Bug#1027978: micro-httpd: sends invalid HTTP when listing unreadable directories
Package: micro-httpd Version: 20140814-2.1+b2 Severity: normal Tags: patch X-Debbugs-Cc: report...@duvert.net Dear Maintainer, When micro-httpd tries to list the contents of a directory but fails (if the directory is not readable, for instance), an invalid HTTP response is returned: > GET /.well-known/ HTTP/1.0 > < scandir: Permission denied < HTTP/1.0 200 Ok < Server: micro_httpd < ... Looking at the source code, micro-httpd calls perror( "scandir" ); after sending the HTTP headers, but due to standard output buffering, the error message ends up being sent first. An easy fix is to change micro-httpd@.service so micro-httpd's standard error is sent to the logs instead of the connection socket: [Service] StandardError=journal A more complete fix would be to move the call to scandir (line 119) just before the call to send_headers(200, ...) (line 108), and to call send_error if scandir fails. Thanks. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: arm64 (aarch64) Kernel: Linux 6.0.0-6-arm64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_CRAP Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages micro-httpd depends on: ii libc6 2.36-7 ii netcat-traditional 1.10-47 ii systemd-sysv252.4-1 micro-httpd recommends no packages. Versions of packages micro-httpd suggests: pn micro-proxy -- no debconf information
Bug#982998: chkrootkit chkproc uses incorrect value for max_pid
Package: chkrootkit Version: 0.55-1+b1 Followup-For: Bug #982998 X-Debbugs-Cc: report...@duvert.net Hello, I also have the same problem. Looking at the extracted source package, I noticed that the MAX_PROCESSES 9 define actually comes from the Debian patch debian/patches/27_fix-race-condition-ps-proc.patch, which replaces the conditional define: -#define MAX_PROCESSES 99 -#if defined (__x86_64) > 0 -#undef MAX_PROCESSES -#define MAX_PROCESSES 4194384 -#endif +#define MAX_PROCESSES 9 I tried to revert this part of the patch and rebuild chkproc, and that seems to fix the issue (tested on a system with an existing process of PID 1001133). Not sure if the MAX_PROCESSES change in the patch was made deliberately or not, however; with MAX_PROCESSES = 4194384, chkproc uses 64 MiB of memory to hold its state (four int arrays of size MAX_PROCESSES + 1), compared to ~1.5 MiB with MAX_PROCESSES = 9. It is also noticeably slower since it tries to read /proc/ for every PID in the 1..4194384 range. Regards, Vincent Duvert -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chkrootkit depends on: ii binutils 2.35.2-2 ii debconf [debconf-2.0] 1.5.77 ii libc6 2.31-13+deb11u2 ii net-tools 1.60+git20181103.0eebece-1 ii openssh-client 1:8.4p1-5 ii procps 2:3.3.17-5 chkrootkit recommends no packages. chkrootkit suggests no packages. -- debconf information excluded
Bug#933377: gdb: dynamically-linked programs segfault on launch
After some more testing, it looks like the crash only occurs when Debian is running in a VirtualBox VM, whose host is itself running on an older Core 2 Duo processor. I’m guessing this is more of a VirtualBox bug, which fails to properly emulate some CPU debug feature on older processors.
Bug#933377: gdb: dynamically-linked programs segfault on launch
Package: gdb Version: 8.3-1 Severity: important Dear Maintainer, When gdb is asked to start any dynamically-linked program, they segfault, seemingly early on launch: $ echo 'int main(void) { return 0; }' | gcc -o /tmp/prog -x c - && gdb -q /tmp/prog Reading symbols from /tmp/prog... (No debugging symbols found in /tmp/prog) (gdb) run Starting program: /tmp/prog Program received signal SIGSEGV, Segmentation fault. 0x in ?? () (gdb) bt #0 0x in ?? () #1 0x506a in _start () Pre-built programs like /bin/true also segfault, but the problem doesn’t seem to affect statically-linked programs: $ echo 'int main(void) { return 0; }' | gcc -static -o /tmp/prog -x c - && gdb -q /tmp/prog Reading symbols from /tmp/prog... (No debugging symbols found in /tmp/prog) (gdb) run Starting program: /tmp/prog [Inferior 1 (process 1279) exited normally] -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/1 CPU core) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gdb depends on: ii libbabeltrace1 1.5.7-1 ii libc6 2.28-10 ii libexpat1 2.2.7-1 ii libipt2 2.0-2 ii liblzma55.2.4-1 ii libncursesw66.1+20181013-2 ii libpython3.73.7.4-2 ii libreadline88.0-2 ii libtinfo6 6.1+20181013-2 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages gdb recommends: ii libc6-dbg [libc-dbg] 2.28-10 Versions of packages gdb suggests: pn gdb-doc pn gdbserver
Bug#777171: grub-pc: no partitions found after loading the ohci module
Package: grub-pc Version: 2.02~beta2-21 Severity: important Dear Maintainer, Upon using insmod ohci from the grub prompt to load the ohci module, grub stops recognizing the available disks and partitions. grub insmod ohci error : disk hd0,msdos3 not found. grub The keyboard stops working afterwards. On another machine, the keyboard continues to work, but none of the commands work: grub ls (hd0) (hd0,msdos5) (hd0,msdos1) (fd0) grub insmod ohci grub ls grub help error: disk hd0,msdos1 not found. With grub 1.99-27+deb7u2, the module is loaded correctly without side effects. Thanks. -- Package-specific info: *** BEGIN /proc/mounts /dev/disk/by-uuid/0bca68af-8a13-4010-8b34-c70dcffce40a / ext4 rw,noatime,errors=remount-ro,data=ordered 0 0 *** END /proc/mounts *** BEGIN /boot/grub/grub.cfg # # DO NOT EDIT THIS FILE # # It is automatically generated by grub-mkconfig using templates # from /etc/grub.d and settings from /etc/default/grub # ### BEGIN /etc/grub.d/00_header ### if [ -s $prefix/grubenv ]; then set have_grubenv=true load_env fi if [ ${next_entry} ] ; then set default=${next_entry} set next_entry= save_env next_entry set boot_once=true else set default=0 fi if [ x${feature_menuentry_id} = xy ]; then menuentry_id_option=--id else menuentry_id_option= fi export menuentry_id_option if [ ${prev_saved_entry} ]; then set saved_entry=${prev_saved_entry} save_env saved_entry set prev_saved_entry= save_env prev_saved_entry set boot_once=true fi function savedefault { if [ -z ${boot_once} ]; then saved_entry=${chosen} save_env saved_entry fi } function load_video { if [ x$feature_all_video_module = xy ]; then insmod all_video else insmod efi_gop insmod efi_uga insmod ieee1275_fb insmod vbe insmod vga insmod video_bochs insmod video_cirrus fi } if [ x$feature_default_font_path = xy ] ; then font=unicode else insmod part_msdos insmod ext2 set root='hd0,msdos3' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos3 --hint-efi=hd0,msdos3 --hint-baremetal=ahci0,msdos3 0bca68af-8a13-4010-8b34-c70dcffce40a else search --no-floppy --fs-uuid --set=root 0bca68af-8a13-4010-8b34-c70dcffce40a fi font=/usr/share/grub/unicode.pf2 fi if loadfont $font ; then set gfxmode=auto load_video insmod gfxterm set locale_dir=$prefix/locale set lang=fr_FR insmod gettext fi terminal_output gfxterm if [ ${recordfail} = 1 ] ; then set timeout=-1 else if [ x$feature_timeout_style = xy ] ; then set timeout_style=menu set timeout=5 # Fallback normal timeout code in case the timeout_style feature is # unavailable. else set timeout=5 fi fi ### END /etc/grub.d/00_header ### ### BEGIN /etc/grub.d/05_debian_theme ### insmod part_msdos insmod ext2 set root='hd0,msdos3' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos3 --hint-efi=hd0,msdos3 --hint-baremetal=ahci0,msdos3 0bca68af-8a13-4010-8b34-c70dcffce40a else search --no-floppy --fs-uuid --set=root 0bca68af-8a13-4010-8b34-c70dcffce40a fi insmod png if background_image /usr/share/images/desktop-base/lines-grub.png; then set color_normal=white/black set color_highlight=black/white else set menu_color_normal=cyan/blue set menu_color_highlight=white/blue fi ### END /etc/grub.d/05_debian_theme ### ### BEGIN /etc/grub.d/10_linux ### function gfxmode { set gfxpayload=${1} } set linux_gfx_mode= export linux_gfx_mode menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-0bca68af-8a13-4010-8b34-c70dcffce40a' { load_video insmod gzio if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi insmod part_msdos insmod ext2 set root='hd0,msdos3' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos3 --hint-efi=hd0,msdos3 --hint-baremetal=ahci0,msdos3 0bca68af-8a13-4010-8b34-c70dcffce40a else search --no-floppy --fs-uuid --set=root 0bca68af-8a13-4010-8b34-c70dcffce40a fi echo'Chargement de Linux 3.16.0-4-amd64…' linux /boot/vmlinuz-3.16.0-4-amd64 root=UUID=0bca68af-8a13-4010-8b34-c70dcffce40a ro quiet echo'Chargement du disque mémoire initial…' initrd /boot/initrd.img-3.16.0-4-amd64 } submenu 'Options avancées pour Debian GNU/Linux' $menuentry_id_option 'gnulinux-advanced-0bca68af-8a13-4010-8b34-c70dcffce40a' { menuentry 'Debian GNU/Linux, avec Linux 3.16.0-4-amd64' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-3.16.0-4-amd64-advanced-0bca68af-8a13-4010-8b34-c70dcffce40a' { load_video insmod gzio
Bug#760111: netatalk: Avahi registration fails when DDP is enabled
Package: netatalk Version: 2.2.5-1 Severity: normal Tags: patch Dear Maintainer, I have noticed that afpd does not successfuly start when the DDP protocol is enabled alongside with TCP (-ddp option without -notcp option in /etc/netatalk/afpd.conf). The syslog output reads: afpd[4808]: AFP/TCP started, advertising 192.168.1.76:548 (2.2.5) afpd[4808]: Failed to add service: Local name conflict Since the avahi registration fails, the server will not be discoverable by the clients. Older clients using atalkd will still be able to connect, though. The problem is that when both DDP and TCP are enabled, afpd tries to register twice on avahi (once for TCP, and once for ASP), with the same service name. The attached patch skips Avahi registration for ASP/DDP configuration, to avoid the double registration. Thanks. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages netatalk depends on: ii libacl1 2.2.52-1.1 ii libattr1 1:2.4.47-1 ii libavahi-client3 0.6.31-4 ii libavahi-common3 0.6.31-4 ii libc6 2.19-9 ii libcomerr21.42.11-2 ii libcrack2 2.9.1-1+b2 ii libcups2 1.7.5-1 ii libdb5.3 5.3.28-6 ii libgcrypt11 1.5.4-2 ii libgssapi-krb5-2 1.12.1+dfsg-7 ii libk5crypto3 1.12.1+dfsg-7 ii libkrb5-3 1.12.1+dfsg-7 ii libldap-2.4-2 2.4.39-1.1+b1 ii libpam-modules1.1.8-3.1 ii libpam0g 1.1.8-3.1 ii libwrap0 7.6.q-25 ii netbase 5.2 ii perl 5.20.0-4 Versions of packages netatalk recommends: ii avahi-daemon 0.6.31-4 pn cracklib-runtime none pn db-util none pn libpam-cracklib none ii lsof 4.86+dfsg-1 ii procps1:3.3.9-7 pn rcnone Versions of packages netatalk suggests: pn db4.2-util none pn groffnone pn quotanone ii texlive-binaries [texlive-base-bin] 2014.20140528.34243-5 -- Configuration Files: /etc/default/netatalk changed [not included] /etc/netatalk/AppleVolumes.default changed [not included] /etc/netatalk/afpd.conf changed [not included] -- no debconf information Description: Fix Avahi registration when ASP is enabled Author: Vincent Duvert vinc...@duvert.net --- netatalk-2.2.5.orig/etc/afpd/afp_avahi.c +++ netatalk-2.2.5/etc/afpd/afp_avahi.c @@ -94,6 +94,9 @@ static void register_stuff(void) { /* AFP server */ for (config = ctx-configs; config; config = config-next) { +if (config-obj.proto == AFPPROTO_ASP) { +continue; +} dsi = (DSI *)config-obj.handle; port = getip_port((struct sockaddr *)dsi-server);
Bug#760112: netatalk: Correctly set up user rights for ASP sessions
Package: netatalk Version: 2.2.5-1 Severity: normal Tags: patch Dear Maintainer, When accessing an AFP server from an old client (using ASP/DDP) with the default configuration (with atalkd and DDP enabled, of course), no volumes are shown. This is because afpd ignores the AppleVolumes.default file and the uservols for ASP/DDP sessions. It only shows volumes defined in AppleVolumes.system (and the default configuration has none). etc/afpd/volume.c's load_volumes function contains a check (line 1962) which disables AppleVolumes.default loading if the parent_or_child variable indicates that it's directly running in the main afpd process. This variable is updated after the fork() in libatalk/dsi/dsi_tcp.c, so the correct volumes are shown when using AFP over TCP. The ASP session manager also forks when a new session is created (line 270 of libatalk/asp/asp_getsess.c) but does not set the parent_or_child variable, so load_volumes will not load the user-specific volumes nor AppleVolumes.default on ASP. The attached patch sets parent_or_child = 1 after this fork(), so clients which use ASP/DDP will get the correct user-specific volumes. Thanks. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages netatalk depends on: ii libacl1 2.2.52-1.1 ii libattr1 1:2.4.47-1 ii libavahi-client3 0.6.31-4 ii libavahi-common3 0.6.31-4 ii libc6 2.19-9 ii libcomerr21.42.11-2 ii libcrack2 2.9.1-1+b2 ii libcups2 1.7.5-1 ii libdb5.3 5.3.28-6 ii libgcrypt11 1.5.4-2 ii libgssapi-krb5-2 1.12.1+dfsg-7 ii libk5crypto3 1.12.1+dfsg-7 ii libkrb5-3 1.12.1+dfsg-7 ii libldap-2.4-2 2.4.39-1.1+b1 ii libpam-modules1.1.8-3.1 ii libpam0g 1.1.8-3.1 ii libwrap0 7.6.q-25 ii netbase 5.2 ii perl 5.20.0-4 Versions of packages netatalk recommends: ii avahi-daemon 0.6.31-4 pn cracklib-runtime none pn db-util none pn libpam-cracklib none ii lsof 4.86+dfsg-1 ii procps1:3.3.9-7 pn rcnone Versions of packages netatalk suggests: pn db4.2-util none pn groffnone pn quotanone ii texlive-binaries [texlive-base-bin] 2014.20140528.34243-5 -- Configuration Files: /etc/default/netatalk changed [not included] /etc/netatalk/AppleVolumes.default changed [not included] /etc/netatalk/afpd.conf changed [not included] -- no debconf information Description: Fix child status of ASP session processes Author: Vincent Duvert vinc...@duvert.net --- netatalk-2.2.5.orig/libatalk/asp/asp_getsess.c +++ netatalk-2.2.5/libatalk/asp/asp_getsess.c @@ -269,6 +269,7 @@ ASP asp_getsession(ASP asp, server_child int dummy[2]; switch ((pid = fork())) { case 0 : /* child */ + parent_or_child = 1; server_reset_signal(); /* free/close some things */ for (i = 0; i children-nsessions; i++ ) {
Bug#725077: xfce4-genmon-plugin: may prevent session start if the started process opens /dev/tty
Package: xfce4-genmon-plugin Version: 3.4.0-2 Severity: normal Dear Maintainer, I have noticed after misconfiguring a genmon plugin that if the started application tries to read from /dev/tty (for instance, svn asking a password), not only genmon freezes, but the whole session may block as well. I have reproduced the problem with those steps: 1) Create a new user 2) Log in as this user, run startxfce4, use the default panel parameters 3) Create a shell script which does nothing (I used #!/bin/sh \n exit 0) 4) Add a generic monitor to the panel, configure it so it starts the shell script 5) Log out 6) Add cat /dev/tty to the shell script 7) Run startxfce4 again On my system, the background and the Xfce panels start to appear, but then everything freezes (the mouse still moves and Ctrl-Alt-Fx still works, tough) I think that in my case it also caused lightdm to abort the session start (i.e. after entering the username/password and clicking Login, the screen goes blank for some seconds and the prompt reappears), but I haven’t tried to reproduce it with my testcase so it may be an unrelated problem. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.10-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages xfce4-genmon-plugin depends on: ii libatk1.0-0 2.8.0-2 ii libc62.17-92+b1 ii libcairo21.12.16-2 ii libfontconfig1 2.10.2-2 ii libfreetype6 2.4.9-1.1 ii libgdk-pixbuf2.0-0 2.28.2-1 ii libglib2.0-0 2.36.4-1 ii libgtk2.0-0 2.24.20-1 ii libpango-1.0-0 1.32.5-5+b1 ii libpangocairo-1.0-0 1.32.5-5+b1 ii libpangoft2-1.0-01.32.5-5+b1 ii libxfce4ui-1-0 4.10.0-3 ii libxfce4util64.10.1-1 ii xfce4-panel 4.10.1-1 xfce4-genmon-plugin recommends no packages. xfce4-genmon-plugin suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#539640: ITP: slimevolley -- Unrealistic 2D volleyball simulation, similar to Blobby Volley
Package: wnpp Severity: wishlist Owner: Vincent Duvert vincent.duv...@free.fr * Package name: slimevolley Version : 2.4.1 Upstream Author : Vincent Duvert vincent.duv...@free.fr * URL : http://slime.tuxfamily.org/ * License : GPL Programming Lang: C Description : Unrealistic 2D volleyball simulation, similar to Blobby Volley Slime Volley is a 2D volleyball game written in C with SDL. Your player is a slime, on which a small ball bounces. You must prevent the ball to touch the ground on your side, and try to trick your opponents. The first team to get 10 points wins. -- System Information: Debian Release: 5.0.2 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org