Bug#777695: ITA: tiff -- TIFF manipulation and conversion documentation

[Ondrej Sury]

Control: retitle -1 ITA: tiff -- TIFF manipulation and conversion documentation
Control: owner -1 !

Hi Jay,

as I happen to maintain now default libjpeg library, it seems only
logical I will take over this as well.

Do you need a help with the two RC bugs that are lingering in BTS
right now?

Cheers,
Ondrej


signature.asc
Description: Digital signature

Bug#500743: Segmentation fault in running bind9

[Ondrej Sury]

Hi Simon,

Try running memtest on your machine for some time (over a night f.e.)  
and report back.


Ondrej Sury

On Oct 1, 2008, at 1:04, Simon Waters <[EMAIL PROTECTED]> wrote:


Package: bind9
Version: 1:9.5.0.dfsg.P2-1
Severity: important


syslog.log
Sep 30 23:23:54 derek kernel: [791273.512364] named[2244]: segfault  
at dededef2 ip b7eaad0e sp b7549f90 error 7 in libdns.so. 
43.0.1[b7e4+141000]


I use bind9 running locally on my desktop box as the local recursive
resolver. Although this box has some unusual history (ran sid) as  
far as I can

ascertain it is running correct version of bind9 and libraries for
lenny. The bind9 config is relatively straight forward, and close to  
the

Debian default, with addition of some local authoritative zones.

Twice recently bind9 has stopped, dumping two core files in
/var/cache/bind. On both occasions problems were seen resolving some  
names

(reporting timeouts) immediately before the crash.

-rw--- 1 bind bind 58179584 2008-09-30 23:23 core.2243
-rw--- 1 bind bind 43302912 2008-09-22 19:58 core.2463

On one occasion I immediately ran "rndc dumpdb" when I encountered
issues with name resolution, and the crash took place a few seconds
after the database was written to /var/cache/bind/named_dump.db

-rw-r--r-- 1 bind bind81933 2008-09-30 23:20 named_dump.db

Please advise if this information would be useful in diagnosing bind
issues.

If any libraries are the wrong version for lenny I will probably
reinstall. I couldn't see other reports of this issue, although there
are other reports of bind silently stopping, which could be related.

Running gdb -c /var/cache/named/core. gave;

gdb -c /var/cache/bind/core.2243
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
(no debugging symbols found)
Core was generated by `/usr/sbin/named -u bind'.
Program terminated with signal 11, Segmentation fault.
[New process 2244]
[New process 2247]
[New process 2246]
[New process 2245]
[New process 2243]
#0  0xb7eaad0e in ?? ()

gdb -c core.2463
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
(no debugging symbols found)
Core was generated by `/usr/sbin/named -u bind'.
Program terminated with signal 11, Segmentation fault.
[New process 2464]
[New process 2467]
[New process 2466]
[New process 2465]
[New process 2463]
#0  0xb7e0b6d3 in ?? ()

daemon.log entries for most recent issue.

Sep 30 23:18:53 derek named[2243]: too many timeouts resolving
'www.l.google.com
/A' (in 'l.google.com'?): disabling EDNS
Sep 30 23:19:08 derek last message repeated 19 times
Sep 30 23:19:48 derek named[2243]: too many timeouts resolving
'NS7.NIC.uk/A' (i
n 'uk'?): disabling EDNS
Sep 30 23:20:07 derek last message repeated 27 times
Sep 30 23:20:42 derek named[2243]: received control channel command
'dumpdb'
Sep 30 23:20:42 derek named[2243]: dumpdb started
Sep 30 23:20:42 derek named[2243]: dumpdb complete
Sep 30 23:30:35 derek named[18257]: starting BIND 9.5.0-P2 -u bind

-- System Information:
Debian Release: lenny/sid
 APT prefers testing
 APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages bind9 depends on:
ii  adduser   3.110  add and remove users  
and groups

ii  bind9utils1:9.5.0.dfsg.P2-1  Utilities for BIND
ii  debconf [debconf-2.0] 1.5.22 Debian configuration  
management sy
ii  libbind9-40   1:9.5.0.dfsg.P2-1  BIND9 Shared Library  
used by BIND
ii  libc6 2.7-13 GNU C Library: Shared  
libraries
ii  libcap2   2.11-2 support for getting/ 
setting POSIX.
ii  libdb4.6  4.6.21-10  Berkeley v4.6 Database  
Libraries [
ii  libdns43  1:9.5.0.dfsg.P2-1  DNS Shared Library used  
by BIND
ii  libisc44  1:9.5.0.dfsg.P2-1  ISC Shared Library used  
by BIND
ii  libisccc401:9.5.0.dfsg.P2-1  Command Channel Library  
used by BI
ii  libisccfg40   1:9.5.0.dfsg.P2-1  Config File Handling  
Library used
ii  libkrb53  1.6.dfsg.4~beta1-4 MIT Kerberos ru

Bug#390492: removal of pdftohtml

[Ondrej Sury]

On Sun, 2006-10-01 at 16:49 +0200, Frederic Peters wrote:
> Package: ftp.debian.org
> 
> Hi Moritz, hi Ondrej, hi ftp-masters,
> 
> Ondrej, ftp-master: this is discussion about removing the pdftohtml I
> maintain since poppler builds a functional equivalent as part of
> poppler-utils package.
> 
> It is triggered by Moritz wrt regular xpdf security issues (pdftohtml
> embeds a copy of xpdf code).
> 
> I wrote:
> 
> > > Sorry I forgot to answer you.  I had a look to poppler-utils pdftohtml
> > > (from experimental) and the only difference is in the unit used for
> > > dimensions and coordinates; this is only about XML output.
> > > 
> > > This bugged me since I would have to update my scripts but I believe
> > > this is minor with regards to security benefits we gain using a single
> > > code base.
> > > 
> > > So I would say you could create a transitional pdftohtml package from
> > > poppler-utils and request removal of pdftohtml.  Perhaps a NEWS.Debian
> > > is approriate for this transitional package, with a note about unit
> > > change.
> 
> And Moritz answered:
> 
> > As you're listed as maintainer and I'm busy with Security work, could
> > you prepare that before Etch freeze? Otherwise we could make it RC and
> > have it fixed as part of one the BSPs.
> 
> Request filed against ftp.debian.org.
> 
> Ondrej: once pdftohtml is removed, would you building a transitional
> pdftohtml package with the appropriate NEWS.Debian ?  I obviously can
> prepare a NMU if you want.

I am waiting for poppler-data to propagate through testing.  I will
upload poppler 0.5.x to unstable then.  I think it would be better to
prepare dummy transitional package from pdftohtml package, so poppler is
not stuck in NEW, we can get rid of pdftohtml source package after etch
is out.  What do you think?

Ondrej.
-- 
Ondřej Surý <[EMAIL PROTECTED]> http://blog.rfc1925.org/


signature.asc
Description: This is a digitally signed message part

Bug#386041: [php-maint] Bug#386041: libapache2-mod-php4: segmentation faults in shutdown_memory_manager()

[Ondrej Sury]

> extension=memcache.so ; build from pecl
> extension=fileinfo.so ; build from pecl

Ok, now try disabling those two nonstandard modules.  (Keep eaccel
disabled).  My next suspect would be memcache since it does store
objects in memory and that segfault is in memory management.

Ondrej.

On Tue, 2006-09-05 at 02:23 +0400, proforg wrote:
> EAccelerator disabled, but apache still crashes.
> 
> some additional information from apache error.log:
> 
> *** glibc detected *** corrupted double-linked list: 0x0172bdc0 ***
> [Tue Sep 05 02:07:28 2006] [notice] child pid 19532 exit signal
> Aborted (6), possible coredump in /var/tmp/www
> 
> 
> On 9/5/06, Ondrej Sury <[EMAIL PROTECTED]> wrote:
> > tags 386041 +moreinfo
> > thank you
> >
> > > Eaccelerator 0.9.4 loaded as zend_extension
> >
> > Try disabling Eaccelerator and report if those crashes happen as well.
> > Most crashes I have seen were related to Eaccelerator.
> >
-- 
Ondřej Surý <[EMAIL PROTECTED]> http://blog.rfc1925.org/


signature.asc
Description: This is a digitally signed message part

Bug#386041: [php-maint] Bug#386041: libapache2-mod-php4: segmentation faults in shutdown_memory_manager()

[Ondrej Sury]

tags 386041 +moreinfo
thank you

> Eaccelerator 0.9.4 loaded as zend_extension

Try disabling Eaccelerator and report if those crashes happen as well.
Most crashes I have seen were related to Eaccelerator.

Ondrej.
-- 
Ondřej Surý <[EMAIL PROTECTED]> http://blog.rfc1925.org/


signature.asc
Description: This is a digitally signed message part

Bug#344203: Dirvish - new upstream - are you ok with NMU?

[Ondrej Sury]

Much better patch attached.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


dirvish_1.2.1-0.1.diff.gz
Description: GNU Zip compressed data

Bug#344203: Dirvish - new upstream - are you ok with NMU?

[Ondrej Sury]

package dirvish
tag 344203 +patch
thank you

Hi Paul,

I am using dirvish to backup my workstation and notebook.
I don't exactly remember what the problem was, but I know I ended with
updating dirvish to 1.2.1.

If you are OK with NMU, I will upload new upstream release which closes
all other bugs filled on dirvish package.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


dirvish_1.2.1-0.1.diff.gz
Description: GNU Zip compressed data

Bug#376423: Uninstallable due to versioned dep on mozilla-thunderbird (<< 1.1)

[Ondrej Sury]

tags 376423 +pending
thank you

Hi,

Hans Öfverbeck is adopting this package and he'll build all languages
from one source.

Ondrej

On Sun, 2006-07-02 at 23:20 +0200, Luk Claes wrote:
> Package: mozilla-thunderbird-locale-cs
> Severity: serious
> Version: 1.07debian-1
> 
> Hi
> 
> Your package is not installable as the needed mozilla-thunderbird
> version << 1.1 is not available anymore.
> 
> Cheers
> 
> Luk
> 
-- 
Ondrej Sury <[EMAIL PROTECTED]>

Bug#366322:

[Ondrej Sury]

package desktop-file-utils
tags 366322 +patch
thank you

-- 
Ondrej Sury <[EMAIL PROTECTED]>
diff -Nur desktop-file-utils-0.10/src/eggdesktopentries.c desktop-file-utils-0.10.new/src/eggdesktopentries.c
--- desktop-file-utils-0.10/src/eggdesktopentries.c	2004-10-18 18:02:46.0 +0200
+++ desktop-file-utils-0.10.new/src/eggdesktopentries.c	2006-05-11 12:00:11.0 +0200
@@ -1441,7 +1441,7 @@
 
   last_char_index = strlen (value) - 1;
 
-  if (value[last_char_index] == ';')
+  if (last_char_index >= 0 && value[last_char_index] == ';')
 value[last_char_index] = '\0';
 
   value_vector = g_strsplit (value, ";", 0);
@@ -2784,7 +2784,7 @@
   p++;
 }
 
-  if (p[-1] == '\\' && error == NULL)
+  if (p > value && p[-1] == '\\' && error == NULL)
 {
   g_set_error (error, EGG_DESKTOP_ENTRIES_ERROR,
EGG_DESKTOP_ENTRIES_ERROR_INVALID_VALUE,
diff -Nur desktop-file-utils-0.10/src/update-desktop-database.c desktop-file-utils-0.10.new/src/update-desktop-database.c
--- desktop-file-utils-0.10/src/update-desktop-database.c	2004-09-08 17:43:14.0 +0200
+++ desktop-file-utils-0.10.new/src/update-desktop-database.c	2006-05-11 11:59:59.0 +0200
@@ -449,6 +449,8 @@
   for (i = 0; data_dirs[i] != NULL; i++)
 args[i] = g_build_filename (data_dirs[i], "applications", NULL);
 
+  args[i] = NULL;
+
   g_strfreev (data_dirs);
 
   return (const char **) args;


signature.asc
Description: This is a digitally signed message part

Bug#373991: poppler: FTBFS: invalid conversion

[Ondrej Sury]

On Fri, 2006-06-16 at 19:07 +0200, Julien Danjou wrote:
> Package: poppler
> Version: 0.4.5-4
> Severity: serious
> 
> Hello,
> 
> There was a problem while autobuilding your package:

> > SplashFTFont.cc:24:10: error: #include expects "FILENAME" or 

Hi,

according to this ^^^ and looking into source codes it looks more like
some regression in libxft.  I will try to reproduce this error in
current sid pbuilder and get back with result...

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#369884: Needs to Pre-Depends: mysql-server

[Ondrej Sury]

tag 369884 +wontfix
severity 369884 normal
thank you

> Not only do we require mysql-server to be installed, but it needs to be
> *configured* before we can run our postinst.

That's not true.  You need configured mysql-server somewhere, it could
be either your localhost or some other dedicated place.  I won't
depend/pre-depends on mysql-server package to make one use case (all on
one box) easier just to cut of all other common use cases (more mail
servers, f.e. primary and backup mx, using one mysql server).

Ondrej
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#367229: Please provide .pc file...

[Ondrej Sury]

Package: mailutils
Version: 1:0.6.93-3

Please provide included .pc file for use with pkg-config, which is more
or less standard way how to provide info about library nowadays...

--cut here--
prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include

Name: mailutils
Description: GNU Mail abstraction library
Version: 0.6.93
Libs: -L${libdir} -lmailutils
Libs.private: -lgdbm
Cflags: -I${includedir}
--cut here--

(I am not sure about Libs.private...)

O.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#366030: blobwars: Patch to remove busyloops

[Ondrej Sury]

> Blobwars uses a busy-loop for timing purposes. This makes it use 100%
> CPU all the time, even when it is not doing anything useful. The
> attached patch removes the busy-loops and replaces them with
> calls to SDL_Delay().

Thanks for the patch.  I will send it upstream as well.  But before I
have one question: why did you added those SDL_Delay(16) on all over
places in code...  I am sure that upstream will ask as well...

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#362479: pdflatex: symbol lookup error: pdflatex: undefined symbol: _ZN6PDFDocC1EP9GooStringS1_S1_

[Ondrej Sury]

Hello,

I am going to upload new version of poppler 0.5.1 to experimental, which
provides libpoppler1 (SONAME change) and bumps shlibs as well.  Could
you please add versioned dependency to tetex-bin: libpoppler0c2 (<<
0.5.0) (or conflict with libpoppler0c2 (>= 0.5.0).  This should solve
this bug.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#362793: ITP: sks -- Cryptographic tool based on ECC

[Ondrej Sury]

This package name conflicts with the not yet uploaded SKS (Syncronising
Key Server) software.  Maybe you could pick something else?


Umm, and what about: you both pick another bit longer name, so we don't 
polute our limited package name namespace with tree letter names?


F.E. one could be: sks-openpgp and second sks-ecc

Please note that if you provide binaries with same name, you either need 
to rename binaries (I suggest sks-openpgp since it's server software and 
not commandline) or conflict each other.


Ondrej.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#301864: ITA: php-interbase

[Ondrej Sury]

retitle 301864 ITA: php4-interbase
thank you

I will build php-interbase (both php5 and php4) as part of out-of-tree
builds of php modules.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#361855: [php-maint] Bug#361855: tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2

[Ondrej Sury]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2]

Author: Maksymilian Arciemowicz (cXIb8O3)
Date:
- -Written: 26.3.2006
- -Public: 8.4.2006
from SECURITYREASON.COM
CVE-2006-1494

- --- 0.Description ---
PHP is an HTML-embedded scripting language. Much of its syntax is
borrowed from C, Java and
Perl with a couple of unique PHP-specific features thrown in. The goal
of the language is to
allow web developers to write dynamically generated pages quickly.

A nice introduction to PHP by Stig Sæther Bakken can be found at
http://www.zend.com/zend/art/intro.php on the Zend website. Also, much
of the PHP Conference
Material is freely available. 
tempnam -- Create file with unique file name

- --- 1. tempnam() open_basedir bypass ---
In function tempname() are required 2 arg`s.

http://pl.php.net/manual/en/function.tempnam.php

string tempnam ( string dir, string prefix )

So, if we have open_basedir set to /home, we can't create file
over /home directory.
In ext/standard/file.c (PHP 4.4.2)

- -550-578---
PHP_FUNCTION(tempnam)
{
pval **arg1, **arg2;
char *d;
char *opened_path;
char p[64];
FILE *fp;

if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &arg1, &arg2) ==
FAILURE) {
WRONG_PARAM_COUNT;
}
convert_to_string_ex(arg1);
convert_to_string_ex(arg2);

if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) {
RETURN_FALSE;
}

d = estrndup(Z_STRVAL_PP(arg1), Z_STRLEN_PP(arg1));
strlcpy(p, Z_STRVAL_PP(arg2), sizeof(p));

if ((fp = php_open_temporary_file(d, p, &opened_path TSRMLS_CC))) {
fclose(fp);
RETVAL_STRING(opened_path, 0);
} else {
RETVAL_FALSE;
}
efree(d);
}
- -550-578---

if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) {
RETURN_FALSE;
}

Where is arg2?
So we can write exploit like:
tempnam("path_from_open_basedir",
"../../../../../../../../Open_basedir_bypasswd");

tempnam("/home", "../../../../../../tmp/cx");

etc.

It is low issue but you can try create a lot of files and overload
inodes from HD.I have one
particion.

/var /dev/ad0s1e 1.0G 97M 858M 10% /var <- Space (B)
/dev/ad0s1e 1012974 94472 837466 10% 3796 137514 3% /var <- INODES

where mysql and apache try create some file. WWhen we overload free
inodes, system have big
problem with apache, mysql.

Example:

cxib# php -r 'function cx(){ tempnam("/www/",
"../../../../../../var/tmp/cx"); cx(); } cx();'
/var: create/symlink failed, no inodes free

/var: create/symlink failed, no inodes free

/var: create/symlink failed, no inodes free

/var: create/symlink failed, no inodes free
... etc

/usr/local/libexec/mysqld: Can't create/write to file
'/var/tmp/ibBIsZ6o' (Errcode: 13)
And mysql die()!

- --- 2. How to fix ---
CVS
http://cvs.php.net/viewcvs.cgi/php-src/NEWS

- --- 3. Greets ---

For: sp3x
and
p_e_a, pi3, eax, Infospec ;]

- --- 4. Contact ---
Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ]
Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com
GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
SecurityReason.Com

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFEOAZB3Ke13X/fTO4RAiDmAKCbBZP8JBC0F/9cB5OgUFJPgqHB4QCgon9L
kBEMIExP2TZ0+NP7l5uk9TE=
=f3i4
-END PGP SIGNATURE-
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#361854: [php-maint] Bug#361854: function *() php/apache Crash PHP 4.4.2 and 5.1.2

[Ondrej Sury]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[function *() php/apache Crash PHP 4.4.2 and 5.1.2]

Author: Maksymilian Arciemowicz (cXIb8O3)
Date:
- -Written: 21.3.2006
- -Public: 8.4.2006
from SECURITYREASON.COM
CVE-2006-1549

- --- 0.Description ---
PHP is an HTML-embedded scripting language. Much of its syntax is
borrowed from C, Java and
Perl with a couple of unique PHP-specific features thrown in. The goal
of the language is to
allow web developers to write dynamically generated pages quickly.

A nice introduction to PHP by Stig Sæther Bakken can be found at
http://www.zend.com/zend/art/intro.php on the Zend website. Also, much
of the PHP Conference
Material is freely available. 

- --- 1. function *() Crash ---
PHP4/5 is vulnerability to a local denial-of-service. General problem is
in allocated data to
memory. 

for example attack:

cxib# php -r 'function cx(){ cx(); } cx();'
Segmentation fault (core dumped)
cxib# 

Segfault.. let`s see what we have in gdb

- ---
cxib# cat /www/functionsegfault.php

cxib# gdb -q php
(gdb) r '/www/functionsegfault.php'
Starting program: /usr/local/bin/php '/www/functionsegfault.php'

Program received signal SIGSEGV, Segmentation fault.
0x080de6bd in _zval_copy_ctor (zvalue=0xbbc00260, 
__zend_filename=0x811d8c0
"/usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c",
__zend_lineno=1568)
at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c:111
111 /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c: No such
file or
directory.
in /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c
(gdb) bt
#0 0x080de6bd in _zval_copy_ctor (zvalue=0xbbc00260, 
__zend_filename=0x811d8c0
"/usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c",
__zend_lineno=1568)
at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c:111
#1 0x080f042a in execute (op_array=0x81b3880)
at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1568
#2 0x080f019a in execute (op_array=0x81b3880)
at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1719
#3 0x080f019a in execute (op_array=0x81b3880)
at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1719
#4 0x080f019a in execute (op_array=0x81b3880)
at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1719
#5 0x080f019a in execute (op_array=0x81b3880)
...
- ---

or in apache error_log

[Mon Mar 20 12:12:54 2006] [notice] child pid 744 exit signal Illegal
instruction (4)

- --- 2. Greets ---

For: sp3x
and
p_e_a, pi3, eax, Infospec ;]

- --- 3. Contact ---
Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ]
Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com
GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
SecurityReason.Com

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFEOAT43Ke13X/fTO4RAiFnAKC+vzJm1w24b4VN9CMdhE6e6a2L4QCePbp7
lNzhZke21IHXM0TvvjntXyY=
=Y7Ft
-END PGP SIGNATURE-
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#361853: [php-maint] Bug#361853: phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2

[Ondrej Sury]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2]

Author: Maksymilian Arciemowicz (cXIb8O3)
Date:
- -Written: 26.2.2006
- -Public: 8.4.2006
from SecurityReason.Com
CVE-2006-0996

- --- 0.Description ---
PHP is an HTML-embedded scripting language. Much of its syntax is
borrowed from C, Java and
Perl with a couple of unique PHP-specific features thrown in. The goal
of the language is to
allow web developers to write dynamically generated pages quickly.

A nice introduction to PHP by Stig Sæther Bakken can be found at
http://www.zend.com/zend/art/intro.php on the Zend website. Also, much
of the PHP Conference
Material is freely available. 

- --- 1. Cross Site Scripting ---
In phpinfo() you can see all Varibles like:

file: standard/info.c
- -630-636---
php_print_gpcse_array("_REQUEST", sizeof("_REQUEST")-1 TSRMLS_CC);
php_print_gpcse_array("_GET", sizeof("_GET")-1 TSRMLS_CC);
php_print_gpcse_array("_POST", sizeof("_POST")-1 TSRMLS_CC);
php_print_gpcse_array("_FILES", sizeof("_FILES")-1 TSRMLS_CC);
php_print_gpcse_array("_COOKIE", sizeof("_COOKIE")-1 TSRMLS_CC);
php_print_gpcse_array("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC);
php_print_gpcse_array("_ENV", sizeof("_ENV")-1 TSRMLS_CC);
- -630-636---

Function php_print_gpcse_array() for any arrays check 4096b of varible. 

file: standard/info.c
- -135-154---
if (Z_TYPE_PP(tmp) == IS_ARRAY) {
zval *tmp3;
MAKE_STD_ZVAL(tmp3);
if (!sapi_module.phpinfo_as_text) {
PUTS("");
}
php_start_ob_buffer(NULL, 4096, 1 TSRMLS_CC);
zend_print_zval_r(*tmp, 0);
php_ob_get_buffer(tmp3 TSRMLS_CC);
php_end_ob_buffer(0, 0 TSRMLS_CC);

elem_esc = php_info_html_esc(Z_STRVAL_P(tmp3) TSRMLS_CC);
PUTS(elem_esc);
efree(elem_esc);
zval_ptr_dtor(&tmp3);

if (!sapi_module.phpinfo_as_text) {
PUTS("");
}
} else if (Z_TYPE_PP(tmp) != IS_STRING) {
- -135-154---

So if we create array longer like 4096, html tags don't be remove.

Exploit:
If in php script is function phpinfo() try create some varibles (array)
like

phpinfo.php?cx[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]=[XSS
]

or 

phpinfo.php?cx[]=c..~4096chars...ccc[XSS]

- --- 2. How to fix ---
CVS
http://cvs.php.net/viewcvs.cgi/php-src/NEWS

- --- 3. Greets ---

For: sp3x
and
p_e_a, pi3, eax ;]

- --- 4. Contact ---
Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ]
Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com
GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
SecurityReason.Com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFEOAIl3Ke13X/fTO4RAo4LAJ0fBxJWN64vWrDYJEuhGkqc/OC42QCbBxip
f35+6LHjuBoqP5D2JV84ufs=
=iz3m
-END PGP SIGNATURE-
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#361856: [php-maint] Bug#361856: copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2

[Ondrej Sury]

turn 1 and skip security.

if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(source), NULL,
CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
}

return true.

Rest functions have checking safe_mode without path and safe mode works.
I don't have tested
all functions in php ;].

- --- 2. How to fix ---
CVS
http://cvs.php.net/viewcvs.cgi/php-src/NEWS

- --- 3. Exploit ---
http://securityreason.com/achievement_exploitalert/8

- --- 4. Greets ---

For: sp3x
and
p_e_a, eax, Infospec

- --- 5. Contact ---
Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ]
Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com
GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
SecurityReason.Com

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFEOAu93Ke13X/fTO4RApXzAKC4OuM/3vn8kyw+EP2R8YVYyH9gkgCcDCMj
2dB55e2x6sPGBJW+w9Kw/OY=
=Lfuk
-END PGP SIGNATURE-
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#361763: Can get back through door in BioMech Communications before it closes

[Ondrej Sury]

On Sun, 2006-04-09 at 21:58 -0700, Josh Triplett wrote:
> Package: blobwars
> Version: 1.05-2
> 
> In BioMech Communications, as soon as you drop into the water the door
> starts closing; however, if you immediately hop back out, the door can
> close under you, leaving you trapped on the wrong side of it, and
> forcing you to abort the level.  Screenshot attached.

I am not sure if the game should allow or not shooting yourself in your
feet :-).

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#361355: gnome_segv2 segfaults when using Solaris 2.7 X server

[Ondrej Sury]

On Fri, 2006-04-07 at 22:56 -0400, [EMAIL PROTECTED]
wrote:
> Other notes: the Solaris display is only 8 bits deep, although a test with
> a local (xserver-xorg 6.9.0.dfsg.1-6) "startx -- -depth 8" worked fine.
> Reproduced on two separate Solaris boxes.  Solaris 9 with a 24-bit display
> worked as expected.  konqueror works fine on Solaris 2.7.  (And, as I said,
> galeon used to work.)

I don't remember when we started supporting Solaris...  What platform do
you really run libgnomeui-0 on?  If it's not debian, then use your
distribution bug channel to fill bug and not debian's.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#341420: time to include dbase extension as a part of the main php5 packages?

[Ondrej Sury]

Hi Florent,

I have checked those nasty dbf_* files and there is huge problem with
them now.  They don't include any license at all, so they legal status
in more unclear then it was before.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#348882: Please add PDO

[Ondrej Sury]

Hi Simon,

Adam is working on new config system, which would allow us not to get
crazy with more and more extensions.  PDO will be added after some time
when new config system is in place.  Please be patient, thanks.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#242552: php4: enable aspell extensio

[Ondrej Sury]

aspell extension is deprecated and replaced by pspell extension, which
will be uploaded to archive very soon (and hence your bug closed).

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#355740: Only adding mysql-client as dependency doesn't solve the bug

[Ondrej Sury]

On Thu, 2006-03-16 at 23:41 +0100, Luk Claes wrote:
> Apparantly there needs also be a running server :-)

This is feature of dbconfig-common.  You need to reconfigure
postfix-policyd with:

dpkg-reconfigure --priority low postfix-policyd

to be able to change host running mysqld, since mysql server doesn't
have to be running on same host as postfix-policyd.

(Check debconf-get-selections | grep postfix-policyd)

# Host name of the MySQL database server for postfix-policyd:
postfix-policyd postfix-policyd/remote/host select
# Connection method for MySQL database of postfix-policyd:
postfix-policyd postfix-policyd/mysql/methodselect  unix socket

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#357040: suggestion: default to caseless usernames

[Ondrej Sury]

> please change the option 'lmtp_downcase_rcpt:' in /etc/imapd.conf to 
> 'yes' as the default. It is disabled by default so that usernames become 
> case sensitive.

I am for keeping status quo.

If you want to setup such _complicated_ mailserver as cyrus is, then you
are obliged to read documentation first and then you don't have this
problem.

> Needless to say, it leaves you without a clue. The only hint is an entry 
> in the logfile about an LMTP error. If you don't check the logs, you 
> might never notice that mail is rejected.

You should check the logs anyway, so what's the problem?

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#355144: Poppler rendering problems

[Ondrej Sury]

On Fri, 2006-03-03 at 10:16 -0500, Andrew Clausen wrote:
> Package: poppler

Could you please send me reportbug output, or at least versions of
poppler installed on your system?

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#347789: [Fwd: Re: "Error: Couldn't open 'nameToUnicode' file" while using evince]

[Ondrej Sury]

package poppler
retitle 347789 don't include xpdf configuration when xpdf-common is removed
severity 347789 wishlist
thank you

Ok, I am lowering severity to wishlist, since this bug is semi-valid.
It would be nice thing to have, to not include xpdf configuration when
xpdf-common is removed, but not purged.  Currently I am not able to
think of any solution, but this could change in future :-).

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>
--- Begin Message ---

Ondrej Sury wrote:

while looking into source code it looks like you have xpdfrc somewhere
on your system.  poppler is parsing (propably for compatibility reasons)
xpdfrc configuration file, which could be the place
mentioning /usr/share/xpdf/ mapping files.
  
I discovered I had a set of /etc/xpdf/* files that were causing the 
problem, which were leftovers from an old xpdf-common install.  
Reinstalling xpdf-common, and then purging it fixed the error.


Tom Parker

--- End Message ---


signature.asc
Description: This is a digitally signed message part

Bug#347789: "Error: Couldn't open 'nameToUnicode' file" while using evince

[Ondrej Sury]

Hi Tom,

while looking into source code it looks like you have xpdfrc somewhere
on your system.  poppler is parsing (propably for compatibility reasons)
xpdfrc configuration file, which could be the place
mentioning /usr/share/xpdf/ mapping files.

Ie. it looks like just as simple configuration bug.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#352522: libpoppler0c2: Please package newest version

[Ondrej Sury]

> Please package newest version (0.5.0 as of this writing), it really
> helps Evince display and print a lot of PDF.

poppler 0.5.0 is unstable upstream branch.  If it will be packaged then
it will be in experimental.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#351634: ftbfs: Package requirements (gnome-doc-utils >= 0.3.2) were not met

[Ondrej Sury]

On Mon, 2006-02-06 at 15:06 +0100, Max Kellermann wrote:
> On 2006/02/06 14:50, Ondrej Sury <[EMAIL PROTECTED]> wrote:
> > Sure, this is what you get by mixing apples and pears.  This situation
> > cannot ever happen in testing/unstable and if you trying to backport
> > GNOME 2.12 you have to backport whole suite and not just some parts.
> 
> Your control file does not support this claim.  If I had to backport
> all of the GNOME 2.12 packages, then it would be up to the package
> maintainer (i.e. you) to declare proper build dependencies.

Build dependency must be created in such way that package builds on
distribution which is intended for (unstable - testing).  I am not aware
of any obligation to provide build dependency for every possible case
which could happen (ie. building on stable, ubuntu, whatever).  And
testing+unstable holds 0.5.2-1 version of gnome-pkg-tools.

If you are backporting unstable packages to stable then you must expect
some effort on your side (ie. playing with build depends, backporting
some additional packages, etc.)

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#351634: ftbfs: Package requirements (gnome-doc-utils >= 0.3.2) were not met

[Ondrej Sury]

On Mon, 2006-02-06 at 11:52 +0100, Max Kellermann wrote:
> Package: gnome-desktop
> Version: 2.12.2-2
> Tags: FTBFS
> Severity: minor
> 
> The build dependency on gnome-doc-utils does not require a specific
> version.  Upstream's configure however complains:
> 
> checking for GDU_MODULE_VERSION_CHECK... configure: error: Package
> requirements (gnome-doc-utils >= 0.3.2) were not met.

Sure, this is what you get by mixing apples and pears.  This situation
cannot ever happen in testing/unstable and if you trying to backport
GNOME 2.12 you have to backport whole suite and not just some parts.

I will add this dependency to SVN and will get included in next upload
to unstable.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#322774: ddccontrol

[Ondrej Sury]

Hi Roberto,

are you still interested in packaging ddccontrol?  If not or your
resources are spare, I'll make package part of Debian GNOME packaging
team and upload package into unstable.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#346534: ITP: gnome-presence-applet -- GNOME presence applet for Galago

[Ondrej Sury]

On Sun, 2006-01-08 at 18:49 +0100, Riccardo Setti wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Riccardo Setti <[EMAIL PROTECTED]>
> 
> 
> * Package name: gnome-presence-applet
>   Version : 0.3.1
>   Upstream Author : Christian Hammond <[EMAIL PROTECTED]> 
> * URL : http://www.galago-project.org/
> * License : GPL
>   Description : GNOME presence applet for Galago

> * Package name: eds-feed
>   Version : 0.3.2
>   Upstream Author : Christian Hammond <[EMAIL PROTECTED]>
> * URL : http://www.galago-project.org
> * License : GPL
>   Description : Evolution Data Server feed for Galago

I think that you should name those packages so that it includes galago
in it's name, f.e.:

galago-presence-applet
galago-eds-feed

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#325121: dropdown menus have lots of empty space

[Ondrej Sury]

> As can be seen here:
> http://krogh.cc/~jesper/gnome-dictionary-bug.png
> The pull down menu in the dictionary client is blank in the top and has 
> a scrool-further-down thingy in the bottom. 

I can confirm it.  I see this behaviour on my system from time to
time...  As I recall it, it happens when dropdown menu is close to edge
of screen (ie. has lots of options).

I thinks it's time for filling upstream bug.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#345313: general: after upgrade in testing many gtk grograms do not run

[Ondrej Sury]

reassign 345313 libgtk2.0-0 2.8.9-2
retitle 345313 libgtk2.0-0: after upgrade in testing many gtk grograms do not 
run
thank you

Hi Marcin,

please as first thing to do is to go read:
http://www.debian.org/Bugs/Reporting

After you read and understood what did you do wrong when you filled
'general' bug, please add more information.  Strace of nested library
(wx) is not really usefull.  We need:

1. Exact versions of affected libraries (libglib2.0-0, libgtk2.0-0).
2. strace of much simpler program then amule (f.e. gmpc which you
mentioned).  It won't hurt if you include two straces of different gtk+
programs

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#344738: ITA: poppler - a PDF rendering library

[Ondrej Sury]

retitle 344738 ITA: poppler - a PDF rendering library
thank you

I will adopt this package on behalf of GNOME team.

Ondrej
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#345133: [Pkg-Cyrus-imapd-Debian-devel] Bug#345133: [l10n] Czech translation for cyrus21-imapd

[Ondrej Sury]

Attaching version with fixed typo adreář vs. adresář.

On Thu, 2005-12-29 at 10:38 +0100, Martin Šín wrote:
> Package: cyrus21-imapd
> Severity: wishlist
> Tags: l10n, patch

Díky.

-- 
Ondrej Sury <[EMAIL PROTECTED]>
# Czech translation of cyrus21-imapd templates
#
msgid ""
msgstr ""
"Project-Id-Version: cyrus21-imapd\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-12-10 09:48-0700\n"
"PO-Revision-Date: 2005-12-29 09:37+0100\n"
"Last-Translator: Martin Sin <[EMAIL PROTECTED]>\n"
"Language-Team: Czech <[EMAIL PROTECTED]>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#. Type: note
#. Description
#: ../cyrus21-common.templates:3
msgid "Database backends have changed!"
msgstr "Backendy databáze se změnily!"

#. Type: note
#. Description
#: ../cyrus21-common.templates:3
msgid ""
"Comparison between /usr/lib/cyrus/cyrus-db-types.txt and /usr/lib/cyrus/"
"cyrus-db-types.active shows that database backends for Cyrus IMAPd have been "
"changed."
msgstr ""
"SrovnĂĄnĂ­ mezi /usr/lib/cyrus/cyrus-db-types.txt a /usr/lib/cyrus/cyrus-db-"
"types.active ukázalo, že se změnil backend databáze pro Cyrus IMAPd."

#. Type: note
#. Description
#: ../cyrus21-common.templates:3
msgid ""
"This means that those databases for which the database backends changed "
"might need to be converted manually to the new format, using the cvt_cyrusdb"
"(8) utility."
msgstr ""
"To znamená, že ty databáze, u kterých se databázové backendy změnily, budou "
"možná vyžadovat ruční převod do nového formátu utilitou cvt_cyrusdb(8)."

#. Type: note
#. Description
#: ../cyrus21-common.templates:3
msgid ""
"Please refer to /usr/share/doc/cyrus21-common/README.Debian.database for "
"more information.  Do not start cyrmaster until you have converted the "
"databases to the new format."
msgstr ""
"Pro vĂ­ce informacĂ­ se prosĂ­m podĂ­vejte do /usr/share/doc/cyrus21-common/"
"README.Debian.database. Nespouštějte cyrmaster, dokud nepřevedete databáze "
"do novĂŠho formĂĄtu."

#. Type: boolean
#. Description
#: ../cyrus21-common.templates:19
msgid "Remove the Cyrus spools, and user sieve scripts?"
msgstr "Odstranit spool adresáře Cyrusu a uživatelské Sieve skripty?"

#. Type: boolean
#. Description
#: ../cyrus21-common.templates:19
msgid ""
"Should I remove the Cyrus mail and news spools, as well as the user's sieve "
"scripts, when the package is purged ?"
msgstr ""
"Mám při odstranění balíčku smazat spool adresář s poštou, news příspěvky a "
"takĂŠ uĹživatelskĂŠ filtrovacĂ­ skripty v jazyce Sieve?"

#. Type: boolean
#. Description
#: ../cyrus21-common.templates:19
msgid ""
"This question only applies to the default spools and sieve script "
"directories in /var.  If you modified their location in imapd.conf, the new "
"locations will not be removed; just the old ones in /var."
msgstr ""
"Tato otázka se týká pouze výchozích spool adresářů a Sieve skriptů ve /var. "
"Při změně jejich umístění v imapd.conf nebude odstraněno jejich nové "
"umístění, ale pouze jejich staré ve /var."



signature.asc
Description: This is a digitally signed message part

Bug#341420: [php-maint] Bug#341420: time to include dbase extension as a part of the main php5 packages?

[Ondrej Sury]

On Wed, 2005-11-30 at 14:54 +0100, florent GIRAUD wrote:
> There is no restriction for non commercial use any more. What about 
> integrating it in the php5 package?

Could you please raise it on [EMAIL PROTECTED] or contact upstream
author for clarification?  Fact that non-comercial license disapperead
from PECL distributed files could not be same as upstream license
change.  Or if you can point us to more reliable source (upstream site?)
of information...

I would rather double check licensing than run into some nasty issue
later.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#321933: php-mcrypt-5.0.5 package available

[Ondrej Sury]

Hi Allard,

I would be happy to sponsor your package, if you are willing to take
care of bugs in it.  Just send me location of your package and I will
check it and then possibly upload it to archive.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#344137: [php-maint] Bug#344137: Why is GMP not included?

[Ondrej Sury]

On Tue, 2005-12-20 at 12:00 +0100, Christian Hammers wrote:
> Package: php5-common
> Version: 5.0.5-3
> Severity: wishlist
> 
> Hello
> 
> I'm missing the GMP (big number math) module in PHP5. bcmath is 
> included but judging from the docs, gmp seems to have much more
> functions.
> 
> If you excluded GMP due to too many bugs, lack of upstream support
> etc, see this as a wishlist bug to either document this fact or
> leave it tagged as wontfix for other users who wonder why :-)

Hi Christian,

as I see it, it's more fact that phpX has already too many modules
enabled which we need to care of (and they are full of bugs).  So what
we currently recommend is to go the way of php-imap source package which
builds modules for php4 and php5 itself as standalone package and thus
allowing to distribute care of phpX packages to more debian developers
(Hint hint :-).

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#282470: nsd: [PATCH] Support running multiple instances

[Ondrej Sury]

package nsd
tags 282470 +wontfix
thank you

Hello Tommi,

I had quick discussion with upstream authors and we came to agreement,
that people who wants to run multiple instances of nsd are already able
to do so and for others it would just complicate deploying nsd.  There
are too many posibilities (consider each instance running in separate
chroot environment) which you cannot cover by single debian package, so
I decided to use KISS principle and I am not going to add your patch to
nsd package.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#282470: nsd: [PATCH] Support running multiple instances

[Ondrej Sury]

Hi,

would you be willing to rewrite your patch for new 2.3.3-1 release?
nsdc has changed for sure between 2.1.x and 2.3.x

I am also speaking to upstream about your wish, so maybe it will get
included into upstream (or some other implementation of same idea).

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#341532: ITP: mozilla-thunderbird-locale-cs -- Mozilla Thunderbird Czech Language/Region Package

[Ondrej Sury]

Package: wnpp
Severity: wishlist
Owner: "Ondrej Sury" <[EMAIL PROTECTED]>


* Package name: mozilla-thunderbird-locale-cs
  Version : 1.07debian
  Upstream Author : Czilla Team <[EMAIL PROTECTED]>
* URL : http://www.czilla.org/
* License : Mozilla Public License 1.1
  Description : Mozilla Thunderbird Czech Language/Region Package


 Czech Menu/Message resource an Region property package for Mozilla
 Thunderbird.
 .
 Homepage: http://www.czilla.org

Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-10-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#332929: gyrus: email of an upstream author in copyright file is wrong. please check the AUTHORS file.

[Ondrej Sury]

Your bug report has two problems:

1. content of bug report is only in subject
   - it wouldn't hurt you to fill in information in body of this 
 report, you could also include content of AUTHORS file

2. severity is wrong, use reportbug if you are unsure which severity
   to choose

normal - a bug that does not undermine the usability of the whole package;
 for example, a problem with a particular option or menu item.

minor  - things like spelling mistakes and other minor cosmetic errors
 that do not affect the core functionality of the package.

You should have used `minor' severity, also `wishlist' would qualify as
well.

Please try to report bug in correct way, it will help your bug reports
to be taken seriously.

Ondrej.
P.S.: I will correct this with new upstream release or new upload which
fixes some serious bug(s).

On Sun, 2005-10-09 at 17:16 +0200, Claudio Saavedra wrote:
> Package: gyrus
> Version: 0.3.5-1
> Severity: normal
> 
> 
> -- System Information:
> Debian Release: testing/unstable
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: i386 (i686)
> Shell:  /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.12-1-686
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> 
> Versions of packages gyrus depends on:
> ii  libart-2.0-2  2.3.17-1   Library of functions for 2D 
> graphi
> ii  libatk1.0-0   1.10.3-1   The ATK accessibility toolkit
> ii  libbonobo2-0  2.10.1-1   Bonobo CORBA interfaces library
> ii  libbonoboui2-02.10.1-1   The Bonobo UI library
> ii  libc6 2.3.5-6GNU C Library: Shared libraries 
> an
> ii  libgconf2-4   2.10.1-6   GNOME configuration database 
> syste
> ii  libglade2-0   1:2.5.1-2  library to load .glade files at 
> ru
> ii  libglib2.0-0  2.8.3-1The GLib library of C routines
> ii  libgnet2.0-0  2.0.7-1GNet network library
> ii  libgnome2-0   2.10.1-1   The GNOME 2 library - runtime 
> file
> ii  libgnomecanvas2-0 2.10.2-2   A powerful object-oriented 
> display
> ii  libgnomeprint2.2-02.10.3-3   The GNOME 2.2 print architecture 
> -
> ii  libgnomeprintui2.2-0  2.10.2-2   GNOME 2.2 print architecture 
> User 
> ii  libgnomeui-0  2.10.1-1   The GNOME 2 libraries (User 
> Interf
> ii  libgnomevfs2-02.10.1-5   The GNOME virtual file-system 
> libr
> ii  libgtk2.0-0   2.6.10-1   The GTK+ graphical user 
> interface 
> ii  libice6   6.8.2.dfsg.1-8 Inter-Client Exchange library
> ii  liborbit2 1:2.12.2-3 libraries for ORBit2 - a CORBA 
> ORB
> ii  libpango1.0-0 1.8.2-3Layout and rendering of 
> internatio
> ii  libpopt0  1.7-5  lib for parsing cmdline 
> parameters
> ii  libsm66.8.2.dfsg.1-8 X Window System Session 
> Management
> ii  libxml2   2.6.22-1   GNOME XML library
> ii  xlibs 6.8.2.dfsg.1-8 X Window System client libraries 
> m
> ii  zlib1g1:1.2.3-4  compression library - runtime
> 
> gyrus recommends no packages.
> 
> -- no debconf information
> 
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332810: remove libbonobo-activation-dev as build dependency

[Ondrej Sury]

On Sat, 2005-10-08 at 20:46 +0200, Loïc Minier wrote:
> Hi,
> 
> On Sat, Oct 08, 2005, Ondrej Sury wrote:
> > libbonobo-activation-dev is deprecated and will be removed from archive.
> > Please update build-dependency and remove libbonobo-activation-dev as
> > build-dependency
> 
>  Please confirm:
>  The build-dep just needs to be removed, and the newer libbonobo will
>  work as the previous combination of libbonobo + activation without any
>  required update?

According to #debian-gtk-gnome libbonobo-activation functionality was
merged into libbonobo(ui).  mozilla-bonobo is not linked to
libbonobo-activation neither in stable nor unstable.

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#330677: Please remove bonobo-activation from unstable

[Ondrej Sury]

On Sat, 2005-10-08 at 19:41 +0200, Jeroen van Wolffelaar wrote:
> tags 330677 moreinfo
> thanks
> 
> On Fri, Sep 30, 2005 at 09:22:06AM +0200, Ondrej Sury wrote:
> > bonobo-activation is deprecated and no package in unstable currently
> > depends on it.
> 
> ** drivel has an unsatisfied build-dependency: bonobo-activation
> ** gnome-pilot has an unsatisfied build-dependency: bonobo-activation
> ** mail-notification has an unsatisfied build-dependency: 
> libbonobo-activation-dev (>= 2.4.0)
> ** mozilla-bonobo has an unsatisfied build-dependency: 
> libbonobo-activation-dev
> ** sodipodi has an unsatisfied build-dependency: libbonobo-activation-dev
> ** teg has an unsatisfied build-dependency: libbonobo-activation-dev
> Did you file bugs on those reverse build-dependencies?

I did. #332808-#332813

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332813: remove libbonobo-activation-dev as build dependency

[Ondrej Sury]

Package: mail-notification
Version: 2.0-1
Severity: important
Justification: bonobo-activation is deprecated as build-depend

libbonobo-activation-dev is deprecated and will be removed from archive.
Please update build-dependency and remove libbonobo-activation-dev as
build-dependency

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332812: remove libbonobo-activation-dev as build dependency

[Ondrej Sury]

Package: teg
Version: 0.11.1-1
Severity: important
Justification: bonobo-activation is deprecated as build-depend

libbonobo-activation-dev is deprecated and will be removed from archive.
Please update build-dependency and remove libbonobo-activation-dev as
build-dependency

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332811: remove libbonobo-activation-dev as build dependency

[Ondrej Sury]

Package: sodipodi
Version: 0.34-2
Severity: important
Justification: bonobo-activation is deprecated as build-depend

libbonobo-activation-dev is deprecated and will be removed from archive.
Please update build-dependency and remove libbonobo-activation-dev as
build-dependency

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332810: remove libbonobo-activation-dev as build dependency

[Ondrej Sury]

Package: mozilla-bonobo
Version: 0.4.1-5
Severity: important
Justification: bonobo-activation is deprecated as build-depend

libbonobo-activation-dev is deprecated and will be removed from archive.
Please update build-dependency and remove libbonobo-activation-dev as
build-dependency

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332809: remove bonobo-activation as build dependency

[Ondrej Sury]

Package: drivel
Version: 2.0.2-1
Severity: important
Justification: bonobo-activation is deprecated as build-depend

bonobo-activation is deprecated and will be removed from archive.
Please update build-dependency and remove bonobo-activation

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#332808: remove bonobo-activation as build dependency

[Ondrej Sury]

Package: gnome-pilot
Version: 2.0.12-1.4
Severity: important
Justification: bonobo-activation is deprecated as build-depend

bonobo-activation is deprecated and will be removed from archive.
Please update build-dependency and remove bonobo-activation

-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#330677: Please remove bonobo-activation from unstable

[Ondrej Sury]

On Sat, 2005-10-08 at 19:41 +0200, Jeroen van Wolffelaar wrote:
> tags 330677 moreinfo
> thanks
> 
> On Fri, Sep 30, 2005 at 09:22:06AM +0200, Ondrej Sury wrote:
> > bonobo-activation is deprecated and no package in unstable currently
> > depends on it.
> 
> ** drivel has an unsatisfied build-dependency: bonobo-activation
> ** gnome-pilot has an unsatisfied build-dependency: bonobo-activation
> ** mail-notification has an unsatisfied build-dependency: 
> libbonobo-activation-dev (>= 2.4.0)
> ** mozilla-bonobo has an unsatisfied build-dependency: 
> libbonobo-activation-dev
> ** sodipodi has an unsatisfied build-dependency: libbonobo-activation-dev
> ** teg has an unsatisfied build-dependency: libbonobo-activation-dev
> 
> Did you file bugs on those reverse build-dependencies?

No, since I didn't know how to reverse check build-dependencies...

Will do that, since those b-d are obsolete as well...

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#330677: Please remove bonobo-activation from unstable

[Ondrej Sury]

reopen 330677
retitle 330677 please remove bonobo-activation from unstable
reassign 330677 ftp.debian.org
thank you

bonobo-activation is deprecated and no package in unstable currently
depends on it.

Ondrej
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#329799: [php-maint] Bug#329799: php4-pear: Segfault when doing pear upgrade-all

[Ondrej Sury]

On Fri, 2005-09-23 at 15:55 +0200, Nicholas Fechner wrote:
> Adam Conrad wrote:
> > Nicholas Fechner wrote:
> > 
> >>But when I try to do " pear -vvv upgrade-all" I get a segfault:
> >>
> >>If you need more information, let me know.
> > 
> > 
> > A gdb backtrace of the segfault might be helpful.
> > 
> > ... Adam
> Hi,
> how do I do that?

Run:
# gdb /usr/bin/php
gdb> run -C -q -d include_path=/usr/share/php -d output_buffering=1 
/usr/share/php/pearcmd.php -vvv upgrade-all

after it crashes run:

gdb> bt

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#323785: cgid segfaults when module set suexec uid and gid

[Ondrej Sury]

reassign 323785 apache2
tags 323785 +upstream patch
thank you

-- 
Ondrej Sury <[EMAIL PROTECTED]>
Index: modules/generators/mod_cgid.c
===
--- modules/generators/mod_cgid.c	(revision 264790)
+++ modules/generators/mod_cgid.c	(working copy)
@@ -90,10 +90,20 @@
 static int daemon_should_exit = 0;
 static server_rec *root_server = NULL;
 static apr_pool_t *root_pool = NULL;
+static ap_unix_identity_t empty_ugid = { (uid_t)-1, (gid_t)-1, -1 };
 
 /* Read and discard the data in the brigade produced by a CGI script */
 static void discard_script_output(apr_bucket_brigade *bb);
 
+/* This doer will only ever be called when we are sure that we have
+ * a valid ugid.
+ */
+static ap_unix_identity_t *cgid_suexec_id_doer(const request_rec *r)
+{
+ return (ap_unix_identity_t *)
+ ap_get_module_config(r->request_config, &cgid_module);
+}
+
 /* KLUDGE --- for back-combatibility, we don't have to check ExecCGI
  * in ScriptAliased directories, which means we need to know if this 
  * request came through ScriptAlias or not... so the Alias module 
@@ -156,15 +166,12 @@
 * process to be cleaned up
 */
 int core_module_index;
-int have_suexec;
-int suexec_module_index;
-suexec_config_t suexec_cfg;
 int env_count;
+ap_unix_identity_t ugid;
 apr_size_t filename_len;
 apr_size_t argv0_len;
 apr_size_t uri_len;
 apr_size_t args_len;
-apr_size_t mod_userdir_user_len;
 int loglevel; /* to stuff in server_rec */
 } cgid_req_t;
 
@@ -316,10 +323,9 @@
 cgid_req_t *req)
 { 
 int i; 
-char *user;
 char **environ; 
-core_dir_config *temp_core; 
-void **dconf;
+core_request_config *temp_core; 
+void **rconf;
 apr_status_t stat;
 
 r->server = apr_pcalloc(r->pool, sizeof(server_rec)); 
@@ -336,17 +342,13 @@
 }
 
 /* handle module indexes and such */
-dconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT));
+rconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT));
 
-temp_core = (core_dir_config *)apr_palloc(r->pool, sizeof(core_module)); 
-dconf[req->core_module_index] = (void *)temp_core;
-
-if (req->have_suexec) {
-dconf[req->suexec_module_index] = &req->suexec_cfg;
-}
-
-r->per_dir_config = (ap_conf_vector_t *)dconf; 
-
+temp_core = (core_request_config *)apr_palloc(r->pool, sizeof(core_module)); 
+rconf[req->core_module_index] = (void *)temp_core;
+r->request_config = (ap_conf_vector_t *)rconf; 
+ap_set_module_config(r->request_config, &cgid_module, (void *)&req->ugid);
+
 /* Read the filename, argv0, uri, and args */
 r->filename = apr_pcalloc(r->pool, req->filename_len + 1);
 *argv0 = apr_pcalloc(r->pool, req->argv0_len + 1);
@@ -379,19 +381,6 @@
 }
 *env = environ;
 
-/* basic notes table to avoid segfaults */
-r->notes = apr_table_make(r->pool, 1);
-
-/* mod_userdir requires the mod_userdir_user note */
-if (req->mod_userdir_user_len) {
-user = apr_pcalloc(r->pool, req->mod_userdir_user_len + 1); /* last byte is '\0' */
-stat = sock_read(fd, user, req->mod_userdir_user_len);
-if (stat != APR_SUCCESS) {
-return stat;
-}
-apr_table_set(r->notes, "mod_userdir_user", (const char *)user);
-}
-
 #if 0
 #ifdef RLIMIT_CPU 
 sock_read(fd, &j, sizeof(int)); 
@@ -434,22 +423,19 @@
  int req_type) 
 { 
 int i;
-const char *user;
-module *suexec_mod = ap_find_linked_module("mod_suexec.c");
 cgid_req_t req = {0};
-suexec_config_t *suexec_cfg;
 apr_status_t stat;
+ap_unix_identity_t * ugid = ap_run_get_suexec_identity(r);
 
+if (ugid == NULL) {
+req.ugid = empty_ugid;
+} else {
+memcpy(&req.ugid, ugid, sizeof(ap_unix_identity_t));
+}
+
 req.req_type = req_type;
 req.conn_id = r->connection->id;
 req.core_module_index = core_module.module_index;
-if (suexec_mod) {
-req.have_suexec = 1;
-req.suexec_module_index = suexec_mod->module_index;
-suexec_cfg = ap_get_module_config(r->per_dir_config,
-  suexec_mod);
-req.suexec_cfg = *suexec_cfg;
-}
 for (req.env_count = 0; env[req.env_count]; req.env_count++) {
 continue; 
 }
@@ -457,10 +443,6 @@
 req.argv0_len = strlen(argv0);
 req.uri_len = strlen(r->uri);
 req.args_len = r->args ? strlen(r->args) : 0;
-user = (const char *)apr_table_get(r->notes, "mod_userdir_user");
-if (user != NULL) {
-req.mod_userdir_use

Bug#329065: [php-maint] Bug#329065: php5-sybase: sybase_ct doesn't always return correct results from MS SQL

[Ondrej Sury]

On Mon, 2005-09-19 at 14:07 +0200, Johan Palmqvist wrote:
> 
> Adam Conrad wrote: 
> > severity 329065 important
> > thanks
> > 
> > Johan Palmqvist wrote:
> >   
> > > Severity: grave
> > > Justification: causes non-serious data loss
> > > 
> > 
> > How does this cause data loss and warrant a grave bug?
> > 
> >   
> PHP code for a test case is attached. The executed stored procedure
> returns a string containing a URL. The only modifications to php.ini
> are specified below.

Thanks for that test case.

Just a quick explanation what "data loss" mean (at least to us).  To
mark this bug as grave because of "data loss" it would have to delete
affected data from database.

I know that this is annoying bug (at least for you) and we will work
with upstream to resolve it, but it's not "grave" bug, because you are
using very rare setup (php on linux with MSSQL) and it doesn't happen on
all occasions.

O.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#329076: Patch to fix segfault when setting Timeout value twice

[Ondrej Sury]

Package: openldap2
Version: 2.1.30-8
Severity: important

Please apply this backported (attached) patch from REL_2.2, it fixes
crashes when you set timeout value twice, which can happen quite easily.

Upstream ITS:
http://www.openldap.org/its/index.cgi/Software%
20Bugs?id=3487;expression=TIMEOUT;casesensitive=1;usearchives=1;statetype=-1

Reason why we need it for apache2 mod_ldap:
http://issues.apache.org/bugzilla/show_bug.cgi?id=34618#c12

We will then depend our apache2 builds on library with this fix
included.

Thanks,
-- 
Ondrej Sury <[EMAIL PROTECTED]>
diff -urN openldap2-2.1.30~/libraries/libldap/open.c openldap2-2.1.30/libraries/libldap/open.c
--- openldap2-2.1.30~/libraries/libldap/open.c	2003-04-29 01:41:55.0 +0200
+++ openldap2-2.1.30/libraries/libldap/open.c	2005-09-19 14:06:12.0 +0200
@@ -126,6 +126,9 @@
 	/* but not pointers to malloc'ed items */
 	ld->ld_options.ldo_sctrls = NULL;
 	ld->ld_options.ldo_cctrls = NULL;
+	ld->ld_options.ldo_tm_api = NULL;
+	ld->ld_options.ldo_tm_net = NULL;
+	ld->ld_options.ldo_defludp = NULL;
 
 #ifdef HAVE_CYRUS_SASL
 	ld->ld_options.ldo_def_sasl_mech = gopts->ldo_def_sasl_mech
@@ -138,30 +141,43 @@
 		? LDAP_STRDUP( gopts->ldo_def_sasl_authzid ) : NULL;
 #endif
 
-	ld->ld_options.ldo_defludp = ldap_url_duplist(gopts->ldo_defludp);
+	if ( gopts->ldo_tm_api &&
+		ldap_int_timeval_dup( &ld->ld_options.ldo_tm_api, gopts->ldo_tm_api ))
+		goto nomem;
 
-	if ( ld->ld_options.ldo_defludp == NULL ) {
-		LDAP_FREE( (char*)ld );
-		return LDAP_NO_MEMORY;
-	}
+	if ( gopts->ldo_tm_net &&
+		ldap_int_timeval_dup( &ld->ld_options.ldo_tm_net, gopts->ldo_tm_net ))
+		goto nomem;
+
+	if ( gopts->ldo_defludp ) {
+		ld->ld_options.ldo_defludp = ldap_url_duplist(gopts->ldo_defludp);
 
-	if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) {
-		ldap_free_urllist( ld->ld_options.ldo_defludp );
-		LDAP_FREE( (char*) ld );
-		return LDAP_NO_MEMORY;
+		if ( ld->ld_options.ldo_defludp == NULL ) goto nomem;
 	}
 
+	if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) goto nomem;
+
 	ld->ld_lberoptions = LBER_USE_DER;
 
 	ld->ld_sb = ber_sockbuf_alloc( );
-	if ( ld->ld_sb == NULL ) {
-		ldap_free_urllist( ld->ld_options.ldo_defludp );
-		LDAP_FREE( (char*) ld );
-		return LDAP_NO_MEMORY;
-	}
+	if ( ld->ld_sb == NULL ) goto nomem;
 
 	*ldp = ld;
 	return LDAP_SUCCESS;
+
+nomem:
+	ldap_free_select_info( ld->ld_selectinfo );
+	ldap_free_urllist( ld->ld_options.ldo_defludp );
+	LDAP_FREE( ld->ld_options.ldo_tm_net );
+	LDAP_FREE( ld->ld_options.ldo_tm_api );
+#ifdef HAVE_CYRUS_SASL
+	LDAP_FREE( ld->ld_options.ldo_def_sasl_authzid );
+	LDAP_FREE( ld->ld_options.ldo_def_sasl_authcid );
+	LDAP_FREE( ld->ld_options.ldo_def_sasl_realm );
+	LDAP_FREE( ld->ld_options.ldo_def_sasl_mech );
+#endif
+	LDAP_FREE( (char *)ld );
+	return LDAP_NO_MEMORY;
 }
 
 /*


signature.asc
Description: This is a digitally signed message part

Bug#329065: [php-maint] Bug#329065: php5-sybase: sybase_ct doesn't always return correct results from MS SQL

[Ondrej Sury]

severity 329065 normal
thank you

This is not grave bug.  It happens only on interfacing MS-SQL and only
on some circumstances.

Ondrej

On Mon, 2005-09-19 at 11:02 +0200, Johan Palmqvist wrote:
> Package: php5-sybase
> Version: 5.0.4-3
> Severity: grave
> Justification: causes non-serious data loss
> 
> 
> sybase_ct doesn't always return correct results from MS SQL.
> mssql module seem to work in all cases but is not packaged.
> 
> 
> -- System Information:
> Debian Release: testing/unstable
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
> Architecture: i386 (i686)
> Shell:  /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.12.2
> Locale: LANG=sv_SE, LC_CTYPE=sv_SE (charmap=ISO-8859-1) (ignored: LC_ALL set 
> to sv_SE)
> 
> Versions of packages php5-sybase depends on:
> ii  debconf [debconf-2.0] 1.4.58 Debian configuration management 
> sy
> ii  libapache2-mod-php5 [phpapi-2 5.0.4-3server-side, HTML-embedded 
> scripti
> ii  libc6 2.3.5-6GNU C Library: Shared libraries 
> an
> ii  libct30.63-2 libraries for connecting to MS 
> SQL
> ii  php5-cgi [phpapi-20041030]5.0.4-3server-side, HTML-embedded 
> scripti
> ii  php5-cli [phpapi-20041030]5.0.4-3command-line interpreter for the 
> p
> ii  php5-common   5.0.4-3Common files for packages built 
> fr
> 
> php5-sybase recommends no packages.
> 
> -- debconf information:
>   php5/remove_extension: true
>   php5/add_extension: true
>   php5/extension_sybase_ct_cgi: true
>   php5/extension_sybase_ct_cli: true
>   php5/extension_sybase_ct_apache2: true
> 
> 
> ___
> pkg-php-maint mailing list
> [EMAIL PROTECTED]
> http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#303600: package will be created under Gnome Debian team

[Ondrej Sury]

package wnpp
retitle 303600 ITP: gnome-power-manager -- tool for user configuration of power 
management policies
thank you

I will take this package.

O.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#147728: [php-maint] Bug#147728: can you explain why pspell is not enabled?

[Ondrej Sury]

On Thu, 2005-09-01 at 19:52 +0300, Tomas Kuliavas wrote:
> > On Wed, 2005-08-31 at 21:52 +0300, Tomas Kuliavas wrote:
> >> You have three bugs asking to enable spell checking module with no
> >> feedback from package maintainers.
> >
> > No, there was feedback from me:
> >
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=156733;msg=17
> >
> > Are you willing to solve bugs in and maintains pspell extension?
> > Prepare separate package and ask us for sponsorship.
> >
> > Any interested DD can do that.  Any interested user can do that with DD
> > sponsorship.
> 
> I am only DU and don't have knowledge required to maintain C based program.

Maintaining PHP packages is much worse then maintaining C based
programs.

> What kind of bugs are present in php pspell extension? Is it broken on
> some architecture?

I don't know if it's broken and personally I don't want to know. 

Apparently nobody from php team wants to maintain this extension.
I filled RFH wnpp bug, maybe there is brave soul somewhere in Debian
universe.

O.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#147728: [php-maint] Bug#147728: can you explain why pspell is not enabled?

[Ondrej Sury]

On Wed, 2005-08-31 at 21:52 +0300, Tomas Kuliavas wrote:
> You have three bugs asking to enable spell checking module with no
> feedback from package maintainers.

No, there was feedback from me:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=156733;msg=17

Are you willing to solve bugs in and maintains pspell extension?
Prepare separate package and ask us for sponsorship.

Any interested DD can do that.  Any interested user can do that with DD
sponsorship.

O.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#325322: New upstream version

[Ondrej Sury]

Florian Frank wrote:

Package: postfix-policyd
Version: 1.55-1
Severity: wishlist

New upstream version 1.66 availiable, with some really nice features.

On my selfmade package merging upstream was really straight forward.


I need to start using ucf and dbconfig-common since database and config 
changes offen and debian packages need to make upgrades smooth.


Ondrej



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#324677: ITP: fruit -- Fruit is an UCI-only chess engine.

[Ondrej Sury]

On Tue, 2005-08-23 at 14:49 +0200, Oliver Korff wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Oliver Korff <[EMAIL PROTECTED]>
> 
> 
> * Package name: fruit
>   Version : 2.1 
>   Upstream Author : Fabien Letouzey 
> * URL : http://wbec-ridderkerk.nl/
> * License : (GPL)
>   Description : Fruit is an UCI-only chess engine.
> Description: Fruit is an UCI-only chess engine. Fruit is a UCI-only
> chess engine.  This distribution comes up with an opening book and
> platform-independent source code. You will need a frontend like
> knights toplay against it.

Sorry, but could you try to be more descriptive about what it does and
what it is good for?  You can explain what UCI-only mean.

Also short description should not contain name of program.

And since 'fruit' is very common, I would recommend renaming it to
fruit-chess-engine (I think it would be more accurate).
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#323785: libapache2-mod-vhost-ldap: segfault with worker mpm, suexec and cgid

[Ondrej Sury]

> mod-vhost-ldap segfaults when used with the Apache2 worker MPM, with 
> suExec and cgid enabled. (The Debian packages ensure cgid is used 
> with the worker MPM.)
> 
> Here is a gdb backtrace, suitably cut:
> 
> (gdb) bt
> #0  0x405d0e8c in mod_vhost_ldap_get_suexec_id_doer (r=0x818e0b8)
> at mod_vhost_ldap.c:468
> #1  0x08095a85 in ap_run_get_suexec_identity ()
> #2  0x08095c85 in ap_os_create_privileged_process ()
> #3  0x40586506 in ?? () from /usr/lib/apache2/modules/mod_cgid.so
> 
> The module tries to do
> 
> mod_vhost_ldap_config_t *cfg =
>   (mod_vhost_ldap_config_t *)ap_get_module_config(r->server->module_config,
>   &vhost_ldap_module);
> 
> Which fails because r->server->module_config is null. At least I think 
> that's why it fails.
> 
> (gdb) print r->server->module_config
> $1 = (struct ap_conf_vector_t *) 0x0
> 
> I'm trying to figure out what this means, just recording this here.

That's strange because I develop and run it on threaded apache2 without
problems.

Does it happen every time?

O.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#156733: php4: Please enable pspell support

[Ondrej Sury]

Hi Erich and Anthony,

you may as well consider building separated source php-pspell and
building php4-pspell and php5-pspell out of it using php{4,5}-dev.

I think Adam has some plans with IMAP extension to make it example how
it can be done.

Adam?  What do you think?

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#322497: [php-maint] Bug#322497: Advanced PHP Debugger as extension

[Ondrej Sury]

reassign 322497 wnpp 
retitle 322497 RFP: php5-apd -- Advanced PHP Debugger (zend_extension)
thank you

On Thu, 2005-08-11 at 01:57 +0200, Nathan Samson wrote:
> Package: php5
> 
> Severity: wishlist
> 
> "APD is the Advanced PHP Debugger. It was written to provide profiling
> and debugging capabilities for PHP code, as well as to provide the
> ability to print out a full stack backtrace. APD supports interactive
> debugging, but by default it writes data to trace files. It also
> offers event based logging so that varying levels of information
> (including function calls, arguments passed, timings, etc.) can be
> turned on or off for individual scripts."
> 
> I like to see this as package, it is usefull for developing a PHP application
> 
> Greetings
> 
> Nathan Samson
> 
> 
> ___
> pkg-php-maint mailing list
> [EMAIL PROTECTED]
> http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint
-- 
Ondrej Sury <[EMAIL PROTECTED]>



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#321930: [php-maint] Bug#321930: php5: critical Filesystem function related bug - PHP_STREAM_COPY_ALL set to 2000000

[Ondrej Sury]

On Mon, 2005-08-08 at 12:03 +0200, Torsten Behrens wrote:
> see php-dev mailinglist topic #32553

Please include full bug report next time, like this:

Many file related functions are affected in php 5.0.4
They stop reading at 2,000,000 bytes.

Fix is pending in CVS and it's likely being fixed in next upstream
release.

Don't make our lives even harded... :-).

Ondrej.
-- 
Ondrej Sury <[EMAIL PROTECTED]>



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310612: Please update gal to 2.4.3

[Ondrej Sury]

This bug is fixed in upstream 2.4.3 version.

Takuo would you be so kind to upload new version?

Thanks,
-- 
Ondrej Sury <[EMAIL PROTECTED]>



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#304762: RFA: crm114

[Ondrej Sury]

Package: wnpp
Severity: normal

Due to lack of interest and lack of help from upstream (people stopped
autoconfiscating package) I no longer have time or interest to maintain
this package.

Please someone (preferrably someone actively using it) take care of this baby.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-5-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]