Bug#267799: removing udev also works
For other reasons I decided to dispense with udev, and now the autoload happens as it should here, with removed the /etc/modules nvidia entry, and IGNORE_PCI_CLASS_DISPLAY is again true in my /etc/default/hotplug. Just confirming other people's reports... BTW, maybe the nvidia package should have reportbug collect the info on devfs/udev status on the reporting machine? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293117: .hplip.conf is created world writable
Package: hplip Version: 0.8.7-2 Severity: grave Justification: user security hole .hplip.conf is created in 666 mode. Since this conf file contains commands which may be launched using the user's right it can be used to cause unwanted process gain access to user's data, by putting specially crafted wrappers in the [commands] section. Solution is to create this file in 600 mode. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.9-2-k7 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages hplip depends on: ii cupsys 1.1.23-3 Common UNIX Printing System(tm) - ii hplip-data 0.8.7-2 HP Linux Printing and Imaging - da ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libcupsys2-gnutls10 1.1.23-3 Common UNIX Printing System(tm) - ii libgcc1 1:3.4.3-7GCC support library ii libsnmp55.1.2-6 NET SNMP (Simple Network Managemen ii libssl0.9.7 0.9.7e-3 SSL shared libraries ii libstdc++5 1:3.3.5-7The GNU Standard C++ Library v3 ii python 2.3.4-6 An interactive high-level object-o ii python-qt3 3.13-4 Qt3 bindings for Python (default v -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293118: sarg: hangs up using 99% processor time
Package: sarg Version: 2.0.2-1 Severity: grave Justification: renders package unusable Running sarg on 2 different server cause it to hang up and uses nearly all cpu time. The command line used is sarg -l /var/log/squid/access.log, the log file come from squid 2.5.7-5 using squidguard 1.2.0-5 as redirector. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27-2-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages sarg depends on: ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libgd2-noxpm2.0.33-1.1 GD Graphics Library version 2 (wit -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#293098: smb4k: Error message The file smb.conf could not be found when loading
Processing commands for [EMAIL PROTECTED]: severity 293098 normal Bug#293098: smb4k: Error message The file smb.conf could not be found when loading Severity set to `normal'. tags 293098 + moreinfo Bug#293098: smb4k: Error message The file smb.conf could not be found when loading There were no tags set. Tags added: moreinfo thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293098: smb4k: Error message The file smb.conf could not be found when loading
severity 293098 normal tags 293098 + moreinfo thanks On Mon, Jan 31, 2005 at 11:24:17PM -0500, Dan Taylor Jr. wrote: Package: smb4k Version: 0.5.0-1 Severity: grave Justification: renders package unusable When running smb4k, an error message The file smb.conf could not be found appears. Message reappears and repeats when entering the configuration dialog and exiting, as well as when expanding any hosts in the network neighborhood. This is eventually a samba-common problem. SMB4K needs a working configuration. Please, check it and reports. -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#293117: .hplip.conf is created world writable
Processing commands for [EMAIL PROTECTED]: tag 293117 + security upstream confirmed Bug#293117: .hplip.conf is created world writable There were no tags set. Tags added: security, upstream, confirmed thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293125: postgresql: LOAD security issue
Package: postgresql Version: 7.4.6-7 Severity: grave Tags: security Justification: user security hole Upstream has released new versions because of the LOAD security hole: http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php http://archives.postgresql.org/pgsql-announce/2005-02/msg0.php -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (800, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11-rc1fw Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages postgresql depends on: ii adduser 3.59Add and remove users and groups ii debconf [debconf 1.4.42 Debian configuration management sy ii debianutils 2.11.2 Miscellaneous utilities specific t ii libc62.3.2.ds1-20GNU C Library: Shared libraries an ii libcomerr2 1.36rc2-1 common error description library ii libkrb53 1.3.6-1 MIT Kerberos runtime libraries ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libperl5.8 5.8.4-5 Shared Perl library ii libpq3 7.4.6-6 PostgreSQL C client library ii libreadline4 4.3-15 GNU readline and history libraries ii libssl0.9.7 0.9.7e-3SSL shared libraries ii mailx1:8.1.2-0.20040524cvs-4 A simple mail user agent pn postgresql-clien Not found. ii procps 1:3.2.4-1 The /proc file system utilities ii python2.32.3.4-19An interactive high-level object-o ii ucf 1.13Update Configuration File: preserv ii zlib1g 1:1.2.2-4 compression library - runtime -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293117: .hplip.conf is created world writable
tag 293117 + security upstream confirmed thanks On Tue, 01 Feb 2005, Erwan David wrote: .hplip.conf is created in 666 mode. Eeek! Fix on the way. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: severity of 271033 is grave
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.8.10 severity 271033 grave Bug#271033: mdadm - is not able to properly assemble multipath device Severity set to `grave'. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293130: aptitude: [arm] FTBFS in experimental
Package: aptitude Version: 0.3.1-3 Severity: serious Tags: experimental Hmm, another error occured. /usr/include/sigc++-2.0/sigc++/type_traits.h:96: warning: all member functions in class `sigc::is_base_and_derivedT_base, T_derived' are private apt.cc: In function `bool package_trusted(const pkgCache::VerIterator)': apt.cc:481: error: `IsTrusted' undeclared (first use this function) apt.cc:481: error: (Each undeclared identifier is reported only once for each Full log is here. Automatic build of aptitude_0.3.1-3 on arm by sbuild/arm 1.170.5 Build started at 20050131-1617 ** Checking available source versions... Fetching source files... Reading Package Lists... Building Dependency Tree... Need to get 3220kB of source archives. Get:1 http://ftp2.de.debian.org ../project/experimental/main aptitude 0.3.1-3 (dsc) [768B] Get:2 http://ftp2.de.debian.org ../project/experimental/main aptitude 0.3.1-3 (tar) [3202kB] Get:3 http://ftp2.de.debian.org ../project/experimental/main aptitude 0.3.1-3 (diff) [16.6kB] Fetched 3220kB in 17s (187kB/s) Download complete and in download only mode ** Using build dependencies supplied by package: Build-Depends: libapt-pkg-dev (= 0.5.4.9), debhelper (= 4.0.0), libsigc++-2.0-dev, libncurses5-dev | libncurses-dev, gettext, g++ (= 4:3.2.2-0), docbook-xsl, xsltproc, html2text Warning: The following central src deps are (probably) missing: autoconf, automake, m4 Checking for already installed source dependencies... libapt-pkg-dev: missing debhelper: already installed (in sufficient version 4.2.30 = 4.0.0) libsigc++-2.0-dev: missing libncurses5-dev: already installed gettext: already installed g++: already installed (in sufficient version 4:3.3.5-1 = 4:3.2.2-0) docbook-xsl: missing xsltproc: missing html2text: already installed Checking for source dependency conflicts... /usr/bin/sudo /usr/bin/apt-get --purge $CHROOT_OPTIONS -q -y install libapt-pkg-dev libsigc++-2.0-dev docbook-xsl xsltproc Reading Package Lists... Building Dependency Tree... The following extra packages will be installed: libsigc++-2.0-0 sgml-base xml-core Suggested packages: libsigc++-2.0-doc sgml-base-doc Recommended packages: docbook-xml lynx www-browser httpd apache The following NEW packages will be installed: docbook-xsl libapt-pkg-dev libsigc++-2.0-0 libsigc++-2.0-dev sgml-base xml-core xsltproc 0 upgraded, 7 newly installed, 0 to remove and 29 not upgraded. Need to get 158kB/1570kB of archives. After unpacking 13.5MB of additional disk space will be used. Get:1 http://ftp.jp.debian.org unstable/main libsigc++-2.0-0 2.0.7-1 [28.2kB] Get:2 http://ftp.jp.debian.org unstable/main libsigc++-2.0-dev 2.0.7-1 [129kB] Fetched 158kB in 0s (621kB/s) Selecting previously deselected package sgml-base. (Reading database ... 25117 files and directories currently installed.) Unpacking sgml-base (from .../sgml-base_1.26_all.deb) ... Selecting previously deselected package xml-core. Unpacking xml-core (from .../archives/xml-core_0.09_all.deb) ... Selecting previously deselected package docbook-xsl. Unpacking docbook-xsl (from .../docbook-xsl_1.66.1-1_all.deb) ... Selecting previously deselected package libapt-pkg-dev. Unpacking libapt-pkg-dev (from .../libapt-pkg-dev_0.5.28.1_arm.deb) ... Selecting previously deselected package libsigc++-2.0-0. Unpacking libsigc++-2.0-0 (from .../libsigc++-2.0-0_2.0.7-1_arm.deb) ... Selecting previously deselected package libsigc++-2.0-dev. Unpacking libsigc++-2.0-dev (from .../libsigc++-2.0-dev_2.0.7-1_arm.deb) ... Selecting previously deselected package xsltproc. Unpacking xsltproc (from .../xsltproc_1.1.8-5_arm.deb) ... Setting up sgml-base (1.26) ... Setting up xml-core (0.09) ... Setting up docbook-xsl (1.66.1-1) ... Setting up libapt-pkg-dev (0.5.28.1) ... Setting up libsigc++-2.0-0 (2.0.7-1) ... Setting up libsigc++-2.0-dev (2.0.7-1) ... Setting up xsltproc (1.1.8-5) ... Checking correctness of source dependencies... Toolchain package versions: libc6-dev_2.3.2.ds1-20 linux-kernel-headers_2.5.999-test7-bk-17 gcc-3.3_1:3.3.5-6 g++-3.3_1:3.3.5-6 binutils_2.15-5 libstdc++5_1:3.3.5-6 libstdc++5-3.3-dev_1:3.3.5-6 -- dpkg-source: extracting aptitude in aptitude-0.3.1 dpkg-buildpackage: source package is aptitude dpkg-buildpackage: source version is 0.3.1-3 dpkg-buildpackage: host architecture is arm /usr/bin/fakeroot debian/rules clean dh_testdir dh_testroot rm -f build-stamp rm -fr debian/html-docs /usr/bin/make distclean make[1]: Entering directory `/build/buildd/aptitude-0.3.1' make[1]: *** No rule to make target `distclean'. Stop. make[1]: Leaving directory `/build/buildd/aptitude-0.3.1' make: [clean] Error 2 (ignored) dh_clean debian/rules build dh_testdir ./configure --prefix=/usr --mandir=\${prefix}/share/man --infodir=\${prefix}/share/info --disable-werror checking for a BSD-compatible
Bug#293133: configtest.php enabled by default
Package: squirrelmail Version: 1.4.4-1 Severity: serious Information leakage is enabled by default via the newly added /usr/share/squirrelmail/src/configtest.php Script which should be disabled (or as a minimum a Deny line should be added to the example apache.conf file). smime.p7s Description: S/MIME Cryptographic Signature
Processed: severity of 293079 is grave
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.8.5 severity 293079 grave Bug#293079: aolserver4-nsd does not run on Alpha Severity set to `grave'. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging 293125
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.8.6 tags 293125 woody sarge sid Bug#293125: postgresql: LOAD security issue Tags were: security Tags added: woody, sarge, sid End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292726: marked as done (buffer overflow in charset (CAN-2005-0086))
Your message dated Tue, 01 Feb 2005 12:24:33 +0100 with message-id [EMAIL PROTECTED] and subject line Bug#292726: buffer overflow in charset (CAN-2005-0086) has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 29 Jan 2005 06:06:00 + From [EMAIL PROTECTED] Fri Jan 28 22:06:00 2005 Return-path: [EMAIL PROTECTED] Received: from kitenet.net [64.62.161.42] (postfix) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Culk8-bk-00; Fri, 28 Jan 2005 22:06:00 -0800 Received: from dragon.kitenet.net (243.80-203-46.nextgentel.com [80.203.46.243]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN Joey Hess, Issuer Joey Hess (verified OK)) by kitenet.net (Postfix) with ESMTP id 8049218207 for [EMAIL PROTECTED]; Sat, 29 Jan 2005 06:05:59 + (GMT) Received: by dragon.kitenet.net (Postfix, from userid 1000) id 429F36E10B; Sat, 29 Jan 2005 07:08:08 +0100 (CET) Date: Sat, 29 Jan 2005 07:08:08 +0100 From: Joey Hess [EMAIL PROTECTED] To: Debian Bug Tracking System [EMAIL PROTECTED] Subject: buffer overflow in charset (CAN-2005-0086) Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol=application/pgp-signature; boundary=qMm9M+Fa2AknHoGS Content-Disposition: inline X-Reportbug-Version: 3.6 User-Agent: Mutt/1.5.6+20040907i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: less Version: 382-2 Severity: grave Tags: security patch less is vulnerable to a head-based buffer overflow that can be triggered by viewing certian binary files. This is theoretically exploitable by providing a user with such a file and waiting for him to run less on it. The problem was discovered by redhat and involves the expand_linebuf function neglecting to expand the size of the charset buffer when it expands the other buffers. Details in their BTS, including a test case and a patch: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=3D145527 I tried to exploit it on Debian but failed to see the crash, however this could be due to setup differences from red hat. The code seems to be the same. Please use CAN-2005-0086 when referring to this security hole. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=3Den_US.UTF-8, LC_CTYPE=3Den_US.UTF-8 (charmap=3DUTF-8) Versions of packages less depends on: ii debianutils 2.11.2 Miscellaneous utilities specif= ic t ii libc6 2.3.2.ds1-20 GNU C Library: Shared librarie= s an ii libncurses5 5.4-4Shared libraries for terminal = hand -- no debconf information --=20 see shy jo --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature; name=signature.asc Content-Description: Digital signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFB+yhHd8HHehbQuO8RArN0AJ9/8usqwX+TkaXz6iOWySWoADTzuwCfRyuJ NBz5Y6QNY7BhFjqiIjfjbBA= =XV+W -END PGP SIGNATURE- --qMm9M+Fa2AknHoGS-- --- Received: (at 292726-done) by bugs.debian.org; 1 Feb 2005 11:25:12 + From [EMAIL PROTECTED] Tue Feb 01 03:25:12 2005 Return-path: [EMAIL PROTECTED] Received: from smtp07.web.de [217.72.192.225] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cvw9g-0004pV-00; Tue, 01 Feb 2005 03:25:12 -0800 Received: from [217.186.53.200] (helo=europa.test) by smtp07.web.de with asmtp (WEB.DE 4.103 #192) id 1Cvw9B-00039d-00; Tue, 01 Feb 2005 12:24:41 +0100 Received: from [127.0.0.1] (europa.test [127.0.0.1]) by europa.test (Postfix) with ESMTP id C2E2C1CB1AE; Tue, 1 Feb 2005 12:24:34 +0100 (CET) Message-ID: [EMAIL PROTECTED] Date: Tue, 01 Feb 2005 12:24:33 +0100 From: Thomas Schoepf [EMAIL PROTECTED] User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041217 X-Accept-Language: de, en MIME-Version: 1.0 To: Joey Hess [EMAIL PROTECTED], [EMAIL
Bug#293133: configtest.php enabled by default
On Tue, February 1, 2005 11:59, Thomas Nagel said: Package: squirrelmail Version: 1.4.4-1 Severity: serious Information leakage is enabled by default via the newly added /usr/share/squirrelmail/src/configtest.php Script which should be disabled (or as a minimum a Deny line should be added to the example apache.conf file). Thank you for your report. I do not agree with you that this has serious severity: indeed it would be better to leak as less information as possible but I don't see any concrete problems that arise from the small bits of information that can be gathered now (most of which are also readily available through other means on a Debian installed server). I will fix this though. I propose by default allowing access to this script only from localhost. Will check upstream for a permanent solution to this. Thijs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293079: aolserver4-nsd does not run on Alpha
tags 293079 + upstream forwarded 293079 AOLSERVER@LISTSERV.AOL.COM thanks That's a know upstream issue. You pointed it just in time :) http://news.gmane.org/gmane.comp.web.aolserver/ That check could be probably removed, but it's around since 10 years or so. Awaiting porters decisions... On Mon, Jan 31, 2005 at 07:26:22PM -0500, A. Maitland Bottoms wrote: Package: aolserver4 Version: 4.0.10-1 Severity: serious (Severity: grave on Alpha) Seems not to like the size of int and long: ~# aolserver4-nsd -u www-data -t /etc/aolserver4/aolserver4.tcl NsTclInitObjs: sizeof(int) sizeof(long) -Maitland -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#290876: alsa-utils 1.0.8-1 package for powerpc now available
Thanks to Jordi Mallach, alsa-utils_1.0.8-1_powerpc.deb is now available at incoming.debian.org, pending installation in sid. -- Thomas Hood [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging 293125
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.8.6 tags 293125 pending Bug#293125: postgresql: LOAD security issue Tags were: sid sarge woody security Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Squirrelmail bugs fixed in revision r101
Processing commands for [EMAIL PROTECTED]: package squirrelmail Ignoring bugs not assigned to: squirrelmail # Fixed in r101 by kink tag 293133 + pending Bug#293133: configtest.php enabled by default There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#291944: Moving 'extension=imap.so' include in php.ini fixed segfault
On Mon, Jan 31, 2005 at 01:44:11PM +0100, Rune Dalmo wrote: Adam Conrad wrote: Well, given that the bug you reported was fixed in 2.3.2.ds1-17, I'm hoping this means that if you re-test, you won't be able to reproduce your segfault issues. Either way, I'd like to hear back from you, so I know where to go with this bug. I am afraid I still get the segfault. Below is a snippet of my php.ini file: extension=imap.so extension=snmp.so extension=pgsql.so extension=odbc.so extension=mysql.so extension=mcrypt.so extension=gd.so ;extension=imap.so When the imap extension is inserted at the end (see commented out line), the segfault is present. Does this mean that in the segfaulting situation, you actually have extension=imap.so listed *twice* in your php.ini? -- Steve Langasek postmodern programmer signature.asc Description: Digital signature
Bug#293133: Squirrelmail bugs fixed in revision r101
package squirrelmail # Fixed in r101 by kink tag 293133 + pending thanks These bugs are fixed in revision 101 by kink and will likely get fixed in the next upload. Log message: * Limit access to configtest.php to just localhost, to prevent information leakage (Closes: #293133) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293146: samba: total crash os
Package: samba Version: 3.0.10-1 Severity: critical Justification: breaks the whole system Hi, if I transfer a files from windows os (several windows machine) to my debian with samba later 5/10 minutes the linux system total crash(!!!). I press the reset button! I tested a ram: ok the logs nothing significative I change ethernet card several (try 3/4) I recompile kernel 2.4/2.6 I change samba logs with debug but nothing if I use rsync, ftp server, etc. it's ok where is the problem? Sorry but my english isn't ok :-) thank u -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.10fuck Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages samba depends on: ii debconf [debconf-2.0] 1.4.30.11Debian configuration management sy ii libacl1 2.2.23-1 Access control list shared library ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libcomerr2 1.35-6 The Common Error Description libra ii libcupsys2-gnutls10 1.1.23-2 Common UNIX Printing System(tm) - ii libkrb531.3.6-1 MIT Kerberos runtime libraries ii libldap22.1.30-3 OpenLDAP libraries ii libpam-modules 0.76-22 Pluggable Authentication Modules f ii libpam-runtime 0.76-22 Runtime support for the PAM librar ii libpam0g0.76-22 Pluggable Authentication Modules l ii libpopt01.7-5lib for parsing cmdline parameters ii logrotate 3.7-2Log rotation utility ii netbase 4.19 Basic TCP/IP networking system ii samba-common3.0.10-1 Samba common files used by both th -- debconf information: samba/nmbd_from_inetd: * samba/run_mode: daemons samba/log_files_moved: samba/tdbsam: false * samba/generate_smbpasswd: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Fixed in NMU of zopeinterface 3.0.0-2.1
Processing commands for [EMAIL PROTECTED]: tag 291784 + fixed Bug#291784: zopeinterface_3.0.0-2(hppa/unstable): FTBFS: missing build-depends? There were no tags set. Tags added: fixed quit Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293146: marked as done (samba: total crash os)
Your message dated Tue, 1 Feb 2005 05:47:56 -0800 with message-id [EMAIL PROTECTED] and subject line Bug#293146: samba: total crash os has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 1 Feb 2005 13:00:46 + From [EMAIL PROTECTED] Tue Feb 01 05:00:46 2005 Return-path: [EMAIL PROTECTED] Received: from vsmtp3alice.tin.it (vsmtp3.tin.it) [212.216.176.143] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CvxeA-C9-00; Tue, 01 Feb 2005 05:00:46 -0800 Received: from pluto.net (82.54.151.48) by vsmtp3.tin.it (7.0.027) id 41FE87690006BADD for [EMAIL PROTECTED]; Tue, 1 Feb 2005 14:00:14 +0100 Received: by pluto.net (Postfix, from userid 1000) id 4CBB6C6601; Tue, 1 Feb 2005 14:00:18 +0100 (CET) Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: psycheye [EMAIL PROTECTED] To: Debian Bug Tracking System [EMAIL PROTECTED] Subject: samba: total crash os X-Mailer: reportbug 3.2 Date: Tue, 01 Feb 2005 14:00:18 +0100 Message-Id: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: samba Version: 3.0.10-1 Severity: critical Justification: breaks the whole system Hi, if I transfer a files from windows os (several windows machine) to my debian with samba later 5/10 minutes the linux system total crash(!!!). I press the reset button! I tested a ram: ok the logs nothing significative I change ethernet card several (try 3/4) I recompile kernel 2.4/2.6 I change samba logs with debug but nothing if I use rsync, ftp server, etc. it's ok where is the problem? Sorry but my english isn't ok :-) thank u -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.10fuck Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages samba depends on: ii debconf [debconf-2.0] 1.4.30.11Debian configuration management sy ii libacl1 2.2.23-1 Access control list shared library ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libcomerr2 1.35-6 The Common Error Description libra ii libcupsys2-gnutls10 1.1.23-2 Common UNIX Printing System(tm) - ii libkrb531.3.6-1 MIT Kerberos runtime libraries ii libldap22.1.30-3 OpenLDAP libraries ii libpam-modules 0.76-22 Pluggable Authentication Modules f ii libpam-runtime 0.76-22 Runtime support for the PAM librar ii libpam0g0.76-22 Pluggable Authentication Modules l ii libpopt01.7-5lib for parsing cmdline parameters ii logrotate 3.7-2Log rotation utility ii netbase 4.19 Basic TCP/IP networking system ii samba-common3.0.10-1 Samba common files used by both th -- debconf information: samba/nmbd_from_inetd: * samba/run_mode: daemons samba/log_files_moved: samba/tdbsam: false * samba/generate_smbpasswd: --- Received: (at 293146-done) by bugs.debian.org; 1 Feb 2005 13:47:59 + From [EMAIL PROTECTED] Tue Feb 01 05:47:58 2005 Return-path: [EMAIL PROTECTED] Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (localhost.localdomain) [66.93.39.86] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CvyNq-00040c-00; Tue, 01 Feb 2005 05:47:58 -0800 Received: by localhost.localdomain (Postfix, from userid 1000) id 90F1FBAEB8; Tue, 1 Feb 2005 05:47:56 -0800 (PST) Date: Tue, 1 Feb 2005 05:47:56 -0800 From: Steve Langasek [EMAIL PROTECTED] To: psycheye [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Bug#293146: samba: total crash os Message-ID: [EMAIL PROTECTED] References: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol=application/pgp-signature; boundary=TRYliJ5NKNqkz5bu Content-Disposition: inline In-Reply-To: [EMAIL PROTECTED] User-Agent: Mutt/1.5.6+20040907i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
Bug#293146: [MAILER-DAEMON@ms-smtp-03.nyroc.rr.com: Returned mail: see transcript for details]
- Forwarded message from Mail Delivery Subsystem [EMAIL PROTECTED] - X-Original-To: [EMAIL PROTECTED] From: Mail Delivery Subsystem [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Returned mail: see transcript for details Auto-Submitted: auto-generated (failure) X-Spam-Score: -1.3 (-) X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on webmin.steelfarms.net X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=ham version=2.63 The original message was received at Tue, 1 Feb 2005 09:12:07 -0500 (EST) from syr-24-59-54-124.twcny.rr.com [24.59.54.124] - The following addresses had permanent fatal errors - [EMAIL PROTECTED] (reason: 550 5.1.1 [EMAIL PROTECTED]... User unknown) - Transcript of session follows - ... while talking to pluto.net.: RCPT To:[EMAIL PROTECTED] 550 5.1.1 [EMAIL PROTECTED]... User unknown 550 5.1.1 [EMAIL PROTECTED]... User unknown Reporting-MTA: dns; ms-smtp-03.nyroc.rr.com Received-From-MTA: DNS; syr-24-59-54-124.twcny.rr.com Arrival-Date: Tue, 1 Feb 2005 09:12:07 -0500 (EST) Final-Recipient: RFC822; [EMAIL PROTECTED] Action: failed Status: 5.1.1 Remote-MTA: DNS; pluto.net Diagnostic-Code: SMTP; 550 5.1.1 [EMAIL PROTECTED]... User unknown Last-Attempt-Date: Tue, 1 Feb 2005 09:12:10 -0500 (EST) Received: from andromeda (syr-24-59-54-124.twcny.rr.com [24.59.54.124]) by ms-smtp-03.nyroc.rr.com (8.12.10/8.12.10) with ESMTP id j11EC7P4024224; Tue, 1 Feb 2005 09:12:07 -0500 (EST) Received: from pryzbyj by andromeda with local (Exim 3.36 #1 (Debian)) id 1CvylC-0003sP-00; Tue, 01 Feb 2005 09:12:06 -0500 Date: Tue, 1 Feb 2005 09:12:05 -0500 To: psycheye [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Bug#293146: samba: total crash os Message-ID: [EMAIL PROTECTED] References: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: [EMAIL PROTECTED] User-Agent: Mutt/1.5.6+20040907i From: Justin Pryzby [EMAIL PROTECTED] X-Virus-Scanned: Symantec AntiVirus Scan Engine - End forwarded message - -- Justin aptitude install task-iraf saods9 eclipse sextractor x11iraf wcstools http://www.justinpryzby.com/debian/ References [0] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292370: CAN-2004-1388
On Tue, 2005-02-01 at 08:25 +0100, Martin Schulze wrote: This problem has been assigned Candidate: CAN-2004-1388 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1388 Reference: BUGTRAQ:20050126 DMA[2005-0125a] - 'berlios gpsd format string vulnerability' Reference: URL:http://marc.theaimsgroup.com/?l=bugtraqm=110677341711505w=2 Reference: MISC:http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt Reference: XF:gpsd-format-string(19079) Reference: URL:http://xforce.iss.net/xforce/xfdb/19079 Format string vulnerability in the gpsd_report funciton in gpsd 1.9.0 through 2.7 allows remote attackers to execute arbitrary code. Please mention it in the changlog with the next upload when you have to upload a new version anyway. Regards, Joey Thanks for the information. I've made an entry in the changelog in my local repository; it'll be published with the next upload. Cheers, Til -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293118: sarg: hangs up using 99% processor time
On Tue, Feb 01, 2005 at 09:40:46AM +0100, EndelWar wrote: Package: sarg Version: 2.0.2-1 Severity: grave Justification: renders package unusable Running sarg on 2 different server cause it to hang up and uses nearly all cpu time. The command line used is sarg -l /var/log/squid/access.log, the log file come from squid 2.5.7-5 using squidguard 1.2.0-5 as redirector. Could you send me or the bug the logfile as an attachment? If that's not possible, maybe you can trim the log with a binary search to try to narrow down the problem lines as much as possible. Justin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293153: neutrino: is not installable
Package: neutrino Severity: grave Justification: renders package unusable i cannot install neutrino, here is the ouput of apt: The following packages have unmet dependencies: neutrino: Depends: libnjb2 but it is not installable -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.10 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293146: samba: total crash os
On Tue, Feb 01, 2005 at 02:00:18PM +0100, psycheye wrote: Hi, if I transfer a files from windows os (several windows machine) to my debian with samba later 5/10 minutes the linux system total crash(!!!). I press the reset button! If you run top from a console (virtual terminal, outside of X), what happens? Does top keep updating? Justin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293117: marked as done (.hplip.conf is created world writable)
Your message dated Tue, 01 Feb 2005 09:02:32 -0500 with message-id [EMAIL PROTECTED] and subject line Bug#293117: fixed in hplip 0.8.7-3 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 1 Feb 2005 08:42:10 + From [EMAIL PROTECTED] Tue Feb 01 00:42:10 2005 Return-path: [EMAIL PROTECTED] Received: from nez-casse.rail.eu.org [82.232.38.36] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cvtbu-0001Px-00; Tue, 01 Feb 2005 00:42:10 -0800 Received: from nez-casse.rail.eu.org (localhost [127.0.0.1]) by nez-casse.rail.eu.org (Postfix) with ESMTP id 02D81D6BC5; Tue, 1 Feb 2005 09:42:04 +0100 (CET) Received: by nez-casse.rail.eu.org (Postfix, from userid 1000) id CC48DD6BC4; Tue, 1 Feb 2005 09:42:03 +0100 (CET) Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Erwan David [EMAIL PROTECTED] To: Debian Bug Tracking System [EMAIL PROTECTED] Subject: .hplip.conf is created world writable X-Mailer: reportbug 3.7.1 Date: Tue, 01 Feb 2005 09:42:03 +0100 Message-Id: [EMAIL PROTECTED] X-Virus-Scanned: ClamAV using ClamSMTP Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: hplip Version: 0.8.7-2 Severity: grave Justification: user security hole .hplip.conf is created in 666 mode. Since this conf file contains commands which may be launched using the user's right it can be used to cause unwanted process gain access to user's data, by putting specially crafted wrappers in the [commands] section. Solution is to create this file in 600 mode. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.9-2-k7 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages hplip depends on: ii cupsys 1.1.23-3 Common UNIX Printing System(tm) - ii hplip-data 0.8.7-2 HP Linux Printing and Imaging - da ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libcupsys2-gnutls10 1.1.23-3 Common UNIX Printing System(tm) - ii libgcc1 1:3.4.3-7GCC support library ii libsnmp55.1.2-6 NET SNMP (Simple Network Managemen ii libssl0.9.7 0.9.7e-3 SSL shared libraries ii libstdc++5 1:3.3.5-7The GNU Standard C++ Library v3 ii python 2.3.4-6 An interactive high-level object-o ii python-qt3 3.13-4 Qt3 bindings for Python (default v -- no debconf information --- Received: (at 293117-close) by bugs.debian.org; 1 Feb 2005 14:08:18 + From [EMAIL PROTECTED] Tue Feb 01 06:08:18 2005 Return-path: [EMAIL PROTECTED] Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CvyhW-0002FU-00; Tue, 01 Feb 2005 06:08:18 -0800 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1Cvybw-00018n-00; Tue, 01 Feb 2005 09:02:32 -0500 From: Henrique de Moraes Holschuh [EMAIL PROTECTED] To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#293117: fixed in hplip 0.8.7-3 Message-Id: [EMAIL PROTECTED] Sender: Archive Administrator [EMAIL PROTECTED] Date: Tue, 01 Feb 2005 09:02:32 -0500 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Source: hplip Source-Version: 0.8.7-3 We believe that the bug you reported is fixed in the latest version of hplip, which is due to be installed in the Debian FTP archive: hpijs_2.0.1+0.8.7-3_i386.deb to pool/main/h/hplip/hpijs_2.0.1+0.8.7-3_i386.deb hplip-data_0.8.7-3_all.deb to pool/main/h/hplip/hplip-data_0.8.7-3_all.deb hplip_0.8.7-3.diff.gz to pool/main/h/hplip/hplip_0.8.7-3.diff.gz hplip_0.8.7-3.dsc to pool/main/h/hplip/hplip_0.8.7-3.dsc hplip_0.8.7-3_i386.deb to pool/main/h/hplip/hplip_0.8.7-3_i386.deb A
Bug#293110: kvim: Occupies 90-100% CPU as it auto resizes horozontally in KDE 3.3.2
tags 293110 -security thanks Its not a security hole unless the package maintainer is supposedly trojaning the package such as to waste CPU. This sounds like its potentially a window manager problem. What WM are you using? I can't reproduce it here under blackbox; could you also try another WM? Justin On Tue, Feb 01, 2005 at 02:18:25AM -0500, [EMAIL PROTECTED] wrote: Package: kvim Version: 1:6.3-058+1 Severity: grave Tags: security Justification: renders package unusable Everytime kvim is started, it automatically begins resizing itself in the horozontal direction. The package is therefore unusable by any user. CPU usage jumps to near 100% when kvim is opened, thus posing a possible security risk for the user. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages kvim depends on: ii kdelibs4 4:3.3.2-1 KDE core libraries ii libc62.3.2.ds1-20GNU C Library: Shared libraries an ii libgcc1 1:3.4.3-6 GCC support library ii libgpmg1 1.19.6-19 General Purpose Mouse - shared lib ii libice6 4.3.0.dfsg.1-10 Inter-Client Exchange library ii libncurses5 5.4-4 Shared libraries for terminal hand ii libqt3c102-mt3:3.3.3-7 Qt GUI Library (Threaded runtime v ii libsm6 4.3.0.dfsg.1-10 X Window System Session Management ii libstdc++5 1:3.3.5-5 The GNU Standard C++ Library v3 ii libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li ii libxt6 4.3.0.dfsg.1-10 X Toolkit Intrinsics ii vim 1:6.3-058+1 Vi IMproved - enhanced vi editor ii xlibs4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292137: half-patch for gramofile's bplay.c
hi, i found the following patches in #60041 and #126257. with this, recorded files can be played using bplay, but the file header is still somehow badly crafted: $ play new.wav playing new.wav sox: Premature EOF on .wav input file i also noted a few other things that could be grabbed from current bplay: - handling of very long files (see last patch in #126257) - updated Die function to make sure the forked process is killed. And at the end of the recording, when showing the 'Recording information', brec_gramo eats all the cpu available until OK is pressed. ciao, piem --- gramofile-1.6.orig/bplaysrc/bplay.c +++ gramofile-1.6/bplaysrc/bplay.c @@ -307,6 +307,25 @@ memcpy((header.data_chunk), data, 4); header.data_length = bcount; + +#if __BYTE_ORDER == __BIG_ENDIAN +#includebyteswap.h + /* let's do a bit of reordering */ + header.length = bswap_32 (header.length); + header.sc_len = bswap_32 (header.sc_len); + header.format = bswap_16 (header.format); + header.modus = bswap_16 (header.modus); + + header.sample_fq = bswap_32 (header.sample_fq); + header.byte_p_sec = bswap_32 (header.byte_p_sec); + + header.byte_p_spl = bswap_16 (header.byte_p_spl); + header.bit_p_spl = bswap_16 (header.bit_p_spl); + + header.data_chunk = bswap_32 (header.data_chunk); + header.data_length = bswap_32 (header.data_length); +#endif + write(thefd, header, sizeof(header)); } case F_RAW: @@ -476,6 +495,25 @@ memcpy((void*)wavhd, (void*)hd_buf, 20); count = read(thefd, ((char*)wavhd)+20, sizeof(wavhd) - 20); + +#if __BYTE_ORDER == __BIG_ENDIAN +#includebyteswap.h +/* let's do a bit of reordering */ +wavhd.length = bswap_32 (wavhd.length); +wavhd.sc_len = bswap_32 (wavhd.sc_len); +wavhd.format = bswap_16 (wavhd.format); +wavhd.modus = bswap_16 (wavhd.modus); + +wavhd.sample_fq = bswap_32 (wavhd.sample_fq); +wavhd.byte_p_sec = bswap_32 (wavhd.byte_p_sec); + +wavhd.byte_p_spl = bswap_16 (wavhd.byte_p_spl); +wavhd.bit_p_spl = bswap_16 (wavhd.bit_p_spl); + +wavhd.data_chunk = bswap_32 (wavhd.data_chunk); +wavhd.data_length = bswap_32 (wavhd.data_length); +#endif + if(wavhd.format != 1) Die(Input is not a PCM WAV file); #ifndef LP2CD if (! (modsMSPEED))
Bug#291944: Moving 'extension=imap.so' include in php.ini fixed segfault
Rune Dalmo said: I am afraid I still get the segfault. In that case, I'm going to need your full php.ini, and a gdb backtrace of apache -X. If you don't know how to do that, stop apache completely, then: $ gdb apache (gdb) run -X wait for it to segfault (gdb) bt And give me that output. ... Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Fixed in NMU of squirrelmail 1:1.2.6-2
Processing commands for [EMAIL PROTECTED]: tag 292714 + fixed Bug#292714: [CAN-2005-0152] Remote code execution as www-data when register_globals and allow_url_fopen are on Tags were: pending woody security Tags added: fixed quit Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#254401: Lib file gets installed incorrectly
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This has something to do with a earlier libtool bug. And the cdbs autotools.mk doesn't handle it correctly at this moment. So the easy fix is: - - get the sources from debian with: apt-get source package - - copy the debian directory somewhere. - - remove everything except the orig.tar.gz - - unpack the orig.tar.gz - - copy the debian directory into it - - recompile the stuff Now it should be fixed. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/6We2n1ROIkXqbARAvEoAJ955Y8jgFzJUMjAHjAt7KRQEsjkpgCfdQ7R m7qDOG9dzyj6V7F6qtFEQUA= =xgK5 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292137: half-patch for gramofile's bplay.c
tag 292137 + pending thanks On Tue, Feb 01, 2005 at 02:58:50PM +, Paul Brossier wrote: i found the following patches in #60041 and #126257. with this, recorded files can be played using bplay, but the file header is still somehow badly crafted: $ play new.wav playing new.wav sox: Premature EOF on .wav input file Thanks. I had already looked through the bplay BTS entries, found the patches there and decided to craft my own. It's ready but stupid me forgot to apply the current patches to gramofile first, so I'll have to go through another round and do some patch merging. I'll attach the original version against the pristine upstream source for reference. i also noted a few other things that could be grabbed from current bplay: - handling of very long files (see last patch in #126257) - updated Die function to make sure the forked process is killed. And at the end of the recording, when showing the 'Recording information', brec_gramo eats all the cpu available until OK is pressed. WAV format as spec'ed is limited to a 2GB max. file size. Therefore, apart from the sanity checks I see little use in applying the LFS patches. Regards, Daniel. # Fix endianness bugs in WAV and VOC headers on big-endian archs. # Use POSIX size types to avoid broken headers on 64bit archs. # Disable padding in structs that read/write raw on-disk data. # [dk] #PATCHOPTIONS: -p0 Index: bplaysrc/bplay.c === RCS file: /home/kobras/cvsroot/debian/gramofile/bplaysrc/bplay.c,v retrieving revision 1.1.1.2 diff -u -r1.1.1.2 bplay.c --- bplaysrc/bplay.c2001/05/05 14:07:15 1.1.1.2 +++ bplaysrc/bplay.c2005/01/31 15:54:06 @@ -26,6 +26,30 @@ #include machine/soundcard.h #endif +/* Needed for BYTE_ORDER and BIG/LITTLE_ENDIAN macros. */ +#ifndef _BSD_SOURCE +# define _BSD_SOURCE +# include endian.h +# undef _BSD_SOURCE +#else +# include endian.h +#endif + +#include sys/types.h +#include byteswap.h + +/* Adapted from the byteorder macros in the Linux kernel. */ +#if BYTE_ORDER == LITTLE_ENDIAN +#define cpu_to_le32(x) (x) +#define cpu_to_le16(x) (x) +#else +#define cpu_to_le32(x) bswap_32((x)) +#define cpu_to_le16(x) bswap_16((x)) +#endif + +#define le32_to_cpu(x) cpu_to_le32((x)) +#define le16_to_cpu(x) cpu_to_le16((x)) + #include fmtheaders.h #include ../yesnowindow.h @@ -290,23 +314,26 @@ char *data = data; memcpy((header.main_chunk), riff, 4); - header.length = sizeof(wavhead) - 8 + bcount; + header.length = cpu_to_le32(sizeof(wavhead) + - 8 + bcount); memcpy((header.chunk_type), wave, 4); memcpy((header.sub_chunk), fmt, 4); - header.sc_len = 16; - header.format = 1; - header.modus = stereo + 1; - header.sample_fq = speed; - header.byte_p_sec = ((bits 8)? 2:1)*(stereo+1)*speed; + header.sc_len = cpu_to_le32(16); + header.format = cpu_to_le16(1); + header.modus = cpu_to_le16(stereo + 1); + header.sample_fq = cpu_to_le32(speed); + header.byte_p_sec = cpu_to_le32(((bits 8)? + 2:1)*(stereo+1)*speed); /* Correction by J.A. Bezemer: */ - header.byte_p_spl = ((bits 8)? 2:1)*(stereo+1); + header.byte_p_spl = cpu_to_le16(((bits 8)? + 2:1)*(stereo+1)); /* was: header.byte_p_spl = (bits 8)? 2:1; */ - header.bit_p_spl = bits; + header.bit_p_spl = cpu_to_le16(bits); memcpy((header.data_chunk), data, 4); - header.data_length = bcount; + header.data_length = cpu_to_le32(bcount); write(thefd, header, sizeof(header)); } case F_RAW: @@ -336,9 +363,9 @@ for (i=0;i20;i++) header.Magic[i] = VOC_MAGIC[i]; - header.BlockOffset = 0x1a; - header.Version = 0x0114; - header.IDCode = 0x111F; + header.BlockOffset = cpu_to_le16(0x1a); + header.Version = cpu_to_le16(0x0114); + header.IDCode = cpu_to_le16(0x111F); write(thefd, header, sizeof(vochead));
Bug#292137: half-patch for gramofile's bplay.c
On Tue, Feb 01, 2005 at 05:04:42PM +0100, Daniel Kobras wrote: Thanks. I had already looked through the bplay BTS entries, found the patches there and decided to craft my own. It's ready but stupid me forgot to apply the current patches to gramofile first, so I'll have to go through another round and do some patch merging. I'll attach the original version against the pristine upstream source for reference. nice. attached is the patch corrected for fmtheaders (could benefit fiddling a bit with the line numbers to avoid the warnings). your patch seems to produce cleaner files than mine (aplay like them), altough i still get Premature EOF with. And at the end of the recording, when showing the 'Recording information', brec_gramo eats all the cpu available until OK is pressed. WAV format as spec'ed is limited to a 2GB max. file size. Therefore, apart from the sanity checks I see little use in applying the LFS patches. agreed. the cpu eating is quite a problem though, but this is another story. i guess shmbuf.c would need a bit of cleanup too. ciao, piem. # Fix endianness bugs in WAV and VOC headers on big-endian archs. # Use POSIX size types to avoid broken headers on 64bit archs. # Disable padding in structs that read/write raw on-disk data. # [dk] #PATCHOPTIONS: -p0 Index: bplaysrc/bplay.c === RCS file: /home/kobras/cvsroot/debian/gramofile/bplaysrc/bplay.c,v retrieving revision 1.1.1.2 diff -u -r1.1.1.2 bplay.c --- bplaysrc/bplay.c2001/05/05 14:07:15 1.1.1.2 +++ bplaysrc/bplay.c2005/01/31 15:54:06 @@ -26,6 +26,30 @@ #include machine/soundcard.h #endif +/* Needed for BYTE_ORDER and BIG/LITTLE_ENDIAN macros. */ +#ifndef _BSD_SOURCE +# define _BSD_SOURCE +# include endian.h +# undef _BSD_SOURCE +#else +# include endian.h +#endif + +#include sys/types.h +#include byteswap.h + +/* Adapted from the byteorder macros in the Linux kernel. */ +#if BYTE_ORDER == LITTLE_ENDIAN +#define cpu_to_le32(x) (x) +#define cpu_to_le16(x) (x) +#else +#define cpu_to_le32(x) bswap_32((x)) +#define cpu_to_le16(x) bswap_16((x)) +#endif + +#define le32_to_cpu(x) cpu_to_le32((x)) +#define le16_to_cpu(x) cpu_to_le16((x)) + #include fmtheaders.h #include ../yesnowindow.h @@ -290,23 +314,26 @@ char *data = data; memcpy((header.main_chunk), riff, 4); - header.length = sizeof(wavhead) - 8 + bcount; + header.length = cpu_to_le32(sizeof(wavhead) + - 8 + bcount); memcpy((header.chunk_type), wave, 4); memcpy((header.sub_chunk), fmt, 4); - header.sc_len = 16; - header.format = 1; - header.modus = stereo + 1; - header.sample_fq = speed; - header.byte_p_sec = ((bits 8)? 2:1)*(stereo+1)*speed; + header.sc_len = cpu_to_le32(16); + header.format = cpu_to_le16(1); + header.modus = cpu_to_le16(stereo + 1); + header.sample_fq = cpu_to_le32(speed); + header.byte_p_sec = cpu_to_le32(((bits 8)? + 2:1)*(stereo+1)*speed); /* Correction by J.A. Bezemer: */ - header.byte_p_spl = ((bits 8)? 2:1)*(stereo+1); + header.byte_p_spl = cpu_to_le16(((bits 8)? + 2:1)*(stereo+1)); /* was: header.byte_p_spl = (bits 8)? 2:1; */ - header.bit_p_spl = bits; + header.bit_p_spl = cpu_to_le16(bits); memcpy((header.data_chunk), data, 4); - header.data_length = bcount; + header.data_length = cpu_to_le32(bcount); write(thefd, header, sizeof(header)); } case F_RAW: @@ -336,9 +363,9 @@ for (i=0;i20;i++) header.Magic[i] = VOC_MAGIC[i]; - header.BlockOffset = 0x1a; - header.Version = 0x0114; - header.IDCode = 0x111F; + header.BlockOffset = cpu_to_le16(0x1a); + header.Version = cpu_to_le16(0x0114); + header.IDCode = cpu_to_le16(0x111F); write(thefd, header, sizeof(vochead)); snd_parm(speed, bits, stereo); @@ -349,10 +376,10 @@
Processed: Re: Bug#293153: neutrino: is not installable
Processing commands for [EMAIL PROTECTED]: package neutrino Ignoring bugs not assigned to: neutrino tag 293153 +pending Bug#293153: neutrino: is not installable There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Fixed in upload of aptitude 0.3.1-4 to experimental
Processing commands for [EMAIL PROTECTED]: tag 293130 + fixed-in-experimental Bug#293130: aptitude: [arm] FTBFS in experimental Tags were: experimental Tags added: fixed-in-experimental quit Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#282342: libextractor: FTBFS: Linking to static version of gobject-2.0 when making shared object.
On Tue, Feb 01, 2005 at 05:49:49PM +0100, Daniel Baumann wrote: Policy says that static version should be non-PIC version and that if you need a static PIC version you should name it that way. can you give me a hint where this is written, and how to fix it? From the policy: 10.2. Libraries --- The shared version of a library must be compiled with `-fPIC', and the static version must not be. In other words, each source unit (`*.c', for example, for C files) will need to be compiled twice. Also http://release.debian.org/sarge_rc_policy.txt says: (f) Libraries Shared libraries must be compiled with -fPIC, and normally static libraries must not be. If you need to provide static libraries compiled with -fPIC, call it libname_pic.a. What I *think* is the proper solution to fix this problem is to have symbol versioning in glib and then link to the shared version again. See bugs.debian.org/264400 for a wishlist bug asking that. I think you really should talk to the glib maintainer. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
debian-bugs-rc@lists.debian.org
Package: kernel-image-2.6.10-1-k7 Version: 2.6.10-4 Severity: grave Justification: causes non-serious data loss -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a Terratec Aureon 5.1 PCI sound card, and an on-board 3Com 3c940 gigabit ethernet controller (the board is an Asus A7V600). The sound card uses the cmipci module, and the ethernet card the sk98lin module. Playing sound and using the network at the same time freezes the sytem after a short time (generally 15-30 seconds); nothing is logged or displayed (I checked syslog, kern.log and /var/log/messages), it just freezes everything, forcing a reset of the machine (and after the subsequent reboot my mouse isn't recognized any more, but I don't think that matters). I did a memtest, but my memory seems to be ok. This happens both with kernel-image-2.6.10-1-k7-4 and kernel-image-2.6.9-2-k7-5; it does NOT happen with kernel-image-2.6.8-2-k7-13. Steps to reproduce (console, no X11 loaded): alsaplayer -i text SOME MP3 (other console) ncftp and download something. I'm sorry I can't provide any more useful information, but I just have no idea how to debug a frozen system :-( Greetings, Aaron [EMAIL PROTECTED]:~# lsmod Module Size Used by nvidia 3464988 12 ipv6 262912 12 lp 11368 0 af_packet 22408 2 snd_cmipci 33440 3 snd_pcm_oss53668 0 snd_mixer_oss 20096 3 snd_pcm_oss snd_pcm97224 2 snd_cmipci,snd_pcm_oss snd_page_alloc 9924 1 snd_pcm snd_opl3_lib 11200 1 snd_cmipci snd_timer 25668 2 snd_pcm,snd_opl3_lib snd_hwdep 9540 1 snd_opl3_lib gameport4544 1 snd_cmipci snd_mpu401_uart 7872 1 snd_cmipci snd_rawmidi25120 1 snd_mpu401_uart snd_seq_device 8716 2 snd_opl3_lib,snd_rawmidi snd57188 12 snd_cmipci,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_opl3_lib,snd_timer,snd_hwdep,snd_mpu401_uart,snd_rawmidi,snd_seq_device soundcore 10272 3 snd pci_hotplug34160 0 via_agp 9472 1 agpgart34408 2 via_agp tsdev 7616 0 mousedev 11480 2 psmouse21832 0 parport_pc 37828 1 parport37576 2 lp,parport_pc floppy 60048 0 pcspkr 3560 0 rtc12664 0 evdev 9472 0 ehci_hcd 33028 0 uhci_hcd 33552 0 usbcore 121656 3 ehci_hcd,uhci_hcd sk98lin 170984 1 capability 4680 0 commoncap 7808 1 capability vsxxxaa 6464 0 it87 23268 0 eeprom 7576 0 i2c_sensor 3584 2 it87,eeprom i2c_isa 1920 0 i2c_viapro 7500 0 i2c_core 22736 5 it87,eeprom,i2c_sensor,i2c_isa,i2c_viapro ide_generic 1216 0 [permanent] ide_cd 42564 0 cdrom 41116 1 ide_cd via82cxxx 13468 0 [permanent] ide_core 132236 3 ide_generic,ide_cd,via82cxxx ext3 139528 2 jbd61336 1 ext3 mbcache 8516 1 ext3 sd_mod 18000 5 aic7xxx 212504 0 sata_via7300 3 libata 46596 1 sata_via scsi_mod 129600 3 sd_mod,aic7xxx,libata unix 28724 714 fbcon 38336 0 font8256 1 fbcon bitblit 5568 1 fbcon vesafb 7768 0 cfbcopyarea 3904 1 vesafb cfbimgblt 2944 1 vesafb cfbfillrect 3520 1 vesafb [EMAIL PROTECTED]:~# lspci - :00:00.0 Host bridge: VIA Technologies, Inc. VT8377 [KT400/KT600 AGP] Host Bridge (rev 80) Subsystem: Asustek Computer, Inc. A7V8X motherboard Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- Status: Cap+ 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium TAbort- TAbort- MAbort+ SERR- PERR- Latency: 0 Region 0: Memory at f000 (32-bit, prefetchable) [size=128M] Capabilities: [80] AGP version 3.5 Status: RQ=32 Iso- ArqSz=0 Cal=2 SBA+ ITACoh- GART64- HTrans- 64bit- FW+ AGP3- Rate=x1,x2,x4 Command: RQ=1 ArqSz=0 Cal=0 SBA- AGP+ GART64- 64bit- FW- Rate=x4 Capabilities: [c0] Power Management version 2 Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA PME(D0-,D1-,D2-,D3hot-,D3cold-) Status: D0 PME-Enable- DSel=0 DScale=0 PME- :00:01.0 PCI bridge: VIA Technologies, Inc. VT8237 PCI Bridge (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- Status: Cap+ 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium
Processed: Re: Bug#293110: kvim: Occupies 90-100% CPU as it auto resizes horozontally in KDE 3.3.2
Processing commands for [EMAIL PROTECTED]: reassign 293110 kde Bug#293110: kvim: Occupies 90-100% CPU as it auto resizes horozontally in KDE 3.3.2 Bug reassigned from package `kvim' to `kde'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#287640: marked as done (vice 1.14-3 broken on 64-bit archs)
Your message dated Tue, 01 Feb 2005 13:32:06 -0500 with message-id [EMAIL PROTECTED] and subject line Bug#287640: fixed in vice 1.16-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 29 Dec 2004 09:21:51 + From [EMAIL PROTECTED] Wed Dec 29 01:21:51 2004 Return-path: [EMAIL PROTECTED] Received: from mailhub.id.cbs.dk [130.226.47.91] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cja1f-000716-00; Wed, 29 Dec 2004 01:21:51 -0800 Received: from mail.id.cbs.dk ([172.16.14.53] ident=mail) by mailhub.id.cbs.dk with esmtp (Cipher TLSv1:AES256-SHA:256) (Exim 3.36 #1 (Debian)) id 1Cja1W-0007lg-00 for [EMAIL PROTECTED]; Wed, 29 Dec 2004 10:21:42 +0100 Received: from deskpro02.id.cbs.dk ([130.226.34.10]) by mail.id.cbs.dk with esmtp (Cipher TLSv1:AES256-SHA:256) (Exim 3.36 #1 (Debian)) id 1Cja1V-Yz-00 for [EMAIL PROTECTED]; Wed, 29 Dec 2004 10:21:41 +0100 Received: from ukh by deskpro02.id.cbs.dk with local (Exim 3.36 #1 (Debian)) id 1Cja11-0004L9-00 for [EMAIL PROTECTED]; Wed, 29 Dec 2004 10:21:11 +0100 Date: Wed, 29 Dec 2004 10:21:11 +0100 To: [EMAIL PROTECTED] Subject: vice 1.14-3 broken on 64-bit archs Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6+20040907i From: Kaare Hviid [EMAIL PROTECTED] X-Scanner: exiscan *1Cja1W-0007lg-00*.lm4EunxybI* Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2004_03_25 X-Spam-Level: Package: vice Version: 1.14-3 Severity: important Tags: patch On alpha and amd64, all VICE emulators will crash immediately on startup: *** VICE Version 1.14 *** Welcome to x64, the free portable C64 Emulator. Current VICE team members: A. Boose, D. Lem, T. Biczo, A. Dehmel, T. Bretz, A. Matthies, M. Pottendorfer, M. Brenner, S. Trikaliotis. This is free software with ABSOLUTELY NO WARRANTY. See the About VICE command for more info. X11: Found 24bit/TrueColor visual. X11: Using private colormap. DGA2: Found mode: 800x600-85.1Hz, 76 DGA2: Found mode: 640x480-85.0Hz, 77 DGA2: Found mode: 720x400-85.0Hz, 93 DGA2: Found mode: 640x400-85.1Hz, 94 DGA2: Found mode: 640x350-85.1Hz, 95 Received signal 11. Exiting... There is a patch against 1.14 on the official VICE team home page, with a fast fix for this crash on 64-bit systems: http://www.viceteam.org/online/vice64bit.diff.gz --- interrupt.c.old 2004-06-12 16:51:49.740543672 +0200 +++ interrupt.c 2004-06-12 16:52:35.082650624 +0200 @@ -83,7 +83,7 @@ cs-pending_int[cs-num_ints - 1] = 0; cs-int_name = (char **)lib_realloc(cs-int_name, cs-num_ints -* /*sizeof(*(cs-int_name))*/ 4); +* sizeof(char *)); cs-int_name[cs-num_ints - 1] = lib_stralloc(name); return cs-num_ints - 1; The above patch at least fixes the issue on amd64 - I have been unable to test on alpha since my alpha build system lacks sufficient RAM. The issue is supposedly also fixed in the new upstream 1.15. Unfortunately, although 1.15 builds, it does NOT run out of the box on my amd64 box - I have yet to investigate that issue. Also, the vice 1.14-3 deb is lacking links for the missing man-pages of xplus4 and xcbm2. -ukh --- Received: (at 287640-close) by bugs.debian.org; 1 Feb 2005 18:38:14 + From [EMAIL PROTECTED] Tue Feb 01 10:38:14 2005 Return-path: [EMAIL PROTECTED] Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cw2uk-00011D-00; Tue, 01 Feb 2005 10:38:14 -0800 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1Cw2oo-00087n-00; Tue, 01 Feb 2005 13:32:06 -0500 From: Zed Pobre [EMAIL PROTECTED] To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#287640: fixed in vice 1.16-1 Message-Id: [EMAIL PROTECTED] Sender: Archive Administrator [EMAIL PROTECTED] Date: Tue, 01 Feb 2005 13:32:06 -0500 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on
Bug#293118: sarg: hangs up using 99% processor time
Il giorno mar, 01-02-2005 alle 09:14 -0500, Justin Pryzby ha scritto: Could you send me or the bug the logfile as an attachment? If that's not possible, maybe you can trim the log with a binary search to try to narrow down the problem lines as much as possible. In the attached file you can find the last lines of output of `strace sarg -l /var/log/squid/access.log`. After editing /etc/squid/sarg.conf and commenting out squidguard_log_path, the program doesn't hang and complete its job (asking more command line option as -o). Ciao, Manuel strace_sarg.txt.gz Description: GNU Zip compressed data
Bug#271038: Bug#290474: I can't boot 2.6.8 and 2.6.10 kernels on my system, while 2.6.7 starts without problems
Hi Maximilian, Since some kernel 2.6.x SATA devices are part of the SCSI layer. This can be configured back to the IDE layer, AFAIK. See the kernel configuration and build a new kernel. But the SCSI layer works pretty well. If you need to switch back to kernel 2.4.x sometimes, then I would suggest to label the partitions of your harddisks (see man tune2fs, option -L, or man reiserfstune, -l). You could use something like LABEL=root / ext2defaults0 1 LABEL=swap none swapsw 0 0 LABEL=home /home ext2defaults0 1 in your /etc/fstab, instead of /dev/hda1 or /dev/sda1. Regards Harri signature.asc Description: OpenPGP digital signature
Bug#293210: bluez-bcm203x firmware loader depends on non-free firmware
Josh, thanks for filing this. It is as you say good to have it out there. My question is this: why should this firmware loader be any different than the kernel? It is required only under kernel 2.4, and performs the same function as the bcm203x module in kernel 2.6. I can see no reason for not applying exactly the same practice as Debian does to the kernel. I am not a lawyer, nor do I have enough spare time to sink into argument about this. My guiding principle will be to follow what happens to the kernel here unless I am persuaded convincingly by my fellow developers or project policy otherwise. regards -- Edd signature.asc Description: This is a digitally signed message part
Bug#293217: Segmentation fault by /usr/lib/mailman/cron/qrunner
Package: mailman Version: 2.0.11-1woody8 Severity: critical Justification: security hole When I send an email to the mailing list, I get an email from the cronjob: -- CUT HERE --- From [EMAIL PROTECTED] Tue Feb 1 20:57:05 2005 Return-Path: [EMAIL PROTECTED] X-Original-To: list Delivered-To: [EMAIL PROTECTED] Received: by smtp.trashmail.net (Postfix, from userid 38) id 8967333C92; Tue, 1 Feb 2005 20:57:05 +0100 (CET) From: Cron Daemon [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Cron [EMAIL PROTECTED][ -x /usr/bin/python -a -f /usr/lib/mailman/cron/qrunner ] /usr/bin/python +/usr/lib/mailman/cron/qrunner X-Cron-Env: SHELL=/bin/sh X-Cron-Env: HOME=/var/list X-Cron-Env: PATH=/usr/bin:/bin X-Cron-Env: LOGNAME=list Message-Id: [EMAIL PROTECTED] Date: Tue, 1 Feb 2005 20:57:05 +0100 (CET) Segmentation fault -- CUT HERE --- I don't know where is the error, why it's seg faults, and if it's dangerous. But I think if the program makes Segmentation fault, it could be a serious security hole. Somebody could get a shell account with the list account privileges. -- System Information: Debian Release: testing/unstable Architecture: i386 (i686) Kernel: Linux 2.4.25 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] Versions of packages mailman depends on: ii apache [httpd] 1.3.29.0.2-4 Versatile, high-performance HTTP s ii cron3.0pl1-83management of regular background p ii debconf 1.4.21 Debian configuration management sy ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an ii logrotate 3.6.5-2 Log rotation utility ii postfix [mail-transport-age 2.0.16-4 A high-performance mail transport ii python 2.3.3-7 An interactive high-level object-o -- debconf information: * mailman/gate_news: yes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging 293153
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.8.5 tags 293153 sid Bug#293153: neutrino: is not installable Tags were: pending Tags added: sid End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293209: xine-ui: video visualization doesn't work
On Tue, 1 Feb 2005, Renan Melhado wrote: When I run xine, the visualization area of the video player just stay embarassed and distorted, so the area of video play turns off, showing random color with some distortions, and is impossible to run any video due to this problem. Could you please explain in detail what you mean by run xine, embarassed and off? If your video window just displays garbage instead of the xine logo or the video you're trying to play, this is most likely due to a broken Xv implementation in your X server. In that case, starting xine -V xshm should fix the issue for you. (note that this switches xine to software rendering, so it will significantly lose performance. To switch back: xine -V xv) The title of the windows shows a message saying something like: There are no mrl The window title There is no MRL indicates that xine is currently not playing any MRL (ie. you haven't specified a location to play, or you haven't hit the play button or Enter key, yet. You might want to enable smart mode in xine's setup, so some confusing things like having to start xine explicitly will no longer be required. However, smart mode should be the default, anyway...) HTH, Siggi -- WARNING: RAID-6 is currently highly experimental. If you use it, there is no guarantee whatsoever that it won't destroy your data, eat your disk drives, insult your mother, or re-appoint George W. Bush.-- Linux 2.6.10 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#290234: marked as done (mcs: FTBFS: Cannot find types)
Your message dated Tue, 01 Feb 2005 15:49:35 -0500 with message-id [EMAIL PROTECTED] and subject line Bug#290234: fixed in mcs 1.0.5-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 13 Jan 2005 03:03:12 + From [EMAIL PROTECTED] Wed Jan 12 19:03:12 2005 Return-path: [EMAIL PROTECTED] Received: from hall.mail.mindspring.net [207.69.200.60] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CovGS-00014p-00; Wed, 12 Jan 2005 19:03:12 -0800 Received: from user-119bq03.biz.mindspring.com ([66.149.232.3] helo=frobnitz.homelinux.net) by hall.mail.mindspring.net with esmtp (Exim 3.33 #1) id 1CovGR-0005ra-00 for [EMAIL PROTECTED]; Wed, 12 Jan 2005 22:03:11 -0500 Received: from daniel by frobnitz.homelinux.net with local (Exim 4.34) id 1CovGQ-0002MK-M0 for [EMAIL PROTECTED]; Wed, 12 Jan 2005 19:03:10 -0800 To: Debian Bug Tracking System [EMAIL PROTECTED] Subject: mcs: FTBFS: Cannot find types From: Daniel Schepler [EMAIL PROTECTED] Date: Wed, 12 Jan 2005 19:03:10 -0800 Message-ID: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: mcs Severity: serious Version: 1.0.4-1 From my build log, using pbuilder in an ia32 chroot: ... MONO_PATH=../class/lib/net_2_0_bootstrap:$MONO_PATH /usr/bin/cli ../mcs/mcs.exe -2 /target:exe /debug /out:gmcs.exe AssemblyInfo.cs anonymous.cs assign.cs attribute.cs driver.cs cs-tokenizer.cs cfold.cs class.cs codegen.cs const.cs constant.cs convert.cs decl.cs delegate.cs enum.cs ecore.cs expression.cs flowanalysis.cs generic.cs iterators.cs literal.cs location.cs modifiers.cs namespace.cs parameter.cs pending.cs report.cs rootcontext.cs statement.cs support.cs typemanager.cs symbolwriter.cs tree.cs CryptoConvert.cs cs-parser.cs attribute.cs(802) error CS0246: Cannot find type `ListDictionary' report.cs(66) error CS0246: Cannot find type `StringCollection' typemanager.cs(863) error CS0246: Cannot find type `Match' attribute.cs(16) error CS0246: The namespace `System.Collections.Specialized' can not be found (missing assembly reference?) report.cs(15) error CS0246: The namespace `System.Collections.Specialized' can not be found (missing assembly reference?) typemanager.cs(27) error CS0246: The namespace `System.Text.RegularExpressions' can not be found (missing assembly reference?) Compilation failed: 6 error(s), 0 warnings make[4]: *** [gmcs.exe] Error 1 make[4]: Leaving directory `/tmp/mcs/mcs-1.0.4/gmcs' make[3]: *** [../../gmcs/gmcs.exe] Error 2 make[3]: Leaving directory `/tmp/mcs/mcs-1.0.4/class/corlib' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/tmp/mcs/mcs-1.0.4/class' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/tmp/mcs/mcs-1.0.4' make: *** [build-indep-stamp] Error 2 -- System Information: Debian Release: 3.1 Architecture: amd64 (x86_64) Kernel: Linux 2.6.9-9-amd64-k8 Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) -- Daniel Schepler Please don't disillusion me. I [EMAIL PROTECTED]haven't had breakfast yet. -- Orson Scott Card --- Received: (at 290234-close) by bugs.debian.org; 1 Feb 2005 20:56:10 + From [EMAIL PROTECTED] Tue Feb 01 12:56:10 2005 Return-path: [EMAIL PROTECTED] Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cw54D-0003of-00; Tue, 01 Feb 2005 12:56:10 -0800 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1Cw4xr-Si-00; Tue, 01 Feb 2005 15:49:35 -0500 From: Debian Mono Group [EMAIL PROTECTED] To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#290234: fixed in mcs 1.0.5-1 Message-Id: [EMAIL PROTECTED] Sender: Archive Administrator [EMAIL PROTECTED] Date: Tue, 01 Feb 2005 15:49:35 -0500 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no
Processed: firehol: patch sent
Processing commands for [EMAIL PROTECTED]: tag 291680 patch Bug#291680: firehol: insecure temporary directory handling Tags were: security Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#291680: firehol: patch for insecure directory handling
I took a peek at the changes in upstream's CVS pointed to by Sam Couter. As far as I can see, that approach is correct. I modified the 1.214-2 Debian package accordingly. If fact, I changed all calls to MKDIR_CMD to not use -p. In addition, I had to change things so that firehol_exit won't remove $FIREHOL_DIR if we didn't create it. This resulted in a few other changes. I have attached a patch. Since I don't use firehol myself (I only looked at the bug because I'm having my very own private bug squashing party), I didn't test the package extensively, but I did test that the startup fails if it does not manage to create the temporary directory, and that it won't remove it if it didn't create it. Happy hacking, hopefully this patch will be of help. diff -ru firehol-1.214/debian/changelog firehol-1.214.fixed/debian/changelog --- firehol-1.214/debian/changelog 2005-02-02 00:27:38.0 +0200 +++ firehol-1.214.fixed/debian/changelog 2005-02-02 00:24:55.0 +0200 @@ -1,3 +1,13 @@ +firehol (1.214-2.0.liw.1) unstable; urgency=high + + * firehol.sh, firehol-lib.sh: Removed -p parameters from calls to mkdir. +This should properly fix the security problem in #291680. Also made +sure that the temporary directory is not removed on exit if we did +not create it (removing someone else's directories is rude, even +if they might be trying to crack the system). + + -- Lars Wirzenius [EMAIL PROTECTED] Wed, 2 Feb 2005 00:12:00 +0200 + firehol (1.214-2) unstable; urgency=high * Makes wget and curl check fail silently because the normal user diff -ru firehol-1.214/firehol-lib.sh firehol-1.214.fixed/firehol-lib.sh --- firehol-1.214/firehol-lib.sh 2005-02-02 00:27:38.0 +0200 +++ firehol-1.214.fixed/firehol-lib.sh 2005-02-02 00:23:44.0 +0200 @@ -100,7 +100,11 @@ # Make sure we have a directory for our data. if [ ! -d ${FIREHOL_SPOOL_DIR} ] then - ${MKDIR_CMD} -p ${FIREHOL_SPOOL_DIR} || exit 1 + if ! ${MKDIR_CMD} ${FIREHOL_SPOOL_DIR} + then + FILEHOL_DIR=/ + exit 1 + fi fi # IANA Reserved IPv4 address space @@ -1538,7 +1542,7 @@ # Externally defined services can be placed in ${FIREHOL_CONFIG_DIR}/services/ if [ ! -d ${FIREHOL_CONFIG_DIR}/services ] then - ${MKDIR_CMD} -p ${FIREHOL_CONFIG_DIR}/services + ${MKDIR_CMD} ${FIREHOL_CONFIG_DIR}/services if [ $? -ne 0 ] then echo 2 @@ -1547,6 +1551,7 @@ echo 2 Possibly you have a file with this name, or something else is happening. echo 2 Please solve this issue and retry. echo 2 + FILEHOL_DIR=/ exit 1 fi ${CHOWN_CMD} root:root ${FIREHOL_CONFIG_DIR}/services diff -ru firehol-1.214/firehol.sh firehol-1.214.fixed/firehol.sh --- firehol-1.214/firehol.sh 2005-02-02 00:27:38.0 +0200 +++ firehol-1.214.fixed/firehol.sh 2005-02-02 00:22:03.0 +0200 @@ -47,7 +47,9 @@ echo fi - test -d ${FIREHOL_DIR} ${RM_CMD} -rf ${FIREHOL_DIR} +test -d ${FIREHOL_DIR} -a ${FIREHOL_DIR} != / \ +${RM_CMD} -rf ${FIREHOL_DIR} + return 0 } @@ -57,10 +59,10 @@ #set out umask so that nobody could exploit the tempdir umask 077 test -d ${FIREHOL_DIR} echo Tempdir already exists. Please remove it before proceeding exit 1 -${MKDIR_CMD} -p ${FIREHOL_DIR} -test $? -gt 0 exit 1 +${MKDIR_CMD} ${FIREHOL_DIR} +test $? -gt 0 FIREHOL_DIR=/ exit 1 -${MKDIR_CMD} -p ${FIREHOL_CHAINS_DIR} +${MKDIR_CMD} ${FIREHOL_CHAINS_DIR} test $? -gt 0 exit 1
Bug#292224: Bug#291722: clone 291722, reassign 292224 to discover1
On Tue, Jan 25, 2005 at 10:38:39PM -0800, Ryan Murray wrote: read(5, 0xb7fe8000, 1024) = -1 EIO (Input/output error) --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ Apparently discover1 doesn't handle getting read errors too gracefully. Check lib/ide.c:264; sscanf() on what could be a NULL pointer (since getline() can fail). Add an if (line) and it should be okay. /* Steinar */ -- Homepage: http://www.sesse.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293207: bogofilter: last two versions caused db errors
Clint Adams wrote: Package: bogofilter Version: 0.93.1-1 Note - the above shoud have read 0.93.5-1 Severity: serious Justification: unkown Not much of a justification, is it? First, I appriciate your efforts. There really is a policy about spending time in unstable. See: http://www.debian.org/doc/manuals/developers-reference/ch-pkgs.en.html#s-t-p-u And From: http://release.debian.org/sarge_rc_policy.txt makes unrelated software on the system (or the whole system) break When this breaks it stops Exim in my setup. Thus there are actually two policy violations. I'm not sure of the exact rules, but I don't see the normal time in unstable before these end up in Sarge. Rolled back to what? A stable version with a new version number. At least bogofilter_0.93.1-1_i386.deb or the one before works without crashing the db file. You have to realize that sarge is about to go stable. Lots of people are starting to run sarge on production machines. This didn't spend any time in unstable after the upstream release. I think 30 days to see what bugs come back would be a starting point. Did you read NEWS.Debian? Yes - even been in the news. Karl Schmidt EMail [EMAIL PROTECTED] Transtronics, Inc. WEB http://xtronics.com 3209 West 9th StreetPh (785) 841-3089 Lawrence, KS 66049 FAX (785) 841-0434 Merchandise offered without price, is sure to cost more than it is worth. -kps -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292984: lvm2: lvremove causes inconsistent VG metadata
Hello Patrick, On Monday 31 January 2005 16:40, you wrote: Secondly try using vgcfgrestore to restore the metadata onto the disks, you only need to do this if 1) above fails I've got my system back! :-D Your suggestions and the fact that lvdisplay gave proper output led me to try vgcfgbackup -f. I reviewed the resulting file for VG sys, and it looked good. So I did a vgcfgrestore from that file, and bingo, the VG was OK again. I've now finished the reorganization and the system is back up. Thanks very much for your help. (And I learned a lot about LVM in the process.) I'll leave it to you what to do with this bug report. IMO both errors I reported are still there, but as it is after all relatively easy to recover from the resulting inconsistency (once you know how), you may want to downgrade to important. Thanks again, Frans Pop -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293207: bogofilter: last two versions caused db errors
There really is a policy about spending time in unstable. See: http://www.debian.org/doc/manuals/developers-reference/ch-pkgs.en.html#s-t-p-u bogofilter isn't frozen yet. testing-proposed-updates doesn't apply. http://release.debian.org/sarge_rc_policy.txt makes unrelated software on the system (or the whole system) break When this breaks it stops Exim in my setup. Thus there are actually two policy violations. bogofilter isn't breaking exim. Apparently bogofilter is breaking, and exim is failing to handle that. At least bogofilter_0.93.1-1_i386.deb or the one before works without crashing the db file. You have to realize that sarge is about to go stable. Lots of people are starting to run sarge on production machines. This didn't spend any time in unstable after the upstream release. I think 30 days to see what bugs come back would be a starting point. You seem to be the only person to experience such a problem for at least the past month. For the record, this user is describing switching from a db4.2-linked bogofilter to a db4.3-linked bogofilter. Not true --- I rebuilt the databases You may have rebuilt the databases, but that doesn't change the fact that you're claiming that the db4.2-version is fine, and the db4.3-version is experiencing corruption. It worked for most of 48 hours. Did the same for the last debian release - with the same problem. Are you using libdb4.3 4.3.27-1 with the problematic bogofilter versions? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293255: libgnomeuimm2.6 depends on libglademm2.4 = 2.5.1
Package: libgnomeuimm2.6 Severity: serious Hello, libgnomeuimm2.6 in unstable depends on libglademm2.4 = 2.5.1 but current libglademm2.4 in sid is 2.4.1-2. Cheers Artur -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.10bl Locale: LANG=C, LC_CTYPE=pl_PL (charmap=ISO-8859-2) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#271427: another Debian font bug
I've just realised that it's Florian, who did the last (NMU) upload of gsfonts, who is the submitter of this bug and not Stefan, who reported the bug originally as #250949. I'm CCing Stefan. Stefan, if you'd like to catch up on what's been happening, the bug log is available here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=271427 If you could test my packages (details below) and verify that they fix the problem, I would be very grateful. Ar 29/01/2005 am 18:35, ysgrifennodd Danilo egan: Today at 17:04, Dafydd Harries wrote: Ah, this list is just what I need. However, there are some glyphs which are not in your list (see my previous mail to the bug report for details), but which also seem to be broken. Perhaps some non-Serbian Cyrillic glyphs are also broken. Yes, I've noticed that you mention it, but I really can't help there, since I'm not familiar with those glyphs, and how they're used or how should they look. My guess would be as good as yours. All Cyrillic outside 0x4000x45f range is used by non-Slavic Cyrillic languages, so I really don't know anything about it. Ok, I now have a list of glyphs to copy based on your list and the ones which I've identified as broken. I've uploaded a new .deb, plus the latest versions of my scripts and their various outputs to the same location as before: http://muse.19inch.net/~daf/dump/271427/ The copy-cyrillic.sh script contains the list of glyphs copied. The reason for this is that the Chancery font in the version of Valek's fonts which I grabbed doesn't seem to contain any of the Serbian glyphs. Also, the Nimbus Sans Condensed has a few broken/missing glyphs. I've just checked 1.0.7pre39 tarball, and it has all of these. I remember asking Valek to provide a SFD tarball a few releases before that, but that didn't come with Chancery fixed-up (it was fixed a release or two after the rest of the stuff), so perhaps you're using that one instead? Yeah, it seems this was due to a bug in my script where it wouldn't copy the glyphs if they were not already in the target font. I've now fixed this, with some help from the Fontforge author. The only drawback is that these glyphs are added at the end of the font rather than inserted in order, but I don't think it's enough to worry about. By the way, my work is based on the 1.0.7pre40 tarball from gnome.ru. The main remaining issue seems to be that Fontforge is causing spurious changes to the font metrics in some cases. I'm going to pursue this with the Fontforge author. Something else to note is that neither the GhostScript fonts nor Valek's fonts contain glyphs for U+04a2 () and U+04a3 () in Nimbus Sans L Bold Condensed (n019044l.pfb). One thing that needs some consideration is which version number to give this updated package. The three most recent versions were: - 8.14-3. - 8.14+urwcyr1.0.7pre35-1, which I understand used Valek's fonts as upstream source. - 8.14+v8.11-0.1, Florian's NMU which reverted the .orig.tar.gz back to that of 8.14, in order to fix the metrics problems introduced by the previous upload. I guess 8.14+urwcyr1.0.7pre40 will do for the upstream version. -- Dafydd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: your mail
Processing commands for [EMAIL PROTECTED]: Package: spampd Unknown command or malformed arguments to command. Tags 292410 + fixed pending Bug#292410: spampd: envelope headers patch breaks daemon There were no tags set. Tags added: fixed, pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293125: marked as done (postgresql: LOAD security issue)
Your message dated Tue, 01 Feb 2005 20:02:24 -0500 with message-id [EMAIL PROTECTED] and subject line Bug#293125: fixed in postgresql 7.4.7-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 1 Feb 2005 09:44:17 + From [EMAIL PROTECTED] Tue Feb 01 01:44:17 2005 Return-path: [EMAIL PROTECTED] Received: from mail.enyo.de [212.9.189.167] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cvua1-0008E9-00; Tue, 01 Feb 2005 01:44:17 -0800 Received: from deneb.enyo.de ([212.9.189.171]) by albireo.enyo.de with esmtp id 1CvuZz-0001OH-WE for [EMAIL PROTECTED]; Tue, 01 Feb 2005 10:44:16 +0100 Received: from fw by deneb.enyo.de with local (Exim 4.43) id 1CvuZz-0001MC-Qe; Tue, 01 Feb 2005 10:44:15 +0100 Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Florian Weimer [EMAIL PROTECTED] To: Debian Bug Tracking System [EMAIL PROTECTED] Subject: postgresql: LOAD security issue X-Mailer: reportbug 3.5 Date: Tue, 01 Feb 2005 10:44:15 +0100 Message-Id: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: postgresql Version: 7.4.6-7 Severity: grave Tags: security Justification: user security hole Upstream has released new versions because of the LOAD security hole: http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php http://archives.postgresql.org/pgsql-announce/2005-02/msg0.php -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (800, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11-rc1fw Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages postgresql depends on: ii adduser 3.59Add and remove users and groups ii debconf [debconf 1.4.42 Debian configuration management sy ii debianutils 2.11.2 Miscellaneous utilities specific t ii libc62.3.2.ds1-20GNU C Library: Shared libraries an ii libcomerr2 1.36rc2-1 common error description library ii libkrb53 1.3.6-1 MIT Kerberos runtime libraries ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libperl5.8 5.8.4-5 Shared Perl library ii libpq3 7.4.6-6 PostgreSQL C client library ii libreadline4 4.3-15 GNU readline and history libraries ii libssl0.9.7 0.9.7e-3SSL shared libraries ii mailx1:8.1.2-0.20040524cvs-4 A simple mail user agent pn postgresql-clien Not found. ii procps 1:3.2.4-1 The /proc file system utilities ii python2.32.3.4-19An interactive high-level object-o ii ucf 1.13Update Configuration File: preserv ii zlib1g 1:1.2.2-4 compression library - runtime --- Received: (at 293125-close) by bugs.debian.org; 2 Feb 2005 01:08:13 + From [EMAIL PROTECTED] Tue Feb 01 17:08:13 2005 Return-path: [EMAIL PROTECTED] Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1Cw909-It-00; Tue, 01 Feb 2005 17:08:13 -0800 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1Cw8uW-0005s2-00; Tue, 01 Feb 2005 20:02:24 -0500 From: Martin Pitt [EMAIL PROTECTED] To: [EMAIL PROTECTED] X-Katie: $Revision: 1.55 $ Subject: Bug#293125: fixed in postgresql 7.4.7-1 Message-Id: [EMAIL PROTECTED] Sender: Archive Administrator [EMAIL PROTECTED] Date: Tue, 01 Feb 2005 20:02:24 -0500 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: X-CrossAssassin-Score: 2 Source: postgresql Source-Version: 7.4.7-1 We believe that the bug you reported is fixed in the latest version of postgresql, which is due to be installed in
Processed: tagging 290821, tagging 291147
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.8.10 tags 290821 + pending Bug#290821: mono-mcs: can't install while pnet-compiler installed Tags were: sid Tags added: pending tags 291147 + pending Bug#291147: pnet-compiler: /etc/alternatives/ilasm.1.gz symlink is broken There were no tags set. Tags added: pending End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#293281: squirrelmail: Config file in /var
Package: squirrelmail Severity: serious During the last upgrade: Unpacking replacement squirrelmail ... Setting up squirrelmail (1.4.4-1) ... Configuration file `/var/lib/squirrelmail/data/default_pref' == Modified (by you or by a script) since installation. == Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** default_pref (Y/I/N/O/D/Z) [default=N] ? Squirrelmail contains a configuration file in /var; which is a serious violation of the policy. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.9-1-686 Locale: LANG=EN_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) #secure method=pgpmime mode=sign -- Cyril Bouthors -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292938: speedy-cgi-perl: Running /usr/bin/speedy as non root result in Segmentation fault
Jose, What kind of information do you need ? In the mean time I resolved the problem by adding a root sticky-bit on the executable. (Perhaps it's something the program can't read when run as a non-root user.) Sven -Original Message- From: Jose Carlos Garcia Sogo [mailto:[EMAIL PROTECTED] Sent: 31 January 2005 22:58 To: [EMAIL PROTECTED] Subject: Bug#292938: speedy-cgi-perl: Running /usr/bin/speedy as non root result in Segmentation fault El lun, 31-01-2005 a las 11:50 +0100, Sven Van Den Steene escribió: Package: speedy-cgi-perl Version: 2.22-1 Severity: grave Justification: renders package unusable We've installed on a new system smokeping wich depends on speedy-cgi-perl. After some problems trying to get smokeping working we tested some small perl-scripts to resolve where the problem's located. Even the following small script resolt in an http error: #!/usr/bin/speedy -w print Content-type: text/html\n\nHello World!\n; We changed the /usr/bin/speedy by /usr/bin/perl the script runs fine. When one runs the script from cli being root the script runs fine. After we su-ed to www-data we get the following error: /usr/lib/cgi-bin$ speedy test.cgi Segmentation fault hal9000:/home/jose# su www-data hal9000:/home/jose$ id uid=33(www-data) gid=33(www-data) grupos=33(www-data) hal9000:/home/jose$ speedy test.cgi Content-type: text/html Hello World! hal9000:/home/jose$ dpkg -l speedy-cgi-perl Desired=Unknown/Install/Remove/Purge/Hold | Estado=No/Instalado/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: mayúsc.=malo) ||/ Nombre VersiónDescripción +++-===-===- +++== ii speedy-cgi-perl 2.22-1 speed up perl scripts by making them persisten If you need more info please srop a mail. Obviously, I need it :-) Thanks, -- Jose Carlos Garcia Sogo [EMAIL PROTECTED] DISCLAIMER http://www.belgacom.be/maildisclaimer