Bug#944020: marked as pending in python-libusb1
Control: tag -1 pending Hello, Bug #944020 in python-libusb1 reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/modules/python-libusb1/-/commit/cd48b3671197558b001308f3c87347eab46183ad Rename binary to python- (Closes: #944020) and new upstream release. (this message was generated automatically) -- Greetings https://bugs.debian.org/944020
Bug#930462: ERROR: unable to download video data: HTTP Error 403: Forbidden
Package: youtube-dl Version: 2019.01.17-1.1 Severity: grave Hi, I get this error when trying to download videos from youtube. Updating the package to 2019.06.08 fixes the issue. Cheers, Arnaud Fontaine
Bug#923376: Should only be in unstable
Source: slapos.core Severity: serious As per upstream request, this package should not be available in testing and hence in stable release so filling this bug report. Regards, Arnaud Fontaine
Bug#909026: nethack-el: fails to run with nethack 3.6.1
Hi, nethack-el fails to start when using nethack-lisp 3.6.1. There's a strong chance this is caused by nethack itself, but I haven't investigated it much. I'm filing this bug now because I have been thinking about removing the lisp port anyway and this is the only package which uses it. As far as I can see, the port has been dead for almost 12 years upstream, hasn't really been tested with nethack 3.6, and makes up a large bulk of the Debian patch set which takes ages to rebase on every upstream update. If someone wants to help keep it going then patches are welcome, but I'm not particularly interested in keeping it. For the reason you just gave and because I no longer use it nor have time to maintain nethack-el, I have requested nethack-el removal (#920399). Thanks for letting me know. Cheers, Arnaud
Bug#837009: marked as pending
tag 837009 pending thanks Hello, Bug #837009 reported by you has been fixed in the Git repository. You can see the changelog below, and you can check the diff of the fix at: http://git.debian.org/?p=python-modules/packages/cheetah.git;a=commitdiff;h=61d2b11 --- commit 61d2b111ff82a00def81297b7c1f3cf537fbc6bd Author: Arnaud Fontaine <ar...@debian.org> Date: Fri Nov 18 12:48:20 2016 +0900 Fix FTBFS due to change in CDBS 0.4.144 (cdbs_python_binary). Closes: #837009. diff --git a/debian/changelog b/debian/changelog index 50d4bce..e7df4c0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,11 @@ cheetah (2.4.4-4) UNRELEASED; urgency=low [ Arnaud Fontaine ] - * debian/rules: add --install-layout=deb to python install command to -install files in the proper directory, as per dh_python2 warning. + * d/rules: ++ Add --install-layout=deb to python install command to + install files in the proper directory, as per dh_python2 warning. ++ Fix FTBFS due to change in CDBS 0.4.144 (cdbs_python_binary). + Closes: #837009. * d/control: + Add dh-python to Build-Depends (dh_python2 warning). + Bump debhelper compat level to 10 (5 is deprecated).
Bug#828119: marked as pending
tag 828119 pending thanks Hello, Bug #828119 reported by you has been fixed in the Git repository. You can see the changelog below, and you can check the diff of the fix at: http://git.debian.org/?p=python-modules/packages/twill.git;a=commitdiff;h=155cfed --- commit 155cfeded3fbbea2367f0bb7b25d9329a4aee63a Author: Arnaud Fontaine <arnaud.fonta...@nexedi.com> Date: Wed Jul 27 15:53:41 2016 +0900 d/rules: CDBS DEB_PYTHON_MODULE_PACKAGE has been removed. Closes: #828119. diff --git a/debian/changelog b/debian/changelog index fa86ddd..06e39a3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,7 @@ twill (0.9-4) UNRELEASED; urgency=low * d/control: + Bump Standards-Version to 3.9.8. No change needed. + debhelper compatibility version 5 is not recommended anymore. + * d/rules: CDBS DEB_PYTHON_MODULE_PACKAGE has been removed. Closes: #828119. -- Arnaud Fontaine <ar...@debian.org> Wed, 27 Jul 2016 15:51:25 +0900
Bug#778895: RM: trafficserver/5.0.1-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hello, Considering that trafficserver is currently affected by 3 security bugs (CVE-2014-3624, CVE-2014-10022 (#778895) and #749846) fixed in Sid but which was not uploaded on time to testing before the freeze, and that these bugs cannot be easily fixed, it would probably be better to remove it from testing as suggested by Arno Töll, the maintainer of trafficserver, on #778895: However, the Release Team was uncomfortable to unblock that package (cf. #769689). I'm afraid, that we better ask for removal of that package in Testing rather than bothering with it, as we - as maintainers - cannot guarantee for the security of it already, even less so over the lifespan of a Debian Release, and upstream is moving faster than us. Thanks in advance. Regards, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#778895: (pre-approval) unblock: trafficserver/5.0.1-1+deb8u1
Hello, I have prepared an NMU for trafficserver fixing #778895 RC bug (CVE-2014-10022) and considering that a new upstream release has already been uploaded tounstable, I would liketo upload to testing-proposed-updates. I'm Cc'ing the maintainer of this package to get his approval as well. I have attached the NMU patch to this email. The package builds fine in a Jessie chroot and all the tests ran during the build pass. Regards, -- Arnaud Fontaine diff -Nru trafficserver-5.0.1/debian/changelog trafficserver-5.0.1/debian/changelog --- trafficserver-5.0.1/debian/changelog 2014-07-24 01:13:29.0 +0900 +++ trafficserver-5.0.1/debian/changelog 2015-03-10 16:18:36.0 +0900 @@ -1,3 +1,11 @@ +trafficserver (5.0.1-1+deb8u1) testing-proposed-updates; urgency=high + + * Add patch to fix CVE-2014-10022 that allowed a remote attacker to +cause a denial of service via unspecified vectors, related to internal +buffer sizing. Closes: #778895. + + -- Arnaud Fontaine ar...@debian.org Tue, 10 Mar 2015 15:26:31 +0900 + trafficserver (5.0.1-1) unstable; urgency=medium * New upstream release including a fix for CVE-2014-3525 that allowed diff -Nru trafficserver-5.0.1/debian/patches/CVE-2014-10022.patch trafficserver-5.0.1/debian/patches/CVE-2014-10022.patch --- trafficserver-5.0.1/debian/patches/CVE-2014-10022.patch 1970-01-01 09:00:00.0 +0900 +++ trafficserver-5.0.1/debian/patches/CVE-2014-10022.patch 2015-03-10 15:19:22.0 +0900 @@ -0,0 +1,59 @@ +From: Leif Hedstrom zw...@apache.org +Date: Tue, 2 Dec 2014 20:08:40 + (-0700) +Subject: Fix the internal buffer sizing. Thanks to Sudheer for helping isolating this bug +X-Git-Url: https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;a=commitdiff_plain;h=8b5f0345dade6b2822d9b52c8ad12e63011a5c12 + +Fix the internal buffer sizing. Thanks to Sudheer for helping isolating this bug +--- + +Index: trafficserver-5.0.1/proxy/http/HttpTransact.cc +=== +--- trafficserver-5.0.1.orig/proxy/http/HttpTransact.cc 2015-03-10 15:19:18.303880106 +0900 trafficserver-5.0.1/proxy/http/HttpTransact.cc 2015-03-10 15:19:18.299880090 +0900 +@@ -5378,9 +5378,8 @@ + int req_length = incoming_hdr-length_get(); + HTTP_RELEASE_ASSERT(req_length 0); + +- s-internal_msg_buffer_index = 0; +- s-internal_msg_buffer_size = req_length * 2; + s-free_internal_msg_buffer(); ++ s-internal_msg_buffer_size = req_length * 2; + + if (s-internal_msg_buffer_size = max_iobuffer_size) { + s-internal_msg_buffer_fast_allocator_size = buffer_size_to_index(s-internal_msg_buffer_size); +@@ -8074,7 +8073,6 @@ + s-free_internal_msg_buffer(); + s-internal_msg_buffer = new_msg; + s-internal_msg_buffer_size = len; +- s-internal_msg_buffer_index = 0; + s-internal_msg_buffer_fast_allocator_size = -1; + + s-hdr_info.client_response.value_set(MIME_FIELD_CONTENT_TYPE, MIME_LEN_CONTENT_TYPE, body_type, strlen(body_type)); +@@ -8157,7 +8155,6 @@ + // + // set descriptive text // + // +- s-internal_msg_buffer_index = 0; + s-free_internal_msg_buffer(); + s-internal_msg_buffer_fast_allocator_size = -1; + s-internal_msg_buffer = body_factory-fabricate_with_old_api_build_va(redirect#moved_temporarily, s, 8192, +Index: trafficserver-5.0.1/proxy/http/HttpTransact.h +=== +--- trafficserver-5.0.1.orig/proxy/http/HttpTransact.h 2015-03-10 15:19:18.303880106 +0900 trafficserver-5.0.1/proxy/http/HttpTransact.h 2015-03-10 15:19:18.299880090 +0900 +@@ -912,7 +912,6 @@ + char *internal_msg_buffer_type; // out + int64_t internal_msg_buffer_size; // out + int64_t internal_msg_buffer_fast_allocator_size; +-int64_t internal_msg_buffer_index; // out + + bool icp_lookup_success;// in + struct sockaddr_in icp_ip_result; // in +@@ -1051,7 +1050,6 @@ + internal_msg_buffer_type(NULL), + internal_msg_buffer_size(0), + internal_msg_buffer_fast_allocator_size(-1), +-internal_msg_buffer_index(0), + icp_lookup_success(false), + scheme(-1), + next_hop_scheme(scheme), diff -Nru trafficserver-5.0.1/debian/patches/series trafficserver-5.0.1/debian/patches/series --- trafficserver-5.0.1/debian/patches/series 2014-07-05 21:41:59.0 +0900 +++ trafficserver-5.0.1/debian/patches/series 2015-03-10 15:19:15.0 +0900 @@ -0,0 +1 @@ +CVE-2014-10022.patch signature.asc Description: PGP signature
Bug#778895: (pre-approval) unblock: trafficserver/5.0.1-1+deb8u1
Ivo De Decker iv...@debian.org writes: Please file a proper unblock request, so that it's easy to track. On Tue, Mar 10, 2015 at 04:24:13PM +0900, Arnaud Fontaine wrote: I have prepared an NMU for trafficserver fixing #778895 RC bug (CVE-2014-10022) and considering that a new upstream release has already been uploaded tounstable, I would liketo upload to testing-proposed-updates. I'm Cc'ing the maintainer of this package to get his approval as well. I have attached the NMU patch to this email. The package builds fine in a Jessie chroot and all the tests ran during the build pass. Please go ahead, but use jessie as distribution instead of testing-proposed-updates. Ok, before uploading and filing a proper unblock request, I will wait for the maintainer ACK until Friday if that's ok with you. Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767554: Bug#769853: /769854: unblock: python-persistent and python-zodb
Hi, Julien Cristau jcris...@debian.org writes: On Fri, Dec 12, 2014 at 12:44:08 +0900, Arnaud Fontaine wrote: I have attached the debdiff with the packages currently in unstable, would you consider unblocking these changes if I upload the packages to unstable? Yes, I would. Thanks! I have just uploaded both packages to unstable. Compared to my previous debdiff, I have just merged the work done by Gediminas for the next version of ZODB (basically only patch filenames are different and the changelog entry has been modified accordingly), but the content of python-zodb binary package is exactly the same. I have attached debdiffs for both packages in case of. Adam D. Barratt a...@adam-barratt.org.uk writes: Control: tags 769854 + confirmed moreinfo Control: tags 769853 + confirmed moreinfo If the upload can be made soon, that should be fine. Please remove the moreinfo tags once the packages are in unstable. Done. Cheers, -- Arnaud Fontaine diff -Nru python-persistent-4.0.8/debian/changelog python-persistent-4.0.8/debian/changelog --- python-persistent-4.0.8/debian/changelog 2014-11-14 18:30:25.0 +0900 +++ python-persistent-4.0.8/debian/changelog 2014-12-10 17:41:09.0 +0900 @@ -1,3 +1,13 @@ +python-persistent (4.0.8-3) unstable; urgency=medium + + * Team upload. + * Revert change in previous upload in favor of removing persistent +module from python-zodb and make it depend upon this package (with +upstream ACK). Closes: #767554. ++ d/control: Add Breaks/Replaces against python-zodb 1:3.9.7-4~. + + -- Arnaud Fontaine ar...@debian.org Wed, 10 Dec 2014 17:33:13 +0900 + python-persistent (4.0.8-2) unstable; urgency=medium * Team upload. diff -Nru python-persistent-4.0.8/debian/control python-persistent-4.0.8/debian/control --- python-persistent-4.0.8/debian/control 2014-11-14 18:31:01.0 +0900 +++ python-persistent-4.0.8/debian/control 2014-12-10 17:37:40.0 +0900 @@ -22,7 +22,8 @@ Package: python-persistent Architecture: any Depends: ${misc:Depends}, ${python:Depends}, ${shlibs:Depends} -Conflicts: python-zodb ( 3.11.0~) +Breaks: python-zodb ( 1:3.9.7-4~) +Replaces: python-zodb ( 1:3.9.7-4~) Description: Automatic persistence for Python objects This package contains a generic persistence implementation for Python. It forms the core protocol for making objects interact transparently with diff -Nru zodb-3.9.7/debian/changelog zodb-3.9.7/debian/changelog --- zodb-3.9.7/debian/changelog 2014-11-17 12:10:50.0 +0900 +++ zodb-3.9.7/debian/changelog 2014-12-16 17:16:27.0 +0900 @@ -1,3 +1,29 @@ +zodb (1:3.9.7-4) unstable; urgency=medium + + * Team upload. + * Revert change in previous upload in favor of removing persistent +module from this package and make it depend upon python-persistent +(with upstream ACK). Closes: #767554. ++ d/control: Add Depends against python-persistent. ++ d/rules: Delete persistent module from final package. ++ d/p/persistent-module-4.x-compat.patch: persistent 4.x uses bytes + instead of repr() but ZODB 4.0.0a4 still uses repr() which is + incompatible. ++ d/tests/all: Remove persistent from the list of tests being ran. ++ d/tests/control: zope.testing.doctest has been removed in + python-zope.testing 4.0.0 and tests cannot be ran anymore. So update + Depends accordingly even though 4.0.0~ is only in stable instead of + backporting many patches. Fix this issue properly when packing NUR + after the release of Jessie. + * d/p/test-spurious-failure-under-python27.patch: Fix python2.7 tests. + + [ Gediminas Paulauskas ] + * d/p/new-transaction.patch: Fix test failure with new transaction. + * d/p/testUtils.patch: Fix test failure with python2.7 (= 2.7.6). + * d/tests: Switch to zope.testrunner. + + -- Arnaud Fontaine ar...@debian.org Tue, 16 Dec 2014 17:12:06 +0900 + zodb (1:3.9.7-3) unstable; urgency=medium * Team upload. @@ -237,4 +263,3 @@ * Initial release (Closes: #158552, #159072, #188435) -- Fabio Tranchitella kob...@debian.org Thu, 18 Aug 2005 21:49:17 + - diff -Nru zodb-3.9.7/debian/control zodb-3.9.7/debian/control --- zodb-3.9.7/debian/control 2014-11-17 12:09:52.0 +0900 +++ zodb-3.9.7/debian/control 2014-12-16 16:40:16.0 +0900 @@ -19,13 +19,12 @@ Depends: ${pydeb:Depends}, ${python:Depends}, ${misc:Depends}, - ${shlibs:Depends} + ${shlibs:Depends}, + python-persistent Provides: ${pydeb:Provides}, ${python:Provides}, - python-persistent Suggests: ${pydeb:Suggests} -Conflicts: zope3, - python-persistent +Conflicts: zope3 Description: Zope Object Database (ZODB) The Zope Object Database is an object-oriented database for Python that provides a high-degree of transparency. Applications can take advantage of diff -Nru zodb-3.9.7/debian/patches/new-transaction.patch zodb-3.9.7/debian/patches/new
Bug#767554: Bug#769853/769854: unblock: python-persistent and python-zodb
Hi, Julien Cristau jcris...@debian.org writes: I don't think that's ok. Can't you remove the conflicting files from python-zodb, and make it depend on python-persistent? Thanks for the suggestion. I talked with upstream authors and this should be fine. However, python-persistent in the archive (4.x) is incompatible with ZODB 4.0.0a4 and thus with the version available in the archive (3.9.7). Therefore, I had to backport some patches from upstream so that python-zodb could depend on python-persistent. With these patches, all the unit tests of python-zodb pass when being ran with python-persistent and python-zodb installed (even though, they only ran with python-zope.testing from stable, due to change in the unit tests framework only from zope.testing 4.x). Here are the changelog entries for both packages: python-persistent (4.0.8-3) unstable; urgency=medium * Team upload. * Revert change in previous upload in favor of removing persistent module from python-zodb and make it depend upon this package (with upstream ACK). Closes: #767554. + d/control: Add Breaks/Replaces against python-zodb 1:3.9.7-4~. -- Arnaud Fontaine ar...@debian.org Wed, 10 Dec 2014 17:33:13 +0900 zodb (1:3.9.7-4) unstable; urgency=medium * Team upload. * Revert change in previous upload in favor of removing persistent module from this package and make it depend upon python-persistent (with upstream ACK). Closes: #767554. + d/control: Add Depends against python-persistent. + d/rules: Delete persistent module from final package. + d/p/fix_persistent_module_4.x_incompatibilities.patch: persistent 4.x uses bytes instead of repr() but ZODB 4.0.0a4 still uses repr() which is incompatible. + d/tests/all: Remove persistent from the list of tests being ran. + d/tests/control: zope.testing.doctest has been removed in python-zope.testing 4.0.0 and tests cannot be ran anymore. So update Depends accordingly even though 4.0.0~ is only in stable instead of backporting many patches. Fix this issue properly when packing NUR after the release of Jessie. * d/p/debian/patches/fix_unit_tests.patch: Fix python2.7 tests failures. -- Arnaud Fontaine ar...@debian.org Fri, 12 Dec 2014 11:47:47 +0900 I have attached the debdiff with the packages currently in unstable, would you consider unblocking these changes if I upload the packages to unstable? Regards, -- Arnaud Fontaine diff -Nru python-persistent-4.0.8/debian/changelog python-persistent-4.0.8/debian/changelog --- python-persistent-4.0.8/debian/changelog 2014-11-14 18:30:25.0 +0900 +++ python-persistent-4.0.8/debian/changelog 2014-12-10 17:41:09.0 +0900 @@ -1,3 +1,13 @@ +python-persistent (4.0.8-3) unstable; urgency=medium + + * Team upload. + * Revert change in previous upload in favor of removing persistent +module from python-zodb and make it depend upon this package (with +upstream ACK). Closes: #767554. ++ d/control: Add Breaks/Replaces against python-zodb 1:3.9.7-4~. + + -- Arnaud Fontaine ar...@debian.org Wed, 10 Dec 2014 17:33:13 +0900 + python-persistent (4.0.8-2) unstable; urgency=medium * Team upload. diff -Nru python-persistent-4.0.8/debian/control python-persistent-4.0.8/debian/control --- python-persistent-4.0.8/debian/control 2014-11-14 18:31:01.0 +0900 +++ python-persistent-4.0.8/debian/control 2014-12-10 17:37:40.0 +0900 @@ -22,7 +22,8 @@ Package: python-persistent Architecture: any Depends: ${misc:Depends}, ${python:Depends}, ${shlibs:Depends} -Conflicts: python-zodb ( 3.11.0~) +Breaks: python-zodb ( 1:3.9.7-4~) +Replaces: python-zodb ( 1:3.9.7-4~) Description: Automatic persistence for Python objects This package contains a generic persistence implementation for Python. It forms the core protocol for making objects interact transparently with diff -Nru zodb-3.9.7/debian/changelog zodb-3.9.7/debian/changelog --- zodb-3.9.7/debian/changelog 2014-11-17 12:10:50.0 +0900 +++ zodb-3.9.7/debian/changelog 2014-12-12 12:00:34.0 +0900 @@ -1,3 +1,24 @@ +zodb (1:3.9.7-4) unstable; urgency=medium + + * Team upload. + * Revert change in previous upload in favor of removing persistent +module from this package and make it depend upon python-persistent +(with upstream ACK). Closes: #767554. ++ d/control: Add Depends against python-persistent. ++ d/rules: Delete persistent module from final package. ++ d/p/fix_persistent_module_4.x_incompatibilities.patch: persistent 4.x + uses bytes instead of repr() but ZODB 4.0.0a4 still uses repr() which + is incompatible. ++ d/tests/all: Remove persistent from the list of tests being ran. ++ d/tests/control: zope.testing.doctest has been removed in + python-zope.testing 4.0.0 and tests cannot be ran anymore. So update + Depends accordingly even
Bug#767554: python-persistent and python-zodb: error when trying to install together
Hi, Arnaud Fontaine wrote (26 Nov 2014 09:03:09 GMT) : Really sorry about that. FTR, I have not uploaded anything yet because the release team would prefer to avoid the Conflicts if possible and make python-zodb depends upon python-persistent instead. AFAIK, it does not seem to be an issue but I have just sent an email to upstream author to confirm it's not going to be an issue... Any answer from them? Yes, sorry about the lag. The upstream said there should be no problem for python-zodb to Depends on python-persistent (and thus remove persistent module from python-zodb). Barry: if that's ok, I will upload python-persistent with the Breaks/Replaces and upload python-zodb without persistent module? Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767554: python-persistent and python-zodb: error when trying to install together
Hello, Andreas Beckmann a...@debian.org writes: Followup-For: Bug #767554 Control: found -1 767554 4.0.8-2 The Conflicts does not work ... without the proper epoch ... you need Conflicts: python-zodb ( 1:3.11.0~) Selecting previously unselected package python-persistent. Unpacking python-persistent (from .../python-persistent_4.0.8-2_amd64.deb) ... dpkg: error processing /var/cache/apt/archives/python-persistent_4.0.8-2_amd64.deb (--unpack): trying to overwrite '/usr/lib/python2.7/dist-packages/persistent/dict.py', which is also in package python-zodb 1:3.9.7-2 Errors were encountered while processing: /var/cache/apt/archives/python-persistent_4.0.8-2_amd64.deb Really sorry about that. FTR, I have not uploaded anything yet because the release team would prefer to avoid the Conflicts if possible and make python-zodb depends upon python-persistent instead. AFAIK, it does not seem to be an issue but I have just sent an email to upstream author to confirm it's not going to be an issue... Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767903: mariadb-server-10.0: missing versioned dependency on libpcre3 =1:8.35
tags 767903 - pending thanks When sponsoring the upload, I didn't notice that the changes suggested by Otto is not enough, my bad. debian/shlibs.local must be added to really fix this bug. Preparing an upload now. After all, it would probably be much better to fix libpcre3 and then B-D on that fixed versions, instead of adding a workaround (eg d/shlibs.local). However, I'm not sure how to fix that properly for libpcre3, so I will ask on #767907 and debian-devel. Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767907: too lax shlibs dependency? (newly added pcre_stack_guard needs = 1:8.35)
Hello, What about the attached patch? BTW, while looking at libpcre3 package, I thought it would be a good idea to add a .symbols file and here is what I came up with (anyone could review it?): libpcre.so.3 libpcre3 #MINVER# pcre_assign_jit_stack@Base 1:8.30-4~ pcre_callout@Base 1:8.30-4~ pcre_compile2@Base 1:8.30-4~ pcre_compile@Base 1:8.30-4~ pcre_config@Base 1:8.30-4~ pcre_copy_named_substring@Base 1:8.30-4~ pcre_copy_substring@Base 1:8.30-4~ pcre_dfa_exec@Base 1:8.30-4~ pcre_exec@Base 1:8.30-4~ pcre_free@Base 1:8.30-4~ pcre_free_study@Base 1:8.30-4~ pcre_free_substring@Base 1:8.30-4~ pcre_free_substring_list@Base 1:8.30-4~ pcre_fullinfo@Base 1:8.30-4~ pcre_get_named_substring@Base 1:8.30-4~ pcre_get_stringnumber@Base 1:8.30-4~ pcre_get_stringtable_entries@Base 1:8.30-4~ pcre_get_substring@Base 1:8.30-4~ pcre_get_substring_list@Base 1:8.30-4~ pcre_info@Base 1:8.30-4~ pcre_jit_exec@Base 1:8.35 pcre_jit_free_unused_memory@Base 1:8.35 pcre_jit_stack_alloc@Base 1:8.30-4~ pcre_jit_stack_free@Base 1:8.30-4~ pcre_maketables@Base 1:8.30-4~ pcre_malloc@Base 1:8.30-4~ pcre_pattern_to_host_byte_order@Base 1:8.30-4~ pcre_refcount@Base 1:8.30-4~ pcre_stack_free@Base 1:8.30-4~ pcre_stack_guard@Base 1:8.35 pcre_stack_malloc@Base 1:8.30-4~ pcre_study@Base 1:8.30-4~ pcre_version@Base 1:8.30-4~ libpcreposix.so.3 libpcre3 #MINVER# pcreposix_regcomp@Base 1:8.30-4~ pcreposix_regerror@Base 1:8.30-4~ pcreposix_regexec@Base 1:8.30-4~ pcreposix_regfree@Base 1:8.30-4~ I don't think that could be considered for Jessie, but I think it would be worth asking anyway? Cheers, -- Arnaud Fontaine diff -urN pcre3-8.35.orig/debian/rules pcre3-8.35/debian/rules --- pcre3-8.35.orig/debian/rules 2014-11-20 16:04:51.630416683 +0900 +++ pcre3-8.35/debian/rules 2014-11-20 16:05:03.666453116 +0900 @@ -110,7 +110,7 @@ rm debian/libpcre3-dbg/usr/lib/debug/usr/lib/libpcre* dh_compress -a dh_fixperms -a - dh_makeshlibs -plibpcre3 --add-udeb=libpcre3-udeb -V 'libpcre3 (= 8.10)' + dh_makeshlibs -plibpcre3 --add-udeb=libpcre3-udeb -V 'libpcre3 (= 1:8.35)' dh_makeshlibs -plibpcrecpp0 -V 'libpcrecpp0 (= 7.7)' dh_installdeb -a # dh_perl -a signature.asc Description: PGP signature
Bug#767903: mariadb-server-10.0: missing versioned dependency on libpcre3 =1:8.35
reopen 767903 tags 767903 + pending thanks Hey, When sponsoring the upload, I didn't notice that the changes suggested by Otto is not enough, my bad. debian/shlibs.local must be added to really fix this bug. Preparing an upload now. Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#769865: [debian-mysql] Bug#769865: mariadb-10.0: FTBFS on i386
Otto Kekäläinen o...@seravo.fi writes: The latest upload if mariadb-10.0 failed during the testsuite on i386: https://buildd.debian.org/status/package.php?p=mariadb-10.0 https://buildd.debian.org/status/fetch.php?pkg=mariadb-10.0arch=i386ver=10.0.14-3stamp=1416208329 A number of architectures are still building at this point, so the issue might not be specific to i386 (but mips, mipsel and ppc64el built fine). Thanks for reporting this. I've localized the root cause and pushed a fix: http://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.0.git/commit/debian/patches/username-in-tests-replace.patch?id=c413d37ab10b7c817d00f3a41bfac569736c6e4a Now we need to upload mariadb-10.0.14-4, all builds are likely to fail with current revision. Do you need me to upload it? Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767554: python-persistent and python-zodb: error when trying to install together
Hi, Gediminas Paulauskas mene...@pov.lt writes: If that's ok with you, I'm going to upload both packages to fix this bug: * python-persistent: Conflicts: python-zodb ( 3.11.0~) * python-zodb: Conflicts: python-persistent Since ZODB3 before the split included persistent, it should provide it: Provides: python-persistent One package that Build-Depends on python-persistent but should be installable with only python-zodb is zope.component. Thank you very much for pointing this out. I will upload now with the Provides then. Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767554: python-persistent and python-zodb: error when trying to install together
Barry Warsaw ba...@debian.org writes: On Nov 12, 2014, at 05:50 PM, Arnaud Fontaine wrote: From upstream point of view, ZODB3 (aka python-zodb in Debian) used to include persistent, BTrees, ZODB and ZEO modules. However, since ZODB3 3.11.0a1, upstream has split it up into 4 distinct packages (one for each module), bump the version to 4.0 and made ZODB3 a metapackage depending on all of them. It looks like Debian still has zodb 3.9.7, right? Unfortunately, yes. As of fixing this RC bug for Jessie: Among the four, only persistent package is currently available in Debian, so there is no way to get rid of ZODB3 (at least for Jessie). Barry: If persistent = 4.0 Debian package is useful on its own to anyone (and thus should not be removed From testing), then can I add a Conflict on both packages and upload them to fix this bug? IIRC, I needed to update python-persistent for the Python 3 zope.component transition, as it's a build-dep. There are no other reverse dependencies that I know of. I think a Conflicts is the right way to handle this for now, given where we are in the Jessie release cycle. Arnaud, thanks for handling this! If that's ok with you, I'm going to upload both packages to fix this bug: * python-persistent: Conflicts: python-zodb ( 3.11.0~) * python-zodb: Conflicts: python-persistent Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#767554: python-persistent and python-zodb: error when trying to install together
Hello, Andreas Beckmann a...@debian.org writes: Package: python-persistent,python-zodb Version: 4.0.8-1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Control: found -1 1:3.9.7-2 First of all, thanks for finding and reporting such issues, it's greatly appreciated! Selecting previously unselected package python-zodb. Preparing to unpack .../python-zodb_1%3a3.9.7-2_amd64.deb ... Unpacking python-zodb (1:3.9.7-2) ... dpkg: error processing archive /var/cache/apt/archives/python-zodb_1%3a3.9.7-2_amd64.deb (--unpack): trying to overwrite '/usr/lib/python2.7/dist-packages/persistent/wref.py', which is also in package python-persistent 4.0.8-1 Errors were encountered while processing: /var/cache/apt/archives/python-zodb_1%3a3.9.7-2_amd64.deb This is a serious bug as it makes installation fail, and violates sections 7.6.1 and 10.1 of the policy. An optimal solution would consist in only one of the packages installing that file, and renaming or removing the file in the other package. Depending on the circumstances you might also consider Replace relations or file diversions. If the conflicting situation cannot be resolved then, as a last resort, the two packages have to declare a mutual Conflict. Please take into account that Replaces, Conflicts and diversions should only be used when packages provide different implementations for the same functionality. Here is a list of files that are known to be shared by both packages (according to the Contents file for sid/amd64, which may be slightly out of sync): usr/lib/python2.7/dist-packages/persistent/__init__.py [...] From upstream point of view, ZODB3 (aka python-zodb in Debian) used to include persistent, BTrees, ZODB and ZEO modules. However, since ZODB3 3.11.0a1, upstream has split it up into 4 distinct packages (one for each module), bump the version to 4.0 and made ZODB3 a metapackage depending on all of them. As of fixing this RC bug for Jessie: Among the four, only persistent package is currently available in Debian, so there is no way to get rid of ZODB3 (at least for Jessie). Barry: If persistent = 4.0 Debian package is useful on its own to anyone (and thus should not be removed From testing), then can I add a Conflict on both packages and upload them to fix this bug? Cheers, -- Arnaud Fontaine signature.asc Description: PGP signature
Bug#687484: [debian-mysql] Bug#687484: Status of CVE-2012-4414: SQL injection
Henri Salo he...@nerv.fi writes: What is current status of CVE-2012-4414? Information about the issue in http://www.openwall.com/lists/oss-security/2012/09/11/4 Marked as grave and security without any comments from maintainers. Plans to patch this issue? If not could you please give reasoning, thank you. I think this bug only affects squeeze (oldstable) which reached its EOL and is now only supported by volunteers as part of the Debian-LTS project so you should probably get in touch with them: https://wiki.debian.org/LTS Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#746866: kumofs: ftbfs with GCC-4.9
tags 746866 + patch thanks Hello, I have attached a patch fixing this issue. Could you please apply it? I can also NMU if you wish. Thanks in advance. Cheers, -- Arnaud Fontaine --- kumofs-0.4.13/src/logic/gateway/mod_store.cc 2010-12-14 12:42:27.0 +0900 +++ kumofs-0.4.13/src/logic/gateway/mod_store.cc 2014-07-24 09:56:52.445251606 +0900 @@ -262,19 +262,19 @@ #define GATEWAY_CATCH(NAME, response_type) \ catch (msgpack::type_error e) { \ LOG_ERROR(#NAME FAILED: type error); \ - response_type res; \ - res.error = 1; \ - try { (*callback)(user, res, z); } catch (...) { } \ + response_type r; \ + r.error = 1; \ + try { (*callback)(user, r, z); } catch (...) { } \ } catch (std::exception e) { \ LOG_WARN(#NAME FAILED: ,e.what()); \ - response_type res; \ - res.error = 1; \ - try { (*callback)(user, res, z); } catch (...) { } \ + response_type r; \ + r.error = 1; \ + try { (*callback)(user, r, z); } catch (...) { } \ } catch (...) { \ LOG_WARN(#NAME FAILED: unknown error); \ - response_type res; \ - res.error = 1; \ - try { (*callback)(user, res, z); } catch (...) { } \ + response_type r; \ + r.error = 1; \ + try { (*callback)(user, r, z); } catch (...) { } \ }
Bug#739190: netenv doesn't come up initializing via systemd
Hello, Michael Biebl bi...@debian.org writes: Under systemd all services run in a defined context. This also means you can't prompt for input by reading from the console. # X-Interactive: true as used by the netenv sysv init script does not work by design. See [1]: Services cannot read from stdin, as this will be connected to /dev/null. That means interactive init scripts are not supported (i.e. Debian's X-Interactive in the LSB header is not supported either.) Thankfully most distributions do not support interaction in init scripts anyway. If you need interaction to ask disk or SSL passphrases please consider using the minimal password querying framework systemd supports. (details, manual page) [...] That leaves netdev. Tbh I don't know what to do about that. The password agents [2] were designed to prompt for passphrases, not to select from a list from pre-defined values. So they are not applicable to the case. While you can change a service file's StandardInput= setting so it actually get's access to the console during boot, a systemctl start netdev.service in you terminal emulator does not work with that either afair. But for this case you could simply provide a command-line tool like netenv-select or so As a closing remark, let me add that it is generally discouraged to prompt for input during boot. Since when has it been discouraged? I may have misunderstood something but, considering the password agents built in systemd, I don't see any reason why only inputting passwords should be allowed/available at boot time and not something else at the end (especially for system-level prompt such as system-wide network configuration as netenv does), whatever the technical reason is... Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#750967: Byte-compilation fails upon apel upgrade, thus making emacs and apel upgrade fails
Hi, Tatsuya Kinoshita t...@debian.org writes: On June 9, 2014 at 12:31PM +0900, arnau (at debian.org) wrote: elscreen-apel.patch +++ debian/emacsen-install 2014-06-09 12:23:03.642097192 +0900 +if [ ! -f /usr/share/$FLAVOR/site-lisp/apel/alist.elc ]; then exit 0; fi Your patch looks fine. See also emacsen-common's bug#737389. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737389 Thanks for the URL. I was not aware about this bug. It would indeed be better if that could be fixed in emacsen-common rather than individually in each package, but in the meantime that should probably do it... Masayuki: Could you please have a look at the patch and apply it or can I upload an NMU fixing this issue? Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#750967: Byte-compilation fails upon apel upgrade, thus making emacs and apel upgrade fails
Package: elscreen Version: 1.4.6-5.1 Severity: serious Tags: patch [CC'ing the Emacs24 maintainer just to know if this is an expected behavior and whether the attached patch is correct...] Hello, Today, when upgrading Emacs24 and Apel at the same time, I got the following error upon Emacs24 upgrade (so even before Apel postinst script is being ran): Install bbdb for emacs24 install/bbdb: Byte-compiling for emacs24 ... Generating bbdb-autoloads... Byte-compiling bbdb... done. Install cmake-data for emacs24 install/cmake-data: Byte-compiling for emacs24 Wrote /usr/share/emacs24/site-lisp/cmake-data/cmake-mode.elc Install debian-el for emacs24 debian-el files already compiled in /usr/share/emacs24/site-lisp/debian-el. Install elscreen for emacs24 install/elscreen: Handling install for emacsen flavor emacs24 Loading /etc/emacs/site-start.d/00debian-vars.el (source)... Loading /etc/emacs/site-start.d/20apel.el (source)... Loading /etc/emacs/site-start.d/50autoconf.el (source)... Loading /etc/emacs/site-start.d/50bbdb.el (source)... Loading /etc/emacs/site-start.d/50cmake-data.el (source)... Loading /etc/emacs/site-start.d/50dictionaries-common.el (source)... Loading /var/cache/dictionaries-common/emacsen-ispell-dicts.el (source)... Error while loading 50dictionaries-common: Symbol's value as variable is void: debian-aspell-only-dictionary-alist Loading /etc/emacs/site-start.d/50dpkg-dev-el.el (source)... Package dpkg-dev-el not fully installed. Skipping setup. Loading /etc/emacs/site-start.d/50elscreen.el (source)... Loading /etc/emacs/site-start.d/50emacs-goodies-el.el (source)... Package emacs-goodies-el not fully installed. Skipping setup. Loading /etc/emacs/site-start.d/50emacs-mozc.el (source)... Loading /etc/emacs/site-start.d/50flim.el (source)... Loading /etc/emacs/site-start.d/50lookup-el.el (source)... Loading /etc/emacs/site-start.d/50lua-mode.el (source)... Loading /etc/emacs/site-start.d/50magit.el (source)... Loading /usr/share/emacs/site-lisp/magit/magit-install.el (source)... Loading /etc/emacs/site-start.d/50namazu2.el (source)... Loading /etc/emacs/site-start.d/50psvn.el (source)... Loading /etc/emacs/site-start.d/50pylint.el (source)... Error while loading 50pylint: Cannot open load file: pylint Loading /etc/emacs/site-start.d/50pymacs.el (source)... Loading /etc/emacs/site-start.d/50sdic.el (source)... Loading /etc/emacs/site-start.d/50systemtap-common.el (source)... Loading /usr/share/emacs/site-lisp/systemtap-common/systemtap-init.el (source)... Loading /etc/emacs/site-start.d/50w3m-el-snapshot.el (source)... Loading /etc/emacs/site-start.d/51debian-el.el (source)... Loading /etc/emacs/site-start.d/51emms.el (source)... Loading /etc/emacs/site-start.d/70sdic-edict.el (source)... Error while loading 70sdic-edict: Symbol's value as variable is void: sdic-waei-dictionary-list In toplevel form: elscreen-color-theme.el:25:1:Error: Cannot open load file: alist In toplevel form: elscreen-dired.el:26:1:Error: Cannot open load file: alist In toplevel form: elscreen-dnd.el:26:1:Error: Cannot open load file: alist In toplevel form: elscreen-gf.el:28:1:Error: Cannot open load file: alist In toplevel form: elscreen-goby.el:26:1:Error: Cannot open load file: alist In toplevel form: elscreen-howm.el:26:1:Error: Cannot open load file: alist In toplevel form: elscreen-server.el:27:1:Error: Cannot open load file: alist In toplevel form: elscreen-speedbar.el:25:1:Error: Cannot open load file: alist In toplevel form: elscreen-w3m.el:26:1:Error: Cannot open load file: alist In toplevel form: elscreen.el:28:1:Error: Cannot open load file: alist ERROR: install script from elscreen package failed I guess this is what triggers this issue upon Emacs24 upgrade: 1. All the byte-compiled files in /usr/share/emacs24/site-lisp/ are purged. 2. Byte-compilation is triggered but at this point apel is only in unpacked state so no byte-compilation occurs. However, elscreen (depending upon apel) does not check whether apel has been byte-compiled and fails. I have attached a patch checking for alist.elc before byte-compilation. I'm not sure this is the right fix though, could you please have a look? Thanks! Regards, -- Arnaud Fontaine --- debian/emacsen-install.ORIG 2014-06-09 12:22:57.118021446 +0900 +++ debian/emacsen-install 2014-06-09 12:23:03.642097192 +0900 @@ -8,6 +8,7 @@ FLAVOR=$1 PACKAGE=elscreen +if [ ! -f /usr/share/$FLAVOR/site-lisp/apel/alist.elc ]; then exit 0; fi if [ ${FLAVOR} = emacs ]; then exit 0; fi echo install/${PACKAGE}: Handling install for emacsen flavor ${FLAVOR}
Bug#739476: ImportError: cannot import name ScopedSession
Source: elixir Severity: grave Tags: upstream Hello, When trying to import elixir module, I get the following traceback which makes elixir completely unusable: import elixir Traceback (most recent call last): File stdin, line 1, in module File /usr/lib/pymodules/python2.7/elixir/__init__.py, line 29, in module from elixir.entity import Entity, EntityBase, EntityMeta, EntityDescriptor, \ File /usr/lib/pymodules/python2.7/elixir/entity.py, line 17, in module from sqlalchemy.orm import MapperExtension, mapper, object_session, \ ImportError: cannot import name ScopedSession Also, considering that a security bug, #670919, which is almost two years old has never been fixed and there has been no upstream release since 11/2009 (actually around the time a declarative layer has been implemented in sqlalchemy AFAIU), I'm wondering whether this package should be kept in the archive at all. What do you think? -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Regards, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#710286: lua-lgi: Missing Depends on gir1.2-glib-2.0
Package: lua-lgi Version: 0.7.1-1 Justification: Policy 3.5 Severity: serious Tags: patch Hello, After installing lua-lgi, the following command fails (same error with lua5.2): $ lua5.1 -e 'require(lgi)' lua5.1: /usr/share/lua/5.1/lgi/ffi.lua:34: attempt to index local 'gobject' (a boolean value) stack traceback: /usr/share/lua/5.1/lgi/ffi.lua:34: in main chunk [C]: in function 'require' /usr/share/lua/5.1/lgi/class.lua:21: in main chunk [C]: in function 'require' /usr/share/lua/5.1/lgi/namespace.lua:18: in main chunk [C]: in function 'require' /usr/share/lua/5.1/lgi/init.lua:42: in main chunk [C]: in function 'require' /usr/share/lua/5.1/lgi.lua:19: in main chunk [C]: in function 'require' (command line):1: in main chunk [C]: ? That's because gi.require('GObject') and gi.require('GLib') from lgi/ffi.lua both return false and thus fails later on when trying to access object within these modules. After investigating a bit, it appears that gi_require() (lgi/gi.c) calls g_irepository_require() which searches for .typelib files, but GLib and GObject .typelib files are not available because gir1.2-glib-2.0 is not installed on my system (and thus missing in the Depends, but it seems that only GObject and GLib .typelib are required according to the source code). So, could you please add this package to Depends? Perhaps, there are other missing Depends which could be checked by running tests within a chroot without Build-Depends? BTW, is there any reason why lua-lgi does not Depends upon any lua interpreter package? Is it actually useable without it? Cheers, -- Arnaud Fontaine -- System Information: Debian Release: jessie/sid APT prefers experimental APT policy: (600, 'experimental'), (500, 'unstable'), (500, 'testing'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lua-lgi depends on: ii libc6 2.17-3 ii libffi63.0.13-4 ii libgirepository-1.0-1 1.36.0-2+b1 ii libglib2.0-0 2.36.1-2build1 ii multiarch-support 2.17-3 lua-lgi recommends no packages. lua-lgi suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702769: bup_0.25~git2011.11.04-5.1_amd64.changes ACCEPTED into unstable
Hello, Jonathan Dowland j...@debian.org writes: On Sat, Mar 23, 2013 at 09:02:39AM +, Debian FTP Masters wrote: Maintainer: Jon Dowland j...@debian.org snip * Non-maintainer upload. This surprised me a bit, as I orphaned bup a while ago and it was picked up by someone else, who has already made an upload removing me from the Maintainer field. It took me a moment to realise that their upload would have been to experimental, and your NMU is targetting wheezy via unstable. Still, it would have been a good opportunity to switch out the Maintainer for wheezy. I would have suggested that if you had CCed me with your proposed NMU, or tried to reach me via other means… None-the-less, thanks for fixing the bug. Yes, I didn't notice that, sorry about that. Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702769: bup: diff for NMU version 0.25~git2011.11.04-5.1
tags 702769 + patch tags 702769 + pending thanks Hello, After comparing the changes in bup between the current version in unstable and the one in experimental, I found that the FTBFS is due to a change in Git and has been fixed upstream by this commit: https://github.com/bup/bup/commit/9269e652b57947c6a518d0b544f9df0cb933385f I modified a bit this patch reverting user %d to user%d as this bit has been reverted in a later commit anyway and the current version of bup also uses user%d: https://github.com/bup/bup/commit/4875d0cb42eb66c3ac7f0297e0cb7aca6d4f3975 Therefore, I'veprepared anNMU for bup(versioned as 0.25~git2011.11.04-5.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Regards, Arnaud Fontaine diff -Nru bup-0.25~git2011.11.04/debian/changelog bup-0.25~git2011.11.04/debian/changelog --- bup-0.25~git2011.11.04/debian/changelog 2012-05-25 19:55:17.0 +0900 +++ bup-0.25~git2011.11.04/debian/changelog 2013-03-18 16:57:28.0 +0900 @@ -1,3 +1,12 @@ +bup (0.25~git2011.11.04-5.1) unstable; urgency=low + + * Non-maintainer upload. + * Recent version of Git expects that the commit username is not empty, +whereas bup was using GECOS field which may be empty, thus tests +executed at build time were broken. Closes: #702769. + + -- Arnaud Fontaine ar...@debian.org Mon, 18 Mar 2013 16:49:50 +0900 + bup (0.25~git2011.11.04-5) unstable; urgency=low * Add 0.22a-1 changelog entry to this file. Remove changelog diff -Nru bup-0.25~git2011.11.04/debian/patches/debian-changes bup-0.25~git2011.11.04/debian/patches/debian-changes --- bup-0.25~git2011.11.04/debian/patches/debian-changes2012-05-30 07:07:54.0 +0900 +++ bup-0.25~git2011.11.04/debian/patches/debian-changes2013-03-18 16:58:54.0 +0900 @@ -299,3 +299,21 @@ self.inprogress = None except Exception, e: it.abort() +--- bup-0.25~git2011.11.04.orig/lib/bup/helpers.py bup-0.25~git2011.11.04/lib/bup/helpers.py +@@ -231,9 +231,13 @@ def userfullname(): + if not _userfullname: + uid = os.getuid() + try: +-_userfullname = pwd.getpwuid(uid)[4].split(',')[0] ++entry = pwd.getpwuid(uid) ++_userfullname = entry[4].split(',')[0] or entry[0] + except KeyError: +-_userfullname = 'user%d' % uid ++pass ++finally: ++if not _userfullname: ++ _userfullname = 'user%d' % uid + return _userfullname + + -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702633: CVE-2012-1016: NULL pointer dereference (DoS) in plugins/preauth/pkinit/pkinit_srv.c
tags 702633 + patch thanks Hello, After checking the source code, this part of the code does not seem to have changed between 1.10.1 and 1.10.4, so AFAIU this bug affects at least the version available in testing and unstable. The current code is: if ((rep9 != NULL rep9-choice == choice_pa_pk_as_rep_draft9_dhSignedData) || (rep != NULL rep-choice == choice_pa_pk_as_rep_dhInfo)) { /* If mutually supported KDFs were found, use the alg agility KDF */ if (rep-u.dh_Info.kdfID) { Thus, rep could be NULL which has been addressed by the following upstream patch: https://github.com/krb5/krb5/commit/cd5ff932c9d1439c961b0cf9ccff979356686aff I also prepared a NMU[0] in case it helps (it builds fine with cowbuilder but I could not test it though) and attached the diff to this email. Cheers, -- Arnaud Fontaine [0] http://people.debian.org/~arnau/packages/krb5/ diff -Nru krb5-1.10.1+dfsg/debian/changelog krb5-1.10.1+dfsg/debian/changelog --- krb5-1.10.1+dfsg/debian/changelog 2013-02-20 10:54:44.0 +0900 +++ krb5-1.10.1+dfsg/debian/changelog 2013-03-15 17:03:05.0 +0900 @@ -1,3 +1,10 @@ +krb5 (1.10.1+dfsg-4.1) unstable; urgency=high + + * Non-maintainer upload. + * KDC null pointer dereference with PKINIT, CVE-2012-1016. Closes: #702633. + + -- Arnaud Fontaine ar...@debian.org Fri, 15 Mar 2013 17:01:29 +0900 + krb5 (1.10.1+dfsg-4) unstable; urgency=high * KDC null pointer dereference with PKINIT, CVE-2013-1415 diff -Nru krb5-1.10.1+dfsg/debian/patches/0022-PKINIT-null-pointer-deref-CVE-2012-1016.patch krb5-1.10.1+dfsg/debian/patches/0022-PKINIT-null-pointer-deref-CVE-2012-1016.patch --- krb5-1.10.1+dfsg/debian/patches/0022-PKINIT-null-pointer-deref-CVE-2012-1016.patch 1970-01-01 09:00:00.0 +0900 +++ krb5-1.10.1+dfsg/debian/patches/0022-PKINIT-null-pointer-deref-CVE-2012-1016.patch 2013-03-15 16:59:56.0 +0900 @@ -0,0 +1,38 @@ +commit cd5ff932c9d1439c961b0cf9ccff979356686aff +Author: Nalin Dahyabhai na...@redhat.com +Date: Thu Dec 13 14:26:07 2012 -0500 + +PKINIT (draft9) null ptr deref [CVE-2012-1016] + +Don't check for an agility KDF identifier in the non-draft9 reply +structure when we're building a draft9 reply, because it'll be NULL. + +The KDC plugin for PKINIT can dereference a null pointer when handling +a draft9 request, leading to a crash of the KDC process. An attacker +would need to have a valid PKINIT certificate, or an unauthenticated +attacker could execute the attack if anonymous PKINIT is enabled. + +CVSSv2 vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C + +[t...@mit.edu: reformat comment and edit log message] + +ticket: 7506 (new) +target_version: 1.11 +tags: pullup + +Index: krb5-1.10.1+dfsg/src/plugins/preauth/pkinit/pkinit_srv.c +=== +--- krb5-1.10.1+dfsg.orig/src/plugins/preauth/pkinit/pkinit_srv.c 2013-03-15 16:52:57.703154249 +0900 krb5-1.10.1+dfsg/src/plugins/preauth/pkinit/pkinit_srv.c 2013-03-15 16:58:58.971037553 +0900 +@@ -1016,8 +1016,9 @@ + rep9-choice == choice_pa_pk_as_rep_draft9_dhSignedData) || + (rep != NULL rep-choice == choice_pa_pk_as_rep_dhInfo)) { + +-/* If mutually supported KDFs were found, use the alg agility KDF */ +-if (rep-u.dh_Info.kdfID) { ++/* If we're not doing draft 9, and mutually supported KDFs were found, ++ * use the algorithm agility KDF. */ ++if (rep != NULL rep-u.dh_Info.kdfID) { + secret.data = server_key; + secret.length = server_key_len; + diff -Nru krb5-1.10.1+dfsg/debian/patches/series krb5-1.10.1+dfsg/debian/patches/series --- krb5-1.10.1+dfsg/debian/patches/series 2013-02-20 10:54:44.0 +0900 +++ krb5-1.10.1+dfsg/debian/patches/series 2013-03-15 16:52:26.0 +0900 @@ -19,3 +19,4 @@ upstream/0019-Null-pointer-deref-in-kadmind-CVE-2012-1013.patch 0020-gssapi-never-unload-mechanisms.patch 0021-PKINIT-null-pointer-deref-CVE-2013-1415.patch +0022-PKINIT-null-pointer-deref-CVE-2012-1016.patch
Bug#699743: emms: fails to upgrade lenny - squeeze - wheezy: emms-setup.el:96:8:Error: Symbol's value as variable is void: emms-directory
Hi, Andreas Beckmann a...@debian.org writes: the piuparts test result looks good (the remaining issues are beyond the responsibility of emms). Thank you so much for testing. I will upload emms today then. Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#699743: emms: fails to upgrade lenny - squeeze - wheezy: emms-setup.el:96:8:Error: Symbol's value as variable is void: emms-directory
Hi, Andreas Beckmann a...@debian.org writes: lenny-squeeze-wheezy works now, but it leaves cruft around, looks like a proper deregistration of the emacs22 flavor is missing: [...] Sorry about that, I have fixed it in the attached patch. Thank you so much for testing! Regards, -- Arnaud Fontaine diff -uN emms-3.0+20110425+1.git298e022.orig/debian/changelog emms-3.0+20110425+1.git298e022/debian/changelog --- emms-3.0+20110425+1.git298e022.orig/debian/changelog 2013-02-27 11:45:23.285936262 +0900 +++ emms-3.0+20110425+1.git298e022/debian/changelog 2013-02-27 11:47:03.242937535 +0900 @@ -1,3 +1,13 @@ +emms (3.0+20110425+1.git298e022-4) unstable; urgency=low + + * debian/control: ++ Require emacsen-common = 2.0.5 because of #693472. + * debian/emacsen-install, debian/emacsen-remove: ++ As emacs22 is not supported since squeeze, it must be ignored. + Closes: #699743. + + -- Arnaud Fontaine ar...@debian.org Wed, 27 Feb 2013 11:25:39 +0900 + emms (3.0+20110425+1.git298e022-3) unstable; urgency=low * debian/control: diff -uN emms-3.0+20110425+1.git298e022.orig/debian/control emms-3.0+20110425+1.git298e022/debian/control --- emms-3.0+20110425+1.git298e022.orig/debian/control 2013-02-27 11:45:29.866002178 +0900 +++ emms-3.0+20110425+1.git298e022/debian/control 2013-02-27 11:32:40.614292813 +0900 @@ -14,7 +14,7 @@ Package: emms Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, - emacsen-common, + emacsen-common (= 2.0.5), w3m-el | w3m-el-snapshot, emacs23 | xemacs21 | emacs-snapshot Recommends: vorbis-tools | mpg321 | mplayer | vlc | mpd (= 0.12.0) | xine-ui diff -uN emms-3.0+20110425+1.git298e022.orig/debian/emacsen-install emms-3.0+20110425+1.git298e022/debian/emacsen-install --- emms-3.0+20110425+1.git298e022.orig/debian/emacsen-install 2012-06-07 17:32:35.903138994 +0900 +++ emms-3.0+20110425+1.git298e022/debian/emacsen-install 2013-02-27 11:43:52.157023326 +0900 @@ -8,7 +8,7 @@ FLAVOR=$1 PACKAGE=emms -if [ ${FLAVOR} = emacs ] || [ ${FLAVOR} = emacs21 ]; then +if [ ${FLAVOR} = emacs ] || [ ${FLAVOR} = emacs21 ] || [ ${FLAVOR} = emacs22 ]; then exit 0; fi diff -uN emms-3.0+20110425+1.git298e022.orig/debian/emacsen-remove emms-3.0+20110425+1.git298e022/debian/emacsen-remove --- emms-3.0+20110425+1.git298e022.orig/debian/emacsen-remove 2011-11-05 16:19:31.0 +0900 +++ emms-3.0+20110425+1.git298e022/debian/emacsen-remove 2013-02-27 11:44:09.965201736 +0900 @@ -4,7 +4,7 @@ FLAVOR=$1 PACKAGE=emms -if [ ${FLAVOR} != emacs ] [ ${FLAVOR} != emacs21 ]; then +if [ ${FLAVOR} != emacs ]; then echo remove/${PACKAGE}: purging byte-compiled files for ${FLAVOR} rm -rf /usr/share/${FLAVOR}/site-lisp/${PACKAGE} fi pgpc7qIGLpx95.pgp Description: PGP signature
Bug#699743: emms: fails to upgrade lenny - squeeze - wheezy: emms-setup.el:96:8:Error: Symbol's value as variable is void: emms-directory
Hello, Setting up emms (3.0+20110425+1.git298e022-3) ... Installing new version of config file /etc/emacs/site-start.d/50emms.el ... Install w3m-el for emacs Install w3m-el for emacs22 install/w3m-el: already byte-compiled for emacs22, skipped Install w3m-el for emacs23 install/w3m-el: already byte-compiled for emacs23, skipped Install emacsen-common for emacs22 emacsen-common: Handling install of emacsen flavor emacs22 Wrote /etc/emacs22/site-start.d/00debian-vars.elc Wrote /usr/share/emacs22/site-lisp/debian-startup.elc Install emacsen-common for emacs23 emacsen-common: Handling install of emacsen flavor emacs23 Wrote /etc/emacs23/site-start.d/00debian-vars.elc Wrote /usr/share/emacs23/site-lisp/debian-startup.elc Install emms for emacs Install emms for emacs22 install/emms: byte-compiling for emacs22, logging in /tmp/elc.QcJFe6Q1Lby7 ERROR: install script from emms package failed dpkg: error processing emms (--configure): subprocess installed post-installation script returned error exit status 1 I was wrong, sorry about that. After reading carefully the log again and checking emms package, there is actually no reason that emms is byte-compiled for emacs22 as it's not supported since squeeze anyway. I have attached a patch fixing this issue and built a package[0][1]. Could you please confirm whether that this fixes the issue? Thanks! Cheers, -- Arnaud Fontaine [0] http://people.debian.org/~arnau/packages/emms_3.0+20110425+1.git298e022-4.dsc [1] http://people.debian.org/~arnau/packages/emms_3.0+20110425+1.git298e022-4_amd64.deb diff -uN emms-3.0+20110425+1.git298e022.orig/debian/changelog emms-3.0+20110425+1.git298e022/debian/changelog --- emms-3.0+20110425+1.git298e022.orig/debian/changelog 2013-02-27 11:45:23.285936262 +0900 +++ emms-3.0+20110425+1.git298e022/debian/changelog 2013-02-27 11:47:03.242937535 +0900 @@ -1,3 +1,13 @@ +emms (3.0+20110425+1.git298e022-4) unstable; urgency=low + + * debian/control: ++ Require emacsen-common = 2.0.5 because of #693472. + * debian/emacsen-install, debian/emacsen-remove: ++ As emacs22 is not supported since squeeze, it must be ignored. + Closes: #699743. + + -- Arnaud Fontaine ar...@debian.org Wed, 27 Feb 2013 11:25:39 +0900 + emms (3.0+20110425+1.git298e022-3) unstable; urgency=low * debian/control: diff -uN emms-3.0+20110425+1.git298e022.orig/debian/control emms-3.0+20110425+1.git298e022/debian/control --- emms-3.0+20110425+1.git298e022.orig/debian/control 2013-02-27 11:45:29.866002178 +0900 +++ emms-3.0+20110425+1.git298e022/debian/control 2013-02-27 11:32:40.614292813 +0900 @@ -14,7 +14,7 @@ Package: emms Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, - emacsen-common, + emacsen-common (= 2.0.5), w3m-el | w3m-el-snapshot, emacs23 | xemacs21 | emacs-snapshot Recommends: vorbis-tools | mpg321 | mplayer | vlc | mpd (= 0.12.0) | xine-ui diff -uN emms-3.0+20110425+1.git298e022.orig/debian/emacsen-install emms-3.0+20110425+1.git298e022/debian/emacsen-install --- emms-3.0+20110425+1.git298e022.orig/debian/emacsen-install 2012-06-07 17:32:35.903138994 +0900 +++ emms-3.0+20110425+1.git298e022/debian/emacsen-install 2013-02-27 11:43:52.157023326 +0900 @@ -8,7 +8,7 @@ FLAVOR=$1 PACKAGE=emms -if [ ${FLAVOR} = emacs ] || [ ${FLAVOR} = emacs21 ]; then +if [ ${FLAVOR} = emacs ] || [ ${FLAVOR} = emacs21 ] || [ ${FLAVOR} = emacs22 ]; then exit 0; fi diff -uN emms-3.0+20110425+1.git298e022.orig/debian/emacsen-remove emms-3.0+20110425+1.git298e022/debian/emacsen-remove --- emms-3.0+20110425+1.git298e022.orig/debian/emacsen-remove 2011-11-05 16:19:31.0 +0900 +++ emms-3.0+20110425+1.git298e022/debian/emacsen-remove 2013-02-27 11:44:09.965201736 +0900 @@ -4,7 +4,7 @@ FLAVOR=$1 PACKAGE=emms -if [ ${FLAVOR} != emacs ] [ ${FLAVOR} != emacs21 ]; then +if [ ${FLAVOR} != emacs ] [ ${FLAVOR} != emacs21 ] [ ${FLAVOR} != emacs22 ]; then echo remove/${PACKAGE}: purging byte-compiled files for ${FLAVOR} rm -rf /usr/share/${FLAVOR}/site-lisp/${PACKAGE} fi pgpshJYMBc7Tj.pgp Description: PGP signature
Bug#699743: emms: fails to upgrade lenny - squeeze - wheezy: emms-setup.el:96:8:Error: Symbol's value as variable is void: emms-directory
Hello, Andreas Beckmann a...@debian.org writes: during a test with piuparts I noticed your package fails to upgrade from 'lenny' to 'squeeze' to 'wheezy'. It installed fine in 'lenny', and upgraded to 'squeeze' successfully, but then the upgrade to 'wheezy' failed. [...] Rerunning this upgrade path manually produced this logfile in /tmp: [...] Wrote /usr/share/emacs22/site-lisp/emms/emms-score.elc In toplevel form: emms-setup.el:96:8:Error: Symbol's value as variable is void: emms-directory Wrote /usr/share/emacs22/site-lisp/emms/emms-source-file.elc Wrote /usr/share/emacs22/site-lisp/emms/emms-source-playlist.elc [...] Seems to be the same issue as #693472.EMMS Depends against emacsen-common should probably be tightened to = 2.0.5. Regards, -- Arnaud Fontaine pgppsRDFtCe0d.pgp Description: PGP signature
Bug#692899: zope2.12: [CVE-2012-5485 to 5508] Multiple vectors corrected within 20121106 fix
Hi, Moritz Muehlenhoff j...@debian.org writes: On Sun, Nov 25, 2012 at 11:07:38AM +0900, Arnaud Fontaine wrote: The following CVEs are not affecting Zope2 package (Plone/Zope3/..) (within brackets is the Product/module/... affected along with the corresponding filename in Plone Hotfix): For clarification, so that I can update the Debian Security Tracker, none of these CVE IDs are packaged in Debian, right? (I can't find a Plone package, but these could be packaged through one of the many zope.* packages?) * CVE-2012-5485 (Plone: registerConfiglet.py) http://plone.org/products/plone/security/advisories/20121106/01 * CVE-2012-5488/CVE-2012-5494/CVE-2012-5495/CVE-2012-5499/CVE-2012-5506 (Plone-specific: python_scripts.py) http://plone.org/products/plone/security/advisories/20121106/04 http://plone.org/products/plone/security/advisories/20121106/10 http://plone.org/products/plone/security/advisories/20121106/11 http://plone.org/products/plone/security/advisories/20121106/15 http://plone.org/products/plone/security/advisories/20121106/22 * CVE-2012-5490 (kss: kssdevel.py) http://plone.org/products/plone/security/advisories/20121106/06 * CVE-2012-5491/CVE-2012-5504 (z3c.form (Zope3): widget_traversal.py) http://plone.org/products/plone/security/advisories/20121106/12 http://plone.org/products/plone/security/advisories/20121106/20 * CVE-2012-5492 (Plone: uid_catalog.py) http://plone.org/products/plone/security/advisories/20121106/08 * CVE-2012-5493 (CMFCore: gtbn.py) http://plone.org/products/plone/security/advisories/20121106/09 * CVE-2012-5496 (Plone: kupu_spellcheck.py) http://plone.org/products/plone/security/advisories/20121106/09 * CVE-2012-5497 (Plone: membership_tool.py) http://plone.org/products/plone/security/advisories/20121106/13 * CVE-2012-5498 (Plone: queryCatalog.py) http://plone.org/products/plone/security/advisories/20121106/14 * CVE-2012-5500 (Plone: renameObjectsByPaths.py) http://plone.org/products/plone/security/advisories/20121106/15 * CVE-2012-5501 (Plone: at_download.py) http://plone.org/products/plone/security/advisories/20121106/17 * CVE-2012-5502 (PortalTransforms: safe_html.py) http://plone.org/products/plone/security/advisories/20121106/18 * CVE-2012-5503 (Plone-specific: ObjectManager: ftp.py) http://plone.org/products/plone/security/advisories/20121106/19 None of the above CVE IDs are packaged in Debian as Plone is not packaged in Debian and the other Products/modules are not packaged in Debian neither. Cheers, -- Arnaud Fontaine pgpJfuCNAchgx.pgp Description: PGP signature
Bug#692899: zope2.12: [CVE-2012-5485 to 5508] Multiple vectors corrected within 20121106 fix
Hello, Tres Seaver tsea...@palladion.com writes: version 2.12.21: * LP #1079238 fixes CVE 2012-5489. According to the upstream changelog, LP #1047318 seems to fix a security bug, but I could not find it in zope2 launchpad nor anywhere else. That bug was still in Private Security state: I have updated it to Public Security, so you whould be able to view it: https://bugs.launchpad.net/zope2/+bug/1047318 Thank you very much. Not fixed in latest release of Zope AFAIK: * CVE-2012-5487 (allow_module.py) http://plone.org/products/plone/security/advisories/20121106/03 I don't believe that this can be a bug in Zope itself: adding '__roles__' to a module-scope function is pointless unless the module itselfisimportableby untrusted(TTW)code. The 'AccessControl.SecurityInfo' module should *certainly* not be exposed to untrusted code. If some other out-of-Zope-core module which is supposed to be importable by TTW code imports that function at module scope, then fix *that* module instead. Indeed, thanks for your explanation. * CVE-2012-5505 (zope.traversing: atat.py) http://plone.org/products/plone/security/advisories/20121106/21 That fix is also disputed: hiding the default view from the '@@' name does not actually improve security at all. There is a Launchpad bug where it is being debated (#1079225), but that bug is still in Private Security mode. The correct fix is to change the code of the multi-adapter to barf if published via a URL. Any idea when this patch will be released? Thanks. Cheers, Arnaud Fontaine pgpTgs9cPJITT.pgp Description: PGP signature
Bug#656552: zope2.12-sandbox: fails to upgrade from testing
Hi, Jonas Meurer jo...@freesources.org writes: Am 22.11.2012 11:56, schrieb Arnaud Fontaine: Ivo De Decker ivo.dedec...@ugent.be writes: [...] In other words: the package creates an (empty) zope instance in the postinst, but fails to install if such an instance exists. This makes a reinstall fail. It seems the relevant parts of these scripts come from zope-debhelper, so this bug probably originates there. Thank you so much for investigating this issue. IMHO, we can set 'zope-common/remove-instance-without-data' to remove by default, as there is no point at aborting by default if there is no data. What do you think? I fully agree with you. Thanks a lot for working on zope2.12/zope-common packages for wheezy! Your work is much appreciated. Thanks for your reply. I just uploaded zope-common and will upload Zope 2.12 with bumped Pre-Depends on zope-common as soon as a patch is available for CVE-2012-5505. Cheers, -- Arnaud Fontaine pgprhWRTOuwGZ.pgp Description: PGP signature
Bug#692899: zope2.12: [CVE-2012-5485 to 5508] Multiple vectors corrected within 20121106 fix
Hello, Luciano Bello luci...@debian.org writes: Hi, please see : http://seclists.org/oss-sec/2012/q4/249 Can you confirm if any of the Debian packages are affected? As far as I could find (not clear in the upstream changelog): version 2.12.26: * LP #1071067 fixes CVE 2012-5507, CVE 2012-5508. * LP #930812 fixes CVE 2012-5486. version 2.12.21: * LP #1079238 fixes CVE 2012-5489. According to the upstream changelog, LP #1047318 seems to fix a security bug, but I could not find it in zope2 launchpad nor anywhere else. The following CVEs are not affecting Zope2 package (Plone/Zope3/..) (within brackets is the Product/module/... affected along with the corresponding filename in Plone Hotfix): * CVE-2012-5485 (Plone: registerConfiglet.py) http://plone.org/products/plone/security/advisories/20121106/01 * CVE-2012-5488/CVE-2012-5494/CVE-2012-5495/CVE-2012-5499/CVE-2012-5506 (Plone-specific: python_scripts.py) http://plone.org/products/plone/security/advisories/20121106/04 http://plone.org/products/plone/security/advisories/20121106/10 http://plone.org/products/plone/security/advisories/20121106/11 http://plone.org/products/plone/security/advisories/20121106/15 http://plone.org/products/plone/security/advisories/20121106/22 * CVE-2012-5490 (kss: kssdevel.py) http://plone.org/products/plone/security/advisories/20121106/06 * CVE-2012-5491/CVE-2012-5504 (z3c.form (Zope3): widget_traversal.py) http://plone.org/products/plone/security/advisories/20121106/12 http://plone.org/products/plone/security/advisories/20121106/20 * CVE-2012-5492 (Plone: uid_catalog.py) http://plone.org/products/plone/security/advisories/20121106/08 * CVE-2012-5493 (CMFCore: gtbn.py) http://plone.org/products/plone/security/advisories/20121106/09 * CVE-2012-5496 (Plone: kupu_spellcheck.py) http://plone.org/products/plone/security/advisories/20121106/09 * CVE-2012-5497 (Plone: membership_tool.py) http://plone.org/products/plone/security/advisories/20121106/13 * CVE-2012-5498 (Plone: queryCatalog.py) http://plone.org/products/plone/security/advisories/20121106/14 * CVE-2012-5500 (Plone: renameObjectsByPaths.py) http://plone.org/products/plone/security/advisories/20121106/15 * CVE-2012-5501 (Plone: at_download.py) http://plone.org/products/plone/security/advisories/20121106/17 * CVE-2012-5502 (PortalTransforms: safe_html.py) http://plone.org/products/plone/security/advisories/20121106/18 * CVE-2012-5503 (Plone-specific: ObjectManager: ftp.py) http://plone.org/products/plone/security/advisories/20121106/19 Not fixed in latest release of Zope AFAIK: * CVE-2012-5487 (allow_module.py) http://plone.org/products/plone/security/advisories/20121106/03 * CVE-2012-5505 (zope.traversing: atat.py) http://plone.org/products/plone/security/advisories/20121106/21 I have attached to this email the patches for these two CVEs and will upload them soon. I'm CC'ing zope-dev for review. Regards, Arnaud Fontaine Index: zope2.12-2.12.26/source/Zope2/src/AccessControl/SecurityInfo.py === --- zope2.12-2.12.26.orig/source/Zope2/src/AccessControl/SecurityInfo.py 2012-11-22 18:57:27.0 +0900 +++ zope2.12-2.12.26/source/Zope2/src/AccessControl/SecurityInfo.py 2012-11-24 13:23:20.669183242 +0900 @@ -311,6 +311,8 @@ ModuleSecurityInfo(module_name[:dot]).setDefaultAccess(1) dot = module_name.find('.', dot + 1) +allow_module.__roles__ = () + def allow_class(Class): Allow a class and all of its methods to be used from a restricted Script. The argument Class must be a class. Index: zope2.12-2.12.26/source/zope.traversing/src/zope/traversing/namespace.py === --- zope2.12-2.12.26.orig/source/zope.traversing/src/zope/traversing/namespace.py 2012-11-22 19:00:29.0 +0900 +++ zope2.12-2.12.26/source/zope.traversing/src/zope/traversing/namespace.py 2012-11-24 13:16:40.229707666 +0900 @@ -31,7 +31,7 @@ from zope.traversing.interfaces import IEtcNamespace from zope.traversing.interfaces import IPathAdapter from zope.traversing.interfaces import ITraversable - +from zope.traversing.interfaces import TraversalError class UnexpectedParameters(LocationError): Unexpected namespace parameters were provided. @@ -325,6 +325,9 @@ self.request = request def traverse(self, name, ignored): +if not name: +raise TraversalError(self.context, name) + view = zope.component.queryMultiAdapter((self.context, self.request), name=name) if view is None: pgpwv8FZFuTlB.pgp Description: PGP signature
Bug#656552: zope2.12-sandbox: fails to upgrade from testing
Hi, Ivo De Decker ivo.dedec...@ugent.be writes: [...] In other words: the package creates an (empty) zope instance in the postinst, but fails to install if such an instance exists. This makes a reinstall fail. It seems the relevant parts of these scripts come from zope-debhelper, so this bug probably originates there. Thank you so much for investigating this issue. IMHO, we can set 'zope-common/remove-instance-without-data' to remove by default, as there is no point at aborting by default if there is no data. What do you think? Cheers, -- Arnaud Fontaine pgp6kh9DpZiPo.pgp Description: PGP signature
Bug#689285: Not properly fixed
Hi, Enrico Zini enr...@enricozini.org writes: I see no reason to release Wheezy with turbogears, at all. It is hardly supported upstream, it is obsolete, and it does not have many users. Also, I have no motivation whatsoever to support it for Wheezy's lifetime. My plan to solve this bug is therefore to file RM bugs for it and all that depends on it, both for wheezy and for sid. The affected packages are: python-tgmochikit python-turbogears python-turbomail I'll do it in a week unless some of the other comaintainers step up and say that they take responsibility for supporting TG during Wheezy's lifetime. Please go ahead as I don't mind at all if you get rid of turbomail. Cheers, -- Arnaud Fontaine pgpZMyS2WlfDg.pgp Description: PGP signature
Bug#684560: [gaphor] gaphor requires python-setuptools
Hi, Jakub Wilk jw...@debian.org writes: * Gediminas Paulauskas mene...@pov.lt, 2012-08-27, 15:53: The current behviour of dh_python2 is IMHO errant. It should either 1) translate setuptools in requires.txt into dependency on python-setuptools or 2) remove setuptools from requires.txt when translating it into dependency on python-pkg-resources. dh_python2 does 2) for a year already: python-defaults (2.7.2-2) experimental; urgency=low [ Piotr Ożarowski ] * dh_python2: ... - remove setuptools from requires.txt (it is replaced with python-pkg-resources Debian dependency) ... Good point, I forgot about it. A no-change rebuild would fix the following binary packages: python-zc.buildout python-zope.exceptions python-zope.interface However, zope.exceptions and zope.interface build also python3-* packages, which would _not_ be fixed by such rebuild. Indeed. Thanks for pointing that out, Gediminas and Jakub. I have written a patch to make the behavior of dh_python2 consistent with dh_python3 based on [0]. If that patch could be integrated soon, then only a no-change rebuild would be required, otherwise I will add a workaround to those 2 packages for Python 3. Out of curiosity, why is debpython different for python2 and python3 (it may be a silly question but I must admit that I have not followed dh_python3 development)? ;-) Regards, -- Arnaud Fontaine [0] http://anonscm.debian.org/loggerhead/pkg-python/python-defaults-debian/revision/246/debpython/pydist.py === modified file 'debpython/pydist.py' --- debpython/pydist.py 2012-06-30 19:24:20 + +++ debpython/pydist.py 2012-08-28 03:01:55 + @@ -181,16 +181,31 @@ ver = None result = [] +modified = optional_section = False +processed = [] with open(fname, 'r', encoding='utf-8') as fp: for line in fp: line = line.strip() -# ignore all optional sections +if not line or line.startswith('#'): +processed.append(line) +continue if line.startswith('['): -break -if line: -dependency = guess_dependency(line, ver) -if dependency: -result.append(dependency) +optional_section = True +if optional_section: +processed.append(line) +continue +dependency = guess_dependency(line, ver) +if dependency: +result.append(dependency) +if 'setuptools' in line.lower(): +modified = True +else: +processed.append(line) +else: +processed.append(line) +if modified: +with open(fname, 'w') as fp: +fp.writelines(i + '\n' for i in processed) return result pgpapD7bTtt3O.pgp Description: PGP signature
Bug#684560: [gaphor] gaphor requires python-setuptools
Hello, After investigating a bit this issue, it seems that both zope.component and its requirement, zope.interface, does 'install_requires' setuptools because pkg_resources is required for zope namespace, but after install requires.txt ends up with setuptools. One solution would be to patch setup.py to remove the install_requires line for setuptools, but it will be required in a lot of packages, so I'm wondering if dh_python2 should handle that automatically or with a specific option? What do you think? Thanks! Regards, -- Arnaud Fontaine pgpcJ0jccMbEf.pgp Description: PGP signature
Bug#656552: zope2.12-sandbox: fails to upgrade from testing
Hi, Arnaud Fontaine ar...@debian.org writes: Andreas Beckmann deb...@abeckmann.de writes: the problem now also happens on a regular update from testing. Adding set -x to the postinst script does not reveal any useful information: [...] Installing dialog does not help. You should ask a debconf guru as that seemsto be a debconfrelated problem, /usr/share/debconf/frontend seems to be failing. Could you please try again after setting '-x' in postinst and DEBCONF_DEBUG=developer as environment variable? ping? Cheers, -- Arnaud Fontaine pgpSydC6LjjoI.pgp Description: PGP signature
Bug#656552: zope2.12-sandbox: fails to upgrade from testing
Hi, Andreas Beckmann deb...@abeckmann.de writes: the problem now also happens on a regular update from testing. Adding set -x to the postinst script does not reveal any useful information: [...] Installing dialog does not help. You should ask a debconf guru as that seems to bea debconf related problem, /usr/share/debconf/frontend seems to be failing. Could you please try again after setting '-x' in postinst and DEBCONF_DEBUG=developer as environment variable? Cheers, -- Arnaud Fontaine pgpag6z8DAUGH.pgp Description: PGP signature
Bug#676041: zope2.12: FTBFS: ImportError: No module named pip.req
reassign 676041 python-pip 1.1-1 thanks Hello, Lucas Nussbaum lu...@lucas-nussbaum.net writes: During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part: make[2]: Entering directory `/«PKGBUILDDIR»' Cleaning... rm -rf ./build find ./source/ -maxdepth 2 -type d -name build -exec rm -rf {} \; Building Zope2 2.12... Traceback (most recent call last): File ./debian/build-scripts/build.py, line 249, in module main() File ./debian/build-scripts/build.py, line 230, in main base_build_dir=tmp_install_area) File ./debian/build-scripts/build.py, line 79, in install_dist from pip.req import InstallRequirement ImportError: No module named pip.req make[2]: *** [build] Error 1 The full build log is available from: http://people.debian.org/~lucas/logs/2012/06/04/zope2.12_2.12.22-1_unstable.log Thanks for the bug report. I'm reassigning this bug to python-pip because since 1.1-1, python-pip bumped X-Python-Version to = 2.7, and Zope 2.12 uses Python 2.6, thus the error message. This change seems a bit suspicious to me, especially considering that the upstream states to support = 2.4 (according to setup.py at least) and that I could not find any reference to this change in debian/changelog unless I missed something of course ;-). Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666502: python-tz: returns incorrect UTC offsets
tags 666502 + squeeze thanks Hello, Rémy Oudompheng remyoudomph...@gmail.com writes: In a Python shell (on 30 Mar 2012): import datetime, pytz now = datetime.datetime.now() pytz.timezone(US/Hawaii).utcoffset(now) datetime.timedelta(-1, 48600) The expected answer is datetime.timedelta(-1, 50400). The bug is known upstream and was corrected in a later version. Since timezones and offsets are the main usage of python-tz, this makes the package unusable. The upstream bug is: https://bugs.launchpad.net/pytz/+bug/310606 I cannot reproduce this issue with the current version available in Sid (2011h-1), so I guess this is a Squeeze-only issue. Thanks for the bug report. Regards, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666502: python-tz: returns incorrect UTC offsets
Hello, Mehdi Dogguy me...@dogguy.org writes: I cannot reproduce this issue with the current version available in Sid (2011h-1), so I guess this is a Squeeze-only issue. Thanks for the bug report. Do you intend to try to fix this in Squeeze? (See [1]) AFAICS, the fix is known and thus could be easily fixed in Squeeze (note that there are other related fixes to tzname() and dst() methods). Well, it could be done, especially considering that the fix[0] is not really intrusive. As you pointed out, perhaps tzname[1] and dst[2] fixes could be added too. I have only done one upload of python-tz so far, therefore I'm not so familiar with it, but these patches seem pretty straightforward... -- Arnaud Fontaine [0] http://bazaar.launchpad.net/~stub/pytz/devel/revision/212 [1] http://bazaar.launchpad.net/~stub/pytz/devel/revision/214 [2] http://bazaar.launchpad.net/~stub/pytz/devel/revision/213 pgppT1bN1J4Ol.pgp Description: PGP signature
Bug#661441: src:genshi: tests fail under python2.7, but failure is ignored
Hello, Stefano Rivera stefa...@debian.org writes: FAIL: test_sanitize_remove_src_javascript (genshi.filters.tests.html.HTMLSanitizerTestCase) Forwarded the build failures I see with python 2.7 trunk upstream: http://genshi.edgewall.org/ticket/500 [not seen in Debian yet, but coming soon] http://genshi.edgewall.org/ticket/501 Simon Cross said on IRC that he'll try and get out a 0.6 point-release soon. Thank you very much for submitting these issues upstream. As soon as the upstream publishes a patch or a new version, I will upload it. Regards, -- Arnaud Fontaine pgpG8k2bRYIxY.pgp Description: PGP signature
Bug#644246: python-meld3: diff for NMU version 0.6.5-3.1
tags 644246 + pending thanks Dear maintainer, I've prepared an NMU for python-meld3 (versioned as 0.6.5-3.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Regards. diff -Nru python-meld3-0.6.5/debian/changelog python-meld3-0.6.5/debian/changelog --- python-meld3-0.6.5/debian/changelog 2011-10-31 11:02:00.0 +0900 +++ python-meld3-0.6.5/debian/changelog 2011-10-31 10:52:37.0 +0900 @@ -1,3 +1,12 @@ +python-meld3 (0.6.5-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Apply Ubuntu patch to make the package compatible with Python +2.7. Thanks to Jessica McKellar. Closes: #644246. ++ Switch to 3.0 (quilt) source format to apply patch cleanly. + + -- Arnaud Fontaine ar...@debian.org Mon, 31 Oct 2011 10:48:32 +0900 + python-meld3 (0.6.5-3) unstable; urgency=low * Bring maintainer source in sync with NMUs diff -Nru python-meld3-0.6.5/debian/patches/fixtag_import_error_with_python2.7.patch python-meld3-0.6.5/debian/patches/fixtag_import_error_with_python2.7.patch --- python-meld3-0.6.5/debian/patches/fixtag_import_error_with_python2.7.patch 1970-01-01 09:00:00.0 +0900 +++ python-meld3-0.6.5/debian/patches/fixtag_import_error_with_python2.7.patch 2011-10-31 10:50:06.0 +0900 @@ -0,0 +1,71 @@ +--- python-meld3-0.6.5.orig/meld3/meld3.py python-meld3-0.6.5/meld3/meld3.py +@@ -3,6 +3,7 @@ + import re + import types + import mimetools ++import string + from StringIO import StringIO + + try: +@@ -24,10 +25,32 @@ + from xml.etree.ElementTree import QName + from xml.etree.ElementTree import _raise_serialization_error + from xml.etree.ElementTree import _namespace_map +-from xml.etree.ElementTree import fixtag + from xml.etree.ElementTree import parse as et_parse + from xml.etree.ElementTree import ElementPath + ++try: ++from xml.etree.ElementTree import fixtag ++except: ++def fixtag(tag, namespaces): ++# given a decorated tag (of the form {uri}tag), return prefixed ++# tag and namespace declaration, if any ++if isinstance(tag, QName): ++tag = tag.text ++namespace_uri, tag = string.split(tag[1:], }, 1) ++prefix = namespaces.get(namespace_uri) ++if prefix is None: ++prefix = _namespace_map.get(namespace_uri) ++if prefix is None: ++prefix = ns%d % len(namespaces) ++namespaces[namespace_uri] = prefix ++if prefix == xml: ++xmlns = None ++else: ++xmlns = (xmlns:%s % prefix, namespace_uri) ++else: ++xmlns = None ++return %s:%s % (prefix, tag), xmlns ++ + # HTMLTreeBuilder does not exist in python 2.5 standard elementtree + from HTMLParser import HTMLParser + AUTOCLOSE = p, li, tr, th, td, head, body +--- python-meld3-0.6.5.orig/meld3/test_meld3.py python-meld3-0.6.5/meld3/test_meld3.py +@@ -1,6 +1,7 @@ + import unittest + from StringIO import StringIO + import re ++import sys + + _SIMPLE_XML = r?xml version=1.0? + root xmlns:meld=http://www.plope.com/software/meld3; +@@ -1671,9 +1672,13 @@ + /html + + def test_unknown_entity(self): +-from xml.parsers import expat +-self.assertRaises(expat.error, self._parse, +- 'htmlhead/headbodyfleeb;/body/html') ++if sys.version_info[:3] = (2,7,0): ++self.assertRaises(SyntaxError, self._parse, ++ 'htmlhead/headbodyfleeb;/body/html') ++else: ++from xml.parsers import expat ++self.assertRaises(expat.error, self._parse, ++ 'htmlhead/headbodyfleeb;/body/html') + + def test_content_nostructure(self): + root = self._parse(_SIMPLE_XML) diff -Nru python-meld3-0.6.5/debian/patches/series python-meld3-0.6.5/debian/patches/series --- python-meld3-0.6.5/debian/patches/series1970-01-01 09:00:00.0 +0900 +++ python-meld3-0.6.5/debian/patches/series2011-10-31 10:50:52.0 +0900 @@ -0,0 +1 @@ +fixtag_import_error_with_python2.7.patch diff -Nru python-meld3-0.6.5/debian/source/format python-meld3-0.6.5/debian/source/format --- python-meld3-0.6.5/debian/source/format 1970-01-01 09:00:00.0 +0900 +++ python-meld3-0.6.5/debian/source/format 2011-10-31 10:45:28.0 +0900 @@ -0,0 +1 @@ +3.0 (quilt) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#644246: python-meld3: broken with Python 2.7 (NMU?)
Hello, Could you please upload a package addressing this issue (or the latest version available, namely 0.6.7) because it breaks supervisor package (and thus my package relying on the latter)? If you wish, I can upload a NMU if you don't have time... Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#643999: slapos-client: uninstallable in sid
Hello, Thanks for the reminder. I will do it on Monday then. Cheers, -- Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#624847: pulseaudio does not build anymore with xcb-util 0.3.8
Hi, Sorry for the late reply. Arnaud, I think libxcb-atom1-dev would be better replaced by libxcb-util0-dev, which completely replaces libxcb-atom1-dev, instead of libxcb1-dev No, because the only reason why pulseaudio was depending on libxcb-atom1 was xcb_atom_get() which has been removed since then, so xcb_intern_atom*() (from libxcb1) should be used instead. Therefore, there is no need to Build-Depends on libxcb-util0-dev, libxcb1-dev is enough (if you look carefully at the patch I provided, configure.ac has been updated and *only* depends upon xcb = 1.6). Anyway, is there any news on the NMU? Please note that the bug makes many of the binary packages built from this version of pulseaudio, uninstallable, as reported by #629394. As the package is currently in experimental, it was not a priority for me, sorry... Daniel: do you want me to upload the version currently in Debian git? Cheers, -- Arnaud Fontaine pgps5579FZeNK.pgp Description: PGP signature
Bug#626717: libstartup-notification0: 0.11 breaks ABI for sn_launchee_context_setup_window
Hi, NAK. Please just revert the change, see the patch I sent. Sorry for the noise, I didn't see these emails before sending mine. Cheers, -- Arnaud Fontaine pgpmV9PJaSaxV.pgp Description: PGP signature
Bug#626717: libstartup-notification0: 0.11 breaks ABI for sn_launchee_context_setup_window
Hi, xcb_window_tis uint32_t,Windowis unsignedlong. sn_launchee_context_setup_window is public API. I somehow managed to miss this before uploading 0.11, but I think it needs fixing. Ok, I will prepare an upload that bumps the SONAME and will send an email upstream about that. Thanks. Cheers, -- Arnaud Fontaine pgp3NjRLJYZ3s.pgp Description: PGP signature
Bug#593708: Newer [unreleased] version of tuxonice userui
Hello, Hello, The last version of Tuxonice's userui, unreleased but available on project's git tree, has an option for disabling Usplash support, and also some other nice small features as a single binary for all backends and some debug for FrameBuffer backend, which is useful for KMS enabled kernels as found in Squeeze. It would be nice to have it in Squeeze :-) Yes, that would definitely be a good idea. I will have a look at that. Thanks! Cheers, -- Arnaud Fontaine (arnau) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591560: epiphany-extension-gwget: not installable in unstable
Hello, Thanks for the bug report, however it has already been submitted as #578733. The upstream author has not replied yet to the emails I sent... Cheers, -- Arnaud Fontaine (arnau) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#584414: libmng-dev: Missing header files
Package: libmng-dev Version: 1.0.9-2 Justification: renders package unusable Severity: grave Tags: patch Hi, libmng-dev does not provide any header files anymore because these files are installed in debian/libmng1/usr/include and not moved to debian/libmng-dev/usr/include afterwards. I have attached to this email a patch which fixes the issue by putting all the files in debian/tmp/ and then moving them to the proper directories (thus I added usr/lib/*.so.* to libmng-dev.install). I have also used dh_install rather than dh_movefiles following the recommendation given in dh_movefiles manpage. Hope that helps. Regards, -- Arnaud Fontaine (arnau) diff -urN orig/libmng-1.0.9/debian/libmng1.install libmng-1.0.9/debian/libmng1.install --- orig/libmng-1.0.9/debian/libmng1.install 1969-12-31 18:00:00.0 -0600 +++ libmng-1.0.9/debian/libmng1.install 2010-06-03 12:07:41.430649051 -0500 @@ -0,0 +1 @@ +usr/lib/*.so.* diff -urN orig/libmng-1.0.9/debian/libmng-dev.files libmng-1.0.9/debian/libmng-dev.files --- orig/libmng-1.0.9/debian/libmng-dev.files 2010-06-02 01:21:00.0 -0500 +++ libmng-1.0.9/debian/libmng-dev.files 1969-12-31 18:00:00.0 -0600 @@ -1,3 +0,0 @@ -usr/include/* -usr/lib/lib*.a -usr/lib/lib*.so diff -urN orig/libmng-1.0.9/debian/libmng-dev.install libmng-1.0.9/debian/libmng-dev.install --- orig/libmng-1.0.9/debian/libmng-dev.install 1969-12-31 18:00:00.0 -0600 +++ libmng-1.0.9/debian/libmng-dev.install 2010-06-02 01:21:00.0 -0500 @@ -0,0 +1,3 @@ +usr/include/* +usr/lib/lib*.a +usr/lib/lib*.so diff -urN orig/libmng-1.0.9/debian/rules libmng-1.0.9/debian/rules --- orig/libmng-1.0.9/debian/rules 2010-06-02 07:11:39.0 -0500 +++ libmng-1.0.9/debian/rules 2010-06-03 12:18:13.686649356 -0500 @@ -37,18 +37,15 @@ dh_installdirs # Add here commands to install the package into debian/tmp. - mkdir $(CURDIR)/debian/libmng1/usr - $(MAKE) install prefix=$(CURDIR)/debian/libmng1/usr - - # Remove empty dir - rm -rf $(CURDIR)/debian/libmng1/usr/include + mkdir -p $(CURDIR)/debian/tmp/usr + $(MAKE) install prefix=$(CURDIR)/debian/tmp/usr binary-indep: build install binary-arch: build install dh_testdir dh_testroot - dh_movefiles --sourcedir=debian/libmng1 -plibmng-dev + dh_install --sourcedir=debian/tmp -plibmng-dev -plibmng1 dh_installman dh_installdocs dh_installexamples pgpigIpMsGNSG.pgp Description: PGP signature
Bug#578733: epiphany-extension-gwget: Doesn't work with ephy 2.30
tags 578733 + upstream thanks Hi, The gwget extension doesn't work with ephy 2.30. It's not listed in the extensions list, and hacking around to make it be listed won't have any effect, files will still be downloaded with ephy's download manager. See https://bugzilla.gnome.org/show_bug.cgi?id=616498 Indeed, the Debian extension package hasn't worked for a while as stated in README.Debian[0]. However, when I built it from git, it seemed to work fine. Last time I had a look at this issue, as the upstream author was not replying, I had some help from Epiphany guys though. Have you tried to debug it using GDB? BTW, why have you cross-posted this bug report to the upstream bugzilla and the BTS? Maybe I should hand over maintainership of gwget to someone else because, as shown by the last uploads, I clearly don't have time to take enough care of it. Would you like to take it over? If not, I will simply submit a RFA... Regards, Arnaud Fontaine [0] http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/gwget2/debian/README.Debian -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#578733: epiphany-extension-gwget: Doesn't work with ephy 2.30
Hi, BTW, thank you very much for all your work on the package ! I currently lack time to work on these packages, so this is great that somebody actually cares. Cheers, Arnaud -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#576705: SIGSEGV due to NULL pointer dereference in handle_ldap_getgroups()
Package: proftpd-mod-ldap Severity: grave Tags: patch Hello, When LDAPDoAuth specifies an invalid filter which leads to no results being returned, mod_ldap SIGSEGV with the following backtrace: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f073be4f6f0 (LWP 16253)] 0x7f0739e60e72 in handle_ldap_getgroups (cmd=0x11f1470) at mod_ldap.c:1054 1054mod_ldap.c: No such file or directory. in mod_ldap.c (gdb) bt #0 0x7f0739e60e72 in handle_ldap_getgroups (cmd=0x11f1470) at mod_ldap.c:1054 #1 0x0042f332 in pr_module_call (m=0x7f073a0676a0, func=0x7f0739e60ac0 handle_ldap_getgroups, cmd=0x1209c30) at modules.c:502 #2 0x00431e28 in dispatch_auth (cmd=0x11f1470, match=0x47d172 getgroups, m=0x0) at auth.c:266 #3 0x00431f52 in pr_auth_getgroups (p=0x11f13f0, name=value optimized out, group_ids=0x6a9ce0, group_names=0x6a9ce8) at auth.c:980 #4 0x00432577 in auth_anonymous_group (p=value optimized out, login_name=0x7fffac929ca0, user_name=value optimized out, anon_name=0x0) at auth.c:1041 #5 pr_auth_get_anon_config (p=value optimized out, login_name=0x7fffac929ca0, user_name=value optimized out, anon_name=0x0) at auth.c:1169 #6 0x0045750d in auth_user (cmd=0x11d9688) at mod_auth.c:1756 #7 0x0042f332 in pr_module_call (m=0x69bc20, func=0x457470 auth_user, cmd=0x1209c30) at modules.c:502 #8 0x00413266 in _dispatch (cmd=0x11d9688, cmd_type=2, validate=value optimized out, match=0x11d9708 USER) at main.c:459 #9 0x0041384b in pr_cmd_dispatch_phase (cmd=0x11d9688, phase=0, send_response=1) at main.c:725 #10 0x00414cbc in cmd_loop (server=value optimized out, c=value optimized out) at main.c:916 #11 0x00410655 in fork_server (fd=value optimized out, l=value optimized out, nofork=value optimized out) at main.c:1436 #12 0x00412609 in daemon_loop () at main.c:1643 #13 0x004149c5 in main (argc=1, argv=value optimized out, envp=value optimized out) at main.c:3044 Actually, `pw' pointer is dereferenced in `pr_log_debug(..., pw-pw_name,...)' whereas`pw'might beNULLif `pr_ldap_user_lookup()' called by `pr_ldap_getpwnam()' returns NULL when there has been an error or no entry found. I have attached to this email a patch to fix this issue. If the `pr_user_lookup()' fails (either because of an error or the user does not exist), my patch makes `ldap_handle_getgroups()' just returns (after displaying an error message) as I think there is no point at checking the groups afterwards. I might be missing something though but as the code is not documented, this is a bit hard to tell ;). Regards, Arnaud Fontaine --- proftpd-dfsg-1.3.2e/contrib/mod_ldap.c.orig 2010-04-06 17:24:00.065027336 +0100 +++ proftpd-dfsg-1.3.2e/contrib/mod_ldap.c 2010-04-06 17:19:38.737029792 +0100 @@ -978,15 +978,21 @@ } pw = pr_ldap_getpwnam(cmd-tmp_pool, cmd-argv[0]); - if (pw) { -gr = pr_ldap_getgrgid(cmd-tmp_pool, pw-pw_gid); -if (gr) { - pr_log_debug(DEBUG3, MOD_LDAP_VERSION : adding user %s primary group %s/%lu, pw-pw_name, gr-gr_name, (unsigned long)pw-pw_gid); - *((gid_t *) push_array(gids)) = pw-pw_gid; - *((char **) push_array(groups)) = pstrdup(session.pool, gr-gr_name); -} else { - pr_log_debug(DEBUG3, MOD_LDAP_VERSION : couldn't determine group name for user %s primary group %lu, skipping., pw-pw_name, (unsigned long)pw-pw_gid); -} + /* If the user lookup fails, there is no point at looking at the groups */ + if (!pw) { +pr_log_pri(PR_LOG_ERR, MOD_LDAP_VERSION : ldap_handle_getgroups(): Invalid user %s or authentication filter, + cmd-argv[0]); + +goto return_groups; + } + + gr = pr_ldap_getgrgid(cmd-tmp_pool, pw-pw_gid); + if (gr) { +pr_log_debug(DEBUG3, MOD_LDAP_VERSION : adding user %s primary group %s/%lu, pw-pw_name, gr-gr_name, (unsigned long)pw-pw_gid); +*((gid_t *) push_array(gids)) = pw-pw_gid; +*((char **) push_array(groups)) = pstrdup(session.pool, gr-gr_name); + } else { +pr_log_debug(DEBUG3, MOD_LDAP_VERSION : couldn't determine group name for user %s primary group %lu, skipping., pw-pw_name, (unsigned long)pw-pw_gid); } if (!ldap_gid_basedn) { @@ -1047,7 +1053,7 @@ continue; } -if (!pw || strtoul(LDAP_VALUE(gidNumber, 0), (char **)NULL, 10) != pw-pw_gid) { +if (strtoul(LDAP_VALUE(gidNumber, 0), (char **)NULL, 10) != pw-pw_gid) { *((gid_t *) push_array(gids)) = strtoul(LDAP_VALUE(gidNumber, 0), (char **)NULL, 10); *((char **) push_array(groups)) = pstrdup(session.pool, LDAP_VALUE(cn, 0));
Bug#567696: emms: diff for NMU version 3.0-5.1
Hi, I have already prepared a package with a patch for #567696 too. I will upload it tomorrow. Hope that's ok. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546178: status of proposed patch
On Sun, January 3, 2010 14:01, Miguel Figueiredo wrote: Hi all, Hi, this bug report already has a proposed patch by Steve Kemp (15/09/2009). Can this be fixed in a security update for the people running (old)stable? As explained before, the patch proposed does not completely fix the problem and unfortunately I haven't had time yet to look at it. As planet is not available anymore in testing/unstable because it has been deprecated in favor of planet-venus, I would recommend switching to planet-venus. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds
Moritz Muehlenhoff j...@inutil.org writes: Hi, As indicated by Nico, please propose this for a stable point update by filing a bug against the release.debian.org pseudo package. I have not uploaded it yet because, as mentioned in the bug report, the patch doesn't fix all the cases. I don't have time to look at it, but I can upload the package if another patch is proposed. Cheers, Arnaud Fontaine pgpITiSH3Ypi3.pgp Description: PGP signature
Bug#547394: closed by Arnaud Fontaine ar...@debian.org (Bug#547394: fixed in netenv 0.94.3-25)
Elimar Riesebieter riese...@lxtec.de writes: Hi, An upgrade to 0.94.3-25 deletes the link in /etc/rcS.d/??netenv. I had to dpkg-reconfigure netenv. This works as expected because the netenv link wasn't found by uodate-rc running from postinst then. Sorry but I don't understand what you mean, could you please elaborate? Thank you very much. Cheers, Arnaud pgpSV9Q50nOde.pgp Description: PGP signature
Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds
Steve Kemp s...@debian.org writes: Hi, Basically it comes down to CDATA and the handling of description This is the comment I received: -- please find attached the two reproducers for the CDATA thing. poc1.xml is not correctly filtered while poc2.xml is filtered, although they are nearly identical. If you edit the newly patched function to print the k and v values, you'll see that the attributes aren't passed through. -- Unfortunately, I don't have so much time at the moment to be able to provide a new patch. Would you have time to do it? If you really can't make it, I will try to do it anyway. BTW, planet has now been removed from unstable, so this is only about fixing the oldstable and stable packages. Thank you very much for your help fixing this bug. Cheers, Arnaud pgp1zhMU3fl7n.pgp Description: PGP signature
Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds
Hi, I have prepared yesterday a package for Lenny including this patch. At the moment, I'm waiting for a reply from the debian-security team. Concerning unstable and testing fixes, I plan to remove planet from unstable ASAP because there has not been any new upstream release for 3 years now. I have already contacted the ftpmaster and Noah Slater (maintainer of planet-venus which replaces planet). Thank you very much for the patch and bug report. Regards, Arnaud Fontaine pgp61LF3ralMF.pgp Description: PGP signature
Bug#546178: planet: [CVE-2009-2937] - Insufficient escaping of input feeds
Steve Kemp s...@debian.org writes: Hi, Did you see the followup discussion from Secunia about another planet-problem, relating to the handling of CDATA ? No I didn't, I could not find this discussion, could you please point it me out? As soon as all these issues will have been addressed, I will prepare a package (debian-security team: please do not upload the package for now). (To be honest if I were to re-do the patch now I'd probably do it the other way round : Make sure srcstarts with http: to cover other cases too.) As the debian-security team has not replied yet, maybe it is still possible to update the patch? Cheers, Arnaud Fontaine pgpriOjN1ig0I.pgp Description: PGP signature
Bug#534024: turbomail: FTBFS: ImportError: No module named rules
Hi Lucas, Sorry for the delay in replying to this bug report. Well, this bug is not related to turbomail but to turbojson as shown in the backtrace and as already been fixed (#507909). Anyway, as this bug should have been fixed by now, please let me know if you can reproduce this bug, otherwise feel free to close it ;)... Cheers, Arnaud pgpWH9nGJz5zJ.pgp Description: PGP signature
Bug#528527: Package candidate for removal for GNOME transition
Adeodato Simó d...@net.com.org.es writes: Hello, Hello, gwget2, evolution-rss, evolution-jescs and icewm are all RC buggy and are being considered for removal in order to get GNOME 2.24/26 migrate to testing. I note that the RC bugs of gwget2 and evolution-jescs have only been filed minutes ago, so if the maintainers express they intend to upload very soon, effort will be put in getting it built quickly and in time in order for it not to be removed. However, the RC bugs have existed unfiled for more than a week, so we'll also take that into account if everything else gets ready. I am quite busy at the moment with my exams but I think I can upload version 1.0.1 of gwget before the end of the week-end (I hope that would be ok this way?). This new upstream version ships support for epiphany 2.26, thus fixing this RC bug. Regards, Arnaud Fontaine pgpdUeuh6P0Ev.pgp Description: PGP signature
Bug#527512: turbomail: FTBFS: ImportError: No module named rules
reassign 527512 turbojson retitle 527512 turbojson: FTBFS: ImportError: No module named rules merge 507909 527512 thanks Hello, This bug is related to turbojson and not turbomail as stated by the error trace you sent with this mail, therefore I'm reassigning this bug to turbojson. Regards, Arnaud Fontaine pgpXd7NiTFZxi.pgp Description: PGP signature
Bug#498115: emms: fails 'emacs-package-install', leaving package half-configured
Ben == Ben Finney [EMAIL PROTECTED] writes: Hello, This is not a very fortunate solution, since it forces emms users to install an obsolete Emacs version. Maybe dropping support for emacs21 would be better. Ben I can't speak for others, but certainly I'd prefer not to have Ben anything extra requiring obsolete Emacs on my system, Ben especially if it should work perfectly well with the current Ben Emacs in Debian. I think you are both right and I will simply drop emacs21 support... I will upload the package in the next days. Thanks for your comments. Cheers, Arnaud Fontaine pgp4GbTaFSiMI.pgp Description: PGP signature
Bug#498115: emms: fails 'emacs-package-install', leaving package half-configured
Hello, Actually url.el is not provided only by emacs21 but it is in w3-url-e21, so I will add a Depends against w3-url-e21. Thanks for the report. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#478356: gwget 0.99-3 is going to be upload...
Josselin == Josselin Mouette [EMAIL PROTECTED] writes: Hello, Josselin This is not a real issue. As it is a plugin, it will get Josselin these symbols from the binary it is loaded into. Josselin The root cause is libtool, which adds a SONAME to plugins Josselin while it should not, but in the end there’s not much you Josselin can do about it. Thank you very much for your explanation. So, I will upload the package today. Cheers, Arnaud -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#478356: gwget 0.99-3 is going to be upload...
Adeodato == Adeodato Simó [EMAIL PROTECTED] writes: Hello, Adeodato Hello. Any news about this pending upload? Adeodato Thanks, I have already prepared the package[0] but I was trying to fix warnings from dpkg-shlibdeps: dpkg-shlibdeps: warning: symbol g_type_register_static_simple used by debian/epiphany-extension-gwget/usr/lib/epiphany-gecko/2.22/extensions/libgwgetextension.so found in none of the libraries. I fixed this kind of warnings but not the ones related to src/ directory because it would need many modifications in the upstream source. David: could you please take a look at this issue? Cheers, Arnaud [0] http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/gwget2/?rev=15800sc=1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#478944: tuxonice-userui_0.7.2+clean-3(sparc/unstable): FTBFS: Nothing to be done for `binary-arch'.
Hello, Couldyou pleaseadd tuxonice-useruisourcepackage to packages-arch-specific: %tuxonice-userui: i386 ia64 powerpc ppc64 amd64 Thank you. Regards, Arnaud Fontaine pgp2VkaOefXBi.pgp Description: PGP signature
Bug#456489: squashfs-tools: data corruption caused by lzma patches
Stefan == Stefan Lippers-Hollmann [EMAIL PROTECTED] writes: Hello, Stefan Removing the newly added lzma patches from squashfs Stefan alltogether fixes these bugs (see attached debdiff Stefan squashfs_remove-lzma-patches.diff and [4]) and results in Stefan valid zlib compressed squashfs images (confirmed on various Stefan amd64 and i386 systems). I won't remove lzma patch. However I will take a look at this bug after my exam, if you could try to debug it before, it would help a lot. Regards, Arnaud Fontaine pgph0tmfXbOLA.pgp Description: PGP signature
Bug#453847: libusplash0: missing shlibs
Package: libusplash0 Version: 0.5.2-3 Severity: serious Justification: Policy 8.6 Hello, libusplash0 should provide a shlibs file according to the policy. Regards, Arnaud Fontaine pgpKrRntG46lD.pgp Description: PGP signature
Bug#442906: squashfs: Doesn't work anymore with l-m-e-2.6
Daniel == Daniel Baumann [EMAIL PROTECTED] writes: Daniel it doesn't even build with m-a, build log is attached. Hello, Thanks for your report. I will take a look at this bug tomorrow. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#433805: Patch order broken
tags 433805 + pending thanks calvin == calvin [EMAIL PROTECTED] writes: Hello, calvin the -5 upload does again not compile, -4 was ok. Reason is calvin that the slab-removal patch in debian/patches has no effect calvin since it modifies files in the kernel-patches/ directory calvin which are applied before dpatch runs (with the pre-build calvin target in debian/rules). The patch should modify files in calvin the linux-2.6 directory instead. Sorry. I have just fixed this bug in the git repository. As soon as Otavio has reviewed my modification, it will be uploaded. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#415050: thinkpad-source: Undefined symbols inter_module_register and inter_module_unregister
tags 415050 + patch thanks Hello, After searching on google, I wrote the attached patch. Could you please test it and tell me if it works fine? Cheers, Arnaud Fontaine diff -urN 2.6.old/drivers/rtcmosram.c 2.6/drivers/rtcmosram.c --- 2.6.old/drivers/rtcmosram.c 2007-05-07 15:47:02.0 +0200 +++ 2.6/drivers/rtcmosram.c 2007-05-06 00:53:58.0 +0200 @@ -226,8 +226,6 @@ } /* proc entry created */ - inter_module_register( _szImName, THIS_MODULE, rtcmosram_do ); - return 0; } @@ -235,8 +233,6 @@ static void __exit rtcmosram_exit( void ) { - inter_module_unregister( _szImName ); - remove_proc_entry( _szProcfile, NULL ); if ( _presourceRtcmosram != NULL ) release_resource( _presourceRtcmosram ); diff -urN 2.6.old/drivers/smapi_core.c 2.6/drivers/smapi_core.c --- 2.6.old/drivers/smapi_core.c 2007-05-07 15:47:02.0 +0200 +++ 2.6/drivers/smapi_core.c 2007-05-06 00:53:25.0 +0200 @@ -298,8 +298,6 @@ } /* proc entry created */ - inter_module_register( _szImName, THIS_MODULE, smapi_do ); - return 0; } @@ -307,8 +305,6 @@ static void __exit smapi_exit( void ) { - inter_module_unregister( _szImName ); - remove_proc_entry( _szProcfile, NULL ); return; diff -urN 2.6.old/drivers/superio.c 2.6/drivers/superio.c --- 2.6.old/drivers/superio.c 2007-05-07 15:47:02.0 +0200 +++ 2.6/drivers/superio.c 2007-05-06 00:52:40.0 +0200 @@ -887,8 +887,6 @@ } /* proc entry created */ - inter_module_register( _szImName, THIS_MODULE, superio_do ); - return 0; } @@ -896,8 +894,6 @@ static void __exit superio_exit( void ) { - inter_module_unregister( _szImName ); - remove_proc_entry( _szProcfile, NULL ); if ( _presourceSuperio != NULL ) release_resource( _presourceSuperio ); diff -urN 2.6.old/drivers/thinkpad.c 2.6/drivers/thinkpad.c --- 2.6.old/drivers/thinkpad.c 2007-05-07 15:47:02.0 +0200 +++ 2.6/drivers/thinkpad.c 2007-05-06 00:52:06.0 +0200 @@ -230,13 +230,13 @@ pxint_do_t pxint_doSmapi; int intRet; if ( ! enable_smapi ) return -ETHINKPAD_MODULE_DISABLED; - pxint_doSmapi = (pxint_do_t)inter_module_get_request( smapi_do , _szSmapiName ); + pxint_doSmapi = (pxint_do_t)symbol_get( smapi_do ); if ( pxint_doSmapi == NULL ) return -ETHINKPAD_MODULE_NOT_FOUND; intRet = (*pxint_doSmapi)( ulongIoctlArg, caller_has_w( pfileThe ) ); - inter_module_put(smapi_do); + symbol_put_addr(smapi_do); if ( intRet 0 ) intRet = -ETHINKPAD_PROGRAMMING; return intRet; } @@ -245,13 +245,13 @@ pxint_do_t pxint_doSuperio; int intRet; if ( ! enable_superio ) return -ETHINKPAD_MODULE_DISABLED; - pxint_doSuperio = (pxint_do_t)inter_module_get_request( superio_do , _szSuperioName ); + pxint_doSuperio = (pxint_do_t)symbol_get( superio_do ); if ( pxint_doSuperio == NULL ) return -ETHINKPAD_MODULE_NOT_FOUND; intRet = (*pxint_doSuperio)( ulongIoctlArg, caller_has_w( pfileThe ) ); - inter_module_put(superio_do); + symbol_put_addr(superio_do); if ( intRet 0 ) intRet = -ETHINKPAD_PROGRAMMING; return intRet; } @@ -260,13 +260,13 @@ pxint_do_t pxint_doRtcmosram; int intRet; if ( ! enable_rtcmosram ) return -ETHINKPAD_MODULE_DISABLED; - pxint_doRtcmosram = (pxint_do_t)inter_module_get_request( rtcmosram_do , _szRtcmosramName ); + pxint_doRtcmosram = (pxint_do_t)symbol_get( rtcmosram_do ); if ( pxint_doRtcmosram == NULL ) return -ETHINKPAD_MODULE_NOT_FOUND; intRet = (*pxint_doRtcmosram)( ulongIoctlArg, caller_has_w( pfileThe ) ); - inter_module_put(rtcmosram_do); + symbol_put_addr(rtcmosram_do); if ( intRet 0 ) intRet = -ETHINKPAD_PROGRAMMING; return intRet; } diff -urN 2.6.old/drivers/thinkpadpm.c 2.6/drivers/thinkpadpm.c --- 2.6.old/drivers/thinkpadpm.c 2007-05-07 15:47:02.0 +0200 +++ 2.6/drivers/thinkpadpm.c 2007-05-06 00:54:13.0 +0200 @@ -516,8 +516,6 @@ } /* proc entry created */ - inter_module_register( _szImName, THIS_MODULE, thinkpadpm_do ); - return 0; } @@ -525,8 +523,6 @@ static void __exit thinkpadpm_exit( void ) { - inter_module_unregister( _szImName ); - remove_proc_entry( _szProcfile, NULL ); return; pgpDrX5L5FSvn.pgp Description: PGP signature
Bug#404235: trr19: segfault when no argument is given
Hello, Your patch is wrong because you are using `char *textfile` in the first snprintf without initializing it. I made a patch which fixes the bug and works on the Hurd. Regards, Arnaud Fontaine diff -uN trr19-1.0beta5.orig/trr_format.c trr19-1.0beta5/trr_format.c --- trr19-1.0beta5.orig/trr_format.c 2007-01-21 21:19:23.0 +0100 +++ trr19-1.0beta5/trr_format.c 2007-01-21 18:56:58.0 +0100 @@ -21,6 +21,11 @@ #include signal.h #include errno.h #include pwd.h +#include sys/types.h +#include sys/wait.h +#include unistd.h + +#include utils.h #if defined(HAVE_STRING_H) #include string.h @@ -40,12 +45,16 @@ main(int argc, char **argv){ - char textfile[256], formattedfile[256], lockfile[256], *tmpfname; - char command[256], line[1024]; + int err = 0; FILE *fd, *tmpfd; + size_t len=0; + pid_t ret; int i; struct passwd *pw = NULL; - + int tmpfnamefd = 0; + char *textfile = NULL, *lockfile = NULL, *formattedfile = NULL, +*command = NULL, *line = NULL; + char tmpfname[] = /tmp/trr_update.XX; /* ignore signals */ signal(SIGHUP, SIG_IGN); @@ -53,14 +62,16 @@ signal(SIGQUIT, SIG_IGN); signal(SIGTERM, SIG_IGN); - strcpy(textfile, TEXT_DIR); - strcat(textfile, argv[1]); - strcpy(formattedfile, textfile); - strcat(formattedfile, .formed); - strcpy(lockfile, textfile); - strcat(lockfile, .lock); + if(argc 2){ +fprintf(stderr, %s: %s\n, argv[0], strerror (EINVAL)); +exit(1); + } + + my_asprintf(textfile, %s%s, TEXT_DIR, argv[1]); + my_asprintf(formattedfile, %s.formed, textfile); + my_asprintf(lockfile, %s.lock, textfile); - umask(18); + umask(022); /* if previous process is formatting same target text, wait for that process to finish formatting. */ @@ -81,47 +92,82 @@ } } /* successfully formatted */ - unlink(lockfile); - return 0; + exit(0); } else{ perror(lockfile); exit(1); } else{ +tmpfnamefd = mkstemp(tmpfname); + /* format a text - fork and exec the processes so we can drop privileges */ switch( fork() ) { case -1: /* Error */ - perror(fork); + perror(fork); exit(1); break; case 0: /* Child */ - tmpfname = tmpnam(NULL); unlink(formattedfile); /* Drop group privileges */ pw = getpwuid(getuid()); + if(!pw){ + unlink(lockfile); + fprintf(stderr, You don't exist..go away\n); + exit(1); + } + setgid(pw-pw_gid); - sprintf(command, %s -v '^[ \t]*$' %s | %s 's/\\([.?!;]\\) *$/\\1/' | %s 's/^ *\\(.*\\)$/\\1/' %s, - GREP, textfile, SED, SED, tmpfname); - system(command); + if (my_asprintf(command, %s -v '^[ \t]*$' %s | %s 's/\\([.?!;]\\) *$/\\1/' | %s 's/^ *\\(.*\\)$/\\1/' %s, + GREP, textfile, SED, SED, tmpfname) == -1 || tmpfnamefd == -1) + { + if (tmpfnamefd != -1) + unlink(lockfile); + + perror(temporary file creation); + exit(1); + } + + execl(/bin/sh, sh, -c, command); break; default: /* Parent */ + do + ret = wait (NULL); + while (!(ret == -1 errno == ECHILD)); break; } -tmpfd = fopen(tmpfname, r); +unlink(tmpfname); +tmpfd = fdopen(tmpfnamefd, r); +if (!tmpfd){ + unlink(lockfile); + perror(fopen); + exit(1); +} + fd = fopen(formattedfile, w); - -while(fgets(line, 1024, tmpfd)) +if (!fd){ + unlink(lockfile); + perror(fopen); + exit(1); +} + +while(my_getline(line, len, tmpfd) != -1) fputs(line, fd); +/* release lock */ +unlink(lockfile); + +free(line); +free(command); +free(formattedfile); +free(textfile); +free(lockfile); + fclose(tmpfd); fclose(fd); -unlink(tmpfname); -/* release lock */ -unlink(lockfile); -return 0; +return err; } } diff -uN trr19-1.0beta5.orig/trr_update.c trr19-1.0beta5/trr_update.c --- trr19-1.0beta5.orig/trr_update.c 2007-01-21 21:19:23.0 +0100 +++ trr19-1.0beta5/trr_update.c 2007-01-21 21:18:12.0 +0100 @@ -21,6 +21,9 @@ #include stdlib.h #include signal.h #include errno.h +#include time.h + +#include utils.h #if defined(HAVE_STRING_H) #include string.h @@ -45,9 +48,12 @@ #endif /* HAVE_FCNTL_H */ main(int argc, char **argv){ - char scorefile[256], lockfile[256], datestr[64]; - char line[256], savedline[256]; - const char *user, *scores, *step, *times, *ttime, *token; + char *scorefile = NULL, *lockfile = NULL, *line = NULL, *savedline = NULL; + char *user = NULL, *scores = NULL, *step = NULL, *times = NULL, +*ttime = NULL, *token = NULL; + size_t len=0; + char datestr[64]; + FILE *fd, *tmpf; int score, tmpscore, i, myself, inserted; long datev; @@ -59,12 +65,16 @@ signal(SIGTERM, SIG_IGN); umask(18); - strcpy(scorefile, RECORD_DIR); + + if (argc 7){ +fprintf(stderr, too few arguments\n); +exit(1); + } + + my_asprintf (scorefile, %s%s, RECORD_DIR, argv[1]); /* create a new record file
Bug#404235: trr19: segfault when no argument is given
Hello, The package fixing this issue is almost ready. I will port it for the Hurd as I have already ported two packages to it and will upload the patch for reviewing on the alioth Hurd group. I think I will be able to upload a package this week-end. Sorry for the delay. Thanks Nico for the patches you provided. Regards, Arnaud Fontaine pgp7vSswP7oVY.pgp Description: PGP signature
Bug#245826: t-gnus: please maintain and update the package
Hello, I would like to NMU t-gnus this week except if you intend to do an upload soon. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#395321: vaiostat-source: fails to build against 2.6.18
severity 395964 grave merge 395964 395321 thanks Hello, I intend to NMU vaiostat-source in order to fix this bug in the following week if I don't get an answer from you. If you have planned a new release soon, please tell me... Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#395321: vaiostat-source: fails to build against 2.6.18
tags 395321 + patch thanks Hello, I fix this bug by using module_param instead of MODULE_PARM which is deprecated (in favor of module_param) and not type-safe. It builds fine but could you please try this patch and tell me if the module behaves correctly? If so, I will prepare a NMU. Regards, Arnaud Fontaine --- vaiostat.c.old 2006-12-06 23:06:23.0 +0100 +++ vaiostat.c 2006-12-06 23:13:12.0 +0100 @@ -42,6 +42,7 @@ #include linux/kernel.h #include linux/proc_fs.h #include linux/delay.h +#include linux/moduleparam.h #include asm/uaccess.h #include asm/io.h @@ -326,10 +327,10 @@ MODULE_DESCRIPTION(Support selected Sony Vaio features.); MODULE_LICENSE(GPL); -MODULE_PARM(verbose,i); +module_param(verbose, int, 0); MODULE_PARM_DESC(verbose, be verbose, default is 0 (no)); -MODULE_PARM(umask,i); +module_param(umask, int, 0); MODULE_PARM_DESC(umask, umask for /proc/vaio entries, default 0777); #ifdef EXPORT_NO_SYMBOLS pgpC0UrOaPGUi.pgp Description: PGP signature
Bug#400753: squashfs: FTBFS
tags 400753 + pending thanks Hello, Thanks for the report. It will be uploaded tonight or tomorrow. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#392055: planet: Installs crontab but does not remove it on purge
tags 392055 - pending thanks Hello, I don't see the problem because in postrm i put: rm -rf /var/cache/planet /var/lib/planet /etc/planet.conf /etc/cron.d/planet According to the policy (10.7.3), it is possible to do this kind of things. Regards, Arnaud Fontaine pgp3Fd4MQfrNO.pgp Description: PGP signature
Bug#386997: python-psycopg: import psycopg failed due to missing depends
Package: python-psycopg Version: 1.1.21-9 Severity: grave Justification: renders package unusable Hey, During import of psycopg, i have the following error: import psycopg Traceback (most recent call last): File stdin, line 1, in ? ImportError: libpq.so.4: cannot open shared object file: No such file or directory It works fine by installing libpq4 package. Could you please add this package to python-psycopg depends field ? Regards, Arnaud Fontaine -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.4 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages python-psycopg depends on: ii python2.4.3-11 An interactive high-level object-o ii python-egenix-mxdatetime 2.0.6-4date and time handling routines fo python-psycopg recommends no packages. -- no debconf information pgpkeUyh6auCF.pgp Description: PGP signature
Bug#386371: ImportError: No module named planet
tags 386371 + pending thanks Hey, Thanks for your report. I did something really stupid, sorry, the package will be uploaded today. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#384905: bzrtools plugins do not register
Hey, I have attached the patch which seems to fix the problem. Bye, Arnaud Fontaine diff -urN bzrtools-0.9.0.old/debian/compat bzrtools-0.9.0/debian/compat --- bzrtools-0.9.0.old/debian/compat2006-08-11 15:10:54.0 +0200 +++ bzrtools-0.9.0/debian/compat2006-08-28 14:20:34.0 +0200 @@ -1 +1 @@ -4 +5 diff -urN bzrtools-0.9.0.old/debian/pycompat bzrtools-0.9.0/debian/pycompat --- bzrtools-0.9.0.old/debian/pycompat 2006-08-19 21:44:48.0 +0200 +++ bzrtools-0.9.0/debian/pycompat 1970-01-01 01:00:00.0 +0100 @@ -1 +0,0 @@ -2 diff -urN bzrtools-0.9.0.old/debian/pyversions bzrtools-0.9.0/debian/pyversions --- bzrtools-0.9.0.old/debian/pyversions2006-08-19 21:44:48.0 +0200 +++ bzrtools-0.9.0/debian/pyversions2006-08-28 13:55:05.0 +0200 @@ -1 +1 @@ -2.4 +2.4- diff -urN bzrtools-0.9.0.old/debian/rules bzrtools-0.9.0/debian/rules --- bzrtools-0.9.0.old/debian/rules 2006-08-28 16:36:44.0 +0200 +++ bzrtools-0.9.0/debian/rules 2006-08-28 14:10:19.0 +0200 @@ -2,20 +2,9 @@ # This file is public domain. DEB_PYTHON_SYSTEM=pysupport -PY_VERSIONS = $(shell pyversions --requested debian/control) include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/python-distutils.mk common-post-build-indep:: PYTHONPATH=. BZR_PLUGIN_PATH=build/lib/bzrlib/plugins/ bzr selftest bzrtools -v - -install-stamp-%: - -rm -rf $(CURDIR)/debian/bzrtools/usr/lib/python$*/site-packages/bzrlib/plugins/bzrtools - dh_link /usr/share/python-support/bzrtools/bzrlib/plugins/bzrtools /usr/lib/python$*/site-packages/bzrlib/plugins/bzrtools - -common-post-install:: $(addprefix install-stamp-, $(PY_VERSIONS)) - -clean:: - -rm -rf $(addprefix install-stamp-, $(PY_VERSIONS)) - pgpqaXd31mgmI.pgp Description: PGP signature
Bug#371867: squashfs: FTBFS on ia64
reassign 371867 linux-modules-extra-2.6 retitle 371867 FTBFS on ia64 merge 371867 365094 thanks Hey, As squashfs kernel module is now part of linux-modules-extra-2.6, therefore i reassign this bug to linux-modules-extra-2.6. Regards, Arnaud Fontaine pgpAd95wgsarv.pgp Description: PGP signature
Bug#374692: sqlobject: should have a Provides field
Package: sqlobject Severity: serious Tags: patch Following the Python policy, sqlobject should have the following field in debian/control: Provides: python2.4-sqlobject python2.3-sqlobject Regards, Arnaud Fontaine -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16.1-maggie Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) pgpfoyEcsUSMt.pgp Description: PGP signature
Bug#374690: python-turbojson depends on python2.4-sqlobject which is no more available
Package: python-turbojson Version: 0.9.3-1 Severity: grave Justification: renders package unusable Hello, python-turbojson should depend on python-sqlobject and not python2.4-sqlobject. Therefore it is currently uninstallable. Regards, Arnaud Fontaine -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16.1-maggie Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) pgpVYoYVskYYq.pgp Description: PGP signature
Bug#371867: squashfs_1:3.0-5(ia64/unstable): FTBFS: missing files
block 371867 by 342246 severity 342246 serious found 342246 2.6.16-2 thanks Hello, This bug seems to be related to #342246. The FTBFS happens also on loop-aes-modules and unionfs. Regards, Arnaud Fontaine pgpvWRI36K6WL.pgp Description: PGP signature
Bug#371867: squashfs_1:3.0-5(ia64/unstable): FTBFS: missing files
Hello, Squashfs kernel module doesn't build on IA64 [0]. I don't really understand why these files (module.lds, toolchain-flags, check-gas) doesn't exist on IA64 only. Any idea ? Regards, Arnaud Fontaine [0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=371867 pgpQELB6G8UEo.pgp Description: PGP signature
Bug#368969: rounding error causes generation of invalid filesystems
tags 368969 + upstream thanks Hello, If this bug isn't solve soon by upstream author, i will add this patch to debian/patches. Thanks for your report. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#368201: bzrtools: New upstream release 0.8
Package: bzrtools Severity: serious Version: 0.7-2 Hello, bzrtools is uninstallable due to an unmet dependency on bzr ( 0.8) whereas the current version of bzr in the repository is 0.8.2. Regards, Arnaud Fontaine -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16.1-maggie Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) pgpldwdo2V9Nt.pgp Description: PGP signature
Bug#232428: please apply my patch for #232428
found 232428 1.68.1.dfsg.1-0.1 thanks Hello, This bug is present in docbook-xsl 1.68.1.dfsg.1-0.1. Please fix this. It is exactly the same patch that is needed. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#364434: gwget2: FTBFS: mv: cannot stat `debian/gwget/usr/lib/epiphany': No such file or directory
Hello, Could you try to build gwget2 using the package i have prepared [0] ? Regards, Arnaud Fontaine [0] http://velma.mini-dweeb.org/~arnau/deb/official/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#360690: install scripts do not run; package seems mangled
Hello, I would like more notice from you. How could we know that you have prepared a new package ? In addition it is a RC bug. That's why, i did a NMU quickly. I thought my patch was good and works well. But apparently, it isn't for the update. So, i'm sorry. I try to make my best for this patch, but you are probably right, i should have sent you a mail, especially for a big patch. The next time i made a big patch like that, i will contact the DD. Sorry again ;). But please, the next time you have a RC bug, please send a mail telling that a new package is ready and it needs review from your sponsor. Regards, Arnaud Fontaine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]