Bug#697078: tpu: xdotool/1:2.20100701.2961-3+deb7u1
On Wed, Jan 2, 2013 at 22:31:18 +, Adam D. Barratt wrote: On Tue, 2013-01-01 at 02:36 +0100, Michael Stapelberg wrote: Adam D. Barratt a...@adam-barratt.org.uk writes: I would like to upload xdotool/1:2.20100701.2961-3+deb7u1 to testing-proposed-updates to fix #680824 in wheezy. At the moment, 1:2.20100701.2961-3 is in wheezy and 1:2.20110530.1-6 (many changes) is in unstable. Please go ahead; thanks. Done. Note that I had to add a Build-Dep on ruby-test-unit, otherwise the build fails with newer versions of Ruby. Updated debdiff is attached. Unfortunately, it fails everywhere anyway. :-( There are several failures of the form Error: test_windowraise_fails_on_invalid_window(XdotoolBasicTests) EOFError: end of file reached /build/buildd-xdotool_2.20100701.2961-3+deb7u1-armel-rQRNDX/xdotool-2.20100701.2961/t/xdo_test_helper.rb:32:in `readline' 29: exec(exec xterm -T '#{@title}' -e 'echo $WINDOWID #{writer.fileno}; echo $$ #{writer.fileno}; exec sleep 300') bashisms? Cheers, Julien 30: end # xterm fork 31: writer.close = 32: @wid = reader.readline.to_i 33: @shellpid = reader.readline.to_i 34: 35: healthy = false Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1357165878.28716.26.ca...@jacala.jungle.funky-badger.org signature.asc Description: Digital signature
Bug#697190: unblock: virtuoso-opensource/6.1.4+dfsg1-2
Hi, José Manuel Santamaría Lema wrote (02 Jan 2013 20:22:43 GMT) : intrigeri intrig...@debian.org From a remote point-of-view, this is worrying: do you mean something during the installation will access or create a file with a fixed name in /tmp? Yes. May it have security implications? Unfortunately, yes. See http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=576418 I'm tagging that one security. It's annoying, but yet another kind of security concern than the one I was afraid of and refering to... when using such predictable names, in many cases an attacker could overwrite any existing file on the system with the permissions of the process that wants to create the file. I doubt the /tmp/virt_ thing is immune to this class of attacks. Is it? Any very good reason to *both* 1. use a predictable name; and 2. use /tmp rather than a dedicated directory only writable by users that should access this file? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85ip7eegek@boum.org
Bug#697281: unblock: xen-api/1.3.2-14 (Fixes #696810: bad debconf handling)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, As per #696810, the debconf choice for the networking mode of XCP wasn't working as expected. When using apt, even when choosing bridging, openvswitch was always set in /etc/xcp/network.conf. This -14 version fixes that. If that is enough explanations, you can skip what is below (debdiff attached to this message). More explanation in details I was mainly testing using dpkg -i xcp-networkd*.deb. Using dpkg, the debian/xcp-networkd.config script was executed only once. But when using apt, it seems that debian/xcp-networkd.config was executed once normally, and then once more in a non-interactive mode. This is what created the problem, or rather, this what made me wrongly think my script was right when testing it. Now, when I look back into it, I feel the corrected script is much cleaner the way it is now anyway. Also, because we only have: Recommends: openvswitch-switch, openvswitch-datapath-dkms and not a strong Depends:, plus the fact that it seems that the openvswitch mode is sometimes buggy, plus the fact that it is required to reboot which doesn't always work because of the networking setup which isn't easy (see README.Debian about it), I have decided it was more reasonable to leave the bridging mode as the default, rather than openvswitch. This -14 Debian release therefore sets Linux standard bridging as the default networking for XCP (eg: that's what will be setup in non-interactive Debconf frontend, and that will be the default selected option in the Debconf screen). Note that I have tested the new xcp-networkd package using both dpkg -i and apt (with a local file:// repo), and it's fine now. /More explanation in details Please unblock xen-api/1.3.2-14. Cheers, Thomas Goirand (zigo) P.S: I was unsure if #696810 deserved an RC severity, please let me know your view on this, so that next time I know. diff -Nru xen-api-1.3.2/debian/changelog xen-api-1.3.2/debian/changelog --- xen-api-1.3.2/debian/changelog 2012-11-04 07:11:22.0 + +++ xen-api-1.3.2/debian/changelog 2012-12-27 13:18:26.0 + @@ -1,3 +1,10 @@ +xen-api (1.3.2-14) unstable; urgency=low + + * Fixes: if apt-get was used to install xcp-networkd instead of dpkg -i, then + debconf value selected for network-type wasn't respected (Closes: #696810). + + -- Thomas Goirand z...@debian.org Thu, 27 Dec 2012 13:05:06 + + xen-api (1.3.2-13) unstable; urgency=low * Fixes: wait_for_xapi() function in init.d script doesn't work on slave diff -Nru xen-api-1.3.2/debian/xcp-networkd.config xen-api-1.3.2/debian/xcp-networkd.config --- xen-api-1.3.2/debian/xcp-networkd.config 2012-11-04 07:11:22.0 + +++ xen-api-1.3.2/debian/xcp-networkd.config 2012-12-27 13:18:26.0 + @@ -10,15 +10,15 @@ # Get the values from the config file if [ -r /etc/xcp/network.conf ] ; then NETWORK_TYPE=`cat /etc/xcp/network.conf` -fi -# This controls the default behavior, which here will be openvswitch. -# Invert words bridge and openvswitch to change this. -if ! [ ${NETWORK_TYPE} = bridge ] ; then - NETWORK_TYPE=openvswitch -fi + # Make sure we have a working value + # (eg: bridge or openvswitch, and nothing else) + if ! [ ${NETWORK_TYPE} = bridge ] ; then + NETWORK_TYPE=openvswitch + fi -db_set xcp-xapi/networking_type ${NETWORK_TYPE} + db_set xcp-xapi/networking_type ${NETWORK_TYPE} +fi db_input high xcp-xapi/networking_type || true db_go
Bug#697283: unblock: ruby-activerecord-3.2/3.2.6-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby-activerecord-3.2 This release fixes a recently undisclosed security problem (CVE-2012-5664) Attached is the debdiff between this version and the version in testing. unblock ruby-activerecord-3.2/3.2.6-3 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.utf8, LC_CTYPE=pt_BR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Antonio Terceiro terce...@debian.org diff -Nru ruby-activerecord-3.2-3.2.6/debian/changelog ruby-activerecord-3.2-3.2.6/debian/changelog --- ruby-activerecord-3.2-3.2.6/debian/changelog 2012-06-24 18:52:31.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/changelog 2013-01-03 11:21:21.0 -0300 @@ -1,3 +1,10 @@ +ruby-activerecord-3.2 (3.2.6-3) unstable; urgency=high + + * debian/patches/3-2-dynamic_finder_injection.patch: fix SQL injection +vulnerability (CVE-2012-5664). + + -- Antonio Terceiro terce...@debian.org Thu, 03 Jan 2013 11:21:18 -0300 + ruby-activerecord-3.2 (3.2.6-2) unstable; urgency=low * Bump build dependency on gem2deb to = 0.3.0~ diff -Nru ruby-activerecord-3.2-3.2.6/debian/control ruby-activerecord-3.2-3.2.6/debian/control --- ruby-activerecord-3.2-3.2.6/debian/control 2012-06-24 18:52:06.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/control 2012-09-01 17:38:02.0 -0300 @@ -3,7 +3,6 @@ Priority: optional Maintainer: Debian Ruby Extras Maintainers pkg-ruby-extras-maintain...@lists.alioth.debian.org Uploaders: - Ondřej Surý ond...@debian.org, Antonio Terceiro terce...@debian.org, DM-Upload-Allowed: yes Build-Depends: debhelper (= 7.0.50~), diff -Nru ruby-activerecord-3.2-3.2.6/debian/control.in ruby-activerecord-3.2-3.2.6/debian/control.in --- ruby-activerecord-3.2-3.2.6/debian/control.in 2012-06-16 20:57:42.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/control.in 2012-09-01 17:38:02.0 -0300 @@ -3,7 +3,6 @@ Priority: optional Maintainer: Debian Ruby Extras Maintainers pkg-ruby-extras-maintain...@lists.alioth.debian.org Uploaders: - Ondřej Surý ond...@debian.org, Antonio Terceiro terce...@debian.org, DM-Upload-Allowed: yes Build-Depends: debhelper (= 7.0.50~), diff -Nru ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch --- ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch 1969-12-31 21:00:00.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch 2013-01-03 11:14:35.0 -0300 @@ -0,0 +1,32 @@ +From 325669f0795a9148fd31f7f496a40dc8e114ef52 Mon Sep 17 00:00:00 2001 +From: Aaron Patterson aaron.patter...@gmail.com +Date: Sun, 23 Dec 2012 11:07:07 -0800 +Subject: [PATCH] CVE-2012-5664 options hashes should only be extracted if + there are extra parameters + +--- + lib/active_record/dynamic_matchers.rb |7 ++- + test/cases/finder_test.rb | 12 + 2 files changed, 18 insertions(+), 1 deletion(-) + +diff --git a/lib/active_record/dynamic_matchers.rb b/lib/active_record/dynamic_matchers.rb +index b6b8e24..f15d0b7 100644 +--- a/lib/active_record/dynamic_matchers.rb b/lib/active_record/dynamic_matchers.rb +@@ -40,7 +40,12 @@ module ActiveRecord + METHOD + send(method_id, *arguments) + elsif match.finder? +- options = arguments.extract_options! ++ options = if arguments.length attribute_names.size ++ arguments.extract_options! ++else ++ {} ++end ++ + relation = options.any? ? scoped(options) : scoped + relation.send :find_by_attributes, match, attribute_names, *arguments, block + elsif match.instantiator? +-- +1.7.10.2 (Apple Git-33) + diff -Nru ruby-activerecord-3.2-3.2.6/debian/patches/series ruby-activerecord-3.2-3.2.6/debian/patches/series --- ruby-activerecord-3.2-3.2.6/debian/patches/series 2012-06-16 11:10:55.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/patches/series 2013-01-03 11:04:55.0 -0300 @@ -1 +1,2 @@ Remove_rubygems_dependency.patch +3-2-dynamic_finder_injection.patch signature.asc Description: Digital signature
Bug#697284: unblock: ruby-activerecord-2.3/2.3.14-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby-activerecord-2.3 This release fixes a SQL injection vulnerability (CVE-2012-5664). Attached is the debdiff between this version and the one in testing. unblock ruby-activerecord-2.3/2.3.14-3 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.utf8, LC_CTYPE=pt_BR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Antonio Terceiro terce...@debian.org diff -Nru ruby-activerecord-2.3-2.3.14/debian/changelog ruby-activerecord-2.3-2.3.14/debian/changelog --- ruby-activerecord-2.3-2.3.14/debian/changelog 2012-06-29 14:37:30.0 -0300 +++ ruby-activerecord-2.3-2.3.14/debian/changelog 2013-01-03 11:48:18.0 -0300 @@ -1,3 +1,11 @@ +ruby-activerecord-2.3 (2.3.14-3) unstable; urgency=high + + * Team upload. + * debian/patches/2-3-dynamic_finder_injection.patch: fix SQL injection +vulnerability (CVE-2012-5664). + + -- Antonio Terceiro terce...@debian.org Thu, 03 Jan 2013 11:43:56 -0300 + ruby-activerecord-2.3 (2.3.14-2) unstable; urgency=low * Team upload. diff -Nru ruby-activerecord-2.3-2.3.14/debian/control ruby-activerecord-2.3-2.3.14/debian/control --- ruby-activerecord-2.3-2.3.14/debian/control 2012-06-29 14:45:22.0 -0300 +++ ruby-activerecord-2.3-2.3.14/debian/control 2012-09-01 17:37:56.0 -0300 @@ -2,7 +2,6 @@ Section: ruby Priority: optional Maintainer: Debian Ruby Extras Maintainers pkg-ruby-extras-maintain...@lists.alioth.debian.org -Uploaders: Ondřej Surý ond...@debian.org DM-Upload-Allowed: yes Build-Depends: debhelper (= 7.0.50~), gem2deb (= 0.3.0~), diff -Nru ruby-activerecord-2.3-2.3.14/debian/control.in ruby-activerecord-2.3-2.3.14/debian/control.in --- ruby-activerecord-2.3-2.3.14/debian/control.in 2012-06-29 14:45:14.0 -0300 +++ ruby-activerecord-2.3-2.3.14/debian/control.in 2012-09-01 17:37:56.0 -0300 @@ -2,7 +2,6 @@ Section: ruby Priority: optional Maintainer: Debian Ruby Extras Maintainers pkg-ruby-extras-maintain...@lists.alioth.debian.org -Uploaders: Ondřej Surý ond...@debian.org DM-Upload-Allowed: yes Build-Depends: debhelper (= 7.0.50~), gem2deb (= 0.3.0~), diff -Nru ruby-activerecord-2.3-2.3.14/debian/patches/2-3-dynamic_finder_injection.patch ruby-activerecord-2.3-2.3.14/debian/patches/2-3-dynamic_finder_injection.patch --- ruby-activerecord-2.3-2.3.14/debian/patches/2-3-dynamic_finder_injection.patch 1969-12-31 21:00:00.0 -0300 +++ ruby-activerecord-2.3-2.3.14/debian/patches/2-3-dynamic_finder_injection.patch 2013-01-03 11:31:43.0 -0300 @@ -0,0 +1,54 @@ +From 9de9b359d0d24f70f0f6c5c58a7ad8750684d456 Mon Sep 17 00:00:00 2001 +From: Aaron Patterson aaron.patter...@gmail.com +Date: Sun, 23 Dec 2012 11:07:07 -0800 +Subject: [PATCH] CVE-2012-5664 options hashes should only be extracted if + there are extra parameters + +--- + lib/active_record/base.rb |6 +- + test/cases/finder_test.rb | 12 + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/lib/active_record/base.rb b/glib/active_record/base.rb +index 461007f..809a38c 100755 +--- a/lib/active_record/base.rb b/lib/active_record/base.rb +@@ -1897,7 +1897,11 @@ module ActiveRecord #:nodoc: + # end + self.class_eval -EOS, __FILE__, __LINE__ + 1 + def self.#{method_id}(*args) +- options = args.extract_options! ++ options = if args.length #{attribute_names.size} ++ args.extract_options! ++else ++ {} ++end + attributes = construct_attributes_from_arguments( + [:#{attribute_names.join(',:')}], + args +diff --git a/test/cases/finder_test.rb b/gtest/cases/finder_test.rb +index c779a69..9e3ab92 100644 +--- a/test/cases/finder_test.rb b/test/cases/finder_test.rb +@@ -66,6 +66,18 @@ end + class FinderTest ActiveRecord::TestCase + fixtures :companies, :topics, :entrants, :developers, :developers_projects, :posts, :comments, :accounts, :authors, :customers + ++ def test_find_by_id_with_hash ++assert_raises(ActiveRecord::StatementInvalid) do ++ Post.find_by_id(:limit = 1) ++end ++ end ++ ++ def test_find_by_title_and_id_with_hash ++assert_raises(ActiveRecord::StatementInvalid) do ++ Post.find_by_title_and_id('foo', :limit = 1) ++end ++ end ++ + def test_find + assert_equal(topics(:first).title, Topic.find(1).title) + end +-- +1.7.10.2 (Apple Git-33) + diff -Nru ruby-activerecord-2.3-2.3.14/debian/patches/series ruby-activerecord-2.3-2.3.14/debian/patches/series ---
Bug#697281: marked as done (unblock: xen-api/1.3.2-14 (Fixes #696810: bad debconf handling))
Your message dated Thu, 03 Jan 2013 15:05:21 + with message-id c6ba164ac5ed8c4f15d11c21e9c4d...@mail.adsl.funky-badger.org and subject line Re: Bug#697281: unblock: xen-api/1.3.2-14 (Fixes #696810: bad debconf handling) has caused the Debian Bug report #697281, regarding unblock: xen-api/1.3.2-14 (Fixes #696810: bad debconf handling) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, As per #696810, the debconf choice for the networking mode of XCP wasn't working as expected. When using apt, even when choosing bridging, openvswitch was always set in /etc/xcp/network.conf. This -14 version fixes that. If that is enough explanations, you can skip what is below (debdiff attached to this message). More explanation in details I was mainly testing using dpkg -i xcp-networkd*.deb. Using dpkg, the debian/xcp-networkd.config script was executed only once. But when using apt, it seems that debian/xcp-networkd.config was executed once normally, and then once more in a non-interactive mode. This is what created the problem, or rather, this what made me wrongly think my script was right when testing it. Now, when I look back into it, I feel the corrected script is much cleaner the way it is now anyway. Also, because we only have: Recommends: openvswitch-switch, openvswitch-datapath-dkms and not a strong Depends:, plus the fact that it seems that the openvswitch mode is sometimes buggy, plus the fact that it is required to reboot which doesn't always work because of the networking setup which isn't easy (see README.Debian about it), I have decided it was more reasonable to leave the bridging mode as the default, rather than openvswitch. This -14 Debian release therefore sets Linux standard bridging as the default networking for XCP (eg: that's what will be setup in non-interactive Debconf frontend, and that will be the default selected option in the Debconf screen). Note that I have tested the new xcp-networkd package using both dpkg -i and apt (with a local file:// repo), and it's fine now. /More explanation in details Please unblock xen-api/1.3.2-14. Cheers, Thomas Goirand (zigo) P.S: I was unsure if #696810 deserved an RC severity, please let me know your view on this, so that next time I know. diff -Nru xen-api-1.3.2/debian/changelog xen-api-1.3.2/debian/changelog --- xen-api-1.3.2/debian/changelog 2012-11-04 07:11:22.0 + +++ xen-api-1.3.2/debian/changelog 2012-12-27 13:18:26.0 + @@ -1,3 +1,10 @@ +xen-api (1.3.2-14) unstable; urgency=low + + * Fixes: if apt-get was used to install xcp-networkd instead of dpkg -i, then + debconf value selected for network-type wasn't respected (Closes: #696810). + + -- Thomas Goirand z...@debian.org Thu, 27 Dec 2012 13:05:06 + + xen-api (1.3.2-13) unstable; urgency=low * Fixes: wait_for_xapi() function in init.d script doesn't work on slave diff -Nru xen-api-1.3.2/debian/xcp-networkd.config xen-api-1.3.2/debian/xcp-networkd.config --- xen-api-1.3.2/debian/xcp-networkd.config 2012-11-04 07:11:22.0 + +++ xen-api-1.3.2/debian/xcp-networkd.config 2012-12-27 13:18:26.0 + @@ -10,15 +10,15 @@ # Get the values from the config file if [ -r /etc/xcp/network.conf ] ; then NETWORK_TYPE=`cat /etc/xcp/network.conf` -fi -# This controls the default behavior, which here will be openvswitch. -# Invert words bridge and openvswitch to change this. -if ! [ ${NETWORK_TYPE} = bridge ] ; then - NETWORK_TYPE=openvswitch -fi + # Make sure we have a working value + # (eg: bridge or openvswitch, and nothing else) + if ! [ ${NETWORK_TYPE} = bridge ] ; then + NETWORK_TYPE=openvswitch + fi -db_set xcp-xapi/networking_type ${NETWORK_TYPE} + db_set xcp-xapi/networking_type ${NETWORK_TYPE} +fi db_input high xcp-xapi/networking_type || true db_go ---End Message--- ---BeginMessage--- On 03.01.2013 14:30, Thomas Goirand wrote: Please unblock xen-api/1.3.2-14. Already done several days ago: # 20121230 unblock xen-api/1.3.2-14 Regards, Adam---End Message---
Bug#697245: marked as done (unblock: gnome-shell/3.4.2-5)
Your message dated Thu, 03 Jan 2013 16:08:53 +0100 with message-id 50e59f05.1030...@thykier.net and subject line Re: Bug#697245: unblock: gnome-shell/3.4.2-5 has caused the Debian Bug report #697245, regarding unblock: gnome-shell/3.4.2-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697245: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697245 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock gnome-shell which includes a new version of the fix against deadlocks. It’s far from perfect, but the other solutions being: - a full upgrade to GNOME 3.6 for several modules including glib/gtk - porting to a major mozjs version that has not been released yet I think it is an acceptable compromise. gnome-shell (3.4.2-5) unstable; urgency=low * 30_lockup_gc.patch: update patch. Instead of completely dropping explicit GC calls, only do them once every 10 minutes or so. This might still trigger deadlocks, but not at startup time where they are frequent, and otherwise will make them thousands of times less likely. Closes: #696040. New version of the patch (still the only difference with testing) is attached. unblock gnome-shell/3.4.2-5 Thanks, -- .''`. Josselin Mouette : :' : `. `' `- Index: gnome-shell-3.4.2/src/shell-global.c === --- gnome-shell-3.4.2.orig/src/shell-global.c 2012-07-20 19:38:25.0 +0200 +++ gnome-shell-3.4.2/src/shell-global.c 2013-01-03 00:58:06.396025821 +0100 @@ -45,6 +45,7 @@ static ShellGlobal *the_object = NULL; static void grab_notify (GtkWidget *widget, gboolean is_grab, gpointer user_data); static void shell_global_on_gc (GjsContext *context, ShellGlobal *global); +static gboolean on_gc_timeout (gpointer data); struct _ShellGlobal { GObject parent; @@ -92,6 +93,7 @@ struct _ShellGlobal { guint32 xdnd_timestamp; gint64 last_gc_end_time; + guint gc_timer; }; enum { @@ -277,8 +279,13 @@ shell_global_init (ShellGlobal *global) js-version, 1.8, gc-notifications, TRUE, NULL); + g_signal_connect (global-js_context, gc, G_CALLBACK (shell_global_on_gc), global); + /* Since the GC has a tendency to deadlock, only run it once every 10 + minutes or so. */ + global-gc_timer = g_timeout_add_seconds (600, on_gc_timeout, global); + g_strfreev (search_path); } @@ -1605,13 +1612,6 @@ run_leisure_functions (gpointer data) if (global-work_count 0) return FALSE; - /* Previously we called gjs_maybe_gc(). However, it simply doesn't - * trigger often enough. Garbage collection is very fast here, so - * let's just aggressively GC. This will help avoid both heap - * fragmentation, and the GC kicking in when we don't want it to. - */ - gjs_context_gc (global-js_context); - /* No leisure closures, so we are done */ if (global-leisure_closures == NULL) return FALSE; @@ -1635,6 +1635,16 @@ run_leisure_functions (gpointer data) return FALSE; } +static gboolean +on_gc_timeout (gpointer data) +{ + ShellGlobal *global = data; + gjs_context_gc (global-js_context); + + return TRUE; +} + + static void schedule_leisure_functions (ShellGlobal *global) { ---End Message--- ---BeginMessage--- On 2013-01-03 01:40, Josselin Mouette wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock gnome-shell which includes a new version of the fix against deadlocks. It’s far from perfect, but the other solutions being: - a full upgrade to GNOME 3.6 for several modules including glib/gtk - porting to a major mozjs version that has not been released yet I think it is an acceptable compromise. gnome-shell (3.4.2-5) unstable; urgency=low * 30_lockup_gc.patch: update patch. Instead of completely dropping explicit GC calls, only do them once every 10 minutes or so. This might still trigger deadlocks, but not at startup time where they are frequent, and otherwise will make them thousands of times less likely. Closes: #696040. New version of the patch (still the only difference with testing) is attached. unblock gnome-shell/3.4.2-5 Thanks, Unblocked, thanks. ~Niels---End Message---
redhat-cluster (and reverse dependencies) for wheezy
Hi, the redhat-cluster package (and some other related ones) are in kind of a mess at the moment due to - newer upstream versions (with shlibs bumps) being uploaded to sid, that aren't suitable for wheezy at this stage - lvm2 needing rc bug fixes and picking up dependencies on those new versions thanks to clvm Because of this the lvm2 maintainer dropped the clvm binary package in the last upload, meaning that redhat-cluster-suite is now uninstallable in sid. In order to sort that out, the easiest solution (for me) would be to - migrate the new lvm2 with its rc bug fixes to wheezy - remove redhat-cluster, ocfs2-tools, qpid-cpp from wheezy Another solution is to upload a redhat-cluster revision to tpu that drops the redhat-cluster-suite binary package. Is anyone willing to work on that second solution (or find yet another one)? If not I'll go ahead with the removal in about a week. Cheers, Julien signature.asc Description: Digital signature
Bug#685230: unblock hylafax 3:6.0.6-4
Hello! Ivo De Decker wrote on 2012-12-22 22:35: As there is still an RC bug in sid, I don't think it makes sense to do a TPU upload for the other one now. I'm attaching the TPU fix for 682824 for reference. As said I will try to update capi4hylafax because of this RC bug. If I can fix this RC in capi4hylafax, then I must move this bug to the capi4hylafax package before upload, right? It might be best to revert all the changes in unstable (since -1) that are not suitable for wheezy, and try to get a version in unstable that fixes both RC bugs in a non-intrusive way (based on -1). That way, the package could be tested in unstable before it gets to wheezy. The changes that are in -2 could go to experimental for now. Which is the best way? a) create the updated version 3:6.0.6-5 which is the same as 3:6.0.6-1 and then create the next version 3:6.0.6-6 which all needed patches for Wheezy, or b) create the updated version 4:6.0.6-1 which is the same as 3:6.0.6-1 and then create the next version 4:6.0.6-2 which all needed patches for Wheezy, or c) create a special Wheezy version 3:6.0.6-2+deb7u1 with all needed patches for Wheezy. What is your opinion? I would prefer way c). --- Have a nice day. Joachim (Germany) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130103183927.33e1f...@jupiter.home
Bug#697301: unblock: ircd-ratbox/3.0.7.dfsg-3
Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: important Please unblock package ircd-ratbox. This package only includes a patch taken upstream to fix a nasty security bug (see #697093), debdiff attached. The magic command: unblock ircd-ratbox/3.0.7.dfsg-3 Happy new year release team, and thanks for your hard work. Regards. -- Marc Dequènes (Duck) ircd-ratbox.debdiff Description: Binary data pgpX6NQoHYp1l.pgp Description: PGP Digital Signature
Bug#697301: marked as done (unblock: ircd-ratbox/3.0.7.dfsg-3)
Your message dated Thu, 03 Jan 2013 19:02:58 + with message-id 1357239778.28152.1.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#697301: unblock: ircd-ratbox/3.0.7.dfsg-3 has caused the Debian Bug report #697301, regarding unblock: ircd-ratbox/3.0.7.dfsg-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697301: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697301 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: important Please unblock package ircd-ratbox. This package only includes a patch taken upstream to fix a nasty security bug (see #697093), debdiff attached. The magic command: unblock ircd-ratbox/3.0.7.dfsg-3 Happy new year release team, and thanks for your hard work. Regards. -- Marc Dequènes (Duck) ircd-ratbox.debdiff Description: Binary data pgpbid4j7CfXc.pgp Description: PGP Digital Signature ---End Message--- ---BeginMessage--- On Thu, 2013-01-03 at 19:51 +0100, Marc Dequènes (Duck) wrote: Usertags: unblock Severity: important normal is fine. Making it higher won't get it dealt with any more quickly. ;-p Please unblock package ircd-ratbox. This package only includes a patch taken upstream to fix a nasty security bug (see #697093), debdiff attached. Unblocked; thanks. Regards, Adam---End Message---
Bug#697283: marked as done (unblock: ruby-activerecord-3.2/3.2.6-3)
Your message dated Thu, 03 Jan 2013 19:09:49 + with message-id 1357240189.28152.4.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#697283: unblock: ruby-activerecord-3.2/3.2.6-3 has caused the Debian Bug report #697283, regarding unblock: ruby-activerecord-3.2/3.2.6-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697283: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby-activerecord-3.2 This release fixes a recently undisclosed security problem (CVE-2012-5664) Attached is the debdiff between this version and the version in testing. unblock ruby-activerecord-3.2/3.2.6-3 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.utf8, LC_CTYPE=pt_BR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Antonio Terceiro terce...@debian.org diff -Nru ruby-activerecord-3.2-3.2.6/debian/changelog ruby-activerecord-3.2-3.2.6/debian/changelog --- ruby-activerecord-3.2-3.2.6/debian/changelog 2012-06-24 18:52:31.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/changelog 2013-01-03 11:21:21.0 -0300 @@ -1,3 +1,10 @@ +ruby-activerecord-3.2 (3.2.6-3) unstable; urgency=high + + * debian/patches/3-2-dynamic_finder_injection.patch: fix SQL injection +vulnerability (CVE-2012-5664). + + -- Antonio Terceiro terce...@debian.org Thu, 03 Jan 2013 11:21:18 -0300 + ruby-activerecord-3.2 (3.2.6-2) unstable; urgency=low * Bump build dependency on gem2deb to = 0.3.0~ diff -Nru ruby-activerecord-3.2-3.2.6/debian/control ruby-activerecord-3.2-3.2.6/debian/control --- ruby-activerecord-3.2-3.2.6/debian/control 2012-06-24 18:52:06.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/control 2012-09-01 17:38:02.0 -0300 @@ -3,7 +3,6 @@ Priority: optional Maintainer: Debian Ruby Extras Maintainers pkg-ruby-extras-maintain...@lists.alioth.debian.org Uploaders: - Ondřej Surý ond...@debian.org, Antonio Terceiro terce...@debian.org, DM-Upload-Allowed: yes Build-Depends: debhelper (= 7.0.50~), diff -Nru ruby-activerecord-3.2-3.2.6/debian/control.in ruby-activerecord-3.2-3.2.6/debian/control.in --- ruby-activerecord-3.2-3.2.6/debian/control.in 2012-06-16 20:57:42.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/control.in 2012-09-01 17:38:02.0 -0300 @@ -3,7 +3,6 @@ Priority: optional Maintainer: Debian Ruby Extras Maintainers pkg-ruby-extras-maintain...@lists.alioth.debian.org Uploaders: - Ondřej Surý ond...@debian.org, Antonio Terceiro terce...@debian.org, DM-Upload-Allowed: yes Build-Depends: debhelper (= 7.0.50~), diff -Nru ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch --- ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch 1969-12-31 21:00:00.0 -0300 +++ ruby-activerecord-3.2-3.2.6/debian/patches/3-2-dynamic_finder_injection.patch 2013-01-03 11:14:35.0 -0300 @@ -0,0 +1,32 @@ +From 325669f0795a9148fd31f7f496a40dc8e114ef52 Mon Sep 17 00:00:00 2001 +From: Aaron Patterson aaron.patter...@gmail.com +Date: Sun, 23 Dec 2012 11:07:07 -0800 +Subject: [PATCH] CVE-2012-5664 options hashes should only be extracted if + there are extra parameters + +--- + lib/active_record/dynamic_matchers.rb |7 ++- + test/cases/finder_test.rb | 12 + 2 files changed, 18 insertions(+), 1 deletion(-) + +diff --git a/lib/active_record/dynamic_matchers.rb b/lib/active_record/dynamic_matchers.rb +index b6b8e24..f15d0b7 100644 +--- a/lib/active_record/dynamic_matchers.rb b/lib/active_record/dynamic_matchers.rb +@@ -40,7 +40,12 @@ module ActiveRecord + METHOD + send(method_id, *arguments) + elsif match.finder? +- options = arguments.extract_options! ++ options = if arguments.length attribute_names.size ++ arguments.extract_options! ++else ++ {} ++end ++ + relation = options.any? ? scoped(options) : scoped + relation.send :find_by_attributes, match, attribute_names, *arguments, block + elsif match.instantiator? +-- +1.7.10.2 (Apple Git-33) + diff -Nru
Bug#697283: unblock: ruby-activerecord-3.2/3.2.6-3
On Thu, Jan 03, 2013 at 07:09:49PM +, Adam D. Barratt wrote: On Thu, 2013-01-03 at 11:47 -0300, Antonio Terceiro wrote: Please unblock package ruby-activerecord-3.2 This release fixes a recently undisclosed security problem (CVE-2012-5664) Recently /disclosed/? That's what I meant, yes. :-) -- Antonio Terceiro terce...@debian.org signature.asc Description: Digital signature
Bug#697308: unblock: gnucash/1:2.4.10-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnucash. The version currently in sid fixes RC bug #696282. The debdiff is attached. Cheers, -- .''`.Sébastien Villemot : :' :Debian Developer `. `' http://www.dynare.org/sebastien `- GPG Key: 4096R/381A7594 diff -Nru gnucash-2.4.10/debian/changelog gnucash-2.4.10/debian/changelog --- gnucash-2.4.10/debian/changelog 2012-06-27 20:40:29.0 +0200 +++ gnucash-2.4.10/debian/changelog 2013-01-03 20:19:41.0 +0100 @@ -1,3 +1,10 @@ +gnucash (1:2.4.10-6) unstable; urgency=low + + * handle-xml-parse-failure.patch: new patch, fixes potential data loss when +XML parsing fails (Closes: #696282) + + -- Sébastien Villemot sebast...@debian.org Thu, 03 Jan 2013 20:19:13 +0100 + gnucash (1:2.4.10-5) unstable; urgency=low * gnucash-tip.patch: new patch, fixes tip-of-the-day window with GCC 4.7 diff -Nru gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch --- gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch 1970-01-01 01:00:00.0 +0100 +++ gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch 2012-12-25 23:03:30.0 +0100 @@ -0,0 +1,33 @@ +Description: Handle return value of xmlParseDocument() + Ignoring errors can lead to data loss. +Author: Sébastien Villemot sebast...@debian.org +Bug: https://bugzilla.gnome.org/show_bug.cgi?id=672364 +Bug-Debian: http://bugs.debian.org/696282 +Last-Update: 2012-12-25 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/src/backend/xml/sixtp.c b/src/backend/xml/sixtp.c +@@ -695,6 +695,7 @@ + gpointer *parse_result) + { + sixtp_parser_context *ctxt; ++int parse_ret; + + if (!(ctxt = sixtp_context_new(sixtp, global_data, data_for_top_level))) + { +@@ -706,12 +707,12 @@ + ctxt-data.saxParserCtxt-sax = ctxt-handler; + ctxt-data.saxParserCtxt-userData = ctxt-data; + ctxt-data.bad_xml_parser = sixtp_dom_parser_new(gnc_bad_xml_end_handler, NULL, NULL); +-xmlParseDocument( ctxt-data.saxParserCtxt ); ++parse_ret = xmlParseDocument( ctxt-data.saxParserCtxt ); + //xmlSAXUserParseFile(ctxt-handler, ctxt-data, filename); + + sixtp_context_run_end_handler(ctxt); + +-if (ctxt-data.parsing_ok) ++if (parse_ret == 0 ctxt-data.parsing_ok) + { + if (parse_result) + *parse_result = ctxt-top_frame-frame_data; diff -Nru gnucash-2.4.10/debian/patches/series gnucash-2.4.10/debian/patches/series --- gnucash-2.4.10/debian/patches/series 2012-06-27 20:26:17.0 +0200 +++ gnucash-2.4.10/debian/patches/series 2012-12-19 21:30:18.0 +0100 @@ -5,3 +5,4 @@ taxi0-presentation_options.patch taxi1-customization_improvements.patch gnucash-tip.patch +handle-xml-parse-failure.patch signature.asc Description: Digital signature
Bug#694790: upload (pre-approval): munin/2.0.6-2
Hi Julien, thanks for your review! On Dienstag, 1. Januar 2013, Julien Cristau wrote: debian/munin-async.logrotate: why change the gid? point. (On a third thought :) also 054228.1424.1351986968106.javamail.r...@zimbra.lentz.com.au suggests the glob is still wrong. right, thanks for spotting! munin-async.postinst: what's the [ $2 = 0 ] test supposed to achieve? uhm, nothing, which not already has been achieved by the previous 'dpkg -- compare-versions $2 le 2.0.6-1~' - seems I copied the code from munin.postinst or munin-node.postinst... will remove it in all three places. Will upload 2.0.6-3 with these fixes and this one soon, hopefully tomorrow: commit 328396936f0b82dd8c9b182232cf6721af904da3 Author: Holger Levsen hol...@layer-acht.org Date: Tue Dec 11 21:22:29 2012 + set MUNIN_VERSION correctly during build. (Closes: #694527) debian/rules: set MUNIN_VERSION correctly during build. (Closes: #694527) diff --git a/debian/changelog b/debian/changelog index 28011b7..559173c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +munin (2.0.6-3) UNRELEASD; urgency=low + + * debian/rules: set MUNIN_VERSION correctly during build. (Closes: #694527) + + -- Holger Levsen hol...@debian.org Wed, 26 Dec 2012 14:32:18 +0100 + munin (2.0.6-2) unstable; urgency=low * Fix /etc/apache2/conf.d/munin removed on upgrade: diff --git a/debian/rules b/debian/rules index 8cac862..e1b7a12 100755 --- a/debian/rules +++ b/debian/rules @@ -8,6 +8,8 @@ MAKEOPTS = CONFIG=debian/Makefile.config INSTALL_PLUGINS=auto manual snmpauto c dh $@ override_dh_auto_build: + # ./getversion reads RELEASE if it exists + dpkg-parsechangelog | sed -n 's/^Version: //p' RELEASE chmod 755 debian/ostype_helper dh_auto_build -- $(MAKEOPTS) @@ -83,6 +85,7 @@ override_dh_auto_install: override_dh_auto_clean: dh_auto_clean -- $(MAKEOPTS) clean-node clean-master clean-plugins clean-common clean find plugins/javalib -name '*.class' -print0 | xargs -0 -r rm -v + rm RELEASE -f # Disable build tests for now override_dh_auto_test: cheers, Holger -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201301032216.43602.hol...@layer-acht.org
Bug#697308: marked as done (unblock: gnucash/1:2.4.10-6)
Your message dated Thu, 03 Jan 2013 22:07:04 + with message-id 1357250824.28152.6.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#697308: unblock: gnucash/1:2.4.10-6 has caused the Debian Bug report #697308, regarding unblock: gnucash/1:2.4.10-6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697308: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697308 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnucash. The version currently in sid fixes RC bug #696282. The debdiff is attached. Cheers, -- .''`.Sébastien Villemot : :' :Debian Developer `. `' http://www.dynare.org/sebastien `- GPG Key: 4096R/381A7594 diff -Nru gnucash-2.4.10/debian/changelog gnucash-2.4.10/debian/changelog --- gnucash-2.4.10/debian/changelog 2012-06-27 20:40:29.0 +0200 +++ gnucash-2.4.10/debian/changelog 2013-01-03 20:19:41.0 +0100 @@ -1,3 +1,10 @@ +gnucash (1:2.4.10-6) unstable; urgency=low + + * handle-xml-parse-failure.patch: new patch, fixes potential data loss when +XML parsing fails (Closes: #696282) + + -- Sébastien Villemot sebast...@debian.org Thu, 03 Jan 2013 20:19:13 +0100 + gnucash (1:2.4.10-5) unstable; urgency=low * gnucash-tip.patch: new patch, fixes tip-of-the-day window with GCC 4.7 diff -Nru gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch --- gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch 1970-01-01 01:00:00.0 +0100 +++ gnucash-2.4.10/debian/patches/handle-xml-parse-failure.patch 2012-12-25 23:03:30.0 +0100 @@ -0,0 +1,33 @@ +Description: Handle return value of xmlParseDocument() + Ignoring errors can lead to data loss. +Author: Sébastien Villemot sebast...@debian.org +Bug: https://bugzilla.gnome.org/show_bug.cgi?id=672364 +Bug-Debian: http://bugs.debian.org/696282 +Last-Update: 2012-12-25 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/src/backend/xml/sixtp.c b/src/backend/xml/sixtp.c +@@ -695,6 +695,7 @@ + gpointer *parse_result) + { + sixtp_parser_context *ctxt; ++int parse_ret; + + if (!(ctxt = sixtp_context_new(sixtp, global_data, data_for_top_level))) + { +@@ -706,12 +707,12 @@ + ctxt-data.saxParserCtxt-sax = ctxt-handler; + ctxt-data.saxParserCtxt-userData = ctxt-data; + ctxt-data.bad_xml_parser = sixtp_dom_parser_new(gnc_bad_xml_end_handler, NULL, NULL); +-xmlParseDocument( ctxt-data.saxParserCtxt ); ++parse_ret = xmlParseDocument( ctxt-data.saxParserCtxt ); + //xmlSAXUserParseFile(ctxt-handler, ctxt-data, filename); + + sixtp_context_run_end_handler(ctxt); + +-if (ctxt-data.parsing_ok) ++if (parse_ret == 0 ctxt-data.parsing_ok) + { + if (parse_result) + *parse_result = ctxt-top_frame-frame_data; diff -Nru gnucash-2.4.10/debian/patches/series gnucash-2.4.10/debian/patches/series --- gnucash-2.4.10/debian/patches/series 2012-06-27 20:26:17.0 +0200 +++ gnucash-2.4.10/debian/patches/series 2012-12-19 21:30:18.0 +0100 @@ -5,3 +5,4 @@ taxi0-presentation_options.patch taxi1-customization_improvements.patch gnucash-tip.patch +handle-xml-parse-failure.patch signature.asc Description: Digital signature ---End Message--- ---BeginMessage--- On Thu, 2013-01-03 at 21:05 +0100, Sébastien Villemot wrote: Please unblock package gnucash. The version currently in sid fixes RC bug #696282. The debdiff is attached. Unblocked; thanks. Regards, Adam---End Message---
Bug#697323: release.debian.org: unblock: nmap/6.00-0.3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock nmap which contains a backported upstream fix for #696446 which made the nmap program unusable in certain setups. Thanks, -Hilko diff -u nmap-6.00/debian/changelog nmap-6.00/debian/changelog --- nmap-6.00/debian/changelog +++ nmap-6.00/debian/changelog @@ -1,3 +1,10 @@ +nmap (6.00-0.3) unstable; urgency=low + + * Non-maintainer upload. + * Apply upstream fix for interfaces in monitor mode (Closes: #696446). + + -- Hilko Bengen ben...@debian.org Sat, 29 Dec 2012 18:43:12 +0100 + nmap (6.00-0.2) unstable; urgency=low * Non-maintainer upload. only in patch2: unchanged: --- nmap-6.00.orig/libdnet-stripped/src/addr.c +++ nmap-6.00/libdnet-stripped/src/addr.c @@ -318,6 +318,7 @@ #endif case AF_UNSPEC: case ARP_HRD_ETH: /* XXX- Linux arp(7) */ + case ARP_HRD_IEEE80211_RADIOTAP: /* IEEE 802.11 + radiotap header */ a-addr_type = ADDR_TYPE_ETH; a-addr_bits = ETH_ADDR_BITS; memcpy(a-addr_eth, sa-sa_data, ETH_ADDR_LEN); only in patch2: unchanged: --- nmap-6.00.orig/libdnet-stripped/include/dnet/arp.h +++ nmap-6.00/libdnet-stripped/include/dnet/arp.h @@ -39,6 +39,8 @@ #define ARP_HRD_ETH0x0001 /* ethernet hardware */ #define ARP_HRD_IEEE8020x0006 /* IEEE 802 hardware */ +#define ARP_HRD_IEEE80211_RADIOTAP 0x0323 /* IEEE 802.11 + radiotap header */ + /* * Protocol address format */ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87hamxrjn5@msgid.hilluzination.de
Bug#697323: marked as done (release.debian.org: unblock: nmap/6.00-0.3)
Your message dated Thu, 03 Jan 2013 22:33:11 + with message-id 1357252391.28152.7.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#697323: release.debian.org: unblock: nmap/6.00-0.3 has caused the Debian Bug report #697323, regarding release.debian.org: unblock: nmap/6.00-0.3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697323: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697323 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock nmap which contains a backported upstream fix for #696446 which made the nmap program unusable in certain setups. Thanks, -Hilko diff -u nmap-6.00/debian/changelog nmap-6.00/debian/changelog --- nmap-6.00/debian/changelog +++ nmap-6.00/debian/changelog @@ -1,3 +1,10 @@ +nmap (6.00-0.3) unstable; urgency=low + + * Non-maintainer upload. + * Apply upstream fix for interfaces in monitor mode (Closes: #696446). + + -- Hilko Bengen ben...@debian.org Sat, 29 Dec 2012 18:43:12 +0100 + nmap (6.00-0.2) unstable; urgency=low * Non-maintainer upload. only in patch2: unchanged: --- nmap-6.00.orig/libdnet-stripped/src/addr.c +++ nmap-6.00/libdnet-stripped/src/addr.c @@ -318,6 +318,7 @@ #endif case AF_UNSPEC: case ARP_HRD_ETH: /* XXX- Linux arp(7) */ + case ARP_HRD_IEEE80211_RADIOTAP: /* IEEE 802.11 + radiotap header */ a-addr_type = ADDR_TYPE_ETH; a-addr_bits = ETH_ADDR_BITS; memcpy(a-addr_eth, sa-sa_data, ETH_ADDR_LEN); only in patch2: unchanged: --- nmap-6.00.orig/libdnet-stripped/include/dnet/arp.h +++ nmap-6.00/libdnet-stripped/include/dnet/arp.h @@ -39,6 +39,8 @@ #define ARP_HRD_ETH0x0001 /* ethernet hardware */ #define ARP_HRD_IEEE8020x0006 /* IEEE 802 hardware */ +#define ARP_HRD_IEEE80211_RADIOTAP 0x0323 /* IEEE 802.11 + radiotap header */ + /* * Protocol address format */ ---End Message--- ---BeginMessage--- On Thu, 2013-01-03 at 23:23 +0100, Hilko Bengen wrote: Please unblock nmap which contains a backported upstream fix for #696446 which made the nmap program unusable in certain setups. Unblocked; thanks. Regards, Adam---End Message---
unblockrequest for fai 4.0.5
Please unblock fai 4.0.5. It includes two bug fixes. The changes in all files under example/ are only doc changes because those file are in the package fai-doc. [~] debdiff fai_4.0.4.dsc fai_4.0.5.dsc | diffstat bin/fai-make-nfsroot|1 + bin/fcopy | 12 ++-- debian/changelog|9 + examples/simple/scripts/DEBIAN/30-interface |2 +- examples/simple/scripts/DEBIAN/40-misc |4 ++-- examples/simple/scripts/LAST/50-misc|2 +- lib/subroutines | 10 +- -- regards Thomas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20710.25548.810697.670...@kueppers.informatik.uni-koeln.de