Bug#1066313: fixed upstream

[micah anderson]

These issues are fixed upstream in main, but there is not a release.

The fix is in commit 1171bf2fd4e7a0cab02cf5fca59090b65af9cd29.

Clément would you pull that fix into the package to resolve this FTBFS?

Bug#982969:

[micah]

user debian-rele...@lists.debian.org
usertags 982969 + bsp-2021-03-ca-montreal
thank you

Bug#938737: u1db: Python2 removal in sid/bullseye

[micah anderson]

Moritz Mühlenhoff  writes:

> On Fri, Aug 30, 2019 at 07:57:06AM +, Matthias Klose wrote:
>> Package: src:u1db
>> Version: 13.10-6.4
>> Severity: normal
>> Tags: sid bullseye
>> User: debian-pyt...@lists.debian.org
>> Usertags: py2removal
>> 
>> Python2 becomes end-of-live upstream, and Debian aims to remove
>> Python2 from the distribution, as discussed in
>> https://lists.debian.org/debian-python/2019/07/msg00080.html
>> 
>> Your package either build-depends, depends on Python2, or uses Python2
>> in the autopkg tests.  Please stop using Python2, and fix this issue
>> by one of the following actions.
>
> Hi Micah,
> per Wikipedia the Ubuntu One cloud storage has been shut down many years
> ago, should this simply be removed?

We were not using it for Ubuntu One cloud storage, but instead as its
more generic use case as "a cross-platform, cross-device, syncable
database API", which we modified to have client-side encrypted database
replicas and documents.

However, it is not being used any longer, and should simply be removed.

-- 
micah

Bug#895381: Severity

[micah anderson]

Hello Sergio,

I'm reviewing bugs that are currently release critical at our local bug
squashing party, and I stumbled on yours.

I'm not disputing this bug exists, I'm just trying to determine why it
is you set the severity to "Serious". As you are probably aware, this
severity indicates that this is a sever violation of Debian policy
(violates a "must" or "required" directive), or in the package
maintainer's opinion, makes the package unsuitable for release.

Can you specify what part of debian policy this issue makes this bug
severity "Serious"?

Thanks!

-- 
micah

Bug#892340: Status of upload?

[micah anderson]

Hello Marc,

I'm checking up on RC bugs, because we are working on a Bug Squashing
Party here.

Back in November, you were saying you were going to combine this fix
with a bump of upstream's version:

> I was planning to combine this with an update from upstream.

I'm wondering if you are planning on doing this soon? If you aren't,
maybe we could upload the package with the fix?

-- 
    micah

Bug#888236: Fixed upstream

[Micah Lee]

This bug has been fixed upstream in the torbrowser-launcher 0.2.9 release:

https://github.com/micahflee/torbrowser-launcher/releases/tag/v0.2.9

Bug#859927: Works, uploaded to DELAYED-3

[micah anderson]

That fix works, I've done a NMU fixed package and uploaded it to
DELAYED-3.

Micah

Bug#859927: Confirmed

[micah anderson]

I've confirmed this bug, as reported:

I installed lighttpd:

The following NEW packages will be installed:
  lighttpd spawn-fcgi
0 upgraded, 2 newly installed, 0 to remove and 326 not upgraded.
Need to get 299 kB of archives.
After this operation, 1,019 kB of additional disk space will be used.
Do you want to continue? [Y/n] 
Get:1 http://httpredir.debian.org/debian sid/main amd64 lighttpd amd64 1.4.45-1 
[284 kB]
Get:2 http://httpredir.debian.org/debian sid/main amd64 spawn-fcgi amd64 
1.6.4-1+b1 [14.9 kB]
Fetched 299 kB in 1s (194 kB/s)  
Selecting previously unselected package lighttpd.
(Reading database ... 206019 files and directories currently installed.)
Preparing to unpack .../lighttpd_1.4.45-1_amd64.deb ...
Unpacking lighttpd (1.4.45-1) ...
Selecting previously unselected package spawn-fcgi.
Preparing to unpack .../spawn-fcgi_1.6.4-1+b1_amd64.deb ...
Unpacking spawn-fcgi (1.6.4-1+b1) ...
Setting up spawn-fcgi (1.6.4-1+b1) ...
Setting up lighttpd (1.4.45-1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/lighttpd.service → 
/lib/systemd/system/lighttpd.service.
Processing triggers for systemd (232-20) ...
Processing triggers for man-db (2.7.6.1-2) ...

and confirmed it is running:

root@reeds:/home/micah/debian/lighttpd-1.4.45# ps auxw |grep lighttpd
www-data  2129  0.0  0.0  58924  5452 ?Ss   15:03   0:00 
/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
root  4119  0.0  0.0  12788   956 pts/3S+   15:03   0:00 grep lighttpd

I enabled the module as described in the bug:

root@reeds:/home/micah/debian/lighttpd-1.4.45# lighttpd-enable-mod fastcgi-php
Met dependency: fastcgi
Enabling fastcgi-php: ok
Enabling fastcgi: ok
Run "service lighttpd force-reload" to enable changes
root@reeds:/home/micah/debian/lighttpd-1.4.45# service lighttpd force-reload

and now lighttpd is not running:

root@reeds:/home/micah/debian/lighttpd-1.4.45# ps auxw |grep lighttpd
root  4223  0.0  0.0  12788   980 pts/3S+   15:04   0:00 grep lighttpd

I will attempt to apply the patch and see if it works.

micah

Bug#817521: libapache-mod-removeip: Removal of debhelper compat 4

[micah anderson]

Hello,

intrigeri <intrig...@debian.org> writes:

> Hi Micah,
>
> Adrian Bunk:
>> Can you anyway NMU this package?
>
>> The alternative is that it will get removed from stretch soon.
>
> Well, it's not a goal of mine to include as many packages in Stretch
> as possible. So I really don't want to be the one who decides that
> a given package will be part of a Debian stable release, if its
> maintainers are not ready to support it there; in this case, I see
> little indication that they are. (And backports are always an option
> anyway :)
>
> Micah, what do you think? If you're ready to support the package in
> Stretch, I'm happy to give some one-shot help by NMU'ing it over the
> week-end.

It would be great if the package could continue to be in
Stretch.

Unfortunately, I have not been able to address this issue, and would be
very happy if you could NMU the work you did to fix this issue!

micah


signature.asc
Description: PGP signature

Bug#848766: reel: FTBFS: ERROR: Test "ruby2.3" failed: Failure/Error: response = http.request(request)

[micah anderson]

Antonio Terceiro <terce...@debian.org> writes:

>> Relevant part (hopefully):
>> >  Failure/Error: response = http.request(request)
>> > 
>> >  OpenSSL::SSL::SSLError:
>> >SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert 
>> > unsupported certificate

Hmm, I built the reverse depends on ruby-certificate-authority and found
this failure in reel, and patched it in 0.6.1-3 to fix this error. I'm
surprised its back, that means something didn't go right with my patch.
I'll have a look at it.

> Micah, was there a specific reason to package an unreleased snapshot of
> ruby-certificate-authority? The changelog doesn't really say anything.

The last official upstream tagged release and gem publish was august
2012. The upstream author bumped the version to 2.0 in Sept. 2012, and
there have been a number of important fixes (including security) since
then. There is also a request in the github issue tracker for a new
release in May 2014, no response.

I spoke with the original packager (Sebastien Badia) about updating this
to the current master which fixes those issues, and he gave the go ahead
if we resolved all the reverse-deps.

micah

Bug#826664: My error

[micah]

I had the keyword 'metadata' in my Puppetfile, but I did not have a
metadata.json file. The error message made me think
librarian-puppet-simple was missing a dependency, but once I resolved
that, things work fine. Closing

micah

Bug#826664: librarian-puppet-simple: undefined local variable or method `metadata'

[micah]

Package: librarian-puppet-simple
Version: 0.0.5-2
Severity: grave
Justification: renders package unusable

Hi,

Thanks for packaging librarian-puppet-simple! Unfortunately, there seems to be 
some dependency missing because every command fails like this:

micah@muck:puppet$ librarian-puppet git_status
/usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:76:in `eval': 
undefined local variable or method `metadata' for 
# (NameError)
from /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:76:in 
`eval'
from /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:76:in 
`git_status'
from /usr/lib/ruby/vendor_ruby/thor/command.rb:27:in `run'
from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in 
`invoke_command'
from /usr/lib/ruby/vendor_ruby/thor.rb:359:in `dispatch'
from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:in `start'
from /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:25:in 
`bin!'
from /usr/bin/librarian-puppet:8:in `'
micah@muck:puppet1$

The only commands that work are 'help' and 'clean'.

micah


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages librarian-puppet-simple depends on:
ii  ruby1:2.3.0+4
ii  ruby-thor   0.19.1-2
ii  ruby2.1 [ruby-interpreter]  2.1.5-4
ii  ruby2.2 [ruby-interpreter]  2.2.4-1

librarian-puppet-simple recommends no packages.

librarian-puppet-simple suggests no packages.

-- no debconf information

Bug#818590: [pkg-otr-team] Bug#818590: irssi-plugin-otr: mismatching ABI version with current irssi

[micah]

Antoine Beaupré  writes:

>> Interestingly, the ABI version increased by one, but it needs one more
>> to get to '2'.
>
> That was the wrong URL, the proper one is:
>
> http://paste.anarc.at/otr/irssi-plugin-otr_1.0.1+f75eb26-1_amd64.deb
>
> sorry. you should use dget anyways to verify the signatures first:
>
> http://paste.anarc.at/otr/irssi-plugin-otr_1.0.1+f75eb26-1.dsc

Same result.

Bug#818590: [pkg-otr-team] Bug#818590: irssi-plugin-otr: mismatching ABI version with current irssi

[micah]

Antoine Beaupré <anar...@debian.org> writes:

> On 2016-03-27 15:40:23, micah wrote:
>> Antoine Beaupré <anar...@debian.org> writes:
>>
>>> But before anyone starts working on this now - i have what i think is a
>>> working package now here:
>>>
>>> http://paste.anarc.at/otr/
>>>
>>> It's been tested by a friend, but i would appreciate more
>>> testing. Waiting for an upstream release for a bit now to avoid
>>> packaging a snapshot.
>>
>> I tried this package today and when I did '/load otr', I would get this
>> in irssi:
>>
>> 15:38 -!- Irssi: otr/otr is ABI version 0 but Irssi is version 2, cannot load
>
> For the record, I have uploaded a new package there and I have had
> information from another user that it works. You may want to try again.
>
> http://paste.anarc.at/otr/irssi-plugin-otr-dbg_1.0.1+f75eb26-1_amd64.deb


I just grabbed that package and installed it, on my up-to-date sid
system, ran irssi and then did '/load otr', and I got:

18:36 -!- Irssi: otr/otr is ABI version 1 but Irssi is version 2, cannot load

Interestingly, the ABI version increased by one, but it needs one more
to get to '2'.

Bug#818590: [pkg-otr-team] Bug#818590: irssi-plugin-otr: mismatching ABI version with current irssi

[micah]

Antoine Beaupré <anar...@debian.org> writes:

> But before anyone starts working on this now - i have what i think is a
> working package now here:
>
> http://paste.anarc.at/otr/
>
> It's been tested by a friend, but i would appreciate more
> testing. Waiting for an upstream release for a bit now to avoid
> packaging a snapshot.

I tried this package today and when I did '/load otr', I would get this
in irssi:

15:38 -!- Irssi: otr/otr is ABI version 0 but Irssi is version 2, cannot load

micah

Bug#791752: puddletag: Puddletag crashes on start-up

[micah muer]

Package: puddletag
Version: 1.0.2-1
Followup-For: Bug #791752

Dear Maintainer,

Upstream has a one-line fix for this problem, about which more can be found 
here. https://github.com/keithgg/puddletag/issues/261

The problem stems from the recent upgrade to python-qt4 4.11.4.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.0.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages puddletag depends on:
ii  libjs-sphinxdoc   1.2.3+dfsg-1
ii  python2.7.9-1
ii  python-acoustid   1.1.0-3
ii  python-audioread  1.0.3-1
ii  python-configobj  5.0.6-2
ii  python-mutagen1.28-2
ii  python-pyparsing  2.0.3+dfsg1-1
ii  python-qt44.11.4+dfsg-1
ii  python-support1.0.15

Versions of packages puddletag recommends:
ii  libchromaprint-tools  1.2-1+b1
ii  python-musicbrainz2   0.7.4-1

Versions of packages puddletag suggests:
pn  quodlibet  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#793176: metview: FTBFS with magics++ 2.24.7

[Micah Gersten]

Package: metview
Version: 4.4.8+dfsg.1-8
Severity: serious
Tags: upstream
Justification: fails to build from source (but built successfully in the past)

There was a recent binNMU for the grib-api transition right before the new 
magics++ was uploaded.  metview now fails to build since one of the headers has 
apparently been removed:

g++ -DHAVE_CONFIG_H -I. -I../../src  -I/usr/include/magics  
-I/usr/include/hdf5/serial -I/usr/include/pango-1.0 -I/usr/include/cairo 
-I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include 
-I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng12
 -I/usr/include/qt4  -DQT_WEBKIT -DQT_NO_DEBUG -DQT_WEBKIT_LIB -DQT_SQL_LIB 
-DQT_XMLPATTERNS_LIB -DQT_XML_LIB -DQT_GUI_LIB -DQT_NETWORK_LIB -DQT_CORE_LIB 
-DQT_SHARED -I/usr/share/qt4/mkspecs/linux-g++-64 -I. -I/usr/include/qt4/QtCore 
-I/usr/include/qt4/QtNetwork -I/usr/incl
ude/qt4/QtGui -I/usr/include/qt4/QtXml -I/usr/include/qt4/QtXmlPatterns 
-I/usr/include/qt4/QtSql -I/usr/include/qt4/QtWebKit -I/usr/include/qt4 
-I/usr/include/qt4/QtHelp -I. -I.  -DNOMETVIEW_QT -DMETVIEW -I../libMetview 
-I../libUtil -I../libMars  -I../libFTimeUtil  -I/usr/i
nclude/terralib/kernel  -I/usr/include/freetype2 -I/usr/include 
-I/usr/X11R6/include -I/usr/local/include -I/usr/include/X11 -DMETVIEW_MOTIF 
-DLITTLE -DLITTLE_END -DH_INCLUDES_CC -DR64 -DREAL_8 -DREAL_BIGGER_THAN_INTEGER 
-DI32 -DMAGINT_IS_INT -DREAL_IS_DOUBLE  -O2  -fPIC  -
DUSE_NEW_IO -m64 -fPIC -fno-gnu-keywords -Wno-deprecated -Wno-write-strings 
-DMETVIEW_QT -DQT_NO_DEBUG_O
UTPUT -DSiteIsNotECMWF -DLITTLE -DLITTLE_END -DH_INCLUDES_CC -DR64 -DREAL_8 
-DREAL_BIGGER_THAN_INTEGER -DI32 -DMAGINT_IS_INT -DREAL_IS_DOUBLE -c -o 
bin_Reprojection-ReprojectService.o `test -f 'ReprojectService.cc' || echo 
'./'`ReprojectService.cc
ReprojectService.cc:14:27: fatal error: ImagePlotting.h: No such file or 
directory
 #include ImagePlotting.h
   ^
compilation terminated.
make[6]: *** [bin_Reprojection-ReprojectService.o] Error 1
Makefile:633: recipe for target 'bin_Reprojection-ReprojectService.o' failed
make[6]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src/Reprojection'
make[5]: *** [all] Error 2
Makefile:493: recipe for target 'all' failed
make[5]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src/Reprojection'
make[4]: *** [all-recursive] Error 1
Makefile:578: recipe for target 'all-recursive' failed
make[4]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src'
make[3]: *** [all] Error 2
Makefile:496: recipe for target 'all' failed
make[3]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src'
make[2]: *** [all-recursive] Error 1
Makefile:555: recipe for target 'all-recursive' failed
make[2]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1'
make[1]: *** [all] Error 2
Makefile:481: recipe for target 'all' failed
make[1]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1'
dh_auto_build: make -j1 returned exit code 2
make: *** [build-arch] Error 2
debian/rules:21: recipe for target 'build-arch' failed
dpkg-buildpackage: error: debian/rules build-arch gave error exit status 2


FWIW, Upstream version 4.5.5 claims [1] to be build against magics 2.24.7

Thanks in advance!

[1] https://software.ecmwf.int/wiki/display/METV/Version+4.5+Updates

-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-57-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#791752: puddletag: Puddletag crashes on start-up

[micah muer]

Package: puddletag
Version: 1.0.2-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Puddletag crashes when executed. When executed in a terminal, the following is 
printed:

puddletag Version: 1.0.2
Locale: en_US
Traceback (most recent call last):
  File /usr/bin/puddletag, line 247, in module
win = MainWin()
  File /usr/lib/pymodules/python2.7/puddlestuff/puddletag.py, line 315, in 
__init__
winactions, self._docks = create_tool_windows(self)
  File /usr/lib/pymodules/python2.7/puddlestuff/puddletag.py, line 92, in 
create_tool_windows
p = PuddleDock(z[0], z[1], parent, status)
  File /usr/lib/pymodules/python2.7/puddlestuff/puddleobjects.py, line 2170, 
in __init__
control = control(status=status)
  File /usr/lib/pymodules/python2.7/puddlestuff/mainwin/artwork.py, line 61, 
in __init__
self.picwidget = PicWidget()
  File /usr/lib/pymodules/python2.7/puddlestuff/puddleobjects.py, line 1511, 
in __init__
self.label = ArtworkLabel()
  File /usr/lib/pymodules/python2.7/puddlestuff/puddleobjects.py, line 1402, 
in __init__
pal.setBrush(self.backgroundRole(), QBrush(QPalette.Window))
TypeError: QBrush(): argument 1 has unexpected type 'ColorRole'

-- System Information:
Debian Release: stretch/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages puddletag depends on:
ii  libjs-sphinxdoc   1.2.3+dfsg-1
ii  python2.7.9-1
ii  python-acoustid   1.1.0-3
ii  python-audioread  1.0.3-1
ii  python-configobj  5.0.6-1
ii  python-mutagen1.28-2
ii  python-pyparsing  2.0.3+dfsg1-1
ii  python-qt44.11.4+dfsg-1
ii  python-support1.0.15

Versions of packages puddletag recommends:
ii  libchromaprint-tools  1.2-1
ii  python-musicbrainz2   0.7.4-1

Versions of packages puddletag suggests:
pn  quodlibet  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#788761: postgis: FTBFS with maven-compiler-plugin 3.*

[Micah Gersten]

Package: postgis
Version: 2.1.7+dfsg-1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu wily ubuntu-patch

This package fails to build the architecture independent components with the 
newer maven-compiler-plugin.

*** /tmp/tmpvkk2E1/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Switch libmaven-compiler-plugin-java to libmaven-compiler-plugin-2.5-java
(Fixes FTBFS)
- update debian/control{,.in}


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-54-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru postgis-2.1.7+dfsg/debian/changelog postgis-2.1.7+dfsg/debian/changelog
diff -Nru postgis-2.1.7+dfsg/debian/control postgis-2.1.7+dfsg/debian/control
--- postgis-2.1.7+dfsg/debian/control	2015-05-01 13:44:01.0 -0500
+++ postgis-2.1.7+dfsg/debian/control	2015-06-14 14:43:57.0 -0500
@@ -17,7 +17,7 @@
 Build-Depends-Indep: default-jdk, openjdk-7-jdk | java7-sdk,
  libpostgresql-jdbc-java, fastjar, libjts-java (= 1.7), maven2,
  libmaven-clean-plugin-java, libmaven-jar-plugin-java,
- libsurefire-java, libmaven-compiler-plugin-java,
+ libsurefire-java, libmaven-compiler-plugin-2.5-java,
  libmaven-resources-plugin-java,
  libmaven-javadoc-plugin-java
 Standards-Version: 3.9.6
diff -Nru postgis-2.1.7+dfsg/debian/control.in postgis-2.1.7+dfsg/debian/control.in
--- postgis-2.1.7+dfsg/debian/control.in	2015-03-30 13:52:26.0 -0500
+++ postgis-2.1.7+dfsg/debian/control.in	2015-06-14 14:43:57.0 -0500
@@ -17,7 +17,7 @@
 Build-Depends-Indep: default-jdk, openjdk-7-jdk | java7-sdk,
  libpostgresql-jdbc-java, fastjar, libjts-java (= 1.7), maven2,
  libmaven-clean-plugin-java, libmaven-jar-plugin-java,
- libsurefire-java, libmaven-compiler-plugin-java,
+ libsurefire-java, libmaven-compiler-plugin-2.5-java,
  libmaven-resources-plugin-java,
  libmaven-javadoc-plugin-java
 Standards-Version: 3.9.6

Bug#761114: network-manager: erroneously removes externally provided routes

[Micah Anderson]

Package: network-manager
Version: 0.9.10.0-2
Severity: serious
Tags: patch
Justification: breaks unrelated software

Hello,

When using unrelated software, such as openvpn, that pushes default routes,
network-manager immediately (and incorrectly) removes that route. This is new
behavior in 0.9.10, it does not do this in previous versions.

I spent quite a bit of time debugging this issue with upstream NM people
on their IRC channel, in the end they came up with a patch that was
committed upstream in git with the following hash:
06703c1670d0f96834b268920b09792e22fdb4c4)

I tested this change, and it worked well for me, previously I uploaded a NMU,
with this patch, thinking that this was #755015, and it successfully fixed the
problem for me and others I know who are experiencing this issue. However, the
NMU was not acknowledged in -2, due to it being targeted for the incorrect bug
number.

Considering that this effectively breaks all OpenVPN setups (and other software
that modifies default routes) that are not using network-manager's built-in VPN
mechanisms, this seems to me a serious regression over previous versions. Seeing
as upstream has acknowledged this issue and provided a fix for it and that fix
has been tested and even migrated to testing, it seems to me appropriate to
cherry-pick the change in the package without waiting for the next major release
of NM. 

I'm happy to re-NMU this fix, this time with the right bug number. Attached is
the NMU diff (I'd only add the bug number to the changelog).

micah


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages network-manager depends on:
ii  adduser3.113+nmu3
ii  dbus   1.8.6-2
ii  init-system-helpers1.21
ii  isc-dhcp-client4.3.1-1
ii  libc6  2.19-10
ii  libdbus-1-31.8.6-2
ii  libdbus-glib-1-2   0.102-1
ii  libgcrypt111.5.4-3
ii  libglib2.0-0   2.40.0-5
ii  libgnutls-deb0-28  3.3.7-2
ii  libgudev-1.0-0 208-8
ii  libmm-glib01.2.0-1
ii  libndp01.4-1
ii  libnewt0.520.52.17-1
ii  libnl-3-2003.2.24-2
ii  libnl-genl-3-200   3.2.24-2
ii  libnl-route-3-200  3.2.24-2
ii  libnm-glib40.9.10.0-2
ii  libnm-util20.9.10.0-2
ii  libpam-systemd 208-8
ii  libpolkit-gobject-1-0  0.105-6.1
ii  libreadline6   6.3-8
ii  libsoup2.4-1   2.46.0-2
ii  libsystemd-daemon0 208-8
ii  libsystemd-login0  208-8
ii  libteamdctl0   1.12-1
ii  libuuid1   2.20.1-5.8
ii  lsb-base   4.1+Debian13
ii  policykit-10.105-6.1
ii  udev   208-8
ii  wpasupplicant  1.1-1

Versions of packages network-manager recommends:
ii  crda  3.13-1
ii  dnsmasq-base  2.71-1
ii  iptables  1.4.21-2
ii  modemmanager  1.2.0-1
ii  ppp   2.4.6-2

Versions of packages network-manager suggests:
ii  avahi-autoipd  0.6.31-4
pn  libteam-utils  none

-- Configuration Files:
/etc/NetworkManager/NetworkManager.conf changed:
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=false
[logging]


-- no debconf information
diff -Nru network-manager-0.9.10.0/debian/changelog network-manager-0.9.10.0/debian/changelog
--- network-manager-0.9.10.0/debian/changelog	2014-07-10 00:49:54.0 -0400
+++ network-manager-0.9.10.0/debian/changelog	2014-08-11 12:37:33.0 -0400
@@ -1,3 +1,11 @@
+network-manager (0.9.10.0-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Pull patch from upstream to fix checks for default
+routes
+
+ -- Micah Anderson mi...@debian.org  Mon, 11 Aug 2014 12:08:31 -0400
+
 network-manager (0.9.10.0-2) unstable; urgency=medium
 
   * New upstream release.
diff -Nru network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes
--- network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes	1969-12-31 19:00:00.0 -0500
+++ network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes	2014-08-11 12:37:08.0 -0400
@@ -0,0 +1,83 @@
+Index: network-manager-0.9.10.0/src/nm-ip4-config.c
+===
+--- network-manager-0.9.10.0.orig/src/nm-ip4-config.c	2014-07-03 20:44:19.0 -0400
 network-manager-0.9.10.0/src/nm-ip4-config.c	2014-07-29 19:42:06.965378158 -0400
+@@ -198,7 +198,7 @@
+ 	for (i = 0; i  priv-routes-len; i++) {
+ 		const NMPlatformIP4Route *route = g_array_index (priv-routes, NMPlatformIP4Route, i);
+ 
+-		if (route-network == 0) {
++		if (NM_PLATFORM_IP_ROUTE_IS_DEFAULT (route)) {
+ 			if (route-metric

Bug#760308: onionshare uses http only and thus should not be released with jessie

[Micah Lee]

All Tor hidden services (any website that's accessed through a .onion
domain) are automatically end-to-end encrypted.

In the case of OnionShare, the crypto key lives in
/tmp/onionshare_XXX/private_key. The .onion URL address itself is a
fingerprint of the key, which lets the Tor network look up the public
key and start an encrypted session.

So as long as you transmit the OnionShare URL successfully, the
recipient who loads it in Tor Browser gets an end-to-end encrypted
session with the server.

Using HTTPS on top of this could be an option too actually, but the
certificates would all have to be self-signed so users would have to
click through the error. And the encryption would be redundant (though
not necessarily a bad idea -- defense in depth, in case Tor gets badly
broken in ways we can't foresee or something).

-- 
Micah Lee


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#758318: FTBFS: missing build-depends: sp

[Micah Anderson]

Package: bird
Version: 1.4.4-1
Severity: serious
Tags: patch
Justification: Fails to build from source

Hello,

The bird package currently fails to build from source because during the pdf
generation phase it cannot find /usr/bin/nsgmls. Simply adding the 'sp' package
to the build-depends makes it work again. The attached patch shows this. I'm
happy to upload this as a NMU if it would help you.

make[2]: Entering directory '/home/micah/debian/bird-1.4.4/doc'
/home/micah/debian/bird-1.4.4/tools/progdoc /home/micah/debian/bird-1.4.4
/Doc
/doc/Doc
prog-intro.sgml
/nest/Doc
rt-fib.c
rt-table.c
Warning(551): Function parameter 'before_old' not described in 'rte_announce'
Warning(1446): Function parameter 'tab' not described in 'rt_prune_table'
rt-attr.c
proto.sgml
proto.c
Warning(731): Function parameter 'UNUSED' not described in 
'graceful_restart_done'
proto-hooks.c
Warning(161): Function parameter 'buflen' not described in 'get_attr'
iface.c
neighbor.c
Warning(352): Function parameter 'a' not described in 'neigh_ifa_update'
cli.c
locks.c
/conf/Doc
conf.c
cf-lex.l
Warning(561): Function parameter 'c' not described in 'cf_lex_init'
/filter/Doc
filter.c
tree.c
trie.c
Warning(84): Function parameter 'lp' not described in 'f_new_trie'
/proto/Doc
/proto/bfd/Doc
bfd.c
/proto/bgp/Doc
bgp.c
Warning(729): Function parameter 'UNUSED' not described in 
'bgp_incoming_connection'
packets.c
attrs.c
/proto/ospf/Doc
ospf.c
topology.c
Warning(1610): Function parameter 'pool' not described in 'ospf_top_new'
neighbor.c
iface.c
packet.c
lsalib.c
dbdes.c
rt.c
/proto/pipe/Doc
pipe.c
/proto/rip/Doc
rip.c
auth.c
/proto/radv/Doc
radv.c
packets.c
/proto/static/Doc
static.c
../nest/rt-dev.c
/sysdep/Doc
sysdep.sgml
/sysdep/unix/Doc
log.c
Warning(106): Function parameter 'buf' not described in 'log_commit'
krt.c
/lib/Doc
ip.c ipv4.c ipv6.c
lists.c
checksum.c bitops.c patmatch.c printf.c xmalloc.c
resource.sgml
resource.c
mempool.c
slab.c
event.c
../sysdep/unix/io.c
Warning(454): Function parameter 'fmt_spec' not described in 
'tm_format_datetime'
./sgml2html prog.sgml
Processing file prog.sgml
sh: 1: /usr/bin/nsgmls: not found
./sgml2latex --output=tex prog.sgml
Processing file prog.sgml
sh: 1: /usr/bin/nsgmls: not found
pdflatex prog.tex
This is pdfTeX, Version 3.14159265-2.6-1.40.15 (TeX Live 2014/Debian) 
(preloaded format=pdflatex)
 restricted \write18 enabled.
entering extended mode
! I can't find file `prog.tex'.
* prog.tex

(Press Enter to retry, or Control-D to exit)
Please type another input file name: 

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bird depends on:
ii  adduser   3.113+nmu3
ii  libc6 2.19-7
ii  libreadline6  6.3-8
ii  libtinfo5 5.9+20140712-2

bird recommends no packages.

Versions of packages bird suggests:
ii  bird-doc  1.4.4-1
diff --git a/debian/changelog b/debian/changelog
index f8b69d0..0f662e4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+bird (1.4.4-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add sp package to Build-depends to provide missing /usr/bin/nsgmls
+fixing FTBFS 
+
+ -- Micah Anderson mi...@debian.org  Sat, 16 Aug 2014 15:45:29 -0400
+
 bird (1.4.4-1) unstable; urgency=medium
 
   * New upstream version 1.4.4
diff --git a/debian/control b/debian/control
index 5d10ec6..27c3bd8 100644
--- a/debian/control
+++ b/debian/control
@@ -12,7 +12,7 @@ Build-Depends: quilt,
 	   autotools-dev,
 	   xsltproc,
 	   docbook-xsl,
-	   linuxdoc-tools-latex
+	   linuxdoc-tools-latex, sp
 Maintainer: Ondřej Surý ond...@debian.org
 Standards-Version: 3.9.5
 Vcs-Browser: http://git.debian.org/?p=users/ondrej/bird.git

Bug#757627: [Pkg-anonymity-tools] Bug#757627: Bug#757627: Download error: Download Error: 404 Not Found class '__main__.DownloadErrorException'

[Micah Lee]

On 08/10/2014 06:30 AM, intrigeri wrote:
 https://lists.torproject.org/pipermail/tor-qa/2014-August/000439.html
 
 (Maybe some of the torbrowser-launcher package maintainers should read
 that low-volume list?)

Good idea, I'll subscribe.

The main upstream bug is at [1]. But there are a couple things going on
here.

The format of the RecommendedTBBVersions file [2] keeps changing
(upstream bug [3]). It was only listing stable releases for a long time,
and then with this next release it started listing alphas again.

And TBL has been checking TBB releases against Mike Perry's key using
the file sha256sums.txt-mikeperry.asc, but the new releases don't have
that file, only sha256sums.txt.asc and Erinn Clark's key. Which means
that debian bug [4] and upstream bug [5] look like they're not possible,
until we get clarity from the Tor devs.

I'm preparing an upstream release to fix this. But I'm also at an
airport and my plane is already boarding, so if there isn't wifi on the
plane I might not be able to get to it until late tonight.

[1] https://github.com/micahflee/torbrowser-launcher/issues/120
[2] https://check.torproject.org/RecommendedTBBVersions
[3] https://github.com/micahflee/torbrowser-launcher/issues/63
[4] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756194
[5] https://github.com/micahflee/torbrowser-launcher/issues/113

-- 
Micah Lee



signature.asc
Description: OpenPGP digital signature

Bug#755684: torbrowser-launcher: cannot launch the Tor Browser

[Micah Lee]

On 07/30/2014 09:00 PM, Paul Wise wrote:
 The bug has already been closed as torbrowser-launcher works now:
 
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755684#61

In jessie it's still broken for me. With everything updated, this is
what happens when I run torbrowser-launcher:

micah@debian:~$ rm -rf .torbrowser/
micah@debian:~$ torbrowser-launcher
/usr/lib/python2.7/dist-packages/twisted/internet/_sslverify.py:184:
UserWarning: You do not have the service_identity module installed.
Please install it from https://pypi.python.org/pypi/service_identity.
Without the service_identity module and a recent enough pyOpenSSL
tosupport it, Twisted can perform only rudimentary TLS client
hostnameverification.  Many valid certificate/hostname mappings may be
rejected.
  verifyHostname, VerificationError = _selectVerifyImplementation()
Tor Browser Launcher
By Micah Lee, licensed under GPLv3
version 0.1.0
https://github.com/micahflee/torbrowser-launcher
Initializing Tor Browser Launcher
Warning: can't load mirrors from
/usr/local/share/torbrowser-launcher/mirrors.txt
Creating GnuPG homedir /home/micah/.torbrowser/gnupg_homedir
Importing keys
gpg: keyring `/home/micah/.torbrowser/gnupg_homedir/secring.gpg' created
gpg: keyring `/home/micah/.torbrowser/gnupg_homedir/pubring.gpg' created
gpg: /home/micah/.torbrowser/gnupg_homedir/trustdb.gpg: trustdb created
gpg: key 63FEE659: public key Erinn Clark er...@torproject.org imported
gpg: key C5AA446D: public key Sebastian Hahn m...@sebastianhahn.net
imported
gpg: key 4279F297: public key Alexandre Allaire
alexandre.alla...@mail.mcgill.ca imported
gpg: key 683686CC: public key Mike Perry (Regular use key)
mikepe...@torproject.org imported
gpg: Total number processed: 4
gpg:   imported: 4  (RSA: 4)
gpg: no ultimately trusted keys found
Starting launcher dialog
Checking for update
Running task: download_update_check
Downloading https://check.torproject.org/RecommendedTBBVersions
Download error: [twisted.python.failure.Failure class
'twisted.internet._sslverify.SimpleVerificationError'] class
'twisted.web._newclient.ResponseNeverReceived'
Running task: attempt_update
Checking to see if update is needed

-- 
Micah Lee



signature.asc
Description: OpenPGP digital signature

Bug#755684: torbrowser-launcher: cannot launch the Tor Browser

[Micah Lee]

On 07/31/2014 11:37 AM, Holger Levsen wrote:
 that bug is not yet fixed in jessie yet, the fixed package will migrate 
 tomorrow. or did you use the package from sid on jessie?

Oh alright, good to hear. I used the package from jessie, not sid. I'll
try again tomorrow.

-- 
Micah Lee



signature.asc
Description: OpenPGP digital signature

Bug#755684: torbrowser-launcher: cannot launch the Tor Browser

[Micah Lee]

I've created an upstream bug:
https://github.com/micahflee/torbrowser-launcher/issues/116

I just installed sid in a VM and installed the torbrowser-launcher
package, and it runs fine without this problem. So this appears to be a
Debian packaging issue then that will be resolved when certain packages
make their way from sid into jessie, right?

Is there anything I can do to help fix it on my end?

-- 
Micah Lee


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#753138: u1db: FTBFS - Could NOT find JSON

[micah]

Hello,

Michael Tautschnig m...@debian.org writes:

 Package: u1db
 Version: 13.10-2
 Severity: serious
 Usertags: goto-cc

 Thanks a lot for fixing the pkg-config error. Yet during another rebuild in a
 clean sid chroot (using cowbuilder and pbuilder) the build failed again, with
 the following error.

 [...]
 -- Found PkgConfig: /usr/bin/pkg-config (found version 0.28)
 -- checking for module 'oauth'
 --   found oauth, version 1.0.1
 -- Found OAuth: /usr/lib/x86_64-linux-gnu/liboauth.so
 -- checking for module 'json'
 --   package 'json' not found
 CMake Error at 
 /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:108 
 (message):
   Could NOT find JSON (missing: JSON_LIBRARY JSON_INCLUDE_DIR)
 Call Stack (most recent call first):
   /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:315 
 (_FPHSA_FAILURE_MESSAGE)
   cmake/Modules/FindJSON.cmake:27 (find_package_handle_standard_args)
   CMakeLists.txt:28 (find_package)


 -- Configuring incomplete, errors occurred!
 See also 
 /srv/jenkins-slave/workspace/sid-goto-cc-u1db/u1db-13.10/obj-x86_64-linux-gnu/CMakeFiles/CMakeOutput.log.
 dh_auto_configure: cmake .. -DCMAKE_INSTALL_PREFIX=/usr 
 -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_BUILD_TYPE=None -DBUILD_SHARED_LIBS=1 
 -DLIB_SUFFIX=/x86_64-linux-gnu returned exit code 1
 debian/rules:10: recipe for target 'override_dh_auto_configure' failed
 make[1]: *** [override_dh_auto_configure] Error 2

It looks like the attempt at moving to libjson-c-dev from libjson0-dev
didn't work with cmake. I had libjson0-dev still installed in my
environment, when I removed it, I also got this error.

I've been trying to wrap my head around what needs to be done to make
this work. I've pushed the changes I've made so far to get a ways down
the road, but I've still got an issue with the linker wanting to use
-ljson instead of -ljson-c and so it fails to find the json library at
link time. 

I'm pretty green on cmake, but I've pushed what I've done so far to the
repository, if anyone wants to take a look at it.

I am a little puzzled by this entire adventure - isn't json-c a totally
different library from json? Is switching to json-c really the right
thing to be doing here?

micah


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#752275: torbrowser-launcher: several possible/probably security issues

[Micah Lee]

are expliticly checked for, and will fail with an error message saying:

Something is wrong. The version of Tor Browser Bundle you have
installed is newer than the current version?

See:
https://github.com/micahflee/torbrowser-launcher/blob/master/torbrowser-launcher#L629

 Since thes are signed with valid keys (but AFIACS with no valid from/through
 information) the downloader will just happily accept them.
 I'm not sure, but I guess it doesn't help if you download things via https.
 Another issue are blocking attacks... when no connection can be made at all
 to the tor download servers, will it start the currently downloaded version
 of the bundle or will it simply fail? In case it doesn't fail, it could
 again be used to trick people into using software with known security
 deficiencies.

It simply fails. An attacker that can block access to
https://check.torproject.org/ can prevent torbrowser-launcher from
launching the browser. The settings do letter people try using different
mirrors, however, so if https://www.torproject.org/ is blocked they can
still download a new version, and it will still have its signature verified.

 Such downloader packages are quite danerous per se,... as it's very
 tricky to really securely do it.
 Usually the best way is to hard code a secure hash (i.e. not MD5) of
 the upstream package which is currently considered secure... every time
 a new upstream version comes out, a new downloader package should come
 out as well with a new hash,...so that people regularly (via the package
 management system) notice about [security] updates.

I considered this at first, but new versions of TBB come out so
frequently that this would be quite a lot of work to maintain. I also
doubt that it would be as secure. There would be a window of time when
Tor Project releases an updated TBB where torbrowser-bundle users won't
be able to download the latest version because the update is working its
way through the Debian pipeline.

 Cheers,
 Chris.
 
 
 btw:
 Apart from that... I've always wondered how secure something like
 torbrowser bundle can be... per se, they will always lag a bit behind
 FF with security updates,... and FF in turn already has enough security
 issues.

The Tor devs seem to be very much on top of this. I don't think TBB lags
behind more than 24 hours when there are Firefox security bugs that
affect it.

 btw2: Since torbrowser-launcher is probably usually launched as
 normal user, I marked this as user security hole only.
 But given that torbrowser-launcher will typically be run on
 desktops/notebooks... successfully attacking that user is usually
 equivalent to root exploit (the attacker could simply wait for
 the user to sudo/su to root and keylog his password).
 So actually severity is IMHO critical.

I think in order to successfully attack torbrowser-launcher to run
arbitrary code as the desktop user you would need:

1) One of the Tor dev signing keys that's included
2) The secret SSL key for https://www.torproject.org/ (unless the user
is using a mirror)
3) Either be in a position to MITM the user, or have owned Tor's web server

To do this same attack against a normally Debian system you only need:

1) The Debian repository signing key
2) Either be in a position to MITM the user, or have owned the repo's
web server

I agree that having Tor Browser proper, directly from the Tor project,
in Debian would be better than using torbrowser-launcher. But
unfortunately this is a massive undertaking that would involve doing
some wonky things (like adding an iceweasel-src package to the binary
repo, so that Tor Browser could apply its extra Firefox patches). In the
end, torbrowser-launcher turns out to be by far the most elegant solution.

Here's the bug: https://trac.torproject.org/projects/tor/ticket/3994

Without torbrowser-launcher, when Debian users want to use Tor Browser
they'll visit https://www.torproject.org/ and download it. Most users
probably won't verify the gpg signature, and they'll just trust the CA
system that their download wasn't attacked. They'll have to open a
terminal and manually run the start-tor-browser script because there's
no application launcher. There also won't be any auto-updating, so when
they're browser is out of date they'll either just use an insecure
version of Tor Browser, or they'll repeat the same steps to download and
install it again without verifying the signature or pinning the
torproject.org cert.

Of course, it's possible for Debian users to manually do all of the
things that torbrowser-launcher automatically does, assuming they
already know exactly which cert torproject.org uses, and assuming they
have the correct TBB signing key (both things that are difficult to get
right if you're under an active CA attack, and aren't connected to the
Tor dev's keys in the web of trust, or don't know what the web of trust is).

-- 
Micah Lee


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact

Bug#740802: [Secure-testing-team] Bug#740802: stunnel4: CVE-2014-0016

[micah]

Moritz Muehlenhoff j...@inutil.org writes:

 Package: stunnel4
 Severity: grave
 Tags: security
 Justification: user security hole

 Hi,
 please see http://article.gmane.org/gmane.comp.security.oss.general/12283

According to that post:

Mitigations implemented into openssl-0.9.8j (2009) makes the
vulnerability not exploitable in stock openssl. The signing code for
ECDSA and DSA explicitly seeds the pool with the digest to sign.

Squeeze is at openssl 0.9.8o-4squeeze14, I presume that this would have
this fix?

micah


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#737149: CVE-2014-1691: Remote code execution in horde 5.1.1

[Micah Anderson]

Package: horde3
Version: 3.3.8+debian0-2
Severity: serious
Tags: security
Justification: security issue

Hello,

As detailed on the debian security tracker[0] and reported on oss-sec[1] and 
assigned CVE 2014-1691, there is a remote code execution bug in horde affecting 
all versions from at least horde 3.1.x to 5.1.1.

That includes squeeze... I've got a patch that applies to the horde3 package in 
squeeze that resolves this issue, please find it attached[2]... I've built and 
tested these packages on Squeeze in an active environment. I am not certain 
where this particular code is used, so I wasn't sure if I was able to test 
exactly that code path.

If you would like, I can provide a package for squeeze for a DSA.

Micah

0. https://security-tracker.debian.org/tracker/CVE-2014-1691
1. http://seclists.org/oss-sec/2014/q1/153
2. 
https://gist.github.com/pietro/8712454/raw/b03bc5ecb7ec1f1f778b867ecd6d9d142d0ddaf7/gistfile1.diff

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages horde3 depends on:
ii  apache2  2.4.7-1
ii  apache2-bin [httpd]  2.4.7-1
ii  libapache2-mod-php5  5.5.8+dfsg-3
ii  libjs-scriptaculous  1.9.0-2
ii  php-log  1.12.7-1
ii  php-mail 1.2.0-5
ii  php-mail-mime1.8.8-1
ii  php5-gd  5.5.8+dfsg-3
ii  php5-mcrypt  5.5.8+dfsg-3

Versions of packages horde3 recommends:
pn  fckeditor  none
ii  locales2.17-97
ii  logrotate  3.8.7-1
pn  php-date   none
ii  php-db 1.7.14-2
pn  php-file   none
ii  php-mdb2   2.5.0b5-1
pn  php-mdb2-driver-mysql | php-mdb2-driver-pgsql | php-mdb2-driv  none
pn  php-services-weather   none
ii  php5-cli   5.5.8+dfsg-3
pn  php5-mysql | php5-pgsql | php5-ldapnone
pn  tinymce2 | tinymce none

Versions of packages horde3 suggests:
pn  chora2none
pn  enscript  none
ii  gettext   0.18.3.2-1
pn  gollemnone
pn  imp4  none
pn  kronolith2none
ii  libgeoip1 1.6.0-1
pn  libwpd-tools  none
pn  mnemo2none
pn  php-net-imap  none
pn  php5-auth-pam none
ii  php5-common [php5-mhash]  5.5.8+dfsg-3
pn  ppthtml   none
pn  rpm   none
pn  source-highlight  none
pn  turba2none
pn  unrtf none
pn  webcppnone
pn  wvnone
pn  xlhtmlnone

-- Configuration Files:
/etc/horde/horde3/.htaccess [Errno 13] Permission denied: 
u'/etc/horde/horde3/.htaccess'
/etc/horde/horde3/conf.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/conf.php'
/etc/horde/horde3/conf.xml [Errno 13] Permission denied: 
u'/etc/horde/horde3/conf.xml'
/etc/horde/horde3/hooks.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/hooks.php'
/etc/horde/horde3/mime_drivers.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/mime_drivers.php'
/etc/horde/horde3/motd.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/motd.php'
/etc/horde/horde3/nls.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/nls.php'
/etc/horde/horde3/prefs.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/prefs.php'
/etc/horde/horde3/registry.d/README [Errno 13] Permission denied: 
u'/etc/horde/horde3/registry.d/README'
/etc/horde/horde3/registry.php [Errno 13] Permission denied: 
u'/etc/horde/horde3/registry.php'

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#737149: CVE-2014-1691: Remote code execution in horde 5.1.1

[micah]

Moritz Mühlenhoff j...@inutil.org writes:

 On Thu, Jan 30, 2014 at 12:00:10PM -0500, Micah Anderson wrote:
 Package: horde3
 Version: 3.3.8+debian0-2
 Severity: serious
 Tags: security
 Justification: security issue
 
 Hello,
 
 As detailed on the debian security tracker[0] and reported on oss-sec[1] and 
 assigned CVE 2014-1691, there is a remote code execution bug in horde 
 affecting all versions from at least horde 3.1.x to 5.1.1.
 
 That includes squeeze... I've got a patch that applies to the horde3 package 
 in squeeze that resolves this issue, please find it attached[2]... I've 
 built and tested these packages on Squeeze in an active environment. I am 
 not certain where this particular code is used, so I wasn't sure if I was 
 able to test exactly that code path.
 
 If you would like, I can provide a package for squeeze for a DSA.

 2. 
 https://gist.github.com/pietro/8712454/raw/b03bc5ecb7ec1f1f778b867ecd6d9d142d0ddaf7/gistfile1.diff

 Yes, please upload a fixed oldstable package with the patch

Done.


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#731174: libscrypt: diff for NMU version 1-2.1

[micah]

David Prévot taf...@debian.org writes:

 tags 731174 + patch
 thanks

 Dear maintainer,

 I've prepared an NMU for libscrypt (versioned as 1-2.1) and
 uploaded it to DELAYED/5. Please feel free to tell me if I
 should delay it longer.

Thanks for the upload!

micah


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#728017: FTBFS: missing build dependencies

[Micah Gersten]

Package: genometools
Version: 1.5.1-1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch

A snippet from trying to rebuild in a clean sid chroot:
The following packages have unmet dependencies:
 sbuild-build-depends-genometools-dummy : Depends: liblua5.1-md5-dev but it is 
not installable
E: Unable to correct problems, you have held broken packages.

All these binary renames have occured in unstable.

Thanks!

*** /tmp/tmp8yZKNl/bug_body

In Ubuntu, the attached patch was applied to achieve the following:


  * Change some lua build dependencies to the reflect the renaming of lua
binaries due to lua policy
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.8.0-28-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru genometools-1.5.1/debian/changelog genometools-1.5.1/debian/changelog
diff -Nru genometools-1.5.1/debian/control genometools-1.5.1/debian/control
--- genometools-1.5.1/debian/control	2013-03-07 07:07:56.0 -0600
+++ genometools-1.5.1/debian/control	2013-10-27 11:48:39.0 -0500
@@ -4,8 +4,8 @@
 Maintainer: Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org
 Uploaders: Sascha Steinbiss steinb...@zbh.uni-hamburg.de
 Build-Depends: debhelper (= 9),
- liblua5.1-0-dev, liblua5.1-md5-dev, liblua5.1-filesystem-dev,
- liblua5.1-lpeg-dev, libcairo2-dev, zlib1g-dev, libbz2-dev, libexpat1-dev,
+ liblua5.1-0-dev, lua-md5-dev, lua-filesystem-dev,
+ lua-lpeg-dev, libcairo2-dev, zlib1g-dev, libbz2-dev, libexpat1-dev,
  libncurses5-dev, libsqlite3-dev, libbam-dev, libpango1.0-dev,
  texlive-latex-base, texlive-latex-extra, texlive-fonts-extra, latex-xcolor,
  texlive-fonts-recommended, python

Bug#722201: FTBFS: several errors

[Micah Gersten]

Package: zekr
Version: 1.1.0+repack-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

See 
https://launchpadlibrarian.net/144030976/buildlog_ubuntu-saucy-i386.zekr_1.1.0%2Brepack-1_FAILEDTOBUILD.txt.gz
I was able to reproduce a similar log in a sid amd64 chroot.
Thanks in advance.

-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.8.0-28-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#716909: Should be resolved

[Micah Anderson]

close 716909
thanks

I believe that I've resolved this, the following addresses are allowed
to send, if there is an additional ftp master email that needs to be
allowed, please let me know and I will add that:

d...@ftp-master.debian.org, debb...@bugs.debian.org,
debb...@busoni.debian.org, debian-bugs-d...@lists.debian.org,
f...@debian.org, instal...@ftp-master.debian.org,
nore...@release.debian.org, ow...@bugs.debian.org,
ow...@busoni.debian.org, ow...@packages.qa.debian.org,
p...@qa.debian.org,pabs q...@master.debian.org

micah


pgpGwp9mxXYPM.pgp
Description: PGP signature

Bug#721581: sigrok-cli: libsigrok and libsigrokdecode build dependencies should be unversioned

[Micah Gersten]

Package: sigrok-cli
Version: 0.4.0-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

rmadison -uqa -S -s unstable libsigrok libsigrokdecode
 libsigrok| 0.1.1-1| sid | source
 libsigrok| 0.2.0-2| sid | source
 libsigrok-dev| 0.2.0-2| sid | amd64, armhf, i386, ia64, mips, 
mipsel, powerpc, s390, s390x, sparc
 libsigrok0   | 0.1.1-1| sid | amd64, armel, armhf, i386, ia64, 
mips, mipsel, powerpc, s390, s390x, sparc
 libsigrok0-dev   | 0.1.1-1| sid | amd64, armel, armhf, i386, ia64, 
mips, mipsel, powerpc, s390, s390x, sparc
 libsigrok0-dev   | 0.2.0-2| sid | all
 libsigrok1   | 0.2.0-2| sid | amd64, armhf, i386, ia64, mips, 
mipsel, powerpc, s390, s390x, sparc
 libsigrokdecode  | 0.1.0-2| sid | source
 libsigrokdecode  | 0.2.0-2| sid | source
 libsigrokdecode-dev  | 0.2.0-2| sid | amd64, armel, armhf, i386, ia64, 
kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, sparc
 libsigrokdecode0 | 0.1.0-2+b1 | sid | amd64, armel, armhf, hurd-i386, 
i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, 
sparc
 libsigrokdecode0-dev | 0.1.0-2+b1 | sid | amd64, armel, armhf, hurd-i386, 
i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, 
sparc
 libsigrokdecode0-dev | 0.2.0-2| sid | all
 libsigrokdecode1 | 0.2.0-2| sid | amd64, armel, armhf, i386, ia64, 
kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, sparc


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.8.0-28-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#648160: util-vserver sponsorship request [was: Re: Bug#648160: util-vserver: wheezy vserver guests don't start]

[micah]

Hi Carlos!

A quick reply because I do not have very much time. I wanted to let you
know that I am happy to have a look and sponsor it, but I wont have time
until first week of Sept. 

Sorry I can't do it quicker, but I will!

micah

Carlos Alberto Lopez Perez clo...@igalia.com writes:

 Hi Micah!

 As we discussed some months ago, I would like to take care of the
 package util-vserver.


 I have migrated the repository to git [1], and I have prepared a new
 upload that fixes the this bug (#648160) as also #605473 and #586510

 This new upload sets me as the new maintainer of the package as we agreed.

 I did extensive testing and QA with this new package on some of my
 servers and looks everything OK. Now creating a new wheezy guest works
 without problems.

 I would thank you if you can review the upload and sponsor it, if it
 looks good enough for you. Otherwise let me know what should be fixed.

 The new upload is available at mentors.d.o [2], and the source package
 on the following dsc:

 http://mentors.debian.net/debian/pool/main/u/util-vserver/util-vserver_0.30.216-pre3038-1.dsc


 Thanks a lot !!


 Regards!
 


 [1] http://anonscm.debian.org/gitweb/?p=pkg-vserver/pkg-vserver.git
 [2] http://mentors.debian.net/package/util-vserver


pgp2jNJOlXxqx.pgp
Description: PGP signature

Bug#666864: libapache-mod-removeip: diff for NMU version 1.0b-5.1

[micah]

Hi Colin,

Colin Watson cjwat...@debian.org writes:

 I've prepared an NMU for libapache-mod-removeip (versioned as 1.0b-5.1)
 and uploaded it to DELAYED/2.  Please feel free to tell me if I should
 delay it longer.

Thanks for the patch and the upload. I'm on vacation at the moment, and
welcome the help!

micah


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#715429: alembic: FTBFS: Please drop build-dependency on python2.6-argparse

[Micah Gersten]

Package: alembic
Version: 0.4.2+ds-3
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu saucy ubuntu-patch

python2.6 was removed from unstable on July 1 [1] which makes your package no 
longer buildable.  An NMU (0.4.2+ds-2.1) was made earlier to account for this, 
but it appears to have been accidentally dropped.

Thanks!

[1] http://packages.qa.debian.org/p/python2.6/news/20130701T101238Z.html
[2] http://packages.qa.debian.org/a/alembic/news/20130516T124740Z.html

*** /tmp/tmpNuAD9s/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Drop build depends and suggests on python2.6-argparse as we don't have
python 2.6 anymore (This was also done as 0.4.2+ds-2.1 but seems to have
been accidentally dropped)
- update debian/control 


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-39-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru alembic-0.4.2+ds/debian/changelog alembic-0.4.2+ds/debian/changelog
diff -Nru alembic-0.4.2+ds/debian/control alembic-0.4.2+ds/debian/control
--- alembic-0.4.2+ds/debian/control	2013-05-10 21:48:46.0 -0500
+++ alembic-0.4.2+ds/debian/control	2013-07-08 21:46:53.0 -0500
@@ -9,14 +9,13 @@
 Homepage: http://www.bitbucket.org/zzzeek/alembic
 Build-Depends: debhelper (= 8), python-all, python-setuptools,
  python-nose, python-sqlalchemy, python-mako,
- python2.6-argparse, python-sphinx (= 1.0.7+dfsg)
+ python-sphinx (= 1.0.7+dfsg)
 
 Package: alembic
 Architecture: all
 Depends: ${misc:Depends}, ${python:Depends}, ${sphinxdoc:Depends},
  python-sqlalchemy, python-mako
 Recommends: python-pkg-resources
-Suggests: python2.6-argparse
 Description: lightweight database migration tool for SQLAlchemy
  Alembic is a new database migration tool, written by the author
  of SQLAlchemy. A migration tool offers the following functionality:

Bug#710163: CVE-2013-1629: Man in the middle possibility

[Micah Anderson]

Package: python-pip
Version: 1.1-3
Severity: serious
Tags: security
Justification: security

Hello,

It appears as if python-pip in Debian (all versions supported) suffers
from CVE-2013-1629. This CVE appears to still be reserved, but is
clearly described in a few places on the internet[0],[1].

A new version uploaded to sid would solve this problem there, but to
backport these issues to wheezy and squeeze may be a bit difficult.

Thanks,
micah


0. 
http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/
1. https://github.com/TheTorProject/ooni-backend/pull/1#discussion_r4084881

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages python-pip depends on:
ii  python2.7.3-5
ii  python-pkg-resources  0.6.37-1
ii  python-setuptools 0.6.37-1
ii  python2.6 2.6.8-2

Versions of packages python-pip recommends:
ii  build-essential  11.6
pn  python-dev-all   none

python-pip suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#710164: CVE-2013-1629: Man in the middle possibility

[Micah Anderson]

Package: python-virtualenv
Version: 1.7.1.2-2
Severity: serious
Tags: security
Justification: security

Hello,

It seems as if python-virtualenv embeds a copy of pip[0], and there is
a security issue with python-pip noted as CVE-2013-1629 which affects
squeeze and wheezy (it appears fixed in sid and jessie). This issue
currently is marked as 'reserved' by Mitre, but it is clearly defined
on the internet[1],[2].

Please coordinate with the debian security team to update this package
as soon as possible to resolve this issue. Please reference this CVE
and bug number in any changelog dealing with this problem.

Micah


0. This is in violation of debian policy '4.13 Convenience copies of
code' and should be fixed to depend on the version of python-pip in
the archive.

1.http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/
2. https://github.com/TheTorProject/ooni-backend/pull/1#discussion_r4084881

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#708992: u1db: FTBFS: Could NOT find JSON (missing: JSON_LIBRARY)

[micah]

Hi Aaron!

Aaron M. Ucko u...@debian.org writes:

 Source: u1db
 Version: 0.1.4-1
 Severity: serious
 Justification: fails to build from source

 Hi, Micah.

 Builds of u1db have been failing because libjson is multiarch-friendly:

   -- checking for module 'json'
   --   found json, version 0.11
   CMake Error at 
 /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:97 (MESSAGE):
 Could NOT find JSON (missing: JSON_LIBRARY)
   Call Stack (most recent call first):
 /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:288 
 (_FPHSA_FAILURE_MESSAGE)
 cmake/Modules/FindJSON.cmake:27 (find_package_handle_standard_args)
 CMakeLists.txt:28 (find_package)
   
   
   -- Configuring incomplete, errors occurred!

 Could you please fix cmake/modules/FindJSON.cmake to account for
 possible multiarch locations?

Thanks for reporting this. I see why it isn't happening, although my
multi-arch and cmake skills are not so great, so I'm trying to figure
out the right way to solve this. 

micah


pgpzA9ko_d9zO.pgp
Description: PGP signature

Bug#648160: util-vserver: wheezy vserver guests don't start

[micah]

Carlos Alberto Lopez Perez clo...@igalia.com writes:

 On 01/05/13 17:32, micah wrote:
 Carlos Alberto Lopez Perez clo...@igalia.com writes:
 
 On 28/04/13 02:50, micah wrote:
 I will happily sign for that. However I would like to migrate the
 package scm from svn to git. I have not experience packaging with svn
 and learning to do that now will be a backwards step IMHO.

 As I mentioned on IRC, I think that is a fantastic idea.

 If you can add my alioth user (clopez-guest) to the pkg-vserver project
 and create a new empty git repository on alioth for pkg-vserver I can
 take care of migrating the svn repository to git (I already have
 experience doing this kind of migrations) and uploading the result there
 for review.

 I added you to the group.


 Hi.

 I don't have permissions to create the git repository. I need you to
 either grant me admin permissions on the Alioth project or to enable the
 usage of git repository on Alioth.
 
 I added you as an admin in the alioth project. Let me know if that still
 doesn't work.
 
 micah
 
 Great!

 I just did the migration to git. Here is a summary of the steps I followed:

 1) I converted the repository from svn to git following the guide
 http://wiki.debian.org/Alioth/Git#Convert_a_SVN_Alioth_repository_to_Git

  - At the end I renamed the tags imported from the svn repository to
 svn/$tag instead of debian/$tag to allow in the following step importing
 all dsc(s) without overwriting tags.


 2) Then I imported all known debian releases.
  -  I got all dscs [1] from snapshoot d.o and imported them [2]


 I uploaded the repository to
 anonscm.debian.org/git/pkg-vserver/pkg-vserver.gitanonscm.debian.org/git/pkg-vserver/pkg-vserver.git



 Let me know if you find some problem or issue with what I did.

 Otherwise I will take this git repository as base to continue working
 from there.

Very nice, I just cloned it and it looks good to work with!

micah


pgpQwbMdGABd6.pgp
Description: PGP signature

Bug#648160: util-vserver: wheezy vserver guests don't start

[micah]

Carlos Alberto Lopez Perez clo...@igalia.com writes:

 On 28/04/13 02:50, micah wrote:
 I will happily sign for that. However I would like to migrate the
 package scm from svn to git. I have not experience packaging with svn
 and learning to do that now will be a backwards step IMHO.
 
 As I mentioned on IRC, I think that is a fantastic idea.
 
 If you can add my alioth user (clopez-guest) to the pkg-vserver project
 and create a new empty git repository on alioth for pkg-vserver I can
 take care of migrating the svn repository to git (I already have
 experience doing this kind of migrations) and uploading the result there
 for review.
 
 I added you to the group.
 

 Hi.

 I don't have permissions to create the git repository. I need you to
 either grant me admin permissions on the Alioth project or to enable the
 usage of git repository on Alioth.

I added you as an admin in the alioth project. Let me know if that still
doesn't work.

micah


pgpGHlHYQi1w9.pgp
Description: PGP signature

Bug#648160: util-vserver: wheezy vserver guests don't start

[micah]

Carlos Alberto Lopez Perez clo...@igalia.com writes:

 On 26/04/13 16:38, micah wrote:
 Carlos Alberto Lopez Perez clo...@igalia.com writes:
 I don't think this is an appropriate approach to deal with this problem.
 I rather would ask you to remove the package util-vserver from Debian
 sid completely than to have it in a broken state.
 
 Well, that is what I was planning on doing - removing it from
 sid. Without the kernel support available, I was thinking I will give up
 the package entirely. I used to provide kernel patch packages, but I am
 going to attempt to migrate away from Linux-Vservers now, even though I
 like them more than the current alternatives.
 

 I'm in the same situation. I use both Debian and linux-vserver daily.
 Debian removed support for the vserver kernel flavor on wheezy.

 So I have to choose between: migrating from linux-vserver to LXC/OpenVZ
 or building my own kernels.

 LXC is not yet production ready from a security perspective. A root user
 on a LXC container can do very nasty things to the host system.

 OpenVZ faces the same fate than linux-vserver. Support for it got
 removed from Debian, so I would end in the same situation that I'm right
 now with linux-vserver.

I agree. You also have the option of moving to kvm (if you have the CPU)
and to Xen, but of course those are different kinds of virtualization
options. 

I have heard that the security issues with lxc are being worked on and
should be resolved soon. Right now, I'm sort of betting that they will
before Squeeze security support ends :P

 So the most reasonable option for me is building my own kernels with the
 vserver patchset and wait until LXC becomes at least as secure as
 vserver is.
  
If you do this, it probably would benefit others if you made it
available!

 So, the question then becomes... would you like to maintain this package
 in Debian? It would be quite useful for people to have an active
 maintainer of the user-space utilities in Debian, in my opinon. However,
 I can no longer be that person. I would however be able to sponsor
 package uploads, if you, or someone else, would be interested and
 wanting to do that work.
 

 I will happily sign for that. However I would like to migrate the
 package scm from svn to git. I have not experience packaging with svn
 and learning to do that now will be a backwards step IMHO.

As I mentioned on IRC, I think that is a fantastic idea.

 If you can add my alioth user (clopez-guest) to the pkg-vserver project
 and create a new empty git repository on alioth for pkg-vserver I can
 take care of migrating the svn repository to git (I already have
 experience doing this kind of migrations) and uploading the result there
 for review.

I added you to the group.

I'll be clear - I was thinking that I would orphan this package, and had
been planning on doing so soon. Because of that, I had been planning
other work that was not including working on this any more. I'm happy to
stick around and provide help where I can, and would be happy to sponsor
your uploads, but I expect my contributions will be minimal.

micah


pgp1ogrJnI1gm.pgp
Description: PGP signature

Bug#648160: util-vserver: wheezy vserver guests don't start

[micah]

Carlos Alberto Lopez Perez clo...@igalia.com writes:

 On 25/04/13 20:23, micah wrote:
 
 Hi Carlos,
 
 Carlos Alberto Lopez Perez clo...@igalia.com writes:
 
 So please: update the package to a newer upstream version.
 
 util-vserver was removed from wheezy as was the kernel support. It is
 not surprising that this version doesn't work, it only worked with
 squeeze. At this stage, it will not be included in wheezy at all.
 

 I'm already aware of that. But that don't means that this should not be
 fixed on sid isn't it?

I'm sorry, I didn't realize you were trying this in sid. Yes, you are
right.

 If you are interested in doing work on the user-space utilities in
 Debian, or doing the work to provide the support in the kernel, it would
 be welcome.
 

 In this case, upgrading the package to the newer upstream version is
 quite easy.

 I could provide a .dsc with the changes required if you want, but I
 don't think I did nothing special about it. I just put the debian/
 directory of the old package on the new upstream tarball, updated the
 changelog and cleaned debian/patches/*

Yes, and testing it I guess helps.

There is a debian svn repository for util-vserver that would also need
to be updated (or moved to git and then updated).

 With your permission, I'd like to close this bug.
 

 I don't think this is an appropriate approach to deal with this problem.
 I rather would ask you to remove the package util-vserver from Debian
 sid completely than to have it in a broken state.

Well, that is what I was planning on doing - removing it from
sid. Without the kernel support available, I was thinking I will give up
the package entirely. I used to provide kernel patch packages, but I am
going to attempt to migrate away from Linux-Vservers now, even though I
like them more than the current alternatives.

So, the question then becomes... would you like to maintain this package
in Debian? It would be quite useful for people to have an active
maintainer of the user-space utilities in Debian, in my opinon. However,
I can no longer be that person. I would however be able to sponsor
package uploads, if you, or someone else, would be interested and
wanting to do that work.


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#648160: util-vserver: wheezy vserver guests don't start

[micah]

Hi Carlos,

Carlos Alberto Lopez Perez clo...@igalia.com writes:

 So please: update the package to a newer upstream version.

util-vserver was removed from wheezy as was the kernel support. It is
not surprising that this version doesn't work, it only worked with
squeeze. At this stage, it will not be included in wheezy at all.

If you are interested in doing work on the user-space utilities in
Debian, or doing the work to provide the support in the kernel, it would
be welcome.

With your permission, I'd like to close this bug.

Micah


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698294: [Pkg-puppet-devel] Bug#698294: Bug#698294: diff for NMU 2.7.18-2.1

[micah anderson]

Russ Allbery r...@debian.org writes:

 Anton Gladky gl...@debian.org writes:

 Ok, I canceled the upload.

 We cannot postpone Wheezy-release, waiting for every upstream's
 decision. If the solution works, why should not it be applied?
 Otherwise the package should be removed from testing.

The solution may work, but if upstream deems the code insufficient it
might be because of some very important reasons. For example, it might
make this specific situation work, but breaks other things, or only
works for one case, but not another, or many other possible reasons. 

For this issue, what caused this upstream was a fix for another issue,
and I am not sure that the proposed fix will cause the original issue to
re-appear, I dont want a regression for that issue to come up as a
result.

I don't think it is such a great idea to stuff something into the Debian
package that upstream has a problem with, it tends to make upstream
unhappy when they have to deal with the fact that it exists in the
Debian package for years. In particular I'm thinking of how great they
have been when security issues have come up and they've produced
backports of fixes for the versions that we carry. If their backports
aren't going to work because we decided to put in some code that they
didn't like in the first place, how do we deal with the security fix
then?

 The problem is mildly obscure (many Puppet manifests, including very
 complex and non-trivial ones, will never trigger this error condition) and
 absolutely does not warrant removing the package from testing.  In fact,
 I'm tempted to downgrade it to important again, although if there is a
 tested upstream fix, I'd be in favor of applying it for wheezy.

I have to agree with Russ, this is a kind of weird corner case.

micah


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698294: [Pkg-puppet-devel] Bug#698294: diff for NMU 2.7.18-2.1

[micah anderson]

Anton Gladky gl...@debian.org writes:

 Hi,

 I have rescheduled an upload for 15-days. Or you want me to cancel it
 completely?

 Anton

 On 03/01/2013 12:45 PM, Stig Sandbeck Mathisen wrote:
 
 That patch was marked as Code Insufficient in the upstream bug tracker
 two weeks ago at http://projects.puppetlabs.com/issues/7680#note-18
 
 Please delay it until this is resolved by upstream.

As far as I know, there is no 'DELAYED/until this is resolved by
upstream' queue :)

Uploading something that upstream has deemed insufficient code, even to
DELAYED-15 doesn't seem like the right thing to do, especially since
this places an arbitrary deadling on upstream.

I think it best to cancel this upload until we have a clear fix from
upstream.

I understand that this issue impacts you and you would like a
resolution, but I think that the right thing to do here is to speed up
that resolution with upstream. Figure out what it is that is
insufficient in the code and get that resolved. 

Once upstream is happy with the code, then we can look at what needs to
be done to get this into Debian.



pgpgaFlnG1M2t.pgp
Description: PGP signature

Bug#700350: dovecot-core: fails to upgrade from squeeze to bpo: Can't locate feature.pm in @INC

[micah anderson]

Marco Nenciarini mnen...@kcore.it writes:

 Il giorno 12/feb/2013, alle ore 17:16, Jaldhar H. Vyas ha scritto:
 
 
 Thanks for the patch but if the diagnosis is correct it seems it will not be 
 needed as -7 took out the perl code.  So backporting that should solve the 
 problem.  Unfortunately I am rather pressed for time right now and the other 
 dovecot maintainers even more so.  Micah can you take care of this?
 


 I can take care of backporting if it's ok for you all.

please go ahead, I'm quite busy until next week myself.

micah


pgpsI8C4nF_VL.pgp
Description: PGP signature

Bug#697498: FTBFS: pkg-php-tools (= 0.9) not available in unstable

[Micah Gersten]

Package: php-horde-test
Version: 2.1.0-2
Severity: serious
Justification: fails to build from source (but built successfully in the past)

This package cannot be built from source with just unstable enabled, 
pkg-php-tools 1.0 is in experimental only AFAICT.  I also didn't see 
pkg-php-tools in NEW, I apologize if I overlooked something.

-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-35-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697499: FTBFS: pkg-php-tools (= 1) not available in unstable

[Micah Gersten]

Package: php-horde-mail
Version: 2.0.3-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

This package cannot be built from source with just unstable enabled, 
pkg-php-tools 1 is in experimental only AFAICT.  I also didn't see 
pkg-php-tools in NEW, I apologize if I overlooked something.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-35-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697210: josm-plugins: Cannot build with version of josm in unstable

[Micah Gersten]

Package: josm-plugins
Version: 0.0.svn29007+ds1-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

The josm dependency was bumped to 5608, but 5576 is the latest version in 
unstable.

-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-35-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#681549: Still present in 1.2.0-3

[micah anderson]

Dane Elwell dane.elw...@ukfast.co.uk writes:

 This bug seems to still exist in CouchDB 1.2.0-3 update that was pushed out 
 recently in Wheezy.


 Setting up couchdb (1.2.0-3) ...
 Installing new version of config file /etc/init.d/couchdb ...
 Installing new version of config file /etc/logrotate.d/couchdb ...
 [] Starting database server: couchdbApache CouchDB needs write permission 
 on the PID file: /var/run/couchdb/couchdb.pid
  failed!
 invoke-rc.d: initscript couchdb, action start failed.
 dpkg: error processing couchdb (--configure):
  subprocess installed post-installation script returned error exit status 1
 Errors were encountered while processing:
  couchdb
 E: Sub-process /usr/bin/dpkg returned an error code (1)


I think this happens when you upgrade from 1.2.0-2, where the bad
ownership was, to 1.2.0-3 where it is fixed. If you install 1.2.0-3
directly, without ever having 1.2.0-2 installed, you no longer have the
problem.


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#681549: Unsuitable for release

[micah anderson]

severity 681549 serious
thanks

I'm marking this bug as serious (accidentally made it grave a minute
ago), bucause I believe that it makes the package unsuitable for
release, and the fix is trivial, so it should be able to be brought into
wheezy without issue.

The this issue renders the package uninstallable:

Starting database server: couchdbApache CouchDB needs write permission on the 
PID file: /var/run/couchdb/couchdb.pid
failed!
invoke-rc.d: initscript couchdb, action start failed.
dpkg: error processing couchdb (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing: couchdb
E: Sub-process /usr/bin/dpkg returned an error code (1)


-- 


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680235: debirf: wheezy minimal image segfaults during boot

[Micah Anderson]

Hi Lucas,

* Lucas Nussbaum lu...@lucas-nussbaum.net [2012-09-30 03:43-0400]:
 On 08/09/12 at 23:03 -0400, Daniel Kahn Gillmor wrote:
  Control: tags 680235 + unreproducible moreinfo
  
  Hi Lucas--
  
  On 07/04/2012 10:40 AM, Lucas Nussbaum wrote:
   I generate a wheezy 'minimal' image using debirf (running it as root,
   since running it as normal user fails).
   
   After generation, I try to boot it using:
   kvm -m 512 -kernel vmlinuz-3.2.0-2-amd64 -initrd 
   debirf-minimal_wheezy_3.2.0-2-amd64.cgz
   
   During boot, I get:
   [0.419335] rtc_cmos 00:01: RTC can wake from S4
   [0.419735] rtc_cmos 00:01: rtc core: registered rtc_cmos as rtc0
   [0.420093] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
   [0.420392] cpuidle: using governor ladder
   [0.420629] cpuidle: using governor menu
   [0.420987] TCP cubic registered
   [0.421230] NET: Registered protocol family 10
   [0.423396] Mobile IPv6
   [0.423606] NET: Registered protocol family 17
   [0.423868] Registering the dns_resolver key type
   [0.424263] registered taskstats version 1
   [0.424643] rtc_cmos 00:01: setting system clock to 2012-07-04 
   14:30:03 UTC (
   1341412203)
   [0.425109] Initializing network drop monitor service
   [0.426024] Freeing unused kernel memory: 572k freed
   [0.426406] Write protecting the kernel read-only data: 6144k
   [0.428208] Freeing unused kernel memory: 672k freed
   [0.430214] Freeing unused kernel memory: 684k freed
   [0.432194] init[31]: segfault at 57d71c ip 0044104d sp 
   7fff83ab1
   7f0 error 7 in sh[40+1b3000]
   Segmentation fault
   unpacking rootfs...
   [1.340047] Refined TSC clocksource calibration: 2793.734 MHz.
  
  i've been unable to reproduce this with existing versions, including
  0.33 (just uploaded to unstable).  Are you able to see this on other
  hardware?  do you still have the image you created available?  i'd be
  happy to take a look at it and try to dissect what's happening.
 
 Hi,
 
 I confirm that I can still reproduce this in wheezy using debirf 0.32.
 
 Using debirf 0.33 (only package that was updated when testing; same
 machine), it works fine both using the minimal.tgz example from debirf
 0.32, and the one from debirf 0.33.
 
 I've uploaded the broken image to
 http://blop.info/pub/vmlinuz-3.2.0-3-amd64
 http://blop.info/pub/debirf-minimal_wheezy_3.2.0-3-amd64.cgz
 
 To reproduce, boot with
 kvm -m 512 -kernel vmlinuz-3.2.0-3-amd64 -initrd 
 debirf-minimal_wheezy_3.2.0-3-amd64.cgz

I just downloaded your two files and did the kvm command that you provided and I
did not get the segfault, rather it booted up to this:

/proc/cmdline: No such file or directory

Debian GNU/Linux wheezy/sid (none) tty1

(none) login:

but otherwise, I do not get the segfault that you experience. The only
difference here is that I was running in Squeeze. Unfortunately, I could not
find a wheezy box with amd64 and kvm extensions. I'll ask around to see what I
can find.

micah



signature.asc
Description: Digital signature

Bug#685963: ruby-pgplot: dh_ruby FTBFS in sid

[Micah Gersten]

│
└──┘


Unpack source
─

dpkg-source: info: extracting ruby-pgplot in ruby-pgplot-0.1.3
dpkg-source: info: unpacking ruby-pgplot_0.1.3.orig.tar.gz
dpkg-source: info: unpacking ruby-pgplot_0.1.3-5.debian.tar.gz
dpkg-source: info: applying 
0001-Update-extconf-and-Add-support-for-Ruby-1.9.2.patch
dpkg-source: info: applying 0002-Fix-mkdoc-for-Ruby-1.9.2.patch
dpkg-source: info: applying 0003-Update-Cogen-for-Ruby1.9.2.patch
Sessions still open, not unmounting
Sessions still open, not unmounting

Check disc space


Sufficient free space for build
Sessions still open, not unmounting

User Environment


Sessions still open, not unmounting
HOME=/sbuild-nonexistent
LOGNAME=micah
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
SCHROOT_CHROOT_NAME=sid-amd64-shm
SCHROOT_COMMAND=env
SCHROOT_GID=1000
SCHROOT_GROUP=micah
SCHROOT_SESSION_ID=sid-amd64-shm-21672328-a63b-4496-b3e8-432eee9a07f7
SCHROOT_UID=1000
SCHROOT_USER=micah
SHELL=/bin/sh
TERM=xterm
USER=micah

dpkg-buildpackage
─

dpkg-buildpackage: source package ruby-pgplot
dpkg-buildpackage: source version 0.1.3-5
 dpkg-source --before-build ruby-pgplot-0.1.3
dpkg-buildpackage: host architecture amd64
 fakeroot debian/rules clean
dh clean --with ruby --buildsystem ruby
   dh_testdir -O--buildsystem=ruby
   debian/rules override_dh_auto_clean
make[1]: Entering directory `/«PKGBUILDDIR»'
dh_auto_clean
/usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting 
Encoding.default_external
  Entering dh_ruby --clean
  Leaving dh_ruby --clean
[ ! -f rb_pgplot.c ] || rm -f rb_pgplot.c
make[1]: Leaving directory `/«PKGBUILDDIR»'
   dh_clean -O--buildsystem=ruby
 debian/rules build-arch
dh build-arch --with ruby --buildsystem ruby
   dh_testdir -a -O--buildsystem=ruby
   dh_auto_configure -a -O--buildsystem=ruby
/usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting 
Encoding.default_external
   debian/rules override_dh_auto_build
make[1]: Entering directory `/«PKGBUILDDIR»'
dh_auto_build
/usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting 
Encoding.default_external
make[1]: Leaving directory `/«PKGBUILDDIR»'
   dh_auto_test -a -O--buildsystem=ruby
/usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting 
Encoding.default_external
 fakeroot debian/rules binary-arch
dh binary-arch --with ruby --buildsystem ruby
   dh_testroot -a -O--buildsystem=ruby
   dh_prep -a -O--buildsystem=ruby
   dh_installdirs -a -O--buildsystem=ruby
   dh_auto_install -a -O--buildsystem=ruby
/usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting 
Encoding.default_external
  Entering dh_ruby --install
Building extension for ruby1.8 ...
/usr/bin/ruby1.8 -I/usr/lib/ruby/vendor_ruby 
/usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb ruby-pgplot
/usr/lib/ruby/vendor_ruby/1.8/rubygems/ext/builder.rb:51:in `run': extconf 
failed: (Gem::InstallError)

/usr/bin/ruby1.8 extconf.rb
checking for cpgplot.h... yes
checking for narray.h... yes
checking for main() in -lgfortran... no
checking for main() in -lg77... no
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of
necessary libraries and/or headers.  Check the mkmf.log file for more
details.  You may need configuration options.

Provided configuration options:
--with-opt-dir
--without-opt-dir
--with-opt-include
--without-opt-include=${opt-dir}/include
--with-opt-lib
--without-opt-lib=${opt-dir}/lib
--with-make-prog
--without-make-prog
--srcdir=.
--curdir
--ruby=/usr/bin/ruby1.8
--with-x11-dir
--without-x11-dir
--with-x11-include
--without-x11-include=${x11-dir}/include
--with-x11-lib
--without-x11-lib=${x11-dir}/lib
--with-pgplot-dir
--without-pgplot-dir
--with-pgplot-include
--without-pgplot-include=${pgplot-dir}/include
--with-pgplot-lib
--without-pgplot-lib=${pgplot-dir}/lib
--with-sunws
--without-sunws
--with-gfortranlib
--without-gfortranlib
--with-g77lib
--without-g77lib
failed
from 
/usr/lib/ruby/vendor_ruby/1.8/rubygems/ext/ext_conf_builder.rb:16:in `build'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:62:in 
`build_and_install'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:61:in 
`chdir'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:61:in 
`build_and_install'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:75:in 
`build_all_extensions'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:72:in `each'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:72:in 
`build_all_extensions'
from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:88
/usr/bin/ruby1.8 extconf.rb
checking for cpgplot.h

Bug#681112: scratch missing depends on libgtk2.0-bin needed by postinst

[Micah Gersten]

Package: scratch
Severity: serious
Justification: Policy 7.2

The postinst uses gtk-update-icon-cache which is in libgtk2.0-bin, but there is 
no dependency.

-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise'), (100, 'precise-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-26-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#678072: [Pkg-puppet-devel] Bug#678072: puppet-lint: fails to run

[micah anderson]

Holger Levsen hol...@layer-acht.org writes:

 severity 678072 serious
 thanks

 On Dienstag, 19. Juni 2012, John Eikenberry wrote:
 Running puppet-lint fails every time, with or without any arguments.  This
 coincided with a recent change of ruby to default to 1.9.1 instead of 1.8.
 The puppet-common package, which puppet-lint depends on, doesn't include
 support for 1.9.1.

 as ruby will default to 1.9 in wheezy this will make the package completly 
 unusable, thus raising the severity.


According to: https://github.com/rodjek/puppet-lint/issues/103 - this
should work with 1.9.2, this patch doesn't appear in the debian package,
and looks pretty trivial. The reported issue seems to be pretty
different from what was reported in the upstream github though.

micah



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#675971: what should we be doing?

[micah anderson]

Is the situation that all users that are at 1.2.3-348 and older can
speak to each other and all users that are at 1.2.3-349 and greater can
speak to each other, but =349 cannot speak to =348 users?

If so, is the intended plan for everyone to bump up to =349?

If that is true, at the very least this warrants a NEWS entry.

micah
-- 




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: Unarchive: The problem still persists

[micah anderson]

Arno Töll a...@debian.org writes:

 Hi,

 On 24.05.2012 19:12, micah anderson wrote:
 Do you have a way of testing this? I've set up something that I believe
 should let the messages through based on the X-Loop header, but need to
 test that it is working.
 
 There was a mistake in what was done, but that has been fixed now.

 Well, basically I will reply to you through the BTS. If my message
 reaches you, the problem seems fixed (pretending you didn't whitelist me
 explicitly given I'm the only one to complain :).

It looks like this went through fine on my end. 

Shall we close the bug?

micah



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: Unarchive: The problem still persists

[micah anderson]

Arno Töll a...@debian.org writes:
 Hello,

 reopening the bug as the problem still persists.

Do you have a way of testing this? I've set up something that I believe
should let the messages through based on the X-Loop header, but need to
test that it is working.

micah



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: Unarchive: The problem still persists

[micah anderson]

micah anderson mi...@riseup.net writes:

 Arno Töll a...@debian.org writes:
 Hello,

 reopening the bug as the problem still persists.

 Do you have a way of testing this? I've set up something that I believe
 should let the messages through based on the X-Loop header, but need to
 test that it is working.

There was a mistake in what was done, but that has been fixed now.

micah



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: bug mail bounces

[micah anderson]

Stefan Fritsch s...@sfritsch.de writes:

 Hi,

 I think the problem is that you can't match on the Sender or From 
 headers, because those remain unmodified for BTS mail. But BTS mail 
 seems to have

 X-Loop: ow...@bugs.debian.org

 and

 X-Debian-PR-Source: name-of-source-package

 Maybe you can match on either of those.

I can't think of any mailing list software that allows for matching on
headers to allow messages to the list. 

Seeing as its not an uncommon scenario for group maintained packages to
use a mailing list for their communication, and receiving to the mailing
list bugs from the tracker is important, this restriction seems a
problem.




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#672893: security: private archives available to all

[Micah Anderson]

Package: sympa
Version: 6.0.1+dfsg-4
Severity: grave
Tags: security patch
Justification: user security hole

It is possible to open the archive management (arc_manage) page
for any list, even those set to only be available to members,
giving anyone the option to download the archive, or delete the
archive.

http://www.sympa.org/distribution/latest-stable/NEWS 

Patch for the version in stable:
https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympar1=6706r2=7358pathrev=7358

Please reference CVE-2012-2352 in any changelogs addressing this issue.

micah

System Information:
Debian Release: wheezy/sid
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: Unarchive: The problem still persists

[micah anderson]

On Sun, 06 May 2012 12:17:04 +0200, Arno Töll a...@debian.org wrote:
 Hi Micah,
 
 On 06.05.2012 06:13, micah anderson wrote:
  What address is not working? I looked around for a canonical list of
  role addresses that should accept emails, but I couldn't find one, so I
  gathered as many as I could and added them.
 
 Policy says in §3.3: The email address given in the Maintainer control
 field must accept [..] non-spam mail from the bug-tracking system.

Yes, I am aware of that policy section that lacks any specifics.

 However, you don't as you are dropping mail from people who contact you
 through the BTS (i.e. not over explicit carbon copies).

I'm afraid I don't understand what that means. How do people contact me
through the BTS? If its not through debb...@bugs.debian.org,
debb...@busoni.debian.org, nore...@release.debian.org,
ow...@bugs.debian.org, or ow...@busoni.debian.org then I do not
understand how an individual can contact a package's listed address
through the BTS. 

I'm sorry I must seem dense here, but perhaps you could provide me with
an example?

 This makes it impossible to contact you over the BTS. If you really
 think such sender restrictions make sense, you should at least make
 sure you do accept mail from people sent via the BTS, e.g. by
 whitelisting mail from the BTS mail server (busoni.debian.org).

I wont whitelist the entire BTS mail server, not without a more narrow
definition of where things are coming from. 

micah


-- 




--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: Unarchive: The problem still persists

[micah anderson]

On Sat, 05 May 2012 19:04:06 +0200, Arno Töll a...@debian.org wrote:
 Hello,
 
 reopening the bug as the problem still persists.

What address is not working? I looked around for a canonical list of
role addresses that should accept emails, but I couldn't find one, so I
gathered as many as I could and added them.

I've added:

d...@ftp-master.debian.org
debb...@bugs.debian.org 
debb...@busoni.debian.org
debian-bugs-d...@lists.debian.org
f...@debian.org 
instal...@ftp-master.debian.org
nore...@release.debian.org
ow...@bugs.debian.org 
ow...@busoni.debian.org 
ow...@packages.qa.debian.org
p...@qa.debian.org
q...@master.debian.org

but that isn't covering it, so I'd like to know what other one is
needed.

micah



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#660206: [debian-mysql] Bug#660206: This is a regression

[micah anderson]

On Mon, 09 Apr 2012 10:21:08 -0700, Clint Byrum cl...@fewbar.com wrote:
 Excerpts from micah anderson's message of Sun Apr 08 10:13:40 -0700 2012:
  severity 660206 serious
  thanks
  
  This is actually a regression, the only way to get things to work again
  is to downgrade package like such:
  
  apt-get install mysql-server-5.1=5.1.49-3 mysql-client-5.1=5.1.49-3
  mysql-common=5.1.49-3 mysql-server-core-5.1=5.1.49-3
  libmysqlclient16=5.1.49-3
  
  micah
  
 
 So, I'm not sure I agree that this is such a serious
 regression. 

I would agree that this is not a *very* serious regression, but its a
regression nonetheless. In my opinon an un intenteded regression is not
suitable for release as a security upload and should be replaced as soon
as a fix becomes available.

*lenny* shipped with rails 2.1.0. 1.2.6 was released in 2007, and is
not supported in Debian at all. The referenced upstream bug talks about
using client versions older than 4.1, which is basically ancient.

I agree. However, the reality is that the security upgrade brought in
unrelated changes to the security upgrade and caused unrelated software
to break.

 I'm not disputing that this is a regression introduced by the upstream
 jump to 5.1.61, but I don't know that its worth downgrading and losing
 security updates for. Perhaps the client libraries should be updated to
 something that is still supported by upstream and/or Debian.

The two choices here are to either downgrade mysql, or to upgrade client
libraries. While it seems sensible to upgrade client libraries to a
newer supported version, one should not have to do that because of a
security upgrade of another package. That option takes you from the
realm of routine security maintainence into the much more serious realm
of migrating completely other software to new client libraries that
would require a significant architecture overhaul (I dont know how much
you know about rails, but the difference between 2.1 and 2.2 is not a
trivial minor release, but typically involves almost a complete
rewrite). During a maintainence window, when you are expecting to only
do an isolated security upgrade of a package, the last thing the
sysadmin who is performing the upgrade is going to do is to re-write
some other code to deal with a surprise regression in the security
package. 

So while I do agree with you that the 'right' thing to do is to get the
software updated to newer client libraries, rather than to have exposed
security holes, the reality is that until that can happen (and in one
case that I am dealing with, that re-write is in progress, but is 6
months out) I would hope that stable-security or a stable update would
include a fix to this regression, when it comes available. 

micah

-- 




-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#666865: libapache-mod-removeip: Maintainer address does not accept mail from role accounts

[micah anderson]

 The maintainer address you added to your package does not accept mail
 from role accounts, including but not limited to the bug tracking
 system. This is a policy violation as of §3.3: The email address given
 in the Maintainer control field must accept mail from those role
 accounts in Debian used to send automated mails regarding the package.
 This includes non-spam mail from the bug-tracking system, all mail from
 the Debian archive maintenance software, and other role accounts or
 automated processes that are commonly agreed on by the project.

Thanks, i've updated the allow list, unfortunately there doesn't seem
to be a good canonical list of the aliases that are needed, it would be
a good idea to have that so people can properly follow policy.

micah


pgpxvBcPlUQ8J.pgp
Description: PGP signature

Bug#666865: libapache-mod-removeip: Maintainer address does not accept mail from role accounts

[micah anderson]

 The maintainer address you added to your package does not accept mail
 from role accounts, including but not limited to the bug tracking
 system. This is a policy violation as of §3.3: The email address given
 in the Maintainer control field must accept mail from those role
 accounts in Debian used to send automated mails regarding the package.
 This includes non-spam mail from the bug-tracking system, all mail from
 the Debian archive maintenance software, and other role accounts or
 automated processes that are commonly agreed on by the project.

Thanks, i've updated the allow list, unfortunately there doesn't seem
to be a good canonical list of the aliases that are needed, it would be
a good idea to have that so people can properly follow policy.

micah



--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#659392: Some information

[micah anderson]

On Tue, 14 Feb 2012 19:22:29 -0500, micah anderson mi...@riseup.net wrote:
 CVE-2012-0791 has a simple changeset:

Sorry, I switched these CVE issues, this one is actually CVE-2012-0909

 https://github.com/horde/horde/commit/208eae43c95136a67104f760027a8892a22b6e25
 
 it touches two files: 
 framework/Form/lib/Horde/Form/Type.php
 framework/Form/package.xml
 
 neither of these files is in horde3 or imp4 that is in Squeeze.
 
 For the other issue CVE-2012-0909, that seems to affect Squeeze's IMP,

this one is actually CVE-2012-0791.

 and a changeset between version 4.3.10 and 4.3.11 was published here:
 http://ftp.horde.org/pub/imp/patches/patch-imp-h3-4.3.10-h3-4.3.11.gz
 
 Squeeze has 4.3.7 - I've looked at the changeset above with a co-worker
 and it does not look too hard to port to the debian version. We'll do so
 in the next couple of days if nobody else does first.

have a patch, testing it now.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#659392: debdiff

[micah]

Attached is a debdiff against the squeeze version to fix imp4.

Micah


-- 





pgpRkTl5kZNBf.pgp
Description: PGP signature


imp4_4.3.7+debian0-2.2.debdiff
Description: Binary data

Bug#659392: Info received (debdiff)

[micah anderson]

On Wed, 15 Feb 2012 13:57:55 -0500, micah mi...@algae.riseup.net wrote:
 
 Attached is a debdiff against the squeeze version to fix imp4.

I forgot to mention that I've built a package off of this diff and
tested it and it seems to work fine (I have no way of testing that the
XSS issue is fixed).

mich



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#659392: Some information

[micah anderson]

I've been trying to figure out if this issue affects stable.

The issues point to this openwall post:
http://www.openwall.com/lists/oss-security/2012/01/22/2

which has actual git commits for things.

CVE-2012-0791 has a simple changeset:

https://github.com/horde/horde/commit/208eae43c95136a67104f760027a8892a22b6e25

it touches two files: 
framework/Form/lib/Horde/Form/Type.php
framework/Form/package.xml

neither of these files is in horde3 or imp4 that is in Squeeze.

For the other issue CVE-2012-0909, that seems to affect Squeeze's IMP,
and a changeset between version 4.3.10 and 4.3.11 was published here:
http://ftp.horde.org/pub/imp/patches/patch-imp-h3-4.3.10-h3-4.3.11.gz

Squeeze has 4.3.7 - I've looked at the changeset above with a co-worker
and it does not look too hard to port to the debian version. We'll do so
in the next couple of days if nobody else does first.

micah


-- 



pgpgDDdP8MDbA.pgp
Description: PGP signature

Bug#657942: frei0r-plugins: Cannot install

[Micah Anderson]

Package: frei0r-plugins
Version: 1.1.22git20091109-1.1
Severity: serious

Its impossible to install this package.

The following packages have unmet dependencies:
 frei0r-plugins : Depends: libcvaux2.1 but it is not installable
  Depends: libhighgui2.1 but it is not installable

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages frei0r-plugins depends on:
ii  libc6  2.13-24
ii  libcv2.1   2.1.0-7+b2
ii  libcvaux2.1none
ii  libgavl1   none
ii  libgcc11:4.6.2-12
ii  libhighgui2.1  none
ii  libstdc++6 4.6.2-12

frei0r-plugins recommends no packages.

frei0r-plugins suggests no packages.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#656923: zfs-fuse: Please readd powerpc (built for 0.7.0-3)

[Micah Gersten]

Package: zfs-fuse
Version: 0.7.0-4
Severity: serious
Tags: sid

As this built before on powerpc, I believe that serious is appropriate.  Please 
change severity if I'm wrong.
https://buildd.debian.org/status/logs.php?pkg=zfs-fusearch=powerpc

-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#655675: jai-imageio-core: Build-Depends-Indep is only for building arch-indep binaries

[Micah Gersten]

Package: jai-imageio-core
Version: 1.2-1
Severity: serious
Tags: patch
Justification: fails to build from source
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch

Please see http://wiki.debian.org/Build-Depends-Indep for more information.

*** /tmp/tmpQOz0QB/bug_body
In Ubuntu, the attached patch was applied to achieve the following:


  * Move ant to Build-Depends from Build-Depends-Indep since it's used in
override_dh_auto_build which is not a build-indep target; Also move
default-jdk since it's used in the main arch build process as well
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru jai-imageio-core-1.2/debian/changelog jai-imageio-core-1.2/debian/changelog
diff -Nru jai-imageio-core-1.2/debian/control jai-imageio-core-1.2/debian/control
--- jai-imageio-core-1.2/debian/control	2011-09-14 08:01:08.0 +0200
+++ jai-imageio-core-1.2/debian/control	2012-01-12 07:37:49.0 +0100
@@ -1,11 +1,12 @@
 Source: jai-imageio-core
 Priority: optional
 Section: non-free/java
 Maintainer: Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org
 DM-Upload-Allowed: yes
 Uploaders: Mathieu Malaterre mathieu.malate...@gmail.com
-Build-Depends: debhelper (= 8), javahelper (=0.25), libjai-core-java
-Build-Depends-Indep: default-jdk, default-jdk-doc, ant
+Build-Depends: debhelper (= 8), javahelper (=0.25), libjai-core-java, ant, default-jdk
+Build-Depends-Indep: default-jdk-doc
 Standards-Version: 3.9.2
 Homepage: http://java.net/projects/jai-imageio-core/
 Vcs-Browser: http://svn.debian.org/wsvn/debian-med/trunk/packages/jai-imageio-core/trunk/

Bug#655676: jai-imageio-core: override_jh_installjavadoc uses a hard coded arch specific path

[Micah Gersten]

Package: jai-imageio-core
Version: 1.2-1
Severity: serious
Justification: fails to build from source

Below is the snippet from Debian rules, if you're going to clean this file, 
you'll want to use a dynamic path that will be available on any arch as well as 
any buildd.  FWIW, I don't seem to have a lintian warning for this license 
issue, but I'm checking with lintian 3.9.1 ATM.

#override_jh_installjavadoc:
   # lintian warning duplicate license
   rm build/linux-amd64/javadocs/docs-jcp/LICENSE.txt
   jh_installjavadoc



-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#655544: jai-core: Build-Depends-Indep is only for building arch-indep binaries

[Micah Gersten]

Package: jai-core
Version: 1.1.4-1
Severity: serious
Tags: patch
Justification: fails to build from source
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch

Please see http://wiki.debian.org/Build-Depends-Indep for more information.

*** /tmp/tmpqjxOKd/bug_body
In Ubuntu, the attached patch was applied to achieve the following:


  * Move ant to Build-Depends from Build-Depends-Indep since it's used in
override_dh_auto_build which is not a build-indep target; Also move
default-jdk since it's used in the main build process as well
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru jai-core-1.1.4/debian/changelog jai-core-1.1.4/debian/changelog
diff -Nru jai-core-1.1.4/debian/control jai-core-1.1.4/debian/control
--- jai-core-1.1.4/debian/control	2011-09-12 13:21:17.0 +0200
+++ jai-core-1.1.4/debian/control	2012-01-12 07:06:19.0 +0100
@@ -1,11 +1,11 @@
 Source: jai-core
 Priority: optional
 Section: non-free/java
 Maintainer: Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org
 DM-Upload-Allowed: yes
 Uploaders: Mathieu Malaterre mathieu.malate...@gmail.com
-Build-Depends: debhelper (= 8), javahelper (=0.25)
-Build-Depends-Indep: default-jdk, default-jdk-doc, ant
+Build-Depends: debhelper (= 8), javahelper (=0.25), ant, default-jdk
+Build-Depends-Indep: default-jdk-doc
 Standards-Version: 3.9.2
 Homepage: http://java.net/projects/jai-core/
 Vcs-Browser: http://svn.debian.org/wsvn/debian-med/trunk/packages/jai-core/trunk/

Bug#643491: animal-sniffer: fix for FTBFS without internet access

[Micah Gersten]

Package: animal-sniffer
Version: 1.7-1
Followup-For: Bug #643491
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpScaFcU/bug_body
In Ubuntu, the attached patch was applied to achieve the following:


  * Add a maven build target of install so that jars are deployed into the local
maven repository during the build process (Thanks to James Page for the tip)
(Closes: #643491); Fixes FTBFS with no network
- update debian/rules
  * Add libmaven-install-plugin-java to Build-Depends-Indep; Needed for above
FTBFS fix
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru animal-sniffer-1.7/debian/changelog animal-sniffer-1.7/debian/changelog
diff -Nru animal-sniffer-1.7/debian/control animal-sniffer-1.7/debian/control
--- animal-sniffer-1.7/debian/control	2011-09-18 12:48:33.0 -0500
+++ animal-sniffer-1.7/debian/control	2012-01-05 05:09:00.0 -0600
@@ -1,13 +1,13 @@
 Source: animal-sniffer
 Section: java
 Priority: optional
 Maintainer: Debian Java Maintainers pkg-java-maintain...@lists.alioth.debian.org
 Uploaders: Matthias Schmitz matth...@sigxcpu.org
 Build-Depends: debhelper (= 7), cdbs, default-jdk, maven-debian-helper (= 1.4), ant
 Build-Depends-Indep: libasm3-java, junit, default-jdk-doc,
  libmaven-javadoc-plugin-java, libmaven-enforcer-plugin-java,
  libmaven-invoker-plugin-java, libmaven-common-artifact-filters-java,
- libbuild-helper-maven-plugin-java, libmaven-shade-plugin-java, libmaven-plugin-tools-java
+ libbuild-helper-maven-plugin-java, libmaven-shade-plugin-java, libmaven-plugin-tools-java, libmaven-install-plugin-java
 Standards-Version: 3.9.2
 Vcs-Git: git://git.debian.org/pkg-java/animal-sniffer.git
 Vcs-Browser: http://git.debian.org/?p=pkg-java/animal-sniffer.git;a=summary
diff -Nru animal-sniffer-1.7/debian/rules animal-sniffer-1.7/debian/rules
--- animal-sniffer-1.7/debian/rules	2011-09-18 12:48:33.0 -0500
+++ animal-sniffer-1.7/debian/rules	2012-01-05 03:54:39.0 -0600
@@ -8,6 +8,7 @@
 #	mh_installjar -plib$(PACKAGE)-java -l pom.xml target/$(PACKAGE)-$(VERSION).jar 
 
 DEB_MAVEN_DOC_TARGET := javadoc:jar javadoc:aggregate
+DEB_MAVEN_BUILD_TARGET := install
 
 clean::
 	mh_clean

Bug#653686: lowpan-tools: dh_python2 requires Depends: ${python:Depends} per the manpage

[Micah Gersten]

Package: lowpan-tools
Version: 0.2.2-2
Severity: serious
Tags: patch
Justification: Policy 7.2
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpVby7ji/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * Fix dh_python2 conversion; Drop Recommends: python on lowpan-test-tools; Add
${python:Depends} to lowpan-test-tools
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru lowpan-tools-0.2.2/debian/changelog lowpan-tools-0.2.2/debian/changelog
diff -Nru lowpan-tools-0.2.2/debian/control lowpan-tools-0.2.2/debian/control
--- lowpan-tools-0.2.2/debian/control	2011-12-26 11:16:20.0 -0600
+++ lowpan-tools-0.2.2/debian/control	2011-12-30 03:35:56.0 -0600
@@ -11,10 +12,9 @@
 
 Package: lowpan-test-tools
 Architecture: linux-any
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}
 XB-Python-Version: ${python:Version}
 Provides: ${python:Provides}
-Recommends: python
 Replaces: lowpan-tools ( 0.2)
 Description: Testing programs for LoWPAN stack in Linux
  This package provides several programs for testing various aspects of

Bug#653321: fabric: Missing dependency on python-paramiko

[Micah Gersten]

Package: fabric
Version: 1.3.2-4
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpIpyzn0/bug_body
In Ubuntu, the attached patch was applied to achieve the following:


  * Add python-paramiko to build dependencies (fixes FTBFS)
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-13-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru fabric-1.3.2/debian/changelog fabric-1.3.2/debian/changelog
diff -Nru fabric-1.3.2/debian/control fabric-1.3.2/debian/control
--- fabric-1.3.2/debian/control	2011-12-14 10:44:56.0 -0600
+++ fabric-1.3.2/debian/control	2011-12-26 15:53:57.0 -0600
@@ -1,12 +1,12 @@
 Source: fabric
 Section: net
 Priority: optional
 Maintainer: Chris Lamb la...@debian.org
 Build-Depends: debhelper (= 7.0.50~)
-Build-Depends-Indep: python-support, python-setuptools, python-sphinx
+Build-Depends-Indep: python-support, python-setuptools, python-sphinx, python-paramiko
 Standards-Version: 3.9.2
 Vcs-Git: git://github.com/lamby/pkg-fabric.git
 Vcs-Browser: https://github.com/lamby/pkg-fabric
 Homepage: http://fabfile.org/
 
 Package: fabric

Bug#653107: Should this package be removed?

[micah anderson]

On Fri, 23 Dec 2011 23:40:20 +0100, Moritz Muehlenhoff j...@debian.org wrote:
 Package: util-vserver
 Severity: serious
 
 util-vserver hasn't seen an upload since 1.5 years and vserver support
 has been dropped from the Debian kernels post-Squeeze.
 
 Should util-vserver be removed as well?

I'm not sure. Before the kernel team started providing vserver kernels,
I was providing a kernel source patch set, which still require the
user-space utilities to exist. 

I haven't decided if I will do that again, it depends on lxc maturing
enough to be a usable alternative, which so far it has not and until it
does, I'm not convinced that vservers should go away in debian.





pgpIFbRGLaoDp.pgp
Description: PGP signature

Bug#653204: FTBFS: regex-posix -any dependency missing

[Micah Gersten]

Package: ghc-mod
Version: 1.0.4-1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpZB0472/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * Add build dependency on libghc-regex-posix-dev, fixes FTBFS
- update debian/control 


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-13-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u ghc-mod-1.0.4/debian/control ghc-mod-1.0.4/debian/control
--- ghc-mod-1.0.4/debian/control
+++ ghc-mod-1.0.4/debian/control
@@ -13,6 +13,7 @@
libghc-ghc-paths-dev,
libghc-hlint-dev (= 1.7.1),
libghc-transformers-dev,
+   libghc-regex-posix-dev,
libghc-filemanip-dev
 Standards-Version: 3.9.2
 Homepage: http://www.mew.org/~kazu/proj/ghc-mod/
diff -u ghc-mod-1.0.4/debian/changelog ghc-mod-1.0.4/debian/changelog

Bug#629998: Conflicting st binary name

[micah anderson]

Hi,

It was written:

  
 We're also tossing around changing the OpenStack 'st' to
 'swiftly'. Whatever it becomes, it'll likely happen in our next
 release, 1.4.1. 

It appears that 1.4.3 is the latest version, with 1.4.4 coming. Did this
rename happen, and if so, can we resolve this issue (perhaps by
uploading a new version?)

thanks!
micah

ps - thanks for your work on this project, and zigo for the packaging!

-- 



pgpmMLwQhaLBY.pgp
Description: PGP signature

Bug#629998: Conflicting st binary name

[micah anderson]

On Mon, 26 Sep 2011 23:33:50 +0800, Thomas Goirand tho...@goirand.fr wrote:
 On 09/26/2011 10:43 PM, Gregory Holt wrote:
  Yes, the rename did happen: st - swift
  
  I'm not sure who/how the Debian packaging for OpenStack Swift is
  handled, but I expect they're listed on this bug so probably got emailed.
 
 Hi,
 
 I have seen that Glance and Swift are now released (code name Diablo,
 version 2011.3 for Glance, and 1.4.4 for Swift).
 
 I have seen that both Glance and Swift seems ok for an upload, but I
 want to do functional testing of them before the upload, and for the
 moment, Nova fails with its unit tests. So please bare with me and allow
 a bit more of time, so that I can make my tests before the uploads.

Seems reasonable!

 FYI, OpenStack got released last Friday, and I'm only discovering what's
 new in this release. It's not exactly a very simple thing, so it may
 take some time until I can upload.

Oh wow, I had no idea it was just realeased! I didn't mean to pressure
you :)

 Also, there's now an Alioth project for it, and I'd be very happy to
 have help on releasing this new version in Debian.

I can't commit to helping there now, i'm trying to get rid of some
commitments now because I am overextended. Depending on how that goes,
and if we decide to use OpenStack, I will keep that in mind!

thanks again for your work on this, its very much appreciated!

micah


pgphMnPedDlZl.pgp
Description: PGP signature

Bug#640439: gtk-nodoka-engine: FTBFS

[Micah Gersten]

Package: gtk-nodoka-engine
Version: 0.7.0-1
Followup-For: Bug #640439
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmpT1DzMj
In Ubuntu, the attached patch was applied to achieve the following:


  * Add -lm to LIBS to fix FTBFS (LP: #858750)
- update debian/rules

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-11-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
--- gtk-nodoka-engine-0.7.2/debian/rules
+++ gtk-nodoka-engine-0.7.2/debian/rules
@@ -19,7 +19,7 @@
 ifneq $(wildcard /usr/share/misc/config.guess) 
cp -f /usr/share/misc/config.guess config.guess
 endif
-   ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) 
--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info 
CFLAGS=$(CFLAGS) LDFLAGS=-Wl,-z,defs --enable-animation
+   ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) 
--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info 
CFLAGS=$(CFLAGS) LIBS=-lm LDFLAGS=-Wl,-z,defs --enable-animation
 
 
 build: build-stamp

Bug#638247: to be adapted for libav/0.7.1

[Micah Gersten]

Package: gnash
Version: 0.8.10~git20110618-3
Followup-For: Bug #638247
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmpgCHrjT

Here is the patch from Colin Watson that provides compatibility with the libav 
0.7 API.

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-10-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch
--- gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch	1969-12-31 18:00:00.0 -0600
+++ gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch	2011-09-11 00:35:05.0 -0500
@@ -0,0 +1,275 @@
+Description: Port to libav 0.7 API
+Author: Colin Watson cjwat...@ubuntu.com
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638247
+---
+ libmedia/ffmpeg/AudioDecoderFfmpeg.cpp   |   30 ++---
+ libmedia/ffmpeg/AudioResamplerFfmpeg.cpp |5 +-
+ libmedia/ffmpeg/MediaParserFfmpeg.cpp|   53 ++-
+ libmedia/ffmpeg/MediaParserFfmpeg.h  |7 
+ libmedia/ffmpeg/VideoDecoderFfmpeg.cpp   |   12 +++
+ macros/ffmpeg.m4 |6 ++-
+ 6 files changed, 104 insertions(+), 9 deletions(-)
+
+Index: gnash-0.8.10~git20110618/libmedia/ffmpeg/AudioDecoderFfmpeg.cpp
+===
+--- gnash-0.8.10~git20110618.orig/libmedia/ffmpeg/AudioDecoderFfmpeg.cpp
 gnash-0.8.10~git20110618/libmedia/ffmpeg/AudioDecoderFfmpeg.cpp
+@@ -29,8 +29,6 @@
+ 
+ //#define GNASH_DEBUG_AUDIO_DECODING
+ 
+-#define AVCODEC_DECODE_AUDIO avcodec_decode_audio2
+-
+ namespace gnash {
+ namespace media {
+ namespace ffmpeg {
+@@ -549,11 +547,22 @@
+ #endif
+ 
+ // older ffmpeg versions didn't accept a const input..
+-int tmp = AVCODEC_DECODE_AUDIO(_audioCodecCtx, outPtr, outSize,
+-   input, inputSize);
++#if !defined (LIBAVCODEC_VERSION_MAJOR) || LIBAVCODEC_VERSION_MAJOR  53
++int tmp = avcodec_decode_audio2(_audioCodecCtx, outPtr, outSize,
++input, inputSize);
++#else
++AVPacket packet;
++av_init_packet(packet);
++// avcodec_decode_audio3 doesn't actually change packet.data
++packet.data = const_castboost::uint8_t*(input);
++packet.size = inputSize;
++int tmp = avcodec_decode_audio3(_audioCodecCtx, outPtr, outSize, packet);
++packet.data = NULL;
++av_free_packet(packet);
++#endif
+ 
+ #ifdef GNASH_DEBUG_AUDIO_DECODING
+-log_debug( avcodec_decode_audio[2](ctx, bufptr, %d, input, %d) 
++log_debug( avcodec_decode_audio[23](ctx, bufptr, %d, input, %d) 
+ returned %d; set frame_size=%d,
+ bufsize, inputSize, tmp, outSize);
+ #endif
+@@ -658,6 +667,7 @@
+ {
+ if ( _needsParsing )
+ {
++#if !defined (LIBAVCODEC_VERSION_MAJOR) || LIBAVCODEC_VERSION_MAJOR  53
+ return av_parser_parse(_parser, _audioCodecCtx,
+ // as of 2008-10-28 SVN, ffmpeg doesn't
+ // accept a pointer to pointer to const..
+@@ -665,6 +675,16 @@
+ outFrameSize,
+ input, inputSize,
+ 0, 0); // pts  dts
++#else
++return av_parser_parse2(_parser, _audioCodecCtx,
++// as of 2008-10-28 SVN, ffmpeg doesn't
++// accept a pointer to pointer to const..
++const_castboost::uint8_t**(outFrame),
++outFrameSize,
++input, inputSize,
++0, 0, // pts  dts
++AV_NOPTS_VALUE);
++#endif
+ }
+ else
+ {
+Index: gnash-0.8.10~git20110618/libmedia/ffmpeg/MediaParserFfmpeg.cpp
+===
+--- gnash-0.8.10~git20110618.orig/libmedia/ffmpeg/MediaParserFfmpeg.cpp
 gnash-0.8.10~git20110618/libmedia/ffmpeg/MediaParserFfmpeg.cpp
+@@ -341,11 +341,26 @@
+ 
+ /*private*/
+ void
++MediaParserFfmpeg::logMetadataEntry(const char *format, const char* key)
++{
++#if !defined (LIBAVUTIL_VERSION_INT) || LIBAVUTIL_VERSION_INT  AV_VERSION_INT( 51, 5, 0 )
++	const AVMetadataTag* entry = av_metadata_get(_formatCtx-metadata, key, 0, 0);
++#else
++	const AVDictionaryEntry* entry = av_dict_get(_formatCtx-metadata, key, 0, 0);
++#endif
++	if ( entry-value[0] )
++		log_debug(format, entry-value);
++}
++
++/*private*/
++void
+ MediaParserFfmpeg::initializeParser()
+ {
+ av_register_all(); // TODO: needs to be invoked only once ?
+ 
++#if !defined (LIBAVFORMAT_VERSION_MAJOR) || LIBAVFORMAT_VERSION_MAJOR  53
+ 

Bug#639744: Compromised certificates for *.google.com issued by DigiNotar Root CA

[Micah Gersten]

On 09/04/2011 10:35 AM, Yves-Alexis Perez wrote:
 On dim., 2011-09-04 at 01:37 -0500, Raphael Geissert wrote:
 On Saturday 03 September 2011 01:45:22 Mike Hommey wrote:
 Looking at the patches, this really is:
 [...]
 
 Ok, with the patches we got NSS covered, but we still need to do
 something for other users.
 
 A first look at stuff we ship, this seems to be their current
 status: * NSS: ice* packages should be okay after the latest NSS
 update.
 
 For other NSS users I guess they're ok? I've just checked in
 evolution certificate store and there's no DigiNotar one, though I
 don't know if evolution would prevent connection to an
 imap/pop/smtp server with a relevant certificate.
 
 evolution uses gnutls for calendars (since it's http/https) and so
 is protected through ca-certificates afaict?
 
 
 * OpenSSL Nothing special here
 
 * GnuTLS Nothing special here
 
 * chromium: Even after the NSS update, it seems to be happy to
 use the Explicitly Distrusted certs.
 
 I've tried the tree websites given on this bug report but I don't
 know if they still make sense:
 
 https://www.diginotar.nl redirects to http://www.diginotar.nl/ (!!)
 but as the redirect isn't prevented I guess chromium is ok with
 the certificate.
 
 https://sha2.diginotar.nl/ succeeds, chain of certification is:
 
 CN = sha2.diginotar.nl CN = DigiNotar PKIoverheid CA Organisatie -
 G2 CN = Staat der Nederlanden Organisatie CA - G2 CN = Staat der
 Nederlanden Root CA - G2 (chromium builtin).
 
 
 Regards,

Chromium needs an update to .220 to properly block all of the
DigiNotar certificates.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#639059: z88: Fix for FTBFS (use pkg-config in cmake)

[Micah Gersten]

Package: z88
Version: 13.0.0+dfsg2-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch multiarch



*** /tmp/tmpMufq1i
In Ubuntu, the attached patch was applied to achieve the following:

This breakage is due to the multiarch path transitions.  Rather than hardcoding 
all the multiarch paths (even messier in Debian with more archs), I used 
pkg-config w/in cmake to find the proper include dirs.


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty'), (100, 'natty-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-11-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru z88-13.0.0+dfsg2/debian/changelog z88-13.0.0+dfsg2/debian/changelog
diff -Nru z88-13.0.0+dfsg2/debian/control z88-13.0.0+dfsg2/debian/control
--- z88-13.0.0+dfsg2/debian/control	2011-07-04 01:56:45.0 -0500
+++ z88-13.0.0+dfsg2/debian/control	2011-08-28 16:36:14.0 -0500
@@ -1,8 +1,8 @@
 Source: z88
 Section: science
 Priority: optional
 Maintainer: Debian QA Group packa...@qa.debian.org
-Build-Depends: debhelper (= 7), cmake, libgtk2.0-dev, libgtkglext1-dev
+Build-Depends: debhelper (= 7), cmake, libgtk2.0-dev, libgtkglext1-dev, pkg-config
 Standards-Version: 3.8.1
 Vcs-Browser: http://svn.debian.org/wsvn/debian-science/packages/z88/trunk/?rev=0sc=0
 Vcs-Svn: svn://svn.debian.org/svn/debian-science/packages/z88/trunk/
diff -Nru z88-13.0.0+dfsg2/debian/patches/series z88-13.0.0+dfsg2/debian/patches/series
--- z88-13.0.0+dfsg2/debian/patches/series	2011-07-04 02:04:19.0 -0500
+++ z88-13.0.0+dfsg2/debian/patches/series	2011-08-28 18:49:33.0 -0500
@@ -1,2 +1,3 @@
 50_all_changes.patch
 60_fix_spelling_errors.patch
+use-pkg-config.patch
diff -Nru z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch
--- z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch	1969-12-31 18:00:00.0 -0600
+++ z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch	2011-08-28 19:21:19.0 -0500
@@ -0,0 +1,25 @@
+Description: Use pkg-config to find glib include paths to fix FTBFS
+Author: Micah Gersten mic...@ubuntu.com
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/756066
+
+---
+ src/CMakeLists.txt |6 +-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+Index: z88-13.0.0+dfsg2/src/CMakeLists.txt
+===
+--- z88-13.0.0+dfsg2.orig/src/CMakeLists.txt
 z88-13.0.0+dfsg2/src/CMakeLists.txt
+@@ -14,7 +14,11 @@
+ #  MESSAGE( FATAL_ERROR This application requires GTK. One of these components is missing. Please verify configuration)
+ #ENDIF (GTK_FOUND)
+ 
+-INCLUDE_DIRECTORIES ( /usr/include/gtk-2.0/ /usr/lib/gtk-2.0/include /usr/include/atk-1.0 /usr/include/cairo /usr/include/pango-1.0 /usr/include/glib-2.0 /usr/lib/glib-2.0/include /usr/include/pixman-1 /usr/include/freetype2 /usr/include/directfb /usr/include/libpng12 /usr/include/gtkglext-1.0 /usr/lib/gtkglext-1.0/include /usr/include/gdk-pixbuf-2.0/)
++include ( FindPkgConfig )
++pkg_check_modules ( GLIB_2.0 glib-2.0 )
++pkg_check_modules ( GTK_2.0 gtk+-2.0 )
++
++INCLUDE_DIRECTORIES ( ${GTK_2.0_INCLUDE_DIRS} /usr/include/atk-1.0 /usr/include/cairo /usr/include/pango-1.0 ${GLIB_2.0_INCLUDE_DIRS}  /usr/include/pixman-1 /usr/include/freetype2 /usr/include/directfb /usr/include/libpng12 /usr/include/gtkglext-1.0 /usr/lib/gtkglext-1.0/include /usr/include/gdk-pixbuf-2.0/)
+ LINK_LIBRARIES ( gtk-x11-2.0 gdk-x11-2.0 atk-1.0 pangoft2-1.0 gdk_pixbuf-2.0 m pangocairo-1.0 gio-2.0 cairo pango-1.0 freetype fontconfig gobject-2.0 gmodule-2.0 glib-2.0 GL GLU gtkglext-x11-1.0 gdkglext-x11-1.0)
+ 
+ #  GTK_INCLUDE_DIR   - Directories to include to use GTK

Bug#636177: blender: Blender is no longer buildable in sid

[Micah Gersten]

Package: blender
Version: 2.58-svn37702-1
Severity: serious
Tags: patch sid
Justification: fails to build from source
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch

libglew1.5-dev was removed from sid, there is now a libglew1.6-dev, however, it 
provides a virtual package of libglew-dev

*** /tmp/tmp2G8Ush
In Ubuntu, the attached patch was applied to achieve the following:

  * Build depend on libglew-dev instead of libglew1.5-dev since the latter
no longer exists.  This effectively transitions to libglew1.6.
- update debian/control 


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty'), (100, 'natty-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-11-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru blender-2.58-svn37702/debian/changelog blender-2.58-svn37702/debian/changelog
diff -Nru blender-2.58-svn37702/debian/control blender-2.58-svn37702/debian/control
--- blender-2.58-svn37702/debian/control	2011-06-27 06:52:07.0 -0500
+++ blender-2.58-svn37702/debian/control	2011-07-31 22:11:22.0 -0500
@@ -31,7 +32,7 @@
  libjack-dev,
  libsamplerate0-dev,
  libfftw3-dev,
- libglew1.5-dev,
+ libglew-dev,
  liblzma-dev,
  liblzo2-dev,
 Build-Conflicts: nvidia-glx

Bug#636177: blender: Blender is no longer buildable in sid

[Micah Gersten]

severity 636177 minor
retitle 636177 Blender depends on libglew1.5-dev which is only a virtual
package
done


Seems I jumped the gun here and didn't realize it was provided as a
virtual package by the new libglew1.6-dev.  So, it's still buildable.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#636097: pidgin-skype FTBFS with multiarch

[Micah Gersten]

Package: pidgin-skype
Version: 20110407+svn612+dfsg-1
Severity: serious
Tags: patch
Justification: fails to build from source
User: multiarch-de...@lists.alioth.debian.org
Usertags: origin-ubuntu oneiric ubuntu-patch multiarch

pidgin-skype currently has include paths hard coded which break with multiarch. 
 Rather than hardcoding multiarch paths, this patch makes use of pkg-config

  * Use pkg-config to find glib and dbus include paths (LP: #756174)
- add debian/patches/use-pkg-config.patch
- update debian/patches/series
  * Add libdbus-1-dev and pkg-config to build-deps
- update debian/control


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty'), (100, 'natty-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-11-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/changelog pidgin-skype-20110407+svn612+dfsg/debian/changelog
diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/control pidgin-skype-20110407+svn612+dfsg/debian/control
--- pidgin-skype-20110407+svn612+dfsg/debian/control	2011-04-10 19:01:15.0 -0500
+++ pidgin-skype-20110407+svn612+dfsg/debian/control	2011-07-20 20:44:59.0 -0500
@@ -1,9 +1,9 @@
 Source: pidgin-skype
 Section: contrib/net
 Priority: optional
+Maintainer: Gabriele Giacone 1o5g4...@gmail.com
 Build-Depends: debhelper (= 7.0.50~), libglib2.0-dev, 
- libpurple-dev (= 2.1.1), libx11-dev, librsvg2-bin
+ libpurple-dev (= 2.1.1), libx11-dev, librsvg2-bin, libdbus-1-dev, pkg-config
 Standards-Version: 3.9.2
 DM-Upload-Allowed: yes
 Homepage: http://eion.robbmob.com/
diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/patches/series pidgin-skype-20110407+svn612+dfsg/debian/patches/series
--- pidgin-skype-20110407+svn612+dfsg/debian/patches/series	2011-04-10 19:01:15.0 -0500
+++ pidgin-skype-20110407+svn612+dfsg/debian/patches/series	2011-07-20 20:42:00.0 -0500
@@ -1 +1,2 @@
 00Makefile
+use-pkg-config.patch
diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch
--- pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch	1969-12-31 18:00:00.0 -0600
+++ pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch	2011-07-24 02:59:04.0 -0500
@@ -0,0 +1,19 @@
+Description: Use pkg-config to find include paths
+ We can use pkg-config to find the dbus and glib include paths
+ instead of hard coding them so the build doesn't break w/multiarch.
+Author: Micah Gersten mic...@ubuntu.com
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/756174
+
+--- pidgin-skype-20110407+svn612+dfsg.orig/Makefile
 pidgin-skype-20110407+svn612+dfsg/Makefile
+@@ -6,8 +6,8 @@ WIN32_COMPILER = /usr/bin/i586-mingw32-g
+ LINUX_ARM_COMPILER = arm-none-linux-gnueabi-gcc
+ 
+ LIBPURPLE_CFLAGS = -I/usr/include/libpurple -DPURPLE_PLUGINS -DENABLE_NLS
+-GLIB_CFLAGS = -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/lib64/glib-2.0/include -I/usr/include
+-DBUS_CFLAGS = -DSKYPE_DBUS -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include -I/usr/lib64/dbus-1.0/include
++GLIB_CFLAGS = `pkg-config --cflags glib-2.0` -I/usr/include
++DBUS_CFLAGS = -DSKYPE_DBUS `pkg-config --cflags dbus-1`
+ WIN32_DEV_DIR = /root/pidgin/win32-dev
+ WIN32_PIDGIN_DIR = /root/pidgin/pidgin-2.6.1
+ WIN32_CFLAGS = -DPURPLE_PLUGINS -DENABLE_NLS -I${WIN32_DEV_DIR}/gtk_2_0/include/glib-2.0 -I${WIN32_PIDGIN_DIR}/libpurple/win32 -I${WIN32_PIDGIN_DIR}/libpurple -I${WIN32_DEV_DIR}/gtk_2_0/include -I${WIN32_DEV_DIR}/gtk_2_0/include/glib-2.0 -I${WIN32_DEV_DIR}/gtk_2_0/lib/glib-2.0/include

Bug#627793: pytrainer still has binary depends on python-gtkmozembed

[Micah Gersten]

The patches are in to port to webkit, but the binary depends haven't
been updated to reflect this.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#625783: gnome-control-center: Add Breaks/Replaces to fix file conflict with old gnome-settings-daemon

[Micah Gersten]

Package: gnome-control-center
Version: 1:3.0.1.1-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmpHRcGRK
In Ubuntu, the attached patch was applied to achieve the following:

  * fix LP: #786417 - upgrade failure due to overwrite attempt; Add
Breaks/Replaces on g-s-d ( 3.0~) for gnome-control-center-data
- update debian/control 


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty'), 
(300, 'natty-proposed'), (100, 'natty-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-8-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru gnome-control-center-3.0.1.1/debian/control gnome-control-center-3.0.1.1/debian/control
--- gnome-control-center-3.0.1.1/debian/control	2011-05-20 06:42:15.0 -0500
+++ gnome-control-center-3.0.1.1/debian/control	2011-05-22 23:07:55.0 -0500
@@ -99,7 +99,8 @@
 Recommends: gnome-control-center (= ${source:Version})
 Provides: capplets-data
 Conflicts: capplets-data
-Replaces: capplets-data, gnome-media-common ( 2.91)
+Replaces: capplets-data, gnome-media-common ( 2.91), gnome-settings-daemon ( 3.0~)
+Breaks: gnome-settings-daemon ( 3.0~)
 Description: configuration applets for GNOME - data files
  This package contains data files (icons, pixmaps, locales files) needed by
  the configuration applets in the gnome-control-center package.
diff -Nru gnome-control-center-3.0.1.1/debian/control.in gnome-control-center-3.0.1.1/debian/control.in
--- gnome-control-center-3.0.1.1/debian/control.in	2011-05-20 06:42:13.0 -0500
+++ gnome-control-center-3.0.1.1/debian/control.in	2011-05-22 23:07:19.0 -0500
@@ -94,7 +94,8 @@
 Recommends: gnome-control-center (= ${source:Version})
 Provides: capplets-data
 Conflicts: capplets-data
-Replaces: capplets-data, gnome-media-common ( 2.91)
+Replaces: capplets-data, gnome-media-common ( 2.91), gnome-settings-daemon ( 3.0~)
+Breaks: gnome-settings-daemon ( 3.0~)
 Description: configuration applets for GNOME - data files
  This package contains data files (icons, pixmaps, locales files) needed by
  the configuration applets in the gnome-control-center package.

Bug#614864: ping?

[micah anderson]

Hi folks,

This security issue really needs to be dealt with, I'm concerned that we
are getting close to one month from when the bug was first reported to
the BTS, we are already over one month from when the bug was reported
upstream.

I'm looking for any feedback on the work I did...

micah

-- 



pgpT5pKpqyUzU.pgp
Description: PGP signature

Bug#614008: patch for pyexiv2 0.3 compatibility

[Micah Gersten]

user ubuntu-de...@lists.ubuntu.com
usertag 614008 + ubuntu-patch natty
tags 614008 +patch
thanks


This patch is from Oliver Tilloy and his name is registered as the
author in the patch.  Any attribution should go to him.
Please close LP: #710874 in the changelog as well if you apply this or
something similar.

Author: Olivier Tilloy oliv...@tilloy.net
Description: Adapt all uses of pyexiv2 to the new API (≥ 0.2).
 This patch actually makes use of new APIs introduced in pyexiv2 0.3, and
 would therefore require minor changes to work with pyexiv2 0.2 too.
Bug: https://bugs.launchpad.net/phatch/+bug/585169

Index: phatch-natty/AUTHORS
===
--- phatch-natty.orig/AUTHORS	2011-01-27 21:12:16.609852151 +0100
+++ phatch-natty/AUTHORS	2011-01-27 21:12:23.659852151 +0100
@@ -27,7 +27,7 @@
 http://wxglade.sourceforge.net/ - wxGlade - Alberto Griggio
 pubsub.py - wxWidgets license - Oliver Schoenborn
 http://wiki.wxpython.org/TextCtrlAutoComplete - TextCtrlAutoComplete.py - wxWidgets license - Edward Flick (CDF Inc, http://www.cdf-imaging.com)
-http://tilloy.net/dev/pyexiv2/ - PyExiv2 - GPL license - Olivier Somon
+http://tilloy.net/dev/pyexiv2/ - pyexiv2 - GPL license - Olivier Tilloy
 http://www.gnome.org/projects/nautilus/ - python-nautilus - GPL license
 http://www.pythonware.com/products/pil/ - Python Image Library 1.1.6 - PIL license - Fredrik Lundh
 http://www.wxpython.org - wxPython 2.8.7.1 - wxWidgets license - Robin Dunn
Index: phatch-natty/phatch/core/pil.py
===
--- phatch-natty.orig/phatch/core/pil.py	2011-01-27 21:12:16.629852151 +0100
+++ phatch-natty/phatch/core/pil.py	2011-01-27 21:12:23.659852151 +0100
@@ -180,8 +180,8 @@
 metadata.InfoZexif: image}
 #check format - readable/writable metadata with pyexiv2
 if exif and exif.is_readable_format(image.format):
-self.pyexiv2 = pyexiv2.Image(path)
-self.pyexiv2.readMetadata()
+self.pyexiv2 = pyexiv2.ImageMetadata(path)
+self.pyexiv2.read()
 self.writable_exif = exif.is_writable_format_exif(image.format)
 self.writable_iptc = exif.is_writable_format_exif(image.format)
 self.writable = self.writable_exif or self.writable_iptc
@@ -308,14 +308,9 @@
 self.assert_transparency()
 del self.get_pil().info[tag]
 return
-pyexiv2_tag = self._fix(tag)  # pexiv2 demands str
-# a bit clumsy but pyexiv2 does not support get or in
-try:
-pyexiv2_tag_value = self.pyexiv2[pyexiv2_tag]
-except KeyError:
-pyexiv2_tag_value = None
-if self.pyexiv2 and pyexiv2_tag_value != None:
-self.pyexiv2[pyexiv2_tag] = None
+pyexiv2_tag = self._fix(tag)  # pyexiv2 demands str
+if pyexiv2_tag in self.pyexiv2:
+del self.pyexiv2[pyexiv2_tag]
 if tag in self:
 super(InfoPhoto, self).__delitem__(tag)
 
@@ -343,7 +338,26 @@
 super(InfoPhoto, self).__setitem__(tag, value)
 if metadata.RE_PYEXIV2_TAG_EDITABLE.match(tag):
 try:
-self.pyexiv2[self._fix(tag)] = value
+key = self._fix(tag)
+if isinstance(value, metadata.DateTime):
+self.pyexiv2[key] = value.datetime
+else:
+if key.startswith('Iptc'):
+stripped = value.strip()
+if stripped.startswith('[') and stripped.endswith(']'):
+# This looks like a list of values
+try:
+values = eval(stripped)
+except SyntaxError:
+value = [value]
+else:
+if isinstance(values, list):
+   value = values
+else:
+   value = [value]
+else:
+value = [value]
+self.pyexiv2[key] = value
 except Exception, message:
 raise KeyError('%s:\n%s'
 % (_('Impossible to write tag %s') % tag, message))
Index: phatch-natty/phatch/data/info.py
===
--- phatch-natty.orig/phatch/data/info.py	2011-01-27 21:12:16.639852151 +0100
+++ phatch-natty/phatch/data/info.py	2011-01-27 21:12:23.659852151 +0100
@@ -310,9 +310,9 @@
 'license': 'wxWidgets license',
 'url': 'http://wiki.wxpython.org/TextCtrlAutoComplete',
 },
-{'name': 'PyExiv2',
+{'name': 'pyexiv2',
 'url': 'http://tilloy.net/dev/pyexiv2/',
-'author': 'Olivier Somon',
+'author': 'Olivier Tilloy',
 

Bug#614864: patch

[micah anderson]

Hi, 

I decided to help a little bit moving these issues forward. I did what I
could, but now the more experienced debian rails people need to act. In
particular, there is a decision that needs to be made for CVE-2011-0446,
and a review of the fix I did for CVE-2011-0447. I am happy to help
facilitate in any other way, but I need others who have more experience
to weigh in on those.

Both of these CVEs affect all versions of rails, including those in
oldstable.

CVE-2011-0446
-

Patch for rails 2.3 to fix CVE-2011-0446 is here:

http://rubyonrails-security.googlegroups.com/attach/365b8a23b76a6b4a/2-3-mailto.patch?part=3

The upstream commit id is: abe97736b8316f1b714cac56c115c0779aa73217

Looking through the commit log for the above fix, it was done to rails
2.3.11, which has had three other commits that touched
actionpack/lib/action_view/helpers/url_helper.rb, the largest one is
9ca6df83f606a0fb8be3815328111d0cdaa7c65b which backports html_safe and
the latest rails_xss plugin. This change seems to be a pre-requisite for
the security fix, the sad thing is that it is a big change.

I did not do anything with CVE-2011-0446 as it was intrusive, hopefully
others who have experience with this package can weigh in on the best
way forwards with this one. Once this is resolved a security release
could happen.


CVE-2011-0447
-

The patch for rails 2.1 to fix CVE-2011-0447 is here:

http://rubyonrails-security.googlegroups.com/attach/c22ea1668c0d181c/2-1-csrf.patch?part=3

I was able to cherry-pick this commit
(d622353dd399908770473d417ecef028524b8c8b) from upstream's git repo into
the debian debian-lenny branch without any conflicts. I went ahead and
did that and have committed it, along with a changelog entry and a NEWS
entry that comes straight from the mailing list.

It is my opinion that the fix for lenny in 2.1 is done. Please someone
who has more skills in rails review this to make sure it is good, and
then I think it can be uploaded after contacting the security team.


The patch for rails 2.3 to fix CVE-2011-0447 is here:

http://rubyonrails-security.googlegroups.com/attach/c22ea1668c0d181c/2-3-csrf.patch?part=5

I was able to cherry-pick this commit
(9998f79b9cf9c60b07baf4c23a02178034e06d85) from upstream's git repo into
the debian v2.3-stable branch without any conflicts. I also went ahead
and committed this change, along with a changelog entry and a NEWS entry
that came from the mailing list, identical to the debian-lenny 2.1 one
above. 

Once CVE-2011-0446 has been resolved for 2.3, then this can be uploaded.

A few notes:

1. I noticed that the upload that made it into squeeze was never tagged
as debian/2.3.5-1.2, so I went ahead and did that.

2. I wasn't sure what the difference between the branch 'debian-lenny'
and v2.1-stable were. The 'debian-lenny' one seemed to have the most
recent security fixes, and had a debian directory, so I went with that
one.

3. v2.3-stable seemed to be the place for squeeze fixes, which differs
from the nomenclature used in #2, perhaps that fix should be in a
debian-squeeze branch? If so, then please change it, and clarify #2 for
v2.3-stable too.


Micah



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#603882: util-vserver: startup script breaks boot (on sparc)

[micah anderson]

On Thu, 18 Nov 2010 04:13:20 +0100 (CET), Daniel Hokka Zakrisson 
dan...@hozac.com wrote:

 What dietlibc version was used to build the binaries? Does it have
 http://people.linux-vserver.org/~dhozac/p/m/delta-dietdirent-fix01.diff
 applied? IIRC this was one way that problem exhibited itself.

Looking at the build logs for sparc, it looks like 0.32-5 of dietlibc
was used. Looking at the debian source for that version of dietlibc, and
comparing it to the patch you reference, no it was not applied.

That patch is odd, all it does is move the int below the 

char buf[PAGE_SIZE-(sizeof (int)*3)];

what is going on there?

micah


pgpJlxeUlvxFV.pgp
Description: PGP signature

Bug#603882: util-vserver: startup script breaks boot (on sparc)

[micah anderson]

On Thu, 18 Nov 2010 04:13:20 +0100 (CET), Daniel Hokka Zakrisson 
dan...@hozac.com wrote:

 What dietlibc version was used to build the binaries? Does it have
 http://people.linux-vserver.org/~dhozac/p/m/delta-dietdirent-fix01.diff
 applied? IIRC this was one way that problem exhibited itself.

Actually, I lied. The patch *is* applied. I was looking at the unpatched
source, but if I looked at the patched source before its built, it is in
fact there.

micah


pgpQ00Mmbq6M7.pgp
Description: PGP signature