Processed: commands
Processing commands for [EMAIL PROTECTED]: > tags 129104 + help Bug#129104: cgiemail: buffer overflow and script reading vulnerabilities Tags added: help > retitle 129104 script reading + temp file problems Bug#129104: cgiemail: buffer overflow and script reading vulnerabilities Changed Bug title. > thank you. Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#129437: psptools: try this patch first, cancels previous submits
Package: psptools
Version: 2.2.1-6
Severity: normal
These are just the bug fixes. The previous additions are not
performing as expected. At least this works and does not affect
the upstream author's approach as my previous patches did.
This would be the best choice for a first attempt in my opinion.
This patch supercedes all of my previous patches.
Don
[EMAIL PROTECTED]
--- psptools-1.2.2.orig/src/psplpr.pl.inWed Jul 3 04:49:28 1996
+++ psptools-1.2.2/src/psplpr.pl.in Tue Jan 15 15:34:56 2002
@@ -33,6 +33,8 @@
require 'ppd.pl';
require 'printer.pl';
+$used_prog_lpr = $prog_lpr; # default value (overridden by --output)
+
#
# tell_user(what)
#
@@ -157,7 +159,7 @@
++$dictsz if $pagesetup;
}
-return unless $dictsz;
+return unless ($dictsz > 1);
if (!$nodsc) {
print "%%BeginResource: procset psplpr\n";
@@ -346,7 +348,7 @@
}
if (!$doc) {
- print "psplprdict begin psplprsetup end\n";
+ print "psplprdict begin psplprsetup end\n" if
countfeatures('PageSetup');
}
if ($doc && $dsc) {
@@ -598,7 +625,7 @@
}
if (/^%%Page:/) {
- local($addsc) = 0;
+ local($adddsc) = 0;
if (!$prolog_output) {
outputfeatures('Prolog', $nodsc, $safer, $nonstd,
@@ -815,10 +845,15 @@
$opt_output = $args[1];
usage(1) if (!$opt_output);
shift @args;
-} elsif ($args[0] eq "-${lopt_prefix}lpr") {
+} elsif ($args[0] eq "--${lopt_prefix}lpr") {
$used_prog_lpr = $prog_lpr;
-} elsif ($args[0] eq "-${lopt_prefix}lp") {
+} elsif ($args[0] eq "--${lopt_prefix}lp") {
$used_prog_lpr = $prog_lp;
+} elsif ($args[0] eq "-${opt_prefix}P") {
+$printer = $args[1];
+usage(1) if (($printer = $args[1]) eq '');
+$used_prog_lpr = $prog_lpr;
+shift @args;
} elsif ($args[0] eq "--${lopt_prefix}verbose") {
$opt_verbose = 1;
} elsif ($args[0] eq "-${opt_prefix}q"
Bug#129414: psptools: try this patch -p0 on psplpr.pl.in instead of #129287
Don wrote: > This diff supercedes my previous #129287 and #128669. OK, I am now horribly confused. What with the three patches you've sent to the bug tracking system, each of which claims to supersede earlier patches but does different things, and the four mails you sent to me privately, I really have no clue about what's going on. Bear in mind that psptools doesn't have a real maintainer, so, while my Perl is good, I'm not immediately familiar with what psptools does. Please send *separate* patches for each feature/bugfix you propose, explaining the problem addressed by each one. You can drop the --lpr stuff, I've already got that fixed locally. Also please try to avoid patches containing lots of old commented-out code and whitespace changes. If you send the patches to [EMAIL PROTECTED], it will avoid opening a new bug report for them. Thanks, -- Colin Watson [EMAIL PROTECTED]
Processed: merging 128669 129287 129414
Processing commands for [EMAIL PROTECTED]: > merge 128669 129287 129414 Bug#128669: psptools fixes for psplpr blocking and usage problem Bug#129287: psptools: try this patch -P0 on psplpr.pl.in, supercedes #128669 Bug#129414: psptools: try this patch -p0 on psplpr.pl.in instead of #129287 Merged 128669 129287 129414. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#128444: This *is* serious
On Tue, Jan 15, 2002 at 02:27:07PM -0800, Thomas Bushnell, BSG wrote: > Colin Watson <[EMAIL PROTECTED]> writes: > > severity 128444 serious > > thanks > > > > In practice this is serious. I'll put together a fix. > > "in practice". No. It doesn't violate policy. Maybe it should, but > it doesn't. Of course, it's fine to fix it. But there is no rule > that packages must not depend on such things. Sometimes actually getting things working is more important than worrying about which rules they violate, and I'm volunteering to get things working. In any case, the serious severity is also for "in the package maintainer's opinion, makes the package unsuitable for release", and in this package maintainer's opinion a package that can't be built by autobuilders is unsuitable. -- Colin Watson [EMAIL PROTECTED]
Bug#129414: psptools: try this patch -p0 on psplpr.pl.in instead of #129287
Package: psptools
Version: 1.2.2-6
Severity: normal
This diff supercedes my previous #129287 and #128669.
1. My custom output of allfeatures after the EndComments is removed.
I found the outstanding problem with some lines being dropped or duplicated
in the final postscript output and want those to be fixed first.
2. There are some changes added that my solve that show stopper.
This works on some postscript. The input file is a big variable so a variety
of tests would be needed. Files from dvips could be a problem because
the psplpr tries to replace the dvips %%Feature: . The program maybe should
be used as a filter first and the output examined before printing and
before any regular use.
3. My perl is too poor to really figure this out.
4. If this is good enough then the following diff can be added to the
existing debian package building diff for pstools.
Don
[EMAIL PROTECTED]
--- psptools-1.2.2.orig/src/psplpr.pl.inWed Jul 3 04:49:28 1996
+++ psptools-1.2.2/src/psplpr.pl.in Tue Jan 15 15:34:56 2002
@@ -33,6 +33,8 @@
require 'ppd.pl';
require 'printer.pl';
+$used_prog_lpr = $prog_lpr; # default value (overridden by --output)
+
#
# tell_user(what)
#
@@ -157,7 +159,7 @@
++$dictsz if $pagesetup;
}
-return unless $dictsz;
+return unless ($dictsz > 1);
if (!$nodsc) {
print "%%BeginResource: procset psplpr\n";
@@ -290,8 +292,8 @@
print "$who\n";
print "%%BoundingBox: 0 0 0 0\n%%Pages: 0\n";
print "%%EndComments\n";
-} else {
-print "%!\n";
+#} else {
+#print "%!\n";
}
if (!$doc) {
@@ -346,7 +348,7 @@
}
if (!$doc) {
- print "psplprdict begin psplprsetup end\n";
+ print "psplprdict begin psplprsetup end\n" if
countfeatures('PageSetup');
}
if ($doc && $dsc) {
@@ -507,22 +509,32 @@
ignoredeps('ExitServer');
ignoredeps('JCLSetup');
+local ($allout) = 0;
+
$_ = readpsline($conformant);
if (!$_) {
- %all_options = outputallfeatures($nodsc, !$dirty, $safer,
- $nonstd, $special);
+print "%!\n%%Creator: psplpr " . localtime() . "\n";
+print "%%EndComments\n";
+print "%\n% " . $myname . ": outputing all features... \n";
+ %all_options = outputallfeatures($nodsc, 666, $safer,
+ $nonstd, $special) unless $allout;
+$allout = 1;
} else {
$_ =~ s/^\004//;
local($bad);
- if ($dirty || ($bad = !/^%!PS/)) {
+ if ($dirty || ($bad = !/^%!PS-Adobe-3/)) {
+print;
+print "% " . $myname .": Looking for PS-Adobe-3.0 DSC conforming
document...\n";
+print "% " . $myname .": with %%BeginProlog, %%BeginSetup,
%%EndComments, etc. ... or\n";
+print "% " . $myname .": prepending! (not DSC compliant) at " .
localtime() . "\n%\n";
local($first) = $_;
-
+
%all_options = outputallfeatures($nodsc, 0, $safer, $nonstd,
- $special);
-
+ $special) unless $allout;
+$allout = 1;
if ($bad && !$dontglob) {
$glob = 1;
}
@@ -538,12 +550,23 @@
++$lineno;
+
if (/^%%Begin/) {
$in_comment = 1;
} elsif (/^%%End/) {
$in_comment = 0;
}
+# begin 15jan02 change
+#if (/^%%EndComments/) {
+#print "%%Modified: by psplpr ".localtime()."\n" if $nodsc >=
0;
+#print if $nodsc >= 0;
+# $printed = 1;
+#outputallfeatures ($nodsc, 0 ,$safer, $nonstd, $special)
unless $allout;
+#$allout = 1;
+# end 15jan02 change
+# } els
+
if (/^%%BeginProlog/) {
print if $nodsc >= 0;
($_, $ps) = readfeatures($glob, $conformant, !$inc, !$chg,
@@ -579,12 +602,16 @@
print "%%BeginSetup\n" unless $nodsc;
}
- if (!/^%%Page/) {
+ if (!/^%%Page/) {
+# next two lines added 15jan02
+# print if $nodsc >= 0;
+# $printed = 1;
+
($_, $ps) = readfeatures($glob, $conformant,
!$inc, !$chg, $del, $nodsc, $conforms);
$dontread = 1;
}
-
+
outputfeatures('DocumentSetup', $nodsc, $safer,
$nonstd, !$conformant, $special);
outputfeatures('AnySetup', $nodsc, $safer, $nonstd,
@@ -598,7 +625,7 @@
}
if (/^%%Page:/) {
- local($addsc) = 0;
+ local($adddsc) = 0;
if (!$prolog_output) {
outputfeatures('Prolog', $nodsc, $safer, $nonstd,
@@ -617,6 +644,9 @@
}
print if $nodsc >= 0;
+#added 15jan02
+ $printed =1;
+
if ($_ = readpsl
Bug#128444: This *is* serious
Colin Watson <[EMAIL PROTECTED]> writes: > severity 128444 serious > thanks > > In practice this is serious. I'll put together a fix. "in practice". No. It doesn't violate policy. Maybe it should, but it doesn't. Of course, it's fine to fix it. But there is no rule that packages must not depend on such things.
Processed: This *is* serious
Processing commands for [EMAIL PROTECTED]: > severity 128444 serious Bug#128444: zope-zpatterns_0.4.3p2-0.2(unstable/sparc): build-depends on a package with interactive install Severity set to `serious'. > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#128444: This *is* serious
severity 128444 serious thanks In practice this is serious. I'll put together a fix. -- Colin Watson [EMAIL PROTECTED]
Bug#129285: kde-i18n: possibly has a trademark issue
On 15/01/02, Josip Rodin wrote: > On Tue, Jan 15, 2002 at 12:06:13AM +0100, Martin Michlmayr wrote: > > You're probably aware that SuSE was ordered for a short while to stop > > shipping their Linux distribution because the krayon program clashed > > with the "Crayon" trademark. (See > > http://www.heise.de/english/newsticker/data/ray-09.01.02-000/ for the > > full story.) > As far as I understood the issue, it's essentially due to a weird German law > that allows for extortion because of the long injunction. The trademark > issue is frivolous. It may sound frivolous to you, but it should be taken serious, because it may affect us in the future. > Unless they sue Debian mirror maintainers in Germany, there's nothing to > worry about. Pardon? You really want to wait to see peope who maintain Debian mirrors get sued just because they mirrored Debian and Debian refused to take care of the issue before? > Frankly, I doubt they would care to do that since our sponsors > wouldn't be hurt by that (other than the fact they'd have to temporarily If the lawyer of the company decides to sue any seller of Debian, it will surely hurt them. And I think we should prevent this by taking care of this issue now. > stop mirroring the package, and appear in court to say "they're nuts!"), but > hey... No, it would be that only, they would also receive a fine which can either be lots of money for them or even a term of imprisonment. Christian -- Debian Developer (http://www.debian.org) 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853 pgpO7l2sQEZLW.pgp Description: PGP signature
1:1 »ó´ãÇØ µå¸³´Ï´Ù <È«º¸>
í¬ë§ì°¬ ìí´, ì ë ì´ì¸ ë³´ì¸ì!!! â060-700-8865 ì êµ ì ëª ìì ì¸ì´ ì§ì ìë´ í´ ë립ëë¤.(MBCìíê°ì¬, ëìë°±íì 문íì¼í° ìíê°ì¬, ìë¨ì¼ë³´ ì£¼ê° ì´ì¸...) ì§ì ì´, ì¬ì ì´, ì§íì´, ì ì ì´, ì¬ëì´, ê±´ê°ì´, í ì ë¹ê²°, ìê¶í© ê²ê¶í©, ìíì´, ì¹ì§ì´, ìëª , íì¼, ë³ì리ì , íìì§ë¦¬ ì íµíê² ë§ì¶ë 과거ì 미ë, "ê¹ì§ ëë¼ì¤ê²ëë¤" "ìì ì íµê³ì ìí ê³¼íì ì¸ í문ì ëë¤" â060-700-8865
Bug#129285: kde-i18n: possibly has a trademark issue
* Josip Rodin <[EMAIL PROTECTED]> [20020115 00:33]: > Unless they sue Debian mirror maintainers in Germany, there's nothing to > worry about. Frankly, I doubt they would care to do that since our sponsors > wouldn't be hurt by that (other than the fact they'd have to temporarily > stop mirroring the package, and appear in court to say "they're nuts!"), but They could probably stop companies from selling Debian CD-ROMs in Germany. -- Martin Michlmayr [EMAIL PROTECTED]
