Bug#1065696: Fwd: E: unsupported command: poweroff.no-molly-guard
Hi Helmut, This looks like an unexpected edge case from the recent usr-merge changes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065696 It sounds like a system using sysvinit, instead of systemd, which was recently upgraded using usrmerge. Francois -- https://fmarier.org/
Bug#1033306: The tor package in stable will soon become unusable
I received the email below from the Tor team. The package that's currently in stable should be updated ASAP since it's going to stop working very soon. I will be switching temporarily to the package in backports, but IMO an update should be pushed to bookworm either via the security repo, or failing that as a stable update. Francois -- Hi, You are running a bunch of Tor relays, which is great. However, that relays' Tor version is obsolete, and because of old bugs, we will soon cut relays and bridges running that version out of the network. Please consider upgrading ASAP! You can find Tor packages and instructions for your distro / OS here: https://community.torproject.org/relay/setup/guard/ If you need help upgrading your relay, please use the Tor Forum: https://forum.torproject.org/c/support/relay-operator/17 ::Stay Connected with the Tor Community:: - Join our Monthly Tor relay operators meetups: https://forum.torproject.org/t/tor-relays-next-tor-relay-operator-meetup-march-2nd-2024-19-00-utc/11568 - Subscribe to the Tor relays mailing list: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Thanks, Gus -- The Tor Project Community Team Lead
Bug#1062046: [hel...@subdivi.de: Bug#1062046: libfko3t64 has an undeclared file conflict]
Looks like there's a missing conflict in the package that was just uploaded to experimentatl. - Message transféré de Helmut Grohne - Package: libfko3t64 Version: 2.6.10-20.1~exp1 Severity: serious User: debian...@lists.debian.org Usertags: fileconflict Control: affects -1 + libfko3 X-Debbugs-Cc: Lukas Märdian , vor...@debian.org libfko3t64 has an undeclared file conflict. This may result in an unpack error from dpkg. The files * /usr/lib/x86_64-linux-gnu/libfko.so.3 * /usr/lib/x86_64-linux-gnu/libfko.so.3.0.0 are contained in the packages * libfko3 * 2.6.10-12 as present in bullseye * 2.6.10-16 as present in bookworm * 2.6.10-20+b2 as present in trixie|unstable * libfko3t64/2.6.10-20.1~exp1 as present in experimental These packages can be unpacked concurrently, because there is no relevant Replaces or Conflicts relation. Attempting to unpack these packages concurrently results in an unpack error from dpkg, because none of the packages installs a diversion for the affected files. Kind regards The Debian Usr Merge Analysis Tool This bug report has been automatically filed with no human intervention. The source code is available at https://salsa.debian.org/helmutg/dumat. If the filing is unclear or in error, don't hesitate to contact hel...@subdivi.de for assistance. - Fin du message transféré -
Bug#1061958: fwknop: NMU diff for 64-bit time_t transition
On 2024-01-30 at 05:48:11, Lukas Märdian (sl...@debian.org) wrote: > If you have any concerns about this patch, please reach out ASAP. Although > this package will be uploaded to experimental immediately, there will be a > period of several days before we begin uploads to unstable; so if information > becomes available that your package should not be included in the transition, > there is time for us to amend the planned uploads. No objections from me. If you'd like to create a merge request on https://salsa.debian.org/debian/fwknop, then I can merge and then you can upload to unstable at your convenience. Francois signature.asc Description: PGP signature
Bug#1056279: Bug#1057220: Looks like the systemctl links are gone but not the pm-utils ones
Thank you Helmut and Chris for the helpful discussion. I have finally found some time to review your comments and the proposed molly-guard patches. While I'm still not 100% confident I understand the problem (and the fix), the solution you have settled on makes sense to me. With respect to the presence of the real commands in the path, I'm not too worried about it personally. I do agree it's unfortunate and it would be great if we could do this reliably without putting the diverted binary within easy reach, but at the end of the day, molly-guard will never catch all possible mistakes. As Helmut pointed out, it's already missing some cases (and it's always been possible to "init 6" as well), but I think it still provides a useful service if it catches the most common cases of accidental reboots. I had a similar dilemma for another package I maintain (safe-rm) and I've decided there to focus on the most common cases again to reduce complexity, and improve reliability. I will leave this for a few days in case others like Simó want to also chime in, but otherwise I am planning to upload to experimental this week and then unstable a few days later. Again many thanks for all of the work that has gone into solving this thorny problem. Francois
Bug#1057470: Outdated rkhunter since 2018-02
On 2023-12-05 at 20:28:44, Jörg Frings-Fürst (debian@jff.email) wrote: > I did not search for Vulnerabilities. However, I am of the opinion that using > rkhunter in its current form is equivalent to using a 6 year old virus scanner > and therefore involves an increased security risk. Ideally I agree that it would be great if more signatures could be added so that new threats could be detected. I don't see any indication that of vulnerabilities in this software however. Lack of new upstream development is not necessarily an indication that the software is unsafe. Francois -- https://fmarier.org/
Bug#1057470: Outdated rkhunter since 2018-02
On 2023-12-05 at 07:07:23, Jörg Frings-Fürst (debian@jff.email) wrote: > I noticed that the program and the data available on the internet are from > 2018-02. > So almost 6 years old data suggests a non-existent security. Hi Jörg, are you aware of security vulnerabilities in rkhunter or you are simply guessing that it might contain security vulnerabilities? As far as I am aware, rkhunter is not under active development anymore, but it also doesn't have any known vulnerabilities. Francois -- https://fmarier.org/
Bug#1056279: Looks like the systemctl links are gone but not the pm-utils ones
On 2023-11-27 at 03:54:16, Helmut Grohne (hel...@subdivi.de) wrote: > I don't have time to update the patch right now. Let me promise an update > this week, ok? Hi Helmut, My apologies for not responding earlier, but this is a rather thorny problem to solve and I have not had the mental "bandwidth" to dig into this yet. I wanted however to express my sincere appreciation for all of the work you have put into both understanding this problem and coming up with a solution. Francois
Bug#1056279: Looks like the systemctl links are gone but not the pm-utils ones
CCing Helmut who wrote the initial patch for systemd 255+ support (see Bug#1055510). I also see the same thing: $ ls -lh /usr/lib/molly-guard/ Permissions Size User Group Date Modified Name .rwxr-xr-x 3,4k root root 11 nov 14:02 molly-guard* lrwxrwxrwx31 root root 14 nov 2019 pm-hibernate -> /usr/lib/pm-utils/bin/pm-action* lrwxrwxrwx31 root root 14 nov 2019 pm-suspend -> /usr/lib/pm-utils/bin/pm-action* lrwxrwxrwx31 root root 14 nov 2019 pm-suspend-hybrid -> /usr/lib/pm-utils/bin/pm-action* $ sudo reboot --help E: not a regular file: /usr/lib/molly-guard/reboot I'm also a little confused by the diverts. Perhaps something changed in systemd (which owns the ultimate underlying symlinks)? Francois -- https://fmarier.org/
Bug#1055510: Best way to coordinate this fix
On 2023-11-10 at 02:45:14, Helmut Grohne (hel...@subdivi.de) wrote: > Thank you. The package built and dumat has imported it. I locally forked > its analysis database pretending that systemd would not declare a > conflict for molly-guard and reran it on that database. It does not > report any issues for molly-guard 0.8. I also checked the underlying > database and see that it recognizes the duplicated diversions there. Thanks for all of the help Helmut! I have uploaded 0.8.1 to unstable. Francois -- https://fmarier.org/
Bug#1055510: Best way to coordinate this fix
On 2023-11-08 at 21:15:58, Helmut Grohne (hel...@subdivi.de) wrote: > Thank you. I suggest going via experimental first. I've just uploaded to experimental. If there are any tests you can easily run there, please do so. I've upgraded in unstable from the current version to 0.8 without problems, so that should in theory work when I eventually upload to unstable. Francois -- https://fmarier.org/
Bug#1055670: fwknop-server: must Depends: apparmor-profiles-extra
> The latest update breaks apparmor for the whole system. > > /etc/apparmor.d/usr.sbin.fwknopd: > include > > This must declare Depends: apparmor-profiles-extra. > > Otherwise the apparmor service can't parse the file and will refuse to start. Ah, that's annoying. I don't think I'll want to make fwknop-server require apparmor. I guess this means I need to reintroduce the fwknop-apparmor package. Thanks for flagging this. Francois -- https://fmarier.org/
Bug#1055510: Best way to coordinate this fix
If anybody would like to double-check (or test) the package I've prepared, it's in salsa right now. Francois
Bug#1055510: Best way to coordinate this fix
Hi Luca, What's the best way to coordinate a fix for this? I assume that we shouldn't upload a new molly-guard packages until the files have actually moved in the systemd package? Should we wait until systemd is in unstable to push a new molly-guard out? Francois -- https://fmarier.org/
Bug#1034055: fwknop-apparmor-profile: AppArmor profile installed in systemd system service path
On 2023-04-07 at 07:23:07, Laurent Bigonville (bi...@debian.org) wrote: > It seems that you install the apparmor profile in the path for systemd system > service > > The following change should be reverted: > https://salsa.debian.org/debian/fwknop/-/commit/d3a5aaef39fedc1bb94e26921afbf63f79b31af7 Hm, that does look like a mistake. I don't remember what might have caused me to make that change. I guess the apparmor profile hasn't been in use for a while then. It seems like it's too late in the release process to re-add it in bookworm. Here's what I'm thinking of doing: - move it to /usr/share/apparmor/extra-profiles/ (so it's not turned on by default) for bookworm - move it back to /etc/apparmor.d/ after bookworm Alternatively, I could also not change anything for bookworm since it's not enabled as an AppArmor profile and it will be ignored as a systemd unit file. What do you think? Francois
Bug#1033306: tor: Tor relays running 0.4.5.16 will soon be cut off from the network
Package: tor Version: 0.4.5.16-1 Severity: grave Justification: renders package unusable I received the following email from the Tor Project: Hi, You are running a bunch of Tor relays, which is great: However, those relays' Tor version is obsolete, and because of old bugs, we will soon cut relays and bridges running that version out of the network. Please consider upgrading! You can find Tor packages and instructions for your distro / OS here: https://community.torproject.org/relay/setup/guard/ If you need help upgrading your relays, please use the Tor Forum: https://forum.torproject.net/c/support/relay-operator/17 Let us know if we can do anything to make the process easier. Thanks! Georg They are currently aiming for a cut-off date 4-6 weeks from now. This means that the version of tor that's in bullseye will essentially stop working for most uses. There is already a version in backports that will work fine, but perhaps it's worth also uploading it to stable for the next point release? Francois -- https://fmarier.org/
Bug#1006534: pagekite: Fails to accept client connections
Package: pagekite Version: 1.5.2.200603-2 Severity: grave Tags: patch Justification: renders package unusable As described in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004295, incoming pagekite connections don't work on Debian 11. If you run your own frontend on that version of Debian (or on Ubuntu focal for that matter), nothing works. I've attached the reverse of the patch from that bug which is all that's needed to fix pagekite in unstable. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages pagekite depends on: ii ca-certificates20211016 ii daemon 0.8-1 ii init-system-helpers1.62 ii python33.9.8-1 ii python3-openssl21.0.0-1 ii python3-six1.16.0-3 ii python3-socksipychain 2.1.2-1 pagekite recommends no packages. pagekite suggests no packages. -- Configuration Files: /etc/pagekite.d/10_account.rc [Errno 13] Permission non accordée: '/etc/pagekite.d/10_account.rc' /etc/pagekite.d/90_debian_certs.rc [Errno 13] Permission non accordée: '/etc/pagekite.d/90_debian_certs.rc' -- no debconf information commit 695ae5c46610393b8b4e950466c643d9c58cbce1 Author: Francois Marier Date: Sat Feb 26 18:41:37 2022 -0800 Fix incoming connections (patch from #1004295). diff --git a/debian/changelog b/debian/changelog index e8f50ba..4cef3ef 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ pagekite (1.5.2.200603-2.1) unstable; urgency=medium * Non-maintainer upload. * Log messages in /var/log/pagekite/pagekite.log (closes: #910028). + * Fix incoming connections (patch from #1004295). -- Francois Marier Sat, 26 Feb 2022 18:38:24 -0800 diff --git a/pagekite/proto/conns.py b/pagekite/proto/conns.py index 3da9272..2c9fc04 100755 --- a/pagekite/proto/conns.py +++ b/pagekite/proto/conns.py @@ -1975,8 +1975,8 @@ class FastPingHelper(threading.Thread): data = None try: if data: - if '\nHost: ping.pagekite' in data: -client.send(self.rejection) + if b'\nHost: ping.pagekite' in data: +client.send(self.rejection.encode("utf-8")) client.close() self.fast_pinged.append(obfuIp(addr[0])) else: diff --git a/pagekite/proto/selectables.py b/pagekite/proto/selectables.py index 56705f5..ed1967c 100755 --- a/pagekite/proto/selectables.py +++ b/pagekite/proto/selectables.py @@ -344,7 +344,7 @@ class Selectable(object): def EatPeeked(self, eat_bytes=None, keep_peeking=False): if not self.peeking: return if eat_bytes is None: eat_bytes = self.peeked -discard = '' +discard = b'' while len(discard) < eat_bytes: try: bytecount = eat_bytes - len(discard)
Bug#973505: akregator: Feeds no longer update
Package: akregator Version: 4:20.08.2-3 Severity: grave Justification: renders package unusable Since the last upgrade, feed updates no longer work. I see the following error when I start akregator from a terminal: kf.kio.core: couldn't create slave: "klauncher said: Erreur lors du chargement de « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so »." which roughly translates to: Error while loading /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so. I have also seen these errors in my logs, though I'm not 100% sure they are related to akregator: kf.i18n: KCatalog being used without a Q*Application instance. Some translations won't work Il est impossible d'ouvrir la bibliothèque « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/file.so ». Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/file.so: (/lib/x86_64-linux-gnu/libQt5Core.so.5: version `Qt_5.15' not found (required by /lib/x86_64-linux-gnu/libQt5Network.so.5)) Il est impossible d'ouvrir la bibliothèque « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so ». Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so: (/lib/x86_64-linux-gnu/libQt5Core.so.5: version `Qt_5.15' not found (required by /lib/x86_64-linux-gnu/libQt5Network.so.5)) Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages akregator depends on: ii kinit 5.74.0-2 ii kio5.74.0-2 ii libc6 2.31-4 ii libgcc-s1 10.2.0-16 ii libkf5codecs5 5.74.0-2 ii libkf5completion5 5.74.0-2 ii libkf5configcore5 5.74.0-2 ii libkf5configgui5 5.74.0-2 ii libkf5configwidgets5 5.74.0-2 ii libkf5coreaddons5 5.74.0-2 ii libkf5crash5 5.74.0-2 ii libkf5grantleetheme-plugins20.08.2-2 ii libkf5grantleetheme5 [libkf5grantleetheme5-20.08] 20.08.2-2 ii libkf5i18n55.74.0-3 ii libkf5jobwidgets5 5.74.0-2 ii libkf5kcmutils55.74.0-2 ii libkf5kiocore5 5.74.0-2 ii libkf5kiogui5 5.74.0-2 ii libkf5kiowidgets5 5.74.0-2 ii libkf5kontactinterface5 [libkf5kontactinterface5-20.08]20.08.2-2 ii libkf5libkdepim5 [libkf5libkdepim5-20.08] 4:20.08.2-2 ii libkf5messageviewer5abi1 [libkf5messageviewer5-20.08] 4:20.08.2-2 ii libkf5mimetreeparser5abi1 [libkf5mimetreeparser5-20.08]4:20.08.2-2 ii libkf5notifications5 5.74.0-2 ii libkf5notifyconfig55.74.0-2 ii libkf5parts5 5.74.0-2 ii libkf5pimcommon5abi2 [libkf5pimcommon5-20.08] 4:20.08.2-2 ii libkf5pimtextedit5abi2 [libkf5pimtextedit5-20.08] 20.08.2-2 ii libkf5service-bin 5.74.0-2 ii libkf5service5 5.74.0-2 ii libkf5syndication5abi1 1:5.74.0-2 ii libkf5textwidgets5 5.74.0-2 ii libkf5webengineviewer5abi1 [libkf5webengineviewer5-20.08] 4:20.08.2-2 ii libkf5widgetsaddons5 5.74.0-3 ii libkf5xmlgui5 5.74.0-2+b1 ii libkuserfeedbackcore1 1.0.0-3 ii libkuserfeedbackwidgets1 1.0.0-3 ii libqt5core5a 5.15.1+dfsg-2 ii libqt5dbus55.15.1+dfsg-2 ii libqt5gui5 5.15.1+dfsg-2 ii libqt5network5 5.15.1+dfsg-2 ii libqt5printsupport55.15.1+dfsg-2 ii libqt5webenginecore5 5.15.1+dfsg-5 ii libqt5webenginewidgets5
Bug#968048: marked as pending in ax25-tools
Control: tag -1 pending Hello, Bug #968048 in ax25-tools reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian-hamradio-team/ax25-tools/-/commit/2f9878587d604888ddb92e6fb45645ab7db0ff82 Remove duplicate install of files in debian/rules (closes: #968048). (this message was generated automatically) -- Greetings https://bugs.debian.org/968048
Bug#957244: Upstream issue
This upstream issue: https://github.com/mrash/fwknop/issues/305 suggests the following patch: https://github.com/Jakuje/fwknop/commit/a87325b0816a79329cf0b4d4f9ebf247ead117db Francois -- https://fmarier.org/
Bug#960127: Tk::Error: Can't locate object method "resolve_names" via package "App::ClusterSSH::Window"
Package: clusterssh Version: 4.14-1 Severity: grave Justification: renders package unusable It looks like cssh doesn't work anymore on my Debian unstable machine. When I add a host, I see the following on the console: Tk::Error: Can't locate object method "resolve_names" via package "App::ClusterSSH::Window" at /usr/share/perl5/App/ClusterSSH/Window/Tk.pm line 349. App::ClusterSSH::Window::Tk::add_host_by_name at /usr/share/perl5/App/ClusterSSH/Window/Tk.pm line 349 App::ClusterSSH::Window::Tk::key_event at /usr/share/perl5/App/ClusterSSH/Window/Tk.pm line 1613 (command bound to event) and nothing happens. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.6.0-1-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE=fr_CA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages clusterssh depends on: ii libexception-class-perl 1.44-1 ii libtry-tiny-perl0.30-1 ii libx11-protocol-other-perl 31-1 ii libx11-protocol-perl0.56-7 ii openssh-client 1:8.2p1-4 ii perl5.30.0-10 ii perl-tk 1:804.033-2+b4 ii xterm 356-1 clusterssh recommends no packages. clusterssh suggests no packages. -- no debconf information
Bug#759410: Should not install /usr/bin/rm conflicting with /bin/rm (blocks /bin -> /usr/bin)
On 2019-05-28 at 18:26:31, Andreas Beckmann wrote: > safe-rm also breaks a stretch --merged-usr chroot, found while testing > with piuparts stretch->buster upgrades with --merged-usr enabled. > And it seems to be the only package causing outright havoc in such a > scenario. So if I understand correctly, this is only a problem when testing with this tool, right? Because: (1) users can't upgrade their system to a merged-usr one on stretch and (2) the default for new stretch installs was not usr-merged. > While a proper solution is too involved for stable, it should probably > be OK for the preinst to check for merged /usr systems and error out if > installation is attempted in such a case - instead of leaving a broken > system. I'd be happy to see it "fixed" that way in stretch. I don't have a lot of free time at the moment to make the change myself but I would support such a NMU. Francois -- https://fmarier.org/
Bug#924583: razor.cloudmark.com service no longer available?
I tried to re-initialize my razor config and found that there are no available servers anymore: # sudo -u debian-spamd razor-admin -d -register Razor-Log: Computed razorhome from env: /var/lib/spamassassin/.razor Razor-Log: Found razorhome: /var/lib/spamassassin/.razor Razor-Log: No /var/lib/spamassassin/.razor/razor-agent.conf found, skipping. Razor-Log: read_file: 2 items read from /etc/razor/razor-agent.conf mar 15 09:17:27.054097 admin[21405]: [ 2] [bootup] Logging initiated LogDebugLevel=9 to stdout mar 15 09:17:27.054204 admin[21405]: [ 5] computed razorhome=/var/lib/spamassassin/.razor, conf=/etc/razor/razor-agent.conf, ident=/var/lib/spamassassin/.razor/identity mar 15 09:17:27.054234 admin[21405]: [ 2] Razor-Agents v2.84 starting razor-admin -d -register mar 15 09:17:27.054286 admin[21405]: [ 5] Can't read file /var/lib/spamassassin/.razor/servers.discovery.lst: No such file or directory mar 15 09:17:27.054324 admin[21405]: [ 5] Can't read file /var/lib/spamassassin/.razor/servers.nomination.lst: No such file or directory mar 15 09:17:27.054360 admin[21405]: [ 5] Can't read file /var/lib/spamassassin/.razor/servers.catalogue.lst: No such file or directory mar 15 09:17:27.054447 admin[21405]: [ 5] no listfile: /var/lib/spamassassin/.razor/servers.nomination.lst mar 15 09:17:27.054483 admin[21405]: [ 6] no discovery listfile: /var/lib/spamassassin/.razor/servers.discovery.lst mar 15 09:17:27.054516 admin[21405]: [ 8] Checking with Razor Discovery Server discovery.razor.cloudmark.com mar 15 09:17:27.054550 admin[21405]: [ 6] No port specified, using 2703 mar 15 09:17:27.054573 admin[21405]: [ 5] Connecting to discovery.razor.cloudmark.com ... mar 15 09:17:27.183271 admin[21405]: [ 8] Connection established mar 15 09:17:27.183658 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 25 server greeting: sn=C=43861=l=cg mar 15 09:17:27.183907 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12 mar 15 09:17:27.184024 admin[21405]: [ 6] a=g=csl mar 15 09:17:27.257879 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9 mar 15 09:17:27.258087 admin[21405]: [ 6] response to sent.1 err=240 mar 15 09:17:27.258328 admin[21405]: [ 5] Razor Discovery Server discovery.razor.cloudmark.com had no valid csl servers mar 15 09:17:27.258519 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12 mar 15 09:17:27.258634 admin[21405]: [ 6] a=g=nsl mar 15 09:17:27.322748 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9 mar 15 09:17:27.322955 admin[21405]: [ 6] response to sent.2 err=240 mar 15 09:17:27.323186 admin[21405]: [ 5] Razor Discovery Server discovery.razor.cloudmark.com had no valid nsl servers mar 15 09:17:27.323318 admin[21405]: [ 5] Couldn't talk to discovery servers. Will force a bootstrap... mar 15 09:17:27.323632 admin[21405]: [ 6] no discovery listfile: /var/lib/spamassassin/.razor/servers.discovery.lst mar 15 09:17:27.323812 admin[21405]: [ 5] no listfile: /var/lib/spamassassin/.razor/servers.nomination.lst mar 15 09:17:27.323939 admin[21405]: [ 6] no discovery listfile: /var/lib/spamassassin/.razor/servers.discovery.lst mar 15 09:17:27.324065 admin[21405]: [ 8] Checking with Razor Discovery Server discovery.razor.cloudmark.com mar 15 09:17:27.324266 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12 mar 15 09:17:27.324375 admin[21405]: [ 6] a=g=csl mar 15 09:17:27.389030 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9 mar 15 09:17:27.389239 admin[21405]: [ 6] response to sent.3 err=240 mar 15 09:17:27.389501 admin[21405]: [ 5] Razor Discovery Server discovery.razor.cloudmark.com had no valid csl servers mar 15 09:17:27.389690 admin[21405]: [ 4] discovery.razor.cloudmark.com << 12 mar 15 09:17:27.389804 admin[21405]: [ 6] a=g=nsl mar 15 09:17:27.453982 admin[21405]: [ 4] discovery.razor.cloudmark.com >> 9 mar 15 09:17:27.454193 admin[21405]: [ 6] response to sent.4 err=240 mar 15 09:17:27.454477 admin[21405]: [ 5] Razor Discovery Server discovery.razor.cloudmark.com had no valid nsl servers mar 15 09:17:27.454717 admin[21405]: [ 1] razor-admin error: nextserver: Bootstrap discovery failed. Giving up. nextserver: Bootstrap discovery failed. Giving up. Has this service shutdown? Are there alternative servers that can be used? Incidentally, I have noticed a much lower average spam score on the emails I run through SpamAssassin now. It seems like razor had a big impact. Francois -- https://fmarier.org/
Bug#919966: akregator: symbol lookup error: /usr/lib/x86_64-linux-gnu/libKF5NewStuff.so.5: undefined symbol: _ZN7KNSCore6Engine15signalErrorCodeERKNS_9ErrorCodeERK7QStringRK8QVariant
On 2019-01-21 at 15:48:29, Bernhard Übelacker wrote: > this looks like a duplicate of bug: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919765 Indeed. Thanks for that. -- https://fmarier.org/
Bug#919966: akregator: symbol lookup error: /usr/lib/x86_64-linux-gnu/libKF5NewStuff.so.5: undefined symbol: _ZN7KNSCore6Engine15signalErrorCodeERKNS_9ErrorCodeERK7QStringRK8QVariant
Package: akregator Version: 4:18.08.1-1 Severity: grave Justification: renders package unusable akregator doesn't start anymore. It exits with the following error message: akregator: symbol lookup error: /usr/lib/x86_64-linux-gnu/libKF5NewStuff.so.5: undefined symbol: _ZN7KNSCore6Engine15signalErrorCodeERKNS_9ErrorCodeERK7QStringRK8QVariant -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE=fr_CA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages akregator depends on: ii kinit5.54.0-1 ii kio 5.51.0-1 ii libc62.28-5 ii libgcc1 1:8.2.0-14 ii libkf5codecs55.51.0-1 ii libkf5completion55.51.0-1 ii libkf5configcore55.51.0-1 ii libkf5configgui5 5.51.0-1 ii libkf5configwidgets5 5.51.0-1 ii libkf5coreaddons55.51.0-1 ii libkf5crash5 5.51.0-1 ii libkf5grantleetheme-plugins 18.08.1-1 ii libkf5grantleetheme5 18.08.1-1 ii libkf5i18n5 5.51.0-1 ii libkf5iconthemes55.51.0-1 ii libkf5jobwidgets55.51.0-1 ii libkf5kcmutils5 5.51.0-1 ii libkf5kiocore5 5.54.1-1 ii libkf5kiogui55.54.1-1 ii libkf5kiowidgets55.54.1-1 ii libkf5kontactinterface5 18.08.1-1 ii libkf5libkdepim-plugins 4:18.08.1-1 ii libkf5libkdepim5 4:18.08.1-1 ii libkf5messageviewer5abi1 4:18.08.1-1 ii libkf5mimetreeparser5abi14:18.08.1-1 ii libkf5notifications5 5.51.0-1 ii libkf5notifyconfig5 5.54.0-1 ii libkf5parts5 5.54.0-1 ii libkf5pimcommon5abi2 4:18.08.1-1 ii libkf5pimtextedit5abi2 18.08.1-1 ii libkf5service-bin5.51.0-1 ii libkf5service5 5.51.0-1 ii libkf5syndication5abi1 18.08.1-1 ii libkf5textwidgets5 5.51.0-1 ii libkf5webengineviewer5abi1 4:18.08.1-1 ii libkf5widgetsaddons5 5.51.0-1 ii libkf5xmlgui55.51.0-1 ii libqt5core5a 5.11.2+dfsg-7 ii libqt5dbus5 5.11.2+dfsg-7 ii libqt5gui5 5.11.2+dfsg-7 ii libqt5network5 5.11.2+dfsg-7 ii libqt5printsupport5 5.11.2+dfsg-7 ii libqt5webenginewidgets5 5.11.2+dfsg-2+b1 ii libqt5widgets5 5.11.2+dfsg-7 ii libqt5xml5 5.11.2+dfsg-7 ii libstdc++6 8.2.0-14 akregator recommends no packages. akregator suggests no packages. -- no debconf information
Bug#759410: Different approach for safe-rm
I took a look at the details of the diversion that the latest version of dash sets up and it's really quite complicated. It's not clear that I could easily get it right, even copying that code, and the consequences of getting it wrong could be disastrous. So instead I went for an easier approach: install the rm symlink in /usr/share/safe-rm/bin/ and then add that to the front of the PATH in /etc/profile.d/safe-rm.sh. That seems to work both for login shells (on a virtual terminal) and for interactive shells (e.g. gnome-terminal) after logging out and logging back in. The downside is that it may not for shells which are not Bourne-compatible. I believe it works in bash, dash, ksh and zsh, but I could be wrong. I'm happy to accept patches to make it work on other shells of course. Francois -- https://fmarier.org/
Bug#893169: rkhunter won't update definitions: Invalid WEB_CMD
On 2018-03-30 at 12:52:23, Kudrettin Güleryüz wrote: > This message apparently refers to the bug itself. Can you please point to > the bug report that has the details for this issue? Sorry, I meant to point to this bug instead: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765895. Also see https://security-tracker.debian.org/tracker/CVE-2017-7480 for the details of the security bug. Francois -- https://fmarier.org/
Bug#856024: molly-guard: causes failure to update systemd-sysv
On 2017-04-09 at 15:42:46, Francois Marier wrote: > Here's what I thought would trigger the bug: > > 1. installed stretch from scratch in a lxc container (amd64) > 2. apt install molly-guard (0.6.4) > 3. apt install sysvinit-core (which removes systemd-sysv) > 4. apt install systemd-sysv (version 232-22) I also tested an upgrade from jessie to stretch: 1. install jessie from scratch in a lxc container (amd64) 2. apt install molly-guard (0.4.5-1.1) 3. replace "jessie" with "stretch" in /etc/apt/sources.list 4. apt update && apt dist-upgrade and that worked fine too. Francois -- https://fmarier.org/
Bug#856024: molly-guard: causes failure to update systemd-sysv
On 2017-02-24 at 13:02:05, Jonas Smedegaard wrote: > On an ARM system bootstrapped from Stretch yesterday, today failed to > update systemd-sysv: > > Setting up systemd (232-18) ... > addgroup: The group `systemd-journal' already exists as a system group. > Exiting. > (Reading database ... 40888 files and directories currently installed.) > Preparing to unpack .../systemd-sysv_232-18_armhf.deb ... > Unpacking systemd-sysv (232-18) over (232-15) ... > dpkg: error processing archive > /var/cache/apt/archives/systemd-sysv_232-18_armhf.deb (--unpack): > trying to overwrite '/sbin/halt', which is also in package molly-guard 0.6.4 > Errors were encountered while processing: > /var/cache/apt/archives/systemd-sysv_232-18_armhf.deb I still haven't been able to reproduce this problem. Here's what I thought would trigger the bug: 1. installed stretch from scratch in a lxc container (amd64) 2. apt install molly-guard (0.6.4) 3. apt install sysvinit-core (which removes systemd-sysv) 4. apt install systemd-sysv (version 232-22) All of this worked flawlessly. Are you still able to reproduce the original problem? Is there a detail I got wrong? Francois -- https://fmarier.org/
Bug#856024: Processed: Adding a conflict in systemd-sysv
Control: reassign -1 systemd-sysv This looks like a genuine bug in molly-guard, Yes and that's tracked in bug #837928. The present bug is specifically about the interaction between molly-guard and systemd-sysv. so this RC bug should be assigned to molly-guard. Adding a Breaks to systemd-sysv is backwards. If the underlying bug was going to be fixed in time for stretch, then sure, that would be ideal. However, that's not going to happen in time. The breaks/conflict seems like the best option to resolve this issue without removing molly-guard entirely from the release. Francois
Bug#856024: molly-guard: causes failure to update systemd-sysv
On 2017-02-24 at 13:02:05, Jonas Smedegaard wrote: > This seems quite similar to bug#837928. Filing separately as I believe > this (instance of a common) issue is so severe that in my opinion it is > better to release _without_ molly-guard than status quo. Or perhaps a Conflict in systemd-sysv? Francois
Bug#759410: Possible usrmerge-safe diversion
Looking at how dash does the dpkg-divert (as suggested by Josh): https://sources.debian.net/src/dash/0.5.8-2.3/debian/dash.preinst/ It appears that this approach might work for both symlinks and real files because it manually handles the creation of the symlink using "cp -d". Francois -- https://fmarier.org/
Bug#759410: Should not install /usr/bin/rm conflicting with /bin/rm (blocks /bin -> /usr/bin)
On 2016-10-25 at 09:12:30, Sven Joachim wrote: > >> In order to fix this while preserving safe-rm's default of automatic > >> protection on installation, safe-rm will need to divert and replace > >> /bin/rm. This will require quite a bit of care to do safely; see dash's > >> maintainer scripts for a safe procedure. > > Merged /usr is the default since debootstrap 1.0.85, so the package > > is uninstallable on new systems. > > It's worse than that. Because dpkg does not detect the file conflict > between coreutils' /bin/rm and safe-rm's /usr/bin/rm, the package is > installable but wreaks havoc, replacing the rm binary with its symlink. I was hoping to fix 837925 first since molly-guard is already using dpkg-divert instead of bare symlinks but I don't see what's wrong with the way that molly-guard does things, so I don't know what's going to fix it for safe-rm too. Francois -- https://fmarier.org/
Bug#837928: Bug#837925: usrmerge: fails to merge with molly-guard installed
On 2016-11-02 at 03:02:29, Jonas Smedegaard wrote: > I am busy getting that system to production use (yes, stretch is not yet > stable, but more stable than stable on the ARM device I use), but if you > have suggestions for closer inspections that might help shed some light > on this issue, please shoot - fast. I reached out to Marco about this bug but have not heard back. I don't know how dpkg-diverts are supposed to work in a usrmerge world and I can't see anything obviously wrong with the way it's done in molly-guard so I don't have any ideas on how to fix this. Francois -- https://fmarier.org/
Bug#367347: Not fixed?
Hi Rhonda, You reopened 367347 without any comments. Do you mind expanding on why you think it wasn't fixed as part of fixing 592917? Francois
Bug#837928: Bug#837925: usrmerge: fails to merge with molly-guard installed
On 2016-11-01 at 18:48:51, Jonas Smedegaard wrote: > I don't know how to be more exact than how I wrote it initially for this > bugreport. > > Could you perhaps elaborate on what details you are missing? You wrote this: "molly-guard adds wrappers for commands like pm-hibernate and poweroff. The wrappers are added not using dpkg-divert but as symlinks in /sbin, where the wrapped commands reside in /usr/sbin." But the wrappers _are_ added using dpkg-divert: https://anonscm.debian.org/cgit/collab-maint/molly-guard.git/tree/debian/molly-guard.preinst?id=1a3675db6ae1015c4d6e8367c7132c87fb9f3b31#n25 which looks like this on my machine: $ ls -l /sbin/reboot lrwxrwxrwx 1 root root 28 Aug 15 22:16 /sbin/reboot -> /lib/molly-guard/molly-guard So what's wrong with this use of dpkg-divert? Francois -- https://fmarier.org/
Bug#837928: Bug#837925: usrmerge: fails to merge with molly-guard installed
On 2016-10-23 at 18:15:15, Marco d'Itri wrote: > Control: severity -1 grave > > On Sep 15, Marco d'Itriwrote: > > > Looks like molly-guard is still buggy after #660064 and #812535. > > Can it be fixed quickly or should I add an unversioned Conflict? > Merged /usr is the default since debootstrap 1.0.85, so the package > is uninstallable on new systems. The pm-utils diverts were commented out in molly-guard 0.6.3: https://anonscm.debian.org/cgit/collab-maint/molly-guard.git/commit/?id=1a3675db6ae1015c4d6e8367c7132c87fb9f3b31 What exactly is broken when molly-guard is used with usrmerge? Francois -- https://fmarier.org/
Bug#831535: See also
This Ubuntu answer was quite useful and pointed me in the right direction: http://askubuntu.com/questions/617955/problem-with-kde-programs-after-upgrading-to-15-04/617956 Francois -- https://fmarier.org/
Bug#831535: akregator: missing dependencies prevent akregator from fetching feeds
Package: akregator Version: 4:16.04.2-2 Severity: grave Justification: renders package unusable The last update to akregator broke feed fetching with the following error: could not start process cannot talk to klauncher the name org.kde.klauncher5 was not provided by any .service files This can be fixed by installing the "kinit" package, but then you run into this error: could not start process unable to create io-slave klauncher said: unknown protocol 'file' which I was only able to get working by installing the "kio" package and then rebooting. Therefore, I think akregator needs to depend on "kio" and "kinit". Francois -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.6.0-1-grsec-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages akregator depends on: ii libc62.23-1 ii libgcc1 1:6.1.1-9 ii libkf5codecs55.23.0-1 ii libkf5completion55.23.0-1 ii libkf5configcore55.23.0-1 ii libkf5configgui5 5.23.0-1 ii libkf5configwidgets5 5.23.0-1 ii libkf5coreaddons55.23.0-1 ii libkf5grantleetheme-plugins 16.04.2-1 ii libkf5grantleetheme5 16.04.2-1 ii libkf5i18n5 5.23.0-1 ii libkf5iconthemes55.23.0-1 ii libkf5jobwidgets55.23.0-1 ii libkf5kcmutils5 5.23.0-1 ii libkf5kiocore5 5.23.0-1 ii libkf5kiogui55.23.0-1 ii libkf5kiowidgets55.23.0-1 ii libkf5kontactinterface5 16.04.2-1 ii libkf5libkdepim-plugins 4:16.04.2-3 ii libkf5libkdepim5 4:16.04.2-3 ii libkf5messageviewer5 4:16.04.3-1 ii libkf5notifications5 5.23.0-1 ii libkf5notifyconfig5 5.23.0-1 ii libkf5parts5 5.23.0-1 ii libkf5pimcommon-plugins 4:16.04.2-2 ii libkf5pimcommon5 4:16.04.2-2 ii libkf5pimtextedit5 16.04.2-1 ii libkf5service-bin5.23.0-1 ii libkf5service5 5.23.0-1 ii libkf5syndication5 16.04.2-1 ii libkf5textwidgets5 5.23.0-1 ii libkf5webkit55.23.0-1 ii libkf5widgetsaddons5 5.23.0-1 ii libkf5xmlgui55.23.0-1 ii libqt5core5a 5.6.1+dfsg-3 ii libqt5dbus5 5.6.1+dfsg-3 ii libqt5gui5 5.6.1+dfsg-3 ii libqt5network5 5.6.1+dfsg-3 ii libqt5printsupport5 5.6.1+dfsg-3 ii libqt5webkit55.6.1+dfsg-4 ii libqt5widgets5 5.6.1+dfsg-3 ii libqt5xml5 5.6.1+dfsg-3 ii libstdc++6 6.1.1-9 akregator recommends no packages. akregator suggests no packages.
Bug#830275: Test suite
The network access are probably due to the test suite. Francois
Bug#802510: GNOME shell extension not compatible with recent GNOME versions
On 2015-10-20 at 19:38:55, Michael Biebl wrote: > According to > /usr/share/gnome-shell/extensions/workr...@workrave.org/metadata.json > the latest supported version is 3.14, while the current gnome-shell > version in unstable is 3.18. Based on this upstream commit: https://github.com/rcaelers/workrave/commit/f34b518a732566a6a23d3191e4de7ef67cb58755 I suspect that all we need to do is add 3.16 and 3.18 to the list of supported versions. Francois -- http://fmarier.org/
Bug#798069: libhdhomerun1: ABI changes without soname changes
On 2015-09-05 at 08:46:53, Christian Marillat wrote: > hdhomerun_discover_find_devices_custom() function has been renamed to > hdhomerun_discover_find_devices_custom_v2() in 20150826-1 Do you know whether or not hdhomerun_discover_find_devices_custom() is used in MythTV? Upstream claims that it's not used (hence that's why it was removed) so if that's true, I could just re-add a function with the same name which throws an error. Otherwise, I guess I'll have to fork the library and bump the soname... Francois -- http://fmarier.org/
Bug#796599: openssh-client: ssh -G no longer returns illegal option (6.0) or unknown option (6.7)
Package: openssh-client Version: 1:6.9p1-1 Severity: critical Tags: security Justification: root security hole Sorry for the alarmist bug report. Hopefully this is a false positive and it can be reassigned to chkrootkit, but just in case... The ssh -G test [1] for Linux output has changed: on wheezy (openssh 6.0), it was: ssh: illegal option -- G on jessie (openssh 6.7), it was: unknown option -- G and now on 6.9, there's nothing except the normal usage info. Is this a sign of Linux Ebury? Or (hopefully) a genuine change in the output which now invalidates this simple rootkit test? Francois [1] https://lwn.net/Articles/591023/ -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openssh-client depends on: ii adduser 3.113+nmu3 ii dpkg 1.18.2 ii libc6 2.19-19 ii libedit2 3.1-20150325-1 ii libgssapi-krb5-2 1.13.2+dfsg-2 ii libselinux1 2.3-2+b1 ii libssl1.0.0 1.0.2d-1 ii passwd1:4.2-3 ii zlib1g1:1.2.8.dfsg-2+b1 Versions of packages openssh-client recommends: ii xauth 1:1.0.9-1 Versions of packages openssh-client suggests: pn keychain none pn libpam-sshnone pn monkeysphere none ii ssh-askpass 1:1.2.4.1-9 -- Configuration Files: /etc/ssh/ssh_config changed [not included] -- no debconf information -- http://fmarier.org/
Bug#778128: spectools: ftbfs with GCC-5
On 2015-07-15 14:57, Raphael Hertzog wrote: I believe this short term solution is more than enough to get the package back in testing. I agree. That feels like the right approach for now. François, can you review and upload the fixed package or do you want me to upload it? I'm not going to be able to do it for another week or so. Feel free to upload now. Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#774661: closed by Christian Hofstaedtler z...@debian.org (Bug#774661: fixed in ruby-kramdown 1.4.2-2)
On 2015-04-08 at 09:36:16, Debian Bug Tracking System wrote: ruby-kramdown (1.4.2-2) unstable; urgency=medium . * Team upload. * Install missing data files (Closes: #774661) Perhaps if this was broken for everyone, it should be submitted as a stable release update for jessie? Francois -- http://fmarier.org/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#776528: BackendException: ssh connection to user@hostname:22 failed: No authentication methods available
Package: duplicity Version: 0.7.01-1 Severity: grave Justification: renders package unusable After upgrading from duplicity 0.6.24-2 to 0.7.01-1, my backups to an ssh host stopped working. Now, if I try to run any of the duplicity commands, I get the following: BackendException: ssh connection to user@hostname:22 failed: No authentication methods available My ssh config didn't change in the meantime and I have verified that I can still ssh manually to that box. Downgrading to 0.6.24-2 solves the problem. Francois -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages duplicity depends on: ii libc62.19-13 ii librsync10.9.7-10 ii python 2.7.8-2 ii python-lockfile 1:0.8-2 Versions of packages duplicity recommends: ii python-oauthlib 0.6.3-1 ii python-paramiko 1.15.1-1 ii python-urllib3 1.9.1-3 ii rsync3.1.1-2+b1 Versions of packages duplicity suggests: pn lftpnone ii ncftp 2:3.2.5-1.1 ii python-boto 2.34.0-2 pn python-cloudfiles none pn python-gdatanone pn python-swiftclient none pn tahoe-lafs none -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771177: Matt's patch fixes the problem
I can confirm that Matt's patch fixes the problem. Thanks for extracting the relevant bits from upstream! Mehdi, I assume you're ok preparing a 0.39-2 and requesting a freeze exception for jessie? I'm happy to help with anything if it's useful. Francois signature.asc Description: Digital signature
Bug#771177: NMU submitted to the delayed/5 queue
I've taken the liberty to fix this via an NMU in the delayed/5days queue. Feel free to cancel it if you'd prefer to upload your own package. Francois -- Francois Marier identi.ca/fmarier http://fmarier.org twitter.com/fmarier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#770242: Tentative patch
The attached patch fixes installation when /etc/rkhunter.conf is missing. -- Francois Marier identi.ca/fmarier http://fmarier.org twitter.com/fmarier commit f91d229ad51b19d52b979720f8a1edf1e2aea385 Author: Francois Marier franc...@debian.org Date: Sat Nov 29 00:27:20 2014 +1300 Work-around missing /etc/rkhunter.conf in postinst (closes: #770242) diff --git a/debian/postinst b/debian/postinst old mode 100644 new mode 100755 index 7179cff..d93fdd6 --- a/debian/postinst +++ b/debian/postinst @@ -35,7 +35,10 @@ case $1 in # Copy the passwd/group files to the TMP directory # to avoid warnings when rkhunter is first run. # This is normally done by the installer script. -rkhtmpdir=$(grep '^TMPDIR' /etc/rkhunter.conf | sed 's/TMPDIR=//') +rkhtmpdir=/var/lib/rkhunter/tmp +if [ -e /etc/rkhunter.conf ]; then +rkhtmpdir=$(grep '^TMPDIR' /etc/rkhunter.conf | sed 's/TMPDIR=//') +fi [ -f $rkhtmpdir/passwd ] || cp -p /etc/passwd $rkhtmpdir /dev/null 21 [ -f $rkhtmpdir/group ] || cp -p /etc/group $rkhtmpdir /dev/null 21
Bug#770242: Broken postinst script?
This bug looks similar to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765911 which got fixed in 1.4.2-0.3 by removing the /usr/sbin/prelink line from the config file. I've chosen to keep currently-installed version of /etc/rkhunter.conf That's a problem and won't work because the configuration file format has changed between 1.4.0 and 1.4.2. I don't think we necessarily can (or should) fix this. Users should accept the new config file and merge their changes manually. I did not dig deeper but it looks like something is broken in postinst configuration handling... My patch should fix that problem. Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771177: develock-el: breaks c++ mode in sid and jessie
Package: develock-el Version: 0.39-1 Severity: grave Justification: renders package unusable This package completely breaks the standard emacs c++ mode. To reproduce: open the attached .cpp file and try to indent the second line using tab. This was fixed upstream and updating the package to 0.45 fixes this problem. I suggest doing this as soon as possible so that a freeze exception can be requested for jessie. I'm happy to do an NMU for it if you don't have time. Let me know if you need my help. Francois -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages develock-el depends on: ii emacs 46.1 ii emacs24 [emacsen] 24.4+1-4 develock-el recommends no packages. develock-el suggests no packages. -- no debconf information int main() { return 0; }
Bug#766718: Release-critical
While I hesitate to bump the severity of this bug to the highest one, it does break unrelated software (spamassassin). As it stands, several features of SpamAssassin are broken in sid and jessie due to the unusual version number. The SpamAssassin upstream have said that this is not a bug in SA but that it comes from the fact that a pre-release version of Net::DNS was uploaded to Debian. I assume this can be fixed by uploading the next upstream release of Net::DNS? Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#767477: safe-rm: fails to install
On 2014-10-31 at 11:46:21, Holger Levsen wrote: Can't locate Env.pm in @INC (you may need to install the Env module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.20.1 /usr/local/share/perl/5.20.1 /usr/lib/x86_64-linux-gnu/perl5/5.20 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.20 /usr/share/perl/5.20 /usr/local/lib/site_perl) at /usr/bin/rm line 6. Hm, it looks like that Env module isn't even necessary in the first place... I'll do a new upstream release and get this uploaded to Debian too. Francois -- Francois Marier identi.ca/fmarier http://fmarier.org twitter.com/fmarier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#735624: Work-around
I had the same problem and found that the work-around is to add this line to /etc/polipo/config: logFile=/var/log/polipo/polipo.log Francois -- Francois Marier identi.ca/fmarier http://fmarier.org twitter.com/fmarier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#688952: ginkgocadx: Package appears to be non-free
On 2012-10-07 at 00:47:34, Andreas Tille wrote: As far as upstream is concerned there is no issue so unless there are any objections I'm going to lower bug severity to avoid giving release team wrong impression regarding criticality of this bug. I'd consider this as a reasonable action to avoid useless formal work. Francois, as the bug reporter: WOuld you agree to this course of action or do you want us to upload a new package. I agree with lowering the severity. From what I can see in upstream's reply, this is indeed free software. It's just badly labelled. Cheers, Francois -- Francois Marier identi.ca/fmarier http://fmarier.org twitter.com/fmarier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#688952: ginkgocadx: Package appears to be non-free
Package: ginkgocadx Version: 2.12.0.4889-1 Severity: serious Justification: Policy 2.1 The GINKGO_CADX_LICENSE.txt file includes the following text: This software musn't be sold without prior approval of the authors. which seems to violate DFSG#1. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#660320: [email-reminder] Cannot read configuration file
On 2012-02-18 at 10:18:08, Csanyi Pal wrote: See the Warning abowe and the line: Not creating home directory `/var/spool/email-reminder'. which should be mportant to be created, right? If you take a look at your /var/spool/ directory, has the email-reminder sub-directory been created? ls /var/spool/ | grep email-reminder Now when I want to test the configuration, I get Warning again: $ send-reminders --simulate Warning: cannot read configuration file at /etc/email-reminder.conf. Make sure that the user running /usr/bin/send-reminders has read permissions on that configuration file. That's a separate issue, but it also doesn't prevent the reminders from being sent. It simply prevents the send-reminders tool from being used as a regular (non-root) user. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#660320: [email-reminder] Cannot read configuration file
On 2012-02-18 at 17:27:52, Csanyi Pal wrote: It seems that email-reminder works but my exim4 MTA isn't configured properly. Indeed. The first thing you should do to make it work with gmail's SMTP server is to dpkg-reconfigure -plow email-reminder and set the from address to be your gmail address. I don't think that gmail likes invalid addresses like root@localhost. Then you need to enable authentication and potentially SSL. I'm not sure how to do it in Exim, but in Postfix, here's what I've got in my /etc/postfix/main.cf: # smarthost configuration using Gmail over SSL relayhost = smtp.gmail.com:587 smtp_generic_maps = hash:/etc/postfix/generic smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_tls_security_level = fingerprint smtp_tls_mandatory_ciphers = high smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_fingerprint_digest = sha1 smtp_tls_fingerprint_cert_match = F3:92:AE:B4:28:FE:64:03:6F:E1:55:ED:71:9E:5F:F6:88:90:5A:57 and I've got this in my /etc/postfix/sasl_password: smtp.gmail.com yourusern...@gmail.com:yourpassword You can then test your mail server to make sure it sends out emails by using the mail utility on the command line. Once that works, you can try email-reminder again. Cheers, Francois -- Francois Marier identi.ca/fmarier http://fmarier.orgtwitter.com/fmarier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#647079: whatsnewfm: New name and URL for freshmeat.net (parser broken)
The unstable package has been fixed and an updated package has just been submitted for stable. And I just released, that I now have two versions calles 0.7.2-1 -- the first fixed version for unstable and the new minimal fix for stable. Should I change it to something like 0.7.2-1stable? Or is this handled by the distribution field? I ended up changing the stable version number to 0.7.2-0+squeeze1 but the git repo now reflects this (and I've corrected the tags in there too). I did not even change the package description, so it still says freshmeat.net, is that ok? The release managers suggested that we fix that as well, so I've renamed the URL in the package description too. Cheers, Francois signature.asc Description: Digital signature
Bug#640090: last package to depend on libedataserverui 1.2
On 2011-11-12 at 23:36:18, Josselin Mouette wrote: we’d like to remove the old libedataserverui packages in the following days. It looks like sflphone-gnome is the last package to use them, so it would be great if you could fix it now. I was waiting on the 1.0 upstream release which is supposed to be happening very soon. I've pinged upstream about it and will update this bug once I've heard back from them. Cheers, François -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#647079: whatsnewfm: New name and URL for freshmeat.net (parser broken)
Hi Christian, On 2011-11-01 at 13:51:25, Christian Garbs wrote: Official Debian packages are prepared for uploading: (these links time out in 30 days): http://www.cgarbs.de/tmp/whatsnewfm_0.7.2-1.diff.gz http://www.cgarbs.de/tmp/whatsnewfm_0.7.2-1.dsc http://www.cgarbs.de/tmp/whatsnewfm_0.7.2.orig.tar.gz Now I'm looking for somebody to sponsor my upload. I'm happy to sponsor this upload, but I think you might want to fix a few minor things first: 1- in the package description, there is a typo in the new URL: freecode.net - freecode.com 2- Standards-Version should now be 3.9.2 3- you could make the urgency medium to speed up the wheezy transition I would have submitted a pull request for these, but I don't think you have a public packaging repo :) What has to be done to get this update into stable (or volatile)? Currently the package is completely unusuable, waiting for the next stable release is not really an option. For stable (and/or squeze-updates, which is the new name for volatile), what you'd need I think is a package where the only change is the new upstream version (no other changes to the packaging). Then I believe you need to let debian-release know about the package so that they can approve it http://lists.debian.org/debian-release/ before it gets uploaded to a different queue. If you prepare the package, I can take care of this part if you like. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#647079: whatsnewfm: New name and URL for freshmeat.net (parser broken)
Package: whatsnewfm Version: 0.7.1-1 Severity: grave Tags: patch Justification: renders package unusable Freshmeat.net is now known as freecode.com which breaks the parser (it's looking for freshmeat.net URLs in the newsletter). A patch to fix this is available here: https://github.com/mmitch/whatsnewfm/pull/1 Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#634159: Test packages
I haven't had time to test this (I'm travelling at the moment) but I've put together a test package here: http://people.debian.org/~francois/vimperator Cheers, Francois -- Francois Marier identi.ca/fmarier http://feeding.cloud.geek.nz twitter.com/fmarier -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#617789: iceweasel-vimperator: seems incompatible with iceweasel 3.6.16-5
On 2011-03-15 at 21:53:41, Ansgar Burchardt wrote: after somebody asked about this bug on IRC, I pinged the security team to make them aware of this regression. Moritz Muehlenhoff told me these can be pushed as a followup DSA, so please contact the security team once an update for Squeeze is prepared. Having adopted this package just a few days ago, I'm not sure I understand everything here. This bug doesn't appear to be a regression from a security upload of vimperator (unless there is a security update I can't see from the changelog). So I'm guessing it must be the security update to Iceweasel that broke vimperator support. Is that correct? In which case, I guess the simplest fix is to upgrade this extension to 2.3.1 (i.e. new minor upstream version) in squeeze. Looking at the changelog for the last upload to sid, I see only necessary changes and trivial ones: needed: * New upstream release * Use the right upstream license in debian/copyright (2.3.1 has a new license) minor: * Remove versioned dependency on iceweasel * Adopting this package with Pierre's permission. * Move git repo to collab-maint on git.debian.org * Update homepage and download URL * Install the upstream changelog * Add ${misc:depends} dependency (lintian warning) * Remove period in short description (lintian warning) * Use 3.0 (quilt) source format * Bump Standards-Version and debhelper compat So maybe I should put all of that in my proposal a squeeze stable update? Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591206: License updated (flvplayer)
On 2010-11-11 at 16:35:53, Alexander Reichle-Schmehl wrote: If I understand it correctly, it's just a plugin of tinymce in need of that flash player? Then couldn't that plugin be moved to non-free (in a sepperate source package) so that a tinymce cleaned from this plugin could stay in main as well as the other packages? What we've done upstream for Mahara is that we've removed the media player from the tinymce source we bundle with Mahara. I suspect that a number of the other rdeps might be fine with that if they don't use that part of tinymce. Moving tinymce to nonfree would likely cause the mahara package to start using its own flvplayer-free bundled copy again which would be sub-optimal from a security standpoint. Has anybody tried to get tinymce to remove flvplayer upstream? Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591200: [instal...@ftp-master.debian.org: mahara_1.2.6-2_amd64.changes is NEW]
Once mahara 1.2.6-2 makes it out of the NEW queue, I will request a freeze unblock to fix this RC bug. Cheers, Francois ---BeginMessage--- mahara-apache2_1.2.6-2_all.deb to main/m/mahara/mahara-apache2_1.2.6-2_all.deb (new) mahara-mediaplayer_1.2.6-2_all.deb optional contrib/web Electronic portfolio, weblog, and resume builder - internal media player Mahara is a fully featured electronic portfolio, weblog, resume builder and social networking system, connecting users and creating online communities. . Mahara is designed to provide users with the tools to create a personal and professional learning and development environment. . This package includes a flash-based internal media player block. mahara_1.2.6-2.debian.tar.gz to main/m/mahara/mahara_1.2.6-2.debian.tar.gz mahara_1.2.6-2.dsc to main/m/mahara/mahara_1.2.6-2.dsc mahara_1.2.6-2_all.deb to main/m/mahara/mahara_1.2.6-2_all.deb Changes: mahara (1.2.6-2) unstable; urgency=medium . * Move flowplayer.audio to the contrib package as well * Add an allow rule in apache.conf for flowplayer.audio Override entries for your package: mahara-apache2_1.2.6-2_all.deb - optional web mahara_1.2.6-2.dsc - source web mahara_1.2.6-2_all.deb - optional web Announcing to debian-devel-chan...@lists.debian.org Your package contains new components which requires manual editing of the override file. It is ok otherwise, so please be patient. New packages are usually added to the override file about once a week. You may have gotten the distribution wrong. You'll get warnings above if files already exist in other distributions. ---End Message---
Bug#591200: Fix coming
A fix for this bug will be coming soon. The next upstream point release will: - remove the tinymce swf file - use a flash video player with source Once that's available, I'll prepare a new Debian package that will: - use the system's copy of tinymce instead of the bundle one - split the video player into a contrib package Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#592917: Clarification on the license of cowsay cows you wrote
Hi Rhonda, You contributed two cows to cowsay (gnu and suse) some years ago under the BSD license. Can you confirm that this is the BSD license you had in mind: http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5 Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591200: Details on the two swf files included in Mahara
As far as I can see, we are talking about two files: $ find -iname *.swf ./htdocs/artefact/file/blocktype/internalmedia/mediaplayer.swf ./htdocs/js/tinymce/plugins/media/img/flv_player.swf mediaplayer.swf comes from Moodle (also filed as bug #591201) and is licensed under the GPLv2 or later: http://cvs.moodle.org/moodle/filter/mediaplugin/flvplayer.README.txt?view=markup but the source will be available from one of the releases here: http://developer.longtailvideo.com/trac/browser/tags flv_player.swf comes from tinymce and is also filed as bug #591206. What is not clear to me however is the procedure, once we have the source files, for building an swf from a .fla using only free software. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#586061: php-htmlpurifier: new upstream release includes fix for XSS on IE (fix in 4.1.0 wasn't good enough)
Package: php-htmlpurifier Version: 4.1.0+dfsg1-1 Severity: grave Tags: patch The new 4.1.1 upstream release says: HTML Purifier 4.1.1 is a major security and bugfix release that improves on 4.1's fix for an XSS vulnerability exploitable on Internet Explorer. I have attached a patch which is the upstream fix for it (d3abcb90e30592c619047d878cf9c72b7c5836a3) but a simpler fix is just to upgrade to the latest upstream release. Cheers, Francois diff --git a/library/HTMLPurifier/AttrDef.php b/library/HTMLPurifier/AttrDef.php index d32fa62..b2e4f36 100644 --- a/library/HTMLPurifier/AttrDef.php +++ b/library/HTMLPurifier/AttrDef.php @@ -82,6 +82,42 @@ abstract class HTMLPurifier_AttrDef return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); } +/** + * Parses a possibly escaped CSS string and returns the pure + * version of it. + */ +protected function expandCSSEscape($string) { +// flexibly parse it +$ret = ''; +for ($i = 0, $c = strlen($string); $i $c; $i++) { +if ($string[$i] === '\\') { +$i++; +if ($i = $c) { +$ret .= '\\'; +break; +} +if (ctype_xdigit($string[$i])) { +$code = $string[$i]; +for ($a = 1, $i++; $i $c $a 6; $i++, $a++) { +if (!ctype_xdigit($string[$i])) break; +$code .= $string[$i]; +} +// We have to be extremely careful when adding +// new characters, to make sure we're not breaking +// the encoding. +$char = HTMLPurifier_Encoder::unichr(hexdec($code)); +if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; +$ret .= $char; +if ($i $c trim($string[$i]) !== '') $i--; +continue; +} +if ($string[$i] === \n) continue; +} +$ret .= $string[$i]; +} +return $ret; +} + } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/AttrDef/CSS/FontFamily.php b/library/HTMLPurifier/AttrDef/CSS/FontFamily.php index 705ac89..42c2054 100644 --- a/library/HTMLPurifier/AttrDef/CSS/FontFamily.php +++ b/library/HTMLPurifier/AttrDef/CSS/FontFamily.php @@ -34,37 +34,10 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef $quote = $font[0]; if ($font[$length - 1] !== $quote) continue; $font = substr($font, 1, $length - 2); +} -$new_font = ''; -for ($i = 0, $c = strlen($font); $i $c; $i++) { -if ($font[$i] === '\\') { -$i++; -if ($i = $c) { -$new_font .= '\\'; -break; -} -if (ctype_xdigit($font[$i])) { -$code = $font[$i]; -for ($a = 1, $i++; $i $c $a 6; $i++, $a++) { -if (!ctype_xdigit($font[$i])) break; -$code .= $font[$i]; -} -// We have to be extremely careful when adding -// new characters, to make sure we're not breaking -// the encoding. -$char = HTMLPurifier_Encoder::unichr(hexdec($code)); -if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; -$new_font .= $char; -if ($i $c trim($font[$i]) !== '') $i--; -continue; -} -if ($font[$i] === \n) continue; -} -$new_font .= $font[$i]; -} +$font = $this-expandCSSEscape($font); -$font = $new_font; -} // $font is a pure representation of the font name if (ctype_alnum($font) $font !== '') { @@ -73,12 +46,21 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef continue; } -// complicated font, requires quoting +// bugger out on whitespace. form feed (0C) really +// shouldn't show up regardless +$font = str_replace(array(\n, \t, \r, \x0C), ' ', $font); -// armor single quotes and new lines -$font = str_replace(\\, , $font); -$font = str_replace(', \\', $font); -$final .= '$font', ; +// These ugly transforms don't pose a security +// risk (as \\ and \ might). We could try to be clever and +
Bug#580174: rlwrap: FTBFS on armel: R_ARM_CALL relocation against SEC_MERGE section
Package: rlwrap Version: 0.36-2 Severity: serious Tags: help Justification: Policy 5.6.8 rlwrap (since version 0.35-1) no longer builds on armel. Here is the link error: gcc -DDATADIR=\/usr/share\ -g -O2 -o kaboom kaboom.o -lutil -lreadline -lcurses /usr/bin/ld: kaboom.o(.text+0x64): R_ARM_CALL relocation against SEC_MERGE section /usr/bin/ld: final link failed: Nonrepresentable section on output collect2: ld returned 1 exit status see https://buildd.debian.org/fetch.cgi?pkg=rlwraparch=armelver=0.36-2stamp=1272696548file=logas=raw I have no idea what that means or how to fix it, so I am requesting the help of someone who knows more than me about that architecture and that error message. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#575043: workrave: keeps crashing with 'BadWindow (invalid Window parameter)'
I get the same error messages on the console, but workrave doesn't crash for me. Do you get a segfault from it or does it keep going fine? Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559259: ninja: Default config file should not have automatic kills enabled
Package: ninja Version: 0.1.2-5 Severity: critical Justification: breaks unrelated software This is a really easy fix, but I feel like it's quite critical because I forgot that I had ninja installed and all of a sudden random things on my system (sudo, hal, dbus) started breaking without noting anything in the logs. To minimise surprises like these, I would recommend defaulting to: no_kill = yes no_kill_ppid = yes Cheers, Francois -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31.6-grsec (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ninja depends on: ii libc6 2.10.2-2 GNU C Library: Shared libraries ninja recommends no packages. ninja suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#558997: sudo is unusable and closes my terminal as soon as I type a single letter
To avoid people being surprised by ninja breaking things they depend on, I suggest the whitelist should contain at least these: /usr/bin/passwd:users: /bin/su:users: /usr/bin/sudo:users: ('tom' should not be in there and 'admins' is not one of the default Debian groups as far as I know) Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#558997: List of binaries to whitelist
This guy has a bigger list of things that should be whitelisted: http://blog.bodhizazen.net/linux/how-to-ninja/comment-page-1/ /bin/fusermount:users: /usr/bin/passwd:users: /usr/bin/pulseaudio:users: /usr/sbin/hald:haldaemon: /usr/lib/hal/hald-runner:haldaemon: Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#558997: sudo is unusable and closes my terminal as soon as I type a single letter
Package: sudo Version: 1.7.2p1-1 Severity: grave Justification: renders package unusable sudo is no longer working on my box. If I do something like sudo -v or sudo ls, sudo closes as soon as I type the first letter of my password. Furthermore, it closes the terminal in which it was started. Whether it's a gnome-terminal or vt1, the underlying terminal logs out. No segfaults are detected and I don't see any error messages in the logs. I'm not sure how to debug this further... Cheers, Francois -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31.6-grsec (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sudo depends on: ii libc6 2.10.2-2 GNU C Library: Shared libraries ii libpam-modules1.1.0-4Pluggable Authentication Modules f ii libpam0g 1.1.0-4Pluggable Authentication Modules l sudo recommends no packages. sudo suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#525390: Works for me now
The OTR plugin seems to work for me now. Maybe this bug should be closed? Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#531515: ia32-apt-get: breaks dpkg --control (= 1.15.1) and debsums
On 2009-06-03 at 18:15:17, Goswin von Brederlow wrote: Francois, if you want to sponsor the upload: Done. I also took the liberty to bump the Standards-Version to 3.8.1 to fix a lintian warning. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#531104: whatsnewfm: new releases are no longer shown in emails
Package: whatsnewfm Version: 0.7.0-2 Severity: grave Justification: renders package unusable (I was a little bit hesitant to mark this bug as grave, so feel free to bump the severity down if I'm the only one affected by this...) For about a week now, the Freshmeat Newsletter has been empty after running through whatsnewfm.pl. For example, today: This newsletter has been filtered by: whatsnewfm.pl v0.7.0 2009-03-26 It contained 47 releases. 47 releases have been skipped as 'already seen'. 0 releases have been skipped as 'low score'. 0 releases are shown in this mail, while 0 releases have been sent separately as 'hot'. Your 'hot' database has 43 entries. 0 entries from your 'old' database have expired, while 0 items were added. Your 'old' database now has 4656 entries. If I grab the original newsletter and take the project IDs and then: grep projectid ~/.whatsnewfm.db I can see that a few of the project releases should have been shown. So it looks like whatsnewfm.pl currently eats all of the releases but thankfully doesn't add them to the 'old' database. Could this have been caused by a Perl upgrade of some sort in unstable? Cheers, Francois -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.29.4-grsec (SMP w/2 CPU cores; PREEMPT) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages whatsnewfm depends on: ii exim4 4.69-11metapackage to ease Exim MTA (v4) ii exim4-daemon-light [mail-tran 4.69-11lightweight Exim MTA (v4) daemon ii libberkeleydb-perl0.38-1 use Berkeley DB 4 databases from P ii perl 5.10.0-22 Larry Wall's Practical Extraction Versions of packages whatsnewfm recommends: ii procmail 3.22-16Versatile e-mail processor whatsnewfm suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#522116: CVE-2009-1171: File disclosure
On 2009-04-01 at 13:10:52, Moritz Muehlenhoff wrote: [Adding Francois to CC] I agree. Can you please provide updated packages for oldstable-security and stable-security? Yes, I'm on it now. I'm testing Nico's lenny package at the moment, then I'll be pushing out an almost identical package to unstable. Once that's done, I'll port the patch to oldstable. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#520008: Resetting the X r-flag?
On 2009-03-30 at 18:55:12, Francois Marier wrote: Regarding the X repeat flag: how does one go about resetting it to a sane value after a synergy crash? Replying to myself: xset r rate 500 30 Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521133: New upstream version available
Upstream has just released version 0.7.0 which fixes that problem: http://freshmeat.net/projects/whatsnewfm/releases/296825 Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521133: whatsnewfm: Freshmeat has changed the newsletter format
Package: whatsnewfm Version: 0.6.6-1 Severity: grave Tags: patch Justification: renders package unusable As described on the homepage (http://www.cgarbs.de/whatsnewfm.en.html) and on the upstream bug tracker: http://sourceforge.net/tracker/index.php?func=detailaid=2691997group_id=68034atid=519822 Freshmeat has changed the newsletter format, breaking this package. Upstream has a new version in CVS which works with the FM3 newsletter: http://whatsnewfm.cvs.sourceforge.net/viewvc/whatsnewfm/whatsnewfm/whatsnewfm.pl?view=markup Cheers, Francois -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.28.9-grsec (SMP w/2 CPU cores; PREEMPT) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages whatsnewfm depends on: ii exim4 4.69-9 metapackage to ease Exim MTA (v4) ii exim4-daemon-light [mail-tran 4.69-9 lightweight Exim MTA (v4) daemon ii libberkeleydb-perl0.38-1 use Berkeley DB 4 databases from P ii perl 5.10.0-19 Larry Wall's Practical Extraction Versions of packages whatsnewfm recommends: ii procmail 3.22-16Versatile e-mail processor whatsnewfm suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#514141: Patch ready, but needs a mips machine to test on
tags 514141 + help thanks Hi Peter, The compilation problem seems to be due to a broken macro: #define endian_swap16(x) \ ({ \ uint16_t __x = (x); \ ((uint16_t)( \ (uint16_t)(((uint16_t)(__x) (uint16_t)0x00ff) 24) | \ (uint16_t)(((uint16_t)(__x) (uint16_t)0xff00) 8) | \ }) I have attached a patch to this email, but I don't have a mips machine to test it on (casals seems to be down). Could you please confirm that this patch resolves the compilation error? Thanks, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#514141: Missing attachment
... and here is the missing attachment :) Francois diff --git a/wispy_hw_dbx.c b/wispy_hw_dbx.c index c51e6f7..964b89b 100644 --- a/wispy_hw_dbx.c +++ b/wispy_hw_dbx.c @@ -107,7 +107,7 @@ uint16_t __x = (x); \ ((uint16_t)( \ (uint16_t)(((uint16_t)(__x) (uint16_t)0x00ff) 24) | \ -(uint16_t)(((uint16_t)(__x) (uint16_t)0xff00) 8) | \ +(uint16_t)(((uint16_t)(__x) (uint16_t)0xff00) 8) )); \ }) /* Aux tracking struct for wispy1 characteristics */
Bug#508593: Bug already fixed in proposed update
tags 508593 + pending thanks Actually Dan pointed out that we did fix this problem as it was numbered MSA-08-0022 upstream: http://git.debian.org/?p=pkg-moodle/moodle-etch.git;a=blob;f=debian/patches/12_MSA-08-0022.dpatch;h=ab389f93f29b4d0cce24695ac95cf6fbdcc14fdf;hb=88fe23785db92bc3e04a79be5a4c854f1090d31a So once this update is pushed out by the Debian Security Team, this bug can be closed. I have updated the proposed changelog in the git repo. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#508593: Another Moodle security update
Thanks for the notification Raphael. We'll add it to the proposed security update as soon as possible. However, we are still waiting to hear back from the Security Team regarding a big security update we have prepared about a month ago: http://people.debian.org/~francois/moodle-etch/ http://git.debian.org/?p=pkg-moodle/moodle-etch.git Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#507185: Customised third-party code in Moodle
severity 507185 normal thanks Hi Steffen, Thanks for taking the time to find and list all of these third-party libraries. We do want to eliminate these as much as possible (the last upload removed smarty and yui for example [0]) and reduce our time spent fixing security bugs in third-party software. Unfortunately, many of these libraries had to be customised in Moodle. For instance, these ones have documented customisations: - libphp-snoopy [1] - libphp-adodb [2] - libphp-phpmailer [3] - pclzip [4] (which was missing from your list) I believe that this one has also been customised but it's not currently documented: - tinymce I hadn't yet seen this one (thanks for the heads up!), but it's not available in Lenny: - libmarkdown-php Finally, I couldn't find Debian packages for these ones, are they in Debian already? - domxml-php4-to-php5.php - kses Cheers, Francois [0] http://git.debian.org/?p=pkg-moodle/moodle.git;a=blob;f=debian/changelog;hb=lenny [1] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/snoopy/moodle_readme.txt;hb=cvshead [2] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/adodb/readme_moodle.txt;hb=cvshead [3] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/phpmailer/README_MOODLE.txt;hb=cvshead [4] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/pclzip/readme_moodle.txt;hb=cvshead -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#507185: Customised third-party code in Moodle
On 2008-11-29 at 13:01:23, Francois Marier wrote: I hadn't yet seen this one (thanks for the heads up!), but it's not available in Lenny: - libmarkdown-php Actually Moodle is using PHP Markdown Extra, which is a different upstream source package: http://michelf.com/projects/php-markdown/ Cheers, Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496071: Talking to upstream about the licence
Hi Olivier, On 2008-11-07 at 09:23:04, Olivier Berger wrote: It seems that the discussions have been succesfull, as the lib seems to be licensed under LGPL now. You're right, the upstream author has relicensed under the LGPL, so this problem is now resolved. So for the Moodle package, I've upgraded the version of the library and reuploaded to close the equivalent bug (496069). Do you have more details ? Not really, the upstream author always intended to have this file available to other projects, he just wanted to pick the best license for his jurisdiction (France). Cheers, Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#496071: Talking to upstream about the licence
FYI, I am currently following this up with the upstream developer. Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#502905: Not fixed
On 2008-10-22 at 17:43:59, Patrick Wiseman wrote: If the latest docvert, which installed with testing updates this morning, was supposed to have fixed the problem, it didn't. I had exactly the same problem this morning, with the boot process hanging interminably. I had to reboot into single-user mode and move the S20docvert-* processes to K80docvert-*, and booting then proceeded normally. Can you check the exact version of the package you have on your system? dpkg -l docvert* Also, can you attach these files to your response: /etc/init.d/docvert-* Cheers, Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#502905: Not fixed
On 2008-10-22 at 18:47:47, Patrick Wiseman wrote: rc docvert-openoffice 3.4-3 Converts word processor files to HTML using OpenOffice This is the old package, try apt-get remove --purge docvert-openoffice I noticed that you have a /etc/init.d/docvert-openoffice initscript on your system. Does it go away after you purge the docvert-openoffice package? That's an old broken initscript so if you remove it from your system, you should be able to boot without problems. Let me know how that goes though, I want to make sure that it's fixed in Lenny. Cheers, Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#501331: debsums: debconf really necessary?!
On 2008-10-19 at 23:07:46, Sune Vuorela wrote: In case of 2, the intruder is more than normal stupid if he gets caught by this. Yes, but as you are probably aware, there are stupid attackers out there :) This may be useful for checking system integrity later, though it should not be relied on as a security measure. I agree with you on that point: it's NOT a proper/full security solution I think that if you're concerned about security, you should go for something like samhain, integrit, etc. These solutions are much better for that purpose. Where I think I might disagree with you is here: I think that the debsums checks can still be somewhat useful security-wise. Mostly because of the fact that it requires no setup of any kind and is automatically updated. For users who feel that it's too much work and overhead to setup a proper security solution (a la samhain and friends) and to keep it up to date, then the simple no-setup debsums check is better than doing no checks at all. This security check takes some time to run but is highly recommended. I will concede that perhaps I should have omitted the word highly in that sentence. However, given the number of updates that I have requested from the translators in the last few weeks, this change will have to wait. If you'd like to suggest a small blurb that recommends other packages for making the system properly secure, then I'll be happy to add this to the README file to make it obvious what the limitations of debsums are and that there are good protections for those who are willing to put the time in. 1) Don't ask this in debconf It's a medium-level question. 2) don't enable such cron run by default Done (in the upcoming upload). Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#502654: hunspell-fr: French dictionary is not working for locales outside of France
Package: hunspell-fr Version: 1:2.4.0-2 Severity: grave Tags: patch Justification: renders package unusable for some users Hello, The hunspell-fr package as it is only works for the fr_FR locale. This means that French speakers in other locales (fr_BE, fr_CA, fr_CH and fr_LU) cannot use the spellchecker at all in applications like OpenOffice.org, Pidgin or Tomboy. (All words are underlined in red.) I have attached a trivial patch which solves all of these issues and I would like to request a freeze exception with the release team once this fix has made it to unstable. If I can be of any assistance (for example if you prefer that I do an NMU), please let me know. Thanks! Francois P.S. This problem was also discussed in these Ubuntu bug reports: https://bugs.launchpad.net/ubuntu/+source/openoffice.org-dictionaries/+bug/139570 https://bugs.launchpad.net/ubuntu/+source/openoffice.org-dictionaries/+bug/278943 -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages hunspell-fr depends on: ii dictionaries-common [openoffi 0.98.12Common utilities for spelling dict hunspell-fr recommends no packages. Versions of packages hunspell-fr suggests: pn hunspell none (no description available) ii openoffice.org-core [openoffi 1:2.4.1-11 OpenOffice.org office suite archit -- no debconf information diff -u openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo --- openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo +++ openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.dictlistinfo @@ -1,0 +2,4 @@ +DICT fr BE fr_FR +DICT fr CA fr_FR +DICT fr CH fr_FR +DICT fr LU fr_FR --- openoffice.org-dictionaries-2.4.0~m240.orig/debian/hunspell-fr.links +++ openoffice.org-dictionaries-2.4.0~m240/debian/hunspell-fr.links @@ -0,0 +1,8 @@ +/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_BE.aff +/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_BE.dic +/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_CA.aff +/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_CA.dic +/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_CH.aff +/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_CH.dic +/usr/share/myspell/dicts/fr_FR.aff /usr/share/myspell/dicts/fr_LU.aff +/usr/share/myspell/dicts/fr_FR.dic /usr/share/myspell/dicts/fr_LU.dic
Bug#497393: missing DBus-glib.xml?
On 2008-09-02 at 21:23:03, Andreas Putzo wrote: I don't know why it works on your system but the tarball does not include workrave-1.9.0/common/bin/DBus-glib.xml and it seems not to be auto generated. This file, however, can be found in upstream vcs [1]. I added the file and workrave compiled fine with that. Actually, that file doesn't exist in my build tree: http://git.debian.org/?p=collab-maint/workrave.git;a=tree;f=common/bin;hb=master and it does look like it's auto-generated by common/bin/dbusgen.py: if options.language: if options.language == 'C': header_ext=.h elif options.language == 'C++': if options.client: templates.append(directory+/DBus-client-template.cc) templates.append(directory+/DBus-client-template.hh) if options.server: templates.append(directory+/DBus-template.cc) templates.append(directory+/DBus-template.hh) header_ext=.hh elif options.language == 'dbus-glib': templates.append(directory+/DBus-glib.xml) header_ext=.xml Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#491704: Making sure that K3b is included in the next Debian release
severity 491704 important thanks Hi Gianluca Francesco, I think that it would be preferable for the time being to reduce slightly the severity of the K3b bug you reported. Otherwise, it may prevent K3b from being part of Lenny. I haven't been able to reproduce your problem on my machine so I'm not 100% sure whether or not K3b is the underlying cause of the problem. If other people report the same issue, we can always change the severity back to what it was. Thanks for taking the time to report this problem and feel free to let me know if you disagree with this reasoning. Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#489690: Opting out on installation of safe-rm breaks install process
Hi Chris, If there is no otherway to work around the possible bad behaviour please at least tell your users what to do, as I assume this package attracts rather inexperienced users due to the nature of the task. If I understand you correctly, you'd like to see a clearer debconf message. What do you think it should say instead of the current one? Cheers, Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#489690: closed by Francois Marier [EMAIL PROTECTED] (Bug#489690: fixed in safe-rm 0.2-4)
On 2008-07-08 at 20:47:36, Sven Joachim wrote: In mass-upgrades, the time window between unpacking and configuring a package is potentially very large, several minutes are not unusual. Very true. This could be done via a debconf question like the one kernel-package creates for linux-image packages (they warn to overwrite a running kernel). I have just made a new upload with a debconf question. Thanks for the suggestion! Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421864: closed by Francois Marier [EMAIL PROTECTED] (Bug#457828: fixed in chkrootkit 0.48-2)
On 2008-04-23 at 10:27:03, Chris Withers wrote: Cool. Can you update the ticket and let me know when you have? I have just made an upload to the stable distribution. It will be considered for inclusion in the next stable point release. Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]