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 00:59:40 +0100 Source: smb2www Binary: smb2www Architecture: source all Version: 980804-38 Distribution: unstable Urgency: low Maintainer: Robert Luberda rob...@debian.org Changed-By: Robert Luberda
Bug#559724: marked as done (stockfish - FTBFS: error: unrecognized command line option -msse)
Your message dated Mon, 07 Dec 2009 21:50:32 + with message-id e1nhltu-0003jw...@ries.debian.org and subject line Bug#559724: fixed in stockfish 1.5.1JA-2 has caused the Debian Bug report #559724, regarding stockfish - FTBFS: error: unrecognized command line option -msse to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559724: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559724 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: stockfish Version: 1.5.1JA-1 Severity: serious There was an error while trying to autobuild your package: sbuild (Debian sbuild) 0.58.2 (15 Jun 2009) on lxdebian.bfinv.de [...] g++ -msse -MM application.cpp bitboard.cpp pawns.cpp material.cpp endgame.cpp evaluate.cpp main.cpp misc.cpp move.cpp movegen.cpp history.cpp movepick.cpp search.cpp piece.cpp position.cpp direction.cpp tt.cpp value.cpp uci.cpp ucioption.cpp mersenne.cpp book.cpp bitbase.cpp san.cpp benchmark.cpp .depend cc1plus: error: unrecognized command line option -msse cc1plus: error: unrecognized command line option -msse Please note that that code built with -msse will not work on machines without and Debian supports such. ---End Message--- ---BeginMessage--- Source: stockfish Source-Version: 1.5.1JA-2 We believe that the bug you reported is fixed in the latest version of stockfish, which is due to be installed in the Debian FTP archive: stockfish_1.5.1JA-2.diff.gz to main/s/stockfish/stockfish_1.5.1JA-2.diff.gz stockfish_1.5.1JA-2.dsc to main/s/stockfish/stockfish_1.5.1JA-2.dsc stockfish_1.5.1JA-2_i386.deb to main/s/stockfish/stockfish_1.5.1JA-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Oliver Korff o...@xynyx.de (supplier of updated stockfish package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 16:19:46 +0100 Source: stockfish Binary: stockfish Architecture: source i386 Version: 1.5.1JA-2 Distribution: unstable Urgency: low Maintainer: Oliver Korff o...@xynyx.de Changed-By: Oliver Korff o...@xynyx.de Description: stockfish - strong chess engine, to play chess against Closes: 559724 Changes: stockfish (1.5.1JA-2) unstable; urgency=low . * FTBS Bug: I had to find out, that stockfish uses architecture specific SSE extensions. At the moment I counter this by specifying the architectures, that are known to work: i386 amd64 kfreebsd-amd64 kfreebsd-i386 kfreebsd-amd64. This matter will be discussed with upstream. (Closes: 559724) * Removed knights from Recommends: field, the package is not up to date * Adjusted the description slightly Checksums-Sha1: df66eaf25224816c1c3bd693e3aa493169594f9a 1004 stockfish_1.5.1JA-2.dsc 4cc4cff81aed67f197b0fc6f96e2dc3a3ff125bc 13045 stockfish_1.5.1JA-2.diff.gz cae6396be1bbaac96ac8fe798d18f4d208d726ab 145748 stockfish_1.5.1JA-2_i386.deb Checksums-Sha256: 5042baabb22d25be4d13a85f4b63723314157728327b8a3ad50403b7921ad528 1004 stockfish_1.5.1JA-2.dsc 071ab3b6ef980a01c7beb7b39f32faf77bd4f1e5d4fc7f6473567369368c2e2a 13045 stockfish_1.5.1JA-2.diff.gz acf43ee1818055072cb4f1472066232dcc39c990b6093e66e610f8836fd98ee6 145748 stockfish_1.5.1JA-2_i386.deb Files: 6a468ddc72f9348314238831735fc56c 1004 games optional stockfish_1.5.1JA-2.dsc d84a2a545701bcfefc850f6c0b28 13045 games optional stockfish_1.5.1JA-2.diff.gz 353b38b49c6b2f76350ddefeea6519f6 145748 games optional stockfish_1.5.1JA-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksdblcACgkQYEKwtdP5dN9OUgCgz+9fh+jhNDdBkKEcZjk9SEl7 ECoAnRJCU9vR56SxHlkcvnPUAG2ZcXY8 =rRVO -END PGP SIGNATURE- ---End Message---
Processed: Heimdal bug
Processing commands for cont...@bugs.debian.org: reassign 559910 heimdal-dev Bug #559910 [heimdal-dev,libeditline-dev] libeditline-dev and heimdal-dev: error when trying to install together Bug reassigned from package 'heimdal-dev,libeditline-dev' to 'heimdal-dev'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559892: FTBFS: dpkg-gensymbols returned exit code 1
Hi! On Mon, Dec 07, 2009 at 09:39:06AM -0700, dann frazier wrote: dpkg-gensymbols: warning: debian/libmpg123-0/DEBIAN/symbols doesn't match completely debian/libmpg123-0.symbols.hppa --- debian/libmpg123-0.symbols.hppa (libmpg123-0 hppa) +++ dpkg-gensymbolsDGA3bj 2009-12-07 00:12:02.0 + @@ -48,7 +48,7 @@ mpg123_meta_ch...@base 1.6.2 mpg123_...@base 1.6.2 mpg123_new_p...@base 1.6.2 - mpg123_no...@base 1.10.0 +#MISSING: 1.10.0-1# mpg123_no...@base 1.10.0 mpg123_open...@base 1.6.2 mpg123_open_fd...@base 1.6.2 mpg123_open_f...@base 1.6.2 It turns out that mpg123_noise is only present when dithering is enabled. In Debian, apart from i386 and amd64 no other arch turns on this feature at the moment. This bug could be fixed using configure flag --with-cpu=generic_dither on these archs, or simply by adjusting the arch-specific symbols files, but I'd like to check with upstream first whether the symbol is really meant to be exported in the first place. Regards, Daniel. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559765: jetty: CVE-2007-6672 info disclosure
On Mon, 7 Dec 2009 21:21:14 +0100, Torsten Werner wrote: tags 559765 + wontfix thanks On Mon, Dec 7, 2009 at 5:10 PM, Michael Gilbert michael.s.gilb...@gmail.com wrote: changelog notes are not sufficient justification to close a security issue. the source needs to be checked against a patch, so please find a way to track that down. the easiest way is probably to just ask upstream. thanks. No, I think it is your duty as the bug reporter to prove that the package is still vulnerable. because the consequences of security issues can be dire (although in this case the problem is fairly minor), it is much better to err on the side of caution when dealing with them. i can of course spend the time to study this problem and try to reproduce it, but since there are already claims that it is fixed, that seems like an unwise use of time. it is much more straightforward to simply check that the existing fix is applied. since you should have a relationship with upstream, it should be relatively straightforward to get a response from them. also, this package is your responsibility, so you can't expect others to do your job for you. if you think this request is overburdensome/unjustified, you can send an email to secur...@debian.org. be aware that they expect this level of thoroughness at a minimum. best wishes, mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559944: FTBFS: /usr/bin/ld: bufrdc/bbuprs0.o: relocation R_X86_64_32S against `.rodata.str1.1'…
Package: emoslib Version: 000371+dfsg-1 Severity: serious Justification: FTBFS Hi, your package FTBFS, at least on amd64 and kfreebsd-amd64: | /usr/bin/ld: bufrdc/bbuprs0.o: relocation R_X86_64_32S against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC | bufrdc/bbuprs0.o: could not read symbols: Bad value | collect2: ld returned 1 exit status | make[1]: *** [build] Error 1 Build logs at the usual place: https://buildd.debian.org/status/package.php?suite=unstablep=emoslib Mraw, KiBi. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559930: marked as done (FTBFS: fails to relibtoolize)
Your message dated Mon, 07 Dec 2009 22:49:08 + with message-id e1nhmoc-0001ca...@ries.debian.org and subject line Bug#559930: fixed in hypre 2.4.0b-6 has caused the Debian Bug report #559930, regarding FTBFS: fails to relibtoolize to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559930 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: hypre Version: 2.4.0b-5 Severity: serious Justification: FTBFS Hi, your package FTBFS: | (cd src/babel-runtime libtoolize) | libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `config'. | libtoolize: linking file `config/ltmain.sh' | libtoolize: putting auxiliary files in `config'. | libtoolize: linking file `libltdl/config/compile' | libtoolize: linking file `libltdl/config/config.guess' | libtoolize: linking file `libltdl/config/config.sub' | libtoolize: linking file `libltdl/config/depcomp' | libtoolize: linking file `libltdl/config/install-sh' | libtoolize: linking file `libltdl/config/missing' | libtoolize: linking file `libltdl/config/ltmain.sh' | libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'. | libtoolize: linking file `m4/argz.m4' | libtoolize: You should add the contents of `m4/argz.m4' to `aclocal.m4'. | libtoolize: linking file `m4/libtool.m4' | libtoolize: `/usr/share/aclocal/ltdl.m4' does not exist. | make: *** [stamp-build] Error 1 Build logs at the usual place: https://buildd.debian.org/status/package.php?suite=unstablep=hypre Mraw, KiBi. ---End Message--- ---BeginMessage--- Source: hypre Source-Version: 2.4.0b-6 We believe that the bug you reported is fixed in the latest version of hypre, which is due to be installed in the Debian FTP archive: hypre_2.4.0b-6.diff.gz to main/h/hypre/hypre_2.4.0b-6.diff.gz hypre_2.4.0b-6.dsc to main/h/hypre/hypre_2.4.0b-6.dsc libhypre-2.4.0_2.4.0b-6_amd64.deb to main/h/hypre/libhypre-2.4.0_2.4.0b-6_amd64.deb libhypre-dev_2.4.0b-6_all.deb to main/h/hypre/libhypre-dev_2.4.0b-6_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Adam C. Powell, IV hazel...@debian.org (supplier of updated hypre package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 07 Dec 2009 17:22:27 -0500 Source: hypre Binary: libhypre-2.4.0 libhypre-dev Architecture: source amd64 all Version: 2.4.0b-6 Distribution: unstable Urgency: low Maintainer: Adam C. Powell, IV hazel...@debian.org Changed-By: Adam C. Powell, IV hazel...@debian.org Description: libhypre-2.4.0 - High Performance Matrix Preconditioners - Shared Library libhypre-dev - High Performance Matrix Preconditioners - Development Files Closes: 559930 Changes: hypre (2.4.0b-6) unstable; urgency=low . * Added libltdl-dev to Build-Depends (closes: #559930). Checksums-Sha1: 9ddf231034c8d32eb6c22d036288fba738089144 1168 hypre_2.4.0b-6.dsc efd4267acef771e9392584b9bc55a8688e10c693 10290 hypre_2.4.0b-6.diff.gz 675cfb5aad9d5befb8f7cf88272c2d1cda03c1cb 1698138 libhypre-2.4.0_2.4.0b-6_amd64.deb c2071b25d13ba0e2b1a9c5455ed042760da55719 151398 libhypre-dev_2.4.0b-6_all.deb Checksums-Sha256: 957ae19449b7bdb244b179a8e5b6dce99e2619240819b2d34796ed732fcd4752 1168 hypre_2.4.0b-6.dsc 42273bbc9a7bb9cafa1077945b338fa54d2f4afa9b4dd84f1a34cbbd971a3e61 10290 hypre_2.4.0b-6.diff.gz 803ad646205d7a252b69164fa12dab86c0ac018e7ab37f678c87dfb32cc54417 1698138 libhypre-2.4.0_2.4.0b-6_amd64.deb 6c3cdc7eba8167ffcf4b944b70af0bc036ad5167508010e15162fdd55a789df3 151398 libhypre-dev_2.4.0b-6_all.deb Files: 7e0c155ed6bc73d1907faa0ff1d0a9e0 1168 math extra hypre_2.4.0b-6.dsc e3c23bdbd409d7ea81256c594aa42a57 10290 math extra hypre_2.4.0b-6.diff.gz 87ddebd05421736e8714d5d27bff253b 1698138 libs extra libhypre-2.4.0_2.4.0b-6_amd64.deb 304c588005c973e203fbc07ecbe4659f 151398 libdevel extra libhypre-dev_2.4.0b-6_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksdge8ACgkQUm8B6FZO5LYClgCePKbO7UInSMknN0cSUtUo55sU n7sAn1d7R9riAK1P6hgUDcFwI3LnzNTc =qok5 -END PGP SIGNATURE- ---End Message---
Processed: Re: Heimdal bug
Processing commands for cont...@bugs.debian.org: reassign 559910 heimdal-dev heimdal-dev/1.3.1.dfsg.1-1 Bug #559910 [heimdal-dev] libeditline-dev and heimdal-dev: error when trying to install together Ignoring request to reassign bug #559910 to the same package Bug #559910 [heimdal-dev] libeditline-dev and heimdal-dev: error when trying to install together The source heimdal-dev and version 1.3.1.dfsg.1-1 do not appear to match any binary packages Bug Marked as found in versions heimdal-dev/1.3.1.dfsg.1-1. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed (with 4 errors): bug corrections
Processing commands for cont...@bugs.debian.org: # correct some shitty bug changes # xcalendar-i18n clone 494605 -1 Bug#494605: xcalendar-i18n: should this orphaned package be removed? Bug 494605 cloned as bug 559946. reassign -1 xcalendar-i18n Bug #559946 [wnpp] xcalendar-i18n: should this orphaned package be removed? Bug reassigned from package 'wnpp' to 'xcalendar-i18n'. retitle 494605 O: xcalendar-i18n -- calendar program on X with i18n Bug #494605 [wnpp] xcalendar-i18n: should this orphaned package be removed? Changed Bug title to 'O: xcalendar-i18n -- calendar program on X with i18n' from 'xcalendar-i18n: should this orphaned package be removed?' support Unknown command or malformed arguments to command. severity 494605 normal Bug #494605 [wnpp] O: xcalendar-i18n -- calendar program on X with i18n Severity set to 'normal' from 'serious' # genparse clone 505992 -2 Bug#505992: genparse: should this package be removed? Bug 505992 cloned as bug 559947. reassign -2 genparse Bug #559947 [wnpp] genparse: should this package be removed? Bug reassigned from package 'wnpp' to 'genparse'. retitle 505992 O: genparse -- command line parser generator Bug #505992 [wnpp] genparse: should this package be removed? Changed Bug title to 'O: genparse -- command line parser generator' from 'genparse: should this package be removed?' severity 505992 normal Bug #505992 [wnpp] O: genparse -- command line parser generator Severity set to 'normal' from 'serious' # elmo clone 521491 -3 Bug#521491: elmo: should this package be removed? Bug 521491 cloned as bug 559948. reassign -3 elmo Bug #559948 [wnpp] elmo: should this package be removed? Bug reassigned from package 'wnpp' to 'elmo'. retitle 521491 O: elmo -- text-based mail-reader supporting SMTP and Bug #521491 [wnpp] elmo: should this package be removed? Changed Bug title to 'O: elmo -- text-based mail-reader supporting SMTP and' from 'elmo: should this package be removed?' POP3 Unknown command or malformed arguments to command. severity 521491 normal Bug #521491 [wnpp] O: elmo -- text-based mail-reader supporting SMTP and Severity set to 'normal' from 'serious' # umlrun clone 521475 -4 Bug#521475: umlrun: should this package be removed? Bug 521475 cloned as bug 559949. reassign -4 umlrun Bug #559949 [wnpp] umlrun: should this package be removed? Bug reassigned from package 'wnpp' to 'umlrun'. retitle 521475 O: umlrun -- Components of umlrun to be installed inside Bug #521475 [wnpp] umlrun: should this package be removed? Changed Bug title to 'O: umlrun -- Components of umlrun to be installed inside' from 'umlrun: should this package be removed?' UML Unknown command or malformed arguments to command. severity 521475 normal Bug #521475 [wnpp] O: umlrun -- Components of umlrun to be installed inside Severity set to 'normal' from 'serious' # pmock clone 524936 -5 Bug#524936: pmock: should this package be removed? Bug 524936 cloned as bug 559950. reassign -5 pmock Bug #559950 [wnpp] pmock: should this package be removed? Bug reassigned from package 'wnpp' to 'pmock'. retitle 524936 O: pmock -- Python module for unit testing using mock Bug #524936 [wnpp] pmock: should this package be removed? Changed Bug title to 'O: pmock -- Python module for unit testing using mock' from 'pmock: should this package be removed?' objects Unknown command or malformed arguments to command. severity 524936 normal Bug #524936 [wnpp] O: pmock -- Python module for unit testing using mock Severity set to 'normal' from 'serious' # w9wm clone 508097 -6 Bug#508097: w9wm: should this package be removed? Bug 508097 cloned as bug 559951. reassign -6 w9wm Bug #559951 [wnpp] w9wm: should this package be removed? Bug reassigned from package 'wnpp' to 'w9wm'. retitle 508097 O: w9wm -- Enhanced window manager based on 9wm Bug #508097 [wnpp] w9wm: should this package be removed? Changed Bug title to 'O: w9wm -- Enhanced window manager based on 9wm' from 'w9wm: should this package be removed?' severity 508097 normal Bug #508097 [wnpp] O: w9wm -- Enhanced window manager based on 9wm Severity set to 'normal' from 'serious' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#493599: pushing udns into squeeze
On Sun, Jul 12, 2009 at 11:12:24PM +0200, Florian Weimer wrote: * Thadeu Lima de Souza Cascardo: While udns has no entered etch or lenny, we should reconsider that situation in the case of squeeze. Some software in Debian depends or may be improved while depending on udns. udns doesn't handle truncation, so it won't play well with the PowerDNS recursor (which doesn't support EDNS). It does not use a connected UDP socket, so it won't notice ICMP errors. (This means that it's only suitable for long-running processes.) The escape sequences it uses inside TXT records are hexadecimal, not decimal, as it is standard for DNS software. The domain name parser triggers undefined behavior for certain inputs because it performs out-of-bound pointer arithmetic. This is unlikely to cause practical problems with current GCC versions (but LTO might change this). Sorry for being unconstructive, but I really don't think we need yet another DNS resolver in Debian. Thadeu, since no package uses current udns and upstream recommends switching to ldns, should we go ahead and remove udns from the archive? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org