Bug#464302: libmodule-load-conditional-perl: FTBFS: perl-modules: non-matching version installed (5.8.8-12 ! 5.10)
On 06/02/08 at 23:39 -0200, Martín Ferrari wrote: Build-Depends-Indep: liblocale-maketext-simple-perl, libmodule-load-perl, libparams-check-perl, perl (= 5), perl-modules ( 5.10) | libversion-perl (= 0.69) It seems that your builder is not correctly interpreting the depends, as they are perfectly satisfiable in unstable. Is it possible that your definition of unstable include experimental? :-) As you said later, I was talking about | libversion-perl. If sbuild cannot understand this, isn't that a bug in sbuilder not properly implementing policy? That's a bug, yes. However, using | in b-deps is generally not a good idea, since it might lead to different binary packages being generated on different arches. So I'm not sure that it's a bug that we want to fix. Also, the packaged sbuild follows the DSA sbuild, so the change should be made in the DSA sbuild first. Now, if you prefer to leave your package's b-deps like that, I don't mind: I'll just add it to the long list of arch:all packages that sbuild can't build because of dependency resolution problems ;) -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#418318: Processed: reassign
On Wed, Feb 06, 2008 at 07:57:03PM +0100, Luk Claes wrote: Debian Bug Tracking System wrote: Processing commands for [EMAIL PROTECTED]: reassign 418318 ftp.debian.org Bug#418318: Don't build a php4-specific package because of php4's removal Bug reassigned from package `php4-ps' to `ftp.debian.org'. Shouldn't you just remove the php4-ps binary package in your next upload fixing this bug? That's what I thought as well but Wiesiek Swiatek told me: quote You should reassign this bug to ftp.debian.org metapackage with ask to removal this package from unstable. Upload new package as php-ps is not enougn, becouse source (php4-ps) still is aviable in unstable. /quote Uwe -- MMK GmbH, Fleyer Str. 196, 58097 Hagen [EMAIL PROTECTED] Tel: 02331 840446Fax: 02331 843920 signature.asc Description: Digital signature
Bug#452074: release blockers/goals
severity 452074 important thanks Heya, LFS support is a release *goal*, which means that we allow certain actions (0-day NMUs, ...) but it is NOT a release blocker. An rc severity should only be used to *block* the release with the affected package, that's not what we want here. So please, don't upgrade bugs for release goals to RC. Adding unneeded rc bugs just makes the little baby lenny cry. Marc -- Fachbegriffe der Informatik - Einfach erklärt 15: Developer Version Programmpaket mit Dokumentation (Kristian Köhntopp)
Processed: severity of 429061 is important
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.12 severity 429061 important Bug#429061: Bad portsentry.conf permission Severity set to `important' from `serious' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: release blockers/goals
Processing commands for [EMAIL PROTECTED]: severity 452074 important Bug#452074: qdbm: No LFS support Severity set to `important' from `serious' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#429339: moodle and its phpmailer copy
Heya, The bug about the embedded copy of phpmailer in moodle has been open for ages now without any activity. Isaac, you said you couldn't use the Debian package (at that time): Is that still true? Would it be possible to adjust libphp-phpmailer to your needs? OTOH, Morizt, if this isn't possible, couldn't we just close the bug? If an incompatible fork is needed in this case, the rc severity doesn't seem justified. Marc -- BOFH #167: excessive collisions not enough packet ambulances -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#445726: libjinglebase0.3-0: Parts of libjinglebase is GPLv2 licensed and it links to OpenSSL
Heya, You wanted to investigate how to fix the GPL/OpenSSL problems in libjingle0.3 in october - did you come to any conclusions? Marc -- Fachbegriffe der Informatik - Einfach erklärt 193: PHP People Hate Perl (Kristian Köhntopp)
Bug#429339: moodle and its phpmailer copy
On Feb 7, 2008 9:20 AM, Marc 'HE' Brockschmidt [EMAIL PROTECTED] wrote: Heya, The bug about the embedded copy of phpmailer in moodle has been open for ages now without any activity. Isaac, you said you couldn't use the Debian package (at that time): Is that still true? Would it be possible to adjust libphp-phpmailer to your needs? Well, I am basically MIA at the time, so I am not too responsive and don't have the time to check again, but as far as I know nothing has changed and Moodle still requires a modified phpmailer. -- Isaac Clerencia at Warp Networks, http://www.warp.es Blog: http://people.warp.es/~isaac/blog/ Work: [EMAIL PROTECTED] | Debian: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462648: update-menu: example menufiles giving syntax errors
On Wed, Feb 06, 2008 at 04:43:06PM -0800, Nick Daly wrote: Followup-For: Bug #462648 Package: menu Version: 2.1.37 *** Please type your report below this line *** More ways update-menus doesn't work: Update-menus no longer understands custom (any?) menufiles. To reproduce: Make a custom menu file (such as the lyx menufile from the /usr/share/menu directory): ?package(lyx): needs=X11 section=Applications/Office \ title=LyX Document Processor command=lyx \ icon=/usr/share/icons/hicolor/32x32/apps/lyx.xpm\ hints=Word processors After making the file executable (chmod 755) so it produces output, and You should not make it executable since it is not a shell script or a program. Cheers, -- Bill. [EMAIL PROTECTED] Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: [pkg-wpa-devel] Bug#464514: wpasupplicant segfaults after successful authentication
Processing commands for [EMAIL PROTECTED]: tags 464514 pending Bug#464514: wpasupplicant segfaults after successful authentication There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464514: [pkg-wpa-devel] Bug#464514: wpasupplicant segfaults after successful authentication
tags 464514 pending thanks On Thursday 07 February 2008 19:56:05 Alex wrote: Package: wpasupplicant Version: 0.6.2+git20080202.gde6ccd7-1 0 Severity: critical Using the configuration (no problems with older wpasupplicant) network={ [...] key_mgmt=IEEE8021X eap=TTLS phase2=auth=MSCHAPV2 [...] } wpasupplicant dies with: -- AP-TTLS: Phase 2 MSCHAPV2 authentication succeeded CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully Speicherzugriffsfehler -- -dd shows a massive loop of -- EAPOL: KEY_RX entering state KEY_RECEIVE EAPOL: processKey EAPOL: RX IEEE 802.1X ver=1 type=3 len=57 EAPOL-Key: type=1 key_length=13 key_index=0x2 -- after which wpasupplicant finally segfaults. I downgraded to the version in testing. I believe to this to be fixed in the current pkg-wpa SVN, which pulled the latest hostap git and included the following bugfix: http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=8c0dad4904474016c373573414c8e16ba51e88ad Thanks, Kel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462779: libgtk2.0-0: crashes immediately on Alpha
Am Sonntag, den 27.01.2008, 15:08 +0100 schrieb Thimo Neubauer: Package: libgtk2.0-0 Version: 2.12.5-2 Severity: grave Justification: renders package unusable Starting any gtk-program ends up in a segfault inside strlen(). Here are two example backtraces made with the debug libraries: Hi, does this still happen with latest gtk from unstable? I'm a bit lost how this backtrace with these function parameters is possible at all... type_data_make_W() is called with value_table=NULL from g_type_init_with_debug_flags()... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464514: wpasupplicant segfaults after successful authentication
Package: wpasupplicant Version: 0.6.2+git20080202.gde6ccd7-1 0 Severity: critical Using the configuration (no problems with older wpasupplicant) network={ [...] key_mgmt=IEEE8021X eap=TTLS phase2=auth=MSCHAPV2 [...] } wpasupplicant dies with: -- AP-TTLS: Phase 2 MSCHAPV2 authentication succeeded CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully Speicherzugriffsfehler -- -dd shows a massive loop of -- EAPOL: KEY_RX entering state KEY_RECEIVE EAPOL: processKey EAPOL: RX IEEE 802.1X ver=1 type=3 len=57 EAPOL-Key: type=1 key_length=13 key_index=0x2 -- after which wpasupplicant finally segfaults. I downgraded to the version in testing. Greetings, Alex -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: mail for bts bot
Processing commands for [EMAIL PROTECTED]: severity 464058 grave Bug#464058: turba2: Access rights not checked properly Severity set to `grave' from `normal' tags 464058 + security pending Bug#464058: turba2: Access rights not checked properly Tags were: upstream Tags added: security, pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#463535: logout hangs with libgtk2.0-0 2.12.5-2
Hi, can you still reproduce this with latest gtk from unstable? Does something show up in ~/.xsession-errors ? What happens if you run a Gtk application from a terminal? Does it also hang when closing? Unfortunately I can't reproduce this locally. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: tagging bugs that are closed by packages in NEW as pending
Processing commands for [EMAIL PROTECTED]: # the following bugs are closed by packages in NEW # tags 448973 pending Bug#448973: ITP: oneisenough -- 2D platform game about the epic struggle of balls There were no tags set. Tags added: pending tags 450108 pending Bug#450108: mapnik: debian/watch fails to report upstream's version Tags were: confirmed patch Tags added: pending tags 454898 pending Bug#454898: Causes other package to FTBFS with GCC 4.3: missing #includes There were no tags set. Tags added: pending tags 460317 pending Bug#460317: ITP: terminator -- Multiple GNOME terminals in one window There were no tags set. Tags added: pending tags 463820 pending Bug#463820: suitesparse -- move to gfortran based BLAS and LAPACK Tags were: patch Tags added: pending tags 464194 pending Bug#464194: kde-l10n-ja tries to overwrite files in gwenview-i18n There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#463907: Creates tempfiles in a unsafe way
Hi, I found a similar issue in wml_contrib/wmg.cgi which we also install in our package: 369 $tmpfile = /tmp/pe.tmp.$$; 370 unlink($tmpfile); 371 open(TMP, $tmpfile); 372 print TMP $contents; 373 close(TMP); 374 open(TMP, $tmpfile); 375 $tmpimg = newFromGif GD::Image(TMP); 376 close(TMP); 377 unlink($tmpfile); And one in wml_backend/p3_eperl/eperl_sys.c: 210 char *mytmpfile(char *id) 211 { 212 char ca[1024]; 213 char *cp, *tmpdir; 214 int i; 215 216 tmpdir = getenv (TMPDIR); 217 if (tmpdir == (char *) NULL) 218 tmpdir=/tmp; 219 220 snprintf(ca, sizeof(ca), %s/%s.%d.tmp%d, tmpdir, id, (int)getpid(), mytmpfilecnt++); 221 ca[sizeof(ca)-1] = NUL; 222 cp = strdup(ca); 223 for (i = 0; mytmpfiles[i] != NULL; i++) 224 ; 225 mytmpfiles[i++] = cp; 226 mytmpfiles[i] = NULL; 227 return cp; 228 } I am going to fix this using mkstemp, however the fix won't be race free because ideally you also need you have to open the file via the file descriptor returned by mkstemp to ensure that the file did not change. For this I would need to completely change the function and I don't want to do such an intrusive change. However this is not a big issue and more theoretical but should be fixed by upstream later. I am going to fix this as well. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgppMYGnzUvzs.pgp Description: PGP signature
Bug#464058: turba access checking issue
Hey Chuck, Gregory, I've also tested the patch. It successfully secures the data, but it also silently removes the non editable contacts from contact lists as the list is viewed. Are you or are you not supposed to be able to add contacts from one address book to a contact list in another address book? If not then users should also no longer be able to add contacts to contact lists from other address books. Regards, Peter Paul On Feb 7, 2008 2:37 AM, Gregory Colpart [EMAIL PROTECTED] wrote: Hi Chuck, On Tue, Feb 05, 2008 at 03:25:10PM -0500, Chuck Hagenbuch wrote: Hi Gregory. Can you please test this patch on Turba 2.1.x? I have a more comprehensive update for Turba 2.2.x and HEAD which cleans up the _read() function's API a bit more but has the same effect. In my tests it denies access properly now. Also, if you're curious: the issue is that you can access other user's contacts in the same database table (source) by specifying your own source id in the URL, but a contact id of another user's contact. I can't reproduce or find any issues other than that - can you confirm? Thanks, -chuck Index: lib/Driver/sql.php === RCS file: /repository/turba/lib/Driver/sql.php,v retrieving revision 1.59.10.17 diff -u -r1.59.10.17 sql.php --- lib/Driver/sql.php30 Nov 2006 21:33:47 - 1.59.10.17 +++ lib/Driver/sql.php5 Feb 2008 20:35:43 - @@ -182,6 +182,15 @@ $where = $criteria . ' = ?'; $values[] = $this-_convertToDriver($id); } +if (isset($this-map['__owner'])) { +if ($this-usingShares) { +$owner = $this-share-get('uid'); +} else { +$owner = Auth::getAuth(); +} +$where .= ' AND ' . $this-map['__owner'] . ' = ?'; +$values[] = $this-_convertToDriver($owner); +} if (!empty($this-_params['filter'])) { $where .= ' AND ' . $this-_params['filter']; } I test your patch with success. I have now a no results message when I try to edit a contact owned by a different user. (Note: I Cc: Debian BTS because it's an unembargoed bug ;) Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To unsubscribe, send mail to [EMAIL PROTECTED]
Bug#453309: logtail ignores the -o (offset file) option
On Tue, Feb 05, 2008 at 11:08:57PM +0100, Heiko Schlittermann wrote: Marc Haber [EMAIL PROTECTED] (Di 05 Feb 2008 22:55:16 CET): I do not see a bug in the package, the documented call works fine. Whether the documentation needs to be changed would be Martin's last call, he will comment in due time. True, not the binary is buggy but the docs. But for this reason I still insist on seeing abug in logtail*deb ;) And - enhancing both - the docs and the binary shouldn't harm too much. And (at least from my POV) it gives more consistent behaviour of the logtail tool. I agree. I'll leave the last call to Martin. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: severity of 445016 is grave
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.13 severity 445016 grave Bug#445016: athcool: Does not start due to missing libpci.so.2 Severity set to `grave' from `important' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#441019: reopen
reopen 441019 thanks This wasn't fixed. You need a versioned dependency in base-files in the binary packages, not as Build-Depends. -- Robert Millan GPLv2 I know my rights; I want my phone call! DRM What use is a phone call… if you are unable to speak? (as seen on /.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: reopen
Processing commands for [EMAIL PROTECTED]: reopen 441019 Bug#441019: debian/copyright wasn't updated for GPLv3 'reopen' may be inappropriate when a bug has been closed with a version; you may need to use 'found' to remove fixed versions. Bug reopened, originator not changed. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464464: marked as done (grub-pc: syntax error in generated grub.cfg)
Your message dated Thu, 7 Feb 2008 13:09:45 +0100 with message-id [EMAIL PROTECTED] and subject line Bug#464464: grub-pc: syntax error in generated grub.cfg has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: grub-pc Version: 1.96+20080203-1 Severity: critical Justification: breaks the whole system The If-statement 00_header writes to grub.cfg is malformed, and causes grub2 to get stuck in an infinite loop of syntax errors. This code breaks the system: if font (hd0,5)/usr/share/grub/unicode.pff ; then set gfxmode=1024x768 insmod gfxterm insmod vbe terminal gfxterm fi My fixed grub.cfg is below. I fixed 00_header the same way: font (hd0,5)/usr/share/grub/unicode.pff set gfxmode=1024x768 insmod gfxterm insmod vbe terminal gfxterm -- Package-specific info: *** BEGIN /proc/mounts rootfs / rootfs rw 0 0 none /sys sysfs rw,nosuid,nodev,noexec 0 0 none /proc proc rw,nosuid,nodev,noexec 0 0 udev /dev tmpfs rw 0 0 /dev/sda5 / ext3 rw,data=ordered 0 0 /dev/sda5 /dev/.static/dev ext3 rw,data=ordered 0 0 tmpfs /lib/init/rw tmpfs rw,nosuid 0 0 usbfs /proc/bus/usb usbfs rw,nosuid,nodev,noexec 0 0 tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0 devpts /dev/pts devpts rw,nosuid,noexec 0 0 fusectl /sys/fs/fuse/connections fusectl rw 0 0 /dev/sda6 /home reiserfs rw 0 0 /dev/sda2 /mnt/c fuseblk rw,nosuid,nodev,noexec,user_id=0,group_id=0,default_permissions,allow_other 0 0 binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,nosuid,nodev,noexec 0 0 *** END /proc/mounts *** BEGIN /boot/grub/device.map (hd0) /dev/sda *** END /boot/grub/device.map *** BEGIN /boot/grub/grub.cfg # # DO NOT EDIT THIS FILE # # It is automatically generated by /usr/sbin/update-grub using templates # from /etc/grub.d and settings from /etc/default/grub # ### BEGIN /etc/grub.d/00_header ### set default=0 set timeout=5 set root=(hd0,5) #bug: syntax error right here: font (hd0,5)/usr/share/grub/unicode.pff set gfxmode=1024x768 insmod gfxterm insmod vbe terminal gfxterm ### END /etc/grub.d/00_header ### ### BEGIN /etc/grub.d/05_debian_theme ### set menu_color_normal=cyan/blue set menu_color_highlight=white/blue ### END /etc/grub.d/05_debian_theme ### ### BEGIN /etc/grub.d/10_hurd ### ### END /etc/grub.d/10_hurd ### ### BEGIN /etc/grub.d/10_linux ### menuentry Debian GNU/Linux, linux 2.6.22-3-686 { linux (hd0,5)/boot/vmlinuz-2.6.22-3-686 root=/dev/sda5 ro initrd (hd0,5)/boot/initrd.img-2.6.22-3-686 } menuentry Debian GNU/Linux, linux 2.6.22-3-686 (single-user mode) { linux (hd0,5)/boot/vmlinuz-2.6.22-3-686 root=/dev/sda5 ro single initrd (hd0,5)/boot/initrd.img-2.6.22-3-686 } ### END /etc/grub.d/10_linux ### ### BEGIN /etc/grub.d/20_memtest86+ ### menuentry Memory test (memtest86+) { linux (hd0,5)/boot/memtest86+.bin } ### END /etc/grub.d/20_memtest86+ ### ### BEGIN /etc/grub.d/21_dell ### menuentry Dell Diagnostic Utilities { set root=(hd0,1) chainloader +1 } ### END /etc/grub.d/21_dell ### ### BEGIN /etc/grub.d/21_windows ### menuentry Microsoft Windows XP { set root=(hd0,2) chainloader +1 } ### END /etc/grub.d/21_windows ### *** END /boot/grub/grub.cfg -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages grub-pc depends on: ii base-files4.0.2 Debian base system miscellaneous f ii debconf [debconf-2.0] 1.5.18 Debian configuration management sy ii libc6 2.7-6 GNU C Library: Shared libraries ii liblzo2-2 2.02-3 data compression library ii libncurses5 5.6+20080119-1 Shared libraries for terminal hand grub-pc recommends no packages. -- debconf information: * grub-pc/chainload_from_menu.lst: true signature.asc Description: This is a digitally signed message part. ---End Message--- ---BeginMessage--- On Wed, Feb 06, 2008 at 09:24:16PM -0500, Barry Schatz wrote: Package: grub-pc Version: 1.96+20080203-1 Severity: critical Justification: breaks the whole system The If-statement 00_header writes to grub.cfg is malformed, and causes grub2 to get stuck in an infinite loop of syntax errors. This is a bug in
Bug#464530: libghc6-ftphs-dev: postinst failure (regex-compat-0.71.0.1 not found)
Package: libghc6-ftphs-dev Version: 1.0.4.0 Severity: grave Justification: renders package unusable Hi, here is the problem: Setting up libghc6-ftphs-dev (1.0.4.0) ... Reading package info from /usr/lib/haskell-packages/ghc6/lib/ftphs-1.0.4/installed-pkg-config ... done. ghc-pkg: dependency regex-compat-0.71.0.1 doesn't exist (use --force to override) dpkg: error processing libghc6-ftphs-dev (--configure): Those packages are installed on the system: ii libghc6-regex-base-dev 0.93.1-3 GHC 6 library providing an API for regular e ii libghc6-regex-compat-dev0.91-1 GHC 6 library provinding old Text.Regex infe ii libghc6-regex-posix-dev 0.93.1-1 GHC 6 library of the POSIX regex backend for (this is probably a case of missing dependency). -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libghc6-ftphs-dev depends on: ii ghc6 6.8.2-1GHC - the Glasgow Haskell Compilat ii libghc6-hslogger-dev 1.0.4 The Haskell Logging Framework, GHC ii libghc6-missingh-dev 1.0.0.1Library of utility functions for H ii libghc6-network-dev 2.1.0.0-1 Haskell network library for GHC libghc6-ftphs-dev recommends no packages. -- no debconf information -- Laurent Bonnaud. http://www.lis.inpg.fr/pages_perso/bonnaud/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: correct patch
Processing commands for [EMAIL PROTECTED]: tags 464532 + patch Bug#464532: mplayer: CVE-2008-0630 buffer overflow via crafted url Tags were: security Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464532: mplayer: CVE-2008-0630 buffer overflow in cddb title parsing
retitle 464532 mplayer: CVE-2008-0630 buffer overflow via crafted url thanks Hi, mixed this one up with the other CVE id thus renaming the bug. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpFjlsX4QVu6.pgp Description: PGP signature
Bug#464540: icewm: deleted by apt-get, can't reinstall
Package: icewm Severity: grave Justification: renders package unusable My icewm was removed automatically during a Sid upgrade. Trying to reinstall it I get: The following packages have unmet dependencies. icewm: Depends: libungif4g (= 4.1.4) E: Broken packages -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.23-1-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages icewm depends on: ii icewm-common 1.2.33-1 wonderful Win95-OS/2-Motif-like wi pn imlib11none(no description available) ii libaudiofile0 0.2.6-7 Open-source version of SGI's audio ii libc6 2.7-6 GNU C Library: Shared libraries ii libesd00.2.36-3 Enlightened Sound Daemon - Shared ii libfontconfig1 2.5.0-2 generic font configuration library ii libfreetype6 2.3.5-1+b1FreeType 2 font engine, shared lib ii libgcc11:4.3-20080202-1 GCC support library ii libgif4 [libungif4g] 4.1.6-2 library for GIF images (library) ii libice62:1.0.4-1 X11 Inter-Client Exchange library ii libjpeg62 6b-14 The Independent JPEG Group's JPEG ii libpng12-0 1.2.15~beta5-3PNG library - runtime ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libstdc++6 4.3-20080202-1The GNU Standard C++ Library v3 ii libtiff4 3.8.2-7 Tag Image File Format (TIFF) libra ii libx11-6 2:1.0.3-7 X11 client-side library ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxft22.1.12-2 FreeType-based font drawing librar ii libxinerama1 1:1.0.2-1 X11 Xinerama extension library ii libxrandr2 2:1.2.2-1 X11 RandR extension library ii libxrender11:0.9.4-1 X Rendering Extension client libra ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime icewm recommends no packages. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464535: aptitude: markauto and unmarkauto work the other way around
On Thu, Feb 07, 2008 at 11:09:03AM -0300, Alvaro Herrera [EMAIL PROTECTED] was heard to say: The markauto and unmarkauto commands work in reverse as specified in the manual, and in reverse as common sense would say they should. I have a manually installed package, libdirectfb-1.0-0: $ aptitude show libdirectfb-1.0-0 | egrep '^(Automatically|State)' State: installed Automatically installed: no I suspect this is a duplicate of #441891, which was introduced when I merged support for the centralized apt database of auto-installed states and should be fixed in the next release of aptitude. It should be easy enough to check whether that's the case: (1) What does aptitude search '^libdirectfb-1.0-0$' show? (2) If you run aptitude without arguments and find libdirectfb-1.0-0, is there an A next to it? (3) What do you get from grep -A1 '^Package: libdirectfb-1.0-0$' /var/lib/apt/extended_states? Guys. Come on. Does anyone actually _test_ this stuff? As a matter of fact, not really. There is just barely enough of me to write this program; if I tried to be a full QA department as well, nothing at all would get done. So I try to test new code as I write it and do minimal checks that code which might be expected to interact with it still works, but I lack the manpower to systematically verify the program and as a result bugs slip through, particularly in features that I don't use very much. Such is life in free software; our QA department is users like yourself who report bugs. If you don't like this, please return the program to the store from which you bought it for a full refund. Daniel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464433: Source package contains non-free IETF RFC/I-D
OHURA Makoto [EMAIL PROTECTED] writes: tags 464433 confirmed thanks Hi. Thanks for your report. From: Simon Josefsson [EMAIL PROTECTED] Subject: Bug#464433: Source package contains non-free IETF RFC/I-D Date: Wed, 06 Feb 2008 21:30:44 +0100 This report is a duplicate of #393418, but that one was fixed, closed and archived, but the bug re-appeared with this version, so I'm filing a new bug. This source package contains the following files from the IETF under non-free license terms: VFlib3-3.6.14/ccv/TBL/RFC/rfc1489.txt Before packaging new upstream release, I recognized this problem. But I forgot to remove this file. I've already repackaged the archive in my local repository. Thank you! /Simon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464058: turba access checking issue
Quoting Peter Paul Elfferich [EMAIL PROTECTED]: That would perhaps be a simpler fix, but I think it will be confusing to users. If you really want to allow this cross-address-book adding then I'd suggest showing warning messages detailing why a number of contacts could not be displayed. That seems possible - This list contains X contacts that you do not have permission to view. Contact the list's owner if you have questions. or something like that? -chuck -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464143: marked as done (slib: postinst fails)
Your message dated Thu, 07 Feb 2008 18:32:03 + with message-id [EMAIL PROTECTED] and subject line Bug#464143: fixed in slib 3b1-2 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: slib Version: 3b1-1 Severity: important Preparing to replace slib 3a5-4 (using .../archives/slib_3b1-1_all.deb) ... Unpacking replacement slib ... Setting up slib (3b1-1) ... ERROR: In procedure open-file: ERROR: No such file or directory: /usr/share/guile/site/slibcat dpkg: error processing slib (--configure): subprocess post-installation script returned error exit status 2 # sh -x /var/lib/dpkg/info/slib.postinst configure + set -e + install-info --quiet --section 'The Algorithmic Language Scheme' 'The Algorithmic Language Scheme' '--description=The SLIB portable Scheme library' /usr/share/info/slib.info.gz + '[' -x /usr/sbin/guile1.4-slibconfig ']' + '[' -x /usr/bin/guile-1.6 -a -e /usr/share/guile/1.6/slib ']' + rm -f /usr/share/guile/1.6/slibcat + /usr/bin/guile-1.6 -c '(use-modules (ice-9 slib)) (require '\''new-catalog)' ERROR: In procedure open-file: ERROR: No such file or directory: /usr/share/guile/site/slibcat Downgrading to 3a5-4 works, with no problems in the postinst. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (99, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.23-hrt1 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash guile-1.6 1.6.8-6 -- no debconf information ---End Message--- ---BeginMessage--- Source: slib Source-Version: 3b1-2 We believe that the bug you reported is fixed in the latest version of slib, which is due to be installed in the Debian FTP archive: slib_3b1-2.diff.gz to pool/main/s/slib/slib_3b1-2.diff.gz slib_3b1-2.dsc to pool/main/s/slib/slib_3b1-2.dsc slib_3b1-2_all.deb to pool/main/s/slib/slib_3b1-2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Bushnell, BSG [EMAIL PROTECTED] (supplier of updated slib package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 13:19:02 -0500 Source: slib Binary: slib Architecture: source all Version: 3b1-2 Distribution: unstable Urgency: low Maintainer: Thomas Bushnell, BSG [EMAIL PROTECTED] Changed-By: Thomas Bushnell, BSG [EMAIL PROTECTED] Description: slib - Portable Scheme library Closes: 464143 Changes: slib (3b1-2) unstable; urgency=low . * guile.init (implementation-vicinity): Repeat change from 3a5-2. (Closes: #464143) Files: d9f0e9b5269ff85b5f7c368cf8b5c748 556 devel optional slib_3b1-2.dsc 532b168ebb7e82c0c57b23d772562a77 12815 devel optional slib_3b1-2.diff.gz 453381ef7950e0571efa077e57baf663 946970 devel optional slib_3b1-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHq0zKqMsB9b6fcOoRAiCbAJ91g72lKBovA+undOKmPEsllY0C0QCeJ2SD 3HsX01n4LGgV5CmpicXpaq8= =y4la -END PGP SIGNATURE- ---End Message---
Bug#418318: Processed: reassign
On Thu, Feb 07, 2008 at 07:02:16PM +0100, Luk Claes wrote: Uwe Steinmann wrote: On Wed, Feb 06, 2008 at 07:57:03PM +0100, Luk Claes wrote: Debian Bug Tracking System wrote: Processing commands for [EMAIL PROTECTED]: reassign 418318 ftp.debian.org Bug#418318: Don't build a php4-specific package because of php4's removal Bug reassigned from package `php4-ps' to `ftp.debian.org'. Shouldn't you just remove the php4-ps binary package in your next upload fixing this bug? That's what I thought as well but Wiesiek Swiatek told me: quote You should reassign this bug to ftp.debian.org metapackage with ask to removal this package from unstable. Upload new package as php-ps is not enougn, becouse source (php4-ps) still is aviable in unstable. /quote If you really want to change the source package name, then you indeed have to ask for removal of this package. Though I would advise to upload the new source package first if that's the case and read [1] to have a decent bug title for package removals. This is still very confusing for me. Reading [1] I get the impression that everything is done automatically. The source package php4-ps used to produce two binary packages php4-ps and php5-ps. Now that php4 isn't supported anymore, only php5-ps will be left, which is somewhat strange. A source package php4-ps produces a binary package php5-ps. That's why I created a new source package php-ps which produces php5-ps. Isn't this one of the cases where rene takes care of automatic removal? 'Source packages which have had all their binary packages taken over by another source packages' Uwe -- MMK GmbH, Fleyer Str. 196, 58097 Hagen [EMAIL PROTECTED] Tel: 02331 840446Fax: 02331 843920 signature.asc Description: Digital signature
Bug#464058: turba access checking issue
Hey, We just use a single, default, 'localsql' configuration (with use_shares = true). Steps to reproduce this: - Login as user A - Select an entry from your private address book - Select a contact list that is stored in a shared address book and click 'Add' - You can view the contact list to check the address was added - Logout and log back in as user B with access to the shared address book, but not to user A's private address book - View the same contact list and the address will have disappeared - Logout and log back in as user A - View the same contact list and the address to check the address has really disappeared I also verified this by looking at the entry data in the database. The entry key is removed from the serialized object_members array of the shared contact list at the moment user B views the contact list. This wouldn't be a problem if it wouldn't be possible to add entries from (in this case) your private address book to a contact list in a shared address book. So I figure that should be patched as well. Regards, Peter Paul On Feb 7, 2008 4:39 PM, Gregory Colpart [EMAIL PROTECTED] wrote: Hi, Could you give more details (sources.php, etc.) on this problem ? Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/
Bug#464058: turba access checking issue
That would perhaps be a simpler fix, but I think it will be confusing to users. If you really want to allow this cross-address-book adding then I'd suggest showing warning messages detailing why a number of contacts could not be displayed. Or, at the moment of adding an entry to a list in another address book, create a copy of the entry in that address book and add the copy to the list instead. Regards, Peter Paul On Feb 7, 2008 6:06 PM, Chuck Hagenbuch [EMAIL PROTECTED] wrote: Thanks for the detailed description. I think the simplest fix here is to just not remove people from the shared list. If someone in a contact list is not in an addressbook you're allowed to see, then I don't think you should see them. Does that sound reasonable? -chuck
Processed: Re: codespeak-lib - segfaults on thread-unsafe fileonbjects
Processing commands for [EMAIL PROTECTED]: severity 439956 normal Bug#439956: codespeak-lib - segfaults on thread-unsafe fileonbjects Severity set to `normal' from `serious' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439956: codespeak-lib - segfaults on thread-unsafe fileonbjects
severity 439956 normal thanks Since version 0.9.0-4, the Debian package does not use the apigen technique of generating the documentation and--as such--the build process completes successfully regardless of failing tests. I am therefore lowering the severity of this bug. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 signature.asc Description: PGP signature
Bug#464058: turba access checking issue
Quoting Peter Paul Elfferich [EMAIL PROTECTED]: We just use a single, default, 'localsql' configuration (with use_shares = true). Steps to reproduce this: - Login as user A - Select an entry from your private address book - Select a contact list that is stored in a shared address book and click 'Add' - You can view the contact list to check the address was added - Logout and log back in as user B with access to the shared address book, but not to user A's private address book - View the same contact list and the address will have disappeared - Logout and log back in as user A - View the same contact list and the address to check the address has really disappeared I also verified this by looking at the entry data in the database. The entry key is removed from the serialized object_members array of the shared contact list at the moment user B views the contact list. This wouldn't be a problem if it wouldn't be possible to add entries from (in this case) your private address book to a contact list in a shared address book. So I figure that should be patched as well. Thanks for the detailed description. I think the simplest fix here is to just not remove people from the shared list. If someone in a contact list is not in an addressbook you're allowed to see, then I don't think you should see them. Does that sound reasonable? -chuck
Bug#464514: [pkg-wpa-devel] Bug#464514: wpasupplicant segfaults after successful authentication
Confirmed, the bugfix applied to the wpasupplicant source is enough to prevent the segfault / infinite loop on my debian unstable system. (part of) the content of /etc/wpa_supplicant.conf : ctrl_interface=/var/run/wpa_supplicant ap_scan=0 # eapol_version=2 network={ ssid=WLAN-PH # scan_ssid=1 id_str=philips key_mgmt=IEEE8021X eap=TLS # eapol_flags=3 ... } -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: saods9: fix from Ubuntu version 4.0b7-1.5ubuntu1
Processing commands for [EMAIL PROTECTED]: tags 450475 + patch Bug#450475: saods9: FTBFS: mktclapp: can't open /usr/lib/tcl8.4/history.tcl for reading There were no tags set. Tags added: patch user [EMAIL PROTECTED] Setting user to [EMAIL PROTECTED] (was [EMAIL PROTECTED]). usertags 450475 + origin-ubuntu ubuntu-patch hardy Bug#450475: saods9: FTBFS: mktclapp: can't open /usr/lib/tcl8.4/history.tcl for reading There were no usertags set. Usertags are now: ubuntu-patch origin-ubuntu hardy. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464293: marked as done (log4c: FTBFS: cp: cannot stat `debian/tmp//usr/share/doc/liblog4c-doc/log4c.pdf': No such file or directory)
Your message dated Thu, 07 Feb 2008 16:02:04 + with message-id [EMAIL PROTECTED] and subject line Bug#464293: fixed in log4c 1.2.1-2 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: log4c version: 1.2.1-1 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20080205 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: dh_installdocs -pliblog4c-doc ./README ./TODO ./AUTHORS dh_installexamples -pliblog4c-doc dh_installman -pliblog4c-doc dh_installinfo -pliblog4c-doc dh_installmenu -pliblog4c-doc dh_installcron -pliblog4c-doc dh_installinit -pliblog4c-doc dh_installdebconf -pliblog4c-doc dh_installemacsen -pliblog4c-doc dh_installcatalogs -pliblog4c-doc dh_installpam -pliblog4c-doc dh_installlogrotate -pliblog4c-doc dh_installlogcheck -pliblog4c-doc dh_installmime -pliblog4c-doc dh_installchangelogs -pliblog4c-doc ./ChangeLog dh_installudev -pliblog4c-doc dh_install -pliblog4c-doc --sourcedir=debian/tmp cp: cannot stat `debian/tmp//usr/share/doc/liblog4c-doc/log4c.pdf': No such file or directory dh_install: command returned error code 256 make: *** [binary-install/liblog4c-doc] Error 1 dpkg-buildpackage: failure: /usr/bin/fakeroot debian/rules binary gave error exit status 2 The full build log is available from: http://people.debian.org/~lucas/logs/2008/02/05 A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot containing a sid i386 environment. Internet was not accessible from the build systems. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: log4c Source-Version: 1.2.1-2 We believe that the bug you reported is fixed in the latest version of log4c, which is due to be installed in the Debian FTP archive: liblog4c-dev_1.2.1-2_amd64.deb to pool/main/l/log4c/liblog4c-dev_1.2.1-2_amd64.deb liblog4c-doc_1.2.1-2_all.deb to pool/main/l/log4c/liblog4c-doc_1.2.1-2_all.deb liblog4c3_1.2.1-2_amd64.deb to pool/main/l/log4c/liblog4c3_1.2.1-2_amd64.deb log4c_1.2.1-2.diff.gz to pool/main/l/log4c/log4c_1.2.1-2.diff.gz log4c_1.2.1-2.dsc to pool/main/l/log4c/log4c_1.2.1-2.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Fathi Boudra [EMAIL PROTECTED] (supplier of updated log4c package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 10:46:15 +0100 Source: log4c Binary: liblog4c-dev liblog4c3 liblog4c-doc Architecture: source all amd64 Version: 1.2.1-2 Distribution: unstable Urgency: low Maintainer: Fathi Boudra [EMAIL PROTECTED] Changed-By: Fathi Boudra [EMAIL PROTECTED] Description: liblog4c-dev - C library for flexible logging (development) liblog4c-doc - C library for flexible logging (documentation) liblog4c3 - C library for flexible logging (runtime) Closes: 464293 Changes: log4c (1.2.1-2) unstable; urgency=low . * Drop docdir path patch. Use an install target. (Closes: #464293) * Bump compat/debhelper to 6. * Remove DM upload. * Update my e-mail address. * Use Homepage field. * Bump Standards-Version to 3.7.3. * Build with --no-undefined and --as-needed linker flags. Files: 8dc6072711dafb00d32b95d3091ba171 814 libs extra log4c_1.2.1-2.dsc fec938f248764b561ddf71385dd1d00d 3464 libs extra log4c_1.2.1-2.diff.gz b0f4bff9c4c7894372f52d5ac2cf382c 274124 doc extra liblog4c-doc_1.2.1-2_all.deb 5a1093359b1c93318b677eab4a8d3d5b 80108 libdevel extra liblog4c-dev_1.2.1-2_amd64.deb a1709419e0a1caaeb224c07878fc709a 56480 libs extra liblog4c3_1.2.1-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR6sqK4z1NfZqpXL3AQIbJQQA25mIb/9CPZQQuBBYlndMgyhKyAX69S2u
Processed: severity of 464535 is normal
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.14 severity 464535 normal Bug#464535: aptitude: markauto and unmarkauto work the other way around Severity set to `normal' from `critical' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464533: mplayer: CVE-2008-0629 buffer overflow via crafted cddb title
Source: mplayer Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities Exposures) id was published for mplayer. CVE-2008-0629[0]: | Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before | r25824 allows remote user-assisted attackers to execute arbitrary code | via a CDDB database entry containing a long album title. If you fix this vulnerability please also include the CVE id in your changelog entry. A fix for this can be found on: http://svn.mplayerhq.hu/mplayer/trunk/stream/stream_cddb.c?r1=25820r2=25824 For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgp19QyWJsABD.pgp Description: PGP signature
Bug#464532: correct patch
tags 464532 + patch thanks The correct url for the fix is: http://svn.mplayerhq.hu/mplayer/trunk/stream/url.c?r1=25648r2=25823 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpSbLadPW3Q9.pgp Description: PGP signature
Processed: Re: mplayer: CVE-2008-0630 buffer overflow in cddb title parsing
Processing commands for [EMAIL PROTECTED]: retitle 464532 mplayer: CVE-2008-0630 buffer overflow via crafted url Bug#464532: mplayer: CVE-2008-0630 buffer overflow in cddb title parsing Changed Bug title to `mplayer: CVE-2008-0630 buffer overflow via crafted url' from `mplayer: CVE-2008-0630 buffer overflow in cddb title parsing'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#458987: libgems-ruby1.8: Installs scripts to /usr/bin
severity 458987 serious thanks Hi, With this bug you can easily overwrite/remove files in /usr/bin which belong to other packages! (e.g. apt-get install rake; gem install rake) I don't think it's a desirable behavior. If it really does match the maintainer's intention, please update the explanation in /usr/share/doc/rubygems/README.Debian. Regards, -- YAEGASHI Takeshi [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464532: mplayer: CVE-2008-0630 buffer overflow in cddb title parsing
Source: mplayer Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for mplayer. CVE-2008-0630[0]: | Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 | allows remote attackers to execute arbitrary code via a crafted URL | that prevents the IPv6 parsing code from setting a pointer to NULL, | which causes the buffer to be reused by the unescape code. You can find a patch for this on: http://svn.mplayerhq.hu/mplayer/trunk/stream/stream_cddb.c?r1=25820r2=25824 If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpcyTN2NVpch.pgp Description: PGP signature
Processed: libgems-ruby1.8: Installs scripts to /usr/bin
Processing commands for [EMAIL PROTECTED]: severity 458987 serious Bug#458987: libgems-ruby1.8: Installs scripts to /usr/bin Severity set to `serious' from `normal' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#463907: intent to NMU
Hi, attached is a patch that fixes the mentioned issues. It will be also archived on: http://people.debian.org/~nion/nmu-diff/wml-2.0.11-3_2.0.11-3.1.patch Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. diff -u wml-2.0.11/debian/changelog wml-2.0.11/debian/changelog --- wml-2.0.11/debian/changelog +++ wml-2.0.11/debian/changelog @@ -1,3 +1,11 @@ +wml (2.0.11-3.1) unstable; urgency=high + + * Non-maintainer upload by security team. + * Fix insecure temporary file creations leading to +possible symlink attacks (Closes: #463907). + + -- Nico Golde [EMAIL PROTECTED] Thu, 07 Feb 2008 12:01:43 +0100 + wml (2.0.11-3) unstable; urgency=low [ Luk Claes ] diff -u wml-2.0.11/wml_contrib/wmg.cgi wml-2.0.11/wml_contrib/wmg.cgi --- wml-2.0.11/wml_contrib/wmg.cgi +++ wml-2.0.11/wml_contrib/wmg.cgi @@ -366,14 +366,14 @@ ($w, $h, $t) = Image::Size::imgsize(\$contents); if ($w*$h == 1) { # read image into GD -$tmpfile = /tmp/pe.tmp.$$; +$tmpfile = mkstemp(/tmp/pe.tmpXX) or die Unable to create temporary file$!\n; unlink($tmpfile); -open(TMP, $tmpfile); +open(TMP, $tmpfile) || error(cannot write into $tmpfile: $!); print TMP $contents; -close(TMP); -open(TMP, $tmpfile); +close(TMP) || error(cannot close $tmpfile: $!); +open(TMP, $tmpfile) || error(cannot write into $tmpfile: $!); $tmpimg = newFromGif GD::Image(TMP); -close(TMP); +close(TMP) || error(cannot close $tmpfile: $!); unlink($tmpfile); if ($tmpimg-transparent != -1) { my $im = new GD::Image($w, $h); diff -u wml-2.0.11/wml_backend/p1_ipp/ipp.src wml-2.0.11/wml_backend/p1_ipp/ipp.src --- wml-2.0.11/wml_backend/p1_ipp/ipp.src +++ wml-2.0.11/wml_backend/p1_ipp/ipp.src @@ -566,6 +566,8 @@ # process the pre-loaded include files # $tmpdir = $ENV{'TMPDIR'} || '/tmp'; +my $tmpldir = ($ENV{'TMPDIR'} || '/tmp') . '/ipp.XX'; +$tmpdir = mkdtemp($tmpldir) or die Unable to create temporary directory: $!\n; $tmpfile = $tmpdir . /ipp.$$.tmp; unlink($tmpfile); $tmp = new IO::File; only in patch2: unchanged: --- wml-2.0.11.orig/wml_backend/p3_eperl/eperl_sys.c +++ wml-2.0.11/wml_backend/p3_eperl/eperl_sys.c @@ -211,13 +211,20 @@ { char ca[1024]; char *cp, *tmpdir; +char tmpfile[]=eperl_sourceXX; int i; +int fd=-1; tmpdir = getenv (TMPDIR); if (tmpdir == (char *) NULL) tmpdir=/tmp; -snprintf(ca, sizeof(ca), %s/%s.%d.tmp%d, tmpdir, id, (int)getpid(), mytmpfilecnt++); +snprintf(ca, sizeof(ca), %s/%s, tmpdir, tmpfile); +if((fd = mkstemp(tmpfile)) == -1){ +perror(can not create tmpfile); +return NULL; +} +close(fd); ca[sizeof(ca)-1] = NUL; cp = strdup(ca); for (i = 0; mytmpfiles[i] != NULL; i++) pgpTJh93kf8wN.pgp Description: PGP signature
Bug#463688: marked as done (CVE-2007-4770/1: Vulnerabilities in libicu)
Your message dated Thu, 07 Feb 2008 19:32:05 + with message-id [EMAIL PROTECTED] and subject line Bug#463688: fixed in icu 3.8-6 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: libicu38 Version: 3.6-2 Severity: grave Tags: security Two vulnerabilities have been found in libicu: From CVE-2007-4770: libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames. From CVE-2007-4771: Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information. A link to a patch is at [1] http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com This also affects libicu36 and probably libicu28. Please mention the CVE ids in the changelog. ---End Message--- ---BeginMessage--- Source: icu Source-Version: 3.8-6 We believe that the bug you reported is fixed in the latest version of icu, which is due to be installed in the Debian FTP archive: icu-doc_3.8-6_all.deb to pool/main/i/icu/icu-doc_3.8-6_all.deb icu_3.8-6.diff.gz to pool/main/i/icu/icu_3.8-6.diff.gz icu_3.8-6.dsc to pool/main/i/icu/icu_3.8-6.dsc libicu-dev_3.8-6_i386.deb to pool/main/i/icu/libicu-dev_3.8-6_i386.deb libicu38-dbg_3.8-6_i386.deb to pool/main/i/icu/libicu38-dbg_3.8-6_i386.deb libicu38_3.8-6_i386.deb to pool/main/i/icu/libicu38_3.8-6_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jay Berkenbilt [EMAIL PROTECTED] (supplier of updated icu package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 12:58:34 -0500 Source: icu Binary: libicu38 libicu38-dbg libicu-dev lib32icu38 lib32icu-dev icu-doc Architecture: source all i386 Version: 3.8-6 Distribution: unstable Urgency: high Maintainer: Jay Berkenbilt [EMAIL PROTECTED] Changed-By: Jay Berkenbilt [EMAIL PROTECTED] Description: icu-doc- API documentation for ICU classes and functions libicu-dev - Development files for International Components for Unicode libicu38 - International Components for Unicode libicu38-dbg - International Components for Unicode Closes: 463688 Changes: icu (3.8-6) unstable; urgency=high . * Add debian/patches/00-cve-2007-4770-4771.patch created from with svn diff -c 23292 \ http://source.icu-project.org/repos/icu/icu/branches/maint/maint-3-8 to address the following security vulnerablilities: - CVE-2007-4770: reference to non-existent capture group may cause access to invalid memory - CVE-2007-4771: buffer overflow in regexcmp.cpp (Closes: #463688) * Updated standards version to 3.7.3: no changes required. Files: 33af53f873f321b6e209bfff05c1e424 889 libs optional icu_3.8-6.dsc 072afed03a6c137388a0fa9c632cfe4f 11860 libs optional icu_3.8-6.diff.gz 644ba9a944f610f89337e3963591a7a8 3645860 doc optional icu-doc_3.8-6_all.deb 39ce4f1c9acf7d5802db62c388b47ef3 5862768 libs optional libicu38_3.8-6_i386.deb aca51dba423f8b92a2c806760a587335 2247986 libs extra libicu38-dbg_3.8-6_i386.deb 225a45a65a08f6933313a38e06e52479 6897616 libdevel optional libicu-dev_3.8-6_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHq1ngEBVk6taI4KcRAu/RAJ0aMcP+0vAr9LTfxRwlZChpr0b9zACePMn3 y7FL3DcRY19TxL8RNAPqo7g= =RzAd -END PGP SIGNATURE- ---End Message---
Processed: Scalapack + pending
Processing commands for [EMAIL PROTECTED]: tags 462510 + pending Bug#462510: scalapack: FTBFS: psblas1tst.f:(.text+0x156): undefined reference to `blacs_pinfo__' There were no tags set. Tags added: pending -- Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#418318: Processed: reassign
Uwe Steinmann wrote: On Wed, Feb 06, 2008 at 07:57:03PM +0100, Luk Claes wrote: Debian Bug Tracking System wrote: Processing commands for [EMAIL PROTECTED]: reassign 418318 ftp.debian.org Bug#418318: Don't build a php4-specific package because of php4's removal Bug reassigned from package `php4-ps' to `ftp.debian.org'. Shouldn't you just remove the php4-ps binary package in your next upload fixing this bug? That's what I thought as well but Wiesiek Swiatek told me: quote You should reassign this bug to ftp.debian.org metapackage with ask to removal this package from unstable. Upload new package as php-ps is not enougn, becouse source (php4-ps) still is aviable in unstable. /quote If you really want to change the source package name, then you indeed have to ask for removal of this package. Though I would advise to upload the new source package first if that's the case and read [1] to have a decent bug title for package removals. Cheers Luk [1] http://wiki.debian.org/ftpmaster_Removals -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: severity of 464544 is important
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.12 severity 464544 important Bug#464544: openoffice.org-calc does not calculate formulas Severity set to `important' from `grave' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#441019: reopen
On Thu, Feb 07, 2008 at 12:51:02PM +0100, Robert Millan wrote: reopen 441019 thanks This wasn't fixed. You need a versioned dependency in base-files in the binary packages, not as Build-Depends. Ah, if you care about backports, I suggest you make it depend on base-files = 4.0.1~bpo40+1 which archieves the same effect and is backport-compatible. -- Robert Millan GPLv2 I know my rights; I want my phone call! DRM What use is a phone call… if you are unable to speak? (as seen on /.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#463907: marked as done (Creates tempfiles in a unsafe way)
Your message dated Thu, 07 Feb 2008 19:17:05 + with message-id [EMAIL PROTECTED] and subject line Bug#463907: fixed in wml 2.0.11-3.1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: wml Version: 2.0.11-1 Severity: serious Tags: security The following code in wml_backend/p1_ipp/ipp.src is obviously unsafe (and actually causing practical problems during the Debian website build): $tmpdir = $ENV{'TMPDIR'} || '/tmp'; $tmpfile = $tmpdir . /ipp.$$.tmp; unlink($tmpfile); $tmp = new IO::File; $tmp-open($tmpfile) || error(cannot write into $tmpfile: $!); Sadly enough this was fixed by the former maintainer for sarge but apparently got lost when the new upstream was packaged for etch. See the following code in sarge's version: my $tmpldir = ($ENV{'TMPDIR'} || '/tmp') . '/ipp.XX'; $tmpdir = mkdtemp($tmpldir) or die Unable to create temporary directory: $!\n; $tmpfile = $tmpdir . /ipp.$$.tmp; unlink($tmpfile); $tmp = new IO::File; $tmp-open($tmpfile) || error(cannot write into $tmpfile: $!); You could probably just use that again. Gruesse, Frank Lichtenheld -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (900, 'unstable'), (900, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.23-1-686 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wml depends on: ii eperl 2.2.14-15 Embedded Perl 5 Language ii iselect 1.3.1-3An interactive line selection tool ii libbit-vector-perl6.4-7 Perl and C library for bit vectors ii libc6 2.7-6 GNU C Library: Shared libraries ii libimage-size-perl3.1-3 determine the size of images in se ii libpng12-01.2.15~beta5-3 PNG library - runtime ii libterm-readkey-perl 2.30-3 A perl module for simple terminal ii m41.4.10-1 a macro processing language ii mp4h 1.3.1-4Macro processor for HTML documents ii perl 5.8.8-12 Larry Wall's Practical Extraction ii perl-base [perlapi-5.8.8] 5.8.8-12 The Pathologically Eclectic Rubbis ii slice 1.3.8-9Extract out pre-defined slices of Versions of packages wml recommends: ii libhtml-clean-perl 0.8-10Cleans up HTML code for web browse ii linklint 2.3.5-5 A fast link checker and web site m ii tidy 20080116cvs-2 HTML syntax checker and reformatte ii txt2html 2.50-2Text to HTML converter -- no debconf information ---End Message--- ---BeginMessage--- Source: wml Source-Version: 2.0.11-3.1 We believe that the bug you reported is fixed in the latest version of wml, which is due to be installed in the Debian FTP archive: wml_2.0.11-3.1.diff.gz to pool/main/w/wml/wml_2.0.11-3.1.diff.gz wml_2.0.11-3.1.dsc to pool/main/w/wml/wml_2.0.11-3.1.dsc wml_2.0.11-3.1_i386.deb to pool/main/w/wml/wml_2.0.11-3.1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Nico Golde [EMAIL PROTECTED] (supplier of updated wml package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 12:01:43 +0100 Source: wml Binary: wml Architecture: source i386 Version: 2.0.11-3.1 Distribution: unstable Urgency: high Maintainer: Felipe Augusto van de Wiel (faw) [EMAIL PROTECTED] Changed-By: Nico Golde [EMAIL PROTECTED] Description: wml- off-line HTML generation toolkit Closes: 463907 Changes: wml (2.0.11-3.1) unstable; urgency=high . * Non-maintainer upload by security team. * Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Files: 0001104f9f320183a90ac97b61754797 623 web optional
Bug#463907: Creates tempfiles in a unsafe way
Hi, attached is an updated patch which I will upload as a 0-day NMU with permission of the maintainer. Many thanks to Frank for his input! Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. diff -u wml-2.0.11/debian/changelog wml-2.0.11/debian/changelog --- wml-2.0.11/debian/changelog +++ wml-2.0.11/debian/changelog @@ -1,3 +1,13 @@ +wml (2.0.11-3.1) unstable; urgency=high + + * Non-maintainer upload by security team. + * Fix insecure temporary file creations in eperl and ipp +backends and a similar issue in the wmg.cgi contrib file +leading to possible symlink attacks. +If you already use wmg.cgi please update your copy (Closes: #463907). + + -- Nico Golde [EMAIL PROTECTED] Thu, 07 Feb 2008 12:01:43 +0100 + wml (2.0.11-3) unstable; urgency=low [ Luk Claes ] diff -u wml-2.0.11/wml_contrib/wmg.cgi wml-2.0.11/wml_contrib/wmg.cgi --- wml-2.0.11/wml_contrib/wmg.cgi +++ wml-2.0.11/wml_contrib/wmg.cgi @@ -366,14 +366,7 @@ ($w, $h, $t) = Image::Size::imgsize(\$contents); if ($w*$h == 1) { # read image into GD -$tmpfile = /tmp/pe.tmp.$$; -unlink($tmpfile); -open(TMP, $tmpfile); -print TMP $contents; -close(TMP); -open(TMP, $tmpfile); -$tmpimg = newFromGif GD::Image(TMP); -close(TMP); +$tmpimg = newFromGif GD::Image($contents); unlink($tmpfile); if ($tmpimg-transparent != -1) { my $im = new GD::Image($w, $h); diff -u wml-2.0.11/wml_backend/p1_ipp/ipp.src wml-2.0.11/wml_backend/p1_ipp/ipp.src --- wml-2.0.11/wml_backend/p1_ipp/ipp.src +++ wml-2.0.11/wml_backend/p1_ipp/ipp.src @@ -566,6 +566,8 @@ # process the pre-loaded include files # $tmpdir = $ENV{'TMPDIR'} || '/tmp'; +my $tmpldir = ($ENV{'TMPDIR'} || '/tmp') . '/ipp.XX'; +$tmpdir = mkdtemp($tmpldir) or die Unable to create temporary directory: $!\n; $tmpfile = $tmpdir . /ipp.$$.tmp; unlink($tmpfile); $tmp = new IO::File; only in patch2: unchanged: --- wml-2.0.11.orig/wml_backend/p3_eperl/eperl_sys.c +++ wml-2.0.11/wml_backend/p3_eperl/eperl_sys.c @@ -211,13 +211,20 @@ { char ca[1024]; char *cp, *tmpdir; +char tmpfile[]=eperl_sourceXX; int i; +int fd=-1; tmpdir = getenv (TMPDIR); if (tmpdir == (char *) NULL) tmpdir=/tmp; -snprintf(ca, sizeof(ca), %s/%s.%d.tmp%d, tmpdir, id, (int)getpid(), mytmpfilecnt++); +snprintf(ca, sizeof(ca), %s/%s, tmpdir, tmpfile); +if((fd = mkstemp(tmpfile)) == -1){ +perror(can not create tmpfile); +return NULL; +} +close(fd); ca[sizeof(ca)-1] = NUL; cp = strdup(ca); for (i = 0; mytmpfiles[i] != NULL; i++) pgpIbxOUHfSAo.pgp Description: PGP signature
Bug#461052: marked as done (RM: libapache-filter-perl -- RoQA; apache1 only)
Your message dated Thu, 07 Feb 2008 22:30:12 + with message-id [EMAIL PROTECTED] and subject line Bug#461052: fixed has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: libapache-filter-perl Version: 1.024-2 Severity: serious Tags: lenny sid apache is removed for quite a while now, your package doesn't work without it. You had a bugreport against a different package of yours with the same problem but didn't respond there. Either fix this with making the package work with apache2 or request removal of it from the pool. Please speak up if you are still around, otherwise I would have to consider you being MIA and continue with handling of that status properly. So long, Rhonda ---End Message--- ---BeginMessage--- We believe that the bug you reported is now fixed; the following package(s) have been removed from unstable: libapache-filter-perl |1.024-2 | source, all Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive (ftp-master.debian.org) and will not propagate to any mirrors (ftp.debian.org included) until the next cron.daily run at the earliest. Packages are never removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED] This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED] Debian distribution maintenance software pp. Joerg Jaspert (the ftpmaster behind the curtain) ---End Message---
Processed: Re: kolab-cyrus-imapd: ldap_get_values implicitly converted to pointer
Processing commands for [EMAIL PROTECTED]: severity 463430 serious Bug#463430: kolab-cyrus-imapd: ldap_get_values implicitly converted to pointer Severity set to `serious' from `important' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#464544: openoffice.org-calc does not calculate formulas
Processing commands for [EMAIL PROTECTED]: tag 464544 + moreinfo Bug#464544: openoffice.org-calc does not calculate formulas There were no tags set. Tags added: moreinfo thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: I can't fix this issue as long as I can't rebuild
Processing commands for [EMAIL PROTECTED]: block 445016 by 450447 Bug#450447: athcool: FTBFS: undefined reference to `gzopen' Bug#445016: athcool: Does not start due to missing libpci.so.2 Was not blocked by any bugs. Blocking bugs of 445016 added: 450447 thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#460761: marked as done (fvwm: your package depends from gnome-libs that is scheduled for removal)
Your message dated Thu, 07 Feb 2008 21:02:16 + with message-id [EMAIL PROTECTED] and subject line Bug#460761: fixed in fvwm 1:2.5.24-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: fvwm Severity: important User: [EMAIL PROTECTED] Usertags: gnome-1.x-removal Hi, Your package (fvwm) has been detected as depending on gnome-libs, which as per release goal, won't be shipped in lenny. Please make sure that your package drops its dependencies on gnome-libs as soon as possible, or that it's ported to gnome2 one way or the other. This bug will be raised to RC severity as soon as gnome-libs are removed from testing, which should happen soon, since it will make your package uninstallable. Cheers, -- Pierre Habouzit ---End Message--- ---BeginMessage--- Source: fvwm Source-Version: 1:2.5.24-1 We believe that the bug you reported is fixed in the latest version of fvwm, which is due to be installed in the Debian FTP archive: fvwm-gnome_2.5.24-1_amd64.deb to pool/main/f/fvwm/fvwm-gnome_2.5.24-1_amd64.deb fvwm_2.5.24-1.diff.gz to pool/main/f/fvwm/fvwm_2.5.24-1.diff.gz fvwm_2.5.24-1.dsc to pool/main/f/fvwm/fvwm_2.5.24-1.dsc fvwm_2.5.24-1_amd64.deb to pool/main/f/fvwm/fvwm_2.5.24-1_amd64.deb fvwm_2.5.24.orig.tar.gz to pool/main/f/fvwm/fvwm_2.5.24.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Manoj Srivastava [EMAIL PROTECTED] (supplier of updated fvwm package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 09:57:14 -0600 Source: fvwm Binary: fvwm fvwm-gnome Architecture: source amd64 Version: 1:2.5.24-1 Distribution: unstable Urgency: low Maintainer: Manoj Srivastava [EMAIL PROTECTED] Changed-By: Manoj Srivastava [EMAIL PROTECTED] Description: fvwm - F(?) Virtual Window Manager, version 2.5 fvwm-gnome - F(?) Virtual Window Manager (dummy transitional package) Closes: 455473 460761 463384 Changes: fvwm (1:2.5.24-1) unstable; urgency=low . * New upstream release - Disabled paging during interactive resize operations by default (see 2.5.20) as it is annoying to many people. - New style command options: EdgeMoveResistance EdgeMoveDelay EdgeResizeDelay SnapGrid SnapAttraction that replace the now obsolete commands EdgeResistance, SnapGrid and SnapAttraction. The EdgeResistance command has a new syntax with only one argument. - New command MenuCloseAndExec for menu bindinngs that can be used to trigger certain commands from a menu without an associated item. For example, with Key F1 MTI[]-_ A MenuCloseAndExec Menu RootMenu the RootMenu can be opened from any other menu by pressing F1. * Bug fixes: - Sometimes a window jumped by half the screen's size when moving with the mouse and hitting the border of the desktop. - Fixed the screen w argument of the Move and other commands. - Clicking on a menu title did not close the menu by default. - Temporary files in FvwmPerl overwrote each other. * The segmentation fault in ewmh_events has been fixed in this version. Closes: Bug#463384 * Change the dependency to gnome1 libraries; Closes: Bug#460761 This also means that there was no point in having a separate fvwm package where FvwmGtk was a gnome entity; since it was never ported to gnome2. So, fvwm-gnome is now a dummy package; and is meant to transition to plain old fvwm. * Removed the debconf question; since the upgrade would be directly from a system installed in 2003 for the question to be valid. * Move _all the html files into the documentation directory, thanks to Christer Andersson.Closes: Bug#455473 Files: 897ae8012eddf61cee1e2b815616124c 1338 x11 optional fvwm_2.5.24-1.dsc 6a42a8a24f37d91120079455dce52e37 3315665 x11 optional fvwm_2.5.24.orig.tar.gz 4f677ba84dd431f4355bc64f17532a1e 107020 x11 optional fvwm_2.5.24-1.diff.gz 5ef15667b21cbffe5c604772f215cb22 3691114 x11
Processed: Please include pkgconfig file
Processing commands for [EMAIL PROTECTED]: reopen 403181 Bug#403181: athcool: FTBFS: undefined references to gz* 'reopen' may be inappropriate when a bug has been closed with a version; you may need to use 'found' to remove fixed versions. Bug#396640: efibootmgr: FTBFS: undefined reference to `gzopen' Bug#396730: uswsusp: FTBFS: undefined reference to `gzclose' Bug#396838: toshset: FTBFS: undefined reference to `gzopen' Bug#409682: FTBFS: undefined reference to `gzopen' Bug#420045: efibootmgr: FTBFS: In function `pci_load_name_list': undefined reference to `gzopen' Bug reopened, originator not changed. severity 403181 wishlist Bug#403181: athcool: FTBFS: undefined references to gz* Bug#396640: efibootmgr: FTBFS: undefined reference to `gzopen' Bug#396730: uswsusp: FTBFS: undefined reference to `gzclose' Bug#396838: toshset: FTBFS: undefined reference to `gzopen' Bug#409682: FTBFS: undefined reference to `gzopen' Bug#420045: efibootmgr: FTBFS: In function `pci_load_name_list': undefined reference to `gzopen' Severity set to `wishlist' from `serious' retitle 403181 pciutils-dev: Please include pkgconfig file Bug#403181: athcool: FTBFS: undefined references to gz* Changed Bug title to `pciutils-dev: Please include pkgconfig file' from `athcool: FTBFS: undefined references to gz*'. tags 403181 + patch Bug#403181: pciutils-dev: Please include pkgconfig file Tags were: sid confirmed Bug#396640: efibootmgr: FTBFS: undefined reference to `gzopen' Bug#396730: uswsusp: FTBFS: undefined reference to `gzclose' Bug#396838: toshset: FTBFS: undefined reference to `gzopen' Bug#409682: FTBFS: undefined reference to `gzopen' Bug#420045: efibootmgr: FTBFS: In function `pci_load_name_list': undefined reference to `gzopen' Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450475: saods9: fix from Ubuntu version 4.0b7-1.5ubuntu1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tags 450475 + patch user [EMAIL PROTECTED] usertags 450475 + origin-ubuntu ubuntu-patch hardy thanks In Ubuntu, we applied this patch to fix this issue: http://patches.ubuntu.com/s/saods9/extracted/01_fix_tcltk_locations.dpatch Also, it fixes error reported in Launchpad bug #187111 (https://launchpad.net/bugs/187111). Thank you. - -- Luca Falavigna Ubuntu MOTU Developer GPG Key: 0x86BC2A50 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkerN5IACgkQnXjXEYa8KlBd2QCfQ5rinOGRRijI7ungTsTGaBe9 87sAoJDPaKTiXkk5RfNaMx7VifiR5WFa =9/tW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#429339: moodle and its phpmailer copy
On Thu, Feb 07, 2008 at 09:58:09AM +0100, Isaac Clerencia wrote: On Feb 7, 2008 9:20 AM, Marc 'HE' Brockschmidt [EMAIL PROTECTED] wrote: Heya, The bug about the embedded copy of phpmailer in moodle has been open for ages now without any activity. Isaac, you said you couldn't use the Debian package (at that time): Is that still true? Would it be possible to adjust libphp-phpmailer to your needs? Well, I am basically MIA at the time, so I am not too responsive and don't have the time to check again, but as far as I know nothing has changed and Moodle still requires a modified phpmailer. Isaac, please search for a co-maintainer. Moodle has regular security issues and needs to be maintained by someone who can test update etc. Wrt the phpmailer copy: The differences between Moodle's version of phpmailer and the lib version in Debian are minimal, from a cursory check it's: 1. Adding another MSD ID for threading 2. A multibyte encoding fix $ diff -waur ./lib/phpmailer/class.phpmailer.php ../libphp-phpmailer-1.73/class.phpmailer.php | diffstat class.phpmailer.php | 69 ++-- 1 file changed, 3 insertions(+), 66 deletions(-) This could be resolved upstream, e.g. by sending the bugfixes to phpmailer upstream. I don't see why we should apply lower standards for PHP applications than we do for regular C-based applications. Since there's still plenty of time left before Lenny I'd recommend to leave this bug open for now. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#460761: FVWM removal and its dependence on GTK 1.x libs
It turns out that all the dependency on GTK FVWM has is due to its FvwmGtk module. Sacrificing the whole WM which has nothing to do with GNOME or GTK besides that module is utterly unwise. This is not the same case as with, say, XMMS which relies on GTK 1.x so pervasively it cannot be easily fixed. As to FVWM, the support for FvwmGtk module should be dropped until someone will come up and port it to GTK 2.x. As I understand, dropping this module and any dependence on GTK 1.x is just a matter of adding --without-gnome-libs, --without-gtk and --without-gdk-imlib options to ./configure. Please don't allow this package to vanish from Debian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464259: sbaz: FTBFS: /build/user/sbaz-1.20/src/sbaz/PackageSpec.scala:35: error: unreachable code
On Feb 6, 2008, at 2:29 AM, Lucas Nussbaum wrote: Package: sbaz version: 1.20-2 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20080205 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. This is fixed in the next version of sbaz, but it depends on the next version of Scala. Since sbaz is a new, rarely used package for Debian, I have been thinking to wait a few weeks until the next Scala comes out instead of trying to backport the fixes. -Lex -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464058: turba access checking issue
Hi, On Thu, Feb 07, 2008 at 12:32:06PM +0100, Peter Paul Elfferich wrote: I've also tested the patch. It successfully secures the data, but it also silently removes the non editable contacts from contact lists as the list is viewed. Are you or are you not supposed to be able to add contacts from one address book to a contact list in another address book? If not then users should also no longer be able to add contacts to contact lists from other address books. Could you give more details (sources.php, etc.) on this problem ? Regards, -- Gregory Colpart [EMAIL PROTECTED] GnuPG:1024D/C1027A0E Evolix - Informatique et Logiciels Libres http://www.evolix.fr/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#443274: dual-card setup doesn't work with X 1.4
On Sat, Sep 22, 2007 at 12:59:00PM +0200, Brice Goglin wrote: Ok, thanks for testing. So, to summarize: * The ATI driver 6.6.193 is broken in this board but 6.7.193 is fine. * Xserver 1.4 + ATI RandR 1.2 does not accept another board/driver in the config, and it might take time to get this fixed... I am retitling/reassigning back to the Xserver now that ATI driver issues are clarified. Aldemir, We are trying to make sure that Xserver 1.4 is really the problem here. So we want to know whether Xserver 1.3 works when a RandR 1.2 (such as ATI) and another one (such as MGA) are used at the same time. I just build a very recent snapshot of the ATI driver for testing/Lenny: http://people.debian.org/~bgoglin/rebuilds/ati-6.7.198-Xserver1.3/ Could you test it (after downgrading to xserver-xorg-core 1.3 from testing if necessary) and see whether it works with the MGA driver enabled at the same time? You'll just need a config with both drivers, probably very similar to what you had at the beginning of this bug report. You might need to try with and without some advanced config such as Screen 0 Screen 1 0 0 Screen 1 Screen 2 RightOf Screen 1 in the ServerLayout section. thanks in advance, Brice -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464267: marked as done (bible-kjv: FTBFS: sort: open failed: +1nr: No such file or directory)
Your message dated Thu, 07 Feb 2008 21:32:02 + with message-id [EMAIL PROTECTED] and subject line Bug#464267: fixed in bible-kjv 4.22 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: bible-kjv version: 4.21 Severity: serious User: [EMAIL PROTECTED] Usertags: qa-ftbfs-20080205 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: Window[64] starts at 1653150 Window[65] starts at 1680765 Window[66] starts at 1708395 Window[67] starts at 1734473 Window[68] starts at 1740595 mv squish.output bible.data To exclude stopwords from concordance use this: ./makeconc.pl bible.stopwords NOTE: The next command will FAIL if you don't have PERL. If it fails, edit Makefile to use this instead: ./makeconcordance Here we go... ./makeconc.pl All words will be included in concordance (no stopwords). (No concordance file 'bible.data.conc' found) sort: open failed: +1nr: No such file or directory make[1]: *** [bible.rawconcordance] Broken pipe make[1]: *** Deleting file `bible.rawconcordance' make[1]: Leaving directory `/build/user/bible-kjv-4.21' make: *** [build] Error 2 dpkg-buildpackage: failure: debian/rules build gave error exit status 2 The full build log is available from: http://people.debian.org/~lucas/logs/2008/02/05 A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on about 50 AMD64 nodes of the Grid'5000 platform, using a clean chroot containing a sid i386 environment. Internet was not accessible from the build systems. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | ---End Message--- ---BeginMessage--- Source: bible-kjv Source-Version: 4.22 We believe that the bug you reported is fixed in the latest version of bible-kjv, which is due to be installed in the Debian FTP archive: bible-kjv-text_4.22_all.deb to pool/main/b/bible-kjv/bible-kjv-text_4.22_all.deb bible-kjv_4.22.dsc to pool/main/b/bible-kjv/bible-kjv_4.22.dsc bible-kjv_4.22.tar.gz to pool/main/b/bible-kjv/bible-kjv_4.22.tar.gz bible-kjv_4.22_i386.deb to pool/main/b/bible-kjv/bible-kjv_4.22_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthew Vernon [EMAIL PROTECTED] (supplier of updated bible-kjv package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 7 Feb 2008 20:50:11 + Source: bible-kjv Binary: bible-kjv bible-kjv-text Architecture: source all i386 Version: 4.22 Distribution: unstable Urgency: low Maintainer: Matthew Vernon [EMAIL PROTECTED] Changed-By: Matthew Vernon [EMAIL PROTECTED] Description: bible-kjv - King James Version of the Bible: user interface program. bible-kjv-text - King James Version of the Bible - text and concordance Closes: 436581 464267 Changes: bible-kjv (4.22) unstable; urgency=low . * Replace old sort +1 syntax with POSIX sort -k 2 (closes: #464267) * deal with nostrip DEB_BUILD_OPTION in debian/rules (closes: #436581) Files: 7d81334a8e9597d78e1526e859e38878 628 doc optional bible-kjv_4.22.dsc 9dadc3bdf225a9fc729343f7c64887b0 1396656 doc optional bible-kjv_4.22.tar.gz a3646c225ebdaac2a9a9f460a4f7e071 2496674 doc optional bible-kjv-text_4.22_all.deb 5310e3f87c6814d03ed8e6b5ed89685b 111770 doc optional bible-kjv_4.22_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR6t0LLDSad4X89TRAQKOfAP9H7Ek7c0kvScexBHu3hcUtMITcvAwGs82 /Q7LcC1b/iaPpfCeiHZmxfjdfGtoWv7IRTL859n0gFJUvvP/nsSqg9j2iCukC6Dr Mg7NtwyydhIMFgIRbX5VvvNljV0VQ8EqxZtZui0skm7Uz75QbADpLF52aHW680vF o/I1zBMrr4o= =3RoI -END PGP SIGNATURE- ---End Message---
Bug#418318: Processed: reassign
Uwe Steinmann wrote: On Thu, Feb 07, 2008 at 07:02:16PM +0100, Luk Claes wrote: Uwe Steinmann wrote: On Wed, Feb 06, 2008 at 07:57:03PM +0100, Luk Claes wrote: Debian Bug Tracking System wrote: Processing commands for [EMAIL PROTECTED]: reassign 418318 ftp.debian.org Bug#418318: Don't build a php4-specific package because of php4's removal Bug reassigned from package `php4-ps' to `ftp.debian.org'. Shouldn't you just remove the php4-ps binary package in your next upload fixing this bug? That's what I thought as well but Wiesiek Swiatek told me: quote You should reassign this bug to ftp.debian.org metapackage with ask to removal this package from unstable. Upload new package as php-ps is not enougn, becouse source (php4-ps) still is aviable in unstable. /quote If you really want to change the source package name, then you indeed have to ask for removal of this package. Though I would advise to upload the new source package first if that's the case and read [1] to have a decent bug title for package removals. This is still very confusing for me. Reading [1] I get the impression that everything is done automatically. The source package php4-ps used to produce two binary packages php4-ps and php5-ps. Now that php4 isn't supported anymore, only php5-ps will be left, which is somewhat strange. A source package php4-ps produces a binary package php5-ps. That's why I created a new source package php-ps which produces php5-ps. Isn't this one of the cases where rene takes care of automatic removal? 'Source packages which have had all their binary packages taken over by another source packages' Will you have a php4-ps binary package in php-ps or only a php5-ps? If the latter, this bug is what you should do except for the bug title. I also would advise you to wait till php-ps is at least in unstable before retitling this bug correctly. Cheers Luk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#464433: Source package contains non-free IETF RFC/I-D
Processing commands for [EMAIL PROTECTED]: tags 464433 confirmed Bug#464433: Source package contains non-free IETF RFC/I-D There were no tags set. Tags added: confirmed thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: intent to NMU
Processing commands for [EMAIL PROTECTED]: tags 463907 + patch Bug#463907: Creates tempfiles in a unsafe way Tags were: confirmed security Tags added: patch thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464608: portreserve: postinst fails
Package: portreserve Version: 0.0.0-5 Severity: grave Justification: renders package unusable postinst tries to run /etc/init.d/portreserve. This is actually wrong, since postinst will only be run on a fully booted system. All other services are up and have claimed their ports, so portreserve cannot bind to any port and exists. /etc/init.d/portreserve notices no pidfile and reports an error. Thanks, Jö. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-k7 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages portreserve depends on: ii libc6 2.7-6 GNU C Library: Shared libraries portreserve recommends no packages. -- no debconf information -- This is the first age that's paid much attention to the future, which is a little ironic since we may not have one. -- Arthur C Clarke signature.asc Description: Digital signature
Bug#463907: intent to NMU
tags 463907 + patch thanks Hi, attached is an NMU that fixes the mentioned security issue. It will be also archived on: http://people.debian.org/~nion/nmu-diff/netpbm-free-10.0-11_10.0-11.1.patch I am going to upload this as 0-day NMU with the maintainers permission. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. diff -u netpbm-free-10.0/debian/changelog netpbm-free-10.0/debian/changelog --- netpbm-free-10.0/debian/changelog +++ netpbm-free-10.0/debian/changelog @@ -1,3 +1,13 @@ +netpbm-free (2:10.0-11.1) unstable; urgency=high + + * Non-maintainer upload by security team. + * This update addresses the following security issue: +- CVE-2008-0554: The readImageData function in giftopnm.c does not +properly check the upper bound of a fixed size array leading to a +buffer overflow and possibly code execution (Closes: #464056). + + -- Nico Golde [EMAIL PROTECTED] Thu, 07 Feb 2008 20:31:46 +0100 + netpbm-free (2:10.0-11) unstable; urgency=high * Fix heap corruption in pnmtopng (no CVE yet), only in patch2: unchanged: --- netpbm-free-10.0.orig/pnm/giftopnm.c +++ netpbm-free-10.0/pnm/giftopnm.c @@ -575,6 +575,10 @@ pm_error(GIF stream ends (or read error) right after an image separator; no image data follows.); +if(lzwMinCodeSize MAX_LZW_BITS) +pm_error(Invalid minimum code size value in image data: %u. + Maximum allowable code size in GIF is %u, + lzwMinCodeSize, MAX_LZW_BITS); if (lzwReadByte(ifP, TRUE, lzwMinCodeSize) 0) pm_error(GIF stream ends (or read error) right after the pgpU3pzHjE8ao.pgp Description: PGP signature
Bug#464535: aptitude: markauto and unmarkauto work the other way around
Package: aptitude Version: 0.4.10-1 Severity: critical Justification: breaks unrelated software The markauto and unmarkauto commands work in reverse as specified in the manual, and in reverse as common sense would say they should. I have a manually installed package, libdirectfb-1.0-0: $ aptitude show libdirectfb-1.0-0 | egrep '^(Automatically|State)' State: installed Automatically installed: no I want this package to be marked as automatically installed. So I do a markauto: $ sudo aptitude markauto libdirectfb-1.0-0 Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 0B will be used. Writing extended state information... Done Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done OK. It didn't tell me it actually carried out any useful work (even though it emitted a lot of noise), so let's assume it worked. Now I query the package state again: $ aptitude show libdirectfb-1.0-0 | egrep '^(Automatically|State)' State: installed Automatically installed: no Wow. Humm. Maybe it didn't work after all. Let's try the other command: $ sudo aptitude unmarkauto libdirectfb-1.0-0 Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 0B will be used. Writing extended state information... Done Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done Ok, it still doesn't say it did anything (Boy, it is really noisy.) Let's check the state anyway: $ aptitude show libdirectfb-1.0-0 | egrep '^(Automatically|State)' State: installed Automatically installed: yes WOW! Now that's broken! Let's try to put it in manual mode again, with the markauto command: $ sudo aptitude markauto libdirectfb-1.0-0 Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 0B will be used. Writing extended state information... Done Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done OK, I got more useless noise, now does it continue to fail? $ aptitude show libdirectfb-1.0-0 | egrep '^(Automatically|State)' State: installed Automatically installed: no Why, yes, it failed to do the thing I told it to do, but it correctly did exactly the opposite! Guys. Come on. Does anyone actually _test_ this stuff? I'm guessing this bug is a duplicate of #330131 and #372184. It is _still_ broken in 0.4.10 though. I'm marking the bug as critical because of the reports in those other bugs. Thanks for your work on aptitude. It is awesome. I only wish that devs would put more attention to simple things such as this one. -- Package-specific info: Terminal: xterm $DISPLAY is set. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.21-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages aptitude depends on: ii apt [libapt-pkg-libc6.6 0.7.9Advanced front-end for dpkg ii libc6 2.7-6GNU C Library: Shared libraries ii libcwidget1 0.5.6.1-3high-level terminal interface libr ii libgcc1 1:4.3-20080116-1 GCC support library ii libncursesw55.6+20080119-1 Shared libraries for terminal hand ii libsigc++-2.0-0c2a 2.0.17-2 type-safe Signal Framework for C++ ii libstdc++6
Bug#464433: Source package contains non-free IETF RFC/I-D
tags 464433 confirmed thanks Hi. Thanks for your report. From: Simon Josefsson [EMAIL PROTECTED] Subject: Bug#464433: Source package contains non-free IETF RFC/I-D Date: Wed, 06 Feb 2008 21:30:44 +0100 This report is a duplicate of #393418, but that one was fixed, closed and archived, but the bug re-appeared with this version, so I'm filing a new bug. This source package contains the following files from the IETF under non-free license terms: VFlib3-3.6.14/ccv/TBL/RFC/rfc1489.txt Before packaging new upstream release, I recognized this problem. But I forgot to remove this file. I've already repackaged the archive in my local repository. Thanks. OHURA Makoto: [EMAIL PROTECTED](Debian Project) [EMAIL PROTECTED](LILO/Netfort) GnuPG public key: http://www.netfort.gr.jp/~ohura/gpg.asc.txt fingerprint: 54F6 D1B1 2EE1 81CD 65E3 A1D3 EEA2 EFA2 77DC E083 http://www.netfort.gr.jp/~ohura/ pgpi7jLq4NL2A.pgp Description: PGP signature
Bug#464544: openoffice.org-calc does not calculate formulas
Package: openoffice.org-calc Version: 2.2.1-10 Severity: grave Justification: renders package unusable Hi, OpenOffice Calc does not calculate formulas. If you e.g. sum two numbers from two cells it will concatenate these numbers as result. Calc treats numbers as strings. regards, Dariusz Lomot -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.21-2-686 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=pl_PL (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Shell: /bin/sh linked to /bin/bash Versions of packages openoffice.org-calc depends on: ii libc6 2.7-6 GNU C Library: Shared libraries ii libgcc1 1:4.2.2-4 GCC support library ii libstdc++64.2.2-4The GNU Standard C++ Library v3 ii libstlport4.6c2 4.6.2-3STLport C++ class library ii libsuitesparse3.0.0-7collection of libraries for comput ii lp-solve 5.5.0.10-9 Solve (mixed integer) linear progr ii openoffice.org-core 2.2.1-10 OpenOffice.org office suite archit openoffice.org-calc recommends no packages. Versions of packages openoffice.org-core depends on: ii fontconfig 2.5.0-2 generic font configuration library ii libc6 2.7-6 GNU C Library: Shared libraries ii libcairo2 1.4.14-1 The Cairo 2D vector graphics libra ii libcurl3-gnutls7.17.1-1 Multi-protocol file transfer libra ii libdb4.5 4.5.20-11 Berkeley v4.5 Database Libraries [ ii libexpat1 1.95.8-4 XML parsing C library - runtime li ii libfontconfig1 2.5.0-2 generic font configuration library ii libfreetype6 2.3.5-1+b1FreeType 2 font engine, shared lib ii libgcc11:4.2.2-4 GCC support library ii libglib2.0-0 2.14.5-2 The GLib library of C routines ii libgstreamer-plugins-b 0.10.15-4 GStreamer libraries from the base ii libgstreamer0.10-0 0.10.15-4 Core GStreamer libraries and eleme ii libgtk2.0-02.12.5-2 The GTK+ graphical user interface ii libhunspell-1.1-0 1.1.9-1 spell checker and morphological an ii libice62:1.0.4-1 X11 Inter-Client Exchange library ii libicu36 3.6-10International Components for Unico ii libjpeg62 6b-14 The Independent JPEG Group's JPEG ii libldap2 2.1.30.dfsg-13.5 OpenLDAP libraries ii libneon25 0.25.5.dfsg-6 An HTTP and WebDAV client library ii libnspr4-0d4.7.0~1.9b1-2 NetScape Portable Runtime Library ii libnss3-0d 3.11.7-1 Network Security Service libraries ii libpam0g 0.99.7.1-5Pluggable Authentication Modules l ii libpango1.0-0 1.18.4-1 Layout and rendering of internatio ii libportaudio2 19+svn20071022-2 Portable audio I/O - shared librar ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libsndfile11.0.17-4 Library for reading/writing audio ii libstartup-notificatio 0.9-1 library for program launch feedbac ii libstdc++6 4.2.2-4 The GNU Standard C++ Library v3 ii libstlport4.6c24.6.2-3 STLport C++ class library ii libx11-6 2:1.0.3-7 X11 client-side library ii libxaw72:1.0.4-1 X11 Athena Widget library ii libxcomposite1 1:0.4.0-1 X11 Composite extension library ii libxcursor11:1.1.9-1 X cursor management library ii libxdamage11:1.1.1-3 X11 damaged region extension libra ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxfixes3 1:4.0.3-2 X11 miscellaneous 'fixes' extensio ii libxi6 2:1.1.3-1 X11 Input extension library ii libxinerama1 1:1.0.2-1 X11 Xinerama extension library ii libxml22.6.31.dfsg-1 GNOME XML library ii libxrandr2 2:1.2.2-1 X11 RandR extension library ii libxrender11:0.9.4-1 X Rendering Extension client libra ii libxslt1.1 1.1.22-1 XSLT processing library - runtime ii libxt6 1:1.0.5-3 X11 toolkit intrinsics library ii openoffice.org-common 1:2.3.1-3 OpenOffice.org office suite archit ii ttf-opensymbol 1:2.3.1-3 The OpenSymbol TrueType font ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462889: seahorse fails to start
On lun, 2008-01-28 at 22:01 +0100, Wolodja Wentland wrote: Package: seahorse Version: 2.20.3-1+b1 Followup-For: Bug #462889 Do you have a big (really BIG) public keyring? Do you have Debian keyring added in gpg.options file? I am not sure what you consider a BIG public keyring, but mine is around 12 MB and would be surprised if that qualifies as one. Having into account that Debian one is ~24MB, I can tell you your one is hughe for personal use. THe problem is that seahorse tries to read all keys in your public keyring to make a list of contacts, so it gets stuck. This is a known problem, but people usually don't have more than 10-20 keys, and having 200 keys is quite uncommon. I don't know if there is a plan to try to fix this, but that would also imply caching keys into something like a sqlite database, which produces a security problem, as you can have changed how trusted a key is, and seahorse won't notice till it scans all keys again Could you try with a clean public keyring? And if the error still happens to you, with a clean private keyring? (please make backup copies of your keyrings, specially private one before testing) After moving my ~/.gnupg folder somewhere else seahorse worked again. I could copy my private keyring back and migrated all important keys back into my new public keyring. The problem still occurs with my old pubring.gpg. Thank you for the fast reply and kind help. No problem. I will leave the bug open, and perhaps tag it as wontfix. Wolodja Wentland -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464585: still depends on xmms
Package: shermans-aquarium Version: 3.0.1-2 Severity: serious Hi! A dependency check in Lenny indicated that your package still declares a dependency on XMMS. Version: 3.0.1-2 Depends: xmms (= 1.2.10+20070501) Filename: pool/main/s/shermans-aquarium/shermans-aquarium_3.0.1-2_amd64.deb Please be sure to fix this, as XMMS is queued for immediate removal. William -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#460419: omniorb4: FTBFS on arm: segmentation fault
Hmmm... http://bugs.debian.org/458745 looks quite similar to this one. It might be related. I'll try to build omniorb4 on arm without alloca (i.e. with --disable-alloca) to see if it fixes the failure on arm. Regards, Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#415287: marked as done (dummy bug; should not be in testing)
Your message dated Thu, 07 Feb 2008 21:47:02 + with message-id [EMAIL PROTECTED] and subject line Bug#415287: fixed in ion3 20080207-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: ion3 Version: 20061223-2 Severity: serious This is a dummy bug report to avoid that current ion3 enter testing. In #413469 msg 67, Norbert Tretkowski requested as ex-maintainer that ion3 and its dependants be removed from Etch. Upstream maintainer Tuomo Valkonen requested not to include the current ion3 version in stable. Steve Langasek endorsed with msg 163 serious severity for this bug on the grounds that ion3 in stable has few users and that according to Joey Hess the ion3 upgrade path from sarge to etch isn't likely to be a smooth one anyway, so it seems reasonable to defer to upstream (and the former maintainer) on this point. ---End Message--- ---BeginMessage--- Source: ion3 Source-Version: 20080207-1 We believe that the bug you reported is fixed in the latest version of ion3, which is due to be installed in the Debian FTP archive: ion3-dev_20080207-1_all.deb to pool/non-free/i/ion3/ion3-dev_20080207-1_all.deb ion3_20080207-1.diff.gz to pool/non-free/i/ion3/ion3_20080207-1.diff.gz ion3_20080207-1.dsc to pool/non-free/i/ion3/ion3_20080207-1.dsc ion3_20080207-1_i386.deb to pool/non-free/i/ion3/ion3_20080207-1_i386.deb ion3_20080207.orig.tar.gz to pool/non-free/i/ion3/ion3_20080207.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ben Hutchings [EMAIL PROTECTED] (supplier of updated ion3 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 20:29:15 + Source: ion3 Binary: ion3 ion3-dev Architecture: source all i386 Version: 20080207-1 Distribution: unstable Urgency: low Maintainer: Ben Hutchings [EMAIL PROTECTED] Changed-By: Ben Hutchings [EMAIL PROTECTED] Description: ion3 - tiling tabbed window manager designed for keyboard users ion3-dev - Ion3 development files Closes: 415287 Changes: ion3 (20080207-1) unstable; urgency=low . * New upstream version - First stable release of Ion3 - closes: #415287 Files: feeaa2eb9647d96daef6b4c4f598f6b3 688 non-free/x11 extra ion3_20080207-1.dsc a3673c29c367106e5c4919ac33726eec 653316 non-free/x11 extra ion3_20080207.orig.tar.gz 64675a3e3d7de452f1ae090e21b122cd 33954 non-free/x11 extra ion3_20080207-1.diff.gz 888a6313f10fee5f441e994397eaddc4 91936 non-free/devel extra ion3-dev_20080207-1_all.deb 6cca6d4db02d845a8c8cebaa5b0696f1 673874 non-free/x11 extra ion3_20080207-1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHq3sH79ZNCRIGYgcRAj5gAJ9pxkMDq/1P1P51ZlxmFNOtMDIqjACgwd5f 0fXtASyCLFQvAiC8TIufo64= =XyiM -END PGP SIGNATURE- ---End Message---
Bug#464544: openoffice.org-calc does not calculate formulas
Dariusz Lomot wrote: Version: 2.2.1-10 Not in testing anymore. Please try with something remotely recent. (2.2.1-x isnÄt supported anymore since long anyway). Severity: grave Justification: renders package unusable Sure... I'd more blame your system... OpenOffice Calc does not calculate formulas. If you e.g. sum two numbers from two cells it will concatenate these numbers as result. Calc treats numbers as strings. Err? Please try with 2.3.1-3. =SUMME(A1;A2) and =A1+A2 works both perfectly fine.. ii openoffice.org-common 1:2.3.1-3 OpenOffice.org office suite archit ii ttf-opensymbol 1:2.3.1-3 The OpenSymbol TrueType font Why do you have the 2.3.1-3 packages installed here and not the others? How did you install your OOo? How did you install 2.3.1-3? Grüße/Regards, René -- .''`. René Engelhard -- Debian GNU/Linux Developer : :' : http://www.debian.org | http://people.debian.org/~rene/ `. `' [EMAIL PROTECTED] | GnuPG-Key ID: 248AEB73 `- Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73 signature.asc Description: Digital signature
Bug#463688: acknowledging security vulnerabilities in ICU
Jay Berkenbilt wrote: Security: if you'd like, I can prepare a patch for the stable version as well. I'll do that and send it to security unless I hear otherwise. Thanks, please go ahead. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403181: Please include pkgconfig file
reopen 403181 severity 403181 wishlist retitle 403181 pciutils-dev: Please include pkgconfig file tags 403181 + patch thanks Hi, As suggested by Steve Langasek for #396640, Going forward, it would be ideal if pciutils-dev would add support for pkg-config so that reverse-dependencies could query pkg-config --libs --static for the necessary extra lib information; even with this support in place, though, I don't think it's advisable to ask reverse-dep maintainers to switch to this until etch is frozen, since testing will /not/ have the necessary facility. Fortunately, upstream added support for pkgconfig. Unfortunately, your packaging did not reflect this new feature. The fix is pretty trivial, see the attached patch. Cheers, Nicolas diff -u pciutils-2.2.9/debian/changelog pciutils-2.2.9/debian/changelog --- pciutils-2.2.9/debian/changelog +++ pciutils-2.2.9/debian/changelog @@ -1,3 +1,9 @@ +pciutils (1:2.2.9-2.1) unstable; urgency=low + + * Install the pkgconfig file in the pciutils-dev package. + + -- Nicolas Boullis [EMAIL PROTECTED] Thu, 7 Feb 2008 23:04:01 +0100 + pciutils (1:2.2.9-2) unstable; urgency=low * pciutils-udeb is priority standard. Closes: #420227 diff -u pciutils-2.2.9/debian/rules pciutils-2.2.9/debian/rules --- pciutils-2.2.9/debian/rules +++ pciutils-2.2.9/debian/rules @@ -40,6 +40,7 @@ install -m 644 lib/libpci.a debian/pciutils-dev/usr/lib/ install -m 644 lib/pci.h lib/header.h lib/config.h lib/types.h \ debian/pciutils-dev/usr/include/pci/ + install -m 644 lib/libpci.pc debian/pciutils-dev/usr/lib/pkgconfig/ # pciutils-udeb install -m 755 lspci debian/pciutils-udeb/usr/bin/ diff -u pciutils-2.2.9/debian/pciutils-dev.dirs pciutils-2.2.9/debian/pciutils-dev.dirs --- pciutils-2.2.9/debian/pciutils-dev.dirs +++ pciutils-2.2.9/debian/pciutils-dev.dirs @@ -2,2 +2,3 @@ usr/lib +usr/lib/pkgconfig usr/share/doc
Bug#464058: turba access checking issue
It's not so much the list's owner as the entry's owner, which could be another shared address book, so that would turn into: This list contains X1 contacts from address book 'Y1' that you do not have permission to view. Contact the owner (Z1) if you have questions. And so forth for X2, Y2 and Z2 etc. Where X is the number of contacts, Y is the name of the source address book and Z1 is the owner of the address book or share. Peter Paul PS: I did another test with an interesting outcome by the way: if the address added to a list is from a shared address book that another user can not see/read, then it isn't shown, but it's not removed. So the silent removal only seems to take place with addresses from private address books. On Feb 7, 2008 6:38 PM, Chuck Hagenbuch [EMAIL PROTECTED] wrote: Quoting Peter Paul Elfferich [EMAIL PROTECTED]: That would perhaps be a simpler fix, but I think it will be confusing to users. If you really want to allow this cross-address-book adding then I'd suggest showing warning messages detailing why a number of contacts could not be displayed. That seems possible - This list contains X contacts that you do not have permission to view. Contact the list's owner if you have questions. or something like that? -chuck
Bug#464544: openoffice.org-calc does not calculate formulas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tag 464544 + moreinfo thanks Hi, Rene Engelhard wrote: ii openoffice.org-common 1:2.3.1-3 OpenOffice.org office suite archit The only thing I can explain your behaviour is this, this actually contains some important configs. OTOH, I canot reproduce this anymore easily as it's a problem getting 2.2.1-10 installed on current, plain lenny. But please try downgrading this to 2.2.1-10. This should fix it. (But see below) But in any case, this isn't grave then either. ii ttf-opensymbol 1:2.3.1-3 The OpenSymbol TrueType font Why do you have the 2.3.1-3 packages installed here and not the others? How did you install your OOo? How did you install 2.3.1-3? apt-get upgrade maybe? With loads of packages held back? Use dist-upgrade. then. Please do a dist-upgrade. The new packages of course have new/more up to date dependencies which apt doesn't install automatically unless you use dist-upgrade, just a upgrade will hold them back... Grüße/Regards, René - -- .''`. René Engelhard -- Debian GNU/Linux Developer : :' : http://www.debian.org | http://people.debian.org/~rene/ `. `' [EMAIL PROTECTED] | GnuPG-Key ID: 248AEB73 `- Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHq4dt+FmQsCSK63MRAoFEAJ4hqAuEzHUyS4X0spmYonBwDvbVCACePhdn fFe5CH92x82i9NF7DEiVl0U= =6bxt -END PGP SIGNATURE-
Bug#464611: libbcel-java-doc: Depends on a package in contrib
Package: libbcel-java-doc Version: 5.2-3 Severity: serious Justification: Policy 2.2.1 User: [EMAIL PROTECTED] Usertags: origin-ubuntu hardy Hi, libbcel-java-doc depends on libxerces2-java-doc, but that package is in contrib. Policy requires that this relationship is not a strict Depends. This bug was first noticed and fixed in Ubuntu, hence the usertags. For reference the fix in Ubuntu was to simply downgrade the dependency to a Suggests. Thanks, James -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#463389: marked as done (Missing dependency on adanaxisgpl-data)
Your message dated Thu, 07 Feb 2008 23:17:04 + with message-id [EMAIL PROTECTED] and subject line Bug#463389: fixed in adanaxisgpl 1.2.4.dfsg.1-1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: adanaxisgpl Version: 1.2.2-1 Severity: grave Justification: renders package unusable -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just installing the package adanaxisgpl does not automatically pull the requrired package adanaxisgpl-data. Thus the application obviously cannot be launched. - -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-k7 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to de_DE.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages adanaxisgpl depends on: ii freeglut3 2.4.0-6 OpenGL Utility Toolkit ii libc6 2.7-6GNU C Library: Shared libraries ii libexpat1 1.95.8-4 XML parsing C library - runtime li ii libgcc1 1:4.3-20080127-1 GCC support library ii libgl1-mesa-glx [libgl1 7.0.2-4 A free implementation of the OpenG ii libglu1-mesa [libglu1] 7.0.2-4 The OpenGL utility library (GLU) ii libice6 2:1.0.4-1X11 Inter-Client Exchange library ii libjpeg62 6b-14The Independent JPEG Group's JPEG ii libogg0 1.1.3-3 Ogg Bitstream Library ii libpcre37.6-1Perl 5 Compatible Regular Expressi ii libsdl-mixer1.2 1.2.8-3 mixer library for Simple DirectMed ii libsdl1.2debian 1.2.13-2 Simple DirectMedia Layer ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libstdc++6 4.3-20080127-1 The GNU Standard C++ Library v3 ii libtiff43.8.2-7 Tag Image File Format (TIFF) libra ii libvorbis0a 1.2.0.dfsg-3 The Vorbis General Audio Compressi ii libvorbisfile3 1.2.0.dfsg-3 The Vorbis General Audio Compressi ii libx11-62:1.0.3-7X11 client-side library ii libxext61:1.0.3-2X11 miscellaneous extension librar adanaxisgpl recommends no packages. - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHoacMYfUFJ3ewsJgRAtD9AJ9i8itc6fYHKohsD2bRm5VnuiI0/ACfY7pJ cYXXfNmbFX2tX5Qn4ptBtPg= =hUd5 -END PGP SIGNATURE- ---End Message--- ---BeginMessage--- Source: adanaxisgpl Source-Version: 1.2.4.dfsg.1-1 We believe that the bug you reported is fixed in the latest version of adanaxisgpl, which is due to be installed in the Debian FTP archive: adanaxisgpl-data_1.2.4.dfsg.1-1_all.deb to pool/main/a/adanaxisgpl/adanaxisgpl-data_1.2.4.dfsg.1-1_all.deb adanaxisgpl_1.2.4.dfsg.1-1.diff.gz to pool/main/a/adanaxisgpl/adanaxisgpl_1.2.4.dfsg.1-1.diff.gz adanaxisgpl_1.2.4.dfsg.1-1.dsc to pool/main/a/adanaxisgpl/adanaxisgpl_1.2.4.dfsg.1-1.dsc adanaxisgpl_1.2.4.dfsg.1-1_i386.deb to pool/main/a/adanaxisgpl/adanaxisgpl_1.2.4.dfsg.1-1_i386.deb adanaxisgpl_1.2.4.dfsg.1.orig.tar.gz to pool/main/a/adanaxisgpl/adanaxisgpl_1.2.4.dfsg.1.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Barry deFreese [EMAIL PROTECTED] (supplier of updated adanaxisgpl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 07 Feb 2008 22:38:44 +0100 Source: adanaxisgpl Binary: adanaxisgpl adanaxisgpl-data Architecture: source all i386 Version: 1.2.4.dfsg.1-1 Distribution: unstable Urgency: low Maintainer: Debian Games Team [EMAIL PROTECTED] Changed-By: Barry deFreese [EMAIL PROTECTED] Description: adanaxisgpl - Action game in four spatial dimensions adanaxisgpl-data - Action game in four spatial dimensions Closes: 463389 463921 Changes: adanaxisgpl (1.2.4.dfsg.1-1) unstable; urgency=low . [ Barry deFreese ] * Add depends on
Bug#464308: libtie-toobject-perl: FTBFS: Can't locate ok.pm in @INC
gregor herrmann dijo [Wed, Feb 06, 2008 at 08:34:32PM +0100]: PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e test_harness(0, 'blib/lib', 'blib/arch') t/*.t t/tieCan't locate ok.pm in @INC (@INC contains: /build/user/libtie-toobject-perl-0.03/blib/lib /build/user/libtie-toobject-perl-0.03/blib/arch /etc/perl /usr/local/lib/perl/5.8.8 /usr/local/share/perl/5.8.8 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_perl .) at t/tie.t line 16. BEGIN failed--compilation aborted at t/tie.t line 16. Uh, looks ugly. The problem can already be seen earlier: /usr/bin/perl Makefile.PL INSTALLDIRS=vendor Checking if your kit is complete... Looks good Warning: prerequisite Test::use::ok 0 not found. Looks like libtest-use-ok-perl is missing ... yes, adding libtest-use-ok-perl to Build-Depends-Indep fixed the problem. Uh, in my book, it just looks stupid. Thank you for fixing it, anyway - But «use ok Some::Thing» looks stupid to me. I think it's way clearer to use Test::More's typical «BEGIN { use_ok('Some::Thing' );}» 'use ok' just seems to be there to confuse Oh, and... Well, I took a bit to understand it - ok.pm is documented as Test::use::ok - I agree, that's the complete namespace, and the Perl community is not as anal-retentive as the Debian community towards cleanness and policy-compliance... But I just find the module a disservice to mankind! Anyway... TIMTOWTDI. But some ways are dumber than others. ;-) -- Gunnar Wolf - [EMAIL PROTECTED] - (+52-55)5623-0154 / 1451-2244 PGP key 1024D/8BB527AF 2001-10-23 Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF
Bug#464613: copyright file refers to common-licenses/GPL, which is GPLv3+, but LICENSE.GPL says GPLv2-only
Package: qt-x11-free Version: 3:3.3.7-9 Severity: serious copyright file refers to common-licenses/GPL, which is GPLv3+, but LICENSE.GPL says GPLv2-only. Untill Qt license is upgraded you should point to common-licenses/GPL-2 instead. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.18-5-amd64 (SMP w/2 CPU cores) Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#464308: libtie-toobject-perl: FTBFS: Can't locate ok.pm in @INC
On Thu, 07 Feb 2008 15:23:36 -0600, Gunnar Wolf wrote: Looks like libtest-use-ok-perl is missing ... yes, adding libtest-use-ok-perl to Build-Depends-Indep fixed the problem. Uh, in my book, it just looks stupid. Thank you for fixing it, anyway - But «use ok Some::Thing» looks stupid to me. [..] 'use ok' just seems to be there to confuse Ack; until I found the warning from perl Makefile.PL I thought of an ugly error in the test script :) But I just find the module a disservice to mankind! Anyway... TIMTOWTDI. But some ways are dumber than others. ;-) I cannot disagree :) Cheers, gregor -- .''`. http://info.comodo.priv.at/ | gpg key ID: 0x00F3CFE4 : :' : debian: the universal operating system - http://www.debian.org/ `. `' member of https://www.vibe.at/ | how to reply: http://got.to/quote/ `-NP: Jerry Lee Lewis: Big Legged Woman signature.asc Description: Digital signature
Bug#459527: Fatal GConfClient.set_string() argument 2 must be string, not None error on startup
On Mon, 2008-01-07 at 06:14 +, Chris Lamb wrote: Package: serpentine Version: 0.9-1 Severity: grave Justification: Renders package unusable From a fresh install, Serpentine refuses to start: It seems that this happens if serpentine doesn't think you have a CD writer. Could you please send me the output of the following command? for x in $(hal-find-by-capability --capability=storage.cdrom); do hal-device $x; done -- Sam Morris http://robots.org.uk/ PGP key id 1024D/5EA01078 3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078 signature.asc Description: This is a digitally signed message part
Bug#464615: links with GPLv2-only libqt-mt.so.3
Package: klash Version: 0.8.1~rc.070818-2.1+b1 Severity: serious /usr/bin/klash is GPLv3+, but links with GPLv2-only libqt-mt.so.3. Btw, I also checked konqueror-plugin-gnash, which was believed to be affected by this problem as well, and it doesn't seem to link with libqt-mt.so.3. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.18-5-amd64 (SMP w/2 CPU cores) Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages klash depends on: ii gnash-common 0.8.1~rc.070818-2.1+b1 free Flash movie player - common f ii kdelibs4c2a 4:3.5.8.dfsg.1-7 core libraries and binaries for al ii libc6 2.7-6 GNU C Library: Shared libraries ii libgcc1 1:4.3-20080202-1 GCC support library ii libqt3-mt 3:3.3.7-9 Qt GUI Library (Threaded runtime v ii libstdc++64.3-20080202-1 The GNU Standard C++ Library v3 klash recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: bug 459527 is forwarded to http://bugzilla.gnome.org/show_bug.cgi?id=481069
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.13 forwarded 459527 http://bugzilla.gnome.org/show_bug.cgi?id=481069 Bug#459527: Fatal GConfClient.set_string() argument 2 must be string, not None error on startup Noted your statement that Bug has been forwarded to http://bugzilla.gnome.org/show_bug.cgi?id=481069. End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#459527: Fatal GConfClient.set_string() argument 2 must be string, not None error on startup
Sam Morris wrote: Could you please send me the output of the following command? for x in $(hal-find-by-capability --capability=storage.cdrom); do hal-device $x; done Empty; no lines of output. (This is accurate - my computer does not have any optical drives attached.) Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 signature.asc Description: PGP signature
Processed: severity of 463423 is serious
Processing commands for [EMAIL PROTECTED]: # Automatically generated email from bts, devscripts version 2.10.14 severity 463423 serious Bug#463423: seahorse: ldap_init implicitly converted to pointer Severity set to `serious' from `important' End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#459020: [php-maint] Bug#459020: 043-recode_size_t.patch is invalid for recent php versions
On Wed, Feb 06, 2008 at 08:41:22PM +0100, Vincent Tondellier wrote: The patch 043-recode_size_t.patch is broken. req_len and str_len should be integers, but are size_t (zend_parse_parameters wants pointers to int). This is a problem for 64 bits arches since a part of the variables is not initialized (sizof(size_t) != sizeof(int)), and recode_buffer_to_buffer is called with funny values that makes librecode eat all the system's memory. So then, PHP isn't capable of passing values whose length exceeds UINT_MAX? That's an annoyingly arbitrary limitation. But yes, your analysis here looks correct to me. An updated version of the patch witch fixes the problem for me is attached to this mail and should be, IMO, applied as a security fix for etch. I don't see any evidence that this is a security issue, but it should be applied as a stable release update. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: MOIN_ID cookie bug
Processing commands for [EMAIL PROTECTED]: tag 462984 security Bug#462984: python-moinmoin: MOIN_ID cookie bug Tags were: patch Tags added: security severity 462984 serious Bug#462984: python-moinmoin: MOIN_ID cookie bug Severity set to `serious' from `important' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#459020: [php-maint] Bug#459020: 043-recode_size_t.patch is invalid for recent php versions
Steve Langasek wrote: On Wed, Feb 06, 2008 at 08:41:22PM +0100, Vincent Tondellier wrote: The patch 043-recode_size_t.patch is broken. req_len and str_len should be integers, but are size_t (zend_parse_parameters wants pointers to int). This is a problem for 64 bits arches since a part of the variables is not initialized (sizof(size_t) != sizeof(int)), and recode_buffer_to_buffer is called with funny values that makes librecode eat all the system's memory. So then, PHP isn't capable of passing values whose length exceeds UINT_MAX? That's an annoyingly arbitrary limitation. PHP isn't designed to do large memory allocations ... But yes, your analysis here looks correct to me. An updated version of the patch witch fixes the problem for me is attached to this mail and should be, IMO, applied as a security fix for etch. I don't see any evidence that this is a security issue, but it should be applied as a stable release update. I think this is a security issue since it can cause a Denial Of Service by eating all the server memory. I had the problem on one of my servers (2GB RAM / 3GB swap) and it took at least 10min for oom_killer to kill the process, and in another case the kernel crashed (I didn't change the memory limit settings in /etc/security/limits.conf). And you can trigger the bug remotely by sending a mail like Sebastian Göbel said above. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#462588: Same problem
On Sun, Feb 03, 2008 at 05:29:47PM -0800, Russ Allbery wrote: I'm pretty sure I don't want to implement support for migrating the full set of OpenSSL cipher specs in shell. :P Do you think converting the above aliases would be good enough coverage? Or do we need to provide some upgrade handling for all the possibilities, and therefore we're doomed to add yet another debconf error message here? In the latter case I'm probably not going to spend the effort on auto-migrating any of the values. I would just comment out the cipher list directive completely on upgrade and document the need to correct it manually if desired in NEWS.Debian. The most common use of this directive is to restrict use of weak ciphers, which GnuTLS doesn't support in the first place. My natural inclination here then is to still make this a debconf error message, when one of these TLSCipherSuite lines is detected. It's not nice to translators, but an untranslatable NEWS.Debian file isn't nicer to users than an untranslated debconf template anyway, and with a debconf error we can directly notify the users whose configs have had to be changed. It is unforunate that GnuTLS doesn't support the same general keywords as OpenSSL, and it seems like that would be easy enough for GnuTLS to add. Maybe a wishlist bug against GnuTLS is in order? Filed as bug #464625. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#459648: tkdesk: unmarked dependancy, required package not in
I'm sorry for not responding earlier, but I'm having trouble understanding your bug report: - itcl3 *is* a listed dependency for tkdesk. Your own system clearly thinks so, since it included it in the report of packages tkdesk depends on. - Your system is under the impression that you have itcl 3.2 installed. What did you see in your installation that made you think that itcl3 wasn't a listed dependency of tkdesk, or that you had the wrong version? laxminarayan G Kamath A [EMAIL PROTECTED] writes: Package: tkdesk Version: 2.0-9 Severity: grave Justification: renders package unusable Installed tkdesk.. It required me to have itcl , which is not marked as a dependancy. Further, tkdesk requires itcl3.2 whereas still has itcl3.1 -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22-3-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages tkdesk depends on: ii blt 2.4z-4 the BLT extension library for Tcl/ ii itcl3 3.2.1-3.1 [incr Tcl] OOP extension for Tcl - ii libc6 2.7-5 GNU C Library: Shared libraries ii libx11-6 2:1.0.3-7 X11 client-side library ii tcl8.48.4.16-4 Tcl (the Tool Command Language) v8 ii tk8.4 8.4.16-2 Tk toolkit for Tcl and X11, v8.4 - tkdesk recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]