Bug#1070345: kodi-data: Symlink for Roboto font is still for hinted version

[Christer Mjellem Strand]

Package: kodi-data
Version: 2:20.5+dfsg-2
Severity: minor

Dear Maintainer,

Following #922950, the dependency was updated from fonts-roboto-hinted to 
fonts-roboto-unhinted.
However, the symlink using it was not updated accordingly:

% ls -la /usr/share/kodi/addons/skin.estuary/fonts/Roboto-Thin.ttf 
lrwxrwxrwx 1 root root 56 Mar 31 20:36 
/usr/share/kodi/addons/skin.estuary/fonts/Roboto-Thin.ttf -> 
../../../../fonts/truetype/roboto/hinted/Roboto-Thin.ttf

Please also update this accordingly from hinted to unhinted, so it matches.

Thanks.

Bug#1021031: wordpress: Should wordpress depend on libjs-jquery instead of bundling jQuery?

[Christer Mjellem Strand]

While I'm sure this has been discussed in the past, and upstream
probably has opinions on the topic, the fact is that the WordPress
package in testing now bundles jQuery 3.6.0, while the libjs-jquery
package in testing as of writing provides 3.6.1. As such, I can't
really think of any (technical) reason to continue bundling jQuery 

in

the WordPress package rather than depending on libjs-jquery and
symlinking, as is already done for libjs-cropper and
libjs-underscore, and as plenty of other packages already do. This
too could (should?) be a versioned dependency, with a minimum
version.


WordPress bundled jquery has no conflict appended to it. The
linktrees file in the WordPress package source package mentions this:

[..]

Aha, thanks for untangling this for me. I made the (false) assumption 
that this was likely a versioning issue; it hadn't occurred to me that 
WordPress might be altering jQuery for their bundled copy, though it 
also seemed strange that this could have simply been missed in such a 
high-profile package. As always, things are more complicated than they 
may first appear.


Feel free to close this (or set as duplicate of #591799), unless you 
feel particularly inclined to go stir the pot again with upstream.


--
Christer Mjellem Strand
System Administrator

Bug#1021031: wordpress: Should wordpress depend on libjs-jquery instead of bundling jQuery?

[Christer Mjellem Strand]

Package: wordpress
Version: 6.0.2+dfsg1-1
Severity: wishlist

Dear Maintainer,

While I'm sure this has been discussed in the past, and upstream probably has
opinions on the topic, the fact is that the WordPress package in testing now
bundles jQuery 3.6.0, while the libjs-jquery package in testing as of writing
provides 3.6.1. As such, I can't really think of any (technical) reason to
continue bundling jQuery in the WordPress package rather than depending on
libjs-jquery and symlinking, as is already done for libjs-cropper and
libjs-underscore, and as plenty of other packages already do. This too could
(should?) be a versioned dependency, with a minimum version.

This of course assumes that the (libjs|node)-jquery package(s) will continue
to receive timely updates, which, based on the changelog of the last several
years, today seems a reasonable assumption.

Worth considering?

-- System Information:
Debian Release: 10.13
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-0.deb10.16-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages wordpress depends on:
ii  apache2 [httpd]2.4.52-1~deb11u2
ii  ca-certificates20210119
ii  default-mysql-client   1.0.5
ii  libjs-cropper  1.2.2-1
ii  libjs-underscore   1.13.3~dfsg+~1.11.4-1
ii  mariadb-client-10.3 [virtual-  1:10.3.36-0+deb10u1
ii  php2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php-gd 2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php-getid3 1.9.21+dfsg-1
ii  php-mysql  2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php8.1 [php]   8.1.10-2+0~20220918.26+debian10~1.gbp595f64
ii  php8.1-gd [php-gd] 8.1.10-2+0~20220918.26+debian10~1.gbp595f64
ii  php8.1-mysql [php-mysqlnd] 8.1.10-2+0~20220918.26+debian10~1.gbp595f64

Versions of packages wordpress recommends:
ii  wordpress-l10n   6.0.2+dfsg1-1
ii  wordpress-theme-twentytwentytwo  6.0.2+dfsg1-1

Versions of packages wordpress suggests:
ii  mariadb-server-10.3 [virtual-m  1:10.3.36-0+deb10u1
ii  php-curl2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php-imagick 3.6.0-4+0~20220117.35+debian10~1.gbp149f82
ii  php-mbstring2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
pn  php-ssh2
ii  php-xml 2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php-zip 2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php8.1-curl [php-curl]  8.1.10-2+0~20220918.26+debian10~1.gbp595f64
ii  php8.1-imagick [php-imagick]3.6.0-4+0~20220117.35+debian10~1.gbp149f82
ii  php8.1-mbstring [php-mbstring]  8.1.10-2+0~20220918.26+debian10~1.gbp595f64
ii  php8.1-xml [php-xml]8.1.10-2+0~20220918.26+debian10~1.gbp595f64
ii  php8.1-zip [php-zip]8.1.10-2+0~20220918.26+debian10~1.gbp595f64

-- no debconf information

Bug#1021030: phpsysinfo: phpSysInfo vulnerable to multiple CVEs in bundled jQuery lib

[Christer Mjellem Strand]

Package: phpsysinfo
Version: 3.2.5-3
Severity: important

Dear Maintainer,

The version of phpSysInfo shipped in Debian is very old, and in turn bundles a 
very
old version of jQuery (1.12.4). Rather than upgrade to a recent jQuery - which 
would
allow for using libjs-jquery instead - upstream has decided to backport fixes 
for at
least some of these CVEs, as seen in

and elsewhere.

Please consider upgrading the package to the most recent upstream version so 
Debian
users can benefit from these fixes and others. In lieu of that, please upgrade 
the
bundled jQuery libs, which appear to have been quite heavily patched by upstream
over the years.

I'm also wondering whether the existing dependency on libjs-jquery is actually 
needed,
as it does not seem to actually be used. Presumably a modern day jQuery version 
would
not work with phpSysInfo if it needs such ancient versions, at least not 
without jQuery
Migrate being involved, which is presumably an upstream job and outside the 
scope
of package maintenance.

Thanks.


-- System Information:
Debian Release: 10.13
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-0.deb10.16-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages phpsysinfo depends on:
ii  apache2 [httpd]   2.4.52-1~deb11u2
ii  libjs-jquery  3.5.1+dfsg-4~bpo10+1
ii  php   2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php-xml   2:8.1+92+0~20220117.43+debian10~1.gbpe0d14e
ii  php8.1 [php]  8.1.10-2+0~20220918.26+debian10~1.gbp595f64
ii  php8.1-xml [php-xml]  8.1.10-2+0~20220918.26+debian10~1.gbp595f64

phpsysinfo recommends no packages.

Versions of packages phpsysinfo suggests:
ii  hddtemp 0.3-beta15-53
ii  lm-sensors  1:3.5.0-3

-- no debconf information

Bug#1013433: grepcidr: New and improved fork available

[Christer Mjellem Strand]

Package: grepcidr
Version: 2.0-2
Severity: normal

Dear Maintainer,

The currently packaged version of grepcidr no longer appears to see active 
development.
There is a fork available at , which 
seems to be maintained, and in my personal experience,
is slightly less quirky than the original version. See 

as one example of others sharing this view.

Would you consider switching the package to using this v3 fork instead?

Thanks.

-- System Information:
Debian Release: 10.12
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.103-1~bpo10+1 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages grepcidr depends on:
ii  libc6  2.28-10+deb10u1

grepcidr recommends no packages.

grepcidr suggests no packages.

-- no debconf information

Bug#999568: wordpress: WordPress package should not ship separate root store

[Christer Mjellem Strand]

Looking at this more closely, I now see line 209 in class-http.php:

'sslcertificates' => '/etc/ssl/certs/ca-certificates.crt',

This would explain the dependency on ca-certificates, and I guess the 
core issue here as such is already solved. Apologies for not finding 
this sooner.


That said, is there a point to shipping the WordPress root store in the 
package if it isn't used? Or if one does need to be present in that 
location, shouldn't it rather point to the system root store somehow 
(such as a symlink)?


--
Christer Mjellem Strand
System Administrator

pgpozGQ7fkDlu.pgp
Description: PGP signature

Bug#999568: wordpress: WordPress package should not ship separate root store

[Christer Mjellem Strand]

Package: wordpress
Version: 5.8.1+dfsg1-1
Severity: normal

Dear Maintainer,

It seems this package includes a WordPress-provided root store, which like 
Debian's is based on Mozilla, but which includes a workaround for an issue from 
six years ago concerning 1024-bit roots 
().

I can't say I've bothered looking for any Debian policies which may apply to 
this, but it seems to me that no package should use a non-system root store 
unless there is a very good reason to. I'm not convinced that this six year old 
issue is such a reason; the workaround was only needed for OpenSSL 1.0.1g, a 
version which predates Stretch. I cannot really see that there is anything 
otherwise unique to WordPress that would justify not just using the 
Debian-provided system root store.

As one example, the recently released 5.8.2 included one security fix which was 
directly caused by this practice (related to the recent Let's Encrypt root 
expiry): . In Debian, this issue 
was already sorted a month ago in #995432.

To solve this, I suggest one of the following:

1. Remove /usr/share/wordpress/wp-includes/certificates/ca-bundle.crt from the 
package and make it a symlink to /etc/ssl/certs/ca-certificates.crt
(ca-certificates is already a dependency)

or

2. Remove /usr/share/wordpress/wp-includes/certificates/ and patch 
/usr/share/wordpress/wp-includes/class-http.php to read 
/etc/ssl/certs/ca-certificates.crt (see lines 14 and 137 in 5.3.1)


Cheers

-- System Information:
Debian Release: 10.11
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.8.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages wordpress depends on:
ii  apache2 [httpd] 2.4.48-3~bpo10+1
ii  ca-certificates 20210119
ii  default-mysql-client1.0.5
ii  libjs-cropper   1.2.2-1
ii  libjs-underscore1.9.1~dfsg-1+deb10u1
ii  mariadb-client-10.3 [virtual-mysql-client]  1:10.3.31-0+deb10u1
ii  php 2:7.3+69
ii  php-gd  2:7.3+69
ii  php-getid3  1.9.20+dfsg-1
ii  php-mysql   2:7.3+69
ii  php7.3 [php]7.3.31-1~deb10u1
ii  php7.3-gd [php-gd]  7.3.31-1~deb10u1
ii  php7.3-mysql [php-mysqlnd]  7.3.31-1~deb10u1

Versions of packages wordpress recommends:
ii  wordpress-l10n   5.8.1+dfsg1-1
ii  wordpress-theme-twentytwentyone  5.8.1+dfsg1-1

Versions of packages wordpress suggests:
ii  mariadb-server-10.3 [virtual-mysql-server]  1:10.3.31-0+deb10u1
pn  php-ssh2

-- Configuration Files:
/etc/wordpress/htaccess [Errno 2] No such file or directory: 
'/etc/wordpress/htaccess'

-- no debconf information

Bug#992302: wordpress: WordPress 5.8 available

[Christer Mjellem Strand]

Package: wordpress
Version: 5.7.1+dfsg1-2
Severity: wishlist

Dear Maintainer,

First: congrats on Bullseye!

WordPress 5.8 (Tatum) was released on July 20, nearly a month ago. It contains
at least one XSS fix ((), as well
as a host of other improvements.

Any chance we could get it packaged for unstable?

TIA

-- System Information:
Debian Release: 10.10
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-0.bpo.8-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages wordpress depends on:
ii  apache2 [httpd] 2.4.48-3~bpo10+1
ii  ca-certificates 20210119
ii  default-mysql-client1.0.5
ii  libjs-cropper   1.2.2-1
ii  libjs-underscore1.9.1~dfsg-1+deb10u1
ii  mariadb-client-10.3 [virtual-mysql-client]  1:10.3.29-0+deb10u1
ii  php 2:7.3+69
ii  php-gd  2:7.3+69
ii  php-getid3  1.9.20+dfsg-1
ii  php-mysql   2:7.3+69
ii  php7.3 [php]7.3.29-1~deb10u1
ii  php7.3-gd [php-gd]  7.3.29-1~deb10u1
ii  php7.3-mysql [php-mysqlnd]  7.3.29-1~deb10u1

Versions of packages wordpress recommends:
ii  wordpress-l10n   5.7.1+dfsg1-2
ii  wordpress-theme-twentytwentyone  5.7.1+dfsg1-2

Versions of packages wordpress suggests:
ii  mariadb-server-10.3 [virtual-mysql-server]  1:10.3.29-0+deb10u1
pn  php-ssh2

-- Configuration Files:
/etc/wordpress/htaccess [Errno 2] No such file or directory: 
'/etc/wordpress/htaccess'

-- no debconf information

Bug#985239: rspamd should depend on publicsuffix

[Christer Mjellem Strand]

Package: rspamd
Version: 2.7-1~bpo10+1
Severity: normal

Dear Maintainer,

rspamd is currently shipping its own bundled copy of the public suffix list 
(see publicsuffix.org),
as /usr/share/rspamd/effective_tld_names.dat. It should instead depend on the 
publicsuffix package,
where this list is maintained, and use it from 
/usr/share/publicsuffix/effective_tld_names.dat.

-- System Information:
Debian Release: 10.8
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.8.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages rspamd depends on:
ii  adduser 3.118
ii  ca-certificates 20210119
ii  fonts-glyphicons-halflings  1.009~3.4.1+dfsg-1
ii  init-system-helpers 1.56+nmu1
ii  libc6   2.28-10
ii  libgcc1 1:8.3.0-6
ii  libglib2.0-02.58.3-2+deb10u2
ii  libhyperscan5   5.1.0-1
ii  libicu6363.1-6+deb10u1
ii  libjs-bootstrap44.5.2+dfsg1-6
ii  libjs-jquery3.5.1+dfsg-4~bpo10+1
ii  libjs-requirejs 2.3.6-1
ii  libluajit-5.1-2 2.1.0~beta3+dfsg-5.1
ii  libpcre2-8-010.32-5
ii  libsodium23 1.0.17-1
ii  libsqlite3-03.27.2-3+deb10u1
ii  libssl1.1   1.1.1d-0+deb10u5
ii  libstdc++6  8.3.0-6
ii  libunwind8  1.2.1-10~deb10u1
ii  lsb-base10.2019051400
ii  perl5.28.1-6+deb10u1
ii  zlib1g  1:1.2.11.dfsg-1

Versions of packages rspamd recommends:
ii  redis-server  5:6.0.10-4~bpo10+1

rspamd suggests no packages.

-- no debconf information

Bug#984985: wordpress: WordPress 5.7 available

[Christer Mjellem Strand]

Package: wordpress
Version: 5.6.1+dfsg1-1
Severity: normal

Dear Maintainer,

WordPress 5.7 has been released. Appreciate if you're able to update the 
package at your earliest convenience.



TIA

-- System Information:
Debian Release: 10.8
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.8.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages wordpress depends on:
ii  apache2 [httpd] 2.4.46-4~bpo10+1
ii  ca-certificates 20210119
ii  default-mysql-client1.0.5
ii  libjs-cropper   1.2.2-1
ii  libjs-underscore1.9.1~dfsg-1
ii  mariadb-client-10.3 [virtual-mysql-client]  1:10.3.27-0+deb10u1
ii  php 2:7.3+69
ii  php-gd  2:7.3+69
ii  php-getid3  1.9.20+dfsg-1
ii  php-mysql   2:7.3+69
ii  php7.3 [php]7.3.27-1~deb10u1
ii  php7.3-gd [php-gd]  7.3.27-1~deb10u1
ii  php7.3-mysql [php-mysqlnd]  7.3.27-1~deb10u1

Versions of packages wordpress recommends:
ii  wordpress-l10n   5.6.1+dfsg1-1
ii  wordpress-theme-twentytwentyone  5.6.1+dfsg1-1

Versions of packages wordpress suggests:
ii  mariadb-server-10.3 [virtual-mysql-server]  1:10.3.27-0+deb10u1
pn  php-ssh2

-- Configuration Files:
/etc/wordpress/htaccess [Errno 2] No such file or directory: 
'/etc/wordpress/htaccess'

-- no debconf information

Bug#970732: btrfsmaintenance: New upstream version available

[Christer Mjellem Strand]

Package: btrfsmaintenance
Version: 0.4.2-1
Severity: wishlist

Dear Maintainer,

Version 0.5 was released on 2020-07-30. Please consider updating this package 
when possible.

Thanks.

-- System Information:
Debian Release: 10.5
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 5.7.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages btrfsmaintenance depends on:
ii  btrfs-progs  4.20.1-2
ii  cron 3.0pl1-134+deb10u1
ii  systemd  241-7~deb10u4

btrfsmaintenance recommends no packages.

btrfsmaintenance suggests no packages.

Bug#970731: btrfsmaintenance: Update description: CFQ is no longer Debian's default scheduler

[Christer Mjellem Strand]

Package: btrfsmaintenance
Version: 0.4.2-1
Severity: minor

Dear Maintainer,

The description for this package mentions that "CFQ is Debian's default block 
scheduler."
At least as of buster, I don't believe this is true anymore:

# cat /sys/block/sd*/queue/scheduler
[mq-deadline] none
[mq-deadline] none
[mq-deadline] none
[mq-deadline] none

As such, the description should probably be updated.

-- System Information:
Debian Release: 10.5
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 5.7.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages btrfsmaintenance depends on:
ii  btrfs-progs  4.20.1-2
ii  cron 3.0pl1-134+deb10u1
ii  systemd  241-7~deb10u4

btrfsmaintenance recommends no packages.

btrfsmaintenance suggests no packages.

Bug#962820: hashcash: Newer version available

[Christer Mjellem Strand]

Package: hashcash
Version: 1.21-2
Severity: wishlist

Dear Maintainer,

A newer version, 1.22, has been available for 14(!) years at time of writing.
A pre-release of 1.23 was also released in 2011, but given its age, I think
this should be considered for packaging.

Upstream continues to live at , but the source is
also available from , though it's
unclear whether this is an official or third party effort.

Please consider packaging a marginally newer version.

Thanks.


-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.19.0-0.bpo.5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages hashcash depends on:
ii  libc6  2.28-10

hashcash recommends no packages.

hashcash suggests no packages.

-- no debconf information

Bug#962502: libowfat0: Newer version available

[Christer Mjellem Strand]

Package: libowfat0
Version: 0.30-2
Severity: wishlist

Dear Maintainer,

The current version in Debian is from 2015, and newer versions have since been 
released.
As or writing, the latest version is 0.32, released 2018-10-02.

Please consider packaging the newer version.

Thank you.

-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.19.0-0.bpo.5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libowfat0 depends on:
ii  libc6  2.28-10

libowfat0 recommends no packages.

libowfat0 suggests no packages.

-- no debconf information

Bug#961472: libmail-dkim-perl: dkimproxy-sign breaks RFC with hardcoded deprecated signing algo

[Christer Mjellem Strand]

[..]

While ideally the user should be allowed to choose, if it is going to
be hardcoded, at least the hardcoded value should be SHA-256 rather
than SHA-1. The supplied patch addresses this, and I would appreciate
if it could be applied.


Actually, looking a bit more closely at the code, it turns out the user 
*is* allowed to choose, by applying the --algorithm argument. This, 
however, appears entirely undocumented, as there's no mention of it in 
neither the man page nor with dkimproxy-sign --help. I suppose that's 
worthy of another report, as there are apparently a slew of 
undocumented arguments:


my $type = "dkim";
my $selector = "selector1";
my $algorithm = "rsa-sha1";
my $method = "simple";
my $domain; # undef => auto-select domain
my $expiration;
my $identity;
my $key_file = "private.key";
my $key_protocol;
my @extra_tag;
my $debug_canonicalization;
my $binary;
my $help;

I still think the patch should be applied, though (even with its 
mis-spelled name..), as it at least updates the default to a sane and 
RFC-conformant level.


Cheers

--
Christer Mjellem Strand
System Administrator

pgpDILXEDpD4O.pgp
Description: PGP signature

Bug#961472: libmail-dkim-perl: dkimproxy-sign breaks RFC with hardcoded deprecated signing algo

[Christer Mjellem Strand]

Package: libmail-dkim-perl
Version: 0.54-1
Severity: normal

Dear Maintainer,

This package ships with /usr/bin/dkimproxy-sign, from dkim-proxy, which is 
hardcoded to use rsa-sha1 for signing.
Beyond being generally weak, SHA-1 is now explicitly banned for DKIM use by RFC 
8301:

"Due to the recognized weakness of the SHA-1 hash algorithm (see [RFC6194]) and 
the wide availability of the SHA-256
hash algorithm (it has been a required part of DKIM [RFC6376] since it was 
originally standardized in 2007), the
SHA-1 hash algorithm MUST NOT be used."

While ideally the user should be allowed to choose, if it is going to be 
hardcoded, at least the hardcoded value
should be SHA-256 rather than SHA-1. The supplied patch addresses this, and I 
would appreciate if it could be
applied.

Thanks.

-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.19.0-0.bpo.5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libmail-dkim-perl depends on:
ii  libcrypt-openssl-rsa-perl 0.31-1+b1
ii  libdigest-sha-perl6.02-1+b1
ii  liberror-perl 0.17027-2
ii  libmailtools-perl 2.18-1
ii  libnet-dns-perl   1.19-1
ii  libperl5.24 [libdigest-sha-perl]  5.24.1-3+deb9u5
ii  perl [libdigest-sha-perl] 5.28.1-6

libmail-dkim-perl recommends no packages.

libmail-dkim-perl suggests no packages.

-- no debconf information
--- /usr/bin/dkimproxy-sign 2018-12-04 21:15:55.0 +0100
+++ /usr/local/bin/dkimproxy-sign   2020-05-24 22:34:35.585654976 +0200
@@ -16,7 +16,7 @@
 
 my $type = "dkim";
 my $selector = "selector1";
-my $algorithm = "rsa-sha1";
+my $algorithm = "rsa-sha256";
 my $method = "simple";
 my $domain; # undef => auto-select domain
 my $expiration;

Bug#929021: spectre-meltdown-checker: New upstream version 0.41 checks for Fallout, RIDL and ZombieLoad

[Christer Mjellem Strand]

Package: spectre-meltdown-checker
Version: 0.40-1~bpo9+1
Severity: important
Tags: upstream

Dear Maintainer,

A new version was released today, 0.41, which checks for the new slew of CPU 
vulnerabilities now made
public. I assume packaging this single file script is trivial, and hope that 
the new version can be
made available quickly.

Thanks.

-- System Information:
Debian Release: 9.9
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.19.0-0.bpo.1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information

Bug#920275: ezmlm-idx: New upstream version/maintainer/repo

[Christer Mjellem Strand]

Package: ezmlm-idx
Version: 7.1.1-1~exp0.1
Severity: normal

Dear Future Maintainer,

This package has a new upstream maintainer (Bruce Guenter), a new upstream home 
(),
and a new upstream repo on GitHub (). The 
latest version is 7.2.2 from 2014,
but there are several later commits since then.

I realize this package is orphaned, and has never made it past experimental, 
but I'm leaving this here in hopes
that someone will adopt it some day, and that it might progress past its 
current long stale existence.

-- System Information:
Debian Release: 9.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.19.0-0.bpo.1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ezmlm-idx depends on:
ii  libc6  2.24-11+deb9u3
ii  qmail  99.00

ezmlm-idx recommends no packages.

ezmlm-idx suggests no packages.

-- no debconf information

Bug#916878: qpsmtpd: Newer upstream version available (0.96)

[Christer Mjellem Strand]

Package: qpsmtpd
Version: 0.94-2
Severity: wishlist

Hello,

The version currently in Debian is now four years old. Two new versions have 
been released since,
which include several desirable fixes:



Please consider upgrading the package to the latest version.

Note also the change in upstream URL: .

Thanks.

-- System Information:
Debian Release: 9.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.9.0-8-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages qpsmtpd depends on:
ii  adduser  3.115
ii  debconf  1.5.61
ii  libclamav-client-perl0.11-2
ii  libdigest-hmac-perl  1.03+dfsg-1
ii  libio-socket-inet6-perl  2.72-2
ii  libipc-shareable-perl0.61-1
ii  libmail-spf-perl 2.9.0-4
ii  libmailtools-perl2.18-1
ii  libnet-dns-perl  1.07-1
ii  libsocket6-perl  0.27-1+b1
ii  perl 5.24.1-3+deb9u5
ii  perl-modules-5.24 [libnet-perl]  5.24.1-3+deb9u5

qpsmtpd recommends no packages.

Versions of packages qpsmtpd suggests:
ii  clamav-daemon 0.100.2+dfsg-0+deb9u1
ii  libnet-ldap-perl  1:0.6500+dfsg-1
ii  spamassassin  3.4.2-1~deb9u1
pn  tinycdb   

-- debconf information excluded

Bug#813697: wordpress: New version available: 4.4.2

[Christer Mjellem Strand]

Package: wordpress
Version: 4.4.1+dfsg-1
Severity: important

Dear Maintainer,

Version 4.4.2 was released two days ago, with the following security fixes:

 *  #36435 HTTP: 0.1.2.3 is not a valid IP.
 *  #36444 Better validation of the URL used in HTTP redirects.

Please consider packaging and uploading this fixed version to unstable.

Thanks.

-- System Information:
Debian Release: 8.1
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.3.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Bug#783347: wordpress: New critical security release available: 4.1.2

[Christer Mjellem Strand]

Package: wordpress
Version: 4.1+dfsg-1
Severity: important

Dear Maintainer,

Version 4.1.2 was released on April 21st, tagged as a critical security 
release, and containing several security-related fixes, including an important 
XSS fix.
As far as I can tell, this release is not available in neither stable nor 
unstable, nor have the fixes as of yet been backported to a stable release.
I therefore request that you please consider packaging and uploading this fixed 
version.
Note also that version 4.2 was released on April 23rd, which should likely be 
considered for unstable.

I understand this must have been a busy week, and apologize if this is already 
being looked into.

Thanks, and thanks for maintaining WordPress!

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages wordpress depends on:
ii  apache2  2.4.9-1
ii  apache2-bin [httpd]  2.4.9-1
ii  apache2-mpm-itk [httpd]  2.4.9-1
ii  ca-certificates  20141019
ii  libapache2-mod-php5  5.6.0+dfsg-1
ii  libjs-cropper1.2.2-1
ii  libjs-mediaelement   2.15.1+dfsg-1
ii  libphp-phpmailer 5.2.9+dfsg-2
ii  mysql-client-5.5 [mysql-client]  5.5.40-1
ii  php-getid3   1.9.8-3
ii  php5 5.4.4-15.1
ii  php5-gd  5.6.0+dfsg-1
ii  php5-mysql   5.6.0+dfsg-1
ii  wordpress-theme-twentyfifteen4.1+dfsg-1

Versions of packages wordpress recommends:
ii  wordpress-l10n  4.1+dfsg-1

Versions of packages wordpress suggests:
ii  mysql-server  5.5.40-1

-- Configuration Files:
/etc/wordpress/htaccess [Errno 2] No such file or directory: 
u'/etc/wordpress/htaccess'

-- no debconf information

-- debsums errors found:
sh: /usr/sbin/dpkg-divert: No such file or directory


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#779227: libssl1.0.0: Add patch for supporting ChaCha20/Poly1305 algorithms

[Christer Mjellem Strand]

Source: libssl1.0.0
Version: 1.0.2-1
Severity: wishlist

Dear Maintainer,

Please consider applying CloudFlare's patch by Vlad Krasnov for supporting 
djb's ChaCha20 and Poly1305 algorithms.

https://github.com/cloudflare/sslconfig/blob/master/patches/openssl__chacha20_poly1305_cf.patch

Details here:

https://blog.cloudflare.com/do-the-chacha-better-mobile-performance-with-cryptography/
http://openssl.6102.n7.nabble.com/openssl-org-3615-PATCH-ChaCha20-with-Poly1305-TLS-Cipher-Suites-via-the-EVP-interface-td55120.html

Many thanks.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#779246: libssl1.0.0: Support for RC4 should be dropped

[Christer Mjellem Strand]

Source: libssl1.0.0
Version: 1.0.1k-1
Severity: wishlist

Dear Maintainer,

As of the publication of RFC 7465 this month, support for RC4 is now
formally prohibited. Section 2 explicitly states:

   o  TLS clients MUST NOT include RC4 cipher suites in the ClientHello
  message.

   o  TLS servers MUST NOT select an RC4 cipher suite when a TLS client
  sends such a cipher suite in the ClientHello message.

   o  If the TLS client only offers RC4 cipher suites, the TLS server
  MUST terminate the handshake.  The TLS server MAY send the
  insufficient_security fatal alert in this case.

It therefore seems reasonable to forcibly disable support for this, as
was done with SSLv3, even if no single common exploit is yet known.

The following patch from Piotr Sikora of CloudFlare has been used by them
in production for more than a year:

https://github.com/cloudflare/openssl-deprecate-rc4/

As evidenced by this blog post:

https://blog.cloudflare.com/killing-rc4/

While this only applies to TLSv1.1+, presumably it should be a simple matter
to remove the protocol condition, and apply a similar patch to OpenSSL in
Debian.

Many thanks for your consideration.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#445842: gd failure

[Christer Mjellem Strand]

Unless I am mistaken, this bug makes rmagic entirely unusable in
squeeze.


FWIW I think #545084 already has that effect.

--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  System administrator ICQ: 9557698
  GSM: +47 922 000 12JID: yitz...@jabber.no
 -==-  -=-  -==-



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#585040: mime-support: Please add video/webm

[Christer Mjellem Strand]

Package: mime-support
Version: 3.48-1
Severity: wishlist


Please consider adding video/webm .webm to mime.types.

URL:http://www.webmproject.org/code/specs/container/#naming

I can't see that Google has reserved a separate extension for audio-only WebM
files, which I presume means one has to choose either video/webm or audio/webm
for the .webm extension. IMHO the former is likely to become more widespread, as
audio/webm is simply Vorbis in a Matroska container, and those using Vorbis
audio-only files I suspect will continue to use the Ogg container.

If better approaches are available to accomodate both, the above can be ignored,
obviously.

Thanks.


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-3-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

mime-support depends on no packages.

Versions of packages mime-support recommends:
ii  file  5.04-2 Determines file type using magic

mime-support suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#578392: mime-support: Please add text/x-sfv

[Christer Mjellem Strand]

Package: mime-support
Version: 3.48-1
Severity: wishlist

Please consider adding the following to mime.types, to help identify Simple 
File Verification files:

text/x-sfv   sfv


URL:http://en.wikipedia.org/wiki/Simple_file_verification

Thanks.

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.30-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

mime-support depends on no packages.

Versions of packages mime-support recommends:
ii  file  5.04-1 Determines file type using magic

mime-support suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#572218: gallery2 should depend on libjs-yui

[Christer Mjellem Strand]

Package: gallery2
Version: 2.3.1.dfsg-1
Severity: normal

The gallery2 package bundles a number of scripts from the YUI library in 
/usr/share/gallery2/lib/yui/
The version bundled with gallery2 is old (2007), and the scripts in question 
are all available in the libjs-yui package.
Rather than bundling these scripts, gallery2 should instead depend on 
libjs-yui, and symlink the files under /usr/share/gallery2/lib/yui/ to the 
corresponding
scripts under /usr/share/javascript/yui/

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.30-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages gallery2 depends on:
ii  apache2  2.2.14-5Apache HTTP Server metapackage
ii  apache2-mpm-prefork [httpd]  2.2.14-5Apache HTTP Server - traditional n
ii  debconf [debconf-2.0]1.5.28  Debian configuration management sy
ii  imagemagick  7:6.5.8.3-1 image manipulation programs
ii  libapache2-mod-php5  5.3.1-5 server-side, HTML-embedded scripti
ii  libphp-adodb 5.09a-1 The ADOdb database abstraction lay
ii  mysql-client-5.1 [mysql-clie 5.1.41-3MySQL database client binaries
ii  netpbm   2:10.0-12   Graphics conversion tools
ii  php5 5.3.1-5 server-side, HTML-embedded scripti
ii  php5-cgi 5.3.1-5 server-side, HTML-embedded scripti
ii  php5-mysql   5.3.1-5 MySQL module for php5
ii  smarty   2.6.26-0.1  Template engine for PHP
ii  wwwconfig-common 0.2.1   Debian web auto configuration

Versions of packages gallery2 recommends:
ii  dcraw  8.86-1decode raw digital camera images
ii  ffmpeg 5:0.5+svn20100208-0.1 audio/video encoder, streaming ser
ii  jhead  1:2.90-1  manipulate the non-image part of E
ii  libjpeg-progs  8-2.1 Programs for manipulating JPEG fil
ii  php5-gd5.3.1-5   GD module for php5
ii  unzip  6.0-3 De-archiver for .zip files
ii  zip3.0-2 Archiver for .zip files

Versions of packages gallery2 suggests:
ii  mysql-server-5.1 [mysql-serve 5.1.41-3   MySQL database server binaries

-- debconf information:
* gallery2/mysql/dbserver: localhost
* gallery2/restart-webserver: false
  gallery2/webserver_type: apache, apache-ssl, apache-perl, apache2
  gallery2/mysql/dbname: gallery2
  gallery2/mysql/configure: true
  gallery2/purge: true
* gallery2/mysql/dbadmin: root



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#545084: rmagic fails with recent versions of libconfig-inifiles-perl

[Christer Mjellem Strand]

Package: rmagic
Version: 2.21-4
Severity: important

rmagic will not run with the version of libconfig-inifiles-perl currently in 
testing (2.49-1).

betty - ~ # rmagic rmagic-test.ini
Use of uninitialized value $_[0] in substitution (s///) at 
/usr/share/perl/5.10/File/Basename.pm line 341.
fileparse(): need a valid pathname at /usr/bin/rmagic line 708

Downgrading to the version in stable (2.39-5) makes it run fine again.

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages rmagic depends on:
ii  libconfig-inifiles-perl   2.39-5 Read .ini-style configuration file
ii  libgd-graph3d-perl0.63-5 Create 3D Graphs with GD and GD::G
ii  libhtml-parser-perl   3.61-1 collection of modules that parse H
ii  perl  5.10.0-25  Larry Wall's Practical Extraction 

Versions of packages rmagic recommends:
ii  analog2:6.0-19   web server log analyzer

Versions of packages rmagic suggests:
pn  doc-base  none (no description available)

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#482611: grub: Outdated ramdisk info in README.Debian

[Christer Mjellem Strand]

Package: grub
Version: 0.97-38
Severity: minor

README.Debian claims the following:

Be warned if your initrd image is larger than 4MB it is bigger than the
default ramdisk size and you will need to use a kernel command line
option like the following:

ramdisk_size=16384

IINM, this is no longer correct. AFAICT it was added in bug 142959, in 2002.

[EMAIL PROTECTED]:~$ dmesg | grep -i ramdisk
RAMDISK driver initialized: 16 RAM disks of 8192K size 1024 blocksize

Unless something funky has happened to my system that I've somehow completely 
managed to miss, the default ramdisk size is now
twice what README.Debian states. It's still good advice though, but it might 
also be worth noting that the option should be added
to kopt, to avoid it getting overwritten on kernel upgrades.

-- Package-specific info:

*** BEGIN /boot/grub/device.map
(fd0)   /dev/fd0
(hd0)   /dev/hda
(hd1)   /dev/sda
*** END /boot/grub/device.map

*** BEGIN /proc/mounts
/dev/root / ext2 rw 0 0
/dev/root /dev/.static/dev ext2 rw 0 0
/dev/sda2 /boot ext3 rw,data=ordered 0 0
/dev/sda3 /usr ext3 rw,data=ordered 0 0
/dev/sda6 /var ext3 rw,data=ordered 0 0
/dev/sda7 /data ext3 rw,data=ordered 0 0
/dev/sda8 /home ext3 rw,data=ordered 0 0
/dev/hda1 /backup ext3 rw,data=ordered 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/menu.lst
# menu.lst - See: grub(8), info grub, update-grub(8)
#grub-install(8), grub-floppy(8),
#grub-md5-crypt, /usr/share/doc/grub
#and /usr/share/doc/grub-legacy-doc/.

## default num
# Set the default entry to the entry number NUM. Numbering starts from 0, and
# the entry number 0 is the default if the command is not used.
#
# You can specify 'saved' instead of a number. In this case, the default entry
# is the entry saved with the command 'savedefault'.
# WARNING: If you are using dmraid do not change this entry to 'saved' or your
# array will desync and will not let you boot your system.
default 0

## timeout sec
# Set a timeout, in SEC seconds, before automatically booting the default entry
# (normally the first entry defined).
timeout 5

# Pretty colours
color cyan/blue white/blue

### PASSWORD LINE REMOVED ###
# If used in the first section of a menu file, disable all interactive editing
# control (menu entry editor and command-line)  and entries protected by the
# command 'lock'
### PASSWORD LINE REMOVED ###
### PASSWORD LINE REMOVED ###
### PASSWORD LINE REMOVED ###

#
# examples
#
# title Windows 95/98/NT/2000
# root  (hd0,0)
# makeactive
# chainloader   +1
#
# title Linux
# root  (hd0,1)
# kernel/vmlinuz root=/dev/hda2 ro
#

#
# Put static boot stanzas before and/or after AUTOMAGIC KERNEL LIST

### BEGIN AUTOMAGIC KERNELS LIST
## lines between the AUTOMAGIC KERNELS LIST markers will be modified
## by the debian update-grub script except for the default options below

## DO NOT UNCOMMENT THEM, Just edit them to your needs

## ## Start Default Options ##
## default kernel options
## default kernel options for automagic boot options
## If you want special options for specific kernels use kopt_x_y_z
## where x.y.z is kernel version. Minor versions can be omitted.
## e.g. kopt=root=/dev/hda1 ro
##  kopt_2_6_8=root=/dev/hdc1 ro
##  kopt_2_6_8_2_686=root=/dev/hdc2 ro
# kopt=root=/dev/sda1 ro

## default grub root device
## e.g. groot=(hd0,0)
# groot=(hd1,1)

## should update-grub create alternative automagic boot options
## e.g. alternative=true
##  alternative=false
# alternative=true

## should update-grub lock alternative automagic boot options
## e.g. lockalternative=true
##  lockalternative=false
# lockalternative=false

## additional options to use with the default boot option, but not with the
## alternatives
## e.g. defoptions=vga=791 resume=/dev/hda5
# defoptions=

## should update-grub lock old automagic boot options
## e.g. lockold=false
##  lockold=true
# lockold=false

## Xen hypervisor options to use with the default Xen boot option
# xenhopt=

## Xen Linux kernel options to use with the default Xen boot option
# xenkopt=console=tty0

## altoption boot targets option
## multiple altoptions lines are allowed
## e.g. altoptions=(extra menu suffix) extra boot options
##  altoptions=(single-user) single
# altoptions=(single-user mode) single

## controls how many kernels should be put into the menu.lst
## only counts the first occurence of a kernel, not the
## alternative kernel options
## e.g. howmany=all
##  howmany=7
# howmany=all

## should update-grub create memtest86 boot option
## e.g. memtest86=true
##  memtest86=false
# memtest86=true

## should update-grub adjust the value of the default booted system
## can be true or false
# updatedefaultentry=false

## should update-grub add savedefault to the default options
## can be true or false
# savedefault=false

## ## End Default Options 

Bug#427971: More detailed info

[Christer Mjellem Strand]

Package: wnpp
Followup-For: Bug #427971


To flesh out the info about this superior MUA a little bit:

* Package name: mulberry
  Version : 4.0.8
  Upstream Author : Cyrus Daboo [EMAIL PROTECTED]
* URL : http://trac.mulberrymail.com/mulberry/wiki/opensource
* License : Apache 2
  Programming Lang: C
  Description : Very powerful graphical IMAP and calendaring client

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-3-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#419441: phpbb2: Automatically deleting oldest sessions when session table is full

[Christer Mjellem Strand]

Package: phpbb2
Version: 2.0.21-6
Severity: important

When using phpbb2 with MySQL, it is generally recommended that the session 
table be type HEAP to reduce disk activity and increase performance.
This however has the disadvantage of eventually filling up the session table, 
making it impossible to create new sessions, and thereby allowing new users to 
log in.

The attached patch will, provided that mysql or mysql4 is used as SQL Layer, 
expand MAX_ROWS of the session table by 50 when encountering this problem, 
until it reaches 2500. At that point it will delete the oldest sessions from 
the session table, which will by then have expired.
This effectively prevents the problem from occuring, and is IMHO a better 
solution than having to empty the session table manually or automatically, 
which will also throw out logged in users.

The patch was grabbed from the phpbb.com knowledge base, available on their 
site before the redesign.
It can still be viewed here:
http://web.archive.org/web/20060110233238/http://www.phpbb.com/kb/article.php?article_id=42
where it is also described as the recommended approach to this problem.

Why it has not been applied upstream I do not know, but in my experience it 
seems to work well, although it should probably be tested slightly more 
extensively before applying in Debian.

Thanks.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-3-686 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages phpbb2 depends on:
ii  apache [httpd]1.3.34-4.1 versatile, high-performance HTTP s
ii  apache2-mpm-prefork [httpd]   2.2.3-4Traditional model for Apache HTTPD
ii  debconf [debconf-2.0] 1.5.13 Debian configuration management sy
ii  libapache-mod-php55.2.0-10   server-side, HTML-embedded scripti
ii  libapache2-mod-php5   5.2.0-10   server-side, HTML-embedded scripti
ii  php5  5.2.0-10   server-side, HTML-embedded scripti
ii  php5-mysql5.2.0-10   MySQL module for php5

Versions of packages phpbb2 recommends:
ii  phpbb2-conf-mysql 2.0.21-6   Automatic configurator for phpbb2 
ii  qmail [mail-transport-agent]  1.0Dummy Qmail package to avoid 
dependency warnings

-- debconf information:
* phpbb2/httpd: apache
--- sessions.old2007-01-18 00:35:40.0 +0100
+++ sessions.php2007-04-15 18:54:09.0 +0200
@@ -186,7 +186,36 @@
VALUES ('$session_id', $user_id, $current_time, 
$current_time, '$user_ip', $page_id, $login);
if ( !$db-sql_query($sql) )
{
-   message_die(CRITICAL_ERROR, 'Error creating new 
session', '', __LINE__, __FILE__, $sql);
+   $error = TRUE; 
+   if (SQL_LAYER == mysql || SQL_LAYER == mysql4) 
+   { 
+   $sql_error = $db-sql_error($result); 
+   if ($sql_error[code] == 1114) 
+   { 
+   $result = $db-sql_query('SHOW TABLE STATUS 
LIKE '.SESSIONS_TABLE.''); 
+   $row = $db-sql_fetchrow($result); 
+   if ($row[Type] == HEAP) 
+   { 
+   if ($row[Rows]  2500) 
+   { 
+   $delete_order = (SQL_LAYER==mysql4) ? 
 ORDER BY session_time ASC : ; 
+   $db-sql_query(DELETE QUICK FROM 
.SESSIONS_TABLE.$delete_order LIMIT 50); 
+   } 
+   else 
+   { 
+   $db-sql_query(ALTER TABLE 
.SESSIONS_TABLE. MAX_ROWS=.($row[Rows]+50)); 
+   } 
+   if ($db-sql_query($sql)) 
+   { 
+   $error = FALSE; 
+   } 
+   } 
+   } 
+   } 
+   if ($error) 
+   { 
+   message_die(CRITICAL_ERROR, Error creating new 
session, , __LINE__, __FILE__, $sql); 
+   }
}
}
 
@@ -573,4 +602,4 @@
return $url;
 }
 
-?
\ No newline at end of file
+?

Bug#343233: Multiple boards still broken

[Christer Mjellem Strand]

I just ran into this bug, and was rather bewildered by it.
In case it helps for whenever this is reassigned to PHP, here's my 
experience.


Several boards have been running successfully for years, using both 
php4 and php5 from Debian's repository, with the auto_prepend method. 
This worked up until last weekend, when the php5 package was upgraded 
from 5.1.6-1 to 5.2.0-7. Since then the problem has been consistent, 
appearing on about 9 out of 10 loads, as previous reports have 
indicated.


To me it seems the problem is not that random prepend files are 
selected (I have them set up as one per vhost), but rather that the 
auto_prepend_file directive is ignored altogether, which makes it fall 
back to config.php. I could be mistaken of course -- I have not done 
much analysis of this.


I'd flag this as a security issue, since randomly accessing a different 
file than what's been explicitly defined can have rather unfortunate 
consequences.


The HTTP_HOST workaround does work, but as has also previously been 
noted, is far from ideal.


Hope this is to some help, and merry christmas to whoever reads this.

--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  Systems Administrator www.yitzhaq.net
  GSM +47 922 000 12   www.countzero.no
 -==-  -=-  -==-


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#391775: Vote for remove

[Christer Mjellem Strand]

While I can clearly see the intent with the latest fix in 21-5, and
that it's meant to help, I think it somewhat works against its
purpose.


Thank you for your feedback.

I agree that a fix that also allows for easy expiry/deletion of
spammer accounts has much value. This couldn't be accomplished
without changing the database, which was not opportune at this stage
of the release cycle.


That is fully understandable, and I certainly do appreciate that you 
are doing what you can to combat this huge problem.



I do not agree that the current fix is actually worse. Preventing to
give spammers a free, unblockable platform on any phpbb2 install has a
high priority for me, compared to the risk that not all illegitimate
accounts can be deleted. Since admins are admins already, they can
easily work around this shortcoming by viewing the database through
phpmyadmin, for example.


I disagree. Board admins are indeed board admins, but that does not 
necessarily imply they're equipped to do anything directly in the 
database. It is all but uncommon for hosting environments to offer 
phpBB2 as a service, without necessarily offering DB access to the 
user, or even exposing the database credentials. Even if the user does 
have access to the database in some form, a board admin will not 
necessarily speak enough SQL to do anything useful. Furthermore, 
phpmyadmin might not be available, and phpBB2 supports more DB software 
than just MySQL.


I can see how this patch would be useful to people though, but it 
significantly changes a major part of how the software works. I 
suggest, instead of flat out removing the patch like I first proposed, 
that it be reworked to be optional, instead of being forced onto those 
who don't want it. Ideally it could be made an option available from 
the admin interface, but I think an option in the config file would 
work too, or even a debconf choice. Having to repackage for each new 
release is a bit of a kerfuffle for those who disagree with the 
approach, or otherwise don't want the patch.



In any case, it can't be fixed before etch anymore because of the
freeze.


As I said, fully understandable. But I hope it can be looked into again 
after release.


Thanks again for your fine packaging work, and have a Merry Christmas.

--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  Systems Administrator www.yitzhaq.net
  GSM +47 922 000 12   www.countzero.no
 -==-  -=-  -==-


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#335424: pyzor: Issue still present

[Christer Mjellem Strand]

Hi, sorry for taking *forever* to reply. I had pretty much forgotten 
about this.



Well, pretty much, the 'internal error' is just spamd's way of saying
that something went wrong.  In this case a debug ('spamassassin -D
–lint' or something like it) would be really useful to me.


Here's what lint has to say on the issue:

[12662] dbg: plugin: registering glue method for check_pyzor 
(Mail::SpamAssassin::Plugin::Pyzor=HASH(0x94237e0))
[12662] dbg: util: current PATH is: 
/usr/local/bin:/usr/bin:/bin:/usr/games

[12662] dbg: util: executable for pyzor was found at /usr/bin/pyzor
[12662] dbg: pyzor: pyzor is available: /usr/bin/pyzor
[12662] dbg: info: entering helper-app run mode
[12662] dbg: pyzor: opening pipe: /usr/bin/pyzor  check  
/tmp/.spamassassin12662gJfoeetmp

[12695] dbg: util: setuid: ruid=89 euid=89
[12662] dbg: pyzor: killed stale helper [12695]
[12662] dbg: pyzor: [12695] terminated:  exit=0x000f
[12662] dbg: info: leaving helper-app run mode
[12662] dbg: pyzor: check timed out after 5 seconds

Note however that it does not fail every time - sometimes it doesn't. 
This was run directly after the previous command, same user, no changes 
whatsoever:


[22677] dbg: plugin: registering glue method for check_pyzor 
(Mail::SpamAssassin::Plugin::Pyzor=HASH(0x94237e0))
[22677] dbg: util: current PATH is: 
/usr/local/bin:/usr/bin:/bin:/usr/games

[22677] dbg: util: executable for pyzor was found at /usr/bin/pyzor
[22677] dbg: pyzor: pyzor is available: /usr/bin/pyzor
[22677] dbg: info: entering helper-app run mode
[22677] dbg: pyzor: opening pipe: /usr/bin/pyzor  check  
/tmp/.spamassassin22677e7FBSStmp

[22731] dbg: util: setuid: ruid=89 euid=89
[22677] dbg: pyzor: [22731] finished:  exit=0x0100
[22677] dbg: pyzor: got response: 66.250.40.33:24441_(200, 'OK')_0_0
[22677] dbg: info: leaving helper-app run mode


SA's log just keeps barfing out internal errors, and Pyzor is still not 
actually detecting anything.



Although I know of another cause (besides the one that I fixed in -6)
that could cause an internal error. Per [1] it seems that an error
(this is with -D --lint) such as

[26906] dbg: pyzor: got response: Traceback (most recent call
last):\n   File /usr/bin/pyzor, line 4, in ?\n
pyzor.client.run()\n  File
/usr/lib/python2.4/site-packages/pyzor/client.py, line 934, in
run\nExecCall().run()\n  File
/usr/lib/python2.4/site-packages/pyzor/client.py, line 169, in
run\nos.mkdir(homedir)\nOSError: [Errno 20] Not a directory:
'/dev/null/.pyzor'
[26906] dbg: info: leaving helper-app run mode
[26906] warn: pyzor: check failed: internal error

could happen.  I'm not convinced that this is a pyzor flaw as it has
to do with pyzor not getting a valid home directory, which, to store
servers and configs, it pretty much needs.  If this is the case, I
think that you should run SA under a user that has a home directory,
though I could be convinced otherwise.

Anyways, this is all mute if the home directory issue is not really
your problem.  If you could get back to me with a debug log or some
more information that would be most helpful.


AFAIK Pyzor should have a home directory (the user running Pyzor 
certainly has, anyway), and this error doesn't seem similar to what I'm 
seeing in my lint.


FWIW it seems the last spam mails I have that were actually detected by 
Pyzor are from 2004-11-12, so if there was any new version released 
around that day or something..



Running Pyzor directly also gives the same result:

$ pyzor check  
1147130486.M705139P28083V0807I010E3C8B_0.betty\,S\=37225\:2\,S

66.250.40.33:24441  TimeoutError:

And again a few seconds later:

$ pyzor check  
1147130486.M705139P28083V0807I010E3C8B_0.betty\,S\=37225\:2\,S

66.250.40.33:24441  (200, 'OK') 0   0

All other Pyzor commands (ping, discover etc.) seem to work fine.

Any clues would be appreciated, and if there's anything more you want 
me to check, I'll try to take slightly less time than I did now. :)


Thanks!


--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  Systems Administrator www.yitzhaq.net
  GSM +47 922 000 12   www.countzero.no
 -==-  -=-  -==-

Bug#355784: pure-ftpd: fchmod(2) failure causes two close(2) calls on the same fd

[Christer Mjellem Strand]

Hi,


Since upstream still hasn't applied it after 1.5 years, please
consider applying this patch to the Debian package.


  It was one of the first fixes that were applied for version 1.0.21.
Stefan has cooked Debian packages for 1.0.21, I don't know
whether they were accepted yet, but the fix is already there :)


Oh, great! I haven't upgraded yet, so I was just going by the changelog 
(where it seems it was left out?) and the SF patch remaining open.


Sorry about the confusion, guess this bug can be closed then.

Thanks!

--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  Systems Administrator www.yitzhaq.net
  GSM +47 922 000 12   www.countzero.no
 -==-  -=-  -==-


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#355784: pure-ftpd: fchmod(2) failure causes two close(2) calls on the same fd

[Christer Mjellem Strand]

Package: pure-ftpd
Severity: important

Since upstream still hasn't applied it after 1.5 years, please consider
applying this patch to the Debian package.
Currently failed chmods are reported as Bad file descriptor' instead of i.e.
'Operation not permitted'.

See
http://sf.net/tracker/index.php?func=detailaid=987667group_id=18317atid=318317
for more info + patch.

Thanks.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.14-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#335424: pyzor: Issue still present

[Christer Mjellem Strand]

Package: pyzor
Version: 1:0.4.0+cvs20030201-6
Followup-For: Bug #335424

I'm still getting the same error messages even after upgrading:

Wed Jan 25 12:48:57 2006 [1420] info: spamd: processing message [EMAIL 
PROTECTED] for [EMAIL PROTECTED]:8
9
Wed Jan 25 12:48:58 2006 [1420] error: internal error
Wed Jan 25 12:48:58 2006 [1420] warn: pyzor: check failed: internal error
Wed Jan 25 12:48:58 2006 [740] error: internal error
Wed Jan 25 12:48:58 2006 [740] warn: pyzor: check failed: internal error
Wed Jan 25 12:48:58 2006 [1420] info: spamd: identified spam (19.2/6.0) for 
[EMAIL PROTECTED]:89 in 1.3 seconds, 1817 bytes.
Wed Jan 25 12:48:58 2006 [1420] info: spamd: result: Y 19 - 
BAYES_99,DATE_IN_PAST_03_06,EXTRA_MPART_TYPE,HELO_DYNAMIC_DHCP,HELO_DYNA
MIC_IPADDR,HTML_90_100,HTML_IMAGE_ONLY_08,HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_SORBS_DUL
 scantime=1.3,size=1817,user=x@
x,uid=89,required_score=6.0,rhost=localhost,raddr=127.0.0.1,rport=/var/run/spamd.ctl,mid=000d01c621a5$51390690$de4b1d18@
DCTB1361,bayes=0.99989792983,autolearn=spam


 - y

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.14-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages pyzor depends on:
ii  python2.3.5-3An interactive high-level object-o
ii  python-gdbm   2.3.5-3GNU dbm database support for Pytho

pyzor recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#347838: dovecot-imapd: Compiling with Vpopmail support

[Christer Mjellem Strand]

Package: dovecot-imapd
Version: 1.0.alpha5-1
Severity: wishlist

Please consider building with Vpopmail support (--with-vpopmail)

Thanks.

  - y

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.14-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages dovecot-imapd depends on:
ii  dovecot-common  1.0.alpha5-1 secure mail server that supports m
ii  libc6   2.3.5-8  GNU C Library: Shared libraries an
ii  libssl0.9.8 0.9.8a-5 SSL shared libraries

dovecot-imapd recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#341991: phpbb2-conf-mysql: Gziped SQL schemas are expected, but they're not gziped

[Christer Mjellem Strand]

 After the SQL schemas were moved away from the doc dir, an upgrade
 results in the following error message:

 zcat: /usr/share/phpbb2/schemas/mysql_schema.sql.gz: No such file
 or directory

 indicating that the schemas are expected to be gziped. The ones
 that come with the phpBB2 package are, however, not.

 [EMAIL PROTECTED]:~$ ls /usr/share/phpbb2/schemas/
 ms_access_primer.zip  mssql_schema.sql  mysql_schema.sql
 postgres_schema.sql mssql_basic.sql   mysql_basic.sql
 postgres_basic.sql

Thanks for the report. You are right; we'll look into fixing this as
soon as possible.


I'll upload a fix tomorrow, and will deal with Sarge too then.


Great, thanks for dealing with this so quickly.

--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  Systems Administrator www.yitzhaq.net
  GSM +47 922 000 12   www.countzero.no
 -==-  -=-  -==-



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#341991: phpbb2-conf-mysql: Gziped SQL schemas are expected, but they're not gziped

[Christer Mjellem Strand]

Package: phpbb2-conf-mysql
Version: 2.0.18-1
Severity: important

After the SQL schemas were moved away from the doc dir, an upgrade results in 
the following error message:

zcat: /usr/share/phpbb2/schemas/mysql_schema.sql.gz: No such file or directory

indicating that the schemas are expected to be gziped. The ones that come with 
the phpBB2 package are, however, not.

[EMAIL PROTECTED]:~$ ls /usr/share/phpbb2/schemas/
ms_access_primer.zip  mssql_schema.sql  mysql_schema.sqlpostgres_schema.sql
mssql_basic.sql   mysql_basic.sql   postgres_basic.sql

  - y

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.11-1-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages phpbb2-conf-mysql depends on:
ii  debconf [debconf-2.0] 1.4.59 Debian configuration management sy
ii  makepasswd1.10-3 Generate and encrypt passwords
ii  mysql-client-5.0 [mysql-clien 5.0.13rc-1 mysql database client binaries
ii  php5-mysql5.0.5-3MySQL module for php5
ii  phpbb22.0.18-1   A fully featured and skinnable fla
ii  ucf   2.003  Update Configuration File: preserv
ii  wwwconfig-common  0.0.44 Debian web auto configuration

Versions of packages phpbb2-conf-mysql recommends:
ii  mysql-server-5.0 [mysql-serve 5.0.13rc-1 mysql database server binaries

-- debconf information:
  phpbb2-conf-mysql/nodbpurge:
  phpbb2-conf-mysql/db_created: true
  phpbb2-conf-mysql/db_version: 2.0.18-1
  phpbb2-conf-mysql/redodb: false
  phpbb2-conf-mysql/dbfailcreatetables:
  phpbb2-conf-mysql/dbfailcreate:
  phpbb2-conf-mysql/dbfailcreateuser:
* phpbb2-conf-mysql/dbserver: localhost
* phpbb2-conf-mysql/dbsetup: Populate
* phpbb2-conf-mysql/dbname: hbob
* phpbb2-conf-mysql/dbuser: hbob


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#340653: wordpress: Admin interface redirects to incorrect subdomain

[Christer Mjellem Strand]

Hi,


Picture the following setup in /etc/wordpress:
config-foo.debian.org.php config-bar.debian.org.php
If you go to http://foo.debian.org/wp-admin (which is the URL
mentioned in the initial mail with admin pw), it will redirect to the
first alphabetical subdomain that has a config file in
/etc/wordpress, in this case bar.debian.org
http://foo.debian.org/wp-admin will therefore redirect you to
http://bar.debian.org/wp-login.php?redirect_to=%2Fwp-admin%2F


That's strange. It should pick the configuration by:

debian$ egrep HOST /etc/wordpress/wp-config.php
require_once('/etc/wordpress/config-'.strtolower($_SERVER['HTTP_HOST'
]).'.php');

Your HOST_NAME.

Come Monday, you could email me directly more detailed configuration
to look at.


Seems I was a little hasty in my conclusion, it turns out this wasn't 
caused by the alphabet, but by me having one ServerName and two 
ServerAlias-es in my Vhost entry in httpd.conf. The ServerName just so 
happened to be the first one alphabetically.


I still feel this is a bug, though. The blogs otherwise seem to work 
just fine with this setup, the only exception I have come across so far 
is the redirect.


In other words, I have a Vhost with these entries:

DocumentRoot /usr/share/wordpress
ServerName bar.debian.org
ServerAlias foo.debian.org
ServerAlias xyz.debian.org

Whatever I put as ServerName is what wp-admin/index.php will redirect 
to.



Have a good weekend


You too, thanks!

--
 -==-  -=-  -==-
  Christer Mjellem Strand   yitzhaq
  Systems Administrator www.yitzhaq.net
  GSM +47 922 000 12   www.countzero.no
 -==-  -=-  -==-


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#340653: wordpress: Admin interface redirects to incorrect subdomain

[Christer Mjellem Strand]

Package: wordpress
Version: 1.5.2-2
Severity: normal

I don't know for sure whether this is an upstream bug or simply has to do with 
Debian's way of handling multiple blogs within the same domain, but with 
different subdomains.

Picture the following setup in /etc/wordpress:

config-foo.debian.org.php
config-bar.debian.org.php

If you go to http://foo.debian.org/wp-admin (which is the URL mentioned in the 
initial mail with admin pw), it will redirect to the first alphabetical 
subdomain that has a config file in /etc/wordpress, in this case bar.debian.org
http://foo.debian.org/wp-admin will therefore redirect you to 
http://bar.debian.org/wp-login.php?redirect_to=%2Fwp-admin%2F


  - C

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.11-1-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages wordpress depends on:
ii  apache [httpd]1.3.34-1   versatile, high-performance HTTP s
ii  mysql-client-5.0 [virtual-mys 5.0.13rc-1 mysql database client binaries
ii  php5  5.0.5-3server-side, HTML-embedded scripti
ii  php5-mysql5.0.5-3MySQL module for php5

wordpress recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#296037: RFP: magic-smtpd -- magic-smtpd is a drop in replacement for qmail-smtpd, and supports valid user checking to reduce server loads as well as many different rule checks.

[Christer Mjellem Strand]

Package: wnpp
Severity: wishlist


* Package name: magic-smtpd
  Version : 0.8.3-rc2
  Upstream Author : LinuxMagic Inc. [EMAIL PROTECTED]
* URL : http://www.linuxmagic.com/opensource/magicmail/magic-smtpd/
* License : LinuxMagic FreeSouce License
  Description : magic-smtpd is a drop in replacement for qmail-smtpd, and 
supports valid user checking to reduce server loads as well as many different 
rule checks.

magic-smtpd is a drop in replacement for Dan Bernsteins qmail-smtpd, and was 
originally designed to be part of the 
LinuxMagic Magic Mail Server. This opensource version has been released to 
allow others to benifit from it's anti-spam 
components, and valid user checking to reduce server loads, and spam volumes. 
It is designed to support stock qmail 
installations, qmail/vpopmail installations, as well as having database 
support. Designed for ISP service, this will work 
for all mail servers large and small.

The 'magic-smtpd' daemon comes complete with the following features. 

* Drop in replacement for qmail-smtpd
* Support for stock qmail installations, qmail/vpopmail installations, and 
database installations.
* Valid User Checking
* Anti-Spam and Virus checks can be enabled at the user or email level. (ISP's 
like that as they can charge extra for the 
service)
* Ability to Set Various Tarpitting Rate Limits on SMPTD connections (Stops 
those spammers who try to send to a million 
addresses on your server)
* Simple Rule Based system, designed to work with any system, and provide 
simple integration into Web Based User Defined 
Rule Systems, so that users can set their own policies
* Support for global Rule Sets as well
* Ability to set sane defaults easily
* Support for the BMS153; Blacklist Mastering System 
* Support for TLS, SMTPD AUTH, Valid User Checking, SMTPD Spam Protection 

Some low level rule checks you can set are: 

* By reverse name lookups 
* By double DNS verification 
* By forcing MAILFROM 
* By validating MAILFROM 
* By validating connection IP 
* By Blacklists 
* By WhiteLists 
* By Domain Extension requirements 
* By country of Connecting IP 
* By country of MAILFROM 
* By syntax 
* By checking HELO signatures 
* By Language

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.23-1-686
Locale: LANG=C, LC_CTYPE=C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]