Bug#311264: kwiki is not in testing
Package: kwiki Version: 0.36-1 Severity: whishlist Justification: kwiki is not in testing kwiki is not in testing, therefor, bug should be important. see here http://bjorn.haxx.se/debian/testing.pl?package=kwiki . package is not, and will not be in testing. regards, Luis Matos ... debian user -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#400826: policy violation /usr/share/trac/conf
merge 400826 386415 thanks this bug is already reported and a patch is available. the maintainer is not answering any emails about bugs. -- Best Regards, -- Luis Matos -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#400826: policy violation /usr/share/trac/conf
Sorry for the complains ... but i had sent you several emails asking for comment ... mainly because in the last upload several bugs could had been closed. i noticed that you commented other bug report. I told that just to caught your attention. thanks. Qua, 2006-11-29 às 22:13 +0100, Jesus Climent escreveu: > On Wed, Nov 29, 2006 at 08:01:35PM +0000, Luis Matos wrote: > > merge 400826 386415 > > > > thanks > > > > this bug is already reported and a patch is available. > > > > the maintainer is not answering any emails about bugs. > > That comment was unnecessary, since the maintainer has been answering emails > about bugs. > > I am planning to prepare an upload version based on 0.10.3-dev tomorrow at > work, since i have had a busy personal life. > > Thanks for your bugs reports. > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#386415: closes also 337243
i think that closing this bug also closes 337243. thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#401373: python2.4-minimal: Package fails to configure on install
Package: python2.4-minimal Version: 2.4.4-1 Severity: grave Justification: renders package unusable Python2.4-minimal fails to install: dpkg --configure python2.4-minimal Setting up python2.4-minimal (2.4.4-1) ... Linking and byte-compiling packages for runtime python2.4... pycentral: pycentral rtinstall: package spe: already exists: /usr/lib/python2.4/site-packages/_spe/doc pycentral rtinstall: package spe: already exists: /usr/lib/python2.4/site-packages/_spe/doc dpkg: error processing python2.4-minimal (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: python2.4-minimal -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-1-amd64 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages python2.4-minimal depends on: ii libc62.3.6.ds1-8 GNU C Library: Shared libraries ii zlib1g 1:1.2.3-13 compression library - runtime python2.4-minimal recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#409725: libclucene-dev: Can't compile against CLucene.h
Package: libclucene-dev Version: 0.9.16a-1 Severity: grave Justification: renders package unusable I cant compile against CLucene, log available in: http://www.copypot.com/1535 . -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-amd64 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages libclucene-dev depends on: ii libc6-dev 2.3.6.ds1-10 GNU C Library: Development Librari ii libclucene0 0.9.16a-1library for full-featured text sea libclucene-dev recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#420351: hpijs: hp PSC1400 does not drop ink(!) it does all movements
Package: hpijs Version: 2.6.10+1.6.10-3 Severity: grave Justification: renders package unusable *** Please type your report below this line *** My printer is a hp PSC 1400 . it is detected. Recommended driver is hpijs hp psc 1400. when i send something to print, the printer prints, but the sheet comes clean ... without any ink. It is really strange. it's own test page prints normally. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=pt_PT.UTF-8, LC_CTYPE=pt_PT.UTF-8 (charmap=UTF-8) Versions of packages hpijs depends on: ii gs-esp 8.15.3.dfsg.1-1 The Ghostscript PostScript interpr ii libc62.3.6.ds1-13GNU C Library: Shared libraries ii libgcc1 1:4.1.1-21 GCC support library ii libjpeg626b-13 The Independent JPEG Group's JPEG ii libsnmp9 5.2.3-7 NET SNMP (Simple Network Managemen ii libssl0.9.8 0.9.8c-4SSL shared libraries ii libstdc++6 4.1.1-21The GNU Standard C++ Library v3 ii libusb-0.1-4 2:0.1.12-5 userspace USB programming library hpijs recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#414134: details for fixes and patch
Followup-For: 414134
Tags: patch
link for diff's between 0.10.3 an 0.10.3.1:
http://trac.edgewall.org/changeset/4949
http://trac.edgewall.org/changeset/4949?format=diff&new=4949
stripped diff (only has the fixes) is attached.
Index: trac/attachment.py
===
--- trac/attachment.py (revision 4383)
+++ trac/attachment.py (revision 4949)
@@ -292,8 +292,8 @@
render_unsafe_content = BoolOption('attachment', 'render_unsafe_content',
'false',
-"""Whether non-binary attachments should be rendered in the browser, or
+"""Whether attachments should be rendered in the browser, or
only made downloadable.
-Pretty much any text file may be interpreted as HTML by the browser,
+Pretty much any file may be interpreted as HTML by the browser,
which allows a malicious user to attach a file containing cross-site
scripting attacks.
@@ -556,20 +556,22 @@
format = req.args.get('format')
if format in ('raw', 'txt'):
-if not self.render_unsafe_content and not binary:
-# Force browser to download HTML/SVG/etc pages that may
-# contain malicious code enabling XSS attacks
-req.send_header('Content-Disposition', 'attachment;' +
-'filename=' + attachment.filename)
-if not mime_type or (self.render_unsafe_content and \
- not binary and format == 'txt'):
-mime_type = 'text/plain'
+if not self.render_unsafe_content:
+# Force browser to download files instead of rendering
+# them, since they might contain malicious code enabling
+# XSS attacks
+req.send_header('Content-Disposition', 'attachment')
+if format == 'txt':
+ mime_type = 'text/plain'
+elif not mime_type:
+mime_type = 'application/octet-stream'
if 'charset=' not in mime_type:
charset = mimeview.get_charset(str_data, mime_type)
mime_type = mime_type + '; charset=' + charset
+
req.send_file(attachment.path, mime_type)
# add ''Plain Text'' alternate link if needed
-if self.render_unsafe_content and not binary and \
- mime_type and not mime_type.startswith('text/plain'):
+if (self.render_unsafe_content and
+mime_type and not mime_type.startswith('text/plain')):
plaintext_href = attachment.href(req, format='txt')
add_link(req, 'alternate', plaintext_href, 'Plain Text',
Index: trac/mimeview/api.py
===
--- trac/mimeview/api.py (revision 4380)
+++ trac/mimeview/api.py (revision 4949)
@@ -605,6 +605,6 @@
req.send_response(200)
req.send_header('Content-Type', output_type)
-req.send_header('Content-Disposition', 'filename=%s.%s' % (filename,
- ext))
+req.send_header('Content-Disposition', 'attachment; filename=%s.%s' %
+(filename, ext))
req.end_headers()
req.write(content)
Index: trac/versioncontrol/web_ui/browser.py
===
--- trac/versioncontrol/web_ui/browser.py (revision 3618)
+++ trac/versioncontrol/web_ui/browser.py (revision 4949)
@@ -22,5 +22,5 @@
from trac import util
-from trac.config import ListOption, Option
+from trac.config import ListOption, BoolOption, Option
from trac.core import *
from trac.mimeview import Mimeview, is_binary, get_mimetype
@@ -58,4 +58,16 @@
(''since 0.10'')""")
+render_unsafe_content = BoolOption('browser', 'render_unsafe_content',
+'false',
+"""Whether attachments should be rendered in the browser, or
+only made downloadable.
+
+Pretty much any file may be interpreted as HTML by the browser,
+which allows a malicious user to attach a file containing cross-site
+scripting attacks.
+
+For public sites where anonymous users can create attachments it is
+recommended to leave this option disabled (which is the default).""")
+
# INavigationContributor methods
@@ -217,4 +229,9 @@
req.send_header('Content-Length', node.content_length)
req.send_header('Last-Modified', http_date(node.last_modified))
+if not self.render_unsafe_content:
+# Force browser to download files instead of rendering
+# them, since they might contain malicious code enabling
+# XSS attacks
+
Bug#384381: followup
also, opening http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&version=all&exact=0&keywords=libapache2-mod-python we can see that there is no ...python2.4 or python2.3, just -python so is a python 2.4 module. Also see this bug: #393927 against libapache2-mod-python. -- Best Regards, -- Luis Matos -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#384381: urgent upload of trac
seeing http://packages.debian.org/libapache2-mod-python libapache2-mod-python has python2.4 dependency for version >3.2.10-1 so, just add this to trac dependencies libapache2-mod-python(>=3.2.10-1) | libapache2-mod-python2.4 and i think it will solve. -- Best Regards, -- Luis Matos -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
