Bug#907314: unbound: exception in python module due to the dnameAsStr() function
Hello, I'm having the same issue. Building the upstream version (which I guess doesn't try to shoehorn python3 support) works. F.
Bug#903934: regression: 3.16.57-2 fails to boot libvirt guests on Xeon E3-1225
On Tue, 2018-07-17 at 01:00 +0100, Ben Hutchings wrote: > Do you have the current intel-microcode installed on the VM host? > (This shouldn't happen in either case, but it may help to track down > the bug. I originally tested on a desktop Sandy Bridge system with > the updated microcode installed.) > > Ben. I thought the same, and it fails with both microcode revisions 0x12 and 0x1f (2018-02-07) which is the latest even in the latest 2018-07-03 release from intel.
Bug#903934: regression: 3.16.57-2 fails to boot libvirt guests on Xeon E3-1225
Package: src:linux Version: 3.16.57-2 Severity: important After upgrading linux-image-3.16.0-6-amd64 (3.16.57-2) over (3.16.56- 1+deb8u1) on a VM host and its guests, the guests were not able to boot-up any more (see Guest Kernel Log below). I found a workaround which is to change the cpu of the host from to SandyBridge ** Guest Kernel log: [0.00] Initializing cgroup subsys cpuset [0.00] Initializing cgroup subsys cpu [0.00] Initializing cgroup subsys cpuacct [0.00] Linux version 3.16.0-6-amd64 (debian-kernel@lists.debian .org) (gcc version 4.9.2 (Debian 4.9.2-10+deb8u1) ) #1 SMP Debian 3.16.57-2 (2018-07-14) [0.00] Command line: BOOT_IMAGE=/boot/vmlinuz-3.16.0-6-amd64 root=UUID=2d9bd07f-0c61-48eb-bddf-d90d8e48c95d ro console=ttyS0,115200 [0.00] e820: BIOS-provided physical RAM map: [0.00] BIOS-e820: [mem 0x-0x0009fbff] usable [0.00] BIOS-e820: [mem 0x0009fc00-0x0009] reserved [0.00] BIOS-e820: [mem 0x000f-0x000f] reserved [0.00] BIOS-e820: [mem 0x0010-0xbffdefff] usable [0.00] BIOS-e820: [mem 0xbffdf000-0xbfff] reserved [0.00] BIOS-e820: [mem 0xfeffc000-0xfeff] reserved [0.00] BIOS-e820: [mem 0xfffc-0x] reserved [0.00] BIOS-e820: [mem 0x0001-0x00023fff] usable [0.00] NX (Execute Disable) protection: active [0.00] SMBIOS 2.8 present. [0.00] Hypervisor detected: KVM [0.00] AGP: No AGP bridge found [0.00] e820: last_pfn = 0x24 max_arch_pfn = 0x4 [0.00] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106 [0.00] e820: last_pfn = 0xbffdf max_arch_pfn = 0x4 [0.00] found SMP MP-table at [mem 0x000f0e40-0x000f0e4f] mapped at [880f0e40] [0.00] init_memory_mapping: [mem 0x-0x000f] [0.00] init_memory_mapping: [mem 0x23fe0-0x23fff] [0.00] init_memory_mapping: [mem 0x23c00-0x23fdf] [0.00] init_memory_mapping: [mem 0x2-0x23bff] [0.00] init_memory_mapping: [mem 0x0010-0xbffdefff] [0.00] init_memory_mapping: [mem 0x1-0x1] [0.00] RAMDISK: [mem 0x36158000-0x370a3fff] [0.00] ACPI: Early table checksum verification disabled [0.00] ACPI: RSDP 0x000F0DF0 14 (v00 BOCHS ) [0.00] ACPI: RSDT 0xBFFE16B1 30 (v01 BOCHS BXPCRSDT 0001 BXPC 0001) [0.00] ACPI: FACP 0xBFFE08B7 74 (v01 BOCHS BXPCFACP 0001 BXPC 0001) [0.00] ACPI: DSDT 0xBFFDFDC0 000AF7 (v01 BOCHS BXPCDSDT 0001 BXPC 0001) [0.00] ACPI: FACS 0xBFFDFD80 40 [0.00] ACPI: SSDT 0xBFFE092B 000CF6 (v01 BOCHS BXPCSSDT 0001 BXPC 0001) [0.00] ACPI: APIC 0xBFFE1621 90 (v01 BOCHS BXPCAPIC 0001 BXPC 0001) [0.00] No NUMA configuration found [0.00] Faking a node at [mem 0x- 0x00023fff] [0.00] Initmem setup node 0 [mem 0x-0x23fff] [0.00] NODE_DATA [mem 0x23fff6000-0x23fffafff] [0.00] kvm-clock: Using msrs 4b564d01 and 4b564d00 [0.00] kvm-clock: cpu 0, msr 2:3ffee001, primary cpu clock [0.00] Zone ranges: [0.00] DMA [mem 0x1000-0x00ff] [0.00] DMA32[mem 0x0100-0x] [0.00] Normal [mem 0x1-0x23fff] [0.00] Movable zone start for each node [0.00] Early memory node ranges [0.00] node 0: [mem 0x1000-0x0009efff] [0.00] node 0: [mem 0x0010-0xbffdefff] [0.00] node 0: [mem 0x1-0x23fff] [0.00] ACPI: PM-Timer IO Port: 0x608 [0.00] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled) [0.00] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x01] enabled) [0.00] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x02] enabled) [0.00] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] enabled) [0.00] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) [0.00] ACPI: IOAPIC (id[0x00] address[0xfec0] gsi_base[0]) [0.00] IOAPIC[0]: apic_id 0, version 17, address 0xfec0, GSI 0-23 [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) [0.00] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) [0.00] Using ACPI (MADT) for SMP configuration information [0.00] smpboot: Allowing 4 CPUs, 0 hotplug CPUs [0.00] PM: Registered nosave memory: [mem 0x0009f000- 0x0009] [
Bug#758660: libpam-myslq 0.7~RC1-4+b3 still affected
Hello, I confirm this is still an issue with the latest stable and really a pain in the butt just to find what the issue is! F.
Bug#782251: python-boto: S3 upload using sigv4 crash
Hi Eric, Thanks for your reply. Not all package maintainers are as understanding as you are when it comes to bug severity, it's a subject that is easy to get into an argument about! I think it should be fixed in Jessie eventually and it seems common enough a use case that some people will hit the bug on day one. Now, is it worth delaying the release of Jessie for that? I lean toward 'no' as there are two possible workarounds (disabling multipart and installing it via pip). But it still severely affects the usability of the package. Best regards, François. On 19 April 2015 04:25:35 BST, Eric Evans eev...@sym-link.com wrote: severity 782251 important tag 782251 -patch thanks [ Francois Guerraz ] Package: python-boto Version: 2.34.0-2 Severity: normal Tags: patch upstream Using boto as a backend for duplicity with multipart upload in the Frankfurt region result in crash: TypeError: argument of type 'int' is not iterable I believe this bug was reported and fixed upstream: https://github.com/boto/boto/issues/2731 Hi Francois, Thanks for the report; I try to keep an out for upstream bug reports that effect the package, but I clearly missed this one. For posterity sake, the canonical upstream bug report seems to be: https://github.com/boto/boto/pull/2744. I think this more serious than severity 'normal', the question is: is it 'important', or 'serious' (serious would make it release-critical)? It's not entirely clear to me what it takes to exercise this code (the assignment of the integer in boto/connection.py), but I assume it's uncommon enough that 'serious' isn't warranted. Let me know if you disagree. In this meantime, I'll put together a new upstream release for upload to experimental, at least. Regards, -- Eric Evans eev...@sym-link.com -- Sent from Kaiten Mail. Please excuse my brevity.
Bug#379810: Memory leak still present in 2.1.23.dfsg1-7
Hi, I can confirm that this bug is still present in 2.1.23.dfsg1-7 using libpam and can leak GBs of RAM very quickly when in production. Disabling threading fixes the leak but causes other problems... Is there any way I could provide useful information to help squashing this bug? Cheers, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Policy violation
On 25 Sep 2011, at 20:06, Philipp Kern pk...@debian.org wrote: You can actually recompile them to ship with your own certs. But you cannot quote non-existent configuration files not being in /etc as a reason for a policy violation and hence upgrade it to serious, sorry. Kind regards Philipp Kern Ok, so there's probably not such a thing as a bug in an open source software, because you can just fix it and compile it yourself. I know that's it's a question of opinion and that it's probably never going to be fixed, but I strongly disagree with you: this is a big issue. It's not Debian's fault, I know that, but if you want Debian to be consistant, you can't have certificates bundles everywhere in the system, the recent Diginotar issue proves it again : you guys had to upload a shitload of packages just to remove one single CA, sometimes with several days of interval. I find it ridiculous, unsafe and messy. In my opinion it should be adressed and would definitely make Debian a better system. I acknowledge you are really making a good job with Debian, so I don't mean to be rude... Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: bug still here in Squeeze
Severity: severe Hi, This bug is still here in Squeeze and is now even more annoying. Now that murmurd checks for it's own cert validity, it refuses to accept any connexion if the certificate is not signed by an authority contained in the CA bundle embedded in /usr/lib/libQtNetwork.so.4 So this bug makes some packages unusable for me (unless I pay for certificate to a Nokia-trusted CA, or trust a free CA that I don't want to trust). It's clearly taking away some freedom. This bug is now severe for me. Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Policy violation
I think that this package is in violation of Debian policy : http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files The data contained in /usr/lib/libQtNetwork.so.4 affects the operation of a program, or provides site- or host-specific information, or otherwise customizes the behavior of a program. and therefore this data should reside in /etc Of course, I keep believing that ssl certs in /etc/ss/ should be used instead of that bundle. Kind Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603015: xserver-xorg-video-intel: [G33] Crash (SEGV) when switching to 3D board in Fritz 12 under wine
On Wed, 10 Nov 2010 16:59:25 +0100, Julien Cristau jcris...@debian.org wrote: Please try the attached patch against lenny's xorg-server. Hello, The patch fixes the problem. Many thanks. Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603015: xserver-xorg-video-intel: [G33] Crash (SEGV) when switching to 3D board in Fritz 12 under wine
Package: xserver-xorg-video-intel Version: 2:2.3.2-2+lenny8 Severity: important The bug is always reproductible : install Fritz 12 under Lenny's wine, then launch the app and switch to 3D board. It is not supposed to work under wine yet but it's not supposed to make X crash. Here is a backtrace : #0 0x0035a7c31ed5 in raise () from /lib/libc.so.6 (gdb) bt full #0 0x0035a7c31ed5 in raise () from /lib/libc.so.6 No symbol table info available. #1 0x0035a7c333f3 in abort () from /lib/libc.so.6 No symbol table info available. #2 0x0046a3a9 in ddxGiveUp () at ../../../../hw/xfree86/common/xf86Init.c:1073 i = value optimized out #3 0x0057bfc8 in AbortServer () at ../../os/log.c:406 No locals. #4 0x0057c635 in FatalError (f=0x586dc0 Caught signal %d. Server aborting\n) at ../../os/log.c:552 args = {{gp_offset = 16, fp_offset = 48, overflow_arg_area = 0x7fff97511ff0, reg_save_area = 0x7fff97511f30}} beenhere = 1 #5 0x00486e80 in xf86SigHandler (signo=11) at ../../../../hw/xfree86/common/xf86Events.c:766 No locals. #6 signal handler called No symbol table info available. #7 GetDrawableOrPixmap (glxc=0x0, drawId=37748747, ppGlxDraw=0x7fff975125c0, ppPixmap=0x7fff975125b8, client=0xe1ff20) at ../../../GL/glx/glxcmds.c:475 vid = 35 pDraw = (DrawablePtr) 0xd7b760 modes = value optimized out pGlxDraw = value optimized out drawPixmap = value optimized out rc = value optimized out #8 0x7fd48e4b771e in __glXDisp_SwapBuffers (cl=0x154bad0, pc=value optimized out) at ../../../GL/glx/glxcmds.c:1506 client = (ClientPtr) 0xe1ff20 tag = 0 drawId = 37748747 glxc = (__GLXcontext *) 0x0 pGlxDraw = value optimized out pPixmap = (__GLXpixmap *) 0xe1ff20 error = value optimized out #9 0x7fd48e4ba8a5 in __glXDispatch (client=0xe1ff20) at ../../../GL/glx/glxext.c:561 stuff = (xGLXSingleReq *) 0x332aa10 opcode = value optimized out cl = (__GLXclientState *) 0x154bad0 retval = 1 #10 0x0044f7e2 in Dispatch () at ../../dix/dispatch.c:502 result = value optimized out client = (ClientPtr) 0xe1ff20 nready = 0 start_tick = 260 #11 0x00436bd5 in main (argc=9, argv=0x7fff97512be8, envp=value optimized out) at ../../dix/main.c:452 i = 1 error = 0 xauthfile = value optimized out alwaysCheckForInput = {0, 1} -- Package-specific info: Contents of /var/lib/x11/X.roster: xserver-xorg /var/lib/x11/X.md5sum does not exist. X server symlink status: lrwxrwxrwx 1 root root 13 fév 23 2010 /etc/X11/X - /usr/bin/Xorg -rwxr-xr-x 1 root root 1959592 jun 11 2009 /usr/bin/Xorg Contents of /var/lib/x11/xorg.conf.roster: xserver-xorg VGA-compatible devices on PCI bus: 00:02.0 VGA compatible controller: Intel Corporation 82G33/G31 Express Integrated Graphics Controller (rev 10) /etc/X11/xorg.conf does not match checksum in /var/lib/x11/xorg.conf.md5sum. Xorg X server configuration file status: -rw-r--r-- 1 root root 1136 nov 8 18:50 /etc/X11/xorg.conf Contents of /etc/X11/xorg.conf: # xorg.conf (X.Org X Window System server configuration file) # # This file was generated by dexconf, the Debian X Configuration tool, using # values from the debconf database. # # Edit this file with caution, and see the xorg.conf manual page. # (Type man xorg.conf at the shell prompt.) # # This file is automatically updated on xserver-xorg package upgrades *only* # if it has not been modified since the last upgrade of the xserver-xorg # package. # # If you have edited this file but would like it to be automatically updated # again, run the following command: # sudo dpkg-reconfigure -phigh xserver-xorg Section InputDevice Identifier Generic Keyboard Driver kbd Option XkbRules xorg Option XkbModel pc105 Option XkbLayout fr Option XkbVariantlatin9 EndSection Section InputDevice Identifier Configured Mouse Driver mouse EndSection Section Device Identifier Configured Video Device EndSection Section Monitor Identifier Configured Monitor EndSection Section Screen Identifier Default Screen Monitor Configured Monitor EndSection -- System Information: Debian Release: 5.0.6 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages xserver-xorg-video-intel depends on: ii libc6 2.7-18lenny6 GNU C Library: Shared libraries ii libdrm22.3.1-2 Userspace interface to kernel DRM ii xserver-xorg-core 2:1.4.2-10.lenny2 Xorg X
Bug#602683: xserver-xorg-video-intel: Random crashes with Error in I830WaitLpRing()
On Mon, 8 Nov 2010 11:38:05 +0100, Julien Cristau jcris...@debian.org wrote: Does Option AccelMethod xaa or Option EXANoComposite on avoid the crash? As the bug appears randomly, it may take some time to tell and I we'll not be 100% sure. But I'll test it. Thanks. François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602683: xserver-xorg-video-intel: Random crashes with Error in I830WaitLpRing()
Package: xserver-xorg-video-intel Version: 2:2.3.2-2+lenny8 Severity: important When using some 2D or 3D capacities (for example with games as simple as in GCompris), X crashes sometimes. Here is a backtrace of the crash : #0 0x003e31231ed5 in raise () from /lib/libc.so.6 No symbol table info available. #1 0x003e312333f3 in abort () from /lib/libc.so.6 No symbol table info available. #2 0x0057c64d in FatalError (f=0x7f72e76498c4 lockup\n) at ../../os/log.c:554 args = {{gp_offset = 8, fp_offset = 48, overflow_arg_area = 0x7fff674d6e40, reg_save_area = 0x7fff674d6d80}} beenhere = 1 #3 0x7f72e76110f9 in I830WaitLpRing (pScrn=0x13bca40, n=131064, timeout_millis=0) at ../../src/i830_accel.c:150 pI830 = (I830Ptr) 0x13bf100 ring = (I830RingBuffer *) 0x7f7d00 iters = 11723754 start = 237207775 now = value optimized out last_head = 112460 #4 0x7f72e761150b in I830Sync (pScrn=0x13bca40) at ../../src/i830.h:863 pI830 = (I830Ptr) 0x13bf100 flags = 33554449 __FUNCTION__ = I830Sync #5 0x7f72e761e250 in i830_stop_ring (pScrn=0x13bca40, flush=value optimized out) at ../../src/i830_driver.c:1900 No locals. #6 0x7f72e761e39d in I830LeaveVT (scrnIndex=value optimized out, flags=value optimized out) at ../../src/i830_driver.c:3321 pScrn = (ScrnInfoPtr) 0x13bca40 pI830 = (I830Ptr) 0x13bf100 o = 2 #7 0x0046a445 in AbortDDX () at ../../../../hw/xfree86/common/xf86Init.c:1112 i = 1 #8 0x0057bfc8 in AbortServer () at ../../os/log.c:406 No locals. #9 0x0057c635 in FatalError (f=0x7f72e76498c4 lockup\n) at ../../os/log.c:552 args = {{gp_offset = 8, fp_offset = 48, overflow_arg_area = 0x7fff674d7020, reg_save_area = 0x7fff674d6f60}} beenhere = 1 #10 0x7f72e76110f9 in I830WaitLpRing (pScrn=0x13bca40, n=131064, timeout_millis=0) at ../../src/i830_accel.c:150 pI830 = (I830Ptr) 0x13bf100 ring = (I830RingBuffer *) 0x7f7d00 iters = 11097700 start = 237205507 now = value optimized out last_head = 112460 #11 0x7f72e761150b in I830Sync (pScrn=0x13bca40) at ../../src/i830.h:863 pI830 = (I830Ptr) 0x13bf100 flags = 33554449 __FUNCTION__ = I830Sync #12 0x7f72e66bf98e in exaWaitSync (pScreen=0xd48) at ../../exa/exa.c:806 pExaScr = (ExaScreenPrivPtr) 0x13f5400 #13 0x7f72e66c0331 in exaPrepareAccess (pDrawable=0x2442a20, index=1) at ../../exa/exa.c:352 pPixmap = (PixmapPtr) 0x2442a20 #14 0x7f72e66c393d in exaCopyDirtyToSys (pPixmap=0x2442a20) at ../../exa/exa_migration.c:155 pExaScr = (ExaScreenPrivPtr) 0x13f5400 pExaPixmap = (ExaPixmapPrivPtr) 0x2442a80 pRegion = (RegionPtr) 0x2442b20 save_pitch = 64 pBox = (BoxPtr) 0x2442b20 nbox = 0 do_sync = 0 #15 0x7f72e66c39c8 in exaMoveOutPixmap (pPixmap=0x2442a20) at ../../exa/exa_migration.c:376 pExaPixmap = (ExaPixmapPrivPtr) 0x2442a80 #16 0x7f72e66c4531 in exaDoMigration (pixmaps=0x7fff674d7220, npixmaps=1, can_accel=0) at ../../exa/exa_migration.c:620 pExaScr = (ExaScreenPrivPtr) 0x13f5400 i = 1 j = value optimized out __func__ = exaDoMigration #17 0x7f72e66c1ecd in exaGetImage (pDrawable=0x2442a20, x=0, y=0, w=16, h=1, format=2, planeMask=4294967295, d=0x7f72d05e9000 ) at ../../exa/exa_accel.c:1360 pExaScr = (ExaScreenPrivPtr) 0x13f5400 pixmaps = {{as_dst = 0, as_src = 1, pPix = 0x2442a20}} pPix = value optimized out xoff = 32626 yoff = -426988984 ok = value optimized out #18 0x004dd212 in miBSGetImage (pDrawable=0x2442a20, sx=0, sy=0, w=16, h=1, format=2, planemask=4294967295, pdstLine=0x7f72d05e9000 ) at ../../mi/mibstore.c:609 pScreen = (ScreenPtr) 0x13ee480 bounds = {x1 = 0, y1 = 0, x2 = 0, y2 = 0} depth = 0 '\0' #19 0x004ef963 in miSpriteGetImage (pDrawable=0x2442a20, sx=0, sy=8, w=16, h=1, format=2, planemask=4294967295, pdstLine=0x7f72d05e9000 ) at ../../mi/misprite.c:299 pScreen = (ScreenPtr) 0x13ee480 #20 0x00505d68 in ProcShmGetImage (client=0x1e65260) at ../../Xext/shm.c:1003 pDraw = (DrawablePtr) 0x2442a20 lenPer = 0 length = value optimized out plane = 0 xgi = {type = 1 '\001', depth = 32 ' ', sequenceNumber = 43513, length = 0, visual = 0, size = 64, pad0 = 21007712, pad1 = 0, pad2 = 1733129336, pad3 = 32767} shmdesc = value optimized out rc = value optimized out #21 0x00506468 in ProcShmDispatch (client=0x1e65260) at ../../Xext/shm.c:1158 No locals. #22 0x0044f7e2 in Dispatch () at ../../dix/dispatch.c:502 result = value optimized out client = (ClientPtr) 0x1e65260 nready = 0 start_tick = 4100 #23 0x00436bd5 in main (argc=9,
Bug#568082: wrong exit code
Package: lftp Version: 3.7.3-1 Severity: normal Tags: patch -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages lftp depends on: ii libc6 2.7-18lenny2 GNU C Library: Shared libraries ii libexpat1 2.0.1-4+lenny3XML parsing C library - runtime li ii libgcc11:4.3.2-1.1 GCC support library ii libgcrypt111.4.1-1 LGPL Crypto library - runtime libr ii libgnutls262.4.2-6+lenny2the GNU TLS library - runtime libr ii libgpg-error0 1.4-2 library for common error values an ii libncurses55.7+20081213-1shared libraries for terminal hand ii libreadline5 5.2-3.1 GNU readline and history libraries ii libtasn1-3 1.4-1 Manage ASN.1 structures (runtime) ii netbase4.34 Basic TCP/IP networking system ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime lftp recommends no packages. lftp suggests no packages. -- no debconf information Hi, When an upload / download fails, lftp exits with SUCCESS (0) which makes lftp unusable for automation / scripting. The problem was also described here http://www.mail-archive.com/l...@uniyar.ac.ru/msg03613.html A patch was proposed and included in a later version, see : http://www.mail-archive.com/l...@uniyar.ac.ru/msg03613.html Could you please backport this path to the current stable debian version of lftp ? Best regards, François -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534712: apache2.2-common: DOS possible with mod_deflate
Package: apache2.2-common Version: 2.2.9-10+lenny3 Severity: normal Tags: patch security There is a bug in mod_deflate that can lead to a DOS with a very small network traffic. The problem is the following : when downloading a file with mod_deflate enabled and aborting the connexion before the end, mod_deflate will take 100% of a CPU and finish to compress the file for nothing. Even with a not-so-big file (a few dozen of MB), it is possible to lock apache by opening simultaneous request on this file and abort the connexion very soon, as the file will be compressed multiple times in parallel, it will make compression times grow and keep the threads busy for a while. The problem arises because mod_deflate doesn't check if the connexion is aborted and goes on whatever happen. The following patch fixes the problem, but at reading the code, I guess that the inflate function is also impacted. Best regards, François --- mod_deflate.c 2008-01-04 15:23:50.0 +0100 +++ mod_deflate.c.new 2009-06-26 16:50:36.0 +0200 @@ -691,6 +691,10 @@ continue; } + if (r-connection-aborted) { +return APR_ECONNABORTED; +} + /* read */ apr_bucket_read(e, data, len, APR_BLOCK_READ); -- Package-specific info: List of enabled modules from 'apache2 -M': alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex cgi deflate dir env expires headers mime negotiation perl php5 python setenvif status userdir -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.30 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.9-10+lenny3 utility programs for webservers ii libapr1 1.2.12-5 The Apache Portable Runtime Librar ii libaprutil1 1.2.12+dfsg-8+lenny2 The Apache Portable Runtime Utilit ii libc6 2.7-18 GNU C Library: Shared libraries ii libmagic1 4.26-1 File type determination library us ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries ii lsb-base3.2-20 Linux Standard Base 3.2 init scrip ii mime-support3.44-1 MIME files 'mime.types' 'mailcap ii net-tools 1.60-22 The NET-3 networking toolkit ii perl5.10.0-19Larry Wall's Practical Extraction ii procps 1:3.2.7-11 /proc file system utilities ii zlib1g 1:1.2.3.3.dfsg-12compression library - runtime Versions of packages apache2.2-common recommends: ii ssl-cert 1.0.23 simple debconf wrapper for OpenSSL Versions of packages apache2.2-common suggests: ii apache2-doc 2.2.9-10+lenny3 Apache HTTP Server documentation pn apache2-suexec | apache2 none (no description available) ii dillo [www-browser] 0.8.6-3 Small and fast web browser ii elinks [www-browser] 0.11.4-3advanced text-mode WWW browser ii epiphany-gecko [www-brow 2.22.3-9Intuitive GNOME web browser - Geck ii iceape-browser [www-brow 1.1.14-1Iceape Navigator (Internet browser ii iceweasel [www-browser] 3.0.6-1 lightweight web browser based on M ii w3m [www-browser]0.5.2-2+b1 WWW browsable pager with excellent Versions of packages apache2.2-common is related to: pn apache2-mpm-eventnone (no description available) pn apache2-mpm-itk none (no description available) ii apache2-mpm-prefork 2.2.9-10+lenny3 Apache HTTP Server - traditional n pn apache2-mpm-worker none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#533609: Thanks
Hi, That's cool :) Will it be fixed in Lenny ? Could be released with the fix for #533628... See ya. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Feedback from Nokia
Hi, Feedback from Nokia: Thank you for reporting. We actually removed this code now since we cannot change the behavior of Qt when applications already rely on something different. So I guess it's been broken so long they're not going to fix it. Sounds a bit odd to me, but it's their choice. Now, it's Debian turn to make a choice : * Will you leave it as is and let the users depend on Nokia to chose whether to trust a CA or not? * Will you patch it? I guess you know my opinion :) Regards,
Bug#533609: transmission-cli: torrent files created with transmissioncli are invalid
Package: transmission-cli Version: 1.22-1 Severity: grave Justification: renders package unusable Tags: patch When creating a torrent and chosing a directory as a source (-c), file-names in the torrent file are cropped (first character missing) if the directory name ends with a slash, which happen in most of the case because we use bash autocompletion (and it's hard to guess that this final slash is the source of the problem, I had to read the code to understand that!) This leads to the inability to seed the torrent because the client using the .torrent file cannot find the files it refers to. I propose the following patch to work around the problem : --- libtransmission/makemeta.c.old2009-06-19 11:21:27.0 +0200 +++ libtransmission/makemeta.c2009-06-19 11:21:37.0 +0200 @@ -274,7 +274,7 @@ tr_benc * uninitialized_path ) { const char *pch, *prev; -const size_t topLen = strlen(topFile) + 1; /* +1 for '/' */ +const size_t topLen = strlen(topFile); int n; /* get the file size */ if topFile contains a final slash, it will be taken in account by strlen. So far, this patch seems to cause no side effects neither with -cli nor -gtk. Regards -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.30 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages transmission-cli depends on: ii libc6 2.7-18 GNU C Library: Shared libraries ii libcurl37.18.2-8lenny2 Multi-protocol file transfer libra ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries ii transmission-common 1.22-1 free, lightweight BitTorrent clien transmission-cli recommends no packages. transmission-cli suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#533628: transmission-cli: Segmentation Fault if no announce URL given when creating a torrent
Package: transmission-cli Version: 1.22-1 Severity: minor Tags: patch If you try to create a torrent (-c option) and dont give an announce URL (-a option), transmissioncli segfaults. Here are two patches, the 1st one prevents the segmentation fault, the second display an error message at command line parsing. --- libtransmission/utils.c2008-06-14 00:00:42.0 +0200 +++ libtransmission/utils.c.new2009-06-19 14:20:32.0 +0200 @@ -968,6 +968,9 @@ const char * host = NULL; const char * path = NULL; +if (!(url_in *url_in)) + return TRUE; + tmp = tr_strndup( url_in, len ); if(( pch = strstr( tmp, :// ))) --- cli/transmissioncli.c2008-06-14 00:00:51.0 +0200 +++ cli/transmissioncli.c.new2009-06-19 14:20:47.0 +0200 @@ -221,14 +221,22 @@ if( sourceFile *sourceFile ) /* creating a torrent */ { int err; -tr_metainfo_builder * builder = tr_metaInfoBuilderCreate( h, sourceFile ); -tr_makeMetaInfo( builder, torrentPath, announce, comment, isPrivate ); -while( !builder-isDone ) { -tr_wait( 1000 ); -printf( . ); +if (!(announce *announce)) +{ +err=-1; +fprintf( stderr, You must specify an annouce URL to create a torrent\n); +} +else +{ +tr_metainfo_builder * builder = tr_metaInfoBuilderCreate( h, sourceFile ); +tr_makeMetaInfo( builder, torrentPath, announce, comment, isPrivate ); +while( !builder-isDone ) { +tr_wait( 1000 ); +printf( . ); +} +err = builder-result; +tr_metaInfoBuilderFree( builder ); } -err = builder-result; -tr_metaInfoBuilderFree( builder ); return err; } -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.30 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages transmission-cli depends on: ii libc6 2.7-18 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1 common error description library ii libcurl37.18.2-8lenny2 Multi-protocol file transfer libra ii libidn111.8+20080606-1 GNU libidn library, implementation ii libkrb531.6.dfsg.4~beta1-5lenny1 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libssh2-1 0.18-1 SSH2 client-side library ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries ii transmission-co 1.22-1 free, lightweight BitTorrent clien ii zlib1g 1:1.2.3.3.dfsg-12compression library - runtime transmission-cli recommends no packages. transmission-cli suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503069: Testing your solution
Hi, Sorry for answering so late, I just saw your reply. I'm gonna test your solution and tell you if it works in my case. Regards, -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: libqt4-network: Locally installed root CAs not read
Package: libqt4-network Version: 4.4.3-1 Severity: grave Justification: user security hole Tags: patch security Applications using QT SSL Layer fail to verify SSL encrypted connexion because system-wide installed certificates authorities are not read (can be verified with strace) For example, mumble cannot verify that a server it connects to has a good certificate even if the root CA is locally installed (but mumble won't work if there is intermediate certificate but this is a mumble-server bug that will be fixed in 1.2). Here is my patch to fix the problem : diff -Naur qt4-x11-4.4.3/src/network/ssl/qsslsocket_openssl.cpp qt4-x11-4.4.3-sslfix/src/network/ssl/qsslsocket_openssl.cpp --- qt4-x11-4.4.3/src/network/ssl/qsslsocket_openssl.cpp 2008-09-27 10:58:47.0 +0200 +++ qt4-x11-4.4.3-sslfix/src/network/ssl/qsslsocket_openssl.cpp 2009-05-25 15:16:39.0 +0200 @@ -466,7 +466,7 @@ QListQSslCertificate QSslSocketPrivate::systemCaCertificates() { -#ifdef QQ_OS_UNIX +#ifdef Q_OS_UNIX // Check known locations for the system's default bundle. ### On Windows, // we should use CAPI to find the bundle, and not rely on default unix // locations. @@ -479,13 +479,16 @@ #endif 0}; const char **it = standardLocations; +QListQSslCertificate certs; QStringList nameFilter; nameFilter QLatin1String(*.pem) QLatin1String(*.crt); while (*it) { -if (QDirIterator(QLatin1String(*it), nameFilter).hasNext()) -return certificatesFromPath(QLatin1String(*it)); + QDirIterator certfilesIt(QLatin1String(*it), nameFilter); +while (certfilesIt.hasNext()) +certs += QSslCertificate::fromPath(certfilesIt.next()); ++it; } +return certs; #endif // Qt provides a default bundle when we cannot detect the system's default The problem has been reported to QT but I don't know if it has been fixed and how... I consider it as a grave problem because a user can't verify the identity of a server he connects to. -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.29.4 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libqt4-network depends on: ii libc6 2.7-18GNU C Library: Shared libraries ii libgcc11:4.3.2-1.1 GCC support library ii libqtcore4 4.4.3-1 Qt 4 core module ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3 ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime libqt4-network recommends no packages. libqt4-network suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#530532: Acknowledgement (libqt4-network: Locally installed root CAs not read)
Hi, Reading this bug report on mumble might help you to analyse the problem : https://sourceforge.net/tracker/?func=detailaid=2793899group_id=147372atid=768005 Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529413: mumble-server: Own proper SSL certificate not taken in account
Package: mumble-server Version: 1.1.4-4+lenny1 Severity: normal I set up a authority signed SSL certificate for use with mumble-server, and configured the ini configuration file this way : # If you have a proper SSL certificate, you can provide the filenames here. sslCert=/var/lib/mumble-server/speak.xxx.net.cert.pem sslKey=/var/lib/mumble-server/speak.xxx.net.key.pem When I launch the server with strace, it reports that it reads the files : open(/var/lib/mumble-server/speak.xxx.net.cert.pem, O_RDONLY|O_LARGEFILE) = 11 fcntl64(11, F_SETFD, FD_CLOEXEC)= 0 stat64(/var/lib/mumble-server/speak.xxx.net.cert.pem, {st_mode=S_IFREG|0644, st_size=6748, ...}) = 0 stat64(/var/lib/mumble-server/speak.xxx.net.cert.pem, {st_mode=S_IFREG|0644, st_size=6748, ...}) = 0 stat64(/var/lib/mumble-server/speak.xxx.cert.pem, {st_mode=S_IFREG|0644, st_size=6748, ...}) = 0 fstat64(11, {st_mode=S_IFREG|0644, st_size=6748, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77b1000 read(11, Certificate:\nData:\nVe..., 4096) = 4096 read(11, :db:96:f0:44:08:7e:2b:d3:\n ..., 4096) = 2652 read(11, ..., 4096) = 0 close(11) = 0 munmap(0xb77b1000, 4096)= 0 open(/var/lib/mumble-server/speak.xxx.net.key.pem, O_RDONLY|O_LARGEFILE) = 11 fcntl64(11, F_SETFD, FD_CLOEXEC)= 0 stat64(/var/lib/mumble-server/speak.xxx.net.key.pem, {st_mode=S_IFREG|0640, st_size=3243, ...}) = 0 stat64(/var/lib/mumble-server/speak.xxx.net.key.pem, {st_mode=S_IFREG|0640, st_size=3243, ...}) = 0 stat64(/var/lib/mumble-server/speak.xxx.net.key.pem, {st_mode=S_IFREG|0640, st_size=3243, ...}) = 0 fstat64(11, {st_mode=S_IFREG|0640, st_size=3243, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77b1000 read(11, -BEGIN RSA PRIVATE KEY-\nM..., 4096) = 3243 read(11, ..., 4096) = 0 close(11) = 0 -- But when I connect to the server with debian lenny's client, the certificate the server presents is still a self signed one -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Kernel: 2.6.28.4--std-ipv6-32 (SMP) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529413: Acknowledgement (mumble-server: Own proper SSL certificate not taken in account)
Hi, I found a work around : * stop the mumble-server * install sqlite3 * open the mumble-server database $ sqlite3 /var/lib/mumble-server/mumble-server.sqlite * execute the following SQL command : delete from config where keystring=key OR keystring=certificate; .quit * start the mumble-server, the certificates should now work Regards, François. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503069: What's up ?
Hi, I still have no answer to this bug report after one week. Do you need more informations ? Regards, François. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#503069: Apache 2.2.3-4+etch5 (apache2-mpm-worker) mod_rewrite BUG
Package: apache2-mpm-worker Version: 2.2.3-4+etch5 Severity: important According to http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule : The Substitution of a rewrite rule is the string that replaces the original URL-path that was matched by Pattern. The Substitution may be a: [...] *file-system path* Designates the location on the file-system of the resource to be delivered to the client. URL-path A DocumentRoot-relative path to the resource to be served. *Note that mod_rewrite tries to guess whether you have specified a file-system path or a URL-path by checking to see if the first segment of the path exists at the root of the file-system.* For example, if you specify a Substitution string of /www/file.html, then this will be treated as a URL-path unless a directory named www exists at the root or your file-system, in which case it will be treated as a file-system path. If you wish other URL-mapping directives (such as Alias) to be applied to the resulting URL-path, use the [PT] flag as described below. [...] TEST CASE: 1. In apache2.conf, add the following section FilesMatch \.test$ Options FollowSymLinks RewriteEngine On RewriteRule ^(.*)$ $1.gz [L,PT] /FilesMatch 2. touch DocumentRoot/bar.test.gz 3. Access http://localhost/bar.test http://localhost/foo ACTUAL RESULT: You get an error page The requested URL DocumentRoot/bar.test.gz was not found on this server., because the substitution gets interpreted as URL relative to DocumentRoot For example, if the document root is /var/www/example/ you'll find in the error log File does not exist: /var/www/example/var EXPECTED: The file DocumentRoot/bar.test.gz should be served. A similar bug has already be filed on Ubuntu's bugtracking by someone else here : https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/174282 I guess it is related but the bug has been closed because it lacks the information we need to investigate the problem. By advance, thanks. François. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]