Bug#1065696: Fwd: E: unsupported command: poweroff.no-molly-guard

2024-03-08 Thread Francois Marier 
Hi Helmut,

This looks like an unexpected edge case from the recent usr-merge changes:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065696

It sounds like a system using sysvinit, instead of systemd, which was
recently upgraded using usrmerge.

Francois

-- 
https://fmarier.org/

Bug#1033306: The tor package in stable will soon become unusable

2024-03-01 Thread Francois Marier 
I received the email below from the Tor team. The package that's currently
in stable should be updated ASAP since it's going to stop working very soon.

I will be switching temporarily to the package in backports, but IMO an
update should be pushed to bookworm either via the security repo, or failing
that as a stable update.

Francois
--
Hi,

You are running a bunch of Tor relays, which is great.

However, that relays' Tor version is obsolete, and because of old bugs,
we will soon cut relays and bridges running that version out of the network.

Please consider upgrading ASAP!

You can find Tor packages and instructions for your distro / OS here:
https://community.torproject.org/relay/setup/guard/

If you need help upgrading your relay, please use the Tor Forum:
https://forum.torproject.org/c/support/relay-operator/17

::Stay Connected with the Tor Community::

- Join our Monthly Tor relay operators meetups:
https://forum.torproject.org/t/tor-relays-next-tor-relay-operator-meetup-march-2nd-2024-19-00-utc/11568

- Subscribe to the Tor relays mailing list:
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Thanks,
Gus
--
The Tor Project
Community Team Lead

Bug#1062046: [hel...@subdivi.de: Bug#1062046: libfko3t64 has an undeclared file conflict]

2024-01-31 Thread Francois Marier 
Looks like there's a missing conflict in the package that was just uploaded
to experimentatl.

- Message transféré de Helmut Grohne  -

Package: libfko3t64
Version: 2.6.10-20.1~exp1
Severity: serious
User: debian...@lists.debian.org
Usertags: fileconflict
Control: affects -1 + libfko3
X-Debbugs-Cc: Lukas Märdian , vor...@debian.org

libfko3t64 has an undeclared file conflict. This may result in an unpack
error from dpkg.

The files
 * /usr/lib/x86_64-linux-gnu/libfko.so.3
 * /usr/lib/x86_64-linux-gnu/libfko.so.3.0.0
are contained in the packages
 * libfko3
   * 2.6.10-12 as present in bullseye
   * 2.6.10-16 as present in bookworm
   * 2.6.10-20+b2 as present in trixie|unstable
 * libfko3t64/2.6.10-20.1~exp1 as present in experimental

These packages can be unpacked concurrently, because there is no
relevant Replaces or Conflicts relation. Attempting to unpack these
packages concurrently results in an unpack error from dpkg, because none
of the packages installs a diversion for the affected files.

Kind regards

The Debian Usr Merge Analysis Tool

This bug report has been automatically filed with no human intervention.
The source code is available at https://salsa.debian.org/helmutg/dumat.
If the filing is unclear or in error, don't hesitate to contact
hel...@subdivi.de for assistance.


- Fin du message transféré -

Bug#1061958: fwknop: NMU diff for 64-bit time_t transition

2024-01-30 Thread Francois Marier 
On 2024-01-30 at 05:48:11, Lukas Märdian (sl...@debian.org) wrote:
> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if information
> becomes available that your package should not be included in the transition,
> there is time for us to amend the planned uploads.

No objections from me.

If you'd like to create a merge request on
https://salsa.debian.org/debian/fwknop, then I can merge and then you can
upload to unstable at your convenience.

Francois


signature.asc
Description: PGP signature

Bug#1056279: Bug#1057220: Looks like the systemctl links are gone but not the pm-utils ones

2023-12-17 Thread Francois Marier 
Thank you Helmut and Chris for the helpful discussion.

I have finally found some time to review your comments and the proposed
molly-guard patches. While I'm still not 100% confident I understand the
problem (and the fix), the solution you have settled on makes sense to me.

With respect to the presence of the real commands in the path, I'm not too
worried about it personally. I do agree it's unfortunate and it would be
great if we could do this reliably without putting the diverted binary
within easy reach, but at the end of the day, molly-guard will never catch
all possible mistakes. As Helmut pointed out, it's already missing some
cases (and it's always been possible to "init 6" as well), but I think it
still provides a useful service if it catches the most common cases of
accidental reboots. I had a similar dilemma for another package I maintain
(safe-rm) and I've decided there to focus on the most common cases again to
reduce complexity, and improve reliability.

I will leave this for a few days in case others like Simó want to also chime
in, but otherwise I am planning to upload to experimental this week and then
unstable a few days later.

Again many thanks for all of the work that has gone into solving this thorny
problem.

Francois

Bug#1057470: Outdated rkhunter since 2018-02

2023-12-05 Thread Francois Marier 
On 2023-12-05 at 20:28:44, Jörg Frings-Fürst (debian@jff.email) wrote:
> I did not search for Vulnerabilities. However, I am of the opinion that using
> rkhunter in its current form is equivalent to using a 6 year old virus scanner
> and therefore involves an increased security risk.

Ideally I agree that it would be great if more signatures could be added so
that new threats could be detected. I don't see any indication that of
vulnerabilities in this software however. Lack of new upstream development
is not necessarily an indication that the software is unsafe.

Francois

-- 
https://fmarier.org/

Bug#1057470: Outdated rkhunter since 2018-02

2023-12-05 Thread Francois Marier 
On 2023-12-05 at 07:07:23, Jörg Frings-Fürst (debian@jff.email) wrote:
> I noticed that the program and the data available on the internet are from 
> 2018-02. 
> So almost 6 years old data suggests a non-existent security.

Hi Jörg, are you aware of security vulnerabilities in rkhunter or you are
simply guessing that it might contain security vulnerabilities?

As far as I am aware, rkhunter is not under active development anymore, but
it also doesn't have any known vulnerabilities.

Francois

-- 
https://fmarier.org/

Bug#1056279: Looks like the systemctl links are gone but not the pm-utils ones

2023-11-27 Thread Francois Marier 
On 2023-11-27 at 03:54:16, Helmut Grohne (hel...@subdivi.de) wrote:
> I don't have time to update the patch right now. Let me promise an update
> this week, ok?

Hi Helmut,

My apologies for not responding earlier, but this is a rather thorny problem
to solve and I have not had the mental "bandwidth" to dig into this yet.

I wanted however to express my sincere appreciation for all of the work you
have put into both understanding this problem and coming up with a solution.

Francois

Bug#1056279: Looks like the systemctl links are gone but not the pm-utils ones

2023-11-19 Thread Francois Marier 
CCing Helmut who wrote the initial patch for systemd 255+ support (see
Bug#1055510).

I also see the same thing:

$ ls -lh /usr/lib/molly-guard/
Permissions Size User Group Date Modified Name
.rwxr-xr-x  3,4k root root  11 nov 14:02  molly-guard*
lrwxrwxrwx31 root root  14 nov  2019  pm-hibernate -> 
/usr/lib/pm-utils/bin/pm-action*
lrwxrwxrwx31 root root  14 nov  2019  pm-suspend -> 
/usr/lib/pm-utils/bin/pm-action*
lrwxrwxrwx31 root root  14 nov  2019  pm-suspend-hybrid -> 
/usr/lib/pm-utils/bin/pm-action*

$ sudo reboot --help
E: not a regular file: /usr/lib/molly-guard/reboot

I'm also a little confused by the diverts. Perhaps something changed in
systemd (which owns the ultimate underlying symlinks)?

Francois

-- 
https://fmarier.org/

Bug#1055510: Best way to coordinate this fix

2023-11-11 Thread Francois Marier 
On 2023-11-10 at 02:45:14, Helmut Grohne (hel...@subdivi.de) wrote:
> Thank you. The package built and dumat has imported it. I locally forked
> its analysis database pretending that systemd would not declare a
> conflict for molly-guard and reran it on that database. It does not
> report any issues for molly-guard 0.8. I also checked the underlying
> database and see that it recognizes the duplicated diversions there.

Thanks for all of the help Helmut!

I have uploaded 0.8.1 to unstable.

Francois

-- 
https://fmarier.org/

Bug#1055510: Best way to coordinate this fix

2023-11-09 Thread Francois Marier 
On 2023-11-08 at 21:15:58, Helmut Grohne (hel...@subdivi.de) wrote:
> Thank you. I suggest going via experimental first.

I've just uploaded to experimental. If there are any tests you can easily
run there, please do so.

I've upgraded in unstable from the current version to 0.8 without problems,
so that should in theory work when I eventually upload to unstable.

Francois

-- 
https://fmarier.org/

Bug#1055670: fwknop-server: must Depends: apparmor-profiles-extra

2023-11-09 Thread Francois Marier 
> The latest update breaks apparmor for the whole system.
> 
> /etc/apparmor.d/usr.sbin.fwknopd:
>   include 
> 
> This must declare Depends: apparmor-profiles-extra.
> 
> Otherwise the apparmor service can't parse the file and will refuse to start.

Ah, that's annoying. I don't think I'll want to make fwknop-server require
apparmor. I guess this means I need to reintroduce the fwknop-apparmor
package.

Thanks for flagging this.

Francois

-- 
https://fmarier.org/

Bug#1055510: Best way to coordinate this fix

2023-11-08 Thread Francois Marier 
If anybody would like to double-check (or test) the package I've prepared,
it's in salsa right now.

Francois

Bug#1055510: Best way to coordinate this fix

2023-11-07 Thread Francois Marier 
Hi Luca,

What's the best way to coordinate a fix for this?

I assume that we shouldn't upload a new molly-guard packages until the files
have actually moved in the systemd package?

Should we wait until systemd is in unstable to push a new molly-guard out?

Francois

-- 
https://fmarier.org/

Bug#1034055: fwknop-apparmor-profile: AppArmor profile installed in systemd system service path

2023-04-07 Thread Francois Marier 
On 2023-04-07 at 07:23:07, Laurent Bigonville (bi...@debian.org) wrote:
> It seems that you install the apparmor profile in the path for systemd system 
> service
> 
> The following change should be reverted:
> https://salsa.debian.org/debian/fwknop/-/commit/d3a5aaef39fedc1bb94e26921afbf63f79b31af7

Hm, that does look like a mistake. I don't remember what might have caused
me to make that change.

I guess the apparmor profile hasn't been in use for a while then. It seems
like it's too late in the release process to re-add it in bookworm.

Here's what I'm thinking of doing:

- move it to /usr/share/apparmor/extra-profiles/ (so it's not turned on by
  default) for bookworm
- move it back to /etc/apparmor.d/ after bookworm

Alternatively, I could also not change anything for bookworm since it's not
enabled as an AppArmor profile and it will be ignored as a systemd unit
file.

What do you think?

Francois

Bug#1033306: tor: Tor relays running 0.4.5.16 will soon be cut off from the network

2023-03-21 Thread Francois Marier 
Package: tor
Version: 0.4.5.16-1
Severity: grave
Justification: renders package unusable

I received the following email from the Tor Project:

Hi,

You are running a bunch of Tor relays, which is great:

However, those relays' Tor version is obsolete, and because of old bugs,
we will soon cut relays and bridges running that version out of the
network. Please consider upgrading!

You can find Tor packages and instructions for your distro / OS here:
https://community.torproject.org/relay/setup/guard/

If you need help upgrading your relays, please use the Tor Forum:
https://forum.torproject.net/c/support/relay-operator/17

Let us know if we can do anything to make the process easier.

Thanks!
Georg

They are currently aiming for a cut-off date 4-6 weeks from now.

This means that the version of tor that's in bullseye will essentially stop
working for most uses.

There is already a version in backports that will work fine, but perhaps
it's worth also uploading it to stable for the next point release?

Francois

-- 
https://fmarier.org/

Bug#1006534: pagekite: Fails to accept client connections

2022-02-26 Thread Francois Marier 
Package: pagekite
Version: 1.5.2.200603-2
Severity: grave
Tags: patch
Justification: renders package unusable

As described in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004295,
incoming pagekite connections don't work on Debian 11. If you run your own
frontend on that version of Debian (or on Ubuntu focal for that matter),
nothing works.

I've attached the reverse of the patch from that bug which is all that's
needed to fix pagekite in unstable.

Francois

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pagekite depends on:
ii  ca-certificates20211016
ii  daemon 0.8-1
ii  init-system-helpers1.62
ii  python33.9.8-1
ii  python3-openssl21.0.0-1
ii  python3-six1.16.0-3
ii  python3-socksipychain  2.1.2-1

pagekite recommends no packages.

pagekite suggests no packages.

-- Configuration Files:
/etc/pagekite.d/10_account.rc [Errno 13] Permission non accordée: 
'/etc/pagekite.d/10_account.rc'
/etc/pagekite.d/90_debian_certs.rc [Errno 13] Permission non accordée: 
'/etc/pagekite.d/90_debian_certs.rc'

-- no debconf information
commit 695ae5c46610393b8b4e950466c643d9c58cbce1
Author: Francois Marier 
Date:   Sat Feb 26 18:41:37 2022 -0800

Fix incoming connections (patch from #1004295).

diff --git a/debian/changelog b/debian/changelog
index e8f50ba..4cef3ef 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ pagekite (1.5.2.200603-2.1) unstable; urgency=medium
 
   * Non-maintainer upload.
   * Log messages in /var/log/pagekite/pagekite.log (closes: #910028).
+  * Fix incoming connections (patch from #1004295).
 
  -- Francois Marier   Sat, 26 Feb 2022 18:38:24 -0800
 
diff --git a/pagekite/proto/conns.py b/pagekite/proto/conns.py
index 3da9272..2c9fc04 100755
--- a/pagekite/proto/conns.py
+++ b/pagekite/proto/conns.py
@@ -1975,8 +1975,8 @@ class FastPingHelper(threading.Thread):
 data = None
   try:
 if data:
-  if '\nHost: ping.pagekite' in data:
-client.send(self.rejection)
+  if b'\nHost: ping.pagekite' in data:
+client.send(self.rejection.encode("utf-8"))
 client.close()
 self.fast_pinged.append(obfuIp(addr[0]))
   else:
diff --git a/pagekite/proto/selectables.py b/pagekite/proto/selectables.py
index 56705f5..ed1967c 100755
--- a/pagekite/proto/selectables.py
+++ b/pagekite/proto/selectables.py
@@ -344,7 +344,7 @@ class Selectable(object):
   def EatPeeked(self, eat_bytes=None, keep_peeking=False):
 if not self.peeking: return
 if eat_bytes is None: eat_bytes = self.peeked
-discard = ''
+discard = b''
 while len(discard) < eat_bytes:
   try:
 bytecount = eat_bytes - len(discard)

Bug#973505: akregator: Feeds no longer update

2020-10-31 Thread Francois Marier 
Package: akregator
Version: 4:20.08.2-3
Severity: grave
Justification: renders package unusable

Since the last upgrade, feed updates no longer work.

I see the following error when I start akregator from a terminal:

  kf.kio.core: couldn't create slave: "klauncher said: Erreur lors du 
chargement de « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so »."

which roughly translates to:

  Error while loading /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so.

I have also seen these errors in my logs, though I'm not 100% sure they are
related to akregator:

  kf.i18n: KCatalog being used without a Q*Application instance. Some 
translations won't work
  Il est impossible d'ouvrir la bibliothèque « 
/usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/file.so ».
  Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/file.so: 
(/lib/x86_64-linux-gnu/libQt5Core.so.5: version `Qt_5.15' not found (required 
by /lib/x86_64-linux-gnu/libQt5Network.so.5))
  Il est impossible d'ouvrir la bibliothèque « 
/usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so ».
  Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so: 
(/lib/x86_64-linux-gnu/libQt5Core.so.5: version `Qt_5.15' not found (required 
by /lib/x86_64-linux-gnu/libQt5Network.so.5))

Francois

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.9.0-1-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages akregator depends on:
ii  kinit  5.74.0-2
ii  kio5.74.0-2
ii  libc6  2.31-4
ii  libgcc-s1  10.2.0-16
ii  libkf5codecs5  5.74.0-2
ii  libkf5completion5  5.74.0-2
ii  libkf5configcore5  5.74.0-2
ii  libkf5configgui5   5.74.0-2
ii  libkf5configwidgets5   5.74.0-2
ii  libkf5coreaddons5  5.74.0-2
ii  libkf5crash5   5.74.0-2
ii  libkf5grantleetheme-plugins20.08.2-2
ii  libkf5grantleetheme5 [libkf5grantleetheme5-20.08]  20.08.2-2
ii  libkf5i18n55.74.0-3
ii  libkf5jobwidgets5  5.74.0-2
ii  libkf5kcmutils55.74.0-2
ii  libkf5kiocore5 5.74.0-2
ii  libkf5kiogui5  5.74.0-2
ii  libkf5kiowidgets5  5.74.0-2
ii  libkf5kontactinterface5 [libkf5kontactinterface5-20.08]20.08.2-2
ii  libkf5libkdepim5 [libkf5libkdepim5-20.08]  4:20.08.2-2
ii  libkf5messageviewer5abi1 [libkf5messageviewer5-20.08]  4:20.08.2-2
ii  libkf5mimetreeparser5abi1 [libkf5mimetreeparser5-20.08]4:20.08.2-2
ii  libkf5notifications5   5.74.0-2
ii  libkf5notifyconfig55.74.0-2
ii  libkf5parts5   5.74.0-2
ii  libkf5pimcommon5abi2 [libkf5pimcommon5-20.08]  4:20.08.2-2
ii  libkf5pimtextedit5abi2 [libkf5pimtextedit5-20.08]  20.08.2-2
ii  libkf5service-bin  5.74.0-2
ii  libkf5service5 5.74.0-2
ii  libkf5syndication5abi1 1:5.74.0-2
ii  libkf5textwidgets5 5.74.0-2
ii  libkf5webengineviewer5abi1 [libkf5webengineviewer5-20.08]  4:20.08.2-2
ii  libkf5widgetsaddons5   5.74.0-3
ii  libkf5xmlgui5  5.74.0-2+b1
ii  libkuserfeedbackcore1  1.0.0-3
ii  libkuserfeedbackwidgets1   1.0.0-3
ii  libqt5core5a   5.15.1+dfsg-2
ii  libqt5dbus55.15.1+dfsg-2
ii  libqt5gui5 5.15.1+dfsg-2
ii  libqt5network5 5.15.1+dfsg-2
ii  libqt5printsupport55.15.1+dfsg-2
ii  libqt5webenginecore5   5.15.1+dfsg-5
ii  libqt5webenginewidgets5

Bug#968048: marked as pending in ax25-tools

2020-08-07 Thread Francois Marier 
Control: tag -1 pending

Hello,

Bug #968048 in ax25-tools reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/debian-hamradio-team/ax25-tools/-/commit/2f9878587d604888ddb92e6fb45645ab7db0ff82


Remove duplicate install of files in debian/rules (closes: #968048).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/968048

Bug#957244: Upstream issue

2020-07-22 Thread Francois Marier 
This upstream issue:

  https://github.com/mrash/fwknop/issues/305

suggests the following patch:

  
https://github.com/Jakuje/fwknop/commit/a87325b0816a79329cf0b4d4f9ebf247ead117db

Francois

-- 
https://fmarier.org/

Bug#960127: Tk::Error: Can't locate object method "resolve_names" via package "App::ClusterSSH::Window"

2020-05-09 Thread Francois Marier 
Package: clusterssh
Version: 4.14-1
Severity: grave
Justification: renders package unusable

It looks like cssh doesn't work anymore on my Debian unstable machine.

When I add a host, I see the following on the console:

  Tk::Error: Can't locate object method "resolve_names" via package 
"App::ClusterSSH::Window" at /usr/share/perl5/App/ClusterSSH/Window/Tk.pm line 
349.
   App::ClusterSSH::Window::Tk::add_host_by_name at 
/usr/share/perl5/App/ClusterSSH/Window/Tk.pm line 349
   App::ClusterSSH::Window::Tk::key_event at 
/usr/share/perl5/App/ClusterSSH/Window/Tk.pm line 1613
   
   (command bound to event)

and nothing happens.

Francois

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.6.0-1-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), 
LANGUAGE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages clusterssh depends on:
ii  libexception-class-perl 1.44-1
ii  libtry-tiny-perl0.30-1
ii  libx11-protocol-other-perl  31-1
ii  libx11-protocol-perl0.56-7
ii  openssh-client  1:8.2p1-4
ii  perl5.30.0-10
ii  perl-tk 1:804.033-2+b4
ii  xterm   356-1

clusterssh recommends no packages.

clusterssh suggests no packages.

-- no debconf information

Bug#759410: Should not install /usr/bin/rm conflicting with /bin/rm (blocks /bin -> /usr/bin)

2019-05-28 Thread Francois Marier 
On 2019-05-28 at 18:26:31, Andreas Beckmann wrote:
> safe-rm also breaks a stretch --merged-usr chroot, found while testing
> with piuparts stretch->buster upgrades with --merged-usr enabled.
> And it seems to be the only package causing outright havoc in such a
> scenario.

So if I understand correctly, this is only a problem when testing with this
tool, right? Because: (1) users can't upgrade their system to a merged-usr
one on stretch and (2) the default for new stretch installs was not
usr-merged.

> While a proper solution is too involved for stable, it should probably
> be OK for the preinst to check for merged /usr systems and error out if
> installation is attempted in such a case - instead of leaving a broken
> system.

I'd be happy to see it "fixed" that way in stretch. I don't have a lot of
free time at the moment to make the change myself but I would support such a
NMU.

Francois

-- 
https://fmarier.org/

Bug#924583: razor.cloudmark.com service no longer available?

2019-03-15 Thread Francois Marier 
I tried to re-initialize my razor config and found that there are no
available servers anymore:

# sudo -u debian-spamd razor-admin -d -register
 Razor-Log: Computed razorhome from env: /var/lib/spamassassin/.razor
 Razor-Log: Found razorhome: /var/lib/spamassassin/.razor
 Razor-Log: No /var/lib/spamassassin/.razor/razor-agent.conf found, skipping.
 Razor-Log: read_file: 2 items read from /etc/razor/razor-agent.conf
mar 15 09:17:27.054097 admin[21405]: [ 2] [bootup] Logging initiated 
LogDebugLevel=9 to stdout
mar 15 09:17:27.054204 admin[21405]: [ 5] computed 
razorhome=/var/lib/spamassassin/.razor, conf=/etc/razor/razor-agent.conf, 
ident=/var/lib/spamassassin/.razor/identity
mar 15 09:17:27.054234 admin[21405]: [ 2]  Razor-Agents v2.84 starting 
razor-admin -d -register
mar 15 09:17:27.054286 admin[21405]: [ 5] Can't read file 
/var/lib/spamassassin/.razor/servers.discovery.lst: No such file or directory
mar 15 09:17:27.054324 admin[21405]: [ 5] Can't read file 
/var/lib/spamassassin/.razor/servers.nomination.lst: No such file or directory
mar 15 09:17:27.054360 admin[21405]: [ 5] Can't read file 
/var/lib/spamassassin/.razor/servers.catalogue.lst: No such file or directory
mar 15 09:17:27.054447 admin[21405]: [ 5] no listfile: 
/var/lib/spamassassin/.razor/servers.nomination.lst
mar 15 09:17:27.054483 admin[21405]: [ 6] no discovery listfile: 
/var/lib/spamassassin/.razor/servers.discovery.lst
mar 15 09:17:27.054516 admin[21405]: [ 8] Checking with Razor Discovery Server 
discovery.razor.cloudmark.com
mar 15 09:17:27.054550 admin[21405]: [ 6] No port specified, using 2703
mar 15 09:17:27.054573 admin[21405]: [ 5] Connecting to 
discovery.razor.cloudmark.com ...
mar 15 09:17:27.183271 admin[21405]: [ 8] Connection established
mar 15 09:17:27.183658 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 25 
server greeting: sn=C=43861=l=cg
mar 15 09:17:27.183907 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12
mar 15 09:17:27.184024 admin[21405]: [ 6] a=g=csl
mar 15 09:17:27.257879 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9
mar 15 09:17:27.258087 admin[21405]: [ 6] response to sent.1
err=240
mar 15 09:17:27.258328 admin[21405]: [ 5] Razor Discovery Server 
discovery.razor.cloudmark.com had no valid csl servers
mar 15 09:17:27.258519 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12
mar 15 09:17:27.258634 admin[21405]: [ 6] a=g=nsl
mar 15 09:17:27.322748 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9
mar 15 09:17:27.322955 admin[21405]: [ 6] response to sent.2
err=240
mar 15 09:17:27.323186 admin[21405]: [ 5] Razor Discovery Server 
discovery.razor.cloudmark.com had no valid nsl servers
mar 15 09:17:27.323318 admin[21405]: [ 5] Couldn't talk to discovery servers.  
Will force a bootstrap...
mar 15 09:17:27.323632 admin[21405]: [ 6] no discovery listfile: 
/var/lib/spamassassin/.razor/servers.discovery.lst
mar 15 09:17:27.323812 admin[21405]: [ 5] no listfile: 
/var/lib/spamassassin/.razor/servers.nomination.lst
mar 15 09:17:27.323939 admin[21405]: [ 6] no discovery listfile: 
/var/lib/spamassassin/.razor/servers.discovery.lst
mar 15 09:17:27.324065 admin[21405]: [ 8] Checking with Razor Discovery Server 
discovery.razor.cloudmark.com
mar 15 09:17:27.324266 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12
mar 15 09:17:27.324375 admin[21405]: [ 6] a=g=csl
mar 15 09:17:27.389030 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9
mar 15 09:17:27.389239 admin[21405]: [ 6] response to sent.3
err=240
mar 15 09:17:27.389501 admin[21405]: [ 5] Razor Discovery Server 
discovery.razor.cloudmark.com had no valid csl servers
mar 15 09:17:27.389690 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12
mar 15 09:17:27.389804 admin[21405]: [ 6] a=g=nsl
mar 15 09:17:27.453982 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9
mar 15 09:17:27.454193 admin[21405]: [ 6] response to sent.4
err=240
mar 15 09:17:27.454477 admin[21405]: [ 5] Razor Discovery Server 
discovery.razor.cloudmark.com had no valid nsl servers
mar 15 09:17:27.454717 admin[21405]: [ 1] razor-admin error: nextserver: 
Bootstrap discovery failed. Giving up.
nextserver: Bootstrap discovery failed. Giving up.

Has this service shutdown? Are there alternative servers that can be used?

Incidentally, I have noticed a much lower average spam score on the emails I
run through SpamAssassin now. It seems like razor had a big impact.

Francois

-- 
https://fmarier.org/

Bug#919966: akregator: symbol lookup error: /usr/lib/x86_64-linux-gnu/libKF5NewStuff.so.5: undefined symbol: _ZN7KNSCore6Engine15signalErrorCodeERKNS_9ErrorCodeERK7QStringRK8QVariant

2019-01-21 Thread Francois Marier 
On 2019-01-21 at 15:48:29, Bernhard Übelacker wrote:
> this looks like a duplicate of bug:
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919765

Indeed. Thanks for that.

-- 
https://fmarier.org/

Bug#919966: akregator: symbol lookup error: /usr/lib/x86_64-linux-gnu/libKF5NewStuff.so.5: undefined symbol: _ZN7KNSCore6Engine15signalErrorCodeERKNS_9ErrorCodeERK7QStringRK8QVariant

2019-01-20 Thread Francois Marier 
Package: akregator
Version: 4:18.08.1-1
Severity: grave
Justification: renders package unusable

akregator doesn't start anymore. It exits with the following error message:

akregator: symbol lookup error: /usr/lib/x86_64-linux-gnu/libKF5NewStuff.so.5: 
undefined symbol: 
_ZN7KNSCore6Engine15signalErrorCodeERKNS_9ErrorCodeERK7QStringRK8QVariant

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), 
LANGUAGE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages akregator depends on:
ii  kinit5.54.0-1
ii  kio  5.51.0-1
ii  libc62.28-5
ii  libgcc1  1:8.2.0-14
ii  libkf5codecs55.51.0-1
ii  libkf5completion55.51.0-1
ii  libkf5configcore55.51.0-1
ii  libkf5configgui5 5.51.0-1
ii  libkf5configwidgets5 5.51.0-1
ii  libkf5coreaddons55.51.0-1
ii  libkf5crash5 5.51.0-1
ii  libkf5grantleetheme-plugins  18.08.1-1
ii  libkf5grantleetheme5 18.08.1-1
ii  libkf5i18n5  5.51.0-1
ii  libkf5iconthemes55.51.0-1
ii  libkf5jobwidgets55.51.0-1
ii  libkf5kcmutils5  5.51.0-1
ii  libkf5kiocore5   5.54.1-1
ii  libkf5kiogui55.54.1-1
ii  libkf5kiowidgets55.54.1-1
ii  libkf5kontactinterface5  18.08.1-1
ii  libkf5libkdepim-plugins  4:18.08.1-1
ii  libkf5libkdepim5 4:18.08.1-1
ii  libkf5messageviewer5abi1 4:18.08.1-1
ii  libkf5mimetreeparser5abi14:18.08.1-1
ii  libkf5notifications5 5.51.0-1
ii  libkf5notifyconfig5  5.54.0-1
ii  libkf5parts5 5.54.0-1
ii  libkf5pimcommon5abi2 4:18.08.1-1
ii  libkf5pimtextedit5abi2   18.08.1-1
ii  libkf5service-bin5.51.0-1
ii  libkf5service5   5.51.0-1
ii  libkf5syndication5abi1   18.08.1-1
ii  libkf5textwidgets5   5.51.0-1
ii  libkf5webengineviewer5abi1   4:18.08.1-1
ii  libkf5widgetsaddons5 5.51.0-1
ii  libkf5xmlgui55.51.0-1
ii  libqt5core5a 5.11.2+dfsg-7
ii  libqt5dbus5  5.11.2+dfsg-7
ii  libqt5gui5   5.11.2+dfsg-7
ii  libqt5network5   5.11.2+dfsg-7
ii  libqt5printsupport5  5.11.2+dfsg-7
ii  libqt5webenginewidgets5  5.11.2+dfsg-2+b1
ii  libqt5widgets5   5.11.2+dfsg-7
ii  libqt5xml5   5.11.2+dfsg-7
ii  libstdc++6   8.2.0-14

akregator recommends no packages.

akregator suggests no packages.

-- no debconf information

Bug#759410: Different approach for safe-rm

2018-08-04 Thread Francois Marier 
I took a look at the details of the diversion that the latest version of
dash sets up and it's really quite complicated. It's not clear that I could
easily get it right, even copying that code, and the consequences of getting
it wrong could be disastrous.

So instead I went for an easier approach: install the rm symlink in
/usr/share/safe-rm/bin/ and then add that to the front of the PATH in
/etc/profile.d/safe-rm.sh.

That seems to work both for login shells (on a virtual terminal) and for
interactive shells (e.g. gnome-terminal) after logging out and logging back
in.

The downside is that it may not for shells which are not Bourne-compatible.
I believe it works in bash, dash, ksh and zsh, but I could be wrong. I'm
happy to accept patches to make it work on other shells of course.

Francois

-- 
https://fmarier.org/

Bug#893169: rkhunter won't update definitions: Invalid WEB_CMD

2018-03-31 Thread Francois Marier 
On 2018-03-30 at 12:52:23, Kudrettin Güleryüz wrote:
> This message apparently refers to the bug itself. Can you please point to
> the bug report that has the details for this issue?

Sorry, I meant to point to this bug instead:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765895.

Also see https://security-tracker.debian.org/tracker/CVE-2017-7480 for the
details of the security bug.

Francois

-- 
https://fmarier.org/

Bug#856024: molly-guard: causes failure to update systemd-sysv

2017-04-09 Thread Francois Marier 
On 2017-04-09 at 15:42:46, Francois Marier wrote:
> Here's what I thought would trigger the bug:
> 
> 1. installed stretch from scratch in a lxc container (amd64)
> 2. apt install molly-guard (0.6.4)
> 3. apt install sysvinit-core (which removes systemd-sysv)
> 4. apt install systemd-sysv (version 232-22)

I also tested an upgrade from jessie to stretch:

1. install jessie from scratch in a lxc container (amd64)
2. apt install molly-guard (0.4.5-1.1)
3. replace "jessie" with "stretch" in /etc/apt/sources.list
4. apt update && apt dist-upgrade

and that worked fine too.

Francois

-- 
https://fmarier.org/

Bug#856024: molly-guard: causes failure to update systemd-sysv

2017-04-09 Thread Francois Marier 
On 2017-02-24 at 13:02:05, Jonas Smedegaard wrote:
> On an ARM system bootstrapped from Stretch yesterday, today failed to
> update systemd-sysv:
> 
> Setting up systemd (232-18) ...
> addgroup: The group `systemd-journal' already exists as a system group. 
> Exiting.
> (Reading database ... 40888 files and directories currently installed.)
> Preparing to unpack .../systemd-sysv_232-18_armhf.deb ...
> Unpacking systemd-sysv (232-18) over (232-15) ...
> dpkg: error processing archive 
> /var/cache/apt/archives/systemd-sysv_232-18_armhf.deb (--unpack):
>  trying to overwrite '/sbin/halt', which is also in package molly-guard 0.6.4
> Errors were encountered while processing:
>  /var/cache/apt/archives/systemd-sysv_232-18_armhf.deb

I still haven't been able to reproduce this problem.

Here's what I thought would trigger the bug:

1. installed stretch from scratch in a lxc container (amd64)
2. apt install molly-guard (0.6.4)
3. apt install sysvinit-core (which removes systemd-sysv)
4. apt install systemd-sysv (version 232-22)

All of this worked flawlessly.

Are you still able to reproduce the original problem? Is there a detail I
got wrong?

Francois

-- 
https://fmarier.org/

Bug#856024: Processed: Adding a conflict in systemd-sysv

2017-03-18 Thread Francois Marier 

Control: reassign -1 systemd-sysv


This looks like a genuine bug in molly-guard,


Yes and that's tracked in bug #837928.

The present bug is specifically about the interaction between 
molly-guard and systemd-sysv.



so this RC bug should be assigned to molly-guard.

Adding a Breaks to systemd-sysv is backwards.


If the underlying bug was going to be fixed in time for stretch, then 
sure, that would be ideal. However, that's not going to happen in time.


The breaks/conflict seems like the best option to resolve this issue 
without removing molly-guard entirely from the release.


Francois

Bug#856024: molly-guard: causes failure to update systemd-sysv

2017-02-24 Thread Francois Marier 
On 2017-02-24 at 13:02:05, Jonas Smedegaard wrote:
> This seems quite similar to bug#837928. Filing separately as I believe
> this (instance of a common) issue is so severe that in my opinion it is
> better to release _without_ molly-guard than status quo.

Or perhaps a Conflict in systemd-sysv?

Francois

Bug#759410: Possible usrmerge-safe diversion

2016-11-30 Thread Francois Marier 
Looking at how dash does the dpkg-divert (as suggested by Josh):

  https://sources.debian.net/src/dash/0.5.8-2.3/debian/dash.preinst/

It appears that this approach might work for both symlinks and real files
because it manually handles the creation of the symlink using "cp -d".

Francois

-- 
https://fmarier.org/

Bug#759410: Should not install /usr/bin/rm conflicting with /bin/rm (blocks /bin -> /usr/bin)

2016-11-07 Thread Francois Marier 
On 2016-10-25 at 09:12:30, Sven Joachim wrote:
> >> In order to fix this while preserving safe-rm's default of automatic
> >> protection on installation, safe-rm will need to divert and replace
> >> /bin/rm.  This will require quite a bit of care to do safely; see dash's
> >> maintainer scripts for a safe procedure.
> > Merged /usr is the default since debootstrap 1.0.85, so the package
> > is uninstallable on new systems.
> 
> It's worse than that.  Because dpkg does not detect the file conflict
> between coreutils' /bin/rm and safe-rm's /usr/bin/rm, the package is
> installable but wreaks havoc, replacing the rm binary with its symlink.

I was hoping to fix 837925 first since molly-guard is already using
dpkg-divert instead of bare symlinks but I don't see what's wrong with the
way that molly-guard does things, so I don't know what's going to fix it for
safe-rm too.

Francois

-- 
https://fmarier.org/

Bug#837928: Bug#837925: usrmerge: fails to merge with molly-guard installed

2016-11-07 Thread Francois Marier 
On 2016-11-02 at 03:02:29, Jonas Smedegaard wrote:
> I am busy getting that system to production use (yes, stretch is not yet 
> stable, but more stable than stable on the ARM device I use), but if you 
> have suggestions for closer inspections that might help shed some light 
> on this issue, please shoot - fast.

I reached out to Marco about this bug but have not heard back.

I don't know how dpkg-diverts are supposed to work in a usrmerge world and I
can't see anything obviously wrong with the way it's done in molly-guard so
I don't have any ideas on how to fix this.

Francois

-- 
https://fmarier.org/

Bug#367347: Not fixed?

2016-11-04 Thread Francois Marier 
Hi Rhonda,

You reopened 367347 without any comments. Do you mind expanding on why you
think it wasn't fixed as part of fixing 592917?

Francois

Bug#837928: Bug#837925: usrmerge: fails to merge with molly-guard installed

2016-11-01 Thread Francois Marier 
On 2016-11-01 at 18:48:51, Jonas Smedegaard wrote:
> I don't know how to be more exact than how I wrote it initially for this 
> bugreport.
> 
> Could you perhaps elaborate on what details you are missing?

You wrote this:

"molly-guard adds wrappers for commands like pm-hibernate and poweroff.

The wrappers are added not using dpkg-divert but as symlinks in /sbin,
where the wrapped commands reside in /usr/sbin."

But the wrappers _are_ added using dpkg-divert:

https://anonscm.debian.org/cgit/collab-maint/molly-guard.git/tree/debian/molly-guard.preinst?id=1a3675db6ae1015c4d6e8367c7132c87fb9f3b31#n25

which looks like this on my machine:

$ ls -l /sbin/reboot
lrwxrwxrwx 1 root root 28 Aug 15 22:16 /sbin/reboot -> 
/lib/molly-guard/molly-guard

So what's wrong with this use of dpkg-divert?

Francois

-- 
https://fmarier.org/

Bug#837928: Bug#837925: usrmerge: fails to merge with molly-guard installed

2016-11-01 Thread Francois Marier 
On 2016-10-23 at 18:15:15, Marco d'Itri wrote:
> Control: severity -1 grave
> 
> On Sep 15, Marco d'Itri  wrote:
> 
> > Looks like molly-guard is still buggy after #660064 and #812535.
> > Can it be fixed quickly or should I add an unversioned Conflict?
> Merged /usr is the default since debootstrap 1.0.85, so the package
> is uninstallable on new systems.

The pm-utils diverts were commented out in molly-guard 0.6.3:

https://anonscm.debian.org/cgit/collab-maint/molly-guard.git/commit/?id=1a3675db6ae1015c4d6e8367c7132c87fb9f3b31

What exactly is broken when molly-guard is used with usrmerge?

Francois

-- 
https://fmarier.org/

Bug#831535: See also

2016-07-17 Thread Francois Marier 
This Ubuntu answer was quite useful and pointed me in the right direction:

  
http://askubuntu.com/questions/617955/problem-with-kde-programs-after-upgrading-to-15-04/617956

Francois

-- 
https://fmarier.org/

Bug#831535: akregator: missing dependencies prevent akregator from fetching feeds

2016-07-16 Thread Francois Marier 
Package: akregator
Version: 4:16.04.2-2
Severity: grave
Justification: renders package unusable

The last update to akregator broke feed fetching with the following error:

  could not start process cannot talk to klauncher the name org.kde.klauncher5 
was not provided by any .service files

This can be fixed by installing the "kinit" package, but then you run into
this error:

  could not start process unable to create io-slave klauncher said: unknown 
protocol 'file'

which I was only able to get working by installing the "kio" package and
then rebooting.

Therefore, I think akregator needs to depend on "kio" and "kinit".

Francois

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.6.0-1-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages akregator depends on:
ii  libc62.23-1
ii  libgcc1  1:6.1.1-9
ii  libkf5codecs55.23.0-1
ii  libkf5completion55.23.0-1
ii  libkf5configcore55.23.0-1
ii  libkf5configgui5 5.23.0-1
ii  libkf5configwidgets5 5.23.0-1
ii  libkf5coreaddons55.23.0-1
ii  libkf5grantleetheme-plugins  16.04.2-1
ii  libkf5grantleetheme5 16.04.2-1
ii  libkf5i18n5  5.23.0-1
ii  libkf5iconthemes55.23.0-1
ii  libkf5jobwidgets55.23.0-1
ii  libkf5kcmutils5  5.23.0-1
ii  libkf5kiocore5   5.23.0-1
ii  libkf5kiogui55.23.0-1
ii  libkf5kiowidgets55.23.0-1
ii  libkf5kontactinterface5  16.04.2-1
ii  libkf5libkdepim-plugins  4:16.04.2-3
ii  libkf5libkdepim5 4:16.04.2-3
ii  libkf5messageviewer5 4:16.04.3-1
ii  libkf5notifications5 5.23.0-1
ii  libkf5notifyconfig5  5.23.0-1
ii  libkf5parts5 5.23.0-1
ii  libkf5pimcommon-plugins  4:16.04.2-2
ii  libkf5pimcommon5 4:16.04.2-2
ii  libkf5pimtextedit5   16.04.2-1
ii  libkf5service-bin5.23.0-1
ii  libkf5service5   5.23.0-1
ii  libkf5syndication5   16.04.2-1
ii  libkf5textwidgets5   5.23.0-1
ii  libkf5webkit55.23.0-1
ii  libkf5widgetsaddons5 5.23.0-1
ii  libkf5xmlgui55.23.0-1
ii  libqt5core5a 5.6.1+dfsg-3
ii  libqt5dbus5  5.6.1+dfsg-3
ii  libqt5gui5   5.6.1+dfsg-3
ii  libqt5network5   5.6.1+dfsg-3
ii  libqt5printsupport5  5.6.1+dfsg-3
ii  libqt5webkit55.6.1+dfsg-4
ii  libqt5widgets5   5.6.1+dfsg-3
ii  libqt5xml5   5.6.1+dfsg-3
ii  libstdc++6   6.1.1-9

akregator recommends no packages.

akregator suggests no packages.

Bug#830275: Test suite

2016-07-07 Thread Francois Marier 
The network access are probably due to the test suite.

Francois

Bug#802510: GNOME shell extension not compatible with recent GNOME versions

2015-10-20 Thread Francois Marier 
On 2015-10-20 at 19:38:55, Michael Biebl wrote:
> According to
> /usr/share/gnome-shell/extensions/workr...@workrave.org/metadata.json
> the latest supported version is 3.14, while the current gnome-shell
> version in unstable is 3.18.

Based on this upstream commit:

  
https://github.com/rcaelers/workrave/commit/f34b518a732566a6a23d3191e4de7ef67cb58755

I suspect that all we need to do is add 3.16 and 3.18 to the list of
supported versions.

Francois

-- 
http://fmarier.org/

Bug#798069: libhdhomerun1: ABI changes without soname changes

2015-09-05 Thread Francois Marier 
On 2015-09-05 at 08:46:53, Christian Marillat wrote:
> hdhomerun_discover_find_devices_custom() function has been renamed to
> hdhomerun_discover_find_devices_custom_v2() in 20150826-1

Do you know whether or not hdhomerun_discover_find_devices_custom() is used
in MythTV?

Upstream claims that it's not used (hence that's why it was removed) so if
that's true, I could just re-add a function with the same name which throws
an error.

Otherwise, I guess I'll have to fork the library and bump the soname...

Francois

-- 
http://fmarier.org/

Bug#796599: openssh-client: ssh -G no longer returns illegal option (6.0) or unknown option (6.7)

2015-08-22 Thread Francois Marier 
Package: openssh-client
Version: 1:6.9p1-1
Severity: critical
Tags: security
Justification: root security hole

Sorry for the alarmist bug report. Hopefully this is a false positive and it
can be reassigned to chkrootkit, but just in case...

The ssh -G test [1] for Linux  output has changed:

  on wheezy (openssh 6.0), it was: ssh: illegal option -- G
  on jessie (openssh 6.7), it was: unknown option -- G

and now on 6.9, there's nothing except the normal usage info.

Is this a sign of Linux Ebury? Or (hopefully) a genuine change in the output
which now invalidates this simple rootkit test?

Francois

[1] https://lwn.net/Articles/591023/

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-client depends on:
ii  adduser   3.113+nmu3
ii  dpkg  1.18.2
ii  libc6 2.19-19
ii  libedit2  3.1-20150325-1
ii  libgssapi-krb5-2  1.13.2+dfsg-2
ii  libselinux1   2.3-2+b1
ii  libssl1.0.0   1.0.2d-1
ii  passwd1:4.2-3
ii  zlib1g1:1.2.8.dfsg-2+b1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.9-1

Versions of packages openssh-client suggests:
pn  keychain  none
pn  libpam-sshnone
pn  monkeysphere  none
ii  ssh-askpass   1:1.2.4.1-9

-- Configuration Files:
/etc/ssh/ssh_config changed [not included]

-- no debconf information

-- 
http://fmarier.org/

Bug#778128: spectools: ftbfs with GCC-5

2015-07-15 Thread Francois Marier 

On 2015-07-15 14:57, Raphael Hertzog wrote:

I believe this short term solution is more than enough
to get the package back in testing.


I agree. That feels like the right approach for now.

François, can you review and upload the fixed package or do you want me 
to

upload it?


I'm not going to be able to do it for another week or so. Feel free to 
upload now.


Francois


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774661: closed by Christian Hofstaedtler z...@debian.org (Bug#774661: fixed in ruby-kramdown 1.4.2-2)

2015-04-08 Thread Francois Marier 
On 2015-04-08 at 09:36:16, Debian Bug Tracking System wrote:
  ruby-kramdown (1.4.2-2) unstable; urgency=medium
  .
* Team upload.
* Install missing data files (Closes: #774661)

Perhaps if this was broken for everyone, it should be submitted as a stable
release update for jessie?

Francois

-- 
http://fmarier.org/


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776528: BackendException: ssh connection to user@hostname:22 failed: No authentication methods available

2015-01-28 Thread Francois Marier 
Package: duplicity
Version: 0.7.01-1
Severity: grave
Justification: renders package unusable

After upgrading from duplicity 0.6.24-2 to 0.7.01-1, my backups to an ssh
host stopped working.

Now, if I try to run any of the duplicity commands, I get the following:

  BackendException: ssh connection to user@hostname:22 failed: No 
authentication methods available

My ssh config didn't change in the meantime and I have verified that I can
still ssh manually to that box.

Downgrading to 0.6.24-2 solves the problem.

Francois

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages duplicity depends on:
ii  libc62.19-13
ii  librsync10.9.7-10
ii  python   2.7.8-2
ii  python-lockfile  1:0.8-2

Versions of packages duplicity recommends:
ii  python-oauthlib  0.6.3-1
ii  python-paramiko  1.15.1-1
ii  python-urllib3   1.9.1-3
ii  rsync3.1.1-2+b1

Versions of packages duplicity suggests:
pn  lftpnone
ii  ncftp   2:3.2.5-1.1
ii  python-boto 2.34.0-2
pn  python-cloudfiles   none
pn  python-gdatanone
pn  python-swiftclient  none
pn  tahoe-lafs  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#771177: Matt's patch fixes the problem

2014-11-29 Thread Francois Marier 
I can confirm that Matt's patch fixes the problem. Thanks for extracting the
relevant bits from upstream!

Mehdi, I assume you're ok preparing a 0.39-2 and requesting a freeze
exception for jessie?

I'm happy to help with anything if it's useful.

Francois


signature.asc
Description: Digital signature

Bug#771177: NMU submitted to the delayed/5 queue

2014-11-28 Thread Francois Marier 
I've taken the liberty to fix this via an NMU in the delayed/5days queue.

Feel free to cancel it if you'd prefer to upload your own package.

Francois

-- 
Francois Marier   identi.ca/fmarier
http://fmarier.org  twitter.com/fmarier


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#770242: Tentative patch

2014-11-28 Thread Francois Marier 
The attached patch fixes installation when /etc/rkhunter.conf is missing.

-- 
Francois Marier   identi.ca/fmarier
http://fmarier.org  twitter.com/fmarier
commit f91d229ad51b19d52b979720f8a1edf1e2aea385
Author: Francois Marier franc...@debian.org
Date:   Sat Nov 29 00:27:20 2014 +1300

Work-around missing /etc/rkhunter.conf in postinst (closes: #770242)

diff --git a/debian/postinst b/debian/postinst
old mode 100644
new mode 100755
index 7179cff..d93fdd6
--- a/debian/postinst
+++ b/debian/postinst
@@ -35,7 +35,10 @@ case $1 in
 # Copy the passwd/group files to the TMP directory
 # to avoid warnings when rkhunter is first run.
 # This is normally done by the installer script.
-rkhtmpdir=$(grep '^TMPDIR' /etc/rkhunter.conf | sed 's/TMPDIR=//')
+rkhtmpdir=/var/lib/rkhunter/tmp
+if [ -e /etc/rkhunter.conf ]; then
+rkhtmpdir=$(grep '^TMPDIR' /etc/rkhunter.conf | sed 's/TMPDIR=//')
+fi
 [ -f $rkhtmpdir/passwd ] || cp -p /etc/passwd $rkhtmpdir /dev/null 21
 [ -f $rkhtmpdir/group ] || cp -p /etc/group $rkhtmpdir /dev/null 21

Bug#770242: Broken postinst script?

2014-11-28 Thread Francois Marier 
This bug looks similar to
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765911 which got fixed in
1.4.2-0.3 by removing the /usr/sbin/prelink line from the config file.

 I've chosen to keep currently-installed version of /etc/rkhunter.conf

That's a problem and won't work because the configuration file format has
changed between 1.4.0 and 1.4.2. I don't think we necessarily can (or
should) fix this. Users should accept the new config file and merge their
changes manually.

 I did not dig deeper but it looks like something is broken in postinst
 configuration handling...

My patch should fix that problem.

Francois


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#771177: develock-el: breaks c++ mode in sid and jessie

2014-11-27 Thread Francois Marier 
Package: develock-el
Version: 0.39-1
Severity: grave
Justification: renders package unusable

This package completely breaks the standard emacs c++ mode.

To reproduce: open the attached .cpp file and try to indent the
second line using tab.

This was fixed upstream and updating the package to 0.45 fixes
this problem.

I suggest doing this as soon as possible so that a freeze
exception can be requested for jessie. I'm happy to do an
NMU for it if you don't have time. Let me know if you need
my help.

Francois

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages develock-el depends on:
ii  emacs  46.1
ii  emacs24 [emacsen]  24.4+1-4

develock-el recommends no packages.

develock-el suggests no packages.

-- no debconf information
int main() {
return 0;
}

Bug#766718: Release-critical

2014-11-05 Thread Francois Marier 
While I hesitate to bump the severity of this bug to the highest one, it
does break unrelated software (spamassassin). As it stands, several features
of SpamAssassin are broken in sid and jessie due to the unusual version
number.

The SpamAssassin upstream have said that this is not a bug in SA but that it
comes from the fact that a pre-release version of Net::DNS was uploaded to
Debian.

I assume this can be fixed by uploading the next upstream release of
Net::DNS?

Francois


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767477: safe-rm: fails to install

2014-10-31 Thread Francois Marier 
On 2014-10-31 at 11:46:21, Holger Levsen wrote:
   Can't locate Env.pm in @INC (you may need to install the Env module) (@INC 
 contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.20.1 
 /usr/local/share/perl/5.20.1 /usr/lib/x86_64-linux-gnu/perl5/5.20 
 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.20 /usr/share/perl/5.20 
 /usr/local/lib/site_perl) at /usr/bin/rm line 6.

Hm, it looks like that Env module isn't even necessary in the first place...

I'll do a new upstream release and get this uploaded to Debian too.

Francois

-- 
Francois Marier   identi.ca/fmarier
http://fmarier.org  twitter.com/fmarier


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#735624: Work-around

2014-01-17 Thread Francois Marier 
I had the same problem and found that the work-around is to add this line to
/etc/polipo/config:

logFile=/var/log/polipo/polipo.log

Francois

-- 
Francois Marier   identi.ca/fmarier
http://fmarier.org  twitter.com/fmarier


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688952: ginkgocadx: Package appears to be non-free

2012-10-06 Thread Francois Marier 
On 2012-10-07 at 00:47:34, Andreas Tille wrote:
  As far as upstream is concerned there is no issue so unless there are any 
  objections I'm going to lower bug severity to avoid giving release team 
  wrong 
  impression regarding criticality of this bug.
 
 I'd consider this as a reasonable action to avoid useless formal work.
 Francois, as the bug reporter: WOuld you agree to this course of action
 or do you want us to upload a new package.

I agree with lowering the severity.

From what I can see in upstream's reply, this is indeed free software. It's
just badly labelled.

Cheers,
Francois

-- 
Francois Marier   identi.ca/fmarier
http://fmarier.org  twitter.com/fmarier


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688952: ginkgocadx: Package appears to be non-free

2012-09-27 Thread Francois Marier 
Package: ginkgocadx
Version: 2.12.0.4889-1
Severity: serious
Justification: Policy 2.1

The GINKGO_CADX_LICENSE.txt file includes the following text:

  This software musn't be sold without prior approval of the authors.

which seems to violate DFSG#1.

Cheers,
Francois


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#660320: [email-reminder] Cannot read configuration file

2012-02-18 Thread Francois Marier 
On 2012-02-18 at 10:18:08, Csanyi Pal wrote:
 See the Warning abowe and the line:
 Not creating home directory `/var/spool/email-reminder'.
 
 which should be mportant to be created, right?

If you take a look at your /var/spool/ directory, has the email-reminder
sub-directory been created?

  ls /var/spool/ | grep email-reminder

 Now when I want to test the configuration, I get Warning again:
 
 $ send-reminders --simulate
 Warning: cannot read configuration file at /etc/email-reminder.conf.
 Make sure that the user running /usr/bin/send-reminders has read
 permissions on that configuration file.

That's a separate issue, but it also doesn't prevent the reminders from
being sent. It simply prevents the send-reminders tool from being used as
a regular (non-root) user.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#660320: [email-reminder] Cannot read configuration file

2012-02-18 Thread Francois Marier 
On 2012-02-18 at 17:27:52, Csanyi Pal wrote:
 It seems that email-reminder works but my exim4 MTA isn't configured
 properly.

Indeed.

The first thing you should do to make it work with gmail's SMTP server is to
dpkg-reconfigure -plow email-reminder and set the from address to be your
gmail address. I don't think that gmail likes invalid addresses like
root@localhost.

Then you need to enable authentication and potentially SSL. I'm not sure how
to do it in Exim, but in Postfix, here's what I've got in my
/etc/postfix/main.cf:

  # smarthost configuration using Gmail over SSL
  relayhost = smtp.gmail.com:587
  smtp_generic_maps = hash:/etc/postfix/generic
  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
  smtp_sasl_auth_enable = yes
  smtp_sasl_security_options = noanonymous
  smtp_tls_security_level = fingerprint
  smtp_tls_mandatory_ciphers = high
  smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
  smtp_tls_fingerprint_digest = sha1
  smtp_tls_fingerprint_cert_match =
  F3:92:AE:B4:28:FE:64:03:6F:E1:55:ED:71:9E:5F:F6:88:90:5A:57

and I've got this in my /etc/postfix/sasl_password:

  smtp.gmail.com  yourusern...@gmail.com:yourpassword

You can then test your mail server to make sure it sends out emails by using
the mail utility on the command line. Once that works, you can try
email-reminder again.

Cheers,
Francois

-- 
Francois Marier identi.ca/fmarier
http://fmarier.orgtwitter.com/fmarier



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#647079: whatsnewfm: New name and URL for freshmeat.net (parser broken)

2011-11-20 Thread Francois Marier 
The unstable package has been fixed and an updated package has just been
submitted for stable.

 And I just released, that I now have two versions calles 0.7.2-1 --
 the first fixed version for unstable and the new minimal fix for
 stable.  Should I change it to something like 0.7.2-1stable?
 Or is this handled by the distribution field?

I ended up changing the stable version number to 0.7.2-0+squeeze1 but the
git repo now reflects this (and I've corrected the tags in there too).

 I did not even change the package description, so it still says
 freshmeat.net, is that ok?

The release managers suggested that we fix that as well, so I've renamed the
URL in the package description too.

Cheers,
Francois


signature.asc
Description: Digital signature

Bug#640090: last package to depend on libedataserverui 1.2

2011-11-12 Thread Francois Marier 
On 2011-11-12 at 23:36:18, Josselin Mouette wrote:
 we’d like to remove the old libedataserverui packages in the following
 days. It looks like sflphone-gnome is the last package to use them, so
 it would be great if you could fix it now.

I was waiting on the 1.0 upstream release which is supposed to be happening
very soon.

I've pinged upstream about it and will update this bug once I've heard back
from them.

Cheers,
François



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#647079: whatsnewfm: New name and URL for freshmeat.net (parser broken)

2011-11-05 Thread Francois Marier 
Hi Christian,

On 2011-11-01 at 13:51:25, Christian Garbs wrote:
 Official Debian packages are prepared for uploading:
 (these links time out in 30 days):
 
   http://www.cgarbs.de/tmp/whatsnewfm_0.7.2-1.diff.gz
   http://www.cgarbs.de/tmp/whatsnewfm_0.7.2-1.dsc
   http://www.cgarbs.de/tmp/whatsnewfm_0.7.2.orig.tar.gz
 
 Now I'm looking for somebody to sponsor my upload.

I'm happy to sponsor this upload, but I think you might want to fix a few
minor things first:

1- in the package description, there is a typo in the new URL: freecode.net - 
freecode.com
2- Standards-Version should now be 3.9.2
3- you could make the urgency medium to speed up the wheezy transition

I would have submitted a pull request for these, but I don't think you have
a public packaging repo :)

 What has to be done to get this update into stable (or volatile)?
 Currently the package is completely unusuable, waiting
 for the next stable release is not really an option.

For stable (and/or squeze-updates, which is the new name for volatile), what
you'd need I think is a package where the only change is the new upstream
version (no other changes to the packaging).

Then I believe you need to let debian-release know about the package so that
they can approve it http://lists.debian.org/debian-release/ before it gets
uploaded to a different queue. If you prepare the package, I can take care
of this part if you like.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#647079: whatsnewfm: New name and URL for freshmeat.net (parser broken)

2011-10-30 Thread Francois Marier 
Package: whatsnewfm
Version: 0.7.1-1
Severity: grave
Tags: patch
Justification: renders package unusable

Freshmeat.net is now known as freecode.com which breaks the parser
(it's looking for freshmeat.net URLs in the newsletter).

A patch to fix this is available here:

  https://github.com/mmitch/whatsnewfm/pull/1

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#634159: Test packages

2011-07-19 Thread Francois Marier 
I haven't had time to test this (I'm travelling at the moment) but I've put
together a test package here:

  http://people.debian.org/~francois/vimperator

Cheers,
Francois

-- 
Francois Marier identi.ca/fmarier
http://feeding.cloud.geek.nz  twitter.com/fmarier



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#617789: iceweasel-vimperator: seems incompatible with iceweasel 3.6.16-5

2011-03-15 Thread Francois Marier 
On 2011-03-15 at 21:53:41, Ansgar Burchardt wrote:
 after somebody asked about this bug on IRC, I pinged the security team
 to make them aware of this regression.  Moritz Muehlenhoff told me these
 can be pushed as a followup DSA, so please contact the security team
 once an update for Squeeze is prepared.

Having adopted this package just a few days ago, I'm not sure I understand
everything here.

This bug doesn't appear to be a regression from a security upload of
vimperator (unless there is a security update I can't see from the
changelog).

So I'm guessing it must be the security update to Iceweasel that broke
vimperator support. Is that correct?

In which case, I guess the simplest fix is to upgrade this extension to
2.3.1 (i.e. new minor upstream version) in squeeze.

Looking at the changelog for the last upload to sid, I see only necessary
changes and trivial ones:

needed:

   * New upstream release
   * Use the right upstream license in debian/copyright
 (2.3.1 has a new license)

minor:

   * Remove versioned dependency on iceweasel
   * Adopting this package with Pierre's permission.
   * Move git repo to collab-maint on git.debian.org
   * Update homepage and download URL
   * Install the upstream changelog
   * Add ${misc:depends} dependency (lintian warning)
   * Remove period in short description (lintian warning)
   * Use 3.0 (quilt) source format
   * Bump Standards-Version and debhelper compat

So maybe I should put all of that in my proposal a squeeze stable update?

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#591206: License updated (flvplayer)

2010-11-11 Thread Francois Marier 
On 2010-11-11 at 16:35:53, Alexander Reichle-Schmehl wrote:
 If I understand it correctly, it's just a plugin of tinymce in need of
 that flash player?  Then couldn't that plugin be moved to non-free (in a
 sepperate source package) so that a tinymce cleaned from this plugin
 could stay in main as well as the other packages?

What we've done upstream for Mahara is that we've removed the media player
from the tinymce source we bundle with Mahara. I suspect that a number of
the other rdeps might be fine with that if they don't use that part of
tinymce.

Moving tinymce to nonfree would likely cause the mahara package to start
using its own flvplayer-free bundled copy again which would be sub-optimal
from a security standpoint.

Has anybody tried to get tinymce to remove flvplayer upstream?

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#591200: [instal...@ftp-master.debian.org: mahara_1.2.6-2_amd64.changes is NEW]

2010-09-08 Thread Francois Marier 
Once mahara 1.2.6-2 makes it out of the NEW queue, I will request a freeze
unblock to fix this RC bug.

Cheers,
Francois
---BeginMessage---
mahara-apache2_1.2.6-2_all.deb
  to main/m/mahara/mahara-apache2_1.2.6-2_all.deb
(new) mahara-mediaplayer_1.2.6-2_all.deb optional contrib/web
Electronic portfolio, weblog, and resume builder - internal media player
 Mahara is a fully featured electronic portfolio, weblog, resume builder and
 social networking system, connecting users and  creating online communities.
 .
 Mahara is designed to provide users with the tools to create a personal and
 professional learning and development environment.
 .
 This package includes a flash-based internal media player block.
mahara_1.2.6-2.debian.tar.gz
  to main/m/mahara/mahara_1.2.6-2.debian.tar.gz
mahara_1.2.6-2.dsc
  to main/m/mahara/mahara_1.2.6-2.dsc
mahara_1.2.6-2_all.deb
  to main/m/mahara/mahara_1.2.6-2_all.deb
Changes: mahara (1.2.6-2) unstable; urgency=medium
 .
  * Move flowplayer.audio to the contrib package as well
  * Add an allow rule in apache.conf for flowplayer.audio


Override entries for your package:
mahara-apache2_1.2.6-2_all.deb - optional web
mahara_1.2.6-2.dsc - source web
mahara_1.2.6-2_all.deb - optional web

Announcing to debian-devel-chan...@lists.debian.org


Your package contains new components which requires manual editing of
the override file.  It is ok otherwise, so please be patient.  New
packages are usually added to the override file about once a week.

You may have gotten the distribution wrong.  You'll get warnings above
if files already exist in other distributions.

---End Message---

Bug#591200: Fix coming

2010-08-30 Thread Francois Marier 
A fix for this bug will be coming soon.

The next upstream point release will:

- remove the tinymce swf file
- use a flash video player with source

Once that's available, I'll prepare a new Debian package that will:

- use the system's copy of tinymce instead of the bundle one
- split the video player into a contrib package

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#592917: Clarification on the license of cowsay cows you wrote

2010-08-15 Thread Francois Marier 
Hi Rhonda,

You contributed two cows to cowsay (gnu and suse) some years ago under the
BSD license.

Can you confirm that this is the BSD license you had in mind:

  http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#591200: Details on the two swf files included in Mahara

2010-08-02 Thread Francois Marier 
As far as I can see, we are talking about two files:

  $ find -iname *.swf
  ./htdocs/artefact/file/blocktype/internalmedia/mediaplayer.swf
  ./htdocs/js/tinymce/plugins/media/img/flv_player.swf

mediaplayer.swf comes from Moodle (also filed as bug #591201) and is
licensed under the GPLv2 or later:

  
http://cvs.moodle.org/moodle/filter/mediaplugin/flvplayer.README.txt?view=markup

but the source will be available from one of the releases here:

  http://developer.longtailvideo.com/trac/browser/tags

flv_player.swf comes from tinymce and is also filed as bug #591206.

What is not clear to me however is the procedure, once we have the source
files, for building an swf from a .fla using only free software.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#586061: php-htmlpurifier: new upstream release includes fix for XSS on IE (fix in 4.1.0 wasn't good enough)

2010-06-15 Thread Francois Marier 
Package: php-htmlpurifier
Version: 4.1.0+dfsg1-1
Severity: grave
Tags: patch

The new 4.1.1 upstream release says:

HTML Purifier 4.1.1 is a major security and bugfix release that
improves on 4.1's fix for an XSS vulnerability exploitable on Internet
Explorer.

I have attached a patch which is the upstream fix for it 
(d3abcb90e30592c619047d878cf9c72b7c5836a3) but a simpler fix is just to upgrade 
to the latest upstream release.

Cheers,
Francois
diff --git a/library/HTMLPurifier/AttrDef.php b/library/HTMLPurifier/AttrDef.php
index d32fa62..b2e4f36 100644
--- a/library/HTMLPurifier/AttrDef.php
+++ b/library/HTMLPurifier/AttrDef.php
@@ -82,6 +82,42 @@ abstract class HTMLPurifier_AttrDef
 return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
 }
 
+/**
+ * Parses a possibly escaped CSS string and returns the pure 
+ * version of it.
+ */
+protected function expandCSSEscape($string) {
+// flexibly parse it
+$ret = '';
+for ($i = 0, $c = strlen($string); $i  $c; $i++) {
+if ($string[$i] === '\\') {
+$i++;
+if ($i = $c) {
+$ret .= '\\';
+break;
+}
+if (ctype_xdigit($string[$i])) {
+$code = $string[$i];
+for ($a = 1, $i++; $i  $c  $a  6; $i++, $a++) {
+if (!ctype_xdigit($string[$i])) break;
+$code .= $string[$i];
+}
+// We have to be extremely careful when adding
+// new characters, to make sure we're not breaking
+// the encoding.
+$char = HTMLPurifier_Encoder::unichr(hexdec($code));
+if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue;
+$ret .= $char;
+if ($i  $c  trim($string[$i]) !== '') $i--;
+continue;
+}
+if ($string[$i] === \n) continue;
+}
+$ret .= $string[$i];
+}
+return $ret;
+}
+
 }
 
 // vim: et sw=4 sts=4
diff --git a/library/HTMLPurifier/AttrDef/CSS/FontFamily.php b/library/HTMLPurifier/AttrDef/CSS/FontFamily.php
index 705ac89..42c2054 100644
--- a/library/HTMLPurifier/AttrDef/CSS/FontFamily.php
+++ b/library/HTMLPurifier/AttrDef/CSS/FontFamily.php
@@ -34,37 +34,10 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
 $quote = $font[0];
 if ($font[$length - 1] !== $quote) continue;
 $font = substr($font, 1, $length - 2);
+}
 
-$new_font = '';
-for ($i = 0, $c = strlen($font); $i  $c; $i++) {
-if ($font[$i] === '\\') {
-$i++;
-if ($i = $c) {
-$new_font .= '\\';
-break;
-}
-if (ctype_xdigit($font[$i])) {
-$code = $font[$i];
-for ($a = 1, $i++; $i  $c  $a  6; $i++, $a++) {
-if (!ctype_xdigit($font[$i])) break;
-$code .= $font[$i];
-}
-// We have to be extremely careful when adding
-// new characters, to make sure we're not breaking
-// the encoding.
-$char = HTMLPurifier_Encoder::unichr(hexdec($code));
-if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue;
-$new_font .= $char;
-if ($i  $c  trim($font[$i]) !== '') $i--;
-continue;
-}
-if ($font[$i] === \n) continue;
-}
-$new_font .= $font[$i];
-}
+$font = $this-expandCSSEscape($font);
 
-$font = $new_font;
-}
 // $font is a pure representation of the font name
 
 if (ctype_alnum($font)  $font !== '') {
@@ -73,12 +46,21 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
 continue;
 }
 
-// complicated font, requires quoting
+// bugger out on whitespace.  form feed (0C) really
+// shouldn't show up regardless
+$font = str_replace(array(\n, \t, \r, \x0C), ' ', $font);
 
-// armor single quotes and new lines
-$font = str_replace(\\, , $font);
-$font = str_replace(', \\', $font);
-$final .= '$font', ;
+// These ugly transforms don't pose a security
+// risk (as \\ and \ might).  We could try to be clever and
+

Bug#580174: rlwrap: FTBFS on armel: R_ARM_CALL relocation against SEC_MERGE section

2010-05-03 Thread Francois Marier 
Package: rlwrap
Version: 0.36-2
Severity: serious
Tags: help
Justification: Policy 5.6.8

rlwrap (since version 0.35-1) no longer builds on armel. Here is the link error:

  gcc -DDATADIR=\/usr/share\  -g -O2   -o kaboom kaboom.o  -lutil  -lreadline 
-lcurses
  /usr/bin/ld: kaboom.o(.text+0x64): R_ARM_CALL relocation against SEC_MERGE 
section
  /usr/bin/ld: final link failed: Nonrepresentable section on output
  collect2: ld returned 1 exit status

see 
https://buildd.debian.org/fetch.cgi?pkg=rlwraparch=armelver=0.36-2stamp=1272696548file=logas=raw

I have no idea what that means or how to fix it, so I am requesting the help of
someone who knows more than me about that architecture and that error message.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#575043: workrave: keeps crashing with 'BadWindow (invalid Window parameter)'

2010-03-23 Thread Francois Marier 
I get the same error messages on the console, but workrave doesn't crash for
me. Do you get a segfault from it or does it keep going fine?

Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#559259: ninja: Default config file should not have automatic kills enabled

2009-12-02 Thread Francois Marier 
Package: ninja
Version: 0.1.2-5
Severity: critical
Justification: breaks unrelated software

This is a really easy fix, but I feel like it's quite critical because I forgot 
that I had
ninja installed and all of a sudden random things on my system (sudo, hal, 
dbus) started
breaking without noting anything in the logs.

To minimise surprises like these, I would recommend defaulting to:

  no_kill = yes
  no_kill_ppid = yes

Cheers,
Francois

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.6-grsec (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ninja depends on:
ii  libc6 2.10.2-2   GNU C Library: Shared libraries

ninja recommends no packages.

ninja suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#558997: sudo is unusable and closes my terminal as soon as I type a single letter

2009-12-02 Thread Francois Marier 
To avoid people being surprised by ninja breaking things they depend on, I
suggest the whitelist should contain at least these:

  /usr/bin/passwd:users:
  /bin/su:users:
  /usr/bin/sudo:users:

('tom' should not be in there and 'admins' is not one of the default Debian
groups as far as I know)

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#558997: List of binaries to whitelist

2009-12-02 Thread Francois Marier 
This guy has a bigger list of things that should be whitelisted:

  http://blog.bodhizazen.net/linux/how-to-ninja/comment-page-1/

/bin/fusermount:users:
/usr/bin/passwd:users:
/usr/bin/pulseaudio:users:
/usr/sbin/hald:haldaemon:
/usr/lib/hal/hald-runner:haldaemon:

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#558997: sudo is unusable and closes my terminal as soon as I type a single letter

2009-11-30 Thread Francois Marier 
Package: sudo
Version: 1.7.2p1-1
Severity: grave
Justification: renders package unusable

sudo is no longer working on my box.

If I do something like sudo -v or sudo ls, sudo closes as soon as I type 
the first
letter of my password. Furthermore, it closes the terminal in which it was 
started.

Whether it's a gnome-terminal or vt1, the underlying terminal logs out.

No segfaults are detected and I don't see any error messages in the logs.

I'm not sure how to debug this further...

Cheers,
Francois

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.6-grsec (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages sudo depends on:
ii  libc6 2.10.2-2   GNU C Library: Shared libraries
ii  libpam-modules1.1.0-4Pluggable Authentication Modules f
ii  libpam0g  1.1.0-4Pluggable Authentication Modules l

sudo recommends no packages.

sudo suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#525390: Works for me now

2009-06-06 Thread Francois Marier 
The OTR plugin seems to work for me now.

Maybe this bug should be closed?

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#531515: ia32-apt-get: breaks dpkg --control (= 1.15.1) and debsums

2009-06-04 Thread Francois Marier 
On 2009-06-03 at 18:15:17, Goswin von Brederlow wrote:
 Francois, if you want to sponsor the upload:

Done.

I also took the liberty to bump the Standards-Version to 3.8.1 to fix a
lintian warning.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#531104: whatsnewfm: new releases are no longer shown in emails

2009-05-29 Thread Francois Marier 
Package: whatsnewfm
Version: 0.7.0-2
Severity: grave
Justification: renders package unusable

(I was a little bit hesitant to mark this bug as grave, so feel free to bump 
the severity
down if I'm the only one affected by this...)

For about a week now, the Freshmeat Newsletter has been empty after running 
through
whatsnewfm.pl. For example, today:

This newsletter has been filtered by:
whatsnewfm.pl  v0.7.0  2009-03-26

It contained 47 releases.
47 releases have been skipped as 'already seen'.
0 releases have been skipped as 'low score'.
0 releases are shown in this mail,
while 0 releases have been sent separately as 'hot'.

Your 'hot' database has 43 entries.

0 entries from your 'old' database have expired,
while 0 items were added.
Your 'old' database now has 4656 entries.

If I grab the original newsletter and take the project IDs and then:

grep projectid ~/.whatsnewfm.db

I can see that a few of the project releases should have been shown.

So it looks like whatsnewfm.pl currently eats all of the releases but thankfully
doesn't add them to the 'old' database.

Could this have been caused by a Perl upgrade of some sort in unstable?

Cheers,
Francois

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.29.4-grsec (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages whatsnewfm depends on:
ii  exim4 4.69-11metapackage to ease Exim MTA (v4) 
ii  exim4-daemon-light [mail-tran 4.69-11lightweight Exim MTA (v4) daemon
ii  libberkeleydb-perl0.38-1 use Berkeley DB 4 databases from P
ii  perl  5.10.0-22  Larry Wall's Practical Extraction 

Versions of packages whatsnewfm recommends:
ii  procmail  3.22-16Versatile e-mail processor

whatsnewfm suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#522116: CVE-2009-1171: File disclosure

2009-04-01 Thread Francois Marier 
On 2009-04-01 at 13:10:52, Moritz Muehlenhoff wrote:
 [Adding Francois to CC]
 
 I agree. Can you please provide updated packages for oldstable-security
 and stable-security?

Yes, I'm on it now.

I'm testing Nico's lenny package at the moment, then I'll be pushing out an
almost identical package to unstable.

Once that's done, I'll port the patch to oldstable.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#520008: Resetting the X r-flag?

2009-03-30 Thread Francois Marier 
On 2009-03-30 at 18:55:12, Francois Marier wrote:
 Regarding the X repeat flag: how does one go about resetting it to a sane
 value after a synergy crash?

Replying to myself:

  xset r rate 500 30

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#521133: New upstream version available

2009-03-26 Thread Francois Marier 
Upstream has just released version 0.7.0 which fixes that problem:

  http://freshmeat.net/projects/whatsnewfm/releases/296825

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#521133: whatsnewfm: Freshmeat has changed the newsletter format

2009-03-24 Thread Francois Marier 
Package: whatsnewfm
Version: 0.6.6-1
Severity: grave
Tags: patch
Justification: renders package unusable

As described on the homepage (http://www.cgarbs.de/whatsnewfm.en.html) and on 
the
upstream bug tracker:

  
http://sourceforge.net/tracker/index.php?func=detailaid=2691997group_id=68034atid=519822

Freshmeat has changed the newsletter format, breaking this package.

Upstream has a new version in CVS which works with the FM3 newsletter:

http://whatsnewfm.cvs.sourceforge.net/viewvc/whatsnewfm/whatsnewfm/whatsnewfm.pl?view=markup

Cheers,
Francois

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.28.9-grsec (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages whatsnewfm depends on:
ii  exim4 4.69-9 metapackage to ease Exim MTA (v4) 
ii  exim4-daemon-light [mail-tran 4.69-9 lightweight Exim MTA (v4) daemon
ii  libberkeleydb-perl0.38-1 use Berkeley DB 4 databases from P
ii  perl  5.10.0-19  Larry Wall's Practical Extraction 

Versions of packages whatsnewfm recommends:
ii  procmail  3.22-16Versatile e-mail processor

whatsnewfm suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#514141: Patch ready, but needs a mips machine to test on

2009-02-07 Thread Francois Marier 
tags 514141 + help
thanks

Hi Peter,

The compilation problem seems to be due to a broken macro:

#define endian_swap16(x) \
({ \
uint16_t __x = (x); \
((uint16_t)( \
(uint16_t)(((uint16_t)(__x)  (uint16_t)0x00ff)  24) | \
(uint16_t)(((uint16_t)(__x)  (uint16_t)0xff00)  8) | \
})

I have attached a patch to this email, but I don't have a mips machine to
test it on (casals seems to be down). Could you please confirm that this
patch resolves the compilation error?

Thanks,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#514141: Missing attachment

2009-02-07 Thread Francois Marier 
... and here is the missing attachment :)

Francois
diff --git a/wispy_hw_dbx.c b/wispy_hw_dbx.c
index c51e6f7..964b89b 100644
--- a/wispy_hw_dbx.c
+++ b/wispy_hw_dbx.c
@@ -107,7 +107,7 @@
 uint16_t __x = (x); \
 ((uint16_t)( \
 (uint16_t)(((uint16_t)(__x)  (uint16_t)0x00ff)  24) | \
-(uint16_t)(((uint16_t)(__x)  (uint16_t)0xff00)  8) | \
+(uint16_t)(((uint16_t)(__x)  (uint16_t)0xff00)  8) )); \
 })
 
 /* Aux tracking struct for wispy1 characteristics */

Bug#508593: Bug already fixed in proposed update

2008-12-14 Thread Francois Marier 
tags 508593 + pending
thanks

Actually Dan pointed out that we did fix this problem as it was numbered
MSA-08-0022 upstream:

  
http://git.debian.org/?p=pkg-moodle/moodle-etch.git;a=blob;f=debian/patches/12_MSA-08-0022.dpatch;h=ab389f93f29b4d0cce24695ac95cf6fbdcc14fdf;hb=88fe23785db92bc3e04a79be5a4c854f1090d31a

So once this update is pushed out by the Debian Security Team, this bug can
be closed.

I have updated the proposed changelog in the git repo.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#508593: Another Moodle security update

2008-12-12 Thread Francois Marier 
Thanks for the notification Raphael.

We'll add it to the proposed security update as soon as possible.

However, we are still waiting to hear back from the Security Team regarding
a big security update we have prepared about a month ago:

  http://people.debian.org/~francois/moodle-etch/
  http://git.debian.org/?p=pkg-moodle/moodle-etch.git

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#507185: Customised third-party code in Moodle

2008-11-28 Thread Francois Marier 
severity 507185 normal
thanks

Hi Steffen,

Thanks for taking the time to find and list all of these third-party
libraries.

We do want to eliminate these as much as possible (the last upload removed
smarty and yui for example [0]) and reduce our time spent fixing security
bugs in third-party software.

Unfortunately, many of these libraries had to be customised in Moodle. For
instance, these ones have documented customisations:

 - libphp-snoopy [1]
 - libphp-adodb [2]
 - libphp-phpmailer [3]
 - pclzip [4] (which was missing from your list)

I believe that this one has also been customised but it's not currently
documented:

 - tinymce

I hadn't yet seen this one (thanks for the heads up!), but it's not
available in Lenny:

 - libmarkdown-php

Finally, I couldn't find Debian packages for these ones, are they in Debian
already?

 - domxml-php4-to-php5.php
 - kses

Cheers,
Francois

[0] 
http://git.debian.org/?p=pkg-moodle/moodle.git;a=blob;f=debian/changelog;hb=lenny
[1] 
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/snoopy/moodle_readme.txt;hb=cvshead
[2] 
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/adodb/readme_moodle.txt;hb=cvshead
[3] 
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/phpmailer/README_MOODLE.txt;hb=cvshead
[4] 
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/pclzip/readme_moodle.txt;hb=cvshead



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#507185: Customised third-party code in Moodle

2008-11-28 Thread Francois Marier 
On 2008-11-29 at 13:01:23, Francois Marier wrote:
 I hadn't yet seen this one (thanks for the heads up!), but it's not
 available in Lenny:
 
  - libmarkdown-php

Actually Moodle is using PHP Markdown Extra, which is a different upstream
source package:

  http://michelf.com/projects/php-markdown/

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#496071: Talking to upstream about the licence

2008-11-07 Thread Francois Marier 
Hi Olivier,

On 2008-11-07 at 09:23:04, Olivier Berger wrote:
 It seems that the discussions have been succesfull, as the lib seems to be
 licensed under LGPL now.
 

You're right, the upstream author has relicensed under the LGPL, so this
problem is now resolved. So for the Moodle package, I've upgraded the
version of the library and reuploaded to close the equivalent bug (496069).

 Do you have more details ?

Not really, the upstream author always intended to have this file available
to other projects, he just wanted to pick the best license for his
jurisdiction (France).

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#496071: Talking to upstream about the licence

2008-11-04 Thread Francois Marier 
FYI, I am currently following this up with the upstream developer.

Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#502905: Not fixed

2008-10-22 Thread Francois Marier 
On 2008-10-22 at 17:43:59, Patrick Wiseman wrote:
 If the latest docvert, which installed with testing updates this morning,
 was supposed to have fixed the problem, it didn't.  I had exactly the same
 problem this morning, with the boot process hanging interminably.  I had to
 reboot into single-user mode and move the S20docvert-* processes to
 K80docvert-*, and booting then proceeded normally.

Can you check the exact version of the package you have on your system?

  dpkg -l docvert*

Also, can you attach these files to your response:
   /etc/init.d/docvert-*

Cheers,

Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#502905: Not fixed

2008-10-22 Thread Francois Marier 
On 2008-10-22 at 18:47:47, Patrick Wiseman wrote:
 rc  docvert-openoffice 3.4-3  Converts word processor
 files to HTML using OpenOffice

This is the old package, try apt-get remove --purge docvert-openoffice

I noticed that you have a /etc/init.d/docvert-openoffice initscript on your
system. Does it go away after you purge the docvert-openoffice package?

That's an old broken initscript so if you remove it from your system, you
should be able to boot without problems.

Let me know how that goes though, I want to make sure that it's fixed in
Lenny.

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#501331: debsums: debconf really necessary?!

2008-10-19 Thread Francois Marier 
On 2008-10-19 at 23:07:46, Sune Vuorela wrote:
 In case of 2, the intruder is more than normal stupid if he gets caught by 
 this.

Yes, but as you are probably aware, there are stupid attackers out there :)

  This may be useful for checking system integrity later, though it 
 should not be relied on as a security measure.

I agree with you on that point: it's NOT a proper/full security solution

I think that if you're concerned about security, you should go for something
like samhain, integrit, etc. These solutions are much better for that
purpose.

Where I think I might disagree with you is here: I think that the debsums
checks can still be somewhat useful security-wise. Mostly because of the
fact that it requires no setup of any kind and is automatically updated.

For users who feel that it's too much work and overhead to setup a proper
security solution (a la samhain and friends) and to keep it up to date, then
the simple no-setup debsums check is better than doing no checks at all.

  This security check takes some time to run but is highly recommended.

I will concede that perhaps I should have omitted the word highly in that
sentence. However, given the number of updates that I have requested from
the translators in the last few weeks, this change will have to wait.

If you'd like to suggest a small blurb that recommends other packages for
making the system properly secure, then I'll be happy to add this to the
README file to make it obvious what the limitations of debsums are and that
there are good protections for those who are willing to put the time in.

 1) Don't ask this in debconf

It's a medium-level question.

 2) don't enable such cron run by default

Done (in the upcoming upload).

Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#502654: hunspell-fr: French dictionary is not working for locales outside of France

2008-10-18 Thread Francois Marier 
Package: hunspell-fr
Version: 1:2.4.0-2
Severity: grave
Tags: patch
Justification: renders package unusable for some users

Hello,

The hunspell-fr package as it is only works for the fr_FR locale. This means 
that French
speakers in other locales (fr_BE, fr_CA, fr_CH and fr_LU) cannot use the 
spellchecker
at all in applications like OpenOffice.org, Pidgin or Tomboy. (All words are 
underlined
in red.)

I have attached a trivial patch which solves all of these issues and I would 
like to
request a freeze exception with the release team once this fix has made it to 
unstable.

If I can be of any assistance (for example if you prefer that I do an NMU), 
please
let me know.

Thanks!

Francois

P.S. This problem was also discussed in these Ubuntu bug reports:

  
https://bugs.launchpad.net/ubuntu/+source/openoffice.org-dictionaries/+bug/139570
  
https://bugs.launchpad.net/ubuntu/+source/openoffice.org-dictionaries/+bug/278943

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages hunspell-fr depends on:
ii  dictionaries-common [openoffi 0.98.12Common utilities for spelling dict

hunspell-fr recommends no packages.

Versions of packages hunspell-fr suggests:
pn  hunspell  none (no description available)
ii  openoffice.org-core [openoffi 1:2.4.1-11 OpenOffice.org office suite archit

-- no debconf information
diff -u openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo
--- openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo
+++ openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo
@@ -1,0 +2,4 @@
+DICT fr BE fr_FR
+DICT fr CA fr_FR
+DICT fr CH fr_FR
+DICT fr LU fr_FR
--- openoffice.org-dictionaries-2.4.0~m240.orig/debian/hunspell-fr.links
+++ openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.links
@@ -0,0 +1,8 @@
+/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_BE.aff
+/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_BE.dic
+/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_CA.aff
+/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_CA.dic
+/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_CH.aff
+/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_CH.dic
+/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_LU.aff
+/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_LU.dic

Bug#497393: missing DBus-glib.xml?

2008-09-02 Thread Francois Marier 
On 2008-09-02 at 21:23:03, Andreas Putzo wrote:
 I don't know why it works on your system but the tarball does not 
 include workrave-1.9.0/common/bin/DBus-glib.xml and it seems not to be
 auto generated. This file, however, can be found in upstream vcs [1].
 I added the file and workrave compiled fine with that.

Actually, that file doesn't exist in my build tree:

  
http://git.debian.org/?p=collab-maint/workrave.git;a=tree;f=common/bin;hb=master

and it does look like it's auto-generated by common/bin/dbusgen.py:

  if options.language:
  if options.language == 'C':
  header_ext=.h
  elif options.language == 'C++':
  if options.client:
  templates.append(directory+/DBus-client-template.cc)
  templates.append(directory+/DBus-client-template.hh)
  if options.server:
  templates.append(directory+/DBus-template.cc)
  templates.append(directory+/DBus-template.hh)
  header_ext=.hh
  elif options.language == 'dbus-glib':
  templates.append(directory+/DBus-glib.xml)
  header_ext=.xml


Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#491704: Making sure that K3b is included in the next Debian release

2008-08-14 Thread Francois Marier 
severity 491704 important
thanks

Hi Gianluca Francesco,

I think that it would be preferable for the time being to reduce slightly
the severity of the K3b bug you reported. Otherwise, it may prevent K3b from
being part of Lenny.

I haven't been able to reproduce your problem on my machine so I'm not 100%
sure whether or not K3b is the underlying cause of the problem. If other
people report the same issue, we can always change the severity back to what
it was.

Thanks for taking the time to report this problem and feel free to let me
know if you disagree with this reasoning.

Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#489690: Opting out on installation of safe-rm breaks install process

2008-07-12 Thread Francois Marier 
Hi Chris,

 If there is no otherway to work around the possible bad behaviour please at
 least tell your users what to do, as I assume this package attracts rather
 inexperienced users due to the nature of the task.

If I understand you correctly, you'd like to see a clearer debconf message.
What do you think it should say instead of the current one?

Cheers,
Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#489690: closed by Francois Marier [EMAIL PROTECTED] (Bug#489690: fixed in safe-rm 0.2-4)

2008-07-08 Thread Francois Marier 
On 2008-07-08 at 20:47:36, Sven Joachim wrote:
 In mass-upgrades, the time window between unpacking and configuring a
 package is potentially very large, several minutes are not unusual.

Very true.

 This could be done via a debconf question like the one kernel-package
 creates for linux-image packages (they warn to overwrite a running
 kernel).

I have just made a new upload with a debconf question. Thanks for the
suggestion!

Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#421864: closed by Francois Marier [EMAIL PROTECTED] (Bug#457828: fixed in chkrootkit 0.48-2)

2008-04-24 Thread Francois Marier 
On 2008-04-23 at 10:27:03, Chris Withers wrote:
 Cool. Can you update the ticket and let me know when you have?

I have just made an upload to the stable distribution.

It will be considered for inclusion in the next stable point release.

Francois



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

  1   2   >