Package: gdm3
Version: restore nested login in gdm3
Severity: normal
Hi, I am a long time user of gdm nested logins. However, they do not exist in
gdm3 :( . Before(in 'gdm') I created new logins via the command gdmflexiserver
-n which would bring up another gdm login window inside a Xephyr
Package: qemu-kvm
Severity: important
Ubuntu carries a patch called spice-qxl-locking-fix-for-qemu-kvm.patch which
fixes https://bugs.launchpad.net/qemu/+bug/723871
Can this be applied/carried in debian so that the qxl vga mode is not broken in
qemu-kvm (in debian).
-- System Information:
Package: gnome-power-manager
Severity: minor
After I suspend and resume my laptop a 'few' times the gnome-power-manager
gnome applet acts a bit funny.
Here is some gdb output from running gnome-power-statistics :/
gdb gnome-power-statistics
GNU gdb (GDB) 7.2-debian
Copyright (C) 2010 Free
Package: isc-dhcp-client
Version: 4.1.1-P1-15+squeeze2
Severity: important
I have given up on upstream and their bug tracking is closed anyway.
Over a few emails I sent the following to isc.
In
dhcpclient.c
dhcp()
...
char addrbuf[4*16];
...
...
The following comment is just plain wrong:
Package: mutt
Version: 1.5.20-9+squeeze1
Severity: grave
Tags: security
Justification: user security hole
The gnutls implementation of ssl found in mutt, in mutt_ssl_gnutls.c, appears
to not validate
the common name of a remote server correctly. The openssl implementation found
in mutt_ssl.c
Package: python-feedparser
Version: 4.1-14
Severity: grave
Tags: security
Justification: user security hole
Please update the version of python-feedparser found in debian to something
recent:
The following bugs will then be fixed:
1. Issue 195: XSS vulnerability in feedparser
Package: debian-installer
Severity: important
Tags: d-i
If you have a dvorak plugged in and you boot the kfreebsd debian amd64 or i386
installer from cd1 (or the net-install) the installer
does not pick up on the fact that I am using a dvorak keyboard. There also is
no option for me to select a
Package: file-roller
Version: 2.30.2-2
Severity: normal
So I have a folder called 'test' and it has only one item in it called bar[0]:
I then open file-roller, and select 'new' with the filename
/tmp/testing13.tar.7z
I then select 'add folder' and select the test folder(but I don't press ok
Package: virt-manager
Severity: important
1. I configured a kvm guest to use a local sdl window.
2. I then tried to boot the vm
3. this did not work - I got an error stating libvirtError: operation failed:
failed to retrieve chardev info in qemu with 'info chardev'
4. I chowned my Xauthority
Package: isc-dhcp-server
Severity: critical
My windows 7 vm timesout when trying to get a dhcp lease from isc-dhcp-server.
I am using isc-dhcp-server from debian squeeze.
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Package: glipper
Severity: important
glipper segfaults when copying a large unicode segment to the clipboard.
I will follow up this bug report with an email containing such a text fragment.
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (500, 'testing'), (500,
Package: isc-dhcp-common
Version: 4.1.1-P1-15
Severity: wishlist
Please compile isc-dhcp-common, isc-dhcp-server and isc-dhcp-client with gcc
hardening options enabled. (Like those enabled with export
DEB_BUILD_HARDENING=1 )
hardening-check /sbin/dhclient
/sbin/dhclient:
Position Independent
Package: debootstrap
Severity: wishlist
When building a debian vm, using live-magic etc. it is common to use
debootstrap.
When the --keyring argument is omitted, as per the man page, Release file
signatures are not checked.
IMHO this behaviour differs from the 'normal' use of secure apt (by
Package: installation-reports
Severity: normal
hybrid squeeze iso when dd'ed to a usb results in an installer which installs
grub to the 'wrong device'.
The installer will try to install grub2 to /dev/sda, but that is my usb drive!
(and thus the wrong 'device').
-- System Information:
Debian
Package: mdadm
Severity: wishlist
It would be awesome to mention the README.recipes.gz at the top of the mdadm
man page!
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.37
Package: python2.6
Version: 2.6.6-6
Severity: critical
The latest update is totally broken and can't byte compile *modules* (squeeze).
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel:
Package: dnsmasq
Severity: normal
The default /etc/dnsmasq.conf dnsmasq configuration file contains a fair amount
of misspelt words.
(for example -'uneccessarily', 'explict', 'permissble', 'adddress').
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500,
Package: iodine
Version: 0.4.2-2+lenny1
Severity: important
Justification: fails to build from source
apt-get -b source iodine
...
make[2]: Entering directory `/usr/src/iodine/iodine-0.4.2/tests'
CC test.c
CC base32.c
CC read.c
CC dns.c
CC encoding.c
CC login.c
CC user.c
LD test
Package: libvirtd
Severity: wishlist
It would be nice if libvirtd had a man page.
-- System Information:
Debian Release: 5.0.7
APT prefers stable
APT policy: (900, 'stable'), (650, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.36.1 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8,
Package: libvirt-bin
Version: 0.8.3-5
Severity: normal
I cannot reliably reproduce this, but here is the python I was using to crash
libvirt-bin (sometimes):
import libvirt
import sys
def main():
#conn = libvirt.openReadOnly(None)
conn = libvirt.openReadOnly(qemu:///system)
Package: python-libvirt
Version: 0.8.3-4
Severity: normal
Here is an example python script you can use to reproduce the problem:
import libvirt
import sys
def main():
conn = libvirt.openReadOnly(None)
if __name__ == __main__:
for i in range(0, 1):
main()
Package: virt-manager
Version: 0.8.4-8
Severity: important
I wasn't sure which level of Severity to assign to this, so I put it as
'important'.
So looking in the virt-manager source -- virt-manager-0.8.4/src/virtManager:
We have this IPy.py. If we run it ... we get a number of test failures.
Package: virt-manager
Severity: normal
In virt-manager when one opens up a vm and uses a vnc password to connect to
the vnc server for the guest, there is an option to save the entered password.
However, the option is grayed out ... :(
-- System Information:
Debian Release: 5.0.6
APT prefers
Package: seahorse
Severity: normal
It appears as if gir-repository-dev is not listed as a dependency for seahorse
as found in squeeze.
However, to build seahorse from source, one needs to have gir-repository-dev
installed.
-- System Information:
Debian Release: 5.0.7
APT prefers stable
Package: postgresql-common
Version: 111
Severity: normal
So today I was upgrading a squeeze system when I see a wizard come up and
inform me that postgresql-8.3 is obsolete. Fine.
But it told me that I should install version 9.0 and not 8.4. postgresql isn't
in debian squeeze, whilt it is in
Package: ntop
Severity: wishlist
Is there a reason ntop isn't in squeeze?...
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (900, 'stable'), (650, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.36 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8,
Package: wnpp
Severity: wishlist
* Package name: blockfinder
Version : 3.1415
Upstream Author : Jacob Appelbaum ja...@appelbaum.net, dave b.
d...@d1b.org
* URL : https://github.com/ioerror/blockfinder
* License : BSD
Programming Lang: Python
Description
Package: gdm
Severity: normal
After upgrading from lenny to squeeze, gdm starts on vt8 always (even after
restarting it). It should start on vt7 as this is the expected behaviour.
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (900, 'stable'), (650, 'testing')
Package: libboost1.35-dbg
Severity: important
On upgrading from lenny to squeeze,
The file /usr/share/python/runtime.d/libboost1.35-dbg.rtupdate didn't
recognise that python2.6 was a valid python version and thus blocked the
installation of python2.6 -- which obviously broke / didn't let
Package: epiphany-browser
Severity: grave
Tags: security
Justification: user security hole
epiphany-browser as found in squeeze does not check remote ssl certificate
validity for https connections.
Here is a test url: (WHICH SHOULD FAIL)
Package: gnome-desktop
Severity: important
When I upgraded from lenny to squeeze, the fonts become really blocky and ugly.
This makes using my desktop a lot harder now :(
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (900, 'stable'), (650, 'testing')
Package: offlineimap
Severity: grave
Tags: security
Justification: user security hole
offlineimap performs absolutely no ssl certificate checking. So users could/can
be the victim of a man in the middle attack.
In debian the following bugs exist:
Package: pyversions
Severity: important
So I was trying to build a package from source and I don't have python 2.4
installed.
pyversions -s
python2.4 python2.5
imho it shouldn't report that python2.4 is available (it isn't..).
-- System Information:
Debian Release: 5.0.6
APT prefers stable
Package: libxml2
Version: 2.6.32.dfsg-5+lenny1
Severity: normal
To build libxml2(from source) you need to have python-xml-dbg installed but
python-xml-dbg isn't a dependency.
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (900, 'stable'), (650, 'testing')
Package: radvd
Severity: important
the READEME.DEBIAN file is not consistent with
/usr/share/doc/radvd/examples/simple-radvd.conf
/usr/share/doc/radvd/README.Debian says radvd comes with a example
configuration in
/usr/share/doc/radvd/examples/simple-radvd.conf that advertises
non-routable
Package: mdadm
Severity: normal
│ If you do not need or want to start any arrays for the root file system,
leave the answer blank (or enter 'none'). This may be the case if you are │
However, the default in the wizard I had was all ... :/
-- System Information:
Debian Release: 5.0.6
Package: xephyr
Severity: normal
IMHO not being able to have proper keybindings make xephyr useless.
There is already a bug about this which hasnt' moved in a while and a patch is
already available (it just need to be broken up apparently).
I am happy to build, test etc. any patches but *lets*
Package: wnpp
Severity: wishlist
* Package name: neatx
Version : r59
Upstream Author : hansmi A.T google.com , imsnah, kormat,
zigmars.rasscevskis (see (http://code.google.com/p/neatx/people/list)
* URL : http://code.google.com/p/neatx
* License : GPL v2
Package: xserver-xorg-video-radeon
Version: 1:6.13.1-2
Severity: normal
Story: watch a video on secondary x session.
As An admin
I want to let other users use my system and let them watch videos
So that they won't get too bored ;)
When I start a new session as another user via gdm
And I try
Package: python-libcloud
Severity: grave
Tags: security
Justification: user security hole
libcloud fails to perform ssl validation on https connections.
This means that users of this module, who which perform api requests using
https urls / connections are at risk to mitm attacks.
See
Package: kernel-package
Version: 11.015
Severity: important
I built a 'high' profile grsecurity kernel, using this patch
http://grsecurity.net/test/grsecurity-2.2.0-2.6.35.5-201009212029.patch
against the 2.6.35.5 kernel. It failed to produce an installable kernel .deb.
When I try and install it
Package: qemu-kvm
Severity: wishlist
At
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=72230c523bda18d4dd2f7d16f96cc59e8fbbd6c9
0.13.0-rc1 can be found.
This version also includes vhost-net support see
http://www.linux-kvm.org/wiki/index.php?title=VhostNet for more information.
Package: ifupdown
Version: 0.6.8+nmu1
Severity: normal
File: interfaces
The interfaces man page for interfaces does not list bridge-utils-interfaces
under See Also.
However, imho it *really* should :)
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (900,
Package: linux-patch-grsecurity2
Version: 2.1.14+2.26.32.13-201005151340-1
Severity: normal
The linux-patch-grsecurity2 package in squeeze recommends linux-source-2.6.24.
However, this kernel patch is for 2.6.32.
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy:
Package: slapd
Severity: important
running dpkg-configure slapd on debian squeeze will fail as mkdir cannot
create directory /etc/ldpa/slapd.d will fail as the dir exists already. You
cannot stop slapd and then do this -
because it needs(wants) that directory :)
-- System Information:
Debian
Package: duplicity
Version: 0.6.08b-1+b1
Severity: normal
As of 0.6.09, rsync daemon backend support is no longer functional. It
appears to try to make the connection via SSH instead:
r...@willow:~# time $DUPLICITY_CMD cleanup --extra-clean --force
rsync://beanstalk::/backup/willow
Package: gnome-applets
Severity: normal
As the http://www.bom.gov.au/ website has under gone an update, forecast
information in the gnome weather applet no longer works.
The temperature / condition base still works, so I assume that part used the
bom ftp server...
-- System Information:
Package: kernel
Severity: normal
On the ul80vt / ul30vt asus laptop range, the backlight is not being set as it
should be by gnome / most applications and the keyboard shortcut assigned by
asus.
If you look at http://forum.notebookreview.com/5665108-post1246.html
One can edit some acpi files
Package: dash
Version: 0.5.4-12
Severity: normal
As per https://bugs.launchpad.net/ubuntu/+source/dash/+bug/249620 , dash not
support multi-digit file descriptors.
Here is an example:
dash -c (flock -w 0 200 ; echo foo) 200/tmp/lock
Output:
dash: Syntax error: word unexpected
Package: gnome-system-monitor
Version: 2.22.3-1
Severity: wishlist
It would be really neat to see which processes are stalled, a count of those, a
chart per a process of cpu time vs context switches (also % vs total context
switches).
At the very least, adding the ability to show context switch
Package: lvm2
Version: the man page for vgchange and vgscan fail to state exported drives
must be imported before activated
Severity: normal
The man page for vgscan and vgchange do not state that exported volumes must
first be imported using vgimport.
The rather cryptic message that $volume ..
Package: system-config-lvm
Version: 1.1.4-2
Severity: important
I managed to export / import a lvm volume in an ubuntu live cd - so that I
could use it.
However, when I tried to reboot I could see the boot messages inform me that
the lvm was opened
but not able to be activated (I use luks and
Hi,
This bug seems to be a 3.1.3 squid version issue.
Amos Jeffries (squ...@treenet.co.nz) answer was :
Bug in 3.1.3. Resolved in 3.1.4.
Amos
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: xserver-xorg-video-intel
Version: 2:2.9.1-4
Severity: important
I note that there is a bug 476087 -
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476087 that may be similar to
the following bug report.
Debian lenny on a intel latitude D400 when running gdm, I can close the screen
Package: wnpp
Severity: wishlist
* Package name: python-freshen
Version : 0.2
Upstream Author : Roman Lisagor rlisagor+fres...@gmail.com
* URL : http://github.com/rlisagor/freshen
* License : GPL
Programming Lang: Python
Description : Clone of the
Package: gcc-4.3
Version: 4.3.2-1.1
Severity: normal
While compiling a 2.6.33 (modules) on an armel device I encountered the
following error:
fs/afs/super.c: In function ‘afs_test_super’:
fs/afs/super.c:278: internal compiler error: Segmentation fault
Please submit a full bug report,
with
Package: abiword
Severity: normal
After copying and pasting text off website I selected Thesaurus from the tools
menu. Abiword then crashed.
Here is a backtrace.
(gdb) bt
#0 0x0062e020 in UT_UCS4_strlen ()
#1 0x7f72b5e6ca12 in AiksaurusABI_invoke ()
from
Package: sane-backends
Version: 1.0.20-13
Severity: important
Since the last tarball style release of sane, there have been commits ( git )
that enable backends for certain devices.
This is without changing any existing code. For example:
Package: kgpg
Severity: normal
As sha1 will be used by default to sign messages when a key is created, kgpg is
continuing to use what is now considered a weak/not as strong method of
signing. A key should use perhaps SHA2 to sign messages (by default).
-- System Information:
Debian Release:
Package: python-samba
Version: 3.0.24-6+lenny3
Severity: normal
libldap2 is required, however libldap-2.4-2 / slapd replace it. (i have
libldap-2.4-2 intalled).
I have python 2.4 and python 2.5 installed.
--- trying to install python-samba
apt-get install python-samba
Reading package
Package: postfix
Version: 2.5.5-1.1
Severity: important
CVE-2009-2939 is still affecting postfix in lenny.
There is a patch available at
http://www.openwall.com/lists/oss-security/2009/09/18/6
(quote of the patch from that page).
--
Jamie Strandboge | http://www.canonical.com
Package: pidgin
Version: 2.6.1-1
Severity: grave
Tags: security
Justification: user security hole
PIDGIN 2.5.9 has a CVE filled in it -
http://www.pidgin.im/news/security/?id=34
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386
Package: test
Version: testing
Severity: wishlist
just testing .. move along :)
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8
Package: pidgin
Version: pidgin prior to 2.5.9 HAS SECURITY ISSUE CVE-2009-2694
Severity: critical
Tags: security
Justification: root security hole
pidgin prior to 2.5.9 HAS SECURITY ISSUE CVE-2009-2694
http://www.pidgin.im/news/security/?id=34
-- System Information:
Debian Release: 5.0.2
Package: haskell-doc
Version: 20061127
Severity: normal
the haskell-doc package is not in the lenny release(stable). Despite the same
version of the package existing in etch, squeeze and sid.
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Package: hal
Version: 0.5.11-8
Severity: important
My laptop a dell latitude d400, can hang/ and or hal takes up all my cpu.
To repoduce this bug,
1. turn on the dim screen option in gnome power power settings.
2. Then use the laptop for a minute.
3. leave it alone for 30seconds to 1 minute
4.
Package: knowledgetree
Version: 2.0.7-1
Severity: critical
Hey,
/etc/knowledgetree/environment.php is world-readable by default. It is
supposed to contain (amongst other things) the username and password for
the KnowledgeTree database.
Cc:'d to [EMAIL PROTECTED] just in case they care (the
67 matches
Mail list logo
