Bug#598432: marked as done (python-apt: upgrade fails)
Your message dated Thu, 30 Sep 2010 06:47:41 + with message-id <61c4be8ac2a12f81f98d8954f0857...@imap.dd24.net> and subject line fixed has caused the Debian Bug report #598432, regarding python-apt: upgrade fails to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 598432: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598432 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: python-apt Version: 0.7.98 Severity: grave Justification: renders package unusable Hi. Upgrading to the most recent version fails with: Setting up python-apt (0.7.98) ... Traceback (most recent call last): File "/usr/bin/pycentral", line 2334, in main() File "/usr/bin/pycentral", line 2328, in main rv = action.run(global_options) File "/usr/bin/pycentral", line 1481, in run pkg.read_version_info() File "/usr/bin/pycentral", line 899, in read_version_info self.version_info = pyversions.parse_versions(self.version_field) File "/usr/share/pycentral-data/pyversions.py", line 68, in parse_versions raise ValueError, 'error parsing Python-Version attribute' ValueError: error parsing Python-Version attribute dpkg: error processing python-apt (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: python-apt Press return to continue. Cheers, Chris. --- End Message --- --- Begin Message --- fixed 598432 0.7.98.1 stop Sees to have been more or less gracefully fixed in 0.7.98.1. Cheers. --- End Message ---
Bug#577880: marked as done (samba4: FTBFS: configure: error: Unable to find external LIBLDB)
Your message dated Thu, 30 Sep 2010 08:46:50 +0200 with message-id <20100930064650.ga8...@vernstok.nl> and subject line Fixed has caused the Debian Bug report #577880, regarding samba4: FTBFS: configure: error: Unable to find external LIBLDB to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 577880: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577880 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: samba4 Version: 4.0.0~alpha8+git20090912-1 Severity: serious Tags: squeeze sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20100415 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: > /usr/bin/fakeroot debian/rules clean > dh_testdir > dh_testroot > dh_clean > rm -f > /build/user-samba4_4.0.0~alpha8+git20090912-1-amd64-woNpmn/samba4-4.0.0~alpha8+git20090912/debian/tmp > [ ! -f ./source4/mkconfig.mk ] || [ ! -f ./source4/data.mk ] || /usr/bin/make > -C ./source4 clean > rm -f build-stamp configure-stamp > dpkg-source -b samba4-4.0.0~alpha8+git20090912 > dpkg-source: info: using source format `1.0' > dpkg-source: info: building samba4 using existing > samba4_4.0.0~alpha8+git20090912.orig.tar.gz > dpkg-source: info: building samba4 in > samba4_4.0.0~alpha8+git20090912-1.diff.gz > debian/rules build > dpkg-source: info: building samba4 in samba4_4.0.0~alpha8+git20090912-1.dsc > dh_testdir > cd ./source4 && CFLAGS="-Wall -O0" LDFLAGS="-Wl,--as-needed" ./configure > --enable-fhs \ > --prefix=/usr \ > --mandir=/usr/share/man \ > --sysconfdir=/etc \ > --localstatedir=/var \ > --with-piddir=/var/run \ > --with-pam \ > --with-syslog \ > --with-readline \ > --with-ldap \ > --enable-external-libtdb=yes \ > --enable-external-libtalloc=yes \ > --enable-external-libtevent=yes \ > --enable-external-libldb=yes \ > #--enable-dso > configure: WARNING: unrecognized options: --with-pam, --with-syslog, > --with-ldap > SAMBA VERSION: 4.0.0alpha9-GIT-9733816 > BUILD COMMIT REVISION: 97338168e8c7719d6460dc11ae489ecbb218b31d > BUILD COMMIT DATE: "Sat Sep 12 00:49:51 2009 +0200" > BUILD COMMIT TIME: 1252709391 > BUILD REVISION: 1252709391 > checking build system type... x86_64-unknown-linux-gnu > checking host system type... x86_64-unknown-linux-gnu > checking target system type... x86_64-unknown-linux-gnu > LIBREPLACE_LOCATION_CHECKS: START > LIBREPLACE_LOCATION_CHECKS: END > checking for perl... /usr/bin/perl > checking for yapp... /usr/bin/yapp > LIBREPLACE_CC_CHECKS: START > checking for gcc... gcc > checking for C compiler default output file name... a.out > checking whether the C compiler works... yes > checking whether we are cross compiling... no > checking for suffix of executables... > checking for suffix of object files... o > checking whether we are using the GNU C compiler... yes > checking whether gcc accepts -g... yes > checking for gcc option to accept ISO C89... none needed > checking for version of gcc... 4.4.3 > checking how to run the C preprocessor... gcc -E > checking for grep that handles long lines and -e... /bin/grep > checking for egrep... /bin/grep -E > checking for ANSI C header files... yes > checking for sys/types.h... yes > checking for sys/stat.h... yes > checking for stdlib.h... yes > checking for string.h... yes > checking for memory.h... yes > checking for strings.h... yes > checking for inttypes.h... yes > checking for stdint.h... yes > checking for unistd.h... yes > checking minix/config.h usability... no > checking minix/config.h presence... no > checking for minix/config.h... no > checking whether it is safe to define __EXTENSIONS__... yes > checking whether byte ordering is bigendian... no > checking for inline... inline > checking for C99 designated initializers... yes > checking for a BSD-compatible install... /usr/bin/install -c > checking for library containing strerror... none required > checking for special C compiler options needed for large files... no > checking for _FILE_OFFSET_BITS value needed for large files... no > checking standards.h usability... no > checking standards.h presence... no > checking for standards.h... no > checking for long long... yes > checking size of int... 4 > checking size of char... 1 > checking size of short... 2 > checking size of long... 8 > checking size of long long... 8 > checking for uint_t... no > checking for int8_t... yes >
Processed: fixed
Processing commands for cont...@bugs.debian.org: > fixed 598432 0.7.98.1 Bug #598432 [python-apt] python-apt: upgrade fails Bug Marked as fixed in versions python-apt/0.7.98.1. > stop Stopping processing here. Please contact me if you need assistance. -- 598432: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598432 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: ..0.7.98.1 installs|works ok on both i686 and amd64 boxes.
-- ..med vennlig hilsen = with Kind Regards from Arnt... ;o) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598421: salome: CVE-2010-3377: insecure library loading
On 29 September 2010 22:01, Adam C Powell IV wrote: > On Tue, 2010-09-28 at 21:07 +, Raphael Geissert wrote: > Would a secure change omit the former LD_LIBRARY_PATH? That is, would > it fix this in runSalome to say: > > export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:/usr/lib:/usr/local/lib > ? You could do that, or use the following: export LD_LIBRARY_PATH=${prefix}/lib:${libdir}${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH} (note the ${VAR:+foo} construct, which is what makes the shell only expand to the latter part when VAR is set and non-empty. The colon _before_ the plus sign is important.) Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598421: salome: CVE-2010-3377: insecure library loading
Hello, On Tue, 2010-09-28 at 21:07 +, Raphael Geissert wrote: > Package: salome > Version: 5.1.3-9 > Severity: grave > Tags: security > User: t...@security.debian.org > Usertags: ldpath > > Hello, > > During a review of the Debian archive, I've found your package to > contain a script that can be abused by an attacker to execute arbitrary > code. > > The vulnerability is introduced by an insecure change to > LD_LIBRARY_PATH, an environment variable used by ld.so(8) to look for > libraries on a directory other than the standard paths. Thank you, I'm glad your review found this. Would a secure change omit the former LD_LIBRARY_PATH? That is, would it fix this in runSalome to say: export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:/usr/lib:/usr/local/lib ? The prefix and libdir variables are set elsewhere in runSalome, so I don't think one could override those... But if it could be a problem, I'll have that script hard-code them instead. > Vulnerable code follows: > > /usr/bin/runSalome line 28: > export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:$LD_LIBRARY_PATH > /usr/bin/runTestMedCorba line 29: > export LD_LIBRARY_PATH=$MED_ROOT_DIR/lib/salome:${LD_LIBRARY_PATH} > /usr/bin/runTestMedCorba line 37: > export LD_LIBRARY_PATH=$MED_ROOT_DIR/lib/salome:${LD_LIBRARY_PATH} > > Possibly vulnerable too: > /usr/lib/salome/bin/runLightSalome line 139: > export LD_LIBRARY_PATH=${MY_LD_LIBRARY_PATH}:${LD_LIBRARY_PATH} > /usr/lib/salome/bin/hxx2salome line 329: > echo -e "setenv LD_LIBRARY_PATH > \${${CLASS_NAME}CPP_ROOT_DIR}${lib_dir#${CPP_ROOT_DIR}}:\${LD_LIBRARY_PATH}" > >> ${ENVIRON_FILE} > /usr/lib/salome/bin/hxx2salome line 351: > echo -e "export > LD_LIBRARY_PATH=\${${CLASS_NAME}CPP_ROOT_DIR}${lib_dir#${CPP_ROOT_DIR}}:\${LD_LIBRARY_PATH}" > \ > >> ${ENVIRON_FILE} I see a couple of other bugs in those lines as well... Okay, a lot of work to do, but starting with fixing the security issue, as soon as I hear my fix idea above. > When there's an empty item on the colon-separated list of > LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.) > If the given script is executed from a directory where a potential, > local, attacker can write files to, there's a chance to exploit this > bug. > > This vulnerability has been assigned the CVE id CVE-2010-3377. Please make > sure > you mention it when forwarding this report to upstream and when fixing > this bug (everywhere: upstream and here at Debian.) > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3377 > [1] http://security-tracker.debian.org/tracker/CVE-2010-3377 Thanks, I'll make sure upstream knows about this. -Adam -- GPG fingerprint: D54D 1AEE B11C CE9B A02B C5DD 526F 01E8 564E E4B6 Engineering consulting with open source tools http://www.opennovation.com/ signature.asc Description: This is a digitally signed message part
Bug#598312: marked as done (gdm crashes)
Your message dated Thu, 30 Sep 2010 02:48:33 + with message-id and subject line Bug#596453: fixed in linux-2.6 2.6.32-24 has caused the Debian Bug report #596453, regarding gdm crashes to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 596453: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596453 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gdm Version: 2.20.11-2 Severity: critical Justification: breaks unrelated software after last update (28 september 2010) gdm crashes. trouble maybe with "intel" driver (I did think that bug was closed?) or xorg configuration. I include Xorg.0.log here: X.Org X Server 1.7.7 Release Date: 2010-05-04 X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.32-5-686 i686 Debian Current Operating System: Linux galadriel 2.6.32-5-686 #1 SMP Sat Sep 18 02:14:45 UTC 2010 i686 Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-686 root=UUID=d31d2938-6c71-4a47-86bb-65c8e6bb3545 ro quiet Build Date: 20 September 2010 03:40:46PM xorg-server 2:1.7.7-7 (Julien Cristau ) Current version of pixman: 0.16.4 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Tue Sep 28 08:05:48 2010 (==) Using system config directory "/usr/share/X11/xorg.conf.d" (==) No Layout section. Using the first Screen section. (==) No screen section available. Using defaults. (**) |-->Screen "Default Screen Section" (0) (**) | |-->Monitor "" (==) No monitor specified for screen "Default Screen Section". Using a default monitor configuration. (==) Automatically adding devices (==) Automatically enabling devices (WW) The directory "/usr/share/fonts/X11/cyrillic" does not exist. Entry deleted from font path. (==) FontPath set to: /usr/share/fonts/X11/misc, /usr/share/fonts/X11/100dpi/:unscaled, /usr/share/fonts/X11/75dpi/:unscaled, /usr/share/fonts/X11/Type1, /usr/share/fonts/X11/100dpi, /usr/share/fonts/X11/75dpi, /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType, built-ins (==) ModulePath set to "/usr/lib/xorg/modules" (II) The server relies on udev to provide the list of input devices. If no devices become available, reconfigure udev or disable AutoAddDevices. (II) Loader magic: 0x81ea020 (II) Module ABI versions: X.Org ANSI C Emulation: 0.4 X.Org Video Driver: 6.0 X.Org XInput driver : 7.0 X.Org Server Extension : 2.0 (++) using VT number 7 (--) PCI:*(0:0:2:0) 8086:2562:1734:1003 Intel Corporation 82845G/GL[Brookdale-G]/GE Chipset Integrated Graphics Device rev 3, Mem @ 0xd800/134217728, 0xd000/524288 (II) Open ACPI successful (/var/run/acpid.socket) (II) LoadModule: "extmod" (II) Loading /usr/lib/xorg/modules/extensions/libextmod.so (II) Module extmod: vendor="X.Org Foundation" compiled for 1.7.7, module version = 1.0.0 Module class: X.Org Server Extension ABI class: X.Org Server Extension, version 2.0 (II) Loading extension SELinux (II) Loading extension MIT-SCREEN-SAVER (II) Loading extension XFree86-VidModeExtension (II) Loading extension XFree86-DGA (II) Loading extension DPMS (II) Loading extension XVideo (II) Loading extension XVideo-MotionCompensation (II) Loading extension X-Resource (II) LoadModule: "dbe" (II) Loading /usr/lib/xorg/modules/extensions/libdbe.so (II) Module dbe: vendor="X.Org Foundation" compiled for 1.7.7, module version = 1.0.0 Module class: X.Org Server Extension ABI class: X.Org Server Extension, version 2.0 (II) Loading extension DOUBLE-BUFFER (II) LoadModule: "glx" (II) Loading /usr/lib/xorg/modules/extensions/libglx.so (II) Module glx: vendor="X.Org Foundation" compiled for 1.7.7, module version = 1.0.0 ABI class: X.Org Server Extension, version 2.0 (==) AIGLX enabled (II) Loading extension GLX (II) LoadModule: "record" (II) Loading /usr/lib/xorg/modules/extensions/librecord.so (II) Module record: vendor="X.Org Foundation" compiled for 1.7.7, module version = 1.13.0 Module class: X.Org Server Extension ABI class: X.Org Server Extension, version 2.0 (II) Loading extension RECORD (II) LoadModule: "dri" (II) Loading /usr/lib/xorg/modules/extensions/libdri.so (II) Module dri: vendor="X.Org Foundation"
Bug#534982: marked as done (squid - DoS in external auth header parser)
Your message dated Thu, 30 Sep 2010 01:57:16 + with message-id and subject line Bug#534982: fixed in squid 2.7.STABLE3-4.1lenny1 has caused the Debian Bug report #534982, regarding squid - DoS in external auth header parser to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 534982: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534982 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: squid Version: 2.7.STABLE3-4.1 Severity: normal My main squid reverse proxy suddenly stopped working after some days. The last time it happened, I managed to dig a bit around and also got a core dump and analyzed it as far as this works without debugging symbols. This happened on my own rebuild with SSL enabled, but the affected code region does not even consider SSL support. Config excerpt: | http_port 80 accel vhost defaultsite=example.com | https_port 443 accel vhost defaultsite=example.com cert=/etc/squid/ssl/all options=NO_SSLv2 | icp_port 3130 | | logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %h" "%{User-Agent}>h" | cache_access_log /srv/squid/prod/log/access.log | cache_access_log /srv/squid/prod/log/combined.log combined | cache_log /srv/squid/prod/log/cache.log | cache_store_log /srv/squid/prod/log/store.log | | acl accelerated_domains dstdomain example.com | acl accelerated_protocols proto http https | | external_acl_type zope_auth ttl=0 %PATH %{Cookie:;__ac} /etc/squid/auth/auth /etc/squid/zope_auth.conf | acl zope_auth external zope_auth | | http_access allow accelerated_domains accelerated_protocols zope_auth | http_access deny all Available threads: | (gdb) info threads | 17 process 17096 0x2b7100488bc8 in strcspn () from /lib/libc.so.6 | 16 process 17138 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 15 process 17137 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 14 process 17136 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 13 process 17135 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 12 process 17134 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 11 process 17133 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 10 process 17132 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 9 process 17131 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 8 process 17130 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 7 process 17129 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 6 process 17128 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 5 process 17127 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 4 process 17126 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 3 process 17125 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | 2 process 17124 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 | * 1 process 17123 0x2b70ffd60d29 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 So 16 threads suddenly waited for something shared and only the 17th did something usefull. Annotated backtrace of thread 17 (I had to reconstruct the function names from a similar binary): | (gdb) bt | #0 0x2b7100488bc8 in strcspn () from /lib/libc.so.6 | #1 0x00456021 in ?? () 00455f80 g F .text 0191 strListGetItem | #2 0x0045395e in ?? () 004538b0 g F .text 014a httpHeaderGetListMember | #3 0x0043923a in ?? () 00438e60 l F .text 0648 makeExternalAclKey | #4 0x00439f6b in ?? () 00439e70 g F .text 048c aclMatchExternal | #5 0x0040a24c in ?? () 00409f30 g F .text 0eef aclMatchAclList | #6 0x0040ae61 in ?? () 0040ae20 l F .text 044d aclCheck | #7 0x0042652b in ?? () | #8 0x00431105 in ?? () | #9 0x004601a0 in ?? () | #10 0x2b710042c1a6 in __libc_start_main () from /lib/libc.so.6 Register dump to show the parameters for strcspn: | (gdb) info registers | rax
Bug#596891: marked as done (samba: CVE-2010-3069: buffer overrun vulnerability Available)
Your message dated Thu, 30 Sep 2010 01:56:04 + with message-id and subject line Bug#596891: fixed in samba 2:3.2.5-4lenny13 has caused the Debian Bug report #596891, regarding samba: CVE-2010-3069: buffer overrun vulnerability Available to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 596891: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596891 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: samba Severity: critical Tags: security This vulnerability has been unveiled publicly without prior warning, so probably exploits can be in the wild already. 3.2 from lenny is affected, too. Backporting the fix seems trivial and I think we'll be working on it ASAP. - Forwarded message from Karolin Seeger - Date: Tue, 14 Sep 2010 13:14:28 +0200 From: Karolin Seeger To: sa...@samba.org, samba-techni...@samba.org, samba-annou...@samba.org Subject: [Announce] Samba 3.5.5, 3.4.9 and 3.3.14 Security Releases Available Organization: SerNet GmbH, Goettingen, Germany X-CRM114-Status: Good ( pR: 82.4819 ) Release Announcements = These are a security releases in order to address CVE-2010-3069. o CVE-2010-3069: All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. Changes --- o Jeremy Allison * BUG 7669: Fix for CVE-2010-3069. o Andrew Bartlett * BUG 7669: Fix for CVE-2010-3069. ## Reporting bugs & Development Discussion ### Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. All bug reports should be filed under the Samba corresponding product in the project's Bugzilla database (https://bugzilla.samba.org/). == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == Download Details The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be downloaded from: http://download.samba.org/samba/ftp/ The release notes are available online at: http://www.samba.org/samba/ftp/history/samba-3.3.14.html http://www.samba.org/samba/ftp/history/samba-3.4.9.html http://www.samba.org/samba/ftp/history/samba-3.5.5.html Binary packages will be made available on a volunteer basis from http://download.samba.org/samba/ftp/Binary_Packages/ Our Code, Our Bugs, Our Responsibility. (https://bugzilla.samba.org/) --Enjoy The Samba Team ** CRM114 Whitelisted by: lists.samba.org ** - End forwarded message - -- signature.asc Description: Digital signature --- End Message --- --- Begin Message --- Source: samba Source-Version: 2:3.2.5-4lenny13 We believe that the bug you reported is fixed in the latest version of samba, which is due to be installed in the Debian FTP archive: libpam-smbpass_3.2.5-4lenny13_i386.deb to main/s/samba/libpam-smbpass_3.2.5-4lenny13_i386.deb libsmbclient-dev_3.2.5-4lenny13_i386.deb to main/s/samba/libsmbclient-dev_3.2.5-4lenny13_i386.deb libsmbclient_3.2.5-4lenny13_i386.deb to main/s/samba/libsmbclient_3.2.5-4lenny13_i386.deb libwbclient0_3.2.5-4lenny13_i386.deb to main/s/samba/libwbclient0_3.2.5-4lenny13_i386.deb samba-common_3.2.5-4lenny13_i386.deb to main/s/samba/samba-common_3.2.5-4lenny13_i386.deb samba-dbg_3.2.5-4lenny13_i386.deb to main/s/samba/samba-dbg_3.2.5-4lenny13_i386.deb samba-doc-pdf_3.2.5-4lenny13_all.deb to main/s/samba/samba-doc-pdf_3.2.5-4lenny13_all.deb samba-doc_3.2.5-4lenny13_all.deb to main/s/samba/samba-doc_3.2.5-4lenny13_all.deb samba-tools_3.2.5-4lenny13_i386.deb to main/s/samba/samba-tools_3.2.5-4lenny13_i386.deb samba_3.2.5-4lenny13.diff.gz to main/s/samba/samba_3.2.5-4lenny13.diff.gz samba_
Bug#595613: [Debian-med-packaging] Bug#595613: closed by Charles Plessy (Bug#595613: fixed in emboss 6.3.1-6)
severity 595613 whishlist thanks Le Wed, iSep 29, 2010 at 04:47:33PM +0200, Julien Cristau a écrit : > reopen 595613 > kthxbye > > jcris...@franck:~$ dpkg -I > /srv/ftp-master.debian.org/ftp/pool/main/e/emboss/emboss-lib_6.3.1-6_amd64.deb > shlibs > libnucleus 6 emboss-lib > libensembl 6 emboss-lib > libacd 6 emboss-lib > libajax 6 emboss-lib > libajaxdb 6 emboss-lib > libajaxg 6 emboss-lib > libeplplot 3 emboss-lib > libepcre 7 emboss-lib > > That's broken. (I'm not saying the rest of it is alright, this is just > the most obvious part so I'm not looking further.) This problem is theoretical, not practical. emboss-lib is a private library. The packages that use it manage the dependancies by hand. I will make sure that this file is not in the next version. Cheers, -- Charles Plessy Debian Med packaging team, http://www.debian.org/devel/debian-med Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598422: scilab: CVE-2010-3378: insecure library loading
On 28 September 2010 16:15, Sylvestre Ledru wrote: > >> The vulnerability is introduced by an insecure change to >> LD_LIBRARY_PATH, an environment variable used by ld.so(8) to look for >> libraries on a directory other than the standard paths. > OK. I will fix that asap (today or tomorrow) > To you, what would be the best way to fix this issue ? If you prefer readability: if [ -n "$LD_LIBRARY_PATH" ]; then LD_LIBRARY_PATH=/foo else LD_LIBRARY_PATH=/foo:$LD_LIBRARY_PATH fi But if you want a one-liner to avoid duplication: LD_LIBRARY_PATH=/foo${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH} (be careful with the two colons, removing the first one re-introduces the vulnerability) Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: apparently a feature, not a bug
Processing commands for cont...@bugs.debian.org: > tags 566072 +patch Bug #566072 [util-linux] fsck now failing hard for unavailable filesystems Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 566072: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566072 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#566072: apparently a feature, not a bug
tags 566072 +patch thanks Hi, According to the v2.17-ReleaseNotes, this is a feature, and the recommended way of dealing with potentially nonexistent filesystems is to use the nofail option. related commit: http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commitdiff;h=1bb516c34bf42d2ae9dc4aa40ae34b0df4e464a7 and manpage update: http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commitdiff;h=0779255c1392b0f29874c384b4dae426e0449773 So, assuming that we doesn't want to diverge from upstream, the way to go is to add a remark in the Debian release notes, and display the offending device right before the hard failure. Note that the nonexistent+nofail check is done by fsck itself (eg. not fsck.vfat or any other external binary) and only when invoked with -A. Sample output with the attached patch: $ ./fsck -A fsck from util-linux-ng 2.17 e2fsck 1.41.12 (17-May-2010) /dev/sda3 is mounted. WARNING!!! The filesystem is mounted. If you continue you ***WILL*** cause ***SEVERE*** filesystem damage. Do you really want to continue (y/n)? no check aborted. e2fsck 1.41.12 (17-May-2010) e2fsck: need terminal for interactive repairs --> /dev/disk/by-id/usb-Sony_Sony_DSC-part1: device nonexistent and declared without nofail dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN open: No such file or directory Without -A the behaviour remains the same (which makes sense): $ ./fsck /dev/disk/by-id/usb-Sony_Sony_DSC-part1 fsck from util-linux-ng 2.17 dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN open: No such file or directory -S --- util-linux-2.17.2.orig/fsck/fsck.c 2010-09-29 23:22:47.0 +0200 +++ util-linux-2.17.2/fsck/fsck.c 2010-09-29 23:52:38.0 +0200 @@ -1033,6 +1033,11 @@ static int check_all(NOARGS) fs->flags |= FLAG_DONE; continue; } + if ((!device_exists(fs->device)) && + (!opt_in_list("nofail", fs->opts))) +fprintf(stderr, + _("%s: device nonexistent and declared without nofail\n"), + fs->device); /* * If a filesystem on a particular device has * already been spawned, then we need to defer
Bug#591995: marked as done (babiloo: insecure downloading and unpacking of dictionary files)
Your message dated Wed, 29 Sep 2010 22:02:05 + with message-id and subject line Bug#591995: fixed in babiloo 2.0.11-1 has caused the Debian Bug report #591995, regarding babiloo: insecure downloading and unpacking of dictionary files to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 591995: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: babiloo Version: 2.0.9-1 Severity: grave Tags: security Justification: user security hole babiloo creates temporary files with predictable names, allowing a local attacker to overwrite arbitrary files. An example scenario: 1. Attacker does `ln -sf /file/to/overwrite /tmp/fra_vie.dct.zip`. 2. Victim runs babiloo, selects Dictionaries > Download Dictionaries, selects the "French-Vietnamese" dictionary, and clicks the icon to download it. In addition to that, babiloo appears to be affected by CVE-2007-4559. -- Jakub Wilk signature.asc Description: Digital signature --- End Message --- --- Begin Message --- Source: babiloo Source-Version: 2.0.11-1 We believe that the bug you reported is fixed in the latest version of babiloo, which is due to be installed in the Debian FTP archive: babiloo_2.0.11-1.diff.gz to main/b/babiloo/babiloo_2.0.11-1.diff.gz babiloo_2.0.11-1.dsc to main/b/babiloo/babiloo_2.0.11-1.dsc babiloo_2.0.11-1_all.deb to main/b/babiloo/babiloo_2.0.11-1_all.deb babiloo_2.0.11.orig.tar.gz to main/b/babiloo/babiloo_2.0.11.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 591...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marco Rodrigues (supplier of updated babiloo package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 28 Sep 2010 22:30:41 +0100 Source: babiloo Binary: babiloo Architecture: source all Version: 2.0.11-1 Distribution: unstable Urgency: low Maintainer: Python Applications Packaging Team Changed-By: Marco Rodrigues Description: babiloo- dictionary viewer with multi-languages support Closes: 591995 Changes: babiloo (2.0.11-1) unstable; urgency=low . * New upstream version (Closes: #591995). * debian/control: + Move python-qt4 to Recommends. Thanks Jakub Wilk for the tip. + Change my e-mail address. * debian/copyright: + Change my e-mail address. * debian/control: - Bump Standards-Version to 3.9.1, no changes required. Checksums-Sha1: 52c7a1176b1dd4050e30691df809946a23304c1a 1334 babiloo_2.0.11-1.dsc bee082229588bfc2b7c55ae3c8e173f6ca10a789 949765 babiloo_2.0.11.orig.tar.gz 5e5197212e75b2644e82f368c64e586866a26d9c 2946 babiloo_2.0.11-1.diff.gz b33344c2cff18c05f9f2943204626099734f3e87 895280 babiloo_2.0.11-1_all.deb Checksums-Sha256: 2e673076315992b1ca8d697ae001726b27a2c823436bf1eba3f8da9708ec7c38 1334 babiloo_2.0.11-1.dsc 2b7fa4b0336c1664b87f9018cd8dbd0fe20edf25f4c57eb17e41c1095199611b 949765 babiloo_2.0.11.orig.tar.gz bca1aef85eb9fc0836c65994bcacf0d1e4e76d5b1c15ba83ae40d372dd0a2798 2946 babiloo_2.0.11-1.diff.gz f0e93409c9dbbb136ff85e00d4a3b6b84d9aaedd21311fbbfd31c4b2bbe72aa5 895280 babiloo_2.0.11-1_all.deb Files: cb3c2489e413658b357ba93bcc111291 1334 utils optional babiloo_2.0.11-1.dsc c384c6874590517515a20d8530b85ab1 949765 utils optional babiloo_2.0.11.orig.tar.gz 19456945e7291be2e119583c605446a4 2946 utils optional babiloo_2.0.11-1.diff.gz 08328cdab08ddce4a1eb49bee175ff37 895280 utils optional babiloo_2.0.11-1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyjs98ACgkQB01zfu119ZnC6ACfQPOLCo8EZgakA8LcbjTvilom 9h0An3upBm2X9Q2/IfNd58xvAiSTIYOl =pJ5A -END PGP SIGNATURE- --- End Message ---
Bug#595878: wordnet: builds on ARM EABI (armel)
Hello, I attempted a succesfull build of `wordnet' in abel (armel) porterbox. Could you please give back `wordnet' in armel? Attached build.log Best regards, -- Hector Oron dpkg-buildpackage: export CFLAGS from dpkg-buildflags (origin: vendor): -g -O2 dpkg-buildpackage: export CPPFLAGS from dpkg-buildflags (origin: vendor): dpkg-buildpackage: export CXXFLAGS from dpkg-buildflags (origin: vendor): -g -O2 dpkg-buildpackage: export FFLAGS from dpkg-buildflags (origin: vendor): -g -O2 dpkg-buildpackage: export LDFLAGS from dpkg-buildflags (origin: vendor): dpkg-buildpackage: source package wordnet dpkg-buildpackage: source version 1:3.0-23 dpkg-buildpackage: source changed by Andreas Tille dpkg-buildpackage: host architecture armel test -x debian/rules mkdir -p "." /usr/bin/make -f debian/rules reverse-config make[1]: Entering directory `/home/zumbi/wordnet-3.0' for i in ./config.guess ./config.sub ; do \ if test -e $i.cdbs-orig ; then \ mv $i.cdbs-orig $i ; \ fi ; \ done make[1]: Leaving directory `/home/zumbi/wordnet-3.0' cd . && QUILT_PATCHES=/home/zumbi/wordnet-3.0/debian/patches quilt --quiltrc /dev/null push -a || test $? = 2 Applying patch 01_tcltk8.5.patch patching file autogen.sh patching file config.h.in patching file configure patching file configure.ac patching file contrib/Makefile.in patching file contrib/wordnet_structures/Makefile.in patching file dict/dbfiles/Makefile.in patching file dict/Makefile.in patching file doc/html/Makefile.in patching file doc/Makefile.in patching file doc/man/Makefile.in patching file doc/pdf/Makefile.in patching file doc/ps/Makefile.in patching file include/Makefile.in patching file lib/Makefile.in patching file lib/wnres/Makefile.in patching file Makefile.in patching file src/grind/Makefile.in patching file src/Makefile.in patching file aclocal.m4 Applying patch 10_wordnet_structures.patch patching file contrib/wordnet_structures/wordnet_structures.py Applying patch 20_doc_Makefile.in.patch patching file doc/Makefile.in Applying patch 20_doc_man_wninput.patch patching file doc/man/wninput.5 Applying patch 20_include_wn.h.patch patching file include/wn.h Applying patch 20_src_stubs_c.patch patching file src/stubs.c Applying patch 20_src_wnb.patch patching file src/wnb Applying patch 20_verb.social_fix.patch patching file dict/dbfiles/verb.social Applying patch 20_adj.all_fix.patch patching file dict/dbfiles/adj.all Applying patch 30_src_grind.patch patching file src/grind/create.c patching file src/grind/files.c patching file src/grind/grind.c patching file src/grind/makedb.c patching file src/grind/resolve.c patching file src/grind/util.c Applying patch 40_doc_man_fix_names.patch patching file doc/man/binsrch.3 patching file doc/man/lexnames.5 patching file doc/man/morph.3 patching file doc/man/wnsearch.3 patching file doc/man/wnutil.3 Applying patch 41_doc_man_fix_names.patch patching file doc/man/wninput.5 patching file doc/man/wnsearch.3 patching file doc/man/wnutil.3 patching file doc/man/grind.1 patching file doc/man/lexnames.5 Applying patch 50_CVE-2008-2149_buffer_overflows.patch patching file src/wn.c Applying patch 51_overflows.patch patching file lib/binsrch.c patching file lib/morph.c patching file lib/search.c patching file lib/wnutil.c patching file src/wn.c Applying patch 51_overflows_memcpy.patch patching file lib/search.c Applying patch 90_prevent_parallel_build.patch patching file src/grind/Makefile.in patching file Makefile.in Now at patch 90_prevent_parallel_build.patch touch debian/stamp-patched /usr/bin/make -f debian/rules update-config make[1]: Entering directory `/home/zumbi/wordnet-3.0' if test -e /usr/share/misc/config.guess ; then \ for i in ./config.guess ; do \ if ! test -e $i.cdbs-orig ; then \ mv $i $i.cdbs-orig ; \ cp --remove-destination /usr/share/misc/config.guess $i ; \ fi ; \ done ; \ fi if test -e /usr/share/misc/config.sub ; then \ for i in ./config.sub ; do \ if ! test -e $i.cdbs-orig ; then \ mv $i $i.cdbs-orig ; \ cp --remove-destination /usr/share/misc/config.sub $i ; \ fi ; \ done ; \ fi make[1]: Leaving directory `/home/zumbi/wordnet-3.0' if test -e /usr/share/misc/config.guess ; then \ for i in ./config.guess ; do \ if ! test -e $i.cdbs-orig ; then \ mv $i $i.cdbs-orig ; \ cp --remove-destination /usr/share/misc/config.guess $i ; \ fi ; \ done ; \ fi if test -e /usr/share/misc/config.sub ; then \ for i in ./config.sub ; do \ if ! test
Bug#597158: Info about #597158
Hi! The error that the user is seeing is this: http://people.debian.org/~naoliv/misc/597158.png It happens when libvirt-bin is not installed, indeed, but virt-manager should fail more gracefully if no local connection is available. Since it can be used to manage remote machines, there is no need for a scary message every time virt-manager is run. Maybe the local connection shouldn't be created by default or something else. Best regards, Nelson -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#591975: [MTOS-dev] Licence/source code for .swf files shipping with MTOS
On Wed, Sep 29, 2010 at 03:58:10PM +0900, Jun Kaneko wrote: > Dominic, > > Sorry to keep you waiting, > I'm talking with the author again. > Please wait for a while for the response. Hi, Okay, I will upload to non-free in one week if as solution isn't available then. Cheers, Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#577013: marked as done (Should not be part of stable)
"Moritz Muehlenhoff" wrote: >On Sun, Sep 12, 2010 at 11:14:34AM +0200, Philipp Kern wrote: >> In unstable Moritz wanted to file some general removal requests... >> python-clamav: python-clamav > >The status is unclear to me, should we go ahead with removal? > There's a diff for a maintainer change wait for a reply from Phil -release. My understanding was if it was maintained it would stay in. Scott K -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#577013: marked as done (Should not be part of stable)
On Sun, Sep 12, 2010 at 11:14:34AM +0200, Philipp Kern wrote: > In unstable Moritz wanted to file some general removal requests, but > currently it's this list: > > # Broken Depends: > c-icap: c-icap We should keep this for now, Jochen wrote that it will be rewritten to no longer use libclamav. > havp: havp I've contacted the havp maintainer for removal. > php-clamav: php5-clamav I've just filed a removal request. > python-clamav: python-clamav The status is unclear to me, should we go ahead with removal? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#597995: balsa: uninstallable due to old libesmtp5
On Mon, 2010-09-27 at 13:21 +0200, Emilio Pozuelo Monfort wrote: > On 25/09/10 19:04, Guillem Jover wrote: > >> 2) "balsa depends on libesmtp5 (<=0.8.8) BUT libesmtp5 does not appear to > >> be available (no install package)" > > > > This does not seem to have been reported, so I'm reassigning this bug > > report to balsa. I guess it just needs a binNMU against a newer > > libesmtp-dev (libesmtp6). > > Yes, a rebuild solves the problem. > > Release Team, please binNMU balsa on all architectures. Scheduled. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#535159: marked as done (ser2net: fix use after in control port handling)
Your message dated Wed, 29 Sep 2010 19:59:28 + with message-id and subject line Bug#535159: fixed in ser2net 2.5-1+lenny1 has caused the Debian Bug report #535159, regarding ser2net: fix use after in control port handling to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 535159: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535159 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ser2net Version: 2.5-1 Severity: serious tags: patch ser2net provides a control port which may be (ab)used to a segfault via use after free. The write() handler may catch an error free the controler struct and continue writting. This leads to another error (invalid fd) and a free & cleanup process on de-allocated data. This is the segfault. The patch attached fixes the problem. Sebastian Subject: Fix use after free in controller The controller will use its dynamically allocated data after it got free() in error path. What we see in syslog is: | Jun 30 10:26:38 consrv3 ser2net[3073]: read error for controller port: Connection reset by peer | Jun 30 10:26:39 consrv3 ser2net[3073]: The tcp write for controller had error: Bad file descriptor The first error is "legal" because the destitnation decided to close its socket a little to early than expected. The second error is allready bad because it tries to use allready deallocated fd. Later we segfault. Signed-off-by: Sebastian Andrzej Siewior Index: ser2net-2.5/controller.c === --- ser2net-2.5.orig/controller.c 2009-06-30 10:50:57.0 +0200 +++ ser2net-2.5/controller.c2009-06-30 10:52:28.0 +0200 @@ -557,10 +557,12 @@ /* This again was due to O_NONBLOCK, just ignore it. */ } else if (errno == EPIPE) { shutdown_controller(cntlr); + return; } else { /* Some other bad error. */ syslog(LOG_ERR, "The tcp write for controller had error: %m"); shutdown_controller(cntlr); + return; } } else { int i, j; @@ -584,10 +586,12 @@ /* This again was due to O_NONBLOCK, just ignore it. */ } else if (errno == EPIPE) { shutdown_controller(cntlr); + return; } else { /* Some other bad error. */ syslog(LOG_ERR, "The tcp write for controller had error: %m"); shutdown_controller(cntlr); + return; } } else { cntlr->outbuf_count -= write_count; --- End Message --- --- Begin Message --- Source: ser2net Source-Version: 2.5-1+lenny1 We believe that the bug you reported is fixed in the latest version of ser2net, which is due to be installed in the Debian FTP archive: ser2net_2.5-1+lenny1.diff.gz to main/s/ser2net/ser2net_2.5-1+lenny1.diff.gz ser2net_2.5-1+lenny1.dsc to main/s/ser2net/ser2net_2.5-1+lenny1.dsc ser2net_2.5-1+lenny1_i386.deb to main/s/ser2net/ser2net_2.5-1+lenny1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 535...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marc Haber (supplier of updated ser2net package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 28 Sep 2010 19:58:37 + Source: ser2net Binary: ser2net Architecture: source i386 Version: 2.5-1+lenny1 Distribution: stable Urgency: low Maintainer: Marc Haber Changed-By: Marc Haber Description: ser2net- Serial port to network proxy Closes: 535159 Changes: ser2net (2.5-1+lenny1) stable; urgency=low . * add patch from Sebastian Andrzej Siewior. Closes: #535159 Checksums-Sha1: 6f42fca4638f0d2cd26dd0ddbf671ad64320ee26 1055 ser2net_2.5-1+lenny1.dsc e9d48446dca77d4e0066850adce3ec69880cf2c7 6735 ser2net_2.5-1+lenny1.diff.gz 3b6e6cba37878c0e5a211f128734e32a5f5f62de 40112 ser2net_2.5-1+lenny1_i386.deb Checksums-Sha256: f58a31ef4076231a64845161f07f9107b4a653f1762b90a3274eb7501cba2380 1055 ser2net_2.5-1+lenny1.dsc ace592e8db6b5af5249155ac49b5bc769b21cbc23a95b2c15aff4243a7f34cb0 6735 ser2net_2.5-1+lenny1.diff.gz 642c16169eb9a2741cf0b20ad39ea4bd21ec10aa9d35332ca9518dfa678c4bfe 40112
Bug#598432: python-apt: upgrade fails
Il 29/09/2010 19:51, Piotr Ozarowski ha scritto: > Luca: If python-apt maintainers will decide to use my patch, please > fast-process it in NEW if possible (it's part of the python3 in Squeeze > goal we talked about before, TIA) I've processed it just now. -- .''`. : :' : Luca Falavigna `. `' `- signature.asc Description: OpenPGP digital signature
Bug#526878: Bug#471801: Bug#526878: Bug#504283: Bug#471801: egroupware adoption or removal?
On ons, 2010-09-29 at 18:46 +0200, Jan Wagner wrote: > Hi Lars, > > On Monday, 3. May 2010, Lars Volker wrote: > > I've uploaded the new packages to m-d-n and I'd be glad, if one of you > > could have a look at them. Especially I'm looking forward to hear from > > Peter again. > > even if it would be too late for squeeze, is there any progress on the > packaging? I did realize, that 1.8 is coming around the corner. I think Lars Volker is doing the packaging, but is looking for a sponsor/mentor in Debian. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
On Wed, Sep 29, 2010 at 08:09:14PM +0200, Piotr Ożarowski wrote: > [Piotr Ozarowski, 2010-09-29] > > attached > > here's a version of the patch that also uses dh_python2 (so that > python-central is not needed anymore) Many thanks for that patch! I commited it to bzr and uploaded a new version :) Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#575519: coriander: segfault
On Sun, Jul 25, 2010 at 18:19:02 +0200, Laurent Bonnaud wrote: > On Sun, 2010-07-25 at 15:08 +0200, Guus Sliepen wrote: > > > Can you provide me with a backtrace (using gdb, with the "bt full" command) > > when it does crash? > > I will not be able to do so until september when I have physical access > to my test machine again (because of the holidays). > Any progress with this? Cheers, Julien signature.asc Description: Digital signature
Bug#598432: python-apt: upgrade fails
On Wed, Sep 29, 2010 at 08:22:56PM +0200, Julian Andres Klode wrote: > On Mi, 2010-09-29 at 19:51 +0200, Piotr Ozarowski wrote: > > tags 598432 + patch > > thanks > > > > [Piotr Ożarowski, 2010-09-29] > > > I'll try to send you a patch this evening > > > > attached > > > > Luca: If python-apt maintainers will decide to use my patch, please > > fast-process it in NEW if possible (it's part of the python3 in Squeeze > > goal we talked about before, TIA) Thanks for the new patch! > Maybe you missed it, but I already wrote 5 hours ago that doko provided > a patch[1] and mvo is testing it already. We should probably merge both > patches into a single one. The patch from doko has some issues and I was too busy this afternoon to properly fix them, the new one looks much better, I test-build it currently. They are both very similar, but the one from Piotr is working better. Thanks, Michael > [1] http://people.canonical.com/~doko/tmp/3.diff > -- > Julian Andres Klode - Debian Developer, Ubuntu Member > > See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: severity of 598528 is important
Processing commands for cont...@bugs.debian.org: > severity 598528 important Bug #598528 [xserver-xorg-video-intel] unstable on GNU/kFreeBSD Severity set to 'important' from 'grave' > thanks Stopping processing here. Please contact me if you need assistance. -- 598528: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598528 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#596052: marked as done (emacs22-non-dfsg: Should not be in Squeeze)
Your message dated Wed, 29 Sep 2010 20:22:22 +0200 with message-id <877hi49zq9@turtle.gmx.de> and subject line emacs22-non-dfsg removed from unstable has caused the Debian Bug report #596052, regarding emacs22-non-dfsg: Should not be in Squeeze to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 596052: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596052 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: emacs22-non-dfsg Version: 22.3+1-1 Severity: serious Justification: Should not be released Squeeze should not be released with emacs22-non-dfsg (just like emacs22, see #582156). This is a dummy bug to prevent the package from migrating to testing. Regards, -- Mehdi Dogguy -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'testing-proposed-updates'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- Package: emacs22-non-dfsg Version: 22.3+1-1+rm The emacs22-non-dfsg package was removed from unstable today, I'm closing its two open bugs. --- End Message ---
Bug#598432: python-apt: upgrade fails
On Mi, 2010-09-29 at 19:51 +0200, Piotr Ozarowski wrote: > tags 598432 + patch > thanks > > [Piotr Ożarowski, 2010-09-29] > > I'll try to send you a patch this evening > > attached > > Luca: If python-apt maintainers will decide to use my patch, please > fast-process it in NEW if possible (it's part of the python3 in Squeeze > goal we talked about before, TIA) Maybe you missed it, but I already wrote 5 hours ago that doko provided a patch[1] and mvo is testing it already. We should probably merge both patches into a single one. [1] http://people.canonical.com/~doko/tmp/3.diff -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
[Piotr Ozarowski, 2010-09-29] > attached here's a version of the patch that also uses dh_python2 (so that python-central is not needed anymore) diff -Nru python-apt-0.7.98/debian/changelog python-apt-0.7.98+nmu1/debian/changelog --- python-apt-0.7.98/debian/changelog 2010-09-28 15:47:51.0 +0200 +++ python-apt-0.7.98+nmu1/debian/changelog 2010-09-29 19:55:36.0 +0200 @@ -1,3 +1,13 @@ +python-apt (0.7.98+nmu1) unstable; urgency=low + + * Non-maintainer upload. + * Use dh_python3 to handle Python 3 files +- bump minimum required versions of python-central and python3-all-dev +- add new python3-apt, python3-apt-bdg and python-common binary packages + * Replace python-central with dh_python2 + + -- Piotr Ożarowski Wed, 29 Sep 2010 19:53:36 +0200 + python-apt (0.7.98) unstable; urgency=low [ Michael Vogt ] diff -Nru python-apt-0.7.98/debian/control python-apt-0.7.98+nmu1/debian/control --- python-apt-0.7.98/debian/control 2010-09-07 14:03:20.0 +0200 +++ python-apt-0.7.98+nmu1/debian/control 2010-09-29 20:02:13.0 +0200 @@ -9,11 +9,10 @@ Build-Depends: apt-utils, debhelper (>= 7.3.5), libapt-pkg-dev (>= 0.8), - python-all-dev, + python-all-dev (>= 2.6.6-3~), python-all-dbg, - python3-all-dev (>= 3.1.2-6~), + python3-all-dev (>= 3.1.2-10~), python3-all-dbg (>= 3.1.2-6~), - python-central (>= 0.5), python-distutils-extra (>= 2.0), python-sphinx (>= 0.5), python-debian @@ -22,10 +21,10 @@ Package: python-apt Architecture: any -Depends: ${python:Depends}, ${shlibs:Depends}, ${misc:Depends} +Depends: ${python:Depends}, ${shlibs:Depends}, ${misc:Depends}, python-apt-common Recommends: lsb-release, iso-codes, python2.6 -Breaks: debdelta (<< 0.28~), packagekit-backend-apt (<= 0.4.8-0ubuntu4) -Provides: python3-apt, ${python:Provides} +Breaks: debdelta (<< 0.28~), packagekit-backend-apt (<= 0.4.8-0ubuntu4), ${python:Breaks} +Provides: ${python:Provides} Suggests: python-apt-dbg, python-gtk2, python-vte, python-apt-doc XB-Python-Version: ${python:Versions} Description: Python interface to libapt-pkg @@ -82,3 +81,52 @@ . This package contains the header files needed to use python-apt objects from C++ applications. + +Package: python-apt-common +Priority: optional +Architecture: all +Depends: ${misc:Depends}, python | python3 +Enhances: python-apt, python3-apt +Breaks: python-apt (<< 0.7.98+nmu1) +Description: Python interface to libapt-pkg (locales) + The apt_pkg Python interface will provide full access to the internal + libapt-pkg structures allowing Python programs to easily perform a + variety of functions. + . + This package contains locales. + +Package: python3-apt +Architecture: any +Depends: ${python3:Depends}, ${shlibs:Depends}, ${misc:Depends}, python-apt-common +Recommends: lsb-release, iso-codes +Provides: ${python3:Provides} +Suggests: python3-apt-dbg, python-apt-doc +Breaks: python-apt (<< 0.7.98+nmu1) +Replaces: python-apt (<< 0.7.98+nmu1) +Description: Python 3 interface to libapt-pkg + The apt_pkg Python 3 interface will provide full access to the internal + libapt-pkg structures allowing Python 3 programs to easily perform a + variety of functions, such as: + . + - Access to the APT configuration system + - Access to the APT package information database + - Parsing of Debian package control files, and other files with a +similar structure + . + The included 'aptsources' Python interface provides an abstraction of + the sources.list configuration on the repository and the distro level. + +Package: python3-apt-dbg +Priority: extra +Architecture: any +Section: debug +Breaks: python-apt (<< 0.7.98+nmu1) +Depends: python3-dbg, python3-apt (= ${binary:Version}), ${shlibs:Depends}, + ${misc:Depends} +Description: Python 3 interface to libapt-pkg (debug extension) + The apt_pkg Python 3 interface will provide full access to the internal + libapt-pkg structures allowing Python 3 programs to easily perform a + variety of functions. + . + This package contains the extension built for the Python debug interpreter. + diff -Nru python-apt-0.7.98/debian/python3-apt-dbg.install python-apt-0.7.98+nmu1/debian/python3-apt-dbg.install --- python-apt-0.7.98/debian/python3-apt-dbg.install 1970-01-01 01:00:00.0 +0100 +++ python-apt-0.7.98+nmu1/debian/python3-apt-dbg.install 2010-09-29 15:59:03.0 +0200 @@ -0,0 +1 @@ +usr/lib/python3*/*/*_d.so diff -Nru python-apt-0.7.98/debian/python3-apt.install python-apt-0.7.98+nmu1/debian/python3-apt.install --- python-apt-0.7.98/debian/python3-apt.install 1970-01-01 01:00:00.0 +0100 +++ python-apt-0.7.98+nmu1/debian/python3-apt.install 2010-09-29 16:17:19.0 +0200 @@ -0,0 +1,4 @@ +usr/lib/python3*/*/apt_pkg.so +usr/lib/python3*/*/apt_inst.so +usr/lib/python3*/*/*/ +usr/lib/python3*/*/*.egg-info diff -Nru
Bug#598528: unstable on GNU/kFreeBSD
Package: xserver-xorg-video-intel Version: 2:2.9.1-4 Severity: grave User: debian-...@lists.debian.org Usertags: kfreebsd This driver behaves unreliably on GNU/kFreeBSD. After a while of running it (usually 1 or 2 h) screen stops updating (I didn't determine whether X crashed, but disk and network activity indicate there's no kernel crash). Same version of xserver-xorg-video-intel on same hardware, running on GNU/Linux doesn't exhibit this problem. As a workaround I switched to xserver-xorg-video-vesa. I think unless this can be fixed it'd be better not to provide this driver on GNU/kFreeBSD squeeze, so that users will fallback to -vesa and at least get a working setup. Also, support for non-Linux is discontinued on later versions anyway, much regretably. Perhaps debian-bsd (CCed) can comment or provide advice on this. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: kfreebsd-amd64 (x86_64) Kernel: kFreeBSD 8.1-1-amd64 Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598452: apt-get autoremove wants to remove essential packages
Hi Andris, 2010/9/29 Andris Kalnozols : > the "apt-get autoremove" command now considers the running > kernel and other essential packages as removable: Thanks for your detailed bugreport! Its true that apt 0.8.5 wants to remove packages which should be protected by the APT::NeverAutoRemove settings. I don't know if it is a good or bad thing that you are still right that 0.8.0 (and even ~exp before) were effected, too - it was just hidden by another small bug #594689 which got fixed in 0.8.1. And what should i say, this one is as silly as the other one: The essence of the patch to fix this problem here is: - bool InRootSet(const pkgCache::PkgIterator &pkg) { return pkg.end() == true && Match(pkg.Name()); }; + bool InRootSet(const pkgCache::PkgIterator &pkg) { return pkg.end() == false && Match(pkg.Name()); }; I love it(TM)! Sorry for the inconvenience, a fixed version will be released soon… Best regards David Kalnischkies -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#598432: python-apt: upgrade fails
Processing commands for cont...@bugs.debian.org: > tags 598432 + patch Bug #598432 [python-apt] python-apt: upgrade fails Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 598432: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598432 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
tags 598432 + patch thanks [Piotr Ożarowski, 2010-09-29] > I'll try to send you a patch this evening attached Luca: If python-apt maintainers will decide to use my patch, please fast-process it in NEW if possible (it's part of the python3 in Squeeze goal we talked about before, TIA) diff -Nru python-apt-0.7.98/debian/changelog python-apt-0.7.98+nmu1/debian/changelog --- python-apt-0.7.98/debian/changelog 2010-09-28 15:47:51.0 +0200 +++ python-apt-0.7.98+nmu1/debian/changelog 2010-09-29 18:23:59.0 +0200 @@ -1,3 +1,12 @@ +python-apt (0.7.98+nmu1) unstable; urgency=low + + * Non-maintainer upload. + * Use dh_python3 to handle Python 3 files +- bump minimum required versions of python-central and python3-all-dev +- add new python3-apt, python3-apt-bdg and python-common binary packages + + -- Piotr Ożarowski Wed, 29 Sep 2010 18:23:25 +0200 + python-apt (0.7.98) unstable; urgency=low [ Michael Vogt ] diff -Nru python-apt-0.7.98/debian/control python-apt-0.7.98+nmu1/debian/control --- python-apt-0.7.98/debian/control 2010-09-07 14:03:20.0 +0200 +++ python-apt-0.7.98+nmu1/debian/control 2010-09-29 19:34:37.0 +0200 @@ -11,9 +11,9 @@ libapt-pkg-dev (>= 0.8), python-all-dev, python-all-dbg, - python3-all-dev (>= 3.1.2-6~), + python3-all-dev (>= 3.1.2-10~), python3-all-dbg (>= 3.1.2-6~), - python-central (>= 0.5), + python-central (>= 0.6.16+nmu1), python-distutils-extra (>= 2.0), python-sphinx (>= 0.5), python-debian @@ -22,10 +22,10 @@ Package: python-apt Architecture: any -Depends: ${python:Depends}, ${shlibs:Depends}, ${misc:Depends} +Depends: ${python:Depends}, ${shlibs:Depends}, ${misc:Depends}, python-apt-common Recommends: lsb-release, iso-codes, python2.6 Breaks: debdelta (<< 0.28~), packagekit-backend-apt (<= 0.4.8-0ubuntu4) -Provides: python3-apt, ${python:Provides} +Provides: ${python:Provides} Suggests: python-apt-dbg, python-gtk2, python-vte, python-apt-doc XB-Python-Version: ${python:Versions} Description: Python interface to libapt-pkg @@ -82,3 +82,52 @@ . This package contains the header files needed to use python-apt objects from C++ applications. + +Package: python-apt-common +Priority: optional +Architecture: all +Depends: ${misc:Depends}, python | python3 +Enhances: python-apt, python3-apt +Breaks: python-apt (<< 0.7.98+nmu1) +Description: Python interface to libapt-pkg (locales) + The apt_pkg Python interface will provide full access to the internal + libapt-pkg structures allowing Python programs to easily perform a + variety of functions. + . + This package contains locales. + +Package: python3-apt +Architecture: any +Depends: ${python3:Depends}, ${shlibs:Depends}, ${misc:Depends}, python-apt-common +Recommends: lsb-release, iso-codes +Provides: ${python3:Provides} +Suggests: python3-apt-dbg, python-apt-doc +Breaks: python-apt (<< 0.7.98+nmu1) +Replaces: python-apt (<< 0.7.98+nmu1) +Description: Python 3 interface to libapt-pkg + The apt_pkg Python 3 interface will provide full access to the internal + libapt-pkg structures allowing Python 3 programs to easily perform a + variety of functions, such as: + . + - Access to the APT configuration system + - Access to the APT package information database + - Parsing of Debian package control files, and other files with a +similar structure + . + The included 'aptsources' Python interface provides an abstraction of + the sources.list configuration on the repository and the distro level. + +Package: python3-apt-dbg +Priority: extra +Architecture: any +Section: debug +Breaks: python-apt (<< 0.7.98+nmu1) +Depends: python3-dbg, python3-apt (= ${binary:Version}), ${shlibs:Depends}, + ${misc:Depends} +Description: Python 3 interface to libapt-pkg (debug extension) + The apt_pkg Python 3 interface will provide full access to the internal + libapt-pkg structures allowing Python 3 programs to easily perform a + variety of functions. + . + This package contains the extension built for the Python debug interpreter. + diff -Nru python-apt-0.7.98/debian/python3-apt-dbg.install python-apt-0.7.98+nmu1/debian/python3-apt-dbg.install --- python-apt-0.7.98/debian/python3-apt-dbg.install 1970-01-01 01:00:00.0 +0100 +++ python-apt-0.7.98+nmu1/debian/python3-apt-dbg.install 2010-09-29 15:59:03.0 +0200 @@ -0,0 +1 @@ +usr/lib/python3*/*/*_d.so diff -Nru python-apt-0.7.98/debian/python3-apt.install python-apt-0.7.98+nmu1/debian/python3-apt.install --- python-apt-0.7.98/debian/python3-apt.install 1970-01-01 01:00:00.0 +0100 +++ python-apt-0.7.98+nmu1/debian/python3-apt.install 2010-09-29 16:17:19.0 +0200 @@ -0,0 +1,4 @@ +usr/lib/python3*/*/apt_pkg.so +usr/lib/python3*/*/apt_inst.so +usr/lib/python3*/*/*/ +usr/lib/python3*/*/*.egg-info diff -Nru python-apt-0.7.98/debian/python-apt-common.install pyt
Bug#526878: Bug#471801: Bug#526878: Bug#504283: Bug#471801: egroupware adoption or removal?
Hi Lars, On Monday, 3. May 2010, Lars Volker wrote: > I've uploaded the new packages to m-d-n and I'd be glad, if one of you > could have a look at them. Especially I'm looking forward to hear from > Peter again. even if it would be too late for squeeze, is there any progress on the packaging? I did realize, that 1.8 is coming around the corner. With kind regards, Jan. -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK-- signature.asc Description: This is a digitally signed message part.
Bug#597585: marked as done ([SECURITY] [DSA-2112-1] CVE-2010-0405 integer overflow)
Your message dated Wed, 29 Sep 2010 18:19:28 +0200 with message-id <20100929161928.gb13...@inutil.org> and subject line Re: bzip2 1.0.6 still needed has caused the Debian Bug report #597540, regarding [SECURITY] [DSA-2112-1] CVE-2010-0405 integer overflow to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 597540: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597540 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: bzip2 Version: 1.0.5-5 Severity: serious Tags: security patch pending On Mon, Sep 20, 2010 at 11:05:59AM +, Stefan Fritsch wrote: >Mikolaj Izdebski has discovered an integer overflow flaw in the >BZ2_decompress function in bzip2/libbz2. An attacker could use a >crafted bz2 file to cause a denial of service (application crash) >or potentially to execute arbitrary code. (CVE-2010-0405) On Mon, Sep 13, 2010 at 06:18:30AM +0200, Stefan Fritsch wrote: >diff -U 5 bzip2-1.0.5-orig/decompress.c bzip2-1.0.5-mod/decompress.c >--- bzip2-1.0.5-orig/decompress.c 2007-12-09 13:31:31.0 +0100 >+++ bzip2-1.0.5-mod/decompress.c2010-06-23 23:05:49.0 +0200 >@@ -379,10 +379,17 @@ > if (nextSym == BZ_RUNA || nextSym == BZ_RUNB) { > > es = -1; > N = 1; > do { >+ /* Check that N doesn't get too big, so that es doesn't >+ go negative. The maximum value that can be >+ RUNA/RUNB encoded is equal to the block size (post >+ the initial RLE), viz, 900k, so bounding N at 2 >+ million should guard against overflow without >+ rejecting any legitimate inputs. */ >+ if (N >= 2*1024*1024) RETURN(BZ_DATA_ERROR); >if (nextSym == BZ_RUNA) es = es + (0+1) * N; else >if (nextSym == BZ_RUNB) es = es + (1+1) * N; >N = N * 2; >GET_MTF_VAL(BZ_X_MTF_3, BZ_X_MTF_4, nextSym); > } signature.asc Description: Digital signature --- End Message --- --- Begin Message --- Version: 1.0.5-6 On Tue, Sep 28, 2010 at 03:21:05PM -0500, Dirk Eddelbuettel wrote: > > reopen 597540 > thanks > > I just noticed that the current (dev) release of R checks for libbz2 >= 1.0.6 > and started to look around ... and noticed that Joss commented on > accidentally closing the RC bug but didn't actually reopen it. bzip2 has been fixed in 1.0.5-6 with a backported fix. This is rather a bug in the R build scripts, since it's standard behaviour to fix security issues with backports. It should not rely on version numbers. Cheers, Moritz --- End Message ---
Bug#597540: marked as done (bzip2: is recommended to be updated immediately to 1.0.6)
Your message dated Wed, 29 Sep 2010 18:19:28 +0200 with message-id <20100929161928.gb13...@inutil.org> and subject line Re: bzip2 1.0.6 still needed has caused the Debian Bug report #597540, regarding bzip2: is recommended to be updated immediately to 1.0.6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 597540: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597540 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: bzip2 Version: 1.0.5-4 Severity: normal http://www.bzip.org/ tells: “Version 1.0.6 removes a potential security vulnerability, CVE-2010-0405, so all users are recommended to upgrade immediately.” --- End Message --- --- Begin Message --- Version: 1.0.5-6 On Tue, Sep 28, 2010 at 03:21:05PM -0500, Dirk Eddelbuettel wrote: > > reopen 597540 > thanks > > I just noticed that the current (dev) release of R checks for libbz2 >= 1.0.6 > and started to look around ... and noticed that Joss commented on > accidentally closing the RC bug but didn't actually reopen it. bzip2 has been fixed in 1.0.5-6 with a backported fix. This is rather a bug in the R build scripts, since it's standard behaviour to fix security issues with backports. It should not rely on version numbers. Cheers, Moritz --- End Message ---
Bug#596929: Bug#596931: gforge-db-postgresql: Database still not created on installation
Roland Mas writes: > Indeed. My previous fix to bug #596929 was wrong. I have committed a > new one that should work. I can't do the upload right now (and I want > to fix some other bugs in the next upload), but a temporary workaround Thanks a lot, the workaround indeed equipped me with an working database! cheers sascha -- Sascha Wilde OpenPGP key: 4BB86568 http://www.intevation.de/~wilde/ http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner pgpFmGjSmA7g2.pgp Description: PGP signature
Bug#598432: python-apt: so does removing it
Package: python-apt Version: 0.7.98 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 dpkg: error processing python-apt (--purge): Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. configured to not write apport reports Errors were encountered while processing: python-apt - -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python-apt depends on: ii apt [libapt-pkg4.10] 0.8.5 Advanced front-end for dpkg ii apt-utils [libapt-inst1.2] 0.8.5 APT utility programs ii libc62.11.2-6Embedded GNU C Library: Shared lib ii libgcc1 1:4.4.4-17 GCC support library ii libstdc++6 4.4.4-17The GNU Standard C++ Library v3 ii python 2.6.6-3 interactive high-level object-orie ii python-central 0.6.16+nmu1 register and build utility for Pyt Versions of packages python-apt recommends: ii iso-codes 3.20-1 ISO language, territory, currency, ii lsb-release 3.2-24 Linux Standard Base version report ii python2.6 2.6.6-5An interactive high-level object-o Versions of packages python-apt suggests: pn python-apt-dbg (no description available) pn python-apt-doc (no description available) ii python-gtk2 2.17.0-4 Python bindings for the GTK+ widge pn python-vte (no description available) - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyjXVAACgkQw5UvgfnzqGpaIQCgyTAQbvz7RfIItNh4ZPp0A8IN k9AAoI3Ra2Hhnp+abc2L8+7OxFnik0i8 =JK2A -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#527455: marked as done (python2.5: Please build against newer libdb)
On Tue, Sep 28, 2010 at 18:25:03 +0200, Julien Cristau wrote: > On Mon, Sep 27, 2010 at 21:48:49 +0200, Matthias Klose wrote: > > > please check this at least on sparc, maybe asking the sparc port > > maintainers for assistance? that was the platform with most of the > > troubles. > > > I have a build running on sperger, it looks like it'll take a while, > I'll follow up here once it's completed. Thanks for the help. > Hi Matthias, the build log is at http://people.debian.org/~jcristau/python2.5-db4.8-sparc.log The bsddb3 testsuite failed once with the same exception I had on i386, and passed the rest of the time. Cheers, Julien signature.asc Description: Digital signature
Bug#590810: marked as done (xmpi: Maintainer address seems to bounce)
Your message dated Wed, 29 Sep 2010 15:02:23 + with message-id and subject line Bug#590810: fixed in xmpi 2.2.3b8-11 has caused the Debian Bug report #590810, regarding xmpi: Maintainer address seems to bounce to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 590810: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590810 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: xmpi Severity: serious Justification: Policy 3.3 Hi! The maintainer adrress seems to bounce, as ftp-master got some bounces for processing / acceptance mails (for the package lam, but appearently xmpi uses the same address), stating that "Dr. Camm Maguire is no longer employed by INTECH. Please email him at instead." Please fix that. Best regards, Alexander -- System Information: Debian Release: 5.0.5 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-xen-686 (SMP w/1 CPU core) Locale: lang=de...@euro, lc_ctype=de...@euro (charmap=ISO-8859-15) ignored: LC_ALL set to de...@euro) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- Source: xmpi Source-Version: 2.2.3b8-11 We believe that the bug you reported is fixed in the latest version of xmpi, which is due to be installed in the Debian FTP archive: libxmpi4-dev_2.2.3b8-11_i386.deb to main/x/xmpi/libxmpi4-dev_2.2.3b8-11_i386.deb libxmpi4_2.2.3b8-11_i386.deb to main/x/xmpi/libxmpi4_2.2.3b8-11_i386.deb xmpi_2.2.3b8-11.diff.gz to main/x/xmpi/xmpi_2.2.3b8-11.diff.gz xmpi_2.2.3b8-11.dsc to main/x/xmpi/xmpi_2.2.3b8-11.dsc xmpi_2.2.3b8-11_i386.deb to main/x/xmpi/xmpi_2.2.3b8-11_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 590...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Camm Maguire (supplier of updated xmpi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 16 Sep 2010 16:03:50 + Source: xmpi Binary: xmpi libxmpi4 libxmpi4-dev Architecture: source i386 Version: 2.2.3b8-11 Distribution: unstable Urgency: low Maintainer: Camm Maguire Changed-By: Camm Maguire Description: libxmpi4 - A graphical user interface for MPI program development libxmpi4-dev - A graphical user interface for MPI program development xmpi - A graphical user interface for MPI program development Closes: 590810 Changes: xmpi (2.2.3b8-11) unstable; urgency=low . * Bug fix: "Maintainer address seems to bounce", thanks to Alexander Reichle-Schmehl (Closes: #590810). Checksums-Sha1: c433bfcea60683b87eedea9963ec6aa6d44f5788 1044 xmpi_2.2.3b8-11.dsc cbb4826008d251a88e9a9cb3a2c96a9e86d7572b 88846 xmpi_2.2.3b8-11.diff.gz 8385edef2181edc6c82a5b005775b342e0e2d53c 94724 xmpi_2.2.3b8-11_i386.deb 714a04560901261d59ac359ae76f8cc8fc2169b1 39406 libxmpi4_2.2.3b8-11_i386.deb 0414267b8516a14088990910245c2b83e79c98c9 94310 libxmpi4-dev_2.2.3b8-11_i386.deb Checksums-Sha256: 32282fc782b71523e55a9fc361f087ca8acc13b6d38012d25ed3394cc58a991a 1044 xmpi_2.2.3b8-11.dsc 53b704a565bb69fa53b2ba3de3874709d537be010c6244846d0f02d02cc74403 88846 xmpi_2.2.3b8-11.diff.gz a577ded4c871c913197d828b85b9321ed55de6489f8fe480d9f0cc251bdd1db7 94724 xmpi_2.2.3b8-11_i386.deb 5dea7ad3cfd4c6e921d433436f0ffa0cfb96e5e1093e900c75cc91a888d59b3e 39406 libxmpi4_2.2.3b8-11_i386.deb 74f527b4a9846216d0fd480514f7df8f185c40300b2a02aded8b98580b37222e 94310 libxmpi4-dev_2.2.3b8-11_i386.deb Files: 6eae520588911987f8c141331254c392 1044 devel optional xmpi_2.2.3b8-11.dsc 94e043b1009f9852552dd9434277fd5d 88846 devel optional xmpi_2.2.3b8-11.diff.gz 17fae9c6214ba6b2eef96e7d8e8e4c1b 94724 devel extra xmpi_2.2.3b8-11_i386.deb fff39b69c85282cead80589845b6bab0 39406 libs optional libxmpi4_2.2.3b8-11_i386.deb f598b9c3d384563b02f43ad213ce9c03 94310 libdevel optional libxmpi4-dev_2.2.3b8-11_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkySRxIACgkQczG1wFfwRdyy0ACePn6w/51ZQXyKInace6yj/I8X 2qYAn3D8s7fxtuiVLYOjJSzuaN3bTXBG =f8b+ -END PGP SIGNATURE- --- End Message ---
Processed: notfound 595728 in 1.5.6.5, closing 595728
Processing commands for cont...@bugs.debian.org: > notfound 595728 1.5.6.5 Bug #595728 [git-core] git-core: permissions of templates too restrictive Bug #595965 [git-core] git-core: users can not read some files in template dir Bug #596066 [git-core] wrong mods for files in /usr/share/git-core/templates Bug #596234 [git-core] git-core: Permissions broken on description template There is no source info for the package 'git-core' at version '1.5.6.5' with architecture '' Unable to make a source version for version '1.5.6.5' Bug No longer marked as found in versions 1.5.6.5. Bug No longer marked as found in versions 1.5.6.5. Bug No longer marked as found in versions 1.5.6.5. Bug No longer marked as found in versions 1.5.6.5. > close 595728 1:1.5.6.5-3+lenny3.2 Bug#595728: git-core: permissions of templates too restrictive 'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing. Bug#595965: git-core: users can not read some files in template dir Bug#596066: wrong mods for files in /usr/share/git-core/templates Bug#596234: git-core: Permissions broken on description template Bug marked as fixed in version 1:1.5.6.5-3+lenny3.2, send any further explanations to Adam Mercer > thanks Stopping processing here. Please contact me if you need assistance. -- 596234: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596234 595728: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595728 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#595613 closed by Charles Plessy (Bug#595613: fixed in emboss 6.3.1-6)
Processing commands for cont...@bugs.debian.org: > reopen 595613 Bug #595613 {Done: Charles Plessy } [emboss-lib] emboss-lib: improper shared library packaging 'reopen' may be inappropriate when a bug has been closed with a version; you may need to use 'found' to remove fixed versions. > kthxbye Stopping processing here. Please contact me if you need assistance. -- 595613: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595613 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#595613: closed by Charles Plessy (Bug#595613: fixed in emboss 6.3.1-6)
reopen 595613 kthxbye On Fri, Sep 17, 2010 at 06:18:07 +, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the emboss-lib package: > > #595613: emboss-lib: improper shared library packaging > > It has been closed by Charles Plessy . > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Charles Plessy > by > replying to this email. > jcris...@franck:~$ dpkg -I /srv/ftp-master.debian.org/ftp/pool/main/e/emboss/emboss-lib_6.3.1-6_amd64.deb shlibs libnucleus 6 emboss-lib libensembl 6 emboss-lib libacd 6 emboss-lib libajax 6 emboss-lib libajaxdb 6 emboss-lib libajaxg 6 emboss-lib libeplplot 3 emboss-lib libepcre 7 emboss-lib That's broken. (I'm not saying the rest of it is alright, this is just the most obvious part so I'm not looking further.) Cheers, Julien signature.asc Description: Digital signature
Bug#595015: bugzilla: Multiple security issues
Hi Moritz, I'll check. Greetings, Raphael 2010/8/31 Moritz Muehlenhoff : > Package: bugzilla > Severity: grave > Tags: security > Justification: user security hole > > Four security issues are unfixed in the version > currently in squeeze/sid: > http://www.bugzilla.org/security/3.2.7/ > > At least CBE-2010-2759 should also be fixed through > stable-security. > > Cheers, > Moritz > > -- System Information: > Debian Release: 5.0.1 > Architecture: amd64 (x86_64) > Shell: /bin/sh linked to /bin/bash > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) > > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598387: marked as done (dtc-xen statslogger breaks and dtc-xen leaks memory after a xm start/stop)
Your message dated Wed, 29 Sep 2010 14:33:49 + with message-id and subject line Bug#598387: fixed in dtc-xen 0.5.13-1 has caused the Debian Bug report #598387, regarding dtc-xen statslogger breaks and dtc-xen leaks memory after a xm start/stop to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 598387: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598387 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: dtc-xen Version: 0.5.11-1 Severity: grave We have discovered that when a xm start/stop/shutdown is requested using the dtc-xen SOAP daemon, dtc-xen tries to trap the stdout/stderr in order to be able to forward it to the SOAP client that connects to it. The issue is that after it did so, it didn't release stderr/stdout, so that they are going into an internal variable of dtc-xen instead. The result is that, after a xm start/stop/shutdown: - dtc-xen leaks memory, with a variable that takes the output of xm list every minutes - the dataCollector thread that does xm list cannot get the CPU statistics as it was designed for, because the output is redirected to a variable. Version 0.5.12-1 that I just uploaded in SID should correct the above issue, but I think it was important to open a RC bug so that this can be tracked by the RT. Sorry that I didn't open the bug first, and closed it in the package, but as it stands, I don't think it deserves a new upload just to fix that fact. I will tag and close this bug appropriately as dtc-xen migrates from SID to Testing. Let me know if you a new upload with a Close: #X is needed. Cheers, Thomas Goirand (Zigo) -- System Information: Debian Release: 5.0.5 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-4-xen-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- Source: dtc-xen Source-Version: 0.5.13-1 We believe that the bug you reported is fixed in the latest version of dtc-xen, which is due to be installed in the Debian FTP archive: dtc-xen-firewall_0.5.13-1_all.deb to main/d/dtc-xen/dtc-xen-firewall_0.5.13-1_all.deb dtc-xen_0.5.13-1.diff.gz to main/d/dtc-xen/dtc-xen_0.5.13-1.diff.gz dtc-xen_0.5.13-1.dsc to main/d/dtc-xen/dtc-xen_0.5.13-1.dsc dtc-xen_0.5.13-1_all.deb to main/d/dtc-xen/dtc-xen_0.5.13-1_all.deb dtc-xen_0.5.13.orig.tar.gz to main/d/dtc-xen/dtc-xen_0.5.13.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 598...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated dtc-xen package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 29 Sep 2010 21:50:02 +0800 Source: dtc-xen Binary: dtc-xen dtc-xen-firewall Architecture: source all Version: 0.5.13-1 Distribution: unstable Urgency: low Maintainer: Thomas Goirand Changed-By: Thomas Goirand Description: dtc-xen- SOAP daemon and scripts to allow control panel management for Xen dtc-xen-firewall - A small firewall script for your dom0 Closes: 598387 Changes: dtc-xen (0.5.13-1) unstable; urgency=low . * New upstream version fixing: - The last upgrade made xm start/stop/shutdown not working at all, so we now remove completely the stdout/stderr trick. It wont be reporting issues, but at least it will work (Closes: #598387). Checksums-Sha1: a16e084ab450170abb74f80ba9326c79dd7c4f66 1158 dtc-xen_0.5.13-1.dsc 4869a25919f61b4352f72937e80c8cb304f19426 57923 dtc-xen_0.5.13.orig.tar.gz f88f6517027289526db1f9a9f91eb0876a859ca8 51206 dtc-xen_0.5.13-1.diff.gz 005de8f80f4d0ee68ab58ded4c4cd76218ec2295 89312 dtc-xen_0.5.13-1_all.deb d2371675632925d8ad07a9cab6a3473a6047e13e 11724 dtc-xen-firewall_0.5.13-1_all.deb Checksums-Sha256: 9ea37ec8b238114a6b34bddc1588c769fc5fe6b7a801f67a4506222b61224ed8 1158 dtc-xen_0.5.13-1.dsc 76dc6698409eb8d56b3d9dfc5d6c69f8e9b4c5acd22f64bc566265e4ce68d312 57923 dtc-xen_0.5.13.orig.tar.gz 52e5455d262d863f6a3caab16936128030c6419149adc51f66af5105b593cd5e 51206 dtc-xen_0.5.13-1.diff.gz 2bcefa67c06f7d93578646fa68068e836365799cd65b179500e9df924277b3b4 89312 dtc-xen_0.5.13-1_all.deb 62bb04
Bug#598432: python-apt: upgrade fails
Am Wed, 29 Sep 2010 15:36:28 +0200 schrieb Julian Andres Klode : > On Mi, 2010-09-29 at 15:12 +0200, Julian Andres Klode wrote: > > [CCed debian-python] > > > > AFAIK, /usr/lib/python3 is the new location. > > > > Dear debian-python subscribers, could someone please propose a fix for > > python-apt? I do not intent to drop Python 3 support, but considering > > that there is a new RC bug each month because python3 packaging changes > > I start to wonder whether this is worth the effort. > > It seems that doko already provides a patch, mvo takes a look at it now. So does anyone actually know where the files are supposed to be? /usr/lib/python3 or /usr/lib/python3.1? In the package for i386 it is still /usr/lib/python3.1 and if I look at the package python3 it doesn't put anything in /usr/lib but depends on python3.1 which of course puts files in /usr/lib/python3.1 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#595015: bugzilla: Multiple security issues
On Tue, Aug 31, 2010 at 15:25:23 +0200, Moritz Muehlenhoff wrote: > Package: bugzilla > Severity: grave > Tags: security > Justification: user security hole > > Four security issues are unfixed in the version > currently in squeeze/sid: > http://www.bugzilla.org/security/3.2.7/ > > At least CBE-2010-2759 should also be fixed through > stable-security. > Ping Raphael? Cheers, Julien signature.asc Description: Digital signature
Processed: tagging 597995
Processing commands for cont...@bugs.debian.org: > tags 597995 + sid Bug #597995 [balsa] balsa: uninstallable due to old libesmtp5 Added tag(s) sid. > thanks Stopping processing here. Please contact me if you need assistance. -- 597995: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598506: libktorrent: FTBFS: dpkg-gensymbols: warning: some symbols or patterns disappeared in the symbols file
Source: libktorrent Version: 1.0.3-1 Severity: serious > sbuild (Debian sbuild) 0.60.0 (23 Feb 2010) on biber.debian.org > > ╔══╗ > ║ libktorrent 1.0.3-1 (i386) 28 Sep 2010 > 22:16 ║ > ╚══╝ [...] >dh_link -a -O--parallel -O-- -O--dbg-package=libktorrent-dbg >dh_compress -X.dcl -X.docbook -X-license -X.tag -X.sty -X.el -a > -O--parallel -O-- -O--dbg-package=libktorrent-dbg >dh_fixperms -a -O--parallel -O-- -O--dbg-package=libktorrent-dbg >dh_strip -a -O--parallel -O-- -O--dbg-package=libktorrent-dbg >debian/rules override_dh_makeshlibs > make[1]: Entering directory > `/build/buildd-libktorrent_1.0.3-1-i386-gCo7ph/libktorrent-1.0.3' > dh_makeshlibs -V > dpkg-gensymbols: warning: some symbols or patterns disappeared in the symbols > file: see diff output below > dpkg-gensymbols: warning: debian/libktorrent2/DEBIAN/symbols doesn't match > completely debian/libktorrent2.symbols > --- debian/libktorrent2.symbols (libktorrent2_1.0.3-1_i386) > +++ dpkg-gensymbolsvSj4PW 2010-09-28 22:22:48.0 + > @@ -1002,7 +1002,7 @@ > _zn2bt5valuea...@base 1.0.2 > _zn2bt6bitset14includesbitseterk...@base 1.0.2 > _zn2bt6bitset15updatenumonbit...@base 1.0.2 > - (arch=!amd64)_zn2bt6bitset3set...@base 1.0.2 > +#MISSING: 1.0.3-1# (arch=!amd64)_zn2bt6bitset3set...@base 1.0.2 > _zn2bt6bitset4nu...@base 1.0.2 > _zn2bt6bitset5clea...@base 1.0.2 > _zn2bt6bitset6inver...@base 1.0.2 > @@ -1786,7 +1786,7 @@ > > (optional=templinst)_znst8_rb_treei4kurlst4pairiks0_pn2bt7trackereest10_select1stis6_est4lessis0_esais6_ee16_m_insert_uniqueerk...@base > 1.0.2 > > (optional=templinst)_znst8_rb_treei4kurlst4pairiks0_pn2bt7trackereest10_select1stis6_est4lessis0_esais6_ee17_m_insert_unique_est23_rb_tree_const_iteratoris6_erk...@base > 1.0.2 > > (optional=templinst)_znst8_rb_treei4kurlst4pairiks0_pn2bt7trackereest10_select1stis6_est4lessis0_esais6_ee8_m_eraseepst13_rb_tree_nodeis...@base > 1.0.2 > - > (optional=templinst|arch=!amd64)_znst8_rb_treei7qstringst4pairiks0_n2bt13potentialpeereest10_select1stis5_est4lessis0_esais5_ee10_m_insert_epkst18_rb_tree_node_basese_rk...@base > 1.0.2 > +#MISSING: 1.0.3-1# > (optional=templinst|arch=!amd64)_znst8_rb_treei7qstringst4pairiks0_n2bt13potentialpeereest10_select1stis5_est4lessis0_esais5_ee10_m_insert_epkst18_rb_tree_node_basese_rk...@base > 1.0.2 > > (optional=templinst)_znst8_rb_treei7qstringst4pairiks0_n2bt13potentialpeereest10_select1stis5_est4lessis0_esais5_ee8_m_eraseepst13_rb_tree_nodeis...@base > 1.0.2 > > (optional=templinst)_znst8_rb_treei7qstringst4pairiks0_pn2bt18deletedatafilesjob7dirtrst10_select1stis7_est4lessis0_esais7_ee10_m_insert_epkst18_rb_tree_node_basesg_rk...@base > 1.0.2 > > (optional=templinst)_znst8_rb_treei7qstringst4pairiks0_pn2bt18deletedatafilesjob7dirtrst10_select1stis7_est4lessis0_esais7_ee16_m_insert_uniqueerk...@base > 1.0.2 > dh_makeshlibs: dpkg-gensymbols -plibktorrent2 -Idebian/libktorrent2.symbols > -Pdebian/libktorrent2 returned exit code 1 > make[1]: *** [override_dh_makeshlibs] Error 1 > make[1]: Leaving directory > `/build/buildd-libktorrent_1.0.3-1-i386-gCo7ph/libktorrent-1.0.3' > make: *** [binary-arch] Error 2 > dpkg-buildpackage: error: /usr/bin/fakeroot debian/rules binary-arch gave > error exit status 2 > > Build finished at 20100928- > FAILED [dpkg-buildpackage died] > > Purging > /var/lib/schroot/mount/sid-experimental-i386-sbuild-bf30e60b-3be5-4a4c-8a4b-cbc183c8c76e/build/buildd-libktorrent_1.0.3-1-i386-gCo7ph > Not removing build depends: cloned chroot in use > > Finished at 20100928- > Build needed 00:06:11, 87316k disc space signature.asc Description: Digital signature
Bug#598503: linux-2.6: FTBFS: (powerpc) drivers/scsi/qla4xxx/ql4_nx.c:716: error: implicit declaration of function 'readq'
Source: linux-2.6 Version: 2.6.36~rc5-1~experimental.1 Severity: serious > sbuild (Debian sbuild) 0.60.0 (23 Feb 2010) on poulenc.debian.org > > ╔══╗ > ║ linux-2.6 2.6.36~rc5-1~experimental.1 (powerpc)29 Sep 2010 > 03:03 ║ > ╚══╝ [...] > CC [M] drivers/scsi/qla4xxx/ql4_os.o > CC [M] drivers/scsi/qla4xxx/ql4_init.o > CC [M] drivers/scsi/qla4xxx/ql4_mbx.o > CC [M] drivers/scsi/qla4xxx/ql4_iocb.o > CC [M] drivers/scsi/qla4xxx/ql4_isr.o > CC [M] drivers/scsi/qla4xxx/ql4_nx.o > /build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5/debian/build/source_powerpc_none/drivers/scsi/qla4xxx/ql4_nx.c: > In function 'qla4_8xxx_pci_mem_read_direct': > /build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5/debian/build/source_powerpc_none/drivers/scsi/qla4xxx/ql4_nx.c:716: > error: implicit declaration of function 'readq' > /build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5/debian/build/source_powerpc_none/drivers/scsi/qla4xxx/ql4_nx.c: > In function 'qla4_8xxx_pci_mem_write_direct': > /build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5/debian/build/source_powerpc_none/drivers/scsi/qla4xxx/ql4_nx.c:787: > error: implicit declaration of function 'writeq' > make[8]: *** [drivers/scsi/qla4xxx/ql4_nx.o] Error 1 > make[7]: *** [drivers/scsi/qla4xxx] Error 2 > make[6]: *** [drivers/scsi] Error 2 > make[5]: *** [drivers] Error 2 > make[4]: *** [sub-make] Error 2 > make[3]: *** [all] Error 2 > make[3]: Leaving directory > `/build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5/debian/build/build_powerpc_none_powerpc' > make[2]: *** [debian/stamps/build_powerpc_none_powerpc_plain] Error 2 > make[2]: Leaving directory > `/build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5' > make[1]: *** [build_powerpc_none_powerpc_real] Error 2 > make[1]: Leaving directory > `/build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1/linux-2.6-2.6.36~rc5' > make: *** [debian/stamps/build-base] Error 2 > dpkg-buildpackage: error: debian/rules build gave error exit status 2 > > Build finished at 20100929-0417 > FAILED [dpkg-buildpackage died] > > Purging > /var/lib/schroot/mount/sid-experimental-powerpc-sbuild-600dd89e-c83d-4446-82f1-f58a1296e424/build/buildd-linux-2.6_2.6.36~rc5-1~experimental.1-powerpc-9A9nz1 > Not removing build depends: cloned chroot in use > > Finished at 20100929-0417 > Build needed 01:13:52, 892752k disc space signature.asc Description: Digital signature
Bug#598432: python-apt: upgrade fails
On Mi, 2010-09-29 at 15:12 +0200, Julian Andres Klode wrote: > [CCed debian-python] > > On Mi, 2010-09-29 at 14:31 +0200, Stefan Fleischmann wrote: > > Just to clarify, the "quick fix" I posted here was supposed to help people > > to > > get rid of the buggy package. It doesn't fix the actual package. > > > > Like I said before, the problem is not only the version number handling by > > pycentral but also the path of the installed files! If you have look at the > > package 0.7.97.1 for amd64 or 0.7.98 for i386 you'll see that files are put > > in /usr/lib/python3.1 > > In this package however files are put in /usr/lib/python3 instead which > > causes > > the problem you describe when simply changing the version number to 3.1. > > > > If you think pycentral should handle integer version numbers (at least it > > shouldn't exit with an error I guess) please file a bug report there. > > > > But to summarize for this package I think the files are put in the wrong > > place > > (compared with the package from testing and packages for i386) and the > > version > > number in the mentioned config file is wrong. > AFAIK, /usr/lib/python3 is the new location. > > Dear debian-python subscribers, could someone please propose a fix for > python-apt? I do not intent to drop Python 3 support, but considering > that there is a new RC bug each month because python3 packaging changes > I start to wonder whether this is worth the effort. It seems that doko already provides a patch, mvo takes a look at it now. -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
[Julian Andres Klode, 2010-09-29] > Dear debian-python subscribers, could someone please propose a fix for > python-apt? I do not intent to drop Python 3 support, but considering > that there is a new RC bug each month because python3 packaging changes > I start to wonder whether this is worth the effort. I'll try to send you a patch this evening > Python maintainers: Breaking backward compatibility in unstable is not > nice, especially not every (second) month. You should have thought about > it while python3 was still in experimental, not afterwards. Dear release team: please notify Debian developers and upstream authors about freeze date at least 6 months in advance so that everything can be planed in a sane way, TIA -- Piotr Ożarowski Debian GNU/Linux Developer www.ozarowski.pl www.griffith.cc www.debian.org GPG Fingerprint: 1D2F A898 58DA AF62 1786 2DF7 AEF6 F1A2 A745 7645 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598285: marked as done (bristol: CVE-2010-3351: insecure library loading)
Your message dated Wed, 29 Sep 2010 13:32:10 + with message-id and subject line Bug#598285: fixed in bristol 0.60.5-2 has caused the Debian Bug report #598285, regarding bristol: CVE-2010-3351: insecure library loading to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 598285: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598285 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: bristol Version: 0.60.5-1+b1 Severity: grave Tags: security User: t...@security.debian.org Usertags: ldpath Hello, During a review of the Debian archive, I've found your package to contain a script that can be abused by an attacker to execute arbitrary code. The vulnerability is introduced by an insecure change to LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for libraries on a directory other than the standard paths. Vulnerable code follows: /usr/bin/startBristol line 350: export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH}:${BRISTOL}/lib When there's an empty item on the colon-separated list of LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.) If the given script is executed from a directory where a potential, local, attacker can write files to, there's a chance to exploit this bug. Note that there's also a missing slash on the second entry (_usr_/lib.) This vulnerability has been assigned the CVE id CVE-2010-3351. Please make sure you mention it when forwarding this report to upstream and when fixing this bug (everywhere: upstream and here at Debian.) [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3351 [1] http://security-tracker.debian.org/tracker/CVE-2010-3351 Sincerely, Raphael Geissert --- End Message --- --- Begin Message --- Source: bristol Source-Version: 0.60.5-2 We believe that the bug you reported is fixed in the latest version of bristol, which is due to be installed in the Debian FTP archive: bristol-data_0.60.5-2_all.deb to main/b/bristol/bristol-data_0.60.5-2_all.deb bristol_0.60.5-2.diff.gz to main/b/bristol/bristol_0.60.5-2.diff.gz bristol_0.60.5-2.dsc to main/b/bristol/bristol_0.60.5-2.dsc bristol_0.60.5-2_amd64.deb to main/b/bristol/bristol_0.60.5-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 598...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alessio Treglia (supplier of updated bristol package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 29 Sep 2010 14:54:22 +0200 Source: bristol Binary: bristol bristol-data Architecture: source amd64 all Version: 0.60.5-2 Distribution: unstable Urgency: high Maintainer: Debian Multimedia Maintainers Changed-By: Alessio Treglia Description: bristol- vintage synthesizer emulator bristol-data - vintage synthesizer emulator (data files) Closes: 598285 Changes: bristol (0.60.5-2) unstable; urgency=high . * Add patch to solve security issue CVE-2010-3351: - Fix insecure library loading (Closes: #598285); bump urgency to high. * Add debian/gbp.conf file. * Bump Standards. Checksums-Sha1: 4e801cbcca484b9dc0a6cf5e0f1359d09ffbdc3e 1412 bristol_0.60.5-2.dsc feff492d1e2f98a603b84d534ff6b3e06ccc 7064 bristol_0.60.5-2.diff.gz 775647f00f26966bb48f9e81827bb9828415dcba 926276 bristol_0.60.5-2_amd64.deb bebc4905e5605a094d12335756e7ea57c2fdfbc2 2836038 bristol-data_0.60.5-2_all.deb Checksums-Sha256: d605ee10509fecb99ec199fd7fa5f6dff7bf4ed855f08bb5e0c968d3022661be 1412 bristol_0.60.5-2.dsc ceec75443b8b1d42fc937e87c9b9d8794f7a73a9e1736f67fa0598dcc374e991 7064 bristol_0.60.5-2.diff.gz a43d53f3f915983a735b2c7747d307d5813ef7d45e071f6a01e512ed776c2506 926276 bristol_0.60.5-2_amd64.deb 9c586c0bcba1213edbbd0de3ac0930bbff9ba22064dbf2d9c7ec503bac98d68f 2836038 bristol-data_0.60.5-2_all.deb Files: 687035eb38c0409dd018b5c93eea63de 1412 sound optional bristol_0.60.5-2.dsc 715577ed3f68306753cb2312d809b3c3 7064 sound optional bristol_0.60.5-2.diff.gz 2745fc9b42f3f6acb5f69044fc862abc 926276 sound optional bristol_0.60.5-2_amd64.deb b00a5a5b07404180ed5df7802438006b 2836038 sound optional bristol-data_0.60.5-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyjO+w
Bug#598432: python-apt: upgrade fails
[CCed debian-python] On Mi, 2010-09-29 at 14:31 +0200, Stefan Fleischmann wrote: > Just to clarify, the "quick fix" I posted here was supposed to help people to > get rid of the buggy package. It doesn't fix the actual package. > > Like I said before, the problem is not only the version number handling by > pycentral but also the path of the installed files! If you have look at the > package 0.7.97.1 for amd64 or 0.7.98 for i386 you'll see that files are put > in /usr/lib/python3.1 > In this package however files are put in /usr/lib/python3 instead which causes > the problem you describe when simply changing the version number to 3.1. > > If you think pycentral should handle integer version numbers (at least it > shouldn't exit with an error I guess) please file a bug report there. > > But to summarize for this package I think the files are put in the wrong place > (compared with the package from testing and packages for i386) and the version > number in the mentioned config file is wrong. AFAIK, /usr/lib/python3 is the new location. Dear debian-python subscribers, could someone please propose a fix for python-apt? I do not intent to drop Python 3 support, but considering that there is a new RC bug each month because python3 packaging changes I start to wonder whether this is worth the effort. Python maintainers: Breaking backward compatibility in unstable is not nice, especially not every (second) month. You should have thought about it while python3 was still in experimental, not afterwards. -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598070: Devel::Cover
Phillip, There is a new upstream release. If I do the upgrade can you try it out on powerpc? Nicholas <>
Processed: severity of 598492 is important
Processing commands for cont...@bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.10.35lenny7 > severity 598492 important Bug #598492 [linux-2.6] linux-image-2.6.35-trunk-amd64: suspend/hibernate is totally fucked up Severity set to 'important' from 'grave' > End of message, stopping processing here. Please contact me if you need assistance. -- 598492: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598492 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: upgrade fails
Package: python-apt Version: 0.7.98 Severity: normal Hi For additional information I also recieve this problem. Ben -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python-apt depends on: ii apt [libapt-pkg4.10] 0.8.5 Advanced front-end for dpkg ii apt-utils [libapt-inst1.2] 0.8.5 APT utility programs ii libc62.11.2-6Embedded GNU C Library: Shared lib ii libgcc1 1:4.4.4-17 GCC support library ii libstdc++6 4.4.4-17The GNU Standard C++ Library v3 ii python 2.6.6-3 interactive high-level object-orie ii python-central 0.6.16+nmu1 register and build utility for Pyt Versions of packages python-apt recommends: ii iso-codes 3.20-1 ISO language, territory, currency, ii lsb-release 3.2-24 Linux Standard Base version report ii python2.6 2.6.6-5An interactive high-level object-o Versions of packages python-apt suggests: pn python-apt-dbg (no description available) pn python-apt-doc (no description available) ii python-gtk2 2.17.0-4 Python bindings for the GTK+ widge pn python-vte (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
Just to clarify, the "quick fix" I posted here was supposed to help people to get rid of the buggy package. It doesn't fix the actual package. Like I said before, the problem is not only the version number handling by pycentral but also the path of the installed files! If you have look at the package 0.7.97.1 for amd64 or 0.7.98 for i386 you'll see that files are put in /usr/lib/python3.1 In this package however files are put in /usr/lib/python3 instead which causes the problem you describe when simply changing the version number to 3.1. If you think pycentral should handle integer version numbers (at least it shouldn't exit with an error I guess) please file a bug report there. But to summarize for this package I think the files are put in the wrong place (compared with the package from testing and packages for i386) and the version number in the mentioned config file is wrong. If you want this package to work you'll have to extract it, rename the folder usr/lib/python3 to python3.1 and also change this path and the version number to 3.1 in usr/share/pyshared-data/python-apt. Then rebuild the package. But having a fixed version doesn't help you getting rid of the package from the system because dpkg won't remove it due to the prerm script which executes pycentral and fails. So the easiest thing to do is simply changing the 3rd line in /usr/share/pyshared-data/python-apt to "python-version = 2.6, 3.1, 2.5" and then you can replace the package. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: fails to install
Hello, case "$suite" in sid_amd64) cat < main() File "/usr/bin/pycentral", line 2328, in main rv = action.run(global_options) File "/usr/bin/pycentral", line 1481, in run pkg.read_version_info() File "/usr/bin/pycentral", line 899, in read_version_info self.version_info = pyversions.parse_versions(self.version_field) File "/usr/share/pycentral-data/pyversions.py", line 68, in parse_versions raise ValueError, 'error parsing Python-Version attribute' ValueError: error parsing Python-Version attribute dpkg: error processing python-apt (--configure): subprocess installed post-installation script returned error exit status 1 configured to not write apport reports Errors were encountered while processing: python-apt E: Sub-process /usr/bin/dpkg returned an error code (1) EOF ;; sid_i386) Setting up libldap-2.4-2 (2.4.23-6) ... Setting up python-apt (0.7.98) ... Setting up debootstrap (1.0.25) ... ;; esac Let me know if it is helpful to check more arches. Best regards, -- Héctor Orón "Our Sun unleashes tremendous flares expelling hot gas into the Solar System, which one day will disconnect us." -- Day DVB-T stop working nicely Video flare: http://antwrp.gsfc.nasa.gov/apod/ap100510.html -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598492: linux-image-2.6.35-trunk-amd64: suspend/hibernate is totally fucked up
Package: linux-2.6 Version: 2.6.35-1~experimental.3 Severity: grave With the 2.6.35 kernel, suspend and hibernation result is various kind of issues on a random basis at "exit" time, meaning that sometimes the suspend/hibernation doesn't put the machine to sleep, but instead I've gotten: - 100% CPUs instead of stopping the machine; - blank screens with nothing able to wake up the machine (not even sysrqs); - kernel errors (for hibernation), though for some reason this wasn't logged to /var/log. In addition to that, for some reason, when I come back from suspend, my keyboard mapping in X is lost, which doesn't happen if I boot a .32 kernel. -- Package-specific info: ** Version: Linux version 2.6.35-trunk-amd64 (Debian 2.6.35-1~experimental.3) (m...@debian.org) (gcc version 4.4.5 20100902 (prerelease) (Debian 4.4.4-13) ) #1 SMP Mon Sep 6 15:15:26 UTC 2010 ** Command line: BOOT_IMAGE=/vmlinuz-2.6.35-trunk-amd64 root=/dev/mapper/ssd-root ro quiet i915.modeset=1 ** Not tainted ** Kernel log: [ 1788.609537] PM: Saving platform NVS memory [ 1788.610392] PM: Saving platform NVS memory [ 1788.611095] Disabling non-boot CPUs ... [ 1788.716024] CPU 1 is now offline [ 1788.716026] SMP alternatives: switching to UP code [ 1788.720681] Extended CMOS year: 2000 [ 1788.720763] PM: Creating hibernation image: [ 1788.724006] PM: Need to copy 128129 pages [ 1788.724006] PM: Normal pages needed: 128129 + 1024, available pages: 908063 [ 1788.724006] PM: Restoring platform NVS memory [ 1788.724006] Extended CMOS year: 2000 [ 1788.724006] Enabling non-boot CPUs ... [ 1788.724006] SMP alternatives: switching to SMP code [ 1788.725136] Booting Node 0 Processor 1 APIC 0x1 [ 1788.840807] CPU1 is up [ 1788.841542] ACPI: Waking up from system sleep state S4 [ 1788.917419] e1000e :00:19.0: restoring config space at offset 0xf (was 0x100, writing 0x10a) [ 1788.917434] e1000e :00:19.0: restoring config space at offset 0x6 (was 0x1, writing 0xefe1) [ 1788.917438] e1000e :00:19.0: restoring config space at offset 0x5 (was 0x0, writing 0xf6adb000) [ 1788.917443] e1000e :00:19.0: restoring config space at offset 0x4 (was 0x0, writing 0xf6ae) [ 1788.917450] e1000e :00:19.0: restoring config space at offset 0x1 (was 0x10, writing 0x100107) [ 1788.917634] HDA Intel :00:1b.0: restoring config space at offset 0x1 (was 0x100106, writing 0x100102) [ 1788.918111] ahci :00:1f.2: restoring config space at offset 0x1 (was 0x2b00403, writing 0x2b00407) [ 1788.918327] firewire_ohci :03:01.0: proprietary Ricoh MMC controller disabled (via firewire function) [ 1788.918328] firewire_ohci :03:01.0: MMC cards are now supported by standard SDHCI controller [ 1788.933015] sdhci-pci :03:01.1: BAR 0: set to [mem 0xf65ff600-0xf65ff6ff] (PCI address [0xf65ff600-0xf65ff6ff] [ 1788.933041] sdhci-pci :03:01.1: restoring config space at offset 0x3 (was 0x80, writing 0x804010) [ 1788.933047] sdhci-pci :03:01.1: restoring config space at offset 0x1 (was 0x210, writing 0x2100106) [ 1788.933136] PM: early restore of devices complete after 15.789 msecs [ 1788.966805] i915 :00:02.0: setting latency timer to 64 [ 1788.966843] pci:00: wake-up capability disabled by ACPI [ 1788.966848] e1000e :00:19.0: PME# disabled [ 1788.966923] e1000e :00:19.0: irq 44 for MSI/MSI-X [ 1788.968978] uhci_hcd :00:1a.0: setting latency timer to 64 [ 1788.969003] usb usb2: root hub lost power or was reset [ 1788.969050] uhci_hcd :00:1a.1: setting latency timer to 64 [ 1788.969087] usb usb3: root hub lost power or was reset [ 1788.969106] uhci_hcd :00:1a.2: setting latency timer to 64 [ 1788.969143] usb usb4: root hub lost power or was reset [ 1788.969159] ehci_hcd :00:1a.7: setting latency timer to 64 [ 1788.969180] usb usb1: root hub lost power or was reset [ 1788.973056] ehci_hcd :00:1a.7: cache line size of 64 is not supported [ 1788.973071] uhci_hcd :00:1d.0: setting latency timer to 64 [ 1788.973108] usb usb5: root hub lost power or was reset [ 1788.973126] uhci_hcd :00:1d.1: setting latency timer to 64 [ 1788.973163] usb usb6: root hub lost power or was reset [ 1788.973181] uhci_hcd :00:1d.2: setting latency timer to 64 [ 1788.973219] usb usb7: root hub lost power or was reset [ 1788.973237] ehci_hcd :00:1d.7: setting latency timer to 64 [ 1788.973251] usb usb8: root hub lost power or was reset [ 1788.977145] ehci_hcd :00:1d.7: cache line size of 64 is not supported [ 1788.977157] pci :00:1e.0: setting latency timer to 64 [ 1788.977169] ahci :00:1f.2: setting latency timer to 64 [ 1788.977266] iwlagn :0c:00.0: RF_KILL bit toggled to disable radio. [ 1788.977271] sdhci-pci :03:01.1: PCI INT C -> GSI 18 (level, low) -> IRQ 18 [ 1788.978344] HDA Intel :00:1b.0: PCI INT A -> GSI 21 (level, low) -> IRQ 21 [ 1788.978350] HDA Intel :00:1b.0: setting latency timer to 64 [ 1788.978385] HDA Intel :00:1b.0: irq 47 fo
Bug#597158: marked as done (libvirtd is not starting and virt-manager is unusable)
Your message dated Wed, 29 Sep 2010 14:21:21 +0200 with message-id <20100929122121.ga32...@bogon.sigxcpu.org> and subject line Closing since no feedback has caused the Debian Bug report #597158, regarding libvirtd is not starting and virt-manager is unusable to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 597158: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597158 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libvirtd Severity: grave Version: 0.8.3-1 libvirtd is unable to start. virt-manager gives the following error Unable to open connection to hypervisor URI 'qemu:///system': unable to connect to '/var/run/libvirt/libvirt-sock', libvirtd may need to be started: No such file or directory Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/connection.py", line 971, in _try_open None], flags) File "/usr/lib/python2.6/dist-packages/libvirt.py", line 111, in openAuth if ret is None:raise libvirtError('virConnectOpenAuth() failed') libvirtError: unable to connect to '/var/run/libvirt/libvirt-sock', libvirtd may need to be started: No such file or directory When trying to start libvirt manually, it is giving following errors. pr...@savannah:~$ sudo /etc/init.d/libvirt-bin start * Starting libvirt management daemon libvirtd /usr/sbin/libvirtd: error: Unable to initialize network sockets. Check /var/log/messages or run without --daemon for more info. cat: /var/run/libvirtd.pid: No such file or directory ...fail! pr...@savannah:~$ sudo tail -f /var/log/messages Sep 17 11:56:01 savannah kernel: [ 2255.650615] attempt to access beyond end of device Sep 17 11:56:01 savannah kernel: [ 2255.650621] sdb1: rw=0, want=2066940, limit=2025470 Sep 17 11:56:01 savannah kernel: [ 2255.650631] attempt to access beyond end of device Sep 17 11:56:01 savannah kernel: [ 2255.650637] sdb1: rw=0, want=2066941, limit=2025470 Sep 17 11:56:01 savannah kernel: [ 2255.650647] attempt to access beyond end of device Sep 17 11:56:01 savannah kernel: [ 2255.650653] sdb1: rw=0, want=2066942, limit=2025470 Sep 17 11:56:01 savannah kernel: [ 2255.650663] attempt to access beyond end of device Sep 17 11:56:01 savannah kernel: [ 2255.650669] sdb1: rw=0, want=2066943, limit=2025470 Sep 17 11:56:01 savannah kernel: [ 2255.650679] attempt to access beyond end of device Sep 17 11:56:01 savannah kernel: [ 2255.650685] sdb1: rw=0, want=2066944, limit=2025470 ^C pr...@savannah:~$ /usr/sbin/libvirtd --daemon pr...@savannah:~$ /usr/sbin/libvirtd --daemon --verbose /usr/sbin/libvirtd: error: Unable to initialize network sockets. Check /var/log/messages or run without --daemon for more info. Thanks Praveen -- പ്രവീണ് അരിമ്പ്രത്തൊടിയില് You have to keep reminding your government that you don't get your rights from them; you give them permission to rule, only so long as they follow the rules: laws and constitution. --- End Message --- --- Begin Message --- Closing since there's no feedback from the submitter and the system looks hosed. Please reopen with the requested details if the problem persists. Cheers, -- Guido --- End Message ---
Bug#595431: Aborting fsck aborts all scripts in rcS.d
On 2010-09-12 12:22 +0200, Kel Modderman wrote: > On Saturday 04 September 2010 06:39:49 Goswin von Brederlow wrote: >> Package: insserv >> Version: 1.14.0-2 >> Severity: critical >> >> Hi, >> >> during boot /etc/rcS.d/S13checkfs.sh starts a filesystem check (hasn't >> been checked for 197 days) as well as giving some errors for missing >> devices. Since I didn't want to wait for the fsck before fixing the >> missing devices I aborted the check with crlt-c. This resulted in the >> fsck to be aborted but then also skipped all further rcS.d scripts >> saying: >> >> Running scripts in rcS.d/ took 41 seconds. >> INIT: Entering runlevel: 2 >> >> Given that filesystem weren't mounted or anything that didn't work out >> well leaving the system unusable. >> >> This is a serious regressions from before insserv. The old behaviour >> was to display a message asking for the root password to get a shell >> or ctrl-D to continue booting. > > > How does changing /etc/init.d/rc with the below patch modify behaviour? For me, not at all. :-( > --- rc~ > +++ rc > @@ -43,7 +43,7 @@ on_exit() { > trap on_exit EXIT # Enable emergency handler > > # Ignore CTRL-C only in this shell, so we can interrupt subprocesses. > -trap ":" INT QUIT TSTP > +trap "" INT QUIT TSTP > > # Set onlcr to avoid staircase effect. > stty onlcr 0>&1 Sven -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#595431: [Pkg-sysvinit-devel] Bug#595431: Aborting fsck aborts all scripts in rcS.d
> Hi! > > I encountered this bug, too. > >>How does changing /etc/init.d/rc with the below patch modify behaviour? > No, Kel, nothing changed. Sorry. When I observed boot after modifying the signal trap, CTRL-C did not truncate startpar's execution of boot scripts in runlevel S. I wonder why you cannot confirm it ... Thanks, Kel. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
python-central doesn't support Python 3, please use dh_python3 -- Piotr Ożarowski Debian GNU/Linux Developer www.ozarowski.pl www.griffith.cc www.debian.org GPG Fingerprint: 1D2F A898 58DA AF62 1786 2DF7 AEF6 F1A2 A745 7645 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598469: More details
We manage the server that was making the requests. I'm happy to provide any configuration details, logs, etc, that may be required. The version of apt-cacher-ng in question is 0.4-1 (originally from testing), which was built and installed on a Lenny system. I see that 0.5.1-2 is now available in Squeeze, so I will try to build that on Lenny and use it. It is worth noting, perhaps, that the configuration of the system in question has not changed for months. Regards, Keith -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
I also faced the same problem as Cameron after modifying /usr/share/pycentral-data/pyversions.py to allow single digit version numbers with this patch: --- /usr/share/pycentral-data/pyversions.py.orig2010-09-29 12:10:27.0 +0200 +++ /usr/share/pycentral-data/pyversions.py 2010-09-29 12:11:04.0 +0200 @@ -54,7 +54,7 @@ vinfo['current'] = field continue vinfo.setdefault('versions', set()) -ve = re.compile('(>=|<=|<<|=)? *(\d\.\d)$') +ve = re.compile('(>=|<=|<<|=)? *(\d(?:\.\d)?)$') m = ve.match(field) try: op, v = m.group(1), m.group(2) The following errors alle seem to be caused by "print" being changed from statement to function in python3: http://docs.python.org/release/3.0.1/whatsnew/3.0.html#print-is-a-function Setting up python-apt (0.7.98) ... Compiling /usr/lib/python3/dist-packages/apt/debfile.py ... SyntaxError: ('invalid syntax', ('/usr/lib/python3/dist-packages/apt/debfile.py', 575, 28, ' print(msg, file=sys.stderr)\n')) Compiling /usr/lib/python3/dist-packages/apt/progress/gtk2.py ... SyntaxError: ('invalid syntax', ('/usr/lib/python3/dist-packages/apt/progress/gtk2.py', 510, 47, ' print("Exception happened:", exc, file=sys.stderr)\n')) Compiling /usr/lib/python3/dist-packages/apt/progress/old.py ... SyntaxError: ('invalid syntax', ('/usr/lib/python3/dist-packages/apt/progress/old.py', 158, 32, ' print("\\r%s" % (s), end=\' \')\n')) pycentral: pycentral pkginstall: error byte-compiling files (17) pycentral pkginstall: error byte-compiling files (17) I have no idea how this should be handled to actually support both python 2.x and python 3.x, but this patch does at least let me install python-apt (0.7.98) without errors (but do note that it removes the progress indicator in old.py): --- /usr/lib/python3/dist-packages/apt/debfile.py.orig 2010-09-28 16:56:50.0 +0200 +++ /usr/lib/python3/dist-packages/apt/debfile.py 2010-09-29 12:16:14.0 +0200 @@ -572,7 +572,7 @@ def _dbg(self, level, msg): """Write debugging output to sys.stderr.""" if level <= self.debug: -print(msg, file=sys.stderr) +sys.stderr.write(msg) def install(self, install_progress=None): """Install the package.""" --- /usr/lib/python3/dist-packages/apt/progress/gtk2.py.orig2010-09-28 16:56:52.0 +0200 +++ /usr/lib/python3/dist-packages/apt/progress/gtk2.py 2010-09-29 12:16:51.0 +0200 @@ -507,7 +507,7 @@ try: cache.commit(apt_progress.acquire, apt_progress.install) except Exception as exc: -print("Exception happened:", exc, file=sys.stderr) +sys.stderr.write("Exception happened:", exc) if len(sys.argv) > 1: deb = DebPackage(sys.argv[1], cache) deb.install(apt_progress.dpkg_install) --- /usr/lib/python3/dist-packages/apt/progress/old.py.orig 2010-09-28 16:56:51.0 +0200 +++ /usr/lib/python3/dist-packages/apt/progress/old.py 2010-09-29 12:27:39.0 +0200 @@ -153,9 +153,10 @@ s = "[%2.f%%] %sB/s %s" % (self.percent, apt_pkg.size_to_str(int(self.currentCPS)), apt_pkg.time_to_str(int(self.eta))) -else: -s = "%2.f%% [Working]" % (self.percent) -print("\r%s" % (s), end=' ') + +#else: +#s = "%2.f%% [Working]" % (self.percent) +#print("\r%s" % (s), end=' ') sys.stdout.flush() return True Bjørn ("I have not python clue whatsoever, and I intend to continue like that") -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#585477: marked as done (mysql-server-5.1: mysqld can't start [initgroups()] with libnss-mysql enabled)
Your message dated Wed, 29 Sep 2010 12:29:17 +0200 with message-id <201009291229.18322.did...@raboud.com> and subject line #585477 is not RC as it is ~bpo has caused the Debian Bug report #585477, regarding mysql-server-5.1: mysqld can't start [initgroups()] with libnss-mysql enabled to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 585477: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585477 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: mysql-server-5.1 Version: 5.1.47-1~bpo50+1 Severity: grave Justification: renders package unusable After upgrade from 5.1.45-1~bpo50+1, the mysqld server can't start when libnss-mysql (currently 1.5-1 installed) is enabled on /etc/nsswitch.conf. Before the upgrade, the server started just fine. The 5.1.47 can be started by disabling mysql in /etc/nsswitch.conf. Failing nsswitch.conf: passwd: compat mysql group: compat mysql shadow: compat mysql Starting OK nsswitch.conf: passwd: compat group: compat shadow: compat mysql log : Jun 10 15:46:14 herodes mysqld_safe: Starting mysqld daemon with databases from /var/lib/mysql Jun 10 15:46:14 herodes mysqld: 100610 15:46:14 - mysqld got signal 11 ; Jun 10 15:46:14 herodes mysqld: This could be because you hit a bug. It is also possible that this binary Jun 10 15:46:14 herodes mysqld: or one of the libraries it was linked against is corrupt, improperly built, Jun 10 15:46:14 herodes mysqld: or misconfigured. This error can also be caused by malfunctioning hardware. Jun 10 15:46:14 herodes mysqld: We will try our best to scrape up some info that will hopefully help diagnose Jun 10 15:46:14 herodes mysqld: the problem, but since we have already crashed, something is definitely wrong Jun 10 15:46:14 herodes mysqld: and this may fail. Jun 10 15:46:14 herodes mysqld: Jun 10 15:46:14 herodes mysqld: key_buffer_size=0 Jun 10 15:46:14 herodes mysqld: read_buffer_size=131072 Jun 10 15:46:14 herodes mysqld: max_used_connections=0 Jun 10 15:46:14 herodes mysqld: max_threads=2000 Jun 10 15:46:14 herodes mysqld: threads_connected=0 Jun 10 15:46:14 herodes mysqld: It is possible that mysqld could use up to Jun 10 15:46:14 herodes mysqld: key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 4372593 K Jun 10 15:46:14 herodes mysqld: bytes of memory Jun 10 15:46:14 herodes mysqld: Hope that's ok; if not, decrease some variables in the equation. Jun 10 15:46:14 herodes mysqld: Jun 10 15:46:14 herodes mysqld: thd: 0x0 Jun 10 15:46:14 herodes mysqld: Attempting backtrace. You can use the following information to find out Jun 10 15:46:14 herodes mysqld: where mysqld died. If you see no messages after this, something went Jun 10 15:46:14 herodes mysqld: terribly wrong... Jun 10 15:46:14 herodes mysqld: stack_bottom = (nil) thread_stack 0x3 Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(my_print_stacktrace+0x29) [0x7fe93adee0b9] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(handle_segfault+0x36a) [0x7fe93ab0294a] Jun 10 15:46:14 herodes mysqld: /lib/libpthread.so.0 [0x7fe93a365a80] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(thd_increment_bytes_received+0x12) [0x7fe93aaebd72] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld [0x7fe93aaf5d7f] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(my_net_read+0x195) [0x7fe93aaf6395] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(cli_safe_read+0x2a) [0x7fe93ac9246a] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(mysql_real_connect+0x1c2) [0x7fe93ac930b2] Jun 10 15:46:14 herodes mysqld: /lib/libnss_mysql.so.2 [0x7fe93a64eb05] Jun 10 15:46:14 herodes mysqld: /lib/libnss_mysql.so.2 [0x7fe93a64eefc] Jun 10 15:46:14 herodes mysqld: /lib/libnss_mysql.so.2 [0x7fe93a64f1e4] Jun 10 15:46:14 herodes mysqld: /lib/libnss_mysql.so.2(_nss_mysql_initgroups_dyn+0xa2) [0x7fe93a64fa52] Jun 10 15:46:14 herodes mysqld: /lib/libc.so.6 [0x7fe938e85c3c] Jun 10 15:46:14 herodes mysqld: /lib/libc.so.6(initgroups+0x6c) [0x7fe938e85e1c] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld [0x7fe93ab044d3] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld(main+0x1d5) [0x7fe93ab07ba5] Jun 10 15:46:14 herodes mysqld: /lib/libc.so.6(__libc_start_main+0xe6) [0x7fe938e091a6] Jun 10 15:46:14 herodes mysqld: /usr/sbin/mysqld [0x7fe93aa2c469] Jun 10 15:46:14 herodes mysqld: The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains Jun 10 15:46:14 herodes mysqld: information that should help you find out what is causing the crash. Jun 10 15:46:14 herodes mysqld: Jun 10 15:46:14 herodes mys
Bug#598474: unusable on GNU/kFreeBSD
Package: atftpd Version: 0.7.dfsg-9 Severity: grave Switched server from Debian GNU/Linux to Debian GNU/kFreeBSD (both squeeze, running atftpd 0.7.dfsg-9, using same configuration), then atftpd stops working. Client is stuck on "TFTP", server lists the following in daemon.log: Sep 29 12:07:45 thorin atftpd[87956]: Serving /boot/pxegrub to 192.168.1.6:2073 Sep 29 12:07:48 thorin atftpd[83104]: timeout: retrying... Sep 29 12:07:49 thorin atftpd[85717]: timeout: retrying... Sep 29 12:07:50 thorin atftpd[84133]: timeout: retrying... Sep 29 12:07:50 thorin atftpd[87956]: timeout: retrying... Sep 29 12:07:53 thorin atftpd[83104]: timeout: retrying... Sep 29 12:07:54 thorin atftpd[85717]: timeout: retrying... Sep 29 12:07:55 thorin atftpd[84133]: timeout: retrying... Sep 29 12:07:55 thorin atftpd[87956]: timeout: retrying... Sep 29 12:07:58 thorin atftpd[83104]: timeout: retrying... Sep 29 12:07:59 thorin atftpd[85717]: timeout: retrying... Sep 29 12:08:00 thorin atftpd[84133]: timeout: retrying... Sep 29 12:08:00 thorin atftpd[87956]: timeout: retrying... Sep 29 12:08:04 thorin atftpd[85717]: timeout: retrying... Sep 29 12:08:05 thorin atftpd[87956]: timeout: retrying... Sep 29 12:08:10 thorin atftpd[87956]: timeout: retrying... [...] Unfortunately I lack the time to debug this. If noone can fix it, I'd recommend excluding kfreebsd-{i386,amd64} builds of atftpd for the time being. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: kfreebsd-amd64 (x86_64) Kernel: kFreeBSD 8.1-1-amd64 Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages atftpd depends on: ii debconf [debconf-2.0] 1.5.35 Debian configuration management sy ii libc0.1 2.11.2-6 Embedded GNU C Library: Shared lib ii libpcre3 8.02-1.1 Perl 5 Compatible Regular Expressi ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra ii update-inetd 4.37 inetd configuration file updater Versions of packages atftpd recommends: pn inet-superserver (no description available) Versions of packages atftpd suggests: ii logrotate 3.7.8-6Log rotation utility -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598285: marked as done (bristol: CVE-2010-3351: insecure library loading)
Your message dated Wed, 29 Sep 2010 10:17:26 + with message-id and subject line Bug#598285: fixed in bristol 0.60.6-2 has caused the Debian Bug report #598285, regarding bristol: CVE-2010-3351: insecure library loading to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 598285: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598285 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: bristol Version: 0.60.5-1+b1 Severity: grave Tags: security User: t...@security.debian.org Usertags: ldpath Hello, During a review of the Debian archive, I've found your package to contain a script that can be abused by an attacker to execute arbitrary code. The vulnerability is introduced by an insecure change to LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for libraries on a directory other than the standard paths. Vulnerable code follows: /usr/bin/startBristol line 350: export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH}:${BRISTOL}/lib When there's an empty item on the colon-separated list of LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.) If the given script is executed from a directory where a potential, local, attacker can write files to, there's a chance to exploit this bug. Note that there's also a missing slash on the second entry (_usr_/lib.) This vulnerability has been assigned the CVE id CVE-2010-3351. Please make sure you mention it when forwarding this report to upstream and when fixing this bug (everywhere: upstream and here at Debian.) [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3351 [1] http://security-tracker.debian.org/tracker/CVE-2010-3351 Sincerely, Raphael Geissert --- End Message --- --- Begin Message --- Source: bristol Source-Version: 0.60.6-2 We believe that the bug you reported is fixed in the latest version of bristol, which is due to be installed in the Debian FTP archive: bristol-data_0.60.6-2_all.deb to main/b/bristol/bristol-data_0.60.6-2_all.deb bristol_0.60.6-2.debian.tar.gz to main/b/bristol/bristol_0.60.6-2.debian.tar.gz bristol_0.60.6-2.dsc to main/b/bristol/bristol_0.60.6-2.dsc bristol_0.60.6-2_amd64.deb to main/b/bristol/bristol_0.60.6-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 598...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alessio Treglia (supplier of updated bristol package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 29 Sep 2010 12:03:25 +0200 Source: bristol Binary: bristol bristol-data Architecture: source amd64 all Version: 0.60.6-2 Distribution: experimental Urgency: low Maintainer: Debian Multimedia Maintainers Changed-By: Alessio Treglia Description: bristol- vintage synthesizer emulator bristol-data - vintage synthesizer emulator (data files) Closes: 598285 Changes: bristol (0.60.6-2) experimental; urgency=low . * Add patch to prevent insecure library loading; Closes: #598285, CVE-2010-3351 * Add local-options file. Checksums-Sha1: 7669fa9394d9c355e86aa5dc95d7bd86dbc0991f 1386 bristol_0.60.6-2.dsc d7664ed696708c5041903292fa2e31fc4db690c8 7681 bristol_0.60.6-2.debian.tar.gz 4c1c740e3a7fd80a72a2a00f96efbae684b20e94 927750 bristol_0.60.6-2_amd64.deb 3c01d806c15882318c60911d9fcd94d0a6a1625c 2837258 bristol-data_0.60.6-2_all.deb Checksums-Sha256: d318897c7801a502ee6978188b0465d46916750223c718c484a1958a88805794 1386 bristol_0.60.6-2.dsc d00054983c6642fcff1149c49057059452167561eacf218fa2053814178fda8a 7681 bristol_0.60.6-2.debian.tar.gz de4642c894aa2712272b16bb89b668c1916649cd7841dffce68736168fcbbfcd 927750 bristol_0.60.6-2_amd64.deb 89f3fd01f8801db7e54d22288227d416e3f90965fa69dc13a2dbb90ad6b7b1d0 2837258 bristol-data_0.60.6-2_all.deb Files: 569d0ecb288452c7cfd994ae3ea05578 1386 sound optional bristol_0.60.6-2.dsc a77accab6e648c854bf788c1b391ba46 7681 sound optional bristol_0.60.6-2.debian.tar.gz d8ac3c70bbce2c152e6cab578766d535 927750 sound optional bristol_0.60.6-2_amd64.deb f0951ceb1ace630f4e86698baee4473a 2837258 sound optional bristol-data_0.60.6-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyjEE8ACgkQRdSMfNz8P9DLqwCfcjwO6u3jK/MjY7R
Processed: Re: Bug#598469: apt-cacher: excessive connections launched at server
Processing commands for cont...@bugs.debian.org: > reassign 598469 apt-cacher-ng Bug #598469 [apt-cacher] apt-cacher: excessive connections launched at server Bug reassigned from package 'apt-cacher' to 'apt-cacher-ng'. > Thanks Stopping processing here. Please contact me if you need assistance. -- 598469: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598469 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598469: apt-cacher: excessive connections launched at server
reassign 598469 apt-cacher-ng Thanks On Wed, Sep 29, 2010 at 10:14:52AM +0100, Philip Hands wrote: > Package: apt-cacher > Severity: serious > > Hi, > > I run ftp.uk.debian.org, and recently noticed that I was getting hourly > spikes of connections. On investigation, it seems that a particular IP > address is launching what ammounts to a low-grade DoS, trying to get > the same files thousands of times a day, making hundreds of attempts per > second. > > Examining the incoming packets, I see this header: > > User-Agent: Debian Apt-Cacher-NG/0.4 This is apt-cacher-ng, not apt-cacher. Reassigned Mark -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#597977: marked as done (fluidsynth: FTBFS on kfreebsd-*: fluid_rtkit.c: error: storage size unknown)
Your message dated Wed, 29 Sep 2010 09:47:09 + with message-id and subject line Bug#597977: fixed in fluidsynth 1.1.2-2 has caused the Debian Bug report #597977, regarding fluidsynth: FTBFS on kfreebsd-*: fluid_rtkit.c: error: storage size unknown to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 597977: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: fluidsynth Version: 1.1.2-1 Severity: serious Justification: FTBFS User: debian-...@lists.debian.org Usertags: kfreebsd Hi, your package no longer builds on kfreebsd-*: | cd /build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/obj-x86_64-kfreebsd-gnu/src && /usr/bin/gcc -Dlibfluidsynth_EXPORTS -DHAVE_LASH -DHAVE_CONFIG_H -g -O2 -fPIC -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/obj-x86_64-kfreebsd-gnu -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/drivers -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/synth -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/rvoice -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/midi -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/utils -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/sfloader -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/bindings -I/build/buildd-fluidsynth_1.1 .2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/include -I/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/obj-x86_64-kfreebsd-gnu/include -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include -I/usr/include/lash-1.0 -o CMakeFiles/libfluidsynth.dir/bindings/fluid_rtkit.c.o -c /build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/bindings/fluid_rtkit.c | /build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/bindings/fluid_rtkit.c: In function 'fluid_rtkit_make_realtime': | /build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/bindings/fluid_rtkit.c:336: error: storage size of 'old_limit' isn't known | /build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/src/bindings/fluid_rtkit.c:336: error: storage size of 'new_limit' isn't known | make[3]: *** [src/CMakeFiles/libfluidsynth.dir/bindings/fluid_rtkit.c.o] Error 1 | make[3]: Leaving directory `/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/obj-x86_64-kfreebsd-gnu' | make[2]: *** [src/CMakeFiles/libfluidsynth.dir/all] Error 2 | make[2]: Leaving directory `/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/obj-x86_64-kfreebsd-gnu' | make[1]: *** [all] Error 2 | make[1]: Leaving directory `/build/buildd-fluidsynth_1.1.2-1-kfreebsd-amd64-S6AiKT/fluidsynth-1.1.2/obj-x86_64-kfreebsd-gnu' | dh_auto_build: make -j1 returned exit code 2 Full build logs: https://buildd.debian.org/status/package.php?p=fluidsynth&suite=experimental Mraw, KiBi. --- End Message --- --- Begin Message --- Source: fluidsynth Source-Version: 1.1.2-2 We believe that the bug you reported is fixed in the latest version of fluidsynth, which is due to be installed in the Debian FTP archive: fluidsynth_1.1.2-2.debian.tar.gz to main/f/fluidsynth/fluidsynth_1.1.2-2.debian.tar.gz fluidsynth_1.1.2-2.dsc to main/f/fluidsynth/fluidsynth_1.1.2-2.dsc fluidsynth_1.1.2-2_amd64.deb to main/f/fluidsynth/fluidsynth_1.1.2-2_amd64.deb libfluidsynth-dev_1.1.2-2_all.deb to main/f/fluidsynth/libfluidsynth-dev_1.1.2-2_all.deb libfluidsynth1_1.1.2-2_amd64.deb to main/f/fluidsynth/libfluidsynth1_1.1.2-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 597...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alessio Treglia (supplier of updated fluidsynth package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 29 Sep 2010 11:18:56 +0200 Source: fluidsynth Binary:
Bug#598469: apt-cacher: excessive connections launched at server
Package: apt-cacher Severity: serious Hi, I run ftp.uk.debian.org, and recently noticed that I was getting hourly spikes of connections. On investigation, it seems that a particular IP address is launching what ammounts to a low-grade DoS, trying to get the same files thousands of times a day, making hundreds of attempts per second. Examining the incoming packets, I see this header: User-Agent: Debian Apt-Cacher-NG/0.4 hence this bug report. To indicate the scale of the problem, let's have a look at one of the busier seconds (07:52:42) of activity from this one IP address this morning: p...@free:~$ grep $IP /var/log/nginx/ftphost.access.log | sed -ne '\#29/Sep/2010:07:52:42#s/.*GET \([^ ]*\) .*$/\1/p' | sort | uniq -c | sort -nr 23 /debian/dists/lenny/non-free/source/Sources.diff/Index 23 /debian/dists/lenny/contrib/source/Sources.diff/Index 22 /debian/dists/lenny/main/source/Sources.diff/Index 18 /debian/dists/lenny/main/binary-i386/Packages.bz2 18 /debian-volatile/dists/lenny/volatile/contrib/binary-i386/Packages.diff/Index 17 /debian-volatile/dists/lenny/volatile/non-free/binary-i386/Packages.diff/Index 17 /debian-volatile/dists/lenny/volatile/main/binary-i386/Packages.diff/Index 16 /debian/dists/lenny/contrib/binary-i386/Packages.diff/Index 15 /debian/dists/lenny/non-free/binary-i386/Packages.bz2 13 /debian-volatile/dists/lenny/volatile-sloppy/main/binary-i386/Packages.bz2 12 /debian/dists/lenny/non-free/binary-i386/Packages.diff/Index 12 /debian-volatile/dists/lenny/volatile-sloppy/non-free/binary-i386/Packages.diff/Index 12 /debian-volatile/dists/lenny/volatile-sloppy/contrib/binary-i386/Packages.bz2 11 /debian-volatile/dists/lenny/volatile/Release.gpg 9 /debian-volatile/dists/lenny/volatile/non-free/binary-i386/Packages.bz2 9 /debian-volatile/dists/lenny/volatile/main/binary-i386/Packages.bz2 9 /debian-volatile/dists/lenny/volatile/contrib/binary-i386/Packages.bz2 9 /debian-volatile/dists/lenny/volatile-sloppy/non-free/binary-i386/Packages.bz2 8 /debian/dists/lenny/contrib/source/Sources.bz2 7 /debian/dists/lenny/non-free/source/Sources.bz2 7 /debian/dists/lenny/main/binary-i386/Packages.diff/Index 7 /debian/dists/lenny/contrib/binary-i386/Packages.bz2 7 /debian/dists/lenny/Release.gpg 7 /debian/dists/lenny/Release 7 /debian-volatile/dists/lenny/volatile/Release 7 /debian-volatile/dists/lenny/volatile-sloppy/main/binary-i386/Packages.diff/Index 7 /debian-volatile/dists/lenny/volatile-sloppy/Release 6 /debian/dists/lenny/main/source/Sources.bz2 6 /debian-volatile/dists/lenny/volatile-sloppy/contrib/binary-i386/Packages.diff/Index 5 /debian-volatile/dists/lenny/volatile-sloppy/Release.gpg asking for the same URL 23 times in the same second seems just a little brain-dead to me, especially given that it's recieving a 404 in response. Is apt-cacher expecting it to have popped into existance in the interveining milliseconds? It's also doing it for valid URLs as is shown by the #4 slot, which is 18 attempts to grab what seems to be the last byte of the file /debian/dists/lenny/main/binary-i386/Packages.bz2, which gets a 206 response. This seems particularly surprising behaviour for a program with the word cacher in its name. I presume (or at least hope) that the user has made some sort of local configuration error, but the fact that this package enables this makes it a serious problem IMO. I will attempt to contact the user, and will ask them to contribute details here if possible. Hopefully we'll be able to identify something that will allow the daemon to abort if the config is likely to end up with this behaviour. Cheers, Phil. |)| Philip Hands [+44 (0)20 8530 9560]http://www.hands.com/ |-| HANDS.COM Ltd.http://www.uk.debian.org/ |(| 10 Onslow Gardens, South Woodford, London E18 1NE ENGLAND -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: also broken on mips
Same on gabrielli.d.o (mips): | sid | | Get:1 http://mirrors.ece.ubc.ca sid Release.gpg [835B] | Ign http://mirrors.ece.ubc.ca/debian/ sid/contrib Translation-de | Ign http://mirrors.ece.ubc.ca/debian/ sid/contrib Translation-en | Ign http://mirrors.ece.ubc.ca/debian/ sid/contrib Translation-es | Get:2 http://mirrors.ece.ubc.ca/debian/ sid/main Translation-de [1500kB] | Ign http://mirrors.ece.ubc.ca/debian/ sid/main Translation-en | Get:3 http://mirrors.ece.ubc.ca/debian/ sid/main Translation-es [489kB] | Ign http://mirrors.ece.ubc.ca/debian/ sid/non-free Translation-de | Ign http://mirrors.ece.ubc.ca/debian/ sid/non-free Translation-en | Ign http://mirrors.ece.ubc.ca/debian/ sid/non-free Translation-es | Get:4 http://mirrors.ece.ubc.ca sid Release [104kB] | Get:5 http://mirrors.ece.ubc.ca sid/main Sources [3984kB] | Get:6 http://mirrors.ece.ubc.ca sid/contrib Sources [38.7kB] | Get:7 http://mirrors.ece.ubc.ca sid/non-free Sources [80.3kB] | Get:8 http://mirrors.ece.ubc.ca sid/main mips Packages [6628kB] | Get:9 http://mirrors.ece.ubc.ca sid/contrib mips Packages [51.7kB] | Get:10 http://mirrors.ece.ubc.ca sid/non-free mips Packages [92.1kB] | Fetched 13.0MB in 39s (328kB/s) | Reading package lists... Done | Reading package lists... Done | Building dependency tree | Reading state information... Done | Calculating upgrade... Done | The following packages will be upgraded: | gcl libhtml-parser-perl python-apt udisks | 4 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. | Need to get 53.1MB of archives. | After this operation, 2335kB of additional disk space will be used. | Get:1 http://mirrors.ece.ubc.ca/debian/ sid/main python-apt mips 0.7.98 [542kB] | Get:2 http://mirrors.ece.ubc.ca/debian/ sid/main gcl mips 2.6.7-74 [52.2MB] | Get:3 http://mirrors.ece.ubc.ca/debian/ sid/main libhtml-parser-perl mips 3.68-1 [116kB] | Get:4 http://mirrors.ece.ubc.ca/debian/ sid/main udisks mips 1.0.1+git20100614-3 [254kB] | Fetched 53.1MB in 8s (5987kB/s) | Preconfiguring packages ... | | (Reading database ... 137011 files and directories currently installed.) | Preparing to replace python-apt 0.7.97.1 (using .../python-apt_0.7.98_mips.deb) ... | Unpacking replacement python-apt ... | Preparing to replace gcl 2.6.7-71 (using .../archives/gcl_2.6.7-74_mips.deb) ... | remove/gcl: purging byte-compiled files for emacs23 | Unpacking replacement gcl ... | Preparing to replace libhtml-parser-perl 3.66-1 (using .../libhtml-parser-perl_3.68-1_mips.deb) ... | Unpacking replacement libhtml-parser-perl ... | Preparing to replace udisks 1.0.1+git20100614-2 (using .../udisks_1.0.1+git20100614-3_mips.deb) ... | Unpacking replacement udisks ... | Processing triggers for man-db ... | Setting up python-apt (0.7.98) ... | Traceback (most recent call last): | File "/usr/bin/pycentral", line 2334, in | main() | File "/usr/bin/pycentral", line 2328, in main | rv = action.run(global_options) | File "/usr/bin/pycentral", line 1481, in run | pkg.read_version_info() | File "/usr/bin/pycentral", line 899, in read_version_info | self.version_info = pyversions.parse_versions(self.version_field) | File "/usr/share/pycentral-data/pyversions.py", line 68, in parse_versions | raise ValueError, 'error parsing Python-Version attribute' | ValueError: error parsing Python-Version attribute | dpkg: error processing python-apt (--configure): | subprocess installed post-installation script returned error exit status 1 | configured to not write apport reports | Setting up gcl (2.6.7-74) ... | install/gcl: Handling install for emacsen flavor emacs23 | Loading 00debian-vars... | No /etc/mailname. Reverting to default... | Loading /etc/emacs/site-start.d/50autoconf.el (source)... | Loading /etc/emacs/site-start.d/50cmake-data.el (source)... | Loading /etc/emacs/site-start.d/50gcl.el (source)... | Loading /etc/emacs/site-start.d/50git-core.el (source)... | Wrote /usr/share/emacs23/site-lisp/gcl/add-default.elc | Wrote /usr/share/emacs23/site-lisp/gcl/ansi-doc.elc | Wrote /usr/share/emacs23/site-lisp/gcl/dbl.elc | Wrote /usr/share/emacs23/site-lisp/gcl/doc-to-texi.elc | Wrote /usr/share/emacs23/site-lisp/gcl/gcl.elc | Wrote /usr/share/emacs23/site-lisp/gcl/man1-to-texi.elc | Wrote /usr/share/emacs23/site-lisp/gcl/smart-complete.elc | Wrote /usr/share/emacs23/site-lisp/gcl/sshell.elc | Setting up libhtml-parser-perl (3.68-1) ... | Setting up udisks (1.0.1+git20100614-3) ... | Errors were encountered while processing: | python-apt | E: Sub-process /usr/bin/dpkg returned an error code (1) | wea...@gabrielli:~$ -- | .''`. ** Debian GNU/Linux ** Peter Palfrader | : :' : The universal http://www.palfrader.org/ | `. `' Operating System | `-http://www.debian.org/ -- To UNSUBSCRIBE, email
Processed: your mail
Processing commands for cont...@bugs.debian.org: > tags 597977 pending Bug #597977 [src:fluidsynth] fluidsynth: FTBFS on kfreebsd-*: fluid_rtkit.c: error: storage size unknown Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 597977: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: #598432: python-apt: upgrade fails
Package: python-apt Version: 0.7.98 Severity: grave Hi, interestingly here (sid/amd64) it does not fail because of python3 or python3.1 but because of python2.7: Setting up python-apt (0.7.98) ... INFO: using unknown version '/usr/bin/python2.7' (debian_defaults not up-to-date?) Traceback (most recent call last): File "/usr/bin/pycentral", line 2334, in main() File "/usr/bin/pycentral", line 2328, in main rv = action.run(global_options) File "/usr/bin/pycentral", line 1481, in run pkg.read_version_info() File "/usr/bin/pycentral", line 899, in read_version_info self.version_info = pyversions.parse_versions(self.version_field) File "/usr/share/pycentral-data/pyversions.py", line 68, in parse_versions raise ValueError, 'error parsing Python-Version attribute' ValueError: error parsing Python-Version attribute dpkg: error processing python-apt (--configure): subprocess installed post-installation script returned error exit status 1 Installed versions of python: ii python2.52.5.5-8 ii python2.62.6.6-5 ii python2.72.7-8 ii python3 3.1.2-12 ii python3.13.1.2+20100926-1 ii python3.23.2~a2-6 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (600, 'testing'), (400, 'stable'), (110, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-xen-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.ISO-8859-15, LC_CTYPE=en_US.ISO-8859-15 (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/dash Versions of packages python-apt depends on: ii apt [libapt-pkg4.10] 0.8.5 Advanced front-end for dpkg ii apt-utils [libapt-inst1.2] 0.8.5 APT utility programs ii libc62.11.2-6Embedded GNU C Library: Shared lib ii libgcc1 1:4.4.4-17 GCC support library ii libstdc++6 4.4.4-17The GNU Standard C++ Library v3 ii python 2.6.6-3 interactive high-level object-orie ii python-central 0.6.16+nmu1 register and build utility for Pyt Versions of packages python-apt recommends: ii iso-codes 3.20-1 ISO language, territory, currency, ii lsb-release 3.2-24 Linux Standard Base version report ii python2.6 2.6.6-5An interactive high-level object-o Versions of packages python-apt suggests: pn python-apt-dbg (no description available) pn python-apt-doc (no description available) ii python-gtk2 2.17.0-4 Python bindings for the GTK+ widge pn python-vte (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598283: marked as done (ardour: CVE-2010-3349: insecure library loading)
Your message dated Wed, 29 Sep 2010 08:32:18 + with message-id and subject line Bug#598282: fixed in ardour 1:2.8.11-2 has caused the Debian Bug report #598282, regarding ardour: CVE-2010-3349: insecure library loading to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 598282: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598282 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ardour Version: 1:2.8.11-1 Severity: grave Tags: security User: t...@security.debian.org Usertags: ldpath Hello, During a review of the Debian archive, I've found your package to contain a script that can be abused by an attacker to execute arbitrary code. The vulnerability is introduced by an insecure change to LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for libraries on a directory other than the standard paths. Vulnerable code follows: /usr/bin/ardour2 line 5: export LD_LIBRARY_PATH=/usr/lib/ardour2:$LD_LIBRARY_PATH When there's an empty item on the colon-separated list of LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.) If the given script is executed from a directory where a potential, local, attacker can write files to, there's a chance to exploit this bug. This vulnerability has been assigned the CVE id CVE-2010-3349. Please make sure you mention it when forwarding this report to upstream and when fixing this bug (everywhere: upstream and here at Debian.) [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3349 [1] http://security-tracker.debian.org/tracker/CVE-2010-3349 Sincerely, Raphael Geissert --- End Message --- --- Begin Message --- Source: ardour Source-Version: 1:2.8.11-2 We believe that the bug you reported is fixed in the latest version of ardour, which is due to be installed in the Debian FTP archive: ardour-i686_2.8.11-2_i386.deb to main/a/ardour/ardour-i686_2.8.11-2_i386.deb ardour_2.8.11-2.debian.tar.gz to main/a/ardour/ardour_2.8.11-2.debian.tar.gz ardour_2.8.11-2.dsc to main/a/ardour/ardour_2.8.11-2.dsc ardour_2.8.11-2_i386.deb to main/a/ardour/ardour_2.8.11-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 598...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Adrian Knoth (supplier of updated ardour package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 28 Sep 2010 16:44:12 +0200 Source: ardour Binary: ardour ardour-altivec ardour-i686 Architecture: source i386 Version: 1:2.8.11-2 Distribution: unstable Urgency: low Maintainer: Debian Multimedia Maintainers Changed-By: Adrian Knoth Description: ardour - digital audio workstation (graphical gtk2 interface) ardour-altivec - digital audio workstation (graphical gtk2 interface) [altivec] ardour-i686 - digital audio workstation (graphical gtk2 interface) [i686] Closes: 598282 Changes: ardour (1:2.8.11-2) unstable; urgency=low . [ Jonas Smedegaard ] * Recommend iceweasel and only fallback on virtual www-browser, and drop superfluous fallback on firefox. * Refresh patch using shortinging options --no-timestamps --no-index - pab. * Maintain package relations in rules file. * Fix have ardour replace and conflict with itself (as same name is used as virtual name for other flavors). * Add quirk to recommend firefox (not iceweasel) for Ubuntu. * Rewrite copyright file to recent draft DEP5 machine-readable format. * Fix add verbatim text for a(nother) Libtool exception in debian/copyright. . [ Adrian Knoth ] * Unapply patches after git-buildpackage * Fix insecure library loading (Closes: #598282) . [ Luke Yelavich ] * debian/control: Do not explicitly depend on a particular version of jackd Checksums-Sha1: d2f0890b3cbcf95a5de6c8d8fd25fbb9528cfcb4 2592 ardour_2.8.11-2.dsc 83a0643857fa092b6ce61def92d9190fb19c609c 56968 ardour_2.8.11-2.debian.tar.gz a9e2f2ee589ac17930f9ab92708e515b1ff8be3f 5305376 ardour_2.8.11-2_i386.deb bdc08058b9ea1547241eb26069ade309b3d93c6c 4921814 ardour-i686_2.8.11-2_i386.deb Checksums-Sha256: e2155241745955236a35f9248da3b692c81eb471d2a3e823cbb4ec1dfb3d5751 2592 ardour_2.8.11-2.dsc 527f8a9c3d5c684bf76f1e6746c386b138d95b70a699442e7ac2
Bug#598282: marked as done (ardour-i686: CVE-2010-3349: insecure library loading)
Your message dated Wed, 29 Sep 2010 08:32:18 + with message-id and subject line Bug#598282: fixed in ardour 1:2.8.11-2 has caused the Debian Bug report #598282, regarding ardour-i686: CVE-2010-3349: insecure library loading to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 598282: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598282 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ardour-i686 Version: 1:2.8.11-1 Severity: grave Tags: security User: t...@security.debian.org Usertags: ldpath Hello, During a review of the Debian archive, I've found your package to contain a script that can be abused by an attacker to execute arbitrary code. The vulnerability is introduced by an insecure change to LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for libraries on a directory other than the standard paths. Vulnerable code follows: /usr/bin/ardour2 line 5: export LD_LIBRARY_PATH=/usr/lib/ardour2:$LD_LIBRARY_PATH When there's an empty item on the colon-separated list of LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.) If the given script is executed from a directory where a potential, local, attacker can write files to, there's a chance to exploit this bug. This vulnerability has been assigned the CVE id CVE-2010-3349. Please make sure you mention it when forwarding this report to upstream and when fixing this bug (everywhere: upstream and here at Debian.) [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3349 [1] http://security-tracker.debian.org/tracker/CVE-2010-3349 Sincerely, Raphael Geissert --- End Message --- --- Begin Message --- Source: ardour Source-Version: 1:2.8.11-2 We believe that the bug you reported is fixed in the latest version of ardour, which is due to be installed in the Debian FTP archive: ardour-i686_2.8.11-2_i386.deb to main/a/ardour/ardour-i686_2.8.11-2_i386.deb ardour_2.8.11-2.debian.tar.gz to main/a/ardour/ardour_2.8.11-2.debian.tar.gz ardour_2.8.11-2.dsc to main/a/ardour/ardour_2.8.11-2.dsc ardour_2.8.11-2_i386.deb to main/a/ardour/ardour_2.8.11-2_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 598...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Adrian Knoth (supplier of updated ardour package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 28 Sep 2010 16:44:12 +0200 Source: ardour Binary: ardour ardour-altivec ardour-i686 Architecture: source i386 Version: 1:2.8.11-2 Distribution: unstable Urgency: low Maintainer: Debian Multimedia Maintainers Changed-By: Adrian Knoth Description: ardour - digital audio workstation (graphical gtk2 interface) ardour-altivec - digital audio workstation (graphical gtk2 interface) [altivec] ardour-i686 - digital audio workstation (graphical gtk2 interface) [i686] Closes: 598282 Changes: ardour (1:2.8.11-2) unstable; urgency=low . [ Jonas Smedegaard ] * Recommend iceweasel and only fallback on virtual www-browser, and drop superfluous fallback on firefox. * Refresh patch using shortinging options --no-timestamps --no-index - pab. * Maintain package relations in rules file. * Fix have ardour replace and conflict with itself (as same name is used as virtual name for other flavors). * Add quirk to recommend firefox (not iceweasel) for Ubuntu. * Rewrite copyright file to recent draft DEP5 machine-readable format. * Fix add verbatim text for a(nother) Libtool exception in debian/copyright. . [ Adrian Knoth ] * Unapply patches after git-buildpackage * Fix insecure library loading (Closes: #598282) . [ Luke Yelavich ] * debian/control: Do not explicitly depend on a particular version of jackd Checksums-Sha1: d2f0890b3cbcf95a5de6c8d8fd25fbb9528cfcb4 2592 ardour_2.8.11-2.dsc 83a0643857fa092b6ce61def92d9190fb19c609c 56968 ardour_2.8.11-2.debian.tar.gz a9e2f2ee589ac17930f9ab92708e515b1ff8be3f 5305376 ardour_2.8.11-2_i386.deb bdc08058b9ea1547241eb26069ade309b3d93c6c 4921814 ardour-i686_2.8.11-2_i386.deb Checksums-Sha256: e2155241745955236a35f9248da3b692c81eb471d2a3e823cbb4ec1dfb3d5751 2592 ardour_2.8.11-2.dsc 527f8a9c3d5c684bf76f1e6746c386b138d95b70a6
Bug#598432: python-apt: upgrade fails
>> Stefan Fleischmann wrote: >> > Change the 3rd line in the file '/usr/share/pyshared-data/python-apt' to >> > "python-version = 2.6, 3.1, 2.5" > >> That doesn't work for me. [...] > >If I read Stefan's message further: >> Then you're able to remove the package or replace it with version >> 0.7.97.1 from testing. > >That does work. Having only the 2.X versions in '/usr/share/pyshared-data/python-apt' (I've removed the 3 or whatever begin with 3) allowed me to run 'dpkg -P --force-all python-apt' successfully. After that I've installed the python-apt from testing and the error is gone. btw, debian/unstable here, amd64 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#590521: (no subject)
I doubt this upload fixed this bug. This but is not about QTC_MODIFY_MOZILLA (which, apparently, is off by default anyway) but about the code I've mentioned in http://bugs.debian.org/590521#10 which can't be disabled in the compile-time. -- WBR, wRAR (ALT Linux Team) signature.asc Description: Digital signature
Bug#577720: RC bug #577720: ping ?
Hi Norbert, It's been almost two months since you tagged the RC bug #577720 as "pending" and it seems that more changes are ready on the VCS. Is the upload fixing this bug in the pipes towards unstable or would you like me (or anyone) to prepare and upload an NMU (based on the svn commit 1898) ? Thanks in advance, cheers, OdyX -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part.
Bug#596929: Bug#596931: gforge-db-postgresql: Database still not created on installation
On Tue, 28 Sep 2010, Roland Mas wrote: > , > | v=0 ; invoke-rc.d postgresql restart || v=$? > ` Ouch, sorry. My bad. Thanks Roland for spotting this. //mirabilos -- tarent Gesellschaft für Softwareentwicklung und IT-Beratung mbH Geschäftsführer: Boris Esser, Elmar Geese HRB AG Bonn 5168 - USt-ID (VAT): DE122264941 Heilsbachstraße 24, 53123 Bonn, Telefon: +49 228 52675-93 Thiemannstraße 36 a, 12059 Berlin, Telefon: +49 30 5682943-30 Internet: http://www.tarent.de/ • Telefax: +49 228 52675-25 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#595431: Aborting fsck aborts all scripts in rcS.d
Hi! I encountered this bug, too. >How does changing /etc/init.d/rc with the below patch modify behaviour? No, Kel, nothing changed. Sorry. -- Regards, Alexander Batischev -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598463: python-libcloud: libcloud https connections are not secured against mitm attacks
Package: python-libcloud Severity: grave Tags: security Justification: user security hole libcloud fails to perform ssl validation on https connections. This means that users of this module, who which perform api requests using https urls / connections are at risk to mitm attacks. See http://github.com/tjfontaine/linode-python/issues/issue/1#issue/1 for more information. -- System Information: Debian Release: 5.0.6 APT prefers stable APT policy: (900, 'stable'), (600, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35.4 (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#591975: [MTOS-dev] Licence/source code for .swf files shipping with MTOS
Dominic, Sorry to keep you waiting, I'm talking with the author again. Please wait for a while for the response. Jun Kaneko jkan...@sixapart.com On 2010/09/27, at 2:57, Dominic Hargreaves wrote: On Fri, Aug 20, 2010 at 06:40:20PM +0900, Jun Kaneko wrote: I confirmed with the plugin author about it. Unfortunately it is not yet ready to be opened to the public, and requires some more time, probably until the end of September. Hello, I wondered if you had any more news about this fix which would allow MTOS to be released with Debian squeeze (main) soon? If it's not forthcoming, I will need to move it to non-free (which isn't a disaster -- it can be moved back for future releases), but obviously is sub-optimal). Thanks, Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org