Processed: Re: kipina_0.1.1-1(ia64/unstable): FTBFS: Scan failed

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 # not an arch regression, therefore not RC
 severity 291786 important
Bug#291786: kipina_0.1.1-1(ia64/unstable): FTBFS: Scan failed
Severity set to `important'.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#287166: meld: traceback when comparing 2 directories

[Steve Langasek]

merge 290811 287166
thanks

This bug is most likely a release-critical regression in glade2, not a bug
in meld.  I've asked Jordi Mallach to take a look at this on the glade end.

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Processed: mrph

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 forwarded 290811 http://bugzilla.gnome.org/show_bug.cgi?id=163322';
Bug#290811: meld crashes on start
Noted your statement that Bug has been forwarded to 
http://bugzilla.gnome.org/show_bug.cgi?id=163322';.

 merge 290811 287166
Bug#287166: meld: traceback when comparing 2 directories
Bug#290811: meld crashes on start
Mismatch - only Bugs in same state can be merged:
Values for `forwarded addr' don't match:
 #287166 has `http://bugzilla.gnome.org/show_bug.cgi?id=163322';
 #290811 has `http://bugzilla.gnome.org/show_bug.cgi?id=163322';'

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291784: zopeinterface_3.0.0-2(hppa/unstable): FTBFS: missing build-depends?

[Steve Langasek]

This bug seems to be due to changes in cdbs, which in newer versions
recognizes the existence of python2.4.  Because you pull the list of python
versions from cdbs, despite only actually building packages for two of these
versions; and because you don't build-depend on python2.4-dev, and don't
ignore errors from this command in debian/rules, this package now FTBFS on
all architectures.

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Bug#287899: vdr: run as non-root user

[Steve Langasek]

Thomas,

This RC bug has been tagged pending for almost a month now.  What's the
status of this upload?

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Processed: Re: xscreensaver-gl: GLKnots crashes my whole X-Window system

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 severity 290809 minor
Bug#290809: xscreensaver-gl: GLKnots crashes my whole X-Window system
Severity set to `minor'.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: reducing severity

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 severity 290905 important
Bug#290905: rsync fails with error when rsyncing to a remote host (file server) 
running rsyncd
Severity set to `important'.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290809: xscreensaver-gl: GLKnots crashes my whole X-Window system

[Steve Langasek]

severity 290809 minor
thanks

If an X application crashes the X server, that's an X server bug, not a bug
in the X client.  As I understand it, the X server you're using did not come
from Debian, which means the bug is not in a Debian package.  I'm
downgrading the severity of this bug accordingly, and leaving it open in
case the xscreensaver-gl maintainer wishes to help debug this further.  For
my part, I think the bug should just be closed.

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Bug#290905: More questions

[Goswin von Brederlow]

Hi,

some more questions about your setup:

Your config says:
| [mirror]
| path = /root/backup_server/backup
| use chroot = no
| max connections = 4
| auth users = root
| hosts allow = backup_server
| secrets file = /etc/.rs_sec
| uid = root
| gid = root

and to the question if it is writeable you said:

| $ ls -l /root/venus
| drwxr-xr-x  3 root root 4096 2005-01-03 09:46 backup

That is a different path.

Also what user did you set in inetd.conf for rsyncd?

MfG
Goswin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290905: reducing severity

[Goswin von Brederlow]

severity 290905 important
thanks

Hi,

rsync and rsyncd seems to work for most people, even 50% for the
reportee so I agree with Steve Langasek (on irc) that this is not a
grave bug and should not stop sarge.

MfG
Goswin



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: tags 289796 pending

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 package courier-filter-perl
Ignoring bugs not assigned to: courier-filter-perl

 tags 289796 pending
Bug#289796: courier-filter-perl: Perl 5.8 dependency not represented in package
There were no tags set.
Tags added: pending

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291600: FTBFS: Attempts to use 'apt-get source'

[Rene Mayrhofer]

On Friday 21 January 2005 19:37, Stephen Quinney wrote:
 Upon investigation I found that debian/rules is calling two scripts:
 build-discover (which attempts to download the source for curl, expat
 and discover) and build-paste (which attempts to grab the source for
 coreutils). This is total and utter madness, I've never come across
 anything so odd before in my experience of Debian packaging.
There is absolutely _no_ reason to be rude about this. If you think that it is 
odd, then ok. But insulting me personally is unprofessional and certainly 
counterproductive. Just because it doesn't work like you would've done it is 
no indicator for total and utter madness. 
rant
 It might have helped if you had asked for the reasons for this special 
construction, which I have not done just for the fun of it But I 
understand that flaming is easier, takes less of your seemingly valuable time 
and maybe gets you a few additional ego points then thinking about the issue 
and writing a constructive email with real suggestions for improving it.
/rant
Btw, this is already documented in the changelog.

 You must not assume even the existence of a network connection from a
 buildd never mind the ability to run apt-get. It must be possible to
 build a package inside a self-contained chroot. You should also note
 that there is a high chance that the apt source urls will not be
 listed in typical chroots.
In all of the build environments that I have access to, they are. I agree that 
some might not have this possibility, but then you could work with a local 
package mirror.

 I am absolutely certain that you really do not need to download the
 source code for each of these packages and then build them. There must
 be a better way to achieve what you are trying to do here.
OK, send me patches if you have a better solution. I will look at them and 
decide if they have other problems.

In case you care about the reasoning for my decisions: it is all about 
maintainability and size: I do not want to:
a) duplicate the complete sources in my package, because it would simply be a 
waste of space and bandwidth.
b) extract only those source files that are really necessary and create a new 
build system for them, because that would mean a lot of effort for tracking 
upstream changes for no benefit (and for building the uclibc-linked discover 
binary, nearly all of the source files are necessary anyways).
c) ship pre-compiled binaries in the source package, like it was done in the 
version before this odd construction.

If you have a solution that does not need to download the source packages at 
build time (which is no problem for reasonable development environments) and 
does not have the problems listed above, then you are welcome to send me 
patches. I am not completely happy with the current solution and would like 
to do something about it. And since you are absolutely certain that there 
is such a solution, I am already delighted to get the chance to improve my 
package. 

PS: A second outright insulting email (aka. flame) will simply be ignored, 
because my time is also valuable. If you would like to resolve this in a 
constructive manner, then I am, as always, open to any suggestion.

Rene


pgpjPqweqclrX.pgp
Description: PGP signature

Bug#291807: evolution: lots body in pgp signed messages

[Miguel Gea Milvaques]

Package: evolution
Version: 2.0.3-1.1
Severity: grave
Justification: causes non-serious data loss

When I receive a message signed with gpg, it lost the body part of
message. I've tried with another mail client ant the problem disapears
:(

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)

Versions of packages evolution depends on:
ii  evolution-data-server1.0.3-2 evolution database backend server
ii  gconf2   2.8.1-4 GNOME configuration database syste
ii  gnome-icon-theme 2.8.0-1 GNOME Desktop icon theme
ii  gtkhtml3.2   3.2.4-1 HTML rendering/editing library - b
ii  libart-2.0-2 2.3.16-6Library of functions for 2D graphi
ii  libatk1.0-0  1.8.0-4 The ATK accessibility toolkit
ii  libaudiofile00.2.6-5 Open-source version of SGI's audio
ii  libbonobo2-0 2.8.0-4 Bonobo CORBA interfaces library
ii  libbonoboui2-0   2.8.0-2 The Bonobo UI library
ii  libc62.3.2.ds1-20GNU C Library: Shared libraries an
ii  libcompfaceg11989.11.11-24   Compress/decompress images for mai
ii  libdb4.2 4.2.52-17   Berkeley v4.2 Database Libraries [
ii  libebook81.0.3-2 Client library for evolution addre
ii  libecal6 1.0.3-2 Client library for evolution calen
ii  libedataserver3  1.0.3-2 Utily library for evolution data s
ii  libegroupwise6   1.0.3-2 Client library for accessing group
ii  libesd0  0.2.35-2Enlightened Sound Daemon - Shared 
ii  libfontconfig1   2.2.3-4 generic font configuration library
ii  libfreetype6 2.1.7-2.3   FreeType 2 font engine, shared lib
ii  libgail-common   1.8.2-1 GNOME Accessibility Implementation
ii  libgail171.8.2-1 GNOME Accessibility Implementation
ii  libgal2.2-1  2.2.4-1 G App Libs (run time library)
ii  libgal2.2-common 2.2.4-1 G App Libs (common files)
ii  libgconf2-4  2.8.1-4 GNOME configuration database syste
ii  libgcrypt11  1.2.0-11LGPL Crypto library - runtime libr
ii  libglade2-0  1:2.4.1-1   Library to load .glade files at ru
ii  libglib2.0-0 2.6.1-2 The GLib library of C routines
ii  libgnome-keyring00.4.1-1 GNOME keyring services library
ii  libgnome-pilot2  2.0.12-1.1  Support libraries for gnome-pilot
ii  libgnome2-0  2.8.0-6 The GNOME 2 library - runtime file
ii  libgnomecanvas2-02.8.0-1 A powerful object-oriented display
ii  libgnomeprint2.2-0   2.8.2-1 The GNOME 2.2 print architecture -
ii  libgnomeprintui2.2-0 2.8.2-1 The GNOME 2.2 print architecture U
ii  libgnomeui-0 2.8.0-3 The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0   2.8.3-6 The GNOME virtual file-system libr
ii  libgnutls11  1.0.16-13   GNU TLS library - runtime library
ii  libgpg-error01.0-1   library for common error values an
ii  libgtk2.0-0  2.4.14-2The GTK+ graphical user interface 
ii  libgtkhtml3.2-11 3.2.4-1 HTML rendering/editing library - r
ii  libice6  4.3.0.dfsg.1-10 Inter-Client Exchange library
ii  libjpeg626b-9The Independent JPEG Group's JPEG 
ii  libldap2 2.1.30-3OpenLDAP libraries
ii  libnspr4 2:1.7.5-1   Netscape Portable Runtime Library
ii  libnss3  2:1.7.5-1   Network Security Service Libraries
ii  liborbit21:2.10.2-1.1libraries for ORBit2 - a CORBA ORB
ii  libpango1.0-01.6.0-3 Layout and rendering of internatio
ii  libpisock8   0.11.8-10   Library for communicating with a P
ii  libpisync0   0.11.8-10   Synchronization library for PalmOS
ii  libpopt0 1.7-5   lib for parsing cmdline parameters
ii  libsm6   4.3.0.dfsg.1-10 X Window System Session Management
ii  libsoup2.2-7 2.2.1-1 an HTTP library implementation in 
ii  libtasn1-2   0.2.10-4Manage ASN.1 structures (runtime)
ii  libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxml2  2.6.11-5GNOME XML library
ii  xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu
ii  zlib1g   1:1.2.2-4   compression library - runtime

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact 

Processed: your mail

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tags 291782 pending
Bug#291782: bible-kjv_4.17(hppa/unstable): FTBFS: compile errors (implicit 
definition)
There were no tags set.
Tags added: pending

 quit
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290960: gtk2-engines-gtk-qt: Crashes firefox and galeon

[Steve Langasek]

severity 290960 important
thanks

I also have not been able to reproduce this bug here.  Since it's not
reproducible with a default config, and may even be specific to a single Qt
theme, I think it's reasonable to not consider this bug release-critical, at
least until there's more information about how to reproduce it.

Thanks,
-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Bug#291782: (no subject)

[Matthew Vernon]

tags 291782 pending
quit
Thanks for this report. I've gone away and built this package with a newer 
gcc c, and the package will be uploaded later today.

Regards,
Matthew
--
Rapun.sel - outermost outpost of the Pick Empire
http://www.pick.ucam.org

--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290773: phpgroupware: forum, polls, preferences, projects, tts, wiki: HTML and SQL insertio

[Steve Langasek]

Hi Thomas,

 I have an upload of 005 ready but needed to figure out which changes 
 were security related.

I hope this doesn't mean that you're waiting to figure out which changes
were security related before uploading?

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Bug#287899: vdr: run as non-root user

[Thomas Schmidt]

Hi

* Steve Langasek schrieb am 23.01.05, um 10:44 Uhr:
 This RC bug has been tagged pending for almost a month now.  What's the
 status of this upload?

Sorry that the new package has not been uploaded yet, it was ready to
be uploaded last week, but my sponsor suggested another change on the
package, which i am testing now. I am very sure that the package which
will fix this bug will be uploaded during next week.


Regards,
Thomas

-- 
Thomas Schmidt
[EMAIL PROTECTED]


signature.asc
Description: Digital signature

Processed: Bug 280573: Quake II Server Multiple Remote Vulnerabilities

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 package quake2
Ignoring bugs not assigned to: quake2

 tags 280573 patch
Bug#280573: ID Software Quake II Server Multiple Remote Vulnerabilities
Tags were: security
Tags added: patch

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291355: marked as done (gaim-gnome: installation fails, depends on uninstalable libpanel-applet0)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 12:38:49 +
with message-id [EMAIL PROTECTED]
and subject line Bug#291355: Fwd: Re: Bug#291355: gaim-gnome: installation 
fails,depends on uninstalable libpanel-applet0
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 20 Jan 2005 09:04:29 +
From [EMAIL PROTECTED] Thu Jan 20 01:04:29 2005
Return-path: [EMAIL PROTECTED]
Received: from mail.marquard.pl [62.29.141.5] 
by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
id 1CrYEv-000247-00; Thu, 20 Jan 2005 01:04:29 -0800
Received: (qmail 19953 invoked from network); 20 Jan 2005 09:04:19 -
Received: from unknown (HELO localhost) (62.29.141.2)
  by mail.marquard.pl with SMTP; 20 Jan 2005 09:04:19 -
Received: from julian by localhost with local (Exim 4.43)
id 1CrYEm-000147-QS; Thu, 20 Jan 2005 10:04:20 +0100
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: julian kania [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: gaim-gnome: installation fails, depends on uninstalable 
libpanel-applet0
X-Mailer: reportbug 3.5
Date: Thu, 20 Jan 2005 10:04:20 +0100
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.3 required=4.0 tests=BAYES_00,HAS_PACKAGE,
SUBJ_HAS_UNIQ_ID autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: gaim-gnome
Version: 1:0.58-2.4
Severity: grave
Justification: renders package unusable


# LANG=en; apt-get install gaim-gnome
Reading Package Lists... Done
Building Dependency Tree... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.

Since you only requested a single operation it is extremely likely that
the package is simply not installable and a bug report against
that package should be filed.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
  gaim-gnome: Depends: libpanel-applet0 (= 1.4.0.2-3) but it is not installable



-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.6-1-686
Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2)

---
Received: (at 291355-done) by bugs.debian.org; 23 Jan 2005 12:38:41 +
From [EMAIL PROTECTED] Sun Jan 23 04:38:41 2005
Return-path: [EMAIL PROTECTED]
Received: from ppsw-4.csi.cam.ac.uk [131.111.8.134] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Csh0r-0004Wk-00; Sun, 23 Jan 2005 04:38:41 -0800
Received: from quadrant.corpus.cam.ac.uk ([131.111.235.202]:32896)
by ppsw-4.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.134]:25)
with esmtp id 1Csh0m-0006eL-Dh (Exim 4.44)
(return-path [EMAIL PROTECTED]); Sun, 23 Jan 2005 12:38:36 +
Message-ID: [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 12:38:49 +
From: Robert McQueen [EMAIL PROTECTED]
User-Agent: Debian Thunderbird 1.0 (X11/20050116)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Adam D. Barratt [EMAIL PROTECTED]
CC: [EMAIL PROTECTED], Luke Schierer [EMAIL PROTECTED], 
 julian [EMAIL PROTECTED]
Subject: Re: Bug#291355: Fwd: Re: Bug#291355: gaim-gnome: installation fails,
depends on uninstalable libpanel-applet0
References: [EMAIL PROTECTED] [EMAIL PROTECTED]
In-Reply-To: [EMAIL PROTECTED]
X-Enigmail-Version: 0.90.0.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
X-Cam-AntiVirus: No virus found
X-Cam-SpamDetails: Not scanned
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-2.1 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
HAS_BUG_NUMBER,SUBJ_HAS_UNIQ_ID autolearn=no 
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Adam D. Barratt wrote:
 Either the submitter has stable sources in their sources.list, or is using a
 very badly broken mirror.

I concur, this is clearly not a 

Bug#291718: marked as done (gforge: [security] GForge 3.x directory traversal vulnerability)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 07:47:07 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291718: fixed in gforge 3.1-26
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 22 Jan 2005 17:52:30 +
From [EMAIL PROTECTED] Sat Jan 22 09:52:29 2005
Return-path: [EMAIL PROTECTED]
Received: from c201166.ppp.asahi-net.or.jp (grapefruit) [210.155.201.166] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsPQz-0008WT-00; Sat, 22 Jan 2005 09:52:29 -0800
Received: by grapefruit (Postfix, from userid 1000)
id D6A80402F; Sun, 23 Jan 2005 02:56:08 +0900 (JST)
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Hideki Yamane [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: gforge: [security] GForge 3.x directory traversal vulnerability
X-Mailer: reportbug 3.6
Date: Sun, 23 Jan 2005 02:56:07 +0900
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: gforge
Severity: grave
Tags: security
Justification: user security hole

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear gforge maintainer,

 GForge 3.x has directory traversal vulnerabilities because of lack
 about sanitisation in some scripts.

 You can see detail about vulnerability with PoC and workaround
 in this advisory 
 http://www.securityfocus.com/archive/1/387850/2005-01-19/2005-01-25/0


- --
Regards,

 Hideki Yamane henrich @ samba.gr.jp/iijmio-mail.jp


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB8pO2Iu0hy8THJksRAhE8AJ4gntmdUoj0zApRAK6YfGvhsx7UtgCfXutm
xg2AiEbs1UB7saoWJlNdBgA=
=yAVX
-END PGP SIGNATURE-

---
Received: (at 291718-close) by bugs.debian.org; 23 Jan 2005 12:53:05 +
From [EMAIL PROTECTED] Sun Jan 23 04:53:05 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CshEn-0006a6-00; Sun, 23 Jan 2005 04:53:05 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Csh91-0004Xw-00; Sun, 23 Jan 2005 07:47:07 -0500
From: Roland Mas [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#291718: fixed in gforge 3.1-26
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 07:47:07 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: gforge
Source-Version: 3.1-26

We believe that the bug you reported is fixed in the latest version of
gforge, which is due to be installed in the Debian FTP archive:

gforge-common_3.1-26_all.deb
  to pool/main/g/gforge/gforge-common_3.1-26_all.deb
gforge-cvs_3.1-26_all.deb
  to pool/main/g/gforge/gforge-cvs_3.1-26_all.deb
gforge-db-postgresql_3.1-26_all.deb
  to pool/main/g/gforge/gforge-db-postgresql_3.1-26_all.deb
gforge-dns-bind9_3.1-26_all.deb
  to pool/main/g/gforge/gforge-dns-bind9_3.1-26_all.deb
gforge-ftp-proftpd_3.1-26_all.deb
  to pool/main/g/gforge/gforge-ftp-proftpd_3.1-26_all.deb
gforge-ldap-openldap_3.1-26_all.deb
  to pool/main/g/gforge/gforge-ldap-openldap_3.1-26_all.deb
gforge-lists-mailman_3.1-26_all.deb
  to pool/main/g/gforge/gforge-lists-mailman_3.1-26_all.deb
gforge-mta-exim4_3.1-26_all.deb
  to pool/main/g/gforge/gforge-mta-exim4_3.1-26_all.deb
gforge-mta-exim_3.1-26_all.deb
  to pool/main/g/gforge/gforge-mta-exim_3.1-26_all.deb
gforge-mta-postfix_3.1-26_all.deb
  to pool/main/g/gforge/gforge-mta-postfix_3.1-26_all.deb
gforge-shell-ldap_3.1-26_all.deb
  to pool/main/g/gforge/gforge-shell-ldap_3.1-26_all.deb
gforge-sourceforge-transition_3.1-26_all.deb
  to pool/main/g/gforge/gforge-sourceforge-transition_3.1-26_all.deb
gforge-web-apache_3.1-26_all.deb
  to pool/main/g/gforge/gforge-web-apache_3.1-26_all.deb
gforge_3.1-26.diff.gz
  to pool/main/g/gforge/gforge_3.1-26.diff.gz
gforge_3.1-26.dsc
  to 

Processed: Re: Bug#287107: kfish: query over licensing of fish images

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tags 287107 +pending
Bug#287107: kfish:  query over licensing of fish images
Tags were: unreproducible
Tags added: pending

 Thanks Mate :)
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#287107: kfish: query over licensing of fish images

[Helen Faulkner]

tags 287107 +pending
Thanks Mate :)
I have repackaged kfish, naming the correct author for the one 
problematic image that does turn out to be DFSG-free, and substituting 
the other images with DFSG-free ones (from kaquarium).

The new version will be uploaded when my sponsor is able to do that.
Thanks,
Helen Faulkner
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291254: Doesn't work with the latest kernel-source-2.6.8

[Aurelien Jarno]

On Fri, Jan 21, 2005 at 03:02:07AM -0500, Kyle McMartin wrote:
 Thanks, I've already fixed this in my working tree, but I've been working
 fairly heavily with Bdale and others to make sure the next upload works
 well for everyone, so I've not yet uploaded it yet.
 
 I expect to have fixed things up in a short while.
 
 If you're really desperate for punishment, you can fetch the latest
 debs from http://parisc-linux.org/~kyle/debian-kernel/2005-01-18/.

I have just tested them, they works well. Thanks!

Bye,
Aurélien

-- 
  .''`.  Aurelien Jarno   GPG: 1024D/F1BCDB73
 : :' :  Debian GNU/Linux developer | Electrical Engineer
 `. `'   [EMAIL PROTECTED] | [EMAIL PROTECTED]
   `-people.debian.org/~aurel32 | www.aurel32.net


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#290811: I can reproduce it now

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 Reassign 290811 libglade2-0
Bug#290811: meld crashes on start
Bug reassigned from package `meld' to `libglade2-0'.

 Retitle 290811 Upgrading to 2.4.1-1 version causes meld to crash.
Bug#290811: meld crashes on start
Changed Bug title.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290811: I can reproduce it now

[Margarita Manterola]

Reassign 290811 libglade2-0
Retitle 290811 Upgrading to 2.4.1-1 version causes meld to crash.
thanks

Hola Bas Zoetekouw!

  The dependency tree is:
  meld depends on python-gtk2, which depends on python2.3-gtk2 which depends
  on  libgtk2.0-0 (= 2.4.4) .  libgtk2.0-0 is presently at 2.4.14, I'm
  guessing that Bas might have a version that is in the middle of the two,
  and that for some reason has this non-deprecated vs deprecated issue.
 Nopes, this is an up-to-date sid system, with the latest gnome and gtk
 libraries.

Ok, based on this information, I kept investigating and found out that
after upgrading libglade2-0 to version 2.4.1-1, I can reproduce the bug,
though with the previous version (2.4.0-1) it did not occur.

Thus, I'm reassigning this bug to libglade.  I'll keep working on this,
hoping to find a solution.

-- 
 Bezos, (o.
 Marga. (/)_


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291827: /usr/share/doc/gaim is empty

[Angel Abad (Indio)]

Package: gaim
Version: 1:1.1.2-1
Severity: serious
Justification: 12


The /usr/share/doc/gaim directory is empty, please fill it, show:

# dpkg -L gaim
/.
/usr
/usr/lib
/usr/lib/menu
/usr/lib/menu/gaim
/usr/lib/gaim
/usr/lib/gaim/autorecon.so
/usr/lib/gaim/docklet.so
/usr/lib/gaim/extplacement.so
/usr/lib/gaim/gaim-remote.so
/usr/lib/gaim/gestures.so
/usr/lib/gaim/gevolution.so
/usr/lib/gaim/history.so
/usr/lib/gaim/iconaway.so
/usr/lib/gaim/idle.so
/usr/lib/gaim/libgg.so
/usr/lib/gaim/libirc.so
/usr/lib/gaim/libjabber.so
/usr/lib/gaim/libmsn.so
/usr/lib/gaim/libnapster.so
/usr/lib/gaim/libnovell.so
/usr/lib/gaim/liboscar.so
/usr/lib/gaim/libyahoo.so
/usr/lib/gaim/libzephyr.so
/usr/lib/gaim/notify.so
/usr/lib/gaim/relnot.so
/usr/lib/gaim/spellchk.so
/usr/lib/gaim/ssl-gnutls.so
/usr/lib/gaim/ssl-nss.so
/usr/lib/gaim/ssl.so
/usr/lib/gaim/statenotify.so
/usr/lib/gaim/tcl.so
/usr/lib/gaim/ticker.so
/usr/lib/gaim/timestamp.so
/usr/lib/libgaim-remote.so.0.0.0
/usr/bin
/usr/bin/gaim
/usr/bin/gaim-remote
/usr/share
/usr/share/doc
/usr/lib/libgaim-remote.so.0
/usr/share/doc/gaim

Bye,

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages gaim depends on:
ii  gaim-data1:1.1.2-1   multi-protocol instant messaging c
ii  libao2   0.8.5-1 Cross Platform Audio Output Librar
ii  libaspell15  0.50.5-5The GNU Aspell spell-checker runti
ii  libatk1.0-0  1.8.0-4 The ATK accessibility toolkit
ii  libaudiofile00.2.6-5 Open-source version of SGI's audio
ii  libc62.3.2.ds1-20GNU C Library: Shared libraries an
ii  libgcrypt11  1.2.0-11LGPL Crypto library - runtime libr
ii  libglib2.0-0 2.6.1-2 The GLib library of C routines
ii  libgnutls11  1.0.16-13   GNU TLS library - runtime library
ii  libgtk2.0-0  2.4.14-2The GTK+ graphical user interface 
ii  libgtkspell0 2.0.8-1 a spell-checking addon for GTK's T
ii  libice6  4.3.0.dfsg.1-10 Inter-Client Exchange library
ii  libpango1.0-01.6.0-3 Layout and rendering of internatio
ii  libsm6   4.3.0.dfsg.1-10 X Window System Session Management
ii  libstartup-notification0 0.7-1   library for program launch feedbac
ii  libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii  xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291827: /usr/share/doc/gaim is empty

[Robert McQueen]

Angel Abad (Indio) wrote:
The /usr/share/doc/gaim directory is empty, please fill it, show:
# dpkg -L gaim
/usr/share/doc/gaim
This is correct, the package contains a symlink from gaim to gaim-data. 
The error is that I forgot that dpkg won't replace a symlink with a 
directory, or vice versa, because of undefined behaviour when the 
directory has contents. I've added a preinst that rmdir's the 
/usr/share/doc/gaim directory, and will upload now.

Bye,
Regards,
Rob
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291782: marked as done (bible-kjv_4.17(hppa/unstable): FTBFS: compile errors (implicit definition))

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 09:47:02 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291782: fixed in bible-kjv 4.18
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 23 Jan 2005 05:43:13 +
From [EMAIL PROTECTED] Sat Jan 22 21:43:13 2005
Return-path: [EMAIL PROTECTED]
Received: from mmjgroup.com [192.34.35.33] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsaWn-Lt-00; Sat, 22 Jan 2005 21:43:13 -0800
Received: from mix.mmjgroup.com (mix.mmjgroup.com [192.34.35.16])
by mmjgroup.com (Postfix) with ESMTP id DEA1316DE8
for [EMAIL PROTECTED]; Sat, 22 Jan 2005 22:43:12 -0700 (MST)
Received: by mix.mmjgroup.com (Postfix, from userid 1000)
id EFEBE8F31F; Sat, 22 Jan 2005 22:43:13 -0700 (MST)
Date: Sat, 22 Jan 2005 22:43:13 -0700
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: bible-kjv_4.17(hppa/unstable): FTBFS: compile errors (implicit 
definition)
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.4 required=4.0 tests=BAYES_00,HAS_PACKAGE,
NO_REAL_NAME autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: bible-kjv
Version: 4.17
Severity: serious

There was an error while trying to autobuild your package:

 Automatic build of bible-kjv_4.17 on sarti by sbuild/hppa 1.170.5
 Build started at 20050123-0028

[...]

 ** Using build dependencies supplied by package:
 Build-Depends: libreadline4-dev

[...]

 rm -rf debian/tmp debian/files* bible debian/bible-kjv-text \
   debian/randverse debian/substvars randverse
  debian/rules build
 test -f bible.c -a -f debian/rules
 /usr/bin/make all
 make[1]: Entering directory `/build/buildd/bible-kjv-4.17'
 cc -Wall -Wformat -Werror -Wshadow -W -Wmissing-declarations 
 -Wmissing-prototypes -Wstrict-prototypes -Wcast-align -Wcast-qual 
 -Wbad-function-cast -Wpointer-arith -g2 -ggdb -DDESTLIB=\/usr/lib\   -c -o 
 bible.o bible.c
 ./makeindex2 bible.rawtext
 cc -Wall -Wformat -Werror -Wshadow -W -Wmissing-declarations 
 -Wmissing-prototypes -Wstrict-prototypes -Wcast-align -Wcast-qual 
 -Wbad-function-cast -Wpointer-arith -g2 -ggdb -DDESTLIB=\/usr/lib\   -c -o 
 brl-index.o brl-index.c
 cc -Wall -Wformat -Werror -Wshadow -W -Wmissing-declarations 
 -Wmissing-prototypes -Wstrict-prototypes -Wcast-align -Wcast-qual 
 -Wbad-function-cast -Wpointer-arith -g2 -ggdb -DDESTLIB=\/usr/lib\   -c -o 
 brl.o brl.c
 brl.c: In function `get_book':
 brl.c:585: warning: implicit declaration of function `exit'
 make[1]: *** [brl.o] Error 1
 make[1]: Leaving directory `/build/buildd/bible-kjv-4.17'
 make: *** [build] Error 2

A full build log can be found at:
http://buildd.debian.org/build.php?arch=hppapkg=bible-kjvver=4.17


---
Received: (at 291782-close) by bugs.debian.org; 23 Jan 2005 14:53:08 +
From [EMAIL PROTECTED] Sun Jan 23 06:53:08 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Csj6y-0002Rt-00; Sun, 23 Jan 2005 06:53:08 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Csj14-0007tE-00; Sun, 23 Jan 2005 09:47:02 -0500
From: Matthew Vernon [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#291782: fixed in bible-kjv 4.18
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 09:47:02 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: bible-kjv
Source-Version: 4.18

We believe that the bug you reported is fixed in the latest version of
bible-kjv, which is due to be installed in the Debian FTP archive:

bible-kjv-text_4.18_all.deb
  to pool/main/b/bible-kjv/bible-kjv-text_4.18_all.deb
bible-kjv_4.18.dsc
  to pool/main/b/bible-kjv/bible-kjv_4.18.dsc
bible-kjv_4.18.tar.gz
  to pool/main/b/bible-kjv/bible-kjv_4.18.tar.gz
bible

Bug#289865: libmd5-perl fails to build on arm processor

[Steve Langasek]

Hi Jay,

 Is this bug safe to reassign / kill?

I think you're safe to kill it, yes, unless there's evidence that
Digest::MD5 is universally broken on arm.  That seems unlikely to me, as I
would expect that module to be exercised in the building of other packages,
if nothing else.  (I know there are a number of tests as part of the perl
package's own testsuite.)

Cheers,
-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Bug#291380: marked as done ([msutton@iDefense.com: iDEFENSE Security Advisory 01.19.05: MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities])

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 07:12:21 -0800
with message-id [EMAIL PROTECTED]
and subject line [EMAIL PROTECTED]: iDEFENSE Security Advisory 01.19.05: MySQL 
MaxDB Web Agent Multiple Denial of Service Vulnerabilities]
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 20 Jan 2005 12:07:32 +
From [EMAIL PROTECTED] Thu Jan 20 04:07:32 2005
Return-path: [EMAIL PROTECTED]
Received: from luonnotar.infodrom.org [195.124.48.78] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Crb64-0001oX-00; Thu, 20 Jan 2005 04:07:32 -0800
Received: by luonnotar.infodrom.org (Postfix, from userid 10)
id 98BC3366B7F; Thu, 20 Jan 2005 13:07:34 +0100 (CET)
Received: at Infodrom Oldenburg (/\##/\ Smail-3.2.0.102 1998-Aug-2 #2)
from infodrom.org by finlandia.Infodrom.North.DE
via smail from stdin
id [EMAIL PROTECTED]
for [EMAIL PROTECTED]; Thu, 20 Jan 2005 13:01:19 +0100 (CET) 
Date: Thu, 20 Jan 2005 13:01:19 +0100
From: Martin Schulze [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [EMAIL PROTECTED]: iDEFENSE Security Advisory 01.19.05: MySQL MaxDB 
Web Agent Multiple Denial of Service Vulnerabilities]
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=HAS_PACKAGE autolearn=no 
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: maxdb
Severity: grave
Tags: sarge security
# sid is already fixed, so this is a reminder.

Two CVE ids have been assigned to this advisory:


Candidate: CAN-2005-0081
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0081

Reference: IDEFENSE:20050119 MySQL MaxDB Web Agent Multiple Denial of Service 
Vulnerabilities
Reference: 
URL:http://www.idefense.com/application/poi/display?id=187type=vulnerabilities

MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote
attackers to cause a denial of service (crash) via an HTTP request
with invalid headers.


Candidate: CAN-2005-0082
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0082

Reference: IDEFENSE:20050119 MySQL MaxDB Web Agent Multiple Denial of Service 
Vulnerabilities
Reference: 
URL:http://www.idefense.com/application/poi/display?id=187type=vulnerabilities

The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other
versions before 7.5.0.21, allows remote attackers to cause a denial of
service (crash) via invalid parameters to the WebDAV handler code,
which triggers a null dereference that causes the SAP DB Web Agent to
crash.

Please mention them in the changelog (or add them to the changelog
later with your next upload).

Regards,

Joey


- Forwarded message from Michael Sutton [EMAIL PROTECTED] -

Subject: iDEFENSE Security Advisory 01.19.05: MySQL MaxDB Web Agent Multiple 
Denial of Service Vulnerabilities
Date: Wed, 19 Jan 2005 16:03:46 -0500
From: Michael Sutton [EMAIL PROTECTED]
To: bugtraq@securityfocus.com, [EMAIL PROTECTED]
X-Folder: [EMAIL PROTECTED]

MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities

iDEFENSE Security Advisory 01.19.05
www.idefense.com/application/poi/display?id=187type=vulnerabilities
January 19, 2005

I. BACKGROUND

MaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG's
open source database. MaxDB is a heavy-duty, SAP-certified open source
database that offers high availability, scalability and a comprehensive
feature set. MaxDB complements the MySQL database server, targeted for
large mySAP ERP environments and other applications that require maximum
enterprise-level database functionality. Further details are available
at:

   http://www.mysql.com/products/maxdb/

II. DESCRIPTION

Two remotely exploitable denial of service conditions have been found to
exist in MySQL MaxDB and SAP DB Web Agent products.

The first vulnerability specifically exists due to a null pointer
dereference in the sapdbwa_GetUserData() function. A remote attacker can
request the webdav handler code with invalid parameters to cause a null
pointer dereference resulting in a crash of SAP DB Web Agent.

The second vulnerability is due to insufficient handling of malformed
HTTP headers. A remote attacker can submit a HTTP request with 

Bug#291827: /usr/share/doc/gaim is empty

[Angel Abad (Ikusnet SLL)]

Thank you for a rapid solution.

Bye.

Angel Abad (Ikusnet SLL)
[EMAIL PROTECTED]

Mil maneras de sentir y una de decir que no!



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#289646: kbabel: crash with some .po file

[Frans Pop]

I've also been having crashes using kbabel in Sarge (see #289646). I've 
had crashes with several po files now.

The behavior is somewhat eratic: when I first had the crash, I could 
always reproduce it, now I find that sometimes the crash does not happen.
Very likely my crashes are related to this BR.

The tag 'sid' for this bug is probably _not_ correct!

||/ Name  Version
+++-=-===
ii  kbabel3.3.1-2
ii  kdelibs   3.3.1-4
ii  kdelibs4  3.3.1-4


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291827: marked as done (/usr/share/doc/gaim is empty)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 10:17:05 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291827: fixed in gaim 1:1.1.2-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 23 Jan 2005 13:50:13 +
From [EMAIL PROTECTED] Sun Jan 23 05:50:05 2005
Return-path: [EMAIL PROTECTED]
Received: from (mail.pastelero.net) [217.76.134.161] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Csi7v-0006Po-00; Sun, 23 Jan 2005 05:50:03 -0800
Received: from mail.pastelero.net (localhost [127.0.0.1])
by mail.pastelero.net (Postfix) with ESMTP id 6FA0D1A0007;
Sun, 23 Jan 2005 15:33:52 +0100 (CET)
Received: from goa.atxeta (173.Red-213-98-156.pooles.rima-tde.net 
[213.98.156.173])
by mail.pastelero.net (Postfix) with ESMTP id E0B2B1A0003;
Sun, 23 Jan 2005 15:33:51 +0100 (CET)
Received: by goa.atxeta (Postfix, from userid 1000)
id A06BF4BF3E; Sun, 23 Jan 2005 14:49:18 +0100 (CET)
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Angel Abad (Indio) [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: /usr/share/doc/gaim is empty
X-Mailer: reportbug 3.6
Date: Sun, 23 Jan 2005 14:49:18 +0100
Message-Id: [EMAIL PROTECTED]
X-Virus-Scanned: ClamAV using ClamSMTP
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: gaim
Version: 1:1.1.2-1
Severity: serious
Justification: 12


The /usr/share/doc/gaim directory is empty, please fill it, show:

# dpkg -L gaim
/.
/usr
/usr/lib
/usr/lib/menu
/usr/lib/menu/gaim
/usr/lib/gaim
/usr/lib/gaim/autorecon.so
/usr/lib/gaim/docklet.so
/usr/lib/gaim/extplacement.so
/usr/lib/gaim/gaim-remote.so
/usr/lib/gaim/gestures.so
/usr/lib/gaim/gevolution.so
/usr/lib/gaim/history.so
/usr/lib/gaim/iconaway.so
/usr/lib/gaim/idle.so
/usr/lib/gaim/libgg.so
/usr/lib/gaim/libirc.so
/usr/lib/gaim/libjabber.so
/usr/lib/gaim/libmsn.so
/usr/lib/gaim/libnapster.so
/usr/lib/gaim/libnovell.so
/usr/lib/gaim/liboscar.so
/usr/lib/gaim/libyahoo.so
/usr/lib/gaim/libzephyr.so
/usr/lib/gaim/notify.so
/usr/lib/gaim/relnot.so
/usr/lib/gaim/spellchk.so
/usr/lib/gaim/ssl-gnutls.so
/usr/lib/gaim/ssl-nss.so
/usr/lib/gaim/ssl.so
/usr/lib/gaim/statenotify.so
/usr/lib/gaim/tcl.so
/usr/lib/gaim/ticker.so
/usr/lib/gaim/timestamp.so
/usr/lib/libgaim-remote.so.0.0.0
/usr/bin
/usr/bin/gaim
/usr/bin/gaim-remote
/usr/share
/usr/share/doc
/usr/lib/libgaim-remote.so.0
/usr/share/doc/gaim

Bye,

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages gaim depends on:
ii  gaim-data1:1.1.2-1   multi-protocol instant messaging c
ii  libao2   0.8.5-1 Cross Platform Audio Output Librar
ii  libaspell15  0.50.5-5The GNU Aspell spell-checker runti
ii  libatk1.0-0  1.8.0-4 The ATK accessibility toolkit
ii  libaudiofile00.2.6-5 Open-source version of SGI's audio
ii  libc62.3.2.ds1-20GNU C Library: Shared libraries an
ii  libgcrypt11  1.2.0-11LGPL Crypto library - runtime libr
ii  libglib2.0-0 2.6.1-2 The GLib library of C routines
ii  libgnutls11  1.0.16-13   GNU TLS library - runtime library
ii  libgtk2.0-0  2.4.14-2The GTK+ graphical user interface 
ii  libgtkspell0 2.0.8-1 a spell-checking addon for GTK's T
ii  libice6  4.3.0.dfsg.1-10 Inter-Client Exchange library
ii  libpango1.0-01.6.0-3 Layout and rendering of internatio
ii  libsm6   4.3.0.dfsg.1-10 X Window System Session Management
ii  libstartup-notification0 0.7-1   library for program launch feedbac
ii  libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii  xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu

-- no debconf information


---
Received: 

Processed: Patch that fixes the problem in libglade

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 Merge 288445 287167 290811
Bug#287167: libglade errors on startup
Bug#288445: libglade2-0 upgrade breaks synaptic toolbar
Mismatch - only Bugs in same state can be merged:
Values for `package' don't match:
 #287167 has `meld';
 #288445 has `synaptic'
Values for `forwarded addr' don't match:
 #287167 has `http://bugzilla.gnome.org/show_bug.cgi?id=163322';
 #288445 has `'
Values for `severity' don't match:
 #287167 has `grave';
 #288445 has `important'

 Tags 290811 +patch
Bug#290811: Upgrading to 2.4.1-1 version causes meld to crash.
There were no tags set.
Tags added: patch

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#289646: kbabel: crash with some .po file

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tag 289646 - sid
Bug#289646: kbabel: crash with some .po file
Tags were: sid
Tags removed: sid

 thanks dude
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#289646: kbabel: crash with some .po file

[Adeodato Simó]

tag 289646 - sid
thanks dude

 The tag 'sid' for this bug is probably _not_ correct!

  Yeah, I forgot to remove it after Riku's mail. In the future, please
  feel free to do control@ handling yourself when you're confident :-)
  (At least in KDE land.)

  Cheers (and congrats for your AM ;-),

-- 
Adeodato Simó
EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
The pure and simple truth is rarely pure and never simple.
-- Oscar Wilde



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#281655: info2www: Cross-site scripting vulnerability

[Uwe Hermann]

Hi,

sorry, the mail about this bug somehow got lost in my inbox...

(CC to debian-devel, any help with this issue is welcome)


On Wed, Nov 17, 2004 at 03:45:55AM +0100, Nicolas Gregoire wrote:
 Package: info2www
 Version: 1.2.2.9-22
 Severity: normal
 Tags: security
 
 There's a XSS vulnerabilty in the info2www CGI.
 
 The following URL will display the document location using Javascript :
 /cgi-bin/info2www?(coreutils)scriptalert(document.location)script

Hm, seems like I can't reproduce this. If I enter the above URL in a
browser (I tried Galeon and Firefox) I get:

Sorry! - Couldn't find target: alert(document.location) in file
coreutils.

No document location is revealed and the rest of the page is shown as
usual... Can you provide another example and/or tell me what I did wrong?

Also, I checked not only my local install but also some info2www
installations on the internet (found using Google), they reveal the same
behaviour.


 Every user-supplied parameter should be sanitized before use.

ACK, I'll try to check the code, but it won't be easy I guess. The code
is from 1996, unmaintained and quite surely contains lots more security
issues.

Any help and/or patches are really welcome!

Uwe.
-- 
Uwe Hermann [EMAIL PROTECTED]
http://www.hermann-uwe.de | http://www.crazy-hacks.org
http://www.it-services-uh.de  | http://www.phpmeat.org
http://www.unmaintained-free-software.org | http://www.holsham-traders.de


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291265: marked as done ([Fixed in CVS] Silent data loss when saving in a directory with iso8859-1 name)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 11:17:44 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291265: fixed in gnumeric 1.4.2-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 19 Jan 2005 18:50:11 +
From [EMAIL PROTECTED] Wed Jan 19 10:50:11 2005
Return-path: [EMAIL PROTECTED]
Received: from postfix3-1.free.fr [213.228.0.44] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CrKuA-0001Un-00; Wed, 19 Jan 2005 10:50:11 -0800
Received: from simone (unknown [82.233.190.178])
by postfix3-1.free.fr (Postfix) with ESMTP id CA552173511;
Wed, 19 Jan 2005 19:50:07 +0100 (CET)
Received: from nicolas by simone with local (Exim 4.34)
id 1CrKuJ-pJ-7J; Wed, 19 Jan 2005 19:50:19 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15
From: Nicolas Boulenguez [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: gnumeric: Silent data loss when saving in a directory with iso8859-1 
name
X-Mailer: reportbug 3.2
Date: Wed, 19 Jan 2005 19:50:19 +0100
Message-Id: [EMAIL PROTECTED]
Content-Transfer-Encoding: quoted-printable
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: gnumeric
Version: 1.4.1-1
Severity: critical
Justification: causes serious data loss


Hello.

Save a file, say Book1.gnumeric, in a directory named =E9. In the
window dedicated to save, it is named \351 (iso8859-1, octal) in
the saving dialog. Nothing seems unusual, I heard that gnome uses
UTF8. Except the file has a size of 0, and the data is lost.

It does not lose data, but it seems related:
- The same works correctly if I create the directory with gnumeric (it
uses an unicode filename, with ugly two-letters results).
- Loading a file with an =E9 in its name crashes gnumeric.

Maybe it is not worth the mess, because UTF8 is the future and few
users use the command line and gnumeric. But a save your data
elsewhere message would be nice.


PS: Do not cry for my data, I printed before s(h)aving them
accidently.

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9.20041229
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=3DISO-8859-15)

Versions of packages gnumeric depends on:
ii  gconf2   2.8.1-4 GNOME configuration database=
 syste
ii  gnumeric-common  1.4.1-1 Common files for Gnumeric, t=
he GNO
ii  gsfonts  8.14+v8.11-0.1  Fonts for the Ghostscript in=
terpre
ii  libart-2.0-2 2.3.16-6Library of functions for 2D =
graphi
ii  libatk1.0-0  1.8.0-4 The ATK accessibility toolki=
t
ii  libbonobo2-0 2.8.0-4 Bonobo CORBA interfaces libr=
ary
ii  libbonoboui2-0   2.8.0-2 The Bonobo UI library
ii  libc62.3.2.ds1-20GNU C Library: Shared librar=
ies an
ii  libgconf2-4  2.8.1-4 GNOME configuration database=
 syste
ii  libglade2-0  1:2.4.1-1   Library to load .glade files=
 at ru
ii  libglib2.0-0 2.4.8-1 The GLib library of C routin=
es
ii  libgnome2-0  2.8.0-6 The GNOME 2 library - runtim=
e file
ii  libgnomecanvas2-02.8.0-1 A powerful object-oriented d=
isplay
ii  libgnomeprint2.2-0   2.8.2-1 The GNOME 2.2 print architec=
ture -
ii  libgnomeprintui2.2-0 2.8.1-1 The GNOME 2.2 print architec=
ture U
ii  libgnomeui-0 2.8.0-3 The GNOME 2 libraries (User =
Interf
ii  libgnomevfs2-0   2.8.3-8 The GNOME virtual file-syste=
m libr
ii  libgsf-1 1.11.1-1Structured File Library - ru=
ntime=20
ii  libgsf-gnome-1   1.11.1-1Structured File Library - ru=
ntime=20
ii  libgtk2.0-0  2.4.14-2The GTK+ graphical user inte=
rface=20
ii  libice6  4.3.0.dfsg.1-10 Inter-Client Exchange librar=
y
ii  liborbit21:2.10.2-1.1libraries for ORBit2 - a COR=
BA ORB
ii  libpango1.0-01.6.0-3 Layout and rendering of inte=
rnatio
ii  libpopt0 1.7-5   lib for parsing cmdline para=

Bug#284783: kernel-image-2.6.9-1-686-smp: Kernel oops possibly related to kswapd

[Sean O'Dubhghaill]

Hi maks

I'm now running 2.6.10 (not from unstable though it's vanilla with ac1 
patches) and I haven't had a single kernel opps since. I've attached a dmesg 
from the kernel i'm currently running. If you would like I can switch back to 
an older kernel to test it/get a dmesg etc.

thanks,
sean
Linux version 2.6.10-ac1 ([EMAIL PROTECTED]) (gcc version 3.3.5 (Debian 
1:3.3.5-5)) #1 SMP Thu Dec 30 13:15:25 GMT 2004
BIOS-provided physical RAM map:
 BIOS-e820:  - 0009fc00 (usable)
 BIOS-e820: 0009fc00 - 000a (reserved)
 BIOS-e820: 000f - 0010 (reserved)
 BIOS-e820: 0010 - 1fff (usable)
 BIOS-e820: 1fff - 1fff8000 (ACPI data)
 BIOS-e820: 1fff8000 - 2000 (ACPI NVS)
 BIOS-e820: fec0 - fec01000 (reserved)
 BIOS-e820: fee0 - fee01000 (reserved)
 BIOS-e820: fffc - 0001 (reserved)
511MB LOWMEM available.
found SMP MP-table at 000fbe00
On node 0 totalpages: 131056
  DMA zone: 4096 pages, LIFO batch:1
  Normal zone: 126960 pages, LIFO batch:16
  HighMem zone: 0 pages, LIFO batch:1
DMI 2.3 present.
ACPI: RSDP (v000 AMI   ) @ 0x000fa950
ACPI: RSDT (v001 AMIINT AMIINI09 0x0010 MSFT 0x0097) @ 0x1fff
ACPI: FADT (v001 AMIINT AMIINI09 0x0011 MSFT 0x0097) @ 0x1fff0030
ACPI: MADT (v001 AMIINT AMIINI09 0x0011 MSFT 0x0097) @ 0x1fff00c0
ACPI: DSDT (v001VIA APOLLO-P 0x1000 MSFT 0x010d) @ 0x
ACPI: PM-Timer IO Port: 0x808
ACPI: Local APIC address 0xfee0
ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] enabled)
Processor #0 6:8 APIC version 17
ACPI: LAPIC (acpi_id[0x02] lapic_id[0x01] enabled)
Processor #1 6:8 APIC version 17
ACPI: IOAPIC (id[0x02] address[0xfec0] gsi_base[0])
IOAPIC[0]: apic_id 2, version 17, address 0xfec0, GSI 0-23
ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 low level)
ACPI: IRQ0 used by override.
ACPI: IRQ2 used by override.
ACPI: IRQ9 used by override.
Enabling APIC mode:  Flat.  Using 1 I/O APICs
Using ACPI (MADT) for SMP configuration information
Built 1 zonelists
Kernel command line: root=/dev/hda3 ro
mapped APIC to d000 (fee0)
mapped IOAPIC to c000 (fec0)
Initializing CPU#0
PID hash table entries: 2048 (order: 11, 32768 bytes)
Detected 996.900 MHz processor.
Using pmtmr for high-res timesource
Console: colour VGA+ 80x25
Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
Memory: 515248k/524224k available (2211k kernel code, 8500k reserved, 832k 
data, 216k init, 0k highmem)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
Calibrating delay loop... 1974.27 BogoMIPS (lpj=987136)
Mount-cache hash table entries: 512 (order: 0, 4096 bytes)
CPU: After generic identify, caps: 0387fbff   
CPU: After vendor identify, caps:  0387fbff   
CPU: L1 I cache: 16K, L1 D cache: 16K
CPU: L2 cache: 256K
CPU serial number disabled.
CPU: After all inits, caps:0383fbff   0040
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Checking 'hlt' instruction... OK.
CPU0: Intel Pentium III (Coppermine) stepping 0a
per-CPU timeslice cutoff: 731.68 usecs.
task migration cache decay timeout: 1 msecs.
Booting processor 1/1 eip 3000
Initializing CPU#1
Calibrating delay loop... 1990.65 BogoMIPS (lpj=995328)
CPU: After generic identify, caps: 0387fbff   
CPU: After vendor identify, caps:  0387fbff   
CPU: L1 I cache: 16K, L1 D cache: 16K
CPU: L2 cache: 256K
CPU serial number disabled.
CPU: After all inits, caps:0383fbff   0040
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#1.
CPU1: Intel Pentium III (Coppermine) stepping 0a
Total of 2 processors activated (3964.92 BogoMIPS).
ENABLING IO-APIC IRQs
..TIMER: vector=0x31 pin1=2 pin2=-1
checking TSC synchronization across 2 CPUs: passed.
Brought up 2 CPUs
CPU0:
 domain 0: span 3
  groups: 1 2
CPU1:
 domain 0: span 3
  groups: 2 1
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xfdb21, last bus=1
PCI: Using configuration type 1
mtrr: v2.0 (20020519)
mtrr: your CPUs had inconsistent variable MTRR settings
mtrr: probably your BIOS does not setup all CPUs.
mtrr: corrected configuration.
ACPI: Subsystem revision 20041105
ACPI: Interpreter enabled
ACPI: Using IOAPIC for interrupt routing
ACPI: PCI Root Bridge [PCI0] (00:00)
PCI: Probing PCI hardware (bus 00)
ACPI: PCI Interrupt Routing Table [\_SB_.PCI0._PRT]
ACPI: Power Resource [URP1] (off)
ACPI: Power Resource [URP2] (off)
ACPI: Power Resource 

Processed: merging hwtools

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 severity 291504 serious
Bug#291504: hwtools: man page buffer.1.gz conflicts with the one from the 
buffer package
Severity set to `serious'.

 severity 291138 serious
Bug#291138: hwtools: uninstallable
Severity set to `serious'.

 merge 291504 291138
Bug#291138: hwtools: uninstallable
Bug#291504: hwtools: man page buffer.1.gz conflicts with the one from the 
buffer package
Merged 291138 291504.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291846: Bugs not fixed from 2.6.8

[Peter Walser]

Package: kernel-image-2.6.8-2-686
Version:  2.6.8-12
Severity:  grave

hi

Has someone looked at the bugs in kernel-image-2.6.8-1-386 and 
kernel-image-2.6.8-1-686?
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=kernel-image-2.6.8-1-386
Grave functionality bugs - outstanding (1 bug)
Important bugs - outstanding (5 bugs)
Normal bugs - outstanding (9 bugs)
Wishlist items - outstanding (1 bug)
Grave functionality bugs - resolved (2 bugs)
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=kernel-image-2.6.8-1-686
Critical bugs - outstanding (1 bug)
Important bugs - outstanding (8 bugs)
Normal bugs - outstanding (21 bugs)
Minor bugs - outstanding (2 bugs)
Wishlist items - outstanding (1 bug)
Normal bugs - resolved (1 bug)

At least not all bugs are tested, if they are still present and the  
people are not informed to test with the newer version 
kernel-image-2.6.8-2-686.
My bug #282800 is still not fixed and you shouldn't go out with this 
2.6.8. In Kernel 2.6.10 this bug is fixed.


Peter


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#281655: info2www: Cross-site scripting vulnerability

[Justin Pryzby]

On Sun, Jan 23, 2005 at 05:12:15PM +0100, Uwe Hermann wrote:
 Hi,
 
 sorry, the mail about this bug somehow got lost in my inbox...
 
 (CC to debian-devel, any help with this issue is welcome)
 
 
 On Wed, Nov 17, 2004 at 03:45:55AM +0100, Nicolas Gregoire wrote:
  Package: info2www
  Version: 1.2.2.9-22
  Severity: normal
  Tags: security
  
  There's a XSS vulnerabilty in the info2www CGI.
  
  The following URL will display the document location using Javascript :
  /cgi-bin/info2www?(coreutils)scriptalert(document.location)script
 
I anticipate that its supposed to be /script

I'm not sure I understand the problem, though; what's wrong with
displaying the document location (though its a bug and should be
fixed, I don't see why its a security issue.  Isn't the document
location the thing that's already going to be in the address bar?)

  Every user-supplied parameter should be sanitized before use.
 
 ACK, I'll try to check the code, but it won't be easy I guess. The code
 is from 1996, unmaintained and quite surely contains lots more security
 issues.
 
 Any help and/or patches are really welcome!
I can try to help, but I guess I have to undertand the problem first:)

Justin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291845: Bugs not fixed from 2.6.8

[Peter Walser]

Package: kernel-image-2.6.8-i386
Version:  2.6.8-12
Severity:  grave

hi

Has someone looked at the bugs in kernel-image-2.6.8-1-386 and 
kernel-image-2.6.8-1-686?
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=kernel-image-2.6.8-1-386
Grave functionality bugs - outstanding (1 bug)
Important bugs - outstanding (5 bugs)
Normal bugs - outstanding (9 bugs)
Wishlist items - outstanding (1 bug)
Grave functionality bugs - resolved (2 bugs)
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=kernel-image-2.6.8-1-686
Critical bugs - outstanding (1 bug)
Important bugs - outstanding (8 bugs)
Normal bugs - outstanding (21 bugs)
Minor bugs - outstanding (2 bugs)
Wishlist items - outstanding (1 bug)
Normal bugs - resolved (1 bug)

At least not all bugs are tested, if they are still present and the  
people are not informed to test with the newer version 
kernel-image-2.6.8-2-686.
My bug #282800 is still not fixed and you shouldn't go out with this 
2.6.8. In Kernel 2.6.10 this bug is fixed.


Peter



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#284783: kernel-image-2.6.9-1-686-smp: Kernel oops possibly related to kswapd

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 severity 284783 serious
Bug#284783: kernel-image-2.6.9-1-686-smp: Kernel oops possibly related to kswapd
Severity set to `serious'.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290597: fails to configure because gs-common is not configured

[Matt Kraai]

On Sun, Jan 23, 2005 at 01:37:03AM -0800, Steve Langasek wrote:
 reassign 290597 gs-common
 thanks
 
 Matt,
 
 All of the high-level apt tools should be capable of breaking this kind of
 dependency loop between gs-gpl and gs-common, so the most apparent reason
 for this kind of failure would be that gs-common could not be configured for
 reasons other than this dependency loop.  I think we really need to see the
 output of trying to install gs-common on this system in order to debug this.

OK.  I'll reproduce the problem Monday and send more information.

-- 
Matt


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#284783: kernel-image-2.6.9-1-686-smp: Kernel oops possibly related to kswapd

[maximilian attems]

severity 284783 serious
thanks

On Sun, 23 Jan 2005, Sean O'Dubhghaill wrote:

 I'm now running 2.6.10 (not from unstable though it's vanilla with ac1 
 patches) and I haven't had a single kernel opps since. I've attached a dmesg 
 from the kernel i'm currently running. If you would like I can switch back to 
 an older kernel to test it/get a dmesg etc.

ok could you try the kernel-images from unstable for 2.6.10,
so that we now if there is anything debian specific in your bug report?
and if not close it. ;-)

(2.6.9 will be kicked soon out of the archive).

thanks for your feedback
maks



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#288550: eroaster patch

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tag 288550 patch
Bug#288550: eroaster crashes upon cdrecord version checking
There were no tags set.
Tags added: patch

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#287167: Patch that fixes the problem in libglade

[Ross Burton]

On Sun, 2005-01-23 at 12:31 -0300, Margarita Manterola wrote:
 They were all the same bug: libglade2 made an important update in the code
 of glade-gtk.c that started using the new toolbar api.  This change
 rendered programs that used both glade and the toolbar api directly
 unusable.

What about glade files and applications which expect the new API to be
used?  The problem is that the two APIs cannot be mixed, so will this
change just result in a different set of applications breaking?

I hope to be proved wrong... :)

Ross
-- 
Ross Burton mail: [EMAIL PROTECTED]
  jabber: [EMAIL PROTECTED]
 www: http://www.burtonini.com./
 PGP Fingerprint: 1A21 F5B0 D8D0 CFE3 81D4 E25A 2D09 E447 D0B4 33DF




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#288550: eroaster patch

[Justin Pryzby]

tag 288550 patch
thanks

On Sun, Jan 23, 2005 at 07:19:29PM +0100, Chrissie wrote:
 On Sat, Jan 22, 2005 at 07:17:18PM -0500, Justin Pryzby wrote:
  Hi,
  
  You recently submitted a bug on eroaster,
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=288550.  I'm unable
  to reproduce this; could you add debugging statements to show what are
  the value of version[1], len(version[1]), and range(len(version[1]))?
 
 Well, version[1] does not exist, i get the message: index out of range.
 I did the following:
 versionLine = output[0]
 splitted = split(versionLine,  )
 version = split(splitted[1], .
 print debugging output by chrissie
   print %s % versionLine
 print %s % splitted
 print %s % version
 
 And i get the following output:
 
 debugging output by chrissie
 cdrecord: Warning: Running on Linux-2.6.10-ac7
 ['cdrecord:', 'Warning:', 'Running', 'on', 'Linux-2.6.10-ac7']
 ['Warning:']
Oh.  So, cdrecord is outputting to stdout and to stderr, and the first
line that python sees is stderr (because its unbuffered): Warning:
Running on Linux-2.6

I can recommend the following workaround:

   - output = cmdoutput(%s -version 21 % self.__cdrecord_command, strip 
= TRUE)
   + output = cmdoutput(%s -version 21 |grep -i Copyright % 
self.__cdrecord_command, strip = TRUE)

That's untested, but will store the right line.  One could also use

   + output = cmdoutput(%s -version 2/dev/null % 
self.__cdrecord_command, strip = TRUE)

But I'd have to recommend checking the return value.  (The first
method should make sure that grep returns 0 (Match found without
error).

 I also did the following on the command line:
 
 [EMAIL PROTECTED]:~$ cdrecord -version
 Cdrecord-Clone 2.01.01a01 (i686-pc-linux-gnu) Copyright (C) 1995-2004 Jörg 
 Schilling
 NOTE: this version of cdrecord is an inofficial (modified) release of cdrecord
 and thus may have bugs that are not present in the original version.
 Please send bug reports and support requests to [EMAIL PROTECTED].
 The original author should not be bothered with problems of this version.
 
 cdrecord: Warning: Running on Linux-2.6.10-ac7
 cdrecord: There are unsettled issues with Linux-2.5 and newer.
 cdrecord: If you have unexpected problems, please try Linux-2.4 or Solaris
 
 Seems do be a problem on parsing the output of cdrecord -version in my
 case...
Yep, for sure.  Thanks for following up.

Justin

Bug#290339: Test build of supercollider 040926-3 succeded on mips

[Thiemo Seufer]

I wasn't able to reproduce the FTBFS on mips with version 040926-3. The
package builds but has some warnings in the build log as pasted below.


Thiemo


[snip]
# adding some tests after the install
mkdir synthdefs
if ! LD_LIBRARY_PATH=./debian/supercollider/usr/lib 
./debian/supercollider/usr/bin/sclang.real -l 
./debian/supercollider/etc/sclang$echo outch, sclang test failed. 
sclang does not support 64 bit mode yet; \
exit 1; \
fi
./debian/supercollider/etc/sclang.cfg,10: couldn't resolve path 
/usr/share/SuperCollider/SCClassLibrary/Linux
./debian/supercollider/etc/sclang.cfg,13: couldn't resolve path 
/usr/share/SuperCollider/SCClassLibrary/Common
./debian/supercollider/etc/sclang.cfg,14: couldn't resolve path 
/usr/share/SuperCollider/SCClassLibrary/DefaultLibrary
./debian/supercollider/etc/sclang.cfg,15: couldn't resolve path 
/usr/share/SuperCollider/SCClassLibrary/backwards_compatibility
init_OSC
-TempoClock_stopAll 
-TempoClock_stopAll 
compiling class library..
NumPrimitives = 483
pass 1 done
There is a discrepancy.
numClassDeps 0   gNumClasses 78
-TempoClock_stopAll 
-TempoClock_stopAll 
rm -rf synthdefs archive.sctxar
/usr/bin/make -f debian/rules DH_OPTIONS=-a binary-common
make[1]: Entering directory `/home/ths/colo/supercollider/supercollider-040926'
dh_testdir
dh_testroot
dh_installchangelogs
dh_installdocs
dh_installexamples
dh_installmenu
dh_installemacsen
dh_installman
dh_link
dh_strip
dh_compress -X.rtf
dh_fixperms
dh_makeshlibs
dh_installdeb
dh_shlibdeps -L supercollider -l debian/supercollider/usr/lib
Use of uninitialized value in scalar assignment at /usr/bin/dh_shlibdeps line 
138, COMPAT_IN line 3.
dh_gencontrol
dpkg-gencontrol: warning: unknown substitution variable ${misc:Depends}
dpkg-gencontrol: warning: unknown substitution variable ${shlibs:Depends}
dpkg-gencontrol: warning: unknown substitution variable ${misc:Depends}
dh_md5sums
dh_builddeb
dpkg-deb: building package `supercollider' in 
`../supercollider_040926-3_mips.deb'.
dpkg-deb: building package `supercollider-dev' in 
`../supercollider-dev_040926-3_mips.deb'.
make[1]: Leaving directory `/home/ths/colo/supercollider/supercollider-040926'
 dpkg-genchanges -B
dpkg-genchanges: arch-specific upload - not including arch-independent packages
dpkg-genchanges: binary-only upload - not including any source code
dpkg-buildpackage: binary only upload (no source included)



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: Re: File image creation failed (incorrect file names)

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 severity 291385 normal
Bug#291385: nautilus-cd-burner: File image creation failed (incorrect file 
names)
Severity set to `normal'.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291385: File image creation failed (incorrect file names)

[Ross Burton]

severity 291385 normal
thanks

 I found this on google that might be related :
 http://www.dbforums.com/t1080777.html

The Character Sets section in the mkisofs manual says that UTF-8 is
supported by Debian, so unless you have built a custom cdrtools without
the iconv patches this shouldn't be the problem.  I presume if you try
and write a CD with ASCII names it works fine?

Ross
-- 
Ross Burton mail: [EMAIL PROTECTED]
  jabber: [EMAIL PROTECTED]
 www: http://www.burtonini.com./
 PGP Fingerprint: 1A21 F5B0 D8D0 CFE3 81D4 E25A 2D09 E447 D0B4 33DF




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Processed: initrd

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 reassign 291362 initrd-tools
Bug#291362: installation-reports: LVM install failed due to missing dmsetup
Bug#291006: installation-reports: LVM install failed due to missing dmsetup
Bug reassigned from package `installation-reports' to `initrd-tools'.

 retitle 291362 crypto support broke root on LVM
Bug#291362: installation-reports: LVM install failed due to missing dmsetup
Changed Bug title.

 --
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#290811: Bug#287167: Patch that fixes the problem in libglade

[Margarita Manterola]

Hola Ross Burton!

 What about glade files and applications which expect the new API to be
 used?  The problem is that the two APIs cannot be mixed, so will this
 change just result in a different set of applications breaking?

If there are applications that use the new api directly, yes, they will be
broken.  The fact is that we are really close to the famous sarge freeze,
and if other applications break because of this, they probably won't be
allowed to enter sarge.  After Sarge is released we can go and ask all the
applications to update their API (I guess).

-- 
 Besos,
 Maggie.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#261740: marked as done ([CAN-2004-0721] frame injection vulnerability)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 13:17:26 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#261740: fixed in kdebase 4:3.3.2-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 27 Jul 2004 21:48:12 +
From [EMAIL PROTECTED] Tue Jul 27 14:48:12 2004
Return-path: [EMAIL PROTECTED]
Received: from mail.o2w.nl [213.227.141.209] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BpZnw-0003EQ-00; Tue, 27 Jul 2004 14:48:12 -0700
Received: from zensunni.xinara.org (unknown [217.22.72.48])
(using TLSv1 with cipher RC4-SHA (128/128 bits))
(Client did not present a certificate)
by mail.o2w.nl (Postfix) with ESMTP id 6E096358B5
for [EMAIL PROTECTED]; Tue, 27 Jul 2004 23:48:07 +0200 (CEST)
Received: from ray by zensunni.xinara.org with local (Exim 4.34)
id 1BpZno-00082Y-RC; Tue, 27 Jul 2004 23:48:04 +0200
Date: Tue, 27 Jul 2004 23:48:04 +0200
From: J.H.M. Dassen (Ray) [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: [CAN-2004-0721] frame injection vulnerability
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 2.63
Organization: Ray at home
X-System: Debian GNU/Linux 3.1, kernel 2.4.27-rc3
User-Agent: Mutt/1.5.6+20040722i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: konqueror
Version: 4:3.2.2-1
Severity: grave
Tags: security upstream sid

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 :

+-+
| Name| CAN-2004-0721 (under review)  |
|-+---|
| | Konqueror 3.1.3, 3.2.2, and possibly other versions does not  |
| | properly prevent a frame in one domain from injecting content |
| Description | into a frame that belongs to another domain,m which   |
| | facilitates web site spoofing and other attacks, aka the  |
| | frame injection vulnerability.|
|-+---|
| |   * MISC:http://secunia.com/advisories/11978  |
| References  |   * MISC:http://secunia.com/  |
| | multiple_browsers_frame_injection_vulnerability_test/ |
|-+---|
| Phase   | Assigned (20040722)   |
|-+---|

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (800, 'unstable'), (750, 'experimental'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-rc3
Locale: LANG=C, LC_CTYPE=en_US.ISO8859-1
-- 
Obsig: developing a new sig

---
Received: (at 261740-close) by bugs.debian.org; 23 Jan 2005 18:23:25 +
From [EMAIL PROTECTED] Sun Jan 23 10:23:25 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsmOS-0001Dr-00; Sun, 23 Jan 2005 10:23:24 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1CsmIg-0003yo-00; Sun, 23 Jan 2005 13:17:26 -0500
From: Debian Qt/KDE Maintainers debian-qt-kde@lists.debian.org
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#261740: fixed in kdebase 4:3.3.2-1
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 13:17:26 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 19

Source: kdebase
Source-Version: 4:3.3.2-1

We believe that the bug you reported is fixed in the 

Processed: Fixed in NMU of initrd-tools 0.1.77

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tag 291362 + fixed
Bug#291362: crypto support broke root on LVM
There were no tags set.
Bug#291006: installation-reports: LVM install failed due to missing dmsetup
Tags added: fixed

 quit
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291504: marked as done (hwtools: man page buffer.1.gz conflicts with the one from the buffer package)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 14:47:28 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291138: fixed in hwtools 0.8-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 21 Jan 2005 07:35:18 +
From [EMAIL PROTECTED] Thu Jan 20 23:35:18 2005
Return-path: [EMAIL PROTECTED]
Received: from smtp9.wanadoo.fr [193.252.22.22] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CrtKA-0001RZ-00; Thu, 20 Jan 2005 23:35:18 -0800
Received: from me-wanadoo.net (localhost [127.0.0.1])
by mwinf0907.wanadoo.fr (SMTP Server) with ESMTP id 7C9F71C00164;
Fri, 21 Jan 2005 08:34:47 +0100 (CET)
Received: from argos.server.maison 
(AToulouse-152-1-37-241.w82-125.abo.wanadoo.fr [82.125.147.241])
by mwinf0907.wanadoo.fr (SMTP Server) with ESMTP id 4CE451C0015C;
Fri, 21 Jan 2005 08:34:47 +0100 (CET)
X-ME-UUID: [EMAIL PROTECTED]
Received: from prahal by argos.server.maison with local (Exim 4.43)
id 1CrtJe-sB-Da; Fri, 21 Jan 2005 08:34:46 +0100
Date: Fri, 21 Jan 2005 08:34:46 +0100
From: [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: hwtools: man page buffer.1.gz conflicts with the one from the buffer 
package
Message-ID: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 3.6
Sender: [EMAIL PROTECTED]
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.4 required=4.0 tests=BAYES_00,HAS_PACKAGE,
NO_REAL_NAME autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: hwtools
Version: 0.8-3
Severity: normal

Preparing to replace hwtools 0.8-3 (using .../hwtools_0.8-4_i386.deb)
...
Unpacking replacement hwtools ...
dpkg: error processing /var/cache/apt/archives/hwtools_0.8-4_i386.deb
(--unpack):
 trying to overwrite `/usr/share/man/man1/buffer.1.gz', which is also in
 package bufferdpkg-deb: subprocess paste killed by signal (Broken pipe)
 Errors were encountered while processing:
  /var/cache/apt/archives/hwtools_0.8-4_i386.deb


buffer an helper package for backup on tape . Mondo has a dependency on
it and flexbackup a suggest. 


I feel that both are wrong. buffer is a bad name for a binary,
especially wiht the unix fs layout.

Also dpkg -L hwtools does show no buffer tool , nor
any man page .


Alban

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)

Versions of packages hwtools depends on:
ii  debconf 1.4.42   Debian configuration management sy
ii  libc6   2.3.2.ds1-20 GNU C Library: Shared libraries an

-- debconf information:
  hwtools/no-scsi:


---
Received: (at 291138-close) by bugs.debian.org; 23 Jan 2005 19:53:04 +
From [EMAIL PROTECTED] Sun Jan 23 11:53:04 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsnnE-00082h-00; Sun, 23 Jan 2005 11:53:04 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Csnho-0005XY-00; Sun, 23 Jan 2005 14:47:28 -0500
From: Pierre Ancelot [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#291138: fixed in hwtools 0.8-5
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 14:47:28 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: hwtools
Source-Version: 0.8-5

We believe that the bug you reported is fixed in the latest version of
hwtools, which is due to be installed in the Debian FTP archive:

hwtools_0.8-5.diff.gz
  to pool/main/h/hwtools/hwtools_0.8-5.diff.gz
hwtools_0.8-5.dsc
  to pool/main/h/hwtools/hwtools_0.8-5.dsc
hwtools_0.8-5_i386.deb
  to pool/main/h/hwtools/hwtools_0.8-5_i386.deb



A summary of the 

Bug#291138: marked as done (hwtools: uninstallable)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 14:47:28 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291138: fixed in hwtools 0.8-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at bugs) by bugs.debian.org; 18 Jan 2005 23:14:30 +
From [EMAIL PROTECTED] Tue Jan 18 15:14:30 2005
Return-path: [EMAIL PROTECTED]
Received: from (krynn.se.axis.com) [212.209.10.221] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Cr2YP-0005uD-00; Tue, 18 Jan 2005 15:14:30 -0800
Received: from lassie.se.axis.com (lassie.se.axis.com [193.13.178.6])
by krynn.se.axis.com (8.12.9/8.12.9/Debian-5local0.1) with ESMTP id 
j0INDrKQ025146
for [EMAIL PROTECTED]; Wed, 19 Jan 2005 00:13:53 +0100
Received: from localhost (lassie.se.axis.com [193.13.178.6])
by lassie.se.axis.com (8.12.9/8.12.9/Debian-5local0.1) with ESMTP id 
j0INDrdA015376
for [EMAIL PROTECTED]; Wed, 19 Jan 2005 00:13:53 +0100
Date: Wed, 19 Jan 2005 00:13:53 +0100 (CET)
From: Cristian Ionescu-Idbohrn [EMAIL PROTECTED]
Reply-To: Cristian Ionescu-Idbohrn [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: hwtools: uninstallable
Message-ID: [EMAIL PROTECTED]
X-Sucks: micro$oft
X-User-Tracking: sucks
X-To-Spammers: [EMAIL PROTECTED]
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: hwtools
Version: 0.8-4
Severity: important

Preparing to replace hwtools 0.8-3 (using .../hwtools_0.8-4_i386.deb) ...
Unpacking replacement hwtools ...
dpkg: error processing
  /var/cache/apt/archives/hwtools_0.8-4_i386.deb (--unpack):
trying to overwrite `/usr/share/man/man1/buffer.1.gz', which
  is also in package buffer
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/hwtools_0.8-4_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


Cheers,
Cristian

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-1-k7
Locale: LANG=C, LC_CTYPE= (charmap=ANSI_X3.4-1968)

Versions of packages hwtools depends on:
ii  debconf 1.4.42   Debian configuration management sy
ii  libc6   2.3.2.ds1-20 GNU C Library: Shared libraries an

-- debconf information:
  hwtools/no-scsi:

---
Received: (at 291138-close) by bugs.debian.org; 23 Jan 2005 19:53:04 +
From [EMAIL PROTECTED] Sun Jan 23 11:53:04 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsnnE-00082h-00; Sun, 23 Jan 2005 11:53:04 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Csnho-0005XY-00; Sun, 23 Jan 2005 14:47:28 -0500
From: Pierre Ancelot [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#291138: fixed in hwtools 0.8-5
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 14:47:28 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: hwtools
Source-Version: 0.8-5

We believe that the bug you reported is fixed in the latest version of
hwtools, which is due to be installed in the Debian FTP archive:

hwtools_0.8-5.diff.gz
  to pool/main/h/hwtools/hwtools_0.8-5.diff.gz
hwtools_0.8-5.dsc
  to pool/main/h/hwtools/hwtools_0.8-5.dsc
hwtools_0.8-5_i386.deb
  to pool/main/h/hwtools/hwtools_0.8-5_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pierre Ancelot [EMAIL PROTECTED] (supplier of updated hwtools package)

(This message was generated 

Bug#291893: /usr/share/doc/gaim is empty

[Wichert Akkerman]

Package: gaim
Version: 1:1.1.2-1
Severity: serious

Topic says all. Marked serious since this means obligatory files like
changelogs and the copyright are missing.

Wichert.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages gaim depends on:
ii  gaim-data1:1.1.2-1   multi-protocol instant messaging c
ii  libao2   0.8.5-1 Cross Platform Audio Output Librar
ii  libaspell15  0.50.5-5The GNU Aspell spell-checker runti
ii  libatk1.0-0  1.8.0-4 The ATK accessibility toolkit
ii  libaudiofile00.2.6-5 Open-source version of SGI's audio
ii  libc62.3.2.ds1-20GNU C Library: Shared libraries an
ii  libgcrypt11  1.2.0-11LGPL Crypto library - runtime libr
ii  libglib2.0-0 2.6.1-2 The GLib library of C routines
ii  libgnutls11  1.0.16-13   GNU TLS library - runtime library
ii  libgtk2.0-0  2.4.14-2The GTK+ graphical user interface 
ii  libgtkspell0 2.0.8-1 a spell-checking addon for GTK's T
ii  libice6  4.3.0.dfsg.1-10 Inter-Client Exchange library
ii  libpango1.0-01.6.0-3 Layout and rendering of internatio
ii  libsm6   4.3.0.dfsg.1-10 X Window System Session Management
ii  libstartup-notification0 0.7-1   library for program launch feedbac
ii  libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii  xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291894: Uninstallable on i386

[J.H.M. Dassen (Ray)]

Package: devilspie
Version: 0.8-1
Severity: grave
Tags: sid

This version has a dependency libgtk2.0-0 (= 2.6.0) that is unfulfillable
in sid. Apparently the package was built on a system that had experimental
packages installed.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (800, 'unstable'), (750, 'experimental'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.29
Locale: LANG=C, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)

-- no debconf information
-- 
Obsig: developing a new sig


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#276800: erlang segmentation faults

[Brian Campbell]

I've taken a look into these problems.

Short version: Disable HiPE (--disable-hipe) or use Linux 2.6 if you
need to get Erlang 10 working properly on x86 as a matter of urgency.
Note that erlang 9 has similar problems, but they don't seem to occur
during startup.

The problem stems from the use of an alternate signal stack (see
erts/emulator/hipe/hipe_x86_signal.c for details) interacting badly with
Linuxthreads.  If you look at the straces, you'll see the SIGSEGV comes
immediately after SIGCHLD -- that's because it's the signal handler
wrapper in Linuxthreads that's dying.  If you use Linux 2.6, glibc
appears to give you NPTL instead of Linuxthreads, and it works.

I think the only reason Erlang 9 works is that the SIGCHLD is received
before the alternate stack stuff is set up, but I'm not sure.  You can
see the same effect if you start up erl and hit Ctrl-C though -- it
crashes rather than bringing up the break handler.  If Erlang needs to
handle other signals then it may well crash then too.

It's probably worth asking the debian glibc folks about this problem
(it'll break other programs too, this isn't a bug in erlang itself).  As
far as I can see, this would work if glibc is told it can assume at
least a 2.4 kernel when built (see the thread around
http://sources.redhat.com/ml/libc-alpha/2001-09/msg00035.html for
instance), but I can't really test it and don't know if it would cause
other difficulties which would prevent Debian using it.

Oh, and gentoo appear to have the same problem:

  http://bugs.gentoo.org/show_bug.cgi?id=69041

  Brian



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291893: marked as done (/usr/share/doc/gaim is empty)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 21:01:48 +
with message-id [EMAIL PROTECTED]
and subject line Bug#291893: /usr/share/doc/gaim is empty
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 23 Jan 2005 20:42:25 +
From [EMAIL PROTECTED] Sun Jan 23 12:42:24 2005
Return-path: [EMAIL PROTECTED]
Received: from home.wiggy.net (typhoon) [194.109.254.66] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsoYy-0005zF-00; Sun, 23 Jan 2005 12:42:24 -0800
Received: from wichert by typhoon with local (Exim 3.36 #1 (Debian))
id 1CsoYu-00034i-00; Sun, 23 Jan 2005 21:42:20 +0100
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Wichert Akkerman [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: /usr/share/doc/gaim is empty
X-Mailer: reportbug 3.6
Date: Sun, 23 Jan 2005 21:42:20 +0100
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: gaim
Version: 1:1.1.2-1
Severity: serious

Topic says all. Marked serious since this means obligatory files like
changelogs and the copyright are missing.

Wichert.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages gaim depends on:
ii  gaim-data1:1.1.2-1   multi-protocol instant messaging c
ii  libao2   0.8.5-1 Cross Platform Audio Output Librar
ii  libaspell15  0.50.5-5The GNU Aspell spell-checker runti
ii  libatk1.0-0  1.8.0-4 The ATK accessibility toolkit
ii  libaudiofile00.2.6-5 Open-source version of SGI's audio
ii  libc62.3.2.ds1-20GNU C Library: Shared libraries an
ii  libgcrypt11  1.2.0-11LGPL Crypto library - runtime libr
ii  libglib2.0-0 2.6.1-2 The GLib library of C routines
ii  libgnutls11  1.0.16-13   GNU TLS library - runtime library
ii  libgtk2.0-0  2.4.14-2The GTK+ graphical user interface 
ii  libgtkspell0 2.0.8-1 a spell-checking addon for GTK's T
ii  libice6  4.3.0.dfsg.1-10 Inter-Client Exchange library
ii  libpango1.0-01.6.0-3 Layout and rendering of internatio
ii  libsm6   4.3.0.dfsg.1-10 X Window System Session Management
ii  libstartup-notification0 0.7-1   library for program launch feedbac
ii  libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii  xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu

-- no debconf information

---
Received: (at 291893-done) by bugs.debian.org; 23 Jan 2005 21:01:42 +
From [EMAIL PROTECTED] Sun Jan 23 13:01:42 2005
Return-path: [EMAIL PROTECTED]
Received: from ppsw-0.csi.cam.ac.uk [131.111.8.130] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Csord-0001FC-00; Sun, 23 Jan 2005 13:01:42 -0800
Received: from quadrant.corpus.cam.ac.uk ([131.111.235.202]:34753)
by ppsw-0.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.130]:25)
with esmtp id 1CsorW-0001Q8-2G (Exim 4.44)
(return-path [EMAIL PROTECTED]); Sun, 23 Jan 2005 21:01:34 +
Message-ID: [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 21:01:48 +
From: Robert McQueen [EMAIL PROTECTED]
User-Agent: Debian Thunderbird 1.0 (X11/20050116)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Wichert Akkerman [EMAIL PROTECTED],  [EMAIL PROTECTED]
Subject: Re: Bug#291893: /usr/share/doc/gaim is empty
References: [EMAIL PROTECTED]
In-Reply-To: [EMAIL PROTECTED]
X-Enigmail-Version: 0.90.0.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
X-Cam-AntiVirus: No virus found
X-Cam-SpamDetails: Not scanned
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: 

Processed: Fixed in NMU of hydrogen 0.9.1-1.1

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tag 289950 + fixed
Bug#289950: hydrogen: please rebuild against latest libflac-dev
Tags were: sid
Tags added: fixed

 quit
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291701: marked as done (ntop: FTBFS: Can't satisify build dependencies.)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 16:17:16 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#291701: fixed in ntop 2:3.0-4
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 22 Jan 2005 15:02:12 +
From [EMAIL PROTECTED] Sat Jan 22 07:02:12 2005
Return-path: [EMAIL PROTECTED]
Received: from europa.telenet-ops.be [195.130.132.60] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsMmB-0003on-00; Sat, 22 Jan 2005 07:02:12 -0800
Received: from localhost (localhost.localdomain [127.0.0.1])
by europa.telenet-ops.be (Postfix) with SMTP id 05495198055
for [EMAIL PROTECTED]; Sat, 22 Jan 2005 16:02:11 +0100 (MET)
Received: from Q.roeckx.be (dD5775FD9.access.telenet.be [213.119.95.217])
by europa.telenet-ops.be (Postfix) with ESMTP id E6DC2198111
for [EMAIL PROTECTED]; Sat, 22 Jan 2005 16:02:10 +0100 (MET)
Received: by Q.roeckx.be (Postfix, from userid 501)
id B20C126137; Sat, 22 Jan 2005 16:02:10 +0100 (CET)
Date: Sat, 22 Jan 2005 16:02:10 +0100
From: Kurt Roeckx [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: ntop: FTBFS: Can't satisify build dependencies.
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: ntop
Version: 2:3.0-3
Severity: serious

Hi,

It seems rrdtool changed it's dependency again, now from
libgd2-xpm-dev to libgd2-noxpm-dev, and you're build depending on
libgd2-xpm-dev, and those conflict.


Kurt


---
Received: (at 291701-close) by bugs.debian.org; 23 Jan 2005 21:23:13 +
From [EMAIL PROTECTED] Sun Jan 23 13:23:13 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CspCT-0003ew-00; Sun, 23 Jan 2005 13:23:13 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Csp6i-0001bY-00; Sun, 23 Jan 2005 16:17:16 -0500
From: Ola Lundqvist [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#291701: fixed in ntop 2:3.0-4
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 16:17:16 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 2

Source: ntop
Source-Version: 2:3.0-4

We believe that the bug you reported is fixed in the latest version of
ntop, which is due to be installed in the Debian FTP archive:

ntop_3.0-4.diff.gz
  to pool/main/n/ntop/ntop_3.0-4.diff.gz
ntop_3.0-4.dsc
  to pool/main/n/ntop/ntop_3.0-4.dsc
ntop_3.0-4_i386.deb
  to pool/main/n/ntop/ntop_3.0-4_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ola Lundqvist [EMAIL PROTECTED] (supplier of updated ntop package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Mon,  4 Oct 2004 20:42:15 +0200
Source: ntop
Binary: ntop
Architecture: source i386
Version: 2:3.0-4
Distribution: unstable
Urgency: low
Maintainer: Ola Lundqvist [EMAIL PROTECTED]
Changed-By: Ola Lundqvist [EMAIL PROTECTED]
Description: 
 ntop   - display network usage in top-like format
Closes: 273870 291701
Changes: 
 ntop (2:3.0-4) unstable; urgency=low
 .
   * Fixed dependency problem with libgd2-xpm by build depending on
 libgd2-noxpm-dev instead, closes: #273870, #291701.
Files: 
 d2bb1040e6e2c9ce19bf0ecf445c2a5e 708 net optional ntop_3.0-4.dsc
 

Bug#289865: marked as done (libmd5-perl fails to build on arm processor)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 16:53:07 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#289865: libmd5-perl fails to build on arm processor
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 11 Jan 2005 13:35:38 +
From [EMAIL PROTECTED] Tue Jan 11 05:35:37 2005
Return-path: [EMAIL PROTECTED]
Received: from tomts24-srv.bellnexxia.net [209.226.175.187] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CoMBN-0004fK-00; Tue, 11 Jan 2005 05:35:37 -0800
Received: from rcserver1.ruggedcom.local ([67.69.26.42])
  by tomts24-srv.bellnexxia.net
  (InterMail vM.5.01.06.10 201-253-122-130-110-20040306) with ESMTP
  id [EMAIL PROTECTED]
  for [EMAIL PROTECTED]; Tue, 11 Jan 2005 08:35:34 -0500
Received: from localhost ([10.0.0.30] RDNS failed) by rcserver1.ruggedcom.local 
with Microsoft SMTPSVC(5.0.2195.6713);
 Tue, 11 Jan 2005 08:35:33 -0500
Received: from michaelgalea by localhost with local (Exim 4.34)
id 1CoMBJ-0007PX-GW; Tue, 11 Jan 2005 08:35:33 -0500
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Michael Galea [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: libmd5-perl fails to build on arm processor
X-Mailer: reportbug 3.2
Date: Tue, 11 Jan 2005 08:35:33 -0500
Message-Id: [EMAIL PROTECTED]
X-OriginalArrivalTime: 11 Jan 2005 13:35:33.0922 (UTC) 
FILETIME=[6D27F020:01C4F7E2]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: libmd5-perl
Version: 2.03-1
Severity: grave
Justification: renders package unusable



-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: arm (armv5tel)
Kernel: Linux 2.4.27-5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages libmd5-perl depends on:
ii  perl  5.8.4-3Larry Wall's Practical Extraction 

-- no debconf information
Here is the offending portion of dpkg-buildpackage..
cp MD5.pm blib/lib/MD5.pm
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e
test_harness(0, 'blib/lib', 'blib/arch') t/*.t
t/md5FAILED tests 10-11
Failed 2/14 tests, 85.71% okay
Failed Test Stat Wstat Total Fail  Failed  List of Failed

---
t/md5.t   142  14.29%  10-11
Failed 1/1 test scripts, 0.00% okay. 2/14 subtests failed,
85.71% okay.
make[1]: *** [test_dynamic] Error 255
make[1]: Leaving directory
`/debian/image/rr1/test/libmd5-perl-2.03'

---
Received: (at 289865-done) by bugs.debian.org; 23 Jan 2005 21:53:22 +
From [EMAIL PROTECTED] Sun Jan 23 13:53:22 2005
Return-path: [EMAIL PROTECTED]
Received: from manifestresearch.com (server1.manifestresearch.com) 
[64.39.15.228] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Cspfd-0002XV-00; Sun, 23 Jan 2005 13:53:21 -0800
Received: from [192.168.158.36] (localhost [127.0.0.1])
(authenticated)
by server1.manifestresearch.com (8.11.6/8.11.6) with ESMTP id 
j0NMDTa31421;
Sun, 23 Jan 2005 16:13:29 -0600
Subject: Re: Bug#289865: libmd5-perl fails to build on arm processor
From: Jay Bonci [EMAIL PROTECTED]
To: Steve Langasek [EMAIL PROTECTED], [EMAIL PROTECTED]
In-Reply-To: [EMAIL PROTECTED]
References: [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1; 
protocol=application/pgp-signature; boundary==-Nk99qe4V+7an/0oglOGf
Date: Sun, 23 Jan 2005 16:53:07 -0500
Message-Id: [EMAIL PROTECTED]
Mime-Version: 1.0
X-Mailer: Evolution 2.0.3 
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 


--=-Nk99qe4V+7an/0oglOGf
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Thanks for the second opinion steve. I have no way of testing it, but it
seems somewhat 

Bug#288464: Patch for pytables 0.9.1-1.1 NMU

[Luk Claes]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
I intend to NMU pytables to fix the libucl0 bug (by rebuilding) and the
FTBFS (amd64/gcc-4.0) bug.
You can upload a version yourself in the coming 7 days to fix the bug(s)
as the NMU is uploaded to the DELAYED queue in 7-day.
Cheers
Luk
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB9B1b5UTeB5t8Mo0RAjinAKDOz5jGXeMQwt2RYAJEuRJNiNXz2wCfa3hb
+rUEImlLMB/0mPblCRFAulc=
=fr3k
-END PGP SIGNATURE-
diff -Nru pytables-0.9.1.orig/debian/changelog pytables-0.9.1/debian/changelog
--- pytables-0.9.1.orig/debian/changelog2005-01-23 22:40:52.0 
+0100
+++ pytables-0.9.1/debian/changelog 2005-01-20 21:58:45.0 +0100
@@ -1,16 +1,24 @@
+pytables (0.9.1-1.1) unstable; urgency=high
+
+   * Non-maintainer upload.
+   * Rebuilt (Closes: #288464).
+   * src/hdf5Extension.c: applied patch for amd64/gcc-4.0 (Closes: #287972)
+
+ -- Luk Claes [EMAIL PROTECTED]  Thu, 20 Jan 2005 20:08:41 +0100
+ 
 pytables (0.9.1-1) unstable; urgency=low
 
* New upstream release. Mainly a maintenance release.
 
  -- Francesc Alted [EMAIL PROTECTED]  Thu, 09 Dec 2004 17:27:04 +0100
-
+ 
 pytables (0.9-1) unstable; urgency=low
 
* New upstream release. Introduced indexation, support of complex numbers
and update of object elements.
-   
+
  -- Francesc Alted [EMAIL PROTECTED]  Fri, 05 Nov 2004 18:10:58 +0100
-
+
 pytables (0.8.1-4) unstable; urgency=high
 
* Recompiled to get a proper dependency on libucl (=1.03-1).
diff -Nru pytables-0.9.1.orig/src/hdf5Extension.c 
pytables-0.9.1/src/hdf5Extension.c
--- pytables-0.9.1.orig/src/hdf5Extension.c 2004-12-02 14:17:54.0 
+0100
+++ pytables-0.9.1/src/hdf5Extension.c  2005-01-20 20:12:29.0 +0100
@@ -12971,7 +12971,7 @@
 static PyObject *__pyx_tp_new_13hdf5Extension_Row(PyTypeObject *t, PyObject 
*a, PyObject *k) {
   PyObject *o = (*t-tp_alloc)(t, 0);
   struct __pyx_obj_13hdf5Extension_Row *p = (struct 
__pyx_obj_13hdf5Extension_Row *)o;
-  (struct __pyx_vtabstruct_13hdf5Extension_Row *)p-__pyx_vtab = 
__pyx_vtabptr_13hdf5Extension_Row;
+  p-__pyx_vtab = __pyx_vtabptr_13hdf5Extension_Row;
   p-_table = Py_None; Py_INCREF(p-_table);
   p-_fields = Py_None; Py_INCREF(p-_fields);
   p-_recarray = Py_None; Py_INCREF(p-_recarray);

Bug#281655: info2www: Cross-site scripting vulnerability

[Justin Pryzby]

tags 281655 patch
thanks

I've included a 2-line patch which implements some output
sanitization.  I can't find any other instance where this is a
problem, but don't take my word for it; I haven't followed the code
*that* closely.

Since info filenames/titles can be named anything (which is a Good
Thing), the way to handle this is to escape '' (and '' while we're
at it).  This prevents anyone from sticking any html anywhere.

I would also like to see this code use perl -T (for testing, as well
as for installation, I think).  I will probably play with this later
tonight.

I've never used perl -T before and it may very well break this program
horribly.

Justin

On Sun, Jan 23, 2005 at 11:56:50AM -0500, pryzbyj wrote:
 On Sun, Jan 23, 2005 at 05:12:15PM +0100, Uwe Hermann wrote:
  Hi,
  
  sorry, the mail about this bug somehow got lost in my inbox...
  
  (CC to debian-devel, any help with this issue is welcome)
  
  
  On Wed, Nov 17, 2004 at 03:45:55AM +0100, Nicolas Gregoire wrote:
   Package: info2www
   Version: 1.2.2.9-22
   Severity: normal
   Tags: security
   
   There's a XSS vulnerabilty in the info2www CGI.
   
   The following URL will display the document location using Javascript :
   /cgi-bin/info2www?(coreutils)scriptalert(document.location)script
  
  Hm, seems like I can't reproduce this. If I enter the above URL in a
  browser (I tried Galeon and Firefox) I get:
 If I change it to /script then I can reproduce the alleged problem.  I
 guess I don't understand XSS vulnerabilities...  The whole point is
 that mallicious Mallory can post a link to nonmallicious site
 nice.com/cgi-bin/info2wwwscriptalert(Boo!)/script?  That still
 seems like a nonissue, because Mallory could just as easily have put
 an alert() on his own page (okay, maybe if mallory's page is in a
 mallicious list, and nice.com is in a trusted list it makes
 sense).
 
   Every user-supplied parameter should be sanitized before use.
  
  ACK, I'll try to check the code, but it won't be easy I guess. The code
  is from 1996, unmaintained and quite surely contains lots more security
  issues.
 This shouldn't be difficult, really.  The only user input comes from
 the URL, and it should probably be restricted to certain character
 ranges [a-z0-9-] or something.
--- info2www2005-01-23 17:38:28.0 -0500
+++ /tmp/info2www.patch 2005-01-23 17:39:52.0 -0500
@@ -1138,8 +1138,6 @@
 # Print an HTML error message
 sub Error {
 local($reason) = @_;
-$reason=~s//lt;/gs;
-$reason=~s//gt;/gs;
 print STRONGSorry! - $reason/STRONG\nP\n;
 return(0);
 }

Processed: abi change, -1 to -2

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 reassign 270385 kernel-image-2.6.8-2-386
Bug#270385: [i386] [20040905] SCSI controller DDRS-39130W not recognized in 2.6
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 271773 kernel-image-2.6.8-2-386
Bug#271773: kernel-image-2.6.8-1-386: ACPI-boot failure on IBM Laptop
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 273171 kernel-image-2.6.8-2-386
Bug#273171: CDROM undetected
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug#279902: CDROM not detected on Intel 440BX based system
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 275074 kernel-image-2.6.8-2-386
Bug#275074: kernel-image-2.6.8-1-386 (2.6.8-3) 
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 275991 kernel-image-2.6.8-2-386
Bug#275991: kernel-image-2.6.8-1-386: upgrade 2.6.8-3 - 2.6.8-4 broke 800x600 
vesa mode on neofb
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 277736 kernel-image-2.6.8-2-386
Bug#277736: NAPI not enabled - should be
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 279244 kernel-image-2.6.8-2-386
Bug#279244: hda1 not recognized
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 279902 kernel-image-2.6.8-2-386
Bug#279902: CDROM not detected on Intel 440BX based system
Bug#273171: CDROM undetected
Bug reassigned from package `kernel-image-2.6.8-2-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 283098 kernel-image-2.6.8-2-386
Bug#283098: kernel-image-2.6.8-1-386: Problem transferring file from 
ftp://space.mit.edu
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 285077 kernel-image-2.6.8-2-386
Bug#285077: Badness in device_release
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 286328 kernel-image-2.6.8-2-386
Bug#286328: kernel-image-2.6.8-1-386: removal of kvm causes system crash
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 287278 kernel-image-2.6.8-2-386
Bug#287278: kernel-image-2.6.8-1-386: ehci-hcd does not initialize on some 
motherboards 
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 289250 kernel-image-2.6.8-2-386
Bug#289250: Suggest that sarge kernel-image-2.6.8-1-386 have vesafb compiled 
in, not as module
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 290328 kernel-image-2.6.8-2-386
Bug#290328: kernel-image-2.6.8-1-386: slab error in kmem_cache_destroy(): cache 
`scsi_cmd_cache': Can't free all objects
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 290398 kernel-image-2.6.8-2-386
Bug#290398: usb_storage issue:  A (not so) funny way to (or to not) delete 
files.
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 291348 kernel-image-2.6.8-2-386
Bug#291348: kernel-image-2.6.8: SiS USB 1.0 Controller Fails in Bulk Transport 
with, 2.6.8, fixed in 2.6.10
Warning: Unknown package 'kernel-image-2.6.8-1-386'
Bug reassigned from package `kernel-image-2.6.8-1-386' to 
`kernel-image-2.6.8-2-386'.

 reassign 271099 kernel-image-2.6.8-2-686
Bug#271099: kernel-image-2.6.7-1-686: Scheduling while atomic during rmmod 
aic7xxx
Warning: Unknown package 'kernel-image-2.6.8-1-686'
Bug reassigned from package `kernel-image-2.6.8-1-686' to 
`kernel-image-2.6.8-2-686'.

 reassign 271670 kernel-image-2.6.8-2-686
Bug#271670: kernel-image-2.6.8-1-686: Useless broken symlink 
/lib/modules/2.6.8-1-686/source .
Warning: Unknown package 'kernel-image-2.6.8-1-686'
Bug reassigned from package `kernel-image-2.6.8-1-686' to 
`kernel-image-2.6.8-2-686'.

 reassign 271882 kernel-image-2.6.8-2-686
Bug#271882: kernel-image-2.6.8-1-686: Upgrade 2.6.7 = 2.6.8 breaks the module 
pcnet32
Warning: Unknown package 'kernel-image-2.6.8-1-686'
Bug reassigned from package `kernel-image-2.6.8-1-686' to 

Bug#291709: reassign to libmisdn-dev

[Matt Kraai]

Howdy,

It appears that libmisdn-dev does not provide a shared library, so I
think this should be reassigned there.

-- 
Matt


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#271427: Debian bug #271427

[Dafydd Harries]

I've been taking a look at this bug and trying to understand the
situation.

As far as I can tell, upstream releases are at

ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/fonts/

and there is a derivative set of fonts by Valek Filippov at

ftp://ftp.gnome.ru/fonts/urw/release/

which contains extra Cyrillic glyphs, but not all of the glyphs in the
original font.

Upstream is aware of the problem with the font and is trying to
coordinate a new release, but it seems there is some sort of
communication problem with Valek.

I don't understand how changes are merged back and forth between these
branches.

A glance at Century Schoolbook L Roman from both sources indicates that
the former has an incorrect version of U+045B and that the latter has a
a correct version.

It seems to me it would be possible to use Fontforge (or a comparable
tool, if one exists) to copy-and-paste the correct glyphs by hand from
Valek's fonts into each of the problematic ghostscript.com fonts without
any undesirable side-effects.

Since the .pfb files are binary, it will not be possible to generate a
patch, but the modified .pfb and .afm files will need to be copied into
the source of the package and a new version number decided upon.

-- 
Dafydd


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291595: hwtools_0.8-4_i386.deb: fails to install

[Martin Michlmayr]

reassign 291595 hwtools
tags 291595 + fixed
thanks

* AR [EMAIL PROTECTED] [2005-01-21 13:06]:
 Package: hwtools_0.8-4_i386.deb
 Version: hwtools

  trying to overwrite `/usr/share/man/man1/buffer.1.gz', which is also in

This has been fixed in 0.8-5.

-- 
Martin Michlmayr
http://www.cyrius.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#281655: info2www: Cross-site scripting vulnerability

[Justin Pryzby]

On Sun, Jan 23, 2005 at 05:42:04PM -0500, pryzbyj wrote:
 tags 281655 patch
 thanks
 
 I've included a 2-line patch which implements some output
 sanitization.  I can't find any other instance where this is a
 problem, but don't take my word for it; I haven't followed the code
 *that* closely.
 
 Since info filenames/titles can be named anything (which is a Good
 Thing), the way to handle this is to escape '' (and '' while we're
 at it).  This prevents anyone from sticking any html anywhere.
 
 I would also like to see this code use perl -T (for testing, as well
 as for installation, I think).  I will probably play with this later
 tonight.
 
 I've never used perl -T before and it may very well break this program
 horribly.
It broke it, but not horribly.  The only complain (check apache's
error log) is about $ENV{'PATH'}.  The Debian fix is to just set
$ENV{'PATH'}=/bin:/usr/bin (or even just leave it untouched, maybe).

So, in addition to the previous patch, I suggest that the script runs
with #!/usr/bin/perl -T, and that the ENV variable is either set
absolutely, or not changed at all.

 Justin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291651: marked as done (straw: depends on experimental libraries)

[Debian Bug Tracking System]

Your message dated Mon, 24 Jan 2005 01:21:18 +
with message-id [EMAIL PROTECTED]
and subject line straw: depends on experimental libraries
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 22 Jan 2005 03:49:30 +
From [EMAIL PROTECTED] Fri Jan 21 19:49:30 2005
Return-path: [EMAIL PROTECTED]
Received: from smtp01.mrf.mail.rcn.net [207.172.4.60] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsCHC-000765-00; Fri, 21 Jan 2005 19:49:30 -0800
Received: from 208-58-77-33.c3-0.grg-ubr3.lnh-grg.md.cable.rcn.com 
([208.58.77.33] helo=tux.internal.ucko.debian.net)
by smtp01.mrf.mail.rcn.net with esmtp (Exim 3.35 #7)
id 1CsCHB-0001RS-00
for [EMAIL PROTECTED]; Fri, 21 Jan 2005 22:49:29 -0500
Received: from amu by tux.internal.ucko.debian.net with local (Exim 4.43)
id 1CsCHA-00011m-NC
for [EMAIL PROTECTED]; Fri, 21 Jan 2005 22:49:28 -0500
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Aaron M. Ucko [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: straw: depends on experimental libraries
X-Mailer: reportbug 3.6
Date: Fri, 21 Jan 2005 22:49:28 -0500
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
X-SA-Exim-Connect-IP: locally generated
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: straw
Version: 0.25.1-3
Severity: grave
Justification: renders package unusable (uninstallable)

The following packages have unmet dependencies:
  straw: Depends: libgtk2.0-0 (= 2.6.0) but 2.4.14-2 is installed.
 Depends: libpango1.0-0 (= 1.8.0) but 1.6.0-3 is installed.

Please rebuild against packages that are actually available in sid.
(Given that the package is now orphaned, perhaps I should just do that
myself?  I have no interest in, or time to spare for, adopting it
long-term, though.)

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages straw depends on:
ii  gconf2  2.8.1-4  GNOME configuration database syste
ii  libatk1.0-0 1.8.0-4  The ATK accessibility toolkit
ii  libc6   2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libglib2.0-02.6.1-2  The GLib library of C routines
ii  libgtk2.0-0 2.4.14-2 The GTK+ graphical user interface 
ii  libpango1.0-0   1.6.0-3  Layout and rendering of internatio
ii  python  2.3.4-6  An interactive high-level object-o
ii  python2.3   2.3.4-19 An interactive high-level object-o
ii  python2.3-egenix-mxdatetime 2.0.5-2  Date and time handling routines fo
ii  python2.3-glade22.4.1-2  GTK+ bindings: Glade support
ii  python2.3-gnome22.6.1-1  Python bindings for the GNOME desk
ii  python2.3-gtk2  2.4.1-2  Python bindings for the GTK+ widge

-- no debconf information

---
Received: (at 291651-done) by bugs.debian.org; 24 Jan 2005 01:21:22 +
From [EMAIL PROTECTED] Sun Jan 23 17:21:22 2005
Return-path: [EMAIL PROTECTED]
Received: from ppsw-6.csi.cam.ac.uk [131.111.8.136] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Cssuw-00071U-00; Sun, 23 Jan 2005 17:21:22 -0800
Received: from student.cusu.cam.ac.uk ([131.111.179.82]:47283 
helo=kern.srcf.societies.cam.ac.uk)
by ppsw-6.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.136]:25)
with esmtp id 1Cssus-00043e-LR (Exim 4.44) for [EMAIL PROTECTED]
(return-path [EMAIL PROTECTED]); Mon, 24 Jan 2005 01:21:18 +
Received: from hmw26 by kern.srcf.societies.cam.ac.uk with local (Exim 3.35 #1 
(Debian))
id 1Cssus-0001wK-00
for [EMAIL PROTECTED]; Mon, 24 Jan 2005 01:21:18 +
Date: Mon, 24 Jan 2005 01:21:18 +
From: Hanna M. Wallach [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: straw: depends on experimental libraries
Message-ID: [EMAIL PROTECTED]

Bug#287788: marked as done (gtkboard: doc-base file is invalid)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 20:47:07 -0500
with message-id [EMAIL PROTECTED]
and subject line Bug#287788: fixed in gtkboard 0.11pre0-4
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 30 Dec 2004 01:38:27 +
From [EMAIL PROTECTED] Wed Dec 29 17:38:27 2004
Return-path: [EMAIL PROTECTED]
Received: from postfix4-1.free.fr [213.228.0.62] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CjpGk-0004Dq-00; Wed, 29 Dec 2004 17:38:27 -0800
Received: from bylbo.nowhere.earth (nanterre-1-81-57-214-146.fbx.proxad.net 
[81.57.214.146])
by postfix4-1.free.fr (Postfix) with ESMTP id E1CFF21A5D6;
Thu, 30 Dec 2004 02:38:25 +0100 (CET)
Received: from dwitch by bylbo.nowhere.earth with local (Exim 4.34)
id 1CjpLR-000875-6f; Thu, 30 Dec 2004 02:43:17 +0100
Date: Thu, 30 Dec 2004 02:43:17 +0100
From: Yann Dirson [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: gtkboard: doc-base file is invalid
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Debbugs-Cc: [EMAIL PROTECTED]
X-Reportbug-Version: 3.5
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: gtkboard
Version: 0.11pre0-3
Severity: serious
Tags: sid

Setting up gtkboard (0.11pre0-3) ...
error in control file: `Format' value not specified at /usr/sbin/install-docs 
line 615, IN line 17.
dpkg: error processing gtkboard (--configure):
 subprocess post-installation script returned error exit status 9


The doc-base file contains 2 Document definitions.  This is invalid,
and we should have 2 files instead - I guess that's the cause of the
error, although the message is quite unclear.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i586)
Kernel: Linux 2.4.27-k6
Locale: LANG=C, LC_CTYPE=french (charmap=ISO-8859-1)

Versions of packages gtkboard depends on:
ii  libatk1.0-0 1.8.0-4  The ATK accessibility toolkit
ii  libc6   2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libglib2.0-02.4.8-1  The GLib library of C routines
ii  libgtk2.0-0 2.4.14-2 The GTK+ graphical user interface 
ii  libpango1.0-0   1.6.0-3  Layout and rendering of internatio
ii  libsdl-mixer1.2 1.2.5-9  mixer library for Simple DirectMed
ii  libsdl1.2debian 1.2.7+1.2.8cvs20041007-3 Simple DirectMedia Layer

-- no debconf information

-- 
Yann Dirson[EMAIL PROTECTED] |
Debian-related: [EMAIL PROTECTED] |   Support Debian GNU/Linux:
|  Freedom, Power, Stability, Gratis
 http://ydirson.free.fr/| Check http://www.debian.org/

---
Received: (at 287788-close) by bugs.debian.org; 24 Jan 2005 01:53:03 +
From [EMAIL PROTECTED] Sun Jan 23 17:53:03 2005
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CstPb-0006on-00; Sun, 23 Jan 2005 17:53:03 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1CstJr-0006AK-00; Sun, 23 Jan 2005 20:47:07 -0500
From: [EMAIL PROTECTED] (Barak A. Pearlmutter)
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#287788: fixed in gtkboard 0.11pre0-4
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sun, 23 Jan 2005 20:47:07 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: gtkboard
Source-Version: 0.11pre0-4

We believe that the bug you reported is fixed in the latest version of
gtkboard, which is due to be installed in the Debian FTP archive:

gtkboard_0.11pre0-4.diff.gz
  to pool/main/g/gtkboard/gtkboard_0.11pre0-4.diff.gz

Bug#291845: marked as done (Bugs not fixed from 2.6.8)

[Debian Bug Tracking System]

Your message dated Sun, 23 Jan 2005 19:18:07 -0800
with message-id [EMAIL PROTECTED]
and subject line Bugs not fixed from 2.6.8
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 23 Jan 2005 16:33:35 +
From [EMAIL PROTECTED] Sun Jan 23 08:33:35 2005
Return-path: [EMAIL PROTECTED]
Received: from 80-218-227-31.dclient.hispeed.ch (hal9000) [80.218.227.31] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Cskg7-0002Jy-00; Sun, 23 Jan 2005 08:33:31 -0800
Received: from [192.168.42.12] (aragon [192.168.42.12])
by hal9000 (Postfix) with ESMTP id 69A7536C0D4
for [EMAIL PROTECTED]; Sun, 23 Jan 2005 17:33:21 +0100 (CET)
From: Peter Walser [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Bugs not fixed from 2.6.8
Date: Sun, 23 Jan 2005 17:33:26 +0100
User-Agent: KMail/1.7.2
MIME-Version: 1.0
Content-Type: text/plain;
  charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-4.3 required=4.0 tests=BAYES_00,FORGED_YAHOO_RCVD,
HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: kernel-image-2.6.8-i386
Version:  2.6.8-12
Severity:  grave

hi

Has someone looked at the bugs in kernel-image-2.6.8-1-386 and 
kernel-image-2.6.8-1-686?
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=kernel-image-2.6.8-1-386
Grave functionality bugs - outstanding (1 bug)
Important bugs - outstanding (5 bugs)
Normal bugs - outstanding (9 bugs)
Wishlist items - outstanding (1 bug)
Grave functionality bugs - resolved (2 bugs)
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=kernel-image-2.6.8-1-686
Critical bugs - outstanding (1 bug)
Important bugs - outstanding (8 bugs)
Normal bugs - outstanding (21 bugs)
Minor bugs - outstanding (2 bugs)
Wishlist items - outstanding (1 bug)
Normal bugs - resolved (1 bug)

At least not all bugs are tested, if they are still present and the  
people are not informed to test with the newer version 
kernel-image-2.6.8-2-686.
My bug #282800 is still not fixed and you shouldn't go out with this 
2.6.8. In Kernel 2.6.10 this bug is fixed.


Peter


---
Received: (at 291845-done) by bugs.debian.org; 24 Jan 2005 03:18:10 +
From [EMAIL PROTECTED] Sun Jan 23 19:18:10 2005
Return-path: [EMAIL PROTECTED]
Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (localhost.localdomain) 
[66.93.39.86] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Csujy-0007h4-00; Sun, 23 Jan 2005 19:18:10 -0800
Received: by localhost.localdomain (Postfix, from userid 1000)
id DAF78172286; Sun, 23 Jan 2005 19:18:07 -0800 (PST)
Date: Sun, 23 Jan 2005 19:18:07 -0800
From: Steve Langasek [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Bugs not fixed from 2.6.8
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol=application/pgp-signature; boundary=SUOF0GtieIMvvwua
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 2


--SUOF0GtieIMvvwua
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Peter,

These bugs have not been lost; there's really no reason to open new release
critical bugs just to point at release critical bugs that are already open.
If anything, the bugs open against the -1 kernel images probably need to be
reassigned to the -2 kernel images, but it should be confirmed that these
bugs are still present in the new images before doing so.

The bugs you've pointed to will be addressed before the sarge release.

--=20
Steve Langasek
postmodern programmer

--SUOF0GtieIMvvwua
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: Digital signature
Content-Disposition: inline

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFB9GjsKN6ufymYLloRAul0AKDRv5pq8bh4GbEcFyu3c3qphDS1hACfT9uj
G6bFDBECK8pxtO8W27iYkcw=
=TGec

Bug#271427: Debian bug #271427

[Ralph Giles]

Your summary is more or less accurate. We've never had much success
coordinating with fillippov. I don't know if it's a language barrier, 
lack of interest, or what.

Fontforge is the preferred editing tool for these fonts and the solution 
is as you suggest. In addition, after the new fontset is written out, 
the metrics should be checked against the published Adobe sets to make 
sure they match properly. (And perhaps also checked against previous 
gs-fonts releases to make sure there are at least no regressions.)

I think there are also some hinting problems that crept back into one of 
the releases.

It's not so much that we're upstream from Valek or vice versa. Better to 
think of us as two different distributions. He releases more often, and 
we're more careful with the quality of the distributions we make for use 
with Ghostscript.

Note that we have a resource problem getting all this done, which is the 
main reason it's years between releases. Help with the above steps and 
addressing the issues collected at 

  http://bugs.ghostscript.com/show_bug.cgi?id=687297

Would be much appreciated.

 -r


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#284952: The USB block device should be disabled

[Horms]

I have gone through and turned this off for everything except mips,
for which I am not sure about the structure of the package.

Apoliges in advance to kerenel-image maintainers if
I broke anything.

-- 
Horms


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291944: apache daemon segfaults on start

[JpL]

Package: apache
Version: 1.3.33-3
Severity: grave
Justification: renders package unusable


Unclear if this is a package mismatch issue or whether something more
serious is going on.  Can provide an strace on request.

-- System Information
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux xtient 2.4.20 #1 Wed Jun 18 13:54:20 EDT 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache depends on:
ii  apache-common   1.3.33-3 support files for all Apache webse
ii  debconf 1.4.39   Debian configuration management sy
ii  dpkg1.10.10  Package maintenance system for Deb
ii  libc6   2.3.2.ds1-13 GNU C Library: Shared libraries an
ii  libdb4.24.2.52-17Berkeley v4.2 Database Libraries [
ii  libexpat1   1.95.8-1 XML parsing C library - runtime li
ii  libmagic1   4.12-1   File type determination library us
ii  logrotate   3.6.5-2  Log rotation utility
ii  mime-support3.23-1   MIME files 'mime.types'  'mailcap
ii  perl5.8.4-3  Larry Wall's Practical Extraction 



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291362: marked as done (crypto support broke root on LVM)

[Debian Bug Tracking System]

Your message dated Mon, 24 Jan 2005 15:12:29 +0900
with message-id [EMAIL PROTECTED]
and subject line Fixed in NMU of initrd-tools 0.1.77
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 20 Jan 2005 10:15:09 +
From [EMAIL PROTECTED] Thu Jan 20 02:15:09 2005
Return-path: [EMAIL PROTECTED]
Received: from buexe.b-5.de [80.148.32.30] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CrZLJ-0007p9-00; Thu, 20 Jan 2005 02:15:09 -0800
Received: from antalya.lupe-christoph.de (antalya.lupe-christoph.de 
[172.17.0.9])
by buexe.b-5.de (8.12.3/8.12.3/b-5/buexe-3.4) with ESMTP id 
j0KAF50L018907
for [EMAIL PROTECTED]; Thu, 20 Jan 2005 11:15:06 +0100
Received: from localhost (localhost [127.0.0.1])
by antalya.lupe-christoph.de (Postfix) with ESMTP id A8F4AB886;
Thu, 20 Jan 2005 11:15:00 +0100 (CET)
Received: from antalya.lupe-christoph.de ([127.0.0.1])
by localhost (antalya [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 20221-01; Thu, 20 Jan 2005 11:14:54 +0100 (CET)
Received: by antalya.lupe-christoph.de (Postfix, from userid 1000)
id 743FFB885; Thu, 20 Jan 2005 11:14:54 +0100 (CET)
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Lupe Christoph [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: installation-reports: LVM install failed due to missing dmsetup
X-Mailer: reportbug 3.2
Date: Thu, 20 Jan 2005 11:14:54 +0100
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at lupe-christoph.de
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: installation-reports
Severity: important

Debian-installer-version:

http://cdimage.debian.org/pub/cdimage-testing/daily/i386/current/sarge-i386-netinst.iso
19-Jan-2005 23:05
uname -a: Install failed
Date: 2004-01-19 10:30
Method: CD-ROM based install
Machine: Homebrew
Processor: Athlon 64 3000
Memory: 1 GB
Root Device: Adaptec 2100S with two Fujitsu drives
Root Size/partition table: /boot as first 128 MB, rest of space in LVM,
so / /var swap et al are on LVM LVs
Output of lspci and lspci -n:

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot worked:[O]
Configure network HW:   [O]
Config network: [O]
Detect CD:  [O]
Load installer modules: [O]
Detect hard drives: [O]
Partition hard drives:  [O]
Create file systems:[O]
Mount partitions:   [O]
Install base system:[E]
Install boot loader:[ ]
Reboot: [ ]

Comments/Problems:

Kernel installation (2.4.27) failed because the initrd could not be
generated. dmsetup is missing.

Root is on a DM device, but dmsetup not installed
Failed to create initrd image.

Same happens with 2.6.8.

Manually installing dmsetup as /target/sbin/dmsetup before installing
the base system cures the problem. The dmsetup package must be part of
the base system to solve this permanently.

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (990, 'testing'), (100, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-lpc.6.k7
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

---
Received: (at 291362-done) by bugs.debian.org; 24 Jan 2005 06:23:21 +
From [EMAIL PROTECTED] Sun Jan 23 22:23:21 2005
Return-path: [EMAIL PROTECTED]
Received: from koto.vergenet.net [210.128.90.7] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsxdB-00083G-00; Sun, 23 Jan 2005 22:23:21 -0800
Received: by koto.vergenet.net (Postfix, from userid 7100)
id 4D6B434171; Mon, 24 Jan 2005 15:03:57 +0900 (JST)
Date: Mon, 24 Jan 2005 15:12:29 +0900
From: Horms [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Fixed in NMU of initrd-tools 0.1.77
Message-ID: [EMAIL PROTECTED]
References: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: [EMAIL PROTECTED]
X-Cluestick: seven
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]

Bug#291006: marked as done (installation-reports: LVM install failed due to missing dmsetup)

[Debian Bug Tracking System]

Your message dated Mon, 24 Jan 2005 15:12:29 +0900
with message-id [EMAIL PROTECTED]
and subject line Fixed in NMU of initrd-tools 0.1.77
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 18 Jan 2005 07:17:24 +
From [EMAIL PROTECTED] Mon Jan 17 23:17:24 2005
Return-path: [EMAIL PROTECTED]
Received: from mail.2wire.ch (ddba020.netstream.ch) [62.65.128.20] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CqncC-0003Sw-00; Mon, 17 Jan 2005 23:17:24 -0800
Received: (qmail 81467 invoked by uid 89); 18 Jan 2005 07:17:21 -
Received: from unknown (HELO ?192.168.0.5?) (80.238.207.94)
  by mail.2wire.ch with SMTP; 18 Jan 2005 07:17:21 -
Message-ID: [EMAIL PROTECTED]
Date: Tue, 18 Jan 2005 08:17:24 +0100
From: =?ISO-8859-15?Q?Tiziano_M=FCller?= [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Organization: dev-zero
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: de-DE, de, en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: Package: installation-reports
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: installation-reports

Debian-installer-version: Sid/Sarge 20050115, 
http://cdimage.debian.org/pub/cdimage-testing/sid_d-i/i386/20050115/sarge-i386-netinst.iso
uname -a: Linux ** 2.6.8-2-386
Date: 20040117 9:00 pm
Method: Guided installation with kernel 2.6 except partitioning (see below).

Machine: VMWare Virtual Machine
Processor: Intel P4 2.8 Ghz HT
Memory: 1024GB (256 in Virtual Machine)
Root Device: VMWare SCSI 4.0GB
Root Size/partition table: 

Device  Start   End Block   Id  
System  
/dev/scsi/host0/bus0/target0/lun0/part1 1   522 ... 8e  
Linux LVM

LVM:
/dev/system/root/
/dev/system/swapswap
/dev/system/homehome

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot worked:[O]
Configure network HW:   [O]
Config network: [O]
Detect CD:  [O]
Load installer modules: [O]
Detect hard drives: [O]
Partition hard drives:  [O]
Create file systems:[O]
Mount partitions:   [O]
Install base system:[O]
Install boot loader:[E]
Reboot: [E]

Comments/Problems:
- Installer should maybe warn someone who's trying to create the boot partition 
in an LVM-Volume (- grub can't install in LVM-Volume)
- dmsetup should be installed on the Installation-CD (Setting up 
kernel-image-2.6.8-1-386 (2.6.8-10)...Root is on a DM Device, but dmsetup not 
installed) 




---
Received: (at 291362-done) by bugs.debian.org; 24 Jan 2005 06:23:21 +
From [EMAIL PROTECTED] Sun Jan 23 22:23:21 2005
Return-path: [EMAIL PROTECTED]
Received: from koto.vergenet.net [210.128.90.7] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsxdB-00083G-00; Sun, 23 Jan 2005 22:23:21 -0800
Received: by koto.vergenet.net (Postfix, from userid 7100)
id 4D6B434171; Mon, 24 Jan 2005 15:03:57 +0900 (JST)
Date: Mon, 24 Jan 2005 15:12:29 +0900
From: Horms [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Fixed in NMU of initrd-tools 0.1.77
Message-ID: [EMAIL PROTECTED]
References: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: [EMAIL PROTECTED]
X-Cluestick: seven
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

I think this should be closed as tbm is actually
one of the initrd-tools maintainers.

I am closing accordingly. Please reopen if I am in error.

On Sun, Jan 23, 2005 at 01:47:19PM -0500, Martin Michlmayr wrote:
 tag 291362 + fixed
 
 quit
 
 This message was generated automatically in response to a
 non-maintainer upload.  

Processed: fixed package has reached sarge

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 tags 290974 +sid
Bug#290974: apache: Temporary usage bugs that can be used in symlink attacks
Tags were: sarge security
Tags added: sid

 close 290974
Bug#290974: apache: Temporary usage bugs that can be used in symlink attacks
'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing.
Bug closed, send any further explanations to Javier 
=?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= [EMAIL PROTECTED]

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291944: apache daemon segfaults on start

[Fabio Massimo Di Nitto]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
JpL wrote:
| Package: apache
| Version: 1.3.33-3
| Severity: grave
| Justification: renders package unusable
|
|
| Unclear if this is a package mismatch issue or whether something more
| serious is going on.  Can provide an strace on request.
|
It would be more important if you start providing your configurations.
Are you using php4? or other external modules? If so, disabling them,
does apache start? Mind to check if you updated it properly?
Fabio
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB9JkghCzbekR3nhgRAjxFAJ9/9CoGFwcVcB0IbvQYNcellN+GbwCglYpx
DDK2sIpZxU20fxiZVcgKTdA=
=Snvb
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]