Processed: r1917 - in mysql-dfsg-5.1/branches/unstable/debian: . patches
Processing commands for cont...@bugs.debian.org: tags 599937 pending Bug #599937 [mysql-5.1] mysql-5.1: 5.1.51 fixes several vulnerabilities Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 599937: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599937 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: r1918 - in mysql-dfsg-5.1/branches/unstable/debian: . po
Processing commands for cont...@bugs.debian.org: tags 595120 pending Bug #595120 {Done: Xavier Oswald xosw...@debian.org} [mysql-server-5.1] dependency loop Added tag(s) pending. tags 601152 pending Bug #601152 {Done: Xavier Oswald xosw...@debian.org} [mysql-5.1] mysql-dfsg-5.1: [INTL:pt] Updated Portuguese translation for debconf messages Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 601152: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601152 595120: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595120 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603545: (no subject)
I contacted the tcsh-bug mailing list. Here's a reply from Jean-Luc Leger: ok I have been tracking the problem to the function rt_mbtowc in tc.str.c In tcsh 6.17.01, a call to mbtowc() in this function has been replaced by a call to mbrtowc(). On my system, those functions behave differently when called with an empty input string : - mbtowc() resets the output string to \0 - mbrtowc() leaves the output string as it is. So, the patch should probably reset the output string to \0 before calling mbrtowc() or test the return value (= 0) and then reset the output string. I hope to get a patch from him, that I can test. -- regards Thomas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605394: pulls in uneeded/unwanted php package, breaking apache
(discussed on IRC, but for record-keeping proposes) On Mon, Nov 29, 2010 at 16:33, Peter Palfrader wea...@debian.org wrote: quantz.d.o is on squeeze, and php was updated in testing. Now apt wants to pull in libapache2-mod-php5 and mess up our apache while it's at it: The problem is that at the time APT looks at php5 the dependency: libapache2-mod-php5 (= 5.3.3-4) | libapache2-mod-php5filter (= 5.3.3-4) | php5-cgi (= 5.3.3-4) isn't satisfied as php5-cgi is installed, but only at version 5.3.3-3, so APT sees the or-group as not satisfied and tries to statisfy it by installing libapache2-mod-php5. This leads to the installation of another apache2-mpm provider, apache2-mpm-prefork in this case which wants to remove apache2-mpm-worker. Which package APT favors later in the resolver depends on the exact system configuration, so you can be lucky and APT chooses the right solution or doing what happened on quantz… Anyway: The proper solution would be to look in an or-group first to check if an installed package can be upgraded to solve the dependency and then in a second run the current behavior. This will properly generate a lot of code (e.g. if you want to do it right, you want to look at Provides, too, enhancing complexity even further) and is maybe even a hit performance wise. For dist-upgrade its easier to mark all installed packages first for installation and then walk again over all to really install them. This way the resolver would see the dependency from above as satisfied as php5-cgi (= 5.3.3-4) is already marked for installation… But this solution doesn't help in apt-get install php5 situation, here is it still apt-get install php5 php5-cgi to get the right solution if the system is in the same state as in the dist-upgrade… (Nobody said partial upgrades would be easy…) Best regards David Kalnischkies === modified file 'apt-pkg/algorithms.cc' --- apt-pkg/algorithms.cc 2010-11-10 11:24:48 + +++ apt-pkg/algorithms.cc 2010-11-29 20:43:07 + @@ -374,6 +374,13 @@ { pkgDepCache::ActionGroup group(Cache); + /* Upgrade all installed packages first without autoinst to help the resolver + in versioned or-groups to upgrade the old solver instead of installing + a new one (if the old solver is not the first one [anymore]) */ + for (pkgCache::PkgIterator I = Cache.PkgBegin(); I.end() == false; ++I) + if (I-CurrentVer != 0) + Cache.MarkInstall(I, false, 0, false); + /* Auto upgrade all installed packages, this provides the basis for the installation */ for (pkgCache::PkgIterator I = Cache.PkgBegin(); I.end() == false; I++) === modified file 'debian/changelog' --- debian/changelog 2010-11-27 15:18:27 + +++ debian/changelog 2010-11-29 20:43:07 + @@ -6,7 +6,13 @@ will actually test uncompressed indexes regardless of the internal default value of Acquire::GzipIndexes. - -- Michael Vogt m...@debian.org Thu, 25 Nov 2010 16:08:01 +0100 + [ David Kalnischkies ] + * apt-pkg/algorithms.cc: +- mark all installed packages first without auto installation in + a dist-upgrade to prefer upgrading packages instead of installing + new packages in versioned or-groups (Closes: #605394) + + -- David Kalnischkies kalnischk...@gmail.com Mon, 29 Nov 2010 21:41:56 +0100 apt (0.8.9) unstable; urgency=low === added file 'test/integration/Packages-bug-605394-versioned-or-groups' --- test/integration/Packages-bug-605394-versioned-or-groups 1970-01-01 00:00:00 + +++ test/integration/Packages-bug-605394-versioned-or-groups 2010-11-29 20:43:07 + @@ -0,0 +1,71 @@ +Package: apache2-mpm-prefork +Priority: optional +Section: httpd +Installed-Size: 68 +Maintainer: Debian Apache Maintainers debian-apa...@lists.debian.org +Architecture: i386 +Source: apache2 +Version: 2.2.16-4 +Provides: apache2-mpm +Conflicts: apache2-mpm +Filename: pool/main/a/apache2/apache2-mpm-prefork_2.2.16-4_i386.deb +Size: 2276 +MD5Sum: c0db3e637052e59dbdb2fa08f4cdcea4 +Description: Apache HTTP Server - traditional non-threaded model +Task: web-server + +Package: apache2-mpm-worker +Priority: optional +Section: httpd +Installed-Size: 68 +Maintainer: Debian Apache Maintainers debian-apa...@lists.debian.org +Architecture: i386 +Source: apache2 +Version: 2.2.16-4 +Provides: apache2-mpm +Conflicts: apache2-mpm +Filename: pool/main/a/apache2/apache2-mpm-worker_2.2.16-4_i386.deb +Size: 2220 +MD5Sum: 71bccda875aa0afac700410b951370ba +Description: Apache HTTP Server - high speed threaded model + +Package: libapache2-mod-php5 +Priority: optional +Section: httpd +Installed-Size: 7588 +Maintainer: Debian PHP Maintainers pkg-php-ma...@lists.alioth.debian.org +Architecture: i386 +Source: php5 +Version: 5.3.3-4 +Depends: apache2-mpm-prefork ( 2.0.52) +Filename: pool/main/p/php5/libapache2-mod-php5_5.3.3-4_i386.deb +Size: 2886980 +MD5Sum: b41ec4b98aa08966288570e07cd864ab +Description: server-side, HTML-embedded scripting language (Apache 2 module) +Task: web-server + +Package:
Bug#605397: hplip: Won't print anything (gives unsupported format message)
On 11/29/2010 10:55 PM, Sam Morris wrote: This was solved by installing ghostscript-cups. It is only Recommended by cups; should hplip depend on it? Since HPLIP 3.9.6b-1 (exactly 3.9.4b-1ubuntu4) the hplip-cups package depends on ghostscript-cups. So for all Debian releases with this HPLIP version or a newer one this bug should be fixed. Till -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605462: [openjdk-6] FTBFS on amd64 cowbuilder for experimental
Package: openjdk-6 Version: 6b20-1.9.2-1 Severity: serious ---/tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/bin/javac -g -encoding ascii -source 6 -target 6 -source 1.4 -target 1.4 -classpath /tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/lib/tools.jar:/tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/jre/lib/rt.jar -sourcepath /tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk-ecj/hotspot/agent/src/share/classes -d /tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product/../generated/saclasses @/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product/../agent1.classes.list /tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/bin/javac -g -encoding ascii -source 6 -target 6 -source 1.4 -target 1.4 -classpath /tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/lib/tools.jar:/tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/jre/lib/rt.jar -sourcepath /tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk-ecj/hotspot/agent/src/share/classes -d /tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product/../generated/saclasses @/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product/../agent2.classes.list /tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/bin/rmic -classpath /tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build- ecj/hotspot/outputdir/linux_amd64_compiler2/product/../generated/saclasses -d /tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build- ecj/hotspot/outputdir/linux_amd64_compiler2/product/../generated/saclasses sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer make[9]: /tmp/buildd/openjdk-6-6b20-1.9.2/build/bootstrap/jdk1.6.0/bin/rmic: Command not found make[9]: *** [/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product/../generated/sa-jdi.jar] Error 127 make[9]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product' make[8]: *** [all] Error 2 make[8]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product' make[7]: *** [sa_stuff] Error 2 make[7]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir/linux_amd64_compiler2/product' make[6]: *** [product] Error 2 make[6]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk.build-ecj/hotspot/outputdir' make[5]: *** [generic_build2] Error 2 make[5]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk-ecj/hotspot/make' make[4]: *** [product] Error 2 make[4]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk-ecj/hotspot/make' make[3]: *** [hotspot-build] Error 2 make[3]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk-ecj' make[2]: *** [build_product_image] Error 2 make[2]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build/openjdk-ecj' make[1]: *** [stamps/icedtea-ecj.stamp] Error 2 make[1]: Leaving directory `/tmp/buildd/openjdk-6-6b20-1.9.2/build' make: *** [stamps/build] Error 1 dpkg-buildpackage: error: debian/rules build gave error exit status 2 E: Failed autobuilding of package I: unmounting /var/cache/pbuilder/ccache filesystem I: unmounting /var/cache/apt/archives filesystem I: unmounting dev/pts filesystem I: unmounting proc/sys/fs/binfmt_misc filesystem I: unmounting proc filesystem - Cleaning COW directory --- System information. --- Architecture: amd64 Kernel: Linux 2.6.36-trunk-amd64 Debian Release: squeeze/sid 500 unstablewww.debian-multimedia.org 500 unstableftp.debian.org 500 testing ftp.debian.org 500 stable ftp.debian.org 1 experimentalwww.debian-multimedia.org 1 experimentalftp.debian.org --- Package information. --- Package's Depends field is empty. Package's Recommends field is empty. Package's Suggests field is empty. -- Emil Langrock -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605397: hplip: Won't print anything (gives unsupported format message)
Version: 3.10.6-1.1 On Tue, 2010-11-30 at 11:29 +0100, Till Kamppeter wrote: On 11/29/2010 10:55 PM, Sam Morris wrote: This was solved by installing ghostscript-cups. It is only Recommended by cups; should hplip depend on it? Since HPLIP 3.9.6b-1 (exactly 3.9.4b-1ubuntu4) the hplip-cups package depends on ghostscript-cups. So for all Debian releases with this HPLIP version or a newer one this bug should be fixed. Yes, the omission is confined to the dependencies of the backported package. Till -- Sam Morris s...@robots.org.uk -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605397: marked as done (hplip: Won't print anything (gives unsupported format message))
Your message dated Tue, 30 Nov 2010 10:46:13 + with message-id 1291113973.20328.0.ca...@leela and subject line Re: Bug#605397: hplip: Won't print anything (gives unsupported format message) has caused the Debian Bug report #605397, regarding hplip: Won't print anything (gives unsupported format message) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605397: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605397 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: hplip Version: 3.10.5-4~bpo50+1 Severity: grave Justification: renders package unusable After upgrading to version 3.10.5-4~bpo50+1 I get the following message when trying to print to my HP OfficeJet 4215: $ lp -d officejet_4200 testing lp: Unsupported format 'text/plain'! The following appears in CUPS' error_log: == /var/log/cups/access_log == localhost - - [29/Nov/2010:16:06:03 +] POST /printers/officejet_4200 HTTP/1.1 200 354 Create-Job successful-ok localhost - - [29/Nov/2010:16:06:03 +] POST /printers/officejet_4200 HTTP/1.1 200 245 Send-Document client-error-document-format-not-supported == /var/log/cups/error_log == D [29/Nov/2010:16:06:03 +] cupsdAcceptClient: 14 from localhost (Domain) D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 POST / HTTP/1.1 D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Active clients D [29/Nov/2010:16:06:03 +] cupsdAuthorize: No authentication data provided. D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 1.1 Get-Printer-Attributes 1 D [29/Nov/2010:16:06:03 +] Get-Printer-Attributes ipp://localhost:631/printers/officejet_4200 D [29/Nov/2010:16:06:03 +] Returning IPP successful-ok for Get-Printer-Attributes (ipp://localhost:631/printers/officejet_4200) from localhost D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Not busy D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 POST /printers/officejet_4200 HTTP/1.1 D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Active clients D [29/Nov/2010:16:06:03 +] cupsdAuthorize: No authentication data provided. D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 1.1 Create-Job 1 D [29/Nov/2010:16:06:03 +] Create-Job ipp://localhost:631/printers/officejet_4200 D [29/Nov/2010:16:06:03 +] cupsdMarkDirty(J-) D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Active clients and dirty files D [29/Nov/2010:16:06:03 +] add_job: requesting-user-name=sam I [29/Nov/2010:16:06:03 +] [Job 1986] Adding start banner page none. D [29/Nov/2010:16:06:03 +] Discarding unused job-created event... I [29/Nov/2010:16:06:03 +] [Job 1986] Queued on officejet_4200 by sam. D [29/Nov/2010:16:06:03 +] Returning IPP successful-ok for Create-Job (ipp://localhost:631/printers/officejet_4200) from localhost D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Dirty files D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 POST /printers/officejet_4200 HTTP/1.1 D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Active clients and dirty files D [29/Nov/2010:16:06:03 +] cupsdAuthorize: No authentication data provided. D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 1.1 Send-Document 1 D [29/Nov/2010:16:06:03 +] Send-Document ipp://localhost:631/printers/officejet_4200 D [29/Nov/2010:16:06:03 +] cupsdIsAuthorized: requesting-user-name=sam D [29/Nov/2010:16:06:03 +] [Job 1986] Auto-typing file... D [29/Nov/2010:16:06:03 +] [Job 1986] Request file type is text/plain. D [29/Nov/2010:16:06:03 +] Send-Document client-error-document-format-not-supported: Unsupported format 'text/plain'! E [29/Nov/2010:16:06:03 +] Returning IPP client-error-document-format-not-supported for Send-Document (ipp://localhost:631/printers/officejet_4200) from localhost D [29/Nov/2010:16:06:03 +] cupsdSetBusyState: Dirty files D [29/Nov/2010:16:06:03 +] cupsdReadClient: 14 WAITING Closing on EOF D [29/Nov/2010:16:06:03 +] cupsdCloseClient: 14 The symptoms of this bug are similar to that of #381743, but I am able to print to the other (pure PostScript) printer on the server just fine, so I think this is an hplip-specific problem. Here's the info requested by the CUPS maintainers in that bug: $ grep -H *NickName /etc/cups/ppd/*.ppd /etc/cups/ppd/delly.ppd:*NickName: Dell 2330dn Laser Printer /etc/cups/ppd/officejet_4200.ppd:*NickName: HP Officejet 4200 Series, hpcups 3.10.5 $ lpstat -v device for delly: socket://10.0.0.2 device for officejet_4200: hp:/usb/officejet_4200_series?serial=CN5A5GI0XY $ ls -l /etc/cups/*.types /etc/cups/*.convs
Bug#605394: marked as done (pulls in uneeded/unwanted php package, breaking apache)
Your message dated Tue, 30 Nov 2010 11:02:13 + with message-id e1pnnyp-00084x...@franck.debian.org and subject line Bug#605394: fixed in apt 0.8.10 has caused the Debian Bug report #605394, regarding pulls in uneeded/unwanted php package, breaking apache to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605394: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605394 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apt Version: 0.8.8 Severity: serious Hi, quantz.d.o is on squeeze, and php was updated in testing. Now apt wants to pull in libapache2-mod-php5 and mess up our apache while it's at it: | wea...@quantz:~$ dpkg --get-selections | grep apa | apache2 install | apache2-mpm-worker install | apache2-utils install | apache2.2-bin install | apache2.2-commoninstall | libapache2-mod-fcgidinstall | wea...@quantz:~$ dpkg --get-selections | grep php | php5install | php5-cgiinstall | php5-cliinstall | php5-common install | php5-ldap install | php5-pgsql install | php5-suhosininstall | wea...@quantz:~$ dpkg -l 'php*' | Desired=Unknown/Install/Remove/Purge/Hold | | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend | |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) | ||/ Name VersionDescription | +++-==-==- | un php-pear none (no description available) | ii php5 5.3.3-3server-side, HTML-embedded scripting languag | ii php5-cgi 5.3.3-3server-side, HTML-embedded scripting languag | ii php5-cli 5.3.3-3command-line interpreter for the php5 script | ii php5-common5.3.3-3Common files for packages built from the php | un php5-json none (no description available) | ii php5-ldap 5.3.3-3LDAP module for php5 | un php5-mhash none (no description available) | ii php5-pgsql 5.3.3-3PostgreSQL module for php5 | ii php5-suhosin 0.9.32.1-1 advanced protection module for php5 | un phpapi-2009062 none (no description available) | wea...@quantz:~$ dpkg -l '*apache*' | Desired=Unknown/Install/Remove/Purge/Hold | | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend | |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) | ||/ Name VersionDescription | +++-==-==- | un apache none (no description available) | un apache-common none (no description available) | un apache-utils none (no description available) | ii apache22.2.16-4 Apache HTTP Server metapackage | un apache2-common none (no description available) | un apache2-docnone (no description available) | un apache2-mpmnone (no description available) | un apache2-mpm-ev none (no description available) | un apache2-mpm-it none (no description available) | un apache2-mpm-pe none (no description available) | un apache2-mpm-pr none (no description available) | un apache2-mpm-th none (no description available) | ii apache2-mpm-wo 2.2.16-4 Apache HTTP Server - high speed threaded mod | un apache2-suexec none (no description available) | un apache2-suexec none (no description available) | ii apache2-utils 2.2.16-4 utility programs for webservers | ii apache2.2-bin 2.2.16-4 Apache HTTP Server common binary files | ii apache2.2-comm 2.2.16-4 Apache HTTP Server common files | un gforge-web-apa none (no description available) | un libapache-mod- none (no description available) | un libapache-mod- none (no description available) | un libapache2-mod none (no description available) | ii libapache2-mod 1:2.3.6-1 an alternative module compat with mod_fastcg | un libapache2-mod none (no description available) | un libapache2-mod none (no description available) | un libapache2-mod none
Bug#604042: marked as done (Purging opendnssec-common causes dpkg (or at least aptitude) to break)
Your message dated Tue, 30 Nov 2010 11:32:36 + with message-id e1pnoro-00024b...@franck.debian.org and subject line Bug#604042: fixed in opendnssec 1.1.3-2 has caused the Debian Bug report #604042, regarding Purging opendnssec-common causes dpkg (or at least aptitude) to break to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 604042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604042 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: opendnssec Version: 1.1.3-1 Severity: critical Tags: patch Justification: breaks unrelated software The opendnssec-common postrm script use same order as postinst script, causing the opendnssec acount to be removed before undoing statoverride. Additionally undoing of homedir statoverride is missing. On top of this, dpkg-statoverride is silences so the fatal warnings are not seen. Here's the fix: --- opendnssec-common.postrm.orig +++ opendnssec-common.postrm @@ -4,19 +4,18 @@ set -e unset_perms() { -dpkg-statoverride --remove $1 /dev/null 2/dev/null || true +dpkg-statoverride --remove $1 || true } case $1 in purge) - deluser --quiet opendnssec /dev/null || true - unset_perms /etc/opendnssec for dir in tmp signconf unsigned signed db; do unset_perms /var/lib/opendnssec/$dir done + unset_perms /var/lib/opendnssec for conf in conf.xml kasp.xml zonefetch.xml zonelist.xml; do # unset dpkg-statoverride permissions @@ -37,6 +36,8 @@ fi done + deluser --quiet opendnssec /dev/null || true + ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) Regards, - Jonas -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.36-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=da_DK.UTF-8, LC_CTYPE=da_DK.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages opendnssec depends on: ii libhsm-bin1.1.3-1library for interfacing PKCS#11 Ha ii opendnssec-enforcer 1.1.3-1tool to prepares DNSSEC keys (comm ii opendnssec-enforcer-sqlite3 1.1.3-1tool to prepares DNSSEC keys (sqli ii opendnssec-signer 1.1.3-1daemon to sign DNS zone files peri Versions of packages opendnssec recommends: ii opendnssec-auditor1.1.3-1tool to audit DNS signed zones acc Versions of packages opendnssec suggests: ii softhsm 1.1.4-5a cryptographic store accessible t -- no debconf information ---End Message--- ---BeginMessage--- Source: opendnssec Source-Version: 1.1.3-2 We believe that the bug you reported is fixed in the latest version of opendnssec, which is due to be installed in the Debian FTP archive: libhsm-bin_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm-bin_1.1.3-2_amd64.deb libhsm-dev_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm-dev_1.1.3-2_amd64.deb libhsm0_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm0_1.1.3-2_amd64.deb opendnssec-auditor_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-auditor_1.1.3-2_all.deb opendnssec-common_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-common_1.1.3-2_all.deb opendnssec-enforcer-mysql_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-enforcer-mysql_1.1.3-2_amd64.deb opendnssec-enforcer-sqlite3_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-enforcer-sqlite3_1.1.3-2_amd64.deb opendnssec-enforcer_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-enforcer_1.1.3-2_all.deb opendnssec-signer-tools_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-signer-tools_1.1.3-2_amd64.deb opendnssec-signer_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-signer_1.1.3-2_all.deb opendnssec_1.1.3-2.debian.tar.gz to main/o/opendnssec/opendnssec_1.1.3-2.debian.tar.gz opendnssec_1.1.3-2.dsc to main/o/opendnssec/opendnssec_1.1.3-2.dsc opendnssec_1.1.3-2_all.deb to main/o/opendnssec/opendnssec_1.1.3-2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 604...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý ond...@debian.org (supplier of updated opendnssec package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive
Bug#605161: marked as done (opendnssec-signer: Use of PYTHONPATH env var in an insecure way)
Your message dated Tue, 30 Nov 2010 11:32:36 + with message-id e1pnoro-00024h...@franck.debian.org and subject line Bug#605161: fixed in opendnssec 1.1.3-2 has caused the Debian Bug report #605161, regarding opendnssec-signer: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605161: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605161 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: opendnssec-signer Version: 1.1.3-1 Severity: grave Tags: security User: debian-pyt...@lists.debian.org Usertags: pythonpath Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in an insecure way. Those packages do something like: PYTHONPATH=/spam/eggs:$PYTHONPATH This is wrong, because if PYTHONPATH were originally unset or empty, current working directory would be added to sys.path. [1] http://lists.debian.org/debian-python/2010/11/msg00045.html Your package turns out to have vulnerable scripts in PATH: you can find a complete log at [2]. [2] http://people.debian.org/~morph/mbf/pythonpath.txt Some guidelines on how to fix these bugs: in the case given above, you can use something like PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH} (If you don't known this construct, grep for Use Alternative Value in the bash/dash manpage.) Also, in cases like PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH or PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py you shouldn't need to touch PYTHONPATH at all. Feel free to contact debian-pyt...@lists.debian.org in case of help. ---End Message--- ---BeginMessage--- Source: opendnssec Source-Version: 1.1.3-2 We believe that the bug you reported is fixed in the latest version of opendnssec, which is due to be installed in the Debian FTP archive: libhsm-bin_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm-bin_1.1.3-2_amd64.deb libhsm-dev_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm-dev_1.1.3-2_amd64.deb libhsm0_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm0_1.1.3-2_amd64.deb opendnssec-auditor_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-auditor_1.1.3-2_all.deb opendnssec-common_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-common_1.1.3-2_all.deb opendnssec-enforcer-mysql_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-enforcer-mysql_1.1.3-2_amd64.deb opendnssec-enforcer-sqlite3_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-enforcer-sqlite3_1.1.3-2_amd64.deb opendnssec-enforcer_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-enforcer_1.1.3-2_all.deb opendnssec-signer-tools_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-signer-tools_1.1.3-2_amd64.deb opendnssec-signer_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-signer_1.1.3-2_all.deb opendnssec_1.1.3-2.debian.tar.gz to main/o/opendnssec/opendnssec_1.1.3-2.debian.tar.gz opendnssec_1.1.3-2.dsc to main/o/opendnssec/opendnssec_1.1.3-2.dsc opendnssec_1.1.3-2_all.deb to main/o/opendnssec/opendnssec_1.1.3-2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý ond...@debian.org (supplier of updated opendnssec package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 30 Nov 2010 12:15:58 +0100 Source: opendnssec Binary: opendnssec-auditor opendnssec-common opendnssec opendnssec-enforcer opendnssec-enforcer-mysql opendnssec-enforcer-sqlite3 opendnssec-signer opendnssec-signer-tools libhsm-bin libhsm-dev libhsm0 Architecture: source all amd64 Version: 1.1.3-2 Distribution: unstable Urgency: high Maintainer: Ondřej Surý ond...@debian.org Changed-By: Ondřej Surý ond...@debian.org Description: libhsm-bin - library for interfacing PKCS#11 Hardware Security Modules libhsm-dev - library for interfacing PKCS#11 Hardware Security Modules libhsm0- library for interfacing PKCS#11 Hardware Security Modules opendnssec - dependency package to install full OpenDNSSEC suite opendnssec-auditor - tool to audit DNS signed zones according to local policy opendnssec-common - common configuration files for OpenDNSSEC suite opendnssec-enforcer - tool to prepares DNSSEC keys (common package)
Bug#605165: marked as done (opendnssec-signer: Use of PYTHONPATH env var in an insecure way)
Your message dated Tue, 30 Nov 2010 11:32:36 + with message-id e1pnoro-00024h...@franck.debian.org and subject line Bug#605161: fixed in opendnssec 1.1.3-2 has caused the Debian Bug report #605161, regarding opendnssec-signer: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605161: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605161 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: opendnssec-signer Version: 1.1.3-1 Severity: grave Tags: security User: debian-pyt...@lists.debian.org Usertags: pythonpath Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in an insecure way. Those packages do something like: PYTHONPATH=/spam/eggs:$PYTHONPATH This is wrong, because if PYTHONPATH were originally unset or empty, current working directory would be added to sys.path. [1] http://lists.debian.org/debian-python/2010/11/msg00045.html Your package turns out to have vulnerable scripts in PATH: you can find a complete log at [2]. [2] http://people.debian.org/~morph/mbf/pythonpath.txt Some guidelines on how to fix these bugs: in the case given above, you can use something like PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH} (If you don't known this construct, grep for Use Alternative Value in the bash/dash manpage.) Also, in cases like PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH or PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py you shouldn't need to touch PYTHONPATH at all. Feel free to contact debian-pyt...@lists.debian.org in case of help. ---End Message--- ---BeginMessage--- Source: opendnssec Source-Version: 1.1.3-2 We believe that the bug you reported is fixed in the latest version of opendnssec, which is due to be installed in the Debian FTP archive: libhsm-bin_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm-bin_1.1.3-2_amd64.deb libhsm-dev_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm-dev_1.1.3-2_amd64.deb libhsm0_1.1.3-2_amd64.deb to main/o/opendnssec/libhsm0_1.1.3-2_amd64.deb opendnssec-auditor_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-auditor_1.1.3-2_all.deb opendnssec-common_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-common_1.1.3-2_all.deb opendnssec-enforcer-mysql_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-enforcer-mysql_1.1.3-2_amd64.deb opendnssec-enforcer-sqlite3_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-enforcer-sqlite3_1.1.3-2_amd64.deb opendnssec-enforcer_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-enforcer_1.1.3-2_all.deb opendnssec-signer-tools_1.1.3-2_amd64.deb to main/o/opendnssec/opendnssec-signer-tools_1.1.3-2_amd64.deb opendnssec-signer_1.1.3-2_all.deb to main/o/opendnssec/opendnssec-signer_1.1.3-2_all.deb opendnssec_1.1.3-2.debian.tar.gz to main/o/opendnssec/opendnssec_1.1.3-2.debian.tar.gz opendnssec_1.1.3-2.dsc to main/o/opendnssec/opendnssec_1.1.3-2.dsc opendnssec_1.1.3-2_all.deb to main/o/opendnssec/opendnssec_1.1.3-2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý ond...@debian.org (supplier of updated opendnssec package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 30 Nov 2010 12:15:58 +0100 Source: opendnssec Binary: opendnssec-auditor opendnssec-common opendnssec opendnssec-enforcer opendnssec-enforcer-mysql opendnssec-enforcer-sqlite3 opendnssec-signer opendnssec-signer-tools libhsm-bin libhsm-dev libhsm0 Architecture: source all amd64 Version: 1.1.3-2 Distribution: unstable Urgency: high Maintainer: Ondřej Surý ond...@debian.org Changed-By: Ondřej Surý ond...@debian.org Description: libhsm-bin - library for interfacing PKCS#11 Hardware Security Modules libhsm-dev - library for interfacing PKCS#11 Hardware Security Modules libhsm0- library for interfacing PKCS#11 Hardware Security Modules opendnssec - dependency package to install full OpenDNSSEC suite opendnssec-auditor - tool to audit DNS signed zones according to local policy opendnssec-common - common configuration files for OpenDNSSEC suite opendnssec-enforcer - tool to prepares DNSSEC keys (common package)
Bug#605466: acpi: Wrong Battery level reported
Package: acpi Version: 1.5-2 Severity: grave Justification: causes non-serious data loss Battery 0: Unknown, 0% === Adapter 0: on-line Thermal 0: ok, 44.5 degrees C Thermal 0: trip point 0 switches to mode critical at temperature 107.0 degrees C Cooling 0: Processor 0 of 10 Cooling 1: Processor 0 of 10 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.36.1 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF8, LC_CTYPE=en_US.UTF8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF8) Shell: /bin/sh linked to /bin/bash Versions of packages acpi depends on: ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib acpi recommends no packages. acpi suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#583738: It's there again
On Tue, Nov 30, 2010 at 01:19:02PM +0100, Thomas Neugebauer wrote: I followed the instruction on the web page (thanks for that) and got some more informations for you. The printed file from gedit was in the PDF 1.4 format (it's attached). The error.log shows some lines complaining about ipp errors and failing authentifications. In your original bugreport you mentioned the following error: /usr/lib/cups/filter/pdftoraster failed Later you mention that it failed it different ways. I strongly suspect that the errors you experience are *not* the one mentioned by Sebastian Dröge as being in ghostscript, claimed (by him) fixed in Ubuntu, and claimed (by me) fixed in Debian. Do you still get the above error with pdftoraster? - Jonas -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: Digital signature
Bug#604053: marked as done (nsca: starts as daemon although disabled in debconf)
Your message dated Tue, 30 Nov 2010 13:32:21 + with message-id e1pnqjh-0005gt...@franck.debian.org and subject line Bug#604053: fixed in nsca 2.7.2+nmu1 has caused the Debian Bug report #604053, regarding nsca: starts as daemon although disabled in debconf to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 604053: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604053 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: nsca Version: 2.7.2 Severity: serious Installing nsca and answering 'no' to the debcanf question which asks if you want to run the nsca daemon still results in a running daemon with a pretty unusual PID: 4294967295 12373 1 0 21:08 ?00:00:00 /usr/sbin/nsca --daemon -c /etc/nsca.cfg I'm filing this as serious as I consider daemons which run and listen on tcp ports without being configured to do so as a security issue. Especially when they run with a UID which might b in use otherwise. I'd guess it tries to use -1 as UID as that was the UID of nobody some ancient times ago. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35.7-think (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nsca depends on: ii debconf [debconf-2.0] 1.5.36 Debian configuration management sy ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libmcrypt42.5.8-3.1 De-/Encryption Library nsca recommends no packages. Versions of packages nsca suggests: pn nagiosnone (no description available) ii nagios-plugins1.4.15-2 Plugins for the nagios network mon ii nagios-plugins-basic 1.4.15-2 Plugins for the nagios network mon -- Configuration Files: /etc/init.d/nsca changed: DAEMON=/usr/sbin/nsca NAME=nsca DESC=Nagios Service Check Acceptor CONF=/etc/nsca.cfg OPTS=--daemon -c $CONF PIDFILE=/var/run/nsca.pid if [ ! -x $DAEMON ]; then exit 0 fi get_config(){ grep ^[[:space:]]*$1= $CONF 2/dev/null | tail | cut -d= -f2- } PIDFILE=`get_config pid_file` if [ -z $PIDFILE ]; then # then this is the default PIDFILE PIDFILE=/var/run/nsca.pid # run nsca in the foreground, and have s-s-d fork it for us OPTS=-f $OPTS # and then this is how we call SSD SSD_STARTOPTS=--background --pidfile $PIDFILE --make-pidfile SSD_STOPOPTS=--pidfile $PIDFILE else # but if pid_file is set, we don't have to do anything SSD_STARTOPTS=--pidfile $PIDFILE SSD_STOPOPTS=--pidfile $PIDFILE fi SSD_START=/sbin/start-stop-daemon --oknodo -S $SSD_STARTOPTS --exec $DAEMON SSD_STOP=/sbin/start-stop-daemon --oknodo -K $SSD_STOPOPTS --exec $DAEMON die(){ echo $@ exit 1 } case $1 in start) echo -n Starting $DESC: if [ ! -d /var/run/nagios ]; then mkdir -p /var/run/nagios || die ERROR: couldn't create /var/run/nagios fi $SSD_START -- $OPTS || die ERROR: could not start $NAME. echo $NAME. ;; stop) echo -n Stopping $DESC: $SSD_STOP -- $OPTS || die ERROR: could not stop $NAME. rm -f $PIDFILE echo $NAME. ;; reload|force-reload) echo -n Reloading $DESC: $SSD_STOP --signal HUP -- $OPTS || die ERROR: could not reload $NAME. echo $NAME. ;; restart) $0 stop $0 start ;; esac /etc/nsca.cfg changed: pid_file=/var/run/nsca.pid server_port=5667 nsca_user=nagios nsca_group=nogroup debug=0 command_file=/var/lib/nagios3/rw/nagios.cmd alternate_dump_file=/var/run/nagios/nsca.dump aggregate_writes=0 append_to_file=0 max_packet_age=30 decryption_method=1 /etc/send_nsca.cfg changed: encryption_method=1 -- debconf information: nsca/run-nsca-daemon: ---End Message--- ---BeginMessage--- Source: nsca Source-Version: 2.7.2+nmu1 We believe that the bug you reported is fixed in the latest version of nsca, which is due to be installed in the Debian FTP archive: nsca_2.7.2+nmu1.dsc to main/n/nsca/nsca_2.7.2+nmu1.dsc nsca_2.7.2+nmu1.tar.gz to main/n/nsca/nsca_2.7.2+nmu1.tar.gz nsca_2.7.2+nmu1_amd64.deb to main/n/nsca/nsca_2.7.2+nmu1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to
Bug#584350: refcard: FTBFS: xmlroff segfaults
On Mon, 29 Nov 2010 22:49:04 +0100 Simon Paillard spaill...@debian.org wrote: It sounds the issue was actually a font issue. Here is he pdf built with otf-ipafont-gothic as extra build-dep: http://people.debian.org/~spaillard/refcard-ja-a4.pdf.gz Could you please check it looks ok ? Thanks! It looks good - much better than previous one :) -- Regards, Hideki Yamane henrich @ debian.or.jp/org http://wiki.debian.org/HidekiYamane -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: severity of 605472 is normal
Processing commands for cont...@bugs.debian.org: severity 605472 normal Bug #605472 [linux-2.6] sysfs: cannot create duplicate filename Severity set to 'normal' from 'grave' thanks Stopping processing here. Please contact me if you need assistance. -- 605472: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605472 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: tagging 604233
Processing commands for cont...@bugs.debian.org: tags 604233 - pending Bug #604233 [sitebar] sitebar: start mysqld in postinst without using invoke-rc.d Ignoring request to alter tags of bug #604233 to the same tags previously set thanks Stopping processing here. Please contact me if you need assistance. -- 604233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604233 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605160: marked as done (pymca: Use of PYTHONPATH env var in an insecure way)
Your message dated Tue, 30 Nov 2010 13:47:46 + with message-id e1pnqyc-0007sg...@franck.debian.org and subject line Bug#605160: fixed in pymca 4.4.1p1-1 has caused the Debian Bug report #605160, regarding pymca: Use of PYTHONPATH env var in an insecure way to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605160: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605160 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: pymca Version: 4.4.0-1 Severity: grave Tags: security User: debian-pyt...@lists.debian.org Usertags: pythonpath Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in an insecure way. Those packages do something like: PYTHONPATH=/spam/eggs:$PYTHONPATH This is wrong, because if PYTHONPATH were originally unset or empty, current working directory would be added to sys.path. [1] http://lists.debian.org/debian-python/2010/11/msg00045.html Your package turns out to have vulnerable scripts in PATH: you can find a complete log at [2]. [2] http://people.debian.org/~morph/mbf/pythonpath.txt Some guidelines on how to fix these bugs: in the case given above, you can use something like PYTHONPATH=/spam/eggs${PYTHONPATH:+:$PYTHONPATH} (If you don't known this construct, grep for Use Alternative Value in the bash/dash manpage.) Also, in cases like PYTHONPATH=/usr/lib/python2.5/site-packages/:$PYTHONPATH or PYTHONPATH=$PYTHONPATH:$SPAMDIR exec python $SPAMDIR/spam.py you shouldn't need to touch PYTHONPATH at all. Feel free to contact debian-pyt...@lists.debian.org in case of help. ---End Message--- ---BeginMessage--- Source: pymca Source-Version: 4.4.1p1-1 We believe that the bug you reported is fixed in the latest version of pymca, which is due to be installed in the Debian FTP archive: pymca-data_4.4.1p1-1_all.deb to main/p/pymca/pymca-data_4.4.1p1-1_all.deb pymca_4.4.1p1-1.debian.tar.gz to main/p/pymca/pymca_4.4.1p1-1.debian.tar.gz pymca_4.4.1p1-1.dsc to main/p/pymca/pymca_4.4.1p1-1.dsc pymca_4.4.1p1-1_amd64.deb to main/p/pymca/pymca_4.4.1p1-1_amd64.deb pymca_4.4.1p1.orig.tar.gz to main/p/pymca/pymca_4.4.1p1.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Teemu Ikonen tpiko...@gmail.com (supplier of updated pymca package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 30 Nov 2010 12:32:47 +0100 Source: pymca Binary: pymca pymca-data Architecture: source all amd64 Version: 4.4.1p1-1 Distribution: unstable Urgency: low Maintainer: Debian Science Maintainers debian-science-maintain...@lists.alioth.debian.org Changed-By: Teemu Ikonen tpiko...@gmail.com Description: pymca - Python applications and toolkit for X-ray fluorescence analysis pymca-data - Architecture independent data files for PyMca Closes: 605160 Changes: pymca (4.4.1p1-1) unstable; urgency=low . * New upstream version. - Fixes setting PYTHONPATH in scripts (closes: #605160). - Includes the specfile module locale fixes, so removing patch 03_specfile-locale. - Does not include .pyc files in the orig.tar, so removing code in 'debian/rules' for preserving them during the build. * Patch 03_postbatch: Remove starting blank line from pymcapostbatch script to allow correct distutils #! replacement. Checksums-Sha1: 028cac28d85d9900a44146613b68b33c2eb71c8a 1330 pymca_4.4.1p1-1.dsc c0d08e0e2904c1db1bb23ba828c977c1b8b8b295 9712721 pymca_4.4.1p1.orig.tar.gz fab18e81d0d5ca6fc9ca964fff0b4eb3f83e2755 16537 pymca_4.4.1p1-1.debian.tar.gz b075db75d67b9ab17db9d235a417e541f5d9e8ec 7965730 pymca-data_4.4.1p1-1_all.deb ccf156b2a2ccd5fac3caebb54611470fd73a3f03 1752448 pymca_4.4.1p1-1_amd64.deb Checksums-Sha256: 42814ab28157eff9a606578a1f4a4e56df08b7d54dab5e08e0dc7a5f01cf4e1c 1330 pymca_4.4.1p1-1.dsc 5cd1c739bc27f0b36776d8bb65f30745c670fa3a47e24b02a37f528d9c1659f8 9712721 pymca_4.4.1p1.orig.tar.gz c1200aab5a580661dbc11ceffd2e6137ae49fbde8ad614aec1ec1bf5cdfc53de 16537 pymca_4.4.1p1-1.debian.tar.gz 0efab8522fdf2574e8eb0f5f8f565058935c7101c507967656a633a6195918c2 7965730 pymca-data_4.4.1p1-1_all.deb
Bug#604233: sitebar: diff for NMU version 3.3.9-2.2
tags 604233 + pending thanks Dear maintainer, I've prepared an NMU for sitebar (versioned as 3.3.9-2.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. diff -u sitebar-3.3.9/debian/changelog sitebar-3.3.9/debian/changelog --- sitebar-3.3.9/debian/changelog +++ sitebar-3.3.9/debian/changelog @@ -1,3 +1,13 @@ +sitebar (3.3.9-2.2) unstable; urgency=low + + * Non-maintainer upload. + * debian/postinst: Use the mysql-server status interface and the policy +invoke-rc.d mechanism to launch the mysql server. Also check the existance +of /usr/bin/mysqld_safe instead of /usr/sbin/mysql (from the system server +package). Closes: #604233 + + -- Didier Raboud did...@raboud.com Tue, 30 Nov 2010 12:28:12 +0100 + sitebar (3.3.9-2.1) unstable; urgency=low * Non-maintainer upload. diff -u sitebar-3.3.9/debian/postinst sitebar-3.3.9/debian/postinst --- sitebar-3.3.9/debian/postinst +++ sitebar-3.3.9/debian/postinst @@ -28,14 +28,11 @@ } # check to see if mysql is running, start if not -if [ -f /usr/sbin/mysqld ] ; then -mysqld_get_param() { -mysqld --print-defaults | tr \n | grep -- --$1 | tail -n 1 | cut -d= -f2 -} -pidfile=`mysqld_get_param pid-file` -ps_alive=0 -if [ -f $pidfile ] ps `cat $pidfile` /dev/null 21; then ps_alive=1; fi -if [ $ps_alive = 0 ]; then mysqld_safe /dev/null 21 fi +if [ -f /usr/bin/mysqld_safe -a -f /etc/init.d/mysql ] ; then +/etc/init.d/mysql status /dev/null +if [ $? != 0 ]; then +invoke-rc.d mysql start +fi fi case $1 in @@ -75,11 +72,9 @@ # setup the db -if [ -f /usr/sbin/mysqld ] ; then -pidfile=`mysqld_get_param pid-file` -ps_alive=0 -if [ -f $pidfile ] ps `cat $pidfile` /dev/null 21; then ps_alive=1; fi -if [ $ps_alive = 1 ]; then +if [ -f /usr/bin/mysqld_safe -a -f /etc/init.d/mysql ] ; then +/etc/init.d/mysql status /dev/null +if [ $? = 0 ]; then db_get sitebar/db_initialized dbinitialized=$RET || true db_get sitebar/skipdb signature.asc Description: This is a digitally signed message part.
Processed: sitebar: diff for NMU version 3.3.9-2.2
Processing commands for cont...@bugs.debian.org: tags 604233 + pending Bug #604233 [sitebar] sitebar: start mysqld in postinst without using invoke-rc.d Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 604233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604233 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605466: [Pkg-acpi-devel] Bug#605466: acpi: Wrong Battery level reported
severity 605466 normal thanks Severity: grave Justification: causes non-serious data loss Please explain this! I cannot imagine why this bug could be grave. Battery 0: Unknown, 0% === Adapter 0: on-line Thermal 0: ok, 44.5 degrees C Thermal 0: trip point 0 switches to mode critical at temperature 107.0 degrees C Cooling 0: Processor 0 of 10 Cooling 1: Processor 0 of 10 Please send me your /sys/class/power_supply directory so I can try to debug the problem. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at googlemail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: [Pkg-acpi-devel] Bug#605466: acpi: Wrong Battery level reported
Processing commands for cont...@bugs.debian.org: severity 605466 normal Bug #605466 [acpi] acpi: Wrong Battery level reported Severity set to 'normal' from 'grave' thanks Stopping processing here. Please contact me if you need assistance. -- 605466: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605466 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: block 602732 with 591206
Processing commands for cont...@bugs.debian.org: block 602732 with 591206 Bug #602732 [wordpress] Uses the non-free media plugin of tinymce (bug #591206) Was not blocked by any bugs. Added blocking bug(s) of 602732: 591206 thanks Stopping processing here. Please contact me if you need assistance. -- 602732: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605096: marked as done (CVE-2010-4005)
Your message dated Tue, 30 Nov 2010 14:32:38 + with message-id e1pnrg2-0003qv...@franck.debian.org and subject line Bug#605096: fixed in tomboy 1.2.2-2 has caused the Debian Bug report #605096, regarding CVE-2010-4005 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605096: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605096 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: tomboy Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4005 for details and a patch. Please fix this for Squeeze with a targeted bugfix, not by packaging a full new upstream release. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages tomboy depends on: ii gconf22.28.1-6 GNOME configuration database syste ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib pn libgconf2.0-cil none (no description available) ii libglib2.0-0 2.24.2-1 The GLib library of C routines pn libglib2.0-cilnone (no description available) pn libgmime2.2-cil none (no description available) pn libgnome2.0-cil none (no description available) pn libgnomeprint2.2-0none (no description available) pn libgnomeprintui2.2-0 none (no description available) ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface pn libgtk2.0-cil none (no description available) ii libgtkspell0 2.0.16-1 a spell-checking addon for GTK's T pn libmono-addins-gui0.2-cil none (no description available) pn libmono-addins0.2-cil none (no description available) pn libmono-corlib2.0-cil none (no description available) pn libmono-system2.0-cil none (no description available) pn libmono2.0-cilnone (no description available) pn libndesk-dbus-glib1.0-cil none (no description available) pn libndesk-dbus1.0-cil none (no description available) pn libpanel-applet2-0none (no description available) ii libpango1.0-0 1.28.3-1 Layout and rendering of internatio ii libx11-6 2:1.3.3-4 X11 client-side library pn mono-runtime none (no description available) tomboy recommends no packages. Versions of packages tomboy suggests: pn evolution none (no description available) ---End Message--- ---BeginMessage--- Source: tomboy Source-Version: 1.2.2-2 We believe that the bug you reported is fixed in the latest version of tomboy, which is due to be installed in the Debian FTP archive: tomboy_1.2.2-2.diff.gz to main/t/tomboy/tomboy_1.2.2-2.diff.gz tomboy_1.2.2-2.dsc to main/t/tomboy/tomboy_1.2.2-2.dsc tomboy_1.2.2-2_amd64.deb to main/t/tomboy/tomboy_1.2.2-2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Iain Lane la...@ubuntu.com (supplier of updated tomboy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 29 Nov 2010 18:59:02 + Source: tomboy Binary: tomboy Architecture: source amd64 Version: 1.2.2-2 Distribution: unstable Urgency: high Maintainer: Debian CLI Applications Team pkg-cli-apps-t...@lists.alioth.debian.org Changed-By: Iain Lane la...@ubuntu.com Description: tomboy - desktop note taking program using Wiki style links Closes: 605096 Changes: tomboy (1.2.2-2) unstable; urgency=high . * [bc0695b] Fix insecure LD_LIBRARY_PATH. A vulnerability existed where if LD_LIBRARY_PATH were set but empty, a trailing : as a path separator would still be appended to the path, exposing an insecure/invalid search path. Using :+: instead of +: prevents this as ${X:+:$X} returns X iff X is set and not
Bug#605483: gnome-power-manager: sysfs battery status is not updated
Package: gnome-power-manager Version: 2.32.0-2 Severity: grave Justification: renders package unusable The status (energy, current, etc.) doesn't get updated, unless events are triggered (e.g. charger disconnection). As a consequence, gnome-power-manager shows an out-of date battery status information and wrong estimates for depletion (which could eventually lead to uncontrolled shutdown). Example, with charger on, applet shows 3,7% charge: testu...@castor:~$ cat /sys/class/power_supply/BAT0/energy_now 112 Immediately after, having unplugged the charger in order to trigger an event, sysfs gets updated and applet shows 44,9% charge: testu...@castor:~$ cat /sys/class/power_supply/BAT0/energy_now 1360 This behaviour is experienced also in Lenny, where the sysfs update can be triggered also by cat'ing /proc/acpi/battery/BAT0/state. In Squeeze there is no such file in procfs. In Etch everything was working fine. Possibly related information for a similar problem is here: https://bugs.archlinux.org/task/9572 -- Package-specific info: Distro version: squeeze/sid Kernel version: 2.6.32-5-686 g-p-m version:2.32.0 HAL version: System manufacturer: missing System version: missing System product: missing AC adapter present: no Battery present: no Laptop panel present: no CPU scaling present: no Battery Information: UPower data: Device: /org/freedesktop/UPower/devices/battery_BAT0 native-path: /sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:09/PNP0C09:00/ACPI0001:00/ACPI0002:00/power_supply/BAT0 vendor: Lezinn model:01ZA power supply: yes updated: Tue Nov 30 15:16:17 2010 (14 seconds ago) has history: yes has statistics: yes battery present: yes rechargeable:yes state: charging energy: 1.12 Wh energy-empty:0 Wh energy-full: 30.31 Wh energy-full-design: 65.12 Wh energy-rate: 2.606 W voltage: 16.086 V time to full:11.2 hours percentage: 3.69515% capacity:46.5448% technology: lithium-ion Device: /org/freedesktop/UPower/devices/line_power_sbs_charger native-path: /sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:09/PNP0C09:00/ACPI0001:00/ACPI0002:00/power_supply/sbs-charger power supply: yes updated: Tue Nov 30 15:08:41 2010 (470 seconds ago) has history: no has statistics: no line-power online: yes Daemon: daemon-version: 0.9.5 can-suspend: yes can-hibernateyes on-battery: no on-low-battery: no lid-is-closed: no lid-is-present: yes GNOME Power Manager Process Information: HAL Process Information: -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gnome-power-manager depends on: ii consolekit0.4.1-4framework for defining and trackin ii dbus-x11 1.2.24-3 simple interprocess messaging syst ii gconf22.28.1-6 GNOME configuration database syste ii libbonobo2-0 2.24.3-1 Bonobo CORBA interfaces library ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libcairo2 1.8.10-6 The Cairo 2D vector graphics libra ii libcanberra-gtk0 0.24-1 Gtk+ helper for playing widget eve ii libcanberra0 0.24-1 a simple abstract interface for pl ii libdbus-1-3 1.2.24-3 simple interprocess messaging syst ii libdbus-glib-1-2 0.88-2 simple interprocess messaging syst ii libgconf2-4 2.28.1-6 GNOME configuration database syste ii libglib2.0-0 2.24.2-1 The GLib library of C routines ii libgnome-keyring0 2.30.1-1 GNOME keyring services library ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface ii libnotify1 [libnotify1-gtk2.1 0.5.0-2sends desktop notifications to a n ii libpanel-applet2-02.30.2-2 library for GNOME Panel applets ii libpango1.0-0 1.28.3-1 Layout and rendering of internatio ii libunique-1.0-0 1.1.6-1.1 Library for writing single instanc ii libupower-glib1 0.9.5-5abstraction for power management - ii libx11-6 2:1.3.3-4 X11 client-side library ii libxext6 2:1.1.2-1 X11 miscellaneous extension librar ii libxrandr22:1.3.0-3 X11 RandR extension library ii notification-daemon 0.5.0-2daemon to
Bug#605484: libapache2-mod-fcgid: stack overwrite vulnerability
Package: libapache2-mod-fcgid Version: 1:2.2-1 Severity: grave Tags: security Justification: user security hole This was reported in CVE-2010-3872. Information at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872 https://issues.apache.org/bugzilla/show_bug.cgi?id=49406 Of particular note, the code in question appears at line 86 in the lenny version, and is: memcpy(header + hasread, buffer, putsize); Our versions in lenny and lenny-backports are both vulnerable. squeeze and sid are running new enough versions that they aren't. -- System Information: Debian Release: 5.0.7 APT prefers stable APT policy: (500, 'stable'), (99, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libapache2-mod-fcgid depends on: ii apache2.2-common 2.2.9-10+lenny8 Apache HTTP Server common files ii libc62.7-18lenny6GNU C Library: Shared libraries libapache2-mod-fcgid recommends no packages. libapache2-mod-fcgid suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605485: error messages are lost in gfxterm
Package: grub-pc Version: 1.98+20100804-4 Severity: serious Tags: fixed-upstream Justification: unsuitable for release under package maintainer's opinion If an error happens during load of a boot entry, and gfxterm (the default mode) is in use, error messages are not displayed. To make things worse, the Loading messages that grub.cfg prints while loading kernel and initrd images are also lost, which means that in slow (or emulated) machines, the boot process appears to hang. This bug is fixed upstream (and the fix is a trivial one-liner). -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages grub-pc depends on: ii debconf [debconf-2.0]1.5.35 Debian configuration management sy ii grub-common 1.98+20100804-4 GRand Unified Bootloader, version ii libc62.11.2-6Embedded GNU C Library: Shared lib ii libdevmapper1.02.1 2:1.02.48-3 The Linux Kernel Device Mapper use ii ucf 3.0025+nmu1 Update Configuration File: preserv grub-pc recommends no packages. Versions of packages grub-pc suggests: ii desktop-base 5.0.6 common files for the Debian Deskto -- Configuration Files: /etc/default/grub changed [not included] -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605484: CVE-2010-3872
Please note: stable and lenny-backports both appear to be vulnerable to this -- they contain the offending code. I have filed bug #605484 on this. - John -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: severity of 605483 is normal
Processing commands for cont...@bugs.debian.org: severity 605483 normal Bug #605483 [gnome-power-manager] gnome-power-manager: sysfs battery status is not updated Severity set to 'normal' from 'grave' thanks Stopping processing here. Please contact me if you need assistance. -- 605483: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605483 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559153: marked as done (Unable to purge mindi)
Your message dated Tue, 30 Nov 2010 14:47:06 + with message-id e1pnru2-0004rt...@franck.debian.org and subject line Bug#559153: fixed in mindi 1:2.0.4-1.1 has caused the Debian Bug report #559153, regarding Unable to purge mindi to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 559153: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559153 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: mindi Severity: minor When I try to purge mindi with aptitude I get this error: /var/lib/dpkg/info/mindi.postrm: line 12: cd: /usr/lib/mindi: No such file or directory Aparently mindi is trying to delete the files isolinux-H.cfg, isolinux.cfg, syslinux-H.cfg and syslinux.cfg that are in that directory, but the directory doesn't exisct. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.30-2-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages mindi depends on: ii binutils 2.20-4 The GNU assembler, linker and bina ii bzip2 1.0.5-3high-quality block-sorting file co pn dosfstoolsnone (no description available) ii file 5.03-3 Determines file type using magic ii gawk 1:3.1.6.dfsg-4 GNU awk, a pattern scanning and pr ii genisoimage 9:1.1.9-1 Creates ISO-9660 CD-ROM filesystem pn mindi-busybox none (no description available) ii module-init-tools 3.11-1 tools for managing Linux kernel mo ii nano 2.1.99pre1-1 small, friendly text editor inspir pn partednone (no description available) pn syslinux none (no description available) Versions of packages mindi recommends: ii cpio 2.10-1 GNU cpio -- a program to manage ar ii linux-image-2.6-486 2.6.30+21 Linux 2.6 image on x86 pn mdadm none (no description available) pn ntfsprogs none (no description available) Versions of packages mindi suggests: pn acl none (no description available) pn afionone (no description available) pn attrnone (no description available) ii eject 2.1.5+deb1+cvs20081104-7 ejects CDs and operates CD-Changer ii less436-1pager program similar to more pn lilonone (no description available) pn lzopnone (no description available) pn petris none (no description available) ---End Message--- ---BeginMessage--- Source: mindi Source-Version: 1:2.0.4-1.1 We believe that the bug you reported is fixed in the latest version of mindi, which is due to be installed in the Debian FTP archive: mindi_2.0.4-1.1.diff.gz to main/m/mindi/mindi_2.0.4-1.1.diff.gz mindi_2.0.4-1.1.dsc to main/m/mindi/mindi_2.0.4-1.1.dsc mindi_2.0.4-1.1_amd64.deb to main/m/mindi/mindi_2.0.4-1.1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 559...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Didier Raboud did...@raboud.com (supplier of updated mindi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 28 Nov 2010 14:31:17 +0100 Source: mindi Binary: mindi Architecture: source amd64 Version: 1:2.0.4-1.1 Distribution: unstable Urgency: low Maintainer: Andree Leidenfrost and...@debian.org Changed-By: Didier Raboud did...@raboud.com Description: mindi - creates boot/root disks based on your system Closes: 559153 Changes: mindi (1:2.0.4-1.1) unstable; urgency=low . * Non-maintainer upload. * Enhance the postrm maintainer script to only remove the files in /usr/lib/mindi/ on purge. (Closes: #559153) Checksums-Sha1: 26800f6d3a98d79208b7e40763d3d672b95477d8 1663 mindi_2.0.4-1.1.dsc a34569ef76e64c504f36cf70a119fc7f20d8d910 17506
Bug#593607: pcmanfm wrongly deleted some files in a failed move operation
Hi maitainers! * Renaud Lacour ren...@home-dn.net [100819 17:57]: During a move operation, the hard drive of the destination filesystem encountered a power failure. Although not all relevant files were copied, pcmanfm deleted all of them! Could you please update the status of this bug? As you surely know it is release critical and we are in a freeze... I'm also a bit confussed, as upstream claiming on 2010-08-27 this bug would have been fixed, while the upload of a new upstream release 0.9.8-1 two month later didn't say anything about this bug... Best Regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591115: Bug forwarded
Hi! * Federico Gimenez Nieto fgime...@coit.es [101011 08:07]: did you manage to make any progress on this? I haven't received any response from upstream. After this problem raised a new version of doctrine came out, this time without the test suite. Since the cause of the FTBFS is a failing test (the package didn't build if any test didn't pass), i've packaged this new version and at first glance the bug would be solved (the package is uploaded to mentors [1]). This doesn't solve the root cause of the test failure, of course. [..] So perhaps the problem was with the unit test itself, or with the features being tested. I'm not sure if it is a good idea to upload the new version with the fixed FTBFS or to prepare an architecture specific version, what do you think? Has there been any progress with this bug? I see the new package is still on mentors, but I don't think the release managers will accept a new upstream release at this stage of the freeze, therefore I'm currently not considering sponsoring your package. However, if I understood it correctly, upstream removed the failed test causing this FTBFS? So my understanding would be, that a legitimate fix would be to disbale this test (without uploading a NEW upstream version). If you could prepere that, I'm willing to sponsor the upload; if you got the OK from the release team for the new upstream version, I'm also willing to upload the version on mentors. Best Regards, Alexander signature.asc Description: Digital signature
Bug#599303: #599303: ktoon: Fixed with kdebase-workspace 4:4.4.5-5
Version: 0.8.1-4.1 Hi, I just checked and I could run ktoon without problems with kdebase-workspace 4:4.4.5-5 (where it crashes with -4); hence marking this bug as closed. Please re-open if needed. Cheers, OdyX -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part.
Bug#599303: marked as done (ktoon: KToon crashes with Signal 11)
Your message dated Tue, 30 Nov 2010 16:12:16 +0100 with message-id 201011301612.17687.did...@raboud.com and subject line #599303: ktoon: Fixed with kdebase-workspace 4:4.4.5-5 has caused the Debian Bug report #599303, regarding ktoon: KToon crashes with Signal 11 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 599303: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599303 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Subject: ktoon: KToon crashes with Signal 11 Package: ktoon Version: 0.8.1-4.1+b1 Justification: renders package unusable Severity: grave *** Please type your report below this line *** KToon in Sid and in Squeeze (Testing) are unable to open. I get a blank window that opens in KDE but there is nothing in it; from the CLI my output is: jtho...@jthomas:09:05:~$ ktoon [Initializing DApplication] [Initializing DConfig] [Initializing DConfigDocument] *Init configuration file : /home/jthomas/.ktoon/ktoon.cfg ktoon(4166)/ KSycocaPrivate::openDatabase: Trying to open ksycoca from /var/tmp/kdecache-jthomas/ksycoca4 ktoon(4166)/ KSharedDataCache::Private::mapSharedMemory: Opening cache /var/tmp/kdecache-jthomas/icon-cache.kcache page size is 4096 ktoon(4166)/ KSharedDataCache::Private::mapSharedMemory: Attached to cache, determining if it must be initialized ktoon(4166)/ KSharedDataCache::Private::mapSharedMemory: Cache fully initialized -- attached to memory mapping ktoon(4166)/ KSharedDataCache::Private::mapSharedMemory: 4403200 bytes available out of 10485760 ktoon is crashing with signal 11 :( ^C # #jtho...@jthomas:09:05:~$ Thanks for Debian and the great packaging of KDE! -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages ktoon depends on: ii libaspell15 0.60.6-4 GNU Aspell spell-checker runtime l ii libavcodec524:0.5.2-6ffmpeg codec library ii libavformat52 4:0.5.2-6ffmpeg file format library ii libavutil49 4:0.5.2-6ffmpeg utility library ii libc6 2.11.2-6 Embedded GNU C Library: Shared lib ii libgcc1 1:4.4.5-2GCC support library ii libgl1-mesa-glx [libgl1 7.7.1-4 A free implementation of the OpenG ii libqt4-opengl 4:4.6.3-2Qt 4 OpenGL module ii libqt4-xml 4:4.6.3-2Qt 4 XML module ii libqtcore4 4:4.6.3-2Qt 4 core module ii libqtgui4 4:4.6.3-2Qt 4 GUI module ii libstdc++6 4.4.5-2 The GNU Standard C++ Library v3 ii libswscale0 4:0.5.2-6ffmpeg video scaling library ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime ktoon recommends no packages. ktoon suggests no packages. -- no debconf information signature.asc Description: This is a digitally signed message part. ---End Message--- ---BeginMessage--- Version: 0.8.1-4.1 Hi, I just checked and I could run ktoon without problems with kdebase-workspace 4:4.4.5-5 (where it crashes with -4); hence marking this bug as closed. Please re-open if needed. Cheers, OdyX -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part. ---End Message---
Bug#602399: gxine: Fails to start: Aborted
Hi maintainers! * John Lindgren john.lindg...@tds.net [101104 16:14]: This looks like bug 597289, which I've just closed. To confirm this, install libxine1-gnome; if it is the same problem, this will 'fix' it Installing libxine1-gnome allows gxine to start. [..] reassign 602399 libxine1-misc-plugins 1.1.19-2 Uhm... Could someone please give an status update on this bug? It's a bit confusing for the outsider, as it seems that the bug has already been solved. Best Regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591206: License updated (flvplayer)
Le Tuesday 23 November 2010 13:15:50 Frank Habermann, vous avez écrit : I have contacted moxiecode. The answer for the flv_player.swf is: It was never implemented. We are working on implementing it now though. So i think both files can be removed. regards, Frank Hi Frank, I prepared an NMU for this bug (a simple repack without the two files), and I'm just waiting on one of my usual sponsors to pick it up. http://alioth.debian.org/~odyx-guest/debian/unstable/tinymce_3.3.8+dfsg0-0.1.dsc ^ What do you think ? Can we proceed (to DELAYED/2 e.g.) ? Cheers, OdyX -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part.
Bug#599303: #599303: ktoon: Fixed with kdebase-workspace 4:4.4.5-5
I just checked and I could run ktoon without problems with kdebase-workspace 4:4.4.5-5 (where it crashes with -4); hence marking this bug as closed. Running KDE 4.5.3 and KToon 0.8.1-4.1+b1 on Sid and I am still getting the crash; I've never successfully started KToon. Additionally, there is still not a dbg package. I don't think this should be closed... #jtho...@jthomas:09:23:~$ rm -rf /home/jthomas/.ktoon/ # #jtho...@jthomas:09:23:~$ ktoon [Initializing DApplication] [Initializing DConfig] /home/jthomas/.ktoon not exists... creating... [Initializing DConfigDocument] *Init configuration file : /home/jthomas/.ktoon/ktoon.cfg ktoon is crashing with signal 11 :( ^C # #jtho...@jthomas:09:23:~$ ktoon -r [Initializing DApplication] [Initializing DConfig] [Initializing DConfigDocument] *Init configuration file : /home/jthomas/.ktoon/ktoon.cfg ktoon is crashing with signal 11 :( ^C # #jtho...@jthomas:09:23:~$ cat /home/jthomas/.ktoon/ktoon.cfg cat: /home/jthomas/.ktoon/ktoon.cfg: No such file or directory # #jtho...@jthomas:09:23:~$ signature.asc Description: This is a digitally signed message part.
Bug#600659: marked as done (python3.2: FTBFS: test_asynchat not terminating within 150 mins)
Your message dated Tue, 30 Nov 2010 16:51:06 +0100 with message-id 4cf51d6a.3030...@debian.org and subject line Re: Bug#600659: python3.2: FTBFS: test_asynchat not terminating within 150 mins has caused the Debian Bug report #600659, regarding python3.2: FTBFS: test_asynchat not terminating within 150 mins to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 600659: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600659 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Source: python3.2 Version: 3.2~a3-2 Severity: serious Buildlog at the usual places. Fails on both i386 and ppc in the same way. https://buildd.debian.org/fetch.cgi?pkg=python3.2arch=powerpcver=3.2~a3-2stamp=1287439577file=logas=raw https://buildd.debian.org/fetch.cgi?pkg=python3.2arch=i386ver=3.2~a3-2stamp=1287438725file=logas=raw sbuild (Debian sbuild) 0.60.0 (23 Feb 2010) on biber.debian.org ╔══╗ ║ python3.2 3.2~a3-2 (i386) 18 Oct 2010 19:09 ║ ╚══╝ [...] DEB_BUILD_GNU_TYPE=i486-linux-gnu DEB_HOST_ARCH_CPU=i386 FFLAGS=-g -O2 BEGIN test static time \ LOCPATH=/build/buildd-python3.2_3.2~a3-2-i386-2kpriJ/python3.2-3.2~a3/locales \ /usr/bin/make -C /build/buildd-python3.2_3.2~a3-2-i386-2kpriJ/python3.2-3.2~a3/build-static test \ TESTOPTS=-j 4 -w -uall,-network,-urlfetch -x test_codecmaps_cn test_codecmaps_hk test_codecmaps_jp test_codecmaps_kr test_codecmaps_tw test_cprofile test_linuxaudiodev test_normalization test_ossaudiodev test_profile test_pstats test_tcl 21 \ | tee /build/buildd-python3.2_3.2~a3-2-i386-2kpriJ/python3.2-3.2~a3/build-static/test_results make[1]: Entering directory `/build/buildd-python3.2_3.2~a3-2-i386-2kpriJ/python3.2-3.2~a3/build-static' gcc -pthread -c -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -g -O2 -g -O2 -I. -IInclude -I../Include-DPy_BUILD_CORE -o Python/ast.o ../Python/ast.c gcc -pthread -c -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -g -O2 -g -O2 -I. -IInclude -I../Include-DPy_BUILD_CORE -o Python/compile.o ../Python/compile.c gcc -pthread -c -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -g -O2 -g -O2 -I. -IInclude -I../Include-DPy_BUILD_CORE -o Python/graminit.o ../Python/graminit.c gcc -pthread -c -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -g -O2 -g -O2 -I. -IInclude -I../Include-DPy_BUILD_CORE -o Python/symtable.o ../Python/symtable.c gcc -pthread -c -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -g -O2 -g -O2 -I. -IInclude -I../Include-DPy_BUILD_CORE -DSVNVERSION=\`LC_ALL=C echo Unversioned directory`\ -o Modules/getbuildinfo.o ../Modules/getbuildinfo.c rm -f libpython3.2mu.a ar rc libpython3.2mu.a Modules/getbuildinfo.o ar rc libpython3.2mu.a Parser/acceler.o Parser/grammar1.o Parser/listnode.o Parser/node.o Parser/parser.o Parser/parsetok.o Parser/bitset.o Parser/metagrammar.o Parser/firstsets.o Parser/grammar.o Parser/pgen.o Parser/myreadline.o Parser/tokenizer.o ar rc libpython3.2mu.a Objects/abstract.o Objects/boolobject.o Objects/bytes_methods.o Objects/bytearrayobject.o Objects/bytesobject.o Objects/cellobject.o Objects/classobject.o Objects/codeobject.o Objects/complexobject.o Objects/descrobject.o Objects/enumobject.o Objects/exceptions.o Objects/genobject.o Objects/fileobject.o Objects/floatobject.o Objects/frameobject.o Objects/funcobject.o Objects/iterobject.o Objects/listobject.o Objects/longobject.o Objects/dictobject.o Objects/memoryobject.o Objects/methodobject.o Objects/moduleobject.o Objects/object.o Objects/obmalloc.o Objects/capsule.o Objects/rangeobject.o Objects/setobject.o Objects/sliceobject.o Objects/structseq.o Objects/tupleobject.o Objects/typeobject.o Objects/unicodeobject.o Objects/unicodectype.o Objects/weakrefobject.o ar rc libpython3.2mu.a Python/_warnings.o Python/Python-ast.o Python/asdl.o Python/ast.o Python/bltinmodule.o Python/ceval.o Python/compile.o Python/codecs.o Python/dynamic_annotations.o Python/errors.o Python/frozen.o Python/frozenmain.o Python/future.o Python/getargs.o Python/getcompiler.o Python/getcopyright.o Python/getplatform.o Python/getversion.o Python/graminit.o Python/import.o Python/importdl.o Python/marshal.o Python/modsupport.o Python/mystrtoul.o Python/mysnprintf.o Python/peephole.o Python/pyarena.o
Bug#605491: pyrenamer: does not depend on python-gconf but doesn't run without it
Package: pyrenamer Version: 0.6.0-1 Severity: grave PyRenamer doesn't start with the error message: /usr/lib/pymodules/python2.6/pyrenamer/pyrenamer.py:120: GtkWarning: GtkSpinButton: setting an adjustment with non-zero page size is deprecated self.glade_tree = gtk.glade.XML(pyrenamerglob.gladefile, main_window) Traceback (most recent call last): File /usr/bin/pyrenamer, line 89, in module main() File /usr/bin/pyrenamer, line 84, in main py = pyrenamer.pyRenamer(rootdir, startdir) File /usr/lib/pymodules/python2.6/pyrenamer/pyrenamer.py, line 223, in __init__ on_add_recursive_toggled: self.prefs.on_add_recursive_toggled, AttributeError: pyRenamer instance has no attribute 'prefs' I consider this grave, as it really doesn't start at all. Installing python-gconf fixes the problem. -- System Information: Debian Release: squeeze APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages pyrenamer depends on: ii gconf2 2.28.1-6 ii python 2.6.6-3+squeeze1 ii python-glade2 2.17.0-4 ii python-gtk2 2.17.0-4 ii python-hachoir-metadata 1.3.2-1 ii python-support 1.0.10 Versions of packages pyrenamer recommends: pn python-gnome2 none (no description available) pyrenamer suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: gosa: diff for NMU version 2.6.11-2.1
Processing commands for cont...@bugs.debian.org: tags 603426 + patch Bug #603426 [gosa-desktop] gosa-desktop: prompting due to modified conffiles which where not modified by the user Added tag(s) patch. tags 603426 + pending Bug #603426 [gosa-desktop] gosa-desktop: prompting due to modified conffiles which where not modified by the user Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 603426: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603426 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603426: gosa: diff for NMU version 2.6.11-2.1
tags 603426 + patch tags 603426 + pending thanks Dear maintainer, I've prepared an NMU for gosa (versioned as 2.6.11-2.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. diff -Nru gosa-2.6.11/debian/changelog gosa-2.6.11/debian/changelog --- gosa-2.6.11/debian/changelog 2010-10-18 11:30:36.0 +0200 +++ gosa-2.6.11/debian/changelog 2010-11-30 16:50:19.0 +0100 @@ -1,3 +1,12 @@ +gosa (2.6.11-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Don't install gosa-core/contrib/desktoprc to /etc/gosa/desktoprc of +gosa-desktop package, as it is rewritten during configuration anyway +(Closes: #603426) + + -- Alexander Reichle-Schmehl toli...@debian.org Tue, 30 Nov 2010 16:49:17 +0100 + gosa (2.6.11-2) unstable; urgency=low * Corrected wrong dirs on gosa-plugin-mail diff -Nru gosa-2.6.11/debian/gosa-desktop.install gosa-2.6.11/debian/gosa-desktop.install --- gosa-2.6.11/debian/gosa-desktop.install 2010-08-06 17:35:14.0 +0200 +++ gosa-2.6.11/debian/gosa-desktop.install 2010-11-30 16:49:04.0 +0100 @@ -1,4 +1,3 @@ -gosa-core/contrib/desktoprc /etc/gosa gosa-core/contrib/gosa /usr/bin debian/gosa.xpm /usr/share/pixmaps debian/gosa-16.xpm /usr/share/pixmaps
Bug#605159: gnumed-client: Use of PYTHONPATH env var in an insecure way
Hi, thanks to the support of upstream there is a new release which fixes the issue. However, the issue does not even really exist in *effective* upstream code - it is just contained in a *comment* which is simlpy activated in a patch in the Debian packaging. So I wonder what might be the best strategy to handle this. 1. Use upstream bugfix version which provides the proper PYTHONPATH setting in the comment which will be activated later plus a 7 line patch in some unrelated code which is unlikely to break something else. 2. Simply patch 0.7.9 to fix only the reported issue but leave a nasty bug in upstream. All other changes in the code are autogenerated documentation changes and thus excluded via --exclude=*user-manual* --exclude=*api* from the diff (also --exclude=Gnumed was used to hide duplication of diffs because directory Gnumed is a symlinc to client). My prefered solution is to upload 0.7.10 to testing-proposed-updates (because there is just a version 0.8.4 in unstable). Kind regards Andreas. -- http://fam-tille.de diff -burN '--exclude=*user-manual*' '--exclude=*api*' '--exclude=Gnumed' gnumed-client.0.7.9/client/CHANGELOG gnumed-client.0.7.10/client/CHANGELOG --- gnumed-client.0.7.9/client/CHANGELOG 2010-09-09 12:29:36.0 +0200 +++ gnumed-client.0.7.10/client/CHANGELOG 2010-11-29 13:59:42.0 +0100 @@ -30,6 +30,11 @@ # rel-0-7-patches + 0.7.10 + +FIX: exception on trying to create hospital stay w/o episode [thanks devm] +FIX: properly set PYTHONPATH [thanks JB and Debian Squeeze (#605159)] + 0.7.9 FIX: when creating allergy from substance intake entry second try would overwrite first try if same drug brand diff -burN '--exclude=*user-manual*' '--exclude=*api*' '--exclude=Gnumed' gnumed-client.0.7.9/client/gnumed gnumed-client.0.7.10/client/gnumed --- gnumed-client.0.7.9/client/gnumed 2010-09-09 12:29:36.0 +0200 +++ gnumed-client.0.7.10/client/gnumed 2010-11-29 13:59:42.0 +0100 @@ -38,7 +38,7 @@ # packages which install the GNUmed python modules into a path not # already accessible for imports via sys.path (say, /usr/share/gnumed/) # may need to adjust PYTHONPATH appropriately here -#export PYTHONPATH=${PYTHONPATH}:/usr/share/gnumed/ +#export PYTHONPATH=${PYTHONPATH:+$PYTHONPATH:}/usr/share/gnumed/ # now run the client diff -burN '--exclude=*user-manual*' '--exclude=*api*' '--exclude=Gnumed' gnumed-client.0.7.9/client/gnumed.py gnumed-client.0.7.10/client/gnumed.py --- gnumed-client.0.7.9/client/gnumed.py 2010-09-09 12:29:36.0 +0200 +++ gnumed-client.0.7.10/client/gnumed.py 2010-11-29 13:59:42.0 +0100 @@ -79,7 +79,7 @@ sys.exit(1) #-- -current_client_version = u'0.7.9' +current_client_version = u'0.7.10' current_client_branch = u'0.7' _log = None diff -burN '--exclude=*user-manual*' '--exclude=*api*' '--exclude=Gnumed' gnumed-client.0.7.9/client/wxpython/gmEMRStructWidgets.py gnumed-client.0.7.10/client/wxpython/gmEMRStructWidgets.py --- gnumed-client.0.7.9/client/wxpython/gmEMRStructWidgets.py 2010-09-09 12:29:37.0 +0200 +++ gnumed-client.0.7.10/client/wxpython/gmEMRStructWidgets.py 2010-11-29 13:59:43.0 +0100 @@ -429,6 +429,14 @@ ) return False + if self._PRW_episode.GetValue().strip() == u'': + self._PRW_episode.display_as_valid(False) + wxps.Publisher().sendMessage ( +topic = 'statustext', +data = {'msg': _('Must select an episode or enter a name for a new one. Cannot save hospital stay.'), 'beep': True} + ) + return False + return True # def _save_as_new(self):
Bug#603426: gosa: diff for NMU version 2.6.11-2.1
Le Tuesday 30 November 2010 17:05:03 Alexander Reichle-Schmehl, vous avez écrit : tags 603426 + patch tags 603426 + pending thanks Dear maintainer, Hello, I've prepared an NMU for gosa (versioned as 2.6.11-2.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Could you put it to DELAYED/7. a new upload as -3 is planned with some fixes Cheers -- Benoit Mortier CEO OpenSides logiciels libres pour entreprises : http://www.opensides.eu/ Promouvoir et défendre le Logiciel Libre http://www.april.org/ Contributor to Gosa Project : http://gosa-project.org/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#599303: #599303: ktoon: Fixed with kdebase-workspace 4:4.4.5-5
On Tue, 30 Nov 2010 09:24:27 -0600, Jeffrey G Thomas wrote: I just checked and I could run ktoon without problems with kdebase-workspace 4:4.4.5-5 (where it crashes with -4); hence marking this bug as closed. Running KDE 4.5.3 and KToon 0.8.1-4.1+b1 on Sid and I am still getting the crash; Which version of kdebase-workspace have you installed? $ dpkg -l kdebase-workspace If it's not 4:4.4.5-5 please upgrade and try again. Cheers, gregor -- .''`. http://info.comodo.priv.at/ -- GPG key IDs: 0x8649AA06, 0x00F3CFE4 : :' : Debian GNU/Linux user, admin, developer - http://www.debian.org/ `. `' Member of VIBE!AT SPI, fellow of Free Software Foundation Europe `-NP: U2: Indian Summer Sky signature.asc Description: Digital signature
Bug#603426: gosa: diff for NMU version 2.6.11-2.1
Hi! Am 30.11.2010 17:20, schrieb Benoit Mortier: I've prepared an NMU for gosa (versioned as 2.6.11-2.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Could you put it to DELAYED/7. a new upload as -3 is planned with some fixes Of course... done. Best regards, Alexander -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605159: gnumed-client: Use of PYTHONPATH env var in an insecure way
On Tue, Nov 30, 2010 at 05:25:00PM +0100, Andreas (Debian) wrote: thanks to the support of upstream there is a new release which fixes the issue. However, the issue does not even really exist in *effective* upstream code - it is just contained in a *comment* which is simlpy activated in a patch in the Debian packaging. So I wonder what might be the best strategy to handle this. 1. Use upstream bugfix version which provides the proper PYTHONPATH setting in the comment which will be activated later plus a 7 line patch in some unrelated code which is unlikely to break something else. Just for the record: those 7 lines fix another bug which resulted in a crash (Python exception) when doctors tried to document hospital admissions of their patients. This bug fix has long been in production outside of Debian (and inside the version 0.8.4 from Debian/Unstable) so there's no known technical risk associated with it: +FIX: exception on trying to create hospital stay w/o episode [thanks devm] ... + if self._PRW_episode.GetValue().strip() == u'': + self._PRW_episode.display_as_valid(False) + wxps.Publisher().sendMessage ( + topic = 'statustext', + data = {'msg': _('Must select an episode or enter a name for a new one. Cannot save hospital stay.'), 'beep': True} + ) + return False Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591206: tinymce: diff for NMU version 3.3.8+dfsg0-0.1
tags 591206 + patch tags 591206 + pending thanks Dear maintainer, I've prepared an NMU for tinymce (versioned as 3.3.8+dfsg0-0.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. diff -Nru tinymce-3.3.8/debian/changelog tinymce-3.3.8+dfsg0/debian/changelog --- tinymce-3.3.8/debian/changelog 2010-11-30 17:42:52.0 +0100 +++ tinymce-3.3.8+dfsg0/debian/changelog2010-11-30 17:42:53.0 +0100 @@ -1,3 +1,10 @@ +tinymce (3.3.8+dfsg0-0.1) unstable; urgency=low + + * Non-maintainer upload. + * Repack upstream tarball to remove the *.swf files (Closes: #591206). + + -- Didier Raboud did...@raboud.com Tue, 30 Nov 2010 15:17:50 +0100 + tinymce (3.3.8-1) unstable; urgency=low * new upstream release Binary files /tmp/wzfSIEAPXp/tinymce-3.3.8/examples/media/sample.swf and /tmp/WsGA8yiLNa/tinymce-3.3.8+dfsg0/examples/media/sample.swf differ Binary files /tmp/wzfSIEAPXp/tinymce-3.3.8/jscripts/tiny_mce/plugins/media/img/flv_player.swf and /tmp/WsGA8yiLNa/tinymce-3.3.8+dfsg0/jscripts/tiny_mce/plugins/media/img/flv_player.swf differ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#599303: #599303: ktoon: Fixed with kdebase-workspace 4:4.4.5-5
Which version of kdebase-workspace have you installed? $ dpkg -l kdebase-workspace Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ NameVersion Description +++-===-===- ii kdebase-workspace 4:4.5.1-0r2 KDE Plasma Workspace components If it's not 4:4.4.5-5 please upgrade and try again. It's newer than 4:4.4.5-5, from the Experimental branch for KDE: deb http://qt-kde.debian.net/debian experimental-snapshots main deb-src http://qt-kde.debian.net/debian experimental-snapshots main Thanks again, Jeffrey signature.asc Description: This is a digitally signed message part.
Processed: tinymce: diff for NMU version 3.3.8+dfsg0-0.1
Processing commands for cont...@bugs.debian.org: tags 591206 + patch Bug #591206 [src:tinymce] tinymce: contains Flash files without source code, notably non-free flv_player.swf Added tag(s) patch. tags 591206 + pending Bug #591206 [src:tinymce] tinymce: contains Flash files without source code, notably non-free flv_player.swf Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 591206: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591206 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605485: marked as done (error messages are lost in gfxterm)
Your message dated Tue, 30 Nov 2010 16:48:12 + with message-id e1pntne-0002ps...@franck.debian.org and subject line Bug#605485: fixed in grub2 1.98+20100804-9 has caused the Debian Bug report #605485, regarding error messages are lost in gfxterm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605485: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605485 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: grub-pc Version: 1.98+20100804-4 Severity: serious Tags: fixed-upstream Justification: unsuitable for release under package maintainer's opinion If an error happens during load of a boot entry, and gfxterm (the default mode) is in use, error messages are not displayed. To make things worse, the Loading messages that grub.cfg prints while loading kernel and initrd images are also lost, which means that in slow (or emulated) machines, the boot process appears to hang. This bug is fixed upstream (and the fix is a trivial one-liner). -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages grub-pc depends on: ii debconf [debconf-2.0]1.5.35 Debian configuration management sy ii grub-common 1.98+20100804-4 GRand Unified Bootloader, version ii libc62.11.2-6Embedded GNU C Library: Shared lib ii libdevmapper1.02.1 2:1.02.48-3 The Linux Kernel Device Mapper use ii ucf 3.0025+nmu1 Update Configuration File: preserv grub-pc recommends no packages. Versions of packages grub-pc suggests: ii desktop-base 5.0.6 common files for the Debian Deskto -- Configuration Files: /etc/default/grub changed [not included] -- debconf information excluded ---End Message--- ---BeginMessage--- Source: grub2 Source-Version: 1.98+20100804-9 We believe that the bug you reported is fixed in the latest version of grub2, which is due to be installed in the Debian FTP archive: grub-common_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-common_1.98+20100804-9_kfreebsd-amd64.deb grub-coreboot_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-coreboot_1.98+20100804-9_kfreebsd-amd64.deb grub-efi-amd64_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-efi-amd64_1.98+20100804-9_kfreebsd-amd64.deb grub-efi-ia32_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-efi-ia32_1.98+20100804-9_kfreebsd-amd64.deb grub-efi_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-efi_1.98+20100804-9_kfreebsd-amd64.deb grub-emu_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-emu_1.98+20100804-9_kfreebsd-amd64.deb grub-firmware-qemu_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-firmware-qemu_1.98+20100804-9_kfreebsd-amd64.deb grub-ieee1275_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-ieee1275_1.98+20100804-9_kfreebsd-amd64.deb grub-linuxbios_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-linuxbios_1.98+20100804-9_kfreebsd-amd64.deb grub-pc_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-pc_1.98+20100804-9_kfreebsd-amd64.deb grub-rescue-pc_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub-rescue-pc_1.98+20100804-9_kfreebsd-amd64.deb grub2_1.98+20100804-9.diff.gz to main/g/grub2/grub2_1.98+20100804-9.diff.gz grub2_1.98+20100804-9.dsc to main/g/grub2/grub2_1.98+20100804-9.dsc grub2_1.98+20100804-9_kfreebsd-amd64.deb to main/g/grub2/grub2_1.98+20100804-9_kfreebsd-amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Robert Millan r...@debian.org (supplier of updated grub2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 30 Nov 2010 15:44:02 +0100 Source: grub2 Binary: grub2 grub-linuxbios grub-efi grub-common grub-emu grub-pc grub-rescue-pc grub-coreboot grub-efi-ia32 grub-efi-amd64 grub-ieee1275 grub-firmware-qemu grub-yeeloong Architecture: source kfreebsd-amd64 Version:
Bug#599303: #599303: ktoon: Fixed with kdebase-workspace 4:4.4.5-5
Le Tuesday 30 November 2010 16:24:27 Jeffrey G Thomas, vous avez écrit : I just checked and I could run ktoon without problems with kdebase-workspace 4:4.4.5-5 (where it crashes with -4); hence marking this bug as closed. Running KDE 4.5.3 (…) There is no KDE 4.5.3 in the Debian archive now; you are probably using the packages from http://qt-kde.debian.net/ which are not supported in Debian. (In your case, the kdebase-workspace 4:4.5.1-0r2 which sits there has not been rebuilt with the patch uploaded in 4:4.4.5-5 to fix this bug.) and KToon 0.8.1-4.1+b1 on Sid and I am still getting the crash; I've never successfully started KToon. Additionally, there is still not a dbg package. I don't think this should be closed... It should: the fix is in Sid and will migrate to Squeeze. Non-official packages are, well, non-official. The -dbg package is another issue, which you might want to file separately. Cheers, OdyX, Qt-KDE team member -- Didier Raboud, proud Debian Maintainer (DM). CH-1020 Renens did...@raboud.com signature.asc Description: This is a digitally signed message part.
Bug#601161: marked as done (synce-serial/kfreebsd-* unsatisfiable Depends: ppp (= 2.4.2+20040202))
Your message dated Tue, 30 Nov 2010 17:05:05 + with message-id e1pntdz-0004hg...@franck.debian.org and subject line Bug#601161: fixed in synce-serial 0.11-5.2 has caused the Debian Bug report #601161, regarding synce-serial/kfreebsd-* unsatisfiable Depends: ppp (= 2.4.2+20040202) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 601161: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601161 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: synce-serial Version: 0.11-5 Severity: serious Hi, As per subject: $ grep-excuses synce-serial | grep kfreebsd synce-serial/kfreebsd-amd64 unsatisfiable Depends: ppp (= 2.4.2+20040202) synce-serial/kfreebsd-i386 unsatisfiable Depends: ppp (= 2.4.2+20040202) Regards, -- Mehdi Dogguy -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (x86_64) Kernel: Linux 2.6.33-2-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash ---End Message--- ---BeginMessage--- Source: synce-serial Source-Version: 0.11-5.2 We believe that the bug you reported is fixed in the latest version of synce-serial, which is due to be installed in the Debian FTP archive: synce-serial_0.11-5.2.debian.tar.gz to main/s/synce-serial/synce-serial_0.11-5.2.debian.tar.gz synce-serial_0.11-5.2.dsc to main/s/synce-serial/synce-serial_0.11-5.2.dsc synce-serial_0.11-5.2_amd64.deb to main/s/synce-serial/synce-serial_0.11-5.2_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 601...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luca Capello l...@pca.it (supplier of updated synce-serial package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 28 Nov 2010 17:22:22 +0100 Source: synce-serial Binary: synce-serial Architecture: source amd64 Version: 0.11-5.2 Distribution: unstable Urgency: low Maintainer: Jonny Lamb jo...@debian.org Changed-By: Luca Capello l...@pca.it Description: synce-serial - SynCE connection manipulation scripts Closes: 601161 Changes: synce-serial (0.11-5.2) unstable; urgency=low . * Non-maintainer upload. * debian/control: + build it only on those architectures that have the dependent ppp binary package (Closes: #601161). Checksums-Sha1: 8d0bf17a4f24d05f1bfe256d36169e7f215c1e97 1946 synce-serial_0.11-5.2.dsc 24bc31103948d8ca6019b26ffc2de7e1cc25a106 18183 synce-serial_0.11-5.2.debian.tar.gz 63a56c23714aa8c14d5e07007cb43196f91ae901 25320 synce-serial_0.11-5.2_amd64.deb Checksums-Sha256: 23a38efb38167f7fde21a43592fbb027b97c9ae852d64bda3dd6835596c0fc88 1946 synce-serial_0.11-5.2.dsc 333e81bd244db15c68e260bd6ea91fbf80fefd2be782d2b77947948c91f2fd88 18183 synce-serial_0.11-5.2.debian.tar.gz 81ad5616a78a2f1c2348130c44e3a98a12db673ddafb62d217950b1862c64b5c 25320 synce-serial_0.11-5.2_amd64.deb Files: 1b942f53028353ef2bbe43d3c764575c 1946 utils optional synce-serial_0.11-5.2.dsc a44a854d1e015e354260340a56d4d8a7 18183 utils optional synce-serial_0.11-5.2.debian.tar.gz b972c358fef71bd00613d860905d7234 25320 utils optional synce-serial_0.11-5.2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCgAGBQJM8oJgAAoJENkdV6A76fNtaNMQAKHtrS1QD3w99lDE/Bj3Ypsv xRE8bgPUpHMehrVkGSN+rUHxsznIy//ERyo5DNooqnbxfIF/3pQAycJS/higVUgf 6CLyc6klkpelnADpUXPmGzMKuWu7luFyA5QwediAQgbblhDxetOra7GCgtEmAs5K CF5a4Om+NNWENLhjW4YAWOZxfLSvbl42ixMOGUj+s+jIs5Vf5GRb+ft/JlDk8vnV jOdpyAsKGXzMJoTejh31O/iUyAoEIpXt1dywBzAgNNkKLD+sCc04/j6LvEmZRlET x9dR5V/KbXhAIJcgr9PRc5l4bPpJbA9gc9QHVGoRTd/zANxFP1Er5tk0SP8xltjk QYNTUJIpNQV+lmCYhV4L+bBMIzMI4STXiBXiJD59QV5D1xUK4ONxJpbkJ13bpAte 52uDVrXQC8tYreBmxTMQNICUDhXSQnvyN4fEJPZwQSGgzEjeQgo2jKgkFPCB0Htt DwU4F1xJD6XeUXGCHdDCKFcKqfbFZSTHgqF9gZTXRzZKRE8kJmYMv1BbX4CAKyal efNsHQ9/a4x9hiO6Enep79QZjmxGhtUREojwGMQmfQbg3RySEUAq4jKCNJSLzchy /KJiaU7IpLaNxiN5UGgGOni3rMAjzVVmn+oZAaBqfSE8W8mjR8vF3yhn8miTNHAb TVhP62aHtZcKBkefZ/SS =obRs -END PGP SIGNATURE- ---End Message---
Bug#599937: marked as done (mysql-5.1: 5.1.51 fixes several vulnerabilities)
Your message dated Tue, 30 Nov 2010 17:50:39 + with message-id e1pnulf-0006ox...@franck.debian.org and subject line Bug#599937: fixed in mysql-5.1 5.1.49-3 has caused the Debian Bug report #599937, regarding mysql-5.1: 5.1.51 fixes several vulnerabilities to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 599937: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599937 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: mysql-5.1 Severity: grave Tags: security Justification: user security hole 5.1.51 fixes eight security issues. It has already been uploaded to experimental, so depending on the amount and quality of changes it needs to be checked whether this version shold be uploaded to Squeeze or fixes need to be cherry-picked: The following CVE assignments have been made: Bug#55826 - incorrect propagation of type errors in evaluation of arguments to extreme-value functions CVE-2010-3833 create table .. select crashes with when KILL_BAD_DATA is returned 5.0.91,5.1.49,5.1.50-bzr,5.5.5 Bug#55568 - The server could crash after materializing a derived table that required a temporary table for grouping. CVE-2010-3834 user variable assignments crash server when used within query 5.0.91-debug,5.1.49-debug Bug #55564 - A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted. CVE-2010-3835 crash with user variables, assignments, joins... 5.0.92, 5.1.37, 5.1.49, 5.1.50-bzr, 5.5.6-m3 Bug#54568 - Pre-evaluation of LIKE predicates during view preparation could cause a server crash. CVE-2010-3836 create view cause Assertion failed: 0, file .\item_subselect.cc, line 836 5.0.91-debug, 5.1.47-debug Bug#54476 - GROUP_CONCAT() and WITH ROLLUP together could cause a server crash. CVE-2010-3837 crash when group_concat and 'with rollup' in prepared statements 5.0.91, 5.1.47, 5.1.49-bzr, 5.5.3 see: [23 Jul 14:25] Alexey Kopytov Bug#54461 - Queries could cause a server crash if the GREATEST() or LEAST() function had a mixed list of numeric and LONGBLOB arguments, and the result of such a function was processed using an intermediate temporary table. CVE-2010-3838 crash with longblob and union or update with subquery 5.0.91,5.1.47, 5.5.3, 5.5.5-m3 Bug#53544 - Queries with nested joins could cause an infinite loop in the server when used from stored procedures and prepared statements. CVE-2010-3839 Server hangs during JOIN query in stored procedure called twice in a row 5.1.47, 5.6.99-m4 Dahlia, bzr_mysql-6.0-codebase-bugfixing Bug#51875 - The PolyFromWKB() function could crash the server when improper WKB data was passed to the function. CVE-2010-3840 crash when loading data into geometry function polyfromwkb 5.0.90,5.1.44 -- System Information: Shell: /bin/sh linked to /bin/bash Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) ---End Message--- ---BeginMessage--- Source: mysql-5.1 Source-Version: 5.1.49-3 We believe that the bug you reported is fixed in the latest version of mysql-5.1, which is due to be installed in the Debian FTP archive: libmysqlclient-dev_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqlclient-dev_5.1.49-3_amd64.deb libmysqlclient16_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqlclient16_5.1.49-3_amd64.deb libmysqld-dev_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqld-dev_5.1.49-3_amd64.deb libmysqld-pic_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqld-pic_5.1.49-3_amd64.deb mysql-5.1_5.1.49-3.diff.gz to main/m/mysql-5.1/mysql-5.1_5.1.49-3.diff.gz mysql-5.1_5.1.49-3.dsc to main/m/mysql-5.1/mysql-5.1_5.1.49-3.dsc mysql-client-5.1_5.1.49-3_amd64.deb to main/m/mysql-5.1/mysql-client-5.1_5.1.49-3_amd64.deb mysql-client_5.1.49-3_all.deb to main/m/mysql-5.1/mysql-client_5.1.49-3_all.deb mysql-common_5.1.49-3_all.deb to main/m/mysql-5.1/mysql-common_5.1.49-3_all.deb mysql-server-5.1_5.1.49-3_amd64.deb to main/m/mysql-5.1/mysql-server-5.1_5.1.49-3_amd64.deb mysql-server-core-5.1_5.1.49-3_amd64.deb to main/m/mysql-5.1/mysql-server-core-5.1_5.1.49-3_amd64.deb mysql-server_5.1.49-3_all.deb to main/m/mysql-5.1/mysql-server_5.1.49-3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to
Bug#595120: marked as done (dependency loop)
Your message dated Tue, 30 Nov 2010 17:50:39 + with message-id e1pnulf-0006or...@franck.debian.org and subject line Bug#595120: fixed in mysql-5.1 5.1.49-3 has caused the Debian Bug report #595120, regarding dependency loop to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 595120: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595120 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: mysql-server-5.1 Version: 5.1.49-1 Severity: grave Justification: prevents installation of debian squeeze there is dependency loop between mysql-server-5.1 package and pdns-server package: from message http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594805#35: pdns provides $named and wants to start after mysql, while mysql wants to start after $named. This leads to this dependency loop: mysql - $named - pdns - mysql - $named. the loop makes installation of pdns-server after mysql-server-5.1 impossible and after that installation of many other packages fail too. see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594805#30 on how to reproduce the problem. i don't know how the init info system has been designed, but requiring that mysql server must be started after named has been started makes no sense, because existence of named on a host does not mean that mysql server would use it. in my opinion an entry should be included on init info Should-Start line only a service only if the service would fail to start unless the other service is already running. this is not the case with mysqld, which starts ok even when a name server deamon is not running. so could you please drop $named from mysql init script Should lines. i already tried to get mysql dropped from pdns Should lines, but failed (debian bug 594805). -- juha ---End Message--- ---BeginMessage--- Source: mysql-5.1 Source-Version: 5.1.49-3 We believe that the bug you reported is fixed in the latest version of mysql-5.1, which is due to be installed in the Debian FTP archive: libmysqlclient-dev_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqlclient-dev_5.1.49-3_amd64.deb libmysqlclient16_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqlclient16_5.1.49-3_amd64.deb libmysqld-dev_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqld-dev_5.1.49-3_amd64.deb libmysqld-pic_5.1.49-3_amd64.deb to main/m/mysql-5.1/libmysqld-pic_5.1.49-3_amd64.deb mysql-5.1_5.1.49-3.diff.gz to main/m/mysql-5.1/mysql-5.1_5.1.49-3.diff.gz mysql-5.1_5.1.49-3.dsc to main/m/mysql-5.1/mysql-5.1_5.1.49-3.dsc mysql-client-5.1_5.1.49-3_amd64.deb to main/m/mysql-5.1/mysql-client-5.1_5.1.49-3_amd64.deb mysql-client_5.1.49-3_all.deb to main/m/mysql-5.1/mysql-client_5.1.49-3_all.deb mysql-common_5.1.49-3_all.deb to main/m/mysql-5.1/mysql-common_5.1.49-3_all.deb mysql-server-5.1_5.1.49-3_amd64.deb to main/m/mysql-5.1/mysql-server-5.1_5.1.49-3_amd64.deb mysql-server-core-5.1_5.1.49-3_amd64.deb to main/m/mysql-5.1/mysql-server-core-5.1_5.1.49-3_amd64.deb mysql-server_5.1.49-3_all.deb to main/m/mysql-5.1/mysql-server_5.1.49-3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 595...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Norbert Tretkowski norb...@tretkowski.de (supplier of updated mysql-5.1 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 30 Nov 2010 09:20:33 +0100 Source: mysql-5.1 Binary: libmysqlclient16 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-5.1 mysql-server-core-5.1 mysql-server-5.1 mysql-server mysql-client Architecture: source all amd64 Version: 5.1.49-3 Distribution: unstable Urgency: high Maintainer: Debian MySQL Maintainers pkg-mysql-ma...@lists.alioth.debian.org Changed-By: Norbert Tretkowski norb...@tretkowski.de Description: libmysqlclient-dev - MySQL database development files libmysqlclient16 - MySQL database client library libmysqld-dev - MySQL embedded database development files libmysqld-pic - MySQL database development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.1 - MySQL database client binaries mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf mysql-server - MySQL
Bug#591115: Bug forwarded
Hi Alexander, Alexander Reichle-Schmehl wrote: Hi! [...] Has there been any progress with this bug? None so far... I see the new package is still on mentors, but I don't think the release managers will accept a new upstream release at this stage of the freeze, therefore I'm currently not considering sponsoring your package. However, if I understood it correctly, upstream removed the failed test causing this FTBFS? Yes, in the last upstream version there are no tests. So my understanding would be, that a legitimate fix would be to disbale this test (without uploading a NEW upstream version). If you could prepere that, I'm willing to sponsor the upload; if you got the OK from the release team for the new upstream version, I'm also willing to upload the version on mentors. Ok, i've prepared a package with the old upstream version and the tests disabled at build time, which prevents the FTBFS. It is uploaded at mentors [1] Thanks a lot, cheers [1] http://mentors.debian.net/debian/pool/main/d/doctrine/doctrine_1.2.2-2.dsc signature.asc Description: OpenPGP digital signature
Bug#605150: mmass: Use of PYTHONPATH env var in an insecure way
On Mon, Nov 29, 2010 at 07:36:12PM +0100, Moritz Muehlenhoff wrote: mmass maintainers, you still still a fix for Squeeze, please get in contact with the release managers for a targeted tpu fix. Squeeze is fine, PYTHONPATH isn't used in this version. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605499: googleearth-package: due to new googleearth-version package does not work any more
Package: googleearth-package Severity: grave Tags: squeeze Justification: renders package unusable -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: x86_64 Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: lang=de...@euro, lc_ctype=de...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Hi dear maintainers, as google has released its new version (version 6), any new built package will not work at all. I tried amd64 as well as i386. Although a google-package can be built and installed with dpkg -i, the binary crashes (telling: /usr/lib/googleearth/googleearth-bin: not found). I checked, the binary is existent! Maybe some things in make-googleearth part must be changed due to the new google-changes. Hope, my little bugreport could help just before many people wondered. Best regards Hans-J. Ullrich -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602222: bacula meta-package not installable with recommended packages
On 11/27/2010 10:37 AM, Luca Capello wrote: John, two questions: - have you any preference on the solution? - do you mind if Hideki uploads its NMU? This is a serious bug that affects squeeze as well... Thank you all for your work on this. I was net-limited over the last few days due to the US Thanksgiving holiday (I had a smartphone with which I planned to answer any critical security-related stuff but not much else was practical). I see the NMU has posted and I am quite fine with that. Thanks again, -- John -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605096: [pkg-cli-apps-team] Bug#605096: CVE-2010-4005
Hi, [ccing -cli too for information] On Mon, Nov 29, 2010 at 07:38:41PM +0100, Moritz Muehlenhoff wrote: On Mon, Nov 29, 2010 at 01:03:31PM +, Iain Lane wrote: tags 605096 + pending affects 605096 1.2.2-1 affects 605096 0.10.2-1 thanks Hi, On Sat, Nov 27, 2010 at 01:10:55PM +0100, Moritz Muehlenhoff wrote: Package: tomboy Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4005 for details and a patch. Please fix this for Squeeze with a targeted bugfix, not by packaging a full new upstream release. Thanks, prepared for sid/squeeze in git. Attached a diff.gz/dsc for lenny. Is this OK to upload? The impact doesn't warrant a DSA. Please fix this through a stable point update instead: http://www.debian.org/doc/developers-reference/pkgs.html#upload-stable OK. @d-release SRMs, would you accept a stable update for tomboy (and then assumedly banshee which suffers from the same problem in unstable [not checked stable yet])? debdiff attached. Regards, Iain diff -u tomboy-0.10.2/debian/changelog tomboy-0.10.2/debian/changelog --- tomboy-0.10.2/debian/changelog +++ tomboy-0.10.2/debian/changelog @@ -1,3 +1,14 @@ +tomboy (0.10.2-1+lenny1) stable-proposed-updates; urgency=high + + * Fix insecure LD_LIBRARY_PATH. A vulnerability existed where if +LD_LIBRARY_PATH were set but empty, a trailing : as a path separator would +still be appended to the path, exposing an insecure/invalid search path. +Using :+: instead of +: prevents this as ${X:+:$X} returns X iff X is set +and not empty whereas ${X+:$X} returns X iff X is set (it may be empty). +References: CVE-2010-4005 (Closes: #605096) + + -- Iain Lane la...@ubuntu.com Mon, 29 Nov 2010 12:23:34 + + tomboy (0.10.2-1) unstable; urgency=low * New upstream bugfix release. only in patch2: unchanged: --- tomboy-0.10.2.orig/debian/patches/00_LD_LIBRARY_PATH_CVE-2010-4005.patch +++ tomboy-0.10.2/debian/patches/00_LD_LIBRARY_PATH_CVE-2010-4005.patch @@ -0,0 +1,39 @@ +Description: Fix unsafe LD_LIBRARY_PATH setting (CVE-2010-4005) +Author: Luis Medinas lmedi...@gnome.org +Origin: https://bugzilla.gnome.org/show_bug.cgi?id=635614 +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605096 +Bug-Upstream: https://bugzilla.gnome.org/show_bug.cgi?id=635614 +Forwarded: not-needed + +Index: tomboy.git/Tomboy/tomboy.in +=== +--- tomboy.git.orig/Tomboy/tomboy.in 2010-11-29 01:10:11.170557627 + tomboy.git/Tomboy/tomboy.in2010-11-29 01:09:46.128629088 + +@@ -3,13 +3,13 @@ + if [ x$PWD = x...@srcdir@ ] ; then + echo *** Running uninstalled @target@ *** + +-export LD_LIBRARY_PATH=../libtomboy/.libs${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}:./Addins/PrintNotes/.libs ++export LD_LIBRARY_PATH=../libtomboy/.libs${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}:./Addins/PrintNotes/.libs + export TOMBOY_WRAPPER_PATH=$PWD/@wrapper@ + export MONO_PATH=$MONO_PATH:./Addins:../Mono.Addins/Mono.Addins:../Mono.Addins/Mono.Addins.Setup:../Mono.Addins/Mono.Addins.Gui + + THIS_EXE=--debug ./@target@ + else +-export LD_LIBRARY_PATH=@pkglib...@${ld_library_path+:$LD_LIBRARY_PATH} ++export LD_LIBRARY_PATH=@pkglib...@${ld_library_path:+:$LD_LIBRARY_PATH} + export MONO_PATH=$MONO_PATH:@pkglibdir@:@pkglibdir@/addins + export TOMBOY_WRAPPER_PATH=@bindir@/@wrapper@ + +Index: tomboy.git/Tomboy/tomboy-panel.in +=== +--- tomboy.git.orig/Tomboy/tomboy-panel.in 2010-11-29 01:10:10.770526817 + tomboy.git/Tomboy/tomboy-panel.in 2010-11-29 01:10:00.929768958 + +@@ -1,6 +1,6 @@ + #!/usr/bin/env bash + +-export LD_LIBRARY_PATH=@pkglib...@${ld_library_path+:$LD_LIBRARY_PATH} ++export LD_LIBRARY_PATH=@pkglib...@${ld_library_path:+:$LD_LIBRARY_PATH} + export MONO_PATH=$MONO_PATH:@pkglibdir@:@pkglibdir@/addins + export TOMBOY_WRAPPER_PATH=@bindir@/@wrapper@ + TOMBOY_CONFIG_DIR=${XDG_CONFIG_HOME:-$HOME/.config}/tomboy signature.asc Description: Digital signature
Bug#605504: chocolate-doom: Game freezes up during play
Package: chocolate-doom Version: 1.4.0-1 Severity: grave Tags: patch Justification: renders package unusable Chocolate Doom locks up during play. This is due to a bug in SDL_mixer 1.2.8 that was fixed in v1.2.9. When using the Mix_SetPanning function to set the left/right separation of a playing sound effect, a race condition can occur that causes a structure to be accessed by the main thread after it has been freed by the sound callback thread. A fix for the SDL_mixer bug can be found in the LibSDL HG repository, changeset 884a700fb3ff. This fix was included in the v1.2.9 release. Alternatively, a workaround for the bug can be found in the Chocolate Doom SVN repository, see revision 2165. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages chocolate-doom depends on: ii doom-wad-shareware [doom-wad 1.9.fixed-2 Shareware game files for the 3D ga ii libc62.11.2-7Embedded GNU C Library: Shared lib ii libsdl-mixer1.2 1.2.8-6+b1 mixer library for Simple DirectMed ii libsdl-net1.21.2.7-2 network library for Simple DirectM ii libsdl1.2debian 1.2.14-6.1 Simple DirectMedia Layer chocolate-doom recommends no packages. chocolate-doom suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605507: icecast2 failed to reinstall/upgrade/purge
Package: icecast2 Version: 2.3.2-5 Severity: serious Tags: sid squeeze This bug was originally reported on Launchpad, see https://launchpad.net/bugs/481060 for more information. I've reproduced this in an AMD64 sid chroot, dpkg's terminal log follows: --- (sid_amd64)r...@debomatic64:/home/quadrispro# aptitude purge icecast2 The following packages will be REMOVED: icecast2{p} libspeex1{u} libtheora0{u} 0 packages upgraded, 0 newly installed, 3 to remove and 0 not upgraded. Need to get 0 B of archives. After unpacking 1661 kB will be freed. Do you want to continue? [Y/n/?] (Reading database ... 48206 files and directories currently installed.) Removing icecast2 ... Stopping icecast2: icecast2. Purging configuration files for icecast2 ... Removing user `icecast2' ... Warning: group `icecast2' has no more members. userdel: user icecast2 is currently logged in /usr/sbin/deluser: `/usr/sbin/userdel icecast2' returned error code 8. Exiting. dpkg: error processing icecast2 (--purge): subprocess installed post-removal script returned error exit status 1 Processing triggers for man-db ... configured to not write apport reports Errors were encountered while processing: icecast2 E: Sub-process /usr/bin/dpkg returned an error code (1) A package failed to install. Trying to recover: (sid_amd64)r...@debomatic64:/home/quadrispro# --- Steps to reproduce (on squeeze/sid): 1. aptitude install icecast2 2. Run icecast2: a. Modify /etc/default/icecast2 and set ENABLE to true b. /etc/init.d/icecast2 start 3. aptitude purge icecast2 OR aptitude reinstall icecast2 Although I have not performed any upgrade test, I bet it would happen on upgrade too. -- System Information: Debian Release: squeeze/sid APT prefers maverick-updates APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 'maverick') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35-23-generic (SMP w/4 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603545: patch available
Thanks to Jean-Luc Leger (re...@dspnet.fr.eu.org), which created this patch. I just tested it and it fixes the bugs. tcsh-6.17.02-multibyte.patch Description: Binary data @lucas: will you prepare a new release? -- regards Thomas
Processed: tagging 603545
Processing commands for cont...@bugs.debian.org: # Automatically generated email from bts, devscripts version 2.10.35lenny7 tags 603545 patch Bug #603545 [tcsh] globbing: e.g. zz* expands to z zz Added tag(s) patch. End of message, stopping processing here. Please contact me if you need assistance. -- 603545: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#604172: lincity-ng crash (easyly reproducible)
severity 604172 important thanks On Sat, Nov 20, 2010 at 10:37:58PM +0100, Alain B wrote: This bug was reported on upstream mailing list, and seems to affect only debian squeeze (with either the squeeze version or latest svn version) maybe only the amd64 version. For sure this does not happen on ubuntu 10.04 32bits (either packaged or svn) Howto crash : - start a game (either window or full screen, SDL or OpenGL) - zoom out (get as far as possible from the town) - put the mouse cursor on top of screen to scroll at maximum - select buldozer tool the game should crash after 2 or 3 tries (maybe the first one) even without doing anything else than selecting tool. I cannot reproduce this. (amd64, Squeeze). Can you reproduce this yourself or did you just see the report on the development mailing list? If so, do you know how to generate a backtrace? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: lincity-ng crash (easyly reproducible)
Processing commands for cont...@bugs.debian.org: severity 604172 important Bug #604172 [lincity-ng] lincity-ng crash (easyly reproducible) Severity set to 'important' from 'grave' thanks Stopping processing here. Please contact me if you need assistance. -- 604172: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604172 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605432: lsb-core dependency
According to: http://www.webupd8.org/2010/11/install-google-earth-6-in-ubuntu-linux.html lsb-core needs to be installed. This should be added as a dependency to googleearth-package. After installing lsb-core, recreating the deb with make make-googleearth-package --force, Google Earth 6 installs and runs fine. -- Samat K Jain http://samat.org/ | GPG: 0x4A456FBA You have many friends and very few living enemies. -- None (124) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#566072: proposed patch
On Sun, Nov 28, 2010 at 09:48:30AM -0700, LaMont Jones wrote [edited]: I'll ponder this an get back with you on Monday (US time). and? what about my earlier proposal of using debconf only if it happens to be installed? -S -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603545: patch available
Hi, On 30/11/10 at 21:51 +0100, Thomas Lange wrote: Thanks to Jean-Luc Leger (re...@dspnet.fr.eu.org), which created this patch. I just tested it and it fixes the bugs. @lucas: will you prepare a new release? I would prefer if someone else did it, as I have orphaned tcsh (#592093). - Lucas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#566072: proposed patch
On Tue, Nov 30, 2010 at 10:33:27PM +0100, Serafeim Zanikolas wrote: On Sun, Nov 28, 2010 at 09:48:30AM -0700, LaMont Jones wrote [edited]: I'll ponder this an get back with you on Monday (US time). and? what about my earlier proposal of using debconf only if it happens to be installed? Well, given that we want to print something, and the only compliant way to do that is via debconf, we're kind of stuck with using it for the purpose. I'll upload something with the change either late this week, or (more likely) early next. Unless there's a pressing need for sooner? lamont -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605504: release team advice: chocolate-doom lock-up / OOD libsdl-mixer
Hi folks, Chocolate doom (contrib) upstream has alerted me to an RC bug http://bugs.debian.org/605504. The problem is actually in libsdl-mixer1.2 and is fixed upstream. There are three possible ways to resolve this for squeeze (asides from ignoring it): 1. backport a workaround for chocolate-doom (this patch: http://chocolate-doom.svn.sourceforge.net/viewvc/chocolate-doom?view=revisionrevision=2165 which fixes the lock-up at the expense of 'choppy' sound. I think this is the least satisfactory solution, but it is something I am comfortable handling myself. 2. package up a newer version of sdl-mixer. Someone else has done so, and I am working on reconciling their work with the existing packaging (e.g. they dropped debian/patches/* entirely). This should happen for squeeze+n n=1 anyway, but a freeze exception could be requested. At present I have no idea what the implications would be on linking packages: binnmus, etc. I have a membership request pending for the SDL maintainers alioth team and am prepared to NMU when I am satisfied with a package, subject to any squeeze decision. There hasn't been any feedback from the team regarding the new package efforts. 3. backport the fix for sdl-mixer to the current version. The chocolate-doom bug lists an hg commit upstream which apparently fixes the issue. I do not know (yet) how easily this would apply to current sdl-mixer nor what implications this would have on linking packages. My next step personally is to try to answer my own questions in 2. or 3., but any steer from you folks would be very welcome. Many thanks, -- Jon Dowland -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605527: approx: routinely has inconsistant Release* and Packages* files
Package: approx Version: 4.5-1 Severity: grave Justification: renders package unusable approx is failing to cache the mirror correctly. i routinely end up with apt-get update from approx resulting in: W: Failed to fetch http://127.0.0.1:/debian/dists/squeeze/main/binary-i386/PackagesIndex MD5Sum mismatch W: Failed to fetch http://127.0.0.1:/debian/dists/experimental/main/source/SourcesIndex MD5Sum mismatch W: Failed to fetch http://127.0.0.1:/debian/dists/sid/main/binary-i386/Packages.gz Hash Sum mismatch W: Failed to fetch http://127.0.0.1:/debian/dists/sid/main/source/Sources.gz Hash Sum mismatch E: Some index files failed to download, they have been ignored, or old ones used instead. with both approx entries and direct entries to the exact same mirrors configured in apt's sources.list, at least one of my approx entries results in a Hash Sum mismatch on nearly every apt-get update, while the directly configured entries work without problems. it's not always the same entries... sometimes sid, sometimes squeeze, sometimes experimental, but nearly always at least one of them fails. two subsequent runs often end up with different results. sometimes, manually removing the /var/cache/approx/debian*/dists/ directories or specific Packages*/Release* files fixes it for a day or so, but it doesn't take long for it to consistantly fail again. i've been a largely happy long-time user of approx, and have encountered infrequent occasional glitches like this before, but this problem seems to have gotten increasingly worse since upgrading to squeeze a few months ago. live well, vagrant -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (102, 'unstable'), (101, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages approx depends on: ii adduser 3.112add and remove users and groups ii bzip2 1.0.5-6 high-quality block-sorting file co ii curl7.21.0-1 Get a file from an HTTP, HTTPS or ii debconf [debconf-2.0] 1.5.36 Debian configuration management sy ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libpcre38.02-1.1 Perl 5 Compatible Regular Expressi ii openbsd-inetd [inet-superse 0.20080125-6 The OpenBSD Internet Superserver ii update-inetd4.38 inetd configuration file updater approx recommends no packages. Versions of packages approx suggests: pn libconfig-model-approx-perl none (no description available) -- Configuration Files: /etc/approx/approx.conf changed: debian http://debian.osuosl.org/debian debian-security http://security.us.debian.org/debian-security debian-volatile http://volatile.debian.org/debian-volatile debian-backports http://backports.debian.org/debian-backports skolelinux http://ftp.skolelinux.org/skolelinux debian-portshttp://debian-ports.org/debian $verbose true $offline true $debug true /etc/cron.weekly/approx changed: if [ -x /usr/sbin/approx-gc ]; then /usr/sbin/approx-gc --verbose fi -- debconf information: approx/port: -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605504: HG patch URL for my own convenience
Just so I can find it again http://hg.libsdl.org/SDL_mixer/rev/884a700fb3ff -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#566072: proposed patch
That's fine. I'm glad that my NMU is unnecessary; obviously, feel free to use (parts of) it. It would be good however to finalise the text ASAP so that we advertise it for translations. -S -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#510130: Error calculing volhdr partition boundaries on SGI disklabel
On Mon, Nov 29, 2010 at 02:16:09PM +0100, Karel Zak wrote: On Thu, Nov 25, 2010 at 05:58:37PM +0100, Moritz Muehlenhoff wrote: --- util-linux-2.13.1.1.orig/fdisk/fdisksgilabel.c +++ util-linux-2.13.1.1/fdisk/fdisksgilabel.c @@ -501,6 +501,9 @@ } start = sgi_get_start_sector(Index[i]) + sgi_get_num_sectors(Index[i]); + /* Align free space on cylinder boundary */ + if (start % cylsize != 0) + start += cylsize - (start % cylsize); if (debug 1) { if (verbose) printf(%2d:%12d\t%12d\t%12d\n, Index[i], Karel, what do you think about the patch proposed by Aurelien? Applied, thanks. Lamont, are you fine with an NMU? This bug has been open for a long time and needs to be fixed for Squeeze soon. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#510130: Error calculing volhdr partition boundaries on SGI disklabel
On Tue, Nov 30, 2010 at 11:38:41PM +0100, Moritz Muehlenhoff wrote: Lamont, are you fine with an NMU? This bug has been open for a long time and needs to be fixed for Squeeze soon. I have another upload for util-linux that I'm planning doing late this week or monday. (566072) Is that soon enough, or do I need to make time before that? lamont -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#510130: Error calculing volhdr partition boundaries on SGI disklabel
On Tue, Nov 30, 2010 at 03:42:11PM -0700, LaMont Jones wrote: On Tue, Nov 30, 2010 at 11:38:41PM +0100, Moritz Muehlenhoff wrote: Lamont, are you fine with an NMU? This bug has been open for a long time and needs to be fixed for Squeeze soon. I have another upload for util-linux that I'm planning doing late this week or monday. (566072) Is that soon enough, or do I need to make time before that? That should be fine, thanks! Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601750: marked as done (hostname set to debian when doing network boot)
Your message dated Tue, 30 Nov 2010 23:04:09 + with message-id e1pnzf3-0005dg...@franck.debian.org and subject line Bug#601750: fixed in fai 3.4.5 has caused the Debian Bug report #601750, regarding hostname set to debian when doing network boot to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 601750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601750 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: fai-client Version: 3.4.4 Severity: important When booting a client via PXE and DHCP the hostname is always set to debian. But the variable $HOSTNAME is the correct host name, received from DHCP. svn r6124 introduced a call of /lib/live/config.sh. This changes the hostname which was received by DHCP to debian. I will prepare a patch for this. IMO we should not depend on live-config, since FAI only needs live-boot for booting. Setting the hostname can be done by FAI itself. -- regards Thomas ---End Message--- ---BeginMessage--- Source: fai Source-Version: 3.4.5 We believe that the bug you reported is fixed in the latest version of fai, which is due to be installed in the Debian FTP archive: fai-client_3.4.5_all.deb to main/f/fai/fai-client_3.4.5_all.deb fai-doc_3.4.5_all.deb to main/f/fai/fai-doc_3.4.5_all.deb fai-nfsroot_3.4.5_all.deb to main/f/fai/fai-nfsroot_3.4.5_all.deb fai-quickstart_3.4.5_all.deb to main/f/fai/fai-quickstart_3.4.5_all.deb fai-server_3.4.5_all.deb to main/f/fai/fai-server_3.4.5_all.deb fai-setup-storage_3.4.5_all.deb to main/f/fai/fai-setup-storage_3.4.5_all.deb fai_3.4.5.dsc to main/f/fai/fai_3.4.5.dsc fai_3.4.5.tar.gz to main/f/fai/fai_3.4.5.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 601...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Prokop m...@debian.org (supplier of updated fai package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 30 Nov 2010 12:10:42 +0100 Source: fai Binary: fai-client fai-doc fai-server fai-quickstart fai-nfsroot fai-setup-storage Architecture: source all Version: 3.4.5 Distribution: unstable Urgency: low Maintainer: Thomas Lange la...@debian.org Changed-By: Michael Prokop m...@debian.org Description: fai-client - Fully Automatic Installation client package fai-doc- Documentation for FAI fai-nfsroot - Fully Automatic Installation nfsroot package fai-quickstart - Fully Automatic Installation quickstart package fai-server - Fully Automatic Installation server package fai-setup-storage - automatically prepare storage devices Closes: 597479 600591 600715 601750 602498 602763 603565 604938 Changes: fai (3.4.5) unstable; urgency=low . [ Michael Prokop ] * [0e587c4] conf/NFSROOT: provide commented (and not activated) linux- image line for lenny - thanks to Thomas Lange * [530261d] conf/sources.list: replace lenny with squeeze - thanks to Thomas Lange * [d59d35f] fai-nfsroot.postrm: use rm with -f to not fail if /etc/init.d/rcS does not exist - thanks to Holger for the report * [10a5626] simple examples: move from apt-proxy to approx - thanks to Thomas Lange (closes: #602763) * [305bb81] NFSROOT: move commented lenny package examples to according place - thanks to Thomas Lange * [b7eb5c4] Adjust depends/recommends regarding tftp server (closes: #603565) . [ Thomas Lange ] * [df7e592] use hostname= from the kernel command line (closes: #601750) * [7dcb45f] only use interfaces that are up (closes: #600591) * [039a7f0] print message to stdout (closes: #600715) * [e7376be] fai-cd.8: add missing verb * [6ec9f0a] FAI questionnaire: ask for logo * [326bd14] create directories, set additional parameters (closes: #602498) * [a955bf8] FAI questionnaire: exclude basefiles in du(1) command * [7beb0d0] write MBR when using grub2 (closes: #597479) * [d54f816] remove some packages to make fai-cd smaller * [d93bfc5] remove part of how to enable PXE on 3com. This info was move into the wiki * [cc2e198] add hint about ADDCLASSES * [62d45e7] add newline, makes shell.log much more readable * [72acf49] do not include /boot on CD * [66cad6f] do not install
Bug#602222: bacula meta-package not installable with recommended packages
On Tue, 30 Nov 2010 14:11:33 -0600, John Goerzen wrote: Thank you all for your work on this. I was net-limited over the last few days due to the US Thanksgiving holiday (I had a smartphone with which I planned to answer any critical security-related stuff but not much else was practical). I see the NMU has posted and I am quite fine with that. Thanks for your feedback, and I'm glad I could help a bit. Cheers, gregor -- .''`. http://info.comodo.priv.at/ -- GPG key IDs: 0x8649AA06, 0x00F3CFE4 : :' : Debian GNU/Linux user, admin, developer - http://www.debian.org/ `. `' Member of VIBE!AT SPI, fellow of Free Software Foundation Europe `-NP: Bob Dylan: Like A Rolling Stone signature.asc Description: Digital signature
Bug#597933: Non-free files distributed in sdcc
On Sun, Nov 21, 2010 at 02:32:00PM +, Hector Oron wrote: Hello, 2010/11/16 Julien Cristau jcris...@debian.org: $ apt-get source sdcc cd sdcc-2.9.0 find . -name *non-free* grep -nRHi *authentic Microchip* * || echo Package is clean As it seems this is not affecting Squeeze, could we (at least) tag squeeze-ignore this bug report (if not close it)? No. Read again. The files were moved, but the code is there in 2.9.0. (Look in device/include/pic{,16}.) sdcc-2.9.0/device/include/pic$ for x in `ls` ; do less $x ; done I did read license headers on all those files, some of them GPL, some of them GNU pic license, some other without notice, which I belive general COPYING information applies in such case. I was unable to find any notice as reported in this bugreport. Philipp, can you specific the files with the problematic license status? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603450: offlineimap: fails check the remote servers ssl certificate is valid
On Sun, Nov 14, 2010 at 07:55:23PM +1100, david b wrote: Package: offlineimap Severity: grave Tags: security Justification: user security hole offlineimap performs absolutely no ssl certificate checking. So users could/can be the victim of a man in the middle attack. In debian the following bugs exist: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536421 (re certificate expiration) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=153240 (re ssl fingerprint checking) This could be considered a bug in imaplib (http://bugs.python.org/issue10274). A partial 'fix' is the following(this 'fix' isn't complete and would break connections to servers using self-signed certificates): FWIW, this is a limitation documented on the homepage since 2007: https://github.com/jgoerzen/offlineimap/wiki Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605527: approx: routinely has inconsistant Release* and Packages* files
Please also send the /etc/inetd.conf entry for approx. Are there any caching proxies (like squid) between your approx server and the Internet? -- Eric Cooper e c c @ c m u . e d u -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603158: marked as done (CVE-2010-4165: possible kernel oops from user MSS)
Your message dated Wed, 1 Dec 2010 00:42:11 +0100 with message-id 20101130234211.ga7...@galadriel.inutil.org and subject line Re: possible kernel oops from user MSS has caused the Debian Bug report #603158, regarding CVE-2010-4165: possible kernel oops from user MSS to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 603158: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603158 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: linux-2.6 Version: 2.6.28-1 Severity: serious Tags: security patch upstream This bug was introduced in upstream version 2.6.28 and is about to be fixed in 2.6.37. I don't think any CVE has been assigned yet. Ben. - Forwarded message from David Miller da...@davemloft.net - From: David Miller da...@davemloft.net To: shan...@cn.fujitsu.com Cc: sc...@mvista.com, net...@vger.kernel.org Subject: Re: possible kernel oops from user MSS Date: Thu, 11 Nov 2010 13:40:18 + From: David Miller da...@davemloft.net Date: Wed, 10 Nov 2010 21:33:13 -0800 (PST) I'll make the minimum 64 or something like that. Here is the patch I will use: tcp: Increase TCP_MAXSEG socket option minimum. As noted by Steve Chen, since commit f5fff5dc8a7a3f395b0525c02ba92c95d42b7390 (tcp: advertise MSS requested by user) we can end up with a situation where tcp_select_initial_window() does a divide by a zero (or even negative) mss value. The problem is that sometimes we effectively subtract TCPOLEN_TSTAMP_ALIGNED and/or TCPOLEN_MD5SIG_ALIGNED from the mss. Fix this by increasing the minimum from 8 to 64. Reported-by: Steve Chen sc...@mvista.com Signed-off-by: David S. Miller da...@davemloft.net --- net/ipv4/tcp.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 245603c..0814199 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -2246,7 +2246,7 @@ static int do_tcp_setsockopt(struct sock *sk, int level, /* Values greater than interface MTU won't take effect. However * at the point when this call is done we typically don't yet * know which interface is going to be used */ - if (val 8 || val MAX_TCP_WINDOW) { + if (val 64 || val MAX_TCP_WINDOW) { err = -EINVAL; break; } -- 1.7.3.2 -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html - End forwarded message - -- Ben Hutchings We get into the habit of living before acquiring the habit of thinking. - Albert Camus ---End Message--- ---BeginMessage--- Version: 2.6.32-28 On Thu, Nov 11, 2010 at 02:14:45PM +, Ben Hutchings wrote: Package: linux-2.6 Version: 2.6.28-1 Severity: serious Tags: security patch upstream This bug was introduced in upstream version 2.6.28 and is about to be fixed in 2.6.37. I don't think any CVE has been assigned yet. The -28 upload didn't have a bug closer for this. Cheers, Moritz ---End Message---
Processed: Re: mysql-gui-tools: EOL upstream, should not be shipped in squeeze, replaced by MySQL Workbench
Processing commands for cont...@bugs.debian.org: severity 584987 serious Bug #584987 [mysql-gui-tools] mysql-gui-tools: EOL upstream, should not be shipped in squeeze, replaced by MySQL Workbench Severity set to 'serious' from 'important' thanks Stopping processing here. Please contact me if you need assistance. -- 584987: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584987 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605527: approx: routinely has inconsistant Release* and Packages* files
On Tue, Nov 30, 2010 at 02:18:16PM -0800, Vagrant Cascadian wrote: with both approx entries and direct entries to the exact same mirrors configured in apt's sources.list, at least one of my approx entries results in a Hash Sum mismatch on nearly every apt-get update, while the directly configured entries work without problems. Can you please send me the portion of the debug log that corresponds to some of these failures? Also, are you using IPv6? -- Eric Cooper e c c @ c m u . e d u -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#584987: mysql-gui-tools: EOL upstream, should not be shipped in squeeze, replaced by MySQL Workbench
On Wed, 2010-12-01 at 00:53 +0100, Moritz Muehlenhoff wrote: I noticed this bug when filing a bug for CVE-2010-4177 and CVE-2010-4178. Raising severity so that it gets checked whether we want to keep supporting it for Squeeze and whether alternatives exist. Unfortunately there isn't really a good replacement for it in squeeze, except maybe phpmyadmin but that isn't really a desktop client. I'm personally using mysql-workbench packages manually built from the pkg-mysql packaging in their SVN repository. Hopefully the team will upload it to Debian soon and maintain backports post-squeeze. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#603450: offlineimap: fails check the remote servers ssl certificate is valid
FWIW, this is a limitation documented on the homepage since 2007: https://github.com/jgoerzen/offlineimap/wiki Erh No ... I added that. I didn't see on the homepage erh...? Also my bug report here links to the 2007 thread post already... -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605551: Memory corruption in dcc7 session removal
Package: libgadu3 Version: 1:1.8.0+r592-3 Severity: serious Tags: upstream fixed-upstream confirmed A fix for potential segfault was submitted recently to libgadu upstream: http://toxygen.net/websvn/comp.php?repname=libgadupath=/compare[]=/branc...@1022compare[]=/branc...@1028 Discussed (in Polish) at http://lists.ziew.org/pipermail/libgadu-devel/2010-November/000672.html -- Marcin Owsiany porri...@debian.org http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#605536: dpkg: ^C during package install results in broken symlinks
Processing commands for cont...@bugs.debian.org: severity 605536 serious Bug #605536 [dpkg] dpkg: ^C during package install results in broken symlinks Severity set to 'serious' from 'normal' thanks Stopping processing here. Please contact me if you need assistance. -- 605536: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605536 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605551: marked as done (Memory corruption in dcc7 session removal)
Your message dated Wed, 01 Dec 2010 03:47:09 + with message-id e1pndev-00067x...@franck.debian.org and subject line Bug#605551: fixed in libgadu 1:1.9.0-2 has caused the Debian Bug report #605551, regarding Memory corruption in dcc7 session removal to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605551: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605551 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: libgadu3 Version: 1:1.8.0+r592-3 Severity: serious Tags: upstream fixed-upstream confirmed A fix for potential segfault was submitted recently to libgadu upstream: http://toxygen.net/websvn/comp.php?repname=libgadupath=/compare[]=/branc...@1022compare[]=/branc...@1028 Discussed (in Polish) at http://lists.ziew.org/pipermail/libgadu-devel/2010-November/000672.html -- Marcin Owsiany porri...@debian.org http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 ---End Message--- ---BeginMessage--- Source: libgadu Source-Version: 1:1.9.0-2 We believe that the bug you reported is fixed in the latest version of libgadu, which is due to be installed in the Debian FTP archive: libgadu-dev_1.9.0-2_amd64.deb to main/libg/libgadu/libgadu-dev_1.9.0-2_amd64.deb libgadu-doc_1.9.0-2_all.deb to main/libg/libgadu/libgadu-doc_1.9.0-2_all.deb libgadu3-dbg_1.9.0-2_amd64.deb to main/libg/libgadu/libgadu3-dbg_1.9.0-2_amd64.deb libgadu3_1.9.0-2_amd64.deb to main/libg/libgadu/libgadu3_1.9.0-2_amd64.deb libgadu_1.9.0-2.diff.gz to main/libg/libgadu/libgadu_1.9.0-2.diff.gz libgadu_1.9.0-2.dsc to main/libg/libgadu/libgadu_1.9.0-2.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 605...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marcin Owsiany porri...@debian.org (supplier of updated libgadu package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 30 Nov 2010 19:23:50 -0800 Source: libgadu Binary: libgadu3 libgadu3-dbg libgadu-dev libgadu-doc Architecture: source all amd64 Version: 1:1.9.0-2 Distribution: unstable Urgency: high Maintainer: Marcin Owsiany porri...@debian.org Changed-By: Marcin Owsiany porri...@debian.org Description: libgadu-dev - Gadu-Gadu protocol library - development files libgadu-doc - Gadu-Gadu protocol library - documentation libgadu3 - Gadu-Gadu protocol library - runtime files libgadu3-dbg - Gadu-Gadu protocol library - debug symbols Closes: 605551 Changes: libgadu (1:1.9.0-2) unstable; urgency=high . * RC bugfix release targeted at squeeze and sid * Cherry-picked a fix for memory corruption in dcc7 session removal, Closes: #605551 Checksums-Sha1: ced25f019ec017ec87413f42c763b066969a740c 1332 libgadu_1.9.0-2.dsc 14b34ea3178dfb94708f67af7029d343f71a6f0b 11238 libgadu_1.9.0-2.diff.gz 18bc61ace4b27d6c6e75df1149bc3230967e2690 444338 libgadu-doc_1.9.0-2_all.deb 00f790bf2812fb6fd045f3a9368eeb12d62696df 62296 libgadu3_1.9.0-2_amd64.deb 19ae5c7333aeeb0a1b4b89d5c50baf089ac73d7e 82362 libgadu3-dbg_1.9.0-2_amd64.deb c4401836c4129e4238af2026b3dcd4ec26dcd08e 83082 libgadu-dev_1.9.0-2_amd64.deb Checksums-Sha256: 8b6505805eb55997d08c50ca367597a77d97a8ad17a6fe557b87b9c2b9308c19 1332 libgadu_1.9.0-2.dsc be7542c16e3ba706190e980425132cb3d97469bd2a322fa1f98cd77977c382a2 11238 libgadu_1.9.0-2.diff.gz fccf5bf145b90306d24f21771a4f6bdf1db97d70bde2aec2d96d3c1e6fd774a9 444338 libgadu-doc_1.9.0-2_all.deb 1fb291674bf5eb9eb68c9015b1d048e058f5f697d9745c41cc4185a30a721e7a 62296 libgadu3_1.9.0-2_amd64.deb 9832dcba294bf6c05249896d221a6fe1f6b59163a37e99e7288a67ee4eb7b3d4 82362 libgadu3-dbg_1.9.0-2_amd64.deb 9b00a8728fed546d05579ebe3d27131d18536931849ac35d30277c4b92e62e68 83082 libgadu-dev_1.9.0-2_amd64.deb Files: f37aa8fb73d0d4d0c36cabc84d7a7eeb 1332 libs optional libgadu_1.9.0-2.dsc e16e4ae221d1c98ec6edafb6ab3e5d54 11238 libs optional libgadu_1.9.0-2.diff.gz bb6dc03d668f62f8862d3371793d4569 444338 doc optional libgadu-doc_1.9.0-2_all.deb d73b7feae5dd22e0650b484e39e33edd 62296 libs optional libgadu3_1.9.0-2_amd64.deb 166137b97f5cb1c2f62d3db5a2f216d1 82362 debug extra libgadu3-dbg_1.9.0-2_amd64.deb 08b55a55d4d214fb910301cbee16833c 83082 libdevel optional
Bug#605553: krb5: multiple checksum vulnerabilities
package: krb5 version: 1.8.3+dfsg-2 severity: serious tags: security Multiple issues have been disclosed for krb5. See: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt This likely also affects lenny, but I haven't checked. Please work with the security team to issue a DSA. Thanks, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605553: krb5: multiple checksum vulnerabilities
source: krb5 source-version: 1.8.3+dfsg-3 Your bug crossed with my upload. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#605553: marked as done (krb5: multiple checksum vulnerabilities)
Your message dated Tue, 30 Nov 2010 23:30:54 -0500 with message-id tslr5e2w1vl@carter-zimmerman.suchdamage.org and subject line Re: Bug#605553: krb5: multiple checksum vulnerabilities has caused the Debian Bug report #605553, regarding krb5: multiple checksum vulnerabilities to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 605553: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- package: krb5 version: 1.8.3+dfsg-2 severity: serious tags: security Multiple issues have been disclosed for krb5. See: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt This likely also affects lenny, but I haven't checked. Please work with the security team to issue a DSA. Thanks, Mike ---End Message--- ---BeginMessage--- source: krb5 source-version: 1.8.3+dfsg-3 Your bug crossed with my upload. ---End Message---
Bug#583738: It's there again
Jonas Smedegaard schrieb: Later you mention that it failed it different ways. That's because there were various indications of the pdftoraster bug. I'll give you a short chronology: In January I discovered being not able to print from gtk applications from my pc at home and I got some errors like ippreaderror 14 with various integers. Searching the net brought nothing. I joined the cups forum posted a report and got that's debians problem not ours. Being a member of debianforum.de I posted there too and found at least one other who had similar problems, but no solution. At work we started testing squeeze around march and discovered the same problems. The Laserjet which I mentioned before showed exactly the same error which I told you above. After a few minor updates the pdftoraster failure appeared finally (at work and at home) so I filed this bugreport. By ghostscript 8.71 dfsg2-6 at least my Epson Stylus at home began working but Laserjets kept crashing with the formatting error. I'll test my Stylus at home within a couple of days, for I'm using Lenny at home and have to upgrade to Squeeze. Then I can give you even more feedback. I strongly suspect that the errors you experience are *not* the one mentioned by Sebastian Dröge as being in ghostscript, claimed (by him) fixed in Ubuntu, and claimed (by me) fixed in Debian. Do you still get the above error with pdftoraster? - Jonas Not on the Laserjet connected machine, unfortunately we only have printers of this type at work (or machines which work with the same ppd file). But I'll check my Stylus. Please feel free to set the status to closed, I will be mailing to the buglist, if I discover it again. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org