Processed: lastest Sid upgrade breakes yaboot.conf
Processing commands for cont...@bugs.debian.org: > block 572925 by 580455 Bug #572925 [yaboot-installer] installation-reports: PowerMac G5 installation report: ofpath doesn't work in the absence of /proc/scsi/scsi Was blocked by: 572869 Added blocking bug(s) of 572925: 580455 and 587290 > thanks Stopping processing here. Please contact me if you need assistance. -- 572925: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572925 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: lastest Sid upgrade breakes yaboot.conf
Processing commands for cont...@bugs.debian.org: > tags 580455 patch Bug #580455 [yaboot] lastest Sid upgrade breakes yaboot.conf and (maybe) ybin Bug #587290 [yaboot] initramfs-tools: malformed yaboot.conf created when alternate partitions use UUID= in fstab Added tag(s) patch. Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 580455: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580455 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#580455: lastest Sid upgrade breakes yaboot.conf
tags 580455 patch
thanks
Attached patch will:
- Correctly parse boot, bsd, macosx, and darwin options with escaped
characters or when in quotes; convert symlinks into canonical unix block
device names;
- Create yaboot.conf using by-id persistent device name for boot, and
UUID label for root variables.
diff -Nru ./ybin/yabootconfig ../yaboot-1.3.13a/ybin/yabootconfig
--- ./ybin/yabootconfig 2004-07-11 16:12:23.0 -0400
+++ ../yaboot-1.3.13a/ybin/yabootconfig 2010-12-02 11:26:10.0 -0500
@@ -27,7 +27,7 @@
PATH="${PATH}:${PATH_PREFIX}/sbin:${PATH_PREFIX}/bin:${PATH_PREFIX}/usr/sbin:${PATH_PREFIX}/usr/bin:${PATH_PREFIX}/usr/local/sbin:${PATH_PREFIX}/usr/local/bin"
fi
PRG="${0##*/}"
-VERSION=1.0.8
+VERSION=1.0.8+debian1
CHROOT=/
## $CONFIG is relative to $CHROOT
CONFIG=etc/yaboot.conf
@@ -720,6 +720,27 @@
INITRDIMGS="\tinitrd=$INITRDIMG\n\tinitrd-size=8192\n"
fi
+## Get a symlink which always points to the correct block device.
+## If it does not exist, give the unix block device name back.
+devsymlink() {
+ [ "$2" != "nobyid" ] && BYID="/dev/disk/by-id/scsi* /dev/disk/by-id/*"
+ for SYMLINK in $BYID /dev/disk/by-uuid/* /dev/disk/by-label/*; do
+[ "`readlink -f "$SYMLINK"`" = "$1" ] && {
+ echo $SYMLINK
+ return
+}
+ done
+ echo $1
+}
+
+## Get UUID= or LABEL= for the given unix partition block device.
+## If it could not be determined, give the unix partition block device back.
+uuidlabel() {
+ echo `devsymlink "$1" nobyid` \
+ | sed -e "s,/dev/disk/by-uuid/,UUID=," \
+-e "s,/dev/disk/by-label/,LABEL=,"
+}
+
## generate global section of yaboot.conf
GLOBAL="## yaboot.conf generated by $PRG $VERSION
##
@@ -727,9 +748,9 @@
${HEADER}##
## For a dual-boot menu, add one or more of:
## bsd=/dev/hdaX, macos=/dev/hdaY, macosx=/dev/hdaZ\n
-boot=${BOOT}${DEVICE:-}
+boot=\"`devsymlink "${BOOT}"`\"${DEVICE:-}
partition=$PARTITION
-root=$ROOT
+root=\"`uuidlabel "${ROOT}"`\"
timeout=30
install=${INSTALL}${OFBOOT:-}\n"
diff -Nru ./ybin/ybin ../yaboot-1.3.13a/ybin/ybin
--- ./ybin/ybin 2004-07-11 16:12:12.0 -0400
+++ ../yaboot-1.3.13a/ybin/ybin 2010-12-02 11:25:53.0 -0500
@@ -1589,6 +1589,13 @@
exit 1
fi
+## also accept symlink names in quotes or with escaped characters
+boot="`readlink -f \"$(eval echo ${boot})\"`"
+bsd="`readlink -f \"$(eval echo ${bsd})\"`"
+macos="`readlink -f \"$(eval echo ${macos})\"`"
+macosx="`readlink -f \"$(eval echo ${macosx})\"`"
+darwin="`readlink -f \"$(eval echo ${darwin})\"`"
+
## if there is still no config file use the automatic generation to make a
## generic yaboot.conf. do this before the confcheck to avoid wierd errors.
if [ "$bootconf" = /dev/null ] ; then
signature.asc
Description: OpenPGP digital signature
Processed: PowerMac G5 installation report: ofpath doesn't work in the absence of /proc/scsi/scsi
Processing commands for cont...@bugs.debian.org: > tags 572869 patch Bug #572869 [yaboot] installation-reports: PowerMac G5 installation report: ofpath doesn't work in the absence of /proc/scsi/scsi Bug #589701 [yaboot] installation-reports: Install yaboot on a hard disk - Failed to install boot loader Bug #594715 [yaboot] installation-reports: successful install but yaboot problem Added tag(s) patch. Added tag(s) patch. Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 572869: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572869 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#572869: PowerMac G5 installation report: ofpath doesn't work in the absence of /proc/scsi/scsi
tags 572869 patch
thanks
* Get scsi, sata, and firewire drive info from /sys/ as legacy
/proc/scsi interface does not exist anymore.
(Closes: #572869, #377097, #342833, #289201)
Find bug-fix test install cd at:
http://www.quarkline.net/debian/bug/yaboot/
The attached patch was successfully tested/installed on:
IBM POWER IntelliStation 270
IBM pSeries 610
IBM RS/6000 44P Model 170
Xserve G5
PowerMac G5 SATA, SCSI, ESATA, Firewire
iMac G5 SATA, Firewire
eMac G4 ATA, Firewire
Mac Mini G4 ATA, Firewire
PowerMac G4 SCSI, ATA, SATA
PowerMac G3 Server SCSI, SATA
PowerBook G3 ATA, SCSI
iBook G3 ATA, Firewire
YDL PowerStation built-in SAS
Add-on SATA controlers used during testing on Macs:
Sonnet Tempo SATA PCI
SeriTek/1V4
SeriTek/1eVE2+2
SeriTek/1S2
SIIG SC-SATM12
AKIBAKAN AKB-SATA-PCI
diff -Nru ./ybin/ofpath ../yaboot-1.3.13a/ybin/ofpath
--- ./ybin/ofpath 2010-11-26 17:02:34.0 -0500
+++ ../yaboot-1.3.13a/ybin/ofpath 2010-12-02 11:35:50.0 -0500
@@ -3,6 +3,9 @@
###
##
## ofpath: determine OpenFirmware path from unix device node
+##
+## Copyright (C) 2010 Milan Kupcevic
+##
## Copyright (C) 2000, 2001, 2002, 2003 Ethan Benson
##
## Portions based on show_of_path.sh:
@@ -27,7 +30,7 @@
PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
PRG="${0##*/}"
-VERSION=1.0.7
+VERSION=1.0.7+debian1
DEBUG=0
export LC_COLLATE=C
@@ -36,9 +39,10 @@
{
echo \
"$PRG $VERSION
-Written by Ethan Benson
+Written by Ethan Benson, portions rewritten by Milan Kupcevic
Portions based on show_of_path.sh written by Olaf Hering
+Copyright (C) 2010 Milan Kupcevic
Copyright (C) 2000, 2001, 2002, 2003 Ethan Benson
Portions Copyright (C) 2000 Olaf Hering
This is free software; see the source for copying conditions. There is NO
@@ -181,140 +185,124 @@
return 0
}
+# read OpenFirmware device path from its corresponding devspec
+find_of_path()
+{
+ [ -z "$1" ] && return
+ [ -f "$1/devspec" ] && {
+OF_PATH="`cat $1/devspec`"
+SYS_PATH="$1"
+return
+ }
+ find_of_path "${1%/*}"
+}
+
## this finds information we need on both newworld and oldworld macs.
## mainly what scsi host a disk is attached to.
scsiinfo()
{
-## see if system has scsi at all
-if [ ! -f /proc/scsi/scsi ] ; then
- local kver="$(uname -r)"
- case "$kver" in
- 2.5.*|2.6.*)
- if [ -d /sys/bus/scsi/devices -a \
- -n "$(ls /sys/bus/scsi/devices 2>/dev/null)" ] ; then
- echo 1>&2 "$PRG: /proc/scsi/scsi does not exist"
- echo 1>&2 "$PRG: Make sure you compiled your kernel with CONFIG_SCSI_PROC_FS=y"
- return 1
- fi
- ;;
- esac
- echo 1>&2 "$PRG: /dev/$DEVNODE: Device not configured"
- return 1
-fi
-
-## first we have to figure out the SCSI ID, have to do that
-## anyway [to] find the attached scsi disks = "Direct-Access" and
-## stop at sda=1 sdb=2 or whatever count in 3 lines steps
-
-## get last letter of device node, ie sda -> a
-SUBNODE=${DEVNODE##*sd}
-
-## turn SUBNODE above into a number starting at 1, ie a -> 1
-SUBDEV="$(smalltr $SUBNODE)"
-[ "$DEBUG" = 1 ] && echo 1>&2 "$PRG: DEBUG: SUBNODE=$SUBNODE SUBDEV=$SUBDEV"
-
-DEVCOUNT=0
-## copy scsi file into a variable removing "Attached Devices"
-## which is the first line. this avoids a lot of
-## [incmopatible] crap later, and improves readability.
+ SYS_DEVICE="`readlink -f /sys/block/$DEVNODE/device`"
-## find number of lines once and recycle that number, to save
-## some time (linecount is a bit slow). subtract one line
-## to scrap Attached Devices:
+ [ -e "$SYS_DEVICE" ] && {
-SCSILINES="$(($(linecount /proc/scsi/scsi) - 1))"
+SCSI_DEVICE=${SYS_DEVICE##*/}
+HOST_ID=${SCSI_DEVICE%%:*}
+BUS_ID=`T=${SCSI_DEVICE#*:}; echo ${T%%:*}`
+DEVICE_ID=`T=${SCSI_DEVICE#*:*:}; echo ${T%%:*}`
+LUN_ID=${SCSI_DEVICE##*:}
+
+OF_PATH=;find_of_path "$SYS_DEVICE"
+
+SCSI_DRIVER=`cat /sys/class/scsi_host/host$HOST_ID/proc_name 2>/dev/null`
+
+SCSI_NAME=`cat /proc/device-tree$OF_PATH/name 2>/dev/null`
+
+IEEE1394_ID=`cat /sys/block/$DEVNODE/device/ieee1394_id 2>/dev/null`
+IEEE1394_ID=${IEEE1394_ID%%:*}
+
+PLUG_ID=$(ls -dv $SYS_PATH/host* 2>/dev/null | grep -n "/host$HOST_ID$")
+PLUG_ID=$((${PLUG_ID%%:*}-1))
+
+PART=${PARTITION:+:$PARTITION}
+
+[ "$LUN_ID" != "0" ] && LUNX=`printf ",%x" $LUN_ID`
+
+[ "$DEBUG" = "1" ] && {
+ echo SYS_DEVICE=$SYS_DEVICE
+ echo SCSI_DEVICE=$SCSI_DEVICE
+ echo HOST_ID=$HOST_ID
+ echo BUS_ID=$BUS_ID
+ echo DEVICE_ID=$DEVICE_ID
+ echo LUN_ID=$LUN_ID
+ echo PLUG_ID=$PLUG_ID
+ echo IEEE1394_ID=$IEEE1394_ID
+ echo SCSI_NAME=$SCSI_NAME
+ echo SCSI_DRIVER=$SCSI_DRIVER
+ echo SYS_PATH=$SYS_PATH
+ echo OF_PATH=$OF_PATH
+ echo PART=$PART
+ echo LUNX=$LUNX
+}
-if [ "$SUBDEV" -gt "$(cat /proc/scsi/scsi | grep Direc
Bug#605751: apt autoremove (still) tries to remove essential packages
Package: apt Version: 0.8.8 Severity: critical Justification: breaks the whole system Bug 598452 fixes a problem like mine, but with that present, apt is trying to remove grub-pc and others that I'm sure I need. I've marked ones I think I still need with a '*' prefix in the apt-get autoremove output below. I don't know which others I might really need from this list. == Reading package lists... Building dependency tree... Reading state information... The following packages will be REMOVED: *console-setup *console-terminus cpufrequtils djvulibre-desktop empathy empathy-common gconf-defaults-service gnome-session-bin *grub-pc gvfs-bin hamster-applet *isc-dhcp-client *isc-dhcp-common *isc-dhcp-server latex-xft-fonts libass1 libass3 libavahi-core6 libbeagle1 libbind9-50 libcelt0 libclutter-0.8-0 libclutter-cairo-0.8-0 libclutter-gtk-0.8-0 libcolamd-3.2.0 libdb4.6-java libdb4.6-java-gcj libdes425-3 libevince1 libffado1 libgmythupnp0 libgnome-desktop-2-11 libgnomekbd3 libgssdp-1.0-1 libgupnp-1.0-2 libgupnp-igd-1.0-2 libicu40 libicu42 libisccc50 libisccfg50 libjinglebase0.3-0 libjinglep2p0.3-0 libjinglexmllite0.3-0 libjinglexmpp0.3-0 libloudmouth1-0 liblwres50 libmagickcore2 libmagickwand2 libmikmod2 libmission-control-plugins0 libmissioncontrol-client0 libmissioncontrol-server1 libopal3.6.1 libopal3.6.4 libparted1.8-12 libpolkit-dbus2 libpolkit-gnome0 libpoppler4 libpt2.6.1 libpt2.6.4 libpt2.6.4-plugins librasqal1 libsamplerate0 libsane-hpaio libsdl-mixer1.2 libsmbios2 libsmi2-common libsmpeg0 libswfdec-0.8-0 libtelepathy-farsight0 libtelepathy2 libtotem-plparser12 libupnp3 libwebkit-1.0-1 libwildmidi0 libxml++2.6-2 linux-kbuild-2.6.26 linux-kbuild-2.6.30 nautilus-sendto-empathy python-evince python-evolution python-gdl python-gksu2 python-gtkspell python-gtop python-mediaprofiles python-metacity python-rsvg python-totem-plparser raptor-utils redland-utils rhino seahorse-plugins shorewall-common telepathy-gabble telepathy-salut 0 upgraded, 0 newly installed, 96 to remove and 5 not upgraded. After this operation, 144 MB disk space will be freed. Do you want to continue [Y/n]? Abort. The listing of /etc/apt/preferences below seems to have EOL... I hope that isn't a problem... -- Package-specific info: -- apt-config dump -- APT ""; APT::Architecture "i386"; APT::Build-Essential ""; APT::Build-Essential:: "build-essential"; APT::Install-Recommends "1"; APT::Install-Suggests "0"; APT::Acquire ""; APT::Acquire::Translation "environment"; APT::NeverAutoRemove ""; APT::NeverAutoRemove:: "^firmware-linux.*"; APT::NeverAutoRemove:: "^linux-firmware$"; APT::NeverAutoRemove:: "^linux-image.*"; APT::NeverAutoRemove:: "^kfreebsd-image.*"; APT::NeverAutoRemove:: "^linux-restricted-modules.*"; APT::NeverAutoRemove:: "^linux-ubuntu-modules-.*"; APT::Never-MarkAuto-Sections ""; APT::Never-MarkAuto-Sections:: "metapackages"; APT::Never-MarkAuto-Sections:: "restricted/metapackages"; APT::Never-MarkAuto-Sections:: "universe/metapackages"; APT::Never-MarkAuto-Sections:: "multiverse/metapackages"; APT::Never-MarkAuto-Sections:: "oldlibs"; APT::Never-MarkAuto-Sections:: "restricted/oldlibs"; APT::Never-MarkAuto-Sections:: "universe/oldlibs"; APT::Never-MarkAuto-Sections:: "multiverse/oldlibs"; APT::Periodic ""; APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "0"; APT::Periodic::AutocleanInterval "0"; APT::Update ""; APT::Update::Post-Invoke ""; APT::Update::Post-Invoke:: "touch /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true"; APT::Archives ""; APT::Archives::MaxAge "30"; APT::Archives::MinAge "2"; APT::Archives::MaxSize "500"; APT::Authentication ""; APT::Authentication::TrustCDROM "true"; Dir "/"; Dir::State "var/lib/apt/"; Dir::State::lists "lists/"; Dir::State::cdroms "cdroms.list"; Dir::State::mirrors "mirrors/"; Dir::State::extended_states "extended_states"; Dir::State::status "/var/lib/dpkg/status"; Dir::Cache "var/cache/apt/"; Dir::Cache::archives "archives/"; Dir::Cache::srcpkgcache "srcpkgcache.bin"; Dir::Cache::pkgcache "pkgcache.bin"; Dir::Etc "etc/apt/"; Dir::Etc::sourcelist "sources.list"; Dir::Etc::sourceparts "sources.list.d"; Dir::Etc::vendorlist "vendors.list"; Dir::Etc::vendorparts "vendors.list.d"; Dir::Etc::main "apt.conf"; Dir::Etc::netrc "auth.conf"; Dir::Etc::parts "apt.conf.d"; Dir::Etc::preferences "preferences"; Dir::Etc::preferencesparts "preferences.d"; Dir::Etc::trusted "trusted.gpg"; Dir::Etc::trustedparts "trusted.gpg.d"; Dir::Bin ""; Dir::Bin::methods "/usr/lib/apt/methods"; Dir::Bin::dpkg "/usr/bin/dpkg"; Dir::Media ""; Dir::Media::MountPath "/media/apt"; Dir::Log "var/log/apt"; Dir::Log::Terminal "term.log"; Dir::Log::History "history.log"; Dir::Ignore-Files-Silently ""; Dir::Ignore-Files-Silently:: "~$"; Dir::Ignore-Files-Silently:: "\.disabled$"; Dir::Ignore-Files-Silently:: "\.bak$"; Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$"; Unattended-Upgrade
Processed: affects 605731
Processing commands for cont...@bugs.debian.org: > affects 605731 release-notes Bug #605731 [rsync] rsync client can no longer handle rsync:// targets Added indication that 605731 affects release-notes > thanks Stopping processing here. Please contact me if you need assistance. -- 605731: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605731 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: The patch doesn't work fine
Processing commands for cont...@bugs.debian.org: > tags 605507 - patch Bug #605507 [icecast2] icecast2 failed to reinstall/upgrade/purge Removed tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 605507: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605507 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605507: The patch doesn't work fine
tags 605507 - patch thanks Hi, unfortunately, this isn't the solution and the bug is still reproducible. -- Alessio Treglia | www.alessiotreglia.com Debian Developer | ales...@debian.org Ubuntu Core Developer | quadris...@ubuntu.com 0FEC 59A5 E18E E04F 6D40 593B 45D4 8C7C DCFC 3FD0 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#591206: License updated (flvplayer)
Hi, sorry for late replay. Lot of private work ;) >From my side it was all ok. Thanks for the work! regards, Frank Am 30.11.2010 16:25, schrieb Didier 'OdyX' Raboud: > Le Tuesday 23 November 2010 13:15:50 Frank Habermann, vous avez écrit : >> I have contacted moxiecode. The answer for the flv_player.swf is: >> "It was never implemented. We are working on implementing it now though." >> So i think both files can be removed. >> >> regards, >> Frank > > Hi Frank, > > I prepared an NMU for this bug (a simple repack without the two files), and > I'm > just waiting on one of my usual sponsors to pick it up. > > http://alioth.debian.org/~odyx-guest/debian/unstable/tinymce_3.3.8+dfsg0-0.1.dsc > > ^ What do you think ? Can we proceed (to DELAYED/2 e.g.) ? > > Cheers, > > OdyX > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Removal request
Processing commands for cont...@bugs.debian.org: > retitle 605596 RM: brdesktop-artwork-splashy -- RoM; core dependence removed > from squeeze Bug #605596 [brdesktop-artwork-splashy] brdesktop-artwork-splashy: recommends splashy (not in squeeze) Changed Bug title to 'RM: brdesktop-artwork-splashy -- RoM; core dependence removed from squeeze' from 'brdesktop-artwork-splashy: recommends splashy (not in squeeze)' > reassign 605596 ftp.debian.org Bug #605596 [brdesktop-artwork-splashy] RM: brdesktop-artwork-splashy -- RoM; core dependence removed from squeeze Bug reassigned from package 'brdesktop-artwork-splashy' to 'ftp.debian.org'. Bug No longer marked as found in versions brdesktop-artwork/0.7. > -- Stopping processing here. Please contact me if you need assistance. -- 605596: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605596 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605731: rsync client can no longer handle rsync:// targets
On Thu 02 Dec 2010, Zed Pobre wrote: > > The problem resolved down to rsync 3.0.3-2 accepting the following: > > rsync rsync://:: > > and 3.0.7-2 does not. That 3.0.3-2 accepted that syntax was an "undocumented feature". Nowhere in the documentation does it say that it is OK to mix rsync:// and :: notation. In fact, it explicitly states: Contacting an rsync daemon directly happens when the source or destination path contains a double colon (::) separator after a host specification, OR when an rsync:// URL is specified Note the "OR" in capital letters. That said, I agree that it's not nice that rsync has changed what it accepts as an argument. On the other hand I don't think that a change that enforces the documented syntax more strongly, such that unrelated software that used that undocumented syntax is now broken, constitutes a critical bug in rsync. Perhaps a wishlist bug. The real bug is in the software that was written without reading the rsync manual carefully. Paul -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605734: [libgdk-pixbuf2.0-dev] tries to overwrite file owned by gir-repository-dev
Package: libgdk-pixbuf2.0-dev Version: 2.22.1-1 Severity: serious Hello, libgdk-pixbuf2.0-dev tries to overwrite file /usr/share/gir-1.0/GdkPixbuf-2.0.gir owned by gir-repository-dev package, from aptitude output: Unpacking libgdk-pixbuf2.0-dev (from .../libgdk-pixbuf2.0-dev_2.22.1-2_i386.deb) ... dpkg: error processing /var/cache/apt/archives/libgdk-pixbuf2.0-dev_2.22.1-2_i386.deb (--unpack): trying to overwrite '/usr/share/gir-1.0/GdkPixbuf-2.0.gir', which is also in package gir-repository-dev 0.6.5-7 configured to not write apport reports Errors were encountered while processing: /var/cache/apt/archives/libgdk-pixbuf2.0-dev_2.22.1-2_i386.deb thanks, Petr --- System information. --- Architecture: i386 Kernel: Linux 2.6.32-5-686 Debian Release: squeeze/sid 90 experimentalftp.cz.debian.org 600 unstableftp.cz.debian.org 500 unstablewww.debian-multimedia.org 500 unstableunofficial.debian-maintainers.org 500 unstabledeb.opera.com 50 experimentalwww.debian-multimedia.org 5 experimentalhadret.rootnode.net 300 unstablehadret.rootnode.net --- Package information. --- Depends(Version) | Installed -+-== libc6 (>= 2.3.6-6~) | 2.11.2-7 libgdk-pixbuf2.0-0 (= 2.22.1-2) | 2.22.1-2 libglib2.0-0(>= 2.25.15) | 2.27.4-1 libglib2.0-dev | 2.27.4-1 libx11-dev | 2:1.3.3-4 libpng12-dev | 1.2.44-1 Package's Recommends field is empty. Package's Suggests field is empty. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#603841: marked as done (CVE-2010-4173 libsdp: insecure log file handling)
Your message dated Thu, 02 Dec 2010 20:38:02 + with message-id and subject line Bug#603841: fixed in libsdp 1.1.99-2.1 has caused the Debian Bug report #603841, regarding CVE-2010-4173 libsdp: insecure log file handling to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 603841: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603841 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libsdp Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=647941 for details. Please fix this in unstable with an isolated fix and asking release managers for an unblock afterwards. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- Source: libsdp Source-Version: 1.1.99-2.1 We believe that the bug you reported is fixed in the latest version of libsdp, which is due to be installed in the Debian FTP archive: libsdp1_1.1.99-2.1_amd64.deb to main/libs/libsdp/libsdp1_1.1.99-2.1_amd64.deb libsdp_1.1.99-2.1.diff.gz to main/libs/libsdp/libsdp_1.1.99-2.1.diff.gz libsdp_1.1.99-2.1.dsc to main/libs/libsdp/libsdp_1.1.99-2.1.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 603...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alexander Reichle-Schmehl (supplier of updated libsdp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 25 Nov 2010 12:40:59 +0100 Source: libsdp Binary: libsdp1 Architecture: source amd64 Version: 1.1.99-2.1 Distribution: unstable Urgency: low Maintainer: OFED and Debian Developement and Discussion Changed-By: Alexander Reichle-Schmehl Description: libsdp1- Library to allow use of Infiniband Sockets Direct Protocol (SDP) Closes: 603841 Changes: libsdp (1.1.99-2.1) unstable; urgency=low . * Non-maintainer upload. * Apply upstream patch to src/log.c for version 1.1.105 to fix CVE-2010-4173 (Closes: #603841) Checksums-Sha1: acae5b91cd53106401ac19cb0c794a9c8f07d107 1845 libsdp_1.1.99-2.1.dsc 8505ff7e66dc99f343af2558ae040d44d6fc621f 3846 libsdp_1.1.99-2.1.diff.gz 061e0362aefdf897752610e68dd1d6b3b860cb09 38642 libsdp1_1.1.99-2.1_amd64.deb Checksums-Sha256: 80f97bf4d7334ad205b0888b0055cac0fe6f367879d9f5a259738825b8c8519c 1845 libsdp_1.1.99-2.1.dsc aea30f11508109c1df4b12f4e0d0ff8e66e3566762ee08aa65286aa53cc0eb5c 3846 libsdp_1.1.99-2.1.diff.gz 25307fb53ce74c6c3703e66e171e5e1ee6510dd21847b54fe88ae0593a009224 38642 libsdp1_1.1.99-2.1_amd64.deb Files: abe504cb627a7ed578e9ed41767298ae 1845 libs extra libsdp_1.1.99-2.1.dsc f2491de5b4f65668d68df957abf1fc9f 3846 libs extra libsdp_1.1.99-2.1.diff.gz 6adb0b3bc3bb9816ed4cd9ea9eacaacd 38642 libs extra libsdp1_1.1.99-2.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJM7k4qAAoJEMJLZaJnLIsSnWkP/1S13ofmz29dMIHg1VArBtIP SHFoXjPFYoaS+p3S9NIYYiFd5MFQlAnlE0eY1udFv4IouMJeZKjcABMHUrIX0iPy NkoO4Fsa1FAocKZIr0U2RrenXrOaYCLSdfpDdYq0o2Zwv1VNGovv6Jvez9M1FGKc CavpMz7gHblfWq6dpUf4w1XDEbKWhs1xg+DI1f12tkbQVWrQy2fF79sxSz19sbKB 7vlONCA+lKUFqmnlDC/GSMpnRUlWZ7e+4L6r2z3UHk/4N7s+yr9jsBm0BgswTy/h 4xJ8lR3aeha0saO7SqDJG3JmvdaudTVHwug3bJZ+qynD1icQbveopGYLEJBJa5dr PzajR+0MXxqelCWbn7WNkEygYNdN2VVplUWP8bL7fV2hlbB7FVu75Q9KobR88Yaa ZlrtRpm3Iy/2XqqFwDuDBWyS0x+b+NPntIxGa75epyn5707A5+jfpLdEVQEs6IWw 3CSKUBLoNuqTfntJHLubaYRiyx9A7zyGPQZr1v5wn2rMh0cV3O7OjcdIm/02z+Kf WF4ijslZccJOifToTdLeXT7o0QgewcTWFbBhmURJZspGMMOMdGC1tVwKvQi6Fzr6 ZLmUKmxt+m7jBIggfSqv4NCKud6NByXQRRtkq4dgM80iWF+hle3j2fgg8BoAOez8 h3IpQ1iIEVfhKX2Pq34H =Pxu0 -END PGP SIGNATURE- --- End Message ---
Bug#605731: rsync client can no longer handle rsync:// targets
Package: rsync Version: 3.0.7-2 Severity: critical Justification: breaks unrelated software Upgrading to Testing broke my backup scripts (using Duplicity), unrelated software so I'm filing this as critical. The problem resolved down to rsync 3.0.3-2 accepting the following: rsync rsync://:: and 3.0.7-2 does not. Specifically: z...@moebius:/opt/zed> rsync rsync://zp::duplicity backup duplicity dup_moebius z...@moebius:/opt/zed> sudo apt-get -t testing install rsync [...] Preparing to replace rsync 3.0.3-2 (using .../rsync_3.0.7-2_amd64.deb) Unpacking replacement rsync ... Processing triggers for man-db ... Setting up rsync (3.0.7-2) ... [...] z...@moebius:/opt/zed> rsync rsync://zp::duplicity ssh: Could not resolve hostname rsync: Name or service not known rsync: connection unexpectedly closed (0 bytes received so far) [Receiver] rsync error: unexplained error (code 255) at io.c(601) [Receiver=3.0.7] The rsync server is running 3.0.2. I *think* this is just a nasty upstream bug, as I can't find any documentation on this change being deliberate and I can't think of any reason to stop parsing URIs. If it's deliberate, there needs to be a major warning on it, or it should be flagged as breaking Duplicity so people know that they need to either not upgrade or migrate to chrooted SFTP with passwordless keys. -- System Information: Debian Release: 5.0.7 APT prefers stable APT policy: (350, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages rsync depends on: ii base-files 5lenny8 Debian base system miscellaneous f ii libacl1 2.2.47-2 Access control list shared library ii libc6 2.7-18lenny6 GNU C Library: Shared libraries ii libpopt01.16-1 lib for parsing cmdline parameters ii lsb-base3.2-20 Linux Standard Base 3.2 init scrip rsync recommends no packages. Versions of packages rsync suggests: ii openssh-client1:5.1p1-5 secure shell client, an rlogin/rsh ii openssh-server1:5.1p1-5 secure shell server, an rshd repla -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605095: marked as done (CVE-2010-3998)
Your message dated Thu, 02 Dec 2010 20:32:43 + with message-id and subject line Bug#605095: fixed in banshee 1.6.1-1.1 has caused the Debian Bug report #605095, regarding CVE-2010-3998 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: banshee Severity: grave Tags: security Hi, please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3998 for details and a patch. Please upload a targeted fix for Squeeze and not a whole new upstream release. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages banshee depends on: pn gstreamer0.10-gnomevfs (no description available) pn gstreamer0.10-plugins-base (no description available) pn gstreamer0.10-plugins-good (no description available) ii hal 0.5.14-3 Hardware Abstraction Layer pn libboo2.0-cil (no description available) ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libcairo2 1.8.10-6 The Cairo 2D vector graphics libra pn libgconf2.0-cil(no description available) pn libglade2.0-cil(no description available) ii libglib2.0-0 2.24.2-1 The GLib library of C routines pn libglib2.0-cil (no description available) pn libgnome2.0-cil(no description available) ii libgstreamer-plugins-base0.10 0.10.30-1 GStreamer libraries from the "base ii libgstreamer0.10-00.10.30-1 Core GStreamer libraries and eleme ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface pn libgtk2.0-cil (no description available) pn libmono-addins-gui0.2-cil (no description available) pn libmono-addins0.2-cil (no description available) pn libmono-cairo2.0-cil (no description available) pn libmono-corlib2.0-cil (no description available) pn libmono-sharpzip2.84-cil (no description available) pn libmono-sqlite2.0-cil (no description available) pn libmono-system-data2.0-cil (no description available) pn libmono-system-web2.0-cil (no description available) pn libmono-system2.0-cil (no description available) pn libmono2.0-cil (no description available) pn libmtp7(no description available) pn libndesk-dbus-glib1.0-cil (no description available) pn libndesk-dbus1.0-cil (no description available) pn libnotify0.4-cil (no description available) ii libpango1.0-0 1.28.3-1 Layout and rendering of internatio pn libtaglib2.0-cil (no description available) ii libx11-6 2:1.3.3-4 X11 client-side library pn mono-runtime (no description available) Versions of packages banshee recommends: pn brasero(no description available) ii gstreamer0.10-ffmpeg 0.10.10-1 FFmpeg plugin for GStreamer pn gstreamer0.10-plugins-bad (no description available) pn gstreamer0.10-plugins-ugly (no description available) pn podsleuth (no description available) banshee suggests no packages. --- End Message --- --- Begin Message --- Source: banshee Source-Version: 1.6.1-1.1 We believe that the bug you reported is fixed in the latest version of banshee, which is due to be installed in the Debian FTP archive: banshee-dbg_1.6.1-1.1_amd64.deb to main/b/banshee/banshee-dbg_1.6.1-1.1_amd64.deb banshee_1.6.1-1.1.debian.tar.gz to main/b/banshee/banshee_1.6.1-1.1.debian.tar.gz banshee_1.6.1-1.1.dsc to main/b/banshee/banshee_1.6.1-1.1.dsc banshee_1.6.1-1.1_amd64.deb to main/b/banshee/banshee_1.6.1-1.1_amd64.deb monodoc-banshee-manual_1.6.1-1.1_all.deb to main/b/banshee/monodoc-banshee-manual_1.6.1-1.1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen t
Bug#605095: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU version 1.6.1-1.1
Hi! * Chow Loong Jin [101202 21:03]: > Alexander, sorry for the confusion caused. Could you reupload your NMU, then? > I > am currently facing exams at the moment and am not free to do it myself. On it's way (without delayed). Sorry for not checking further the first time, planed to verify it again tomorrow. Best Regards, Alexander signature.asc Description: Digital signature
Bug#603841: CVE-2010-4173 libsdp: insecure log file handling
Hi! * Moritz Muehlenhoff [101202 19:38]: > Alexander already uploaded a fix to DELAYED/10, maybe there's a way to > move this upload to the regular archive faster? Done, rescheduled to 0-day. Best Regards, Alexander signature.asc Description: Digital signature
Bug#493599: pushing udns into squeeze
* Michael Tokarev:
>> udns doesn't handle truncation, so it won't play well with the
>> PowerDNS recursor (which doesn't support EDNS).
>
> One of the limitations of simplicity of design - only one
> socket and it's obviously UDP. With deployment of DNSSEC
> everywhere EDNS support becomes a requiriment, because of
> the size of DNSSEC records, so this problem becomes less
> and less of an issue. Yes I understand this is where
> udns does not conform to standards.
>> The domain name parser triggers undefined behavior for certain inputs
>> because it performs out-of-bound pointer arithmetic. This is unlikely
>> to cause practical problems with current GCC versions (but LTO might
>> change this).
>
> And here goes my main question.
>
> http://www.corpit.ru/mjt/udns_dn.c is the code in question, the
> domain parser. Florian, can you please tell me where do you think
> it performs such oob arith?
I think I was referring to loop exit conditions such as:
while(--s >= (dnscc_t *)addr) {
These are problematic if the compiler can prove that addr does not
point into an array of suitable struct ?_addr objects.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#605095: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU version 1.6.1-1.1
Processing commands for cont...@bugs.debian.org:
> reopen 605095
Bug #605095 {Done: Chow Loong Jin } [banshee] CVE-2010-3998
> kthxbye
Stopping processing here.
Please contact me if you need assistance.
--
605095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605095
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605095: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU version 1.6.1-1.1
reopen 605095
kthxbye
On Friday 03,December,2010 03:47 AM, Adam D. Barratt wrote:
> [...]
> Actually, they're *not* the same; whether the difference is relevant is
> a different question, but there is a difference.
>
> From bash(1):
>
> When not performing substring expansion, using the forms documented
> below, bash tests for a parameter that is unset or null. Omitting the
> colon results in a test only for a parameter that is unset.
>
> and as an example:
>
> a...@hathi:~$ FOO=
> a...@hathi:~$ echo bar${FOO+:$FOO}:baz
> bar::baz
> a...@hathi:~$ echo bar${FOO:+:$FOO}:baz
> bar:baz
I see. Thanks for clarifying this. This would mean that the bug is indeed
present in the package, though confined to a smaller set of affected cases.
Alexander, sorry for the confusion caused. Could you reupload your NMU, then? I
am currently facing exams at the moment and am not free to do it myself.
Thanks again, and sorry for any inconvenience caused.
--
Kind regards,
Loong Jin
signature.asc
Description: OpenPGP digital signature
Bug#605095: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU version 1.6.1-1.1
On Fri, 2010-12-03 at 00:34 +0800, Chow Loong Jin wrote:
> It appears to me that your patch only adds a : to ${var+:$var} to make it
> ${var:+:$var}, but both forms are equivalent, and tested on Ubuntu and
> Debian's
> versions of Bash. Therefore this bug does not exist in Debian, and the patch
> is
> unnecessary. I don't know if Redhat's bug truly exists, or whether it was
> patched without proper verification, though.
Actually, they're *not* the same; whether the difference is relevant is
a different question, but there is a difference.
>From bash(1):
When not performing substring expansion, using the forms documented
below, bash tests for a parameter that is unset or null. Omitting the
colon results in a test only for a parameter that is unset.
and as an example:
a...@hathi:~$ FOO=
a...@hathi:~$ echo bar${FOO+:$FOO}:baz
bar::baz
a...@hathi:~$ echo bar${FOO:+:$FOO}:baz
bar:baz
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604207: Bug#605726: unblock: slurm-llnl/2.1.11-1squeeze2
On Thu, 2010-12-02 at 19:46 +0100, Moritz Muehlenhoff wrote: > slurm-llnl/2.1.11-1squeeze2 fixes #604207. (But the maintainers > for the bug closer). The fix for that bug looks wrong (or at least incomplete) - the report is about a problem purging the package due to ucf not being available and the chosen solution is to add a dependency on ucf; however, as ucf is not essential, the postrm cannot rely on it being available during purge even with the dependency. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#603841: CVE-2010-4173 libsdp: insecure log file handling
On Thu, Dec 02, 2010 at 05:49:35PM +0100, Benoit Mortier wrote: > Le Thursday 25 November 2010 17:51:30 Moritz Muehlenhoff, vous avez > écrit : > > Hi, > > > > On Wed, Nov 17, 2010 at 09:12:26PM +0100, Moritz Muehlenhoff wrote: > > > Package: libsdp > > > Severity: grave > > > Tags: security > > > > > > Please see https://bugzilla.redhat.com/show_bug.cgi?id=647941 > > > for details. > > > > > > Please fix this in unstable with an isolated fix and asking > > > release managers for an unblock afterwards. > > > > I'm attaching the isolated upstream fix, please test and take of > > an upload. > > Thanks for this. > > Will prepare an upload Alexander already uploaded a fix to DELAYED/10, maybe there's a way to move this upload to the regular archive faster? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: add lenny tag to #605484
Processing commands for cont...@bugs.debian.org: > tags 605484 + lenny Bug #605484 [libapache2-mod-fcgid] libapache2-mod-fcgid: stack overwrite vulnerability Added tag(s) lenny. > thanks Stopping processing here. Please contact me if you need assistance. -- 605484: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605155: gquilt: Use of PYTHONPATH env var in an insecure way
On Thu, Dec 02, 2010 at 02:52:26PM +1000, Peter Williams wrote: > A heads up. I'm currently working on a major upgrade to gquilt. Do you > need me to tell me when I do the release? That would be great! Generally I get somehow notified by Debian's upstream-watching scripts, but an extra reminder is probably still useful. I can do a backport of the updated package for squeeze too, so stable users can take advantage of it. Thanks! Christine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605218: [Pkg-ia32-libs-maintainers] Bug#605218: apt-get dist-upgrade fails to install ia32-libs
Hi! Am 02.12.2010 09:17, schrieb Goswin von Brederlow: > It would have been more helpfull for someone to sponsor the already > fixed package on mentors.debian.net. Ping me tomorrow. I'll try to have a look at it. Best regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#591206: marked as done (tinymce: contains Flash files without source code, notably non-free flv_player.swf)
Your message dated Thu, 02 Dec 2010 17:03:53 + with message-id and subject line Bug#591206: fixed in tinymce 3.3.8+dfsg0-0.1 has caused the Debian Bug report #591206, regarding tinymce: contains Flash files without source code, notably non-free flv_player.swf to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 591206: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591206 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tinymce Version: 3.3.8-1 Severity: serious Hi, tinymce ships multiple swf files but does not build them from source. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net --- End Message --- --- Begin Message --- Source: tinymce Source-Version: 3.3.8+dfsg0-0.1 We believe that the bug you reported is fixed in the latest version of tinymce, which is due to be installed in the Debian FTP archive: tinymce_3.3.8+dfsg0-0.1.diff.gz to main/t/tinymce/tinymce_3.3.8+dfsg0-0.1.diff.gz tinymce_3.3.8+dfsg0-0.1.dsc to main/t/tinymce/tinymce_3.3.8+dfsg0-0.1.dsc tinymce_3.3.8+dfsg0-0.1_all.deb to main/t/tinymce/tinymce_3.3.8+dfsg0-0.1_all.deb tinymce_3.3.8+dfsg0.orig.tar.gz to main/t/tinymce/tinymce_3.3.8+dfsg0.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 591...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Didier Raboud (supplier of updated tinymce package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 30 Nov 2010 15:17:50 +0100 Source: tinymce Binary: tinymce Architecture: source all Version: 3.3.8+dfsg0-0.1 Distribution: unstable Urgency: low Maintainer: Frank Habermann Changed-By: Didier Raboud Description: tinymce- platform independent web based Javascript/HTML WYSIWYG editor Closes: 591206 Changes: tinymce (3.3.8+dfsg0-0.1) unstable; urgency=low . * Non-maintainer upload. * Repack upstream tarball to remove the *.swf files (Closes: #591206). Checksums-Sha1: 39fb40a8f652c1ab35d09d73af80471fb00e 1639 tinymce_3.3.8+dfsg0-0.1.dsc 7b5e2d852c200f76a0db8ba7a617386a04517092 570052 tinymce_3.3.8+dfsg0.orig.tar.gz 2ad5a3aa97a1c27dd6ad2858a778adb6bd3d7e4a 3939 tinymce_3.3.8+dfsg0-0.1.diff.gz fa656a22a491678c175d05ed38ea40c4a3ca1268 457456 tinymce_3.3.8+dfsg0-0.1_all.deb Checksums-Sha256: 4d10f95e6720bdbe4a9b25ee692e8abce8d2825addb8f7e379205192609d9004 1639 tinymce_3.3.8+dfsg0-0.1.dsc e3a68eeca979d725ea5759d6e65c3436c61c02bc60c753a989d9d3f672c4e801 570052 tinymce_3.3.8+dfsg0.orig.tar.gz 7f3cdce16df062bd3b6625efe00a26a98521f7451f20b1fb98150e58ef4e7a9c 3939 tinymce_3.3.8+dfsg0-0.1.diff.gz 5fac335f4e7d9d0335bf65eb325e71fe06a2d7ab7f97fe1e9c11db9ef8bd2b54 457456 tinymce_3.3.8+dfsg0-0.1_all.deb Files: 34f95e19cfb7ca9220710c14ac58968c 1639 web optional tinymce_3.3.8+dfsg0-0.1.dsc 98e0dda1480a1cf7899579172b0a2cc0 570052 web optional tinymce_3.3.8+dfsg0.orig.tar.gz 4ab4571dde11209ed0df174d1792aec5 3939 web optional tinymce_3.3.8+dfsg0-0.1.diff.gz c8c49bf54d66b4f2f00596433134a890 457456 web optional tinymce_3.3.8+dfsg0-0.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJM9SlbAAoJEIW5DSNGS43jM/gQAIlFOX4425F8/OY4IARiwV2R 0ZUIUBCaM5zv+csHRn9ohKZN30oVp++2f7f6sko9PqF9Up3PPI7A+0cPtrA+lgc3 3fQMoLBiAdg9X59QjAjB4XsaSQOHTwc+LRHptEQGJ0YEiEetUlbYZTxx2rvRr+Co e4PRsT4waQX7TgicxWZXqxUEf4CcVluYRKK8mbfY+xGin8oE+7Eem9+H7txzSaJM Ay01chuCu+p/kzRdbR02j/pnuZ3QJy9UzFHOfXWx8jRDhG1AtawU/uV44qaU8zPN sUwRgZ8WbjeO/X2Ij5LnHvFwA3s7Hys7KjYr0nh+7p71RG9az/T4+EwZqJxZDh2E 1/VRhtY+GWNUH8VrDgaBFSZnFsd8594Mi0QlKFkg7CFFd0tWfClhBjziSLcb/k4s O1VciGq2OTVPRXev3NZ1C0IXoznbtvS+hyzhG3v8a0wDe+B8HST7xTtm0Xq6yxGf tOBcXNZjFHD5KHAuETpI1ylm2JmqANULW23S2FkcMSvLqq7aBquDG6MDM6tvCRQb HU8dJym9EjZBH8sI/+62LpfnUhJXeAZ3GawHOAROQP5DUDRlqjDEEiDneS/fa8Rr RnnfheQIwcfbhANOGRIAnoFwU0O2bRABxyGhl6K0n889ElLfGpZ4zvOko9sHad2A cw3+MpauAqLcyiTDGvFG =uV3d -END PGP SIGNATURE- --- End Message ---
Bug#605095: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU version 1.6.1-1.1
Hi! Am 02.12.2010 17:34, schrieb Chow Loong Jin: > Could you cancel the upload, please? Done. Best regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#591115: Bug forwarded
Hi! Am 02.12.2010 17:38, schrieb Federico Giménez Nieto: > I don't think it would have been a good idea to keep any of the tests, it > seems that they are randomly failing (perhaps due to a race condition?) even > on i386, see [1] Ah, okay. Than your solution is indeed better :) Best regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605218: [Pkg-ia32-libs-maintainers] Bug#605218: apt-get dist-upgrade fails to install ia32-libs
On Thu, 02 Dec 2010 09:17:30 +0100, Goswin von Brederlow wrote: > Michael Gilbert writes: > > > tag 605218 patch > > thanks > > > > On Wed, Dec 1, 2010 at 4:34 PM, Julien Cristau wrote: > >> On Wed, Dec  1, 2010 at 16:18:54 -0500, Michael Gilbert wrote: > >> > >>> Since ia32-libs-workaround-499043 is a third-party package, this really > >>> isn't Debian's problem. I think that the bug can be safely closed. In > >>> the meantime, this discussion can serve as a record for anyone else who > >>> may have installed the rogue package and run into the problem. > >>> > >> NAK.  If the package was widely documented as the way to get flash on > >> 64bit, then we need to handle the upgrade path, if only by conflicting > >> against it. > > > > Please see attached patch. I've tested that this will successfully > > install the new ia32-libs and remove ia32-libs-workaround-499043 (if > > its installed) in the process. > > > > Mike > > It would have been more helpfull for someone to sponsor the already > fixed package on mentors.debian.net. OK, I'll send an RFS message. Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#603841: CVE-2010-4173 libsdp: insecure log file handling
Le Thursday 25 November 2010 17:51:30 Moritz Muehlenhoff, vous avez écrit : > Hi, > > On Wed, Nov 17, 2010 at 09:12:26PM +0100, Moritz Muehlenhoff wrote: > > Package: libsdp > > Severity: grave > > Tags: security > > > > Please see https://bugzilla.redhat.com/show_bug.cgi?id=647941 > > for details. > > > > Please fix this in unstable with an isolated fix and asking > > release managers for an unblock afterwards. > > I'm attaching the isolated upstream fix, please test and take of > an upload. Thanks for this. Will prepare an upload Cheers -- Benoit Mortier CEO OpenSides "logiciels libres pour entreprises" : http://www.opensides.eu/ Promouvoir et défendre le Logiciel Libre http://www.april.org/ Contributor to Gosa Project : http://gosa-project.org/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#550228: New cyrus 2.[34]?
On Thu, Dec 02, 2010 at 03:52:38PM +0100, Ondřej Surý wrote: > cyrus-imapd-2.4 is sitting in NEW queue. Thank you very much. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 signature.asc Description: Digital signature
Bug#605095: marked as done (CVE-2010-3998)
Your message dated Fri, 03 Dec 2010 00:34:55 +0800
with message-id <4cf7caaf.1060...@gmail.com>
and subject line Re: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU
version 1.6.1-1.1
has caused the Debian Bug report #605095,
regarding CVE-2010-3998
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
605095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605095
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: banshee
Severity: grave
Tags: security
Hi,
please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3998
for details and a patch. Please upload a targeted fix for Squeeze
and not a whole new upstream release.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages banshee depends on:
pn gstreamer0.10-gnomevfs (no description available)
pn gstreamer0.10-plugins-base (no description available)
pn gstreamer0.10-plugins-good (no description available)
ii hal 0.5.14-3 Hardware Abstraction Layer
pn libboo2.0-cil (no description available)
ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib
ii libcairo2 1.8.10-6 The Cairo 2D vector graphics libra
pn libgconf2.0-cil(no description available)
pn libglade2.0-cil(no description available)
ii libglib2.0-0 2.24.2-1 The GLib library of C routines
pn libglib2.0-cil (no description available)
pn libgnome2.0-cil(no description available)
ii libgstreamer-plugins-base0.10 0.10.30-1 GStreamer libraries from the "base
ii libgstreamer0.10-00.10.30-1 Core GStreamer libraries and eleme
ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface
pn libgtk2.0-cil (no description available)
pn libmono-addins-gui0.2-cil (no description available)
pn libmono-addins0.2-cil (no description available)
pn libmono-cairo2.0-cil (no description available)
pn libmono-corlib2.0-cil (no description available)
pn libmono-sharpzip2.84-cil (no description available)
pn libmono-sqlite2.0-cil (no description available)
pn libmono-system-data2.0-cil (no description available)
pn libmono-system-web2.0-cil (no description available)
pn libmono-system2.0-cil (no description available)
pn libmono2.0-cil (no description available)
pn libmtp7(no description available)
pn libndesk-dbus-glib1.0-cil (no description available)
pn libndesk-dbus1.0-cil (no description available)
pn libnotify0.4-cil (no description available)
ii libpango1.0-0 1.28.3-1 Layout and rendering of internatio
pn libtaglib2.0-cil (no description available)
ii libx11-6 2:1.3.3-4 X11 client-side library
pn mono-runtime (no description available)
Versions of packages banshee recommends:
pn brasero(no description available)
ii gstreamer0.10-ffmpeg 0.10.10-1 FFmpeg plugin for GStreamer
pn gstreamer0.10-plugins-bad (no description available)
pn gstreamer0.10-plugins-ugly (no description available)
pn podsleuth (no description available)
banshee suggests no packages.
--- End Message ---
--- Begin Message ---
On Thursday 02,December,2010 11:16 PM, Alexander Reichle-Schmehl wrote:
> tags 605095 + patch
> tags 605095 + pending
> thanks
>
> Dear maintainer,
>
> I've prepared an NMU for banshee (versioned as 1.6.1-1.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Regards.
Hi Alexander,
It appears to me that your patch only adds a : to ${var+:$var} to make it
${var:+:$var}, but both forms are equivalent, and tested on Ubuntu and Debian's
versions of Bash. Therefore this bug does not exist in Debian, and the patch is
unnecessary. I don't know if Redhat's bug truly exists, or whether it was
patched without proper verification, though.
Could you cancel the upload, please?
--
Kind regards,
Loong Jin
signature.asc
Descri
Bug#605095: [pkg-cli-apps-team] Bug#605095: banshee: diff for NMU version 1.6.1-1.1
On Thursday 02,December,2010 11:16 PM, Alexander Reichle-Schmehl wrote:
> tags 605095 + patch
> tags 605095 + pending
> thanks
>
> Dear maintainer,
>
> I've prepared an NMU for banshee (versioned as 1.6.1-1.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Regards.
Hi Alexander,
It appears to me that your patch only adds a : to ${var+:$var} to make it
${var:+:$var}, but both forms are equivalent, and tested on Ubuntu and Debian's
versions of Bash. Therefore this bug does not exist in Debian, and the patch is
unnecessary. I don't know if Redhat's bug truly exists, or whether it was
patched without proper verification, though.
Could you cancel the upload, please?
--
Kind regards,
Loong Jin
signature.asc
Description: OpenPGP digital signature
Bug#591115: Bug forwarded
Hi, 2010/12/1 Alexander Reichle-Schmehl > > Actually I proposed to disable the failing tests, not all of them. But > as a) the package seems to work on AMD64 even though tests fail and b) > Upstream decided to drop all tests, I think it is also okay to disable > all tests for this build, even if it's more than asked for. > > Package uploaded, thanks for "fixing" this bug :) > > You are welcome :) I don't think it would have been a good idea to keep any of the tests, it seems that they are randomly failing (perhaps due to a race condition?) even on i386, see [1] Thanks again for the sponsorship, cheers Federico [1] https://bugs.launchpad.net/ubuntu/+source/doctrine/+bug/683150
Bug#605690: webfs: no /etc/webfsd.conf on new installs
On Thu, Dec 02, 2010 at 05:09:07PM +0100, Mats Erik Andersson wrote: > Why did it work out on kfreebsd-amd64? Because I did it manually > from the command line? Maybe you had a 'ucf' directory in your cwd? (I see 'dpkg -i' doesn't set the cwd to '/' for the maintainer scripts.) Alternatively, is it possible that you aren't really testing with the same binary package that made it into Debian proper? > There will be a new packaging this evening. In my ignorance, I worry > about the version number. Pushing a new version into unstable, while > the present version is never allowed to reach testing, the handling > of this is beyond my experience. No need to worry, just prepare -8 for unstable. It's no problem that testing never sees -7. (That's mostly the point of testing of course - if every unstable upload did reach testing, there wouldn't be much point to it...) Thanks for your work, -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605690: webfs: no /etc/webfsd.conf on new installs
torsdag den 2 december 2010 klockan 15:38 skrev Alexander Reichle-Schmehl detta: > Hi! > > Am 02.12.2010 15:26, schrieb Niko Tyni: > > >>> The conffile modification fix for -7 doesn't actually invoke ucf > >>> to install /etc/webfsd.conf at all: > [..] > >> I just installed webfs_1.21+ds1-7 on a squeeze/kfreebsd-amd64 system > >> that never has seen webfs before. It installed perfectly and get up > >> and running as it should. Similarly, my older test system > >> lenny/linux-i386 also installs the packag perfectly in long > >> runs of purges, installs and possibly upgrades. > > Weird. Does ucf really get run for you? I assume you don't have an > > executable file named "ucf" in the root directory? :) > > Sorry that this slipped through when I reviewed the package for > sponsoring the upload. > > I can reproduce the problem in a clean pbuilder chroot on sid amd64: Why did it work out on kfreebsd-amd64? Because I did it manually from the command line? > > # apt-get install webfs > [..] > Setting up webfs (1.21+ds1-7) ... > > All rc.d operations denied by policy > > invoke-rc.d: policy-rc.d denied execution of start. > # ls /etc/w > ls: cannot access /etc/w: No such file or directory > > # test -x ucf > # echo $? > 1 > # test -x /usr/bin/ucf > # echo $? > 0 Yes, I see the point and I agree. The amusing thing is that my original formulation used the full path in the test clause, as well as in the execution call. Howover, lintian complained about the use of a full path. Then I clumsily removed both of them. There will be a new packaging this evening. In my ignorance, I worry about the version number. Pushing a new version into unstable, while the present version is never allowed to reach testing, the handling of this is beyond my experience. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#526398: [Pkg-sysvinit-devel] Bug#526398: ping
On Thu, 02 Dec 2010, auto19412...@hushmail.com wrote: > Is this bug being kept in Debian Stable (lenny) for a particular > reason? Nobody got around to backporting the fix to stable. NMU patch welcome. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#603861: Further information
The bug was caused by a bogus downstream patch that got imported from Ubuntu, 01_fetchmailconf.patch, that contained a bogus workaround for a different bug. This should never have made it into the package. Note that 01_fetchmailconf.patch and 03_fetchmailconf_python2.6.patch (as of svn://svn.debian.org/pkg-fetchmail/trunk rev 545) are both bogus and should be removed. If any issues remain, then either automake or python are broken. Corresponding downstream Bugs in Ubuntu are: https://bugs.launchpad.net/ubuntu/+source/fetchmail/+bug/669066 https://bugs.launchpad.net/ubuntu/+source/fetchmail/+bug/684228 But it is not to be expected that Ubuntu will see to those in the near future. -- Matthias Andree -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605095: banshee: diff for NMU version 1.6.1-1.1
tags 605095 + patch
tags 605095 + pending
thanks
Dear maintainer,
I've prepared an NMU for banshee (versioned as 1.6.1-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards.
diff -Nru banshee-1.6.1/debian/changelog banshee-1.6.1/debian/changelog
--- banshee-1.6.1/debian/changelog 2010-05-21 11:11:25.0 +0200
+++ banshee-1.6.1/debian/changelog 2010-12-02 16:09:55.0 +0100
@@ -1,3 +1,14 @@
+banshee (1.6.1-1.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Apply security fix for CVE-2010-3998 to fix insecure library loading
+(Closes: #605095)
+ * Thanks to Moritz Muehlenhoff for the pointer and Vincent Danen for the
+patch!
+ * Set urgency to high due to security related RC fix
+
+ -- Alexander Reichle-Schmehl Thu, 02 Dec 2010 16:09:41 +0100
+
banshee (1.6.1-1) unstable; urgency=low
* New bugfix upstream release:
diff -Nru banshee-1.6.1/debian/patches/CVE-2010-3998.patch banshee-1.6.1/debian/patches/CVE-2010-3998.patch
--- banshee-1.6.1/debian/patches/CVE-2010-3998.patch 1970-01-01 01:00:00.0 +0100
+++ banshee-1.6.1/debian/patches/CVE-2010-3998.patch 2010-12-02 16:09:29.0 +0100
@@ -0,0 +1,13 @@
+--- a/src/Clients/Booter/banshee-1.linux.in
b/src/Clients/Booter/banshee-1.linux.in
+@@ -7,8 +7,8 @@ MONO_EXE="@expanded_libdir@/@PACKAGE@/$e
+ BANSHEE_EXEC_NAME=$(basename $0)
+ BANSHEE_CONFIG_DIR="${XDG_CONFIG_HOME:-$HOME/.config}/banshee-1"
+
+-export ld_library_pa...@expanded_libdir@:@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}
+-export gst_plugin_pa...@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH+:$GST_PLUGIN_PATH}
++export ld_library_pa...@expanded_libdir@:@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
++export gst_plugin_pa...@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH:+:$GST_PLUGIN_PATH}
+ if [ $BANSHEE_EXEC_NAME = "muinshee" ]; then
+ BANSHEE_CLIENT="Muinshee"
+ export mono_pa...@expanded_libdir@/@PACKAGE@/Extensions
diff -Nru banshee-1.6.1/debian/patches/series banshee-1.6.1/debian/patches/series
--- banshee-1.6.1/debian/patches/series 2010-05-21 11:01:04.0 +0200
+++ banshee-1.6.1/debian/patches/series 2010-12-02 16:00:21.0 +0100
@@ -1 +1,2 @@
99_ltmain_as-needed.patch
+CVE-2010-3998.patch
Processed: banshee: diff for NMU version 1.6.1-1.1
Processing commands for cont...@bugs.debian.org: > tags 605095 + patch Bug #605095 [banshee] CVE-2010-3998 Added tag(s) patch. > tags 605095 + pending Bug #605095 [banshee] CVE-2010-3998 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 605095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605603: wordpress: Author level SQL injection vulnerability fixed in 3.0.2
On Thu, Dec 02, 2010 at 09:03:00PM +0900, Hideki Yamane wrote:
> tags 605603 patch
> thanks
>
> Hi,
>
> >This looks worthy of an update for squeeze. Note that the other updates
> >in 3.0.2 also include various security hardening issues so it may be
> >most appropriate to upload 3.0.2 itself for squeeze.
>
> However, you know, we are in freeze and 3.0.1 and 3.0.2 diff is about 2000
> lines. In generally, it's too much changes at this time. I hope there is
> someone who can check its worth and benefit and negotiate with release team.
Indeed. I haven't got time to do that right now.
> Anyway, proposed smallest patch to 3.0.1 is below. Please check it.
Your patch doesn't apply; there is some cut and paste whitespace damage.
I've attached a new patch which I've verified builds cleanly (on our
slightly modified package which is deployed on lenny).
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
diff -urN wordpress-3.0.1.orig//debian/patches/fix_SQLinjection_r16625.patch wordpress-3.0.1/debian/patches/fix_SQLinjection_r16625.patch
--- wordpress-3.0.1.orig//debian/patches/fix_SQLinjection_r16625.patch 1970-01-01 01:00:00.0 +0100
+++ wordpress-3.0.1/debian/patches/fix_SQLinjection_r16625.patch 2010-12-02 15:03:22.0 +
@@ -0,0 +1,11 @@
+Index: 3.0/wp-includes/comment.php
+===
+--- 3.0/wp-includes/comment.php (revision 13995)
3.0/wp-includes/comment.php (revision 16625)
+@@ -1655,5 +1655,5 @@
+ $pinged[] = $tb_ping;
+ } else {
+-$wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, '$tb_ping', '')) WHERE ID = %d", $post_id) );
++$wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, '')) WHERE ID = %d", $tb_ping, $post_id) );
+ }
+ }
diff -urN wordpress-3.0.1.orig//debian/patches/series wordpress-3.0.1/debian/patches/series
--- wordpress-3.0.1.orig//debian/patches/series 2010-09-02 09:34:46.0 +0100
+++ wordpress-3.0.1/debian/patches/series 2010-12-02 15:03:45.0 +
@@ -7,3 +7,4 @@
010disabling_update_note.patch
manifest.patch
mu.patch
+fix_SQLinjection_r16625.patch
Bug#550228: New cyrus 2.[34]?
cyrus-imapd-2.4 is sitting in NEW queue. Ondrej On Mon, Nov 22, 2010 at 01:34, brian m. carlson wrote: > Is there any movement on a new Cyrus 2.3 or 2.4 package? This bug has > been open for over a year without a fix. > > My preference is for a cyrus-clients newer than 2.2 (since that's all I > ever use of the suite), especially since that will get rid of the > dependencies on Heimdal. I don't have a huge amount of time right now, > but if there's something you need me to work on or test with > cyrus-clients, I'm happy to do that. > > -- > brian m. carlson / brian with sandals: Houston, Texas, US > +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only > OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (GNU/Linux) > > iQIcBAEBCgAGBQJM6bqnAAoJEL9TXYEfUvaLiwgQAImKJUNFzIIx8/Vei3Cc+62W > PHoBUUYO71hszEfuWbfbnPAZvdnvF9QMsi8CRGYaKG1JLQ9JhVonXLpn+LKSjZGV > bpm2Txnv1Qi0GrWDkUMo6/btoHJT6fwReovYVOQPu4WneTm4kQB/GSTKnhFBR/Cb > oU3sKImBFxGr63lOYafgPv8vfWUnzgWZOA8KlsPggOPhIQ52yzMvNbkHbPp6e7ho > cvMv5N3m7EQPYT7ZOmmTSBvcJaNsk1qqM6x4m7JT5f3ZGgM2SbutRJ4DWUqVdi1i > 0wmZdlyU8Zrm/SxgCnp8XSBwjKQybZdX60/eMiOgGVzFw3LNydxTqbW3jcn1UG5e > ztLzvuSqrwqapENOIGfWjDb1kP5ISynJIG5DuJ26JmS0canh6G8fIrB6+WgLpkPb > KQYU3wTmEGeRpI+V27mOCSQW6AXtTlF1qVRP9N5Hdc8FoRUrnSAjmmv9egBp/H2B > AyuZQQztM8pwzjQ8qfw3XGVfcs5mLXwxMXhmyrbHKwkS96k68wXCNGZ+WWooXheu > 66mLMliz3SiCfuSDnfzHMHhxZ2uFVQvF/RfVYsfrzFLdZQJ8BHKT/5zSnGIeR2iE > AsgHdax9X9btLGIWwHjakM9x2oQIOfPXIGJ3Nz2NRX7KVdlnRdZ98JhBzVOvCawC > SJUckJb0eUKTpuzpFygF > =Cn9X > -END PGP SIGNATURE- > > ___ > Pkg-Cyrus-imapd-Debian-devel mailing list > pkg-cyrus-imapd-debian-de...@lists.alioth.debian.org > http://lists.alioth.debian.org/mailman/listinfo/pkg-cyrus-imapd-debian-devel > -- Ondřej Surý -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#594519: Code audit
Processing commands for cont...@bugs.debian.org: > tags 594519 + patch Bug #594519 [audacious-plugins] multiple copyright problems make software non-redistributable as currently packaged Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 594519: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594519 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605690: webfs: no /etc/webfsd.conf on new installs
Hi! Am 02.12.2010 15:26, schrieb Niko Tyni: >>> The conffile modification fix for -7 doesn't actually invoke ucf >>> to install /etc/webfsd.conf at all: [..] >> I just installed webfs_1.21+ds1-7 on a squeeze/kfreebsd-amd64 system >> that never has seen webfs before. It installed perfectly and get up >> and running as it should. Similarly, my older test system >> lenny/linux-i386 also installs the packag perfectly in long >> runs of purges, installs and possibly upgrades. > Weird. Does ucf really get run for you? I assume you don't have an > executable file named "ucf" in the root directory? :) Sorry that this slipped through when I reviewed the package for sponsoring the upload. I can reproduce the problem in a clean pbuilder chroot on sid amd64: # apt-get install webfs [..] Setting up webfs (1.21+ds1-7) ... All rc.d operations denied by policy invoke-rc.d: policy-rc.d denied execution of start. # ls /etc/w ls: cannot access /etc/w: No such file or directory # test -x ucf # echo $? 1 # test -x /usr/bin/ucf # echo $? 0 I'm still available to sponsor uploads. Best regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#594519: Code audit
tags 594519 + patch thanks I've performed a full source scan, and generated a (pseudo) DEP5 copyright file I attach for your convenience. HTH, -- .''`. : :' : Luca Falavigna `. `' `- Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=135 Name: audacious-plugins Maintainer: Adam Cécile (Le_Vert) Source: http://www.audacious-media-player.org/ Files: * Copyright: 2005-2007 Audacious development team License: BSD-3 Files: scripts/makerelease.sh Copyright: 2007 atheme.org License: MIT Files: src/CoreAudio/* src/crossfade/* src/spectrum/* Copyright: 1998-2000 Peter Alm, Mikael Alm, Olle Hallnas, Thomas Nilsson and 4Front Technologies License: GPL-2+ Files: src/CoreAudio/convert.c src/OSS4/convert.c src/tonegen/* Copyright: 1999-2001 Haavard Kvaalen License: GPL-2+ Files: src/CoreAudio/db* Copyright: 1999, Bob Dean License: GPL-2+ Files: src/OSS*/* src/blur-scope Copyright: 1998-2003 XMMS development team License: GPL-2+ Files: src/aac/* src/cue/* src/ffaudio/* src/gio/* src/kanashi/* src/mms/* src/vfstrace/* Copyright: 2005-2006 William Pitcock License: GPL-2+ Files: src/aac/mp4ff/* Copyright: 2003-2005 M. Bakker, Nero AG, License: GPL-2+ Files: src/adplug/* Copyright: 2002, 2007 Simon Peter Liense: LGPL-2.1+ Files: src/adplug/core/adl.cxx Copyright: 2006 The ScummVM project 2006 Torbjorn Andersson and Johannes Schickel License: GPL-2+ Files: src/adplug/core/adlibemu.* Copyright: 1998-2001 Ken Silverman License: LGPL-2.1+ Files: src/adplug/core/binio-ual.h Copyright: 2006 William Pitcock License: PD Files: src/adplug/core/fmopl.* Copyright: 1999, 2000 Tatsuyuki Satoh License: GPL-2+ Files: src/alarm/* Copyright: Adam Feakin License: GPL-2+ Files: src/amidi-plug/* src/aosd/* src/evdev-plug/* src/jack/* src/statusicon/* Copyright: 2005-2007 Giacomo Lozito License: GPL-2+ Files: src/aosd/ghosd* Copyright: 2006 Evan Martin License: MIT Files: src/bluetooth/* Copyright: 2008 Paula Stanciu License: GPL-3 Files: src/bluetooth/agent.* Copyright: 2008 Paula Stanciu 2005-2008 Marcel Holtmann 2006-2007 Bastien Nocera License: GPL-2+ Files: src/bs2b/* Copyright: 2009, Sebastian Pipping 2009, Tony Vroon 2010, John Lindgren License: GPL-2+ Files: src/cd-menu-items/* Copyright: 2009 John Lindgren License: GPL-2+ Files: src/cdaudio-ng/* Copyright: 2007 Calin Crisan 2009 John Lindgren 2009-2010 Tomasz Moà 2007 Calin Crisan License: GPL-3 Files: src/alsa/* src/compressor/* src/resample/* src/unix-io/* Copyright: 2010 John Lindgren License: BSD-2 Files: src/crystalizer/* Copyright: 2008 William Pitcock 2010 John Lindgren License: MIT Files: src/daap/* Copyright: 2007 Cristi Magherusan License: GPL-2+ Files: src/daap/xmms2-daap/* Copyright: 2006-2007 XMMS2 Team License: GPL-2+ Files: src/daap/xmms2-daap/daap_md5.* Copyright: 2004,2005 Charles Schmidt License: GPL-2+ Files: src/dockalbumart/* Copyright: 2007 William Pitcock License: MIT Files: src/esd/* Copyright: 2003-2004 BMP development team 1999 Galex Yen License: GPL-2+ Files: src/filewriter/* copyright: 2007 Michael Färber 2007 William Pitcock 2002 Lars Siebold 2006-2007 Yoshiki Yazawa License: GPL-2+ Files: src/flacng/* Copyright: 2005 Ralf Ertzinger License: GPL-2+ Files: src/gnomeshortcuts/* src/hotkey/* Copyright: 2007-2008 Sascha Hlusiak License: GPL-2+ Files: src/gntui/* Copyright: 2009 Tomasz Moà License: GPL-3 Files: src/gtkui/* src/lirc/* src/song_change/* Copyright: 2005-2008 Audacious development team. License: GPL-3 Files: src/icecast/* Copyright: 2008 Andrew O. Shadoura 2007 Michael Färber 2002 Lars Siebold 2006-2007 Yoshiki Yaza License: GPL-2+ Files: src/jack/bio2jack.* Copyright: 2003-2006 Chris Morgan License: LGPL-2.1+ Files: src/ladspa/ladspa.c Copyright: 2002,2003 Nick Lamb License: GPL-2+ Files: src/ladspa/ladspa.h Copyright: 2000-2002 Richard W.E. Furse, Paul Barton-Davis, Stefan Westerfeld License: LGPL-2.1+ Files: src/m3u/* src/pls/* Copyright: 2006 William Pitcock, Tony Vroon, George Averill, Giacomo Lozito, Derek Pomery and Yoshiki Yazawa License: GPL-2+ Files: src/madplug/* Copyright: 2005-2009 William Pitcock, Yoshiki Yazawa, John Lindgren License: GPL-2 Files src/metronom/* Copyright: 2000 Martin Strau? License: GPL-2+ Files: src/modplug/* Copyright: Olivier Lapicque Adam Goode License: PD Files: src/modplug/archive/* src/modplug/gui/* Copyright: Kenton Varda License: PD Files: src/modplug/fastmix.cxx Copyright: Olivier Lapicque, Markus Fick License: GPL-2+ Files: src/modplug/midi.h Copyright: 2003-2005 chisel 2005-2006 Mrs. Brisby License: GPL-2+ Files: src/mtp_up/* Copyright: 2007
Bug#605690: webfs: no /etc/webfsd.conf on new installs
On Thu, Dec 02, 2010 at 02:19:00PM +0100, Mats Erik Andersson wrote: > torsdag den 2 december 2010 klockan 14:17 skrev Niko Tyni detta: > > Package: webfs > > Version: 1.21+ds1-7 > > Severity: serious > > > > The conffile modification fix for -7 doesn't actually invoke ucf > > to install /etc/webfsd.conf at all: > > > > + # Register the auto generated configuration file. > > + test -x ucf && \ > > + ucf --three-way --debconf-ok $AUTOCONFFILE $CONFFILE > > + test -x ucfr && \ > > + ucfr webfs $CONFFILE > > > > The test should probably read either "test -x /usr/bin/ucf" or > > "which ucf >/dev/null 2>&1" to actually work. > > I just installed webfs_1.21+ds1-7 on a squeeze/kfreebsd-amd64 system > that never has seen webfs before. It installed perfectly and get up > and running as it should. Similarly, my older test system > lenny/linux-i386 also installs the packag perfectly in long > runs of purges, installs and possibly upgrades. Weird. Does ucf really get run for you? I assume you don't have an executable file named "ucf" in the root directory? :) It's fully reproducible for me, and I also tried a fresh amd64 chroot with the same results. > The new package depends on "ucf" to get the new functionality. > Are you indicating that this is not enough? Do you have "ucf" > present on your test system? The dependency is fine and ucf gets pulled in just like it should, but "test -x ucf" never succeeds for me as it's testing for ucf in the current directory (which I think is always the root directory for the maintainer scripts). Or at least that's how it works here on sid/amd64. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605507: icecast2 failed to reinstall/upgrade/purge
tags 605507 patch thanks Hi, Its prerm script stops icecast daemon but it (maybe) needs more time to affect. I resolved this issue by just adding sleep in my box (i386 sid). Could you try it, please? diff -u icecast2-2.3.2/debian/changelog icecast2-2.3.2/debian/changelog --- icecast2-2.3.2/debian/changelog +++ icecast2-2.3.2/debian/changelog @@ -1,3 +1,10 @@ +icecast2 (2.3.2-5.1) unstable; urgency=low + + * Non-maintainer upload. + * add sleep to avoid deluser returns error when purging (Closes: #605507) + + -- Hideki Yamane Thu, 02 Dec 2010 23:07:56 +0900 + icecast2 (2.3.2-5) unstable; urgency=high * Added patch to fix a memory leak. only in patch2: unchanged: --- icecast2-2.3.2.orig/debian/icecast2.prerm +++ icecast2-2.3.2/debian/icecast2.prerm @@ -0,0 +1,9 @@ +#!/bin/sh +set -e + +#DEBHELPER# + +# avoid "user icecast2 is currently logged in" when purged see Bug#605507 +sleep 1 + +exit 0 -- Regards, Hideki Yamane henrich @ debian.or.jp/org http://wiki.debian.org/HidekiYamane -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: icecast2 failed to reinstall/upgrade/purge
Processing commands for cont...@bugs.debian.org: > tags 605507 patch Bug #605507 [icecast2] icecast2 failed to reinstall/upgrade/purge Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 605507: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605507 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#597102: marked as done (qemubuilder: qemu option -nodefaults requires additional arguments for networking)
Your message dated Thu, 02 Dec 2010 13:47:07 + with message-id and subject line Bug#597102: fixed in cowdancer 0.62+nmu2 has caused the Debian Bug report #597102, regarding qemubuilder: qemu option -nodefaults requires additional arguments for networking to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 597102: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597102 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: qemubuilder Version: 0.62 Severity: normal with bug#591470 being fixed by adding the -nodefaults option to qemu a new bug got introduced being that removing default setting does also disable the default networking interface. nodefaults makes sense in a scripted setup of qemu as in qemubuilder but it requires these two additional arguments for networking to work: -net user -net nic btw: why is the added -nodefaults option that fixed bug#591470 not yet in the sid package? cheers josch --- End Message --- --- Begin Message --- Source: cowdancer Source-Version: 0.62+nmu2 We believe that the bug you reported is fixed in the latest version of cowdancer, which is due to be installed in the Debian FTP archive: cowbuilder_0.62+nmu2_amd64.deb to main/c/cowdancer/cowbuilder_0.62+nmu2_amd64.deb cowdancer_0.62+nmu2.dsc to main/c/cowdancer/cowdancer_0.62+nmu2.dsc cowdancer_0.62+nmu2.tar.gz to main/c/cowdancer/cowdancer_0.62+nmu2.tar.gz cowdancer_0.62+nmu2_amd64.deb to main/c/cowdancer/cowdancer_0.62+nmu2_amd64.deb qemubuilder_0.62+nmu2_amd64.deb to main/c/cowdancer/qemubuilder_0.62+nmu2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 597...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alexander Reichle-Schmehl (supplier of updated cowdancer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 02 Dec 2010 14:11:51 +0100 Source: cowdancer Binary: cowdancer cowbuilder qemubuilder Architecture: source amd64 Version: 0.62+nmu2 Distribution: unstable Urgency: medium Maintainer: Junichi Uekawa Changed-By: Alexander Reichle-Schmehl Description: cowbuilder - pbuilder running on cowdancer cowdancer - Copy-on-write directory tree utility. qemubuilder - pbuilder using QEMU as backend Closes: 597102 Changes: cowdancer (0.62+nmu2) unstable; urgency=medium . * Non-maintainer upload. * Apply patch by Benoît Knecht to add the required additional arguments for networking (Closes: #597102) * Set urgency medium due to RC bug fix Checksums-Sha1: 9de0f4a21ce2c37697eb44ba530ecfa70b2e0b4c 1593 cowdancer_0.62+nmu2.dsc f895f9ac6a24917c71e1b5bc92bc148c4e0085ab 78676 cowdancer_0.62+nmu2.tar.gz 4374214229632605eec5f0b939d9d65408f0da46 34520 cowdancer_0.62+nmu2_amd64.deb 6dd041a575ba88572871270fe41a5e0cfb2be64d 31500 cowbuilder_0.62+nmu2_amd64.deb 22ecef77a2b900e450e1f24ba5f9fc6d2e18f9dd 36400 qemubuilder_0.62+nmu2_amd64.deb Checksums-Sha256: f38b730284f28e69c444f07159bba90bfe4a54b7eee84dc046754d42288178ae 1593 cowdancer_0.62+nmu2.dsc bfcbbd032b3caa7ff9f9aad97bc1e824e2b30722e091401dbc2f07421881bb8e 78676 cowdancer_0.62+nmu2.tar.gz 76d2c68cbafa28600b6994679c472c37d99eac013edd08aa299cd761bbcfd83c 34520 cowdancer_0.62+nmu2_amd64.deb ec156a2cbcf0efa6b38c44ea8f3e3dc73a518eaa55efe7fdb8b20233dab99f91 31500 cowbuilder_0.62+nmu2_amd64.deb 5dc7ceb1ac3dd01c4284658f5271370bd316c69616f5238178f1ee8480e89375 36400 qemubuilder_0.62+nmu2_amd64.deb Files: 930156050f9a6c71e833fa8a9332a33a 1593 utils optional cowdancer_0.62+nmu2.dsc a2150fc19361e92542eb7a154c3f9fc2 78676 utils optional cowdancer_0.62+nmu2.tar.gz cdb97d44aa4afacdc78492bd3e936fc7 34520 utils optional cowdancer_0.62+nmu2_amd64.deb 4023b003a862fccf217c780dc04e331a 31500 utils optional cowbuilder_0.62+nmu2_amd64.deb d8c1cde7135228f3c849f5b604b0411b 36400 utils optional qemubuilder_0.62+nmu2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJM95/5AAoJEMJLZaJnLIsSD6oP/RSxHHJRdyvyYw578HkHdkpk PT3HzpzRSHRNwWgPEdQU4sFkGxJJx1Do4pvsMBZlSe2DuxycViQk2thL3t08sFVt gE3HXAq+cwAT7c1in7ZBVOq1zm/ll/jGxjrsBwtDRENMO/913SU1IibtfICd8YJf L7lDx/Cjs65cYKVedChkKjJrX+js+1Wd5qKDTrjF+3INB8G3UhgB1rI38chp4Wy8 75YdBzuOZmU117yQY8zhlOX60SgT3Yn
Bug#604213: mercurial-server: installation fails with aptitude
On Thu, Dec 2, 2010 at 14:02:27 +0100, Alexander Reichle-Schmehl wrote: > I fail to reproduce this bug. I tried current sid and current squeeze > (which actually means: The very same versions you tried), using apt-get > as well als aptitude. It always got installed and set up without any > errors. I tried my pbuilder chroots as well as installation with on the > fly chroots created by piuparts. > > Looking at the postrm script, I guess the following line must have > caused the error (as everything else doesn't involve python): > > su -c "/usr/share/mercurial-server/init/hginit /usr/share/mercurial-server" hg > > And my first thought was, that this line might need some tighter > dependency mercurial / mercurial-common, but looking at your > installation log, it shows that mercurial-common and mercurial itself > are already installed and configured at that point. > > Can you reproduce this error? > I think this error comes from running python code before the python-support trigger has a chance to run, so adding update-python-modules -p before the call to hginit might be enough for this bug. Note the other RC bug I filed yesterday while looking at this one though. Cheers, Julien signature.asc Description: Digital signature
Bug#604213: mercurial-server: installation fails with aptitude
Hi! On 02/12/2010 14:31, Alexander Reichle-Schmehl wrote: Hi! Am 02.12.2010 14:21, schrieb Mehdi Dogguy: Given that the maintainer is not responding, that the package is not present in Lenny and that it has two RC bugs... maybe it's better to just not ship it in Squeeze? Also note that it's popcon value is rather small. So as a simple RC bug hunter I won't say anything against it's removal from squeeze. I've added a removal hint for it. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604213: mercurial-server: installation fails with aptitude
Hi! Am 02.12.2010 14:21, schrieb Mehdi Dogguy: >> Can you reproduce this error? > I just tried and it fails (on my testing box): [..] Thanks. > but it doesn't fail in a clean sid chroot. Ah, makes it quite hard to debug. I just tried it on some of my real machines, and can reproduce it on one of them. However, purging mercurial-server and reinstalling the package works. Purging all three packages again, and trying to reinstall mercurial-server again leads to this problem. > Given that the maintainer is not responding, that the package is > not present in Lenny and that it has two RC bugs... maybe it's > better to just not ship it in Squeeze? Also note that it's popcon value is rather small. So as a simple RC bug hunter I won't say anything against it's removal from squeeze. Best regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#597102: cowdancer: diff for NMU version 0.62+nmu2
tags 597102 + pending thanks Dear maintainer, I've prepared an NMU for cowdancer (versioned as 0.62+nmu2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Sorry, when preparing the NMU for #564425 I didn't noticed, that it can't migrate as this would introduce #597102. So here I am again :( Regards. diff -Nru cowdancer-0.62+nmu1/debian/changelog cowdancer-0.62+nmu2/debian/changelog --- cowdancer-0.62+nmu1/debian/changelog 2010-11-26 16:18:21.0 +0100 +++ cowdancer-0.62+nmu2/debian/changelog 2010-12-02 14:13:04.0 +0100 @@ -1,3 +1,12 @@ +cowdancer (0.62+nmu2) unstable; urgency=medium + + * Non-maintainer upload. + * Apply patch by Benoît Knecht to add the required additional arguments +for networking (Closes: #597102) + * Set urgency medium due to RC bug fix + + -- Alexander Reichle-Schmehl Thu, 02 Dec 2010 14:11:51 +0100 + cowdancer (0.62+nmu1) unstable; urgency=low * Non-maintainer upload. diff -Nru cowdancer-0.62+nmu1/qemubuilder.c cowdancer-0.62+nmu2/qemubuilder.c --- cowdancer-0.62+nmu1/qemubuilder.c 2010-11-26 16:15:36.0 +0100 +++ cowdancer-0.62+nmu2/qemubuilder.c 2010-12-02 14:13:26.0 +0100 @@ -315,6 +315,10 @@ argv[argc++]=append_command; argv[argc++]="-serial"; argv[argc++]="stdio"; + argv[argc++]="-net"; + argv[argc++]="user"; + argv[argc++]="-net"; + argv[argc++]="nic"; argv[argc]=NULL; assert(argc < MAX_ARGS);
Processed: cowdancer: diff for NMU version 0.62+nmu2
Processing commands for cont...@bugs.debian.org: > tags 597102 + pending Bug #597102 [qemubuilder] qemubuilder: qemu option -nodefaults requires additional arguments for networking Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 597102: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597102 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604213: mercurial-server: installation fails with aptitude
On 02/12/2010 14:02, Alexander Reichle-Schmehl wrote:
Hi!
* Lucas Nussbaum [101121 11:07]:
While testing the installation of all packages in unstable, I ran
into the following problem:
Setting up mercurial-common (1.6.4-1) ...
Setting up mercurial (1.6.4-1) ...
[..]
Setting up mercurial-server (1.0.1-1.1) ...
abort: couldn't find mercurial libraries in [/usr/bin /usr/lib/python2.6
/usr/lib/python2.6/plat-linux2 /usr/lib/python2.6/lib-tk
/usr/lib/python2.6/lib-old /usr/lib/python2.6/lib-dynload
/usr/local/lib/python2.6/dist-packages /usr/lib/python2.6/dist-packages
/usr/lib/pymodules/python2.6]
(check your install and PYTHONPATH)
dpkg: error processing mercurial-server (--configure):
I fail to reproduce this bug. I tried current sid and current squeeze
(which actually means: The very same versions you tried), using apt-get
as well als aptitude. It always got installed and set up without any
errors. I tried my pbuilder chroots as well as installation with on the
fly chroots created by piuparts.
Looking at the postrm script, I guess the following line must have
caused the error (as everything else doesn't involve python):
su -c "/usr/share/mercurial-server/init/hginit /usr/share/mercurial-server" hg
And my first thought was, that this line might need some tighter
dependency mercurial / mercurial-common, but looking at your
installation log, it shows that mercurial-common and mercurial itself
are already installed and configured at that point.
Can you reproduce this error?
I just tried and it fails (on my testing box):
| $ aptitude install mercurial-server
| The following NEW packages will be installed:
| mercurial{a} mercurial-common{a} mercurial-server
| 0 packages upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
| Need to get 1 427 kB of archives. After unpacking 5 784 kB will be used.
| Do you want to continue? [Y/n/?]
| Get:1 ftp://ftp.debian.org/debian/ testing/main mercurial-common all
1.6.4-1 [1 336 kB]
| Get:2 ftp://ftp.debian.org/debian/ testing/main mercurial i386 1.6.4-1
[71,9 kB]
| Get:3 ftp://ftp.debian.org/debian/ testing/main mercurial-server all
1.0.1-1.1 [18,9 kB]
| Fetched 1 427 kB in 1s (1 274 kB/s)
| Preconfiguring packages ...
| Selecting previously deselected package mercurial-common.
| (Reading database ... 304736 files and directories currently installed.)
| Unpacking mercurial-common (from .../mercurial-common_1.6.4-1_all.deb) ...
| Selecting previously deselected package mercurial.
| Unpacking mercurial (from .../mercurial_1.6.4-1_i386.deb) ...
| Selecting previously deselected package mercurial-server.
| Unpacking mercurial-server (from .../mercurial-server_1.0.1-1.1_all.deb) ...
| Processing triggers for man-db ...
| Processing triggers for doc-base ...
| Processing 1 added doc-base file(s)...
| Registering documents with scrollkeeper...
| Setting up mercurial-common (1.6.4-1) ...
| Setting up mercurial (1.6.4-1) ...
|
| Creating config file /etc/mercurial/hgrc.d/hgext.rc with new version
| Setting up mercurial-server (1.0.1-1.1) ...
| abort: couldn't find mercurial libraries in [/usr/bin /usr/lib/python2.6
/usr/lib/python2.6/plat-linux2 /usr/lib/python2.6/lib-tk
/usr/lib/python2.6/lib-old /usr/lib/python2.6/lib-dynload
/usr/local/lib/python2.6/dist-packages /usr/lib/python2.6/dist-packages
/usr/lib/python2.6/dist-packages/PIL
/usr/lib/python2.6/dist-packages/gst-0.10 /usr/lib/pymodules/python2.6
/usr/lib/pymodules/python2.6/gtk-2.0
/usr/lib/python2.6/dist-packages/wx-2.8-gtk2-unicode]
| (check your install and PYTHONPATH)
| dpkg: error processing mercurial-server (--configure):
| subprocess installed post-installation script returned error exit
status 255
| configured to not write apport reports
| Processing triggers for
python-support ...
| Errors were encountered while processing:
| mercurial-server
| E: Sub-process /usr/bin/dpkg returned an error code (1)
| A package failed to install. Trying to recover:
| Setting up mercurial-server (1.0.1-1.1) ...
|
| $ echo $?
| 255
|
but it doesn't fail in a clean sid chroot.
Given that the maintainer is not responding, that the package is
not present in Lenny and that it has two RC bugs... maybe it's
better to just not ship it in Squeeze?
Best Regards,
--
Mehdi Dogguy مهدي الدڤي
http://dogguy.org/
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605690: webfs: no /etc/webfsd.conf on new installs
torsdag den 2 december 2010 klockan 14:17 skrev Niko Tyni detta: > Package: webfs > Version: 1.21+ds1-7 > Severity: serious > > The conffile modification fix for -7 doesn't actually invoke ucf > to install /etc/webfsd.conf at all: > > + # Register the auto generated configuration file. > + test -x ucf && \ > + ucf --three-way --debconf-ok $AUTOCONFFILE $CONFFILE > + test -x ucfr && \ > + ucfr webfs $CONFFILE > > The test should probably read either "test -x /usr/bin/ucf" or > "which ucf >/dev/null 2>&1" to actually work. I just installed webfs_1.21+ds1-7 on a squeeze/kfreebsd-amd64 system that never has seen webfs before. It installed perfectly and get up and running as it should. Similarly, my older test system lenny/linux-i386 also installs the packag perfectly in long runs of purges, installs and possibly upgrades. The new package depends on "ucf" to get the new functionality. Are you indicating that this is not enough? Do you have "ucf" present on your test system? -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604213: mercurial-server: installation fails with aptitude
Hi! * Lucas Nussbaum [101121 11:07]: > While testing the installation of all packages in unstable, I ran > into the following problem: > > Setting up mercurial-common (1.6.4-1) ... > > Setting up mercurial (1.6.4-1) ... [..] > > Setting up mercurial-server (1.0.1-1.1) ... > > abort: couldn't find mercurial libraries in [/usr/bin /usr/lib/python2.6 > > /usr/lib/python2.6/plat-linux2 /usr/lib/python2.6/lib-tk > > /usr/lib/python2.6/lib-old /usr/lib/python2.6/lib-dynload > > /usr/local/lib/python2.6/dist-packages /usr/lib/python2.6/dist-packages > > /usr/lib/pymodules/python2.6] > > (check your install and PYTHONPATH) > > dpkg: error processing mercurial-server (--configure): I fail to reproduce this bug. I tried current sid and current squeeze (which actually means: The very same versions you tried), using apt-get as well als aptitude. It always got installed and set up without any errors. I tried my pbuilder chroots as well as installation with on the fly chroots created by piuparts. Looking at the postrm script, I guess the following line must have caused the error (as everything else doesn't involve python): su -c "/usr/share/mercurial-server/init/hginit /usr/share/mercurial-server" hg And my first thought was, that this line might need some tighter dependency mercurial / mercurial-common, but looking at your installation log, it shows that mercurial-common and mercurial itself are already installed and configured at that point. Can you reproduce this error? Best Regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604233: marked as done (sitebar: start mysqld in postinst without using invoke-rc.d)
Your message dated Thu, 02 Dec 2010 12:47:13 +
with message-id
and subject line Bug#604233: fixed in sitebar 3.3.9-2.2
has caused the Debian Bug report #604233,
regarding sitebar: start mysqld in postinst without using invoke-rc.d
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
604233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604233
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: sitebar
Version: 3.3.9-2.1
Severity: serious
User: debian...@lists.debian.org
Usertags: instest-20101120 instest
Hi,
While testing the installation of all packages in unstable, I ran
into the following problem:
# check to see if mysql is running, start if not
if [ -f /usr/sbin/mysqld ] ; then
mysqld_get_param() {
mysqld --print-defaults | tr " " "\n" | grep -- "--$1" | tail -n 1 |
cut -d= -f2
}
pidfile=`mysqld_get_param pid-file`
ps_alive=0
if [ -f "$pidfile" ] && ps `cat $pidfile` >/dev/null 2>&1; then ps_alive=1;
fi
if [ $ps_alive = 0 ]; then mysqld_safe > /dev/null 2>&1 & fi
fi
You should honor policy-rc.d by using invoke-rc.d.
The full build log is available from:
http://people.debian.org/~lucas/logs/2010/11/20/sitebar.log
It is reproducible by installing your package in a clean chroot, using
the debconf Noninteractive frontend, and priority: critical.
This test was carried out using about 50 AMD64 nodes of the Grid'5000
platform. Internet was not accessible from the nodes.
--
| Lucas Nussbaum
| lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ |
| jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F |
--- End Message ---
--- Begin Message ---
Source: sitebar
Source-Version: 3.3.9-2.2
We believe that the bug you reported is fixed in the latest version of
sitebar, which is due to be installed in the Debian FTP archive:
sitebar_3.3.9-2.2.diff.gz
to main/s/sitebar/sitebar_3.3.9-2.2.diff.gz
sitebar_3.3.9-2.2.dsc
to main/s/sitebar/sitebar_3.3.9-2.2.dsc
sitebar_3.3.9-2.2_all.deb
to main/s/sitebar/sitebar_3.3.9-2.2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 604...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Didier Raboud (supplier of updated sitebar package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 30 Nov 2010 12:28:12 +0100
Source: sitebar
Binary: sitebar
Architecture: source all
Version: 3.3.9-2.2
Distribution: unstable
Urgency: low
Maintainer: Carlos Eduardo Sotelo Pinto (krlos)
Changed-By: Didier Raboud
Description:
sitebar- web based bookmark manager written in PHP
Closes: 604233
Changes:
sitebar (3.3.9-2.2) unstable; urgency=low
.
* Non-maintainer upload.
* debian/postinst: Use the mysql-server status interface and the policy
invoke-rc.d mechanism to launch the mysql server. Also check the existance
of /usr/bin/mysqld_safe instead of /usr/sbin/mysql (from the system server
package). Closes: #604233
Checksums-Sha1:
fcde2447a4e69c8db53b021b5bb8286051e4664e 1661 sitebar_3.3.9-2.2.dsc
c0ced02678f146e6858c71fc6086ecb8ae03c33f 21193 sitebar_3.3.9-2.2.diff.gz
f94b5a4b9ff8bee68ad6c83fc2998f58af9b492f 705820 sitebar_3.3.9-2.2_all.deb
Checksums-Sha256:
a5e3450e2232c4313673c4609c0f6afe2e62ab3d6d0cb4b3fe75531efd06e6fe 1661
sitebar_3.3.9-2.2.dsc
9d5e87c87837aec0957689f68fbe595f17a1a0ef44aa991c58cefae5a9565609 21193
sitebar_3.3.9-2.2.diff.gz
2166ea596a6516e2450d343f85e39f522141cf7737e8f8989ba066d5d3a5610e 705820
sitebar_3.3.9-2.2_all.deb
Files:
cb8adeefeca68fcdea9eca62f963b2ac 1661 web optional sitebar_3.3.9-2.2.dsc
d9459ee66b93ac6b7b8796f87fa3a516 21193 web optional sitebar_3.3.9-2.2.diff.gz
9181b6e61bbd5099a5a48edae6b858e6 705820 web optional sitebar_3.3.9-2.2_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJM9O8IAAoJEIW5DSNGS43jbh4P/0LW6ZCLylrkm+/ZQDVNawx5
yKKUTLgDfRlinY9iPeAf8FH/dMNsP+ihLIUQj50jsQnsznvFTSslxYD+jOEcPnRE
f3/oCEEjiPSZS9yMiT3QdseW+Gu0V0hcqSTbHchjfauG8+T4JBF+H0Cpr5cyjRfd
/9HpweR9tuQVCy8vkNWWtgoGaAqrLHf4RjD0GcLtC5patflz0mcL9Ckyi5k3gq4c
mA5vrwE7I+csyTzFBkVQiDhXn++Z/Bnt0vimbjAYrejKIPmjKnevNOSdzFD/nFm5
T8pTAm8lw6wjXSLWOkuTr/rtzsfQ7VvV4FYhZzX30wu/9ukJkaHdu5Bc7ptAkmlh
/hdUxbT70vvA9Y/H9a
Bug#526398: ping
Is this bug being kept in Debian Stable (lenny) for a particular reason? (Don't you hurry. It makes my installation checklist look professional.) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: snappea: diff for NMU version 3.0d3-20.1
Processing commands for cont...@bugs.debian.org: > tags 605151 + patch Bug #605151 [snappea] snappea: Use of PYTHONPATH env var in an insecure way Added tag(s) patch. > tags 605151 + pending Bug #605151 [snappea] snappea: Use of PYTHONPATH env var in an insecure way Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 605151: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605151 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605151: snappea: diff for NMU version 3.0d3-20.1
tags 605151 + patch
tags 605151 + pending
thanks
Dear maintainer,
I've prepared an NMU for snappea (versioned as 3.0d3-20.1) and
uploaded it to DELAYED/7. Please feel free to tell me if I
should delay it longer.
Regards.
diff -u snappea-3.0d3/SnapPeaPython/snappea snappea-3.0d3/SnapPeaPython/snappea
--- snappea-3.0d3/SnapPeaPython/snappea
+++ snappea-3.0d3/SnapPeaPython/snappea
@@ -3,3 +3,3 @@
export SNAPPEA_PYTHON=/usr/share/snappea/SnapPeaPython
-export PYTHONPATH=/usr/lib/snappea:$SNAPPEA_PYTHON:$PYTHONPATH
+export PYTHONPATH=/usr/lib/snappea:$SNAPPEA_PYTHON${PYTHONPATH:+:$PYTHONPATH}
/usr/bin/python $SNAPPEA_PYTHON/SnapPeaGUI.py
diff -u snappea-3.0d3/SnapPeaPython/snappea-console
snappea-3.0d3/SnapPeaPython/snappea-console
--- snappea-3.0d3/SnapPeaPython/snappea-console
+++ snappea-3.0d3/SnapPeaPython/snappea-console
@@ -3,3 +3,3 @@
export SNAPPEA_PYTHON=/usr/share/snappea/SnapPeaPython
-export PYTHONPATH=/usr/lib/snappea:$SNAPPEA_PYTHON:$PYTHONPATH
+export PYTHONPATH=/usr/lib/snappea:$SNAPPEA_PYTHON${PYTHONPATH:+:$PYTHONPATH}
/usr/bin/python -i $SNAPPEA_PYTHON/SnapPea.py
diff -u snappea-3.0d3/debian/changelog snappea-3.0d3/debian/changelog
--- snappea-3.0d3/debian/changelog
+++ snappea-3.0d3/debian/changelog
@@ -1,3 +1,12 @@
+snappea (3.0d3-20.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Set PYTHONPATH in a secure way. (Closes: #605151)
+ * Change doc-base section to Science/Mathematics.
+ * debian/control: Add ${misc:Depends}.
+
+ -- Ansgar Burchardt Thu, 02 Dec 2010 13:15:42 +0100
+
snappea (3.0d3-20) unstable; urgency=low
* Updated for new debian menu layout. Menu entries have moved from
diff -u snappea-3.0d3/debian/control snappea-3.0d3/debian/control
--- snappea-3.0d3/debian/control
+++ snappea-3.0d3/debian/control
@@ -9,7 +9,7 @@
Package: snappea
Architecture: any
Section: math
-Depends: ${shlibs:Depends}, ${python:Depends}, python-pmw, python-tk
+Depends: ${misc:Depends}, ${shlibs:Depends}, ${python:Depends}, python-pmw,
python-tk
Suggests: regina-normal
Description: a program for creating and studying hyperbolic 3-manifolds
SnapPea is Jeff Weeks' computational tool for mathematicians working in
@@ -21,7 +21,7 @@
Package: snappea-dev
Architecture: any
Section: libdevel
-Depends: snappea (= ${binary:Version}), libc6-dev
+Depends: ${misc:Depends}, snappea (= ${binary:Version}), libc6-dev
Replaces: snappea (<< 3.0d3-10)
Description: development files for SnapPea hyperbolic 3-manifold tool
SnapPea is a computational tool for creating and studying hyperbolic
diff -u snappea-3.0d3/debian/snappea.doc-base
snappea-3.0d3/debian/snappea.doc-base
--- snappea-3.0d3/debian/snappea.doc-base
+++ snappea-3.0d3/debian/snappea.doc-base
@@ -2,7 +2,7 @@
Title: SnapPea Documentation
Author: Jeff Weeks
Abstract: This is the HTML documentation from the SnapPea website.
-Section: Apps/Math
+Section: Science/Mathematics
Format: HTML
Index: /usr/share/doc/snappea/SnapPeaDocs/SnapPeaGUI.html
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605691: webfs: modifies content in /usr/share
Package: webfs Version: 1.21+ds1-7 Severity: serious Justification: FHS violation The conffile modification fix for #603926 uses /usr/share/webfs/webfsd.conf.auto as a working file and modifies it before installing it into /etc. This is a violation of the FHS and fails if /usr is mounted read only. http://www.debian.org/doc/packaging-manuals/fhs/fhs-2.3.html#USRSHAREARCHITECTUREINDEPENDENTDATA Just copying the template into $(mktemp) and modifying it there should be enough to fix this. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605690: webfs: no /etc/webfsd.conf on new installs
Package: webfs Version: 1.21+ds1-7 Severity: serious The conffile modification fix for -7 doesn't actually invoke ucf to install /etc/webfsd.conf at all: + # Register the auto generated configuration file. + test -x ucf && \ + ucf --three-way --debconf-ok $AUTOCONFFILE $CONFFILE + test -x ucfr && \ + ucfr webfs $CONFFILE The test should probably read either "test -x /usr/bin/ucf" or "which ucf >/dev/null 2>&1" to actually work. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605603: wordpress: Author level SQL injection vulnerability fixed in 3.0.2
tags 605603 patch
thanks
Hi,
>This looks worthy of an update for squeeze. Note that the other updates
>in 3.0.2 also include various security hardening issues so it may be
>most appropriate to upload 3.0.2 itself for squeeze.
However, you know, we are in freeze and 3.0.1 and 3.0.2 diff is about 2000
lines. In generally, it's too much changes at this time. I hope there is
someone who can check its worth and benefit and negotiate with release team.
Anyway, proposed smallest patch to 3.0.1 is below. Please check it.
diff -Nru wordpress-3.0.1/debian/changelog wordpress-3.0.1/debian/changelog
--- wordpress-3.0.1/debian/changelog2010-09-02 17:34:46.0 +0900
+++ wordpress-3.0.1/debian/changelog2010-12-02 15:08:22.0 +0900
@@ -1,3 +1,11 @@
+wordpress (3.0.1-2.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * add debian/patches/fix_SQLinjection_r16625.patch from upstream SVN
+to fix vulnerability (Closes: #605603)
+
+ -- Hideki Yamane Thu, 02 Dec 2010 15:06:20 +0900
+
wordpress (3.0.1-2) unstable; urgency=low
* [e8a913f] Remove swfupload.swf from the binary package, as it cannot
diff -Nru wordpress-3.0.1/debian/patches/fix_SQLinjection_r16625.patch
wordpress-3.0.1/debian/patches/fix_SQLinjection_r16625.patch
--- wordpress-3.0.1/debian/patches/fix_SQLinjection_r16625.patch
1970-01-01 09:00:00.0 +0900
+++ wordpress-3.0.1/debian/patches/fix_SQLinjection_r16625.patch
2010-12-02 15:06:03.0 +0900
@@ -0,0 +1,13 @@
+Index: wordpress-3.0.1/wp-includes/comment.php
+===
+--- wordpress-3.0.1.orig/wp-includes/comment.php 2010-12-02
15:05:30.619404571 +0900
wordpress-3.0.1/wp-includes/comment.php2010-12-02 15:05:59.092116965
+0900
+@@ -1654,7 +1654,7 @@
+ trackback($tb_ping, $post_title, $excerpt, $post_id);
+ $pinged[] = $tb_ping;
+ } else {
+- $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping =
TRIM(REPLACE(to_ping, '$tb_ping', ''))
WHERE ID = %d", $post_id) );
++ $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping =
TRIM(REPLACE(to_ping, %s, '')) WHERE ID
= %d", $tb_ping, $post_id) );
+ }
+ }
+ }
diff -Nru wordpress-3.0.1/debian/patches/series
wordpress-3.0.1/debian/patches/series
--- wordpress-3.0.1/debian/patches/series 2010-09-02 17:34:46.0
+0900
+++ wordpress-3.0.1/debian/patches/series 2010-12-02 15:05:22.0
+0900
@@ -7,3 +7,4 @@
010disabling_update_note.patch
manifest.patch
mu.patch
+fix_SQLinjection_r16625.patch
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: wordpress: Author level SQL injection vulnerability fixed in 3.0.2
Processing commands for cont...@bugs.debian.org: > tags 605603 patch Bug #605603 [wordpress] wordpress: Author level SQL injection vulnerability fixed in 3.0.2 Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 605603: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605603 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#559814: hamlib: stable-security fix CVE-2009-3736
Hi, * Kamal Mostafa [2010-12-02 03:07]: > Dear security team- > > I'm the DM maintainer for the package 'hamlib' (I am also currently working > through the of becoming a DD). Regarding this bug (a mass-filed CVE against > libtool): > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559814 > CVE-2009-3736 local privilege escalation > > I fixed this problem for hamlib in unstable (and upstream) some time ago. > I have now constructed a fix package for hamlib in stable, for which I ask > permission to upload to stable-security. The fix package has been > reviewed by Gunnar Wolf, who has kindly agreed to upload it pending > approval. [...] This issue doesn't warrant a DSA. Could you please upload this to stable-proposed-updates[0]? Cheers Nico [0] http://www.debian.org/doc/developers-reference/pkgs.html#upload-stable -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0 For security reasons, all text in this mail is double-rot13 encrypted. pgpc8q2k9BjCt.pgp Description: PGP signature
Processed: fixed 588276 in 0.7.0-2
Processing commands for cont...@bugs.debian.org: > fixed 588276 0.7.0-2 Bug #588276 [libnotify1] libnotify doesn't support notification specs 1.0, breaks some notification daemons Bug #588205 [libnotify1] client throws exception with libnotify 0.5.0 There is no source info for the package 'libnotify1' at version '0.7.0-2' with architecture '' Unable to make a source version for version '0.7.0-2' Bug Marked as fixed in versions 0.7.0-2. Bug Marked as fixed in versions 0.7.0-2. > thanks Stopping processing here. Please contact me if you need assistance. -- 588276: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588276 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#511582: Plan of action ?
Le Thursday 4 November 2010 23:40:39 Moritz Muehlenhoff, vous avez écrit : > On Fri, Sep 03, 2010 at 06:56:04PM +0200, Julien Cristau wrote: > > On Mon, Feb 1, 2010 at 00:51:43 -0500, Daniel Kahn Gillmor wrote: > > > In particular, i'm concerned that this package has a setuid binary, has > > > had only NMUs since 2004, hasn't been reviewed for recent Standards or > > > debhelper versions, and http://bugs.debian.org/511582#30 suggests that > > > the maintainer seems to think that we should move away from the > > > codebase. > > > > > > I'm wondering if we should remove the package from the archive entirely > > > as a result of this review. I'm not comfortable NMUing a package with > > > these outstanding concerns. > > > > In order to remove the package, we'd have to remove its reverse > > dependencies, or change them to not need libopie-dev. According to dak, > > that would be cyrus-sasl2, inetutils and libpam-opie. Is opie an > > optional dependency for those packages (I'm guessing not for > > libpam-opie, no idea for the others)? > > cyrus-sasl2 would need to drop the libsasl2-modules-otp binary package. Hi all, To: Release-Team to get your advice. Assuming that the plan is still to get opie removed from Squeeze (at least), let's try to draw a plan of action towards it. [] A removal bug should be filed against release.d.o (which could serve to keep track of the various things needed for it) [] Reverse Dependencies need to get removed at the same time. This concerns one package: libpam-opie. Removal bug against release.d.o too then. [] Reverse Build-Dependencies need to get fixed or removed, this concerns two other packages: cyrus-sasl2 and cyrus-sasl2-heimdal. This would mean "serious" (above RC) bugs against them. This would basically mean two removals from squeeze and two serious bugs. May I proceed ? Cheers, OdyX -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part.
Processed: Re: Bug#605562: installation-report: Installation from usb stick lead to unbootable system (und unbootable usb stick)
Processing commands for cont...@bugs.debian.org:
> reopen 605562
Bug #605562 {Done: Colin Watson } [grub-installer]
installation-report: Installation from usb stick lead to unbootable system (und
unbootable usb stick)
Bug #568529 {Done: Colin Watson } [grub-installer]
overwrites MBR of installation medium
Bug #579519 {Done: Colin Watson } [grub-installer]
grub-installer - Overwrites bootloaders on different device
Bug #589823 {Done: Colin Watson } [grub-installer]
debian-installer (squeeze alpha): Writes grub on usb-stic with installer
'reopen' may be inappropriate when a bug has been closed with a version;
you may need to use 'found' to remove fixed versions.
> severity 605562 important
Bug #605562 [grub-installer] installation-report: Installation from usb stick
lead to unbootable system (und unbootable usb stick)
Bug #568529 [grub-installer] overwrites MBR of installation medium
Bug #579519 [grub-installer] grub-installer - Overwrites bootloaders on
different device
Bug #589823 [grub-installer] debian-installer (squeeze alpha): Writes grub on
usb-stic with installer
Severity set to 'important' from 'critical'
Severity set to 'important' from 'critical'
Severity set to 'important' from 'critical'
Severity set to 'important' from 'critical'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
605562: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605562: installation-report: Installation from usb stick lead to unbootable system (und unbootable usb stick)
reopen 605562 severity 605562 important thanks Hi again! * Gaudenz Steinlin [101201 11:57]: > > I booted from usb stick (which was presented as /dev/sda) on a hardware > > raid (/dev/sdb). After the system was successfully installed, the > > bootloader was installed to the mbr of /dev/sda (the usb stick), not my > > hard disc (/dev/sdb). > Can you please recheck with a current daily image. I believe this > issue is fixed in grub-installer 1.57. See #568529 (and duplicates) > for more information. > > It would be nice to have a confirmation from you that the issue is > indeed fixed as it does not happen on all systems and is therefore > quite hard to test. Please reopen the bug if it's not fixed on your > hardware. I' sorry, but the problem still remains. I tested with and usb installation using http://d-i.debian.org/daily-images/amd64/daily/hd-media/boot.img.gz (dated 02-Dec-2010 00:22) and http://cdimage.debian.org/cdimage/daily-builds/daily/arch-latest/amd64/iso-cd/debian-testing-amd64-netinst.iso (dated 01-Dec-2010 03:01) I also looked ant the iso image, it does contain grub-installer_1.57, however, grub is still installed on my usb-stick (/dev/sda) not on the hard disk (which is now /dev/sdd; it seems the linux kernel now also sees the real hard drives, not the hardware raid). I saved the contents of /var/log/installer after the installation, but need to recover mu original system for now to do some work. I can put them online in couple of minutes. If there's anything I can do to help / you need to know, please let me know. Best Regards, Alexander PS: Thinking about it... severity serious might be to high, as only certain systems seem to be affected; at least I couldn't reproduce the problem with on other system. signature.asc Description: Digital signature
Bug#602810: marked as done (ia32-libs fails in postinst due to wrong version conditioning prior to dpkg-divert)
Your message dated Thu, 2 Dec 2010 11:17:23 +0100 with message-id <201012021117.25072.did...@raboud.com> and subject line Closing 602810 as mentioned by reporter has caused the Debian Bug report #602810, regarding ia32-libs fails in postinst due to wrong version conditioning prior to dpkg-divert to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 602810: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602810 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ia32-libs Version: 20090808 Severity: serious Tags: patch Justification: Appendix G Hi, on my system I have installed a 3rd party package which adds a diversion like this: $ dpkg-divert --list /usr/bin/ldd diversion of /usr/bin/ldd to /usr/bin/ldd.real by myutils-lddwrapper When installing ia32-libs it fails like this: === The following NEW packages will be installed: ia32-libs 0 packages upgraded, 1 newly installed, 0 to remove and 22 not upgraded. Need to get 0 B/29.1 MB of archives. After unpacking 74.6 MB will be used. Selecting previously deselected package ia32-libs. (Reading database ... 132112 files and directories currently installed.) Unpacking ia32-libs (from .../ia32-libs_20090808_amd64.deb) ... Setting up ia32-libs (20090808) ... dpkg-divert: mismatch on divert-to when removing `diversion of /usr/bin/ldd to /usr/bin/ldd.ia32-libs by ia32-libs' found `diversion of /usr/bin/ldd to /usr/bin/ldd.real by myutils-lddwrapper' dpkg: error processing ia32-libs (--configure): subprocess installed post-installation script returned error exit status 2 configured to not write apport reports Errors were encountered while processing: ia32-libs E: Sub-process /usr/bin/dpkg returned an error code (1) A package failed to install. Trying to recover: Setting up ia32-libs (20090808) ... dpkg-divert: mismatch on divert-to when removing `diversion of /usr/bin/ldd to /usr/bin/ldd.ia32-libs by ia32-libs' found `diversion of /usr/bin/ldd to /usr/bin/ldd.real by myutils-lddwrapper' dpkg: error processing ia32-libs (--configure): subprocess installed post-installation script returned error exit status 2 Errors were encountered while processing: ia32-libs === I tracked down the problem to postinst:26. The operator '<<' treats the in my case empty argument $2 as earlier than 1.5.2, hence the "cleanup code" gets executed by mistake. I suggest the said operator to be changed to 'lt-nl' which in turn treats the empty $2 as "later than 1.5.2" and everything's fine. HTH, cheers, Daniel -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35.7-1-amd64-dhr (SMP w/2 CPU cores) Locale: LANG=en_US.UTF8, LC_CTYPE=en_US.UTF8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages ia32-libs depends on: ii dpkg 1.15.8.5 Debian package management system ii lib32asound2 1.0.23-2.1shared library for ALSA applicatio ii lib32gcc1 1:4.4.5-4 GCC support library (32 bit Versio ii lib32ncurses5 5.7+20100313-4shared libraries for terminal hand ii lib32stdc++6 4.4.5-4 The GNU Standard C++ Library v3 (3 ii lib32z11:1.2.3.4.dfsg-3 compression library - 32 bit runti ii libc6-i386 2.11.2-6+squeeze1 Embedded GNU C Library: 32-bit sha ii lsb-release3.2-23.1 Linux Standard Base version report ia32-libs recommends no packages. Versions of packages ia32-libs suggests: pn ia32-libs-gtk (no description available) -- no debconf information --- End Message --- --- Begin Message --- Version: 20101117 Hi, as the bugreporter mentioned in http://bugs.debian.org/602810#32 , this is fixed in 20101117, hence -done'ing. Cheers, OdyX -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part. --- End Message ---
Bug#605662: upgrade-reports: removing splashy prevents booting (#512951)
Package: upgrade-reports
Severity: critical
Justification: breaks the whole system
Hi there,
I tried to provide this information to #512951 but it was not possible (fixed
and archived since over 1 1/2 years).
during a dist-upgrade from lenny to squeeze I removed (but not purged)
most packages not in squeeze (see #597462: "splashy: Splash screen
prevents gdm3 start").
Because of this I got bitten by #512951 which still is in lenny (lenny is
0.3.13-3). Since it breaks all initscripts ("return: 24: Illegal number:
Starting") and leaves the filesystem ro #512951 should be fixed in lenny, too.
Workaround: booting via live CD and renaming /etc/lsb-base-logging.sh manually.
After that, splashy is still called during startup (initrd?) and causes a
"splashy: 'command not found'" IIRC, but that is less important. Please adress
this, too.
Thanks
Christian Meyer
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#602821: marked as done (empathy: FTBFS: empathy-utils.h:100: error: expected ')' before 'reason')
Your message dated Thu, 2 Dec 2010 10:12:32 +0100 with message-id <20101202101232.5b7ef...@imladris.bigon.be> and subject line Re: empathy: FTBFS: empathy-utils.h:100: error: expected ')' before 'reason' has caused the Debian Bug report #602821, regarding empathy: FTBFS: empathy-utils.h:100: error: expected ')' before 'reason' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 602821: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602821 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: empathy Version: 2.32.0.1-2 Severity: serious > > sbuild (Debian sbuild) 0.60.0 (23 Feb 2010) on porpora.debian.org > > ╔══╗ > ║ empathy 2.32.0.1-2 (powerpc) 07 Nov 2010 > 12:10 ║ > ╚══╝ [...] > /usr/bin/make all-am > make[4]: Entering directory > `/build/buildd-empathy_2.32.0.1-2-powerpc-EnpxGO/empathy-2.32.0.1/libempathy' > \ > # source='empathy-account-settings.c' > object='empathy-account-settings.lo' libtool=yes > /bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. > -Wall -Wdeclaration-after-statement -Wshadow -Wmissing-prototypes > -Wmissing-declarations -I. -I.. -I.. -DDATADIR=\""/usr/share"\" > -DLOCALEDIR=\""/usr/share/locale"\" -DG_LOG_DOMAIN=\"empathy\" -pthread > -DORBIT2=1 -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include > -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include > -I/usr/include/gstreamer-0.10 -I/usr/include/libxml2 -I/usr/include/gee-1.0 > -I/usr/include/telepathy-1.0 -I/usr/include/folks -I/usr/include/gconf/2 > -I/usr/include/orbit-2.0 -I/usr/include/gio-unix-2.0/ > -I/usr/include/gnome-keyring-1 -I/usr/include/telepathy-logger-0.1 -pthread > -I/usr/include/dbus-1.0 -I/usr/include/libxml2 -I/usr/lib/dbus-1.0/include > -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -pthread > -I/usr/include/libnm-glib -I/usr/include/NetworkManager > -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/dbus-1.0 > -I/usr/lib/dbus-1.0/include-g -O2 -g -Wall -O2 -c -o > empathy-account-settings.lo empathy-account-settings.c > libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -Wall > -Wdeclaration-after-statement -Wshadow -Wmissing-prototypes > -Wmissing-declarations -I. -I.. -I.. -DDATADIR=\"/usr/share\" > -DLOCALEDIR=\"/usr/share/locale\" -DG_LOG_DOMAIN=\"empathy\" -pthread > -DORBIT2=1 -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include > -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include > -I/usr/include/gstreamer-0.10 -I/usr/include/libxml2 -I/usr/include/gee-1.0 > -I/usr/include/telepathy-1.0 -I/usr/include/folks -I/usr/include/gconf/2 > -I/usr/include/orbit-2.0 -I/usr/include/gio-unix-2.0/ > -I/usr/include/gnome-keyring-1 -I/usr/include/telepathy-logger-0.1 -pthread > -I/usr/include/dbus-1.0 -I/usr/include/libxml2 -I/usr/lib/dbus-1.0/include > -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -pthread > -I/usr/include/libnm-glib -I/usr/include/NetworkManager > -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/dbus-1.0 > -I/usr/lib/dbus-1.0/include -g -O2 -g -Wall -O2 -c empathy-account-settings.c > -fPIC -DPIC -o .libs/empathy-account-settings.o > In file included from empathy-account-settings.c:32: > empathy-utils.h:100: error: expected ')' before 'reason' > make[4]: *** [empathy-account-settings.lo] Error 1 > make[4]: Leaving directory > `/build/buildd-empathy_2.32.0.1-2-powerpc-EnpxGO/empathy-2.32.0.1/libempathy' > make[3]: *** [all] Error 2 > make[3]: Leaving directory > `/build/buildd-empathy_2.32.0.1-2-powerpc-EnpxGO/empathy-2.32.0.1/libempathy' > make[2]: *** [all-recursive] Error 1 > make[1]: *** [all] Error 2 > make: make[2]: Leaving directory > `/build/buildd-empathy_2.32.0.1-2-powerpc-EnpxGO/empathy-2.32.0.1' > *** [debian/stamp-makefile-build] Error 2 > make[1]: Leaving directory > `/build/buildd-empathy_2.32.0.1-2-powerpc-EnpxGO/empathy-2.32.0.1' > dpkg-buildpackage: error: debian/rules build gave error exit status 2 > > Build finished at 20101107-1217 > FAILED [dpkg-buildpackage died] > > Purging > /var/lib/schroot/mount/sid-experimental-powerpc-sbuild-ae67dfe9-b8dd-43c1-95c5-2aa9ff620f46/build/buildd-empathy_2.32.0.1-2-powerpc-EnpxGO > Not removing build depends: cloned chroot in use > ──
Bug#602609: marked as done (CVE-2010-4008: does not well process a malformed XPATH)
Your message dated Thu, 2 Dec 2010 09:28:25 +0100 with message-id <20101202082825.ga3...@glandium.org> and subject line Properly mark as closed has caused the Debian Bug report #602609, regarding CVE-2010-4008: does not well process a malformed XPATH to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 602609: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libxml2 Version: 2.7.7.dfsg-4 Severity: serious Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, it was discovered that libxml2 does not well process a malformed XPATH, causing crash and allowing arbitrary code execution. Patch: http://git.gnome.org/browse/libxml2/commit/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c http://git.gnome.org/browse/libxml2/commit/?id=ea90b894146030c214a7df6d8375310174f134b9 Cheers, Giuseppe. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkzVVoYACgkQNxpp46476arbpwCeK9pEIv7u4PC+3YAfUO67eADI Ls0An045V3eap6+bhfM88as/0hq+tEqw =ymuH -END PGP SIGNATURE- --- End Message --- --- Begin Message --- --- End Message ---
Processed: found 602609 in 2.6.32.dfsg-5+lenny1, fixed 602609 in 2.6.32.dfsg-5+lenny2
Processing commands for cont...@bugs.debian.org: > found 602609 2.6.32.dfsg-5+lenny1 Bug #602609 [libxml2] CVE-2010-4008: does not well process a malformed XPATH Bug Marked as found in versions libxml2/2.6.32.dfsg-5+lenny1. > fixed 602609 2.6.32.dfsg-5+lenny2 Bug #602609 [libxml2] CVE-2010-4008: does not well process a malformed XPATH There is no source info for the package 'libxml2' at version '2.6.32.dfsg-5+lenny2' with architecture '' Unable to make a source version for version '2.6.32.dfsg-5+lenny2' Bug Marked as fixed in versions 2.6.32.dfsg-5+lenny2. > thanks Stopping processing here. Please contact me if you need assistance. -- 602609: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: tagging 605218
Processing commands for cont...@bugs.debian.org: > tags 605218 + pending Bug #605218 [ia32-libs] apt-get dist-upgrade fails to install ia32-libs since version 20101117 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 605218: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605218 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605218: [Pkg-ia32-libs-maintainers] Bug#605218: apt-get dist-upgrade fails to install ia32-libs
Michael Gilbert writes: > tag 605218 patch > thanks > > On Wed, Dec 1, 2010 at 4:34 PM, Julien Cristau wrote: >> On Wed, Dec  1, 2010 at 16:18:54 -0500, Michael Gilbert wrote: >> >>> Since ia32-libs-workaround-499043 is a third-party package, this really >>> isn't Debian's problem. I think that the bug can be safely closed. In >>> the meantime, this discussion can serve as a record for anyone else who >>> may have installed the rogue package and run into the problem. >>> >> NAK.  If the package was widely documented as the way to get flash on >> 64bit, then we need to handle the upgrade path, if only by conflicting >> against it. > > Please see attached patch. I've tested that this will successfully > install the new ia32-libs and remove ia32-libs-workaround-499043 (if > its installed) in the process. > > Mike It would have been more helpfull for someone to sponsor the already fixed package on mentors.debian.net. MfG Goswin -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
