Bug#581999: rinputd fails to install

[Ralf Treinen]

On Sat, Feb 23, 2013 at 01:53:19PM -0800, Vagrant Cascadian wrote:
> On Sat, Feb 23, 2013 at 10:17:32AM +0100, Ralf Treinen wrote:
> > On Fri, Feb 22, 2013 at 04:09:01PM -0800, Vagrant Cascadian wrote:
> > 
> > > I haven't tested the following patch, but it should essentially resolve 
> > > the
> > > issue.
> > 
> > Shouldn't one keep checking that the user doesn't enter empty values
> > for USER and PASS ? I was thinking of a patch like this one:
> > 
> > -
> > 
> > --- config  2013-02-23 10:11:45.0 +0100
> > +++ config.orig 2013-02-23 10:08:49.0 +0100
> > @@ -2,6 +2,8 @@
> >  
> >  set -e
> >  
> > +[ `echo $DEBIAN_FRONTEND | tr '[:upper:]' '[:lower:]'` = "noninteractive" 
> > ] && exit 0
> > +
> >  . /usr/share/debconf/confmodule
> >  
> >  db_beginblock
> > @@ -11,11 +13,8 @@
> >  
> >  db_go
> >  
> > -USER=rinput
> >  db_get rinputd/username
> >  USER="$RET"
> > -
> > -PASS=DEFAULTPASSWD
> >  db_get rinputd/passwd
> >  PASS="$RET"
> > 
> > 
> 
> That will still overwrite it with an empty value...
> 
> probably something more like:
> 
>   db_get rinput/passwd
>   PASS="$RET"
> 
>   if [ -z "$PASS" ]; then
> db_set rinput/passwd "DEFAULTPASSWD"
>   fi

The idea was of course th eleave the loop that was in the original
config script, which in the interactive case would succeed only when
the iser has entered valid values.

Anyway, it seems I won't have time to do an NMU in the next days so if
you want to do it please go ahead.

-Ralf.


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701224: Safely prevent adverse impact if im-switch was removed but not purged

[Gunnar Hjalmarsson]

On 2013-02-26 15:10, Osamu Aoki wrote:
> On Sat, Feb 23, 2013 at 10:11:19PM +0100, Gunnar Hjalmarsson wrote:
>> As Iain Lane pointed out at the Ubuntu bug report, if im-config deletes
>> the file, and the user at a later point of time decides to go back to
>> im-switch (for some reason), 80im-switch won't be reinstalled, and the
>> user is faced with an issue that may be hard to track down.
> 
> I think 80im-switch get installed but ... let's not argue this point
> now.

No need to argue, really.

$ ll /etc/X11/Xsession.d/80im-switch
-rwxr-xr-x 1 root root 2353 nov  7 21:00 /etc/X11/Xsession.d/80im-switch*
$ sudo dpkg -r im-switch
(Reading database ... 545778 files and directories currently installed.)
Removing im-switch ...
...
$ sudo rm /etc/X11/Xsession.d/80im-switch
$ sudo apt-get install im-switch
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed
  im-switch
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/16,6 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Selecting previously unselected package im-switch.
(Reading database ... 545770 files and directories currently installed.)
Unpacking im-switch (from .../im-switch_1.22ubuntu2.1_all.deb) ...
...
$ ll /etc/X11/Xsession.d/80im-switch
ls: cannot access /etc/X11/Xsession.d/80im-switch: No such file or directory

> So I modified a bit but in the same spirit :-)
> I echo to STDERR.

And on the Ubuntu side we are now happy with debian/postinst in version
0.21, except that we want a supplementary condition to be met to edit
80im-switch. Will get back to you about it later on in a private mail.

Thanks!

-- 
Gunnar Hjalmarsson
https://launchpad.net/~gunnarhj


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#701115: owncloud: multiple vulnerabilities (oC-SA-2013-003, oC-SA-2013-004, oC-SA-2013-006)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 701115 + patch
Bug #701115 [owncloud] owncloud: multiple vulnerabilities (oC-SA-2013-003, 
oC-SA-2013-004, oC-SA-2013-006)
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701115: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701115
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#701781: closed by Ben Hutchings (Re: Bug#701781: linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module)

[Debian Bug Tracking System]

Processing control commands:

> reopen -1
Bug #701781 {Done: Ben Hutchings } [linux-2.6] 
linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module
Bug reopened
Ignoring request to alter fixed versions of bug #701781 to the same values 
previously set
> reassign -1 flash-kernel
Bug #701781 [linux-2.6] linux-image-2.6.32-5-kirkwood: Cannot load usbcore 
kernel module
Bug reassigned from package 'linux-2.6' to 'flash-kernel'.
No longer marked as found in versions 2.6.32-48squeeze1.
Ignoring request to alter fixed versions of bug #701781 to the same values 
previously set
> forcemerge 656877 -1
Bug #656877 [flash-kernel] flash-kernel is not being run for kernel upgrades 
with unchanged ABI version
Bug #673418 [flash-kernel] flash-kernel is not being run for kernel upgrades 
with unchanged ABI version
Bug #701781 [flash-kernel] linux-image-2.6.32-5-kirkwood: Cannot load usbcore 
kernel module
Severity set to 'grave' from 'critical'
Marked as found in versions flash-kernel/2.37.
Bug #673418 [flash-kernel] flash-kernel is not being run for kernel upgrades 
with unchanged ABI version
Merged 656877 673418 701781

-- 
656877: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656877
673418: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673418
701781: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701781
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701781: closed by Ben Hutchings (Re: Bug#701781: linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module)

[Ben Hutchings]

Control: reopen -1
Control: reassign -1 flash-kernel
Control: forcemerge 656877 -1

On Wed, 2013-02-27 at 15:04 +1100, Peter Barker wrote:
> Thanks Ben for quick response,
> 
>  
> 
> It would be good if the post-install script could update flash on
> hardware where this is necessary, so we could just do normal apt-get
> upgrade. I don't know if this is possible.

It runs all the scripts under /etc/kernel/postinst.d, which should cover
this.

Well, sorry, the flash-kernel package is *supposed* to do this but it
seems that it is still broken in squeeze.  I'm reopening this and
hopefully you'll hear when that gets fixed.

Ben.

-- 
Ben Hutchings
Never attribute to conspiracy what can adequately be explained by stupidity.


signature.asc
Description: This is a digitally signed message part

Processed: severity of 656877 is grave

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # Seriously WTF
> severity 656877 grave
Bug #656877 [flash-kernel] flash-kernel is not being run for kernel upgrades 
with unchanged ABI version
Bug #673418 [flash-kernel] flash-kernel is not being run for kernel upgrades 
with unchanged ABI version
Severity set to 'grave' from 'important'
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
656877: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656877
673418: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673418
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701779: Clarification

[Jon Bernard]

* Glenn McGrath  wrote:
> The previous fix was fro the debian files in ust-2.1.1 source package, then
> you can rebuild ltt-control (unchanged) and all the debs install.

Yep, you're right. UST's install file is incorrect.  I'm not sure how this one
slipped by me, I test the install prior to upload in what I thought to be
a clean environment... I suppose that needs some looking into.

Nice catch, thanks for reporting this.  I'll get a fix uploaded shortly.

-- 
Jon


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701781: closed by Ben Hutchings (Re: Bug#701781: linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module)

[Peter Barker]

Thanks Ben for quick response,

It would be good if the post-install script could update flash on hardware 
where this is necessary, so we could just do normal apt-get upgrade. I don't 
know if this is possible.

Regards,
Peter Barker

On Wed, 27 Feb 2013 02:12:04 AM you wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the linux-2.6 package:
> 
> #701781: linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module
> 
> It has been closed by Ben Hutchings .
> 
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Ben Hutchings
>  by replying to this email.

Processed: tagging 701784

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 701784 + pending
Bug #701784 [src:linux] virtio-rng only returns zeros
Ignoring request to alter tags of bug #701784 to the same tags previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701784: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701784
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: tagging 701784

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 701784 + pending
Bug #701784 [src:linux] virtio-rng only returns zeros
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701784: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701784
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701784: virtio-rng only returns zeros

[Ben Hutchings]

Package: src:linux
Version: 3.2.35-1
Severity: serious
X-Debbugs-Cc: Aurelien Jarno 

 Forwarded Message 
From: Rusty Russell 
To: Aurelien Jarno , k...@vger.kernel.org
Cc: Ian Molton , Matt Mackall , 
Herbert Xu , Ben Hutchings , 
Jens Axboe 
Subject: Re: virtio-rng only returns zeros with CONFIG_HW_RANDOM=m
Date: Wed, 27 Feb 2013 10:43:37 +1030

Aurelien Jarno  writes:
> Hi,
>
> I have noticed that virtio-rng only returns zero for kernels >= 2.6.33
> built with CONFIG_HW_RANDOM=m. This is a bit much too predictable for a
> random generator ;-).

Wow.  Fortunately, all of SLES, RHEL, Ubuntu or Fedora set
CONFIG_HW_RANDOM=y.  What do they know that we don't?

Oops, looks like Debian testing: config-3.2.0-4-amd64:CONFIG_HW_RANDOM=m

> The reason for that is virtio expects guest real addresses, while
> rng_core.ko (ie when built as a module) is passing a vmalloced buffer 
> to the virtio-rng read function, declared as such:
>
>   static u8 rng_buffer[SMP_CACHE_BYTES < 32 ? 32 : SMP_CACHE_BYTES]
>   __cacheline_aligned;

Yuck...  It would be nice if this has oopsed.  Jens, what about this patch?

Cheers,
Rusty.

Subject: scatterlist: sg_set_buf() argument must be in linear mapping.

Signed-off-by: Rusty Russell 

diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
index 4bd6c06..9365375 100644
--- a/include/linux/scatterlist.h
+++ b/include/linux/scatterlist.h
@@ -111,6 +111,9 @@ static inline struct page *sg_page(struct scatterlist *sg)
 static inline void sg_set_buf(struct scatterlist *sg, const void *buf,
  unsigned int buflen)
 {
+#ifdef CONFIG_DEBUG_SG
+   BUG_ON(!virt_addr_valid(buf));
+#endif
sg_set_page(sg, virt_to_page(buf), buflen, offset_in_page(buf));
 }
 




signature.asc
Description: This is a digitally signed message part

Bug#699743: emms: fails to upgrade lenny -> squeeze -> wheezy: emms-setup.el:96:8:Error: Symbol's value as variable is void: emms-directory

[Arnaud Fontaine]

Hello,

>   Setting up emms (3.0+20110425+1.git298e022-3) ...
>   Installing new version of config file /etc/emacs/site-start.d/50emms.el ...
>   Install w3m-el for emacs
>   Install w3m-el for emacs22
>   install/w3m-el: already byte-compiled for emacs22, skipped
>   Install w3m-el for emacs23
>   install/w3m-el: already byte-compiled for emacs23, skipped
>   Install emacsen-common for emacs22
>   emacsen-common: Handling install of emacsen flavor emacs22
>   Wrote /etc/emacs22/site-start.d/00debian-vars.elc
>   Wrote /usr/share/emacs22/site-lisp/debian-startup.elc
>   Install emacsen-common for emacs23
>   emacsen-common: Handling install of emacsen flavor emacs23
>   Wrote /etc/emacs23/site-start.d/00debian-vars.elc
>   Wrote /usr/share/emacs23/site-lisp/debian-startup.elc
>   Install emms for emacs
>   Install emms for emacs22
>   install/emms: byte-compiling for emacs22, logging in /tmp/elc.QcJFe6Q1Lby7
>   ERROR: install script from emms package failed
>   dpkg: error processing emms (--configure):
>subprocess installed post-installation script returned error exit status 1

I was wrong, sorry about that. After reading carefully the log again and
checking  emms  package,  there  is  actually no  reason  that  emms  is
byte-compiled for emacs22 as it's  not supported since squeeze anyway. I
have attached a patch fixing this issue and built a package[0][1]. Could
you please confirm whether that this fixes the issue? Thanks!

Cheers,
-- 
Arnaud Fontaine

[0] 
http://people.debian.org/~arnau/packages/emms_3.0+20110425+1.git298e022-4.dsc
[1] 
http://people.debian.org/~arnau/packages/emms_3.0+20110425+1.git298e022-4_amd64.deb

diff -uN emms-3.0+20110425+1.git298e022.orig/debian/changelog emms-3.0+20110425+1.git298e022/debian/changelog
--- emms-3.0+20110425+1.git298e022.orig/debian/changelog	2013-02-27 11:45:23.285936262 +0900
+++ emms-3.0+20110425+1.git298e022/debian/changelog	2013-02-27 11:47:03.242937535 +0900
@@ -1,3 +1,13 @@
+emms (3.0+20110425+1.git298e022-4) unstable; urgency=low
+
+  * debian/control:
++ Require emacsen-common >= 2.0.5 because of #693472.
+  * debian/emacsen-install, debian/emacsen-remove:
++ As emacs22 is not supported since squeeze, it must be ignored.
+  Closes: #699743.
+
+ -- Arnaud Fontaine   Wed, 27 Feb 2013 11:25:39 +0900
+
 emms (3.0+20110425+1.git298e022-3) unstable; urgency=low
 
   * debian/control:
diff -uN emms-3.0+20110425+1.git298e022.orig/debian/control emms-3.0+20110425+1.git298e022/debian/control
--- emms-3.0+20110425+1.git298e022.orig/debian/control	2013-02-27 11:45:29.866002178 +0900
+++ emms-3.0+20110425+1.git298e022/debian/control	2013-02-27 11:32:40.614292813 +0900
@@ -14,7 +14,7 @@
 Package: emms
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends},
- emacsen-common,
+ emacsen-common (>= 2.0.5),
  w3m-el | w3m-el-snapshot,
  emacs23 | xemacs21 | emacs-snapshot
 Recommends: vorbis-tools | mpg321 | mplayer | vlc | mpd (>= 0.12.0) | xine-ui
diff -uN emms-3.0+20110425+1.git298e022.orig/debian/emacsen-install emms-3.0+20110425+1.git298e022/debian/emacsen-install
--- emms-3.0+20110425+1.git298e022.orig/debian/emacsen-install	2012-06-07 17:32:35.903138994 +0900
+++ emms-3.0+20110425+1.git298e022/debian/emacsen-install	2013-02-27 11:43:52.157023326 +0900
@@ -8,7 +8,7 @@
 FLAVOR=$1
 PACKAGE=emms
 
-if [ ${FLAVOR} = emacs ] || [ ${FLAVOR} = emacs21 ]; then
+if [ ${FLAVOR} = emacs ] || [ ${FLAVOR} = emacs21 ] || [ ${FLAVOR} = emacs22 ]; then
 exit 0;
 fi
 
diff -uN emms-3.0+20110425+1.git298e022.orig/debian/emacsen-remove emms-3.0+20110425+1.git298e022/debian/emacsen-remove
--- emms-3.0+20110425+1.git298e022.orig/debian/emacsen-remove	2011-11-05 16:19:31.0 +0900
+++ emms-3.0+20110425+1.git298e022/debian/emacsen-remove	2013-02-27 11:44:09.965201736 +0900
@@ -4,7 +4,7 @@
 FLAVOR=$1
 PACKAGE=emms
 
-if [ ${FLAVOR} != emacs ] && [ ${FLAVOR} != emacs21 ]; then
+if [ ${FLAVOR} != emacs ] && [ ${FLAVOR} != emacs21 ] && [ ${FLAVOR} != emacs22 ]; then
 echo remove/${PACKAGE}: purging byte-compiled files for ${FLAVOR}
 rm -rf /usr/share/${FLAVOR}/site-lisp/${PACKAGE}
 fi


pgpshJYMBc7Tj.pgp
Description: PGP signature

Processed: your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 701466 1.9.3.194-7
Bug #701466 {Done: Antonio Terceiro } [ruby1.9.1] 
ruby1.9.1: alternatives priority bump breaks squeeze->wheezy upgrades when 
apt-listbugs is installed
Marked as found in versions ruby1.9.1/1.9.3.194-7.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701466: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701466
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701781: marked as done (linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module)

[Debian Bug Tracking System]

Your message dated Wed, 27 Feb 2013 02:09:50 +
with message-id <20130227020949.gr9...@decadent.org.uk>
and subject line Re: Bug#701781: linux-image-2.6.32-5-kirkwood: Cannot load 
usbcore kernel module
has caused the Debian Bug report #701781,
regarding linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701781: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701781
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: linux-2.6
Version: 2.6.32-48squeeze1
Severity: critical
Justification: breaks unrelated software

When try to insert usbcore module get message
FATAL: Error inserting usbcore 
(/lib/modules/2.6.32-5-kirkwood/kernel/drivers/usb/core/usbcore.ko): Unknown 
symbol in module, or unknown parameter (see dmesg)
syslog shows:
kernel: [  365.043708] usbcore: Unknown symbol current_is_keventd
kernel: [  365.049776] usbcore: Unknown symbol add_device_randomness
So no modules depending on usb can load.

usbcore and dependent modules load when using 
linux-image-2.6.32-5-kirkwood_2.6.32-46_armel.deb, but not with later versions:
linux-image-2.6.32-5-kirkwood_2.6.32-48_armel.deb or
linux-image-2.6.32-5-kirkwood_2.6.32-48squeeze1_armel.deb

Note that using latest linux-base does not affect the problem - an old version 
is installed as I have
to downgrade to linux-image-2.6.32-5-kirkwood_2.6.32-46_armel to use the 
system. I initially saw the
problem with all the latest packages intalled.

-- Package-specific info:
** Version:
Linux version 2.6.32-5-kirkwood (Debian 2.6.32-45) (da...@debian.org) (gcc 
version 4.3.5 (Debian 4.3.5-4) ) #1 Sun May 6 16:57:51 UTC 2012

** Command line:
console=ttyS0,115200 root=/dev/ram initrd=0xa0,0x90 ramdisk=32768

** Not tainted

** Kernel log:
[   25.663305] ata2: SATA link up 3.0 Gbps (SStatus 123 SControl F300)
[   25.70] ata2.00: ATA-8: ST1000NM0011, SN03, max UDMA/133
[   25.709023] ata2.00: 1953525168 sectors, multi 0: LBA48 NCQ (depth 31/32)
[   25.773404] ata2.00: configured for UDMA/133
[   25.778020] scsi 1:0:0:0: Direct-Access ATA  ST1000NM0011 SN03 
PQ: 0 ANSI: 5
[   25.834569] sd 0:0:0:0: [sda] 1953525168 512-byte logical blocks: (1.00 
TB/931 GiB)
[   25.842858] sd 1:0:0:0: [sdb] 1953525168 512-byte logical blocks: (1.00 
TB/931 GiB)
[   25.851801] sd 0:0:0:0: [sda] Write Protect is off
[   25.856658] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[   25.856905] sd 1:0:0:0: [sdb] Write Protect is off
[   25.861727] sd 1:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[   25.861906] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, 
doesn't support DPO or FUA
[   25.871097] sd 1:0:0:0: [sdb] Write cache: enabled, read cache: enabled, 
doesn't support DPO or FUA
[   25.881514]  sda:
[   25.884036]  sdb: sdb1 sdb2 sdb3 < sda1 sda2 sda3 < sdb5 sda5 sdb6 >
[   25.915560]  sda6 >
[   25.921200] sd 1:0:0:0: [sdb] Attached SCSI disk
[   25.931331] sd 0:0:0:0: [sda] Attached SCSI disk
[   26.323601] md: raid1 personality registered for level 1
[   26.351570] mdadm: sending ioctl 1261 to a partition!
[   26.356692] mdadm: sending ioctl 1261 to a partition!
[   26.362367] mdadm: sending ioctl 1261 to a partition!
[   26.367509] mdadm: sending ioctl 1261 to a partition!
[   26.372954] mdadm: sending ioctl 1261 to a partition!
[   26.378112] mdadm: sending ioctl 1261 to a partition!
[   26.383703] mdadm: sending ioctl 1261 to a partition!
[   26.388789] mdadm: sending ioctl 1261 to a partition!
[   26.394854] mdadm: sending ioctl 1261 to a partition!
[   26.399933] mdadm: sending ioctl 1261 to a partition!
[   26.428623] md: md0 stopped.
[   26.451073] md: bind
[   26.463788] md: bind
[   26.473348] raid1: raid set md0 active with 2 out of 2 mirrors
[   26.479354] md0: detected capacity change from 0 to 248500224
[   26.490560]  md0: unknown partition table
[   26.722733] md: md1 stopped.
[   26.735482] md: bind
[   26.746362] md: bind
[   26.765069] raid1: raid set md1 active with 2 out of 2 mirrors
[   26.771072] md1: detected capacity change from 0 to 279957504
[   26.782237]  md1: unknown partition table
[   27.014813] md: md2 stopped.
[   27.036009] md: bind
[   27.039216] md: bind
[   27.057734] raid1: raid set md2 active with 2 out of 2 mirrors
[   27.063854] md2: detected capacity change from 0 to 999172202496
[   27.075301]  md2: unknown partition table
[   27.332238] device-mapper: uevent: version 1.0.3
[   27.339717] device-mapper: ioctl: 4.15.0-ioctl (2009-04-01) initialised: 
dm-de...@redhat.com
[   27.509207] kjournald starting.  Commit interval 5 secon

Bug#701781: linux-image-2.6.32-5-kirkwood: Cannot load usbcore kernel module

[Peter Barker]

Package: linux-2.6
Version: 2.6.32-48squeeze1
Severity: critical
Justification: breaks unrelated software

When try to insert usbcore module get message
FATAL: Error inserting usbcore 
(/lib/modules/2.6.32-5-kirkwood/kernel/drivers/usb/core/usbcore.ko): Unknown 
symbol in module, or unknown parameter (see dmesg)
syslog shows:
kernel: [  365.043708] usbcore: Unknown symbol current_is_keventd
kernel: [  365.049776] usbcore: Unknown symbol add_device_randomness
So no modules depending on usb can load.

usbcore and dependent modules load when using 
linux-image-2.6.32-5-kirkwood_2.6.32-46_armel.deb, but not with later versions:
linux-image-2.6.32-5-kirkwood_2.6.32-48_armel.deb or
linux-image-2.6.32-5-kirkwood_2.6.32-48squeeze1_armel.deb

Note that using latest linux-base does not affect the problem - an old version 
is installed as I have
to downgrade to linux-image-2.6.32-5-kirkwood_2.6.32-46_armel to use the 
system. I initially saw the
problem with all the latest packages intalled.

-- Package-specific info:
** Version:
Linux version 2.6.32-5-kirkwood (Debian 2.6.32-45) (da...@debian.org) (gcc 
version 4.3.5 (Debian 4.3.5-4) ) #1 Sun May 6 16:57:51 UTC 2012

** Command line:
console=ttyS0,115200 root=/dev/ram initrd=0xa0,0x90 ramdisk=32768

** Not tainted

** Kernel log:
[   25.663305] ata2: SATA link up 3.0 Gbps (SStatus 123 SControl F300)
[   25.70] ata2.00: ATA-8: ST1000NM0011, SN03, max UDMA/133
[   25.709023] ata2.00: 1953525168 sectors, multi 0: LBA48 NCQ (depth 31/32)
[   25.773404] ata2.00: configured for UDMA/133
[   25.778020] scsi 1:0:0:0: Direct-Access ATA  ST1000NM0011 SN03 
PQ: 0 ANSI: 5
[   25.834569] sd 0:0:0:0: [sda] 1953525168 512-byte logical blocks: (1.00 
TB/931 GiB)
[   25.842858] sd 1:0:0:0: [sdb] 1953525168 512-byte logical blocks: (1.00 
TB/931 GiB)
[   25.851801] sd 0:0:0:0: [sda] Write Protect is off
[   25.856658] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[   25.856905] sd 1:0:0:0: [sdb] Write Protect is off
[   25.861727] sd 1:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[   25.861906] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, 
doesn't support DPO or FUA
[   25.871097] sd 1:0:0:0: [sdb] Write cache: enabled, read cache: enabled, 
doesn't support DPO or FUA
[   25.881514]  sda:
[   25.884036]  sdb: sdb1 sdb2 sdb3 < sda1 sda2 sda3 < sdb5 sda5 sdb6 >
[   25.915560]  sda6 >
[   25.921200] sd 1:0:0:0: [sdb] Attached SCSI disk
[   25.931331] sd 0:0:0:0: [sda] Attached SCSI disk
[   26.323601] md: raid1 personality registered for level 1
[   26.351570] mdadm: sending ioctl 1261 to a partition!
[   26.356692] mdadm: sending ioctl 1261 to a partition!
[   26.362367] mdadm: sending ioctl 1261 to a partition!
[   26.367509] mdadm: sending ioctl 1261 to a partition!
[   26.372954] mdadm: sending ioctl 1261 to a partition!
[   26.378112] mdadm: sending ioctl 1261 to a partition!
[   26.383703] mdadm: sending ioctl 1261 to a partition!
[   26.388789] mdadm: sending ioctl 1261 to a partition!
[   26.394854] mdadm: sending ioctl 1261 to a partition!
[   26.399933] mdadm: sending ioctl 1261 to a partition!
[   26.428623] md: md0 stopped.
[   26.451073] md: bind
[   26.463788] md: bind
[   26.473348] raid1: raid set md0 active with 2 out of 2 mirrors
[   26.479354] md0: detected capacity change from 0 to 248500224
[   26.490560]  md0: unknown partition table
[   26.722733] md: md1 stopped.
[   26.735482] md: bind
[   26.746362] md: bind
[   26.765069] raid1: raid set md1 active with 2 out of 2 mirrors
[   26.771072] md1: detected capacity change from 0 to 279957504
[   26.782237]  md1: unknown partition table
[   27.014813] md: md2 stopped.
[   27.036009] md: bind
[   27.039216] md: bind
[   27.057734] raid1: raid set md2 active with 2 out of 2 mirrors
[   27.063854] md2: detected capacity change from 0 to 999172202496
[   27.075301]  md2: unknown partition table
[   27.332238] device-mapper: uevent: version 1.0.3
[   27.339717] device-mapper: ioctl: 4.15.0-ioctl (2009-04-01) initialised: 
dm-de...@redhat.com
[   27.509207] kjournald starting.  Commit interval 5 seconds
[   27.514776] EXT3-fs: mounted filesystem with ordered data mode.
[   28.603054] udev[196]: starting version 164
[   29.040458] input: gpio-keys as /devices/platform/gpio-keys/input/input0
[   29.297606] MV-643xx 10/100/1000 ethernet driver version 1.4
[   29.304326] mv643xx_eth smi: probed
[   29.326156] usbcore: Unknown symbol current_is_keventd
[   29.332136] usbcore: Unknown symbol add_device_randomness
[   29.381591] net eth0: port 0 with MAC address 00:08:9b:c0:da:a1
[   30.422949] Adding 488144k swap on /dev/sda5.  Priority:-1 extents:1 
across:488144k 
[   30.438974] Adding 488144k swap on /dev/sdb5.  Priority:-2 extents:1 
across:488144k 
[   30.643725] EXT3 FS on md1, internal journal
[   30.942044] loop: module loaded
[   33.825666] kjournald starting.  Commit interval 5 seconds
[   33.873752] EXT3 FS on dm-3, internal journal
[   33.878151] EXT3-fs: mounted filesystem with ordered da

Bug#698910: zoneminder: arbitrary command execution vulnerability

[Vagrant Cascadian]

On Mon, Feb 25, 2013 at 12:28:33PM +0100, Salvatore Bonaccorso wrote:
> On Thu, Feb 14, 2013 at 11:35:31AM -0800, Vagrant Cascadian wrote:
> > Anything more needed for the security team? Which queue should it be
> > uploaded to?
> 
> Apologies for the delay. Could you also adress #700912 (CVE-2013-0332)
> for the stable-security update.
> 
> I think we can proceed afterwards.

I've prepared an upload in the "squeeze" branch of the hg repository, which
required a little backporting of the patches, but haven't yet tested it... hope
to test tomorrow, or I may not get to it till the following week...

  http://anonscm.debian.org/hg/collab-maint/zoneminder/

or a debdiff:

diff -Nru zoneminder-1.24.2/debian/changelog zoneminder-1.24.2/debian/changelog
--- zoneminder-1.24.2/debian/changelog  2011-01-15 19:40:08.0 -0800
+++ zoneminder-1.24.2/debian/changelog  2013-02-26 17:20:05.0 -0800
@@ -1,3 +1,15 @@
+zoneminder (1.24.2-8+squeeze1) UNRELEASED; urgency=high
+
+  * Add CVE-2013-0232 patch
+[SECURITY] CVE-2013-0232: Shell escape commands with untrusted content.
+Thanks to James McCoy  (Closes: #698910)
+Thanks also to Salvatore Bonaccorso 
+  * Add CVE-2013-0332 patch
+[SECURITY] CVE-2013-0332: local file inclusion (Closes: #700912).
+Thanks to Salvatore Bonaccorso  for the patch.
+
+ -- Vagrant Cascadian   Tue, 26 Feb 2013 17:20:02 -0800
+
 zoneminder (1.24.2-8) unstable; urgency=medium

   [ Vagrant Cascadian ]
diff -Nru zoneminder-1.24.2/debian/patches/cve-2013-0232 
zoneminder-1.24.2/debian/patches/cve-2013-0232
--- zoneminder-1.24.2/debian/patches/cve-2013-0232  1969-12-31 
16:00:00.0 -0800
+++ zoneminder-1.24.2/debian/patches/cve-2013-0232  2013-02-26 
16:55:03.0 -0800
@@ -0,0 +1,24 @@
+From: James McCoy 
+Bug-Debian: http://bugs.debian.org/698910
+Subject: shell escape commands with untrusted content
+--- a/web/includes/functions.php
 b/web/includes/functions.php
+@@ -905,7 +905,7 @@
+
+ function packageControl( $command )
+ {
+-$string = ZM_PATH_BIN."/zmpkg.pl $command";
++$string = ZM_PATH_BIN."/zmpkg.pl ".escapeshellarg( $command );
+ $string .= " 2>/dev/null >&- <&- >/dev/null";
+ exec( $string );
+ }
+@@ -2145,7 +2145,8 @@
+ else
+ {
+ // Can't connect so use script
+-$command = ZM_PATH_BIN."/zmx10.pl --command $status --unit-code $key";
++$command = ZM_PATH_BIN.'/zmx10.pl --command '.escapeshellarg( $status 
);
++$command .= ' --unit-code '.escapeshellarg( $key );
+ //$command .= " 2>/dev/null >&- <&- >/dev/null";
+ $x10Response = exec( $command );
+ }
diff -Nru zoneminder-1.24.2/debian/patches/cve-2013-0332 
zoneminder-1.24.2/debian/patches/cve-2013-0332
--- zoneminder-1.24.2/debian/patches/cve-2013-0332  1969-12-31 
16:00:00.0 -0800
+++ zoneminder-1.24.2/debian/patches/cve-2013-0332  2013-02-26 
17:18:18.0 -0800
@@ -0,0 +1,71 @@
+From: Salvatore Bonaccorso 
+Bug-Debian: http://bugs.debian.org/700912
+Subject: CVE-2013-0332: local file inclusion vulnerability
+Bug-Upstream: http://www.zoneminder.com/forums/viewtopic.php?f=1&t=17979
+
+Backported r3483 and r3488 from upstream svn to fix CVE-2013-0332.
+
+Index: zoneminder/web/includes/functions.php
+===
+--- zoneminder.orig/web/includes/functions.php 2013-02-26 17:07:02.0 
-0800
 zoneminder/web/includes/functions.php  2013-02-26 17:08:10.806977380 
-0800
+@@ -2231,13 +2231,21 @@
+ return( rand( 1, 99 ) );
+ }
+
++function detaintPath( $path )
++{
++// Remove any absolute paths, or relative ones that want to go up
++$path = preg_replace( '/\.\.+\/\/*/', '', $path );
++$path = preg_replace( '/^\/\/*/', '', $path );
++return( $path );
++}
++
+ function getSkinFile( $file )
+ {
+ global $skinBase;
+ $skinFile = false;
+ foreach ( $skinBase as $skin )
+ {
+-$tempSkinFile = 'skins'.'/'.$skin.'/'.$file;
++$tempSkinFile = detaintPath( 'skins'.'/'.$skin.'/'.$file );
+ if ( file_exists( $tempSkinFile ) )
+ $skinFile = $tempSkinFile;
+ }
+@@ -2250,7 +2258,7 @@
+ $skinFile = false;
+ foreach ( $skinBase as $skin )
+ {
+-$tempSkinFile = 'skins'.'/'.$skin.'/'.$file;
++$tempSkinFile = detaintPath( 'skins'.'/'.$skin.'/'.$file );
+ if ( file_exists( $tempSkinFile ) )
+ $skinFile = $tempSkinFile;
+ }
+Index: zoneminder/web/index.php
+===
+--- zoneminder.orig/web/index.php  2013-02-26 16:55:04.0 -0800
 zoneminder/web/index.php   2013-02-26 17:13:03.376428137 -0800
+@@ -96,10 +96,13 @@
+ require_once( 'includes/functions.php' );
+
+ if ( isset($_REQUEST['view']) )
+-$view = validHtmlStr($_REQUEST['view']);
++$view = detaintPath($_REQUEST['view']);
++
++if ( isset($_REQUEST['request']) )
++$request = detaintPath

Bug#697892: kbuild compiled with gcc-4.6 -O3 works

[James McCoy]

On Tue, Feb 26, 2013 at 05:52:36PM +0100, Andrey Gursky wrote:
> Hi James,
> 
> >The kbuild NMU, which migrated on Jan. 12th, seems to have exposed a bug
> >in kmk_sed which is affecting the virtualbox build.  I've tried
> >rebuilding kbuild with Wheezy's gcc-4.6, since upstream indicates this
> >is a gcc-4.7-specific problem, but that didn't make a difference.
> >
> >Reassigning to kbuild.
> 
> How did you specify the 4.6? Doing that a straightforward way fails
> for some reason. Would be nice if it could be also investigated.

If I recall correctly, I used sbuild.  Something along the line of

  $ echo '$build_environment = { CC => 'gcc-4.6' };' >> ~/.sbuildrc
  $ sbuild --add-depends gcc-4.6 -sA -c wheezy -d wheezy 
kbuild_0.1.9998svn2543+dfsg-0.1.dsc

with the appropriate chroot already setup.

> Global switching gcc to gcc-4.6 with attached scripts did the job
> well. kbuild can be compiled even with -O3 and it works. Do you know,
> whether this bug with a kbuild/virtualbox as test case is already
> reported to gcc?

According to upstream sed, this isn't a GCC problem.  kBuild just hasn't
updated to a more recent version of sed which already fixed this
problem.

Cheers,
-- 
James
GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy 


signature.asc
Description: Digital signature

Bug#701779: Clarification

[Glenn McGrath]

The previous fix was fro the debian files in ust-2.1.1 source package, then
you can rebuild ltt-control (unchanged) and all the debs install.

Bug#699889: [Pkg-openssl-devel] Bug#699889: several issues in Security Advisory 5 Feb 2013

[Bob Bib]

Hi Kurt,

> I've uploaded 0.9.8o-4squeeze14 to squeeze-security

openssl/1.0.1e-1 changelog states the following:
* New upstream version (Closes: #699889)
 - Fixes CVE-2013-0169, CVE-2012-2686, CVE-2013-0166

Meanwhile, openssl/0.9.8o-4squeeze14 changelog consist of the following line:
* Fix CVE-2013-0166 and CVE-2013-0169

Thus, I have 2 questions:
1) is CVE-2012-2686 also fixed in openssl/0.9.8o-4squeeze14?
2) should bug#699889 be marked as fixed in openssl/0.9.8o-4squeeze14?

Processed: Re: Bug#698813: "Too many levels of symbolic links" on upgrade

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 698813 normal
Bug #698813 [emacsen-common] "Too many levels of symbolic links" on upgrade
Severity set to 'normal' from 'grave'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
698813: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698813
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#698813: "Too many levels of symbolic links" on upgrade

[Rob Browning]

severity 698813 normal
thanks

Ian Zimmerman  writes:

> Yes, that is quite possible.  For a while I maintained my own emacs
> package while I waited for the Gnome dependencies in the official ones
> to get sorted out.  I also have a number of personal Lisp packages and
> some of them are a bit old, and may have been created before I had
> sufficient understanding of the framework.

OK, that's good to hear -- at least it's plausible that this isn't a bug
in emacsen-common.

> So, in my case at least, the bug can ultimately be blamed on the
> carbon-based system between chair and keyboard :-P  Now to find what
> happened to the other bloke ...

It sounded like there was a chance that he'd made manual changes, but
I'm still a bit wary.

For now I'll just downgrade the severity to normal, and leave the bug
open.  Then, if we don't see any more cases, I'll probably close it in a
while.

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#699145: bind9: CVE-2012-5689

[Dominic Hargreaves]

On Mon, Feb 25, 2013 at 08:29:10AM -0700, LaMont Jones wrote:
> On Sun, Feb 24, 2013 at 11:53:01AM +, Dominic Hargreaves wrote:
> > On Mon, Jan 28, 2013 at 07:37:03AM +0100, Moritz Muehlenhoff wrote:
> > Given these, I am not convinced that this should be RC for wheezy.
> > How about a NEWS item drawing attention to the issue and workaround,
> > and a downgrade to important?
> 
> Agreed

Attached is a proposed trivial patch. Please feel free to reuse/mangle
as you like, and let me know if an NMU would be appropriate.

Not tagging patch, because releasing this fix would only justify
lowering the severity, not closing the bug.

Thanks,
Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
>From 84207ccd05f26bd7359c16b27cc0a5501b1e03ca Mon Sep 17 00:00:00 2001
From: Dominic Hargreaves 
Date: Wed, 27 Feb 2013 00:38:11 +
Subject: [PATCH] Add NEWS item to draw attention to CVE-2012-5689

and the recommended workaround. See #699145
---
 debian/bind9.NEWS |   18 ++
 debian/changelog  |8 
 2 files changed, 26 insertions(+)

diff --git a/debian/bind9.NEWS b/debian/bind9.NEWS
index d235da6..eb041ab 100644
--- a/debian/bind9.NEWS
+++ b/debian/bind9.NEWS
@@ -1,3 +1,21 @@
+bind9 (1:9.8.4.dfsg.P1-5.1) unstable; urgency=low
+
+  This version of bind9 contains a known security flaw, CVE-2012-5689,
+  affecting a comparatively rare configuration involving DNS64 and
+  Response Policy Zones. The flaw could cause the server to terminate
+  with an assertion failure when processing queries. There is no
+  production-quality fix for this issue yet, but a complete and effective
+  workaround is available:
+  
+  If using DNS64 and Response Policy Zones together, make sure the RPZ
+  contains a  rewrite rule for every A rewrite rule. If the RPZ
+  provides a  answer without the assistance of DNS64, the bug is not
+  triggered. 
+
+  For more information, please see .
+
+ -- Dominic Hargreaves   Wed, 27 Feb 2013 00:32:20 +
+
 bind9 (1:9.4.0-1) experimental; urgency=low
 
   As of bind 9.4, allow-query-cache and allow-recursion default to the
diff --git a/debian/changelog b/debian/changelog
index c48d535..d89a7a7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+bind9 (1:9.8.4.dfsg.P1-5.1) UNRELEASED; urgency=low
+
+  * Non-maintainer upload.
+  * Add NEWS item to draw attention to CVE-2012-5689 and the recommended
+workaround. See #699145
+
+ -- Dominic Hargreaves   Wed, 27 Feb 2013 00:32:20 +
+
 bind9 (1:9.8.4.dfsg.P1-5) unstable; urgency=low
 
   [LaMont Jones]
-- 
1.7.10.4

Bug#701779: Fails to install due to missing library (in dependency?)

[Glenn McGrath]

Package: lttng-tools
Version: 2.1.0~rc9-1
Severity: grave
Justification: renders package unusable

The package or one of its dependencies appears to be missing a symlink for
a required library.

Setting up lttng-tools (2.1.0~rc9-1) ...
/usr/sbin/addgroup
[] Starting lttng-sessiond : lttng-sessiond/usr/bin/lttng-sessiond:
error
while loading shared libraries: liblttng-ust-ctl.so.0: cannot open shared
object file: No such file or directory
 failed!
invoke-rc.d: initscript lttng-sessiond, action "start" failed.

As shown in bold, liblttng-ust-ctl isnt found.
$ ldd /usr/bin/lttng-sessiond
linux-vdso.so.1 =>  (0x7fff551a5000)
librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x7fa93cce8000)
liblttng-ctl.so.0 => /usr/lib/x86_64-linux-gnu/liblttng-ctl.so.0
(0x7fa93cac6000)
liburcu-common.so.1 => /usr/lib/liburcu-common.so.1
(0x7fa93c8c2000)
liburcu.so.1 => /usr/lib/liburcu.so.1 (0x7fa93c6bc000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x7fa93c4b8000)
*liblttng-ust-ctl.so.0 => not found*
libpopt.so.0 => /lib/x86_64-linux-gnu/libpopt.so.0
(0x7fa93c2aa000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0
(0x7fa93c08e000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7fa93bd03000)
/lib64/ld-linux-x86-64.so.2 (0x7fa93d15c000)

Looking for it in the filesystem i find an unresolved symlink,
liblttng-ust-ctl.so.1.0.0

$ ls -al /usr/lib/x86_64-linux-gnu/liblttng-ust-ctl*
-rw-r--r-- 1 root root 217596 Jan 21 09:01
/usr/lib/x86_64-linux-gnu/liblttng-ust-ctl.a
lrwxrwxrwx 1 root root 25 Jan 21 09:01
/usr/lib/x86_64-linux-gnu/liblttng-ust-ctl.so -> liblttng-ust-ctl.so.1.0.0

$ dpkg -S /usr/lib/x86_64-linux-gnu/liblttng-ust-ctl.so
liblttng-ust-dev:amd64: /usr/lib/x86_64-linux-gnu/liblttng-ust-ctl.so
$ dpkg -S liblttng-ust-ctl.so.1.0.0
dpkg-query: no path found matching pattern *liblttng-ust-ctl.so.1.0.0*

Im not sure which package should be installing liblttng-ust-ctl.so.0 and
liblttng-ust-ctl.so.1.0.0, but it didnt happen on my install.

I guess i can just do the symlink myself.



-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages lttng-tools depends on:
ii  libc6   2.13-38
ii  liblttng-ctl0   2.1.0~rc9-1
ii  liblttng-ust0   2.1.1-1
ii  libpopt01.16-7
ii  liburcu10.7.6-1
ii  lttng-modules-dkms  2.1.0-1

Versions of packages lttng-tools recommends:
ii  babeltrace  1.0.3-1

lttng-tools suggests no packages.

-- debconf-show failed

Bug#701774: marked as done (/etc/R/Renviron gets created with wrong permissions)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 23:32:55 +
with message-id 
and subject line Bug#701774: fixed in r-base 2.15.3~20130326-1
has caused the Debian Bug report #701774,
regarding /etc/R/Renviron gets created with wrong permissions
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701774: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701774
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: r-base-core
Severity: serious
Version: 2.15.3~20130324-1
Control: tag -1 patch

mktemp by default creates files with 0600.

Thus, if there isn't an already existing /etc/R/Renviron, it will be
created with 0600, which is sort of useless, and will cause all R
packages built on buildd's to fail.

A simple patch would be to change this:

 tmpRenviron=$(mktemp)
+chmod 0644 "$tmpRenviron"
 cat /usr/lib/R/etc/Renviron.ucf > $tmpRenviron

[It's probably also a good idea to quote $tmpRenviron just in case
TMPDIR contains spaces, but that's a bit minor, and I'm certain many
other things would fail if someone actually did that.]


Don Armstrong

-- 
Judge if you want.
We are all going to die.
I intend to deserve it.
 -- a softer world #421
http://www.asofterworld.com/index.php?id=421

http://www.donarmstrong.com  http://rzlab.ucr.edu
--- End Message ---
--- Begin Message ---
Source: r-base
Source-Version: 2.15.3~20130326-1

We believe that the bug you reported is fixed in the latest version of
r-base, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 701...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dirk Eddelbuettel  (supplier of updated r-base package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 26 Feb 2013 16:56:17 -0600
Source: r-base
Binary: r-base r-base-core r-base-dev r-mathlib r-base-html r-doc-pdf 
r-doc-html r-doc-info r-recommended r-base-core-dbg
Architecture: source i386 all
Version: 2.15.3~20130326-1
Distribution: unstable
Urgency: low
Maintainer: Dirk Eddelbuettel 
Changed-By: Dirk Eddelbuettel 
Description: 
 r-base - GNU R statistical computation and graphics system
 r-base-core - GNU R core of statistical computation and graphics system
 r-base-core-dbg - GNU R debug symbols for statistical comp. language and 
environmen
 r-base-dev - GNU R installation of auxiliary GNU R packages
 r-base-html - GNU R html docs for statistical computing system functions
 r-doc-html - GNU R html manuals for statistical computing system
 r-doc-info - GNU R info manuals statistical computing system
 r-doc-pdf  - GNU R pdf manuals for statistical computing system
 r-mathlib  - GNU R standalone mathematics library
 r-recommended - GNU R collection of recommended packages [metapackage]
Closes: 701774
Changes: 
 r-base (2.15.3~20130326-1) unstable; urgency=low
 .
   * Second rc build (rev62062) of R 2.15.3 expected March 1
 .
   * debian/r-base-core.postinst: Ensure /etc/R/Renviron is created with
 proper 0644 modes (thanks, Don Armstrong!) (Closes: 
#701774)
Checksums-Sha1: 
 4d166d6cc3c8674b4566c4716bb37830a3fa6706 2148 r-base_2.15.3~20130326-1.dsc
 9ce8d36662dd94cb263a3c42f959fd92c0d37d58 25415693 
r-base_2.15.3~20130326.orig.tar.gz
 62acfe44b94255da6f827c39bc6046f350cfc9da 86152 r-base_2.15.3~20130326-1.diff.gz
 0176b1b118c8521cf12a8879b48952b8f1000dee 20716118 
r-base-core_2.15.3~20130326-1_i386.deb
 e8bd992448070bb8d33ea78fa7adb577bedfeca1 628200 
r-mathlib_2.15.3~20130326-1_i386.deb
 4085e2c01e25c2718d27eaab74d30a801240454f 3413938 
r-base-core-dbg_2.15.3~20130326-1_i386.deb
 25fbf8ca0597abb87724dde2c0231032dbef4754 37084 r-base_2.15.3~20130326-1_all.deb
 3aee573fc11972c7e621aab79579d50190ce8243 3902 
r-base-dev_2.15.3~20130326-1_all.deb
 7dbeeef2e6f757a47b52924e9e83da950fb788a8 90554 
r-base-html_2.15.3~20130326-1_all.deb
 c5d5e99819edec7828616a543fb1ad10137a6531 7995260 
r-doc-pdf_2.15.3~20130326-1_all.deb
 50adb9861967079c1b31b88dae936241f4023026 645940 
r-doc-html_2.15.3~20130326-1_all.deb
 7a1234caddf697d443b62ae79c42c764a0ea4536 550452 
r-doc-info_2.15.3~20130326-1_all.deb
 bfc546706c2027bc4452b056379a0e19e73fd1d6 2684 
r-recommended_2.15.3~20130326-1_all.d

Processed: tagging 701775

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # Why randomly tag bugs d-i when there's nothing installer-related about them?
> tags 701775 - d-i
Bug #701775 [wget] wget fails to open https:// URLs -> Lesefehler (The request 
is invalid.)  beim Vorspann (header).
Removed tag(s) d-i.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701775: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701775
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#625956: [Pkg-javascript-devel] jquery embedding in doxygen

[Jonas Smedegaard]

Quoting Helmut Grohne (2013-02-26 22:30:00)
> ** First embedding of jquery: src:doxygen
> 
> The current situation is that doxygen upstream downloads various parts 
> of jquery in various versions, then obfuscates (or is it called 
> "compresses"?) the source and stores those parts in their svn. Then 
> they convert the jquery library into a C header file which is also 
> stored in their svn. The lack of source for jquery in the sense of 
> "preferred form for modification" is tracked as #625956. According to 
> upstream svn these copies are usually generated immediately before 
> releasing a new version of doxygen.

I believe the Debian packaging should ignore the prebuild stuff shipped 
by upstream, and during the Debian build mimic same steps as done 
upstream but build-depending on and using Debian-packaged jquery files 
(either uncompressed or compressed - but most likely the best result 
comes from joining all needed files uncompressed and compress them all 
at once).


> ** Second embedding of jquery: doxygen
> 
> The header is compiled to the doxygen binary, so the binary package 
> also includes a copy of jquery. Once you generate documentation this 
> version is copied to your documentation tree.

Ideally doxygen should be patched to not work like that but instead at 
runtime use the Debian-packaged files (then also solving above first 
embedding of jquery).

Assuming that is too difficult, I would suggest do a dirty trick of 
depending versioned on jquery - even if not actually using it for 
anything, and have the versioning autoresolved during build to be 
tightened to current install of it, so as to force requiring a rebuild 
of doxygen every time jquery changes.

(less dirty would be to tighten build-dependency, but that would require 
sourceful rebuild due to Debian Policy not allowing build-dependencies 
to change during build.


> ** Third embedding of jquery: reverse build dependencies of doxygen
> 
> About 50 packages use doxygen to build their documentation. Unless the 
> maintainer explicitly replaces the doxygen generated copy of jquery, 
> the respective package includes it as well.

(see below...)

[snip]

> For the regular user a doxygen generated tree should be usable 
> stand-alone. That is doxygen will keep copying jquery during 
> documentation generation.

Makes sense.


> A debhelper dh_doxygen called from documentation packages during build 
> could be used to replace these (thired) copies of the jquery 
> conglomerate by symbolic links to a newly created doxygen-common 
> package. (See Jakub Wilk's dh_sphinxdoc for a similar tool.) This 
> raises an important question though: What happens when upgrading 
> doxygen-common? How to ensure that previously generated documentation 
> does not break with an upgraded doxygen-common?

I suggest to have doxygen build a doxygenXXX-common binary package which 
depends versioned (as tightly as needed) on appropriate jquery packages, 
with XXX bumped every time the micture of dependent jquery packages 
changes.

...and then have the main doxygen package provide such dh_doxygen tool, 
which both a) replaces javascript files with symlinks and b) adds a 
dependency on the current doxygenXXX-common package.

When doxygenXXX-common is bumped, you will then need to check if any 
package anywhere in the archive actually depend on the old one, and if 
so have your new package also keep creating that old old, or...


> Note that if there are backwards-incompatible changes, we have to 
> rebuild about 50 reverse dependencies of doxygen, and there is no such 
> thing as binNMU for them, because they are mostly Architecture: all.

...file severe bugreports to have those packages be rebuilt (not all 50, 
only the ones actually depending on the particular obsolete 
doxygenXXX-common package).


> Ideally which step should be generating the jquery.js file to be copied
> into a documentation tree?
> A: Upstream
> B: During build of doxygen
> C: During the invocation of doxygen

Ideal to upstream: A

Ideal to distrutors: C - by help of node-uglify.


> If the answer to the previous question is A: What can we do about the 
> (first) copy of jquery in the doxygen source package? Reverse 
> engineering the jqeury components embedded in each new release appears 
> like a tedious task. In what way can this situation be improved 
> upstream?

What I think is reasonable to try persuade upstream to do is leave an 
automated trace of which sources was used for generating the shipped 
JavaScript code, so as to help distributors like us avoid the need for 
reverse engineering.


> When creating a doxygen-common package (and we are not in case C),
> should that package contain the copy of jquery used to embed into
> documentation or should it contain a javascript file loading the
> remainders from libjs-something packages?

When not in case C then we have lost the goal of avoiding code copies 
and I see no point in complicating further by replacing full-copies of 
j

Bug#701775: wget fails to open https:// URLs -> Lesefehler (The request is invalid.) beim Vorspann (header).

[debian]

Package: wget
Version: 1.13.4-3
Severity: grave
Tags: d-i
Justification: renders package unusable

Dear Maintainer,

   * What led up to the situation?

Trying to open a webpage via a secure connection

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

wget https://freemail.web.de

   * What was the outcome of this action?

me@host:/tmp$ wget --no-check-certificate https://freemail.web.de
--2013-02-26 23:38:48--  https://freemail.web.de/
Auflösen des Hostnamen »freemail.web.de (freemail.web.de)«... 217.72.197.144
Verbindungsaufbau zu freemail.web.de (freemail.web.de)|217.72.197.144|:443... 
verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... Lesefehler (The request is 
invalid.) beim Vorspann (header).
Erneuter Versuch.

   * What outcome did you expect instead?

Download of the SSL encrypted webpage


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i586)

Kernel: Linux 3.2.0-4-486
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages wget depends on:
ii  dpkg   1.16.9
ii  install-info   4.13a.dfsg.1-10
ii  libc6  2.13-38
ii  libgcrypt111.5.0-3
ii  libgnutls262.12.20-4
ii  libgpg-error0  1.10-3.1
ii  libidn11   1.25-2
ii  zlib1g 1:1.2.7.dfsg-13

wget recommends no packages.

wget suggests no packages.

-- no debconf information


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701774: /etc/R/Renviron gets created with wrong permissions

[Dirk Eddelbuettel]

On 26 February 2013 at 14:41, Don Armstrong wrote:
| Package: r-base-core
| Severity: serious
| Version: 2.15.3~20130324-1
| Control: tag -1 patch
| 
| mktemp by default creates files with 0600.
| 
| Thus, if there isn't an already existing /etc/R/Renviron, it will be
| created with 0600, which is sort of useless, and will cause all R
| packages built on buildd's to fail.
| 
| A simple patch would be to change this:
| 
|  tmpRenviron=$(mktemp)
| +chmod 0644 "$tmpRenviron"
|  cat /usr/lib/R/etc/Renviron.ucf > $tmpRenviron
| 
| [It's probably also a good idea to quote $tmpRenviron just in case
| TMPDIR contains spaces, but that's a bit minor, and I'm certain many
| other things would fail if someone actually did that.]

Thank you.  All that came from a patch by Andreas Beckman (in #700381) who
suggested I should create md5sums for everything (and those few conf files
had been exempt).

Will try to fix this eve.

Dirk
 
| Don Armstrong
| 
| -- 
| Judge if you want.
| We are all going to die.
| I intend to deserve it.
|  -- a softer world #421
| http://www.asofterworld.com/index.php?id=421
| 
| http://www.donarmstrong.com  http://rzlab.ucr.edu

-- 
Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com  


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: /etc/R/Renviron gets created with wrong permissions

[Debian Bug Tracking System]

Processing control commands:

> tag -1 patch
Bug #701774 [r-base-core] /etc/R/Renviron gets created with wrong permissions
Added tag(s) patch.

-- 
701774: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701774
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701774: /etc/R/Renviron gets created with wrong permissions

[Don Armstrong]

Package: r-base-core
Severity: serious
Version: 2.15.3~20130324-1
Control: tag -1 patch

mktemp by default creates files with 0600.

Thus, if there isn't an already existing /etc/R/Renviron, it will be
created with 0600, which is sort of useless, and will cause all R
packages built on buildd's to fail.

A simple patch would be to change this:

 tmpRenviron=$(mktemp)
+chmod 0644 "$tmpRenviron"
 cat /usr/lib/R/etc/Renviron.ucf > $tmpRenviron

[It's probably also a good idea to quote $tmpRenviron just in case
TMPDIR contains spaces, but that's a bit minor, and I'm certain many
other things would fail if someone actually did that.]


Don Armstrong

-- 
Judge if you want.
We are all going to die.
I intend to deserve it.
 -- a softer world #421
http://www.asofterworld.com/index.php?id=421

http://www.donarmstrong.com  http://rzlab.ucr.edu


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: virt-viewer no longer contains virt-viewer

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 701684 grave
Bug #701684 [virt-viewer] virt-viewer no longer contains virt-viewer
Severity set to 'grave' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701684: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701684
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#625956: jquery embedding in doxygen

[Helmut Grohne]

Dear javascript maintainers,

I am writing to you, because I seek help with doxygen. For wheezy I
believe that Mònica Ramírez Arceda's patch is the way to go, so this
mail entirely applies to jessie.

** First embedding of jquery: src:doxygen

The current situation is that doxygen upstream downloads various parts
of jquery in various versions, then obfuscates (or is it called
"compresses"?) the source and stores those parts in their svn. Then they
convert the jquery library into a C header file which is also stored in
their svn. The lack of source for jquery in the sense of "preferred form
for modification" is tracked as #625956. According to upstream svn these
copies are usually generated immediately before releasing a new version
of doxygen.

** Second embedding of jquery: doxygen

The header is compiled to the doxygen binary, so the binary package also
includes a copy of jquery. Once you generate documentation this version
is copied to your documentation tree.

** Third embedding of jquery: reverse build dependencies of doxygen

About 50 packages use doxygen to build their documentation. Unless the
maintainer explicitly replaces the doxygen generated copy of jquery, the
respective package includes it as well.

** So precisely what is copied?

This actually depends on the doxygen version in use. In earlier version
it used to copy jquery 1.3.2. For the current version Mònica Ramírez
Arceda thankfully examined the source and discovered:

jquery 1.7.1 including sizzle
jquery.ScrollTo 1.4.2
jquery hashchange event 1.3
jquery UI 1.8.18
jquery UI Mouse 1.8.18
jquery UI Resizable 1.8.18
jquery UI Widget 1.8.18

Jérémy Lal kindly explained that some parts of this (ScrollTo) are not
currently packaged for Debian, but most is.

** Which embeddings should we solve and how?

For the regular user a doxygen generated tree should be usable
stand-alone. That is doxygen will keep copying jquery during
documentation generation. A debhelper dh_doxygen called from
documentation packages during build could be used to replace these
(thired) copies of the jquery conglomerate by symbolic links to a newly
created doxygen-common package. (See Jakub Wilk's dh_sphinxdoc for a
similar tool.) This raises an important question though: What happens
when upgrading doxygen-common? How to ensure that previously generated
documentation does not break with an upgraded doxygen-common?

Note that if there are backwards-incompatible changes, we have to
rebuild about 50 reverse dependencies of doxygen, and there is no such
thing as binNMU for them, because they are mostly Architecture: all.

Ideally which step should be generating the jquery.js file to be copied
into a documentation tree?
A: Upstream
B: During build of doxygen
C: During the invocation of doxygen

If the answer to the previous question is A: What can we do about the
(first) copy of jquery in the doxygen source package? Reverse
engineering the jqeury components embedded in each new release appears
like a tedious task. In what way can this situation be improved
upstream?

In the other cases we could repack doxygen to remove the jquery files,
but we would still need some kind of upstream support to determine what
to generate.

When creating a doxygen-common package (and we are not in case C),
should that package contain the copy of jquery used to embed into
documentation or should it contain a javascript file loading the
remainders from libjs-something packages?

Note that I do not expect answers to all of these questions. I merely
wrote down the currently open issues and hope for some thoughts
advancing the matter.

Helmut


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#700914: marked as done (Index process error in morphstr() function)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 21:02:48 +
with message-id 
and subject line Bug#700914: fixed in wordnet 1:3.0-29
has caused the Debian Bug report #700914,
regarding Index process error in morphstr() function
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
700914: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700914
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wordnet
Severity: serious

Forwarded from launchpad by Sundaram Ramaswamy
LP: #305407

---

Hi,
I am working on Wordnet for a particular project. I installed Wordnet
in Ubuntu via Synaptic, the latest package to date. Tried searching
"automata" in the Wordnet Browser (bash-command: wnb), it returned 0
results, while the installed Wordnet in Windows (installer from
Wordnet's site) shows a couple of definitions for "automata". In fact,
the latest version of Wordnet for Windows is just 2.1 while Linux's is
3.0.

Bascially, Wordnet's function morphstr() is supposed to give the root
words for a given inflected word. For example, when "knifes" is given
to morphstr, it returns "knife". Likewise for "axes" it should return
"ax", "axe" and "axis". It first searches an exceptions list file
(because of peculiar cases like axes), when it has an entry in it, it
returns the file's results. If not found in the list, it tries to
predict the root. While the prediction part (e.g. knifes) works fine
in Ubuntu, the search from file part doesn't (e.g. axes, automata,
etc.)

When I compared the source code of Wordnet (morph.c of Windows and
Linux), its the same for both the OSs (they have just used
preprocessor switches for the differences). This needs to be fixed
from our side, since Wordnet's source code doesn't have any
errors/diffs, as the same code is present on both the OSs. The Windows
installer was packaged by Wordnet guys themselves, while the deb was
packaged from their source by someone of Ubuntu/Deb guys, I guess.

PS: When I wrote my own code, and tried using morphstr(), I could spot
the error with Ubuntu's packaged wordnet.lib. The problem is that,
morphstr takes two args; 1: inflected word, 2: POS (Part of Speech -
NOUN, VERB, etc.) E,g. morphstr("knifes", NOUN); will return "knifes"
using the prediction technique (works right in Ubuntu). When I call
morphstr("automata", NOUN) it returns NULL but when I call
morphstr("automata", NOUN - 1); it returns "automata". Likewise, for
any word, which has an exception in the exception list file, when we
pass the actual POS value minus 1, we get the proper values. It has
some array indexing issue, I believe. The reason why Wordnet Browser
doesn't show "automata"'s definitions in Linux is that morphstr() when
called with proper POS value returns NULL, while in Windows, it
returns correct values for the same set of arguments, so Wordnet
Browser in Windows shows it.


-
I notice that 51_overflow.patch modify the index while it is not
processed correctly
and it is also not needed.

The attacement  is the new 51_overflow.patch with some hooks droped.
It works well now.

--
YunQiang


51_overflows.patch
Description: Binary data
--- End Message ---
--- Begin Message ---
Source: wordnet
Source-Version: 1:3.0-29

We believe that the bug you reported is fixed in the latest version of
wordnet, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 700...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Gladky  (supplier of updated wordnet package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 26 Feb 2013 20:40:25 +0100
Source: wordnet
Binary: wordnet wordnet-gui wordnet-dev wordnet-base wordnet-sense-index 
wordnet-grind dict-wn goldendict-wordnet
Architecture: source all amd64
Version: 1:3.0-29
Distribution: unstable
Urgency: low
Maintainer: Debian Science Team 

Changed-By: Anton Gladky 
Description: 
 dict-wn- electronic lexical database of English language for dict
 goldendict-wordnet - electronic lexical database of English language for dict
 wordnet- electronic lexical databas

Processed: tags 700941 + patch

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 700941 + patch
Bug #700941 [scim-thai] scim-thai: FTBFS: dh_install: missing files
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
700941: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700941
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#700941: [PATCH] scim-thai: FTBFS: dh_install: missing files

[Prach Pongpanich]

tags 700941 + patch
thanks

Dear maintainer,

I have prepared a patch which solves the this bug.

Regards,

Prach


fix_700941.patch
Description: Binary data

Processed: Re: Bug#700914: Not RC?

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 700914 +pending -moreinfo
Bug #700914 [wordnet] Index process error in morphstr() function
Added tag(s) pending.
Bug #700914 [wordnet] Index process error in morphstr() function
Removed tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
700914: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700914
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#700914: Not RC?

[Anton Gladky]

tags 700914 +pending -moreinfo
thanks

Ok, good. I have tested the patch, it works and fixes the issue.
The diff is not so large, as it seemed (attached).

@Andreas, I have uploaded 3.0-29 version in DELAYED/7.
Please, feel free to cancel that, if you are not agree.

Thanks,

Anton


On 02/26/2013 08:24 AM, YunQiang Su wrote:
> This bug make a quite import function unusable.
> So think it is RC.
> 
diff -Nru wordnet-3.0/debian/changelog wordnet-3.0/debian/changelog
--- wordnet-3.0/debian/changelog2012-06-06 08:24:55.0 +0200
+++ wordnet-3.0/debian/changelog2013-02-26 20:41:35.0 +0100
@@ -1,3 +1,11 @@
+wordnet (1:3.0-29) unstable; urgency=low
+
+  * Team upload.
+  * Fix index processing error in morphstr() function. 
+Closes: #700914
+
+ -- Anton Gladky   Tue, 26 Feb 2013 20:40:25 +0100
+
 wordnet (1:3.0-28) unstable; urgency=low
 
   * debian/dict-wn.post{inst,rm}: verify start script using
diff -Nru wordnet-3.0/debian/patches/51_overflows.patch 
wordnet-3.0/debian/patches/51_overflows.patch
--- wordnet-3.0/debian/patches/51_overflows.patch   2009-04-09 
10:01:11.0 +0200
+++ wordnet-3.0/debian/patches/51_overflows.patch   2013-02-24 
19:41:06.0 +0100
@@ -8,8 +8,10 @@
 set and is moved to 51_overflows_memcpy.patch which
 uses memcpy instead of the formerly used strcpy.
 
 WordNet-3.0.orig/lib/binsrch.c
-+++ WordNet-3.0/lib/binsrch.c
+Index: wordnet-3.0/lib/binsrch.c
+===
+--- wordnet-3.0.orig/lib/binsrch.c 2013-02-19 16:03:01.698031603 +0800
 wordnet-3.0/lib/binsrch.c  2013-02-19 16:03:01.686031603 +0800
 @@ -28,7 +28,7 @@
  char *linep;
  
@@ -46,9 +48,11 @@
strncpy(key, linep, length);
key[length] = '\0';
if(strcmp(key, searchkey) < 0) {/* further in file */
 WordNet-3.0.orig/lib/morph.c
-+++ WordNet-3.0/lib/morph.c
-@@ -51,24 +51,24 @@
+Index: wordnet-3.0/lib/morph.c
+===
+--- wordnet-3.0.orig/lib/morph.c   2013-02-19 16:03:01.698031603 +0800
 wordnet-3.0/lib/morph.c2013-02-19 16:06:14.850029761 +0800
+@@ -51,21 +51,21 @@
  char *str;
  int strlen;
  } prepositions[NUMPREPS] = {
@@ -84,20 +88,7 @@
 +{ "between", 7 }
  };
  
--static FILE *exc_fps[NUMPARTS + 1];
-+static FILE *exc_fps[NUMPARTS];
- 
- static int do_init();
- static int strend(char *, char *);
-@@ -100,7 +100,7 @@
- {
- int i;
- 
--for (i = 1; i <= NUMPARTS; i++) {
-+for (i = 0; i < NUMPARTS; i++) {
-   if (exc_fps[i] != NULL) {
-   fclose(exc_fps[i]); exc_fps[i] = NULL;
-   }
+ static FILE *exc_fps[NUMPARTS + 1];
 @@ -144,18 +144,19 @@
  } else
sprintf(searchdir, DEFAULTPATH);
@@ -116,10 +107,9 @@
 +}
  #endif
  
--for (i = 1; i <= NUMPARTS; i++) {
+ for (i = 1; i <= NUMPARTS; i++) {
 -  sprintf(fname, EXCFILE, searchdir, partnames[i]);
-+for (i = 0; i < NUMPARTS; i++) {
-+  snprintf(fname, sizeof(fname), EXCFILE, searchdir, partnames[i+1]);
++  snprintf(fname, sizeof(fname), EXCFILE, searchdir, partnames[i]);
if ((exc_fps[i] = fopen(fname, "r")) == NULL) {
 -  sprintf(msgbuf,
 +  snprintf(msgbuf, sizeof(msgbuf),
@@ -232,8 +222,10 @@
strncpy(end, rest, last - rest + 1);
end[last-rest+1] = '\0';
strcat(end, lastwd);
 WordNet-3.0.orig/lib/search.c
-+++ WordNet-3.0/lib/search.c
+Index: wordnet-3.0/lib/search.c
+===
+--- wordnet-3.0.orig/lib/search.c  2013-02-19 16:03:01.698031603 +0800
 wordnet-3.0/lib/search.c   2013-02-19 16:03:01.690031603 +0800
 @@ -13,6 +13,7 @@
  #include 
  #include 
@@ -595,8 +587,10 @@
  if (fileinfoflag) {
sprintf(tbuf + strlen(tbuf),"<%s> ", lexfiles[synptr->fnum]);
prlexid = 1;
 WordNet-3.0.orig/lib/wnutil.c
-+++ WordNet-3.0/lib/wnutil.c
+Index: wordnet-3.0/lib/wnutil.c
+===
+--- wordnet-3.0.orig/lib/wnutil.c  2013-02-19 16:03:01.698031603 +0800
 wordnet-3.0/lib/wnutil.c   2013-02-19 16:03:01.690031603 +0800
 @@ -48,7 +48,7 @@
  char *env;
  
@@ -691,8 +685,10 @@
  "WordNet library warning: Can't open verb example sentence index file(%s)\n",
tmpbuf);
display_message(msgbuf);
 WordNet-3.0.orig/src/wn.c
-+++ WordNet-3.0/src/wn.c
+Index: wordnet-3.0/src/wn.c
+===
+--- wordnet-3.0.orig/src/wn.c  2013-02-19 16:03:01.698031603 +0800
 wordnet-3.0/src/wn.c   2013-02-19 16:03:01.690031603 +0800
 @@ -131,7 +131,7 @@
 printsearches(char *, int, unsigned long);
  static int error_message(char *);
diff -Nru wordnet-3.0/debian/upstream wordnet-3.0/debian/upstream
--- wordnet-3.0/debian/upstream 2012-06-01 14:06:06.0 +0200
+++ wordnet-3.0/debian/upst

Bug#665199: Fix for 665199 breaks slapd upgrade from lenny to squeeze

[jens]

Package: slapd
Version: 2.4.23-7.3
Severity: serious

Hello all!

The changes to the installation procedure made between slapd 2.4.23-7.2 
and slapd 2.4.23-7.3

pushed the failure to the late upgraders from Lenny to Squeeze.

The previous version slapd 2.4.23-7.2 worked well in an upgrade 
szenario from last Lenny version 5.0.10

with all patches to Squeeze version 6.0.6 without real trouble.

The failure messages are exactly the same. (see below).

Upgrading the package slapd from Lenny 2.4.11-1+lenny2.1 to 2.4.23-7.3 
fails:


Setting up slapd (2.4.23-7.3) ...
Installing new version of config file 
/etc/ldap/schema/inetorgperson.schema ...

Installing new version of config file /etc/ldap/schema/cosine.ldif ...
Installing new version of config file /etc/ldap/schema/misc.schema ...
Installing new version of config file /etc/ldap/schema/duaconf.schema 
...
Installing new version of config file /etc/ldap/schema/dyngroup.schema 
...
Installing new version of config file /etc/ldap/schema/openldap.ldif 
...
Installing new version of config file 
/etc/ldap/schema/inetorgperson.ldif ...
Installing new version of config file /etc/ldap/schema/openldap.schema 
...

Installing new version of config file /etc/ldap/schema/nis.ldif ...
Installing new version of config file /etc/ldap/schema/README ...
Installing new version of config file /etc/ldap/schema/nis.schema ...
Installing new version of config file /etc/init.d/slapd ...
  Backing up /etc/ldap/slapd.conf in 
/var/backups/slapd-2.4.11-1+lenny2.1... done.

  Moving old database directories to /var/backups:
  - directory o=ccc.com... done.
  Loading from /var/backups/slapd-2.4.11-1+lenny2.1:
  - directory o=ccc.com... failed.

Loading the database from the LDIF dump failed with the following
error while running slapadd:
/var/backups/slapd-2.4.11-1+lenny2.1/o=ccc.com.ldif: No such file 
or directory

dpkg: error processing slapd (--configure):
 subprocess installed post-installation script returned error exit 
status 1

Errors were encountered while processing:
 slapd
E: Sub-process /usr/bin/dpkg returned an error code (1)

Possible cause:
~~~

Instead of giving the same functionality from 7.2 slapd.preinst to 
slapd.prerm the files
where just switched. Whether this was intended or not, the consequences 
for the late

upgraders to squeeze are really bad.

-rwxr-xr-x 1 root root 22617 Dec 16 13:27 
/var/lib/dpkg/info/slapd.prerm slapd_2.4.23-7.3
-rwxr-xr-x 1 root root   338 Jun 15  2011 
/oldbu/var/lib/dpkg/info/slapd.prerm   slapd_2.4.23-7.2


-rwxr-xr-x 1 root root99 Dec 16 13:27 
/var/lib/dpkg/info/slapd.preinst	 slapd_2.4.23-7.3
-rwxr-xr-x 1 root root 22378 Jun 15  2011 
/oldbu/var/lib/dpkg/info/slapd.preinst slapd_2.4.23-7.2



hostone:/etc/ldap# diff /var/lib/dpkg/info/slapd.prerm 
/oldbu/var/lib/dpkg/info/slapd.preinst

1c1
< #!/bin/sh
---

#! /bin/sh

830,838d829
< # Automatically added by dh_installinit
< if [ -x "/etc/init.d/slapd" ]; then
<   if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
<   invoke-rc.d slapd stop || exit $?
<   else
<   /etc/init.d/slapd stop || exit $?
<   fi
< fi
< # End automatically added section
843c834
< # vim: set foldmethod=marker:
---

# vim: set sw=8 foldmethod=marker:



hostone:/etc/ldap# diff /var/lib/dpkg/info/slapd.preinst 
/oldbu/var/lib/dpkg/info/slapd.prerm

1c1
< #! /bin/sh
---

#!/bin/sh

6a7,15

# Automatically added by dh_installinit
if [ -x "/etc/init.d/slapd" ]; then
  if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
  invoke-rc.d slapd stop || exit $?
  else
  /etc/init.d/slapd stop || exit $?
  fi
fi
# End automatically added section

11c20
< # vim: set sw=8 foldmethod=marker:
---

# vim: set foldmethod=marker:


Suggestion:
~~~

Please check, whether it is possible to give the same functionality to 
BOTH scripts:


slapd.prerm
slapd.preinst

It would be nice, if downgraders from Wheezy and late upgraders from 
Lenny could have a working slapd.


Considerations regarding workarounds:
~

If possible, some hints and or workaround for late upgraders which 
already made

the same experience as myself, would be helpful.

Is there a way of making the old "slapd.preinst" from 2.4.23-7.2 run,
placing in the right place?
Only unpacking slapd_2.4.23-7.3_amd64.deb and suppress md5 complaints
whily manually installing the package from the unpacking directory,
putting the old slapd.preinst from 7.2 in the approbiate directory?

Refill /var/lib/ldap with the content of 
/var/backups/o=ccc.com-2.4.11-1+lenny2.1.ldapdb/

before should be necessary, or?

Or it is suggested to take the last Lenny backup, waiting for a 
hopefully fixed slapd_2.4.23-7.4 ?


Best Regards

Jens


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#701649: Affected versions

[Debian Bug Tracking System]

Processing control commands:

> found -1 0.8.3-5+squeeze2
Bug #701649 {Done: Guido Günther } [libvirt-bin] libvirt-bin 
- libvirtd changes permissions of devices to libvirt-qemu:kvm (CVE-2013-1766)
Marked as found in versions libvirt/0.8.3-5+squeeze2.
> found -1 0.9.12-6
Bug #701649 {Done: Guido Günther } [libvirt-bin] libvirt-bin 
- libvirtd changes permissions of devices to libvirt-qemu:kvm (CVE-2013-1766)
Marked as found in versions libvirt/0.9.12-6.
> found -1 0.9.12-7
Bug #701649 {Done: Guido Günther } [libvirt-bin] libvirt-bin 
- libvirtd changes permissions of devices to libvirt-qemu:kvm (CVE-2013-1766)
Marked as found in versions libvirt/0.9.12-7.

-- 
701649: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701649: Affected versions

[Salvatore Bonaccorso]

Control: found -1 0.8.3-5+squeeze2
Control: found -1 0.9.12-6
Control: found -1 0.9.12-7

Hi Guido

On Tue, Feb 26, 2013 at 11:44:28AM +0100, Guido Günther wrote:
> This also affects stable, bpo and wheezzy. The attached fix that I
> applied to the version in experimental applies to 0.9.12 as well.

Only marking the versions accordingly in this bug.

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#700781: marked as done (python-newt-dbg: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 19:47:35 +
with message-id 
and subject line Bug#700781: fixed in newt 0.52.14-11.1
has caused the Debian Bug report #700781,
regarding python-newt-dbg: unhandled symlink to directory conversion: 
/usr/share/doc/PACKAGE
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
700781: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700781
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-newt-dbg
Version: 0.52.14-10
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

an upgrade test with piuparts revealed that your package installs files
over existing symlinks and possibly overwrites files owned by other
packages. This usually means an old version of the package shipped a
symlink but that was later replaced by a real (and non-empty)
directory. This kind of overwriting another package's files cannot be
detected by dpkg.

This was observed on the following upgrade paths:

  squeeze -> wheezy

For /usr/share/doc/PACKAGE this may not be problematic as long as both
packages are installed, ship byte-for-byte identical files and are
upgraded in lockstep. But once one of the involved packages gets
removed, the other one will lose its documentation files, too,
including the copyright file, which is a violation of Policy 12.5:
http://www.debian.org/doc/debian-policy/ch-docs.html#s-copyrightfile

For other overwritten locations anything interesting may happen.

Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in
http://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#s-unpackphase

For switching from a symlink to a directory, the *preinst* script
should do something like this:

DOCDIR=/usr/share/doc/@@PACKAGE@@

if [ -L $DOCDIR ]; then
rm $DOCDIR
fi


>From the attached log (usually somewhere in the middle...):

0m57.3s ERROR: FAIL: silently overwrites files via directory symlinks:
  /usr/share/doc/python-newt-dbg/changelog.Debian.gz (python-newt-dbg) != 
/usr/share/doc/python-newt/changelog.Debian.gz (python-newt)
  /usr/share/doc/python-newt-dbg/changelog.gz (python-newt-dbg) != 
/usr/share/doc/python-newt/changelog.gz (python-newt)
  /usr/share/doc/python-newt-dbg/copyright (python-newt-dbg) != 
/usr/share/doc/python-newt/copyright (python-newt)


cheers,

Andreas


python-newt-dbg_0.52.14-10.log.gz
Description: GNU Zip compressed data
--- End Message ---
--- Begin Message ---
Source: newt
Source-Version: 0.52.14-11.1

We believe that the bug you reported is fixed in the latest version of
newt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 700...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Ramacher  (supplier of updated newt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 25 Feb 2013 19:58:40 +0100
Source: newt
Binary: libnewt-dev libnewt-pic newt-tcl python-newt python-newt-dbg 
libnewt0.52 whiptail
Architecture: source amd64
Version: 0.52.14-11.1
Distribution: unstable
Urgency: low
Maintainer: Alastair McKinstry 
Changed-By: Sebastian Ramacher 
Description: 
 libnewt-dev - Developer's toolkit for newt windowing library
 libnewt-pic - Not Erik's Windowing Toolkit, shared library subset kit
 libnewt0.52 - Not Erik's Windowing Toolkit - text mode windowing with slang
 newt-tcl   - NEWT module for Tcl
 python-newt - NEWT module for Python
 python-newt-dbg - NEWT module for Python (debug extension)
 whiptail   - Displays user-friendly dialog boxes from shell scripts
Closes: 700781
Changes: 
 newt (0.52.14-11.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * python-newt-dbg.preinst: Handle symlink to directory conversion. (Closes:
 #700781)
Checksums-Sha1: 
 3c9ce846180ae60f791dc84384c549fc56466d10 2203 newt_0.52.14-11.1.dsc
 e13930935e06cd065a47cabbcc38674400994c83 40514 newt_0.52.14-11.1.debian.tar.gz
 66f80da5dc26fe0af956ffd3f284d77921089963 98944 
libnewt-dev_0.52.14-11.1_amd64.deb
 f77c3983cdb8bb8c2af8fcc80830f7d33686a47c 19200 
libnewt-pic

Bug#701744: [Pkg-xen-devel] Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures

[Ingo Jürgensmann]

Am 26.02.2013 um 19:19 schrieb Ian Campbell :

>> Since the update last weekind in stable/squeeze I'm experiencing 
>> problems with running Xen on amd64 and multiple domUs losing their 
>> network connection/VIFs. 
> The hypervisors involvement in the specifics of the networking is pretty
> minimal -- a kernel bug is much more likely IMHO.
> In particular the messages you are seeing look a lot like those which
> would result from
> http://wiki.xen.org/wiki/Security_Announcements#XSA_39_Linux_netback_DoS_via_malicious_guest_ring..
> So, was the hypervisor upgrade also accompanied by a kernel update, in
> either the dom0 or guest domains? If so what versions were involved and
> where?


Yes, it was a full update, both on dom0 as well as on domUs. I always try to 
keep kernels on dom0 and domU the same version. 

The blog posts lists the packages that were updated last weekend: 

gate:~# dir /var/cache/apt/archives/
base-files_6.0squeeze7_amd64.deb 
libxenstore3.0_4.0.1-5.6_amd64.deb
bind9-host_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb   linux-base_2.6.32-48_all.deb
dbus_1.2.24-4+squeeze2_amd64.deb 
linux-image-2.6.32-5-amd64_2.6.32-48_amd64.deb
dbus-x11_1.2.24-4+squeeze2_amd64.deb 
linux-image-2.6.32-5-xen-amd64_2.6.32-48_amd64.deb
firmware-linux-free_2.6.32-48_all.deblock
gzip_1.3.12-9+squeeze1_amd64.deb 
openssh-client_1%3a5.5p1-6+squeeze3_amd64.deb
host_1%3a9.7.3.dfsg-1~squeeze9_all.deb   
openssh-server_1%3a5.5p1-6+squeeze3_amd64.deb
libbind9-60_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb  
openssl_0.9.8o-4squeeze14_amd64.deb
libcups2_1.4.4-7+squeeze3_amd64.deb  partial
libdbus-1-3_1.2.24-4+squeeze2_amd64.deb  
perl_5.10.1-17squeeze5_amd64.deb
libdbus-glib-1-2_0.88-2.1+squeeze1_amd64.deb 
perl-base_5.10.1-17squeeze5_amd64.deb
libdns69_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb 
perl-modules_5.10.1-17squeeze5_all.deb
libisc62_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb 
ssh_1%3a5.5p1-6+squeeze3_all.deb
libisccc60_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb   tzdata_2012g-0squeeze1_all.deb
libisccfg62_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb  
xen-hypervisor-4.0-amd64_4.0.1-5.6_amd64.deb
libldap-2.4-2_2.4.23-7.3_amd64.deb   
xen-linux-system-2.6.32-5-xen-amd64_2.6.32-48_amd64.deb
liblwres60_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb   
xenstore-utils_4.0.1-5.6_amd64.deb
libperl5.10_5.10.1-17squeeze5_amd64.deb  
xen-utils-4.0_4.0.1-5.6_amd64.deb
libssl0.9.8_0.9.8o-4squeeze14_amd64.deb

The same kernel versions were updated in the domUs.

-- 
Ciao...//  Fon: 0381-2744150
  Ingo   \X/   http://blog.windfluechter.net


gpg pubkey:  http://www.juergensmann.de/ij_public_key.asc


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701649: Affected versions

[Guido Günther]

This also affects stable, bpo and wheezzy. The attached fix that I
applied to the version in experimental applies to 0.9.12 as well.

However I won't have a chance to test the wheezy version in a reasonable
setup (bridged network, lvm, kvm) for the next days/weeks so I'm not
uploading a new version for wheezy yet. 

If somebody else could pick that up it'd be great. Note that this is not
remote and only affects users/processes in the kvm group.
Cheers,
 -- Guido
>From 181eab16a034ee7dce50ec932d31cb051bf9dc9c Mon Sep 17 00:00:00 2001
Message-Id: <181eab16a034ee7dce50ec932d31cb051bf9dc9c.1361875378.git@sigxcpu.org>
From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
Date: Tue, 26 Feb 2013 06:28:30 +0100
Subject: [PATCH] CVE-2013-1766: Use libvirt-qemu as group to run qemu/kvm
 instances

This makes sure we don't chown files to groups possibly used
by other programs.

Closes: #701649
---
 debian/README.Debian|3 +++
 debian/libvirt-bin.NEWS |9 +
 debian/libvirt-bin.postinst |4 
 debian/libvirt-bin.postrm   |8 
 debian/rules|2 +-
 5 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/debian/README.Debian b/debian/README.Debian
index 6248662..de12bbb 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -56,6 +56,9 @@ Access Control
 Access to the libvirt socket is controlled by membership in the "libvirt" group.
 If you want to manage VMs as non root you need to add a user to that group.
 
+System QEMU/KVM processes are run as user and group libvirt-qemu. This can be
+adjusted via /etc/libvirt/qemu.conf.
+
 QEMU/KVM: Dropping Capabilties
 ==
 Network interfaces of type "ethernet" use a script like /etc/qemu-ifup to set up
diff --git a/debian/libvirt-bin.NEWS b/debian/libvirt-bin.NEWS
index ee32190..9228350 100644
--- a/debian/libvirt-bin.NEWS
+++ b/debian/libvirt-bin.NEWS
@@ -1,3 +1,12 @@
+libvirt (1.0.2-3) experimental; urgency=low
+
+  For qemu:///system KVM/QEMU processes now run as group libvirt-qemu. This
+  makes sure image files and volumes aren't accessible by users in the more
+  general and previously used kvm group. To change this behaviour adjust the
+  group option in /etc/libvirt/qemu.conf.
+
+ -- Guido Günther   Tue, 26 Feb 2013 06:30:48 +0100
+
 libvirt (0.8.3-2) unstable; urgency=low
 
   Disk format probing is disabled now by default for security reasons
diff --git a/debian/libvirt-bin.postinst b/debian/libvirt-bin.postinst
index c22dd21..53119a2 100644
--- a/debian/libvirt-bin.postinst
+++ b/debian/libvirt-bin.postinst
@@ -27,6 +27,9 @@ add_users_groups()
 if ! getent group kvm >/dev/null; then
 addgroup --quiet --system kvm
 fi
+if ! getent group libvirt-qemu >/dev/null; then
+addgroup --quiet --system libvirt-qemu
+fi
 if ! getent passwd libvirt-qemu >/dev/null; then
 adduser --quiet \
 --system \
@@ -39,6 +42,7 @@ add_users_groups()
 -gecos "Libvirt Qemu" \
 libvirt-qemu
 fi
+adduser libvirt-qemu libvirt-qemu
 }
 
 
diff --git a/debian/libvirt-bin.postrm b/debian/libvirt-bin.postrm
index 5f67537..77e77d6 100644
--- a/debian/libvirt-bin.postrm
+++ b/debian/libvirt-bin.postrm
@@ -25,6 +25,14 @@ case "$1" in
 		delgroup libvirt || true
 	fi
 
+	if getent user libvirt-qemu >/dev/null; then
+		deluser libvirt || true
+	fi
+
+	if getent group libvirt-qemu >/dev/null; then
+		delgroup libvirt || true
+	fi
+
 	rm -rf /var/log/libvirt
 ;;
 remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --git a/debian/rules b/debian/rules
index 8127900..65e35d4 100755
--- a/debian/rules
+++ b/debian/rules
@@ -58,7 +58,7 @@ DEB_CONFIGURE_EXTRA_FLAGS := \
 	--disable-rpath  \
 	$(WITH_QEMU)		 \
 	--with-qemu-user=libvirt-qemu  \
-	--with-qemu-group=kvm\
+	--with-qemu-group=libvirt-qemu \
 $(WITH_OPENVZ)		 \
 	--with-avahi \
 	--with-sasl  \
-- 
1.7.10.4

Bug#701744: [Pkg-xen-devel] Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures

[Ian Campbell]

On Tue, 2013-02-26 at 18:42 +0100, Ingo Juergensmann wrote:
> 
> Since the update last weekind in stable/squeeze I'm experiencing 
> problems with running Xen on amd64 and multiple domUs losing their 
> network connection/VIFs. 

The hypervisors involvement in the specifics of the networking is pretty
minimal -- a kernel bug is much more likely IMHO.

In particular the messages you are seeing look a lot like those which
would result from
http://wiki.xen.org/wiki/Security_Announcements#XSA_39_Linux_netback_DoS_via_malicious_guest_ring..

So, was the hypervisor upgrade also accompanied by a kernel update, in
either the dom0 or guest domains? If so what versions were involved and
where?

Thanks,
Ian
-- 
Ian Campbell


pain, n.:
One thing, at least it proves that you're alive!


signature.asc
Description: This is a digitally signed message part

Bug#693288: marked as done (src:jsxgraph: maintainer address bounces)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 18:02:47 +
with message-id 
and subject line Bug#693288: fixed in jsxgraph 0.83+svn1872~dfsg1-1
has caused the Debian Bug report #693288,
regarding src:jsxgraph: maintainer address bounces
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
693288: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693288
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: jsxgraph
Severity: serious
X-Debbugs-Cc: Georges Khaznadar 

The maintainer address for jsxgraph bounces:

Mail Delivery System  writes:
> This message was created automatically by mail delivery software.
>
> A message that you sent could not be delivered to one or more of its
> recipients. This is a permanent error. The following address(es) failed:
>
>   georg...@ofset.org
> Unrouteable address
>
> -- This is a copy of the message, including all the headers. --
>
> Return-path: 
> Received: from dak by franck.debian.org with local (Exim 4.72)
>   (envelope-from )
>   id 1TYlkr-00026l-1N; Wed, 14 Nov 2012 22:48:21 +
> Date: Wed, 14 Nov 2012 22:48:21 +
> Message-Id: 
> From: Debian FTP Masters 
> To: Georges Khaznadar , Tobias Hansen 
> X-DAK: dak process-upload
> X-Debian: DAK
> X-Debian-Package: jsxgraph
> Precedence: bulk
> MIME-Version: 1.0
> Content-Type: text/plain; charset="utf-8"
> Content-Transfer-Encoding: 8bit
> Subject: jsxgraph_0.83+svn1872~dfsg1-0.1_amd64.changes ACCEPTED into unstable
> Sender: Archive Administrator 
>
[...]

Ansgar
--- End Message ---
--- Begin Message ---
Source: jsxgraph
Source-Version: 0.83+svn1872~dfsg1-1

We believe that the bug you reported is fixed in the latest version of
jsxgraph, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 693...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Georges Khaznadar  (supplier of updated jsxgraph package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 26 Feb 2013 18:41:40 +0100
Source: jsxgraph
Binary: jsxgraph
Architecture: source all
Version: 0.83+svn1872~dfsg1-1
Distribution: unstable
Urgency: low
Maintainer: Georges Khaznadar 
Changed-By: Georges Khaznadar 
Description: 
 jsxgraph   - Interactive Geometry with JavaScript
Closes: 693288
Changes: 
 jsxgraph (0.83+svn1872~dfsg1-1) unstable; urgency=low
 .
   * changed my DEBEMAIL. Closes: #693288
   * changed Standards-Version to 3.9.4
Checksums-Sha1: 
 cbbe6f294dfa951251c3474a6b0c5989c36ec44d 1250 jsxgraph_0.83+svn1872~dfsg1-1.dsc
 4d37e5e7d5457a4beccb6f7d885be67263ff9173 9966 
jsxgraph_0.83+svn1872~dfsg1-1.debian.tar.gz
 e9c71880303dd30a7cdf83c23768c1e7da0e154e 2949326 
jsxgraph_0.83+svn1872~dfsg1-1_all.deb
Checksums-Sha256: 
 872fd1e78e0edb90934f26095a350379f8ccaec4b730d99e39ca562fde91573c 1250 
jsxgraph_0.83+svn1872~dfsg1-1.dsc
 ca1864e80f730d09ef557c39ddb168214e5a309b0599d1ebac88e7f8f942e0c1 9966 
jsxgraph_0.83+svn1872~dfsg1-1.debian.tar.gz
 61bec7fb2195a4d28aeef0f5a468c6746aa919b4e5c6ee2aa09876dac7e316e8 2949326 
jsxgraph_0.83+svn1872~dfsg1-1_all.deb
Files: 
 daed330dfc8d094566f8c2932feb2303 1250 devel extra 
jsxgraph_0.83+svn1872~dfsg1-1.dsc
 30136445adaa3f9dabcb6467e269be30 9966 devel extra 
jsxgraph_0.83+svn1872~dfsg1-1.debian.tar.gz
 1f6fd8be41324c39382735f5e6827da0 2949326 devel extra 
jsxgraph_0.83+svn1872~dfsg1-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRLPVqnfmb2hFpETARAvq0AKCJz+iSamFcBjYQjMLAOftgghBvgwCdFLKJ
cwcAb4J3+BJE7HCAK+Vjh8Q=
=Jcn4
-END PGP SIGNATURE End Message ---

Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures

[Ingo Juergensmann]

Package: xen
Version: 4.0.1-5.5
Severity: critical

--- Please enter the report below this line. ---

Hi!

Since the update last weekind in stable/squeeze I'm experiencing 
problems with running Xen on amd64 and multiple domUs losing their 
network connection/VIFs.


From 
http://blog.windfluechter.net/content/blog/2013/02/26/1597-xen-problems-vms-2632-5-xen-amd64


Unfortunately this update appears to be problematic on my Xen hosting 
server. This night it happened the second time that some of the virtual 
network interfaces disappeared or turned out to be non-working. For 
example I have two VMs: one running the webserver and one running the 
databases. Between these two VMs there's a bridge on the dom0 and both 
VMs have a VIF to that (internal) bridge. What happens is that this 
bridge becomes inaccessible from within the webserver VM.


Sadly there's not much to see in the log files. I just spotted this on 
dom0:


Feb 26 01:01:29 gate kernel: [12697.907512] vif3.1: Frag is bigger 
than frame.
Feb 26 01:01:29 gate kernel: [12697.907550] vif3.1: fatal error; 
disabling device
Feb 26 01:01:29 gate kernel: [12697.919921] xenbr1: port 3(vif3.1) 
entering disabled state
Feb 26 01:22:00 gate kernel: [13928.644888] vif2.1: Frag is bigger 
than frame.
Feb 26 01:22:00 gate kernel: [13928.644920] vif2.1: fatal error; 
disabling device
Feb 26 01:22:00 gate kernel: [13928.663571] xenbr1: port 2(vif2.1) 
entering disabled state
Feb 26 01:40:44 gate kernel: [15052.629280] vif7.1: Frag is bigger 
than frame.
Feb 26 01:40:44 gate kernel: [15052.629314] vif7.1: fatal error; 
disabling device
Feb 26 01:40:44 gate kernel: [15052.641725] xenbr1: port 6(vif7.1) 
entering disabled state


This corresponds to the number of VMs having lost their internal 
connection to the bridge. On the webserver VM I see this output:


Feb 26 01:59:01 vserv1 kernel: [16113.539767] IPv6: sending 
pkt_too_big to self
Feb 26 01:59:01 vserv1 kernel: [16113.539794] IPv6: sending 
pkt_too_big to self
Feb 26 02:30:54 vserv1 kernel: [18026.407517] IPv6: sending 
pkt_too_big to self
Feb 26 02:30:54 vserv1 kernel: [18026.407546] IPv6: sending 
pkt_too_big to self
Feb 26 02:30:54 vserv1 kernel: [18026.434761] IPv6: sending 
pkt_too_big to self
Feb 26 02:30:54 vserv1 kernel: [18026.434787] IPv6: sending 
pkt_too_big to self
Feb 26 03:39:16 vserv1 kernel: [22128.768214] IPv6: sending 
pkt_too_big to self
Feb 26 03:39:16 vserv1 kernel: [22128.768240] IPv6: sending 
pkt_too_big to self
Feb 26 04:39:51 vserv1 kernel: [25764.250170] IPv6: sending 
pkt_too_big to self
Feb 26 04:39:51 vserv1 kernel: [25764.250196] IPv6: sending 
pkt_too_big to self


Rebooting the VMs will result in a non-working VM as it will get paused 
on creation and Xen scripts complain about not working hotplug scripts 
and Xen logs shows this:


[2013-02-25 13:06:34 5470] DEBUG (XendDomainInfo:101)
XendDomainInfo.create(['vm', ['name', 'vserv1'], ['memory', '2048'],
['on_poweroff', 'destroy'], ['on_reboot', 'restart'], ['on_crash',
'restart'], ['on_xend_start', 'ignore'], ['on_xend_stop', 'ignore'],
['vcpus', '2'], ['oos', 1], ['bootloader', 
'/usr/lib/xen-4.0/bin/pygrub'],

['bootloader_args', ''], ['image', ['linux', ['root', '/dev/xvdb '],
['videoram', 4], ['tsc_mode', 0], ['nomigrate', 0]]], 
['s3_integrity', 1],
['device', ['vbd', ['uname', 'phy:/dev/lv/vserv1-boot'], ['dev', 
'xvda'],
['mode', 'w']]], ['device', ['vbd', ['uname', 
'phy:/dev/lv/vserv1-disk'],

['dev', 'xvdb'], ['mode', 'w']]], ['device', ['vbd', ['uname',
'phy:/dev/lv/vserv1-swap'], ['dev', 'xvdc'], ['mode', 'w']]], 
['device',
['vbd', ['uname', 'phy:/dev/lv/vserv1mirror'], ['dev', 'xvdd'], 
['mode',

'w')
[2013-02-25 13:06:34 5470] DEBUG (XendDomainInfo:2508)
XendDomainInfo.constructDomain
[2013-02-25 13:06:34 5470] DEBUG (balloon:220) Balloon: 210 KiB 
free;

need 16384; done.
[2013-02-25 13:06:34 5470] DEBUG (XendDomain:464) Adding Domain: 39
[2013-02-25 13:06:34 5470] DEBUG (XendDomainInfo:2818)
XendDomainInfo.initDomain: 39 256
[2013-02-25 13:06:34 5781] DEBUG (XendBootloader:113) Launching 
bootloader

as ['/usr/lib/xen-4.0/bin/pygrub', '--args=root=/dev/xvdb  ',
'--output=/var/run/xend/boot/xenbl.6040', '/dev/lv/vserv1-boot'].
[2013-02-25 13:06:39 5470] DEBUG (XendDomainInfo:2845)
_initDomain:shadow_memory=0x0, memory_static_max=0x8000,
memory_static_min=0x0.
[2013-02-25 13:06:39 5470] INFO (image:182) buildDomain os=linux dom=39
vcpus=2
[2013-02-25 13:06:39 5470] DEBUG (image:721) domid  = 39
[2013-02-25 13:06:39 5470] DEBUG (image:722) memsize= 2048
[2013-02-25 13:06:39 5470] DEBUG (image:723) image  =
/var/run/xend/boot/boot_kernel.xj7W_t
[2013-02-25 13:06:39 5470] DEBUG (image:724) store_evtchn   = 1
[2013-02-25 13:06:39 5470] DEBUG (image:725) console_evtchn = 

Bug#701686: bowtie2: FTBFS[!linux]: help2man: can't get `--help' info

[Andreas Tille]

Hi,

just as a hint how to work around help2man problems: I recently commited into
meme packaging some hackish wrapper:

   
svn://svn.debian.org/debian-med/trunk/packages/meme/trunk/debian/help2man-wrapper

(see rules file for its usage.)  In principle it would be better to
rather fix help2man but for the moment this script might help (provided
that the `--no-discard-stderr' option does not.)

Kind regards

 Andreas.

On Mon, Feb 25, 2013 at 11:34:03PM -0800, Christoph Egger wrote:
> Package: src:bowtie2
> Version: 2.0.6-1
> Severity: serious
> Tags: sid wheezy
> User: debian-...@lists.debian.org
> Usertags: kfreebsd
> X-Debbugs-Cc: debian-...@lists.debian.org
> Justification: fails to build from source (but built successfully in the past)
> 
> Hi!
> 
> Your package failed to build on the kfreebsd-* buildds:
> 
>debian/rules override_dh_auto_install
> make[1]: Entering directory 
> `/build/buildd-bowtie2_2.0.6-1-kfreebsd-amd64-TCHdXD/bowtie2-2.0.6'
> mkdir -p 
> /build/buildd-bowtie2_2.0.6-1-kfreebsd-amd64-TCHdXD/bowtie2-2.0.6/debian/bowtie2/usr/share/man/man1/
> help2man --name="wrapper for bowtie2-align" --no-info \
>   
> /build/buildd-bowtie2_2.0.6-1-kfreebsd-amd64-TCHdXD/bowtie2-2.0.6/bowtie2 > 
> /build/buildd-bowtie2_2.0.6-1-kfreebsd-amd64-TCHdXD/bowtie2-2.0.6/debian/bowtie2/usr/share/man/man1/bowtie2.1
> help2man: can't get `--help' info from 
> /build/buildd-bowtie2_2.0.6-1-kfreebsd-amd64-TCHdXD/bowtie2-2.0.6/bowtie2
> Try `--no-discard-stderr' if option outputs to stderr
> make[1]: *** [override_dh_auto_install] Error 2
> make[1]: Leaving directory 
> `/build/buildd-bowtie2_2.0.6-1-kfreebsd-amd64-TCHdXD/bowtie2-2.0.6'
> make: *** [binary-arch] Error 2
> 
> Full build log at
> https://buildd.debian.org/status/fetch.php?pkg=bowtie2&arch=kfreebsd-amd64&ver=2.0.6-1&stamp=1361653538
> 
> Regards
> 
> Christoph
> 
> If you have further questions please mail debian-...@lists.debian.org
> 
> ___
> Debian-med-packaging mailing list
> debian-med-packag...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
> 

-- 
http://fam-tille.de


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#697892: kbuild compiled with gcc-4.6 -O3 works

[Andrey Gursky]

Hi James,

>The kbuild NMU, which migrated on Jan. 12th, seems to have exposed a bug
>in kmk_sed which is affecting the virtualbox build.  I've tried
>rebuilding kbuild with Wheezy's gcc-4.6, since upstream indicates this
>is a gcc-4.7-specific problem, but that didn't make a difference.
>
>Reassigning to kbuild.

How did you specify the 4.6? Doing that a straightforward way fails
for some reason. Would be nice if it could be also investigated.

Global switching gcc to gcc-4.6 with attached scripts did the job
well. kbuild can be compiled even with -O3 and it works. Do you know,
whether this bug with a kbuild/virtualbox as test case is already
reported to gcc?

Regards,
Andrey


gcc-defaults-set.sh
Description: Bourne shell script


gcc-defaults-reset.sh
Description: Bourne shell script

Bug#661342: python-gevent-dbg: Need to build debugging versions

[Sebastian Ramacher]

Control: tags -1 + patch

On 2012-02-26 16:00:23, Matthias Urlichs wrote:
> The package python-gevent-dbg only contains the GDB symbols for the binary 
> module.
> 
> It also needs to contain the actual module, built with python-dbg.
> Otherwise it's impossible to run gevent under a debugging Python.
> 
> $ python-dbg test/interactive/main.py
> Traceback (most recent call last):
>   [...]
>   File "/usr/lib/pymodules/python2.7/gevent/hub.py", line 6, in 
> from gevent import core
> ImportError: /usr/lib/pymodules/python2.7/gevent/core.so: undefined symbol: 
> Py_InitModule4_64

With the attached patch the extensions modules are also built for the
debug variants.

Regards
-- 
Sebastian Ramacher
diff -Nru python-gevent-0.13.6/debian/changelog 
python-gevent-0.13.6/debian/changelog
--- python-gevent-0.13.6/debian/changelog   2012-11-12 23:09:04.0 
+0100
+++ python-gevent-0.13.6/debian/changelog   2013-02-26 16:51:34.0 
+0100
@@ -1,3 +1,10 @@
+python-gevent (0.13.6-1+nmu2) UNRELEASED; urgency=low
+
+  * Non-maintainer upload.
+  * Build extensions modules for debug variants too. (Closes: #661342)
+
+ -- Sebastian Ramacher   Tue, 26 Feb 2013 16:42:01 +0100
+
 python-gevent (0.13.6-1+nmu1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru python-gevent-0.13.6/debian/control 
python-gevent-0.13.6/debian/control
--- python-gevent-0.13.6/debian/control 2011-05-17 16:45:37.0 +0200
+++ python-gevent-0.13.6/debian/control 2013-02-26 16:52:08.0 +0100
@@ -3,7 +3,8 @@
 Maintainer: Örjan Persson 
 Uploaders: Andreas Schuldei 
 Build-Depends: debhelper (>= 7.0.50), python-support, python-all-dev, 
libevent-dev (>= 1.4),
-   python-greenlet | python-codespeak-lib (<< 1.0), python-sphinx 
(>= 0.6)
+   python-greenlet | python-codespeak-lib (<< 1.0), python-sphinx 
(>= 0.6),
+   python-all-dbg
 Standards-Version: 3.9.0
 Section: python
 Homepage: http://www.gevent.org/
@@ -11,7 +12,7 @@
 Package: python-gevent-dbg
 Section: debug
 Architecture: any
-Depends: ${misc:Depends}, python-gevent (= ${binary:Version})
+Depends: ${misc:Depends}, python-gevent (= ${binary:Version}), 
${shlib:Depends}, python-dbg
 Description: gevent is a coroutine-based Python networking library - debugging 
symbols
  gevent uses greenlet to provide a high-level synchronous API on top of
  libevent event loop.
diff -Nru python-gevent-0.13.6/debian/python-gevent-dbg.install 
python-gevent-0.13.6/debian/python-gevent-dbg.install
--- python-gevent-0.13.6/debian/python-gevent-dbg.install   1970-01-01 
01:00:00.0 +0100
+++ python-gevent-0.13.6/debian/python-gevent-dbg.install   2013-02-26 
16:45:17.0 +0100
@@ -0,0 +1 @@
+usr/lib/python2*/*-packages/gevent/*_d.so
diff -Nru python-gevent-0.13.6/debian/python-gevent.install 
python-gevent-0.13.6/debian/python-gevent.install
--- python-gevent-0.13.6/debian/python-gevent.install   2011-05-17 
16:45:37.0 +0200
+++ python-gevent-0.13.6/debian/python-gevent.install   2013-02-26 
16:46:33.0 +0100
@@ -1 +1,2 @@
-usr/lib/*
+usr/lib/python2*/*-packages/gevent/*.py
+usr/lib/python2*/*-packages/gevent/*[!_][!d].so


signature.asc
Description: Digital signature

Processed: Re: Bug#661342: python-gevent-dbg: Need to build debugging versions

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + patch
Bug #661342 [python-gevent-dbg] python-gevent-dbg: Need to build debugging 
versions
Bug #701589 [python-gevent-dbg] python-gevent-dbg:  fails to import
Added tag(s) patch.
Added tag(s) patch.

-- 
661342: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661342
701589: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701589
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: fixed 699835 in 2012.2.3-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # CVE-2013-0247
> fixed 699835 2012.2.3-1
Bug #699835 [keystone] keystone: CVE-2013-0247: Keystone denial of service 
through invalid token requests
Marked as fixed in versions keystone/2012.2.3-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
699835: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699835
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#698871: [Pkg-sssd-devel] Bug#698871: Bug#698871: CVE-2013-0219 CVE-2013-0220

[Salvatore Bonaccorso]

Hi Timo

Any update on this? I see the patches at [1]. At this stage of the
release I'm unsure the other changes are acceptable. Do you have time
to prepare an upload only adressing #698871? If you get a ACK from
release-team I would happily sonsor the upload if needed.

 [1]: 
http://anonscm.debian.org/gitweb/?p=pkg-sssd/sssd.git;a=commitdiff;h=5632b7d752b89a47a52f831e3ba97f70a9d6469d

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: closing 651204

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> close 651204
Bug #651204 [system-config-printer] CVE-2011-4405
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
651204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651204
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#698955: missing symbol because it cant find the dynamic library

[Mike]

For information: I got the same error but it was because it could not 
find the library. I modified LD_LIBRARY_PATH to fix it.


This bug report says that the dependencies were satisfied and so maybe 
this is a real bug but I just thought to mention my experience in case 
it helps.



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#667599: dolfin-dev: fails to upgrade from squeeze - apt does not find an upgrade path

[Sylvestre Ledru]

On 25/02/2013 11:44, Andreas Beckmann wrote:
> Followup-For: Bug #667599
> Control: tag -1 patch
> 
> Hi,
> 
> after having tested a lot of modifications, I think I found a solution
> that provides smoother hdf5 upgrade paths from squeeze.
> 
> As that is primarily an apt bug in squeeze, we need to work around it
> somehow.
> 
> I'm not sure if this also solves the issue switching from mpi to serial
> variant during upgrades.
Excellent. Many thanks.

Ana is currently testing your fix. I upload it as soon as I have her go!

Sylvestre


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701224: Safely prevent adverse impact if im-switch was removed but not purged

[Osamu Aoki]

severity 701224 serious
thanks

recently, im-switch 1.23 has migrated to testing while fixing serious
bug "Disable hook script if package is removed.  Closes: #701181"

(I was going to ask release exception later but somehow unblocked.)

This bug is essentially the same bug as #701181 thus I move this to
serious.  These are both maintained by the same maintainer and this is
done as a coordinated migration.

Hi,

On Sat, Feb 23, 2013 at 10:11:19PM +0100, Gunnar Hjalmarsson wrote:
> On 2013-02-23 16:58, Osamu Aoki wrote:
> > I think if I update this, I need to add new hush number for new
> > im-switch to ensure automatic erase.
> 
> Why not drop the md5sum check as regards 80im-switch and use the
> attached file as is instead?

We can consider im-switch and im-config almost a different version of
one package but they are not really the same package.  Then we are
hitting policy violation issue.  Unless this is the only solution, I
will consider this option.  I mean why take chances.
 
> As Iain Lane pointed out at the Ubuntu bug report, if im-config deletes
> the file, and the user at a later point of time decides to go back to
> im-switch (for some reason), 80im-switch won't be reinstalled, and the
> user is faced with an issue that may be hard to track down.

I think 80im-switch get installed but ... let's not argue this point
now.

> Now when that line has been added to 80im-switch in the normal way, you
> can say that with the file I propose, all debian/postinst would do is
> adding a line to 80im-switch that would otherwise have been added at
> next update. It does no harm in any way.

This is what I was thinking ...

> If the policy still makes you hesitate, you should bear in mind that it
> was scarcely written with this special case in mind. Somebody should be
> able to approve an exception.

No I have seen people has added disabling thing as gray area.  (Old
network-manager,...)  Besides, these are two cooperating package by the
same maintainer and these are one of the cooperation script.  Perfectly
policy compliant!!! Also whatever happens, if im-switch is installed and
even if installation did not replace this script, it works :-)

> Using the attached file would also eliminate one of the current
> differences between the Debian and Ubuntu versions of im-config.
> Hopefully we'll soon be able to use exactly the same version.

Since if the md5sum are the same as installed, it is better to remove it
completely as they used to be.

So I modified a bit but in the same spirit :-)
I echo to STDERR.

Osamu

#!/bin/sh
# postinst script for im-config
# vim: set sts=4 expandtab:

set -e

# version just before wheezy release
# acb685ae9264be3fc1800f98a70b12bb  80im-switch 1.14
# 044a2f13aa8382902dc8f47dc7da7064  80im-switch 1.16 (oldstable) - 1.22 
(unstable)
# 5b34831bb3c203ced71b7efb6da4609e  80im-switch 1.23 (testing/unstable)

# 4045a8eeb0e9226cdd9f8a121ccf4c04  80im-config_launch 0.3 (stable initial)
# 8a4829f935b5561ca6e61bec6eb3893f  80im-config_launch 0.3+squeeze1 (stable), 
0.4
# b243876a16f7b87c397ceef626098069  80im-config_launch 0.5
# 5ef27261ac38d704d8f766da19635461  80im-config_launch 0.6-0.17 (testing, 
unstable)

case "$1" in
configure)
IM_SWITCH_HOOK=/etc/X11/Xsession.d/80im-switch
IM_SWITCH_DISABLE_CODE='[ -x /usr/bin/im-switch ] || return 0'
if [ -f $IM_SWITCH_HOOK ]; then
IM_SWITCH_HOOK_MD5SUM=$(md5sum < $IM_SWITCH_HOOK|cut -d ' ' -f 1)
case $IM_SWITCH_HOOK_MD5SUM in

acb685ae9264be3fc1800f98a70b12bb|044a2f13aa8382902dc8f47dc7da7064|5b34831bb3c203ced71b7efb6da4609e)
rm -f $IM_SWITCH_HOOK
;;

*)
if [ "$( head -1 $IM_SWITCH_HOOK )" != 
"$IM_SWITCH_DISABLE_CODE" ];then
echo "Migrating from im-switch to im-config. Disabling: 
$IM_SWITCH_HOOK." >&2
sed -i "1 i $IM_SWITCH_DISABLE_CODE" $IM_SWITCH_HOOK
fi
;;
esac
fi

IM_CONFIG_HOOK=/etc/X11/Xsession.d/80im-config_launch
if [ -f $IM_CONFIG_HOOK ]; then
IM_CONFIG_HOOK_MD5SUM=$(md5sum < $IM_CONFIG_HOOK|cut -d ' ' -f 1)
case $IM_CONFIG_HOOK_MD5SUM in

4045a8eeb0e9226cdd9f8a121ccf4c04|8a4829f935b5561ca6e61bec6eb3893f|b243876a16f7b87c397ceef626098069|5ef27261ac38d704d8f766da19635461)
rm -f $IM_CONFIG_HOOK
;;

*)
echo "ERROR: Unknown hook file exists: $IM_CONFIG_HOOK." >&2
;;
esac
fi
;;

abort-upgrade|abort-remove|abort-deconfigure)
;;

*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0

Processed: Re: Bug#701224: Safely prevent adverse impact if im-switch was removed but not purged

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 701224 serious
Bug #701224 [im-config] Safely prevent adverse impact if im-switch was removed 
but not purged
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701224
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#685970: marked as done (openjpeg: CVE-2012-3535)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 12:17:04 +
with message-id 
and subject line Bug#685970: fixed in openjpeg 1.3+dfsg-4+squeeze1
has caused the Debian Bug report #685970,
regarding openjpeg: CVE-2012-3535
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
685970: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685970
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openjpeg
Severity: grave
Tags: security
Justification: user security hole

Please see http://seclists.org/oss-sec/2012/q3/299 for details.

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: openjpeg
Source-Version: 1.3+dfsg-4+squeeze1

We believe that the bug you reported is fixed in the latest version of
openjpeg, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 685...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Gilbert  (supplier of updated openjpeg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 18 Feb 2013 18:55:32 +
Source: openjpeg
Binary: libopenjpeg-dev libopenjpeg2 libopenjpeg2-dbg openjpeg-tools
Architecture: source amd64
Version: 1.3+dfsg-4+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Debian PhotoTools Maintainers 

Changed-By: Michael Gilbert 
Description: 
 libopenjpeg-dev - development files for libopenjpeg2, a JPEG 2000 image library
 libopenjpeg2 - JPEG 2000 image compression/decompression library
 libopenjpeg2-dbg - debug symbols for libopenjpeg2, a JPEG 2000 image library
 openjpeg-tools - command-line tools using the JPEG 2000 library
Closes: 672455 685970
Changes: 
 openjpeg (1.3+dfsg-4+squeeze1) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix cve-2012-3535: buffer overflow in JPEG2000 decoding (closes: #685970).
   * Fix cve-2012-3358: another buffer overflow in JPEG2000 image file handling.
 Fix cve-2009-5030: avoid memory overrun (Closes: #672455).
Checksums-Sha1: 
 732749852ee1b24b438f2854ceec736c34cfd5cd 2721 openjpeg_1.3+dfsg-4+squeeze1.dsc
 bac94ef1e288aaf122f1c45605236bac6b47dabd 895482 openjpeg_1.3+dfsg.orig.tar.gz
 af209d8cfef4cab04c62937cf52c5edaff675aa5 13429 
openjpeg_1.3+dfsg-4+squeeze1.diff.gz
 8960d632bba1407d580c359c02925322fa26e415 95034 
libopenjpeg-dev_1.3+dfsg-4+squeeze1_amd64.deb
 775e3e8c22315d9a1721e17754ff36ca49b7b62e 82040 
libopenjpeg2_1.3+dfsg-4+squeeze1_amd64.deb
 a5b3f6c3d681c97e736ed28f104a5904598b7d01 315416 
libopenjpeg2-dbg_1.3+dfsg-4+squeeze1_amd64.deb
 d8b24ad9b0e88e3b64e62a955856e753799fe122 210010 
openjpeg-tools_1.3+dfsg-4+squeeze1_amd64.deb
Checksums-Sha256: 
 98d749a3c8607d00b8a63e79a00b30968d0c67b14e0c83ca833e353c8f9448ca 2721 
openjpeg_1.3+dfsg-4+squeeze1.dsc
 5ba9a6653931907c5b7cc67443470f1b23a5be846ab11ccaf8ca7e2ffa6387af 895482 
openjpeg_1.3+dfsg.orig.tar.gz
 15a3c457f5770575cf6a2b23353cb8b852bc3c992155bb261559f56d8cbd904b 13429 
openjpeg_1.3+dfsg-4+squeeze1.diff.gz
 92924f30eb78ab612719b2ddec4a54a30341ac1c6b0006c008a6b7447b466182 95034 
libopenjpeg-dev_1.3+dfsg-4+squeeze1_amd64.deb
 dfc7a895749150eedcea53eeca1fe90a817e913fe70087d830434c2b375ae998 82040 
libopenjpeg2_1.3+dfsg-4+squeeze1_amd64.deb
 ea1f1fad67e57f6c543edff429952d02da610f7b7aeeec04702dec9735d774e7 315416 
libopenjpeg2-dbg_1.3+dfsg-4+squeeze1_amd64.deb
 51fa15cf42d6fc9580ed0249131fcf209cdd88661dbdfdc25723a77331f49cc2 210010 
openjpeg-tools_1.3+dfsg-4+squeeze1_amd64.deb
Files: 
 e0e28bafe79e4ceb345aa1382462a527 2721 libs extra 
openjpeg_1.3+dfsg-4+squeeze1.dsc
 5fd807abf8a71adb021181d2790eda86 895482 libs extra 
openjpeg_1.3+dfsg.orig.tar.gz
 d0960b4d7a4911c4778c9e9a2d8d31d5 13429 libs extra 
openjpeg_1.3+dfsg-4+squeeze1.diff.gz
 84a7a3719f6d3e8847778d6f3eca83c5 95034 libdevel extra 
libopenjpeg-dev_1.3+dfsg-4+squeeze1_amd64.deb
 538b78e4b7e38c4064e7c25f2a5b0c78 82040 libs extra 
libopenjpeg2_1.3+dfsg-4+squeeze1_amd64.deb
 a08d5395af6ccd86e0301bf1e513a260 315416 libdevel extra 
libopenjpeg2-dbg_1.3+dfsg-4+squeeze1_amd64.deb
 c85abfdfe50560033abb34ad4e8aea9c 210010 graphics extra 
openjpeg-tools_1.3+dfsg-4+squeeze1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iQQcBAEB

Bug#701642: marked as done (btrfs-tools - Udev hook runs before blkid)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 12:02:32 +
with message-id 
and subject line Bug#701642: fixed in btrfs-tools 0.19+20130131-1
has caused the Debian Bug report #701642,
regarding btrfs-tools - Udev hook runs before blkid
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701642: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701642
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: btrfs-tools
Version: 0.19+20120328-7
Severity: grave

btrfs-tools includes a udev hook to scan btrfs filesystems. This hook
checks ID_FS_TYPE. However the hook is evaluated _before_ blkid is used
to determine this variable.

The hook is called 60-btrfs.rules. blkid is used in
60-persistent*.rules, which orders after.

Bastian

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.7-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages btrfs-tools depends on:
ii  e2fslibs1.42.5-1
ii  libc6   2.13-38
ii  libcomerr2  1.42.5-1
ii  libuuid12.20.1-5.3
ii  zlib1g  1:1.2.7.dfsg-13

btrfs-tools recommends no packages.

btrfs-tools suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: btrfs-tools
Source-Version: 0.19+20130131-1

We believe that the bug you reported is fixed in the latest version of
btrfs-tools, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 701...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Baumann  (supplier of updated 
btrfs-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 26 Feb 2013 12:12:39 +0100
Source: btrfs-tools
Binary: btrfs-tools btrfs-tools-udeb btrfs-tools-dbg
Architecture: source i386
Version: 0.19+20130131-1
Distribution: unstable
Urgency: low
Maintainer: Daniel Baumann 
Changed-By: Daniel Baumann 
Description: 
 btrfs-tools - Checksumming Copy on Write Filesystem utilities
 btrfs-tools-dbg - Checksumming Copy on Write Filesystem utilities (debug)
 btrfs-tools-udeb - Checksumming Copy on Write Filesystem utilities (udeb) 
(udeb)
Closes: 701642
Changes: 
 btrfs-tools (0.19+20130131-1) unstable; urgency=low
 .
   * Merging upstream version 0.19+20130131.
   * Updating copyright file for new upstream version.
   * Updating years in copyright file.
   * Prefixing patches with four digits.
   * Trimming diff headers in patches.
   * Dropping dpkg-source compression levels.
   * Moving udev rules from 60-btrfs.rules to 70-btrfs.rules (Closes:
 #701642).
   * Dropping lables.patch, included upstream.
   * Rediffing manpage.patch.
   * Rediffing linker.patch.
   * Dropping gzip.patch, not needed anymore.
   * Dropping armel.patch, included upstream.
   * Rediffing manpage2.patch.
   * Dropping fsck.patch, not needed anymore.
   * Rediffing unaligned-memaccess.patch.
   * Dropping loop.patch, included upstream.
   * Renumbering patches.
   * Adding libblkid-dev to build-depends.
   * Including show-blocks.
   * Including bcp.
   * Adding suggests to python.
   * Adding lintian overrides.
Checksums-Sha1: 
 2405c7588f6c3928adf5115c3f592d6e9e0b5e28 1353 btrfs-tools_0.19+20130131-1.dsc
 849c90a4ff84798994b009488afaa15e6471e854 202116 
btrfs-tools_0.19+20130131.orig.tar.xz
 4bc3af2976c8f26929aa7414ef2d774c3b24a8b7 8372 
btrfs-tools_0.19+20130131-1.debian.tar.xz
 47af841383c1326bbdb97facc4e3b20772ca2bd9 290440 
btrfs-tools_0.19+20130131-1_i386.deb
 bda5069a68a2b777ec8cf4268a4436d0265658bc 151974 
btrfs-tools-udeb_0.19+20130131-1_i386.udeb
 10b3482cfeb22a5d5f3a54bb53a939c2f613bc4b 3698454 
btrfs-tools-dbg_0.19+20130131-1_i386.deb
Checksums-Sha256: 
 17db919a2e3821091f2a6251af8e9f76bee8ab79b989dde53b100bec5e6a7692 1353 
btrfs-tools_0.19+20130131-1.dsc
 587133c07fee40c2685c4c30875dd3c46f2cd66134eec416c678446fae47ab18 202116 
btrfs-tools_0.19+20130131.orig.tar.xz
 370e37f3511764cc611cb3783ee6ac39044e52f769ed168b06d1986f44cf28c7 8372 
btrfs-tools_0.19+20130131-1.debian.tar.xz
 62

Bug#686502: XZ embedded bug unpacking linux-3.8.tar.xz

[John Spencer]

On 02/26/2013 07:43 AM, Michael Tokarev wrote:

26.02.2013 03:21, John Spencer wrote:

[ quoting the full mail of lasse since it didnt make its way into the bb 
maillist yet ]


Additionally there has been a discussion and attempts to cook up a
patch in Debian, see http://bugs.debian.org/686502 , which I submitted
as a bug to busybox bugzilla -- https://bugs.busybox.net/show_bug.cgi?id=5804 .
Cc'ing the Debian bugreport.  I like the below patch better :)


the patches for busybox 1.20.2 are available in this commit
https://github.com/rofl0r/sabotage/commit/c03ddd39878473939bda6b574bc8854c533b4b00


(so that you dont have to backport them yourselves again)

i.e.
https://raw.github.com/rofl0r/sabotage/c03ddd39878473939bda6b574bc8854c533b4b00/KEEP/busybox-xz-bugfix1.patch
https://raw.github.com/rofl0r/sabotage/c03ddd39878473939bda6b574bc8854c533b4b00/KEEP/busybox-xz-bugfix2.patch
https://raw.github.com/rofl0r/sabotage/c03ddd39878473939bda6b574bc8854c533b4b00/KEEP/busybox-xz-bugfix3.patch



/mjt



--JS


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#696187: marked as done (CVE-2012-5643: cachemgr.cgi denial of service)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 11:47:04 +
with message-id 
and subject line Bug#696187: fixed in squid3 3.1.6-1.2+squeeze3
has caused the Debian Bug report #696187,
regarding CVE-2012-5643: cachemgr.cgi denial of service
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
696187: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696187
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: squid-cgi
Version: 3.1.20-2
Severity: important
Tags: security

http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
http://www.openwall.com/lists/oss-security/2012/12/17/3

Problem Description:
 Due to missing input validation Squid cachemgr.cgi tool is
 vulnerable to a denial of service attack when processing
 specially crafted requests.

- Henri Salo
--- End Message ---
--- Begin Message ---
Source: squid3
Source-Version: 3.1.6-1.2+squeeze3

We believe that the bug you reported is fixed in the latest version of
squid3, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 696...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated squid3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 23 Feb 2013 14:08:15 +0100
Source: squid3
Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi
Architecture: source all amd64
Version: 3.1.6-1.2+squeeze3
Distribution: stable-security
Urgency: high
Maintainer: Luigi Gangitano 
Changed-By: Salvatore Bonaccorso 
Description: 
 squid-cgi  - A full featured Web Proxy cache (HTTP proxy) - control CGI
 squid3 - A full featured Web Proxy cache (HTTP proxy)
 squid3-common - A full featured Web Proxy cache (HTTP proxy) - common files
 squid3-dbg - A full featured Web Proxy cache (HTTP proxy) - Debug symbols
 squidclient - A full featured Web Proxy cache (HTTP proxy) - control utility
Closes: 696187
Changes: 
 squid3 (3.1.6-1.2+squeeze3) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add CVE-2012-5643-CVE-2013-0189.dpatch patch.
 Fix squid-cgi (cachemgr) memory leaks and denial of service
 vulnerability: remote attackers could cause a denial of service (memory
 consumption) via (1) invalid Content-Length headers, (2) long POST
 requests, or (3) crafted authentication credentials. CVE-2012-5643 and
 CVE-2013-0189. (Closes: #696187)
Checksums-Sha1: 
 c5f6749082a7f2fb4e2f040b2bc0cecfef97e81a 1945 squid3_3.1.6-1.2+squeeze3.dsc
 b2208a200998e98a02596d3c8f4dad6763746c53 23044 
squid3_3.1.6-1.2+squeeze3.diff.gz
 6380ea78d9eadc573d8e51cccaaf113e092544cf 196062 
squid3-common_3.1.6-1.2+squeeze3_all.deb
 8d55afc54170c79003164e6efaebd24f5d3992c2 1503786 
squid3_3.1.6-1.2+squeeze3_amd64.deb
 2405080e5f4af1146660e022f3f6c5cb6e0d9b58 5630368 
squid3-dbg_3.1.6-1.2+squeeze3_amd64.deb
 d65ed2ccc4ad390a9b090f301a748c04a9bd2337 106596 
squidclient_3.1.6-1.2+squeeze3_amd64.deb
 cfaf934f65485e93dd42c680e56345e65f7592aa 109162 
squid-cgi_3.1.6-1.2+squeeze3_amd64.deb
Checksums-Sha256: 
 4e240bc5b701735fd66f8a4f6c9be1b81cd427810f9f4836e3fa6ce33ab20e70 1945 
squid3_3.1.6-1.2+squeeze3.dsc
 edf23b6e2a9773e4aedb9e87f281b5cf59574db7171a15d634ab5d32e8bac82c 23044 
squid3_3.1.6-1.2+squeeze3.diff.gz
 cf066c363753e37d32acebb3c4b6b9e0a28cbbd743a1ad6d58ce2036f70ff313 196062 
squid3-common_3.1.6-1.2+squeeze3_all.deb
 6221b0bb02cf7d4acc855e119660c0e8e5c6d463ae40ba51939b03437003db76 1503786 
squid3_3.1.6-1.2+squeeze3_amd64.deb
 866d213ed26f42c62752a56c2007ebf41377ef459367f7da5ae1b4ccc8c0af11 5630368 
squid3-dbg_3.1.6-1.2+squeeze3_amd64.deb
 4d30058966703e44bf7f93a57213294814706de00e8ab57735e8e5662e2d2d6b 106596 
squidclient_3.1.6-1.2+squeeze3_amd64.deb
 dd991d13eaa5e17d8c1c3d93b2cfa9ef98571417348a357582ccd160238ad037 109162 
squid-cgi_3.1.6-1.2+squeeze3_amd64.deb
Files: 
 c7754aa210a9bec4b70cffe5e76162e4 1945 web optional 
squid3_3.1.6-1.2+squeeze3.dsc
 1e5c47a57390e3687ef07af9a54f9807 23044 web optional 
squid3_3.1.6-1.2+squeeze3.diff.gz
 25c25ea08cff7d1564f43781118367d1 196062 web optional 
squid3-common_3.1.6-1.2+squeeze3_all.deb
 b232b0475053ee02b141cbd1a0868d92 1503786 web optional 
squid3_3.1.6-1.2+squeeze3_am

Processed: tagging 701688

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 701688 - wheezy sid
Bug #701688 [src:aster] aster: FTBFS[any-i386]: DIAGNOSTIC JOB : 
_BUILD_FAILED
Removed tag(s) sid and wheezy.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701688: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701688
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#701649: marked as done (libvirt-bin - libvirtd changes permissions of devices to libvirt-qemu:kvm (CVE-2013-1766))

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 10:32:50 +
with message-id 
and subject line Bug#701649: fixed in libvirt 1.0.2-3
has caused the Debian Bug report #701649,
regarding libvirt-bin - libvirtd changes permissions of devices to 
libvirt-qemu:kvm (CVE-2013-1766)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701649: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libvirt-bin
Version: 1.0.2-2
Severity: critical
Tags: security

libvirtd changes the permissions of lvm devices it assigns to guests to
libvirt-qemu:kvm. kvm is a general group and not restricted to libvirt.
The allows other users write access to this devices.

I'm right now unsure if the Wheezy version is affected.

| brw-rw---T 1 libvirt-qemu kvm  254, 11 Feb 25 17:08 /dev/dm-11
| brw-rw---T 1 libvirt-qemu kvm  254, 12 Feb 25 17:50 /dev/dm-12

Bastian

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.7-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: libvirt
Source-Version: 1.0.2-3

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 701...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther  (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 26 Feb 2013 09:32:59 +0100
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev 
python-libvirt libvirt-sanlock
Architecture: source all i386
Version: 1.0.2-3
Distribution: experimental
Urgency: low
Maintainer: Debian Libvirt Maintainers 

Changed-By: Guido Günther 
Description: 
 libvirt-bin - programs for the libvirt library
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt-sanlock - library for interfacing with different virtualization systems
 libvirt0   - library for interfacing with different virtualization systems
 libvirt0-dbg - library for interfacing with different virtualization systems
 python-libvirt - libvirt Python bindings
Closes: 701649
Changes: 
 libvirt (1.0.2-3) experimental; urgency=low
 .
   * [6270001] CVE-2013-1766: Use libvirt-qemu as group to run qemu/kvm
 instances.  This makes sure we don't chown files to groups possibly used
 by other programs. (Closes: #701649)
Checksums-Sha1: 
 781c6c7d86350d8c6b77e8459a1c7c5adb05be45 2515 libvirt_1.0.2-3.dsc
 3179d4005688af0434763e6d3dac246dea170bb5 39677 libvirt_1.0.2-3.debian.tar.gz
 17e8373d67a9b5127915f6f61df41d22247125e6 2689284 libvirt-doc_1.0.2-3_all.deb
 c733276a1b881554c8c032c8900616b231bb108f 4765166 libvirt-bin_1.0.2-3_i386.deb
 521cfc1ff22937d78fa6d8f69b162f29a976844a 2534946 libvirt0_1.0.2-3_i386.deb
 466fad04a338a7ae90d8dc7ab9be9768538b79e4 10598744 libvirt0-dbg_1.0.2-3_i386.deb
 f3e81c922a37560b77a2265123a522918181affc 2915812 libvirt-dev_1.0.2-3_i386.deb
 fb8d86b727bab208d5c7defa1a42d897738aac17 1905800 
python-libvirt_1.0.2-3_i386.deb
 db6ff09d48af0aee0f61aa34c14a6424d1318fed 1525492 
libvirt-sanlock_1.0.2-3_i386.deb
Checksums-Sha256: 
 0c3b9741618c74dfae0b9fb584188e86dca1496c9e7badcd81f6471f823e1ed2 2515 
libvirt_1.0.2-3.dsc
 59de53c3fa635331d5607350a9e072c216b420b7e191ea70be012a321b87bbf0 39677 
libvirt_1.0.2-3.debian.tar.gz
 41e2ef9c1ecdf0551552cf1a32c07692758fa04c7a04bcfc012dd7277795d246 2689284 
libvirt-doc_1.0.2-3_all.deb
 9d564cf5cd4dec75094c554d97820adccda300a6cda8b50b1d399632712e13d4 4765166 
libvirt-bin_1.0.2-3_i386.deb
 2e6d42c5d50f44a325903903581747519acfcfb60eb208fd9032ad6dac900d2e 2534946 
libvirt0_1.0.2-3_i386.deb
 b9096f4b36d14d7b21aeb8a528dac48e77aa3fb86bc32acc3fd61a2013774882 10598744 
libvirt0-dbg_1.0.2-3_i386.deb
 194d334f266d985aa137d6b7ed67a80af2a124d5d44eed6407d1253526e2ed28 2915812 
libvirt-dev_1.0.2-3_i386.deb
 b675ee6feef0273aa

Bug#698497: marked as done (Missing license information)

[Debian Bug Tracking System]

Your message dated Tue, 26 Feb 2013 09:17:52 +
with message-id 
and subject line Bug#698497: fixed in beast-mcmc 1.7.4-2
has caused the Debian Bug report #698497,
regarding Missing license information
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
698497: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698497
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: beast-mcmc
Version: 1.6.2-3
Severity: serious

src/dr/math/matrixAlgebra/RobustSingularValueDecomposition.java seems derived
from COLT 1.2, whose license can be found at http://acs.lbl.gov/software/colt
/colt-download/releases/license.html

Please consider adding information to copyright file.



-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: beast-mcmc
Source-Version: 1.7.4-2

We believe that the bug you reported is fixed in the latest version of
beast-mcmc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 698...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Olivier Sallou  (supplier of updated beast-mcmc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 23 Feb 2013 20:55:28 +0100
Source: beast-mcmc
Binary: beast-mcmc libnucleotidelikelihoodcore0 beast-mcmc-examples 
beast-mcmc-doc
Architecture: source all amd64
Version: 1.7.4-2
Distribution: experimental
Urgency: low
Maintainer: Debian Med Packaging Team 

Changed-By: Olivier Sallou 
Description: 
 beast-mcmc - Bayesian MCMC phylogenetic inference
 beast-mcmc-doc - Bayesian MCMC phylogenetic inference - documentation
 beast-mcmc-examples - Bayesian MCMC phylogenetic inference - example data
 libnucleotidelikelihoodcore0 - implementation of LikelihoodCore for 
nucleotides used by beast-mc
Closes: 698497
Changes: 
 beast-mcmc (1.7.4-2) experimental; urgency=low
 .
   * Add copyright license info  for file (Closes: #698497).
- src/dr/math/matrixAlgebra/RobustSingularValueDecomposition.java
Checksums-Sha1: 
 aa0877c3de02ec09c8a4ced785de54e6d94d19fa 2570 beast-mcmc_1.7.4-2.dsc
 9c399465b402dcac139d82f84141e4ce469f57cf 20823 beast-mcmc_1.7.4-2.debian.tar.gz
 5576450f497aa4982c533f803233c7546caad169 6681562 beast-mcmc_1.7.4-2_all.deb
 bd9c724b650fe302377c396eef760a094a547379 3362 
libnucleotidelikelihoodcore0_1.7.4-2_amd64.deb
 1aae753cacb3605b3cf4f08175fdbfe4981a50aa 1920158 
beast-mcmc-examples_1.7.4-2_all.deb
 0788657fdc2c41e5ab2eb459c3644394ea406e66 1823446 beast-mcmc-doc_1.7.4-2_all.deb
Checksums-Sha256: 
 4ed96c3f73b33f27d31a09dd2ac87f42dc2d1fd17eedcc65e90e8c3ebbe91ea1 2570 
beast-mcmc_1.7.4-2.dsc
 fe7759df07f91677c2edc48ba49c729ef792b403321911c7a8d0108ded9c660c 20823 
beast-mcmc_1.7.4-2.debian.tar.gz
 9741825777c6f832cb85cd5e968fd052d3312b34470bd82fda445c6c0407d654 6681562 
beast-mcmc_1.7.4-2_all.deb
 56035b9393e5327e8b0641b7b63c715022f7af5ba3674dd777f4996430d9411a 3362 
libnucleotidelikelihoodcore0_1.7.4-2_amd64.deb
 f8661aa48307fb31d37e8f981612cfe09485326a6ca6d7b65bd770f47abddc61 1920158 
beast-mcmc-examples_1.7.4-2_all.deb
 55140a52214664ea8a3325ac01c6c6affaade1a0756167fa3f39b79ef3f906fc 1823446 
beast-mcmc-doc_1.7.4-2_all.deb
Files: 
 6759b91e2b8ec2b346bf36ef3ee26198 2570 contrib/science optional 
beast-mcmc_1.7.4-2.dsc
 fca5c4f19f6fbbbe769b6def80145244 20823 contrib/science optional 
beast-mcmc_1.7.4-2.debian.tar.gz
 2c7a87102c1f63e9e6a2c8dd2781d309 6681562 contrib/science optional 
beast-mcmc_1.7.4-2_all.deb
 42f9f322f9d3f1ea1e10f4e08d70a79b 3362 contrib/libs optional 
libnucleotidelikelihoodcore0_1.7.4-2_amd64.deb
 446614c9761b9658f328fc7797a4ccd2 1920158 contrib/doc optional 
beast-mcmc-examples_1.7.4-2_all.deb
 dab2b1a30d5d01ada9ee0b5769d68854 1823446 contrib/doc optional 
beast-mcmc-doc_1.7.4-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRLHv0AAoJEHjcaNsybYQ4twYP/AgMe85M0hTG4aI1Vblk2TYX
XUI3uCVIxfDcaYyiO3FB9cI4refOOkWeR3mty4qOpwwBZA

Bug#700914: Not RC?

[Julien Cristau]

On Sun, Feb 24, 2013 at 19:45:01 +0100, Anton Gladky wrote:

> Hi,
> 
> thanks for bugreport. But I think, the bug cannot be considered as RC and
> its severity should be lowered.
> 
Note that n...@bugs.debian.org doesn't go to the bug submitter.  You
should cc them explicitly if you want them to see your message (or your
thanks).

Cheers,
Julien
-- 
Julien Cristau  
Logilab http://www.logilab.fr/
Informatique scientifique & gestion de connaissances


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: retitle 701649 to libvirt-bin - libvirtd changes permissions of devices to libvirt-qemu:kvm (CVE-2013-1766)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 701649 libvirt-bin - libvirtd changes permissions of devices to 
> libvirt-qemu:kvm (CVE-2013-1766)
Bug #701649 [libvirt-bin] libvirt-bin - libvirtd changes permissions of devices 
to libvirt-qemu:kvm
Changed Bug title to 'libvirt-bin - libvirtd changes permissions of devices to 
libvirt-qemu:kvm (CVE-2013-1766)' from 'libvirt-bin - libvirtd changes 
permissions of devices to libvirt-qemu:kvm'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701649: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org