Bug#1072780: src:transaction: fails to migrate to testing for too long: uploader built arch:all binary
Control: fixed -1 transaction/4.0-2 On Fri, Jun 07, 2024 at 09:39:20PM +0200, Paul Gevers wrote: > Your package is only blocked because the arch:all binary package(s) aren't > built on a buildd. Unfortunately the Debian infrastructure doesn't allow > arch:all packages to be properly binNMU'ed. Hence, I will shortly do a > no-changes source-only upload to DELAYED/15, closing this bug. Please let me > know if I should delay or cancel that upload. This was fixed by transaction 4.0-2, and it looks like either you cancelled your upload or it was automatically dropped from the DELAYED queue. transaction (4.0-2) unstable; urgency=medium * QA upload * Source-only reupload -- Bastian Germann Wed, 12 Jun 2024 20:49:57 + Thanks, -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#898949: schroot: PAM config should use common-session-noninteractive
On Sun, Sep 08, 2019 at 10:41:52PM +0100, Roger Leigh wrote: > On 07/09/2019 10:30, Simon McVittie wrote: > > On Thu, 17 May 2018 at 19:36:11 +0200, Ansgar Burchardt wrote: > > > On systems with libpam-systemd installed using common-session will > > > create a logind session which schroot should not do. > > In particular, creating a logind session results in $XDG_RUNTIME_DIR > > being set inside the chroot, to a path that only exists outside the chroot. > > Should this path be bound into the chroot? It's hard to see how it's useful for schroot to create a logind session on the host system at all. > Which Debian version introduced common-session-noninteractive? pam 1.0.1-11, which is sufficiently long ago (2009, well before oldoldoldstable) that it no longer needs to be specified in dependencies. -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#778412: Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability
On Mon, Feb 16, 2015 at 07:37:19PM +0100, Moritz Mühlenhoff wrote: > On Sat, Feb 14, 2015 at 03:41:21PM +0100, Luciano Bello wrote: > > The security team received a report from the CERT Coordination Center that > > the > > Henry Spencer regular expressions (regex) library contains a heap overflow > > vulnerability. It looks like this package includes the affected code at > > that's > > the reason of this bug report. > > > > The patch is available here: > > http://gitweb.dragonflybsd.org/dragonfly.git/blobdiff/4d133046c59a851141519d03553a70e903b3eefc..2841837793bd095a82f477e9c370cfe6cfb3862c:/lib/libc/regex/regcomp.c > > Building with "--disable-re" should fix this. Regrettably not in this case: nvi uses the BSD-specific REG_NOSPEC flag, so it doesn't build with glibc's regex library. I'm just applying the patch instead. -- Colin Watson [cjwat...@debian.org]
Bug#718328: gperf: Please mark Multi-Arch: foreign
Package: gperf
Version: 3.0.3-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu ubuntu-patch saucy
I was about to do a QA upload with this change, but I see that Hilko's
in the process of adopting this package, so perhaps you could apply it?
gperf is architecture-dependent but provides an architecture-independent
interface, so it doesn't matter which architecture you get of it
provided that you can execute its binaries. The way to declare this in
multiarch-speak is to declare it Multi-Arch: foreign. A number of
packages build-depend on gperf, including such important ones as
coreutils, so making gperf Multi-Arch: foreign eases the process of
cross-building the base system because you can use the version from your
build architecture rather than having to arrange to be able to emulate
the version for the host architecture at build time.
diff -u gperf-3.0.3/debian/control gperf-3.0.3/debian/control
--- gperf-3.0.3/debian/control
+++ gperf-3.0.3/debian/control
@@ -7,6 +7,7 @@
Package: gperf
Architecture: any
+Multi-Arch: foreign
Depends: ${shlibs:Depends}
Replaces: libg++272-dev, libg++27-dev
Description: Perfect hash function generator
Thanks,
--
Colin Watson [cjwat...@ubuntu.com]
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130730093100.gv1...@riva.ucam.org
Bug#591396: mpc123: uninitialized pointer
On Mon, Aug 02, 2010 at 09:12:05PM +0200, Pawel wrote: ~$ mpc123 file.mpc ao_oss ERROR: Unrecognized channel name . in channel matrix ao_oss WARNING: Input channel matrix invalid; ignoring. ~$ - CUT -- --- mpc123-0.2.4.org//ao.c 2010-08-02 20:29:04.0 +0200 +++ mpc123-0.2.4/ao.c 2010-08-02 20:35:44.0 +0200 @@ -127,6 +127,7 @@ int mpc123_ao_init(void ** d, mpc_stream ao_fmt.rate=streaminfo-sample_freq; ao_fmt.channels=streaminfo-channels; ao_fmt.byte_format=AO_FMT_LITTLE; + ao_fmt.matrix=NULL; /* output audio params */ debugf(ao_fmt bits = %d, ao_fmt.bits); - CUT -- Thanks for your patch. I'm taking a slightly different approach for my QA upload to avoid requiring libao 1.0.0 and to future-proof against further additions to this structure, though: --- a/ao.c +++ b/ao.c @@ -123,6 +123,7 @@ /* initialize ao_format struct */ /* XXX VERY WRONG */ + memset(ao_fmt, 0, sizeof(ao_fmt)); ao_fmt.bits=16; /*tmp_stream_info.average_bitrate;*/ ao_fmt.rate=streaminfo-sample_freq; ao_fmt.channels=streaminfo-channels; Cheers, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130507172809.ga23...@riva.ucam.org
parted unblock, and upcoming transition
Could parted 1.8.8.git.2009.07.19-6 be unblocked, please? It's needed to smooth the path for parted 2.2 in the near future. Speaking of which, I would like to upload parted 2.2 to unstable (it's currently in experimental) once 1.8.8.git.2009.07.19-6 reaches testing. The reason to try to get this into squeeze is that without it we won't properly support Advanced Format (i.e. 512-byte logical sectors) hard drives, which are becoming increasingly common. There is an ABI transition involved, among the following source packages (maintainers CCed): devicekit-disks fatresize gnu-fdisk gparted libvirt partconf partitioner partitionmanager partman-base pyparted qtparted udisks I believe that all of these are trivial matters of changing build-dependencies, with the exception of fatresize which needs a fix to its configure script as well (already done upstream); some of these packages already had appropriate or nearly-appropriate versions in experimental, last I checked. We might want to let devicekit-disks/udisks get into testing first, but after that's done, would it be convenient to the release team and to the other maintainers CCed here to start this transition? I can supervise it, upload the d-i parts and the QA-maintained qtparted directly, and file bugs with patches as necessary for the others. Thanks, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100311122242.gb23...@riva.ucam.org
Bug#550716: ncurses: cross-build fails due to colon in PKG_CONFIG_LIBDIR
Package: ncurses Version: 5.7+20090803-2 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu ubuntu-patch karmic When cross-building, dpkg-buildpackage sets PKG_CONFIG_LIBDIR to a colon-separated pair of paths. This is valid as far as pkg-config is concerned. However, ncurses breaks like this: cd misc /usr/bin/make DESTDIR=/home/cjwatson/tmp/ncurses/debian/tmp all make[2]: Entering directory `/home/cjwatson/tmp/ncurses/obj/misc' Makefile:128: *** target pattern contains no `%'. Stop. The following patch fixes this, although it relies on GNU Make features and so upstream might want to consider a different approach. * debian/patches/08-pkg-config-libdir.patch: Cope with multiple colon-separated entries in $(PKG_CONFIG_LIBDIR), as set by default by dpkg-buildpackage when cross-compiling. diff -u ncurses-5.7+20090803/debian/patches/00list ncurses-5.7+20090803/debian/patches/00list --- ncurses-5.7+20090803/debian/patches/00list +++ ncurses-5.7+20090803/debian/patches/00list @@ -7,0 +8 @@ +08-pkg-config-libdir.dpatch only in patch2: unchanged: --- ncurses-5.7+20090803.orig/debian/patches/08-pkg-config-libdir.dpatch +++ ncurses-5.7+20090803/debian/patches/08-pkg-config-libdir.dpatch @@ -0,0 +1,20 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 08-cross-compile.dpatch by Colin Watson cjwat...@ubuntu.com +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Cope with multiple colon-separated entries in $(PKG_CONFIG_LIBDIR), +## DP: as set by default by dpkg-buildpackage when cross-compiling. + +...@dpatch@ +diff -urNad ncurses-5.7+20090803~/misc/Makefile.in ncurses-5.7+20090803/misc/Makefile.in +--- ncurses-5.7+20090803~/misc/Makefile.in 2009-02-10 14:59:19.0 + ncurses-5.7+20090803/misc/Makefile.in 2009-10-12 13:25:29.0 +0100 +@@ -129,7 +129,7 @@ + $(DESTDIR)$(libdir) \ + $(DESTDIR)$(datadir) \ + $(DESTDIR)$(tabsetdir) \ +-$(DESTDIR)$(PKG_CONFIG_LIBDIR) : ++$(foreach d,$(subst :, ,$(PKG_CONFIG_LIBDIR)),$(DESTDIR)$(d)) : + $(SHELL) $(top_srcdir)/mkdirs.sh $@ + + uninstall : uninstall.data uninstall.libs Thanks, -- Colin Watson [cjwat...@ubuntu.com] -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#550063: libiodbc2: iodbcinst/unicode.h checks HAVE_* but doesn't include anything that might define them
Package: libiodbc2 Version: 3.52.6-3 Severity: important Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu ubuntu-patch karmic iodbcinst/unicode.h checks HAVE_* but doesn't include anything that might define them. This caused a build failure on Ubuntu, although I doubt it's intrinsically Ubuntu-specific (might not actually occur on Debian right now depending on exactly how libc headers are arranged). See: http://launchpadlibrarian.net/32005588/buildlog_ubuntu-karmic-i386.libiodbc2_3.52.6-3_FAILEDTOBUILD.txt.gz * debian/patches/05_unicode_includes.diff: iodbcinst/unicode.h needs to include iodbc.h for HAVE_* definitions from configure. --- libiodbc2-3.52.6.orig/debian/patches/05_unicode_includes.diff +++ libiodbc2-3.52.6/debian/patches/05_unicode_includes.diff @@ -0,0 +1,11 @@ +diff -Nur -x '*.orig' -x '*~' libiodbc2-3.52.6/iodbcinst/unicode.h libiodbc2-3.52.6.new/iodbcinst/unicode.h +--- libiodbc2-3.52.6/iodbcinst/unicode.h 2006-01-20 15:58:35.0 + libiodbc2-3.52.6.new/iodbcinst/unicode.h 2009-10-07 12:45:27.0 +0100 +@@ -76,6 +76,7 @@ + + #ifndef _UNICODE_H + #define _UNICODE_H ++#include iodbc.h + + #if HAVE_WCHAR_H + #include wchar.h Thanks, -- Colin Watson [cjwat...@ubuntu.com] -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528783: bogl: support 'bterm [options] -- command [arguments]'
Package: bogl
Version: 0.1.18-3
Severity: wishlist
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu ubuntu-patch karmic
bterm's command-line syntax currently only supports invocations of the
following form:
bterm [options] [command]
... where the options and the command name may be interleaved. This is
inconvenient if you want to run a command that takes arguments inside
bterm, especially if any of those arguments start with -; you have to
write a wrapper script, and if you want any of those arguments to be
variable then you need to pass them through using environment variables.
It would be much better if bterm supported a sensible adverbial style of
invocation.
The attached patch changes bterm to support an additional syntax of the
following form:
bterm [options] -- command [arguments]
I believe that it is fully backward-compatible with the previous syntax.
Thanks,
--
Colin Watson [cjwat...@ubuntu.com]
diff -Nru bogl-0.1.18/bterm.c bogl-0.1.18/bterm.c
--- bogl-0.1.18/bterm.c 2009-04-23 16:46:07.0 +0100
+++ bogl-0.1.18/bterm.c 2009-05-15 15:41:57.0 +0100
@@ -66,6 +66,26 @@
static struct termios ttysave;
static int quit = 0;
+/* Out of memory. Give up. */
+static void out_of_memory (void)
+{
+ fprintf (stderr, virtual memory exhausted\n);
+ abort ();
+}
+
+/* Allocate AMT bytes of memory and make sure it succeeded. */
+static void *xmalloc (size_t size)
+{
+ void *p;
+
+ if (size == 0)
+return 0;
+ p = malloc (size);
+ if (!p)
+out_of_memory ();
+ return p;
+}
+
/* This first tries the modern Unix98 way of getting a pty, followed by the
* old-fashioned BSD way in case that fails. */
int get_ptytty(int *xptyfd, int *xttyfd)
@@ -145,7 +165,7 @@
quit = 1;
}
-void spawn_shell(int ptyfd, int ttyfd, const char *command)
+void spawn_shell(int ptyfd, int ttyfd, char * const *command_args)
{
fflush(stdout);
child_pid = fork();
@@ -170,7 +190,7 @@
setgid(getgid());
setuid(getuid());
- execl(command, command, NULL);
+ execvp(command_args[0], command_args);
exit(127);
}
@@ -224,11 +244,13 @@
int ptyfd, ttyfd;
struct bogl_font *font;
char *locale = , *command = NULL;
+ char **command_args;
int i;
char o = ' ';
int pending = 0;
- for (i = 1 ; i argc ; ++i)
+ for (i = 1 ; i argc ; ++i) {
+ int done = 0;
if (argv[i][0] == '-')
switch (argv[i][1])
{
@@ -237,6 +259,10 @@
o = argv[i][1];
break;
+ case '-':
+ done = 1;
+ break;
+
default:
printf (unknown option: %c\n, argv[i][1]);
}
@@ -258,6 +284,10 @@
break;
}
+ if (done)
+ break;
+ }
+
setlocale(LC_CTYPE, locale);
if (font_name == NULL) {
@@ -291,7 +321,22 @@
exit(1);
}
- spawn_shell(ptyfd, ttyfd, command == NULL ? /bin/sh : command);
+ if (command) {
+command_args = xmalloc(2 * sizeof *command_args);
+command_args[0] = command;
+command_args[1] = NULL;
+ } else if (i argc - 1) {
+int j;
+command_args = xmalloc((argc - i) * sizeof *command_args);
+for (j = i + 1; j argc; ++j)
+ command_args[j - (i + 1)] = argv[j];
+command_args[argc - (i + 1)] = NULL;
+ } else {
+command_args = xmalloc(2 * sizeof *command_args);
+command_args[0] = /bin/sh;
+command_args[1] = NULL;
+ }
+ spawn_shell(ptyfd, ttyfd, command_args);
signal(SIGHUP, reload_font);
signal(SIGTERM, sigterm);
Bug#512657: bogl: mark internal-use file descriptors close-on-exec
Package: bogl
Version: 0.1.18-2
Severity: wishlist
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu ubuntu-patch jaunty
bterm leaks several of the file descriptors it uses internally to its
child process. This is messy and could potentially lead to some
interesting bugs. How does the attached patch look, which marks internal
file descriptors as close-on-exec? I think I've hit the right set of fds
here.
Thanks,
--
Colin Watson [cjwat...@ubuntu.com]
* Set many internal file descriptors close-on-exec, to avoid leaking them
to the program called by bterm.
diff -Nru bogl-0.1.18/bogl-bgf.c bogl-0.1.18/bogl-bgf.c
--- bogl-0.1.18/bogl-bgf.c 2001-12-01 17:04:42.0 +
+++ bogl-0.1.18/bogl-bgf.c 2009-01-22 13:38:58.0 +
@@ -20,6 +20,9 @@
if (fd == -1)
return 0;
+ if (bogl_cloexec(fd) 0)
+return 0;
+
if (fstat(fd, buf))
return 0;
diff -Nru bogl-0.1.18/bogl.c bogl-0.1.18/bogl.c
--- bogl-0.1.18/bogl.c 2006-10-20 21:11:19.0 +0100
+++ bogl-0.1.18/bogl.c 2009-01-22 13:40:39.0 +
@@ -124,12 +124,16 @@
fb = open (/dev/fb/0, O_RDWR);
if (fb 0)
return bogl_fail (opening /dev/fb0: %s, strerror (errno));
+ if (bogl_cloexec (fb) 0)
+return bogl_fail (setting /dev/fb0 close-on-exec: %s, strerror (errno));
tty = open (/dev/tty0, O_RDWR);
if (tty 0)
tty = open (/dev/vc/0, O_RDWR);
if (tty 0)
return bogl_fail (opening /dev/tty0: %s, strerror (errno));
+ if (bogl_cloexec (tty) 0)
+return bogl_fail (setting /dev/tty0 close-on-exec: %s, strerror (errno));
if (-1 == ioctl (tty, VT_GETSTATE, vts))
return bogl_fail (can't get VT state: %s, strerror (errno));
@@ -630,3 +634,19 @@
return 0;
}
+
+/* Set a file descriptor to close-on-exec. */
+int
+bogl_cloexec(int fd)
+{
+ int flags;
+
+ flags = fcntl (fd, F_GETFD);
+ if (flags 0)
+return flags;
+
+ if (fcntl (fd, F_SETFD, flags | FD_CLOEXEC) 0)
+return -1;
+
+ return 0;
+}
diff -Nru bogl-0.1.18/boglP.h bogl-0.1.18/boglP.h
--- bogl-0.1.18/boglP.h 2001-12-01 17:04:42.0 +
+++ bogl-0.1.18/boglP.h 2009-01-22 13:38:26.0 +
@@ -25,4 +25,6 @@
int bogl_fail (const char *, ...);
+int bogl_cloexec (int fd);
+
#endif /* boglP_h */
diff -Nru bogl-0.1.18/boml.c bogl-0.1.18/boml.c
--- bogl-0.1.18/boml.c 2005-09-21 18:15:33.0 +0100
+++ bogl-0.1.18/boml.c 2009-01-22 13:43:23.0 +
@@ -614,6 +614,10 @@
fd = open (/dev/gpmdata, O_RDONLY | O_NONBLOCK);
if (fd 0)
return 0;
+ if (bogl_cloexec (fd) 0) {
+close (fd);
+return 0;
+ }
/* Poll the mouse whether or not we could find gpm, in
case it starts up later; but keep searching in that case. */
@@ -640,6 +644,10 @@
fd = open(/dev/input/mice, O_RDONLY | O_NONBLOCK);
if(fd 0)
return;
+ if (bogl_cloexec(fd) 0) {
+close(fd);
+return;
+ }
add_mouse(T_PS2, fd);
}
@@ -659,6 +667,10 @@
fd = open (/dev/psaux, O_RDWR | O_NONBLOCK);
if (fd 0)
return;
+ if (bogl_cloexec (fd) 0) {
+close (fd);
+return;
+ }
write (fd, s2, sizeof s2);
usleep (3);
@@ -695,6 +707,10 @@
int fd = open (/dev/inportbm, O_RDONLY | O_NONBLOCK);
if (fd 0)
return;
+ if (bogl_cloexec (fd) 0) {
+close (fd);
+return;
+ }
add_mouse (T_MS_BUS, fd);
}
@@ -707,6 +723,10 @@
int fd = open (/dev/adbmouse, O_RDONLY | O_NONBLOCK);
if (fd 0)
return;
+ if (bogl_cloexec (fd) 0) {
+close (fd);
+return;
+ }
add_mouse (T_ADB, fd);
}
@@ -721,6 +741,10 @@
int fd = open (/dev/sunmouse, O_RDONLY | O_NONBLOCK);
if (fd 0)
return;
+ if (bogl_cloexec (fd) 0) {
+close (fd);
+return;
+ }
add_mouse (T_SUN, fd);
}
@@ -978,6 +1002,11 @@
fd = open (port, O_RDWR | O_NONBLOCK);
if (fd 0)
return fd;
+ if (bogl_cloexec (fd) 0)
+{
+ close (fd);
+ return -1;
+}
/* Reset file so it is no longer in non-blocking mode. */
if (fcntl (fd, F_SETFL, 0) 0)
Bug#218720: 404 error
On Thu, May 03, 2007 at 06:32:54PM +0200, Robert Millan wrote: Not there anymore it seems. Do you know where to find it? Anthony Fok just told me that it's now here: http://www.unifoundry.com/unifont.html -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Some of your Debian packages might need attention
On Wed, Jan 09, 2008 at 11:39:30PM +, DDPOMail robot wrote: Dear Debian QA Group, The following possible problem(s) were detected in the package(s) you maintain in Debian: I'm not sure it's worth sending this to [EMAIL PROTECTED]; by definition packages maintained by the QA Group need attention. :-) Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#377097: yaboot-installer: generated yaboot.conf is broken on IBM POWER hardware ...
On Thu, Jul 06, 2006 at 09:33:45PM +0200, Sven Luther wrote: Colin Watson wrote: That said, there's obviously no point in writing out an unparseable configuration file, so I've changed yaboot-installer to avoid doing this. You mean, you have modified yaboot-installer to not include a the device line if ofpath returns an empty string ? This would indeed solve the problem. Right, exactly that. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#245826: t-gnus: please maintain and update the package
On Fri, Nov 05, 2004 at 09:44:46AM +0100, free wrote: On Sat, 10 Jul 2004 16:02:05 +0100, Colin Watson wrote: On Mon, Apr 26, 2004 at 01:15:12AM +0900, Tatsuya Kinoshita wrote: Package: t-gnus Version: 6.15.8.00-1 Severity: serious The t-gnus package has not been updated since 2002-11-25 (the upstream is still active, T-gnus 6.17.1 revision 00 was released on 2004-01-05), and there are lintian errors and other bugs in debian/* files. I feel that this package is unsuitable for the Debian release. I've accordingly scheduled t-gnus to be removed from testing. If somebody wants it back, please fix the release-critical bugs promptly. I've worked a little bit on the package: t-gnus (6.17.2.00-1.1) unstable; urgency=low * New upstream release * Using dpatch * Added reference to the common license file for gpl * Moved postrm to prerm, as the latter is the right place for install-info --remove. * Removed double spaces in description -- Free Ekanayaka [EMAIL PROTECTED] Fri, 5 Nov 2004 00:12:43 +0100 The package is now updated, lintian free, and it works (I'm a t-gnus user). However I discovered that the texi info documentation is GFDL. Shall I package a non-free t-gnus-doc for it? If you like, but material licensed under the GFDL is permitted in main for sarge, so don't worry about it too much for now. Are you willing to be the maintainer for this package? The fewer orphaned packages we have in a stable release, the better. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#245826: t-gnus: please maintain and update the package
On Fri, Nov 05, 2004 at 11:32:16AM +0100, Free Ekanayaka wrote: |--== Colin Watson writes: CW Are you willing to be the maintainer for this package? The fewer CW orphaned packages we have in a stable release, the better. Yes, I can do that. Shall I change the Maintainer field and prepare an NMU? Changing the Maintainer field in debian/control is how you become the maintainer, yes. Once you've done so, your upload is by definition not an NMU. :-) Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#275301: ssh2 freeze in select() when used as a transport medium for cvs or scp
On Thu, Oct 07, 2004 at 10:59:57AM +0200, David Delbecq wrote: Package: ssh2 Version: 2.0.13-7 Severity: important When i do a scp from using this computer or when i use cvs over ssh, at some time or another it freeze during process and i have to ctrl-C. I did install the lic6-gdb package, plugged gdb in the process after the freeze and did a backtrace (see below). As you can see, ssh is stuck in select() function. Could not find any informations on this. This is quite a problem as it render cvs tool over ssh useless :/ (it can never do a complete checkout). Consider using OpenSSH (the ssh package) instead. ssh2 has been removed from testing and unstable, and is effectively no longer supported. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#275301: ssh2 freeze in select() when used as a transport medium for cvs or scp
On Tue, Oct 12, 2004 at 09:08:54PM +0200, [EMAIL PROTECTED] wrote: Sorry thought ssh was in fact the old ssh1 protocol and ssh2 was it's replacement. No, the naming's just confusing for historical reasons. ssh supports both protocols. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: Fixed dia2sql
On Wed, Apr 28, 2004 at 04:52:24PM +0200, Juraj Michalek wrote: I fixed bug #240459 in dia2sql. Problem was that dia2sql crashes when there was no Protected attribute in diagram. Protected attribute is considered as primary key. So I added small test if value is defined, and added small warning with explanation how to create a primary key in Dia diagram. Fixes script is attached. Can you send this in the form of a patch, please? diff -u old-script new-script This is easier to deal with in the event that somebody comes back to your mail some time later. Also, please send the patch to [EMAIL PROTECTED] so that it gets archived in our bug tracking system. This is important because dia2sql doesn't have a Debian maintainer at the moment so it may be some time before anyone gets to it. Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#231559: just delete the -fstrings from update-menus -f in wm.postinst .postrm, then the problem is solved. update-menus don't know about -foption ; )
On Tue, Mar 09, 2004 at 09:45:20PM +0900, Jung-hoon Han wrote: Package: wn Severity: normal Followup-For: Bug #231559 (It's best to put your comments in body text, not the subject line.) The problem has been solved by removing the package altogether. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#204045: Bug#219143: remove packages from testing
On Mon, Feb 23, 2004 at 12:37:42AM +0100, Frank Lichtenheld wrote: On Sat, Feb 21, 2004 at 08:05:21PM -0600, Steve Langasek wrote: On Wed, Feb 18, 2004 at 11:00:52PM +0100, Andreas Barth wrote: mozart 204045 orphaned RC-bug since 2003-11-04, patch since 2003-11-12, nobody seems to care enough It's not clear to me whether this bug should be tagged sid only? As the version in testing is lower than that in stable (security update) I would really recommend to remove this from testing. I agree. I've scheduled this for the next testing run. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#143967: prboom should have setuid option
On Sun, Apr 21, 2002 at 06:41:46PM -0700, Ian Turner wrote: Package: prboom Version: 2.2.2-1 Severity: wishlist In the presence of an sdl driver capable of SVGAlib (e.g., libsdl1.2debian-all), prboom needs to be setuid root in order to access the graphics console. It would be a security risk to make this the default, however lxdoom provides a debconf option to make it so. Personally I think people can/should just do it themselves with dpkg-statoverride. Of course, prboom would also need to be patched (if it is not already) so as to give up privelages once the console is set up. That still applies if it hasn't been done, of course. -- Colin Watson [EMAIL PROTECTED]
Re: O: evas -- enlightenment advanced canvas library
reassign 179909 ftp.debian.org,wnpp thanks On Wed, Feb 05, 2003 at 03:58:27PM +0100, Martin Michlmayr wrote: Package: wnpp Severity: normal The current maintainer of evas, Laurence J. Lane [EMAIL PROTECTED], has orphaned this package. If you want to be the new maintainer, please take it -- see http://www.debian.org/devel/wnpp/index.html#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: evas Binary: libevas0-dev, evas-demo, libevas0 Version: 0.6.0-2 Priority: optional Section: libs Maintainer: Laurence J. Lane [EMAIL PROTECTED] Build-Depends: xlibs-dev, xlibmesa-dev, libttf-dev, libimlib2-dev, debhelper (=3.0) Architecture: any Standards-Version: 3.5.4.0 Format: 1.0 Directory: pool/main/e/evas Files: 881bd28d76aa7bbf062748a51c8ff547 678 evas_0.6.0-2.dsc 4161fd765270161aaa995fc0ee5e62a5 8618046 evas_0.6.0.orig.tar.gz 10f5cce7bacb8b3e7c2a4a2f9a38295b 158974 evas_0.6.0-2.diff.gz This has been orphaned for nearly a year now and nobody's picked it up; it's got no reverse dependencies and doesn't seem too critically important. Let's remove it. Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#229615: ftp.debian.org: please remove cooledit
Package: ftp.debian.org Severity: normal cooledit has been orphaned since April 2001 (#93464), and nobody's shown sufficient motivation to adopt it since then. There are plenty of replacement editors in the archive, so please remove this one. Thanks, -- Colin Watson [EMAIL PROTECTED]
Re: Processed: libxaw-dev is long gone
On Thu, Jan 08, 2004 at 09:43:17PM -0800, Philip Brown wrote: On Tue, Jan 06, 2004 at 11:26:33PM +, Colin Watson wrote: On Wed, Jan 07, 2004 at 09:14:54AM +1100, Hamish Moffatt wrote: Why is a pure virtual build-depends a serious bug? Could you please point out the section of policy? Forget the pure virtual bit - nothing in unstable provides libxaw-dev any more. oookay so is the correct behaviour now, to replace libxaw-dev, with a specific version, eg libxaw6-dev ? Yes. Sfunny.. I thought my package ORIGINALLY did that, and then I got a bug filed against it a year or three back, that it should instead depend on the virtual package. Most irritating. Consistancy in policy should be a desirable feature. Consistency in bug filers is, I fear, impossible. :) Sometimes they're just wrong. I think policy has been fairly consistent in recommending that packages should depend at least on real-package | virtual-package, although that's mostly to help dselect etc.; to my knowledge it says little about build-depends. Anyway, build-dependency changes caused by package rearrangements are really outside the domain of policy. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
On Mon, Jan 05, 2004 at 06:17:07PM -0800, Matt Zimmerman wrote: Package: libnids Severity: grave The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause memory corruption and possibly execute arbitrary code via overlarge TCP packets. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 An update to version 1.18 should be sufficient to correct the problem. I am copying [EMAIL PROTECTED], since that is the only reverse dependency. This package is orphaned and could be removed if this bug is not fixed. I'm having a look at this. However, upstream have changed libnids' SONAME to libnids.so.1.18, so the package name will have to change to libnids1.18; Steve, you'll need to give dsniff a Build-Depends: libnids (= 1.18-1) and re-upload to make its dependencies match. I was going to switch to libnet1-dev too while I was at it, but it appears that dsniff won't be able to cope with that, so it can wait. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
On Tue, Jan 06, 2004 at 11:22:55AM +, Steve Kemp wrote: On Mon, Jan 05, 2004 at 06:17:07PM -0800, Matt Zimmerman wrote: Package: libnids Severity: grave The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause memory corruption and possibly execute arbitrary code via overlarge TCP packets. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 An update to version 1.18 should be sufficient to correct the problem. I am copying [EMAIL PROTECTED], since that is the only reverse dependency. This package is orphaned and could be removed if this bug is not fixed. I maintain dsniff - and will adopt libnids and upload a more recent version shortly. Aha. Ignore most of my message, then. :) The bit about the changed SONAME probably still applies. I've retitled #188171 to reflect this, although the cotrol address seems to be a little bit slow today. This is true in general at the moment, yes. -- Colin Watson [EMAIL PROTECTED]
Please remove libming and libming-fonts-openoffice
reassign 166973 ftp.debian.org reassign 166990 ftp.debian.org retitle 166973 Please remove libming retitle 166990 Please remove libming-fonts-openoffice thanks libming and libming-fonts-openoffice have been orphaned for over a year; during that time there appear to have been perhaps a dozen commits to upstream's CVS repository, and my impression is that it's not particularly actively maintained there. libming has no reverse dependencies that I can see other than libming-fonts-openoffice, and vice versa. libming currently has two grave bugs, one of which indicates that it needs source changes to make it work with the current PHP API. I think these two packages should simply be removed. Thanks, -- Colin Watson [EMAIL PROTECTED]
Re: Processed: libxaw-dev is long gone
On Wed, Jan 07, 2004 at 09:14:54AM +1100, Hamish Moffatt wrote: On Tue, Jan 06, 2004 at 03:48:54PM -0600, Debian Bug Tracking System wrote: Processing commands for [EMAIL PROTECTED]: severity 169969 serious Bug#169969: acfax: Pure virtual build-depends on libxaw-dev Severity set to `serious'. severity 170006 serious Bug#170006: emacs20: Pure virtual build-depends on libxaw-dev Severity set to `serious'. Why is a pure virtual build-depends a serious bug? Could you please point out the section of policy? Forget the pure virtual bit - nothing in unstable provides libxaw-dev any more. xfree86 (4.2.1-12) unstable; urgency=high [...] * Kill off libxaw-dev virtual package per discussion on debian-devel mailing list. - debian/control: + libxaw6-dev now conflicts with and replaces libxaw7-dev instead of libxaw-dev + libxaw6-dev no longer provides libxaw-dev + libxaw7-dev now conflicts with and replaces libxaw6-dev instead of libxaw-dev + libxaw7-dev no longer provides libxaw-dev [...] -- Branden Robinson [EMAIL PROTECTED] Tue, 30 Sep 2003 15:34:48 -0500 Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#225146: segfault in crm114 when using classify
On Fri, Dec 26, 2003 at 04:03:17PM -0500, Miller, Raul D wrote: Package: crm114 Version: 2002-11-26-2 Severity: grave glibc6 version: 2.3.2.ds1-10 crm114 segfaults on me, when I use classify. Here's what it looks like when I run strace crm114 -t bin/incoming.crm /tmp/178500 [...] Here's what gdb tells me about that segfault when I compile from source and run the unstripped binary: Program received signal SIGSEGV, Segmentation fault. 0x4009b10b in mallopt () from /lib/libc.so.6 Looks like malloc arena corruption. Could you install valgrind and run 'valgrind --num-callers=20 crm114 -t bin/incoming.crm /tmp/178500'? That should show up the location of the corruption. (I know nothing about crm114, just going through RC bugs ...) Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#210360: php4-ming not installable
On Thu, Sep 11, 2003 at 02:21:53AM +0200, Ricardo Galli wrote: Package: php4-ming Version: 0.2a.cvs20020110-1 Severity: normal It has a dependency to a package not existing in official Debian: zendapi-20020429 It doesn't exist even in unstable. On Sat, Oct 11, 2003 at 12:47:23PM +0200, Stephane Leclerc wrote: Package: php4-ming Version: 0.2a.cvs20020110-1 Severity: important Package not sync with PHP4 3.3.3-1. Can't install lastest PHP4 if php4-ming is installed. This bug looks easy, but is actually kind of complicated. I can build php4-ming to depend on phpapi-20020918, but it appears that it needs source changes as well. For instance, it uses the php_file_le_fopen() function, which was present in php4 4:4.1.2-6 in testing but is missing from php4 4:4.3.3-4 in unstable, so certain operations cause php4 to segfault, such as http://ming.sourceforge.net/examples/example.php?name=cxform (since I couldn't find the backyard.jpg file referenced in the example, I faked one up using english/vote/1999/debianlogo-3.jpg from webwml CVS). I can't find any mention of this in php4's changelog file, and the problem isn't fixed in libming's upstream CVS repository. For some reason gcc doesn't issue any warnings about this either, so I can't use that to find all the problematic code. I think we need a PHP hacker to go through libming and forward-port all its uses of the PHP API. If that doesn't happen, we'd better just remove the php4-ming binary package for now, since it won't work properly with the version of php4 in sarge without code changes. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: Ssh2-packet still secure?
On Tue, Sep 16, 2003 at 08:38:39PM +0200, Johan C wrote: I use ssh2 (2.0.13-7) on my webserver. As far as I can see this packet has not been updated since Sat, 15 Dec 2001 12:43:25 +. My question is if this packet is still considered secure and reliable to use after all OpenSSH-bugs, since it's not updated for almost 2 years, or is that because it's considered outdated? The ssh2 package was the non-free ssh.com version of SSH, not OpenSSH. We removed it from Debian testing and unstable some time ago, and the last version uploaded to Debian was a long way behind ssh.com's version even then. I would be astonished if it didn't have a number of security holes. Notwithstanding today's OpenSSH vulnerability, I still very strongly recommend that you stop using ssh2 and switch to ssh. See also http://lists.debian.org/debian-qa-0209/msg00038.html. (QA group: should we ask for ssh2 to be removed from stable as well? I don't think the project can reasonably support it at this point.) Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: Ssh2-packet still secure?
On Tue, Sep 16, 2003 at 09:32:00PM +0100, Colin Watson wrote: On Tue, Sep 16, 2003 at 08:38:39PM +0200, Johan C wrote: I use ssh2 (2.0.13-7) on my webserver. As far as I can see this packet has not been updated since Sat, 15 Dec 2001 12:43:25 +. My question is if this packet is still considered secure and reliable to use after all OpenSSH-bugs, since it's not updated for almost 2 years, or is that because it's considered outdated? The ssh2 package was the non-free ssh.com version of SSH, not OpenSSH. We removed it from Debian testing and unstable some time ago, and the last version uploaded to Debian was a long way behind ssh.com's version even then. I would be astonished if it didn't have a number of security holes. Here's a possible privilege escalation requiring a local account: http://www.securityfocus.com/bid/6247 There are several reports of vulnerabilities in newer versions of ssh2, but 2.0.13 is so old that people don't often even bother to quote it as vulnerable or not vulnerable. (QA group: should we ask for ssh2 to be removed from stable as well? I don't think the project can reasonably support it at this point.) I've mailed the security team about this. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#111919: marked as done (Text disappears with . or ' at start of line in SGML source)
On Thu, Aug 28, 2003 at 04:18:22AM -0500, Debian Bug Tracking System wrote: Your message dated Thu, 28 Aug 2003 11:15:29 +0200 (CEST) with message-id [EMAIL PROTECTED] and subject line Escaping characters and collapsing of white space has caused the attached Bug report to be marked as done. [...] From: Richard Atterer [EMAIL PROTECTED] [...] When . or ' is the first PCDATA character on a line in the SGML source (i.e. there may be markup in front of it), then the whole line disappears from the output manpage. [...] From: Luk Claes [EMAIL PROTECTED] [...] You should invoke docbook-to-man with INSTANT_OPT set to a space if you want to use some special characters literally in your SGML file. This also takes care of collapsing white space into one space. INSTANT_OPT= docbook-to-man src.sgml dst.1 That seems rather inadequate as far as this bug is concerned. Why should an SGML processor require special options in order to correctly escape characters that are special to groff (not SGML) in its output? -- Colin Watson [EMAIL PROTECTED]
Bug#111920: Bug#111919 acknowledged by developer (Escaping characters and collapsing of white space)
On Thu, Aug 28, 2003 at 12:59:17PM +0200, Richard Atterer wrote: Luk Claes wrote: You should invoke docbook-to-man with INSTANT_OPT set to a space if you want to use some special characters literally in your SGML file. This also takes care of collapsing white space into one space. INSTANT_OPT= docbook-to-man src.sgml dst.1 You *do* mean docbook2man (docbook-utils package) and not docbook-to-man (docbook-to-man package), right? The bug is about docbook2man. As it happens, your bug is filed against docbook-to-man ... Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#205220: freeamp: Freeamp does not install
On Wed, Aug 13, 2003 at 03:14:36PM +0100, James Stone wrote: Package: freeamp Version: 1:2.1.1.0-4 Severity: normal Tags: sid Are you sure you mean sid? freeamp has been removed from testing and unstable, replaced I believe by zinf. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#203305: /etc/init.d/distributed-net fails to stop dnetc if run from non-interactive shell
On Tue, Jul 29, 2003 at 10:35:34AM +0100, Matthew Exley wrote:
Package: distributed-net
Version: 2.9001.478-2
Severity: minor
Tags: patch
/etc/init.d/distributed-net fails to stop the client if run from a
non-interactive shell, e.g. if run from a cron job (where the client
is only scheduled to run overnight, for example), then the output of:
/etc/init.d/distributed-net stop will be not running.
This appears to be because the test for running command uses
stop-start-daemon to check, which resides in /sbin which isn't in the
path for non-interactive shells.
So, a fix is to add:
PATH=/sbin:$PATH
...before the case statement in /etc/init.d/distributed-net
I think /sbin should go on the end, to allow a sysadmin to call that
script from a shell with PATH=/usr/local/sbin:... and have tools in
/usr/local/sbin override the system ones. ssh's init script does this:
export PATH=${PATH:+$PATH:}/usr/sbin:/sbin
Cheers,
--
Colin Watson [EMAIL PROTECTED]
Re: Bug#192679: O: xisp -- A user-friendly X interface to pppd/chat.
On Sat, May 10, 2003 at 02:12:01AM +1000, Martin Michlmayr wrote: Package: wnpp Severity: normal The current maintainer of xisp, Martin Bialasinski [EMAIL PROTECTED], is apparently not active anymore. Therefore, I orphan this package now. If you want to be the new maintainer, please take it -- see http://www.debian.org/devel/wnpp/index.html#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: xisp Binary: xisp Version: 2.6p1-6 Priority: optional Section: contrib/net The only reason that this is in contrib is due to libforms0.89, which has been removed. Since there's a grave bug open asking for it to be rebuilt against libforms1, I'm going to make a QA upload soon to change the maintainer address and move it to main. -- Colin Watson [EMAIL PROTECTED]
Bug#194913: Bug#195322: fastlink: Incorrect Maintainer: field
On Mon, Jun 02, 2003 at 10:13:53AM +0200, Andreas Tille wrote:
Anyway I seem to run into trouble to port this package to gcc-3.3. Thus
I tagged the bug help. If you have any hints/ideas/patched I would care
for a quick upload (or even do not bother about a NMU - which could also
fix the maintainer field).
A patch is attached. It's completely untested, but it does compile. I
made one other change, documented in the changelog fragment below, to
get rid of some of the nastier compiler warnings. There are a large
number of other warnings which should be dealt with at some point, but
they don't seem so urgent.
* Port from varargs.h to stdarg.h (closes: #194913).
* Modern glibc needs us to use time.h rather than sys/time.h.
Cheers,
--
Colin Watson [EMAIL PROTECTED]
only in patch2:
unchanged:
--- fastlink-4.1P-fix88.orig/4.1P/src/commondefs.h
+++ fastlink-4.1P-fix88/4.1P/src/commondefs.h
@@ -29,14 +29,14 @@
possibly remove sys/ from the next 3 lines */
#include sys/types.h
#include sys/stat.h
-#include sys/time.h
+#include time.h
/* Shriram: end */
/* cgh */
#if !defined(vms)
#include malloc.h
#endif
-#include varargs.h
+#include stdarg.h
/* VMS: MAY NEED TO CHANGE --
comment out any of the next 3 lines for files your system can't find */
@@ -1169,7 +1169,7 @@
extern int P_eof();
extern int P_eoln();
extern void check_constants();
-extern void printErrMesg();
+extern void printErrMesg(char *format, ...);
extern void init_ped_loc_all();
#if ALLELE_SPEED
extern int adjust_alleles();
only in patch2:
unchanged:
--- fastlink-4.1P-fix88.orig/4.1P/src/parmodified.c
+++ fastlink-4.1P-fix88/4.1P/src/parmodified.c
@@ -12,7 +12,7 @@
and S. K. Gupta */
-#include sys/time.h
+#include time.h
#include commondefs.h
#include moddefs.h
only in patch2:
unchanged:
--- fastlink-4.1P-fix88.orig/4.1P/src/unknown.h
+++ fastlink-4.1P-fix88/4.1P/src/unknown.h
@@ -11,7 +11,7 @@
possibly remove sys/ from the next 3 lines */
#include sys/types.h
#include sys/stat.h
-#include sys/time.h
+#include time.h
/* Shriram: end */
#include string.h
@@ -20,7 +20,7 @@
#if !defined(vms)
#include malloc.h
#endif
-#include varargs.h
+#include stdarg.h
/* VMS: MAY NEED TO CHANGE --
comment out any of the next 3 lines for files your system can't find */
only in patch2:
unchanged:
--- fastlink-4.1P-fix88.orig/4.1P/src/iostuff.c
+++ fastlink-4.1P-fix88/4.1P/src/iostuff.c
@@ -236,15 +236,13 @@
/* Print an error message to stderr, as well as writing to the
FASTLINK.err file */
-void printErrMesg(format, va_alist)
-char* format;
-va_dcl
+void printErrMesg(char *format, ...)
{
time_t secondsNow;
FILE* errFile;
va_list args;
- va_start(args);
+ va_start(args, format);
errFile = fopen(FASTLINK.err, a);
if (errFile != NULL) {
Bug#192490: libkdexparts1: uninstallable
On Thu, May 08, 2003 at 11:02:52AM -0700, Ryan Murray wrote: Package: libkdexparts1 Version: 2.2.2-4 Severity: grave libkdexparts1 is uninstallable because it still depends on kdelibs3 and libfam0. It needs to be rebuilt against kdelibs4 and libfam0c102 with gcc 3.2, which probably also requires a new upstream version. Is anyone working on a kdebindings package for KDE 3? -- Colin Watson [EMAIL PROTECTED]
Bug#101160: marked as done (emacs20-dl: copypaste problem)
On Sun, May 11, 2003 at 05:48:13AM -0500, Debian Bug Tracking System wrote: Your message dated Sun, 11 May 2003 20:40:13 +1000 with message-id [EMAIL PROTECTED] and subject line Removed has caused the attached Bug report to be marked as done. [...] package: emacs20-dl version: 20.7-7 Please inform this report to the upstream. A bug report for GNU Emacs with X selection (i.e., copypaste). [...] This package has been removed from Debian unstable because it has been orphaned for a very long time and nobody adopted it. See http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200304/msg5.html for more information. Have you verified that current versions of Emacs don't suffer from this bug or #152843? (Well, actually, according to the log of #152843 bugs have been reported against other Emacs versions; but even there I'd have been inclined to reassign and merge rather than closing so that the submitter gets proper notification when the bug is really fixed.) -- Colin Watson [EMAIL PROTECTED]
Bug#191515: xttitle: Recommends x-terminal-emulator, should not
On Thu, May 01, 2003 at 02:18:21PM +0200, Lionel Elie Mamane wrote: It's quite annoying, because dselect insists to install any Recommends:... Not with current (= 1.10) versions of dselect. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: ssh2 package bug
On Sat, Apr 12, 2003 at 10:50:12PM +0200, Guillaume Desclaux wrote: It seems that there is a bug in the debian package ssh2 ssh2 has been removed from the testing and unstable branches of Debian, so bugs in it won't be fixed. Sorry. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: NMU for blt (Bug #185855)
On Wed, Apr 02, 2003 at 05:10:39PM +0200, Stefan Schimanski wrote: I have prepared a NMU package for blt to fix bug #185855. I've sent the patch to the bug tracking system. I know the steps for normal NMUs. How is the procedure for NMUs with packages that are maintained by the qa team? Please go ahead and upload. There's no particular procedure for such NMUs beyond perhaps contacting this list first. In fact, we often just treat them as maintainer uploads, and in accordance with that katie will close bugs you fix in QA uploads rather than tagging them fixed. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: wavtools ... -D /dev/something option
On Wed, Apr 02, 2003 at 03:03:15PM -0800, Alex Perry wrote: I'm running a locally patched version of wavtools that trivially adds the -D option to change device. It defaults to /dev/dsp for backward compatibility. If you are interested in incorporating it into the official package, let me know and I'll make a patch to implement it and file it as a bug against the package for y'all. Since the package is orphaned, by definition it's probable that nobody is interested just now. :) However, somebody may well be interested in the future, so I think you should feel free to file a wishlist bug. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: libical_0.23-3_i386.changes ACCEPTED
A slight nitpick: Debian QA Group [EMAIL PROTECTED] in future, please, so that our control files are in sync. $ grep-available -FMaintainer -nsMaintainer [EMAIL PROTECTED] | sort | uniq -c 205 Debian QA Group [EMAIL PROTECTED] 1 Debian QA Team [EMAIL PROTECTED] (The latter is mpsql.) Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#175978: sabre_0.2.4b-15(mipsel/unstable): fails to build with sudo
On Thu, Jan 09, 2003 at 03:40:04AM -0800, Ryan Murray wrote: Package: sabre Version: 0.2.4b-15 Severity: serious [...] make[3]: Entering directory `/build/buildd/sabre-0.2.4b/lib/tzp' rm -f Makefile rm -f config.cache config.log stamp-h stamp-h[0-9]* make[3]: Leaving directory `/build/buildd/sabre-0.2.4b/lib/tzp' make[2]: Leaving directory `/build/buildd/sabre-0.2.4b/lib' rm -f config.status make[1]: Leaving directory `/build/buildd/sabre-0.2.4b' find -name Makefile -o -name Makefile.in | xargs -r rm -f dh_clean debian/rules build dh_testdir automake aclocal autoconf ./configure --prefix=/usr --bindir=/usr/games --without-svgalib ./configure: line 903: config.log: Permission denied make: *** [stamp-configure] Error 1 A full build log can be found at: http://buildd.debian.org/build.php?arch=mipselpkg=sabrever=0.2.4b-15 sabre fails to build from source with the following commands: apt-get source sabre cd sabre-0.2.4b dpkg-buildpackage -uc -us -B -rsudo Running automake, aclocal, and autoconf in your clean target (with root privs), and then running them again in the build target (without root privs) causes the build to fail. You need to clean up after everything generated in clean, or stop generating files in your clean target. sabre's debian/rules does do this cleanup, though, so I'm confused. Look further up in that build log: make[1]: Entering directory `/build/buildd/sabre-0.2.4b' cd . \ CONFIG_FILES=Makefile CONFIG_HEADERS= /bin/sh ./config.status config.status: creating Makefile make[1]: Leaving directory `/build/buildd/sabre-0.2.4b' make[1]: Entering directory `/build/buildd/sabre-0.2.4b' Making distclean in . make[2]: Entering directory `/build/buildd/sabre-0.2.4b' rm -f TAGS ID rm -f Makefile rm -f config.cache config.log stamp-h stamp-h[0-9]* make[2]: Leaving directory `/build/buildd/sabre-0.2.4b' There's a fair bit of log after that, but none of it should touch config.log, and building with -rsudo works fine for me on i386. However, the mipsen do seem to be consistently failing. Since it doesn't appear to be configure, can you shed any light on what's creating config.log? Thanks, -- Colin Watson [EMAIL PROTECTED]
Re: kde metapackage
On Sat, Mar 29, 2003 at 02:48:10PM +0100, Kai Lahmann wrote: hi any reason, why this package is not working in unstable? (it still wants to install KDE2.2, which fails). Because nobody's maintaining it at the moment. Ben Burton said that he'd take it over and fix it up if nobody else got round to it. -- Colin Watson [EMAIL PROTECTED]
Re: SSH2 / x11 forwarding
On Mon, Mar 17, 2003 at 03:32:44PM -0500, Erik Dykema wrote: I believe that I have found a bug / hole in the packaging related to ssh2 / xauth. ssh2 has been removed from Debian unstable, so there will be no further bug fixes to that package. You might mean the ssh package, though? In order for X11 forwarding to work, sshd needs to run xauth, which is included in the xbase-clients package, but is not a pre-req for ssh2, or generally for x clients (sich as xemacs21). That's correct. X11 forwarding isn't a required feature of ssh, so there's no dependency. It's in the Suggests: field of ssh, though (although it doesn't seem to have been in ssh2's Suggests:). Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#182474: KDE/unstable
On Tue, Feb 25, 2003 at 03:50:38PM -0300, Michel Loos wrote: Package: KDE Version: 4:2.2.25 Severity: critical The metapackage kde in unstable should be substituted for a metapackage depending only on the KDE3 packages already available. Like it is now, it mixes KDE2 and KDE3 packages and can not be installed. Is anyone planning to take the meta-kde source package over? It's basically just been accumulating bug reports for the last 10 months or so (some of which I'm sure should be reassigned to other parts of KDE, but they need a KDE expert to look at them) ... -- Colin Watson [EMAIL PROTECTED]
Bug#166738: FTBFS with gcc 3.2
On Mon, Oct 28, 2002 at 07:42:15AM +0100, Gerhard Tonn wrote:
Package: korelib
Version: 0.0.1-9
Severity: important
Hi,
the package get at least the following compile errors
c++ -I. -I. -I.. -I../include -g -O2 -Wall -Wp,-MD,.deps/kernel.pp -c -fPIC
-DPIC kernel.cpp -o .libs/kernel.lo
In file included from kernel.cpp:4:
../include/kore/servicemanager.h:199: `hash' was not declared in this scope
../include/kore/servicemanager.h:199: parse error before `char'
../include/kore/servicemanager.h:212: 'srv_hash_type' is used as a type, but
is not defined as a type.
A patch for this follows (lifted largely from the libstdc++
documentation on accessing extensions); with it, korelib builds cleanly
using g++ 3.2.
However, libkore0's only dependent is aethera, which is part of the qt2
dependency chain. As a result, this can't be uploaded until KDE3 is in
the archive and unless a KDE3 version of aethera is available.
--- korelib-0.0.1.orig/include/kore/servicemanager.h
+++ korelib-0.0.1/include/kore/servicemanager.h
@@ -7,9 +7,15 @@
#include map
#else
#if (__GNUC__3)
-#include hash_map
+# include hash_map
+ namespace Sgi { using ::hash_map; }; // inherit globals
#else
-#include ext/hash_map
+# include ext/hash_map
+# if __GNUC_MINOR__ == 0
+ namespace Sgi = std;// GCC 3.0
+# else
+ namespace Sgi = ::__gnu_cxx;// GCC 3.1 and later
+# endif
#endif
#endif
#include set
@@ -196,7 +202,7 @@
return strcmp(s1,s2) == 0;
}
};
-typedef hash_multimapconst char*,const Service*, hashconst char*,
eqstr srv_hash_type;
+typedef Sgi::hash_multimapconst char*,const Service*, Sgi::hashconst
char*, eqstr srv_hash_type;
#endif
struct ltptr
{
Cheers,
--
Colin Watson [EMAIL PROTECTED]
Bug#170871: (no subject)
On Tue, Dec 03, 2002 at 11:34:13PM +0100, Alex de Landgraaf wrote: a patch for the recently uploaded xmms-nas package bug, hostname wasnt being saved. I guess QA wanted to use env settings to handle this? QA had nothing to do with it; I didn't touch this part of the code when I did the recent QA upload of xmms-nas, I just didn't notice that it was there. added else to otherwise just use the string inserted :) --- xmms-nas-0.2/nasconf.c2002-12-03 23:12:38.0 + +++ xmms-new/nasconf.c2002-12-03 23:06:00.0 + @@ -43,6 +43,9 @@ if (getenv(AUDIOHOST) g_strcasecmp(nas_cfg.server,getenv(AUDIOHOST))) xmms_cfg_write_string(cfgfile, NAS, server, nas_cfg.server); + else if (g_strcasecmp(nas_cfg.server,) != 0) + xmms_cfg_write_string(cfgfile, NAS, server, nas_cfg.server); + xmms_cfg_write_int(cfgfile, NAS, buffer_size, nas_cfg.bufsize); xmms_cfg_write_file(cfgfile, filename); xmms_cfg_free(cfgfile); Thanks for the patch. Wouldn't it be better to say something more like: if (g_strcasecmp(nas_cfg.server, getenv(AUDIOHOST) ? getenv(AUDIOHOST) : )) (or a variant with less duplication)? That seems to be closer to the intent of the original code, i.e. don't save nas_cfg.server if it's equal to the value of $AUDIOHOST. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#176147: seaview: needs to be recompiled with newer libfltk1.1c102 and g++ 3.2
On Fri, Jan 10, 2003 at 04:34:45PM +0100, Laurent Bonnaud wrote: Sorry, but the following packages have unmet dependencies: seaview: Depends: libfltk1.1 (= 1.1.1) but it is not going to be installed I'm rebuilding this now. -- Colin Watson [EMAIL PROTECTED]
Re: missing recommended package
On Mon, Dec 23, 2002 at 10:20:54AM -0600, Ray wrote: ls-sensors - lm-sensors-mod Please file bugs for this kind of thing. lm-sensors has an active maintainer, so the QA group generally does not get involved. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: NMU: cbb
On Sat, Dec 14, 2002 at 05:59:00PM -0500, H. S. Teoh wrote: Hi, this is just to inform the QA team that I've uploaded an NMU of cbb containing the fix for #22047 to DELAYED/7-day. The patch is already in BTS. I'm taking the liberty to upload it now instead of later, since the package is already orphaned. Unless somebody appears to be working on it (either in the QA group or in the relevant WNPP bug), it's generally OK to upload packages maintained by [EMAIL PROTECTED] without too much fuss. Try to avoid colliding with other people, but the DELAYED mechanism usually isn't necessary. Thanks for your work. -- Colin Watson [EMAIL PROTECTED]
Re: Bug#167886: marked as done (tux-aqfh-data: should replace older versions of tux-aqfh )
On Sun, Dec 01, 2002 at 05:33:18AM -0600, Debian Bug Tracking System wrote: tux-aqfh (1.0.14-2) unstable; urgency=low . * QA upload. * Make tux-aqfh-data replace tux-aqfh ( 1.0.14-1) to avoid conflicts on upgrade. Closes: #167886. * Remove undocumented(7) symlink for tux_aqfh(6). Its lack has been reported as #171283; add Lintian override. * Conforms to Standards version 3.5.8. Why the Lintian override? If there's no man page, the error should stay there without being overridden so that it appears on summaries like http://qa.debian.org/man-pages.html. -- Colin Watson [EMAIL PROTECTED]
Re: Bug#167886: marked as done (tux-aqfh-data: should replace older versions of tux-aqfh )
On Mon, Dec 02, 2002 at 12:36:34AM +0100, Matej Vela wrote: Colin Watson [EMAIL PROTECTED] writes: On Sun, Dec 01, 2002 at 05:33:18AM -0600, Debian Bug Tracking System wrote: tux-aqfh (1.0.14-2) unstable; urgency=low . * QA upload. * Make tux-aqfh-data replace tux-aqfh ( 1.0.14-1) to avoid conflicts on upgrade. Closes: #167886. * Remove undocumented(7) symlink for tux_aqfh(6). Its lack has been reported as #171283; add Lintian override. * Conforms to Standards version 3.5.8. Why the Lintian override? I was under the impression packages with Lintian errors are a big no-no. In this case it's partly a Lintian bug. The link-to-undocumented-manpage warning should be removed altogether, as policy has been amended to no longer recommend the use of undocumented(7). As for leaving the binary-without-manpage error there, please do! It's not completely out of order to have packages with Lintian errors, in the same way that it's not out of order to have packages with bugs; we just have to acknowledge that they *are* bugs. Overriding the error isn't such an acknowledgement, it's saying that Lintian is wrong in this particular case and should be quiet. Basically, the package still has the bug that the man page isn't present, so Lintian's output should continue to mention it. I've written man pages for packages more than once after noticing a complaint from Lintian. Overriding link-to-undocumented-manpage was acceptable: W: tux-aqfh: link-to-undocumented-manpage usr/share/man/man6/tux_aqfh.6.gz N: N: Symbolic links to the undocumented(7) manual page may be provided only N: when a bug has been filed that no manual page is available. If you N: like, you may report the bug yourself, and add an override for this N: warning in your package. N: Bleh, I disagree with that text. :-) Shaleh was generally consistent in saying that overrides should only be used for cases where an exception needs to be made to an otherwise correct general rule, and not to hide Lintian bugs or package bugs. I don't know what Joy thinks, but this has certainly been the guideline in the past. (I wonder if that text was my fault ... if so, oops.) If we override binary-without-manpage for reported bugs, it'll be easy to spot unreported ones. But we won't see the reported ones in the overall list that way. If there's no man page, the error should stay there without being overridden so that it appears on summaries like http://qa.debian.org/man-pages.html. How did it work in the undocumented(7) days then? People generally didn't override the warning. Cheers, -- Colin Watson [EMAIL PROTECTED]
Re: pspell/php4
On Sun, Nov 24, 2002 at 11:40:15AM -0500, Billy Harvey wrote: Can pspell support be added to the next debianized release of php4? Please contact the maintainer of php4 for this. Note that there are two wishlist bugs already filed: http://bugs.debian.org/147728 http://bugs.debian.org/156733 Regards, -- Colin Watson [EMAIL PROTECTED]
Bug#170067: tux-aqfh: It doesn't run
severity 170067 important thanks On Thu, Nov 21, 2002 at 03:35:28PM -0200, Raphael Derosso Pereira - DephiNit wrote: Package: tux-aqfh Version: 1.0.13-6 Severity: grave Justification: renders package unusable Hi. When I try to run it, the following message shows up: slDSP: write: Resource temporarily unavailable Hm, this doesn't happen for me (with 1.0.14-1), so the package doesn't appear to be completely unusable. Perhaps this is some local sound problem? also, it doesn't depends on tux-aqfh-data neither recommends or sugests it tux-aqfh-data was only created in version 1.0.14-1, and tux-aqfh 1.0.14-1 depends on tux-aqfh-data. (In general, please always file separate problems in separate bug reports. They're much easier to deal with that way.) Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#158637: [dendler@idefense.com: iDEFENSE Security Advisory: Linuxconf locally exploitable buffer overflow]
severity 158637 important thanks On Sat, Sep 21, 2002 at 02:38:55PM +0200, Michael Banck wrote: tags 158637 + patch thanks As I stated, debian's linuxconf package should not be vulnerable, as it is not installed setuid root. Nevertheless, I've backported the patch from the latest upstream version, which makes the exploit[1] fail even if you happen to set linuxconf setuid root. Would you mind uploading this? linuxconf is orphaned, and nobody has yet offered to maintain it. Since, as you say, we don't install linuxconf setuid root, I've downgraded the bug in the meantime. Thanks, -- Colin Watson [EMAIL PROTECTED]
Re: Bug#145320: marked as done (kde-i18n-et: Eesti is Estonia in english)
On Thu, Oct 03, 2002 at 08:18:25AM -0500, Debian Bug Tracking System wrote: Changes: kde-i18n (4:2.2.2-3) unstable; urgency=low . * took package from QA (closes: Bug#114126) Yay, thank you Noel! -- Colin Watson [EMAIL PROTECTED]
Bug#160813: marked as done (=?ansi_x3.4-1968?q?cgiemail:?= =?ansi_x3.4-1968?q?/etc/cgiemail.conf?= is not consulted)
On Sat, Sep 28, 2002 at 06:33:18AM -0500, Debian Bug Tracking System wrote:
cgiemail (1.6-15) unstable; urgency=low
.
* QA upload.
* Null-terminate templatedir, and make sure it really does get checked
(closes: #160813).
Sorry, this should have been urgency=high.
I think a stable-security upload will be needed as well. Here's the
relevant part of the diff I used:
--- cgiemail-1.6.orig/cgilib.c
+++ cgiemail-1.6/cgilib.c
@@ -489,6 +489,7 @@
if (endquotes)
{
strncpy(templatedir, inquotes, endquotes - inquotes);
+ templatedir[endquotes - inquotes] = 0;
return(0);
}
}
@@ -525,7 +526,7 @@
if (cgi_read_configuration(formp, templatedir, CGI_VARNAME_MAX - 1))
return(1);
- if ((!templatedir)
+ if ((!templatedir) ||
strncmp(templatefile, templatedir, strlen(templatedir)) ||
strstr(templatefile, /../))
{
However, on reflection I'm not sure if this fix is optimal. Thomas, was
the !templatedir test supposed to deal with /etc/cgiemail.conf being
missing? If so then perhaps this should be more like 'if
((!*templatedir) || ...)', and *templatedir will need to be initialized
to 0 before calling cgi_read_configuration().
--
Colin Watson [EMAIL PROTECTED]
Bug#160972: xmbase-grok_1.5-2(m68k/unstable/thing2): FTBFS, missing build-dep
On Sun, Sep 15, 2002 at 12:00:51PM -0500, Stephen R Marenka wrote: Package: xmbase-grok Version: 1.5-2 Severity: serious Justification: fails to build on release candidate arch. Tags: sid xmbase-grok fails to build from source, missing build-deps. As Matej Vela said in #160726, this is actually a bug in libmotif-dev. I'm leaving it open here anyway because, well, it does still fail to build ... -- Colin Watson [EMAIL PROTECTED]
Re: clisp on debian for S390
On Thu, Sep 12, 2002 at 04:51:21PM +0400, Geoff McKee - PM(OS) wrote: I am a new user of Debian running on the S390 platform. I was under the impression that a port of clisp had been done to S390 and was available on the Woody release. This doesn't seem to be the case. Do you have any idea if a port is being worked on. It does seem to be there: clisp | 1:2.27-0.5 |stable | source, alpha, i386, powerpc, s390 You should be able to find it at e.g.: ftp://ftp.debian.org/debian/pool/main/c/clisp/clisp_2.27-0.5_s390.deb I can't attest to how well it works myself, although its changelog shows that it's had attention from one of Debian's S/390 porters so I assume it's at least reasonably functional. Regards, -- Colin Watson [EMAIL PROTECTED]
Bug#154251: It's the xbase-clients package
On Wed, Sep 04, 2002 at 11:33:47AM +0200, Jan Harnisch wrote: Come on guys, talk to me... are you all on vacation or what? ;-) Being maintained by the QA Group means that a package is orphaned, thus it tends not to get that much attention, especially in this case where it's non-free. (Is there some particular reason you prefer SSH2 to OpenSSH?) In the meantime I have installed X on one of my PCs where I experienced this problem, and like magic it worked. I checked the packages that were installed and repeated the procedure installing the packages one by one. After installation of the xbase-clients package, logging in from remote worked with no problems. It seems that, even when configured with ForwardX11 no, sshd tries to activate some program (xauth?) and starts getting mad when it cant find it. I'm certainly reluctant to add a dependency on xbase-clients; see #123768, for instance. Somebody will need to figure out why sshd spins like this when sshd isn't available. If you have a chance to build a debug version and attach gdb to it while it's spinning, that would be ideal, otherwise I'll do it at some point. Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#152857: freeamp: FreeAmp is being superseded by Zinf
On Sat, Jul 13, 2002 at 12:07:38PM -0300, Andrew Phillips wrote: Package: freeamp Version: 1:2.1.1.0-4 Severity: wishlist FreeAmp has been more or less replaced with Zinf 2.2.0. http://www.zinf.org/ So, I take it freeamp can be removed now that zinf is in the archive? If so, we should reassign this bug to ftp.debian.org. -- Colin Watson [EMAIL PROTECTED]
Bug#157441: freeamp lacks manpage
merge 126235 157441 thanks On Tue, Aug 20, 2002 at 01:06:05PM -0700, Andre L. wrote: Package: freeamp Version: 2.1.1.0-4 freeamp does not have a man page. Already reported, thanks. Regards, -- Colin Watson [EMAIL PROTECTED]
Re: elm-me+ version 2.4pl25ME+95-3 won't run when en_US locale is configured
On Wed, Jul 17, 2002 at 12:27:29PM -0500, Patrick Goetz wrote: I get the following error message from elm-me+ when trying to run elm after the locales package has been configured to use en_US: linux127:~pgoetz$ elm Elm: Unable to map en_US locale (LC_CTYPE) to MIME charset Using default (US-ASCII). Check /etc/elm-me+/elm.mimecharsets or /home/pgoetz/.elm/mime.charsets Problem with locale (system character set)! Elm ME+ will behave erratically. This looks like bug #82916. I'm not sure if anyone's investigated that in much more detail. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: i like to download dj software in linux
On Fri, Jul 12, 2002 at 02:15:06PM -0700, Eduardo Ahumada wrote: [EMAIL PROTECTED] You might want to try debian-user instead, probably with a clearer description of exactly what you want. This list is for the maintenance of orphaned packages. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#151301: elm-me+: missing manpages
severity 151301 normal merge 128027 151301 thanks On Fri, Jun 28, 2002 at 09:12:02PM +0200, Thomas Koenig wrote: Package: elm-me+ Version: 2.4pl25ME+95-3 Severity: important None of the man pages for the different commands are found by version 2.3.20-20 of man-db: elm answer checkalias elmalias fastmail frm listalias messages newalias newmail printmail readmsg wnewmail nfrm They're just in the wrong place - bug #128027. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#138995: libcw: text entry widget duplicates characters during quick typing
On Sat, May 18, 2002 at 08:24:41AM +, xsdg wrote: On Fri, May 17, 2002 at 10:11:21PM -0500, Colin Watson wrote: On Wed, Apr 17, 2002 at 07:20:02PM -0500, Colin Watson wrote: What video card do you have? So far I've noticed this kind of thing at work, where I have an i810 card. Considering your alacrity in complaining to -devel about our slow response, I find it amusing that you haven't answered this query yet! :) Hrm... must be some MTA goofup... I did respond to your mail (mutt confirms this). Hm, maybe something on my end, then. OK, apologies for the remark above in that case. :) I'm quoting the extra details here and copying them to the bug report to make sure they're archived. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
elm-me+ upload
elm-me+ is orphaned and doesn't have a potential adopter at the moment, so I'm going to fix its RC bug plus a couple of the other ones open against it while I'm at it. Please shout if you object ... -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#100629: x2x: patches
severity 100629 wishlist thanks The patches have been moved to these URLs: http://www.eax.com/patches/X2X/x2x-2-daemon.diff http://www.eax.com/patches/X2X/x2x-3-cleanup.diff -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Little bug on Spanish translation of KWin
On Sun, May 12, 2002 at 04:24:17AM +0200, NetVicious @ wrote: I sended days ago this little bug to http://bugs.kde.org It only need a very very little change. If you could modify it for be on stable release of woody it will be ok ;) It's too late for non-critical changes to woody. You could file it as a Debian bug report if you like to ensure it's not forgotten. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#145336: cgiemail: no NAME section in man pages
Package: cgiemail Version: 1.6-14 Severity: normal None of cgiemail's man pages have NAME sections, so man-db can't parse them for whatis information. See lexgrog(1) for documentation of the correct format. Thanks, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#142085: FTBFS: Build failure of voberon on i386
reassign 142085 imlib-dev thanks On Wed, Apr 10, 2002 at 01:55:57PM +0900, Junichi Uekawa wrote: voberon fails to build from source on i386, when doing a binary-all build. I am just filing this bug to notify you that I failed to build your package from source, using a very simplistic program called pbuilder. Build log follows: === mv -f .libs/VOUsePrefs.lo VOUsePrefs.lo /usr/bin/libtool gcc -o liboo2c_vo.la -version-info 0:0:0 -rpath /usr/lib -L/usr/lib VOPrefs.lo VOLLMac.lo VOEvent.lo VOUtil.lo VODragDrop.lo VOPrefsScanner.lo VOObject.lo VODataStreamModel.lo VOFunctionModel.lo VOTableModel.lo VOTreeModel.lo VOValue.lo VOPrefsParser.lo VOTextViewModel.lo VODisplay.lo VOGUIObject.lo VOArray.lo VOButtonRow.lo VOColorArea.lo VODrawTest.lo VOFrame.lo VOFuelGauge.lo VOImage.lo VOKeyHandler.lo VOLED.lo VOLightChain.lo VOMulti.lo VOOszil.lo VOPanel.lo VOPatternLegend.lo VOPieChart.lo VOPlate.lo VOPlot.lo VOPopup.lo VOPower.lo VOQuickHelp.lo VOScale.lo VOSegment.lo VOLoad.lo VOSegment7.lo VODigiClock.lo VOSpace.lo VOStatusLine.lo VOString.lo VOStringClock.lo VOTab.lo VOTextView.lo VOToolbar.lo VOVecImage.lo VOBool.lo VOCycle.lo VOLine.lo VOPane.lo VORadio.lo VOSlider.lo VOText.lo VOButton.lo VOClock.lo VOFrameGroup.lo VOLabel.lo VOListModel.lo VOMenu.lo VOScroller.lo VOList.lo VOTable.lo VOTree.lo VOWindow.lo VOColSelDlg.lo VOWindowGroup.lo VOFrmSelD! lg.lo VOImgSelDlg.lo VOMsgDialog.lo VOPrefsGUI.lo VOBoolPrefs.lo VODisplayPrefs.lo VOFuelGaugePrefs.lo VOLightChainPrefs.lo VOListPrefs.lo VOLoadPrefs.lo VOPopupPrefs.lo VOPowerPrefs.lo VOQuickHelpPrefs.lo VORadioPrefs.lo VOScrollerPrefs.lo VOStringPrefs.lo VOTablePrefs.lo VOWireFrame.lo VOBackground.lo VOButtonPrefs.lo VOButtonRowPrefs.lo VOClockPrefs.lo VOCyclePrefs.lo VOLabelPrefs.lo VOMenuPrefs.lo VOOszilPrefs.lo VOSliderPrefs.lo VOStatusLinePrefs.lo VOTextPrefs.lo VOToolbarPrefs.lo VOArrayPrefs.lo VODigiClockPrefs.lo VOFrameGroupPrefs.lo VOMultiPrefs.lo VOPanelPrefs.lo VOTabPrefs.lo VOWindowGroupPrefs.lo VOUsePrefs.lo -loo2c_x11 -lImlib -lgif -lpng -ltiff -ljpeg -lz -lm -lXext -L/usr/X11R6/lib -lSM -lICE -lX11 -loo2c grep: /usr/lib/libgtk.la: No such file or directory [etc.] This looks like a bug in imlib-dev to me. libgtk isn't mentioned in the link line above. However, it's mentioned in /usr/lib/libImlib.la (under dependency_libs), so I think imlib-dev needs to mirror the dependencies of imlib1 and depend on libglib1.2-dev and libgtk1.2-dev. Thanks, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#138995: libcw: text entry widget duplicates characters during quick typing
On Thu, Mar 28, 2002 at 08:49:23PM -0600, Colin Watson wrote: On Tue, Mar 19, 2002 at 03:06:38AM +, xsdg wrote: I usually type between 60 and 80 words per minute. As I use cooledit to edit my LaTeX documents, I use it quite often. Sometimes, when I press a key in the main text edit widget in cooledit, it prints the previously-entered character (or, sometimes, the character before that) in place of the character which I pressed. This occurs consistently, although not at every keypress. Also, the problem happens most notably during inter-word spaces. Just by way of a data point, I can't reproduce this at all (using the same versions of cooledit and libcw). Perhaps this is an X server bug? I've occasionally noticed keystrokes being duplicated in a variety of X clients recently when the system is under moderate to heavy load. What video card do you have? So far I've noticed this kind of thing at work, where I have an i810 card. Thanks, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Trying to build Debian packages for KDE 3.0
On Sat, Apr 13, 2002 at 01:04:06PM +0200, Josip Rodin wrote:
On Fri, Apr 12, 2002 at 08:29:22PM -0700, Nick Garnett wrote:
Are you building KDE3.0 Debian packages?
I think we need to make debian-kde@lists.debian.org the maintainer of the
kde package.
It would be better than the QA Group - you probably want the kde
metapackage to be maintained with some care. kdelibs3-crypto too - is
anything happening about #141838? kde{base,libs}-crypto are both
currently listed as orphaned.
--
Colin Watson [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#129104: cgiemail: buffer overflow and script reading vulnerabilities
On Mon, Apr 08, 2002 at 10:36:31AM -0400, Bruce R. Lewis wrote: A recent message on debian-devel-announce shows cgiemail having been removed from the upcoming release. Has the buffer overflow fix for cgicso been checked in? If not, one option is to remove cgicso entirely, as it is really not useful except at MIT, and its existence probably confuses some people. As for the script-reading vulnerability, why not just have cgiemail and cgiecho not echo back the message sent at all; just say a message was sent or somesuch. Seems like a quick fix is needed if cgiemail is to be included in woody. Better fixes are available, though. I'd forgotten that the last message in this bug left it up to me to test them ... I'll have a look today or tomorrow and see if we can get this sorted. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#141670: mgdiff: cvsmgdiff(1) missing NAME section
Package: mgdiff Version: 1.0-18 Severity: normal The new cvsmgdiff(1) is missing a NAME section: [EMAIL PROTECTED] ~]$ lexgrog /usr/share/man/man1/cvsmgdiff.1.gz /usr/share/man/man1/cvsmgdiff.1.gz: parse failed The other man pages in the package are correct. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#141441: FTBFS: Build failure of libg++27 on i386
On Sat, Apr 06, 2002 at 02:23:30PM +0900, Junichi Uekawa wrote: ld: cannot open crt1.o: No such file or directory *** The command 'gcc -O2 -o conftestconftest.c' failed. *** You must set the environment variable CC to a working compiler. Looks like this might just be a missing build-dep on libc5-altdev. I'll upload a fix in a moment. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#138995: libcw: text entry widget duplicates characters during quick typing
On Tue, Mar 19, 2002 at 03:06:38AM +, xsdg wrote: I usually type between 60 and 80 words per minute. As I use cooledit to edit my LaTeX documents, I use it quite often. Sometimes, when I press a key in the main text edit widget in cooledit, it prints the previously-entered character (or, sometimes, the character before that) in place of the character which I pressed. This occurs consistently, although not at every keypress. Also, the problem happens most notably during inter-word spaces. Just by way of a data point, I can't reproduce this at all (using the same versions of cooledit and libcw). Perhaps this is an X server bug? I've occasionally noticed keystrokes being duplicated in a variety of X clients recently when the system is under moderate to heavy load. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#111923: linuxconf: segfault
Hi, I can't reproduce this bug with the current version of linuxconf in testing and unstable, 1.26r4-2. I tried 'linuxconf --setmod treemenu' from a fresh install, and linuxconf started up fine and did indeed display the tree menu. Could you try the latest version and see if you can still reproduce this? Thanks, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#129919: langdrill segfaults with default /etc/langdrillrc
Hi, I can't reproduce your segfault bug against langdrill on a current unstable system. Could you check to see if you can still reproduce this? If so, it would be great if you could build it with debugging symbols (setting -g in both CFLAGS and LDFLAGS in src/Makefile should be enough), run it inside gdb, and get a backtrace. The default /etc/langdrill.rc does appear to have an error - the first line should probably begin '#include', not 'include'. It might also be worth changing that and see if the segfault goes away. Thanks, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#129104: bug 129104 (buffer overflow + template reading in cgiemail)
Hi, Any progress with this cgiemail bug? If you've got the debconf stuff written, I could test it if that would help ... -- Colin Watson [EMAIL PROTECTED]
Bug#133903: sarg's config file format has changed
On Fri, Mar 08, 2002 at 11:03:29AM +1000, Damian Bickhoff wrote: Package: sarg Version: 1.2.1-4 The reason that sitesusers doesn't work as a tag is because there's no longer support for it in the sarg binary. The config file currently shipped with the Debian package is pretty old, and should probably be updated. I've attached a patch (I hope) that brings things up to the current format. It does seem to have gone missing - perhaps you could resend. You can mail things directly to [EMAIL PROTECTED] rather than using reportbug, if that makes it easier. -- Colin Watson [EMAIL PROTECTED]
Bug#124200: svgalib-bin: spelling in package description
severity 124200 minor thanks Rather than saying without going through X Window, I'd prefer something like without going through the X Window System. Also, I'm not sure that the second part of your report is correct. As far as I know, graphics modes is a common phrase in English, and graphics there is a noun, not an adjective (i.e. modes of graphics). -- Colin Watson [EMAIL PROTECTED]
Bug#127933: microwindows: microwindows source is organized wrong
severity 127933 wishlist thanks Thomas Bushnell BSG wrote: The microwindows source is organized wrongly. The .orig.tar.gz file contains itself another .tar.gz, and a set of patches. This is so wrong, it doesn't even begin to deserve mention. But whoever adopts this package really *must* reorganize the source to be more sane. This just looks like DBS to me. Not everybody likes it (I don't, really), but considering that packages like libc6, xfree86, and apache use similar schemes I don't think that it's actually a bug. -- Colin Watson [EMAIL PROTECTED]
Bug#110331: This bug seems done now
On Sun, Mar 03, 2002 at 07:09:38PM -0800, Thomas Bushnell, BSG wrote: Colin Watson [EMAIL PROTECTED] writes: microwindows (0.88pre11-4) unstable; urgency=low * NMU * Fix libmicrowindows0-fb-dbg and libmicrowindows0-x11-dbg dependencies. (Closes: #121459) -- Thomas Bushnell, BSG [EMAIL PROTECTED] Tue, 1 Jan 2002 13:04:42 -0800 Yes, but it's an NMU, so we leave the bug open until the maintainer fixes it in his source. Current practice is to simply close bugs in packages maintained by the QA group once they've been dealt with, rather than regarding them as NMUs. A new maintainer taking over the package will have to start from the most recent version in the archive anyway. -- Colin Watson [EMAIL PROTECTED]
Bug#133970: voberon cannot build from sources on ia64
Here's the config.log from the build on ia64 (caballero.debian.org).
Since oo2c is segfaulting, perhaps this bug should be reassigned there?
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
configure:531: checking for oo2c
configure:636: checking initialization file
configure:650: checking installation directory
configure:674: checking for ooconfig
configure:695: checking for library support
configure:749: checking for a BSD compatible install
configure:804: checking for module X11.Mod
configure:830: oo2c -Mv -O --libs conftest.Mod 15
./configure: line 1: 20093 Segmentation fault $OOC -Mv $OFLAGS --libs
conftest.$ooc_ext 15
configure: failed program was:
#line 817 configure
char XOpenDisplay();
int test_fct() {
XOpenDisplay(); return 0; }
MODULE conftest [INTERFACE C; LINK FILE conftest.c END];
IMPORT dummy:=Strings, Strings, X11;
END conftest.
Cheers,
--
Colin Watson [EMAIL PROTECTED]
Bug#134865: kde-games is uninstallable
On Wed, Feb 20, 2002 at 01:36:37PM +0100, Andr? Dahlqvist wrote: Sorry, but the following packages have unmet dependencies: kde-games: Depends: kasteroids but it is not going to be installed E: Sorry, broken packages It might be useful if you could try to install kasteroids and see what problems that shows. I rather suspect that this is a duplicate of #133171, though. -- Colin Watson [EMAIL PROTECTED]
Bug#91243: Bug #91243 against dejasearch
reassign 114643 ftp.debian.org retitle 114643 Please remove dejasearch thanks On Wed, Feb 13, 2002 at 02:21:33PM +, Brian Potkin wrote: Having run into this bug when attempting to work with dejasearch this morning I have concluded that it would not be a bad thing if it was withdrawn from Debian. Quite simply, the script does not work and it does not appear it will be be fixed in the near future. I agree. It's been orphaned for four months and nobody's stepped forward to fix it either in Debian or upstream. We can always reintroduce it if somebody does, but until then we're better off without it. Note that 'deja' in the surfraw package appears to work, and at least provides dejasearch's basic functionality. -- Colin Watson [EMAIL PROTECTED]
Bug#128164: svgalibg1: segfault (file missing perhaps?)
retitle 128164 svgalibg1: restorefonts segfaults thanks Lazarus Long wrote: # savetextmode svgalib 1.4.3 svgalib: Signal 11: Segmentation fault received. /usr/bin/savetextmode: line 9: 1434 Segmentation fault restorefont -w /etc/vga/fontdata I've removed the annotation in the title because it doesn't seem as if it's due to a missing file - 'restorefont -w' is supposed to write to (and, if necessary, create) the file in its arguments, and it works OK here. Can you get an strace in order to narrow this down a bit more? Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#121142: svgalib1 fixed in incoming
OK, I figured this out, and a fix is in incoming now. Here's the diff, in case anyone's interested: --- svgalib-1.4.3.orig/debian/changelog +++ svgalib-1.4.3/debian/changelog @@ -1,3 +1,12 @@ +svgalib (1:1.4.3-6) unstable; urgency=low + + * QA upload. + * Set SUPPRESS_FOR_LIBC5 while installing into the temporary tree as well +as when building, so that libvga doesn't get rebuilt against libc6 +(closes: #121142). + + -- Colin Watson [EMAIL PROTECTED] Mon, 11 Feb 2002 02:20:04 + + svgalib (1:1.4.3-5) unstable; urgency=low * Orhaning the package, I think I am not skilled enough for it. --- svgalib-1.4.3.orig/debian/rules +++ svgalib-1.4.3/debian/rules @@ -243,7 +243,8 @@ sharedlibdir=`pwd`/../debian/tmp-$(sharedc)/$(compatlib) \ libdir=`pwd`/../debian/tmp-$(develc)/$(compatlib2) \ includedir=`pwd`/../debian/tmp-$(develc)/$(compatinc) \ - installsharedlib installstaticlib installheaders + installsharedlib installstaticlib installheaders \ + SUPPRESS_FOR_LIBC5=y mv debian/tmp-$(sharedc)/$(compatlib)/libvga.so \ debian/tmp-$(sharedc)/$(compatlib)/libvga.so.$(soname) mv debian/tmp-$(sharedc)/$(compatlib)/libvgagl.so \ Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#132826: vkeybd: Files in etc not marked as conffiles
On Thu, Feb 07, 2002 at 07:45:50PM +, Malcolm Parsons wrote: Package: vkeybd Version: (0.4.3.1-1.3) Severity: Serious Justification: Policy 11.7 vkeybd contains files in /etc that are not marked as conffiles. This violates a must in Debian Policy, so is a Serious bug. I've uploaded a fix. -- Colin Watson [EMAIL PROTECTED]
Bug#132146: biomode: Files in etc not marked as conffiles
On Sun, Feb 03, 2002 at 06:06:01PM +, Malcolm Parsons wrote: Package: biomode Version: 1.002-5 Severity: Serious Justification: Policy 11.7 biomode contains files in /etc that are not marked as conffiles. This violates a must in Debian Policy, so is a Serious bug. I'll handle this one. -- Colin Watson [EMAIL PROTECTED]
Re: package saytime
On Tue, Jan 22, 2002 at 04:21:01PM -0700, David Karlin wrote: I also looked at the list of packages currently being adopted at http://www.debian.org/devel/wnpp/being_adopted and followed the links for saytime (there are two). The information there was unclear to me. I cannot tell if someone is stepping up to adopt this package or not. If not, I would consider it, and have already arranged for a sponsor. Neither of the potential adopters have done anything for some time, and as far as I know neither is yet a developer. If I were you I'd mail the bug reports to say you're contacting Ian Zimmerman and Javi about it and are interested yourself, mail both of them to ask whether they're still interested, wait a reasonable amount of time (a couple of weeks), and then adopt the package. Cheers, -- Colin Watson [EMAIL PROTECTED]
Bug#129104: bug 129104 (buffer overflow + template reading in cgiemail)
On Wed, Jan 16, 2002 at 04:17:25PM -0500, Thomas Smith wrote:
I had released a new version with an almost-correct fix for the buffer
overflow problem last night, and just looked at your mail to the bug
this afternoon. My fix was almost the same as yours; it used
CGI_ERRMSG_MAX-1 instead of CGI_ERRMSG_MAX. My next upload will use
your correct version.
Right, that change isn't too big a deal.
That leaves the other stuff... the main problem is the template files,
and I like the solution you suggested (restricting them to a specific
directory). The relevant code, I think, is in the
cgi_standard_{email,echo,file} functions at the end of cgilib.c
(beginning on line 1010).
Hmm, one problem that just occurred to me is that we can't easily make
the location of the template files a compile-time option because people
reconfigure their webservers to have different document roots, and the
current design of cgiemail requires the template files to have
PATH_TRANSLATEDs. That means, I guess, that configuration file parsing
might have to be added.
Yes, with the current design there really isn't any way to do it well
(including backwards compatibility), only patch it up. I suggest a
simple 'templatedir=/foo/bar/baz' in a trusted place like
/etc/cgiemail.conf. That has the advantage that it can be parsed by the
shell, so you can easily set it with debconf and not clobber the old
setting on upgrades.
Maybe could restrict to files with extension .CGIEMAIL_TEMPLATE.
Do you have any other ideas, or a preference between these two?
I think I prefer the directory idea: I usually prefer moving files
between directories to renaming files, somehow.
The other issue is that it uses mkstemp() which is not very secure. I
don't guess that this is exploitable, but should be fixed at some point.
tmpnam(), rather - mkstemp() is fine. It's not very hard to convert from
one to the other with a bit of care, so I'll do that later.
--
Colin Watson [EMAIL PROTECTED]
Bug#118969: Close?
On Thu, Jan 17, 2002 at 09:22:35PM +, Stephen Stafford wrote: This looks like it is no longer the case. Perhaps this bug should be closed? (I will not close it myself as I don't use zope at all, so perhaps there are issues here I don't understand) The conflict in zope was, as I understand it, to get appropriate python dependencies in zope products. (See the zope Debian changelog.) I don't think this bug should be closed until those are added, but it could be downgraded to non-RC. Actually, thinking about it, I'm not sure I understand why the conflicts were added. zope-pythonmethod doesn't depend on python itself, but depends on zope which depends on python for it. If it has version-dependent code then this could be grounds for a bug, but it doesn't look like grounds for a conflict to me. Could the zope maintainer please comment on this? Thanks, -- Colin Watson [EMAIL PROTECTED]
Re: Bug#129414: psptools: try this patch -p0 on psplpr.pl.in instead of #129287
On Thu, Jan 17, 2002 at 03:11:40AM +, Colin Watson wrote: On Wed, Jan 16, 2002 at 11:22:59AM -0700, Don wrote: Please look if there is a missing print; statement causing the dropped and duplicated lines. Then all of the bugs would be gone, at least as far as the program was intended to work. I believe I have a fix for this. I'm just building and testing packages now, but the diff fragment is: [...] This passes the test given in #116263, and should fix your problems too. I'll let you know when I've uploaded new packages. I believe that the packages currently in incoming (http://incoming.debian.org/, GPG-signed by me) should fix everything you've reported so far. Please let me know if there are any further problems, or file a bug report or inform an existing bug report if appropriate. Thanks, -- Colin Watson [EMAIL PROTECTED]
Bug#128444: This *is* serious
On Tue, Jan 15, 2002 at 02:27:07PM -0800, Thomas Bushnell, BSG wrote: Colin Watson [EMAIL PROTECTED] writes: severity 128444 serious thanks In practice this is serious. I'll put together a fix. in practice. No. It doesn't violate policy. Maybe it should, but it doesn't. Of course, it's fine to fix it. But there is no rule that packages must not depend on such things. Sometimes actually getting things working is more important than worrying about which rules they violate, and I'm volunteering to get things working. In any case, the serious severity is also for in the package maintainer's opinion, makes the package unsuitable for release, and in this package maintainer's opinion a package that can't be built by autobuilders is unsuitable. -- Colin Watson [EMAIL PROTECTED]
