Your message dated Sat, 17 Dec 2005 13:47:09 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#338301: fixed in acidbase 1.2.1-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 9 Nov 2005 09:56:03 +0000
>From [EMAIL PROTECTED] Wed Nov 09 01:56:03 2005
Return-path: <[EMAIL PROTECTED]>
Received: from axor.zcu.cz [147.228.57.20]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EZmgV-0001VE-00; Wed, 09 Nov 2005 01:56:03 -0800
Received: from [147.228.1.133] (bodik.zcu.cz [147.228.1.133])
by axor.zcu.cz (8.11.7/8.11.7/Wim) with ESMTP id jA99u1E28567
for <[EMAIL PROTECTED]>; Wed, 9 Nov 2005 10:56:01 +0100
Message-ID: <[EMAIL PROTECTED]>
Date: Wed, 09 Nov 2005 10:54:28 +0100
From: bodik <[EMAIL PROTECTED]>
User-Agent: Debian Thunderbird 1.0.2 (X11/20050602)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: broken search and graph
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: acidbase
Version: 1.2.1-1
Severity: important
Hello,
I believe that your last debian security patch broke searching and graph
plotting in acidbase:
error in search:
when searching results shows "Displaying alerts -49-0 of 1 total"
i thing that it has something to do with clean variable because if i try
to search for "WEB-MISC" signatures in DB results are in fact searched
for "WEBMISC" (missing "-") ....
error in graph:
when trying to make a graph from data, there is no picture rendered,
with error messages:
------------- ERR MESSAGES --------------
Warning: ereg_replace(): REG_EBRACK in
/usr/share/acidbase/includes/base_state_common.inc.php on line 167
... (10 times )
Warning: ereg_replace(): REG_EBRACK in
/usr/share/acidbase/includes/base_state_common.inc.php on line 167
Warning: imagecreatetruecolor(): Invalid image dimensions in
/usr/share/php/Image/Canvas/GD.php on line 159
Warning: imagealphablending(): supplied argument is not a valid Image
resource in /usr/share/php/Image/Canvas/GD.php on line 161
Warning: imagecolorallocate(): supplied argument is not a valid Image
resource in /usr/share/php/Image/Canvas/Color.php on line 65
Warning: imagefilledrectangle(): supplied argument is not a valid Image
resource in /usr/share/php/Image/Canvas/GD.php on line 1089
Warning: imagesetthickness(): supplied argument is not a valid Image
resource in /usr/share/php/Image/Canvas/GD.php on line 236
Warning: imagesetthickness(): supplied argument is not a valid Image
resource in /usr/share/php/Image/Canvas/GD.php on line 1585
Warning: factory(Image/Graph/.php): failed to open stream: No such file
or directory in /usr/share/php/Image/Graph.php on line 445
Warning: factory(): Failed opening 'Image/Graph/.php' for inclusion
(include_path='.:/usr/share/php:/usr/share/pear') in
/usr/share/php/Image/Graph.php on line 445
Fatal error: Cannot instantiate non-existent class: image_graph_ in
/usr/share/php/Image/Graph.php on line 565
------------- ERR MESSAGES --------------
i'm using
php: 4.3.10-16
libphp-jpgraph: 1.5.2-10
libphp-adodb: 4.64-4
php-image-graph: 0.7.1-1
I'm not a php guru, but i thing that you made a mistake in function
CleanVariable. Down there comes a patch for graph plotting bug, but i
don't know how to fix that search problem. (Also there is dependency on
PEAR package which is not in debian but it is not a bug at all - PEAR:
Image_Color)
Sincerely Radoslav 'bodik' Bodo
---------- PATCH CUT ------------------
--- base_state_common.inc.php 2005-11-02 22:30:34.000000000 +0100
+++ base_state_common.inc.php.bodik 2005-11-07 16:47:44.000000000 +0100
@@ -108,6 +108,7 @@
************************************************************************/
function CleanVariable($item, $valid_data, $exception = "")
{
+
/* Check the exception value list first */
if ( $exception != "" )
{
@@ -122,46 +123,46 @@
$regex_mask = "";
- if ( ($valid_data & VAR_DIGIT) > 0 )
+ if ( ($valid_data && VAR_DIGIT) > 0 )
$regex_mask = $regex_mask . "0-9";
- if ( ($valid_data & VAR_LETTER) > 0 )
+ if ( ($valid_data && VAR_LETTER) > 0 )
$regex_mask = $regex_mask . "A-Za-z";
- if ( ($valid_data & VAR_ULETTER) > 0 )
+ if ( ($valid_data && VAR_ULETTER) > 0 )
$regex_mask = $regex_mask . "A-Z";
- if ( ($valid_data & VAR_LLETTER) > 0 )
+ if ( ($valid_data && VAR_LLETTER) > 0 )
$regex_mask = $regex_mask . "a-z";
- if ( ($valid_data & VAR_ALPHA) > 0 )
+ if ( ($valid_data && VAR_ALPHA) > 0 )
$regex_mask = $regex_mask . "0-9A-Za-z";
- if ( ($valid_data & VAR_SPACE) > 0 )
+ if ( ($valid_data && VAR_SPACE) > 0 )
$regex_mask = $regex_mask . "\ ";
- if ( ($valid_data & VAR_PERIOD) > 0 )
+ if ( ($valid_data && VAR_PERIOD) > 0 )
$regex_mask = $regex_mask . "\.";
- if ( ($valid_data & VAR_OPAREN) > 0 )
+ if ( ($valid_data && VAR_OPAREN) > 0 )
$regex_mask = $regex_mask . "\(";
- if ( ($valid_data & VAR_CPAREN) > 0 )
+ if ( ($valid_data && VAR_CPAREN) > 0 )
$regex_mask = $regex_mask . "\)";
- if ( ($valid_data & VAR_BOOLEAN) > 0 )
+ if ( ($valid_data && VAR_BOOLEAN) > 0 )
$regex_mask = $regex_mask . "\)";
- if ( ($valid_data & VAR_OPERATOR) > 0 )
+ if ( ($valid_data && VAR_OPERATOR) > 0 )
$regex_mask = $regex_mask . "\)";
- if ( ($valid_data & VAR_PUNC) > 0 )
+ if ( ($valid_data && VAR_PUNC) > 0 )
$regex_mask = $regex_mask . "\!\#\$\%\^\&\*\_\-\=\+\:\;\,\?\ \(\))";
- if ( ($valid_data & VAR_USCORE) > 0 )
+ if ( ($valid_data && VAR_USCORE) > 0 )
$regex_mask = $regex_mask . "\_";
- if ( ($valid_data & VAR_AT) > 0 )
+ if ( ($valid_data && VAR_AT) > 0 )
$regex_mask = $regex_mask . "\@";
return ereg_replace("[^".$regex_mask."]", "", $item);
---------- PATCH CUT ------------------
---------------------------------------
Received: (at 338301-close) by bugs.debian.org; 17 Dec 2005 21:51:51 +0000
>From [EMAIL PROTECTED] Sat Dec 17 13:51:51 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnjtV-0000Jv-0D; Sat, 17 Dec 2005 13:47:09 -0800
From: David Gil <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#338301: fixed in acidbase 1.2.1-3
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 17 Dec 2005 13:47:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2
Source: acidbase
Source-Version: 1.2.1-3
We believe that the bug you reported is fixed in the latest version of
acidbase, which is due to be installed in the Debian FTP archive:
acidbase_1.2.1-3.diff.gz
to pool/main/a/acidbase/acidbase_1.2.1-3.diff.gz
acidbase_1.2.1-3.dsc
to pool/main/a/acidbase/acidbase_1.2.1-3.dsc
acidbase_1.2.1-3_all.deb
to pool/main/a/acidbase/acidbase_1.2.1-3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
David Gil <[EMAIL PROTECTED]> (supplier of updated acidbase package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 02 Dec 2005 00:23:51 +0100
Source: acidbase
Binary: acidbase
Architecture: source all
Version: 1.2.1-3
Distribution: unstable
Urgency: low
Maintainer: David Gil <[EMAIL PROTECTED]>
Changed-By: David Gil <[EMAIL PROTECTED]>
Description:
acidbase - Basic Analysis and Security Engine
Closes: 338301 341180
Changes:
acidbase (1.2.1-3) unstable; urgency=low
.
* Fixed bug "Can't delete alerts".
Don't filter action_chk_lst and action_lst http variables
since they are arrays, not strings. (Closes: #341180)
* I missed a colon in the last changelog entry, now really Closes: #338301.
* Added debconf templates translation.
+ New spanish po file.
* Added watch file
[ Javier Fernandez-Sanguino Pen~a ]
* Reformatted debian/README.Debian and fix names that were pointing
to ACID
Files:
70c56b0fa32a12f86eacf457233b5183 676 web optional acidbase_1.2.1-3.dsc
08940697d56707e0d602b7d6fc52d805 13167 web optional acidbase_1.2.1-3.diff.gz
de089f32a110af85d92fdfa8c71c4844 347320 web optional acidbase_1.2.1-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDpFA0sandgtyBSwkRAoATAJ49s+5t5k5VpwA7SXJPwhC33PRTlgCeOLTx
fiq4pcpqmFyFdIZiYdLy3ms=
=2KpQ
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
