Bug#775803: phabricator: /var/run/phabricator does not exist -- daemons not starting
Source: phabricator Version: 0~git20141101-1 Severity: serious Justification: Policy §9.1.4 Dear Maintainer, The daemon initscript does not create /run/phabricator and as a result the daemons do not start on boot until the directory is created manually: Daemon:[2015-01-20 11:22:48] EXCEPTION: (Exception) phd requires the directory '/var/run/phabricator' to exist, but it does not exist and could not be created. Create this directory or update 'phd.pid-directory' / 'phd.log-directory' in your configuration to point to an existing directory. at [phabricator/src/applications/daemon/management/PhabricatorDaemonManagementWorkflow.php:28] While at it, it would also be better to set phd.pid-directory to /run/phabricator (instead of /var/run/phabricator) to better comply with Debian moving from /var/run to /run. Regards, Apollon -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (500, 'testing'), (90, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=el_GR.UTF-8, LC_CTYPE=el_GR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) signature.asc Description: Digital signature
Bug#773029: groonga-server-common: purging deletes conffiles owned by other packages: /etc/groonga/{groonga.conf, synonyms.tsv}
On Sat, 17 Jan 2015 12:12:31 + Jonathan Wiltshire j...@debian.org wrote: Hi, ... Unfortunatley this isn't suitable for including in Jessie. Could you prepare an upload that only fixes this bug, and not the other changes like hardening for nginx? Thank you for your advice. Ok, I'll upload fix version again. Regards,
Bug#775689: Do NOT use unetbootin for Debian CD images
Hi! Can you give me pointers where those bugreports exist? Do you have first hand experience that it's not working correctly? I made netboot images onto my USB sticks and they worked. This exchange is sadly pretty common when it comes to unetbootin and we see this frequently in #debian. Whenever we get a user reporting a very odd error from the installer, we ask them how they transferred the image to the USB stick and if they say unetbootin we just recommend they start again because it is well known to cause problems. Two things then always follow: (1) the problem is solved and the installation completes fine (2) a 3rd party will chip in that unetbootin always works just fine for them [sadly often also accompanied by (3) them telling us we don't know what we're talking about]. We have been unable to figure out what differentiates the users for whom unetbootin does not work from the users for whom it does work. The users who have chosen to use unetbootin are almost invariably not the right people to help debug such problems and so the impasse is perpetuated. (While unetbootin can also do other things like have multiple images on the one disk, that's not the user base we are normally seeing.) Off the top of my head the are the sorts of errors we frequently see are catalogued below. I've quickly grabbed some links from upstream's bug tracker that may (or may not!) provide some more details. All of these errors go away when the exact same image is copied onto the exact same USB stick using cp as detailed in the install guide (or dd or cat or win32diskimager or anything else that just copies the image rather than trying to do whatever mangling unetbootin does). * boot error messages: the prepared image is deeply unhappy and you don't even get as far as a boot loader. (The normal symptom reported by the user is why aren't debian iso images bootable?...) https://bugs.launchpad.net/unetbootin/+bug/1198731 * d-i starts but then dies weirdly, seemingly skipping the entire installation https://bugs.launchpad.net/unetbootin/+bug/1348956 * d-i dies very early with No CD was detected: for some reason, the mounted image is not found by the installer and you don't get past the very first part of the installer where it tries to find the d-i components. https://bugs.launchpad.net/unetbootin/+bug/622075 * installing the base system fails: sometimes it can't find the .debs, sometimes it can't figure out how to extract them properly https://bugs.launchpad.net/unetbootin/+bug/1048913 * even once d-i looks to have successfully completed, it often seems to install grub to the wrong device and/or has sufficiently confused grub-install as to get the wrong device.map so that the system isn't bootable https://bugs.launchpad.net/unetbootin/+bug/1034975 Clearly not everyone hits these errors but enough do that it's a pain. The errors seem so unrelated to unetbootin that it's very hard to convince users to try remaking the image -- after all, once the kernel is booted and userspace has started, unetbootin should be irrelevant, right? If only. Also please note it's not a Debian specific tool. But it may exists in Fedora as well for example. Those users may install a Debian boot to their USB sticks. Adding a warning for our users won't warn other users using UNetbootin. Indeed, it would be wonderful if this were actually fixed upstream (or at least documented upstream). In the absence of that, we at least reach a good portion of the user base by noting this in Debian (and its derivatives). cheers Stuart -- Stuart Prescotthttp://www.nanonanonano.net/ stu...@nanonanonano.net Debian Developer http://www.debian.org/ stu...@debian.org GPG fingerprint90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775801: tomcat7: update ecj.jar also to avoid java.util.Map$Entry cannot be resolved error during jsp compilation
Package: tomcat7 Version: 7.0.56-1~bpo70+2 Severity: grave Tags: d-i Justification: renders package unusable Dear Maintainer, https://issues.apache.org/bugzilla/show_bug.cgi?id=57445 no longer occurs if in /usr/share/java eclipse-ecj.jar symlinks to eclipse-ecj-4.4.jar Regards Ralf See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775505 -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages tomcat7 depends on: ii adduser3.113+nmu3 ii debconf [debconf-2.0] 1.5.49 ii tomcat7-common 7.0.56-1~bpo70+2 ii ucf3.0025+nmu3 Versions of packages tomcat7 recommends: ii authbind 2.1.1 Versions of packages tomcat7 suggests: pn libtcnative-1 none pn tomcat7-admin none pn tomcat7-docs none pn tomcat7-examples none pn tomcat7-user none -- Configuration Files: /etc/tomcat7/catalina.properties changed [not included] /etc/tomcat7/server.xml changed [not included] -- debconf-show failed -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775801: tomcat7: update ecj.jar also to avoid java.util.Map$Entry cannot be resolved error during jsp compilation
Hi Ralf, Thank you for the report. Could you install the libecj-java/3.10.1-1 package from the wheezy-backports and try again please? It contains the version 4.4 used by Tomcat upstream and is likely to fix this issue. Emmanuel Bourg -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#770871: ModemManager only starts up if system is PID 1
Severity: serious Justification: GSM modem support will not work out-of-the-box with non-systemd setups Hi, I see a similar issue about ModemManager not coming up by default via network-manager. The reason is simple (after staring at mm and nm from jessie and wheezy for a while): o ModemManager comes with a DBus system-service file o NetworkManager in Debian wheezy triggers that service (org.freedesktop.ModemManager) o NetworkManager in Debian testing does not have that code anymore, it expects from systemd to launch ModemManager = systems without systemd as PID 1 fail to start ModemManager and GSM devices are not available in NetworkManager. Solution IMHO: o Provide an init script in /etc/init.d/ that launches ModemManager on non-systemd machines o other options??? I hope we can get this fixed for jessie. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpKdu3RgbJV1.pgp Description: Digitale PGP-Signatur
Processed: your mail
Processing commands for cont...@bugs.debian.org: severity #770871 serious Bug #770871 [modemmanager] modemmanager: ModemManager does not start automatically Severity set to 'serious' from 'important' thanks Stopping processing here. Please contact me if you need assistance. -- 770871: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770871 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773359: package tbb_4.2~20140122-4 FTBFS on mips and mipsel
On Wed, 2014-12-17 13:11:32 +, Jurica Stanojkovic wrote: Package: tbb Version: 4.2~20140122-4 Severity: serious Tags: sid + patch Justification: FTBFS User: debian-m...@lists.debian.org Usertags: mips-patch Hello, Package tbb_4.2~20140122-4 FTBFS on mips and mipsel. Mips platform does not have 64-bit __sync_* operations. To resolve this issue it is needed to use corresponding __atomic_* from libatomic library. https://buildd.debian.org/status/package.php?p=tbbsuite=sid build logs: https://buildd.debian.org/status/fetch.php?pkg=tbbarch=mipsver=4.2~20140122-4stamp=1415055684 https://buildd.debian.org/status/fetch.php?pkg=tbbarch=mipselver=4.2~20140122-4stamp=1415054347 I have attached a patch resolving this issue. Thank you! Regards, Jurica Hello Steven, At IMGtech.com, we would like to support this patch for tbb. If you prefer, I could sponsor a new Debian version of tbb including Jurica's patch. Regards, Aníbal -- Anibal Monsalve Salazar anibal.monsalvesala...@imgtec.com --- tbb-4.2~20140122.orig/build/linux.gcc.inc +++ tbb-4.2~20140122/build/linux.gcc.inc @@ -80,6 +80,14 @@ endif TBB_ASM.OBJ= MALLOC_ASM.OBJ= +ifeq (mips,$(arch)) +LINK_FLAGS += -latomic +endif + +ifeq (mipsel,$(arch)) +LINK_FLAGS += -latomic +endif + ifeq (ia64,$(arch)) # Position-independent code (PIC) is a must on IA-64 architecture, even for regular (not shared) executables CPLUS_FLAGS += $(PIC_KEY) --- tbb-4.2~20140122.orig/build/linux.inc +++ tbb-4.2~20140122/build/linux.inc @@ -76,6 +76,12 @@ ifndef arch ifeq ($(deb_host_arch),i386) export arch:=ia32 endif + ifeq ($(deb_host_arch),mips) +export arch:=mips +endif +ifeq ($(deb_host_arch),mipsel) +export arch:=mipsel +endif ifndef arch export arch:=$(uname_m) $(warning Unknown arch: $(arch)) --- tbb-4.2~20140122.orig/include/tbb/machine/gcc_generic.h +++ tbb-4.2~20140122/include/tbb/machine/gcc_generic.h @@ -68,14 +68,27 @@ #define __TBB_full_memory_fence() __sync_synchronize() #define __TBB_control_consistency_helper() __sync_synchronize() -#define __TBB_MACHINE_DEFINE_ATOMICS(S,T) \ -inline T __TBB_machine_cmpswp##S( volatile void *ptr, T value, T comparand ) {\ -return __sync_val_compare_and_swap(reinterpret_castvolatile T *(ptr),comparand,value); \ -} \ - \ -inline T __TBB_machine_fetchadd##S( volatile void *ptr, T value ) { \ -return __sync_fetch_and_add(reinterpret_castvolatile T *(ptr),value); \ -} \ +#if defined (__mips) !defined (__mips64) +#define __TBB_MACHINE_DEFINE_ATOMICS(S,T) \ +inline T __TBB_machine_cmpswp##S( volatile void *ptr, T value, T comparand ) {\ +__atomic_compare_exchange(reinterpret_castvolatile T *(ptr),comparand,value, \ +false,__ATOMIC_SEQ_CST,__ATOMIC_SEQ_CST); \ +return comparand; \ +} \ + \ +inline T __TBB_machine_fetchadd##S( volatile void *ptr, T value ) { \ +return __atomic_fetch_add(reinterpret_castvolatile T *(ptr),value,__ATOMIC_SEQ_CST);\ +} +#else + #define __TBB_MACHINE_DEFINE_ATOMICS(S,T) \ + inline T __TBB_machine_cmpswp##S( volatile void *ptr, T value, T comparand ) {\ + return __sync_val_compare_and_swap(reinterpret_castvolatile T *(ptr),comparand,value); \ + } \ + \ + inline T __TBB_machine_fetchadd##S( volatile void *ptr, T value ) { \ + return __sync_fetch_and_add(reinterpret_castvolatile T *(ptr),value); \ + } +#endif __TBB_MACHINE_DEFINE_ATOMICS(1,int8_t)
Bug#775812: base: HP EliteBook 840 G1 laptop fails to halt/poweroff after 15/12/2015 upgrade
Package: base Severity: serious Justification: Policy 9.11 Dear Maintainer, I initially reported this problem on the debian-user list (17 Dec 2014). Here follow the description of the problem that I described: I'm running Debian testing (jessie) on an HP EliteBook 840 G1 laptop. Everything goes reasonably well, even very well, except that after running apt-get update/upgrade on Monday (15 December) I cannot halt (poweroff) the computer. When I try to switch it off it just reboots. I manage to get it in sleep mode by pressing the the physical start button and this is what I'm doing since then. No previous problems in this sense before that upgrade. I have 'intel-microcode' and 'firmware-linux-free' installed from the beginning. Some suggested that it could be a systemd-related problem. After that report I was able to sometimes halt the computer correctly either from the gnome interface or from the console. This has not happenend again in the last three weeks. I am force to halt the computer by letting it restart and use the power switch when GRUB starts. Of course, what I expect is to be able to halt the computer cleanly, as easily as possible but at the very least by root on the console. I apologise if this is not the right place to report this bug and I would appreciate suggestions about where it should go. -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#768618: [Debian-ha-maintainers] Bug#768922: Bug#768618: pacemaker: FTBFS in jessie: build-dependency not installable: libqb-dev (= 0.16.0.real)
Simon Horman ho...@verge.net.au writes: On Mon, Jan 19, 2015 at 09:26:36AM +0900, Christian Balzer wrote: Meanwhile, here in what it what we tenuously call reality one can observe the following things: 1. Pacemaker broken in Jessie for more than 2 months now. 2. Silence on this bug for more than one month. 3. Pacemaker was recently removed from Jessie. 4. The February 5th deadline is rapidly approaching, cue the laughingstock. Between systemd and this gem Jessie is shaping up to be the best Debian release ever... I wonder if there are any active members of the Debian linux-ha team. Speaking for and pointing the finger at myself for one who has been inactive for several years. I for one would be happy to see an NMU here. There were a couple offers of help on the list (in October and November) but the situation was rather hopeless already then, and nobody came up with any plan to keep Pacemaker in testing. Actually, I don't think version 1.10 is really worth much effort. I'm planning to use the current versions of Corosync and Pacemaker on jessie, and will try to create local packages for that. If there is a way to use that work in Debian, I'm most interested to hear about it. But I don't think there's still a way to have a modern Pacemaker in jessie. Please prove me wrong. -- Regards, Feri. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#770871: ModemManager only starts up if system is PID 1
Am 20.01.2015 um 14:50 schrieb Michael Biebl: I'd rather have NM use a runtime check for systemd (sd_booted()). All the code still seems to be there [1], it just needs to be changed to use a runtime check instead of compile time. I'm inclined to re-assign this to NM. I hope we can get this fixed for jessie. I'd be willing to review and merge a tested patch for NM. [..] [1] http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=3b76ae18a52b44dbe577557e038fdc263edc5715 Fwiw, this is the upstream response: https://bugzilla.gnome.org/show_bug.cgi?id=703040#c7 -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#756253: Upgrade from 2.02~beta2-10 to 2.02~beta2-11 left grub unbootable
On Mon, Jan 19, 2015 at 07:42:37AM +0900, Mike Hommey wrote: On Sun, Jan 18, 2015 at 11:37:28AM +, Steve McIntyre wrote: The ENOSPC handling has been bad in the past, but it's not clear that was the cause of your original bug. :-/ *Now* it's a very bad state to be in, and may cause other problems too. On the Dell machine you have, I'm not personally aware of workarounds/fixes for it, but I know that on some machines re-flashing the firmware can force fix this by forcing cleaning of used space. After some googling, I cleaned up /sys/fs/pstore, which contained dmesg-* files, and that cleaned up /sys/firmware/efi/vars/ such that efibootmgr can do its job. Ah, OK. Phew. :-) There are a couple things happening, though. The first one is that it adds a debian entry. I'm not sure, though, that the grub entry name doesn't just come from me adding it manually with a different name (since, iirc, this very bug left me with no grub entry at all) than it had in the first place or if it /was/ named grub originally. So I do end up with 3 entries: grub, debian and Windows Boot Manager listed by efibootmgr. The automatic setup of grub-install calling efibootmgr won't be touching the grub entry at all - it's set up to only play with debian entries. So that should be safe. But then comes the second thing: when I reboot, the debian entry is lost. Poof, disappeared. And I do wonder if the initial problem is not related to that. That is still happening? Can you successfully re-create it each time? -- Steve McIntyre, Cambridge, UK.st...@einval.com We don't need no education. We don't need no thought control. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#768922: [Debian-ha-maintainers] Bug#768618: Bug#768922: Bug#768618: pacemaker: FTBFS in jessie: build-dependency not installable: libqb-dev (= 0.16.0.real)
I'd also like to know how to get involved on that. I currently see two possibilities: a) address the important, release critical bugs. However, ideally would need someone of the old maintainers/uploaders (added as CC) to sponsor that. b) See if a quick backport will be possible after the release. What do you think? Raoul On 2015-01-20 12:14, Ferenc Wagner wrote: Simon Horman ho...@verge.net.au writes: On Mon, Jan 19, 2015 at 09:26:36AM +0900, Christian Balzer wrote: Meanwhile, here in what it what we tenuously call reality one can observe the following things: 1. Pacemaker broken in Jessie for more than 2 months now. 2. Silence on this bug for more than one month. 3. Pacemaker was recently removed from Jessie. 4. The February 5th deadline is rapidly approaching, cue the laughingstock. Between systemd and this gem Jessie is shaping up to be the best Debian release ever... I wonder if there are any active members of the Debian linux-ha team. Speaking for and pointing the finger at myself for one who has been inactive for several years. I for one would be happy to see an NMU here. There were a couple offers of help on the list (in October and November) but the situation was rather hopeless already then, and nobody came up with any plan to keep Pacemaker in testing. Actually, I don't think version 1.10 is really worth much effort. I'm planning to use the current versions of Corosync and Pacemaker on jessie, and will try to create local packages for that. If there is a way to use that work in Debian, I'm most interested to hear about it. But I don't think there's still a way to have a modern Pacemaker in jessie. Please prove me wrong. -- DI (FH) Raoul Bhatia M.Sc. | E-Mail. ra...@bhatia.at Software Development and | Web. http://raoul.bhatia.at/ System Administration | Tel. +43 699 10132530 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773359: package tbb_4.2~20140122-4 FTBFS on mips and mipsel
On 20 January 2015 at 10:51, Aníbal Monsalve Salazar ani...@debian.org wrote: Hello Steven, Hi Aníbal, At IMGtech.com, we would like to support this patch for tbb. If you prefer, I could sponsor a new Debian version of tbb including Jurica's patch. Taking a look at this patch, I would like to experiment with it further and even try to apply it to other architectures (as I believe the atomics to be superior to the old style sync intrinsics, and this may solve some unit test problems we've been experiencing). I was planning on rolling out an experimental package with a tweaked version of this patch in; and if it behaves, was going to put this into Sid. (Then if all goes well, send the patch upstream). Does this sound acceptable to you? Cheers, -- Steve -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775830: Acknowledgement (deng: has no human maintainer anymore)
Control: reassign -1 doomsday I once helped to get the package back up into shape in order to provide another alternative engine (besides prboom-plus) that was able to run freedoom. This was around the time when vavoom became unusable and was eventually removed from Debian. Meanwhile, however, I have completely lost interest in this port and do no longer volunteer to maintain its package. So, someone please take over this package. Filed against the wrong source package, yay! - Fabian -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#775830: Acknowledgement (deng: has no human maintainer anymore)
Processing control commands: reassign -1 doomsday Bug #775830 [src:deng] deng: has no human maintainer anymore Bug reassigned from package 'src:deng' to 'doomsday'. No longer marked as found in versions deng/1.10.4-2. Ignoring request to alter fixed versions of bug #775830 to the same values previously set -- 775830: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775830 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#770871: ModemManager only starts up if system is PID 1
tags: -1 + moreinfo help Am 20.01.2015 um 11:42 schrieb Mike Gabriel: Severity: serious Justification: GSM modem support will not work out-of-the-box with non-systemd setups Hi, I see a similar issue about ModemManager not coming up by default via network-manager. The reason is simple (after staring at mm and nm from jessie and wheezy for a while): o ModemManager comes with a DBus system-service file o NetworkManager in Debian wheezy triggers that service (org.freedesktop.ModemManager) o NetworkManager in Debian testing does not have that code anymore, it expects from systemd to launch ModemManager = systems without systemd as PID 1 fail to start ModemManager and GSM devices are not available in NetworkManager. Looks like ModemManager starts just fine here if I boot with sysvinit. If, as you say, NM no longer pokes the D-Bus service, I guess something else in the desktop (GNOME3 here) does it. So this issue might be specific to certain DEs. Solution IMHO: o Provide an init script in /etc/init.d/ that launches ModemManager on non-systemd machines o other options??? I don't think adding an init script to ModemManager is a good option. For one, I don't want to start MM unconditionally. I'd rather have NM use a runtime check for systemd (sd_booted()). All the code still seems to be there [1], it just needs to be changed to use a runtime check instead of compile time. I'm inclined to re-assign this to NM. I hope we can get this fixed for jessie. I'd be willing to review and merge a tested patch for NM. Cheers, Michael [1] http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=3b76ae18a52b44dbe577557e038fdc263edc5715 -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#775830: deng: has no human maintainer anymore
Source: deng Version: 1.10.4-2 Severity: serious Justification: Policy 5.6.3 Hi all, I once helped to get the package back up into shape in order to provide another alternative engine (besides prboom-plus) that was able to run freedoom. This was around the time when vavoom became unusable and was eventually removed from Debian. Meanwhile, however, I have completely lost interest in this port and do no longer volunteer to maintain its package. So, someone please take over this package. Thanks, Fabian -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775842: moodle: Multiple security issues
Package: moodle Severity: grave Tags: security Justification: user security hole The current Moodle package in the archive is affected by multiple security issues: Cheers, Moritz https://security-tracker.debian.org/tracker/CVE-2015-0218 https://security-tracker.debian.org/tracker/CVE-2015-0217 https://security-tracker.debian.org/tracker/CVE-2015-0216 https://security-tracker.debian.org/tracker/CVE-2015-0215 https://security-tracker.debian.org/tracker/CVE-2015-0214 https://security-tracker.debian.org/tracker/CVE-2015-0213 https://security-tracker.debian.org/tracker/CVE-2015-0212 https://security-tracker.debian.org/tracker/CVE-2015-0211 https://security-tracker.debian.org/tracker/CVE-2014-9059 https://security-tracker.debian.org/tracker/CVE-2014-7848 https://security-tracker.debian.org/tracker/CVE-2014-7847 https://security-tracker.debian.org/tracker/CVE-2014-7846 https://security-tracker.debian.org/tracker/CVE-2014-7845 https://security-tracker.debian.org/tracker/CVE-2014-7838 https://security-tracker.debian.org/tracker/CVE-2014-7837 https://security-tracker.debian.org/tracker/CVE-2014-7836 https://security-tracker.debian.org/tracker/CVE-2014-7835 https://security-tracker.debian.org/tracker/CVE-2014-7834 https://security-tracker.debian.org/tracker/CVE-2014-7833 https://security-tracker.debian.org/tracker/CVE-2014-7832 https://security-tracker.debian.org/tracker/CVE-2014-7831 https://security-tracker.debian.org/tracker/CVE-2014-7830 https://security-tracker.debian.org/tracker/CVE-2014-4172 https://security-tracker.debian.org/tracker/CVE-2014-3617 https://security-tracker.debian.org/tracker/CVE-2014-3553 https://security-tracker.debian.org/tracker/CVE-2014-3551 https://security-tracker.debian.org/tracker/CVE-2014-3548 https://security-tracker.debian.org/tracker/CVE-2014-3547 https://security-tracker.debian.org/tracker/CVE-2014-3546 https://security-tracker.debian.org/tracker/CVE-2014-3545 https://security-tracker.debian.org/tracker/CVE-2014-3544 https://security-tracker.debian.org/tracker/CVE-2014-3543 https://security-tracker.debian.org/tracker/CVE-2014-3542 https://security-tracker.debian.org/tracker/CVE-2014-3541 https://security-tracker.debian.org/tracker/CVE-2014-2054 https://security-tracker.debian.org/tracker/CVE-2013-3630 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#770229: CVE-2014-2901 CVE-2014-2902 CVE-2014-2903 CVE-2014-2904
On Wed, Nov 19, 2014 at 11:17:43PM +0100, Moritz Muehlenhoff wrote: Source: cyassl Severity: grave Tags: security Please see https://marc.info/?l=oss-securitym=139779940032403w=2 In addition there are five issues fixed in the local copy in MySQL. Please check with upstream, in which cyassl version they are fixed: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: change submitter of unarchived bugs to my personal address
Processing commands for cont...@bugs.debian.org: submitter 759691 ! Bug #759691 [src:ck] ck: file ck_hclh is not cleaned by debian/rules clean Changed Bug submitter to 'James Cowgill james...@cowgill.org.uk' from 'James Cowgill james.cowg...@imgtec.com' submitter 770457 ! Bug #770457 {Done: Markus Koschany a...@gambaru.de} [eclipse-rcp] eclipse-rcp: debian/rules build-arch does not install some files in eclipse-rcp Bug #769248 {Done: Markus Koschany a...@gambaru.de} [eclipse-rcp] androidsdk-tools: FTBFS in jessie/i386: sdkstats/src/main/java/com/android/sdkstats/DdmsPreferenceStore.java:22: error: package org.eclipse.jface.preference does not exist Changed Bug submitter to 'James Cowgill james...@cowgill.org.uk' from 'James Cowgill james.cowg...@imgtec.com' thanks Stopping processing here. Please contact me if you need assistance. -- 759691: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759691 769248: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769248 770457: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770457 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775843: node-serve-static: CVE-2015-1164
Package: node-serve-static Severity: grave Tags: security Justification: user security hole Hi, please see https://nodesecurity.io/advisories/serve-static-open-redirect Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#774366: marked as done (ploader: Fails to log in with Can't locate object method ParseDate via package Wx::DateTime)
Your message dated Tue, 20 Jan 2015 16:30:43 + with message-id e1ydbht-0003kk...@franck.debian.org and subject line Bug#775672: Removed package(s) from unstable has caused the Debian Bug report #774366, regarding ploader: Fails to log in with Can't locate object method ParseDate via package Wx::DateTime to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 774366: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774366 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: ploader Version: 1.6.0-1.1 Severity: grave Justification: renders package unusable Dear Maintainer, ploader opens fine to a login prompt for Piwigo. I can fill all this in but as soon as I click Connect, the program exits and the following message is emitted: Can't locate object method ParseDate via package Wx::DateTime at /usr/share/perl5/Uploader/GUI/DlgCommon.pm line 253. This makes the package pretty much unusable. I have found a workaround that lets me get beyond this but I've no idea what implications it has on the operation of the program, so hesitate to recommend it: comment out lines 253 and 255 and put a ; on the end of line 254. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ploader depends on: ii libclass-accessor-perl 0.34-1 ii libdigest-md5-file-perl0.08-1 ii libfile-homedir-perl 1.00-1 ii libfile-slurp-perl .19-4 ii libimage-exiftool-perl 9.74-1 ii libimage-magick-perl [perlmagick] 8:6.8.9.9-4 ii libjson-perl 2.61-1 ii libwx-perl 1:0.9923-4 ii perlmagick 8:6.8.9.9-4 ploader recommends no packages. ploader suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Version: 1.6.0-1.1+rm Dear submitter, as the package ploader has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/775672 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Scott Kitterman (the ftpmaster behind the curtain)---End Message---
Processed: found 775843 in 1.6.4-1
Processing commands for cont...@bugs.debian.org: found 775843 1.6.4-1 Bug #775843 [node-serve-static] node-serve-static: CVE-2015-1164 Marked as found in versions node-serve-static/1.6.4-1. thanks Stopping processing here. Please contact me if you need assistance. -- 775843: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775843 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775356: Yep
Hi, Michael Gilbert wrote: I prepared a patch fixing resolvconf's bashisms. Please test. I've just tested this patch on the machine where I initially run into this issue. I can confirm that dhclient-script no more throws errors with Michael's patch and /etc/resolv.conf respectively its symlink target looks as expected (IPv6 DNS servers, search domain, etc.). Thanks! Regards, Axel -- ,''`. | Axel Beckert a...@debian.org, http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775638: IPv6 database is corrupt
tag #775638 + confirmed clone #775638 -1 reassign -1 geoip-bin retitle -1 geoip-generator produces faulty v6/city database severity -1 grave found -1 1.6.2-3 thanks Hi Am 18.01.2015 um 05:21 schrieb Debian Bug Tracking System: Processing commands for cont...@bugs.debian.org: reassign 775638 geoip-database 20141027-1 Bug #775638 [src:gdnsd] gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2 Bug reassigned from package 'src:gdnsd' to 'geoip-database'. No longer marked as found in versions gdnsd/2.1.0-1. Ignoring request to alter fixed versions of bug #775638 to the same values previously set Bug #775638 [geoip-database] gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2 Marked as found in versions geoip-database/20141027-1. retitle 775638 IPv6 database is corrupt Bug #775638 [geoip-database] gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2 Changed Bug title to 'IPv6 database is corrupt' from 'gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2' severity 775638 grave Bug #775638 [geoip-database] IPv6 database is corrupt Severity set to 'grave' from 'serious' thanks thanks for spotting it. Curious that no one (also myself!) spotted it. The patch for the v6 database is just: --- geoip/branches/jessie/debian/src/geoip-csv-to-dat.cpp 2015-01-19 18:50:04 UTC (rev 5693) +++ geoip/branches/jessie/debian/src/geoip-csv-to-dat.cpp 2015-01-20 08:31:03 UTC (rev 5694) @@ -959,6 +959,7 @@ address_family = AF_INET; break; case '6': + database_type = GEOIP_COUNTRY_EDITION_V6; address_family = AF_INET6; break; case 'i': But Andrew found out that there is also an issue with the city database, which is working in general, but the gdnsd tests also fail. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ signature.asc Description: OpenPGP digital signature
Processed: Bug#775638: IPv6 database is corrupt
Processing commands for cont...@bugs.debian.org: tag #775638 + confirmed Bug #775638 [geoip-database] IPv6 database is corrupt Added tag(s) confirmed. clone #775638 -1 Bug #775638 [geoip-database] IPv6 database is corrupt Bug 775638 cloned as bug 775851 reassign -1 geoip-bin Bug #775851 [geoip-database] IPv6 database is corrupt Bug reassigned from package 'geoip-database' to 'geoip-bin'. No longer marked as found in versions geoip-database/20141027-1. Ignoring request to alter fixed versions of bug #775851 to the same values previously set retitle -1 geoip-generator produces faulty v6/city database Bug #775851 [geoip-bin] IPv6 database is corrupt Changed Bug title to 'geoip-generator produces faulty v6/city database' from 'IPv6 database is corrupt' severity -1 grave Bug #775851 [geoip-bin] geoip-generator produces faulty v6/city database Ignoring request to change severity of Bug 775851 to the same value. found -1 1.6.2-3 Bug #775851 [geoip-bin] geoip-generator produces faulty v6/city database Marked as found in versions geoip/1.6.2-3. thanks Stopping processing here. Please contact me if you need assistance. -- 775638: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775638 775851: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775851 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775850: timblserver: FTBFS in unstable: error: 'class Timbl::GetOptClass' has no member named 'getLogFile'
Source: timblserver Version: 1.7-4 Severity: serious Tags: sid Hi, timblserver FTBFS in unstable (but not in testing) on amd64 with the following error: /bin/bash ../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I. -I.. -I../include -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -I/usr/include/libxml2 -fopenmp -fopenmp -c -o ServerBase.lo ServerBase.cxx libtool: compile: g++ -DHAVE_CONFIG_H -I. -I.. -I../include -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -I/usr/include/libxml2 -fopenmp -fopenmp -c ServerBase.cxx -fPIC -DPIC -o .libs/ServerBase.o ServerBase.cxx: In constructor 'TimblServer::IB1_Server::IB1_Server(Timbl::GetOptClass*)': ServerBase.cxx:1128:22: error: 'class Timbl::GetOptClass' has no member named 'getLogFile' logFile = opt-getLogFile(); ^ ServerBase.cxx:1129:22: error: 'class Timbl::GetOptClass' has no member named 'getPidFile' pidFile = opt-getPidFile(); ^ ServerBase.cxx:1130:23: error: 'class Timbl::GetOptClass' has no member named 'daemonizeFlag' doDaemon = opt-daemonizeFlag(); ^ ServerBase.cxx: In constructor 'TimblServer::IG_Server::IG_Server(Timbl::GetOptClass*)': ServerBase.cxx:1138:22: error: 'class Timbl::GetOptClass' has no member named 'getLogFile' logFile = opt-getLogFile(); ^ ServerBase.cxx:1139:22: error: 'class Timbl::GetOptClass' has no member named 'getPidFile' pidFile = opt-getPidFile(); ^ ServerBase.cxx:1140:23: error: 'class Timbl::GetOptClass' has no member named 'daemonizeFlag' doDaemon = opt-daemonizeFlag(); ^ ServerBase.cxx: In constructor 'TimblServer::TRIBL_Server::TRIBL_Server(Timbl::GetOptClass*)': ServerBase.cxx:1148:22: error: 'class Timbl::GetOptClass' has no member named 'getLogFile' logFile = opt-getLogFile(); ^ ServerBase.cxx:1149:22: error: 'class Timbl::GetOptClass' has no member named 'getPidFile' pidFile = opt-getPidFile(); ^ ServerBase.cxx:1150:23: error: 'class Timbl::GetOptClass' has no member named 'daemonizeFlag' doDaemon = opt-daemonizeFlag(); ^ ServerBase.cxx: In constructor 'TimblServer::TRIBL2_Server::TRIBL2_Server(Timbl::GetOptClass*)': ServerBase.cxx:1158:22: error: 'class Timbl::GetOptClass' has no member named 'getLogFile' logFile = opt-getLogFile(); ^ ServerBase.cxx:1159:22: error: 'class Timbl::GetOptClass' has no member named 'getPidFile' pidFile = opt-getPidFile(); ^ ServerBase.cxx:1160:23: error: 'class Timbl::GetOptClass' has no member named 'daemonizeFlag' doDaemon = opt-daemonizeFlag(); ^ Makefile:413: recipe for target 'ServerBase.lo' failed make[3]: *** [ServerBase.lo] Error 1 After playing around with the build dependencies, this seems to be caused by the upgrade of timbl from 6.4.4-4 - 6.4.6-1 Full mips64el build log (the arch where I first saw this): http://mipsdebian.imgtec.com/debian/logs/t/timblserver/timblserver_1.7-4_mips64el-20150115-0504.build.gz Thanks, James -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775830: deng: has no human maintainer anymore
Control: severity -1 important On Tue, 20 Jan 2015 15:03:12 +0100 Fabian Greffrath fabian+deb...@greffrath.com wrote: Source: deng Version: 1.10.4-2 Severity: serious Justification: Policy 5.6.3 Hi all, I once helped to get the package back up into shape in order to provide another alternative engine (besides prboom-plus) that was able to run freedoom. This was around the time when vavoom became unusable and was eventually removed from Debian. Meanwhile, however, I have completely lost interest in this port and do no longer volunteer to maintain its package. So, someone please take over this package. Hi, You are still listed as uploader in the official package currently available in the archive, so Policy's demands are satisfied. I suggest to bring this topic up for discussion on debian-devel-games and ask for someone taking over this package. If nobody volunteers filing a RFA bug report might increase the visibility of this issue and attract someone else from outside the team. Regards, Markus signature.asc Description: OpenPGP digital signature
Processed: minbar: FTBFS bugs #705026 and #759841 are the same issue
Processing commands for cont...@bugs.debian.org: # #759841 has a better title than #705026, so steal it :) retitle 705026 minbar: FTBFS: ld: minbar-main.o: undefined reference to symbol 'sincos@@GLIBC_2.2.5' Bug #705026 [minbar] minbar: fails to build, underlinked against libm Changed Bug title to 'minbar: FTBFS: ld: minbar-main.o: undefined reference to symbol 'sincos@@GLIBC_2.2.5'' from 'minbar: fails to build, underlinked against libm' # merge bugs reassign 705026 src:minbar 0.2.1-7 Bug #705026 [minbar] minbar: FTBFS: ld: minbar-main.o: undefined reference to symbol 'sincos@@GLIBC_2.2.5' Bug reassigned from package 'minbar' to 'src:minbar'. No longer marked as found in versions minbar/0.2.1-7. Ignoring request to alter fixed versions of bug #705026 to the same values previously set Bug #705026 [src:minbar] minbar: FTBFS: ld: minbar-main.o: undefined reference to symbol 'sincos@@GLIBC_2.2.5' Marked as found in versions minbar/0.2.1-7. merge 705026 759841 Bug #705026 [src:minbar] minbar: FTBFS: ld: minbar-main.o: undefined reference to symbol 'sincos@@GLIBC_2.2.5' Bug #759841 [src:minbar] minbar: FTBFS: ld: minbar-main.o: undefined reference to symbol 'sincos@@GLIBC_2.2.5' Added tag(s) patch. Merged 705026 759841 thanks Stopping processing here. Please contact me if you need assistance. -- 705026: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705026 759841: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759841 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#739676: systemd-user PAM config breaks some libpam-* modules
On Mon, 05 Jan 2015 20:57:05 +0100 Christian Kastner deb...@kvr.at wrote: If this second PAM session via systemd-user is indeed intended to be merely a background thing, them common-session-noninteractive should be the way to go anyway. But I'm not familiar enough with systemd to make that call. For reference, the inclusion of common-session is a local debian patch[1]. The original file referenced system-auth, which apparently debian does not use. [1] http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/debian/patches/Adjust-systemd-user-pam-config-file-for-Debian.patch?id=ec748d6eba35516597182ee24d7095a9c9cf415e Saludos -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775235: Repeatable failure to start on i386 running under kvm
Hello, came across launchpad bug #1360241 [1] which discusses the same error. There it comes from ubuntu-ui-toolkit tests. There they did revert their mesa package to depend on llvm-3.4 instead of llvm-3.5. So did I and recompiled mesa to use llvm-3.4 (see attached patch). And with these packages installed the error message was gone and the login screen is shown and a login possible. Going back to current jessie packages depending on llvm-3.5 lead to getting the error message again. Kind regards, Bernhard [1] https://bugs.launchpad.net/ubuntu/+source/llvm-toolchain-3.5/+bug/1360241 Rebuilding the mesa packages: root@debian:/home/benutzer# apt-get install debhelper quilt pkg-config libdrm-dev libx11-dev x11proto-gl-dev libxxf86vm-dev libexpat1-dev libxfixes-dev libxdamage-dev libxext-dev libvdpau-dev autoconf automake libtool x11proto-dri2-dev x11proto-dri3-dev x11proto-present-dev libx11-xcb-dev libxcb-dri2-0-dev libxcb-glx0-dev libxcb-xfixes0-dev libxcb-dri3-dev libxcb-present-dev libxcb-randr0-dev libxcb-sync-dev libxshmfence-dev libudev-dev flex bison llvm-3.4-dev libelf-dev libwayland-dev libclang-3.4-dev libclc-dev benutzer@debian:~$ mkdir mesa; cd mesa benutzer@debian:~/mesa$ apt-get source libgl1-mesa-dri benutzer@debian:~/mesa$ cd mesa-10.3.2 benutzer@debian:~/mesa/mesa-10.3.2$ patch -p1 --dry-run ../switch-to-3.4.patch# change llvm 3.5 to 3.4 like https://bugs.launchpad.net/ubuntu/+source/llvm-toolchain-3.5/+bug/1360241 benutzer@debian:~/mesa/mesa-10.3.2$ dpkg-buildpackage -b root@debian:/home/benutzer/mesa# dpkg -i libegl1-mesa_10.3.2-1_i386.deb libegl1-mesa-drivers_10.3.2-1_i386.deb libgbm1_10.3.2-1_i386.deb libgl1-mesa-dri_10.3.2-1_i386.deb libgl1-mesa-dri-dbg_10.3.2-1_i386.deb libgl1-mesa-glx_10.3.2-1_i386.deb libglapi-mesa_10.3.2-1_i386.deb libopenvg1-mesa_10.3.2-1_i386.deb libwayland-egl1-mesa_10.3.2-1_i386.deb libxatracker2_10.3.2-1_i386.deb #reboot, error is gone root@debian:/home/benutzer# apt-get install --reinstall libegl1-mesa libegl1-mesa-drivers libgbm1 libgl1-mesa-dri libgl1-mesa-dri-dbg libgl1-mesa-glx libglapi-mesa libopenvg1-mesa libwayland-egl1-mesa libxatracker2 #reboot, error is visible again diff -Nurp mesa-10.3.2.orig/debian/control mesa-10.3.2/debian/control --- mesa-10.3.2.orig/debian/control 2015-01-20 16:09:09.0 +0100 +++ mesa-10.3.2/debian/control 2015-01-20 16:15:14.77200 +0100 @@ -37,10 +37,10 @@ Build-Depends: libudev-dev [linux-any], flex, bison, - llvm-3.5-dev (= 1:3.5-1) [amd64 i386 kfreebsd-amd64 kfreebsd-i386 armhf], + llvm-3.4-dev [amd64 i386 kfreebsd-amd64 kfreebsd-i386 armhf], libelf-dev [amd64 i386 kfreebsd-amd64 kfreebsd-i386 armhf], libwayland-dev (= 1.2.0) [linux-any], - libclang-3.5-dev (= 1:3.5-1) [amd64 i386 armhf], + libclang-3.4-dev [amd64 i386 armhf], libclc-dev [amd64 i386 armhf], Vcs-Git: git://git.debian.org/git/pkg-xorg/lib/mesa Vcs-Browser: http://git.debian.org/?p=pkg-xorg/lib/mesa.git diff -Nurp mesa-10.3.2.orig/debian/rules mesa-10.3.2/debian/rules --- mesa-10.3.2.orig/debian/rules 2015-01-20 16:09:09.0 +0100 +++ mesa-10.3.2/debian/rules 2015-01-20 16:11:47.24400 +0100 @@ -116,7 +116,7 @@ else ifneq (,$(filter $(DEB_HOST_ARCH),amd64 i386 kfreebsd-amd64 kfreebsd-i386 armhf)) GALLIUM_DRIVERS += radeonsi confflags_GALLIUM += --enable-gallium-llvm - confflags_GALLIUM += ac_cv_path_LLVM_CONFIG=llvm-config-3.5 + confflags_GALLIUM += ac_cv_path_LLVM_CONFIG=llvm-config-3.4 endif confflags_DIRECT_RENDERING = --enable-driglx-direct
Bug#769797: marked as done (gnat-4.9: FTBFS: Needs update for gcc-4.9-4.9.2)
On Mon, 19 Jan 2015 11:45:28 +0100 Matthias Klose d...@debian.org wrote: reopen 769797 found 769797 4.9.1-4 thanks On 01/18/2015 11:51 AM, Debian Bug Tracking System wrote: Your message dated Sun, 18 Jan 2015 10:46:31 + with message-id 20150118104631.13a3ecaf@sylvester.codehelp and subject line No longer found has caused the Debian Bug report #769797, regarding gnat-4.9: FTBFS: Needs update for gcc-4.9-4.9.2 to be marked as done. unless you tell me how the b-d gcc-4.9-source ( 4.9.2) is satisfied in unstable, please leave this issue open. That doesn't make sense. gnat-4.9 in unstable has build-dependencies which can be satisfied in unstable. gnat-4.9 in testing has build-dependencies which can be satisfied in testing. Why would the build-dependency gcc-4.9-source ( 4.9.2) in gnat-4.9 in *testing* be relevant when checked in unstable? gnat-4.9 in testing does build just fine, in testing, so the bug title is - at least - inaccurate. There is no FTBFS in gnat-4.9 4.9.1-4 unless trying to build in unstable - which is unnecessary because Policy doesn't require that packages in testing build in unstable - it does that the packages in testing build in testing. In my tests, that requirement is met. What is the actual purpose of this bug? Why is a build-dependency constraint in testing relevant to builds in unstable? It's not as if gnat-4.9 is about to migrate into testing, even then the new version would migrate with the constraints met. -- Neil Williams = http://www.linux.codehelp.co.uk/ pgpIs5Pea9OsP.pgp Description: OpenPGP digital signature
Bug#774854: marked as done (fex: fails to install: subprocess installed post-installation script returned error exit status 1)
Your message dated Tue, 20 Jan 2015 15:19:06 + with message-id e1ydaaa-00031b...@franck.debian.org and subject line Bug#774854: fixed in fex 20150120-1 has caused the Debian Bug report #774854, regarding fex: fails to install: subprocess installed post-installation script returned error exit status 1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 774854: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774854 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: fex Version: 20140917-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. From the attached log (scroll to the bottom...): Selecting previously unselected package fex. (Reading database ... 9850 files and directories currently installed.) Preparing to unpack .../fex_20140917-2_all.deb ... Unpacking fex (20140917-2) ... Setting up fex (20140917-2) ... Adding group `fex' (GID 152) ... Done. Adding system user `fex' (UID 151) ... Adding new user `fex' (UID 151) with group `fex' ... Not creating home directory `/usr/share/fex'. Installing initial copy of htdocs into /var/lib/fex/htdocs ... Initializing /etc/fex/fex.ph with correcting hostname (using: myhost.domain.example.com) Adding system alias for fex to root dpkg: error processing package fex (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: fex Running 'postinst configure' with set -x enabled ends with: [...] + grep -q ^$admin_pw /etc/fex/fex.ph + perl -e require /etc/fex/fex.ph;print $notify_newrelease; + NOTIFY= + [ != ] + [ -f /etc/aliases -o -L /etc/aliases ] + grep -qi ^\s*fex\s*: /etc/aliases + [ -f /etc/exim/exim.conf -o -f /var/lib/exim4/config.autogenerated ] + [ ! -f /var/lib/exim4/config.autogenerated ] + egrep ^\s*(MAIN_TRUSTED_USERS|trusted_users)\s*=.*fex /var/lib/exim4/config.autogenerated + ISTRUSTED= dpkg: error processing package fex (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: fex cheers, Andreas fex_20140917-2.log.gz Description: application/gzip ---End Message--- ---BeginMessage--- Source: fex Source-Version: 20150120-1 We believe that the bug you reported is fixed in the latest version of fex, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 774...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Kilian Krause kil...@debian.org (supplier of updated fex package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 20 Jan 2015 15:56:05 +0100 Source: fex Binary: fex fex-utils Architecture: source all Version: 20150120-1 Distribution: unstable Urgency: high Maintainer: Kilian Krause kil...@debian.org Changed-By: Kilian Krause kil...@debian.org Description: fex- web service for transferring very large files fex-utils - web service for transferring very large files (utils) Closes: 773751 774854 Changes: fex (20150120-1) unstable; urgency=high . * New upstream release: 20150120 (Closes: #773751) - SECURITY FIX: race condition between fur and fex_cleanup may create internal instead of external user - several small bugs are fixed - fexwall also mails to sub and group users - optional HTTP basic authentication for htdoc/ directory - several SSL/TLS related fixes including default TLS for https connections - locale selection in upload form, too - better SSL configuration for fexsend,fexget,sexsend - autoview option for fexget - save-or-display (MIME) option for download - new config variable $mail_authid to (dis)allow mailing of forgotten auth-IDs * Update lintian override to ignore :sexsend:sexget: symlink which is interpreted by fexsrv directly * Recommend ca-certificates to verify remote server in fex-utils * Don't fail in postinst while looking up fex in trusted_users
Bug#773751: marked as done (race condition between fur and fex_cleanup)
Your message dated Tue, 20 Jan 2015 15:19:06 + with message-id e1ydaaa-00031x...@franck.debian.org and subject line Bug#773751: fixed in fex 20150120-1 has caused the Debian Bug report #773751, regarding race condition between fur and fex_cleanup to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773751: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773751 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: fex Version: 20140917-1 Severity: serious Tags: security patch upstream pending confirmed jessie As upstream has released a new version of the fex package which closes a security issue and there is no CVE assigned, we'll use this bug to track the issue. Problem is: a race condition between fur and fex_cleanup may create internal instead of external user. With the default configuration no auto registration is possible and no exploit is possible. You must have allowed user self registration via fex.ph. Background is a timing race condition that fex_cleanup will throw away the external user flag if the link a user is sent is not clicked/visited before fex_cleanup is run (i.e. usually next day). The user account will then be created with full internal user privileges instead of the reduced externel priv. set. The new release is currently being prepared for uploading into Debian. Some minor updates that have nothing to do with the issue at hand are currently being discussed between me and upstream. I'd guess we can have a new fixed version in unstable before end of this year - maybe even before Xmas. As we don't have a version in stable, I'll prepare uploads of wheezy-backports and squeeze-backports once we're in jessie with the new version. Since the other security fixes haven't been backported to oldstable (yet), it seems not very logical to start with this (rather minor) one. Best, Kilian signature.asc Description: Digital signature ---End Message--- ---BeginMessage--- Source: fex Source-Version: 20150120-1 We believe that the bug you reported is fixed in the latest version of fex, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 773...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Kilian Krause kil...@debian.org (supplier of updated fex package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 20 Jan 2015 15:56:05 +0100 Source: fex Binary: fex fex-utils Architecture: source all Version: 20150120-1 Distribution: unstable Urgency: high Maintainer: Kilian Krause kil...@debian.org Changed-By: Kilian Krause kil...@debian.org Description: fex- web service for transferring very large files fex-utils - web service for transferring very large files (utils) Closes: 773751 774854 Changes: fex (20150120-1) unstable; urgency=high . * New upstream release: 20150120 (Closes: #773751) - SECURITY FIX: race condition between fur and fex_cleanup may create internal instead of external user - several small bugs are fixed - fexwall also mails to sub and group users - optional HTTP basic authentication for htdoc/ directory - several SSL/TLS related fixes including default TLS for https connections - locale selection in upload form, too - better SSL configuration for fexsend,fexget,sexsend - autoview option for fexget - save-or-display (MIME) option for download - new config variable $mail_authid to (dis)allow mailing of forgotten auth-IDs * Update lintian override to ignore :sexsend:sexget: symlink which is interpreted by fexsrv directly * Recommend ca-certificates to verify remote server in fex-utils * Don't fail in postinst while looking up fex in trusted_users (Closes: #774854) Checksums-Sha1: 56eef6cbcd725d710c90c1e62c38c6e0d47151e3 1875 fex_20150120-1.dsc 02bc8984d182e6c91cc3cdceeb5ddd892dc3b2c7 329119 fex_20150120.orig.tar.gz 7f83c372858406c26855725bf47702be67bd56d7 27784 fex_20150120-1.debian.tar.xz cfea967afd777b9ba048ffb7e10cf824abe9f1ae 265908 fex_20150120-1_all.deb f8e87ce8c2c20de53a488b2e6f41511f6d01feac 66466 fex-utils_20150120-1_all.deb Checksums-Sha256
Processed: Re: deng: has no human maintainer anymore
Processing control commands: severity -1 important Bug #775830 [doomsday] deng: has no human maintainer anymore Severity set to 'important' from 'serious' -- 775830: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775830 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775638: IPv6 database is corrupt
Thanks Patrick. One note - just like the v6 issue, the gdnsd test suite is detecting a genuine problem in the city DB. It is something wrong with the city DB creation tools that's causing it (i.e. not just an issue with the gdnsd tests). I just haven't finished tracking down exactly what the issue is yet. -Andrew On Jan 20, 2015 12:22 PM, Patrick Matthäi pmatth...@debian.org wrote: tag #775638 + confirmed clone #775638 -1 reassign -1 geoip-bin retitle -1 geoip-generator produces faulty v6/city database severity -1 grave found -1 1.6.2-3 thanks Hi Am 18.01.2015 um 05:21 schrieb Debian Bug Tracking System: Processing commands for cont...@bugs.debian.org: reassign 775638 geoip-database 20141027-1 Bug #775638 [src:gdnsd] gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2 Bug reassigned from package 'src:gdnsd' to 'geoip-database'. No longer marked as found in versions gdnsd/2.1.0-1. Ignoring request to alter fixed versions of bug #775638 to the same values previously set Bug #775638 [geoip-database] gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2 Marked as found in versions geoip-database/20141027-1. retitle 775638 IPv6 database is corrupt Bug #775638 [geoip-database] gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2 Changed Bug title to 'IPv6 database is corrupt' from 'gdnsd: FTBFS in jessie: dh_auto_test: make -j1 test returned exit code 2' severity 775638 grave Bug #775638 [geoip-database] IPv6 database is corrupt Severity set to 'grave' from 'serious' thanks thanks for spotting it. Curious that no one (also myself!) spotted it. The patch for the v6 database is just: --- geoip/branches/jessie/debian/src/geoip-csv-to-dat.cpp 2015-01-19 18:50:04 UTC (rev 5693) +++ geoip/branches/jessie/debian/src/geoip-csv-to-dat.cpp 2015-01-20 08:31:03 UTC (rev 5694) @@ -959,6 +959,7 @@ address_family = AF_INET; break; case '6': + database_type = GEOIP_COUNTRY_EDITION_V6; address_family = AF_INET6; break; case 'i': But Andrew found out that there is also an issue with the city database, which is working in general, but the gdnsd tests also fail. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#775044: openjdk-7: FTBFS: java.lang.RuntimeException: time is more than 10 years from present: 1104530400000
peter green wrote: I have just prepared a patch against wheezy's openjdk-6 to disable the timebomb code. I have attatched this patch which I am currently in the process of testing. I have tested that my patch results in succesful builds of openjdk-6 and openjdk-7 in raspbian wheezy. Debdiffs can be found at http://debdiffs.raspbian.org/main/o/openjdk-6/openjdk-6_6b33-1.13.5-2~deb7u1+rpi1.debdiff and http://debdiffs.raspbian.org/main/o/openjdk-7/openjdk-7_7u71-2.5.3-2~deb7u1%2brpi1.debdiff though it should be noted that they also contain other raspbian related changes. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#770492: [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks
On Sat, 17 Jan 2015, Ben Hutchings wrote: chown() and write() should clear all privilege attributes on a file - setuid, setgid, setcap and any other extended privilege attributes. However, any attributes beyond setuid and setgid are managed by the LSM and not directly by the filesystem, so they cannot be set along with the other attributes. Currently we call security_inode_killpriv() in notify_change(), but in case of a chown() this is too early - we have not called inode_change_ok() or made any filesystem-specific permission/sanity checks. Add a new function setattr_killpriv() which calls security_inode_killpriv() if necessary, and change the setattr() implementation to call this in each filesystem that supports xattrs. This assumes that extended privilege attributes are always stored in xattrs. It'd be useful to get some input from LSM module maintainers on this. e.g. doesn't SELinux already handle this via policy directives? -- James Morris jmor...@namei.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775866: vlc: multiple vulnerabilities
Hi! On Tue, Jan 20, 2015 at 09:47:26PM +0100, Yves-Alexis Perez wrote: CVEs should follow soon. Also, I guess Wheezy and Jessie are affected too, so a DSA might be needed. They were assigned now: http://www.openwall.com/lists/oss-security/2015/01/20/11 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#756253: Upgrade from 2.02~beta2-10 to 2.02~beta2-11 left grub unbootable
On Tue, Jan 20, 2015 at 01:44:37PM +, Steve McIntyre wrote: On Mon, Jan 19, 2015 at 07:42:37AM +0900, Mike Hommey wrote: On Sun, Jan 18, 2015 at 11:37:28AM +, Steve McIntyre wrote: The ENOSPC handling has been bad in the past, but it's not clear that was the cause of your original bug. :-/ *Now* it's a very bad state to be in, and may cause other problems too. On the Dell machine you have, I'm not personally aware of workarounds/fixes for it, but I know that on some machines re-flashing the firmware can force fix this by forcing cleaning of used space. After some googling, I cleaned up /sys/fs/pstore, which contained dmesg-* files, and that cleaned up /sys/firmware/efi/vars/ such that efibootmgr can do its job. Ah, OK. Phew. :-) There are a couple things happening, though. The first one is that it adds a debian entry. I'm not sure, though, that the grub entry name doesn't just come from me adding it manually with a different name (since, iirc, this very bug left me with no grub entry at all) than it had in the first place or if it /was/ named grub originally. So I do end up with 3 entries: grub, debian and Windows Boot Manager listed by efibootmgr. The automatic setup of grub-install calling efibootmgr won't be touching the grub entry at all - it's set up to only play with debian entries. So that should be safe. Was it always a debian entry? But then comes the second thing: when I reboot, the debian entry is lost. Poof, disappeared. And I do wonder if the initial problem is not related to that. That is still happening? Can you successfully re-create it each time? It happens reliably. efibootmgr displays it, but after a reboot, it's gone. Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773085: marked as done (xdg-utils: CVE-2014-9622: command injection vulnerability)
Your message dated Tue, 20 Jan 2015 21:17:12 + with message-id e1ydgai-0002rq...@franck.debian.org and subject line Bug#773085: fixed in xdg-utils 1.1.0~rc1+git20111210-6+deb7u2 has caused the Debian Bug report #773085, regarding xdg-utils: CVE-2014-9622: command injection vulnerability to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773085: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773085 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- package: src:xdg-utils severity: serious version: 1.0.2+cvs20100307-2 control: tag -1 patch control: forwarded -1 https://bugs.freedesktop.org/show_bug.cgi?id=66670 A command injection issue was disclosed for xdg-open: http://seclists.org/fulldisclosure/2014/Nov/36 Patch for testing here: https://bugs.freedesktop.org/attachment.cgi?id=109536 Best wishes, Mike ---End Message--- ---BeginMessage--- Source: xdg-utils Source-Version: 1.1.0~rc1+git20111210-6+deb7u2 We believe that the bug you reported is fixed in the latest version of xdg-utils, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 773...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert mgilb...@debian.org (supplier of updated xdg-utils package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 18 Jan 2015 23:02:46 + Source: xdg-utils Binary: xdg-utils Architecture: source all Version: 1.1.0~rc1+git20111210-6+deb7u2 Distribution: stable-security Urgency: high Maintainer: Per Olofsson pe...@debian.org Changed-By: Michael Gilbert mgilb...@debian.org Description: xdg-utils - desktop integration utilities from freedesktop.org Closes: 773085 Changes: xdg-utils (1.1.0~rc1+git20111210-6+deb7u2) stable-security; urgency=high . * Non-maintainer upload by the security team. * Fix command injection vulnerability in xdg-open (closes: #773085). Checksums-Sha1: 027362d50c30e281cd5f7e9772ba591d98d60f31 2722 xdg-utils_1.1.0~rc1+git20111210-6+deb7u2.dsc 5ff3bdce38395b73ebc499fd206685e4eb5ebfc5 327534 xdg-utils_1.1.0~rc1+git20111210.orig.tar.gz bcc8b500688e4fde726ab4b7fe633c0091fd01f0 11566 xdg-utils_1.1.0~rc1+git20111210-6+deb7u2.debian.tar.gz 4f95e3527409fdfa613ba6294dc1e5463197f70f 82480 xdg-utils_1.1.0~rc1+git20111210-6+deb7u2_all.deb Checksums-Sha256: 0a82f5c4c1c0de7ae6b88f7cc4733363ef7a93b67fcc161745243b41a248e1d5 2722 xdg-utils_1.1.0~rc1+git20111210-6+deb7u2.dsc cb1a9898d5c6dbf23d924e3d6b12df8ea2ab883380bda1f0d4b010bd86fd2015 327534 xdg-utils_1.1.0~rc1+git20111210.orig.tar.gz bbd8793ba4d7ddf42615a2e778ee0e0e75f9510cf455a2a14d67c490b7b629f9 11566 xdg-utils_1.1.0~rc1+git20111210-6+deb7u2.debian.tar.gz 1bcd90e7d198af7d9b79588b460a5254e4ee3b7d9bf52bcf47e04c1ed8db732b 82480 xdg-utils_1.1.0~rc1+git20111210-6+deb7u2_all.deb Files: 4421e1c14118c6d9900e11aa494d 2722 utils optional xdg-utils_1.1.0~rc1+git20111210-6+deb7u2.dsc 1238359ea2c99246e1ba8292c4eabd32 327534 utils optional xdg-utils_1.1.0~rc1+git20111210.orig.tar.gz 8fa0e0783519c073636eedfb8b502433 11566 utils optional xdg-utils_1.1.0~rc1+git20111210-6+deb7u2.debian.tar.gz e015fcc8f6794eae92fd0cfa891f5098 82480 utils optional xdg-utils_1.1.0~rc1+git20111210-6+deb7u2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQQcBAEBCgAGBQJUvD3NAAoJELjWss0C1vRzREwf/jFQ01WcHTHMW0LJA+E8pIur WkSCQaX4DX06JRoD8dhedm6abcxU6RGYZcK+YOwbyqlRW/e5ESMNN3r4r9W/LwWu lG8+FYY6drtycYSCGpR/vikj6X2sZFOBG0rfWaceKWNMyWXnOO4pMR6RY6ZXpsOk nR7OMmJhKFlBtxUJRAazksnJ4oqu1QnTdz14BqOYK/4md4vdtQ3vfGEA9i0Ym45l dbJuimywZAW9IG79yRqlwGJ5lUSBWlgp4KvmSwsTvEwQvVO772C/kK2SF2FrzdP7 Ud7bZvUz3nG3yTFLNadF3M6ANtI88YIECQwg6EunXZ28NuD2YXgeJX0P0U7q9hNI LNZ3QEcRH4huuvUFmia9lCQk26a6vIl4braXdcQ9BXsqiSoUAzAKpS5DxGCz58yk FF+25m6kuN81tKdKbORSeXiMgXHNRIDnCNdmldZunKyBb/EtCB0v2KZfQ3j9ho6v y3W5/kBy/w13r4C8dYOQZ+jVrJZxW0Y5XfiTeYVIfL8WXhyiRkpQo0Ci9nl2Vq1B Rqnpw0YJgb2orC/UiGztK1PrL9mfm860sYodJVPmhkJiAAuhRfAa6BzZu+pvnUbP z0omCkV0IZyVqny/5hx0lwcQFO6h+sKaBgtCiszdrUQkMNKtw4/5B41dnHhPRLLA f04/P25dEuz9tG851ZO7c7ZMkBamILUuvRWCUkQvPUCPzRZcXKQ6hVtWNLJ8x5gn MA60q4JP1U1YYwxSzsEowbCRqRJR8RGHbKkd0l5/f/lZWMn5aPIv+ipWm0teKqb5
Bug#775167: marked as done (privoxy: CVE-2015-1030 CVE-2015-1031)
Your message dated Tue, 20 Jan 2015 21:17:07 + with message-id e1ydgad-0002qa...@franck.debian.org and subject line Bug#775167: fixed in privoxy 3.0.19-2+deb7u1 has caused the Debian Bug report #775167, regarding privoxy: CVE-2015-1030 CVE-2015-1031 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 775167: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775167 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: privoxy Severity: grave Tags: security Hi Roland, privoxy 3.0.22 fixes security issues: http://www.privoxy.org/announce.txt Fixed a memory leak when rejecting client connections due to the socket limit being reached (CID 66382). This affected Privoxy 3.0.21 when compiled with IPv6 support (on most platforms this is the default). - This is CVE-2015-1030 Fixed an immediate-use-after-free bug (CID 66394) and two additional unconfirmed use-after-free complaints made by Coverity scan (CID 66391, CID 66376). - This is CVE-2015-1031 Since jessie is in freeze, please make a targeted upload instead of moving to the full 3.0.22 release. Cheers, Moritz ---End Message--- ---BeginMessage--- Source: privoxy Source-Version: 3.0.19-2+deb7u1 We believe that the bug you reported is fixed in the latest version of privoxy, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 775...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Roland Rosenfeld rol...@debian.org (supplier of updated privoxy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 17 Jan 2015 17:20:15 +0100 Source: privoxy Binary: privoxy Architecture: source amd64 Version: 3.0.19-2+deb7u1 Distribution: stable-security Urgency: medium Maintainer: Roland Rosenfeld rol...@debian.org Changed-By: Roland Rosenfeld rol...@debian.org Description: privoxy- Privacy enhancing HTTP Proxy Closes: 775167 Changes: privoxy (3.0.19-2+deb7u1) stable-security; urgency=medium . * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map only consists of one item. CID 66394. * 36_CVE-2015-1031-CID66376: pcrs_execute(): Consistently set *result to NULL in case of errors. Should make use-after-free in the caller less likely. CID 66391, CID 66376. * These 2 patches Closes: #775167. Checksums-Sha1: 274db380555a7b899fa5c19bb40d6800f2d4a57e 1824 privoxy_3.0.19-2+deb7u1.dsc a82287cbf48375ef449d021473a366baeca49250 1722316 privoxy_3.0.19.orig.tar.gz b9b38021e8ddfee8cd81e90880aebe8d06a9a307 20601 privoxy_3.0.19-2+deb7u1.debian.tar.gz 3c3f708b11ce8e9bc2e6a045f202db8e7e133bb5 633578 privoxy_3.0.19-2+deb7u1_amd64.deb Checksums-Sha256: 467f568a1ae13e86de0418635c3cf60e6dc031b510ffdc0f7a0bfd782f97aab0 1824 privoxy_3.0.19-2+deb7u1.dsc 816e627b31caa3d9e71d0a8b83ac9ea7dcbeaaafef3c9a9c792696aa56255232 1722316 privoxy_3.0.19.orig.tar.gz f2ebbde919e0bc0a206cd1c1680fcb5c55f7cf5c8b31686d22bdcfb21c7e5dd3 20601 privoxy_3.0.19-2+deb7u1.debian.tar.gz 9af0c6b317f69fd865415a93390f63ca65a0dc66e9442250a072c436d70906df 633578 privoxy_3.0.19-2+deb7u1_amd64.deb Files: d63736b5d5a8615d4fa18aa949182157 1824 web optional privoxy_3.0.19-2+deb7u1.dsc 57acc79059565cc42eda67982842785d 1722316 web optional privoxy_3.0.19.orig.tar.gz f23ce084f150727ebc018d4da45ac8c4 20601 web optional privoxy_3.0.19-2+deb7u1.debian.tar.gz df4fae1a8cc852f62d42c24570e0dfa6 633578 web optional privoxy_3.0.19-2+deb7u1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJUuuR5AAoJEBDCk7bDfE42zC4QAIMUHFUukDIJe9i5WVe86CzL 43sgxJFB5g/udMKQkDSe/yqxnO6ShR53BVx56U7oAhE6UwQIrNI2JAO3aND5kpH+ krhfMNSmFUkxJKNr02VDRIdmAZg/B01c1LOjJS8vKsXo4jwISNPnQJLMQxbDh22U ytPk6wKXdf8FHnXqjy4YMgvkINX16UZxjYghQQKMEGc9Lmouay4+uVg4Ac8LImHm ErVk6tEyAG/wdvvyGj9qvPkmvgT9+fXPYIELRsr8V5EytBe6Is9U5PbaT+ecQWiB SOYB5hkyt/vZMIKPaAqLB52yZei/tkPtlCA2dRAha+mJa1QBoZodIjQmj0XxeR+G VxcYD9QSiykF/3XDWAiFjiQYqLfdy5k0BojbKxN5L+Ma/upDNXmr4djHodh6gueh 1YBruPoYZV7nhGrcbzSwIp0cEE1Pj2CBmXT8mmLqhL01VnfrhFaLJ2JYCdLyIZVd c8DVyDdteG6313vMgJH5WVNWBkw0OJXY/T+cPhdTc/V3uNV5L+QVfju5WTJUAiAq mCIQRBSERsdgkRnaef+XLcOpMt14QOm+gGuf0bJh3vvzF0cSw/DI/+SqINWSux6r
Bug#770492: [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks
On 1/20/2015 3:17 PM, James Morris wrote: On Sat, 17 Jan 2015, Ben Hutchings wrote: chown() and write() should clear all privilege attributes on a file - setuid, setgid, setcap and any other extended privilege attributes. However, any attributes beyond setuid and setgid are managed by the LSM and not directly by the filesystem, so they cannot be set along with the other attributes. Currently we call security_inode_killpriv() in notify_change(), but in case of a chown() this is too early - we have not called inode_change_ok() or made any filesystem-specific permission/sanity checks. Add a new function setattr_killpriv() which calls security_inode_killpriv() if necessary, and change the setattr() implementation to call this in each filesystem that supports xattrs. This assumes that extended privilege attributes are always stored in xattrs. It'd be useful to get some input from LSM module maintainers on this. I've already chimed in. Clearing the Smack label on a file because someone writes to it makes no sense whatsoever. The same with chown. The Smack label is attached to the object, which is a container of data, not the data itself. Smack labels are Mandatory Access Control labels, not Information labels. If that doesn't mean anything to the reader, check out the P1003.1e/2c (withdrawn) DRAFT. The proposed implementation does not correctly handle either Mandatory Access Control labels or Information labels. The MAC label is *very different* from the setuid bit. e.g. doesn't SELinux already handle this via policy directives? -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#768095: marked as done (openvswitch-datapath-dkms fails to build on Debian 7.7 3.2.0-4-amd64 (3.2.63-2+deb7u1))
Your message dated Tue, 20 Jan 2015 21:17:06 + with message-id e1ydgac-0002pq...@franck.debian.org and subject line Bug#768095: fixed in openvswitch 1.4.2+git20120612-9.1~deb7u1.1 has caused the Debian Bug report #768095, regarding openvswitch-datapath-dkms fails to build on Debian 7.7 3.2.0-4-amd64 (3.2.63-2+deb7u1) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 768095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: openvswitch-datapath-dkms Version: 1.4.2+git20120612-9.1~deb7u1 Severity: important Dear Maintainer, apt-get install openvswitch-datapath-dkms fails with the following error in /var/lib/dkms/openvswitch/1.4.2+git20120612/build/make.log : /var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux/tunnel.c: In function 'ovs_tnl_send': /var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux/tunnel.c:1294:3: warning: passing argument 1 of 'ip_select_ident' from incompatible pointer type [enabled by default] /usr/src/linux-headers-3.2.0-4-common/include/net/ip.h:292:20: note: expected 'struct sk_buff *' but argument is of type 'struct iphdr *' /var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux/tunnel.c:1294:3: warning: passing argument 2 of 'ip_select_ident' from incompatible pointer type [enabled by default] /usr/src/linux-headers-3.2.0-4-common/include/net/ip.h:292:20: note: expected 'struct sock *' but argument is of type 'struct dst_entry *' /var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux/tunnel.c:1294:3: error: too many arguments to function 'ip_select_ident' /usr/src/linux-headers-3.2.0-4-common/include/net/ip.h:292:20: note: declared here make[4]: *** [/var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux/tunnel.o] Error 1 make[3]: *** [_module_/var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux] Error 2 make[2]: *** [sub-make] Error 2 make[1]: *** [all] Error 2 make[1]: Leaving directory `/usr/src/linux-headers-3.2.0-4-amd64' make: *** [default] Error 2 make: Leaving directory `/var/lib/dkms/openvswitch/1.4.2+git20120612/build/datapath/linux' This bug has already been reported in Ubuntu 12.04 : https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1379201 Here is a proposed patch by Chris J Arges chris.j.ar...@ubuntu.com (only patching tunnel.c is sufficient to build openvswitch-datapath-dkms) : --- datapath/tunnel.c.orig 2014-11-04 23:12:12.0 +0100 +++ datapath/tunnel.c 2014-11-04 23:14:26.397708868 +0100 @@ -1291,7 +1291,22 @@ iph-tos = tos; iph-ttl = ttl; iph-frag_off = frag_off; - ip_select_ident(iph, rt_dst(rt), NULL); + + /* +* linux commits 703133de, 73f156a6 changed this function +* affected stable versions are: 3.13.11.7, 3.2.63 +*/ +#if LINUX_VERSION_CODE = KERNEL_VERSION(3,13,11) /* commit 73f156a6 */ +ip_select_ident(skb, rt_dst(rt)); +#elif LINUX_VERSION_CODE = KERNEL_VERSION(3,13,0) /* commit 703133de */ +ip_select_ident(skb, rt_dst(rt), NULL); +#elif LINUX_VERSION_CODE = KERNEL_VERSION(3,2,63) /* commit 73f156a6 */ +ip_select_ident(skb, rt_dst(rt)); +#elif LINUX_VERSION_CODE = KERNEL_VERSION(3,2,51) /* commit 703133de */ +ip_select_ident(skb, rt_dst(rt), NULL); +#else +ip_select_ident(iph, rt_dst(rt), NULL); +#endif skb = tnl_vport-tnl_ops-update_header(vport, mutable, rt_dst(rt), skb); -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openvswitch-datapath-dkms depends on: ii dkms 2.2.0.3-1.2 ii libc6-dev 2.13-38+deb7u6 ii make 3.81-8.2 openvswitch-datapath-dkms recommends no packages. openvswitch-datapath-dkms suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Source: openvswitch Source-Version: 1.4.2+git20120612-9.1~deb7u1.1 We believe that the bug you reported is fixed in the latest version of openvswitch, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for
Bug#767028: ovirt-guest-agent: fails to install
On 2015-01-10 15:05, Holger Levsen wrote: This seems to be an udevadm 'bug' instead, it can't handle unreachable /proc/cmdline . Is there any policy that a package should install while /proc is unavailable? packages may be in non working state, but I'd argue that installation itself must still not fail... after adding set -x to the postinst I get # dpkg --configure --pending Setting up ovirt-guest-agent (1.0.10.2.dfsg-1) ... + set -e + udevadm control --reload-rules dpkg: error processing package ovirt-guest-agent (--configure): subprocess installed post-installation script returned error exit status 2 Errors were encountered while processing: ovirt-guest-agent Well, udevadm inside the chroot is not able to manipulate the udev on the host. And we better keep it this way :-) udev itself checks whether it is being installed in a chroot and does take no action (like (re-)starting itself) this case there is a ischroot utility (in debianutils) that could be used to guard the udevadm actions in your postinst: if not ischroot; then udevadm --foo --bar fi Andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#756253: Upgrade from 2.02~beta2-10 to 2.02~beta2-11 left grub unbootable
On Wed, Jan 21, 2015 at 06:55:05AM +0900, Mike Hommey wrote: On Tue, Jan 20, 2015 at 01:44:37PM +, Steve McIntyre wrote: The automatic setup of grub-install calling efibootmgr won't be touching the grub entry at all - it's set up to only play with debian entries. So that should be safe. Was it always a debian entry? As far back as I remember, yes. But then comes the second thing: when I reboot, the debian entry is lost. Poof, disappeared. And I do wonder if the initial problem is not related to that. That is still happening? Can you successfully re-create it each time? It happens reliably. efibootmgr displays it, but after a reboot, it's gone. OK, now that's just *weird* and suggests a firmware bug to me. I'd be tempted to try and create an exact copy with another name and see how that works, but I'm struggling to understand what's going on here now! -- Steve McIntyre, Cambridge, UK.st...@einval.com You can't barbecue lettuce! -- Ellie Crane -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: ciderwebmail: unhandled symlink to directory conversion: /usr/share/ciderwebmail/root/static/images/mimeicons
Processing control commands: found -1 1.05-4 Bug #774862 {Done: gregor herrmann gre...@debian.org} [ciderwebmail] ciderwebmail: unhandled symlink to directory conversion: /usr/share/ciderwebmail/root/static/images/mimeicons Marked as found in versions ciderwebmail/1.05-4; no longer marked as fixed in versions ciderwebmail/1.05-4 and reopened. -- 774862: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774862 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#774862: ciderwebmail: unhandled symlink to directory conversion: /usr/share/ciderwebmail/root/static/images/mimeicons
Followup-For: Bug #774862 Control: found -1 1.05-4 The .maintscript needs a small fix to actually work as intended: vvv -symlink_to_dir /usr/share/ciderwebmail/root/static/images/mimeicons ../../../../images/http-icons 1.05-4~ +symlink_to_dir /usr/share/ciderwebmail/root/static/images/mimeicons ../../../../images/http-icons/ 1.05-5~ ^^^ If a relative target is used, it must match exactly what $(readlink /usr/share/ciderwebmail/root/static/images/mimeicons) returns - in this case including the trailing slash: /usr/share/ciderwebmail/root/static/images/mimeicons/application-epub+zip.png (ciderwebmail) != /usr/share/images/http-icons/application-epub+zip.png (?) /usr/share/ciderwebmail/root/static/images/mimeicons - ../../../../images/http-icons/ ^^^ Don't forget the version bump! Andreas ciderwebmail_1.05-4.log.gz Description: application/gzip
Bug#754565: Non free icc profile
Package: moodle Followup-For: Bug #754565 Hi, This bug has been open for a while, with no response. Files that forbid modification are not DFSG-free, so you will need to remove lib/tcpdf/include/sRGB.icc from the moodle package. However, note that the file that you want is in the non-free package isc- profiles under the name sRGB_IEC61966-2-1_black_scaled.icc, so you may want to add Suggests: isc-profiles to d/control. Please write back within one week, or I will file an RM bug. (You don't have to have it fixed by then, I just need to know that someone is working on it. :-) ) Yours thankfully, Riley Baird -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#755202: My Fix in Gentoo
I had the same problem in Gentoo linux. I am by no means a network expert. I had this warning in NM log. warn error in connection /etc/NetworkManager/system-connections/.keep_net-misc_networkmanager-0: invalid connection: connection.type: property is missing So I removed the the following file /etc/NetworkManager/system-connections/.keep_net-misc_networkmanager-0 I also had this file /etc/NetworkManager/system-connections/eth0 with this content: [ethernet] mac-address=10:C3:7B:AC:3B:23 [connection] id=Wired uuid=593aa2f2-5673-401a-823b-519d68e4dde2 type=ethernet [ipv6] method=ignore [ipv4] method=auto may-fail=false So I changed its name to Wired as it was the id. The r8169 kernel module was also buggy in my case so that it could not get an IP address when I was working in my workplace. So I switched to r8168 module. Everything looks OK now. I hope this info help you also. -- Sincerely, Keivan
Bug#775877: gnome-session: No mouse pointer after login
Package: gnome-session Version: 3.14.0-2 Severity: grave Tags: upstream Justification: renders package unusable Dear Maintainer, * What led up to the situation? I upgraded all packages with apt-get upgrade. after the upgrade, when starting gdm, everything seems fine, but afer logging in, the mouse disappears. In addition to that some settings like backlight brightness can't be set through the gnome control center, and trying to set it causes the following Jan 20 16:46:15 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:15 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:15 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:15 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:16 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:16 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:16 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:16 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:17 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:17 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:17 jessie gnome-session[1888]: Gjs-Message: JS LOG: Could not set property Brightness on remote object /org/gnome/SettingsDaemon/Power: Timeout was reached Jan 20 16:46:18 jessie gnome-session[1888]: ** Jan 20 16:46:18 jessie gnome-session[1888]: GLib-GIO:ERROR:/tmp/buildd/glib2.0-2.42.1/./gio/gdbusconnection.c:4231:invoke_set_property_in_idle_cb: assertion failed: (error != NULL) Jan 20 16:46:18 jessie gnome-session[1888]: x-session-manager[1888]: WARNING: Application 'gnome-settings-daemon.desktop' killed by signal 6 Jan 20 16:46:18 jessie x-session-manager[1888]: WARNING: Application 'gnome-settings-daemon.desktop' killed by signal 6 Jan 20 16:46:19 jessie dbus[741]: [system] Activating via systemd: service name='org.freedesktop.timedate1' unit='dbus-org.freedesktop.timedate1.service' Jan 20 16:46:19 jessie dbus[741]: [system] Successfully activated service 'org.freedesktop.timedate1' Jan 20 16:46:19 jessie systemd-timedated[2453]: /etc/localtime should be a symbolic link to a time zone data file in /usr/share/zoneinfo/. Jan 20 16:46:19 jessie dbus[741]: [system] Activating via systemd: service name='org.freedesktop.GeoClue2' unit='geoclue.service' Jan 20 16:46:19 jessie dbus[741]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' Jan 20 16:46:19 jessie dbus[741]: [system] Successfully activated service 'org.freedesktop.GeoClue2' Jan 20 16:46:19 jessie colord: Profile added: icc-e96f5d7bbad5e220cedbde4e881ef289 Jan 20 16:46:19 jessie dbus[741]: [system] Successfully activated service 'org.freedesktop.hostname1' Jan 20 16:46:24 jessie /etc/gdm3/Xsession[1888]: openConnection: connect: No such file or directory Jan 20 16:46:24 jessie /etc/gdm3/Xsession[1888]: cannot connect to brltty at :0 switching consoles and back to the X-console makes the mouse pointer come back and everything else work. * Here is the syslog logs when logging in Jan 20 19:46:54 jessie dbus[741]: [system] Activating via systemd: service name='org.freedesktop.GeoClue2' unit='geoclue.service' Jan 20 19:46:54 jessie dbus[741]: [system] Successfully activated service 'org.freedesktop.GeoClue2' Jan 20
Bug#775881: mysql-5.5: Multiple security fixes from January 2015 CPU
Source: mysql-5.5 Version: 5.5.23-2 Severity: grave Tags: security upstream patch fixed-upstream Hi As usual at this time of the year, there was a new Oracle Patch Update including updates for MySQL, see: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775276: marked as done (condor: CVE-2014-8126)
Your message dated Wed, 21 Jan 2015 06:03:39 + with message-id e1ydoob-0004my...@franck.debian.org and subject line Bug#775276: fixed in condor 8.2.3~dfsg.1-6 has caused the Debian Bug report #775276, regarding condor: CVE-2014-8126 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 775276: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775276 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: condor Severity: grave Tags: security Justification: user security hole Hi, please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8126 for details and a patch. Cheers, Moritz ---End Message--- ---BeginMessage--- Source: condor Source-Version: 8.2.3~dfsg.1-6 We believe that the bug you reported is fixed in the latest version of condor, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 775...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Hanke m...@debian.org (supplier of updated condor package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 16 Jan 2015 18:59:12 +0100 Source: condor Binary: htcondor htcondor-dev htcondor-doc htcondor-dbg libclassad-dev libclassad7 condor condor-doc condor-dev condor-dbg Architecture: source amd64 all Version: 8.2.3~dfsg.1-6 Distribution: unstable Urgency: medium Maintainer: HTCondor Developers condor-deb...@cs.wisc.edu Changed-By: Michael Hanke m...@debian.org Description: condor - transitional dummy package condor-dbg - transitional dummy package condor-dev - transitional dummy package condor-doc - transitional dummy package htcondor - distributed workload management system htcondor-dbg - distributed workload management system - debugging symbols htcondor-dev - distributed workload management system - development files htcondor-doc - distributed workload management system - documentation libclassad-dev - HTCondor classads expression language - development library libclassad7 - HTCondor classads expression language - runtime library Closes: 775276 Changes: condor (8.2.3~dfsg.1-6) unstable; urgency=medium . [Alex Waite] * Upstream security fix: Authenticated users could execute arbitrary code as the condor user due to a bug in the way the condor daemon sent email notifications (CVE-2014-8126). (Closes: #775276) Checksums-Sha1: 634ef9b6508aab801fc231048eae9a7f9e59069c 3023 condor_8.2.3~dfsg.1-6.dsc 440ebe726e74f665d03406e5492055634f148d9f 71560 condor_8.2.3~dfsg.1-6.debian.tar.xz 4aeeb24fe40263b8d10afbb064e8dd4e566ab42e 3999274 htcondor_8.2.3~dfsg.1-6_amd64.deb bbbe9adc9bb598fd6e9e661e5e8b9043ec64a46f 268194 htcondor-dev_8.2.3~dfsg.1-6_amd64.deb f76d82e6cb696be88c3fa02554d95f894c1599e9 1026378 htcondor-doc_8.2.3~dfsg.1-6_all.deb ee7dfa4ac992adce9fba0f78d32d3f7127f3cdbb 33380768 htcondor-dbg_8.2.3~dfsg.1-6_amd64.deb 32fa77d9418c40b77a9bfe2e40f1bbdaeacc86ab 247636 libclassad-dev_8.2.3~dfsg.1-6_amd64.deb 10fa0b8da5d35848df2ac1eba600966b40ecca78 197704 libclassad7_8.2.3~dfsg.1-6_amd64.deb 455770010cfb084e52e57e1c5a744e1e289dbe63 14476 condor_8.2.3~dfsg.1-6_all.deb 8bcfe721cbd5cdb9e6c49faa7bf82d19f07ca5d3 14490 condor-doc_8.2.3~dfsg.1-6_all.deb 5fa967533d32c93d61be505735470eced17e0765 14498 condor-dev_8.2.3~dfsg.1-6_all.deb 1e57c5827d5937b2aa55db9e80df58b1869023a1 14502 condor-dbg_8.2.3~dfsg.1-6_all.deb Checksums-Sha256: 83896b837439812c0a27ed6d20784a2679b3f14124c6b08868558bd8531324f6 3023 condor_8.2.3~dfsg.1-6.dsc 1d479b9b00686bcd9a67582c892d26a52da4218dc4385ab05664f87b79820a29 71560 condor_8.2.3~dfsg.1-6.debian.tar.xz fdfd95983482f77cf5e960d6a372713d7dce4acda29fc400d488c3d3a125e779 3999274 htcondor_8.2.3~dfsg.1-6_amd64.deb e950f4da59823881db14ec5f19e5b33229f21fda4db5860ac37e7a4b8ea09f92 268194 htcondor-dev_8.2.3~dfsg.1-6_amd64.deb 10eaa13291827d3eb7294840c6b66bbd0231204543aef64bef8271668e5d4ef3 1026378 htcondor-doc_8.2.3~dfsg.1-6_all.deb 66e61bb737d787567c2bca152c71b57574561475673962923c60d1ec57cd91f3 33380768 htcondor-dbg_8.2.3~dfsg.1-6_amd64.deb 78ec90a1e93788d1cdfc94f86977ff8257eb4cc5ee6d5881349e92bb183a9299 247636 libclassad-dev_8.2.3~dfsg.1-6_amd64.deb
Bug#775795: [Pkg-puppet-devel] Bug#775795: puppet: Service's debian provider assumes SysV init
Faidon Liambotis parav...@debian.org writes: On Debian systems (i.e. on $::operatingsystem == debian), the default provider is debian; this is a separate provider that inherits the init provider but overrides a few methods to add invoke-rc.d support. The systemd provider, on the other hand, is default only for osfamily archlinux and for osfamily redhat operatingsystemmajrelease 7. Is Puppet *using* invoke-rc.d for all actions? If so, this should actually work properly, I think, since that should use systemd where appropriate. Or did you mean update-rc.d instead of invoke-rc.d? However, this means that Service (without an explicit provider) is broken for at least those two use cases: - enable = false/true doesn't work for packages that ship a systemd unit file, - Service doesn't work at all with user-supplied systemd units or for (custom, mostly) packages that do not ship init.d scripts. At first glance, and without looking at any of the details, it seems like an appropriate fix would be for Puppet to just use the service command for start/stop/restart/reload/status, and update-rc.d for enable/disable. That should do the right thing in all three init systems. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775699: marked as done (libgaviotatb-dev is broken: undefined reference to `z_uncompress')
Your message dated Wed, 21 Jan 2015 05:48:22 + with message-id e1ydo9o-0002mh...@franck.debian.org and subject line Bug#775699: fixed in gaviotatb 0.4-2 has caused the Debian Bug report #775699, regarding libgaviotatb-dev is broken: undefined reference to `z_uncompress' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 775699: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775699 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: libgaviotatb-dev Version: 0.4-1 Severity: grave Hi, libgaviotatb-dev seems to be broken: % gcc main.c -lpthread -lm -lgaviotatb /usr/lib/gcc/x86_64-linux-gnu/4.9/../../../../lib/libgaviotatb.so: undefined reference to `z_uncompress' /usr/lib/gcc/x86_64-linux-gnu/4.9/../../../../lib/libgaviotatb.so: undefined reference to `z_compress2' collect2: error: ld returned 1 exit status With main.c: #include gtb-probe.h int main() { tb_init(0, 0, NULL); } I rebuilt the package and the c file now builds without error. Could you please request a rebuild or fix this in another way? Thanks, Vincent -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libgaviotatb-dev depends on: ii libgaviotatb1 0.4-1 Versions of packages libgaviotatb-dev recommends: ii gaviotatb 0.4-1 libgaviotatb-dev suggests no packages. ---End Message--- ---BeginMessage--- Source: gaviotatb Source-Version: 0.4-2 We believe that the bug you reported is fixed in the latest version of gaviotatb, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 775...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Varun Hiremath va...@debian.org (supplier of updated gaviotatb package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 20 Jan 2015 23:56:15 -0500 Source: gaviotatb Binary: libgaviotatb-dev libgaviotatb1 gaviotatb Architecture: source amd64 all Version: 0.4-2 Distribution: unstable Urgency: medium Maintainer: Varun Hiremath va...@debian.org Changed-By: Varun Hiremath va...@debian.org Description: gaviotatb - Gaviota chess endgame tablebases libgaviotatb-dev - Gaviota chess endgame tablebase probing library libgaviotatb1 - Gaviota chess endgame tablebase probing library (development pack Closes: 775699 Changes: gaviotatb (0.4-2) unstable; urgency=medium . * Incorporate patch by Mathieu Malaterre, fix linking errors (Closes: #775699) Checksums-Sha1: eb820c3864140b9c1b55f3961c99b508b460aa87 1988 gaviotatb_0.4-2.dsc 76c2ed7faa15eaf5130980a41d4bb06b27079ddd 4580 gaviotatb_0.4-2.debian.tar.xz eb02c7e521a3761d349d826372e4b714ec17cdf4 52504 libgaviotatb-dev_0.4-2_amd64.deb da6431593bf586c8af49652c9877491118d5bc59 46134 libgaviotatb1_0.4-2_amd64.deb db4e3e92f92ae0fd5c51fbf0aadcfb6b223042ec 288464 gaviotatb_0.4-2_all.deb Checksums-Sha256: 6636463fb113c8768b2fe87ff14dfc6101166a88ab3edad4c195e42c0cc84f51 1988 gaviotatb_0.4-2.dsc d3a66d7584be5987e1c7efaa8884eaf007a801be410a8fb0f08fe870e1611be6 4580 gaviotatb_0.4-2.debian.tar.xz 43ec2baa68f83dc6dd1d478be31c84dc976d05095350512110e8e1df023e9de0 52504 libgaviotatb-dev_0.4-2_amd64.deb 59d775b74d3e9ae7fe576613f360cb810cfd8f08cb91d2264c48be9e4d7ed0a4 46134 libgaviotatb1_0.4-2_amd64.deb f801d3e35914b24277c85f3a0450d3fbdcf7dab5acaaaff8f426ae19053ff3e4 288464 gaviotatb_0.4-2_all.deb Files: 23ece47d80d37b9cc75744bb14406a28 1988 libs extra gaviotatb_0.4-2.dsc f23462faa706dfd42988253433a3bb1e 4580 libs extra gaviotatb_0.4-2.debian.tar.xz 8b08efb59ea23f52fb057d7b9f966020 52504 libdevel extra libgaviotatb-dev_0.4-2_amd64.deb 44a2ad50ee2b093120c8be278302f538 46134 libs extra libgaviotatb1_0.4-2_amd64.deb 9df8fcacd0affc66b7be446207208a65 288464 database extra gaviotatb_0.4-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12
Bug#775882: mariadb-10.0: affected by CVEs of the Oracle Patch Update for January 2015?
Source: mariadb-10.0 Version: 10.0.15-3 Severity: grave Tags: security Hi MariaDB maintainers! As you might have seen there is a new Oracle Patch Update including updates for MySQL 5.5. I'm filling this bug to just have it double-checked as mariadb.com does not list yet new versions afaics: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL Could you update this bug once it is know which CVEs also affects the mariadb-10.0 codebase? Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775889: breaks init scripts with .sh suffix
Package: systemd Version: 215-9 Severity: serious Tags: upstream confirmed patch Michael points out a regression in 215-9 wrt. handling init scripts with a .sh suffix. This is closely related, but not identical to #775404, so let's track it as a separate bug. I posted a fix with a test case to the upstream ML: http://lists.freedesktop.org/archives/systemd-devel/2015-January/027245.html Martin - Forwarded message from Michael Biebl bi...@debian.org - Date: Thu, 15 Jan 2015 01:25:34 +0100 From: Michael Biebl bi...@debian.org To: Niels Thykier ni...@thykier.net, 775...@bugs.debian.org, Martin Pitt mp...@debian.org CC: Cyril Brulebois k...@debian.org, pkg-systemd-maintain...@lists.alioth.debian.org Subject: Re: Bug#775265: unblock: systemd/215-9 X-Spam-Status: No, score=0.8 required=3.4 tests=BAYES_00,DNS_FROM_AHBL_RHSBL, T_RP_MATCHES_RCVD autolearn=no version=3.3.2 Am 13.01.2015 um 17:04 schrieb Niels Thykier: Control: tags -1 d-i Ok from RT, CC'ing KiBi for d-i ACK. Original message quoted below for KiBi's convenience. :) ~Niels On 2015-01-13 12:07, Martin Pitt wrote: | [ Michael Biebl ] | * sysv-generator: handle Provides: for non-virtual facility names. | (Closes: #774335) RC bug. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=7024b5117a A user reported a nasty regression via IRC regarding this patch. For SysV init scripts having a .sh extension, we create a foo.service - foo.service symlink, and subsequently, systemctl start/stop/restart foo.service will fail: # apt-get install console-common Setting up console-common (0.7.88) ... Looking for keymap to install: NONE update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults Failed to start keymap.service: Unit keymap.service failed to load: Too many levels of symbolic links. invoke-rc.d: initscript keymap.sh, action start failed. dpkg: error processing package console-common (--configure): subprocess installed post-installation script returned error exit status 6 Errors were encountered while processing: console-common Will need to fix that in a follow-up upload. Sorry for this. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? - End forwarded message - -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature
Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427
Package: virtualbox Severity: grave Tags: security Justification: user security hole No specific details available yet: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427
On 01/21/2015 12:53 PM, Moritz Muehlenhoff wrote: Package: virtualbox Severity: grave Tags: security Justification: user security hole No specific details available yet: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Cheers, Moritz The following matrix is what I could grab. http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixOVIR CVE-2014-6595 Oracle VM VirtualBoxNoneVMSVGA device No 3.2 Local Low Single NonePartial+Partial+VirtualBox prior to 4.3.20 See Note 3 CVE-2014-6588 Oracle VM VirtualBoxNoneVMSVGA device No 3.2 Local Low Single NonePartial+Partial+VirtualBox prior to 4.3.20 See Note 3 CVE-2014-6589 Oracle VM VirtualBoxNoneVMSVGA device No 3.2 Local Low Single NonePartial+Partial+VirtualBox prior to 4.3.20 See Note 3 CVE-2014-6590 Oracle VM VirtualBoxNoneVMSVGA device No 3.2 Local Low Single NonePartial+Partial+VirtualBox prior to 4.3.20 See Note 3 CVE-2015-0427 Oracle VM VirtualBoxNoneVMSVGA device No 3.2 Local Low Single NonePartial+Partial+VirtualBox prior to 4.3.20 See Note 3 CVE-2015-0418 Oracle VM VirtualBoxNoneCoreNo 2.1 Local Low NoneNoneNonePartial+VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, 4.2.28 *Notes:* 1. This fix also addresses CVE-2014-0231, CVE-2014-0118 and CVE-2014-5704. 2. This fix also addresses CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470 and CVE-2014-0076. 3. VMSVGA virtual graphics device is not documented and is disabled by default. @Moritz: There's nothing more detailed than the statement that all versions proior to 4.3.20 are vulnerable. 4.3.20 is in experimental right now. -- Ritesh Raj Sarraf RESEARCHUT - http://www.researchut.com Necessity is the mother of invention. signature.asc Description: OpenPGP digital signature
Bug#775356: Evolved patch
Here's a cosmetically evolved patch which I'll commit and release shortly. Thanks! -- Thomas diff --git a/etc/dhcp/dhclient-enter-hooks.d/resolvconf b/etc/dhcp/dhclient-enter-hooks.d/resolvconf index 529504b..cf61615 100644 --- a/etc/dhcp/dhclient-enter-hooks.d/resolvconf +++ b/etc/dhcp/dhclient-enter-hooks.d/resolvconf @@ -45,27 +45,26 @@ if [ -x /sbin/resolvconf ] ; then # It gets run later (or, in the TIMEOUT case, MAY get run later) make_resolv_conf() { local R - local nameserver - local zone_id + local N + local N_LOW + local ZONE_ID R= if [ $new_dhcp6_name_servers ] [ $new_dhcp6_domain_search ] ; then R=${R}search $new_dhcp6_domain_search fi - shopt -s nocasematch - for nameserver in $new_dhcp6_name_servers ; do - + for N in $new_dhcp6_name_servers ; do # If the nameserver has a link-local address # then add a zone ID (interface name) to it. -if [[ $nameserver =~ ^fe80:: ]] ; then - zone_id=%$interface +N_LOW=$(echo $N | tr '[:upper:]' '[:lower:]') +if expr $N_LOW : ^fe80:: /dev/null ; then + ZONE_ID=%$interface else - zone_id= + ZONE_ID= fi -R=${R}nameserver $nameserver$zone_id +R=${R}nameserver $N$ZONE_ID done - shopt -u nocasematch [ ! $interface ] || echo -n $R | /sbin/resolvconf -a ${interface}.ip6.dhclient } ;;
Bug#775866: vlc: multiple vulnerabilities
Source: vlc Version: 2.1.5-1 Severity: grave Tags: security Justification: user security hole Hi, multiple vulnerabilities were reported against vlc 2.1.5. The complete mail is at http://seclists.org/oss-sec/2015/q1/187 but at least the following vulnerabilities are fixed in vlc master branch: * Buffer overflow in updater: https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14 * Buffer overflow in mp4 demuxer: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39 * Potential buffer overflow in Schroedinger Encoder https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5 * Invalid memory access in rtp code: https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97 * Null-pointer dereference in dmo codec: https://github.com/videolan/vlc/commit/229c385a79d48e41687fae8b4dfeaeef9c8c3eb7 And there are unfixed ones: * The potential buffer overflow in the Dirac Encoder was not fixed as the Dirac encoder no longer exists in the master branch. * The potential invalid writes in modules/services_discovery/sap.c and modules/access/ftp.c were not fixed as I did not provide a trigger. Note, that the code looks very similar to the confirmed bug in rtp_packetize_xiph_config, and so I leave it to you to decide whether you want to patch this. CVEs should follow soon. Also, I guess Wheezy and Jessie are affected too, so a DSA might be needed. Regards, -- Yves-Alexis -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (450, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#739676: systemd-user PAM config breaks some libpam-* modules
On 2015-01-20 19:28, Felipe Sateler wrote: For reference, the inclusion of common-session is a local debian patch[1]. The original file referenced system-auth, which apparently debian does not use. [1] http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/debian/patches/Adjust-systemd-user-pam-config-file-for-Debian.patch?id=ec748d6eba35516597182ee24d7095a9c9cf415e From a quick look, system-auth is just Red Hat's name for the same mechanism. Both files serve the same purpose -- group common stuff in a single file which can be @included by others. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org