Bug#478502: gnugk - FTBFS: Segmentation fault
IIRC: [22:31] pos gnugk looks like 2.2.6 for lenny due to the recent comments on the RC bug against 2.2.7 [22:33] tzafrir_laptop 1.4.11 [22:36] paravoid pos: gnugk didn't work on 2.2.6 either [22:36] paravoid pwlib-titan basically has severe problems for an unknown reason -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#487654: [Pkg-hpijs-devel] Bug#487654: (pas de sujet)
forwarded 487654 https://bugs.launchpad.net/hplip/+bug/239755 tags 487654 moreinfo thanks On Tue, 24 Jun 2008, frederic wrote: Traceback (most recent call last): File /usr/share/hplip/ui/devmgr4.py, line 601, in InitialUpdate self.RescanDevices() File /usr/share/hplip/ui/devmgr4.py, line 1042, in RescanDevices self.DeviceListRefresh() File /usr/share/hplip/ui/devmgr4.py, line 866, in DeviceListRefresh if dev.fax_type: AttributeError: 'Device' object has no attribute 'fax_type'/ Fredric, This looks like the same bug as reported upstream, please have a look at the URL above. This is supposed to be fixed in version 2.8.6 which I have just uploaded to unstable. Can you install version 2.8.6 from unstable and report the results? If 2.8.6 is still broken, could I ask you to use reportbug, as that will now provide more debug information. Thanks, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#487031: setting package to cupsddk-drivers cupsddk, tagging 487031
# Automatically generated email from bts, devscripts version 2.10.30 # via tagpending # # cupsddk (1.2.3-3) unstable; urgency=low # # * Build-Depends: libcupsys2-dev, libcupsimage2-dev #- FTBFS: Nonexistent build-dependency: libcupsys-dev (Closes: #487031) # package cupsddk-drivers cupsddk tags 487031 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#487654: [Pkg-hpijs-devel] Bug#487654: More Detail
On Mon, 23 Jun 2008, frederic.decou wrote: I've omited to give details ! After upgrading from 2.8.4-1 to 2.8.5-1 the printers are nore more visible une hp-toolbox (all printer ere ethernet printers, i've no locale printers) After downgrading from 2.8.5-1 to 2.8.4-1 (dpkg -i from the .deb available une /var/cache/archive/) the printers are OK Frederic, There have been a lot of bug reports about using non-en locales and hp-toolbox not working. Could you try: $ LANG=C; LC_ALL=c hp-toolbox and report the results. Thanks, Mark signature.asc Description: This is a digitally signed message part.
Bug#475809: Debian Bug report logs - #475809 iaxclient_2.0.2-2(sparc/unstable): FTBFS: Memory barriers are not defined
The fix provided here also looks useful: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406754 signature.asc Description: This is a digitally signed message part.
Bug#482735: Fwd: [Pkg-hpijs-devel] Bug#482735: hplip should depend on python-qt3
Dear python-qt4 dudes, I'm the hplip maintainer and I'm having an issue with the transition of hplip from python-qt3 to python-qt4, and need some assistance as I'm not that up to speed with python. In short hplip should now be using python-qt4, but for some reason it still calls some elements of python-qt3 as well as python-qt4. What have I done wrong? Mark -- Forwarded Message -- Subject: [Pkg-hpijs-devel] Bug#482735: hplip should depend on python-qt3 Date: Sun, 25 May 2008 From: Nikos Asimakis [EMAIL PROTECTED] To: [EMAIL PROTECTED] Package: hplip Version: 2.8.4-1 When I try to launch /usr/bin/hp-toolbox (included in hplip) the program doesn't start and the following get's printed in the terminal: HP Linux Imaging and Printing System (ver. 2.8.4) HP Device Manager ver. 13.1 Copyright (c) 2001-8 Hewlett-Packard Development Company, LP This software comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to distribute it under certain conditions. See COPYING file for more details. error: PyQt not installed. GUI not available. Exiting. warning: Qt/PyQt initialization failed. error: hp-toolbox requires GUI support. Exiting. Likewise when I try to launch HPLIP Fax Utility (sh -c 'STARTED_FROM_MENU=yes /usr/bin/hp-sendfax') a window appears which informs me I should install python-qt3 After installing python-qt3 manually the problem is resolved. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=el_GR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages hplip depends on: ii adduser 3.107 add and remove users and groups ii coreutils6.10-3 The GNU core utilities ii cupsys 1.3.7-5 Common UNIX Printing System(tm) - ii hplip-data 2.8.4-1 HP Linux Printing and Imaging - da ii libc62.7-10 GNU C Library: Shared libraries ii libcupsys2 1.3.7-5 Common UNIX Printing System(tm) - ii libdbus-1-3 1.2.1-2 simple interprocess messaging syst ii libjpeg626b-14 The Independent JPEG Group's JPEG ii libsane 1.0.19-6API library for scanners ii libsnmp155.4.1~dfsg-7+b1 SNMP (Simple Network Management Pr ii libssl0.9.8 0.9.8g-10 SSL shared libraries ii libusb-0.1-4 2:0.1.12-11 userspace USB programming library ii lsb-base 3.2-11 Linux Standard Base 3.2 init scrip ii python 2.5.2-1 An interactive high-level object-o ii python-dbus 0.82.4-2simple interprocess messaging syst ii python-imaging 1.1.6-2 Python Imaging Library ii python-support 0.7.7 automated rebuilding support for P Versions of packages hplip recommends: ii cupsys-client 1.3.7-5 Common UNIX Printing System(tm) - ii hpijs 2.8.4+2.8.4-1 HP Linux Printing and Imaging - gs ii hpijs-ppds 2.8.4+2.8.4-1 HP Linux Printing and Imaging - HP ii hplip-gui 2.8.4-1 HP Linux Printing and Imaging - GU ii openprinting-ppds 20080211-2OpenPrinting printer support - Pos ___ Pkg-hpijs-devel mailing list [EMAIL PROTECTED] http://lists.alioth.debian.org/mailman/listinfo/pkg-hpijs-devel --- signature.asc Description: This is a digitally signed message part.
Bug#482095: [Pkg-hpijs-devel] Bug#482095: hplip: broken systray icon
On Thu, 29 May 2008, Tino Keitel wrote: Can you confirm you have python-qt4 installed? Yes: Thanks Tino, I have had a couple of other reports on what appears to be related. http://bugs.debian.org/hplip-gui. Some have had success by installing python-qt3 as well. But I need to get to the bottom of this. Mark signature.asc Description: This is a digitally signed message part.
Bug#482567: [Pkg-hpijs-devel] Bug#482567: hpijs: Missing dependency on libsnmp9
On Sat, 24 May 2008, Ronny Standtke wrote: libnetsnmp.so.15 = /usr/lib/libnetsnmp.so.15 (0xb7db6000) [...] libnetsnmp.so.9 = not found It is a little weird that your hplip package is linked against libnetsnmp.so.15 and so.9 ?? It certainly isn't supposed to be, it is supposed to be just libnetsnmp.so.15 per the dependancies. ;-( I presume you are using the package downloaded from lenny? The binary package in lenny is only linked against libnetsnmp.so.15 which is correct. # ldd hpijs | grep snmp libnetsnmp.so.15 = /usr/lib/libnetsnmp.so.15 (0xb7e52000) Have you built the package yourself or something like that? Mark signature.asc Description: This is a digitally signed message part.
Bug#478502: setting package to gnugk, tagging 478502
# Automatically generated email from bts, devscripts version 2.10.27 # # gnugk (2:2.2.7-2) UNRELEASED; urgency=low # # * Remove useless help2man call for addpasswd.1 #- gnugk - FTBFS: Segmentation fault obj_linux_s390_r/addpasswd -- #help 2 /dev/null (Closes: #478502) # package gnugk tags 478502 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#481891: Segmentation fault - no property named `idle-timeout'
Package: gupnp-tools Version: 0.3-1 Severity: grave Ross, I am getting a segmentation fault on both powerpc and i386 arch's. $ gupnp-network-light [EMAIL PROTECTED]:~$ gupnp-network-light (gupnp-network-light:30481): GLib-GObject-WARNING **: IA__g_object_set_valist: object class `SoupSessionAsync' has no property named `idle-timeout' Segmentation fault [EMAIL PROTECTED]:~$ gupnp-universal-cp (gupnp-universal-cp:30497): GLib-GObject-WARNING **: IA__g_object_set_valist: object class `SoupSessionAsync' has no property named `idle-timeout' Segmentation fault [EMAIL PROTECTED]:~$ Mark -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Kernel: Linux 2.6.18-5-powerpc Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages gupnp-tools depends on: ii libatk1.0-01.22.0-1 The ATK accessibility toolkit ii libc6 2.7-11GNU C Library: Shared libraries ii libcairo2 1.6.4-2 The Cairo 2D vector graphics libra ii libglade2-01:2.6.2-1 library to load .glade files at ru ii libglib2.0-0 2.16.3-2 The GLib library of C routines ii libgssdp-1.0-0 0.6-1 GObject-based library for SSDP ii libgtk2.0-02.12.9-4 The GTK+ graphical user interface ii libgupnp-1.0-0 0.10-1GObject-based library for UPnP ii libpango1.0-0 1.20.2-2 Layout and rendering of internatio ii libsoup2.2-8 2.2.105-4 an HTTP library implementation in ii libxml22.6.32.dfsg-2 GNOME XML library gupnp-tools recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#476050: spandsp: FTBFS: compilation error: file ../wrapper.xsl line 3 element import
severity 476050 important thanks On Mon, 14 Apr 2008, you wrote: This rebuild was done with gcc 4.3 instead of gcc 4.2, because gcc 4.3 is now the default on most architectures (even if it's not the case on i386 yet). Feel free to downgrade this bug to 'important' if your package is only built on i386, and this bug is specific to gcc 4.3 (i.e the package builds fine with gcc 4.2). Lucas, Doesn't look like a gcc 4.2/4.3 bug, rather it looks like xsltproc is trying to access the Internet to download a DTD. Also only effects your buildd, as the official buildd's appear to have Internet connectivity. http://buildd.debian.org/fetch.cgi?pkg=spandsp;ver=0.0.4pre18-1;arch=i386;stamp=1207779762 [...] Generating file member index... cd t38_manual ; xsltproc ../wrapper.xsl ../t38_manual.xml warning: failed to load external entity http://docbook.sourceforge.net/release/xsl/current/xhtml/chunk.xsl; compilation error: file ../wrapper.xsl line 3 element import xsl:import : unable to load http://docbook.sourceforge.net/release/xsl/current/xhtml/chunk.xsl make[2]: *** [t38_manual/index.html] Error 5 xsltproc does have a --nonet option, but I'm a bit reluctant to use this approach as the official buildd's are coping well. Happy for some comments though... Mark signature.asc Description: This is a digitally signed message part.
Bug#477505: libcommoncpp2_1.6.2-1(sparc/unstable): FTBFS on sparc
Martin, This only fails on sparc ;-( Is there anything special we need to worry about? Mark On Thu, 24 Apr 2008, Martin Zobel-Helas wrote: Package: libcommoncpp2 Version: 1.6.2-1 Severity: serious There was an error while trying to autobuild your package: Automatic build of libcommoncpp2_1.6.2-1 on spontini by sbuild/sparc 99.99 Build started at 20080422-1248 [...] ** Using build dependencies supplied by package: Build-Depends: debhelper ( 4.1.0), libxml2-dev, zlib1g-dev, help2man, doxygen, dpatch, libgnutls-dev, libgcrypt11-dev | libgcrypt-dev, autotools-dev, cdbs, dpkg-dev (= 1.13.19) [...] mempager.cpp:79: error: 'posix_memalign' was not declared in this scope mempager.cpp: In member function 'void ost::MemPager::clean()': mempager.cpp:103: error: '::free' has not been declared mempager.cpp: In member function 'void ost::MemPager::purge()': mempager.cpp:125: error: '::free' has not been declared mempager.cpp: In member function 'virtual void* ost::MemPager::alloc(size_t)': mempager.cpp:163: error: 'posix_memalign' was not declared in this scope make[3]: *** [mempager.lo] Error 1 make[3]: Leaving directory `/build/buildd/libcommoncpp2-1.6.2/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/build/buildd/libcommoncpp2-1.6.2' make[1]: *** [all] Error 2 make[1]: Leaving directory `/build/buildd/libcommoncpp2-1.6.2' make: *** [debian/stamp-makefile-build] Error 2 dpkg-buildpackage: failure: debian/rules build gave error exit status 2 A full build log can be found at: http://buildd.debian.org/build.php?arch=sparcpkg=libcommoncpp2ver=1.6.2-1 signature.asc Description: This is a digitally signed message part.
Bug#478264: traverso: error while loading shared libraries: libQtOpenGL.so.4:
Package: traverso Version: 0.42.0-2 Severity: grave Looks like traverso's linking against libQtOpenGL isn't great ;-( $ traverso traverso: error while loading shared libraries: libQtOpenGL.so.4: cannot open shared object file: No such file or directory $ ldd /usr/bin/traverso [ ... ] libQtOpenGL.so.4 = not found Mark -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Kernel: Linux 2.6.18-5-powerpc Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages traverso depends on: ii libasound2 1.0.16-2 ALSA library ii libaudio2 1.9.1-2 Network Audio System - shared libr ii libc6 2.7-10GNU C Library: Shared libraries ii libfftw3-3 3.1.2-3 library for computing Fast Fourier hi libflac8 1.2.1-1.2 Free Lossless Audio Codec - runtim ii libfontconfig1 2.5.0-2 generic font configuration library ii libfreetype6 2.3.5-1 FreeType 2 font engine, shared lib ii libgcc11:4.3.0-3 GCC support library ii libgl1-mesa-glx [libgl 7.0.3-1 A free implementation of the OpenG ii libglib2.0-0 2.16.3-2 The GLib library of C routines ii libglu1-mesa [libglu1] 7.0.3-1 The OpenGL utility library (GLU) ii libice62:1.0.4-1 X11 Inter-Client Exchange library ii libjack0 0.109.2-1.1 JACK Audio Connection Kit (librari ii libmad00.15.1b-3 MPEG audio decoder library ii libogg01.1.3-3 Ogg Bitstream Library ii libpng12-0 1.2.26-1 PNG library - runtime ii libqt4-core4.4.0~rc1-4 transitional package for Qt 4 core ii libqt4-gui 4.4.0~rc1-4 Qt 4 GUI module ii libraptor1 1.4.17-1 Raptor RDF parser and serializer l ii librasqal0 0.9.15-2 Rasqal RDF query library ii librdf01.0.7-1 Redland Resource Description Frame ii libsamplerate0 0.1.3-1 audio rate conversion library ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libsndfile11.0.17-4 Library for reading/writing audio ii libstdc++6 4.3.0-3 The GNU Standard C++ Library v3 ii libvorbis0a1.2.0.dfsg-3 The Vorbis General Audio Compressi ii libvorbisenc2 1.2.0.dfsg-3 The Vorbis General Audio Compressi ii libvorbisfile3 1.2.0.dfsg-3 The Vorbis General Audio Compressi ii libwavpack14.41.0-2 an audio codec (lossy and lossless hi libx11-6 2:1.0.3-7 X11 client-side library ii libxcursor11:1.1.9-1 X cursor management library ii libxext6 2:1.0.4-1 X11 miscellaneous extension librar ii libxfixes3 1:4.0.3-2 X11 miscellaneous 'fixes' extensio ii libxi6 2:1.1.3-1 X11 Input extension library ii libxinerama1 2:1.0.3-1 X11 Xinerama extension library ii libxrandr2 2:1.2.2-1 X11 RandR extension library ii libxrender11:0.9.4-1 X Rendering Extension client libra ii libxt6 1:1.0.5-3 X11 toolkit intrinsics library ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime traverso recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#474789: setting package to asterisk-dbg asterisk-config asterisk-doc asterisk-dev asterisk asterisk-sounds-main asterisk-h323 ...
# Automatically generated email from bts, devscripts version 2.10.26 # # asterisk (1:1.4.19.1~dfsg-1) UNRELEASED; urgency=low # # * New upstream release. #- Dropped configure-libc-client, incorporated upstream. #- Adapted bristuff patches uniqueid-10-channel-ops-uniqueid, # uniqueid-30-app-chanspy, zapata-bri+euroisdn. #- Fixes CVE-2008-1897 / AST-2008-006 (Closes: #477472). # * Depend on libspeexdsp-dev because of the use of preprocessor features, #which were split from libspeex = 1.2. (Closes: #474789) # * AST-2008-006 - 3-way handshake in IAX2 incomplete (Closes: #477472) package asterisk-dbg asterisk-config asterisk-doc asterisk-dev asterisk asterisk-sounds-main asterisk-h323 tags 474789 + pending tags 477472 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#477086: setting package to asterisk-dbg asterisk-config asterisk-doc asterisk-dev asterisk asterisk-sounds-main asterisk-h323 ...
# Automatically generated email from bts, devscripts version 2.10.26 # # asterisk (1:1.4.19.1~dfsg-1) UNRELEASED; urgency=low # # * Depend on libspeexdsp-dev because of the use of preprocessor features, #which were split from libspeex = 1.2. #- FTBFS: codec_speex.c:99: error: expected specifier-qualifier-list # before 'SpeexPreprocessState' (Closes: #474789) #- Asterisk fails to install due to broken libspeex dependency # (Closes: #477086) # package asterisk-dbg asterisk-config asterisk-doc asterisk-dev asterisk asterisk-sounds-main asterisk-h323 tags 477086 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#465495: setting package to libkexiv2 libkexiv2-3 libkexiv2-dev, tagging 465495
# Automatically generated email from bts, devscripts version 2.10.26 # # libkexiv2 (0.1.7-1) unstable; urgency=low # # * New upstream release #- digikam: digikam aborts: MakerTagInfo registry full (Closes: ##465495) # package libkexiv2 libkexiv2-3 libkexiv2-dev tags 465495 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#476939: setting package to cupsddk-drivers cupsddk, tagging 476939
# Automatically generated email from bts, devscripts version 2.10.25 # # cupsddk (1.2.3-2) unstable; urgency=high # # * Remove debian/rules ref to patch/ unpatch #- missing build-dependencies (Closes: #476939) # package cupsddk-drivers cupsddk tags 476939 + pending -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#474253: libspeex1: Makes ekiga crash
libspeex has split out some functions which have been under active development still into a separate library libspeexdsp. Applications which used these symbols will need to be fixed to link with it and rebuilt from source. Opal is one of those apparently. libspeex will conflict with the current version of it in its next upload, and I've cloned this report to opal for action with it. Ron, If the API has changed then the soname should also change as well, just conflicting with the previous version is not sufficient and doesn't make for a smooth library transition. Given the wide spread deployment of speex we need to tread softly, which was why we had left the beta versions in experimental, to try and identify these issues and ensure a smooth transition. I know upstream speex say the beta is stable, but if it is so stable, then why don't they release 1.3 final?? Mark signature.asc Description: This is a digitally signed message part.
Bug#471378: blobwars: Segmentation fault
On Tue, 1 Apr 2008, Guus Sliepen wrote: On Mon, Mar 17, 2008 at 09:52:36PM +1100, Mark Purcell wrote: $ blobwars Segmentation fault I haven't heard a reply from you yet, and I asked Cyril Brulebois to reproduce the segmentation fault on PowerPC, but on his computer blobwars worked. Therefore I am downgrading this bug. I do hope you can produce a coredump and a backtrace so we can figure out what happens on your machine. Guus, Sorry about the delay in response. I am still having the issue with Segmentation Faults, but haven't yet been able to produce a core dump. I have created my blobwars-dbg package with symbols, but when I run with gdb, the startup 'loading' screen goes full screen and I can't control gdb any further. I haven't played around with it too much though ;-( I see there is a -fullscreen option, but no -nofullscreen, so it must be a compile time flag, if I can get that then I should be able to make some further progress. Mark signature.asc Description: This is a digitally signed message part.
Bug#471378: blobwars: Segmentation fault
Package: blobwars Version: 1.08-1 Severity: grave Guus, When trying to start blobwars, I get the initial screen that says 'Loading...' then I get a segmentation fault: $ blobwars Segmentation fault Rebuilding against the current libraries in unstable doesn't help either. Mark -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Kernel: Linux 2.6.24-1-powerpc Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages blobwars depends on: ii libc6 2.7-9 GNU C Library: Shared libraries ii libgcc11:4.3.0-1 GCC support library ii libmikmod2 3.1.11-a-6A portable sound library ii libsdl-image1.21.2.6-3 image loading library for Simple D ii libsdl-mixer1.21.2.8-3 mixer library for Simple DirectMed ii libsdl-ttf2.0-02.0.9-1 ttf library for Simple DirectMedia ii libsdl1.2debian1.2.13-2 Simple DirectMedia Layer ii libstdc++6 4.3.0-1 The GNU Standard C++ Library v3 ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime blobwars recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#465495: Confirmed - MakerTagInfo registry full
tags 465495 confirmed thanks I confirm that I'm having this issue as well. Downgrading to libkexiv2-3 (0.1.6-1), from testing, restored correct operation. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#452102: ping
retitle 452102 RM: mobilemesh; RoM, obsolete reassign 452102 ftp.debian.org thanks Holger, I'm happy for mobile mesh to be removed. Mark -original message- Subject: Bug#452102: ping From: Holger Levsen [EMAIL PROTECTED] Date: 20/12/2007 10:49 Hi Mark, please comment on this bug and explain why the package is still useful in Debian today, otherwise I'll ask for removal in seven days. regards, Holger Attachment
Bug#453902: preinst fails: update-rc.d: /etc/init.d/hplip exists during rc.d purge
On Sunday 02 December 2007, Josh Triplett wrote: Version: 2.7.10-4 Severity: grave hplip's preinst fails: Thanks Josh, The rules for update-rc.d are a little tricky in that the init.d file needs to off allready been removed before one can call update-rc.d. So while the upgrade works for those allready on 2.7.x it didn't in your case moving from 1.6.10, and everyone else who is moving from stable/testing to unstable. I'll have something fixed shortly. Mark signature.asc Description: This is a digitally signed message part.
Bug#439450: Siproxd libosip2-3.0.1
http://siproxd.sourceforge.net/ Siproxd libosip2-3.0.1 19-Nov-2006 This new major release of libosip2 has some basic changes in its data structures. This causes compiling siproxd with this release of libosip2 to fail. For now it is recommended to stick with a 2.x.x version of libosip2, like 2.2.2, the latest version of that major release. signature.asc Description: This is a digitally signed message part.
Bug#452244: hplip: killall-is-dangerous
W: hplip: killall-is-dangerous preinst:31 N: N: The maintainer script seems to call killall. Since this utility kills N: processes by name, it may well end up killing unrelated processes. N: Most uses of killall should use start-stop-daemon instead. N: signature.asc Description: This is a digitally signed message part.
Bug#452408: hplip: killall-is-dangerous
W: hplip: killall-is-dangerous preinst:31 N: N: The maintainer script seems to call killall. Since this utility kills N: processes by name, it may well end up killing unrelated processes. N: Most uses of killall should use start-stop-daemon instead. N: signature.asc Description: This is a digitally signed message part.
Bug#453361: hplip: FTBFS dpkg-shlibs
Thanks for your reports. As you are aware we are just introducing the new upstream hplip, at the same time as dpkg-dev updated the rules for dpkg-shlibs, and that is responsible for the issues you can see. We initially uploaded to experimental, which did build correctly across the buildds, but then the new dpkg-dev caused problems. Fortunately a debian/shlibs is what is required and I hope to have that uploaded shortly. Mark signature.asc Description: This is a digitally signed message part.
Bug#452662: Accepted tripod 0.7.0-2 (source i386)
On Friday 30 November 2007, you wrote: On Fri, 30 Nov 2007, Mark Purcell wrote: * libgpod now does not depends on libffi - tripod - FTBFS: cannot find -lffi (Closes: #452662) There's no explanation on how you fixed this bug. Did you add libffi4-dev to the Build-Depends ? If yes, you should just say so: * Explicitely added libffi4-dev to Build-Depends since libgpod-dev does no more depend on it. Closes: #452662 tripod doesn't use any of the libffi4-dev headers, so it isn't a necessary dependency. The -llibffi4 got pulled into the tripod build via libgpod (see #452829). Thus #452662 #452829 are actually the same bug and fixed with the upload of libgpod. Guess I could of made this clearer in the changelog, perhaps referenced the libgpod bug. Mark signature.asc Description: This is a digitally signed message part.
Bug#452244: hplip: maintainer-script-calls-init-script-directly
E: hplip: maintainer-script-calls-init-script-directly preinst:29 N: N: This script apparently runs an init script directly rather than using N: invoke-rc.d. The use of invoke-rc.d to invoke the /etc/init.d/* N: initscripts instead of calling them directly is required. Maintainer N: scripts may call the init script directly only if invoke-rc.d is not N: available. N: N: Refer to Policy Manual, section 9.3.3.2 for details. N: signature.asc Description: This is a digitally signed message part.
Bug#452244: [Pkg-hpijs-devel] Bug#452244: sysv-rc dependency
On Thursday 22 November 2007, Ken Bloom wrote: severity 452244 serious # Violates debian policy 9.3.3 thanks Thanks Ken, Yes there is a bit of work to do there. In part we have started backporting the ubuntu work for the package to bring it back into Debian, so the postinst does need some work. Most of the magic is to clear up old versions of the software to ensure we have a sane state. But your suggestions are well made and we will work through them. Mark signature.asc Description: This is a digitally signed message part.
Bug#448261: Crashes with No such file or directory: Please install ghostscript and make sure 'gs' is in the PATH.
Package: flpsed Version: 0.3.7-1.1 Severity: grave I suspect the ghostscript/gs upgrades in unstable are responsible, however flpsed in unstable is currently unusable: ~$ flpsed Receipts/quickim.ps exec: No such file or directory Please install ghostscript and make sure 'gs' is in the PATH. I haven't looked too deeply, but I have packaged flpsed 0.5.0 which does function correctly and is available at http://people.debian.org/~msp and am happy to NMU if wanted. (See also Bug#401205) Mark -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages flpsed depends on: ii ghostscript [gs- 8.61.dfsg.1~svn8187-1.1 The GPL Ghostscript PostScript/PDF ii libc62.6.1-6 GNU C Library: Shared libraries ii libfltk1.1 1.1.7-5 Fast Light Toolkit shared librarie ii libgcc1 1:4.2.2-3 GCC support library ii libstdc++6 4.2.2-3 The GNU Standard C++ Library v3 ii libx11-6 2:1.0.3-7 X11 client-side library Versions of packages flpsed recommends: ii poppler-utils [xpdf-utils]0.5.4-6.2 PDF utilitites (based on libpopple -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#447819: shlibs file incorrect: does not force dependency on libportaudiocpp0
On Tue, 23 Oct 2007, Hamish Moffatt wrote:
The shlibs file for libportaudiocpp0 only results in a dependency on
libportaudio2, not libportaudiocpp0:
libportaudiocpp 0 libportaudio2 (= 19+cvs20060311-1)
This results in programs that use it with automatic depends via
${shlib:Depends} having incorrect dependencies, eg bug#447548 in fldigi.
Thanks Hamish,
Unfortunately this problem also appears with the upload we did yesterday:
portaudio19 (19+svn20071022-1) unstable; urgency=low
[ Mark Purcell ]
* New upstream release
- libportaudio2: new snapshot (Closes: #447338)
[ Kilian Krause ]
* Use ${binary:Version} for binNMU-safe uploads.
Add dpkg-dev (= 1.13.19) to Build-Depends
* Don't ignore make clean errors.
* Fix dh_makeshlibs call. Get rid of libportaudiocpp0 binary:
shlibs-declares-dependency-on-other-package libportaudio2.
* Add Homepage field as added in dpkg-dev 1.14.6.
-- Mark Purcell [EMAIL PROTECTED] Tue, 23 Oct 2007 07:13:43 +0100
I will have a look tonight and see if we can't get the shlibs
tonight, I'm happy if you would also like to reassign bug#447548 to
portaudio.
Mark
signature.asc
Description: This is a digitally signed message part.
Bug#447304: [Pkg-kde-extras] Bug#447304: digikam is currently uninstallable on amd64 unstable
On Sat, 20 Oct 2007, Nicolas DEGAND wrote: Also could you run ... `dpkg -p digikam` and let me know what it states. dpkg -p digikam states that Package digikam is not available. Digikam is still uninstallable Hmm, This would be caused by your apt.sources having some funny entries, or not being uptodate. Could I ask you to run `apt-cache show digikam` and return the results. Finally could you download digikam_0.9.2-5_amd64.deb from http://packages.debian.org/sid/digikam/amd64/download using your web browser and then install manually using `dpkg -i digikam_0.9.2-5_amd64.deb` and tell me what it states. Thanks, Mark signature.asc Description: This is a digitally signed message part.
Bug#447304: [Pkg-kde-extras] Bug#447304: digikam is currently uninstallable on amd64 unstable
On Fri, 19 Oct 2007, Nicolas DEGAND wrote: Digikam is currently uninstallable on amd64 unstable due to these missing packages : libkdcraw1 libkekiv2-1 Nicolas, Thanks for your bug report. Although those packages should be available for amd64: http://packages.debian.org/sid/libkexiv2-3/amd64/download http://packages.debian.org/sid/libkdcraw2/amd64/download What does it state when you try and `apt-get install digikam`? Mark signature.asc Description: This is a digitally signed message part.
Bug#447304: [Pkg-kde-extras] Bug#447304: digikam is currently uninstallable on amd64 unstable
On Sat, 20 Oct 2007, Nicolas DEGAND wrote: The following packages have unmet dependencies: digikam: Depends: libkdcraw1 but it is not installable Depends: libkexiv2-1 but it is not installable E: Broken packages Thanks, That's a little weird it should be asking for: # apt-get install digikam Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: libkdcraw2 libkexiv2-3 Suggested packages: digikam-doc Recommended packages: kipi-plugins The following NEW packages will be installed digikam libkdcraw2 libkexiv2-3 Could you please run `apt-cache policy digikam` and let me know what it reports: It should look like: # apt-cache policy digikam digikam: Installed: (none) Candidate: 2:0.9.2-5 Version table: 2:0.9.3~beta1-1 0 1 http://ftp.uk.debian.org experimental/main Packages 100 /var/lib/dpkg/status 2:0.9.2-5 0 500 http://ftp.uk.debian.org sid/main Packages Also could you run `apt-get install libkdcraw2 libkexiv2-3` and `dpkg -p digikam` and let me know what it states. Mark signature.asc Description: This is a digitally signed message part.
Bug#446393: kamera should Depend: on libgphoto2-2-dev for correct operation
Package: kamera Version: 4:3.5.7-4 Severity: grave KDE-Team, I know this is going to sound strange, but kamera should Depend: libgphoto2-2-dev to function correctly. We have the same issue with digikam. http://bugs.debian.org/416123 In the short term the fix for this is to Depend: on libgphoto2-2-dev, in the longer term I suspect something needs to be resolved with the .la files in libgohoto, please follow the digikam bug and upstream in bugs.kde.org Mark -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages kamera depends on: ii kdelibs4c2a 4:3.5.7.dfsg.1-7 core libraries and binaries for al ii libc6 2.6.1-5 GNU C Library: Shared libraries ii libgcc1 1:4.2.2-1GCC support library ii libgphoto2-22.4.0-7 gphoto2 digital camera library ii libgphoto2-port02.4.0-7 gphoto2 digital camera port librar ii libstdc++6 4.2.2-1 The GNU Standard C++ Library v3 kamera recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#353967: gsmlib: diff for NMU version 1.10-10.1
On Sat, 29 Sep 2007, Emmanuel Bouthenot wrote: tags 353967 + patch thanks Hi, Attached is the diff for my gsmlib 1.10-10.1 NMU. Thks Emmanuel, Any reason you also update config.guess in the NMU? Mark signature.asc Description: This is a digitally signed message part.
Bug#441688: Hold ivtv-source 1.0.x until linux-image-2.6.22 migrates to testing
Package: ivtv-source Version: 1.0.2-2 Severity: serious ivtv-source 1.0.x only supports linux kernel 2.6.22 and greater, so hold it out of testing until that kernel is available in testing. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages ivtv-source depends on: ii bzip2 1.0.3-7high-quality block-sorting file co ii debhelper 5.0.54 helper programs for debian/rules ii dpatch2.0.27 patch maintenance system for Debia ii module-assistant 0.10.11tool to make module package creati ivtv-source recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#441485: twinkle - FTBFS: configure: error: zrtp header files missing
On Mon, 10 Sep 2007, Michael Ablassmeier wrote: checking libzrtpcpp/ZrtpQueue.h usability... no checking libzrtpcpp/ZrtpQueue.h presence... no checking for libzrtpcpp/ZrtpQueue.h... no configure: error: zrtp header files missing make: *** [config.status] Error 1 The Full Build log is available and can be viewed at: http://people.debian.org/~lucas/logs/2007/09/05/ Michael, I can't verify here: checking for main in -lzrtpcpp... yes checking libzrtpcpp/ZrtpQueue.h usability... yes checking libzrtpcpp/ZrtpQueue.h presence... yes checking for libzrtpcpp/ZrtpQueue.h... yes checking boost/regex.h usability... yes checking boost/regex.h presence... yes checking for boost/regex.h... yes checking for main in -lboost_regex... yes configure: creating ./config.status We also have a bank of buildd's that haven't reproduced your FTBFS: http://buildd.debian.org/pkg.cgi?pkg=twinkle http://status.buildserver.net/packages/status.php?email=packages=twinklearches=dists=subdist=pkg-voip So I'm not quite sure how we can debug. Mark signature.asc Description: This is a digitally signed message part.
Bug#420982: RM: libccaudio/ libccscript -- RoM; obsolete; RC-buggy; FTBFS
reassign 420982 ftp.debian.org title 420982 RM: libccaudio -- RoM; obsolete; RC-buggy; FTBFS reassign 420984 ftp.debian.org title 420984 RM: libccscript -- RoM; obsolete; RC-buggy; FTBFS thanks ftp-masters, With the upload of bayonne2 both the libccaudio libccscript src packages are obsolete and have been replaced by libccaudio2 and libccscript3. Please remove the libccaudio libccscript src packages. Thanks, Mark $ apt-cache rdepends libccscript2-0.6-3 libccscript2-0.6-3 Reverse Depends: libccscript-dev libccscript-dev $ apt-cache rdepends libccaudio1-1.2-0 libccaudio1-1.2-0 Reverse Depends: libccaudio-dev libccaudio-dev signature.asc Description: This is a digitally signed message part.
Bug#439062: Fwd: [asterisk-announce] Asterisk 1.4.11 released
Package: asterisk Version: 1:1.4.1~dfsg-1 Severity: serious Tags: security pending -- Forwarded Message -- Subject: [asterisk-announce] Asterisk 1.4.11 released Date: Tue, 21 Aug 2007 From: The Asterisk Development Team [EMAIL PROTECTED] To: undisclosed-recipients:; The Asterisk development team has released version 1.4.11. This version contains numerous bug fixes. One of these is for a security issue in chan_sip. The issue is that SIP dialog history was being stored in memory regardless if the option for this was turned on or off. This could be abused to cause a system using chan_sip to run out of memory. The security issue is documented in AST-2007-020. Affected systems include any that are using chan_sip. Also, only Asterisk 1.4 is affected. Asterisk 1.2 is not vulnerable to this issue. * http://downloads.digium.com/pub/asa/AST-2007-020.pdf The name prefix for our security advisories has been changed from ASA to AST. The ASA scheme was already in use by another company before we started using it. This release is available for download from http://downloads.digium.com/pub/telephony/asterisk/. Thank you for your support! ___ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-announce mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-announce --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#436351: Patch: dvr_3.2-8
On Sat, 18 Aug 2007, Jason Harrison wrote: libdts-dev Thanks Jason! Mark signature.asc Description: This is a digitally signed message part.
Bug#435521: closed by Mark Purcell [EMAIL PROTECTED] (Re: Asterisk SIP DOS Vulnerability)
On Sat, 18 Aug 2007, Kilian Krause wrote: Comments? If the rest of pkg-voip developers agrees, i'll just put up a pseudo RC-bug against asterisk to make sure it's not progressing into testing anymore (and therefore not contained in stable release of Lenny and newer). Kilian, I don't agree with keeping asterisk out of lenny permanently, I think we should wait until closer to the lenny release and then make that decision. In the event that asterisk 1.4.x is stable and in maintenance fixes upstream, then I see no reason why it should be excluded from lenny. Asterisk 1.2.x is a different beast, and etch was released with the current asterisk 1.2.x then we could maintain, via upstream security releases. But etch was released with an early asterisk 1.2, and that is what we have to work with. I can see an argument for asterisk 1.2.x being removed from etch. We need to either: 1. Continue/ start to backporting security fixes from 1.2.x, or 2. Remove asterisk 1.2.x from etch, and/or 3. Track upstream 1.2.x security releases, via volatile or just direct our users to pkg-voip.buildserver.net for etch packages. For lenny, I recommend we get ftp-master to force the removal of asterisk 1.2.x, it FTBFS, it has vulnerabilities etc. In the meantime, I think it is suitable for asterisk 1.4 to migrate to lenny via unstable per the normal rules. As vulnerabilities are discovered we publish the fix into unstable and migrate according to the two/five day rules. Mark signature.asc Description: This is a digitally signed message part.
Bug#435146: asterisk-h323: Asterisk crashes on startup with H323 package installed.
found 435146 1:1.4.8~dfsg-2 tags 435146 - help tags 435146 pending thanks On Sun, 29 Jul 2007, Konstantin Starodubtsev wrote: Asterisk crashes with core dump if asterisk-h323 packages installed. Konstantin, We have managed to debug this problem, it was introduced by version 1:1.4.8~dfsg-2 and we should have a fixed version 1.4.10.1 uploaded in the next couple of days. Mark signature.asc Description: This is a digitally signed message part.
Bug#437982: Hold pre-release out of testing
Package: kmplayer Version: 1:0.10.0~pre2-2 Severity: serious Note to self, and the rest of kde-extras ;-) Hold the pre-release of kmplayer out of testing. As a rule of thumb, only released versions should migrate. Mark -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.22-1-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages kmplayer depends on: ii kdelibs4c2a 4:3.5.7.dfsg.1-4 core libraries and binaries for al ii kmplayer-common 1:0.10.0~pre2-2 common files for kmplayer ii libc6 2.6.1-1 GNU C Library: Shared libraries ii libgcc1 1:4.2.1-4GCC support library ii libqt3-mt 3:3.3.7-6Qt GUI Library (Threaded runtime v ii libstdc++6 4.2.1-4 The GNU Standard C++ Library v3 ii libx11-62:1.0.3-7X11 client-side library ii libxv1 1:1.0.3-1X11 Video extension library Versions of packages kmplayer recommends: ii kmplayer-plugin 1:0.10.0~pre2-2 kmplayer plugin for khtml/konquero -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#435146: confirmed with asterisk 1:1.4.10~dfsg-1, libopenh323 1.18.0.dfsg-3
Package: asterisk-h323 Version: 1:1.4.10~dfsg-1 Followup-For: Bug #435146 Installing the -develop versions provides some additional information. (gdb) bt #0 0x in ?? () #1 0xb7700228 in PFactoryH323Capability, PString::~PFactory () from /usr/lib/libopenh323.so.1.18.0 #2 0xb706b128 in ~FactoryMap (this=0xb7123bc8) at ../common/object.cxx:331 #3 0xb706b1d6 in __tcf_0 () at ../common/object.cxx:317 #4 0xb7d90841 in __cxa_finalize () from /lib/i686/cmov/libc.so.6 #5 0xb6eadcd3 in __do_global_dtors_aux () from /usr/lib/libpt.so.1.10.7 #6 0xb706b98c in _fini () from /usr/lib/libpt.so.1.10.7 #7 0xb7f717f9 in ?? () from /lib/ld-linux.so.2 #8 0x0010 in ?? () #9 0x in ?? () -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-1-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages asterisk-h323 depends on: ii asterisk 1:1.4.10~dfsg-1 Open Source Private Branch Exchang ii libc62.6.1-1 GNU C Library: Shared libraries ii libexpat11.95.8-4XML parsing C library - runtime li ii libgcc1 1:4.2.1-2 GCC support library ii libldap2 2.1.30-13.4 OpenLDAP libraries ii libopenh323-1.18.0-devel 1.18.0.dfsg-3 H.323 aka VoIP library ii libpt-1.10.0-develop 1.10.7~dfsg1-4 Portable Windows Library - binary ii libsasl2-2 2.1.22.dfsg1-14 Authentication abstraction library ii libsdl1.2debian 1.2.11-9Simple DirectMedia Layer ii libssl0.9.8 0.9.8e-5SSL shared libraries ii libstdc++6 4.2.1-2 The GNU Standard C++ Library v3 asterisk-h323 recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#435146: confirmed with asterisk 1:1.4.10~dfsg-1, libopenh323 1.18.0.dfsg-3
On Sun, 12 Aug 2007, Kilian Krause wrote: Hi Mark, Hi Kilian, Installing the -develop versions provides some additional information. can you also install the asterisk-dbg? That was with asterisk-dbg and the -develop files installed: ii asterisk 1:1.4.10~dfsg-1 Open Source Private Branch Exchange (PBX) ii asterisk-config 1:1.4.10~dfsg-1 config files for asterisk ii asterisk-dbg 1:1.4.10~dfsg-1 debugging symbols for asterisk ii asterisk-dev 1:1.4.10~dfsg-1 Development files for asterisk ii asterisk-doc 1:1.4.10~dfsg-1 Source code documentation for Asterisk ii asterisk-h3231:1.4.10~dfsg-1 Asterisk's H.323 VoIP channel ii asterisk-sounds-main 1:1.4.10~dfsg-1 Core Sound files for Asterisk (English) ii asterisk-web-vmail 1:1.4.10~dfsg-1 Web-based (CGI) voice mail interface for Ast ii libopenh323-1.18.0-develop 1.18.0.dfsg-3 H.323 aka VoIP library ii libopenh323-dev 1.18.0.dfsg-3 H.323 aka VoIP library development files ii libpt-1.10.0-develop 1.10.7~dfsg1-4 Portable Windows Library - binary developer ii libpt-dev1.10.7~dfsg1-4 Portable Windows Library development files Btw, this core dump occurs out of the box with no asterisk configuration changes, so you should be able to reproduce by installing asterisk-h323 and trying to run asterisk. Mark signature.asc Description: This is a digitally signed message part.
Bug#437222: asterisk: Depends on libpri1.0 = 1.4, should this be libpri1.2 = 1.4?
On Sat, 11 Aug 2007, Andrew Ruthven wrote: Hi, Hi Andrew, Currently asterisk is not installable because it depends on libpri1.0 = 1.4 which doesn't exist. Should this be libpri1.2 which does have version 1.4 in the repo? libpri1.0 is currently stuck in NEW: http://ftp-master.debian.org/~ajt/new/libpri_1.4.1-1_i386.html IF you would like to get it early, you can grab it from http://buildserver.net Mark signature.asc Description: This is a digitally signed message part.
Bug#437298: [Pkg-mythtv-maintainers] Bug#437298: ivtv: FTBFS on i386 with 2.6.22-1
On Sat, 11 Aug 2007, Daniel Baumann wrote: ivtv fails to build with 2.6.22-1, build-log from m-a is attached. Daniel, ivtv 0.10.x is only for kernels = 2.6.18 and = 2.6.21.x the ivtv modules have been incorporated into the kernel from 2.6.22 onwards and the ivtv package 1.0.x is for kernels = 2.6.22. This release does NOT contain the ivtv driver proper, as that is now part of kernel 2.6.22. It does contain test tools, utilities and the ivtv-fb and saa717x drivers We need to think about how to incorporate in Debian. Mark signature.asc Description: This is a digitally signed message part.
Bug#435521: closed by Mark Purcell [EMAIL PROTECTED] (Re: Asterisk SIP DOS Vulnerability)
On Wed, 8 Aug 2007, Lionel Elie Mamane wrote: Yes, but we should still fix that in stable, not only unstable. Yes I wasn't suggesting that we don't fix it in stable, but rather that a fix was available and had been uploaded to Debian (unstable). The BTS supports version tracking and even though the bug maybe closed, these security issues are still listed as open for asterisk in etch. Of course if we have a way of testing the fix in unstable is is valid that's even better. Of course fixing the plethora of security fixes against asterisk 1.2 is an issue and a fair amount of work. Whilst digium continues to provide supported releases of 1.2.x with bug fixes, by rights we should be only taking the diff's and applying them to debian stable via the debian security team, which is a job in itself. We are maintaining uptodate asterisk 1.2 packages built against stable (etch) via http://buildserver.net, but that is using the latest asterisk 1.2 upstream release and isn't a suitable security fix for upload to stable. (but would be a lot less work and would get the fixes into stable v.quickly) security team. This is an issue, we (pkg-voip) are aware we are well behind the curve on this, but were wondering if you have any ideas on a way to better manage? Mark signature.asc Description: This is a digitally signed message part.
Bug#436808: Fwd: [asterisk-announce] ASA-2007-019: Remote crash vulnerability in Skinny channel driver
Package: asterisk Version: 1:1.4.1~dfsg-1 Severity: grave Tags: security, pending -- Forwarded Message -- Subject: [asterisk-announce] ASA-2007-019: Remote crash vulnerability in Skinny channel driver Date: Tue, 7 Aug 2007 From: The Asterisk Development Team [EMAIL PROTECTED] To: [EMAIL PROTECTED] Asterisk Project Security Advisory - ASA-2007-019 ++ | Product | Asterisk | |+---| | Summary | Remote crash vulnerability in Skinny channel | || driver| |+---| | Nature of Advisory | Denial of Service | |+---| | Susceptibility | Remote Authenticated Sessions | |+---| | Severity | Moderate | |+---| | Exploits Known | No| |+---| |Reported On | August 7, 2007| |+---| |Reported By | Wei Wang of McAfee AVERT Labs | |+---| | Posted On | August 7, 2007| |+---| | Last Updated On | August 7, 2007| |+---| | Advisory Contact | Jason Parker [EMAIL PROTECTED] | |+---| | CVE Name | | ++ ++ | Description | The Asterisk Skinny channel driver, chan_skinny, has a | | | remotely exploitable crash vulnerability. A segfault can | | | occur when Asterisk receives a | | | CAPABILITIES_RES_MESSAGE packet where the capabilities | | | count is greater than the total number of items in the | | | capabilities_res_message array. Note that this requires | | | an authenticated session.| ++ ++ | Resolution | Asterisk code has been modified to limit the incoming | || capabilities count. | || | || Users with configured Skinny devices should upgrade to| || the appropriate version listed in the corrected in| || section of this advisory. | ++ ++ | Affected Versions| || | Product | Release | | | | Series| | |--+-+---| | Asterisk Open Source |1.0.x| Not affected | |--+-+---| | Asterisk Open Source |1.2.x| Not affected | |--+-+---| | Asterisk Open Source |1.4.x| All versions prior to | | | | 1.4.10| |--+-+---| |Asterisk Business Edition |A.x.x| Not affected | |--+-+---| |Asterisk Business Edition |B.x.x| Not affected |
Bug#435521: closed by Mark Purcell [EMAIL PROTECTED] (Re: Bug#435521: Asterisk SIP DOS Vulnerability)
Massimiliano Toce, Per the advisory I believe this issue is resolved in asterisk 1.4.x debian unstable currently has version 1.4.9 so the bug should be resolved. We have a backported version of 1.4.9 available from http://buildserver.net/ Mark On Mon, 6 Aug 2007, you wrote: I have installed asterisk version 1:1.2.13~dfsg-2 ( http://packages.debian.org/stable/comm/asterisk) and the problem seems to remain, asterisk crashes when receives a REGISTER packet with no Request-URI and no SIP-Version. regards, Massimiliano Toce 2007/8/3, Debian Bug Tracking System [EMAIL PROTECTED]: This is an automatic notification regarding your Bug report #435521: Asterisk SIP DOS Vulnerability, which was filed against the asterisk package. It has been closed by Mark Purcell [EMAIL PROTECTED]. Their explanation is attached below. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Mark Purcell [EMAIL PROTECTED] by replying to this email. Debian bug tracking system administrator (administrator, Debian Bugs database) -- Messaggio inoltrato -- From: Mark Purcell [EMAIL PROTECTED] To: Massimiliano Toce [EMAIL PROTECTED], [EMAIL PROTECTED] Date: Fri, 3 Aug 2007 17:48:16 +0100 Subject: Re: Bug#435521: Asterisk SIP DOS Vulnerability Version: 1:1.4.2~dfsg-1 The advisory stated this issue is resolved in version 1.4.1 and later. It would be useful if you could confirm using S.T.R.E.S.S that the version in debian unstable does indeed have this issue resolved. Mark On Wed, 1 Aug 2007, Massimiliano Toce wrote: Package: asterisk Version: 1:1.2.13~dfsg-2 Severity: critical Tags: security Asterisk crashes when handles a REGISTER message with no URI and no SIP-Version. See http://labs.musecurity.com/advisories/MU-200703-01.txt for more details. We found it using S.T.R.E.S.S.: a software for security testing (http://lart.det.unifi.it/Members/rosi/stress ). We are using Debian GNU/Linux 4.0, kernel 2.6.18-4-686. regards, Massimiliano Toce, Leonardo Maccari, Matteo Rosi signature.asc Description: This is a digitally signed message part.
Bug#434656: [Pkg-kde-extras] Bug#434656: digikam: FTBFS: --enable-final seems to much for arm
On Wed, 25 Jul 2007, Adeodato Simó wrote: digikam FTBFS on arm: the build terminates after 500 minutes while trying to compile libdigikam_la.all_cpp.cpp. You should probably avoid using --enable-final on the slower arches, at least arm. You can steal code to do it from debian-qt-kde.mk. Thanks dato! Mark signature.asc Description: This is a digitally signed message part.
Bug#434676: [Pkg-kde-extras] Bug#434676: [Kmymoney2-developer] Bug#434676: FTBFS: Bus error in ps2pdf14
On Wed, 25 Jul 2007, dann frazier wrote: Not building the pdf is as valid a resolution for this bug as fixing it would be. Thanks Dan, After going to the effort of building the PDF, we don't even ship within the Debian package, so I might just back out the build... Mark signature.asc Description: This is a digitally signed message part.
Bug#434676: [Pkg-kde-extras] Bug#434676: [Kmymoney2-developer] Bug#434676: FTBFS: Bus error in ps2pdf14
On Wed, 25 Jul 2007, Thomas Baumgart wrote: Please keep in mind, that building the pdf version of the document is only meant as an option to be used by the developers and not part of the standard build. So I would not classify this as serious. Thanks Thomas, We build the pdf document, but then don't even ship it with the Debian binaries. So disabling the build of the pdf documents would solve the issue, as it is preventing kmymoney from building on those architectures in Debian. Mark signature.asc Description: This is a digitally signed message part.
Bug#433884: Should not depend on libopenH323, libpt, libSDL, libssl, libldap, ...
On Fri, 20 Jul 2007, Tzafrir Cohen wrote: Which brings me again to ask: should the main asterisk package depend on odbc, postgresql and such, or do we take some of those modules to subpackages as well? The rational for splitting asteirsk-h323 was that the footprint for the openh323 depenency libs was very large and the savings justified splitting off another package. The footprint for the dependency libs for odbs, postgresql and the like are a lot more reasonable. But I would be willing to be convinced otherwise. Mark signature.asc Description: This is a digitally signed message part.
Bug#433884: Should not depend on libopenH323, libpt, libSDL, libssl, libldap, ...
On Fri, 20 Jul 2007, Faidon Liambotis wrote: Severity: serious Faidon, Why have you tagged this as serious? While I agree that asterisk shouldn't depend on additional libs, which is why we split off the asterisk-h323, it isn't actually a 'severe violation of Debian policy'. I would perhaps tag it as : minor a problem which doesn't affect the package's usefulness, and is presumably trivial to fix. I certainly don't think this should block all the upstream security fixes. Mark signature.asc Description: This is a digitally signed message part.
Bug#433884: Should not depend on libopenH323, libpt, libSDL, libssl, libldap, ...
On Fri, 20 Jul 2007, Faidon Liambotis wrote: Second version of the patch that removes the craft. Thanks Faidon, I have committed to svn and it seems to build good! tagging pending. Mark signature.asc Description: This is a digitally signed message part.
Bug#434066: asterisk: Fails to restart after upgrade due to dep on libpt.so.1.10.2
On Sat, 21 Jul 2007, Jonathan McDowell wrote: After performing my daily sid upgrade Asterisk fails to restart: Setting up asterisk-config (1:1.4.8~dfsg-1) ... Stopping Asterisk PBX: asterisk. Starting Asterisk PBX: /usr/sbin/asterisk: error while loading shared libraries: libpt.so.1.10.2: cannot open shared object file: No such file or Ouch, Thanks for the report. Will upload with correct library deps shortly.. We have been working the libpt deps separatly so have something ready to go.. But still we shouldn't of had a dependency on the incorrect soname :-( Mark signature.asc Description: This is a digitally signed message part.
Bug#434077: libpt-1.10.0: package-name-doesnt-match-sonames libpt1.10.7
retitle 434077 libpt-1.10.0: package-name-doesnt-match-sonames libpt1.10.7 thanks Kilian, Is there a reason you didn't bump the package to match the soname on libpt? libpt 1.10.7 isn't binary compatible with 1.10.2. Thus we normally bump the package name to match the soname and submit through NEW processing. This is what caused the problems with asterisk not linking correctly to libpt and every other package that has a rdepends on libpt will also be broken if they upload libpt-1.10.0 from unstable. Are you happy for me to work this issue and upload a fix? Mark W: libpt-1.10.0-ptrace: package-name-doesnt-match-sonames libpt1.10.7 W: libpt-1.10.0-develop: package-name-doesnt-match-sonames libpt1.10.7 W: libpt-1.10.0: package-name-doesnt-match-sonames libpt1.10.7 N: N: The package name of a library package should usually reflect the N: soname of the included library. The package name can determined from N: the library file name with the following code snippet: N: N:$ objdump -p /path/to/libfoo-bar.so.1.2.3 | sed -n -e's/^[[:space:]]*SONAME[[:space:]]*//p' | sed -e's/\([0-9]\)\.so\./\1-/; s/\.so\.//' N: N: Refer to Library Packaging guide 5 for details. N: libpt-1.10.0 Reverse Depends: yate-openh323 t38modem |simpleopal simph323 pstngw openmcu openam ohphone-basic ohphone libpt-plugins-v4l2 libpt-plugins-v4l libpt-plugins-oss libpt-plugins-dc libpt-plugins-avc libpt-plugins-alsa libpt-dev |libpt-dev libpt-dbg libpt-1.10.0-ptrace libpt-1.10.0-develop libopenh323-1.18.0 |libopal-2.2-ptrace |libopal-2.2-develop |libopal-2.2 gnugk |ekiga asterisk-oh323 |asterisk-h323 |asterisk signature.asc Description: This is a digitally signed message part.
Bug#433681: Fwd: [asterisk-announce] ASA-2007-017: Remote crash vulnerability in STUN implementation
Package: asterisk Version: 1:1.4.0~dfsg-1 Tags: security Severity: critical -- Forwarded Message -- Subject: [asterisk-announce] ASA-2007-017: Remote crash vulnerability in STUN implementation Date: Tue, 17 Jul 2007 From: The Asterisk Development Team [EMAIL PROTECTED] To: undisclosed-recipients:; Asterisk Project Security Advisory - ASA-2007-017 ++ | Product | Asterisk | |+---| | Summary | Remote Crash Vulnerability in STUN implementation | |+---| | Nature of Advisory | Denial of Service | |+---| | Susceptibility | Remote Unauthenticated Sessions | |+---| | Severity | Critical | |+---| | Exploits Known | No| |+---| |Reported On | July 13, 2007 | |+---| |Reported By | Will Drewry, Google Security Team | |+---| | Posted On | July 17, 2007 | |+---| | Last Updated On | July 17, 2007 | |+---| | Advisory Contact | Joshua Colp [EMAIL PROTECTED]| |+---| | CVE Name | CVE-2007-3765 | ++ ++ | Description | The Asterisk STUN implementation in the RTP stack has a | | | remotely exploitable crash vulnerability. A pointer may | | | run past accessible memory if Asterisk receives a| | | specially crafted STUN packet on an active RTP port. | | | | | | The code that parses the incoming STUN packets | | | incorrectly checks that the length indicated in the STUN | | | attribute and the size of the STUN attribute header does | | | not exceed the available data. This will cause the data | | | pointer to run past accessible memory and when accessed | | | will cause a crash. | ++ ++ | Resolution | All users that have chan_sip, chan_gtalk, chan_jingle,| || chan_h323, chan_mgcp, or chan_skinny enabled on an| || affected version should upgrade to the appropriate| || version listed in the correct in section of this | || advisory. | ++ ++ | Affected Versions| || | Product | Release | | | | Series| | |--+-+---| | Asterisk Open Source |1.0.x| None affected | |--+-+---| | Asterisk Open Source |1.2.x| None affected | |--+-+---| | Asterisk Open Source |1.4.x| All versions prior to | | | | 1.4.8 | |--+-+---| |Asterisk Business Edition |A.x.x| None affected |
Bug#430863: digikam: Bus error on startup
tags 430863 unreproducible tags 430863 moreinfo severity 430863 important thanks Marcus, Thanks for this bug report. However as we are unable to reproduce and it hasn't been reported elsewhere I'm going to downgrade to severity important: 'major effect on the usability of a package, without rendering it completely unusable to everyone' I have now produced an digikam-dbg package which contains the symbols for debugging and I would ask you to install this package and see if your backtrace produces any further results. digikam-dbg_0.9.2-3 will have to go through NEW processing so may take a few days/ weeks to appear in the archive. If you are able could you download and build an amd64 package from http://people.debian.org/~msp which will give you the digikam-dbg package for amd64. Mark signature.asc Description: This is a digitally signed message part.
Bug#426810: tripod: Crash when trying to create a new album
Fabio, It's more of a hack than a work around. But I find that tripod doesn't work well when it starts with a new ipod that hasn't been used to upload pictures. Ie hasn't been initialised yet. However, I found by playing around with the upload images plugin in kipi-plugins and tripod, once I got the directory loaded to the ipod, I could then use tripod as advertised. Mark signature.asc Description: This is a digitally signed message part.
Bug#416774: Was fixed upstream, but broken again
On Wed, 13 Jun 2007, Lionel Elie Mamane wrote: Ah no, it works with asterisk 1.4.1, but the prototype of ast_channel_allocate has changed _again_ in Asterisk 1.4.3. Reporting that upstream. Thanks Lionel, Did you see my earlier comments against this bug? I had reported to Armin Schindler, but putting in the upstream BTS is a better move.. Thanks, Mark signature.asc Description: This is a digitally signed message part.
Bug#420641: asterisk-oh323 fails to build with asterisk-1.4
On Mon, 4 Jun 2007, Michael Manousos wrote: A first attempt of asterisk-oh323 update to Asterisk 1.4 is available on sourceforge (https://sourceforge.net/projects/asterisk-oh323/). It compiles and loads with Asterisk 1.4.4. The thing is that I cannot test it since I don't have any H.323 equipment. So, anyone please report any test result. I'll try to fix runtime problems on a best-effort basis. Thanks Michael, I can't find any released files at that sf project. :-( Are you talking about the cvs archive on the sf project? Mark signature.asc Description: This is a digitally signed message part.
Bug#420641: asterisk-oh323 fails to build with asterisk-1.4
On Sun, 3 Jun 2007, you wrote: I plan to update the channel driver in order to compile with current Asterisk 1.4. I'll email you as soon as I have a newer version. Excellent, Thanks Michael I look forward to your email. Mark signature.asc Description: This is a digitally signed message part.
Bug#426393: libcurl3-dev depreciated (was: Bug#426393: asterisk: uninstallable due to dependancy on libcurl3)
Dear libcurl team, When you depreciate libcurl3-dev all downstream dependant packages require at least a rebuild, if not a reload to change the Build-Depends: from libcurl3-dev to libcurl4-dev. At the minimum, could you send a courtesy email to all downstream packages (Cc:) so we know we need to upload after your library transition. Best option would be for you to file a bug report against those packages which will require a reload after your library/dev transition. Otherwise the users will trickle bug reports (attached) through to individual packages... Thanks, Mark -- Forwarded Message -- Subject: Bug#426393: asterisk: uninstallable due to dependancy on libcurl3 Date: Mon, 28 May 2007 From: Richard Antony Burton [EMAIL PROTECTED] To: Debian Bug Tracking System [EMAIL PROTECTED] Package: asterisk Version: 1:1.4.4~dfsg-2 Severity: grave Justification: renders package unusable Depends on libcurl3 that is no longer available, making package uninstallable. Richard. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.21-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages asterisk depends on: ii adduser 3.102 Add and remove users and groups ii asterisk 1:1.4.4~dfsg-2 config files for asterisk ii asterisk 1:1.4.4~dfsg-2 sound files for asterisk ii libasoun 1.0.13-2ALSA library ii libc62.5-9 GNU C Library: Shared libraries ii libcomer 1.39+1.40-WIP-2007.04.07+dfsg-2 common error description library ii libct3 0.63-3.2libraries for connecting to MS SQL ii libcurl3 7.15.5-1Multi-protocol file transfer libra ii libexpat 1.95.8-3.4 XML parsing C library - runtime li ii libgcc1 1:4.2-20070525-1GCC support library ii libgcryp 1.2.4-2 LGPL Crypto library - runtime libr ii libgnutl 1.6.3-1 the GNU TLS library - runtime libr ii libgpg-e 1.4-2 library for common error values an ii libgsm1 1.0.10-13 Shared libraries for GSM speech co ii libidn11 0.6.5-1 GNU libidn library, implementation ii libiksem 1.2-3 C library for the Jabber IM platfo ii libkrb53 1.6.dfsg.1-4MIT Kerberos runtime libraries ii libldap2 2.1.30-13.4 OpenLDAP libraries ii libltdl3 1.5.22-4A system independent dlopen wrappe ii libncurs 5.6-3 Shared libraries for terminal hand ii libnewt0 0.52.2-10 Not Erik's Windowing Toolkit - tex ii libogg0 1.1.3-2 Ogg Bitstream Library ii libopenh 1.18.0.dfsg-1+b1H.323 aka VoIP library ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libpq5 8.2.4-1 PostgreSQL C client library ii libpri1. 1.4.0-2 Primary Rate ISDN specification li ii libpt-1. 1.10.2-2+b1 Portable Windows Library ii libradiu 0.5.5-1 Enhanced RADIUS client library ii libsasl2 2.1.22.dfsg1-10 Authentication abstraction library ii libsdl1. 1.2.11-8Simple DirectMedia Layer ii libsenso 1:2.10.3-1 library to read temperature/voltag ii libsnmp1 5.3.1-6 NET SNMP (Simple Network Managemen ii libspeex 1.1.12-3The Speex Speech Codec ii libsqlit 2.8.17-2SQLite shared library ii libssl0. 0.9.8e-5SSL shared libraries ii libstdc+ 4.2-20070525-1 The GNU Standard C++ Library v3 ii libtonez 1:1.4.2.1~dfsg-1tonezone library (runtime) ii libvorbi 1.1.2.dfsg-1.2 The Vorbis General Audio Compressi ii libvorbi 1.1.2.dfsg-1.2 The Vorbis General Audio Compressi ii libwrap0 7.6.dbs-13 Wietse Venema's TCP wrappers libra ii unixodbc 2.2.11-13 ODBC tools libraries ii zlib1g 1:1.2.3-15 compression library - runtime asterisk recommends no packages. -- no debconf information signature.asc Description: This is a digitally signed message part.
Bug#426393: Asterisk and libcurl3
On Tue, 29 May 2007, Mattia Martinello wrote: Hi. Do you know that the Asterisk package in the unstable repository is not installable because it depends on the libcurl3 witch is not available? When you plan to solve this problem? Thanks we are aware. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426393 We should be fixing during the next upload which should be shortly. Mark signature.asc Description: This is a digitally signed message part.
Bug#425603: digikamimageplugins: impossible to install due to wrong naming
On Tue, 22 May 2007, Eric Valette wrote: great. I could have read the : Replaces: digikamimageplugins! Sorry for the mistake. However the unstable developement has been quite confusing about digikam status for the last few days/week (removing the plugins, then saying keeping digikam, ...) No problems. I have added a debian/NEWS entry which should be displayed when you upgraded digikam, but if you think the wording could be improved, please forward suggestions. Mark signature.asc Description: This is a digitally signed message part.
Bug#423379: [Kmymoney2-developer] Fwd: [Pkg-kde-extras] Bug#423379: OpenSSL license violation
On Mon, 21 May 2007, you wrote: [...] If the kmymoney team are unable/ unwilling to provide an exception we will stop distributing kmymoney linked to openssl, by building kmymoney without libgwenhywfar support whilst libgwenhywfar links against openssl. [...] Not again (sigh)... If they could only make it less sound like blackmailing... Hi Martin, Sorry didn't mean to come across so harsh... The issue for me is we are trying to meet the wishes of the kmymoney team and the openssl team, through your various licences, which aren't compatible, thus we can't meet the wishes of both of your licences. Thus the options: 1. Debian currently shouldn't currently distribute kmymoney linked to openssl 2. kmymoney (maybe?) or openssl (unlikley) modify your licences 3. modify libgwenhywfar not to link to openssl Anyway, currently I'm already working on Libgwenhywfar ... [...] Thanks for your efforts on this! Great work... Mark pgpblusFv66wz.pgp Description: PGP signature
Bug#420984: [libccscript] Re: FTBFS: script.h:59: error: aggregate 'ost::CCXX_CLASS_EXPORT ost::ScriptCommand' has incomplete type and cannot be defined
I think this package is pretty much depreciated by libccscript3 which is also in the archive and can be safely removed.. $ apt-cache rdepends libccscript2-0.6-3 libccscript2-0.6-3 Reverse Depends: libccscript-dev bayonne libccscript-dev Mark pgpx30AakRNJl.pgp Description: PGP signature
Bug#420982: [libccaudio] Re: FTBFS: audio.h:109: error: invalid function declaration
I think this package is pretty much depreciated by libccaudio2 which is also in the archive and could be removed.. $ apt-cache rdepends libccaudio1-1.2-0 libccaudio1-1.2-0 Reverse Depends: libccaudio-dev bayonne libccaudio-dev Mark pgpxmLUicvHIW.pgp Description: PGP signature
Bug#421552: asterisk-h323: Asterisks chan_h323 doesn't work because of an undefined symbol
On Tue, 8 May 2007, Korbinian Rosenegger wrote: The problem seems to be the h323_no_exit.dpatch which prevents the second make run, but this causes some essential variables not to be set, and then chan_h323.so is not linked against libopenh323. I disabled the patch and added a second make in debian/rules (appending || true to the first make is necessary because it will exit with error 1), and the H323 channel works. Thanks Korbi, The asterisk build system is a bit of a mystery. Will give it a go... Mark pgpi8Be1nFXcs.pgp Description: PGP signature
Bug#421994: CVE-2007-1693 [Fwd: Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability]
Package: yate
Version: 1.0.0-1.dfsg-2
Tags: security patch upstream pending
Severity: grave
Yate 1.0.0-1.dfsg-2 in Debian stable and 1.1.0-1.dfsg-1 in testing and
unstable contains a Denial of Service Vulnerability.
The patch applied by upstream to CVS and released in yate 1.2.0 can be
found as an attachment. The patch applies successfully to both yate
1.0.0 and yate 1.1.0.
yate 1.2.0-1.dfsg-1 is available in pkg-voip svn. It has been tested on
x86, but not built by Buildserver.NET yet.
Thanks,
Mikael
Original Message
Subject: Radware Security Advisory - Yate 1.1.0 Denial of Service
Vulnerability
Date: Tue, 1 May 2007 20:52:51 +0300
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED]
Newsgroups:
gmane.comp.security.bugtraq,gmane.comp.security.full-disclosure,gmane.comp.voip.security.voipsa
Yate 1.1.0 Denial of Service Vulnerability
Risk: Medium
Background:
Yate (Yet Another Telephony Engine) is a production-ready
next-generation telephony engine.
More information about this application could be obtained from the
following site:
http://yate.null.ro/
Description:
The SIP channel module of Yate contains a denial of service
vulnerability, introduced by a
null pointer dereference, which could be provoked by having the SIP
module process SIP messages
containing the Call-Info header, without the purpose parameter as
part of its value.
The flaw can be seen in the following source code snippet:
File:yate/modules/ysipchan.cpp
Lines: 1585 - 1594
1:const SIPHeaderLine* hl =
m_tr-initialMessage()-getHeader(Call-Info);
2:if (hl) {
3:const NamedString* type = hl-getParam(purpose);
4:if (!type || *type == info)
5:mp type-addParam(caller_info_uri,*type);
6:else if (*type == icon)
7:m-addParam(caller_icon_uri,*type);
8:else if (*type == card)
9:m-addParam(caller_card_uri,*type);
10: }
Once the Call-Info header is found in the SIP message (line 1), there
is an attempt to extract
the purpose parameter (line 3).
Afterwards, a decision is made to set the caller_info_uri parameter
(line 5) to the value of the
Call-Info header, though due to a programming error, instead of
assigning the parameter with the
header value, it is being assigned with the value of the purpose
parameter - allowing for a null
pointer dereference, when the call to getParam() (line 3) returns 0 in
case of a missing purpose parameter.
Analysis:
Exploiting this vulnerability could allow for denial of service to Yate
and disruption of the VoIP
infrastructure.
By default no authentication is required to exploit this vulnerability,
allowing for spoofed UDP SIP
messages to trigger the flaw.
Radware DefensePro IPS Solution:
Radware DefensePro customers are protected against this vulnerability
since the release of signature
database version 0006.0030.00 by RWID's 7334,7338 and 7342.
Detection:
Radware Security Operations Center has confirmed the existence of this
vulnerability in Yate 1.1.0.
Previous versions are also suspected to be vulnerable.
Workaround:
A workaround for this vulnerability is currently not known.
Vendor Response:
The maintainers of Yate addressed this vulnerability with the release of
Yate 1.2.0.
CVE Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2007-1693 to this issue.
Disclosure Timeline:
March 25, 2007 - Initial vendor notification
March 25, 2007 - Initial vendor response
March 26, 2007 - Vendor fixes flaw in CVS
April 16, 2007 - Vendor releases fixed version
April 30, 2007 - Attack database release
May 1, 2007 - Advisory release
Credit:
Yuri Gushin, Radware Security Operations Center
Legal Information:
Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing
based on currently available information. Use of the information
constitutes acceptance for use in
an AS IS condition. There are no warranties with regard to this
information. Neither the author
nor the publisher accepts any liability for any direct, indirect, or
consequential loss or damage
arising from use of, or reliance on, this information.
Mon Mar 26 13:00:29 CEST 2007 paulc
* [yate @ 2007-03-26 11:00:29 by paulc]
Fixed Call-Info parsing bug found by Yuri Gushin from Radware Inc.
diff -rN -u old-upstream/modules/ysipchan.cpp new-upstream/modules/ysipchan.cpp
--- old-upstream/modules/ysipchan.cpp 2007-05-02 19:23:11.0 +0200
+++ new-upstream/modules/ysipchan.cpp 2007-05-02 19:23:12.0 +0200
@@ -1656,11 +1656,11 @@
if (hl) {
const NamedString* type = hl-getParam(purpose);
if (!type || *type == info)
- m-addParam(caller_info_uri,*type);
+ m-addParam(caller_info_uri,*hl);
else if (*type == icon)
- m-addParam(caller_icon_uri,*type);
+
Bug#420138: twinkle: Crashes when making/receiving a call
On Fri, 20 Apr 2007, Chris Davies wrote: Twinkle starts and runs happily until a call is made or received. As soon as the session is established Twinkle crashes. This error is printed on the console: Chris, Thanks for the report. I suspect it is related to your version of libzrtpcpp-0.9.0 Versions of packages twinkle depends on: ii libzrtpcpp-0.9-0 0.9.0-2 ccrtp extension for zrtp/Zfone sup You have 0.9.0-2 which shouldn't be allowed and this dependancy needs to be fixed in twinkle. Could I ask you to install 0.9.0-4 from unstable and let me know if that fixes your issue: http://packages.debian.org/libzrtpcpp-0.9-0 There is no backtrace available to KCrash. Twinkle 1:1.0-2 worked for me; I'd try to downgrade if I could find a deb for it. http://snapshot.debian.net/twinkle has everything you need, but could I ask you to first try the libzrtpcpp-0.9.0 from above to see if that fixes the issue. Thanks, Mark pgpr4v5GOOc9a.pgp Description: PGP signature
Bug#418656: asterisk-config: Asterisk-config and asterisk 1:1.4.2~dfsg-4 both contain /etc/default/asterisk
tags 418656 + experimental pending thanks James, Thanks for this report. We should be fixing over the weekend, when we release asterisk 1.4 to unstable. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385060: Processed: Asterisk bug #385060
Elizabeth, Not quite sure why you raised this. asterisk-1.0.0-1 hasn't been in Debian for a very long time, even before the current stable version. Mark On Monday 26 March 2007 18:27, Debian Bug Tracking System wrote: Processing commands for [EMAIL PROTECTED]: found 385060 1.0.0-1 Bug#385060: CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer Overflow Bug marked as found in version 1.0.0-1. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) ___ Pkg-voip-maintainers mailing list [EMAIL PROTECTED] http://lists.alioth.debian.org/mailman/listinfo/pkg-voip-maintainers pgpaVF7YkXOAb.pgp Description: PGP signature
Bug#416143: asterisk_1:1.4.2~dfsg-2(experimental/amd64/xenophanes): FTBFS: Cries for its sound files like a baby
On Sunday 25 March 2007 15:37, Tzafrir Cohen wrote: Kilian: will it be autobuilt by the buildserver? I'd prefer a successful test build before commiting. http://status.buildserver.net/build.php?arch=pkg=asterisk Shows that the current commits for 1.2.17 don't build correctly. http://archive.buildserver.net/build/pool/main/a/asterisk/ Shows that the buildserver is doing something with the experimental archive, but I can't locate any buildd logs for experimental anywhere. (1.4.1) Kilian, does buildserver actually attempt experimental buildds as well and are the logs available anywhere? Mark pgpYWS95oeyUL.pgp Description: PGP signature
Bug#416143: asterisk_1:1.4.2~dfsg-2(experimental/amd64/xenophanes): FTBFS: Cries for its sound files like a baby
reopen 416143 thanks Looks like 1:1.4.2~dfsg-3 didn't solve this issue: http://experimental.debian.net/fetch.php?pkg=asteriskver=1%3A1.4.2%7Edfsg-3arch=sparcstamp=1174875830file=logas=raw http://experimental.debian.net/fetch.php?pkg=asteriskver=1%3A1.4.2%7Edfsg-3arch=ia64stamp=1174869852file=logas=raw Mark pgpSxL3Lg7Mv1.pgp Description: PGP signature
Bug#413969: asterisk: Fails to start after not being able to find format_mp3.so
Hey Srdjan, This original message couldn't get through ;-( Mark -- Forwarded Message -- Subject: Mail delivery failed: returning message to sender Date: Sunday 11 March 2007 10:06 From: Mail Delivery System [EMAIL PROTECTED] To: [EMAIL PROTECTED] This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: [EMAIL PROTECTED] SMTP error from remote mail server after initial connection: host mx.paradise.net.nz [203.97.33.212]: 554 mxin3-orange.clear.net.nz -- This is a copy of the message, including all the headers. -- Return-path: [EMAIL PROTECTED] Received: from [192.168.1.219] (helo=d620.purcell.homeip.net ident=Debian-exim) by bristol.purcell.id.au with esmtp (Exim 4.63) (envelope-from [EMAIL PROTECTED]) id 1HQKwT-0002lz-TI; Sun, 11 Mar 2007 10:06:29 + Received: from mark by d620.purcell.homeip.net with local (Exim 4.63) (envelope-from [EMAIL PROTECTED]) id 1HQKxI-0006BE-Gk; Sun, 11 Mar 2007 10:07:08 + From: Mark Purcell [EMAIL PROTECTED] Organization: Debian GNU/Linux To: Srdjan [EMAIL PROTECTED], [EMAIL PROTECTED] Date: Sun, 11 Mar 2007 10:07:03 + User-Agent: KMail/1.9.5 References: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] In-Reply-To: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: multipart/signed; boundary=nextPart2056324.noNVCBdctO; protocol=application/pgp-signature; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: [EMAIL PROTECTED] X-SA-Exim-Connect-IP: 192.168.1.219 X-SA-Exim-Rcpt-To: [EMAIL PROTECTED], [EMAIL PROTECTED] X-SA-Exim-Mail-From: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on debian X-Spam-Level: X-Spam-Status: No, score=-4.4 required=1.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.1.7-deb X-Spam-Report: * -1.8 ALL_TRUSTED Passed through trusted hosts only via SMTP * -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% * [score: 0.] Subject: Re: Bug#413969: asterisk: Fails to start after not being able to find format_mp3.so X-SA-Exim-Version: 4.2.1 (built Tue, 09 Jan 2007 17:23:22 +) X-SA-Exim-Scanned: Yes (on bristol.purcell.id.au) --nextPart2056324.noNVCBdctO Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Srdjan, On Sunday 11 March 2007 03:50, Srdjan wrote: Hi, =20 Tzafrir Cohen wrote: Please provide a few more details: dpkg -l asterisk-addons =20 =20 There's no package asterisk-addons. There is an upstream package of asterisk-addons, which hasn't yet been packaged and loaded to Debian. This package is the source of the format_mp3.so module. I suspect that at one time you may of loaded this module. dpkg -S /usr/lib/asterisk/modules/format_mp3.so =20 wallace:~# dpkg -S /usr/lib/asterisk/modules/format_mp3.so dpkg: /usr/lib/asterisk/modules/format_mp3.so not found. =20 That's what I suspect - it dropped out somehow in 1.2.16 format_mp3.so has not been shipped by Debian. We are working on providing the asterisk-addons package, but it hasn't been released for Debian yet. ls -l /usr/lib/asterisk/modules/format_mp3.so grep format_mp3 /etc/asterisk/modules.conf =20 wallace:~# grep format_mp3 /etc/asterisk/modules.conf load =3D format_mp3.so The modules.conf file in Debian does not load format_mp3.so as we don't ship this module (yet). I suspect you have added the load =3D format_mp3.so directive which is causing the problem you are seeing. I would suggest you remove this load directive which should clear up your problem. Or you can just reinstall asterisk-config which will install the dpkg.orig version of the conf file. Once we get asterisk-addons packaged for Debian, then you might have=20 better success with format_mp3. Or you can see our work in progress at=20 http://pkg-voip.buildserver.net/debian/pool/main/a/asterisk-addons/ Mark --nextPart2056324.noNVCBdctO Content-Type: application/pgp-signature -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBF89TMoCzanz0IthIRAmmrAJ9xKh8Fv0Y8XntKCmmwXRX6wMakKwCgjKMN Z+iu1mX0FcVCcWMJxmELT4Y= =EFYi -END PGP SIGNATURE- --nextPart2056324.noNVCBdctO-- --- This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: [EMAIL PROTECTED] SMTP error from remote mail server after initial connection: host mx.paradise.net.nz [203.97.33.212]: 554 mxin3-orange.clear.net.nz -- This is a copy of the message, including all the headers. -- Return-path: [EMAIL PROTECTED] Received: from [192.168.1.219] (helo=d620.purcell.homeip.net ident
Bug#409707: [Pkg-kde-extras] Bug#403743: knemo: with sys backend, status icon disappears from tray
On Monday 05 February 2007 17:06, Alberto wrote: I think that it's a bug in kded, which crashes. Strangely, the probability on which this happens increases if you do an apt-get update. Alberto, We have a patch for this as we think knemo is leaking fd's. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=409707 Do you have any other information which would point us in the other direction? I'm about to include the patch and upload. Mark pgpvvADgnq7De.pgp Description: PGP signature
Bug#406064: Bug#408256: Bug#406064: i386 binNMU for asterisk-chan-capi please
On Monday 05 February 2007 21:53, Mark Purcell wrote: I can't recreate my build environment from Oct 06. And I can't reproduce the bug, additionally I don't have the hardware to test. One theory though looking at the time line: asterisk-chan-capi (0.7.1-1) would of been built against asterisk (1:1.2.12.1.dfsg-1) Etch now has asterisk (1:1.2.13~dfsg-2) and asterisk-dev may not be version compatible between 1.2.12 1.2.13? This could explain why the binNMU of asterisk-chan-capi now works for etch, and would suggest that asterisk-chan-capi should perhaps have a strict version dependency against asterisk. Mark asterisk-chan-capi (0.7.1-1+b1) testing; urgency=low -- Debian/i386 Build Daemon buildd_i386-ninsei Fri, 2 Feb 2007 00:43:31 -0800 asterisk-chan-capi (0.7.1-1) unstable; urgency=low -- Mark Purcell [EMAIL PROTECTED] Sun, 22 Oct 2006 20:49:40 +0100 asterisk (1:1.2.13~dfsg-2) unstable; urgency=low -- Mark Purcell [EMAIL PROTECTED] Mon, 6 Nov 2006 06:33:19 + asterisk (1:1.2.13~dfsg-1) unstable; urgency=high -- Mark Purcell [EMAIL PROTECTED] Wed, 25 Oct 2006 06:46:52 +0100 asterisk (1:1.2.12.1.dfsg-1) unstable; urgency=low -- Mark Purcell [EMAIL PROTECTED] Sun, 24 Sep 2006 14:45:58 +0100 pgpHNttxVswqH.pgp Description: PGP signature
Bug#406064: asterisk-classic: asterisk crashed on dialing in or out with chan-capi,
On Monday 08 January 2007 13:37, Benoit Mortier wrote: Hello when using asterisk on etch, i got crash with segmentation fault each time a make a call ore receive a call. Benoit, We have had a couple of suggestions on the bug report, can you provide some further details? Mark pgpqZmMD82x8G.pgp Description: PGP signature
Bug#406329: twinkle_1:0.9-6(ia64/testing): FTBFS: unresolved externals
tags 406329 help thanks On Wednesday 10 January 2007 13:41, [EMAIL PROTECTED] wrote: Version: 1:0.9-6 Severity: serious Ouch, especially for a t-p-u package. ../src/audio/libaudio.a(twinkle_rtp_session.o):(.gnu.linkonce.r._ZTCN3ost15TRTPSessionBaseINS_20RTPBaseUDPIPv4SocketES1_NS_9ZrtpQueueEEE0_S2_+0x2b0): undefined reference to `non-virtual thunk [nv:-264] to ost::ZrtpQueue::~ZrtpQueue [in-charge deleting]()' This appears on the ia64 buildd only ;-( making it a little hard to debug without hardware. I'm also a little curious that this is only happening on ia64, if it was a source problem I would imagine it would also be occurring on other arch's as well. This is also a little suspicious as the last version built on ia64 (0.9-5) had the same version of dependant libraries libcommconpp2, libccrtp libzrtpcpp. http://buildd.debian.org/fetch.cgi?pkg=twinklever=1%3A0.9-5arch=ia64stamp=1164447227file=log Perhaps we could reschedule a rebuild, or how can I get the necessary build-deps setup on an ia64, so I can try and debug. Mark pgpAipcS5r3Xz.pgp Description: PGP signature
Bug#356756: Future of asterisk-rate-engine?? Re: Release-critical Bugreport for January 5, 2007
tags 356756 upstream thanks Thorsten, In the Debian GNU/LInux version of asterisk-rate-engine we have a Release Critical bug as Debian is no longer supporting libmysqlclient14 and rate-engine refuses to build with libmysqlclient15. http://bugs.debian.org/356756 Do you have any plans to update rate-engine in the future or should we drop support for it from Debian? Mark On Saturday 06 January 2007 01:30, BugScan reporter wrote: Package: rate-engine (debian/main) Maintainer: Debian VoIP Team [EMAIL PROTECTED] 356756 [ H ] [X] Please upgrade build depends to libmysqlclient15-dev pgpXUKtgXI3u1.pgp Description: PGP signature
Bug#402509: binNMU request Re: Bug#402509: twinkle crash on call end
On Monday 11 December 2006 09:49, Mark Purcell wrote: On Sunday 10 December 2006 21:48, Marcel Sebek wrote: I don't know which package upgrade caused this but it is something recent. When a call is finished, twinkle crashes with this error message on the console: This is caused by the version of libcommoncpp2 (1.5.3-1) in unstable. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402009 Just an update. The solution for this problem is a library transition for libcommoncpp2. This is not necessary for etch as the current etch packages are stable and this bug has been tagged etch ignore. Normally this happens automatically, but I suspect this has been suspended until the etch release. The updated version of libcommoncpp2 (1.5.3-2) is now in sid (unstable), but will not currently install with twinkle, nor a couple of dependencies. The version of libcommoncpp2 (1.5.1-4) in etch (testing) is good and should be used with twinkle until etch is released. The next steps to resolve this bug is: binNMU's of libccrtp, libzrtpcpp and twinkle. However, I suspect the release team will wait until after etch is released to turn back on automatic binNMU's. Alternatively it is possible to rebuild those packages manually, but there is little gained. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#405386: [Pkg-kde-extras] Bug#405386: digikam: moving items loses tag and rating data in 0.9.0-beta3
On Wednesday 03 January 2007 20:47, Yitzchak Gale wrote: As a heavy users of digicam (actually my kids, not me, anyway...), we would lose a LOT more data from digicam being removed from etch than from this bug. Unfortunately we are going to have to revert digikam in etch to 0.8.2 due to a library transition for libexiv2, which hasn't been approved by the release team.. This gives the smoothest upgrade path from sarge to etch. It would be nice if 0.9.0-final could make it into etch, but I have my doubts that it is possible at this point. digikam 0.9.0 (final) is currently available in the experimental distribution. http://packages.debian.org/digikam Don't let the name scare you, it is only in experimental because of the etch release. Once etch is released it will move quickly to unstable (sid) and then testing (larry ?). But won't make it to etch.. :-( I would suggest that you both upgrade to 0.9.0 and advise if this issue is still a problem. So I urgently request that this bug be downgraded to important, or tagged etch-ignore. Unfortunately this bug isn't the reason for the removal from etch. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#405386: [Pkg-kde-extras] Bug#405386: digikam: moving items loses tag and rating data in 0.9.0-beta3
On Wednesday 03 January 2007 23:56, Yitzchak Gale wrote: Mark Purcell wrote: ...we are going to... revert digikam in etch to 0.8.2 due to a library transition for libexiv2... digikam 0.9.0 (final) is currently available in the experimental distribution. I would suggest that you both upgrade to 0.9.0 and advise if this issue is still a problem. Where can I get libexiv2-0.12? Ah sorry, It is currently sitting in the NEW queue after another NMU. http://ftp-master.debian.org/new.html You can also locate a copy at http://people.debian.org/~msp Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#405386: [Pkg-kde-extras] Bug#405386: digikam: moving items loses tag and rating data in 0.9.0-beta3
On Thursday 04 January 2007 10:19, Yitzchak Gale wrote: digikam 0.9.0 (final) is currently available in the experimental distribution. I would suggest that you both upgrade to 0.9.0 and advise if this issue is still a problem Is there a version of digikamimageplugins that can be used with digikam 0.9.0 and libexiv2-0.12? Yitz, We are keeping in front of you but only just. :-) digikamimageplugins was uploaded to experimental today: http://packages.qa.debian.org/d/digikamimageplugins.html You should see it in the archives in the next day or so. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#401416: pending upload of digikam-0.8.2
Given the discussion has died down. I am proposing to release digikam[imageplugins] 0.8.2 to unstable in the next couple of days to overcome the lack of an libexiv2 transition. The current release is in svn.debian.org, for those who would like to have a look before it goes formal. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389711: [Pkg-kde-extras] Bug#401660: Library upgrade for exiv2
On Thursday 07 December 2006 14:13, KELEMEN Peter wrote: * Mark Purcell ([EMAIL PROTECTED]) [20061207 06:46]: While we await a decision from debian-release. Could you post packages to either experimental or people.debian.org so we can start the integration. Sure. I have limited airtime on the network; will do my best. Peter, The discussion on debian-release seems to of died down and there doesn't appear to be any dissent against uploading. If you are happy I will do another NMU, or if you would prefer and are able you could upload. Alternatively we could co-maintain under the pkg-voip-maintainers group per my original suggestion. I have given you commit rights (fuji) to the pkg-voip archive on alioth/ svn.debian.org Please upload with at least urgency medium and mention in the changelog that this upload has been discussed on debian-release. Please let me know which way you would like to go on the NMU. Thanks Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402009: libcommoncpp2-dev library transition proposal (Fwd: Bug#402009: Multiple API-incompatible changes in Common C++ 1.5.3)
On Thursday 07 December 2006 21:48, Mark Purcell wrote: debian-release, I'm proposing a library transition for libcommoncpp2, the last upload contained a hidden backward-incompatible ABI change which has only come to light. The alternative, which is better, is just to back out the library transition. Upload the previous ABI stable release 1.5.1 with an epoc and await the release of etch.. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389711: [Pkg-kde-extras] Bug#401660: Library upgrade for exiv2
On Saturday 09 December 2006 09:59, Andreas Barth wrote: * Mark Purcell ([EMAIL PROTECTED]) [061209 10:54]: The discussion on debian-release seems to of died down and there doesn't appear to be any dissent against uploading. Stop. We are really unhappy with transitions at the current time. The only reason that I didn't send a please don't do it-mail was that I wanted to discuss with Steve whether we could do an exception in this case. Thanks Andi, I see two options. 1. Take the library transition of exiv2 forward, or 2. Revert the version of digikam in etch to 0.8 via an epoc upload to unstable which doesn't have this issue as it doesn't use exiv2. I'm pretty happy with either option, but understand you maybe looking at a greater picture. Please let me know which way you would like to go. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402009: libcommoncpp2-dev library transition proposal (Fwd: Bug#402009: Multiple API-incompatible changes in Common C++ 1.5.3)
On Saturday 09 December 2006 10:10, Mark Purcell wrote: The alternative, which is better, is just to back out the library transition. Or even better-better, just don't do the library transition at all. The current state of libcommoncpp2 (1.5.1) and rdepends in etch is stable and supportable. Thus nothing needs to be done, prior to release. Upload the previous ABI stable release 1.5.1 with an epoc and await the release of etch.. I won't upload to unstable with an epoc.. Also please ignore, or rather just leave in NEW, the last upload (1.5.3) which does correctly carry forward the soname change.. But is not necessary for etch. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402009: libcommoncpp2-dev library transition proposal (Fwd: Bug#402009: Multiple API-incompatible changes in Common C++ 1.5.3)
debian-release,
I'm proposing a library transition for libcommoncpp2, the last upload
contained a hidden backward-incompatible ABI change which has only come to
light.
I have patched upstream to bump the soname to 1.5.3 and this will generate a
debian package of libcommoncpp2-1.5.3-0, which should then be able to go
through a normal library transition.
As for rdepends, the only package outside pkg-voip-maintainers control is
glcpu who have been CC:ed on this package.
If the transition goes ahead would the release team like us to manually upload
the rdepends packages, or would binNMU's be more suitable/ quicker?
Mark
-- Forwarded Message --
Subject: Bug#402009: Multiple API-incompatible changes in Common C++ 1.5.3
Date: Thursday 07 December 2006 14:49
From: Mikael Magnusson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
As described in the Common C++ changelog, the new version contains
multiple API changes, resulting in backward-incompatible ABI changes in
the shared library.
From Common C++ 1.5.2 to 1.5.3
- some code cleanup of operators and const members
I'm including a diff which contains all changes of header files from
1.5.1 to 1.5.3.
/Mikael
---
--- commoncpp2-1.5.1/include/cc++/address.h 2006-10-01 14:07:12.0 +0200
+++ commoncpp2-1.5.3/include/cc++/address.h 2006-11-21 14:40:05.0 +0100
@@ -167,7 +167,7 @@
protected:
struct in_addr netmask, network;
- unsigned getMask(const char *cp);
+ unsigned getMask(const char *cp) const;
public:
/**
* Get network address associated with this cidr.
@@ -225,7 +225,7 @@
* @param saddr pointer to test.
* @return true if member of cidr.
*/
- bool isMember(struct sockaddr *saddr);
+ bool isMember(const struct sockaddr *saddr) const;
/**
* See if a low level address object is a member of this cidr's net.
@@ -233,14 +233,14 @@
* @param inaddr object to test.
* @return true if member of cidr.
*/
- bool isMember(struct in_addr inaddr);
-};
+ bool isMember(const struct in_addr inaddr) const;
-inline bool operator==(struct sockaddr *sa, IPV4Cidr cidr)
- {return cidr.isMember(sa);};
+ inline bool operator==(const struct sockaddr *a) const
+ {return isMember(a);};
-inline bool operator==(struct in_addr a, IPV4Cidr cidr)
- {return cidr.isMember(a);};
+ inline bool operator==(const struct in_addr a) const
+ {return isMember(a);};
+};
#ifdef CCXX_IPV6
/**
@@ -255,7 +255,7 @@
protected:
struct in6_addr netmask, network;
- unsigned getMask(const char *cp);
+ unsigned getMask(const char *cp) const;
public:
/**
* Get network address associated with this cidr.
@@ -313,7 +313,7 @@
* @param saddr pointer to test.
* @return true if member of cidr.
*/
- bool isMember(struct sockaddr *saddr);
+ bool isMember(const struct sockaddr *saddr) const;
/**
* See if a low level address object is a member of this cidr's net.
@@ -321,14 +321,14 @@
* @param inaddr object to test.
* @return true if member of cidr.
*/
- bool isMember(struct in6_addr inaddr);
-};
+ bool isMember(const struct in6_addr inaddr) const;
-inline bool operator==(struct sockaddr *sa, IPV6Cidr cidr)
- {return cidr.isMember(sa);};
+ inline bool operator==(const struct sockaddr *sa) const
+ {return isMember(sa);};
-inline bool operator==(struct in6_addr a, IPV6Cidr cidr)
- {return cidr.isMember(a);};
+ inline bool operator==(const struct in6_addr a) const
+ {return isMember(a);};
+};
#endif
--- commoncpp2-1.5.1/include/cc++/misc.h 2006-09-30 18:52:17.0 +0200
+++ commoncpp2-1.5.3/include/cc++/misc.h 2006-11-21 15:55:26.0 +0100
@@ -695,7 +695,7 @@
virtual void *getMemory(size_t size) = 0;
public:
- void *getPointer(const char *id);
+ void *getPointer(const char *id) const;
void setPointer(const char *id, void *data);
};
--- commoncpp2-1.5.1/include/cc++/thread.h 2006-04-27 21:16:53.0 +0200
+++ commoncpp2-1.5.3/include/cc++/thread.h 2006-11-21 14:37:09.0 +0100
@@ -1410,14 +1410,14 @@
*
* @return true if the thread is still executing.
*/
- bool isRunning(void);
+ bool isRunning(void) const;
/**
* Check if this thread is detached.
*
* @return true if the thread is detached.
*/
- bool isDetached(void);
+ bool isDetached(void) const;
/**
* Blocking call which unlocks when thread terminates.
@@ -1430,7 +1430,7 @@
*
* @return true if the current context is this object.
*/
- bool isThread(void);
+ bool isThread(void) const;
/**
* Get system thread numeric identifier.
@@ -1445,7 +1445,7 @@
*
* @return debug name.
*/
- const char *getName(void)
+ const char *getName(void) const
{return _name;};
/**
@@ -1475,7 +1475,7 @@
{if (th._start) th._start-wait();};
#ifdef WIN32
- bool isCancelled();
+ bool isCancelled() const;
static DWORD waitThread(HANDLE hRef, timeout_t timeout);
#endif
Bug#401416: Library upgrade for exiv2
debian-release, We have a couple of nasty (RC) bugs against digikam (crashes startup) caused if the user has corrupted meta-data within their JPEG images. The crash is caused by poor handling of exiv2 libraries, which has been fixed in subsequent revisions of exiv2. unstable has 0.10, upstream has 0.12. digikam upstream have said that exiv2 0.12 is the solution for a large number of crashes. I am proposing to do a NMU of exiv2 to bring unstable upto 0.12. Upstream change log outlines a number of similar crash conditions which are fixed: http://www.exiv2.org/changelog.html The Debian package maintainer, Peter KELEMEN [EMAIL PROTECTED] hasn't updated the package since Jun, and appears to be MIA. I have tried contacting the maintainer a couple of times, via #389711, about shared maintainership with no response. I uploaded the last NMU of this package to fix a RC bug. Peter, if you are still interested, please respond. ufraw is the only package, which I don't maintain which also has a dependancy on exiv2 and they are Cc:ed on this email. debian-release, please endorse this plan to upgrade exiv2. Thanks, Mark Original Message Subject: [Pkg-kde-extras] Re: [Digikam-devel] 0.9.0-RC2 packages for testing From:Achim Bohnet [EMAIL PROTECTED] Date:Wed, December 6, 2006 12:27 am To: digiKam developers [EMAIL PROTECTED] [EMAIL PROTECTED] -- On Wednesday, 6. December 2006 00:55, Achim Bohnet wrote: On Tuesday, 5. December 2006 20:58, Marcel Wiesweg wrote: Hi, I have uploaded the 0.9.0-rc2 tarballs for testing at http://digikam3rdparty.free.fr/0.9.0-rc2/digikam-0.9.0-rc2.tar.bz2 http://digikam3rdparty.free.fr/0.9.0-rc2/digikamimageplugins-0.9.0-rc2.tar.bz2 Hi Marcel, Heh, I've build an deb pkg but did not have exiv2 0.12 installed. Hi Gilles, is exiv2 really necessary (ignoring localisation;) Debian is short before freeze for etch and has exiv2 0.10 as a pkgs in it's archive. How 'dangerous' is an exiv2 0.10 - 0.12 upgrade? Is there a soname changed involded? aka will apps build against 0.10 still run when exiv2 0.12 is installed without a rebuild? (sorry to late to try it now. I'm sure don't get it right without some sleep). We, the debian pkg maintainers have to decide about if patching configure/digikam to accept 0.10 or uploading 0.12, shortly before the new etch release, is the less dangerous option. A quick check shows that exiv2 is used by debian pkgs: digikamimageplugins digikam ufraw kphotoalbum gimp-ufraw If a quick exiv2 0.12 upload would breaks them, we get 'killed' by the debian release managers. Thanks for any hint, Achim make and make install did not complain but no digikam and showfoto in /usr/bin/. Would be nice to either get configure or make fail when not all prerequisites are available ;) Achim Marcel ___ Digikam-devel mailing list [EMAIL PROTECTED] https://mail.kde.org/mailman/listinfo/digikam-devel -- To me vi is Zen. To use vi is to practice zen. Every command is a koan. Profound to the user, unintelligible to the uninitiated. You discover truth everytime you use it. -- [EMAIL PROTECTED] ___ Digikam-devel mailing list [EMAIL PROTECTED] https://mail.kde.org/mailman/listinfo/digikam-devel -- To me vi is Zen. To use vi is to practice zen. Every command is a koan. Profound to the user, unintelligible to the uninitiated. You discover truth everytime you use it. -- [EMAIL PROTECTED] ___ pkg-kde-extras mailing list [EMAIL PROTECTED] http://lists.alioth.debian.org/mailman/listinfo/pkg-kde-extras -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#401416: [Pkg-kde-extras] Bug#401416: Library upgrade for exiv2
On Wednesday 06 December 2006 15:21, Mark Purcell wrote: Is there a soname changed involded? aka will apps build against 0.10 still run when exiv2 0.12 is installed without a rebuild? I've just had a look and there is an soname change and thus a library transition involved.. Mark
Bug#389711: Library upgrade for exiv2
On Wednesday 06 December 2006 16:19, KELEMEN Peter wrote: That should have read “If the release managers allow upload of 0.12...”. Apologies and waiting for the reply. Peter, While we await a decision from debian-release. Could you post packages to either experimental or people.debian.org so we can start the integration. Thanks, Mark
Bug#401513: [Pkg-kde-extras] Bug#401513: libkexif: FTBFS: Tries to regenerate autofiles
WARNING: `aclocal-1.9' is missing on your system. You should only need it Thanks Daniel, I shall try and upload with a dependancy on autotools tonight. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#399481: libcommoncpp2: reverting patch 01_debian from ./ ... fails durring rebuild
severity 399481 normal tags 399481 unreproducible tags 299481 moreinfo thanks Scott, Thanks for the report. Btw, we already have a buildd which is backporting the packages from unstable to sarge, etch as well as a couple of ubuntu distributions as well: http://status.buildserver.net/packages/status.php?email=packages=libcommoncpp2arches=subdist=pkg-voip You can download the packages from http://buildserver.net I'm downgrading your report for a couple of reasons: 1. I can't reproduce and we have buildd's setup (buildserver.net) which are successfully backporting building the packages inside a chroot. 2. The current version of libcommoncpp2 in unstable has been 1.5.x since at least 2 Oct, which leads me to believe your build environment maybe a little out of date. Can you reconfirm you are having this issue with the current version from unstable. Mark Package: libcommoncpp2 Severity: serious Justification: no longer builds from source Within the last few days I setup a chroot to backport etch and sid packages to sarge. Here's part of the transcript: [EMAIL PROTECTED]:/usr/local/src/etch/libcommoncpp2-1.4.3$ dpkg-buildpackage -rfakeroot -uc -us dpkg-buildpackage: source package is libcommoncpp2 dpkg-buildpackage: source version is 1.4.3-1 dpkg-buildpackage: source maintainer is Mark Purcell [EMAIL PROTECTED] dpkg-buildpackage: host architecture is i386 fakeroot debian/rules clean dh_testdir dh_testroot rm -f build-stamp # Add here commands to clean up after the build process. /usr/bin/make distclean make[1]: Entering directory `/usr/local/src/etch/libcommoncpp2-1.4.3' make[1]: *** No rule to make target `distclean'. Stop. make[1]: Leaving directory `/usr/local/src/etch/libcommoncpp2-1.4.3' make: [clean-patched] Error 2 (ignored) # Cleanup what distclean doesn't :-) rm -f Makefile */Makefile freebsd/pkg-plist include/cc++/config.tmp \ include/cc++/config.h ccgnu-config.8 rm -f doc/html/* doc/man/man3/* doc/latex/* dh_clean dpatch deapply-all reverting patch 01_debian from ./ ... failed. make: *** [unpatch] Error 1 [EMAIL PROTECTED]:/usr/local/src/etch/libcommoncpp2-1.4.3$ System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.18.1-20061024 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) ___ Pkg-voip-maintainers mailing list [EMAIL PROTECTED] http://lists.alioth.debian.org/mailman/listinfo/pkg-voip-maintainers -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
