Processed: guile-1.6: modifies *.la after calling dh_md5sums, resulting in md5sum-mismatch lintian error

[Debian Bug Tracking System]

Processing control commands:

 affects -1 + guile-1.6-libs guile-1.6-dev
Bug #688288 [src:guile-1.6] guile-1.6: modifies *.la after calling dh_md5sums, 
resulting in md5sum-mismatch lintian error
Added indication that 688288 affects guile-1.6-libs and guile-1.6-dev

-- 
688288: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688288
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688288: guile-1.6: modifies *.la after calling dh_md5sums, resulting in md5sum-mismatch lintian error

[Andreas Beckmann]

Source: guile-1.6
Version: 1.6.8-10.1
Severity: serious
Control: affects -1 + guile-1.6-libs guile-1.6-dev
X-Debbugs-Cc: jw...@debian.org

 Original Message 
Subject: Re: packages with E: md5sum-mismatch in the archive
Resent-Date: Thu, 20 Sep 2012 17:21:01 + (UTC)
Resent-From: debian-de...@lists.debian.org
Date: Thu, 20 Sep 2012 19:20:38 +0200
From: Jakub Wilk jw...@debian.org
To: debian-de...@lists.debian.org

* Andreas Beckmann deb...@abeckmann.de, 2012-09-20, 18:52:
Actually, we have lintian errors on the packages in the archive:

E: guile-1.6-libs: md5sum-mismatch usr/lib/libguile-srfi-srfi-4-v-1.la
E: guile-1.6-libs: md5sum-mismatch usr/lib/libguile-srfi-srfi-13-14-v-1.la
E: guile-1.6-libs: md5sum-mismatch usr/lib/libguilereadline-v-12.la
E: guile-1.6-dev: md5sum-mismatch usr/lib/libguile-ltdl.la
E: guile-1.6-dev: md5sum-mismatch usr/lib/libguile.la

I tried rebuilding guile-1.6 in a clean sid pbuilder chroot on amd64 
and could not reproduce the error. So a binNMU might be sufficient to 
fix this.

A binNMU would just paper over the actual bug. guile-1.6 debian/rules
has this:

dh_md5sums
sed -i /dependency_libs/ s/'.*'/''/ `find $(CURDIR)/debian/ -name 
'*.la'`
dh_builddeb

...which is wrong.

--
Jakub Wilk

I was suspecting something like this, but after my rebuild was working,
I didn't look into the source. So it may have been toolchain dependent
that the rebuild was working for me ... not something we can rely on ...

Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688290: nmzmail: modifies conffiles (policy 10.7.3): /etc/namazu/cgidirs

[Andreas Beckmann]

Package: nmzmail
Version: 1.1-1
Severity: serious
Tags: squeeze-ignore
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files

10.7.3: [...] The easy way to achieve this behavior is to make the
configuration file a conffile. [...] This implies that the default
version will be part of the package distribution, and must not be
modified by the maintainer scripts during installation (or at any
other time).

Note that once a package ships a modified version of that conffile,
dpkg will prompt the user for an action how to handle the upgrade of
this modified conffile (that was not modified by the user).

Further in 10.7.3: [...] must not ask unnecessary questions
(particularly during upgrades) [...]

If a configuration file is customized by a maintainer script after
having asked some debconf questions, it may not be marked as a
conffile. Instead a template could be installed in /usr/share and used
by the postinst script to fill in the custom values and create (or
update) the configuration file (preserving any user modifications!).
This file must be removed during postrm purge.
ucf(1) may help with these tasks.
See also http://wiki.debian.org/DpkgConffileHandling

In https://lists.debian.org/debian-devel/2012/09/msg00412.html and
followups it has been agreed that these bugs are to be filed with
severity serious.

debsums reports modification of the following files,
from the attached log (scroll to the bottom...):

  /etc/namazu/cgidirs


cheers,

Andreas


nmzmail_1.1-1.log.gz
Description: GNU Zip compressed data

Bug#687818: tomcat6: postinst modifies conffile /etc/logrotate.d/tomcat6

[Andreas Beckmann]

Version: 6.0.35-1
Followup-For: Bug #687818

[resending with the new, more informative bug template]

Hi,

during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files

10.7.3: [...] The easy way to achieve this behavior is to make the
configuration file a conffile. [...] This implies that the default
version will be part of the package distribution, and must not be
modified by the maintainer scripts during installation (or at any
other time).

Note that once a package ships a modified version of that conffile,
dpkg will prompt the user for an action how to handle the upgrade of
this modified conffile (that was not modified by the user).

Further in 10.7.3: [...] must not ask unnecessary questions
(particularly during upgrades) [...]

If a configuration file is customized by a maintainer script after
having asked some debconf questions, it may not be marked as a
conffile. Instead a template could be installed in /usr/share and used
by the postinst script to fill in the custom values and create (or
update) the configuration file (preserving any user modifications!).
This file must be removed during postrm purge.
ucf(1) may help with these tasks.
See also http://wiki.debian.org/DpkgConffileHandling

In https://lists.debian.org/debian-devel/2012/09/msg00412.html and
followups it has been agreed that these bugs are to be filed with
severity serious.

debsums reports modification of the following files,
from the attached log (scroll to the bottom...):

  /etc/logrotate.d/tomcat6


cheers,

Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688210: condor: Multiple security issues

[Moritz Muehlenhoff]

On Thu, Sep 20, 2012 at 01:55:52PM -0500, Jaime Frey wrote:
 The commits were made on the V7_6-branch, then merged into the V7_8-branch. 
 We had to manually resolve conflicts during the merge, as the affected code 
 had been modified during the 7.7.x series. Thus, there's no commit that can 
 be cleanly cherry-picked. I can provide patch files that will apply cleanly.
 
 We should certainly get Condor 7.8.4 into Unstable. It only contains bug 
 fixes. I would prefer it if we could get it into Debian Testing as well, but 
 I thought we were too far into the freeze for that.

During the freeze it's preferred to upload a 7.8.2~dfsg.1-1+deb7u1 version to 
unstable,
which only contains the isolated security fixes. This version can then be 
unblocked
by the Debian release managers (by filing a bug against release.debian.org)

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#635091: downgrading as its unreproducible

[Holger Levsen]

severity 635091 important
# actually wondering if this wasnt a duplicate of #671768
thanks


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: downgrading as its unreproducible

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 severity 635091 important
Bug #635091 [software-center] software-center: After upgrade from Squeeze, it 
doesn't start
Severity set to 'important' from 'grave'
 # actually wondering if this wasnt a duplicate of #671768
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
635091: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635091
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687925: unblock iscsitarget/1.4.20.2-10.1

[Loic Dachary]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package iscsitarget

  * Fixes ietadm not detecting inactive sessions (Closes: #687925).

It is a release critical bug. The patch comes from the upstream
repository and was checked by the author.

Please find the debdiff between -10 and -10.1 attached to this mail.

 changelog   |8 +++
 patches/inactive-sessions.patch |   83 
 patches/series  |1
 3 files changed, 92 insertions(+)

Note that this patch was also advocated by Ritesh Raj Sarraf r...@debian.org 
in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687925#65

Cheers

diff -Nru iscsitarget-1.4.20.2/debian/changelog iscsitarget-1.4.20.2/debian/changelog
--- iscsitarget-1.4.20.2/debian/changelog	2012-03-13 20:36:56.0 +0100
+++ iscsitarget-1.4.20.2/debian/changelog	2012-09-17 10:42:29.0 +0200
@@ -1,3 +1,11 @@
+iscsitarget (1.4.20.2-10.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+
+  * Fixes ietadm not detecting inactive sessions (Closes: #687925).
+
+ -- Loic Dachary (OuoU) l...@debian.org  Mon, 17 Sep 2012 10:42:29 +0200
+
 iscsitarget (1.4.20.2-10) unstable; urgency=low
 
   * [2bebbc2] don't prompt on modified conffiles.
diff -Nru iscsitarget-1.4.20.2/debian/patches/inactive-sessions.patch iscsitarget-1.4.20.2/debian/patches/inactive-sessions.patch
--- iscsitarget-1.4.20.2/debian/patches/inactive-sessions.patch	1970-01-01 01:00:00.0 +0100
+++ iscsitarget-1.4.20.2/debian/patches/inactive-sessions.patch	2012-09-17 10:29:12.0 +0200
@@ -0,0 +1,83 @@
+Description: ietadm not detecting inactive sessions
+ Once 1.4.20.3 is released, this patch can be dropped, it is commited at
+ http://iscsitarget.svn.sourceforge.net/viewvc/iscsitarget?revision=478view=revision
+ .
+ Fix retrieval of ietd pid from netlink
+ .
+ The ietd pid was retrieved from the credentials in the netlink skb
+ which happened to work with kernels  3.2. These days the credentials
+ are not sent by default anymore (and ietd doesn't fill them in) so
+ the pid needs to be determined from the netlink_skb_parms.
+ .
+ This fixes a bug reported by Clay Gerrard (Can't delete target after
+ initiator logs out, caused by the session removal event not making it
+ to ietd).
+ .
+Author: Arne Redlich arne.redl...@googlemail.com
+Reviewed-by: Loic Dachary l...@debian.org
+Last-Update: 2012-09-17
+Applied-Upstream: http://iscsitarget.svn.sourceforge.net/viewvc/iscsitarget?revision=478view=revision
+Bug-Debian: http://bugs.debian.org/687925
+Bug-Ubuntu: https://launchpad.net/bugs/967984
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: vendor|upstream|other, url of original patch
+Bug: url in upstream bugtracker
+Bug-Debian: http://bugs.debian.org/bugnumber
+Bug-Ubuntu: https://launchpad.net/bugs/bugnumber
+Forwarded: no|not-needed|url proving that it has been forwarded
+Reviewed-By: name and email of someone who approved the patch
+Last-Update: -MM-DD
+
+--- trunk/kernel/event.c	2012/04/03 18:19:28	477
 trunk/kernel/event.c	2012/04/06 21:58:31	478
+@@ -14,24 +14,8 @@
+ static struct sock *nl;
+ static u32 ietd_pid;
+ 
+-static int event_recv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
+-{
+-	u32 uid, pid, seq;
+-	char *data;
+-
+-	pid  = NETLINK_CREDS(skb)-pid;
+-	uid  = NETLINK_CREDS(skb)-uid;
+-	seq  = nlh-nlmsg_seq;
+-	data = NLMSG_DATA(nlh);
+-
+-	ietd_pid = pid;
+-
+-	return 0;
+-}
+-
+ static void event_recv_skb(struct sk_buff *skb)
+ {
+-	int err;
+ 	struct nlmsghdr	*nlh;
+ 	u32 rlen;
+ 
+@@ -42,9 +26,9 @@
+ 		rlen = NLMSG_ALIGN(nlh-nlmsg_len);
+ 		if (rlen  skb-len)
+ 			rlen = skb-len;
+-		if ((err = event_recv_msg(skb, nlh))) {
+-			netlink_ack(skb, nlh, -err);
+-		} else if (nlh-nlmsg_flags  NLM_F_ACK)
++		ietd_pid = NETLINK_CB(skb).pid;
++		WARN_ON(ietd_pid == 0);
++		if (nlh-nlmsg_flags  NLM_F_ACK)
+ 			netlink_ack(skb, nlh, 0);
+ 		skb_pull(skb, rlen);
+ 	}
+@@ -59,6 +43,7 @@
+ 	if (!(skb = alloc_skb(NLMSG_SPACE(len), gfp_mask)))
+ 		return -ENOMEM;
+ 
++	WARN_ON(ietd_pid == 0);
+ 	nlh = __nlmsg_put(skb, ietd_pid, seq++, NLMSG_DONE, len - sizeof(*nlh), 0);
+ 
+ 	memcpy(NLMSG_DATA(nlh), data, len);
diff -Nru iscsitarget-1.4.20.2/debian/patches/series iscsitarget-1.4.20.2/debian/patches/series
--- iscsitarget-1.4.20.2/debian/patches/series	2012-03-13 20:36:56.0 +0100
+++ iscsitarget-1.4.20.2/debian/patches/series	2012-09-17 10:13:01.0 +0200
@@ -1,2 +1,3 @@
 fix-build-3-2.patch
 iscsitarget-prelim-1.4.20.3.patch
+inactive-sessions.patch
attachment: loic.vcf

signature.asc
Description: OpenPGP digital signature

Bug#688278: fails to upgrade/install due to multiarch conflicts

[Jakub Wilk]

A diff between i386 and amd64 (after ungzipping) is attached.

--
Jakub Wilk
diff -ur gcc-4.7-base_4.7.2-1_i386/usr/share/doc/gcc-4.7-base/changelog.Debian 
gcc-4.7-base_4.7.2-1_amd64/usr/share/doc/gcc-4.7-base/changelog.Debian
--- gcc-4.7-base_4.7.2-1_i386/usr/share/doc/gcc-4.7-base/changelog.Debian   
2012-09-20 18:37:04.0 +0200
+++ gcc-4.7-base_4.7.2-1_amd64/usr/share/doc/gcc-4.7-base/changelog.Debian  
2012-09-20 16:58:05.0 +0200
@@ -3,6 +3,7 @@
   * GCC 4.7.2 release.
   * Issues addressed after the release candidate:
 - PR c++/53661 (wrong warning), LTO backport from trunk, documentation fix.
+  * Update NEWS files.
 
  -- Matthias Klose d...@debian.org  Thu, 20 Sep 2012 12:19:07 +0200
 

Bug#688298: jenkins: Multiple security issues

[Moritz Muehlenhoff]

Package: jenkins
Severity: grave
Tags: security
Justification: user security hole

Please see 
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb

CVE IDs have been assigned:
http://seclists.org/oss-sec/2012/q3/521

Remember Debian is frozen, so please upload only minimal fixes and and ask for a
freeze exception by filing a bug against release.debian.org

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: aster: FTBFS: IOError: [Errno 2] No such file or directory: '/etc/codeaster/astkrc/prefs'

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 merge 681750 686620
Bug #681750 [code-aster-run] code-aster-run (as_run) seems to need 
code-aster-gui (astk)
Bug #686620 [code-aster-run] aster: FTBFS: IOError: [Errno 2] No such file or 
directory: '/etc/codeaster/astkrc/prefs'
Bug #686620 [code-aster-run] aster: FTBFS: IOError: [Errno 2] No such file or 
directory: '/etc/codeaster/astkrc/prefs'
Merged 681750 686620

End of message, stopping processing here.

Please contact me if you need assistance.
-- 
681750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681750
686620: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686620
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: zabbix-frontend-php: modifies the config template /usr/share/doc/zabbix-frontend-php/dbconfig.php (policy 12.3, 10.7.3)

[Debian Bug Tracking System]

Processing control commands:

 found -1 1:1.8.2-1squeeze2
Bug #688302 [zabbix-frontend-php] zabbix-frontend-php: modifies the config 
template /usr/share/doc/zabbix-frontend-php/dbconfig.php (policy 12.3, 10.7.3)
Marked as found in versions zabbix/1:1.8.2-1squeeze2.

-- 
688302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688302: zabbix-frontend-php: modifies the config template /usr/share/doc/zabbix-frontend-php/dbconfig.php (policy 12.3, 10.7.3)

[Andreas Beckmann]

Package: zabbix-frontend-php
Version: 1:1.8.11-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 1:1.8.2-1squeeze2

Well, I'm using the bug template for modified conffiles, since that may
have been the original intention that caused this bug ...

Hi,

during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files

10.7.3: [...] The easy way to achieve this behavior is to make the
configuration file a conffile. [...] This implies that the default
version will be part of the package distribution, and must not be
modified by the maintainer scripts during installation (or at any
other time).

Note that once a package ships a modified version of that conffile,
dpkg will prompt the user for an action how to handle the upgrade of
this modified conffile (that was not modified by the user).

Further in 10.7.3: [...] must not ask unnecessary questions
(particularly during upgrades) [...]

If a configuration file is customized by a maintainer script after
having asked some debconf questions, it may not be marked as a
conffile. Instead a template could be installed in /usr/share and used
by the postinst script to fill in the custom values and create (or
update) the configuration file (preserving any user modifications!).
This file must be removed during postrm purge.
ucf(1) may help with these tasks.
See also http://wiki.debian.org/DpkgConffileHandling

In https://lists.debian.org/debian-devel/2012/09/msg00412.html and
followups it has been agreed that these bugs are to be filed with
severity serious.

debsums reports modification of the following files,
from the attached log (scroll to the bottom...):

  /usr/share/doc/zabbix-frontend-php/dbconfig.php


That modification will be gone on the next upgrade, think e.g. a
security fix needs to be applied.

Also using /usr/share/doc for that purpose violates policy 12.3:
http://www.debian.org/doc/debian-policy/ch-docs.html#s12.3
  [...] Packages must not require the existence of any files in
  /usr/share/doc/ in order to function [114]. Any files that are
  referenced by programs but are also useful as stand alone
  documentation should be installed under /usr/share/package/ with
  symbolic links from /usr/share/doc/package.

cheers,


Andreas


zabbix-frontend-php_1:1.8.11-1.log.gz
Description: GNU Zip compressed data

Processed: notfound 685907 in 304.37, found 685907 in 304.37-1, affects 688233 ..., found 688277 in 4.7.2-1 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 notfound 685907 304.37
Bug #685907 [nvidia-vdpau-driver] nvidia-vdpau-driver: it had better include 
libvdpau.so.304.37, libvdpau can't work
There is no source info for the package 'nvidia-vdpau-driver' at version 
'304.37' with architecture ''
Unable to make a source version for version '304.37'
No longer marked as found in versions nvidia-graphics-drivers/304.37.
 found 685907 304.37-1
Bug #685907 [nvidia-vdpau-driver] nvidia-vdpau-driver: it had better include 
libvdpau.so.304.37, libvdpau can't work
Marked as found in versions nvidia-graphics-drivers/304.37-1.
 affects 688233 - fail/uim-skk + uim-skk
Bug #688233 [uim-utils] /usr/bin/uim-module-manager: modifies conffiles (policy 
10.7.3): /etc/uim/installed-modules.scm, /etc/uim/loader.scm
Removed indication that 688233 affects fail/uim-skk
 found 688233 uim-chewing/0.1.0-2
Bug #688233 [uim-utils] /usr/bin/uim-module-manager: modifies conffiles (policy 
10.7.3): /etc/uim/installed-modules.scm, /etc/uim/loader.scm
Marked as found in versions uim-chewing/0.1.0-2.
 found 688233 uim-mozc/1.5.1090.102-3
Bug #688233 [uim-utils] /usr/bin/uim-module-manager: modifies conffiles (policy 
10.7.3): /etc/uim/installed-modules.scm, /etc/uim/loader.scm
The source uim-mozc and version 1.5.1090.102-3 do not appear to match any 
binary packages
Marked as found in versions uim-mozc/1.5.1090.102-3.
 found 688277 4.7.2-1
Bug #688277 [gcc-4.7-base] gcc-4.7-base:amd64 does not coexist with 
gcc-4.7-base:i386
There is no source info for the package 'gcc-4.7-base' at version '4.7.2-1' 
with architecture ''
Unable to make a source version for version '4.7.2-1'
Marked as found in versions 4.7.2-1.
 merge 688277 688278
Bug #688277 [gcc-4.7-base] gcc-4.7-base:amd64 does not coexist with 
gcc-4.7-base:i386
Bug #688278 [gcc-4.7-base] fails to upgrade/install due to multiarch conflicts
There is no source info for the package 'gcc-4.7-base' at version '4.7.2-1' 
with architecture ''
Unable to make a source version for version '4.7.2-1'
Marked as found in versions gcc-4.7/4.7.1-9.
Merged 688277 688278
 found 688199 5.2.6+dfsg-2
Bug #688199 [bacula-director-sqlite3] bacula-director-sqlite3: modifies 
conffiles (policy 10.7.3): /etc/bacula/scripts/delete_catalog_backup
Marked as found in versions bacula/5.2.6+dfsg-2.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
685907: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685907
688199: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688199
688233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688233
688277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688277
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: limit source to node-semver, tagging 684418

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 #node-semver (1.0.13-3) UNRELEASED; urgency=low
 #
 #  * Rename node shebang to nodejs. Closes: #684418.
 #
 limit source node-semver
Limiting to bugs with field 'source' containing at least one of 'node-semver'
Limit currently set to 'source':'node-semver'

 tags 684418 + pending
Bug #684418 [node-semver] node-semver: cannot install npm on sid armhf, b/c 
nodejs breaks node-semver
Added tag(s) pending.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
684418: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684418
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: limit source to npm, tagging 686894

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 #npm (1.1.4~dfsg-2) UNRELEASED; urgency=low
 #
 #  * debian/patches:
 #+ 1002_only_use_numeric_UIDs_and_GIDs_in_spawn.patch
 #  Upstream commit. Closes: #687052.
 #+ 2006_rename_node_to_nodejs.patch replaces node by
 #  process.execPath in all spawned commands, so that npm package
 #  lifecycle is not broken without nodejs-legacy. Closes: #686894.
 #
 limit source npm
Limiting to bugs with field 'source' containing at least one of 'npm'
Limit currently set to 'source':'npm'

 tags 686894 + pending
Bug #686894 [npm] npm: please run under nodejs, not node
Added tag(s) pending.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
686894: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686894
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: affects 688233

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 affects 688233 + uim-skk
Bug #688233 [uim-utils] /usr/bin/uim-module-manager: modifies conffiles (policy 
10.7.3): /etc/uim/installed-modules.scm, /etc/uim/loader.scm
Added indication that 688233 affects uim-skk
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688233
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#685360: [PATCH 1/1] HID: Fix missing Unifying device issue

[Nestor Lopez Casado]

This patch fixes an issue introduced after commit 4ea5454203d991ec

After that commit, hid-core silently discards any incoming packet
that arrives while any hid driver's probe function is being executed.

This broke the enumeration process of hid-logitech-dj, that must
receive control packets in-band with the mouse and keyboard
packets. Discarding mouse or keyboard data at the very begining is
usually fine, but it is not the case for control packets.

This patch forces a re-enumeration of the paired devices when a packet
arrives that comes from an unknown device.

Based on a patch originally written by Benjamin Tissoires.

Signed-off-by: Nestor Lopez Casado nlopezca...@logitech.com
---

Hello Jiri, David,

  I suggest we include this patch as this solves the issue with the 
  Unifying devices while we decide the future of the lock in hid-core.

  Cheers,
  Nestor

 drivers/hid/hid-logitech-dj.c |   45 +
 drivers/hid/hid-logitech-dj.h |1 +
 2 files changed, 46 insertions(+), 0 deletions(-)

diff --git a/drivers/hid/hid-logitech-dj.c b/drivers/hid/hid-logitech-dj.c
index 4d524b5..9500f2f 100644
--- a/drivers/hid/hid-logitech-dj.c
+++ b/drivers/hid/hid-logitech-dj.c
@@ -193,6 +193,7 @@ static struct hid_ll_driver logi_dj_ll_driver;
 static int logi_dj_output_hidraw_report(struct hid_device *hid, u8 * buf,
size_t count,
unsigned char report_type);
+static int logi_dj_recv_query_paired_devices(struct dj_receiver_dev 
*djrcv_dev);
 
 static void logi_dj_recv_destroy_djhid_device(struct dj_receiver_dev 
*djrcv_dev,
struct dj_report *dj_report)
@@ -233,6 +234,7 @@ static void logi_dj_recv_add_djhid_device(struct 
dj_receiver_dev *djrcv_dev,
if (dj_report-report_params[DEVICE_PAIRED_PARAM_SPFUNCTION] 
SPFUNCTION_DEVICE_LIST_EMPTY) {
dbg_hid(%s: device list is empty\n, __func__);
+   djrcv_dev-querying_devices = false;
return;
}
 
@@ -243,6 +245,12 @@ static void logi_dj_recv_add_djhid_device(struct 
dj_receiver_dev *djrcv_dev,
return;
}
 
+   if (djrcv_dev-paired_dj_devices[dj_report-device_index]) {
+   /* The device is already known. No need to reallocate it. */
+   dbg_hid(%s: device is already known\n, __func__);
+   return;
+   }
+
dj_hiddev = hid_allocate_device();
if (IS_ERR(dj_hiddev)) {
dev_err(djrcv_hdev-dev, %s: hid_allocate_device failed\n,
@@ -306,6 +314,7 @@ static void delayedwork_callback(struct work_struct *work)
struct dj_report dj_report;
unsigned long flags;
int count;
+   int retval;
 
dbg_hid(%s\n, __func__);
 
@@ -338,6 +347,25 @@ static void delayedwork_callback(struct work_struct *work)
logi_dj_recv_destroy_djhid_device(djrcv_dev, dj_report);
break;
default:
+   /* A normal report (i. e. not belonging to a pair/unpair notification)
+* arriving here, means that the report arrived but we did not have a
+* paired dj_device associated to the report's device_index, this
+* means that the original device paired notification corresponding
+* to this dj_device never arrived to this driver. The reason is that
+* hid-core discards all packets coming from a device while probe() is
+* executing. */
+   if (!djrcv_dev-paired_dj_devices[dj_report.device_index]) {
+   /* ok, we don't know the device, just re-ask the
+* receiver for the list of connected devices. */
+   retval = logi_dj_recv_query_paired_devices(djrcv_dev);
+   if (!retval) {
+   /* everything went fine, so just leave */
+   break;
+   }
+   dev_err(djrcv_dev-hdev-dev,
+   %s:logi_dj_recv_query_paired_devices 
+   error:%d\n, __func__, retval);
+   }
dbg_hid(%s: unexpected report type\n, __func__);
}
 }
@@ -368,6 +396,12 @@ static void logi_dj_recv_forward_null_report(struct 
dj_receiver_dev *djrcv_dev,
if (!djdev) {
dbg_hid(djrcv_dev-paired_dj_devices[dj_report-device_index]
 is NULL, index %d\n, dj_report-device_index);
+   kfifo_in(djrcv_dev-notif_fifo, dj_report, sizeof(struct 
dj_report));
+
+   if (schedule_work(djrcv_dev-work) == 0) {
+   dbg_hid(%s: did not schedule the work item, was 
already 
+   queued\n, __func__);
+   }
return;
}
 
@@ -398,6 +432,12 @@ static void logi_dj_recv_forward_report(struct 
dj_receiver_dev *djrcv_dev,
if (dj_device == NULL) {

Bug#684418: marked as done (node-semver: cannot install npm on sid armhf, b/c nodejs breaks node-semver)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 10:32:47 +
with message-id e1tf0xp-0002l6...@franck.debian.org
and subject line Bug#684418: fixed in node-semver 1.0.13-2
has caused the Debian Bug report #684418,
regarding node-semver: cannot install npm on sid armhf, b/c nodejs breaks 
node-semver
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
684418: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684418
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: node-semver
Version: 1.0.13-1
Severity: grave
Tags: d-i upstream
Justification: renders package unusable

Dear Maintainer,
*** Please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these lines ***

cannot install npm 1.1.4~dfsg-1 on sid armhf in chrooted galaxy nexus.
npm 1.1.4~dfsg-1 requires node-semver 1.0.13-1.
but in aptitude, nodejs 0.6.19~dfsg1-4 both breaks  is required by node-semver 
1.0.13-1.

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: armhf (armv7l)

Kernel: Linux 3.0.36-leanKernel-3.10.0-04420-gd336922 (SMP w/1 CPU core; 
PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
Source: node-semver
Source-Version: 1.0.13-2

We believe that the bug you reported is fixed in the latest version of
node-semver, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 684...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jérémy Lal kapo...@melix.org (supplier of updated node-semver package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 21 Sep 2012 12:18:26 +0200
Source: node-semver
Binary: node-semver
Architecture: source all
Version: 1.0.13-2
Distribution: unstable
Urgency: low
Maintainer: Debian Javascript Maintainers 
pkg-javascript-de...@lists.alioth.debian.org
Changed-By: Jérémy Lal kapo...@melix.org
Description: 
 node-semver - Semantic versioner for NodeJS
Closes: 684418
Changes: 
 node-semver (1.0.13-2) unstable; urgency=low
 .
   * Fix watch file.
   * Rename node shebang to nodejs. Closes: #684418.
Checksums-Sha1: 
 2713b610dec62e82742e548b41c4e0edcefa09a4 1332 node-semver_1.0.13-2.dsc
 a4b6f2d402913497a72c31877f6b84cee856f68b 4028 
node-semver_1.0.13-2.debian.tar.gz
 01ec9d0340f2c77195edb0dc4ce978024476788c 9500 node-semver_1.0.13-2_all.deb
Checksums-Sha256: 
 d9c994d5caa058c8017c18d81c2b1ac63ff1de5bd9ccb5dd988ce5dca3ce7e6c 1332 
node-semver_1.0.13-2.dsc
 c60055807dff9546baf4462ccbfb8f20cfdc3c7e0336a6f8f4e87528185e184a 4028 
node-semver_1.0.13-2.debian.tar.gz
 19609c29fa98d5866c5594a8eb2d365af9b0ba2779f93a01661157c4741eb0b5 9500 
node-semver_1.0.13-2_all.deb
Files: 
 7f5b87744d394062d5e0a00b98489967 1332 web extra node-semver_1.0.13-2.dsc
 90accc83c0aafe4acaaac503b03d7458 4028 web extra 
node-semver_1.0.13-2.debian.tar.gz
 842260c9db6e7054e4978b8d95a2469d 9500 web extra node-semver_1.0.13-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlBcQEQACgkQ5qqQFxOSsXRVUgCeObiNNcHYjYdzRaK1j3yLkhp2
FxsAn1KL9OkiMXMLJRYbE+Wz3fSMruER
=As8V
-END PGP SIGNATUREEnd Message---

Bug#688151: fwknop: Multiple security issues

[Moritz Muehlenhoff]

On Thu, Sep 20, 2012 at 08:41:26AM +0200, Franck Joncourt wrote:
 Hi Luciano,

 Le 19/09/2012 22:40, Luciano Bello a écrit :[...]

 The new fwknop fixes many security problems:
 http://seclists.org/oss-sec/2012/q3/509

 It's fixed in 2.0.3. The link include the patches too.

 I have upgraded my working copy with the latest 2.0.3 but I was working 
 on the perl binding, so I did not upload it by now.

 I am going to upload it to fix theses issues.

Since testing is frozen it's better to apply the isolated security fixes
in a 2.0.0rc2-2+deb7u1 upload to testing-proposed-updates to ensure these
are fixed in Wheezy.

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#650138: Bug#639565:

[Satoru KURASHIKI]

hi,

On Fri, Sep 21, 2012 at 3:35 AM, gregor herrmann gre...@debian.org wrote:
 Just to be sure: you have rebuilt both liboauth and goldencheetah,
 right?

Yes, that was right.

 Does goldencheetah still work if only liboauth is rebuilt and
 goldencheetah is unchanged (i.e. the version in the archive now)?

So, I've tested this also, and it works fine :-)

 - goldencheetah can build if liboauth gets update
 - goldencheetah can run with updated liboauth, without rebuilding for it

regards,
-- 
KURASHIKI Satoru


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688210: condor: Multiple security issues

[Michael Hanke]

[CC the release team to get an opinion on incorporating bugfixes
 from upstream stable/bugfix releases during the freeze]

On Fri, Sep 21, 2012 at 09:11:56AM +0200, Moritz Muehlenhoff wrote:
 On Thu, Sep 20, 2012 at 01:55:52PM -0500, Jaime Frey wrote:
  The commits were made on the V7_6-branch, then merged into the
  V7_8-branch. We had to manually resolve conflicts during the merge,
  as the affected code had been modified during the 7.7.x series.
  Thus, there's no commit that can be cleanly cherry-picked. I can
  provide patch files that will apply cleanly.
  
  We should certainly get Condor 7.8.4 into Unstable. It only contains
  bug fixes. I would prefer it if we could get it into Debian Testing
  as well, but I thought we were too far into the freeze for that.
 
 During the freeze it's preferred to upload a 7.8.2~dfsg.1-1+deb7u1
 version to unstable, which only contains the isolated security fixes.
 This version can then be unblocked by the Debian release managers (by
 filing a bug against release.debian.org)

It is indeed preferred. However, while it makes perfect sense for many
projects to use this as a stabilization method, I think the situation
here is a little different.

Condor uses a dual stable (even version) and development (odd version)
branch system. The current stable release 7.8 has been uploaded to
wheezy to not have problems with a development version in a stable
Debian release. Every single update to the 7.8 branch is a bugfix-only
release. If you look into the changelog you find:

New Features:
  None.

for all 7.8.* releases after the one we have in wheezy right now. So the
purpose of the branch is identical to the purpose of the wheezy freeze
-- stabilization. In this particular case I find it difficult to see,
why we would want one kind of bugfix but not the other. Especially at
the cost of breaking stuff when having to backport the patches.

IMHO it makes perfect sense to base stabilization efforts for Condor in
Debian wheezy atop of the continuous work on stabilizing Condor 7.8 done
by the Condor development team (with pretty impressive man power).

Here is the current list of bugs we are not planning on fixing for
wheezy when following the preferred procedure (excluding those already
filed in the Debian BTS):

1. Fixed the condor_schedd daemon; it would crash when a submit description
   file contained a malformed $$() expansion macro that contained a period.
   (Ticket #3216).
2. Fixed a case in which a daemon could crash and leave behind a log file
   owned by root. This root-owned file would then cause subsequent attempts
   to restart the daemon to fail. (Ticket #2894).
3. Fixed a special case bug in which configuration variables defined utilizing
   initial substrings of $(DOLLAR), for example $(D) and $(DO), were not
   expanded properly. (Ticket #3217).
4. Fixed a bug in which usage of cgroups incorrectly included the page cache
   in the maximum memory usage. This bug fix is also included in Condor version
   7.9.0. (Ticket #3003).
5. Jobs from a hook to fetch work, where the hook is defined by configuration
   variable Keyword_HOOK_FETCH_WORK, now correctly receive dynamic slots
   from a partitionable slot instead of claiming the entire partitionable slot.
   (Ticket #2819).
6. Fixed a bug in which a slot might become stuck in the Preempting state when
   a condor_startd is configured with a hook to fetch work, as defined by
   Keyword_HOOK_FETCH_WORK . (Ticket #3076).
7. Fixed a bug that caused Condor to transfer a job's input files from the
   execute machine back to the submit machine as if they were output files.
   This would happen if the job's input files were stored in Condor's spool
   directory; occurred if the job was submitted via Condor-C or via
   condor_submit with the -spool or -remote options. (Ticket #2406).
8. Fixed a bug that could cause the first grid-type cream jobs destined for a
   particular CREAM server to never be submitted to that server. This bug was
   probably introduced in Condor version 7.6.5. (Ticket #3054).
9. Fixed several problems with the XML parsing class ClassAdXMLParser in the
   ClassAds library:
   - Several methods named ParseClassAd() were declared, but never implemented.
 (Ticket #3049).
   - The parser silently dropped leading white space in string values.
 (Ticket #3042).
   - The parser could go into an infinite loop or leak memory when reading a
 malformed ClassAd XML document. (Ticket #3045).
10. Fixed a bug that prevented the -f command line option to condor_history
from being recognized. The -f option was being interpreted as -forward. At
least four letters are now required for the -forward option (-forw) to
prevent ambiguity. (Ticket #3044).
11. The implementation of the condor_history -backwards option, which is the
default ordering for reading the history file, in the 7.7 series did not
work on Windows platforms. This has been fixed. (Ticket #3055).
12. Fixed a 

Bug#687406: jscribble: diff for NMU version 1.7.7-1.1

[gregor herrmann]

tags 687406 + pending
thanks

Dear maintainer,

Andrew Starr-Bochicchio has prepared an NMU for jscribble (versioned
as 1.7.7-1.1) and I've uploaded it to DELAYED/2. Please feel free to
tell me if I should delay it longer.

Regards.

-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: The Beatles: A Day In The Life
diff -Nru jscribble-1.7.7/debian/changelog jscribble-1.7.7/debian/changelog
--- jscribble-1.7.7/debian/changelog	2012-04-21 21:17:06.0 +0200
+++ jscribble-1.7.7/debian/changelog	2012-09-21 14:13:08.0 +0200
@@ -1,3 +1,12 @@
+jscribble (1.7.7-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * debian/rules: Tests require an X server so call them
+with xvfb-run. (Closes: #687406)
+  * debian/control: Build depend on xauth and xvfb.
+
+ -- Andrew Starr-Bochicchio a.star...@gmail.com  Thu, 20 Sep 2012 15:08:02 -0400
+
 jscribble (1.7.7-1) unstable; urgency=high
 
   [ Martin Ueding ]
diff -Nru jscribble-1.7.7/debian/control jscribble-1.7.7/debian/control
--- jscribble-1.7.7/debian/control	2012-04-21 13:31:04.0 +0200
+++ jscribble-1.7.7/debian/control	2012-09-21 14:11:06.0 +0200
@@ -2,7 +2,7 @@
 Section: utils
 Priority: extra
 Maintainer: Martin Ueding d...@martin-ueding.de
-Build-Depends: debhelper (= 8), default-jdk (= 1:1.6), junit (= 3), php5-cli, python-docutils
+Build-Depends: debhelper (= 8), default-jdk (= 1:1.6), junit (= 3), php5-cli, python-docutils, xauth, xvfb
 Standards-Version: 3.9.3
 Homepage: http://martin-ueding.de/jscribble/
 
diff -Nru jscribble-1.7.7/debian/rules jscribble-1.7.7/debian/rules
--- jscribble-1.7.7/debian/rules	2011-11-27 14:13:56.0 +0100
+++ jscribble-1.7.7/debian/rules	2012-09-21 14:11:06.0 +0200
@@ -3,3 +3,6 @@
 
 %:
 	dh $@ 
+
+override_dh_auto_test:
+	xvfb-run -a dh_auto_test


signature.asc
Description: Digital signature

Processed: jscribble: diff for NMU version 1.7.7-1.1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tags 687406 + pending
Bug #687406 [src:jscribble] jscribble: FTBFS: junit fails
Added tag(s) pending.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
687406: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687406
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687406: jscribble: FTBFS: junit fails

[gregor herrmann]

On Fri, 21 Sep 2012 10:24:26 +0900, Hideki Yamane wrote:

  A nicer alternative would be to run the tests under xvfb.
  ! Yes, that's true. I didn't notice it...
  And your patch seems to be good. Great thanks to you, gregor.

Thanks for the confirmation!

I've now uploaded Andrew's version of the patch (which has a nicer
changelog entry than mine) to DELAYED/2.

Cheers,
gregor
 
-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: The Beatles: A Day In The Life


signature.asc
Description: Digital signature

Bug#677582: fixed in gcc-4.4 4.4.7-3

[Andreas Beckmann]

Version: 4.4.7-3

Unfortunately my patch (that was working well at the time I wrote and
tested it) is no longer fixing the situation. Probably something has
changed in the dependency tree and apt now goes for a different solution
and continues to hold back gcc-4.4-base instead of removing gcj-4.4 ...
I'm now trying to add these Breaks to gcc-4.7-base, that can't be held
back, hopefully.


Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#639565: liboauth: diff for NMU version 0.9.4-3.1

[gregor herrmann]

tags 639565 + pending
tags 650138 + pending
thanks

Dear maintainer,

I've prepared an NMU for liboauth (versioned as 0.9.4-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.

-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: Sophie Hunger: Breaking the Waves
diff -Nru liboauth-0.9.4/debian/changelog liboauth-0.9.4/debian/changelog
--- liboauth-0.9.4/debian/changelog	2011-11-05 12:41:07.0 +0100
+++ liboauth-0.9.4/debian/changelog	2012-09-21 14:24:52.0 +0200
@@ -1,3 +1,19 @@
+liboauth (0.9.4-3.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix please make loose libcurl dependency:
+change liboauth-dev's Depends to libcurl4-gnutls-dev | libcurl4-dev,
+libnss3-dev (instead of libcurl4-nss-dev)
+(Closes: #639565)
+  * Fix liboauth0: doesn't work with NSS libcurl flavour:
+build-depend on libcurl4-gnutls-dev | libcurl4-dev (instead of
+libcurl4-nss-dev)
+(Closes: #650138)
+  * Thanks to HAMANO Tsukasa and Alessandro Ghedini for accompanying me
+through this maze, and to Satoru KURASHIKI for additional tests.
+
+ -- gregor herrmann gre...@debian.org  Fri, 21 Sep 2012 14:19:45 +0200
+
 liboauth (0.9.4-3) unstable; urgency=low
 
   * Sync from Ubuntu:
diff -Nru liboauth-0.9.4/debian/control liboauth-0.9.4/debian/control
--- liboauth-0.9.4/debian/control	2011-11-05 12:41:07.0 +0100
+++ liboauth-0.9.4/debian/control	2012-09-17 19:31:21.0 +0200
@@ -2,7 +2,7 @@
 Priority: optional
 Maintainer: Bilal Akhtar bilalakh...@ubuntu.com
 Build-Depends: debhelper (= 8.1.3),
-   libcurl4-nss-dev,
+   libcurl4-gnutls-dev | libcurl4-dev,
libnss3-dev,
libtool,
locales-all | language-pack-en,
@@ -16,7 +16,7 @@
 Package: liboauth-dev
 Section: libdevel
 Architecture: any
-Depends: liboauth0 (= ${binary:Version}), libcurl4-nss-dev, ${misc:Depends}
+Depends: liboauth0 (= ${binary:Version}), libcurl4-gnutls-dev | libcurl4-dev, libnss3-dev, ${misc:Depends}
 Description: C library for implementing OAuth 1.0 (development files)
  liboauth is a collection of C functions implementing the
  OAuth Core 1.0 standard API. liboauth provides basic functions to escape


signature.asc
Description: Digital signature

Bug#639565:

[gregor herrmann]

On Fri, 21 Sep 2012 20:28:03 +0900, Satoru KURASHIKI wrote:

  Does goldencheetah still work if only liboauth is rebuilt and
  goldencheetah is unchanged (i.e. the version in the archive now)?
 So, I've tested this also, and it works fine :-)
  - goldencheetah can build if liboauth gets update
  - goldencheetah can run with updated liboauth, without rebuilding for it

Thank you very much for these tests!

I've now uploaded liboauth to DELAYED/2 with this changes.


Cheers,
gregor
 
-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: Supertramp: And The Light


signature.asc
Description: Digital signature

Processed: liboauth: diff for NMU version 0.9.4-3.1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tags 639565 + pending
Bug #639565 [liboauth-dev] liboauth-dev: please make loose libcurl dependency
Added tag(s) pending.
 tags 650138 + pending
Bug #650138 [liboauth0] liboauth0: doesn't work with NSS libcurl flavour
Added tag(s) pending.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
639565: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639565
650138: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650138
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688233: /usr/bin/uim-module-manager: modifies conffiles (policy 10.7.3): /etc/uim/installed-modules.scm, /etc/uim/loader.scm

[dai]

Hi,

On Thu, Sep 20, 2012 at 05:07:42PM +0200, Andreas Beckmann wrote:
 debsums reports modification of the following files,
 from the attached log (scroll to the bottom...):
 
   /etc/uim/installed-modules.scm
   /etc/uim/loader.scm
 
 Having the registration/unregistration of the modules done by 
 uim-module-manager is perfectly fine, only the registration
 database files must not be conffiles and must be cleaned up
 during postrm purge.

I am preparing uim 1:1.8.1-3.
I already pushed diffs to git.debian.org (without changelog and tag).
gzip compressed debdiff attached.

http://anonscm.debian.org/gitweb/?p=collab-maint/uim.git

In uim 1:1.8.1-3, /etc/uim/ directory is removed and /var/lib/uim/ is used.
/usr/share/uim/{installed-modules,loader}.scm symlinks are switched
from /etc/uim/ to /var/lib/uim/.

Upgrading to 1:1.8.1-3, {installed-modules,loader}.scm files in /etc/uim/
move to /var/lib/uim/ automatically in libuim-data.postinst.
Because they are modified by uim im packages, for example,
uim-anthy, uim-skk, uim-mozc and uim-chewing's postinst/prerm scripts.

Thus, I am glad to hear any comment to my approach.
If it is correct, I will upload uim 1:1.8.1-3.
If accepted, please update your packages' postinst/prerm scripts.

before)
- uim-module-manager --register skk --path /etc/uim
- uim-module-manager --unregister skk --path /etc/uim

after)
- uim-module-manager --register skk --path /var/lib/uim
- uim-module-manager --unregister skk --path /var/lib/uim

As far as I know, no one read /etc/uim/ directly.
They read /usr/share/uim/{installed-modules,loader}.scm not /etc/uim/.
-- 
Regards,
dai

GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E


uim_1.8.1-2-1.8.1-3.debdiff.gz
Description: Binary data


signature.asc
Description: Digital signature

Bug#684433: gdal: diff for NMU version 1.9.0-3.1

[gregor herrmann]

On Wed, 19 Sep 2012 15:07:24 +0200, Francesco P. Lovergine wrote:

  I've prepared an NMU for gdal (versioned as 1.9.0-3.1) and
  uploaded it to DELAYED/2. Please feel free to tell me if I
  should delay it longer.
 Ok, even if I'm starting to think that in jassie we should simply
 drop ruby support in gdal, because it is simply unmaintained 
 upstream AFAIK. 

Yeah, sounds reasonable.

Cheers,
gregor 
 
-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: Janis Joplin: Ball And Chain


signature.asc
Description: Digital signature

Processed: Re: Bug#620866: broken update-alternatives

[Debian Bug Tracking System]

Processing control commands:

 tag -1 confirmed
Bug #620866 [inform] broken update-alternatives
Added tag(s) confirmed.

-- 
620866: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620866
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#620866: broken update-alternatives

[gregor herrmann]

Control: tag -1 confirmed

On Mon, 04 Apr 2011 15:10:06 -0400, Joey Hess wrote:

 Setting up inform (6.31.1+dfsg-1) ...
 update-alternatives: error: alternative path /usr/bin/inform-6.31 doesn't 
 exist.

The package ships /usr/bin/inform (and not /usr/bin/inform-6.31),
there's no other /usr/bin/inform in Contents, and
I didn't find other packages dealing with an alternative for
/usr/bin/inform in the lintian lab.

So the update-alternative calls can probably just be dropped. (And
thereby the complete prerm and postinst.)

(I'm not sure I care enough to find out why this non-free package is
only built on some architectures so far.)

Cheers,
gregor
 
-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: Eric Clapton: Let It Grow


signature.asc
Description: Digital signature

Bug#688008: CVE requested

[Henri Salo]

CVE-requested in oss-security: 
http://www.openwall.com/lists/oss-security/2012/09/21/8

- Henri Salo


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687579: abby: neither works with current clive nor with current

[gustavo panizzo gfa]

cclive version 
Reply-To: 
X-Operating-System: Linux io 3.5-trunk-amd64 

i did some testing today, and found out abby needs squeeze version of
ccive to work.

upstream has abandoned the project, marking it as inactive. is no
longer possible to download abby's source code.

i think this package should be removed.

-- 
1AE0 322E B8F7 4717 BDEA  BF1D 44BB 1BA7 9F6C 6333


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688278: marked as done (fails to upgrade/install due to multiarch conflicts)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 15:34:07 +
with message-id e1tf5f1-0005ta...@franck.debian.org
and subject line Bug#688278: fixed in gcc-4.7 4.7.2-2
has caused the Debian Bug report #688278,
regarding fails to upgrade/install due to multiarch conflicts
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: gcc-4.7-base
Version: 4.7.2-1
Severity: serious

I do have multiarch enabled: amd64 being the primary arch, i386 the secondary.

During today's upgrade I got the following error message:

Reading package lists... Done
Building dependency tree   
Reading state information... Done
Correcting dependencies... Done
The following packages will be upgraded:
  cpp-4.7 g++-4.7 gcc-4.7 gcc-4.7-base:i386 libgcc1 libgcc1:i386 libgfortran3
  libgomp1 libitm1 libmission-control-plugins0 libquadmath0 libstdc++6
  libstdc++6-4.7-dev telepathy-mission-control-5
14 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
Need to get 0 B/24.9 MB of archives.
After this operation, 108 kB disk space will be freed.
Do you want to continue [Y/n]? 
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
Reading changelogs... Done
Can not write log, openpty() failed (/dev/pts not mounted?)
(Reading database ... 249806 files and directories currently installed.)
Preparing to replace gcc-4.7-base:i386 4.7.1-9 (using 
.../gcc-4.7-base_4.7.2-1_i386.deb) ...
Unpacking replacement gcc-4.7-base:i386 ...
dpkg: error processing /var/cache/apt/archives/gcc-4.7-base_4.7.2-1_i386.deb 
(--unpack):
 trying to overwrite shared '/usr/share/doc/gcc-4.7-base/changelog.Debian.gz', 
which is different from other instances of package gcc-4.7-base:i386
Errors were encountered while processing:
 /var/cache/apt/archives/gcc-4.7-base_4.7.2-1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)




-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-30-generic (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
Source: gcc-4.7
Source-Version: 4.7.2-2

We believe that the bug you reported is fixed in the latest version of
gcc-4.7, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 688...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Klose d...@debian.org (supplier of updated gcc-4.7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 21 Sep 2012 11:58:10 +0200
Source: gcc-4.7
Binary: gcc-4.7-base libgcc1 libgcc1-dbg libgcc2 libgcc2-dbg libgcc4 
libgcc4-dbg lib64gcc1 lib64gcc1-dbg lib32gcc1 lib32gcc1-dbg libn32gcc1 
libn32gcc1-dbg gcc-4.7 gcc-4.7-multilib gcc-4.7-plugin-dev gcc-4.7-hppa64 
gcc-4.7-spu g++-4.7-spu gfortran-4.7-spu cpp-4.7 gcc-4.7-locales g++-4.7 
g++-4.7-multilib libmudflap0 libmudflap0-dbg lib32mudflap0 lib32mudflap0-dbg 
lib64mudflap0 lib64mudflap0-dbg libn32mudflap0 libn32mudflap0-dbg 
libmudflap0-4.7-dev libgomp1 libgomp1-dbg lib32gomp1 lib32gomp1-dbg lib64gomp1 
lib64gomp1-dbg libn32gomp1 libn32gomp1-dbg libitm1 libitm1-dbg lib32itm1 
lib32itm1-dbg lib64itm1 lib64itm1-dbg libn32itm1 libn32itm1-dbg libquadmath0 
libquadmath0-dbg lib32quadmath0 lib32quadmath0-dbg lib64quadmath0 
lib64quadmath0-dbg libn32quadmath0 libn32quadmath0-dbg gobjc++-4.7 
gobjc++-4.7-multilib gobjc-4.7 gobjc-4.7-multilib libobjc4 libobjc4-dbg 
lib64objc4 lib64objc4-dbg lib32objc4 lib32objc4-dbg libn32objc4 libn32objc4-dbg 
gfortran-4.7 gfortran-4.7-multilib
 libgfortran3 libgfortran3-dbg lib64gfortran3 lib64gfortran3-dbg lib32gfortran3 
lib32gfortran3-dbg libn32gfortran3 libn32gfortran3-dbg gccgo-4.7 
gccgo-4.7-multilib libgo0 libgo0-dbg lib64go0 lib64go0-dbg lib32go0 
lib32go0-dbg libn32go0 libn32go0-dbg libstdc++6 lib32stdc++6 lib64stdc++6 
libn32stdc++6 libstdc++6-4.7-dev libstdc++6-4.7-pic libstdc++6-4.7-dbg 

Bug#688277: marked as done (gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 15:34:07 +
with message-id e1tf5f1-0005ta...@franck.debian.org
and subject line Bug#688278: fixed in gcc-4.7 4.7.2-2
has caused the Debian Bug report #688278,
regarding gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package:gcc-4.7-base
Version: 4.7.1-9
Severity: serious

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
  python-wicd wicd wicd-curses wicd-daemon wicd-gtk
The following packages will be upgraded:
  cpp-4.7 g++-4.7 gcc-4.7 gcc-4.7-base gcc-4.7-base:i386 libgcc1
libgcc1:i386 libgcc1-dbg libgfortran3 libgomp1 libgomp1-dbg libitm1
libmudflap0 libmudflap0-dbg libquadmath0 libquadmath0-dbg libstdc++6
libstdc++6:i386 libstdc++6-4.7-dev
19 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.
Need to get 25.5 MB of archives.
After this operation, 115 kB disk space will be freed.
Do you want to continue [Y/n]? y
Get:1 http://ftp.us.debian.org/debian/ unstable/main libgcc1-dbg amd64
1:4.7.2-1 [101 kB]
Get:2 http://ftp.us.debian.org/debian/ unstable/main gcc-4.7-base i386
4.7.2-1 [143 kB]
Get:3 http://ftp.us.debian.org/debian/ unstable/main gcc-4.7-base
amd64 4.7.2-1 [143 kB]
Get:4 http://ftp.us.debian.org/debian/ unstable/main libstdc++6 i386
4.7.2-1 [346 kB]
Get:5 http://ftp.us.debian.org/debian/ unstable/main libstdc++6 amd64
4.7.2-1 [332 kB]
Get:6 http://ftp.us.debian.org/debian/ unstable/main libgcc1 amd64
1:4.7.2-1 [43.1 kB]
Get:7 http://ftp.us.debian.org/debian/ unstable/main libgcc1 i386
1:4.7.2-1 [53.3 kB]
Get:8 http://ftp.us.debian.org/debian/ unstable/main libitm1 amd64
4.7.2-1 [36.6 kB]
Get:9 http://ftp.us.debian.org/debian/ unstable/main libgomp1-dbg
amd64 4.7.2-1 [79.6 kB]
Get:10 http://ftp.us.debian.org/debian/ unstable/main libgomp1 amd64
4.7.2-1 [27.6 kB]
Get:11 http://ftp.us.debian.org/debian/ unstable/main libmudflap0-dbg
amd64 4.7.2-1 [178 kB]
Get:12 http://ftp.us.debian.org/debian/ unstable/main libmudflap0
amd64 4.7.2-1 [100 kB]
Get:13 http://ftp.us.debian.org/debian/ unstable/main libquadmath0
amd64 4.7.2-1 [125 kB]
Get:14 http://ftp.us.debian.org/debian/ unstable/main libquadmath0-dbg
amd64 4.7.2-1 [175 kB]
Get:15 http://ftp.us.debian.org/debian/ unstable/main libgfortran3
amd64 4.7.2-1 [351 kB]
Get:16 http://ftp.us.debian.org/debian/ unstable/main cpp-4.7 amd64
4.7.2-1 [5,414 kB]
Get:17 http://ftp.us.debian.org/debian/ unstable/main
libstdc++6-4.7-dev amd64 4.7.2-1 [1,725 kB]
Get:18 http://ftp.us.debian.org/debian/ unstable/main g++-4.7 amd64
4.7.2-1 [7,876 kB]
Get:19 http://ftp.us.debian.org/debian/ unstable/main gcc-4.7 amd64
4.7.2-1 [8,282 kB]
Fetched 25.5 MB in 25s (1,006 kB/s)
Reading changelogs... Done
apt-listchanges: Do you want to continue? [Y/n] y
(Reading database ... 279082 files and directories currently installed.)
Preparing to replace libgcc1-dbg:amd64 1:4.7.1-9 (using
.../libgcc1-dbg_1%3a4.7.2-1_amd64.deb) ...
Unpacking replacement libgcc1-dbg:amd64 ...
Preparing to replace gcc-4.7-base:amd64 4.7.1-9 (using
.../gcc-4.7-base_4.7.2-1_amd64.deb) ...
De-configuring gcc-4.7-base:i386 ...
Unpacking replacement gcc-4.7-base:amd64 ...
Preparing to replace gcc-4.7-base:i386 4.7.1-9 (using
.../gcc-4.7-base_4.7.2-1_i386.deb) ...
Unpacking replacement gcc-4.7-base:i386 ...
dpkg: error processing
/var/cache/apt/archives/gcc-4.7-base_4.7.2-1_i386.deb (--unpack):
 trying to overwrite shared
'/usr/share/doc/gcc-4.7-base/changelog.Debian.gz', which is different
from other instances of package gcc-4.7-base:i386
Errors were encountered while processing:
 /var/cache/apt/archives/gcc-4.7-base_4.7.2-1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


-- 
Kie ekzistas vivo, ekzistas espero.
---End Message---
---BeginMessage---
Source: gcc-4.7
Source-Version: 4.7.2-2

We believe that the bug you reported is fixed in the latest version of
gcc-4.7, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 688...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Klose d...@debian.org (supplier of updated gcc-4.7 package)

(This message was generated automatically at their request; if 

Bug#684855: marked as done (fusioninventory-agent: FTBFS: tests failed)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 16:17:48 +
with message-id e1tf5vi-00074i...@franck.debian.org
and subject line Bug#684855: fixed in fusioninventory-agent 2.2.3-3
has caused the Debian Bug report #684855,
regarding fusioninventory-agent: FTBFS: tests failed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
684855: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684855
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: fusioninventory-agent
Version: 2.2.3-2
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20120814 qa-ftbfs
Justification: FTBFS in wheezy on amd64

Hi,

During a rebuild of all packages in *wheezy*, your package failed to
build on amd64.

Relevant part:
 make[1]: Entering directory `/«PKGBUILDDIR»'
 PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e 
 test_harness(0, 'inc', 'blib/lib', 'blib/arch') t/01compile.t t/02critic.t 
 t/03pod.t t/04pod-coverage.t t/05var.t t/06spelling.t t/tools.t 
 t/apps/agent.t t/apps/injector.t t/components/agent.t 
 t/components/inventory.t t/components/logger.t t/components/server.t 
 t/components/storage.t t/components/target.t t/components/task.t 
 t/tools/aix.t t/tools/generic.t t/tools/hpux.t t/tools/linux.t 
 t/tools/macos.t t/tools/network.t t/tools/unix.t t/tools/win32.t 
 t/xml/response.t t/components/client/connection.t 
 t/components/client/instanciation.t t/components/client/ssl.t 
 t/inventory/aix/controllers.t t/inventory/aix/memory.t 
 t/inventory/aix/modems.t t/inventory/aix/networks.t 
 t/inventory/aix/softwares.t t/inventory/aix/sounds.t 
 t/inventory/aix/storages.t t/inventory/aix/videos.t 
 t/inventory/bsd/networks.t t/inventory/bsd/softwares.t 
 t/inventory/bsd/storages.t t/inventory/generic/usb.t 
 t/inventory/hpux/controllers.t t/inventory/hpux/cpu.t 
 t/inventory/hpux/drives.t t/inventory/hpux/memory.t t/inventory/hpux/mp.t 
 t/inventory/hpux/networks.t t/inventory/hpux/slots.t 
 t/inventory/hpux/softwares.t t/inventory/hpux/storages.t 
 t/inventory/linux/cpu.t t/inventory/linux/drives.t t/inventory/linux/ilo.t 
 t/inventory/linux/lvm.t t/inventory/linux/rhn-systemid.t 
 t/inventory/linux/softwares.t t/inventory/linux/video.t 
 t/inventory/macos/cpu.t t/inventory/macos/memory.t 
 t/inventory/macos/softwares.t t/inventory/macos/storages.t 
 t/inventory/macos/uptime.t t/inventory/macos/usb.t t/inventory/macos/videos.t 
 t/inventory/solaris/bios.t t/inventory/solaris/cpu.t 
 t/inventory/solaris/networks.t t/inventory/solaris/storages.t 
 t/inventory/virtualization/libvirt.t t/inventory/virtualization/lxc.t 
 t/inventory/virtualization/parallels.t 
 t/inventory/virtualization/virtualbox.t t/inventory/virtualization/xen.t 
 t/inventory/windows/cpu.t t/inventory/windows/memory.t 
 t/inventory/windows/networks.t t/inventory/windows/printers.t 
 t/inventory/windows/softwares.t t/inventory/windows/usb.t 
 t/xml/query/inventory.t t/xml/query/prolog.t t/xml/query/simpleMessage.t 
 t/components/client/ocs/compression.t t/components/client/ocs/response.t 
 t/inventory/generic/dmidecode/battery.t t/inventory/generic/dmidecode/bios.t 
 t/inventory/generic/dmidecode/memory.t t/inventory/generic/dmidecode/ports.t 
 t/inventory/generic/dmidecode/slots.t t/inventory/generic/lspci/modems.t 
 t/inventory/generic/lspci/sounds.t t/inventory/generic/lspci/videos.t 
 t/inventory/linux/storages/3ware.t t/inventory/linux/storages/adaptec.t 
 t/inventory/linux/storages/lsilogic.t
 t/01compile.t  ok
 t/02critic.t . skipped: Author test, set 
 $ENV{TEST_AUTHOR} to a true value to run
 t/03pod.t  skipped: Author test, set 
 $ENV{TEST_AUTHOR} to a true value to run
 t/04pod-coverage.t ... skipped: Author test, set 
 $ENV{TEST_AUTHOR} to a true value to run
 t/05var.t  skipped: Author test, set 
 $ENV{TEST_AUTHOR} to a true value to run
 t/06spelling.t ... skipped: Author test, set 
 $ENV{TEST_AUTHOR} to a true value to run
 t/apps/agent.t ... ok
 t/apps/injector.t  ok
 t/components/agent.t . ok
 
 #   Failed test 'response is a success'
 #   at t/components/client/connection.t line 425.
 # Looks like you failed 1 test of 1.
 
 #   Failed test 'correct response'
 #   at t/components/client/connection.t line 186.
 
 #   Failed test 'error message content'
 #   at t/components/client/connection.t line 447.
 #  got: '[http client] 

Bug#686484: marked as done (chowning pid directory and writing there as root may lead to security issue)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 16:32:45 +
with message-id e1tf69l-0002vo...@franck.debian.org
and subject line Bug#686484: fixed in dnsmasq 2.63-4
has caused the Debian Bug report #686484,
regarding chowning pid directory and writing there as root may lead to security 
issue
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
686484: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686484
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: dnsmasq
Version: 2.55-2
Severity: serious
Tags: security

The initscript (and postinst script) of dnsmasq creates /var/run/dnsmasq
directory and chowns it to dnsmasq:nogroup.  However, dnsmasq daemon writes
the pidfile (which apparently is the only file there) as root user.  Here's
the code which does this (in src/dnsmasq.c):

  FILE *pidfile;
  
  /* only complain if started as root */
  if ((pidfile = fopen(daemon-runfile, w)))
{
  fprintf(pidfile, %d\n, (int) getpid());
  fclose(pidfile);
}

So there's no checking for this file to exist, being a symlink etc.

This way, we effectively making dnsmasq user equal to root: dnsmasq
user can (sym)link /var/run/dnsmasq/dnsmasq.pid to, say, /etc/shadow,
and it will be overwitten the next time dnsmasq (re)starts.  This is
obviously wrong.

The only good side of this is that dnsmasq writes only controlled data
to this file (its pid, as per above), so the damage is minimal, ie,
only a denial of service, not gain of service (hence Severity is only
serious).

Besides, documentation says the pid file is /var/run/dnsmasq.pid, not
/var/run/dnsmasq/dnsmasq.pid - it is the initscript which sets the option
behind the scenes.  Also, there's no mentions in the changelog about
WHY pid file is in this location.  And more, it one can change the user
dnsmasq runs as.

It looks like this pidfile stuff needs to be removed entirely (moving
it to a subdir silently and chowning that subdir to dnsmasq user).

Thanks,

/mjt
---End Message---
---BeginMessage---
Source: dnsmasq
Source-Version: 2.63-4

We believe that the bug you reported is fixed in the latest version of
dnsmasq, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 686...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon Kelley si...@thekelleys.org.uk (supplier of updated dnsmasq package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 21 Sep 2012 17:16:34 +
Source: dnsmasq
Binary: dnsmasq dnsmasq-base dnsmasq-utils
Architecture: source i386 all
Version: 2.63-4
Distribution: unstable
Urgency: low
Maintainer: Simon Kelley si...@thekelleys.org.uk
Changed-By: Simon Kelley si...@thekelleys.org.uk
Description: 
 dnsmasq- Small caching DNS proxy and DHCP/TFTP server
 dnsmasq-base - Small caching DNS proxy and DHCP/TFTP server
 dnsmasq-utils - Utilities for manipulating DHCP leases
Closes: 686484
Changes: 
 dnsmasq (2.63-4) unstable; urgency=low
 .
* Make pid-file creation immune to symlink attacks. (closes: #686484)
Checksums-Sha1: 
 b1472dca994ef900a2fe42c7cd589fb2de19db16 1150 dnsmasq_2.63-4.dsc
 7f9d6c9c7e03b5a6775952e3e6b1c9f97f0166fe 20662 dnsmasq_2.63-4.diff.gz
 cdf2eb68187af276a38163218002413e40c81cb4 365488 dnsmasq-base_2.63-4_i386.deb
 72844915ade74f06db21a71e875ba702565e 18474 dnsmasq-utils_2.63-4_i386.deb
 9ae36cac2a2d5c91714b13ca0fca9729370af68c 15606 dnsmasq_2.63-4_all.deb
Checksums-Sha256: 
 1efa6354f05bc1120fb11eb50099d34712cc755494e52ef1f9d68ddfe7ca440b 1150 
dnsmasq_2.63-4.dsc
 f3b04bf0c58ab5bc1aff0da7b8dcff4c0c01ff10eeb2ee59cf2933bd2b30ee6a 20662 
dnsmasq_2.63-4.diff.gz
 204442f54446449094bce816dbef90d03f7893060e97cabc823778ec66f531f8 365488 
dnsmasq-base_2.63-4_i386.deb
 6f1336c38d2325da9c4f7b70d146b3600db297fa8a876b316305245070bf64c9 18474 
dnsmasq-utils_2.63-4_i386.deb
 f6e32fc34d7cb5da83b435753955c6cf29456d6ec0aa6841bfd25f5988de4a16 15606 
dnsmasq_2.63-4_all.deb
Files: 
 48ea945325d6b1b7c26d6be8ef15f673 1150 net optional dnsmasq_2.63-4.dsc
 a13660d395f9cd6eec2af84a8b0f9787 20662 net optional dnsmasq_2.63-4.diff.gz
 d3501b6c3443cd025ab2f3beb1d4138f 365488 net optional 

Bug#688328: spatialite-gui: Unable to create new SQLite DB

[Tom Gottfried]

Package: spatialite-gui
Version: 1.2.1-3
Severity: grave
Justification: renders package unusable

Dear Maintainer,

after starting spatialite-gui, click 'Files' - 'Creating a new (empty) SQLite
DB', chose a filename and location.
An error message comes:

'CreateSpatialMetaData error: no such table: spatial_ref_sys'

click OK. Next error:
'CreateSpatialMetaData error: cannot rollback - no transaction is active'

Keep clicking OK: the error comes again and again. spatialite-gui can only be
stop by killing the process.

if any other information is needed, please ask! Thanks!
Regards,
Tom



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages spatialite-gui depends on:
ii  libc6   2.13-35
ii  libgcc1 1:4.7.1-7
ii  libgeos-c1  3.3.3-1.1
ii  libproj04.7.0-2
ii  librasterlite1  1.1~svn11-2
ii  libspatialite3  3.0.0~beta20110817-3
ii  libsqlite3-03.7.13-1
ii  libstdc++6  4.7.1-7
ii  libwxbase2.8-0  2.8.12.1-11
ii  libwxgtk2.8-0   2.8.12.1-11

spatialite-gui recommends no packages.

spatialite-gui suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688330: gcc-4.7-base: WTF are you doing to the binary packages?

[Thorsten Glaser]

Package: gcc-4.7-base
Version: 4.7.2-1
Severity: serious

I don’t quite can believe this. What the hey are you doing with
your binary packages you officially upload to Debian, to get THIS?

Fetched 187 MB in 49s (3766 kB/s)
Reading changelogs...
Extracting templates from packages: 100%
(Reading database ... 79415 files and directories currently installed.)
Preparing to replace gcc-4.7-base:amd64 4.7.1-9 (using 
.../gcc-4.7-base_4.7.2-1_amd64.deb) ...
De-configuring gcc-4.7-base:i386 ...
Unpacking replacement gcc-4.7-base:amd64 ...
Preparing to replace gcc-4.7-base:i386 4.7.1-9 (using 
.../gcc-4.7-base_4.7.2-1_i386.deb) ...
Unpacking replacement gcc-4.7-base:i386 ...
dpkg: error processing 
/var/cache/pbuilder/aptcache/gcc-4.7-base_4.7.2-1_i386.deb (--unpack):
 trying to overwrite shared '/usr/share/doc/gcc-4.7-base/changelog.Debian.gz', 
which is different from other instances of package gcc-4.7-base:i386
Errors were encountered while processing:
 /var/cache/pbuilder/aptcache/gcc-4.7-base_4.7.2-1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Oh, and indeed:

--- /tmp/clog-amd64 2012-09-21 17:28:40.002638617 +
+++ /tmp/clog-i386  2012-09-21 17:28:49.766650387 +
@@ -3,7 +3,6 @@
   * GCC 4.7.2 release.
   * Issues addressed after the release candidate:
 - PR c++/53661 (wrong warning), LTO backport from trunk, documentation fix.
-  * Update NEWS files.
 
  -- Matthias Klose d...@debian.org  Thu, 20 Sep 2012 12:19:07 +0200
 

Really, why do you upload binary packages that are *obviously* not
built from the source package you upload?


Note to anyone whose Multi-Arch is suffering from this, and who run
into this issue, a quick hack/würgaround:

tg@zigo:~ $ sudo rm /usr/share/doc/gcc-4.7-base/changelog.Debian.gz
tg@zigo:~ $ sudo apt-get --purge -f install

bye,
//mirabilos
-- 
Support mksh as /bin/sh and RoQA dash NOW!
‣ src:bash (250 (270) bugs: 1 (2) RC, 175 (189) IN, 74 (79) MW, 0 FP)
‣ src:dash (78 (90) bugs: 4 RC, 32 (36) IN, 42 (50) MW, 0 FP)
‣ src:mksh (1 bug: 0 RC, 0 IN, 1 MW, 0 FP)
http://qa.debian.org/data/bts/graphs/d/dash.png is pretty red, innit?


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687654: xmame-sdl,xmame-x: copyright file missing after squeeze-wheezy upgrade

[Jon Dowland]

I'm taking a look at this bug.

It appears to be because the source package for the binaries in squeeze
is 'xmame', but the source package for the binaries in wheezy is 'mame'.

Also, this commit may be related:

commit 6d0c77edac6cf78e2fbe6e71e64836a51fb40623
Author: Emmanuel Kasper emman...@libera.cc
Date:   Wed Apr 4 14:01:03 2012 +0200

Remove the mame.preinst and sdlmame.preinst

the cases these two fiels deal should have been taken care by previous upgra

diff --git a/debian/mame.preinst b/debian/mame.preinst
deleted file mode 100644
index 4c3c1de..000
--- a/debian/mame.preinst


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#677195: CVE-2012-2673 - still open in stable

[Arne Wichmann]

Hi...

This bug is still open in stable - is there any plan for a fix?

cu

AW
-- 
[...] If you don't want to be restricted, don't agree to it. If you are
coerced, comply as much as you must to protect yourself, just don't support
it. Noone can free you but yourself. (crag, on Debian Planet)
Arne Wichmann (a...@linux.de)


signature.asc
Description: Digital signature

Bug#688331: boost1.42: CVE-2012-2677

[aw]

Package: boost1.42
Severity: grave
Tags: security patch
Justification: user security hole

This is done in unstable, but not in stable up to now so:

Please see 
http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/

The upstream fix and a test case is available here:
https://svn.boost.org/trac/boost/changeset/78326

(Copied from #677197)

cu

AW

-- System Information:
Debian Release: 6.0.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (50, 'proposed-updates')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#677195: CVE-2012-2673 - still open in stable

[Christoph Egger]

Hi!

  Thanks for the reminder. I've created a package for stable and
submitted the debdiff to -release (#688333) so this will indeed hopefully be
fixed soon.

Regards

Christoph


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: found 688330 in 4.7.2-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 found 688330 4.7.2-1
Bug #688330 [gcc-4.7-base] gcc-4.7-base: WTF are you doing to the binary 
packages?
There is no source info for the package 'gcc-4.7-base' at version '4.7.2-1' 
with architecture ''
Unable to make a source version for version '4.7.2-1'
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688330: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688330
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: forcibly merging 688277 688330

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 forcemerge 688277 688330
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Bug #688330 [gcc-4.7-base] gcc-4.7-base: WTF are you doing to the binary 
packages?
Marked Bug as done
The source gcc-4.7 and version 4.7.2-2 do not appear to match any binary 
packages
Marked as fixed in versions gcc-4.7/4.7.2-2.
There is no source info for the package 'gcc-4.7-base' at version '4.7.2-1' 
with architecture ''
Unable to make a source version for version '4.7.2-1'
Marked as found in versions gcc-4.7/4.7.1-9.
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Merged 688277 688278 688330
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688277
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
688330: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688330
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: notfound 688277 in 4.7.1-9

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 notfound 688277 4.7.1-9
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
No longer marked as found in versions gcc-4.7/4.7.1-9.
No longer marked as found in versions gcc-4.7/4.7.1-9.
No longer marked as found in versions gcc-4.7/4.7.1-9.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688277
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
688330: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688330
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688330: gcc-4.7-base: WTF are you doing to the binary packages?

[Philipp Kern]

On Fri, Sep 21, 2012 at 05:34:41PM +, Thorsten Glaser wrote:
 I don’t quite can believe this. What the hey are you doing with
 your binary packages you officially upload to Debian, to get THIS?
[...]
 Really, why do you upload binary packages that are *obviously* not
 built from the source package you upload?
 
 Note to anyone whose Multi-Arch is suffering from this, and who run
 into this issue, a quick hack/würgaround:

I think you could work on your politeness and adjust the tone of your
mails. Do a step back and reflect what you write and how it might
appear to others. Insults do not help your case.

I don't think Matthias had an malicious intent here, to hurt you and
induce suffering. Your mail does suggest that. I think it was merely a
human mistake of believing that a simple changelog mistake can be
fixed after a quite long gcc build.

Kind regards
Philipp Kern


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688330: gcc-4.7-base: WTF are you doing to the binary packages?

[Thorsten Glaser]

Philipp Kern dixit:

I think you could work on your politeness and adjust the tone of your
mails.

Right. I know that formulating is not one of my better skills.

I don't think Matthias had an malicious intent here, to hurt you and
induce suffering.

Yes, of course not.

I think it was merely a
human mistake of believing that a simple changelog mistake can be
fixed after a quite long gcc build.

Well, this is not the first time I noticed it, and M-A only made it
visible. I cannot help but wonder what else things are done to the
packages that were not built from source. Of course, people uploading,
for example, binaries for multiple architectures at once are even more
suspicious (especially when the source FTBFS on all buildds then and it
doesn’t get fixed for weeks)…

I’m sorry Matthias for singling you out, but this was just an instance
where I noticed it as repeated issue with gcc-* packages. And, one has
to admit, wondering about the what-else is not _that_ far a mental jump.

(Especially after getting told off by the backports ftpmasters for
daring to upload a package built on a Xen or KVM, don’t remember,
guest. I’m now always taking care to build my packages for Debian
on bare metal and in as clean and minimal an environment as possible.)

bye,
//mirabilos
-- 
Natureshadow Dann mach ich git annex copy --to shore und fertig ist das
Natureshadow das ist ja viel cooler als ownCloud ...
mirabilos sag ich doch
Natureshadow ja wieso stimmt das denn immer was du sagst ...


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#686060: marked as done (postgresql-common: Critical data-loss bug in pg_wrapper init scripts)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 19:47:04 +
with message-id e1tf9bo-0004w0...@franck.debian.org
and subject line Bug#686060: fixed in postgresql-common 113+squeeze1
has caused the Debian Bug report #686060,
regarding postgresql-common: Critical data-loss bug in pg_wrapper init scripts
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
686060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686060
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: postgresql-common
Version: 114
Severity: critical
Justification: causes serious data loss

The Debian packages for PostgreSQL are subject to a potentially critical data 
loss
bug because of an unsafe procedure for restarting PostgreSQL.

It is VITAL that pg_wrapper NEVER unlink the postmaster.pid file. The postmaster
will do that its self if it finds the pid to be stale, but only after performing
some checks to make sure there are no backends still running and to ensure that
there's no other postmaster running against the database.

This is a critical data loss bug and should be back patched to older versions.

I quote Tom Lane (key PostgreSQL dev):

[The] forced unlink on the postmaster.pid file [...] (a) is entirely
unnecessary, and (b) defeats the safety interlock against starting a
new postmaster before all the old backends have flushed out.

See:

http://archives.postgresql.org/pgsql-general/2012-07/msg00475.php

and the context:

http://archives.postgresql.org/pgsql-general/2012-07/msg00350.php

http://dba.stackexchange.com/questions/20959/recover-postgresql-database-from-wal-errors-on-startup/20961#comment34356_20961




-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: i386 (i686)

Kernel: Linux 2.6.38-13-generic (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages postgresql-common depends on:
ii  adduser3.112+nmu1ubuntu5 add and remove users and groups
ii  debconf [debconf-2.0]  1.5.36ubuntu4 Debian configuration management sy
ii  lsb-base   4.0-0ubuntu11 Linux Standard Base 4.0 init scrip
ii  postgresql-client-comm 114   manager for multiple PostgreSQL cl
ii  procps 1:3.2.8-10ubuntu3 /proc file system utilities
ii  ssl-cert   1.0.28simple debconf wrapper for OpenSSL

postgresql-common recommends no packages.

postgresql-common suggests no packages.

-- debconf information:
  postgresql-common/obsolete-major:
---End Message---
---BeginMessage---
Source: postgresql-common
Source-Version: 113+squeeze1

We believe that the bug you reported is fixed in the latest version of
postgresql-common, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 686...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Berg m...@debian.org (supplier of updated postgresql-common package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Sep 2012 17:13:33 +0200
Source: postgresql-common
Binary: postgresql-common postgresql-client-common postgresql-server-dev-all
Architecture: source all
Version: 113+squeeze1
Distribution: stable
Urgency: high
Maintainer: Debian PostgreSQL Maintainers 
pkg-postgresql-pub...@lists.alioth.debian.org
Changed-By: Christoph Berg m...@debian.org
Description: 
 postgresql-client-common - manager for multiple PostgreSQL client versions
 postgresql-common - PostgreSQL database-cluster manager
 postgresql-server-dev-all - extension build tool for multiple PostgreSQL 
versions
Closes: 686060
Changes: 
 postgresql-common (113+squeeze1) stable; urgency=high
 .
   [ Martin Pitt ]
   * pg_ctlcluster: Do not remove the PID file after SIGKILLing the
 postmaster in the last-ditch effort to shut down in --force mode. This
 is a potentially dangerous thing to do when trying to start a second
 postmaster in parallel while the first one is still being shut down.
 (see 

Bug#657904: Wrong versions fixed in bug 657904

[Don Armstrong]

This bug (657904) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666525: Wrong versions fixed in bug 666525

[Don Armstrong]

This bug (666525) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#670651: Wrong versions fixed in bug 670651

[Don Armstrong]

This bug (670651) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668026: libusb 2:0.1.12-20 does not build any more either

[Marcin Owsiany]

The last version of libusb which built successfully on kfreebsd-* was
2:0.1.12-20, that was on the last day of 2011.

However it does not build any more, I just tried in sid-kfreebsd-i386-dchroot
on fischer - see messages below. This strongly suggests that the FTBFS in
2:0.1.12-21 is not due to a change to libusb, but due to an unrelated change in
some kfreebsd API.

 i486-kfreebsd-gnu-gcc -DHAVE_CONFIG_H -I. -D_FORTIFY_SOURCE=2 -Werror -g -O2 
-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security 
-Wall -MT bsd.lo -MD -MP -MF .deps/bsd.Tpo -c ../bsd.c  -fPIC -DPIC -o 
.libs/bsd.o
../bsd.c: In function 'usb_set_altinterface':
../bsd.c:236:7: error: 'struct usb_alt_interface' has no member named 
'interface_index'
../bsd.c:237:7: error: 'struct usb_alt_interface' has no member named 'alt_no'
../bsd.c: In function 'usb_control_msg':
../bsd.c:457:6: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:458:6: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:459:3: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:459:3: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:459:3: error: left-hand operand of comma expression has no effect 
[-Werror=unused-value]
../bsd.c:460:3: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:460:3: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:460:3: error: left-hand operand of comma expression has no effect 
[-Werror=unused-value]
../bsd.c:461:3: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:461:3: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:461:3: error: left-hand operand of comma expression has no effect 
[-Werror=unused-value]
../bsd.c:463:6: error: 'struct usb_ctl_request' has no member named 'data'
../bsd.c:464:6: error: 'struct usb_ctl_request' has no member named 'flags'
../bsd.c:480:10: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c:480:10: error: 'struct usb_ctl_request' has no member named 'request'
../bsd.c: In function 'usb_os_find_devices':
../bsd.c:541:7: error: 'struct usb_device_info' has no member named 'addr'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: left-hand operand of comma expression has no effect 
[-Werror=unused-value]
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: value computed is not used [-Werror=unused-value]
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: left-hand operand of comma expression has no effect 
[-Werror=unused-value]
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:547:9: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c:552:49: error: 'struct usb_device_info' has no member named 'devnames'
../bsd.c: In function 'usb_control_msg':
../bsd.c:481:1: error: control reaches end of non-void function 
[-Werror=return-type]
cc1: all warnings being treated as errors


-- 
Marcin Owsiany porri...@debian.org http://marcin.owsiany.pl/
GnuPG: 2048R/02F946FC  35E9 1344 9F77 5F43 13DD  6423 DBF4 80C6 02F9 46FC


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#675843: Wrong versions fixed in bug 675843

[Don Armstrong]

This bug (675843) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#675691: Wrong versions fixed in bug 675691

[Don Armstrong]

This bug (675691) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#681979: Wrong versions fixed in bug 681979

[Don Armstrong]

This bug (681979) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#682138: Wrong versions fixed in bug 682138

[Don Armstrong]

This bug (682138) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#684713: Wrong versions fixed in bug 684713

[Don Armstrong]

This bug (684713) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#685060: Wrong versions fixed in bug 685060

[Don Armstrong]

This bug (685060) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#685082: Wrong versions fixed in bug 685082

[Don Armstrong]

This bug (685082) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#685204: Wrong versions fixed in bug 685204

[Don Armstrong]

This bug (685204) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#686524: Wrong versions fixed in bug 686524

[Don Armstrong]

This bug (686524) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#686694: Wrong versions fixed in bug 686694

[Don Armstrong]

This bug (686694) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#686835: Wrong versions fixed in bug 686835

[Don Armstrong]

This bug (686835) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#686836: Wrong versions fixed in bug 686836

[Don Armstrong]

This bug (686836) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687388: Wrong versions fixed in bug 687388

[Don Armstrong]

This bug (687388) had an incorrect found or fixed version which was
caused by 686106. I have removed the incorrect found or fixed version,
and added it back as a correct version. [This was the source of the
internal messages which you have received previously.]

If you have any questions, please contact ow...@bugs.debian.org

Don Armstrong


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#677195: marked as done (CVE-2012-2673)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 20:49:06 +
with message-id e1tfa9q-0006hh...@franck.debian.org
and subject line Bug#677195: fixed in libgc 1:6.8-2
has caused the Debian Bug report #677195,
regarding CVE-2012-2673
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
677195: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677195
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: libgc
Severity: grave
Tags: security

Please see 
http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/

The fixes for libgc are listed in Red Hat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2673

Cheers,
Moritz


---End Message---
---BeginMessage---
Source: libgc
Source-Version: 1:6.8-2

We believe that the bug you reported is fixed in the latest version of
libgc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 677...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Egger christ...@debian.org (supplier of updated libgc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 21 Sep 2012 10:58:18 -0700
Source: libgc
Binary: libgc1c2 libgc-dev
Architecture: source mipsel
Version: 1:6.8-2
Distribution: squeeze
Urgency: low
Maintainer: Christoph Egger christ...@debian.org
Changed-By: Christoph Egger christ...@debian.org
Description: 
 libgc-dev  - conservative garbage collector for C (development)
 libgc1c2   - conservative garbage collector for C and C++
Closes: 677195
Changes: 
 libgc (1:6.8-2) stable; urgency=low
 .
   * Change maintainer to myself for stable as well
 .
   * Use patch from Steve Beattie sbeat...@ubuntu.com / Ubuntu to fix
 CVE-2012-2673 (Closes: #677195):
   malloc.c, mallocx.c: check for integer overflow in internal
   malloc and calloc routines.
Checksums-Sha1: 
 4203116f711068199250fc7007e24ebc461d2206 1573 libgc_6.8-2.dsc
 9a451a5e2880a0a430057d50cf2a303ba48d0e22 333175 libgc_6.8-2.diff.gz
 8c39f6a4923f5dab0c3940a89141672dbaa8d61e 118832 libgc1c2_6.8-2_mipsel.deb
 b9e899ad98f37fd1a03d77ea083eb8ab4dc9e0c3 180306 libgc-dev_6.8-2_mipsel.deb
Checksums-Sha256: 
 b958e591f0c5fe0388f9816f2ab6a7a56778997daeb97ca47dd37c2d7a46fca7 1573 
libgc_6.8-2.dsc
 a63ffea5c71c6aef4a52c434bf8b86c5718b1abec0809cfac9eaa33802704b71 333175 
libgc_6.8-2.diff.gz
 55d06eacc87e144c3a7b177ab77dd749dd90ba7cf8a99b031582d0f87f4b7e45 118832 
libgc1c2_6.8-2_mipsel.deb
 f325778729296fe8ba3b155a7ce15d5bbd688030f212654190f837d913971246 180306 
libgc-dev_6.8-2_mipsel.deb
Files: 
 87015bf9e9523b97c8c2bd343ebbe6be 1573 libs standard libgc_6.8-2.dsc
 bad3c2eff96af2edbc3d76eeb43944ae 333175 libs standard libgc_6.8-2.diff.gz
 9b37f8cfd4f5c8fa342db06cd1ceb7d9 118832 libs standard libgc1c2_6.8-2_mipsel.deb
 affbe0ac5853c848f52ee978d6fbe953 180306 libdevel optional 
libgc-dev_6.8-2_mipsel.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/kFreeBSD)

iQIcBAEBAgAGBQJQXLX8AAoJEKv/7bJACMb5gRsQAJTQEl7AohQFx8WSg4yeYXSN
vTq1vW6Dl6PhVc9AT7Smgf6nZhm6KTc6Tfashi01yjG7uIAHUTYIdjkU966NKL1l
lZxQ7DDJ9ExmkbntPrIgtakFn4g2lXYJm5mIwOtyECkY6YEigz286AhJZiwHzIp6
0RAGwM45Oaq62fJYXTcPoEs2LaBFjfB6+rRGhtSef1RvgxB0KqEXzcyeJOIOTV/L
hDmpmRGyNar6cZRM6MaWwP2vRghPEBFJbtYhzMzFLQQe+8aTTCXx77RgaKEdEs8Z
qv5Y4EF1V7PMqNxhmbiwST6UIV7blfoM3adhLXM0OckH47HUGJm9D18dHkZbyag8
eWbN2/6P82FsXK6z+2+racysx0494PkOqMVsogtNf9U8oKhq7XRDZrSH2DV4ivP3
gs2OdIMeiEzMDiMCLZTDjjJkPBV6oJDE/RBJy2Tn1l7BLRuAXb1UnvNgNlWKDomD
T+FuKuDiCHfRkKEUoUWKn4itAVog3YjRlNx0QbJZvsEyJmFJ+3UtMEDaUfINwAIf
lnQEbqMHLfEMY5JwbKz0l5Po5DRq93qt+wTCTFBzMlomMP0Qf0YBu7Wn4TksJCEX
Vng0DaChWAcCc7+V4H1kBDEdmZhNZS2mgsL0DCVHiOKsPf4rdm8WBfVvITt8fPRO
pnk3lMGi1+bOMKJO6ux3
=fpFx
-END PGP SIGNATUREEnd Message---

Bug#688348: mirror: modifies installed files during postinst for license conformance, causing debsums to report modifications

[Andreas Beckmann]

Package: mirror
Version: 2.9-62
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package modifies the files it
ships, causing debsums to report mismatches later on:

  /usr/share/doc/mirror/mirror.txt.gz
  /usr/share/doc/mirror/html/mirror-ref.html
  /usr/share/mirror/mirror.pl
  /usr/share/mirror/dateconv.pl
  /usr/share/mirror/lchat.pl
  /usr/share/mirror/lsparse.pl
  /usr/share/mirror/ftp.pl
  /usr/bin/do_unlinks
  /usr/bin/mirror-master
  /usr/bin/pkgs_to_mmin

Either the license permits distribution of modified binaries - then this
can be done at build time [2], or the license violates DFSG 4 [1].

[1] https://lists.debian.org/debian-devel/2012/09/msg00519.html
[2] https://lists.debian.org/debian-devel/2012/09/msg00524.html


Andreas


mirror_2.9-62.log.gz
Description: GNU Zip compressed data

Bug#687485: mysql-5.5: CVE-2012-4414

[Nicholas Bamber]

On 21/09/12 12:32, Nicholas Bamber wrote:
 On 20/09/12 22:33, Moritz Muehlenhoff wrote:
 On Wed, Sep 19, 2012 at 07:07:23PM +0100, Nicholas Bamber wrote:
 I am looking at this bug. However the patch involves 45 files. 17 of
 these are test files. From what I have seen so far they do not apply
 cleanly. Presumably they are meant for 5.5.27 rather than 5.5.24. I have
 yet to form a judgement on quite how intractable adapting the patch is
 going to be.

 Due to the intransparent nature of mysql security updates we will need to
 follow the 5.5.x releases for stable-security anyway. As such I don't see
 a reason not to upload 5.5.27 during the freeze as well.

 Cheers,
 Moritz
 
 
 Dear Release Team,
   Are you okay with the following plan?
 
 1.) I check that the maraiadb_patch.diff really does apply cleanly
 against 5.5.27.
 2.) I upload 5.5.24+dfsg-9 with the other pending fixes. (*diff.txt
 attached).
 3.) I then upload 5.5.27+dfsg-1 including the mariadb_patch,diff - or if
 oracle have by then released 5.5.28, 5.5.28+dfsg.
 
 


Actually it applies no more cleanly against 5.5.27 then 5.5.24. So I
intend to fix the other wheezy worthy stuff and then review.


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: tagging 688103, tagging 688135, tagging 688178, tagging 688324, notfound 688329 in 1:12-8-1~exp1 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tags 688103 + pending
Bug #688103 [fglrx-driver] fglrx-driver: [INTL:ja] updated Japanese debconf 
translation
Added tag(s) pending.
 tags 688135 + pending
Bug #688135 [fglrx-driver] [l10n:cs] Updated Czech translation of PO debconf 
template for fglrx-driver 1:12-6+point-2
Added tag(s) pending.
 tags 688178 + pending
Bug #688178 [fglrx-driver] fglrx-driver: [INTL:pt] Updated Portuguese 
translation for debconf messages
Added tag(s) pending.
 tags 688324 + pending
Bug #688324 [fglrx-driver] fglrx-driver: [INTL:ru] Russian debconf templates 
translation update
Added tag(s) pending.
 notfound 688329 1:12-8-1~exp1
Bug #688329 [fglrx-driver] fglrx-driver: installed but no GLX Renderer, no GLX 
Version, and no Direct Rendering
No longer marked as found in versions fglrx-driver/1:12-8-1~exp1.
 clone 688204 -1
Bug #688204 [jackd2] jackd2: modifies conffiles (policy 10.7.3): 
/etc/security/limits.d/audio.conf
Bug 688204 cloned as bug 688351
 reassign -1 jackd1 1:0.121.3+20120418git75e3e20b-2
Bug #688351 [jackd2] jackd2: modifies conffiles (policy 10.7.3): 
/etc/security/limits.d/audio.conf
Bug reassigned from package 'jackd2' to 'jackd1'.
No longer marked as found in versions jackd2/1.9.6~dfsg.1-2 and 
jackd2/1.9.8~dfsg.4+20120529git007cdc37-4.
Ignoring request to alter fixed versions of bug #688351 to the same values 
previously set
Bug #688351 [jackd1] jackd2: modifies conffiles (policy 10.7.3): 
/etc/security/limits.d/audio.conf
Marked as found in versions 
jack-audio-connection-kit/1:0.121.3+20120418git75e3e20b-2.
 retitle -1 jackd1: modifies conffiles (policy 10.7.3): 
 /etc/security/limits.d/audio.conf
Bug #688351 [jackd1] jackd2: modifies conffiles (policy 10.7.3): 
/etc/security/limits.d/audio.conf
Changed Bug title to 'jackd1: modifies conffiles (policy 10.7.3): 
/etc/security/limits.d/audio.conf' from 'jackd2: modifies conffiles (policy 
10.7.3): /etc/security/limits.d/audio.conf'
 found 688233 uim-mozc/1.5.1090.102-2
Bug #688233 [uim-utils] /usr/bin/uim-module-manager: modifies conffiles (policy 
10.7.3): /etc/uim/installed-modules.scm, /etc/uim/loader.scm
The source uim-mozc and version 1.5.1090.102-2 do not appear to match any 
binary packages
Marked as found in versions uim-mozc/1.5.1090.102-2.
 found 688302 1:1.8.2-1squeeze4
Bug #688302 [zabbix-frontend-php] zabbix-frontend-php: modifies the config 
template /usr/share/doc/zabbix-frontend-php/dbconfig.php (policy 12.3, 10.7.3)
Marked as found in versions zabbix/1:1.8.2-1squeeze4.
 affects 669278 + karbon kplato krita kspread kthesaurus kword
Bug #669278 [libqt4-dbus] please add phonon-backend-xine transitional package
Bug #669878 [libqt4-dbus] Could not perform immediate configuration on 
'phonon-backend-vlc'
Added indication that 669278 affects karbon, kplato, krita, kspread, 
kthesaurus, and kword
Added indication that 669878 affects karbon, kplato, krita, kspread, 
kthesaurus, and kword
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
669278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669278
669878: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669878
688103: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688103
688135: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688135
688178: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688178
688204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688204
688233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688233
688302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688302
688324: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688324
688329: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688329
688351: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688351
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: tagging 688328

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tags 688328 + confirmed
Bug #688328 [spatialite-gui] spatialite-gui: Unable to create new SQLite DB
Added tag(s) confirmed.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688328: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688328
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed (with 1 errors): Forcemerge 688278 688284

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 forcemerge 688278 688284
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
Unable to merge bugs because:
package of #688284 is 'src:gcc-4.7-base' not 'gcc-4.7-base'
Failed to forcibly merge 688278: Did not alter merged bugs
Debbugs::Control::set_merged('transcript', 'GLOB(0x317b380)', 
'requester', 'Achim Schaefer achim_schae...@gmx.de', 'request_addr', 
'cont...@bugs.debian.org', 'request_msgid', '505ce24c@gmx.de', 
'request_subject', ...) called at 
/usr/local/lib/site_perl/Debbugs/Control/Service.pm line 551
eval {...} called at 
/usr/local/lib/site_perl/Debbugs/Control/Service.pm line 550
Debbugs::Control::Service::control_line('line', undef, 'clonebugs', 
'HASH(0x30f49e8)', 'limit', 'HASH(0x30f4430)', 'common_control_options', 
'ARRAY(0x30f4478)', 'errors', ...) called at /usr/lib/debbugs/service line 471

 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688277
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
688284: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688284
688330: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688330
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed (with 1 errors): your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 forcemerge 688278 688284
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
Bug #688284 [gcc-4.7-base] gcc-4.7-base: not installable in multiarch
Severity set to 'serious' from 'important'
Marked Bug as done
Marked as fixed in versions gcc-4.7/4.7.2-2.
Marked as found in versions gcc-4.7/4.7.2-1.
Bug #688284 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: not installable in multiarch
Ignoring request to alter found versions of bug #688284 to the same values 
previously set
Unable to complete merge on previous attempt; trying again (retry: 2)
Bug #688284 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: not installable in multiarch
Ignoring request to alter found versions of bug #688284 to the same values 
previously set
Unable to complete merge on previous attempt; trying again (retry: 3)
Bug #688284 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: not installable in multiarch
Ignoring request to alter found versions of bug #688284 to the same values 
previously set
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
After four attempts, the following changes were unable to be made:
Failed to forcibly merge 688278: Not a HASH reference.

 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688277
688278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688278
688284: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688284
688330: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688330
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed (with 1 errors): forcibly merging 688277 688284

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 forcemerge 688277 688284
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Marked as found in versions gcc-4.7/4.7.2-1; no longer marked as found in 
versions 4.7.2-1.
Marked as found in versions gcc-4.7/4.7.2-1; no longer marked as found in 
versions 4.7.2-1.
Marked as found in versions gcc-4.7/4.7.2-1; no longer marked as found in 
versions 4.7.2-1.
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Bug #688284 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: not installable in multiarch
Ignoring request to alter found versions of bug #688284 to the same values 
previously set
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Bug #688284 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: not installable in multiarch
Ignoring request to alter found versions of bug #688284 to the same values 
previously set
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Unable to complete merge on previous attempt; trying again (retry: 2)
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Bug #688277 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base:amd64 does not coexist with gcc-4.7-base:i386
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Bug #688284 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: not installable in multiarch
Ignoring request to alter found versions of bug #688284 to the same values 
previously set
Bug #688330 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] 
gcc-4.7-base: WTF are you doing to the binary packages?
Ignoring request to alter found versions of bug #688330 to the same values 
previously set
Ignoring request to alter found versions of bug #688277 to the same values 
previously set
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Unable to complete merge on previous attempt; trying again (retry: 3)
Bug #688278 {Done: Matthias Klose d...@debian.org} [gcc-4.7-base] fails to 
upgrade/install due to multiarch conflicts
Ignoring request to alter found versions of bug #688278 to the same values 
previously set
Ignoring request to alter found 

Bug#686894: marked as done (npm: please run under nodejs, not node)

[Debian Bug Tracking System]

Your message dated Fri, 21 Sep 2012 22:41:01 +
with message-id e1tfbu9-ta...@franck.debian.org
and subject line Bug#686894: fixed in npm 1.1.4~dfsg-2
has caused the Debian Bug report #686894,
regarding npm: please run under nodejs, not node
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
686894: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686894
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: npm
Version: 1.1.4~dfsg-1
Severity: grave
Justification: renders package unusable

As you may have heard, nodejs's main executable is now /usr/bin/nodejs
rather than /usr/bin/node to avoid clashing with the unrelated node
package.  To accommodate that change, please update the

#!/usr/bin/env node

lines in /usr/bin/node and /usr/share/npm/bin/npm-cli.js to

#!/usr/bin/env nodejs

or better yet

#!/usr/bin/nodejs

and version npm's dependency on nodejs to (= 0.6.19~dfsg-1-3~).  I'd
suggest additionally updating the .../bin/node references in
/usr/share/npm/doc/cli/folders.md and
/usr/share/doc/npm/doc/folders.html, but that's less critical.

Thanks!

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable'), (300, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages npm depends on:
ii  node-abbrev   1.0.3-1
ii  node-fstream  0.1.13-1
ii  node-graceful-fs  1.1.8-1
ii  node-ini  1.0.2-1
ii  node-minimatch0.2.0-1
ii  node-mkdirp   0.3.1-2
ii  node-node-uuid1.3.3-1
ii  node-nopt 1.0.10-2
ii  node-request  2.9.153-1
ii  node-rimraf   2.0.1-1
ii  node-semver   1.0.13-1
ii  node-tar  0.1.13-1
ii  node-which1.0.5-1
ii  nodejs0.6.19~dfsg1-2
ii  nodejs-dev0.6.19~dfsg1-2

npm recommends no packages.

npm suggests no packages.

-- no debconf information
---End Message---
---BeginMessage---
Source: npm
Source-Version: 1.1.4~dfsg-2

We believe that the bug you reported is fixed in the latest version of
npm, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 686...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Smedegaard d...@jones.dk (supplier of updated npm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 22 Sep 2012 00:19:00 +0200
Source: npm
Binary: npm
Architecture: source all
Version: 1.1.4~dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian Javascript Maintainers 
pkg-javascript-de...@lists.alioth.debian.org
Changed-By: Jonas Smedegaard d...@jones.dk
Description: 
 npm- package manager for Node.js
Closes: 681356 686894 687052
Changes: 
 npm (1.1.4~dfsg-2) unstable; urgency=low
 .
   [ Jérémy Lal ]
   * debian/patches:
 + 1002_only_use_numeric_UIDs_and_GIDs_in_spawn.patch
   Upstream commit. Closes: #687052.
 + 2006_rename_node_to_nodejs.patch : apart from trivial rename of
   node to nodejs in shebangs and makefile, print a warning and refer
   to nodejs README on failure of a package lifecycle script.
   Closes: #686894.
   * debian/control:
 + Tighten nodejs version to the one after the rename.
 + Suggests: build-essential. Closes: #681356.
 .
   [ Jonas Smedegaard ]
   * Directly use github.com (not broken githubredir.debian.net).
   * Allow Debian-Maintainer uploads.
Checksums-Sha1: 
 c9fa8e5b359fd05671a82709c9ccb5c54396509b 2019 npm_1.1.4~dfsg-2.dsc
 adef774d129c1aceadb01da31c2e3d67b8ba8f3b 12640 npm_1.1.4~dfsg-2.debian.tar.gz
 1ebb8b20803d5c9b4d25e80e813053b7564e831d 344638 npm_1.1.4~dfsg-2_all.deb
Checksums-Sha256: 
 cc9d2a61235fca78d26529d3b1b6d070351883ae58288a3edcb823a0d3285f99 2019 
npm_1.1.4~dfsg-2.dsc
 221d63d2d29f5a3ca6204c6cce800770aa7104f51e8bcc59194d28fd358550a8 12640 
npm_1.1.4~dfsg-2.debian.tar.gz
 56bc822583febc7ba9368b60f75df64a1cb0e60d69dd69983e8ad159b70d7371 344638 
npm_1.1.4~dfsg-2_all.deb
Files: 
 0f941291cdfaae57999f6c51c758ce22 2019 web extra npm_1.1.4~dfsg-2.dsc
 

Bug#688355: network-manager: NM breaks /etc/network/interfaces with DHCP + manual IPv6 entries created by wheezy's debian-installer

[Raphaël Hertzog]

Package: network-manager
Version: 0.9.4.0-6
Severity: grave

I just installed a new laptop using wheezy's d-i. I do have IPv6 on the
network and as a result d-i did output supplementary entries in
/etc/network/interfaces.

However NetworkManager garbled them and the result is a file that
ifup doesn't parse. The net result is that the loopback interface
is not configured... and random things that don't work with hard to
debug failures.

$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
#NetworkManager#iface eth0 inet dhcp
# This is an autoconfigured IPv6 interface
#NetworkManager#iface eth0 inet6 manual
up ip link set eth0 up
down ip link set eth0 down

Either NM needs to learn those new entries or we need to find a
definitive solution...

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages network-manager depends on:
ii  adduser3.113+nmu3
ii  dbus   1.6.2-2
ii  dpkg   1.16.8
ii  isc-dhcp-client4.2.4-2
ii  libc6  2.13-35
ii  libdbus-1-31.6.2-2
ii  libdbus-glib-1-2   0.100-1
ii  libgcrypt111.5.0-3
ii  libglib2.0-0   2.33.12+really2.32.3-2
ii  libgnutls262.12.20-1
ii  libgudev-1.0-0 175-7
ii  libnl-3-2003.2.7-4
ii  libnl-genl-3-200   3.2.7-4
ii  libnl-route-3-200  3.2.7-4
ii  libnm-glib40.9.4.0-6
ii  libnm-util20.9.4.0-6
ii  libpolkit-gobject-1-0  0.105-1
ii  libuuid1   2.20.1-5.2
ii  lsb-base   4.1+Debian7
ii  udev   175-7
ii  wpasupplicant  1.0-2

Versions of packages network-manager recommends:
ii  crda  1.1.2-1
ii  dnsmasq-base  2.63-3
ii  iptables  1.4.14-3
ii  modemmanager  0.5.2.0-2
ii  policykit-1   0.105-1
ii  ppp   2.4.5-5.1+b1

Versions of packages network-manager suggests:
ii  avahi-autoipd  0.6.31-1

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687408: mdp: FTBFS: test failed

[David Prévot]

Control: tags -1 unreproducible

On Wed, Sep 12, 2012 at 03:16:42PM +0200, Lucas Nussbaum wrote:
 Source: mdp
 Version: 3.2+git78-g7db3c50-3
 Severity: serious
 Tags: wheezy sid
 User: debian...@lists.debian.org
 Usertags: qa-ftbfs-20120912 qa-ftbfs
 Justification: FTBFS in wheezy on amd64

Hi,

I was able to reproduce the bug on Wheezy yesterday night, but not
today. I couldn't find any relevant package that migrated in the mean
time, so not closing this bug without confirmation or enlightenment.

Regards

David


signature.asc
Description: Digital signature

Processed: Re: Bug#687408: mdp: FTBFS: test failed

[Debian Bug Tracking System]

Processing control commands:

 tags -1 unreproducible
Bug #687408 [src:mdp] mdp: FTBFS: test failed
Added tag(s) unreproducible.

-- 
687408: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687408
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668757: netdisco-{back, front}end: creates system user in, /home

[Andrew Starr-Bochicchio]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi all,

The attached debdiff fixes both postinst scripts so that they no
longer create a system user in /home on install. It also moves the
netdisco home directory to /var/lib/netdisco on upgrade. It will
delete the old directory if it is empty. If not, it simply notifies
the user as you suggest in your last comment on this bug. Here's the
upgrade part:

# Migrate home directory on upgrade from 1.0-1
if [ ! $2 =  ]  dpkg --compare-versions $2 le 1.0-1; then
echo Moving system user netdisco's home directory to
/var/lib/netdisco
if [ -d /home/netdisco ]  ! rmdir /home/netdisco; then
echo Directory /home/netdisco is not empty. Not removing.
fi
usermod --home /var/lib/netdisco netdisco
fi

Let me know what you think. As this is an RC bug, if I don't hear any
response in a few days I will seek a sponsor for a NMU.

Thanks!

- - Andrew Starr-Bochicchio

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJQXPerAAoJEDtW4rvVP9yxnekQAJihzhXcaXYBA9HTM3r32xmT
/ftn5XBnjFbz49vjxHMmITQWEwnjyR88gzLt1nlOn53LBenvQc2TjPeTETbhfHXb
aFT4nIH2bsuCvc8/r1f5zveMkPwgPTtQYN9D7/cU5NdTrQ5uYYZjgfBPmE+L5CML
lm8+YBBr9qxicmAhdXhmxLokxPCN+uQLyHbLDF9azlHOC6mPaNZdSwV2LGkXu1OL
v3yaYze/teA9MkcmHBgOPVtoYr1naM6HL7eJsqC6Dxz2kuemuqQK1Z7XUO+LGcNa
ZH4qT2E54iETj1uoTrJk0QjDX3PRw13JMlz5i7gP+CyCvd0XiMy6+0681cgKLlOu
Kw1DFyHFkcqZKTczfzrZOobWDABM/K53SMcWJnP33y9D2gToKjo/Mwe9ig28E4Up
w9POh08CwRgbKy6Dqo3fe1B1B/LDe5F3SG2yr+ixX1IClvfvf6Cz/TOGPqmJEDFA
GeX4zQ6qHnZA0HZmmZfA6dYhO5KX+jApBpMLKMMaZT1px/qOMAdmX7+bY3Tk8Kyh
C5hcUKRhDH+tLr4WNlTLVQiYUKJ4BhITGWCyjpTijP29HX7FgMlGfnghrY4Rf1hh
9Cj05wDpSKcdGQJbEhaR2s4zkYCefAc/uuyLsIl7m1GAKQPZe10GlCCvXwMedPYg
tDP/aeSBjL0F7usDbC6w
=T/QP
-END PGP SIGNATURE-
diff -u netdisco-1.0/debian/netdisco-backend.postinst 
netdisco-1.0/debian/netdisco-backend.postinst
--- netdisco-1.0/debian/netdisco-backend.postinst
+++ netdisco-1.0/debian/netdisco-backend.postinst
@@ -27,7 +27,16 @@
 if ! getent passwd netdisco  /dev/null 21 ; then
 adduser --quiet \
 --system --disabled-login --ingroup netdisco \
---quiet --shell /bin/bash --home /home/netdisco netdisco
+--no-create-home --home /var/lib/netdisco netdisco
+fi
+
+# Migrate home directory on upgrade from 1.0-1
+if [ ! $2 =  ]  dpkg --compare-versions $2 le 1.0-1; then
+echo Moving system user netdisco's home directory to 
/var/lib/netdisco
+if [ -d /home/netdisco ]  ! rmdir /home/netdisco; then
+echo Directory /home/netdisco is not empty. Not removing.
+fi
+usermod --home /var/lib/netdisco netdisco
 fi
 
 chown -R netdisco:netdisco /var/log/netdisco
diff -u netdisco-1.0/debian/changelog netdisco-1.0/debian/changelog
--- netdisco-1.0/debian/changelog
+++ netdisco-1.0/debian/changelog
@@ -1,3 +1,13 @@
+netdisco (1.0-1.1) UNRELEASED; urgency=low
+
+  * Non-maintainer upload.
+  * debian/netdisco-{frontend, backend}.postinst:
+   - No longer create system user in /home (Closes: #668757).
+   - On upgrades, move system user's home directory to
+ /var/lib/netdisco
+
+ -- Andrew Starr-Bochicchio a.star...@gmail.com  Fri, 21 Sep 2012 17:19:35 
-0400
+
 netdisco (1.0-1) unstable; urgency=low
 
   [ Oliver Gorwits ]
diff -u netdisco-1.0/debian/netdisco-frontend.postinst 
netdisco-1.0/debian/netdisco-frontend.postinst
--- netdisco-1.0/debian/netdisco-frontend.postinst
+++ netdisco-1.0/debian/netdisco-frontend.postinst
@@ -27,7 +27,16 @@
 if ! getent passwd netdisco  /dev/null 21 ; then
 adduser --quiet \
 --system --disabled-login --ingroup netdisco \
---quiet --shell /bin/bash --home /home/netdisco netdisco
+--no-create-home --home /var/lib/netdisco netdisco
+fi
+
+# Migrate home directory on upgrade from 1.0-1
+if [ ! $2 =  ]  dpkg --compare-versions $2 le 1.0-1; then
+echo Moving system user netdisco's home directory to 
/var/lib/netdisco
+if [ -d /home/netdisco ]  ! rmdir /home/netdisco; then
+echo Directory /home/netdisco is not empty. Not removing.
+fi
+usermod --home /var/lib/netdisco netdisco
 fi
 
 chown -R netdisco:www-data /var/lib/netdisco

Processed (with 1 errors): forcibly merging 668757 615956

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 forcemerge 668757 615956
Bug #668757 [netdisco-backend,netdisco-frontend] netdisco-{back,front}end: 
creates system user in /home
Unable to merge bugs because:
package of #615956 is 'netdisco-frontend' not 
'netdisco-backend,netdisco-frontend'
Failed to forcibly merge 668757: Did not alter merged bugs
Debbugs::Control::set_merged('transcript', 'GLOB(0xd2e050)', 
'requester', 'Andrew Starr-Bochicchio a.star...@gmail.com', 'request_addr', 
'cont...@bugs.debian.org', 'request_msgid', 
'1348270274-301-bts-a.star...@gmail.com', 'request_subject', ...) called at 
/usr/local/lib/site_perl/Debbugs/Control/Service.pm line 551
eval {...} called at 
/usr/local/lib/site_perl/Debbugs/Control/Service.pm line 550
Debbugs::Control::Service::control_line('line', undef, 'clonebugs', 
'HASH(0x169b9e8)', 'limit', 'HASH(0x169b430)', 'common_control_options', 
'ARRAY(0x169b478)', 'errors', ...) called at /usr/lib/debbugs/service line 471

 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
615956: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615956
668757: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668757
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687274: marked as done (CVE-2012-4405 integer overflow leading to heap based buffer overflow in embedded icclib)

[Debian Bug Tracking System]

Your message dated Sat, 22 Sep 2012 00:02:54 +
with message-id e1tfdbo-js...@franck.debian.org
and subject line Bug#687274: fixed in ghostscript 9.05~dfsg-6.1
has caused the Debian Bug report #687274,
regarding CVE-2012-4405 integer overflow leading to heap based buffer overflow 
in embedded icclib
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687274: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687274
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: ghostscript
Severity: grave
Tags: security patch

Hi,
the following vulnerability was published for ghostscript.

Quoting from the original report, as the mitre entry does not exist so far..
CVE-2012-4405[0]:
| An array index error leading to heap-based buffer out-of-buffer bounds write
| flaw was found in the way International Color Consortium (ICC) Format library
| (aka icclib) as used in Ghostscript and Argyll Color Management System 
computed
| dimensional increment through the clut based on the count of input channels.
| Using specially-crafted ICC profiles, an attacker could create a malicious
| PostScript or PDF file with embedded images which would cause Ghostscript to
| crash or, potentially, execute arbitrary code when opened by the victim.
| Similarly when such specially-crafted ICC profile was inspected by some of the
| Argyll Color Management System tools it could lead to particular executable
| crash or, arbitrary code execution with the privileges of the user running the


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities  Exposures) id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405
http://security-tracker.debian.org/tracker/CVE-2012-4405

Patch: https://bugzilla.redhat.com/attachment.cgi?id=609986

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0


pgpiVrmND6yJ9.pgp
Description: PGP signature
---End Message---
---BeginMessage---
Source: ghostscript
Source-Version: 9.05~dfsg-6.1

We believe that the bug you reported is fixed in the latest version of
ghostscript, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 687...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Cyril Brulebois k...@debian.org (supplier of updated ghostscript package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sat, 22 Sep 2012 01:18:12 +0200
Source: ghostscript
Binary: ghostscript ghostscript-cups ghostscript-x ghostscript-doc libgs9 
libgs9-common libgs-dev ghostscript-dbg
Architecture: source all amd64
Version: 9.05~dfsg-6.1
Distribution: unstable
Urgency: high
Maintainer: Debian Printing Team debian-print...@lists.debian.org
Changed-By: Cyril Brulebois k...@debian.org
Description: 
 ghostscript - interpreter for the PostScript language and for PDF
 ghostscript-cups - interpreter for the PostScript language and for PDF - CUPS 
filter
 ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug 
symbo
 ghostscript-doc - interpreter for the PostScript language and for PDF - 
Documentati
 ghostscript-x - interpreter for the PostScript language and for PDF - X11 
support
 libgs-dev  - interpreter for the PostScript language and for PDF - Development
 libgs9 - interpreter for the PostScript language and for PDF - Library
 libgs9-common - interpreter for the PostScript language and for PDF - common 
file
Closes: 687274 687300
Changes: 
 ghostscript (9.05~dfsg-6.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Apply security patch for CVE-2012-4405 (Closes: #687274): error out if
 inputChan is strictly less than 1 in icmLut_read(), thanks to Nico
 Golde for the pointers.
   * Enable xz compression for all binaries (Closes: #687300).
Checksums-Sha1: 
 9236b036ea032f2ed4d07ed191b829b453d79cb0 2168 ghostscript_9.05~dfsg-6.1.dsc
 532babb01e165fc532afa653656de42c21cb8a12 105362 
ghostscript_9.05~dfsg-6.1.debian.tar.gz
 8754ccace6848ea58040b0d7c9bf40164f746ead 2325870 
ghostscript-doc_9.05~dfsg-6.1_all.deb
 42fbe7b9bcd9260371d977f1a8d34b613e8274e9 1977094 

Processed: Re: Bug#687300: ghostscript: Please enable xz compression on all binaries

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tag 687274 pending
Bug #687274 {Done: Cyril Brulebois k...@debian.org} [ghostscript] 
CVE-2012-4405 integer overflow leading to heap based buffer overflow in 
embedded icclib
Added tag(s) pending.
 tag 687300 pending
Bug #687300 {Done: Cyril Brulebois k...@debian.org} [ghostscript] 
ghostscript: Please enable xz compression on all binaries
Added tag(s) pending.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
687274: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687274
687300: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687300
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: fixed 688302 in zabbix/1:2.0.1+dfsg-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 fixed 688302 zabbix/1:2.0.1+dfsg-1
Bug #688302 [zabbix-frontend-php] zabbix-frontend-php: modifies the config 
template /usr/share/doc/zabbix-frontend-php/dbconfig.php (policy 12.3, 10.7.3)
Marked as fixed in versions zabbix/1:2.0.1+dfsg-1.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
688302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#683695: libdrm-nouveau1a: when using Nvidia Gtx 550 Ti card boot stops at populating /dev

[Dick Thomas]

still a noob to debian so daren't do that yet as I don't want to get flamed
but thank you for the suggestions :)

Dick Thomas

On 19 September 2012 22:45, Michael Gilbert mgilb...@debian.org wrote:

 On Wed, Sep 19, 2012 at 9:42 AM, Dick Thomas wrote:
  Hello, Mike
 
  Sadly that didn't work still stopped displaying stuff at populating
 /dev/
  but I can hear it loading in the background (sound card popping etc)
  adding nomodeset does work but then I don't know if it still using
 nouveau
  or not as gnome 3 failsafe loads

 Try some of the troubleshooting steps?
 http://nouveau.freedesktop.org/wiki/TroubleShooting

 Also, supposedly fixed in kernel 3.4, and I saw a note somewhere
 mentioning the commits needed, so if you're really adventurous, you
 could try to identify those and request the kernel team apply them to
 support your hardware.

 Best wishes,
 Mike