Bug#979612: firefox-esr: after upgrade from 78.6.0esr-1~deb10u1 to 78.6.1esr-1~deb10u1 gnome interface behave erratically
Package: firefox-esr Version: 78.6.1esr-1~deb10u1 Severity: serious Justification: 4 Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I executed package updates and upgrades using apt * What exactly did you do (or not do) that was effective (or ineffective)? I tried loggin out and back in, rebooting the host, none helped. After running an apt upgrade on Debian 10 (Buster) running a Gnome Desktop, when Firefox is running, strange behavior takes place. 1. Unable to grab and move windows of other applications like gedit. 2. Unable to click or activate menu items of TorBrowser 3. Unable to close, click or access menu items of a multiple other application. When Firefox-ESR is closed, all above issues go away. When Firefox-ESR version 78.6.1esr-1~deb10u1 running, all kind of strange and unexpected behavior of the Gnome UI takes place. -- Package-specific info: -- Extensions information Name: Amazon.com Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: enabled Name: Bing Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: enabled Name: Dark theme Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: user-disabled Name: Default theme Location: /usr/lib/firefox-esr/omni.ja Package: firefox-esr Status: enabled Name: DoH Roll-Out Location: /usr/lib/firefox-esr/browser/features/doh-roll...@mozilla.org.xpi Package: firefox-esr Status: enabled Name: DuckDuckGo Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: enabled Name: eBay Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: enabled Name: Firefox Screenshots Location: /usr/lib/firefox-esr/browser/features/screensh...@mozilla.org.xpi Package: firefox-esr Status: enabled Name: Form Autofill Location: /usr/lib/firefox-esr/browser/features/formautof...@mozilla.org.xpi Package: firefox-esr Status: enabled Name: Google Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: enabled Name: HTTPS Everywhere Location: ${PROFILE_EXTENSIONS}/https-everywh...@eff.org.xpi Status: enabled Name: Light theme Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: user-disabled Name: uBlock Origin Location: ${PROFILE_EXTENSIONS}/ublo...@raymondhill.net.xpi Status: enabled Name: Web Compat Location: /usr/lib/firefox-esr/browser/features/webcom...@mozilla.org.xpi Package: firefox-esr Status: enabled Name: WebCompat Reporter Location: /usr/lib/firefox-esr/browser/features/webcompat-repor...@mozilla.org.xpi Package: firefox-esr Status: user-disabled Name: Wikipedia (en) Location: /usr/lib/firefox-esr/browser/omni.ja Package: firefox-esr Status: enabled -- Plugins information -- Addons package information ii firefox-esr78.6.1esr-1~deb10u1 amd64Mozilla Firefox web browser - Extended Support Release (ESR) -- System Information: Debian Release: 10.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-13-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages firefox-esr depends on: ii debianutils 4.8.6.1 ii fontconfig 2.13.1-2 ii libatk1.0-0 2.30.0-2 ii libc6 2.28-10 ii libcairo-gobject2 1.16.0-4 ii libcairo2 1.16.0-4 ii libdbus-1-3 1.12.20-0+deb10u1 ii libdbus-glib-1-20.110-4 ii libevent-2.1-6 2.1.8-stable-4 ii libffi6 3.2.1-9 ii libfontconfig1 2.13.1-2 ii libfreetype62.9.1-3+deb10u2 ii libgcc1 1:8.3.0-6 ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1 ii libglib2.0-02.58.3-2+deb10u2 ii libgtk-3-0 3.24.5-1 ii libpango-1.0-0 1.42.4-8~deb10u1 ii libstdc++6 8.3.0-6 ii libx11-62:1.6.7-1+deb10u1 ii libx11-xcb1 2:1.6.7-1+deb10u1 ii libxcb-shm0 1.13.1-2 ii libxcb1 1.13.1-2 ii libxcomposite1 1:0.4.4-2 ii libxdamage1 1:1.1.4-3+b3 ii libxext62:1.3.3-1+b2 ii libxfixes3 1:5.0.3-1 ii libxrender1 1:0.9.10-1 ii procps 2:3.3.15-2 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages firefox-esr recommends: ii libavcodec58 7:4.1.6-1~deb10u1 Versions of packages firefox-esr suggests: pn fonts-lmodern pn fonts-stix | otf-stix ii libcanberra0 0.30-7 ii libgssapi-krb5-2 1.17-3+deb10u1 ii libgtk2.0-02.24.32-3 ii pulseaudio 12.2-4+deb10u1 -- no debconf information
Bug#961907: ca-certificates: Remove expired mozilla/AddTrust_External_Root.crt
Hi all, The reason this is manifesting as a giant problem unexpectedly since Saturday and it did not only hit obscure ancient java programs etc. as Sectigo predicted, is: SSL providers such as Namecheap SSLs.com (and probably many others) were issuing certificates good until mid-2021 with an expiring .ca-bundle file in the download zip! So anyone up until about new years was getting these files and installing expiring-in-may bundle certs onto their server along with their actual cet (expiring in 1 or 2 years usually). may 30th came along and that stopped working out so well for a LOT more users than expected. Server side mitigation: This problem can/should be fixed on the server side by server administrators updating their CA certificate bundle: (i.e. SSLCACertificateFile or SSLCertificateChainFile if you use Apache) to replace the expired Comodo or Sectigo root certs with the correct non-expired ones. The correct bundle cert depends on who your SSL is signed by, but they can be found here: https://www.ssls.com/knowledgebase/sectigo-root-certificate-expiring-may-30-2020 and also here: https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l0117LT However, Until all the servers are patched, or the add trust external CA cert is removed from the ca-certificates bundle, this will continue to explode for clients. Client side Mitigation: As specified here, mitigation on the client side is: - remove AddTrust_External_Root.crt from /etc/ca-certificates.conf - regenerate with update-ca-certificates -f -v Debian fix: Should be to update ca-certificates as per this bug and remove the expired cert. There is actually a reason to do this, as per the openSSL bug in question: https://rt.openssl.org/Ticket/Display.html?id=3359#txn-40958 "The current fix is to not have expired certificates in the trust store." So given the version of OpenSSL in stretch, the only sane fix at least for stretch (and Jessie LTS if still possible) is to remove that certificate. Many of these notes were gleaned from this reddit discussion thread: https://www.reddit.com/r/linux/comments/gshh70/sectigo_root_ca_expiring_may_not_be_handled_well/ which I just discovered now, after spending a weekend fixing up certs server side on hundreds of customer sites. Damn you, Namecheap!!! D.
Bug#931892: gnome: Gnome GUI Privacy settings are ignored.
Package: gnome Version: 1:3.30+1 Severity: serious Tags: security Justification: 5 Dear Maintainer, It became apparent that despite explicit settings of gnome desktop environment "Settings -> All Settings -> Privacy -> Location Services" set to "OFF", package 'geoclue-2.0' along with packages depending on it, such as 'gnome-clocks' ignore settings and continue to send requests via networking stack to identify hosts geographical location. Could some one from Debian security team review this bug and hopefully provide a work around to stop gnome desktop environment along with packages 'gnome-clocks' & 'geoclue-2.0' from contacting remote services over the network, tracing the hosts geo-location? Any help to stop geo-location tracing/checking/calculating/guestimating - would be greatly appreciated. PS: Debian Dev Team, please note, nether package 'gnome-clocks' or 'geoclue-2.0' have NO man pages available, and therefore there is no way for a user of the host to find out how to disable geo-tracing functionality. Per Debian regulations: https://release.debian.org/testing/rc_policy.txt ... Section 5(o) - 'Packages must have a useful extended description.' there should be some sort of a documentation that would informed a user of the host what options are available to modify unwanted, and this case, privacy related behavior to be changes or stopped. At the same time, while explicit settings for privacy gui element of a GNOME environment exist, they appear to be meaningless in terms geo location tracing of the host. Damien. -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gnome depends on: ii avahi-daemon 0.7-4+b1 ii cheese 3.31.90-1 ii cups-pk-helper 0.2.6-1+b1 ii desktop-base 10.0.2 ii evolution3.30.5-1.1 ii evolution-plugins3.30.5-1.1 ii file-roller 3.30.1-2 ii gedit-plugins3.30.1-3 ii gnome-calendar 3.30.1-2 ii gnome-clocks 3.30.1-2 ii gnome-color-manager 3.30.0-2 ii gnome-core 1:3.30+1 ii gnome-documents 3.31.92-1 ii gnome-getting-started-docs 3.30.0-1 ii gnome-maps 3.30.3-1 ii gnome-music 3.30.2-1 ii gnome-screenshot 3.30.0-2 ii gnome-sound-recorder 3.28.2-1 ii gnome-todo 3.28.1-2 ii gnome-tweaks 3.30.2-1 ii gnome-weather3.26.0-5 ii gstreamer1.0-libav 1.15.0.1+git20180723+db823502-2 ii gstreamer1.0-plugins-ugly1.14.4-1 ii libgsf-bin 1.14.45-1 ii libproxy1-plugin-networkmanager 0.4.15-5 ii libreoffice-calc 1:6.1.5-3 ii libreoffice-gnome1:6.1.5-3 ii libreoffice-impress 1:6.1.5-3 ii libreoffice-writer 1:6.1.5-3 ii nautilus-sendto 3.8.6-3 ii network-manager-gnome1.8.20-1.1 ii orca 3.30.1-1 ii rhythmbox3.4.3-2 ii rhythmbox-plugin-cdrecorder 3.4.3-2 ii rhythmbox-plugins3.4.3-2 ii rygel-playbin0.36.2-4 ii rygel-tracker0.36.2-4 ii seahorse 3.30.1.1-1 ii shotwell 0.30.1-1 ii simple-scan 3.30.1.1-1+b1 ii totem-plugins3.30.0-4 ii vinagre 3.22.0-6 ii vino 3.22.0-5 ii xdg-user-dirs-gtk0.10-3 Versions of packages gnome recommends: ii gnome-games 1:3.30+1 ii nautilus-extension-brasero 3.12.2-5 ii transmission-gtk2.94-2 Versions of packages gnome suggests: pn alacarte pn empathy pn firefox-esr-l10n-all | firefox-l10n-all pn gnome-remote-desktop pn goobox | sound-juicer pn polari pn webext-ublock-origin Versions of packages gnome-core depends on: ii adwaita-icon-theme3.30.1-1 ii at-spi2-core 2.30.0-7 ii baobab3.30.0-2 ii caribou 0.4.21-7 ii dconf-cli 0.30.1-2 ii dconf-gsettings-backend 0.30.1-2 i
Bug#884597: mono-runtime-common: Fail to install mono-runtime-common:i386
Package: mono-runtime-common Version: 4.6.2.7+dfsg-1 Severity: grave Justification: renders package unusable Dear Maintainer, When trying to install mono-runtime-common:i386 it fails with the following output: -- Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: mono-runtime-common:i386 : Depends: binutils:i386 but it is not going to be installed Depends: mono-gac:i386 (= 4.6.2.7+dfsg-1) but it is not installable E: Unable to correct problems, you have held broken packages. -- The problem is due to that it depends on mono-gac:i386 and as mono-gac is available for all and not for i386 it fails. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages mono-runtime-common depends on: ii binutils 2.29.1-12 ii libc6 2.25-4 ii mono-gac 4.6.2.7+dfsg-1 ii zlib1g1:1.2.8.dfsg-5 Versions of packages mono-runtime-common recommends: ii binfmt-support 2.1.8-1 Versions of packages mono-runtime-common suggests: ii xdg-utils 1.1.2-1 -- no debconf information
Bug#873322: bpfc-tools: bpfcc FTBFS with luajit 2.1
Hi, To make it build I had to: - set LUAJIT_DIR=/usr/include/luajit-2.1 when invoking dpkg-buildpackage. As alternative you can add /usr/include/luajit-2.1 in PATH_SUFFIXES in cmake/FindLuaJIT.cmake - force using llvm/clang 3.8 in CMakeLists.txt as it does not compile with llvm-5.0 (I did not try with 6.0): find_package(LLVM 3.8 REQUIRED CONFIG) I attached a patch but I am not sure if it will be in the right format as I have a little experience with quilt and debian BTS. Regards diff --git a/debian/patches/fix-luajit-path.diff b/debian/patches/fix-luajit-path.diff new file mode 100644 index 000..ae3514c --- /dev/null +++ b/debian/patches/fix-luajit-path.diff @@ -0,0 +1,11 @@ +--- a/cmake/FindLuaJIT.cmake b/cmake/FindLuaJIT.cmake +@@ -31,7 +31,7 @@ + FIND_PATH(LUAJIT_INCLUDE_DIR lua.h + HINTS + $ENV{LUAJIT_DIR} +- PATH_SUFFIXES include/luajit-2.0 include/luajit2.0 include/luajit include ++ PATH_SUFFIXES include/luajit-2.0 include/luajit2.0 include/luajit include include/luajit-2.1 + PATHS + ~/Library/Frameworks + /Library/Frameworks diff --git a/debian/patches/force-using-clang-3.8.diff b/debian/patches/force-using-clang-3.8.diff new file mode 100644 index 000..ad971fc --- /dev/null +++ b/debian/patches/force-using-clang-3.8.diff @@ -0,0 +1,11 @@ +--- a/CMakeLists.txt b/CMakeLists.txt +@@ -16,7 +16,7 @@ + if(NOT PYTHON_ONLY) + find_package(BISON) + find_package(FLEX) +-find_package(LLVM REQUIRED CONFIG) ++find_package(LLVM 3.8 REQUIRED CONFIG) + message(STATUS "Found LLVM: ${LLVM_INCLUDE_DIRS}") + + # clang is linked as a library, but the library path searching is diff --git a/debian/patches/series b/debian/patches/series index aa18d63..13bf968 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,5 @@ fix-install-path.patch fix-uint128-build-failure.patch disable-massive-cpp-binaries.patch +fix-luajit-path.diff +force-using-clang-3.8.diff
Bug#877925: bpfcc-tools: Missing kernel dependency
Package: bpfcc-tools Version: 0.3.0-1 Severity: grave Justification: renders package unusable Dear Maintainer, this package does JIT compilation and it fails when kernel headers are not installed. Possible fix: add a dependency to kernel headers Regards -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages bpfcc-tools depends on: ii python 2.7.14-1 ii python-bpfcc0.3.0-1 ii python-netaddr 0.7.18-2 bpfcc-tools recommends no packages. bpfcc-tools suggests no packages. -- no debconf information
Bug#871445: linux-image-4.9.0-3-amd64: soft lockup - CPU#0 stuck for 22s! [swapper/0:0]
Package: src:linux Version: 4.9.30-2+deb9u3 Severity: critical Justification: breaks the whole system Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I installed 'oracle java8' using ppa from Ubuntu, Team8, during the installation, ssh session began to 'freeze' and syslog recorded messages regarding CPU locking up. * What exactly did you do (or not do) that was effective (or ineffective)? Just installed Orcale Java8 on a virgin isntance of Debian9 server. * What was the outcome of this action? OS began to 'freeze' with kernel messages about 'locked up CPU' * What outcome did you expect instead? A normal operation of the OS. *** End of the template - remove these template lines *** -- Package-specific info: ** Version: Linux version 4.9.0-3-amd64 (debian-ker...@lists.debian.org) (gcc version 6.3.0 20170516 (Debian 6.3.0-18) ) #1 SMP Debian 4.9.30-2+deb9u3 (2017-08-06) ** Command line: BOOT_IMAGE=/vmlinuz-4.9.0-3-amd64 root=/dev/mapper/docs--vg-root ro quiet ** Tainted: L (16384) * Kernel has detected soft lockup before. ** Kernel log: [ 139.486220] swapper/0 R running task0 0 0 0x0008 [ 139.486224] 93313580 926a3bcb 93313580 [ 139.486226] 9277a4b6 9ccf3fc18fc0 9324a6c0 [ 139.486229] 93313580 926dee04 00983df7 [ 139.486231] Call Trace: [ 139.486233] [ 139.486238] [] ? sched_show_task+0xcb/0x130 [ 139.486242] [] ? rcu_dump_cpu_stacks+0x92/0xb2 [ 139.486244] [] ? rcu_check_callbacks+0x754/0x8a0 [ 139.486247] [] ? update_wall_time+0x473/0x790 [ 139.486250] [] ? tick_sched_handle.isra.12+0x50/0x50 [ 139.486252] [] ? update_process_times+0x28/0x50 [ 139.486254] [] ? tick_sched_handle.isra.12+0x20/0x50 [ 139.486255] [] ? tick_sched_timer+0x38/0x70 [ 139.486257] [] ? __hrtimer_run_queues+0xdc/0x240 [ 139.486258] [] ? hrtimer_interrupt+0x9c/0x1a0 [ 139.486261] [] ? smp_apic_timer_interrupt+0x39/0x50 [ 139.486263] [] ? apic_timer_interrupt+0x82/0x90 [ 139.486266] [] ? _raw_spin_unlock_irqrestore+0x11/0x20 [ 139.486283] [] ? pvscsi_queue+0x42d/0x870 [vmw_pvscsi] [ 139.486294] [] ? scsi_test_unit_ready+0x150/0x150 [scsi_mod] [ 139.486302] [] ? scsi_dispatch_cmd+0xd6/0x200 [scsi_mod] [ 139.486309] [] ? scsi_request_fn+0x460/0x5e0 [scsi_mod] [ 139.486312] [] ? __blk_run_queue+0x2f/0x40 [ 139.486313] [] ? blk_run_queue+0x21/0x40 [ 139.486320] [] ? scsi_run_queue+0x243/0x2c0 [scsi_mod] [ 139.486327] [] ? scsi_end_request+0x122/0x1a0 [scsi_mod] [ 139.486333] [] ? scsi_io_completion+0x1a6/0x670 [scsi_mod] [ 139.486335] [] ? blk_done_softirq+0x88/0xb0 [ 139.486337] [] ? __do_softirq+0x105/0x290 [ 139.486339] [] ? irq_exit+0xae/0xb0 [ 139.486341] [] ? do_IRQ+0x4f/0xd0 [ 139.486343] [] ? common_interrupt+0x82/0x82 [ 139.486344] [ 139.486347] [] ? native_safe_halt+0x2/0x10 [ 139.486348] [] ? default_idle+0x1a/0xd0 [ 139.486351] [] ? cpu_startup_entry+0x1ca/0x240 [ 139.486353] [] ? start_kernel+0x443/0x463 [ 139.486355] [] ? early_idt_handler_array+0x120/0x120 [ 139.486357] [] ? x86_64_start_kernel+0x14c/0x170 [ 187.362590] TCP: ens192: Driver has suspect GRO implementation, TCP performance may be compromised. [ 708.602102] INFO: rcu_sched detected stalls on CPUs/tasks: [ 708.707854] 0-...: (1 GPs behind) idle=6f3/1/0 softirq=5911/5911 fqs=263 [ 708.707877] (detected by 1, t=5282 jiffies, g=7910, c=7909, q=167) [ 708.707898] Task dump for CPU 0: [ 708.707899] swapper/0 R running task0 0 0 0x0008 [ 708.707903] 9320e500 0001 [ 708.707905] 0100 [ 708.707906] ff4b 92c05b02 [ 708.707908] Call Trace: [ 708.707914] [] ? native_safe_halt+0x2/0x10 [ 708.707915] [] ? default_idle+0x1a/0xd0 [ 708.707917] [] ? cpu_startup_entry+0x1ca/0x240 [ 708.707920] [] ? start_kernel+0x443/0x463 [ 708.707922] [] ? early_idt_handler_array+0x120/0x120 [ 708.707923] [] ? x86_64_start_kernel+0x14c/0x170 [ 712.156417] NMI watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [swapper/0:0] [ 712.156451] Modules linked in: vmw_vsock_vmci_transport vsock coretemp crct10dif_pclmul crc32_pclmul ghash_clmulni_intel ppdev vmw_balloon intel_rapl_perf joydev serio_raw pcspkr evdev shpchp sg vmwgfx vmw_vmci ttm drm_kms_helper drm parport_pc nfit libnvdimm parport battery ac acpi_cpufreq button ip_tables x_tables autofs4 ext4 crc16 jbd2 crc32c_generic fscrypto ecb mbcache hid_generic usbhid hid dm_mod sr_mod cdrom sd_mod ata_generic crc32c_intel aesni_intel uhci_hcd aes_x86_64 glue_helper lrw gf128mul ehci_pci ablk_helper cryptd ata_piix psmouse ehci_hcd a
Bug#701274: Issue with NetCDF
Hello, NetCDF is currently compiled with gfortran 4.7, so ETSF_IO should be compiled with the same compiler. What do you suggest: - recompile netcdf with current gfortran (i.e. 4.8) but need to recompile also all package depending on NetCDF fortran. - force gfortran 4.7 in ETSF_IO build dependencies and change when NetCDF is recompiled. This has been debated already on the science mailing list, but I didn't remember that a consensus was reached. Regards, Damien. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#713109: closing 713109
close 713109 thanks librhino-java 1.7R4 is now in unstable, so FTBFS of closure-compiler is fixed. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#719415: gradle: FTBFS: build hangs during codenarc steps
Hi Miguel, FTR, I'm working on git repository right now and I've create a new patch to skip codeNarcMain task. Chers, -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#666851: Apache 2.4 upload date scheduled for May 30
Hi Arno and Tony, 2013/5/30 Arno Töll > Hi Tony, > > On 30.05.2013 22:30, tony mancill wrote: > > I'll take a look at updating the package tonight based on Damien's work > > on libapache-mod-jk 1:1.2.35-1. Or if you have a debdiff ready to go, > > please attach it to the bug report. No need for an NMU. > > no I don't, but I had the same plan as you, that is to take the existing > package in Experimental and possibly upload that to Sid. I was planning to work on this package tomorow evening, but no problem if you beat me (merging back changes done in 1.2.35-1 should do it). Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan
Bug#666851: Apache 2.4 transition is ready in VCS
tag 666851 + pending thanks I've already worked on transition (see here : http://packages.qa.debian.org/liba/libapache-mod-jk/news/20120404T205024Z.html ) so I'm just waiting for a GO before uploading to experimental. Regards, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#537051: Bug#690204: Add no-await trigger support and Breaks to fix ca-certificates-java breakage
Hi Don! Your fix seems sensible - at least from my quick review : I lack time to properly maintain ca-certificate-java right now, so thanks for your time. Small question : is your fix targeted for wheezy ? maybe you should also contact release team in advance to check if they are ok with this. Regards, On 13/11/2012 22:18, Don Armstrong wrote: Control: tag -1 patch Please find the attached patches which fix this problem. I've tested them a bit, but please review them. ca-certificates (20121112+nmu1) unstable; urgency=low * Non-maintainer upload * Breaks ca-certificates-java (<<20121112+nmu1); partially fixing #537051. * Provide update-ca-certificates and update-ca-certificates-fresh triggers. * Call the triggers using no-await so that the configuration files from the newer version of ca-certificates-java are in places before the upgrade. Closes: #537051. ca-certificates-java (20121112+nmu1) unstable; urgency=low * Non-maintainer upload * Fix test for dpkg-query in postinst; there was an extraneous --version here. [Probably don't even need to bother to check for dpkg-query, but why not.] (Closes: #690204) * Library path for softokn3pkg and nsspkg is potentially wrong if there are multiple different paths; fix it. * Do not run the hook if ca-certificates-java has been removed but not purged. * Use the new trigger support provided by ca-certificates (>=20121112). -- Don Armstrong Mon, 12 Nov 2012 15:45:50 -0800 I plan on uploading an NMU for ca-certificates-java as soon as I have an ACK from the ca-certificates team that the fix looks reasonable (unless I hear from ca-certificates-java that they want to do it.) [I can also upload a fixed ca-certificates and pull my changes into ca-certificates unless y'all want to handle that.] Don Armstrong -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#637273: Gradle doesn't work with Groovy 1.8.x
Hi, > AFAIK, support for Groovy 1.8.x is not a priority for upstream until > after 1.0 release, so it doesn't make sense to hold Groovy 1.8.x from > entering unstable. The maintainance of this package will continue when > upstream make a suitable release. A new version a Gradle is being packaged (1.1) which work with Groovy 1.8 but this new release also need new upstream releases of dependencies' packages [1]. So, for Wheezy, I think we have to drop Gradle (and maybe re-add it latter throught backport) [1] http://lists.debian.org/debian-java/2012/08/msg00062.html -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#684815: Bug#684841: wagon2: FTBFS: missing org.bouncycastle:bcprov:jar:debian
Like for #684841, maybe there is a missing versionned depends on libbcprov-java (since I need at least 1.44+dfsg-3 with maven artifacts) but I'm now waiting for a fix for #678904 to allow transition of new bouncycastle to wheezy. Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#684841: wagon2: FTBFS: missing org.bouncycastle:bcprov:jar:debian
Hi, On 14/08/2012 09:36, Lucas Nussbaum wrote: Missing: -- 1) org.bouncycastle:bcprov:jar:debian Try downloading the file manually from the project website. Then, install it using the command: mvn install:install-file -DgroupId=org.bouncycastle -DartifactId=bcprov -Dversion=debian -Dpackaging=jar -Dfile=/path/to/file Alternatively, if you host your own repository you can deploy the file there: mvn deploy:deploy-file -DgroupId=org.bouncycastle -DartifactId=bcprov -Dversion=debian -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id] Path to dependency: 1) org.apache.maven.wagon:wagon-ssh-external:jar:2.2 2) org.bouncycastle:bcprov:jar:debian Maybe there is a missing versionned depends on libbcprov-java (since I need at least 1.44+dfsg-3 with maven artifacts) but I'm now waiting for a fix for #678904 to allow transition of new bouncycastle to wheezy. Thanks for you report. -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#678904: bouncycastle: FTBFS with gcj
Hi all, I haven't seen that "bouncycastle" package was under pkg-java team maintainance, so I'll fix this myself (Team upload) and prepare a new upload real soon now. Cheers, On 17/08/2012 00:26, Damien Raude-Morvan wrote: reopen 678904 found 678904 1.46+dfsg-6 thanks Hi, It seems that bouncycastle still FTBFS with GCJ after 1.46+dfsg-6 upload. However, this is a different failure : [...] [javac] 822. ERROR in /build/buildd-bouncycastle_1.46+dfsg-6-kfreebsd- amd64-0I1Ozr/bouncycastle-1.46+dfsg/build/artifacts/jdk1.5/bcprov- jdk15-146/src/org/bouncycastle/jce/ECPointUtil.java [javac] (at line 3) [javac]import java.security.spec.ECFieldF2m; [javac] ^ [javac] The import java.security.spec.ECFieldF2m cannot be resolved [...] So there is some missing classes from GCJ classpath, like java.security.spec.ECFieldF2m (linked to elliptic curve ciffer which is in JDK API since 1.5). For now, so you might to Build-Depends on default-jdk (>= 1:1.6) and request removal of binaries on kfreebsd-* Regards, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#678904: bouncycastle: FTBFS with gcj
reopen 678904 found 678904 1.46+dfsg-6 thanks Hi, It seems that bouncycastle still FTBFS with GCJ after 1.46+dfsg-6 upload. However, this is a different failure : [...] [javac] 822. ERROR in /build/buildd-bouncycastle_1.46+dfsg-6-kfreebsd- amd64-0I1Ozr/bouncycastle-1.46+dfsg/build/artifacts/jdk1.5/bcprov- jdk15-146/src/org/bouncycastle/jce/ECPointUtil.java [javac] (at line 3) [javac] import java.security.spec.ECFieldF2m; [javac]^ [javac] The import java.security.spec.ECFieldF2m cannot be resolved [...] So there is some missing classes from GCJ classpath, like java.security.spec.ECFieldF2m (linked to elliptic curve ciffer which is in JDK API since 1.5). For now, so you might to Build-Depends on default-jdk (>= 1:1.6) and request removal of binaries on kfreebsd-* Regards, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#681567: [Pkg-opennebula-devel] Bug#681567: opennebula-common: fails to install, purge, and install again
Hi gregor, Le 28/07/2012 18:23, gregor herrmann a écrit : Control: tag 681567 + patch On Sat, 14 Jul 2012 12:42:03 +0200, Andreas Beckmann wrote: during a test with piuparts I noticed your package failed to install, remove+purge, and install again. This is often a problem with the home directory of a system user: the user is not deleted during purge (which is fine), but the home directory is removed. Since the user already exists on the next installation, adduser won't recreate the home. That's exactly the case here: in postrm/purge the user account is not deleted but just disabled; but the home directory is deleted. So at the second install the directory is not created. Since there's already a codepath to deal with an exisiting user, I suggest to (re)create the directory there --> attached patch. Any comments before I NMU? I haven't had time, yet, to work on opennebula package recently but your patch seems fine. Go fo NMU! I'll merge it back latter into git repository. Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#677814: Bug#670901: Spring: Multiple security issues
Hi Moritz, Le lundi 30 avril 2012 09:55:39, Moritz Muehlenhoff a écrit : > CVE-2011-2730 seems to affect libspring-2.5-java? If so, please clone or > reassign as needed. I've prepared an upload of libspring-2.5-java for squeeze to fix CVE-2011-2730. You can find it on http://people.debian.org/~drazzib/security/ Could you please review it ? Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#675495: Should not be released with Wheezy
Hi, On 01/06/2012 18:53, Sylvestre Ledru wrote: > Le 01/06/2012 16:35, Moritz Muehlenhoff a écrit : >> Package: openjdk-6 >> Severity: serious >> >> Upstream support for Java 6 ends in November: >> http://www.oracle.com/technetwork/java/javase/eol-135779.html >> >> As such, we should not include it in Wheezy and fix up the >> rdepends to use openjdk-7 instead. > So, you think we should change default-jdk to openjdk-7... > > FYI, there are many packages failing to build with this release. > With the freeze is in a couple of weeks, it is going to be hard to > achieve (while I would like to see that coming). Switching default-java to OpenJDK7 subject was discussed on debian-java [1] last year, and conclusion was : - Since Java 6 will be EOL on Nov 2012 [2], switch to openjdk-7 is the way to go but isn't that simple - there was 100+ FTBFS by 2011 end (Ubuntu done some test rebuild) - AFAIK, there is still 50+ FTBFS [3] :/ You can see in UDD that there was some bugs recently fixed regarding those FTBFS but clearly there is a long way before we can fix everything... [1] http://lists.debian.org/debian-java/2011/11/msg00029.html [2] http://www.oracle.com/technetwork/java/eol-135779.html [3] https://bugs.launchpad.net/ubuntu/+bugs?field.tag=java7-ftbfs [4] http://udd.debian.org/cgi-bin/bts-usertags.cgi?tag=openjdk-7-transition&user=ubuntu-de...@lists.ubuntu.com -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#675373: virtualbox: segfault in libQtCore.so.4.8.1
Package: virtualbox Version: 4.1.14-dfsg-1 Severity: grave Justification: renders package unusable hello, virtualbox segfaults. dmesg displays the following: [33391.906793] VirtualBox[25243]: segfault at 0 ip 7fa49a5cf43a sp 7fffc3ee1140 error 4 in libQtCore.so.4.8.1[7fa49a54e000+2cc000] Indeed, libQTCore.so is found here in the version of libqtcore4 installed on my system : $ dpkg -L libqtcore4 (...) /usr/lib/x86_64-linux-gnu/libQtCore.so.4.8.1 (...) regards, Damien -- System Information: Debian Release: 6.0.5 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (400, 'testing'), (200, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages virtualbox depends on: ii adduser3.112+nmu2add and remove users and groups ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcurl3 7.21.0-2.1+squeeze2 Multi-protocol file transfer libra ii libgcc11:4.4.5-8 GCC support library ii libgsoap2 2.8.7-1 Runtime libraries for gSOAP ii libpng12-0 1.2.44-1+squeeze4 PNG library - runtime ii libpython2.7 2.7.2-8 Shared Python runtime library (ver ii libsdl1.2debian1.2.14-6.1Simple DirectMedia Layer ii libssl1.0.01.0.0h-1 SSL shared libraries ii libstdc++6 4.6.2-12 GNU Standard C++ Library v3 ii libvncserver0 0.9.7-2+b1API to write one's own vnc server ii libx11-6 2:1.3.3-4 X11 client-side library ii libxcursor11:1.1.13-1X cursor management library ii libxext6 2:1.3.1-2 X11 miscellaneous extension librar ii libxml22.7.8.dfsg-2+squeeze4 GNOME XML library ii libxmu62:1.0.5-2 X11 miscellaneous utility library ii libxt6 1:1.0.7-1 X11 toolkit intrinsics library ii python 2.6.7-3 interactive high-level object-orie ii python-central 0.6.16+nmu1 register and build utility for Pyt ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime Versions of packages virtualbox recommends: ii libgl1-mesa-glx [libgl1] 7.7.1-5 A free implementation of the OpenG ii libqt4-opengl 4:4.8.1-1 Qt 4 OpenGL module ii libqtcore4 4:4.8.1-1 Qt 4 core module ii libqtgui4 4:4.8.1-1 Qt 4 GUI module ii virtualbox-dkms4.1.14-dfsg-1 x86 virtualization solution - kern ii virtualbox-qt 4.1.14-dfsg-1 x86 virtualization solution - Qt b Versions of packages virtualbox suggests: ii vde2 2.3.2-4Virtual Distributed Ethernet pn virtualbox-guest-additions-is (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#623882: error installing certs with non-ascii characters in their names
Hi Miguel, Le samedi 29 octobre 2011 21:08:36, Miguel Landaeta a écrit : > Is this really fixed? > > I ask because I still can see some warnings or errors when > ca-certificates-java install certificates with non-ascii filenames: > > [snip] > > Setting up ca-certificates-java (20110912) ... > Adding debian:Taiwan_GRCA.pem > Adding debian:Digital_Signature_Trust_Co._Global_CA_1.pem > Adding debian:AddTrust_Qualified_Certificates_Root.pem > Adding debian:NetLock_Notary_=Class_A=_Root.pem > Adding debian:ValiCert_Class_1_VA.pem > Adding debian:signet_ca3_pem.pem > Adding debian:UTN_USERFirst_Hardware_Root_CA.pem > Warning: there was a problem reading the certificate file > /etc/ssl/certs/T??B??TAK_UEKAE_K??k_Sertifika_Hizmet_Sa??lay??c??s??_-_S?? > r??m_3.pem. Message: > /etc/ssl/certs/T??B??TAK_UEKAE_K??k_Sertifika_Hizmet_Sa??lay??c??s??_-_S?? > r??m_3.pem (No such file or directory) Adding debian:cacert.org.pem > Warning: there was a problem reading the certificate file > /etc/ssl/certs/Certinomis_-_Autorit??_Racine.pem. Message: > /etc/ssl/certs/Certinomis_-_Autorit??_Racine.pem (No such file or > directory) Adding > debian:Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.pem > Adding debian:Certplus_Class_2_Primary_CA.pem > Warning: there was a problem reading the certificate file > /etc/ssl/certs/AC_Ra??z_Certic??mara_S.A..pem. Message: > /etc/ssl/certs/AC_Ra??z_Certic??mara_S.A..pem (No such file or directory) I've improved existing fix for encoding issues into 20120524 upload, so you might not see this warning anymore :) Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#611138: CVE-2010-4438 / CVE-2011-5035
Hi all, Le dimanche 13 mai 2012 18:54:38, Steve McIntyre a écrit : > >Sadly, no :/ I must admit that Oracle does not publish details of its > >fixes so it's hard to confirm firmly what's component is exactly > >impacted. > > > >I'll try to revive my contact @Oracle to get some feedback on this > >issue (on future security issues). > > Hi, > > Any news on this? I'll just start by restating my initial comment on both issues : - We don't build any real "Glassfish Server" but just some parts of API library used as Java EE specifications. As for any specification, this is just a collection of interfaces and don't have much more implementations than dumb or stub code. - So I don't think that CVE-2010-4438 or CVE-2011-5035 affect Debian binary packages. But I cannot be 100% sure since : - Upstream bugtracker [1] doesn't contains ref to those security issues - My Oracle contact (GlassFish community manager) only told me that "CVE-2011-5035 is integrated in GlassFish 3.1.1 Patch 2 (an update to 3.1.1 for paying customers). The fix is in the trunk and will be integrated in the 3.1.2 release scheduled for later this quarter" I don't think I'll do further investigation on those issues... At least, there is one instructing thing : we have to think twice before integrating of a full blown Glassfish JEE server (ie. not just API) into Debian as from my point of view Glassfish Security is not handled as an open source should. [1] http://java.net/jira/browse/GLASSFISH Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#657870: Multiple issues in Struts
Hi Moritz, > There was another report for a Struts security issue: > CVE-2012-1592: > http://seclists.org/bugtraq/2012/Mar/110 > > Can you please contact upstream, whether this needs to be fixed in > our Struts 1.2? Struts 1.x is not affected by this issue (there is no XSLTResult file or similar mecanism). BTW, Red Hat also flaged their struts 1.x package as Not Vulnerable. Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#665899: [Pkg-opennebula-devel] Bug#665899: opennebula: uninstallable on arches without ruby-sqlite3
On 26/03/2012 22:40, Adam D. Barratt wrote: Hi, Hi Adam, After the recent package restructuring, opennebula is uninstallable on any architecture where ruby-sqlite3 does not exist - currently mips, powerpc, s390 and sparc. (Specifically opennebula depends on opennebula-tools, which depends on ruby-opennebula, which depends on ruby-sqlite3.) Hum... not sure to understand issue here. Old opennebula 2.x package had a Depends on libsqlite3-ruby too but this package was built on all arch [1]. Since new ruby-sqlite3 rename (and new upstream release) it seems to FTBFS on some arch [2]. I fail to see how I can improve things in OpenNebula package. [1] https://buildd.debian.org/status/package.php?p=sqlite3-ruby&suite=squeeze [2] https://buildd.debian.org/status/package.php?p=ruby-sqlite3&suite=sid -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#665832: gnuplot: Crashes with "Segmentation fault" on every command
Package: gnuplot Version: 4.6.0-1 Severity: grave Justification: renders package unusable Hi, gnuplot crashes on every command, returning a "Segmentation fault" error (well, actually, on my french system, it's "Erreur de segmentation"). For example : me@E3PO:~$ gnuplot G N U P L O T Version 4.6 patchlevel 0last modified 2012-03-04 Build System: Linux x86_64 Copyright (C) 1986-1993, 1998, 2004, 2007-2012 Thomas Williams, Colin Kelley and many others Terminal type set to 'wxt' gnuplot> help Erreur de segmentation me@E3PO:~$ It has been exactly the same with any command I tried : help FAQ, plot sin(x), set xlabel 'foo', etc. I have no idea where it could come from. I would be glad to give you any detail you may ask for. Best regards, Damien *** Please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these lines *** -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gnuplot depends on: ii gnuplot-nox 4.6.0-1 ii gnuplot-x11 4.6.0-1 gnuplot recommends no packages. Versions of packages gnuplot suggests: pn gnuplot-doc -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#661695: [Openjdk] Bug#661695: still overwriting hotspot build flags
On 29/02/2012 14:46, Matthias Klose wrote: One discrepancy I've found is that CFLAGS *AND* CPPFLAGS are both send to g++ invocation - so there duplicate flags send to compiler. You only have to export/set these for jamvm and cacao (and the pulseaudio stuff). The proper solution would from my point of view is to set these in the IcedTea Makefile when configuring jamvm and cacao (or make these aware of EXTRA_* as well). This seems to be whishlist and not serious bug... only if CFLAGS in hotspot is not overwritten. And only if the optimization level for the hotspot build is not downgraded to -O2. Good catch : I haven't seen that default -03 was overwrite by -02 OK, I'm working on improving that for next upload. Regards, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#661695: [Openjdk] Bug#661695: still overwriting hotspot build flags
Hi Matthias, On Wed, 29 Feb 2012 13:08:16 +0100, Matthias Klose wrote: > as mentioned in email, exporting CFLAGS etc. in debian/rules overwrites > Hotspots CFLAGS. Could you please be a bit more specific : which exact gcc/g++ flag is overriden during hotspot build ? One discrepancy I've found is that CFLAGS *AND* CPPFLAGS are both send to g++ invocation - so there duplicate flags send to compiler. > You only have to export/set these for jamvm and cacao (and the > pulseaudio stuff). The proper solution would from my point of view is to > set these in the IcedTea Makefile when configuring jamvm and cacao (or make > these aware of EXTRA_* as well). This seems to be whishlist and not serious bug... Regards, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#657870: Multiple issues in Struts
Hi Moritz, Le jeudi 16 février 2012 19:42:09, Damien Raude-Morvan a écrit : > On 09/02/2012 21:16, Moritz Mühlenhoff wrote: > > There's a new issues, which affects 1.x: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1007 > > From [1], it seems there is no actual fix for this issue :( > I'll contact Struts Security Team on this matter. Okay, I got some feedback for Struts Security Team. This particular security issue doesn't affect Struts as binary library (ie. /usr/share/java/struts-1.2.jar is unaffected) but concern only samples provided as source is /usr/share/doc/libstruts1.2-java/example* Do you think we should provide an updated package for squeeze (I think we can just drop examples) ? Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#660232: RE csound: FTBFS: Implicit dependency `/usr/lib/libpython2.7.a' not found, needed by target `_csnd.so'
block 660232 by 660231 thanks Dears maintainer, They must change the symlink in python2-7 package. "ln -s /usr/lib/python2.7/config/libpython2.7.a /usr/lib/libpython2.7.a" -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#657870: Multiple issues in Struts
Hi Moritz, On 09/02/2012 21:16, Moritz Mühlenhoff wrote: There's a new issues, which affects 1.x: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1007 From [1], it seems there is no actual fix for this issue :( I'll contact Struts Security Team on this matter. [1] http://secpod.org/advisories/SecPod_Apache_Struts_Multiple_Parsistant_XSS_Vulns.txt -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655495: CVE-2011-4605: DoS
Hi Moritz, Le mercredi 11 janvier 2012 18:37:42, Moritz Muehlenhoff a écrit : > This is CVE-2011-4605 > > Please see here for details and patches: > http://openwall.com/lists/oss-security/2011/12/25/2 I was waiting for upstream to release new 5.6.x release with this security fix... but, AFAIK, this won't happen in a timely fashion so I'll push this fix into unstable via patches. Regards, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#611138: CVE-2010-4438
On 01/01/2012 19:47, Julien Cristau wrote: Hi, Hi Julien, On Wed, Jan 26, 2011 at 19:46:32 +0100, Damien Raude-Morvan wrote: So I don't think Debian package is affected by this issue, but we'll have to wait until Oracle/Glassfish team publish some source code to confirm ths. Did that happen in the last year? Sadly, no :/ I must admit that Oracle does not publish details of its fixes so it's hard to confirm firmly what's component is exactly impacted. I'll try to revive my contact @Oracle to get some feedback on this issue (on future security issues). Cheers, -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#652804: plexus-containers1.5: FTBFS: Cannot find parent: org.codehaus.plexus:plexus-containers
Hi, Le mardi 20 décembre 2011 16:09:58, Lucas Nussbaum a écrit : > > mvn-generate: > > > > mvn-shared-repo: > > > > mvn-local-repo: > > [java] + Error stacktraces are turned on. > > [java] [INFO] > > [java] NOTE: Maven is executing in offline mode. Any artifacts not > > already in your local [java] repository will be inaccessible. > > [java] > > [java] [INFO] Scanning for projects... > > [java] [INFO] > > --- > > - [java] [ERROR] FATAL ERROR > > [java] [INFO] > > --- > > - [java] [INFO] Error building POM (may not be this project's > > POM). [java] > > [java] > > [java] Project ID: > > org.codehaus.plexus:plexus-container-default:jar:1.5.5 [java] > > [java] Reason: Cannot find parent: > > org.codehaus.plexus:plexus-containers for project: > > org.codehaus.plexus:plexus-container-default:jar:1.5.5 for project > > org.codehaus.plexus:plexus-container-default:jar:1.5.5 [java] JFTR, I've started working on this issue : it might be linked to some bug in maven-ant-helper. Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#652874: bti: fails to run because of missing lib
Package: bti Version: 031-2 Severity: grave Justification: renders package unusable After doing a normal install, bti is missing some lib required for running. That is bad. ___ $ bti bti: /usr/lib/x86_64-linux-gnu/libcurl-nss.so.4: version `CURL_NSS_3' not found (required by /usr/lib/x86_64-linux-gnu/liboauth.so.0) ___ -- System Information: Debian Release: wheezy/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_FR.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages bti depends on: ii libc62.13-21 ii libcurl3-gnutls 7.22.0-3 ii liboauth00.9.4-3+b1 ii libpcre3 8.12-4 ii libxml2 2.7.8.dfsg-5 bti recommends no packages. Versions of packages bti suggests: ii bash-completion 1:1.3-1 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#645881: critical update 29 available
Hi all, Le dimanche 11 décembre 2011 17:25:41, Holger Levsen a écrit : > On Sonntag, 11. Dezember 2011, Matthias Klose wrote: > > the DLJ bundles were created because you are not allowed to re-distribute > > the jdk packages from oracle. Did that change recently? > > I believe inside an organisation I can rebundle their bundles to my > prefered kind of bundle, that is, form of distribution (inside the > organisation), anything else would be riciculous, or? > > All I suggest is to document how to enhance their "bundles" to proper > Debian packages :-) You should have a look at old "make-jpkg" tool which used to be provided by java-package : http://packages.qa.debian.org/j/java-package.html Purpose of this tool is to repackage "binaries" provided by Oracle and integrate them inside Debian : alternatives, FHS directories, plugin registration, etc... Maybe we can provide some support to integrate non-free Oracle JDK with this tool (but someone has to do the work to support newer JDK in this tool). Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#642836: Bug#577704: Confirming bug in libsurefire-java
On Fri, 14 Oct 2011 14:31:54 +0200, Torsten Werner wrote: > Hi, Hi, > Am 14.10.2011 11:51, schrieb David Paleino: >> The strange thing is "2.4.3" seems mentioned nowhere: > > the core plugins are referenced in the super pom. It can be found in > maven-project.jar. Could you please check if this is fixed with maven2 2.2.1-10 ? Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#644094: [Openjdk] Bug#644094: icedtea-plugin: Fails to load any java applet due to AccessControlException
Le mardi 04 octobre 2011 22:27:49, Frederik Himpe a écrit : > On Tue, 2011-10-04 at 22:20 +0200, Damien Raude-Morvan wrote: > > Hi Frederik, > > > > Thanks for this report. > > > > Le dimanche 02 octobre 2011 19:54:02, Frederik Himpe a écrit : > > > icedtea-plugin fails to load any applet in Iceweasel 7. For example, > > > http://java.com/en/download/testjava.jsp > > > > > > The console contains these errors: > > > > > > java version "1.6.0_23" > > > OpenJDK Runtime Environment (IcedTea6 1.11pre) (6b23~pre9-2) > > > OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode) > > > > [...] > > > > > Caused by: java.security.AccessControlException: access denied > > > (java.lang.RuntimePermission accessClassInPackage.sun.security.util) > > > > Root cause of this exception is not into icedtea-plugin but in openjdk-6 > > package. It has been fixed in 6b23~pre10-1 upload. > > > > Could you please retest with this release ? I'm closing this issue now, > > but feel free to reopen if you can reproduce it with openjdk-6-jre >= > > 6b23~pre10-1 > > Correct, the new openjdk-6 package fixes this particular problem. Ok, good. > I think that I discovered another problem though: applets only work when > openjdk-6-jdk is installed, openjdk-6-jre does not seem to be enough. I > will probably have to open a new report for this. Please, go ahead if you can reproduce it. Thanks, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#644094: [Openjdk] Bug#644094: icedtea-plugin: Fails to load any java applet due to AccessControlException
Hi Frederik, Thanks for this report. Le dimanche 02 octobre 2011 19:54:02, Frederik Himpe a écrit : > icedtea-plugin fails to load any applet in Iceweasel 7. For example, > http://java.com/en/download/testjava.jsp > > The console contains these errors: > > java version "1.6.0_23" > OpenJDK Runtime Environment (IcedTea6 1.11pre) (6b23~pre9-2) > OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode) [...] > Caused by: java.security.AccessControlException: access denied > (java.lang.RuntimePermission accessClassInPackage.sun.security.util) Root cause of this exception is not into icedtea-plugin but in openjdk-6 package. It has been fixed in 6b23~pre10-1 upload. Could you please retest with this release ? I'm closing this issue now, but feel free to reopen if you can reproduce it with openjdk-6-jre >= 6b23~pre10-1 Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#642734: Bug#642598: w/ new javaws.policy HDtracks Download Manager no longer works
reassign 642598 openjdk-6-jre 6b23~pre8-2 affects 642598 icedtea-netx 1.1.2-1 tags 642598 + pending thanks Hi, Thanks for yours reports. Le samedi 24 septembre 2011 13:02:27, Jamie Heilman a écrit : > The downloader Web Start application HDtracks (www.hdtracks.com) uses > for purchases used to work as recently as version 1.1-1, but now it > just kicks out an error about not being able to connect to their > service. Using Oracle's javaws from the 1.7.0 JRE, the app works fine. I think it used to work with a previous openjdk-6. [...] > It all appears to be related to the addition of the javaws.policy > file. So after fumbling around and reading up on things I applied: > > --- /etc/icedtea-web/javaws.policy.orig 2011-09-24 03:44:41.856667471 -0700 > +++ /etc/icedtea-web/javaws.policy 2011-09-24 03:42:38.473334213 -0700 > @@ -11,4 +11,7 @@ > > permission java.lang.RuntimePermission > "accessClassInPackage.sun.security.internal.interfaces"; > + > + permission java.lang.RuntimePermission > + "accessClassInPackage.sun.security.rsa"; > }; > > > ...and everything worked again. So, might wanna take a harder look at > https://bugzilla.redhat.com/show_bug.cgi?id=471413 or evaluate why > Oracle ships with "permission java.security.AllPermission;" in their > default javaws policy file. Yes, but uptream use a specific codeBase for this java.policy : grant codeBase "file:/usr/share/icedtea-web/netx.jar" { permission java.security.AllPermission; }; (I've uploaded icedtea-web-1.1.3 with this policy to be closer to upstream) In fact, it's an issue with openjdk-6 where he didn't allow it's own sunpkcs11.jar library to access internal classes. I'm preparing an update for this. In the mean time, you can edit /etc/java-6-openjdk/security/java.policy and replace : -- grant codeBase "file:/usr/lib/jvm/java-6-openjdk-amd64/ext/*" { permission java.security.AllPermission; }; grant codeBase "file:/usr/lib/jvm/java-6-openjdk-common/ext/*" { permission java.security.AllPermission; }; -- by this policy : -- grant codeBase "file:/usr/lib/jvm/java-6-openjdk-amd64/jre/lib/ext/*" { permission java.security.AllPermission; }; grant codeBase "file:/usr/lib/jvm/java-6-openjdk-common/jre/lib/ext/*" { permission java.security.AllPermission; }; -- Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#643024: libffado2: jackd can't start with libffado version 2.0.99+svn1995-1
Confirmed. Reverting to version 2.0.99+svn1968-1 and jackd works ok. Program received signal SIGABRT, Aborted. 0xb7fe2424 in __kernel_vsyscall () (gdb) where #0 0xb7fe2424 in __kernel_vsyscall () #1 0xb7c64911 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0xb7c67d42 in *__GI_abort () at abort.c:92 #3 0xb7c9a9d5 in __libc_message (do_abort=2, fmt=0xb7d6fa90 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189 #4 0xb7ca4ac1 in malloc_printerr (action=, str=0x6 , ptr=0xb7b1a61c) at malloc.c:6283 #5 0xb7ca6328 in _int_free (av=, p=) at malloc.c:4795 #6 0xb7ca93dd in *__GI___libc_free (mem=0xb7b1a61c) at malloc.c:3738 #7 0xb7f7bb5f in operator delete(void*) () from /usr/lib/i386-linux-gnu/libstdc++.so.6 #8 0xb79dd2ea in DebugModule::~DebugModule() () from /usr/lib/libffado.so.2 #9 0xb79dd3a0 in DebugModuleManager::~DebugModuleManager() () from /usr/lib/libffado.so.2 #10 0xb79daf83 in ?? () from /usr/lib/libffado.so.2 #11 0xb7ff5a42 in ?? () from /lib/ld-linux.so.2 #12 0xb7ff6537 in ?? () from /lib/ld-linux.so.2 #13 0xb7e2bcc4 in dlclose_doit (handle=0x80580f0) at dlclose.c:37 #14 0xb7ff0b66 in ?? () from /lib/ld-linux.so.2 #15 0xb7e2c0bc in _dlerror_run (operate=, args=) at dlerror.c:164 #16 0xb7e2bcfa in __dlclose (handle=0x6) at dlclose.c:48 #17 0xb7e913e0 in ?? () from /usr/lib/libjackserver.so.0 #18 0xb7e924a4 in ?? () from /usr/lib/libjackserver.so.0 #19 0xb7e95c75 in jackctl_server_create () from /usr/lib/libjackserver.so.0 #20 0x08049fbf in ?? () #21 0xb7c50e46 in __libc_start_main (main=0x8049d00, argc=7, ubp_av=0xb8e4, init=0x804b860, fini=0x804b850, rtld_fini=0xb7ff1310, stack_end=0xb8dc) at libc-start.c:228 #22 0x08049b71 in ?? () Backtrace stopped: Not enough registers or memory available to unwind further (gdb) quit -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#642280: jasperreports: FTBFS: Unmet dependencies
Le mercredi 21 septembre 2011 07:16:32, Torsten Werner a écrit : > On Wed, Sep 21, 2011 at 5:06 AM, Miguel Landaeta wrote: > > pbuilder-satisfydepends-dummy: Depends: libjakarta-poi-java (>= 3.2) > > which is a virtual package. > > Argh. Changing the Build-Depends to libapache-poi-java is probably the > simplest solution. Thanks, I'm working on this issue. Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#640072: ant1.7 ftbfs in unstable
Le vendredi 02 septembre 2011 20:45:52, Miguel Landaeta a écrit : > On Thu, Sep 01, 2011 at 09:19:20PM -0430, Miguel Landaeta wrote: > > I fixed this bug in ant 1.8.2 recently. I'll commit the fix later. > > This is fixed in svn. > > BTW, I fixed some lintian warnings on this package but no all of them. Ok, uploaded to unstable. > I think the effort should be on migrating the remaining 4 reverse > Build-Depends to ant 1.8. > Those reverse B-D are: > > libservlet2.4-java > nlpsolver > freemind > libjogl-java I think you should submit an bug for each of this package - to request switching to ant 1.8.2. BTW, libservlet2.4-java is also on removal list :) -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#640072: ant1.7 ftbfs in unstable
Hi doko, Le jeudi 01 septembre 2011 23:57:20, Matthias Klose a écrit : > Package: ant1.7 > Version: 1.7.1-7 > Severity: serious [...] > /usr/share/ant/lib/ant-apache-resolver.jar Cannot find the jar to install: > build/lib/ant-apache-resolver.jar > make: *** [install/ant1.7-optional] Error 2 Just a few lines before I get : jars: [jar] Building jar: /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant-launcher.jar [jar] Building jar: /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant.jar [jar] Building jar: /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant-bootstrap.jar [jar] Building jar: /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant-nodeps.jar [jar] Building jar: /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant-trax.jar [jar] Warning: skipping jar archive /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant-apache-resolver.jar because no files were included. [jar] Warning: skipping jar archive /home/drazzib/Dev/debian- pkg/work/test/ant1.7-1.7.1/build/lib/ant-apache-resolver.jar because no files were included. Did ant1.7 is still needed ? IIRC, it was added just before squeeze release to fix some FTBFS (caused by ant 1.8.0) but ant 1.8.2 seems a bit better now. Maybe we should drop ant1.7... Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#639954: azureus: FTBFS (multiarch breakage)
Le jeudi 01 septembre 2011 02:19:01, Adrian Bunk a écrit : > On Thu, Sep 01, 2011 at 02:03:36AM +0200, Damien Raude-Morvan wrote: > > Adrian, > > > > Please, don't start MBF without checking first with debian-devel (or in > > this > > > > case with debian-java) : > >... > > I am not doing mass bug filing, I just sent bug reports for the two > packages where I personally ran into these buge. Ok, sorry, I react too quickly. Since your two bugs have the same subject / the same content, I thought you were filling them with some script :) Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#639954: azureus: FTBFS (multiarch breakage)
Adrian, Please, don't start MBF without checking first with debian-devel (or in this case with debian-java) : it's not only java-access-bridge and azureus but many more packages. Debian Java Team is fully aware that recent changes in openjdk-6 / openjdk-7 makes roughly 60+ packages FTBFS. Le jeudi 01 septembre 2011 01:41:24, Adrian Bunk a écrit : > Package: azureus > Version: 4.3.0.6-4 > Severity: serious > > $ dpkg-buildpackage [...] > You must specify a valid JAVA_HOME or JAVACMD! [1] http://www.debian.org/doc/manuals/developers-reference/beyond- pkging.html#submit-many-bugs -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#638462: symbol lookup error: /usr/sbin/cupsd: undefined symbol: _pwgGetPageSize
Hello, Force cups to be at the correct version -; I ran into the same, after an apt-get upgrade (because packages were to be removed with a dist-upgrade), got this error, and then upgraded explicitely cups itself with: apt-get install cups (which installed few other new packages). Undef symbol error got fixed. IMHO this bug report may be closed. Cheers, Jean-Damien. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#637656: unavailable build depends
Le mardi 16 août 2011 13:58:45, Damien Raude-Morvan a écrit : > On Tue, 16 Aug 2011 13:10:01 +0200, Torsten Werner > > wrote: > > Hi Damien, Hi Ludovic, > > Hi, > > > m-d-h version 1.4.4 is already committed to the svn repo. Is it ready > > for upload? What about m-r-h 1.5.2? > > I'll try to do some checks and upload both packages this evening. Ok, I need a fix for #637213 before I can do an upload to unstable. Can anyone have a look at this one ? Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#637656: unavailable build depends
On Tue, 16 Aug 2011 13:10:01 +0200, Torsten Werner wrote: > Hi Damien, Hi Ludovic, Hi, > m-d-h version 1.4.4 is already committed to the svn repo. Is it ready > for upload? What about m-r-h 1.5.2? I'll try to do some checks and upload both packages this evening. > On Sat, Aug 13, 2011 at 4:00 PM, Matthias Klose wrote: >> Package: libxbean-java >> Version: 3.7-1 >> Severity: serious >> >> Build-Depends: debhelper (>= 7), cdbs, default-jdk, quilt, >> maven-debian-helper >> (>= 1.4.4) >> >> the latter is not available Regards, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#623693: openjdk-7: incomplete copyright file and binaries without source
Hi, JFTR, here is some update on this issue. Le vendredi 22 avril 2011 12:20:06, Torsten Werner a écrit : > the code in directory rewriter/ seems to AGPL-3 licenced but this is not > documented in the copyright file. This part is fixed since 7~b130-1.14~pre0-2. > The file jdk.tar.gz ships several *.so files below > test/sun/security/pkcs11/nss/lib/ and I could not find the source for them. This is ok since 7~b147-2.0~pre1-1. > The file langtools.tar.gz ships a file broken.jar without source code. This still need some work to sort this out with upstream. Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#622141: tomcat-native: Using SSLv2_method
Le mercredi 06 juillet 2011 16:16:25, Niels Thykier a écrit : > Hey, Hi Niels, > Any updates on this? I see it has been marked pending since April 13th > and upstream has not replied to it on the tracker. No news since April. I'll publish a fixed package with my current patch. We can revert latter if upstream find something wrong with this. Regards, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#629852: openjdk-6?
Hi, Le jeudi 30 juin 2011 18:20:03, Harald Staub a écrit : > The security tracker still shows openjdk-6 as "needs to be checked", e.g.: > http://security-tracker.debian.org/tracker/CVE-2011-0872 > > OTOH, Ubuntu has issued a Security Notice for openjdk-6 on June 17: > http://www.ubuntu.com/usn/usn-1154-1/ > > So I should assume the Debian stable package to be vulnerable? Ubuntu had just released a new upstream security release of IcedTea [0] which aggregate multiple security bugfixes from Oracle. It's not a specific security release for this bug. From RedHat bugtracket [1] and from IcedTea [2] repository, this issues seems only related to Windows handling of selector (and only windows files are touched by this patch). So this particular security issue doesn't need an urgent upload for openjdk-6. [0] http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2011- June/014607.html [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0872 [2] http://icedtea.classpath.org/hg/release/icedtea6-1.9/file/8d393fbff5d3/patches/security/20110607/6213702.patch Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#618168: Gfortran module issue
Hello, It seems to me that the issue comes from the fact that NetCDF has been compiled with gfortran 4.4 (current version of /usr/include/netcdf.mod from libnetcdf-dev) while current gfortran compiler is 4.6. So when the configure of ETSF_IO tries to compile a test from NetCDF written in Fortran, it fails because of the NetCDF module being not-usable. This small code doesn't compile currently in Debian: program foo use netcdf call nf90_open("toto.nc") end program foo gives : caliste@coriandre:~/tmp$ gfortran -I /usr/include -c toto.f90 toto.f90:3.12: use netcdf 1 Fatal Error: Wrong module version '0' (expected '6') for file 'netcdf.mod' opened at (1) While with gfortran-4.4: caliste@coriandre:~/tmp$ gfortran-4.4 -I /usr/include -c toto.f90 toto.f90:3.12: use netcdf 1 toto.f90:5.27: call nf90_open("toto.nc") 2 Error: 'nf90_open' at (1) has a type, which is not consistent with the CALL at (2) The module file is correctly understood and raise a comoilation accordingly. The solution would be to force gfortran 4.4 for ETSF_IO but it's not clean. The other solution would be to rebuild automatically every package that exposes a Fortran module file at each gfortran update. Damien. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#630542: yui-compressor: mangles strings containing backslash
Hi Jakub, Le mercredi 15 juin 2011 22:59:41, Damien Raude-Morvan a écrit : > Le mercredi 15 juin 2011 01:22:12, Jakub Wilk a écrit : > > $ cat tmp.js > > x = "\\"; > > > > $ yui-compressor tmp.js; echo > > x="\"; > > Thanks for you feedback, I can confirm that this break badly with jQuery. > It seems regression testsuite in yui-compressor is not sufficient to check > this case. Could you please try yui-compressor package I've put here with your jQuery build : http://people.debian.org/~drazzib/yui/ Thanks in advance, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#630542: yui-compressor: mangles strings containing backslash
Hi Jakub, Le mercredi 15 juin 2011 01:22:12, Jakub Wilk a écrit : > Package: yui-compressor > Version: 2.4.6+debian1-1 > Severity: grave > > $ cat tmp.js > x = "\\"; > > $ yui-compressor tmp.js; echo > x="\"; Thanks for you feedback, I can confirm that this break badly with jQuery. It seems regression testsuite in yui-compressor is not sufficient to check this case. Can you provide me a working compressed-jQuery so I can compare and check there is no others regressions ? For now, you can just use previous release (2.4.6-1) from testing. > (Severity grave, because this badly breaks jQuery, and possibly lots of > other code.) ACK. Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#628272: Release of this patch?
On Wed, 08 Jun 2011 15:15:39 +0100, James Page wrote: > I've just hit this bug in one of my new packages; when do you think > 1.4.3 of m-d-h will be released? I can release a 1.4.3 version w/ this simple change before tomorrow morning. (my initial plan was to work on some others reported - but minor - issues before doing an upload) Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#628289: geogebra: FTBFS: [javac] /build/user-geogebra_3.2.46.0+dfsg1-1-amd64-cG9nle/geogebra-3.2.46.0+dfsg1/geogebra/main/AppletImplementation.java:1593: cannot find symbol
Hi, Le jeudi 02 juin 2011 15:40:55, Giovanni Mascellani a écrit : > Some classes disappeared from OpenJDK and I'm trying to understand how > difficult it would be to have them back again. > > The other option is to remove from Geogebra the code depending on > netscape.javascript.*. Given that Geogebra in Debian is meant to be used > just as an application, this shouldn't hurt that much. Some work would > be needed anyway. There was a split between upstream icedtea (openjdk-* packages) et icedtea-web (icedtea-plugin and icedtea-netx packages). netscape.javascript.* classes are now located inside /usr/share/icedtea- web/plugin.jar (icedtea-plugin). Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#624010: Experiencing a similar problem but without LVM
* m...@linux.it (Marco d'Itri) [110426 15:21]: > > It looks like root gets mounted (I do not use an initrd), but some > > disk device nodes in /dev are not yet present when the fsck are > > started, so they fail, and I get an emergency prompt. If I press > > C-d, boot continues > So you are using a custom kernel without devtmpfs, for a start. That's right; enabling devtmpfs in my custom kernelmade the problem go away. May I ask how you guessed that my problem could be related to this? I thought udev creating a tmpfs for /dev when devtmpfs is not enabled was not affecting its subsequent behaviour. Does this somehow mean that devtmpfs is now required for udev to work properly, at least in Debian? Thanks, -- Damien Wyart pgpqouQI6aYks.pgp Description: PGP signature
Bug#624010: Experiencing a similar problem but without LVM
Hi, I am not using LVM, so I do not reproduce the exact same problem, but after upgrading to udev 168-1 my system also became unbootable. It looks like root gets mounted (I do not use an initrd), but some disk device nodes in /dev are not yet present when the fsck are started, so they fail, and I get an emergency prompt. If I press C-d, boot continues normaly. The devices which fail to be fscked are different each time, so it looks a bit like a timing problem. With 167-3, everything is fine. I do not have a /run directory. I am a bit surprised nobody has reported this earlier, maybe people do not reboot that often... Best, -- Damien Wyart -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#623951: openjdk-7: FTBFS when trying to build ZeroVM
directory `/build/buildd-openjdk-7_7~b130-1.14~pre0-1- powerpc-kggtvE/openjdk-7-7~b130-1.14~pre0/build' Uptream bug regarding this failure : http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=698 Cheers, -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (200, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#620113: red5-server doesn't start properly after installation
Hi Stefan, Le Thursday 31 March 2011 19:22:01, Stefan Schlesinger a écrit : > On Mar 30, 2011, at 12:52 , Damien Raude-Morvan wrote: > > On Wed, 30 Mar 2011 11:46:51 +0200, Stefan Schlesinger > > wrote: Could you please try to install glassfish-j2ee package ? > > $> sudo aptitude install glassfish-j2ee > > thanks, that fixed the issue. I'd also like to recommend, mentioning > logback.xml for adjusting the red5 log level in README.Debian. I'll try to work on a fix for stable to provide this to next point release of Squeeze (6.0.2 ?). Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#620113: red5-server doesn't start properly after installation
On Wed, 30 Mar 2011 11:46:51 +0200, Stefan Schlesinger wrote: [...] > sts@cha-web01 ~ $ dpkg -l | grep glassfish > sts@cha-web01 ~ $ > sts@cha-web01 ~ $ ls -la /usr/share/red5/lib/ [...] > lrwxrwxrwx 1 root root 31 Mar 29 14:24 glassfish-javaee.jar -> > ../../java/glassfish-javaee.jar [...] Could you please try to install glassfish-j2ee package ? $> sudo aptitude install glassfish-j2ee I think there is some missing Depends in squeeze red5-server package (and, BTW, I'm using a tweaked package for my own use so I haven't noticed that :/) Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#620113: red5-server doesn't start properly after installation
Hi Stefan, On Wed, 30 Mar 2011 09:09:03 +, Stefan Schlesinger wrote: > seems like the red5-server package is broken for some reason. I tried to > install it, > on a clean Debian/squeeze system but it doesn't install or start properly. [...] > Caused by: java.lang.NoClassDefFoundError: > javax/servlet/http/HttpServlet > > I checked the command line executed by red5.sh and it results to this: > > /usr/bin/java \ > -Dpython.home=lib \ > -Dred5.root=/usr/share/red5/ \ > -Dlogback.ContextSelector=org.red5.logging.LoggingContextSelector \ > -Dcatalina.useNaming=true -Djava.security.debug=failure \ > -cp /usr/share/red5//boot.jar:/usr/share/red5//conf: > org.red5.server.Bootstrap > > Note: after installation of the sun-java package no JAVA_HOME or CLASSPATH > are set, I'd expect the -cp paramter to be longer usually? Red5 use some bootstraping to feed its classpath : http://www.google.com/codesearch/p?hl=fr#orDf4PBhBz4/java/server/trunk/src/org/red5/server/Bootstrap.java AFAIR, everything inside /usr/share/red5/lib/ is included into this dynamic classpath. [...] > FYI: Since its a test system, I could as well provide you with root access > to this host. I will test on my own Squeeze system. If really needed, I'll get back to you to get access to your host. > Here is the more verbose output of the red5.log. I could as well send you > the full log, but its [...] > java.lang.NoClassDefFoundError: javax/servlet/http/HttpServlet Can you send me : - ls -la /usr/share/red5/lib/ - dpkg -l | grep *servlet* - dpkg -l | grep *glassfish* Thanks in advance, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#617868: FTBFS due to changes introduced in libvelocity-tools-java 2.0
Le Saturday 12 March 2011 01:25:58, Miguel Landaeta a écrit : > As subject says. A complete build log is attached and the relevant > error messages are shown below: > > buildmain: [..] > [javac] > /tmp/buildd/libspring-2.5-java-2.5.6.SEC02/src/org/springframework/web/ser > vlet/view/velocity/VelocityToolboxView.java:30: cannot find symbol [javac] > symbol : class ViewTool > [javac] location: package org.apache.velocity.tools.view.tools > [javac] import org.apache.velocity.tools.view.tools.ViewTool; I'll take care of this (I've already patched this source code but haven't uploaded yet). Cheers, -- Damien signature.asc Description: This is a digitally signed message part.
Bug#617865: FTBFS due to changes in cglib
reassign 617865 cglib 2.2+dfsg-3 affects 617865 + libhibernate3-java thanks Hi Miguel, Le Saturday 12 March 2011 00:40:03, Miguel Landaeta a écrit : > Package: libhibernate3-java > Version: 3.5.4.Final-5 > Severity: serious > > The last upload of cglib breaks the build of this package. > A complete build log is attached and the relevant error messages > are shown below: [...] > /tmp/buildd/libhibernate3-java-3.5.4.Final/core/src/main/java/org/hibernate > /bytecode/cglib/CglibClassTransformer.java:[79,34] > getClassInfo(net.sf.cglib.asm.ClassReader) in > net.sf.cglib.core.ClassNameReader cannot be applied to > (org.objectweb.asm.ClassReader) /usr/share/java/cglib-2.2.jar /usr/share/java/cglib-nodep-2.2.jar seems ok but there is some mix up in /usr/share/maven-repo between dep and nodep version. I'll fix that in cglib. Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#616686: anki: upgrading makes data from previous version unreadable
The latest version of Anki is 1.2. I suggest you upgrade, as it should be able to read your deck. On Mon, Mar 7, 2011 at 1:39 AM, Michael Goetze wrote: > Package: anki > Version: 1.0.1-1 > Severity: grave > Justification: causes data loss > > After upgrading from 0.9.9.8.6-2.1 to 1.0.1-1, Anki can no longer read > my old decks. Furthermore, after downgrading, I cannot import any of the > decks from ~/.anki/backups, with errors such as: > > Import failed. > Traceback (most recent call last): > File "/usr/share/anki/ankiqt/ui/importing.py", line 172, in doImport > self.importer.doImport() > File "/usr/share/anki/anki/importing/anki10.py", line 31, in doImport > src = DeckStorage.Deck(self.file) > File "/usr/share/anki/anki/deck.py", line 2804, in Deck > deck.rebuildQueue() > File "/usr/share/anki/anki/deck.py", line 683, in rebuildQueue > self.checkDue() > File "/usr/share/anki/anki/deck.py", line 663, in checkDue > stmt % 0, now=time.time()+self.delay0).rowcount > File "/usr/share/anki/anki/db.py", line 114, in statement > return self.execute(text(sql), kwargs) > File "/usr/share/anki/anki/db.py", line 90, in execute > x = self._session.execute(*a, **ka) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/orm/session.py", > line 735, in execute > clause, params or {}) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/engine/base.py", > line 1157, in execute > params) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/engine/base.py", > line 1237, in _execute_clauseelement > return self.__execute_context(context) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/engine/base.py", > line 1268, in __execute_context > context.parameters[0], context=context) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/engine/base.py", > line 1367, in _cursor_execute > context) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/engine/base.py", > line 1360, in _cursor_execute > context) > File "/usr/lib/python2.6/dist-packages/sqlalchemy/engine/default.py", > line 288, in do_execute > cursor.execute(statement, parameters) > OperationalError: (OperationalError) no such index: ix_cards_priorityDue > u'update cards indexed by ix_cards_priorityDue set isDue = 1 where type > = 0 and isDue = 0 and priority in (1,2,3,4) and combinedDue <= ?' > (1299430077.8064089,) > > So, presently, all my data seems to be unreadable. > > > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#611138: CVE-2010-4438
Hi, Le mardi 25 janvier 2011 23:02:18, Moritz Muehlenhoff a écrit : > See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4438 > > Please get in touch with Oracle to check, what "unspecified > vulnerability" they fixed... From CVE abstract : " Sun GlassFish Enterprise Server contains a flaw related to the 'Java Message Service (JMS)' sub-component that may allow a local attacker to have a partial affect on integrity and confidentiality and cause a denial of service. No further details have been provided. " As we hardly build any real "Glassfish Server" but just some parts of API library from Java EE specifications. FYI, /usr/share/java/glassfish-jms.jar is just a collection of interfaces and don't have any implementations of a JMS server. So I don't think Debian package is affected by this issue, but we'll have to wait until Oracle/Glassfish team publish some source code to confirm ths. Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#606685: upgrading cups fixed the bug
Hello, I have upgraded my cups packages to testing, it seems that the problem is fixed. If you have interested I have kept a core file for the problem I have reported yesterday. Currently (with issue fixed) the list of cups packages on my computer is: $ dpkg -l '*cups*' | grep ^i ii cups 1.4.4-7Common UNIX Printing System(tm) - server ii cups-client 1.4.4-7Common UNIX Printing System(tm) - client pro ii cups-common 1.4.4-7Common UNIX Printing System(tm) - common fil ii cups-driver-gutenprint 5.2.6-1printer drivers for CUPS ii cups-ppdc 1.4.4-7Common UNIX Printing System(tm) - PPD manipu ii cupsddk 1.4.4-7Common UNIX Printing System (transitional pa ii ghostscript-cups 8.71~dfsg2-6 The GPL Ghostscript PostScript/PDF interpret ii libcups2 1.4.4-7Common UNIX Printing System(tm) - Core libra ii libcups2-dev 1.4.4-7Common UNIX Printing System(tm) - Developmen ii libcupscgi1 1.4.4-7Common UNIX Printing System(tm) - CGI librar ii libcupsdriver1 1.4.4-7Common UNIX Printing System(tm) - Driver lib ii libcupsimage2 1.4.4-7Common UNIX Printing System(tm) - Raster ima ii libcupsmime1 1.4.4-7Common UNIX Printing System(tm) - MIME libra ii libcupsppdc1 1.4.4-7Common UNIX Printing System(tm) - PPD manipu ii libcupsys2 1.3.8-1+lenny8 Common UNIX Printing System (transitional pa ii libgnomecups1.0-1 0.2.3-3GNOME library for CUPS interaction ii python-cups 1.9.31-1 Python bindings for CUPS ii python-cupsutils 1.0.0-4lenny1 Python utility modules around the CUPS print Cheers, Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#606685: evince segfaults in ppdFindChoice () from /usr/lib/libcups.so.2
Package: evince Version: 2.22.2-4~lenny1 Severity: grave Justification: renders package unusable Hello, evince segfaults when trying to print PDF files on a network printer. It looks to be related to this bug report on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/660731 Printing a PDF file with a KDE application works fine. Printing (not a PDF file) with another gnome application works fine also. I did a few tracing with gdb (after having installed evince-dbg). Here it is below. Cheers Damien === Starting program: /usr/bin/evince [Thread debugging using libthread_db enabled] [New Thread 0xb6219940 (LWP 10930)] [New Thread 0xb6056b70 (LWP 10933)] [New Thread 0xb529cb70 (LWP 10934)] [New Thread 0xb48ffb70 (LWP 10935)] [New Thread 0xb40feb70 (LWP 10936)] [Thread 0xb48ffb70 (LWP 10935) exited] [Thread 0xb40feb70 (LWP 10936) exited] [New Thread 0xb40feb70 (LWP 10937)] [Thread 0xb529cb70 (LWP 10934) exited] [New Thread 0xb529cb70 (LWP 10938)] [New Thread 0xb48ffb70 (LWP 10939)] [New Thread 0xb35e0b70 (LWP 10940)] [Thread 0xb40feb70 (LWP 10937) exited] [Thread 0xb35e0b70 (LWP 10940) exited] [Thread 0xb529cb70 (LWP 10938) exited] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb6219940 (LWP 10930)] 0xb2db5c4b in ppdFindChoice () from /usr/lib/libcups.so.2 (gdb) bt #0 0xb2db5c4b in ppdFindChoice () from /usr/lib/libcups.so.2 #1 0xb4a0d9c8 in ?? () from /usr/lib/gtk-2.0/2.10.0/printbackends/libprintbackend-cups.so #2 0x094a2b08 in ?? () #3 0x0004 in ?? () #4 0xb2db94eb in ppdPageSize () from /usr/lib/libcups.so.2 #5 0xb71dae46 in gtk_printer_get_default_page_size () from /usr/lib/libgtk-x11-2.0.so.0 #6 0xb71e4f28 in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #7 0x0942cc08 in ?? () #8 0xfffb in ?? () #9 0x0001 in ?? () #10 0xbfa07358 in ?? () #11 0x in ?? () #12 0x0011 in ?? () #13 0x0010 in ?? () #14 0xb714310e in gtk_tree_view_get_type () from /usr/lib/libgtk-x11-2.0.so.0 #15 0xb6ca5c08 in g_cclosure_marshal_VOID__BOOLEAN () from /usr/lib/libgobject-2.0.so.0 #16 0xb6c9813a in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #17 0xb6cae61d in ?? () from /usr/lib/libgobject-2.0.so.0 #18 0x094c0e18 in ?? () #19 0x in ?? () (gdb) info threads 8 Thread 0xb48ffb70 (LWP 10939) 0xb77cb424 in __kernel_vsyscall () 2 Thread 0xb6056b70 (LWP 10933) 0xb77cb424 in __kernel_vsyscall () * 1 Thread 0xb6219940 (LWP 10930) 0xb2db5c4b in ppdFindChoice () from /usr/lib/libcups.so.2 -- System Information: Debian Release: 5.0.6 Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages evince depends on: ii gconf2 2.22.0-1 GNOME configuration database syste ii gnome-icon-theme2.22.0-1 GNOME Desktop icon theme ii libart-2.0-22.3.20-2 Library of functions for 2D graphi ii libatk1.0-0 1.30.0-1 The ATK accessibility toolkit ii libbonobo2-02.22.0-1 Bonobo CORBA interfaces library ii libbonoboui2-0 2.22.0-1 The Bonobo UI library ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libcairo2 1.8.8-2~bpo50+1 The Cairo 2D vector graphics libra ii libdbus-1-3 1.2.1-5+lenny1 simple interprocess messaging syst ii libdbus-glib-1-20.76-1 simple interprocess messaging syst ii libdjvulibre21 3.5.20-8+lenny1 Runtime support for the DjVu image ii libgcc1 1:4.3.2-1.1 GCC support library ii libgconf2-4 2.22.0-1 GNOME configuration database syste ii libglade2-0 1:2.6.2-1library to load .glade files at ru ii libglib2.0-02.24.2-1 The GLib library of C routines ii libgnome-keyring0 2.22.3-2 GNOME keyring services library ii libgnome2-0 2.20.1.1-1 The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.20.1.1-1 A powerful object-oriented display ii libgnomeui-02.20.1.1-2 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 1:2.22.0-5 GNOME Virtual File System (runtime ii libgtk2.0-0 2.18.6-1~bpo50+1 The GTK+ graphical user interface ii libice6 2:1.0.4-1X11 Inter-Client Exchange library ii libjpeg62 6b1-1The Independent JPEG Group's JPEG ii libkpathsea42007.dfsg.2-4+lenny3 TeX Live: path search library for ii libnautilus-extensi 2.20.0-7 libraries for nautilus components ii liborbit2 1:2.14.13-0.1libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.20.5-6 Layout and rendering of internatio ii libpoppler-glib30.8.7-4 PDF rendering library (GLib-based ii lib
Bug#602362: libjsr166y-java: FTBFS in sid with type parameters ... cannot be determined error
Hi Miguel, On Mon, 15 Nov 2010 10:26:53 -0430, Miguel Landaeta wrote: > Could you please review the last two commits at > http://git.debian.org/?p=pkg-java/libjsr166y-java.git? Seems fine regarding source changes. However, I have two comments : - Have you managed to test this change with libgpars-groovy-java ? I have no test case at hand to check for correct behavior... - Maybe we should also set urgency=medium as it fix an RC bug (FTBFS) ? Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601786: #601786: ia32 java is run to fails due to a syntax error with "(" unexpected : more info needed
tag 601786 +moreinfo severity 601786 normal thanks Hi, I'm not able to reproduce your issue here : [~]$ /usr/lib/jvm/ia32-java-6-sun-1.6.0.22/bin/java -version java version "1.6.0_22" Java(TM) SE Runtime Environment (build 1.6.0_22-b04) Java HotSpot(TM) Server VM (build 17.1-b03, mixed mode) [~]$ dpkg -l | grep -i ia32-sun-java6-bin ii ia32-sun-java6-bin 6.22-1 Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#600338: May contain non-free data
Hi Miguel! On Wed, 20 Oct 2010 14:55:43 -0430, Miguel Landaeta wrote: > I can take care of this. > > Anyway, itext is very very outdated and after squeeze > this package should be updated. libitext1-java is in dependency tree of Maven 2 (ie. site generation part via libdoxia) and I'm not sure that libitext-java (2.1) is API/ABI compatible with libitext1-java. So we have to : - keep libitext1-java or migrate Maven2 to libitext-java (2.1) or package Maven3 (Torsten is working on it...) - be careful in handling libitext1-java to ensure no breakage of others packages Cheers, -- Damien -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564652: BTS #564652: build OpenCT on kfreebsd-*, NMU ?
Hi, Le mercredi 07 avril 2010 23:35:35, Damien Raude-Morvan a écrit : > I've compiled proposed fixes to allow openct to build on kfreebsd : > > Resulting package can be found here : > http://people.debian.org/~drazzib/openct/openct_0.6.20-1.1.dsc > > NMUdiff is here : > http://people.debian.org/~drazzib/openct/openct+nmu+0.6.20-1.1.patch > > Eric, did you want some NMU ? Since this RC bug is open for quite some time now, I've uploaded a DELAYED/2 NMU. Eric: feel free to cancel, before 2-day delay, this NMU if you plan to upload a fixed package. Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#564652: BTS #564652: build OpenCT on kfreebsd-*, NMU ?
Hi, I've compiled proposed fixes to allow openct to build on kfreebsd : Resulting package can be found here : http://people.debian.org/~drazzib/openct/openct_0.6.20-1.1.dsc NMUdiff is here : http://people.debian.org/~drazzib/openct/openct+nmu+0.6.20-1.1.patch Eric, did you want some NMU ? Cheers, -- Damien - Debian Developper http://wiki.debian.org/DamienRaudeMorvan signature.asc Description: This is a digitally signed message part.
Bug#571335: closing 571335
# FTBFS fixed by 2.1-1 upload close 571335 2.1-1 thanks -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#571400: libhamcrest-java: FTBFS: java errors
d chroot. Did someone manage to reproduce it ? Cheers, -- Damien Raude-Morvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#559967: FTBFS [hppa]: method openConnection() in the type URL is not...
Hi, Le mardi 08 décembre 2009 01:59:27, dann frazier a écrit : > libxmlrpc3-java reliably fails to build on hppa: > > https://buildd.debian.org/build.php?&pkg=libxmlrpc3-java&ver=3.1.2-1&arch= > hppa&file=log > > From the most recent build attempt: [...] > [javac] 30. ERROR in > /build/buildd-libxmlrpc3-java_3.1.2-1-hppa-Bsgr47/libxmlrpc3-java-3.1.2/cl > ient/src/main/java/org/apache/xmlrpc/client/XmlRpcSun15HttpTransport.java > [javac] (at line 62) > [javac] final URLConnection conn = prox == null ? > pURL.openConnection() : pURL.openConnection(prox); [javac] > ^^ > [javac] The method openConnection() in the type URL is not applicable for > the arguments (Proxy) [javac] -- [...] There is someting wrong here regarding gcj-4.4 : AFAIK, on hppa there is no support for openjdk-6 so default-jdk is in fact gcj-4.4-jdk. This package (GCJ 4.4) is promoted as Java5 compliant (Provides: java5-sdk). libxmlrpc3-java source code seems ok, since openConnection(Proxy) method exist since Java 5 API. But from what I've tested on paer.debian.org, GCJ-4.4 can correctly *compile* Java 5 source code but doesn't provide *Java 5 library*. Is there anyone on debian-java with throughts on how to fix this ? Cheers, -- Damien Raude-Morvan - http://damien.raude-morvan.com/ signature.asc Description: This is a digitally signed message part.
Bug#543130: groovy: FTBFS: Nonexistent build-dependency: bnd
Hi, Just for the record, "bnd" package is currently waiting in NEW queue : <http://ftp-master.debian.org/new/bnd_0.0.337.1-2.html> Cheers, -- Damien Raude-Morvan - http://damien.raude-morvan.com/ signature.asc Description: This is a digitally signed message part.
Bug#543085: RFS: libhibernate3-java (FTBFS #543085)
Hi, I've made some changes to libhibernate3-java package to solve some issues. Most important one was a FTBFS (#543085) with default-jdk: I've B-D on java- gcj-compat-dev instead of default-jdk (as Ubuntu does). Here is the full changelog : [ Damien Raude-Morvan ] * Add myself as Uploaders * Build with java-gcj-compat-dev instead of default-jdk (OpenJDK-6) as Hibernate FTBFS with JDBC4 API. (Closes: #543085) <http://opensource.atlassian.com/projects/hibernate/browse/HHH-2412> * Bump Standards-Version to 3.8.3: - Move to "java" section of Debian archive - Move debian/README.Debian-source to debian/README.source - Describe quilt patch system in debian/README.source * debian/control: - Move ant and java-gcj-compat-dev to B-D-I (needed for clean target) - Fix Vcs-Svn field (use svn access instead of svn+ssh) - Add ${misc:Depends} for every binary package * debian/copyright: - Update copyright years - Update files locations regarding upstream tarball - Use LGPL-2.1 instead of LGPL symlink * Javadoc API: - Install Javadoc API to /usr/share/doc/libhibernate3-java/api/ - Register with doc-base If it's fine for you, could someone upload this release ? Cheers, -- Damien Raude-Morvan - http://damien.raude-morvan.com/ signature.asc Description: This is a digitally signed message part.
Bug#543085: libhibernate3-java: FTBFS: You must specify a valid JAVA_HOME or JAVACMD!
Le dimanche 23 août 2009 22:40:51, Torsten Werner a écrit : > On Sat, Aug 22, 2009 at 6:47 PM, Lucas Nussbaum wrote: > > During a rebuild of all packages in sid, your package failed to build on > > amd64. > > Any help is appriated: > > "[javac] > /tmp/buildd/libhibernate3-java-3.3.1.GA+dak1/project/core/src/main/java/org >/hibernate/jdbc/ResultSetWrapper.java:53: > org.hibernate.jdbc.ResultSetWrapper is not abstract and does not > override abstract method updateNClob(java.lang.String,java.io.Reader) > in java.sql.ResultSet > [javac] public class ResultSetWrapper implements ResultSet { > [javac]^ > [javac] > /tmp/buildd/libhibernate3-java-3.3.1.GA+dak1/project/core/src/main/java/org >/hibernate/lob/BlobImpl.java:39: org.hibernate.lob.BlobImpl is not abstract > and does not override > abstract method getBinaryStream(long,long) in java.sql.Blob > [javac] public class BlobImpl implements Blob { > [javac]^ > [javac] > /tmp/buildd/libhibernate3-java-3.3.1.GA+dak1/project/core/src/main/java/org >/hibernate/lob/ClobImpl.java:41: org.hibernate.lob.ClobImpl is not abstract > and does not override > abstract method getCharacterStream(long,long) in java.sql.Clob > [javac] public class ClobImpl implements Clob { > [javac]^ > [javac] > /tmp/buildd/libhibernate3-java-3.3.1.GA+dak1/project/core/src/main/java/org >/hibernate/lob/SerializableBlob.java:36: org.hibernate.lob.SerializableBlob > is not abstract and does not > override abstract method getBinaryStream(long,long) in java.sql.Blob > [javac] public class SerializableBlob implements Serializable, Blob { > [javac]^ > [javac] > /tmp/buildd/libhibernate3-java-3.3.1.GA+dak1/project/core/src/main/java/org >/hibernate/lob/SerializableClob.java:38: org.hibernate.lob.SerializableClob > is not abstract and does not > override abstract method getCharacterStream(long,long) in > java.sql.Clob > [javac] public class SerializableClob implements Serializable, Clob { > [javac]^" It's linked to default-jdk switch to JDBC6 An issue report [1] is open upstream on this subject, but it's not fixed and, sadly, proposed patch just add stubs methods. Ubuntu [2] build hibernate with an explicit dependencies on GCJ compiler. [1] http://opensource.atlassian.com/projects/hibernate/browse/HHH-2412 [2] http://patches.ubuntu.com/libh/libhibernate3-java/libhibernate3- java_3.3.1.GA+dak1-3ubuntu1.patch Cheers, -- Damien Raude-Morvan - http://damien.raude-morvan.com/ signature.asc Description: This is a digitally signed message part.
Bug#529493: libnsuml-java: Please remove build-dep on jikes-kaffe
Le lundi 17 août 2009 15:41:11, Barry deFreese a écrit : > Onkar Shinde wrote: > > On Mon, Aug 17, 2009 at 6:32 PM, Torsten Werner wrote: > >> On Mon, Aug 17, 2009 at 4:13 AM, Barry deFreese wrote: > >>> Bumping this to serious now since jikes has been removed from the > >>> archive. > >> > >> This broken package cannot be built with any jdom version that is > >> available in unstable. That is why I vote for removing it. Does > >> anybody object? > > > > +1 from me. > > > > The last upload is from September 2006. The last upstream release is > > from 2002. There are no rdepends. > > > > > > Onkar > > Certainly a +1 from me. In fact there are several of the jikes > r(b)depends that are RM: candidates IMWO. +1 for me too (libnsuml-java was uploaded by Arnaud Vandyck as a dependency for ArgoUML but since ArgoUML was RM from unstable some times ago...). Cheers, -- Damien Raude-Morvan / www.drazzib.com signature.asc Description: This is a digitally signed message part.
Bug#532065: java-gcj-compat-dev fails to install : Merging bugs
merge 532292 532065 stop I've commented #532292 before seeing #532065... Sorry. I came to the same conclusion as Rene and Daniel : add a Depends on gcj-4.3. -- Damien Raude-Morvan / www.drazzib.com signature.asc Description: This is a digitally signed message part.
Bug#521306: RFS: tomcat-native (updated package) (2nd try)
Dear mentors, I am looking for a sponsor for the new version 1.1.16-1 of "tomcat-native" package. It builds these binary packages: libtcnative-1 - Tomcat native library using the apache portable runtime The package appears to be lintian clean. The upload would fix these bugs: 514500, 517163 (RC), 521306 I've tested those fixes with tomcat6 and tomcat5.5 from unstable and debdiff seems clean. The package can be found on mentors.debian.net: dget http://mentors.debian.net/debian/pool/main/t/tomcat-native/tomcat- native_1.1.16-1.dsc or on pkg-java SVN-repository : debcheckout svn+ssh://svn.debian.org/svn/pkg-java/trunk/tomcat-native I would be glad if someone uploaded this package for me. Regards, -- Damien Raude-Morvan / www.drazzib.com signature.asc Description: This is a digitally signed message part.
Bug#512498: RFS: rhino: New debian package prepared (2nd try)
Hi, I've prepared new upstream release 1.7R2 of rhino in debian pkg-java SVN repository. It fix NPE #512498 at rhino startup (see debian/bin/rhino for moreinfo). Here is my changes : * New upstream release. - new 02_exclude-jdk15 patch to exclude already compiled classes for jdk15 rebuild: gcj doesn't handle compiling classes already on its classpath - new "rhino-debugger" launcher for Rhino Debugger Swing UI - update "rhino" launcher to exclude OpenJDK bundled rhino (Closes: #512498) * debian/{postinst,prerm }: scripts should take care of errors, add set -e before any instruction * debian/rules: add new get-orig-source target using uscan * debian/control: - Build-Depends on specialized default-jdk-builddep instead of default-jdk - Bump Standards-Version to 3.8.1: Wrap Uploaders field - add Depends on ${misc:Depends} I would be glade if someone review my changes and upload this package in unstable. The package can be found on mentors.debian.net: - dget http://mentors.debian.net/debian/pool/main/r/rhino/rhino_1.7R2-1.dsc or on debian pkg-java SVN repository - svn+ssh://svn.debian.org/svn/pkg-java/trunk/rhino Cheers, -- Damien Raude-Morvan / www.drazzib.com signature.asc Description: This is a digitally signed message part.
Bug#512498: rhino: New debian package prepared
Hi, I've prepared new upstream release 1.7R2 of rhino in debian pkg-java SVN repository. It fix this NPE at rhino startup (see debian/bin/rhino for moreinfo). Here is my changes : [ Damien Raude-Morvan ] * New upstream release. - new 02_exclude-jdk15 patch to exclude already compiled classes for jdk15 rebuild: gcj doesn't handle compiling classes already on its classpath - new "rhino-debugger" launcher for Rhino Debugger Swing UI - update "rhino" launcher to exclude OpenJDK bundled rhino (Closes: #512498) * debian/{postinst,prerm }: scripts should take care of errors, add set -e before any instruction * debian/rules: add new get-orig-source target using uscan * debian/control: - Build-Depends on specialized default-jdk-builddep instead of default-jdk - Bump Standards-Version to 3.8.1: Wrap Uploaders field - add Depends on ${misc:Depends} I would be glade if someone review my changes and upload this package in unstable. Cheers, -- Damien Raude-Morvan / www.drazzib.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#523054: libapache2-mod-jk: [SECURITY] CVE-2008-5519: Apache Tomcat mod_jk
Package: libapache2-mod-jk Version: 1:1.2.26-2 Severity: grave Tags: security Justification: user security hole The Apache Tomcat Security Team has released the following advisory : Vulnerability announcement: CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability Severity: important Vendor: The Apache Software Foundation Versions Affected: mod_jk 1.2.0 to 1.2.26 Description: Situations where faulty clients set Content-Length without providing data, or where a user submits repeated requests very quickly may permit one user to view the response associated with a different user's request. Mitigation: Upgrade to mod_jk 1.2.27 or later Example: See description Credit: This issue was discovered by the Red Hat Security Response Team References: http://tomcat.apache.org/security.html http://tomcat.apache.org/security-jk.html -- Damien Raude-Morvan signature.asc Description: PGP signature
Bug#521945: FTBFS: missing Build-Depends on ure
> Hi, Hi Rene, > Damien Raude-Morvan wrote: >> [javac] 20. ERROR in /home/drazzib/Dev/debian- >> pkg/work/rebuild/build/writer2latex/writer2latex-0.5.0.2/sourc >> [javac] e/writer2latex/filter/ByteArrayXStream.java (at line 39) >> [javac] import com.sun.star.io.XStream; >> [javac] ^^^ >> [javac] The import com.sun.star.io cannot be resolved > > Weird. All the jars it needs are in /usr/share/java/openoffice, which > is in openoffice.org-java-common on which writer2latex *does* build-depend AFAIK, "com.sun.star.io.XStream" is not in any JAR files of openoffice.org-java-common. I've found this import in /usr/share/java/openoffice/ridl.jar which is : [~]$ dpkg -S /usr/share/java/openoffice/ridl.jar ure: /usr/share/java/openoffice/ridl.jar I've not suggested to add a B-D on "ure" randomly ;) >> There seems to be some missing Build-Depends on "ure" package. > > ... and the jars in /usr/lib/ure/share are symlinks to those files. > (well, arguably, they might better be the other way round, but...) > > That said, I can confirm that adding "ure" to the builddeps fixes the > failure, though. ridl.jar is not the only JAR file in "ure" package. [~]$ dpkg -L ure | grep "/usr/share/java/openoffice/.*" /usr/share/java/openoffice/ridl.jar /usr/share/java/openoffice/JREProperties.class /usr/share/java/openoffice/unoloader.jar /usr/share/java/openoffice/juh.jar /usr/share/java/openoffice/jurt.jar /usr/share/java/openoffice/java_uno.jar Cheers, -- Damien Raude-Morvan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#518446: doxia-sitetools: FTBFS: java.lang.reflect.InvocationTargetException
Hi, I've successfuly built doxia-sitetools 1.0-alpha-11-3 in a sid chroot using two packages from experimental : * libmodello-java 1.0-alpha-21-1 * libdoxia-java 1.0-alpha-11-2 I think those packages should be uploaded to unstable since Lenny is now released. Cheers, -- Damien Raude-Morvan / www.drazzib.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#508132: disks-admin : crash
Distribution: Debian 4.0 Package: gnome-system-tools Severity: critical Version: GNOME2.14.3 unspecified Gnome-Distributor: Debian Synopsis: disks-admin : crash Bugzilla-Product: gnome-system-tools Bugzilla-Component: general Bugzilla-Version: unspecified BugBuddy-GnomeVersion: 2.0 (2.14.1) Description: Description of the crash: This happens on a powerpc laptop (iBook 12" G4), with Debian Etch PPC. In the disks-admin window ("Disks manager"), I have two hard disks displayed on the left column; whereas my laptop has only one. The first Hard Drive is OK and is entitled correctly according to my hardware. However, there shouldn't be a second HD displayed. The crash happens when I try to select the second HD displayed; Steps to reproduce the crash: 1. Open the Disks Manager tool 2. Entering the root passwd 3. Selecting the second Hard Drive displayed Expected Results: Crash of the application How often does this happen? always; the crash is reproducible Additional Information: Debugging Information: Backtrace was generated from '/usr/bin/disks-admin' (no debugging symbols found) Using host libthread_db library "/lib/libthread_db.so.1". (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) [Thread debugging using libthread_db enabled] [New Thread 805547200 (LWP 5079)] (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) 0x0ea01254 in __waitpid_nocancel () from /lib/libpthread.so.0 #0 0x0ea01254 in __waitpid_nocancel () from /lib/libpthread.so.0 #1 0x0ffa2728 in gnome_gtk_module_info_get () from /usr/lib/libgnomeui-2.so.0 #2 #3 0x0e958c44 in g_list_first () from /usr/lib/libglib-2.0.so.0 #4 0x100089f4 in ?? () #5 0x100061ac in ?? () #6 0x1000670c in ?? () #7 0x100109a8 in ?? () #8 0x10008e48 in ?? () #9 0x10007eec in ?? () #10 0x100124f8 in ?? () #11 0x0eb83150 in g_cclosure_marshal_VOID__VOID () from /usr/lib/libgobject-2.0.so.0 #12 0x0eb7235c in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #13 0x0eb869e4 in g_signal_chain_from_overridden () from /usr/lib/libgobject-2.0.so.0 #14 0x0eb87cec in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #15 0x0eb87ebc in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 #16 0x0f67b998 in _gtk_tree_selection_internal_select_node () from /usr/lib/libgtk-x11-2.0.so.0 #17 0x0f68f5c8 in gtk_tree_view_scroll_to_cell () from /usr/lib/libgtk-x11-2.0.so.0 #18 0x0f69d484 in _gtk_tree_view_column_autosize () from /usr/lib/libgtk-x11-2.0.so.0 #19 0x0f5975b8 in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0 #20 0x0eb7057c in g_value_set_boxed () from /usr/lib/libgobject-2.0.so.0 #21 0x0eb7235c in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #22 0x0eb86b30 in g_signal_chain_from_overridden () from /usr/lib/libgobject-2.0.so.0 #23 0x0eb87a7c in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #24 0x0eb87ebc in g_signal_emit () from /usr
Bug#491708: libibatis-java: Include missing DTD files in the JAR archive.
tags 123456 patch thanks Hi, A patch is included in this bug report which handle inclusion of DTD files in IBatis debian package. Debian Java Maintainers, you may want to upload a new version of iBatis to close this RC bug. Cheers, -- Damien Raude-Morvan / www.drazzib.com signature.asc Description: This is a digitally signed message part.
Bug#467486: New on this issue ?
Hi, There is no news on this issue since Apr, 10th 2008. Is there a new Kaffe version ready to upload ? Cheers, -- Damien Raude-Morvan / www.drazzib.com signature.asc Description: This is a digitally signed message part.
Bug#460611: amsn: Loading TkCximage failed
Hello, I have the same bug on a Debian i386/testing. Please tell me if you want further information or help. Cheers and thanks for your work :) Damien $ dpkg --status amsn Package: amsn Status: install ok installed Priority: optional Section: x11 Installed-Size: 15130 Maintainer: Theodore Karkoulis <[EMAIL PROTECTED]> Architecture: i386 Version: 0.97b-svn8944 Replaces: ccmsn Depends: tcl8.5, tk8.5, tcltls, libc6 (>= 2.3.6-6), libgcc1 (>= 1:4.1.1-12), libjpeg62, libpng12-0 (>= 1.2.13-4), libstdc++6 (>= 4.1.1-12), libx11-6, zlib1g (>= 1:1.2.1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#391772: bonsai: posinst uses several non-essential perl pacakges
Package: bonsai Severity: serious Justification: Policy 7.2 bonsai postinst is written in perl and uses these modules use Crypt; use File::Find; use Debconf::Client::ConfModule ':all'; use DBI; Most of them are optional Furthermore, it can't be installed without mysql-server, which is in recommends, and not depends This bug is probably related to #390325 I think all this postinst script is wrong and should be removed and even the package itself should be removed at least from etch (I don't know if there are many users, but the popcon says it has been installed 6 times) The maintainer seems not to be very active (other bugs are 5 years old and tagged "help"), so I think someone else would have to take the decision to remove it or not. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-1-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#314847: maildrop does not deliver because of dotlock problem
What about this suggestion I made : > So I guess the packaging of 2.0.2 is broken, and that it has been > compiled in "depending on the full courier framework" mode instead of > standalone mode (seems the configure script is trying to detect this, > but this can be bypassed with --disable-authlib --- not I did not have > to use it on my computer to get it right). ? Does maildrop really have to use courier-authlib at all ? I thought this package was inteded for standalone use only, else it would be called courier-maildrop... Best, -- Damien Wyart -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#314847: maildrop does not deliver because of dotlock problem
* Josip Rodin <[EMAIL PROTECTED]> [2006-08-28 17:22]: I've tried to > reproduce it now, and it seems that it's a full-blown link instead of > a dynamic open. Please install courier-authlib in the meantime. I'll > investigate if it should become more optional. Ok, I have installed it to test once again. > > temporary failure. Command output: ERR: authdaemon: s_connect() failed: > > Permission denied /usr/bin/maildrop: Temporary authentication failure. > What user are you running maildrop with? That's what I meant by "even > then you need a privileged user to run it, I think." maildrop is only run by one local user, from his .forward file. > [...] But more to the point, what user are you trying to run > maildrop -d with, and what is your expected behaviour? What do you > expect from the -d option? -d ${USER} in .forward has been used because of a suggestion to do so in MAILDROP_README of the postfix distribution... I guess this is not correct (with recent maildrops). > Since the initial bug report says you run it from a .forward file, can you > instead try simply omitting the -d option altogether? When -d is omitted, this works ok (when courier-authlib is installed). Thanks for clarifying this. The last thing I do not understand is that the maildrop that had been compiled and installed manually is not suid at all, and the -d ${USER} works ok. I guess this is because the ${USER} is replaced by same id as the one owning the maildrop process (this is the same user). The doc of maildrop seems to tell that this case of using -d is ok. But with the debian version (2.0.2), this doesn't work, so this seems related to courier-authlib... With my own compiled version, I do not get the ERR: authdaemon: s_connect() failed: No such file or directory /usr/bin/maildrop: Temporary authentication failure. error at all when using -d ${USER} in .forward. Thanks for your help, -- Damien Wyart -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#314847: maildrop does not deliver because of dotlock problem
Hello, Thanks for your feedback on this problem. * Josip Rodin <[EMAIL PROTECTED]> [060828 02:28]: > This was supposed to be delivering to /var/mail, or some other folder? > What are the permissions on it? This was /var/mail, with standard permissions. Version 1.5 of maildrop was working without problem. > > Also, courier-authlib is not listed in dependencies, so if it is not > > installed by hand, maildrop fails because it doesn't find authlib. > maildrop 2.x, available in package since recently, tries to use > authdaemon when you run it with -d, and even then you need > a privileged user to run it, I think. After seeing that 2.0.2 was in experimental --- had not followed it closely (my tests & bug were from 1.8), I retried installing it again today, and first got messages like this : Command died with status 127: "/usr/bin/maildrop -d ${USER}". Command output: /usr/bin/maildrop: error while loading shared libraries: libcourierauth.so.0: cannot open shared object file: No such file or directory So the problem of dependency on courier-authlib is still the same. Installing maildrop should have it work by default, not complain on a missing lib ! After installing courier-authlib, errors messages indicated that I should install courier-authdaemon... And after installing this one, messages read like this from the MTA : temporary failure. Command output: ERR: authdaemon: s_connect() failed: Permission denied /usr/bin/maildrop: Temporary authentication failure. So I guess I would again need to configure something else to make it work, which is inacceptable. maildrop 1.5 was working like a charm without configuring anything, so 2.0.2 should work the same way. And of course the problems I just described are not described anywhere in the maildrop debian docs... Just in case you reply that maildrop 2.0.X works like this, I have to answer no, because since this bug report last year, as I got no reply, I compiled maildrop 2.0.2 by hand (some months ago) without any special option, and it worked flawlessly, like 1.5 (Debian package) was. So I guess the packaging of 2.0.2 is broken, and that it has been compiled in "depending on the full courier framework" mode instead of standalone mode (seems the configure script is trying to detect this, but this can be bypassed with --disable-authlib --- not I did not have to use it on my computer to get it right). * Josip Rodin <[EMAIL PROTECTED]> [060828 02:49]: > Oh, I think I get it. Do you perhaps use relative paths in your > .mailfilter file? What is the current working directory of the > maildrop process at that point? Just to be precise : no, my paths in .mailfilter are not relative. If you need more info, do not hesitate to contact me. Best regards, -- Damien Wyart -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#378173: sear: Seg fault on startup after installation
Package: sear Version: 0.6.1-1 Severity: grave Justification: renders package unusable I just installed sear to try out Mason. When I run it, here is what I get : ~ $ sear Starting Sear Sprite compass_case has no filename defined Sprite compass_needle has no filename defined Sprite compass_needle_shadow has no filename defined Error: Varconf Error: Varconf Error: could not open configuration file "/home/heretik/.sear//general.cfg" for input. Error: Error processing /home/heretik/.sear//bindings.cfg reading sprite config at /usr/share/sear/sear-media-0.6//sprites.cfg /usr/games/sear: line 24: 8424 Segmentation fault $bindir/sear-bin And in my .sear directory which has just been created : ~ $ ls .sear startup.script -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-1-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8) Versions of packages sear depends on: ii libaa1 1.4p5-30 ascii art library ii libartsc0 1.5.3-2 aRts sound system C support librar ii libasound2 1.0.11-7 ALSA library ii libatlas-cpp-0.6-0 0.5.98-3 The protocol library of the World ii libaudio2 1.8-1 The Network Audio System (NAS). (s ii libaudiofile0 0.2.6-6 Open-source version of SGI's audio ii libc6 2.3.6-15 GNU C Library: Shared libraries ii libcal3d11c2a 0.10.0-7 Skeletal based 3d character animat ii liberis-1.3-11 1.3.10-2 The WorldForge client entity libra ii libesd-alsa0 [libe 0.2.36-3 Enlightened Sound Daemon (ALSA) - ii libgcc11:4.1.1-8 GCC support library ii libgl1-mesa-glx [l 6.4.2-1 A free implementation of the OpenG ii libglib2.0-0 2.10.3-3 The GLib library of C routines ii libglu1-mesa [libg 6.4.2-1 The OpenGL utility library (GLU) ii libguichan00.4.0-4 Guichan is a small, efficient C++ ii libjpeg62 6b-13 The Independent JPEG Group's JPEG ii libmd3-1 0.1.92-1 library to handle Quake .md3 files ii libmercator-0.2-4c 0.2.4-3 WorldForge terrain library ii libncurses55.5-2 Shared libraries for terminal hand ii libogg01.1.3-2 Ogg Bitstream Library ii libpng12-0 1.2.8rel-5.1 PNG library - runtime ii libsage0 0.1.2-1 Supports OpenGL in SDL application ii libsdl-image1.21.2.5-1 image loading library for Simple D ii libsdl-mixer1.21.2.6-1.1+b1 mixer library for Simple DirectMed ii libsdl1.2debian1.2.10-3 Simple DirectMedia Layer ii libsigc++-2.0-0c2a 2.0.16-3 type-safe Signal Framework for C++ ii libskstream-0.3-3 0.3.5-1 Isostream C++ socket library ii libslang2 2.0.6-2 The S-Lang programming library - r ii libsmpeg0 0.4.5+cvs20030824-1.8 SDL MPEG Player Library - shared l ii libstdc++6 4.1.1-8 The GNU Standard C++ Library v3 ii libsvga1 1:1.4.3-23console SVGA display libraries ii libtiff4 3.8.2-5 Tag Image File Format (TIFF) libra ii libvarconf-1.0-6 0.6.4-1 WorldForge configuration file hand ii libvorbis0a1.1.2-1 The Vorbis General Audio Compressi ii libvorbisfile3 1.1.2-1 The Vorbis General Audio Compressi ii libwfmath-0.3-3c2a 0.3.4-4 WorldForge math library ii libx11-6 2:1.0.0-7 X11 client-side library ii libxext6 1:1.0.0-4 X11 miscellaneous extension librar ii libxt6 1:1.0.0-5 X11 toolkit intrinsics library ii sear-media 0.6-20060204-13D client for the Worldforge game ii zlib1g 1:1.2.3-13compression library - runtime sear recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#369159: alsaplayer-common: Can't play sound anymore
Package: alsaplayer-common Version: 0.99.76-7 Severity: grave Justification: renders package unusable Many applications which use alsa can't play sound anymore and some can't even start. I don't know what is the exact guilty package, all I know is it's related to alsa. When I start alsaplayer, I get the following error : Failed to load output plugin "alsa". Trying defaults. /usr/lib/alsaplayer/output/libalsa_out.so: symbol snd_pcm_hw_params_set_periods_near, version ALSA_0.9.0rc4 not defined in file libasound.so.2 with link time reference My soundcard is an Intel AC97. lspci says : Multimedia audio controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller (rev 03) -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-1-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8) Versions of packages alsaplayer-common depends on: ii alsaplayer-alsa [alsaplayer- 0.99.76-7 PCM player designed for ALSA (ALSA ii alsaplayer-gtk [alsaplayer-i 0.99.76-7 PCM player designed for ALSA (GTK ii libc62.3.6-9 GNU C Library: Shared libraries ii libflac7 1.1.2-4 Free Lossless Audio Codec - runtim ii libgcc1 1:4.1.0-4 GCC support library ii libid3tag0 0.15.1b-8 ID3 tag reading library from the M ii libmad0 0.15.1b-2.1 MPEG audio decoder library ii libmikmod2 3.1.11-a-6 A portable sound library ii libogg0 1.1.3-2 Ogg Bitstream Library ii liboggflac3 1.1.2-4 Free Lossless Audio Codec - runtim ii libsndfile1 1.0.15-3Library for reading/writing audio ii libstdc++6 4.1.0-4 The GNU Standard C++ Library v3 ii libvorbis0a 1.1.2-1 The Vorbis General Audio Compressi ii libvorbisfile3 1.1.2-1 The Vorbis General Audio Compressi ii zlib1g 1:1.2.3-11 compression library - runtime alsaplayer-common recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#350718: sylpheed-claws-gtk2: Depends on libetpan3 (>=0.40-1) but libetpan3 is no more in the pool
Package: sylpheed-claws-gtk2 Severity: grave Justification: renders package unusable Sylpheed-claws-gtk2 (version 1.9.100-2) depends on libetpan3 which is not installable. libetpan3 has been replaced by libetpan6. Dependency must be changed from libetpan3 to libetpan6. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-1-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) ___ Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international. Téléchargez sur http://fr.messenger.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]