Processed: setting package to libjack0.100.0-0 libjack-dev jackd libjack0 jack-audio-connection-kit libjack0.100.0-dev ...

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # Automatically generated email from bts, devscripts version 2.10.26ubuntu15.1
> #
> # jack-audio-connection-kit (0.116.1-3) unstable; urgency=low
> #
> #  * Don't install *.la files in libjack-dev. (Closes: #510673)
> #
> package libjack0.100.0-0 libjack-dev jackd libjack0 jack-audio-connection-kit 
> libjack0.100.0-dev
Ignoring bugs not assigned to: libjack0.100.0-0 libjack-dev jackd 
jack-audio-connection-kit libjack0 libjack0.100.0-dev

> tags 510673 + pending
Bug#510673: xine-lib: FTBFS: /bin/sed: can't read /usr/lib/libsamplerate.la: No 
such file or directory
Tags were: patch
Tags added: pending

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510673: setting package to libjack0.100.0-0 libjack-dev jackd libjack0 jack-audio-connection-kit libjack0.100.0-dev ...

2009-01-08 Thread Reinhard Tartler 
# Automatically generated email from bts, devscripts version 2.10.26ubuntu15.1
#
# jack-audio-connection-kit (0.116.1-3) unstable; urgency=low
#
#  * Don't install *.la files in libjack-dev. (Closes: #510673)
#

package libjack0.100.0-0 libjack-dev jackd libjack0 jack-audio-connection-kit 
libjack0.100.0-dev
tags 510673 + pending




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511199: #511199 perspic: does not work at all: complains about find arguments / segfaults upon execution

2009-01-08 Thread Yves-Alexis Perez 
On ven, 2009-01-09 at 08:17 +0100, Michael Ablassmeier wrote:
> hi Evgeni,
> 
> On Fri, Jan 09, 2009 at 01:00:12AM +0100, Evgeni Golov wrote:
> > what arch are you on? Here on sid/i386, perspic starts fine (find
> > throws a warning, but it's only a warning).
> > Can you get a gdb backtrace of the segfault? (you'd have to rebuild
> > perspic unstripped).
> 
> im on x86_64, this is what gdb tells me, bt and bt full

FTR, on amd64 here perspic runs fine. Well I didn't really test much,
but it started and the window was displayed. I had a warning too, but
that's all. So it's not only the arch.

Cheers,
-- 
Yves-Alexis


signature.asc
Description: This is a digitally signed message part

Bug#511199: #511199 perspic: does not work at all: complains about find arguments / segfaults upon execution

2009-01-08 Thread Michael Ablassmeier 
hi Evgeni,

On Fri, Jan 09, 2009 at 01:00:12AM +0100, Evgeni Golov wrote:
> what arch are you on? Here on sid/i386, perspic starts fine (find
> throws a warning, but it's only a warning).
> Can you get a gdb backtrace of the segfault? (you'd have to rebuild
> perspic unstripped).

im on x86_64, this is what gdb tells me, bt and bt full

 > Program received signal SIGSEGV, Segmentation fault.
 > 0x7f07dbb05030 in strlen () from /lib/libc.so.6
 > (gdb) bt
 > #0  0x7f07dbb05030 in strlen () from /lib/libc.so.6
 > #1  0x7f07dbad1cb1 in vfprintf () from /lib/libc.so.6
 > #2  0x7f07dbaf720a in vsnprintf () from /lib/libc.so.6
 > #3  0x0041c0dd in map_temp_str (fmt=0x429eda ".%s") at map.c:248
 > #4  0x00417b99 in dict_open (d=0x62fca0, s=0x1f323e0 
 > "/usr/lib/perspic/sacred", new=0) at dict.c:96
 > #5  0x00415761 in query_new_dict (s=0x1f323e0 
 > "/usr/lib/perspic/sacred", new=0) at query.c:53
 > #6  0x004108da in on_combo3_popwin_hide (editable= out>, user_data=) at callbacks.c:614
 > #7  0x7f07dd0cf6b7 in ?? () from /usr/lib/libgtk-1.2.so.0
 > #8  0x7f07dd0d1d38 in ?? () from /usr/lib/libgtk-1.2.so.0
 > #9  0x7f07dd0d2074 in gtk_signal_emit_by_name () from 
 > /usr/lib/libgtk-1.2.so.0
 > #10 0x0041345a in archive_init (window1=0x1e84000) at init.c:34
 > #11 0x0040868f in main (argc=1, argv=0x7fffe5577c08) at main.c:92

bt full

 > #0  0x7f07dbb05030 in strlen () from /lib/libc.so.6
 > No symbol table info available.
 > #1  0x7f07dbad1cb1 in vfprintf () from /lib/libc.so.6
 > No symbol table info available.
 > #2  0x7f07dbaf720a in vsnprintf () from /lib/libc.so.6
 > No symbol table info available.
 > #3  0x0041c0dd in map_temp_str (fmt=0x429eda ".%s") at map.c:248
 > j = 
 > args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 
 > 0x7fffe5577130, reg_save_area = 0x7fffe5577040}}
 > m = {m1 = 0x7f07dd56b000, m = 0x7f07dd56b000, me = 0x7f07dd56b050, l 
 > = 0, ro = 0, o = 0, size = 0, n = 0x0}
 > __FUNCTION__ = "map_temp_str"
 > #4  0x00417b99 in dict_open (d=0x62fca0, s=0x1f323e0 
 > "/usr/lib/perspic/sacred", new=0) at dict.c:96
 > bb = 
 > q = 0 '\0'
 > c = 
 > b = {m1 = 0x7f07dd573000, m = 0x7f07dd573019, me = 0x7f07dd573019, l 
 > = 0, ro = 0, o = 0, size = 0, n = 0x0}
 > k = 
 > ss = {st_dev = 2050, st_ino = 737627, st_nlink = 2, st_mode = 16877, 
 > st_uid = 0, st_gid = 0, pad0 = 0, st_rdev = 0, st_size = 4096, st_blksize = 
 > 4096, st_blocks = 8, st_atim = {
 > tv_sec = 1231478904, tv_nsec = 0}, st_mtim = {tv_sec = 1231419083, 
 > tv_nsec = 0}, st_ctim = {tv_sec = 1231419083, tv_nsec = 0}, __unused = {0, 
 > 0, 0}}
 > __FUNCTION__ = "dict_open"
 > #5  0x00415761 in query_new_dict (s=0x1f323e0 
 > "/usr/lib/perspic/sacred", new=0) at query.c:53
 > n = 0
 > __FUNCTION__ = "query_new_dict"
 > #6  0x004108da in on_combo3_popwin_hide (editable= out>, user_data=) at callbacks.c:614
 > ce3 = (GtkWidget *) 0x1ea3d50
 > tr1 = (GtkWidget *) 0x1ea6fc0
 > e = (GtkWidget *) 0x1e95ab0
 > s = 0xfefefefefefefeff 
 > f1 = 0x9d15 
 > fe = 0x1ea4410 "°zæ\001"
 > #7  0x7f07dd0cf6b7 in ?? () from /usr/lib/libgtk-1.2.so.0
 > No symbol table info available.
 > #8  0x7f07dd0d1d38 in ?? () from /usr/lib/libgtk-1.2.so.0
 > No symbol table info available.
 > #9  0x7f07dd0d2074 in gtk_signal_emit_by_name () from 
 > /usr/lib/libgtk-1.2.so.0
 > No symbol table info available.
 > #10 0x0041345a in archive_init (window1=0x1e84000) at init.c:34
 > list = (GList *) 0x1eefb38
 > c3 = (GtkWidget *) 0x1ea3c90
 > s1 = 0x1efabf0 " 4ó\001"
 > s = 0x1efac41 ""
 > se = 0x1efac41 ""
 > i = 
 > p = 
 > b = 
 > "/usr/lib/perspic/translations\000\000\000Ðywåÿ\177\000\...@\000\000\000\000\000\000\000\005\000\000\000\000\000\000\000Ðzwåÿ\177\000\000ðywåÿ\177\000\0008j»Ü\a\177\000\000è=\000Ý\a\177\000\000ÀtwÝ\a\177\000\000\020\000\000\\000\000\000\000{wåÿ\177\000\000
 >  
 > zwåÿ\177\000\...@\0306\000\000\000\000\000\000@è\001\000\000\000\áë\001\000\000\000\000°zæ\001\000\000\000\³ç\001",
 >  '\0' , "\001", '\0' , 
 > "Ê\2216Ý\a\177\000\000è=\000Ý\a\177\000\000ðEé\001\000\000\000"...
 > #11 0x0040868f in main (argc=1, argv=0x7fffe5577c08) at main.c:92
 > w1 = (GtkWidget *) 0x1e84000
 > w2 = 
 > w3 = (GtkWidget *) 0x1ebe130
 > co = (GtkWidget *) 0x1e945f0
 > w = (GtkWidget *) 0x1ef4970
 > t = 
 > 

bye,
- michael




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#508472: marked as done (Please update to upstream version 5.14)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Fri, 09 Jan 2009 02:47:08 +
with message-id 
and subject line Bug#508472: fixed in drupal5 5.14-1
has caused the Debian Bug report #508472,
regarding Please update to upstream version 5.14
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
508472: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508472
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: drupal5
Version: 5.12-2
Severity: grave
Tags: security
Justification: user security hole

Drupal 5.13 was released today due to a cross-site request forgery -
Malicious users may cause the superuser (user 1) to execute old
updates that may damage the database. This is described in advisory
DRUPAL-SA-2008-073, http://drupal.org/node/345441

Thanks,

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-vserver-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


--- End Message ---
--- Begin Message ---
Source: drupal5
Source-Version: 5.14-1

We believe that the bug you reported is fixed in the latest version of
drupal5, which is due to be installed in the Debian FTP archive:

drupal5_5.14-1.diff.gz
  to pool/main/d/drupal5/drupal5_5.14-1.diff.gz
drupal5_5.14-1.dsc
  to pool/main/d/drupal5/drupal5_5.14-1.dsc
drupal5_5.14-1_all.deb
  to pool/main/d/drupal5/drupal5_5.14-1_all.deb
drupal5_5.14.orig.tar.gz
  to pool/main/d/drupal5/drupal5_5.14.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 508...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Luigi Gangitano  (supplier of updated drupal5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 08 Jan 2009 20:29:59 +0100
Source: drupal5
Binary: drupal5
Architecture: source all
Version: 5.14-1
Distribution: unstable
Urgency: low
Maintainer: Luigi Gangitano 
Changed-By: Luigi Gangitano 
Description: 
 drupal5- a fully-featured content management framework
Closes: 503306 508472
Changes: 
 drupal5 (5.14-1) unstable; urgency=low
 .
   * New upstream release (Closes: #508472)
 .
   * debian/po/es.po
 - Updated Spanish debconf translation, thanks to Francisco Javier Cuadrado
   (Closes: #503306)
 .
   * debian/control
 - Added dependency on ${misc:Depends} to make lintian happy
Checksums-Sha1: 
 a567b69009248d7de550fabf1fa4311d31b97830 1082 drupal5_5.14-1.dsc
 bc1089626ac01165f2b3df0ac3cc521e740b328a 764727 drupal5_5.14.orig.tar.gz
 ceb6cd7f39569568a790d90bb5a30dd4d3a28029 25618 drupal5_5.14-1.diff.gz
 4bbdc0c02c6ffd7662c123d53b556075229ca99f 775418 drupal5_5.14-1_all.deb
Checksums-Sha256: 
 7203a9a5a2fb67cf7d2cdc04facfebf7ef0fa0d294cf6ef9262661a27a140571 1082 
drupal5_5.14-1.dsc
 7adb6e5f4881f0396e3f5a24cf6ad690dcc3aaebe58d73ea0914b6f57dfec4e0 764727 
drupal5_5.14.orig.tar.gz
 fc9a7a010085603de25e83cb73ba7778bb37c623198ca46627fe10e70c5b4a89 25618 
drupal5_5.14-1.diff.gz
 0458a89deb3746bd919d8cbfb8414719427744f54d9df0b27761e0bd0d7dc6dd 775418 
drupal5_5.14-1_all.deb
Files: 
 77ee0fd31b3637263821f9a812de06f5 1082 web extra drupal5_5.14-1.dsc
 281c9ef75f757ab660d5e190b4a6c6c5 764727 web extra drupal5_5.14.orig.tar.gz
 28f0e230025434f04d9b5ece1332054e 25618 web extra drupal5_5.14-1.diff.gz
 58ff5594002de63a61ab83e74d6b19f2 775418 web extra drupal5_5.14-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (Darwin)

iEYEARECAAYFAklmVv0ACgkQ8ZumGJJMDCZtcACffZhHMQCtv9MT/NuYMpOt0nd3
3tIAn2oH+qbZ6P1T8ILVTRsWOidvXcdo
=pl2e
-END PGP SIGNATURE-


--- End Message ---

Bug#511261: CVE-2008-0049: Inproper certificate validation

2009-01-08 Thread Wouter Verhelst 
Hi Moritz, hi security team,

On Thu, Jan 08, 2009 at 10:30:14PM +0100, Moritz Muehlenhoff wrote:
> CVE-2009-0049:

Yay. And 3.5.0 isn't even in source form anymore; I'm not even sure
whether they actually are going to publish source for that. *sigh*.

> Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the
> return value from the OpenSSL EVP_VerifyFinal function, which allows remote
> attackers to bypass validation of the certificate chain via a malformed
> SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

Since there appears to be no patch, AFAICS:

wou...@country:~/debian/eID/belpic-2.6.0$ grep -r 'EVP_VerifyFinal' *
src/newpkcs11/src/pkcs11/openssl.c: *   finishing with EVP_VerifyFinal().
src/newpkcs11/src/pkcs11/openssl.c: res = EVP_VerifyFinal(md_ctx, 
signat, signat_len, pkey);
src/newpkcs11/src/pkcs11/openssl.c: sc_debug(context, 
"EVP_VerifyFinal() returned %d\n", res);
src/newpkcs11/src/tools/pkcs11-tool.c:  err = EVP_VerifyFinal(&md_ctx, sig1, 
sigLen1, pkey);
src/eidlib/Verify.cpp:iRet = 2*iDiffRNCert + !EVP_VerifyFinal(&cmd_ctx, 
(unsigned char *)pucSig, ulSigLen, pKey);

The first two files are okay. In both cases, the return value is sent to
a variable that is then properly checked using an if() {} else if() {} else {}
block for the three possible return values of EVP_VerifyFinal().

The third appears to be somewhat more conspicious. Looking around in the
code a bit, this is what it's *supposed* to return:

/* Signature validation return codes */
#define BEID_SIGNATURE_NOT_VALIDATED-2 /* The signature is not valid
ated */
#define BEID_SIGNATURE_PROCESSING_ERROR-1 /* Error verifying the 
signature. */
#define BEID_SIGNATURE_VALID0 /* The signature 
is valid. */
#define BEID_SIGNATURE_INVALID  1 /* The 
signature is not valid. */
#define BEID_SIGNATURE_VALID_WRONG_RRNCERT   2 /* The signature is 
valid and wrong RRN certificate. */
#define BEID_SIGNATURE_INVALID_WRONG_RRNCERT3 /* The signature is not 
valid and wrong RRN certificate. */

(that's from eiddefines.h)

So the patch should be something like:

--- Verify.cpp.orig 2009-01-09 03:48:56.0 +0100
+++ Verify.cpp  2009-01-09 03:42:44.0 +0100
@@ -1013,6 +1013,7 @@
 unsigned char *pucRNCert = NULL;
 unsigned long ulRNCertLen = 0;
 BEID_Certif_Check tCertifs = {0};
+int evp_ret;
 
 if(m_pCertifManager == NULL)
 {
@@ -1084,7 +1085,11 @@
 
 EVP_VerifyInit(&cmd_ctx, EVP_sha1());
 EVP_VerifyUpdate(&cmd_ctx, pucData, ulDataLen);
-iRet = 2*iDiffRNCert + !EVP_VerifyFinal(&cmd_ctx, (unsigned char *)pucSig, 
ulSigLen, pKey);
+evp_ret = EVP_VerifyFinal(&cmd_ctx, (unsigned char *)pucSig, ulSigLen, 
pKey);
+if(evp_ret >= 0) {
+   evp_ret = 1 - evp_ret;
+}
+iRet = 2*iDiffRNCert + evp_ret;
 EVP_PKEY_free(pKey);
 X509_free(pX509);
 return iRet;

Given that this is me guessing what the issue really is based on a
description and some documentation that I'm not 100% sure I correctly
parsed, I'd appreciate it if someone could verify and peer-review this
before I upload it to unstable.

Thanks,

-- 
 Home is where you have to wash the dishes.
  -- #debian-devel, Freenode, 2004-09-22



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#286905: marked as done (perl-modules: File::Path::rmtree makes setuid)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Fri, 09 Jan 2009 01:52:21 +
with message-id 
and subject line Bug#286905: fixed in perl 5.8.8-7etch5
has caused the Debian Bug report #286905,
regarding perl-modules: File::Path::rmtree makes setuid
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
286905: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286905
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: perl-modules
Version: 5.6.1-8.7
Severity: critical
File: /usr/share/perl/5.6.1/File/Path.pm
Tags: security
Justification: root security hole

Noting USN-44-1 e.g. in

  http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0385.html

I looked in perl-N.N.N/lib/File/Path.pm and noticed that rmtree contains
a race condition, allowing creation of setuid files:

   170  (undef, undef, my $rp) = lstat $root or next;
   171  $rp &= 0;   # don't forget setuid, setgid, sticky bits
   172  if ( -d _ ) {
   ...
   209  if (rmdir $root) {
   210  ++$count;
   211  }
   212  else {
   213  carp "Can't remove directory $root: $!";
   214  chmod($rp, ($Is_VMS ? VMS::Filespec::fileify($root) : 
$root))
   215  or carp("and can't restore permissions to "
   216  . sprintf("0%o",$rp) . "\n");
   217  }
   218  }
   ...

Example of attack: suppose we know that root uses rmtree to clean up
/tmp directories. Attacker prepares things:

  mkdir -p /tmp/psz/sh
  perl -e 'open F, ">/tmp/psz/sh/$_" foreach (1..1000)'
  chmod 4777 /tmp/psz/sh

While root is busy working on /tmp/psz/sh (and this can be made as slow
as we like), attacker does:

  mv /tmp/psz/sh /tmp/psz/dummy
  ln -s /bin/sh /tmp/psz/sh

Root would have recorded the permissions of /tmp/psz/sh, but would
"restore" it to /bin/sh.

I am not sure if things can almost be fixed (for those architectures
without $force_writeable) by enclosing the chmod($rp,...) line within
if(!safe|$force_writeable){...}. Maybe it should be documented that
rmtree must only be used if you can be sure to have exclusive access to
the tree.

(A few minutes ago I emailed the File::Path authors tim.bu...@ig.co.uk
and bai...@newman.upenn.edu; Tim.Bunce bounced.)

Cheers,

Paul Szabo - p...@maths.usyd.edu.au  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia


-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux pisa.maths.usyd.edu.au 2.4.22-smssvr1.5.3 #1 SMP Wed Jun 23 
13:01:39 EST 2004 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages perl-modules depends on:
ii  perl  5.6.1-8.7  Larry Wall's Practical Extraction 


--- End Message ---
--- Begin Message ---
Source: perl
Source-Version: 5.8.8-7etch5

We believe that the bug you reported is fixed in the latest version of
perl, which is due to be installed in the Debian FTP archive:

libcgi-fast-perl_5.8.8-7etch5_all.deb
  to pool/main/p/perl/libcgi-fast-perl_5.8.8-7etch5_all.deb
libperl-dev_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/libperl-dev_5.8.8-7etch5_i386.deb
libperl5.8_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/libperl5.8_5.8.8-7etch5_i386.deb
perl-base_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl-base_5.8.8-7etch5_i386.deb
perl-debug_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl-debug_5.8.8-7etch5_i386.deb
perl-doc_5.8.8-7etch5_all.deb
  to pool/main/p/perl/perl-doc_5.8.8-7etch5_all.deb
perl-modules_5.8.8-7etch5_all.deb
  to pool/main/p/perl/perl-modules_5.8.8-7etch5_all.deb
perl-suid_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl-suid_5.8.8-7etch5_i386.deb
perl_5.8.8-7etch5.diff.gz
  to pool/main/p/perl/perl_5.8.8-7etch5.diff.gz
perl_5.8.8-7etch5.dsc
  to pool/main/p/perl/perl_5.8.8-7etch5.dsc
perl_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl_5.8.8-7etch5_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 286...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Niko Tyni  (supplier of updated perl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Thu, 20 Nov 2008 22:45:54 +0200
Source: pe

Bug#286922: marked as done (perl-modules: File::Path::rmtree removes arbitrary)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Fri, 09 Jan 2009 01:52:21 +
with message-id 
and subject line Bug#286922: fixed in perl 5.8.8-7etch5
has caused the Debian Bug report #286922,
regarding perl-modules: File::Path::rmtree removes arbitrary
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
286922: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: perl-modules
Version: 5.6.1-8.7
Severity: critical
File: /usr/share/perl/5.6.1/File/Path.pm
Tags: security
Justification: root security hole

Following on from the "File::Path::rmtree makes setuid" issue, I notice
that rmtree may be tricked into removing arbitrary files.

Example of attack: suppose we know that root uses rmtree to clean up
/tmp directories. Attacker prepares things:

  mkdir /tmp/psz
  perl -e 'open F, ">/tmp/psz/$_" foreach (1..1000)'
  touch /tmp/psz/passwd

While root is busy working on /tmp/psz (and this can be made as slow as
we like), attacker does:

  mv /tmp/psz /tmp/dummy
  ln -s /etc /tmp/psz

Root will then remove /etc/passwd.

Maybe it should be documented that rmtree must only be used if you can
be sure to have exclusive access to the tree.

Cheers,

Paul Szabo - p...@maths.usyd.edu.au  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia


-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux pisa.maths.usyd.edu.au 2.4.22-smssvr1.5.3 #1 SMP Wed Jun 23 
13:01:39 EST 2004 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages perl-modules depends on:
ii  perl  5.6.1-8.7  Larry Wall's Practical Extraction 


--- End Message ---
--- Begin Message ---
Source: perl
Source-Version: 5.8.8-7etch5

We believe that the bug you reported is fixed in the latest version of
perl, which is due to be installed in the Debian FTP archive:

libcgi-fast-perl_5.8.8-7etch5_all.deb
  to pool/main/p/perl/libcgi-fast-perl_5.8.8-7etch5_all.deb
libperl-dev_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/libperl-dev_5.8.8-7etch5_i386.deb
libperl5.8_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/libperl5.8_5.8.8-7etch5_i386.deb
perl-base_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl-base_5.8.8-7etch5_i386.deb
perl-debug_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl-debug_5.8.8-7etch5_i386.deb
perl-doc_5.8.8-7etch5_all.deb
  to pool/main/p/perl/perl-doc_5.8.8-7etch5_all.deb
perl-modules_5.8.8-7etch5_all.deb
  to pool/main/p/perl/perl-modules_5.8.8-7etch5_all.deb
perl-suid_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl-suid_5.8.8-7etch5_i386.deb
perl_5.8.8-7etch5.diff.gz
  to pool/main/p/perl/perl_5.8.8-7etch5.diff.gz
perl_5.8.8-7etch5.dsc
  to pool/main/p/perl/perl_5.8.8-7etch5.dsc
perl_5.8.8-7etch5_i386.deb
  to pool/main/p/perl/perl_5.8.8-7etch5_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 286...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Niko Tyni  (supplier of updated perl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Thu, 20 Nov 2008 22:45:54 +0200
Source: perl
Binary: perl-base libcgi-fast-perl libperl-dev perl-debug perl-modules perl 
libperl5.8 perl-suid perl-doc
Architecture: source i386 all
Version: 5.8.8-7etch5
Distribution: stable-security
Urgency: high
Maintainer: Brendan O'Dea 
Changed-By: Niko Tyni 
Description: 
 libcgi-fast-perl - CGI::Fast Perl module
 libperl-dev - Perl library: development files
 libperl5.8 - Shared Perl library
 perl   - Larry Wall's Practical Extraction and Report Language
 perl-base  - The Pathologically Eclectic Rubbish Lister
 perl-debug - Debug-enabled Perl interpreter
 perl-doc   - Perl documentation
 perl-modules - Core Perl modules
 perl-suid  - Runs setuid Perl scripts
Closes: 286905 286922
Changes: 
 perl (5.8.8-7etch5) stable-security; urgency=high
 .
   * SECURITY [CAN-2005-0448]: re-rewrite File::Path::rmtree to avoid race
 condition which allows an attacker with write permission on
 directories in the tree being removed to make files setuid or to
 remove arbitrary files (Closes: #286905, #286922).
 .
 The race condition was fixed in 5.8.4-7 but re-introduced in 5.8.8-1

Bug#374644: Bug 374644: after NMU, xine-ui does not prevent the screensaver to trigger

2009-01-08 Thread Ben Hutchings 
On Thu, 2009-01-08 at 20:13 +0100, Vincent Fourmond wrote:
> Hello again,
> 
>   It seems that xdg-screensaver simply does not work in my case... That
> explains a lot. I'm currently looking at that.

Which screensaver are you using?

Ben.



signature.asc
Description: This is a digitally signed message part

Processed: reassign 511216 to xserver-xorg-video-intel, severity of 511216 is important

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 511216 xserver-xorg-video-intel 2:2.3.2-2+lenny5
Bug#511216: Xorg crash  (i810 ) 
Bug reassigned from package `xserver-xorg' to `xserver-xorg-video-intel'.

> severity 511216 important
Bug#511216: Xorg crash  (i810 ) 
Severity set to `important' from `grave'

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#495232: marked as done (quagga: zebra ignores routes added via command line)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Fri, 09 Jan 2009 00:02:04 +
with message-id 
and subject line Bug#495232: fixed in quagga 0.99.10-1lenny1
has caused the Debian Bug report #495232,
regarding quagga: zebra ignores routes added via command line
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
495232: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: quagga
Version: 0.99.10-1
Severity: normal

I try to add routes with "/sbin/ip" e.g.
  /sbin/ip ro add 62.116.121.19 dev br8

strace suggests the resulting netlink message never reaches zebra.


-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26.2-hwh8 (SMP w/4 CPU cores)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages quagga depends on:
ii  adduser   3.108  add and remove users and groups
ii  debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii  iproute   20080725-2 networking and traffic control too
ii  libc6 2.7-13 GNU C Library: Shared libraries
ii  libcap1   1:1.10-14  support for getting/setting POSIX.
ii  libpam0g  0.99.7.1-7 Pluggable Authentication Modules l
ii  libpcre3  7.6-2.1Perl 5 Compatible Regular Expressi
ii  libreadline5  5.2-3  GNU readline and history libraries
ii  logrotate 3.7.1-3Log rotation utility

quagga recommends no packages.

Versions of packages quagga suggests:
pn  snmpd  (no description available)

-- debconf information excluded


--- End Message ---
--- Begin Message ---
Source: quagga
Source-Version: 0.99.10-1lenny1

We believe that the bug you reported is fixed in the latest version of
quagga, which is due to be installed in the Debian FTP archive:

quagga-doc_0.99.10-1lenny1_all.deb
  to pool/main/q/quagga/quagga-doc_0.99.10-1lenny1_all.deb
quagga_0.99.10-1lenny1.diff.gz
  to pool/main/q/quagga/quagga_0.99.10-1lenny1.diff.gz
quagga_0.99.10-1lenny1.dsc
  to pool/main/q/quagga/quagga_0.99.10-1lenny1.dsc
quagga_0.99.10-1lenny1_amd64.deb
  to pool/main/q/quagga/quagga_0.99.10-1lenny1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 495...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian Hammers  (supplier of updated quagga package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sun, 04 Jan 2009 20:08:28 +0100
Source: quagga
Binary: quagga quagga-doc
Architecture: source all amd64
Version: 0.99.10-1lenny1
Distribution: testing-proposed-updates
Urgency: low
Maintainer: Christian Hammers 
Changed-By: Christian Hammers 
Description: 
 quagga - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Closes: 495232
Changes: 
 quagga (0.99.10-1lenny1) testing-proposed-updates; urgency=low
 .
   * Fixed bug that caused routes which were added externally, e.g. by
 "ip route add", to be ignored by Quagga (thanks to Hannes Schulz).
 Closes: #495232
Checksums-Sha1: 
 535bb491cf01fcde7c1e20e8a416b51e26683b62 1359 quagga_0.99.10-1lenny1.dsc
 51ebe8a663435246a60a17c83e3776343098e012 35815 quagga_0.99.10-1lenny1.diff.gz
 164d74cb0da7b22cd5d7a925ec175783130429d7 661362 
quagga-doc_0.99.10-1lenny1_all.deb
 9e40875e84265a1c57e995d4f1bfaf2e87fbc489 1751836 
quagga_0.99.10-1lenny1_amd64.deb
Checksums-Sha256: 
 8b8f6172572e7ef4d088e3743c86bf5c37e1aecc345f00d36502884c2df0a1c6 1359 
quagga_0.99.10-1lenny1.dsc
 29511d11ff30576879fa8a2c38d89a41eb1833cfa495415a509931f11284a1e4 35815 
quagga_0.99.10-1lenny1.diff.gz
 f1cdba33a44cf19e0fe1965e981e54055d0d063ea0275b5cf24c54c430dcf6ae 661362 
quagga-doc_0.99.10-1lenny1_all.deb
 243a196238a48cc1f3406748ee7581b171bd427f00d0a6a418acf6dcb3814c63 1751836 
quagga_0.99.10-1lenny1_amd64.deb
Files: 
 0aaed4e91e10c992d6821c44e0887580 1359 net optional quagga_0.99.10-1lenny1.dsc
 c1797afa70de74a96a123da29fa001cf 35815 net optional 
quagga_0.99.10-1lenny1.diff.gz
 d4f280581d61c8904551387b6

Bug#511199: #511199 perspic: does not work at all: complains about find arguments / segfaults upon execution

2009-01-08 Thread Evgeni Golov 
Hi Michael,

what arch are you on? Here on sid/i386, perspic starts fine (find
throws a warning, but it's only a warning).
Can you get a gdb backtrace of the segfault? (you'd have to rebuild
perspic unstripped).

Regards
Evgeni

-- 
Bruce Schneier Fact Number 629:
Bruce Schneier has an answer for the Cosmic AC


pgp22iwAUWdz5.pgp
Description: PGP signature

Bug#511231: Fatal X server error after upgrade to 2.4.3+git+20090105+a8c5480-1

2009-01-08 Thread Chris Lamb 
reassign 511231 libdrm2 
forcemerge 511231 511007

> Package: libdrm-intel1
> Version: 2.4.3+git+20090105+a8c5480-1
> Justification: renders package unusable
> Severity: grave
> 
> After the upgrade from 2.4.1+git+20081116+930c0e7-1 to
> 2.4.3+git+20090105+a8c5480-1 it was not possible to start X


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org
   `-


signature.asc
Description: PGP signature

Processed (with 5 errors): Re: Bug#511231: Fatal X server error after upgrade to 2.4.3+git+20090105+a8c5480-1

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 511231 libdrm2
Bug#511231: Fatal X server error after upgrade to 2.4.3+git+20090105+a8c5480-1
Bug reassigned from package `libdrm-intel1' to `libdrm2'.

> forcemerge 511231 511007
Bug#511231: Fatal X server error after upgrade to 2.4.3+git+20090105+a8c5480-1
Bug#511007: xserver-xorg-core: Segfault starting X server
Bug#511018: libdrm2: X stopped working after latest drm-snapshot upgrade
Forcibly Merged 511007 511018 511231.

> > Package: libdrm-intel1
Unknown command or malformed arguments to command.

> > Version: 2.4.3+git+20090105+a8c5480-1
Unknown command or malformed arguments to command.

> > Justification: renders package unusable
Unknown command or malformed arguments to command.

> > Severity: grave
Unknown command or malformed arguments to command.

> >
Unknown command or malformed arguments to command.

Too many unknown commands, stopping here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: severity of 510633 is normal, tagging 510633

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 510633 normal
Bug#510633: powersaved: Doesn't enable introspection in dbus config file
Severity set to `normal' from `serious'

> tags 510633 + patch
Bug#510633: powersaved: Doesn't enable introspection in dbus config file
There were no tags set.
Tags added: patch

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510633: Bug #510633: not actually RC

2009-01-08 Thread Simon McVittie 
severity 510633 normal
tags 510633 + patch
thanks

powersaved doesn't actually implement introspection, so bug #510633
isn't a regression. Please test powersaved with the new dbus package -
I suspect it'll work fine.

In fact, in a way rejecting the introspection messages is better, since
it means introspection will fail immediately, rather than after 25
seconds... I'll file a separate bug about that.

The attached patch is untested, but I think it provides a fairly sensible
policy. It applies after all the current Debian patches.

Simon
diff --git a/config_files/dbus_powersave.conf b/config_files/dbus_powersave.conf
index 358f45f..682a39c 100644
--- a/config_files/dbus_powersave.conf
+++ b/config_files/dbus_powersave.conf
@@ -11,38 +11,54 @@
  
  
 
- 
- 
-
- 
- 
+ 
+ 
   
 
   
   
 
+
 
 
-
-
+
+
+
 
-
-
+
   
 
   
   
-
+
+
 
 
-
+
   
   
-
+
+
 
 
-
+
   
 
 


signature.asc
Description: Digital signature

Bug#511262: CVE-2009-0050: Insufficient certificate validation

2009-01-08 Thread Moritz Muehlenhoff 
Package: lasso
Severity: grave
Tags: security
Justification: user security hole

Please see the following references for lasso and the recent
OpenSSL issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0050 
http://www.ocert.org/advisories/ocert-2008-016.html

Cheers,
Moritz

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510247: cloop-src: FTBFS with 2.6.26-1-686

2009-01-08 Thread Eduard Bloch 
#include 
* Neil Mayhew [Wed, Dec 31 2008, 08:46:22AM]:
> On 30/12/08 14:25, Eduard Bloch wrote:
>> Your target kernel (2.6.26) is not from Debian Stable, cloop-src is.  
>> Do the math.
>
> I find your reply rather rude. I take the time to report Debian bugs so  
> that the overall quality of Debian can be improved. This kind of  
> comment, "do the math", does not encourage me.

It was not meant to be rude, I just assumed that you reported some bug
in an old Stable version because I seriosly thought that the package was
adopted by somebody else many months ago (it was discussed, IIRC), and
because hardly anybody reported bugs, i.e. people almost didn't all the
time.

Sorry. Okay, that said: yes, I am still the maintainer, and the
current version in Lenny is broken. I could port changes from a newer
upstream version but I think they wouldn't be accepted by the release
team since there are a lot of changes.

> I am running a pure Testing system. If a kernel module package is in the  
> Testing repo, I expect it to build on a Testing system. I should not  
> have to go fetching sources from somewhere else. If you don't intend for  
> people to use it on Testing, take it out of the repo. However, it would  

Take out what? The whole package set? Why? You can use cloop-utils to
uncompress and repack the images to modify your Knoppix filesystem. The
only problem is the kernel module, but who cares? Knoppix' boot images
include it already.

> be better to upgrade the Unstable loop-src to the new upstream version,  
> which has been needed for over a year now, according to bug #436090.

Your years must be different than mine. There were multiple updates for
newer kernel versions, the one for for 2.6.26 was released in May 2008.
Yes, I neglected to upgrade the package and there is no excuse.

> Although I haven't tried this on Unstable, I very much expect it will  
> produce the same result, since the cloop-src version is the same there,  
> and so is the kernel version. So I consider this to be a bug in Unstable  
> too.

Sure, sure. But I uploaded a fixed version yesterday.

Regards,
Eduard.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511261: CVE-2008-0049: Inproper certificate validation

2009-01-08 Thread Moritz Muehlenhoff 
Package: belpic
Severity: grave
Tags: security
Justification: user security hole

Hi Wouter,

CVE-2009-0049:

Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the
return value from the OpenSSL EVP_VerifyFinal function, which allows remote
attackers to bypass validation of the certificate chain via a malformed SSL/TLS
signature, a similar vulnerability to CVE-2008-5077.

http://www.ocert.org/advisories/ocert-2008-016.html

Cheers,
Moritz

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#429073: tagging 429073

2009-01-08 Thread Niko Tyni 
# Automatically generated email from bts, devscripts version 2.10.35lenny1
# these seem to block archiving
tags 429073 =




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: tagging 429073

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # Automatically generated email from bts, devscripts version 2.10.35lenny1
> # these seem to block archiving
> tags 429073 =
Bug#429073: please update/request removal of your package
Tags were: sid lenny
Tags set to: 

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510348: dillo2.0 fltk package

2009-01-08 Thread Devid Antonio Filoni 

Hi,
I've worked on a fltk2 package and it seems to be ok, my sponsor will upload it 
as soon as possible and then I will update the dillo package. I'm sorry for the 
delay with this.

Devid Antonio Filoni

--- andr...@kemnade.info wrote:

From: Andreas Kemnade 
To: 510...@bugs.debian.org
Subject: Bug#510348: dillo2.0 fltk package
Date: Thu, 8 Jan 2009 20:51:42 +0100

Hi,

just to introduce myself. I'm the creator of that package on
http://misc.andi.de1.cc/dillo

I have provided that one so that debian users can quickly install
dillo. It is not the cleanest way to create a debian package,..
but the quickest.

I did not use pbuilder.
Because I do not know what's the clean way with fltk2 (since it is
a snapshot ...) I decided to
not package it and I just did the usual ./configure && make && make install
for the fltk snapshot
before starting dpkg-buildpackage.
And yes, the build dependencies are wrong (gtk is of course no build 
dependancy).
I just took the old debian diff and changed it as less as needed.

Greetings
Andreas Kemnade




_
Are you a Techie? Get Your Free Tech Email Address Now! Visit 
http://www.TechEmail.com



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510348: dillo2.0 fltk package

2009-01-08 Thread Andreas Kemnade 
Hi,

just to introduce myself. I'm the creator of that package on
http://misc.andi.de1.cc/dillo

I have provided that one so that debian users can quickly install
dillo. It is not the cleanest way to create a debian package,..
but the quickest.

I did not use pbuilder.
Because I do not know what's the clean way with fltk2 (since it is
a snapshot ...) I decided to
not package it and I just did the usual ./configure && make && make install
for the fltk snapshot
before starting dpkg-buildpackage.
And yes, the build dependencies are wrong (gtk is of course no build 
dependancy).
I just took the old debian diff and changed it as less as needed.

Greetings
Andreas Kemnade


signature.asc
Description: PGP signature

Bug#511248: xdg-screensaver does not support basic Xorg screensaver ???

2009-01-08 Thread Vincent Fourmond 
Package: xdg-utils
Version: 1.0.2-6.1
Severity: serious
Justification: breaks other packages

  Hello,

  xine-ui was recently migrated from using a dirty hack into using
xdg-screensaver to disable the screen saver (see
#374644). Unfortunately, ever since,the screen saver simply does not
switch off.

  I'm not using any fancy screen saver (not Gnome, KDE, xscreen-saver
or whatever); I'm only relying on Xorg to do its job, and was never
disappointed so far. However, xdg-screensaver does not work with plain
X screensaver...

  Steps to reproduce:

  First, make sure you have no fancy screensavers installed. Then:

20:21 vinc...@tanyaivinco ~ xwininfo | grep xwininfo 
xwininfo: Please select the window about which you
xwininfo: Window id: 0x38f "xterm"
20:21 vinc...@tanyaivinco ~ xset s 3 
20:21 vinc...@tanyaivinco ~ xdg-screensaver suspend 0x38f

  Then, wait three seconds, and see the screen go blank...

  BTW, the xdg-screensaver command returns a non-zero status (status
4), but does not show any error message.

  I'm tagging this bug as severity serious as it breaks xine-ui. Feel
free to downgrade if you think I'm excessive.

  I'm try to implement a fix for that, I'll hopefully post a patch
soon enough.

  Cheers,

Vincent Fourmond

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

xdg-utils depends on no packages.

Versions of packages xdg-utils recommends:
ii  elinks [www-browser]   0.12~pre2.dfsg0-1 advanced text-mode WWW browser
ii  file   4.26-2Determines file type using "magic"
ii  iceweasel [www-browser 3.0.5-1   lightweight web browser based on M
ii  mime-support   3.44-1MIME files 'mime.types' & 'mailcap
ii  shared-mime-info   0.30-2FreeDesktop.org shared MIME databa
ii  x11-utils  7.3+2+nmu1X11 utilities
ii  x11-xserver-utils  7.3+5 X server utilities

Versions of packages xdg-utils suggests:
ii  desktop-file-utils0.15-1 Utilities for .desktop files
pn  exo-utils  (no description available)
pn  kdelibs4c2a(no description available)
pn  konqueror  (no description available)
ii  libgnome2-0   2.20.1.1-2 The GNOME 2 library - runtime file
pn  libgnomevfs2-bin   (no description available)
ii  libgtk2.0-bin 2.12.11-4  The programs for the GTK+ graphica

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511242: python-setuptools is missing in build dependencies

2009-01-08 Thread Piotr Ożarowski 
[Chris Lamb, 2009-01-08]
> Good catch. Out of interest, how did you find this?

Scott Kitterman asked me how serious is a bug in a package that uses
ez_setup to grab stuff and he pointed me to this package, I tried to
rebuild it in pbuilder and then noticed that my "favourite" ez_* is doing
its thing ;-)

BTW: there's a Python Applications Packaging Team if you're interested...
-- 
:wq!


pgplWvtQ3cf3j.pgp
Description: PGP signature

Bug#511242: python-setuptools is missing in build dependencies

2009-01-08 Thread Piotr Ożarowski 
Package: pyke
Severity: serious
Tags: patch

Please add python-setuptools to build dependencies otherwise ez_setup
will try to download it from internet

BTW: I recommend to disable ez_setup in setup.py, i.e. remove these
lines:
| import ez_setup
| ez_setup.use_setuptools



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#511242: python-setuptools is missing in build dependencies

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 511242 + pending
Bug#511242: python-setuptools is missing in build dependencies
Tags were: patch
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511242: python-setuptools is missing in build dependencies

2009-01-08 Thread Chris Lamb 
tags 511242 + pending
thanks

> Please add python-setuptools to build dependencies otherwise ez_setup
> will try to download it from internet

Good catch. Out of interest, how did you find this?


Regards,

-- 
Chris Lamb, UK ch...@chris-lamb.co.uk
  GPG: 0x634F9A20


signature.asc
Description: PGP signature

Bug#374644: Bug 374644: after NMU, xine-ui does not prevent the screensaver to trigger

2009-01-08 Thread Vincent Fourmond 

  Hello again,

  It seems that xdg-screensaver simply does not work in my case... That
explains a lot. I'm currently looking at that.

  Cheers,

Vincent

-- 
Vincent Fourmond, Debian Developer
http://vince-debian.blogspot.com/

The moon was high now, in a sky as black as a cup of coffee that
wasn't very black at all.
 -- Terry Pratchet, Men at arms

Vincent, listening to And The Band Played On (Simple Minds)




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: found 510646 in 0.8-2

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 510646 0.8-2
Bug#510646: system.d/...PolicyKit.conf needs alterations for new D-Bus
Bug marked as found in version 0.8-2.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#374644: Bug 374644: after NMU, xine-ui does not prevent the screensaver to trigger

2009-01-08 Thread Vincent Fourmond 

  Hello,

  After having updated xine-ui to the newest version,
0.99.5+cvs20070914-2.1, xine does not prevent the screensaver from
triggering on my system (fvwm2), which is *very annoying*...

  Could you please fix that ? I guess that makes xine as broken as it
was before, if not worse.


  Cheers,

Vincent

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

Versions of packages xine-ui depends on:
ii  libc6 2.7-18 GNU C Library: Shared libraries
ii  libcurl3-gnutls   7.18.2-8   Multi-protocol file
transfer libra
ii  libpng12-01.2.27-2   PNG library - runtime
ii  libreadline5  5.2-3  GNU readline and history
libraries
ii  libx11-6  2:1.1.5-2  X11 client-side library
ii  libxext6  2:1.0.4-1  X11 miscellaneous extension
librar
ii  libxft2   2.1.12-3   FreeType-based font drawing
librar
ii  libxine1  1.1.14-3   the xine video/media player
librar
ii  libxine1-ffmpeg   1.1.14-3   MPEG-related plugins for
libxine1
ii  libxine1-x1.1.14-3   X desktop video output
plugins for
ii  libxinerama1  2:1.0.3-2  X11 Xinerama extension library
ii  libxtst6  2:1.0.3-1  X11 Testing -- Resource
extension
ii  libxv12:1.0.4-1  X11 Video extension library
ii  libxxf86vm1   1:1.0.2-1  X11 XFree86 video mode
extension l

Versions of packages xine-ui recommends:
ii  xdg-utils 1.0.2-6.1  desktop integration
utilities from

xine-ui suggests no packages.

-- no debconf information


-- 
Vincent Fourmond, Debian Developer
http://vince-debian.blogspot.com/

The moon was high now, in a sky as black as a cup of coffee that
wasn't very black at all.
 -- Terry Pratchet, Men at arms

Vincent, listening to And The Band Played On (Simple Minds)



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510644: marked as done (bluetooth.conf needs alterations for new D-Bus)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Thu, 08 Jan 2009 18:02:04 +
with message-id 
and subject line Bug#510644: fixed in bluez-utils 3.36-3
has caused the Debian Bug report #510644,
regarding bluetooth.conf needs alterations for new D-Bus
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
510644: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510644
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bluez-utils
Version: 3.36-2
Severity: serious
Justification: blocker for #503532 (CVE-2008-4311) and far-fetched security hole
Tags: fixed-upstream
User: pkg-utopia-maintain...@lists.alioth.debian.org
Usertags: CVE-2008-4311

bluez-utils installs a D-Bus system policy file intending to allow users
at the console to send BlueZ messages to hcid. However, it actually
allows users at the console to send messages to the object path '/' on
any service, slightly subverting access control for those other services.

Furthermore, it might be insufficient to allow everything that hcid intends to
allow; messages used to be allowed accidentally by a dbus-daemon bug, but
with the dbus-daemon changes targeted for lenny, they will be denied
unless explicitly allowed.


shows the recent history of this file - the latest version,
,
appears to be appropriate.

Regards from the Cambridge BSP,
Simon


signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: bluez-utils
Source-Version: 3.36-3

We believe that the bug you reported is fixed in the latest version of
bluez-utils, which is due to be installed in the Debian FTP archive:

bluetooth_3.36-3_all.deb
  to pool/main/b/bluez-utils/bluetooth_3.36-3_all.deb
bluez-audio_3.36-3_amd64.deb
  to pool/main/b/bluez-utils/bluez-audio_3.36-3_amd64.deb
bluez-cups_3.36-3_amd64.deb
  to pool/main/b/bluez-utils/bluez-cups_3.36-3_amd64.deb
bluez-pcmcia-support_3.36-3_amd64.deb
  to pool/main/b/bluez-utils/bluez-pcmcia-support_3.36-3_amd64.deb
bluez-utils_3.36-3.diff.gz
  to pool/main/b/bluez-utils/bluez-utils_3.36-3.diff.gz
bluez-utils_3.36-3.dsc
  to pool/main/b/bluez-utils/bluez-utils_3.36-3.dsc
bluez-utils_3.36-3_amd64.deb
  to pool/main/b/bluez-utils/bluez-utils_3.36-3_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 510...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Filippo Giunchedi  (supplier of updated bluez-utils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 08 Jan 2009 18:42:24 +0100
Source: bluez-utils
Binary: bluez-utils bluez-pcmcia-support bluez-cups bluez-audio bluetooth
Architecture: source all amd64
Version: 3.36-3
Distribution: unstable
Urgency: high
Maintainer: Debian Bluetooth Maintainers 

Changed-By: Filippo Giunchedi 
Description: 
 bluetooth  - Bluetooth stack utilities
 bluez-audio - Bluetooth audio support
 bluez-cups - Bluetooth printer driver for CUPS
 bluez-pcmcia-support - PCMCIA support files for BlueZ 2.0 Bluetooth tools
 bluez-utils - Bluetooth tools and daemons
Closes: 510644
Changes: 
 bluez-utils (3.36-3) unstable; urgency=high
 .
   * Ship a new bluetooth.conf fixing dbus permissions RC bug (Closes: #510644)
 - As a result of this, now users of netdev group are able to communicate
   with hcid via dbus
 - Add netdev group in postinst if not present
Checksums-Sha1: 
 f29ae3e81a8bef2048104a01754e8790793095e1 1627 bluez-utils_3.36-3.dsc
 905d191c0a07a5651a19f18f5fd73c85ca5ddb49 22689 bluez-utils_3.36-3.diff.gz
 693d8b9405cea516b239f9166a873c51a3dfa5d6 22738 bluetooth_3.36-3_all.deb
 66a917112073e32d6b4dafb2447154b84ef6910a 381808 bluez-utils_3.36-3_amd64.deb
 e81b3e27fb0618bfa82077704e3319e0adb52e5f 24376 
bluez-pcmcia-support_3.36-3_amd64.deb
 69306846062160c2f1069cf128dec630b088e99f 40246 bluez-cups_3.36-3_amd64.deb
 f4d2394521aec325fffd3e7206c9d796e316cd74 137900 bluez-audio_3.36-3_amd64.deb
Checksums-Sha256: 
 577b00f560dfc21eec75f9ae14262a7c23e4866f726cb0136506d099c2743297 1627 
bluez-utils_3.36-3.dsc
 888bcd1192f4ed0ac288da565ac883a9fc517085d0ab831bb2ff6a13ee86

Bug#495232: [quagga-dev 6315] Re: Bug#495232: quagga 0.99.10: zebra ignores routes added via command line

2009-01-08 Thread Stephen Hemminger 
On Thu, 8 Jan 2009 18:38:57 +0100
Christian Hammers  wrote:

> Hello
> 
> On Tue, 6 Jan 2009 11:50:35 +0100
> "Joakim Tjernlund"  wrote:
> 
> > > On Sun, 04 Jan 2009, Ben Hutchings  wrote:
> > > 
> > > Stephen,
> > > 
> > > Debian 5.0 "lenny" will release with quagga 0.99.10.  However we have
> > > a bug report that:
> > > 
> > > "I try to add routes with "/sbin/ip" e.g.
> > >  /sbin/ip ro add 62.116.121.19 dev br8
> > > 
> > > strace suggests the resulting netlink message never reaches zebra."
> > > 
> > > and the proposed fix to the netlink filter:
> > > 
> > > --- zebra/rt_netlink.c2008-08-15 15:42:56.0 +0200
> > > +++ zebra/rt_netlink.c2008-08-15 15:43:19.0 +0200
> > > @@ -1971,7 +1971,7 @@
> > >  /* 7*/ BPF_STMT(BPF_LD|BPF_ABS|BPF_B,
> > >   sizeof(struct nlmsghdr) + offsetof(struct rtmsg, 
> > > rtm_protocol)),
> > >  /* 8*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_REDIRECT, 4, 0),
> > > -/* 9*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_KERNEL, 0, 1),
> > > +/* 9*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_KERNEL, 3, 0),
> > >  /*10*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_ZEBRA, 0, 3),
> > >  /*11*/ BPF_STMT(BPF_LD|BPF_ABS|BPF_H, offsetof(struct nlmsghdr, 
> > > nlmsg_type)),
> > >  /*12*/ BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, htons(RTM_NEWROUTE), 0, 1),
> > > --- END ---
> > > 
> > > This looks correct to me.  Please can you confirm?
> > > 
> > > Ben.
> > 
> > Don't know , but the current Quagga has something rather different. Check
> > http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=3d265b4d9d748bf4c92aefebc2ca0c04fd607945;hp=30a2231a4881f53dec
> > a61ef7a62b225a43dab4c5
> > 
> >  Jocke
> 
> Hannes found a message from Paul Jakma where he fears that the PID-based
> solution from your git URL may reopen the security hole CVE-2003-0858 :
>   http://lists.quagga.net/pipermail/quagga-dev/2008-August/005740.html
> 
> As the code has been committet, was it found to be OK? Or if not, is the 
> above patch which just swaps the "3, 0" acceptable to close the bug
> in our Debian package?
> 
> bye,
> 
> -christian-

Your (3,0) transformation.

I accidentally moved the pid check, and put it back in later versions.





-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#495232: [quagga-dev 6315] Re: Bug#495232: quagga 0.99.10: zebra ignores routes added via command line

2009-01-08 Thread Joakim Tjernlund 
On Thu, 2009-01-08 at 18:38 +0100, Christian Hammers wrote:
> Hello
> 
> On Tue, 6 Jan 2009 11:50:35 +0100
> "Joakim Tjernlund"  wrote:
> 
> > > On Sun, 04 Jan 2009, Ben Hutchings  wrote:
> > > 
> > > Stephen,
> > > 
> > > Debian 5.0 "lenny" will release with quagga 0.99.10.  However we have
> > > a bug report that:
> > > 
> > > "I try to add routes with "/sbin/ip" e.g.
> > >  /sbin/ip ro add 62.116.121.19 dev br8
> > > 
> > > strace suggests the resulting netlink message never reaches zebra."
> > > 
> > > and the proposed fix to the netlink filter:
> > > 
> > > --- zebra/rt_netlink.c2008-08-15 15:42:56.0 +0200
> > > +++ zebra/rt_netlink.c2008-08-15 15:43:19.0 +0200
> > > @@ -1971,7 +1971,7 @@
> > >  /* 7*/ BPF_STMT(BPF_LD|BPF_ABS|BPF_B,
> > >   sizeof(struct nlmsghdr) + offsetof(struct rtmsg, 
> > > rtm_protocol)),
> > >  /* 8*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_REDIRECT, 4, 0),
> > > -/* 9*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_KERNEL, 0, 1),
> > > +/* 9*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_KERNEL, 3, 0),
> > >  /*10*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_ZEBRA, 0, 3),
> > >  /*11*/ BPF_STMT(BPF_LD|BPF_ABS|BPF_H, offsetof(struct nlmsghdr, 
> > > nlmsg_type)),
> > >  /*12*/ BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, htons(RTM_NEWROUTE), 0, 1),
> > > --- END ---
> > > 
> > > This looks correct to me.  Please can you confirm?
> > > 
> > > Ben.
> > 
> > Don't know , but the current Quagga has something rather different. Check
> > http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=3d265b4d9d748bf4c92aefebc2ca0c04fd607945;hp=30a2231a4881f53dec
> > a61ef7a62b225a43dab4c5
> > 
> >  Jocke
> 
> Hannes found a message from Paul Jakma where he fears that the PID-based
> solution from your git URL may reopen the security hole CVE-2003-0858 :
>   http://lists.quagga.net/pipermail/quagga-dev/2008-August/005740.html
> 
> As the code has been committet, was it found to be OK? Or if not, is the 
> above patch which just swaps the "3, 0" acceptable to close the bug
> in our Debian package?

I can't really say, Paul and/or Stephen will have to speak up I think.

 Jocke



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511231: Fatal X server error after upgrade to 2.4.3+git+20090105+a8c5480-1

2009-01-08 Thread Dr. Markus Waldeck 

Package: libdrm-intel1
Version: 2.4.3+git+20090105+a8c5480-1
Justification: renders package unusable
Severity: grave

After the upgrade from 2.4.1+git+20081116+930c0e7-1 to
2.4.3+git+20090105+a8c5480-1 it was not possible to start X

The end of the Xorg.0.log:

Backtrace:
0: /usr/bin/X11/X(xorg_backtrace+0x3b) [0x812f0fb]
1: /usr/bin/X11/X(xf86SigHandler+0x51) [0x80c1c71]
2: [0xb80b4400]
3: /usr/lib/xorg/modules/drivers//intel_drv.so(I830Sync+0x54) [0xb7b3f4f4]
4: /usr/lib/xorg/modules/drivers//intel_drv.so [0xb7b68f0a]
5: /usr/lib/xorg/modules//libexa.so(exaWaitSync+0x65) [0xb7a20415]
6: /usr/lib/xorg/modules/drivers//intel_drv.so(i830WaitSync+0xb7) [0xb7b4ee67]
7: /usr/lib/xorg/modules/drivers//intel_drv.so [0xb7b459b4]
8: /usr/bin/X11/X(xf86CrtcSetMode+0x13b) [0x80eb3ab]
9: /usr/bin/X11/X(xf86SetDesiredModes+0x1af) [0x80ebbff]
10: /usr/lib/xorg/modules/drivers//intel_drv.so [0xb7b4f436]
11: /usr/lib/xorg/modules/drivers//intel_drv.so [0xb7b50d48]
12: /usr/bin/X11/X(AddScreen+0x19f) [0x8070a9f]
13: /usr/bin/X11/X(InitOutput+0x206) [0x80a91b6]
14: /usr/bin/X11/X(main+0x279) [0x8071239]
15: /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7cdc775]
16: /usr/bin/X11/X(FontFileCompleteXLFD+0x20d) [0x8070821]

Fatal server error:
Caught signal 11.  Server aborting


FatalError re-entered, aborting
I830EmitFlush: BEGIN_BATCH called without closing ADVANCE_BATCH


After the downgrade to 2.4.1+git+20081116+930c0e7-1 it is possblie to start X.

-- System Information:
Debian Release: 5.0
Architecture: i386 (i686)

Versions of packages libdrm-intel1 depends on:
ii  libc6   2.9-0exp1GNU C Library: Shared libraries
ii  libdrm2 2.4.3+git+20090105+a8c5480-1 Userspace interface to kernel rend

Installed X packages:
ii  xserver-common2:1.5.3-1 common files used by various X servers
ii  xserver-xorg  1:7.4~4   the X.Org X server
ii  xserver-xorg-core 2:1.5.3-1 Xorg X server - core server
ii  xserver-xorg-video-intel  2:2.5.1-1 X.Org X server -- Intel i8xx, i9xx 
display driver

-- 
Sensationsangebot verlängert: GMX FreeDSL - Telefonanschluss + DSL 
für nur 16,37 Euro/mtl.!* http://dsl.gmx.de/?ac=OM.AD.PD003K1308T4569a


Xorg.0.log
Description: Binary data

Bug#495232: [quagga-dev 6315] Re: Bug#495232: quagga 0.99.10: zebra ignores routes added via command line

2009-01-08 Thread Christian Hammers 
Hello

On Tue, 6 Jan 2009 11:50:35 +0100
"Joakim Tjernlund"  wrote:

> > On Sun, 04 Jan 2009, Ben Hutchings  wrote:
> > 
> > Stephen,
> > 
> > Debian 5.0 "lenny" will release with quagga 0.99.10.  However we have
> > a bug report that:
> > 
> > "I try to add routes with "/sbin/ip" e.g.
> >  /sbin/ip ro add 62.116.121.19 dev br8
> > 
> > strace suggests the resulting netlink message never reaches zebra."
> > 
> > and the proposed fix to the netlink filter:
> > 
> > --- zebra/rt_netlink.c  2008-08-15 15:42:56.0 +0200
> > +++ zebra/rt_netlink.c  2008-08-15 15:43:19.0 +0200
> > @@ -1971,7 +1971,7 @@
> >  /* 7*/ BPF_STMT(BPF_LD|BPF_ABS|BPF_B,
> > sizeof(struct nlmsghdr) + offsetof(struct rtmsg, 
> > rtm_protocol)),
> >  /* 8*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_REDIRECT, 4, 0),
> > -/* 9*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_KERNEL, 0, 1),
> > +/* 9*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_KERNEL, 3, 0),
> >  /*10*/ BPF_JUMP(BPF_JMP+ BPF_B, RTPROT_ZEBRA, 0, 3),
> >  /*11*/ BPF_STMT(BPF_LD|BPF_ABS|BPF_H, offsetof(struct nlmsghdr, 
> > nlmsg_type)),
> >  /*12*/ BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, htons(RTM_NEWROUTE), 0, 1),
> > --- END ---
> > 
> > This looks correct to me.  Please can you confirm?
> > 
> > Ben.
> 
> Don't know , but the current Quagga has something rather different. Check
> http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=3d265b4d9d748bf4c92aefebc2ca0c04fd607945;hp=30a2231a4881f53dec
> a61ef7a62b225a43dab4c5
> 
>  Jocke

Hannes found a message from Paul Jakma where he fears that the PID-based
solution from your git URL may reopen the security hole CVE-2003-0858 :
  http://lists.quagga.net/pipermail/quagga-dev/2008-August/005740.html

As the code has been committet, was it found to be OK? Or if not, is the 
above patch which just swaps the "3, 0" acceptable to close the bug
in our Debian package?

bye,

-christian-



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#495232: quagga 0.99.10: zebra ignores routes added via command line

2009-01-08 Thread Hannes Schulz 
--On 07. Jänner 2009 00:22:18 +0100 Christian Hammers 
wrote:

> Hello
> 
> Stephen, I was pointed out the the patch on
> 
> http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=3d2
> 65b4d9d748bf4c92aefebc2ca0c04fd607945;hp=30a2231a4881f53deca61ef7a62b225a
> 43dab4c5
> 
> It seems to work here and was signed-off by Paul Jakma. Can you confirm
> that  this patch is all (an no other patch has to be applied as well)?
> 
> Hannes, you said something about security issues, did you mean in the
> patch from the above mentioned URL? Why is one of the patches insecure?
> 
> bye,
> 
> -christian-
> 
> 


Paul Jamka mentioned it in


This mail references 

which in turn references

which in turn references
DSA-415-1 ()


I have no idea whether this issue still applies.


Yours

Hannes






--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510644: [Pkg-bluetooth-maintainers] Bug#510644: bluetooth.conf needs alterations for new D-Bus

2009-01-08 Thread Marcel Holtmann 
Hi Colin,

> > that is exactly how it works and we can't use signal. Even directed
> > signal are not working since the method call into the agent has to
> > return the result or an error.
> >
> > What problem do you guys actually have with this? The agent inside
> > bluez-gnome is verifying that the method comes from the daemon it
> > registers its agent with and thus there is not even a security issue
> > here with trying to send arbitrary method calls to the UI.
> 
> I talked with davidz about this on IRC in a bit more high bandwidth
> mode; he's doing something similar with PolicyKit.  I think if the
> rule is of the form:
> 
> 
> 
> that's probably fine.  It does allow any process to send any message
> with that interface and path to any other, but we're in a similar
> situation with signals anyways right now.  I wouldn't call it a
> problem even if it's just an , but ideally we
> don't have many of these since they're not as strong as  send_destination>.

the path where the Bluetooth agent lives can be freely chosen by the
agent. We are not restricting it to any path. This is needed since in
some cases an application might wanna register two agents. The BlueZ
agents are kinda stackable. We have a default one for normal requests
that can come in any time. And then transaction specific ones when we do
expect a pairing or authorization request. This design is on purpose to
allow the UI to present or overwrite these requests and handle them as
it fits best in that situation.

So what is your security concern here? Only the root user is to send
these information anyway. And once you are root, you can do whatever you
want. If you don't like the D-Bus policy, you just edit that file and
change it. I really don't get what you are trying to protect here.

And keep in mind that the client/agent has to protect itself and
bluez-gnome is doing this by verifying the sender of the request.

Regards

Marcel





-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511184: installation of mozart-stdlib fails..

2009-01-08 Thread Patrick Matthäi 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello,

closing the bug is wrong, it is a bug.

The solution for it would be to get it build sane on all architectures,
there are many maybe-failed:
http://buildd.debian.org/build.php?pkg=mozart

- --
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: patrick.matth...@web.de

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAklmCpgACgkQ2XA5inpabMcMCgCfcotDOUXuekl3RE3ZKdQ833jW
t4MAn2XB+99bGCE0OaWDeqfzSeqs4LMY
=FNZF
-END PGP SIGNATURE-



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510673: xine-lib: FTBFS: /bin/sed: can't read /usr/lib/libsamplerate.la: No such file or directory

2009-01-08 Thread Reinhard Tartler 
Sven Joachim  writes:

> Adding libsamplerate0-dev to Build-Depends fixes this.

instead of bloating the dependency graph, I'd rather suggest to drop the
*.la files from libjack-dev instead. This of course breaks static
linking against libjack, but we don't want that anyway.

diff --git a/debian/libjack-dev.install b/debian/libjack-dev.install
index 7087694..91855d6 100644
--- a/debian/libjack-dev.install
+++ b/debian/libjack-dev.install
@@ -1,6 +1,5 @@
 debian/tmp/usr/include
 debian/tmp/usr/lib/lib*.a
-debian/tmp/usr/lib/lib*.la
 debian/tmp/usr/lib/lib*.so
 debian/tmp/usr/lib/libjack*/*.a
 debian/tmp/usr/lib/pkgconfig


Free, do you agree with this approach?

-- 
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511184: installation of mozart-stdlib fails due to unmet dependencies

2009-01-08 Thread Kevin Glynn 

Well, that is correct.  The mozart-stdlib contains machine-independent
bytecode and is Architecture: all.  However, the actual mozart package
is not available for 64 bit architectures.

I am not yet sure if I there is anything I can change to make this
better, or if I should just close this bug, I will go read the Policy
and Developer's Reference unless someone beats me to it.

k
 



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511199: perspic: does not work at all: complains about find arguments / segfaults upon execution

2009-01-08 Thread Michael Ablassmeier 
Package: perspic
Version: 1.5-5.1+b1
Severity: grave
Justification: does not work at all

hi,

calling perspic from the command line results in the following find error 
message:

 > a...@kida:~/pers$ perspic
 > find: warning: you have specified the -maxdepth option after a non-option
 > argument -type, but options are not positional (-maxdepth affects tests
 > specified before it as well as those specified after it).  Please specify
 > options before other arguments. 
 >
 > Segmentation fault
  
bye,
- michael



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510673: Bug 510673 (libjack-dev) blocking xine-lib RC bug fixes

2009-01-08 Thread Darren Salt 
tag 510673 patch
thanks

This bug is preventing me from uploading xine-lib to unstable and
xine-lib-1.2 to experimental. These uploads are required to fix some
outstanding security issues.

The attached patch fixes the problem and is intended for a sponsored NMU –
anybody?

-- 
| Darren Salt| linux or ds at  | nr. Ashington, | Toon
| RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army
| + Output less CO2 => avoid boiling weather. TIME IS RUNNING OUT *FAST*.

Many pages make a crowded castle.



jack.patch
Description: Binary data

Bug#504232: marked as done (openchange_1.0~svn842-1(sparc/experimental): FTBFS: librpc/ndr/libndr.h: No such file or directory)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Thu, 8 Jan 2009 13:56:18 +0100
with message-id <20090108125618.ga20...@vernstok.nl>
and subject line Fixed in last upload
has caused the Debian Bug report #504232,
regarding openchange_1.0~svn842-1(sparc/experimental): FTBFS: 
librpc/ndr/libndr.h: No such file or directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
504232: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504232
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openchange
Version: 1.0~svn842-1
Severity: serious

Hi,

your package failed to build from source. Since the error occours in a
samba4 header, the bug might actually be located there, feel free to
reassign or clone the bug in this case.

| Automatic build of openchange_1.0~svn842-1 on njoerd by sbuild/sparc 98-farm
| Build started at 20081102-0134
| **
| Checking available source versions...
| Fetching source files...
| Reading package lists...
| Building dependency tree...
| Need to get 1091kB of source archives.
| Get:1 http://sinclair.farm.ftbfs.de experimental/main openchange 1.0~svn842-1 
(dsc) [1741B]
| Get:2 http://sinclair.farm.ftbfs.de experimental/main openchange 1.0~svn842-1 
(tar) [1085kB]
| Get:3 http://sinclair.farm.ftbfs.de experimental/main openchange 1.0~svn842-1 
(diff) [4149B]
| Fetched 1091kB in 0s (3402kB/s)
| Download complete and in download only mode
| ** Using build dependencies supplied by package:
| Build-Depends: debhelper (>> 5.0.0), libparse-pidl-perl, libmagic-dev, 
libdcerpc-dev, libtalloc-dev, libldb-samba4-dev (>= 4.0.0~alpha5+20080930), 
samba4-dev, libsamba-hostconfig-dev, flex, bison, libpopt-dev, libtorture-dev, 
doxygen, pkg-config
| Checking for already installed source dependencies...
[...]
| Compiling libmapi/IABContainer.c with -fPIC
| In file included from ./libmapi/libmapi.h:46,
|  from libmapi/IABContainer.c:20:
| /usr/include/samba-4.0/dcerpc.h:32:31: error: librpc/ndr/libndr.h: No such 
file or directory
| In file included from ./libmapi/libmapi.h:46,
|  from libmapi/IABContainer.c:20:
| /usr/include/samba-4.0/dcerpc.h:48: error: expected specifier-qualifier-list 
before 'NTSTATUS'
| /usr/include/samba-4.0/dcerpc.h:71: error: expected specifier-qualifier-list 
before 'NTSTATUS'
| /usr/include/samba-4.0/dcerpc.h:204: error: expected specifier-qualifier-list 
before 'NTSTATUS'
| /usr/include/samba-4.0/dcerpc.h:243: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_pipe_connect'
| /usr/include/samba-4.0/dcerpc.h:250: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_ndr_request_recv'
| /usr/include/samba-4.0/dcerpc.h:260: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_pipe_open_smb'
| /usr/include/samba-4.0/dcerpc.h:263: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_bind_auth_none'
| /usr/include/samba-4.0/dcerpc.h:265: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_fetch_session_key'
| /usr/include/samba-4.0/dcerpc.h:268: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_secondary_connection_recv'
| /usr/include/samba-4.0/dcerpc.h:270: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_parse_binding'
| /usr/include/samba-4.0/dcerpc.h:277: warning: 'struct loadparm_context' 
declared inside parameter list
| /usr/include/samba-4.0/dcerpc.h:277: warning: its scope is only this 
definition or declaration, which is probably not what you want
| /usr/include/samba-4.0/dcerpc.h:279: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_pipe_connect_b_recv'
| /usr/include/samba-4.0/dcerpc.h:282: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_pipe_connect_b'
| /usr/include/samba-4.0/dcerpc.h:291: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_pipe_auth'
| /usr/include/samba-4.0/dcerpc.h:298: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_secondary_connection'
| /usr/include/samba-4.0/dcerpc.h:301: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_bind_auth_schannel'
| /usr/include/samba-4.0/dcerpc.h:308: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_init'
| /usr/include/samba-4.0/dcerpc.h:311: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_secondary_context'
| /usr/include/samba-4.0/dcerpc.h:314: error: expected '=', ',', ';', 'asm' or 
'__attribute__' before 'dcerpc_

Processed: Bug 510673 (libjack-dev) blocking xine-lib RC bug fixes

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 510673 patch
Bug#510673: xine-lib: FTBFS: /bin/sed: can't read /usr/lib/libsamplerate.la: No 
such file or directory
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#508565: Testing against 20061008-3

2009-01-08 Thread Juan Carlos Suárez Yanes 

Dear Evgeni, Asheesh and all,

First of all, happy new year! and thank you very much for your efforts!

I installed the version (sid) 20061008-4.1_amd64 of libf2c and libf2c-dev

and now it works properly!
Thank you again

JC

Evgeni Golov escribió:

On Fri, 2 Jan 2009 20:13:51 -0500 (EST) Asheesh Laroia wrote:

  

On Sat, 3 Jan 2009, Evgeni Golov wrote:



On Tue, 16 Dec 2008 10:30:56 + (GMT) Juan Carlos Suarez wrote:

  

/home/jcsuarez/Boulot/Oscilcodes/Filou/juan24>filou
 structure input model type: CESAM5.*
fmt: read unexpected character
apparent state: unit 37 named inputfiletest.osc
last format: (4i10)
lately reading sequential formatted external IO
./filou: line 42:  3849 Aborted filou_exe


evg...@yidhra:~/debian$ uname -m
x86_64
evg...@yidhra:~/debian$ ./filou_exe
structure input model type: CESAM5.*

Does this output look better? :)
Now I just need to understand how to make this uploadable (a sed in
debian/rules on f2c.h sucks :))
  

Great!

By all means work on a Debian release, but can you possibly contribute the 
fixes upstream? Hopefully they can sanity-check them and help you avoid 
sed. (-:



Nah, got it myself!
Juan Carlos, can you try
http://die-welt.net/~evgeni/tmp/libf2c2_20050501-2.1_amd64.deb
It should fix your issues :)


  






--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: your mail

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 509566 normal
Bug#509566: Puppet: setting timeout to 0 causes puppet to try requesting a 
certificate infinitely often
Severity set to `normal' from `grave'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#509566:

2009-01-08 Thread Thijs Kinkhorst 
severity 509566 normal
thanks

> found 509566 0.24.5-3
> found 509566 0.24.6-1
> thanks

> Setting waitforcert to "5" helps a bit, but it is still a problem IMO.

Your suggestions are all very valid in my opinion, but I think that the
uploaded fix has made the issue not grave anymore. I hope the Puppet
maintainers will evaluate your suggestions for including in lenny, but
this is now only a normal bug.


Thijs




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511187: marked as done (xfce4 doesn't start after install)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Thu, 08 Jan 2009 12:36:50 +0100
with message-id <1231414610.18955.5.ca...@miria>
and subject line Re: [Pkg-xfce-devel] Bug#511187: xfce4 doesn't start after 
install
has caused the Debian Bug report #511187,
regarding xfce4 doesn't start after install
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
511187: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511187
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: xfce4
Version: 4.3.99.2
Severity: grave
Justification: renders package unusable
Message-Id: <20090108113324.5e493124...@lnxgw.mimizan.com>
Date: Thu,  8 Jan 2009 12:33:24 +0100 (CET)
From: t...@mediaforest.net
To: sub...@bugs.debian.org

*** Please type your report below this line ***

After installing xfce4 with apt-get, xfce4 doesn't start.
when running whether startx or starxfce4, I get :

/usr/bin/startxfce4: Starting X server

X: cannot stat /etc/X11/X (No such file or directory), aborting.
giving up.
xinit: Connection refused (errno: 111): unable to connect to X server
xinit: No such process (errno 3): Server error.

so it seems that the configuration of xfce4 hasn't worked or that some 
mandatory dependencies are not checked.

xfce4 should be able to start right after being installed


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24-etchnhalf.1-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages xfce4 depends on:
ii  gtk2-engines-xfce 2.3.99.2-1 A GTK+-2.0 theme engine for Xfce
ii  thunar0.4.0rc1-3 File Manager for Xfce
ii  xfce4-icon-theme  4.3.99.2-1 Xfce Standard icon theme
ii  xfce4-mcs-plugins 4.3.99.2-1 Special modules for the xfce4-mcs-
ii  xfce4-panel   4.3.99.2-2 The Xfce4 desktop environment pane
ii  xfce4-session 4.3.99.1-2 Xfce4 Session Manager
ii  xfce4-utils   4.3.99.2-1 Various tools for Xfce
ii  xfdesktop44.3.99.1-1 Provides desktop background and ro
ii  xfwm4 4.3.99.2-1 window manager of the Xfce project
ii  xfwm4-themes  4.3.99.2-2 Theme files for xfwm4

Versions of packages xfce4 recommends:
ii  desktop-base  4.0.1etch2 common files for the Debian Deskto
pn  orage  (no description available)
pn  xfce4-mixer(no description available)
pn  xfce4-terminal (no description available)
pn  xfmedia(no description available)
pn  xfprint4   (no description available)

-- no debconf information
Received: by ns4.mimizan.com (Postfix, from userid 0)
id 5E4931243BF; Thu,  8 Jan 2009 12:33:24 +0100 (CET)
Subject: xfce4 doesn't start after install
Package: xfce4
Version: 4.3.99.2
Severity: grave
Justification: renders package unusable
Message-Id: <20090108113324.5e493124...@ns4.mimizan.com>
Date: Thu,  8 Jan 2009 12:33:24 +0100 (CET)
From: r...@ns4.mimizan.com (root)
To: undisclosed-recipients:;

*** Please type your report below this line ***
after installing xfce4 with apt-get, xfce4 doesn't start.
when running whether startx or starxfce4, I get :

/usr/bin/startxfce4: Starting X server

X: cannot stat /etc/X11/X (No such file or directory), aborting.
giving up.
xinit: Connection refused (errno: 111): unable to connect to X server
xinit: No such process (errno 3): Server error.

so it seems that the configuration of xfce4 hasn't worked or that some 
mandatory dependencies are not checked.

xfce4 should be able to start rifh after being installed


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24-etchnhalf.1-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages xfce4 depends on:
ii  gtk2-engines-xfce 2.3.99.2-1 A GTK+-2.0 theme engine for Xfce
ii  thunar0.4.0rc1-3 File Manager for Xfce
ii  xfce4-icon-theme  4.3.99.2-1 Xfce Standard icon theme
ii  xfce4-mcs-plugins 4.3.99.2-1 Special modules for the xfce4-mcs-
ii  xfce4-panel   4.3.99.2-2 The Xfce4 desktop environment pane
ii  xfce4-session 4.3.99.1-2 Xfce4 Session Manager
ii  xfce4-utils   4.3.99.2-1 Various tools for Xfce
ii  xfdesktop4

Bug#511187: xfce4 doesn't start after install

2009-01-08 Thread t...@mediaforest.net 

Package: xfce4
Version: 4.3.99.2
Severity: grave
Justification: renders package unusable
Message-Id: <20090108113324.5e493124...@lnxgw.mimizan.com>
Date: Thu,  8 Jan 2009 12:33:24 +0100 (CET)
From: t...@mediaforest.net
To: sub...@bugs.debian.org

*** Please type your report below this line ***

After installing xfce4 with apt-get, xfce4 doesn't start.
when running whether startx or starxfce4, I get :

/usr/bin/startxfce4: Starting X server

X: cannot stat /etc/X11/X (No such file or directory), aborting.
giving up.
xinit: Connection refused (errno: 111): unable to connect to X server
xinit: No such process (errno 3): Server error.

so it seems that the configuration of xfce4 hasn't worked or that some 
mandatory dependencies are not checked.

xfce4 should be able to start right after being installed


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24-etchnhalf.1-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages xfce4 depends on:
ii  gtk2-engines-xfce 2.3.99.2-1 A GTK+-2.0 theme engine for Xfce
ii  thunar0.4.0rc1-3 File Manager for Xfce
ii  xfce4-icon-theme  4.3.99.2-1 Xfce Standard icon theme
ii  xfce4-mcs-plugins 4.3.99.2-1 Special modules for the xfce4-mcs-
ii  xfce4-panel   4.3.99.2-2 The Xfce4 desktop environment pane
ii  xfce4-session 4.3.99.1-2 Xfce4 Session Manager
ii  xfce4-utils   4.3.99.2-1 Various tools for Xfce
ii  xfdesktop44.3.99.1-1 Provides desktop background and ro
ii  xfwm4 4.3.99.2-1 window manager of the Xfce project
ii  xfwm4-themes  4.3.99.2-2 Theme files for xfwm4

Versions of packages xfce4 recommends:
ii  desktop-base  4.0.1etch2 common files for the Debian Deskto
pn  orage  (no description available)
pn  xfce4-mixer(no description available)
pn  xfce4-terminal (no description available)
pn  xfmedia(no description available)
pn  xfprint4   (no description available)

-- no debconf information
Received: by ns4.mimizan.com (Postfix, from userid 0)
id 5E4931243BF; Thu,  8 Jan 2009 12:33:24 +0100 (CET)
Subject: xfce4 doesn't start after install
Package: xfce4
Version: 4.3.99.2
Severity: grave
Justification: renders package unusable
Message-Id: <20090108113324.5e493124...@ns4.mimizan.com>
Date: Thu,  8 Jan 2009 12:33:24 +0100 (CET)
From: r...@ns4.mimizan.com (root)
To: undisclosed-recipients:;

*** Please type your report below this line ***
after installing xfce4 with apt-get, xfce4 doesn't start.
when running whether startx or starxfce4, I get :

/usr/bin/startxfce4: Starting X server

X: cannot stat /etc/X11/X (No such file or directory), aborting.
giving up.
xinit: Connection refused (errno: 111): unable to connect to X server
xinit: No such process (errno 3): Server error.

so it seems that the configuration of xfce4 hasn't worked or that some 
mandatory dependencies are not checked.

xfce4 should be able to start rifh after being installed


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24-etchnhalf.1-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages xfce4 depends on:
ii  gtk2-engines-xfce 2.3.99.2-1 A GTK+-2.0 theme engine for Xfce
ii  thunar0.4.0rc1-3 File Manager for Xfce
ii  xfce4-icon-theme  4.3.99.2-1 Xfce Standard icon theme
ii  xfce4-mcs-plugins 4.3.99.2-1 Special modules for the xfce4-mcs-
ii  xfce4-panel   4.3.99.2-2 The Xfce4 desktop environment pane
ii  xfce4-session 4.3.99.1-2 Xfce4 Session Manager
ii  xfce4-utils   4.3.99.2-1 Various tools for Xfce
ii  xfdesktop44.3.99.1-1 Provides desktop background and ro
ii  xfwm4 4.3.99.2-1 window manager of the Xfce project
ii  xfwm4-themes  4.3.99.2-2 Theme files for xfwm4

Versions of packages xfce4 recommends:
ii  desktop-base  4.0.1etch2 common files for the Debian Deskto
pn  orage  (no description available)
pn  xfce4-mixer(no description available)
pn  xfce4-terminal (no description available)
pn  xfmedia(no description available)
pn  xfprint4   (no description available)

-- no debconf information





--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510919: omake failures (#510919) (and RFS)

2009-01-08 Thread Stéphane Glondu 
Evgeni Golov a écrit :
>> BTW, there are many things that shouldn't be in the .orig.tar.gz (such
>> as CVS directories, for a start)... For future releases, it might be
>> relevant to repackage the upstream tarball.
> 
> Yupp, but thats a different issue, not relevant here and now :)

Sorry for the misinformation... CVS directories were there in the past,
but not any more now :)

>>> And for really closing 510919: could either ocaml-nox or omake provide
>>> a ocamldep-omake symlink, pointing to ocamldep? Just to make sure we
>>> (or actually you :P) don't break any user-scripts.
>> This sounds like a dirty visible hack to me, I don't agree with this
>> proposal. Are there so many people hard-coding ocamldep-omake in their
>> scripts? Doesn't it sound reasonable to force people to update their
>> scripts now?
> 
> Dunno if there are people hardcoding it, I don't do any ocaml stuff.
> But you should consider adding a debian/NEWS file, saying
> ocamldep-omake is gone now, so users notice this fact on upgrade and
> not when their stuff is failing.

Done.


Cheers,

-- 
Stéphane




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#500277: bind9 doesn't start

2009-01-08 Thread Bruce Tulloch 
This looks like yet another version of #320460 and friends, with which this bug
should probably be merged. Cheers, Bruce.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510919: omake failures (#510919)

2009-01-08 Thread Stéphane Glondu 
George Danchev a écrit :
> I strongly believe that removing 0.9.8.5-3-3 from both lenny and sid is the 
> way to go, since such a insane package as have been put together should have 
> never been uploaded to the archive in the first place [1]. Then prepare a new 
> and fixed package (sane orig.tar.gz included), upload it to sid and ask 
> release team if they can tolerate such a unblock for lenny at that stage. If 
> they can't, well that is not their fault. There is no excuse for deliberately 
> uploading such a compromised orig.tar.gz to the archive and then insist on it 
> being released with lenny for whatever reasons. I personally see this as a 
> dextrous way to deceive and bypass the established procedures.

What you propose might be the most elegant way, but involve troublesome
steps. It means removing ocaml-reins and patching upstream omake to deal
with the missing file. And maybe the new package will also require a
more thorough (and time-consuming) review.

-- 
Stéphane




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#496419: issue is present, code runs as root

2009-01-08 Thread Raphael Hertzog 
Hi Roland,

you did not handle this RC bug and hence ConVirt is not part of Lenny…
it's a pity as XenMan used to be part of Etch.

There's a new upstream release out and they claim having done "Critical
bugfixes", maybe it's related?

Please take care of the package or find some help to maintain it.

Cheers,

On Wed, 27 Aug 2008, Thijs Kinkhorst wrote:
> tags 496419 confirmed
> thanks
> 
> Hi,
> 
> A simple grep revealed a lot of tempfile issues here, see below. As far as I 
> understand it, the code runs as root. This makes the issue quite serious. 
> Please make sure this is fixed before lenny is released.
> 
> As several different temp files are used insecurely, it may be better to 
> create a separate, private working directory for the program where it may 
> store all those files at will.
> 
> 
> cheers,
> Thijs
> 
> ./config-scripts/xen-3.2/configure-xend.sh:cat  < /tmp/open_ssl.res
> ./config-scripts/xen-3.2/configure-xend.sh:$OPENSSL req -new -key 
> $KEY -out $CSR < /tmp/open_ssl.res
> ./config-scripts/xen-3.2/configure-xend.sh:rm /tmp/open_ssl.res
> ./config-scripts/xen-3.1/configure-xend.sh:cat  < /tmp/open_ssl.res
> ./config-scripts/xen-3.1/configure-xend.sh:$OPENSSL req -new -key 
> $KEY -out $CSR < /tmp/open_ssl.res
> ./config-scripts/xen-3.1/configure-xend.sh:rm /tmp/open_ssl.res
> ./src/utils.py:updates_file = "/tmp/updates.xml"
> ./src/utils.py:  
> dir="/tmp")
> ./src/utils.py:TEST_CONFIGFILE = '/tmp/convirt.conf'
> ./src/XenNode.py:dom_config.save("/tmp/test_config")
> ./src/XenNode.py:newcfg.set_filename("/tmp/Txx")
> ./src/XenNode.py:f = managed_node.node_proxy.open("/tmp/Txx")
> ./src/XenNode.py:print "### read config from /etc/xen/auto and write them 
> to /tmp"
> ./src/XenNode.py:d.save("/tmp/" + f)
> ./src/NodeProxy.py:node.put("/tmp/send", "/tmp/send_r")
> ./src/NodeProxy.py:node.get("/tmp/send_r", "/tmp/received")
> ./src/NodeProxy.py:fd = node.open('/tmp/test_writable','w')
> ./src/NodeProxy.py:
> print 'exists?: ',node.file_exists('/tmp/test_writable')
> ./src/NodeProxy.py:print 'isWritable?: ', 
> node.file_is_writable('/tmp/test_writable')
> ./src/NodeProxy.py:node.remove('/tmp/test_writable')
> ./src/NodeProxy.py:print 'exists?: ', 
> node.file_exists('/tmp/test_writable')
> ./src/NodeProxy.py:node.mkdir("/tmp/node_test")
> ./src/NodeProxy.py:w = node.open("/tmp/node_test/test", "w")
> ./src/NodeProxy.py:r = node.open("/tmp/node_test/test")
> ./src/NodeProxy.py:node.remove("/tmp/node_test/test")
> ./src/NodeProxy.py:node.rmdir("/tmp/node_test")
> ./src/NodeProxy.py:output,code = node.exec_cmd('find /tmp')
> ./src/NodeProxy.py:output,code = node.exec_cmd('junk /tmp')
> ./src/GridManager.py: 
>  
> dir="/tmp")
> ./src/KVMProxy.py:cmdline = cmdline + " -monitor unix:/tmp/" + 
> config.get("name") + \
> ./src/KVMProxy.py:config["monitor"] = "unix:/tmp/xyz"



-- 
Raphaël Hertzog

Le best-seller français mis à jour pour Debian Etch :
http://www.ouaza.com/livre/admin-debian/



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#510955: marked as done (freedict-tools: Maintainer: address non-existing)

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Thu, 08 Jan 2009 09:02:21 +
with message-id 
and subject line Bug#510955: fixed in freedict-tools 0.3-2
has caused the Debian Bug report #510955,
regarding freedict-tools: Maintainer: address non-existing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
510955: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510955
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: freedict-tools
Severity: serious

Hi

the maintainer address for this package does not exist (good luck
getting a copy of this bug):

  pkg-freed...@lists.alioth.debian.org
SMTP error from remote mail server after RCPT 
TO::
host lists.alioth.debian.org [217.196.43.134]:
550 unknown user


-- 
bye, Joerg
Debian is about free speech. beer once brewed can no longer be changed.


pgpzSvqzHzOBM.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: freedict-tools
Source-Version: 0.3-2

We believe that the bug you reported is fixed in the latest version of
freedict-tools, which is due to be installed in the Debian FTP archive:

freedict-tools-dev_0.3-2_all.deb
  to pool/main/f/freedict-tools/freedict-tools-dev_0.3-2_all.deb
freedict-tools_0.3-2.diff.gz
  to pool/main/f/freedict-tools/freedict-tools_0.3-2.diff.gz
freedict-tools_0.3-2.dsc
  to pool/main/f/freedict-tools/freedict-tools_0.3-2.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 510...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kęstutis Biliūnas  (supplier of updated freedict-tools 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 08 Jan 2009 00:56:50 +0200
Source: freedict-tools
Binary: freedict-tools-dev
Architecture: source all
Version: 0.3-2
Distribution: experimental
Urgency: low
Maintainer: Debian FreeDict Packages 

Changed-By: Kęstutis Biliūnas 
Description: 
 freedict-tools-dev - Development files for the FreeDict dictionary packages
Closes: 510955
Changes: 
 freedict-tools (0.3-2) experimental; urgency=low
 .
   * debian/control: fixed maintainer address (Closes: #510955).
   * debian/patches: added patch 004_remove_phonetics import.diff for fully
 removing the phonetics import target.
Checksums-Sha1: 
 8c664d5fab55b3ebea624d0a57b4e12fa9b2a30b 1353 freedict-tools_0.3-2.dsc
 69b53877fc433a0e9b28fd5fcc213f3aee0fd017 10167 freedict-tools_0.3-2.diff.gz
 2b3cce7a1b307756948bb17fa13200ea564ff143 25806 freedict-tools-dev_0.3-2_all.deb
Checksums-Sha256: 
 aa93ac6a494f30d4f3004626aba5ddb408c119be610973d9dfd32b404d410e33 1353 
freedict-tools_0.3-2.dsc
 5d6407bb3a03ed4ddb917479637b2f447b449e131e46a895d164c3162e89b3b8 10167 
freedict-tools_0.3-2.diff.gz
 1f05226578cf58f5d6bd7bc3a347b205b27d1ff6327154646c3ab02662489283 25806 
freedict-tools-dev_0.3-2_all.deb
Files: 
 31012691dd9a07361d0fc3c56d76fd46 1353 libdevel optional 
freedict-tools_0.3-2.dsc
 ce0c1c2f9b946a2a6a2a8392e9fbcd21 10167 libdevel optional 
freedict-tools_0.3-2.diff.gz
 456abd19b3ebbc4b04b3107b553054a1 25806 libdevel optional 
freedict-tools-dev_0.3-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkllr78ACgkQBgac8paUV/BV4ACdEoSPhro5Fy+MJanWUCuca9jH
eGsAoJc33jQxTHremJuDW/Ws9DRAdhPG
=+1+k
-END PGP SIGNATURE-


--- End Message ---

Bug#510974: marked as done ([mailer-dae...@ries.debian.org: Mail delivery failed: returning message to sender])

2009-01-08 Thread Debian Bug Tracking System 

Your message dated Thu, 08 Jan 2009 09:02:21 +
with message-id 
and subject line Bug#510955: fixed in freedict-tools 0.3-2
has caused the Debian Bug report #510955,
regarding [mailer-dae...@ries.debian.org: Mail delivery failed: returning 
message to sender]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
510955: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510955
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: freedict-tools
Version: 0.3-1
Severity: serious

You probably meant pkg-freedict-de...@lists.alioth.debian.org

- Forwarded message from Mail Delivery System 
 -

X-Failed-Recipients: pkg-freed...@lists.alioth.debian.org
Auto-Submitted: auto-replied
From: Mail Delivery System 
To: d...@ries.debian.org
Subject: Mail delivery failed: returning message to sender
X-Lenk-Relay-ID: 5d78e3a35b0d2d1c273baf8de68be7e7
X-CRM114-Version: 20060704a-BlameRobert ( TRE 0.7.3 (LGPL) ) MF-383F1657 [pR: 
83.2818]
X-CRM114-Status: Good  ( pR: 83.2818 )

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  pkg-freed...@lists.alioth.debian.org
SMTP error from remote mail server after RCPT 
TO::
host lists.alioth.debian.org [217.196.43.134]:
550 unknown user

-- This is a copy of the message, including all the headers. --

Return-path: 
Received: from dak by ries.debian.org with local (Exim 4.63)
(envelope-from )
id 1LK55n-0001TV-8U
for pkg-freed...@lists.alioth.debian.org; Tue, 06 Jan 2009 06:07:07 
+
To: pkg-freed...@lists.alioth.debian.org
From: Archive Administrator 
Subject: Processing of freedict-tools_0.3-1_amd64.changes
Date: Tue, 06 Jan 2009 06:07:07 +
X-Debian: DAK
X-Debian-Package: freedict-tools
Message-Id: 
Sender: Archive Administrator 

freedict-tools_0.3-1_amd64.changes uploaded successfully to localhost
along with the files:
  freedict-tools_0.3-1.dsc
  freedict-tools_0.3.orig.tar.gz
  freedict-tools_0.3-1.diff.gz
  freedict-tools-dev_0.3-1_all.deb

Greetings,

Your Debian queue daemon



- End forwarded message -

-- 
Frank Lichtenheld 
www: http://www.djpig.de/


--- End Message ---
--- Begin Message ---
Source: freedict-tools
Source-Version: 0.3-2

We believe that the bug you reported is fixed in the latest version of
freedict-tools, which is due to be installed in the Debian FTP archive:

freedict-tools-dev_0.3-2_all.deb
  to pool/main/f/freedict-tools/freedict-tools-dev_0.3-2_all.deb
freedict-tools_0.3-2.diff.gz
  to pool/main/f/freedict-tools/freedict-tools_0.3-2.diff.gz
freedict-tools_0.3-2.dsc
  to pool/main/f/freedict-tools/freedict-tools_0.3-2.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 510...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kęstutis Biliūnas  (supplier of updated freedict-tools 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 08 Jan 2009 00:56:50 +0200
Source: freedict-tools
Binary: freedict-tools-dev
Architecture: source all
Version: 0.3-2
Distribution: experimental
Urgency: low
Maintainer: Debian FreeDict Packages 

Changed-By: Kęstutis Biliūnas 
Description: 
 freedict-tools-dev - Development files for the FreeDict dictionary packages
Closes: 510955
Changes: 
 freedict-tools (0.3-2) experimental; urgency=low
 .
   * debian/control: fixed maintainer address (Closes: #510955).
   * debian/patches: added patch 004_remove_phonetics import.diff for fully
 removing the phonetics import target.
Checksums-Sha1: 
 8c664d5fab55b3ebea624d0a57b4e12fa9b2a30b 1353 freedict-tools_0.3-2.dsc
 69b53877fc433a0e9b28fd5fcc213f3aee0fd017 10167 freedict-tools_0.3-2.diff.gz
 2b3cce7a1b307756948bb17fa13200ea564ff143 25806 freedict-tools-dev_0.3-2_all.deb
Checksums-Sha256: 
 aa93ac6a494f30d4f3004626aba5ddb408c119be610973d9dfd32b404d410e33 1353 
freedict-tools_0.3-2.dsc
 5d6407bb3a03ed4ddb917479637b2f447b449e131e46a895d164c3162e89b3b8 10167 
freedict-tools_0.3-2.diff.gz
 1f05226578cf58f5d6bd7bc3a347b205b27d1ff6327154646c3ab02662489283 25806 
freedict-tools-dev_0.3-2_all.deb
Files: 
 310126

Bug#511178: openoffice.org-gtk: Freezes consistently at opening

2009-01-08 Thread Rene Engelhard 
tag 511178 + moreinfo
tag 511178 + unreproducible
severity 511178 important
thanks

Leandro Guimarães Faria Corcete DUTRA wrote:
> Package: openoffice.org-gtk
> Version: 1:3.0.1~rc1-2
> Severity: grave

Sure...

> Everytime I open OpenOffice.org with openoffice-gtk installed, it freezes
> consistently at window opening, just after the splash screen.

[...]
> Versions of packages openoffice.org-gtk depends on:
> ii  libatk1.0-0   1.24.0-1   The ATK accessibility toolkit
> ii  libc6 2.8+20080809-1 GNU C Library: Shared libraries

Why did you install libc6 from experimental? Not that it must be related, but..
(And note that that version is superseded anyway)

> strace of oowriter:

of *oowriter*? oowriter is a *SHELL SKRIPT*. Either use the correct binary
or use -f.

Anyway, just tried in a i386 sid chroot with OOo (and libc6, fwiw) from
experimental - even with/without -l10n-fr.

Can it be that your bug is the same/is related to #511063, though?

Grüße/Regards,

René
-- 
 .''`.  René Engelhard -- Debian GNU/Linux Developer
 : :' : http://www.debian.org | http://people.debian.org/~rene/
 `. `'  r...@debian.org | GnuPG-Key ID: 248AEB73
   `-   Fingerprint: 41FA F208 28D4 7CA5 19BB  7AD9 F859 90B0 248A EB73




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511165: linux-image-2.6.26-1-openvz-amd64: Kernel panic with nf_conntrack and FTP

2009-01-08 Thread Vitaliy Gusev 
It seem like bug #1091 (http://bugzilla.openvz.org/show_bug.cgi?id=1091)

Pavel, please apply fix patch to 2.6.26


On 8 January 2009 01:01:47 Lars Hanke wrote:
> Package: linux-image-2.6.26-1-openvz-amd64
> Version: 2.6.26-12
> Severity: grave
> Justification: causes non-serious data loss
> 
> 
> The kernel is used in a Node running several OpenVZ Containers. The node 
> itself does the PPPoE connection to the Internet, a netfilter firewall with 
> NAT, DHCP for the LAN, routing, and that's pretty much it. One of the 
> Containers runs frox through squid3. From my workstation, i.e. Etch system on 
> the LAN, I use gFTP->frox in the container. The latter will pass through 
> squid3 to the node, which will route, forward and NAT.
> 
> I loaded the relevant kernel modules using modprobe nf_conntrack_ftp and 
> modprobe nf_nat_ftp. The panic appears as like, if these modules are not 
> loaded (as shown by reportbug below)! The panic persists, if the following 
> netfilter modules are present:
>  lsmod | grep -E '^(nf|ipt|xt)_'
> nf_nat_ftp  7296  0
> nf_conntrack_ftp   12728  1 nf_nat_ftp
> xt_length   6400  0
> ipt_ttl 6144  0
> xt_limit7172  0
> xt_dscp 7168  0
> ipt_REJECT  7552  0
> xt_TCPMSS   8576  1
> xt_tcpmss   6656  1
> ipt_LOG10372  4
> xt_tcpudp   7680  52
> xt_state6656  35
> xt_multiport7424  5
> ipt_MASQUERADE  6528  1
> nf_nat 22548  3 nf_nat_ftp,ipt_MASQUERADE,iptable_nat
> nf_conntrack_ipv4  24608  38 iptable_nat,nf_nat
> nf_conntrack   82432  6 
> nf_nat_ftp,nf_conntrack_ftp,xt_state,iptable_nat,nf_nat,nf_conntrack_ipv4
> 
> The kernel panic ends in the trace:
> 
> Call Trace:
> []?:nf_conntrack:nf_conntrack_find_get+0x9/0x4d
> []?:nf_conntrack_ipv4:get_origdst+0x90/0x108
> []?nf_sockopt_find+0xa3/0xae
> []?nf_sockopt+0x48/0x73
> []?ip_getsockopt+0x6e/0x99
> []?sys_getsockopt+0x6b/0x8f
> []?system_call_after_swapgs+0x8a/0x8f
> 
> 
> Code: 01 00 e8 de fa ff ff 89 c5 e8 6a cd e7 df 65 48 8b 04 25 00 00 00 00 48 
> 8b 80 08 07 00 00 89 ea 48 c1 e2 03 48 8b 80 c8 14 00 00 <48> 03 50 30 48 8b 
> 3a eb 65 8b 41 04 39 43 04 75 47 8b 41 08 39
> RIP []:nf_conntrack:__nf_conntrack_find+0x3e/0x102
> RSP 
> CR2: 0030
> ---[ end trace 6999cc5debbade24 ]---
> Kernel panic - not syncing: Aiee, killing interrupt handler!
> 
> Don't know what is before that. The machine is dead so I cannot scroll and 
> logs, if produced, are not sync'ed to disk. This is why I classified it as 
> grave!
> 
> I can reproduce the crash reliably. The RSP parameter may differ, the rest 
> appears to be identical for each crash.
> 
> -- Package-specific info:
> ** Version:
> Linux version 2.6.26-1-openvz-amd64 (Debian 2.6.26-12) (wa...@debian.org) 
> (gcc version 4.1.3 20080704 (prerelease) (Debian 4.1.2-24)) #1 SMP Mon Dec 15 
> 18:21:25 UTC 2008
> 
> ** Command line:
> root=/dev/sda5 ro quiet
> 
> ** Not tainted
> 
> ** Kernel log:
> [  117.059519] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.3 DST=172.16.6.3 
> LEN=55 TOS=0x00 PREC=0x00 TTL=63 ID=1479 DF PROTO=UDP SPT=34866 DPT=53 LEN=35 
> [  117.202223] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.8 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=42062 DF PROTO=UDP SPT=35763 DPT=53 
> LEN=39 
> [  118.151920] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.8 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=42285 DF PROTO=UDP SPT=35764 DPT=53 
> LEN=39 
> [  123.059611] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.3 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=3954 DF PROTO=UDP SPT=34867 DPT=53 LEN=39 
> [  123.075863] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.8 DST=172.16.6.3 
> LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=42017 DF PROTO=UDP SPT=35762 DPT=53 
> LEN=37 
> [  123.158894] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.3 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=3978 DF PROTO=UDP SPT=34868 DPT=53 LEN=39 
> [  123.260491] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.8 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=42063 DF PROTO=UDP SPT=35763 DPT=53 
> LEN=39 
> [  124.386247] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.8 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=42286 DF PROTO=UDP SPT=35764 DPT=53 
> LEN=39 
> [  128.610670] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.3 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=3955 DF PROTO=UDP SPT=34867 DPT=53 LEN=39 
> [  128.632206] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.8 DST=172.16.6.3 
> LEN=55 TOS=0x00 PREC=0x00 TTL=63 ID=44516 DF PROTO=UDP SPT=35765 DPT=53 
> LEN=35 
> [  128.707681] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.3 DST=172.16.6.3 
> LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=3979 DF PROTO=UDP SPT=34868 DPT=53 LEN=39 
> [  133.988410] FWD Drop: IN=eth0 OUT=ppp0 SRC=172.16.1.3 DST=172.16.6.3 
> LEN=55 TOS=0x00 PREC=0x00 TTL=63 ID=6454 DF PROTO=UDP SPT=34869 DPT=53 LEN=35 
> [  134.004249] FWD Dro

Processed: Re: Bug#511178: openoffice.org-gtk: Freezes consistently at opening

2009-01-08 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 511178 + moreinfo
Bug#511178: openoffice.org-gtk: Freezes consistently at opening
There were no tags set.
Tags added: moreinfo

> tag 511178 + unreproducible
Bug#511178: openoffice.org-gtk: Freezes consistently at opening
Tags were: moreinfo
Tags added: unreproducible

> severity 511178 important
Bug#511178: openoffice.org-gtk: Freezes consistently at opening
Severity set to `important' from `grave'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511184: installation of mozart-stdlib fails due to unmet dependencies

2009-01-08 Thread Markus Klotzbuecher 
Package: mozart-stdlib
Severity: serious

apt fails to resolve the dependencies for mozart-stdlib:

x61:/home/mk# apt-get install mozart-stdlib
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
  mozart-stdlib: Depends: mozart (>= 1.3.0) but it is not installable
E: Broken packages
x61:/home/mk#


-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org