Processed: tagging 606498
Processing commands for cont...@bugs.debian.org: > tag 606498 + moreinfo unreproducible Bug #606498 [okular] okular: Broken dep with libQTSvg.so Added tag(s) unreproducible and moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 606498: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606498 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604049: linux-image-2.6.32-5-amd64: data corruption with promise stex driver and use of device-mapper layers (lvm/dm-crypt/..)
Am Dienstag, 14. Dezember 2010 schrieb Ben Hutchings: ... > This sounds similar to bug #604457, which should be fixed in version > 2.6.32-29 (now in testing). Can you check whether that version fixes > the bug? don't think so. if you follow the link posted from Ed Lin you will find a patch from Martin K. Petersen (http://marc.info/?l=linux- scsi&m=129114458116271&w=2) if i interpret the last posting from Greg Kroah-Hartman right, he want to apply the patch to the stable kernel series. Regards, msc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#602024: marked as done (monodevelop-nunit: file conflict when upgrading from lenny)
Your message dated Tue, 14 Dec 2010 09:04:01 + with message-id and subject line Bug#602024: fixed in mono 2.6.7-4 has caused the Debian Bug report #602024, regarding monodevelop-nunit: file conflict when upgrading from lenny to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 602024: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602024 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: monodevelop-nunit Version: 2.4+dfsg-3 Severity: serious Installing the package in a lenny chroot, then upgrading to squeeze, causes: Unpacking libmono-cil-dev (from .../libmono-cil-dev_2.6.7-3_all.deb) ... Replacing files in old package libmono-dev ... dpkg: error processing /var/cache/apt/archives/libmono-cil-dev_2.6.7-3_all.deb (--unpack): trying to overwrite '/usr/lib/pkgconfig/mono-nunit.pc', which is also in package libmono-nunit2.2-cil 1.9.1+dfsg-6 configured to not write apport reports Interestingly, it seems to be specific to that upgrade path. - Lucas --- End Message --- --- Begin Message --- Source: mono Source-Version: 2.6.7-4 We believe that the bug you reported is fixed in the latest version of mono, which is due to be installed in the Debian FTP archive: libmono-accessibility1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-accessibility1.0-cil_2.6.7-4_all.deb libmono-accessibility2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-accessibility2.0-cil_2.6.7-4_all.deb libmono-bytefx0.7.6.1-cil_2.6.7-4_all.deb to main/m/mono/libmono-bytefx0.7.6.1-cil_2.6.7-4_all.deb libmono-bytefx0.7.6.2-cil_2.6.7-4_all.deb to main/m/mono/libmono-bytefx0.7.6.2-cil_2.6.7-4_all.deb libmono-c5-1.1-cil_2.6.7-4_all.deb to main/m/mono/libmono-c5-1.1-cil_2.6.7-4_all.deb libmono-cairo1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cairo1.0-cil_2.6.7-4_all.deb libmono-cairo2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cairo2.0-cil_2.6.7-4_all.deb libmono-cecil-private-cil_2.6.7-4_all.deb to main/m/mono/libmono-cecil-private-cil_2.6.7-4_all.deb libmono-cil-dev_2.6.7-4_all.deb to main/m/mono/libmono-cil-dev_2.6.7-4_all.deb libmono-corlib1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-corlib1.0-cil_2.6.7-4_all.deb libmono-corlib2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-corlib2.0-cil_2.6.7-4_all.deb libmono-cscompmgd7.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cscompmgd7.0-cil_2.6.7-4_all.deb libmono-cscompmgd8.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cscompmgd8.0-cil_2.6.7-4_all.deb libmono-data-tds1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data-tds1.0-cil_2.6.7-4_all.deb libmono-data-tds2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data-tds2.0-cil_2.6.7-4_all.deb libmono-data1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data1.0-cil_2.6.7-4_all.deb libmono-data2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data2.0-cil_2.6.7-4_all.deb libmono-db2-1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-db2-1.0-cil_2.6.7-4_all.deb libmono-debugger-soft0.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-debugger-soft0.0-cil_2.6.7-4_all.deb libmono-dev_2.6.7-4_i386.deb to main/m/mono/libmono-dev_2.6.7-4_i386.deb libmono-firebirdsql1.7-cil_2.6.7-4_all.deb to main/m/mono/libmono-firebirdsql1.7-cil_2.6.7-4_all.deb libmono-getoptions1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-getoptions1.0-cil_2.6.7-4_all.deb libmono-getoptions2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-getoptions2.0-cil_2.6.7-4_all.deb libmono-i18n-west1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n-west1.0-cil_2.6.7-4_all.deb libmono-i18n-west2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n-west2.0-cil_2.6.7-4_all.deb libmono-i18n1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n1.0-cil_2.6.7-4_all.deb libmono-i18n2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n2.0-cil_2.6.7-4_all.deb libmono-ldap1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-ldap1.0-cil_2.6.7-4_all.deb libmono-ldap2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-ldap2.0-cil_2.6.7-4_all.deb libmono-management2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-management2.0-cil_2.6.7-4_all.deb libmono-messaging-rabbitmq2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-messaging-rabbitmq2.0-cil_2.6.7-4_all.deb libmono-messaging2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-messaging2.0-cil_2.6.7-4_all.deb libmono-microsoft-build2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-microsoft-build2.0-cil_2.6.7-4_all.deb libmono-microsoft7.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-microsoft7.0-cil_2.6.7-4_all.deb libmono-microsoft8.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-microsoft8.0-cil_2.6
Bug#605097: marked as done (CVE-2010-4159)
Your message dated Tue, 14 Dec 2010 09:04:01 + with message-id and subject line Bug#605097: fixed in mono 2.6.7-4 has caused the Debian Bug report #605097, regarding CVE-2010-4159 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605097: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: mono Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4159 for a description and a link to the upstream patch. Please fix this for Squeeze with an isolated bugfix. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- Source: mono Source-Version: 2.6.7-4 We believe that the bug you reported is fixed in the latest version of mono, which is due to be installed in the Debian FTP archive: libmono-accessibility1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-accessibility1.0-cil_2.6.7-4_all.deb libmono-accessibility2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-accessibility2.0-cil_2.6.7-4_all.deb libmono-bytefx0.7.6.1-cil_2.6.7-4_all.deb to main/m/mono/libmono-bytefx0.7.6.1-cil_2.6.7-4_all.deb libmono-bytefx0.7.6.2-cil_2.6.7-4_all.deb to main/m/mono/libmono-bytefx0.7.6.2-cil_2.6.7-4_all.deb libmono-c5-1.1-cil_2.6.7-4_all.deb to main/m/mono/libmono-c5-1.1-cil_2.6.7-4_all.deb libmono-cairo1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cairo1.0-cil_2.6.7-4_all.deb libmono-cairo2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cairo2.0-cil_2.6.7-4_all.deb libmono-cecil-private-cil_2.6.7-4_all.deb to main/m/mono/libmono-cecil-private-cil_2.6.7-4_all.deb libmono-cil-dev_2.6.7-4_all.deb to main/m/mono/libmono-cil-dev_2.6.7-4_all.deb libmono-corlib1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-corlib1.0-cil_2.6.7-4_all.deb libmono-corlib2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-corlib2.0-cil_2.6.7-4_all.deb libmono-cscompmgd7.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cscompmgd7.0-cil_2.6.7-4_all.deb libmono-cscompmgd8.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-cscompmgd8.0-cil_2.6.7-4_all.deb libmono-data-tds1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data-tds1.0-cil_2.6.7-4_all.deb libmono-data-tds2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data-tds2.0-cil_2.6.7-4_all.deb libmono-data1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data1.0-cil_2.6.7-4_all.deb libmono-data2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-data2.0-cil_2.6.7-4_all.deb libmono-db2-1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-db2-1.0-cil_2.6.7-4_all.deb libmono-debugger-soft0.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-debugger-soft0.0-cil_2.6.7-4_all.deb libmono-dev_2.6.7-4_i386.deb to main/m/mono/libmono-dev_2.6.7-4_i386.deb libmono-firebirdsql1.7-cil_2.6.7-4_all.deb to main/m/mono/libmono-firebirdsql1.7-cil_2.6.7-4_all.deb libmono-getoptions1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-getoptions1.0-cil_2.6.7-4_all.deb libmono-getoptions2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-getoptions2.0-cil_2.6.7-4_all.deb libmono-i18n-west1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n-west1.0-cil_2.6.7-4_all.deb libmono-i18n-west2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n-west2.0-cil_2.6.7-4_all.deb libmono-i18n1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n1.0-cil_2.6.7-4_all.deb libmono-i18n2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-i18n2.0-cil_2.6.7-4_all.deb libmono-ldap1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-ldap1.0-cil_2.6.7-4_all.deb libmono-ldap2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-ldap2.0-cil_2.6.7-4_all.deb libmono-management2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-management2.0-cil_2.6.7-4_all.deb libmono-messaging-rabbitmq2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-messaging-rabbitmq2.0-cil_2.6.7-4_all.deb libmono-messaging2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-messaging2.0-cil_2.6.7-4_all.deb libmono-microsoft-build2.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-microsoft-build2.0-cil_2.6.7-4_all.deb libmono-microsoft7.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-microsoft7.0-cil_2.6.7-4_all.deb libmono-microsoft8.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-microsoft8.0-cil_2.6.7-4_all.deb libmono-npgsql1.0-cil_2.6.7-4_all.deb to main/m/mono/libmono-npgsql1.0-cil_2.6.7-4_all.deb libmono
Bug#606756: [PATCH dash/debian-sid] debian/preinst: Do not error out if files are missing
Adam D. Barratt wrote: > Thanks for this, Jonathan; I have to admit that it didn't occur to me > while tidying up the preinst in -7.3. Yes, I missed it, too. :/ > fwiw, it looks like the postinst > will have the same issue. Good catch. > Let me know if you need a sponsor for an upload fixing this. Thanks. I've put something up at - git://repo.or.cz/dash/debian/jrn.git for-sid - http://mentors.debian.net/debian/pool/main/d/dash/dash_0.5.5.1-7.4.dsc Lightly tested but I probably cannot be trusted at this hour. If you have time to look it over, that would be ideal. Regards, Jonathan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606704: sympa: installation fails
On 12/11/2010 01:41 AM, Lucas Nussbaum wrote: Package: sympa Version: 6.0.1+dfsg-3 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101207 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: [..] + echo Not configuring Web server. Not configuring Web server. + db_get wwsympa/webserver_restart + _db_cmd GET wwsympa/webserver_restart + IFS= printf %s\n GET wwsympa/webserver_restart + IFS= read -r _db_internal_line + RET=true + return 0 + restart=true + [ true = true ] + [ -x /etc/init.d/none ] + su -s /bin/sh -c /usr/lib/sympa/bin/sympa.pl -f /etc/sympa/sympa.conf --prepare_db -l sympa Error at line 180: /etc/sympa/sympa.conf Language::SetLang() Failed to setlocale(en_US) ; you either have a problem with the catalogue .mo files or you should extend available locales in your /etc/locale.gen (or /etc/sysconfig/i18n) file Language::SetLang() Failed to setlocale(en_US) ; you either have a problem with the catalogue .mo files or you should extend available locales in your /etc/locale.gen (or /etc/sysconfig/i18n) file mail::smtpto() Missing Return-Path in mail::smtpto() Configuration file /etc/sympa/sympa.conf has errors. dpkg: error processing sympa (--configure): subprocess installed post-installation script returned error exit status 1 configured to not write apport reports Errors were encountered while processing: sympa E: Sub-process /usr/bin/dpkg returned an error code (1) -- Stopping postgresql anyway: OK Stopping PostgreSQL 8.4 database server: main. -- Stopping mysql anyway: OK Stopping MySQL database server: mysqld. The full build log is available from: http://people.debian.org/~lucas/logs/2010/12/07/sympa.log It is reproducible by installing your package in a clean chroot, using the debconf Noninteractive frontend, and priority: critical. This test was carried out using about 50 AMD64 nodes of the Grid'5000 platform. Internet was not accessible from the nodes. It looks like we have multiple problems here: 1. unattended installation should pick sqlite backend. 2. missing locales 3. error mail::smtpto() Missing Return-Path in mail::smtpto() I could easily reproduce the first problem. Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http://www.icdevgroup.org/ Interchange Development Team -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Raise severity
Processing commands for cont...@bugs.debian.org: > severity 605084 grave Bug #605084 [gaphor] gaphor: Control flows lost in Actions Diagram when opening saved file Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 605084: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605084 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605084: NMU
I've prepared NMU for this bug: http://people.debian.org/~thep/gaphor_0.15.0-1.2.dsc (debdiff attached.) Is it OK to upload? Regards, -- Theppitak Karoonboonyanan http://linux.thai.net/~thep/ nmu.debdiff Description: Binary data
Bug#606282: Needs to link statically with libbfd
Luca Bruno writes: > Brian is completely right on this, and I've just done that. > Anyway, I'm waiting for feedback from Timo, who has submitted a patch > to upstream to ensure compatibility with oue 2.6.32 stock kernel. My emails to de...@ksplice.com seem to persistently bounce with an error from google apps. I am now trying to send from another email address. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606298: marked as done (deal.ii: FTBFS: make[3]: *** No rule to make target `../../common/Make.global_options'. Stop.)
Your message dated Tue, 14 Dec 2010 09:57:41 + with message-id <20101214095741.ga12...@lupin.powdarrmonkey.net> and subject line Re: Bug#606298: deal.ii: FTBFS: make[3]: *** No rule to make target `../../common/Make.global_options'. Stop. has caused the Debian Bug report #606298, regarding deal.ii: FTBFS: make[3]: *** No rule to make target `../../common/Make.global_options'. Stop. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606298: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606298 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: deal.ii Version: 6.3.1-1 Severity: serious Tags: squeeze sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20101207 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: > make[2]: Entering directory > `/build/user-deal.ii_6.3.1-1-amd64-8Kl8kk/deal.ii-6.3.1/doc' > cd doxygen ; rm -f *.tag ; /usr/bin/make > cd development ; /usr/bin/make > sed 's/$(LIBDIR)\/lib/-L$(LIBDIR) -l/' < common/Make.global_options.orig \ > | sed 's/.g$(lib-suffix)/.g/' | sed 's/call$(lib-suffix)/call/' \ > | sed 's/hsl$(lib-suffix)/hsl/' | sed 's/ase$(lib-suffix)/ase/' \ > | sed 's/lac$(lib-suffix)/lac/' | sed 's/_1d$(lib-suffix)/_1d/' \ > | sed 's/_2d$(lib-suffix)/_2d/' | sed 's/_3d$(lib-suffix)/_3d/' \ > > common/Make.global_options > Makefile:5: ../../common/Make.global_options: No such file or directory > make[3]: Entering directory > `/build/user-deal.ii_6.3.1-1-amd64-8Kl8kk/deal.ii-6.3.1/doc/development' > make[3]: *** No rule to make target `../../common/Make.global_options'. Stop. > make[3]: Leaving directory > `/build/user-deal.ii_6.3.1-1-amd64-8Kl8kk/deal.ii-6.3.1/doc/development' > make[2]: *** [development] Error 2 The full build log is available from: http://people.debian.org/~lucas/logs/2010/12/07/deal.ii_6.3.1-1_lsqueeze64.buildlog A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot. Internet was not accessible from the build systems. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | --- End Message --- --- Begin Message --- On Mon, Dec 13, 2010 at 10:36:58AM +0100, Mehdi Dogguy wrote: > The original bugreport said "sid". Did you try to rebuild in sid? (not > sure if it will make a difference here, but who knows :)) The rebuild in a fresh sid chroot also succeeded on amd64. On Mon, Dec 13, 2010 at 11:53:36AM +0100, Lucas Nussbaum wrote: > I don't have the time to work on this bug now, so yes, feel free to > close it if you are confident that it is bogus. As two of us have tried to reproduce it and failed, I will close it for now. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 --- End Message ---
Bug#604925: ITP: openvpn-auth-radius -- OpenVPN RADIUS authentication module
retitle 556460 ITP: openvpn-auth-radius -- OpenVPN RADIUS authentication module owner 556460 ! thanks -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606657: wordpress: diff for NMU version 3.0.3-0.1
tags 606657 + patch
tags 606657 + pending
thanks
Dear maintainer,
I've prepared an NMU for wordpress (versioned as 3.0.3-0.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
I have also worked in your git tree, so if you like I will push the changes
direct to collab-maint.
--
Jonathan Wiltshire (jmw)
diff -Nru wordpress-3.0.2/debian/changelog wordpress-3.0.3/debian/changelog
--- wordpress-3.0.2/debian/changelog2010-12-07 07:44:04.0 +
+++ wordpress-3.0.3/debian/changelog2010-12-14 09:26:30.0 +
@@ -1,3 +1,11 @@
+wordpress (3.0.3-0.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * [d46a19b] Imported Upstream version 3.0.3. This is just a
+security fix (Closes: #606657)
+
+ -- Jonathan Wiltshire Tue, 14 Dec 2010 09:20:13 +
+
wordpress (3.0.2-1) unstable; urgency=high
[ Raphaël Hertzog ]
diff -Nru wordpress-3.0.2/readme.html wordpress-3.0.3/readme.html
--- wordpress-3.0.2/readme.html 2010-11-30 20:18:36.0 +
+++ wordpress-3.0.3/readme.html 2010-12-08 17:50:05.0 +
@@ -8,7 +8,7 @@
http://wordpress.org/";>
-Version 3.0.2
+Version 3.0.3
Semantic Personal Publishing Platform
diff -Nru wordpress-3.0.2/wp-admin/includes/update-core.php
wordpress-3.0.3/wp-admin/includes/update-core.php
--- wordpress-3.0.2/wp-admin/includes/update-core.php 2010-11-30
20:18:36.0 +
+++ wordpress-3.0.3/wp-admin/includes/update-core.php 2010-12-08
17:50:05.0 +
@@ -274,7 +274,7 @@
$mysql_version = $wpdb->db_version();
$required_php_version = '4.3';
$required_mysql_version = '4.1.2';
- $wp_version = '3.0.2';
+ $wp_version = '3.0.3';
$php_compat = version_compare( $php_version, $required_php_version,
'>=' );
$mysql_compat = version_compare( $mysql_version,
$required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
diff -Nru wordpress-3.0.2/wp-includes/version.php
wordpress-3.0.3/wp-includes/version.php
--- wordpress-3.0.2/wp-includes/version.php 2010-11-30 23:14:45.0
+
+++ wordpress-3.0.3/wp-includes/version.php 2010-12-08 17:50:05.0
+
@@ -8,7 +8,7 @@
*
* @global string $wp_version
*/
-$wp_version = '3.0.2';
+$wp_version = '3.0.3';
/**
* Holds the WordPress DB revision, increments when changes are made to the
WordPress DB schema.
diff -Nru wordpress-3.0.2/xmlrpc.php wordpress-3.0.3/xmlrpc.php
--- wordpress-3.0.2/xmlrpc.php 2010-07-14 15:13:17.0 +0100
+++ wordpress-3.0.3/xmlrpc.php 2010-12-08 17:58:35.0 +
@@ -1156,9 +1156,12 @@
do_action('xmlrpc_call', 'wp.deleteComment');
- if ( ! get_comment($comment_ID) )
+ if ( !$comment = get_comment( $comment_ID ) )
return new IXR_Error( 404, __( 'Invalid comment ID.' )
);
+ if ( !current_user_can( 'edit_post', $comment->comment_post_ID
) )
+ return new IXR_Error( 403, __( 'You are not allowed to
moderate comments on this site.' ) );
+
return wp_delete_comment($comment_ID);
}
@@ -1185,11 +1188,14 @@
if ( !current_user_can( 'moderate_comments' ) )
return new IXR_Error( 403, __( 'You are not allowed to
moderate comments on this site.' ) );
- do_action('xmlrpc_call', 'wp.editComment');
-
- if ( ! get_comment($comment_ID) )
+ if ( !$comment = get_comment( $comment_ID ) )
return new IXR_Error( 404, __( 'Invalid comment ID.' )
);
+ if ( !current_user_can( 'edit_post', $comment->comment_post_ID
) )
+ return new IXR_Error( 403, __( 'You are not allowed to
moderate comments on this site.' ) );
+
+ do_action('xmlrpc_call', 'wp.editComment');
+
if ( isset($content_struct['status']) ) {
$statuses = get_comment_statuses();
$statuses = array_keys($statuses);
@@ -1417,7 +1423,7 @@
if ( !$user = $this->login($username, $password) )
return $this->error;
- if ( !current_user_can( 'edit_posts' ) )
+ if ( !current_user_can( 'edit_pages' ) )
return new IXR_Error( 403, __( 'You are not allowed
access to details about this site.' ) );
do_action('xmlrpc_call', 'wp.getPageStatusList');
@@ -1957,7 +1963,7 @@
if ( !$actual_post || $actual_post['post_type'] != 'post' )
return new IXR_Error(404, __('Sorry, no such post.'));
- if ( !current_user_can('edit_post', $post_ID) )
+ if ( !current_user_can('delete_post', $post_ID) )
return new IXR_Error(401, __('Sorry, you do not have
the right to delete this post.'));
$res
Bug#606778: patch proposal
Hi, after a short look I think something like this should help: --- preinst.orig2010-12-14 11:09:41.0 +0100 +++ preinst 2010-12-14 11:10:20.0 +0100 @@ -64,7 +64,7 @@ fi if test -d /var/www/squid-reports; then - mv /var/www/squid-reports/* /var/lib/sarg + test -f /var/www/squid-reports/* && mv /var/www/squid-reports/* /var/lib/sarg rmdir /var/www/squid-reports fi fi Luigi, are you looking after that or should I test it and NMU? Sven -- And I don't know much, but I do know this: With a golden heart comes a rebel fist. [ Streetlight Manifesto - Here's To Life ] -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: wordpress: diff for NMU version 3.0.3-0.1
Processing commands for cont...@bugs.debian.org: > tags 606657 + patch Bug #606657 [wordpress] wordpress: Privilege escalation in posting rights fixed in 3.0.3 Added tag(s) patch. > tags 606657 + pending Bug #606657 [wordpress] wordpress: Privilege escalation in posting rights fixed in 3.0.3 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 606657: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606657 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#592417: [Debian-med-packaging] Bug#592417: [a...@adam-barratt.org.uk: Re: Bug#606911: unblock: mgltools-utpackages/1.5.4.cvs.20100912-1.1]
Hello, thank you all for caring for the mgltools, but I think this is all too late and too uncertain for us to proceed for squeeze. I already got this confirmed by the release managers. We should now bet on backports and I'll have autodocktools and mgltools-* removed from squeeze. This shall a) help us by having only the latest versions of the mgltools with Debian b) prevent us from shipping something that most certainly has more issues, still, than the ones now corrected for. Many greetings Steffen -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605084: NMU
Hi ! Please do. Theppitak Karoonboonyanan a écrit : >I've prepared NMU for this bug: > > http://people.debian.org/~thep/gaphor_0.15.0-1.2.dsc > >(debdiff attached.) > >Is it OK to upload? > >Regards, >-- >Theppitak Karoonboonyanan >http://linux.thai.net/~thep/
Bug#606778: maybee more to do
Hi, while experimenting with my proposed fix I found some other issue with the preinst script. a) If you purge the new package it will leave behind /usr/share/sarg/languages/* unowned by anything. Is this intentional? The 2.3 package doesn't ship these files at all so I guess they should removed at some point. b) In case you switch back for whatever reason to the 2.2.5 package and subsequently try a second time to install the 2.3 package it will fail to move /etc/squid/languages to /usr/share/sarg because there is already a languages directory. Sven -- And I don't know much, but I do know this: With a golden heart comes a rebel fist. [ Streetlight Manifesto - Here's To Life ] -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#551543: remove path when cwd is /tmp/muttprint*
reopen 551543
found 551543 0.73-2.1
thanks
also sprach martin f krafft [2010.06.15.1443 +0200]:
> diff -u /tmp/muttprint =muttprint
> --- /tmp/muttprint 2010-06-15 14:42:37.711037595 +0200
> +++ /usr/bin/muttprint 2010-06-15 14:42:44.591037171 +0200
> @@ -740,6 +740,8 @@
> }
> }
>
> +chdir($ENV{HOME}) || chdir('/');
> +
> ### ENDE
Unfortunately, this does not fix the problem. :(
You also need to chdir() before the exit 1 in the fatalError sub.
However, this also does not get rid of all problems. For instance,
if you set the font to "Latex-bright" but forget to install
texlive-fonts-extra, then muttprint will just exit with exit code 0,
and no message about failure.
--
.''`. martin f. krafft Related projects:
: :' : proud Debian developer http://debiansystem.info
`. `'` http://people.debian.org/~madduckhttp://vcs-pkg.org
`- Debian - when you have better things to do than fixing systems
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)
Processed: Re: Bug#551543: remove path when cwd is /tmp/muttprint*
Processing commands for cont...@bugs.debian.org:
> reopen 551543
Bug #551543 {Done: gregor herrmann } [muttprint] cannot
remove path when cwd is /tmp/muttprint*
'reopen' may be inappropriate when a bug has been closed with a version;
you may need to use 'found' to remove fixed versions.
> found 551543 0.73-2.1
Bug #551543 [muttprint] cannot remove path when cwd is /tmp/muttprint*
Bug Marked as found in versions muttprint/0.73-2.1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
551543: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551543
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605084: marked as done (gaphor: Control flows lost in Actions Diagram when opening saved file)
Your message dated Tue, 14 Dec 2010 11:32:11 + with message-id and subject line Bug#605084: fixed in gaphor 0.15.0-1.2 has caused the Debian Bug report #605084, regarding gaphor: Control flows lost in Actions Diagram when opening saved file to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605084: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605084 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gaphor Version: 0.15.0-1.1 Severity: important When gaphor opens saved file with Actions diagram, all control flow lines are lost. Only nodes like initials, finals, actions are left. When checking the saved file, I find the control flow data are still there. They just disappear from the screen when re-opened. And when saving it again, they will be actually lost. So, I suspect the file reading process has skipped them, or the saved data may be incomplete. The attached files illustrate a minimal case: 1. wo.gaphor is a minimal Actions diagram with only initial and final nodes, *without* the control flow. 2. w.gaphor is the same diagram as in wo.gaphor, *with* a single control flow from initial to final node. The data is there in the saved file, but gets lost when re-opened. 3. w2.gaphor is w.gaphor saved after re-opened. Now the control flow data gets actually lost, and becomes identical to wo.gaphor. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=th_TH.UTF-8, LC_CTYPE=th_TH.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gaphor depends on: ii python2.6.6-3+squeeze1 interactive high-level object-orie ii python-cairo 1.8.8-1+b1 Python bindings for the Cairo vect ii python-gaphas 0.6.0-1diagramming widget ii python-gnome2 2.28.1-1 Python bindings for the GNOME desk ii python-gobject2.21.4+is.2.21.3-1 Python bindings for the GObject li ii python-gtk2 2.17.0-4 Python bindings for the GTK+ widge ii python-pkg-resources 0.6.14-4 Package Discovery and Resource Acc ii python-simplegeneric 0.7-1 Simple generic functions for Pytho ii python-support1.0.11 automated rebuilding support for P ii python-zope.component 3.9.1-1Zope Component Architecture gaphor recommends no packages. gaphor suggests no packages. -- no debconf information http://gaphor.sourceforge.net/model"; version="3.0" gaphor-version="0.15.0"> (1.0, 0.0, 0.0, 1.0, 145.0, 30.0) 20.0 20.0 0 (1.0, 0.0, 0.0, 1.0, 139.0, 96.0) 30.0 30.0 0 http://gaphor.sourceforge.net/model"; version="3.0" gaphor-version="0.15.0"> (1.0, 0.0, 0.0, 1.0, 145.0, 30.0) 20.0 20.0 0 (1.0, 0.0, 0.0, 1.0, 139.0, 96.0) 30.0 30.0 0 0 (1.0, 0.0, 0.0, 1.0, 155.0, 50.0) 0 0 [(0.0, 0.0), (0.0, 46.0)] http://gaphor.sourceforge.net/model"; version="3.0" gaphor-version="0.15.0"> (1.0, 0.0, 0.0, 1.0, 145.0, 30.0) 20.0 20.0 0 (1.0, 0.0, 0.0, 1.0, 139.0, 96.0) 30.0 30.0 0 --- End Message --- --- Begin Message --- Source: gaphor Source-Version: 0.15.0-1.2 We believe that the bug you reported is fixed in the latest version of gaphor, which is due to be installed in the Debian FTP archive: gaphor_0.15.0-1.2.debian.tar.gz to main/g/gaphor/gaphor_0.15.0-1.2.debian.tar.gz gaphor_0.15.0-1.2.dsc to main/g/gaphor/gaphor_0.15.0-1.2.dsc gaphor_0.15.0-1.2_all.deb to main/g/gaphor/gaphor_0.15.0-1.2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Theppitak Karoonboonyanan (supplier of updated gaphor package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 14 Dec 2010 16:20:28 +0700 Source: gaphor Binary: gaphor Architecture: source all Version: 0.15.0-1.2 Distribution: un
Bug#604925: closed by Sam Hartman (Bug#604925: fixed in krb5 1.9+dfsg~beta2-1)
On Sat, Dec 11, 2010 at 01:33:05AM +, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the libgssapi-krb5-2 package: > > #604925: Squeeze krb5 fails to work with Open Directory KDC tickets > > It has been closed by Sam Hartman . I'd like to confirm that the solution indeed solves my issue. After installing the new experimental packages on sequeeze authentication works again. Thank you very much for all the help to work out this issue and especially for finally fixing it. Helmut -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605167: Less hacking patch
tags 605167 + pending thanks === modified file 'debian/changelog' --- gnome-schedule-2.1.1-3/debian/changelog 2010-01-29 11:37:55 + +++ gnome-schedule-2.1.1-3.1/debian/changelog 2010-12-14 01:31:21 + @@ -1,3 +1,10 @@ +gnome-schedule (2.1.1-3.1) unstable; urgency=high + + * Non-maintainer upload. + * Fix setting PYTHONPATH in an insecure way (Closes: #605167): + + -- Dmitrijs Ledkovs Sat, 11 Dec 2010 11:12:35 + + gnome-schedule (2.1.1-3) unstable; urgency=low * Added dpatch to fix exception Syntax error (Closes: #567406) === modified file 'debian/patches/00list' --- gnome-schedule-2.1.1-3/debian/patches/00list2010-01-29 11:37:55 + +++ gnome-schedule-2.1.1-3.1/debian/patches/00list 2010-12-11 10:58:07 + @@ -1,2 +1,3 @@ 03_distclean xwrapper_bug567406 +bug605167-pythonpath.dpatch === added file 'debian/patches/bug605167-pythonpath.dpatch' --- gnome-schedule-2.1.1-3/debian/patches/bug605167-pythonpath.dpatch 1970-01-01 00:00:00 + +++ gnome-schedule-2.1.1-3.1/debian/patches/bug605167-pythonpath.dpatch 2010-12-13 22:29:52 + @@ -0,0 +1,26 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## bug605167_hackish.dpatch by chrysn +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Patch for debian bug #605167. + +...@dpatch@ +--- a/src/config.py.in b/src/config.py.in +@@ -21,7 +21,7 @@ version = "@VERSION@" + image_dir = "@prefix@/share/pixmaps/gnome-schedule" + gs_dir = "@prefix@/share/gnome-schedule" + glade_dir = gs_dir +-xwrapper_exec = "pythonpa...@pythonpath@/gtk-2.0/:$PYTHONPATH @PYTHON@ @prefix@/share/gnome-schedule/xwrapper.py" ++xwrapper_exec = "@PYTHON@ @prefix@/share/gnome-schedule/xwrapper.py" + locale_dir = "@prefix@/share/locale" + crontabbin = "@CRONTAB_CONFIG@" + atbin = "@AT_CONFIG@" +--- a/src/gnome-schedule.in b/src/gnome-schedule.in +@@ -1,2 +1,2 @@ + #! /bin/sh +-pythonpa...@pythonpath@/gtk-2.0/:$PYTHONPATH @PYTHON@ @prefix@/share/gnome-schedule/gnome-schedule.py $1 +...@python@ @prefix@/share/gnome-schedule/gnome-schedule.py $1 + + I will upload Dmitrijs' NMU shortly. -- Jakub Wilk signature.asc Description: Digital signature
Processed: Re: Bug#605167: Less hacking patch
Processing commands for cont...@bugs.debian.org: > tags 605167 + pending Bug #605167 [gnome-schedule] gnome-schedule: Use of PYTHONPATH env var in an insecure way Bug #605169 [gnome-schedule] gnome-schedule: Use of PYTHONPATH env var in an insecure way Added tag(s) pending. Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 605167: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605167 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#593049: oss-gwconnect FTBFS
Comparing with the log of the last successful build of that package on amd64: https://buildd.debian.org/fetch.cgi?pkg=osso-gwconnect&arch=amd64&ver=1.0.12.debian-2&stamp=1280669498&file=log&as=raw The difference starts here: checking CFLAGS for gcc -std=c99... ./configure: line 4052: ac_cv_cflags_gcc_option__std_c99=no, unknown: command not found ./configure: line 4075: ac_cv_cflags_gcc_option__std_c99=-std=c99: command not found ./configure line 4052 looks strange, like an unterminated if statement. Maybe an autoconf issue ? I hope I will have some time this evening to look into this. -Ralf. -- Ralf Treinen Laboratoire Preuves, Programmes et Systèmes Université Paris Diderot, Paris, France. http://www.pps.jussieu.fr/~treinen/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604925: closed by Sam Hartman (Bug#604925: fixed in krb5 1.9+dfsg~beta2-1)
OK, thanks for the confirmation. I'll now work on squeeze. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: your mail
Processing commands for cont...@bugs.debian.org: > tag 606481 + pending Bug #606481 [src:python-peak.util] python-peak.util: missing pointer to upstream sources Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 606481: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606481 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605167: marked as done (gnome-schedule: Use of PYTHONPATH env var in an insecure way)
Your message dated Tue, 14 Dec 2010 12:47:12 +
with message-id
and subject line Bug#605167: fixed in gnome-schedule 2.1.1-3.1
has caused the Debian Bug report #605167,
regarding gnome-schedule: Use of PYTHONPATH env var in an insecure way
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
605167: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605167
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gnome-schedule
Version: 2.1.1-3
Severity: grave
Tags: security
User: debian-pyt...@lists.debian.org
Usertags: pythonpath
Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in
an insecure way. Those packages do something like:
PYTHONPATH=/spam/eggs:$PYTHONPATH
This is wrong, because if PYTHONPATH were originally unset or empty,
current working directory would be added to sys.path.
[1] http://lists.debian.org/debian-python/2010/11/msg00045.html
Your package turns out to have vulnerable scripts in PATH: you can
find a complete log at [2].
[2] http://people.debian.org/~morph/mbf/pythonpath.txt
Some guidelines on how to fix these bugs: in the case given above, you
can use something like
PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH}
(If you don't known this construct, grep for "Use Alternative Value"
in the bash/dash manpage.)
Also, in cases like
PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH
or
PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py
you shouldn't need to touch PYTHONPATH at all.
Feel free to contact debian-pyt...@lists.debian.org in case of
help.
--- End Message ---
--- Begin Message ---
Source: gnome-schedule
Source-Version: 2.1.1-3.1
We believe that the bug you reported is fixed in the latest version of
gnome-schedule, which is due to be installed in the Debian FTP archive:
gnome-schedule_2.1.1-3.1.diff.gz
to main/g/gnome-schedule/gnome-schedule_2.1.1-3.1.diff.gz
gnome-schedule_2.1.1-3.1.dsc
to main/g/gnome-schedule/gnome-schedule_2.1.1-3.1.dsc
gnome-schedule_2.1.1-3.1_i386.deb
to main/g/gnome-schedule/gnome-schedule_2.1.1-3.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 605...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dmitrijs Ledkovs (supplier of updated
gnome-schedule package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 11 Dec 2010 11:12:35 +
Source: gnome-schedule
Binary: gnome-schedule
Architecture: source i386
Version: 2.1.1-3.1
Distribution: unstable
Urgency: high
Maintainer: Alejandro Rios P.
Changed-By: Dmitrijs Ledkovs
Description:
gnome-schedule - GNOME scheduler for automatic tasks
Closes: 605167
Changes:
gnome-schedule (2.1.1-3.1) unstable; urgency=high
.
* Non-maintainer upload.
* Fix setting PYTHONPATH in an insecure way (Closes: #605167):
Checksums-Sha1:
9686fe4cc22f73d0871aa9681a1976b864428a75 1934 gnome-schedule_2.1.1-3.1.dsc
f3efdcff8caa500750a5c21ebcb5b1a940782d7b 30785 gnome-schedule_2.1.1-3.1.diff.gz
70cf1d93c8794785f676a7ceb7d86b2069f98784 1128388
gnome-schedule_2.1.1-3.1_i386.deb
Checksums-Sha256:
fedb2551e76e22c297105827af2b9fdf9eb962f3225665898a90cdd8ea0e223c 1934
gnome-schedule_2.1.1-3.1.dsc
1bc485d58779729749c6fcab2fd6e0bd158a37620a6b6133d38fdbe97a317836 30785
gnome-schedule_2.1.1-3.1.diff.gz
c1cb6f00e025267489878e2389079e66a3fbbd30546a5d3869ce2e86dc92b3ca 1128388
gnome-schedule_2.1.1-3.1_i386.deb
Files:
3c5ef711e82909d62ff1f9fd7abbffa3 1934 gnome optional
gnome-schedule_2.1.1-3.1.dsc
6b157e2c6e09d3fcfb211ab6e21eb3ea 30785 gnome optional
gnome-schedule_2.1.1-3.1.diff.gz
3c6bc0337225b81effba37d5e7ff49e3 1128388 gnome optional
gnome-schedule_2.1.1-3.1_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJNB16xAAoJEC1Os6YBVHX1clAP/3qdtDOsWY1mDFMp4Xs3Ya7v
99MCXLboDNmD7PHHee/FzNk+d+yKPPsEIzA4UqGyL8QO4CXGyNEF3ZoMDgJCAxfr
7zOv1vccgrrNnlAkTRyln+5WJnuqVTPzRpIv0Mi+uw701tyGIMmrvADH0nRrOHa9
9H1hDy50ApGy/W7DDD/JGj78+nz/UnLwbAAu/XcHaMS6rayfnkObUzSeY9KBNYQ1
j7fDEZGpefpgQaE8iOc23IC7e+kwDOw9dxfMAuUPZ1y65O+iQmFrmYSKe7K2VvlO
HcYoRkQqd3srQasutBBU/1RTu1qkQEMIqzKDPsirPCe+S0nCJBZpKfX+BJEpX1EN
Rb1arX6UbR9ey7AX56yQmpWu5zk7G5cnalY80cRcUG7msdQ4u9EiGYwgw1zvQs4w
QnlZ6ON0DIhy
Bug#605169: marked as done (gnome-schedule: Use of PYTHONPATH env var in an insecure way)
Your message dated Tue, 14 Dec 2010 12:47:12 +
with message-id
and subject line Bug#605167: fixed in gnome-schedule 2.1.1-3.1
has caused the Debian Bug report #605167,
regarding gnome-schedule: Use of PYTHONPATH env var in an insecure way
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
605167: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605167
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gnome-schedule
Version: 2.1.1-3
Severity: grave
Tags: security
User: debian-pyt...@lists.debian.org
Usertags: pythonpath
Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in
an insecure way. Those packages do something like:
PYTHONPATH=/spam/eggs:$PYTHONPATH
This is wrong, because if PYTHONPATH were originally unset or empty,
current working directory would be added to sys.path.
[1] http://lists.debian.org/debian-python/2010/11/msg00045.html
Your package turns out to have vulnerable scripts in PATH: you can
find a complete log at [2].
[2] http://people.debian.org/~morph/mbf/pythonpath.txt
Some guidelines on how to fix these bugs: in the case given above, you
can use something like
PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH}
(If you don't known this construct, grep for "Use Alternative Value"
in the bash/dash manpage.)
Also, in cases like
PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH
or
PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py
you shouldn't need to touch PYTHONPATH at all.
Feel free to contact debian-pyt...@lists.debian.org in case of
help.
--- End Message ---
--- Begin Message ---
Source: gnome-schedule
Source-Version: 2.1.1-3.1
We believe that the bug you reported is fixed in the latest version of
gnome-schedule, which is due to be installed in the Debian FTP archive:
gnome-schedule_2.1.1-3.1.diff.gz
to main/g/gnome-schedule/gnome-schedule_2.1.1-3.1.diff.gz
gnome-schedule_2.1.1-3.1.dsc
to main/g/gnome-schedule/gnome-schedule_2.1.1-3.1.dsc
gnome-schedule_2.1.1-3.1_i386.deb
to main/g/gnome-schedule/gnome-schedule_2.1.1-3.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 605...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dmitrijs Ledkovs (supplier of updated
gnome-schedule package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 11 Dec 2010 11:12:35 +
Source: gnome-schedule
Binary: gnome-schedule
Architecture: source i386
Version: 2.1.1-3.1
Distribution: unstable
Urgency: high
Maintainer: Alejandro Rios P.
Changed-By: Dmitrijs Ledkovs
Description:
gnome-schedule - GNOME scheduler for automatic tasks
Closes: 605167
Changes:
gnome-schedule (2.1.1-3.1) unstable; urgency=high
.
* Non-maintainer upload.
* Fix setting PYTHONPATH in an insecure way (Closes: #605167):
Checksums-Sha1:
9686fe4cc22f73d0871aa9681a1976b864428a75 1934 gnome-schedule_2.1.1-3.1.dsc
f3efdcff8caa500750a5c21ebcb5b1a940782d7b 30785 gnome-schedule_2.1.1-3.1.diff.gz
70cf1d93c8794785f676a7ceb7d86b2069f98784 1128388
gnome-schedule_2.1.1-3.1_i386.deb
Checksums-Sha256:
fedb2551e76e22c297105827af2b9fdf9eb962f3225665898a90cdd8ea0e223c 1934
gnome-schedule_2.1.1-3.1.dsc
1bc485d58779729749c6fcab2fd6e0bd158a37620a6b6133d38fdbe97a317836 30785
gnome-schedule_2.1.1-3.1.diff.gz
c1cb6f00e025267489878e2389079e66a3fbbd30546a5d3869ce2e86dc92b3ca 1128388
gnome-schedule_2.1.1-3.1_i386.deb
Files:
3c5ef711e82909d62ff1f9fd7abbffa3 1934 gnome optional
gnome-schedule_2.1.1-3.1.dsc
6b157e2c6e09d3fcfb211ab6e21eb3ea 30785 gnome optional
gnome-schedule_2.1.1-3.1.diff.gz
3c6bc0337225b81effba37d5e7ff49e3 1128388 gnome optional
gnome-schedule_2.1.1-3.1_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJNB16xAAoJEC1Os6YBVHX1clAP/3qdtDOsWY1mDFMp4Xs3Ya7v
99MCXLboDNmD7PHHee/FzNk+d+yKPPsEIzA4UqGyL8QO4CXGyNEF3ZoMDgJCAxfr
7zOv1vccgrrNnlAkTRyln+5WJnuqVTPzRpIv0Mi+uw701tyGIMmrvADH0nRrOHa9
9H1hDy50ApGy/W7DDD/JGj78+nz/UnLwbAAu/XcHaMS6rayfnkObUzSeY9KBNYQ1
j7fDEZGpefpgQaE8iOc23IC7e+kwDOw9dxfMAuUPZ1y65O+iQmFrmYSKe7K2VvlO
HcYoRkQqd3srQasutBBU/1RTu1qkQEMIqzKDPsirPCe+S0nCJBZpKfX+BJEpX1EN
Rb1arX6UbR9ey7AX56yQmpWu5zk7G5cnalY80cRcUG7msdQ4u9EiGYwgw1zvQs4w
QnlZ6ON0DIhy
Bug#606481: python-peak.util: missing pointer to upstream sources
* Stefano Zacchiroli , 2010-12-10, 11:27: You can find attached a patch for this bug. I've not uploaded it, because I didn't have the chance to test a proper package rebuild. I would appreciate if someone from DPMT can have a look at that (possibly even dropping me from Uploaders, as my attention span for tg2 related packages is quite low these days). I commited your patch. I plan to: 1. Remove you from Uploaders. 2. Set Maintainer to Debian QA Group. 3. QA-upload the package. Are you OK with that? -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605136: python-apt: diff for NMU version 0.7.100+nmu1
On Mo, 2010-12-13 at 21:22 +0100, Stefano Zacchiroli wrote: > On Sat, Dec 11, 2010 at 11:46:38PM +0100, Julian Andres Klode wrote: > > > I've prepared an NMU for python-apt (versioned as 0.7.100+nmu1) and > > > uploaded it to DELAYED/2. Please feel free to tell me if I > > > should delay it longer. > > > > People forget things, so remind people. Directly doing an NMU on a bug > > with a single message only (the initial report) is overreaction. Send an > > email, ping us on IRC (#debian-apt), but DO NOT NMU. I appreciate that > > you want to help, but NMU mails just make our both lifes more > > complicated than they have to be. > > I beg to disagree. Please note that what Gregor did is perfectly within > the scope of Developer Reference guidelines for when, how, and which > DELAYED/XX queue to use when doing NMUs [1]. Well, he lost time writing the patch, building the package, and uploading it, and I lost time writing the email (and it was close to midnight). Had I been informed earlier that day, I would have just built and uploaded a new package and been happy about doing useful things. -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604049: linux-image-2.6.32-5-amd64: data corruption with promise stex driver and use of device-mapper layers (lvm/dm-crypt/..)
On Tue, 2010-12-14 at 09:35 +0100, Markus Schulz wrote: > Am Dienstag, 14. Dezember 2010 schrieb Ben Hutchings: > ... > > This sounds similar to bug #604457, which should be fixed in version > > 2.6.32-29 (now in testing). Can you check whether that version fixes > > the bug? > > don't think so. > if you follow the link posted from Ed Lin you will find a patch from > Martin K. Petersen (http://marc.info/?l=linux- > scsi&m=129114458116271&w=2) I only see Ed Lin's patch, and I don't think it is a full solution. Please do try the latest version. > if i interpret the last posting from Greg Kroah-Hartman right, he want > to apply the patch to the stable kernel series. It has to be accepted into Linus's tree first, and that has not yet happened. Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse. signature.asc Description: This is a digitally signed message part
Bug#606786: marked as done (latex209-bin: installation fails)
Your message dated Tue, 14 Dec 2010 13:32:08 + with message-id and subject line Bug#606786: fixed in latex209 25.mar.1992-12.3 has caused the Debian Bug report #606786, regarding latex209-bin: installation fails to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606786: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606786 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: latex209-bin Version: 25.mar.1992-12.2 Severity: serious User: debian...@lists.debian.org Usertags: instest-20101211 instest Hi, While testing the installation of all packages in squeeze, I ran into the following problem: > Reading package lists... > Building dependency tree... > Reading state information... > Starting > Starting 2 > Done > The following NEW packages will be installed: > latex209-bin > 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. > Need to get 4862 B of archives. > After this operation, 61.4 kB of additional disk space will be used. > Get:1 http://localhost/debian/ squeeze/main latex209-bin all 25.mar.1992-12.2 > [4862 B] > Fetched 4862 B in 0s (47.0 kB/s) > Selecting previously deselected package latex209-bin. > (Reading database ... 8757 files and directories currently installed.) > Unpacking latex209-bin (from .../latex209-bin_25.mar.1992-12.2_all.deb) ... > Dpkg hook: enabling sh trace for /var/lib/dpkg/info/latex209-bin.postinst > Dpkg hook: enabling sh trace for /var/lib/dpkg/info/latex209-bin.postrm > Dpkg hook: enabling sh trace for /var/lib/dpkg/info/latex209-bin.prerm > Setting up latex209-bin (25.mar.1992-12.2) ... > + set -e > + update_fmtutil > + d=/etc/texmf/fmt.d > + f=/etc/texmf/fmt.d/25latex209.cnf > + b=/etc/texmf/fmt.d/25latex209.bak > + [ ! -f /etc/texmf/fmt.d/25latex209.cnf ] > + [ -f /etc/texmf/fmt.d/25latex209.bak ] > + cat > + update-fmtutil > + make_format latex209 > + [ -x /usr/bin/fmtutil-sys ] > + UTIL=fmtutil-sys > + target=latex209 > + formats=/var/lib/texmf/web2c/tex > + echo Make the format file of `latex209'. This may take some time. ... > Make the format file of `latex209'. This may take some time. ... > + fmtutil-sys --byfmt latex209 > /usr/bin/fmtutil: 974: /usr/share/texmf/texconfig/tcfmgr: not found > fmtutil: config file `fmtutil.cnf' not found. > + echo The format file of `latex209' is NOT built successfully. > The format file of `latex209' is NOT built successfully. > + exit 1 > dpkg: error processing latex209-bin (--configure): > subprocess installed post-installation script returned error exit status 1 > configured to not write apport reports > Errors were encountered while processing: > latex209-bin > E: Sub-process /usr/bin/dpkg returned an error code (1) The full build log is available from: http://people.debian.org/~lucas/logs/2010/12/11/latex209-bin.log It is reproducible by installing your package in a clean chroot, using the debconf Noninteractive frontend, and priority: critical. This test was carried out using about 50 AMD64 nodes of the Grid'5000 platform. Internet was not accessible from the nodes. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | --- End Message --- --- Begin Message --- Source: latex209 Source-Version: 25.mar.1992-12.3 We believe that the bug you reported is fixed in the latest version of latex209, which is due to be installed in the Debian FTP archive: latex209-base_25.mar.1992-12.3_all.deb to main/l/latex209/latex209-base_25.mar.1992-12.3_all.deb latex209-bin_25.mar.1992-12.3_all.deb to main/l/latex209/latex209-bin_25.mar.1992-12.3_all.deb latex209-src_25.mar.1992-12.3_all.deb to main/l/latex209/latex209-src_25.mar.1992-12.3_all.deb latex209_25.mar.1992-12.3.debian.tar.gz to main/l/latex209/latex209_25.mar.1992-12.3.debian.tar.gz latex209_25.mar.1992-12.3.dsc to main/l/latex209/latex209_25.mar.1992-12.3.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 606...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Hideki Yamane (supplier of updated latex209 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 12 Dec 2010 14:09:49 +0900 Source: latex209 Binar
Bug#607071: octave-symbolic: Segfaults, doesn't work at all
Package: octave-symbolic Version: 1.0.9-1+b1 Severity: grave octave-symbolic is largely unusable. Calling any of its functions other than "sym" results in C++ exceptions like this one: error: T& Array::checkelem (2, -1, 2): range error and eventually the package segfaults Octave. This report is mostly a reminder to myself to either fix the package, or to the release managers to remove this package from squeeze if I don't manage to fix it before then. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages octave-symbolic depends on: ii libatlas3gf-base [libla 3.8.3-27 Automatically Tuned Linear Algebra ii libblas3gf [libblas.so. 1.2-8Basic Linear Algebra Reference imp ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libcln6 1.3.1-2 Class Library for Numbers (C++) ii libfftw3-3 3.2.2-1 library for computing Fast Fourier ii libgcc1 1:4.4.5-6GCC support library ii libgfortran34.4.5-6 Runtime library for GNU Fortran ap ii libginac1.5 1.5.8-1 The GiNaC symbolic framework (runt ii libhdf5-serial-1.8.4 [l 1.8.4-patch1-2 Hierarchical Data Format 5 (HDF5) ii liblapack3gf [liblapack 3.2.1-8 library of linear algebra routines ii libncurses5 5.7+20100313-4 shared libraries for terminal hand ii libreadline66.1-3GNU readline and history libraries ii libstdc++6 4.4.5-6 The GNU Standard C++ Library v3 ii octave3.2 3.2.4-8 GNU Octave language for numerical ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime octave-symbolic recommends no packages. octave-symbolic suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#603450: Fwd: [PATCH] Implement SSL certificate checking
Original Message
Subject: [PATCH] Implement SSL certificate checking
Date: Tue, 14 Dec 2010 07:15:01 -0600
From: Sebastian
To: offlineimap-proj...@lists.alioth.debian.org
CC: Nicolas Sebrecht , Sebastian
If we specify a cacertfile= setting in the Repository section of an IMAP
server,
validate it on python>=2.6 or fail with python<=2.5.
The hostname check should propbably be made optional.
This should make debian happy.
Signed-off-By: Sebastian Spaeth
---
This is a big patch for inspection and review (sorry didn't try to break
it up yet). It implements SSL Certificate checking so taht Debian does
not pull us out. Cert checking gets enabled when the user specifies
sslcacert=path/to/file in the Repository section of offlineimaprc. It
also checks that the hostname of the certificate matches the connection
host name.
If the user specifies that option under python 2.4/2.5, we fail with an
Exception as those versions do not support certificate checking.
offlineimap/imaplibutil.py | 186
++--
offlineimap/imapserver.py | 15 ++--
offlineimap/repository/IMAP.py |3 +
3 files changed, 132 insertions(+), 72 deletions(-)
diff --git a/offlineimap/imaplibutil.py b/offlineimap/imaplibutil.py
index a60242b..839712c 100644
--- a/offlineimap/imaplibutil.py
+++ b/offlineimap/imaplibutil.py
@@ -25,9 +25,9 @@ from imaplib import IMAP4_PORT, IMAP4_SSL_PORT,
InternalDate, Mon2num
try:
import ssl
-ssl_wrap = ssl.wrap_socket
except ImportError:
-ssl_wrap = socket.ssl
+#fails on python <2.6
+pass
class IMAP4_Tunnel(IMAP4):
"""IMAP4 client class over a tunnel
@@ -62,45 +62,7 @@ class IMAP4_Tunnel(IMAP4):
self.infd.close()
self.outfd.close()
self.process.wait()
-
-class sslwrapper:
-def __init__(self, sslsock):
-self.sslsock = sslsock
-self.readbuf = ''
-
-def write(self, s):
-return self.sslsock.write(s)
-
-def _read(self, n):
-return self.sslsock.read(n)
-def read(self, n):
-if len(self.readbuf):
-# Return the stuff in readbuf, even if less than n.
-# It might contain the rest of the line, and if we try to
-# read more, might block waiting for data that is not
-# coming to arrive.
-bytesfrombuf = min(n, len(self.readbuf))
-retval = self.readbuf[:bytesfrombuf]
-self.readbuf = self.readbuf[bytesfrombuf:]
-return retval
-retval = self._read(n)
-if len(retval) > n:
-self.readbuf = retval[n:]
-return retval[:n]
-return retval
-
-def readline(self):
-retval = ''
-while 1:
-linebuf = self.read(1024)
-nlindex = linebuf.find("\n")
-if nlindex != -1:
-retval += linebuf[:nlindex + 1]
-self.readbuf = linebuf[nlindex + 1:] + self.readbuf
-return retval
-else:
-retval += linebuf
def new_mesg(self, s, secs=None):
if secs is None:
@@ -108,27 +70,38 @@ def new_mesg(self, s, secs=None):
tm = time.strftime('%M:%S', time.localtime(secs))
UIBase.getglobalui().debug('imap', ' %s.%02d %s' % (tm,
(secs*100)%100, s))
-class WrappedIMAP4_SSL(IMAP4_SSL):
-def open(self, host = '', port = IMAP4_SSL_PORT):
-IMAP4_SSL.open(self, host, port)
-self.sslobj = sslwrapper(self.sslobj)
-def readline(self):
-return self.sslobj.readline()
+class WrappedIMAP4_SSL(IMAP4_SSL):
+"""Provides an improved version of the standard IMAP4_SSL
+
+It provides a better readline() implementation as impaplibs()
+readline is extremly inefficient. It can connect to IPv6
+addresses. It performs SSL certificate checking on python >=2.6
+and optional hostname check. It also replaces the
+IMAP4_SSL().sslobj with an ssl implementation that works on both
+python 2.4/5 and 2."""
+def __init__(self, *args, **kwargs):
+self._readbuf = ''
+self._cacertfile = kwargs.get('cacertfile', None)
+if kwargs.has_key('cacertfile'):
+del kwargs['cacertfile']
+IMAP4_SSL.__init__(self, *args, **kwargs)
-def new_open(self, host = '', port = IMAP4_PORT):
-"""Setup connection to remote server on "host:port"
-(default: localhost:standard IMAP4 port).
-This connection will be used by the routines:
-read, readline, send, shutdown.
-"""
+def open(self, host = '', port = IMAP4_SSL_PORT):
+"""Do whatever IMAP4_SSL would do in open, but call sslwrap
+with cert verification"""
+#IMAP4_SSL.open(self, host, port) uses the below 2 lines:
self.host = host
self.port = port
+
+#rather than just self.sock = socket.create_connection((host,
port))
+#we use the below part to be able to c
Bug#603450: Fwd: Re: [PATCH] Implement SSL certificate checking
Original Message Subject: Re: [PATCH] Implement SSL certificate checking Date: Tue, 14 Dec 2010 07:48:02 -0600 From: Sebastian Spaeth To: offlineimap-proj...@lists.alioth.debian.org CC: Nicolas Sebrecht On Tue, 14 Dec 2010 07:15:01 -0600, Sebastian wrote: If we specify a cacertfile= setting in the Repository section of an IMAP server, ... sslcacert=path/to/file in the Repository section of offlineimaprc Sorry, I got it twice wrong in my description. If you want to test this, the correct setting name is: [Repository Imapfoobar] sslcacertfile = /absolute/path/to/cert Tested here with my mail.dreamhost.com server and it works fine. Sebastian ___ OfflineIMAP-project mailing list offlineimap-proj...@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/offlineimap-project OfflineIMAP homepage: http://software.complete.org/offlineimap -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604049: linux-image-2.6.32-5-amd64: data corruption with promise stex driver and use of device-mapper layers (lvm/dm-crypt/..)
Am Dienstag, 14. Dezember 2010 schrieb Ben Hutchings: > On Tue, 2010-12-14 at 09:35 +0100, Markus Schulz wrote: > > Am Dienstag, 14. Dezember 2010 schrieb Ben Hutchings: > > ... > > > > > This sounds similar to bug #604457, which should be fixed in > > > version 2.6.32-29 (now in testing). Can you check whether that > > > version fixes the bug? > > > > don't think so. > > if you follow the link posted from Ed Lin you will find a patch > > from Martin K. Petersen ( > > http://marc.info/?l=linux-scsi&m=129114458116271&w=2) > > I only see Ed Lin's patch, and I don't think it is a full solution. it was in Martins git-repository (see above link, different branches for 2.6.32, 2.6.35 and 2.6.36) for example the commit for kernel 2.6.36 http://git.kernel.org/?p=linux/kernel/git/mkp/linux-2.6- mkp.git;a=commit;h=069bd9391faf24da0c4311b4d799f8aac3986efd > Please do try the latest version. ok, i will do this. But it looks specific to md-raid (dm-md-fix- merge.patch) and i don't use MD-raid (i'm use HW-Raid from promise stex driver). > > > if i interpret the last posting from Greg Kroah-Hartman right, he > > want to apply the patch to the stable kernel series. > > It has to be accepted into Linus's tree first, and that has not yet > happened. i will try Martins patch too. I don't want to wait until the patch arrives the mainline kernel (i need the pc and there is no workaround available). regards, msc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606481: marked as done (python-peak.util: missing pointer to upstream sources)
Your message dated Tue, 14 Dec 2010 14:49:21 + with message-id and subject line Bug#606481: fixed in python-peak.util 20090610-3 has caused the Debian Bug report #606481, regarding python-peak.util: missing pointer to upstream sources to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606481: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606481 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-peak.util Version: 20090610-2 Severity: serious Justification: Debian Policy 12.5; Squeeze RC Policy 1 debian/copyright doesn't say say where the upstream sources were obtained. -- Jakub Wilk --- End Message --- --- Begin Message --- Source: python-peak.util Source-Version: 20090610-3 We believe that the bug you reported is fixed in the latest version of python-peak.util, which is due to be installed in the Debian FTP archive: python-peak.util_20090610-3.diff.gz to main/p/python-peak.util/python-peak.util_20090610-3.diff.gz python-peak.util_20090610-3.dsc to main/p/python-peak.util/python-peak.util_20090610-3.dsc python-peak.util_20090610-3_all.deb to main/p/python-peak.util/python-peak.util_20090610-3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 606...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jakub Wilk (supplier of updated python-peak.util package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 14 Dec 2010 14:36:40 +0100 Source: python-peak.util Binary: python-peak.util Architecture: source all Version: 20090610-3 Distribution: unstable Urgency: low Maintainer: Debian QA Group Changed-By: Jakub Wilk Description: python-peak.util - utilities from the Python Enterprise Application Kit Closes: 606481 Changes: python-peak.util (20090610-3) unstable; urgency=low . * QA upload. . [ Piotr Ożarowski ] * Add debian/source/format file (with "1.0" inside) . [ Stefano Zacchiroli ] * debian/copyright: document download origin (Closes: #606481) . [ Jakub Wilk ] * Remove Stefano Zacchiroli from uploaders. * Set Maintainer to Debian QA Group. Checksums-Sha1: 0d0f642579cc7dd2b78f8ae83f54626a58270d6d 1901 python-peak.util_20090610-3.dsc eb9a00083b0883d33ceb03844bf2fbec91fd55a7 7409 python-peak.util_20090610-3.diff.gz 43190b0a295d7e8a3a2289f0fec71257893d7b6d 68714 python-peak.util_20090610-3_all.deb Checksums-Sha256: c4fd159ffbdf73f12ee0d5b88d607e7ff96b27b1031bd7dc1a5e7e7dda3e4a2f 1901 python-peak.util_20090610-3.dsc bc5fdaf602e6668d0b2d97415d0dc5f03c55160a45cf59754fa4d828c51ab36e 7409 python-peak.util_20090610-3.diff.gz 4552a21023cdd64388ddb4005fe59ecaf620bac82d9876e6a427c8a6ba73ea8d 68714 python-peak.util_20090610-3_all.deb Files: 58304a04b3423b3f1db2bb465994ac30 1901 python optional python-peak.util_20090610-3.dsc 6fd263c5aac9910bb3b20eb8b6e51b06 7409 python optional python-peak.util_20090610-3.diff.gz 7d8b11a7a25aea9d125fce5146f52437 68714 python optional python-peak.util_20090610-3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJNB3NGAAoJEC1Os6YBVHX1h9gP/3TAVmDL9GzODKVCm1Sznnpe hKfnQcZG+4HHVhh/7G+rj4F+qHTwuH4mr8BpTWfz36pFhynLYVrDJ+J+xhovpXVf qpV2so3ZF52DsRBmSBPtr5hnvC9lt9G/ljqZiDL+BSEkkw+J7ogD0ASY7YsPziR3 FZzhO1mr8kQEzTRMxzkz5nwUegGjlG8qlV2fjwOFuGLS+JI+PVZ919/Zu1aNIJU0 1x+WruwzY46l4XzFx3Jq/MVYe4R6iOlbYLCjarZ23pLliTQfVX8bnWeH7pMfrVKw CpMJlFVnG1f4bua4BbhWky7OKoMedP9Qnx3KdnhY2bBMaLNPZt9Y2q733oN4EIY3 tZpCSUUJJPI+Q+rYVtNcqYomgQEvaAmSkXHORuhgx8M0EGAhfQo3mtzZqz7Nls7B KnTQDHNNIMpn3MsI1YDm/OAxlwXK6WucHBzvJI0xzU4YCD3EoKkanq5N+2iJ4Ziz lLQD86RfkGwSPk0vOgVZ6iz2y3h/0vfGNKDxS6u9l4U9KciRQAcmEIIetCuBMemP BU0bVyFFqs6qJGi/zf4RBfuKkWZJrow1t5mCMaE0Lbul+FwHfbStN5AUIb4aPlJe 5Pvkf8OEULUpAKJDuWWTzb3FBUxxuMtPT4gaGloZpvFQDecfVTmWvs8NI3lZh4fY oQq74sbb8dkUCXQrz5DG =Udrw -END PGP SIGNATURE- --- End Message ---
Bug#591969: status update?
Hi, On Donnerstag, 9. Dezember 2010, Christian Welzel wrote: > > any idea what to do about this bug? > > I added the source code of > ./typo3/contrib/flashmedia/flvplayer.swf > ./typo3/contrib/flashmedia/player.swf > to the 4.5.0+dfsg1~beta2-1. > flvplayer.swf is a part of TYPO3 and source is available from > typo3-svn. player.swf came from pixelout player 1.2 > > All actionscript 3 code is not buildable within debian because > debian has no as3 compiler. Perhaps flex-sdk will be available > in some time (see #602499) but until then no as3-swf can be build > from source. can this bug get tagged squeeze-ignore? cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#591969: status update?
Hi, On Donnerstag, 9. Dezember 2010, Christian Welzel wrote: > > any idea what to do about this bug? > > I added the source code of > ./typo3/contrib/flashmedia/flvplayer.swf > ./typo3/contrib/flashmedia/player.swf > to the 4.5.0+dfsg1~beta2-1. > flvplayer.swf is a part of TYPO3 and source is available from > typo3-svn. player.swf came from pixelout player 1.2 > > All actionscript 3 code is not buildable within debian because > debian has no as3 compiler. Perhaps flex-sdk will be available > in some time (see #602499) but until then no as3-swf can be build > from source. can this bug get tagged squeeze-ignore? cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#591969: status update?
Hi, On Donnerstag, 9. Dezember 2010, Christian Welzel wrote: > > any idea what to do about this bug? > > I added the source code of > ./typo3/contrib/flashmedia/flvplayer.swf > ./typo3/contrib/flashmedia/player.swf > to the 4.5.0+dfsg1~beta2-1. > flvplayer.swf is a part of TYPO3 and source is available from > typo3-svn. player.swf came from pixelout player 1.2 > > All actionscript 3 code is not buildable within debian because > debian has no as3 compiler. Perhaps flex-sdk will be available > in some time (see #602499) but until then no as3-swf can be build > from source. can this bug get tagged squeeze-ignore? cheers, Holger, who apologies for spaming this bug 3 times… signature.asc Description: This is a digitally signed message part.
Bug#606386: cakephp: diff for NMU version 1.3.2-1.1
tags 606386 + patch
tags 606386 + pending
thanks
Dear maintainer,
I've prepared an NMU for cakephp (versioned as 1.3.2-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
--
Jonathan Wiltshire (jmw)
diff -Nru cakephp-1.3.2/debian/changelog cakephp-1.3.2/debian/changelog
--- cakephp-1.3.2/debian/changelog 2010-06-15 10:05:27.0 +0100
+++ cakephp-1.3.2/debian/changelog 2010-12-14 15:45:50.0 +
@@ -1,3 +1,11 @@
+cakephp (1.3.2-1.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Patch for CVE-2010-4335 (unsafe unserialize)
+Closes: #606386
+
+ -- Jonathan Wiltshire Tue, 14 Dec 2010 15:41:20 +
+
cakephp (1.3.2-1) unstable; urgency=low
* New upstream release (Closes: #585684)
diff -Nru cakephp-1.3.2/debian/patches/03-CVE-2010-4335.diff
cakephp-1.3.2/debian/patches/03-CVE-2010-4335.diff
--- cakephp-1.3.2/debian/patches/03-CVE-2010-4335.diff 1970-01-01
01:00:00.0 +0100
+++ cakephp-1.3.2/debian/patches/03-CVE-2010-4335.diff 2010-12-14
15:49:52.0 +
@@ -0,0 +1,61 @@
+Description: protect against an unsafe serialise CVE-2010-4335
+Origin:
https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606386
+Last-Update: 2010-12-14
+
+diff --git a/cake/libs/controller/components/security.php
b/cake/libs/controller/components/security.php
+index c267c6c..7e5b3b2 100644
+--- a/cake/libs/controller/components/security.php
b/cake/libs/controller/components/security.php
+@@ -618,10 +618,15 @@ class SecurityComponent extends Object {
+ }
+ unset($check['_Token']);
+
++ $locked = str_rot13($locked);
++ if (preg_match('/(\A|;|{|})O\:[0-9]+/', $locked)) {
++ return false;
++ }
++
+ $lockedFields = array();
+ $fields = Set::flatten($check);
+ $fieldList = array_keys($fields);
+- $locked = unserialize(str_rot13($locked));
++ $locked = unserialize($locked);
+ $multi = array();
+
+ foreach ($fieldList as $i => $key) {
+diff --git a/cake/tests/cases/libs/controller/components/security.test.php
b/cake/tests/cases/libs/controller/components/security.test.php
+index 883f1c8..bbd5141 100644
+--- a/cake/tests/cases/libs/controller/components/security.test.php
b/cake/tests/cases/libs/controller/components/security.test.php
+@@ -608,6 +608,30 @@ DIGEST;
+ $result =
$this->Controller->Security->validatePost($this->Controller);
+ $this->assertFalse($result, 'validatePost passed when key was
missing. %s');
+ }
++
++/**
++ * Test that objects can't be passed into the serialized string. This was a
vector for RFI and LFI
++ * attacks. Thanks to Felix Wilhelm
++ *
++ * @return void
++ */
++ function testValidatePostObjectDeserialize() {
++ $this->Controller->Security->startup($this->Controller);
++ $key = $this->Controller->params['_Token']['key'];
++ $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877';
++
++ // a corrupted serialized object, so we can see if it ever gets
to deserialize
++ $attack =
'O:3:"App":1:{s:5:"__map";a:1:{s:3:"foo";s:7:"Hacked!";s:1:"fail"}}';
++ $fields .= urlencode(':' . str_rot13($attack));
++
++ $this->Controller->data = array(
++ 'Model' => array('username' => 'mark', 'password' =>
'foo', 'valid' => '0'),
++ '_Token' => compact('key', 'fields')
++ );
++ $result =
$this->Controller->Security->validatePost($this->Controller);
++ $this->assertFalse($result, 'validatePost passed when key was
missing. %s');
++ }
++
+ /**
+ * Tests validation of checkbox arrays
+ *
diff -Nru cakephp-1.3.2/debian/patches/series
cakephp-1.3.2/debian/patches/series
--- cakephp-1.3.2/debian/patches/series 2010-06-15 10:05:27.0 +0100
+++ cakephp-1.3.2/debian/patches/series 2010-12-14 15:40:13.0 +
@@ -1,2 +1,3 @@
01-remove-shebang.diff
02-cake-binary-libs.diff
+03-CVE-2010-4335.diff
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: cakephp: diff for NMU version 1.3.2-1.1
Processing commands for cont...@bugs.debian.org: > tags 606386 + patch Bug #606386 [cakephp] CVE-2010-4335 Added tag(s) patch. > tags 606386 + pending Bug #606386 [cakephp] CVE-2010-4335 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 606386: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606386 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#606924: upgrade-reports: lenny->squeeze: successful upgrade with minor glitches
Processing commands for cont...@bugs.debian.org: > block 606924 by 605569 606923 596651 606915 Bug #606924 [upgrade-reports] upgrade-reports: [lenny->squeeze] successful upgrade with minor glitches Was not blocked by any bugs. Added blocking bug(s) of 606924: 606915, 596651, 605790, 605569, 606923, and 604175 > thanks Stopping processing here. Please contact me if you need assistance. -- 606924: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606924 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: severity of 607090 is serious
Processing commands for cont...@bugs.debian.org: > severity 607090 serious Bug #607090 [initramfs-tools] initramfs-tools/squeeze: trigger cryptroot/lenny prints alarming error message - missing versioned breaks or conflicts on cryptsetup? Severity set to 'serious' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 607090: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607090 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604925: marked as done (Squeeze krb5 fails to work with Open Directory KDC tickets)
Your message dated Tue, 14 Dec 2010 17:17:24 + with message-id and subject line Bug#604925: fixed in krb5 1.8.3+dfsg-4 has caused the Debian Bug report #604925, regarding Squeeze krb5 fails to work with Open Directory KDC tickets to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 604925: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604925 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libgssapi-krb5-2 Version: 1.8.3+dfsg-2 Severity: grave File: /usr/lib/libgssapi_krb5.so.2 My system uses kerberos to authenticate users to ssh. After upgrading a server to squeeze logging in is no longer possible (this could satisfy critical severity). Unfortunately debugging this turned out to be harder than expected, because gssapi is not very precise about what the problem really is. All I can do is post the logs. Logging in from a (lenny) client that could log in to the same system before the upgrade: $ ssh -vvv somemachine ... debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password debug3: authmethod_lookup gssapi-keyex debug3: remaining preferred: gssapi-with-mic,gssapi,publickey,keyboard-interactive,password debug3: authmethod_is_enabled gssapi-keyex debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug2: we did not send a packet, disable method debug3: authmethod_lookup gssapi-with-mic debug3: remaining preferred: gssapi,publickey,keyboard-interactive,password debug3: authmethod_is_enabled gssapi-with-mic debug1: Next authentication method: gssapi-with-mic debug2: we sent a gssapi-with-mic packet, wait for reply debug1: Delegating credentials debug1: Delegating credentials debug1: Unspecified GSS failure. Minor code may provide more information Generic error (see e-text) debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we sent a gssapi-with-mic packet, wait for reply debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we sent a gssapi-with-mic packet, wait for reply debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we did not send a packet, disable method ... Of course I also turned on debugging on the server: ... Nov 25 13:43:46 someserver sshd[5661]: Set /proc/self/oom_adj to 0 Nov 25 13:43:46 someserver sshd[5661]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 Nov 25 13:43:46 someserver sshd[5661]: debug1: inetd sockets after dupping: 3, 3 Nov 25 13:43:46 someserver sshd[5661]: Connection from 10.0.82.2 port 36317 Nov 25 13:43:46 someserver sshd[5661]: debug1: Client protocol version 2.0; client software version OpenSSH_5.1p1 Debian-5 Nov 25 13:43:46 someserver sshd[5661]: debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH* Nov 25 13:43:46 someserver sshd[5661]: debug1: Enabling compatibility mode for protocol 2.0 Nov 25 13:43:46 someserver sshd[5661]: debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-5+b1 Nov 25 13:43:46 someserver sshd[5661]: debug1: PAM: initializing for "root" Nov 25 13:43:46 someserver sshd[5661]: debug1: PAM: setting PAM_RHOST to "reverse.dns.of.somemachine" Nov 25 13:43:46 someserver sshd[5661]: debug1: PAM: setting PAM_TTY to "ssh" Nov 25 13:43:46 someserver sshd[5661]: Failed none for root from 10.0.82.2 port 36317 ssh2 Nov 25 13:43:46 someserver sshd[5661]: debug1: Unspecified GSS failure. Minor code may provide more information\nNo such file or directory\n Nov 25 13:43:46 someserver sshd[5661]: debug1: Got no client credentials ... The origin of the "Unspecified GSS failure." message is src/lib/gssapi/mechglue/g_dsp_status.c which is a generic error handler. The "Got no client credentials" message originates from sshd itself gss-serv.c in ssh_gssapi_accept_ctx after finding that an error occured. Any other information needed? Do you have any ideas for debugging? Helmut -- System Information: Debian Release: squeeze/sid APT prefers squeeze-volatile APT policy: (500, 'squeeze-volatile'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libgssapi-krb5-2 depends on: ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib i
Bug#603235: marked as done (midgard2-core: FTBFS: problematic build dependencies)
Your message dated Tue, 14 Dec 2010 17:17:36 + with message-id and subject line Bug#603235: fixed in midgard2-core 10.05.2-1 has caused the Debian Bug report #603235, regarding midgard2-core: FTBFS: problematic build dependencies to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 603235: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603235 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: midgard2-core Version: 10.05.1.2-1 Severity: important For some reason, midgard2-core explicitly lists libc6 in Build-Depends, even though it's (build-)essential on the architectures on which it's available. (For historical reasons, a handful use a different SONAME). In addition, several clauses of Build-Depends favor packages such as midgard-libgda-4.0-dev that are not (currently) available, triggering sbuild bug #403246; although its author has uploaded a fix, it evidently hasn't made it to the autobuilders quite yet, so you may wish to consider working around it for now. :-/ Could you please adjust midgard2-core's build dependencies to address at least the first of those concerns? Thanks! --- End Message --- --- Begin Message --- Source: midgard2-core Source-Version: 10.05.2-1 We believe that the bug you reported is fixed in the latest version of midgard2-core, which is due to be installed in the Debian FTP archive: gir1.0-midgard2_10.05.2-1_i386.deb to main/m/midgard2-core/gir1.0-midgard2_10.05.2-1_i386.deb libmidgard2-dev_10.05.2-1_i386.deb to main/m/midgard2-core/libmidgard2-dev_10.05.2-1_i386.deb libmidgard2_10.05.2-1_i386.deb to main/m/midgard2-core/libmidgard2_10.05.2-1_i386.deb midgard2-bin_10.05.2-1_i386.deb to main/m/midgard2-core/midgard2-bin_10.05.2-1_i386.deb midgard2-common_10.05.2-1_i386.deb to main/m/midgard2-core/midgard2-common_10.05.2-1_i386.deb midgard2-core_10.05.2-1.debian.tar.gz to main/m/midgard2-core/midgard2-core_10.05.2-1.debian.tar.gz midgard2-core_10.05.2-1.dsc to main/m/midgard2-core/midgard2-core_10.05.2-1.dsc midgard2-core_10.05.2.orig.tar.gz to main/m/midgard2-core/midgard2-core_10.05.2.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 603...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Piotr Pokora (supplier of updated midgard2-core package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 14 Dec 2010 15:31:24 +0100 Source: midgard2-core Binary: libmidgard2 libmidgard2-dev midgard2-common midgard2-bin gir1.0-midgard2 Architecture: source i386 Version: 10.05.2-1 Distribution: unstable Urgency: low Maintainer: Piotr Pokora Changed-By: Piotr Pokora Description: gir1.0-midgard2 - Midgard2 - GObject Introspection libmidgard2 - Midgard Content Repository - Runtime Library libmidgard2-dev - Midgard Content Repository - Development Files midgard2-bin - Midgard2 command line tools. midgard2-common - Midgard2 common files used by different midgard extensions Closes: 603235 Changes: midgard2-core (10.05.2-1) unstable; urgency=low . * New upstream * Fixed GObject Introspection build depends. Closes: #603235 * Added libmidgard2.symbols Checksums-Sha1: ca8609d0e81fa64a7e7f747b1d0eae10ec2f89c0 1405 midgard2-core_10.05.2-1.dsc c76ae8fe090b2fcb157d791a38717921ac80609e 542087 midgard2-core_10.05.2.orig.tar.gz 0f5743950a205b159fc51eb8ea8b9e5427bcb3f1 6420 midgard2-core_10.05.2-1.debian.tar.gz d89da773ccc25980e7bbeece0bd1ff4a056d3b47 179436 libmidgard2_10.05.2-1_i386.deb 321b35f8a672353ace3f473420e42e4afa87ea2f 237274 libmidgard2-dev_10.05.2-1_i386.deb a6d50e9e68f5620ce345266357236886bc700dad 5130 midgard2-common_10.05.2-1_i386.deb 87fd37b263971e4e017c28af9f1fea8bf57d3f5d 24528 midgard2-bin_10.05.2-1_i386.deb 182e205fe6c1dc6f9dcd7846c91fa8794187d6aa 47522 gir1.0-midgard2_10.05.2-1_i386.deb Checksums-Sha256: 993616763238ce0986928b8b046ae58a0b77feb7a21945199c868fcd6b81a724 1405 midgard2-core_10.05.2-1.dsc 35443126cae8bb47ef03ce55c10ceeffdaecffd993df1fb932e53a3c5245c6ad 542087 midgard2-core_10.05.2.orig.tar.gz fe82d24e2d6acd5331c1857468a9d86ae19776fb02b484d370832c0bdc0ae475 6420 midgard2-core_10.05.2-1.debian.tar.gz 7dfffbd94af8194c8087bc05bb250b83f3c612453afaee0b70413d07a4
Processed: Re: Bug#607060: upgrade-reports: [lenny->squeeze] successful upgrade with minor glitches
Processing commands for cont...@bugs.debian.org: > block 607060 by 605569 606923 596651 606915 607058 Bug #607060 [upgrade-reports] upgrade-reports: [lenny->squeeze] successful upgrade with minor glitches Was not blocked by any bugs. Added blocking bug(s) of 607060: 607058, 606915, 596651, 605790, 605569, 606923, and 604175 > thanks Stopping processing here. Please contact me if you need assistance. -- 607060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607060 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#593331: eucalyptus-cloud: Eucalyptus cloud controller and walrus does not start
Still the same problem with libhibernate3-java 3.5.4.Final-4. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#607090: initramfs-tools/squeeze: trigger cryptroot/lenny prints alarming error message - missing versioned breaks or conflicts on cryptsetup?
tags 607090 pending patch stop On Tue, 14 Dec 2010, Carsten Hey wrote: > > Please adapt the severity if you think this is RC. indeed, thank you for reporting. Thought it was only an issue of partial upgrades but indeed Lenny cryptsetup had one of the two errors that got later corrected for precached scripts that initramfs-tools uses in sid. fixed in maks/breaks_cryptsetup http://git.debian.org/?p=kernel/initramfs-tools.git;a=summary should soon appear in squeeze branch -- maks -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#607090: initramfs-tools/squeeze: trigger cryptroot/lenny prints alarming error message - missing versioned breaks or conflicts on cryptsetup?
Processing commands for cont...@bugs.debian.org: > tags 607090 pending patch Bug #607090 [initramfs-tools] initramfs-tools/squeeze: trigger cryptroot/lenny prints alarming error message - missing versioned breaks or conflicts on cryptsetup? Added tag(s) pending and patch. > stop Stopping processing here. Please contact me if you need assistance. -- 607090: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607090 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606940: r-cran-vr: not installable in sid
reassign 606940 ftp.debian.org thanks Dear ftp-maintainers, Please remove r-cran-vr from unstable. I used to be an upstream 'meta package', but it was split into its four constiuent packages well over a year ago by upstream. I now have the main of these four package provide a virtual r-cran-vr to satisfy reverse depends. Thanks, Dirk On 13 December 2010 at 10:07, Ralf Treinen wrote: | Package: r-cran-vr | Version: 7.3-0-2 | Tags: sid | Severity: grave | User: trei...@debian.org | Usertags: edos-uninstallable | | Hi, r-cran-vr is uninstallable in sid on all architectures since: | | r-cran-vr (= 7.3-0-2) depends on one of: - r-cran-mass (= 7.3-9-1) r-cran-vr (= 7.3-0-2) and r-cran-mass (= 7.3-9-1) conflict | | This package should probably be removed from the archive now. | This bug does not affect squeeze. | | -Ralf. | | -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#606940: r-cran-vr: not installable in sid
Processing commands for cont...@bugs.debian.org: > reassign 606940 ftp.debian.org Bug #606940 [r-cran-vr] r-cran-vr: not installable in sid Bug reassigned from package 'r-cran-vr' to 'ftp.debian.org'. Bug No longer marked as found in versions vr/7.3-0-2. > thanks Stopping processing here. Please contact me if you need assistance. -- 606940: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606940 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#604049: ***SPAM*** tested with linux-image-2.6.32-5-amd64/2.6.32-29
I've tried linux-image-2.6.32-5-amd64/2.6.32-29 without luck. Same file errors and/or broken file system. I've tried Martin K. Petersen Patch too (applied to linus 2.6.36 git repo) with success. It works, no md5sum errors (test still running as endless loop). regards, msc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#605372: tseries: FTBFS on armel: unable to load shared object
Processing commands for cont...@bugs.debian.org: > reassign 605372 release.debian.org Bug #605372 [tseries] tseries: FTBFS on armel: unable to load shared object Bug reassigned from package 'tseries' to 'release.debian.org'. Bug No longer marked as found in versions 0.10-23-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 605372: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605372 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: tseries: FTBFS on armel: unable to load shared object
reassign 605372 release.debian.org thanks Dear release team, Can you please schedule a binary-only rebuild of package quadprog(binary: r-cran-quadprog) on the 'armel' architecture, and once completed, schedule a binary-only rebuild of package tseries (binary: r-cran-tseries) on the 'armel' architecture. Many thanks, Dirk On 29 November 2010 at 10:50, Hector Oron wrote: | Package: tseries | Version: 0.10-23-1 | Severity: serious | Tags: sid | | Hello, | | Your package fails to build on armel: | | gcc -shared -o tseries.so arma.o bdstest.o boot.o dsumsl.o formats.o garch.o ppsum.o tsutils.o -lblas -lgfortran -lm -lgfortran -lm -L/usr/lib/R/lib -lR | make[1]: Leaving directory `/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/src' | make[1]: Entering directory `/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/src' | make[1]: Leaving directory `/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/src' | installing to /build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/debian/r-cran-tseries/usr/lib/R/site-library/tseries/libs | ** R | ** data | ** inst | ** preparing package for lazy loading | Error in dyn.load(file, DLLpath = DLLpath, ...) : | unable to load shared object '/usr/lib/R/site-library/quadprog/libs/quadprog.so': | libRblas.so: cannot open shared object file: No such file or directory | Error : package 'quadprog' could not be loaded | ERROR: lazy loading failed for package 'tseries' | * removing '/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/debian/r-cran-tseries/usr/lib/R/site-library/tseries' | make: *** [R_any_arch] Error 1 | | Full buildlog at: https://buildd.debian.org/fetch.cgi?pkg=tseries;ver=0.10-23-1;arch=armel;stamp=1289798034 | | Best regards, | | -- System Information: | Debian Release: squeeze/sid | APT prefers unstable | APT policy: (700, 'unstable'), (600, 'testing'), (500, 'stable'), (1, 'experimental') | Architecture: amd64 (x86_64) | | Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores) | Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) | Shell: /bin/sh linked to /bin/bash | | -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601977: cyrus-sasl2-heimdal-dbg: file conflict during upgrade from lenny
Hi there! On Tue, 14 Dec 2010 01:29:01 +0100, Roberto C. Sánchez wrote: >> > created by dh_strip, excerpted from debian/rules below: >> > >> > dh_strip -s -psasl2-bin -plibsasl2-2 -plibsasl2-modules >> > -plibsasl2-modules-ldap -plibsasl2-modules-otp -plibsasl2-modules-sql >> > -plibsasl2-modules-gssapi-mit -plibsasl2-dev >> > -Nlibsasl2-modules-gssapi-heimdal --dbg-package=cyrus-sasl2-dbg >> > dh_strip -s -plibsasl2-modules-gssapi-heimdal -Nsasl2-bin -Nlibsasl2-2 >> > -Nlibsasl2-modules -Nlibsasl2-modules-ldap -Nlibsasl2-modules-otp >> > -Nlibsasl2-modules-sql -Nlibsasl2-modules-gssapi-mit -Nlibsasl2-dev >> > --dbg-package=cyrus-sasl2-heimdal-dbg >> > >> > Both packages need to be able to be installed together, so my question >> > centers around whehter it is OK to put a diversion in place so that >> > cyrus-sasl2-heimdal-dbg diverts the file. What does everyone think? I guess that it would have helped me quite a lot to know that this bug had a reply and it was now ignored for quite a month, but it seems that the reply above was not sent to the BTS and only to the mailing list: http://lists.alioth.debian.org/pipermail/pkg-cyrus-sasl2-debian-devel/2010-October/001957.html >> So, it appears that there are some other possibilities, thanks to a >> posting by Luca Capello [0]. Is there any reason why you did not Cc: me? I was wondering if this bug was forgot, given that I did not receive any update on it (and no, going to the BTS or subscribing to *every* bug someone is interacting with it is not an acceptable solution). >> The first possibility is trivial, but is not as "correct." The >> second is more "correct" but a larger diff. Given that this must go >> into Lenny, what opinion or preference does the release team have on >> the matter? [...] > > Given the just announced deep freeze, I'd like some guidance from the > release team on this, so that I can prepare an update with an acceptable > fix to go into Squeeze. I am not a library expert, but you cannot install both libraries together: = l...@gismo:~$ apt-cache show libsasl2-modules-gssapi-mit | grep Conflicts Conflicts: libsasl2-modules-gssapi-heimdal l...@gismo:~$ = So, if you want to debug the GSSAPI Heimdal library you need cyrus-sasl2-heimdal-dbg and, I guess, at the same time libsasl2-modules-gssapi-heimdal. Given that the latter conflicts with the former, it seems clear that the correct approach is the second option I proposed. Thx, bye, Gismo / Luca pgp83wFcbXc0q.pgp Description: PGP signature
Bug#593049: autotools issue
The following works: recompiling the package on lenny (which generates the ./configure), then copy the generated configure into your sid build directory and run it. So this seems to be autotools issue, unfortunately I do not know enough about autotools to solve this. -Ralf. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601184: marked as done (linux-image-2.6.36-rc6-amd64: Possible privilege escalation bug)
Your message dated Tue, 14 Dec 2010 20:55:54 +0100 with message-id <20101214195554.ga2...@galadriel.inutil.org> and subject line Re: Bug#601184: linux-image-2.6.36-rc6-amd64: Possible privilege escalation bug has caused the Debian Bug report #601184, regarding linux-image-2.6.36-rc6-amd64: Possible privilege escalation bug to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 601184: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601184 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: linux-2.6 Version: 2.6.36~rc6-1~experimental.1 Severity: critical Tags: security Justification: root security hole I'm not sure if I should include the steps to reproduxe here in case it's visible to the general population. Could someone email me directly so I can provide the details. If they decide to, then they can post the details themselves. -- Package-specific info: ** Version: Linux version 2.6.36-rc6-amd64 (Debian 2.6.36~rc6-1~experimental.1) (b...@decadent.org.uk) (gcc version 4.4.5 (Debian 4.4.4-17) ) #1 SMP Mon Oct 4 09:56:45 UTC 2010 ** Command line: BOOT_IMAGE=/vmlinuz-2.6.36-rc6-amd64 root=/dev/mapper/VgCompaq-debian resume=/dev/VgCompaq/swap ro quiet splash vga=0x317 ** Not tainted ** Kernel log: [9.031499] PM: Marking nosave pages: bf534000 - bf537000 [9.031502] PM: Marking nosave pages: bf5bb000 - bf5bf000 [9.031504] PM: Basic memory bitmaps created [9.045860] PM: Basic memory bitmaps freed [ 10.112062] EXT3-fs: barriers not enabled [ 10.126287] kjournald starting. Commit interval 5 seconds [ 10.126311] EXT3-fs (dm-4): mounted filesystem with ordered data mode [ 13.560017] udevd version 125 started [ 14.438927] pci_hotplug: PCI Hot Plug PCI Core version: 0.5 [ 14.469288] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4 [ 14.682126] i801_smbus :00:1f.3: PCI INT D -> GSI 19 (level, low) -> IRQ 19 [ 14.749432] input: PC Speaker as /devices/platform/pcspkr/input/input1 [ 14.847434] input: Power Button as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0C:00/input/input2 [ 14.847496] ACPI: Power Button [PWRB] [ 14.847559] input: Lid Switch as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0D:00/input/input3 [ 14.847631] ACPI: Lid Switch [LID0] [ 14.847690] input: Sleep Button as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0E:00/input/input4 [ 14.847726] ACPI: Sleep Button [SLPB] [ 14.847810] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input5 [ 14.847844] ACPI: Power Button [PWRF] [ 14.931635] ACPI: acpi_idle registered with cpuidle [ 14.976035] Monitor-Mwait will be used to enter C-1 state [ 15.010136] Monitor-Mwait will be used to enter C-2 state [ 15.024658] Monitor-Mwait will be used to enter C-3 state [ 15.024675] Marking TSC unstable due to TSC halts in idle [ 15.042099] Linux video capture interface: v2.00 [ 15.056031] Switching to clocksource hpet [ 15.213992] uvcvideo: Found UVC 1.00 device CNF7041 (04f2:b057) [ 15.217763] input: CNF7041 as /devices/pci:00/:00:1d.7/usb1/1-6/1-6:1.0/input/input6 [ 15.217824] usbcore: registered new interface driver uvcvideo [ 15.217826] USB Video Class driver (v0.1.0) [ 15.536386] ACPI: WMI: Mapper loaded [ 15.537107] cfg80211: Calling CRDA to update world regulatory domain [ 15.628141] ACPI: AC Adapter [AC] (on-line) [ 15.735247] ACPI: Battery Slot [BAT0] (battery present) [ 16.034716] ath5k :01:00.0: PCI INT A -> GSI 16 (level, low) -> IRQ 16 [ 16.034734] ath5k :01:00.0: setting latency timer to 64 [ 16.034825] ath5k :01:00.0: registered as 'phy0' [ 17.064120] input: PS/2 Mouse as /devices/platform/i8042/serio1/input/input7 [ 17.094313] alloc irq_desc for 22 on node -1 [ 17.094317] alloc kstat_irqs on node -1 [ 17.094329] HDA Intel :00:1b.0: PCI INT A -> GSI 22 (level, low) -> IRQ 22 [ 17.094423] alloc irq_desc for 41 on node -1 [ 17.094426] alloc kstat_irqs on node -1 [ 17.094440] HDA Intel :00:1b.0: irq 41 for MSI/MSI-X [ 17.094475] HDA Intel :00:1b.0: setting latency timer to 64 [ 17.139024] input: AlpsPS/2 ALPS GlidePoint as /devices/platform/i8042/serio1/input/input8 [ 17.244803] input: HP WMI hotkeys as /devices/virtual/input/input9 [ 17.397742] ath: EEPROM regdomain: 0x67 [ 17.397745] ath: EEPROM indicates we should expect a direct regpair map [ 17.397750] ath: Country alpha2 being used: 00 [ 17.397752] ath: Regpair used: 0x67 [ 17.485816] input: HDA Digital PCBeep as /devices/pci:00/:00:1b.0/input/input10 [ 17.487452]
Bug#607114: Unresponsive Xen's dom0 system after 'general protection fault'
Package: linux-image-2.6-xen-amd64 Version: 2.6.26+17+lenny1 Severity: critical Tags: lenny After execution of xm create command I got messages in attached file. I got this for second time within one week. Not sure what the root cause is. Right now all of commands working with networking just hangs. Looks like it has something to do with 8021q module. All Xen domU's with NATed networks are reachable. -- System Information: Debian Release: 5.0.7 -- Regards, Peter Viskup Dec 14 21:25:17 server2 kernel: [1480447.233563] general protection fault: [1] SMP Dec 14 21:25:17 server2 kernel: [1480447.234227] CPU 0 Dec 14 21:25:17 server2 kernel: [1480447.234508] Modules linked in: ipt_MASQUERADE bonding 8021q iptable_nat nf_nat ext2 xt_physdev tun ext4dev jbd2 crc16 xfs bridge ipv6 xt_multiport ipt_LOG xt_tcpudp nf_conntrack_ipv4 xt_state nf_conntrack iptable_filter ip_tables x_tables loop ide_pci_generic ide_core ata_generic usbhid hid ff_memless psmouse serio_raw pcspkr sata_svw libata dock container bnx2 ohci_hcd firmware_class ehci_hcd button ipmi_si hpilo ipmi_msghandler uhci_hcd shpchp pci_hotplug i2c_piix4 i2c_core evdev ext3 jbd mbcache dm_mirror dm_log dm_snapshot dm_mod thermal processor fan thermal_sys cciss scsi_mod [last unloaded: bonding] Dec 14 21:25:17 server2 kernel: [1480447.236466] Pid: 39, comm: xenwatch Not tainted 2.6.26-2-xen-amd64 #1 Dec 14 21:25:17 server2 kernel: [1480447.236466] RIP: e030:[] [] :8021q:__vlan_find_group+0x25/0x36 Dec 14 21:25:17 server2 kernel: [1480447.236466] RSP: e02b:88001fde1bc8 EFLAGS: 00010202 Dec 14 21:25:17 server2 kernel: [1480447.236466] RAX: 8800011aae68 RBX: 0005 RCX: a034a760 Dec 14 21:25:17 server2 kernel: [1480447.236466] RDX: 4068 RSI: 0005 RDI: 88001b484000 Dec 14 21:25:17 server2 kernel: [1480447.236466] RBP: 88001b484000 R08: R09: 880006de81d8 Dec 14 21:25:17 server2 kernel: [1480447.236466] R10: 88001b5a9008 R11: 80427778 R12: a01d2c60 Dec 14 21:25:17 server2 kernel: [1480447.236466] R13: 88001b484000 R14: 0005 R15: Dec 14 21:25:17 server2 kernel: [1480447.236466] FS: 7f91e60df6e0() GS:8053a000() knlGS: Dec 14 21:25:17 server2 kernel: [1480447.236466] CS: e033 DS: ES: Dec 14 21:25:17 server2 kernel: [1480447.236466] DR0: DR1: DR2: Dec 14 21:25:17 server2 kernel: [1480447.236466] DR3: DR6: 0ff0 DR7: 0400 Dec 14 21:25:17 server2 kernel: [1480447.236466] Process xenwatch (pid: 39, threadinfo 88001fde, task 88001fdd82c0) Dec 14 21:25:17 server2 kernel: [1480447.236466] Stack: a0346545 0010 803cfc0d Dec 14 21:25:17 server2 kernel: [1480447.236466] fff1 a01d2c60 88001b484000 Dec 14 21:25:17 server2 kernel: [1480447.236466] 0005 80242a24 88001b484000 Dec 14 21:25:17 server2 kernel: [1480447.236466] Call Trace: Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? :8021q:vlan_device_event+0x80/0x3a8 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? rtmsg_ifinfo+0xa1/0xd1 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? notifier_call_chain+0x29/0x4c Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? register_netdevice+0x28a/0x2ca Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? netif_alloc+0x16d/0x193 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? backend_create_netif+0x4e/0x8f Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? netback_probe+0x15e/0x1cf Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? read_otherend_details+0x7a/0xae Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenbus_dev_probe+0x77/0xee Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? driver_probe_device+0xd0/0x14d Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? __device_attach+0x0/0x5 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? bus_for_each_drv+0x43/0x72 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? down+0xe/0x36 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? device_attach+0x59/0x6a Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? bus_attach_device+0x27/0x5b Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? device_add+0x3a6/0x526 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenbus_probe_node+0x11e/0x19f Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenbus_dev_changed+0x154/0x170 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenbus_read_driver_state+0x26/0x3b Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenwatch_thread+0x0/0x186 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenwatch_handle_callback+0x15/0x48 Dec 14 21:25:17 server2 kernel: [1480447.236466] [] ? xenwatch_thread+0x1
Bug#605372: tseries: FTBFS on armel: unable to load shared object
On Tue, 2010-12-14 at 12:39 -0600, Dirk Eddelbuettel wrote:
> reassign 605372 release.debian.org
> thanks
[For reference, at least right now debian-release has only received the
result of your control@ mail, not the mail I'm replying to; it's
generally a good idea to CC the receiving package]
> Dear release team,
>
> Can you please schedule a binary-only rebuild of package
>
> quadprog (binary: r-cran-quadprog)
>
> on the 'armel' architecture, and once completed, schedule a binary-only
> rebuild of package
>
> tseries (binary: r-cran-tseries)
>
> on the 'armel' architecture.
Looking through the bug log, I'm not convinced that this will help. The
tseries build fails with:
| unable to load shared object
'/usr/lib/R/site-library/quadprog/libs/quadprog.so':
| libRblas.so: cannot open shared object file: No such file or directory
and the quadprog build log on armel predictably contains:
dpkg-shlibdeps: warning: couldn't find library libRblas.so needed by
debian/r-cran-quadprog/usr/lib/R/site-library/quadprog/libs/quadprog.so (ELF
format: 'elf32-littlearm'; RPATH: '').
libRblas.so comes from r-base-core-ra (on armel), which wasn't installed
as part of the quadprog build on armel. In fact, so far as I can see,
r-base-core-ra is a completely leaf package, with no reverse
{build-,}dependencies so there's no indication in the packaging that
it's intended to be installed whilst building quadprog.
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#607117: librheolef-dev and libsc-doc: error when trying to install together
Package: libsc-doc,librheolef-dev Version: libsc-doc/2.3.1-6 Version: librheolef-dev/5.91-1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2010-12-14 Architecture: amd64 Distribution: sid Hi, automatic installation tests of packages that share a file and at the same time do not conflict by their package dependency relationships has detected the following problem: WARNING: The following packages cannot be authenticated! x11-common libice6 x11proto-core-dev libice-dev libxau6 libxdmcp6 libxcb1 libx11-data libx11-6 libxau-dev libxdmcp-dev x11proto-input-dev x11proto-kb-dev xtrans-dev libpthread-stubs0 libpthread-stubs0-dev libxcb1-dev libx11-dev libmagic1 file libbsd0 libedit2 libgpg-error0 libgcrypt11 libtasn1-3 libgnutls26 libkeyutils1 libkrb5support0 libk5crypto3 libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5clnt-mit7 libkdb5-4 libkadm5srv-mit7 libsasl2-2 libldap-2.4-2 libpcre3 libxml2 mime-support python2.6-minimal libexpat1 python2.6 python-minimal python python-support ucf binutils libgmp3c2 libmpfr4 cpp-4.4 cpp defoma libfreetype6 ttf-dejavu-core fontconfig-config libfontconfig1 fontconfig libgomp1 gcc-4.4 gcc libc-dev-bin linux-libc-dev libc6-dev libstdc++6-4.4-dev g++-4.4 g++ gccxml libpixman-1-0 libpng12-0 libxcb-render0 libxcb-render-util0 libxrender1 libcairo2 libjpeg62 libgd2-noxpm libglib2.0-0 libpango1.0-common libdatrie1 libthai-data libthai0 libxft2 libpango1.0-0 gnuplot-nox libwxbase2.8-0 libatk1.0-0 libdrm2 libxfixes3 libxdamage1 libxext6 libxxf86vm1 libgl1-mesa-glx libglu1-mesa libgtk2.0-common libavahi-common-data libavahi-common3 libdbus-1-3 libavahi-client3 libcups2 libjasper1 libtiff4 libxcomposite1 libxcursor1 libxi6 libxinerama1 libxrandr2 shared-mime-info libgtk2.0-0 libsm6 libwxgtk2.8-0 gnuplot-x11 gnuplot liblcms1 liblqr-1-0 libltdl7 libxt6 libmagickcore3 libmagickwand3 imagemagick comerr-dev krb5-multidev libamd2.2.0 libavutil49 libdirac-encoder0 libfaad2 libgsm1 libopenjpeg2 liborc-0.4-0 libschroedinger-1.0-0 libspeex1 libogg0 libtheora0 libvorbis0a libvorbisenc2 libavcodec52 libavutil-dev libavcodec-dev libavformat52 libavformat-dev libgfortran3 libblas3gf libblas-dev libicu44 libboost1.42-dev libboost-dev libboost-date-time1.42.0 libboost-serialization1.42.0 libboost-serialization1.42-dev libboost-date-time1.42-dev libboost-date-time-dev libboost-system1.42.0 libboost-filesystem1.42.0 libboost-system1.42-dev libboost-filesystem1.42-dev libboost-filesystem-dev libboost-test1.42.0 libboost-test1.42-dev libboost-graph1.42-dev libboost-graph-dev libboost-graph-parallel1.42-dev libboost-graph-parallel-dev libboost-regex1.42.0 libicu-dev libboost-regex1.42-dev libboost-iostreams1.42-dev libboost-iostreams-dev libboost-math1.42.0 libboost-math1.42-dev libboost-math-dev libibverbs1 libnuma1 libtorque2 libopenmpi1.3 libboost-mpi1.42.0 openmpi-common libibverbs-dev libopenmpi-dev mpi-default-dev libboost-mpi1.42-dev libboost-mpi-dev libboost-mpi-python-dev libboost-program-options1.42.0 libboost-program-options1.42-dev libboost-program-options-dev libboost-python1.42.0 libpython2.6 zlib1g-dev libssl-dev python2.6-dev python-dev libboost-python1.42-dev libboost-python-dev libboost-regex-dev libboost-serialization-dev libboost-signals1.42.0 libboost-signals1.42-dev libboost-signals-dev libboost-system-dev libboost-test-dev libboost-thread1.42.0 libboost-thread1.42-dev libboost-thread-dev libboost-wave1.42.0 libboost-wave1.42-dev libboost-wave-dev libboost-all-dev libbtf1.1.0 libcamd2.2.0 libccolamd2.7.1 libcolamd2.7.1 liblapack3gf libcholmod1.7.1 libcsparse2.2.3 libcxsparse2.2.3 libexpat1-dev libfreetype6-dev pkg-config libfontconfig1-dev mesa-common-dev libgl1-mesa-dev libgl2ps0 libgl2ps-dev libglu1-mesa-dev libjpeg62-dev libklu1.1.0 liblapack-dev libldl2.0.1 mysql-common libmysqlclient16 libmysqlclient-dev libpng12-dev libpq5 libkrb5-dev libpq-dev libumfpack5.4.0 librheolef5.91 libswscale0 libxss1 libvtk5.4 libsm-dev libxt-dev x11proto-xext-dev libxext-dev x11proto-scrnsaver-dev libxss-dev x11proto-render-dev libxrender-dev libxft-dev libtiffxx0c2 libtiff4-dev tcl8.5 tcl8.5-dev tk8.5 tk8.5-dev libswscale-dev libxml2-dev libvtk5-dev vtk-tcl rheolef libsuitesparse-dev librheolef-dev libsc-doc Extracting templates from packages: 11% Extracting templates from packages: 22% Extracting templates from packages: 34% Extracting templates from packages: 45% Extracting templates from packages: 57% Extracting templates from packages: 68% Extracting templates from packages: 80% Extracting templates from packages: 91% Extracting templates from packages: 100% Preconfiguring packages ... Authentication warning overridden. Can not write log, openpty() failed (/dev/pts not mounted?) Selecting previously deselected package x11-common. (Reading database ... 8685 files and directories currently installed.) Unpacking x11-common (from .../x11-common_1%3a7.5+8_all.
Processed: severity of 607114 is important
Processing commands for cont...@bugs.debian.org: > severity 607114 important Bug #607114 [linux-image-2.6-xen-amd64] Unresponsive Xen's dom0 system after 'general protection fault' Severity set to 'important' from 'critical' > thanks Stopping processing here. Please contact me if you need assistance. -- 607114: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607114 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: tseries: FTBFS on armel: unable to load shared object
Hi Adam,
On 14 December 2010 at 20:12, Adam D. Barratt wrote:
| On Tue, 2010-12-14 at 12:39 -0600, Dirk Eddelbuettel wrote:
| > reassign 605372 release.debian.org
| > thanks
|
| [For reference, at least right now debian-release has only received the
| result of your control@ mail, not the mail I'm replying to; it's
| generally a good idea to CC the receiving package]
[ I was thinking about that but then I didn't know the email handle of the
virtual BTS entity release.debian.org -- the release list ? ]
|
| > Dear release team,
| >
| > Can you please schedule a binary-only rebuild of package
| >
| > quadprog(binary: r-cran-quadprog)
| >
| > on the 'armel' architecture, and once completed, schedule a binary-only
| > rebuild of package
| >
| > tseries (binary: r-cran-tseries)
| >
| > on the 'armel' architecture.
|
| Looking through the bug log, I'm not convinced that this will help. The
| tseries build fails with:
|
| | unable to load shared object
'/usr/lib/R/site-library/quadprog/libs/quadprog.so':
| | libRblas.so: cannot open shared object file: No such file or directory
|
| and the quadprog build log on armel predictably contains:
|
| dpkg-shlibdeps: warning: couldn't find library libRblas.so needed by
debian/r-cran-quadprog/usr/lib/R/site-library/quadprog/libs/quadprog.so (ELF
format: 'elf32-littlearm'; RPATH: '').
libRblas is outdated by years. We used it when we had lapack 3.1.* years,
and for several years have used Debian's BLAS and LAPACK meaning that R's
linRblas is no longer built.
| libRblas.so comes from r-base-core-ra (on armel), which wasn't installed
| as part of the quadprog build on armel. In fact, so far as I can see,
| r-base-core-ra is a completely leaf package, with no reverse
Yes, Ra (aka r-base-core-ra) has nothing to do with this.
| {build-,}dependencies so there's no indication in the packaging that
| it's intended to be installed whilst building quadprog.
Yes, which is why I suspect a new build will fix it. I have no other idea
here, look at
https://buildd.debian.org/build.cgi?pkg=quadprog
so see that quadprog built fine several dozen builds on all arches, and also
see at
https://buildd.debian.org/build.cgi?pkg=tseries
tseries had never failed for armel before until this (random ?) break in
quadprog.
The R build process is __highly__ standardized; I maintain dozens of packages
in the space and once built a process to autobuilds 2000+ source package into
debs (at http://debian.cran.r-project.org -- but currently dormant).
I still think that it may have been random, and that a new build would cure it.
I'd be open to other fixes, but there is no issue with either tseries or
quadprog. These are super-stable upstream and use just vanilla C / Fortran.
No breakage from there AFAICT.
Cheers, Dirk
|
| Regards,
|
| Adam
|
--
Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#607018: marked as done (generates random owner password if only user password is set)
Your message dated Tue, 14 Dec 2010 20:33:53 +
with message-id
and subject line Bug#607018: fixed in pdftk 1.41+dfsg-10
has caused the Debian Bug report #607018,
regarding generates random owner password if only user password is set
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
607018: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607018
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pdftk
Version: 1.41+dfsg-9
Severity: serious
Tags: patch
The command
pdftk file.pdf output file-encrypted.pdf user_pw thePassword
sets not only a user password, but a random owner password.
Therefore the encryption pdf file is not usable for further usage by
pdftk or other pdf tools due to the fact that the owner password is
unknown.
The attached patch solve this by setting the owner password to the user
password in this case which means that no owner password is set
according to the PDF specification [1].
[1]: Section 3.5.2 of
http://partners.adobe.com/public/developer/en/pdf/PDFReference16.pdf
Description: Set 'no owner password' by setting the owner password to the user password.
This patch solves the issue of generating random owner passwords by the
setEncryption routine of itext if the supplied owner password has zero length.
According to the PDF specification, the meaning of 'no owner password' is archived
by setting the owner password equal to the user password.
Author: Johann Felix Soden
--- a/pdftk/pdftk.cc
+++ b/pdftk/pdftk.cc
@@ -2193,6 +2193,10 @@
prompt_for_password( "user", "the output PDF", m_output_user_pw );
}
+ if( m_output_owner_pw.empty() && !m_output_user_pw.empty() ) {
+ m_output_owner_pw= m_output_user_pw;
+ }
+
jbyteArray output_owner_pw_p= JvNewByteArray( m_output_owner_pw.size() ); {
jbyte* pw_p= elements(output_owner_pw_p);
memcpy( pw_p, m_output_owner_pw.c_str(), m_output_owner_pw.size() );
--- End Message ---
--- Begin Message ---
Source: pdftk
Source-Version: 1.41+dfsg-10
We believe that the bug you reported is fixed in the latest version of
pdftk, which is due to be installed in the Debian FTP archive:
pdftk_1.41+dfsg-10.debian.tar.gz
to main/p/pdftk/pdftk_1.41+dfsg-10.debian.tar.gz
pdftk_1.41+dfsg-10.dsc
to main/p/pdftk/pdftk_1.41+dfsg-10.dsc
pdftk_1.41+dfsg-10_i386.deb
to main/p/pdftk/pdftk_1.41+dfsg-10_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 607...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Johann Felix Soden (supplier of updated pdftk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 14 Dec 2010 20:36:20 +0100
Source: pdftk
Binary: pdftk
Architecture: source i386
Version: 1.41+dfsg-10
Distribution: unstable
Urgency: high
Maintainer: Johann Felix Soden
Changed-By: Johann Felix Soden
Description:
pdftk - tool for manipulating PDF documents
Closes: 607018
Changes:
pdftk (1.41+dfsg-10) unstable; urgency=high
.
* Do not create a random owner password if only user password should
be set. (Closes: #607018)
Checksums-Sha1:
0a36718cfd4c56394f3f96e348833c8da51d124d 1878 pdftk_1.41+dfsg-10.dsc
ff77f65545c3a39ac052e515644d347f1aaf4410 31161 pdftk_1.41+dfsg-10.debian.tar.gz
894865f601859d6596a04562cbf58b5fd67a759e 85798 pdftk_1.41+dfsg-10_i386.deb
Checksums-Sha256:
87b621ebbb35d9aa6d50eff48257ade7ae0c3706480bc571ccb02b6bfdf71478 1878
pdftk_1.41+dfsg-10.dsc
4af85a85ca0959b93c38161e451544546d3f7f1a5b6766013aaeac312fd91f70 31161
pdftk_1.41+dfsg-10.debian.tar.gz
b19bd196a8e20d0a1ab3eae6f551503f1e79e9af290d4166a189f23148b57f0d 85798
pdftk_1.41+dfsg-10_i386.deb
Files:
49089fa12a1255d4a6f171dbcabaf0f3 1878 text optional pdftk_1.41+dfsg-10.dsc
602a2958d02a6c107720528b7ac117c0 31161 text optional
pdftk_1.41+dfsg-10.debian.tar.gz
183076dfb65da5d7d4c44e5ac924ba55 85798 text optional
pdftk_1.41+dfsg-10_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCgAGBQJNB85MAAoJEINZGTv9ywnEwckP/3jR7orXSTT+T/vPQvnSvfaa
qYRnnGL5ZatJqZtEcm/YilgQgmHZ4JJn6S+PKoEAxIx8T2PqSSEG4KCGgZWgLuJ4
8AeJ0HsbZdiXftkec5Ot1bjr7OoNiVVxtVbx7gI1mjkPpDTFbvxfV2ehVMbVswnD
avEG9VkLxgwDnK5W7kzBGnZHyIEsa/+p1pgzIH9LpuXnH4twv026/1V5ZHF03c+M
akyj7v0T
Bug#606293: hol88: diff for NMU version 2.02.19940316-13.1
tags 606293 + patch tags 606293 + pending thanks Dear maintainer, I've prepared an NMU for hol88 (versioned as 2.02.19940316-13.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. The reason for this revert is that gcl 2.6.7-87 will not get a freeze exception for Squeeze, because the changes are too invasive. Once released, hol88 cannot build-depend on a version of gcl not in the same release. Patch: diff -u hol88-2.02.19940316/debian/control hol88-2.02.19940316/debian/control --- hol88-2.02.19940316/debian/control +++ hol88-2.02.19940316/debian/control @@ -2,7 +2,7 @@ Section: math Priority: optional Maintainer: Camm Maguire -Build-Depends: debhelper (>= 5), gcl (>= 2.6.7-87), texlive-latex-base, libgmp3-dev, libncurses5-dev, libreadline-dev, libxmu-dev, libxaw7-dev +Build-Depends: debhelper (>= 5), gcl (>= 2.6.7-62), texlive-latex-base, libgmp3-dev, libncurses5-dev, libreadline-dev, libxmu-dev, libxaw7-dev Standards-Version: 3.9.1 Package: hol88 diff -u hol88-2.02.19940316/debian/changelog hol88-2.02.19940316/debian/changelog --- hol88-2.02.19940316/debian/changelog +++ hol88-2.02.19940316/debian/changelog @@ -1,3 +1,11 @@ +hol88 (2.02.19940316-13.1) unstable; urgency=high + + * Non-maintainer upload. + * Revert build-depend bump, as that version of gcl will +not make it into Squeeze (Closes: #606293) + + -- Jonathan Wiltshire Tue, 14 Dec 2010 20:47:42 + + hol88 (2.02.19940316-13) unstable; urgency=low * build depend on latest gcl -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: hol88: diff for NMU version 2.02.19940316-13.1
Processing commands for cont...@bugs.debian.org: > tags 606293 + patch Bug #606293 [src:hol88] hol88: FTBFS: Unsatisfiable build-dependency: gcl(inst 2.6.7-62 ! >= wanted 2.6.7-87) Added tag(s) patch. > tags 606293 + pending Bug #606293 [src:hol88] hol88: FTBFS: Unsatisfiable build-dependency: gcl(inst 2.6.7-62 ! >= wanted 2.6.7-87) Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 606293: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606293 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: tseries: FTBFS on armel: unable to load shared object
On Tue, 2010-12-14 at 14:34 -0600, Dirk Eddelbuettel wrote: > Hi Adam, > > On 14 December 2010 at 20:12, Adam D. Barratt wrote: > | On Tue, 2010-12-14 at 12:39 -0600, Dirk Eddelbuettel wrote: > | > reassign 605372 release.debian.org > | > thanks > | > | [For reference, at least right now debian-release has only received the > | result of your control@ mail, not the mail I'm replying to; it's > | generally a good idea to CC the receiving package] > > [ I was thinking about that but then I didn't know the email handle of the > virtual BTS entity release.debian.org -- the release list ? ] Yep. release.debian@packages.d.o works too :-) > | > Dear release team, > | > > | > Can you please schedule a binary-only rebuild of package > | > > | > quadprog (binary: r-cran-quadprog) > | > > | > on the 'armel' architecture, and once completed, schedule a binary-only > | > rebuild of package > | > > | > tseries (binary: r-cran-tseries) fwiw, this will be a give-back rather than a binNMU, as the package has not successfully built yet. > | > on the 'armel' architecture. [...] > | dpkg-shlibdeps: warning: couldn't find library libRblas.so needed by > debian/r-cran-quadprog/usr/lib/R/site-library/quadprog/libs/quadprog.so (ELF > format: 'elf32-littlearm'; RPATH: ''). > > libRblas is outdated by years. We used it when we had lapack 3.1.* years, > and for several years have used Debian's BLAS and LAPACK meaning that R's > linRblas is no longer built. It's still in the r-base-core-ra armel binary package, hence my mentioning it :-) In any case, looking at the relative build dates of the previously successful quadprog and tseries builds on armel, I've concluded I may have been overly hasty in deciding that a binNMU wouldn't help, so I've scheduled quadprog/armel. Assuming the log for that looks happier I'll give-back tseries afterwards. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: merge buildbot pycompile errors
Processing commands for cont...@bugs.debian.org: > reassign 605399 python-defaults Bug #605399 [buildbot] Upgrade from buildbot 0.7.12-2 to 0.7.12-3 fails with TypeError: %d format: a number is required Bug reassigned from package 'buildbot' to 'python-defaults'. Bug No longer marked as found in versions buildbot/0.7.12-3. > reassign 606300 python-defaults Bug #606300 [buildbot] buildbot: fails to install Bug reassigned from package 'buildbot' to 'python-defaults'. Bug No longer marked as found in versions buildbot/0.7.12-3. > forcemerge 605356 606300 605399 Bug#605356: buildbot: installation fails Bug#605399: Upgrade from buildbot 0.7.12-2 to 0.7.12-3 fails with TypeError: %d format: a number is required Bug#606300: buildbot: fails to install Forcibly Merged 605356 605399 606300. > thanks Stopping processing here. Please contact me if you need assistance. -- 605399: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605399 606300: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606300 605356: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605356 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606756: [PATCH dash/debian-sid] debian/preinst: Do not error out if files are missing
On Tue, 2010-12-14 at 03:12 -0600, Jonathan Nieder wrote: > Adam D. Barratt wrote: > > Let me know if you need a sponsor for an upload fixing this. > > Thanks. I've put something up at > > - git://repo.or.cz/dash/debian/jrn.git for-sid > - http://mentors.debian.net/debian/pool/main/d/dash/dash_0.5.5.1-7.4.dsc > > Lightly tested but I probably cannot be trusted at this hour. > If you have time to look it over, that would be ideal. I haven't managed to spot any obvious issues with it so far. In practical terms, for the postinst at least, the existence check is a little redundant for /bin/sh, on the basis that the script has a /bin/sh shebang. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: tseries: FTBFS on armel: unable to load shared object
On 14 December 2010 at 21:16, Adam D. Barratt wrote: | On Tue, 2010-12-14 at 14:34 -0600, Dirk Eddelbuettel wrote: | > Hi Adam, | > | > On 14 December 2010 at 20:12, Adam D. Barratt wrote: | > | On Tue, 2010-12-14 at 12:39 -0600, Dirk Eddelbuettel wrote: | > | > reassign 605372 release.debian.org | > | > thanks | > | | > | [For reference, at least right now debian-release has only received the | > | result of your control@ mail, not the mail I'm replying to; it's | > | generally a good idea to CC the receiving package] | > | > [ I was thinking about that but then I didn't know the email handle of the | > virtual BTS entity release.debian.org -- the release list ? ] | | Yep. release.debian@packages.d.o works too :-) Ahh. I shall try to remember :) | > | > Dear release team, | > | > | > | > Can you please schedule a binary-only rebuild of package | > | > | > | > quadprog(binary: r-cran-quadprog) | > | > | > | > on the 'armel' architecture, and once completed, schedule a binary-only | > | > rebuild of package | > | > | > | > tseries (binary: r-cran-tseries) | | fwiw, this will be a give-back rather than a binNMU, as the package has | not successfully built yet. | | > | > on the 'armel' architecture. | [...] | > | dpkg-shlibdeps: warning: couldn't find library libRblas.so needed by debian/r-cran-quadprog/usr/lib/R/site-library/quadprog/libs/quadprog.so (ELF format: 'elf32-littlearm'; RPATH: ''). | > | > libRblas is outdated by years. We used it when we had lapack 3.1.* years, | > and for several years have used Debian's BLAS and LAPACK meaning that R's | > linRblas is no longer built. | | It's still in the r-base-core-ra armel binary package, hence my | mentioning it :-) I know. But no r-cran-* package should have Depends: or Build-Depends: on it. | In any case, looking at the relative build dates of the previously | successful quadprog and tseries builds on armel, I've concluded I may | have been overly hasty in deciding that a binNMU wouldn't help, so I've | scheduled quadprog/armel. Assuming the log for that looks happier I'll | give-back tseries afterwards. Cool, thank you very much! Truly appreciate the help. Dirk | | Regards, | | Adam | -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606319: irssi crashes when changing window
Hi! * Pierre Habouzit [2010-12-09 23:26:05 CET]: > I'm almost sure this is > http://bugs.irssi.org/index.php?do=details&task_id=669 Thanks, with the recipe from in there it's clearly reproducible. Given that it seems to require a special configuration (even though that might be very widely in use through some themes) and doesn't happen in the default configuration it could be argued that this bug is only important. I want to get it fixed in squeeze nevertheless. > Attached is a patch that seems to fix it for me. I'm investigating the patch with upstream and checking. Thanks. Rhonda -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606327: vmmemctl missing in squeeze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 12/09/2010 01:05 PM, Daniel Baumann wrote: > On 12/09/2010 12:54 PM, Mehdi Dogguy wrote: >> Yes. Go ahead. If you want to apply some backported fixes, please let us >> know >> first. > > for clarity sake, it's not about 'backporting' fixes, it's about > completely replacing the existing open-vm-tools upstream version with > another one. Why do you want to replace a recent version of open-vm-tools (which usually comes with a LOT of bugfixes by a pretty old version just to introduce the removed module again? It seems you're not willing to maintain this package properly, otherwise you'd look at your git repository (I'm sure it contains upstream's git, too) and revert the commit(s) which removed the vmmemctl module. Then - if you would care - would update the module to the latest version on kernel.org. And then you would test your changes properly on a VMware installation. Yes, I'm talking about proper testing, for example in some VMs on a ESX machine. Oh, you don't have ESX? I heard you can download it for free, at least for testing purposes. No hard tasks, so I fail to understand why we always run into RC bugs whenever we look at a new version of this package. I'd suggest you give the maintenance of open-vm-tools to somebody who actually cares about it. Or has the proper time to do so. - -- Bernd ZeimetzDebian GNU/Linux Developer http://bzed.dehttp://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJNB+W9AAoJEOs2Fxpv+UNfbvkQAL8ttFctD7DfcG4O2RzP0uyV 8sl8Nl+8fxM2lmuKPVvkH3BDjSDF3Da930Ezr29GAAnBPi3X+wDGNee1CuIPaa2+ QqKwoeEi4279E1TJ54oY8VLzrcNX2GXAvzrq9iJpKJnkkZzHHOz0vmi5M0CrdMtW a1qif8EhTKtrI85CGPrlknl9QnH4wOMPQ+CjjDkTwsifY3atytbw4dBhMDtQ7KR5 JmU2kb0C3ASPm8iA5lgc7GjgTagguE0EtV94ckjhY/m1oa2HQNqmqZIBJHmBIs6b 4azR9N0Sx2/kTq96Q9xt5+qqWI72in5Tz2bKoqYPXo0k6sp2aSQSOeWW+1ReaO45 J6/YQIDVLsZWBLSot6W4Epg237gsjsRuxXWTehIoMqBYAN4wKA6eVzxF7vauu7Zn HPUvyUWAyCdMgG4wR6uniO+iW7faQ5wihzSGXfm00tZHFYKSlGV/uAw6o9+8B1Dg xI7QaIGGtI6o2hwoyVBckq9U+/3kqddqoOsxrmL3b5zSEqfeWZv0JN83o8szO9ub yPKSEq13ycRr0RElgxfNDK2slDDi6gt/pv7kERQEy5FmGV1JWKM6A3xSMP3hJSBG zQMO6ZP693kwGKyi2hGnibJOdfQalrrNFT1FHVLQ45UFIGWvTU89JFDVkdKcm6cF xmnNVhSFK98GnhHMQhN+ =7NVl -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: tseries: FTBFS on armel: unable to load shared object
Adam, The armel build already happened, the link line is now gcc -shared -o quadprog.so aind.o init.o solve.QP.compact.o solve.QP.o util.o \ -lblas -lgfortran -lm -lgfortran -lm -L/usr/lib/R/lib -lR and so tseries should be able to load it just fine. Could you reschedule this as planned? Thanks, Dirk -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606756: [PATCH dash/debian-sid] debian/preinst: Do not error out if files are missing
Adam D. Barratt wrote: > On Tue, 2010-12-14 at 03:12 -0600, Jonathan Nieder wrote: >> Thanks. I've put something up at >> >> - git://repo.or.cz/dash/debian/jrn.git for-sid >> - http://mentors.debian.net/debian/pool/main/d/dash/dash_0.5.5.1-7.4.dsc [...] > I haven't managed to spot any obvious issues with it so far. Thanks for checking. I haven't been able to find problems either, so I'd be happy to see it uploaded. > In > practical terms, for the postinst at least, the existence check is a > little redundant for /bin/sh, on the basis that the script has a /bin/sh > shebang. Yes, the check is mostly for /usr/share/man/man1/sh.1.gz. Regards, Jonathan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: tseries: FTBFS on armel: unable to load shared object
On Tue, 2010-12-14 at 16:10 -0600, Dirk Eddelbuettel wrote: > Adam, > > The armel build already happened, the link line is now > > gcc -shared -o quadprog.so aind.o init.o solve.QP.compact.o solve.QP.o util.o > \ > -lblas -lgfortran -lm -lgfortran -lm -L/usr/lib/R/lib -lR > > and so tseries should be able to load it just fine. > > Could you reschedule this as planned? I've added a dep-wait on the new quadprog, so tseries should get picked up once the quadprog binNMU is seen by wanna-build. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: tagging 607117
Processing commands for cont...@bugs.debian.org: > tags 607117 + sid Bug #607117 [libsc-doc,librheolef-dev] librheolef-dev and libsc-doc: error when trying to install together Added tag(s) sid. > thanks Stopping processing here. Please contact me if you need assistance. -- 607117: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607117 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#605372: marked as done (tseries: FTBFS on armel: unable to load shared object)
Your message dated Tue, 14 Dec 2010 22:38:23 + with message-id <1292366303.19004.787.ca...@hathi.jungle.funky-badger.org> and subject line Re: Bug#605372: tseries: FTBFS on armel: unable to load shared object has caused the Debian Bug report #605372, regarding tseries: FTBFS on armel: unable to load shared object to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605372: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605372 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tseries Version: 0.10-23-1 Severity: serious Tags: sid Hello, Your package fails to build on armel: gcc -shared -o tseries.so arma.o bdstest.o boot.o dsumsl.o formats.o garch.o ppsum.o tsutils.o -lblas -lgfortran -lm -lgfortran -lm -L/usr/lib/R/lib -lR make[1]: Leaving directory `/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/src' make[1]: Entering directory `/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/src' make[1]: Leaving directory `/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/src' installing to /build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/debian/r-cran-tseries/usr/lib/R/site-library/tseries/libs ** R ** data ** inst ** preparing package for lazy loading Error in dyn.load(file, DLLpath = DLLpath, ...) : unable to load shared object '/usr/lib/R/site-library/quadprog/libs/quadprog.so': libRblas.so: cannot open shared object file: No such file or directory Error : package 'quadprog' could not be loaded ERROR: lazy loading failed for package 'tseries' * removing '/build/buildd-tseries_0.10-23-1-armel-nMwoak/tseries-0.10-23/debian/r-cran-tseries/usr/lib/R/site-library/tseries' make: *** [R_any_arch] Error 1 Full buildlog at: https://buildd.debian.org/fetch.cgi?pkg=tseries;ver=0.10-23-1;arch=armel;stamp=1289798034 Best regards, -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (700, 'unstable'), (600, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- On Tue, 2010-12-14 at 22:22 +, Adam D. Barratt wrote: > On Tue, 2010-12-14 at 16:10 -0600, Dirk Eddelbuettel wrote: > > Adam, > > > > The armel build already happened, the link line is now > > > > gcc -shared -o quadprog.so aind.o init.o solve.QP.compact.o solve.QP.o > > util.o \ > > -lblas -lgfortran -lm -lgfortran -lm -L/usr/lib/R/lib -lR > > > > and so tseries should be able to load it just fine. > > > > Could you reschedule this as planned? > > I've added a dep-wait on the new quadprog, so tseries should get picked > up once the quadprog binNMU is seen by wanna-build. and it's now built, so I'm closing this bug. Regards, Adam --- End Message ---
Bug#607141: xm block-attach failed on domU
Package: linux-image-2.6-xen-amd64 Version: 2.6.26-26lenny1 Severity: critical Tags: lenny Execution of xm block-attach to PV domU failed and I have got Ooops kernel messages in attachment. After that domU wasn't manageable from dom0 - all xm commands were not successful and I had to shutdown the domU from the pty (ssh) console. Both dom0 and domU were running same kernel version. -- Peter Viskup Dec 13 16:29:04 tis kernel: [83118.676876] BUG: unable to handle kernel NULL pointer dereference at Dec 13 16:29:04 tis kernel: [83118.676898] IP: [] backend_changed+0x1bf/0x23a Dec 13 16:29:04 tis kernel: [83118.676920] PGD 1e82f067 PUD 1f1a8067 PMD 0 Dec 13 16:29:04 tis kernel: [83118.676933] Oops: [1] SMP Dec 13 16:29:04 tis kernel: [83118.676941] CPU 0 Dec 13 16:29:04 tis kernel: [83118.676948] Modules linked in: iptable_filter ip_tables x_tables ipv6 xfs evdev ext3 jbd mbcache dm_mirror dm_log dm_snapshot dm_mod thermal_sys cciss scsi_mod Dec 13 16:29:04 tis kernel: [83118.676991] Pid: 19, comm: xenwatch Not tainted 2.6.26-2-xen-amd64 #1 Dec 13 16:29:04 tis kernel: [83118.677000] RIP: e030:[] [] backend_changed+0x1bf/0x23a Dec 13 16:29:04 tis kernel: [83118.677015] RSP: e02b:88001fd11e60 EFLAGS: 00010246 Dec 13 16:29:04 tis kernel: [83118.677023] RAX: RBX: 880006dec000 RCX: Dec 13 16:29:04 tis kernel: [83118.677032] RDX: 88001fd11de8 RSI: 0005 RDI: 88001f12c400 Dec 13 16:29:04 tis kernel: [83118.677041] RBP: 8038327f R08: 0005 R09: Dec 13 16:29:04 tis kernel: [83118.677050] R10: 8800850bb000 R11: 8038cf45 R12: 88001f12c400 Dec 13 16:29:04 tis kernel: [83118.677059] R13: 8057c580 R14: 8057d1c0 R15: Dec 13 16:29:04 tis kernel: [83118.677070] FS: 7f53a5d766e0() GS:8053a000() knlGS: Dec 13 16:29:04 tis kernel: [83118.677080] CS: e033 DS: ES: Dec 13 16:29:04 tis kernel: [83118.677087] DR0: DR1: DR2: Dec 13 16:29:04 tis kernel: [83118.677097] DR3: DR6: 0ff0 DR7: 0400 Dec 13 16:29:04 tis kernel: [83118.677106] Process xenwatch (pid: 19, threadinfo 88001fd1, task 88001fd08140) Dec 13 16:29:04 tis kernel: [83118.677116] Stack: 8057c580 80383a01 88001f059c40 88001f12c400 Dec 13 16:29:04 tis kernel: [83118.677133] 8052a968 8057c580 8057d1c0 80381c19 Dec 13 16:29:04 tis kernel: [83118.677148] 00058038327f 88001f1f2d80 Dec 13 16:29:04 tis kernel: [83118.677161] Call Trace: Dec 13 16:29:04 tis kernel: [83118.677172] [] ? xenbus_device_find+0x28/0x31 Dec 13 16:29:04 tis kernel: [83118.677184] [] ? xenbus_read_driver_state+0x26/0x3b Dec 13 16:29:04 tis kernel: [83118.677195] [] ? xenwatch_thread+0x0/0x186 Dec 13 16:29:04 tis kernel: [83118.677206] [] ? xenwatch_handle_callback+0x15/0x48 Dec 13 16:29:04 tis kernel: [83118.677216] [] ? xenwatch_thread+0x16d/0x186 Dec 13 16:29:04 tis kernel: [83118.677227] [] ? autoremove_wake_function+0x0/0x2e Dec 13 16:29:04 tis kernel: [83118.677237] [] ? kthread+0x47/0x74 Dec 13 16:29:04 tis kernel: [83118.677247] [] ? schedule_tail+0x27/0x5c Dec 13 16:29:04 tis kernel: [83118.677257] [] ? child_rip+0xa/0x12 Dec 13 16:29:04 tis kernel: [83118.677268] [] ? kthread+0x0/0x74 Dec 13 16:29:04 tis kernel: [83118.677276] [] ? child_rip+0x0/0x12 Dec 13 16:29:04 tis kernel: [83118.677283] Dec 13 16:29:04 tis kernel: [83118.677287] Dec 13 16:29:04 tis kernel: [83118.677291] Code: 23 3e 17 00 c6 40 01 00 80 38 00 74 05 e8 f1 00 ff ff 48 8b 7b 08 e8 56 8e f7 ff c7 83 9c 1a 00 00 01 00 00 00 eb 74 48 8b 43 08 <8b> 38 c1 e7 14 0b 78 04 e8 10 40 f2 ff 48 85 c0 48 89 c5 75 16 Dec 13 16:29:04 tis kernel: [83118.677391] RIP [] backend_changed+0x1bf/0x23a Dec 13 16:29:04 tis kernel: [83118.677402] RSP Dec 13 16:29:04 tis kernel: [83118.677408] CR2: Dec 13 16:29:04 tis kernel: [83118.677419] ---[ end trace 75e2ecdeadd46e28 ]---
Bug#607142: overwrites custom plymouth configuration
Package: desktop-base Version: 6.0.4 Severity: serious Hi, I'm using a custom theme for plymouth and desktop-base overwrites that setting on each upgrade. I'm filing this bug with severity serious as the package overwrites custom configuration in /etc/ (/etc/plymouth/plymouthd.conf). Michael -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (200, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages desktop-base depends on: ii librsvg2-common 2.26.3-1 SAX-based renderer library for SVG desktop-base recommends no packages. Versions of packages desktop-base suggests: ii gnome 1:2.30+7 The GNOME Desktop Environment, wit -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606756: marked as done (dash: Relies on /usr/share/man/man1/sh.1.gz existing)
Your message dated Tue, 14 Dec 2010 23:02:07 + with message-id and subject line Bug#606756: fixed in dash 0.5.5.1-7.4 has caused the Debian Bug report #606756, regarding dash: Relies on /usr/share/man/man1/sh.1.gz existing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606756: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606756 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: dash Version: 0.5.5.1-7.3 Severity: important I have Lenny on a thin client with a limited amount of disk space. All documentation has been removed. The upgrade to Squeeze stops with cp: cannot stat '/usr/share/man/man1/sh.1.gz': No such file or directory dpkg: error processing /var/cache/apt/archives/dash_0.5.5.1-7.3_i386.deb (--unpack): It will proceed after doing dpkg-divert --remove /bin/sh touch /usr/share/man/man1/sh.1.gz and relinking /bin/sh to bash but this was not obvious to me at the time. Wouldn't it be better to check for the presence of sh.1.gz and still allow the upgrade to go ahead in its absence? -- System Information: Debian Release: 5.0.6 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dash depends on: ii libc6 2.7-18lenny6 GNU C Library: Shared libraries dash recommends no packages. dash suggests no packages. --- End Message --- --- Begin Message --- Source: dash Source-Version: 0.5.5.1-7.4 We believe that the bug you reported is fixed in the latest version of dash, which is due to be installed in the Debian FTP archive: ash_0.5.5.1-7.4_all.deb to main/d/dash/ash_0.5.5.1-7.4_all.deb dash_0.5.5.1-7.4.diff.gz to main/d/dash/dash_0.5.5.1-7.4.diff.gz dash_0.5.5.1-7.4.dsc to main/d/dash/dash_0.5.5.1-7.4.dsc dash_0.5.5.1-7.4_amd64.deb to main/d/dash/dash_0.5.5.1-7.4_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 606...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jonathan Nieder (supplier of updated dash package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 14 Dec 2010 01:33:42 -0600 Source: dash Binary: dash ash Architecture: source all amd64 Version: 0.5.5.1-7.4 Distribution: unstable Urgency: low Maintainer: Gerrit Pape Changed-By: Jonathan Nieder Description: ash- compatibility package for dash dash - POSIX-compliant shell Closes: 606756 Changes: dash (0.5.5.1-7.4) unstable; urgency=low . * Non-maintainer upload. * dash.preinst: Do not error out if /bin/sh or its manpage is not already present (thx Brian Potkin; closes: #606756). * dash.postinst: Cope with missing files. Atomically replace /bin/sh and its manpage rather than removing and re-creating them (thx Adam D. Barratt). Checksums-Sha1: de94e49f1b89b153c4ffeb0fdd2d1f148d81fdf3 1675 dash_0.5.5.1-7.4.dsc 66f2ef5395bf2c63035ff41479b6e5274889d6cf 50702 dash_0.5.5.1-7.4.diff.gz 6f10fd7456ab658db174eee20ccce7b4e07649dd 25644 ash_0.5.5.1-7.4_all.deb cbfee06c79dc110d88b71914863f29367eca1271 107810 dash_0.5.5.1-7.4_amd64.deb Checksums-Sha256: 229729be38d8ae0cad6c632d86fc74a3e7d4ca3785e936e4ed0a8789436dcb7d 1675 dash_0.5.5.1-7.4.dsc d8746e0d2cc8d3e5be7168e36fe3bcb09ae0a64e068ce8a07b50b61f8bfc77da 50702 dash_0.5.5.1-7.4.diff.gz 414ffcb2fa60c34945aa68e210ff6ade6ccce52a4e07716789de1bef93fd75ff 25644 ash_0.5.5.1-7.4_all.deb b3be6239eccf417afd011f171adbfe294697d5328c260aab30fcaafcda5e4649 107810 dash_0.5.5.1-7.4_amd64.deb Files: 923bff77a99844ed02f6b5a859aee42a 1675 shells optional dash_0.5.5.1-7.4.dsc 1777b6fd854c437e562f5ede005b318a 50702 shells optional dash_0.5.5.1-7.4.diff.gz b5ba92e767d584766654ffec7e9e2049 25644 shells optional ash_0.5.5.1-7.4_all.deb 011fb776e2a271036b35ea730679d91a 107810 shells required dash_0.5.5.1-7.4_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJNB/WkAAoJEMXOXcLFQs1ZluwQAIf4+cj+lUFH/7/BS06iBDN9 UzLSZg+LdjUIcdbRWj+pCoC+6t+mTlnvi0G+i3ldmljsMoimddpYN7FkF/cQTVnF HyT0xmGrFHZhbA0luBfwOkLRbP4bjO2MS4y8t3KuJ/LRc+QACb4
Processed: severity of 607141 is important
Processing commands for cont...@bugs.debian.org: > severity 607141 important Bug #607141 [linux-image-2.6-xen-amd64] xm block-attach failed on domU Severity set to 'important' from 'critical' > thanks Stopping processing here. Please contact me if you need assistance. -- 607141: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607141 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606756: dash: diff for 0.5.5.1-7.4 NMU
tag 606756 + patch
thanks
Hi,
I've uploaded Jonathan's patch for this bug, using the .dsc provided
earlier in the log. For completeness, the patch for the NMU is
attached.
Regards,
Adam
diff -u dash-0.5.5.1/debian/dash.postinst dash-0.5.5.1/debian/dash.postinst
--- dash-0.5.5.1/debian/dash.postinst
+++ dash-0.5.5.1/debian/dash.postinst
@@ -1,6 +1,25 @@
#!/bin/sh
set -e
+# $1: dfile, $2: link target, $3: distrib
+replace_with_link() {
+ dfile=$1; ltarget=$2; distrib=$3
+ temp=$dfile.tmp
+ # Safely create a symlink to $ltarget at $dfile, first
+ # making a backup of $dfile (the file being diverted)
+ # in $distrib.
+ #
+ # The cp / ln -s / mv dance avoids having to live without
+ # $dfile (think: /bin/sh) for even a moment, so applications
+ # running in parallel can continue without trouble.
+ # See dash.preinst for details.
+ if [ -e "$dfile" ]; then
+ cp -dp "$dfile" "$distrib"
+ fi
+ ln -sf "$ltarget" "$temp"
+ mv -f "$temp" "$dfile"
+}
+
# $1: case, $2: dfile, $3: ltarget [, $4: distrib]
check_divert() {
dfile=$2; ltarget=$3
@@ -28,10 +47,7 @@
if [ -n "$truename" ]; then
rm -f "$truename"
fi
- # Safely create a slink to $ltarget at $dfile
- # by first making a copy of $dfile at $distrib
- cp -dp $dfile $distrib
- ln -sf $ltarget $dfile
+ replace_with_link $dfile $ltarget $distrib
fi
;;
false)
@@ -48,8 +64,7 @@
rm -f "$truename"
fi
# Point everything back to bash
- cp -dp $dfile $distrib
- ln -sf $bash $dfile
+ replace_with_link $dfile $bash $distrib
fi
;;
ash)
@@ -75,7 +90,8 @@
if [ "$dst" != $distrib ] && [ -e "$dst" ]; then
mv "$dst" $distrib
fi
- ln -sf $3 $2
+ ln -sf $3 $2.tmp
+ mv -f $2.tmp $2
;;
*)
d=${2%/*}
@@ -83,7 +99,8 @@
[ -h $2 ] && [ -f $2 ] && [ -f $d/$5 ] &&
cmp $2 $d/$5
then
-ln -sf $3 $2
+ln -sf $3 $2.tmp
+mv -f $2.tmp $2
fi
;;
esac
diff -u dash-0.5.5.1/debian/dash.preinst dash-0.5.5.1/debian/dash.preinst
--- dash-0.5.5.1/debian/dash.preinst
+++ dash-0.5.5.1/debian/dash.preinst
@@ -15,7 +15,9 @@
# intermediate temporary file as ln -sf is not atomic.
# dpkg-divert's --rename direct equivalent would be:
# mv $dfile $distrib -- but we could end up without a symlink
- cp -dp $dfile $distrib
+ if [ -e $dfile ]; then
+ cp -dp $dfile $distrib
+ fi
ln -sf $ltarget $temp
mv -f $temp $dfile
dpkg-divert --package dash --divert $distrib --add $dfile
diff -u dash-0.5.5.1/debian/changelog dash-0.5.5.1/debian/changelog
--- dash-0.5.5.1/debian/changelog
+++ dash-0.5.5.1/debian/changelog
@@ -1,3 +1,14 @@
+dash (0.5.5.1-7.4) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * dash.preinst: Do not error out if /bin/sh or its manpage is
+not already present (thx Brian Potkin; closes: #606756).
+ * dash.postinst: Cope with missing files. Atomically replace
+/bin/sh and its manpage rather than removing and re-creating them
+(thx Adam D. Barratt).
+
+ -- Jonathan Nieder Tue, 14 Dec 2010 01:33:42 -0600
+
dash (0.5.5.1-7.3) unstable; urgency=medium
* Non-maintainer upload.
Processed: dash: diff for 0.5.5.1-7.4 NMU
Processing commands for cont...@bugs.debian.org:
> tag 606756 + patch
Bug #606756 {Done: Jonathan Nieder } [dash] dash: Relies on
/usr/share/man/man1/sh.1.gz existing
Ignoring request to alter tags of bug #606756 to the same tags previously set
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
606756: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606756
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606263: [Pkg-awstats-devel] Bug#606263: Multiple security issues
tag 606263 pending thanks > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4369 Fixed in repo: http://git.debian.org/?p=collab-maint/awstats.git;a=commit;h=aaf089d10ce4e12e6d499089407d93c62511e9c0 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4368 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367 Fixed in repo: http://git.debian.org/?p=collab-maint/awstats.git;a=commit;h=1f56eefe28c8d25b51f070ba4d29db7203355af0 http://git.debian.org/?p=collab-maint/awstats.git;a=commit;h=fb1436bc846ff40ab84e981ac07632cd1f0a4f95 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#603048: rails: Gives dangerous advice regarding log permissions
Steve M. Robbins dijo [Mon, Dec 13, 2010 at 10:25:41PM -0600]: > > > Do you happen to have access to git.debian.org? If you do, can you > > > apply your patch? The procedure is basically, > > > (...) > > > > Done. Thanks! > > OK, are one of you going to make the upload to close this bug > before squeeze? As it is not clear whom are you targetting with your question: I committed to Git, but I'd expect Adam to perform the honors, as he is the official maintainer. Adam, if you want me to do the upload, please tell so. signature.asc Description: Digital signature
Processed: Re: [Pkg-awstats-devel] Bug#606263: Multiple security issues
Processing commands for cont...@bugs.debian.org: > tag 606263 pending Bug #606263 [awstats] Multiple security issues Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 606263: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606940: r-cran-vr: not installable in sid
retitle 606940 "RM: vr -- RoM, removed upstreeam" thanks As mentioned before, this used to exist upstream and has been reorganised into component packages one of which now provides "r-cran-vr" for reverse depends. Dirk -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#606940: r-cran-vr: not installable in sid
Processing commands for cont...@bugs.debian.org: > retitle 606940 "RM: vr -- RoM, removed upstreeam" Bug #606940 [ftp.debian.org] r-cran-vr: not installable in sid Changed Bug title to '"RM: vr -- RoM, removed upstreeam"' from 'r-cran-vr: not installable in sid' > thanks Stopping processing here. Please contact me if you need assistance. -- 606940: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606940 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601977: cyrus-sasl2-heimdal-dbg: file conflict during upgrade from lenny
On Tue, Dec 14, 2010 at 08:03:10PM +0100, Luca Capello wrote: > Hi there! > > On Tue, 14 Dec 2010 01:29:01 +0100, Roberto C. Sánchez wrote: > >> > created by dh_strip, excerpted from debian/rules below: > >> > > >> > dh_strip -s -psasl2-bin -plibsasl2-2 -plibsasl2-modules > >> > -plibsasl2-modules-ldap -plibsasl2-modules-otp -plibsasl2-modules-sql > >> > -plibsasl2-modules-gssapi-mit -plibsasl2-dev > >> > -Nlibsasl2-modules-gssapi-heimdal --dbg-package=cyrus-sasl2-dbg > >> > dh_strip -s -plibsasl2-modules-gssapi-heimdal -Nsasl2-bin -Nlibsasl2-2 > >> > -Nlibsasl2-modules -Nlibsasl2-modules-ldap -Nlibsasl2-modules-otp > >> > -Nlibsasl2-modules-sql -Nlibsasl2-modules-gssapi-mit -Nlibsasl2-dev > >> > --dbg-package=cyrus-sasl2-heimdal-dbg > >> > > >> > Both packages need to be able to be installed together, so my question > >> > centers around whehter it is OK to put a diversion in place so that > >> > cyrus-sasl2-heimdal-dbg diverts the file. What does everyone think? > > I guess that it would have helped me quite a lot to know that this bug > had a reply and it was now ignored for quite a month, but it seems that > the reply above was not sent to the BTS and only to the mailing list: > > > http://lists.alioth.debian.org/pipermail/pkg-cyrus-sasl2-debian-devel/2010-October/001957.html > > >> So, it appears that there are some other possibilities, thanks to a > >> posting by Luca Capello [0]. > > Is there any reason why you did not Cc: me? I was wondering if this bug > was forgot, given that I did not receive any update on it (and no, going > to the BTS or subscribing to *every* bug someone is interacting with it > is not an acceptable solution). > My apologies. That was an oversight on my part. > >> The first possibility is trivial, but is not as "correct." The > >> second is more "correct" but a larger diff. Given that this must go > >> into Lenny, what opinion or preference does the release team have on > >> the matter? > [...] > > > > Given the just announced deep freeze, I'd like some guidance from the > > release team on this, so that I can prepare an update with an acceptable > > fix to go into Squeeze. > > I am not a library expert, but you cannot install both libraries > together: > = > l...@gismo:~$ apt-cache show libsasl2-modules-gssapi-mit | grep Conflicts > Conflicts: libsasl2-modules-gssapi-heimdal > l...@gismo:~$ > = > > So, if you want to debug the GSSAPI Heimdal library you need > cyrus-sasl2-heimdal-dbg and, I guess, at the same time > libsasl2-modules-gssapi-heimdal. Given that the latter conflicts with > the former, it seems clear that the correct approach is the second > option I proposed. > Thanks. Would the release team be willing to accept an upload consisting of the patch which Luca provided to fix #601977? Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Bug#607159: MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)
Package: mantis Version: 1.1.6+dfsg-2lenny4 Severity: critical Tags: security patch upstream fixed-upstream The MantisBT project was notified by Gjoko Krstic of Zero Science Lab (gj...@zeroscience.mk) of multiple vulnerabilities affecting MantisBT <1.2.4. The two following advisories have been released explaining the vulnerabilities in greater detail: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4984.php As one of these vulnerabilities allows the reading of arbitrary files from the file system we are treating this issue with critical severity. Please note that this issue only affects users who have not removed the "admin" directory from their MantisBT installation. We recommend, instruct and warn users to remove this directory after installation however it is clear that many users ignore these warnings. I have requested CVE numbers via oss-sec (awaiting list moderation). As Debian is using MantisBT 1.1.x you will need to apply the following patch to resolve the issue in this older version of MantisBT: http://git.mantisbt.org/?p=mantisbt.git;a=commitdiff_plain;h=2641fdc60d2032ae1586338d6416e1eadabd7590 We have also released MantisBT 1.2.4 which resolves the issue for users of our stable 1.2.x branch. The bug report tracking this issue upstream at MantisBT: http://www.mantisbt.org/bugs/view.php?id=12607 If there are any questions or concerns please feel free to contact me. signature.asc Description: This is a digitally signed message part
Bug#542915: pbuilder removes data from bind-mounted directories
tag 542915 +patch
usertags 542915 -in-progress +patch-in-git
thanks
Attached is my minimal patch solving the problem of data loss in
bind-mounted directories. It provides a safety net that, in the event that
*anything* is still mounted inside the chroot, no attempt to delete anything
will be made. Whilst this may, in some corner cases, result in failure to
cleanup a chroot when previously (most) things would have been deleted, it
should never effect most users.
I've exercised this patch in every way I can think of (bind-mounting things
left and right, regular mounts, symlinks to mounts, etc) and I haven't been
able to get it to actually delete anything any more.
Jakub, I'd appreciate it if you would be able to apply the patch to your
local pbuilder installation (it should go onto pbuilder-modulers in-situ,
without a need for a rebuild) and see if you can find any ways to break it.
- Matt
>From b13d3b8a9757da6bd84fd374b7948919fff1df80 Mon Sep 17 00:00:00 2001
From: Matt Palmer
Date: Wed, 15 Dec 2010 07:21:00 +1100
Subject: [PATCH] Ensure that nothing is still mounted before deleting the build chroot. Closes: #542915
Whilst pbuilder is quite careful to minimise the risk of accidental data
removal (with find -xdev, unmounting everything it mounts, etc), there is
one case that it doesn't handle -- directories on the same filesystem as the
chroot being bind-mounted into the chroot, because -xdev doesn't recognise
the mount as a separate filesystem and pbuilder doesn't know to unmount it
because it didn't mount it in the first place.
This patch acts as a final safety net, to avoid attempting to delete
anything if there is anything at all still mounted in the chroot.
---
pbuilder-modules | 20 +---
1 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/pbuilder-modules b/pbuilder-modules
index db6988b..8e23cdb 100644
--- a/pbuilder-modules
+++ b/pbuilder-modules
@@ -319,9 +319,23 @@ function cleanbuildplace () {
log "W: Aborting with an error";
fi
if [ "${INTERNAL_BUILD_UML}" != "yes" ]; then
- if [ -d "$BUILDPLACE" ]; then
- log "I: cleaning the build env "
- clean_subdirectories "$BUILDPLACE"
+if [ -d "$BUILDPLACE" ]; then
+# A directory on the same partition as $BUILDPLACE, bind-mounted
+# into $BUILDPLACE, will be cleaned out by clean_subdirectories
+# (because -xdev doesn't know about bind mounts). To avoid that
+# potential disaster (and also to avoid ugly error messages from
+# rmdir otherwise), we want to make sure that there is *nothing*
+# mounted under the chroot before we do our bulldozer routine.
+#
+# The readlink -f is a simple way to canonicalize the path for
+# $BUILDPLACE (no dirty double slashes for *us*), so it matches
+# what will be in the output of mount.
+if mount |grep -q $(readlink -f $BUILDPLACE)/; then
+log "E: Something is still mounted under ${BUILDPLACE}; unmount and remove ${BUILDPLACE} manually"
+else
+log "I: cleaning the build env "
+clean_subdirectories "$BUILDPLACE"
+fi
fi;
fi
}
--
1.5.6.5
Processed: pbuilder removes data from bind-mounted directories
Processing commands for cont...@bugs.debian.org: > tag 542915 +patch Bug #542915 [pbuilder] pbuilder: removes data from bind-mounted directories Added tag(s) patch. > usertags 542915 -in-progress +patch-in-git Bug#542915: pbuilder: removes data from bind-mounted directories User is mpal...@debian.org Usertags were: in-progress. Usertags are now: . > thanks Stopping processing here. Please contact me if you need assistance. -- 542915: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542915 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#607142: overwrites custom plymouth configuration
On mar., 2010-12-14 at 23:43 +0100, Michael Biebl wrote: > I'm using a custom theme for plymouth and desktop-base overwrites that > setting on each upgrade. The same is true for splashy and grub, was true in Lenny (and Etch, I guess). > > I'm filing this bug with severity serious as the package overwrites > custom configuration in /etc/ (/etc/plymouth/plymouthd.conf). To be precise, no, it doesn't overwrite the configuration. But yes, it sets the default theme (by calling the relevant plymouth command). The whole point of desktop-base is to provide a theme for the whole desktop. For now, if you want to only use a subset of the themes, yes, you have to reconfigure that at each upgrade. If you have an idea on how to do that more smoothly, you're welcome to propose it. Regards, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#605156: marked as done (pybliographer: Use of PYTHONPATH env var in an insecure way)
Your message dated Wed, 15 Dec 2010 07:47:36 +
with message-id
and subject line Bug#605153: fixed in pybliographer 1.2.12-4squeeze1
has caused the Debian Bug report #605153,
regarding pybliographer: Use of PYTHONPATH env var in an insecure way
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
605153: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605153
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pybliographer
Version: 1.2.14-2
Severity: grave
Tags: security
User: debian-pyt...@lists.debian.org
Usertags: pythonpath
Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in
an insecure way. Those packages do something like:
PYTHONPATH=/spam/eggs:$PYTHONPATH
This is wrong, because if PYTHONPATH were originally unset or empty,
current working directory would be added to sys.path.
[1] http://lists.debian.org/debian-python/2010/11/msg00045.html
Your package turns out to have vulnerable scripts in PATH: you can
find a complete log at [2].
[2] http://people.debian.org/~morph/mbf/pythonpath.txt
Some guidelines on how to fix these bugs: in the case given above, you
can use something like
PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH}
(If you don't known this construct, grep for "Use Alternative Value"
in the bash/dash manpage.)
Also, in cases like
PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH
or
PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py
you shouldn't need to touch PYTHONPATH at all.
Feel free to contact debian-pyt...@lists.debian.org in case of
help.
--- End Message ---
--- Begin Message ---
Source: pybliographer
Source-Version: 1.2.12-4squeeze1
We believe that the bug you reported is fixed in the latest version of
pybliographer, which is due to be installed in the Debian FTP archive:
pybliographer_1.2.12-4squeeze1.diff.gz
to main/p/pybliographer/pybliographer_1.2.12-4squeeze1.diff.gz
pybliographer_1.2.12-4squeeze1.dsc
to main/p/pybliographer/pybliographer_1.2.12-4squeeze1.dsc
pybliographer_1.2.12-4squeeze1_all.deb
to main/p/pybliographer/pybliographer_1.2.12-4squeeze1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 605...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Lawrence (supplier of updated pybliographer package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sat, 11 Dec 2010 13:30:54 -0600
Source: pybliographer
Binary: pybliographer
Architecture: source all
Version: 1.2.12-4squeeze1
Distribution: testing-proposed-updates
Urgency: high
Maintainer: Chris Lawrence
Changed-By: Chris Lawrence
Description:
pybliographer - tool for manipulating bibliographic databases
Closes: 605153
Changes:
pybliographer (1.2.12-4squeeze1) testing-proposed-updates; urgency=high
.
* Remove code involving $PYTHONPATH from scripts, since it adds an
"extras" directory that no longer seems to exist. (Closes: #605153)
Checksums-Sha1:
433d055e0d8d46b91ecd67460f38f571a30889c5 1218
pybliographer_1.2.12-4squeeze1.dsc
f69db86d094d778620e11dbb9426ed1b8d90bbf1 17216
pybliographer_1.2.12-4squeeze1.diff.gz
0f4ea3a59c779d3c212f0dcf5a9de5ccf2ca50a3 640230
pybliographer_1.2.12-4squeeze1_all.deb
Checksums-Sha256:
0dd42b897b2451a4cb350a6bb36fde8401d8f8ee5a0ccf6afab93fe876e2cd43 1218
pybliographer_1.2.12-4squeeze1.dsc
e8a9339d54447e99905b6ed74a8a55efe051689c97add33ee45de630073acedd 17216
pybliographer_1.2.12-4squeeze1.diff.gz
62a4cf73cd3d66e679338122bc49ad2e8c42bd175913afa078b020c679708389 640230
pybliographer_1.2.12-4squeeze1_all.deb
Files:
cf7bfadfa7fbb150769df5218f72ec62 1218 gnome optional
pybliographer_1.2.12-4squeeze1.dsc
8c117be36e8f669d8402181de2d30c5e 17216 gnome optional
pybliographer_1.2.12-4squeeze1.diff.gz
862b8210ab9003e14449dd375cd7fd6a 640230 gnome optional
pybliographer_1.2.12-4squeeze1_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk0D0bUACgkQ2wQKE6PXubzVxwCeODb+28z1WAH3WTtLg6mCtBCW
M8UAn2C8orXiAAtOnpPkKTmS6WtA95VW
=p6it
-END PGP SIGNATURE-
--- End Message ---
Bug#605153: marked as done (pybliographer: Use of PYTHONPATH env var in an insecure way)
Your message dated Wed, 15 Dec 2010 07:47:36 +
with message-id
and subject line Bug#605153: fixed in pybliographer 1.2.12-4squeeze1
has caused the Debian Bug report #605153,
regarding pybliographer: Use of PYTHONPATH env var in an insecure way
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
605153: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605153
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pybliographer
Version: 1.2.14-2
Severity: grave
Tags: security
User: debian-pyt...@lists.debian.org
Usertags: pythonpath
Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in
an insecure way. Those packages do something like:
PYTHONPATH=/spam/eggs:$PYTHONPATH
This is wrong, because if PYTHONPATH were originally unset or empty,
current working directory would be added to sys.path.
[1] http://lists.debian.org/debian-python/2010/11/msg00045.html
Your package turns out to have vulnerable scripts in PATH: you can
find a complete log at [2].
[2] http://people.debian.org/~morph/mbf/pythonpath.txt
Some guidelines on how to fix these bugs: in the case given above, you
can use something like
PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH}
(If you don't known this construct, grep for "Use Alternative Value"
in the bash/dash manpage.)
Also, in cases like
PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH
or
PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py
you shouldn't need to touch PYTHONPATH at all.
Feel free to contact debian-pyt...@lists.debian.org in case of
help.
--- End Message ---
--- Begin Message ---
Source: pybliographer
Source-Version: 1.2.12-4squeeze1
We believe that the bug you reported is fixed in the latest version of
pybliographer, which is due to be installed in the Debian FTP archive:
pybliographer_1.2.12-4squeeze1.diff.gz
to main/p/pybliographer/pybliographer_1.2.12-4squeeze1.diff.gz
pybliographer_1.2.12-4squeeze1.dsc
to main/p/pybliographer/pybliographer_1.2.12-4squeeze1.dsc
pybliographer_1.2.12-4squeeze1_all.deb
to main/p/pybliographer/pybliographer_1.2.12-4squeeze1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 605...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Lawrence (supplier of updated pybliographer package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sat, 11 Dec 2010 13:30:54 -0600
Source: pybliographer
Binary: pybliographer
Architecture: source all
Version: 1.2.12-4squeeze1
Distribution: testing-proposed-updates
Urgency: high
Maintainer: Chris Lawrence
Changed-By: Chris Lawrence
Description:
pybliographer - tool for manipulating bibliographic databases
Closes: 605153
Changes:
pybliographer (1.2.12-4squeeze1) testing-proposed-updates; urgency=high
.
* Remove code involving $PYTHONPATH from scripts, since it adds an
"extras" directory that no longer seems to exist. (Closes: #605153)
Checksums-Sha1:
433d055e0d8d46b91ecd67460f38f571a30889c5 1218
pybliographer_1.2.12-4squeeze1.dsc
f69db86d094d778620e11dbb9426ed1b8d90bbf1 17216
pybliographer_1.2.12-4squeeze1.diff.gz
0f4ea3a59c779d3c212f0dcf5a9de5ccf2ca50a3 640230
pybliographer_1.2.12-4squeeze1_all.deb
Checksums-Sha256:
0dd42b897b2451a4cb350a6bb36fde8401d8f8ee5a0ccf6afab93fe876e2cd43 1218
pybliographer_1.2.12-4squeeze1.dsc
e8a9339d54447e99905b6ed74a8a55efe051689c97add33ee45de630073acedd 17216
pybliographer_1.2.12-4squeeze1.diff.gz
62a4cf73cd3d66e679338122bc49ad2e8c42bd175913afa078b020c679708389 640230
pybliographer_1.2.12-4squeeze1_all.deb
Files:
cf7bfadfa7fbb150769df5218f72ec62 1218 gnome optional
pybliographer_1.2.12-4squeeze1.dsc
8c117be36e8f669d8402181de2d30c5e 17216 gnome optional
pybliographer_1.2.12-4squeeze1.diff.gz
862b8210ab9003e14449dd375cd7fd6a 640230 gnome optional
pybliographer_1.2.12-4squeeze1_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk0D0bUACgkQ2wQKE6PXubzVxwCeODb+28z1WAH3WTtLg6mCtBCW
M8UAn2C8orXiAAtOnpPkKTmS6WtA95VW
=p6it
-END PGP SIGNATURE-
--- End Message ---
