Bug#863789: RFS: logdata-anomaly-miner/0.0.8-1

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "logdata-anomaly-miner" * Package name: logdata-anomaly-miner Version : 0.0.8-1 Upstream Author : Roman Fiedler * URL : https://launchpad.net/logdata-anomaly-miner/

Bug#850810: RFS: logdata-anomaly-miner/0.0.7-1

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "logdata-anomaly-miner" * Package name: logdata-anomaly-miner Version : 0.0.7-1 Upstream Author : Roman Fiedler * URL : https://launchpad.net/logdata-anomaly-miner/

Bug#843179: RFS: logdata-anomaly-miner/0.0.6-1

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "logdata-anomaly-miner" * Package name: logdata-anomaly-miner Version : 0.0.6-1 Upstream Author : Roman Fiedler * URL : https://launchpad.net/logdata-anomaly-miner/

Bug#840456: RFS: logdata-anomaly-miner/0.0.5-1 ITA

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "logdata-anomaly-miner" * Package name: logdata-anomaly-miner Version : 0.0.5-1 Upstream Author : Roman Fiedler * URL :

Bug#840447: New upstream release V0.0.5

Source: logdata-anomaly-miner Version: 0.0.3-2 logdata-anomaly-miner V0.0.5 is available upstream, see https://launchpad.net/logdata-anomaly-miner/+milestone/v0.0.5

Bug#833298: RFS: logdata-anomaly-miner/0.0.3-1 [ITA] -- lightweight tool for log checking, log analysis

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package " logdata-anomaly-miner": * Package name: logdata-anomaly-miner * Version: 0.0.3-2 * Upstream Author: Roman Fiedler * URL: https://launchpad.net/logdata-anomaly-miner

Bug#832347: logdata-anomaly-miner: unowned directory after purge: /var/lib/aminer/

> From: Andreas Beckmann [mailto:a...@debian.org] > [Snip] > > during a test with piuparts I noticed your package left unowned > directories on the system after purge, which is a violation of > policy 6.8: > > [Snip] > > The maintainer scripts create (and later remove) a file in that >

Bug#832060: RFS: logdata-anomaly-miner/0.0.3-1 [ITA] -- lightweight tool for log checking, log analysis

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package " logdata-anomaly-miner": * Package name: logdata-anomaly-miner * Version: 0.0.3-1 * Upstream Author: Roman Fiedler * URL: https://launchpad.net/logdata-anomaly-miner

Bug#832058: logdata-anomaly-miner - new upstream release V0.0.3 available

Source: logdata-anomaly-miner Version: 0.0.2-1 logdata-anomaly-miner V0.0.3 is available upstream, see https://launchpad.net/logdata-anomaly-miner/+milestone/v0.0.3 smime.p7s Description: S/MIME cryptographic signature

Bug#813096: AW: Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Gianfranco Costamagna [mailto:locutusofb...@debian.org] > [Snip] >> Ah, I see. I assumed that the patch editor would cut the lower part in same >> fashion as git/svn would do. Fixed. > > nack > . > logdata-anomaly-miner (0.0.2-1) unstable; urgency=low > . > * Initial inclusion of

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Gianfranco Costamagna [mailto:locutusofb...@debian.org] > > Hi, > > new issues: > > please change python-dev to python-all (you have an arch:all package here) Changed the Build-Depends, binary depends are now generated by dh_python2. > patches have useless description, please make a real

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

Comparing with nginx, I also changed: $ diff -urN ../logdata-anomaly-miner-0.0.2/debian/postinst debian/postinst --- ../logdata-anomaly-miner-0.0.2/debian/postinst 2016-06-08 10:23:13.0 + +++ debian/postinst 2016-06-09 14:24:33.437584218 + @@ -23,12 +23,15 @@

Bug#813096: AW: Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Piotr Ożarowski [mailto:pi...@debian.org] > > [Fiedler Roman, 2016-06-09] > > > is AMiner and AMinerRemoteControl symlinked in /usr/bin/? > > > (you can use debian/logdata-anomaly-miner.links to do that) > > > > Currently they are not symlinked. I

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Piotr Ożarowski [mailto:pi...@debian.org] > > [Fiedler Roman, 2016-06-09] > > > * install into /usr/lib/logdata-anomaly-miner/ and dh_python2 will pick > > > it up without any overrides, additional options, etc. > > > > So I guess, before that (whe

Bug#813096: AW: Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Piotr Ożarowski [mailto:pi...@debian.org] > > just a quick reply: > > * private dir is the right call, do not install into dist-packages > (only "python-*" binary packages should install there) OK, done. > * install into /usr/lib/logdata-anomaly-miner/ and dh_python2 will pick > it

Bug#813096: AW: Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Gianfranco Costamagna [mailto:locutusofb...@debian.org] > Hi, > > (answering where I can!) >> Moving the code to "/usr/lib/python2.7/dist-packages/aminer" in fact allows >> dh_python2 to extract the version information: >> >> Depends: python:any (<< 2.8), python:any (>= 2.7.5-5~),

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

Hi Gianfranco, hello Python devs, Introduction for debian-python members: Gianfranco is giving me great assistance in the mentoring process to get the logdata-anomaly-miner package included to Debian. There were some issues, we are not completely sure, how to sort them out, any help on that

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> Von: Gianfranco Costamagna [mailto:costamagnagianfra...@yahoo.it] > > Hi > > > I still don't see "python" in build-dependencies. > > >I tried that already, but somehow it did not work out (that's why the > >manual > >"python2.6 | python2.7" is kept). > > the reason should be the missing python

Bug#813096: AW: Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

> From: Gianfranco Costamagna [mailto:locutusofb...@debian.org] > > > E: logdata-anomaly-miner: python-script-but-no-python-dep > >Tried to follow the guidelines, seems that everything works but lintian is > >still > complaining. Changes recommended from various forums: > > >Any ideas would be

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

ision seems to affect some of those issues anyway). > out of time right now, if you can fix the above I'll do another trip. Thank you for reviewing. I have uploaded a new intermediate version with the fixes done so far. Please note, the error is due to the pydepends question from above. > Il Lunedì 18 Aprile 2016 20:15, Fiedler Roman <roman.fied...@ait.ac.at> ha > scritto: > [Snip unreplied part] smime.p7s Description: S/MIME cryptographic signature

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

Hello, After start of packaging and the release of the first 3 versions after port from java to python, I am still looking for a mentor for package inclusion. I have written fixes for open points from first review but there are still some questions open, where I am not sure, how to address them.

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

Hi, I tried to address the issues from the first review for V0.0.0 at http://mentors.debian.net/package/logdata-anomaly-miner, the changes are now in the V0.0.2~pre0 package uploaded. But still there are some points not completely clear to me: Issues from

Bug#813096: ITP: logdata-anomaly-miner -- lightweight tool for log checking, log analysis

X-Debbugs-Cc: debian-ment...@lists.debian.org Package: wnpp Owner: Roman Fiedler Severity: wishlist Package name: logdata-anomaly-miner Version: 0.0 Upstream Author: Roman Fiedler URL: FIXME Sources URL: [Seems

Bug#766147: [php-maint] Bug#766147: php5-common: session cleanup can be misused to change modification time of arbitrary files to now when symlink protection not enabled

Von: Ondřej Surý [mailto:ond...@sury.org] Control: tags -1 +pending On Tue, Oct 21, 2014, at 11:33, Ondřej Surý wrote: On Tue, Oct 21, 2014, at 11:16, Fiedler Roman wrote: Von: Ondřej Surý [mailto:ond...@sury.org] On Tue, Oct 21, 2014, at 10:55, Fiedler Roman wrote: Von

Bug#766147: [php-maint] Bug#766147: php5-common: session cleanup can be misused to change modification time of arbitrary files to now when symlink protection not enabled

Von: Ondřej Surý [mailto:ond...@sury.org] This should then fix even your case... [ -x /usr/bin/lsof ] /usr/bin/lsof -w -l +d /var/lib/php5 -F0 | sed -zne s/^n//p | xargs -0i echo touch -c -h '{}' touch -c -h '/var/lib/php5/xxx\' touch -c -h 'n/var/lib/php5/passwd' Looks really good,

Bug#766147: php5-common: session cleanup can be misused to change modification time of arbitrary files to now when symlink protection not enabled

Package: php5-common Version: 5.4.4-14+deb7u14 Tags: security /usr/lib/php5/sessionclean from [1] enables any process allowed to create entries in /var/lib/php5 to adjust the modification time of any file by waiting for the /etc/cron.d/php5 session cleanup job to run. This requires

Bug#766073: AW: [oss-security] Multiple disputed issues in util-vserver

Hello Carlos, Von: Carlos Alberto Lopez Perez [mailto:clo...@igalia.com] On 14/10/14 16:31, Fiedler Roman wrote: Hi, While fixing a bug, I noticed some strange behavior in linux vserver virtualization, that I would call a security problems, but project developers see it differently

Bug#766147: AW: [php-maint] Bug#766147: php5-common: session cleanup can be misused to change modification time of arbitrary files to now when symlink protection not enabled

Von: Ondřej Surý [mailto:ond...@sury.org] On Tue, Oct 21, 2014, at 10:55, Fiedler Roman wrote: Von: Ondřej Surý [mailto:ond...@sury.org] Hi, TL;DR: s/touch -c/touch -c -h/, right? This will fix it for arbitrary symlinks, the only remaining issues would be a) keeping

Bug#766147: AW: [php-maint] Bug#766147: php5-common: session cleanup can be misused to change modification time of arbitrary files to now when symlink protection not enabled

Von: Ondřej Surý [mailto:ond...@sury.org] Hi, TL;DR: s/touch -c/touch -c -h/, right? This will fix it for arbitrary symlinks, the only remaining issues would be a) keeping open a file .. , which will update the parent directory modification time. b) keeping open a file

Bug#766221: Mantis package seems not incorporate all upstream security fixes

Package: mantis Version: 1.2.11-1.2+deb7u1 Tags: security The Debian package seems not incorporate all upstream fixes, e.g. for [1] (CVE 2013-4460), perhaps also others. As I'm currently trying to update the debian package to use the latest 1.2.17 sources, should Debian efforts and mine be

Bug#766073: man pages not clear on host-side impact of interaction with compromised guest using util-vserver

Package: util-vserver Version: 0.30.216-pre3054-1 Tags: security According to vserver developers, vserver enter is not intended to be safe for compromised guests and can easily be used to escape to the host (POC code available on request). It should be stated in the man pages accordingly, that

Bug#723200: mantis install.php creates database user with wrong permissions

Package: mantis Version: 1.2.11-1.2 Tags: security It seems, that a bug in Ubuntu [2] mantis package is also present in package mantis_1.2.11-1.2_all.deb (Debian stable). The problematic code is in /usr/share/mantis/www/admin/install.php causing mantis-install to grant privileges to wrong