Bug#907314: unbound: exception in python module due to the dnameAsStr() function
Hello, I'm having the same issue. Building the upstream version (which I guess doesn't try to shoehorn python3 support) works. F.
Bug#903934: regression: 3.16.57-2 fails to boot libvirt guests on Xeon E3-1225
On Tue, 2018-07-17 at 01:00 +0100, Ben Hutchings wrote: > Do you have the current intel-microcode installed on the VM host? > (This shouldn't happen in either case, but it may help to track down > the bug. I originally tested on a desktop Sandy Bridge system with > the updated microcode installed.) > > Ben. I thought the same, and it fails with both microcode revisions 0x12 and 0x1f (2018-02-07) which is the latest even in the latest 2018-07-03 release from intel.
Bug#903934: regression: 3.16.57-2 fails to boot libvirt guests on Xeon E3-1225
Package: src:linux Version: 3.16.57-2 Severity: important After upgrading linux-image-3.16.0-6-amd64 (3.16.57-2) over (3.16.56- 1+deb8u1) on a VM host and its guests, the guests were not able to boot-up any more (see Guest Kernel Log below). I found a workaround which is to change the cpu of the host from to SandyBridge ** Guest Kernel log: [0.00] Initializing cgroup subsys cpuset [0.00] Initializing cgroup subsys cpu [0.00] Initializing cgroup subsys cpuacct [0.00] Linux version 3.16.0-6-amd64 (debian-kernel@lists.debian .org) (gcc version 4.9.2 (Debian 4.9.2-10+deb8u1) ) #1 SMP Debian 3.16.57-2 (2018-07-14) [0.00] Command line: BOOT_IMAGE=/boot/vmlinuz-3.16.0-6-amd64 root=UUID=2d9bd07f-0c61-48eb-bddf-d90d8e48c95d ro console=ttyS0,115200 [0.00] e820: BIOS-provided physical RAM map: [0.00] BIOS-e820: [mem 0x-0x0009fbff] usable [0.00] BIOS-e820: [mem 0x0009fc00-0x0009] reserved [0.00] BIOS-e820: [mem 0x000f-0x000f] reserved [0.00] BIOS-e820: [mem 0x0010-0xbffdefff] usable [0.00] BIOS-e820: [mem 0xbffdf000-0xbfff] reserved [0.00] BIOS-e820: [mem 0xfeffc000-0xfeff] reserved [0.00] BIOS-e820: [mem 0xfffc-0x] reserved [0.00] BIOS-e820: [mem 0x0001-0x00023fff] usable [0.00] NX (Execute Disable) protection: active [0.00] SMBIOS 2.8 present. [0.00] Hypervisor detected: KVM [0.00] AGP: No AGP bridge found [0.00] e820: last_pfn = 0x24 max_arch_pfn = 0x4 [0.00] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106 [0.00] e820: last_pfn = 0xbffdf max_arch_pfn = 0x4 [0.00] found SMP MP-table at [mem 0x000f0e40-0x000f0e4f] mapped at [880f0e40] [0.00] init_memory_mapping: [mem 0x-0x000f] [0.00] init_memory_mapping: [mem 0x23fe0-0x23fff] [0.00] init_memory_mapping: [mem 0x23c00-0x23fdf] [0.00] init_memory_mapping: [mem 0x2-0x23bff] [0.00] init_memory_mapping: [mem 0x0010-0xbffdefff] [0.00] init_memory_mapping: [mem 0x1-0x1] [0.00] RAMDISK: [mem 0x36158000-0x370a3fff] [0.00] ACPI: Early table checksum verification disabled [0.00] ACPI: RSDP 0x000F0DF0 14 (v00 BOCHS ) [0.00] ACPI: RSDT 0xBFFE16B1 30 (v01 BOCHS BXPCRSDT 0001 BXPC 0001) [0.00] ACPI: FACP 0xBFFE08B7 74 (v01 BOCHS BXPCFACP 0001 BXPC 0001) [0.00] ACPI: DSDT 0xBFFDFDC0 000AF7 (v01 BOCHS BXPCDSDT 0001 BXPC 0001) [0.00] ACPI: FACS 0xBFFDFD80 40 [0.00] ACPI: SSDT 0xBFFE092B 000CF6 (v01 BOCHS BXPCSSDT 0001 BXPC 0001) [0.00] ACPI: APIC 0xBFFE1621 90 (v01 BOCHS BXPCAPIC 0001 BXPC 0001) [0.00] No NUMA configuration found [0.00] Faking a node at [mem 0x- 0x00023fff] [0.00] Initmem setup node 0 [mem 0x-0x23fff] [0.00] NODE_DATA [mem 0x23fff6000-0x23fffafff] [0.00] kvm-clock: Using msrs 4b564d01 and 4b564d00 [0.00] kvm-clock: cpu 0, msr 2:3ffee001, primary cpu clock [0.00] Zone ranges: [0.00] DMA [mem 0x1000-0x00ff] [0.00] DMA32[mem 0x0100-0x] [0.00] Normal [mem 0x1-0x23fff] [0.00] Movable zone start for each node [0.00] Early memory node ranges [0.00] node 0: [mem 0x1000-0x0009efff] [0.00] node 0: [mem 0x0010-0xbffdefff] [0.00] node 0: [mem 0x1-0x23fff] [0.00] ACPI: PM-Timer IO Port: 0x608 [0.00] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled) [0.00] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x01] enabled) [0.00] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x02] enabled) [0.00] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] enabled) [0.00] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) [0.00] ACPI: IOAPIC (id[0x00] address[0xfec0] gsi_base[0]) [0.00] IOAPIC[0]: apic_id 0, version 17, address 0xfec0, GSI 0-23 [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) [0.00] Using ACPI (MADT) for SMP configuration information [0.00] smpboot: Allowing 4 CPUs, 0 hotplug CPUs [0.00] PM: Registered nosave memory: [mem 0x0009f000- 0x0009] [
Bug#758660: libpam-myslq 0.7~RC1-4+b3 still affected
Hello, I confirm this is still an issue with the latest stable and really a pain in the butt just to find what the issue is! F.
Bug#782251: python-boto: S3 upload using sigv4 crash
Hi Eric, Thanks for your reply. Not all package maintainers are as understanding as you are when it comes to bug severity, it's a subject that is easy to get into an argument about! I think it should be fixed in Jessie eventually and it seems common enough a use case that some people will hit the bug on day one. Now, is it worth delaying the release of Jessie for that? I lean toward 'no' as there are two possible workarounds (disabling multipart and installing it via pip). But it still severely affects the usability of the package. Best regards, François. On 19 April 2015 04:25:35 BST, Eric Evans eev...@sym-link.com wrote: severity 782251 important tag 782251 -patch thanks [ Francois Guerraz ] Package: python-boto Version: 2.34.0-2 Severity: normal Tags: patch upstream Using boto as a backend for duplicity with multipart upload in the Frankfurt region result in crash: TypeError: argument of type 'int' is not iterable I believe this bug was reported and fixed upstream: https://github.com/boto/boto/issues/2731 Hi Francois, Thanks for the report; I try to keep an out for upstream bug reports that effect the package, but I clearly missed this one. For posterity sake, the canonical upstream bug report seems to be: https://github.com/boto/boto/pull/2744. I think this more serious than severity 'normal', the question is: is it 'important', or 'serious' (serious would make it release-critical)? It's not entirely clear to me what it takes to exercise this code (the assignment of the integer in boto/connection.py), but I assume it's uncommon enough that 'serious' isn't warranted. Let me know if you disagree. In this meantime, I'll put together a new upstream release for upload to experimental, at least. Regards, -- Eric Evans eev...@sym-link.com -- Sent from Kaiten Mail. Please excuse my brevity.
Bug#379810: Memory leak still present in 2.1.23.dfsg1-7
Hi, I can confirm that this bug is still present in 2.1.23.dfsg1-7 using libpam and can leak GBs of RAM very quickly when in production. Disabling threading fixes the leak but causes other problems... Is there any way I could provide useful information to help squashing this bug? Cheers, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Policy violation
On 25 Sep 2011, at 20:06, Philipp Kern pk...@debian.org wrote: You can actually recompile them to ship with your own certs. But you cannot quote non-existent configuration files not being in /etc as a reason for a policy violation and hence upgrade it to serious, sorry. Kind regards Philipp Kern Ok, so there's probably not such a thing as a bug in an open source software, because you can just fix it and compile it yourself. I know that's it's a question of opinion and that it's probably never going to be fixed, but I strongly disagree with you: this is a big issue. It's not Debian's fault, I know that, but if you want Debian to be consistant, you can't have certificates bundles everywhere in the system, the recent Diginotar issue proves it again : you guys had to upload a shitload of packages just to remove one single CA, sometimes with several days of interval. I find it ridiculous, unsafe and messy. In my opinion it should be adressed and would definitely make Debian a better system. I acknowledge you are really making a good job with Debian, so I don't mean to be rude... Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: bug still here in Squeeze
Severity: severe Hi, This bug is still here in Squeeze and is now even more annoying. Now that murmurd checks for it's own cert validity, it refuses to accept any connexion if the certificate is not signed by an authority contained in the CA bundle embedded in /usr/lib/libQtNetwork.so.4 So this bug makes some packages unusable for me (unless I pay for certificate to a Nokia-trusted CA, or trust a free CA that I don't want to trust). It's clearly taking away some freedom. This bug is now severe for me. Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Policy violation
I think that this package is in violation of Debian policy : http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files The data contained in /usr/lib/libQtNetwork.so.4 affects the operation of a program, or provides site- or host-specific information, or otherwise customizes the behavior of a program. and therefore this data should reside in /etc Of course, I keep believing that ssl certs in /etc/ss/ should be used instead of that bundle. Kind Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603015: xserver-xorg-video-intel: [G33] Crash (SEGV) when switching to 3D board in Fritz 12 under wine
On Wed, 10 Nov 2010 16:59:25 +0100, Julien Cristau jcris...@debian.org wrote: Please try the attached patch against lenny's xorg-server. Hello, The patch fixes the problem. Many thanks. Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603015: xserver-xorg-video-intel: [G33] Crash (SEGV) when switching to 3D board in Fritz 12 under wine
Package: xserver-xorg-video-intel
Version: 2:2.3.2-2+lenny8
Severity: important
The bug is always reproductible : install Fritz 12 under Lenny's wine, then
launch the app and switch to 3D board. It is not supposed to work under wine
yet but it's not
supposed to make X crash.
Here is a backtrace :
#0 0x0035a7c31ed5 in raise () from /lib/libc.so.6
(gdb) bt full
#0 0x0035a7c31ed5 in raise () from /lib/libc.so.6
No symbol table info available.
#1 0x0035a7c333f3 in abort () from /lib/libc.so.6
No symbol table info available.
#2 0x0046a3a9 in ddxGiveUp () at
../../../../hw/xfree86/common/xf86Init.c:1073
i = value optimized out
#3 0x0057bfc8 in AbortServer () at ../../os/log.c:406
No locals.
#4 0x0057c635 in FatalError (f=0x586dc0 Caught signal %d. Server
aborting\n) at ../../os/log.c:552
args = {{gp_offset = 16, fp_offset = 48, overflow_arg_area =
0x7fff97511ff0, reg_save_area = 0x7fff97511f30}}
beenhere = 1
#5 0x00486e80 in xf86SigHandler (signo=11) at
../../../../hw/xfree86/common/xf86Events.c:766
No locals.
#6 signal handler called
No symbol table info available.
#7 GetDrawableOrPixmap (glxc=0x0, drawId=37748747, ppGlxDraw=0x7fff975125c0,
ppPixmap=0x7fff975125b8, client=0xe1ff20) at ../../../GL/glx/glxcmds.c:475
vid = 35
pDraw = (DrawablePtr) 0xd7b760
modes = value optimized out
pGlxDraw = value optimized out
drawPixmap = value optimized out
rc = value optimized out
#8 0x7fd48e4b771e in __glXDisp_SwapBuffers (cl=0x154bad0, pc=value
optimized out) at ../../../GL/glx/glxcmds.c:1506
client = (ClientPtr) 0xe1ff20
tag = 0
drawId = 37748747
glxc = (__GLXcontext *) 0x0
pGlxDraw = value optimized out
pPixmap = (__GLXpixmap *) 0xe1ff20
error = value optimized out
#9 0x7fd48e4ba8a5 in __glXDispatch (client=0xe1ff20) at
../../../GL/glx/glxext.c:561
stuff = (xGLXSingleReq *) 0x332aa10
opcode = value optimized out
cl = (__GLXclientState *) 0x154bad0
retval = 1
#10 0x0044f7e2 in Dispatch () at ../../dix/dispatch.c:502
result = value optimized out
client = (ClientPtr) 0xe1ff20
nready = 0
start_tick = 260
#11 0x00436bd5 in main (argc=9, argv=0x7fff97512be8, envp=value
optimized out) at ../../dix/main.c:452
i = 1
error = 0
xauthfile = value optimized out
alwaysCheckForInput = {0, 1}
-- Package-specific info:
Contents of /var/lib/x11/X.roster:
xserver-xorg
/var/lib/x11/X.md5sum does not exist.
X server symlink status:
lrwxrwxrwx 1 root root 13 fév 23 2010 /etc/X11/X - /usr/bin/Xorg
-rwxr-xr-x 1 root root 1959592 jun 11 2009 /usr/bin/Xorg
Contents of /var/lib/x11/xorg.conf.roster:
xserver-xorg
VGA-compatible devices on PCI bus:
00:02.0 VGA compatible controller: Intel Corporation 82G33/G31 Express
Integrated Graphics Controller (rev 10)
/etc/X11/xorg.conf does not match checksum in /var/lib/x11/xorg.conf.md5sum.
Xorg X server configuration file status:
-rw-r--r-- 1 root root 1136 nov 8 18:50 /etc/X11/xorg.conf
Contents of /etc/X11/xorg.conf:
# xorg.conf (X.Org X Window System server configuration file)
#
# This file was generated by dexconf, the Debian X Configuration tool, using
# values from the debconf database.
#
# Edit this file with caution, and see the xorg.conf manual page.
# (Type man xorg.conf at the shell prompt.)
#
# This file is automatically updated on xserver-xorg package upgrades *only*
# if it has not been modified since the last upgrade of the xserver-xorg
# package.
#
# If you have edited this file but would like it to be automatically updated
# again, run the following command:
# sudo dpkg-reconfigure -phigh xserver-xorg
Section InputDevice
Identifier Generic Keyboard
Driver kbd
Option XkbRules xorg
Option XkbModel pc105
Option XkbLayout fr
Option XkbVariantlatin9
EndSection
Section InputDevice
Identifier Configured Mouse
Driver mouse
EndSection
Section Device
Identifier Configured Video Device
EndSection
Section Monitor
Identifier Configured Monitor
EndSection
Section Screen
Identifier Default Screen
Monitor Configured Monitor
EndSection
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages xserver-xorg-video-intel depends on:
ii libc6 2.7-18lenny6 GNU C Library: Shared libraries
ii libdrm22.3.1-2 Userspace interface to kernel DRM
ii xserver-xorg-core 2:1.4.2-10.lenny2 Xorg X
Bug#602683: xserver-xorg-video-intel: Random crashes with Error in I830WaitLpRing()
On Mon, 8 Nov 2010 11:38:05 +0100, Julien Cristau jcris...@debian.org wrote: Does Option AccelMethod xaa or Option EXANoComposite on avoid the crash? As the bug appears randomly, it may take some time to tell and I we'll not be 100% sure. But I'll test it. Thanks. François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602683: xserver-xorg-video-intel: Random crashes with Error in I830WaitLpRing()
Package: xserver-xorg-video-intel
Version: 2:2.3.2-2+lenny8
Severity: important
When using some 2D or 3D capacities (for example with games as simple as in
GCompris), X crashes sometimes.
Here is a backtrace of the crash :
#0 0x003e31231ed5 in raise () from /lib/libc.so.6
No symbol table info available.
#1 0x003e312333f3 in abort () from /lib/libc.so.6
No symbol table info available.
#2 0x0057c64d in FatalError (f=0x7f72e76498c4 lockup\n) at
../../os/log.c:554
args = {{gp_offset = 8, fp_offset = 48, overflow_arg_area =
0x7fff674d6e40, reg_save_area = 0x7fff674d6d80}}
beenhere = 1
#3 0x7f72e76110f9 in I830WaitLpRing (pScrn=0x13bca40, n=131064,
timeout_millis=0) at ../../src/i830_accel.c:150
pI830 = (I830Ptr) 0x13bf100
ring = (I830RingBuffer *) 0x7f7d00
iters = 11723754
start = 237207775
now = value optimized out
last_head = 112460
#4 0x7f72e761150b in I830Sync (pScrn=0x13bca40) at ../../src/i830.h:863
pI830 = (I830Ptr) 0x13bf100
flags = 33554449
__FUNCTION__ = I830Sync
#5 0x7f72e761e250 in i830_stop_ring (pScrn=0x13bca40, flush=value
optimized out) at ../../src/i830_driver.c:1900
No locals.
#6 0x7f72e761e39d in I830LeaveVT (scrnIndex=value optimized out,
flags=value optimized out) at ../../src/i830_driver.c:3321
pScrn = (ScrnInfoPtr) 0x13bca40
pI830 = (I830Ptr) 0x13bf100
o = 2
#7 0x0046a445 in AbortDDX () at
../../../../hw/xfree86/common/xf86Init.c:1112
i = 1
#8 0x0057bfc8 in AbortServer () at ../../os/log.c:406
No locals.
#9 0x0057c635 in FatalError (f=0x7f72e76498c4 lockup\n) at
../../os/log.c:552
args = {{gp_offset = 8, fp_offset = 48, overflow_arg_area =
0x7fff674d7020, reg_save_area = 0x7fff674d6f60}}
beenhere = 1
#10 0x7f72e76110f9 in I830WaitLpRing (pScrn=0x13bca40, n=131064,
timeout_millis=0) at ../../src/i830_accel.c:150
pI830 = (I830Ptr) 0x13bf100
ring = (I830RingBuffer *) 0x7f7d00
iters = 11097700
start = 237205507
now = value optimized out
last_head = 112460
#11 0x7f72e761150b in I830Sync (pScrn=0x13bca40) at ../../src/i830.h:863
pI830 = (I830Ptr) 0x13bf100
flags = 33554449
__FUNCTION__ = I830Sync
#12 0x7f72e66bf98e in exaWaitSync (pScreen=0xd48) at ../../exa/exa.c:806
pExaScr = (ExaScreenPrivPtr) 0x13f5400
#13 0x7f72e66c0331 in exaPrepareAccess (pDrawable=0x2442a20, index=1) at
../../exa/exa.c:352
pPixmap = (PixmapPtr) 0x2442a20
#14 0x7f72e66c393d in exaCopyDirtyToSys (pPixmap=0x2442a20) at
../../exa/exa_migration.c:155
pExaScr = (ExaScreenPrivPtr) 0x13f5400
pExaPixmap = (ExaPixmapPrivPtr) 0x2442a80
pRegion = (RegionPtr) 0x2442b20
save_pitch = 64
pBox = (BoxPtr) 0x2442b20
nbox = 0
do_sync = 0
#15 0x7f72e66c39c8 in exaMoveOutPixmap (pPixmap=0x2442a20) at
../../exa/exa_migration.c:376
pExaPixmap = (ExaPixmapPrivPtr) 0x2442a80
#16 0x7f72e66c4531 in exaDoMigration (pixmaps=0x7fff674d7220, npixmaps=1,
can_accel=0) at ../../exa/exa_migration.c:620
pExaScr = (ExaScreenPrivPtr) 0x13f5400
i = 1
j = value optimized out
__func__ = exaDoMigration
#17 0x7f72e66c1ecd in exaGetImage (pDrawable=0x2442a20, x=0, y=0, w=16,
h=1, format=2, planeMask=4294967295, d=0x7f72d05e9000 )
at ../../exa/exa_accel.c:1360
pExaScr = (ExaScreenPrivPtr) 0x13f5400
pixmaps = {{as_dst = 0, as_src = 1, pPix = 0x2442a20}}
pPix = value optimized out
xoff = 32626
yoff = -426988984
ok = value optimized out
#18 0x004dd212 in miBSGetImage (pDrawable=0x2442a20, sx=0, sy=0, w=16,
h=1, format=2, planemask=4294967295, pdstLine=0x7f72d05e9000 )
at ../../mi/mibstore.c:609
pScreen = (ScreenPtr) 0x13ee480
bounds = {x1 = 0, y1 = 0, x2 = 0, y2 = 0}
depth = 0 '\0'
#19 0x004ef963 in miSpriteGetImage (pDrawable=0x2442a20, sx=0, sy=8,
w=16, h=1, format=2, planemask=4294967295, pdstLine=0x7f72d05e9000 )
at ../../mi/misprite.c:299
pScreen = (ScreenPtr) 0x13ee480
#20 0x00505d68 in ProcShmGetImage (client=0x1e65260) at
../../Xext/shm.c:1003
pDraw = (DrawablePtr) 0x2442a20
lenPer = 0
length = value optimized out
plane = 0
xgi = {type = 1 '\001', depth = 32 ' ', sequenceNumber = 43513, length
= 0, visual = 0, size = 64, pad0 = 21007712, pad1 = 0, pad2 = 1733129336,
pad3 = 32767}
shmdesc = value optimized out
rc = value optimized out
#21 0x00506468 in ProcShmDispatch (client=0x1e65260) at
../../Xext/shm.c:1158
No locals.
#22 0x0044f7e2 in Dispatch () at ../../dix/dispatch.c:502
result = value optimized out
client = (ClientPtr) 0x1e65260
nready = 0
start_tick = 4100
#23 0x00436bd5 in main (argc=9,
Bug#568082: wrong exit code
Package: lftp Version: 3.7.3-1 Severity: normal Tags: patch -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages lftp depends on: ii libc6 2.7-18lenny2 GNU C Library: Shared libraries ii libexpat1 2.0.1-4+lenny3XML parsing C library - runtime li ii libgcc11:4.3.2-1.1 GCC support library ii libgcrypt111.4.1-1 LGPL Crypto library - runtime libr ii libgnutls262.4.2-6+lenny2the GNU TLS library - runtime libr ii libgpg-error0 1.4-2 library for common error values an ii libncurses55.7+20081213-1shared libraries for terminal hand ii libreadline5 5.2-3.1 GNU readline and history libraries ii libtasn1-3 1.4-1 Manage ASN.1 structures (runtime) ii netbase4.34 Basic TCP/IP networking system ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime lftp recommends no packages. lftp suggests no packages. -- no debconf information Hi, When an upload / download fails, lftp exits with SUCCESS (0) which makes lftp unusable for automation / scripting. The problem was also described here http://www.mail-archive.com/l...@uniyar.ac.ru/msg03613.html A patch was proposed and included in a later version, see : http://www.mail-archive.com/l...@uniyar.ac.ru/msg03613.html Could you please backport this path to the current stable debian version of lftp ? Best regards, François -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534712: apache2.2-common: DOS possible with mod_deflate
Package: apache2.2-common
Version: 2.2.9-10+lenny3
Severity: normal
Tags: patch security
There is a bug in mod_deflate that can lead to a DOS with a very small
network traffic.
The problem is the following : when downloading a file with mod_deflate
enabled and aborting the connexion before the end, mod_deflate will take
100% of a CPU and finish to compress the file for nothing.
Even with a not-so-big file (a few dozen of MB), it is possible to
lock apache by opening simultaneous request on this file and abort the
connexion very soon, as the
file will be compressed multiple times in parallel, it will make
compression times grow and keep the threads busy for a while.
The problem arises because mod_deflate doesn't check if the connexion is
aborted and goes on whatever happen.
The following patch fixes the problem, but at reading the code, I guess
that the inflate function is also impacted.
Best regards,
François
--- mod_deflate.c 2008-01-04 15:23:50.0 +0100
+++ mod_deflate.c.new 2009-06-26 16:50:36.0 +0200
@@ -691,6 +691,10 @@
continue;
}
+ if (r-connection-aborted) {
+return APR_ECONNABORTED;
+}
+
/* read */
apr_bucket_read(e, data, len, APR_BLOCK_READ);
-- Package-specific info:
List of enabled modules from 'apache2 -M':
alias auth_basic authn_file authz_default authz_groupfile
authz_host authz_user autoindex cgi deflate dir env expires headers
mime negotiation perl php5 python setenvif status userdir
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages apache2.2-common depends on:
ii apache2-utils 2.2.9-10+lenny3 utility programs for webservers
ii libapr1 1.2.12-5 The Apache Portable Runtime
Librar
ii libaprutil1 1.2.12+dfsg-8+lenny2 The Apache Portable Runtime
Utilit
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libmagic1 4.26-1 File type determination
library us
ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries
ii lsb-base3.2-20 Linux Standard Base 3.2
init scrip
ii mime-support3.44-1 MIME files 'mime.types'
'mailcap
ii net-tools 1.60-22 The NET-3 networking toolkit
ii perl5.10.0-19Larry Wall's Practical
Extraction
ii procps 1:3.2.7-11 /proc file system utilities
ii zlib1g 1:1.2.3.3.dfsg-12compression library - runtime
Versions of packages apache2.2-common recommends:
ii ssl-cert 1.0.23 simple debconf wrapper for
OpenSSL
Versions of packages apache2.2-common suggests:
ii apache2-doc 2.2.9-10+lenny3 Apache HTTP Server
documentation
pn apache2-suexec | apache2 none (no description available)
ii dillo [www-browser] 0.8.6-3 Small and fast web browser
ii elinks [www-browser] 0.11.4-3advanced text-mode WWW browser
ii epiphany-gecko [www-brow 2.22.3-9Intuitive GNOME web browser
- Geck
ii iceape-browser [www-brow 1.1.14-1Iceape Navigator (Internet
browser
ii iceweasel [www-browser] 3.0.6-1 lightweight web browser
based on M
ii w3m [www-browser]0.5.2-2+b1 WWW browsable pager with
excellent
Versions of packages apache2.2-common is related to:
pn apache2-mpm-eventnone (no description available)
pn apache2-mpm-itk none (no description available)
ii apache2-mpm-prefork 2.2.9-10+lenny3 Apache HTTP Server -
traditional n
pn apache2-mpm-worker none (no description available)
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#533609: Thanks
Hi, That's cool :) Will it be fixed in Lenny ? Could be released with the fix for #533628... See ya. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Feedback from Nokia
Hi, Feedback from Nokia: Thank you for reporting. We actually removed this code now since we cannot change the behavior of Qt when applications already rely on something different. So I guess it's been broken so long they're not going to fix it. Sounds a bit odd to me, but it's their choice. Now, it's Debian turn to make a choice : * Will you leave it as is and let the users depend on Nokia to chose whether to trust a CA or not? * Will you patch it? I guess you know my opinion :) Regards,
Bug#533609: transmission-cli: torrent files created with transmissioncli are invalid
Package: transmission-cli
Version: 1.22-1
Severity: grave
Justification: renders package unusable
Tags: patch
When creating a torrent and chosing a directory as a source (-c),
file-names in the torrent file are cropped (first character missing) if
the directory name ends with a slash, which happen in most of the case
because we use bash autocompletion (and it's hard to guess that this
final slash is the source of the problem, I had to read the code to
understand that!)
This leads to the inability to seed the torrent because the client using
the .torrent file cannot find the files it refers to.
I propose the following patch to work around the problem :
--- libtransmission/makemeta.c.old2009-06-19 11:21:27.0 +0200
+++ libtransmission/makemeta.c2009-06-19 11:21:37.0 +0200
@@ -274,7 +274,7 @@
tr_benc * uninitialized_path )
{
const char *pch, *prev;
-const size_t topLen = strlen(topFile) + 1; /* +1 for '/' */
+const size_t topLen = strlen(topFile);
int n;
/* get the file size */
if topFile contains a final slash, it will be taken in account by
strlen. So far, this patch seems to cause no side effects neither with
-cli nor -gtk.
Regards
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages transmission-cli depends on:
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libcurl37.18.2-8lenny2 Multi-protocol file
transfer libra
ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries
ii transmission-common 1.22-1 free, lightweight
BitTorrent clien
transmission-cli recommends no packages.
transmission-cli suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#533628: transmission-cli: Segmentation Fault if no announce URL given when creating a torrent
Package: transmission-cli
Version: 1.22-1
Severity: minor
Tags: patch
If you try to create a torrent (-c option) and dont give an announce URL
(-a option), transmissioncli segfaults.
Here are two patches, the 1st one prevents the segmentation fault, the
second display an error message at command line parsing.
--- libtransmission/utils.c2008-06-14 00:00:42.0 +0200
+++ libtransmission/utils.c.new2009-06-19 14:20:32.0 +0200
@@ -968,6 +968,9 @@
const char * host = NULL;
const char * path = NULL;
+if (!(url_in *url_in))
+ return TRUE;
+
tmp = tr_strndup( url_in, len );
if(( pch = strstr( tmp, :// )))
--- cli/transmissioncli.c2008-06-14 00:00:51.0 +0200
+++ cli/transmissioncli.c.new2009-06-19 14:20:47.0 +0200
@@ -221,14 +221,22 @@
if( sourceFile *sourceFile ) /* creating a torrent */
{
int err;
-tr_metainfo_builder * builder = tr_metaInfoBuilderCreate( h,
sourceFile );
-tr_makeMetaInfo( builder, torrentPath, announce, comment,
isPrivate );
-while( !builder-isDone ) {
-tr_wait( 1000 );
-printf( . );
+if (!(announce *announce))
+{
+err=-1;
+fprintf( stderr, You must specify an annouce URL to create
a torrent\n);
+}
+else
+{
+tr_metainfo_builder * builder = tr_metaInfoBuilderCreate(
h, sourceFile );
+tr_makeMetaInfo( builder, torrentPath, announce, comment,
isPrivate );
+while( !builder-isDone ) {
+tr_wait( 1000 );
+printf( . );
+}
+err = builder-result;
+tr_metaInfoBuilderFree( builder );
}
-err = builder-result;
-tr_metaInfoBuilderFree( builder );
return err;
}
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages transmission-cli depends on:
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libcomerr2 1.41.3-1 common error description
library
ii libcurl37.18.2-8lenny2 Multi-protocol file
transfer libra
ii libidn111.8+20080606-1 GNU libidn library,
implementation
ii libkrb531.6.dfsg.4~beta1-5lenny1 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries
ii libssh2-1 0.18-1 SSH2 client-side library
ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries
ii transmission-co 1.22-1 free, lightweight
BitTorrent clien
ii zlib1g 1:1.2.3.3.dfsg-12compression library - runtime
transmission-cli recommends no packages.
transmission-cli suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503069: Testing your solution
Hi, Sorry for answering so late, I just saw your reply. I'm gonna test your solution and tell you if it works in my case. Regards, -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: libqt4-network: Locally installed root CAs not read
Package: libqt4-network
Version: 4.4.3-1
Severity: grave
Justification: user security hole
Tags: patch security
Applications using QT SSL Layer fail to verify SSL encrypted connexion
because system-wide installed certificates authorities are not read (can
be verified with strace)
For example, mumble cannot verify that a server it connects to has a
good certificate even if the root CA is locally installed (but mumble
won't work if there is intermediate certificate but this is a
mumble-server bug that will be fixed in 1.2).
Here is my patch to fix the problem :
diff -Naur qt4-x11-4.4.3/src/network/ssl/qsslsocket_openssl.cpp
qt4-x11-4.4.3-sslfix/src/network/ssl/qsslsocket_openssl.cpp
--- qt4-x11-4.4.3/src/network/ssl/qsslsocket_openssl.cpp
2008-09-27 10:58:47.0 +0200
+++ qt4-x11-4.4.3-sslfix/src/network/ssl/qsslsocket_openssl.cpp
2009-05-25 15:16:39.0 +0200
@@ -466,7 +466,7 @@
QListQSslCertificate QSslSocketPrivate::systemCaCertificates()
{
-#ifdef QQ_OS_UNIX
+#ifdef Q_OS_UNIX
// Check known locations for the system's default bundle. ### On
Windows,
// we should use CAPI to find the bundle, and not rely on default unix
// locations.
@@ -479,13 +479,16 @@
#endif
0};
const char **it = standardLocations;
+QListQSslCertificate certs;
QStringList nameFilter;
nameFilter QLatin1String(*.pem) QLatin1String(*.crt);
while (*it) {
-if (QDirIterator(QLatin1String(*it), nameFilter).hasNext())
-return certificatesFromPath(QLatin1String(*it));
+ QDirIterator certfilesIt(QLatin1String(*it), nameFilter);
+while (certfilesIt.hasNext())
+certs += QSslCertificate::fromPath(certfilesIt.next());
++it;
}
+return certs;
#endif
// Qt provides a default bundle when we cannot detect the system's
default
The problem has been reported to QT but I don't know if it has been
fixed and how... I consider it as a grave problem because a user can't
verify the identity of a server
he connects to.
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.29.4 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libqt4-network depends on:
ii libc6 2.7-18GNU C Library: Shared libraries
ii libgcc11:4.3.2-1.1 GCC support library
ii libqtcore4 4.4.3-1 Qt 4 core module
ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
libqt4-network recommends no packages.
libqt4-network suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Acknowledgement (libqt4-network: Locally installed root CAs not read)
Hi, Reading this bug report on mumble might help you to analyse the problem : https://sourceforge.net/tracker/?func=detailaid=2793899group_id=147372atid=768005 Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529413: mumble-server: Own proper SSL certificate not taken in account
Package: mumble-server
Version: 1.1.4-4+lenny1
Severity: normal
I set up a authority signed SSL certificate for use with mumble-server,
and configured the ini configuration file this way :
# If you have a proper SSL certificate, you can provide the filenames here.
sslCert=/var/lib/mumble-server/speak.xxx.net.cert.pem
sslKey=/var/lib/mumble-server/speak.xxx.net.key.pem
When I launch the server with strace, it reports that it reads the files :
open(/var/lib/mumble-server/speak.xxx.net.cert.pem,
O_RDONLY|O_LARGEFILE) = 11
fcntl64(11, F_SETFD, FD_CLOEXEC)= 0
stat64(/var/lib/mumble-server/speak.xxx.net.cert.pem,
{st_mode=S_IFREG|0644, st_size=6748, ...}) = 0
stat64(/var/lib/mumble-server/speak.xxx.net.cert.pem,
{st_mode=S_IFREG|0644, st_size=6748, ...}) = 0
stat64(/var/lib/mumble-server/speak.xxx.cert.pem,
{st_mode=S_IFREG|0644, st_size=6748, ...}) = 0
fstat64(11, {st_mode=S_IFREG|0644, st_size=6748, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb77b1000
read(11, Certificate:\nData:\nVe..., 4096) = 4096
read(11, :db:96:f0:44:08:7e:2b:d3:\n ..., 4096) = 2652
read(11, ..., 4096) = 0
close(11) = 0
munmap(0xb77b1000, 4096)= 0
open(/var/lib/mumble-server/speak.xxx.net.key.pem,
O_RDONLY|O_LARGEFILE) = 11
fcntl64(11, F_SETFD, FD_CLOEXEC)= 0
stat64(/var/lib/mumble-server/speak.xxx.net.key.pem,
{st_mode=S_IFREG|0640, st_size=3243, ...}) = 0
stat64(/var/lib/mumble-server/speak.xxx.net.key.pem,
{st_mode=S_IFREG|0640, st_size=3243, ...}) = 0
stat64(/var/lib/mumble-server/speak.xxx.net.key.pem,
{st_mode=S_IFREG|0640, st_size=3243, ...}) = 0
fstat64(11, {st_mode=S_IFREG|0640, st_size=3243, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb77b1000
read(11, -BEGIN RSA PRIVATE KEY-\nM..., 4096) = 3243
read(11, ..., 4096) = 0
close(11) = 0
--
But when I connect to the server with debian lenny's client, the
certificate the server presents is still a self signed one
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Kernel: 2.6.28.4--std-ipv6-32 (SMP)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529413: Acknowledgement (mumble-server: Own proper SSL certificate not taken in account)
Hi, I found a work around : * stop the mumble-server * install sqlite3 * open the mumble-server database $ sqlite3 /var/lib/mumble-server/mumble-server.sqlite * execute the following SQL command : delete from config where keystring=key OR keystring=certificate; .quit * start the mumble-server, the certificates should now work Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503069: What's up ?
Hi, I still have no answer to this bug report after one week. Do you need more informations ? Regards, François. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#503069: Apache 2.2.3-4+etch5 (apache2-mpm-worker) mod_rewrite BUG
Package: apache2-mpm-worker Version: 2.2.3-4+etch5 Severity: important According to http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule : The Substitution of a rewrite rule is the string that replaces the original URL-path that was matched by Pattern. The Substitution may be a: [...] *file-system path* Designates the location on the file-system of the resource to be delivered to the client. URL-path A DocumentRoot-relative path to the resource to be served. *Note that mod_rewrite tries to guess whether you have specified a file-system path or a URL-path by checking to see if the first segment of the path exists at the root of the file-system.* For example, if you specify a Substitution string of /www/file.html, then this will be treated as a URL-path unless a directory named www exists at the root or your file-system, in which case it will be treated as a file-system path. If you wish other URL-mapping directives (such as Alias) to be applied to the resulting URL-path, use the [PT] flag as described below. [...] TEST CASE: 1. In apache2.conf, add the following section FilesMatch \.test$ Options FollowSymLinks RewriteEngine On RewriteRule ^(.*)$ $1.gz [L,PT] /FilesMatch 2. touch DocumentRoot/bar.test.gz 3. Access http://localhost/bar.test http://localhost/foo ACTUAL RESULT: You get an error page The requested URL DocumentRoot/bar.test.gz was not found on this server., because the substitution gets interpreted as URL relative to DocumentRoot For example, if the document root is /var/www/example/ you'll find in the error log File does not exist: /var/www/example/var EXPECTED: The file DocumentRoot/bar.test.gz should be served. A similar bug has already be filed on Ubuntu's bugtracking by someone else here : https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/174282 I guess it is related but the bug has been closed because it lacks the information we need to investigate the problem. By advance, thanks. François. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
