Bug#274081: zaptel-source dependencies

[Santiago Ruano Rincón]

Hi,

El jue, 27-01-2005 a las 22:02 -0500, Charles Lepple escribió:
> I would tend to agree that zaptel-source should "Recommend: zaptel", since
> zaptel-source and zaptel show up in different parts of the package list.
> 

I'm working in the new release for the package right now, I'll include
this.

Thanks,

Santiago


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Bug#264429: patch no longer applies to zaptel-source 1:1.0.2-2

[Santiago Ruano Rincón]

Hi,

El vie, 28-01-2005 a las 18:49 -0500, Charles Lepple escribió:
> patching file rules
> Hunk #1 FAILED at 127.
> Hunk #2 FAILED at 205.
> 2 out of 2 hunks FAILED -- saving rejects to file rules.rej
> 
> On closer inspection, the new debian/rules file already has $(ROOT_CMD) in
> the kdist_image target.

that's right.

> 
> I'm not sure whether the dh_testroot is needed during the 'make clean'
> stage (Hunk #2), but the current version (1:1.0.2-2) did not have any
> problems at this stage when built using fakeroot.
> 

before delete the files with clean, It's possible to check if you are
root or you are using fakeroot with dh_testroot.

Thanks, I'll close this bug.


Santiago



signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Bug#388194: ITA: playground -- simple GNOME applet that lets you control basic functions of audio players

[Santiago Ruano Rincón]

package wnpp
retitle 388194 O: playground -- simple GNOME applet that lets you
control basic functions of audio players
retitle 388196 O: playground-xmms -- XMMS control plugin for playground
GNOME
thanks


El jue, 14-12-2006 a las 22:18 +0100, Matej Vela escribió:
> Hi,
> 
> Do you still intend to adopt playground?  (This is just a ping, I'm
> not interested in adopting it myself.)
> 
> Thanks,
> 
> Matej

I've tried playground with xmms, but it just doesn't work.

I won't be able to work on these packages in the following days, so, I'm
orphaning them.

regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#403978: playground-plugin-xmms doesn't work

[Santiago Ruano Rincón]

Package: playground-plugin-xmms
Version: 0.3-1
Severity: grave

It just doesn't work. Maybe, it could get incompatible with xmms since
a xmms package version.

Regards,

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-686
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)

Versions of packages playground-plugin-xmms depends on:
ii  libc62.3.6.ds1-8 GNU C Library: Shared libraries
ii  playground   0.3-1   simple GNOME applet that lets you 
ii  xmms 1:.2.10+20061201-1 Versatile X audio player

playground-plugin-xmms recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#401334: wlan0, no such device

[Santiago Ruano Rincón]

Package: ndiswrapper-source
Version: 1.28-1
Severity: serious
Justification: renders package unusable

Since the 1.28 upgrade, I'm unable to use the wireless card. 

iwconfig just don't works, when I try to scan, I get this: 

[EMAIL PROTECTED]:~$ sudo iwlist s
loInterface doesn't support scanning.

wlan0 Interface doesn't support scanning : No such device

eth0  Interface doesn't support scanning.

eth1  Interface doesn't support scanning.
...

I have no problems with 1.23, it works Ok.

Best regards,

Santiago

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-686
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)

Versions of packages ndiswrapper-source depends on:
ii  bzip2 1.0.3-6high-quality block-sorting file co
ii  debhelper 5.0.42 helper programs for debian/rules
ii  gcc   4:4.1.1-13 The GNU C compiler
ii  module-assistant  0.10.8 tool to make module package creati

ndiswrapper-source recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#393725: about the update-alternatives problem

[Santiago Ruano Rincón]

Alejandro,

I'm not sure if the problem is with the lastest dpkg package (1.13.24),
but, I get the correct result of `update-alternatives --config op-panel`
when I change "asternic" for "destar" in these two lines of destar's
postins:

...
--slave /etc/op-panel/op_astdb.cfg
op-astdb-cfg   /etc/op-panel/asternic/op_astdb.cfg   \
--slave /etc/op-panel/op_style.cfg
op-style-cfg   /etc/op-panel/asternic/op_style.cfg
...

Plase, check that.

Kind regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#400855: Minor typo in README.Debian

[Santiago Ruano Rincón]

Package: bcm43xx-fwcutter
Version: 20060501-5
Severity: minor

>From README.Debian:

It offers the possibility to to that though,...
 ^^

I suppose it should be  "to do that".

Kind regards,

Santiago
  

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)

Versions of packages bcm43xx-fwcutter depends on:
ii  debconf [debconf-2.0]1.5.9   Debian configuration management sy
ii  libc62.3.6.ds1-8 GNU C Library: Shared libraries

Versions of packages bcm43xx-fwcutter recommends:
ii  wget  1.10.2-2   retrieves files from the web

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#294301: new upstream version 1.0.4

[Santiago Ruano Rincón]

Thanks, I'm testing the package right now.

Kind regards,


-- 
Santiago Ruano Rincón
Grupo GNU/Linux Universidad del Cauca
http://gluc.unicauca.edu.co

Llave pública GPG ID = 6FECCDE0
Huella digital = 3821 4FB5 774A 611D 31E4  B268 414B 8423 6FEC CDE0


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Bug#286415: more complete /etc/modprobe.d/zaptel

[Santiago Ruano Rincón]

Hi Warren,

thanks for that.

please, check out the zaptel_1.0.4 that is in experimental.

kind regards,

Santiago


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Bug#295866: zaptel-source: Unable to find libtonezone

[Santiago Ruano Rincón]

Hi Peter,

Please, test the package of zaptel_1.0.4_1 in experimental, and tell me
if the problem persists. I tried to fix that bug in it.

Greetings,

Santiago


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Bug#294183: zaphfc module missing?

[Santiago Ruano Rincón]

Hi Marco,

El lun, 07-03-2005 a las 14:58 +0100, Marco Parmeggiani escribió:
> Hi, a couple of questions:
> 
> 1) I've downloaded zaptel-source 1.0.4-3 and i've built it using make-kpkg
> but the generated deb does not contain the zaphfc module. What i am
> missing?
> 

until now, it doesn't include the zaphfc module, but with the 1.0.4-3,
you can compile bristuff 0.2.0-RC7f against zaptel-source. You'll find
the module in a new version.

> 2) The only way to have zaptel modules is to build them from zaptel-source
> or they are available also in binary format somewhere?
> 

there's no official binaries right now, you need to build the modules
from zaptel-source-

> Thanks

thank you,

> ciao

regards,


-- 
Santiago Ruano Rincón


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Bug#410828: ssmtp should use /etc/hosts before DNS

[Santiago Ruano Rincón]

Hello Michelle,

On Tue, Feb 13, 2007 at 07:34:07PM +0100, Michelle Konzack wrote:
> Package: ssmtp
> Severity: wishlist
> 
> Hello Maintainers,
> 
> my Computers using generaly all "ssmtp" 

good choice ;)

> except my main MailServers which
> are using "courier"
> 
> Now I have the problem that in an homogenous IntranetSystem where I have
> no internet connection ssmtp fails since it does not use /etc/hosts
> 
> Please can you add support for /etc/hosts (read /etc/hosts if exist and
> then try DNS)?

AFIK, the MX records can only be queried to DNS servers, there isn't way
in /etc/hosts to have a MX entry. Using an internal DNS server for your
intranet could be a better solution.

Best regards,

Santiago


signature.asc
Description: Digital signature

Bug#413839: ssmtp: package removal with apt-get remove also remove mysql

[Santiago Ruano Rincón]

On Sun, Feb 11, 2007 at 03:19:40AM +0100, Jean-Guillaume VIEUX wrote:
> Package: ssmtp
> Version: 2.61-2
> Severity: normal
> 
> When removing ssmtp package via apt-get remove ssmtp, it also remove 
> mysql-server package.
> You can see it also whith "apt-get -s remove ssmtp" wich output : (output in 
> french)
> 
> samoa:~# apt-get -s remove ssmtp
> Lecture des listes de paquets... Fait
> Construction de l'arbre des dépendances... Fait
> Les paquets suivants seront ENLEVÉS :
>   at mailx mutt mysql-server ssmtp
> 0 mis à jour, 0 nouvellement installés, 5 à enlever et 0 non mis à jour.
> Remv at (3.1.8-11 Debian:3.1r5/stable)
> Remv mysql-server (4.0.24-10sarge2 Debian:3.1r5/stable, 
> Debian-Security:3.1/stable)
> Remv mailx (1:8.1.2-0.20040524cvs-4 Debian:3.1r5/stable)
> Remv mutt (1.5.9-2sarge2 Debian:3.1r5/stable, Debian-Security:3.1/stable)
> Remv ssmtp (2.61-2 Debian:3.1r5/stable)
> 

mysql-server depends on mailx, and mailx depends on a mta. So, if you
remove ssmtp (your mta), you'll remove mysql-server.

Removing your mta is not a good idea, at least, you should replace it
with exim4 or any other. I don't think this is a bug.

PD. you can use LANG=C before the command to have an output in English.
e.g. LANG=C apt-get remove ssmtp

Best regards,

Santiago


signature.asc
Description: Digital signature

Bug#416681: pdfedit consumes the CPU while adding text

[Santiago Ruano Rincón]

Package: pdfedit
Version: 0.2.5-2
Severity: important

--- Please enter the report below this line. ---

After adding text, pdfedit uses all the CPU for a considerable amount of
time

  PID USER  PR  NI  VIRT  RES  SHR S %CPU %MEMTIME+  COMMAND
 6096 santiago  25   0 56116  46m  12m R 99.3  9.3   0:52.45 pdfedit
 2977 root  15   0 66140  30m 9428 S  0.5  6.1   9:52.23 Xorg

Thanks for maintaining pdfedit.

Best regards,

--- System information. ---
Architecture: i386
Kernel:   Linux 2.6.18-4-686

Debian Release: 4.0
  500 unstablelocalhost 
1 experimentallocalhost 

--- Package information. ---
Depends(Version) | Installed
-+-
libc6   (>= 2.3.6-6) | 2.3.6.ds1-13
libfreetype6(>= 2.2) | 2.2.1-5
libgcc1  (>= 1:4.1.1-12) | 1:4.1.1-21
libqt3-mt   (>= 3:3.3.7) | 3:3.3.7-3
libstdc++6 (>= 4.1.1-12) | 4.1.1-21
libt1-5   (>= 5.0.2) | 5.1.0-2
libx11-6 | 2:1.0.3-6
libxext6 | 1:1.0.1-2



signature.asc
Description: Digital signature

Bug#407856: Patch for the 2.61-11.1 NMU of ssmtp

[Santiago Ruano Rincón]

Thanks a lot, 

I've merged the changes into the svn.

Best regards,

Santiago


signature.asc
Description: Digital signature

Bug#414081: ssmtp: [INTL:ru] Updated Russian debconf templates translation

[Santiago Ruano Rincón]

tags 414081 +pending
thanks

I've updated the po file into the svn. I'll wait some days for more
translations and then upload the new revision.

Thanks,

Santiago


signature.asc
Description: Digital signature

Bug#383834: O: zapata -- Zapata telephony interface library (development)

[Santiago Ruano Rincón]

Package: wnpp
Severity: normal

This package is not longer needed, and it is not supported by the upstream any 
more.

It should be removed from debian.

The package description is:
 A library of high-level functions used with the zaptel kernel driver

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#379858: lib32bz2-1.0: should install into /emul/ia32-linux/usr/lib, not /usr/lib32

[Santiago Ruano Rincón]

El mar, 22-08-2006 a las 09:46 -0400, Aaron M. Ucko escribió:
> 
> Aníbal Monsalve Salazar <[EMAIL PROTECTED]> writes:
> 
> > lib32bz2-dev and lib32bz2-1.0 have this:
> [snipped]
> 
> That looks correct; please proceed with an upload when you get a
> chance.

I've uploaded the package.

>   (Also, thanks for copying me, which Santiago accidentally
> forgot to do.)
> 

Ups. sorry for that.

> Thanks.
> 

Regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#384145: ssmtp: Enable cram-md5

[Santiago Ruano Rincón]

tags 384145 + pending
thanks

Changes made in svn. They will be uploaded with the next version.


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#383834: libzap orphaned.

[Santiago Ruano Rincón]

El mar, 22-08-2006 a las 21:47 +0100, Mark Purcell escribió:
> Looks like libzap has been orphaned.
> 
> http://bugs.debian.org/383834
> 
> I note we still Build-Depend on libzap-dev in both asterisk & bayonne.
> 
> But perhaps we don't need to anymore..
> 

Indeed, the binary packages of asterisk and bayonne don't depend on
libzap1, I don't see any problem removing libzap from their
build-dependencies

> Mark
> 

Best regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#384539: error in control file

[Santiago Ruano Rincón]

El vie, 25-08-2006 a las 01:12 +0200, Michael Biebl escribió:
...
> This is the error message I get on an upgrade of bzip2:
> 
> error in control file: `Index' value missing for format `info' at
> /usr/sbin/install-docs line 709,  line 19.
> 
> The installation/upgrade doesn't fail though, so severity normal seems
> appropriate.
> 

You get that error because the bzip 1.0.3-4 prerm used the old docbase control 
file, this problem is solved in 1.0.3-5.

Please confirm.

I'll close this bug.

Best regards,

Santiago Ruano Rincón




signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#384610: bzip2: FTBFS (ppc64): Missing Build-Depends on 'libc6-dev-powerpc [ppc64]'

[Santiago Ruano Rincón]

Hi Andreas,

El vie, 25-08-2006 a las 14:19 +0200, Andreas Jochens escribió:
> 
> Please add the missing Build-Depends on 'libc6-dev-powerpc [ppc64]'
> to debian/control. 

I've uploaded a new revision with the fix to
http://people.debian.org/~santiago/ 

Could you help me to test it?

Thanks,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#390903: patch

[Santiago Ruano Rincón]

The current zaptel-source doesn't build, using m-a I got this:

...
  LD [M]  /usr/src/modules/zaptel/vzaphfc/vzaphfc.o
make[5]: /usr/src/modules/zaptel/wct4xxp/../oct612x/octasic-helper:
Command not found
make[5]: /usr/src/modules/zaptel/wct4xxp/../oct612x/octasic-helper:
Command not found
  CC [M]  /usr/src/modules/zaptel/wct4xxp/base.o
make[5]: *** No rule to make target
`/usr/src/modules/zaptel/wct4xxp/../oct612x/include/oct6100api/oct6100_api.h', 
needed by `/usr/src/modules/zaptel/wct4xxp/vpm450m.o'.  Stop.
make[4]: *** [/usr/src/modules/zaptel/wct4xxp] Error 2
...

Just adding the oct612x dir to the zaptel modules tarbell solves the
problem.

Kind regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#388196: ITA: playground-xmms -- XMMS control plugin for playground GNOME applet

[Santiago Ruano Rincón]

package: wnpp
severity: normal
owner: Santiago Ruano Rincón <[EMAIL PROTECTED]>

See http://lists.debian.org/debian-devel/2006/09/msg00330.html

Kind regards,

Santiago



signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#388194: ITA: playground -- simple GNOME applet that lets you control basic functions of audio players

[Santiago Ruano Rincón]

package: wnpp
severity: normal
owner: Santiago Ruano Rincón <[EMAIL PROTECTED]>

See http://lists.debian.org/debian-devel/2006/09/msg00330.html

Regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#388756: zaptel-source: wct4xxp and other modules are not built anymore on zaptel-1.2.8.dfsg-1

[Santiago Ruano Rincón]

Hi,

The wct4xxp module was dropped from zaptel-source since 1.2.7-2, becuse
it uses sourceless firmware. I don't know if it the module is still
usefull without the .ima file. 

I'll try to digger about that, but I don't have any TEXXP card
available.

Regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#379858:

[Santiago Ruano Rincón]

Hi Aaron,

I've update and upload the package to 

http://people.debian.org/~santiago/

Please, could you build it and confirm that the bug is solved? I don't
have any amd64 machine.

Thanks.

Kind regards,

Santiago


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#393223: ssmtp: Spanish po-debconf translation

[Santiago Ruano Rincón]

Package: ssmtp
Version: 2.61-9
Priority: wishlist
Tags: l10n

Spanish po-debconf file attached.

Thanks

# Translators, if you are not familiar with the PO format, gettext
# documentation is worth reading, especially sections dedicated to
# this format, e.g. by running:
# info -n '(gettext)PO Files'
# info -n '(gettext)Header Entry'
# Some information specific to po-debconf are available at
# /usr/share/doc/po-debconf/README-trans
# or http://www.debian.org/intl/l10n/po-debconf/README-trans
# Developers do not need to manually edit POT or PO files.
# , fuzzy
# <>, 2006.
# 
# 
msgid ""
msgstr ""
"Project-Id-Version: ssmtp 2.61-8\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2006-06-04 21:34-0500\n"
"PO-Revision-Date: 2006-10-08 20:07-0500\n"
"Last-Translator: Santiago Ruano Rincón <[EMAIL PROTECTED]>\n"
"Language-Team: Spanish \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit"

#. Type: boolean
#. Description
#: ../templates:4
msgid "Automatically overwrite config files?"
msgstr "¿Sobreescribir los archivos de configuración de forma automática?"

#. Type: boolean
#. Description
#: ../templates:4
msgid ""
"The mail configuration file /etc/ssmtp/ssmtp.conf can be automatically "
"updated on each upgrade with the information supplied to the debconf "
"database. If you do not want this to happen (ie/ you want to maintain "
"control of this file yourself) then set this option to have the program "
"never touch this file."
msgstr ""
"El archivo de configuración /etc/ssmtp/ssmtp.conf se puede modificar "
"automáticamente en cada actualización con la información existente en "
"la base de datos de debconf. Si usted no quiere que esto suceda (es "
"decir, si usted quiere mantener el control del archivo) entonces "
"establezca esta opción para que el programa nunca toque el archivo."

#. Type: string
#. Description
#: ../templates:14
msgid "Who gets mail for userids < 1000:"
msgstr "Receptor del correo para los «identificadores de usuario» < 1000:"

#. Type: string
#. Description
#: ../templates:14
msgid ""
"Mail sent to a local user whose UID is less than 1000 will instead be sent "
"here. This is useful for daemons which mail reports to root and other system "
"UIDs. Make this empty to disable rewriting."
msgstr "El correo enviado a un usuario local cuyo UID es menor que 1000 se "
"enviará aquí. Esto es muy útil para los demonios que envían informes por "
"correo al root y a otros UIDs del sistema. Deje vacía esta opción para "
"deshabilitar la reescritura."

#. Type: string
#. Description
#: ../templates:23
msgid "Name of your mailhub:"
msgstr "Nombre de su «mailhub»:"

#. Type: string
#. Description
#: ../templates:23
msgid ""
"This sets the host to which mail is delivered. The actual machine name is "
"required; no MX records are consulted. Commonly, mailhosts are named \"mail."
"domain.com\"."
msgstr ""
"Esta opción establece el equipo al que se le entregará el correo. Se "
"necesita el nombre real de la máquina; no se consultan registros MX. "
"De forma común, los servidores de correo son nombrados "
"«mail.dominio.com»"

#. Type: string
#. Description
#: ../templates:31
msgid "Remote SMTP port number:"
msgstr "Número del puerto SMTP remoto:"

#. Type: string
#. Description
#: ../templates:31
msgid ""
"If your remote SMTP server listens on a port other than 25 (Standard/RFC) "
"then set it here."
msgstr "Si su servidor SMTP remoto escucha en un puerto distinto al 25 "
"(Estándar/RFC), indíquelo aquí."

#. Type: string
#. Description
#: ../templates:37
msgid "What domain to masquerade as:"
msgstr "Dominio a usar como máscara («masquerade»):"

#. Type: string
#. Description
#: ../templates:37
msgid ""
"ssmtp will use \"[EMAIL PROTECTED]" as the default From: address for "
"outgoing mail which contains only a local username."
msgstr "ssmtp usará [EMAIL PROTECTED] como el campo de "
"dirección «From:» por defecto para todo correo saliente que sólo "
"contenga un nombre de usuario local."

#. Type: string
#. Description
#: ../templates:43
msgid "What name to store in /etc/mailname:"
msgstr "Nombre de equipo a almacenar en /etc/mailname:"

#. Type: string
#. Description
#: ../templates:43
msgid ""
"This is the portion of the address after the '@' sign to be

Bug#392990:

[Santiago Ruano Rincón]

It seems to be a linux kernel 2.6.18-2 bug, it's not present when
building the modules with a 2.6.16.

modules_install Makefile rule runs a   "DEPMOD  2.6.18"

maybe that the reason.








signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#393725: Destar is unable to restart op-panel daemon

[Santiago Ruano Rincón]

Package: destar
Version: 0.2.0-1
Severity: normal

destar running as asterisk user, isn't able to restar the op-panel
daemon, which is running as op-panel user.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)

Versions of packages destar depends on:
ii  asterisk   1:1.2.12.1.dfsg-2 Open Source Private Branch Exchang
ii  python 2.4.3-11  An interactive high-level object-o
ii  python-medusa  0.5.4+clean-1 Framework for implementing asynchr
ii  python-quixote11.2-4 A highly Pythonic Web application 

Versions of packages destar recommends:
ii  python-pychart1.39-4 Python library for creating high q
ii  python-pysqlite2  2.3.2-1python interface to SQLite 3
ii  sqlite3   3.3.7-1A command line interface for SQLit

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#394106: ssmtp: [INTL:ja] updated Japanese debconf template translation (ja.po)

[Santiago Ruano Rincón]

package: ssmtp
tags 394106 + pending
thanks

It was added into the svn repository and will be uploaded with the next
revision.

Thanks for your work.

El vie, 20-10-2006 a las 00:10 +0900, Hideki Yamane (Debian-JP)
escribió:
> Dear ssmtp maintainer,
> 
>  Here's updated Japanese po-debconf template (ja.po) file that 
>  reviewed by several Japanese Debian developers and users.
> 
>  Could you apply it, please?
> 


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Bug#730146: grep: '^\s*' not matching when LC_CTYPE is set to any UTF-8 locale

[Santiago Ruano Rincón]

Control: tags 730146 + confirmed pending
Control: merge 729581 730146

Thanks for reporting. I've already confirmed the same bug. (See #729581)

Regards,

Santiago

On Fri, Nov 22, 2013 at 12:07:02AM +0100, Yann Amar wrote:
> Package: grep
> Version: 2.14-4
> Severity: important
> 
> Dear Maintainer,
> 
> The string '^\s*' is not catched at all when LC_CTYPE is set to any
> valid UTF-8 locale, but it is when LC_CTYPE is set to anything else
> (not really; in fact, this also affects 140 other locales + an empty
> LC_CTYPE).
> 
> user@sid:~$ locale
> LANG=en_US.UTF-8
> LANGUAGE=
> LC_CTYPE="en_US.UTF-8"
> LC_NUMERIC="en_US.UTF-8"
> LC_TIME="en_US.UTF-8"
> LC_COLLATE="en_US.UTF-8"
> LC_MONETARY="en_US.UTF-8"
> LC_MESSAGES="en_US.UTF-8"
> LC_PAPER="en_US.UTF-8"
> LC_NAME="en_US.UTF-8"
> LC_ADDRESS="en_US.UTF-8"
> LC_TELEPHONE="en_US.UTF-8"
> LC_MEASUREMENT="en_US.UTF-8"
> LC_IDENTIFICATION="en_US.UTF-8"
> LC_ALL=
> user@sid:~$ echo 'whatever you want' | grep '^\s*'
> user@sid:~$ echo 'whatever you want' | LC_CTYPE= grep '^\s*'
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=C grep '^\s*'
> whatever you want
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=POSIX grep '^\s*'
> whatever you want
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=FooBar grep '^\s*'
> whatever you want
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=not-valid-utf8 grep '^\s*'
> whatever you want
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=xx_XX.UTF-8 grep '^\s*'
> whatever you want
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=de_DE.UTF-8 grep '^\s*'
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=es_ES.UTF-8 grep '^\s*'
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=fr_FR.UTF-8 grep '^\s*'
> user@sid:~$ echo 'whatever you want' | LC_CTYPE=it_IT.UTF-8 grep '^\s*'
> user@sid:~$ # and so on
> 
> More:
> user@sid:~$ locale -a | wc -l
> 462
> user@sid:~$ for x in $(locale -a | grep '\.utf8$'); do echo 'foobar' | 
> LC_CTYPE=$x grep '^\s*'; done | wc -l
> 0
> user@sid:~$ for x in $(locale -a | grep -v '\.utf8$'); do echo 'foobar' | 
> LC_CTYPE=$x grep '^\s*'; done | wc -l
> 174
> 
> Also note that the command behaves as expected if '^\s*' is replaced by
> '^[[:space:]]*' or '^[[:blank:]]*' or '^[ ]*', or if \s is not at
> the beginning of the regex.
> 
> Cheers,
> quidame
> 
> 
> -- System Information:
> Debian Release: jessie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: i386 (i686)
> 
> Kernel: Linux 3.11-2-486
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> 
> Versions of packages grep depends on:
> ii  dpkg  1.17.1
> ii  libc6 2.17-96
> ii  libpcre3  1:8.31-2
> 
> grep recommends no packages.
> 
> grep suggests no packages.
> 
> -- no debconf information
> 


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#741084: cdbs: Include autotools configure --exec-prefix variable

[Santiago Ruano Rincón]

Package: cdbs
Version: 0.4.122
Severity: normal
Tags: patch

Hi, 

I've just moved grep packaging (version 2.18-1) to cdbs. One of the
manual settings I had to do is to configure the prefix of
architecture-dependent files (grep installs its binaries in /bin/).
Since I didn't find a specific cdbs autotools variable for this, I'm
using:
DEB_CONFIGURE_EXTRA_FLAGS += --exec-prefix=/

The attached patch adds DEB_CONFIGURE_EXECDIR to autotools-vars.mk

Cheers,

Santiago

PS. I admit that I used to dislike cdbs, but now I think it's useful.
Thanks a lot for you work!

-- System Information:
Debian Release: 7.2
  APT prefers stable
  APT policy: (500, 'stable'), (10, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

cdbs depends on no packages.

Versions of packages cdbs recommends:
ii  autotools-dev  20130810.1

Versions of packages cdbs suggests:
ii  devscripts  2.14.1

-- debconf-show failed
diff --git a/1/class/autotools-vars.mk.in b/1/class/autotools-vars.mk.in
index 13fff0b..fd493ba 100644
--- a/1/class/autotools-vars.mk.in
+++ b/1/class/autotools-vars.mk.in
@@ -45,6 +45,7 @@ DEB_CONFIGURE_SCRIPT ?= $(CURDIR)/$(DEB_SRCDIR)/configure
 DEB_CONFIGURE_CROSSBUILD_ARGS ?= --build=$(DEB_BUILD_GNU_TYPE) $(if $(cdbs_crossbuild),--host=$(DEB_HOST_GNU_TYPE))
 
 DEB_CONFIGURE_PREFIX ?=/usr
+DEB_CONFIGURE_EXECDIR ?=$(DEB_CONFIGURE_PREFIX)
 DEB_CONFIGURE_INCLUDEDIR ?= "\$${prefix}/include"
 DEB_CONFIGURE_MANDIR ?= "\$${prefix}/share/man"
 DEB_CONFIGURE_INFODIR ?= "\$${prefix}/share/info"
@@ -54,7 +55,15 @@ DEB_CONFIGURE_LIBEXECDIR ?= "\$${prefix}/lib/$(DEB_SOURCE_PACKAGE)"
 # --srcdir=. is required because otherwise configure wants to analyse
 # $0 to see whether a VPATH build is needed.  This tells it with
 # absolute certainly that this is NOT a VPATH build.
-DEB_CONFIGURE_PATH_ARGS ?= --prefix=$(DEB_CONFIGURE_PREFIX) --includedir=$(DEB_CONFIGURE_INCLUDEDIR) --mandir=$(DEB_CONFIGURE_MANDIR) --infodir=$(DEB_CONFIGURE_INFODIR) --sysconfdir=$(DEB_CONFIGURE_SYSCONFDIR) --localstatedir=$(DEB_CONFIGURE_LOCALSTATEDIR) --libexecdir=$(DEB_CONFIGURE_LIBEXECDIR) $(if $(subst $(DEB_SRCDIR),,$(cdbs_make_curbuilddir)),,--srcdir=.)
+DEB_CONFIGURE_PATH_ARGS ?= --prefix=$(DEB_CONFIGURE_PREFIX) \
+		   --exec-prefix=$(DEB_CONFIGURE_EXECDIR) \
+		   --includedir=$(DEB_CONFIGURE_INCLUDEDIR) \
+		   --mandir=$(DEB_CONFIGURE_MANDIR) \
+		   --infodir=$(DEB_CONFIGURE_INFODIR) \
+		   --sysconfdir=$(DEB_CONFIGURE_SYSCONFDIR) \
+		   --localstatedir=$(DEB_CONFIGURE_LOCALSTATEDIR) \
+		   --libexecdir=$(DEB_CONFIGURE_LIBEXECDIR) \
+		   $(if $(subst $(DEB_SRCDIR),,$(cdbs_make_curbuilddir)),,--srcdir=.)
 
 DEB_CONFIGURE_NORMAL_ARGS ?= $(DEB_CONFIGURE_CROSSBUILD_ARGS) $(DEB_CONFIGURE_PATH_ARGS) --disable-maintainer-mode --disable-dependency-tracking --disable-silent-rules
 


signature.asc
Description: Digital signature

Bug#741084: [Build-common-hackers] Bug#741084: cdbs: Include autotools configure --exec-prefix variable

[Santiago Ruano Rincón]

Hi Jonas,

El 08/03/14 a las 15:12, Jonas Smedegaard escribió:
...
> > The attached patch adds DEB_CONFIGURE_EXECDIR to autotools-vars.mk
> 
> Thanks for the proposed patch!
> 
> I wonder, however, if it is perhaps best to leave it as-is.
> 
> Goal of CDBS is to be flexible enough to not get in the way of unusual 
> settings, but it is not the goal to provide a specific CDBS variable to 
> express any and all need.
> 

In that case, you are right and the current status is a better approach.

> Seems to me that your current use of DEB_CONFIGURE_EXTRA_FLAGS is a good 
> approach.
> 
> Do you foresee that it might be an unreliable approach that future 
> changes to CDBS or other packages might break, or do you imagine this 
> particular setting to be more commonly useful for others, or why do you 
> propse the patch?
> 

No other reason than exec-prefix was lacking among the other seven
configure path arguments, and I was unsure whether
DEB_CONFIGURE_EXTRA_FLAGS was accurate (is --exec-path a flag?). Or
maybe should I use DEB_CONFIGURE_PATH_ARGS? 
I think that a specific variable, such as DEB_CONFIGURE_EXECDIR, prompts
a cdbs user more than the current general variable. But it is just my
feeling. And the patch is maybe not very useful, how many debian
packages would be in the same situation: autotools and binaries in /bin?

> 
> > PS. I admit that I used to dislike cdbs, but now I think it's useful. 
> > Thanks a lot for you work!
> 
> Yes, I noticed your switch to CDBS when the package entered Sid, and 
> appreciate both your switch and your elaboration of that decision in 
> changelog - as inspiration for others that CDBS is not obsolete ;-)
> 

It isn't! :)



signature.asc
Description: Digital signature

Bug#693917: grep: Bug in Debian patch: "LIB=" instead of "LIBS="

[Santiago Ruano Rincón]

tags 693917 + wheezy-ignore
tags 693917 + squeeze
tags 693917 + moreinfo
stop

Hi,

I'm unable to reproduce this bug on unstable, I suppose it's a
squeeze-related bug?

Thanks for reporting the bug,

On 21/11/12 19:33, Bjarni Ingi Gislason wrote:
> Source: grep
> Version: 2.14-1
> Severity: serious
> Tags: patch
> Justification: fails to build from source (but built successfully in the past)
> 
>   Last part of output from "make":
> 
>   CCLD grep
> libgrep.a(pcresearch.o): In function `Pcompile':
> pcresearch.c:(.text+0x433): undefined reference to `dlopen'
> pcresearch.c:(.text+0x449): undefined reference to `dlsym'
> pcresearch.c:(.text+0x462): undefined reference to `dlsym'
> pcresearch.c:(.text+0x47b): undefined reference to `dlsym'
> pcresearch.c:(.text+0x494): undefined reference to `dlsym'
> collect2: ld returned 1 exit status
> make[2]: *** [grep] Error 1
> make[2]: Leaving directory `/tmp/grep-2.14/src'
> make[1]: *** [all-recursive] Error 1
> make[1]: Leaving directory `/tmp/grep-2.14'
> make: *** [all] Error 2
> 
>   Patch:
> 
> --- 03-397262-dlopen-pcre.patch   2011-07-06 08:05:37.0 +
> +++ 03-397262-dlopen-pcre.patch.new   2012-11-20 21:19:39.0 +
> @@ -12,7 +12,7 @@ Modified by Marco d'Itri 
> test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
> test "$ac_cv_search_pcre_compile" = "none required" ||
>  - LIB_PCRE=$ac_cv_search_pcre_compile
> -+ LIB="-ldl $LIBS"
> ++ LIBS="-ldl $LIBS"
>   fi
>   
> for ac_func in pcre_compile
> 
> 
> -- System Information:
> Debian Release: 6.0.6
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
> 'stable')
> Architecture: i386 (i586)
> 
> Kernel: Linux 2.6.32-45
> Locale: LANG=is_IS, LC_CTYPE=is_IS (charmap=ISO-8859-1)
> Shell: /bin/sh linked to /bin/dash
> 
> Versions of packages grep depends on:
> ii  dpkg  1.15.8.13  Debian package management system
> ii  install-info  4.13a.dfsg.1-6 Manage installed documentation 
> in 
> ii  libc6 2.11.3-4   Embedded GNU C Library: Shared 
> lib
> 
> grep recommends no packages.
> 
> Versions of packages grep suggests:
> ii  libpcre3  8.02-1.1   Perl 5 Compatible Regular 
> Expressi
> 
> -- no debconf information
> 


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#358483: Maybe fixed bug (grep: can't grep [$'\x80'] in some locales)

[Santiago Ruano Rincón]

Hi,

A similar bug [1] has been fixed by upstream.

[1] http://bugs.debian.org/624387

Please, could you try both, grep 2.8-2 from unstable and 2.8-3~1,
available at http://people.debian.org/~santiago/grep/ , and tell me if
this bug is solved?

Thanks,

Santiago



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#76011: Closing

[Santiago Ruano Rincón]

Eleven years since the bug was filled, I'm working to close this bug,
but better late than never.

I've slightly modified your patch to match the current files in grep
structure. Please tell me if this would be correct:

--- a/src/main.c2011-06-01 18:55:32.0 +0200
+++ b/src/main.c2011-06-01 19:12:03.0 +0200
@@ -1267,7 +1267,7 @@
 status = count + 2;
   else
 {
-  if (count_matches)
+  if (count_matches && (count || (count_matches == 1)))
 {
   if (out_file)
 {
@@ -2088,14 +2088,23 @@
   }
 
   /* POSIX.2 says that -q overrides -l, which in turn overrides the
- other output options.  */
+ other output options.  We violate this slightly by allowing -c
+ and -l to coexist (print 'file:count' but skip if count==0).  */
   if (exit_on_match)
-list_files = 0;
-  if (exit_on_match | list_files)
 {
+  list_files = 0;
   count_matches = 0;
   done_on_match = 1;
 }
+  else if (list_files && count_matches)
+{
+  list_files = 0;
+  count_matches = 2;
+  done_on_match = 0;
+}
+  else if (list_files)
+done_on_match = 1;
+
   out_quiet = count_matches | done_on_match;
 
   if (out_after < 0)

I've put the patch in debian's git repository in collab-maint
git://git.debian.org/git/collab-maint/grep.git , and upload a test
package to http://people.debian.org/~santiago/grep/  Could you please
try it out?

Thanks a lot, and really sorry for not taking care of this bug before,

Santiago





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#76011: reopening

[Santiago Ruano Rincón]

package grep
reopen 76011
forward 76011 https://savannah.gnu.org/patch/?7577
thanks

Upstream doesn't agree to apply this patch. Besides it doesn't comply
with POSIX standard, it doesn't work properly with with grep -Lc.
Upstreams proposes to use another aproach, introducing a new --min-count
[1] option, which mixed with -c, would have the same output.

[1] https://savannah.gnu.org/patch/index.php?6588

Cheers!

Santiago





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#632733: libevince3-3 conflicts and replaces libevince3

[Santiago Ruano Rincón]

package evince
tags 632733 + patch
thanks

Hi,

This conflict can be resolved in debian/control: In the patch attached
libevince3-3 Replaces and Conflicts libevince3.

Cheers!

Santiago
--- evince-3.0.2.orig/debian/control.in	2011-06-30 01:56:19.0 +0200
+++ evince-3.0.2/debian/control.in	2011-08-18 20:59:55.0 +0200
@@ -123,7 +123,8 @@
 Section: libs
 Depends: ${shlibs:Depends},
  ${misc:Depends}
-Replaces: evince (<< 2.26.2), evince-gtk (<< 2.26.2)
+Replaces: evince (<< 2.26.2), evince-gtk (<< 2.26.2), libevince3
+Conflicts: libevince3
 Description: Document (PostScript, PDF) rendering library
  This package contains evince-related libraries for rendering and displaying
  Evince documents like PostScript (PS), Encapsulated PostScript (EPS), DJVU,

Bug#717821: opu: package grep/2.6.3-3

[Santiago Ruano Rincón]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: opu

A security issue is open in squeeze (bug #701897). It is not an urgent
problem but, as suggested by the security team, it would be good to
solve it.

I have to say that I've been unable to reproduce this bug in different
scenarios, including my amd64 running squeeze. However, this bug has
been confirmed by upstream and several distributions.

The proposed change is a simple solution, limiting the length of the
input line, and it shouldn't have side effects.

Proposed patch attached.

May I go ahead?

Cheers,

Santiago

-- System Information:
Debian Release: 7.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/debian/changelog b/debian/changelog
index b94f84e..09ce4a5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+grep (2.6.3-3+squeeze1) oldstable; urgency=low
+
+  * Fixes CVE-2012-5667. Patch by Jaroslav Škarvada
+https://bugzilla.redhat.com/show_bug.cgi?id=889935
+Closes: #701897
+
+ -- Santiago Ruano Rincón   Thu, 25 Jul 2013 10:13:24 +0200
+
 grep (2.6.3-3) unstable; urgency=high
 
   * Ignore MMAP_OPTION
diff --git a/debian/patches/85-CVE-2012-5667.patch b/debian/patches/85-CVE-2012-5667.patch
new file mode 100644
index 000..dfaf9e8
--- /dev/null
+++ b/debian/patches/85-CVE-2012-5667.patch
@@ -0,0 +1,14 @@
+--- grep-2.6.3/src/main.c.orig	2013-01-24 10:01:14.0 +0100
 grep-2.6.3/src/main.c	2013-01-24 10:06:11.040824147 +0100
+@@ -479,6 +479,11 @@ fillbuf (size_t save, struct stats const
+   int cc = 1;
+   char *readbuf;
+   size_t readsize;
++  const size_t max_save = INT_MAX / 2;
++
++  /* Limit the amount of saved data to INT_MAX to fix CVE-2012-5667 */
++  if (save > max_save)
++error (2, 0, _("line too long"));
+ 
+   /* Offset from start of buffer to start of old stuff
+  that we want to save.  */
diff --git a/debian/patches/series b/debian/patches/series
index cecdc61..c0389ca 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@
 04-446854-grep.1.patch
 05-kwset.c.patch
 06-578709-ignore-MMAP_OPTION.patch
+85-CVE-2012-5667.patch
\ No newline at end of file


signature.asc
Description: Digital signature

Bug#717821: opu: package grep/2.6.3-3

[Santiago Ruano Rincón]

On 25/07/13 21:12, Adam D. Barratt wrote:
> user release.debian@packages.debian.org
> usertags 717821 = pu
> tags 717821 + squeeze confirmed
> thanks
> 
> On Thu, 2013-07-25 at 14:26 +0200, Santiago Ruano Rincón wrote:
>> A security issue is open in squeeze (bug #701897). It is not an urgent
>> problem but, as suggested by the security team, it would be good to
>> solve it.
> 
> Please go ahead; thanks.
> 
> Regards,
> 
> Adam
> 

Done. Thank you!

Santiago


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#446854: [patch #8132] Simplify information on EXIT STATUS

[Santiago Ruano Rincón]

URL:
  

 Summary: Simplify information on EXIT STATUS
 Project: grep
Submitted by: santiago
Submitted on: vie 26 jul 2013 19:40:18 GMT
Category: None
Priority: 5 - Normal
  Status: None
 Privacy: Public
 Assigned to: None
Originator Email: 
 Open/Closed: Open
 Discussion Lock: Any

___

Details:

Hi,

The attached patch submitted to debian (bug #446854) simplifies and clarifies
the EXIT STATUS information. Please, consider it for a next release.

http://bugs.debian.org/446854

Cheers!

Santiago



___

File Attachments:


---
Date: vie 26 jul 2013 19:40:18 GMT  Name: 04-446854-grep.1.patch  Size: 1kB  
By: santiago



___

Reply to this item at:

  

___
  Mensaje enviado vía/por Savannah
  http://savannah.gnu.org/


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#655293: grep range matches lowercase characters

[Santiago Ruano Rincón]

Package: grep
Followup-For: Bug #655293
Control: fixed 655293 2.8-1

This bug was fixed by upstream in 2.8


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#608826: grep -i fails with certain data on UTF-8 locale

[Santiago Ruano Rincón]

Package: grep
Followup-For: Bug #608826
Control: tags 608826 + unreproducible

Hi, 

I'm unable to reproduce this bug. Could you please reverify it or
provide more info?

I got this in wheezy and squeeze:

LANC=C grep -i jpg ungreppable-jpg.txt
http://upload.wikimedia.org/wikipedia/commons/f/ff/İstanbul_6075.jpg
http://upload.wikimedia.org/wikipedia/commons/c/c9/Dornburg_an_der_Saale_Dornburger_Schlösser_Renaissanceschloss_Foto_2008_Wolfgang_Pehlemann_Wiesbaden_IMG_0106.jpg

LANG=en_US-UTF-8 grep -i jpg ungreppable-jpg.txt
http://upload.wikimedia.org/wikipedia/commons/f/ff/İstanbul_6075.jpg
http://upload.wikimedia.org/wikipedia/commons/c/c9/Dornburg_an_der_Saale_Dornburger_Schlösser_Renaissanceschloss_Foto_2008_Wolfgang_Pehlemann_Wiesbaden_IMG_0106.jpg

LANC=es_CO-UTF-8 grep -i jpg ungreppable-jpg.txt
http://upload.wikimedia.org/wikipedia/commons/f/ff/İstanbul_6075.jpg
http://upload.wikimedia.org/wikipedia/commons/c/c9/Dornburg_an_der_Saale_Dornburger_Schlösser_Renaissanceschloss_Foto_2008_Wolfgang_Pehlemann_Wiesbaden_IMG_0106.jpg

LANC=es_ES-UTF-8 grep -i jpg
ungreppable-jpg.txt
http://upload.wikimedia.org/wikipedia/commons/f/ff/İstanbul_6075.jpg
http://upload.wikimedia.org/wikipedia/commons/c/c9/Dornburg_an_der_Saale_Dornburger_Schlösser_Renaissanceschloss_Foto_2008_Wolfgang_Pehlemann_Wiesbaden_IMG_0106.jpg

My locale -a:
C
C.UTF-8
en_US.utf8
es_CO.utf8
es_ES.utf8
POSIX

Regards,

Santiago

-- System Information:
Debian Release: 7.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages grep depends on:
ii  dpkg  1.16.10
ii  install-info  4.13a.dfsg.1-10
ii  libc6 2.13-38

grep recommends no packages.

Versions of packages grep suggests:
ii  libpcre3  1:8.30-5

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#547693: Unreproducible

[Santiago Ruano Rincón]

package grep
tags 547693 + unreproducible
thanks

Hi, 

Could you still reproduce this bug? I get this trying another regexp in
the same man page (grep found nothing with the old one):

$ LC_ALL=C /usr/bin/man perlfunc|grep -P '^\s+-'
   -X FILEHANDLE
   -X EXPR
   -X DIRHANDLE
   -X  A file test, where X is one of the letters listed below. This unary 
operator takes one argument, either a 

Thanks,

Santiago



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#648724: libgconf2-4: Already fixed in debian version

[Santiago Ruano Rincón]

Package: libgconf2-4
Followup-For: Bug #648724

Hi,

This fix was included since 3.2.4 upstream version, and then it is
already done in Debian:

$ ~/sugar-jhbuild/sugar-jhbuild run gconftool-2 --get 
/desktop/sugar/desktop/favorites_layout
ring-layout

I think the bug can be closed,

Santiago Ruano Rincón

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=es_CO.utf8, LC_CTYPE=es_CO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libgconf2-4 depends on:
ii  gconf-service  3.2.5-1
ii  libgconf-2-4   3.2.5-1

libgconf2-4 recommends no packages.

libgconf2-4 suggests no packages.

-- no debconf information

-- debsums errors found:
debsums: package libgconf2-4 is not installed



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#814557: Unsupported packages for Wheezy LTS

[Santiago Ruano Rincón]

Hi,

Given the recent bug triaging, security-support-ended.deb7 needs more
updating. I'm taking Mortiz's mail as reference, and I hope I are not
missing other info:

El 11/11/15 a las 21:59, Sebastian Ramacher escribió:
> Hi
> 
> On 2015-11-04 17:44:36, Raphael Hertzog wrote:
> > [ Many people are on copy, please trim the list as appropriate when you 
> > reply ]
> > 
> > On Wed, 19 Aug 2015, Moritz Muehlenhoff wrote:
> > > These need to be discussed, since they will be a significant
> > > time drain (e.g. are they in the sponsors's interests?). They
> > > are supportable, but it will take a lot of work and sometimes
> > > special domain knowledge:
> > > 
> > > icedove
> > > iceweasel

Any decision yet?
I could take a look to iceweasel/firefox next week, although I'm not
familiar enough with it.

> > > qemu
> > > qemu-kvm
> > > xen
xen will be supported.
> > > libvirt

qemu and qemu-kvm were triaged as unsupported for CVE-2016-3712, but I
think Guido is studying how to support virtualisation related packages,
and maybe we should wait for his evaluation.


> > > ffmpeg -> libav
waiting for input.

> > > vlc
> > > rails -> several split packages (only the 3.2 packages are supported in 
> > > wheezy)
...
> 
> The versions of libav and vlc in wheezy are all EOLed upstream. vlc is also
> behind some upstream releases in the 2.0.x series. If anyone intends to keep 
> vlc
> alive for wheezy LTS, I'd recommend to upgrade to latest release there first.

For CVE-2016-3941, vlc has been triaged as unsupported in wheezy, so I
updated security-support-ended.deb7 accordingly in git.

What about rails?

Also, Antoine has filled a bug [1] regarding libmatroska and libebml,
but DLA-420-1 and DLA-438-1 addressed those packages. Antoine, why they
should be tagged as not-supported?

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814557

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#824081: Debian bug report

[Santiago Ruano Rincón]

El 12/05/16 a las 02:39, Raphaël Halimi escribió:
> Package: debian-security-support
> Version: 2016.05.09+nmu1
> 
> Hi,
> 
> For some time now (a couple of weeks, maybe more), dpkg systematically
> throws out (benign) errors after most operations:
> 
> find: Failed to restore initial working directory: /home/raph:
> Permission denied
> 
> It seems to be due to debian-security-support, because removing the
> package suppress these errors.
> 
> I guess it may have gone unnoticed for so long by most people since
> Debian's default is to have world-readable home directories, which I
> changed in /etc/adduser.conf.
> 
> Regards,
> 
> -- 
> Raphaël Halimi
> 

Hi Raphaël,

For providing debugging information, could you please add set -x to the
hook script:
/usr/share/debian-security-support/check-support-status.hook

Also, have you trying downgrading?

Cheers,

Santiago

Bug#824015: Unsupported packages for Wheezy LTS

[Santiago Ruano Rincón]

Hi,

El 13/05/16 a las 09:51, Raphael Hertzog escribió:
> Hello,
> 
> On Thu, 12 May 2016, Markus Koschany wrote:
> > I saw those commits too yesterday. I would suggest that we discuss EOLed
> > packages on debian-lts before we mark CVEs as unsupported in Wheezy LTS.
> 
> Definitely, we should not mark CVE as "end-of-life" before we agreed to
> mark it as such in debian-security-support...
> 
> That said for vlc I think no customers expressed any need for that
> package.
> 
> So I think we can stick to this decision and actually put it into
> debian-security-support, even if we are going to support libav...
> because vlc has many security issues of its own and contrary to libav
> it's not a reverse dependency for many packages AFAIK.
> 
> > findings. The same goes for vlc and Brian May's investigation into the
> > maintainability of libav and related apps. In any case we should always
> > update debian-security-support as well when we decide to end support for
> > packages.
> 
> And announce those changes at the same time ideally.

Through DLAs maybe?

I have a pending upload to close #824015, but now I'd prefer to wait
until May 23, for giving time to decide on this, and to wait for more
translations for the updated debconf template.

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#824081: Debian bug report

[Santiago Ruano Rincón]

El 13/05/16 a las 10:16, Raphael Hertzog escribió:
> Hi,
> 
> On Fri, 13 May 2016, Santiago Ruano Rincón wrote:
> > For providing debugging information, could you please add set -x to the
> > hook script:
> > /usr/share/debian-security-support/check-support-status.hook
> > 
> > Also, have you trying downgrading?
> 
> I don't think that any of this is required... the problem is that we run
> the hook from the current directory which is not accessible to the
> "debian-security-support" user. We should probably just "cd /" at the
> start of the hook script...
> 
> Or "cd $TEMPDIR" before running check-support-status.

Try this package then:
https://people.debian.org/~santiago/debian/santiago-unstable/debian-security-support_2016.05.13~1_all.deb

Santiago


signature.asc
Description: PGP signature

Bug#824467: [INTL:da] Danish translation of the debconf templates debian-security-support

[Santiago Ruano Rincón]

Control: tags -1 + pending
thanks

Santiago

Bug#824643: debian-security-support: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Santiago Ruano Rincón]

Tags: -1 + pending
Thanks!

El 18/05/16 a las 08:06, Adriano Rafael Gomes escribió:
> Package: debian-security-support
> Tags: l10n patch
> Severity: wishlist
> 
> Hello,
> 
> Please, Could you update the Brazilian Portuguese Translation?
> 
> Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
> tested with msgfmt and podebconf-display-po.
> 
> Kind regards.

Bug#824932: python3-ripe-atlas-cousteau: missing dependencies

[Santiago Ruano Rincón]

Package: python3-ripe-atlas-cousteau
Version: 1.2-1
Severity: serious
Justification: Policy 7.2

Dear Maintainer,

I needed to manually install python3-socketio-client to import cousteau when
running with python3. It is ok with python2. python3-ripe-atlas-cousteau's
dependencies are empty:

% dpkg --info /var/cache/apt/archives/python3-ripe-atlas-cousteau_1.2-1_all.deb 
| grep Depends 
%

% dpkg --info /var/cache/apt/archives/python-ripe-atlas-cousteau_1.2-1_all.deb 
| grep Depends   
Depends: python-dateutil, python-requests, python-socketio-client, python:any 
(<< 2.8), python:any (>= 2.7.5-5~)

Cheers,

Santiago

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

-- no debconf information

Bug#820982: [Pkg-samba-maint] Bug#821811: samba: badlock patch breaks trust relationship

[Santiago Ruano Rincón]

El 23/05/16 a las 22:28, Andrew Bartlett escribió:
> On Wed, 2016-05-18 at 15:47 -0400, Antoine Beaupré wrote:
> > On 2016-04-29 08:55:43, Santiago Ruano Rincón wrote:
> > > Dear Samba maintainers,
> > > 
> > > Any updates about this bug?
> > > 
> > > LTS Team, anyone could help to handle it?
> > > 
> > > According to comment#17 in
> > > https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1572122
> > > Andreas Schneider prepared a fix for 3.6.25.
> > 
> > Hi again!
> > 
> > Should the LTS team prepare a regression update to the wheezy version
> > at
> > least?
> 
> That would be a good idea at this point.
> 
> I'm happy to review things, just not had the time to switch back on to
> debian matters.
> 
> Andrew Bartlett

Hi,

To the current package in git, I have added some patches imported from
the Ubuntu package, versions 2:3.6.25-0ubuntu0.12.04.3 and
2:3.6.25-0ubuntu0.12.04.4. The debdiff is attached. Andrew, could you
please take a look on it? Also, test package is available at:

deb https://people.debian.org/~santiago/debian santiago-wheezy/
deb-src https://people.debian.org/~santiago/debian santiago-wheezy/

Please, test them. I don't have the infrastructure to actually verify
they solve the regressions. So, if somebody else would like to claim
this package, please do it!

Cheers,

Santiago
diff -Nru samba-3.6.6/debian/changelog samba-3.6.6/debian/changelog
--- samba-3.6.6/debian/changelog2016-04-12 18:34:29.0 +0200
+++ samba-3.6.6/debian/changelog2016-05-26 09:38:01.0 +0200
@@ -1,3 +1,27 @@
+samba (2:3.6.6-6+deb7u10~2) santiago-wheezy; urgency=high
+
+  [ Andrew Bartlett ]
+  * Remove patch for CVE-2016-2115 as it causes too much trouble.
+- The 3.6 client could not talk to the 3.6 server out of the box 
(ACCESS_DENIED)
+- Administrators should instead set 'client signing = required' if desired
+- Closes: #820982
+  * Add NEWS file
+
+  [ Santiago Ruano Rincón ]
+  * Non-maintainer upload by the LTS Team.
+  * Fix regression introduced by badlock patch in rpc_server. Closes: #821811.
+  * debian/patches/netlogon_credentials_regression.patch: Fix updating
+netlogon credentials in source3/rpc_client/cli_pipe.c (Impored from
+Ubuntu).
+  * debian/patches/bug9669_regression.patch: fix a crash when running net rpc
+join against an older Samba PDC in source3/rpc_client/cli_pipe.c (Imported
+from Ubuntu).
+  * debian/patches/fix_netapp.patch: don't require NTLMSSP_SIGN for smb
+connections in source3/libsmb/ntlmssp.c (Imported from Ubuntu).
+  * Thanks to Andreas Schneider.
+
+ -- Santiago Ruano Rincón   Thu, 26 May 2016 09:37:57 
+0200
+
 samba (2:3.6.6-6+deb7u9) wheezy-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru samba-3.6.6/debian/NEWS samba-3.6.6/debian/NEWS
--- samba-3.6.6/debian/NEWS 2016-04-12 18:34:29.0 +0200
+++ samba-3.6.6/debian/NEWS 2016-04-29 14:12:50.0 +0200
@@ -1,3 +1,76 @@
+samba (2:3.6.6-6+deb7u10) wheezy-security; urgency=high
+
+This Samba security release addresses both Denial of Service and Man in
+the Middle vulnerabilities.
+
+A significant number of patches were back-ported, and in some areas
+of winbindd the behaviour is now more like Samba 4.2 than 3.6
+
+This new security patch implements new smb.conf options and a
+number of stricter behaviours to prevent Man in the Middle attacks
+on our network services, as a client and as a server.
+
+Between these changes, compatibility with a large number of older
+software versions has been lost in the default configuration.
+
+See the release notes in WHATNEW.txt for more information.
+
+
+Here are some additional hints how to work around the new stricter default 
behaviors:
+
+* As a File Server, compatibility with the Linux Kernel cifs
+  client depends on which configuration options are selected, please
+  use "sec=krb5(i)" or "sec=ntlmssp(i)", not "sec=ntlmv2".
+
+* As a file or printer client and as a domain member, out of the
+  box compatibility with Samba less than 4.0 and other SMB/CIFS
+  servers, depends on support for SMB signing or SMB2 on the
+  server, which is often disabled or absent. You may need to
+  adjust the "client ipc signing" to "no" in these cases.
+
+However, all of these can be worked around by setting smb.conf
+options in Samba, see the 4.2.0 and 4.2.11 release notes (because
+many of the fixes are backported from there) at
+https://www.samba.org/samba/history/samba-4.2.0.html and
+https://www.samba.org/samba/history/samba-4.2.11.html and the
+Samba wiki for details, workarounds and suggested
+security-improving changes to these and other software packag

Bug#807641: grep: --exclude no longer works against arguments with a directory name

[Santiago Ruano Rincón]

Vincent,

Thanks for having reported and forwarded the issue to upstream.

Cheers,

Santiago


signature.asc
Description: Digital signature

Bug#825726: debian-security-support: [INTL:it] Updated Italian debconf translation

[Santiago Ruano Rincón]

Control: tags -1 + pending
Thanks

pushed into the git repo.

Thanks,

Santiago


signature.asc
Description: PGP signature

Bug#825984: grep: please avoid deprecated cdbs patchsys-quilt snippet (bump source format instead)

[Santiago Ruano Rincón]

Control: tags -1 + pending
Thanks

Hi,

El 01/06/16 a las 08:35, Jonas Smedegaard escribió:

…

> I noticed in recent changelog entry your using cdbs patchsys-quilt.mk.
> 
> Please don't: That snippet is deprecated for some time and may be
> removed soon.  Instead, bump the source format to "3.0 (quilt)".

Thanks for the heads-up! I have added the snippet to run a autopkgtest
script. I have now reviewed it to correct the build targets that must
apply the patches.

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#826640: debian-security-support: [INTL:ja] Japanese debconf template translation

[Santiago Ruano Rincón]

Package: debian-security-support
Severity: wishlist
Tags: l10n patch

El 05/06/16 a las 21:17, victory escribió:
> On Thu, 12 May 2016 10:49:45 +0200
> Santiago R.R. wrote:
> 
> > Please send the updated file to me, or submit it as a wishlist bug
> > against debian-security-support.
> > The deadline for receiving the updated translation is
> > Sun, 22 May 2016 10:34:28 +0200.
> 
> just forgot to send ... :(
> attached :)

Thanks. To keep the record, I am filling a bug.

Cheers,

Santiago
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the 
debian-security-support package.
# victory , 2014,2016.
# 
msgid ""
msgstr ""
"Project-Id-Version: debian-security-support 2016.05.11\n"
"Report-Msgid-Bugs-To: debian-security-supp...@packages.debian.org\n"
"POT-Creation-Date: 2016-05-12 09:42+0200\n"
"PO-Revision-Date: 2016-05-12 16:42+0900\n"
"Last-Translator: victory \n"
"Language-Team: Japanese \n"
"Language: ja\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#. Type: text
#. Description
#: ../debian-security-support.templates:2001
msgid "Ended security support for one or more packages"
msgstr "セキュリティサポートを終了したパッケージがあります"

#. Type: text
#. Description
#: ../debian-security-support.templates:2001
msgid ""
"Unfortunately, it has been necessary to end security support for some "
"packages before the end of the regular security maintenance life cycle."
msgstr ""
"残念ながら、通常のセキュリティ保守のライフサイクルが終了する前に一部のパッ"
"ケージについてセキュリティサポートを打ち切る必要がありました。"

#. Type: text
#. Description
#. Type: text
#. Description
#. Type: text
#. Description
#: ../debian-security-support.templates:2001
#: ../debian-security-support.templates:3001
#: ../debian-security-support.templates:4001
msgid "The following packages found on this system are affected by this:"
msgstr "影響を受けるパッケージとして、このシステムに以下が見つかりました。"

#. Type: text
#. Description
#: ../debian-security-support.templates:3001
msgid "Limited security support for one or more packages"
msgstr "セキュリティサポートの限定されているパッケージがあります"

#. Type: text
#. Description
#: ../debian-security-support.templates:3001
msgid ""
"Unfortunately, it has been necessary to limit security support for some "
"packages."
msgstr ""
"残念ながら、一部のパッケージでセキュリティサポートを限定する必要がありまし"
"た。"

#. Type: text
#. Description
#: ../debian-security-support.templates:4001
msgid "Future end of support for one or more packages"
msgstr "サポートの終了が予定されているパッケージがあります"

#. Type: text
#. Description
#: ../debian-security-support.templates:4001
msgid ""
"Unfortunately, it will be necessary to end security support for some "
"packages before the end of the regular security maintenance life cycle."
msgstr ""
"残念ながら、通常のセキュリティ保守のライフサイクルが終了する前に一部のパッ"
"ケージについてセキュリティサポートを打ち切る必要があります。"

Bug#826640: Acknowledgement (debian-security-support: [INTL:ja] Japanese debconf template translation )

[Santiago Ruano Rincón]

Control: tags -1 + pending
Thanks

Bug#819243: jessie-pu, wheezy-pu: package librsvg/2.40.5-1 and librsvg/2.36.1-2

[Santiago Ruano Rincón]

Package: release.debian.org
Severity: normal
Tags: jessie, wheezy
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi,

Please consider the following debdiffs to fix librsvg's CVE-2015-7557
for Jessie and Wheezy. This is a no-dsa bug, that could fit a point
release. It applies the following simple patch, that upstream proposed
against 2.40.6.

https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df

The patch was also applied in squeeze-lts.

Thanks,

Santiago

-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJW9UHYAAoJEN5v/bjI1ki9aUAQAKBpOevzSdKuCDOpUAmTqZz8
6QN45GPNN8aS7ipPOlvJCAzCMQtI66TDzJs86JsWGH+f4SWaPnNi3StMKAg8oYVV
q3iH5sBMo11znbAyhZdp9JmgKwtp5EYMQfc7H8l7fTcokVzMdhi4Eabc3Mzy/hEl
XYPQ6o3ZkssOuRlQC1csWytrgyc7zGd4Vy5EfeGyVXmOFGYmwPZt2FytPO+xFT4B
03k4a1BF+JtubUgL6L/4c6zcJznTo143QKeYq7A1oPo5S4zFcXysw/0PqcEINZEl
A99lQ+Yy4QDOVIqOwckm5yGKsOUMmY+W6fGoCtBYgSYhIKGEcuAjpx5ceUhBkGA9
MvyOqsu3n7F2dPoEJcwaugU0qEuPu2BcZ3Wv2Wqpe6RxbyuJpMUrZtwvXJKrimMK
OY/ckfED3gjXJDyzLZK7pcH6YOGagwbHRiYgvh+Y96xxYk/lw0HH6QvBINaLBoeU
PWjMrKUS2JBJtxwbwgPUTjoJJY5YpTVtGG5Z5NvqFFeKWJECzFhb5avRorp540oz
0uTVCwBlHA6HbXNYfoa7d+0uhWdzwSxtdpNROEu05KDrkcirDsofxGW6gAbeh94z
BbGbhZiJWXXGq1WKkG3VIoUoZFOmNj2HSe7ixjLfZKDG0iMR/2RflgOSv7AF/O7B
Ux9JBz+B6YIMk8JcyeSD
=RZdT
-END PGP SIGNATURE-
diff -Nru librsvg-2.40.5/debian/changelog librsvg-2.40.5/debian/changelog
--- librsvg-2.40.5/debian/changelog	2014-10-14 16:48:24.0 +0200
+++ librsvg-2.40.5/debian/changelog	2016-03-24 11:04:24.0 +0100
@@ -1,3 +1,10 @@
+librsvg (2.40.5-1+deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2015-7557: Out-of-bounds heap read when parsing SVG file.
+
+ -- Santiago Ruano Rincón   Thu, 24 Mar 2016 11:02:20 +0100
+
 librsvg (2.40.5-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru librsvg-2.40.5/debian/patches/CVE-2015-7557.patch librsvg-2.40.5/debian/patches/CVE-2015-7557.patch
--- librsvg-2.40.5/debian/patches/CVE-2015-7557.patch	1970-01-01 01:00:00.0 +0100
+++ librsvg-2.40.5/debian/patches/CVE-2015-7557.patch	2016-03-24 11:05:21.0 +0100
@@ -0,0 +1,50 @@
+From 40af93e6eb1c94b90c3b9a0b87e0840e126bb8df Mon Sep 17 00:00:00 2001
+From: Federico Mena Quintero 
+Date: Thu, 5 Feb 2015 18:08:25 -0600
+Subject: bgo#738050 - Handle the case where a list of coordinate pairs has an
+ odd number of elements
+
+Lists of points come in coordinate pairs, but we didn't have any checking for that.
+It was possible to try to fetch the 'last' coordinate in a list, i.e. the y coordinate
+of an x,y pair, that was in fact missing, leading to an out-of-bounds array read.
+
+In that case, we now reuse the last-known y coordinate.
+
+Fixes https://bugzilla.gnome.org/show_bug.cgi?id=738050
+
+Signed-off-by: Federico Mena Quintero 
+---
+ rsvg-shapes.c | 14 +-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/rsvg-shapes.c b/rsvg-shapes.c
+index c13b90c..e4a705d 100644
+--- a/rsvg-shapes.c
 b/rsvg-shapes.c
+@@ -169,10 +169,22 @@ _rsvg_node_poly_build_path (const char *value,
+ 
+ /* "L %f %f " */
+ for (i = 2; i < pointlist_len; i += 2) {
++double p;
++
+ g_string_append (d, " L ");
+ g_string_append (d, g_ascii_dtostr (buf, sizeof (buf), pointlist[i]));
+ g_string_append_c (d, ' ');
+-g_string_append (d, g_ascii_dtostr (buf, sizeof (buf), pointlist[i + 1]));
++
++/* We expect points to come in coordinate pairs.  But if there is a
++ * missing part of one pair in a corrupt SVG, we'll have an incomplete
++ * list.  In that case, we reuse the last-known Y coordinate.
++ */
++if (i + 1 < pointlist_len)
++p = pointlist[i + 1];
++else
++p = pointlist[i - 1];
++
++g_string_append (d, g_ascii_dtostr (buf, sizeof (buf), p));
+ }
+ 
+ if (close_path)
+-- 
+cgit v0.11.2
+
diff -Nru librsvg-2.40.5/debian/patches/series librsvg-2.40.5/debian/patches/series
--- librsvg-2.40.5/debian/patches/series	2014-09-15 00:58:58.0 +0200
+++ librsvg-2.40.5/debian/patches/series	2016-03-24 11:05:21.0 +0100
@@ -1,2 +1,3 @@
 10_rsvg-gz.patch
 20_rsvg_compat.patch
+CVE-2015-7557.patch
diff -Nru librsvg-2.36.1/debian/changelog librsvg-2.36.1/debian/changelog
--- librsvg-2.36.1/debian/changelog	2013-12-04 21:16:12.0 +0100
+++ librsvg-2.36.1/debian/changelog	2016-03-24 10:53:07.0 +0100
@@ -1,3 +1,10 @@
+librsvg (2.36.1-2+deb7u1) wheezy; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2015-7557: Out-of-bounds heap read when parsing SVG file.
+
+ -- Santiago Ruano Rincón   Thu, 24 Mar 2016 09:18:51 +0100
+
 librsvg (2.36.1-2) stable; urgency=low
 
   [ Raphaël Geissert ]
diff -Nru librsvg-2.36.1/debian/patches/CVE-2015-7557.patch librsvg-2.36.1/debian/patches/CVE-2015-7557.patch
--- librs

Bug#819243: jessie-pu, wheezy-pu: package librsvg/2.40.5-1 and librsvg/2.36.1-2

[Santiago Ruano Rincón]

El 25/03/16 a las 13:58, Adam D. Barratt escribió:
...
> 
> On Fri, 2016-03-25 at 14:49 +0100, Santiago Ruano Rincón wrote:
> > Package: release.debian.org
> > Severity: normal
> > Tags: jessie, wheezy
> 
> Please don't do that. They're separate uploads to separate suites, which
> may well be accepted (or not) and released separately.
> 

Ok, understood!

> > User: release.debian@packages.debian.org
> > Usertags: pu
> > 
> > Hi,
> > 
> > Please consider the following debdiffs to fix librsvg's CVE-2015-7557
> > for Jessie and Wheezy. This is a no-dsa bug, that could fit a point
> > release. It applies the following simple patch, that upstream proposed
> > against 2.40.6.
> 
> Please go ahead.
> 

Thanks. Packages uploaded.

Regards,

Santiago


signature.asc
Description: PGP signature

Bug#819493: debian-security-support: FTBFS on jessie: attemps to install nonexistent security-support-ended.deb8+deb8u3 file

[Santiago Ruano Rincón]

Source: debian-security-support
Version: 2015.04.04
Severity: serious
Tags: -1 + patch
Justification: Fails to build from source

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear Maintainer,

A jessie pbuilder fails to build debian-security-support. debian/rules
wrongly defines the debian version number, e.g. 8+deb8u3 instead of 8,
so the install rule attempts to copy a nonexistent file.

...
make[1]: Leaving directory '/build/debian-security-support-2015.04.04'
   debian/rules override_dh_install
make[1]: Entering directory '/build/debian-security-support-2015.04.04'
mkdir -p debian/debian-security-support/usr/share/debian-security-support/
cp security-support-ended.deb8+deb8u3 
debian/debian-security-support/usr/share/debian-security-support/security-support-ended
cp: cannot stat 'security-support-ended.deb8+deb8u3': No such file or directory
debian/rules:26: recipe for target 'override_dh_install' failed
make[1]: *** [override_dh_install] Error 1
...

The attached simple patch fixes this.

Cheers,

Santiago

-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJW+pupAAoJEN5v/bjI1ki9DhQP/0qliFz2gR46N339dCVigOtb
4+Q5OXpCgKcuGnN9swyK/vDSQI6Thd6U3ot2og1e3TC+MyJRjWb7nJVv+4G7UZO9
7VT0MhLzKrRkF6nAbh5AMAmCJZ2X3CtEte/kWtwp4bKNm5NnXdZML0jgIcdLwWUq
2m0N3hI74RtiDhwa71jFq8g6aibLBlfy3DbtKu8pHb60NFLhOffMDBxDeMZVoixv
/bYxpjjP20UmhRSBQTDxd9eY6EXB1Z6ENcbypknNhhA92P5t6Kl4hig0SrclBORd
u+aPxIOaTy+PgK5yV/BMK+8JC7DqbYUynh5Nh2KjQYGGsOo9vzJfaSQ8a7KUwBMt
8XO/XGlJC8ts7ytTVWJy2L/bW5VdNtpWrUuTt8j63iBSveEiGVz+knoIcR7kalxN
Bm0PqH/Orp2dg3+4y5UzatVgG2yBn0Bg9OJozQJ5DYUfm4Zs4S++2to8JPc1qy4p
buKlCv7r6jwHgw7XvsXuNE3z9lHAcWdv8NQWXCubcxRJj4O3aNZBIho/heIvUjFx
JSfKQd7y93WuIC8sTMucjl+9lBDfRWEcAf2bdSILwDRsGel5PvBrYwqFbX9Rd8iL
LmQOF1C3XpvHXWeMeMPbK98S8786DtquBpYKI7QDkCXiN2li/LUAfPSio0OYkLwx
c7KnFo64HipvreOS9OE8
=8StA
-END PGP SIGNATURE-
>From e128231a940017c0ac71cb05c290beb91231deda Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Ruano=20Rinc=C3=B3n?= 
Date: Tue, 29 Mar 2016 15:50:15 +0200
Subject: [PATCH] cuts +debXuY suffix debian version

---
 debian/rules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/rules b/debian/rules
index 12ebd38..10e034a 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,6 +1,6 @@
 #!/usr/bin/make -f
 
-DEBIAN_VERSION ?= $(shell LANG=C dpkg -l base-files | awk '($$1=="ii"){print $$3}' | cut -d. -f1)
+DEBIAN_VERSION ?= $(shell LANG=C dpkg -l base-files | awk '($$1=="ii"){print $$3}' | cut -d. -f1 | cut -d+ -f1)
 
 %:
 	dh $@
-- 
2.8.0.rc3

Bug#818843: debian-security-support: new earlyend type, consider future end of support

[Santiago Ruano Rincón]

El 21/03/16 a las 18:00, Markus Koschany escribió:
> Am 21.03.2016 um 00:38 schrieb Santiago Ruano Rincón:
...
> > Also, would it be better to have a separate list file for earlyend?
> 
> Hi,
> 
> I think one file (security-support-ended.deb7) where we store all the
> information should be sufficient. I applied your patch and tested it on
> Wheezy and it seems to work as intended.
> 

Hi,

Thanks for testing! I have uploaded pushed some changes into
collab-maint. There is also a test package available at:

deb https://people.debian.org/~santiago/debian wheezy/
deb-src https://people.debian.org/~santiago/debian wheezy/

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#740998: problems with rdnssd and network-manager both installed in jessie

[Santiago Ruano Rincón]

El 11/10/15 a las 23:29, Dominic Hargreaves escribió:
> On Sun, Oct 11, 2015 at 05:45:05PM +0100, Adam D. Barratt wrote:
> > On Sun, 2015-10-11 at 16:50 +0100, Dominic Hargreaves wrote:
> > > On Sat, Feb 14, 2015 at 01:36:05AM +, Debian Bug Tracking System 
> > > wrote:
> > > 
> > > >  ndisc6 (1.0.1-2) unstable; urgency=medium
> > > >  .
> > > >* QA upload.
> > > >* Set maintainer to the Debian QA Group (see #713004).
> > > >* Add conflicts between rdnssd and network-manager (closes: #740998).
> > > 
> > > This bug just hit me in Debian stable (as it happens, it appeared to
> > > be a particularly severe form where /etc/resolv.conf was wiped out
> > > altogether; perhaps some sort of race condition?)

...

Hi,

My stable powerpc machine got also hit by this. It was installed a
couple of months ago, but maybe the problem appeared after my internet
provider made some IPv6 changes. rdnssd's merge-hook just replaces
/etc/resolv.conf with an empty file.

Neither resolvconf nor network-manager were installed on the machine, so
I don't think conflicting against network-manager solves the issue.

Playing inside a temporal directory, the patch provided by Pierre at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767071#43 seems to
work fine:
http://git.remlab.net/gitweb/?p=ndisc6.git;a=blob_plain;f=rdnssd/merge-hook.in;hb=f7bd3662d2292e248173721d4760c03df39df666

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#819493: debian-security-support: FTBFS on jessie: attemps to install nonexistent security-support-ended.deb8+deb8u3 file

[Santiago Ruano Rincón]

El 29/03/16 a las 21:55, Santiago Vila escribió:
> On Tue, Mar 29, 2016 at 05:13:51PM +0200, Santiago Ruano Rincón wrote:
> >  #!/usr/bin/make -f
> >  
> > -DEBIAN_VERSION ?= $(shell LANG=C dpkg -l base-files | awk 
> > '($$1=="ii"){print $$3}' | cut -d. -f1)
> > +DEBIAN_VERSION ?= $(shell LANG=C dpkg -l base-files | awk 
> > '($$1=="ii"){print $$3}' | cut -d. -f1 | cut -d+ -f1)
> 
> Hello tocayo.
> 
> This is not ok (neither the original or the patched version). The fact
> that base-files numbering happens to match Debian stable releases
> until now is not enough to use its version number to guess Debian
> version number.
> 
> Please do it right and use /etc/debian_version or /etc/os-release
> instead.

Hi tocayo,

What about this?

diff --git a/debian/rules b/debian/rules
index 10e034a..3fefda0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,6 +1,11 @@
 #!/usr/bin/make -f
 
-DEBIAN_VERSION ?= $(shell LANG=C dpkg -l base-files | awk '($$1=="ii"){print 
$$3}' | cut -d. -f1 | cut -d+ -f1)
+NEXT_VERSION_ID=$(shell ls -w1 ./security-support-ended.deb* | sort -n | tail 
-n1 | awk -F "deb" '{print $$2}')
+
+DEBIAN_VERSION ?= $(shell cat /etc/debian_version | grep '[0-9.]' | cut -d. 
-f1)
+ifeq (,$(DEBIAN_VERSION))
+  DEBIAN_VERSION=$(NEXT_VERSION_ID)
+endif
 
 %:
dh $@

Thanks,

Santiago


signature.asc
Description: PGP signature

Bug#819493: debian-security-support: FTBFS on jessie: attemps to install nonexistent security-support-ended.deb8+deb8u3 file

[Santiago Ruano Rincón]

El 29/03/16 a las 20:39, Moritz Mühlenhoff escribió:
> On Tue, Mar 29, 2016 at 05:13:51PM +0200, Santiago Ruano Rincón wrote:
... 
> Feel free to make code changes in collab-maint along with an upload
> to unstable.
> 

Thanks! Pushed and uploaded,

Santiago


signature.asc
Description: PGP signature

Bug#819493: debian-security-support: FTBFS on jessie: attemps to install nonexistent security-support-ended.deb8+deb8u3 file

[Santiago Ruano Rincón]

El 30/03/16 a las 18:45, Santiago Vila escribió:
> On Wed, Mar 30, 2016 at 04:39:17PM +0200, Santiago Ruano Rincón wrote:
...
> I'm not familiar enough with this package to tell, but if that does
> what you want, yes, I suppose it would be better.
> 
> Beware, however, that in a future there might be a file named
> security-support-ended.deb10 and the sort could not work as expected.
> 
> If the release is for jessie, I would try to keep it simple:
> 
> DEBIAN_VERSION = 8
> 
> Isn't this why we have branches in git repositories?
> 
> Thanks.

I wonder if a more suitable approach, and close #762594 along, would be
to include all security-support-ended* lists files in the binary
package, and make check-support-status to evaluate the debian_version
where it runs.

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#504804: forwarded

[Santiago Ruano Rincón]

Control: forwarded -1 http://debbugs.gnu.org/cgi/bugreport.cgi?bug=23227
thanks

Bug#827027: DEP-8: initial tests to run upstream test_display_streaming

[Santiago Ruano Rincón]

Source: spice
Version: 0.12.6-4
Severity: normal
Tags: patch

Dear Maintainer,

I have pushed into the spice collab-maint git repo some changes to
include the first DEP-8 test for spice. You can find them in the
proposed-DEP-8-test branch:

https://anonscm.debian.org/cgit/collab-maint/spice.git/log/?id=refs/heads/proposed-DEP-8-tests

Please consider them for a next upload.

Cheers,

Santiago

Bug#819275: check-support-status outputs a blank line, which is not cron friendly

[Santiago Ruano Rincón]

Control: tags -1 + pending
Thanks

On Wed, 27 Apr 2016 12:36:24 +0300 (EEST) Harald Hannelius  
wrote:
> 
> I was about to file a bug as well, since I just got a lot of e-mail from 
> different cron-daemons. The normal convention would be to not say anything 
> if there isn't anything to tell, wouldn't it?
> 
> At the very least don't output a single newline.

I agree the by default convention would be to not say anything. I have
committed into the git repo some changes to avoid printing those empty
lines:

https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/commit/?id=0ff070751db995ccacab9f14de42144ff626cec1

I hope this will be part of the next release.

Cheers,

Santiago

Bug#822956: www.debian.org: releases/wheezy note on LTS

[Santiago Ruano Rincón]

Package: www.debian.org
Severity: normal
Tags: patch

Hi,

Now that Wheezy has been handed over to the LTS team, a note could be
added in the release pages. Patch attached. Also attached a Spanish
translation to be forwarded to l10n-spanish.

Cheers,

Santiago
>From d3d3cf8548fbc011e81a9365fcf25ef9461729e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Ruano=20Rinc=C3=B3n?= 
Date: Fri, 29 Apr 2016 12:19:30 +0200
Subject: [PATCH] releases/wheezy/index.wml: wheezy benefits from LTS

---
 english/releases/wheezy/index.wml | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/english/releases/wheezy/index.wml b/english/releases/wheezy/index.wml
index 01ac7d5..452073f 100644
--- a/english/releases/wheezy/index.wml
+++ b/english/releases/wheezy/index.wml
@@ -20,6 +20,12 @@ the Release Notes.
 # Security updates have been discontinued as of <:=spokendate('XXX'):>.
 
 
+Wheezy benefits from Long Term Support (LTS) from 26 April 2016
+until 31 May 2018. The LTS is limited to i386, amd64, armel and armhf. For more
+information, please refer to the https://wiki.debian.org/LTS";>LTS section of Debian Wiki.
+
+
 To obtain and install Debian, see
 the installation information page and the
 Installation Guide. To upgrade from an older
-- 
2.8.1

>From c2b54a08623d8f20646bcd7d0fa5b167df83e6a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Ruano=20Rinc=C3=B3n?= 
Date: Fri, 29 Apr 2016 12:21:19 +0200
Subject: [PATCH] spanish/releases/wheezy/index.wml: wheezy benefits from LTS

---
 spanish/releases/wheezy/index.wml | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/spanish/releases/wheezy/index.wml b/spanish/releases/wheezy/index.wml
index 9a3fd3b..ca95a50 100644
--- a/spanish/releases/wheezy/index.wml
+++ b/spanish/releases/wheezy/index.wml
@@ -20,7 +20,13 @@ en las Notas de Publicación.
 Debian 8.0 (jessie).
 # Las actualizaciones de seguridad han dejado de proporcionarse el <:=spokendate('XXX'):>.
 
- 
+
+Wheezy beneficia de soporte a largo plazo («Long Term Support», LTS)
+desde el 26 de abril de 2016 hasta el 31 de mayo de 2018. Wheezy LTS está
+limitado a i386, amd64, armel y armhf. Para más información visite la https://wiki.debian.org/LTS";>sección LTS de la wiki de Debian.
+
+
 Para obtener e instalar Debian, consulte la página de la información de instalación y la
 Guía de Instalación. Para actualizar desde una 
-- 
2.8.1

Bug#821811: samba: badlock patch breaks trust relationship

[Santiago Ruano Rincón]

Dear Samba maintainers,

Any updates about this bug?

LTS Team, anyone could help to handle it?

According to comment#17 in
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1572122
Andreas Schneider prepared a fix for 3.6.25.

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#823902: O: asterisk-prompt-es-co

[Santiago Ruano Rincón]

Package: wnpp
Severity: normal

Sadly, the maintainer of asterisk-prompt-es-co has passed away some
years ago. I also think this package is not longer useful, since it is
outated and it's unlikely to be changed. I.e.:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=420987

For now, I mark it as orphaned, but I think it should be removed.

Cheers,

Santiago


signature.asc
Description: PGP signature

Bug#823911: jessie-pu: package debian-security-support/2016.05.09+nmu1~deb8u1

[Santiago Ruano Rincón]

version"
+echo "$ALERT_WHEN" >"$TD/$SRC_NAME.when"
+echo "$ALERT_WHY" >"$TD/$SRC_NAME.why"
+if [ "$STATUSDB_FILE" ] ; then
+# add to status db, remove any older entries
+if [ -f "$STATUSDB_FILE" ]; then
+TEMPFILE="$(mktemp --tmpdir="$(dirname 
"$STATUSDB_FILE")")"
+[% AWK %] -F/ '($1!="'"$BIN_NAME"'"){print}' \
+<"$STATUSDB_FILE" >"$TEMPFILE"
+mv "$TEMPFILE" "$STATUSDB_FILE"
+fi
+echo "$TOKEN" >>"$STATUSDB_FILE"
+fi  # maintain status db
+    fi # package BIN_NAME's version is not supported
+fi
 done # read binary name and version for matching source name
 done # each source package from intersection
 
@@ -209,6 +272,16 @@
 
 if [ -z "$NOHEADING" ] ; then
 case "$TYPE" in
+earlyend)
+gettext \
+"Future end of support for one or more packages
+
+Unfortunately, it will be needed to end security support for some
+packages before the end of the regular security maintenance life cycle.
+
+The following packages found on this system are affected by this:"
+    echo
+;;
 ended)
 gettext \
 "Ended security support for one or more packages
@@ -238,6 +311,9 @@
 ALERT_WHY="$(cat "$TD/$SRC_NAME.why")"
 echo
 case "$TYPE" in
+earlyend)
+eval_gettext "* Source:\$SRC_NAME, will end on \$ALERT_WHEN"; echo
+;;
 ended)
 eval_gettext "* Source:\$SRC_NAME, ended on \$ALERT_WHEN at 
version \$ALERT_VERSION"; echo
     ;;
diff -Nru debian-security-support-2015.04.04/debian/changelog 
debian-security-support-2016.05.09+nmu1~deb8u1/debian/changelog
--- debian-security-support-2015.04.04/debian/changelog 2015-04-06 
18:59:22.0 +0200
+++ debian-security-support-2016.05.09+nmu1~deb8u1/debian/changelog 
2016-05-10 09:53:44.0 +0200
@@ -1,3 +1,73 @@
+debian-security-support (2016.05.09+nmu1~deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Rebuild for jessie.
+  * Remove postrm file, accidentally included in the previous release
+(Closes: #823563)
+
+ -- Santiago Ruano Rincón   Tue, 10 May 2016 09:53:30 
+0200
+
+debian-security-support (2016.05.04+nmu1) unstable; urgency=medium
+
+  * Unify binary package for all distributions. check-security-support
+evaluates the debian version where it runs upon, or according to a
+DEBIAN_VERSION env variable (Closes: #762594).
+- Keep a symlink to security-support-ended to avoid backward issues.
+  * check-support-status, man page: Parse version from debian/changelog
+  * Update messages.po, Spanish and French translations.
+  * Update packages not supported in Wheezy LTS.
+
+ -- Santiago Ruano Rincón   Wed, 04 May 2016 16:07:40 
+0200
+
+debian-security-support (2016.03.30+nmu1) unstable; urgency=medium
+
+  [ Salvatore Bonaccorso ]
+  * Mark virtualbox as unsupported in Wheezy (Closes: #812822)
+
+  [ Santiago Ruano Rincón ]
+  * Take into account future end of security support (Closes: #818843).
+- Include early end support checks in t/check-support-status.t.
+- Update man page.
+  * debian/rules: Generate right debian version from /etc/debian_version
+(Closes: #819493).
+
+ -- Santiago Ruano Rincón   Wed, 30 Mar 2016 19:20:15 
+0200
+
+debian-security-support (2016.01.07) unstable; urgency=medium
+
+  * Team upload.
+
+  [ Salvatore Bonaccorso ]
+  * Mark typo3-src as unsupported in Wheezy.
+Thanks to Holger Levsen  (Closes: #793454)
+
+  [ Raphaël Hertzog ]
+  * Mark wine-gecko-2.21 and wine-gecko-2.24 as unsupported in all
+releases. Closes: #804058
+  * Mark virtualbox-ose as unsupported in Squeeze (cf DLA 372-1).
+  * Mark qtwebkit-opensource-src as unsupported in all releases.
+Closes: #799189
+  * Mark redmine as unsupported in squeeze and wheezy due to the fact that
+it depends on rails which is not supported.
+
+ -- Raphaël Hertzog   Thu, 07 Jan 2016 17:11:33 +0100
+
+debian-security-support (2015.07.11) unstable; urgency=medium
+
+  * Team upload.
+  * Add list of packages not supported in stretch.
+The list ist empty for the time being.
+Fixes "FTBFS: cp: cannot stat 'security-support-ended.deb9': No such
+file or directory" when building in stretch and sid.
+Thanks to Daniel Schepler  for the report
+(Closes: #792007)
+  * Declare compliance with Debian policy 3.9.6
+  * Use canonical URI for Vcs-Git field
+  * Add Vcs-Browser fields in debian/control file
+  * Prepare check-supp

Bug#824015: debian-security-support: not clean upgrade

[Santiago Ruano Rincón]

Package: debian-security-support
Version: 2016.05.09+nmu1~deb7u1
Severity: important

When upgrading from 2015.04.04~deb7u1, installing debian-security-support 
returns an error:

dpkg: error: error executing hook 'if [ -x 
/usr/share/debian-security-support/check-support-status.hook ] ; then 
/usr/share/debian-security-support/check-support-status.hook ; fi', exit code 
2560
E: Sub-process /usr/bin/dpkg returned an error code (2)

Santiago

Bug#824015: debian-security-support: not clean upgrade

[Santiago Ruano Rincón]

Control: tags -1 + pending

I have fixed check-support-status.hook in git. I plan to upload a fixed
package tomorrow.

Santiago


signature.asc
Description: PGP signature

Bug#823911: jessie-pu: package debian-security-support/2016.05.09+nmu1~deb8u1

[Santiago Ruano Rincón]

El 27/05/16 a las 18:17, Adam D. Barratt escribió:
> Control: tags -1 + confirmed
> 
> On Tue, 2016-05-10 at 12:41 +0200, Santiago Ruano Rincón wrote:
> > Please find attached the debdiff of a debian-security-support between
> > current version in Jessie and 2016.05.09+nmu1~deb8u1. The new version:
> > * updates the list of packages with particular support conditions
> > * updates French and Spanish l10n.
> > * includes a new --type earlyend to warn the user about upcoming EOLs.
> > * closes fixes such as:
> > 
> > https://bugs.debian.org/819493 FTBFS in jessie.
> > https://bugs.debian.org/762594 Unify binary package along all suites.
> > https://bugs.debian.org/809249 Solve missing help
> > 
> > This version has been uploaded to unstable and wheezy-security.
> 
> Please go ahead.
> 
> Regards,
> 
> Adam
> 

Hi Adam,

A more recent version of debian-security-support fixes two additional
bugs:

https://bugs.debian.org/824015
https://bugs.debian.org/824081

This new package also updates the security support status for different
packages, and updates several localization files. Please, find the diff
below.

Should I go ahead with this new release?
Retitling this same bug report is enough, or a new bug is needed?

Thanks,

Santiago


diff --git a/Makefile.PL b/Makefile.PL
index 52cbde1..03de236 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -11,6 +11,8 @@ my $dchfile = 'debian/changelog';
 my $changelog = changelog_parse(file => $dchfile);
 my $VERSION=$changelog->{Version};
 
+$VERSION =~ s/~deb(.*)//;
+
 WriteMakefile (
 'NAME' =>   'debian-security-support',
 'AUTHOR' => 'Christoph Biedl ',
diff --git a/check-support-status.hook b/check-support-status.hook
index 35005ef..4f8a42b 100755
--- a/check-support-status.hook
+++ b/check-support-status.hook
@@ -30,7 +30,18 @@ LIB_DIR="/var/lib/$USERNAME"
 TEMPDIR="$(mktemp --tmpdir --directory 
debian-security-support.postinst.X)"
 trap "rm -rf '$TEMPDIR'" EXIT
 
-for MODE in earlyend ended limited ; do
+# Closes: #824081
+cd /tmp
+
+MODES="ended limited"
+
+# Don't invoke earlyend if an unsupporting version is still running. 
Closes: #824015
+found_version="$(dpkg-query -f '${Version}' -W debian-security-support)"
+if dpkg --compare-versions "2016.03.30" '<=' "$found_version"; then
+MODES="$MODES earlyend"
+fi
+
+for MODE in $MODES ; do
 OUTPUT="$TEMPDIR/output"
 su "$USERNAME" --shell /bin/bash --command "
 check-support-status \
diff --git a/check-support-status.in b/check-support-status.in
index be7f61f..83c5c97 100755
--- a/check-support-status.in
+++ b/check-support-status.in
@@ -276,7 +276,7 @@ if [ -z "$NOHEADING" ] ; then
 gettext \
 "Future end of support for one or more packages
 
-Unfortunately, it will be needed to end security support for some
+Unfortunately, it will be necessary to end security support for some
 packages before the end of the regular security maintenance life cycle.
 
 The following packages found on this system are affected by this:"
diff --git a/debian/changelog b/debian/changelog
index c89a134..0ec1309 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,52 @@
+debian-security-support (2016.05.24~deb8u1) jessie; urgency=medium
+
+  * Team upload.
+
+  [ Santiago Ruano Rincón ]
+  * Rebuild for Jessie.
+
+ -- Santiago Ruano Rincón   Wed, 29 Jun 2016 15:53:01 
+0200
+
+debian-security-support (2016.05.24) unstable; urgency=medium
+
+  * Team upload.
+
+  [ Santiago Ruano Rincón ]
+  * check-support-status.hook, debian-security-support.postinst: only
+invoke --type earlyend when running a version that supports it,
+i.e. >= 2016.03.30.
+  * check-support-status.hook: Make sure to run check-support-status
+from an accessibe directory. Thanks to Raphaël Hertzog (Closes: #824081).
+  * Include missing earlyend debconf template.
+  * Update Spanish debconf template translation.
+  * Update French debconf template translation.
+  * Mark as not supported in Wheezy LTS:
+- libv8
+- mediawiki (also not supported in Jessie)
+- vlc
+  * Update Danish debconf templates translation.
+Thanks to Joe Dalton  (Closes: #824467)
+  * Update Telugu debconf templates translation.
+Thanks to Praveen Illa  (Closes: #824638)
+  * Update Polish debconf templates translation.
+Thanks to Łukasz Dulny  (Closes: #824245)
+  * Update Portuguese debconf template translations.
+Thanks to Américo Monteiro  (Closes: #824145)
+  * Updated German debconf template translation.
+Thanks to Chris Leick  (Closes: #824488)
+  * Update Brazilian Portuguese debconf templates translation

Bug#829141: squid3: Add DEP-8 autopkgtest for upstream test suite

[Santiago Ruano Rincón]

Source: squid3
Version: 3.5.19-1
Severity: wishlist
Tags: patch

Dear Maintainer,

Please find attached two patches to enable autpkgtest to run upstream
test suite on a running system. This should complement
https://bugs.debian.org/710014. I have not try that patch though.

Find more information about autopkgtest and continous integration (ci)
at https://ci.debian.net/doc/

Cheers,

Santiago
>From 53b568812efa6b03165905ed178a0134fc6dfae8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Ruano=20Rinc=C3=B3n?= 
Date: Thu, 30 Jun 2016 23:40:44 +0200
Subject: [PATCH 2/2] debian/control: Add XS-Testsuite: autopkgtest stanza

---
 debian/control | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/control b/debian/control
index 76732ff..ae5d910 100644
--- a/debian/control
+++ b/debian/control
@@ -6,6 +6,7 @@ Homepage: http://www.squid-cache.org
 Standards-Version: 3.9.8
 Vcs-Git: git://anonscm.debian.org/pkg-squid/pkg-squid3.git/
 Build-Depends: libldap2-dev, libpam0g-dev, libdb-dev, cdbs, libsasl2-dev, debhelper (>=5), libcppunit-dev, libkrb5-dev, comerr-dev, libcap2-dev [linux-any], libecap3-dev (>= 1.0.1-2), libexpat1-dev, libxml2-dev, autotools-dev, libltdl-dev, dpkg-dev (>= 1.16.1~), pkg-config, libnetfilter-conntrack-dev [linux-any], nettle-dev, libgnutls28-dev, lsb-release
+XS-Testsuite: autopkgtest
 
 Package: squid3
 Architecture: all
-- 
2.8.1

>From c5878bf13fa0085b36245e9482614711d6d49ccd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Ruano=20Rinc=C3=B3n?= 
Date: Thu, 30 Jun 2016 23:40:00 +0200
Subject: [PATCH 1/2] dep-8 test: run upstream test-suite, first try

---
 debian/tests/control |  3 +++
 debian/tests/upstream-test-suite | 13 +
 2 files changed, 16 insertions(+)
 create mode 100644 debian/tests/control
 create mode 100644 debian/tests/upstream-test-suite

diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 000..5889a91
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,3 @@
+Tests: upstream-test-suite
+Depends: fakeroot, squid
+Restrictions: allow-stderr
diff --git a/debian/tests/upstream-test-suite b/debian/tests/upstream-test-suite
new file mode 100644
index 000..4f6b332
--- /dev/null
+++ b/debian/tests/upstream-test-suite
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -e
+
+dpkg-source --before-build `pwd`
+sed -i -e 's/\$(top_builddir)\/src\/squid/\/usr\/sbin\/squid/' test-suite/Makefile.am
+dpkg-buildpackage -rfakeroot --target=pre-build
+dpkg-buildpackage -rfakeroot --target=common-configure-arch 2>/dev/null
+make -C src/base libbase.la
+make -C src globals.o
+make -C lib all
+make -C compat
+make -C src squid.conf.default
+make -C test-suite check
-- 
2.8.1



signature.asc
Description: PGP signature

Bug#809249: debian-security-support: Missing help

[Santiago Ruano Rincón]

On Mon, 28 Dec 2015 18:04:56 +0100 Kwadronaut-debian 
 wrote:
> Package: debian-security-support
> Version: 2015.04.04
> Severity: wishlist
> 
> Dear Maintainer,
> 
> the release notes suggest to track security support status of installed
> packages with debian-security-support [1]. It's not obvious after
> installation on how to re-run it or what can be expected from this
> package.
> 
> I suggest to:
> * include a --help switch
> * a reference to the package name inside the manpage of
> check-support-status so when searching (man -k debian-security-support)
> one can find some more information
> 
> Thanks,
> 
> kwadronaut
> 
> [1]
> https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#limited-security-support
> s
> 
> -- System Information:
> Debian Release: 8.2
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages debian-security-support depends on:
> ii  adduser3.113+nmu3
> ii  debconf [debconf-2.0]  1.5.56
> ii  gettext-base   0.19.3-2
> 
> debian-security-support recommends no packages.
> 
> debian-security-support suggests no packages.
> 
> -- debconf information excluded
> 
> 

Bug#809249: debian-security-support: Missing help

[Santiago Ruano Rincón]

Control: tags -1 + pending

On Mon, 28 Dec 2015 18:04:56 +0100 Kwadronaut-debian 
 wrote:
> Package: debian-security-support
> Version: 2015.04.04
> Severity: wishlist
> 
> Dear Maintainer,
> 
> the release notes suggest to track security support status of installed
> packages with debian-security-support [1]. It's not obvious after
> installation on how to re-run it or what can be expected from this
> package.
> 
> I suggest to:
> * include a --help switch
> * a reference to the package name inside the manpage of
> check-support-status so when searching (man -k debian-security-support)
> one can find some more information

Hi,

I've pushed into the git repo changes to include this help.

Cheers,

Santiago

Bug#822578: Wheezy update of poppler?

[Santiago Ruano Rincón]

Hello dear maintainer(s),

the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of poppler:
https://security-tracker.debian.org/tracker/CVE-2015-8868

Would you like to take care of this yourself?

If yes, please follow the workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-...@lists.debian.org
(via a debdiff, or with an URL pointing to the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

Thank you very much.

Santiago R.R.,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup


signature.asc
Description: PGP signature

Bug#822759: torbrowser-launcher: provide alternatives for x-www-browser and gnome-www-browser

[Santiago Ruano Rincón]

Package: torbrowser-launcher
Version: 0.2.4-2
Severity: wishlist
Tags: patch

Attached a patch to manage torbrowser-launcher as alternative for
x-www-browser and gnome-www-browser. This will be more useful once
821093 get closed though.

Cheers,

Santiago
From 8abde7a42df40f2716280c49ed649907a6782552 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Ruano=20Rinc=C3=B3n?= 
Date: Wed, 27 Apr 2016 10:05:56 +0200
Subject: [PATCH] postinst, prerm: manage torbrowser-launcher as alternative
 for x-www-browser and gnome-www-browser (update-alternatives)

---
 debian/torbrowser-launcher.postinst | 15 +++
 debian/torbrowser-launcher.prerm| 15 +++
 2 files changed, 30 insertions(+)
 create mode 100644 debian/torbrowser-launcher.postinst
 create mode 100644 debian/torbrowser-launcher.prerm

diff --git a/debian/torbrowser-launcher.postinst b/debian/torbrowser-launcher.postinst
new file mode 100644
index 000..d0f7c1c
--- /dev/null
+++ b/debian/torbrowser-launcher.postinst
@@ -0,0 +1,15 @@
+#! /bin/sh
+
+set -e
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] ; then
+update-alternatives --install /usr/bin/x-www-browser \
+x-www-browser /usr/bin/torbrowser-launcher 40
+update-alternatives --install /usr/bin/gnome-www-browser \
+gnome-www-browser /usr/bin/torbrowser-launcher 40
+fi
diff --git a/debian/torbrowser-launcher.prerm b/debian/torbrowser-launcher.prerm
new file mode 100644
index 000..68e162f
--- /dev/null
+++ b/debian/torbrowser-launcher.prerm
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set -e
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+if [ "$1" = "remove" ] || [ "$1" = "disappear" ]; then
+update-alternatives --remove x-www-browser /usr/bin/torbrowser-launcher
+update-alternatives --remove gnome-www-browser /usr/bin/torbrowser-launcher
+fi
+
+
-- 
2.8.1



signature.asc
Description: PGP signature

Bug#786439: squeeze update of fuse?

[Santiago Ruano Rincón]

Hi Laszlo,

Please find the attached dpatch to prevent CVE-2015-3202 in squeeze. It
makes lib/mount_util.c use execle instead of execl to run external
helpers.

Please, let me know if you want me to upload a patched package, or if
you want to do it by yourself.

Cheers,

Santiago
#! /bin/sh /usr/share/dpatch/dpatch-run
## 004-CVE-2015-3202.dpatch by  
##
## DP: Fixes CVE-2015-3202.
## DP: Backported from fuse_2.9.0-2+deb7u2

@DPATCH@
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' 
'--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' 
fuse-2.8.4~/lib/mount_util.c fuse-2.8.4/lib/mount_util.c
--- fuse-2.8.4~/lib/mount_util.c2010-03-08 16:18:43.0 +0100
+++ fuse-2.8.4/lib/mount_util.c 2015-05-26 18:15:10.571012189 +0200
@@ -78,6 +78,7 @@
if (res == 0) {
char templ[] = "/tmp/fusermountXX";
char *tmp;
+char *env = NULL;
 
sigprocmask(SIG_SETMASK, &oldmask, NULL);
setuid(geteuid());
@@ -99,8 +100,8 @@
exit(1);
}
rmdir(tmp);
-   execl("/bin/mount", "/bin/mount", "-i", "-f", "-t", type,
- "-o", opts, fsname, mnt, NULL);
+   execle("/bin/mount", "/bin/mount", "-i", "-f", "-t", type,
+"-o", opts, fsname, mnt, NULL, &env);
fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
progname, strerror(errno));
exit(1);
@@ -148,10 +149,12 @@
dup2(fd, 1);
dup2(fd, 2);
 
+   char *env = NULL;
+
sigprocmask(SIG_SETMASK, &oldmask, NULL);
setuid(geteuid());
-   execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
- "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
+   execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+ "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
progname, strerror(errno));
exit(1);
@@ -205,10 +208,17 @@
goto out_restore;
}
if (res == 0) {
+   char *env = NULL;
+
sigprocmask(SIG_SETMASK, &oldmask, NULL);
setuid(geteuid());
-   execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
- lazy ? "-l" : NULL, NULL);
+if (lazy) {
+   execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
+  "-l", NULL, &env);
+   } else {
+   execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
+  NULL, &env);
+   }
fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
progname, strerror(errno));
exit(1);


signature.asc
Description: Digital signature

Bug#787010: tomcat6: CVE-2014-7810: Security Manager bypass by expression language

[Santiago Ruano Rincón]

Source: tomcat6
Version: 6.0.41-2+squeeze6
Severity: normal
Tags: security patch upstream fixed-upstream

Dear Debian Java maintainers,

The Tomcat security team has identified a security issue [cve] that
allows malicious web applications to bypass the Security Manager, by the
use of expression language. The code related to this vulnerability is
present in squeeze and wheezy.

I have prepared the attached patches for squeeze, based on [fix].

[cve] https://security-tracker.debian.org/tracker/CVE-2014-7810
[fix] http://svn.apache.org/viewvc?view=revision&revision=1645366
  http://svn.apache.org/viewvc?view=revision&revision=1659538

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

Please adjust the affected versions in the BTS as needed.

Cheers!

Santiago

P.S. This is part of my first security bug reports against tomcat.
Please let me know how can I improve them.
Description: Fix potential BeanELResolver issue when running under a security manager.
 Some classes may not be accessible but may have accessible interfaces.
 This is part of the fix for CVE-2014-7810
Origin: http://svn.apache.org/viewvc?view=revision&revision=1645366

--- a/java/javax/el/BeanELResolver.java
+++ b/java/javax/el/BeanELResolver.java
@@ -188,25 +188,49 @@
 		return null;
 	}
 
-	protected final static class BeanProperties {
-		private final Map properties;
+protected final static class BeanProperties {
+private final Map properties;
 
-		private final Class type;
+private final Class type;
 
-		public BeanProperties(Class type) throws ELException {
-			this.type = type;
-			this.properties = new HashMap();
-			try {
-BeanInfo info = Introspector.getBeanInfo(this.type);
-PropertyDescriptor[] pds = info.getPropertyDescriptors();
-for (int i = 0; i < pds.length; i++) {
-	this.properties.put(pds[i].getName(), new BeanProperty(
-			type, pds[i]));
-}
-			} catch (IntrospectionException ie) {
-throw new ELException(ie);
-			}
-		}
+public BeanProperties(Class type) throws ELException {
+this.type = type;
+this.properties = new HashMap();
+try {
+BeanInfo info = Introspector.getBeanInfo(this.type);
+PropertyDescriptor[] pds = info.getPropertyDescriptors();
+for (PropertyDescriptor pd: pds) {
+this.properties.put(pd.getName(), new BeanProperty(type, pd));
+}
+if (System.getSecurityManager() != null) {
+// When running with SecurityManager, some classes may be
+// not accessible, but have accessible interfaces.
+populateFromInterfaces(type);
+}
+} catch (IntrospectionException ie) {
+throw new ELException(ie);
+}
+}
+
+private void populateFromInterfaces(Class aClass) throws IntrospectionException {
+Class interfaces[] = aClass.getInterfaces();
+if (interfaces.length > 0) {
+for (Class ifs : interfaces) {
+BeanInfo info = Introspector.getBeanInfo(ifs);
+PropertyDescriptor[] pds = info.getPropertyDescriptors();
+for (PropertyDescriptor pd : pds) {
+if (!this.properties.containsKey(pd.getName())) {
+this.properties.put(pd.getName(), new BeanProperty(
+this.type, pd));
+}
+}
+}
+}
+Class superclass = aClass.getSuperclass();
+if (superclass != null) {
+populateFromInterfaces(superclass);
+}
+}
 
 		private BeanProperty get(ELContext ctx, String name) {
 			BeanProperty property = this.properties.get(name);
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -952,6 +952,15 @@
   
 
   
+  
+
+  
+Fix potential issue with BeanELResolver when running under a security
+manager. Some classes may not be accessible but may have accessible
+interfaces. (markt)
+  
+
+  
   
 
   
Description: Backport some Jasper clean-up that might provide a marginal performance improvement.
 Even if it doesn't it removes some unnecessary code.
 This is part of the fix for CVE-2014-7810
Origin: http://svn.apache.org/viewvc?view=revision&revision=1659538

--- a/java/org/apache/jasper/runtime/PageContextImpl.java
+++ b/java/org/apache/jasper/runtime/PageContextImpl.java
@@ -5,9 +5,9 @@
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
- * 
+ *
  *  http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required 

Bug#785312: tomcat6: CVE-2014-0227: HTTP request smuggling or DoS by streaming malformed data

[Santiago Ruano Rincón]

Source: tomcat6
Version: 6.0.35-6+deb7u1
Severity: important
Tags: security patch upstream fixed-upstream

Hi there,

The following vulnerability affects current tomcat 6.x in squeeze and wheezy.

According to CVE-2014-0227 [cve], "Apache Tomcat 6.x before 6.0.42, 7.x before
7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue
reading data after an error has occurred, which allows remote attackers to
conduct HTTP request smuggling attacks or cause a denial of service (resource
consumption) by streaming data with malformed chunked transfer coding".

I have prepared the attached patch, based on [fix].

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

[cve] https://security-tracker.debian.org/tracker/CVE-2014-0227 
[fix] https://svn.apache.org/viewvc?view=revision&revision=1603628

Please adjust the affected versions in the BTS as needed.

Cheers,

Santiago
Description: Improvements to ChunkedInputFilter
 - Clean-up
 - i18n for ChunkedInputFilter error message
 - Add error flag to allow subsequent attempts at reading after an error to
   fail fast
 Fixes CVE-2014-0227
Origin: https://svn.apache.org/viewvc?view=revision&revision=1603628

Index: tomcat6-6.0.41/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
===
--- tomcat6-6.0.41.orig/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ tomcat6-6.0.41/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -14,7 +14,6 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
 package org.apache.coyote.http11.filters;
 
 import java.io.EOFException;
@@ -29,6 +28,7 @@ import org.apache.coyote.http11.Constant
 import org.apache.coyote.http11.InputFilter;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.MimeHeaders;
+import org.apache.tomcat.util.res.StringManager;
 
 /**
  * Chunked input filter. Parses chunked data according to
@@ -39,9 +39,11 @@ import org.apache.tomcat.util.http.MimeH
  */
 public class ChunkedInputFilter implements InputFilter {
 
+private static final StringManager sm = StringManager.getManager(
+ChunkedInputFilter.class.getPackage().getName());
 
-// -- Constants
 
+// -- Constants
 
 protected static final String ENCODING_NAME = "chunked";
 protected static final ByteChunk ENCODING = new ByteChunk();
@@ -49,7 +51,6 @@ public class ChunkedInputFilter implemen
 
 // - Static Initializer
 
-
 static {
 ENCODING.setBytes(ENCODING_NAME.getBytes(), 0, ENCODING_NAME.length());
 }
@@ -57,7 +58,6 @@ public class ChunkedInputFilter implemen
 
 // - Instance Variables
 
-
 /**
  * Next buffer in the pipeline.
  */
@@ -120,6 +120,11 @@ public class ChunkedInputFilter implemen
 
 
 /**
+ * Flag that indicates if an error has occurred.
+ */
+private boolean error;
+
+/**
  * Flag set to true if the next call to doRead() must parse a CRLF pair
  * before doing anything else.
  */
@@ -130,13 +135,10 @@ public class ChunkedInputFilter implemen
  * Request being parsed.
  */
 private Request request;
-
-// - Properties
 
 
 //  InputBuffer Methods
 
-
 /**
  * Read bytes.
  * 
@@ -146,11 +148,12 @@ public class ChunkedInputFilter implemen
  * whichever is greater. If the filter does not do request body length
  * control, the returned value should be -1.
  */
-public int doRead(ByteChunk chunk, Request req)
-throws IOException {
-
-if (endChunk)
+public int doRead(ByteChunk chunk, Request req) throws IOException {
+if (endChunk) {
 return -1;
+}
+
+checkError();
 
 if(needCRLFParse) {
 needCRLFParse = false;
@@ -159,7 +162,7 @@ public class ChunkedInputFilter implemen
 
 if (remaining <= 0) {
 if (!parseChunkHeader()) {
-throw new IOException("Invalid chunk header");
+throwIOException(sm.getString("chunkedInputFilter.invalidHeader"));
 }
 if (endChunk) {
 parseEndChunk();
@@ -171,8 +174,7 @@ public class ChunkedInputFilter implemen
 
 if (pos >= lastValid) {
 if (readBytes() < 0) {
-throw new IOException(
-"Unexpected end of stream whilst reading request body");
+throwIOException(sm.getString("chunkedInputFilter.eos"));

Bug#785316: CVE-2014-0230: non-persistent DoS attack by feeding data aborting an upload

[Santiago Ruano Rincón]

Source: tomcat6
Version: 6.0.41-2+squeeze6
Severity: normal
Tags: security upstream fixed-upstream

Hello,

The following vulnerability affects tomcat6 in squeeze and wheezy.

CVE-2014-0230 [cve]: Tomcat permits a limited Denial of Service.

I have prepared the attached patch for the 6.0.41-2+squeeze6 version,
based on [fix].

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

[cve] https://security-tracker.debian.org/tracker/CVE-2014-0230
[fix] https://svn.apache.org/viewvc?view=revision&revision=1659537

Please adjust the affected versions in the BTS as needed.

Regards,

Santiago
Description: Add support for maxSwallowSize
 Fixes CVE-2014-0230
Origin: https://svn.apache.org/viewvc?view=revision&revision=1659537

Index: tomcat6-6.0.41/java/org/apache/coyote/http11/filters/IdentityInputFilter.java
===
--- tomcat6-6.0.41.orig/java/org/apache/coyote/http11/filters/IdentityInputFilter.java
+++ tomcat6-6.0.41/java/org/apache/coyote/http11/filters/IdentityInputFilter.java
@@ -20,7 +20,7 @@ package org.apache.coyote.http11.filters
 import java.io.IOException;
 
 import org.apache.tomcat.util.buf.ByteChunk;
-
+import org.apache.tomcat.util.res.StringManager;
 import org.apache.coyote.InputBuffer;
 import org.apache.coyote.Request;
 import org.apache.coyote.http11.InputFilter;
@@ -32,9 +32,11 @@ import org.apache.coyote.http11.InputFil
  */
 public class IdentityInputFilter implements InputFilter {
 
+private static final StringManager sm = StringManager.getManager(
+IdentityInputFilter.class.getPackage().getName());
 
-// -- Constants
 
+// -- Constants
 
 protected static final String ENCODING_NAME = "identity";
 protected static final ByteChunk ENCODING = new ByteChunk();
@@ -150,17 +152,25 @@ public class IdentityInputFilter impleme
 }
 
 
-/**
- * End the current request.
- */
-public long end()
-throws IOException {
+public long end() throws IOException {
+
+final int maxSwallowSize = org.apache.coyote.Constants.MAX_SWALLOW_SIZE;
+final boolean maxSwallowSizeExceeded = (maxSwallowSize > -1 && remaining > maxSwallowSize);
+long swallowed = 0;
 
 // Consume extra bytes.
 while (remaining > 0) {
+
 int nread = buffer.doRead(endChunk, null);
 if (nread > 0 ) {
+swallowed += nread;
 remaining = remaining - nread;
+if (maxSwallowSizeExceeded && swallowed > maxSwallowSize) {
+// Note: We do not fail early so the client has a chance to
+// read the response before the connection is closed. See:
+// http://httpd.apache.org/docs/2.0/misc/fin_wait_2.html#appendix
+throw new IOException(sm.getString("inputFilter.maxSwallow"));
+}
 } else { // errors are handled higher up.
 remaining = 0;
 }
Index: tomcat6-6.0.41/java/org/apache/coyote/http11/filters/LocalStrings.properties
===
--- tomcat6-6.0.41.orig/java/org/apache/coyote/http11/filters/LocalStrings.properties
+++ tomcat6-6.0.41/java/org/apache/coyote/http11/filters/LocalStrings.properties
@@ -22,4 +22,6 @@ chunkedInputFilter.invalidCrlfNoCR=Inval
 chunkedInputFilter.invalidCrlfNoData=Invalid end of line sequence (no data available to read)
 chunkedInputFilter.invalidHeader=Invalid chunk header
 chunkedInputFilter.maxExtension=maxExtensionSize exceeded
-chunkedInputFilter.maxTrailer=maxTrailerSize exceeded
\ No newline at end of file
+chunkedInputFilter.maxTrailer=maxTrailerSize exceeded
+
+inputFilter.maxSwallow=maxSwallowSize exceeded
Index: tomcat6-6.0.41/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
===
--- tomcat6-6.0.41.orig/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ tomcat6-6.0.41/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -216,8 +216,15 @@ public class ChunkedInputFilter implemen
  * End the current request.
  */
 public long end() throws IOException {
+int maxSwallowSize = org.apache.coyote.Constants.MAX_SWALLOW_SIZE;
+long swallowed = 0;
+int read = 0;
 // Consume extra bytes : parse the stream until the end chunk is found
-while (doRead(readChunk, null) >= 0) {
+while ((read = doRead(readChunk, null)) >= 0) {
+swallowed += read;
+if (maxSwallowSize > -1 && swallowed > maxSwallowSize) {
+throwIOException(sm.getString("inputFilter.maxSwallow"));
+}
 }
 
 // Return the number of 

Bug#683372: squeeze update of dnsmasq?

[Santiago Ruano Rincón]

Hi Simon,

On Fri, May 15, 2015 at 04:24:30PM +0200, Santiago Ruano Rincón wrote:
...
> I'm attaching the clean patch to fix CVE-2015-3294.

These other CVEs are related each other and still affect dnsmasq in
squeeze and wheeze:
https://security-tracker.debian.org/tracker/CVE-2012-3411
https://security-tracker.debian.org/tracker/CVE-2013-0198

As far as I understand, your fix to those bugs introduces the new
--bind-dynamic option in dnsmasq. This fix also depends on libvirt, that
needs to be modified to pass --bind-dynamic instead of
--bind-interfaces. Please, correct me if I'm wrong.

Given that in Debian they have been classified as low priority, do you
think it's worth to do adapt those changes into squeeze and wheeze?

Best regards,

Santiago


signature.asc
Description: Digital signature

Bug#683372: squeeze update of dnsmasq?

[Santiago Ruano Rincón]

On Sat, May 16, 2015 at 12:26:51PM +0200, Santiago Ruano Rincón wrote:
> Hi Simon,
> 
> On Fri, May 15, 2015 at 04:24:30PM +0200, Santiago Ruano Rincón wrote:
> ...
> > I'm attaching the clean patch to fix CVE-2015-3294.
> 
> These other CVEs are related each other and still affect dnsmasq in
> squeeze and wheeze:
> https://security-tracker.debian.org/tracker/CVE-2012-3411
> https://security-tracker.debian.org/tracker/CVE-2013-0198
> 
> As far as I understand, your fix to those bugs introduces the new
> --bind-dynamic option in dnsmasq. This fix also depends on libvirt, that
> needs to be modified to pass --bind-dynamic instead of
> --bind-interfaces. Please, correct me if I'm wrong.
> 
> Given that in Debian they have been classified as low priority, do you
> think it's worth to do adapt those changes into squeeze and wheeze?

Note: libvirt has not support by Squeeze LTS


signature.asc
Description: Digital signature

Bug#683372: squeeze update of dnsmasq?

[Santiago Ruano Rincón]

> On 16/05/15 11:26, Santiago Ruano Rincón wrote:
> > Hi Simon,
> > 
> > On Fri, May 15, 2015 at 04:24:30PM +0200, Santiago Ruano Rincón
> > wrote: ...
> >> I'm attaching the clean patch to fix CVE-2015-3294.
> > 
> > These other CVEs are related each other and still affect dnsmasq
> > in squeeze and wheeze: 
> > https://security-tracker.debian.org/tracker/CVE-2012-3411 
> > https://security-tracker.debian.org/tracker/CVE-2013-0198
> > 
> > As far as I understand, your fix to those bugs introduces the new 
> > --bind-dynamic option in dnsmasq. This fix also depends on libvirt,
> > that needs to be modified to pass --bind-dynamic instead of 
> > --bind-interfaces. Please, correct me if I'm wrong.
> > 
> > Given that in Debian they have been classified as low priority, do
> > you think it's worth to do adapt those changes into squeeze and
> > wheeze?
> > 
> 
> Your analysis is correct, and I think it's really not worth the
> (large) amount of effort required.
> 

Ok. Thanks for your answer!

Santiago


signature.asc
Description: Digital signature

Bug#746456: FTBFS as test does not terminate

[Santiago Ruano Rincón]

Source: google-perftools
Followup-For: Bug #746456

I've successfuly build 2.2.1-0.2 with my cowbuilder. It even passes all
46 tests:

...
PASS: tcmalloc_and_profiler_unittest
===
All 46 tests passed
===
...

I think you can close this bug.

Cheers,

Santiago

-- System Information:
Debian Release: 7.2
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_CO.utf8, LC_CTYPE=es_CO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#779728: grep(1) man page for GNU grep 2.16 should have PCRE but has PRCE

[Santiago Ruano Rincón]

Control: tags -1 + confirmed pending

El 04/03/15 a las 10:12, Philip Muench escribió:
> Package: grep
> Version: 2.16-1
> Severity: minor
> 
> Dear Maintainer,
>there is one instance of PRCE. It should be PCRE.  That would help the 
> reader seeking PCRE.
> Gnu.org bug worker Jim Meyering said the PRCE occurence was in some 
> distribution patch.
> Ubuntu.com worker Brian Murray said the PRCE occurence was in a Debian patch.
>Thank you for your attention.
> -Philip
> P.s. Excerpt of an e-memo including some words from Brian Murray and Jim 
> Meyering:
> 
> From: Brian Murray [mailto:br...@ubuntu.com] 
> Sent: Monday, March 02, 2015 5:00 PM
> To: Philip Muench
> Subject: [Bug 1425664] Re: grep(1) man page for GNU grep 2.16 should have 
> PCRE but has PRCE
> 
> The patch appears to be one that is also included in Debian:
> 
> debian/patches/80-587930-man-ere-reference.patch:+\*(lqbasic\*(rq (BRE), 
> \*(lqextended\*(rq (ERE) and \*(lqperl\*(rq (PRCE). In
> 

Hi,

Thanks for reporting this. I've committed the changes to debian grep's
git repo.

Cheers,

Santiago


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#709883: keyboard-configuration: X keyboard configuration lost after upgrade

[Santiago Ruano Rincón]

Package: keyboard-configuration
Version: 1.121
Followup-For: Bug #709883

Hi,

I've just lost my keyboard configuration after upgrading these packages:

Upgrade: libsystemd-login0:amd64 (215-14, 215-15), dselect:amd64
(1.17.24, 1.17.25), python3-nose:amd64 (1.3.4-2, 1.3.6-1), dpkg:amd64
(1.17.24, 1.17.25), dmsetup:amd64 (1.02.90-2.1, 1.02.90-2.2),
python-nose:amd64 (1.3.4-2, 1.3.6-1), console-setup:amd64 (1.120,
1.121), dpkg-dev:amd64 (1.17.24, 1.17.25), console-setup-linux:amd64
(1.120, 1.121), libsystemd-daemon0:amd64 (215-14, 215-15),
libgudev-1.0-0:amd64 (215-14, 215-15), libpam-systemd:amd64 (215-14,
215-15), udev:amd64 (215-14, 215-15), libudev-dev:amd64 (215-14,
215-15), libudev1:amd64 (215-14, 215-15), libudev1:i386 (215-14,
215-15), myspell-es:amd64 (1.11-9, 1.11-10), libdpkg-perl:amd64
(1.17.24, 1.17.25), lintian:amd64 (2.5.30+deb8u3, 2.5.30+deb8u4),
debian-keyring:amd64 (2015.03.30, 2015.04.10), gnome-font-viewer:amd64
(3.14.0-1, 3.14.0-2), ispanish:amd64 (1.11-9, 1.11-10), systemd:amd64
(215-14, 215-15), libdevmapper-event1.02.1:amd64 (1.02.90-2.1,
1.02.90-2.2), libdevmapper1.02.1:amd64 (1.02.90-2.1, 1.02.90-2.2),
libmarkdown2:amd64 (2.1.8-1, 2.1.8-2), google-talkplugin:amd64
(5.40.2.0-1, 5.41.0.0-1), keyboard-configuration:amd64 (1.120, 1.121),
libsystemd0:amd64 (215-14, 215-15), libsystemd0:i386 (215-14, 215-15),
aspell-es:amd64 (1.11-9, 1.11-10), liblvm2app2.2:amd64 (2.02.111-2.1,
2.02.111-2.2), ntpdate:amd64 (4.2.6.p5+dfsg-5, 4.2.6.p5+dfsg-7)
End-Date: 2015-04-11  20:16:31

My keyboard layout was changed. I use French alternative (latin-9), but
this variant was set to empty when upgrading. Although, I've been unable
to reproduce the problem.

Cheers,

Santiago

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_CO.utf8, LC_CTYPE=es_CO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages keyboard-configuration depends on:
ii  debconf 1.5.56
ii  initscripts 2.88dsf-59
ii  liblocale-gettext-perl  1.05-8+b1

keyboard-configuration recommends no packages.

keyboard-configuration suggests no packages.

Versions of packages console-setup depends on:
ii  console-setup-linux  1.121
ii  debconf  1.5.56
ii  xkb-data 2.12-1

Versions of packages console-setup suggests:
ii  locales   2.19-17
ii  lsb-base  4.1+Debian13+nmu1

Versions of packages console-setup-linux depends on:
ii  kbd  1.15.5-2

Versions of packages console-setup-linux suggests:
ii  console-setup  1.121

Versions of packages keyboard-configuration is related to:
pn  console-common  
pn  console-data
pn  console-tools   
ii  kbd 1.15.5-2

-- debconf information:
  console-setup/framebuffer_only:
* keyboard-configuration/variantcode: latin9
  console-setup/guess_font:
  keyboard-configuration/unsupported_options: true
  keyboard-configuration/unsupported_config_layout: true
  debian-installer/console-setup-udeb/title:
  keyboard-configuration/unsupported_layout: true
* keyboard-configuration/layout:
  keyboard-configuration/unsupported_config_options: true
* keyboard-configuration/store_defaults_in_debconf_db: true
* keyboard-configuration/toggle: No toggling
  console-setup/fontsize-fb47: 8x16
* keyboard-configuration/optionscode: terminate:ctrl_alt_bksp
* keyboard-configuration/variant: Francés - Francés (arcaico, alternativo)
* keyboard-configuration/xkb-keymap: fr(latin9)
* keyboard-configuration/other:
* console-setup/charmap47: UTF-8
  console-setup/codesetcode: Lat15
  console-setup/use_system_font:
  console-setup/store_defaults_in_debconf_db: true
* keyboard-configuration/modelcode: latitude
* keyboard-configuration/altgr: The default for the keyboard layout
* keyboard-configuration/model: Portátil Dell Latitude
* keyboard-configuration/layoutcode: fr
* keyboard-configuration/switch: No temporary switch
* keyboard-configuration/ctrl_alt_bksp: true
  console-setup/codeset47: # Latin1 and Latin5 - western Europe and Turkic 
languages
  console-setup/fontsize-text47: 8x16
  console-setup/fontface47: Fixed
  console-setup/fontsize: 8x16
* keyboard-configuration/compose: No compose key


signature.asc
Description: Digital signature

Bug#782616: nm.debian.org: Please add a mechanism to test mail dispatch

[Santiago Ruano Rincón]

Package: nm.debian.org
Severity: wishlist

I haven't been notified by email when, at least, two NM were asigned to
me. It would be useful to find where is the problem if we had a
mechanism to send an email from one's personal page.

Cheers,

Santiago


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#799956: grep: Grep mis-classifies file as binary when text contains UTF-8 diacritical chars.

[Santiago Ruano Rincón]

El 24/09/15 a las 19:02, roger crettol escribió:
... 
> No matching info is displayed, even if matches are present.
> 
> Tried to BOM the text file - it was not marked - which then cleared the
> problem.
> 

Roger, thanks for the report.

However, I am unable to reproduce the issue. Could you please provide a
test case?

Kind regards,

Santiago


signature.asc
Description: Digital signature

Bug#799956: grep: Grep mis-classifies file as binary when text contains UTF-8 diacritical chars.

[Santiago Ruano Rincón]

control: tags -1 + confirmed upstream
control: retitle -1 grep treats ISO-8859 text files as binary
control: clone -1 -2
control: forwarded -1 http://debbugs.gnu.org/cgi/bugreport.cgi?bug=19230
control: retitle -2 grep unable to find diacritical characters in ISO-8859 text 
files

El 02/10/15 a las 09:58, Alberto Luaces escribió:
> Package: grep
> Version: 2.21-2
> Followup-For: Bug #799956
> 
> I think the attached file will do as a minimal test case.
> 

>   struct cara* lcaras; //array de caras, habrá que usar reserva dinamica 
> de memoria.

% file /tmp/q.h 
/tmp/q.h: ISO-8859 text

% grep c /tmp/q.h
Coincidencia en el fichero binario /tmp/q.h

% grep -a c /tmp/q.h
struct cara* lcaras; //array de caras, habr� que usar reserva dinamica de 
memoria.

% grep á /tmp/q.h 

% grep -a á /tmp/q.h

The problem is related to ISO8859 files. It has already been
reported to upstream that grep treats ISO8859 files as binary:
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=19230
A partial workaround is to treat binary files as text, using the -a
option.

However, since grep doesn't find the diacritical characters, an
additional bug is needed.

Thanks for your report,

Santiago


signature.asc
Description: Digital signature

Bug#791420: pure-ftpd: session crashes in globing-related directory listing if pattern >= PATH_MAX

[Santiago Ruano Rincón]

Package: pure-ftpd
Version: 1.0.36-3.3
Severity: important
Tags: security confirmed patch upstream fixed-upstream

Hi

This vulnerability has been found in pure-ftpd:

https://security-tracker.debian.org/tracker/TEMP-000-5314C6
https://github.com/jedisct1/pure-ftpd/commit/0627004e23a24108785dc1506c5767392b90f807

I think it's a minor issue and don't deserve a DSA by itself, but it's
up to you and the security team to decide, of course.

Cheers,

Santiago

P.S. Patch attached
diff --git a/src/bsd-glob.c b/src/bsd-glob.c
index 27da8c8..5983465 100644
--- a/src/bsd-glob.c
+++ b/src/bsd-glob.c
@@ -151,9 +151,6 @@ glob_(const char *pattern, int flags, int (*errfunc)(const char *, int),
 
 printf ("pattern: %s\n", pattern);
 
-if (strlen(pattern) >= PATH_MAX) {
-return GLOB_NOMATCH;
-}
 pglob->gl_maxdepth = maxdepth;
 pglob->gl_maxfiles = maxfiles;
 patnext = (unsigned char *) pattern;
@@ -174,6 +171,9 @@ glob_(const char *pattern, int flags, int (*errfunc)(const char *, int),
 pglob->gl_pathc >= INT_MAX - pglob->gl_offs - 1) {
 return GLOB_NOSPACE;
 }
+if (strlen(pattern) >= PATH_MAX) {
+return GLOB_NOMATCH;
+}
 bufnext = patbuf;
 bufend = bufnext + MAXPATHLEN - 1;
 if (flags & GLOB_NOESCAPE) {


signature.asc
Description: Digital signature

Bug#574669: asterisk-prompt-es-co: adjust to asterisk "1.6.0" layout

[Santiago Ruano Rincón]

Package: asterisk-prompt-es-co
Followup-For: Bug #574669

Tzafrir,

Do you think this package is still useful? If so, please, fell free to
take over it to maintain through the pkg-voip team. Otherwise, I'd ask
to remove it, since the sounds are not longer updated.

Cheers,

Santiago


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#814997: Reverting upstream commit 40ed879db fixes gnome-pkg-tools

[Santiago Ruano Rincón]

Hi,

El 17/02/16 a las 20:51, Andreas Henriksson escribió:
> Control: reassign -1 gnome-pkg-tools
> 
> Hello again.
> 
> On Wed, Feb 17, 2016 at 07:56:29PM +0100, santiag...@riseup.net wrote:
> [...]
> > grep is less and less tolerant against invalid unicode characters.
> > Maybe are there invalid characters in the debian/* files where
> > uploaders.mk get the info to fill the Uploaders field? 
> [...]
> 
> You might actually be right here. (I was only thinking about the data
> used as an argument for grep - not the standard input data.)
> 
> $ iconv -f utf-8 -t ascii < /usr/share/gnome-pkg-tools/pkg-gnome.team  | tail 
> -n 2
> iconv: illegal input sequence at position 713
> Loic Minier ,
> 

Try iconv -f UTF-8 -t ASCII//TRANSLIT /usr/share/gnome-pkg-tools/pkg-gnome.team

> And indeed, dropping Loïc and Sebastian Dröge from the list fixes the
> problem.
> 

Please, don't drop these folks just by their non-ascii compliant names!

Actually, my up-to-dated pbuilder is able to build totem, under my
default es_CO.UTF-8 locale. And I am able to grep their names:

% grep -F -e ï -e ö /usr/share/gnome-pkg-tools/pkg-gnome.team
Loïc Minier ,
Loïc Minier ,
Sebastian Dröge ,

but under an ascii context:

% LANG=C grep -F -e ï -e ö /usr/share/gnome-pkg-tools/pkg-gnome.team
Binary file /usr/share/gnome-pkg-tools/pkg-gnome.team matches

comparing against grep-2.22:

% LANG=C grep -F -e ï -e ö /usr/share/gnome-pkg-tools/pkg-gnome.team
Loïc Minier ,
Loïc Minier ,
Sebastian Dröge ,


Maybe this is actually an issue in grep, or an encoding not matching
between the input file and the builders's locale.
What locale are you using? From your message filling the bug report:

Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) 

So maybe that is the problem.

See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800670 
and upstream's comment at http://debbugs.gnu.org/cgi/bugreport.cgi?bug=19230#8


A possible workaround with grep-2.23 is to force it to process the file
as text, using the -a option, even if it is not a binarly file:

% LANG=C grep -aF -e ï -e ö /usr/share/gnome-pkg-tools/pkg-gnome.team
Loïc Minier ,
Loïc Minier ,
Sebastian Dröge ,


Cheers,

Santiago

Bug#793142: Willing to try patches to solve 793142 in jessie.

[Santiago Ruano Rincón]

Hi,

I don't believe I'd be able to fix it by myself right now. But if
needed, I can try patches to solve this.

Cheers,

Santiago

Bug#818843: debian-security-support: new earlyend type, consider future end of support

[Santiago Ruano Rincón]

Package: debian-security-support
Severity: wishlist
Tags: -1 + patch

Hi,

Packages such as tomcat6 will get support until the end of 2016, at the
same time than Ubuntu LTS. To consider this kind of cases and warn the
user about packages whose end of support is in the future, I've pushed
the consider-future-EOLs branch into the debian-security-support repo.

ended and a new earlyend types use the same list file, so no need to
updated it when the date comes.

Does it make sense?

Also, would it be better to have a separate list file for earlyend?

Cheers,

Santiago


signature.asc
Description: Digital signature