Bug#692190: marked as done (ruby-pgplot: ftbfs missing pgplot5 build-dependency)
Your message dated Thu, 22 Nov 2012 09:29:39 +0100 with message-id 20121122082936.ga26...@crater2.logilab.fr and subject line Re: Bug#692190: ruby-pgplot: ftbfs missing pgplot5 build-dependency has caused the Debian Bug report #692190, regarding ruby-pgplot: ftbfs missing pgplot5 build-dependency to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 692190: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692190 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- package: ruby-pgplot version: 0.1.3-3 severity: serious Hi, Your package has failed to build on the buildds due to a build-dependency on missing pgplot5 for a while now. That is considered missing since it is a package in non-free. Best wishes, Mike ---End Message--- ---BeginMessage--- On Sat, Nov 3, 2012 at 03:28:02 -0400, Michael Gilbert wrote: package: ruby-pgplot version: 0.1.3-3 severity: serious Hi, Your package has failed to build on the buildds due to a build-dependency on missing pgplot5 for a while now. That is considered missing since it is a package in non-free. No it ain't. You should go educate yourself before making obviously false statements like this. Not amused, Julien---End Message---
Bug#692299: tdom: broken on kfreebsd-*
On Thu, Nov 22, 2012 at 2:37 AM, Michael Gilbert wrote: control: tag -1 patch Hi, I've uploaded an nmu fixing this issue. Please see attached patch. That version got a lintian autoreject. I've fixed that and re-uploaded. Please see new patch attached. Best wishes, Mike tdom.patch Description: Binary data
Bug#693224: #693224 ntp-wait - Needs Getopt/Std.pm
Hi, perl indeed depends on perl-modules. Bastian, how can you have perl installed but not perl-modules? -Timo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692299: marked as done (tdom: broken on kfreebsd-*)
Your message dated Thu, 22 Nov 2012 08:47:31 + with message-id e1tbsrx-0003fi...@franck.debian.org and subject line Bug#692299: fixed in tdom 0.8.3~20080525-3+nmu1 has caused the Debian Bug report #692299, regarding tdom: broken on kfreebsd-* to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 692299: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692299 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: tdom Version: 0.8.3~20080525-3 Severity: grave Justification: unusable on kfreebsd-* As seen at http://packages.debian.org/sid/tdom this package doesn't contain any shared objects (*.so) on kfreebsd-*. Looking at the build log: checking system version... GNU/kFreeBSD-7.2-1-amd64 checking for dlopen in -ldl... yes checking for ar... ar Can't figure out how to do dynamic loading or shared libraries on this system. checking for required early compiler flags... _LARGEFILE64_SOURCE [...] rm -f libtdom0.8.3 o libtdom0.8.3 xmlsimple.o utf8conv.o dom.o domhtml.o domxpath.o domxslt.o domlock.o tcldom.o nodecmd.o tdominit.o tclexpat.o tdomStubInit.o -lexpat -L/usr/lib -ltclstub8.4 make[1]: o: Command not found make[1]: [libtdom0.8.3] Error 127 (ignored) [...] rm -f libtnc0.3.0 o libtnc0.3.0 tnc.o -L/build/buildd-tdom_0.8.3~20080525-3-kfreebsd-amd64-mxD9WW/tdom-0.8.3~20080525/unix -ltdomstub0.8.3 -L/usr/lib -ltclstub8.4 /bin/sh: o: command not found make[1]: [libtnc0.3.0] Error 127 (ignored) I assume that the missing libtdom0.8.3.so makes the package unusable. If this is not the case, feel free to downgrade the severity. -- Niko Tyni nt...@debian.org ---End Message--- ---BeginMessage--- Source: tdom Source-Version: 0.8.3~20080525-3+nmu1 We believe that the bug you reported is fixed in the latest version of tdom, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 692...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert mgilb...@debian.org (supplier of updated tdom package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 22 Nov 2012 07:30:32 + Source: tdom Binary: tdom tdom-dev Architecture: source amd64 Version: 0.8.3~20080525-3+nmu1 Distribution: unstable Urgency: medium Maintainer: Tcl/Tk Debian Packagers pkg-tcltk-de...@lists.alioth.debian.org Changed-By: Michael Gilbert mgilb...@debian.org Description: tdom - A fast XML/DOM/XPath/XSLT extension for Tcl written in C tdom-dev - A fast XML/DOM/XPath/XSLT extension for Tcl written in C - develo Closes: 692299 Changes: tdom (0.8.3~20080525-3+nmu1) unstable; urgency=medium . * Non-maintainer upload. * Add a binary-indep rule (fixes ftp-master autoreject). * Support kfreebsd in configure scripts (closes: #692299). Checksums-Sha1: d61670a683b5a227a4f86e455d60cb8a74bdc314 2820 tdom_0.8.3~20080525-3+nmu1.dsc 46a970c4bf9ceac293d61de24a8a096334a6fd85 72090 tdom_0.8.3~20080525-3+nmu1.diff.gz 90c680ad995faa74c2d8a50215e7edb847cc91ab 267278 tdom_0.8.3~20080525-3+nmu1_amd64.deb bc9add103bd77d74f85f0b656e830625244651fc 40520 tdom-dev_0.8.3~20080525-3+nmu1_amd64.deb Checksums-Sha256: e3ed4255358d6c433c63693b95df1e0e67c1d14960bad8bc6134c6f1b9fb45e9 2820 tdom_0.8.3~20080525-3+nmu1.dsc 4da9f062ab908d2ba5d53fe8fab6794fcda8ec5b9af9d4da935c5ba2c24c0bdb 72090 tdom_0.8.3~20080525-3+nmu1.diff.gz 2004034fd4b196922c0e99f5053e85dd6673956cbc13451b1ceea0d589da7a2b 267278 tdom_0.8.3~20080525-3+nmu1_amd64.deb b6ca5bf1f3d7b0e37ddb384dea8adadfbd435bd9572a46527964cc33e3a32137 40520 tdom-dev_0.8.3~20080525-3+nmu1_amd64.deb Files: 0809852043cdab1dc02603fec4fd1b79 2820 libs optional tdom_0.8.3~20080525-3+nmu1.dsc c1ff7b743586d67ca7016dc43a39f43c 72090 libs optional tdom_0.8.3~20080525-3+nmu1.diff.gz 817341e7a4cce9fefb9b85fc4441475f 267278 libs optional tdom_0.8.3~20080525-3+nmu1_amd64.deb b8beab710fd41120ecc138c20c6a7eb0 40520 libdevel optional tdom-dev_0.8.3~20080525-3+nmu1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQQcBAEBCAAGBQJQreP0AAoJELjWss0C1vRzm44f/3G73v50yEnng25KVpeB4vX/ Nqlp7MLsqwtVG7pn3JQZp0gOMGgu1T6RmP7S8oUyC4uSYhUS0977mx26Twx1rktf
Bug#674821: #674821 xserver-xorg-input-tslib: undefined symbol: xf86XInputSetScreen reported when X loads tslib_drv.so
Hi, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693158 seems to suffer from a similar issue. There's a patch that just comments out the call to the function in question... -Timo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693288: #693288 src:jsxgraph: maintainer address bounces
Hi, launchpad lists an alternative email. Maybe that works? (added to CC). -Timo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692650: Patches for CVE-2012-5783 and CVE-2012-5784
I've backported the routine to validate certificate name, and I've made a patch (attached). I'm not sure it's a good idea apply the patch, it can break programs that connect with bad hostnames (ips, host in /etc/hostname, etc) Would you mind getting your patches for these issues reviewed and applied by the appropriate upstreams? Thanks, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692435: marked as done (gegl: CVE-2012-4433 - Integer overflow, leading to heap-based buffer overflow by parsing PPM image headers)
Your message dated Thu, 22 Nov 2012 09:03:03 + with message-id e1tbsgz-0006sk...@franck.debian.org and subject line Bug#692435: fixed in gegl 0.2.0-2+nmu1 has caused the Debian Bug report #692435, regarding gegl: CVE-2012-4433 - Integer overflow, leading to heap-based buffer overflow by parsing PPM image headers to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 692435: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692435 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: gegl Severity: grave Tags: security Justification: user security hole Hi, please see : http://seclists.org/oss-sec/2012/q4/215 Can you confirm if any of the Debian packages are affected? Cheers, luciano ---End Message--- ---BeginMessage--- Source: gegl Source-Version: 0.2.0-2+nmu1 We believe that the bug you reported is fixed in the latest version of gegl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 692...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert mgilb...@debian.org (supplier of updated gegl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 22 Nov 2012 08:04:44 + Source: gegl Binary: gegl libgegl-0.2-0 libgegl-dev libgegl-doc libgegl-0.2-0-dbg Architecture: source all amd64 Version: 0.2.0-2+nmu1 Distribution: unstable Urgency: high Maintainer: Matteo F. Vescovi mfv.deb...@gmail.com Changed-By: Michael Gilbert mgilb...@debian.org Description: gegl - Generic Graphics Library Test Program libgegl-0.2-0 - Generic Graphics Library libgegl-0.2-0-dbg - Generic Graphics Library (debugging symbols) libgegl-dev - Generic Graphics Library (development files) libgegl-doc - Generic Graphics Library (documentation) Closes: 692435 Changes: gegl (0.2.0-2+nmu1) unstable; urgency=high . * Non-maintainer upload. * Fix cve-2012-4433: multiple buffer overflow issues (closes: #692435). Checksums-Sha1: 0bc4504d4a5d3a40bc7c09ba564d8b29dc4e2ff1 3189 gegl_0.2.0-2+nmu1.dsc d1b01a823851f39d3ed739ac8b47abc9482253e0 8864 gegl_0.2.0-2+nmu1.debian.tar.gz 26114732cabeb35c02d4b6f91cd401eebdc51bcd 1520978 libgegl-doc_0.2.0-2+nmu1_all.deb d24fd9b08fe0044160645d40e7b9fa8beeea9627 167916 gegl_0.2.0-2+nmu1_amd64.deb c6c63ac4ea59129eab1f77d9450d3be6ca2005d5 782526 libgegl-0.2-0_0.2.0-2+nmu1_amd64.deb c98b820273605644214c7bd1387d0790a650a2a0 220456 libgegl-dev_0.2.0-2+nmu1_amd64.deb 96fcf6b75be5b4c91e11d14edd900075b057059e 2184062 libgegl-0.2-0-dbg_0.2.0-2+nmu1_amd64.deb Checksums-Sha256: 679894d0ab18b31c3c2504f9bcec20e24b32255f0426703783c237913f5ab6e1 3189 gegl_0.2.0-2+nmu1.dsc 4236bde5922170f19f0417e755143e411cac9e60c0f333267d2fd5261a379fa5 8864 gegl_0.2.0-2+nmu1.debian.tar.gz 6906868c945c7b6782c47adf0bdb39bf992932a1be4637f038c35f123df83698 1520978 libgegl-doc_0.2.0-2+nmu1_all.deb d653beb2d70fdc1c72ae51ac7a1c78dcf7248d85c3cc333bd57d0cb2338b3628 167916 gegl_0.2.0-2+nmu1_amd64.deb 4907baa40d817ec7728abd6fc040f8c0bb739e11a6298a01903b54c3062d830c 782526 libgegl-0.2-0_0.2.0-2+nmu1_amd64.deb d3586a3fd4ecd18b760ecb34c98563afe45dcebea1908388b84cb9c6f716092a 220456 libgegl-dev_0.2.0-2+nmu1_amd64.deb 14ce5d00b358aaafdce3d129e1a1cb69de9114522955595f6a1b6cb93c6a7d8f 2184062 libgegl-0.2-0-dbg_0.2.0-2+nmu1_amd64.deb Files: e86c7025972846893b8ff911a380a833 3189 libs optional gegl_0.2.0-2+nmu1.dsc 01ea918ee0f09ed5596a50c188a60bb8 8864 libs optional gegl_0.2.0-2+nmu1.debian.tar.gz 6c8f35de9c7aec837f7376fb52a77fed 1520978 doc optional libgegl-doc_0.2.0-2+nmu1_all.deb ebff39d97896bbdaabf5cc71955cb37c 167916 libs optional gegl_0.2.0-2+nmu1_amd64.deb 8eeb1bd6580c22fe0ba90f971a21aea5 782526 libs optional libgegl-0.2-0_0.2.0-2+nmu1_amd64.deb 00ac8dee9b3bfb56e1dbba7753506709 220456 libdevel optional libgegl-dev_0.2.0-2+nmu1_amd64.deb 809204bdf9615a1beef49de4ff1e0ff1 2184062 debug extra libgegl-0.2-0-dbg_0.2.0-2+nmu1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQQcBAEBCAAGBQJQreWXAAoJELjWss0C1vRz7zYf/27SBBIxzR2hzDe6G10m2O3W pqmq2q9Laex4C7CtWAxawdr7yaFWE+YfhfcJDz6dtWrW63xWSffR3/Y+cSksZweR zrKI0ygYXgiBwTtopGdb2yfoWUBv3Uu/uJ1XfLrP1yWQrYXsmlzfUkZaKuG5Hmhg
Bug#693224: dovecot-core - Needs Getopt/Std.pm
On Wed, Nov 14, 2012 at 14:06:39 -0500, Jaldhar H. Vyas wrote: reassign 693224 ntp retitle 693224 ntp-wait - Needs Getopt/Std.pm thanks On Wed, 14 Nov 2012, Bastian Blank wrote: Package: dovecot-core Version: 1:2.1.7-2 Severity: serious The dovecot init script needs Getopt/Std.pm but there is no dependency. | [] Starting IMAP/POP3 mail server: dovecotCan't locate Getopt/Std.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at /usr/sbin/ntp-wait line 5. | BEGIN failed--compilation aborted at /usr/sbin/ntp-wait line 5. | . ok Bastian The script calls ntp-wait which is the one that actually needs Getopt::Std The ntp package provides more than just that one script. The rest doesn't need perl, so I would argue it's ok for ntp to not depend on perl, and the bug here is in dovecot. Cheers, Julien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692076: proposal approved
Our proposed method is to fix the two bugs in a minimal change new upstream 0.94.4 release. This will involve making the change for src/xlsparse.c and fixing the released tarball with no other changes. The latest this should be complete (including the upload of the new upstream release to close these two bugs in unstable) is expected to be the end of next week. If it can be moved up, we will. A few days after the bugs are closed in unstable, Nick will file the unblock request to get the changes into Wheezy. The new release will be done in a branch in SVN and then the changes pushed back into trunk at a later date. The cmake branch will likely be merged at that point as well, getting us finally to 0.95.0 or possibly even 1.0.0. At some point (after Wheezy), there will be another new upstream release and that will be uploaded to go into Jessie and backported to Wheezy-backports. -- Neil Williams = http://www.linux.codehelp.co.uk/ pgp6CSg1McVxO.pgp Description: PGP signature
Bug#675913: marked as done (ldirectord failed to start, RFC2553 compatible getaddrinfo/getnameinfo)
Your message dated Thu, 22 Nov 2012 10:02:39 + with message-id e1tbtcf-00040n...@franck.debian.org and subject line Bug#675913: fixed in resource-agents 1:3.9.3+git20121009-2 has caused the Debian Bug report #675913, regarding ldirectord failed to start, RFC2553 compatible getaddrinfo/getnameinfo to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 675913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675913 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: resource-agents Severity: grave Tags: upstream patch ldirectord failed to start, with following error: Subroutine main::pack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67. at /usr/sbin/ldirectord line 831 Subroutine main::unpack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67. at /usr/sbin/ldirectord line 831 Subroutine main::sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67. at /usr/sbin/ldirectord line 831 Subroutine main::pack_sockaddr_in6 redefined at /usr/sbin/ldirectord line 3060 Subroutine main::unpack_sockaddr_in6 redefined at /usr/sbin/ldirectord line 3060 Subroutine main::sockaddr_in6 redefined at /usr/sbin/ldirectord line 3060 Subroutine main::pack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67. at /usr/sbin/ldirectord line 831 Subroutine main::unpack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67. at /usr/sbin/ldirectord line 831 Subroutine main::sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67. at /usr/sbin/ldirectord line 831 Subroutine main::pack_sockaddr_in6 redefined at /usr/sbin/ldirectord line 3060 Subroutine main::unpack_sockaddr_in6 redefined at /usr/sbin/ldirectord line 3060 Subroutine main::sockaddr_in6 redefined at /usr/sbin/ldirectord line 3060 After comment out `use Socket6;`, got following error: Bareword NI_NUMERICHOST not allowed while strict subs in use at /usr/sbin/ldirectord line 5046. Bareword NI_NUMERICSERV not allowed while strict subs in use at /usr/sbin/ldirectord line 5046. Execution of /usr/sbin/ldirectord aborted due to compilation errors. Additional dependency required: libsocket-getaddrinfo-perl -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (300, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Description: short summary of the patch TODO: Put a short summary on the line above and replace this paragraph with a longer explanation of this change. Complete the meta-information with other relevant fields (see below for details). To make it easier, the information below has been extracted from the changelog. Adjust it or drop it. . resource-agents (1:3.9.2-5) unstable; urgency=high . * debian/control: Fix the Conflicts and Replaces lines of resource-agents to make sure that cluster-agents and resource-agents are mutually exclusive. Setting the urgency to high because this bug keeps people from running the whole clusterstack (Closes: #646110) * debian/patches/ocf-asterisk: Include the Asterisk PBX OCF resource agent written by Florian Haas, Andreas Kurz and me, sponsored by hastexo Author: Martin Loschwitz madk...@debian.org Bug-Debian: http://bugs.debian.org/646110 --- The information above should follow the Patch Tagging Guidelines, please checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here are templates for supplementary fields that you might want to add: Origin: vendor|upstream|other, url of original patch Bug: url in upstream bugtracker Bug-Debian: http://bugs.debian.org/bugnumber Bug-Ubuntu: https://launchpad.net/bugs/bugnumber Forwarded: no|not-needed|url proving that it has been forwarded Reviewed-By: name and email of someone who approved the patch Last-Update: -MM-DD Index: resource-agents-3.9.2/ldirectord/ldirectord.in === --- resource-agents-3.9.2.orig/ldirectord/ldirectord.in 2012-06-04 13:24:40.0 +0800 +++ resource-agents-3.9.2/ldirectord/ldirectord.in 2012-06-04 14:16:33.994237831 +0800 @@ -828,7 +828,8 @@ #use English; #use Time::HiRes qw( gettimeofday tv_interval ); use Socket; -use Socket6; +use Socket::GetAddrInfo qw( getaddrinfo getnameinfo NI_NUMERICHOST NI_NUMERICSERV NI_NAMEREQD ); +#use Socket6; use Sys::Hostname; use POSIX qw(setsid :sys_wait_h); use Sys::Syslog
Bug#693885: src:mathgl: non-free files in main (GFDL with Back/Front Cover Text)
Sébastien Villemot sebast...@debian.org writes: Ansgar Burchardt ans...@debian.org writes: Source: mathgl Version: 1.11.2-14 Severity: serious Control: found -1 2~rc1-3 Files: texinfo/* Copyright: (C) 2008 Alexey Balakin mathgl.abala...@gmail.com License: GFDL-1.2+ Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with the Front-Cover Texts being ``A GNU Manual,'' and with the Back-Cover Texts as in (a) below. A copy of the license is included in the section entitled ``GNU Free Documentation License.'' (a) The FSF's Back-Cover Text is: ``You have the freedom to copy and modify this GNU manual. Buying copies from the FSF supports it in developing GNU and promoting software freedom.'' The GFDL is only free without Invariant Sections and without Front- and Back-Cover Texts. Looks like we have to strip the manual from the package, unless upstream (quickly) agrees to remove the front- and back-cover texts. Dimitrios has contacted the upstream author, and he agrees to remove the front- and back-cover texts. Ansgar: is it ok for ftpmasters if we fix this issue by just changing the debian/copyright file (possibly pointing to some public location like a SVN commit as a proof of the relicensing)? or do you require upload with a new orig tarball? -- .''`.Sébastien Villemot : :' :Debian Developer `. `' http://www.dynare.org/sebastien `- GPG Key: 4096R/381A7594 pgpB0jI60kBeO.pgp Description: PGP signature
Bug#693158: Xorg: symbol lookup error: ...penmount_drv.so: undefined symbol: xf86XInputSetScreen
Julien, sorry for my late reply - simply didn't have time to investigate this further. but: good news is that inputattach is working perfectly! thanks for the hint :) I have documented the whole thing in my blog entry https://sites.google.com/site/guenterbartsch/blog/updateonpenmounttouchscreensupportondebian7 thanks again and best regards, guenter On Tue, Nov 13, 2012 at 8:29 PM, Julien Cristau jcris...@debian.org wrote: On Tue, Nov 13, 2012 at 20:05:18 +0100, Guenter Bartsch wrote: Package: xserver-xorg-input-penmount Version: 1:1.5.0-1+b2 Severity: important Dear Maintainer, penmount driver will crash the Xorg server on every touch attempt because it seems to use outdated API functions: Xorg: symbol lookup error: /usr/lib/xorg/modules/input/penmount_drv.so: undefined symbol: xf86XInputSetScreen the attached patch fixes it (at the expense of probably losing multiple screen support, but at least for single-screen setups the package remains useful and stable). Thanks for the patch. Out of interest, does using inputattach (from the package of the same name; see /usr/share/doc/inputattach/README.Debian for setup instructions) work with your device? (That should use the standard xserver-xorg-input-evdev driver, which contrary to xserver-xorg-input-penmount is still being maintained.) Cheers, Julien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659155: Status of kdeadmin 4:4.8.4-2 (bug 659155)?
On Thu 22 Nov 2012 00:40:27 Michael Gilbert escribió: Pending an upload, whenever some of us has the time to do it. On the other hand, I'm still not quite sure that this can be viewed as a fix. I'm removing the patch tag, because the approiate tag would be pending, but as I said before, I'm still not sure of this. The best way to see whether an issue is fixed is to make it available to the people experiencing the problem. If you're afraid of causing problems in unstable, you can use experimental first. Not the case here Michael :-) My worry is that this seems more like a hack than a proper fix. Kinds regards, Lisandro. -- Lisandro Damián Nicanor Pérez Meyer http://perezmeyer.com.ar/ http://perezmeyer.blogspot.com/ signature.asc Description: This is a digitally signed message part.
Bug#693971: openldap FTBFS on hurd-i386
Package: src:openldap Version: 2.4.31-1 Severity: serious Openldap fails to build on hurd-i386. The build has been tried in buildd three times and failed. The compilation itself completes and the build then fails during make check. Running ../../../tests/scripts/all for bdb... Executing all LDAP tests for bdb Starting test000-rootdse for bdb... running defines.sh Starting slapd on TCP/IP port 9011... Using ldapsearch to retrieve the root DSE... Waiting 5 seconds for slapd to start... Waiting 5 seconds for slapd to start... Waiting 5 seconds for slapd to start... Waiting 5 seconds for slapd to start... Waiting 5 seconds for slapd to start... Waiting 5 seconds for slapd to start... ../../../tests/scripts/test000-rootdse: 66: kill: No such process ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Test failed test000-rootdse failed for bdb make[3]: *** [bdb-mod] Error 255 make[2]: *** [test] Error 2 make[1]: *** [test] Error 2 dh_auto_test: make -j1 test returned exit code 2 make: *** [build-arch] Error 29 Mattias signature.asc Description: This is a digitally signed message part
Processed: Re: Bug#693971: openldap FTBFS on hurd-i386
Processing control commands: severity -1 important Bug #693971 [src:openldap] openldap FTBFS on hurd-i386 Severity set to 'important' from 'serious' -- 693971: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693971 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693224: dovecot-core - Needs Getopt/Std.pm
On Thu, 22 Nov 2012, Julien Cristau wrote: The ntp package provides more than just that one script. The rest doesn't need perl, so I would argue it's ok for ntp to not depend on perl, and the bug here is in dovecot. Well it is moot then because dovecot no longer uses ntp-wait. But I still don't understand why if even a small portion of the ntp packages functionality will fail to work without an additional package, it should not depend on or atleast recommend that package. -- Jaldhar H. Vyas jald...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693971: openldap FTBFS on hurd-i386
Control: severity -1 important On Thu, Nov 22, 2012 at 13:51:09 +0100, Mattias Ellert wrote: Package: src:openldap Version: 2.4.31-1 Severity: serious Openldap fails to build on hurd-i386. The build has been tried in buildd three times and failed. That is not a serious bug. hurd-i386 is not a release architecture. Cheers, Julien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693885: src:mathgl: non-free files in main (GFDL with Back/Front Cover Text)
On 11/22/2012 11:14 AM, Sébastien Villemot wrote: Dimitrios has contacted the upstream author, and he agrees to remove the front- and back-cover texts. Ansgar: is it ok for ftpmasters if we fix this issue by just changing the debian/copyright file (possibly pointing to some public location like a SVN commit as a proof of the relicensing)? or do you require upload with a new orig tarball? Just updating d/copyright with this information is fine. Thanks for looking into it and also thanks to upstream :) Ansgar -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693224: dovecot-core - Needs Getopt/Std.pm
On Thu, Nov 22, 2012 at 07:59:57 -0500, Jaldhar H. Vyas wrote: On Thu, 22 Nov 2012, Julien Cristau wrote: The ntp package provides more than just that one script. The rest doesn't need perl, so I would argue it's ok for ntp to not depend on perl, and the bug here is in dovecot. Well it is moot then because dovecot no longer uses ntp-wait. But I still don't understand why if even a small portion of the ntp packages functionality will fail to work without an additional package, it should not depend on or atleast recommend that package. It does recommend it. Cheers, Julien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692435: gegl: CVE-2012-4433
Hi Michael! On Thu, Nov 22, 2012 at 10:25 AM, Michael Gilbert michael.s.gilb...@gmail.com wrote: I've uploaded an nmu fixing this issue. Please see attached patch. Ahhh... thanks for taking care of this bug. Sorry for the eternal delay in my reply, but in this period I'm overwhelmed by real-life stuff ;-) I'll apply your NMU changes asap. Cheers. -- Matteo F. Vescovi Debian Maintainer GnuPG KeyID: 83B2CF7A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693224: dovecot-core - Needs Getopt/Std.pm
On Thu, 22 Nov 2012, Julien Cristau wrote: It does recommend it. It being perl or perl-modules? I think it ought to be the latter. -- Jaldhar H. Vyas jald...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693224: dovecot-core - Needs Getopt/Std.pm
On Thu, Nov 22, 2012 at 09:03:03 -0500, Jaldhar H. Vyas wrote: On Thu, 22 Nov 2012, Julien Cristau wrote: It does recommend it. It being perl or perl-modules? I think it ought to be the latter. Makes no difference, there's a circular dep between the two. Also the perl-modules description says: Note that this package only exists to save archive space and should be considered an internal implementation detail of the `perl' package. Other packages should not depend on `perl-modules' directly, they should use `perl' (which depends on `perl-modules') instead. Cheers, Julien signature.asc Description: Digital signature
Bug#693224: marked as done (ntp-wait - Needs Getopt/Std.pm)
Your message dated Thu, 22 Nov 2012 09:16:53 -0500 (EST) with message-id alpine.DEB.2.02.1211220914370.3950@kubuntu and subject line Re: Bug#693224: dovecot-core - Needs Getopt/Std.pm has caused the Debian Bug report #693224, regarding ntp-wait - Needs Getopt/Std.pm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 693224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693224 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: dovecot-core Version: 1:2.1.7-2 Severity: serious The dovecot init script needs Getopt/Std.pm but there is no dependency. | [] Starting IMAP/POP3 mail server: dovecotCan't locate Getopt/Std.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at /usr/sbin/ntp-wait line 5. | BEGIN failed--compilation aborted at /usr/sbin/ntp-wait line 5. | . ok Bastian -- System Information: Debian Release: wheezy/sid APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'testing'), (400, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- On Thu, 22 Nov 2012, Julien Cristau wrote: Makes no difference, there's a circular dep between the two. Also the perl-modules description says: Note that this package only exists to save archive space and should be considered an internal implementation detail of the `perl' package. Other packages should not depend on `perl-modules' directly, they should use `perl' (which depends on `perl-modules') instead. Then if it is not a dovecot problem or an ntp problem, let's just close the bug. -- Jaldhar H. Vyas jald...@debian.org---End Message---
Bug#693224: dovecot-core - Needs Getopt/Std.pm
Control: reassign -1 dovecot 1:2.1.7-2 Control: fixed -1 dovecot/1:2.1.7-5 On Thu, Nov 22, 2012 at 09:16:53 -0500, Jaldhar H. Vyas wrote: On Thu, 22 Nov 2012, Julien Cristau wrote: Makes no difference, there's a circular dep between the two. Also the perl-modules description says: Note that this package only exists to save archive space and should be considered an internal implementation detail of the `perl' package. Other packages should not depend on `perl-modules' directly, they should use `perl' (which depends on `perl-modules') instead. Then if it is not a dovecot problem or an ntp problem, let's just close the bug. I think it's a dovecot problem, at least in earlier versions (including the one in wheezy). Cheers, Julien signature.asc Description: Digital signature
Processed: Re: Bug#693224: dovecot-core - Needs Getopt/Std.pm
Processing control commands:
reassign -1 dovecot 1:2.1.7-2
Bug #693224 {Done: Jaldhar H. Vyas jald...@debian.org} [ntp] ntp-wait -
Needs Getopt/Std.pm
Bug reassigned from package 'ntp' to 'dovecot'.
Ignoring request to alter found versions of bug #693224 to the same values
previously set
Ignoring request to alter fixed versions of bug #693224 to the same values
previously set
Bug #693224 {Done: Jaldhar H. Vyas jald...@debian.org} [dovecot] ntp-wait -
Needs Getopt/Std.pm
There is no source info for the package 'dovecot' at version '1:2.1.7-2' with
architecture ''
Unable to make a source version for version '1:2.1.7-2'
Marked as found in versions 1:2.1.7-2.
fixed -1 dovecot/1:2.1.7-5
Bug #693224 {Done: Jaldhar H. Vyas jald...@debian.org} [dovecot] ntp-wait -
Needs Getopt/Std.pm
Marked as fixed in versions dovecot/1:2.1.7-5.
--
693224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693224
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693980: gpsim: fails to upgrade lenny - squeeze - wheezy - trying to overwrite /usr/lib/libgpsim_graphicLCD.so.0.0.0
Control: affects -1 + gpsim-lcd gpsim-lcd-graphic Same problem with gpsim-lcd: Preparing to replace gpsim 0.24-3 (using .../gpsim_0.26.1-2_amd64.deb) ... Unpacking replacement gpsim ... dpkg: error processing /var/cache/apt/archives/gpsim_0.26.1-2_amd64.deb (--unpack): trying to overwrite '/usr/lib/libgpsim_lcd.so.0.0.0', which is also in package gpsim-lcd 0.2.9-1 dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) configured to not write apport reports Andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#693980: gpsim: fails to upgrade lenny - squeeze - wheezy - trying to overwrite /usr/lib/libgpsim_graphicLCD.so.0.0.0
Processing control commands: affects -1 + gpsim-lcd gpsim-lcd-graphic Bug #693980 [gpsim] gpsim: fails to upgrade lenny - squeeze - wheezy - trying to overwrite /usr/lib/libgpsim_graphicLCD.so.0.0.0 Added indication that 693980 affects gpsim-lcd and gpsim-lcd-graphic -- 693980: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693980 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: libzorpll-dev: fails to upgrade lenny - squeeze - wheezy - trying to overwrite /usr/include/zorp/streamblob.h
Processing control commands: affects -1 + libzorp2-dev Bug #693984 [libzorpll-dev] libzorpll-dev: fails to upgrade lenny - squeeze - wheezy - trying to overwrite /usr/include/zorp/streamblob.h Added indication that 693984 affects libzorp2-dev -- 693984: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693984 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693024: marked as done (ruby1.9.1: CVE-2012-5371)
Your message dated Thu, 22 Nov 2012 15:18:13 + with message-id e1tbyxd-0007md...@franck.debian.org and subject line Bug#693024: fixed in ruby1.9.1 1.9.3.194-4 has caused the Debian Bug report #693024, regarding ruby1.9.1: CVE-2012-5371 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 693024: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693024 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: ruby1.9.1 Severity: grave Tags: security Justification: user security hole Please see http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/ Fix: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revisionrevision=37600 Cheers, Moritz ---End Message--- ---BeginMessage--- Source: ruby1.9.1 Source-Version: 1.9.3.194-4 We believe that the bug you reported is fixed in the latest version of ruby1.9.1, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 693...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro terce...@debian.org (supplier of updated ruby1.9.1 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 22 Nov 2012 10:30:37 -0300 Source: ruby1.9.1 Binary: ruby1.9.1 libruby1.9.1 libruby1.9.1-dbg ruby1.9.1-dev libtcltk-ruby1.9.1 ruby1.9.1-examples ri1.9.1 ruby1.9.1-full ruby1.9.3 Architecture: source all amd64 Version: 1.9.3.194-4 Distribution: unstable Urgency: high Maintainer: akira yamada ak...@debian.org Changed-By: Antonio Terceiro terce...@debian.org Description: libruby1.9.1 - Libraries necessary to run Ruby 1.9.1 libruby1.9.1-dbg - Debugging symbols for Ruby 1.9.1 libtcltk-ruby1.9.1 - Tcl/Tk interface for Ruby 1.9.1 ri1.9.1- Ruby Interactive reference (for Ruby 1.9.1) ruby1.9.1 - Interpreter of object-oriented scripting language Ruby ruby1.9.1-dev - Header files for compiling extension modules for the Ruby 1.9.1 ruby1.9.1-examples - Examples for Ruby 1.9 ruby1.9.1-full - Ruby 1.9.1 full installation ruby1.9.3 - Interpreter of object-oriented scripting language Ruby, version 1 Closes: 693024 Changes: ruby1.9.1 (1.9.3.194-4) unstable; urgency=high . [ James Healy ] * debian/patches/CVE-2012-5371.patch: avoid DOS vulnerability in hash implementation, this fixes CVE-2012-5371. (Closes: #693024). Checksums-Sha1: f9c9d98fa041adb3f9298ef4623f5dedf5c11e12 1994 ruby1.9.1_1.9.3.194-4.dsc b1e5ad144b74d689618ca89ad4c8a657c0a442ce 56783 ruby1.9.1_1.9.3.194-4.debian.tar.gz b750811c9b0c211acfafddc0622ebc4cb98135ae 232776 ruby1.9.1-examples_1.9.3.194-4_all.deb 61053a0f2805a9a72909cca4668096bc50e70b5e 2172520 ri1.9.1_1.9.3.194-4_all.deb c8ea4237d1f1477ca3b0660edbfe31ff689c5938 170840 ruby1.9.1-full_1.9.3.194-4_all.deb ce10edc7aa513dfdca030d9f30dab0bdf110b4e0 171402 ruby1.9.3_1.9.3.194-4_all.deb 9118110fac6ec2372461b0f156f871fe8668468c 207740 ruby1.9.1_1.9.3.194-4_amd64.deb a8cf8b224e20d3d094461ac2daadc6212a24af2e 4414378 libruby1.9.1_1.9.3.194-4_amd64.deb 009f098f8f0f7027ba5e4ea91594c5cdaacc3d22 4561212 libruby1.9.1-dbg_1.9.3.194-4_amd64.deb d43539643e1596006a7df508ea7f165d72d45e75 1383976 ruby1.9.1-dev_1.9.3.194-4_amd64.deb c2669af9a9a9245cae05d576c2a7965ae11bf5c4 1958998 libtcltk-ruby1.9.1_1.9.3.194-4_amd64.deb Checksums-Sha256: 4a1cb9ad3eb4eaf36de9944952e442914adfb0a58182e9fa2e2c565ab6d27f20 1994 ruby1.9.1_1.9.3.194-4.dsc 6d4e28d841bf68788f6c95af198e0ff404b2cfd0af7b1f62acc80bdf7877027d 56783 ruby1.9.1_1.9.3.194-4.debian.tar.gz 2046539d39d6e80200ba6448c6d46a9251edf408712c8a8444c2c25975fc35ba 232776 ruby1.9.1-examples_1.9.3.194-4_all.deb 78f7ea127514d9fcb219b021b9659e5dd22184b848ac97a285b2ef7be2cf4e24 2172520 ri1.9.1_1.9.3.194-4_all.deb 5e28d785256b99ff90c45a5bb4fb94ca3fe0637d4e26aa3b0a9d71a51908bd39 170840 ruby1.9.1-full_1.9.3.194-4_all.deb c407415eca1d947b4b363b343407f4b92dd1bd69c3d8e27b11bab54225f29c9d 171402 ruby1.9.3_1.9.3.194-4_all.deb cff125309353528b24f670b170ae20ea57c3118c413ea8ef148474bf7f212105 207740 ruby1.9.1_1.9.3.194-4_amd64.deb 6adf5bba22608c72cb08184e4e954a782c00731dbc4ad6d96161af3c92d27c20 4414378 libruby1.9.1_1.9.3.194-4_amd64.deb
Bug#693984: libzorpll-dev: fails to upgrade lenny - squeeze - wheezy - trying to overwrite /usr/include/zorp/streamblob.h
Package: libzorpll-dev Version: 3.3.0.12-4 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Control: affects -1 + libzorp2-dev Hi, during a test with piuparts I noticed your package fails to upgrade from 'lenny' to 'squeeze' to 'wheezy'. It installed fine in 'lenny', and upgraded to 'squeeze' successfully, but then the upgrade to 'wheezy' failed because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at http://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces From the attached log (scroll to the bottom...): Preparing to replace libzorpll-dev 3.0.6.4.2+nmu1 (using .../libzorpll-dev_3.3.0.12-4_amd64.deb) ... Unpacking replacement libzorpll-dev ... dpkg: error processing /var/cache/apt/archives/libzorpll-dev_3.3.0.12-4_amd64.deb (--unpack): trying to overwrite '/usr/include/zorp/streamblob.h', which is also in package libzorp2-dev 3.0.8-0.5 dpkg-deb: subprocess paste killed by signal (Broken pipe) As libzorp2-dev is in lenny only, adding unversioned Breaks: libzorp2-dev Replaces: libzorp2-dev to libzorpll-dev should be sufficient to get rid of the ancient package. cheers, Andreas libzorp2-dev_None.log.gz Description: GNU Zip compressed data
Bug#693990: owncloud: multiple security issues
Source: owncloud Severity: grave Tags: security The new upstream release 4.0.9 / 4.5.2 fixes multiple security issues. From the changelog[1]: [1] http://owncloud.org/changelog/ Version 4.0.9 Nov 14th 2012 Several critical security fixes Multiple XSS vulnerabilities (oC-SA-2012-001) Timing attack in the “Lost Password” implementation (oC-SA-2012-002) Code Execution in /lib/migrate.php (oC-SA-2012-004) Code Execution in /lib/filesystem.php (oC-SA-2012-005) More details seem to be available here: http://owncloud.org/security/advisories/oC-SA-2012-001 http://owncloud.org/security/advisories/oC-SA-2012-002 http://owncloud.org/security/advisories/oC-SA-2012-004 http://owncloud.org/security/advisories/oC-SA-2012-005 Please also update the version in wheezy if necessary. Ansgar -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692317: dh-autoreconf_clean deletes unrelated files (due to spaces?)
Hi Julian On Wed, Nov 07, 2012 at 04:49:26PM +0100, Julian Andres Klode wrote: Control: tag -1 pending [...] Fixed in git. (Note: I'm not part of the Release Team). I noticed this bug during looking at current open RC bugs for wheezy: Can you upload the package to unstable? Note that the allowed changes during the wheezy freeze where strenghten a bit already[1], but the changes in git should all be fine. [1]: http://release.debian.org/wheezy/freeze_policy.html Regards, Salvatore signature.asc Description: Digital signature
Bug#692650: Patches for CVE-2012-5783 and CVE-2012-5784
Hi Mike, I don't understand what you expect from me. I've uploaded the patches to the BTS, I don't know what next steep is. I suppose a maintainer would pick it from there. If there's something I can do let me know. Thanks, Alberto El jue, 22-11-2012 a las 04:00 -0500, Michael Gilbert escribió: I've backported the routine to validate certificate name, and I've made a patch (attached). I'm not sure it's a good idea apply the patch, it can break programs that connect with bad hostnames (ips, host in /etc/hostname, etc) Would you mind getting your patches for these issues reviewed and applied by the appropriate upstreams? Thanks, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: reassign 678531 to midgard2-core, fixed 678531 in midgard2-core/10.05.7.1-1
Processing commands for cont...@bugs.debian.org:
# The BTS thinks this RC bug affects php5-midgard2, preventing it from
archiving
# reassigned (etc.) as needed
reassign 678531 midgard2-core
Bug #678531 {Done: Piotr Pokora piotrek.pok...@gmail.com} [php5-midgard2]
midgard2.so: undefined symbol: midgard_sql_query_constraint_get_holder
Bug reassigned from package 'php5-midgard2' to 'midgard2-core'.
No longer marked as found in versions php5-midgard2/10.05.7-1.
No longer marked as fixed in versions midgard2-core/10.05.7.1-1.
fixed 678531 midgard2-core/10.05.7.1-1
Bug #678531 {Done: Piotr Pokora piotrek.pok...@gmail.com} [midgard2-core]
midgard2.so: undefined symbol: midgard_sql_query_constraint_get_holder
Marked as fixed in versions midgard2-core/10.05.7.1-1.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
678531: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678531
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693994: redmine: Fails to install: Redmine requires Bundler. Please install it with `gem install bundler`.
Package: redmine Version: 1.4.4+dfsg1-1 Severity: grave Justification: renders package unusable In Wheezy, initially installing redmine as well as reconfiguring it afterwards aborts as follows: [...] dbconfig-common: writing config to /etc/dbconfig-common/redmine/instances/default.conf Creating config file /etc/dbconfig-common/redmine/instances/default.conf with new version Creating config file /etc/redmine/default/database.yml.new with new version creating database redmine_default: success. verifying database redmine_default exists: success. Creating config file /etc/redmine/default/database.yml with new version Redmine requires Bundler. Please install it with `gem install bundler`. dpkg: error processing redmine (--configure): subprocess installed post-installation script returned error exit status 1 Setting up libelf1 (0.152-1+wheezy1) ... Setting up ruby-hmac (0.4.0-3) ... Setting up ruby-openid (2.1.8debian-5) ... Setting up ruby-rmagick (2.13.1-6) ... Setting up rubygems-integration (1.1) ... Errors were encountered while processing: redmine [master e087ff5] committing changes in /etc after apt run 6 files changed, 172 insertions(+) create mode 100644 bash_completion.d/rake create mode 100644 dbconfig-common/config create mode 100644 dbconfig-common/redmine/instances/default.conf create mode 100644 logrotate.d/redmine create mode 100644 redmine/default/database.yml E: Sub-process /usr/bin/dpkg returned an error code (1) A package failed to install. Trying to recover: Setting up redmine (1.4.4+dfsg1-1) ... dbconfig-common: writing config to /etc/dbconfig-common/redmine/instances/default.conf Creating config file /etc/redmine/default/database.yml.new with new version creating database redmine_default: already exists. Redmine requires Bundler. Please install it with `gem install bundler`. dpkg: error processing redmine (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: redmine # dpkg --configure --pending Setting up redmine (1.4.4+dfsg1-1) ... dbconfig-common: writing config to /etc/dbconfig-common/redmine/instances/default.conf Creating config file /etc/redmine/default/database.yml.new with new version creating database redmine_default: already exists. Redmine requires Bundler. Please install it with `gem install bundler`. dpkg: error processing redmine (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: redmine Enabling the set -x and RAKE_VERBOSE=true shows the following output: [...] + ucf --purge /etc/redmine/default/database.yml.new + [ -e /etc/redmine/default/database.yml.new ] + grep -m 1 -o -E adapter: (mysql|pgsql|sqlite3|postgresql) /etc/redmine/default/database.yml.new + hasdb=adapter: sqlite3 + [ -n adapter: sqlite3 ] + echo -n sqlite3 + hasdb=sqlite3 + withdb=1 + sed -i -r -e s/^[^#]+((host|port|username|password): [^:]*)$/# \1/g /etc/redmine/default/database.yml.new + ucf --debconf-ok /etc/redmine/default/database.yml.new /etc/redmine/default/database.yml + rm -f /etc/redmine/default/database.yml.new + mkdir -p /var/log/redmine/default + mkdir -p /var/lib/redmine/default + mkdir -p /var/lib/redmine/default/files + mkdir -p /var/cache/redmine/default + mkdir -p /var/cache/redmine/default/plugin_assets + chmod 750 /var/log/redmine/default + chmod 750 /var/lib/redmine/default + chmod 755 /var/cache/redmine/default + chmod 755 /var/cache/redmine/default/plugin_assets + chown -f www-data:www-data /var/log/redmine/default + chown -f www-data:www-data /var/lib/redmine/default + chown -f www-data:www-data /var/lib/redmine/default/files + chown -f www-data:www-data /var/cache/redmine/default + chown -f www-data:www-data /var/cache/redmine/default/plugin_assets + pwd + savedir=/root + cd /usr/share/redmine + [ -f db/schema.db ] + [ -e /etc/redmine/default/email.yml -a ! -e /etc/redmine/default/configuration.yml ] + [ ! -f /etc/redmine/default/session.yml ] + rake -s generate_session_store YML_SESSION_FILENAME=session.yml.new RAILS_ENV=production X_DEBIAN_SITEID=default Redmine requires Bundler. Please install it with `gem install bundler`. + true + chown -f root:www-data /etc/redmine/default/session.yml.new dpkg: error processing redmine (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: redmine Nevertheless it doesn't seem to be a missing dependency. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing'), (200, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.4-trunk-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages redmine depends on: ii bundler 1.1.4-6 ii dbconfig-common
Processed: No bug in squeeze
Processing commands for cont...@bugs.debian.org:
notfound 623500 nordugrid-arc-nox/1.1.0~rc6-2.1
Bug #623500 {Done: Mattias Ellert mattias.ell...@fysast.uu.se}
[nordugrid-arc-nox] nordugrid-arc-nox: FTBFS (conditional expression between
distinct pointer types 'stack_st_X509*' and 'stack_st_X509**' lacks a cast')
No longer marked as found in versions nordugrid-arc-nox/1.1.0~rc6-2.1.
stop
Stopping processing here.
Please contact me if you need assistance.
--
623500: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623500
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#693885: GFDL licence problem
Hello Ansgar, Alexey Balakin, the upstream author of mathgl, has prepared a new incremental upstream version 1.11.3, after my relevant request (actually I requested that before asking Sebastien which might have not been technically appropriate). My request was based on the need for a change in some documentation license statements. Alexey conformed with this request in the new version. He also added minor changes and bug fixes. A few months ago Alexey had asked me whether it would be useful for Debian to have a new upstream version in the line of the 1.11 series, with minor changes that he had in mind to implement. Not having serious bugs for mathgl in testing at the time, i discouraged him from doing so. I encouraged him to concentrate on version 2.* which had also been shaped up and been worked on at the time. I will quickly check the usability of version 1.11.3. I cannot check every aspect of it. If I find no serious drawbacks, I would like to have it in testing, such that the efforts of the upstream author for Debian are rewarded. Is it technically impossible at this time of the release cycle to have version 1.11.3 in testing? If the answer to the question is yes, then I will just change the debian/copyright file with a reference to a svn commit in the mathgl upstream repository. Best regards Dimitris Στις Πεμ 22 Νοε 2012 20:56:54 mathgl.abala...@gmail.com γράψατε: Hi, I've just upload v.1.11.3 with few minor changes (you can see it by diff): - Changes in documentation license - Make DefColor() to be public function - Bugfix for using ids in mglData - More accurate ticks and grid-lines drawing - Bugfix for QuadPlot() memory access - Changes for novel zlib - Improve text drawing in OpenGL mode - Allow inverse (negative) ticks - Corrections in documentation In fact there are only 3 more or less important changes -- change of documentation license, bugfix for mglData, and using interface for new version of zlib. I think this will be the last version in 1.* branch. Dimitrios Eftaxiopoulos eftax...@otenet.gr writes: Should I make release 1.11.3 with new text (and with minor changes)? Definitely yes if you can. This has to be done in a short time from now so that we can manage to have the full 1.11.* source in the upcoming stable release. That way we will upload the whole source, including the documentation, and the packages will be included in the upcoming stable release. Otherwise we will make a new upload of 1.11.2 with a new source not including the documentation in it. At this stage in the Wheezy freeze process, a new upstream release will probably not be accepted. I think that having a public statement by the upstream author that he has relicensed the manual is enough for us. I am going to check that with Debian FTPmasters. -- .''`.Sébastien Villemot : :' :Debian Developer `. `' http://www.dynare.org/sebastien `- GPG Key: 4096R/381A7594 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: severity of 690828 is important
Processing commands for cont...@bugs.debian.org: # control@ missed the first time? severity 690828 important Bug #690828 [src:csound] csound: FTBFS on all architectures Severity set to 'important' from 'serious' thanks Stopping processing here. Please contact me if you need assistance. -- 690828: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690828 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#682752: marked as done (cups-filters: debian/copyright is misleading/incomplete)
Your message dated Thu, 22 Nov 2012 20:47:37 + with message-id e1tbdgp-ay...@franck.debian.org and subject line Bug#682752: fixed in cups-filters 1.0.18-2.1 has caused the Debian Bug report #682752, regarding cups-filters: debian/copyright is misleading/incomplete to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 682752: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682752 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: cups-filters Version: 1.0.18-2 Severity: serious Justification: Policy 12.5 While casually looking through a few randomly selected debian/copyright files, I noticed that the copyright file for cups-filters is seriously misleading and incomplete. For example, it lists the Debian maintainer as the copyright owner of install-sh, configure, CHANGES.txt and a few others, with GPL-2+ as the license. At least install-sh is wrong in that list, as it is not under the GPL-2, and was written by Apple/MIT. The licenses of files under filter/fontembed are not documented at all, nor is filter/PDFError.h. I have not checked further than these, but this is already enough to report a serious bug, as licenses for *all* files must be properly documented, and not misattributed. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: cups-filters Source-Version: 1.0.18-2.1 We believe that the bug you reported is fixed in the latest version of cups-filters, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 682...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. gregor herrmann gre...@debian.org (supplier of updated cups-filters package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 20 Nov 2012 20:37:41 +0100 Source: cups-filters Binary: libcupsfilters1 cups-filters libcupsfilters-dev Architecture: source amd64 Version: 1.0.18-2.1 Distribution: unstable Urgency: low Maintainer: Debian CUPS Maintainers pkg-cups-de...@lists.alioth.debian.org Changed-By: gregor herrmann gre...@debian.org Description: cups-filters - OpenPrinting CUPS Filters libcupsfilters-dev - OpenPrinting CUPS Filters - Development files for the library libcupsfilters1 - OpenPrinting CUPS Filters - Shared library Closes: 682752 Changes: cups-filters (1.0.18-2.1) unstable; urgency=low . * Non-maintainer upload. * Fix debian/copyright is misleading/incomplete: try to get it closer to reality. Most of the work was done by Arthur de Jong, thanks. (Closes: #682752) Checksums-Sha1: cbd51aa4bed43246adf3059d39c9c74793e64fbe 2491 cups-filters_1.0.18-2.1.dsc 0da4a75cf9046254ac91f664c24fdf0c105778bc 40462 cups-filters_1.0.18-2.1.debian.tar.gz e2b88fa65174d840e05a4dccd02fcb63fe5f384c 65502 libcupsfilters1_1.0.18-2.1_amd64.deb 6bf75cae907574903b6883dbd141b371c5896b99 389736 cups-filters_1.0.18-2.1_amd64.deb 3b8309c8b411f9242c2b7ad400cede7a327a30c8 76702 libcupsfilters-dev_1.0.18-2.1_amd64.deb Checksums-Sha256: 9d52bdb13b3ceaa762bbf2a5cbb5af0d41620f585be9afb26e8c63b4ca9d1ad3 2491 cups-filters_1.0.18-2.1.dsc b5716b3707660351500a6ff9aa85e93da1a8d69d6659100527843b6eafe45480 40462 cups-filters_1.0.18-2.1.debian.tar.gz 11b3317c42d1936bbafb3a08b76fce0515ae73790ec19f6d606f3daca92383c5 65502 libcupsfilters1_1.0.18-2.1_amd64.deb c616d035bd9808be692577691228e6cd565a9402149cd6a45745ace34496eb9d 389736 cups-filters_1.0.18-2.1_amd64.deb 810e287d9721ac4f241d8bcc123016c66d199f3407c3fbe3f8873100610d7c9e 76702 libcupsfilters-dev_1.0.18-2.1_amd64.deb Files: 6499310c37f06b7dc706fe30049ab2f9 2491 net optional cups-filters_1.0.18-2.1.dsc a44a2e06cbbc37e926be8af017979a80 40462 net optional cups-filters_1.0.18-2.1.debian.tar.gz 141da5ccaab91c9c0638a751acdfd4cc 65502 libs optional libcupsfilters1_1.0.18-2.1_amd64.deb 0df860b9d422a1c1d31211b04a1c5e6a 389736 net optional cups-filters_1.0.18-2.1_amd64.deb 6efb8c6cf6714b992f634b9e3495c37c 76702
Processed: severity of 693753 is serious
Processing commands for cont...@bugs.debian.org: # Policy 3.5 severity 693753 serious Bug #693753 [rapid-photo-downloader] rapid-photo-downloader: missing dependency on python-dbus Severity set to 'serious' from 'important' thanks Stopping processing here. Please contact me if you need assistance. -- 693753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693753 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#590521: marked as done (gtk2-engines-qtcurve: modifies iceweasel configuration file)
control: tags 590521 - unreproducible + pending The way to reproduce is simple: just restart iceweasel.
Processed: Re: Bug#590521: marked as done (gtk2-engines-qtcurve: modifies iceweasel configuration file)
Processing control commands: tags 590521 - unreproducible + pending Bug #590521 [gtk2-engines-qtcurve] gtk2-engines-qtcurve: modifies iceweasel configuration file Removed tag(s) unreproducible. Bug #590521 [gtk2-engines-qtcurve] gtk2-engines-qtcurve: modifies iceweasel configuration file Added tag(s) pending. -- 590521: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590521 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#664754: gnuspool: Progress on gnuspool fix for RC bug removal of gnuspool removes files from lpr
On 09-11-12 18:37, John Collins (Xi Software Ltd) wrote: Sorry I've been unexpectedly in hospital with a PE I'll do my best to attend to it in the next few days. I hope you are recovering well. Any indication on when you want to upload your changes? Make sure they are in line with the freeze policy [1]. If you can not make it into wheezy, please request the removal from wheezy and continue your work in unstable as usual. Paul [1] http://release.debian.org/wheezy/freeze_policy.html signature.asc Description: OpenPGP digital signature
Bug#694006: update-notifier-common: Missing dependency on lsb-release
Package: update-notifier-common Version: 0.99.3debian10 Severity: serious Justification: Policy 3.5 If lsb-release is not installed, /usr/lib/update-notifier/apt_check.py will crap out: # /usr/lib/update-notifier/apt_check.py Traceback (most recent call last): File /usr/lib/update-notifier/apt_check.py, line 15, in module stdout=subprocess.PIPE).communicate()[0].strip() File /usr/lib/python2.7/subprocess.py, line 679, in __init__ errread, errwrite) File /usr/lib/python2.7/subprocess.py, line 1249, in _execute_child raise child_exception OSError: [Errno 2] No such file or directory # -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages update-notifier-common depends on: ii python 2.7.3-3 ii python-apt 0.8.8 Versions of packages update-notifier-common recommends: ii libpam-modules 1.1.3-7.1 update-notifier-common suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#694007: update-notifier-common: Wrong dependency on Ubuntu version of libpam-modules
Package: update-notifier-common Version: 0.99.3debian10 Severity: serious Justification: Policy 3.5 Recommends: libpam-modules (= 1.0.1-9ubuntu3) Even though there's no actual impact as 1.1.3-7.1 1.0.1-9ubuntu3, update-notifier-common still should not recommend an Ubuntu version of libpam-modules. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages update-notifier-common depends on: ii python 2.7.3-3 ii python-apt 0.8.8 Versions of packages update-notifier-common recommends: ii libpam-modules 1.1.3-7.1 update-notifier-common suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#694007: update-notifier-common: Wrong dependency on Ubuntu version of libpam-modules
Processing control commands: severity -1 wishlist Bug #694007 [update-notifier-common] update-notifier-common: Wrong dependency on Ubuntu version of libpam-modules Severity set to 'wishlist' from 'serious' -- 694007: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694007 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#694007: update-notifier-common: Wrong dependency on Ubuntu version of libpam-modules
Control: severity -1 wishlist On Thu, Nov 22, 2012 at 11:15:28PM +0100, Richard Hartmann wrote: Package: update-notifier-common Version: 0.99.3debian10 Severity: serious Justification: Policy 3.5 Recommends: libpam-modules (= 1.0.1-9ubuntu3) Even though there's no actual impact as 1.1.3-7.1 1.0.1-9ubuntu3, update-notifier-common still should not recommend an Ubuntu version of libpam-modules. I do not consider this release critical, but wishlist. Specifying Ubuntu versions is common practice in packages that are merged with Ubuntu, in order to reduce differences (it's not a bug; but a feature). And that's totally OK as long as a larger version exists in Ubuntu. Downgrading to wishlist. On the other hand, we do not need this recommends anymore it seems, as the requested libpam-modules is in stable, and we can thus drop it in jessie. -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#664754: gnuspool: Progress on gnuspool fix for RC bug removal of gnuspool removes files from lpr
On 22/11/12 22:02, Paul Gevers wrote: On 09-11-12 18:37, John Collins (Xi Software Ltd) wrote: Sorry I've been unexpectedly in hospital with a PE I'll do my best to attend to it in the next few days. I hope you are recovering well. Any indication on when you want to upload your changes? Make sure they are in line with the freeze policy [1]. If you can not make it into wheezy, please request the removal from wheezy and continue your work in unstable as usual. Paul [1] http://release.debian.org/wheezy/freeze_policy.html All a bit fraught and the rat poison I have to take makes my head swim a bit. Oh well better than dying I suppose. I think it would be best to take it out of wheezy and we'll work to get it absolutely solid in the next release as I'm doing so much at once I don't want to rush things and make something else fall over. I'd like to get Gnubatch in there as much.as anything as people are using it in anger to a much higher degree. Also another thing I'm halfway through doing is changing all the manuals to avoid OpenOffice (and correcting a good few lies I've found in them!). -- *John Collins* j...@xisl.com *Xi Software Ltd* www.xisl.com http://www.xisl.com Phone: +44 (0)1707 886110 Home Phone: +44 (0)1707 883174 Mobile: +44 (0)7958 387247 (toadwar...@gmail.com) *Trading Address* 3 Mandeville Rise, Welwyn Garden City, Herts, AL8 7JT, UK Registered in England Company Number 01977148 VAT GB 403 9239 64 R/O: 2 Mill Road, Haverhill, Suffolk, CB9 8BD
Bug#694006: update-notifier-common: Missing dependency on lsb-release
Control: tag -1 confirmed pending On Thu, Nov 22, 2012 at 11:08:28PM +0100, Richard Hartmann wrote: Package: update-notifier-common Version: 0.99.3debian10 Severity: serious Justification: Policy 3.5 If lsb-release is not installed, /usr/lib/update-notifier/apt_check.py will crap out: # /usr/lib/update-notifier/apt_check.py Traceback (most recent call last): File /usr/lib/update-notifier/apt_check.py, line 15, in module stdout=subprocess.PIPE).communicate()[0].strip() File /usr/lib/python2.7/subprocess.py, line 679, in __init__ errread, errwrite) File /usr/lib/python2.7/subprocess.py, line 1249, in _execute_child raise child_exception OSError: [Errno 2] No such file or directory # I have fixed this in bzr, and will upload it tomorrow. -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. pgpEBGNKvI2Db.pgp Description: PGP signature
Bug#590521: marked as done (gtk2-engines-qtcurve: modifies iceweasel configuration file)
Your message dated Thu, 22 Nov 2012 22:32:26 +
with message-id e1tbfjq-0006kn...@franck.debian.org
and subject line Bug#590521: fixed in gtk2-engines-qtcurve 1.8.15-4
has caused the Debian Bug report #590521,
regarding gtk2-engines-qtcurve: modifies iceweasel configuration file
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
590521: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590521
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: gtk2-engines-qtcurve
Version: 1.5.1-1
Severity: serious
Justification: squeeze RC policy section 3
The ~/.mozilla/firefox/*.default/chrome/userChrome.css file contains
the following snippet:
menubar menu { color: #141312 !important; } menubar
menu[_moz-menuactive=true][open=false] { color: #141312 !important;
} menubar menu[_moz-menuactive=true][open=true] { color: #141312
!important; } /* MenuColors, Added by QtCurve -- do not remove */
Modifying another package's configuration file (except by an agreed
upon API) is a severe violation of the Debian policy.
Please stop adding the above snippet to userChrome.css. Please remove
the snippets from the files they were added to or notify the affected
users that they should do so manually.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing'), (400, 'unstable'), (300, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.34-00165-gdab319b (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages gtk2-engines-qtcurve depends on:
ii libatk1.0-0 1.30.0-1 The ATK accessibility toolkit
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libcairo2 1.8.10-4 The Cairo 2D vector graphics libra
ii libfontconfig12.8.0-2.1 generic font configuration library
ii libfreetype6 2.4.0-2FreeType 2 font engine, shared lib
ii libglib2.0-0 2.24.1-1 The GLib library of C routines
ii libgtk2.0-0 2.20.1-1 The GTK+ graphical user interface
ii libpango1.0-0 1.28.1-1 Layout and rendering of internatio
gtk2-engines-qtcurve recommends no packages.
Versions of packages gtk2-engines-qtcurve suggests:
pn kde-style-qtcurve none (no description available)
-- no debconf information
---End Message---
---BeginMessage---
Source: gtk2-engines-qtcurve
Source-Version: 1.8.15-4
We believe that the bug you reported is fixed in the latest version of
gtk2-engines-qtcurve, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 590...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Boris Pek tehnic...@mail.ru (supplier of updated gtk2-engines-qtcurve package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 23 Nov 2012 00:10:24 +0200
Source: gtk2-engines-qtcurve
Binary: gtk2-engines-qtcurve
Architecture: source i386
Version: 1.8.15-4
Distribution: unstable
Urgency: low
Maintainer: Boris Pek tehnic...@mail.ru
Changed-By: Boris Pek tehnic...@mail.ru
Description:
gtk2-engines-qtcurve - This is a set of widget styles for Gtk2 based apps
Closes: 590521
Changes:
gtk2-engines-qtcurve (1.8.15-4) unstable; urgency=low
.
* Add debian/patches/do-not-change-mozilla-css-settings:
do not change files ~/.mozilla/firefox/*.default/chrome/userChrome.css
(Closes: #590521)
Checksums-Sha1:
2abdc142bd87c54e910ccddcad0485ba2dcc1059 2046 gtk2-engines-qtcurve_1.8.15-4.dsc
df2423f68febbab5015e3cebc3ee553fce7727e3 5529
gtk2-engines-qtcurve_1.8.15-4.debian.tar.gz
503b96ffa1f863df80d56d3a566a07a38ead603b 214228
gtk2-engines-qtcurve_1.8.15-4_i386.deb
Checksums-Sha256:
412ac6658808d0b32d410abdea359989c6027df71c490e522af7a56c2fba4a14 2046
gtk2-engines-qtcurve_1.8.15-4.dsc
509278e14bb57b48e7c71e6a1ee4577beb291dc083a6babd2471e64517cc9de4 5529
gtk2-engines-qtcurve_1.8.15-4.debian.tar.gz
dc11f7a3425e36acc233ffde2c65d9440c9c5c144ab61f475c25bca398820b1e 214228
gtk2-engines-qtcurve_1.8.15-4_i386.deb
Files:
ca3c309f6fa8b99f32e8923f21d73a78 2046 gnome
Processed: Re: Bug#694006: update-notifier-common: Missing dependency on lsb-release
Processing control commands: tag -1 confirmed pending Bug #694006 [update-notifier-common] update-notifier-common: Missing dependency on lsb-release Added tag(s) confirmed and pending. -- 694006: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694006 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692317: marked as done (dh-autoreconf_clean deletes unrelated files (due to spaces?))
Your message dated Thu, 22 Nov 2012 22:47:25 + with message-id e1tbfyl-0006ea...@franck.debian.org and subject line Bug#692317: fixed in dh-autoreconf 7 has caused the Debian Bug report #692317, regarding dh-autoreconf_clean deletes unrelated files (due to spaces?) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 692317: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692317 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: dh-autoreconf Version: 6 Severity: grave Justification: causes non-serious data loss Dear Debian folks, doing $ git clone git://git.gnome.org/evolution # leave out history by adding `--depth 1` $ git checkout gnome-3-4 $ ./autogen.sh $ cd .. $ git svn clone svn://anonscm.debian.org/svn/pkg-evolution/unstable/evolution evolution-debian $ cd evolution $ ln -s ../evolution-debian/debian debian $ dch $ debuild -b -us -uc # just build binary packages the file `mail/mail-autoconfig/gmail.com` is deleted when `dh_autoreconf_clean` is run. The deleted files do not show up when comparing `autoreconf.before` and `autoreconf.after`. $ diff -u debian/autoreconf.before debian/autoreconf.after --- autoreconf.before 2012-11-02 14:48:32.432290260 +0100 +++ autoreconf.after2012-11-02 14:49:22.214684821 +0100 @@ -19,14 +19,14 @@ 4e2c1f37327f97f453319eb72eb5cb36 ./m4/visibility.m4 669ca5165f0efe0c7113051e438a2879 ./m4/wchar_t.m4 2875005749c1989cdec2e53a8af9795f ./m4/xsize.m4 +122529c078565850c5e52a9cf371974d ./m4/intltool.m4 +906048948cfd91807c29f0e81d09a69f ./m4/gtk-doc.m4 +a9ebc12cd611eb9024fc8219f26d00b2 ./m4/gnome-doc-utils.m4 e64c9570dc02541f6d911d282f3cfdb4 ./m4/libtool.m4 67d5ebceaac562ddf0dde4e5cdffbe09 ./m4/ltoptions.m4 bc2f6032c98896249eadb56177c7d357 ./m4/ltsugar.m4 91dd5e1355d100dbdab7d71244ed2625 ./m4/ltversion.m4 47d420a13f9ba4e171772c3e3eee3e63 ./m4/lt~obsolete.m4 -122529c078565850c5e52a9cf371974d ./m4/intltool.m4 -906048948cfd91807c29f0e81d09a69f ./m4/gtk-doc.m4 -a9ebc12cd611eb9024fc8219f26d00b2 ./m4/gnome-doc-utils.m4 432508be059cd84536a9d1ea610ca54b ./m4/Makefile.in 63141118a332dfa04cd26bcf8d7c7173 ./m4/codeset.m4 dab0e2ad4943514530c50faef831db6a ./m4/gettext.m4 @@ -914,6 +914,7 @@ 465182d6d4919f547b642876a1cbf817 ./mail/em-account-editor.h 51a467dbc1abf32e81c014fc7d8642a2 ./mail/em-sync-stream.h 002d4bf5bcae1a7574a8336d9aa71c3a ./mail/e-mail-tag-editor.h +15bef0b9e58ca499cba810d4a20e46d3 ./mail/Makefile.in e0846ac101fdaada8d85bba6f4366b04 ./mail/e-mail-account-manager.c ea1dc9ce879203c9a5c95830aa40e1f3 ./mail/e-mail-migrate.c d3195e091f3d2204deec492d1fd84666 ./mail/e-mail-paned-view.h @@ -954,7 +955,6 @@ 6119c599b1393a791ae776e05bfbbb1d ./mail/Makefile.am d595450a3d664402ad1a8bd530bdcbc3 ./mail/em-config.h f3d2a5d093e1ab29539feeddac51c9e5 ./mail/mail-send-recv.c -15bef0b9e58ca499cba810d4a20e46d3 ./mail/Makefile.in 9b65ec3bd1248cdf05a1a8398588b75b ./mail/mail-send-recv.h d0c0c5f4ed5409ea63f8c334c3d2d03a ./mail/em-format-html-print.h c57610cb21c8d7f955c20b8431ddc31d ./mail/mail-dialogs.ui @@ -1584,6 +1584,7 @@ 5d1299da431fd567a19f07c156046242 ./calendar/gui/e-calendar-view.h efd406335e788b0156f052a148cd3feb ./calendar/gui/ea-cal-view-event.c 43c66438766e304be22ebb858a03686b ./calendar/gui/ea-cal-view-event.h +2ca739faf848c5e9331d9f89c5af1d3b ./calendar/gui/Makefile.in de9e0433e98c99ec6c32bb9f1cbd5885 ./calendar/gui/comp-util.c 52d8e80f050ce80bae6c0b9b0453e836 ./calendar/gui/e-date-time-list.c d88710889e02162a755c1d42ca253d92 ./calendar/gui/e-date-time-list.h @@ -1612,7 +1613,6 @@ a115f51bce06a06a8025274cf2b33fc3 ./calendar/gui/e-memo-list-selector.c d2aae0bb3a92bbba24f9034fb9209dbc ./calendar/gui/e-memo-list-selector.h 5a2250ce3ea0eabbe034fefe184d4bd1 ./calendar/gui/misc.c -2ca739faf848c5e9331d9f89c5af1d3b ./calendar/gui/Makefile.in 17d4bcb0921f4e43c0ca677a27dab2bf ./calendar/gui/e-week-view-main-item.c a49a3b6675f985353aa535ad0ce5b0ce ./calendar/gui/e-week-view-main-item.h 36abe7a0a2bdb5b36ea6ca80ea93dd2d ./calendar/gui/ea-calendar.c @@ -1835,12 +1835,12 @@
Bug#692650: Patches for CVE-2012-5783 and CVE-2012-5784
El jue, 22-11-2012 a las 04:00 -0500, Michael Gilbert escribió: I've backported the routine to validate certificate name, and I've made a patch (attached). I'm not sure it's a good idea apply the patch, it can break programs that connect with bad hostnames (ips, host in /etc/hostname, etc) Would you mind getting your patches for these issues reviewed and applied by the appropriate upstreams? Thanks, Mike Hi Mike I've read your tip again. Sorry for not understanding in the first time. I'll prepare the patch again upstream, and post it on their BTS. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: found 663388 in 0.20.1-2.1
Processing commands for cont...@bugs.debian.org: found 663388 0.20.1-2.1 Bug #663388 [gnustep-back-common] gnustep-back-common: unowned files after purge (policy 6.8, 10.8) violating FHS (policy 9.1) too Marked as found in versions gnustep-back/0.20.1-2.1. thanks Stopping processing here. Please contact me if you need assistance. -- 663388: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663388 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692650: patch
patch posted upstream: https://issues.apache.org/jira/browse/AXIS-2883 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#694030: skytools3: FTBFS: unsatisfiable build-dependency: postgresql-server-dev-8.4
Source: skytools3 Version: 3.0~rc1-2 Severity: serious Justification: FTBFS postgresql-server-dev-8.4 is not provided from postgresql-8.4 8.4.12-2. Regards, -- Hiroyuki Yamamoto A75D B285 7050 4BF9 AEDA 91AC 3A10 59C6 5203 04DC -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: tagging 693753
Processing commands for cont...@bugs.debian.org: tags 693753 + pending Bug #693753 [rapid-photo-downloader] rapid-photo-downloader: missing dependency on python-dbus Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 693753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693753 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
