Processed: re: xscreensaver: postinst overwrites /etc/X11/app-defaults/XScreenSaver without asking
Processing control commands: tag -1 -patch Bug #767019 [xscreensaver] xscreensaver: postinst overwrites /etc/X11/app-defaults/XScreenSaver without asking Removed tag(s) patch. -- 767019: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767019 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#767019: xscreensaver: postinst overwrites /etc/X11/app-defaults/XScreenSaver without asking
control: tag -1 -patch + * Non-maintainer upload. + * Remove old cruft in maitainer script, not compliant +with policy of the day: +- xscreensaver.preinst snippet used for lenny-squeeze + transition (move configuration file). +- xscreensaver*.post* snippet used for potato-woody + transition (rm symlink /usr/doc/xscreensaver + and rm symlink + /usr/X11R6/lib/X11/app-defaults/XScreenSaver and + /etc/X11/app-defaults/XScreenSaver + and dpkg-divert stuff) + * Bug fix: postinst overwrites /etc/X11/app-defaults/XScreenSaver +without asking, thanks to Bjørn Mork (Closes: #767019). There are far too many changes not related to the RC bug. The release team will very likely to reject this. See their freeze policy. if [ -L /etc/X11/app-defaults/XScreenSaver ]; then if [ $(readlink /etc/X11/app-defaults/XScreenSaver) = XScreenSaver-nogl -o \ $(readlink /etc/X11/app-defaults/XScreenSaver) = XScreenSaver-gl]; then rm /etc/X11/app-defaults/XScreenSaver fi This doesn't handle the case where the user intentionally had both xscreensaver-gl and xscreensaver installed, and manually set the symlink to XscreenSaver-nogl. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772217: fixed in cmtk 3.2.2-1.1
On Mon, Dec 15, 2014 at 11:06 PM, Torsten Rohlfing wrote: Thanks from me as well. It seems that your patch is more sophisticated than my upstream fix (which essentially just switches the scripts shebang to /bin/bash). Please let me know if you want me to deploy your patch instead. It would be more convenient since the debian package will have to maintain a difference from upstream if that isn't done. I'll go ahead with the nmu. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#767037: Grub EFI fallback - patches for review
Hi, one option that doesn't seem to have been considered would be to create a separate package (let's call it UEFIx) that installs an UEFI binary to EFI/boot/bootx64.efi. That binary could then do what the UEFI BIOS should've done (i.e. look at the EFI vars for bootorder, bootnext, etc and then go on to load the right bootloader). That way you'll have a solution that'll work across the different bootloaders (grub-efi, gummiboot, etc), requires no changes to existing bootloaders and which will only have an effect if explicitly installed (adding d-i rescue code to optionally install the package should be pretty straightforward as well). It also means that efibootmgr will work as expected on both buggy and non-buggy machines. I realize you're alredy pretty well ahead on a different solution and that it's late in the Jessie game, but I thought I should at least throw this idea into the ring (it's basically what Matthew originally suggested in http://mjg59.dreamwidth.org/4125.html). -- David Härdeman -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773579: fontypython should be ported to wx 3.0 (yes, again)
Package: fontypython Version: 0.4.4-1.2 Severity: grave When I fixed #765487, I missed #757886, that is, the fact that the transition from 2.8 to 3.0 (of fontypython) had not been spontaneous. As a consequence of this, I assumed Depends were OK, which they are not, and the current package is useless. As a consequence of this (probably), I also missed #755757. (applause) So using wx 2.8 is not an option in jessie, and the original bug must be solved. Olly, in #757886 you state that everything seems to be fine... can you confirm with wxpython3.0 3.0.1.1+dfsg-2 ? -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (650, 'testing'), (600, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages fontypython depends on: ii python-imaging 2.6.1-1 ii python-wxgtk3.0 3.0.1.1+dfsg-2 fontypython recommends no packages. fontypython suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771852: marked as done (package not installable due to postinst syntax error)
Your message dated Sat, 20 Dec 2014 09:20:24 + with message-id e1y2gd2-0002c5...@franck.debian.org and subject line Bug#771852: fixed in mdadm 3.3.2-5 has caused the Debian Bug report #771852, regarding package not installable due to postinst syntax error to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 771852: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771852 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: mdadm Version: 3.3.2-3 Severity: serious Tags: patch Hi Installing mdadm 3.3.2-3 fails with the following error Setting up mdadm (3.3.2-3) ... W: mdadm: failed to load MD subsystem. Generating mdadm.conf... done (failed to scan arrays; /proc probably not mounted). rm: unrecognized option '--ignore-fail-on-non-empty' Try 'rm --help' for more information. dpkg: error processing package mdadm (--configure): subprocess installed post-installation script returned error exit status 1 as rm(1) doesn't support --ignore-fail-on-non-empty as parameter. However simply switching this to rmdir --ignore-fail-on-non-empty is not successful either, as /var/lib/mdadm doesn't exist on systems where mdadm hasn't been installed before (and rmdir --ignore-fail-on-non-empty does exit with an error code, if the directoy which it is supposed to remove doesn't exist). There are two alternatives to fix this, either by ignoring all bugs from rmdir, e.g. rmdir --ignore-fail-on-non-empty /var/lib/mdadm || : or by checking if the directory in question exists beforehand. --- mdadm-3.3.2/debian/mdadm.postinst +++ mdadm-3.3.2/debian/mdadm.postinst @@ -100,7 +100,9 @@ if dpkg --compare-versions $2 le 3.3.2-1; then rm -f /var/lib/mdadm/CONF-UNCHECKED /var/lib/mdadm/mdadm.conf-generated - rm --ignore-fail-on-non-empty /var/lib/mdadm + if [ -d /var/lib/mdadm ]; then +rmdir --ignore-fail-on-non-empty /var/lib/mdadm + fi fi ;; esac Regards Stefan Lippers-Hollmann -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.18.0-rc7-aptosid-amd64 (SMP w/8 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash signature.asc Description: This is a digitally signed message part. ---End Message--- ---BeginMessage--- Source: mdadm Source-Version: 3.3.2-5 We believe that the bug you reported is fixed in the latest version of mdadm, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 771...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Tokarev m...@tls.msk.ru (supplier of updated mdadm package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 20 Dec 2014 11:48:44 +0300 Source: mdadm Binary: mdadm mdadm-udeb Architecture: source Version: 3.3.2-5 Distribution: unstable Urgency: medium Maintainer: Debian mdadm maintainers pkg-mdadm-de...@lists.alioth.debian.org Changed-By: Michael Tokarev m...@tls.msk.ru Description: mdadm - tool to administer Linux MD arrays (software RAID) mdadm-udeb - tool to administer Linux MD arrays (software RAID) (udeb) Closes: 770883 771852 Changes: mdadm (3.3.2-5) unstable; urgency=medium . * use-tempnode-not-devnode.patch: change udev rules file to use $tempnode which works both on wheezy and jessie udev, instead of $devnode which only works in jessie. At this stage it is better to make rules file compatible with old version instead of adding versioned dependency. Should be removed for jessie+1. (Closes: #770883) * fix Closes: list in previous entry (Closes: #771852) Checksums-Sha1: 2cbb6b731134a22cd9a95b8c7e29b664aefa7c26 1609 mdadm_3.3.2-5.dsc 6b3f92f40bd7edaf468f17be1d10d345c018e864 87080 mdadm_3.3.2-5.debian.tar.xz Checksums-Sha256: 4d754006fcaa033e3383484f6920e298ec0cd908459d57fc002a5a556f55fcfc 1609 mdadm_3.3.2-5.dsc b5cdeb590b81215f00a335fbae3910d034d405b8f06a57d09baef8e8b57c6447 87080 mdadm_3.3.2-5.debian.tar.xz Files: f1ac5b8dc2d26891ed4f00946c303093 1609 admin optional mdadm_3.3.2-5.dsc
Bug#772217: marked as done (cmtk: bashism in /bin/sh script)
Your message dated Sat, 20 Dec 2014 09:19:19 +
with message-id e1y2gbz-00024q...@franck.debian.org
and subject line Bug#772217: fixed in cmtk 3.2.2-1.3
has caused the Debian Bug report #772217,
regarding cmtk: bashism in /bin/sh script
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
772217: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772217
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: cmtk
Severity: serious
Version: 3.2.2-1
User: debian-rele...@lists.debian.org
Usertags: goal-dash
Hi,
I've ran checkbashisms (from the 'devscripts' package) over the whole
archive and I found that your package has a /bin/sh script that uses a
bashism.
checkbashisms' output:
possible bashism in ./usr/lib/cmtk/bin/groupwise_reformat line 48
(alternative test command ([[ foo ]] should be [ foo ])):
while [[ $1 =~ ^- ]]; do
possible bashism in ./usr/lib/cmtk/bin/groupwise_reformat line 49 (should
be VAR=${VAR}foo):
reformatOptions+=$1
possible bashism in ./usr/lib/cmtk/bin/groupwise_reformat line 92 ('(('
should be '$(('):
((++idx))
possible bashism in ./usr/lib/cmtk/bin/groupwise_reformat line 106
(alternative test command ([[ foo ]] should be [ foo ])):
if [[ ${line} =~ ^\} ]]; then
possible bashism in ./usr/lib/cmtk/bin/groupwise_reformat line 126
(alternative test command ([[ foo ]] should be [ foo ])):
if [[ ${line} =~ target ]]; then
possible bashism in ./usr/lib/cmtk/bin/cmtk_functions.sh line 35 (should
be
'.', not 'source'):
source ${CMTK_BINARY_DIR}/cmtk_locking_procmail.sh
possible bashism in ./usr/lib/cmtk/bin/cmtk_functions.sh line 37 (should
be
'.', not 'source'):
source ${CMTK_BINARY_DIR}/cmtk_locking.sh
possible bashism in ./usr/lib/cmtk/bin/correct_dwi_distortion_and_motion
line 124 (should be 'b = a'):
if [ ${bX} == ${b0FwdCorr} ]; then
Not using bash (or a Debian Policy compliant shell interpreter that doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours. Please be aware that dash is the default /bin/sh.
Please closely examine the above output and the script, and determine
what the proper severity of the bug is, and adjust it accordingly. If
it's important or greater please hurry to get this fixed for jessie.
Hints about how to fix bashisms can be found at:
https://wiki.ubuntu.com/DashAsBinSh
Thanks in advance,
Raphael Geissert
---End Message---
---BeginMessage---
Source: cmtk
Source-Version: 3.2.2-1.3
We believe that the bug you reported is fixed in the latest version of
cmtk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 772...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Gilbert mgilb...@debian.org (supplier of updated cmtk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Dec 2014 08:14:10 +
Source: cmtk
Binary: cmtk
Architecture: source
Version: 3.2.2-1.3
Distribution: unstable
Urgency: medium
Maintainer: NeuroDebian Team t...@neuro.debian.net
Changed-By: Michael Gilbert mgilb...@debian.org
Description:
cmtk - Computational Morphometry Toolkit
Closes: 772217
Changes:
cmtk (3.2.2-1.3) unstable; urgency=medium
.
* Non-maintainer upload.
* Use expr for posix-compliant regex comparison (closes: #772217).
Checksums-Sha1:
a63459d82bb57e01a711e6d3ecc514de6b80643e 2916 cmtk_3.2.2-1.3.dsc
2cd0d222efeee22efaacf9bc98ccb7ea798fe751 9020 cmtk_3.2.2-1.3.debian.tar.xz
Checksums-Sha256:
e8bee745cd308e8f960ed7eab9a9491754d865b7747e5d690a719ce45a7fb5c2 2916
cmtk_3.2.2-1.3.dsc
7c9a36ab93f13367bcfc426517eb52fec6c174a5d8a0610ea9f9354b4de3e8f9 9020
cmtk_3.2.2-1.3.debian.tar.xz
Files:
d317ed2d0e4858a79ab9c37060bda245 2916 science extra cmtk_3.2.2-1.3.dsc
80a8348079818c5454c0c6c1b2d4f2c6 9020 science extra
cmtk_3.2.2-1.3.debian.tar.xz
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQQcBAEBCgAGBQJUlTASAAoJELjWss0C1vRzlkgf+wRcnxPDFXuJtcHw9kFfeTBu
5/4b1dmlTPmyrTduzMXokgFv4QL2ih9qrGzfD75ohWdwTrKax1yIfDct576k1dfU
LvVSqKioMXroz6JDUjrtZvg3peJg9OS1Dp2RIKsHJhmO/7gewiL8za8Dec1fxeix
Bug#772177: marked as done (mdadm: postinst fails on rm --ignore-fail-on-non-empty)
Your message dated Sat, 20 Dec 2014 09:20:24 + with message-id e1y2gd2-0002c5...@franck.debian.org and subject line Bug#771852: fixed in mdadm 3.3.2-5 has caused the Debian Bug report #771852, regarding mdadm: postinst fails on rm --ignore-fail-on-non-empty to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 771852: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771852 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: mdadm Version: 3.3.2-3 Severity: grave While installing build dependencies for libguestfs in build chroot (sid-amd64), I got the following message: Setting up mdadm (3.3.2-3) ... update-initramfs: deferring update (trigger activated) rm: unrecognized option '--ignore-fail-on-non-empty' Try 'rm --help' for more information. dpkg: error processing package mdadm (--configure): subprocess installed post-installation script returned error exit status 1 That switch simply does not exist. The problematic call is in the postinst script on line 103: , | if dpkg --compare-versions $2 le 3.3.2-1; then | rm -f /var/lib/mdadm/CONF-UNCHECKED /var/lib/mdadm/mdadm.conf-generated | rm --ignore-fail-on-non-empty /var/lib/mdadm | fi ` I suggest replacing it with something like rm -d /var/lib/mdadm || true Cheers, -Hilko ---End Message--- ---BeginMessage--- Source: mdadm Source-Version: 3.3.2-5 We believe that the bug you reported is fixed in the latest version of mdadm, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 771...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Tokarev m...@tls.msk.ru (supplier of updated mdadm package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 20 Dec 2014 11:48:44 +0300 Source: mdadm Binary: mdadm mdadm-udeb Architecture: source Version: 3.3.2-5 Distribution: unstable Urgency: medium Maintainer: Debian mdadm maintainers pkg-mdadm-de...@lists.alioth.debian.org Changed-By: Michael Tokarev m...@tls.msk.ru Description: mdadm - tool to administer Linux MD arrays (software RAID) mdadm-udeb - tool to administer Linux MD arrays (software RAID) (udeb) Closes: 770883 771852 Changes: mdadm (3.3.2-5) unstable; urgency=medium . * use-tempnode-not-devnode.patch: change udev rules file to use $tempnode which works both on wheezy and jessie udev, instead of $devnode which only works in jessie. At this stage it is better to make rules file compatible with old version instead of adding versioned dependency. Should be removed for jessie+1. (Closes: #770883) * fix Closes: list in previous entry (Closes: #771852) Checksums-Sha1: 2cbb6b731134a22cd9a95b8c7e29b664aefa7c26 1609 mdadm_3.3.2-5.dsc 6b3f92f40bd7edaf468f17be1d10d345c018e864 87080 mdadm_3.3.2-5.debian.tar.xz Checksums-Sha256: 4d754006fcaa033e3383484f6920e298ec0cd908459d57fc002a5a556f55fcfc 1609 mdadm_3.3.2-5.dsc b5cdeb590b81215f00a335fbae3910d034d405b8f06a57d09baef8e8b57c6447 87080 mdadm_3.3.2-5.debian.tar.xz Files: f1ac5b8dc2d26891ed4f00946c303093 1609 admin optional mdadm_3.3.2-5.dsc 987a57dd1c78cfea66e14d8aeb47ab37 87080 admin optional mdadm_3.3.2-5.debian.tar.xz Package-Type: udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUlTiZAAoJEL7lnXSkw9fbHK8IAL/i1rZDZYBbaC2y0Zca/khI MQILone6hJ3g+JQquDBe4xK/cMWVUE2l9hpPeRxGty+/qT4n4FZkXNey4L5MwP8C i2LzipiTOj3rJbpPLR6ckfI+5/4f4qMWl/+1q1xNANRi52L/Lcba5UnIkK3Fdyj1 Gf32A6zLgEG1XUciFgWfOriYNAxO2oQTRIQKxcuDBkCyR1HpHwCGl5NNKlrBTody 36i9Ov5vaTH4hIdb9UZztlS8DBHYglXDyCZZBgU+sIpYAisWZBlEEbOdVUZhF8hh EfK241kJTf3+fd4aAvP4PCbsqJZm/VxQK+EMQXFi172FhCmlmjSukLAFfX01HC4= =vGJw -END PGP SIGNATUREEnd Message---
Bug#772233: bashism in /bin/sh script
Hi, 2014-12-19 22:51 GMT+01:00 Holger Levsen hol...@layer-acht.org: On Freitag, 19. Dezember 2014, Balint Reczey wrote: If you don't have time I would happily prepare an NMU with the fix. Please go ahead. Thanks! I just performed the NMU to DELAYED/2 with the attached patch. Cheers, Balint diff -Nru gnunet-0.10.1/debian/changelog gnunet-0.10.1/debian/changelog --- gnunet-0.10.1/debian/changelog 2014-10-15 21:44:30.0 +0200 +++ gnunet-0.10.1/debian/changelog 2014-12-20 10:00:17.0 +0100 @@ -1,3 +1,12 @@ +gnunet (0.10.1-2.1) unstable; urgency=medium + + * Non-maintainer upload. + + [Raphael Geissert] + * Fix bashisms (Closes: #772233) + + -- Balint Reczey bal...@balintreczey.hu Sat, 20 Dec 2014 09:59:13 +0100 + gnunet (0.10.1-2) unstable; urgency=medium * Put the upstream signing key in debian/upstream/signing-key.asc and remove diff -Nru gnunet-0.10.1/debian/patches/fix-bashism.patch gnunet-0.10.1/debian/patches/fix-bashism.patch --- gnunet-0.10.1/debian/patches/fix-bashism.patch 1970-01-01 01:00:00.0 +0100 +++ gnunet-0.10.1/debian/patches/fix-bashism.patch 2014-12-20 09:59:07.0 +0100 @@ -0,0 +1,54 @@ +Description: fix bashisms +Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=7772233 +Author: Raphael Geissert geiss...@debian.org +Forwarded: https://gnunet.org/bugs/view.php?id=3588 + +Index: gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca +=== +--- gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca +@@ -7,9 +7,9 @@ + options='' + while getopts c: opt; do + case $opt in + c) ++ options=$options -c $OPTARG +- options+=-c $OPTARG + ;; + \?) + echo Invalid option: -$OPTARG 2 + exit 1 +@@ -38,16 +38,16 @@ + for f in ~/.mozilla/firefox/*.default + do + if [ -d $f ]; then + echo Importing CA info Firefox $f ++certutil -D -n GNS Proxy CA -d ~/.mozilla/firefox/*.default /dev/null 21 +-certutil -D -n GNS Proxy CA -d ~/.mozilla/firefox/*.default /dev/null 21 + certutil -A -n GNS Proxy CA -t CT,, -d ~/.mozilla/firefox/*.default $GNSCERT + fi + done + + if [ -d ~/.pki/nssdb ]; then + echo Importing CA into Chrome ++ certutil -D -n GNS Proxy CA -d ~/.pki/nssdb /dev/null 21 +- certutil -D -n GNS Proxy CA -d ~/.pki/nssdb /dev/null 21 + certutil -A -n GNS Proxy CA -t CT,, -d ~/.pki/nssdb $GNSCERT + fi + + +Index: gnunet-0.10.1-2/contrib/gnunet-gns-import.sh +=== +--- gnunet-0.10.1-2/contrib/gnunet-gns-import.sh gnunet-0.10.1-2/contrib/gnunet-gns-import.sh +@@ -25,9 +25,9 @@ + + while getopts c: opt; do + case $opt in + c) ++ options=$options -c $OPTARG +- options+=-c $OPTARG + ;; + \?) + echo Invalid option: -$OPTARG 2 + exit 1 diff -Nru gnunet-0.10.1/debian/patches/series gnunet-0.10.1/debian/patches/series --- gnunet-0.10.1/debian/patches/series 2014-10-15 21:41:21.0 +0200 +++ gnunet-0.10.1/debian/patches/series 2014-12-20 09:44:17.0 +0100 @@ -3,3 +3,4 @@ typos.diff noinst_set.diff kfreebsd_malloc_np.patch +fix-bashism.patch
Bug#773556: marked as done (transmission: build failure on mips)
Your message dated Sat, 20 Dec 2014 10:36:27 +0100 with message-id 20141220093627.GA3751@faye and subject line Re: transmission: build failure on mips has caused the Debian Bug report #773556, regarding transmission: build failure on mips to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773556: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773556 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- package: src: transmission severity: serious version: 2.84-0.2 The latest upload failed on the mips buildd. Best wishes, Mike ---End Message--- ---BeginMessage--- On Fri, 19 Dec 2014 17:14:48 -0500 Michael Gilbert mgilb...@debian.org wrote: package: src: transmission severity: serious version: 2.84-0.2 The latest upload failed on the mips buildd. Best wishes, Mike Hi, it seems that was only a temporary problem with the buildd. The package is now available for mips too. Cheers, Markus signature.asc Description: Digital signature ---End Message---
Processed: .
Processing commands for cont...@bugs.debian.org: forwarded 772233 https://gnunet.org/bugs/view.php?id=3588 Bug #772233 [gnunet] gnunet: bashism in /bin/sh script Set Bug forwarded-to-address to 'https://gnunet.org/bugs/view.php?id=3588'. tags 772233 upstream Bug #772233 [gnunet] gnunet: bashism in /bin/sh script Added tag(s) upstream. thanks Stopping processing here. Please contact me if you need assistance. -- 772233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772233 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772233: bashism in /bin/sh script
2014-12-20 10:30 GMT+01:00 Bálint Réczey bal...@balintreczey.hu: Hi, 2014-12-19 22:51 GMT+01:00 Holger Levsen hol...@layer-acht.org: On Freitag, 19. Dezember 2014, Balint Reczey wrote: If you don't have time I would happily prepare an NMU with the fix. Please go ahead. Thanks! I just performed the NMU to DELAYED/2 with the attached patch. I made a typo in the bug number, please see the fixed patch attached. I also reuploaded the package to DELAYED/2. Cheers, Balint diff -Nru gnunet-0.10.1/debian/changelog gnunet-0.10.1/debian/changelog --- gnunet-0.10.1/debian/changelog 2014-10-15 21:44:30.0 +0200 +++ gnunet-0.10.1/debian/changelog 2014-12-20 10:00:17.0 +0100 @@ -1,3 +1,12 @@ +gnunet (0.10.1-2.1) unstable; urgency=medium + + * Non-maintainer upload. + + [Raphael Geissert] + * Fix bashisms (Closes: #772233) + + -- Balint Reczey bal...@balintreczey.hu Sat, 20 Dec 2014 09:59:13 +0100 + gnunet (0.10.1-2) unstable; urgency=medium * Put the upstream signing key in debian/upstream/signing-key.asc and remove diff -Nru gnunet-0.10.1/debian/patches/fix-bashism.patch gnunet-0.10.1/debian/patches/fix-bashism.patch --- gnunet-0.10.1/debian/patches/fix-bashism.patch 1970-01-01 01:00:00.0 +0100 +++ gnunet-0.10.1/debian/patches/fix-bashism.patch 2014-12-20 10:34:36.0 +0100 @@ -0,0 +1,54 @@ +Description: fix bashisms +Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772233 +Author: Raphael Geissert geiss...@debian.org +Forwarded: https://gnunet.org/bugs/view.php?id=3588 + +Index: gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca +=== +--- gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca gnunet-0.10.1-2/src/gns/gnunet-gns-proxy-setup-ca +@@ -7,9 +7,9 @@ + options='' + while getopts c: opt; do + case $opt in + c) ++ options=$options -c $OPTARG +- options+=-c $OPTARG + ;; + \?) + echo Invalid option: -$OPTARG 2 + exit 1 +@@ -38,16 +38,16 @@ + for f in ~/.mozilla/firefox/*.default + do + if [ -d $f ]; then + echo Importing CA info Firefox $f ++certutil -D -n GNS Proxy CA -d ~/.mozilla/firefox/*.default /dev/null 21 +-certutil -D -n GNS Proxy CA -d ~/.mozilla/firefox/*.default /dev/null 21 + certutil -A -n GNS Proxy CA -t CT,, -d ~/.mozilla/firefox/*.default $GNSCERT + fi + done + + if [ -d ~/.pki/nssdb ]; then + echo Importing CA into Chrome ++ certutil -D -n GNS Proxy CA -d ~/.pki/nssdb /dev/null 21 +- certutil -D -n GNS Proxy CA -d ~/.pki/nssdb /dev/null 21 + certutil -A -n GNS Proxy CA -t CT,, -d ~/.pki/nssdb $GNSCERT + fi + + +Index: gnunet-0.10.1-2/contrib/gnunet-gns-import.sh +=== +--- gnunet-0.10.1-2/contrib/gnunet-gns-import.sh gnunet-0.10.1-2/contrib/gnunet-gns-import.sh +@@ -25,9 +25,9 @@ + + while getopts c: opt; do + case $opt in + c) ++ options=$options -c $OPTARG +- options+=-c $OPTARG + ;; + \?) + echo Invalid option: -$OPTARG 2 + exit 1 diff -Nru gnunet-0.10.1/debian/patches/series gnunet-0.10.1/debian/patches/series --- gnunet-0.10.1/debian/patches/series 2014-10-15 21:41:21.0 +0200 +++ gnunet-0.10.1/debian/patches/series 2014-12-20 09:44:17.0 +0100 @@ -3,3 +3,4 @@ typos.diff noinst_set.diff kfreebsd_malloc_np.patch +fix-bashism.patch
Bug#773579: fontypython should be ported to wx 3.0 (yes, again)
On Sat, Dec 20, 2014 at 10:10:53AM +0100, Pietro Battiston wrote: When I fixed #765487, I missed #757886, that is, the fact that the transition from 2.8 to 3.0 (of fontypython) had not been spontaneous. As a consequence of this, I assumed Depends were OK, which they are not, and the current package is useless. As a consequence of this (probably), I also missed #755757. (applause) So using wx 2.8 is not an option in jessie, and the original bug must be solved. Or we don't release jessie with fontypython - you say in #765487 that it seems pretty abandoned upstream. It does seem like people are actually still using it though, judging from the comments in that ticket. Olly, in #757886 you state that everything seems to be fine... can you confirm with wxpython3.0 3.0.1.1+dfsg-2 ? Will retest it when I have a suitable machine in front of me. But the error messages in #765487 do seem to indicate how to solve the problem: .../src/common/stdpbase.cpp(62): assert traits failed in Get(): create wxApp before calling this i.e. make sure that the wxApp object is created before this code gets called. Cheers, Olly -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773580: lzo2: FTBFS on mips powerpc s390x
package: lzo2 version: 2.08-1.1 severity: serious Hi, The latest upload of lzo2 failed on mips, powerpc, s390x (and sparc). This will prevent migration to jessie. https://buildd.debian.org/status/package.php?p=lzo2suite=sid Cheers, Ivo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773580: lzo2: FTBFS on mips powerpc s390x
On 20/12/14 10:57, Ivo De Decker wrote: The latest upload of lzo2 failed on mips, powerpc, s390x (and sparc). In other words, on big-endian architectures (where byteswapping to fetch a LE value is not just a memcpy). This seems likely to be a regression caused by the patch that I NMU'd; I'll look into it when I get a chance. S -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773318: clamav dies/hangs
Hi James, On 19.12.2014 23:07, James Cloos wrote: AC == Andreas Cadhalpun andreas.cadhal...@googlemail.com writes: AC You mean it crashed? AC Please provide excerpts of /var/log/clamav/clamav.log and AC /var/log/syslog from around the time of the crashes. Yes, the clamd process quit, so the milter process was rejecting all incoming mail with a 4xx try again reply. In each case the last thing logged to clamav.log before I restarted clamd was just a Reading databases from /var/lib/clamav line. So it looks like it died during a reload, since: Database correctly reloaded did not get logged. Indeed. It seems like one of the unofficial signature databases caused clamd to crash during reload. It would be great, if you could determine which one that was, so that the problem can be reproduced. AC If you can reproduce the crashes, please install clamav-dbg and use AC gdb to provide a backtrace of the crashes. I removed the clamav-milter call to keep mail flowing; I'll turn it back on on one of them this weekend. Thanks. Best regards, Andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#773318: clamav dies/hangs
Processing control commands: tags 773041 security Bug #773041 [libmspack0] libmspack: hangs on a crafted CAB file Ignoring request to alter tags of bug #773041 to the same tags previously set severity 773041 grave Bug #773041 [libmspack0] libmspack: hangs on a crafted CAB file Ignoring request to change severity of Bug 773041 to the same value. -- 773041: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773041 773318: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773318 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773318: clamav dies/hangs
Control: tags 773041 security Control: severity 773041 grave Justification: causes remote denial of service Hi James, On 19.12.2014 23:12, James Cloos wrote: Even w/ the milter not called, one of the MXs has one clamd thread consuming 100% cpu right now. gdb says: #0 0x7fd0b4791ed0 in ?? () from /usr/lib/x86_64-linux-gnu/libmspack.so.0 #1 0x7fd0b47863ea in ?? () from /usr/lib/x86_64-linux-gnu/libmspack.so.0 #2 0x7fd0b55c1e26 in cli_scanmscab (ctx=0x7fd096dfb6b0, sfx_offset=256) at libmspack.c:384 #3 0x7fd0b5597aa0 in magic_scandesc (ctx=0x7fd096dfb6b0, type=CL_TYPE_ANY) at scanners.c:2703 #4 0x7fd0b5598059 in cli_base_scandesc (desc=12, ctx=0x7fd096dfb6b0, type=CL_TYPE_ANY) at scanners.c:3051 #5 0x7fd0b559bf33 in fileblobScan (fb=0x7fd088003910) at blob.c:641 #6 0x7fd0b559c01d in fileblobScanAndDestroy (fb=fb@entry=0x7fd088003910) at blob.c:399 #7 0x7fd0b55a08db in do_multipart (mainMessage=0x0, messages=optimized out, i=optimized out, rc=0x7fd096dfa35c, mctx=0x7fd096dfa420, messageIn=optimized out, tptr=0x7fd096dfa360, recursion_level=0) at mbox.c:3712 #8 0x7fd0b55a0019 in parseEmailBody (messageIn=0x7fd095df4000, messageIn@entry=0x7fd088004940, textIn=0x100, textIn@entry=0x0, mctx=0x7fd0880047b1, recursion_level=32512, recursion_level@entry=0) at mbox.c:1533 #9 0x7fd0b55a1232 in cli_parse_mbox ( dir=dir@entry=0x7fd088000e50 /tmp/clamav-4b94ddbad0a132b5af6d2f6db3a76e40.tmp, ctx=ctx@entry=0x7fd096dfb6b0) at mbox.c:508 #10 0x7fd0b55a1b1a in cli_mbox ( dir=dir@entry=0x7fd088000e50 /tmp/clamav-4b94ddbad0a132b5af6d2f6db3a76e40.tmp, ctx=ctx@entry=0x7fd096dfb6b0) at mbox.c:309 #11 0x7fd0b5579218 in cli_scanmail (ctx=0x7fd096dfb6b0) at scanners.c:1702 Thanks for the backtrace! As it shows that clamd hangs in libmspack, I think this is bug #773041 [1]. A possible fix is mentioned in [2]. We'll have to include it in the libmspack copy embedded in clamav, which is used in wheezy. Best regards, Andreas 1: https://bugs.debian.org/773041 2: https://bugs.debian.org/773041#8 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#773318: clamav dies/hangs
Processing control commands: tags 773041 security Bug #773041 [libmspack0] libmspack: hangs on a crafted CAB file Added tag(s) security. severity 773041 grave Bug #773041 [libmspack0] libmspack: hangs on a crafted CAB file Severity set to 'grave' from 'minor' -- 773041: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773041 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773583: vim-tlib: purging removes directories owned by vim-common: /var/lib/vim/addons/, /var/lib/vim/
Package: vim-tlib Version: 1.12-2 Severity: serious Justification: Policy 6.8 Hi, same problem of bug #773184. This part of the postrm is faulty: case $1 in purge) if [ -d /var/lib/vim/addons/samples/ ]; then rmdir -p --ignore-fail-on-non-empty /var/lib/vim/addons/samples || : fi ;; I'm uploading the fixed package. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages vim-tlib depends on: ii vim2:7.4.488-3 ii vim-addon-manager 0.5.3 ii vim-gnome [vim]2:7.4.488-3 vim-tlib recommends no packages. vim-tlib suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773586: phoneuid: doesn't start or crashes during startup - probably due to problem in phonefsod
Package: phoneuid Version: 0.1+git20130505-1 Severity: grave Justification: renders package unusable Dear Maintainer, This is sort of a continuation of #766114 which to me seems rightfully closed. There are four things to note in advance please: 1. I'm not sure whether phoneuid is the correct package to file this report against. It could be anywhere in this chain: fso-deviced - phonefsod - phoneuid - phoneui-apps 2. apt doesn't install recommends or suggests on this system by default: # cat /etc/apt/apt.conf APT::Install-Recommends 0; APT::Install-Suggests 0; 3. The automatic screen-blanking that's done by (I think) phonefsod works fine, however the lock screen with the slider (by phoneui-apps) doesn't come up. 4. I tested this first with sysvinit, then with systemd as the init system, but didn't see any differences. All of the following outputs are with systemd. After installing phoneui-apps and trying to start any of the apps (e.g. phoneui-quick-settings), no app window comes up. There's an strace output further down. The problem seems to be that phoneuid is either not starting or dying in the process: # cat phonefsod.log 2014.12.20 11:50:38.551544 [phonefsod] MESSAGE: phonefsod-0.1.0 is in startup mode as user(root) 2014.12.20 11:50:38.765655 [phonefsod] MESSAGE: Inhibiting suspend during startup phase (max 360s) 2014.12.20 11:51:03.876434 [phonefsod] WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out 2014.12.20 11:51:28.909052 [phonefsod] WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out 2014.12.20 11:51:53.955090 [phonefsod] WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: Timeout was reached 2014.12.20 11:52:18.983082 [phonefsod] WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out 2014.12.20 11:52:44.015819 [phonefsod] WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out 2014.12.20 11:52:44.091402 [phonefsod] MESSAGE: !!! ouch, phoneuid is gone - telephony won't work anymore !!! /var/log/phoneuid.log was not created when the process was started during boot. This is from a manual start as root after killing the original process: # cat phoneuid.log 2014.12.20 13:22:42.087796 [phoneuid] MESSAGE: Using log level 'INFO' 2014.12.20 13:22:42.088528 [libphone-ui]MESSAGE: Loading phoneuid 2014.12.20 13:22:42.423247 [libphone-ui]CRITICAL: No such file or directory 2014.12.20 13:23:07.495138 [libphone-ui]WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out 2014.12.20 13:23:32.524630 [libphone-ui]WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out 2014.12.20 13:23:57.563633 [libphone-ui]WARNING: failed to connect to /org/freesmartphone/GSM/Device: Error calling StartServiceByName for org.freesmartphone.ogsmd: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freesmartphone.ogsmd timed out for reference: # dpkg --get-selections | grep n900 fso-deviced-n900install fso-gsmd-n900 install # cat fsodeviced.log 2014-12-20T10:50:35.873901Z [INFO] fsodeviced : Binary launched successful (FsoFrameworkFileLogger created as theLogger) 2014-12-20T10:50:36.026062Z [INFO] Kernel26Display /sys/class/backlight/acx565akm: Created w/ max brightness = 255, smooth up = false, smooth down = false 2014-12-20T10:50:36.034088Z [INFO] Kernel26Led /sys/class/leds/lp5523:kb1: ^^^ supports the following triggers: '[none] timer heartbeat mmc0 mmc1 bq27200-0-charging-or-full bq27200-0-charging bq27200-0-full bq27200-0-charging-blink-full-solid isp1704-online bq24150a-4-online' 2014-12-20T10:50:36.034332Z [INFO] Kernel26Led /sys/class/leds/lp5523:kb1: Created 2014-12-20T10:50:36.035858Z [INFO] Kernel26Led /sys/class/leds/lp5523:kb2: ^^^ supports the following triggers: '[none] timer heartbeat mmc0 mmc1 bq27200-0-charging-or-full bq27200-0-charging bq27200-0-full
Bug#773318: clamav dies/hangs
Hi, On Sat, Dec 20, 2014 at 12:12:13PM +0100, Andreas Cadhalpun wrote: Control: tags 773041 security Control: severity 773041 grave Justification: causes remote denial of service For info, I saw this a few days ago and reported it to the security team. It is indeed available in the wild, and is caused by the malformed CAB file. The version in wheezy and wheezy-updates will need separate fixes, as they change how they use libmspack, though the actual fix seems to be fairly trivial. The version in sid/jessie uses the packaged libmspack, so it'll need fixing there. As it shows that clamd hangs in libmspack, I think this is bug #773041 [1]. A possible fix is mentioned in [2]. We'll have to include it in the libmspack copy embedded in clamav, which is used in wheezy. 1: https://bugs.debian.org/773041 2: https://bugs.debian.org/773041#8 Thanks, Neil signature.asc Description: Digital signature
Bug#773583: marked as done (vim-tlib: purging removes directories owned by vim-common: /var/lib/vim/addons/, /var/lib/vim/)
Your message dated Sat, 20 Dec 2014 12:49:24 + with message-id e1y2jti-0003an...@franck.debian.org and subject line Bug#773583: fixed in vim-tlib 1.12-3 has caused the Debian Bug report #773583, regarding vim-tlib: purging removes directories owned by vim-common: /var/lib/vim/addons/, /var/lib/vim/ to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773583: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773583 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: vim-tlib Version: 1.12-2 Severity: serious Justification: Policy 6.8 Hi, same problem of bug #773184. This part of the postrm is faulty: case $1 in purge) if [ -d /var/lib/vim/addons/samples/ ]; then rmdir -p --ignore-fail-on-non-empty /var/lib/vim/addons/samples || : fi ;; I'm uploading the fixed package. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages vim-tlib depends on: ii vim2:7.4.488-3 ii vim-addon-manager 0.5.3 ii vim-gnome [vim]2:7.4.488-3 vim-tlib recommends no packages. vim-tlib suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: vim-tlib Source-Version: 1.12-3 We believe that the bug you reported is fixed in the latest version of vim-tlib, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 773...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andrea Capriotti capri...@debian.org (supplier of updated vim-tlib package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 20 Dec 2014 12:57:05 +0100 Source: vim-tlib Binary: vim-tlib Architecture: source all Version: 1.12-3 Distribution: unstable Urgency: medium Maintainer: Andrea Capriotti capri...@debian.org Changed-By: Andrea Capriotti capri...@debian.org Description: vim-tlib - Some vim utility functions Closes: 773583 Changes: vim-tlib (1.12-3) unstable; urgency=medium . * Added vim-tlib.dirs and deleted vim-tlib.postrm to prevent the removal of directories owned by vim-common (Closes: #773583) Checksums-Sha1: 1e5e87c395e55be501d4796fa5f4ebf53dc4b412 1853 vim-tlib_1.12-3.dsc aacf75f2853454ba45ab16dd074565fabb7ea7a6 3096 vim-tlib_1.12-3.debian.tar.xz ef506437464d3672038f4db1172fbad2d7440920 77804 vim-tlib_1.12-3_all.deb Checksums-Sha256: 0a8e83570e9c45f086fabe26546036f31a5a6c64a99207284f8e00baef4a3a63 1853 vim-tlib_1.12-3.dsc 070b157c7761c45781790d01af913accfec96713fb8d08f75494cd3bc034fe89 3096 vim-tlib_1.12-3.debian.tar.xz 0f699ba2a24bb0feb6aff17915ea98e1ae7ac8207533c7fe003fd58935508b78 77804 vim-tlib_1.12-3_all.deb Files: e03249917e015137a8e86741c4951b02 1853 editors extra vim-tlib_1.12-3.dsc dd42876ab6696e20c5e955a598a21a65 3096 editors extra vim-tlib_1.12-3.debian.tar.xz bbe9a0a2a931181fcf4ef4293c44579e 77804 editors extra vim-tlib_1.12-3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJUlWXwAAoJEAuv7u/pab1UGOwP/39jy7/Mboo4wcwGmBTjyuix r717a4HJB4hTKIEwMlHJlMgNVjiSpVe5ceoOXD7ZlAh5OUqXXbkD285oEwRxkj7H qhJeLsMY/A0Zlflh6ao7ie0UPPO3Lg2VTOOaPRpI4WJkM7eeSEHS4i8M2a0rgYzJ ATtlHB/gniigFWpH7bHazXbVKzVEzuOYkU3OW84vxyn3zwb2n7Br3R8QVxAHpmSR YkkJbewILjajC2XeHyX33ahBcL9EEqzmTQP79jEVMXfvMP1DrgAsgAZRu9G3uQmS vH+bZfwUX587gBdtS6osYxooU1FLDDm5acZZlMr6HB7xcmeZ0tHpdDIrW33M5+6t q8ugx4RO+J/1q4JGydxwSwQEy7tRQMm9YK+8PdbA8IZTgxL6nk9vQTjFjsTCCIDO nMN1u7Gyvm/QIJjx3OFwEu6xT45W+hYfJb5y3XvygVCcW1unbOmf0V3MvlRDgcH/ 5kmK5/vrO0QFPwNiYEOGtPvQJ+/tqr8ppIbTmqJqJFOQ3HAREGgExadG63BWyj5p zZEP8aK0pZ3n1TLc8elcyl9nKflvWwGapdB6grlBhHBgEIjj1uOHAURMnjWt0JLg mnxcOF34ff95j6OGmJVj8G924BGcw2OiRGajmbzMxqSE6Rg+DLllKQCG9wRA6+kj tpKKh+7iylMPUshvgzdU =oL1P -END PGP SIGNATUREEnd Message---
Processed: notfixed 768127 in 768127
Processing commands for cont...@bugs.debian.org:
notfixed 768127 768127
Bug #768127 {Done: gregor herrmann gre...@debian.org} [dhelp] Fails to build
the index when invalid UTF-8 is met
There is no source info for the package 'dhelp' at version '768127' with
architecture ''
Unable to make a source version for version '768127'
No longer marked as fixed in versions 768127.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
768127: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768127
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773463: jasper: CVE-2014-8137 CVE-2014-8138
Control: tags -1 + patch
Hi Roland,
On Sat, Dec 20, 2014 at 06:08:54AM +0100, Salvatore Bonaccorso wrote:
I will try to work again (as for the previous update) on the
wheezy-security update. As the patches will be mostly the same I could
also do again the unstable upload too. Just let me know!
Here the actual patches plus debdiff used for wheezy-security.
Regards,
Salvatore
diff -Nru jasper-1.900.1/debian/changelog jasper-1.900.1/debian/changelog
--- jasper-1.900.1/debian/changelog 2014-11-28 23:12:21.0 +0100
+++ jasper-1.900.1/debian/changelog 2014-12-20 08:46:40.0 +0100
@@ -1,3 +1,13 @@
+jasper (1.900.1-13+deb7u2) wheezy-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Add 05-CVE-2014-8137.patch patch.
+CVE-2014-8137: double-free in in jas_iccattrval_destroy(). (Closes:
#773463)
+ * Add 06-CVE-2014-8138.patch patch.
+CVE-2014-8138: heap overflow in jp2_decode(). (Closes: #773463)
+
+ -- Salvatore Bonaccorso car...@debian.org Sat, 20 Dec 2014 08:42:19 +0100
+
jasper (1.900.1-13+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru jasper-1.900.1/debian/patches/05-CVE-2014-8137.patch
jasper-1.900.1/debian/patches/05-CVE-2014-8137.patch
--- jasper-1.900.1/debian/patches/05-CVE-2014-8137.patch1970-01-01
01:00:00.0 +0100
+++ jasper-1.900.1/debian/patches/05-CVE-2014-8137.patch2014-12-20
08:46:40.0 +0100
@@ -0,0 +1,66 @@
+Description: CVE-2014-8137: double-free in in jas_iccattrval_destroy()
+Origin: vendor, https://bugzilla.redhat.com/attachment.cgi?id=967283,
+ https://bugzilla.redhat.com/attachment.cgi?id=967284
+Bug-Debian: https://bugs.debian.org/773463
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1173157
+Forwarded: no
+Author: Tomas Hoger tho...@redhat.com
+Last-Update: 2014-12-20
+
+--- a/src/libjasper/base/jas_icc.c
b/src/libjasper/base/jas_icc.c
+@@ -1010,7 +1010,6 @@ static int jas_icccurv_input(jas_iccattr
+ return 0;
+
+ error:
+- jas_icccurv_destroy(attrval);
+ return -1;
+ }
+
+@@ -1128,7 +1127,6 @@ static int jas_icctxtdesc_input(jas_icca
+ #endif
+ return 0;
+ error:
+- jas_icctxtdesc_destroy(attrval);
+ return -1;
+ }
+
+@@ -1207,8 +1205,6 @@ static int jas_icctxt_input(jas_iccattrv
+ goto error;
+ return 0;
+ error:
+- if (txt-string)
+- jas_free(txt-string);
+ return -1;
+ }
+
+@@ -1329,7 +1325,6 @@ static int jas_icclut8_input(jas_iccattr
+ goto error;
+ return 0;
+ error:
+- jas_icclut8_destroy(attrval);
+ return -1;
+ }
+
+@@ -1498,7 +1493,6 @@ static int jas_icclut16_input(jas_iccatt
+ goto error;
+ return 0;
+ error:
+- jas_icclut16_destroy(attrval);
+ return -1;
+ }
+
+--- a/src/libjasper/jp2/jp2_dec.c
b/src/libjasper/jp2/jp2_dec.c
+@@ -291,7 +291,10 @@ jas_image_t *jp2_decode(jas_stream_t *in
+ case JP2_COLR_ICC:
+ iccprof = jas_iccprof_createfrombuf(dec-colr-data.colr.iccp,
+ dec-colr-data.colr.iccplen);
+- assert(iccprof);
++ if (!iccprof) {
++ jas_eprintf(error: failed to parse ICC profile\n);
++ goto error;
++ }
+ jas_iccprof_gethdr(iccprof, icchdr);
+ jas_eprintf(ICC Profile CS %08x\n, icchdr.colorspc);
+ jas_image_setclrspc(dec-image, fromiccpcs(icchdr.colorspc));
diff -Nru jasper-1.900.1/debian/patches/06-CVE-2014-8138.patch
jasper-1.900.1/debian/patches/06-CVE-2014-8138.patch
--- jasper-1.900.1/debian/patches/06-CVE-2014-8138.patch1970-01-01
01:00:00.0 +0100
+++ jasper-1.900.1/debian/patches/06-CVE-2014-8138.patch2014-12-20
08:46:40.0 +0100
@@ -0,0 +1,22 @@
+Description: CVE-2014-8138: heap overflow in jp2_decode()
+Origin: vendor, https://bugzilla.redhat.com/attachment.cgi?id=967280
+Bug-Debian: https://bugs.debian.org/773463
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1173162
+Forwarded: no
+Author: Tomas Hoger tho...@redhat.com
+Last-Update: 2014-12-20
+
+--- a/src/libjasper/jp2/jp2_dec.c
b/src/libjasper/jp2/jp2_dec.c
+@@ -389,6 +389,11 @@ jas_image_t *jp2_decode(jas_stream_t *in
+ /* Determine the type of each component. */
+ if (dec-cdef) {
+ for (i = 0; i dec-numchans; ++i) {
++ /* Is the channel number reasonable? */
++ if (dec-cdef-data.cdef.ents[i].channo =
dec-numchans) {
++ jas_eprintf(error: invalid channel number in
CDEF box\n);
++ goto error;
++ }
+ jas_image_setcmpttype(dec-image,
+
dec-chantocmptlut[dec-cdef-data.cdef.ents[i].channo],
+ jp2_getct(jas_image_clrspc(dec-image),
diff -Nru
Processed: Re: Bug#773463: jasper: CVE-2014-8137 CVE-2014-8138
Processing control commands: tags -1 + patch Bug #773463 [src:jasper] jasper: CVE-2014-8137 CVE-2014-8138 Added tag(s) patch. -- 773463: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773463 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772863: marked as done (pypy: Trigger cycle causes dpkg to fail processing)
Your message dated Sat, 20 Dec 2014 13:23:06 + with message-id e1y2jzu-0001ru...@franck.debian.org and subject line Bug#772863: fixed in pypy 2.4.0+dfsg-3 has caused the Debian Bug report #772863, regarding pypy: Trigger cycle causes dpkg to fail processing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 772863: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772863 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: pypy Version: 2.4.0+dfsg-2 Severity: serious Hi! This package can get involved in a trigger cycle. The problem is that it installs interests on /usr/lib/pypy/lib-python with files there provided by pypy-lib, which is directly or transitively depended on by pypy itself. A solution to the above is to simply switch the triggers to their noawait variants, in this case from «interest» to «interest-noawait», as long as they are not critical for the activating packages, which I cannot tell here. Otherwise a fix might unfortunatly be more involved. Thanks, Guillem ---End Message--- ---BeginMessage--- Source: pypy Source-Version: 2.4.0+dfsg-3 We believe that the bug you reported is fixed in the latest version of pypy, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 772...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefano Rivera stefa...@debian.org (supplier of updated pypy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 20 Dec 2014 12:44:38 +0200 Source: pypy Binary: pypy pypy-tk python-pypy.sandbox pypy-lib pypy-lib-testsuite pypy-doc pypy-dev Architecture: source all Version: 2.4.0+dfsg-3 Distribution: unstable Urgency: medium Maintainer: Stefano Rivera stefa...@debian.org Changed-By: Stefano Rivera stefa...@debian.org Description: pypy - fast alternative implementation of Python - PyPy interpreter pypy-dev - header files for PyPy (an alternative Python interpreter) pypy-doc - developer Documentation for PyPy (an alternative Python interpret pypy-lib - standard library for PyPy (an alternative Python interpreter) pypy-lib-testsuite - standard library test suite for PyPy (an alternative Python inter pypy-tk- Tkinter module for PyPy (an alternative Python interpreter) python-pypy.sandbox - sandboxed PyPy interpreter Closes: 772863 Changes: pypy (2.4.0+dfsg-3) unstable; urgency=medium . * Switch to noawait triggers on /usr/lib/pypy/lib-python. Byte-compilation isn't critical (Closes: #772863). Checksums-Sha1: a626efb37ca7d6b9e0d4e04c30d2f0cedfe85bbe 2544 pypy_2.4.0+dfsg-3.dsc 43141d7217e7d0abcadb54d0a79987a8874fa8d7 63256 pypy_2.4.0+dfsg-3.debian.tar.xz 24c0ed77c133ec0fa7bb5b83342de657202af135 2242858 pypy-lib_2.4.0+dfsg-3_all.deb 5b2ae7e80decfad85bd712f88ac2311b46a2b21c 2688690 pypy-lib-testsuite_2.4.0+dfsg-3_all.deb 934b5dbfd622d2f7352ed52ae6b12038f0fd56b8 1353730 pypy-doc_2.4.0+dfsg-3_all.deb a068fd6f191c64f9be50af06de92f8e3989a8be4 39090 pypy-dev_2.4.0+dfsg-3_all.deb Checksums-Sha256: 5846dace8252f2ca4c524f6547917c05690e187caa198f8740f45777ec295d50 2544 pypy_2.4.0+dfsg-3.dsc 6ae5d7e4eed30d652050301cd7c31b1a1ed4d68b06ec6dc145252697d03e4832 63256 pypy_2.4.0+dfsg-3.debian.tar.xz 60e58089f89c55889f8aea46b52c4671be38610254d9f6154530eff8ec2993d9 2242858 pypy-lib_2.4.0+dfsg-3_all.deb 82e5412376749f7215fc5794a3045894a13ffa5c48df766d9d319cded43cdc54 2688690 pypy-lib-testsuite_2.4.0+dfsg-3_all.deb ee6d9e092d1520ed2984cee8c66e36e6638745d7bce4e54423c1f1f2dce7b3da 1353730 pypy-doc_2.4.0+dfsg-3_all.deb 6501ee3af57e8e66e31197f52bb30b3ed7a4ce4dc9b4997007577171c26db382 39090 pypy-dev_2.4.0+dfsg-3_all.deb Files: c36d68c8b4760d9f6fe83430a09dd871 2544 python extra pypy_2.4.0+dfsg-3.dsc bf2e90d9f3f75cdef400c21d5568361b 63256 python extra pypy_2.4.0+dfsg-3.debian.tar.xz c71e9701d5e780083cda43acd7d94ccb 2242858 python extra pypy-lib_2.4.0+dfsg-3_all.deb e10ba876281dca20ad2f158f5a8a8edc 2688690 python extra pypy-lib-testsuite_2.4.0+dfsg-3_all.deb a04ed5d939fd6e9077137cdab722b67d 1353730 doc extra pypy-doc_2.4.0+dfsg-3_all.deb f965fe9e06a320e17ea040f5fc95d158 39090 python extra pypy-dev_2.4.0+dfsg-3_all.deb -BEGIN
Processed: 768897 probably affects testing as well
Processing commands for cont...@bugs.debian.org: # the diff between 98 and 99 is only translations found 768897 98 Bug #768897 [partman-lvm] quietly very aggressive WRT existing LVM-typed partitions Marked as found in versions partman-lvm/98. thanks Stopping processing here. Please contact me if you need assistance. -- 768897: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768897 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#767019: xscreensaver: postinst overwrites /etc/X11/app-defaults/XScreenSaver without asking
On Sat, Dec 20, 2014 at 9:02 AM, Michael Gilbert wrote: if [ -L /etc/X11/app-defaults/XScreenSaver ]; then if [ $(readlink /etc/X11/app-defaults/XScreenSaver) = XScreenSaver-nogl -o \ $(readlink /etc/X11/app-defaults/XScreenSaver) = XScreenSaver-gl]; then rm /etc/X11/app-defaults/XScreenSaver fi This doesn't handle the case where the user intentionally had both xscreensaver-gl and xscreensaver installed, and manually set the symlink to XscreenSaver-nogl. I suppose it would be best to treat XscreenSaver-nogl and XscreenSaver-gl as conffiles. But I am not sure about the symlink. It could fit something like update-alternatives, but that is not meant for configuration files, right? Best regards, Tormod -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773593: missing source for qprint.c
Source: qprint Version: 1.1.dfsg-1 Severity: serious Justification: Policy §2.2 qprint.c was automatically generated from qprint.w, but the latter is not included in the .orig.tar. NB, this is a regression: qprint.w is included in the source tarball for qprint_1.0.dfsg.2. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#764451: libpam-mount: Fails to run mount: invalid option -- '-p'
Hi On 18/12/14 20:07, Christian Kastner wrote: would you be willing to upload the fix to DELAYED/5 so that we can see this bug closed soon? Yes, I just did. Regards, -- .''`. Philipp Huebner debala...@debian.org : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#701680: Confirmation Re: [djmount] Segfault when attempting to read a file
I don't know how to reply on the Debian Bug report logs. I want to confirm that I too had segfaults using djmount on amd64. Applying the patch suggested by Bernhard Übelacker [004-avoid-crash-by-using-size_t.patch (text/x-patch, attachment)] solved the problem for me. -- Tim Davenport Gatlinburg, Tennessee USA -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701680: Confirmation Re: [djmount] Segfault when attempting to read a file
On 12/20/2014 04:09 PM, Timothy Davenport wrote:
I don't know how to reply on the Debian Bug report logs.
Just include bug number@bugs.debian.org in the CC of your mail.
I want to confirm that I too had segfaults using djmount on amd64.
Applying the patch suggested by Bernhard Übelacker
[004-avoid-crash-by-using-size_t.patch (text/x-patch, attachment)]
solved the problem for me.
Sounds great. I am already preparing an NMU of djmount and would
upload the package to DELAYED or right away, depending on what
Dario thinks. If I won't hear back from Dario anytime soon, I
will upload to DELAYED/5 as this fixes an RC bug which would affect
Jessie if not addressed.
Attaching the debdiff of my suggested NMU in any case.
Cheers,
Adrian
--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer - glaub...@debian.org
`. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
`-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
diff -Nru djmount-0.71/debian/changelog djmount-0.71/debian/changelog
--- djmount-0.71/debian/changelog 2013-01-21 22:05:45.0 +0100
+++ djmount-0.71/debian/changelog 2014-12-20 16:34:43.0 +0100
@@ -1,3 +1,13 @@
+djmount (0.71-6.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * debian/patches:
++ Added: 004-avoid-crash-by-using-size_t.patch:
+ - Fixes segfault on 64-bit architectures when reading files
+ from a mounted DLNA share (Closes: #674753, #701680).
+
+ -- John Paul Adrian Glaubitz glaub...@physik.fu-berlin.de Sat, 20 Dec 2014 16:30:13 +0100
+
djmount (0.71-6) unstable; urgency=low
* debian/control:
diff -Nru djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch
--- djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch 1970-01-01 01:00:00.0 +0100
+++ djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch 2014-12-20 16:29:35.0 +0100
@@ -0,0 +1,16 @@
+Description: Avoid crash by using size_t instead of unsigned int
+Author: Bernhard Ãbelacker bernha...@vr-web.de
+Bug-Debian: https://bugs.debian.org/701680
+Last-Update: 2014-12-12
+
+--- djmount-0.71.orig/djmount/file_buffer.c
djmount-0.71/djmount/file_buffer.c
+@@ -212,7 +212,7 @@ FileBuffer_Read (FileBuffer* file, char*
+ * to return the exact number of bytes requested.
+ */
+ do {
+- unsigned int read_size = size - n;
++ size_t read_size = size - n;
+ if (n 0) {
+ Log_Printf (LOG_DEBUG,
+ UpnpReadHttpGet loop ! url '%s'
diff -Nru djmount-0.71/debian/patches/series djmount-0.71/debian/patches/series
--- djmount-0.71/debian/patches/series 2013-01-21 22:05:45.0 +0100
+++ djmount-0.71/debian/patches/series 2014-12-20 16:30:04.0 +0100
@@ -2,3 +2,4 @@
000_djmount.1.diff
001-libupnp-1.6.6.diff
002-libupnp-1.6.13.diff
+004-avoid-crash-by-using-size_t.patch
Bug#701680: Confirmation Re: [djmount] Segfault when attempting to read a file
On 12/20/2014 04:41 PM, John Paul Adrian Glaubitz wrote:
Attaching the debdiff of my suggested NMU in any case.
Attaching a revised version as my first patch contained a formatting
error in the debian/changelog file.
Cheers,
Adrian
--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer - glaub...@debian.org
`. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
`-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
diff -Nru djmount-0.71/debian/changelog djmount-0.71/debian/changelog
--- djmount-0.71/debian/changelog 2013-01-21 22:05:45.0 +0100
+++ djmount-0.71/debian/changelog 2014-12-20 16:47:53.0 +0100
@@ -1,3 +1,13 @@
+djmount (0.71-6.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * debian/patches:
++ Added: 004-avoid-crash-by-using-size_t.patch:
+ - Fixes segfault on 64-bit architectures when reading files
+from a mounted DLNA share (Closes: #674753, #701680).
+
+ -- John Paul Adrian Glaubitz glaub...@physik.fu-berlin.de Sat, 20 Dec 2014 16:30:13 +0100
+
djmount (0.71-6) unstable; urgency=low
* debian/control:
diff -Nru djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch
--- djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch 1970-01-01 01:00:00.0 +0100
+++ djmount-0.71/debian/patches/004-avoid-crash-by-using-size_t.patch 2014-12-20 16:29:35.0 +0100
@@ -0,0 +1,16 @@
+Description: Avoid crash by using size_t instead of unsigned int
+Author: Bernhard Ãbelacker bernha...@vr-web.de
+Bug-Debian: https://bugs.debian.org/701680
+Last-Update: 2014-12-12
+
+--- djmount-0.71.orig/djmount/file_buffer.c
djmount-0.71/djmount/file_buffer.c
+@@ -212,7 +212,7 @@ FileBuffer_Read (FileBuffer* file, char*
+ * to return the exact number of bytes requested.
+ */
+ do {
+- unsigned int read_size = size - n;
++ size_t read_size = size - n;
+ if (n 0) {
+ Log_Printf (LOG_DEBUG,
+ UpnpReadHttpGet loop ! url '%s'
diff -Nru djmount-0.71/debian/patches/series djmount-0.71/debian/patches/series
--- djmount-0.71/debian/patches/series 2013-01-21 22:05:45.0 +0100
+++ djmount-0.71/debian/patches/series 2014-12-20 16:30:04.0 +0100
@@ -2,3 +2,4 @@
000_djmount.1.diff
001-libupnp-1.6.6.diff
002-libupnp-1.6.13.diff
+004-avoid-crash-by-using-size_t.patch
Bug#771943: marked as done (ifupdown: boot hangs, interface won't raise)
Your message dated Sat, 20 Dec 2014 17:49:09 + with message-id e1y2o9n-0008b6...@franck.debian.org and subject line Bug#771943: fixed in ifupdown 0.7.51 has caused the Debian Bug report #771943, regarding ifupdown: boot hangs, interface won't raise to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 771943: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771943 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: ifupdown Version: 0.7.50 Severity: important Dear Maintainer, With version 0.7.50, my netbook doesn't finish booting, when eth0 isn't connected to the router. Instead it seems to wait with this message: A start job is running for LSB: Raise network interfaces. (15min 10s / no limit) (The 15min 10s part is of course where the time count increases) Connecting eth0 to the router while this message is being displayed has no effect (or I didn't wait long enough, just 1 min). But when eth0 is connected to the router before boot starts, all works fine. Reverting to version 0.7.49 from snapshots.debian.org solves the problem and boot works with and without eth0 being connected to the router. Cheers Armin -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ifupdown depends on: ii adduser 3.113+nmu3 ii initscripts 2.88dsf-58 ii iproute2 3.16.0-2 ii libc62.19-13 ii lsb-base 4.1+Debian13+nmu1 Versions of packages ifupdown recommends: ii isc-dhcp-client [dhcp-client] 4.3.1-5 Versions of packages ifupdown suggests: ii net-tools 1.60-26+b1 pn pppnone pn rdnssd none -- no debconf information signature.asc Description: Digital signature ---End Message--- ---BeginMessage--- Source: ifupdown Source-Version: 0.7.51 We believe that the bug you reported is fixed in the latest version of ifupdown, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 771...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andrew Shadura andre...@debian.org (supplier of updated ifupdown package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 14 Dec 2014 12:34:19 +0100 Source: ifupdown Binary: ifupdown Architecture: source i386 Version: 0.7.51 Distribution: unstable Urgency: medium Maintainer: Andrew Shadura andre...@debian.org Changed-By: Andrew Shadura andre...@debian.org Description: ifupdown - high level tools to configure network interfaces Closes: 771943 Changes: ifupdown (0.7.51) unstable; urgency=medium . [ Michael Biebl ] * Check the hotplug interface operstate to avoid blocking the boot process (Closes: #771943). Checksums-Sha1: ce0b4e45b13cd67e1aabd875b08961368c77bc74 1522 ifupdown_0.7.51.dsc 621804c655b6f591bd64241bcf2dfe246f5cd77c 76836 ifupdown_0.7.51.tar.xz 6616b1c6a7aef411169588922c75b1b6fc65650f 67584 ifupdown_0.7.51_i386.deb Checksums-Sha256: a37db754438ebb775412b1c160fe078b1a2c3d286dfa1a0ddb7a2b56045927bf 1522 ifupdown_0.7.51.dsc 74092f3c94cbd50f763e711d6b4285f8daf244924d4818d70086133d7e4a97cd 76836 ifupdown_0.7.51.tar.xz 205466b67b213d788008527e519a3c67875e6f8d77709b38a12e8053c41f69c5 67584 ifupdown_0.7.51_i386.deb Files: 920e6cc376604d457485bf4663bc36e7 1522 admin important ifupdown_0.7.51.dsc d9deecbe97d7b4eb639c48cb317c4454 76836 admin important ifupdown_0.7.51.tar.xz 52faea259526c3699b50583ce0411eff 67584 admin important ifupdown_0.7.51_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJUla0zAAoJEG6k0jEaLSaN81oQAKhb3SMFZIoHhd8gxUDrwH/s fag3xE12gMgkYZNXVsJrSvEDfbwBCjuTP/UFzTPq+d/GM7zPTm6DI9xnNiBmdHbn X/FQD6JLPBzMat60LGV1PllywFa69/Qd6Eyv9vOFAL4994phAO6eJ5kpSEKYYxlD YnYUKFpPPPLCWzPhI7fb+coMciDmuoEbxTXCJTbvE39LglFE6EgO+QHMZ/NnQNEU 8vi2qBNIJ/E4Tj6ESo+5LLWQrLWUH1rdL9vs51/sJSW4c4mJrN7GklZ5yYKyhrw8 LhvR2bqtOB490/DdyjdUZ+ETVx7ZyPv5LJQTe69ofrrTux36JhryMnVNmLtVaDFS
Bug#770608: marked as done (maven: FTBFS: maven-install-plugin or one of its dependencies could not be resolved)
Your message dated Sat, 20 Dec 2014 17:49:18 + with message-id e1y2o9w-0008d6...@franck.debian.org and subject line Bug#770608: fixed in maven 3.0.5-2 has caused the Debian Bug report #770608, regarding maven: FTBFS: maven-install-plugin or one of its dependencies could not be resolved to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 770608: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770608 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: maven Version: 3.0.5-1 Severity: serious From my pbuilder build log (on amd64): ... [java] [INFO] BUILD FAILURE [java] [INFO] [java] [INFO] Total time: 0.888s [java] [INFO] Finished at: Sat Nov 22 16:11:24 UTC 2014 [java] [INFO] Final Memory: 7M/149M [java] [INFO] [java] [ERROR] Plugin org.apache.maven.plugins:maven-install-plugin:2.3 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-install-plugin:jar:2.3: Could not transfer artifact org.apache.maven.plugins:maven-install-plugin:pom:2.3 from/to central (http://repo.maven.apache.org/maven2): repo.maven.apache.org: Name or service not known: Unknown host repo.maven.apache.org: Name or service not known - [Help 1] [java] org.apache.maven.plugin.PluginResolutionException: Plugin org.apache.maven.plugins:maven-install-plugin:2.3 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-install-plugin:jar:2.3 [java] at org.apache.maven.plugin.internal.DefaultPluginDependenciesResolver.resolve(DefaultPluginDependenciesResolver.java:129) [java] at org.apache.maven.plugin.internal.DefaultMavenPluginManager.getPluginDescriptor(DefaultMavenPluginManager.java:142) [java] at org.apache.maven.plugin.internal.DefaultMavenPluginManager.getMojoDescriptor(DefaultMavenPluginManager.java:261) [java] at org.apache.maven.plugin.DefaultBuildPluginManager.getMojoDescriptor(DefaultBuildPluginManager.java:185) [java] at org.apache.maven.lifecycle.internal.DefaultLifecycleExecutionPlanCalculator.setupMojoExecution(DefaultLifecycleExecutionPlanCalculator.java:152) [java] at org.apache.maven.lifecycle.internal.DefaultLifecycleExecutionPlanCalculator.setupMojoExecutions(DefaultLifecycleExecutionPlanCalculator.java:139) [java] at org.apache.maven.lifecycle.internal.DefaultLifecycleExecutionPlanCalculator.calculateExecutionPlan(DefaultLifecycleExecutionPlanCalculator.java:116) [java] at org.apache.maven.lifecycle.internal.DefaultLifecycleExecutionPlanCalculator.calculateExecutionPlan(DefaultLifecycleExecutionPlanCalculator.java:129) [java] at org.apache.maven.lifecycle.internal.BuilderCommon.resolveBuildPlan(BuilderCommon.java:92) [java] at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81) [java] at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59) [java] at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183) [java] at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161) [java] at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320) [java] at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156) [java] at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537) [java] at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196) [java] at org.apache.maven.cli.MavenCli.main(MavenCli.java:141) [java] at org.apache.maven.cli.MavenCli.main(MavenCli.java:132) [java] Caused by: org.sonatype.aether.resolution.ArtifactDescriptorException: Failed to read artifact descriptor for org.apache.maven.plugins:maven-install-plugin:jar:2.3 [java] at org.apache.maven.repository.internal.DefaultArtifactDescriptorReader.loadPom(DefaultArtifactDescriptorReader.java:296) [java] at org.apache.maven.repository.internal.DefaultArtifactDescriptorReader.readArtifactDescriptor(DefaultArtifactDescriptorReader.java:186) [java] at org.sonatype.aether.impl.internal.DefaultRepositorySystem.readArtifactDescriptor(DefaultRepositorySystem.java:279) [java] at
Bug#771887: nut-client: Does not install cleanly
On Wed, 03 Dec 2014 08:52:39 +0100 Matthias Urlichs matth...@urlichs.de wrote: Package: nut-client Version: 2.7.2-1+b3 Severity: serious Justification: 10.7.3 An unconfigured package is expected to not fail installation. Setting up nut-client (2.7.2-1+b3) ... Job for nut-monitor.service failed. See systemctl status nut-monitor.service and journalctl -xe for details. invoke-rc.d: initscript nut-client, action start failed. dpkg: error processing package nut-client (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: nut-client Press Return to continue. This is probably because you need to configure nut before it is able to start successfully. The systemd services nut ships do not take into account /etc/nut/nut.conf (which by default is set to none, which is supposed to disable all the services). Not exactly sure how to go about adding these types of checks to the systemd service... perhaps it would be easier to just remove the systemd services and leave the init scripts, at least for now. -- Cameron Norman
Processed: Re: Bug#773580: lzo2: FTBFS on mips powerpc s390x
Processing control commands: tags 773580 + patch pending Bug #773580 [lzo2] lzo2: FTBFS on mips powerpc s390x Added tag(s) pending and patch. -- 773580: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773580 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773580: lzo2: FTBFS on mips powerpc s390x
Control: tags 773580 + patch pending
On Sat, 20 Dec 2014 at 11:06:56 +, Simon McVittie wrote:
On 20/12/14 10:57, Ivo De Decker wrote:
The latest upload of lzo2 failed on mips, powerpc, s390x (and sparc).
In other words, on big-endian architectures (where byteswapping to fetch
a LE value is not just a memcpy).
Fixed, build-tested (including regression tests) on amd64, armel,
powerpc, s390x and sparc, and tested for the original bug on armel.
I attach the diff since the last maintainer upload, the diff since my
previous NMU, and the updated patch. I'll upload the NMU shortly.
S
diffstat for lzo2-2.08 lzo2-2.08
changelog | 13
+
patches/0001-Conditionally-replace-reinvention-of-memcpy-with-cal.patch | 82
++
2 files changed, 68 insertions(+), 27 deletions(-)
diff -Nru lzo2-2.08/debian/changelog lzo2-2.08/debian/changelog
--- lzo2-2.08/debian/changelog 2014-12-16 23:35:43.0 +
+++ lzo2-2.08/debian/changelog 2014-12-20 17:50:47.0 +
@@ -1,3 +1,16 @@
+lzo2 (2.08-1.2) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Adjust patch from previous upload so the modern C code path still
+defines some typedefs: lzo_memops_TU1p is a pointer to unsigned byte
+(used by the byteswapping implementation on non-powerpc big-endian
+architectures), and lzo_memops_TU2p and lzo_memops_TU4p
+are pointers to unsigned 2- and 4-byte quantities (needed by the
+powerpc assembler implementation). Together, these fix FTBFS on
+big-endian platforms. (Closes: #773580)
+
+ -- Simon McVittie s...@debian.org Sat, 20 Dec 2014 17:50:38 +
+
lzo2 (2.08-1.1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru
lzo2-2.08/debian/patches/0001-Conditionally-replace-reinvention-of-memcpy-with-cal.patch
lzo2-2.08/debian/patches/0001-Conditionally-replace-reinvention-of-memcpy-with-cal.patch
---
lzo2-2.08/debian/patches/0001-Conditionally-replace-reinvention-of-memcpy-with-cal.patch
2014-12-16 23:35:43.0 +
+++
lzo2-2.08/debian/patches/0001-Conditionally-replace-reinvention-of-memcpy-with-cal.patch
2014-12-20 17:50:47.0 +
@@ -1,5 +1,5 @@
From: Simon McVittie s...@debian.org
-Date: Tue, 16 Dec 2014 23:35:27 +
+Date: Sat, 20 Dec 2014 17:50:27 +
Subject: Conditionally replace reinvention of memcpy() with calls to memcpy()
gcc already knows how to inline memcpy calls with constant n,
@@ -16,16 +16,16 @@
Bug-Debian: https://bugs.debian.org/757037
---
- minilzo/minilzo.c | 64 ---
+ minilzo/minilzo.c | 76 ++-
src/lzo_conf.h| 2 --
- src/lzo_func.h| 55 ++-
- 3 files changed, 97 insertions(+), 24 deletions(-)
+ src/lzo_func.h| 71 +++
+ 3 files changed, 125 insertions(+), 24 deletions(-)
diff --git a/minilzo/minilzo.c b/minilzo/minilzo.c
-index ab2be5f..7e15646 100644
+index ab2be5f..146b383 100644
--- a/minilzo/minilzo.c
+++ b/minilzo/minilzo.c
-@@ -3354,6 +3354,37 @@ lzo_bitops_unused_funcs(void)
+@@ -3354,6 +3354,49 @@ lzo_bitops_unused_funcs(void)
LZO_UNUSED_FUNC(lzo_bitops_unused_funcs);
}
@@ -38,6 +38,18 @@
+ * (C11 draft 1570, paragraph 6.5.7) so they are safe for this use */
+typedef unsigned char *lzo_memops_TU1p;
+
++/* Used by powerpc assembler implementations of byteswapping */
++#if (LZO_OPT_UNALIGNED16)
++typedef lzo_uint16_t __lzo_may_alias lzo_memops_TU2;
++typedef lzo_memops_TU2 *lzo_memops_TU2p;
++#endif
++
++/* Used by powerpc assembler implementations of byteswapping */
++#if (LZO_OPT_UNALIGNED32)
++typedef lzo_uint32_t __lzo_may_alias lzo_memops_TU4;
++typedef lzo_memops_TU4 *lzo_memops_TU4p;
++#endif
++
+#define LZO_MEMOPS_SET1(dd,cc) memset(dd, cc, 1)
+#define LZO_MEMOPS_SET2(dd,cc) memset(dd, cc, 2)
+#define LZO_MEMOPS_SET3(dd,cc) memset(dd, cc, 3)
@@ -63,7 +75,7 @@
#if defined(__lzo_alignof) !(LZO_CFG_NO_UNALIGNED)
#ifndef __lzo_memops_tcheck
#define __lzo_memops_tcheck(t,a,b) ((void)0, sizeof(t) == (a)
__lzo_alignof(t) == (b))
-@@ -3523,6 +3554,8 @@
LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(*(lzo_memops_TU8p)0)==8)
+@@ -3523,6 +3566,8 @@
LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(*(lzo_memops_TU8p)0)==8)
if ((void)0, n__n 0) do { *d__n++ = *s__n++; } while (--n__n 0); \
LZO_BLOCK_END
@@ -72,7 +84,7 @@
__lzo_static_forceinline lzo_uint16_t lzo_memops_get_le16(const lzo_voidp ss)
{
lzo_uint16_t v;
-@@ -3539,7 +3572,7 @@ __lzo_static_forceinline lzo_uint16_t
lzo_memops_get_le16(const lzo_voidp ss)
+@@ -3539,7 +3584,7 @@ __lzo_static_forceinline lzo_uint16_t
lzo_memops_get_le16(const lzo_voidp ss)
#endif
return v;
}
@@ -81,7 +93,7 @@
#define LZO_MEMOPS_GET_LE16(ss)* (const lzo_memops_TU2p) (const
lzo_memops_TU0p) (ss)
#else
#define
Bug#773509: mono-runtime-dbg: missing debug symbols from mono-runtime-dbg
On Vi, 19 dec 14, 10:58:40, Jo Shields wrote: Source: mono-runtime-dbg Version: 3.2.1+dfsg-1 Justification: renders package unusable Severity: grave ... -- System Information: Debian Release: jessie/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty'), (100, 'trusty-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-43-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Besides the wrong (source) package (which is easily fixable) you seem to be reporting this bug against a versions that is not available in Debian. Are you sure this bug also applies to the (most recent) Debian version of the package? You seem to be running Ubuntu. Kind regards, Andrei -- looking after bugs reported against wrong or inexistent packages -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt signature.asc Description: Digital signature
Bug#773509: marked as done (mono-runtime-dbg: missing debug symbols from mono-runtime-dbg)
Your message dated Sat, 20 Dec 2014 20:55:09 +0200 with message-id 20141220185509.GC6987@sid.nuvreauspam and subject line Re: Bug#773509: mono-runtime-dbg: missing debug symbols from mono-runtime-dbg has caused the Debian Bug report #773509, regarding mono-runtime-dbg: missing debug symbols from mono-runtime-dbg to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773509: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773509 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Source: mono-runtime-dbg Version: 3.2.1+dfsg-1 Justification: renders package unusable Severity: grave When mono-runtime-common was split out from mono-runtime, debian/rules wasn't updated to handle the new package names, so the debug symbols for mono-runtime- boehm are discarded rather than stored in mono-runtime-dbg as they should be. - -- System Information: Debian Release: jessie/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty'), (100, 'trusty-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-43-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUlATdAAoJEMkPnLkOH60MqnoH/jK53a7pm6ZMcry7FGixq5F6 YeLn5j+44tkxRqrj9vazuTx2KSKSIqDQS3XkSxcL0OfHB2TLjuYcuvBYuBvIXZ6B f1K5Kx5hT0YGnkq5Tr8CeCKLBTKC8J/SxsDRIsuCmVoviMuggP0/rDD6JbHW6uKU 5ptQlbog3g2LRtm+k4BYjb5DMKEe/L2tFgRpSa+33xk4O/9lRWgyDNrOYrx3mB4h HbhX7JRaPC+2OBzNwowc8IA/3sNLdaVD//MJ5EibDq/XrG4AA1kmzNMmB1J39lJT qAH43nKaztUxXV35L4sUwzaULTu9X0kxXNZgiNc6toezDsfoLmvipDnzlEsha8I= =3EJF -END PGP SIGNATURE- ---End Message--- ---BeginMessage--- On Vi, 19 dec 14, 10:58:40, Jo Shields wrote: Source: mono-runtime-dbg Version: 3.2.1+dfsg-1 Justification: renders package unusable Severity: grave ... -- System Information: Debian Release: jessie/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty'), (100, 'trusty-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-43-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Besides the wrong (source) package (which is easily fixable) you seem to be reporting this bug against a versions that is not available in Debian. Are you sure this bug also applies to the (most recent) Debian version of the package? You seem to be running Ubuntu. Kind regards, Andrei -- looking after bugs reported against wrong or inexistent packages -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt signature.asc Description: Digital signature ---End Message---
Bug#773610: libapache2-svn: apache2 restart failed: mod_dav_svn.so: undefined symbol:, dav_svn__new_error
Package: libapache2-svn Version: 1.6.17dfsg-4+deb7u7 Severity: grave Justification: renders package unusable The wheezy-security upload breaks libapache2-svn in exactly the same way as the previous upload 1.6.17dfsg-4+deb7u5, which was fixed in 1.6.17dfsg-4+deb7u6, see bug number 741314 for more details. service apache2 start [ ok ] Starting web server: apache2. apache2: Syntax error on line 244 of /etc/apache2/apache2.conf: Syntax error on line 2 of /etc/apache2/mods-enabled/dav_svn.load: Cannot load /usr/lib/apache2/modules/mod_dav_svn.so into server: /usr/lib/apache2/modules/mod_dav_svn.so: undefined symbol: dav_svn__new_error Arne Nordmark -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773610: libapache2-svn: apache2 restart failed: mod_dav_svn.so: undefined symbol:, dav_svn__new_error
* Arne Nordmark: The wheezy-security upload breaks libapache2-svn in exactly the same way as the previous upload 1.6.17dfsg-4+deb7u5, which was fixed in 1.6.17dfsg-4+deb7u6, see bug number 741314 for more details. Ugh, I'm building this now myself and will upload another version if it passes basic testing. (The build seems to disable all warnings, unfortuantely.) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: your mail
Processing commands for cont...@bugs.debian.org:
reopen 773509
Bug #773509 {Done: Andrei POPESCU andreimpope...@gmail.com}
[src:mono-runtime-dbg] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Warning: Unknown package 'src:mono-runtime-dbg'
Bug reopened
Warning: Unknown package 'src:mono-runtime-dbg'
Warning: Unknown package 'src:mono-runtime-dbg'
Ignoring request to alter fixed versions of bug #773509 to the same values
previously set
Warning: Unknown package 'src:mono-runtime-dbg'
reassign 773509 src:mono
Bug #773509 [src:mono-runtime-dbg] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Warning: Unknown package 'src:mono-runtime-dbg'
Bug reassigned from package 'src:mono-runtime-dbg' to 'src:mono'.
No longer marked as found in versions mono-runtime-dbg/3.2.1+dfsg-1.
Ignoring request to alter fixed versions of bug #773509 to the same values
previously set
found 773509 3.2.8+dfsg-8
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-8.
found 773509 3.2.8+dfsg-7
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-7.
found 773509 3.2.8+dfsg-6
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-6.
found 773509 3.2.8+dfsg-5
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-5.
found 773509 3.2.8+dfsg-4
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-4.
found 773509 3.2.8+dfsg-3
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-3.
found 773509 3.2.8+dfsg-2
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-2.
found 773509 3.2.8+dfsg-1
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.8+dfsg-1.
found 773509 3.2.3+dfsg-7
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-7.
found 773509 3.2.3+dfsg-6
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-6.
found 773509 3.2.3+dfsg-5
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-5.
found 773509 3.2.3+dfsg-4
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-4.
found 773509 3.2.3+dfsg-3
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-3.
found 773509 3.2.3+dfsg-2
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-2.
found 773509 3.2.3+dfsg-1
Bug #773509 [src:mono] mono-runtime-dbg: missing debug symbols from
mono-runtime-dbg
Marked as found in versions mono/3.2.3+dfsg-1.
End of message, stopping processing here.
Please contact me if you need assistance.
--
773509: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773509
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: fixed 773576 in 1:4.2.6.p5+dfsg-2+deb7u1
Processing commands for cont...@bugs.debian.org: fixed 773576 1:4.2.6.p5+dfsg-2+deb7u1 Bug #773576 [src:ntp] ntp: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 The source 'ntp' and version '1:4.2.6.p5+dfsg-2+deb7u1' do not appear to match any binary packages Marked as fixed in versions ntp/1:4.2.6.p5+dfsg-2+deb7u1. thanks Stopping processing here. Please contact me if you need assistance. -- 773576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773580: marked as done (lzo2: FTBFS on mips powerpc s390x)
Your message dated Sat, 20 Dec 2014 21:19:55 + with message-id e1y2rrl-0007q5...@franck.debian.org and subject line Bug#773580: fixed in lzo2 2.08-1.2 has caused the Debian Bug report #773580, regarding lzo2: FTBFS on mips powerpc s390x to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773580: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773580 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- package: lzo2 version: 2.08-1.1 severity: serious Hi, The latest upload of lzo2 failed on mips, powerpc, s390x (and sparc). This will prevent migration to jessie. https://buildd.debian.org/status/package.php?p=lzo2suite=sid Cheers, Ivo ---End Message--- ---BeginMessage--- Source: lzo2 Source-Version: 2.08-1.2 We believe that the bug you reported is fixed in the latest version of lzo2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 773...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie s...@debian.org (supplier of updated lzo2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 20 Dec 2014 17:50:38 + Source: lzo2 Binary: liblzo2-dev liblzo2-2 liblzo2-2-udeb Architecture: source Version: 2.08-1.2 Distribution: unstable Urgency: low Maintainer: Peter Eisentraut pet...@debian.org Changed-By: Simon McVittie s...@debian.org Description: liblzo2-2 - data compression library liblzo2-2-udeb - data compression library (udeb) liblzo2-dev - data compression library (development files) Closes: 773580 Changes: lzo2 (2.08-1.2) unstable; urgency=low . * Non-maintainer upload. * Adjust patch from previous upload so the modern C code path still defines some typedefs: lzo_memops_TU1p is a pointer to unsigned byte (used by the byteswapping implementation on non-powerpc big-endian architectures), and lzo_memops_TU2p and lzo_memops_TU4p are pointers to unsigned 2- and 4-byte quantities (needed by the powerpc assembler implementation). Together, these fix FTBFS on big-endian platforms. (Closes: #773580) Checksums-Sha1: a841cd6022006ed7dd336765625ebfff088825ef 1804 lzo2_2.08-1.2.dsc 5145c7e5b4d707904e0cd78323afb38d717310a4 5996 lzo2_2.08-1.2.debian.tar.xz Checksums-Sha256: 09eabe81d6f631a29cc603843b27ab914704726a1400a2219cf83b1da4e72892 1804 lzo2_2.08-1.2.dsc 5a9aa3a2432f5d4f689b24c64ea3daec7646e736da37721388ae88b670dd99bc 5996 lzo2_2.08-1.2.debian.tar.xz Files: cce1c6c1e41336cdd69d6d7c06a5fc18 1804 libs optional lzo2_2.08-1.2.dsc 9e742b2f3e89d63a836bff17e4a6b2b6 5996 libs optional lzo2_2.08-1.2.debian.tar.xz -BEGIN PGP SIGNATURE- iQIVAwUBVJXYpk3o/ypjx8yQAQiZKw//Zrw40q2buwWDQSLyINGjukEqpfY6/9Je BvF1+lK/AKt6kyHjqpgAzIiEPkNjnBU7tPOK9P0yxAqm3aOhXdbpovBN0Pr/1j2W ei9XGimtcM96cVNT+WsjrXAVamA/4Cz/P2aXd29ktFdgobEyndcmTlF1wohHN02j H8gdFfweT3p2/fK2VBZhcUjiThHMkpKoIgmlvon1GO8TQFILms1LgHzO8XE8MecW FlfNbnwC6e5ZHlCy5cYzrZRsNleSsuoy8OnZR2A5R4GVA7KXJUhnq46CQx/C07SK pFnzbOGAvNinK7HgGcvJkbgRmLGCYGs7RePeH+RuJE1pn/lSBk0+XXIBwVCQodg2 7dhjqIKCC+UkZ2+MKSzrFZ1U+tBEuBmWVOfgRMm1OSxxKCGDachUHRIoZnFNhM+4 6WFJURWrl4Fsr/3J0jfGiit0KAXQdvHcVVi+clAkRpLkVrMLuHP8kNWzYBbFg78u 0+6SiqKpYkdLTThEVHSIGRNY766UC9vGPrfrtEUpnj/Hk//UksWd7l7oUg34/9mi j5tS5NFvTodDqUbgC2yT1tCWCvmfIcceJusnNxsweEXhrlYM+cB22qQMiJRlD0cB y4U2d6tMl+/ubGVXTe/8bLaC9SY5O4eX1vsHsI04rGHr3/KbjfIu/6I0OEFGxost ZMyu/RHcDFI= =Y9rG -END PGP SIGNATUREEnd Message---
Bug#773610: closing 773610
close 773610 1.6.17dfsg-4+deb7u8 thanks This was fixed with the 1.6.17dfsg-4+deb7u8 upload. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: closing 773610
Processing commands for cont...@bugs.debian.org: close 773610 1.6.17dfsg-4+deb7u8 Bug #773610 [libapache2-svn] libapache2-svn: apache2 restart failed: mod_dav_svn.so: undefined symbol:, dav_svn__new_error There is no source info for the package 'libapache2-svn' at version '1.6.17dfsg-4+deb7u8' with architecture '' Unable to make a source version for version '1.6.17dfsg-4+deb7u8' Marked as fixed in versions 1.6.17dfsg-4+deb7u8. Bug #773610 [libapache2-svn] libapache2-svn: apache2 restart failed: mod_dav_svn.so: undefined symbol:, dav_svn__new_error Marked Bug as done thanks Stopping processing here. Please contact me if you need assistance. -- 773610: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773610 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: fixed 773576 in 1:4.2.6.p2+dfsg-1+deb6u1
Processing commands for cont...@bugs.debian.org: fixed 773576 1:4.2.6.p2+dfsg-1+deb6u1 Bug #773576 [src:ntp] ntp: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 Marked as fixed in versions ntp/1:4.2.6.p2+dfsg-1+deb6u1. thanks Stopping processing here. Please contact me if you need assistance. -- 773576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773610: libapache2-svn: apache2 restart failed: mod_dav_svn.so: undefined symbol:, dav_svn__new_error
On Sat, Dec 20, 2014 at 08:54:53PM +0100, Florian Weimer wrote: * Arne Nordmark: The wheezy-security upload breaks libapache2-svn in exactly the same way as the previous upload 1.6.17dfsg-4+deb7u5, which was fixed in 1.6.17dfsg-4+deb7u6, see bug number 741314 for more details. Ugh, I'm building this now myself and will upload another version if it passes basic testing. Argh, sorry for missing this and thanks for getting a new version uploaded so quickly. Thanks, -- James GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy james...@debian.org signature.asc Description: Digital signature
Bug#701680: Confirmation Re: [djmount] Segfault when attempting to read a file
Hi Adrian (and others), On 12/20/2014 04:52 PM, John Paul Adrian Glaubitz wrote: On 12/20/2014 04:41 PM, John Paul Adrian Glaubitz wrote: Attaching the debdiff of my suggested NMU in any case. Attaching a revised version as my first patch contained a formatting error in the debian/changelog file. I'll prepare an uploads ASAP including the provided patch. Thanks all for following this issue. Regards, -- Dario Minnucci mid...@debian.org Phone: +34 902884117 | Fax: +34 902024417 | Support: +34 80745 Key fingerprint = BAA1 7AAF B21D 6567 D457 D67D A82F BB83 F3D5 7033 signature.asc Description: OpenPGP digital signature
Bug#701680: Confirmation Re: [djmount] Segfault when attempting to read a file
Hi Adrian (and others), On 12/20/2014 04:52 PM, John Paul Adrian Glaubitz wrote: On 12/20/2014 04:41 PM, John Paul Adrian Glaubitz wrote: Attaching the debdiff of my suggested NMU in any case. Attaching a revised version as my first patch contained a formatting error in the debian/changelog file. I'll prepare an uploads ASAP including the provided patch. Thanks all for following this issue. Regards, -- Dario Minnucci mid...@debian.org Phone: +34 902884117 | Fax: +34 902024417 | Support: +34 80745 Key fingerprint = BAA1 7AAF B21D 6567 D457 D67D A82F BB83 F3D5 7033 signature.asc Description: OpenPGP digital signature
Processed: found 771700 in freecol/0.10.7+dfsg-2
Processing commands for cont...@bugs.debian.org:
found 771700 freecol/0.10.7+dfsg-2
Bug #771700 {Done: Vincent Fourmond fourm...@debian.org} [freecol] [freecol]
freecol freezes on intro
Ignoring request to alter found versions of bug #771700 to the same values
previously set
thanks
Stopping processing here.
Please contact me if you need assistance.
--
771700: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771700
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772873: auctex: Trigger cycle causes dpkg to fail processing
On Thu, 11 Dec 2014 21:52:47 +0100 Guillem Jover guil...@debian.org wrote: Package: auctex Version: 11.88-1 Severity: serious Hi! This package can get involved in a trigger cycle. The problem is that it installs interests on /usr/share/texmf with files there provided by preview-latex-style and tex-common, which are directly or transitively depended on by auctex itself. Well, the trigger is for an optional feature to generate a cache of all completions available from a given TeX installation during auctex usage, as far as I can tell. It is advisable and user friendly to have such cache generate and it's nice that the package handles that. A solution to the above is to simply switch the triggers to their noawait variants, in this case from «interest» to «interest-noawait», as long as they are not critical for the activating packages, which I cannot tell here. Otherwise a fix might unfortunatly be more involved. I believe switching to noawait would be sufficient here. Regards, Dimitri. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773579: fontypython should be ported to wx 3.0 (yes, again)
Il giorno sab, 20/12/2014 alle 10.37 +, Olly Betts ha scritto: On Sat, Dec 20, 2014 at 10:10:53AM +0100, Pietro Battiston wrote: When I fixed #765487, I missed #757886, that is, the fact that the transition from 2.8 to 3.0 (of fontypython) had not been spontaneous. As a consequence of this, I assumed Depends were OK, which they are not, and the current package is useless. As a consequence of this (probably), I also missed #755757. (applause) So using wx 2.8 is not an option in jessie, and the original bug must be solved. Or we don't release jessie with fontypython - you say in #765487 that it seems pretty abandoned upstream. It does seem like people are actually still using it though, judging from the comments in that ticket. I'm reluctant for three reasons: 1) I and other people (a niche, but a stable niche, and if I don't misinterpret popcon, its 0.03% of active users locate it in the top 10% of debian packages) use it 2) to the best of my knowledge, there are no alternatives (i.e. programs allowing to install a font without admin powers or messing with shell/hidden files), 3) it works flawlessly with wx 2.8, and I expect the fix for 3.0 to be easy. Olly, in #757886 you state that everything seems to be fine... can you confirm with wxpython3.0 3.0.1.1+dfsg-2 ? Will retest it when I have a suitable machine in front of me. But the error messages in #765487 do seem to indicate how to solve the problem: .../src/common/stdpbase.cpp(62): assert traits failed in Get(): create wxApp before calling this i.e. make sure that the wxApp object is created before this code gets called. This is easily fixed.¹ I will try to also fix the rest,¹ but since you reported fontypython working with wx 3.0, and since I am not a wx expert, I was wondering whether only some systems were affected, and why. Pietro ¹ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765487#25 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773191: python-ogg-dbg: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE
Control: tags -1 + patch Dear morph This problem was introduced in commit 27848, where d/rules target override_dh_installdocs got an extraneous dh_installdocs: The second one try to make the link but fails because the first one created a directory with that name. I've prepared a simple NMU for pyogg (versioned as 1.3+repack-6.1) and uploaded it to mentors. See attached diff. I saw you already fixed other minor issues in svn, so a NMU might actually make things easier to get an unblock. Free free to sponsor it if you like it. dget -x http://mentors.debian.net/debian/pool/main/p/pyogg/pyogg_1.3+repack-6.1.dsc Regards. -- Nirgal diff -Nru pyogg-1.3+repack/debian/changelog pyogg-1.3+repack/debian/changelog --- pyogg-1.3+repack/debian/changelog 2014-02-22 12:10:10.0 +0100 +++ pyogg-1.3+repack/debian/changelog 2014-12-21 01:08:17.0 +0100 @@ -1,3 +1,10 @@ +pyogg (1.3+repack-6.1) unstable; urgency=medium + + * Non-maintainer upload. + * d/rules: Remove extraneous dh_installdocs; Closes: #773191 + + -- Jean-Michel Nirgal Vourgère jmv_...@nirgal.com Sun, 21 Dec 2014 01:03:47 +0100 + pyogg (1.3+repack-6) unstable; urgency=low [ Sandro Tosi ] diff -Nru pyogg-1.3+repack/debian/rules pyogg-1.3+repack/debian/rules --- pyogg-1.3+repack/debian/rules 2014-02-22 11:47:36.0 +0100 +++ pyogg-1.3+repack/debian/rules 2014-12-21 01:03:20.0 +0100 @@ -44,5 +44,4 @@ endif override_dh_installdocs: - dh_installdocs dh_installdocs -A --link-doc=python-ogg signature.asc Description: OpenPGP digital signature
Processed: Re: python-ogg-dbg: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE
Processing control commands: tags -1 + patch Bug #773191 [python-ogg-dbg] python-ogg-dbg: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE Added tag(s) patch. -- 773191: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773191 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#728529: smartmontools throws errors even after the binNMU
On Tue, Dec 16, 2014 at 7:41 AM, Matthias Klose d...@debian.org wrote: Control: found -1 2.24.90.20141128-1 Control: notfound -1 2.24.90.20141209-1 well, the rebuild was done using binutils_2.24.90.20141128-1 (at least on amd64). so it doesn't say anything. Please file a proper binNMU, or reopen the old one. I filed another binNMU request https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773604 and the bug did go away after smartmontools was compiled against the latest binutils. root@hogwarts:~# dpkg -l binutils smartmontools libselinux1 | grep ^ii ii binutils 2.24.90.20141209-1 amd64GNU assembler, linker and binary utilities ii libselinux1:amd64 2.3-2 amd64SELinux runtime shared libraries ii libselinux1:i386 2.3-2 i386 SELinux runtime shared libraries ii smartmontools 6.3+svn4002-2+b2 amd64control and monitor storage systems using S.M.A.R.T. root@hogwarts:~# smartctl -i /dev/sda smartctl 6.4 2014-10-07 r4002 [x86_64-linux-3.14-2-amd64] (local build) Copyright (C) 2002-14, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Model Family: Seagate Barracuda 7200.14 (AF) Device Model: ST250DM000-1BD141 Serial Number:9VYHBYF5 LU WWN Device Id: 5 000c50 04e01f731 Firmware Version: KC45 User Capacity:250,059,350,016 bytes [250 GB] Sector Sizes: 512 bytes logical, 4096 bytes physical Rotation Rate:7200 rpm Device is:In smartctl database [for details use: -P show] ATA Version is: ATA8-ACS T13/1699-D revision 4 SATA Version is: SATA 3.0, 6.0 Gb/s (current: 3.0 Gb/s) Local Time is:Sat Dec 20 19:21:41 2014 EST SMART support is: Available - device has SMART capability. SMART support is: Enabled -- Kamaraju S. Kusumanchi http://malayamaarutham.blogspot.com/
Bug#773022: marked as done (libhogweed2: dependency on libnettle4 too weak)
Your message dated Sun, 21 Dec 2014 00:33:51 +
with message-id e1y2ut1-0007px...@franck.debian.org
and subject line Bug#773022: fixed in nettle 2.7.1-4
has caused the Debian Bug report #773022,
regarding libhogweed2: dependency on libnettle4 too weak
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
773022: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773022
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: libhogweed2
Version: 2.7.1-3+b1
Severity: serious
Justification: policy 12.3 footnote 2
Tags: patch
libhogweed2 contains a symlink /usr/share/doc/libhogweed2 - libnettle4.
Its dependency on libnettle4 is unversioned though which means, that the
copyright and changelog files can get out of sync. This violates the
Debian policy section 12.3 footnote 2.
The solution is to add libnettle4 (= ${binary:Version}) to
libhogweed2's Depends in debian/control.
Note that debhelper cannot be blamed on this, because nettle does not
use dh_installdocs --link-doc, but rather instantiates this symlink on
its own. It therefore is nettle's responsibility to add the versioned
dependency.
The same issue holds for nettle-bin.
Attaching a .debdiff for your convenience.
Helmut
diff -Nru nettle-2.7.1/debian/changelog nettle-2.7.1/debian/changelog
--- nettle-2.7.1/debian/changelog 2014-07-29 17:20:42.0 +0200
+++ nettle-2.7.1/debian/changelog 2014-12-13 11:00:55.0 +0100
@@ -1,3 +1,11 @@
+nettle (2.7.1-3.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Add versioned depends on libnettle4 for packages sharing their
+/usr/share/doc to comply with Debian policy 12.3. (Closes: #-1)
+
+ -- Helmut Grohne hel...@subdivi.de Sat, 13 Dec 2014 10:59:28 +0100
+
nettle (2.7.1-3) unstable; urgency=low
* Use -fPIC instead of -fpic by default (Closes: #755769); needed on
diff -Nru nettle-2.7.1/debian/control nettle-2.7.1/debian/control
--- nettle-2.7.1/debian/control 2014-04-18 21:06:14.0 +0200
+++ nettle-2.7.1/debian/control 2014-12-13 11:01:43.0 +0100
@@ -35,7 +35,7 @@
Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}, libnettle4 (= ${binary:Version})
Description: low level cryptographic library (public-key cryptos)
Nettle is a cryptographic library that is designed to fit easily in more or
less any context: In crypto toolkits for object-oriented languages (C++,
@@ -78,7 +78,7 @@
Package: nettle-bin
Section: misc
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}, libnettle4 (= ${binary:Version})
Breaks: lsh-utils ( 2.0.4-dfsg-1)
Replaces: lsh-utils ( 2.0.4-dfsg-1)
Suggests: lsh-doc
---End Message---
---BeginMessage---
Source: nettle
Source-Version: 2.7.1-4
We believe that the bug you reported is fixed in the latest version of
nettle, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 773...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Magnus Holmgren holmg...@debian.org (supplier of updated nettle package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 21 Dec 2014 01:14:02 +0100
Source: nettle
Binary: libnettle4 libhogweed2 nettle-dev nettle-bin nettle-dbg
Architecture: source amd64
Version: 2.7.1-4
Distribution: unstable
Urgency: medium
Maintainer: Magnus Holmgren holmg...@debian.org
Changed-By: Magnus Holmgren holmg...@debian.org
Description:
libhogweed2 - low level cryptographic library (public-key cryptos)
libnettle4 - low level cryptographic library (symmetric and one-way cryptos)
nettle-bin - low level cryptographic library (binary tools)
nettle-dbg - low level cryptographic library (debugging symbols)
nettle-dev - low level cryptographic library (development files)
Closes: 773022
Changes:
nettle (2.7.1-4) unstable; urgency=medium
.
* Use dh_installdocs --link-doc to create symlinks and add correct
dependencies (Closes: #773022).
* Bump Standards-Version to 3.9.6.
* Add upstream PGP signing key.
* Add GNU server URLs to watch file.
Processed: Re: lowering severity of bugs not tracked by release team
Processing control commands: severity -1 grave Bug #760385 [libv8-3.14] nodejs: CVE-2014-5256 Severity set to 'grave' from 'important' -- 760385: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760385 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#760385: lowering severity of bugs not tracked by release team
On Sat, Dec 20, 2014 at 7:52 PM, Bálint Réczey wrote: The proper severity of this bug is grave as set by Moritz IMO. I'm restoring it wearing my maintainer hat. It's not really constructive arguing over severity, so that's fine. You've saved yourself from needing to write an unblock request. The problem still remains that the backlog of libv8 security issues never get fixed (except for a new upstream every now and then), so treating this one as RC but not the others is rather inconsistent: https://security-tracker.debian.org/tracker/source-package/libv8 https://security-tracker.debian.org/tracker/source-package/libv8-3.14 Note that unimportant there indicates lack of security support for the package. If there is interest in security support for libv8, that is a good thing, but a lot more needs to be done for that to be true. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773191: python-ogg-dbg: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE
Jean-Michel Nirgal Vourgère:
This problem was introduced in commit 27848, where d/rules target
override_dh_installdocs got an extraneous dh_installdocs: The second one
try to make the link but fails because the first one created a directory
with that name.
Actually, there is a problem when uploading from version -6 in my
proposal above. That version is not in wheezy and probably will not be
in jessie either, so this is not a big deal. But to do things properly,
one need to use a maintscript with a dir_to_symlink.
I tested fresh installs and upgrades both from -6 and straight from -5.
I could not detect any problem with dir_to_symlink when there is already
a symlink, like in -5. :)
I updated the version on mentors. See previous mail.
diff -Nru pyogg-1.3+repack/debian/changelog pyogg-1.3+repack/debian/changelog
--- pyogg-1.3+repack/debian/changelog 2014-02-22 12:10:10.0 +0100
+++ pyogg-1.3+repack/debian/changelog 2014-12-21 02:28:55.0 +0100
@@ -1,3 +1,14 @@
+pyogg (1.3+repack-6.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * d/rules: Remove extraneous dh_installdocs; Closes: #773191
+ * Support upgrades from 1.3+repack-6 where
+/usr/share/doc/python-ogg-dbg is not a link:
+- New python-ogg-dbg.maintscript
+- d/control: Add Pre-Depends: $misc for maintscript
+
+ -- Jean-Michel Nirgal Vourgère jmv_...@nirgal.com Sun, 21 Dec 2014 02:26:17 +0100
+
pyogg (1.3+repack-6) unstable; urgency=low
[ Sandro Tosi ]
diff -Nru pyogg-1.3+repack/debian/control pyogg-1.3+repack/debian/control
--- pyogg-1.3+repack/debian/control 2014-02-22 11:47:36.0 +0100
+++ pyogg-1.3+repack/debian/control 2014-12-21 02:25:56.0 +0100
@@ -22,6 +22,7 @@
Architecture: any
Section: debug
Priority: extra
+Pre-Depends: ${misc:Pre-Depends}
Depends: ${misc:Depends}, python-ogg (= ${binary:Version}), python-dbg, ${shlibs:Depends}
Description: Python interface to the Ogg library (debug extension)
This module makes the libogg (Ogg) functions available
diff -Nru pyogg-1.3+repack/debian/python-ogg-dbg.maintscript pyogg-1.3+repack/debian/python-ogg-dbg.maintscript
--- pyogg-1.3+repack/debian/python-ogg-dbg.maintscript 1970-01-01 01:00:00.0 +0100
+++ pyogg-1.3+repack/debian/python-ogg-dbg.maintscript 2014-12-21 02:25:14.0 +0100
@@ -0,0 +1 @@
+dir_to_symlink /usr/share/doc/python-ogg-dbg python-ogg 1.3+repack-6.1~
diff -Nru pyogg-1.3+repack/debian/rules pyogg-1.3+repack/debian/rules
--- pyogg-1.3+repack/debian/rules 2014-02-22 11:47:36.0 +0100
+++ pyogg-1.3+repack/debian/rules 2014-12-21 01:03:20.0 +0100
@@ -44,5 +44,4 @@
endif
override_dh_installdocs:
- dh_installdocs
dh_installdocs -A --link-doc=python-ogg
signature.asc
Description: OpenPGP digital signature
Processed: Re: Bug#773463: jasper: CVE-2014-8137 CVE-2014-8138
Processing control commands: tag -1 patch, pending Bug #773463 [src:jasper] jasper: CVE-2014-8137 CVE-2014-8138 Added tag(s) pending. -- 773463: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773463 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773463: jasper: CVE-2014-8137 CVE-2014-8138
control: tag -1 patch, pending
Hi,
I've uploaded an nmu to delayed/5 fixing these issues. Please see attached.
Best wishes,
Mike
diff -Nru jasper-1.900.1-debian1/debian/changelog jasper-1.900.1-debian1/debian/changelog
--- jasper-1.900.1-debian1/debian/changelog 2014-12-05 07:59:32.0 +
+++ jasper-1.900.1-debian1/debian/changelog 2014-12-21 01:55:43.0 +
@@ -1,3 +1,12 @@
+jasper (1.900.1-debian1-2.3) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix two security issues (Closes: #773463):
+- CVE-2014-8137: double-free in jas_iccattrval_destroy.
+- CVE-2014-8138: heap overflow in jp2_decode.
+
+ -- Michael Gilbert mgilb...@debian.org Sun, 21 Dec 2014 01:47:07 +
+
jasper (1.900.1-debian1-2.2) unstable; urgency=high
* Non-maintainer upload.
diff -Nru jasper-1.900.1-debian1/debian/patches/05-CVE-2014-8137.patch jasper-1.900.1-debian1/debian/patches/05-CVE-2014-8137.patch
--- jasper-1.900.1-debian1/debian/patches/05-CVE-2014-8137.patch 1970-01-01 00:00:00.0 +
+++ jasper-1.900.1-debian1/debian/patches/05-CVE-2014-8137.patch 2014-12-21 01:49:29.0 +
@@ -0,0 +1,66 @@
+Description: CVE-2014-8137: double-free in in jas_iccattrval_destroy()
+Origin: vendor, https://bugzilla.redhat.com/attachment.cgi?id=967283,
+ https://bugzilla.redhat.com/attachment.cgi?id=967284
+Bug-Debian: https://bugs.debian.org/773463
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1173157
+Forwarded: no
+Author: Tomas Hoger tho...@redhat.com
+Last-Update: 2014-12-20
+
+--- a/src/libjasper/base/jas_icc.c
b/src/libjasper/base/jas_icc.c
+@@ -1010,7 +1010,6 @@ static int jas_icccurv_input(jas_iccattr
+ return 0;
+
+ error:
+- jas_icccurv_destroy(attrval);
+ return -1;
+ }
+
+@@ -1128,7 +1127,6 @@ static int jas_icctxtdesc_input(jas_icca
+ #endif
+ return 0;
+ error:
+- jas_icctxtdesc_destroy(attrval);
+ return -1;
+ }
+
+@@ -1207,8 +1205,6 @@ static int jas_icctxt_input(jas_iccattrv
+ goto error;
+ return 0;
+ error:
+- if (txt-string)
+- jas_free(txt-string);
+ return -1;
+ }
+
+@@ -1329,7 +1325,6 @@ static int jas_icclut8_input(jas_iccattr
+ goto error;
+ return 0;
+ error:
+- jas_icclut8_destroy(attrval);
+ return -1;
+ }
+
+@@ -1498,7 +1493,6 @@ static int jas_icclut16_input(jas_iccatt
+ goto error;
+ return 0;
+ error:
+- jas_icclut16_destroy(attrval);
+ return -1;
+ }
+
+--- a/src/libjasper/jp2/jp2_dec.c
b/src/libjasper/jp2/jp2_dec.c
+@@ -291,7 +291,10 @@ jas_image_t *jp2_decode(jas_stream_t *in
+ case JP2_COLR_ICC:
+ iccprof = jas_iccprof_createfrombuf(dec-colr-data.colr.iccp,
+ dec-colr-data.colr.iccplen);
+- assert(iccprof);
++ if (!iccprof) {
++ jas_eprintf(error: failed to parse ICC profile\n);
++ goto error;
++ }
+ jas_iccprof_gethdr(iccprof, icchdr);
+ jas_eprintf(ICC Profile CS %08x\n, icchdr.colorspc);
+ jas_image_setclrspc(dec-image, fromiccpcs(icchdr.colorspc));
diff -Nru jasper-1.900.1-debian1/debian/patches/06-CVE-2014-8138.patch jasper-1.900.1-debian1/debian/patches/06-CVE-2014-8138.patch
--- jasper-1.900.1-debian1/debian/patches/06-CVE-2014-8138.patch 1970-01-01 00:00:00.0 +
+++ jasper-1.900.1-debian1/debian/patches/06-CVE-2014-8138.patch 2014-12-21 01:49:29.0 +
@@ -0,0 +1,22 @@
+Description: CVE-2014-8138: heap overflow in jp2_decode()
+Origin: vendor, https://bugzilla.redhat.com/attachment.cgi?id=967280
+Bug-Debian: https://bugs.debian.org/773463
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1173162
+Forwarded: no
+Author: Tomas Hoger tho...@redhat.com
+Last-Update: 2014-12-20
+
+--- a/src/libjasper/jp2/jp2_dec.c
b/src/libjasper/jp2/jp2_dec.c
+@@ -389,6 +389,11 @@ jas_image_t *jp2_decode(jas_stream_t *in
+ /* Determine the type of each component. */
+ if (dec-cdef) {
+ for (i = 0; i dec-numchans; ++i) {
++ /* Is the channel number reasonable? */
++ if (dec-cdef-data.cdef.ents[i].channo = dec-numchans) {
++jas_eprintf(error: invalid channel number in CDEF box\n);
++goto error;
++ }
+ jas_image_setcmpttype(dec-image,
+ dec-chantocmptlut[dec-cdef-data.cdef.ents[i].channo],
+ jp2_getct(jas_image_clrspc(dec-image),
diff -Nru jasper-1.900.1-debian1/debian/patches/series jasper-1.900.1-debian1/debian/patches/series
--- jasper-1.900.1-debian1/debian/patches/series 2014-12-05 07:59:32.0 +
+++ jasper-1.900.1-debian1/debian/patches/series 2014-12-21 01:49:29.0 +
@@ -2,3 +2,5 @@
02-fix-filename-buffer-overflow.patch
03-CVE-2011-4516-and-CVE-2011-4517.patch
04-CVE-2014-9029.patch
+05-CVE-2014-8137.patch
+06-CVE-2014-8138.patch
Bug#773625: nss: CVE-2014-1569 information leak
package: src:nss version: 3.12.8-1 severity: serious tag: security An information leak issue was disclosed for nss, fixed in 3.17.3: https://security-tracker.debian.org/tracker/CVE-2014-1569 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773626: libav: multiple security issues
package: src:libav version: 6:0.8.16-1 severity: serious tags: security Hi, the following vulnerabilities were published for libav. CVE-2014-8541[0]: | libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension | differences, and not bits-per-pixel differences, when determining | whether an image size has changed, which allows remote attackers to | cause a denial of service (out-of-bounds access) or possibly have | unspecified other impact via crafted MJPEG data. CVE-2014-8542[1]: | libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID | during enforcement of alignment, which allows remote attackers to | cause a denial of service (out-of-bounds access) or possibly have | unspecified other impact via crafted JV data. CVE-2014-8543[2]: | libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all | lines of HHV Intra blocks during validation of image height, which | allows remote attackers to cause a denial of service (out-of-bounds | access) or possibly have unspecified other impact via crafted MM video | data. CVE-2014-8543[3]: | libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all | lines of HHV Intra blocks during validation of image height, which | allows remote attackers to cause a denial of service (out-of-bounds | access) or possibly have unspecified other impact via crafted MM video | data. CVE-2014-8544[4]: | libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate | bits-per-pixel fields, which allows remote attackers to cause a denial | of service (out-of-bounds access) or possibly have unspecified other | impact via crafted TIFF data. CVE-2014-8545[5]: | libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the | monochrome-black format without verifying that the bits-per-pixel | value is 1, which allows remote attackers to cause a denial of service | (out-of-bounds access) or possibly have unspecified other impact via | crafted PNG data. CVE-2014-8546[6]: | Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 | allows remote attackers to cause a denial of service (out-of-bounds | access) or possibly have unspecified other impact via crafted Cinepak | video data. CVE-2014-8547[7]: | libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute | image heights, which allows remote attackers to cause a denial of | service (out-of-bounds access) or possibly have unspecified other | impact via crafted GIF data. CVE-2014-8548[8]: | Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows | remote attackers to cause a denial of service (out-of-bounds access) | or possibly have unspecified other impact via crafted Quicktime | Graphics (aka SMC) video data. CVE-2014-8549[9]: | libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the | number of channels to at most 2, which allows remote attackers to | cause a denial of service (out-of-bounds access) or possibly have | unspecified other impact via crafted On2 data. CVE-2014-9316[10]: | The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg | before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows | remote attackers to cause a denial of service (out-of-bounds heap | access) and possibly have other unspecified impact via vectors related | to LJIF tags in an MJPEG file. CVE-2014-9318[11]: | The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, | 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to | cause a denial of service (out-of-bounds heap access) and possibly | have other unspecified impact via a crafted .cine file that triggers | the avpicture_get_size function to return a negative frame size. CVE-2014-9319[12]: | The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg | before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows | remote attackers to cause a denial of service (out-of-bounds access) | via a crafted .bit file. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-8541 [1] https://security-tracker.debian.org/tracker/CVE-2014-8542 [2] https://security-tracker.debian.org/tracker/CVE-2014-8543 [3] https://security-tracker.debian.org/tracker/CVE-2014-8543 [4] https://security-tracker.debian.org/tracker/CVE-2014-8544 [5] https://security-tracker.debian.org/tracker/CVE-2014-8545 [6] https://security-tracker.debian.org/tracker/CVE-2014-8546 [7] https://security-tracker.debian.org/tracker/CVE-2014-8547 [8] https://security-tracker.debian.org/tracker/CVE-2014-8548 [9] https://security-tracker.debian.org/tracker/CVE-2014-8549 [10] https://security-tracker.debian.org/tracker/CVE-2014-9316 [11] https://security-tracker.debian.org/tracker/CVE-2014-9318 [12] https://security-tracker.debian.org/tracker/CVE-2014-9319 Please adjust the affected versions in the BTS as needed. -- To UNSUBSCRIBE, email to
Bug#772793: cpio: CVE-2014-9112
On Fri, Dec 12, 2014 at 7:16 AM, Aníbal Monsalve Salazar wrote: I uploaded cpio 2.11+dfsg-3 to experimental with the upstream patches listed above. Please test it. It didn't segfault when I run it on amd64 as reported in Red Hat's Bugzilla. Hi, I tested the update, and it seems to work fine. Are you planning to upload to unstable soon? In the meantime, I'm going to prepare the wheezy DSA. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772793: cpio: CVE-2014-9112
control: reopen -1 On Sat, Dec 20, 2014 at 11:34 PM, Michael Gilbert wrote: In the meantime, I'm going to prepare the wheezy DSA. While preparing it, I noticed that there are a couple commits missing from the experimental package, commits fd262d11 and f6a8a2cb: https://security-tracker.debian.org/tracker/CVE-2014-9112 Those are included in the LTS update, and I think they really need to be included in exp/unstable also. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#772793: cpio: CVE-2014-9112
Processing control commands:
reopen -1
Bug #772793 {Done: Raphaël Hertzog hert...@debian.org} [cpio] cpio:
CVE-2014-9112
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions cpio/2.11+dfsg-3 and cpio/2.11-4+deb6u1.
--
772793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772793
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772793: cpio: CVE-2014-9112
On Sat, Dec 20, 2014 at 11:34 PM, Michael Gilbert wrote: On Fri, Dec 12, 2014 at 7:16 AM, Aníbal Monsalve Salazar wrote: I uploaded cpio 2.11+dfsg-3 to experimental with the upstream patches listed above. Please test it. It didn't segfault when I run it on amd64 as reported in Red Hat's Bugzilla. Hi, I tested the update, and it seems to work fine. Are you planning to upload to unstable soon? In the meantime, I'm going to prepare the wheezy DSA. While preparing the DSA, I noticed that there are a couple commits possibly missing from the experimental package, commits fd262d11 and f6a8a2cb: https://security-tracker.debian.org/tracker/CVE-2014-9112 I think those should be included. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773629: pepperflashplugin-nonfree: ca-certificate triggers processed after download attempt
package: pepperflashplugin-nonfree version: 1.8 severity: serious If ca-certificates isn't installed prior to installing this package, it's triggers will be processed after pepperflash tries and fails its download. Since the plugin doesn't get fetched, the package is basically non-functional. A pre-depends ca-certificates will probably solve the problem. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
