Bug#535434: ia32-apt-get freezes system when aptitude update is run when 'None' mode is selected
This also applies to the apt-get wrapper. In 'None' mode, it does not append the .real suffix either. The fix is similar, so I've not included a patch for it. -- Ed signature.asc Description: Digital signature
Bug#535434: ia32-apt-get freezes system when aptitude update is run when 'None' mode is selected
Package: ia32-apt-get Version: 20 Severity: grave Tags: patch Justification: renders package unusable ia32-apt-get freezes the system by exhausting all entries in the process table when aptitude update is run when ALLOWED is set to none. It does this because the wrapper does not append .real to the called name when calling the real aptitude, causing the wrapper to call itself over and over again until there is no more room in the process table. Attached is a patch that fixes this. -- System Information: Debian Release: squeeze/sid APT prefers transitional APT policy: (500, 'transitional'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages ia32-apt-get depends on: ii debconf 1.5.26 Debian configuration management sy ii ia32-libs-tools 20 Tools for converting i386 debs for ia32-apt-get recommends no packages. ia32-apt-get suggests no packages. -- debconf information: * ia32-apt-get/allowed-packages: None ia32-apt-get/undo-old-sources-list: --- /usr/bin/aptitude 2009-07-01 11:12:14.0 -0400 +++ /tmp/aptitude 2009-07-02 00:22:12.0 -0400 @@ -21,7 +21,7 @@ # Wrap nothing if not allowed if [ "$ALLOWED" = "None" ]; then - "$0" "$@" + "$0".real "$@" exit $? fi
Bug#479207: cannot install perl on ppc
Package: perl Severity: grave Justification: renders package unusable When trying to install perl on freshly installed PPC sid system: The following packages are BROKEN: perl-doc perl-modules The following NEW packages will be installed: perl 0 packages upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 15.2MB of archives. After unpacking 43.8MB will be used. The following packages have unmet dependencies: perl-modules: Depends: perl (>= 5.10.0-1) but 5.8.8-12 is to be installed. perl-doc: Depends: perl (>= 5.10.0-1) but 5.8.8-12 is to be installed. Resolving dependencies... Unable to resolve dependencies! Giving up... The following packages are BROKEN: perl-doc perl-modules The following NEW packages will be installed: perl 0 packages upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 15.2MB of archives. After unpacking 43.8MB will be used. aptitude failed to find a solution to these dependencies. You can solve them yourself by hand or type 'n' to quit. The following packages have unmet dependencies: perl-modules: Depends: perl (>= 5.10.0-1) but 5.8.8-12 is to be installed. perl-doc: Depends: perl (>= 5.10.0-1) but 5.8.8-12 is to be installed. Resolve these dependencies by hand? [N/+/-/_/:/?] n Abort. This makes perl uninstallable on sid on the PPC. (Not sure if this carries over to other archs.) -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Kernel: Linux 2.6.24-1-powerpc Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#401898: gnupg: remotely controllable function pointer
Package: gnupg Version: 1.4.5-3 Severity: grave Tags: security Justification: user security hole According to an email that was sent to the gnupg-announce mailing list, the version of gnupg in unstable (as well as in stable) is vulnerable to remote attack. By introducing a malformed OpenPGP packet, an attacker can dereference a function pointer in GnuPG which can be used to control the data processed by GnuPG. All versions before 1.4.6 are affected, and the recommended fix is to upgrade to 1.4.6. -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-2-amd64 Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages gnupg depends on: ii gpgv 1.4.5-3 GNU privacy guard - signature veri ii libbz2-1.0 1.0.3-6 high-quality block-sorting file co ii libc62.3.6.ds1-8 GNU C Library: Shared libraries ii libldap2 2.1.30-13.2 OpenLDAP libraries ii libreadline5 5.2-1 GNU readline and history libraries ii libusb-0.1-4 2:0.1.12-2 userspace USB programming library ii makedev 2.3.1-83creates device files in /dev ii zlib1g 1:1.2.3-13 compression library - runtime gnupg recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
