Bug#1039064: binutils-msp430: file conflict with binutils-x86-64-linux-gnu
Package: binutils-msp430 Version: 2.24~ti2 Severity: serious Justification: Policy 7.6.1 libdeb.so is both in binutils-x86-64-linux-gnu and binutils-msp430 in the same location. This was not the case in ~ti1, where libdeb.so was in /usr/lib/bfd-plugins/libdep.so. Thus the upgrade fails: Preparing to unpack .../binutils-msp430_2.24~ti2_amd64.deb ... Unpacking binutils-msp430 (2.24~ti2) over (2.24~ti1) ... dpkg: error processing archive /var/cache/apt/archives/binutils-msp430_2.24~ti2_amd64.deb (--unpack): trying to overwrite '/usr/lib/x86_64-linux-gnu/bfd-plugins/libdep.so', which is also in package binutils-x86-64-linux-gnu 2.40.50.20230622-1 Errors were encountered while processing: /var/cache/apt/archives/binutils-msp430_2.24~ti2_amd64.deb -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.4.0-rc7 (SMP w/4 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: sysvinit (via /sbin/init) Versions of packages binutils-msp430 depends on: ii libc6 2.36-9 ii libzstd1 1.5.5+dfsg2-1 ii msp430mcu 20120406-2.3 binutils-msp430 recommends no packages. binutils-msp430 suggests no packages. -- no debconf information
Bug#1019713: gargoyle-free: trying to overwrite .../application-x-tads.png, which is also in package qtads
Package: gargoyle-free Version: 2022.1-1 Severity: serious Justification: Policy 7.6.1 Unpacking gargoyle-free (2022.1-1) over (2019.1.1-2) ... dpkg: error processing archive /var/cache/apt/archives/gargoyle-free_2022.1-1_amd64.deb (--unpack): trying to overwrite '/usr/share/icons/hicolor/32x32/mimetypes/application-x-tads.png', which is also in package qtads 2.1.7-0.1+b1 Errors were encountered while processing: /var/cache/apt/archives/gargoyle-free_2022.1-1_amd64.deb Both packages (qtads and the new gargoyle-free) provide the icon for .tads files, so you probably need to set up alternatives. dpkg-divert would only work until a 3rd package also tries to provide that icon. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (800, 'unstable') merged-usr: no Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-rc5-pinguin20220912 (SMP w/2 CPU threads) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages gargoyle-free depends on: ii fonts-go 0~20170330-1 ii fonts-liberation 1:1.07.4-11 ii fonts-linuxlibertine 5.3.0-6 ii fonts-noto-core 20201225-1 ii libc6 2.34-8 ii libfontconfig12.13.1-4.4 ii libfreetype6 2.12.1+dfsg-3 ii libgcc-s1 12.2.0-2 ii libglib2.0-0 2.73.3-3 ii libgtk2.0-0 2.24.33-2 ii libjpeg62-turbo 1:2.1.2-1 ii libpng16-16 1.6.37-5 ii libsdl-mixer1.2 1.2.12-17+b1 ii libsdl-sound1.2 1.0.3-9+b1 ii libsdl1.2debian 1.2.15+dfsg2-8 ii libstdc++612.2.0-2 ii zlib1g1:1.2.11.dfsg-4.1 gargoyle-free recommends no packages. gargoyle-free suggests no packages. -- no debconf information
Bug#1017007: manpages-de: trying to overwrite .../ethers.5.gz, which is also in package net-tools
Package: manpages-de Version: 4.14.0-4 Severity: serious Tags: l10n Justification: Policy 7.6.1 Unpacking manpages-de (4.15.0-3) over (4.14.0-4) ... dpkg: error processing archive /var/cache/apt/archives/manpages-de_4.15.0-3_all.deb (--unpack): trying to overwrite '/usr/share/man/de/man5/ethers.5.gz', which is also in package net-tools 1.60+git20181103.0eebece-1 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Errors were encountered while processing: /var/cache/apt/archives/manpages-de_4.15.0-3_all.deb -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (800, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.0-pinguin20220731 (SMP w/2 CPU threads) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) manpages-de depends on no packages. manpages-de recommends no packages. Versions of packages manpages-de suggests: it man-db [man-browser] 2.10.2-1 ii manpages 5.13-1 -- no debconf information
Bug#990906: Xarchiver Debian bug 990906
Hi, I believe that the bug you reported is fixed in the current master of xarchiver: https://github.com/ib/xarchiver/commit/949854e9a74489d8d977aac7a8428ecadd526ff1 Regards, Ingo
Bug#930337: linux-image-4.19.0-5-amd64: mount fails when deprecated 'nobarrier' option is used in fstab
Package: src:linux Version: 4.19.37-3 Severity: critical Justification: breaks the whole system Hi! Just upgraded from stretch to buster to test the whole upgrade thing. In stretch I was using "nobarrier" option to mount my XFS filesystems. As described in https://patchwork.kernel.org/patch/10487561/ (first hit on Google search for "xfs nobarrier deprecated") this option no longer exists in linux-image 4.19, thus failing the mount of those filesystems that have a nobarrier option set. If this option is being set on / it might render the system unusable, especially for not-so-experienced users. Even when not used on rootfs but only on other filesystems such /home, /var or whatever, you'll get dropped to maintenance shell during boot. >From my limited point of view it should be safe to remove that option from >/etc/fstab during upgrade automatically, but I can understand when you decide >to refrain from doing so, of course. But at least you should issue a clear and >prominent warning to the user during upgrade when there is a filesystem with >nobarrier option in /etc/fstab. Ingo -- Package-specific info: ** Version: Linux version 4.19.0-5-amd64 (debian-ker...@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-7)) #1 SMP Debian 4.19.37-3 (2019-05-15) ** Command line: BOOT_IMAGE=/vmlinuz-4.19.0-5-amd64 root=/dev/mapper/vg-sys ro matroxfb:mode=1024x768 cgroup_enable=memory swapaccount=1 matroxfb:mode=1024x768 ** Not tainted ** Kernel log: [ 59.600616] Console: switching to colour dummy device 80x25 [ 59.607426] [TTM] Zone kernel: Available graphics memory: 12328272 kiB [ 59.607427] [TTM] Zone dma32: Available graphics memory: 2097152 kiB [ 59.607428] [TTM] Initializing pool allocator [ 59.607432] [TTM] Initializing DMA pool allocator [ 59.618815] IPMI System Interface driver. [ 59.618831] ipmi_si dmi-ipmi-si.0: ipmi_platform: probing via SMBIOS [ 59.618832] ipmi_si: SMBIOS: io 0xca2 regsize 1 spacing 1 irq 0 [ 59.618833] ipmi_si: Adding SMBIOS-specified kcs state machine [ 59.618850] ipmi_si IPI0001:00: ipmi_platform: probing via ACPI [ 59.618868] ipmi_si IPI0001:00: [io 0x0ca2] regsize 1 spacing 1 irq 0 [ 59.618869] ipmi_si dmi-ipmi-si.0: Removing SMBIOS-specified kcs state machine in favor of ACPI [ 59.618869] ipmi_si: Adding ACPI-specified kcs state machine [ 59.618910] ipmi_si: Trying ACPI-specified kcs state machine at i/o address 0xca2, slave address 0x0, irq 0 [ 59.635575] fbcon: mgadrmfb (fb0) is primary device [ 59.635631] Console: switching to colour frame buffer device 128x48 [ 59.894060] ipmi_si IPI0001:00: The BMC does not support clearing the recv irq bit, compensating, but the BMC needs to be fixed. [ 59.943695] ipmi_si IPI0001:00: Found new BMC (man_id: 0x002a7c, prod_id: 0x0631, dev_id: 0x20) [ 59.996027] ipmi_si IPI0001:00: IPMI kcs interface initialized [ 60.016048] IPMI SSIF Interface driver [ 60.080153] mgag200 :09:03.0: fb0: mgadrmfb frame buffer device [ 60.106126] [drm] Initialized mgag200 1.0.0 20110418 for :09:03.0 on minor 0 [ 60.127799] intel_rapl: Found RAPL domain package [ 60.127801] intel_rapl: Found RAPL domain core [ 60.127804] intel_rapl: RAPL package 0 domain package locked by BIOS [ 60.648856] XFS (dm-1): Mounting V4 Filesystem [ 60.757000] XFS (dm-13): Mounting V5 Filesystem [ 60.827464] XFS (dm-2): Mounting V5 Filesystem [ 60.942871] XFS (dm-4): Mounting V5 Filesystem [ 61.226243] XFS (dm-9): Mounting V4 Filesystem [ 61.242370] XFS (dm-7): Mounting V5 Filesystem [ 61.748476] XFS (dm-6): Mounting V5 Filesystem [ 61.761966] XFS (dm-15): Mounting V5 Filesystem [ 61.849682] EXT4-fs (md0): mounting ext3 file system using the ext4 subsystem [ 61.871454] XFS (dm-2): Ending clean mount [ 61.903329] XFS (dm-11): Mounting V4 Filesystem [ 61.937097] XFS (dm-4): Ending clean mount [ 61.999635] XFS (dm-16): Mounting V5 Filesystem [ 62.133219] XFS (dm-7): Ending clean mount [ 62.136097] EXT4-fs (md0): mounted filesystem with ordered data mode. Opts: (null) [ 62.185194] XFS (dm-13): Ending clean mount [ 62.277427] XFS (dm-1): Ending clean mount [ 62.467263] XFS (dm-14): Mounting V5 Filesystem [ 62.557575] XFS (dm-15): Ending clean mount [ 62.577938] XFS (dm-6): Ending clean mount [ 62.616781] XFS (dm-9): Ending clean mount [ 63.004229] XFS (dm-16): Ending clean mount [ 63.198045] XFS (dm-14): Ending clean mount [ 63.401731] XFS (dm-11): Ending clean mount [ 63.548116] XFS (dm-3): Mounting V4 Filesystem [ 63.578569] systemd-journald[613]: Received request to flush runtime journal from PID 1 [ 63.933853] XFS (dm-3): Ending clean mount [ 65.087518] tun: Universal TUN/TAP device driver, 1.6 [ 65.372559] Process accounting resumed [ 66.151406] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. [ 66.187959] br0:
Bug#919031: libmono-system4.0-cil: not installable on amd64
On Fri, Jan 11, 2019 at 09:52:46PM -0500, Jo Shields wrote: > Maybe a typo in debian/rules? I do my builds in a chroot, this kind of thing > shouldn't happen I just tried rebuilding mono 5.16.0.220+dfsg3-1 in a clean chroot, and the dependencies look good: Package: libmono-system4.0-cil Source: mono Version: 5.16.0.220+dfsg3-1 Architecture: all Maintainer: Debian Mono Group Installed-Size: 3101 Depends: libc6 (>= 2.28) | libc6.1 (>= 2.28) | libc0.1 (>= 2.28), libmono-corlib4.5-cil (>= 5.16.0.220), libmono-security4.0-cil (>= 4.6.1.3), libmono-system-configuration4.0-cil (>= 4.0.0~alpha1), libmono-system-xml4.0-cil (>= 4.6.1.3), mono-runtime (>= 5.16.0.220), mono-runtime (<< 5.16.0.221) Recommends: ca-certificates-mono (= 5.16.0.220+dfsg3-1) Suggests: libasound2 (>> 1.0.18), libgamin0 Section: cli-mono Priority: optional Homepage: http://www.mono-project.com/ Description: Mono System libraries (for CLI 4.0) Mono is a platform for running and developing applications based on the ECMA/ISO Standards. Mono is an open source effort led by Xamarin. Mono provides a complete CLR (Common Language Runtime) including compiler and runtime, which can produce and execute CIL (Common Intermediate Language) bytecode (aka assemblies), and a class library. . This package contains the BCL (Base Class Libraries) of Mono for CLI 4.0. I'll keep the buildroot around till this bug can be closed, just query me if you want additional information about it. Ingo -- ╭─╮ Kennedy's Lemma: ╭│───╮ If you can parse Perl, you can solve the Halting Problem. │╰─│─╯ ╰──╯ http://www.perlmonks.org/?node_id=663393
Bug#915582: Acknowledgement (Installs non-free binaries from cisco and google again)
After setting the options in my previous mail to false i found
firefox still was downloading binaries of libgmpopenh264.so and
libwidevinecdm.so.
I looked into the firefox sources (64.0~b12-2), and the installation
seems to be done by
toolkit/mozapps/extensions/internal/ProductAddonChecker.jsm by
ProductAddonChecker.getProductAddonList(). There is a config option
GMPPrefs.KEY_UPDATE_ENABLED to disable this, which is defined in
toolkit/modules/GMPUtils.jsm line 118. Setting this to false seems to
disable the binary blob downloads.
So in /etc/firefox/firefox.js (debian/browser.js.in in the source), the
option
pref("media.gmp-gmpopenh264.enabled", false);
should be changed to
pref("media.gmp-manager.updateEnabled", false);
Users needing to enable the EME and OpenH264 binaries can still change
this option in about:config.
Ingo
--
╭─╮ Kennedy's Lemma:
╭│───╮ If you can parse Perl, you can solve the Halting Problem.
│╰─│─╯
╰──╯ http://www.perlmonks.org/?node_id=663393
Bug#915582: Installs non-free binaries from cisco and google again
Package: firefox
Version: 62.0.3-1
Severity: serious
Justification: Policy §2.2.1
Mozilla changed the config options for the openh264 codec. The option
listed in /etc/firefox/firefox.fs (media.gmp-gmpopenh264.enabled) seems
to be no longer in use, instead about:config now lists the options
media.gmp-provider.enabled
media.gmp.decoder.enabled
media.gmp-widevinecdm.enabled
media.gmp.trial-create.enabled
And in addition to libgmpopenh264.so it also downloads and installs into
~/.mozilla a libwidevinecdm.so binary. Its license (contained in the
zip-archive from which it gets installed) reads
> "Google Inc. and its affiliates ("Google") own all legal right, title and
> interest in and to the content decryption module software ("Software") and
> related documentation, including any intellectual property rights in the
> Software. You may not use, modify, sell, or otherwise distribute the Software
> without a separate license agreement with Google. The Software is not open
> source software.
>
> If you are interested in licensing the Software, please contact
> widev...@google.com.
Cf. bug #769716 i believe these automated downloads should be disabled by
default in debian packages.
Thx
-- Package-specific info:
-- Addons package information
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (800, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.4-echse20181124 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages firefox depends on:
ii debianutils 4.8.6
ii fontconfig2.13.1-2
ii libasound21.1.7-1+b1
ii libatk1.0-0 2.30.0-1
ii libc6 2.28-1
ii libcairo-gobject2 1.16.0-1
ii libcairo2 1.16.0-1
ii libdbus-1-3 1.12.10-1
ii libdbus-glib-1-2 0.110-3
ii libevent-2.1-62.1.8-stable-4
ii libffi6 3.2.1-9
ii libfontconfig12.13.1-2
ii libfreetype6 2.9.1-3
ii libgcc1 1:8.2.0-10
ii libgdk-pixbuf2.0-02.38.0+dfsg-6
ii libglib2.0-0 2.58.1-2
ii libgtk-3-03.24.1-2
ii libjsoncpp1 1.7.4-3
ii libnspr4 2:4.20-1
ii libnss3 2:3.40-1
ii libpango-1.0-01.42.4-4
ii libsqlite3-0 3.26.0-1
ii libstartup-notification0 0.12-5
ii libstdc++68.2.0-10
ii libvpx5 1.7.0-3
ii libx11-6 2:1.6.7-1
ii libx11-xcb1 2:1.6.7-1
ii libxcb-shm0 1.13.1-1
ii libxcb1 1.13.1-1
ii libxcomposite11:0.4.4-2
ii libxdamage1 1:1.1.4-3
ii libxext6 2:1.3.3-1+b2
ii libxfixes31:5.0.3-1
ii libxrender1 1:0.9.10-1
ii libxt61:1.1.5-1
ii procps2:3.3.15-2
ii zlib1g1:1.2.11.dfsg-1
Versions of packages firefox recommends:
ii libavcodec58 7:4.0.3-1
Versions of packages firefox suggests:
ii fonts-lmodern 2.004.5-5
ii fonts-stix [otf-stix] 1.1.1-4
ii libcanberra0 0.30-6
ii libgssapi-krb5-2 1.16.1-1
ii libgtk2.0-02.24.32-3
ii pulseaudio 12.2-2
-- no debconf information
-- debsums errors found:
debsums: package firefox is not installed
Bug#879458: inputlirc sends all keys as unknown keycodes (KEYCODE_xxx) instead of proper name to lirc socket.
Package: inputlirc Version: 23-2+b2 Severity: grave Tags: patch Justification: renders package unusable Patch to fix: --- Makefile.old 2017-10-21 19:59:32.0 +0200 +++ Makefile 2017-10-21 19:34:22.0 +0200 @@ -30 +30 @@ -names.h: /usr/include/linux/input.h gennames +names.h: /usr/include/linux/input-event-codes.h gennames -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates') Architecture: i386 (i686) Kernel: Linux 4.9.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de:en_GB (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages inputlirc depends on: ii libc6 2.24-11+deb9u1 inputlirc recommends no packages. Versions of packages inputlirc suggests: ii input-utils 1.0-1.1+b1 pn lirc
Bug#848881: [gpart] Floating point exception when scanning
Package: gpart
Version: 1:0.3-3
Severity: grave
--- Please enter the report below this line. ---
Hi!
When trying to examine a volume on LVM, I get a floating point exception
quite instantly:
# strace -f gpart -f /dev/lv/Elite3
execve("/usr/sbin/gpart", ["gpart", "-f", "/dev/lv/Elite3"], [/* 59 vars
*/]) = 0
brk(NULL) = 0x5564d0c19000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x7f959d326000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=238540, ...}) = 0
mmap(NULL, 238540, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f959d2eb000
close(3)= 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3,
"\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\3\2\0\0\0\0\0"...,
832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1685264, ...}) = 0
mmap(NULL, 3791264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x7f959cd69000
mprotect(0x7f959cefe000, 2093056, PROT_NONE) = 0
mmap(0x7f959d0fd000, 24576, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x194000) = 0x7f959d0fd000
mmap(0x7f959d103000, 14752, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f959d103000
close(3)= 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f959d2e9000
arch_prctl(ARCH_SET_FS, 0x7f959d2e9700) = 0
mprotect(0x7f959d0fd000, 16384, PROT_READ) = 0
mprotect(0x5564d0783000, 4096, PROT_READ) = 0
mprotect(0x7f959d329000, 4096, PROT_READ) = 0
munmap(0x7f959d2eb000, 238540) = 0
brk(NULL) = 0x5564d0c19000
brk(0x5564d0c3a000) = 0x5564d0c3a000
sync() = 0
open("/dev/lv/Elite3", O_RDONLY)= 3
lseek(3, 0, SEEK_SET) = 0
read(3,
"\16\32R\275\217x\235v\376\377#\0\6/\0\177\377\377DDDE\35\360IHII\33\364GH"...,
512) = 512
lseek(3, 0, SEEK_SET) = 0
read(3,
"\16\32R\275\217x\235v\376\377#\0\6/\0\177\377\377DDDE\35\360IHII\33\364GH"...,
512) = 512
stat("/dev/lv/Elite3", {st_mode=S_IFBLK|0660, st_rdev=makedev(253, 16),
...}) = 0
ioctl(3, HDIO_GETGEO, {heads=0, sectors=0, cylinders=0, start=0}) = 0
ioctl(3, BLKGETSIZE, [8388608]) = 0
--- SIGFPE {si_signo=SIGFPE, si_code=FPE_INTDIV, si_addr=0x5564d057d5f0}
---
+++ killed by SIGFPE +++
Gleitkomma-Ausnahme
--- System information. ---
Architecture: Kernel: Linux 4.8.0-2-amd64
Debian Release: stretch/sid
500 unstablewww.deb-multimedia.org 500 unstable
ftp.de.debian.org 500 unstabledownload.jitsi.org
--- Package information. ---
Depends (Version) | Installed
==-+-===
libc6 (>= 2.4) |
Package's Recommends field is empty.
Package's Suggests field is empty.
--
Ciao...// Fon: 0381-2744150
Ingo \X/ http://blog.windfluechter.net
Please don't share this address with Facebook or Google!
gpg pubkey: http://www.juergensmann.de/ij_public_key.asc
Bug#838897: jitsi: Replace the glassfish dependencies
On Mon, 26 Sep 2016 10:43:42 +0200 Emmanuel Bourg <ebo...@apache.org> wrote: > jitsi still depends on glassfish-activation and glassfish-mail which are going > to be removed. glassfish-activation can be safely removed (the API has been > integrated to the standard JDK) and glassfish-mail should be replaced by libmail-java. I'm not sure where these dependencies would come from. javax.activation is nowhere to be found in the source code, and Jitsi doesn't send mails either. Anyway if the Jitsi package poses a problem, please remove it from Debian. It is unusable anyway as libjitsi is missing. Once I manage to get version 2.10 out, I'll try to continue packaging dependencies so it can come back to Debian in a clean fashion. > Thank you, > Emmanuel Bourg Ingo
Bug#831228: closed by Bart Martens <ba...@debian.org> (flashplugin-nonfree: update-flashplugin-nonfree references wrong version)
An alternative solution is to apply the patch locally: 1. get the patch from https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=831228;filename=flash.patch;msg=15 2. Copy it into the directory /var/cache/flashplugin-nonfree/ 3. change to that directory and apply the patch by executing: "patch get-upstream-version.pl flash.patch"
Bug#788546: nfs4 mount.nfs does not respect option "user" in fstab in Jessie
Am 01.08.2016 um 15:33 schrieb Andreas Henriksson: > Hello again Ingo. > > On Mon, Jul 25, 2016 at 10:13:29AM +0200, Ingo wrote: >> Am 24.07.2016 um 22:07 schrieb Andreas Henriksson: >>> >>> Are you sure this is the correct syntax? I would expect that you >>> should specify the mountpoint (target directory) rather than the >>> source of the mount. eg. mount /home/ingo/leo.Bilder >>> Do using that still give you the same problem? >> >> Great, at least that works as expected if target directory is used. >> >> But "man mount" explicitely states: > [...] > > You're right, the manpage explicitly says in multiple places > that what you're doing should work... I'm still thinking ... ... to adjust the manpages? > using the mountpoint is always preferrable/recommended though. ;) > > I got a chance to discuss this with upstream and I'll try to summarize > some of the useful information here for the record (and as a personal > reminder for the future): > > > Despite knowing where we stumble, it's not easy to come up with a solution > that suites both the people who wants to avoid path disclosure and your > usecase. Given you now know about using the mountpoint (which also > upstream said is really the way to go when specifying mounts, rather > than the source) would you agree that this isn't strictly Release Critical > severity anymore? I do agree! Thanks to your explanation I understand the background and will change my habits. > > Hopefully everything works as you expect it to when you mount as non-root > using "mount /mountpoint" or did you see any additional problems with that? No further problems here with NFSv4 mounts, I won't forget what I have learned with this bug. Regards, Ingo
Bug#788546: nfs4 mount.nfs does not respect option "user" in fstab in Jessie
Some additional Information which probably helps to find the root cause: The very same beheaviour (as in Jessie) is still shown in Stretch. I already tried to assign that bug to package "mount", but this was not accepted. The corresponding bug report demonstrates some more possibilities of "how you can workaroung" this faulty beheaviour. See here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788547#12
Bug#788546: nfs4 mount.nfs does not respect option "user" in fstab in Jessie
Am 24.07.2016 um 22:07 schrieb Andreas Henriksson:
>
> Are you sure this is the correct syntax? I would expect that you
> should specify the mountpoint (target directory) rather than the
> source of the mount. eg. mount /home/ingo/leo.Bilder
> Do using that still give you the same problem?
Great, at least that works as expected if target directory is used.
But "man mount" explicitely states:
"When mounting a filesystem mentioned in fstab or mtab, it suffices to
give only the device, or only the mount point."
Moreover my syntax (using the device/source has worked flawlewssly since
I am using Linux. In Debian I use it since Lenny! And it works if the
command is issued as 'root'.
>
> Might also be useful to have a log of what strace tells you about
> running the command.
For completenes here the stace output:
~$ strace -Ff -tt mount leo:/Bilder 2>&1 | tee strace-mount.log
09:54:06.486801 execve("/bin/mount", ["mount", "leo:/Bilder"], [/* 36
vars */]) = 0
09:54:06.487198 brk(0) = 0x1295000
09:54:06.487350 fcntl(0, F_GETFD) = 0
09:54:06.487410 fcntl(1, F_GETFD) = 0
09:54:06.487438 fcntl(2, F_GETFD) = 0
09:54:06.487465 access("/etc/suid-debug", F_OK) = -1 ENOENT (No such
file or directory)
09:54:06.487533 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such
file or directory)
09:54:06.487571 mmap(NULL, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4315787000
09:54:06.487629 access("/etc/ld.so.preload", R_OK) = 0
09:54:06.487704 open("/etc/ld.so.preload", O_RDONLY|O_CLOEXEC) = 3
09:54:06.487742 fstat(3, {st_mode=S_IFREG|0644, st_size=28, ...}) = 0
09:54:06.48 mmap(NULL, 28, PROT_READ|PROT_WRITE, MAP_PRIVATE, 3, 0)
= 0x7f4315786000
09:54:06.487810 close(3)= 0
09:54:06.487846 open("/opt/lib/libmediaclient.so", O_RDONLY|O_CLOEXEC) = 3
09:54:06.487880 read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\35\0\0\0\0\0\0"...,
832) = 832
09:54:06.487914 fstat(3, {st_mode=S_IFREG|0755, st_size=64168, ...}) = 0
09:54:06.487948 mmap(NULL, 2161808, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4315359000
09:54:06.487981 mprotect(0x7f4315368000, 2093056, PROT_NONE) = 0
09:54:06.488017 mmap(0x7f4315567000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f4315567000
09:54:06.488061 close(3)= 0
09:54:06.488094 munmap(0x7f4315786000, 28) = 0
09:54:06.488130 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
09:54:06.488163 fstat(3, {st_mode=S_IFREG|0644, st_size=144332, ...}) = 0
09:54:06.488195 mmap(NULL, 144332, PROT_READ, MAP_PRIVATE, 3, 0) =
0x7f4315763000
09:54:06.488227 close(3)= 0
09:54:06.488259 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such
file or directory)
09:54:06.488297 open("/lib/x86_64-linux-gnu/libmount.so.1",
O_RDONLY|O_CLOEXEC) = 3
09:54:06.488333 read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\254\0\0\0\0\0\0"...,
832) = 832
09:54:06.488366 fstat(3, {st_mode=S_IFREG|0644, st_size=284096, ...}) = 0
09:54:06.488400 mmap(NULL, 2383648, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4315113000
09:54:06.488432 mprotect(0x7f4315156000, 2097152, PROT_NONE) = 0
09:54:06.488465 mmap(0x7f4315356000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x43000) = 0x7f4315356000
09:54:06.488504 mmap(0x7f4315358000, 3872, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4315358000
09:54:06.488542 close(3)= 0
09:54:06.488577 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such
file or directory)
09:54:06.488611 open("/lib/x86_64-linux-gnu/libselinux.so.1",
O_RDONLY|O_CLOEXEC) = 3
09:54:06.488644 read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20c\0\0\0\0\0\0"...,
832) = 832
09:54:06.488677 fstat(3, {st_mode=S_IFREG|0644, st_size=142728, ...}) = 0
09:54:06.488709 mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4315762000
09:54:06.488745 mmap(NULL, 2246896, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4314eee000
09:54:06.488777 mprotect(0x7f4314f0f000, 2097152, PROT_NONE) = 0
09:54:06.488814 mmap(0x7f431510f000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x21000) = 0x7f431510f000
09:54:06.488852 mmap(0x7f4315111000, 6384, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4315111000
09:54:06.488890 close(3)= 0
09:54:06.488924 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such
file or directory)
09:54:06.488960 open("/lib/x86_64-linux-gnu/libc.so.6",
O_RDONLY|O_CLOEXEC) = 3
09:54:06.488995 read(3,
"\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\34\2\0\0\0\0\0"...,
832) = 832
09:54:06.489028 fstat(3, {st_
Bug#789038: jitsi: Unable to install on sid/unstable
On Tue, 19 Jan 2016 04:05:36 +0100 Kurt Roeckx <k...@roeckx.be> wrote: > The problem is getting a version from upstream that meets the DFSG > requirements. And usptream doesn't seem to care about it anymore. This relates to the javax.sip headers and has been solved. We (I) do have interest to get this into Debian, but I don't have the resources. Ingo
Bug#788546: Sorry for late answer, got no notification on your posting
Das mit den Locales hat es nicht gebracht, da ist sowohl auf dem nas als auch auf dem PC die gleiche: PC:$ echo $LANG de_DE.utf8 nas: $ echo $LANG de_DE.UTF-8 But a workaround is documented in this Bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790880 which has been merged here. This states: Using "mount.nfs" instead allows mounting by a user: Executing mount.nfs as a user with full path does not respect the mountpoint as configured in fstab: ~$ /sbin/mount.nfs leo:/Bilder ~$ mount.nfs: no mount point provided Adding the mountpoint works for both mount and umount: ~$ /sbin/mount.nfs leo:/Bilder /home/ingo/leo.Bilder ~$ /sbin/umount.nfs /home/ingo/leo.Bilder That's why I assigned it also to Package: mount. Today I checkes in Stretch: still the same issue.
Bug#744753: situation with anacron is even worse in Jessie
anacron is also not invoked when system boots on battery and later on
connected is to AC power, because systemd does not detect this change!
This is a no go for laptop users as they very rarely get notified of
pending updates, because the usual way is to connect the laptop to AC
power only when battery capacity is/gets low. Currently notification for
updates only works if laptop runs on AC power when booted up!
My workaround with good old udev rules I took from Arch-wiki:
https://wiki.archlinux.org/index.php/Power_management#Tools_and_scripts
I set up two udev-rules:
/lib/udev/rules.d/98-powersave.rules
# ATTR values: "0" = on battery; "1" = on AC power
SUBSYSTEM=="power_supply", ATTR{online}=="0",
RUN+="/usr/sbin/pm-powersave true"
SUBSYSTEM=="power_supply", ATTR{online}=="1",
RUN+="/usr/sbin/pm-powersave false"
Woirks great.
Bug#788547: nfs4 mount.nfs does not respect option user in fstab in Jessie
Some additional information, discovered by accident: What does completely fail, is the mount command as reported above (mounting a nfs-export as user). Executing mount.nfs as a user with full path does not respect the mountpoint as configured in fstab: ~$ /sbin/mount.nfs leo:/Bilder ~$ mount.nfs: no mount point provided Adding the mountpoint works for both mount and umount: ~$ /sbin/mount.nfs leo:/Bilder /home/ingo/leo.Bilder ~$ /sbin/umount.nfs /home/ingo/leo.Bilder So, the dead end lies in /sbin/mount which is unable to evaluate the fstab and parse it properly to mount.nfs. Remark: it is somehow strange that the mount-binary shrunk in filesize from 90kB in Wheezy to only 40kB in Jessi? So this bug should be assigned to package mount in Jessie as well. Regards, Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#788547: nfs4 mount.nfs does not respect option user in fstab in Jessie
Package: nfs-common Version: 1:1.2.8-9 Severity: serious Since upgrade of the client from Wheezy to Jessie I am no longer able to mount nfs4-exports from a host (leo) running Wheezy as a normal user (UID=1000): # showmount -e leo Export list for leo: /srv/nfs4/Bilder 192.168.33.0/24 /srv/nfs4192.168.33.0/24 /etc/fstab entries on the clients (Jessi and Wheezy): leo:/Bilder /home/ingo/leo.Bilder nfs4 noauto,rw,user,soft,relatime 0 0 In Wheezy all works as expected, in Jessie mount fails with: $ LANG=en_US.UTF-8 mount leo:/Bilder mount: leo:/Bilder: No such file or directory However it is possible to perform the mount as root. Umount as user (UID=1000) fails with same non informative message: $ LANG=en_US.UTF-8 umount leo:/Bilder umount: leo:/Bilder: No such file or directory This is a security flaw as users cannot mount/umount on demand without root-privileges. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780772: [drupal7] Security update for drupla7 drupal6
Package: drupal7 Version: 7.32-1+deb8u1 Severity: serious Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org --- Please enter the report below this line. --- Hi! https://www.drupal.org/drupal-7.35 says: Drupal 7.35 and Drupal 6.35, maintenance releases which contain fixes for security vulnerabilities, are now available for download. See the Drupal 7.35 and Drupal 6.35 release notes for further information. Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features or non-security-related bug fixes in these releases. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement. More information on the Drupal 6.x release series can be found in the Drupal 6.0 release announcement. Please supply a fixed package upload ASAP, thanks! Ingo --- System information. --- Architecture: amd64 Kernel: Linux 3.16.0-4-amd64 Debian Release: 8.0 500 unstablewww.deb-multimedia.org 500 unstableftp.de.debian.org --- Package information. --- Depends(Version) | Installed -+- debconf(= 0.5) | 1.5.55 OR debconf-2.0 | apache2 | 2.4.10-10 OR httpd| php5 | 5.6.6+dfsg-2 php5-mysql | 5.6.6+dfsg-2 OR php5-pgsql | 5.6.6+dfsg-2 OR php5-sqlite | 5.6.6+dfsg-2 php5-gd | 5.6.6+dfsg-2 default-mta | OR mail-transport-agent | wwwconfig-common (= 0.0.37) | 0.2.2 mysql-client | 5.5.42-1 OR virtual-mysql-client | OR postgresql-client| 9.4+166 dbconfig-common | 1.8.47+nmu3 curl | 7.38.0-4 Recommends(Version) | Installed ===-+-=== mysql-server| 5.5.42-1 OR postgresql | 9.4+166 OR sqlite3 | 3.8.7.4-1 Package's Suggests field is empty. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#762838: Crash after update: “mem.c:1321: REQUIRE(ptr != ((void *)0)) failed, back trace”
Hi! I can confirm this bug as well, but I can't confirm Kamils guess that it's related to resolving your own zone. Instead I search my logs and found this: Sep 26 08:59:37 muaddib named[31237]: success resolving 'www.kanirope.de/A' (in 'kanirope.de'?) after reducing the advertised ED NS UDP packet size to 512 octets Sep 26 08:59:37 muaddib named[31237]: mem.c:1321: REQUIRE(ptr != ((void *)0)) failed, back trace Sep 26 11:25:23 muaddib named[21830]: success resolving 'sb.l.google.com/' (in 'google.com'?) after reducing the advertised EDNS UDP packet size to 512 octets Sep 26 11:41:15 muaddib named[21830]: mem.c:1321: REQUIRE(ptr != ((void *)0)) failed, back trace Sep 26 13:12:50 muaddib named[30213]: success resolving 'michaeljaeger.tv/' (in 'michaeljaeger.tv'?) after reducing the adve rtised EDNS UDP packet size to 512 octets Sep 26 13:15:23 muaddib named[30213]: mem.c:1321: REQUIRE(ptr != ((void *)0)) failed, back trace Every time the back trace line is appearing in the logs, it is preceeded by a reducing the advertised EDNS UDP packet size to 512 octets line. Maybe that's another hint worthwile to look at? -- Ciao... //http://blog.windfluechter.net Ingo \X/ XMPP: i...@jabber.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752178: [unetbootin] The resulting usb pendrive looping with menu.c32 error
Hello, it seems to be a bit funny: I experienced the same bug. According to the Ubuntu bug report I tried to look for the mentioned files and found that on my box there were the two folders usr/lib/syslinux and usr/lib/SYSLINUX, the latter did not contain the files I was looking for. I renamed that folder and from that time on unetbootin seemed to find the right path and worked like it should without having to copy any files. Could you have a look and verify if this is the same on your box , maybe the SYSLINUX folder comes from a former installation? Regards Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#745571: ingerman: fails to install - directory /var/lib/ispell does not exist
Package: ingerman Version: 20131206-1 Severity: grave Justification: renders package unusable Not sure if this bug is against ingerman or ispell. But it makes ingerman uninstallable while ispell installs just fine ... Original error encountered during sid upgrade. Reproducable by purging ispell and ingerman then trying to reinstall both. Manually creating /var/lib/ispell makes ingerman install without errors. To reproduce: # dpkg -P ispell ingerman # aptitude install ispell ingerman The following NEW packages will be installed: ingerman ispell 0 packages upgraded, 2 newly installed, 0 to remove and 2 not upgraded. Need to get 620 kB of archives. After unpacking 801 kB will be used. Get: 1 http://ftp-stud.hs-esslingen.de/debian/ sid/main ispell amd64 3.3.02-6 [175 kB] Get: 2 http://ftp-stud.hs-esslingen.de/debian/ sid/main ingerman all 20131206-1 [444 kB] Fetched 620 kB in 0s (1.642 kB/s) Preconfiguring packages ... Selecting previously unselected package ispell. (Reading database ... 163388 files and directories currently installed.) Preparing to unpack .../ispell_3.3.02-6_amd64.deb ... Unpacking ispell (3.3.02-6) ... Selecting previously unselected package ingerman. Preparing to unpack .../ingerman_20131206-1_all.deb ... /var/lib/dpkg/tmp.ci/preinst: 13: /var/lib/dpkg/tmp.ci/preinst: cannot create /var/lib/ispell/ngerman.compat: Directory nonexistent dpkg: error processing archive /var/cache/apt/archives/ingerman_20131206-1_all.deb (--unpack): subprocess new pre-installation script returned error exit status 2 Processing triggers for man-db (2.6.7.1-1) ... Errors were encountered while processing: /var/cache/apt/archives/ingerman_20131206-1_all.deb localepurge: Disk space freed in /usr/share/locale: 0 KiB localepurge: Disk space freed in /usr/share/man: 0 KiB localepurge: Disk space freed in /usr/share/gnome/help: 0 KiB localepurge: Disk space freed in /usr/share/omf: 0 KiB Total disk space freed by localepurge: 0 KiB E: Sub-process /usr/bin/dpkg returned an error code (1) Failed to perform requested operation on package. Trying to recover: Setting up ispell (3.3.02-6) ... Processing triggers for dictionaries-common (1.23.1) ... -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.13-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ingerman depends on: ii debconf [debconf-2.0] 1.5.52 ii dictionaries-common1.23.1 ii ispell 3.3.02-6 ingerman recommends no packages. Versions of packages ingerman suggests: ii wngerman 20131206-1 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#727628: xfce4-weather-plugin Wheezy
with version 0.7.4-4 my weather-plugin is alive again, thanks for the quick fix. /Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#727628: This bug affects me too in Wheezy and is really nasty
I do hope we get the fix backported to Wheezy soon. /Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#722604: Same problem
On Fri, Sep 13, 2013 at 01:14:06PM +0200, Michael Biebl wrote: Am 13.09.2013 05:50, schrieb Norbert Preining: On Fr, 13 Sep 2013, Norbert Preining wrote: * second, what about the udev maintainers specify what changes to self compiled kernels are necessary when upgrading udev. For those coming here in search of help: CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y (might not be necessary, not sure) As I wrote earlier, CONFIG_DEVTMPFS=y is mandatory now and it needs something which mounts the devtmps. Usually it is done by the initramfs (in Debian both dracut and initramfs-tools work fine) and if you don't use and initramfs for whatever reason, you'll need CONFIG_DEVTMPFS_MOUNT=y, so the kernel mounts the devtmpfs for you. Note that /etc/init.d/udev chacks for tmpfs to be mounted on / and mounts it, if not. If you change this to check for and mount devtmpfs, it still works without CONFIG_DEVTMPFS_MOUNT, only CONFIG_DEVTMPFS is still needed. This should increase compatibility with a number of self-compiled kernels, since the kernel default for CONFIG_DEVTMPFS_MOUNT still seems to be No. You also could suggest to set devtmpfs.mount=1 on the kernel commandline instead. Ingo -- ╭─╮ Kennedy's Lemma: ╭│───╮ If you can parse Perl, you can solve the Halting Problem. │╰─│─╯ ╰──╯ http://www.perlmonks.org/?node_id=663393 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#710565: Working workaround
I just installed the Wheezy packages: update-notifier update-notifier-common and its dependencies. Then purged packagekit and ... Now apt-pin above 2 packages and you are done for the time beeing. Uptdate-notification works fine as before. It is sad to see how Gnome invades the whole system :-( -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701744: Xen netback regression
Am 04.07.2013 um 05:42 schrieb Ben Hutchings b...@decadent.org.uk: My understanding is that disabling scatter/gather on netfront in domU (ethtool -K eth0 sg off) will prevent it from triggering these bugs, but at a substantial performance impact. In practice, disabling TSO in domU (ethtool -K eth0 tso off) should also work and will have a smaller performance impact. However, a malicious domU would still be able to crash dom0. Thanks, Ben, for updating us on this issue! Crashing dom0 seems to happen on my Cisco C200 M2 server lately, maybe unrelated to this bug, maybe not. At least my server sometimes gets a restart command from the operating system. We see this in the CIMC (management console) logs and Cisco already confirmed that the reboot command is issued by the OS. On the other hand I see absolutely no hint or cause in the system log files, neither on dom0, nor domU nor the hypervisor logs, which makes it difficult to track down the reason for the random reboots of the whole machine. I'm using the ethtool workaround in some of my 8 running domUs, but not in all. No ethtool workaround in dom0 as well. As Ian requested, the netback fixes were included in Linux 3.2.47 and thus should appear in the wheezy-proposed-updates suite shortly. Aside from that, any regression that occurred as a result of a security update may also be fixed in a security update, and I hope we will be able to provide such updates for both Debian 6 (squeeze) and 7 (wheezy) in the next few weeks. Do you have a suggestion of in the next few weeks? The crashing server really gets annoying: sometimes it reboots several times per day, sometimes it runs for a week or so. We are close to open a TAC case with Cisco about the crashing server, but would like to be sure that it's not the kernel which is causing this, of course. ;) -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#711160: [roundcube] Roundcube doesn't work anymore after upgrade to apache 2.4
Package: roundcube Version: 0.7.2-9 Severity: serious --- Please enter the report below this line. --- Hi! As the transition to apache 2.4 just happened in Sid, I discovered that roundcube doesn't work anymore, because of some PHP related problems like default timezone or this one: [04-Jun-2013 07:31:48 Europe/Berlin] PHP Deprecated: Deprecated: MDB2_Driver_pgsql::isError() is deprecated, use MDB2::isError() in /usr/share/roundcube/program/include/rcube_mdb2.php on line 288 in /usr/share/php/MDB2.php on line 2001 [04-Jun-2013 07:31:48 Europe/Berlin] PHP Deprecated: Deprecated: MDB2_Driver_pgsql::isError() is deprecated, use MDB2::isError() in /usr/share/roundcube/program/include/rcube_mdb2.php on line 288 in /usr/share/php/MDB2.php on line 2001 [04-Jun-2013 07:31:48 Europe/Berlin] PHP Deprecated: Deprecated: MDB2_Driver_pgsql::isError() is deprecated, use MDB2::isError() in /usr/share/roundcube/program/include/rcube_mdb2.php on line 288 in /usr/share/php/MDB2.php on line 2001 [04-Jun-2013 07:31:48 Europe/Berlin] PHP Deprecated: Deprecated: MDB2_Driver_pgsql::isError() is deprecated, use MDB2::isError() in /usr/share/roundcube/program/include/rcube_mdb2.php on line 288 in /usr/share/php/MDB2.php on line 2001 [04-Jun-2013 07:31:48 Europe/Berlin] MDB2 Error: not found (-4): Unable to bind to missing placeholder: 1 [04-Jun-2013 07:31:48 Europe/Berlin] PHP Deprecated: Deprecated: MDB2_Driver_pgsql::isError() is deprecated, use MDB2::isError() in /usr/share/roundcube/program/include/rcube_mdb2.php on line 288 in /usr/share/php/MDB2.php on line 2001 [04-Jun-2013 07:34:08 Europe/Berlin] PHP Deprecated: Deprecated: MDB2_Driver_pgsql::isError() is deprecated, use MDB2::isError() in /usr/share/roundcube/program/include/rcube_mdb2.php on line 288 in /usr/share/php/MDB2.php on line 2001 Another issue was the changed config for Deny/Allow in Apache config: #order allow,deny #allow from all Require all granted Additionally the config needs to be renamed, but there's a script in apache for that. Alas, I think it would be better for the package to take care of that to prevent frustrated users. So, I think roundcube just need some extra love from its maintainers after the transition of apache to 2.4. ;-) Regards, Ingo --- System information. --- Architecture: amd64 Kernel: Linux 3.8-1-amd64 Debian Release: jessie/sid 500 unstablewww.deb-multimedia.org 500 unstableftp.de.debian.org 1 experimentalftp.de.debian.org --- Package information. --- Depends(Version) | Installed -+-= roundcube-core (= 0.7.2-9) | 0.7.2-9 dbconfig-common | 1.8.47+nmu1 debconf(= 0.5) | 1.5.50 OR debconf-2.0 | ucf | 3.0027 apache2 | 2.4.4-5 OR lighttpd | OR httpd| php5 | 5.5.0~rc2+dfsg-2 php5-mcrypt | 5.5.0~rc2+dfsg-2 php5-gd | 5.5.0~rc2+dfsg-2 php5-intl| 5.5.0~rc2+dfsg-2 php-mdb2 (= 2.5.0) | 2.5.0b5-1 php-auth | 1.6.2-1 php-net-smtp (= 1.4.2) | 1.6.1-1 php-net-socket | 1.0.14-1 php-mail-mime (= 1.8.2) | 1.8.4-1 php5-pspell | 5.5.0~rc2+dfsg-2 tinymce (= 3) | 3.4.8+dfsg0-1 libjs-jquery (= 1.6.4) | 1.7.2+dfsg-2 libjs-jquery-ui (= 1.8) | 1.10.1+dfsg-1 libmagic1| 1:5.14-2 roundcube-mysql (= 0.7.2-9) | 0.7.2-9 OR roundcube-pgsql (= 0.7.2-9) | 0.7.2-9 Package's Recommends field is empty. Suggests (Version) | Installed -+-=== php-auth-sasl (= 1.0.3) | php-crypt-gpg| roundcube-plugins| -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#704987: system freezes after hibernate/suspend
@ colliar I just checked with your syslog and found that system has resumed from hibernate just a few minutes before the crash happened. I did see also random cashes/freezes in Wheezy when system was suspended before (s2ram). Since I no longer use suspend all the troubles have gone away. I must admit that this did not happen with early Wheezy kernels, but it shows up with latest kernels and also with any vanilla 3.4 kernel. I really cannot decide the root cause of this observation, but I feel it's worth to test on your hardware without suspend/hibernate. My hardware is Ivy Bridge i5-3570k. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701744: [Pkg-xen-devel] Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures
Am 28.02.2013 um 11:28 schrieb Ian Campbell i...@hellion.org.uk: I am 99% positive it will turn out to be the kernel, but please do let us know. Shortly before 18:00 today I reinstalled linux-image-2.6.32-5-xen-amd64_2.6.32-48_amd64.deb as kernel and it took only 2.5 hours to trigger the issue. The hypervisor is xen-hypervisor-4.0-amd64 4.0.1-5.4 at this time. All domUs are still running the updated kernel packages (pre DSA-2632-1), the dom0 the downgraded kernel package. When you reach a conclusion (assuming it is the one I expect!) please can you confirm the fixed+broken kernel package versions so I can reassign as appropriate. Unfortunately I'm about to go travelling for a week but I have asked one of my colleagues to try and take a look at this. I will now upgrade to DSA-2632-1 kernels and see whether that works or has the same issues. Will keep you updated. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701744: [Pkg-xen-devel] Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures
Am 28.02.2013 um 11:28 schrieb Ian Campbell i...@hellion.org.uk: All domUs are still running the updated kernel packages (pre DSA-2632-1), the dom0 the downgraded kernel package. linux-image-2.6.32-5-xen-amd64 2.6.32-48squeeze1 triggered the problem within 30 mins. ;-) When you reach a conclusion (assuming it is the one I expect!) please can you confirm the fixed+broken kernel package versions so I can reassign as appropriate. Conclusion: it's the kernel... ;-) Working: - kernel: linux-image-2.6.32-5-xen-amd64_2.6.32-46_amd64.deb - hypervisor: xen-hypervisor-4.0-amd64_4.0.1-5.4_amd64.deb, xen-hypervisor-4.0-amd64_4.0.1-5.6_amd64.deb Not Working kernels: - linux-image-2.6.32-5-xen-amd64_2.6.32-48_amd64.deb - linux-image-2.6.32-5-xen-amd64_2.6.32-48squeeze1_amd64.deb So, I'm going back to linux-image-2.6.32-5-xen-amd64_2.6.32-46_amd64.deb... -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701744: [Pkg-xen-devel] Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures
Am 26.02.2013 um 19:19 schrieb Ian Campbell i...@hellion.org.uk: So, was the hypervisor upgrade also accompanied by a kernel update, in either the dom0 or guest domains? If so what versions were involved and where? Additionally to the last mail: After running two days stable with the downgraded packages, I've now upgraded the hypervisor package to xen-hypervisor-4.0-amd64_4.0.1-5.6_amd64.deb again and rebooted. If the machine runs stable with that, I'd say the kernel package is broken. And if the issues popping up again now, it's the hypervisor. All domUs are still running the updated kernel packages (pre DSA-2632-1), the dom0 the downgraded kernel package. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures
|pae_pgdir_above_4gb') (VIRT_BASE
18446744071562067968) (GUEST_VERSION 2.6) (PADDR_OFFSET 0)
(GUEST_OS linux)
(HYPERCALL_PAGE 18446744071578882048) (LOADER generic)
(SUSPEND_CANCEL 1)
(PAE_MODE yes) (ENTRY 18446744071584289280) (XEN_VERSION xen-3.0))),
'name': 'vserv1'}
[2013-02-25 13:06:40 5470] DEBUG (XendDomainInfo:1804) Storing domain
details: {'console/ring-ref': '2143834', 'image/entry':
'18446744071584289280', 'console/port': '2', 'store/ring-ref':
'2143835',
'image/loader': 'generic', 'vm':
'/vm/04541225-6d3c-3cae-a4c4-0b6d4ccfac7a',
'control/platform-feature-multiprocessor-suspend': '1',
'image/hv-start-low': '18446603336221196288', 'image/guest-os':
'linux',
'cpu/1/availability': 'online', 'image/virt-base':
'18446744071562067968',
'memory/target': '2097152', 'image/guest-version': '2.6',
'image/pae-mode':
'yes', 'description': '', 'console/limit': '1048576',
'image/paddr-offset':
'0', 'image/hypercall-page': '18446744071578882048',
'image/suspend-cancel': '1', 'cpu/0/availability': 'online',
'image/features/pae-pgdir-above-4gb': '1',
'image/features/writable-page-tables': '0', 'console/type':
'xenconsoled',
'name': 'vserv1', 'domid': '39', 'image/xen-version': 'xen-3.0',
'store/port': '1'}
[2013-02-25 13:06:40 5470] DEBUG (DevController:95) DevController:
writing
{'protocol': 'x86_64-abi', 'state': '1', 'backend-id': '0', 'backend':
'/local/domain/0/backend/console/39/0'} to
/local/domain/39/device/console/0.
[2013-02-25 13:06:40 5470] DEBUG (DevController:97) DevController:
writing
{'domain': 'vserv1', 'frontend': '/local/domain/39/device/console/0',
'uuid': 'c8819aed-c78f-02b8-0ef7-1600abd15add', 'frontend-id': '39',
'state': '1', 'location': '2', 'online': '1', 'protocol': 'vt100'} to
/local/domain/0/backend/console/39/0.
[2013-02-25 13:06:40 5470] DEBUG (XendDomainInfo:1891)
XendDomainInfo.handleShutdownWatch
[2013-02-25 13:06:40 5470] DEBUG (DevController:139) Waiting for
devices
vif2.
[2013-02-25 13:06:40 5470] DEBUG (DevController:139) Waiting for
devices
vif.
[2013-02-25 13:06:40 5470] DEBUG (DevController:139) Waiting for
devices
vscsi.
[2013-02-25 13:06:40 5470] DEBUG (DevController:139) Waiting for
devices
vbd.
[2013-02-25 13:06:40 5470] DEBUG (DevController:144) Waiting for 51712.
[2013-02-25 13:06:40 5470] DEBUG (DevController:628)
hotplugStatusCallback
/local/domain/0/backend/vbd/39/51712/hotplug-status.
From my point of view, either Xen hypervisor or the kernel seems to be
broken, but it's hard to tell for me.
I suspect the problem within the Xen kernel part of VIF code as a reboot
of the dom0 solves this problem temporarily without touching the domUs.
But within some hours (6 hrs) the issue re-appears.
Although I assume that xend is responsible for adding/removing VIFs a
restart of xend doesn't help at all. That's why I assume a kernel
problem within the dom0.
I'm running 8 domUs at the moment, each of them is connected to the
outer world through xenbr0 and connected to the internal world through
xenbr1 and RFC1918 addresses. I'm running a mixed setup of routed and
bridged config:
(vif-script vif-bridge)
(network-script network-route)
But the server ran several years with that setup without any problems,
so I don't think that's an issue.
For now I'm forced to go back to a working kernel as I need to keep the
server up and running.
--- System information. ---
Architecture: amd64
Kernel: Linux 2.6.32-5-xen-amd64
gate:~# dpkg -l | grep xen
ii libxenstore3.0 4.0.1-5.6
Xenstore communications library for Xen
ii linux-image-2.6.32-5-xen-amd64 2.6.32-48
Linux 2.6.32 for 64-bit PCs, Xen dom0 support
ii xen-hypervisor-4.0-amd644.0.1-5.6
The Xen Hypervisor on AMD64
ii xen-linux-system-2.6-xen-amd64 2.6.32+29
Xen system with Linux 2.6 for 64-bit PCs (meta-package)
ii xen-linux-system-2.6.32-5-xen-amd64 2.6.32-48
Xen system with Linux 2.6.32 on 64-bit PCs (meta-package)
ii xen-tools 4.2-1
Tools to manage Xen virtual servers
ii xen-utils-4.0 4.0.1-5.6
XEN administrative tools
ii xen-utils-common4.0.0-1
XEN administrative tools - common files
ii xenstore-utils 4.0.1-5.6
Xenstore utilities for Xen
ii xenwatch0.5.4-2
Virtualization utilities, mostly for Xen
--
Ciao...// Fon: 0381-2744150
Ingo \X/ http://blog.windfluechter.net
Please don't share this address with Facebook or Google!
gpg pubkey: http://www.juergensmann.de/ij_public_key.asc
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#701744: [Pkg-xen-devel] Bug#701744: [xen] Update to hypervisor 4.0.1-5.6 or linux-image-2.6.32-5-xen-amd64 2.6.32-48 causes networking (VIF) failures
Am 26.02.2013 um 19:19 schrieb Ian Campbell i...@hellion.org.uk: Since the update last weekind in stable/squeeze I'm experiencing problems with running Xen on amd64 and multiple domUs losing their network connection/VIFs. The hypervisors involvement in the specifics of the networking is pretty minimal -- a kernel bug is much more likely IMHO. In particular the messages you are seeing look a lot like those which would result from http://wiki.xen.org/wiki/Security_Announcements#XSA_39_Linux_netback_DoS_via_malicious_guest_ring.. So, was the hypervisor upgrade also accompanied by a kernel update, in either the dom0 or guest domains? If so what versions were involved and where? Yes, it was a full update, both on dom0 as well as on domUs. I always try to keep kernels on dom0 and domU the same version. The blog posts lists the packages that were updated last weekend: gate:~# dir /var/cache/apt/archives/ base-files_6.0squeeze7_amd64.deb libxenstore3.0_4.0.1-5.6_amd64.deb bind9-host_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb linux-base_2.6.32-48_all.deb dbus_1.2.24-4+squeeze2_amd64.deb linux-image-2.6.32-5-amd64_2.6.32-48_amd64.deb dbus-x11_1.2.24-4+squeeze2_amd64.deb linux-image-2.6.32-5-xen-amd64_2.6.32-48_amd64.deb firmware-linux-free_2.6.32-48_all.deblock gzip_1.3.12-9+squeeze1_amd64.deb openssh-client_1%3a5.5p1-6+squeeze3_amd64.deb host_1%3a9.7.3.dfsg-1~squeeze9_all.deb openssh-server_1%3a5.5p1-6+squeeze3_amd64.deb libbind9-60_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb openssl_0.9.8o-4squeeze14_amd64.deb libcups2_1.4.4-7+squeeze3_amd64.deb partial libdbus-1-3_1.2.24-4+squeeze2_amd64.deb perl_5.10.1-17squeeze5_amd64.deb libdbus-glib-1-2_0.88-2.1+squeeze1_amd64.deb perl-base_5.10.1-17squeeze5_amd64.deb libdns69_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb perl-modules_5.10.1-17squeeze5_all.deb libisc62_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb ssh_1%3a5.5p1-6+squeeze3_all.deb libisccc60_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb tzdata_2012g-0squeeze1_all.deb libisccfg62_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb xen-hypervisor-4.0-amd64_4.0.1-5.6_amd64.deb libldap-2.4-2_2.4.23-7.3_amd64.deb xen-linux-system-2.6.32-5-xen-amd64_2.6.32-48_amd64.deb liblwres60_1%3a9.7.3.dfsg-1~squeeze9_amd64.deb xenstore-utils_4.0.1-5.6_amd64.deb libperl5.10_5.10.1-17squeeze5_amd64.deb xen-utils-4.0_4.0.1-5.6_amd64.deb libssl0.9.8_0.9.8o-4squeeze14_amd64.deb The same kernel versions were updated in the domUs. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#700545: [drupal7] Latest security patches don't fix security warning within Drupal7 (update.module)
Am 23.02.2013 um 16:37 schrieb Luigi Gangitano lu...@debian.org: 7.14-2 has just been uploaded, acknowledging your NMUs and adding the latest security fix. Thanks to both of you for dealing with and finally fixing this issue! :-) -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#689268: linux-image-3.2.0-3-amd64: Intel HD 4000 (Ivy Bridge) graphics freeze
Am 10.01.2013 09:39, schrieb Riku Voipio: getting hangs on anything other than the Debian 3.2.32-1 has been challenging. If if's just timing based, I might just have been lucky during my bisects. Here vanilla 3.4.24 from kernel.org runs absolutely stable since a few weeks. But me came up another idea: 'modinfo i916' list an option which appears to be a watchdog function: parm: enable_hangcheck:Periodically check GPU activity for detecting hangs. WARNING: Disabling this can cause system wide hangs. (default: true) (bool) which actually describes the symptoms. Could it be that in the Debian-kernel either the hangs are not detected securely, or that it just fails to reset the module? /Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
The crashes with vanilla 3.4.23 kernel as reported im http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692234#443 could now be assigned to a corrupted VM in VirtualBox 4.1.18 which did not survive the many kernel updates in saved state. Moreover those crashes were not as hard as with Debian 3.2.32 kernel - power consumption remained normal and reset button responded immediately. I am now with vanilla kernel 3.4.24 from kernel.org and all is fine. /Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
Am 15.12.2012 20:33, schrieb Ingo: All versions ran smoothly without any problems. Also no incompatibilities with other Wheezy packages have been noticed. CORRECTION: with vanilla kernel 3.4.23, I now had 2 freezes within 6 days! I now switched back to 3.4.21 (which ran 8 days without freezes) and will test it thoroughly for another 2 weeks. If that turns out stable, it will narrow down the commits drastically and the commons with patches applied to the Debian kernel can hopefully be located. /Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#696342: [drupal7] SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities in Drupal 6 7
Package: drupal7 Version: 7.14-1.1 Severity: critical Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org --- Please enter the report below this line. --- Hi! There's a security update for Drupal6 and Drupal7 available. Please include the patch for not question the Drupal Server about new version available this time, otherwise the users will be prompted by a wrong security warning, which is already solved. Thanks! http://drupal.org/SA-CORE-2012-004 Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Access bypass (User module search - Drupal 6 and 7) A vulnerability was identified that allows blocked users to appear in user search results, even when the search results are viewed by unprivileged users. This vulnerability is mitigated by the fact that the default Drupal core user search results only display usernames (and disclosure of usernames is not considered a security vulnerability). However, since modules or themes may override the search results to display more information from each user's profile, this could result in additional information about blocked users being disclosed on some sites. CVE: Requested. Access bypass (Upload module - Drupal 6) A vulnerability was identified that allows information about uploaded files to be displayed in RSS feeds and search results to users that do not have the view uploaded files permission. This issue affects Drupal 6 only. CVE: Requested. Arbitrary PHP code execution (File upload modules - Drupal 6 and 7) Drupal core's file upload feature blocks the upload of many files that can be executed on the server by munging the filename. A malicious user could name a file in a manner that bypasses this munging of the filename in Drupal's input validation. This vulnerability is mitigated by several factors: The attacker would need the permission to upload a file to the server. Certain combinations of PHP and filesystems are not vulnerable to this issue, though we did not perform an exhaustive review of the supported PHP versions. Finally: the server would need to allow execution of files in the uploads directory. Drupal core has protected against this with a .htaccess file protection in place from SA-2006-006 - Drupal Core - Execution of arbitrary files in certain Apache configurations. Users of IIS should consider updating their web.config. Users of Nginx should confirm that only the index.php and other known good scripts are executable. Users of other webservers should review their configuration to ensure the goals are achieved in some other way. CVE: Requested. CVE identifier(s) issued A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes. Versions affected Drupal core 6.x versions prior to 6.27. Drupal core 7.x versions prior to 7.18. Solution Install the latest version: If you use Drupal 6.x, upgrade to Drupal core 6.27. If you use Drupal 7.x, upgrade to Drupal core 7.18. --- System information. --- Architecture: amd64 Kernel: Linux 3.2.0-4-amd64 Debian Release: 7.0 500 unstablewww.deb-multimedia.org 500 unstableftp.de.debian.org 1 experimentalftp.de.debian.org --- Package information. --- Depends(Version) | Installed -+- debconf(= 0.5) | 1.5.48 OR debconf-2.0 | apache2 | 2.2.22-12 OR httpd| php5 | 5.4.4-10 php5-mysql | 5.4.4-10 OR php5-pgsql | 5.4.4-10 php5-gd | 5.4.4-10 default-mta | OR mail-transport-agent | wwwconfig-common (= 0.0.37) | 0.2.2 mysql-client | 5.5.28+dfsg-1 OR virtual-mysql-client | OR postgresql-client| 9.1+134wheezy2 dbconfig-common | 1.8.47+nmu1 curl | 7.28.0-3 Recommends(Version) | Installed ===-+-=== mysql-server| 5.5.28+dfsg-1 OR postgresql | 9.1+134wheezy2 Package's Suggests field is empty. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#696343: [drupal6] SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities in Drupal 6 7
Package: drupal6 Severity: critical Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org --- Please enter the report below this line. --- Hi! There's a security update for Drupal6 and Drupal7 available: http://drupal.org/SA-CORE-2012-004 Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Access bypass (User module search - Drupal 6 and 7) A vulnerability was identified that allows blocked users to appear in user search results, even when the search results are viewed by unprivileged users. This vulnerability is mitigated by the fact that the default Drupal core user search results only display usernames (and disclosure of usernames is not considered a security vulnerability). However, since modules or themes may override the search results to display more information from each user's profile, this could result in additional information about blocked users being disclosed on some sites. CVE: Requested. Access bypass (Upload module - Drupal 6) A vulnerability was identified that allows information about uploaded files to be displayed in RSS feeds and search results to users that do not have the view uploaded files permission. This issue affects Drupal 6 only. CVE: Requested. Arbitrary PHP code execution (File upload modules - Drupal 6 and 7) Drupal core's file upload feature blocks the upload of many files that can be executed on the server by munging the filename. A malicious user could name a file in a manner that bypasses this munging of the filename in Drupal's input validation. This vulnerability is mitigated by several factors: The attacker would need the permission to upload a file to the server. Certain combinations of PHP and filesystems are not vulnerable to this issue, though we did not perform an exhaustive review of the supported PHP versions. Finally: the server would need to allow execution of files in the uploads directory. Drupal core has protected against this with a .htaccess file protection in place from SA-2006-006 - Drupal Core - Execution of arbitrary files in certain Apache configurations. Users of IIS should consider updating their web.config. Users of Nginx should confirm that only the index.php and other known good scripts are executable. Users of other webservers should review their configuration to ensure the goals are achieved in some other way. CVE: Requested. CVE identifier(s) issued A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes. Versions affected Drupal core 6.x versions prior to 6.27. Drupal core 7.x versions prior to 7.18. Solution Install the latest version: If you use Drupal 6.x, upgrade to Drupal core 6.27. If you use Drupal 7.x, upgrade to Drupal core 7.18. --- System information. --- Architecture: amd64 Kernel: Linux 3.2.0-4-amd64 Debian Release: 7.0 500 unstablewww.deb-multimedia.org 500 unstableftp.de.debian.org 1 experimentalftp.de.debian.org --- Package information. --- Package's Depends field is empty. Package's Recommends field is empty. Package's Suggests field is empty. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
I have now been running vanilla 3.4 from kernel.org for 4 weeks. Starting with 3.4.18 I have continuosly updated as new builds were released - recently 3.4.21 and now 3.4.23. All versions ran smoothly without any problems. Also no incompatibilities with other Wheezy packages have been noticed. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
Julien Cristau wrote at bug #687442 --- New image is up at http://people.debian.org/~jcristau/linux-image-3.2.0-4.drm-amd64_3.2.34-1~jcristau.1_amd64.deb That kernel image is based on 3.2 with graphics system backported from 3.4 It would help if you can test that version too. Unfortunately I do need my PC for daily work with VirtualBox. However that site does not supply any matching header packages, so it won't support VBox. Regards, Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
Since 2 weeks I an running kernel 3.4 from kernel.org. I used config from Debian's 3.4.4-1~experimental.1 with make silentoldconfig and accepted defaults fo 5 new items. This is a long term kernel as well and thus still maintained. I started with 3.4.18, updated to 3.4.19 and now using 3.4.20. All without any problems including VirtualBox 4.1.18 from Wheezy repo. This also appears a viable alternative to current 3.2? -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
Some additional information, probably it helps: As stated above, when system freezes power consumption rises by some 30 watts. I now checked under normal operating conditions and it turns out that this value is precisely the same when 2 cores (out of 4) run under full load (checked with seti@home). The odd thing is that CPU-fan regulation also fails during freeze leading to overheating of the CPU. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#692234: Intel DH77EB (H77): sporadic freeze and increased power consumption
Am 08.11.2012 16:55, schrieb Jonathan Nieder: Ingo wrote: I have now been running kernel 3.3.0-rc6-amd64 for 4 days. I did even try with different BIOS settings for IGD DVMT Memory especially with Maximum DVMT which according to the manual corresponds to 1.7GB. With this configuration I did have freezes few times a day with Wheezy stock kernel before. This is *fixed in kernel 3.3.0-rc6-amd64*. All is 100% stable. That's a comfort. Thanks for checking. Do you want me to continue with this test? No, please use whatever kernel is most convenient for now. Hopefully we will find some patch to test against 3.2.y soon. I have now extensively tested with kernel 3.4.4-1~experimental.1 from snapshots with all available BIOS settings for IGD DVMT Memory as: 128 MB 256 MB 512 MB Maximum DVMT (1.7 GB) All is 100% stable, s2ram works smoothly, ... BIOS setting is totally ignored and Wheezy always assigns 256 MB video RAM according to 'dmesg': agpgart-intel :00:00.0: AGP aperture is 256M @ 0xe000 This kernel also enables RC6p: [drm] Enabling RC6 states: RC6 on, RC6p on, RC6pp off I can't go with a newer kernel, because VirtualBox 4.1.18 does not support (and crashes) with kernels = 3.5. Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#690817: Is that bug still open?
Hi Gunnar, hi Luigi, hi securiy@d.o! I reported http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690817 on Oct. 18th and Gunnar replied quickly with a patch. Since then the last message for this bug is pending/uploaded/delayed. In the meanwhile drupal7 7.14-1.1 is in unstable. So, is that bug still open or should it be closed? Another problem I see is, that the 7.14-1.1 version is still saying that there are pending security issues when looking at site/admin/reports/updates: Drupal core 7.14 Security update:7.16 (2012-Oct-17) I fear that this will confuse the users when the release would ship with 7.14-1.1 as it is now. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#690817: [drupal7] [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure
Package: drupal7 Version: 7.14-1 Severity: critical Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org --- Please enter the report below this line. --- Hi! There is currently a security issue with Drupal 7.14 currently in unstable, being shipped with wheezy. http://drupal.org/node/1815912 is about Arbitrary PHP code execution of Drupal core up to 7.16: * Advisory ID: DRUPAL-SA-CORE-2012-003 * Project: Drupal core [1] * Version: 7.x * Date: 2012-October-17 * Security risk: Highly critical [2] * Exploitable from: Remote * Vulnerability: Information Disclosure, Arbitrary PHP code execution DESCRIPTION - Multiple vulnerabilities were discovered in Drupal core. Arbitrary PHP code execution A bug in the installer code was identified that allows an attacker to re-install Drupal using an external database server under certain transient conditions. This could allow the attacker to execute arbitrary PHP code on the original server. This vulnerability is mitigated by the fact that the re-installation can only be successful if the site's settings.php file or sites directories are writeable by or owned by the webserver user. Configuring the Drupal installation to be owned by a different user than the webserver user (and not to be writeable by the webserver user) is a recommended security best practice [3]. However, in all cases the transient conditions expose information to an attacker who accesses install.php, and therefore this security update should be applied to all Drupal 7 sites. --- System information. --- Architecture: amd64 Kernel: Linux 3.2.0-4-amd64 Debian Release: wheezy/sid 500 unstablewww.debian-multimedia.org 500 unstableftp.de.debian.org --- Package information. --- Depends(Version) | Installed -+- debconf(= 0.5) | 1.5.46 OR debconf-2.0 | apache2 | 2.2.22-11 OR httpd| php5 | 5.4.4-7 php5-mysql | 5.4.4-7 OR php5-pgsql | 5.4.4-7 php5-gd | 5.4.4-7 default-mta | OR mail-transport-agent | wwwconfig-common (= 0.0.37) | 0.2.2 mysql-client | 5.5.24+dfsg-9 OR virtual-mysql-client | OR postgresql-client| 9.1+134wheezy1 dbconfig-common | 1.8.47+nmu1 curl | 7.27.0-1 Recommends(Version) | Installed ===-+-=== mysql-server| 5.5.24+dfsg-9 OR postgresql | 9.1+134wheezy1 Package's Suggests field is empty. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#676161: sogo: cronjob removes /var/spool/sogo and even worse trys removing /var/spool
Package: sogo
Version: 1.3.15a-1
Severity: grave
Tags: patch
Justification: renders package unusable
Dear Maintainer,
the packages cronjob at /etc/cron.daily/sogo implements a really
bad find statement to clean up empty directory beneath /var/spool/sogo.
find /var/spool/sogo -mindepth 1 -type d -empty -exec /bin/rmdir -p {} \;
The 'rmdir -p' command results in the attempt to remove /var/spool/sogo,
/var/spool (this is not going to happen because /var/spool is not empty)
and if the removal of /var/spool did´t fail even /var would have been tried
to remove.
Nevertheless the directory /var/spool/sogo gets removed an renders sogo unusable
because sogo fails to store its temporary mail and you are unable to send
any mail written until the folder is recreated.
The following find statement will do the job right:
find /var/spool/sogo -depth -mindepth 1 -type d -empty -exec /bin/rmdir {} \;
regards,
ingo
*** Please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these lines ***
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (900, 'testing'), (800, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.4-0.towo.3-siduction-amd64 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sogo depends on:
ii adduser 3.113+nmu2
ii gnustep-base-runtime 1.22.1-2+b1
ii libc6 2.13-32
ii libcurl3-gnutls 7.26.0-1
ii libgcc1 1:4.7.0-8
ii libgnustep-base1.22 1.22.1-2+b1
ii libgnutls26 2.12.19-1
ii libmemcached101.0.6-1
ii libobjc4 4.7.0-8
ii libsbjson2.3 2.3.2-1
ii libsope1 1.3.15-1
ii sogo-common 1.3.15a-1
ii tmpreaper 1.6.13+nmu1
ii zip 3.0-5
sogo recommends no packages.
sogo suggests no packages.
-- Configuration Files:
/etc/cron.d/sogo changed [not included]
/etc/cron.daily/sogo changed [not included]
/etc/sogo/sogo.conf changed [not included]
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#663137: (no subject)
Hello, might this be a duplicate of #658624 ? Can you solve the problem by updating libdc1394-22 (which is drawn by opencv) to version 2.2.0-2 from unstable ? Regards Ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659838: kmod: v5 acts like a fork bomb
On Sun, Feb 19, 2012 at 04:38:28AM -0200, Lucas De Marchi wrote: I prepared the patch attached... I couldn't test it (I don't have an environment ready for this right now), but I think it fixes the issue. Marco, I'm assuming you already backported the patch libkmod-module: probe: fix infinite loop with softdeps, right? Could you check if this works for you? It works. I restored the old alsa config and I can't reproduce the fork bug with this patch. Ingo -- Kennedy's Lemma: If you can parse Perl, you can solve the Halting Problem. http://www.perlmonks.org/?node_id=663393 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659838: kmod: v5 acts like a fork bomb
Moin
I just got bitten by that bug today, too.
On Tue, Feb 14, 2012 at 05:05:27PM -0200, Lucas De Marchi wrote:
I bet you have these rules in your config:
install snd /sbin/modprobe --ignore-install snd { /sbin/modprobe
--quiet snd-ioctl32 ; /sbin/modprobe --quiet snd-seq ; }
...
Marco, why are you shipping this with alsa? This creates dependency
loops, relying on modules being inserted to be able to break the
loops. It seems very fragile. What are you trying to accomplish with
that config?
These are indeed useful, as it pulls in additional modules that give you
the full functionality of the sound system. The problem seems to be that
--ignore-install seems to get ignored by kmod version 5 resulting in
endless recursive loops trying to insert these modules.
But since 3.12 module-init-tools (and kmod, too) supports the softdep
keyword in modprobe.d/. After changing the above rules to use softdep
instead of install, the bug was gone.
For example the rule qouted above using softdep should read:
softdep snd post: snd-ioctl32 snd-seq
I think this change could be done now in unstable, since softdep is already
supported by the module-init-tools in stable.
Ingo
--
Kennedy's Lemma:
If you can parse Perl, you can solve the Halting Problem.
http://www.perlmonks.org/?node_id=663393
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#658337: [drupal7] DRUPAL-SA-CORE-2012-001 - Security Update for Drupal 6+7
-client| 9.1+128 dbconfig-common | 1.8.47+nmu1 curl | 7.24.0-1 Recommends(Version) | Installed ===-+-=== mysql-server| OR postgresql | 9.1+128 Package's Suggests field is empty. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#646675: out of nowhere?
On 26.10.2011 09:01, Holger Levsen wrote: I use roundcube with suhosin, but not 0.6 yet. What do you mean by out of nowhere? Ha! Just discovered: it's working again. BUT: when I used reportbug-ng this morning to report the bug, it started iceweasel - and I use iceweasel to sort my mails into folders. So when it started up it started filtering my mails and apparently filtered the mail in question out of the way. So, my best guess is: when you receive an email with an URL in the subject, this bug will hit you as well. -- Ciao... //Fon: 0381-2744150 . Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#646675: out of nowhere?
On Wed, Oct 26, 2011 at 09:01:07AM +0200, Holger Levsen wrote: I use roundcube with suhosin, but not 0.6 yet. What do you mean by out of nowhere? Well, I was at work, enjoying a working roundcube and reading my mails and then, as far as I remember, I reloaded the Inbox and it said Loading... and Loading... and Loading... all the time. This sometime happens because I'm behind a restrictive firewall and using a Apache mod-proxy forward from my dedicated server to my home server via VPN and from now and then the connection gets stalled. Usually I restart the involved apaches then and it usually is working again. But not yesterday. Then I made a dist-upgrade on my home server, but no improvement. I then looked into syslog and roundcube log and decided to postpone this issue when I'm back home to exclude any mod-proxy issues. When home again the problem still persisted even when using my home server locally. Dovecot imapd still works as tested with mail.app on OSX and mutt+iceweasel on Debian. The out of nowhere relates to my memorization that RC actually did work, but then suddenly stopped working without doing an upgrade first. But reading the trac issue on RC it might be that I received a mail with an URL in the Subject, which then caused RC to not work anymore: out of nowhere. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net Please don't share this address with Facebook or Google! gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#646675: out of nowhere?
On 26.10.2011 19:48, Vincent Bernat wrote: Ingo, you reported the bug against 0.6. Is it really the version that is affected by the problem? It seems already patched. Well, yes, I wrote the bug report on the same machine where RC is running. The message in question is most likely this one: To: debian-de...@lists.debian.org, webmast...@gnu.org Cc: Ivan Shmakov oneing...@gmail.com Subject: http://www.gnu.org/s/hello/manual/automake/ ? Message-ID: 86r521mn20.fsf...@gray.siamics.net At least that's the same URL in the subject line suhosin is complaining about. -- Ciao... //Fon: 0381-2744150 . Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#646675: out of nowhere?
Am 26.10.2011 um 22:40 schrieb Vincent Bernat: Now that the message is in another folder, you don't have the problem any more, even if you visit this folder? Does the problem comes back if you move the message to inbox? When I access my Debian-Devel folder the problem occurs in that folder. When I move it back to Inbox it happens there again... so, it's reproducible over here... -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#646675: [roundcube] RC doesn't load INBOX anymore - suhosin reports URL is not allowed
Package: roundcube
Version: 0.6+dfsg-1
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
--- Please enter the report below this line. ---
Hi!
Well, yesterday out of nothing my webmailer roundcube started to refuse
to work. At least as I remember it. For some reasons reloading the Inbox
just showed the Loading... message on the screen, but there was no
list of mails anymore. Funny enough other folders do actually work as
before. But anyway, doing an update did not help and improve anything.
(I really don't know whether I updated before or after because of the
first occurence of this issue.)
There's an entry in syslog when loading the Inbox folder:
Oct 26 07:24:59 muaddib suhosin[32432]: ALERT - Include filename
('http://www.gnu.org/s/hello/manual/automake/ ?.php') is an URL that is
not allowed (attacker '127.0.0.1', file
'/usr/share/roundcube/program/include/iniset.php', line 110
This lead to bug #1488086 in the Roundcube issue tracker which states:
This messages made me wonder why suhosin thinks there's an include
going on. Line 111 of iniset.php shows:
include_once($filename.php);
It seems like roundcube wants to include what is displayed in the
subject, which happens to be a url - and suhosin legitimately blocks
this attempt.
In short, I can send an email to a user on a suhosin protected mail
server and make his inbox unavailable. Needless to say, the user cannot
delete this email himself via RoundCube. In my case, I had to delete the
email file on the server to make roundcube show the inbox again.
In Debian there's bug #619411 that is related to PATH setting in
iniset.php, but I'm not sure if this is really related to #1488086 in
the Roundcube issue tracker and my problem? However, disabling suhosin
doesn't seem the right way to solve this issue and the trac issue
tracker suggests a security related problem.
Regards,
Ingo
--- System information. ---
Architecture: amd64
Kernel: Linux 3.0.0-2-amd64
Debian Release: wheezy/sid
500 unstablewww.debian-multimedia.org
500 unstableftp.de.debian.org
--- Package information. ---
Depends(Version) | Installed
-+-
roundcube-core(= 0.6+dfsg-1) | 0.6+dfsg-1
dbconfig-common | 1.8.47
debconf(= 0.5) | 1.5.41
OR debconf-2.0 |
ucf | 3.0025+nmu2
apache2 | 2.2.21-2
OR lighttpd |
OR httpd|
php5 | 5.3.8-2
php5-mcrypt | 5.3.8-2
php5-gd | 5.3.8-2
php5-intl| 5.3.8-2
php-mdb2 (= 2.5.0) | 2.5.0b2-1
php-auth | 1.6.2-1
php-net-smtp (= 1.4.2) | 1.6.0-1
php-net-socket | 1.0.9-2
php-mail-mime (= 1.8.0) | 1.8.0-2
php5-pspell | 5.3.8-2
tinymce (= 3) | 3.4.3.2+dfsg0-1
libjs-jquery (= 1.6.4) | 1.6.4-1
libmagic1| 5.09-2
roundcube-sqlite (= 0.6+dfsg-1) | 0.6+dfsg-1
OR roundcube-mysql (= 0.6+dfsg-1) | 0.6+dfsg-1
OR roundcube-pgsql (= 0.6+dfsg-1) | 0.6+dfsg-1
Package's Recommends field is empty.
Suggests (Version) | Installed
-+-===
php-auth-sasl (= 1.0.3) |
php-crypt-gpg|
roundcube-plugins|
--
Ciao...// Fon: 0381-2744150
Ingo \X/ http://blog.windfluechter.net
Please don't share this address with Facebook or Google!
gpg pubkey: http://www.juergensmann.de/ij_public_key.asc
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#626457: Bug#626450: Acknowledgement (lost /lib64 - /lib symlink on
In case you still have a root shell around (probably most people should have after apt-get just failed), call the linker directly to run ln: /lib/ld-linux-x86-64.so.2 /bin/ln -s /lib /lib64 Ingo -- And crawling On the planet's face Some insects Called the human race Lost in Time And lost in space And meaning -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#596926: [request-tracker3.8] Upgrading from rt 3.6 to rt 3.8 with Postgresql backend doesn't work
Package: request-tracker3.8
Severity: grave
--- Please enter the report below this line. ---
Hi!
Currently it is not possible to upgrade from rt 3.6 (Lenny) to rt 3.8
(Squeeze) when using PostgreSQL 8.3 as a backend.
Reason:
rt3.8-db-postgresql depends on meta-package postgresql-client, which
depends on postgresql-client-8.4. Currently the upgrade path from
PostgreSQL 8.3 to 8.4 is broken, see
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596678
So, to being able to upgrade I needed to edit debian/control. Instead of
Depends: ${misc:Depends}, libdbd-pg-perl (= 1.41),
postgresql-client (= 7.4)
Suggests: postgresql | postgresql (= 7.4)
I changed the lines to this:
Depends: ${misc:Depends}, libdbd-pg-perl (= 1.41),
postgresql-client-8.3 (= 7.4)
Suggests: postgresql-8.3 | postgresql (= 7.4)
Maybe the lines should include both postgresql-client and
postgresql-client-8.3 to ensure an upgrade path to rt 3.8 without
needing to upgrade from PostgreSQL 8.3 to 8.4 either?
Regards,
Ingo
--- System information. ---
Architecture: amd64
Kernel: Linux 2.6.32-5-amd64
Debian Release: squeeze/sid
500 unstablewww.debian-multimedia.org
500 unstableftp.de.debian.org
--- Package information. ---
Package's Depends field is empty.
Package's Recommends field is empty.
Package's Suggests field is empty.
--
Ciao...// Fon: 0381-2744150
Ingo \X/ http://blog.windfluechter.net
Please don't share this address with Facebook or Google!
gpg pubkey: http://www.juergensmann.de/ij_public_key.asc
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#581377: Processed: Re: Bug#581377: initramfs-tools: Multipath does not load correctly at boot time
Hi, I'm not really sure where i must apply the patch. A find for a rules file on my system gives me no result :( Best regards Ingo Guido Günther schrieb: tag 581377 +patch Thanks Hi, it seems the paths got messed up since the makefile checks for /lib64 which existed on the buildd. Does the attached patch fix your problem? Cheers, -- Guido P.S.: sorry I can't check myself but I won't be near an amd64 for quiet some time. -- Ingo Rauschenberg ingo.rauschenb...@cms.hu-berlin.de Humboldt-Universitaet zu Berlin, Computer- und Medienservice Unter den Linden 6, D-10099 Berlin Tel: +49(30)20932678 Fax: +49(30)20932704 smime.p7s Description: S/MIME Cryptographic Signature
Bug#571210: /usr/bin/command-not-found: crash on start
I have no idea how this happened. Did you update from an old version and How old is old? I installed squeeze on 2009-12-01. It was a fresh install, no upgrade. could you please run update-command-not-found? Now it works :) Ingo Kabus -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#571210: /usr/bin/command-not-found: crash on start
Package: command-not-found Version: 0.2.38-1 Severity: grave File: /usr/bin/command-not-found Justification: renders package unusable Every time command-not-found is started by typing a nonexistant command it crashes. The crash looks like this: i...@plug:~$ nonexistant_command Sorry, command-not-found has crashed! Please file a bug report for the command-not-found package, see http://www.debian.org/Bugs/Reporting for further information Please include the following information with the report: command-not-found version: 0.2.26 Python version: 2.5.5 final 0 Distributor ID: Debian Description:Debian GNU/Linux testing (squeeze) Release:testing Codename: squeeze Exception information: ':component:' Traceback (most recent call last): File /usr/share/command-not-found/CommandNotFound/util.py, line 43, in crash_guard callback() File /usr/lib/command-not-found, line 24, in main cnf = CommandNotFound(options.data_dir) File /usr/share/command-not-found/CommandNotFound/CommandNotFound.py, line 88, in __init__ self.programs.append(ProgramDatabase(os.path.sep.join([data_dir, self.programs_dir, filename]))) File /usr/share/command-not-found/CommandNotFound/CommandNotFound.py, line 49, in __init__ self.component = self.db.db[':component:'] KeyError: ':component:' -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: armel (armv5tel) Kernel: Linux 2.6.30-2-kirkwood Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages command-not-found depends on: ii apt-file 2.3.3 search for files within Debian pac ii lsb-release 3.2-23 Linux Standard Base version report ii python2.5.4-9An interactive high-level object-o ii python-gdbm 2.6.4-1GNU dbm database support for Pytho ii python-support1.0.6 automated rebuilding support for P command-not-found recommends no packages. command-not-found suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535435: [drupal6] SA-CORE-2009-007 - Drupal core - Multiple vulnerabilities
Package: drupal6 Severity: serious Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org --- Please enter the report below this line. --- Please upgrade Drupal6 because of the latest Drupal Core SA. Drupal5 seems to be affected as well. - http://drupal.org/drupal-6.13 - http://drupal.org/node/507572 Thanks! Ingo --- System information. --- Architecture: i386 Kernel: Linux 2.6.30-1-686 Debian Release: squeeze/sid 500 unstablewww.debian-multimedia.org 500 unstableftp2.de.debian.org --- Package information. --- Package's Depends field is empty. Package's Recommends field is empty. Package's Suggests field is empty. -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#513853: sagemath: wrong python dependency
Package: sagemath Version: 3.0.5dfsg-1 Followup-For: Bug #513853 Had the same problem and it went away after installing libsingular-dev. If /usr/lib/libsingular.so from that package is moved away, the crash reappears. Regards, ingo -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#513853: [sagemath] sage segfaults
Package: sagemath Version: 3.0.5dfsg-1 Followup-For: Bug #513853 oops, please ignore that subject line of the previous message. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#501635: [drupal5] SA-2008-060 - Drupal core - Multiple vulnerabilities
Package: drupal5 Severity: grave Tags: security X-Debbugs-CC: [EMAIL PROTECTED] --- Please enter the report below this line. --- Hi! See the Drupal SA-2008-060 for more details: SA-2008-060 - DRUPAL CORE - MULTIPLE VULNERABILITIES * Advisory ID: DRUPAL-SA-2008-060 * Project: Drupal core * Versions: 5.x and 6.x * Date: 2008-October-8 * Security risk: Critical * Exploitable from: Remote * Vulnerability: Multiple vulnerabilities DESCRIPTION Multiple vulnerabilities and weaknesses were discovered in Drupal. Thanks for your continous work on drupal5 and keeping pace with all those security updates in drupal! :-) Regards, Ingo --- System information. --- Architecture: powerpc Kernel: Linux 2.6.26.2 Debian Release: lenny/sid 500 unstableftp2.de.debian.org --- Package information. --- Depends (Version) | Installed ===-+-=== | -- Ciao...// Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#495122: drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047
Package: drupal5 Version: 5.9-1 Severity: grave Tags: security Justification: user security hole Drupal 5.9 suffers from several vulnerabilities (XSS). See http://drupal.org/node/295053 for more details. Please upload Drupal 5.10 soon. Thx! Regards, Ingo -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-xen-amd64 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages drupal5 depends on: ii apache2 2.2.3-4+etch5 Next generation, scalable, extenda ii apache2-mpm-prefork [http 2.2.3-4+etch5 Traditional model for Apache HTTPD ii curl 7.15.5-1etch1 Get a file from an HTTP, HTTPS, FT ii dbconfig-common 1.8.29+etch1 common framework for packaging dat ii debconf 1.5.11etch2Debian configuration management sy ii exim4-daemon-heavy [mail- 4.63-17exim MTA (v4) daemon with extended ii mysql-client 5.0.32-7etch6 mysql database client (meta packag ii mysql-client-5.0 [mysql-c 5.0.32-7etch6 mysql database client binaries ii php5 5.2.0-8+etch11 server-side, HTML-embedded scripti ii php5-gd 5.2.0-8+etch11 GD module for php5 ii php5-mysql5.2.0-8+etch11 MySQL module for php5 ii php5-pgsql5.2.0-8+etch11 PostgreSQL module for php5 ii wwwconfig-common 0.0.48 Debian web auto configuration Versions of packages drupal5 recommends: pn mysql-server | postgresql none (no description available) -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#481241: missing WML/GD.pm
Moin I think something in the makesystem is fubared, -0.3 had a fix to install wml_common/filepathconcert, the same has to be done for wml_common/GD, too. Fix attached. Ingo diff -u wml-2.0.11ds1/debian/rules wml-2.0.11ds1/debian/rules --- wml-2.0.11ds1/debian/rules +++ wml-2.0.11ds1/debian/rules @@ -47,6 +47,8 @@ $(MAKE) prefix=$(r)/usr mandir=$(r)/usr/share/man INSTALLDIRS=perl install cd wml_common/filepathconvert \ $(MAKE) DESTDIR=$(r) mandir=$(r)/usr/share/man INSTALLDIRS=perl install + cd wml_common/gd \ + $(MAKE) DESTDIR=$(r) mandir=$(r)/usr/share/man INSTALLDIRS=perl install dh_installdocs ANNOUNCE BUGREPORT COPYRIGHT COPYRIGHT.OTHER CREDITS \ MANIFEST NEWS README README.mp4h SUPPORT VERSION \ VERSION.HISTORY wml_contrib/ signature.asc Description: Digital signature
Bug#443068: #443068: xserver-xorg: crash in libpixman-1.so.0(pixman_image_composite)
recompiled libpixman with gcc 4.1 as suggested by other and this just works fine. regards, ingo sudo apt-get build-dep libpixman-1-0 apt-get source libpixman-1-0 cd pixman-0.9.5 export CC=gcc-4.1 dpkg-buildpackage -us -uc -b -rfakeroot sudo dpkg -i ../libpixman-1-0_0.9.5-1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391713: gaim crashes with sigfault in 0x300059fc in open_path () from /lib/ld.so.1
Package: gaim Version: 1:2.0.0+beta3.1-4 Severity: grave Justification: renders package unusable Hi! After one of my last upgrades in sid, gaim doesn't want to start anymore. I followed the crash instructions at http://gaim.sourceforge.net/gdb.php and here it is: - (no debugging symbols found) Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 805446336 (LWP 24639)] 0x300059fc in open_path () from /lib/ld.so.1 (gdb) bt full #0 0x300059fc in open_path () from /lib/ld.so.1 No symbol table info available. #1 0x30029734 in ?? () from /lib/ld.so.1 No symbol table info available. #2 0x3000a7c8 in openaux () from /lib/ld.so.1 No symbol table info available. #3 0x3000bb50 in _dl_catch_error () from /lib/ld.so.1 No symbol table info available. #4 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #5 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #6 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #7 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #8 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #9 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #10 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. ---Type return to continue, or q return to quit--- #11 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #12 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #13 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #14 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #15 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #16 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #17 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #18 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. #19 0x3000a9dc in _dl_map_object_deps () from /lib/ld.so.1 No symbol table info available. Previous frame inner to this frame (corrupt stack?) (gdb) - I don't know if this is ppc related or not... Regards, Ingo -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: LANG=en_US, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages gaim depends on: ii gaim-data 1:2.0.0+beta3.1-4 multi-protocol instant messaging c ii libao2 0.8.6-4 Cross Platform Audio Output Librar ii libaspell150.60.4-4 GNU Aspell spell-checker runtime l ii libatk1.0-01.12.3-1 The ATK accessibility toolkit ii libaudiofile0 0.2.6-6 Open-source version of SGI's audio ii libavahi-compat-howl0 0.6.14-1 Avahi Howl compatibility library ii libc6 2.3.6.ds1-5 GNU C Library: Shared libraries ii libcairo2 1.2.4-1 The Cairo 2D vector graphics libra ii libdbus-1-30.93-1simple interprocess messaging syst ii libdbus-glib-1-2 0.71-2simple interprocess messaging syst ii libfontconfig1 2.4.1-2 generic font configuration library ii libfreetype6 2.2.1-5 FreeType 2 font engine, shared lib ii libgadu3 1:1.7~rc2-1 Gadu-Gadu protocol library - runti ii libgcrypt111.2.3-2 LGPL Crypto library - runtime libr ii libglib2.0-0 2.12.4-1 The GLib library of C routines ii libgnutls131.4.4-1 the GNU TLS library - runtime libr ii libgtk2.0-02.8.20-2 The GTK+ graphical user interface ii libgtkspell0 2.0.10-3+b1 a spell-checking addon for GTK's T ii libice61:1.0.1-2 X11 Inter-Client Exchange library ii libmeanwhile1 1.0.2-2 open implementation of the Lotus S ii libpango1.0-0 1.14.5-1 Layout and rendering of internatio ii libperl5.8 5.8.8-6.1 Shared Perl library ii libpng12-0 1.2.8rel-5.2 PNG library - runtime ii libsm6 1:1.0.1-3 X11 Session Management library ii libstartup-notificatio 0.8-2 library for program launch feedbac ii libx11-6 2:1.0.0-9 X11 client-side library ii libxcursor11.1.7-4 X cursor management library ii libxext6 1:1.0.1-2 X11 miscellaneous extension librar ii libxfixes3 1:4.0.1-4 X11 miscellaneous 'fixes
Bug#380721: azureus: Azureus won't start, calls script from swt-3.1
Package: azureus Version: 2.4.0.2-3 Severity: grave Tags: patch Justification: renders package unusable -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 $ azureus /usr/bin/azureus: line 2: /usr/share/java-config/libswt-3.1-java: No such file or directory Please change line 2 of /usr/bin/azureus to call SWT-3._2_, instead of SWT-3.1: . /usr/share/java-config/libswt-3.2-java Ingo - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (800, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.7-schwan20060725 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages azureus depends on: ii libcommons-cli-java 1.0-8 API for working with the command l ii liblog4j1.2-java 1.2.13-1 Logging library for java ii libseda-java 3.0-3 the Staged Event-Driven Architectu ii libswt-gtk-3.2-java 3.2-1 Standard Widget Toolkit for GTK Ja ii sun-java5-jre [java2-runtime] 1.5.0-07-1 Sun Java(TM) Runtime Environment ( Versions of packages azureus recommends: pn java-package none (no description available) - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEzu0h4XrXtQkN2NURAoXPAKC5A1ug0OQtu3mYoD0Ga3oUST2QvwCeNuSW tr+2Br+Z573HSdqmoWC7RN0= =j37c -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#347423: #347423: evince: renders ECMA-6 PDF as featureless black pages
I tried building poppler with --disable-cairo-output, which fixes the pdf display bug. See Bug #349371 Ingo -- /* Why waste time? -- asuffield */ signature.asc Description: Digital signature
Bug#329039: mkisofs segfaults when creating isos
I can reproduce the problem, too. With -J segfault, without no segfault. My locales are set to LANG=de_DE.UTF8. I can also avoid the segfault setting LC_CTYPE to C or POSIX (ascii charset). Other supported charsets ([EMAIL PROTECTED]: ISO-8859-15 and de_DE: ISO-8859-1) also produce a segfault. So it seems the charset conversion in the joliet tree is broken. Another funny thing I noticed: $ ls -l foo bar -rw-r--r-- 1 ingo ingo 0 2005-09-19 23:14 bar -rw-r--r-- 1 ingo ingo 0 2005-09-19 23:14 foo $ mkisofs -J foo bar | wc Warning: creating filesystem with (nonstandard) Joliet extensions but without (standard) Rock Ridge extensions. It is highly recommended to add Rock Ridge INFO: UTF-8 character encoding detected by locale settings. Assuming UTF-8 encoded filenames on source filesystem, use -input-charset to override. 0 0 0 $ mkisofs -J foo | wc Warning: creating filesystem with (nonstandard) Joliet extensions but without (standard) Rock Ridge extensions. It is highly recommended to add Rock Ridge INFO: UTF-8 character encoding detected by locale settings. Assuming UTF-8 encoded filenames on source filesystem, use -input-charset to override. 0 0 32768 Both are aborting with an Segfault (remove the | wc). And the workaround: $ export LC_CTYPE=C $ mkisofs -J foo bar | wc Warning: creating filesystem with (nonstandard) Joliet extensions but without (standard) Rock Ridge extensions. It is highly recommended to add Rock Ridge Total translation table size: 0 Total rockridge attributes bytes: 0 Total directory bytes: 0 Path table size(bytes): 10 Max brk space used 21000 180 extents written (0 MB) 4 42 368640 Mail me if you need additional data from me. Ingo $ locale LANG=de_DE.UTF-8 LC_CTYPE=de_DE.UTF-8 LC_NUMERIC=de_DE.UTF-8 LC_TIME=de_DE.UTF-8 LC_COLLATE=de_DE.UTF-8 LC_MONETARY=de_DE.UTF-8 LC_MESSAGES=de_DE.UTF-8 LC_PAPER=de_DE.UTF-8 LC_NAME=de_DE.UTF-8 LC_ADDRESS=de_DE.UTF-8 LC_TELEPHONE=de_DE.UTF-8 LC_MEASUREMENT=de_DE.UTF-8 LC_IDENTIFICATION=de_DE.UTF-8 LC_ALL= signature.asc Description: Digital signature
Bug#327780: current gcc-4.0 is utterly useless on m68k
On Mon, Sep 12, 2005 at 09:28:30AM +0200, Matthias Klose wrote: that's unreproducible on crest/sid, although I can reproduce it on another machine with the very same versions of gcc-4.0 and libc6. So why not file it for libc6? What cpu type is that other machine? I assume that ska is a 040? The point of reassigning the report to an unknown package is to ask, if it's time to drop m68k from the release architectures or just set the severity of all m68k reports to wishlist. There's currently nobody interested in forwarding m68k related bug reports upstream and testing m68k compiler versions. There are at least six more unhandled m68k reports. My email from July (http://lists.debian.org/debian-release/2005/07/msg00069.html) is left unanswered, so I have to assume, that m68k isn't supported anymore and will start to downgrade all m68k related reports to a non-RC severity. Uhm? Unanswered? I thought Wouter and Adam step up to fill the gap? -- Ciao...//Fon: 0381-2744150 Ingo \X/ SIP: [EMAIL PROTECTED] gpg pubkey: http://www.juergensmann.de/ij/public_key.asc signature.asc Description: Digital signature
Bug#326856: sparc/sarge: perl leads to *** glibc detected *** double free or corruption (!prev): 0x00777898 ***
Package: perl Version: 5.8.7-3 Severity: critical Justification: breaks unrelated software When upgrading Perl this happens: Setting up uptimed (0.3.3-7) ... Starting uptime daemon: uptimed. *** glibc detected *** double free or corruption (!prev): 0x007778b8 *** dpkg: error processing uptimed (--configure): subprocess post-installation script killed by signal (Aborted) Setting up libslp1 (1.2.1-2) ... *** glibc detected *** double free or corruption (!prev): 0x007778b8 *** dpkg: error processing libslp1 (--configure): subprocess post-installation script killed by signal (Aborted) Setting up clamav-getfiles (0.5-1) ... EICAR Anti-Virus Test File downloaded and installed. *** glibc detected *** double free or corruption (!prev): 0x007778c0 *** dpkg: error processing clamav-getfiles (--configure): subprocess post-installation script killed by signal (Aborted) Setting up debsums (2.0.18) ... *** glibc detected *** double free or corruption (!prev): 0x007778b8 *** dpkg: error processing debsums (--configure): subprocess post-installation script killed by signal (Aborted) Setting up ntp (4.2.0a+stable-2) ... *** glibc detected *** double free or corruption (!prev): 0x007778c0 *** dpkg: error processing ntp (--configure): subprocess post-installation script killed by signal (Aborted) Setting up spamassassin (3.0.4-2) ... SpamAssassin Mail Filter Daemon: disabled, see /etc/default/spamassassin *** glibc detected *** double free or corruption (!prev): 0x007778c0 *** dpkg: error processing spamassassin (--configure): subprocess post-installation script killed by signal (Aborted) Setting up apache-common (1.3.33-7) ... *** glibc detected *** double free or corruption (!prev): 0x007778c0 *** dpkg: error processing apache-common (--configure): subprocess post-installation script killed by signal (Aborted) Setting up exim4-base (4.52-1) ... *** glibc detected *** double free or corruption (!prev): 0x007778c0 *** dpkg: error processing exim4-base (--configure): subprocess post-installation script killed by signal (Aborted) Setting up courier-base (0.47-8) ... *** glibc detected *** double free or corruption (!prev): 0x007778c0 *** dpkg: error processing courier-base (--configure): subprocess post-installation script killed by signal (Aborted) dpkg: dependency problems prevent configuration of courier-authdaemon: courier-authdaemon depends on courier-base (= 0.47); however: Package courier-base is not configured yet. dpkg: error processing courier-authdaemon (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of exim4-daemon-heavy: exim4-daemon-heavy depends on exim4-base (= 4.52); however: Package exim4-base is not configured yet. dpkg: error processing exim4-daemon-heavy (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of ntp-server: ntp-server depends on ntp; however: Package ntp is not configured yet. dpkg: error processing ntp-server (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of mailx: mailx depends on exim4 | mail-transport-agent; however: Package exim4 is not installed. Package mail-transport-agent is not installed. Package exim4-daemon-heavy which provides mail-transport-agent is not configured yet. dpkg: error processing mailx (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of courier-imap: courier-imap depends on exim4 | mail-transport-agent; however: Package exim4 is not installed. Package mail-transport-agent is not installed. Package exim4-daemon-heavy which provides mail-transport-agent is not configured yet. courier-imap depends on courier-base (= 0.47); however: Package courier-base is not configured yet. With an older version, there's no glibc problem with perl. Regards Ingo -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (900, 'testing') Architecture: sparc (sparc64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.27-1-sparc64 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages perl depends on: ii libc6 2.3.5-6GNU C Library: Shared libraries an ii libdb4.2 4.2.52-18 Berkeley v4.2 Database Libraries [ ii libgdbm3 1.8.3-2GNU dbm database routines (runtime ii perl-base 5.8.7-3The Pathologically Eclectic Rubbis ii perl-modules 5.8.7-3Core Perl modules Versions of packages perl recommends: pn perl-doc none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323140: earth3d: Failure to start
Package: earth3d Version: 1.0.2-2 Severity: grave Justification: renders package unusable -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 $ earth3d registered plane size: 1 registered sphere size: 2 PATH: /usr/bin Unable to resolve Xmu symbols - please check your Xmu library installation. $ The strace shows it searches for libXmu.so, and fails to do so in /usr/X11R6/lib. 1. It is linked against libXmu.so.6, so why does it try to open it again? 2. Loading libXmu.so will fail if it points to another ABI version of the library, please open the library by its soname (libXmu.so.6). 3. The .so link is in the -dev package, which is, being not a dependency, not guaranteed to be intalled. But don't depend on it; see 2. Ingo - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (800, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12.3-schwan20050805 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages earth3d depends on: ii libc6 2.3.5-3GNU C Library: Shared libraries an ii libgcc1 1:4.0.1-4 GCC support library ii libglu1-xorg [libglu1]6.8.2.dfsg.1-5 Mesa OpenGL utility library [X.Org ii libpng12-01.2.8rel-1 PNG library - runtime ii libqt3-mt 3:3.3.4-7 Qt GUI Library (Threaded runtime v ii libstdc++64.0.1-4The GNU Standard C++ Library v3 ii libx11-6 6.8.2.dfsg.1-5 X Window System protocol client li ii libxext6 6.8.2.dfsg.1-5 X Window System miscellaneous exte ii libxmu6 6.8.2.dfsg.1-5 X Window System miscellaneous util ii xlibmesa-gl [libgl1] 6.8.2.dfsg.1-5 Mesa 3D graphics library [X.Org] ii xlibs 6.8.2.dfsg.1-5 X Window System client libraries m earth3d recommends no packages. - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFC/9Bx4XrXtQkN2NURAhW7AJ9LIDLZ50z8LND4d4htVK8VDF3VoACfbe+N a1ru3gT3qgSgaFHoPnkmCsc= =wzf4 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#321071: gaim: Gaim segfaults when syncing buddy list
Package: gaim Version: 1:1.4.0-3 Severity: grave Justification: renders package unusable scar: BOS rights: Max permit = 350 / Max deny = 350 server: allowing NOP oscar: buddy list loaded oscar: ssi rights: max type 0x=700, max type 0x0001=61, max type 0x0002=350, max type 0x0003=350, max type 0x0004=1, max type 0x0005=1, max type 0x0006=150, max type 0x0007=12, max type 0x0008=12, max type 0x0009=0, max type 0x000a=50, max type 0x000b=50, max type 0x000c=0, max type 0x000d=0, max type 0x000e=0, max type 0x000f=0, max type 0x0010=0, max type 0x0011=1, max type 0x0012=0, max type 0x0013=0, max type 0x0014=15, max type 0x0015=1, max type 0x0016=40, max type 0x0017=1, max type 0x0018=10, max type 0x0019=200, oscar: ssi: syncing local list and server list free(): invalid pointer 0x1028f2c0! Gaim has segfaulted and attempted to dump a core file. This is a bug in the software and has happened through no fault of your own. This happens on PPC and i386. Regards, Ingo -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11 Locale: LANG=en_US, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages gaim depends on: ii gaim-data 1:1.4.0-3 multi-protocol instant messaging c ii libao20.8.6-1Cross Platform Audio Output Librar ii libaspell15c2 0.60.3-5 GNU Aspell spell-checker runtime l ii libatk1.0-0 1.10.1-2 The ATK accessibility toolkit ii libaudiofile0 0.2.6-6Open-source version of SGI's audio ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libgcrypt11 1.2.1-4LGPL Crypto library - runtime libr ii libglib2.0-0 2.6.6-1The GLib library of C routines ii libgnutls11 1.0.16-13.1GNU TLS library - runtime library ii libgtk2.0-0 2.6.8-1The GTK+ graphical user interface ii libgtkspell0 2.0.10-3 a spell-checking addon for GTK's T ii libice6 6.8.2.dfsg.1-4 Inter-Client Exchange library ii libpango1.0-0 1.8.2-1Layout and rendering of internatio ii libsm66.8.2.dfsg.1-4 X Window System Session Management ii libstartup-notification0 0.8-1 library for program launch feedbac ii libx11-6 6.8.2.dfsg.1-4 X Window System protocol client li ii libxext6 6.8.2.dfsg.1-4 X Window System miscellaneous exte ii xlibs 6.8.2.dfsg.1-4 X Window System client libraries m gaim recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#300834: python2.3-libxml2: not purgeing cleanly breaks other programs
Package: python2.3-libxml2 Version: 2.6.16-3 Severity: critical Justification: breaks unrelated software -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I installed python2.3-libxml2 as a dependency package and removed it again sometime later. I also use straw as a rss reader an suddenly it failed to fetch new data after a restart (see below). But straw was still working in a clean sid chroot, so I dug... It seems, python2.3-libxml2 does not bytecompile its files in /usr/lib/python2.3/site-packages on its own, but somehow I got bytecompiled files (*.pyc and *.pyo for every *.py file), probably due to a python update which recompiled everything. These files were left over on the package purge causing straw to hiccup. Please read the Debian Python Policy, especially 2.5 Modules Bytecompilation how to correctly bytecompile and clean up: http://www.debian.org/doc/packaging-manuals/python-policy/ch-module_packages.html#s-bytecompilation Straw was displaying the errormessage 'module' object has no attribute 'create_parser' in the gui and the following Traceback on the console it was started at: PollManager.py:195:http_results: exception in summaryparser Traceback (most recent call last): File /usr/lib/straw/straw/PollManager.py, line 193, in http_results parsed = straw.SummaryParser.parse(data, self._feed) File /usr/lib/straw/straw/SummaryParser.py, line 47, in parse parsed_content = feedparser.parse(content) File /usr/lib/straw/straw/feedparser.py, line 2152, in parse saxparser = xml.sax.make_parser(PREFERRED_XML_PARSERS) File /usr/lib/python2.3/xml/sax/__init__.py, line 81, in make_parser return _create_parser(parser_name) File /usr/lib/python2.3/xml/sax/__init__.py, line 106, in _create_parser return drv_module.create_parser() AttributeError: 'module' object has no attribute 'create_parser' Ingo - -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (800, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11-schwan20050302 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages python2.3-libxml2 depends on: ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libxml2 2.6.16-3 GNOME XML library ii python2.3 2.3.5-1 An interactive high-level object-o -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCP7ew4XrXtQkN2NURAoL2AKCkM5TMWml0D5CUrbcYv7HvgyYIXQCeJ0LF SlHc9WV/+AsscB5T8IpvnFQ= =SKtk -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
