Processed: Re: bugs.debian.org: submit@ ignores Version: pseudoheader

2012-09-14 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 serious
Bug #685266 [bugs.debian.org] bugs.debian.org: submit@ ignores Version: 
pseudoheader
Severity set to 'serious' from 'important'
> forcemerge -1 687173
Bug #685266 [bugs.debian.org] bugs.debian.org: submit@ ignores Version: 
pseudoheader
Bug #687173 [bugs.debian.org] bugs.debian.org: Missing "Found in" in bug 
submission, though "Version:" line is there
Severity set to 'serious' from 'normal'
Merged 685266 687173

-- 
685266: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685266
687173: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687173
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#669278: Reassign

2012-09-14 Thread Lisandro Damián Nicanor Pérez Meyer 
reassign 669278 libqt4-dbus
tag 669278 pending
tag 669278 - patch
thanks

I'm marking this bug as pending, we just need the green light from the RT to 
continue.



-- 
Ud. está viendo a la persona que ven nuestros clientes.
 Leyenda pegada en el espejo de una empresa.

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#686174: Your isc-dhcp 4.2.2.dfsg.1-5+wheezy1 upload

2012-09-14 Thread Raphael Geissert 
Hi,

I'm rejecting your isc-dhcp upload to the security archive for the following 
reasons:

* Uploads must be coordinated and ACKed by the security team. Unless I'm 
missing something, it didn't happen this way.
* Incorrect version numbering. For Wheezy the +debNuX schema will be used.
* The testing-security queue is not functional. Any security update for 
wheezy, during its freeze, must go through testing-proposed-updates if it 
can't go through sid.

Regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687672: xmlrpc-c: Embedded Expat vulnerable to CVE-2012-0876, CVE-2012-1148

2012-09-14 Thread Tyler Hicks 
Package: xmlrpc-c
Version: 1.06.27-1
Followup-For: Bug #687672
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch

I've also backported the same changes to 1.06.27-1 for our Lucid
xmlrpc-c package. It looks to apply cleanly to the Squeeze package.
Here's the changelog:

  * Run the tests as part of the build process
- debian/patches/FTBFS-tests.patch: Fix issues when running make check.
  Based on upstream patches.
- debian/rules: Run make check after building
  * SECURITY UPDATE: Denial of service via hash collisions
- debian/patches/CVE-2012-0876.patch: Add random salt value to
  hash inputs. Based on upstream patch.
- CVE-2012-0876
  * SECURITY UPDATE: Denial of service via memory leak
- debian/patches/CVE-2012-1148.patch: Properly reallocate memory.
  Based on upstream patch.
- CVE-2012-1148


I hope it is of some help.


-- System Information:
Debian Release: wheezy/sid
  APT prefers quantal-updates
  APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500, 
'quantal')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5.0-14-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u xmlrpc-c-1.06.27/debian/changelog xmlrpc-c-1.06.27/debian/changelog
diff -u xmlrpc-c-1.06.27/debian/rules xmlrpc-c-1.06.27/debian/rules
--- xmlrpc-c-1.06.27/debian/rules
+++ xmlrpc-c-1.06.27/debian/rules
@@ -55,6 +55,7 @@
 build-arch-stamp: config.status
 	dh_testdir
 	$(MAKE) CADD=-fPIC
+	$(MAKE) CADD=-fPIC check
 	touch build-arch-stamp
 
 build-indep: build-indep-stamp
diff -u xmlrpc-c-1.06.27/debian/patches/series xmlrpc-c-1.06.27/debian/patches/series
--- xmlrpc-c-1.06.27/debian/patches/series
+++ xmlrpc-c-1.06.27/debian/patches/series
@@ -5,0 +6,3 @@
+FTBFS-tests.patch
+CVE-2012-0876.patch
+CVE-2012-1148.patch
only in patch2:
unchanged:
--- xmlrpc-c-1.06.27.orig/debian/patches/CVE-2012-0876.patch
+++ xmlrpc-c-1.06.27/debian/patches/CVE-2012-0876.patch
@@ -0,0 +1,556 @@
+Description: Prevent predictable hash collisions by using a random salt value
+ Backported from the upstream Expat sources to the embedded copy of Expat in
+ xmlrpc-c.
+Origin: backport, http://xmlrpc-c.svn.sourceforge.net/viewvc/xmlrpc-c?view=revision&revision=2391
+Index: xmlrpc-c-1.06.27/lib/expat/xmlparse/xmlparse.c
+===
+--- xmlrpc-c-1.06.27.orig/lib/expat/xmlparse/xmlparse.c	2012-09-06 14:54:24.144075962 -0700
 xmlrpc-c-1.06.27/lib/expat/xmlparse/xmlparse.c	2012-09-06 14:54:26.416075915 -0700
+@@ -16,6 +16,8 @@
+ */
+ 
+ #include 
++#include  /* UINT_MAX */
++#include/* time() */
+ 
+ #include "xmlrpc_config.h"
+ #include "c_util.h"
+@@ -40,6 +42,8 @@
+ typedef char ICHAR;
+ #endif
+ 
++static
++int setContext(XML_Parser parser, const XML_Char *context);
+ 
+ #ifndef XML_NS
+ 
+@@ -256,12 +260,15 @@
+ static void normalizePublicId(XML_Char *s);
+ static int dtdInit(DTD *);
+ static void dtdDestroy(DTD *);
+-static int dtdCopy(DTD *newDtd, const DTD *oldDtd);
+-static int copyEntityTable(HASH_TABLE *, STRING_POOL *, const HASH_TABLE *);
++static int dtdCopy(XML_Parser oldParser, DTD *newDtd, const DTD *oldDtd);
++static int copyEntityTable(XML_Parser, HASH_TABLE *, STRING_POOL *,
++   const HASH_TABLE *);
+ #ifdef XML_DTD
+ static void dtdSwap(DTD *, DTD *);
+ #endif /* XML_DTD */
+-static NAMED *lookup(HASH_TABLE *table, KEY name, size_t createSize);
++static NAMED *lookup(XML_Parser parser, HASH_TABLE *table, KEY name,
++ size_t createSize);
++static int startParsing(XML_Parser parser);
+ static void hashTableInit(HASH_TABLE *);
+ static void hashTableDestroy(HASH_TABLE *);
+ static void hashTableIterInit(HASH_TABLE_ITER *, const HASH_TABLE *);
+@@ -370,6 +377,7 @@
+   enum XML_ParamEntityParsing m_paramEntityParsing;
+   XML_Parser m_parentParser;
+ #endif
++  unsigned long m_hash_secret_salt;
+ } Parser;
+ 
+ #define userData (((Parser *)parser)->m_userData)
+@@ -449,6 +457,7 @@
+ #define parentParser (((Parser *)parser)->m_parentParser)
+ #define paramEntityParsing (((Parser *)parser)->m_paramEntityParsing)
+ #endif /* XML_DTD */
++#define hash_secret_salt (((Parser *)parser)->m_hash_secret_salt)
+ 
+ #ifdef _MSC_VER
+ #ifdef _DEBUG
+@@ -527,6 +536,7 @@
+   parentParser = 0;
+   paramEntityParsing = XML_PARAM_ENTITY_PARSING_NEVER;
+ #endif
++  hash_secret_salt = 0;
+   ns = 0;
+   poolInit(&tempPool);
+   poolInit(&temp2Pool);
+@@ -546,20 +556,6 @@
+ XML_Parser
+ xmlrpc_XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep)
+ {
+-  static
+-  const XML_Char implicitContext[] = {
+-XML_T('x'), XML_T('m'), XML_T('l'), XML_T('='),
+-XML_T('h'), XML_T('t'), XML_T('t'), XML_T('p'), XML_T(':'),
+-XML_T('/'), XML_T('/'), XML_T('w'), XML_T('w'), XML_T('w'),
+-XML_T('.'), XML_T('w'), XML_T('3'),

Bug#687672: xmlrpc-c: Embedded Expat vulnerable to CVE-2012-0876, CVE-2012-1148

2012-09-14 Thread Tyler Hicks 
Package: xmlrpc-c
Version: 1.16.33-3.1
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch

Dear Maintainer,

In Ubuntu, the attached patch was applied to achieve the following:

  * Run the tests as part of the build process
- debian/patches/FTBFS-tests.patch: Fix issues when running make check.
  Based on upstream patches.
- debian/rules: Run make check after building
  * SECURITY UPDATE: Denial of service via hash collisions (LP: #1048835)
- debian/patches/CVE-2012-0876.patch: Add random salt value to
  hash inputs. Based on upstream patch.
- CVE-2012-0876
  * SECURITY UPDATE: Denial of service via memory leak (LP: #1048835)
- debian/patches/CVE-2012-1148.patch: Properly reallocate memory.
  Based on upstream patch.
- CVE-2012-1148

Because I had to backport the patch from upstream Expat to the forked
Expat in xmlrpc-c, I enabled the tests that are ran with 'make check' to
help ensure that I didn't introduce any regressions.

The fixes for the two CVEs have since been merged in upstream xmlrpc-c
(see the patch tags for links). Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers quantal-updates
  APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500, 
'quantal')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5.0-14-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u xmlrpc-c-1.16.33/debian/rules xmlrpc-c-1.16.33/debian/rules
--- xmlrpc-c-1.16.33/debian/rules
+++ xmlrpc-c-1.16.33/debian/rules
@@ -53,6 +53,7 @@
 	dh_testdir
 	$(MAKE) CADD=-fPIC
 	( cd tools && $(MAKE) CADD=-fPIC )
+	$(MAKE) CADD=-fPIC check
 	touch build-arch-stamp
 
 build-indep: build-indep-stamp
diff -u xmlrpc-c-1.16.33/debian/changelog xmlrpc-c-1.16.33/debian/changelog
diff -u xmlrpc-c-1.16.33/debian/patches/series xmlrpc-c-1.16.33/debian/patches/series
--- xmlrpc-c-1.16.33/debian/patches/series
+++ xmlrpc-c-1.16.33/debian/patches/series
@@ -4,0 +5,3 @@
+FTBFS-tests.patch
+CVE-2012-0876.patch
+CVE-2012-1148.patch
only in patch2:
unchanged:
--- xmlrpc-c-1.16.33.orig/debian/patches/CVE-2012-0876.patch
+++ xmlrpc-c-1.16.33/debian/patches/CVE-2012-0876.patch
@@ -0,0 +1,541 @@
+Description: Prevent predictable hash collisions by using a random salt value
+ Backported from the upstream Expat sources to the embedded copy of Expat in
+ xmlrpc-c.
+Origin: backport, http://xmlrpc-c.svn.sourceforge.net/viewvc/xmlrpc-c?view=revision&revision=2391
+Index: xmlrpc-c-1.16.33/lib/expat/xmlparse/xmlparse.c
+===
+--- xmlrpc-c-1.16.33.orig/lib/expat/xmlparse/xmlparse.c	2012-09-06 09:54:29.920445233 -0700
 xmlrpc-c-1.16.33/lib/expat/xmlparse/xmlparse.c	2012-09-06 11:42:34.792312153 -0700
+@@ -17,6 +17,8 @@
+ 
+ #include 
+ #include 
++#include  /* UINT_MAX */
++#include/* time() */
+ 
+ #include "xmlrpc_config.h"
+ #include "c_util.h"
+@@ -211,6 +213,8 @@
+enum XML_Error * const errorCodeP,
+const char **const errorP);
+ 
++static
++int setContext(XML_Parser parser, const XML_Char *context);
+ 
+ #define poolStart(pool) ((pool)->start)
+ #define poolEnd(pool) ((pool)->ptr)
+@@ -314,6 +318,7 @@
+   XML_Char m_namespaceSeparator;
+   enum XML_ParamEntityParsing m_paramEntityParsing;
+   XML_Parser m_parentParser;
++  unsigned long m_hash_secret_salt;
+ } Parser;
+ 
+ #define userData (((Parser *)parser)->m_userData)
+@@ -391,6 +396,7 @@
+ #define namespaceSeparator (((Parser *)parser)->m_namespaceSeparator)
+ #define parentParser (((Parser *)parser)->m_parentParser)
+ #define paramEntityParsing (((Parser *)parser)->m_paramEntityParsing)
++#define hash_secret_salt (((Parser *)parser)->m_hash_secret_salt)
+ 
+ 
+ 
+@@ -564,6 +570,39 @@
+   return pool->start;
+ }
+ 
++static unsigned long
++generate_hash_secret_salt(void)
++{
++  unsigned int seed = time(NULL) % UINT_MAX;
++  srand(seed);
++  return rand();
++}
++
++static int  /* only valid for root parser */
++startParsing(XML_Parser parser)
++{
++static
++const XML_Char implicitContext[] = {
++XML_T('x'), XML_T('m'), XML_T('l'), XML_T('='),
++XML_T('h'), XML_T('t'), XML_T('t'), XML_T('p'), XML_T(':'),
++XML_T('/'), XML_T('/'), XML_T('w'), XML_T('w'), XML_T('w'),
++XML_T('.'), XML_T('w'), XML_T('3'),
++XML_T('.'), XML_T('o'), XML_T('r'), XML_T('g'),
++XML_T('/'), XML_T('X'), XML_T('M'), XML_T('L'),
++XML_T('/'), XML_T('1'), XML_T('9'), XML_T('9'), XML_T('8'),
++XML_T('/'), XML_T('n'), XML_T('a'), XML_T('m'), XML_T('e'),
++XML_T('s'), XML_T('p'), XML_T('a'), XML_T('c'), XML_T('e'),
++XML_T('\0')
++};
++
++

Processed: Re: debian-installer: installer doesn't write /etc/crypttab for crypt+LVM

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 646704 live-installer
Bug #646704 [debian-installer] debian-installer: installer doesn't write 
/etc/crypttab for crypt+LVM
Bug reassigned from package 'debian-installer' to 'live-installer'.
Ignoring request to alter found versions of bug #646704 to the same values 
previously set
Ignoring request to alter fixed versions of bug #646704 to the same values 
previously set
> retitle 646704 live-installer: installer doesn't write /etc/crypttab for 
> crypt+LVM
Bug #646704 [live-installer] debian-installer: installer doesn't write 
/etc/crypttab for crypt+LVM
Changed Bug title to 'live-installer: installer doesn't write /etc/crypttab for 
crypt+LVM' from 'debian-installer: installer doesn't write /etc/crypttab for 
crypt+LVM'
> tags 646704 +confirmed
Bug #646704 [live-installer] live-installer: installer doesn't write 
/etc/crypttab for crypt+LVM
Added tag(s) confirmed.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
646704: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646704
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#646704: debian-installer: installer doesn't write /etc/crypttab for crypt+LVM

2012-09-14 Thread Florian Schlichting 
reassign 646704 live-installer
retitle 646704 live-installer: installer doesn't write /etc/crypttab for 
crypt+LVM
tags 646704 +confirmed
thanks


Hi,

I was able to reproduce this issue with the current stable live cd,
debian-live-6.0.4-amd64-rescue.iso, however it does not occur with
debian-wheezy-DI-b2-amd64-netinst.iso or debian-6.0.5-amd64-CD-1.iso, so
I am confident this bug is specific to installations from the live cd.

I was unable to find a live cd for wheezy or sid, though, so I am not
sure about the status of this bug wrt. the upcoming release.

I tested the installation using KVM virtual machines, the "Graphical
Install" option, and the standard "Guided - use entire disk and set up
encrypted LVM" partitioning method without further customisation. In the
"Finish the installation" step, when asked to eject the cd and reboot,
changing to a virtual console and doing

cat /target/etc/crypttab

showed 

# 

(as created by cryptsetup.preinst) instead of something along the lines
of 

vda5_crypt UUID=2f8ebff7-f096-47f8-8aae-65fee3129a2f none luks

Please reassign as appropriate,
Florian


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687598: marked as done (libvirt: CVE-2012-4423)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 21:17:56 +
with message-id 
and subject line Bug#687598: fixed in libvirt 0.9.12-5
has caused the Debian Bug report #687598,
regarding libvirt: CVE-2012-4423
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687598
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libvirt
Severity: grave
Tags: security
Justification: user security hole

This has been assigned CVE-2012-4423:
https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libvirt
Source-Version: 0.9.12-5

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 687...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther  (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 14 Sep 2012 22:35:08 +0200
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt
Architecture: source all i386
Version: 0.9.12-5
Distribution: unstable
Urgency: high
Maintainer: Debian Libvirt Maintainers 

Changed-By: Guido Günther 
Description: 
 libvirt-bin - programs for the libvirt library
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt0   - library for interfacing with different virtualization systems
 libvirt0-dbg - library for interfacing with different virtualization systems
 python-libvirt - libvirt Python bindings
Closes: 687598
Changes: 
 libvirt (0.9.12-5) unstable; urgency=high
 .
   * Setting urgency to high since it's a security only fix
   * [c0f4995] New patch security-Fix-libvirtd-crash-possibility.patch.
 Fix libvirtd crash possibility (CVE-2012-4423)
 Thanks to Martin Kletzander (Closes: #687598)
Checksums-Sha1: 
 e23a6c39a628d7cd6bb23b240a1403949e08c2ed 2276 libvirt_0.9.12-5.dsc
 345ef89809d95487151948f27364ce9fb9a76d78 36917 libvirt_0.9.12-5.debian.tar.gz
 b57b4ec59c63d1423c2bf843032335fb7d2186f1 2173792 libvirt-doc_0.9.12-5_all.deb
 7fc4ceba018facd1a86cc9e5872205b598675fea 208 libvirt-bin_0.9.12-5_i386.deb
 75b4f749e82ca26614624dbd158048dbc5799fbd 2122112 libvirt0_0.9.12-5_i386.deb
 f6b87e0dcc492407d3f8e8ab9785f5f6ba6bf978 7473766 libvirt0-dbg_0.9.12-5_i386.deb
 f201b3be1187f448dbae121820b4e0d9c8546148 2503194 libvirt-dev_0.9.12-5_i386.deb
 9ee0152d23950405b63efa2f9c0d2cc343942c14 1420456 
python-libvirt_0.9.12-5_i386.deb
Checksums-Sha256: 
 33dc630df824ca118c9817c7379a51445e2a881451188363e3bb1a6f3697bcb8 2276 
libvirt_0.9.12-5.dsc
 2491abb168e0b7f743a65bc935d9613e85286eede59ce8843c84776633e104f4 36917 
libvirt_0.9.12-5.debian.tar.gz
 fa55f628c3b87fe1be4b1ba2d08337239832840612e8181b5498eb705336a594 2173792 
libvirt-doc_0.9.12-5_all.deb
 81751ef7a275594b889acb9f0af1a8332c0476921cb6e01d6600d33c9555fb38 208 
libvirt-bin_0.9.12-5_i386.deb
 1b1482682b6d5d32c7b33c4a4905ab0b4c70493662c718652ecdee86372a3ea6 2122112 
libvirt0_0.9.12-5_i386.deb
 cd93e25d5204fb0d1d22ddfe2b4eb6e6c19e8d4cbb23c82b10104d424ad6cbcc 7473766 
libvirt0-dbg_0.9.12-5_i386.deb
 da959529cfd3fa1bbe936597aac5d17849e6bfa39cacba6cd77e23e9e8d7d473 2503194 
libvirt-dev_0.9.12-5_i386.deb
 33443b1ce9791136dc62f009e3757bf0e54f4f2b187fe2765824b7f65c33fd60 1420456 
python-libvirt_0.9.12-5_i386.deb
Files: 
 83a70b0cd02c0a72718c0099c60b452c 2276 libs optional libvirt_0.9.12-5.dsc
 0453e25ba3934182887626a21660cad3 36917 libs optional 
libvirt_0.9.12-5.debian.tar.gz
 18859ac5d8f82efa079e80ed6843df22 2173792 doc optional 
libvirt-doc_0.9.12-5_all.deb
 da7e3dc2c5d994c3c9c7754f68f87acd 208 admin optional 
libvirt-bin_0.9.12-5_i386.deb
 debbfeedb3fda8db1cf5ef2c22290494 2122112 libs optional 
libvirt0_0.9.12-5_i386.deb
 2b5bdc4a693fa0014a37a5ad6037adb5 7473766 debug extra 
libvirt0-dbg_0.9.12-5_i386.deb
 dd1988d629fdb92260a40105277407df 2503194 libdevel optional 
libvirt-dev_0.9.12-5_i386.deb
 d12e182dab4650298a67b900afaba311 1420456 python optional 
python-libvirt_0.9.12-5_i386.deb

---

Bug#617613: freecad: links with both GPL-licensed and GPL-incompatible libraries

2012-09-14 Thread Francesco Poli 
On Fri, 14 Sep 2012 16:31:21 -0400 Andres Cimmarusti wrote:

> On Thu, Apr 19, 2012 at 8:38 AM, Andres Cimmarusti
>  wrote:
> >> Fortunately Kongsberg, the company behind Coin3D, send a letter to all its 
> >> paying customer that they decided to discontinue the commercial Version 
> >> and plan to release the source under BSD. This switch and the removal of 
> >> smaller libs (e.g. PyQt) will remove all GPL dependencies of FreeCAD.
> >
> > This may be true, but their website still shows the paid and GPL
> > version. Is there any updates regarding this? It's been months since
> > this 'news'.
> 
> This change has been finally carried out!
> 
> https://bitbucket.org/Coin3D/coin/wiki/Home

Interesting news!
Thanks for informing us.

> 
> Can this bug now be closed? or do we need to wait for freecad 0.13?

I think the bug should stay open with severity serious, until a freecad
package that is actually unaffected by this issue is uploaded to the
Debian archive.
As far as I can see:

 * a new version of Coin3D, released under the terms of the 3-clause
BSD license, needs to be packaged and uploaded to the Debian archive
(relevant Debian source packages: soqt, coin3)

 * a new version of FreeCAD, without any included GPL-licensed part and
not linking with any GPL-licensed library, needs to be packaged with a
dependency on the BSD-licensed Coin3D packages and uploaded to the
Debian archive

The latter package will close this bug report in its changelog.


Maybe, in the meanwhile, the freecad Debian package maintainers may ask
the release managers to grant a wheezy-ignore tag for this bug report...


I hope this clarifies my opinion.
Thanks for your time!

Bye.

-- 
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgph9Db4tmCLb.pgp
Description: PGP signature

Bug#687062: wine64-bin: missing copyright file

2012-09-14 Thread Stephen Kitt 
Hi,

On Fri, Sep 14, 2012 at 10:57:15PM +0200, Tobias Bengfort wrote:
> I am not completely sure, but I guess the file is missing for all
> packages created from the wine source package.
> 
> I had a look at the code, but I unfortunately do not really understand
> it. I guess debian/doclink.sh is important for this bug.

The file is shipped in the libwine package, and all wine packages have
a /usr/share/doc/${package} link to /usr/share/doc/libwine. This
doesn't work for wine64-bin though since it doesn't depend (directly
or indirectly) on libwine...

Regards,

Stephen


signature.asc
Description: Digital signature

Bug#687062: wine64-bin: missing copyright file

2012-09-14 Thread Tobias Bengfort 
I am not completely sure, but I guess the file is missing for all
packages created from the wine source package.

I had a look at the code, but I unfortunately do not really understand
it. I guess debian/doclink.sh is important for this bug.



signature.asc
Description: OpenPGP digital signature

Bug#676454: marked as done (util-linux: postinst edits locally modified configuration file)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 20:48:33 +
with message-id 
and subject line Bug#676454: fixed in util-linux 2.20.1-5.2
has caused the Debian Bug report #676454,
regarding util-linux: postinst edits locally modified configuration file
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
676454: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676454
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: util-linux
Version: 2.20.1-5
Severity: serious
Justification: Policy 10.7.3

At the end of my latest upgrade from testing:

diff --git a/default/rcS b/default/rcS
index 1e360e2..a3f63ed 100644
--- a/default/rcS
+++ b/default/rcS
@@ -18,7 +18,7 @@ SULOGIN=no
 DELAYLOGIN=no
 
 # assume that the BIOS clock is set to UTC time (recommended)
-UTC=yes
+#UTC=yes # OBSOLETE; see /etc/adjtime and hwclock(8).
 
 # be more verbose during the boot process
 VERBOSE=no
 
 and what do you know ...

 [29+1]~$ fgrep -B5 -A5 OBSOLETE /var/lib/dpkg/info/util-linux.postinst
sed -i -e 's:^UTC$:LOCAL:' /etc/adjtime
else
sed -i -e 's:^LOCAL$:UTC:' /etc/adjtime
fi
if [ -f /etc/default/rcS ]; then
sed -i -e 's:^\(UTC=.*\)$:#\1 # OBSOLETE; see /etc/adjtime and 
hwclock(8).:' /etc/default/rcS
fi
fi

if [ -x /usr/sbin/update-mime ]; then
update-mime

Not good.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.3.7-custom (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages util-linux depends on:
ii  debconf [debconf-2.0]  1.5.43
ii  dpkg   1.16.3
ii  initscripts2.88dsf-22.1
ii  install-info   4.13a.dfsg.1-10
ii  libblkid1  2.20.1-5
ii  libc6  2.13-32
ii  libncurses55.9-7
ii  libselinux12.1.9-2
ii  libslang2  2.2.4-10
ii  libtinfo5  5.9-7
ii  libuuid1   2.20.1-5
ii  lsb-base   4.1+Debian4
ii  tzdata 2012c-1
ii  zlib1g 1:1.2.7.dfsg-11

util-linux recommends no packages.

Versions of packages util-linux suggests:
pn  dosfstools  3.0.12-1
pn  kbd 1.15.3-9
pn  util-linux-locales  

-- debconf information excluded


--- End Message ---
--- Begin Message ---
Source: util-linux
Source-Version: 2.20.1-5.2

We believe that the bug you reported is fixed in the latest version of
util-linux, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 676...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
David Prévot  (supplier of updated util-linux package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 09 Sep 2012 15:52:17 -0400
Source: util-linux
Binary: util-linux util-linux-locales mount bsdutils fdisk-udeb cfdisk-udeb 
libblkid1 libblkid1-udeb libblkid-dev libmount1 libmount1-udeb libmount-dev 
libuuid1 uuid-runtime libuuid1-udeb uuid-dev util-linux-udeb
Architecture: source all amd64
Version: 2.20.1-5.2
Distribution: unstable
Urgency: low
Maintainer: LaMont Jones 
Changed-By: David Prévot 
Description: 
 bsdutils   - Basic utilities from 4.4BSD-Lite
 cfdisk-udeb - Manually partition a hard drive (cfdisk) (udeb)
 fdisk-udeb - Manually partition a hard drive (fdisk) (udeb)
 libblkid-dev - block device id library - headers and static libraries
 libblkid1  - block device id library
 libblkid1-udeb - block device id library (udeb)
 libmount-dev - block device id library - headers and static libraries
 libmount1  - block device id library
 libmount1-udeb - block device id library (udeb)
 libuuid1   - Universally Unique ID library
 libuuid1-udeb - stripped down universally unique id library, for 
debian-installer (udeb)
 mount  - Tools for mounting and manipulating filesystems
 util-linux - Miscellaneous system utilities
 util-linux-locales - Locales files for util-linux
 util-linux-udeb - Miscellaneous system utilities (udeb)
 uuid-dev   - universally unique id library - headers and static li

Bug#674899: marked as done (gdm3: shows empty screen after wakeup from suspend to ram)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 22:21:26 +0200
with message-id <20120914222126.520b3...@tude.spline.inf.fu-berlin.de>
and subject line 674899 done
has caused the Debian Bug report #674899,
regarding gdm3: shows empty screen after wakeup from suspend to ram
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
674899: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674899
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gdm3
Version: 3.0.4-4
Severity: grave
Justification: renders package unusable

Hi all,

After wakeup from s2ram I again and again find gdm not showing anything 
but the empty background, not very helpful.

The only thing I found in the logs was in /var/log/gdm3/:0-greeter.log
which contained near the end
WARNING: App 'gdm-simple-greeter.desktop' respawning too quickly
WARNING: Error on restarting session managed app: Component 
'gdm-simple-greeter.desktop' crashing too quickly
and that's it.

But the greeter itself does not leave any traces AFAICS, no log file, not
information, no crash report in the dmesg/var/log/messages...

Norbert


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (499, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.4.0+ (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages gdm3 depends on:
ii  accountsservice 0.6.21-1
ii  adduser 3.113+nmu2
ii  dconf-gsettings-backend 0.12.1-1
ii  debconf [debconf-2.0]   1.5.43
ii  evilvte [x-terminal-emulator]   0.5.1-1
ii  fvwm [x-window-manager] 1:2.5.30.ds-1.1
ii  gconf2  3.2.5-1
ii  gnome-session [x-session-manager]   3.4.2-1
ii  gnome-session-bin   3.4.2-1
ii  gnome-session-fallback [x-session-manager]  3.4.2-1
ii  gnome-terminal [x-terminal-emulator]3.4.1.1-1
ii  gsettings-desktop-schemas   3.4.2-1
ii  guake [x-terminal-emulator] 0.4.2-10
ii  kterm [x-terminal-emulator] 6.2.0-46
ii  libaccountsservice0 0.6.21-1
ii  libatk1.0-0 2.4.0-2
ii  libattr11:2.4.46-7
ii  libaudit0   1:1.7.18-1.1
ii  libc6   2.13-32
ii  libcairo-gobject2   1.12.2-2
ii  libcairo2   1.12.2-2
ii  libcanberra-gtk3-0  0.28-4
ii  libcanberra00.28-4
ii  libdbus-1-3 1.5.12-1
ii  libdbus-glib-1-20.98-1
ii  libfontconfig1  2.9.0-5
ii  libfreetype62.4.9-1
ii  libgconf2-4 3.2.5-1
ii  libgdk-pixbuf2.0-0  2.26.1-1
ii  libglib2.0-02.32.3-1
ii  libglib2.0-bin  2.32.3-1
ii  libgtk-3-0  3.4.2-1
ii  libpam-modules  1.1.3-7.1
ii  libpam-runtime  1.1.3-7.1
ii  libpam0g1.1.3-7.1
ii  libpango1.0-0   1.30.0-1
ii  librsvg2-common 2.36.1-1
ii  libselinux1 2.1.9-4
ii  libupower-glib1 0.9.16-2
ii  libwrap07.6.q-23
ii  libx11-62:1.4.99.901-2
ii  libxau6 1:1.0.7-1
ii  libxdmcp6   1:1.1.1-1
ii  libxklavier16   5.2.1-1
ii  libxrandr2  2:1.3.2-2
ii  lsb-base4.1+Debian4
ii  lxsession [x-session-manager]   0.4.6.1-3
ii  lxterminal [x-terminal-emulator]0.1.11-4
ii  metacity [x-window-manager] 1:2.34.1-2
ii  mutter [x-window-manager]   3.4.1-2
ii  olvwm [x-window-manager]4.4.3.2p1.4-28
ii  openbox [x-window-manager]  3.5.0-3
ii  policykit-1-gnome   0.105-2
ii  roxterm-gtk3 [x-terminal-emulator]  2.6.3-1
ii  rxvt-unicode [x-terminal-emulator]

Processed: 674899 gdm3 -> accountservice

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 674899 accountsservice 0.6.21-2
Bug #674899 [gdm3] gdm3: shows empty screen after wakeup from suspend to ram
Bug reassigned from package 'gdm3' to 'accountsservice'.
No longer marked as found in versions gdm3/3.0.4-4.
Ignoring request to alter fixed versions of bug #674899 to the same values 
previously set
Bug #674899 [accountsservice] gdm3: shows empty screen after wakeup from 
suspend to ram
Marked as found in versions accountsservice/0.6.21-2.
> fixed 674899 0.6.21-4
Bug #674899 [accountsservice] gdm3: shows empty screen after wakeup from 
suspend to ram
Marked as fixed in versions accountsservice/0.6.21-4.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
674899: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674899
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687598: [Pkg-libvirt-maintainers] Bug#687598: libvirt: CVE-2012-4423

2012-09-14 Thread Guido Günther 
On Fri, Sep 14, 2012 at 08:25:34AM +0200, Moritz Muehlenhoff wrote:
> Package: libvirt
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> This has been assigned CVE-2012-4423:
> https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html

According to 
https://www.redhat.com/archives/libvir-list/2012-September/msg00928.html
the regression was introduced in 0.9.3 so stable isn't affected. Build
for wheezy is forthcomming.
Cheers,
 -- Guido

> 
> Cheers,
> Moritz
> 
> ___
> Pkg-libvirt-maintainers mailing list
> pkg-libvirt-maintain...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-libvirt-maintainers
> 


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#669278: (no subject)

2012-09-14 Thread Lisandro Damián Nicanor Pérez Meyer 
Control: reassign -1 libqt4-dbus
Control: tag -1 pending

The real cause of this problem is the circular dependency of qdbus and libqt4-
dbus.

The root of this problem comes from the switch to multiarch of Qt4. qdbus (an 
application) used to be part of the libqt4-dbus package, which also included 
the library itself.

When the switch to M-A was done, qdbus had to be packaged in a separate 
package. There are some apps that depend on libqt4-dbus in order to have qdbus 
at hand (and a lot of them just got qdbus because they linked against libqt4-
dbus). In order to avoid a transition, which we could not do in time for the 
freeze, we made libqt4-dbus depend on qdbus. But qdbus itself links against 
libqt4-dbus, and so the circular dependency appeared.

At first there seemed to be no problems at all, as the upgrades in Sid/Wheezy 
went smooth. But it turned out that apt in Squeeze can't handle this cleanly, 
thus generating this bug.

We have fixed the circular dependency by adding another package (more details 
in qt4-x11's changelog to come).

I will now send an unblock pre-approval mail to the RT to see if they would 
accept this change and get this bug solved.

Kinds regards, Lisandro.

-- 
La ciencia sin la religión es renga, la religión sin la ciencia es ciega.
 Albert Einstein

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#617613: freecad: links with both GPL-licensed and GPL-incompatible libraries

2012-09-14 Thread Andres Cimmarusti 
On Thu, Apr 19, 2012 at 8:38 AM, Andres Cimmarusti
 wrote:
>> Fortunately Kongsberg, the company behind Coin3D, send a letter to all its 
>> paying customer that they decided to discontinue the commercial Version and 
>> plan to release the source under BSD. This switch and the removal of smaller 
>> libs (e.g. PyQt) will remove all GPL dependencies of FreeCAD.
>
> This may be true, but their website still shows the paid and GPL
> version. Is there any updates regarding this? It's been months since
> this 'news'.

This change has been finally carried out!

https://bitbucket.org/Coin3D/coin/wiki/Home

Can this bug now be closed? or do we need to wait for freecad 0.13?

Andres


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#678786: Build successful

2012-09-14 Thread Kai Lüke 
Same here. It worked well. Lucas, can you say if later there was an
other rebuild of the archive that worked well with the current version?
(afaik nothing changed)

Maybe this bug should be closed now.
Greets


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: tagging 686635

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 686635 + patch
Bug #686635 [libticonv] libticonv: wrong license information in debian/copyright
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
686635: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686635
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#627508: conflicting binary path for dconf and d-conf

2012-09-14 Thread Kai Lüke 
As far as only one file is causing the conflict, I think we would have a
possible solution without renaming the whole package.
Because confdumper doesn't start with dconf it might confuse old dconf
users. So what about dconf.py? (Yes, it's ugly.) Or maybe dconfig is better?
But this would also need renaming the "which('dconf')" part and usage
info in the python file as well as the Make file and manpage.
Any complains?
Greetings,
Kai


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: found 685810 in live-tools/3.0.9-1, found 684964 in citadel/8.14-1

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 685810 live-tools/3.0.9-1
Bug #685810 [live-tools] live-tools: fails to upgrade from testing - diversion 
conflict
The source live-tools and version 3.0.9-1 do not appear to match any binary 
packages
Marked as found in versions live-tools/3.0.9-1.
> found 684964 citadel/8.14-1
Bug #684964 [citadel-server] citadel-server: world writable config file: 
/etc/citadel/netconfigs/7
Marked as found in versions citadel/8.14-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
684964: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684964
685810: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685810
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687657: vlc: copyright file missing after squeeze->wheezy upgrade

2012-09-14 Thread Andreas Beckmann 
Package: vlc
Version: 2.0.3-2
Severity: serious
Justification: Policy 12.5
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 vlc/2.0.3-2

Hi,

during a test with piuparts I noticed that the copyright file of your
package is missing after an upgrade from squeeze to wheezy.


Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: vlc: copyright file missing after squeeze->wheezy upgrade

2012-09-14 Thread Debian Bug Tracking System 
Processing control commands:

> found -1 vlc/2.0.3-2
Bug #687657 [vlc] vlc: copyright file missing after squeeze->wheezy upgrade
The source vlc and version 2.0.3-2 do not appear to match any binary packages
Marked as found in versions vlc/2.0.3-2.

-- 
687657: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687657
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686635: libticonv: wrong license information in debian/copyright

2012-09-14 Thread Tobias Bengfort 
I converted the debian/copyright file to the new machiene readable dep5
format and added per-file copyright information.

diff is attached
diff -u libticonv-1.1.0/debian/copyright libticonv-1.1.0/debian/copyright
--- libticonv-1.1.0/debian/copyright
+++ libticonv-1.1.0/debian/copyright
@@ -1,16 +1,33 @@
-This package was created by Romain LIEVIN  on
-Sun, 14 Jul 2002 11:58:51 +0200.
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: libticonv
+Upstream-Contact: Romain Liévin 
+Source: http://sourceforge.net/project/showfiles.php?group_id=18378
 
-It was downloaded from
-http://sourceforge.net/project/showfiles.php?group_id=18378
+Files: *
+Copyright: 1999-2006 TiLP team 
+License: GPL-2
 
-Upstream Author: Romain LIEVIN 
+Files: src/charset.c src/filename.c src/tokens.c src/ticonv.c
+Copyright: 2006 Romain Lievin and Kevin Kofler
+License: GPL-2+
 
-Copyright:
+Files: src/charset.h
+Copyright: 2006 Kevin Kofler
+License: GPL-2+
 
-This software is copyright (c) 2007 by Romain LIEVIN.
+Files: src/export4.h
+Copyright: 1999-2005 Romain Lievin
+License: GPL-2+
 
-You are free to distribute this software under the terms of the GNU Lesser
-General Public License.
-On Debian systems, the complete text of the GNU Lesser General Public License
-can be found in /usr/share/common-licenses/LGPL file.
+Files: src/stdints4.h
+Copyright: 1999-2005  Romain Lievin
+   2006 Tyler Cassidy
+License: GPL-2+
+
+Files: src/ticonv.h
+Copyright: 1999-2006 Romain Lievin and Kevin Kofler
+License: GPL-2+
+
+Files: debian/*
+Copyright: Copyright 2012 Krzysztof Burghardt 
+License: GPL-2+
diff -u libticonv-1.1.0/debian/changelog libticonv-1.1.0/debian/changelog
--- libticonv-1.1.0/debian/changelog
+++ libticonv-1.1.0/debian/changelog
@@ -1,3 +1,10 @@
+libticonv (1.1.0-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix debian/copyright and update it to dep5 (Closes: #686635)
+
+ -- Tobias Bengfort   Fri, 14 Sep 2012 19:08:19 +0200
+
 libticonv (1.1.0-1) unstable; urgency=low
 
   * Initial release. (Closes: #503103)

Processed: xmame-sdl,xmame-x: copyright file missing after squeeze->wheezy upgrade

2012-09-14 Thread Debian Bug Tracking System 
Processing control commands:

> found -1 mame/0.146-2
Bug #687654 [xmame-sdl,xmame-x] xmame-sdl,xmame-x: copyright file missing after 
squeeze->wheezy upgrade
Marked as found in versions mame/0.146-2.

-- 
687654: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687654
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687654: xmame-sdl,xmame-x: copyright file missing after squeeze->wheezy upgrade

2012-09-14 Thread Andreas Beckmann 
Package: xmame-sdl,xmame-x
Version: 0.146-2
Severity: serious
Justification: Policy 12.5
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 mame/0.146-2

Hi,

during a test with piuparts I noticed that the copyright file of your
package is missing after an upgrade from squeeze to wheezy.


Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687462: marked as done (wims: fails to install: post-installation script returned error exit status 2)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 17:19:23 +
with message-id 
and subject line Bug#687462: fixed in wims 4.04-2
has caused the Debian Bug report #687462,
regarding wims: fails to install: post-installation script returned error exit 
status 2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687462: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687462
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wims
Version: 4.04-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package wims.
  (Reading database ... 27283 files and directories currently installed.)
  Unpacking wims (from .../archives/wims_4.04-1_amd64.deb) ...
  Adding system user `wims' (UID 102) ...
  Adding new group `wims' (GID 105) ...
  Adding new user `wims' (UID 102) with group `wims' ...
  Not creating home directory `/var/lib/wims'.
  Adding system user `nowims' (UID 103) ...
  Adding new group `nowims' (GID 106) ...
  Adding new user `nowims' (UID 103) with group `nowims' ...
  Not creating home directory `/'.
  Processing triggers for wims-modules ...
  Indexed 18 modules.
  Indexed 0 cn sheets.
  Indexed 27 en sheets.
  Indexed 0 es sheets.
  Indexed 366 fr sheets.
  Indexed 28 it sheets.
  Indexed 48 nl sheets.
  oefdoc.pl en
  oefdoc.pl fr
  oefdoc.pl cn
  oefdoc.pl nl
  oefdoc.pl it
  oefdoc.pl ca
  rm: cannot remove `../../../../public_html/gifs/symbols/20/acsrc-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/acsrc-v.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/acsrcR-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/acsrcR-v.gif': 
Permission denied
  ln: failed to create symbolic link 
`../../../../public_html/gifs/symbols/20/acsrc-v.gif': File exists
  ln: failed to create symbolic link 
`../../../../public_html/gifs/symbols/20/acsrcR-h.gif': File exists
  ln: failed to create symbolic link 
`../../../../public_html/gifs/symbols/20/acsrcR-v.gif': File exists
  rm: cannot remove `../../../../public_html/gifs/symbols/20/and-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/and-v.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/andR-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/andR-v.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/arrow-h.gif': 
Permission denied
[... a lot more of these ...]
  rm: cannot remove `../../../../public_html/gifs/symbols/20/zener-v.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/zenerR-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/zenerR-v.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/_Zener-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/_Zener-v.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/_ZenerR-h.gif': 
Permission denied
  rm: cannot remove `../../../../public_html/gifs/symbols/20/_ZenerR-v.gif': 
Permission denied
  ./.generate: 42: ./.generate: cannot create mosaic.gif: Permission denied
  ./.generate: 46: ./.generate: cannot create _Mosaic.gif: Permission denied
  ./.generate: 54: ./.generate: cannot create ballgrey.gif: Permission denied
  ./.generate: 60: ./.generate: cannot create _Checkergrey.gif: Permission 
denied
  ./.generate: 67: ./.generate: cannot create checkergrey.gif: Permission denied
  ./.generate: 74: ./.generate: cannot create _Crossgrey.gif: Permission denied
[... a lot more of these ...]
  ./.generate: 67: ./.generate: cannot create checkerpink.gif: Permission denied
  ./.generate: 74: ./.generate: cannot create _Crosspink.gif: Permission denied
  ./.generate: 82: ./.generate: cannot create crosspink.gif: Permission denied
  ./.generate: 90: ./.generate: cannot create _Squarepink.gif: Permission denied
  ./.generate: 98: ./.generate: cannot create squarepink.gif: Permission denied
  ./.generate: 105: ./.generate: cannot create wavepink.gif: Permission denied
  dpkg: error processing wims-modules (--unpack):
   subprocess installed post-installation script returned error exit status 2
  Errors

Bug#652084: RC fixed gosmore package in mentors.debian.net

2012-09-14 Thread Kai Lüke 
Hello,
here at bug squashing in Berlin (
http://wiki.debian.org/BSP/2012/09/de/Berlin ) we have uploaded the
corrected package (as fixed by Julian Taylor in Ubuntu) to
mentors.debian.net: https://mentors.debian.net/package/gosmore
If a sponsor is found, it would close this release critical bug.
I hope that the critisism about code quality has been forwared to upstream?
Thanks in advance,
Kai


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Fails to upgrade

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 642903 serious
Bug #642903 [nodm] nodm: subprocess installed post-installation script returned 
error exit status 10
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
642903: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642903
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686524: qemu-kvm: guests won't start until input to console is made

2012-09-14 Thread Michael Tokarev 
[fixing the subject]

On 14.09.2012 16:41, Timo Weingärtner wrote:
[]
> 2012-09-14 um 14:07:44 schriebst Du:
>> On 14.09.2012 16:00, Debian Bug Tracking System wrote:
>>> Processing commands for cont...@bugs.debian.org:
 found 686524 1.1.2+dfsg-1
>>>
>>> Bug #686524 {Done: Michael Tokarev } [qemu-kvm] qemu-kvm:
>>> guests with -nographic -serial pty won't start until input to console is
>>> made
>>
>> Timo, care to send some explanations too?
>>
>> >From my side it looks like the bug is fixed in 1.1.2,
>>> I especially verified that using your reproducer.
> 
> I just tested on the server and on my notebook with
> 
> kvm -nographic -nodefaults -kernel /boot/vmlinuz-3.2.0-3-amd64 -append 
> 'console=ttyS0' -serial pty
> 
> and had the buggy behaviour.

Okay.  It indeed is not fixed.  The "problem" with reproducing
it was due to the need to have proper timings -- if you connect
to the pty console "too soon" the bug wont be visible.  It also
behaves slightly different in kvm and tcg (plain qemu) modes -
ie, it needs a bit different amount of time to wait before
connecting to the pty.

So finally, the patch I thought fixes that issue does actually
not fix it.

I did a git bisect run and determined a commit which went into
1.1.0 which introduces this bad behavour --

 http://git.qemu.org/?p=qemu.git;h=67c5322d7000fd105a926eec44bc1765b7d70bdd

So I asked the author (in the thread mentioned on top of this
bugreport) for some help about this issue.  Will see were it
wents to.  Meanwhile you can just revert this commit - it is
quite small - so that your guests will start working fine.

Pity it isn't fixed - this means headaches for users continues,
and new upload is in order too, which means more coordination
with the release team is needed.

Thank you for your patience.  Much apprecated!

/mjt


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#685397: gimp: CVE-2012-3403

2012-09-14 Thread Moritz Muehlenhoff 
Hi Ari,

On Mon, Aug 20, 2012 at 03:16:50PM +0200, Moritz Muehlenhoff wrote:
> On Mon, Aug 20, 2012 at 03:04:13PM +0200, Moritz Muehlenhoff wrote:
> > Package: gimp
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> > 
> > Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3403 for 
> > details
> > and patches.
> 
> And another issue:
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3481

While this is fixed sid, it's still open in Wheezy, since testing is frozen.

You need to either ask for an unblock (likely not welcome at this point of
the freeze) or prepare an upload for testing-proposed-updates with the
security fixes only.

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#668882: marked as done ([Sid] [scalable-cyrfonts-tex] E: Broken packages (Depends: tex-common (>= 2.00) but it is not going to be installed))

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 15:17:55 +
with message-id 
and subject line Bug#668882: fixed in scalable-cyrfonts 4.16
has caused the Debian Bug report #668882,
regarding [Sid] [scalable-cyrfonts-tex] E: Broken packages (Depends: tex-common 
(>= 2.00) but it is not going to be installed)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
668882: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668882
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: scalable-cyrfonts-tex
Version: 4.15

# apt-get install scalable-cyrfonts-tex
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 scalable-cyrfonts-tex : Depends: tex-common (>= 2.00) but it is not
going to be installed
E: Broken packages

Without this package, I am getting with my LaTeX files:

[1{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}] [2] [3
! pdfTeX error (font expansion): auto expansion is only possible with scalable
fonts.
\AtBegShi@Output ...ipout \box \AtBeginShipoutBox
  \fi \fi
l.198

!  ==> Fatal error occurred, no output PDF file produced!

 I *do* have tex-common >= 2.00:

# apt-get install tex-common
Reading package lists... Done
Building dependency tree
Reading state information... Done
tex-common is already the newest version.

# apt-cache show tex-common
Package: tex-common
Version: 3.8

P.S. I cannot ask on #debian on IRC, because ops banded together and banned me.


--- End Message ---
--- Begin Message ---
Source: scalable-cyrfonts
Source-Version: 4.16

We believe that the bug you reported is fixed in the latest version of
scalable-cyrfonts, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 668...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Zinoviev  (supplier of updated scalable-cyrfonts 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 14 Sep 2012 17:42:37 +0300
Source: scalable-cyrfonts
Binary: t1-cyrillic t1-teams t1-oldslavic scalable-cyrfonts-tex
Architecture: source all
Version: 4.16
Distribution: unstable
Urgency: low
Maintainer: Anton Zinoviev 
Changed-By: Anton Zinoviev 
Description: 
 scalable-cyrfonts-tex - Scalable Cyrillic fonts for TeX
 t1-cyrillic - A basic set of free PostScript fonts
 t1-oldslavic - OldSlavic -- a Cyrillic Type1 font with medieval design
 t1-teams   - Teams -- a PostScript font covering ASCII and basic Cyrillic
Closes: 593448 47 668882
Changes: 
 scalable-cyrfonts (4.16) unstable; urgency=low
 .
   * TeX font family renaming: fnc -> fsb (Free Schoolbook).  Closes: #593448.
   * fontinst/Makefile: updated location of texmf.cnf.  Closes: #47.
   * Bump version (4.15 => 4.16). Closes: #668882.
Checksums-Sha1: 
 1588ad3b8348e0f26220508489d7f3ec646e67fb 1055 scalable-cyrfonts_4.16.dsc
 c84a6baaf49f9e1f52bd32b9d8d51623a49b83c2 8751281 scalable-cyrfonts_4.16.tar.gz
 d7a953f0a1e25dafcf09928e6ee75a67595e04b9 3621846 t1-cyrillic_4.16_all.deb
 732835845671a7eb9c5ec5294768d6e814532ae8 105104 t1-teams_4.16_all.deb
 514e89cd36e491a6b5116c8a3bc08cb6bb2684a0 36588 t1-oldslavic_4.16_all.deb
 90ec3040b7e4009b8db0dfeb02198273925b9248 8421568 
scalable-cyrfonts-tex_4.16_all.deb
Checksums-Sha256: 
 038a554e92d7b1cc777cbbf449bba19a9cedf32516b31f95cf65694474dd2228 1055 
scalable-cyrfonts_4.16.dsc
 55ae342c200ba4045497f0582f08e55f5e312c769d4b5e0876fc5dfa834100e2 8751281 
scalable-cyrfonts_4.16.tar.gz
 ac103538ea55b80e83ab37b2e7a73cd59e181dfda856d1c285446cc94ef8a4f0 3621846 
t1-cyrillic_4.16_all.deb
 5a78238d1a633b49a284f551b13d32743030076da219b7745102a711d9bea3ef 105104 
t1-teams_4.16_all.deb
 62641ef1e8f2ed4545cdaf78bac04c1cce214e5f2850d65723c09e82044b708f 36588 
t1-oldslavic_4.16_all.deb
 dd330ad89641006d340d0074cbb208b4f719935fb93c5df62a0949123687cc45 8421568 
sca

Bug#666647: marked as done (scalable-cyrfonts: FTBFS: cp: cannot stat `/etc/texmf/texmf.cnf': No such file or directory)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 15:17:55 +
with message-id 
and subject line Bug#47: fixed in scalable-cyrfonts 4.16
has caused the Debian Bug report #47,
regarding scalable-cyrfonts: FTBFS: cp: cannot stat `/etc/texmf/texmf.cnf': No 
such file or directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
47: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=47
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: scalable-cyrfonts
Version: 4.15
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20120331 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part:
> make[2]: Entering directory `/«PKGBUILDDIR»/fontinst'
> cp ../t2/cyrfinst/6r.etx ../t2/cyrfinst/lcy-hi.etx ../t2/cyrfinst/lcy.etx 
> ../t2/cyrfinst/ot2.etx ../t2/cyrfinst/t2a.etx ../t2/cyrfinst/t2b.etx 
> ../t2/cyrfinst/t2c.etx ../t2/cyrfinst/x2.etx 
> ../t2/cyrfinst/derivatives/lcyc.etx ../t2/cyrfinst/derivatives/lcyci.etx 
> ../t2/cyrfinst/derivatives/lcycij.etx ../t2/cyrfinst/derivatives/lcycj.etx 
> ../t2/cyrfinst/derivatives/lcyctt.etx ../t2/cyrfinst/derivatives/lcyi.etx 
> ../t2/cyrfinst/derivatives/lcyij.etx ../t2/cyrfinst/derivatives/lcyitt.etx 
> ../t2/cyrfinst/derivatives/lcyj.etx ../t2/cyrfinst/derivatives/lcytt.etx 
> ../t2/cyrfinst/derivatives/ot2c.etx ../t2/cyrfinst/derivatives/ot2cj.etx 
> ../t2/cyrfinst/derivatives/ot2i.etx ../t2/cyrfinst/derivatives/ot2ij.etx 
> ../t2/cyrfinst/derivatives/ot2j.etx ../t2/cyrfinst/derivatives/t2ac.etx 
> ../t2/cyrfinst/derivatives/t2acj.etx ../t2/cyrfinst/derivatives/t2ai.etx 
> ../t2/cyrfinst/derivatives/t2aij.etx ../t2/cyrfinst/derivatives/t2aj.etx 
> ../t2/cyrfinst/derivatives/t2bc.etx ../t2/cyrfinst/derivatives/t2bcj.etx 
> ../t2/cyrfinst/derivatives/t2bi.etx ../t2/cyrfinst/derivatives/t2bij.etx 
> ../t2/cyrfinst/derivatives/t2bj.etx ../t2/cyrfinst/derivatives/t2cc.etx 
> ../t2/cyrfinst/derivatives/t2ccj.etx ../t2/cyrfinst/derivatives/t2ci.etx 
> ../t2/cyrfinst/derivatives/t2cij.etx ../t2/cyrfinst/derivatives/t2cj.etx 
> ../t2/cyrfinst/derivatives/x2c.etx ../t2/cyrfinst/derivatives/x2cj.etx 
> ../t2/cyrfinst/derivatives/x2i.etx ../t2/cyrfinst/derivatives/x2ij.etx 
> ../t2/cyrfinst/derivatives/x2j.etx ../t2/cyrfinst/cyrillic.mtx 
> ../t2/cyrfinst/etc/fnstcorr.tex ../t2/cyrfinst/etc/cyralias.tex .
> cp ../6r.etx . 
> cp /usr/share/fonts/type1/gsfonts/s05l.afm psyr.afm
> for j in ../texfonts/*.afm; do \
>   ../shortenafm $j >`basename $j`; \
>   done
> touch copyafms
> touch copyall
> cp /etc/texmf/texmf.cnf .
> cp: cannot stat `/etc/texmf/texmf.cnf': No such file or directory
> make[2]: *** [texmf.cnf] Error 1

The full build log is available from:
   
http://people.debian.org/~lucas/logs/2012/03/31/scalable-cyrfonts_4.15_unstable.log

A list of current common problems and possible solutions is available at 
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot.  Internet was not
accessible from the build systems.


--- End Message ---
--- Begin Message ---
Source: scalable-cyrfonts
Source-Version: 4.16

We believe that the bug you reported is fixed in the latest version of
scalable-cyrfonts, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 666...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Zinoviev  (supplier of updated scalable-cyrfonts 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 14 Sep 2012 17:42:37 +0300
Source: scalable-cyrfonts
Binary: t1-cyrillic t1-teams t1-oldslavic scalable-cyrfonts-tex
Architecture: source all
Version: 4.16
Distribution: unstable
Urgency: low
Maintainer: Anton Zinoviev 
Changed-By: Anton Zinoviev 
Description: 
 scalable-cyrfonts-tex - Scalable Cyrillic fonts for TeX
 t1-cyrillic - A basic set of free PostScript fonts
 t1-oldslavic - OldSlavic -- a Cyrillic Type1 font with medieval design
 t1-teams   - Teams -- a PostScript font covering ASCII and bas

Bug#687629: libjdic-java: please set JAVA_HOME correctly

2012-09-14 Thread Miguel Landaeta 
On Fri, Sep 14, 2012 at 02:54:26PM +0300, Konstantinos Margaritis wrote:
> Package: libjdic-java
> Version: 0.9.5-7
> Severity: Serious
> 
> Please fix that also if you plan to fix the other bugs.

I think this package should be removed from archive.

-- 
Miguel Landaeta, miguel at miguel.cc
secure email with PGP 0x6E608B637D8967E9 available at http://keyserver.pgp.com/
"Faith means not wanting to know what is true." -- Nietzsche


signature.asc
Description: Digital signature

Bug#678140: Two tiff issues: CVE-2012-2113 / CVE-2012-2088

2012-09-14 Thread Lee Garrett 
AFAICS stable is still affected by both CVEs. Can you confirm this? 
Patches are available in the Ubuntu natty version of libtiff4.



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#678140: Two tiff issues: CVE-2012-2113 / CVE-2012-2088

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> unarchive 678140
Bug #678140 {Done: Jay Berkenbilt } [tiff] Two tiff issues: 
CVE-2012-2113 / CVE-2012-2088
Unarchived Bug 678140
> found 678140 3.9.4-5+squeeze4
Bug #678140 {Done: Jay Berkenbilt } [tiff] Two tiff issues: 
CVE-2012-2113 / CVE-2012-2088
There is no source info for the package 'tiff' at version '3.9.4-5+squeeze4' 
with architecture ''
Unable to make a source version for version '3.9.4-5+squeeze4'
Marked as found in versions 3.9.4-5+squeeze4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
678140: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678140
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#657688: juman: FTBFS: cp: target `debian/juman-dic/usr/share/juman/dic' is not a directory

2012-09-14 Thread Konstantinos Margaritis 
Hi,

This package FTBFS on all arches other than i386 because binary-arch
target fails. The attached package fixes the binary-arch case.

Regards

Konstantinos
diff -ruN juman-7.0/debian/rules juman-7.0.mine/debian/rules
--- juman-7.0/debian/rules	2012-01-20 04:18:22.0 +
+++ juman-7.0.mine/debian/rules	2012-09-14 15:39:39.582795998 +
@@ -10,9 +10,11 @@
 override_dh_auto_configure:
 	dh_auto_configure -- --libexecdir=/usr/lib --datadir=/usr/lib
 
-dicprefix=debian/juman-dic/usr/share/juman
-override_dh_auto_install:
+override_dh_auto_install-arch:
 	dh_auto_install
+
+dicprefix=debian/juman-dic/usr/share/juman
+override_dh_auto_install-indep:
 	rm -rf debian/tmp/usr/lib/juman/doc
 	dh_link -pjuman usr/share/doc/juman usr/lib/juman/doc
 	cp -p dic/*.dic $(dicprefix)/dic

Processed: Re: Processed: found 686524 in 1.1.2+dfsg-1

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reopen 686524
Bug #686524 {Done: Michael Tokarev } [qemu-kvm] qemu-kvm: 
guests with -nographic -serial pty won't start until input to console is made
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions qemu-kvm/1.1.2+dfsg-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
686524: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686524
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686524: Processed: found 686524 in 1.1.2+dfsg-1

2012-09-14 Thread Timo Weingärtner 
reopen 686524
thanks

Hallo Michael Tokarev,

2012-09-14 um 14:07:44 schriebst Du:
> On 14.09.2012 16:00, Debian Bug Tracking System wrote:
> > Processing commands for cont...@bugs.debian.org:
> >> found 686524 1.1.2+dfsg-1
> > 
> > Bug #686524 {Done: Michael Tokarev } [qemu-kvm] qemu-kvm:
> > guests with -nographic -serial pty won't start until input to console is
> > made
> 
> Timo, care to send some explanations too?
> 
> >From my side it looks like the bug is fixed in 1.1.2,
> >I especially verified that using your reproducer.

I just tested on the server and on my notebook with

kvm -nographic -nodefaults -kernel /boot/vmlinuz-3.2.0-3-amd64 -append 
'console=ttyS0' -serial pty

and had the buggy behaviour.

> Also, if you mark it as found in the version which
> is supposed to fix it, maybe it's a better idea to
> reopen the bug instead?

From the description of found: "This command will only cause a bug to be 
marked as not done [..] if the version being marked found is equal to or 
greater than the highest version marked fixed."


Grüße
Timo


signature.asc
Description: This is a digitally signed message part.

Bug#686330: mediawiki: Multiple security issues

2012-09-14 Thread Thorsten Glaser 
On Thu, 13 Sep 2012, Moritz Muehlenhoff wrote:

> On Fri, Aug 31, 2012 at 06:34:38PM +0200, Julien Cristau wrote:

> > Can't answer without a diff.
> 
> Mediawiki maintainers, what's the status?

Oh, sorry. Other stuff made me forget this for too long.

The diff between the two tarballs is over 10 MiB, although
with .gitignore files removed, using -w and removing all
Messages* files (in the hope these are really only trans‐
lation changes/fixes), it gets down to ~21K (attached).

On a quick skim, I couldn’t find anything wrong with it,
but I’m not qualified to say whether these are bugfixes
only without detailed analysis (I’m not normally doing
development on MW core code itself, more integration
work).

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-314
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Boris Esser, Sebastian Manckediff -wpruN mediawiki-1.19.1/RELEASE-NOTES-1.19 mediawiki-1.19.2/RELEASE-NOTES-1.19
--- mediawiki-1.19.1/RELEASE-NOTES-1.19	2012-06-13 20:22:38.0 +0200
+++ mediawiki-1.19.2/RELEASE-NOTES-1.19	2012-08-31 00:25:34.0 +0200
@@ -3,6 +3,19 @@
 Security reminder: MediaWiki does not require PHP's register_globals
 setting since version 1.2.0. If you have it on, turn it '''off''' if you can.
 
+== MediaWiki 1.19.2 ==
+2012-08-30
+
+This is a security release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.1 ===
+* (bug 39700) File: link to non-existing file can inject html
+* (bug 35839) Hidden block text leaking to admins
+* (bug 39184) LDAP password leakage
+* (bug 39180) Disallow framing of api results
+* (bug 37587) Enforce language codes to be html safe
+* (bug 38333) Check global blocks on account creation
+
 == MediaWiki 1.19 ==
 
 MediaWiki 1.19 is a large release that contains many new features and bug
@@ -13,6 +26,9 @@ this version.
 Our thanks go to everyone who helped to improve MediaWiki by testing the beta
 release and submitting bug reports.
 
+=== Changes since 1.19.1 ===
+* (bug 38406) Properly quote table names in DatabaseBase::tableName()
+
 === Changes since 1.19.0 ===
 * (bug 36568) Fixed "Illegal string offset 'LIMIT'" warnings in updater
 * (bug 36938) Correctly escape uselang attribute to prevent xss
diff -wpruN mediawiki-1.19.1/includes/AuthPlugin.php mediawiki-1.19.2/includes/AuthPlugin.php
--- mediawiki-1.19.1/includes/AuthPlugin.php	2012-06-13 20:22:38.0 +0200
+++ mediawiki-1.19.2/includes/AuthPlugin.php	2012-08-31 00:25:34.0 +0200
@@ -157,6 +157,15 @@ class AuthPlugin {
 	}
 
 	/**
+	 * Should MediaWiki store passwords in its local database?
+	 *
+	 * @return bool
+	 */
+	public function allowSetLocalPassword() {
+		return true;
+	}
+
+	/**
 	 * Set the given password in the authentication database.
 	 * As a special case, the password may be set to null to request
 	 * locking the password to an unusable value, with the expectation
diff -wpruN mediawiki-1.19.1/includes/DefaultSettings.php mediawiki-1.19.2/includes/DefaultSettings.php
--- mediawiki-1.19.1/includes/DefaultSettings.php	2012-06-13 20:22:38.0 +0200
+++ mediawiki-1.19.2/includes/DefaultSettings.php	2012-08-31 00:25:34.0 +0200
@@ -33,7 +33,7 @@ $wgConf = new SiteConfiguration;
 /** @endcond */
 
 /** MediaWiki version number */
-$wgVersion = '1.19.1';
+$wgVersion = '1.19.2';
 
 /** Name of the site. It must be changed in LocalSettings.php */
 $wgSitename = 'MediaWiki';
@@ -2420,6 +2420,18 @@ $wgBreakFrames = false;
 $wgEditPageFrameOptions = 'DENY';
 
 /**
+ * Disallow framing of API pages directly, by setting the X-Frame-Options
+ * header. Since the API returns CSRF tokens, allowing the results to be
+ * framed can compromise your user's account security.
+ * Options are:
+ *   - 'DENY': Do not allow framing. This is recommended for most wikis.
+ *   - 'SAMEORIGIN': Allow framing by pages on the same domain.
+ *   - false: Allow all framing.
+ */
+
+$wgApiFrameOptions = 'DENY';
+
+/**
  * Disable output compression (enabled by default if zlib is available)
  */
 $wgDisableOutputCompression = false;
diff -wpruN mediawiki-1.19.1/includes/Linker.php mediawiki-1.19.2/includes/Linker.php
--- mediawiki-1.19.1/includes/Linker.php	2012-06-13 20:22:38.0 +0200
+++ mediawiki-1.19.2/includes/Linker.php	2012-08-31 00:25:34.0 +0200
@@ -768,31 +768,31 @@ class Linker {
 	 * Make a "broken" link to an image
 	 *
 	 * @param $title Title object
-	 * @param $html String: link label in htmlescaped text form
+	 * @param $label String: link label (plain text)
 	 * @param $query String: query string
-	 * @param $trail String: link trail (HTML fragment)
-	 * @param $prefix String: link prefix (HTML fragment)
+	 * @param $unused1 Unused parameter kept for b/c
+	 * @param $unused2 Unused parameter kept for b/c
 	 * @param $time Boolean: a file of a certain timestamp was requested
 	 * @return String
 	 */
-	public static function makeBrokenImag

Bug#649068: rgmanager and resource-agents: error when trying to install together

2012-09-14 Thread Ralf Treinen 
Hello,

I have unarchived this bug since it still applies to the version of
rgmanager in testing:

Selecting previously unselected package rgmanager.
Unpacking rgmanager (from .../rgmanager_3.0.12-3.2_amd64.deb) ...
dpkg: error processing /var/cache/apt/archives/rgmanager_3.0.12-3.2_amd64.deb (-
-unpack):
 trying to overwrite '/usr/share/cluster/SAPDatabase', which is also in package 
resource-agents 1:3.9.2-5
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Processing triggers for man-db ...
Errors were encountered while processing:
 /var/cache/apt/archives/rgmanager_3.0.12-3.2_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

The upload of 3.1.8-1 has indeed fixed the bug in sid, but this is a new
upstream version which will most probably not be accepted by the RM into
testing, so this will also have to be fixed in testing.

-Ralf.
-- 
Ralf Treinen
Laboratoire Preuves, Programmes et Systèmes
Université Paris Diderot, Paris, France.
http://www.pps.univ-paris-diderot.fr/~treinen/
=> New email address: trei...@pps.univ-paris-diderot.fr <=


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687637: openvas-client-dfsg: FTBFS on all arches but i386

2012-09-14 Thread Konstantinos Margaritis 
Package: openvas-client-dfsg
Version: 20100705-4
Severity: Serious
Tags: patch

Hi,

This package FTBFS on all arches other than i386 because binary-arch
target fails. The attached package fixes those cases.

Regards

Konstantinos

-- 
Konstantinos Margaritis 
diff -ruN openvas-plugins-dfsg-20100705/debian/rules openvas-plugins-dfsg-20100705.mine/debian/rules
--- openvas-plugins-dfsg-20100705/debian/rules	2012-05-24 22:19:33.0 +
+++ openvas-plugins-dfsg-20100705.mine/debian/rules	2012-09-14 15:14:15.092796207 +
@@ -34,7 +34,7 @@
 	[ ! -f libtool ] || rm -f libtool
 	[ ! -d bin/ ] || rm -rf bin/
 
-override_dh_auto_install:
+override_dh_auto_install-arch:
 	$(MAKE) install prefix=$(tmp)/usr sysconfdir=$(tmp)/etc localstatedir=$(tmp)/var/run libdir=$(tmp)/var/lib
 # After we install we remove the plugins we want to exclude from the
 # package
@@ -46,6 +46,8 @@
 #	( cd $(tmp)/var/lib/openvas/plugins ; for file in *.nes; do \
 #		 mv $$file ../../../../usr/lib/openvas/plugins ; \
 #		 ln -s ../../../../usr/lib/openvas/plugins/$$file . ; done )
+
+override_dh_auto_install-indep:
 	cp debian/openvas-plugins-dfsg.lintian-overrides \
 		debian/openvas-plugins-dfsg/usr/share/lintian/overrides/openvas-plugins-dfsg

Processed: unarchiving 649068

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> unarchive 649068
Bug #649068 {Done: Martin Gerhard Loschwitz } 
[resource-agents,rgmanager] rgmanager and resource-agents: error when trying to 
install together
Unarchived Bug 649068
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
649068: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649068
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: fixed 649068 in rgmanager/3.1.8-1

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> fixed 649068 rgmanager/3.1.8-1
Bug #649068 [resource-agents,rgmanager] rgmanager and resource-agents: error 
when trying to install together
The source rgmanager and version 3.1.8-1 do not appear to match any binary 
packages
Marked as fixed in versions rgmanager/3.1.8-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
649068: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649068
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: found 649068 in rgmanager/3.0.12-3.2

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 649068 rgmanager/3.0.12-3.2
Bug #649068 {Done: Martin Gerhard Loschwitz } 
[resource-agents,rgmanager] rgmanager and resource-agents: error when trying to 
install together
The source rgmanager and version 3.0.12-3.2 do not appear to match any binary 
packages
Marked as found in versions rgmanager/3.0.12-3.2; no longer marked as found in 
versions rgmanager/3.0.12-3.2 and reopened.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
649068: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649068
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687370: marked as done (telepathy-gabble: sends iChat into a capability-discovery loop)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 12:18:17 +
with message-id 
and subject line Bug#687370: fixed in telepathy-gabble 0.16.1-2
has caused the Debian Bug report #687370,
regarding telepathy-gabble: sends iChat into a capability-discovery loop
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687370: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687370
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: telepathy-gabble
Version: 0.16.1-1
Severity: serious
Justification: maintainer's opinion
Tags: fixed-upstream
Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=53087

iChat has a bug in which, if it receives an error reply to a
capability-discovery ("disco") request, it will resend that request. As
long as it keeps getting errors, it will keep sending requests in a loop.

telepathy-gabble < 0.16.3 advertises the Google "camera-v1" capability
bundle, but does not respond successfully to capability-discovery
requests for it, triggering the iChat bug. This is fixed upstream in 0.16.3.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'unstable'), (500, 
'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages telepathy-gabble depends on:
ii  libc6   2.13-35
ii  libdbus-1-3 1.6.4-1
ii  libdbus-glib-1-20.100-1
ii  libglib2.0-02.32.3-1
ii  libgnutls26 2.12.20-1
ii  libnice10   0.1.2-1
ii  libsoup2.4-12.38.1-2
ii  libsqlite3-03.7.13-1
ii  libtelepathy-glib0  0.19.8-2
ii  libxml2 2.8.0+dfsg1-5

telepathy-gabble recommends no packages.

telepathy-gabble suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: telepathy-gabble
Source-Version: 0.16.1-2

We believe that the bug you reported is fixed in the latest version of
telepathy-gabble, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 687...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie  (supplier of updated telepathy-gabble package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 14 Sep 2012 12:39:01 +0100
Source: telepathy-gabble
Binary: telepathy-gabble telepathy-gabble-dbg
Architecture: amd64 i386 source
Version: 0.16.1-2
Distribution: unstable
Urgency: low
Maintainer: Debian Telepathy maintainers 

Changed-By: Simon McVittie 
Closes: 687370
Description: 
 telepathy-gabble-dbg - Jabber/XMPP connection manager (debug symbols)
 telepathy-gabble - Jabber/XMPP connection manager
Changes: 
 telepathy-gabble (0.16.1-2) unstable; urgency=low
 .
   * Add patch from 0.16.2 to fix a potential use-after-free when
 disconnecting with TLS verification channels open
   * Add patches from 0.16.3 to avoid triggering repeated capability discovery
 in iChat (Closes: #687370, LP: #984132)
Checksums-Sha1: 
 239e34dfbe2e991d0f1165c8cb5b5f2ebb060464 818200 
telepathy-gabble_0.16.1-2_i386.deb
 1f292f82c1cfaef7ad2c713e676aa5ced612f450 1950048 
telepathy-gabble-dbg_0.16.1-2_i386.deb
 8a38ed8ae33f45400aad9a09fc272b2f509c550a 2479 telepathy-gabble_0.16.1-2.dsc
 f955edfb47f7859946f00a729d029630b358704c 15581 
telepathy-gabble_0.16.1-2.debian.tar.gz
 0d38622ada39b89816fba07b65c0e95dcf05483d 815850 
telepathy-gabble_0.16.1-2_amd64.deb
 656543c81d73b6732ab09b63f397ea0355cb8113 2124860 
telepathy-gabble-dbg_0.16.1-2_amd64.deb
Checksums-Sha256: 
 242bc2dd954d07aa3b9d2675c8dd8e93cec7936d4e85a6b9de85c006927bf619 818200 
telepathy-gabble_0.16.1-2_i386.deb
 08e578be397bcc5c328966c456d846ee177768350411f2e2fe28e8d0d0bebf56 1950048 
telepathy-gabble-dbg_0.16.1-2_i386.deb
 045aaf0b52fa92e4576e661cfc99b63f3ecfc181cca98bea7a58d57f3941f29c 2479 
telepathy-gabble_0.16.1-2.dsc
 7f2a1d88afa327dabc9fab5b40bf32533c4e1388778c8b17b0a366260e3dbdd5 15581 
telepathy-gabble_0.16.1-2.debian.tar.gz
 1645c43bb459e59ea904148532154fdf856ba390d83540351963f3c5f

Bug#686524: Processed: found 686524 in 1.1.2+dfsg-1

2012-09-14 Thread Michael Tokarev 
On 14.09.2012 16:00, Debian Bug Tracking System wrote:
> Processing commands for cont...@bugs.debian.org:
> 
>> found 686524 1.1.2+dfsg-1
> Bug #686524 {Done: Michael Tokarev } [qemu-kvm] qemu-kvm: 
> guests with -nographic -serial pty won't start until input to console is made

Timo, care to send some explanations too?

>From my side it looks like the bug is fixed in
1.1.2, I especially verified that using your
reproducer.

Also, if you mark it as found in the version which
is supposed to fix it, maybe it's a better idea to
reopen the bug instead?

Thanks,

/mjt


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: found 686524 in 1.1.2+dfsg-1

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 686524 1.1.2+dfsg-1
Bug #686524 {Done: Michael Tokarev } [qemu-kvm] qemu-kvm: 
guests with -nographic -serial pty won't start until input to console is made
Marked as found in versions 1.1.2+dfsg-1/.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
686524: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686524
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687629: libjdic-java: please set JAVA_HOME correctly

2012-09-14 Thread Konstantinos Margaritis 
Package: libjdic-java
Version: 0.9.5-7
Severity: Serious

Apart from the other FTBFS bugs, this also has to be fixed (fails on
many arches), JAVA_HOME should be set to:

JAVA_HOME=/usr/lib/jvm/java-6-openjdk-$(DEB_BUILD_ARCH)

Please fix that also if you plan to fix the other bugs.

Regards

Konstantinos


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#641152: FTBFS: '.../libusb-java/usr/share/java/': No such file or directory

2012-09-14 Thread Konstantinos Margaritis 
Hi,

This package FTBFS on all arches other than amd64 because binary-arch
target fails. The attached package fixes the binary-arch case.

Regards

Konstantinos
diff -ruN libusb-java-0.8+ztex20090101/debian/rules libusb-java-0.8+ztex20090101.mine/debian/rules
--- libusb-java-0.8+ztex20090101/debian/rules	2011-09-09 20:27:38.0 +
+++ libusb-java-0.8+ztex20090101.mine/debian/rules	2012-09-14 15:16:50.762796187 +
@@ -14,19 +14,24 @@
 	echo "P=$(P)"
 
 DOCPATH=doc/html
-override_dh_auto_build:
+override_dh_auto_build-arch:
 	dh_auto_build
+	touch build-arch-stamp
+
+override_dh_auto_build-indep:
 	jar cf libusb.jar `find ch -name "*.class"`
 	[ -d $(DOCPATH) ] || mkdir -p $(DOCPATH)
 	javadoc -classpath . -d $(DOCPATH) ch.ntb.usb
-	touch $@
+	touch build-indep-stamp
 
 LIBPACKAGE=libusb-java-lib
 # /usr/bin/ld: /usr/lib/x86_64-linux-gnu/libusb.a(usb.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
-override_dh_auto_install:
+override_dh_auto_install-arch:
 	dh_install
 	[ -d $(CURDIR)/debian/$(LIBPACKAGE)/usr/lib/ ] || mkdir -p $(CURDIR)/debian/$(LIBPACKAGE)/usr/lib/
 	cp *.so* $(CURDIR)/debian/$(LIBPACKAGE)/usr/lib/
+
+override_dh_auto_install-indep:
 	cp libusb.jar $(CURDIR)/debian/libusb-java/usr/share/java/
 
 override_dh_strip:
@@ -37,7 +42,7 @@
 	[ ! -r Makefile ] || make clean
 	rm -f lib*.so.*
 	rm -rf doc
-	rm -f build-indep-stamp
+	rm -f build-arch-stamp build-indep-stamp
 
-.PHONY: build-indep-stamp
+.PHONY: build-arch-stamp build-indep-stamp

Processed: found 680291 in xml2rfc/1.36-4

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 680291 xml2rfc/1.36-4
Bug #680291 {Done: Daniel Kahn Gillmor } [xml2rfc] 
xml2rfc: fails to install, remove, distupgrade, and install again
The source xml2rfc and version 1.36-4 do not appear to match any binary packages
Marked as found in versions xml2rfc/1.36-4; no longer marked as fixed in 
versions xml2rfc/1.36-4 and reopened.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
680291: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680291
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: dh_installcatalogs: "catalog is now a conffile prompt" if the old (pre-conffile) package was removed, but not purged

2012-09-14 Thread Debian Bug Tracking System 
Processing control commands:

> found 681194 debhelper/9.20120830
Bug #681194 [debhelper] dh_installcatalogs: "catalog is now a conffile prompt" 
if the old (pre-conffile) package was removed, but not purged
The source debhelper and version 9.20120830 do not appear to match any binary 
packages
Marked as found in versions debhelper/9.20120830; no longer marked as found in 
versions debhelper/9.20120830.

-- 
681194: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681194
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: dh_installcatalogs: "catalog is now a conffile prompt" if the old (pre-conffile) package was removed, but not purged

2012-09-14 Thread Debian Bug Tracking System 
Processing control commands:

> found 681194 debhelper/9.20120830
Bug #681194 {Done: Joey Hess } [debhelper] 
dh_installcatalogs: "catalog is now a conffile prompt" if the old 
(pre-conffile) package was removed, but not purged
The source debhelper and version 9.20120830 do not appear to match any binary 
packages
Marked as found in versions debhelper/9.20120830; no longer marked as fixed in 
versions debhelper/9.20120830 and reopened.

-- 
680291: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680291
681194: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681194
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#680291: dh_installcatalogs: "catalog is now a conffile prompt" if the old (pre-conffile) package was removed, but not purged

2012-09-14 Thread Andreas Beckmann 
Control: found 681194 debhelper/9.20120830
Countrol: found 680291 xml2rfc/1.36-4

Hi Helmut,

we missed one case:

If the package contained neither conffiles nor a postrm script (example:
xml2rfc in squeeze/non-free), removal does not end in "config-files"
state but in "uninstalled" state with cruft being left around in /etc.
The new preinst does not cover this case as it sees a "first
installation" where no cleanup is done, resulting in a conffile prompt.

Can you take a look at the packages in squeeze affected by this
"transition" and check how many more (if any) fall in this overlooked
category?


Thanks

Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686346: closed by Michael Vogt (Bug#686346: fixed in apt 0.9.7.5)

2012-09-14 Thread Daniel Hartwig 
On 14 September 2012 18:43, David Kalnischkies
 wrote:
[Very nice explanation of the underlying issue and justification for
pseudo-architecture "none".]

Thanks, David.


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686346: closed by Michael Vogt (Bug#686346: fixed in apt 0.9.7.5)

2012-09-14 Thread David Kalnischkies 
On Fri, Sep 14, 2012 at 2:54 AM, Daniel Hartwig  wrote:
> On 13 September 2012 23:17, Vincent Lefevre  wrote:
>> On 2012-09-11 15:36:15 +, Debian Bug Tracking System wrote:
>>>[ David Kalnischkies ]
>>>* handle packages without a mandatory architecture (debian-policy §5.3)
>>>  by introducing a pseudo-architecture 'none' so that the small group of
>>>  users with these packages can get right of them without introducing too
>>>  much hassle for other users (Closes: #686346)
>
>> Package 'docbook-mathml' is not installed, so not removed. Did you mean 
>> 'docbook-mathml:none'?
>
> This error highlights something: the lack of architecture should not
> extend the fullname like that and interfere with locating the package.
> ?

If we have no-architecture == native on the commandline and :none isn't
native we have exactly this. It is the usual "problem" in Multi-Arch.
And not only for the commandline, but also for the the library usage itself
as Cache.FindPkg("docbook-mathml"); should NOT return the arch-less
package as it is not what is expected. Expected is that we get the native
architecture, not this useless cra^Wmp architecture (I will get back to that
in just a second).

The idea behind supporting these package at all is that I can write a
request for the release notes to include a
apt-get purge .*:none
and be done with that "architecture".

Doing this with dpkg is a bit harder and as your system is quiet likely in
a broken state we at least have a tool which can recover from that mess.

But yes, I was many times quiet near to just printing an
E: arch-less package detected. Exterminate! Exterminate! EXTERMINATE!
but I can't expect that everyone has watched Doctor Who S02x12 recently,
so the dramatic effect is mostly lost - what is left is that a system which
previously worked and was upgraded by APT ends up in a state which is
so broken that even APT refuses to help fixing it. That is not nice.


> Is there a reason for introducing this pseudo-arch. rather than using
> “I->Pkg.Arch() == 0”?

Yes there is. As I said in my previous mail these arch-less packages are
pretty useless as they form a new architecture, but that is how dpkg wants
it, so be it. This specifically means that the system we are talking about
here is broken before any package is removed as a package with an
architecture can't satisfy a dependency on a package without one
(If we don't accept arch-less packages as native, we can't let them
 satisfy dependencies in native - or anywhere else as this means these
 packages would be implicitly M-A:foreign).


And that is the problem here: A little optimization went havoc.
APT isn't seeing the unsatisfied dependencies because it doesn't
even create them (see apt-cache showpkg docbook-mathml:none)
because it hasn't seen these none-packages. That's okay if the parent
package is a != none (as we will create it later if we need them),
but for a package == none these dependencies should be created …

=== modified file 'apt-pkg/pkgcachegen.cc'
--- apt-pkg/pkgcachegen.cc  2012-09-09 19:22:54 +
+++ apt-pkg/pkgcachegen.cc  2012-09-14 10:16:35 +
@@ -922,7 +925,7 @@
// Locate the target package
pkgCache::PkgIterator Pkg = Grp.FindPkg(Arch);
// we don't create 'none' packages and their dependencies if we
can avoid it …
-   if (Pkg.end() == true && Arch == "none")
+   if (Pkg.end() == true && Arch == "none" &&
strcmp(Ver.ParentPkg().Arch(), "none") != 0)
   return true;
Dynamic DynPkg(Pkg);
if (Pkg.end() == true) {


The joy of testing in well-defined self-created environment a "feature"
which is supposed to handle quiet the opposite …
Vincent, could you mail me your status file maybe, so I can run some
real world tests on it?


> $ dpkg -C

dpkg doesn't check dependencies after it has installed packages, so you
will not see broken dependencies with it. Try it with an unpacked
docbook-mathml:none and "dpkg --configure -a" if you don't trust me
(and as usual, you shouldn't) and you will see that dpkg sees the
dependency as not satisfied.

That's why the FullName() for these packages is 'pkg:none' even though
we could easily print just 'pkg' -- it doesn't give a single hint why
a package depending on pkg(:native) isn't satisfiable by pkg(:none).
And we have the problem of needing to tell the user that we remove a
pkg(:none) while installing a pkg(:native) …
(A display issue dpkg completely ignores as you will see)

Attached is a testcase for APT to play with it.
Additional to the one included in 0.9.7.5:
test/integration/test-bug-686346-package-missing-architecture


Best regards

David Kalnischkies


test-fun-with-arch-less-packages
Description: Binary data

Bug#685171: M-A: Same package A providing and conflicting with package B

2012-09-14 Thread Johannes Schauer 
Hi,

On Fri, Sep 14, 2012 at 11:29:30AM +0200, Johannes Schauer wrote:
> I implemented this exception to a package's conflicts in dose3 and
> attached the patch.

At least planned to... Patch is attached now, sorry.

cheers, josch
>From 9e164a2d2b449ad0a5fd4ea1cacc80015032e56f Mon Sep 17 00:00:00 2001
From: josch 
Date: Fri, 14 Sep 2012 11:15:23 +0200
Subject: [PATCH] fix regression from fixing bug#685171

---
 deb/debcudf.ml |   27 +--
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/deb/debcudf.ml b/deb/debcudf.ml
index c428954..937390d 100644
--- a/deb/debcudf.ml
+++ b/deb/debcudf.ml
@@ -380,12 +380,27 @@ let tocudf tables ?(options=default_options) ?(inst=false) pkg =
 in
 sc :: masc 
   in
-  let multiarchconflicts =
-List.flatten (
-  List.map (fun arch ->
-add_arch_l options.native arch (loadl tables originalconflicts)
-  ) (options.native::options.foreign)
-)
+  let multiarchconflicts = match pkg.multiarch with
+|`Same ->
+(* for all conflicts B of a M-A: Same package A, check if B is also
+   provided by A. If yes, then only conflict with B in the
+   architecture of A. See bug#685171 and
+   https://lists.debian.org/deity/2012/09/msg00077.html *)
+List.fold_left (fun res c ->
+  if List.mem c pkg.provides then
+(* this conflict is also provided by this package *)
+(add_arch_l options.native pkgarch (loadl tables [c]))@res
+  else
+(* conflict with all architectures *)
+List.fold_left (fun res arch ->
+  (add_arch_l options.native arch (loadl tables [c]))@res
+) res (options.native::options.foreign)
+) [] originalconflicts
+|_ ->
+(* conflicts of other packages must conflict with all architectures *)
+List.fold_left (fun res arch ->
+  (add_arch_l options.native arch (loadl tables originalconflicts))@res
+) [] (options.native::options.foreign)
   in
   multiarchconflicts @ multiarchconstraints
 in
-- 
1.7.10

Bug#681812: marked as done (openarena-server: segfaults when a client is requesting a callvote to kick another player)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 10:18:43 +
with message-id 
and subject line Bug#681812: fixed in openarena 0.8.8-7
has caused the Debian Bug report #681812,
regarding openarena-server: segfaults when a client is requesting a callvote to 
kick another player
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
681812: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681812
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openarena-server
Version: 0.8.8-5
Severity: normal

Dear Maintainer,

as i have hinted in my last report to #664637, there are at least two
different kind of bugs which can lead to a server crash.

This one is reproducible with Debian's standard configuration. 

*How to reproduce the crash?*

1. Join the server and open the ingame console with Shift+ESC or ~.
2. Ask for a vote to kick a non-existing player on the server like

\callvote kick pullo

if pullo is a player who does not play on the server.

3. Result: Segmentation Fault and server crash

The crash always occurs if the callvote name differs from the actual player
names.

If you ask for a callvote and if you leave the field for the player
name blank, then the following message can be found in the log file.

NET_CompareBaseAdr: bad address type

As far as i can tell the "clientkick id"-command, which you can use
from the ingame menu, works as intended. 

*Quick solution*

Disable the vote option to kick a player from the server in
/etc/openarena-server/server.cfg. The default value is:

set g_voteNames 
"/map_restart/nextmap/map/g_gametype/kick/clientkick/g_doWarmup/timelimit/fraglimit/shuffle"
 

If you remove "kick" from the line the callvote option to kick another
player is disabled and nobody can crash the server anymore.

set g_voteNames 
"/map_restart/nextmap/map/g_gametype/clientkick/g_doWarmup/timelimit/fraglimit/shuffle"
 

*Attachments*

I've attached my debug log files and the backtrace from gdb. It seems
that the if-condition in code/game/g_cmds.c line 1818 is never true
although the player doesn't exist. Somehow the server doesn't check
carefully enough if a player exists or not. 

Kind regards
Markus Koschany

-- System Information:
Debian Release: 6.0.5
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.24 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openarena-server depends on:
ii  adduser   3.112+nmu2 add and remove users and groups
ii  ioquake3-server   1.36+svn2287-1 Standalone server for ioQuake3 bas
ii  libc6 2.11.3-3   Embedded GNU C Library: Shared lib
ii  openarena-081-maps0.8.5split-2   OpenArena game data - maps from 0.
ii  openarena-081-misc0.8.5split-2   OpenArena game data - miscellaneou
ii  openarena-081-players 0.8.5split-2   OpenArena game data - player graph
ii  openarena-081-players-mat 0.8.5split-2   OpenArena game data - "mature" pla
ii  openarena-081-textures0.8.5split-2   OpenArena game data - textures fro
ii  openarena-085-data0.8.5split-2   OpenArena game data - 0.8.5 update
ii  openarena-088-data0.8.8-1OpenArena game data
ii  openarena-data0.8.5-3OpenArena game data

openarena-server recommends no packages.

openarena-server suggests no packages.

Versions of packages ioquake3-server depends on:
ii  libc6   2.11.3-3 Embedded GNU C Library: Shared lib
ii  zlib1g  1:1.2.3.4.dfsg-3 compression library - runtime

-- Configuration Files:
/etc/default/openarena-server changed [not included]
/etc/init.d/openarena-server changed [not included]
/etc/openarena-server/server.cfg changed [not included]

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: openarena
Source-Version: 0.8.8-7

We believe that the bug you reported is fixed in the latest version of
openarena, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 681...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie  (supplier of updated openarena package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
adm

Processed: user debian...@lists.debian.org, usertagging 687534, found 687534 in 5.1.7-1 ...

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was deb...@abeckmann.de).
> usertags 687534 piuparts
There were no usertags set.
Usertags are now: piuparts.
> found 687534 5.1.7-1
Bug #687534 {Done: Mattias Ellert } [bdii] bdii: 
configuration files does not preserve local changes
Marked as found in versions bdii/5.1.7-1.
> notfound 687469 0.8.8.1
Bug #687469 [greylistd] greylistd: fails to upgrade from sid: insserv: script 
greylistd: service greylist already provided!
No longer marked as found in versions 0.8.8.1/.
> found 687469 greylistd/0.8.8.1
Bug #687469 [greylistd] greylistd: fails to upgrade from sid: insserv: script 
greylistd: service greylist already provided!
The source greylistd and version 0.8.8.1 do not appear to match any binary 
packages
Marked as found in versions greylistd/0.8.8.1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
687469: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687469
687534: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687534
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#685171: M-A: Same package A providing and conflicting with package B

2012-09-14 Thread Johannes Schauer 
Hi,

On Thu, Sep 13, 2012 at 04:26:03PM -0700, Russ Allbery wrote:
> None of this language has, as yet, been updated for multiarch, but I
> think it makes logical sense for a M-A: same package to be
> coinstallable even if it Conflicts with its own package name or a
> virtual package it Provides, by extension from the intention of this
> construct without multiarch.

I implemented this exception to a package's conflicts in dose3 and
attached the patch. I therefor also sent this email to Pietro Abate.

I also sent it to bug#685171 because it fixes the regression introduced
by a fix for it.

Dose3 behaviour for cross compilation (which often requires
co-installation of linux-libc-dev) is now again the same as apt.

Thanks for your clarifications!

cheers, josch


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687534: marked as done (bdii: configuration files does not preserve local changes)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 09:18:10 +
with message-id 
and subject line Bug#687534: fixed in bdii 5.2.13-1
has caused the Debian Bug report #687534,
regarding bdii: configuration files does not preserve local changes
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687534: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687534
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: freeze-exception

unblock bdii/5.2.12-1

Hi!

The bdii package was removed from testing due to an RC bug, together
with the packages that depends on it. The 5.2.12-1 update fixes the RC
bug (bug #663444). I would like to request a freeze exception for this
update to allow the bdii package and the packages depending on it to be
part of the release.

Mattias



smime.p7s
Description: S/MIME cryptographic signature
--- End Message ---
--- Begin Message ---
Source: bdii
Source-Version: 5.2.13-1

We believe that the bug you reported is fixed in the latest version of
bdii, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 687...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattias Ellert  (supplier of updated bdii package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 13 Sep 2012 22:44:51 +0200
Source: bdii
Binary: bdii
Architecture: source all
Version: 5.2.13-1
Distribution: unstable
Urgency: low
Maintainer: Mattias Ellert 
Changed-By: Mattias Ellert 
Description: 
 bdii   - Berkeley Database Information Index (BDII)
Closes: 687534
Changes: 
 bdii (5.2.13-1) unstable; urgency=low
 .
   * New upstream release
   * Use ucf to keep track of conf file changes (Closes: #687534)
Checksums-Sha1: 
 59b1b89ddcf18ab74b4f25375faf747f793c2fbf 1858 bdii_5.2.13-1.dsc
 3c6985d2fc662fc2f9870cafe66a71b7726cf0c2 23690 bdii_5.2.13.orig.tar.gz
 c83c67952c7ae893c91d7a900388295c4fa12ba8 4253 bdii_5.2.13-1.debian.tar.gz
 faf4f94a50842f9131e6d69b5448744c44f93ce9 17142 bdii_5.2.13-1_all.deb
Checksums-Sha256: 
 cea31cb730b19d298fa6d8af19e606aeaf3bdb319382a2ffe881f3341176580a 1858 
bdii_5.2.13-1.dsc
 371553b32e65fdc3d54d6ddea76973d00f238c6a1e0d8ed9a3550c744245df6e 23690 
bdii_5.2.13.orig.tar.gz
 fa3832c284209f3713a3e3e8f41f59a3f0a8d2afc72fc3c5d0421fd4b231e7dd 4253 
bdii_5.2.13-1.debian.tar.gz
 10736c90d79995d52412e7b4748e188c21d773e212ece69ecc242045eddd6ef8 17142 
bdii_5.2.13-1_all.deb
Files: 
 2abb603bfadc3c69df4746d183c10cb0 1858 net optional bdii_5.2.13-1.dsc
 c3dbc1bb68cf104fc21554adb9fd6c44 23690 net optional bdii_5.2.13.orig.tar.gz
 5648e077f8fd65ae10d990206f6fa0ec 4253 net optional bdii_5.2.13-1.debian.tar.gz
 6741572ddc33c691780b628e7ecfc099 17142 net optional bdii_5.2.13-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQUvDDAAoJEOiuwv874alL9cMP/3Re+jUdYa6kT/8yDZzHslU5
qKMhieIfSMvgtl2inXtsLjR+ln+nogaZqogAkvvqzvNjWhmSHpCfq9aR4/mjqqM7
X0dZe+Yo9u/VAkGnTnRevp+XA03DF2jCo1B4vBdgdDGQdaQPyWxr6w737dsikg5q
qEYso2AN14elqQ0/QEMo7uP+MN7ei0DS2Gk3LNJrg51dtRruIvvQOAGQO9kQy7cE
IQD1RoC//L7oKgosFhAPojpiMGHL4pQRpezFEKNFUEY26vbKNASFUvBhGT5E186X
r+xiPqf1YOB2dL0VKktJQn7DGLnCBInDXLEIr5R+LBjV7ip/ef+3KAD6/L01bhYu
v7wHX+0NnIYARu1MHWMCxNMJlGj5p7h/CmVoacZZt4ngUvJlw4/gwqm/9w2wko+r
84jRrbcfJsHnHeGA3PgZl4QR4LBSWx5ZGjf/a/3xH6d1cY2QHwEeuNWE53+eZiaN
OVX6rjAFoQOlJcJsy92rvVz2PrH1URIw9xPqNKxoFsX0Q/giRXT/MiOmaefr2SKa
8HC/sa0jgHv9zkxXrXmKANi/5Ybi8Ro9zvWToZEPPUWu6NQKN9XeKwwS+R8uo8NG
vHr29mZPsvU9AUrfpvPKSIMjQtK5tCmZ9Yc/+BGhgXSmmQGEnchTTkA4v5dNqprK
fNWHOljvZY/yMtVunJiF
=tmKT
-END PGP SIGNATURE End Message ---

Processed: found 687534 in bdii/5.2.12-2

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # Adding found version as it does not affect stable
> found 687534 bdii/5.2.12-2
Bug #687534 [bdii] bdii: configuration files does not preserve local changes
Marked as found in versions bdii/5.2.12-2.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
687534: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687534
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686346: closed by Michael Vogt (Bug#686346: fixed in apt 0.9.7.5)

2012-09-14 Thread Vincent Lefevre 
On 2012-09-14 10:45:34 +0800, Daniel Hartwig wrote:
> On 14 September 2012 09:50, Vincent Lefevre  wrote:
> >> $ apt-cache policy docbook-mathml
> 
> >> $ apt-cache policy docbook-mathml:*
> 
> >> $ dpkg -s docbook-mathml
> >
> > Package: docbook-mathml
> > Status: install ok installed
> 
> >> $ dpkg -C
> >
> > The following packages are missing the md5sums control file in the
> > database, they need to be reinstalled:
> >  kernel-image-2.6.12-20050829 Linux kernel binary image for version 
> > 2.6.12-2005
> >  libgdbmg1GNU dbm database routines (runtime version)
> >  libnewt0 Not Erik's Windowing Toolkit - text mode windowing 
> > with s
> 
> Is this with docbook-xml not installed?  I had meant to check those
> commands without docbook-xml, as per your previous indication that the
> system didn't know of the broken dependency.

Yes all this is with docbook-xml not installed:

$ dpkg -s docbook-xml
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 5236 package 
'inn2':
 missing architecture
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 8395 package 
'libgdbmg1':
 missing architecture
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 10869 
package 'libnewt0':
 missing architecture
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 13136 
package 'docbook-mathml':
 missing architecture
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 30636 
package 'inn2-inews':
 missing architecture
dpkg-query: package 'docbook-xml' is not installed and no information is 
available
Use dpkg --info (= dpkg-deb --info) to examine archive files,
and dpkg --contents (= dpkg-deb --contents) to list their contents.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#687604: libkdtree++-dev: kdtree headers are unusable on gcc 4.7.1

2012-09-14 Thread Sylvain Joyeux 
Package: libkdtree++-dev
Version: 0.7.0-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

kdtree.hpp has an error at line 1166. _M_construct_node needs the this-> prefix
with the version of gcc that is in unstable

The exact error is:

/usr/include/kdtree++/kdtree.hpp:1166:10: note: declarations in dependent base
‘KDTree::_Alloc_base > >’ are not found by
unqualified lookup

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (200, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#681812: marked as done (openarena-server: segfaults when a client is requesting a callvote to kick another player)

2012-09-14 Thread Debian Bug Tracking System 
Your message dated Fri, 14 Sep 2012 07:32:45 +
with message-id 
and subject line Bug#681812: fixed in openarena 0.8.8-5+deb7u1
has caused the Debian Bug report #681812,
regarding openarena-server: segfaults when a client is requesting a callvote to 
kick another player
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
681812: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681812
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openarena-server
Version: 0.8.8-5
Severity: normal

Dear Maintainer,

as i have hinted in my last report to #664637, there are at least two
different kind of bugs which can lead to a server crash.

This one is reproducible with Debian's standard configuration. 

*How to reproduce the crash?*

1. Join the server and open the ingame console with Shift+ESC or ~.
2. Ask for a vote to kick a non-existing player on the server like

\callvote kick pullo

if pullo is a player who does not play on the server.

3. Result: Segmentation Fault and server crash

The crash always occurs if the callvote name differs from the actual player
names.

If you ask for a callvote and if you leave the field for the player
name blank, then the following message can be found in the log file.

NET_CompareBaseAdr: bad address type

As far as i can tell the "clientkick id"-command, which you can use
from the ingame menu, works as intended. 

*Quick solution*

Disable the vote option to kick a player from the server in
/etc/openarena-server/server.cfg. The default value is:

set g_voteNames 
"/map_restart/nextmap/map/g_gametype/kick/clientkick/g_doWarmup/timelimit/fraglimit/shuffle"
 

If you remove "kick" from the line the callvote option to kick another
player is disabled and nobody can crash the server anymore.

set g_voteNames 
"/map_restart/nextmap/map/g_gametype/clientkick/g_doWarmup/timelimit/fraglimit/shuffle"
 

*Attachments*

I've attached my debug log files and the backtrace from gdb. It seems
that the if-condition in code/game/g_cmds.c line 1818 is never true
although the player doesn't exist. Somehow the server doesn't check
carefully enough if a player exists or not. 

Kind regards
Markus Koschany

-- System Information:
Debian Release: 6.0.5
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.24 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openarena-server depends on:
ii  adduser   3.112+nmu2 add and remove users and groups
ii  ioquake3-server   1.36+svn2287-1 Standalone server for ioQuake3 bas
ii  libc6 2.11.3-3   Embedded GNU C Library: Shared lib
ii  openarena-081-maps0.8.5split-2   OpenArena game data - maps from 0.
ii  openarena-081-misc0.8.5split-2   OpenArena game data - miscellaneou
ii  openarena-081-players 0.8.5split-2   OpenArena game data - player graph
ii  openarena-081-players-mat 0.8.5split-2   OpenArena game data - "mature" pla
ii  openarena-081-textures0.8.5split-2   OpenArena game data - textures fro
ii  openarena-085-data0.8.5split-2   OpenArena game data - 0.8.5 update
ii  openarena-088-data0.8.8-1OpenArena game data
ii  openarena-data0.8.5-3OpenArena game data

openarena-server recommends no packages.

openarena-server suggests no packages.

Versions of packages ioquake3-server depends on:
ii  libc6   2.11.3-3 Embedded GNU C Library: Shared lib
ii  zlib1g  1:1.2.3.4.dfsg-3 compression library - runtime

-- Configuration Files:
/etc/default/openarena-server changed [not included]
/etc/init.d/openarena-server changed [not included]
/etc/openarena-server/server.cfg changed [not included]

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: openarena
Source-Version: 0.8.8-5+deb7u1

We believe that the bug you reported is fixed in the latest version of
openarena, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 681...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie  (supplier of updated openarena package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact t

Bug#681812: openarena-server: segfaults when a client is requesting a callvote to kick another player

2012-09-14 Thread Simon McVittie 
severity 681812 serious
thanks

On Mon, 16 Jul 2012 at 20:54:41 +0200, Markus Koschany wrote:
> 1. Join the server and open the ingame console with Shift+ESC or ~.
> 2. Ask for a vote to kick a non-existing player on the server like
> 
> \callvote kick pullo
> 
> if pullo is a player who does not play on the server.

Hi, sorry for the delay in responding to this. Thank you both for your help
with this bug.

This is a DoS that remote unauthenticated users can trigger on-demand, so
I've bumped the severity up and am preparing an upload.
I'll ask for a freeze exception for it.

Regards,
S


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#681812: openarena-server: segfaults when a client is requesting a callvote to kick another player

2012-09-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 681812 serious
Bug #681812 [openarena-server] openarena-server: segfaults when a client is 
requesting a callvote to kick another player
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
681812: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681812
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org