Bug#701227: marked as done (nagios-nrpe: CVE-2013-1362: allows the passing of $() as command arguments to execute shell commands)
Your message dated Sat, 09 Mar 2013 09:04:37 + with message-id e1uefhl-mn...@franck.debian.org and subject line Bug#701227: fixed in nagios-nrpe 2.13-3 has caused the Debian Bug report #701227, regarding nagios-nrpe: CVE-2013-1362: allows the passing of $() as command arguments to execute shell commands to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 701227: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701227 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: nagios-nrpe Severity: grave Tags: security Hi On bugtraq mailinglist it was reported publicly[1]. If support for command argument in the daemon are enabled then it would be possible to pass $() and possibly executing shell commands when run unter bash. Upstream has released 2.14 containing a patch and disabling bash command substitutions by default: 2.14 - 12/21/2012 - - Added configure option to allow bash command substitutions, disabled by default [bug #400] (Eric Stanley) - Patched to shutdown SSL connection completely (Jari Takkala) - Added SRC support on AIX (Thierry Bertaud) - Updated RPM SPEC file to support creating RPMs on AIX (Eric Stanley) - Updated logging to support compiling on AIX (Eric Stanley) According to [1], there is CVE-2013-1362 assigned to it. In the debian package we have explicitly --enable-command-args so the Debian packages looks affected. [1]: http://seclists.org/bugtraq/2013/Feb/119 Regards, Salvatore ---End Message--- ---BeginMessage--- Source: nagios-nrpe Source-Version: 2.13-3 We believe that the bug you reported is fixed in the latest version of nagios-nrpe, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 701...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alexander Wirt formo...@debian.org (supplier of updated nagios-nrpe package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 09 Mar 2013 08:42:05 +0100 Source: nagios-nrpe Binary: nagios-nrpe-server nagios-nrpe-plugin Architecture: source amd64 Version: 2.13-3 Distribution: unstable Urgency: high Maintainer: Debian Nagios Maintainer Group pkg-nagios-de...@lists.alioth.debian.org Changed-By: Alexander Wirt formo...@debian.org Description: nagios-nrpe-plugin - Nagios Remote Plugin Executor Plugin nagios-nrpe-server - Nagios Remote Plugin Executor Server Closes: 701227 Changes: nagios-nrpe (2.13-3) unstable; urgency=high . * [e55afd1] Add 08_CVE-2013-1362.dpatch patch. If command arguments are enabled in the NRPE configuration, it was possible to pass $() as arguments as the checking for nasty caracters was not strict enough to catch $(). This allowed executing shell commands under a subprocess and pass the output as a parameter to the called script (if run under bash). CVE-2013-1362 (Closes: #701227) Checksums-Sha1: ce797b74315a839d047b9f14e92ec152c7e1664f 1356 nagios-nrpe_2.13-3.dsc 8af5274412281f9bc77c819c1cf8838351804c73 5 nagios-nrpe_2.13-3.diff.gz 432c0ba3347aa7aa5e948e84310cfd58ef5380c0 41026 nagios-nrpe-server_2.13-3_amd64.deb a07a26e80cb5bd7cd7404d580a3488c487116141 19692 nagios-nrpe-plugin_2.13-3_amd64.deb Checksums-Sha256: b7604c377e9042380be01316394696398a0860fc128d04532c313e3ef2d6a92c 1356 nagios-nrpe_2.13-3.dsc b7bfc6b0d0894bf6660b91292adffc50e28724f905b0df1f59ac561a94a14e4f 5 nagios-nrpe_2.13-3.diff.gz 501c8eb1c2d8703f49cb997b9eb585cd301d05b249cd288e7ef4919e01643865 41026 nagios-nrpe-server_2.13-3_amd64.deb 6622c8d1bbcb4e7daaedcb9cfd86dd32b69c6a8d046bbf05b34e2b61b1c5fb15 19692 nagios-nrpe-plugin_2.13-3_amd64.deb Files: e23df9385fd97d0150e1f7623928c697 1356 net optional nagios-nrpe_2.13-3.dsc 854eb80d419e8e51d0d7e0b4a14f7be4 5 net optional nagios-nrpe_2.13-3.diff.gz 545cc2e0a1716e59711fb32f39b39772 41026 net optional nagios-nrpe-server_2.13-3_amd64.deb 768f4a3b8ebc00780ac8f37362ea963f 19692 net optional nagios-nrpe-plugin_2.13-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlE66yMACgkQ01u8mbx9AgqSTgCgw5DQjTUnaHd2tfAuAJWP71LV fVcAoIX4bz0OgymTdVboLfc5s3gOp/Mb =Rnqy -END PGP SIGNATUREEnd
Bug#702609: pidgin-audacious: Not able to activate
On Fri, Mar 08, 2013 at 11:35:18PM +0100, Christian Britz wrote: Package: pidgin-audacious Version: 2.0.0-2 Severity: grave Justification: renders package unusable Dear Maintainer, when I try to activate the Pidgin-Audacious plugin in pidgin nothing happens. When I click on Plugin Details the following error message shows up: Error: undefined symbol: audacious_remote_is_playing Indeed, /usr/lib/pidgin/pidgin-audacious.so has unresolved references to audacious_remote_is_playing, audacious_remote_get_playlist_title and audacious_remote_get_playlist_pos which are defined in libaudclient2. /usr/lib/pidgin/pidgin-audacious.so needs to be linked against it. -laudclient2 is not used because only `pkg-config --libs audacious` is used which includes only -laudcore -laudgui. But as the plugin doesn't seem to use these libs the correct fix would be replacing `pkg-config --libs audacious` with `pkg-config --libs audclient`. I'm preparing a package with this fix. -- WBR, wRAR signature.asc Description: Digital signature
Bug#702475: apache2: the itk MPM is underlinked: sys/capability.h symbols are not resolved
On Saturday 09 March 2013, Steinar H. Gunderson wrote: However, my long-term plan is definitely to build mpm-itk out-of-tree and a separate source package; if the Debian Apache maintainers want to include the patches needed, I think this would make the lives easier for all of us :-) Yes. Until then, adding LoadFile libcap.so to mpm-itk.load could be a workaround. Anyone has time to test this? -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: tagging 702609
Processing commands for cont...@bugs.debian.org: tags 702609 + pending Bug #702609 [pidgin-audacious] pidgin-audacious: Not able to activate Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 702609: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702609 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702633: CVE-2012-1016: NULL pointer dereference (DoS) in plugins/preauth/pkinit/pkinit_srv.c
Package: src:krb5 Version: 1.10.1+dfsg-4 Severity: serious Tags: security Dear kerberos maintainers, I noticed that your recent upload of 1.10.1+dfsg-4 fixed CVE-2013-1415, but it does not say anything about CVE-2012-1016. Those two vulnerabilities were fixed in the same upstream release 1.10.4. Could you have a look at whether this particular issue CVE-2012-1016 affects us and downgrade or close this bug as appropriate? Helmut -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: retitle 702453 to missing Replaces/Breaks: gir1.0-clutter-1.0
Processing commands for cont...@bugs.debian.org: retitle 702453 missing Replaces/Breaks: gir1.0-clutter-1.0 Bug #702453 [gir1.2-cogl-1.0] update from squeeze to wheezy breaks because of broken dependencies Changed Bug title to 'missing Replaces/Breaks: gir1.0-clutter-1.0' from 'update from squeeze to wheezy breaks because of broken dependencies' thanks Stopping processing here. Please contact me if you need assistance. -- 702453: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702453 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#671483: icedove: crashes on startup with failed assertion
Hi Tim, thanks for the backtrace! On Mon, Jan 07, 2013 at 05:54:41PM +, Tim Chadburn wrote: [..snip..] Thread 1 (Thread 0xb70d5730 (LWP 6100)): #0 0xb7fe2424 in __kernel_vsyscall () #1 0xb7db9781 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0xb7dbcbb2 in *__GI_abort () at abort.c:92 #3 0xb7db28e8 in *__GI___assert_fail (assertion=0xb7eb3d60 outbuf != ((void *)0) *outbuf != ((void *)0), file=0xb7eafea4 gconv.c, line=75, function=0xb7eafec8 __gconv) at assert.c:81 #4 0xb7da758b in __gconv (cd=0xb6ec6920, inbuf=value optimized out, inbufend=value optimized out, outbuf=0xbfffddac, outbufend=0x0, irreversible=0xbfffdcac) at gconv.c:75 #5 0xb7da6a46 in iconv (cd=0xb6ec6920, inbuf=0xbfffdda4, inbytesleft=0xbfffdd40, outbuf=0xbfffddac, outbytesleft=0xbfffdd3c) at iconv.c:53 This aborts because *outbuf == NULL. #6 0xb7f82e24 in xp_iconv (converter=0x0, input=0x6, inputLeft=0xbfffdd40, output=0xbfffddac, outputLeft=0xbfffdd3c) at nsNativeCharsetUtils.cpp:162 #7 0xb7f83007 in nsNativeCharsetConverter::NativeToUnicode (this=0xbfffddb3, input=0xbfffdda4, inputLeft=0xbfffdda0, output=0xbfffddac, outputLeft=0xbfffdda8) at nsNativeCharsetUtils.cpp:493 #8 0xb7f834a9 in NS_CopyNativeToUnicode (input=..., output=...) at nsNativeCharsetUtils.cpp:834 Could you insepct input and output here? Maybe we can get a clue what's causing this. #9 0xb630050b in ConvertibleToNative (name=...) at nsMsgUtils.cpp:383 #10 NS_MsgHashIfNecessary (name=...) at nsMsgUtils.cpp:478 #11 0xb62f2285 in nsMsgDBFolder::CreateFileForDB (this=0xa9f9f000, userLeafName=..., path=0xb00c2a00, dbFile=0xbfffe408) at nsMsgDBFolder.cpp:908 #12 0xb64140f3 in nsImapMailFolder::CreateClientSubfolderInfo (this=0xa9f9f000, folderName=..., hierarchyDelimiter=46 '.', flags=64, suppressNotification=0) at nsImapMailFolder.cpp:986 #13 0xb641404c in nsImapMailFolder::CreateClientSubfolderInfo (this=0xb27ab400, folderName=..., hierarchyDelimiter=-44 '?', flags=64, suppressNotification=0) at nsImapMailFolder.cpp:970 #14 0xb63fc51c in nsImapIncomingServer::PossibleImapMailbox (this=0xb4137bf0, folderPath=..., hierarchyDelimiter=-44 '?', boxFlags=64, aNewFolder=0xb09fec50) at nsImapIncomingServer.cpp:1254 Could you check with gdb what folder is causing the trouble here? #15 0xb7fa004f in NS_InvokeByIndex_P () from /usr/lib/icedove/libxpcom_core.so #16 0xb7f97f43 in nsProxyObjectCallInfo::Run (this=0xa9f445e0) at nsProxyEvent.cpp:181 #17 0xb7f93653 in nsThread::ProcessNextEvent (this=0xb6ec69c0, mayWait=1, result=0xbfffed3c) at nsThread.cpp:521 #18 0xb7f637d6 in NS_ProcessNextEvent_P (thread=0x0, mayWait=1) at nsThreadUtils.cpp:247 #19 0xb5157757 in nsBaseAppShell::Run (this=0xb65bb1a0) at nsBaseAppShell.cpp:170 #20 0xb4e46350 in nsAppStartup::Run (this=0xb6e92fd0) at nsAppStartup.cpp:193 #21 0xb7fd2fa2 in XRE_main (argc=1, argv=0xb2e4, aAppData=0xb6e16380) at nsAppRunner.cpp:3321 #22 0x08049314 in main (argc=1, argv=0xb2e4) at nsMailApp.cpp:103 in nsAppRunner.cpp (gdb) Any chance you could check with the Wheezy version? It'd be great to know if this still affects the upcoming release. Cheers, -- Guido -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: not security related
Processing commands for cont...@bugs.debian.org: tag 659994 -security Bug #659994 [icedove] [regression] icedove: symbol lookup error: [...]/libdbusservice.so: undefined symbol: NS_Alloc Bug #660736 [icedove] Subject: icedove deads on undefined symbol Bug #691985 [icedove] icedove: aborts on startup Removed tag(s) security. Removed tag(s) security. Removed tag(s) security. thanks Stopping processing here. Please contact me if you need assistance. -- 659994: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659994 660736: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660736 691985: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691985 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: merging 659994 659301
Processing commands for cont...@bugs.debian.org: merge 659994 659301 Bug #659994 [icedove] [regression] icedove: symbol lookup error: [...]/libdbusservice.so: undefined symbol: NS_Alloc Bug #660736 [icedove] Subject: icedove deads on undefined symbol Bug #691985 [icedove] icedove: aborts on startup Bug #659994 [icedove] [regression] icedove: symbol lookup error: [...]/libdbusservice.so: undefined symbol: NS_Alloc There is no source info for the package 'icedove' at version '3.1.16-1~bpo60+1' with architecture '' Unable to make a source version for version '3.1.16-1~bpo60+1' Marked as found in versions 3.1.16-1~bpo60+1. Marked as found in versions 3.1.16-1~bpo60+1. Marked as found in versions 3.1.16-1~bpo60+1. Bug #659301 [icedove] icedove: Icedove will not start unless libdbusservice.so and libmailcomps.so removed There is no source info for the package 'icedove' at version '3.1.16-1~bpo60+1' with architecture '' Unable to make a source version for version '3.1.16-1~bpo60+1' Marked as found in versions icedove/3.0.11-1+squeeze14 and icedove/3.0.11-1+squeeze13. Added tag(s) squeeze. Bug #660736 [icedove] Subject: icedove deads on undefined symbol Bug #691985 [icedove] icedove: aborts on startup Merged 659301 659994 660736 691985 thanks Stopping processing here. Please contact me if you need assistance. -- 659301: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659301 659994: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659994 660736: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660736 691985: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691985 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659994: [regression] icedove: symbol lookup error: [...]/libdbusservice.so: undefined symbol: NS_Alloc
On Tue, Feb 21, 2012 at 07:46:04PM +0100, Christoph Goehre wrote: Hi Ansgar, On Mi, Feb 15, 2012 at 05:34:45 +0100, Ansgar Burchardt wrote: since the last security update for icedove, the program does not start on several computers here. Instead the following error message is displayed: /usr/lib/icedove/icedove-bin: symbol lookup error: /usr/lib/icedove/components/libdbusservice.so: undefined symbol: NS_Alloc I could reproduce it, but I need to move my .icedove profile away. If I downgrade to libc6 version 2.11.2-10, everything is working fine. So here my steps to reproduce: Do you have a vm that shows this problem I could ssh into? Cheers, -- Guido 1) add deb http://snapshot.debian.org/archive/debian/20111215/ squeeze main to /etc/apt/sources.list and run 'apt-get update' 2) install older libc6 apt-get install libc-bin=2.11.2-10 libc-dev-bin=2.11.2-10 libc6=2.11.2-10 libc6-dev=2.11.2-10 libc6-i386=2.11.2-10 locales=2.11.2-10 3) rerun Icedove Cheers, Christoph -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701792: marked as done (PHP extension installed to wrong directory)
Your message dated Sat, 09 Mar 2013 12:48:07 + with message-id e1uejc3-zh...@franck.debian.org and subject line Bug#701792: fixed in zeroc-ice 3.4.2-8.2 has caused the Debian Bug report #701792, regarding PHP extension installed to wrong directory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 701792: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701792 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: php-zeroc-ice Version: 3.4.2-8.1 Severity: grave The package php-zeroc-ice.install file hardcodes installation directory: usr/php/*.so usr/lib/php5/20090626+lfs which is clearly wrong because the php API version has changed. rules-php.mk has the correct way of getting the right API version, e.g. using php-config5: $(php-config5 --extension-dir) O. -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: zeroc-ice Source-Version: 3.4.2-8.2 We believe that the bug you reported is fixed in the latest version of zeroc-ice, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 701...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý ond...@debian.org (supplier of updated zeroc-ice package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 03 Mar 2013 23:59:54 +0100 Source: zeroc-ice Binary: zeroc-ice34 ice34-translators ice34-services libicestorm34 libicegrid34 libicebox34 icebox libicepatch2-34 libglacier2-34 libfreeze34 libicedb34 ice34-slice libzeroc-ice34 libicessl34 libiceutil34 libicexml34 libslice34 libzeroc-ice34-dev libzeroc-ice34-dbg python-zeroc-ice php-zeroc-ice libzeroc-ice3.4-cil libzeroc-ice-ruby1.8 libzeroc-ice3.4-java icegrid-gui Architecture: source all amd64 Version: 3.4.2-8.2 Distribution: unstable Urgency: high Maintainer: Francisco Moya p...@debian.org Changed-By: Ondřej Surý ond...@debian.org Description: ice34-services - Services bundled into ZeroC Ice ice34-slice - Slice definitions for Ice 3.4 services ice34-translators - Slice translators to several languages icebox - Plugin-based meta-application for ZeroC Ice icegrid-gui - GUI for IceGrid service libfreeze34 - Libraries implementing a persistence framework for ZeroC Ice libglacier2-34 - Libraries implementing a firewall service for ZeroC Ice libicebox34 - Libraries implementing a plugin framework for ZeroC Ice libicedb34 - Libraries for persistent backends for ZeroC Ice libicegrid34 - Libraries implementing grid-like services for ZeroC Ice libicepatch2-34 - Libraries implementing a distribution service for ZeroC Ice libicessl34 - Ice for C++ SSL plug-in libicestorm34 - Libraries implementing an event service for ZeroC Ice libiceutil34 - Ice for C++ misc utility library libicexml34 - ZeroC Ice for C++ XML parser library libslice34 - Ice for C++ Slice parser library libzeroc-ice-ruby1.8 - Ice for Ruby modules libzeroc-ice3.4-cil - Ice for C# libraries libzeroc-ice3.4-java - Ice for Java libraries libzeroc-ice34 - Ice for C++ runtime library libzeroc-ice34-dbg - Ice for C++ debugging symbols libzeroc-ice34-dev - Ice for C++ development libraries php-zeroc-ice - Ice for PHP extension python-zeroc-ice - Ice for Python libraries zeroc-ice34 - Internet Communications Engine Closes: 701792 Changes: zeroc-ice (3.4.2-8.2) unstable; urgency=high . [Sebastian Ramacher] * Non-maintainer upload. * Install PHP extension to directory given by php5-config --extension-dir. (Closes: #701792) Checksums-Sha1: 2a11c9dab6d56ed0a027e188ed3a270a05fa5b4d 2902 zeroc-ice_3.4.2-8.2.dsc 43dcd213e266fda82c97fac7564b0c382802b49f 43611 zeroc-ice_3.4.2-8.2.debian.tar.gz 8d60283e70e9c65a3080d7553e97b1152a87c8a2 36904 zeroc-ice34_3.4.2-8.2_all.deb b4d524804ae7c6a8169d3b1bd5561eae2c951560 220702 ice34-slice_3.4.2-8.2_all.deb 4f6aac38586129aff7094fef5d5b6c72c16b3a11 736262 libzeroc-ice3.4-cil_3.4.2-8.2_all.deb
Processed: Re: Bug#702526: ruby1.8: CVE-2013-1821: entity expansion DoS vulnerability in REXML
Processing control commands: tags -1 + patch Bug #702526 [src:ruby1.8] ruby1.8: CVE-2013-1821: entity expansion DoS vulnerability in REXML Ignoring request to alter tags of bug #702526 to the same tags previously set -- 702526: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702526 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702526: ruby1.8: CVE-2013-1821: entity expansion DoS vulnerability in REXML
Control: tags -1 + patch
Hi
Attached is a proposed debdiff, based also on the changes done for
ruby1.9.1. But there is one thing which might be sorted out first:
The binary debdiff shows:
cut-cut-cut-cut-cut-cut-
ri1.8:
[The following lists of changes regard files as different if they have
different names, permissions or owners.]
Files in second .deb but not in first
-
-rw-r--r-- root/root
/usr/share/ri/1.8/system/IRB/Context/_set_last_value-i.yaml
-rw-r--r-- root/root
/usr/share/ri/1.8/system/IRB/WorkSpace/__evaluate__-i.yaml
-rw-r--r-- root/root
/usr/share/ri/1.8/system/REXML/Document/entity_expansion_text_limit%3d-c.yaml
-rw-r--r-- root/root
/usr/share/ri/1.8/system/REXML/Document/entity_expansion_text_limit-c.yaml
-rw-r--r-- root/root /usr/share/ri/1.8/system/REXML/Text/expand-c.yaml
Files in first .deb but not in second
-
-rw-r--r-- root/root
/usr/share/ri/1.8/system/RSS/Rss/Channel/Item/_setup_maker_element-i.yaml
cut-cut-cut-cut-cut-cut-
Regards,
Salvatore
diff -Nru ruby1.8-1.8.7.358/debian/changelog ruby1.8-1.8.7.358/debian/changelog
--- ruby1.8-1.8.7.358/debian/changelog 2012-11-01 01:20:28.0 +0100
+++ ruby1.8-1.8.7.358/debian/changelog 2013-03-09 13:39:28.0 +0100
@@ -1,3 +1,14 @@
+ruby1.8 (1.8.7.358-6.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Add CVE-2013-1821.patch patch.
+CVE-2013-1821: Fix entity expansion DoS vulnerability in REXML. When
+reading text nodes from an XML document, the REXML parser could be
+coerced into allocating extremely large string objects which could
+consume all available memory on the system. (Closes: #702526)
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 09 Mar 2013 08:05:35 +0100
+
ruby1.8 (1.8.7.358-6) unstable; urgency=high
* Timeout the execution of the tests after 2 hours. This should fix the
diff -Nru ruby1.8-1.8.7.358/debian/patches/CVE-2013-1821.patch
ruby1.8-1.8.7.358/debian/patches/CVE-2013-1821.patch
--- ruby1.8-1.8.7.358/debian/patches/CVE-2013-1821.patch1970-01-01
01:00:00.0 +0100
+++ ruby1.8-1.8.7.358/debian/patches/CVE-2013-1821.patch2013-03-09
13:39:28.0 +0100
@@ -0,0 +1,120 @@
+Description: Fix entity expansion DoS vulnerability in REXML
+ CVE-2013-1821
+Origin: upstream,
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revisionrevision=39384view=patch
+Bug-Debian: http://bugs.debian.org/702526
+Forwarded: not-needed
+Author: Salvatore Bonaccorso car...@debian.org
+Last-Update: 2013-03-09
+
+--- a/lib/rexml/document.rb
b/lib/rexml/document.rb
+@@ -214,6 +214,18 @@
+ return @@entity_expansion_limit
+ end
+
++@@entity_expansion_text_limit = 10_240
++
++# Set the entity expansion limit. By default the limit is set to 10240.
++def Document::entity_expansion_text_limit=( val )
++ @@entity_expansion_text_limit = val
++end
++
++# Get the entity expansion limit. By default the limit is set to 1.
++def Document::entity_expansion_text_limit
++ return @@entity_expansion_text_limit
++end
++
+ attr_reader :entity_expansion_count
+
+ def record_entity_expansion
+--- a/test/rexml/test_document.rb
b/test/rexml/test_document.rb
+@@ -63,4 +63,23 @@
+ ensure
+ REXML::Document.entity_expansion_limit = 1
+ end
++
++ def test_entity_string_limit
++template = '!DOCTYPE bomb [ !ENTITY a ^ ] bomb$/bomb'
++len = 5120 # 5k per entity
++template.sub!(/\^/, B * len)
++
++# 10k is OK
++entities = 'a;' * 2 # 5k entity * 2 = 10k
++xmldoc = REXML::Document.new(template.sub(/\$/, entities))
++assert_equal(len * 2, xmldoc.root.text.bytesize)
++
++# above 10k explodes
++entities = 'a;' * 3 # 5k entity * 2 = 15k
++xmldoc = REXML::Document.new(template.sub(/\$/, entities))
++assert_raises(RuntimeError) do
++ xmldoc.root.text
++end
++ end
++
+ end
+--- a/lib/rexml/text.rb
b/lib/rexml/text.rb
+@@ -308,37 +308,35 @@
+
+ # Unescapes all possible entities
+ def Text::unnormalize( string, doctype=nil, filter=nil, illegal=nil )
+- rv = string.clone
+- rv.gsub!( /\r\n?/, \n )
+- matches = rv.scan( REFERENCE )
+- return rv if matches.size == 0
+- rv.gsub!( NUMERICENTITY ) {|m|
+-m=$1
+-m = 0#{m} if m[0] == ?x
+-[Integer(m)].pack('U*')
++ sum = 0
++ string.gsub( /\r\n?/, \n ).gsub( REFERENCE ) {
++s = Text.expand($, doctype, filter)
++if sum + s.bytesize Document.entity_expansion_text_limit
++ raise entity expansion has grown too large
++else
++ sum += s.bytesize
++end
++s
+ }
+- matches.collect!{|x|x[0]}.compact!
+- if matches.size 0
+-if doctype
+- matches.each do |entity_reference|
+-
Bug#702637: matlab-support: fails to install in clean chroot
Package: matlab-support Version: 0.0.18 Severity: serious in a clean testing chroot: Setting up matlab-support (0.0.18) ... No matlab found and maybe running in non-interactive mode. No way out -- failing... dpkg: error processing matlab-support (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: matlab-support E: Sub-process /usr/bin/dpkg returned an error code (1) also it has dozens of upgrade and installation failures in ubuntu, probably not relevant for Debian, but it sheds a bad light on the quality of the package. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
Control: tags -1 + patch
Le samedi 09 mars 2013 à 14:18 +0100, Julian Taylor a écrit :
Package: matlab-support
Version: 0.0.18
Severity: serious
in a clean testing chroot:
Setting up matlab-support (0.0.18) ...
No matlab found and maybe running in non-interactive mode. No way out --
failing...
dpkg: error processing matlab-support (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
matlab-support
E: Sub-process /usr/bin/dpkg returned an error code (1)
The attached patch allows the package to install nicely even if MATLAB
is not present. Otherwise people who install the package by accident end
up with a dpkg error.
Julian: please confirm that it fixes the issue for you.
--
.''`.Sébastien Villemot
: :' :Debian Developer
`. `' http://www.dynare.org/sebastien
`- GPG Key: 4096R/381A7594
diff -Nru matlab-support-0.0.18/debian/changelog matlab-support-0.0.18+deb70u1/debian/changelog
--- matlab-support-0.0.18/debian/changelog 2012-03-07 12:19:06.0 +
+++ matlab-support-0.0.18+deb70u1/debian/changelog 2013-03-09 13:51:14.0 +
@@ -1,3 +1,11 @@
+matlab-support (0.0.18+deb70u1) testing-proposed-updates; urgency=low
+
+ * Non-maintainer upload.
+ * Have config and postinst scripts exit nicely if there is no MATLAB
+installation. (Closes: #702637)
+
+ -- Sébastien Villemot sebast...@debian.org Sat, 09 Mar 2013 13:31:13 +
+
matlab-support (0.0.18) unstable; urgency=low
* Update debian/copyright.
diff -Nru matlab-support-0.0.18/debian/matlab-support.config matlab-support-0.0.18+deb70u1/debian/matlab-support.config
--- matlab-support-0.0.18/debian/matlab-support.config 2011-01-05 14:53:25.0 +
+++ matlab-support-0.0.18+deb70u1/debian/matlab-support.config 2013-03-09 13:30:48.0 +
@@ -59,7 +59,7 @@
if [ -z $matlab_install_glob ]; then
# fail in non-interactive mode
db_input critical matlab-support/no-matlab-found || \
-{ echo No matlab found and maybe running in non-interactive mode. No way out -- failing...; exit 1; }
+{ echo No matlab found and maybe running in non-interactive mode. Exiting.; exit 0; }
db_fset matlab-support/matlab-install-glob seen false
STATE=0
else
diff -Nru matlab-support-0.0.18/debian/matlab-support.postinst matlab-support-0.0.18+deb70u1/debian/matlab-support.postinst
--- matlab-support-0.0.18/debian/matlab-support.postinst 2012-03-07 11:17:07.0 +
+++ matlab-support-0.0.18+deb70u1/debian/matlab-support.postinst 2013-03-09 13:30:40.0 +
@@ -20,7 +20,7 @@
# if there is no default path something went wrong
if [ -z $matlab_default_path ]; then
echo No default Matlab path found. Exiting.
-exit 1
+exit 0
fi
# look whether there is a config file and recreate the config file if
# missing
signature.asc
Description: This is a digitally signed message part
Processed: Re: Bug#702637: matlab-support: fails to install in clean chroot
Processing control commands: tags -1 + patch Bug #702637 [matlab-support] matlab-support: fails to install in clean chroot Added tag(s) patch. -- 702637: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702637 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#642750: GDB stops with sigtrap at 0 address on ia64 wheezy
notfound 642750 src:linux/3.5.5-1~experimental.1 notfixed 642750 linux-image-3.0.0-2-mckinley/3.0.0-5 notfixed 642750 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1 fixed 642750 3.2.35-2 thanks The problem with GDB does no longer occur with Kernel 3.2.35-2. I don't have a clue why. A user has confimred that on the debian-i...@lists.debian.org list. I filed a new bug#702641 for the asm register contraints problem above. Please could you simply close this bug? Stephan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed (with 1 errors): GDB stops with sigtrap at 0 address on ia64 wheezy
Processing commands for cont...@bugs.debian.org:
notfound 642750 src:linux/3.5.5-1~experimental.1
Unknown command or malformed arguments to command.
notfixed 642750 linux-image-3.0.0-2-mckinley/3.0.0-5
Bug #642750 {Done: Michael Gilbert mgilb...@debian.org} [src:webkit]
epiphany-browser: *HIGHLY* unstable on ia64 (IA-64/IPF/Itanium) platform
The source linux-image-3.0.0-2-mckinley and version 3.0.0-5 do not appear to
match any binary packages
Ignoring request to alter fixed versions of bug #642750 to the same values
previously set
notfixed 642750 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1
Bug #642750 {Done: Michael Gilbert mgilb...@debian.org} [src:webkit]
epiphany-browser: *HIGHLY* unstable on ia64 (IA-64/IPF/Itanium) platform
The source linux-image-3.1.0-rc7-mckinley and version
3.1.0~rc7-1~experimental.1 do not appear to match any binary packages
Ignoring request to alter fixed versions of bug #642750 to the same values
previously set
fixed 642750 3.2.35-2
Bug #642750 {Done: Michael Gilbert mgilb...@debian.org} [src:webkit]
epiphany-browser: *HIGHLY* unstable on ia64 (IA-64/IPF/Itanium) platform
The source 'webkit' and version '3.2.35-2' do not appear to match any binary
packages
Marked as fixed in versions webkit/3.2.35-2.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
642750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642750
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702646: FTBFS: Can't locate File/Slurp.pm
Package: cil Version: 0.07.00-4 Severity: serious Justification: FTBFS Usertags: goto-cc The package fails to build as no test can be run: Test Summary Report --- t/00_files.t (Wstat: 512 Tests: 0 Failed: 0) Non-zero exit status: 2 Parse errors: No plan found in TAP output Files=1, Tests=0, 0 wallclock secs ( 0.01 usr 0.00 sys + 0.02 cusr 0.00 csys = 0.03 CPU) Result: FAIL Failed 1/1 test programs. 0/0 subtests failed. dh_auto_test: perl Build test returned exit code 2 make: *** [build] Error 2 The reason for the failure is well explained by the package itself: Checking prerequisites... build_requires: ! Class::Accessor is not installed ! DateTime is not installed ! Email::Date is not installed ! Email::Find is not installed ! Email::Simple is not installed ! File::Slurp is not installed ! File::Touch is not installed ! Getopt::Mixed is not installed ERRORS/WARNINGS FOUND IN PREREQUISITES. You may wish to install the versions of the modules indicated above before proceeding with this installation It may be worth taking a peek at Ubuntu's version of the package, 0.07.00-4ubuntu1, which only differs in the respect that all these dependencies have been added... Best, Michael pgpbTuSixUXUw.pgp Description: PGP signature
Bug#702637: matlab-support: fails to install in clean chroot
But should it exit nicely if no matlab is present??? Absent matlab == matlab cannot be supported == error in my vision of how things should be handled in this package. Having it installed without error should provide some guarantee that Matlab is present so that dependent packages could rely on that. If it is in the violation of some statute of the policy -- please let us know. Otherwise -- please wait for the main maintainer's opinion on this issue. The name and description of the package provide sufficient information to avoid installation by accident. And if that happens, it should be removed then. On Sat, 09 Mar 2013, Sébastien Villemot wrote: Control: tags -1 + patch Le samedi 09 mars 2013 à 14:18 +0100, Julian Taylor a écrit : Package: matlab-support Version: 0.0.18 Severity: serious in a clean testing chroot: Setting up matlab-support (0.0.18) ... No matlab found and maybe running in non-interactive mode. No way out -- failing... dpkg: error processing matlab-support (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: matlab-support E: Sub-process /usr/bin/dpkg returned an error code (1) The attached patch allows the package to install nicely even if MATLAB is not present. Otherwise people who install the package by accident end up with a dpkg error. Julian: please confirm that it fixes the issue for you. -- Yaroslav O. Halchenko http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Senior Research Associate, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
On Sat, 09 Mar 2013, Julian Taylor wrote: also it has dozens of upgrade and installation failures in ubuntu, probably not relevant for Debian, but it sheds a bad light on the quality of the package. in Ubuntu... Meanwhile, this package in Debian has only following bugs: Status 2 Outstanding 3 Resolved 1 From other Branch Severity 1 Serious (policy violations or makes package unfit for release) 5 Wishlist items Classification 1 Patch Available 1 Unclassified including yours, and regular releases -- seems to be not that bad, and maintained. If noone can maintain it properly in Ubuntu -- feel free to drop it there I guess. We will address our users issues while they complain via NeuroDebian channels. -- Yaroslav O. Halchenko http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Senior Research Associate, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
On 09.03.2013 15:19, Yaroslav Halchenko wrote: But should it exit nicely if no matlab is present??? Absent matlab == matlab cannot be supported == error in my vision of how things should be handled in this package. Having it installed without error should provide some guarantee that Matlab is present so that dependent packages could rely on that. If it is in the violation of some statute of the policy -- please let us know. Otherwise -- please wait for the main maintainer's opinion on this issue. The name and description of the package provide sufficient information to avoid installation by accident. And if that happens, it should be removed then. in Ubuntu we have around 40 reports (which I'm currently duplicating into one report) from people who install it and get an error message sometimes their installation even hangs completely, even though I see no significant difference to in the installation scripts to Debian. The number of reports almost is about 1/4 of the popcon in Debian. While we Debian maintainers know how to deal with dpkg failures, average users don't. I don't know if it technically violates policy, but its certainly not acceptable for a distribution not focused on only technical users. If not fixed removal from Ubuntu is certainly an option, but I'd prefer to have it fixed in Debian too. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#642750: GDB stops with sigtrap at 0 address on ia64 wheezy
I'm sorry. Wrong bug number. Please, ignore my message. Stephan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: undo my mistake
Processing commands for cont...@bugs.debian.org:
notfixed 642750 3.2.35-2
Bug #642750 {Done: Michael Gilbert mgilb...@debian.org} [src:webkit]
epiphany-browser: *HIGHLY* unstable on ia64 (IA-64/IPF/Itanium) platform
The source 'webkit' and version '3.2.35-2' do not appear to match any binary
packages
No longer marked as fixed in versions webkit/3.2.35-2.
End of message, stopping processing here.
Please contact me if you need assistance.
--
642750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642750
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#691576: GDB stops with sigtrap at 0 address on ia64 wheezy
notfound 691576 src:linux/3.5.5-1~experimental.1 notfixed 691576 linux-image-3.0.0-2-mckinley/3.0.0-5 notfixed 691576 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1 fixed 691576 3.2.35-2 thanks The problem with GDB does no longer occur with Kernel 3.2.35-2. I don't have a clue why. A user has confimred that on the debian-i...@lists.debian.org list. I filed a new bug#702641 for the asm register contraints problem above. Please could you simply close this bug? Stephan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed (with 1 errors): GDB stops with sigtrap at 0 address on ia64 wheezy
Processing commands for cont...@bugs.debian.org: notfound 691576 src:linux/3.5.5-1~experimental.1 Unknown command or malformed arguments to command. notfixed 691576 linux-image-3.0.0-2-mckinley/3.0.0-5 Bug #691576 [src:linux] GDB stops with sigtrap at 0 address on ia64 wheezy The source linux-image-3.0.0-2-mckinley and version 3.0.0-5 do not appear to match any binary packages No longer marked as fixed in versions linux-image-3.0.0-2-mckinley/3.0.0-5. notfixed 691576 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1 Bug #691576 [src:linux] GDB stops with sigtrap at 0 address on ia64 wheezy The source linux-image-3.1.0-rc7-mckinley and version 3.1.0~rc7-1~experimental.1 do not appear to match any binary packages No longer marked as fixed in versions linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1. fixed 691576 3.2.35-2 Bug #691576 [src:linux] GDB stops with sigtrap at 0 address on ia64 wheezy Marked as fixed in versions linux/3.2.35-2. thanks Stopping processing here. Please contact me if you need assistance. -- 691576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691576 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701868: openssl communication problems with 1.0.1e with AES-NI
Hi, On request of openssl upstream I've put a version of the package online which is staticly linked against the openssl libraries and has debug info. There seem to be various people who run into this problem, but we seem to be unable to reproduce it on any of our systems. It's available from: http://people.debian.org/~kroeckx/openssl/static_debug/ You only need the openssl package from there (openssl_1.0.1e-1+test1_amd64.deb), since the shared libraries aren't needed for the test. So what upstream asks is to try and reproduce it with s_client. At least 1 person reported that this fails for him: openssl s_client -connect mail.uni-paderborn.de:465 And then send EHLO test Others might try to reproduce something simular with their own servers. They asked if you use any LD_* environment variables. lsof -p $pid of s_client process would also be nice. If you have a custom /etc/ssl/openssl.cnf, it would also be nice if you could send that. /proc/cpuinfo would also be nice to have. If you know how to use gdb, they ask to print print variables and buffers in e_aes_cbc_hmac_sha1.c If you want to debug it, debugging might not show you source code since you might have the source in a different path. The .deb files can be generated from the source above using: DEB_BUILD_MAINT_OPTIONS=hardening=-all DEB_BUILD_OPTIONS=noopt nostrip dpkg-buildpackage -B -uc If you build it yourself, you can also just run the ./openssl.static binary instead of installing the .deb package. Kurt -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702609: marked as done (pidgin-audacious: Not able to activate)
Your message dated Sat, 09 Mar 2013 14:47:44 + with message-id e1uel3o-pt...@franck.debian.org and subject line Bug#702609: fixed in pidgin-audacious 2.0.0-3 has caused the Debian Bug report #702609, regarding pidgin-audacious: Not able to activate to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 702609: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702609 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: pidgin-audacious Version: 2.0.0-2 Severity: grave Justification: renders package unusable Dear Maintainer, when I try to activate the Pidgin-Audacious plugin in pidgin nothing happens. When I click on Plugin Details the following error message shows up: Error: undefined symbol: audacious_remote_is_playing Check the plugin website for an update. Regards, Christian -- System Information: Debian Release: 7.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages pidgin-audacious depends on: ii libatk1.0-0 2.4.0-2 ii libaudcore1 3.2.4-1 ii libc6 2.13-38 ii libcairo2 1.12.2-3 ii libdbus-1-3 1.6.8-1 ii libdbus-glib-1-20.100.2-1 ii libfontconfig1 2.9.0-7.1 ii libfreetype62.4.9-1.1 ii libgdk-pixbuf2.0-0 2.26.1-1 ii libglib2.0-02.33.12+really2.32.4-5 ii libgtk2.0-0 2.24.10-2 ii libmcs1 0.7.2-2.1 ii libmowgli2 1.0.0-1 ii libpango1.0-0 1.30.0-1 ii pidgin 2.10.6-3 Versions of packages pidgin-audacious recommends: ii audacious 3.2.4-1 pidgin-audacious suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: pidgin-audacious Source-Version: 2.0.0-3 We believe that the bug you reported is fixed in the latest version of pidgin-audacious, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 702...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andrey Rahmatullin w...@wrar.name (supplier of updated pidgin-audacious package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 09 Mar 2013 15:52:55 +0600 Source: pidgin-audacious Binary: pidgin-audacious Architecture: source i386 Version: 2.0.0-3 Distribution: unstable Urgency: low Maintainer: Debian QA Group packa...@qa.debian.org Changed-By: Andrey Rahmatullin w...@wrar.name Description: pidgin-audacious - pidgin integration with Audacious Closes: 702609 Changes: pidgin-audacious (2.0.0-3) unstable; urgency=low . * QA upload. * Link with -laudclient2 instead of -laudcore -laudgui (Closes: #702609). * Use dh-autoreconf instead of autotools-dev to be able to regenerate configure. Checksums-Sha1: 78a33d5e01c399c14c3342c7f9c70c717e4a0c63 1872 pidgin-audacious_2.0.0-3.dsc 74ca8b28aac824bd7c20120ce89246be5b8be4a0 2632 pidgin-audacious_2.0.0-3.debian.tar.gz c2134d3ebcf45a998cbbbf0adaf6cc247d32db75 9566 pidgin-audacious_2.0.0-3_i386.deb Checksums-Sha256: 93faa6fdbad4940e14812d63deea97baf79072641babcd5dbc2a6ec1d43670cb 1872 pidgin-audacious_2.0.0-3.dsc 9b807a0da2b06072228d4a7302aa8aa44e0cfcbbd0b105320cd8cc5903617a41 2632 pidgin-audacious_2.0.0-3.debian.tar.gz 6771dff8300b871d095bb9342457a884a0146c44b262c0e85572ee484cf56cfb 9566 pidgin-audacious_2.0.0-3_i386.deb Files: 0404b2dc29746552e0497c0f62149512 1872 net optional pidgin-audacious_2.0.0-3.dsc e95e5e3ea5354707bf0c5f1bd8ebf078 2632 net optional pidgin-audacious_2.0.0-3.debian.tar.gz 532aef44d4e47dd1717e898d23357c7f 9566 net optional pidgin-audacious_2.0.0-3_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJRO0fhAAoJENPhc4PPp/8GlvgP/3acodRoJhK5MJ0vVcrSX1P7 iYMCUi4KTaXexc+ZXBERlbK0QUsxbmFjDt/lHQ9JPpmDPqwVs8qa4UI0xOlzDOpd bPlazQRY12v96NT4WjVmRUjEnBj1TwxpF1TwY7zsmPP4+32N79f370BCAAKRNgoF rlOmzeBYa6+HVI9+PLe36ePDHS0ZR+ETGa3pskzkU63TCr1X6cZ/JfG7IEYJHYvz 3Kc6vFno54cyq2T4e0RI1/JbSf5gufh6g+qXbp2OMzgiJ881kvyyumFjC3MMU6rb
Processed: forcibly merging 702374 702653
Processing commands for cont...@bugs.debian.org: forcemerge 702374 702653 Bug #702374 [postfix] postfix: get message Relay Access Denied, when using SASL Bug #702653 [postfix] new upstream version broke relay_clientcerts Severity set to 'grave' from 'important' Merged 702374 702653 thanks Stopping processing here. Please contact me if you need assistance. -- 702374: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702374 702653: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702653 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#691576: marked as done (GDB stops with sigtrap at 0 address on ia64 wheezy)
Your message dated Sat, 09 Mar 2013 16:11:19 + with message-id 1362845479.3768.495.ca...@deadeye.wl.decadent.org.uk and subject line Re: Bug#691576: GDB stops with sigtrap at 0 address on ia64 wheezy has caused the Debian Bug report #691576, regarding GDB stops with sigtrap at 0 address on ia64 wheezy to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 691576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691576 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: gdb Version: 7.4.1 Severity: serious Dell PowerEdge 3250 2x Itanium Madison 1.5GHz 6M 4GB RAM I realized that GDB doesn't work as it should. When GDB should run *any* target application, it always stops with SIGTRAP 0x. Example: stephan@itanic:~$ gdb man GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type show copying and show warranty for details. This GDB was configured as ia64-linux-gnu. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /usr/bin/man...(no debugging symbols found)...done. (gdb) run Starting program: /usr/bin/man Program received signal SIGTRAP, Trace/breakpoint trap. 0x in ?? () (gdb) c Continuing. Program received signal SIGTRAP, Trace/breakpoint trap. 0x in ?? () (gdb) c Continuing. Program received signal SIGTRAP, Trace/breakpoint trap. 0x in ?? () (gdb) Debian Wheezy: Kernel 3.2.23, GDB 7.4.1 doesn't work Debian Wheezy: Kernel 3.2.23, GDB 7.3 doesn't work Debian Wheezy: with Kernel 3.5.5 (experimental), GDB 7.4.1 doesn't work Debian Wheezy: with Kernel 3.5.5 (experimental), GDB 7.3 doesn't work Debian Lenny: Kernel 2.6.26, a 'debootstrapped' Wheezy userland, GDB 7.4.1 *works* Gentoo:Kernel 3.3.8, GDB 7.3.1 works I'm surprised that GDB 7.4.1 works on Lenny in the chroot'd Wheezy environment. Please also note that the problem doesn't occur on Gentoo ia64. In my opinion, it points to the Debian Kernel somehow... Stephan ---End Message--- ---BeginMessage--- On Sat, 2013-03-09 at 15:35 +0100, Stephan Schreiber wrote: notfound 691576 src:linux/3.5.5-1~experimental.1 notfixed 691576 linux-image-3.0.0-2-mckinley/3.0.0-5 notfixed 691576 linux-image-3.1.0-rc7-mckinley/3.1.0~rc7-1~experimental.1 fixed 691576 3.2.35-2 thanks The problem with GDB does no longer occur with Kernel 3.2.35-2. I don't have a clue why. A user has confimred that on the debian-i...@lists.debian.org list. I filed a new bug#702641 for the asm register contraints problem above. Please could you simply close this bug? Done. (But you can close bugs yourself, just as you can change their versions.) Ben. -- Ben Hutchings Always try to do things in chronological order; it's less confusing that way. signature.asc Description: This is a digitally signed message part ---End Message---
Bug#702658: matlab-support: uninteruptable prompt on installation with readline
Package: matlab-support Version: 0.0.18 Severity: serious when you use the readline frontend the matlab-support package installation gets stuck in an uninterruptable question loop asking for the location of matlab: DEBIAN_FRONTEND=readline apt-get install matlab-support Location of MATLAB installation(s): ... entering an empty string does not cancel the prompt. Other frontends are probably ok, they offer a cancel option. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702217: proposition for libopenid-ruby/2.1.8debian-1+squeeze1 [CVE-2013-1812]
On Wednesday 06 March 2013, Cédric Boutillier wrote: I adapted the patch from upstream and applied it to the version of libopenid-ruby currently in squeeze. Attached is the debdiff with a possible 2.1.8debian/1+squeeze1 targetting squeeze if accepted by the security team. Thanks for your patch! In my opinion, this can be handle via s-p-u. Cheers, luciano -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#699852: Proposed debdiff
On Fri, Mar 08, 2013 at 07:39:32 +0100, Yves-Alexis Perez wrote: I've built a package including the patch pointed by Josselin. Could someone test it and report back as I don't have an http-based syncevolution setup. Hi, I already prepared a -2 version with several fixes, including the autosync issue, but got interrupted due to the birth of a baby girl. I'll try to push it to the alioth git repository, and would appreciate some help getting it reviewed/accepted for wheezy or wheezy-updates. Regards, Tino -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
Yes it would be great to have bugs fixed in Debian too, especially if they get reported on Debian systems... as for this particular one I consider it a feature :-) Keep us updated on what you figure out -- Sent from a phone which beats iPhone. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#700738: valgrind summary
On 2013-03-08 22:25:46, Antoine Beaupré wrote: I really wonder what to do at this point. I can certainly upload the 2.0 version to experimental to allow people to test this more thoroughly (but then again, it's just once C file, easy enough to test). But I don't feel those bugs are serious enough to block the Wheezy release. It doesn't seem those issues are critical enough to justify the serious severity, but maybe I am wrong. Would I would like to do is to upload a 1.1-2 with Bremner's patch and then request an unblock and close this bug report. Even with David's patch and ttyclock and sig initialized (see the attached patch), there are some issues left: the incorrect type of ttyclock-running and calling ncurses stuff in the signal handler. Anyway, signals intermixed with ncurses is very much out of my comfort zone. Maybe Thorsten (CCed) can provide additional input on those issues. Regards -- Sebastian Ramacher diff --git a/ttyclock.c b/ttyclock.c index 6df69e6..15e8151 100644 --- a/ttyclock.c +++ b/ttyclock.c @@ -58,6 +58,7 @@ init(void) refresh(); /* Init signal handler */ + sigemptyset(sig.sa_mask); sig.sa_handler = signal_handler; sig.sa_flags = 0; sigaction(SIGWINCH, sig, NULL); @@ -445,6 +446,7 @@ main(int argc, char **argv) /* Alloc ttyclock */ ttyclock = malloc(sizeof(ttyclock_t)); + memset(ttyclock, 0, sizeof(ttyclock_t)); /* Date format */ ttyclock-option.format = malloc(sizeof(char) * 100); @@ -478,14 +480,14 @@ main(int argc, char **argv) break; case 'i': puts(TTY-Clock 2 © by Martin Duquesnoy (xor...@gmail.com)); - free(ttyclock); free(ttyclock-option.format); + free(ttyclock); exit(EXIT_SUCCESS); break; case 'v': puts(TTY-Clock 2 © devel version); - free(ttyclock); free(ttyclock-option.format); + free(ttyclock); exit(EXIT_SUCCESS); break; case 's': @@ -527,8 +529,8 @@ main(int argc, char **argv) key_event(); } - free(ttyclock); free(ttyclock-option.format); + free(ttyclock); endwin(); return 0; signature.asc Description: Digital signature
Processed: Re: Bug#702658: matlab-support: uninteruptable prompt on installation with readline
Processing control commands: tags -1 + moreinfo Bug #702658 [matlab-support] matlab-support: uninteruptable prompt on installation with readline Added tag(s) moreinfo. -- 702658: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702658 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702658: matlab-support: uninteruptable prompt on installation with readline
Control: tags -1 + moreinfo Hi, On Sat, Mar 9, 2013 at 5:32 PM, Julian Taylor jtaylor.deb...@googlemail.com wrote: entering an empty string does not cancel the prompt. Other frontends are probably ok, they offer a cancel option. I can't replicate this. I installed the package, the prompt comes up, I press Ctrl-C and I am back at the prompt. I don't think entering an empty string should cancel package installation. Michael -- Michael Hanke http://mih.voxindeserto.de
Bug#702658: is there a consistent Cancel across debconf frontends?
On Sat, 09 Mar 2013, Julian Taylor wrote: DEBIAN_FRONTEND=readline apt-get install matlab-support Location of MATLAB installation(s): ... entering an empty string does not cancel the prompt. Other frontends are probably ok, they offer a cancel option. and now I started to wonder on what is the generic solution here (CCing debconf maintainers on advise) -- some frontends (dialog) do offer Cancel button for the Type: string entry and some seems to be not (readline) -- there must be a generic resolution to guarantee uniform functionality to cancel. Any clues? Moreover it seems that in a clean chroot Ctrl-C didn't work for me (to cancel when I ran into the readline prompt I wanted to cancel) while on the main system -- it does interrupt with Ctrl-C as for emtpy input to cancel logic in matlab-support -- if that is not a generic approach, ideally then the prompt string would need to be adjusted (and all translations) -- probably too much at this point. -- Yaroslav O. Halchenko http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Senior Research Associate, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702658: matlab-support: uninteruptable prompt on installation with readline
On Sat, 09 Mar 2013, Michael Hanke wrote: entering an empty string does not cancel the prompt. Other frontends are probably ok, they offer a cancel option. I can't replicate this. I installed the package, the prompt comes up, I press Ctrl-C and I am back at the prompt. yeah -- as I just wrote, Ctrl-C works on the main machine but is of no effect in chroot (tried on our neurohydra in nd+wheezy chroot) -- Yaroslav O. Halchenko http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Senior Research Associate, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
Hi, On Sat, Mar 9, 2013 at 2:57 PM, Sébastien Villemot sebast...@debian.orgwrote: The attached patch allows the package to install nicely even if MATLAB is not present. Otherwise people who install the package by accident end up with a dpkg error. Julian: please confirm that it fixes the issue for you. I see the problem, but I am not convinced this change is the solution. Installing this package is pointless without Matlab, it should not be pulled in as a dependency unless a package gets installed that requires matlab. If we make this package install successfully on a system without Matlab, we need to make any dependent package handle the situation of a missing matlab itself -- potentially multiplying the effort. At the moment, any package that depends on matlab-support can expect a functional matlab installation to be present at config time. To me the actual question is, why do people try to install this package when they do not have matlab? Consequently I see two approaches: 1) Improve the package description to avoid this kind of installations. 2) Improve the error messages. Any input for improvements is most welcome. I'd be happy to discuss this further, but at the moment I see no reason to change the current behavior. Michael -- Michael Hanke http://mih.voxindeserto.de
Bug#702637: matlab-support: fails to install in clean chroot
On 09.03.2013 18:26, Michael Hanke wrote: Hi, I see the problem, but I am not convinced this change is the solution. Installing this package is pointless without Matlab, it should not be pulled in as a dependency unless a package gets installed that requires matlab. If we make this package install successfully on a system without Matlab, we need to make any dependent package handle the situation of a missing matlab itself -- potentially multiplying the effort. At the moment, any package that depends on matlab-support can expect a functional matlab installation to be present at config time. A problem with failing the installation if matlab is missing is that it prevents migration from Ubuntus proposed repository to the main one. Migration requires that it installs and does also not make other packages uninstallable. E.g. this right now affects dynare, it can't migrate because it depends on matlab-support which does not install. I though that the debian unstable - testing works the same way, but apparently not as e.g. dynare was allowed to go into testing. We can change the failing in Ubuntu only if you don't want to change Debian. To me the actual question is, why do people try to install this package when they do not have matlab? Consequently I see two approaches: 1) Improve the package description to avoid this kind of installations. The main reason for that is probably that the desktop file says it is matlab. The desktop file is used in the (ubuntu) software center to display the title of the application, not the package short description. Most novice users install over the software center in Ubuntu, see matlab and install it without reading the rest of the description. Software center is also in Debian, but I don't know if it has the same behavior. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702658: matlab-support: uninteruptable prompt on installation with readline
On 09.03.2013 18:21, Yaroslav Halchenko wrote: On Sat, 09 Mar 2013, Michael Hanke wrote: entering an empty string does not cancel the prompt. Other frontends are probably ok, they offer a cancel option. I can't replicate this. I installed the package, the prompt comes up, I press Ctrl-C and I am back at the prompt. yeah -- as I just wrote, Ctrl-C works on the main machine but is of no effect in chroot (tried on our neurohydra in nd+wheezy chroot) we have a few reports in ubuntu of uninteruptable prompts: https://bugs.launchpad.net/ubuntu/+source/matlab-support/+bug/1025648 I don't think they were using chroots. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702658: matlab-support: uninteruptable prompt on installation with readline
On Sat, 09 Mar 2013, Julian Taylor wrote: yeah -- as I just wrote, Ctrl-C works on the main machine but is of no effect in chroot (tried on our neurohydra in nd+wheezy chroot) we have a few reports in ubuntu of uninteruptable prompts: https://bugs.launchpad.net/ubuntu/+source/matlab-support/+bug/1025648 I don't think they were using chroots. altogether this particular one sounds like a bug/misfeature of debconf to me (differing behavior across environments/frontends) -- Yaroslav O. Halchenko http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Senior Research Associate, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
On Sat, 2013-03-09 at 18:45 +0100, Julian Taylor wrote: A problem with failing the installation if matlab is missing is that it prevents migration from Ubuntus proposed repository to the main one. Migration requires that it installs and does also not make other packages uninstallable. E.g. this right now affects dynare, it can't migrate because it depends on matlab-support which does not install. I though that the debian unstable - testing works the same way, but apparently not as e.g. dynare was allowed to go into testing. In the context of testing migration, installability is determined by computing package relationships, not by actually attempting to install the affected packages (which generally wouldn't add much and isn't feasible given the number of packages involved). Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
On 09.03.2013 19:10, Adam D. Barratt wrote: On Sat, 2013-03-09 at 18:45 +0100, Julian Taylor wrote: A problem with failing the installation if matlab is missing is that it prevents migration from Ubuntus proposed repository to the main one. Migration requires that it installs and does also not make other packages uninstallable. E.g. this right now affects dynare, it can't migrate because it depends on matlab-support which does not install. I though that the debian unstable - testing works the same way, but apparently not as e.g. dynare was allowed to go into testing. In the context of testing migration, installability is determined by computing package relationships, not by actually attempting to install the affected packages (which generally wouldn't add much and isn't feasible given the number of packages involved). makes sense, I probably have misinterpreted the britney(?) output. dynare is not migrating because of an incomplete libmatio transition. So the failing install is probably no problem. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#697230: asterisk: Two security issues: AST-2012-014 / AST-2012-015
Hi Tzafrir! Are there news on this? I have noticed that in the svn repository for asterisk there is already: asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high * Patches backported from Asterisk 1.8.19.1 (Closes: #697230): - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack allocations when using TCP. The following two fixes were also pulled in order to easily apply it: - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through Exploitation of Device State Caching -- Tzafrir Cohen tzaf...@debian.org Tue, 08 Jan 2013 00:06:09 +0200 Could you have a look if there is only the upload missing? Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
Am 09.03.2013 19:10 schrieb Adam D. Barratt a...@adam-barratt.org.uk: On Sat, 2013-03-09 at 18:45 +0100, Julian Taylor wrote: A problem with failing the installation if matlab is missing is that it prevents migration from Ubuntus proposed repository to the main one. Migration requires that it installs and does also not make other packages uninstallable. E.g. this right now affects dynare, it can't migrate because it depends on matlab-support which does not install. I though that the debian unstable - testing works the same way, but apparently not as e.g. dynare was allowed to go into testing. In the context of testing migration, installability is determined by computing package relationships, not by actually attempting to install the affected packages (which generally wouldn't add much and isn't feasible given the number of packages involved). This seems to indicate that Debian is not affected by this problem. I am not familiar with the way Ubuntu manages these things in detail, but if there is a way to solve this problem in Debian for Ubuntu I am all for it. Right now this package causes a problem with an automated transition rule checker. Making it install under any condition, will cause problems that affect users. If this is necessary, the patch should at least handle the situation where matlab-support is installed, but no matlab, and something/someone wants to use matlab. This could be a dependent package trying to compile a MEX file. It would need to install some executable that brings up a meaningful error message, especially when invoked via the desktop file in an X session. Maybe it is leaner to handle this package as an exception in the transition checker. This was done in Debian's piuparts, AFAIK. Michael
Bug#701649: Fix for stable
Hi,
sorry for the delay but attached is the diff for the stable update. This
addrsses #701649 (CVE-2013-1766) as well as #699224 (kind of
CVE-2013-0170). Is this enough for the security team to issue the DSA?
Let me know if I can help further.
Cheers,
-- Guido
diff --git a/debian/README.Debian b/debian/README.Debian
index b8c97e0..02c0a49 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -56,6 +56,9 @@ Access Control
Access to the libvirt socket is controlled by membership in the libvirt
group.
If you want to manage VMs as non root you need to add a user to that group.
+System QEMU/KVM processes are run as user and group libvirt-qemu. This can be
+adjusted via /etc/libvirt/qemu.conf.
+
QEMU/KVM: Dropping Capabilties
==
Network interfaces of type ethernet use a script like /etc/qemu-ifup to set
up
diff --git a/debian/changelog b/debian/changelog
index bd3ec0d..719b74e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+libvirt (0.8.3-5+squeeze4) stable-security; urgency=low
+
+ * [9d7846f] CVE-2013-1766: Use libvirt-qemu as group to run qemu/kvm
+instances. This makes sure we don't chown files to groups possibly used
+by other programs. (Closes: #701649)
+
+ -- Guido Günther a...@sigxcpu.org Sat, 09 Mar 2013 17:03:01 +0100
+
+libvirt (0.8.3-5+squeeze3) stable-security; urgency=low
+
+ * [0bbbca1] Add missing return on error path (Closes: #699224)
+
+ -- Guido Günther a...@sigxcpu.org Fri, 22 Feb 2013 20:32:53 +0100
+
libvirt (0.8.3-5+squeeze2) stable-security; urgency=low
* [ac67c93] CVE-2011-1486: Make error reporting in libvirtd thread safe
diff --git a/debian/libvirt-bin.NEWS b/debian/libvirt-bin.NEWS
index ee32190..c6c40f6 100644
--- a/debian/libvirt-bin.NEWS
+++ b/debian/libvirt-bin.NEWS
@@ -1,3 +1,12 @@
+libvirt (0.8.3-5+squeeze4) experimental; urgency=low
+
+ For qemu:///system KVM/QEMU processes now run as group libvirt-qemu. This
+ makes sure image files and volumes aren't accessible by users in the more
+ general and previously used kvm group. To change this behaviour adjust the
+ group option in /etc/libvirt/qemu.conf.
+
+ -- Guido Günther a...@sigxcpu.org Tue, 26 Feb 2013 06:30:48 +0100
+
libvirt (0.8.3-2) unstable; urgency=low
Disk format probing is disabled now by default for security reasons
diff --git a/debian/libvirt-bin.postinst b/debian/libvirt-bin.postinst
index ea85ad2..fed481b 100644
--- a/debian/libvirt-bin.postinst
+++ b/debian/libvirt-bin.postinst
@@ -17,17 +17,16 @@ set -e
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
-
case $1 in
configure)
if ! getent group libvirt /dev/null; then
addgroup --system libvirt
fi
- # user and group libvirt runs qemu/kvm instances with
if ! getent group kvm /dev/null; then
addgroup --quiet --system kvm
fi
+ # user and group libvirt runs qemu/kvm instances with
if ! getent passwd libvirt-qemu /dev/null; then
adduser --quiet \
--system \
@@ -40,6 +39,10 @@ case $1 in
-gecos Libvirt Qemu \
libvirt-qemu
fi
+ if ! getent group libvirt-qemu /dev/null; then
+ addgroup --quiet --system libvirt-qemu
+ adduser libvirt-qemu libvirt-qemu
+ fi
# libvirt from 0.6.0 on is safe to restart with running vms:
if [ -n $2 ] dpkg --compare-versions $2 ge 0.6.0; then
diff --git a/debian/libvirt-bin.postrm b/debian/libvirt-bin.postrm
index d6e9b99..086fda3 100644
--- a/debian/libvirt-bin.postrm
+++ b/debian/libvirt-bin.postrm
@@ -24,7 +24,14 @@ case $1 in
if getent group libvirt /dev/null; then
delgroup libvirt || true
fi
-
+
+ if getent passwd libvirt-qemu /dev/null; then
+ deluser libvirt-qemu || true
+ fi
+
+ if getent group libvirt-qemu /dev/null; then
+ delgroup libvirt-qemu || true
+ fi
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
diff --git a/debian/patches/0016-Add-missing-return-on-error-path.patch
b/debian/patches/0016-Add-missing-return-on-error-path.patch
new file mode 100644
index 000..2da0deb
--- /dev/null
+++ b/debian/patches/0016-Add-missing-return-on-error-path.patch
@@ -0,0 +1,20 @@
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= a...@sigxcpu.org
+Date: Fri, 22 Feb 2013 20:06:25 +0100
+Subject: Add missing return on error path
+
+---
+ daemon/libvirtd.c |1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
+index 711360b..9b88aac 100644
+--- a/daemon/libvirtd.c
b/daemon/libvirtd.c
+@@ -1820,6 +1820,7 @@ readmore:
+ if (remoteDecodeClientMessageHeader(msg) 0) {
+ VIR_FREE(msg);
+ qemudDispatchClientFailure(client);
++return;
+ }
+
+
Bug#690067: Bug#702195: symlink conffiles are not supported, causing problems for dpkg on upgrade/removal and incorrect debsums reports
On Wed, 2013-03-06 at 22:31 +0100, Michael Biebl wrote: I think something like this should do: if [ $1 = upgrade ] dpkg --compare-versions $2 lt 3.3.5-3; then .. fi Done. On Thu, 2013-03-07 at 15:53 +0100, Gergely Nagy wrote: I checked just now, and some things were picked from the merge-queue/3.5 branch (the default branch on github), namely Type=notify - that is not supported by syslog-ng 3.3, and will be new in 3.5. Updated. It builds fine in Wheezy pbuilder and if you do agree, I'll upload it[1]. Laszlo/GCS [1] dget -x http://www.barcikacomp.hu/gcs/syslog-ng_3.3.5-3.dsc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#702637: matlab-support: fails to install in clean chroot
Processing control commands: tags -1 - patch Bug #702637 [matlab-support] matlab-support: fails to install in clean chroot Removed tag(s) patch. -- 702637: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702637 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702637: matlab-support: fails to install in clean chroot
Control: tags -1 - patch Le samedi 09 mars 2013 à 18:26 +0100, Michael Hanke a écrit : On Sat, Mar 9, 2013 at 2:57 PM, Sébastien Villemot sebast...@debian.org wrote: The attached patch allows the package to install nicely even if MATLAB is not present. Otherwise people who install the package by accident end up with a dpkg error. Julian: please confirm that it fixes the issue for you. I see the problem, but I am not convinced this change is the solution. Removing patch tag as a consequence. If we make this package install successfully on a system without Matlab, we need to make any dependent package handle the situation of a missing matlab itself -- potentially multiplying the effort. At the moment, any package that depends on matlab-support can expect a functional matlab installation to be present at config time. I confirm this for dynare-matlab which currently assumes that when matlab-support is correctly configured, there is a working MATLAB installation. I think we should first decide whether this issue is RC (because of Wheezy to be released soon), and this is indeed not obvious. It is of course expected that packages in main install fine in noninteractive mode and in a clean chroot. But matlab-support is different since it is in section contrib and is useless without some nonfree program (MATLAB) not present in Debian; in some sense MATLAB is a implicit dependency of matlab-support, so the current behavior also makes sense. Maybe the Release Team has an opinion on the RCness of this issue? -- .''`.Sébastien Villemot : :' :Debian Developer `. `' http://www.dynare.org/sebastien `- GPG Key: 4096R/381A7594 signature.asc Description: This is a digitally signed message part
Bug#702669: TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Package: typo3
Version: 4.3.9+dfsg1-1+squeeze7
Severity: grave
Tags: security, upstream
Hi,
It has been discovered that TYPO3 Core is susceptible to SQL Injection
and Open Redirection.
Here is the relevant information:
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
A CVE number was asked at: http://seclists.org/oss-sec/2013/q1/611
The patch that fixes the SQL Injection is the following:
http://git.typo3.org/TYPO3v4/CoreProjects/MVC/extbase.git/commitdiff/d00f4b6523507db3c4c7601cf7758333c8290c1d
However, to make it apply over the older typo3 at Squeeze you have to
apply it first the following ones:
http://git.typo3.org/TYPO3v4/CoreProjects/MVC/extbase.git/commitdiff/76f0c979dd5d221807c086cb7a4eb912055d8318
http://git.typo3.org/TYPO3v4/CoreProjects/MVC/extbase.git/commitdiff/68a2f3d653d77d8ed9a283e30f07e6f718c18f19
I'm attaching the file 10-SecBull-TYPO3-CORE-SA-2013-001.patch that is
ready to drop on debian/patches that is the result of applying, in
order, the above commits:
* 76f0c979dd5d221807c086cb7a4eb912055d8318
* 68a2f3d653d77d8ed9a283e30f07e6f718c18f19
* d00f4b6523507db3c4c7601cf7758333c8290c1d
For the another issue of the security bulletin (open redirection issue),
the relevant commit seems to be
http://git.typo3.org/TYPO3v4/Core.git/commit/71135d82ccb74b3ccf8673ce197cd8c4340d5163
but I don't have a backport of it to squeeze.
Typo3 at squeeze-backports and wheezy is also affected.
Regards!
--- a/typo3/sysext/extbase/Classes/Persistence/Storage/Typo3DbBackend.php
+++ b/typo3/sysext/extbase/Classes/Persistence/Storage/Typo3DbBackend.php
@@ -494,18 +494,17 @@
$typeOfRelation = $columnMap-getTypeOfRelation();
if ($typeOfRelation === Tx_Extbase_Persistence_Mapper_ColumnMap::RELATION_HAS_AND_BELONGS_TO_MANY) {
$relationTableName = $columnMap-getRelationTableName();
- $sql['where'][] = $tableName . '.uid IN (SELECT ' . $columnMap-getParentKeyFieldName() . ' FROM ' . $relationTableName . ' WHERE ' . $columnMap-getChildKeyFieldName() . '=' . $this-getPlainValue($operand2) . ')';
+ $sql['where'][] = $tableName . '.uid IN (SELECT ' . $columnMap-getParentKeyFieldName() . ' FROM ' . $relationTableName . ' WHERE ' . $columnMap-getChildKeyFieldName() . '=?)';
+ $parameters[] = intval($this-getPlainValue($operand2));
} elseif ($typeOfRelation === Tx_Extbase_Persistence_Mapper_ColumnMap::RELATION_HAS_MANY) {
$parentKeyFieldName = $columnMap-getParentKeyFieldName();
if (isset($parentKeyFieldName)) {
- $columnName = $this-dataMapper-convertPropertyNameToColumnName($operand1-getPropertyName(), $source-getNodeTypeName());
$childTableName = $columnMap-getChildTableName();
- $sql['where'][] = $tableName . '.uid=(SELECT ' . $childTableName . '.' . $parentKeyFieldName . ' FROM ' . $childTableName . ' WHERE ' . $childTableName . '.uid=' . $this-getPlainValue($operand2) . ')';
+ $sql['where'][] = $tableName . '.uid=(SELECT ' . $childTableName . '.' . $parentKeyFieldName . ' FROM ' . $childTableName . ' WHERE ' . $childTableName . '.uid=?)';
+ $parameters[] = intval($this-getPlainValue($operand2));
} else {
- $statement = '(' . $tableName . '.' . $operand1-getPropertyName() . ' LIKE \'%,' . $this-getPlainValue($operand2) . ',%\'';
- $statement .= ' OR ' . $tableName . '.' . $operand1-getPropertyName() . ' LIKE \'%,' . $this-getPlainValue($operand2) . '\'';
- $statement .= ' OR ' . $tableName . '.' . $operand1-getPropertyName() . ' LIKE \'' . $this-getPlainValue($operand2) . ',%\')';
- $sql['where'][] = $statement;
+ $sql['where'][] = 'FIND_IN_SET(?,' . $tableName . '.' . $columnName . ')';
+ $parameters[] = intval($this-getPlainValue($operand2));
}
} else {
throw new Tx_Extbase_Persistence_Exception_RepositoryException('Unsupported relation for contains().', 1267832524);
@@ -830,9 +829,9 @@
*/
protected function parseLimitAndOffset($limit, $offset, array $sql) {
if ($limit !== NULL $offset !== NULL) {
- $sql['limit'] = $offset . ', ' . $limit;
+ $sql['limit'] = intval($offset) . ', ' . intval($limit);
} elseif ($limit !== NULL) {
- $sql['limit'] = $limit;
+ $sql['limit'] = intval($limit);
}
}
signature.asc
Description: OpenPGP digital signature
Processed: reassign 702669 to typo3-src, severity of 702669 is critical, tagging 702574 ...
Processing commands for cont...@bugs.debian.org:
reassign 702669 typo3-src
Bug #702669 [typo3] TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection
in TYPO3 Core
Bug reassigned from package 'typo3' to 'typo3-src'.
No longer marked as found in versions typo3-src/4.3.9+dfsg1-1+squeeze7.
Ignoring request to alter fixed versions of bug #702669 to the same values
previously set
severity 702669 critical
Bug #702669 [typo3-src] TYPO3-CORE-SA-2013-001: SQL Injection and Open
Redirection in TYPO3 Core
Severity set to 'critical' from 'grave'
tags 702574 + upstream
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Added tag(s) upstream.
forcemerge 702574 702669
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702669 [typo3-src] TYPO3-CORE-SA-2013-001: SQL Injection and Open
Redirection in TYPO3 Core
Marked Bug as done
Marked as fixed in versions typo3-src/4.5.19+dfsg1-5.
There is no source info for the package 'typo3-src' at version '4.3.8-1' with
architecture ''
Unable to make a source version for version '4.3.8-1'
Marked as found in versions 4.3.8-1.
Merged 702574 702669
thanks
Stopping processing here.
Please contact me if you need assistance.
--
702574: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702574
702669: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702669
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#688634: roundcube-sqlite upgrade causes serious data-loss
❦ 3 mars 2013 00:28 CET, Holger Levsen hol...@layer-acht.org : Here is my proposition: http://anonscm.debian.org/gitweb/?p=pkg-roundcube/roundcube.git;a=commitd iff;h=15f5a10444c9d4c8bf7b3e83a82dd6f9e2a4b384 seems right, yes, but it misses a pointer to instructions how to upgrade to a working installation. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688634#99 is just a start, but at least that. I wonder if a pointer there, or somewhere better, could be added. I will add a minimal page in wiki.debian.net with partial instructions. ETA: a few days. -- panic(aha1740.c); /* Goodbye */ 2.2.16 /usr/src/linux/drivers/scsi/aha1740.c pgpkManQQpXJC.pgp Description: PGP signature
Processed: impacts upgrades in stable
Processing commands for cont...@bugs.debian.org: severity 657898 serious Bug #657898 [bugzilla3] bugzilla3: Minor updates should not require package to be reconfigured Severity set to 'serious' from 'important' stop Stopping processing here. Please contact me if you need assistance. -- 657898: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657898 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702669: TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
On 09/03/13 22:43, Carlos Alberto Lopez Perez wrote: It has been discovered that TYPO3 Core is susceptible to SQL Injection and Open Redirection. Here is the relevant information: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ A CVE number was asked at: http://seclists.org/oss-sec/2013/q1/611 Forgot to mention that the SQL Injection is being exploited on the wild. Note: It has been reported to the TYPO3 Security Team that this problem is known and exploited in the wild. signature.asc Description: OpenPGP digital signature
Processed: your mail
Processing commands for cont...@bugs.debian.org:
found 702669 4.3.9+dfsg1-1+squeeze7
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
There is no source info for the package 'typo3-src' at version
'4.3.9+dfsg1-1+squeeze7' with architecture ''
Unable to make a source version for version '4.3.9+dfsg1-1+squeeze7'
Marked as found in versions 4.3.9+dfsg1-1+squeeze7.
Marked as found in versions 4.3.9+dfsg1-1+squeeze7.
found 702669 4.5.14+dfsg1-1~bpo60+1
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
There is no source info for the package 'typo3-src' at version
'4.5.14+dfsg1-1~bpo60+1' with architecture ''
Unable to make a source version for version '4.5.14+dfsg1-1~bpo60+1'
Marked as found in versions 4.5.14+dfsg1-1~bpo60+1.
Marked as found in versions 4.5.14+dfsg1-1~bpo60+1.
found 702669 4.5.19+dfsg1-4.1
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
There is no source info for the package 'typo3-src' at version
'4.5.19+dfsg1-4.1' with architecture ''
Unable to make a source version for version '4.5.19+dfsg1-4.1'
Marked as found in versions 4.5.19+dfsg1-4.1.
Marked as found in versions 4.5.19+dfsg1-4.1.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
702574: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702574
702669: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702669
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: your mail
Processing commands for cont...@bugs.debian.org:
found 702669 4.3.9+dfsg1-1+squeeze7
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
There is no source info for the package 'typo3-src' at version
'4.3.9+dfsg1-1+squeeze7' with architecture ''
Unable to make a source version for version '4.3.9+dfsg1-1+squeeze7'
Ignoring request to alter found versions of bug #702669 to the same values
previously set
Ignoring request to alter found versions of bug #702574 to the same values
previously set
found 702669 4.5.14+dfsg1-1~bpo60+1
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
There is no source info for the package 'typo3-src' at version
'4.5.14+dfsg1-1~bpo60+1' with architecture ''
Unable to make a source version for version '4.5.14+dfsg1-1~bpo60+1'
Ignoring request to alter found versions of bug #702669 to the same values
previously set
Ignoring request to alter found versions of bug #702574 to the same values
previously set
found 702669 4.5.19+dfsg1-4.1
Bug #702669 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
Bug #702574 {Done: Christian Welzel gaw...@camlann.de} [typo3-src]
TYPO3-CORE-SA-2013-001: SQL Injection and Open Redirection in TYPO3 Core
There is no source info for the package 'typo3-src' at version
'4.5.19+dfsg1-4.1' with architecture ''
Unable to make a source version for version '4.5.19+dfsg1-4.1'
Ignoring request to alter found versions of bug #702669 to the same values
previously set
Ignoring request to alter found versions of bug #702574 to the same values
previously set
thanks
Stopping processing here.
Please contact me if you need assistance.
--
702574: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702574
702669: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702669
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: severity of 699611 is important
Processing commands for cont...@bugs.debian.org: # only applies to version in experimental, hence can't be of RC severity severity 699611 important Bug #699611 [xymon] xymon: fails to install: chown: invalid user: 'xymon:xymon' Severity set to 'important' from 'serious' thanks Stopping processing here. Please contact me if you need assistance. -- 699611: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699611 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702674: fritzing: Fails to build on arm*
Package: fritzing
Version: 0.7.10b-1
Severity: serious
Tags: patch upstream
Justification: fails to build from source (but built successfully in the past)
On arm*, qreal != double. See the attached patch for a fix. Also, already
sent upstream. See:
http://code.google.com/p/fritzing/issues/detail?id=2464
Since this doesn't affect Wheezy, I don't plan to NMU.
Scott Kitterman scott@kitterman,com
Will forward to Debian/upstream
Qreal != Double on arm*
Index: fritzing-0.7.10b/src/partseditor/pemainwindow.cpp
===
--- fritzing-0.7.10b.orig/src/partseditor/pemainwindow.cpp 2013-03-09 15:53:38.646230842 -0500
+++ fritzing-0.7.10b/src/partseditor/pemainwindow.cpp 2013-03-09 15:54:33.466230836 -0500
@@ -2196,10 +2196,10 @@
QPointF p = pegi-terminalPoint();
if (coord == x) {
-p.setX(qMax(0.0, qMin(value, pegi-rect().width(;
+p.setX(qMax(qreal(0.0), qMin(qreal(value), pegi-rect().width(;
}
else {
-p.setY(qMax(0.0, qMin(value, pegi-rect().height(;
+p.setY(qMax(qreal(0.0), qMin(qreal(value), pegi-rect().height(;
}
terminalPointChangedAux(pegi, pegi-terminalPoint(), p);
Bug#700738: valgrind summary
Sebastian Ramacher dixit: Anyway, signals intermixed with ncurses is very much out of my comfort zone. Maybe Thorsten (CCed) can provide additional input on those issues. Sorry, no, no practical experience either way, but it did raise all alarm bells here while reading it. bye, //mirabilos -- „nein: BerliOS und Sourceforge sind Plattformen für Projekte, github ist eine Plattform für Einzelkämpfer“ -- dieses Zitat ist ein Beweis dafür, daß auch ein blindes Huhn mal ein Korn findet, bzw. – in diesem Fall – Recht haben kann -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#690152: bsaf: FTBFS: Test org.jdesktop.application.TaskMonitorTest failed
On Sun, Mar 3, 2013 at 8:42 AM, gregor herrmann gre...@debian.org wrote: On Sat, 02 Mar 2013 19:12:32 -0500, Andres Mejia wrote: I just rebuilt bsaf on my machine that has the DISPLAY environment variable set and In a chroot or in the normal environment? The normal environment. on a sid and wheezy chroot via sbuild-shell (which in turn uses schroot) that does not have DISPLAY set. All builds succeeded and passed the test suite. That's not surprising, since without DISPLAY the otherwise failing tests are skipped :) FWIW: The tests still fail for me in wheezy and sid cowbuilder amd64 chroots, with DISPLAY set, with or without my earlier patch (to use xvfb). As mentioned earlier in this bug log by Matteo, building with openjdk-7-jdk works in the same setup. Cheers, gregor -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/ `. `' Member of VIBE!AT SPI, fellow of the Free Software Foundation Europe `- NP: David Bowie: Suffragette City At this time, being this late into the release cycle, I would like to support only the default-jdk. I am building with sbuild using a chroot created by sbuild-createchroot as I believe this closely matches what the buildd machines are running. The bsaf package builds and passes the test suite for me fine on my machine running Debian wheezy, inside a wheezy chroot using sbuild, and inside a sid chroot using sbuild. My machine has a display, the chroot environments do not have a display. I will be downgrading this bug to important as I don't believe supporting cowbuilder, xvfb, or openjdk-7-jdk to be release critical. If someone else can reproduce the test case failure with the version of bsaf in the archives as is, then feel free to raise it back, otherwise fixing these other issues of supporting cowbuilder, xvfb, and openjdk-7-jdk can wait. -- ~ Andres -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: your mail
Processing commands for cont...@bugs.debian.org: severity 690152 important Bug #690152 [src:bsaf] bsaf: FTBFS: Test org.jdesktop.application.TaskMonitorTest failed Severity set to 'important' from 'serious' tags 690152 unreproducible Bug #690152 [src:bsaf] bsaf: FTBFS: Test org.jdesktop.application.TaskMonitorTest failed Added tag(s) unreproducible. End of message, stopping processing here. Please contact me if you need assistance. -- 690152: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690152 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#698832: Copyright patch
Hi Felix, Felix Geyer wrote (02 Mar 2013 18:53:25 GMT) : I'm not the initial author of KeePassX 0.4. I only took over maintenance at some point Thanks for maintaining it! so I don't know for sure where all icons come from. Though I've gone through all of the icons. You simply rock, much appreciated. So, in addition to adding license and copyright information for the other icons, basically it looks like only 10 icons have unknown or problematic origin and should be replaced. Not as bad as it could have been :) All icons in clientic.png seem to be from Nuvola except the last 7: [...] - Looks a lot like the Apple logo, seems very problematic [...] - Dollar sign, ??? - Certificate, ??? - Mobile phone, ??? I see these 4 icons can be selected at least in the password entry creation dialog. Replacing them with similar free icons with known copyright and license looks easy. I also couldn't find the source for these icons: text_bold.png text_italic.png text_left.png text_under.png I expect the text_*.png ones will be quite easy to replace. pwd_hide.png pwd_show.png Replacing pwd_*.png might be a bit more involved. Felix, have you plans to try and fix this in a timeframe that's suitable for Wheezy? Perhaps keepass2 has free replacement icons for the problematic ones? Anyone interested to help Felix? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
