Bug#685476: pcp: CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 CVE-2012-3421
Package: pcp Severity: grave Tags: security Justification: user security hole Florian Weimer discovered several issues in pcp. Details and patches are available in Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3418 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3419 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3420 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3421 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685418: lbzip2: build-arch target in debian/rules doesn't work
Hi, On Mon, Aug 20, 2012 at 06:54:17PM +0200, Mikołaj Izdebski wrote: Package: lbzip2 Version: 2.1-1 Severity: grave Justification: renders package unusable build-arch of debian/rules doesn't work properly. The package can be built using build target, but buildd builds packages using build-arch and build-indep (if they are present). As a result packages built by buildd have no content except for documentation. Such packages are obviously completely unusable, hence the grave severity. Thanks for fixing the issue in unstable! But I fear you will have to fix it in testing too, as I do not think RT will allow 2.2-2 in testing at this point of the freeze. Regards Evgeni -- Bruce Schneier can read and understand Perl programs. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685469: ekg2: missing copyright file
On Tue, Aug 21, 2012 at 04:46:21AM +0200, Andreas Beckmann wrote: Package: ekg2 Version: 1:0.3.1-1 Severity: serious Justification: Policy 12.5 User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed that your package does not contain a copyright file. # ls -la /usr/share/doc/ekg2 total 0 drwxr-xr-x 2 root root 140 Aug 21 02:42 . drwxr-xr-x 154 root root 3580 Aug 21 02:42 .. lrwxrwxrwx 1 root root 26 Nov 14 2011 commands-pl.txt - ../../ekg2/commands-pl.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-en.txt - ../../ekg2/session-en.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-pl.txt - ../../ekg2/session-pl.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-en.txt - ../../ekg2/vars-en.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-pl.txt - ../../ekg2/vars-pl.txt # ls -lad /usr/share/doc/ekg2 drwxr-xr-x 2 root root 140 Aug 21 02:42 /usr/share/doc/ekg2 Interesting. What architecture is this? This looks different on my TV: mowsiany@beczulka:~/Desktop/debian/devel/ekg2/uploaded$ dpkg -c ekg2_0.3.1-1_amd64.deb |grep doc drwxr-xr-x root/root 0 2011-03-19 15:04 ./usr/share/doc/ lrwxrwxrwx root/root 0 2011-03-19 15:04 ./usr/share/doc/ekg2 - ekg2-core mowsiany@beczulka:~/Desktop/debian/devel/ekg2/uploaded$ dpkg -c ekg2-core_0.3.1-1_amd64.deb |grep doc/ekg2-core/copy -rw-r--r-- root/root 18698 2011-03-19 14:57 ./usr/share/doc/ekg2-core/copyright mowsiany@beczulka:~/Desktop/debian/devel/ekg2/uploaded$ -- Marcin Owsiany porri...@debian.org http://marcin.owsiany.pl/ GnuPG: 2048R/02F946FC 35E9 1344 9F77 5F43 13DD 6423 DBF4 80C6 02F9 46FC -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672959: [Pkg-sysvinit-devel] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
2012/8/20 Steven Chamberlain ste...@pyro.eu.org: On 20/08/12 20:16, Axel Beckert wrote: [...] clearly something _after_ the fsck does that. Looking back at my 'dot' graph of initscript dependencies, it seems like freebsdutils is the only thing that is free to run before, after, or at the same time as checkroot.sh and thus could be affected by how long it takes to run. Given how this issue only seems to affect kFreeBSD ports anyhow, I'm begining to suspect that it's due to freebsdutils having incorrect LSB header information in its init scripts and thus extremely tempted to reassign this bug to freebsdutils. Martin-Éric -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#674089: Possible release note for systems running PHP through CGI.
On Mon, Aug 20, 2012 at 8:12 PM, Stefan Fritsch s...@debian.org wrote:
On Monday 20 August 2012, Ondřej Surý wrote:
Ah, I see; it gets executed when there is no know handler or
mime-type for second extension.
E.g. index.php.jpeg works as expected (e.g. returning PHP source
code), index.php.blubb but gets executed. I don't think there's any
harm in disabling php.foobar and php.blubb files.
There is also the case that the extensions after .php are known to
Apache but are not associated with mime types or handlers. For
example, there are extensions like .de and .en which cause the
Content-Language header to be set, extensions for setting the charset
(e.g. .utf8) and extensions for setting the content-encoding (none
configured by default).
I don't know how often this is actually used together with php.
Setting the Content-* headers in the php script seems saner to me.
Right, I have never seen this to be used together with PHP, but it
probably deserves a note somewhere.
Good to see that we are heading towards a solution anyway.
What shall I do with #674089 ? I can reassign it to php5-cgi so
that your next upload closes it, or do we still need release
notes ?
I think we still might need release notes, but it needs to be
updated based on final impact of changes we have done. I am not
sure if the information about filename.php.unknown-mime-type
is worth release notes or just NEWS file in PHP. My guess would be
latter, but opinions may vary.
Maybe add just a small paragraph that the configuration of the
extensions has changed and php users should read the NEWS file?
That's probably sensible approach. I have quickly drafted short
paragraph which can be used for release notes:
Default PHP extension configuration
---
The mime-types package has dropped non-standard definitions of
PHP MIME-Types as a security measure. Default PHP configuration
for libapache2-mod-php5{filter} and php5-cgi now only serve files
which have .php, .php[345] and .phtml extensions on a most right
place as opposed to previous state where filename.php.foobar
would have been interpreted. Please read NEWS file in the PHP
SAPI of your choice for further information.
---
O.
--
Ondřej Surý ond...@sury.org
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683648: marked as done (Django's HTMLParser incompatible with python 2.7.3)
Your message dated Tue, 21 Aug 2012 07:17:39 + with message-id e1t3iiz-0006vc...@franck.debian.org and subject line Bug#683648: fixed in python-django 1.4.1-2 has caused the Debian Bug report #683648, regarding Django's HTMLParser incompatible with python 2.7.3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 683648: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683648 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: python-django Version: 1.4-1 Severity: important Tags: security https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/ http://www.openwall.com/lists/oss-security/2012/07/31/1 http://www.openwall.com/lists/oss-security/2012/07/31/2 - Henri Salo ---End Message--- ---BeginMessage--- Source: python-django Source-Version: 1.4.1-2 We believe that the bug you reported is fixed in the latest version of python-django, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 683...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Raphaël Hertzog hert...@debian.org (supplier of updated python-django package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 21 Aug 2012 08:42:10 +0200 Source: python-django Binary: python-django python-django-doc Architecture: source all Version: 1.4.1-2 Distribution: unstable Urgency: low Maintainer: Chris Lamb la...@debian.org Changed-By: Raphaël Hertzog hert...@debian.org Description: python-django - High-level Python web development framework python-django-doc - High-level Python web development framework (documentation) Closes: 683648 Changes: python-django (1.4.1-2) unstable; urgency=low . * New patch 01_use_stdlib_htmlparser_when_possible.diff to not override Python stdlib's HTMLParser with Python versions which are unaffected by http://bugs.python.org/issue670664 Closes: #683648 Thanks to David Watson da...@planetwatson.co.uk for the patch. * Update the above patch to use the version committed upstream (commit 57d9ccc). Checksums-Sha1: d62bfb18310b9699d947ceb747b8a21acbad5875 2227 python-django_1.4.1-2.dsc 33122b2eff602542d2b491c006cc6ec2e6989641 21752 python-django_1.4.1-2.debian.tar.gz 3583e0c0356f5e38a275cc0050c5b447cf33ec89 5372486 python-django_1.4.1-2_all.deb 3a1af5a14ce037886fda5b4ff38ff669499a2617 2357394 python-django-doc_1.4.1-2_all.deb Checksums-Sha256: c6e85f47e63a11ca6596e66dda2c00bfd3ff8892ee88eed5e6bfabff1aeb634b 2227 python-django_1.4.1-2.dsc e3949c4c01376a84c089be8c014f51132949de5bb222ffadadb45ce2a2a1e1e0 21752 python-django_1.4.1-2.debian.tar.gz ea1fcfeb0e9c5cabf9c2ce356065c1b56d92ece68c7e24c0a262fcb277760469 5372486 python-django_1.4.1-2_all.deb 9181315a0d286ef6452d497eeb49c4647356ceecaf1a0ff378262930ef967c0d 2357394 python-django-doc_1.4.1-2_all.deb Files: 9cea65bc20d1e916cd32106069ac6d2a 2227 python optional python-django_1.4.1-2.dsc ae35b19d8a86aff274c23daca444b765 21752 python optional python-django_1.4.1-2.debian.tar.gz c711322a583d132c317da185724dbf1c 5372486 python optional python-django_1.4.1-2_all.deb f5b8d83332002466656dfff4234abcbb 2357394 doc optional python-django-doc_1.4.1-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Signed by Raphael Hertzog iQIcBAEBCAAGBQJQMzTHAAoJEOYZBF3yrHKabacP/RYlosC2Jpl8NsvYPvATJJTu MyR0+r2q4bJfnuYu4nJg0CMmtIjGxWngIyDiIiJIZ1LSiyr+ZktgSLtxWNsR2beD BjlPLRi0ABKJYYducGE5+l/oRD4gF4EKya6IECwcITOd4bdtGgUo+ajRKWLViZG6 mBBXz0PdSLbV3ggVTO9InBUVKWRlLLBzaHRNJpEdobBiH41QG5ZmyN5bLWuK0J/V hLqs/sYhT0YMZGmbS1lsWoG11qsNr0qP9HGkC2Ma5VQRkqIAnZqFp4HdREtzx+7L l1bPHCwRYN6d1rvz9B2Gw2mcYL+ePhm3zttl7GO9qP3GssTDSEYZIAtH8AgcGnu4 rkmi7qtkdLPzt+gx8SsMcndbiQDIb7XJOwaaAi2KEJKrb7STTKZJI2wtPdVyn0Uk OmsS9MCs/1T9INA1QJKKwDd067A+Oevf7YB2rWbkL02DJe+TiE+tWhDl8Ag5BzXO IFKw831UnphsikdYtH0cTuHlnUeNOoBY8dSoQTXJb4d+zyKVbC6YltSGUjDFB7sw TRRdl1xYD5l/oTOJ1Zs1rMVDpKSXdyKq1PDCnofwYZtvXgozVlJ8tb5nGPgN21Cl EOPTUlqTdQntHdevficH0tVsnmmnIycIbsaUv9uJ8iZ0jrkyKSbRrJPoSfMT2DMo XBvVH1/i+gyWRRIK5Xsh =xwhY -END PGP SIGNATUREEnd Message---
Bug#674089: Possible release note for systems running PHP through CGI.
Default PHP extension configuration
^^^
This needs Apache 2, e.g.
Default PHP extension configuration for Apache 2.
---
The mime-types package has dropped non-standard definitions of
PHP MIME-Types as a security measure. Default PHP configuration
for libapache2-mod-php5{filter} and php5-cgi now only serve files
which have .php, .php[345] and .phtml extensions on a most right
place as opposed to previous state where filename.php.foobar
would have been interpreted. Please read NEWS file in the PHP
SAPI of your choice for further information.
O.
--
Ondřej Surý ond...@sury.org
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685469: ekg2: missing copyright file
[resending, forgot to Cc: the bug] On 2012-08-21 08:38, Marcin Owsiany wrote: # ls -la /usr/share/doc/ekg2 total 0 drwxr-xr-x 2 root root 140 Aug 21 02:42 . drwxr-xr-x 154 root root 3580 Aug 21 02:42 .. lrwxrwxrwx 1 root root 26 Nov 14 2011 commands-pl.txt - ../../ekg2/commands-pl.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-en.txt - ../../ekg2/session-en.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-pl.txt - ../../ekg2/session-pl.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-en.txt - ../../ekg2/vars-en.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-pl.txt - ../../ekg2/vars-pl.txt # ls -lad /usr/share/doc/ekg2 drwxr-xr-x 2 root root 140 Aug 21 02:42 /usr/share/doc/ekg2 Interesting. What architecture is this? This looks different on my TV: Observed this in a minimal sid chroot on amd64 - its probably important to test in a clean minimal chroot that never had anything ekg2 installed. # dpkg -S /usr/share/doc/ekg2/* ekg2-core: /usr/share/doc/ekg2/commands-pl.txt ekg2-core: /usr/share/doc/ekg2/session-en.txt ekg2-core: /usr/share/doc/ekg2/session-pl.txt ekg2-core: /usr/share/doc/ekg2/vars-en.txt ekg2-core: /usr/share/doc/ekg2/vars-pl.txt # l -d /usr/share/doc/ekg2* drwxr-xr-x 2 root root 140 Aug 21 02:42 /usr/share/doc/ekg2 drwxr-xr-x 4 root root 340 Aug 21 02:42 /usr/share/doc/ekg2-core lrwxrwxrwx 1 root root 9 Nov 14 2011 /usr/share/doc/ekg2-jabber - ekg2-core drwxr-xr-x 2 root root 220 Aug 21 02:42 /usr/share/doc/ekg2-ui-ncurses # l /usr/share/doc/ekg2-core/ total 88 drwxr-xr-x 4 root root 340 Aug 21 02:42 . drwxr-xr-x 231 root root 5120 Aug 21 02:53 .. -rw-r--r-- 1 root root 3967 Mar 19 2011 IDEAS-2.0.gz -rw-r--r-- 1 root root 3993 Mar 19 2011 README.Debian -rw-r--r-- 1 root root 7289 Mar 19 2011 README.gz -rw-r--r-- 1 root root 2493 Mar 19 2011 TODO -rw-r--r-- 1 root root 14635 Mar 19 2011 TODO.Debian.gz -rw-r--r-- 1 root root 1396 Mar 19 2011 ULOTKA drwxr-xr-x 2 root root 600 Aug 21 02:42 book-en drwxr-xr-x 2 root root 760 Aug 21 02:42 book-pl -rw-r--r-- 1 root root 7130 Nov 14 2011 changelog.Debian.gz -rw-r--r-- 1 root root 18698 Mar 19 2011 copyright -rw-r--r-- 1 root root 753 Mar 19 2011 events.txt -rw-r--r-- 1 root root 854 Mar 19 2011 przenosny-kod.txt -rw-r--r-- 1 root root 1697 Mar 19 2011 queries.txt -rw-r--r-- 1 root root 1446 Mar 19 2011 sim.txt -rw-r--r-- 1 root root 701 Mar 19 2011 voip.txt symlinks in /usr/share/doc usually open a can of worms ... dpkg does not replace directories with symlinks-to-directories and vice versa, so special care needs to be taken on upgrades Andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685418: lbzip2: build-arch target in debian/rules doesn't work
Hi, Thanks for fixing the issue in unstable! But I fear you will have to fix it in testing too, as I do not think RT will allow 2.2-2 in testing at this point of the freeze. I submited an ublokck request (#685484). If freeze exception for new upstream version if not granted, I will prepare a fix only for this bug in wheezy. Mikolaj -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#674089: Possible release note for systems running PHP through CGI.
On Tue, Aug 21, 2012 at 09:07:59AM +0200, Ondřej Surý wrote:
[...]
Maybe add just a small paragraph that the configuration of the
extensions has changed and php users should read the NEWS file?
That's probably sensible approach. I have quickly drafted short
paragraph which can be used for release notes:
Default PHP extension configuration
---
The mime-types package has dropped non-standard definitions of
PHP MIME-Types as a security measure. Default PHP configuration
for libapache2-mod-php5{filter} and php5-cgi now only serve files
which have .php, .php[345] and .phtml extensions on a most right
place as opposed to previous state where filename.php.foobar
would have been interpreted. Please read NEWS file in the PHP
SAPI of your choice for further information.
I fail to parse that on a most right place bit though I'm not a native
speaker. If you meant that those extension specifications form a minimal
sane and safe subset, may be just go ahead and write exactly that. ;-)
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#674089: Possible release note for systems running PHP through CGI.
On Tue, Aug 21, 2012 at 9:38 AM, Konstantin Khomoutov
flatw...@users.sourceforge.net wrote:
On Tue, Aug 21, 2012 at 09:07:59AM +0200, Ondřej Surý wrote:
[...]
Maybe add just a small paragraph that the configuration of the
extensions has changed and php users should read the NEWS file?
That's probably sensible approach. I have quickly drafted short
paragraph which can be used for release notes:
Default PHP extension configuration
---
The mime-types package has dropped non-standard definitions of
PHP MIME-Types as a security measure. Default PHP configuration
for libapache2-mod-php5{filter} and php5-cgi now only serve files
which have .php, .php[345] and .phtml extensions on a most right
place as opposed to previous state where filename.php.foobar
would have been interpreted. Please read NEWS file in the PHP
SAPI of your choice for further information.
I fail to parse that on a most right place bit though I'm not a native
speaker. If you meant that those extension specifications form a minimal
sane and safe subset, may be just go ahead and write exactly that. ;-)
Nope I mean that the extension should be last.
E.g. index.blah.php, but not index.php.blah.
O.
--
Ondřej Surý ond...@sury.org
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: [patch] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
Processing commands for cont...@bugs.debian.org: tags 672959 +patch Bug #672959 [src:sysvinit] kfreebsd-*: panic: vm_fault_copy_wired Added tag(s) patch. -- Stopping processing here. Please contact me if you need assistance. -- 672959: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672959 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672959: [patch] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
tags 672959 +patch -- Hi. /sbin/startpar -p 4 -t 20 -T 3 -M boot -P N -R S And the same happens even with -p 0. This is a single-CPU VM running kfreebsd-i386. I'm beginning to think that startpar is malfunctioning in some way (after checkroot.sh returns, but before it runs the next script). Thanks to Steven for excelent hint. The patch bellow fixes it for me. Please could also other people verify it. Petr --- sysvinit-2.88dsf.orig/startpar/startpar.c +++ sysvinit-2.88dsf/startpar/startpar.c @@ -1121,10 +1121,11 @@ int main(int argc, char **argv) exit(1); } #endif - +#ifdef __linux__ /* lock us into memory */ if (geteuid() == 0) mlockall(MCL_CURRENT|MCL_FUTURE); +#endif errno = 0; gettimeofday(glastio, 0); -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#668757: ping...
Hi Neil, Am 19.08.2012 10:10, schrieb Neil Williams: Any news on a fix for netdisco packages to not use /home ? If this bug is not fixed, the package will have to be removed from testing and probably from unstable too. If, as Gabriele has already mentioned in this bug, the user created does not need to have a specific directory path, please confirm this so that the package can have a trivial fix to drop the --shell option and change --home to /var/lib/netdisco. I could upload a new version with just the adduser line fixed, but that leaves the problem with existing installations. Existing /home/netdisco directories need to be removed. They should always be emtpy. If not, don't remove the directory and notify the user. The homedir of existing user netdisco needs to be updated. Christoph -- Christoph Martin, Zentrum für Datenverarbeitung, Uni-Mainz, Germany Instant-Messaging: Jabber: mar...@uni-mainz.de (Siehe http://www.zdv.uni-mainz.de/4010.php) attachment: martin.vcf signature.asc Description: OpenPGP digital signature
Bug#672959: [patch] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
Hi, Petr Salinger wrote: I'm beginning to think that startpar is malfunctioning in some way (after checkroot.sh returns, but before it runs the next script). Thanks to Steven for excelent hint. Indeed. That fits perfectly with my observation that always the last thing I saw before the crash was the : from the last line of checkroot.sh. No trace of another init.d script being started. The patch bellow fixes it for me. Please could also other people verify it. Will do this evening. Thanks Petr! Regards, Axel -- ,''`. | Axel Beckert a...@debian.org, http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `-| 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: retitle
Processing commands for cont...@bugs.debian.org: retitle 685360 AMD SB 750 + Logitech USB keyboard brokenness with Linux 3.2 (regression from 2.6.38) Bug #685360 [src:linux] AMD SB 750 + Logitech USB keyboard broken and system unbootable with Linux 3.2 (regression from 2.6.38) Changed Bug title to 'AMD SB 750 + Logitech USB keyboard brokenness with Linux 3.2 (regression from 2.6.38)' from 'AMD SB 750 + Logitech USB keyboard broken and system unbootable with Linux 3.2 (regression from 2.6.38)' -- Stopping processing here. Please contact me if you need assistance. -- 685360: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685360 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#674089: Possible release note for systems running PHP through CGI.
On Tue, 21 Aug 2012 09:48:37 +0200
Ondřej Surý ond...@debian.org wrote:
[...]
The mime-types package has dropped non-standard definitions of
PHP MIME-Types as a security measure. Default PHP configuration
for libapache2-mod-php5{filter} and php5-cgi now only serve files
which have .php, .php[345] and .phtml extensions on a most right
place as opposed to previous state where filename.php.foobar
would have been interpreted. Please read NEWS file in the PHP
SAPI of your choice for further information.
I fail to parse that on a most right place bit though I'm not a
native speaker. If you meant that those extension specifications
form a minimal sane and safe subset, may be just go ahead and write
exactly that. ;-)
Nope I mean that the extension should be last.
E.g. index.blah.php, but not index.php.blah.
Thanks for the explanation.
Then I suggest it to be rephrased ... extensions on the rightmost
place ..., or may be even simpler: ... php5-cgi now only serves files
which have .php, .php[345] or .phtml as their rightmost extension
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#684885: update-guestfs-appliance fails for wheezy because it looks for 'diff' instead of 'diffutils'
The error message is: Fetched 79,4 MB in 1min 16s (1.037 kB/s) febootstrap: aptitude: error: no file was downloaded corresponding to package diff after downloading the packages. Changing diff to diffutils in /usr/lib/guestfs/packagelist makes update-guestfs-appliance finish as expeced. Cheers, -- Guido -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683288: marked as done (rt-authen-externalauth: privilege escalation)
Your message dated Tue, 21 Aug 2012 10:33:23 + with message-id e1t3llz-0003im...@franck.debian.org and subject line Bug#683288: fixed in rt-authen-externalauth 0.10-2 has caused the Debian Bug report #683288, regarding rt-authen-externalauth: privilege escalation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 683288: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: rt-authen-externalauth Severity: grave Tags: security Justification: user security hole Hi, a security issue has been found in rt-authen-externalauth package. From http://blog.bestpractical.com/2012/07/security-vulnerabilities-in-three-commonly-deployed-rt-extensions.html: RT::Authen::ExternalAuth 0.10 and below (for all versions of RT) are vulnerable to an escalation of privilege attack where the URL of a RSS feed of the user can be used to acquire a fully logged-in session as that user. CVE-2012-2770 has been assigned to this vulnerability. For Wheezy, please fix this with an isolated fix instead of updating to a new upstream release (since the freeze is in effect) Regards, -- Yves-Alexis -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-grsec-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: rt-authen-externalauth Source-Version: 0.10-2 We believe that the bug you reported is fixed in the latest version of rt-authen-externalauth, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 683...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Tom Jampen t...@cryptography.ch (supplier of updated rt-authen-externalauth package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 10 Aug 2012 21:53:49 +0200 Source: rt-authen-externalauth Binary: rt4-extension-authenexternalauth Architecture: source i386 Version: 0.10-2 Distribution: unstable Urgency: low Maintainer: Tom Jampen t...@cryptography.ch Changed-By: Tom Jampen t...@cryptography.ch Description: rt4-extension-authenexternalauth - External authentication module for request tracker 4 Closes: 683288 Changes: rt-authen-externalauth (0.10-2) unstable; urgency=low . * Fixing typos in README.Debian. * Adding patch from Alex Vandiver a...@chmrr.net to fix privilege escalation bug (Closes: #683288). Checksums-Sha1: a7713698f2a20662208849b36b9425609e02a0d3 1316 rt-authen-externalauth_0.10-2.dsc 8818bfc4e5f5ae98652d5decb9a89ca3e65e1b5e 3436 rt-authen-externalauth_0.10-2.debian.tar.xz 62ed48372a8c7d9f894418d52af17a9b4c7ae7ef 28980 rt4-extension-authenexternalauth_0.10-2_i386.deb Checksums-Sha256: 9ad9e308f51e678c0afba82168a5ce998602ba19e543d4f23ffaded82a6ca1dd 1316 rt-authen-externalauth_0.10-2.dsc 4772862609b3a56fb90ee86b11817422509147f101f2b90d5e7fd78b0b6f7e72 3436 rt-authen-externalauth_0.10-2.debian.tar.xz 26038ae6e6422ef8b19427946c638570af6d86419062a8863fcbd272af355b2f 28980 rt4-extension-authenexternalauth_0.10-2_i386.deb Files: b409f7ca00627c865ceaa9b51682c358 1316 perl optional rt-authen-externalauth_0.10-2.dsc 029173eddfa1f2d92947b7df4974097d 3436 perl optional rt-authen-externalauth_0.10-2.debian.tar.xz 2adf4e47a32cc25c22ae18bdb79414ec 28980 perl optional rt4-extension-authenexternalauth_0.10-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAlAzYEQACgkQ+C5cwEsrK540ygCfZqSMRcMpQpbPBV+F8F5X1T7f roMAn03PTsS96ISr7rPsUwxJEzlpUQQ/ =BNyu -END PGP SIGNATUREEnd Message---
Bug#674089: Possible release note for systems running PHP through CGI.
Konstantin Khomoutov flatw...@users.sourceforge.net writes: ... Then I suggest it to be rephrased ... extensions on the rightmost place ..., or may be even simpler: ... php5-cgi now only serves files which have .php, .php[345] or .phtml as their rightmost extension how about ... have .php, .php[345] or .phtml at the end? (or 'right-hand end' if you think there's any possibility of confusion) 'extension' only really makes sense on FAT and similar file systems, and the extension on those file systems does not include the full-stop (.) Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560]http://www.hands.com/ |-| HANDS.COM Ltd.http://www.uk.debian.org/ |(| 10 Onslow Gardens, South Woodford, London E18 1NE ENGLAND pgpKjk6dgpJES.pgp Description: PGP signature
Bug#685502: fails to install in chroots
Package: request-tracker4 Version: 4.0.6-4 Severity: serious Hi, request-tracker4 fails to install in a chroot (standard debian sid chroot, with /proc mounted, recommends disabled): [...] Setting up request-tracker4 (4.0.6-4) ... **WARNING**·· **WARNING** If you are using mod_perl or any form of persistent perl **WARNING** process such as FastCGI, you will need to restart your **WARNING** web server and any persistent processes now. **WARNING**·· **WARNING** For mod_perl this means **WARNING**·· **WARNING** invoke-rc.d apache2 stop invoke-rc.d apache2 start **WARNING**·· hostname: Name or service not known dpkg: error processing request-tracker4 (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: request-tracker4 E: Sub-process /usr/bin/dpkg returned an error code (1) (sid_i386)root@progress:/home/user# unfortunately, looking at the postinst, i didn't spot the error immediately. Regards, Daniel -- Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern Email: daniel.baum...@progress-technologies.net Internet: http://people.progress-technologies.net/~daniel.baumann/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#621866: rsync: CVE-2011-1097 DoS and possibly code execution on client side
Package: rsync Dear maintainer, Recently you fixed one or more security problems and as a result you closed this bug. These problems were not serious enough for a Debian Security Advisory, so they are now on my radar for fixing in the following suites through point releases: squeeze (6.0.6) - use target stable Please prepare a minimal-changes upload targetting each of these suites, and submit a debdiff to the Release Team [0] for consideration. They will offer additional guidance or instruct you to upload your package. I will happily assist you at any stage if the patch is straightforward and you need help. Please keep me in CC at all times so I can track [1] the progress of this request. For details of this process and the rationale, please see the original announcement [2] and my blog post [3]. 0: debian-rele...@lists.debian.org 1: http://prsc.debian.net/tracker/621866/ 2: 201101232332.11736.th...@debian.org 3: http://deb.li/prsc Thanks, with his security hat on: -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683284: CVE-2012-3438
Package: graphicsmagick Dear maintainer, Recently you fixed one or more security problems and as a result you closed this bug. These problems were not serious enough for a Debian Security Advisory, so they are now on my radar for fixing in the following suites through point releases: squeeze (6.0.6) - use target stable Please prepare a minimal-changes upload targetting each of these suites, and submit a debdiff to the Release Team [0] for consideration. They will offer additional guidance or instruct you to upload your package. I will happily assist you at any stage if the patch is straightforward and you need help. Please keep me in CC at all times so I can track [1] the progress of this request. For details of this process and the rationale, please see the original announcement [2] and my blog post [3]. 0: debian-rele...@lists.debian.org 1: http://prsc.debian.net/tracker/683284/ 2: 201101232332.11736.th...@debian.org 3: http://deb.li/prsc Thanks, with his security hat on: -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#672959: startpar triggers kfreebsd panic: vm_fault_copy_wired
Processing commands for cont...@bugs.debian.org: retitle 672959 startpar triggers kfreebsd panic: vm_fault_copy_wired Bug #672959 [src:sysvinit] kfreebsd-*: panic: vm_fault_copy_wired Changed Bug title to 'startpar triggers kfreebsd panic: vm_fault_copy_wired' from 'kfreebsd-*: panic: vm_fault_copy_wired' thanks Stopping processing here. Please contact me if you need assistance. -- 672959: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672959 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672959: startpar triggers kfreebsd panic: vm_fault_copy_wired
retitle 672959 startpar triggers kfreebsd panic: vm_fault_copy_wired thanks On 21/08/12 09:16, Petr Salinger wrote: I'm beginning to think that startpar is malfunctioning in some way (after checkroot.sh returns, but before it runs the next script). Thanks to Steven for excelent hint. I'm just happy my mail was coherent at that hour. Thank you for a brilliant patch. With it I'm no longer seeing panics on kfreebsd-i386 Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685192: apt: redirection handling changes in 0.9.4 may break aptitude
For clarity: This partial upgrade thing effects not only aptitude, but APT
itself and just by extension all front-ends even if the message just talks
about how aptitude is unable to handle the internal change in libapt and
how it talks to his own http-method shipped in 'apt'.
And I doubt that a bug containing the words partial upgrade and
unofficial sources (which http.debian.net still is, even as a well-recieved
mirror of official content) fits very well in the severity grave bucket,
but I let it slight for the moment.
On Sat, Aug 18, 2012 at 2:53 AM, Raphael Geissert geiss...@debian.org wrote:
Now, the easiest way to prevent this kind of conflict would be by adding a
Depends: apt = 0.9.4 to libapt-pkg4.12. Not sure how much trouble it would
cause to a squeeze-wheezy upgrade, as it would force apt to also be
upgraded when upgrading aptitude (upgrading apt already requires upgrading
aptitude.) It also introduces a soft dependency loop, but it seems harmless.
I think Depends are a bit hard in that case. It's not only a loop, but
libapt-pkg can be used without the method-binaries in a lot of cases, so a
Recommends: apt (= ${binary:Version})
feels more appropriated and should trigger an upgrade of 'apt' in this
partial upgrade situation as well (as long as the installation of Recommends
are not disabled) without negative consequences on the installation order.
The only thing not covered by this Recommends is that you can still remove
apt from your system and possibly break aptitude (and other packages using
the acquire-system from libapt) - for any libapt user this will be equal to
the removal of an essential package through, however the specific front-end
handles this (apt-get is e.g. very vocal about that).
The net-result would be that front-ends should depend on 'apt' if they use
the acquire system (some do, even if they don't, packagesearch for example
seems to be such a candidate).
Yet, this might be wrong in the (less likely case) that a user uses only
debtorrent or https which is provided by other packages and therefore the
acquire system could be used without needing the standard methods in 'apt'.
So again, a Recommends would be more in order maybe.
On the other hand: A depends could be added automatically with our symbol
file if an acquire symbol is used, recommends can't be added in this way.
Maybe we should add such a feature to dpkg-dev as it could come in handy for
(big) libraries using other tools internally in certain paths.
Might be better than requiring the library user to declare such a relation.
In the end we are talking about an priority: important package, so a user
who wants to remove it should be able to handle the pain s/he has to suffer.
'apt' doesn't depend on a network-manager, even through it is likely that
you need some sort of network access to get packages from somewhere else…
Same case if s/he prefers to disable installation of recommends.
And with this back to the initial topic: Adding a recommends, okay?
Best regards
David Kalnischkies
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683927: marked as done (CVE-2012-3446: MITM vulnerability in TLS/SSL certificates verification)
Your message dated Tue, 21 Aug 2012 14:47:43 + with message-id e1t3pk7-0004gu...@franck.debian.org and subject line Bug#683927: fixed in libcloud 0.5.0-1.1 has caused the Debian Bug report #683927, regarding CVE-2012-3446: MITM vulnerability in TLS/SSL certificates verification to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 683927: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683927 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: libcloud Severity: grave Tags: security Justification: user security hole Hi, a new libcloud was released, fixing a MITM vulnerability in the TLS/SSL certificates verification. Basically the hostname/CN check is done using a wrong regular expression which will match even superset of the hostname. See http://libcloud.apache.org/security.html and https://github.com/apache/libcloud/commit/f2af5502dae3ac63e656dd1b7d5f29cc82ded401 and please upload an isolated fix to unstable, since we're in freeze. Regards, -- Yves-Alexis -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-grsec-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: libcloud Source-Version: 0.5.0-1.1 We believe that the bug you reported is fixed in the latest version of libcloud, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 683...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. gregor herrmann gre...@debian.org (supplier of updated libcloud package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 19 Aug 2012 16:24:16 +0200 Source: libcloud Binary: python-libcloud Architecture: source all Version: 0.5.0-1.1 Distribution: unstable Urgency: low Maintainer: Debian Python Modules Team python-modules-t...@lists.alioth.debian.org Changed-By: gregor herrmann gre...@debian.org Description: python-libcloud - unified Python interface into the cloud Closes: 683927 Changes: libcloud (0.5.0-1.1) unstable; urgency=low . * Non-maintainer upload. * [SECURITY] Fix CVE-2012-3446: MITM vulnerability in TLS/SSL certificates verification: add patch 0001-Fix-hostname-validation-in-the-SSL-verification-code.patch taken from upstream git. (Closes: #683927) Checksums-Sha1: 99cbb37c71184c36f9583d30b3dd9a3fe62b5713 1850 libcloud_0.5.0-1.1.dsc 63a3ccd273dc831a70191b7c9c09b1407c2a30ae 3906 libcloud_0.5.0-1.1.debian.tar.gz 235929ff1db6eaea941fc8059030561f5520743d 115100 python-libcloud_0.5.0-1.1_all.deb Checksums-Sha256: d72e1d5570a2e28b64441045476dcf3c94c1e74a6b2dbed5893b62d8f5b16fa2 1850 libcloud_0.5.0-1.1.dsc cc43a96f96258c34b73cb72f15ccdf7a3115fe7c131051e30bf401638d45b3f1 3906 libcloud_0.5.0-1.1.debian.tar.gz f554f5abc6e782da7132cfcfb2f42af7de9b4ee699cebeabdb4e4fa28058ef2d 115100 python-libcloud_0.5.0-1.1_all.deb Files: 6ad72a4b7e72e985d16ebfc6d9db8bb8 1850 python optional libcloud_0.5.0-1.1.dsc 987b0da6cba7428855f07f34581e7339 3906 python optional libcloud_0.5.0-1.1.debian.tar.gz 59296c9f49a50dc95e598e1e10c295f4 115100 python optional python-libcloud_0.5.0-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQMPd6AAoJELs6aAGGSaoG4NQP/1CCP5Cs62fbSH41QgKApeLF ysfhBs0ao+mgnWLx4GJ3mOtYd4cleKyeHjxObadkWjk2XbN1RYGZpjKzgVSAW8uA EZqZuM4dgZGu9J9vVHUq877OnO0upMjmDxSZSkqFTCOsCSUJNOpGaLG1+606hL1l /Boe8fAjCOBWKTRsjx++GPDgEss9drG9HrKk7sVmq+TiRVXNfCi6xj7eeaZ+XiAD 0o59hB80xT0JYdfPH45Hv5DZRocWBxgHaeOPomwublCSAe9lCxlb4bJ8bC5f8Scb 5hDyzIMVlcpcRkxn+1Z07K6dg5YRqZUzEojwls2CyDuO+Ux/rj3GuXdC8JQO6bOU oI2/gxRuhZzgKTobntwBGbZ7wXtWMvMmWkD9IHyeutJzQutY8DS2SgSLtosGhCtc orVoOpfSRlvIoODrhswjpsBfg0zgTXyl/cix9kblNDJSQ20PbSWOrHfqpN2sBhXW 887LFJ9eqW4JBNxTagYWSc+aCdDWYwYK3nP/57o6/bwzA+/9ZiCFiFQG/8Sx//eS uY5LIEgsRHZdCB0/ra1oPIespyog7q1jilZNQIwUTeHb05BoAGzB4Mt1jkYfBcxK 2r4Xb+aMOkvXqkwBoi7CYtOmjRzdonMMUH3tU3+fSJBhCPRK/0Q2pdCnZk+bznyS TqJTCFsAoX6XaiQ/gNSy =jf8O -END PGP SIGNATUREEnd
Bug#678189: marked as done (packagekit-backend-aptcc: insecure tempfile use)
Your message dated Tue, 21 Aug 2012 15:17:49 + with message-id e1t3qdf-0003tm...@franck.debian.org and subject line Bug#678189: fixed in packagekit 0.7.6-1 has caused the Debian Bug report #678189, regarding packagekit-backend-aptcc: insecure tempfile use to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 678189: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678189 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: packagekit-backend-aptcc Version: 0.7.4-4 Severity: grave Tags: security Justification: user security hole /usr/share/PackageKit/helpers/aptcc/pkconffile uses a tempfile with a fixed name in /tmp, which means anyone could create a /tmp/pkconffile.templates symlink and have root trash the contents of the linked file. You need to use mktemp (or File::Temp or however it's called in perl). Cheers, Julien -- System Information: Debian Release: wheezy/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (101, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages packagekit-backend-aptcc depends on: ii app-install-data2010.11.17 ii libapt-inst1.5 0.9.6 ii libapt-pkg4.12 0.9.6 ii libc6 2.13-33 ii libgcc1 1:4.7.1-1 ii libglib2.0-02.32.3-1 ii libgstreamer0.10-0 0.10.36-1 ii libstdc++6 4.7.1-1 ii libxml2 2.8.0+dfsg1-4 ii python 2.7.3~rc2-1 ii python-packagekit 0.7.4-4 Versions of packages packagekit-backend-aptcc recommends: ii apt-xapian-index 0.45 ii packagekit0.7.4-4 Versions of packages packagekit-backend-aptcc suggests: ii gdebi-core 0.8.5 -- no debconf information ---End Message--- ---BeginMessage--- Source: packagekit Source-Version: 0.7.6-1 We believe that the bug you reported is fixed in the latest version of packagekit, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 678...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthias Klumpp matth...@tenstral.net (supplier of updated packagekit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 21 Aug 2012 16:41:43 +0200 Source: packagekit Binary: packagekit packagekit-tools packagekit-docs libpackagekit-glib2-14 libpackagekit-glib2-dev gir1.2-packagekitglib-1.0 libpackagekit-qt2-2 libpackagekit-qt2-dev packagekit-gtk3-module gstreamer0.10-packagekit browser-plugin-packagekit python-packagekit packagekit-backend-aptcc packagekit-backend-smart packagekit-dbg Architecture: source amd64 all Version: 0.7.6-1 Distribution: unstable Urgency: low Maintainer: Matthias Klumpp matth...@tenstral.net Changed-By: Matthias Klumpp matth...@tenstral.net Description: browser-plugin-packagekit - Plugin to install missing plugins using PackageKit gir1.2-packagekitglib-1.0 - GObject introspection data for the PackageKit GLib library gstreamer0.10-packagekit - GStreamer plugin to install codecs using PackageKit libpackagekit-glib2-14 - Library for accessing PackageKit using GLib libpackagekit-glib2-dev - Library for accessing PackageKit using GLib (development files) libpackagekit-qt2-2 - Library for accessing PackageKit using Qt4 libpackagekit-qt2-dev - Library for accessing PackageKit using Qt4 (development files) packagekit - Provides a package management service packagekit-backend-aptcc - APT backend for PackageKit packagekit-backend-smart - Smart backend for PackageKit packagekit-dbg - Debugging symbols for PackageKit packagekit-docs - Documentation for PackageKit packagekit-gtk3-module - Install fonts automatically using PackageKit packagekit-tools - Provides PackageKit command-line tools python-packagekit - PackageKit backend Python bindings Closes: 678189 Changes: packagekit (0.7.6-1) unstable; urgency=low . * New upstream bugfix release: 0.7.6 Changes relevant to Debian: - aptcc: Don't use tempfile with fixed name for conffiles (Matthias
Bug#685524: After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup
Package: qt4-x11 Version: 4:4.8.2+dfsg-1 Severity: grave Starting KDE with qt4 version 4:4.8.2+dfsg-1 installed causes kwin to segfault on startup somewhere in libpthread, with 4:4.8.2-2+b1 everything works as expected. I'll see if I can generate a proper backtrace.. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.6.0-rc2 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685192: apt: redirection handling changes in 0.9.4 may break aptitude
H David,
On Tuesday 21 August 2012 08:50:34 David Kalnischkies wrote:
For clarity: This partial upgrade thing effects not only aptitude, but
APT itself and just by extension all front-ends even if the message
just talks about how aptitude is unable to handle the internal change in
libapt and how it talks to his own http-method shipped in 'apt'.
As far as I tested, it doesn't affect APT as long as it isn't a partial
upgrade from the experimental version that had a separate libapt-pk4.10.
Upgrading apt will also pull in libapt-pkg4.12, and at the time the new
packages are unpacked no new http method is started. The next call to APT
would already use the new versions of apt and the http method.
Am I missing something?
And I doubt that a bug containing the words partial upgrade and
unofficial sources (which http.debian.net still is, even as a
well-recieved mirror of official content) fits very well in the
severity grave bucket, but I let it slight for the moment.
Just one fact:
I have seen more than one mirror, part of the Debian mirrors network,
redirect from /debian/ to /pub/linux/debian/ and stuff like that.
At the moment there should be none of those in the mirrors list, but users
who had picked one of those mirrors before the path was changed would be
affected.
That said, if you disagree with the severity, feel free to change it.
Not sure how common Michael Prokop's scenario is with FAI. He was using a
minimal debootstrapped chroot and then upgrading it.
I think Depends are a bit hard in that case. It's not only a loop, but
libapt-pkg can be used without the method-binaries in a lot of cases, so
a Recommends: apt (= ${binary:Version})
feels more appropriated and should trigger an upgrade of 'apt' in this
partial upgrade situation as well (as long as the installation of
Recommends are not disabled) without negative consequences on the
installation order.
The only thing not covered by this Recommends is that you can still
remove apt from your system and possibly break aptitude (and other
packages using the acquire-system from libapt) - for any libapt user
this will be equal to the removal of an essential package through,
however the specific front-end handles this (apt-get is e.g. very vocal
about that).
If you do consider those cases, then Breaks should probably be used instead.
Recommends is not enough even for the scenario where this bug was
reproduced: grml - recommends are disabled by default.
I haven't tested a squeeze-wheezy upgrade with Breaks, though. Will try to
get around it today so that I can report back...
Same case if s/he prefers to disable installation of recommends.
And with this back to the initial topic: Adding a recommends, okay?
... because I don't think Recommends is appropriate.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685524: After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup
Control: tag -1 unreproducible moreinfo thanks Hi Arto! On Tue 21 Aug 2012 12:49:57 Arto Jantunen escribió: Package: qt4-x11 Version: 4:4.8.2+dfsg-1 Severity: grave Starting KDE with qt4 version 4:4.8.2+dfsg-1 installed causes kwin to segfault on startup somewhere in libpthread, with 4:4.8.2-2+b1 everything works as expected. Just for the record: which video card are you using? Are the drivers free or non-free? I'm also running a 64-bit system and could not reproduce this issue. I'll see if I can generate a proper backtrace.. Please try to, as this is quite strange. I have added two patches to Qt but they should not mess with kwin AFAIU. Kinds regards, Lisandro. -- Los chicos tienen un mayor dominio de la tecnología (y las habilidades y lenguaje que eso implica) que los adultos con los que se relacionan. Por lo general saben más que sus propios padres, sus docentes, sus pediatras, psicólogos, que los políticos y funcionarios de sus comunidades. Eso afectó la autoridad que tenía un adulto para habilitar al mundo. Luis Pescetti http://www.luispescetti.com/regale-su-obra/ Lisandro Damián Nicanor Pérez Meyer http://perezmeyer.com.ar/ http://perezmeyer.blogspot.com/ signature.asc Description: This is a digitally signed message part.
Processed: Re: Bug#685524: After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup
Processing control commands: tag -1 unreproducible moreinfo Bug #685524 [qt4-x11] After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup Added tag(s) unreproducible and moreinfo. -- 685524: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685524 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#685524: After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup
Processing control commands: tag -1 unreproducible moreinfo Bug #685524 [qt4-x11] After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup Ignoring request to alter tags of bug #685524 to the same tags previously set -- 685524: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685524 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#685524: After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup
Processing control commands: severity -1 important Bug #685524 [qt4-x11] After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup Severity set to 'important' from 'grave' -- 685524: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685524 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685524: After upgrading to 4:4.8.2+dfsg-1 kwin segfaults on startup
Control: severity -1 important On Tue 21 Aug 2012 12:49:57 Arto Jantunen escribió: Package: qt4-x11 Version: 4:4.8.2+dfsg-1 Severity: grave Starting KDE with qt4 version 4:4.8.2+dfsg-1 installed causes kwin to segfault on startup somewhere in libpthread, with 4:4.8.2-2+b1 everything works as expected. [snip] Looking at this: Kernel: Linux 3.6.0-rc2 (SMP w/2 CPU cores; PREEMPT) I have asked our users on IRC and so far the outcome is that this is not reproducible using pure Sid nor Wheezy with Qt from Sid. But some of them experimented problems with kwin with kernels from experimental. So, I'm reducing the severity of this bug at least until we can reproduce this with pure wheezy/sid. Kinds regards, Lisandro. -- La política es una actividad noble. Hay que revalorizarla, ejerciéndola con vocación y una dedicación que exige testimonio, martirio, o sea, morir por el bien común. Padre Bergoglio - http://www.lanacion.com.ar/1153060 Lisandro Damián Nicanor Pérez Meyer http://perezmeyer.com.ar/ http://perezmeyer.blogspot.com/ signature.asc Description: This is a digitally signed message part.
Bug#681903: marked as done (melange-client: missing dependency on python-pkg-resources)
Your message dated Tue, 21 Aug 2012 17:02:35 + with message-id e1t3rqd-0007ew...@franck.debian.org and subject line Bug#681903: fixed in python-melangeclient 0.1-1.2 has caused the Debian Bug report #681903, regarding melange-client: missing dependency on python-pkg-resources to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 681903: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681903 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: melange-client Version: 0.1-1.1 Severity: serious Justification: Policy 3.5 In a minimal chroot: $ melange Traceback (most recent call last): File /usr/bin/melange, line 5, in module from pkg_resources import load_entry_point ImportError: No module named pkg_resources -- Jakub Wilk ---End Message--- ---BeginMessage--- Source: python-melangeclient Source-Version: 0.1-1.2 We believe that the bug you reported is fixed in the latest version of python-melangeclient, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 681...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. gregor herrmann gre...@debian.org (supplier of updated python-melangeclient package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 19 Aug 2012 18:43:39 +0200 Source: python-melangeclient Binary: python-melangeclient melange-client Architecture: source all Version: 0.1-1.2 Distribution: unstable Urgency: low Maintainer: PKG OpenStack openstack-de...@lists.alioth.debian.org Changed-By: gregor herrmann gre...@debian.org Description: melange-client - Melange client python-melangeclient - client API library for Melange Closes: 681903 Changes: python-melangeclient (0.1-1.2) unstable; urgency=low . * Non-maintainer upload. * Fix missing dependency on python-pkg-resources: - add dependency on python-pkg-resources to melange-client - add patch python-melangeclient-namespace.diff and - bump build-dependency on python-all to (= 2.6.6-14~) Thanks to Jakub Wilk for the bug report and the fixes that I'm putting together here. (Closes: #681903) Checksums-Sha1: 0ec75460e5299febaa3e7bcec8379d5c13e3993b 1926 python-melangeclient_0.1-1.2.dsc 686e29e045a24e9e703791d7556aa4f393a0b60d 2611 python-melangeclient_0.1-1.2.debian.tar.gz e76189e7eb01fd32dc254cb72bd3ab579f164bf4 22178 python-melangeclient_0.1-1.2_all.deb 34cef63d19d5db06232af603e981e0aad0b16268 2372 melange-client_0.1-1.2_all.deb Checksums-Sha256: 91903ca7971710032d008e63fece49f5fddf63ab6a5573e4c6773752cdc536b3 1926 python-melangeclient_0.1-1.2.dsc 2e81b6f0805671106bea697dbd0307d3702a49b19c10e7c7918027ed23639393 2611 python-melangeclient_0.1-1.2.debian.tar.gz aca4851622f4f410302c2ab73900da0c363f46b23a73e953ab4c3a04a737ea58 22178 python-melangeclient_0.1-1.2_all.deb 094052a7c484a5e38b8a7a9123fa28f2c70a15b1dda474b9288223f9235436cd 2372 melange-client_0.1-1.2_all.deb Files: 25d9a326c20936cb045bfeb99894e231 1926 python extra python-melangeclient_0.1-1.2.dsc b0a7aed4e96587a0a5ff0c2ed2232b59 2611 python extra python-melangeclient_0.1-1.2.debian.tar.gz 9efd3b0115880702d9f6150ba93935fe 22178 python extra python-melangeclient_0.1-1.2_all.deb 76d886f5c48fd855973411d694154eee 2372 python extra melange-client_0.1-1.2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQMRhtAAoJELs6aAGGSaoG3eQQALMDxtscA4dZHxKTmgNd/vZI RdNgkH0wp+orQgOaYBum8XjraC6QpJDjsiVpaV/zkKSKTvuUorQT9NxtjyqvhtXv YUlX9lyQOU5QPlQGluGPk+eQgGFuqZRSfrRWbKTaVcwwNjsgiiDMNUfe4VvUqY3h 84+TjIsYE2u5TtVMa29eWd7Dnie58o4uHIlVT7b6EjtaXxVLF+ACIqH00+Qoh+H8 3TwTwXUfoJS1pUu2xPKbfk2rJ6tgZTmwyeDHWGDA3qi2lH36Hp92xtGDkqYv+rff RUJY+raCM2HqQuBinVRLTjmFlfgnIukc6CIbISjH9lrvpXOWw0PkbpljvzxoO8kz imYXWoTR9UZpGul7ta+DbME2TKcJWqAOI6zpz13jEZ3LXleyvO1D3njMRW1eaD9C 1xnqI3vbrvSNql8+FOa0fsYt0iAAjUsm1FZk/DQmF7IF+nIHSZUZ+FRzIonFV5HW 7tvRqyiHFbzmXh2ZE3XzGjujpV7TRODQz5ZuY75p0w2abyCXSNTFldm/NZpbtWwh wqh2T3/PTfH0pFvzWVjYB3FcB85s07w7uTQnLdaDsqXz8dzYnpl6PzP369zAPTYB ayl0+80gvQL8eqP/p9C7KrIhV/u7MotHYIwNN+ji5imvi41lxLgEkPfshLtVSNe7 jGhDx/zIJAfiCh97oaP3 =mKcj -END PGP SIGNATUREEnd Message---
Bug#685536: planetsplitter crahes on current planet.osm.bz2
Package: routino Severity: grave Version: 2.2-4 If You download current planet.osm.bz2 and try to use planetsplitter with it it will crash (accert): $ pv ../map/planet-latest.osm.bz2 | bunzip2|planetsplitter --loggable Parse OSM Data == 22,1GB 11:57:50 [ 537kB/s] [=] 100% Read: Lines=4418786769 Nodes=1517336218 Ways=143432273 Relations=1486052 Process OSM Data planetsplitter: nodesx.c:190: SortNodeList: Assertion `nodesx-idata' failed. zsh: done pv ../map/planet-latest.osm.bz2 | bunzip2 | zsh: abort (core dumped) planetsplitter --loggable echo bt|gdb planetsplitter core GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type show copying and show warranty for details. This GDB was configured as x86_64-linux-gnu. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /usr/bin/planetsplitter...(no debugging symbols found)...done. [New LWP 26259] warning: Can't read pathname for load map: Ошибка ввода/вывода. Core was generated by `planetsplitter --loggable'. Program terminated with signal 6, Aborted. #0 0x7f3ec70f9475 in raise () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) #0 0x7f3ec70f9475 in raise () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x7f3ec70fc6f0 in abort () from /lib/x86_64-linux-gnu/libc.so.6 #2 0x7f3ec70f2621 in __assert_fail () from /lib/x86_64-linux-gnu/libc.so.6 #3 0x00402872 in ?? () #4 0x00401a49 in ?? () #5 0x7f3ec70e5ead in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6 #6 0x004022d5 in ?? () #7 0x7fffbc7cb968 in ?? () #8 0x001c in ?? () #9 0x0002 in ?? () #10 0x7fffbc7cc665 in ?? () #11 0x7fffbc7cc674 in ?? () #12 0x in ?? () (gdb) quit -- . ''`. Dmitry E. Oboukhov : :’ : email: un...@debian.org jabber://un...@uvw.ru `. `~’ GPGKey: 1024D / F8E26537 2006-11-21 `- 1B23 D4F8 8EC0 D902 0555 E438 AB8C 00CF F8E2 6537 signature.asc Description: Digital signature
Bug#685502: [request-tracker-maintainers] Bug#685502: fails to install in chroots
On Tue, Aug 21, 2012 at 12:50:47PM +0200, Daniel Baumann wrote: request-tracker4 fails to install in a chroot (standard debian sid chroot, with /proc mounted, recommends disabled): [...] Setting up request-tracker4 (4.0.6-4) ... **WARNING**·· **WARNING** If you are using mod_perl or any form of persistent perl **WARNING** process such as FastCGI, you will need to restart your **WARNING** web server and any persistent processes now. **WARNING**·· **WARNING** For mod_perl this means **WARNING**·· **WARNING** invoke-rc.d apache2 stop invoke-rc.d apache2 start **WARNING**·· hostname: Name or service not known dpkg: error processing request-tracker4 (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: request-tracker4 E: Sub-process /usr/bin/dpkg returned an error code (1) (sid_i386)root@progress:/home/user# unfortunately, looking at the postinst, i didn't spot the error immediately. hostname is called from /var/lib/dpkg/info/request-tracker4.config. Specifically it calls hostname -f. This would normally be configured by debootstrap based on the host system; presumably your host system also doesn't have a working hostname -f? I'm not convinced that this is an RC bug in request-tracker4, although it could plausibly be more resilient to systems without a valid FQDN. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685540: asterisk-flite: app_flite fails to load
Package: asterisk-flite Version: 2.1-1 Severity: grave Using asterisk 1:1.8.13.0~dfsg-1+b1 on wheezy. asterisk01-noc01*CLI module load app_flite Unable to load module app_flite Command 'module load app_flite' failed. [Aug 21 15:02:01] WARNING[10528]: loader.c:779 inspect_module: Module 'app_flite.so' was not compiled with the same compile-time options as this version of Asterisk. [Aug 21 15:02:01] WARNING[10528]: loader.c:780 inspect_module: Module 'app_flite.so' will not be initialized as it may cause instability. [Aug 21 15:02:01] WARNING[10528]: loader.c:863 load_resource: Module 'app_flite' could not be loaded. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685542: d-push: Error when using https://myserver/Microsoft-Server-ActiveSync
Package: d-push
Version: 2.0-1
Severity: grave
Tags: d-i
Justification: renders package unusable
Dear Maintainer,
When I try to use https://myserver/Microsoft-Server-ActiveSync to test d-push,
I have the following error messages :
d-push - Open Source ActiveSync
Version 2.0-1
FatalMisconfigurationException
The configured state directory should terminate with a '/'
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-1-686-pae (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=ANSI_X3.4-1968)
(ignored: LC_ALL set to C)
Shell: /bin/sh linked to /bin/bash
Versions of packages d-push depends on:
ii debconf [debconf-2.0] 1.5.46
ii php-mail 1.2.0-4
ii php-pear 5.4.4-4
ii php5 5.4.4-4
ii php5-cli 5.4.4-4
ii php5-imap 5.4.4-4
Versions of packages d-push recommends:
ii apache2 2.2.22-11
ii apache2-mpm-prefork [httpd-cgi] 2.2.22-11
ii libapache2-mod-php5 5.4.4-4
d-push suggests no packages.
-- Configuration Files:
/etc/d-push/config.php changed:
?php
/***
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2010 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation with the following additional
* term according to sec. 7:
*
* According to sec. 7 of the GNU Affero General Public License, version 3,
* the terms of the AGPL are supplemented with the following terms:
*
* Zarafa is a registered trademark of Zarafa B.V.
* Z-Push is a registered trademark of Zarafa Deutschland GmbH
* The licensing of the Program under the AGPL does not imply a trademark
license.
* Therefore any rights, title and interest in our trademarks remain entirely
with us.
*
* However, if you propagate an unmodified version of the Program you are
* allowed to use the term Z-Push to indicate that you distribute the Program.
* Furthermore you may use our trademarks where it is necessary to indicate
* the intended purpose of a product or service provided you use it in accordance
* with honest practices in industrial or commercial matters.
* If you want to propagate modified versions of the Program under the name
Z-Push,
* you may only do so if you have a written permission by Zarafa Deutschland GmbH
* (to acquire a permission please contact Zarafa at tradem...@zarafa.com).
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see http://www.gnu.org/licenses/.
*
* Consult LICENSE file for details
/
/**
* Default settings
*/
// Defines the default time zone, change e.g. to Europe/London if
necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
//Max size of attachments to display inline. Default is 1MB
define('MAX_EMBEDDED_SIZE', 1048576);
/**
* Default FileStateMachine settings
*/
define('STATE_DIR', '/var/lib/d-push/state');
/**
* Logging settings
*/
define('LOGFILEDIR', '/var/log/d-push/');
define('LOGFILE', LOGFILEDIR . 'd-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'd-push-error.log');
// Possible Loglevels are:
// LOGLEVEL_OFF, LOGLEVEL_FATAL, LOGLEVEL_ERROR, LOGLEVEL_WARN,
// LOGLEVEL_INFO, LOGLEVEL_DEBUG, LOGLEVEL_WBXML, LOGLEVEL_DEVICEID,
// LOGLEVEL_WBXMLSTACK, LOGLEVEL_ALL
// see /usr/share/d-push/lib/core/zpushdefs.php for more info
define('LOGLEVEL', LOGLEVEL_DEBUG);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to
the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array();
/**
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning
Bug#685323: Re: Bug#685324: Local File Inclusion Vulnerability in contrib script
Dear Steven, Am 20.08.2012 05:12, schrieb Steven Chamberlain: tags 685324 + moreinfo unreproducible tags 685323 + moreinfo unreproducible merge 685324 685323 severity 685326 wishlist merge 685326 584251 thanks Hi, Were these reports of security issues supposed to be genuine? Yes, they were, as they are really two distinct security issues. Or was this simply your idea on how to get them to update GeSHi. [1] Well, no. But it'd be a bit long for this mail to shed light on all the background. And since I don't want to bore you to death while you actually could be doing something useful (like e.g. updating the package) I refrain from doing so. You refer to vulnerabilities in unspecified contrib scripts, but it seems to me that Debian does not even ship them in the php-geshi package. Debian ships them. And the Security Team already has been notified about the details. That's also the reason why these two bugs have been made public as part of a longer discussion yesterday. Debian who STILL believes the most recent version is 1.0.8.4, actually identifies the latest version as 1.0.8.10 on the PTS [2], with a link to the source tarball, and that will surely update within a few hours to indicate the new 1.0.8.11 release. Just checked [2]: Still says 1.0.8.10. But that wasn't the point of the blog post: The point was about the packaging which was (and by the way still is) way behind; but more on this in a moment. Yes, you already filed a wishlist bug asking for someone to package the new version, so there was no reason to file a new 'serious'-severity duplicate just now demanding the same. There was a request on the #debian-qa channel when I talked to some people directly asking for it. If you'd like the log just ask. It seems to me you are in fact wasting the time of whoever would potentially package your software, of developers busy fixing serious issues to make the next Debian release happen, and of the security team, who would be kindly looking after users for the package's 2-3 year term in stable/oldstable. Oh, thanks for that compliment, but I've to decline. Given exactly the 2-3 years this package will be in stable/oldstable is the reason why there should be an update to something reasonably recent before the package is put into a distribution. Putting in a package which is ~40kLOCs in diffs behind the current version (to compare the core component only is about 5kLOC) will be a monster to support. Last time there was a report to fix something in a stable release took about 4 months of MY time to look up a patch that the Package maintainers requested; it would have taken about 2 days using upstream AND testing it thouroughly. Some users really prefer long-term, unchanging versions, because they deploy lots of software that they don't want to have to review for what's changed, update it, re-test and check compatibility on a regular basis. Debian's stable distribution fulfills that need. Yeah, no news to me. And BTW: I'm also using Debian on some of my systems. And if you really want to try: GeSHi 1.0.7.15 (which should be around etch IIRC) can be replaced by a current 1.0.8.11 and everything just keeps working. That's aboutith Cygwin half my system breaks everytime I install an update. The freeze deadline has already passed, for someone to have _volunteered_ to update the GeSHi package in time for the Wheezy release process. The only exception now might be for a genuine security fix or serious flaw (which would probably be only a minimal patch for the specific issue), Feel lucky I had the revisions for the bugfix still at hand... And regarding the packaging: It has been known for at least the time there was this wishlist ticket that GeSHi was needing an update in unstable/testing. It's absolutely not my fault that there's only someone waking up once a security problem is notified. Also: I repeatedly tried to get someone who was willing to do the packaging for php-geshi to resolve those long-standing issues. If again the packaging team can't manage to grant necessary privileges for about 5 month that's another problem on your side. It is possible for more frequent updates to be packaged in testing or backports, for example to support new programming languages, but it would require continued effort on the part of a volunteer maintainer. That person would have had to process your bug reports too. Correct. And I already did some work on this part prior and in parallel to these reports. So don't be as gentle as an elephant shopping for procelain. [1] http://blog.benny-baumann.de/?p=1297 [2] http://packages.qa.debian.org/g/geshi.html Regards, Regards, upstream. signature.asc Description: OpenPGP digital signature
Bug#682826: world writable directories possible patch
Hi: Using chmod 1777 could help? I attached a patch just in case it does. Cheers, -- Jeremías--- ilisp.postinst.orig 2012-08-21 16:39:21.911900568 -0300 +++ ilisp.postinst 2012-08-21 16:38:51.211748311 -0300 @@ -65,7 +65,7 @@ case $1 in configure) set_keybindings - chmod 777 /usr/lib/ilisp # Required so that users can build .fasl files + chmod 1777 /usr/lib/ilisp # Required so that users can build .fasl files register-common-lisp-source ilisp ensure_symlinks ;;
Bug#685323: Bug#685324: Local File Inclusion Vulnerability in contrib script
unmerge 685324 685323 thanks Hi Benny, If I seem annoyed, it's because I was alerted about security issues in a package deployed on one of my systems, and had to spend time looking into it urgently. (And I still don't know what the issues really are.) All I could find out is that you've been insisting that Debian distribute a new version of your software, that you had an idea on how to get them to update GeSHi, and that nothing from the contrib/ directory in the source is shipped in the php-geshi package anyway. http://packages.debian.org/squeeze/all/php-geshi/filelist So I'm still not sure what to make of this. Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#685324: Local File Inclusion Vulnerability in contrib script
Processing commands for cont...@bugs.debian.org: unmerge 685324 Bug #685324 [php-geshi] Local File Inclusion Vulnerability in contrib script Bug #685323 [php-geshi] Non-persistent XSS vulnerability in contrib script Disconnected #685324 from all other report(s). thanks Stopping processing here. Please contact me if you need assistance. -- 685323: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685323 685324: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685324 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685469: ekg2: missing copyright file
tag confirmed thanks On Tue, Aug 21, 2012 at 09:30:34AM +0200, Andreas Beckmann wrote: [resending, forgot to Cc: the bug] On 2012-08-21 08:38, Marcin Owsiany wrote: # ls -la /usr/share/doc/ekg2 total 0 drwxr-xr-x 2 root root 140 Aug 21 02:42 . drwxr-xr-x 154 root root 3580 Aug 21 02:42 .. lrwxrwxrwx 1 root root 26 Nov 14 2011 commands-pl.txt - ../../ekg2/commands-pl.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-en.txt - ../../ekg2/session-en.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-pl.txt - ../../ekg2/session-pl.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-en.txt - ../../ekg2/vars-en.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-pl.txt - ../../ekg2/vars-pl.txt # ls -lad /usr/share/doc/ekg2 drwxr-xr-x 2 root root 140 Aug 21 02:42 /usr/share/doc/ekg2 Interesting. What architecture is this? This looks different on my TV: Observed this in a minimal sid chroot on amd64 - its probably important to test in a clean minimal chroot that never had anything ekg2 installed. # dpkg -S /usr/share/doc/ekg2/* ekg2-core: /usr/share/doc/ekg2/commands-pl.txt ekg2-core: /usr/share/doc/ekg2/session-en.txt ekg2-core: /usr/share/doc/ekg2/session-pl.txt ekg2-core: /usr/share/doc/ekg2/vars-en.txt ekg2-core: /usr/share/doc/ekg2/vars-pl.txt # l -d /usr/share/doc/ekg2* drwxr-xr-x 2 root root 140 Aug 21 02:42 /usr/share/doc/ekg2 drwxr-xr-x 4 root root 340 Aug 21 02:42 /usr/share/doc/ekg2-core lrwxrwxrwx 1 root root 9 Nov 14 2011 /usr/share/doc/ekg2-jabber - ekg2-core drwxr-xr-x 2 root root 220 Aug 21 02:42 /usr/share/doc/ekg2-ui-ncurses # l /usr/share/doc/ekg2-core/ total 88 drwxr-xr-x 4 root root 340 Aug 21 02:42 . drwxr-xr-x 231 root root 5120 Aug 21 02:53 .. -rw-r--r-- 1 root root 3967 Mar 19 2011 IDEAS-2.0.gz -rw-r--r-- 1 root root 3993 Mar 19 2011 README.Debian -rw-r--r-- 1 root root 7289 Mar 19 2011 README.gz -rw-r--r-- 1 root root 2493 Mar 19 2011 TODO -rw-r--r-- 1 root root 14635 Mar 19 2011 TODO.Debian.gz -rw-r--r-- 1 root root 1396 Mar 19 2011 ULOTKA drwxr-xr-x 2 root root 600 Aug 21 02:42 book-en drwxr-xr-x 2 root root 760 Aug 21 02:42 book-pl -rw-r--r-- 1 root root 7130 Nov 14 2011 changelog.Debian.gz -rw-r--r-- 1 root root 18698 Mar 19 2011 copyright -rw-r--r-- 1 root root 753 Mar 19 2011 events.txt -rw-r--r-- 1 root root 854 Mar 19 2011 przenosny-kod.txt -rw-r--r-- 1 root root 1697 Mar 19 2011 queries.txt -rw-r--r-- 1 root root 1446 Mar 19 2011 sim.txt -rw-r--r-- 1 root root 701 Mar 19 2011 voip.txt symlinks in /usr/share/doc usually open a can of worms ... dpkg does not replace directories with symlinks-to-directories and vice versa, so special care needs to be taken on upgrades Ah, I get it now, ekg2-core ships some of the files in /usr/share/doc/ekg2, rather than .../ekg2-core, and ekg2 contains /usr/share/doc/ekg2 that is a symlink. It's a pity lintian did not complain about this. -- Marcin Owsiany porri...@debian.org http://marcin.owsiany.pl/ GnuPG: 2048R/02F946FC 35E9 1344 9F77 5F43 13DD 6423 DBF4 80C6 02F9 46FC -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: [request-tracker-maintainers] Bug#685502: fails to install in chroots
Processing commands for cont...@bugs.debian.org: retitle 685502 fails to install when system has no FQDN Bug #685502 [request-tracker4] fails to install in chroots Changed Bug title to 'fails to install when system has no FQDN' from 'fails to install in chroots' thanks Stopping processing here. Please contact me if you need assistance. -- 685502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685502 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685502: [request-tracker-maintainers] Bug#685502: fails to install in chroots
retitle 685502 fails to install when system has no FQDN thanks On 08/21/2012 08:37 PM, Dominic Hargreaves wrote: hostname is called from /var/lib/dpkg/info/request-tracker4.config. Specifically it calls hostname -f. indeed. This would normally be configured by debootstrap (personally, i think one should always use FQDN as hostname, however..) if rt really wants to depends on having a FQDN as hostname, then it needs to handle that gracefully. having a FQDN or not is at the sysadmins discretion, not the rt maintainers ;) based on the host system; presumably your host system also doesn't have a working hostname -f? not that it matters, but my hosts do have a proper FQDN, just my chroots do not (as they are no 'real' systems). -- Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern Email: daniel.baum...@progress-technologies.net Internet: http://people.progress-technologies.net/~daniel.baumann/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: tagging 685469
Processing commands for cont...@bugs.debian.org: tags 685469 + confirmed Bug #685469 [ekg2] ekg2: missing copyright file Added tag(s) confirmed. thanks Stopping processing here. Please contact me if you need assistance. -- 685469: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685469 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685542: Acknowledgement (d-push: Error when using https://myserver/Microsoft-Server-ActiveSync)
Hello,
In fact the problem is in the line :
define('STATE_DIR', '/var/lib/d-push/state');
that should be :
define('STATE_DIR', '/var/lib/d-push/state/');
Notice the trailing '/'. This solves the problem.
Regards
nb
Le 21-08-2012 21:24, ow...@bugs.debian.org a écrit :
Thank you for filing a new Bug report with Debian.
This is an automatically generated reply to let you know your message
has been received.
Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will reply in due
course.
Your message has been sent to the package maintainer(s):
Wolfram Quester wo...@sigxcpu.org
If you wish to submit further information on this problem, please
send it to 685...@bugs.debian.org.
Please do not send mail to ow...@bugs.debian.org unless you wish
to report a problem with the Bug-tracking system.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685550: Please update nsd3 to upstream 3.2.13 - fixes VU#517036 CVE-2012-2979 and segfault
Package: nsd3
Severity: critical
3.2.13 is out for a month already, might be nice to get an updated
package...
Greets,
Jeroen
--
https://www.nlnetlabs.nl/projects/nsd/
{{{
NSD 3.2.13
Jul 27, 2012
Bugfixes
Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of service
vulnerability from DNS packet when using --enable-zone-stats.
Bugfix #460: man page correction - identity.
Fix for nsd-patch segfault if zone has been removed from nsd.conf
(thanks Ilya Bakulin)
NSD 3.2.12
Jul 19, 2012
Bugfixes
Fix for VU#624931 CVE-2012-2978: NSD denial of service vulnerability
from non-standard DNS packet from any host on the internet.
NSD 3.2.11
Jul 9, 2012
Features
Fallback to AXFR if IXFR is unknown at the primary. NSD considers IXFR
unknown at the primary if there is a negative response for the IXFR
RRtype. This does not override the value for 'allow-axfr-fallback'.
Allow for reading in new DNSKEY algorithm mnemonics (RFC5155, RFC5702,
RFC5933, and RFC6605 (ECDSA)).
Zone statistics, enable with --enable-zone-stats. This stores the BIND8
stats per zone in a configurable statistics file. This option does not
scale and should therefore not be enabled when serving many zones.
Support for TLSA RRtype (DANE).
Bugfixes
Fix for qtype ANY for a wildcard domain in NSEC signed zone: Don't add
the wildcard domain NSEC into the answer section. Instead, put the
wildcard expanded NSEC into the answer section and keep the wildcard
domain NSEC in the authority section.
Fix for accept spinning reported by OpenBSD.
Fix restart failed due to bad ixfr packet because of zone removed from
nsd.conf.
Bugfix #453: typo in nsdc man page.
}}}
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685551: ntfs-3g: returns incorect type for junction points in readdir()
Package: ntfs-3g
Version: 1:2012.1.15AR.5-4
Severity: serious
Tags: patch upstream
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch
*** /tmp/tmpkpCNMv/bug_body
In Ubuntu, the attached patch was applied to achieve the following:
* ntfs-3g-junction-point-fix.patch: Return the correct type (DT_LINK) for
NTFS Junction points, in readdir(). (LP: #997391)
A bug was recently fixed in upstream ntfs-3g, where baobab (The GNOME
disk usage visualisation tool) will loop infinitely when scanning a
Windows 7 partition.
http://tuxera.com/forum/viewtopic.php?f=2t=29578
https://bugzilla.redhat.com/show_bug.cgi?id=849332
Thanks for considering the patch.
SR
-- System Information:
Debian Release: wheezy/sid
APT prefers testing-proposed-updates
APT policy: (500, 'testing-proposed-updates'), (500, 'unstable'), (500,
'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_ZA.UTF-8, LC_CTYPE=en_ZA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Description: Return d_type = DT_LNK for NTFS Junction points in readdir()
readdir() was returning DT_DIR while stat() was returning S_IFLNK.
This caused baobab to infinitely loop.
Author: Jean-Pierre Andre
Origin: upstream, http://tuxera.com/forum/viewtopic.php?f=2t=29578
Bug-Ubuntu: https://launchpad.net/bugs/997391
Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=849332
Last-Update: 2012-08-21
--- a/libntfs-3g/dir.c
+++ b/libntfs-3g/dir.c
@@ -867,6 +867,83 @@
INDEX_TYPE_ALLOCATION, /* index allocation */
} INDEX_TYPE;
+/*
+ * Decode Interix file types
+ *
+ * Non-Interix types are returned as plain files, because a
+ * Windows user may force patterns very similar to Interix.
+ */
+
+static u32 ntfs_interix_types(ntfs_inode *ni)
+{
+ ntfs_attr *na;
+ u32 dt_type;
+ le64 magic;
+
+ dt_type = NTFS_DT_UNKNOWN;
+ na = ntfs_attr_open(ni, AT_DATA, NULL, 0);
+ if (na) {
+ /* Unrecognized patterns (eg HID + SYST) are plain files */
+ dt_type = NTFS_DT_REG;
+ if (na-data_size = 1) {
+ if (!(ni-flags FILE_ATTR_HIDDEN))
+dt_type = (na-data_size ?
+ NTFS_DT_SOCK : NTFS_DT_FIFO);
+ } else {
+ if ((na-data_size = (s64)sizeof(magic))
+ (ntfs_attr_pread(na, 0, sizeof(magic), magic)
+== sizeof(magic))) {
+if (magic == INTX_SYMBOLIC_LINK)
+ dt_type = NTFS_DT_LNK;
+else if (magic == INTX_BLOCK_DEVICE)
+ dt_type = NTFS_DT_BLK;
+else if (magic == INTX_CHARACTER_DEVICE)
+ dt_type = NTFS_DT_CHR;
+ }
+ }
+ ntfs_attr_close(na);
+ }
+ return (dt_type);
+}
+
+/*
+ * Decode file types
+ *
+ * Better only use for Interix types and junctions,
+ * unneeded complexity when used for plain files or directories
+ *
+ * Error cases are logged and returned as unknown.
+ */
+
+static u32 ntfs_dir_entry_type(ntfs_inode *dir_ni, MFT_REF mref, FILE_ATTR_FLAGS attributes)
+{
+ ntfs_inode *ni;
+ u32 dt_type;
+
+ dt_type = NTFS_DT_UNKNOWN;
+ ni = ntfs_inode_open(dir_ni-vol, mref);
+ if (ni) {
+ if ((attributes FILE_ATTR_REPARSE_POINT)
+ ntfs_possible_symlink(ni))
+ dt_type = NTFS_DT_LNK;
+ else
+ if ((attributes FILE_ATTR_SYSTEM)
+ !(attributes FILE_ATTR_I30_INDEX_PRESENT))
+dt_type = ntfs_interix_types(ni);
+ else
+dt_type = (attributes
+ FILE_ATTR_I30_INDEX_PRESENT
+ ? NTFS_DT_DIR : NTFS_DT_REG);
+ if (ntfs_inode_close(ni)) {
+ /* anything special to do ? */
+ }
+ }
+ if (dt_type == NTFS_DT_UNKNOWN)
+ ntfs_log_error(Could not decode the type of inode %lld\n,
+(long long)MREF(mref));
+ return (dt_type);
+}
+
/**
* ntfs_filldir - ntfs specific filldir method
* @dir_ni: ntfs inode of current directory
@@ -901,19 +978,23 @@
dir_ni-vol-mft_record_size;
else /* if (index_type == INDEX_TYPE_ROOT) */
*pos = (u8*)ie - (u8*)iu.ir;
+ mref = le64_to_cpu(ie-indexed_file);
+metadata = (MREF(mref) != FILE_root) (MREF(mref) FILE_first_user);
/* Skip root directory self reference entry. */
if (MREF_LE(ie-indexed_file) == FILE_root)
return 0;
- if (ie-key.file_name.file_attributes FILE_ATTR_I30_INDEX_PRESENT)
+ if ((ie-key.file_name.file_attributes
+ (FILE_ATTR_REPARSE_POINT | FILE_ATTR_SYSTEM))
+ !metadata)
+ dt_type = ntfs_dir_entry_type(dir_ni, mref,
+ ie-key.file_name.file_attributes);
+ else if (ie-key.file_name.file_attributes
+ FILE_ATTR_I30_INDEX_PRESENT)
dt_type = NTFS_DT_DIR;
- else if (fn-file_attributes FILE_ATTR_SYSTEM)
- dt_type = NTFS_DT_UNKNOWN;
else
dt_type = NTFS_DT_REG;
/* return metadata files and hidden files if requested */
- mref = le64_to_cpu(ie-indexed_file);
-metadata = (MREF(mref) != FILE_root) (MREF(mref) FILE_first_user);
if ((!metadata (NVolShowHidFiles(dir_ni-vol)
|| !(fn-file_attributes FILE_ATTR_HIDDEN)))
|| (NVolShowSysFiles(dir_ni-vol) (NVolShowHidFiles(dir_ni-vol)
--- a/src/ntfs-3g.c
+++ b/src/ntfs-3g.c
@@ -1017,10 +1017,30 @@
} else {
struct
Bug#674556: A workaround
I can confirm this bug, a workaround for this problem is: Press the: System (Windows) key or Alt+F1 these key combinations will take you to the overview, where you will be able to see the top menu bar and the bottom menu bar. ii gnome-common 3.4.0.1-1 ii mutter-common 3.4.1-5 ii recordmydesktop0.3.8.1+svn602-1 amd64 -- Josué M. Abarca S. Vos mereces Software Libre. PGP key 4096R/70D8FB2A 2009-06-17 Huella de clave = B3ED 4984 F65A 9AE0 6511 DAF4 756B EB4B 70D8 FB2A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685469: marked as done (ekg2: missing copyright file)
Your message dated Tue, 21 Aug 2012 21:17:42 + with message-id e1t3vpw-00076z...@franck.debian.org and subject line Bug#685469: fixed in ekg2 1:0.3.1-2 has caused the Debian Bug report #685469, regarding ekg2: missing copyright file to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 685469: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685469 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: ekg2 Version: 1:0.3.1-1 Severity: serious Justification: Policy 12.5 User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed that your package does not contain a copyright file. # ls -la /usr/share/doc/ekg2 total 0 drwxr-xr-x 2 root root 140 Aug 21 02:42 . drwxr-xr-x 154 root root 3580 Aug 21 02:42 .. lrwxrwxrwx 1 root root 26 Nov 14 2011 commands-pl.txt - ../../ekg2/commands-pl.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-en.txt - ../../ekg2/session-en.txt lrwxrwxrwx 1 root root 25 Nov 14 2011 session-pl.txt - ../../ekg2/session-pl.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-en.txt - ../../ekg2/vars-en.txt lrwxrwxrwx 1 root root 22 Nov 14 2011 vars-pl.txt - ../../ekg2/vars-pl.txt # ls -lad /usr/share/doc/ekg2 drwxr-xr-x 2 root root 140 Aug 21 02:42 /usr/share/doc/ekg2 Andreas ---End Message--- ---BeginMessage--- Source: ekg2 Source-Version: 1:0.3.1-2 We believe that the bug you reported is fixed in the latest version of ekg2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 685...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marcin Owsiany porri...@debian.org (supplier of updated ekg2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 21 Aug 2012 22:57:55 +0200 Source: ekg2 Binary: ekg2-core ekg2 ekg2-api-docs ekg2-dbg ekg2-gnupg ekg2-jabber ekg2-remote ekg2-scripting-python ekg2-scripting-perl ekg2-ui-gtk ekg2-ui-ncurses ekg2-xosd Architecture: source amd64 all Version: 1:0.3.1-2 Distribution: unstable Urgency: medium Maintainer: Marcin Owsiany porri...@debian.org Changed-By: Marcin Owsiany porri...@debian.org Description: ekg2 - instant messenger and IRC client for UNIX systems ekg2-api-docs - instant messenger and IRC client for UNIX systems - API documenta ekg2-core - instant messenger and IRC client for UNIX systems - main program ekg2-dbg - instant messenger and IRC client for UNIX systems - debugging sym ekg2-gnupg - instant messenger and IRC client for UNIX systems - GnuPG ekg2-jabber - instant messenger and IRC client for UNIX systems - Jabber/XMPP ekg2-remote - instant messenger and IRC client for UNIX systems - remote interf ekg2-scripting-perl - instant messenger and IRC client for UNIX systems - Perl scriptin ekg2-scripting-python - instant messenger and IRC client for UNIX systems - Python script ekg2-ui-gtk - instant messenger and IRC client for UNIX systems - GTK+ interfac ekg2-ui-ncurses - instant messenger and IRC client for UNIX systems - ncurses inter ekg2-xosd - instant messenger and IRC client for UNIX systems - X OSD Closes: 685469 Changes: ekg2 (1:0.3.1-2) unstable; urgency=medium . * RC-bugfix upload aimed at testing * [57a396e] Do not install conflicting symlinks. (Closes: #685469) Checksums-Sha1: 753f3f0b97499db0e23a758e87f0d9ebd9dfa19f 2508 ekg2_0.3.1-2.dsc e9dd2b5f18729b0cf77ed98c5305567b52cb7dae 34938 ekg2_0.3.1-2.debian.tar.gz 74794bc860dfa6eaef9a6215ca8bce93ca7a1d5f 670544 ekg2-core_0.3.1-2_amd64.deb eacfdb2f07b1350bfac91d292fe1f653ed752bc5 1374 ekg2_0.3.1-2_amd64.deb 90ea36a3407eac83ee7ceac1e05c57d33300f439 2865774 ekg2-api-docs_0.3.1-2_all.deb dd8778e14775fd6a5099ca22e50ca7c9ac1a9f48 2068384 ekg2-dbg_0.3.1-2_amd64.deb 6a6380bcfc4c471aba6d7d58aa301a2c9198c39c 10976 ekg2-gnupg_0.3.1-2_amd64.deb bb32e0b73bb9a53f0fc0cd0d855801e13fc96594 90216 ekg2-jabber_0.3.1-2_amd64.deb 058dbcb157b253f9f1cb9c2b830702a7bc3fcb46 57228 ekg2-remote_0.3.1-2_amd64.deb 62f230bf1c151cb3e1b17badbcd3beece307d4c3 23832 ekg2-scripting-python_0.3.1-2_amd64.deb 3f54323a7c7f5bd7e09dc4272b2316d3f9c98004 67532 ekg2-scripting-perl_0.3.1-2_amd64.deb
Bug#681680: mediathekview: finds only 1376 out of 57537 movies
Hello, this is just a reminder and a ping. I would like to know if you are still interested in maintaining MediathekView? If you are busy at the moment or if you can't maintain the package anymore, please say so. Otherwise i think it would be best to contact the Debian Release Team and ask them for their opinion. Of course we would need a sponsor, too. Unless i hear something different i will proceed and ask someone to sponsor the package next week, provided the Release Team accepts an upload to Testing. Regards Markus signature.asc Description: OpenPGP digital signature
Processed: your mail
Processing commands for cont...@bugs.debian.org: tag 683742 + pending Bug #683742 [python-pastedeploy] python-pastedeploy: Missing dependency on python-paste or missing paste package file Added tag(s) pending. tag 671247 + pending Bug #671247 [src:pastedeploy] pastedeploy: FTBFS if built twice in a row: aborting due to unexpected upstream changes Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 671247: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=671247 683742: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683742 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#671846: CVE-2011-2486
On Mon, May 07, 2012 at 03:37:48PM +0200, Moritz Muehlenhoff wrote: Package: nspluginwrapper Severity: grave Tags: security Please see this Red Hat bugzilla entry for more information and a reference to the upstream fix: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2486 This is straightforward to patch, but given that - this bug has seen no followup since 3.5 months - the last upload was in 2009 - there's a 64 bit version of the flash plugin these days we should rather remove it from Wheezy or the archive? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#673676: [buildd-tools-devel] Bug#673676: sbuild-createchroot: broken due to debian-archive-keyring changes
On Thu, Aug 16, 2012 at 05:16:23PM +0200, Cyril Brulebois wrote: Roger Leigh rle...@codelibre.net (04/07/2012): This was fixed in 4bc2072701ddd last week, and is pending upload. (Should already be tagged pending.) I have a few other bugs to fix in sbuild, but should be uploading it in the next week or so. “Next month”-ly-ping? This was done over the weekend. Hope this addresses all the outstanding issues. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linuxhttp://people.debian.org/~rleigh/ `. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools `-GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679409: lightdm: Fails to start on boot, invoke-rc.d lightdm start fails
On Sun, Aug 19, 2012 at 12:53:21PM -0700, Steve Langasek wrote: On Sun, Aug 12, 2012 at 09:48:02AM +0100, Roger Leigh wrote: On Sun, Aug 12, 2012 at 03:37:52PM +1000, James Tocknell wrote: I've patched startpar to special-case lightdm as for gdm/kdm, but this doesn't appear to have any effect here (but is probably generally a good thing to have). The change that was committed has nothing at all to do with this bug, and to me it looks like an unnecessary divergence from startpar upstream; so I've reverted those changes from the git repo. IMHO it's not something that's worth carrying a delta from upstream over. But feel free to reinstate if you disagree. My thinking here was that if startpar is special casing the priorities of display managers, shouldn't it be behaving the same for all the common ones? That said, I am not certain /why/ it's special casing them in the first place; certainly lightdm appears to function perfectly well without the patch. I don't have strong feelings either way here--personally I'd prefer them all removed if this is solely to hack in something better expressed through dependencies. BTW, Roger, could you please run 'echo DEBCHANGE_RELEASE_HEURISTIC=changelog ~/.devscripts' on your development machine? This is the only sensible behavior to use with dch in a shared VCS; it's very frustrating to have to check the archive or look at git tags each time to figure out whether the changes I'm looking at on trunk are uploaded or not... I've done this, but isn't it the documented default behaviour? Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linuxhttp://people.debian.org/~rleigh/ `. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools `-GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672959: [patch] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
On Tue, Aug 21, 2012 at 10:47:57AM +0200, Axel Beckert wrote: Hi, Petr Salinger wrote: I'm beginning to think that startpar is malfunctioning in some way (after checkroot.sh returns, but before it runs the next script). Thanks to Steven for excelent hint. Indeed. That fits perfectly with my observation that always the last thing I saw before the crash was the : from the last line of checkroot.sh. No trace of another init.d script being started. The patch bellow fixes it for me. Please could also other people verify it. Will do this evening. Thanks Petr! Many thanks Petr for the patch, and everyone else for testing and investigating. I've put a test package here: http://people.debian.org/~rleigh/sysvinit/sysvinit_2.88dsf-33.dsc I'd be grateful if anyone could build this and double-check that this is correct, and fixes the bug. I'll upload this as soon as that's done. Thanks again, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linuxhttp://people.debian.org/~rleigh/ `. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools `-GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#684415: marked as done (Doesn't work anymore with subdirectories)
Your message dated Tue, 21 Aug 2012 21:47:37 + with message-id e1t3wit-0004ob...@franck.debian.org and subject line Bug#684415: fixed in bins 1.1.29-16 has caused the Debian Bug report #684415, regarding Doesn't work anymore with subdirectories to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 684415: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684415 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: bins Version: 1.1.29-15 Severity: grave Hi, Some directories (thumbs, thumbs/Sm, thumbs/Med, etc.) are not created anymore, causing bins to fail in when one handles more than one album. It worked well in Squeeze (ver. 1.1.29-15) $ LANG=C bins -t /usr/share/bins dir1 album […] dir2 Image IMG_1882.JPG Exception 435: unable to open image `/tmp/album/dir2/thumbs/IMG_1882_pre.jpg': No such file or directory @ error/blob.c/OpenBlob/2638 at /usr/bin/bins line 3626. jpegtran: can't open /tmp/album/dir2/thumbs/IMG_1882_pre.jpg for reading Exception 435: unable to open image `/tmp/album/dir2/thumbs/Sm/IMG_1882_Sm.jpg': No such file or directory @ error/blob.c/OpenBlob/2638 at /usr/bin/bins line 3626. jpegtran: can't open /tmp/album/dir2/thumbs/Sm/IMG_1882_Sm.jpg for reading Exception 435: unable to open image `/tmp/album/dir2/thumbs/Med/IMG_1882_Med.jpg': No such file or directory @ error/blob.c/OpenBlob/2638 at /usr/bin/bins line 3626. jpegtran: can't open /tmp/album/dir2/thumbs/Med/IMG_1882_Med.jpg for reading cp: cannot create regular file `/tmp/album/dir2/thumbs/Lg/IMG_1882_Lg.jpg': No such file or directory Cannot copy /tmp/dir1/dir2/IMG_1882.JPG to /tmp/album/dir2/thumbs/Lg/IMG_1882_Lg.jpg: 256 at /usr/bin/bins line 3585. Regards David -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages bins depends on: ii libhtml-clean-perl0.8-11 ii libhtml-parser-perl 3.69-2 ii libhtml-template-perl 2.91-1 ii libimage-info-perl1.28-1 ii libimage-size-perl3.232-1 ii libio-string-perl 1.08-2 ii libjpeg-progs 8d-1 ii liblocale-gettext-perl1.05-7+b1 ii libtext-iconv-perl1.7-5 ii libtext-unaccent-perl 1.08-1+b3 ii libtimedate-perl 1.2000-1 ii liburi-perl 1.60-1 ii libxml-grove-perl 0.46alpha-12 ii libxml-handler-yawriter-perl 0.23-6 ii libxml-perl 0.08-2 ii libxml-writer-perl0.615-1 ii libxml-xql-perl 0.68-6 ii perlmagick8:6.7.7.10-3 bins recommends no packages. bins suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: bins Source-Version: 1.1.29-16 We believe that the bug you reported is fixed in the latest version of bins, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 684...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ludovic Rousseau rouss...@debian.org (supplier of updated bins package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 16 Aug 2012 19:28:34 -0400 Source: bins Binary: bins Architecture: source all Version: 1.1.29-16 Distribution: unstable Urgency: low Maintainer: Ludovic Rousseau rouss...@debian.org Changed-By: Ludovic Rousseau rouss...@debian.org Description: bins - Generate static HTML photo albums using XML and EXIF tags Closes: 684412 684415 Changes: bins (1.1.29-16) unstable; urgency=low . [ David Prévot ] * debian/patches/39_fix_local_install Fix /usr/local… path (Closes: #684412) * remove debian/patches/37_bins_thumbnails Drop the #196310 fix that breaks subdirectories (Closes: #684415) . [ Ludovic Rousseau ] * ACK NMU by David Prévot Checksums-Sha1:
Processed: found 681963 in 2.0.5-1, affects 685060, affects 685468
Processing commands for cont...@bugs.debian.org: found 681963 2.0.5-1 Bug #681963 [munin-node] munin-node: removes directories that were installed by another package: /etc/munin/plugin-conf.d/, /var/lib/munin/plugin-state/ Marked as found in versions 2.0.5-1/. affects 685060 + gfs2-tools Bug #685060 [corosync] corosync: fails to install: postinst fails on update-rc.d call Added indication that 685060 affects gfs2-tools affects 685468 + autofs-ldap Bug #685468 [autofs] autofs: fails to purge - command ucf in postrm not found Added indication that 685468 affects autofs-ldap thanks Stopping processing here. Please contact me if you need assistance. -- 681963: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681963 685060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685060 685468: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685468 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685323: Non-persistent XSS vulnerability in contrib script
tags 685323 = unreproducible upstream security notfound 685323 geshi/1.0.8.4-1 close 685323 geshi/1.0.8.4-1 thanks Bug supposedly affected langwiz.php where a leftover var_dump($_GET) could pose an XSS risk if deployed on a public-facing webserver. [1] That file does not exist in the source version of php-geshi packaged by Debian. It was formerly known as langcheck,php, which is shipped by php-geshi 1.0.8.4-1 in doc/examples/, but the vulnerability was not introduced until later. [1] http://geshi.svn.sourceforge.net/viewvc/geshi/trunk/geshi-1.0.X/src/contrib/langwiz.php?r1=2508r2=2507pathrev=2508 Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#685324: Local File Inclusion Vulnerability in contrib script
Processing commands for cont...@bugs.debian.org: tags 685324 = security upstream patch Bug #685324 [php-geshi] Local File Inclusion Vulnerability in contrib script Added tag(s) patch; removed tag(s) unreproducible and moreinfo. thanks Stopping processing here. Please contact me if you need assistance. -- 685324: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685324 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed (with 1 errors): Re: Bug#685323: Non-persistent XSS vulnerability in contrib script
Processing commands for cont...@bugs.debian.org: tags 685323 = unreproducible upstream security Bug #685323 [php-geshi] Non-persistent XSS vulnerability in contrib script Removed tag(s) moreinfo. notfound 685323 geshi/1.0.8.4-1 Bug #685323 [php-geshi] Non-persistent XSS vulnerability in contrib script No longer marked as found in versions geshi/1.0.8.4-1. close 685323 geshi/1.0.8.4-1 thanks Stopping processing here. Please contact me if you need assistance. -- 685323: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685323 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672959: [patch] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
Hi Roger, Roger Leigh wrote: I've put a test package here: http://people.debian.org/~rleigh/sysvinit/sysvinit_2.88dsf-33.dsc I'd be grateful if anyone could build this and double-check that this is correct, and fixes the bug. I'll upload this as soon as that's done. Works for me on kfreebsd-i386 after a touch /forcefsck. No more crash. Regards, Axel -- ,''`. | Axel Beckert a...@debian.org, http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `-| 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#685323: Non-persistent XSS vulnerability in contrib script
Processing commands for cont...@bugs.debian.org: close 685323 1.0.8.4-1 Bug #685323 [php-geshi] Non-persistent XSS vulnerability in contrib script Marked as fixed in versions geshi/1.0.8.4-1. Bug #685323 [php-geshi] Non-persistent XSS vulnerability in contrib script Marked Bug as done thanks Stopping processing here. Please contact me if you need assistance. -- 685323: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685323 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#685550: Please update nsd3 to upstream 3.2.13 - fixes VU#517036 CVE-2012-2979 and segfault
Debian dind't enable bind9 stats so it's not vulnerable.
Ondřej Surý
On 21. 8. 2012, at 22:40, Jeroen Massar jer...@unfix.org wrote:
Package: nsd3
Severity: critical
3.2.13 is out for a month already, might be nice to get an updated
package...
Greets,
Jeroen
--
https://www.nlnetlabs.nl/projects/nsd/
{{{
NSD 3.2.13
Jul 27, 2012
Bugfixes
Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of service
vulnerability from DNS packet when using --enable-zone-stats.
Bugfix #460: man page correction - identity.
Fix for nsd-patch segfault if zone has been removed from nsd.conf
(thanks Ilya Bakulin)
NSD 3.2.12
Jul 19, 2012
Bugfixes
Fix for VU#624931 CVE-2012-2978: NSD denial of service vulnerability
from non-standard DNS packet from any host on the internet.
NSD 3.2.11
Jul 9, 2012
Features
Fallback to AXFR if IXFR is unknown at the primary. NSD considers IXFR
unknown at the primary if there is a negative response for the IXFR
RRtype. This does not override the value for 'allow-axfr-fallback'.
Allow for reading in new DNSKEY algorithm mnemonics (RFC5155, RFC5702,
RFC5933, and RFC6605 (ECDSA)).
Zone statistics, enable with --enable-zone-stats. This stores the BIND8
stats per zone in a configurable statistics file. This option does not
scale and should therefore not be enabled when serving many zones.
Support for TLSA RRtype (DANE).
Bugfixes
Fix for qtype ANY for a wildcard domain in NSEC signed zone: Don't add
the wildcard domain NSEC into the answer section. Instead, put the
wildcard expanded NSEC into the answer section and keep the wildcard
domain NSEC in the authority section.
Fix for accept spinning reported by OpenBSD.
Fix restart failed due to bad ixfr packet because of zone removed from
nsd.conf.
Bugfix #453: typo in nsdc man page.
}}}
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679409: lightdm: Fails to start on boot, invoke-rc.d lightdm start fails
On Tue, Aug 21, 2012 at 10:28:07PM +0100, Roger Leigh wrote: On Sun, Aug 19, 2012 at 12:53:21PM -0700, Steve Langasek wrote: On Sun, Aug 12, 2012 at 09:48:02AM +0100, Roger Leigh wrote: On Sun, Aug 12, 2012 at 03:37:52PM +1000, James Tocknell wrote: I've patched startpar to special-case lightdm as for gdm/kdm, but this doesn't appear to have any effect here (but is probably generally a good thing to have). The change that was committed has nothing at all to do with this bug, and to me it looks like an unnecessary divergence from startpar upstream; so I've reverted those changes from the git repo. IMHO it's not something that's worth carrying a delta from upstream over. But feel free to reinstate if you disagree. My thinking here was that if startpar is special casing the priorities of display managers, shouldn't it be behaving the same for all the common ones? That said, I am not certain /why/ it's special casing them in the first place; certainly lightdm appears to function perfectly well without the patch. I don't have strong feelings either way here--personally I'd prefer them all removed if this is solely to hack in something better expressed through dependencies. It's not a dependency at all, only a priority. Startpar *may* start everything in parallel, or it may rate limit the number of services starting simultaneously; and in either event the priority says that the DM should be started first before any other services that are ready to start, because it's the most important thing to get up and going (if present). So yes, it makes sense for these to be consistent; my point is only that this is such a minor thing that it's not important enough to warrant carrying a delta from upstream, and it's better to just get it upstreamed first. But I also don't have strong feelings. BTW, Roger, could you please run 'echo DEBCHANGE_RELEASE_HEURISTIC=changelog ~/.devscripts' on your development machine? This is the only sensible behavior to use with dch in a shared VCS; it's very frustrating to have to check the archive or look at git tags each time to figure out whether the changes I'm looking at on trunk are uploaded or not... I've done this, but isn't it the documented default behaviour? A recent change, first landed in unstable in May. Assuming your changelog entries are created using dch, it appears you probably weren't running that version. :) -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org signature.asc Description: Digital signature
Bug#672959: [patch] Bug#672959: kfreebsd-*: panic: vm_fault_copy_wired
Hi! On 21/08/12 22:43, Roger Leigh wrote: I've put a test package here: http://people.debian.org/~rleigh/sysvinit/sysvinit_2.88dsf-33.dsc I'd be grateful if anyone could build this [...] That works okay, even with a genuinely dirty rootfs where fsck carries out a repair. I'm using kfreebsd-i386 as well. Thanks! Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#674089: Possible release note for systems running PHP through CGI.
On Tue, 2012-08-21 at 09:07 +0200, Ondřej Surý wrote: Maybe add just a small paragraph that the configuration of the extensions has changed and php users should read the NEWS file? That's probably sensible approach. I have quickly drafted short paragraph which can be used for release notes: Sounds good... which have .php, .php[345] and .phtml extensions on a most right place May I suggest to add for security reasons in the end? I guess we all agreed that deliberately using foo.php.jpeg is in most cases dangerous and bad style, too,... so why not teach our users a bit?! :-) On Tue, 2012-08-21 at 09:48 +0200, Ondřej Surý wrote: Nope I mean that the extension should be last. Perhaps use the phrase rightmost extension, or trailing extension? Or even give a short example? Cheers, Chris. smime.p7s Description: S/MIME cryptographic signature
Bug#656762: Set the debug property on the fail whale so it can be moved with the mouse to a corner
Hi! When I was using gnome3 some months ago this bug annoyed me more than a couple of times, I was able to work-around it by making the annoying whale window to be a normal desktop window, so when it pop-ups you can move it to a corner with the mouse and save your data before logging out. To make the whale be a movable desktop window you just have to set the debug property. Here is the patch that I applied to achieve this: $ cat gnome-session-3.2.1/debian/patches/make-whale-be-debug.patch --- a/gnome-session/gsm-manager.c +++ b/gnome-session/gsm-manager.c @@ -286,7 +286,7 @@ allow_logout = !_log_out_is_locked_down (manager); } -gsm_fail_whale_dialog_we_failed (FALSE, +gsm_fail_whale_dialog_we_failed (TRUE, allow_logout, want_extensions_ui); } signature.asc Description: OpenPGP digital signature
Bug#684748: Arduino Ethernet library fix, needs testing
On Sat, Aug 18, 2012 at 7:29 AM, Scott Howard showard...@gmail.com wrote: On Sat, Aug 18, 2012 at 3:32 AM, Marco Righi marco.ri...@gmail.com wrote: do you ask about this? Command 36 of 1 $avr-gcc --verbose Using built-in specs. COLLECT_GCC=avr-gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/avr/4.7.0/lto-wrapper Target: avr Configured with: ../src/configure -v --enable-languages=c,c++ --prefix=/usr/lib --infodir=/usr/share/info --mandir=/usr/share/man --bindir=/usr/bin --libexecdir=/usr/lib --libdir=/usr/lib --enable-shared --with-system-zlib --enable-long-long --enable-nls --without-included-gettext --disable-libssp --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=avr Thread model: single gcc version 4.7.0 (GCC) thanks, helps a lot (looks right...) - i'll keep looking at it Sorry to bug you again, but could you try the Ethernet.cpp file you sent me in a 32 bit VM (or machine if you have one)? I think it may be a bug in the 64 bit ld. Also, can you post the output of $ avr-ld --version ? Cheers, Scott -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#682627: marked as done (ddd: FTBFS: configure hangs for 60 minutes)
Your message dated Wed, 22 Aug 2012 03:02:37 +
with message-id e1t41dj-00012r...@franck.debian.org
and subject line Bug#682627: fixed in ddd 1:3.3.12-4
has caused the Debian Bug report #682627,
regarding ddd: FTBFS: configure hangs for 60 minutes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
682627: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682627
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: ddd
Version: 1:3.3.12-3
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20120724 qa-ftbfs
Justification: FTBFS on amd64
Hi,
During a rebuild of all packages in sid, your package failed to build on
amd64.
Relevant part:
debian/rules build
debian/rules:14: warning: overriding commands for target
`debian/stamp-autotools-files'
/usr/share/cdbs/1/class/autotools-files.mk:51: warning: ignoring old commands
for target `debian/stamp-autotools-files'
test -x debian/rules
mkdir -p builddir
if test -e /usr/share/misc/config.guess ; then \
for i in ./config.guess ; do \
if ! test -e $i.cdbs-orig ; then \
mv $i $i.cdbs-orig ; \
cp --remove-destination
/usr/share/misc/config.guess $i ; \
fi ; \
done ; \
fi
if test -e /usr/share/misc/config.sub ; then \
for i in ./config.sub ; do \
if ! test -e $i.cdbs-orig ; then \
mv $i $i.cdbs-orig ; \
cp --remove-destination
/usr/share/misc/config.sub $i ; \
fi ; \
done ; \
fi
autoreconf -vfi
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --force
autoreconf: configure.ac: tracing
autoreconf: running: libtoolize --copy --force
libtoolize: putting auxiliary files in `.'.
libtoolize: copying file `./ltmain.sh'
libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.ac and
libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree.
libtoolize: Consider adding `-I m4' to ACLOCAL_AMFLAGS in Makefile.am.
autoreconf: running: /usr/bin/autoconf --force
autoreconf: running: /usr/bin/autoheader --force
autoreconf: running: automake --add-missing --copy --force-missing
configure.ac:59: installing `./install-sh'
configure.ac:59: installing `./missing'
ddd/Makefile.am: installing `./depcomp'
autoreconf: Leaving directory `.'
touch debian/stamp-autotools-files
chmod a+x /«PKGBUILDDIR»/./configure
mkdir -p builddir
cd builddirCFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4
-Wformat -Werror=format-security -Wall -W -DNDEBUG CXXFLAGS=-g -O2
-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security
-Wall -W -DNDEBUG CPPFLAGS=-D_FORTIFY_SOURCE=2 LDFLAGS=-Wl,-z,relro
-Wl,--as-needed RSH=rsh LPR=lpr XTERM=xterm XFONTSEL=xfontsel GCORE=gcore
ice_cv_find_xp=no ac_cv_lib_Xp_XpSelectInput=no /«PKGBUILDDIR»/./configure
--build=x86_64-linux-gnu --prefix=/usr --includedir=\${prefix}/include
--mandir=\${prefix}/share/man --infodir=\${prefix}/share/info
--sysconfdir=/etc --localstatedir=/var --libexecdir=\${prefix}/lib/ddd
--disable-maintainer-mode --disable-dependency-tracking
--disable-silent-rules --with-readline-libraries
--disable-builtin-app-defaults --disable-builtin-manual
--disable-builtin-news --disable-builtin-license --with-userinfo=Daniel
Schepler schep...@debian.org
configure: WARNING: unrecognized options: --disable-maintainer-mode,
--disable-silent-rules
checking for product name... ddd 3.3.12 Dale Head
checking for expiration date... no
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... yes
checking whether make sets $(MAKE)... (cached) yes
checking for g77... no
checking for fort77... no
checking for f77... no
checking for f2c... no
checking whether ln -s works... yes
checking for sh... /bin/sh
checking for gtar... no
checking for tar... tar
checking for gm4... no
checking for m4... m4
checking for gsed... no
checking for sed... sed
checking for gdiff... no
checking for diff...
Bug#685551: marked as done (ntfs-3g: returns incorect type for junction points in readdir())
Your message dated Wed, 22 Aug 2012 05:17:44 +
with message-id e1t43k4-0004xq...@franck.debian.org
and subject line Bug#685551: fixed in ntfs-3g 1:2012.1.15AR.6-1
has caused the Debian Bug report #685551,
regarding ntfs-3g: returns incorect type for junction points in readdir()
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
685551: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685551
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: ntfs-3g
Version: 1:2012.1.15AR.5-4
Severity: serious
Tags: patch upstream
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch
*** /tmp/tmpkpCNMv/bug_body
In Ubuntu, the attached patch was applied to achieve the following:
* ntfs-3g-junction-point-fix.patch: Return the correct type (DT_LINK) for
NTFS Junction points, in readdir(). (LP: #997391)
A bug was recently fixed in upstream ntfs-3g, where baobab (The GNOME
disk usage visualisation tool) will loop infinitely when scanning a
Windows 7 partition.
http://tuxera.com/forum/viewtopic.php?f=2t=29578
https://bugzilla.redhat.com/show_bug.cgi?id=849332
Thanks for considering the patch.
SR
-- System Information:
Debian Release: wheezy/sid
APT prefers testing-proposed-updates
APT policy: (500, 'testing-proposed-updates'), (500, 'unstable'), (500,
'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_ZA.UTF-8, LC_CTYPE=en_ZA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Description: Return d_type = DT_LNK for NTFS Junction points in readdir()
readdir() was returning DT_DIR while stat() was returning S_IFLNK.
This caused baobab to infinitely loop.
Author: Jean-Pierre Andre
Origin: upstream, http://tuxera.com/forum/viewtopic.php?f=2t=29578
Bug-Ubuntu: https://launchpad.net/bugs/997391
Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=849332
Last-Update: 2012-08-21
--- a/libntfs-3g/dir.c
+++ b/libntfs-3g/dir.c
@@ -867,6 +867,83 @@
INDEX_TYPE_ALLOCATION, /* index allocation */
} INDEX_TYPE;
+/*
+ * Decode Interix file types
+ *
+ * Non-Interix types are returned as plain files, because a
+ * Windows user may force patterns very similar to Interix.
+ */
+
+static u32 ntfs_interix_types(ntfs_inode *ni)
+{
+ ntfs_attr *na;
+ u32 dt_type;
+ le64 magic;
+
+ dt_type = NTFS_DT_UNKNOWN;
+ na = ntfs_attr_open(ni, AT_DATA, NULL, 0);
+ if (na) {
+ /* Unrecognized patterns (eg HID + SYST) are plain files */
+ dt_type = NTFS_DT_REG;
+ if (na-data_size = 1) {
+ if (!(ni-flags FILE_ATTR_HIDDEN))
+dt_type = (na-data_size ?
+ NTFS_DT_SOCK : NTFS_DT_FIFO);
+ } else {
+ if ((na-data_size = (s64)sizeof(magic))
+ (ntfs_attr_pread(na, 0, sizeof(magic), magic)
+== sizeof(magic))) {
+if (magic == INTX_SYMBOLIC_LINK)
+ dt_type = NTFS_DT_LNK;
+else if (magic == INTX_BLOCK_DEVICE)
+ dt_type = NTFS_DT_BLK;
+else if (magic == INTX_CHARACTER_DEVICE)
+ dt_type = NTFS_DT_CHR;
+ }
+ }
+ ntfs_attr_close(na);
+ }
+ return (dt_type);
+}
+
+/*
+ * Decode file types
+ *
+ * Better only use for Interix types and junctions,
+ * unneeded complexity when used for plain files or directories
+ *
+ * Error cases are logged and returned as unknown.
+ */
+
+static u32 ntfs_dir_entry_type(ntfs_inode *dir_ni, MFT_REF mref, FILE_ATTR_FLAGS attributes)
+{
+ ntfs_inode *ni;
+ u32 dt_type;
+
+ dt_type = NTFS_DT_UNKNOWN;
+ ni = ntfs_inode_open(dir_ni-vol, mref);
+ if (ni) {
+ if ((attributes FILE_ATTR_REPARSE_POINT)
+ ntfs_possible_symlink(ni))
+ dt_type = NTFS_DT_LNK;
+ else
+ if ((attributes FILE_ATTR_SYSTEM)
+ !(attributes FILE_ATTR_I30_INDEX_PRESENT))
+dt_type = ntfs_interix_types(ni);
+ else
+dt_type = (attributes
+ FILE_ATTR_I30_INDEX_PRESENT
+ ? NTFS_DT_DIR : NTFS_DT_REG);
+ if (ntfs_inode_close(ni)) {
+ /* anything special to do ? */
+ }
+ }
+ if (dt_type == NTFS_DT_UNKNOWN)
+ ntfs_log_error(Could not decode the type of inode %lld\n,
+(long long)MREF(mref));
+ return (dt_type);
+}
+
/**
* ntfs_filldir - ntfs specific filldir method
* @dir_ni: ntfs inode of current directory
@@ -901,19 +978,23 @@
dir_ni-vol-mft_record_size;
else /* if (index_type == INDEX_TYPE_ROOT) */
*pos = (u8*)ie - (u8*)iu.ir;
+ mref = le64_to_cpu(ie-indexed_file);
+metadata = (MREF(mref) != FILE_root) (MREF(mref) FILE_first_user);
/* Skip root directory self reference entry. */
if (MREF_LE(ie-indexed_file) == FILE_root)
return 0;
- if (ie-key.file_name.file_attributes FILE_ATTR_I30_INDEX_PRESENT)
Bug#685581: inn: CVE-2012-3523 prone to STARTTLS plaintext command injection
Package: inn Version: 1.7.2q-41 Severity: grave From oss-security mailing list: the STARTTLS implementation in INN's NNTP server for readers, nnrpd, before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a plaintext command injection attack, a similar issue to CVE-2011-0411. References: [1] https://www.isc.org/software/inn/2.5.3article [2] https://bugs.gentoo.org/show_bug.cgi?id=432002 [3] https://bugzilla.redhat.com/show_bug.cgi?id=850478 Relevant upstream patch (the 'diff -Nurp inn-2.5.2/nnrpd/misc.c inn-2.5.3/nnrpd/misc.c' part): [4] ftp://ftp.isc.org/isc/inn/inn-2.5.2-2.5.3.diff.gz http://www.openwall.com/lists/oss-security/2012/08/21/8 http://www.openwall.com/lists/oss-security/2012/08/21/12 - Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
